一、编写脚本selinux.sh,实现开启或禁用SELinux功能
#!/bin/bash
#
#*************************************
#author: liangmingyong
#QQ: 515291006
#email: 515291006@qq.com
#version: 1.0
#date: 2020-06-23
#description: The test script
#*************************************
read -p "selinux {start|stop} : " SELINUX
SE=`sed -rn 's/^SELINUX=(.*)/\1/'p /etc/selinux/config`
if [ $SELINUX == 'start' ] ;then
if [ $SE == 'enforcing' ];then
echo "Selinux status is enforcing"
elif [ $SE == 'disabled' ];then
sed -ri 's/^SELINUX=(.*)/SELINUX=enforcing/' /etc/selinux/config && echo "SElinux start succeed"
fi
elif [ $SELINUX == 'stop' ] ;then
if [ $SE == 'disabled' ];then
echo "Selinux status is disabled"
elif [ $SE == 'enforcing' ];then
sed -ri 's/^SELINUX=(.*)/SELINUX=disabled/' /etc/selinux/config && echo "SElinux stop succeed"
fi
fi
二、统计/etc/fstab文件中每个文件系统类型出现的次数
grep "^UUID" /etc/fstab |awk '{print $3}'|sort|uniq -c
cat /etc/fstab | awk '/^UUID/{sys[$3]++}END{for(i in sys){print i,sys[i]}}'
awk '$0 ~ "^UUID" {print $3}' /etc/fstab |uniq -c
awk '/^UUID/{print $3}' /etc/fstab |uniq -c
三、提取出字符串Yd$C@M05MB%9&Bdh7dq+YVixp3vpw中的所有数字
echo "Yd$C@M05MB%9&Bdh7dq+YVixp3vpw" | awk '{gsub(/[^0-9]/,"",$0);print $0}'
四、解决DOS攻击生产案例:根据web日志或者或者网络连接数,监控当某个IP 并发连接数或者短时内PV达到100,即调用防火墙命令封掉对应的IP,监控频 率每隔5分钟。防火墙命令为:iptables -A INPUT -s IP -j REJECT
#!/bin/bash
#
#*************************************
#author: liangmingyong
#QQ: 515291006
#email: 515291006@qq.com
#version: 1.0
#date: 2020-06-29
#description: The test script
#*************************************
TXT=/root/scripts/tmp.txt
ss -nt | awk -F'[ :]+' '/ESTAB/{print $6}'|sort|uniq -c >$TXT
while read line;do
NUM=`echo $line|awk '{print $1}'`
IP=`echo $line|awk '{print $2}'`
if [ $NUM -ge 100 ];then
iptables -A INPUT -s $IP -j REJECT
echo "$IP is rejected"
fi
done <$TXT
*/5 * * * * root /root/scripts/iptables.sh &> /dev/null