twfcc / shadowsocks-libev_firewall_utils

Ban IP which use Brute force attack to shadowsocks-libev server

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

shadowsocks-libev_firewall_utils

Ban IPs which use Brute force attack to shadowsocks-libev server

說明

badip.sh是bash腳本,以shadowsocks-libev產生的log文件量度IP連接錯誤數目封鎖

counter.awk是awk腳本,以shadowsocks-libev產生的log文件計算每個IP錯誤連接數目

ip_free.sh是bash腳本,清空iptables的封鎖列表

使用方法

以root登錄VPS,下載腳本,執行 chmod +x badip.sh ip_free.sh

編輯badip.sh,找到

logfile="$HOME/ss.log" #change if it is not your ss.log directory

如果不是/root/ss.log,改為正確的目錄和文件名

找到

if (ip[x] > 50)

預定該IP連接錯誤大於50次,可以改為適合的數字,儲存文件並離開文字編輯器

執行crontab -e , 加入

*/15 * * * * /path/to/badip.sh

0 3 * * * /path/to/ip_free.sh

59 2 * * * cat /dev/null > /path/to/whatever_of_shadowsocks-libev_log

儲存並離開crontab

計算每個IP錯誤連接數目,執行 awk -f counter.awk /path/to/whatever_of_shadowsocks-libev_log

主意:執行ss-server必須有'-v'參數並導入一個文件內,例如

nohup ss-server -v -u -c /path/to/whatever.json &>> /path/to/whatever_of_shadowsocks-libev_log &

Explanation

badip.sh is a bash shell script reading information from shadowsocks-libev server's log to ban IP

counter.awk is a awk script to mesure every IPs' ERROR connection to shadowsocks-libev server

ip_free.sh is a bash shell script to clear iptables' INPUT chain Block list.

Usage

Login your VPS with user 'root' via ssh client and downloading these scripts.

Input: chmod +x badip.sh ip_free.sh

edit badip.sh , find the line as below

logfile="$HOME/ss.log" #change if it is not your ss.log directory

change to correct directory and log file name if not suit for you , then find the line

if (ip[x] > 50)

change to any number if you like to count more or less error connection to ban the IP

save and exit text editor.

Input: crontab -e add new cronjob , add some lines one by one as below

*/15 * * * * /path/to/badip.sh

0 3 * * * /path/to/ip_free.sh

59 2 * * * cat /dev/null > /path/to/whatever_of_shadowsocks-libev_log

save and exit crontab program.

Mesure every IPs error connection by input: awk -f counter.awk /path/to/whatever_of_shadowsocks-libev_log

Note: 'ss-server' command must be had '-v' argument when you execute it. For example:

nohup ss-server -v -u -c /path/to/whatever.json &>> /path/to/whatever_of_shadowsocks-libev_log &

About

Ban IP which use Brute force attack to shadowsocks-libev server

License:The Unlicense


Languages

Language:Shell 83.7%Language:Awk 16.3%