1、编写脚本selinux.sh,实现开启或禁用SELinux功能
[root@centos7 ~]# vim selinx.sh
#!/bin/bash
#输入参数为on时,selinux功能开启;输入参数为off时,selinux功能被关闭;输入其他参数时,提示正确输入
case $1 in
on)
sed -i 's/SELINUX=disabled/SELINUX=enforcing/' /etc/selinux/config
echo "selinux is enabled"
;;
off)
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
echo "selinux is diabled"
;;
*)
echo "Please input correct string (on/off)"
exit 10
;;
esac
[root@centos7 ~]# bash selinx.sh on
selinux is enabled
[root@centos7 ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing #显示已开启
[root@centos7 ~]# bash selinx.sh off
selinux is diabled
[root@centos7 ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled #显示已禁用
[root@centos7 ~]# bash selinx.sh 000
Please input correct string (on/off) #提示正确输入
2、统计/etc/fstab文件中每个文件系统类型出现的次数
[root@centos7 ~]# vim filetype_num.sh
#!/bin/bash
#统计/etc/fstab中每个文件系统类型出现的次数
awk '/^UUID/{print $3}' /etc/fstab | sort | uniq -c
[root@centos7 ~]# bash filetype_num.sh
1 swap
3 xfs
3、提取出字符串Yd$C@M05MB%9&Bdh7dq+YVixp3vpw中的所有数字
[root@centos7 ~]# vim select_digit.sh
#!/bin/bash
echo 'Yd$C@M05MB%9&Bdh7dq+YVixp3vpw' | awk -F "" '
{
for (i=1;i<NF;i++)
{
if ($i ~ /[[:digit:]]/ )
{
str=$i
str_num=(str_num str)
}
}
print str_num
}'
[root@centos7 ~]# bash select_digit.sh
05973
4、解决DOS攻击生产案例:根据web日志或者或者网络连接数,监控当某个IP 并发连接数或者短时内PV达到100,即调用防火墙命令封掉对应的IP,监控频率每隔5分钟。防火墙命令为:iptables -A INPUT -s IP -j REJECT
[root@centos7 ~]# iptables --list #目前防火墙规则为空
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@centos7 ~]# vim iptables.sh #创建规则脚本
#!/bin/bash
lastb | awk '/ssh/{print $3}'| sort | uniq -c | sort -nr > /data/iptables.txt
while read count ip;do
if [ $count -gt 10 ];then
iptables -A INPUT -s $ip -j REJECT
fi
done < /data/iptables.txt
[root@centos7 ~]# chmod +x iptables.sh
[root@centos7 ~]# crontab -e #创建定时任务
*/5 * * * * /bin/bash /root/iptables.sh
[root@centos7 ~]# lastb #查看连接失败情况
root ssh:notty 192.168.44.72 Mon Mar 30 11:46 - 11:46 (00:00)
root ssh:notty 192.168.44.72 Mon Mar 30 11:46 - 11:46 (00:00)
root ssh:notty 192.168.44.72 Mon Mar 30 11:45 - 11:45 (00:00)
root ssh:notty 192.168.44.71 Mon Mar 30 11:45 - 11:45 (00:00)
root ssh:notty 192.168.44.71 Mon Mar 30 11:45 - 11:45 (00:00)
root ssh:notty 192.168.44.72 Mon Mar 30 11:45 - 11:45 (00:00)
root ssh:notty 192.168.44.72 Mon Mar 30 11:45 - 11:45 (00:00)
root ssh:notty 192.168.44.72 Mon Mar 30 11:45 - 11:45 (00:00)
root ssh:notty 192.168.44.72 Mon Mar 30 11:45 - 11:45 (00:00)
root ssh:notty 192.168.44.71 Mon Mar 30 11:45 - 11:45 (00:00)
root ssh:notty 192.168.44.72 Mon Mar 30 11:45 - 11:45 (00:00)
root ssh:notty 192.168.44.71 Mon Mar 30 11:44 - 11:44 (00:00)
root ssh:notty 192.168.44.71 Mon Mar 30 11:44 - 11:44 (00:00)
root ssh:notty 192.168.44.72 Mon Mar 30 11:40 - 11:40 (00:00)
root ssh:notty 192.168.44.72 Mon Mar 30 11:40 - 11:40 (00:00)
root ssh:notty 192.168.44.72 Mon Mar 30 11:40 - 11:40 (00:00)
btmp begins Mon Mar 30 11:40:16 2020
[root@centos7 ~]# cat /data/iptables.txt #脚本生成的文件
11 192.168.44.72
5 192.168.44.71
[root@centos7 ~]# iptables --list #将72加入了防火墙,禁止再连接
Chain INPUT (policy ACCEPT)
target prot opt source destination
REJECT all -- 192.168.44.72 anywhere reject-with icmp-port-unreachable
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@wei ~]#ssh 192.168.44.73 #被禁止
ssh: connect to host 192.168.44.73 port 22: Connection refused
