(1)ssh连接三次以上失败则加入到黑名单中
#!/bin/bash #在/var/log/secure查找连接失败的主机,并统计次数 #累计连接失败超过3次,将此主机加入系统黑名单(/etc/hosts.deny) [root@server tmp]# cat ssh.sh #!/bin/bash cat /var/log/secure | awk '/Failed/{print $(NF-3)}' | sort | uniq -c | awk '{print $2"="$1}' > /tmp/blacklist MAXCOUNT="3" for i in `cat /tmp/blacklist` do IP=`echo $i | awk -F= '{print $1}'` ##取出主机IP NUM=`echo $i | awk -F= '{print $2}'` ##取出失败次数 if [ $NUM -gt $MAXCOUNT ]; then ###屏蔽IP前先确认此IP是否已经存在 grep $IP /etc/hosts.deny > /dev/null if [ $? -gt 0 ]; then echo "sshd:$IP" >> /etc/hosts.deny fi fi done ###然后用ssh连接失败六次 [root@server tmp]# sh ssh.sh [root@server tmp]# cat /tmp/blacklist 172.25.254.19=6 172.25.254.64=1 [root@server tmp]# cat /etc/hosts.deny # hosts.deny This file contains access rules which are used to # deny connections to network services that either use # the tcp_wrappers library or that have been # started through a tcp_wrappers-enabled xinetd. # # The rules in this file can also be set up in # /etc/hosts.allow with a 'deny' option instead. # # See 'man 5 hosts_options' and 'man 5 hosts_access' # for information on rule syntax. # See 'man tcpd' for information on tcp_wrappers # sshd:172.25.254.19 ##已经加入到黑名单(2)创建数据库tom,harry,natasha,并在其中建立表,并备份三个数据库
[root@server tmp]# cat mysql.sh #!/bin/bash MYUSER=root MYPASS=westos MYCMD="mysql -u$MYUSER -p$MYPASS" MYDUMP="mysqldump -u$MYUSER -p$MYPASS" DBPATH=/home/backup for dbname in tom harry natasha do $MYCMD -e "create database $dbname" done [ ! -d "$DBPATH" ] && mkdir -p $DBPATH for dbname in tom harry natasha do $MYDUMP $dbname | gzip > $DBPATH/${dbname}_$(date +%F).sql.gz done for dbname in tom harry natasha do $MYCMD -e "use $dbname;create table test(id int,name varchar(20));insert into test values(1,'westos');" done for dbname in tom harry natasha do echo ========$dbname}.test======== $MYCMD -e "use $dbname;select * from ${dbname}.test;" done [root@server tmp]# sh mysql.sh ========tom}.test======== +------+--------+ | id | name | +------+--------+ | 1 | westos | +------+--------+ ========harry}.test======== +------+--------+ | id | name | +------+--------+ | 1 | westos | +------+--------+ ========natasha}.test======== +------+--------+ | id | name | +------+--------+ | 1 | westos | +------+--------+(3)数据库备份,执行script.sh $dbpasswd 备份数据库中所有库到/mnt/mysqldump目录中,备份文件名称为“库名称.sql”,当此文件存在时进入交互模式,询问动作,输入“s”跳过备份,输入“b”,备份“库名称.sql”为“库名称_backup.sql”,输入“O”时,覆盖原文件,e表示退出
[root@server tmp]# cat mysqldump.sh #!/bin/bash mkdir -p /mnt/mysqldump DATABASE=`mysql -uroot -pwestos -e "show databases;" | sed '1,2d' | egrep -v "mysql|schema"` for MYSQL_NAME in $DATABASE do if [ -e /mnt/mysqldump/${MYSQL_NAME}.sql ]; then read -p "${MYSQL_NAME} has been dumped! [S]kip [B]ackup [O]verwrite [E]xit please input the action:" ACTION case $ACTION in s|S) ;; b|B) mysqldump -uroot -p$1 $MYSQL_NAME > /mnt/mysqldump/${MYSQL_NAME}_backup.sql ;; o|O) mysqldump -uroot -p$1 $MYSQL_NAME > /mnt/mysqldump/${MYSQL_NAME}.s ql ;; e|E) echo -e "ByeBye~" exit 0 ;; esac else mysqldump -uroot -p$1 $MYSQL_NAME > /mnt/mysqldump/${MYSQL_NAME}.sql echo -e "$MYSQL_NAME is backuped!" fi done