Need to write a simple shell script ( Ubuntu/CentOS) that is ran using crontab, idea is to scan for number of connections per ip, if it exceeds specified limit, run command to block that IP in our firewall.
Functions:
1. run netstat -atun | awk '{print $5}' | cut -d: -f1 | sed -e '/^$/d' |sort | uniq -c | sort -n
2. scan number of connections and IP addresses
sample output:
2 [login to view URL]
2 [login to view URL]
3 [login to view URL]
5 [login to view URL]
5 [login to view URL]
5 [login to view URL]
6 [login to view URL]
6 [login to view URL]
8 [login to view URL]
9 0.0.0.0
10 [login to view URL]
12 [login to view URL]
22 [login to view URL]
22 [login to view URL]
24 [login to view URL]
24 [login to view URL]
60 [login to view URL]
370 [login to view URL]
450 [login to view URL]
Threshhold limit in conf is for ex 200 that means the last 2 ips should be blocked using command:
csf -d [login to view URL]
csf -d 450 175.137.180
use sendmail to email this event (only if block was done)
Must work without bugs/crashing/memory leaks etc, at end of script it must be terminated.
Hello, I have just read your requirement very careful and I am sure that I can finish it for 1 hours because I am a professional C/C++ expert.
Now I don't have even one review because I am a new freelancer.
So I think it is a important opportunity for me to prove my skill.
Please contact me if you are willing to work with me.
Thank you for having a look.