Some small exercises of Shell under Linux

Keywords: ftp shell Linux network

Brief answer

1. Count the number of files under / var/log.

find /var/log/ ! -type d |wc -l
//Or l l - R / var / log / | egrep "^ [SL -] [RWX -] {9}" | WC - L

3. Write a script to judge which ip address is currently online in the 192.168.1.0/24 network, and which ip address can be ping ed according to the general rule

#!/bin/bash
#
while true; do
  for I in {1..255};do
    ping -c 2 -w 2 192.168.1.$I &>/dev/null
    if [ $? -eq 0 ]; then
      echo -e "\033[32;40m 192.168.1.$I is UP.\033[0m"
    fi
  done
    break
done

4. Based on the following information:

IP_Address		MAC_Address 		Interface 	Static
10.66.10.250 	80:71:7A:33:CA:A7 	br 			on
10.66.10.249 	5C:50:15:7F:3B:F5 	br 			on

Add the above file name test.txt IP in file_ Address,MAC_ The contents under address and interface are extracted, and the values are divided by ":" and displayed in format. Note:
10.66.10.250:80:71:7A:33:CA:A7:br
10.66.10.249:5C:50:15:7F:3B:F5:br

awk 'NR!=1{OFS=":";print $1,$2,$3}' test.txt

5. There are four ways to assign variables in the shell, in which name is used= oupeng.com Direct assignment uses the read command to use command line parameters to use command output

Direct assignment

6. Write a script, check the log once in 5 minutes, if there is violent SSH cracking, extract such IP address, de duplicate it, and sort it in descending order.

Requirements: when the same IP is brutally cracked more than 10 times, the IP address will be automatically masked. The designated office IP address (192.168.100.100) is a trusted IP address, which is not limited by the shielding rules. The following is the log format:

May 4 03:43:07 tz-monitor sshd{14003}: Failed password for root from 124.232.135.84 port 25251 ssh2
Myy 4 03:43:07 tz-monitor sshd{14082}: invalid user postgres from 124.232.135.84
vim /server/scripts/fairban.sh
#!/bin/bash
awk '/Failed password/{count[$(NF-3)]++}END{for (ip in count) if(count[ip]>=10){print count[ip],ip}}' /var/log/secure > /tmp/count_ip.txt
while read line
do
  IP=$(echo $line |awk '{print $2}')
  if [ "$IP" != "192.168.100.100" ];then
    if ! grep -w $IP /tmp/drop_ip.txt &> /dev/null;then
      iptables -I INPUT -s $IP -j DROP
      echo $IP >> /tmp/drop_ip.txt
    fi
  fi
done < /tmp/count_ip.txt

7. To check IP address compliance, write code in shell and list IP addresses that do not start with 199 or 200, such as 199.x.x.x or 200.x.x.x

Address file:

Interface Physical Protocol IP Adderss
	Eth1/0/1 up up 199.11.250.1
	Eth1/0/2 up up 200.11.250.5
	Loop0 up up(s) 199.11.250.1
	Vlan1 *down down unassigned
	Vlan500 down down 139.100.1.157
	Vlan900 up up 140.11.250.41
#!/bin/bash
while read line
do
  isnum=$(echo $line | awk -F "[ .]+" '{print $(NF-3)}')
  if [[ $isnum =~ ^[0-9]+$ ]];then
    if [ $isnum -ne 199 ] && [ $isnum -ne 200 ];then
      echo $line | awk  '{print $NF}'
    fi
  fi
done < /tmp/config.txt

8. Process the following file contents, extract and count the domain name, such as processing:

	http://www.baidu.com/index.html
	http://www.baidu.com/1.html
	http://post.baidu.com/index.html
	http://mp3.baidu.com/index.html
	http://www.baidu.com/3.html
	http://post.baidu.com/2.html
awk -F '/' '{count[$3]++}END{for (url in count) print count[url],url}' url.txt |sort -rn

9. Under the Linux operating system environment of a single server, write a line of command, and set all the data of the machine as "" log.bak "It is the suffix file. It is packed, compressed and uploaded to FTP. The FTP address is 123.234.25.130 in the / home/bak folder

cd /
find -type f -name "*.log.bak" |xargs tar zcf /tmp/all.tar.gz
ftp -i -n <<FTPIT
open 123.234.25.130
user username_xxx password_xxx
bin
passive
hash
cd /home/bak
lcd /tmp
put all.tar.gz
quit
FTPIT

10. Linux script: now you want to delete some files in this machine, / root/file.list The absolute path of these files is recorded in. Please implement it with script. /root/file.list Content example / tmp/1.file

#!/bin/bash
while read line
do
  rm $line -f
done < /root/file.list

Posted by Moon-Man.net on Fri, 12 Jun 2020 21:16:01 -0700