43 lines
1.2 KiB
Bash
43 lines
1.2 KiB
Bash
#!/bin/bash
|
|
|
|
configure_logging() {
|
|
sudo tee /etc/rsyslog.d/ip-daily-log.conf <<EOF
|
|
:msg, contains, "DAILY-IP: " -/var/log/IP-DAILY-LOG.log
|
|
& stop
|
|
EOF
|
|
|
|
sudo tee /etc/logrotate.d/ip-daily-log <<EOF
|
|
/var/log/IP-DAILY-LOG.log {
|
|
daily
|
|
rotate 3 # 仅保留3天历史
|
|
missingok
|
|
nocompress # 无需压缩
|
|
notifempty
|
|
sharedscripts
|
|
postrotate
|
|
systemctl reload rsyslog >/dev/null 2>&1
|
|
endscript
|
|
}
|
|
EOF
|
|
sudo systemctl restart rsyslog
|
|
}
|
|
|
|
|
|
sudo iptables -C IN_BT_log -j IN_BT_log_DAILY > /dev/null 2>&1
|
|
|
|
if [ $? -eq 0 ]; then
|
|
echo "rules 'iptables -I IN_BT_log -j IN_BT_log_DAILY' Exiting..."
|
|
exit 0
|
|
else
|
|
echo "add rule..."
|
|
sudo iptables -N IN_BT_log_DAILY
|
|
sudo iptables -I IN_BT_log -j IN_BT_log_DAILY
|
|
sudo iptables -A IN_BT_log_DAILY -m recent --name DAILY_IPS --rcheck --seconds 86400 -j RETURN
|
|
sudo iptables -A IN_BT_log_DAILY -m recent --name DAILY_IPS --set -j LOG --log-prefix "DAILY-IP: " --log-level 4
|
|
|
|
ipset create in_bt_malicious_ipset hash:ip maxelem 1000000 timeout 0;
|
|
iptables -A IN_BT_ip -m set --match-set in_bt_malicious_ipset src -j DROP
|
|
systemctl reload BT-FirewallServices
|
|
configure_logging
|
|
echo "add rule finish..."
|
|
fi |