#獲取日期 date=`date +"%y%m%d"` #設置日志路徑 data="/data/logs/abc.com/access.log" #配置文件路徑 conf="/usr/local/nginx/conf/selfconf/abc.conf" #設置要監控的地址,多個地址用空格隔開,監控全局設為null url='/pub/send/yzm/' #白名單IP Whitelist="1.1.1.1|2.2.2.2" #過濾不計次錯誤返回值 error_num="403|503" #最大次數 maxnum=100 #判斷日志是否為空 if [ -s "$data" ]; then #將每分鍾的日志轉存到每日日志里去 cat $data >> $data$date #獲取要禁的ip for aurl in $url; do #判斷是否有設置監控地址,否則全局監控 if [[ "$url"x == "null"x ]]; then echo "grep -Ev $Whitelist|$error_num $data | awk '{print $1}' |sort -t'.' -k1,1nr -k2,2nr -k3,3nr -k4,4nr | uniq -c |awk -v max=$maxnum '{if($1>max){print $2}}'" deny=`grep -Ev "$Whitelist|$error_num" $data | awk '{print $1}' |sort -t'.' -k1,1nr -k2,2nr -k3,3nr -k4,4nr | uniq -c |awk -v max="$maxnum" '{if($1>max){print $2}}'` else deny=`awk '{if($7 == "'"$aurl"'"){print $0}}' $data | grep -Ev "$Whitelist|$error_num" | awk '{print $1}' |sort -t'.' -k1,1nr -k2,2nr -k3,3nr -k4,4nr | uniq -c |awk -v max="$maxnum" '{if($1>max){print $2}}'` fi #判斷是否為空 if [[ "$deny"x != ""x ]]; then for adeny in $deny; do sed -i "/server {/a\deny $adeny;" $conf #echo $adeny done #添加日期 sed -i "/server {/a\\\n#$aurl $date" $conf #重啟nginx /usr/local/nginx/sbin/nginx -s reload fi done #清空日志 echo '' > $data fi