限制ssh远程登陆

超过十次，就添加到hosts.deny里面去

#!/bin/bash

date=`date +%Y%m%d`

file="/var/log/secure"

max=10

if [[ -f $file ]]

then

        grep Failed $file | awk '{print $(NF-3)}' | sort -rn | uniq -c | awk '{print $2 "=" $1}'>/shell/ip.txt

fi

for a in `cat /shell/ip.txt`

do

        if [[ `echo $a| awk -F"=" '{print $2}'` -gt $max ]]

        then

                b=`echo $a | awk -F"=" '{print $1}'`

                grep $b /etc/hosts.deny >/dev/null

                if [[ $? != 0 ]]

                then

                echo "sshd:$b" >> /etc/hosts.deny

                fi

        fi

done