大家好,又见面了,我是你们的朋友全栈君。
DDoS deflate其实非常简单,下面是详细的安装和配置步骤:
1.安装 DDoS deflate
wget http://www.inetbase.com/scripts/ddos/install.sh
chmod 0700 install.sh
./install.sh
//弹出版权信息后,在SSH下键入 q , 即可退出版权信息。
2.配置 DDoS deflate .
安装成功后会提示Config file is at /usr/local/ddos/ddos.conf,所以你可以在ddos.conf里进行简要配置.
# vim /usr/local/ddos/ddos.conf
##### Paths of the script and other files
PROGDIR=”/usr/local/ddos”
PROG=”/usr/local/ddos/ddos.sh”
IGNORE_IP_LIST=”/usr/local/ddos/ignore.ip.list” //白名单
CRON=”/etc/cron.d/ddos.cron”
APF=”/etc/apf/apf”
IPT=”/sbin/iptables”
—————————————————————————-
##### frequency in minutes for running the script
##### Caution: Every time this setting is changed, run the script with –cron
##### option so that the new frequency takes effect
FREQ=1
//ddos.sh执行的频率,单位是分钟,搭配crontab来执行.
如果你更改了该设置,请执行 /usr/local/ddos/ddos.sh –cron
—————————————————————————-
##### How many connections define a bad IP? Indicate that below.
NO_OF_CONNECTIONS=150
//当哪个IP的连接数达到150就加入黑名单;查看连接数你可以执行
#netstat -ntu | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n
—————————————————————————-
##### APF_BAN=1 (Make sure your APF version is atleast 0.96)
##### APF_BAN=0 (Uses iptables for banning ips instead of APF)
APF_BAN=0
//一般情况下你是使用iptables来做防火墙,所以这里你需要将 APF_BAN的值改为0.
—————————————————————————-
##### KILL=0 (Bad IPs are’nt banned, good for interactive execution of script)
##### KILL=1 (Recommended setting)
KILL=1
//将非法的的IP加入iptables的INPUT链中,DROP之.
—————————————————————————-
##### An email is sent to the following address when an IP is banned.
##### Blank would suppress sending of mails
EMAIL_TO=”root”
//给root发一封邮件
—————————————————————————-
##### Number of seconds the banned ip should remain in blacklist.
BAN_PERIOD=600
//关押黑名单中的IP的时长
3.卸载 DDoS deflate ,如果你不想用.
wget http://www.inetbase.com/scripts/ddos/uninstall.ddos
chmod 0700 uninstall.ddos
./uninstall.ddos
另外如果总是会收到以下类似的邮件提示的话
Banned the following ip addresses on Tue Aug 5 01:32:01 BST 2008
1120 with 1120 connections
请查看/usr/local/ddos/ddos.sh文件的第117行
netstat -ntu | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -nr > $BAD_IP_LIST
修改为以下代码即可!
netstat -ntu | grep ‘:’ | awk ‘{print $5}’ | sed ‘s/::ffff://’ | cut -f1 -d ‘:’ | sort | uniq -c | sort -nr > $BAD_IP_LIST
发布者:全栈程序员-用户IM,转载请注明出处:https://javaforall.cn/159293.html原文链接:https://javaforall.cn
【正版授权,激活自己账号】: Jetbrains全家桶Ide使用,1年售后保障,每天仅需1毛
【官方授权 正版激活】: 官方授权 正版激活 支持Jetbrains家族下所有IDE 使用个人JB账号...