Просто скриптик, утянутый на память с Хабра:
#!/bin/bash PATH=/sbin:/usr/sbin:$PATH date=`date +"%Y%m%d%H%M"` iptables -t raw -L PREROUTING -vnxZ | perl -ne 'split/ +/;print "$_[8]\n" if $_[1] ne "0";' | xargs -I {} iptables -t raw -D PREROUTING -s {} -j DROP log_dir=/var/lib/vservers/perfccc/var/www/logs/typofront/ cd ${log_dir} pid=`cat /var/lib/vservers/perfccc/var/run/nginx.pid` mv ${log_dir}/typofront.access.log ${log_dir}/typofront.access.${date}.log /usr/sbin/vkill -s USR1 ${pid} grep "GET /experts/extrasensy/index.html HTTP" ${log_dir}/typofront.access.${date}.log | cut -d ' ' -f 1 | sort | uniq -dc | sort -nr | perl -ne 'split /\s+/; print "$_[2]\n" if ($_[1]>30);' | xargs -I {} iptables -t raw -I PREROUTING -s {} -j DROP /bin/gzip ${log_dir}/typofront.access.${date}.log
#!/bin/bash PATH=/sbin:/usr/sbin:$PATH date=`date +"%Y%m%d%H%M"` iptables -t raw -L PREROUTING -vnxZ | perl -ne 'split/ +/;print "$_[8]\n" if $_[1] ne "0";' | xargs -I {} iptables -t raw -D PREROUTING -s {} -j DROP log_dir=/var/lib/vservers/perfccc/var/www/logs/typofront/ cd ${log_dir} pid=`cat /var/lib/vservers/perfccc/var/run/nginx.pid` mv ${log_dir}/typofront.access.log ${log_dir}/typofront.access.${date}.log /usr/sbin/vkill -s USR1 ${pid} grep "GET /experts/extrasensy/index.html HTTP" ${log_dir}/typofront.access.${date}.log | cut -d ' ' -f 1 | sort | uniq -dc | sort -nr | perl -ne 'split /\s+/; print "$_[2]\n" if ($_[1]>30);' | xargs -I {} iptables -t raw -I PREROUTING -s {} -j DROP /bin/gzip ${log_dir}/typofront.access.${date}.log
