Simple DDOS Blocker

1. #! /bin/bash
2. while;;
3.     do
4.         for ip in `lsof -ni | grep httpd | grep -iv listen | awk '{print $8}' | cut -d : -f 2 | sort | uniq | sed s/"http->"//`;
5.     do
6.         noconns=`lsof -ni | grep $ip | wc -l`;
7.         echo $ip : $noconns;
8.  
9.         if [ "$noconns" -gt "20" ];
10.         then
11.             iptables -I INPUT -s $ip -p tcp -j REJECT --reject-with tcp-reset
12.         else
13.             fi;
14.     done
15.     sleep 60
16. done