1、編寫腳本selinux.sh,實現開啓或禁用SELinux功能
[root@C76 ~]# cat selinux.sh
#!/bin/bash
read -p "please input character set selinux for {start|stop} :" s
se=$(sed -rn 's@^SELINUX=(.*)@\1@'p /etc/selinux/config)
if [ $s == 'start' ];then
if [ $se == 'enforcing' ];then
echo "selinux status is enforcing"
elif [ $se == 'disabled' ];then
sed -ri 's@^SELINUX=(.*)@SELINUX=enforcing@' /etc/selinux/config && echo "selinux is start "
fi
elif [ $s == 'stop' ];then
if [ $se == 'disabled' ];then
echo "selinux status is disabled"
elif [ $se == 'enforcing' ];then
sed -ri 's@^SELINUX=(.*)@SELINUX=disabled@' /etc/selinux/config && echo "selinux is stop"
fi
fi
2、統計/etc/fstab文件中每個文件系統類型出現的次數
[root@C76 ~]# cat /etc/fstab|grep "^/" |awk '{print $3}'|uniq -c
3、提取出字符串Yd$C@M05MB%9&Bdh7dq+YVixp3vpw中的所有數字
1、[root@C76 ~]# echo 'Yd$C@M05MB%9&Bdh7dq+YVixp3vpw' > ll.txt
2、[root@C76 ~]# cat ll.txt |grep -o [0-9]
結果:
4、解決DOS攻擊生產案例:根據web日誌或者或者網絡連接數,監控當某個IP 併發連接數或者短時內PV達到100,即調用防火牆命令封掉對應的IP,監控頻 率每隔5分鐘。防火牆命令爲:iptables -A INPUT -s IP -j REJECT
[root@C76 ~]# ss -ntpl| awk '{print $4}'|awk -F: '{print $1}'|grep ^[0-9]|uniq -c|sort -nr >/data/ss.log
[root@C76 ~]# cat fire.sh
#!/bin/bash
while read ip n;do
if [ $n -gt 100 ] ;then
iptables -A INPUT -s $ip -j REJECT
echo "from $ip $n rejecti" >> /tmp/reject.txt
fi
done < /data/ss.log