Requirements: monitoring logs, if there are attacks, put the ip blacklist
analysis:
1, open the log file, read all of the contents of the file
2, extract the contents of ip
3, put the ip to the list to go, in with a set weight to obtain the number of different independent IP
. 4, set in the IP cycle, to list the number of IP to statistics, more than 50 is added to the blacklist
Time Import COUNT = 0 # Initial file pointer is set to 0 the while True: ip_list = [] # emptied when every cycle the list, because it is the statistics of one minute ( "access.log", "r" with open, = encoding "UTF-. 8") AS fr: fr.seek (COUNT) to read the contents of files # The file pointer for line in fr: # in each row cycle to get content ip_list.append (line.split ( "-") [ 0]) # ip taking each row count = fr.tell () # updated after reading the file pointer for ip in set (ip_list): # ip loop to read the set of statistics to the list and if ip_list.count (ip)> 50: Print ( "% s is the ip added to the blacklist"% ip) fr.close () # close the file handle time.wait (60)