由于最近服务器经常受到黑客攻击,于是写了此程序,用于禁用某些ip访问
#!/usr/bin/perl -w
use strict;
use warnings;
use File::Copy;
use Getopt::Long;
my $usage=<<USAGE;
Usage:
perl $0 -i_a <input_dir_a(httpd.conf)> -f_a <file_name_a(httpd.conf)> -i_b <input_dir_b(httpd.log)> -f_b <file_name_b(httpd.log)>
USAGE
if (@ARGV==0){die $usage}
my ($input_dir_a,$input_filename_a,$input_dir_b,$input_filename_b,$help);
GetOptions(
"i_a:s" => \$input_dir_a,
"f_a:s" => \$input_filename_a,
"i_b:s" => \$input_dir_b,
"f_b:s" => \$input_filename_b,
"h:s" => \$help
);
die `pod2text $0` if ((!$input_dir_a) or (!$input_dir_b));
=head1 Description
This script is used to auto forbid ip which heat your website with LAMP architecture;
=head1 Parameters
-i_a [str] input dir to httpd.conf file
-f_a [str] input file name (such as httpd.conf)
-i_b [str] input dir to httpd log dir
-f_b [str] input file name (such as access_log)
-h [str] Help manual
=cut
#print $input_dir_a,"\n";
my $config_file = "$input_dir_a"."/"."$input_filename_a";
my $log_file = "$input_dir_b"."/"."$input_filename_b";
#print $log_file;
copy($config_file,$config_file.".bak");
my %hash;
my @appear_time;
open(RF,$log_file) || die $!;
while(my $line=<RF>){
chomp($line);
my @arr=split(' ',$line);
if($arr[0]!~/^\d/){next};
if($arr[0] eq "127.0.0.1"){next};
$hash{$arr[0]}++;
}
close(RF);
open(RF,$config_file) || die $!;
open(WF,">".$config_file."_a") || die $!;
while(my $line=<RF>){
chomp($line);
if($line =~ /Deny\ from\ (.*)/){
my $ip_temp = $1;
for my $key (keys %hash){
if ($key ne $ip_temp){
if($hash{$key} > 7000){
my $new_line=$line."\n"." "."Deny from ".$key."\n";
print WF $new_line;
delete($hash{$key});
}
}else{
delete($hash{$key});
}
}
next;
}
print WF $line."\n";
}
close(RF);
close(WF);
move($config_file."_a",$config_file);