65.181.122.21 - - [24/Mar/2013:10:33:28 -0400] "-" 400 0 "-" "-"
109.228.81.72 - - [24/Mar/2013:10:33:42 -0400] "-" 400 0 "-" "-"
92.26.105.90 - - [24/Mar/2013:10:33:54 -0400] "-" 400 0 "-" "-"
92.26.105.90 - - [24/Mar/2013:10:33:54 -0400] "-" 400 0 "-" "-"
92.26.105.90 - - [24/Mar/2013:10:33:54 -0400] "-" 400 0 "-" "-"
92.26.105.90 - - [24/Mar/2013:10:33:54 -0400] "-" 400 0 "-" "-"
174.57.127.57 - - [24/Mar/2013:10:34:07 -0400] "-" 400 0 "-" "-"
174.57.127.57 - - [24/Mar/2013:10:34:07 -0400] "-" 400 0 "-" "-"
174.57.127.57 - - [24/Mar/2013:10:34:07 -0400] "-" 400 0 "-" "-"
87.250.112.82 - - [24/Mar/2013:10:34:10 -0400] "-" 400 0 "-" "-"
87.250.112.82 - - [24/Mar/2013:10:34:16 -0400] "-" 400 0 "-" "-"
75.9.96.255 - - [24/Mar/2013:10:34:20 -0400] "-" 400 0 "-" "-"
39.48.21.192 - - [24/Mar/2013:10:34:20 -0400] "-" 400 0 "-" "-"
39.48.21.192 - - [24/Mar/2013:10:34:20 -0400] "-" 400 0 "-" "-"
这是一种 GET 洪水吗?
有没有什么办法可以 grep 所有 IP 然后将它们发送到 iptables?
答案1
这通常意味着客户端打开了一个Keep-Alive连接,但在收到对其上一个请求的响应后断开了连接。也可能是客户端连接后立即断开连接而未发送任何内容。由于 Web 服务器正在等待某些内容,因此它会记录一个错误请求 (HTTP 400)。这些大多是无害的。