Module III. practical cases of enterprises

14, Practical cases of enterprises

(1) Use the for loop to batch create 10 html files in the / oldboy directory, where the file name contains 10 random lowercase letters plus a fixed string 0ldoby.

Train of thought analysis and random number generation method:

① The core is to create 10 random lowercase letters.

echo $RANDOM range is 0-32767

openssl rand -base64 100

date +%s%N

head /dev/urandom/cksum

uuidgen

cat /proc/sys/kernel/random/uuid

mkpasswd (yum install expect -y)

-l: Length

-d: Figures

-c: Lowercase letters

-C: Capital letter

-s: Special characters

[root@centos6-kvm3 shili]# cat 14-01.sh 
#!/bin/bash
path="oldboy"
[ -d /path ] || mkdir -p oldboy/
for n in {1..10}
do
  random=`echo "OLDBOY$RANDOM" | md5sum | tr '0-9' 'm-z' | cut -c 2-11`
  touch $path/${random}_oldboy.html

done
[root@centos6-kvm3 shili]# 

(2) . special cases of batch renaming. Change the oldboy string in the result file name in the above interview question 1 to oldgirl (preferably implemented with a for loop), and change the extension html to uppercase.

[root@centos6-kvm3 shili]# cat 14-02.sh
#!/bin/bash
for file in `ls oldboy/*.html`
do
 mv $file ${file/oldboy.html/oldgirl.HTML}
 
done
[root@centos6-kvm3 shili]# 

Method 2

[root@centos6-kvm3 oldboy]# ls | awk -F "oldgirl.HTML" '{print "mv",$0, $1 "oldboy.html"}' | bash

Method 3

[root@centos6-kvm3 oldboy]# rename "oldboy.html" "oldgirl.HTML" *.html

(3) Enterprise shell interview question 3: create user cases with special requirements in batch.

Create 10 system accounts oldboy01-oldboy10 in batch and set the password (the password is a random number and requires a mixture of numbers and letters).

Method 1

[root@centos6-kvm3 shili]# cat 14-03.sh 
#!/bin/bash
. /etc/init.d/functions
if [ $UID -ne 0 ]
then
   echo "please use root."
   exit 1
fi
for n in {41..50}

do
  pass=`openssl rand -base64 10`
  if [ `grep -w "oldboy$n" /etc/passwd|wc -l` -eq 0 ]
  then 
	  useradd oldboy$n &>/dev/null &&\
	  echo $pass | passwd --stdin oldboy$n &&\
	  echo -e "oldboy$n\t$pass" >>/tmp/user.txt &&\
          action "oldboy$n is successful." /bin/true
  else
          action "oldboy$n is exist." /bin/false
  fi
done
[root@centos6-kvm3 shili]# 

Method 2

[root@centos6-kvm3 shili]# cat 14-03-01.sh 
#!/bin/bash
for n in `seq -w 11 20`
do
  pass=`openssl rand -base64 10`
  useradd oldboy$n
  echo  "oldboy$n:$pass" >>/tmp/chpasswd.log
done
chpasswd </tmp/chpasswd.log
[root@centos6-kvm3 shili]# 

(4) Scan network memory for live host cases. Write a shell script to judge the number of hosts in the current network at 10.0.0.0/24. What are currently online.

How to judge whether the host is alive.

①ping

-c times

-i interval

②nmap (yum)

nmap -sP 10.0.0.0/24

Method 1

[root@centos6-kvm3 shili]# cat 14-04.sh 
#!/bin/bash
for n in {1..254}
do
  {
  if `ping -c 1 -w 3 10.0.0.$n &>/dev/null`
   then
      echo "10.0.0.$n is up."
   else
      echo "10.0.0.$n is down."
   fi
   } &
done

Method 2

[root@centos6-kvm3 shili]# nmap -sP 10.0.0.0/24 | awk '/Nmap scan report for/{print $NF}'

(5) . mysql database sub database backup

mysql -uroot  -poldboy123 -e "show databases" | grep -v _scheme|sed -1d
 Sub database backup:
mysqldump -B oldboy | gzip > bak.sql.gz

[root@centos6-kvm3 scripts]# vim mysql.sh
#!/bin/bash
path=/back
[ -d $path ] || mkdir $path -p
for dbname in `mysql -uroot -poldboy123 -e "show databases;" 2>/dev/null | grep -v _schema | sed -1d`
do
  mysqldump -uroot -poldboy123 -B $dbname | gzip >$path/${dbname}.sql.gz
done

(6) Case analysis and development of mysql database and table backup

How to realize the backup of sub database and sub table in mysql database, please use script.

answer:

mysqldump oldboy test test1| gzip >bak.sql.gz

1. Oldboy library name

2. test\test1 are all table names

method:

mysqldump -B oldboy |gzip >bak.sql.gz

mysqldump oldboy test1

mysqldump -B oldgril | gzip >bak.sql.gz

mysqldump oldgril test1

 mysql -uroot -poldboy123 -e "show tables from wordpress;" 2>/dev/null | sed -1d
 
 [root@centos6-kvm3 scripts]# cat mysql.sh
#!/bin/bash
path=/back
[ -d $path ] || mkdir $path -p
for dbname in `mysql -uroot -poldboy123 -e "show databases;" 2>/dev/null | grep -v _schema | sed 1d`
do
  for tname in `mysql -uroot -poldboy123 -e "show tables from $dbname;" 2>/dev/null | grep 1d `
  do
    if [ "$dbname" = "mysql" ]
    then
       mysqldump -uroot -poldboy123  $dbname $tname | gzip >$path/${dbname}_${tname}.sql.gz
    else
       mysqldump $dbname $tname | gzip >$path/${dbname}_${tname}.sql.gz
    fi
  done
done 
[root@centos6-kvm3 scripts]# 

7, SSH secret key free batch distribution file professional script

There are three machines, m01, backup and nfs01. ssh free secret key is used to log in from m01 to the other two machines without password. After logging in, please write a script to batch distribute any files from m01 to any directory of the other two machines.

Secret free environment generation:

[root@centos6-kvm3 scripts]# ssh-keygen 
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
12:af:26:77:1e:2d:2b:ce:94:aa:f9:be:c5:a3:c8:90 root@centos6-kvm3
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|                 |
|      .          |
|       o         |
|      . S        |
| .   . + .       |
|E   . X + .      |
| o o X.+ +       |
|  =+*oo.o        |
+-----------------+
[root@centos6-kvm3 scripts]# ll ~/.ssh/
total 8
-rw------- 1 root root 1675 Jan 27 21:48 id_rsa
-rw-r--r-- 1 root root  399 Jan 27 21:48 id_rsa.pub
[root@centos6-kvm3 scripts]# cd ~/.ssh/
[root@centos6-kvm3 .ssh]# ssh-copy-id id_rsa.pub 10.0.0.8




[root@centos6-kvm3 scripts]# cat fenfa.sh
#!/bin/bash
. /etc/init.d/functions
if [ $# -ne 2 ]
then
   echo "usage:$0 localdir remotedir"
   exit 1
fi

for n in 8 41 43
do
  scp -rp $1 10.0.0.$n:$2 &>/dev/null
  if [ $? -eq 0 ]
  then
     action "10.0.0.$n is successful" /bin/true
  else
    action "10.0.0.$n is failure" /bin/false
  fi

done
[root@centos6-kvm3 scripts]#

8, Cracking RANDOM number cases

It is known that the following string is the result of intercepting part of the string after passing through the RANDOM number variable md5sum. Please crack the number corresponding to the RANDOM number before md5sum processing.

21029299

00205d1c

a3da1677

1f6d12dd

890684b

answer:

[root@centos6-kvm3 .ssh]# cat random.sh
#!/bin/bash
array=(
21029299
00205d1c
a3da1677
1f6d12dd
890684b
)
funmd5(){
for n in {1..32767}
   do
     echo "$n\t `$n|md5sum`" >>/tmp/md5sum.log
   done
}

funjudge(){
for n in ${array[*]}
do
  if [ `echo grep $n /tmp/md5sum.log|wc -l` -eq 1 ]
  then
     echo `grep $n /tmp/md5sum.log`
  fi

done
}

main(){
funmd5
funjudge
}
main

[root@centos6-kvm3 .ssh]# 

Optimization method 1:

[root@centos6-kvm3 .ssh]# cat random1.sh 
#!/bin/bash
array=(
21029299
00205d1c
a3da1677
1f6d12dd
890684b
)
funmd5(){
for n in {1..32767}
   do
     echo "$n\t `$n|md5sum`" >>/tmp/md5sum1.log
   done
}

funjudge(){
   char="`echo ${array[*]} | tr " " "|"`"

     egrep $char /tmp/md5sum1.log
}

main(){
funmd5
funjudge
}
main
[root@centos6-kvm3 .ssh]#

9, Batch check whether multiple website addresses are normal

Enterprise interview question: batch check whether multiple website addresses are normal.

requirement:

1. The shell array method is used to implement the inspection strategy, and the user access is simulated as much as possible.

2. All tests shall be carried out every 10s, and the inaccessible output alarm.

3. The addresses to be tested are as follows:

http://blog.oldboyedu.com

http://blog.ettiantian.org

http://www.luffycity.com

http://10.0.0.7

answer:

wget --spider # simulates a crawler without downloading html files.

Method 1
[root@centos6-kvm3 .ssh]# cat url.sh
#!/bin/bash
. /etc/init.d/functions
array=(
http://blog.oldboyedu.com
http://www.baidu.com
http://blog.ettiantian.org
http://www.luffycity.com
http://10.0.0.7
)
checkurl(){
        wget -t 2 -T 5 -o /dev/null -q $1
        if [ $? -eq 0 ]
        then
           action "$1 is successfull." /bin/true
        else
           action "$1 is failure." /bin/false
        fi
}

dealurl(){
      for n in ${array[*]}
      do 
        checkurl $n

      done

}

main(){
    while true
    do
          dealurl
          sleep 2
          echo "--------"
         
     done

}
main

[root@centos6-kvm3 .ssh]# 




Method 2
[root@centos6-kvm3 .ssh]# cat url1.sh 
#!/bin/bash
. /etc/init.d/functions
array=(
http://blog.oldboyedu.com
http://www.baidu.com
http://blog.ettiantian.org
http://www.luffycity.com
http://10.0.0.7
)
checkurl(){
        wget -t 2 -T 5 -o /dev/null -q $1
        if [ $? -eq 0 ]
        then
           action "$1 is successfull." /bin/true
        else
           action "$1 is failure." /bin/false
        fi
}

dealurl(){
      for ((i=0;i<${#array[*]};i++))
      
      do 
        checkurl ${array[$i]}

      done

}

main(){
    while true
    do
          dealurl
          sleep 2
          echo "--------"
         
     done

}
main

[root@centos6-kvm3 .ssh]# 



Method 3
[root@centos6-kvm3 .ssh]# cat url2.sh 
#!/bin/bash
. /etc/init.d/functions

checkurl(){
        wget -t 2 -T 5 -o /dev/null -q $1
        if [ $? -eq 0 ]
        then
           action "$1 is successfull." /bin/true
        else
           action "$1 is failure." /bin/false
        fi
}

dealurl(){
      while read line
      do 
        checkurl $line

      done < ./url.log

}

main(){
    while true
    do
          dealurl
          sleep 2
          echo "--------"
         
     done

}
main

[root@centos6-kvm3 .ssh]# 

10, Solve dos attack generation cases

Write a shell script to solve the dos attack and generate cases.

Please monitor the number of concurrent connections of an ip according to the web log or the number of network connections, or pv reaches 100 in a short time (please set it according to the actual situation), that is, call the firewall command to block the corresponding ip. Firewall command: iptables -I INPUT -s IP address - j DROP

answer:

DOS deny of service

DDOS

analysis:

1. ip sealing command

iptables -I INPUT -s IP address - j DROP

2. Number of web logs or network connections

Log files, netstat -an| grep -i est sort and de duplicate.

3. Judge whether pv or the number of connections is greater than 100, take out the ip and seal it.

Method of taking attack ip:

Method 1
[root@centos6-kvm3 scripts]# awk '{s[$1]++}END{for(key in s) print s[key],key}' access_2010-12-8.log | uniq  |sort -nr
35 59.33.26.105
23 123.122.65.226
8 124.115.4.18
 Method 2
[root@centos6-kvm3 scripts]# awk '{print $1}' access_2010-12-8.log | uniq -c | sort -nr
     35 59.33.26.105
     23 123.122.65.226
      8 124.115.4.18
[root@centos6-kvm3 scripts]# 

[root@centos6-kvm3 scripts]# cat dos.sh
#!/bin/bash
awk '{s[$1]++}END{for(key in s) print s[key],key}' access_2010-12-8.log  |sort -nr | head >/tmp/ip.log
while read line
do
  ip=`echo $line|awk '{print $2}'`
  count=`echo $line|awk '{print $1}'`
  if [ $count -gt 30 -a `grep "$ip" /tmp/drop.log|wc -l` -lt 1 ]
  then
     iptables -I INPUT -s `echo $line|awk '{print $2}'` -j DROP &&\
     echo "echo $line|awk '{print $2}'" >>/tmp/drop.log
  else
     echo "echo $line|awk '{print $2}'" >>/tmp/accept.log
  fi

done </tmp/ip.log
[root@centos6-kvm3 scripts]# 
[root@centos6-kvm3 scripts]# iptables -nL

How to get the number of network connections:

[root@centos6-kvm3 scripts]# awk -F "[ :]+" '/ESTAB/{S[$(NF-3)]++}END{for(k in S) print S[k],k}' netstat.log| sort -rn | head
[root@centos6-kvm3 scripts]# awk '/ESTAB/{print $(NF-1)}' netstat.log | awk -F ":" '{print $1}'| uniq -c | sort -rn |head

[root@centos6-kvm3 scripts]# vim dos1.sh 
#!/bin/bash
awk -F "[ :]+" '/ESTAB/{S[$(NF-3)]++}END{for(k in S) print S[k],k}' netstat.log| sort -rn | head >/tmp/ip.log
while read line
do
  ip=`echo $line|awk '{print $2}'`
  count=`echo $line|awk '{print $1}'`
  if [ $count -gt 30 -a `grep "$ip" /tmp/drop.log|wc -l` -lt 1 ]
  then
     iptables -I INPUT -s `echo $line|awk '{print $2}'` -j DROP &&\
     echo "echo $line|awk '{print $2}'" >>/tmp/drop.log
  else
     echo "echo $line|awk '{print $2}'" >>/tmp/accept.log
  fi

done </tmp/ip.log
~                                    [root@centos6-kvm3 scripts]# iptables -nL

11, Develop mysql service start stop script

Requirements: implemented with functions, case statements, if statements, etc.

answer:

/etc/init.d/mysqld {start | stop | restart}

analysis:

1. Start

mysql_ Safe -- user = MySQL & be sure to test successfully on the command line.

2. Stop

mysqladmin -uroot -ppasswd shutdown

killall,pkill

kill pid recommendation

[root@centos6-kvm3 scripts]# cat mysqld.sh 
# chkconfig: 2345 20 80
# description: mysql start stop

#!/bin/bash
lockfile=/var/lock/subsys/mysqld
. /etc/init.d/functions
mysqld_pid_file_path="/application/mysql/data/web01.pid"
mysqld_safe=/application/mysql/bin/mysqld_safe

start(){
    /bin/sh $mysqld_safe --datadir=/application/mysql/data --pid-file=$mysqld_pid_file_path &>/dev/null &
    retval=$?
    if [ $retval -eq 0 ]
     then
        action  "mysql start ok" /bin/true
        touch $lockfile
        return $retval
    else
        action "mysql start fail" /bin/false
        return $retval
    fi
}
stop(){
    if test -s "$mysqld_pid_file_path"
    then
       mysqld_pid=`cat $mysqld_pid_file_path`
       if (kill -0 $mysql_pid &>/dev/null)
       then
          kill $mysqld_pid
          retval=$?
          if [ $retval -eq 0 ]
          then
             action "mysql stop ok" /bin/true
             rm $lockfile
             return $retval
          else
              action "mysql stop fail" /bin/false
              return $retval
          fi
        else
            echo "mysqld process is not exits."
            return 2
       fi
    else
       echo "$mysqld_pid_file_path is not exist,or mysqld does not startup."
       
  fi
}
case $1 in
     start)
        start
        retval=$?
        ;;
     stop)
        stop
        retval=$?
        ;;
     restart)
        stop 
        sleep 2
        start
        retval=$?
        ;;
     *)
        echo "usage:$0 {start|stop|restart}"
        exit 1
esac
exit $retval

[root@centos6-kvm3 scripts]# 

12, Word and letter de reordering case

Process the following with a shell script

1. Sort words in descending order of frequency.

2. Sort alphabetically in descending order.

the squid project provides a number of resources to assist users design,implement and support squid installations. Please browse the documentation and support sections for more infomation,by oldboy training.

1. Sort words in descending order of frequency.

Method 1:

[root@centos6-kvm3 scripts]# tr " ," "\n" <12.log | sort|uniq -c| sort -rn

Method 2:

[root@centos6-kvm3 scripts]# tr " ," "\n" <12.log | awk '{S[$1]++}END{for(k in S) print S[k],k}'| sort -nr

Method 3

[root@centos6-kvm3 scripts]# xargs -n1 <12.log | sort|uniq -c|sort -nr

2. Sort Letters in descending order of frequency.

Method 1

[root@centos6-kvm3 scripts]# grep -o "[^ ]" 12.log | sort|uniq -c|sort -nr

Method 2

[root@centos6-kvm3 scripts]# grep -o "[^ ]" 12.log | awk '{S[$1]++}END{for(k in S) print S[k],k}'|sort -rn

Method 3

[root@centos6-kvm3 scripts]# sed 's#[ ,\.]##g' 12.log | awk -F "" '{for(i=1;i<NF;i++)s[$i]++}END{for(k in s) print s[k],k}'| sort -nr

13, Advanced method of sorting cases by word

Vertical treatment:

[root@centos6-kvm3 scripts]# awk -F '[ ,.]+' '{for(i=1;i<NF;i++)s[$i]++}END{for(k in s) print s[k],k}' 12.log | sort -nr

Posted by amites on Tue, 19 Apr 2022 00:04:06 +0930