\u30d6\u30ed\u30b0\u306e\u30b9\u30d1\u30e0\u653b\u6483\u3068\u304b\u5909\u306a\u30a2\u30af\u30bb\u30b9\u304c\u6c17\u306b\u306a\u308b\u306e\u3067\u3001\u65e5\u672c\u3068google\u4ee5\u5916\u306eIP\u3092\u30d6\u30ed\u30c3\u30af\u3059\u308b\u30b9\u30af\u30ea\u30d7\u30c8\u3092\u4f5c\u308a\u307e\u3057\u305f\u3002
\u30c6\u30b9\u30c8\u74b0\u5883\u3067\u3046\u307e\u304f\u3044\u3063\u3066\u3044\u308b\u307f\u305f\u3044\u306a\u306e\u3067\u3001\u30a2\u30c3\u30d7
ipblker
<\/p>\n\n\n\n
#!\/bin\/bash\n#ss\u30b3\u30de\u30f3\u30c9\u306715\u500b\u307e\u3067\u306eIP\u3092\u53d6\u5f97\u3057\u307e\u3059\u3002\nip=`\/usr\/sbin\/ss -t | awk -F : '{print$2}' | awk '{print$2}' | grep -v Peer | sort | uniq | head -n 15`\necho \"$ip\"\necho \"$ip\" > \/root\/ipblk\/ip_listold\n\n#whitelist\u306b\u8a18\u9332\u3055\u308c\u3066\u3044\u308bIP\u3092\u9664\u5916\u3057ip_listold\u3068\u3057\u3066\u5410\u304d\u51fa\u3057\u307e\u3059\u3002\nfor i in `cat \/root\/ipblk\/whitelist`\ndo\ncat \/root\/ipblk\/ip_listold | grep -v \"$i\" > \/root\/ipblk\/ip_listold1\ncat \/root\/ipblk\/ip_listold1 > \/root\/ipblk\/ip_listold\ncat \/root\/ipblk\/ip_listold\ncat \/root\/ipblk\/ip_listold | wc -l\necho \"\"\necho \"$i\"\necho \"\"\ndone\n\n#ip_listold\u304b\u3089\u65e5\u672c\u3068google\u306eIP\u3092whitelist\u306b\u8ffd\u52a0\u3057\u307e\u3059\n#\u305d\u308c\u4ee5\u5916\u3092\u30d6\u30ed\u30c3\u30af\u3057\u3001blacklist\u306b\u8ffd\u52a0\u3057\u307e\u3059\nipl=`cat \/root\/ipblk\/ip_listold`\nfor i in `echo \"$ipl\"`\ndo\n\ncurl -kfsS https:\/\/ipinfo.io\/\"$i\"\/country >> \/root\/ipblk\/ip_country\nif [[ \"$?\" -eq 0 ]]; then\n echo \"\u7d42\u4e86\u30b3\u30fc\u30c9\u306f0\u3067\u3059 1\"\n if [[ `tail -n 1 \/root\/ipblk\/ip_country` = JP ]]; then\n echo \"nonblock_JP\"\n echo \"$i\"\n echo \"$i\" >> \/root\/ipblk\/whitelist\n continue\n else\n echo \u65e5\u672c\u3067\u306f\u306a\u3044\n fi\nelif [[ \"$?\" -ne 0 ]]; then\n echo \"\u7d42\u4e86\u30b3\u30fc\u30c9\u306f0\u4ee5\u5916\u3067\u3059 1\"\n continue\nfi\n\ncurl -kfsS https:\/\/ipinfo.io\/\"$i\"\/ | grep org | awk '{print$3}' >> \/root\/ipblk\/ip_org\nif [[ \"$?\" -eq 0 ]]; then\n echo \"\u7d42\u4e86\u30b3\u30fc\u30c9\u306f0\u3067\u3059 2\"\n if [[ `tail -n 1 \/root\/ipblk\/ip_org` = \"Google\" ]] && [[ `host \"$i\" | awk -F . '{print$7}'` = \"googlebot\" ]]; then\n echo \"nonblock_Google\"\n echo \"$ip\"\n echo \"$ip\" >> \/root\/ipblk\/whitelist\n continue\n else\n echo google\u3067\u306f\u306a\u3044\n fi\n\n elif [[ \"$?\" -ne 0 ]]; then\n echo \"\u7d42\u4e86\u30b3\u30fc\u30c9\u306f0\u4ee5\u5916\u3067\u3059 2\"\n continue\nfi\n\ncurl -kfsS https:\/\/ipinfo.io\/\"$i\"\/ip >> \/root\/ipblk\/ip_ip\nif [[ \"$?\" -eq 0 ]]; then\n echo \"\u7d42\u4e86\u30b3\u30fc\u30c9\u306f0\u3067\u3059 3\"\n if [[ `tail -n 1 \/root\/ipblk\/ip_ip` = \"127.0.0.1\" ]]; then\n echo \"nonblock_loopback\"\n continue\n else\n echo `tail -n 1 \/root\/ipblk\/ip_country`\n echo \/sbin\/iptables -I INPUT -s $i -j DROP\n echo iptables -I INPUT -s $i -j DROP >> \/root\/ipblk\/blacklist\n fi\n elif [[ \"$?\" -ne 0 ]]; then\n echo \"\u7d42\u4e86\u30b3\u30fc\u30c9\u306f0\u4ee5\u5916\u3067\u3059 3\"\n echo 127.0.0.1\u3067\u306f\u306a\u3044\n continue\nfi\n\ndone<\/code><\/pre>\n\n\n\n\u3068\u3001 ipinfo.io \u69d8\u304b\u3089IP\u306e\u60c5\u5831\u3092\u53d6\u5f97\u3057\u3066\u3044\u307e\u3059\u3002
\u5f8c\u534a\u306e\u884c\u3067IP\u3092\u30d6\u30ed\u30c3\u30af\u3057\u307e\u3059\u304c\u3001
\u30c6\u30b9\u30c8\u3092\u517c\u306d\u3066echo\u3092\u4ed8\u3051\u3066\u3044\u307e\u3059\u306e\u3067\u3001
\u5b9f\u969b\u306b\u5b9f\u884c\u3055\u308c\u308b\u5834\u5408\u306f\u3001echo\u3092\u5916\u3057\u3066\u304f\u3060\u3055\u3044\u3002
echo iptables -I INPUT -s $i -j DROP
iptables -I INPUT -s $i -j DROP
\u6b21\u306b\u4e0a\u8a18\u306e\u30b9\u30af\u30ea\u30d7\u30c8\u3092cron\u306b\u8a2d\u7f6e\u3057\u307e\u3059\u3002<\/p>\n\n\n\n
cd \/var\/spool\/cron\/crontabs\/\nvim root\n*\/1 * * * * \/root\/ipblk\/ipblker\n\n\u30a8\u30e9\u30fc\u901a\u77e5\u306e\u307f\u53d7\u4fe1\u3057\u305f\u3044\u5834\u5408\n*\/1 * * * * \/root\/ipblk\/ipblker 1> \/dev\/null\n\n\u5168\u3066\u306e\u901a\u77e5\u3092\u53d7\u4fe1\u3057\u306a\u3044\u5834\u5408\n*\/1 * * * * \/root\/ipblk\/ipblker >\/dev\/null 2>$1\n<\/code><\/pre>\n\n\n\ncron\u306e\u30ed\u30b0\u81ea\u4f53\u3092\u78ba\u8a8d\u3057\u305f\u3044\u5834\u5408<\/p>\n\n\n\n
vim \/etc\/rsyslog.d\/50-default.conf\n\n#cron.* \/var\/log\/cron.log\n\u30b3\u30e1\u30f3\u30c8\u3055\u308c\u3066\u3044\u308b\u5834\u5408\u5916\u3057\u3066\u3042\u3052\u307e\u3059\u3002\ncron.* \/var\/log\/cron.log<\/code><\/pre>\n\n\n\n
\u30c6\u30b9\u30c8\u7528\u3068\u3057\u3066cron\u30921\u5206\u306b\u4e00\u56de\u3068\u8a2d\u5b9a\u3057\u3066\u3044\u307e\u3059\u304c\u3001
ipinfo.io\u306e1\u65e5\u306b\u53d6\u5f97\u3067\u304d\u308bIP\u306f\u7121\u6599\u3060\u30681000\u56de\u307e\u3067\u306a\u306e\u3067\u3001
\u305d\u308c\u3092\u8d85\u3048\u306a\u3044\u8a2d\u5b9a\u306b\u3057\u307e\u3059\u3002
\u4eca\u56de\u306e\u5834\u5408\u30011\u56de\u306b\u3064\u304d\u6700\u5927IP\u309215\u500b\u307e\u3067\u53d6\u5f97\u3067\u304d\u308b\u3088\u3046\u306b\u8a2d\u5b9a\u3057\u3066\u3044\u308b\u306e\u3067\u3001
30\u5206\u306b\u4e00\u56de\u3001ipblker\u3092\u5b9f\u884c\u3057\u307e\u3059\u3002
<\/p>\n\n\n\n
*\/30 * * * * \/root\/ipblk\/ipblker 1> \/dev\/null\n\n<\/code><\/pre>\n\n\n\n\u4f55\u304b\u30a8\u30e9\u30fc\u901a\u77e5\u3042\u308c\u3070\u3001\u78ba\u8a8d\u3057\u3066\u8abf\u6574\u3057\u3066\u3044\u304f\u4e88\u5b9a\u3067\u3059\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"
\u30d6\u30ed\u30b0\u306e\u30b9\u30d1\u30e0\u653b\u6483\u3068\u304b\u5909\u306a\u30a2\u30af\u30bb\u30b9\u304c\u6c17\u306b\u306a\u308b\u306e\u3067\u3001\u65e5\u672c\u3068google\u4ee5\u5916\u306eIP\u3092\u30d6\u30ed\u30c3\u30af\u3059\u308b\u30b9\u30af\u30ea\u30d7\u30c8\u3092\u4f5c\u308a\u307e\u3057\u305f\u3002\u30c6\u30b9\u30c8\u74b0\u5883\u3067\u3046\u307e\u304f\u3044\u3063\u3066\u3044\u308b\u307f\u305f\u3044\u306a\u306e\u3067\u3001\u30a2\u30c3\u30d7ipblker \u3068\u3001 ipinfo.io \u69d8\u304b\u3089IP\u306e\u60c5 ... \"ubuntu20.04\u3067cron\u3092\u8a2d\u7f6e\u3059\u308b\u3002\"<\/span> \u3092\u7d9a\u3051\u3066\u8aad\u3080<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[13,14],"tags":[],"class_list":{"0":"post-602","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-ubuntu","7":"category-14","8":"h-entry","9":"hentry","10":"h-as-article"},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/roroing.net\/index.php?rest_route=\/wp\/v2\/posts\/602","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/roroing.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/roroing.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/roroing.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/roroing.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=602"}],"version-history":[{"count":7,"href":"https:\/\/roroing.net\/index.php?rest_route=\/wp\/v2\/posts\/602\/revisions"}],"predecessor-version":[{"id":622,"href":"https:\/\/roroing.net\/index.php?rest_route=\/wp\/v2\/posts\/602\/revisions\/622"}],"wp:attachment":[{"href":"https:\/\/roroing.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=602"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/roroing.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=602"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/roroing.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=602"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}