shell script 14: Enterprise case

14. Enterprise Actual Warfare Cases

(1) Use the for loop to create 10 html files in batch in the / oldboy directory, where the file name contains 10 random lowercase letters to reinforce the fixed string 0ldoby.

Idea analysis to generate random numbers:

The core is to create 10 random lower case letters.

Method 1:
echo $RANDOM range is 0-32767

openssl rand -base64 100
 Method 2:

date +%s%N
 Method 3:

head /dev/urandom/cksum
 Method 4:

uuidgen
 Method 5:

cat /proc/sys/kernel/random/uuid
 Method 6:

mkpasswd (yum install expect -y)

-l:length

-d:number

-c:lower case letters

-C:Uppercase letters

-s: special characters

Application Instances

[root@centos6-kvm3 shili]# cat 14-01.sh 
#!/bin/bash
path="oldboy"
[ -d /path ] || mkdir -p oldboy/
for n in {1..10}
do
  random=`echo "OLDBOY$RANDOM" | md5sum | tr '0-9' 'm-z' | cut -c 2-11`
  touch $path/${random}_oldboy.html
done
[root@centos6-kvm3 shili]# 

(2) Special cases of batch renaming.Change all oldboy strings in the result file name in question 1 above to oldgirl (preferably with a for loop) and all html extensions to uppercase.

Method 1

[root@centos6-kvm3 shili]# cat 14-02.sh
#!/bin/bash
for file in `ls oldboy/*.html`
do
 mv $file ${file/oldboy.html/oldgirl.HTML}
 
done
[root@centos6-kvm3 shili]# 

Method 2

[root@centos6-kvm3 oldboy]# ls | awk -F "oldgirl.HTML" '{print "mv",$0, $1 "oldboy.html"}' | bash

Method 3

[root@centos6-kvm3 oldboy]# rename "oldboy.html" "oldgirl.HTML" *.html

(3) Enterprise shell interview question 3: Mass creation of special requirements user cases.

Bulk create 10 system accounts oldboy01-oldboy10 and set the password (password is random number, requires mixed numbers and letters).

Method 1

[root@centos6-kvm3 shili]# cat 14-03.sh 
#!/bin/bash
. /etc/init.d/functions
if [ $UID -ne 0 ]
then
   echo "please use root."
   exit 1
fi
for n in {41..50}
do
  pass=`openssl rand -base64 10`
  if [ `grep -w "oldboy$n" /etc/passwd|wc -l` -eq 0 ]
  then 
	  useradd oldboy$n &>/dev/null &&\
	  echo $pass | passwd --stdin oldboy$n &&\
	  echo -e "oldboy$n\t$pass" >>/tmp/user.txt &&\
       action "oldboy$n is successful." /bin/true
  else
          action "oldboy$n is exist." /bin/false
  fi
done
[root@centos6-kvm3 shili]# 

Method 2

[root@centos6-kvm3 shili]# cat 14-03-01.sh 
#!/bin/bash
for n in `seq -w 11 20`
do
  pass=`openssl rand -base64 10`
  useradd oldboy$n
  echo  "oldboy$n:$pass" >>/tmp/chpasswd.log
done
chpasswd </tmp/chpasswd.log
[root@centos6-kvm3 shili]# 

(4) Scanning for live hosts in network memory.Write a shell script to determine the number of hosts in the current 10.0.0.0/24 network.Which are currently online and which are.

How to determine host survival.

①ping

-c times

-i interval

②nmap (yum)

nmap -sP 10.0.0.0/24

Method 1

[root@centos6-kvm3 shili]# cat 14-04.sh 
#!/bin/bash
for n in {1..254}
do
  {
  if `ping -c 1 -w 3 10.0.0.$n &>/dev/null`
   then
      echo "10.0.0.$n is up."
   else
      echo "10.0.0.$n is down."
   fi
   } &#&Represents parallelism
done

Method 2

[root@centos6-kvm3 shili]# nmap -sP 10.0.0.0/24 | awk '/Nmap scan report for/{print $NF}'

(5) Subdatabase backup of mysql database

mysql -uroot  -poldboy123 -e "show databases" | grep -v _scheme|sed -1d
//Repository backup:
mysqldump -B oldboy | gzip > bak.sql.gz

[root@centos6-kvm3 scripts]# vim mysql.sh
#!/bin/bash
path=/back
[ -d $path ] || mkdir $path -p
for dbname in `mysql -uroot -poldboy123 -e "show databases;" 2>/dev/null | grep -v _schema | sed -1d`
do
  mysqldump -uroot -poldboy123 -B $dbname | gzip >$path/${dbname}.sql.gz
done

(6) Case Analysis and Development of mysql Subdatabase and Subtable Backup

How to backup mysql database by adding sub-tables to the database is a script.

Answer:

mysqldump oldboy test test1| gzip >bak.sql.gz

1,oldboy library name

2, test\test1 are all table names

Method:

mysqldump -B oldboy |gzip >bak.sql.gz

mysqldump oldboy test1

mysqldump -B oldgril | gzip >bak.sql.gz

mysqldump oldgril test1

case

 mysql -uroot -poldboy123 -e "show tables from wordpress;" 2>/dev/null | sed -1d
 
 [root@centos6-kvm3 scripts]# cat mysql.sh
#!/bin/bash
path=/back
[ -d $path ] || mkdir $path -p
for dbname in `mysql -uroot -poldboy123 -e "show databases;" 2>/dev/null | grep -v _schema | sed 1d`
do
  for tname in `mysql -uroot -poldboy123 -e "show tables from $dbname;" 2>/dev/null | grep 1d `
  do
    if [ "$dbname" = "mysql" ]
    then
       mysqldump -uroot -poldboy123  $dbname $tname | gzip >$path/${dbname}_${tname}.sql.gz
    else
       mysqldump $dbname $tname | gzip >$path/${dbname}_${tname}.sql.gz
    fi
  done
done 
[root@centos6-kvm3 scripts]# 

(7) Professional scripts for batch distribution of files with SSH secret-free keys

There are three machines, m01, backup, nfs01. After Using ssh secret-free key to log in without password from M01 to the other two machines, please write a script to distribute any files from M01 in batch to any directory of the other two machines.

Secret-free environment generation:

[root@centos6-kvm3 scripts]# ssh-keygen 
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
12:af:26:77:1e:2d:2b:ce:94:aa:f9:be:c5:a3:c8:90 root@centos6-kvm3
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|                 |
|      .          |
|       o         |
|      . S        |
| .   . + .       |
|E   . X + .      |
| o o X.+ +       |
|  =+*oo.o        |
+-----------------+
[root@centos6-kvm3 scripts]# ll ~/.ssh/
total 8
-rw------- 1 root root 1675 Jan 27 21:48 id_rsa
-rw-r--r-- 1 root root  399 Jan 27 21:48 id_rsa.pub
[root@centos6-kvm3 scripts]# cd ~/.ssh/
[root@centos6-kvm3 .ssh]# ssh-copy-id id_rsa.pub 10.0.0.8

Case scripts

[root@centos6-kvm3 scripts]# cat fenfa.sh
#!/bin/bash
. /etc/init.d/functions
if [ $# -ne 2 ]
then
   echo "usage:$0 localdir remotedir"
   exit 1
fi

for n in 8 41 43
do
  scp -rp $1 10.0.0.$n:$2 &>/dev/null
  if [ $? -eq 0 ]
  then
     action "10.0.0.$n is successful" /bin/true
  else
    action "10.0.0.$n is failure" /bin/false
  fi

done
[root@centos6-kvm3 scripts]#

(8) Understanding Random Number Cases in RANDOM

The following strings are known to be the result of truncating a portion of the string after the RANDOM random number variable md5sum. Please decipher the corresponding numbers of these strings before using the md5sum process.

21029299

00205d1c

a3da1677

1f6d12dd

890684b

Answer:

[root@centos6-kvm3 .ssh]# cat random.sh
#!/bin/bash
array=(
21029299
00205d1c
a3da1677
1f6d12dd
890684b
)
funmd5(){
for n in {1..32767}
   do
     echo "$n\t `$n|md5sum`" >>/tmp/md5sum.log
   done
}

funjudge(){
for n in ${array[*]}
do
  if [ `echo grep $n /tmp/md5sum.log|wc -l` -eq 1 ]
  then
     echo `grep $n /tmp/md5sum.log`
  fi

done
}

main(){
funmd5
funjudge
}
main

[root@centos6-kvm3 .ssh]# 

Optimize Method 1:

[root@centos6-kvm3 .ssh]# cat random1.sh 
#!/bin/bash
array=(
21029299
00205d1c
a3da1677
1f6d12dd
890684b
)
funmd5(){
for n in {1..32767}
   do
     echo "$n\t `$n|md5sum`" >>/tmp/md5sum1.log
   done
}

funjudge(){
   char="`echo ${array[*]} | tr " " "|"`"

     egrep $char /tmp/md5sum1.log
}

main(){
funmd5
funjudge
}
main
[root@centos6-kvm3 .ssh]#

(9) Batch check for normal addresses of multiple websites

Enterprise Interview Question: Batch check if multiple website addresses are normal.

Requirement:

1. Use shell array method to implement, check policy to simulate user access as much as possible.

2. Make all tests every 10 seconds, and output alarms that cannot be accessed.

3. The addresses to be detected are as follows:

http://blog.oldboyedu.com

http://blog.ettiantian.org

http://www.luffycity.com

http://10.0.0.7

Answer: wget--spider #simulates a crawler and does not Download html files.

Method 1

Method 1
[root@centos6-kvm3 .ssh]# cat url.sh
#!/bin/bash
. /etc/init.d/functions
array=(
http://blog.oldboyedu.com
http://www.baidu.com
http://blog.ettiantian.org
http://www.luffycity.com
http://10.0.0.7
)
checkurl(){
        wget -t 2 -T 5 -o /dev/null -q $1
        if [ $? -eq 0 ]
        then
           action "$1 is successfull." /bin/true
        else
           action "$1 is failure." /bin/false
        fi
}

dealurl(){
      for n in ${array[*]}
      do 
        checkurl $n

      done

}

main(){
    while true
    do
          dealurl
          sleep 2
          echo "--------"
         
     done

}
main

[root@centos6-kvm3 .ssh]# 

Method 2

Method 2
[root@centos6-kvm3 .ssh]# cat url1.sh 
#!/bin/bash
. /etc/init.d/functions
array=(
http://blog.oldboyedu.com
http://www.baidu.com
http://blog.ettiantian.org
http://www.luffycity.com
http://10.0.0.7
)
checkurl(){
        wget -t 2 -T 5 -o /dev/null -q $1
        if [ $? -eq 0 ]
        then
           action "$1 is successfull." /bin/true
        else
           action "$1 is failure." /bin/false
        fi
}

dealurl(){
      for ((i=0;i<${#array[*]};i++))
      
      do 
        checkurl ${array[$i]}

      done

}

main(){
    while true
    do
          dealurl
          sleep 2
          echo "--------"
         
     done

}
main

[root@centos6-kvm3 .ssh]# 

Method 3

Method 3
[root@centos6-kvm3 .ssh]# cat url2.sh 
#!/bin/bash
. /etc/init.d/functions

checkurl(){
        wget -t 2 -T 5 -o /dev/null -q $1
        if [ $? -eq 0 ]
        then
           action "$1 is successfull." /bin/true
        else
           action "$1 is failure." /bin/false
        fi
}

dealurl(){
      while read line
      do 
        checkurl $line

      done < ./url.log

}

main(){
    while true
    do
          dealurl
          sleep 2
          echo "--------"
         
     done

}
main

[root@centos6-kvm3 .ssh]# 

(10) cases of dos attack resolution

Write a shell script to resolve dos attack generation cases.

Please monitor the number of concurrent IP connections or pv up to 100 in a short period of time, depending on the number of web logs or network connections (set by the reader according to the actual situation), that is, call the firewall command to block the corresponding ip.The firewall command is: iptables-I INPUT-s IP address-j DROP

Answer:

DOS deny of service

DDOS

Analysis:

1. Command to seal ip

Iptables-I INPUT-s IP address-j DROP

2. Number of web logs or network connections

Log file, netstat-an| grep-i EST sort de-weighting.

3. Judge that the number of pv or connections is greater than 100 and remove the ip back cover.

Methods to attack ip:

Method 1
[root@centos6-kvm3 scripts]# awk '{s[$1]++}END{for(key in s) print s[key],key}' access_2010-12-8.log | uniq  |sort -nr#Sort by data size, r reverse
35 59.33.26.105
23 123.122.65.226
8 124.115.4.18
//Method 2
[root@centos6-kvm3 scripts]# awk '{print $1}' access_2010-12-8.log | uniq -c | sort -nr
     35 59.33.26.105
     23 123.122.65.226
      8 124.115.4.18
[root@centos6-kvm3 scripts]# 
[root@centos6-kvm3 scripts]# cat dos.sh
#!/bin/bash
awk '{s[$1]++}END{for(key in s) print s[key],key}' access_2010-12-8.log  |sort -nr | head >/tmp/ip.log
while read line
do
  ip=`echo $line|awk '{print $2}'`
  count=`echo $line|awk '{print $1}'`
  if [ $count -gt 30 -a `grep "$ip" /tmp/drop.log|wc -l` -lt 1 ]
  then
     iptables -I INPUT -s `echo $line|awk '{print $2}'` -j DROP &&\
     echo "echo $line|awk '{print $2}'" >>/tmp/drop.log
  else
     echo "echo $line|awk '{print $2}'" >>/tmp/accept.log
  fi

done </tmp/ip.log
[root@centos6-kvm3 scripts]# 
[root@centos6-kvm3 scripts]# iptables -nL

How to get the number of network connections:

[root@centos6-kvm3 scripts]# awk -F "[ :]+" '/ESTAB/{S[$(NF-3)]++}END{for(k in S) print S[k],k}' netstat.log| sort -rn | head
[root@centos6-kvm3 scripts]# awk '/ESTAB/{print $(NF-1)}' netstat.log | awk -F ":" '{print $1}'| uniq -c | sort -rn |head
[root@centos6-kvm3 scripts]# vim dos1.sh 
#!/bin/bash
awk -F "[ :]+" '/ESTAB/{S[$(NF-3)]++}END{for(k in S) print S[k],k}' netstat.log| sort -rn | head >/tmp/ip.log
while read line
do
  ip=`echo $line|awk '{print $2}'`
  count=`echo $line|awk '{print $1}'`
  if [ $count -gt 30 -a `grep "$ip" /tmp/drop.log|wc -l` -lt 1 ]
  then
     iptables -I INPUT -s `echo $line|awk '{print $2}'` -j DROP &&\
     echo "echo $line|awk '{print $2}'" >>/tmp/drop.log
  else
     echo "echo $line|awk '{print $2}'" >>/tmp/accept.log
  fi

done </tmp/ip.log
[root@centos6-kvm3 scripts]# iptables -nL

(11) Developing mysql service startup and stop scripts

Requirements: Use functions, case statements, if statements, etc.

Answer:

/etc/init.d/mysqld {start | stop | restart}

Analysis:

1. Startup

Mysql_safe--user=mysql &Be sure to test successfully on the command line.

2. Stop

mysqladmin -uroot -ppasswd shutdown

killall,pkill

kill pid recommendation

[root@centos6-kvm3 scripts]# cat mysqld.sh 
# chkconfig: 2345 20 80
# description: mysql start stop

#!/bin/bash
lockfile=/var/lock/subsys/mysqld
. /etc/init.d/functions
mysqld_pid_file_path="/application/mysql/data/web01.pid"
mysqld_safe=/application/mysql/bin/mysqld_safe

start(){
    /bin/sh $mysqld_safe --datadir=/application/mysql/data --pid-file=$mysqld_pid_file_path &>/dev/null &
    retval=$?
    if [ $retval -eq 0 ]
     then
        action  "mysql start ok" /bin/true
        touch $lockfile
        return $retval
    else
        action "mysql start fail" /bin/false
        return $retval
    fi
}
stop(){
    if test -s "$mysqld_pid_file_path"
    then
       mysqld_pid=`cat $mysqld_pid_file_path`
       if (kill -0 $mysql_pid &>/dev/null) #Kill-0 check
       then
          kill $mysqld_pid
          retval=$?
          if [ $retval -eq 0 ]
          then
             action "mysql stop ok" /bin/true
             rm $lockfile
             return $retval
          else
              action "mysql stop fail" /bin/false
              return $retval
          fi
        else
            echo "mysqld process is not exits."
            return 2
       fi
    else
       echo "$mysqld_pid_file_path is not exist,or mysqld does not startup."  
  fi
}
case $1 in
     start)
        start
        retval=$?
        ;;
     stop)
        stop
        retval=$?
        ;;
     restart)
        stop 
        sleep 2
        start
        retval=$?
        ;;
     *)
        echo "usage:$0 {start|stop|restart}"
        exit 1
esac
exit $retval

[root@centos6-kvm3 scripts]# 

(12) Cases of word and letter reordering

Use shell scripts to process the following

1. Sort descending by word frequency.

2. Sort descending by alphabetical frequency.

the squid project provides a number of resources to assist users design,implement and support squid installations. Please browse the documentation and support sections for more infomation,by oldboy training.

1. Sort descending by word frequency.

Method 1:

[root@centos6-kvm3 scripts]# tr " ," "\n" <12.log | sort|uniq -c| sort -rn
 Replace space comma with carriage return

Method 2:

[root@centos6-kvm3 scripts]# tr " ," "\n" <12.log | awk '{S[$1]++}END{for(k in S) print S[k],k}'| sort -nr

Method 3

[root@centos6-kvm3 scripts]# xargs -n1 <12.log | sort|uniq -c|sort -nr

2. Sort the letters in descending order according to their frequency.

Method 1

[root@centos6-kvm3 scripts]# grep -o "[^ ]" 12.log | sort|uniq -c|sort -nr
[^ ]Represents non-empty

Method 2

[root@centos6-kvm3 scripts]# grep -o "[^ ]" 12.log | awk '{S[$1]++}END{for(k in S) print S[k],k}'|sort -rn

Method 3

[root@centos6-kvm3 scripts]# sed 's#[ ,\.]##g' 12.log | awk -F "" '{for(i=1;i<NF;i++)s[$i]++}END{for(k in s) print s[k],k}'| sort -nr

(13) Advanced method for reordering cases by word

Handle vertically:

[root@centos6-kvm3 scripts]# awk -F '[ ,.]+' '{for(i=1;i<NF;i++)s[$i]++}END{for(k in s) print s[k],k}' 12.log | sort -nr

Tags: Linux MySQL ssh mysqldump SQL

Posted on Wed, 29 Apr 2020 09:37:56 -0700 by kparker