1. Write a script selinux.sh to enable or disable the selinux function
[19:41:44 root@centos7 scripts]#cat selinux.sh
#!/bin/bash
#--------------------------
# Filename: *.sh
# Revision:1.1
# Date: 2020-08-01
# Author:lcg
# E-mail:[email protected]
# Website:https://blog.51cto.com/8683332
# Description:this is a shell script
# Copyright:2020 li
# License:GPL
#--------------------------
#
date="`date +%F-%T`"
COLOR="\e[1;32m"
COLOREND="\e[0m"
#set -ue
if [ $# -eq 1 ] ;then
selinuxdir=/etc/selinux/config
case "$1" in
on)
sed -ir 's/^SELINUX=.*/SELINUX=enforcing/' $selinuxdir
echo "The SELinux is running,you should be care doing everythings ! And you should reboot the system to make selinux enabled!"
;;
off)
sed -ir 's/^SELINUX=.*/SELINUX=disabled/' $selinuxdir
echo " The SELinux is closed Success; And you should reboot the system to make selinux disabled!"
;;
*)
echo "Usage:`basename $0` on|off"
exit 1
;;
esac
else
echo "$0 Usage is : $0 on/off"
fi
2. Count the number of occurrences of each file system type in the /etc/fstab file
[17:31:30 root@centos7 ~]#cat /etc/fstab |grep -Ev '^[ ]+|[#]+' | awk '{if (NR>1)print $3}' |sort | uniq -c
1 ext4
2 xfs
[19:45:28 root@centos7 scripts]#cat /etc/fstab | awk '!/^ +|#/{if (NR>1)print $3}' |sort |uniq -c
1 ext4
2 xfs
3. Extract all numbers in the string Yd$C@M05MB%9&Bdh7dq+YVixp3vpw
[16:48:36 root@centos7 ~]#echo "Yd$C@M05MB%9&Bdh7dq+YVixp3vpw" | awk '{gsub(/[^0-9]/,"",$0);print $0}'
05973
[17:21:49 root@centos7 ~]#echo 'Yd$C@M05MB%9&Bdh7dq+YVixp3vpw'|awk 'gsub(/[^0-9]/,"",$0)'
05973
[17:12:48 root@centos7 ~]#Not echo "Yd$C@M05MB%9&Bdh7dq+YVixp3vpw" | sed -nr 's/^.*([0]+[0-9)+]).*([0-9]+).*([0-9]+).*([0-9]+).*$/\1\2\3\4/p'
universal
05973
4. Solve the production case of Dos***: According to the web log or the number of network connections, monitor when the number of concurrent connections of a certain IP or the PV reaches 100 within a short period of time, call the firewall command to block the corresponding IP, the monitoring frequency: every 5 Minutes, the firewall command is: iptables -A input -s IP -j REJECT
[20:36:27 root@centos7 scripts]#cat Ddos.sh
#!/bin/bash
#--------------------------
#Filename:*.sh
#Revision:1.1
#Date:2020-08-01
#Author:lcg
#E-mail:[email protected]
#Website:https://blog.51cto.com/8683332
#Description:thisisashellscript
#Copyright:2020li
#License:GPL
#--------------------------
#
#date="`date+%F-%T`"
#COLOR="\e[1;32m"
#COLOREND="\e[0m"
#set-ue
log=access.log
[ -f $log ] || touch $log
function add_iptables(){
while read line
do
ip=`echo $line|awk '{print $2}'`
count=`echo $line|wc -l`
if [ $count -gt 100 ] && [`iptables -L -n|grep "$ip"|wc -l` -lt 1 ]
then
iptables -I INPUT -s $ip -jDROP
echo "$line isdropped" >>/tmp/droplist.log
fi
done<$log
}
function main(){
while true
do
netstat -an|grep EST|awk '{print $(NF-1)}'|awk -F '[:]' '{print $1}'|sort|uniq -c >$log
add_iptables
sleep 180
done
}
main
[20:36:32 root@centos7 scripts]#cat /tmp/droplist.log
7 127.0.0.1 is dropped
34 169.254.86.82 is dropped
18 172.16.100.125 is dropped
204 172.16.100.76 is dropped
14 172.16.23.100 is dropped
112 172.16.233.133 is dropped
68 172.16.250.227 is dropped
12 192.168.1.100 is dropped
22 192.168.1.106 is dropped
68 192.168.1.107 is dropped
24 192.168.1.109 is dropped
83 192.168.1.110 is dropped
27 192.168.1.112 is dropped
583 192.168.1.113 is dropped
12 192.168.1.114 is dropped
1220 192.168.1.117 is dropped
110 192.168.1.118 is dropped
13 192.168.1.121 is dropped
1134 192.168.1.31 is dropped
5. Tips for deleting spaces in vim
删除空格行:
非编辑状态下输入:g/^$/d
删除行首空格:
非编辑状态下输入:%s/^\s*//g
删除行尾空格:
非编辑状态下输入:%s/\s*$//g
VIM删除空白行
在命令状态下输入:
:g/^\s*$/d
:g 代表在全文档范围内
^代表行的开始
\s*代表空白字符
&代表行的结束
d代表删除
格式:用//将3段代码隔开