Preface
- mac record and port scan script
- Develop system monitoring script
I. sharing of script programming steps
1.1 script programming steps
1.2 demand analysis
- According to the requirements of system management, the functions, levels, commands and statements of the script are analyzed
1.3 command test
- Test the commands to be used one by one to determine the options to be used, variables to be set, etc
1.4 script programming
- Write the tested command into the script file, and save, judge or alarm the execution result of the command through various statements
1.5 commissioning optimization
- Test the script and optimize it according to the results
- It is recommended to debug while programming, so as to reduce the occurrence of errors
II. mac record and port scanning script
2.1 enterprise environment description
- With the continuous development of business, more and more Linux servers are used by a company. In the process of system management and maintenance, it is often necessary to write some small scripts to assist operation and maintenance work and improve work efficiency
2.2 requirement description
- Write a small script named system.sh, record the mac address of each host in the local area network, and save it in the / etc/ethers file; if the file already exists, it should be transferred for backup first; one record per line, the first column is the ip address, the second column is the corresponding mac address
- Check which hosts have enabled anonymous ftp service. The scanning object is all ip addresses of the / etc/ethers file. The scanning port is 21
2.3 command test
- Analysis: record the mac address of each host in the LAN and save it in the / etc/ethers file; if the file already exists, it should be transferred for backup first; check which hosts have enabled anonymous ftp service, and scan all ip addresses of the / etc/ethers file, and scan port is 21
- arping -c 2 -w 1 -I network card name ip address / / send the mac address resolution request, or use ping
- Arp-n record mac
- awk print ip and mac address
- Testing ftp service with wget Download
[root@localhost ~]# arping -c 2 -w 1 -I ens33 192.168.247.134 ARPING 192.168.247.134 from 192.168.247.136 ens33 Unicast reply from 192.168.247.134 [00:0C:29:52:4D:89] 1.452ms Unicast reply from 192.168.247.134 [00:0C:29:52:4D:89] 1.182ms Sent 2 probes (1 broadcast(s)) Received 2 response(s)
To configure the ftp anonymous access mode, first enter the command "VI / etc / vsftpd / vsftpd. Conf" to open the ftp service specific configuration file
Make changes (some changes, no additions) (go to "×")
| parameter | Effect |
|---|---|
| anonymous_enable=YES | Allow anonymous access mode. |
| anon_umask=022 | umask value of the file uploaded by anonymous user. |
| anon_upload_enable=YES | Allow anonymous users to upload files |
| anon_mkdir_write_enable=YES | Allow anonymous users to create directories |
| anon_other_write_enable=YES | Allow anonymous users to modify or delete directory names |
2.4 script programming and debugging
- Send ARP request through arping command, use if statement to record mac address according to feedback result
- Assign the network segment address to the variable as the prefix of the detection address
- Using the loop statement, repeatedly detect the target and record the mac address. The host address is 1-254
- Filter out all ip addresses in / etc/ethers file by awk command, assign them to variables, read the ip addresses in variables by circular statement, and repeatedly detect the opening of ftp
#!/bin/bash
#Test whether the file exists, if so, back up the current file
[ -f /etc/ethers ]
if [ $? -eq 0 ]
then
cp -p /etc/ethers /etc/ethers.bak
fi
#To Ping 254 addresses, append the successful ip address and mac to / Ethernet
for ((i=134;i<=139;i++))
do
ping -c 3 -w 3 192.168.247.$i &> /dev/null
if [ $? -eq 0 ]
then
echo "192.168.247.$i survival"
fi
done
arp -n | grep "ether" | awk '{print $1,$3}' > /etc/ethers
#Check if nmap scanning software is installed
rpm -q nmap
if [ $? -eq 1 ]
then
yum clean all
yum list
yum install nmap -y
[ $? -eq 0 ] && echo "Not installed namp Scan tool, currently installed for you"
fi
#Check which ip has enabled the anonymous service ftp service, i.e. port 22
for a in $(cat /etc/ethers | awk '{print $1}')
do
m=$(nmap -sT $a -p 21 | awk '/ftp/{print $2}')
if [ $m = open ]
then
echo "$a open ftp service"
fi
doneIII. develop system monitoring script
3.1 enterprise environment description
- With the continuous development of business, a company uses more and more linux servers. The administrator wants to write a simple performance monitoring script and put it into each server to send an alarm email when the monitoring indicators are abnormal
3.2 requirement description
- Write a shell monitoring script named sysmon.sh
- The monitoring contents include CPU utilization, memory utilization and disk utilization of root partition
- Percentages are only accurate to bits, such as 7%, 12%, 23%, etc
- When any of the following conditions occurs: the disk utilization rate exceeds 90%, the cpu utilization rate exceeds 80%, and the memory utilization rate exceeds 90%. The alarm email is sent to the specified mailbox through the mail command
- Combined with the crond service, the monitoring script is executed every half an hour
3.3 idea and command test
- Analysis: monitoring content includes cpu utilization, memory utilization, and disk utilization of root partition
- df command
- awk command
- mpstat command (sysstat package is required)
- free command
- crontab command
3.4 script programming and debugging
- Use the df command to extract the disk occupancy of the root partition and assign it to the variable DUG
- Use the mpstat command to extract the cpu utilization and assign it to the variable CUG
- Use the free command to extract the memory usage and assign it to the variable MUG
- Use the if statement to determine whether the above monitoring items exceed the standard, and save the information to be alarmed to the file / tmp/alert.txt; if any, send it as an alarm email
- Debug optimization and set crontab plan
#!/bin/bash
#/Current occupancy of the root partition
DUG=$(df -Th | grep '/$' | awk '{print $6}' | sed 's/%//')
#Current idle utilization of cpu
CUG=$(mpstat | grep 'all' | awk '{print $13}' | awk -F. '{print $1}')
#Current memory usage
used=$(free | grep 'Mem' | awk '{print $3}')
total=$(free | grep 'Mem' | awk '{print $2}')
(( MUG = used*100/total))
genfenquzhanyong=The current root disk occupation does not reach the warning line 20%
cpukongxian=current cpu Idle resource is not lower than warning line 1%
neicunzhanyong=The current memory usage does not exceed the warning line of 10%
#When the root partition occupancy rate exceeds 10
if [ $DUG -gt 10 ]
then
echo `date` >> /tmp/alert.txt
echo "Current disk usage exceeds 10%" >> /tmp/alert.txt
genfenquzhanyong='The current root disk occupation exceeds the warning line by 20%,by $DUG%'
fi
#When the free memory of cpu is less than 20
if [ $CUG -lt 1 ]
then
echo `date` >> /tmp/alert.txt
echo "current cpu Free resources less than 1%" >> /tmp/alert.txt
cpukongxian='current cpu Idle resources below warning line 1%,by $CUG'
fi
if [ $MUG -gt 10 ]
then
echo `date` >> /tmp/alert.txt
echo "Current memory usage exceeds 10%" >> /tmp/alert.txt
neicunzhanyong='The current memory usage exceeds the warning line by 10%,by $MUG'
fi
rpm -q expect
if [ $? -ne 0 ]
then
yum install expect -y
fi
echo "$genfenquzhanyong,$cpukongxian,$neicunzhanyong" | mail "965483130@qq.com"
[root@localhost ~]# crontab -e -u root
[root@localhost ~]# crontab -l
30 * * * * /usr/bin/sh /root/sysmon.sh