溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
本篇內容主要講解“生產環境中常用的shell腳本有哪些”,感興趣的朋友不妨來看看。本文介紹的方法操作簡單快捷,實用性強。下面就讓小編來帶大家學習“生產環境中常用的shell腳本有哪些”吧!
場景:惡意訪問,安全防范
1)屏蔽每分鐘訪問超過200的IP
方法1:根據訪問日志(Nginx為例)#!/bin/bashDATE=$(date +%d/%b/%Y:%H:%M)
ABNORMAL_IP=$(tail -n5000 access.log |grep $DATE |awk '{a[$1]++}END{for(i in a)if(a[i]>100)print i}')#先tail防止文件過大,讀取慢,數字可調整每分鐘最大的訪問量。awk不能直接過濾日志,因為包含特殊字符。for IP in $ABNORMAL_IP; do if [ $(iptables -vnL |grep -c "$IP") -eq 0 ]; then iptables -I INPUT -s $IP -j DROP
fidone方法2:通過TCP建立的連接#!/bin/bashABNORMAL_IP=$(netstat -an |awk '$4~/:80$/ && $6~/ESTABLISHED/{gsub(/:[0-9]+/,"",$5);{a[$5]++}}END{for(i in a)if(a[i]>100)print i}')#gsub是將第五列(客戶端IP)的冒號和端口去掉for IP in $ABNORMAL_IP; do if [ $(iptables -vnL |grep -c "$IP") -eq 0 ]; then iptables -I INPUT -s $IP -j DROP
fidone2)屏蔽每分鐘SSH嘗試登錄超過10次的IP
方法1:通過lastb獲取登錄狀態:#!/bin/bashDATE=$(date +"%a %b %e %H:%M") #星期月天時分 %e單數字時顯示7,而%d顯示07ABNORMAL_IP=$(lastb |grep "$DATE" |awk '{a[$3]++}END{for(i in a)if(a[i]>10)print i}')for IP in $ABNORMAL_IP; do if [ $(iptables -vnL |grep -c "$IP") -eq 0 ]; then iptables -I INPUT -s $IP -j DROP
fidone方法2:通過日志獲取登錄狀態#!/bin/bashDATE=$(date +"%b %d %H")
ABNORMAL_IP="$(tail -n10000 /var/log/auth.log |grep "$DATE" |awk '/Failed/{a[$(NF-3)]++}END{for(i in a)if(a[i]>5)print i}')"for IP in $ABNORMAL_IP; do if [ $(iptables -vnL |grep -c "$IP") -eq 0 ]; then iptables -A INPUT -s $IP -j DROP
echo "$(date +"%F %T") - iptables -A INPUT -s $IP -j DROP" >>~/ssh-login-limit.log
fidone方法1:#!/bin/bashfunction check_ip(){
IP=$1 VALID_CHECK=$(echo $IP|awk -F. '$1)
if echo $IP|grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$">/dev/null; then if [ $VALID_CHECK == "yes" ]; then echo "$IP available." else echo "$IP not available!" fi else echo "Format error!" fi}
check_ip 192.168.1.1
check_ip 256.1.1.1
方法2:#!/bin/bashfunction check_ip(){
IP=$1 if [[ $IP =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then FIELD1=$(echo $IP|cut -d. -f1)
FIELD2=$(echo $IP|cut -d. -f2)
FIELD3=$(echo $IP|cut -d. -f3)
FIELD4=$(echo $IP|cut -d. -f4)
if [ $FIELD1 -le 255 -a $FIELD2 -le 255 -a $FIELD3 -le 255 -a $FIELD4 -le 255 ]; then echo "$IP available." else echo "$IP not available!" fi else echo "Format error!" fi}
check_ip 192.168.1.1
check_ip 256.1.1.1
增加版:
加個死循環,如果IP可用就退出,不可用提示繼續輸入,并使用awk判斷。#!/bin/bashfunction check_ip(){
local IP=$1 VALID_CHECK=$(echo $IP|awk -F. '$1)
if echo $IP|grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then if [ $VALID_CHECK == "yes" ]; then return 0
else echo "$IP not available!" return 1
fi else echo "Format error! Please input again." return 1
fi}while true; do read -p "Please enter IP: " IP
check_ip $IP [ $? -eq 0 ] && break || continuedone方法1:#!/bin/bashif [[ $1 =~ ^[0-9]+$ ]]; then echo "Is Number."else echo "No Number."fi方法2:#!/bin/bashif [ $1 -gt 0 ] 2>/dev/null; then echo "Is Number."else echo "No Number."fi方法3:#!/bin/bashecho $1 |awk '{print $0~/^[0-9]+$/?"Is Number.":"No Number."}' #三目運算符12.14 找出包含關鍵字的文件
DIR=$1KEY=$2for FILE in $(find $DIR -type f); do if grep $KEY $FILE &>/dev/null; then echo "--> $FILE" fidone#!/bin/bashDIR=$1KEY=$2for FILE in $(find $DIR -type f); do if grep $KEY $FILE &>/dev/null; then echo "--> $FILE" fidone
場景:記錄目錄下文件操作。 需先安裝inotify-tools軟件包。#!/bin/bashMON_DIR=/opt inotifywait -mq --format %f -e create $MON_DIR |\while read files; do echo $files >> test.logdone
場景:服務器多個網卡時,獲取指定網卡,例如網卡流量#!/bin/bashfunction local_nic() { local NUM ARRAY_LENGTH NUM=0 for NIC_NAME in $(ls /sys/class/net|grep -vE "lo|docker0"); do NIC_IP=$(ifconfig $NIC_NAME |awk -F'[: ]+' '/inet addr/{print $4}') if [ -n "$NIC_IP" ]; then NIC_IP_ARRAY[$NUM]="$NIC_NAME:$NIC_IP" #將網卡名和對應IP放到數組 let NUM++ fi done ARRAY_LENGTH=${#NIC_IP_ARRAY[*]} if [ $ARRAY_LENGTH -eq 1 ]; then #如果數組里面只有一條記錄說明就一個網卡 NIC=${NIC_IP_ARRAY[0]%:*} return 0 elif [ $ARRAY_LENGTH -eq 0 ]; then #如果沒有記錄說明沒有網卡 echo "No available network card!" exit 1 else #如果有多條記錄則提醒輸入選擇 for NIC in ${NIC_IP_ARRAY[*]}; do echo $NIC done while true; do read -p "Please enter local use to network card name: " INPUT_NIC_NAME COUNT=0 for NIC in ${NIC_IP_ARRAY[*]}; do NIC_NAME=${NIC%:*} if [ $NIC_NAME == "$INPUT_NIC_NAME" ]; then NIC=${NIC_IP_ARRAY[$COUNT]%:*} return 0 else COUNT+=1 fi done echo "Not match! Please input again." done fi} local_nic
適用于CentOS6操作系統。#!/bin/bash# Description: Only CentOS6traffic_unit_conv() {
local traffic=$1 if [ $traffic -gt 1024000 ]; then printf "%.1f%s" "$(($traffic/1024/1024))" "MB/s" elif [ $traffic -lt 1024000 ]; then printf "%.1f%s" "$(($traffic/1024))" "KB/s" fi}
NIC=$1echo -e " In ------ Out"while true; do OLD_IN=$(awk -F'[: ]+' '$0~"'$NIC'"{print $3}' /proc/net/dev)
OLD_OUT=$(awk -F'[: ]+' '$0~"'$NIC'"{print $11}' /proc/net/dev)
sleep 1
NEW_IN=$(awk -F'[: ]+' '$0~"'$NIC'"{print $3}' /proc/net/dev)
NEW_OUT=$(awk -F'[: ]+' '$0~"'$NIC'"{print $11}' /proc/net/dev)
IN=$(($NEW_IN-$OLD_IN))
OUT=$(($NEW_OUT-$OLD_OUT))
echo "$(traffic_unit_conv $IN) $(traffic_unit_conv $OUT)" sleep 1done使用:./traffic.sh eth0#!/bin/bashDATE=$(date +%F_%H-%M-%S)
HOST=192.168.1.120
DB=testUSER=bak
PASS=123456
MAIL="zhangsan@example.com lisi@example.com"BACKUP_DIR=/data/db_backup
SQL_FILE=${DB}_full_$DATE.sql
BAK_FILE=${DB}_full_$DATE.zipcd $BACKUP_DIRif mysqldump -h$HOST -u$USER -p$PASS --single-transaction --routines --triggers -B $DB > $SQL_FILE; then zip $BAK_FILE $SQL_FILE && rm -f $SQL_FILE if [ ! -s $BAK_FILE ]; then echo "$DATE 內容" | mail -s "主題" $MAIL fielse echo "$DATE 內容" | mail -s "主題" $MAILfifind $BACKUP_DIR -name '*.zip' -ctime +14 -exec rm {} \;場景:使用源碼包安裝Nginx不含帶服務管理腳本,也就是不能使用"service nginx start"或"/etc/init.d/nginx start",所以寫了以下的服務管理腳本。#!/bin/bash# Description: Only support RedHat system. /etc/init.d/functionsWORD_DIR=/usr/local/nginx
DAEMON=$WORD_DIR/sbin/nginx
CONF=$WORD_DIR/conf/nginx.conf
NAME=nginx
PID=$(awk -F'[; ]+' '/^[^#]/{if($0~/pid;/)print $2}' $CONF)if [ -z "$PID" ]; then PID=$WORD_DIR/logs/nginx.pidelse PID=$WORD_DIR/$PIDfistop() {
$DAEMON -s stop
sleep 1
[ ! -f $PID ] && action "* Stopping $NAME" /bin/true || action "* Stopping $NAME" /bin/false}start() {
$DAEMON sleep 1
[ -f $PID ] && action "* Starting $NAME" /bin/true || action "* Starting $NAME" /bin/false}reload() {
$DAEMON -s reload
}test_config() {
$DAEMON -t
}case "$1" in start)
if [ ! -f $PID ]; then start
else echo "$NAME is running..." exit 0
fi ;;
stop)
if [ -f $PID ]; then stop
else echo "$NAME not running!" exit 0
fi ;;
restart)
if [ ! -f $PID ]; then echo "$NAME not running!"
start
else stop
start
fi ;;
reload)
reload
;;
testconfig)
test_config
;;
status)
[ -f $PID ] && echo "$NAME is running..." || echo "$NAME not running!" ;;
*)
echo "Usage: $0 {start|stop|restart|reload|testconfig|status}" exit 3
;;esacLinux主機SSH連接信息:# cat host.txtWeb 192.168.1.10 root 22
DB 192.168.1.11 root 22
內容格式:主機名 IP User Port#!/bin/bashPS3="Please input number: "HOST_FILE=host.txtwhile true; do select NAME in $(awk '{print $1}' $HOST_FILE) quit; do [ ${NAME:=empty} == "quit" ] && exit 0
IP=$(awk -v NAME=${NAME} '$1==NAME{print $2}' $HOST_FILE)
USER=$(awk -v NAME=${NAME} '$1==NAME{print $3}' $HOST_FILE)
PORT=$(awk -v NAME=${NAME} '$1==NAME{print $4}' $HOST_FILE)
if [ $IP ]; then echo "Name: $NAME, IP: $IP" ssh -o StrictHostKeyChecking=no -p $PORT -i id_rsa $USER@$IP # 密鑰免交互登錄 break else echo "Input error, Please enter again!" break fi donedone到此,相信大家對“生產環境中常用的shell腳本有哪些”有了更深的了解,不妨來實際操作一番吧!這里是億速云網站,更多相關內容可以進入相關頻道進行查詢,關注我們,繼續學習!
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
