1. 编写脚本selinux.sh,实现开启或禁用SELINUX功能。
脚本如下:
关闭selinux
[[email protected] scripts37]#bash -x selinux.sh
- read -p ‘please input character set selinux for {start|stop} :’ SE
please input character set selinux for {start|stop} :stop
++ sed -rn ‘[email protected]^SELINUX=(.*)@\[email protected]’ /etc/selinux/config - SEC=enforcing
- ‘[’ stop == start ‘]’
- ‘[’ stop == stop ‘]’
- ‘[’ enforcing == disabled ‘]’
- ‘[’ enforcing == enforcing ‘]’
- sed -ri ‘[email protected]^SELINUX=(.*)@[email protected]’ /etc/selinux/config
- echo ‘selinux stop succeed’
selinux stop succeed
开启selinux
[[email protected] scripts37]#bash -x selinux.sh - read -p ‘please input character set selinux for {start|stop} :’ SE
please input character set selinux for {start|stop} :start
++ sed -rn ‘[email protected]^SELINUX=(.*)@\[email protected]’ /etc/selinux/config - SEC=disabled
- ‘[’ start == start ‘]’
- ‘[’ disabled == enforcing ‘]’
- ‘[’ disabled == disabled ‘]’
- sed -ri ‘[email protected]^SELINUX=(.*)@[email protected]’ /etc/selinux/config
- echo ‘selinux start succeed’
selinux start succeed
2、统计/etc/fstab文件中每个文件系统类型出现的次数
grep “^UUID” /etc/fstab | awk -F" " ‘{print $3}’ | uniq -c
3、提取出字符串[email protected]%9&Bdh7dq+YVixp3vpw中的所有数字
echo “[email protected]%9&Bdh7dq+YVixp3vpw” | awk ‘{gsub(/[^0-9]/,"",$0);print $0}’
4、解决DOS攻击生产案例:根据web日志或者或者网络连接数,监控当某个IP 并发连接数或者短时内PV达到100,即调用防火墙命令封掉对应的IP,监控频 率每隔5分钟。防火墙命令为:iptables -A INPUT -s IP -j REJECT
将脚本存到计划任务中,设置定时任务计划:
[[email protected] ~]# crontab -e
*/5 * * * * /root/checkip.sh