#!/bin/bash /bin/netstat -an|awk '/80/&&/ESTABLISHED/{print $5}'|awk -F: '{a[$1]++}END{f or (i in a) if(a[i]>100)print a[i],i}'>/tmp/drop.txt drop_ip=`cat /tmp/drop.txt|awk '{print $2}'` for iptables_ip in $drop_ip do /sbin/iptables -A INPUT -s $iptables_ip -j reject done
