Today, continue the content of the previous article and study several commonly used operation and maintenance codes.
Batch set password
Write a script to batch create 10 system accounts oldboy01-oldboy10 and set the password (the password is a random 8-bit string).
Reference answer: one of the codes found on the Internet is as follows (verified):
#!/bin/bash for i in `seq 01 10` do useradd oldboy$i password=`tr -cd 'a-zA-Z0-9' </dev/urandom |head -c8` echo "$password |passwd --stdin oldboy$i" done
Current online user
Write a script to judge the IP addresses of current online users in the 10.0.0.0/24 network (there are many methods)
Reference answer: there are many methods. Here is the simplest one (which has been verified). Good memory:
nmap -sP 192.168.1.0/24
Resolve DOS attacks
Write a script to solve the production case of DOS attack
Tip: according to the web log or the number of network connections, monitor that when the number of concurrent connections of an IP or PV reaches 100 in a short time, call the firewall command to block the corresponding IP, and the monitoring frequency is every 3 minutes. The firewall command is: iptables -A INPUT -s 10.0.1.10 -j DROP. (please implement it in at least two ways!)
Reference answer:
First method (unverified):
#!/bin/bash
#tt=awk '{a[$1$4]++ }END{for (i in a) print i,a[i]}' localhost_access_log.2017-11-24.txt|sort -nk2|tail -10
#Get the array with the same time period and the same IP as the subscript. The subscript of the array is unique
#After obtaining, sort according to the second column of IP, and take the maximum of 10
#The second awk obtains the IP and prepares the firewall to seal the IP in the next step
#tt2=$(awk '{a[$1$4]++ }END{for (i in a) print i,a[i]}' localhost_access_log.2017-11-24.txt|sort -nk2|tail -10|awk -F'[' '{print $1}'|sort|uniq)
#
#awk '{a[$1$4]++ }END{for (i in a) print i,a[i]}' localhost_access_log.2017-11-24.txt|sort -nk2|tail -10|awk -F'[' '{print $1,$2}'|awk '$3>3{print $1}'|sort|uniq -c
#
for i in $(awk '{a[$1$4]++ }END{for (i in a) print i,a[i]}' localhost_access_log.2017-11-24.txt|sort -nk2|tail -10|awk -F'[' '{print $1,$2}'|awk '$3>3{print $1}'|sort|uniq)
do
echo $i
echo "iptables-I INPUT -s $i -j DROP"
done
Second method (unverified):
#!/bin/bash
while true
do
awk '{print $1}' access.log|grep -v "^$"|sort|uniq -c > /tmp/tmp.log
exec </tmp/tmp.log
while read line
do
ip=`echo $link|awk'{print $2}'`
count=`echo $line|awk '{print $1}'`
if [ $count -gt 3 ] && [ `iptables -L -n|grep "$ip"|wc -l` -lt 1 ]
then
iptables -I INPUT -s $ip -j DROP
echo "$line is dropped" >>/tmp/droplist.log
fi
done
sleep 5
done
Print letters
bash for loop prints words with no more than 6 letters in the following sentence. (please implement it in at least two ways!)
I am oldboy teacher welcome to oldboy trainingclass.
Reference answer:
Code 1 (verified):
#!/bin/sh
string="I am oldboy teacher welcome to oldboy trainingclass"
number="`echo $string|grep -o " "|wc -l`"
number=`expr $number + 1`
for n in `seq $number`
do
char=`echo $string|awk -F " " '{print$'"$n"'}'`
num=`echo $char|wc -L`
if [ $num -le 6 ]
then echo $char
fi
done
Code 2 (verified):
#!/bin/sh
for n in I am oldboy teacher welcome to oldboy trainingclass
do
if [ ${#n} -le 6 ];then
echo $n
fi
done
Print menu
Print the selection menu and install the Web service with one click:
[root@oldboyscripts]# sh menu.sh
1.[install lamp]
2.[install lnmp]
3.[exit]
pls input the num you want:
requirement:
1. When the user enters 1, the output is "start installing lamp." Then execute / server / scripts / lamp SH, exit the script after the script content outputs "lamp is installed";
2. When the user enters 2, the output is "start installing LNMP." Then execute / server.lnmp/scripts SH output "lnmp is installed" and exit the script;
3. When you enter 3, exit the current menu and script;
4. When entering any other characters, give the prompt "Input error" and exit the script.
5. Judge the relevant conditions of the executed script, such as whether the script exists, whether it can be executed, etc.
Reference answer (verified, not exactly the same, the reason is the same):
#!/bin/bash RED_COLOR='\E[1;31m' GREEN_COLOR='\E[1;32m' YELLOW_COLOR='\E[1;33m' BLUE_COLOR='\E[1;34m' PINK_COLOR='\E[1;35m' RES='\E[0m' cat <<EOF #Menu to print 1.[install lamp] 2.[install lnmp] 3.[install mysql] 4.[install php] 5.[exit] EOF read -p"pls input the num you want:" a #Please enter a parameter case $a in 1) echo -e "$BLUE_COLOR startinstalling lamp $RES" #Color the output lampScripts=/server/scripts/lamp.sh [-f$lampScripts] && sh $lampScripts|| exit1 #Judge whether the lamp file to be executed exists ;; 2) echo -e "$PINK_COLOR startinstalling lnmp $RES" lnmpScripts=/server/scripts/lnmp.sh [-f$lnmpScripts] && sh $lnmpScripts|| exit2 ;; 3) echo -e "$GREEN_COLOR startinstalling mysql $RES" mysqlScripts=/server/scripts/mysql.sh [-f$mysqlScripts] && sh $mysqlScripts|| exit3 ;; 4) echo-e "$PINK_COLOR startinstalling php $RES" phpScripts=/server/scripts/mysql.sh [-f$phpScripts] && sh $phpScripts|| exit4 ;; *) echo -e "$RED_COLOR input error $RES" esac
rsync system startup script
Write a system startup script of rsync in network service independent process mode
For example: / etc / init d/rsyncd {start|stop|restart} .
requirement:
1. Use system function library skills.
2. You can't use functions in the way of SHI.
3. Can be managed by chkconfig.
Online reference answer (verified):
Before executing the following code, first modify the rsync configuration file:
vi /etc/rsyncd.conf
Remove the comment from this sentence. PID file = / var / run / rsyncd pid
Otherwise, execute sh rsyncd When sh stops, the service will not be stopped.
During verification, ps -ef|grep rsync and ss -lntup|grep rsync should be used to check whether the service is started and stopped.
#!/bin/bash
# chkconfig: 2345 99 98
#author:oldyang
choice=$1
STOP=/var/run/rsyncd.pid
start(){
[ -f $STOP ] || rsync --daemon
}
stop(){
[ -f $STOP ] && kill `cat /var/run/rsyncd.pid`
}
restart(){
[ -f $STOP ] && kill `cat /var/run/rsyncd.pid`
}
case "$choice" in
start)
start
;;
stop)
stop
;;
restart)
restart
sleep 1
rsync --daemon
;;
*)
echo "Usage: input right CMD. EX: {start|restart|stop}"
exit 1
esac
Lottery script
The operation and maintenance team provided the opportunity to go out for enterprise project practice (the sixth time) (in the middle of this month), but the quota is limited, and the team members are limited to 3 (led by the team leader). A lottery procedure is needed to select students:
requirement:
1. After the script is executed, the students who want to go will input their English names and spell them in full to generate random numbers between 01-99. The larger the number, they will go to participate in the project practice. The same number can not appear next time.
2. After the first input of the name, the screen will output information and record the name and number in the file. The program cannot exit and continue to wait for other students to input.
Online reference answer (verified):
#!/bin/bash
##############################################################
# File Name: zhuajiu.sh
# Version: V1.0
# Author: oldboy
# Organization: www.oldboyedu.com
##############################################################
>/tmp/name.log
random(){
random="$((RANDOM%100))"
if [ `egrep -w "$random" /tmp/name.log|wc -l` -ge 1 ]
then
continue
fi
}
name(){
read -p "Please enter the full spelling of your name:" name
if [ "$name" = "exit" ];
then
break
fi
if [ `egrep -w "$name" /tmp/name.log|wc -l` -ge 1 ]
then
echo "Duplicate name, please re-enter"
continue
fi
echo -e "$random\t\t$name"|tee -a /tmp/name.log
}
main(){
while true
do
random
name
done
echo "After drawing lots, the sorting results are as follows:"
sort -rn -k1 /tmp/name.log|head -3
}
main
A very interesting piece of code can be used when drawing lots
Detection website
Batch check whether multiple website addresses are normal
Requirements: the shell array method is implemented, and the detection strategy simulates the user's access idea as much as possible
http://www.yunweipai.com
http://www.taobao.com
http://www.chengxuyuan.com
http://10.0.0.7
Online reference answer (verified):
#!/bin/bash
##############################################################
# File Name: check_url.sh
# Version: V1.0
# Author: gaobo
# Organization: 641627690@qq.com
# Created Time : 2017-12-05 19:07:45
# Description:
##############################################################
#!/bin/bash
web_array=(
http://blog.oldboyedu.com
http://blog.etiantian.org
http://oldboy.blog.51cto.com
http://10.0.0.7
)
while true
do
for ((i=0;i<${#web_array[*]};i++))
do
wget -T 10 --tries=2 --spider ${web_array[$i]} >/dev/null 2>&1
if [ $? -eq 0 ]
then
echo "${web_array[$i]} is ok"
else
echo "${web_array[$i]} is bad"
fi
sleep 3
done
done
Decryption script
It is known that the following strings are the results intercepted through the RANDOM number variable md5sum|cut -c 1-8. Please crack the corresponding number of RANDOM before md5sum corresponding to these strings?
21029299
00205d1c
a3da1677
1f6d12dd
890684b
Online reference answer (verified):
First, create a text file and put the processed numbers in it, such as AA Txt, and then you can use the following code:
#!/bin/bash
##############################################################
# File Name: rd_mat.sh
# Version: V1.0
# Author: gaobo
# Organization: 641627690@qq.com
# Created Time : 2017-12-07 19:57:59
# Description:
##############################################################
for ((i=0;i<=32767;i++))
do
for j in `cat /server/scripts/aa.txt`
do
#echo "$(echo $i|md5sum|cut -c 1-8) ${j}"
if [ "$(echo $i|md5sum|cut -c 1-8)" == "${j}" ]
then
echo $i
fi
done
done
The code is very simple and easy to understand, but the disadvantage is that the efficiency is relatively low. Decrypting one basically takes about half a minute. The answer is also announced:
1346
7041
25345
25667
It can be seen that encryption is fast, but decryption takes a lot of time. Praise the decrypted scientists! If you have a more efficient algorithm, you can leave a message, thank you!