#!/bin/sh

STRING="\"-\" 408 -"
FILE=/usr/local/apache/logs/access_log

while true; do for i in `tail -n 200 $FILE |grep "$STRING" |cut '-d ' -f 9|cut '-d]' -f1|sort|uniq`; do iptables -nL http_invalid_request | grep -q $i || ( iptables -A http_invalid_request -s $i -p tcp --dport 80 -j DROP; echo $i added; echo $i >>/root/davew/invalid_http_request_ips.txt); done; sleep 1; echo 'IPs blocked:                        '`iptables -nL http_invalid_request |wc -l` ;done