#!/bin/bsah
# filename:ipt_ssh.sh
# iptables防止ssh的暴力破解
#
/sbin/iptables -F
badip=`cat /var/log/secure |grep "Failed"|grep -Eo '([0-9]+.){3}[0-9]+'|sort -n|uniq -c|
linuxjishu/13830.html target=_blank class=infotextkey>awk ' $1>=10 {print $2}'` #错误登录超过10次的ip
for i in $badip
do
/sbin/iptables -I INPUT -s $i -j DROP
done