使用iptables封指定IP访问网站的方法
<br>近来网站访问量异常增长,通过分析apache access_log找出了频繁访问的IP地址,确认是盗链,决定使用iptables封掉.<br><br>脚本如下:<br><br># awk '{print $1}' access_log.20110622 |sort |uniq -c |sort -nr |more <br> 15112 183.38.186.60<br> 5289 218.83.160.164<br> 4566 58.61.154.18<br> 4428 183.39.105.113<br> 3169 121.14.162.56<br> 2121 113.108.116.17<br> 1971 121.14.162.46<br> 1614 121.14.162.65<br> 1515 192.168.39.134<br> 1430 59.152.221.14<br> 1391 121.14.162.47<br> 1350 183.38.181.117<br> 1317 183.38.189.202<br> 1293 121.14.162.85<br> 1285 121.14.162.117<br><br><font size="3"><span style="font-weight: bold;">iptables的使用方法如下:</span></font><br><br><span style="font-weight: bold;">封</span><span style="font-weight: bold;">单个IP的命令</span><br>iptables -I INPUT -s 183.38.186.60 -j DROP<br><br><span style="font-weight: bold;">封IP段的命令</span><br>iptables -I INPUT -s 183.38.186.0/16 -j DROP<br><br><span style="font-weight: bold;">封整个段的命令</span><br>iptables -I INPUT -s 183.38.0.0/8 -j DROP<br><br><span style="font-weight: bold;">封几个段的命令</span><br>iptables -I INPUT -s 183.38.186.0/24 -j DROP<br>iptables -I INPUT -s 183.38.187.0/24 -j DROP<br><br><span style="font-weight: bold;">只封80端口</span><br>iptables -I INPUT -p tcp –-dport 80 -s 183.38.186.0/24 -j DROP<br>iptables -I INPUT -s 183.38.186.0/24 -j DROP<br><br><span style="font-weight: bold;">删除所有限制项</span><br>iptables -F<br><br><span style="font-weight: bold;">删除指定限制项</span><br><br>iptables -D INPUT 数字<br><br>如 iptables -D INPUT 1<br><br><span style="font-weight: bold;">查看iptables配置项</span><br># iptables -L<br>Chain INPUT (policy ACCEPT)<br>target prot opt source destination <br>DROP tcp -- 10.200.1.149 anywhere tcp dpt:http <br><br>Chain FORWARD (policy ACCEPT)<br>target prot opt source destination <br><br>Chain OUTPUT (policy ACCEPT)<br>target prot opt source destination <br># <br><br><span style="font-weight: bold;">删除一个配置项</span><br># iptables -D INPUT 1<br><br><span style="font-weight: bold;">复核iptables配置项</span><br># iptables -L<br>Chain INPUT (policy ACCEPT)<br>target prot opt source destination <br><br>Chain FORWARD (policy ACCEPT)<br>target prot opt source destination <br><br>Chain OUTPUT (policy ACCEPT)<br>target prot opt source destination <br># <br><br>
页:
[1]