您的位置:首页 > 其它

常用的小脚本

2015-07-29 14:08 260 查看
1、检查主机存活

#!/bin/bash
IP_RANGE="192.168.64."
IP=$(seq 1 254)
for i in $IP
do
(ping -c2 -w1 -i0.5 ${IP_RANGE}${i} >/dev/null 2>&1
if [ $? -eq 0 ]
then
echo "Host ${IP_RANGE}${i} is online" >> ./online.txt
fi)&
done
for i in `seq 255` ;do ping -c 1 192.168.64.$i >/dev/null 2>&1 && [[ $? = 0 ]]&&echo "ip:64.$i is up"||echo "ip:64.$i is down";done
nmap -sn 192.168.64.0/24|awk  '/192/ {print $NF}'
针对物理机:命令行
a="192.168.64.170
192.168.64.92
192.168.64.93
192.168.64.99
192.168.64.100
192.168.64.101
192.168.64.124
192.168.64.125
192.168.64.142
192.168.64.163
192.168.64.171
192.168.64.201
192.168.64.206
192.168.64.230
192.168.64.231
192.168.64.232
192.168.64.122
192.168.64.158
192.168.64.159
192.168.64.160
192.168.64.168
192.168.64.169
192.168.64.97
192.168.64.112
192.168.64.113
192.168.64.180"
for i in $a ;do ping -c 1 $i >/dev/null 2>&1 && [[ $? = 0 ]]&&echo "ip:$i is up"||echo "ip:$i is down";done

2 、笨方法改密码
2.1命令行
echo 'passwd1'|passwd --stdin root;echo 'passwd2'|passwd --stdin user;echo 'passwd3'|passwd --stdin usersudo
3、监控网络连接数
根据web日志或者或者网络连接数,监控当某个IP并发连接数或者短时内PV达到100,即调用防火墙命令封掉对应的IP,监控频率每隔3分钟。防火墙命令为:iptables-AINPUT -s 10.0.1.10 -j DROP。
netstat -an|grep EST|awk -F '[: ]+' '{print $6}'|sort|uniq -c
#!/bin/bash

log=/tmp/tmp.log

[ -f $log ] || touch $log

function add_iptables(){
whileread line
do
ip=`echo $line|awk '{print $2}'`
count=`echo $line|awk '{print $1}'`
if [ $count -gt 100 ] && [`iptables -L -n|grep "$ip"|wc -l` -lt 1 ]
then
iptables -I INPUT -s $ip -jDROP
echo "$line isdropped" >>/tmp/droplist.log
fi
done<$log
}

function main(){
whiletrue
do
#awk '{print $1}' access.log|grep-v "^$"|sort|uniq -c >$log
netstat -an|grep EST|awk -F '[:]+' '{print $6}'|sort|uniq -c >$log
add_iptables
sleep 180
done
}

main

4、记录用户操作命令
/etc/profile 添加
HISTSIZE=100
HISTTIMEFORMAT="%Y/%m/%d %T   ";export HISTTIMEFORMA
export HISTORY_FILE=/var/log/audit.log
export PROMPT_COMMAND='{ thisHistID=`history 1|awk "{print \\$1}"`;lastCommand=`history 1| awk "{\\$1=\"\" ;print}"`;user=`id -un`;whoStr=(`who -u am i`);realUser=${whoStr[0]};logMonth=${whoStr[2]};logDay=${whoStr[3]};logTime=${whoStr[4]};pid=${whoStr[6]};ip=${whoStr[7]};if [ ${thisHistID}x != ${lastHistID}x ];then echo -E `date "+%Y/%m/%d %H:%M:%S"` $user\($realUser\)@$ip[PID:$pid][LOGIN:$logMonth $logDay $logTime] --- $lastCommand ;lastHistID=$thisHistID;fi; } >> $HISTORY_FILE'


本文出自 “jasperhsu” 博客,请务必保留此出处http://jasperhsu.blog.51cto.com/8953767/1679583
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签: 
相关文章推荐
新的分享
章节导航