30個(gè)關(guān)于Shell腳本的經(jīng)典案例（中）

本文目錄

11、iptables自動(dòng)屏蔽訪問網(wǎng)站頻繁的IP
12、判斷用戶輸入的是否為IP地址
13、判斷用戶輸入的是否為數(shù)字
14、給定目錄找出包含關(guān)鍵字的文件
15、監(jiān)控目錄，將新創(chuàng)建的文件名追加到日志中
16、給用戶提供多個(gè)網(wǎng)卡選擇
17、查看網(wǎng)卡實(shí)時(shí)流量
18、MySQL數(shù)據(jù)庫備份
19、Nginx服務(wù)管理腳本20、用戶根據(jù)菜單選擇要連接的Linux主機(jī)

11、iptables自動(dòng)屏蔽訪問網(wǎng)站頻繁的IP

場(chǎng)景：惡意訪問,安全防范

1）屏蔽每分鐘訪問超過200的IP

方法1：根據(jù)訪問日志（Nginx為例）

#!/bin/bash
DATE=$(date?+%d/%b/%Y:%H:%M)
ABNORMAL_IP=$(tail?-n5000?access.log?|grep?$DATE?|awk?'{a[$1]++}END{for(i?in?a)if(a[i]>100)print?i}')
#先tail防止文件過大，讀取慢，數(shù)字可調(diào)整每分鐘最大的訪問量。awk不能直接過濾日志，因?yàn)榘厥庾址?for?IP?in?$ABNORMAL_IP;?do
????if?[?$(iptables?-vnL?|grep?-c?"$IP")?-eq?0?];?then
????????iptables?-I?INPUT?-s?$IP?-j?DROP
????fi
done
方法2：通過TCP建立的連接

#!/bin/bash
ABNORMAL_IP=$(netstat?-an?|awk?'$4~/:80$/?&&?$6~/ESTABLISHED/{gsub(/:[0-9]+/,"",$5);{a[$5]++}}END{for(i?in?a)if(a[i]>100)print?i}')
#gsub是將第五列（客戶端IP）的冒號(hào)和端口去掉
for?IP?in?$ABNORMAL_IP;?do
????if?[?$(iptables?-vnL?|grep?-c?"$IP")?-eq?0?];?then
????????iptables?-I?INPUT?-s?$IP?-j?DROP
????fi
done

2）屏蔽每分鐘SSH嘗試登錄超過10次的IP

方法1：通過lastb獲取登錄狀態(tài):

#!/bin/bash
DATE=$(date?+"%a?%b?%e?%H:%M")?#星期月天時(shí)分??%e單數(shù)字時(shí)顯示7，而%d顯示07
ABNORMAL_IP=$(lastb?|grep?"$DATE"?|awk?'{a[$3]++}END{for(i?in?a)if(a[i]>10)print?i}')
for?IP?in?$ABNORMAL_IP;?do
????if?[?$(iptables?-vnL?|grep?-c?"$IP")?-eq?0?];?then
????????iptables?-I?INPUT?-s?$IP?-j?DROP
????fi
done
方法2：通過日志獲取登錄狀態(tài)

#!/bin/bash
DATE=$(date?+"%b?%d?%H")
ABNORMAL_IP="$(tail?-n10000?/var/log/auth.log?|grep?"$DATE"?|awk?'/Failed/{a[$(NF-3)]++}END{for(i?in?a)if(a[i]>5)print?i}')"
for?IP?in?$ABNORMAL_IP;?do
????if?[?$(iptables?-vnL?|grep?-c?"$IP")?-eq?0?];?then
????????iptables?-A?INPUT?-s?$IP?-j?DROP
????????echo?"$(date?+"%F?%T")?-?iptables?-A?INPUT?-s?$IP?-j?DROP"?>>~/ssh-login-limit.log
????fi
done

12、判斷用戶輸入的是否為IP地址

方法1:

#!/bin/bash
function?check_ip(){
????IP=$1
????VALID_CHECK=$(echo?$IP|awk?-F.?'$1<?=255&&$2<=255&&$3<=255&&$4<=255{print?"yes"}')
????if?echo?$IP|grep?-E?"^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$">/dev/null;?then
????????if?[?$VALID_CHECK?==?"yes"?];?then
????????????echo?"$IP?available."
????????else
????????????echo?"$IP?not?available!"
????????fi
????else
????????echo?"Format?error!"
????fi
}
check_ip?192.168.1.1
check_ip?256.1.1.1
方法2：

#!/bin/bash
function?check_ip(){
????IP=$1
????if?[[?$IP?=~?^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$?]];?then
????????FIELD1=$(echo?$IP|cut?-d.?-f1)
????????FIELD2=$(echo?$IP|cut?-d.?-f2)
????????FIELD3=$(echo?$IP|cut?-d.?-f3)
????????FIELD4=$(echo?$IP|cut?-d.?-f4)
????????if?[?$FIELD1?-le?255?-a?$FIELD2?-le?255?-a?$FIELD3?-le?255?-a?$FIELD4?-le?255?];?then
????????????echo?"$IP?available."
????????else
????????????echo?"$IP?not?available!"
????????fi
????else
????????echo?"Format?error!"
????fi
}
check_ip?192.168.1.1
check_ip?256.1.1.1
增加版：

加個(gè)死循環(huán)，如果IP可用就退出，不可用提示繼續(xù)輸入，并使用awk判斷。

#!/bin/bash
function?check_ip(){
????local?IP=$1
????VALID_CHECK=$(echo?$IP|awk?-F.?'$1<?=255&&$2<=255&&$3<=255&&$4<=255{print?"yes"}')
????if?echo?$IP|grep?-E?"^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$"?>/dev/null;?then
????????if?[?$VALID_CHECK?==?"yes"?];?then
????????????return?0
????????else
????????????echo?"$IP?not?available!"
????????????return?1
????????fi
????else
????????echo?"Format?error!?Please?input?again."
????????return?1
????fi
}
while?true;?do
????read?-p?"Please?enter?IP:?"?IP
????check_ip?$IP
????[?$??-eq?0?]?&&?break?||?continue
done

13、判斷用戶輸入的是否為數(shù)字

方法1：

#!/bin/bash
if?[[?$1?=~?^[0-9]+$?]];?then
????echo?"Is?Number."
else
????echo?"No?Number."
fi
方法2：

#!/bin/bash
if?[?$1?-gt?0?]?2>/dev/null;?then
????echo?"Is?Number."
else
????echo?"No?Number."
fi
方法3：

#!/bin/bash
echo?$1?|awk?'{print?$0~/^[0-9]+$/?"Is?Number.":"No?Number."}'??#三目運(yùn)算符
12.14?找出包含關(guān)鍵字的文件
DIR=$1
KEY=$2
for?FILE?in?$(find?$DIR?-type?f);?do
????if?grep?$KEY?$FILE?&>/dev/null;?then
????????echo?"-->?$FILE"
????fi
done

14、給定目錄找出包含關(guān)鍵字的文件

#!/bin/bash
DIR=$1
KEY=$2
for?FILE?in?$(find?$DIR?-type?f);?do
????if?grep?$KEY?$FILE?&>/dev/null;?then
????????echo?"-->?$FILE"
????fi
done

15、監(jiān)控目錄，將新創(chuàng)建的文件名追加到日志中

場(chǎng)景：記錄目錄下文件操作。

需先安裝inotify-tools軟件包。

#!/bin/bash
MON_DIR=/opt
inotifywait?-mq?--format?%f?-e?create?$MON_DIR?|\
while?read?files;?do
??echo?$files?>>?test.log
done

16、給用戶提供多個(gè)網(wǎng)卡選擇

場(chǎng)景：服務(wù)器多個(gè)網(wǎng)卡時(shí)，獲取指定網(wǎng)卡，例如網(wǎng)卡流量

#!/bin/bash
function?local_nic()?{
????local?NUM?ARRAY_LENGTH
????NUM=0
????for?NIC_NAME?in?$(ls?/sys/class/net|grep?-vE?"lo|docker0");?do
????????NIC_IP=$(ifconfig?$NIC_NAME?|awk?-F'[:?]+'?'/inet?addr/{print?$4}')
????????if?[?-n?"$NIC_IP"?];?then
????????????NIC_IP_ARRAY[$NUM]="$NIC_NAME:$NIC_IP"????#將網(wǎng)卡名和對(duì)應(yīng)IP放到數(shù)組
????????????let?NUM++
????????fi
????done
????ARRAY_LENGTH=${#NIC_IP_ARRAY[*]}
????if?[?$ARRAY_LENGTH?-eq?1?];?then?????#如果數(shù)組里面只有一條記錄說明就一個(gè)網(wǎng)卡
????????NIC=${NIC_IP_ARRAY[0]%:*}
????????return?0
????elif?[?$ARRAY_LENGTH?-eq?0?];?then???#如果沒有記錄說明沒有網(wǎng)卡
????????echo?"No?available?network?card!"
????????exit?1
????else
????????#如果有多條記錄則提醒輸入選擇
????????for?NIC?in?${NIC_IP_ARRAY[*]};?do
????????????echo?$NIC
????????done
????????while?true;?do
????????????read?-p?"Please?enter?local?use?to?network?card?name:?"?INPUT_NIC_NAME
????????????COUNT=0
????????????for?NIC?in?${NIC_IP_ARRAY[*]};?do
????????????????NIC_NAME=${NIC%:*}
????????????????if?[?$NIC_NAME?==?"$INPUT_NIC_NAME"?];?then
????????????????????NIC=${NIC_IP_ARRAY[$COUNT]%:*}
????????????????????return?0
????????????????else
???????????????????COUNT+=1
????????????????fi
????????????done
????????????echo?"Not?match!?Please?input?again."
????????done
????fi
}
local_nic

17、查看網(wǎng)卡實(shí)時(shí)流量

適用于CentOS6操作系統(tǒng)。

#!/bin/bash
#?Description:?Only?CentOS6
traffic_unit_conv()?{
????local?traffic=$1
????if?[?$traffic?-gt?1024000?];?then
????????printf?"%.1f%s"?"$(($traffic/1024/1024))"?"MB/s"
????elif?[?$traffic?-lt?1024000?];?then
????????printf?"%.1f%s"?"$(($traffic/1024))"?"KB/s"
????fi
}
NIC=$1
echo?-e?"?In?------?Out"
while?true;?do
????OLD_IN=$(awk?-F'[:?]+'?'$0~"'$NIC'"{print?$3}'?/proc/net/dev)
????OLD_OUT=$(awk?-F'[:?]+'?'$0~"'$NIC'"{print?$11}'?/proc/net/dev)
????sleep?1
????NEW_IN=$(awk?-F'[:?]+'?'$0~"'$NIC'"{print?$3}'?/proc/net/dev)
????NEW_OUT=$(awk?-F'[:?]+'?'$0~"'$NIC'"{print?$11}'?/proc/net/dev)
????IN=$(($NEW_IN-$OLD_IN))
????OUT=$(($NEW_OUT-$OLD_OUT))
????echo?"$(traffic_unit_conv?$IN)?$(traffic_unit_conv?$OUT)"
????sleep?1
done
使用：./traffic.sh?eth0

18、MySQL數(shù)據(jù)庫備份

#!/bin/bash
DATE=$(date?+%F_%H-%M-%S)
HOST=192.168.1.120
DB=test
USER=bak
PASS=123456
MAIL="zhangsan@example.com?lisi@example.com"
BACKUP_DIR=/data/db_backup
SQL_FILE=${DB}_full_$DATE.sql
BAK_FILE=${DB}_full_$DATE.zip
cd?$BACKUP_DIR
if?mysqldump?-h$HOST?-u$USER?-p$PASS?--single-transaction?--routines?--triggers?-B?$DB?>?$SQL_FILE;?then
????zip?$BAK_FILE?$SQL_FILE?&&?rm?-f?$SQL_FILE
????if?[?!?-s?$BAK_FILE?];?then
????????????echo?"$DATE?內(nèi)容"?|?mail?-s?"主題"?$MAIL
????fi
else
????echo?"$DATE?內(nèi)容"?|?mail?-s?"主題"?$MAIL
fi
find?$BACKUP_DIR?-name?'*.zip'?-ctime?+14?-exec?rm?{}?\;

19、Nginx服務(wù)管理腳本

場(chǎng)景：使用源碼包安裝Nginx不含帶服務(wù)管理腳本，也就是不能使用"service?nginx?start"或"/etc/init.d/nginx?start"，所以寫了以下的服務(wù)管理腳本。
https://article.pchome.net/content-2100027.html
http://www.51cto.com/it/news/2019/0909/14338.html
https://www.linuxprobe.com/books

#!/bin/bash
#?Description:?Only?support?RedHat?system
.?/etc/init.d/functions
WORD_DIR=/usr/local/nginx
DAEMON=$WORD_DIR/sbin/nginx
CONF=$WORD_DIR/conf/nginx.conf
NAME=nginx
PID=$(awk?-F'[;?]+'?'/^[^#]/{if($0~/pid;/)print?$2}'?$CONF)
if?[?-z?"$PID"?];?then
????PID=$WORD_DIR/logs/nginx.pid
else
????PID=$WORD_DIR/$PID
fi
stop()?{
????$DAEMON?-s?stop
????sleep?1
????[?!?-f?$PID?]?&&?action?"*?Stopping?$NAME"??/bin/true?||?action?"*?Stopping?$NAME"?/bin/false
}
start()?{
????$DAEMON
????sleep?1
????[?-f?$PID?]?&&?action?"*?Starting?$NAME"??/bin/true?||?action?"*?Starting?$NAME"?/bin/false
}
reload()?{
????$DAEMON?-s?reload
}
test_config()?{
????$DAEMON?-t
}
case?"$1"?in
????start)
????????if?[?!?-f?$PID?];?then
????????????start
????????else
????????????echo?"$NAME?is?running..."
????????????exit?0
????????fi
????????;;
????stop)
????????if?[?-f?$PID?];?then
????????????stop
????????else
????????????echo?"$NAME?not?running!"
????????????exit?0
????????fi
????????;;
????restart)
????????if?[?!?-f?$PID?];?then
????????????echo?"$NAME?not?running!"?
????????????start
????????else
????????????stop
????????????start
????????fi
????????;;
????reload)
????????reload
????????;;
????testconfig)
????????test_config
????????;;
????status)
????????[?-f?$PID?]?&&?echo?"$NAME?is?running..."?||?echo?"$NAME?not?running!"
????????;;
????*)
????????echo?"Usage:?$0?{start|stop|restart|reload|testconfig|status}"
????????exit?3
????????;;
esac

20、用戶根據(jù)菜單選擇要連接的Linux主機(jī)

Linux主機(jī)SSH連接信息：

#?cat?host.txt
Web?192.168.1.10?root?22
DB?192.168.1.11?root?22
內(nèi)容格式：主機(jī)名?IP?User?Port

#!/bin/bash
PS3="Please?input?number:?"
HOST_FILE=host.txt
while?true;?do
????select?NAME?in?$(awk?'{print?$1}'?$HOST_FILE)?quit;?do
????????[?${NAME:=empty}?==?"quit"?]?&&?exit?0
????????IP=$(awk?-v?NAME=${NAME}?'$1==NAME{print?$2}'?$HOST_FILE)
????????USER=$(awk?-v?NAME=${NAME}?'$1==NAME{print?$3}'?$HOST_FILE)
????????PORT=$(awk?-v?NAME=${NAME}?'$1==NAME{print?$4}'?$HOST_FILE)
????????if?[?$IP?];?then
????????????echo?"Name:?$NAME,?IP:?$IP"
????????????ssh?-o?StrictHostKeyChecking=no?-p?$PORT?-i?id_rsa?$USER@$IP??#?密鑰免交互登錄
????????????break
????????else
????????????echo?"Input?error,?Please?enter?again!"
????????????break
????????fi
????done
done

動(dòng)手練一練，讓你的Shell功底上升一個(gè)段位！