1、编写脚本selinux.sh,实现开启或禁用SELinux功能
#!/bin/bash echo "########################################" echo -e "Current status:\n`sestatus`" echo "########################################" echo -e "\n" read -p "Please input enable|disable|permissive|quit to set selinux:" Arg if [ $Arg == "enable" ] ; then setenforce 1 sed -ri.bak "s#^SELINUX=.*#SELINUX=enforcing#" /etc/selinux/config &>/dev/null echo "Selinux current status is `getenforce`" echo "Selinux'config file is set `sed -n "/^SELINUX=/p" /etc/selinux/config`" exit elif [ $Arg == "disable" ] ; then setenforce 0 sed -ri.bak "s#^SELINUX=.*#SELINUX=disabled#" /etc/selinux/config &>/dev/null echo "Selinux current status is `getenforce`,But Disabled's status need to reboot" echo "Selinux'config file is set `sed -n "/^SELINUX=/p" /etc/selinux/config`" exit elif [ $Arg == "permissive" ] ; then setenforce Permissive sed -ri.bak "s#^SELINUX=.*#SELINUX=Permissive#" /etc/selinux/config &>/dev/null echo "Selinux current status is `getenforce`" echo "Selinux'config file is set `sed -n "/^SELINUX=/p" /etc/selinux/config`" exit else [ $Arg == "quit" ] echo "The shell exit" exit fi
2、统计/etc/fstab文件中每个文件系统类型出现的次数
方法一:
[root@centos7 script]# cat /etc/fstab # # /etc/fstab # Created by anaconda on Mon Aug 31 04:22:36 2020 # # Accessible filesystems, by reference, are maintained under '/dev/disk' # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info # UUID=880d392a-a957-4a2d-bd3d-ac27c3dd0ea5 / xfs defaults 0 0 UUID=d2a861a3-f322-42ce-b888-6b54ebec59aa /boot xfs defaults 0 0 UUID=f0a2ac4f-21e0-4b02-a97e-6c616ce051a8 /data xfs defaults 0 0 UUID=f62508ed-244e-4c41-8f4b-383ce6047674 swap swap defaults 0 0 [root@centos7 script]# egrep -v '^#|^$' /etc/fstab |awk '{print $3}'|uniq -c 3 xfs 1 swap
方法二:
[root@centos7 script]# grep 'UUID' /etc/fstab |tr -s ' ' UUID=880d392a-a957-4a2d-bd3d-ac27c3dd0ea5 / xfs defaults 0 0 UUID=d2a861a3-f322-42ce-b888-6b54ebec59aa /boot xfs defaults 0 0 UUID=f0a2ac4f-21e0-4b02-a97e-6c616ce051a8 /data xfs defaults 0 0 UUID=f62508ed-244e-4c41-8f4b-383ce6047674 swap swap defaults 0 0 [root@centos7 script]# grep 'UUID' /etc/fstab |tr -s ' '|cut -d' ' -f 3 xfs xfs xfs swap [root@centos7 script]# grep 'UUID' /etc/fstab |tr -s ' '|cut -d' ' -f 3|uniq -c 3 xfs 1 swap [root@centos7 script]#
方法三:
[root@centos7 script]# sed -r '/^#|^$/d' /etc/fstab UUID=880d392a-a957-4a2d-bd3d-ac27c3dd0ea5 / xfs defaults 0 0 UUID=d2a861a3-f322-42ce-b888-6b54ebec59aa /boot xfs defaults 0 0 UUID=f0a2ac4f-21e0-4b02-a97e-6c616ce051a8 /data xfs defaults 0 0 UUID=f62508ed-244e-4c41-8f4b-383ce6047674 swap swap defaults 0 0 [root@centos7 script]# sed -r '/^#|^$/d' /etc/fstab|tr -s ' '|cut -d' ' -f3 xfs xfs xfs swap [root@centos7 script]# sed -r '/^#|^$/d' /etc/fstab|tr -s ' '|cut -d' ' -f3|uniq -c 3 xfs 1 swap
方法四:
[root@centos7 script]# awk '/UUID/' /etc/fstab UUID=880d392a-a957-4a2d-bd3d-ac27c3dd0ea5 / xfs defaults 0 0 UUID=d2a861a3-f322-42ce-b888-6b54ebec59aa /boot xfs defaults 0 0 UUID=f0a2ac4f-21e0-4b02-a97e-6c616ce051a8 /data xfs defaults 0 0 UUID=f62508ed-244e-4c41-8f4b-383ce6047674 swap swap defaults 0 0 [root@centos7 script]# awk '/UUID/{print $3}' /etc/fstab xfs xfs xfs swap [root@centos7 script]# awk '/UUID/{print $3}' /etc/fstab |uniq -c 3 xfs 1 swap
3、提取出字符串Yd$C@M05MB%9&Bdh7dq+YVixp3vpw中的所有数字
[root@centos7 script]# echo "Yd$C@M05MB%9&Bdh7dq+YVixp3vpw" | awk '{gsub(/[^0-9]/,"",$0);print $0}' 05973
4、解决DOS攻击生产案例:根据web日志或者或者网络连接数,监控当某个IP 并发连接数或者短时内PV达到100,即调用防火墙命令封掉对应的IP,监控频 率每隔5分钟。防火墙命令为:iptables -A INPUT -s IP -j REJECT
cat /root/access_log | awk '{IP[$1]++}END{for(i in IP){print i,IP[i]}}' > /tmp/hosts.txt while read ip number;do if [ $number -gt 100 ] ;then iptables -A INPUT -s $ip -j REJECT echo "from $ip $number rejected" >> /tmp/reject.txt fi done < /tmp/hosts.txt
浙公网安备 33010602011771号