simple locked ip script

原创

chengcheng5418 2012-03-19 10:16:19 博主文章分类：Python ©著作权

文章标签 服务器 ubuntu 休闲 simple import 文章分类 服务器

©著作权归作者所有：来自51CTO博客作者chengcheng5418的原创作品，请联系作者获取转载授权，否则将追究法律责任

最近几天一服务器总被DOS,又想偷懒,所以来个简单粗暴的.

本脚本适用于ubuntu,

'''
Created on Mar 1, 2012

@author: leal
'''

import os
import datetime
import subprocess

def deny(ip):
    now = datetime.datetime.now().__format__("%Y-%m-%d %H:%M:%S")
    with open("blacklist.log", mode = 'a') as logfile:
        logfile.write("%s blocked at %s\n" % (str(ip), now))
    os.system("sudo ufw deny from %s" % ip)

def getStatus():
    loadavg = os.getloadavg()
    if loadavg[0] >= 3 and loadavg[1] >= 3 and loadavg[2] >= 3:
        iptmp = subprocess.Popen("netstat -an |grep :80 |awk '{print $5}' |awk -F : '{print $1}' |sort |uniq -c |sort -nr |head -n 1 |awk '{print $2}'", shell=True, stdout=subprocess.PIPE)
        tmpip = str.strip(iptmp.communicate()[0])
        deny(tmpip)
    else:
        pass

if __name__ == "__main__":
    getStatus()