ip-blocker-1 for ddos

#!/bin/bash

for ((Â n = 0 ;Â n <= 29;Â n++Â ))
do

netstat -plan|grep :80|awk {‘print $5′}|cut -d: -f 1|sort|uniq -c|sort -nk 1
netstat -plan|grep :80|awk {‘print $5′}|cut -d: -f 1|sort|uniq -c|sort -nk 1 | awk ‘{ if ( $1 > 35 ) printÂ Â $2
}’ > /tmp/blockedip

for i in `cat /tmp/blockedip`

do
printf ” \t\t\t\033[1;34mÂ $i \033[0m \n \n";

CHECK_IF_LOCALIP=0;
/sbin/ifconfig | grep $i > /dev/null;
if [ $? -ne $CHECK_IF_LOCALIP ]
then
{
FLAG=0;
grep $i /etc/sysconfig/iptables | grep DROPÂ > /dev/null;
if [ $? -ne $FLAG ]
then
printf “\033[1;35m \t\tBLOCKING ALL CONNECTIONS FROM \033[0m \033[1;36m $i \t\t\n\n \033[0m\t\t”;
iptables -I INPUT -p tcp -s $i -j DROP;
/etc/rc.d/init.d/iptables save;
printf “\n\t\t\033[1;34mAll connections fromÂ \033[0mÂ \033[1;33m $i \033[0m \033[1;34m
is now blocked \t\n \033[0m “;

else
printf “\033[1;33mÂ \t\tIpaddress \033[1;35m $i \033[0m \033[1;33m is already blocked \
n\033[0m”;
fi
}
else
printfÂ “\t\t\033[1;34mÂ Sorry, the ip \033[1;35m $i \033[0m \033[1;34mÂ Â cannot be blo
cked since this is a local ip of the serverÂ \033[0m “;
fi

echo ” “;

echo ” $i ip is now blocked ” >> /tmp/scriptblockedip

done

sleep 2;

done