linux系统shell脚本实现 恶意扫描服务器密码 自动屏蔽

#!/bin/bash

log=/workspace/crontab/denyhostmessage
DEFINE=100
grep 'Failed password' /var/log/messages |awk '{print $(NF-3)}' |sort |uniq -c > $logfor i in `cat $log|awk '{print $2}'`
do
NUM=`grep $i $log|awk '{print $1}'`
if [ $NUM -gt $DEFINE ]
then
grep $i /etc/hosts.deny > /dev/null
if [ $? -gt 0 ]
then
iptables -I INPUT -s $ip -j DROP
fi
fi
done