#!/bin/bash
#IFCONFIG=/sbin/ifconfig
#GREP=/bin/grep
#AWK=/bin/awk
#CUT=/bin/cut
#NETSTAT=/bin/netstat
#IPSET=/usr/sbin/ipset
#IPTABLES=/sbin/iptables
#SORT=/bin/sort
#UNIQ=/usr/bin/uniq
#srvIP=`$IFCONFIG eth0 | $GREP 'inet addr' | $AWK '{print $2}' | $CUT -f2 -d ":"`
#for i in `$NETSTAT -ntu | $GREP SYN_RECV | $AWK '{print $5}' | $CUT -f1 -d ":" | $SORT | $UNIQ | $GREP -v ${srvIP}`
#do
#$IPSET -A dos $i
#done
#$IPSET -S > /etc/sysconfig/ipset

serverip=`ifconfig eth0 | grep 'inet addr' | awk '{print $2}' | cut -f2 -d ":"`
for i in `netstat -ntu | grep SYN_RECV | awk '{print $5}' | cut -f1 -d ":" | sort | uniq | grep -v ${serverip}` do ipset -A dos $i done ipset -S > /etc/sysconfig/ipset