Assignment for week 10 -N42- open-minded

First, write a script selinux.sh, implement SELinux enables or disables the function

[root@centos7 ~]#vim selinux.sh 
#!/bin/bash

confdir=/etc/selinux/config

case "$1" in 

on)
  sed -ir 's/^SELINUX=.*/SELINUX=enforcing/' $confdir
  echo "Open The SELinux Success!"
  ;;
off)
  sed -ir 's/^SELINUX=.*/SELINUX=disable/' $confdir
  echo "Close The SELinux Success;But you should reboot to make selinux enabled!"
  ;;
*)
  echo "Usage:`basename $0` on|off"
  exit 1
  ;;
esac
[root@centos7 ~]# bash selinux.sh on
Open The SELinux Success!
[root@centos7 ~]# grep  "SELINUX=" /etc/selinux/config
# SELINUX= can take one of these three values:
SELINUX=enforcing
[root@centos7 ~]# bash selinux.sh off
Close The SELinux Success;But you should reboot to make selinux enabled!
[root@centos7 ~]# grep  "SELINUX=" /etc/selinux/config
# SELINUX= can take one of these three values:
SELINUX=disable

Second, the number of statistical / etc / fstab file for each file system type appears 

#the first method
[root@centos7 ~]# awk '/^[^#]/{print $3}' /etc/fstab |sort |uniq -c
      1 swap
      3 xfs
# The second method awk array of applications
[root@centos7 ~]# awk '/^[^#]/{num[$3]++}END{for(i in num) {print i,num[$i]}}' /etc/fstab
swap 
xfs 

Third, all the extracted numeric string Yd $ C @ M05MB% 9 & Bdh7dq + YVixp3vpw in

[root@centos7 ~]# echo 'Yd$C@M05MB%9&Bdh7dq+YVixp3vpw'|awk 'gsub(/[^0-9]/,"",$0)'
05973

Fourth, to solve production DOS attack case: According to the web log or network connections or, when a monitor or IP number of concurrent connections reaches 100 PV within a short time, that is, call firewall command sealing of the corresponding IP, frequency of monitoring every 5 minutes. Firewall command: iptables -A INPUT -s IP -j REJECT

#!/bin/bash

[ -N " $. 1 " ] {|| echo  " the Usage:` 0` file.log the basename $ " ; Exit . 1 ;} # determines whether there is transmission parameters

file=$1

the while  to true ; do 
  awk  ' {}. 1 Print $ ' $ . 1 | grep -v " ^ $ " | Sort | the uniq -C> / tmp / tmp.LOG # count and extracted IP IP
  exec < /tmp/tmp.log   #while读入文件
  while read line ; do
    ip=`echo $line|awk '{print $2}'`
    count=`echo $line|awk '{print $1}'`
    if [ $count -gt 100 ] && [ `iptables -vnL|grep "$ip"|wc -l` -lt 1 ];then
        iptables -A INPUT -s $IP -j REJECT
        echo "$ip is rejected" > /tmp/droplist_$(date +%F).log
    fi
  done
  sleep 300  #每分种监控一次
done