使用iptables封锁

#!/bin/bash

#iptables封锁
max=500    #最大访问量
logdir=/usr/local/nginx12/logs/access.log  #nginx访问日志文件路径
confdir=/data/test.conf  # ip黑名单
port=80
drop_ip=""

today=$(date +"%d/%b/%Y") # 今天的日志

#循环遍历日志文件取出访问量大于500的ip
for drop_ip  in $(cat $logdir |grep $today| awk '{print $1}' | sort|uniq -c |sort -rn |awk '{if($1>500)print $2}')
do
  grep  -q  "$drop_ip" $confdir && eg=1 || eg=0;
  if (( $eg==0 ));then
     echo $drop_ip  >> $confdir
     iptables -I INPUT -p tcp --dport $port -s $drop_ip -j DROP
     echo ">>>>> `date '+%Y-%m-%d %H%M%S'` - 发现攻击ip ->  $drop_ip " >> /data/test.log  #记录log
  fi
done

解锁iptables

#!/bin/bash
iptables -F INPUT #清空 filter表INPUT所有规则
#iptables -F    #清空所有规则

完整代码

black_ip.sh

#!/bin/bash

#iptables封锁
max=500    #最大访问量
logdir=/usr/local/nginx12/logs/access.log  #nginx访问日志文件路径
confdir=/data/test.conf  # ip黑名单
port=80
drop_ip=""

today=$(date +"%d/%b/%Y") # 今天的日志

#循环遍历日志文件取出访问量大于500的ip
for drop_ip  in $(cat $logdir |grep $today| awk '{print $1}' | sort|uniq -c |sort -rn |awk '{if($1>500)print $2}')
do
  grep  -q  "$drop_ip" $confdir && eg=1 || eg=0;
  if (( $eg==0 ));then
     echo $drop_ip  >> $confdir
     iptables -I INPUT -p tcp --dport $port -s $drop_ip -j DROP
     echo ">>>>> `date '+%Y-%m-%d %H%M%S'` - 发现攻击ip ->  $drop_ip " >> /data/test.log  #记录log
  fi
done

# 解锁iptables
release_time=$(date "+%H")
if [[ $release_time -eq "23" ]]
then
    iptables -F INPUT #清空 filter表INPUT所有规则
    #iptables -F    #清空所有规则
fi

*/1 * * * * /bin/sh black_ip.sh

官方下载地址：
https://github.com/fatedier/frp/releases/

注意事项：
1.软件包含服务端和客户端，请根据系统下载

2.服务器注意开放相关的端口和防火墙

#iptables放行端口
iptables -A INPUT -p tcp --dport 7000 -j ACCEPT
service iptables save
#firewalld放行端口
firewall-cmd --zone=public --add-port=7000/tcp --permanent
firewall-cmd --reload

3.服务端配置frps.ini

[common]
bind_port = 7000
#客户端也要设置一样的
token = 12345678
#服务端控制面板设置
dashboard_port = 7500
dashboard_user = admin
dashboard_pwd = admin
#远程代理端口设置
vhost_http_port = 10080
vhost_https_port = 10443
#服务器端的域名设置
subdomain_host = example.com

4 服务端再持续运行

 nohup /path/frps -c /path/frps.ini &

服务端设置启动运行 把命令写进文件

/etc/rc.local

5客户端按客户端系统下载配置（frpc.ini）

[common]
server_addr = 0.0.0.0
server_port = 7000
token = 12345678

[ssh]
type = tcp
local_ip = 127.0.0.1
local_port = 22
use_encryption = false
use_compression = false
remote_port = 6001

[router-web]
type = http
local_ip = 127.0.0.1
local_port = 80
use_encryption = true
use_compression = true
http_user = admin
http_pwd = admin
subdomain = web01
custom_domains = web02.yourdomain.com
locations = /abc,/def
host_header_rewrite = dev.yourdomain.com

[range:multi-port]
type = tcp
local_ip = 127.0.0.1
use_encryption = false
use_compression = false
local_port = 6010-6020,6022,6024-6028
remote_port = 16010-16020,16022,16024-16028

6.客户端运行可以widnows计划任务，liunx可以按服务端一样设置后台运行

编译python3所用到的相关依赖

yum install zlib-devel bzip2-devel openssl-devel ncurses-devel sqlite-devel readline-devel tk-devel 

可选gcc make

yum install libffi-devel

下载python3.7.4源码：

wget https://www.python.org/ftp/python/3.7.4/Python-3.7.4.tgz
tar -zxvf Python-3.7.4.tgz
cd Python-3.7.4
./configure prefix=/usr/local/python3
make && make install

编译安装Python3.7的时候报错

ModuleNotFoundError: No module named ‘_ctypes’

主要是少安装了包：

yum install libffi-devel

重新make install即可

编译安装成功

Looking in links: /tmp/tmp7f4dx6bs
Collecting setuptools
Collecting pip
Installing collected packages: setuptools, pip
Successfully installed pip-19.0.3 setuptools-40.8.0

创建python3/pip3 软链接

ln -s /usr/local/python3/bin/python3.7 /usr/bin/python3
ln -s /usr/local/python3/bin/pip3 /usr/bin/pip3

注意:如果 python对应python3的话， 更改yum配置，否在无法使用

vi /usr/bin/yum

把#!/usr/bin/python修改为#! /usr/bin/python2

vi /usr/libexec/urlgrabber-ext-down

把#!/usr/bin/python 修改为#! /usr/bin/python2

如果您看到这篇文章,表示您的 blog 已经安装成功.