馬哥教育N48-第十週作業
阿新 • • 發佈:2020-10-12
1. 編寫指令碼selinux.sh,實現開啟或禁用SELINUX功能。
指令碼如下:
關閉selinux
[[email protected] scripts37]#bash -x selinux.sh
- read -p ‘please input character set selinux for {start|stop} :’ SE
please input character set selinux for {start|stop} :stop
++ sed -rn ‘[email protected]^SELINUX=(.*)@\[email protected] - SEC=enforcing
- ‘[’ stop == start ‘]’
- ‘[’ stop == stop ‘]’
- ‘[’ enforcing == disabled ‘]’
- ‘[’ enforcing == enforcing ‘]’
- sed -ri ‘[email protected]^SELINUX=(.*)@[email protected]’ /etc/selinux/config
- echo ‘selinux stop succeed’
selinux stop succeed
開啟selinux
[[email protected] scripts37]#bash -x selinux.sh - read -p ‘please input character set selinux for {start|stop} :’ SE
please input character set selinux for {start|stop} :start
++ sed -rn ‘[email protected]^SELINUX=(.*)@\[email protected]’ /etc/selinux/config - SEC=disabled
- ‘[’ start == start ‘]’
- ‘[’ disabled == enforcing ‘]’
- ‘[’ disabled == disabled ‘]’
- sed -ri ‘[email protected]^SELINUX=(.*)@[email protected]’ /etc/selinux/config
- echo ‘selinux start succeed’
selinux start succeed
2、統計/etc/fstab檔案中每個檔案系統型別出現的次數
grep “^UUID” /etc/fstab | awk -F" " ‘{print $3}’ | uniq -c
3、提取出字串[email protected]%9&Bdh7dq+YVixp3vpw中的所有數字
echo “[email protected]%9&Bdh7dq+YVixp3vpw” | awk ‘{gsub(/[^0-9]/,"",$0);print $0}’
4、解決DOS攻擊生產案例:根據web日誌或者或者網路連線數,監控當某個IP 併發連線數或者短時內PV達到100,即呼叫防火牆命令封掉對應的IP,監控頻 率每隔5分鐘。防火牆命令為:iptables -A INPUT -s IP -j REJECT
將指令碼存到計劃任務中,設定定時任務計劃:
[[email protected] ~]# crontab -e
*/5 * * * * /root/checkip.sh