Some small exercises of Shell under Linux

Keywords: ftp shell Linux network

Brief answer

1. Count the number of files under / var/log.

find /var/log/ ! -type d |wc -l
//Or l l - R / var / log / | egrep "^ [SL -] [RWX -] {9}" | WC - L

3. Write a script to judge which ip address is currently online in the network, and which ip address can be ping ed according to the general rule

while true; do
  for I in {1..255};do
    ping -c 2 -w 2 192.168.1.$I &>/dev/null
    if [ $? -eq 0 ]; then
      echo -e "\033[32;40m 192.168.1.$I is UP.\033[0m"

4. Based on the following information:

IP_Address		MAC_Address 		Interface 	Static 	80:71:7A:33:CA:A7 	br 			on 	5C:50:15:7F:3B:F5 	br 			on

Add the above file name test.txt IP in file_ Address,MAC_ The contents under address and interface are extracted, and the values are divided by ":" and displayed in format. Note:

awk 'NR!=1{OFS=":";print $1,$2,$3}' test.txt

5. There are four ways to assign variables in the shell, in which name is used= Direct assignment uses the read command to use command line parameters to use command output

Direct assignment

6. Write a script, check the log once in 5 minutes, if there is violent SSH cracking, extract such IP address, de duplicate it, and sort it in descending order.

Requirements: when the same IP is brutally cracked more than 10 times, the IP address will be automatically masked. The designated office IP address ( is a trusted IP address, which is not limited by the shielding rules. The following is the log format:

May 4 03:43:07 tz-monitor sshd{14003}: Failed password for root from port 25251 ssh2
Myy 4 03:43:07 tz-monitor sshd{14082}: invalid user postgres from
vim /server/scripts/
awk '/Failed password/{count[$(NF-3)]++}END{for (ip in count) if(count[ip]>=10){print count[ip],ip}}' /var/log/secure > /tmp/count_ip.txt
while read line
  IP=$(echo $line |awk '{print $2}')
  if [ "$IP" != "" ];then
    if ! grep -w $IP /tmp/drop_ip.txt &> /dev/null;then
      iptables -I INPUT -s $IP -j DROP
      echo $IP >> /tmp/drop_ip.txt
done < /tmp/count_ip.txt

7. To check IP address compliance, write code in shell and list IP addresses that do not start with 199 or 200, such as 199.x.x.x or 200.x.x.x

Address file:

Interface Physical Protocol IP Adderss
	Eth1/0/1 up up
	Eth1/0/2 up up
	Loop0 up up(s)
	Vlan1 *down down unassigned
	Vlan500 down down
	Vlan900 up up
while read line
  isnum=$(echo $line | awk -F "[ .]+" '{print $(NF-3)}')
  if [[ $isnum =~ ^[0-9]+$ ]];then
    if [ $isnum -ne 199 ] && [ $isnum -ne 200 ];then
      echo $line | awk  '{print $NF}'
done < /tmp/config.txt

8. Process the following file contents, extract and count the domain name, such as processing:
awk -F '/' '{count[$3]++}END{for (url in count) print count[url],url}' url.txt |sort -rn

9. Under the Linux operating system environment of a single server, write a line of command, and set all the data of the machine as "" log.bak "It is the suffix file. It is packed, compressed and uploaded to FTP. The FTP address is in the / home/bak folder

cd /
find -type f -name "*.log.bak" |xargs tar zcf /tmp/all.tar.gz
ftp -i -n <<FTPIT
user username_xxx password_xxx
cd /home/bak
lcd /tmp
put all.tar.gz

10. Linux script: now you want to delete some files in this machine, / root/file.list The absolute path of these files is recorded in. Please implement it with script. /root/file.list Content example / tmp/1.file

while read line
  rm $line -f
done < /root/file.list

Posted by on Fri, 12 Jun 2020 21:16:01 -0700