1.编写脚本selinux.sh,实现开启或禁用SELinux功能
read -p “please input selinux start|stop :” senew
seold=cat /etc/selinux/config | grep '^SELINUX=' | cut -d"=" -f2
if [ $senew == ‘start’ ];then
if [ $seold == ‘enforcing’ ];then
echo “selinux is enforcing”
elif [ $seold == ‘disabled’ ];then
sed -ri ‘s@^SELINUX=(.*)@SELINUX=enforcing@’ /etc/selinux/config
fi
elif [ $senew == ‘stop’ ];then
if [ $seold == ‘disabled’ ];then
echo “selinux is disabled”
elif [ $seold == ‘enforcing’ ];then
sed -ri ‘s@^SELINUX=(.*)@SELINUX=disabled@’ /etc/selinux/config
fi
fi
2.统计/etc/fstab文件中每个文件系统类型出现的次数
cat /etc/fstab | grep ‘^UUID=’ |awk ‘{print $3}’ | uniq -c
3.提取出字符串Yd$C@M05MB%9&Bdh7dq+YVixp3vpw中的所有数字
echo ‘Yd$C@M05MB%9&Bdh7dq+YVixp3vpw’ | tr -cd “[0-9]”
4.解决DOS攻击生产案例:根据web日志或者或者网络连接数,监控当某个IP 并发连接数或者短时内PV达到100,即调用防火墙命令封掉对应的IP,监控频 率每隔5分钟。防火墙命令为:iptables -A INPUT -s IP -j REJECT
#!/bin/bash
awk ‘{IP[$1]++}END{for(i in IP){print i,IP[i]}}’ /tmp/test.log > /tmp/testdata.log
while read ip number;do
if [ $number -gt 100 ] ;then
iptables -A INPUT -s $ip -j REJECT
fi
done < /tmp/testdata.log
实现每五分钟检查一次设置定时任务
*/5 * * * * /tmp/checkip.sh