#获取日期 date=`date +"%y%m%d"` #设置日志路径 data="/data/logs/abc.com/access.log" #配置文件路径 conf="/usr/local/nginx/conf/selfconf/abc.conf" #设置要监控的地址,多个地址用空格隔开,监控全局设为null url='/pub/send/yzm/' #白名单IP Whitelist="1.1.1.1|2.2.2.2" #过滤不计次错误返回值 error_num="403|503" #最大次数 maxnum=100 #判断日志是否为空 if [ -s "$data" ]; then #将每分钟的日志转存到每日日志里去 cat $data >> $data$date #获取要禁的ip for aurl in $url; do #判断是否有设置监控地址,否则全局监控 if [[ "$url"x == "null"x ]]; then echo "grep -Ev $Whitelist|$error_num $data | awk '{print $1}' |sort -t'.' -k1,1nr -k2,2nr -k3,3nr -k4,4nr | uniq -c |awk -v max=$maxnum '{if($1>max){print $2}}'" deny=`grep -Ev "$Whitelist|$error_num" $data | awk '{print $1}' |sort -t'.' -k1,1nr -k2,2nr -k3,3nr -k4,4nr | uniq -c |awk -v max="$maxnum" '{if($1>max){print $2}}'` else deny=`awk '{if($7 == "'"$aurl"'"){print $0}}' $data | grep -Ev "$Whitelist|$error_num" | awk '{print $1}' |sort -t'.' -k1,1nr -k2,2nr -k3,3nr -k4,4nr | uniq -c |awk -v max="$maxnum" '{if($1>max){print $2}}'` fi #判断是否为空 if [[ "$deny"x != ""x ]]; then for adeny in $deny; do sed -i "/server {/adeny $adeny;" $conf #echo $adeny done #添加日期 sed -i "/server {/a\ #$aurl $date" $conf #重启nginx /usr/local/nginx/sbin/nginx -s reload fi done #清空日志 echo '' > $data fi