一看必会系列:shell精确统计访问80端口的IP
脚本如下
#!/bin/bash
echo `date +"%F %H:%M:%S"` "HTTP80-ALL" "`netstat -anlp|grep tcp|grep 服务器ip|grep -w 80|awk ‘{print $5}’|awk -F: ‘{print $4}’|sort|uniq -c|sort -nr|head -n20`" >> /var/log/ip80_count`date +"%F"`.txt
#完整可用
echo `date +"%F %H:%M:%S"` "HTTP80-疑似攻击-ALL" "`netstat -anlp|grep tcp|grep 服务器ip|grep -w 80|awk ‘{print $5}’|awk -F: ‘{print $4}’|sort|uniq -c|sort -nr|head -n20`" >> /var/log/ip80疑似攻击_count`date +"%F"`.txt
echo `date +"%F %H:%M:%S"` "HTTP80-已连接-ALL" "` netstat -anlp|grep tcp|grep 服务器ip:80|grep ESTABLISHED|awk ‘{print $5}’|awk -F: ‘{print $4}’|sort|uniq -c|sort -nr|head -n20 `" >> /var/log/ip80已连接_count`date +"%F"`.txt
#更精简的写法
netstat -anlp|grep tcp|grep 服务器ip:80|awk ‘{print $5}’|awk -F: ‘{print $4}’|sort|uniq -c|sort -nr|head -n20
暂时还木有人评论,坐等沙发!