9 个实用的 Shell 脚本范例.docx

1、Dos攻击防范自动屏蔽攻击IP)÷%d%b%Y:%H:XM)1.OGmFI1.EusIoca1ngin×logsdemo2.access.IogABNORMA1.-IP=>(tail-5$IOG_FI1.Egrep$DATlawk,a$l+ENDfor(iin)if(ai>10)printi),)forIPin$ABNORMA1._IP;doif$(iptables-vn1.Igrep-c-eq0;thenIptables-IINPUT-s$IP-jDROPechoM$(date+,XF-%T,)$IPM>>八mp/drop/p.logfidone2、1.inux系统发送告警脚本#yuminsta1.1.max1.xitvietcaai1.rcsetfrom=baOjingtOngZhi163.coSmtP=smtp.163.COmSetSmtP-auth-user=baOjingtOngZhismtp-auth-password*setsmtp-auth三login3、MySQ1.数据库备份单循环ff!/bin/bahDATES(date+%F_XH-%>1-%S)HOST-localhostUSER-backupPASS-BACKUP_DIR-/data/db_backupDB_1.IST=$(mysql-h$HOST-uSUSER-p$PASS-s-e"showdatabases;-2>devnullegrep-v"Databaseinformation-schemamysqlperformance-schemasys")forDBin$DB_1.IST;doBACKUP_NAME=$BACKUP_DIR/$DB_$OATE.sqlifImysqldump-h$HOST-u$USER-PSPASS-B$D8>$BACKUP_NAME2>devnull;thenecho"$BACKUP_NAME备份失败！"fidone4、MySQ1.数据库备份多循环DATE“(date+%F_%H-%M-%S)HOST-localhostUSER-backupPASS-BACKUP_DIR-/data/db_backupDB_1.IST=$(mysql-h$HoST-uJUSER-p$PASS-s-e"showdatabases;"2>devnullegrep-v"Databaseinformation-schemamysqlperformance-schemasys")forDBin$DB_1.IST；doBACKUP_DB_DIR-$BACKUP_DIR/$DB_$DATE!-dSBACKUP.DBDIR&&mkdir-p$BACKUP_DB_DIR&>/dev/nullTAB1.E_1.IST=$(mysql-h$HOSl-uUSER-p$PASS-s-e-USe$DB;showtables；"2>devnull)forTAB1.Ein$TAB1.E_1.IST;doBACKUP_NAME»$BACKUP_DB_DIR/$TAB1.E).sqlif!InySqIdUmP-h$HOST-U$USER-p*PASS$DBSTAB1.E>$BACKUP_NAME2>devnull;thenACKUPNAME备份失败I"fidonedone5.Nginx访问访问日志按天切割1.OG-DIR=usrncal/nginx/logsYESTERDAY_TIME=$(date-d'yesterday"+%F)1.OG_MONTH_DIR=$1.OG_DIR/$(date+"%Y-%m")1.OG_FI1.E_1.IST-default.access.log"for1.OG.FI1.Ein$1.OG_FI1.E_1.IST；doI-d$1.OG_MoNTH_DIR&&akdir-p$1.OG_MONTH_DlRmv$1.OGDIR/$1.OGFI1.E$1.OG_MONTH_DIR/$1.OG_FI1.E_$YESTERDAY_TIMEdonekill-USRl$(Catvarrunngin×.pid)6、Nginx访问日志分析脚本#!/bin/bash#H志格式：$remote_addr-$remote_user$time_local"Jrequest"Sstatus$body_bytes_sent-$http_referer""$http_user_agent""$http_x_forwarded_for"1.OG_FI1.E=Ilecho”统计访问Jft多的10个IP-awk'a$l+ENDprint"UV:",Iength（八）;for(vina)printv,av'$1.OG_FI1.EIsort-k2-nrIhead-lechoecho"统计时间段访问G?的IP"awk'j4>="Dec2l8:13:20:25"&&$4<="27/Nov/2ei8:16:20:49-a$l+ENDfor(vina)printv,av'$1.OG_FI1.EIsort-k2-nrhead-lecho""echo”统计访("JM多的10个页面"awk'a(j7+ENDprint",PV:",length（八）;for(vina)if(a(v>10)printv,av)'$1.OGFI1.EIsort-k2-nrecho"-"echo”统计访M页Ihi状态Fi数fit"awkaS7*"j9+ENDfor(vIna)if(av>5)printv,av),7、堂看网卡实时流IS脚本NIC=Jlecho-eeInOufrjhiIetrue;doO1.D_IN=$(awk'S-"'SNIC,"(print'S-',tNIC'"printSNIC,"print"Se-",SNIC,"print$2'procnetdev)$10'procnetdev)$2),procnetdev)$10'procnetdev)H$(<($NEW_IN-$O1.D_IN)/1024)""KBs")"$($NEW_WT-$O1.D_OUT)/124)""KB/S")O1.D_OUT=$(awksleep1NEW_IN=$(awkNEW_OUT-$(awkIN=J(printf,X.lfXs"OUT=*(printf"X.lf%s"echo"$IN$OUT"sleepIdone8、服务器系统配置初始化脚本In-susrsharezoneinfoAsiaShanghaiZetcZlocaltimeif!crontab-1grepntpdate>devnull;then(echo"*1*>devnull2>&l"crontab-1)ICrontabfise(inuxsed-i'/SE1.INUX/spermissivedisabled,etcselinuxconfigifegrep"7.0-9"/etc/redhat-release>devnull;thenSystemctlstopfirewalldsystemctldisablefIrewalldelifegrep,6.0-9metcredhat-release&>/dev/null;thenserviceiptablesstopChkconfigiptablesOfffiifIgrepHISTTlMEFoRMATetcbashrc;thenecho,exportHISTTIMEFORMATJ%F%T,whoami,>>etcbashrcfiif!grep,TMOUT=600"etcprofile&>/dev/nul1;thenecho-exportTMOUT=600”>>etcprofilefised-iaSZfPerniitRoot1.oginyesPer*itRoot1.oginno/'etcsshsshd-config':sed-i,s/AMAI1.TO=root/MAI1.TO=M"/'etccrontabifIgrep-softnofile65535”etcsecritylimits.confS>devnull;thencatetcsecuritylimits.cof<<EOF*softnofile65535hardnofile65535EOFficat>etcsysctl.conf<<EOFnet.ipv4.tc-sycookies-Inet.ipv4.tc-ma×-tw-buckets»248net.ipv4.tcp-ma×-syn-backlog«dev-max-backlog-262144net.ipv4.tcp-fin-timeout20EOFecho-0">procsysvmswappinessyuminstallgccmakeautoconfvimsysstatnet-toolsiostatif9、监控100台服务器磁盘利用率脚本HOST_INFO=host.infoforIPin$(awk'/AA#/print$1'$HoS1.lNF0);doUSER=$(axk-vip=$IP'ip*=Jlprint$2'$HoSTjNFO)PORT=J(awk-vip=$IP'ip=$lprint$3'$HOST_INFO)TMP_FI1.E-tmpdisk.trnpSSh-p$PORT$1JSE昭$1P'df-h,>$TMP_Fl1.EUSE_RATE_1.IST=$(awk*BEGINOFS="=./AVdeV/print$NF,int($5)'ITMP_Fl1.E)forUSE-RATEin$USE_RATE_1.IST;doPART_NAME=$USE_RATE%=fUSE_RATE-$USE_RATE#X=if$USE_RATE-ge8；thenecho"Warning:$PAR1.NAMEPartitionusageSUSE_RATE%!”fldonedone