一看必會系列:shell精確統計訪問80端口的IP
腳本如下
#!/bin/bash
echo `date +"%F %H:%M:%S"` "HTTP80-ALL" "`netstat -anlp|grep tcp|grep 服務器ip|grep -w 80|awk ‘{print $5}’|awk -F: ‘{print $4}’|sort|uniq -c|sort -nr|head -n20`" >> /var/log/ip80_count`date +"%F"`.txt
#完整可用
echo `date +"%F %H:%M:%S"` "HTTP80-疑似攻擊-ALL" "`netstat -anlp|grep tcp|grep 服務器ip|grep -w 80|awk ‘{print $5}’|awk -F: ‘{print $4}’|sort|uniq -c|sort -nr|head -n20`" >> /var/log/ip80疑似攻擊_count`date +"%F"`.txt
echo `date +"%F %H:%M:%S"` "HTTP80-已連接-ALL" "` netstat -anlp|grep tcp|grep 服務器ip:80|grep ESTABLISHED|awk ‘{print $5}’|awk -F: ‘{print $4}’|sort|uniq -c|sort -nr|head -n20 `" >> /var/log/ip80已連接_count`date +"%F"`.txt
#更精簡的寫法
netstat -anlp|grep tcp|grep 服務器ip:80|awk ‘{print $5}’|awk -F: ‘{print $4}’|sort|uniq -c|sort -nr|head -n20
暫時還木有人評論,坐等沙發!