Linux Shell脚本经典案例

1.Dos攻击防范(自动屏蔽攻击IP)


01 02 03 04 05 06 07 08 09 10 #!/bin/bash DATE=$(date +%d/%b/%Y:%H:%M) LOG_FILE=/usr/local/nginx/logs/demo2.access.log ABNORMAL_IP=$(tail -n5000 $LOG_FILE |grep $DATE |awk '{a[$1]++}END{for(i in a)if(a[i]>10)print i}') for IP in $ABNORMAL_IP; do     if [ $(iptables -vnL |grep -c "$IP") -eq 0 ]; then         iptables -I INPUT -s $IP -j DROP         echo "$(date +'%F_%T') $IP" >> /tmp/drop_ip.log     fi done


2.Linux系统发送告警脚本
 
1 2 3 4 5 # yum install mailx # vi /etc/mail.rc  set from=baojingtongzhi@163.com smtp=smtp.163.com set smtp-auth-user=baojingtongzhi@163.com smtp-auth-password=123456 set smtp-auth=login


3.MySQL数据库备份单循环

01 02 03 04 05 06 07 08 09 10 11 12 13 14 #!/bin/bash DATE=$(date +%F_%H-%M-%S) HOST=localhost USER=backup PASS=123.com BACKUP_DIR=/data/db_backup DB_LIST=$(mysql -h$HOST -u$USER -p$PASS -s -e "show databases;" 2>/dev/null |egrep -v "Database|information_schema|mysql|performance_schema|sys")   for DB in $DB_LIST; do     BACKUP_NAME=$BACKUP_DIR/${DB}_${DATE}.sql     if ! mysqldump -h$HOST -u$USER -p$PASS -B $DB > $BACKUP_NAME 2>/dev/nullthen         echo "$BACKUP_NAME 备份失败!"     fi done


4.MySQL数据库备份多循环
 
01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 #!/bin/bash DATE=$(date +%F_%H-%M-%S) HOST=localhost USER=backup PASS=123.com BACKUP_DIR=/data/db_backup DB_LIST=$(mysql -h$HOST -u$USER -p$PASS -s -e "show databases;" 2>/dev/null |egrep -v "Database|information_schema|mysql|performance_schema|sys")   for DB in $DB_LIST; do     BACKUP_DB_DIR=$BACKUP_DIR/${DB}_${DATE}     [ ! -d $BACKUP_DB_DIR ] && mkdir -p $BACKUP_DB_DIR &>/dev/null     TABLE_LIST=$(mysql -h$HOST -u$USER -p$PASS -s -e "use $DB;show tables;" 2>/dev/null)     for TABLE in $TABLE_LIST; do         BACKUP_NAME=$BACKUP_DB_DIR/${TABLE}.sql         if ! mysqldump -h$HOST -u$USER -p$PASS $DB $TABLE > $BACKUP_NAME 2>/dev/nullthen             echo "$BACKUP_NAME 备份失败!"         fi     done done


5.Nginx 访问访问日志按天切割

 
01 02 03 04 05 06 07 08 09 10 11 12 #!/bin/bash LOG_DIR=/usr/local/nginx/logs YESTERDAY_TIME=$(date -d "yesterday" +%F) LOG_MONTH_DIR=$LOG_DIR/$(date +"%Y-%m") LOG_FILE_LIST="default.access.log"   for LOG_FILE in $LOG_FILE_LIST; do     [ ! -d $LOG_MONTH_DIR ] && mkdir -p $LOG_MONTH_DIR     mv $LOG_DIR/$LOG_FILE $LOG_MONTH_DIR/${LOG_FILE}_${YESTERDAY_TIME} done   kill -USR1 $(cat /var/run/nginx.pid)


6.Nginx访问日志分析脚本
 
01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 #!/bin/bash # 日志格式: $remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" "$http_x_forwarded_for" LOG_FILE=$1 echo "统计访问最多的10个IP" awk '{a[$1]++}END{print "UV:",length(a);for(v in a)print v,a[v]}' $LOG_FILE |sort -k2 -nr |head -10 echo "----------------------"   echo "统计时间段访问最多的IP" awk '$4>="[01/Dec/2018:13:20:25" && $4<="[27/Nov/2018:16:20:49"{a[$1]++}END{for(v in a)print v,a[v]}' $LOG_FILE |sort -k2 -nr|head -10 echo "----------------------"   echo "统计访问最多的10个页面" awk '{a[$7]++}END{print "PV:",length(a);for(v in a){if(a[v]>10)print v,a[v]}}' $LOG_FILE |sort -k2 -nr echo "----------------------"   echo "统计访问页面状态码数量" awk '{a[$7" "$9]++}END{for(v in a){if(a[v]>5)print v,a[v]}}' $LOG_FILE |sort -k3 -nr


7.查看网卡实时流量脚本

 
01 02 03 04 05 06 07 08 09 10 11 12 13 14 #!/bin/bash NIC=$1 echo -e " In ------ Out" while truedo     OLD_IN=$(awk '$0~"'$NIC'"{print $2}' /proc/net/dev)     OLD_OUT=$(awk '$0~"'$NIC'"{print $10}' /proc/net/dev)     sleep 1     NEW_IN=$(awk  '$0~"'$NIC'"{print $2}' /proc/net/dev)     NEW_OUT=$(awk '$0~"'$NIC'"{print $10}' /proc/net/dev)     IN=$(printf "%.1f%s" "$((($NEW_IN-$OLD_IN)/1024))" "KB/s")     OUT=$(printf "%.1f%s" "$((($NEW_OUT-$OLD_OUT)/1024))" "KB/s")     echo "$IN $OUT"     sleep 1 done


8.服务器系统配置初始化脚本
 
01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 #/bin/bash # 设置时区并同步时间 ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime if crontab -l |grep ntpdate &>/dev/null then     (echo "* 1 * * * ntpdate time.windows.com >/dev/null 2>&1";crontab -l) |crontab fi   # 禁用selinux sed -i '/SELINUX/{s/permissive/disabled/}' /etc/selinux/config   # 关闭防火墙 if egrep "7.[0-9]" /etc/redhat-release &>/dev/nullthen     systemctl stop firewalld     systemctl disable firewalld elif egrep "6.[0-9]" /etc/redhat-release &>/dev/nullthen     service iptables stop     chkconfig iptables off fi   # 历史命令显示操作时间 if grep HISTTIMEFORMAT /etc/bashrcthen     echo 'export HISTTIMEFORMAT="%F %T `whoami` "' >> /etc/bashrc fi   # SSH超时时间 if grep "TMOUT=600" /etc/profile &>/dev/nullthen     echo "export TMOUT=600" >> /etc/profile fi   # 禁止root远程登录 sed -i 's/#PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config   # 禁止定时任务向发送邮件 sed -i 's/^MAILTO=root/MAILTO=""/' /etc/crontab   # 设置最大打开文件数 if grep "* soft nofile 65535" /etc/security/limits.conf &>/dev/nullthen     cat >> /etc/security/limits.conf << EOF     * soft nofile 65535     * hard nofile 65535     EOF fi   # 系统内核优化 cat >> /etc/sysctl.conf << EOF net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_max_tw_buckets = 20480 net.ipv4.tcp_max_syn_backlog = 20480 net.core.netdev_max_backlog = 262144 net.ipv4.tcp_fin_timeout = 20  EOF   # 减少SWAP使用 echo "0" /proc/sys/vm/swappiness   # 安装系统性能分析工具及其他 yum install gcc make autoconf vim sysstat net-tools iostat iftop iotp lrzsz -y


9.监控100台服务器磁盘利用率脚本
 
01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 #!/bin/bash HOST_INFO=host.info for IP in $(awk '/^[^#]/{print $1}' $HOST_INFO); do     USER=$(awk -v ip=$IP 'ip==$1{print $2}' $HOST_INFO)     PORT=$(awk -v ip=$IP 'ip==$1{print $3}' $HOST_INFO)     TMP_FILE=/tmp/disk.tmp     ssh -p $PORT $USER@$IP 'df -h' > $TMP_FILE     USE_RATE_LIST=$(awk 'BEGIN{OFS="="}/^\/dev/{print $NF,int($5)}' $TMP_FILE)     for USE_RATE in $USE_RATE_LIST; do         PART_NAME=${USE_RATE%=*}         USE_RATE=${USE_RATE#*=}         if [ $USE_RATE -ge 80 ]; then             echo "Warning: $PART_NAME Partition usage $USE_RATE%!"         fi     done done


10.监控MySQL主从同步状态是否异常脚本

01 02 03 04 05 06 07 08 09 10 11 12 #!/bin/bash  HOST=localhost USER=root PASSWD=123.com IO_SQL_STATUS=$(mysql -h$HOST -u$USER -p$PASSWD -e 'show slave status\G' 2>/dev/null |awk '/Slave_.*_Running:/{print $1$2}') for in $IO_SQL_STATUS; do     THREAD_STATUS_NAME=${i%:*}     THREAD_STATUS=${i#*:}     if "$THREAD_STATUS" != "Yes" ]; then         echo "Error: MySQL Master-Slave $THREAD_STATUS_NAME status is $THREAD_STATUS!" |mail -s "Master-Slave Staus" [url=mailto:xxx@163.com]xxx@163.com[/url]     fi done


11.目录文件变化监控和实时文件同步

 
1 2 3 4 5 6 7 8 #!/bin/bash   MON_DIR=/opt inotifywait -mqr --format %f -e create $MON_DIR |\ while read files; do    rsync -avz /opt /tmp/opt    #echo "$(date +'%F %T') create $files" | mail -s "dir monitor" [url=mailto:xxx@163.com]xxx@163.com[/url] done


12.批量创建100用户并设置密码脚本


01 02 03 04 05 06 07 08 09 10 11 12 13 14 #!/bin/bash DATE=$@ USER_FILE=user.txt for USER in $USER_LIST; do     if id $USER &>/dev/nullthen         PASS=$(echo $RANDOM |md5sum |cut -c 1-8)         useradd $USER         echo $PASS |passwd --stdin $USER &>/dev/null         echo "$USER   $PASS" >> $USER_FILE         echo "$USER User create successful."     else         echo "$USER User already exists!"     fi done


13.批量检测网站是否异常脚本
 
01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 #!/bin/bash  URL_LIST="www.baidu.com [url=http://www.ctnrs.com]www.ctnrs.com[/url]" for URL in $URL_LIST; do     FAIL_COUNT=0     for ((i=1;i<=3;i++)); do         HTTP_CODE=$(curl -o /dev/null --connect-timeout 3 -s -w "%{http_code}" $URL)         if [ $HTTP_CODE -eq 200 ]; then             echo "$URL OK"             break         else             echo "$URL retry $FAIL_COUNT"             let FAIL_COUNT++         fi     done     if [ $FAIL_COUNT -eq 3 ]; then         echo "Warning: $URL Access failure!"     fi done


14.批量主机远程执行命令脚本


01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 #!/bin/bash COMMAND=$* HOST_INFO=host.info for IP in $(awk '/^[^#]/{print $1}' $HOST_INFO); do     USER=$(awk -v ip=$IP 'ip==$1{print $2}' $HOST_INFO)     PORT=$(awk -v ip=$IP 'ip==$1{print $3}' $HOST_INFO)     PASS=$(awk -v ip=$IP 'ip==$1{print $4}' $HOST_INFO)     expect -c "        spawn ssh -p $PORT $USER@$IP        expect {           \"(yes/no)\" {send \"yes\r\"; exp_continue}           \"password:\" {send \"$PASS\r\"; exp_continue}           \"$USER@*\" {send \"$COMMAND\r exit\r\"; exp_continue}        }     "     echo "-------------------" done


15.一键部署LNMP网站平台脚本
 
01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 #!/bin/bash NGINX_V=1.15.6 PHP_V=5.6.36 TMP_DIR=/tmp   INSTALL_DIR=/usr/local   PWD_C=$PWD   echo echo -e "\tMenu\n" echo -e "1. Install Nginx" echo -e "2. Install PHP" echo -e "3. Install MySQL" echo -e "4. Deploy LNMP" echo -e "9. Quit"   function command_status_check() {         if [ $? -ne 0 ]; then                 echo $1                 exit         fi }   function install_nginx() {     cd $TMP_DIR     yum install -y gcc gcc-c++ make openssl-devel pcre-devel wget     wget [url=http://nginx.org/download/nginx-]http://nginx.org/download/nginx-[/url]${NGINX_V}.tar.gz     tar zxf nginx-${NGINX_V}.tar.gz     cd nginx-${NGINX_V}     ./configure --prefix=$INSTALL_DIR/nginx \     --with-http_ssl_module \     --with-http_stub_status_module \     --with-stream     command_status_check "Nginx - 平台环境检查失败!"     make -j 4     command_status_check "Nginx - 编译失败!"     make install     command_status_check "Nginx - 安装失败!"     mkdir -p $INSTALL_DIR/nginx/conf/vhost     alias cp=cp cp -rf $PWD_C/nginx.conf $INSTALL_DIR/nginx/conf     rm -rf $INSTALL_DIR/nginx/html/*     echo "ok" > $INSTALL_DIR/nginx/html/status.html     echo '<?php echo "ok"?>' > $INSTALL_DIR/nginx/html/status.php     $INSTALL_DIR/nginx/sbin/nginx     command_status_check "Nginx - 启动失败!" }   function install_php() {         cd $TMP_DIR     yum install -y gcc gcc-c++ make gd-devel libxml2-devel \         libcurl-devel libjpeg-devel libpng-devel openssl-devel \         libmcrypt-devel libxslt-devel libtidy-devel     wget [url=http://docs.php.net/distributions/php-]http://docs.php.net/distributions/php-[/url]${PHP_V}.tar.gz     tar zxf php-${PHP_V}.tar.gz     cd php-${PHP_V}     ./configure --prefix=$INSTALL_DIR/php \     --with-config-file-path=$INSTALL_DIR/php/etc \     --enable-fpm --enable-opcache \     --with-mysql --with-mysqli --with-pdo-mysql \     --with-openssl --with-zlib --with-curl --with-gd \     --with-jpeg-dir --with-png-dir --with-freetype-dir \     --enable-mbstring --enable-hash     command_status_check "PHP - 平台环境检查失败!"     make -j 4     command_status_check "PHP - 编译失败!"     make install     command_status_check "PHP - 安装失败!"     cp php.ini-production $INSTALL_DIR/php/etc/php.ini     cp sapi/fpm/php-fpm.conf $INSTALL_DIR/php/etc/php-fpm.conf     cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm     chmod +x /etc/init.d/php-fpm     /etc/init.d/php-fpm start     command_status_check "PHP - 启动失败!" }   read -p "请输入编号:" number case $number in     1)         install_nginx;;     2)         install_php;;     3)         install_mysql;;     4)         install_nginx         install_php         ;;     9)         exit;; esac


16.一键查看服务器资源利用率
 
01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 #!/bin/bash function cpu() {     NUM=1     while [ $NUM -le 3 ]; do         util=`vmstat |awk '{if(NR==3)print 100-$15"%"}'`         user=`vmstat |awk '{if(NR==3)print $13"%"}'`         sys=`vmstat |awk '{if(NR==3)print $14"%"}'`         iowait=`vmstat |awk '{if(NR==3)print $16"%"}'`         echo "CPU - 使用率: $util , 等待磁盘IO响应使用率: $iowait"         let NUM++         sleep 1     done }   function memory() {     total=`free -m |awk '{if(NR==2)printf "%.1f",$2/1024}'`     used=`free -m |awk '{if(NR==2) printf "%.1f",($2-$NF)/1024}'`     available=`free -m |awk '{if(NR==2) printf "%.1f",$NF/1024}'`     echo "内存 - 总大小: ${total}G , 使用: ${used}G , 剩余: ${available}G" }   function disk() {     fs=$(df -h |awk '/^\/dev/{print $1}')     for in $fs; do         mounted=$(df -h |awk '$1=="'$p'"{print $NF}')         size=$(df -h |awk '$1=="'$p'"{print $2}')         used=$(df -h |awk '$1=="'$p'"{print $3}')         used_percent=$(df -h |awk '$1=="'$p'"{print $5}')         echo "硬盘 - 挂载点: $mounted , 总大小: $size , 使用: $used , 使用率: $used_percent"     done }   function tcp_status() {     summary=$(ss -antp |awk '{status[$1]++}END{for(i in status) printf i":"status[i]" "}')     echo "TCP连接状态 - $summary" }   cpu memory disk tcp_status


17.找出占用CPU 内存过高的进程脚本

 
1 2 3 ps -eo user,pid,pcpu,pmem,args --sort=-pcpu  |head -n 10   ps -eo user,pid,pcpu,pmem,args --sort=-pmem  |head -n 10


18.自动发布Java项目(Tomcat)

 
01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 #!/bin/bash DATE=$(date +%F_%T)   TOMCAT_NAME=$1 TOMCAT_DIR=/usr/local/$TOMCAT_NAME ROOT=$TOMCAT_DIR/webapps/ROOT   BACKUP_DIR=/data/backup WORK_DIR=/tmp PROJECT_NAME=tomcat-java-demo   # 拉取代码 cd $WORK_DIR if [ ! -d $PROJECT_NAME ]; then    git clone [url=https://github.com/lizhenliang/tomcat-java-demo]https://github.com/lizhenliang/tomcat-java-demo[/url]    cd $PROJECT_NAME else    cd $PROJECT_NAME    git pull fi   # 构建 mvn clean package -Dmaven.test.skip=true if [ $? -ne 0 ]; then    echo "maven build failure!"    exit 1 fi   # 部署 TOMCAT_PID=$(ps -ef |grep "$TOMCAT_NAME" |egrep -v "grep|$$" |awk 'NR==1{print $2}') [ -n "$TOMCAT_PID" ] && kill -9 $TOMCAT_PID [ -d $ROOT ] && mv $ROOT $BACKUP_DIR/${TOMCAT_NAME}_ROOT$DATE unzip $WORK_DIR/$PROJECT_NAME/target/*.war -d $ROOT $TOMCAT_DIR/bin/startup.sh



19.自动发布PHP项目脚本

01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 #!/bin/bash DATE=$(date +%F_%T)   WWWROOT=/usr/local/nginx/html/$1     BACKUP_DIR=/data/backup WORK_DIR=/tmp PROJECT_NAME=php-demo     # 拉取代码 cd $WORK_DIR if [ ! -d $PROJECT_NAME ]; then    git clone [url=https://github.com/lizhenliang/php-demo]https://github.com/lizhenliang/php-demo[/url]    cd $PROJECT_NAME else    cd $PROJECT_NAME    git pull fi     # 部署 if [ ! -d $WWWROOT ]; then    mkdir -p $WWWROOT    rsync -avz --exclude=.git $WORK_DIR/$PROJECT_NAME/* $WWWROOT else    rsync -avz --exclude=.git $WORK_DIR/$PROJECT_NAME/* $WWWROOT fi


 
 
  原文https://www.52pojie.cn/thread-1577568-1-1.html
上一篇:Shell编程与变量


下一篇:MySQL复制表