溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
本文目錄
11、iptables自動屏蔽訪問網站頻繁的IP 12、判斷用戶輸入的是否為IP地址 13、判斷用戶輸入的是否為數字 14、給定目錄找出包含關鍵字的文件 15、監控目錄,將新創建的文件名追加到日志中 16、給用戶提供多個網卡選擇 17、查看網卡實時流量 18、MySQL數據庫備份 19、Nginx服務管理腳本20、用戶根據菜單選擇要連接的Linux主機
11、iptables自動屏蔽訪問網站頻繁的IP
場景:惡意訪問,安全防范
1)屏蔽每分鐘訪問超過200的IP
方法1:根據訪問日志(Nginx為例)
#!/bin/bash
DATE=$(date?+%d/%b/%Y:%H:%M)
ABNORMAL_IP=$(tail?-n5000?access.log?|grep?$DATE?|awk?'{a[$1]++}END{for(i?in?a)if(a[i]>100)print?i}')
#先tail防止文件過大,讀取慢,數字可調整每分鐘最大的訪問量。awk不能直接過濾日志,因為包含特殊字符。
for?IP?in?$ABNORMAL_IP;?do
????if?[?$(iptables?-vnL?|grep?-c?"$IP")?-eq?0?];?then
????????iptables?-I?INPUT?-s?$IP?-j?DROP
????fi
done
方法2:通過TCP建立的連接
#!/bin/bash
ABNORMAL_IP=$(netstat?-an?|awk?'$4~/:80$/?&&?$6~/ESTABLISHED/{gsub(/:[0-9]+/,"",$5);{a[$5]++}}END{for(i?in?a)if(a[i]>100)print?i}')
#gsub是將第五列(客戶端IP)的冒號和端口去掉
for?IP?in?$ABNORMAL_IP;?do
????if?[?$(iptables?-vnL?|grep?-c?"$IP")?-eq?0?];?then
????????iptables?-I?INPUT?-s?$IP?-j?DROP
????fi
done
2)屏蔽每分鐘SSH嘗試登錄超過10次的IP
方法1:通過lastb獲取登錄狀態:
#!/bin/bash
DATE=$(date?+"%a?%b?%e?%H:%M")?#星期月天時分??%e單數字時顯示7,而%d顯示07
ABNORMAL_IP=$(lastb?|grep?"$DATE"?|awk?'{a[$3]++}END{for(i?in?a)if(a[i]>10)print?i}')
for?IP?in?$ABNORMAL_IP;?do
????if?[?$(iptables?-vnL?|grep?-c?"$IP")?-eq?0?];?then
????????iptables?-I?INPUT?-s?$IP?-j?DROP
????fi
done
方法2:通過日志獲取登錄狀態
#!/bin/bash
DATE=$(date?+"%b?%d?%H")
ABNORMAL_IP="$(tail?-n10000?/var/log/auth.log?|grep?"$DATE"?|awk?'/Failed/{a[$(NF-3)]++}END{for(i?in?a)if(a[i]>5)print?i}')"
for?IP?in?$ABNORMAL_IP;?do
????if?[?$(iptables?-vnL?|grep?-c?"$IP")?-eq?0?];?then
????????iptables?-A?INPUT?-s?$IP?-j?DROP
????????echo?"$(date?+"%F?%T")?-?iptables?-A?INPUT?-s?$IP?-j?DROP"?>>~/ssh-login-limit.log
????fi
done12、判斷用戶輸入的是否為IP地址
方法1:
#!/bin/bash
function?check_ip(){
????IP=$1
????VALID_CHECK=$(echo?$IP|awk?-F.?'$1<?=255&&$2<=255&&$3<=255&&$4<=255{print?"yes"}')
????if?echo?$IP|grep?-E?"^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$">/dev/null;?then
????????if?[?$VALID_CHECK?==?"yes"?];?then
????????????echo?"$IP?available."
????????else
????????????echo?"$IP?not?available!"
????????fi
????else
????????echo?"Format?error!"
????fi
}
check_ip?192.168.1.1
check_ip?256.1.1.1
方法2:
#!/bin/bash
function?check_ip(){
????IP=$1
????if?[[?$IP?=~?^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$?]];?then
????????FIELD1=$(echo?$IP|cut?-d.?-f1)
????????FIELD2=$(echo?$IP|cut?-d.?-f2)
????????FIELD3=$(echo?$IP|cut?-d.?-f3)
????????FIELD4=$(echo?$IP|cut?-d.?-f4)
????????if?[?$FIELD1?-le?255?-a?$FIELD2?-le?255?-a?$FIELD3?-le?255?-a?$FIELD4?-le?255?];?then
????????????echo?"$IP?available."
????????else
????????????echo?"$IP?not?available!"
????????fi
????else
????????echo?"Format?error!"
????fi
}
check_ip?192.168.1.1
check_ip?256.1.1.1
增加版:
加個死循環,如果IP可用就退出,不可用提示繼續輸入,并使用awk判斷。
#!/bin/bash
function?check_ip(){
????local?IP=$1
????VALID_CHECK=$(echo?$IP|awk?-F.?'$1<?=255&&$2<=255&&$3<=255&&$4<=255{print?"yes"}')
????if?echo?$IP|grep?-E?"^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$"?>/dev/null;?then
????????if?[?$VALID_CHECK?==?"yes"?];?then
????????????return?0
????????else
????????????echo?"$IP?not?available!"
????????????return?1
????????fi
????else
????????echo?"Format?error!?Please?input?again."
????????return?1
????fi
}
while?true;?do
????read?-p?"Please?enter?IP:?"?IP
????check_ip?$IP
????[?$??-eq?0?]?&&?break?||?continue
done13、判斷用戶輸入的是否為數字
方法1:
#!/bin/bash
if?[[?$1?=~?^[0-9]+$?]];?then
????echo?"Is?Number."
else
????echo?"No?Number."
fi
方法2:
#!/bin/bash
if?[?$1?-gt?0?]?2>/dev/null;?then
????echo?"Is?Number."
else
????echo?"No?Number."
fi
方法3:
#!/bin/bash
echo?$1?|awk?'{print?$0~/^[0-9]+$/?"Is?Number.":"No?Number."}'??#三目運算符
12.14?找出包含關鍵字的文件
DIR=$1
KEY=$2
for?FILE?in?$(find?$DIR?-type?f);?do
????if?grep?$KEY?$FILE?&>/dev/null;?then
????????echo?"-->?$FILE"
????fi
done14、給定目錄找出包含關鍵字的文件
#!/bin/bash DIR=$1 KEY=$2 for?FILE?in?$(find?$DIR?-type?f);?do ????if?grep?$KEY?$FILE?&>/dev/null;?then ????????echo?"-->?$FILE" ????fi done
15、監控目錄,將新創建的文件名追加到日志中
場景:記錄目錄下文件操作。 需先安裝inotify-tools軟件包。 #!/bin/bash MON_DIR=/opt inotifywait?-mq?--format?%f?-e?create?$MON_DIR?|\ while?read?files;?do ??echo?$files?>>?test.log done
16、給用戶提供多個網卡選擇
場景:服務器多個網卡時,獲取指定網卡,例如網卡流量 #!/bin/bash function?local_nic()?{ ????local?NUM?ARRAY_LENGTH ????NUM=0 ????for?NIC_NAME?in?$(ls?/sys/class/net|grep?-vE?"lo|docker0");?do ????????NIC_IP=$(ifconfig?$NIC_NAME?|awk?-F'[:?]+'?'/inet?addr/{print?$4}') ????????if?[?-n?"$NIC_IP"?];?then ????????????NIC_IP_ARRAY[$NUM]="$NIC_NAME:$NIC_IP"????#將網卡名和對應IP放到數組 ????????????let?NUM++ ????????fi ????done ????ARRAY_LENGTH=${#NIC_IP_ARRAY[*]} ????if?[?$ARRAY_LENGTH?-eq?1?];?then?????#如果數組里面只有一條記錄說明就一個網卡 ????????NIC=${NIC_IP_ARRAY[0]%:*} ????????return?0 ????elif?[?$ARRAY_LENGTH?-eq?0?];?then???#如果沒有記錄說明沒有網卡 ????????echo?"No?available?network?card!" ????????exit?1 ????else ????????#如果有多條記錄則提醒輸入選擇 ????????for?NIC?in?${NIC_IP_ARRAY[*]};?do ????????????echo?$NIC ????????done ????????while?true;?do ????????????read?-p?"Please?enter?local?use?to?network?card?name:?"?INPUT_NIC_NAME ????????????COUNT=0 ????????????for?NIC?in?${NIC_IP_ARRAY[*]};?do ????????????????NIC_NAME=${NIC%:*} ????????????????if?[?$NIC_NAME?==?"$INPUT_NIC_NAME"?];?then ????????????????????NIC=${NIC_IP_ARRAY[$COUNT]%:*} ????????????????????return?0 ????????????????else ???????????????????COUNT+=1 ????????????????fi ????????????done ????????????echo?"Not?match!?Please?input?again." ????????done ????fi } local_nic
17、查看網卡實時流量
適用于CentOS6操作系統。
#!/bin/bash
#?Description:?Only?CentOS6
traffic_unit_conv()?{
????local?traffic=$1
????if?[?$traffic?-gt?1024000?];?then
????????printf?"%.1f%s"?"$(($traffic/1024/1024))"?"MB/s"
????elif?[?$traffic?-lt?1024000?];?then
????????printf?"%.1f%s"?"$(($traffic/1024))"?"KB/s"
????fi
}
NIC=$1
echo?-e?"?In?------?Out"
while?true;?do
????OLD_IN=$(awk?-F'[:?]+'?'$0~"'$NIC'"{print?$3}'?/proc/net/dev)
????OLD_OUT=$(awk?-F'[:?]+'?'$0~"'$NIC'"{print?$11}'?/proc/net/dev)
????sleep?1
????NEW_IN=$(awk?-F'[:?]+'?'$0~"'$NIC'"{print?$3}'?/proc/net/dev)
????NEW_OUT=$(awk?-F'[:?]+'?'$0~"'$NIC'"{print?$11}'?/proc/net/dev)
????IN=$(($NEW_IN-$OLD_IN))
????OUT=$(($NEW_OUT-$OLD_OUT))
????echo?"$(traffic_unit_conv?$IN)?$(traffic_unit_conv?$OUT)"
????sleep?1
done
使用:./traffic.sh?eth018、MySQL數據庫備份
#!/bin/bash
DATE=$(date?+%F_%H-%M-%S)
HOST=192.168.1.120
DB=test
USER=bak
PASS=123456
MAIL="zhangsan@example.com?lisi@example.com"
BACKUP_DIR=/data/db_backup
SQL_FILE=${DB}_full_$DATE.sql
BAK_FILE=${DB}_full_$DATE.zip
cd?$BACKUP_DIR
if?mysqldump?-h$HOST?-u$USER?-p$PASS?--single-transaction?--routines?--triggers?-B?$DB?>?$SQL_FILE;?then
????zip?$BAK_FILE?$SQL_FILE?&&?rm?-f?$SQL_FILE
????if?[?!?-s?$BAK_FILE?];?then
????????????echo?"$DATE?內容"?|?mail?-s?"主題"?$MAIL
????fi
else
????echo?"$DATE?內容"?|?mail?-s?"主題"?$MAIL
fi
find?$BACKUP_DIR?-name?'*.zip'?-ctime?+14?-exec?rm?{}?\;19、Nginx服務管理腳本
場景:使用源碼包安裝Nginx不含帶服務管理腳本,也就是不能使用"service?nginx?start"或"/etc/init.d/nginx?start",所以寫了以下的服務管理腳本。
https://article.pchome.net/content-2100027.html
http://www.51cto.com/it/news/2019/0909/14338.html
https://www.linuxprobe.com/books
#!/bin/bash
#?Description:?Only?support?RedHat?system
.?/etc/init.d/functions
WORD_DIR=/usr/local/nginx
DAEMON=$WORD_DIR/sbin/nginx
CONF=$WORD_DIR/conf/nginx.conf
NAME=nginx
PID=$(awk?-F'[;?]+'?'/^[^#]/{if($0~/pid;/)print?$2}'?$CONF)
if?[?-z?"$PID"?];?then
????PID=$WORD_DIR/logs/nginx.pid
else
????PID=$WORD_DIR/$PID
fi
stop()?{
????$DAEMON?-s?stop
????sleep?1
????[?!?-f?$PID?]?&&?action?"*?Stopping?$NAME"??/bin/true?||?action?"*?Stopping?$NAME"?/bin/false
}
start()?{
????$DAEMON
????sleep?1
????[?-f?$PID?]?&&?action?"*?Starting?$NAME"??/bin/true?||?action?"*?Starting?$NAME"?/bin/false
}
reload()?{
????$DAEMON?-s?reload
}
test_config()?{
????$DAEMON?-t
}
case?"$1"?in
????start)
????????if?[?!?-f?$PID?];?then
????????????start
????????else
????????????echo?"$NAME?is?running..."
????????????exit?0
????????fi
????????;;
????stop)
????????if?[?-f?$PID?];?then
????????????stop
????????else
????????????echo?"$NAME?not?running!"
????????????exit?0
????????fi
????????;;
????restart)
????????if?[?!?-f?$PID?];?then
????????????echo?"$NAME?not?running!"?
????????????start
????????else
????????????stop
????????????start
????????fi
????????;;
????reload)
????????reload
????????;;
????testconfig)
????????test_config
????????;;
????status)
????????[?-f?$PID?]?&&?echo?"$NAME?is?running..."?||?echo?"$NAME?not?running!"
????????;;
????*)
????????echo?"Usage:?$0?{start|stop|restart|reload|testconfig|status}"
????????exit?3
????????;;
esac20、用戶根據菜單選擇要連接的Linux主機
Linux主機SSH連接信息:
#?cat?host.txt
Web?192.168.1.10?root?22
DB?192.168.1.11?root?22
內容格式:主機名?IP?User?Port
#!/bin/bash
PS3="Please?input?number:?"
HOST_FILE=host.txt
while?true;?do
????select?NAME?in?$(awk?'{print?$1}'?$HOST_FILE)?quit;?do
????????[?${NAME:=empty}?==?"quit"?]?&&?exit?0
????????IP=$(awk?-v?NAME=${NAME}?'$1==NAME{print?$2}'?$HOST_FILE)
????????USER=$(awk?-v?NAME=${NAME}?'$1==NAME{print?$3}'?$HOST_FILE)
????????PORT=$(awk?-v?NAME=${NAME}?'$1==NAME{print?$4}'?$HOST_FILE)
????????if?[?$IP?];?then
????????????echo?"Name:?$NAME,?IP:?$IP"
????????????ssh?-o?StrictHostKeyChecking=no?-p?$PORT?-i?id_rsa?$USER@$IP??#?密鑰免交互登錄
????????????break
????????else
????????????echo?"Input?error,?Please?enter?again!"
????????????break
????????fi
????done
done動手練一練,讓你的Shell功底上升一個段位!
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
