#==========cat /var/www/forum.rcdesign.ru/logs/error.log | grep "limiting requ

1. #==========
2. cat /var/www/forum.rcdesign.ru/logs/error.log | grep "limiting requests, excess" | grep "request: \"GET / HTTP/1"| awk '{print $14}'| awk -F"," '{print $1}'| sort | uniq -c | sort -nr > /tmp/botnet.blacklist
3.  
4. cat /dev/null > /tmp/iptables_ban.sh
5.  
6. #awk '{print "iptables -A INPUT -p tcp --dport 80 -s " $2 " -j DROP" }' /tmp/botnet.blacklist | head -n 50 >> /tmp/iptables_ban.sh
7. awk '{print "iptables -A INPUT -s " $2 " -j DROP" }' /tmp/botnet.blacklist | head -n 50 >> /tmp/iptables_ban.sh
8.  
9. bash /tmp/iptables_ban.sh
10. #cat /dev/null > /var/www/forum.rcdesign.ru/logs/error.log
11. #==========
12. cat /var/www/forum.rcdesign.ru/logs/error.log | grep "limiting connections by zone" | grep "request: \"GET / HTTP/1"| awk '{print $12}'| awk -F"," '{print $1}'| sort | uniq -c | sort -nr > /tmp/botnet.blacklist
13.  
14.  
15. cat /dev/null > /tmp/iptables_ban.sh
16.  
17. #awk '{print "iptables -A INPUT -p tcp --dport 80 -s " $2 " -j DROP" }' /tmp/botnet.blacklist | head -n 50 >> /tmp/iptables_ban.sh
18. awk '{print "iptables -A INPUT -s " $2 " -j DROP" }' /tmp/botnet.blacklist | head -n 50 >> /tmp/iptables_ban.sh
19.  
20.  
21. bash /tmp/iptables_ban.sh
22. cat /dev/null > /var/www/forum.rcdesign.ru/logs/error.log
23. #==========