一、编写脚本selinux.sh,实现开启或禁用SELinux功能
[root@centos7 ~]#vim selinux.sh
#!/bin/bash
confdir=/etc/selinux/config
case "$1" in
on)
sed -ir 's/^SELINUX=.*/SELINUX=enforcing/' $confdir
echo "Open The SELinux Success!"
;;
off)
sed -ir 's/^SELINUX=.*/SELINUX=disable/' $confdir
echo "Close The SELinux Success;But you should reboot to make selinux enabled!"
;;
*)
echo "Usage:`basename $0` on|off"
exit 1
;;
esac
[root@centos7 ~]# bash selinux.sh on
Open The SELinux Success!
[root@centos7 ~]# grep "SELINUX=" /etc/selinux/config
# SELINUX= can take one of these three values:
SELINUX=enforcing
[root@centos7 ~]# bash selinux.sh off
Close The SELinux Success;But you should reboot to make selinux enabled!
[root@centos7 ~]# grep "SELINUX=" /etc/selinux/config
# SELINUX= can take one of these three values:
SELINUX=disable
二、统计/etc/fstab文件中每个文件系统类型出现的次数
#第一种方法
[root@centos7 ~]# awk '/^[^#]/{print $3}' /etc/fstab |sort |uniq -c
1 swap
3 xfs
#第二种方法 awk数组应用
[root@centos7 ~]# awk '/^[^#]/{num[$3]++}END{for(i in num) {print i,num[i]}}' /etc/fstab
swap 1
xfs 3
三、提取出字符串Yd$C@M05MB%9&Bdh7dq+YVixp3vpw中的所有数字
[root@centos7 ~]# echo 'Yd$C@M05MB%9&Bdh7dq+YVixp3vpw'|awk 'gsub(/[^0-9]/,"",$0)'
05973
四、解决DOS攻击生产案例:根据web日志或者或者网络连接数,监控当某个IP 并发连接数或者短时内PV达到100,即调用防火墙命令封掉对应的IP,监控频率每隔5分钟。防火墙命令为:iptables -A INPUT -s IP -j REJECT
#!/bin/bash
[ -n "$1" ] || { echo "Usage:`basename $0` file.log";exit 1; } #判断是否传有参数
file=$1
while true ; do
awk '{print $1}' $1|grep -v "^$"|sort|uniq -c > /tmp/tmp.log #取出IP计数与IP
exec < /tmp/tmp.log #while读入文件
while read line ; do
ip=`echo $line|awk '{print $2}'`
count=`echo $line|awk '{print $1}'`
if [ $count -gt 100 ] && [ `iptables -vnL|grep "$ip"|wc -l` -lt 1 ];then
iptables -A INPUT -s $IP -j REJECT
echo "$ip is rejected" > /tmp/droplist_$(date +%F).log
fi
done
sleep 300 #每分种监控一次
done
浙公网安备 33010602011771号