Hello. For purposes of writting scripts for converting data formats, I have constructed an array, that can be used to replace language codes by their names.
Continue reading “PHP Array of ISO 639-1 language codes => names.”
Jul 01 2009
[Linux, FreeBSD] Small Anti-DDOS Shell Script for FreeBSD
Struggling with DDoS on my friend’s site, I wrote small Anti-DDoS script, that in original just lists all IPs, that have more than X active connections open to your server. It was originally written for FreeBSD.
#!/bin/sh
# Set here a minimum number of connections for action to be executed (150 by default).
FR_MIN_CONN=150
TMP_PREFIX='/tmp/frrr'
TMP_FILE=`mktemp $TMP_PREFIX.XXXXXXXX`
netstat -ntu -f inet| awk '{if(NR>2 && NF=6) print $5}' | cut -d. -f1-4 | grep '^[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}$' | sort | uniq -c | sort -nr > $TMP_FILE
while read line; do
CURR_LINE_CONN=$(echo $line | cut -d" " -f1)
CURR_LINE_IP=$(echo $line | cut -d" " -f2)
if [ $CURR_LINE_CONN -lt $FR_MIN_CONN ]; then
break
fi
# You can insert your own logic here (e.g. ban with your favourite firewall). Now it just prints the IP to console.
echo $CURR_LINE_IP
done < $TMP_FILE
rm -f $TMP_PREFIX.*I think this will work on general Linux also. You just need to change “cut -d.” to “cut -d:” in the listing and, probably, “/bin/sh” to “/bin/bash”.
Jul 01 2009
[Linux, FreeBSD] Using netstat and ipfw to manually detect and blacklist DOSers on FreeBSD
This is just an addition to my this article with some corrections needed if you use FreeBSD.
netstat command should look like
netstat -ntu -f inet| awk '{print $5}' | cut -d. -f1-4 | sort | uniq -c | sort -nr|more
And firewall IP blocking command should be
ipfw add deny all from xxx.xxx.xxx.xxx to any in
