1覆积、編寫(xiě)腳本selinux.sh妹窖,實(shí)現(xiàn)開(kāi)啟或禁用SELinux功能
[ -f /etc/init.d/functions ] && . /etc/init.d/functions
[ $UID -ne 0 ] && echo "this script must root run it" && exit 1
[ $# -ne 1 ] && echo "Usage:bash $0 <off|on>" && exit 2
if [ "$1" = "on" ];then
sed -i 's@^SELINUX=.*@SELINUX=enforcing@g' /etc/selinux/config
[ $? -eq 0 ] && action "selinux config on " /bin/true
/sbin/setenforce 1
elif [ "$1" = "off" ];then
sed -i 's@^SELINUX=.*@SELINUX=disabled@g' /etc/selinux/config
[ $? -eq 0 ] && action "selinux config off " /bin/true
/sbin/setenforce 0
else
echo "argv error , please input <on|off>"
exit 3
fi
2、統(tǒng)計(jì)/etc/fstab文件中每個(gè)文件系統(tǒng)類(lèi)型出現(xiàn)的次數(shù)
cat -A /etc/fstab|awk '!/^\$|#/{fstype[$3]++}END{for(i in fstype){print i,fstype[i]}}'
3渐苏、提取出字符串Yd$C@M05MB%9&Bdh7dq+YVixp3vpw中的所有數(shù)字
a=`echo "Yd$C@M05MB%9&Bdh7dq+YVixp3vpw"|tr -cd "[:digit:]"`
4掀潮、解決DOS攻擊生產(chǎn)案例:根據(jù)web日志或者或者網(wǎng)絡(luò)連接數(shù),監(jiān)控當(dāng)某個(gè)IP 并發(fā)連接數(shù)或者短時(shí)內(nèi)PV達(dá)到100琼富,即調(diào)用防火墻命令封掉對(duì)應(yīng)的IP仪吧,監(jiān)控頻 率每隔5分鐘。防火墻命令為:iptables -A INPUT -s IP -j REJECT
