shell编程实战学习(4) shell编程实战学习(4)
一、企业案列
1.1.1 企业案列(DDOS攻击)
1.根据访问ip统计uv
awk '{print $1}' access.log|sort | uniq -c |wc -l
2.统计访问ip统计pv
awk '{print $7}' access.log|wc -l
3.查询访问最频繁的URL
awk '{print $7}' access.log|sort | uniq -c |sort -n -k 1 -r|more
4.查询访问最频繁的IP
awk '{print $1}' access.log|sort | uniq -c |sort -n -k 1 -r|more
5.根据时间段统计查看日志
cat access.log| sed -n '/14/Mar/2015:21/,/14/Mar/2015:22/p'|more
6.阿里云端口检测扫描[root@blog ~]# netstat -an|awk -F "[ :]+" '/ESTABLISHED/{print $(NF-2)}'|sort|uniq -c|sort -nr|haed -10
- 域名访问去重统计
#unqp 去重命令 -c 统计 计数
#sort 排序命令 -r 倒序 -n 数字排序
[root@web01 ~]# cat test.txt
www.etiantian.org
bbs.etiantian.org
www.etiantian.org
blog.etiantian.org
www.etiantian.org
www.etiantian.org
blog.etiantian.org
www.etiantian.org
www.etiantian.org
www.etiantian.org
www.etiantian.org
[root@web01 ~]# sort test.txt|uniq -c
1 bbs.etiantian.org
2 blog.etiantian.org
8 www.etiantian.org
- DDOS攻击案列
[root@web01 /server/scripts]# cat ctrl_ddos1.sh
#!/bin/bash
#Author:chenhj
#Blog:https://www.cnblogs.com/woaiyunwei/
#Time:2020-05-26 17:17:38
#Name:ctrl_ddos.sh
#Version:V1.0
#Description:This is a test script.
function count_ip(){
awk -F "[ :]+" '/ESTABLISHED/{print $(NF-2)}' /root/netstat.log |sort|uniq -c |sort -nr|head -10 >/tmp/ip.log
while read line
do
ip=`echo $line|awk '{print $2}'`
count=`echo $line|awk '{print $1}'`
if [ $count -gt 10 ] && [ `iptables -nL|grep 29.39.210.20|wc -l` -eq 0 ]
then
iptables -I INPUT -s $ip -j DROP
echo "$ip dangerous iptbales drop ok"
else
echo "$ip security is ok " &>/dev/null
fi
done</tmp/ip.log
}
function main(){
while true
do
count_ip
sleep 120
done
}
main
===============================================
[root@web01 ~]# iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all -- 29.39.210.20 0.0.0.0/0 #被封掉的ip
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
二、for循环
2.1.1 for循环
- for循环语法格式
fi "变量名" in “变量取值列表”
do
指令
done
- 实例
[root@web01 /server/scripts]# cat for1.sh
#!/bin/bash
#Author:chenhj
#Blog:https://www.cnblogs.com/woaiyunwei/
#Time:2020-05-26 18:56:21
#Name:for1.sh
#Version:V1.0
#Description:This is a test script.
for n in {1..5}
do
echo $n
done
=======================================
[root@web01 /server/scripts]# sh for1.sh
1
2
3
4
5
=========================================
[root@web01 /server/scripts]# cat for1.sh
#!/bin/bash
#Author:chenhj
#Blog:https://www.cnblogs.com/woaiyunwei/
#Time:2020-05-26 18:56:21
#Name:for1.sh
#Version:V1.0
#Description:This is a test script.
for n in `seq 5`
do
echo $n
done
==========================================
[root@web01 /server/scripts]# sh for1.sh
1
2
3
4
5
- 第二种for循环称之为C语言型for循环,其结构如下:
for ((exp1;exp2;exp3))
do
指令
done
- 实例
[root@web01 /server/scripts]# cat for2.sh
#!/bin/bash
#Author:chenhj
#Blog:https://www.cnblogs.com/woaiyunwei/
#Time:2020-05-26 19:17:05
#Name:for2.sh
#Version:V1.0
#Description:This is a test script.
for ((i=1;i<=5;i++))
do
echo $i
done
================================================
[root@web01 /server/scripts]# sh for2.sh
1
2
3
4
5
- linux 随机数生成方法
[root@web01 ~]# openssl rand -base64 40
93cJHucaYR+eSdoWKOJtQSSa/aTjPaoIHpr9LEqjeC4Py4pNJBIuVQ==
[root@web01 ~]# openssl rand -base64 100
N5FCGGVQeWn/sSjqUMG7cKOhrvXqb6hvsefOcGVUj8EtxZKgv1OBARfuLNu5FUyp
zOq2T8p+fahHK3ChLjMJjxm1UaMTy8mksr5S7z6Z2ZL0wZ9PJvQNZX45glgEWNjo
p/jYig==
[root@web01 ~]# openssl rand -base64 10|cut -c 1-8 #利用cut -c 参数 可以截取你想要的长度
r8MhFCul
=======================================================
[root@web01 ~]# echo $RANDOM #RANDOM是shell的内置函数
15423
[root@web01 ~]# echo $RANDOM
11366
[root@web01 ~]# echo $RANDOM
5183
[root@web01 ~]# echo $RANDOM
29841
============================================================
#命令管道接md5sum也可以
[root@web01 ~]# uptime|md5sum
aab5cb04e7483f22e9a73895b8eac092 -
[root@web01 ~]# date|md5sum
a90ed78623aeb6df169ad9044444cb3c -
[root@web01 ~]# date|md5sum|cut -c 5-8
5fb2
[root@web01 ~]# date|md5sum|cut -c 1-8
14224313
[root@web01 ~]# uptime|md5sum|cut -c 1-8
ba9bf319
============================================
[root@web01 ~]# mkpasswd #这个命令需要安装expect
+ci02sBQo
[root@web01 ~]# mkpasswd
x5et!Z4xH
[root@web01 ~]# mkpasswd
:zytr83JV
[root@web01 ~]# mkpasswd
gK:25pcyA
[root@web01 ~]# mkpasswd -l 15 -d 3 -C 5 #-l 密码长度 -d密码中数字的数量 -c指定小写字母的数量 -C指定大写字母的数量 -s 指定特殊字符的数量
dKo2LF7t}dJAmy7
- 使用for循环在/oldboy目录下批量创建10个HTML文件,其中每个文件需要包含10个随机小写字母加固定字符串oldboy
#[root@web01 ~]# openssl rand -base64 10|tr '[0-9A-Z]' '[a-z]'|cut -c 1-8
#[root@web01 ~]# openssl rand -base64 10|sed 's#[^a-z]##g' #推荐这个
[root@web01 ~]# openssl rand -base64 40|sed 's#[^a-z]##g'|cut -c 1-10
tkxvoenndr
=======================================================================
[root@web01 /server/scripts]# cat for_touch.sh
#!/bin/bash
#Author:chenhj
#Blog:https://www.cnblogs.com/woaiyunwei/
#Time:2020-05-26 19:30:22
#Name:for_touch.sh
#Version:V1.0
#Description:This is a test script.
[ -d /oldboy ] && cd /oldboy||{
mkdir /oldboy
cd /oldboy
}
for ((i=1;i<=10;i++))
do
RAND=`openssl rand -base64 40|sed 's#[^a-z]##g'|cut -c 1-10`
touch ${RAND}_oldboy.html
done
===================================================================
[root@web01 /server/scripts]# sh for_touch.sh
[root@web01 /server/scripts]# ll /oldboy/
total 0
-rw-r--r-- 1 root root 0 May 26 20:50 dkhhcttuyl_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 fwstbokeyp_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 jslxvuyiot_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 jtpytqtosv_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 ntnggassov_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 qkgctyxmyx_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 rakhfgkahs_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 riumnrwkrp_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 xxxcvwcmxy_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 zbzlgrzdpo_oldboy.html
- 利用for循环批量改名
#rename
[root@web01 /oldboy]# ll
total 0
-rw-r--r-- 1 root root 0 May 26 20:50 dkhhcttuyl_oldgirl.HTML
-rw-r--r-- 1 root root 0 May 26 20:50 fwstbokeyp_oldgirl.HTML
-rw-r--r-- 1 root root 0 May 26 20:50 jslxvuyiot_oldgirl.HTML
-rw-r--r-- 1 root root 0 May 26 20:50 jtpytqtosv_oldgirl.HTML
-rw-r--r-- 1 root root 0 May 26 20:50 ntnggassov_oldgirl.HTML
-rw-r--r-- 1 root root 0 May 26 20:50 qkgctyxmyx_oldgirl.HTML
-rw-r--r-- 1 root root 0 May 26 20:50 rakhfgkahs_oldgirl.HTML
-rw-r--r-- 1 root root 0 May 26 20:50 riumnrwkrp_oldgirl.HTML
-rw-r--r-- 1 root root 0 May 26 20:50 xxxcvwcmxy_oldgirl.HTML
-rw-r--r-- 1 root root 0 May 26 20:50 zbzlgrzdpo_oldgirl.HTML
[root@web01 /oldboy]# rename "oldgirl.HTML" "oldboy.html" *.HTML
[root@web01 /oldboy]# ll
total 0
-rw-r--r-- 1 root root 0 May 26 20:50 dkhhcttuyl_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 fwstbokeyp_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 jslxvuyiot_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 jtpytqtosv_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 ntnggassov_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 qkgctyxmyx_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 rakhfgkahs_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 riumnrwkrp_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 xxxcvwcmxy_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 zbzlgrzdpo_oldboy.html
================================================
#mv
[root@web01 /server/scripts]# cat for_mv.sh
#!/bin/bash
#Author:chenhj
#Blog:https://www.cnblogs.com/woaiyunwei/
#Time:2020-05-26 21:00:16
#Name:for_mv.sh
#Version:V1.0
#Description:This is a test script.
cd /oldboy
for file1 in `ls`
do
mv $file1 ${file1/oldboy.html/oldgirl.HTML}
done
=====================================================
[root@web01 /server/scripts]# ls /oldboy/
dkhhcttuyl_oldgirl.HTML jslxvuyiot_oldgirl.HTML ntnggassov_oldgirl.HTML rakhfgkahs_oldgirl.HTML xxxcvwcmxy_oldgirl.HTML
fwstbokeyp_oldgirl.HTML jtpytqtosv_oldgirl.HTML qkgctyxmyx_oldgirl.HTML riumnrwkrp_oldgirl.HTML zbzlgrzdpo_oldgirl.HTML
================================================================
#命令行拼接不用for循环
[root@web01 /oldboy]# ls
fwstbokeyp_oldgirl.HTML
jslxvuyiot_oldgirl.HTML
jtpytqtosv_oldgirl.HTML
ntnggassov_oldgirl.HTML
qkgctyxmyx_oldgirl.HTML
rakhfgkahs_oldgirl.HTML
riumnrwkrp_oldgirl.HTML
xxxcvwcmxy_oldgirl.HTML
zbzlgrzdpo_oldgirl.HTML
[root@web01 /oldboy]# ls *|awk -F "_" '{print "mv",$0,$1"_oldboy.html"}'|bash
[root@web01 /oldboy]# ll
total 0
-rw-r--r-- 1 root root 0 May 26 20:50 dkhhcttuyl_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 fwstbokeyp_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 jslxvuyiot_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 jtpytqtosv_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 ntnggassov_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 qkgctyxmyx_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 rakhfgkahs_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 riumnrwkrp_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 xxxcvwcmxy_oldboy.html
-rw-r--r-- 1 root root 0 May 26 20:50 zbzlgrzdpo_oldboy.html
- 筛选出下列长度小于等于6的单词
#I am oldboy teacher welcome to oldboy training class
[root@web01 /server/scripts]# cat for_lt.sh
#!/bin/bash
#Author:chenhj
#Blog:https://www.cnblogs.com/woaiyunwei/
#Time:2020-05-27 10:40:46
#Name:for_lt.sh
#Version:V1.0
#Description:This is a test script.
ct_word="I am oldboy teacher welcome to oldboy training class"
for n in $ct_word
do
if [ ${#n} -le 6 ]
then
echo $n
fi
done
=====================================================================
[root@web01 /server/scripts]# sh for_lt.sh
I
am
oldboy
to
oldboy
class
2.1.2 循环控制命令
1.说明
| 控制命令 | 作用说明 |
|---|---|
| break n | 如果省略n 表示跳出整个循环,n表示跳出循环的层数 |
| continue n | 如果省略n表示跳过本次循环 ,忽略本次循环的剩余代码,进入循环的下一次循环 n 表示退到第n层继续循环 |
| exit n | 退出当前shell 程序,n为上一次程序执行的状态返回值。n也可以省略,再下一个shell里可以通过¥?接受exit n的n值 |
| return | 用于在函数里,作为函数的返回值,用于判断函数执行是否正确。在下一个shell里通过$?接受return n的 n值 |
- 实例
#continue
[root@web01 /server/scripts]# cat for_cred.sh
#!/bin/bash
#Author:chenhj
#Blog:https://www.cnblogs.com/woaiyunwei/
#Time:2020-05-27 14:35:46
#Name:for.creb.sh
#Version:V1.0
#Description:This is a test script.
for n in {1..5}
do
if [ $n -eq 3 ]
then
continue
fi
echo $n
done
echo ok
[root@web01 /server/scripts]# sh for_cred.sh
1
2
4
5
ok
#匹配到3就不打印3跳出3这个循环,进入下一个循环
================================================
#break 退出循环
[root@web01 /server/scripts]# cat for_cred.sh
#!/bin/bash
#Author:chenhj
#Blog:https://www.cnblogs.com/woaiyunwei/
#Time:2020-05-27 14:35:46
#Name:for.creb.sh
#Version:V1.0
#Description:This is a test script.
for n in {1..5}
do
if [ $n -eq 3 ]
then
break
fi
echo $n
done
echo ok
[root@web01 /server/scripts]# sh for_cred.sh
1
2
ok
#匹配到3就跳出循环
=======================================
#return 退出当前函数循环,执行下一个函数
[root@web01 /server/scripts]# cat for_cred.sh
#!/bin/bash
#Author:chenhj
#Blog:https://www.cnblogs.com/woaiyunwei/
#Time:2020-05-27 14:35:46
#Name:for.creb.sh
#Version:V1.0
#Description:This is a test script.
function main(){
for n in {1..5}
do
if [ $n -eq 3 ]
then
return
fi
echo $n
done
}
function echo_ret(){
echo "server ok"
}
main
echo ok
echo_ret
[root@web01 /server/scripts]# sh for_cred.sh
1
2
ok
server ok
===============================================
#exit 直接退出脚本
[root@web01 /server/scripts]# cat for_cred.sh
#!/bin/bash
#Author:chenhj
#Blog:https://www.cnblogs.com/woaiyunwei/
#Time:2020-05-27 14:35:46
#Name:for.creb.sh
#Version:V1.0
#Description:This is a test script.
function main(){
for n in {1..5}
do
if [ $n -eq 3 ]
then
exit
fi
echo $n
done
}
function echo_ret(){
echo "server ok"
}
main
echo ok
echo_ret
[root@web01 /server/scripts]# sh for_cred.sh
1
2
- 分析Nginx访问日志中每行的访问字节数对应的字段相加,计算出的总访问量
[root@web01 /server/scripts]# cat for.acc.sh
#!/bin/bash
#Author:chenhj
#Blog:https://www.cnblogs.com/woaiyunwei/
#Time:2020-05-27 14:16:37
#Name:for.acc.sh
#Version:V1.0
#Description:This is a test script.
sum=0
for i in `awk '{print $10}' access.log`
do
if [[ ! $i =~ ^[0-9]+$ ]]
then
continue
else
((sum=sum+i))
fi
done
echo $sum
=================================================
[root@web01 /server/scripts]# sh for.acc.sh
2111