标签:done git config etc ESS conf 系统 basename ble
编写脚本selinux.sh,实现开启或禁用SELinux功能[root@centos7 scripts]$cat selinux.sh
#!/bin/bash
#
STATE=`grep ‘SELINUX\>‘ /etc/selinux/config | grep -v ‘^#‘ | cut -d= -f2`
case $1 in
start)
[ "$STATE" = "enforcing" ] || sed -i ‘/SELINUX/s@disabled@enforcing@‘ /etc/selinux/config
echo "SELinux is enforcing..."
;;
stop)
[ "$STATE" = "disabled" ] || sed -i ‘/SELINUX/s@enforcing@disabled@‘ /etc/selinux/config
echo "SELinux is disabled..."
;;
status)
echo "SELinux is ${STATE}..."
;;
*)
echo "Usage:`basename $0` <start|stop|status>"
;;
esac统计/etc/fstab文件中每个文件系统类型出现的次数
[root@centos7 scripts]$awk ‘/^UUID/{count[$3]++}END{for(i in count){print i,count[i]}}‘ /etc/fstab
swap 1
xfs 3提取出字符串Yd$C@M05MB%9&Bdh7dq+YVixp3vpw中的所有数字
[root@centos7 scripts]$echo "Yd$C@M05MB%9&Bdh7dq+YVixp3vpw" | tr -dc ‘[[:digit:]]‘
05973[root@centos7 scripts]$
[root@centos7 scripts]$echo "Yd$C@M05MB%9&Bdh7dq+YVixp3vpw" | tr -dc ‘[[:digit:]]‘ |xargs
05973解决DOS***生产案例:根据web日志或者或者网络连接数,监控当某个IP 并发连接数或者短时内PV达到100,即调用防火墙命令封掉对应的IP,监控频 率每隔5分钟。防火墙命令为:iptables -A INPUT -s IP -j REJECT
[root@centos7 scripts]$cat dos.sh
#!/bin/bash
#
awk ‘{count[$1]++}END{for(i in count){if(count[i]>=100){print i,count[i]}}}‘ /data/scripts/access_log | while read IP COUNT; do
echo "${IP}访问了${COUNT}次数..."
/usr/sbin/iptables -A INPUT -s ${IP} -j REJECT
echo "${IP}被加入到了防火墙..."
sed -i "/${IP}/d" /data/scripts/access_log
done
[root@centos7 scripts]$crontab -l
*/5 * * * * /bin/bash /data/scripts/dos.sh标签:done git config etc ESS conf 系统 basename ble
原文地址:https://blog.51cto.com/14812296/2520831
