大家好,又见面了,我是你们的朋友全栈君。如果您正在找激活码,请点击查看最新教程,关注关注公众号 “全栈程序员社区” 获取激活教程,可能之前旧版本教程已经失效.最新Idea2022.1教程亲测有效,一键激活。
Jetbrains全系列IDE使用 1年只要46元 售后保障 童叟无欺
代码中有注释说明
#! /usr/bin/env python
# -*- coding: UTF-8 -*-
from redis import Redis
import time
from gurd import *
rdb = Redis("127.0.0.1")
vips = {}
def setOffset(offset):
keys = rdb.keys("*")
min = offset
for key in keys:
if key=="offset":
continue
elif int(key)<min:
min = int(key)
if offset > min:
rdb.set("offset",min)
time.sleep(5)
def main():
icmp = {}
udp = {}
http = {}
syn = {}
count = 0
offset = int(rdb.incr("offset"))-1
data = rdb.hgetall(offset)
for key in data.keys():
if key.endswith("http"):
items = key.split("-")
if http.has_key(items[1]):
http[items[1]] += int(data[key])
else:
http[items[1]] = int(data[key])
elif key.endswith("syn"):
items = key.split("-")
if syn.has_key(items[1]):
syn[items[1]] += int(data[key])
else:
syn[items[1]] = int(data[key])
elif key.endswith("icmp"):
items = key.split("-")
if icmp.has_key(items[1]):
icmp[items[1]] += int(data[key])
else:
icmp[items[1]] = int(data[key])
elif key.endswith("udp"):
items = key.split("-")
if udp.has_key(items[1]):
udp[items[1]] += int(data[key])
else:
udp[items[1]] = int(data[key])
elif key.endswith("count"):
count += int(data[key])
else:
continue
count = 0
#syn flood 判断和检测
for key in syn.keys():
if syn[key]<5000:
continue
if http[key]/syn[key]<=3:
if vips.has_key(key):
vips[key]["attack"] += 1
vips[key]["type"] = "syn"
vips[key]["count"]+= syn[key]
vips[key]["end"]=offset
else:
# 往列表里添加被攻击VIP,统计被攻击VIP的攻击量,如果一个VIP 持续10未收到攻击则从受攻击VIP列表中移除
vips[key]={"attack":10,"type":"syn","count":syn[key],"guard":0,"start":offset,"end":offset}
# udp flood 判断和检测
for key in udp.keys():
if udp[key]<5000:
continue
if vips.has_key(key):
vips[key]["attack"] += 1
vips[key]["type"] = "udp"
vips[key]["count"]+= udp[key]
vips[key]["end"]=offset
else:
vips[key]={"attack":10,"type":"syn","count":udp[key],"guard":0,"start":offset,"end":offset}
# icmp flood 判断和检测
for key in icmp.keys():
if icmp[key]<5000:
continue
if vips.has_key(key):
vips[key]["attack"] += 1
vips[key]["type"] = "icmp"
vips[key]["count"]+= icmp[key]
vips[key]["end"]=offset
else:
vips[key]={"attack":10,"type":"syn","count":icmp[key],"guard":0,"start":offset,"end":offset}
# 遍历所有被攻击的VIP,所有的attack减一,attack为0的从受攻击队列中移除
for key in vips.keys():
vips[key]["attack"] += -1
if vips[key]["guard"]==0:
print "find ddos attack on %s from :%d " %(key,vips[key]["start"])
addVip(key)
# add to guard
vips[key]["guard"]=1
if vips[key]["attack"]==0:
# remove from guard and vips
delVip(key)
print "find ddos attack end on %s time:%d " %(key,vips[key]["end"])
vips.pop(key)
rdb.expire(offset,1)
while offset < int(time.time()-10):
offset = int(rdb.incr("offset"))-1
rdb.expire(offset,1)
#print "offset:%d time:%d" %(offset,int(time.time()))
if offset > int(time.time())-5:
time.sleep(2)
else:
setOffset(offset)
while 1:
try:
main()
except:
rdb = Redis("127.0.0.1")
vips = {}
pass版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请联系我们举报,一经查实,本站将立刻删除。
发布者:全栈程序员-站长,转载请注明出处:https://javaforall.net/157758.html原文链接:https://javaforall.net
