0 说明{
手册制作: 雪松 更新日期: 2020-03-06 github更新下载地址: https://github.com/liquanzhou/ops_doc
}
1 文件{
ls -rtl touch file rm -rf dirname dos2unix unix2dos enca filename md5sum ln sourcefile newfile ln -s sourcefile newfile readlink -f /data cat file | nl |less head head -c 10m split -C 10M tail -f file tail -F file file umask uniq uniq -c uniq -u paste a b paste -d'+' a b paste -s a chattr +i /etc/passwd more locate aaa wc -l file cp filename{,.bak} \cp a b rev comm -12 2 3 echo "10.45aa" |cksum iconv -f gbk -t utf8 source.txt > new.txt xxd /boot/grub/stage1 hexdump -C /boot/grub/stage1 rename source new file watch -d -n 1 'df; ls -FlAt /path' cp -v /dev/dvd /rhel4.6.iso9660 diff suzu.c suzu2.c > sz.patch patch suzu.c < sz.patch
sort排序{
-t -n -r -f -d -c -b -M -k -m -T -o
sort -n sort -nr sort -u sort -m a.txt c.txt sort -n -t' ' -k 2 -k 3 a.txt sort -n -t':' -k 3r a.txt sort -k 1.3 a.txt sort -t" " -k 2n -u a.txt
}
find查找{
find /etc -name "*http*" find . -type f find / -perm find / -user find / -group find / -atime -n find / -atime +n find / -mtime +n find / -ctime +n find / -mmin +30 find / -size +1000000c -print find /etc -name "*passwd*" -exec grep "xuesong" {} \; find . -name 't*' -exec basename {} \; find . -type f -name "err*" -exec rename err ERR {} \; find path -name *name1* -or -name *name2*
}
vim编辑器{
set smartindent set tabstop=4 set shiftwidth=4 set expandtab set softtabstop=4 set noautoindent set nosmartindent set paste set clipboard=unnamed
gconf-editor /etc/vimrc vim +24 file vim file1 file2 vim -r file vim -O2 file1 file2 vim -on file1 file2 Ctrl+ U Ctrl+ D Ctrl+ww Ctrl+w +or-or= :sp filename :vs filename :set nu :set nonu :nohl :set paste :set autoindent :set ff :set binary :%s/str/newstr/g :200 G dd 11111dd r R u * $ 0 X v = Ctrl+v Ctrl+v I ESC Ctrl+v s ESC
}
归档解压缩{
tar zxvpf gz.tar.gz dir tar zcvpf /$path/gz.tar.gz * tar zcf /$path/gz.tar.gz * tar ztvpf gz.tar.gz tar xvf 1.tar -C dir tar -cvf 1.tar * tar tvf 1.tar tar -rvf 1.tar filename tar --exclude=/home/dmtsai --exclude=*.tar -zcvf myfile.tar.gz /home/* /etc tar -N "2005/06/01" -zcvf home.tar.gz /home tar -zcvfh home.tar.gz /home tar zcf - ./ | ssh root@IP "tar zxf - -C /xxxx" zgrep str 1.gz bzip2 -dv 1.tar.bz2 bzip2 -v 1.tar bzcat gzip file gunzip file.gz gzip -r dir/ gzip -r -d dir/ gzip -dv 1.tar.gz gzip -v 1.tar unzip zip.zip zip zip.zip * rar a rar.rar *.jpg unrar x rar.rar
}
文件ACL权限控制{
getfacl 1.test setfacl -R -m u:xuesong:rw- 1.test
}
svn{
--force /usr/bin/svn --username user --password passwd co $Code ${SvnPath}src/ /usr/bin/svn --username user --password passwd up $Code ${SvnPath}src/ /usr/bin/svn --username user --password passwd export $Code$File ${SvnPath}src/$File /usr/bin/svn --username user --password passwd export -r 版本号 svn路径 本地路径 --force
}
git{
git clone git@10.10.10.10:gittest.git ./gittest/ git clone -b develop --depth=1 http://git.a.com/d.git git status git log -n 1 --stat git branch -a git checkout developing git checkout -b release git checkout -b release origin/master git push origin --delete release git push origin release git pull git fetch -f -p git reset --hard origin/master git add . git commit -m "gittest up" git push git push [-u origin master] git tag [-a] dev-v-0.11.54 [-m 'fix #67'] git tag -l dev-v-0.11.54 git push origin --tags git reset --hard git rm -r -n --cached ./img git rm -r --cached ./img git init --bare smc-content-check.git git config --global credential.helper store git config [--global] user.name "your name" git config [--global] user.email "your email" git config [--global] user.name git config [--global] user.email git config --global --edit git config --edit git cherry-pick <commit id> git log --pretty=format:'%h: %s' 9378b62..HEAD git config --global core.ignorecase false git ls-remote --heads origin refs/heads/test
从远端拉一份新的{ git fetch --hard origin/master git reset --hard origin/master }
删除远程分支并新建{ git checkout master git branch -r -d origin/test git push origin :test git branch -d test git branch -a |grep test git checkout -b test git push origin test
git reset --hard origin/test }
迁移git项目{ git branch -r | grep -v '\->' | while read remote; do git branch --track "${remote#origin/}" "$remote"; done git fetch --all git pull --all git remote set-url origin git@git.github.cn:server/gw.git git push --all } }
恢复rm删除的文件{
df -T umount /data/ ext3grep /dev/sdb1 --ls --inode 2 ext3grep /dev/sdb1 --ls --inode 131081 ext3grep /dev/sdb1 --restore-inode 49153
}
openssl{
openssl rand 15 -base64 openssl sha1 filename openssl md5 filename openssl base64 filename.txt openssl base64 -d filename.bin openssl enc -aes-128-cbc filename.aes-128-cbc openssl enc -d -aes-128-cbc -in filename.aes-128-cbc > filename
}
}
2 软件{
rpm{
rpm -ivh lynx rpm -e lynx rpm -e lynx --nodeps rpm -qa rpm -qa | grep lynx rpm -ql rpm -Uvh rpm --test lynx rpm -qc rpm --initdb rpm --rebuilddb
}
yum{
yum list yum install 包名 yum -y update yum -y update 软件包名 yum -y upgrade yum search mail yum grouplist yum -y groupinstall "Virtualization" repoquery -ql gstreamer yum clean all
}
yum使用epel源{
rpm -Uvh http://mirrors.hustunique.com/epel//6/x86_64/epel-release-6-8.noarch.rpm
yum install epel-release
}
自定义yum源{
find /etc/yum.repos.d -name "*.repo" -exec mv {} {}.bak \;
vim /etc/yum.repos.d/yum.repo [yum] baseurl=http://10.0.0.1/centos5.5 enable=1
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
}
编译{
源码安装{
./configure --help ./configure --prefix=/usr/local/ make make install make clean
}
perl程序编译{
perl Makefile.PL make make test make install
}
python程序编译{
python file.py
python setup.py build python setup.py install
}
编译c程序{
gcc -g hello.c -o hello
}
}
}
3 系统{
wall whereis ls which locate clear reset cal echo -n 123456 | md5sum mkpasswd netstat -ntupl | grep port ntpdate cn.pool.ntp.org tzselect /sbin/hwclock -w /etc/shadow LANG=en vim /etc/sysconfig/i18n export LC_ALL=C vi /etc/hosts alias watch uptime ipcs -a ldconfig ldd `which cmd` dist-upgrade /boot/grub/grub.conf ps -mfL <PID> ps uxm |wc -l top -p PID -H lsof |wc -l lsof |grep /lib sysctl -a sysctl -p strace -p pid ps -eo "%p %C %z %a"|sort -k3 -n strace uptime 2>&1|grep open grep Hugepagesize /proc/meminfo mkpasswd -l 8 -C 2 -c 2 -d 4 -s 0 echo 1 > /proc/sys/net/ipv4/tcp_syncookies grep Swap /proc/25151/smaps |awk '{a+=$2}END{print a}' redir --lport=33060 --caddr=10.10.10.78 --cport=3306
开机启动脚本顺序{
/etc/profile /etc/profile.d/*.sh ~/bash_profile ~/.bashrc /etc/bashrc
}
进程管理{
ps -eaf kill -9 PID kill -15 PID cmd & nohup cmd & ctrl+z jobs bg 2 fg 2 pstree vmstat 1 9 sar lsof file lsof -i:32768 renice +1 180 exec sh a.sh
ps{
ps aux |grep -v USER | sort -nk +4 | tail %CPU %MEM VSZ RSS START 占用的虚拟内存大小 = VSZ - RSS
ps -eo pid,lstart,etime,args
}
top{
前五行是系统整体的统计信息。 第一行: 任务队列信息,同 uptime 命令的执行结果。内容如下: 01:06:48 当前时间 up 1:22 系统运行时间,格式为时:分 1 user 当前登录用户数 load average: 0.06, 0.60, 0.48 系统负载,即任务队列的平均长度。 三个数值分别为 1分钟、5分钟、15分钟前到现在的平均值。
第二、三行:为进程和CPU的信息。当有多个CPU时,这些内容可能会超过两行。内容如下: Tasks: 29 total 进程总数 1 running 正在运行的进程数 28 sleeping 睡眠的进程数 0 stopped 停止的进程数 0 zombie 僵尸进程数 Cpu(s): 0.3% us 用户空间占用CPU百分比 1.0% sy 内核空间占用CPU百分比 0.0% ni 用户进程空间内改变过优先级的进程占用CPU百分比 98.7% id 空闲CPU百分比 0.0% wa 等待输入输出的CPU时间百分比 0.0% hi 0.0% si
第四、五行:为内存信息。内容如下: Mem: 191272k total 物理内存总量 173656k used 使用的物理内存总量 17616k free 空闲内存总量 22052k buffers 用作内核缓存的内存量 Swap: 192772k total 交换区总量 0k used 使用的交换区总量 192772k free 空闲交换区总量 123988k cached 缓冲的交换区总量。 内存中的内容被换出到交换区,而后又被换入到内存,但使用过的交换区尚未被覆盖, 该数值即为这些内容已存在于内存中的交换区的大小。 相应的内存再次被换出时可不必再对交换区写入。
进程信息区,各列的含义如下:
序号 列名 含义 a PID 进程id b PPID 父进程id c RUSER Real user name d UID 进程所有者的用户id e USER 进程所有者的用户名 f GROUP 进程所有者的组名 g TTY 启动进程的终端名。不是从终端启动的进程则显示为 ? h PR 优先级 i NI nice值。负值表示高优先级,正值表示低优先级 j P 最后使用的CPU,仅在多CPU环境下有意义 k %CPU 上次更新到现在的CPU时间占用百分比 l TIME 进程使用的CPU时间总计,单位秒 m TIME+ 进程使用的CPU时间总计,单位1/100秒 n %MEM 进程使用的物理内存百分比 o VIRT 进程使用的虚拟内存总量,单位kb。VIRT=SWAP+RES p SWAP 进程使用的虚拟内存中,被换出的大小,单位kb。 q RES 进程使用的、未被换出的物理内存大小,单位kb。RES=CODE+DATA r CODE 可执行代码占用的物理内存大小,单位kb s DATA 可执行代码以外的部分(数据段+栈)占用的物理内存大小,单位kb t SHR 共享内存大小,单位kb u nFLT 页面错误次数 v nDRT 最后一次写入到现在,被修改过的页面数。 w S 进程状态。 D=不可中断的睡眠状态 R=运行 S=睡眠 T=跟踪/停止 Z=僵尸进程 父进程在但并不等待子进程 x COMMAND 命令名/命令行 y WCHAN 若该进程在睡眠,则显示睡眠中的系统函数名 z Flags 任务标志,参考 sched.h
}
列出正在占用swap的进程{
echo -e "PID\t\tSwap\t\tProc_Name" for pid in `ls -l /proc | grep ^d | awk '{ print $9 }'| grep -v [^0-9]` do if [ $pid -eq 1 ];then continue;fi grep -q "Swap" /proc/$pid/smaps 2>/dev/null if [ $? -eq 0 ];then swap=$(grep Swap /proc/$pid/smaps \ | gawk '{ sum+=$2;} END{ print sum }') proc_name=$(ps aux | grep -w "$pid" | grep -v grep \ | awk '{ for(i=11;i<=NF;i++){ printf("%s ",$i); }}') if [ $swap -gt 0 ];then echo -e "${pid}\t${swap}\t${proc_name}" fi fi done | sort -k2 -n | awk -F'\t' '{ pid[NR]=$1; size[NR]=$2; name[NR]=$3; } END{ for(id=1;id<=length(pid);id++) { if(size[id]<1024) printf("%-10s\t%15sKB\t%s\n",pid[id],size[id],name[id]); else if(size[id]<1048576) printf("%-10s\t%15.2fMB\t%s\n",pid[id],size[id]/1024,name[id]); else printf("%-10s\t%15.2fGB\t%s\n",pid[id],size[id]/1048576,name[id]); } }'
}
linux操作系统提供的信号{
kill -l trap "echo aaa" 2 3 15
SIGHUP 1 A SIGINT 2 A SIGQUIT 3 C SIGILL 4 C SIGABRT 6 C SIGFPE 8 C SIGKILL 9 AEF SIGSEGV 11 C SIGPIPE 13 A SIGALRM 14 A SIGTERM 15 A SIGUSR1 30,10,16 A SIGUSR2 31,12,17 A SIGCHLD 20,17,18 B SIGCONT 19,18,25 SIGSTOP 17,19,23 DEF SIGTSTP 18,20,24 D SIGTTIN 21,21,26 D SIGTTOU 22,22,27 D
缺省处理动作一项中的字母含义如下: A 缺省的动作是终止进程 B 缺省的动作是忽略此信号,将该信号丢弃,不做处理 C 缺省的动作是终止进程并进行内核映像转储(dump core),内核映像转储是指将进程数据在内存的映像和进程在内核结构中的部分内容以一定格式转储到文件系统,并且进程退出执行,这样做的好处是为程序员提供了方便,使得他们可以得到进程当时执行时的数据值,允许他们确定转储的原因,并且可以调试他们的程序。 D 缺省的动作是停止进程,进入停止状况以后还能重新进行下去,一般是在调试的过程中(例如ptrace系统调用) E 信号不能被捕获 F 信号不能被忽略 }
系统性能状态{
vmstat 1 9
r b swpd free buff cache inact active si so bi bo in cs us sy id wt
如果 r 经常大于4,且id经常少于40,表示cpu的负荷很重。 如果 pi po 长期不等于0,表示内存不足。 如果 b 队列经常大于3,表示io性能不好。
}
}
日志管理{
history HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S " history -c cat $HOME/.bash_history lastb -a last who /var/log/wtmp lastlog tail -f /var/log/messages tail -f /var/log/secure
}
man{ man 2 read 1 使用者在shell中可以操作的指令或可执行档 2 系统核心可呼叫的函数与工具等 3 一些常用的函数(function)与函数库(library),大部分是C的函数库(libc) 4 装置档案的说明,通常在/dev下的档案 5 设定档或者是某些档案的格式 6 游戏games 7 惯例与协定等,例如linux档案系统、网络协定、ascll code等说明 8 系统管理员可用的管理指令 9 跟kernel有关的文件 }
selinux{
sestatus -v getenforce setenforce 0 semanage port -l semanage port -a -t http_port_t -p tcp 8000 vi /etc/selinux/config SELINUX=enfoceing
}
查看剩余内存{
free -m
}
系统信息{
uname -a cat /proc/version cat /etc/issue lsb_release -a locale -a locale hwclock who w whoami logname uptime sar -n DEV 1 10 dmesg lsmod
}
硬件信息{
more /proc/cpuinfo lscpu cat /proc/cpuinfo | grep name | cut -f2 -d: | uniq -c getconf LONG_BIT cat /proc/cpuinfo | grep 'physical id' |sort| uniq -c cat /proc/cpuinfo | grep flags | grep ' lm ' | wc -l cat /proc/cpuinfo|grep flags more /proc/meminfo dmidecode dmidecode | grep "Product Name" dmidecode | grep -P -A5 "Memory\s+Device" | grep Size | grep -v Range cat /proc/mdstat cat /proc/scsi/scsi lspci lspci|grep RAID lspci -vvv |grep Ethernet lspci -vvv |grep Kernel|grep driver modinfo tg2 ethtool -i em1 ethtool em1
}
终端快捷键{
Ctrl+A Ctrl+E Ctrl+S Ctrl+Q Ctrl+D
}
开机启动模式{
vi /etc/inittab id:3:initdefault:
}
终端提示显示{
echo $PS1 PS1='[\u@ \H \w \A \@#]\$' PS1='[\u@\h \W]\$' export PS1='[\[\e[32m\]\[\e[31m\]\u@\[\e[36m\]\h \w\[\e[m\]]\$ '
}
定时任务{
at 5pm + 3 days /bin/ls
crontab -e 1,30 1-3/2 * * * 命令或脚本 >> file.log 2>&1 echo "40 7 * * 2 /root/sh">>/var/spool/cron/work crontab -l crontab -r cron.deny和cron.allow service crond start|stop|restart * * * * * echo "d" >>d$(date +\%Y\%m\%d).log
}
date{
星期日[SUN] 星期一[MON] 星期二[TUE] 星期三[WED] 星期四[THU] 星期五[FRI] 星期六[SAT] 一月[JAN] 二月[FEB] 三月[MAR] 四月[APR] 五月[MAY] 六月[JUN] 七月[JUL] 八月[AUG] 九月[SEP] 十月[OCT] 十一月[NOV] 十二月[DEC]
date -s 20091112 date -s 18:30:50 date -d "7 days ago" +%Y%m%d date -d "5 minute ago" +%H:%M date -d "1 month ago" +%Y%m%d date -d '1 days' +%Y-%m-%d date -d '1 hours' +%H:%M:%S date +%Y-%m-%d -d '20110902' date +%Y-%m-%d_%X date +%N date -d "2012-08-13 14:00:23" +%s date -d "@1363867952" +%Y-%m-%d-%T date -d "1970-01-01 UTC 1363867952 seconds" +%Y-%m-%d-%T date -d "`awk -F. '{print $1}' /proc/uptime` second ago" +"%Y-%m-%d %H:%M:%S"
}
limits.conf{
ulimit -SHn 65535 ulimit -SHu 65535 ulimit -a
/etc/security/limits.conf
* soft nofile 16384 * hard nofile 32768
user soft nproc 16384 user hard nproc 32768
/etc/security/limits.d/90-nproc.conf user soft nproc 16384 user hard nproc 32768
sysctl -p
}
随机分配端口范围{
echo "10000 65535" > /proc/sys/net/ipv4/ip_local_port_range
}
百万长链接设置{
vim /root/.bash_profile echo 20000500 > /proc/sys/fs/nr_open ulimit -n 10000000
}
core崩溃文件查看{
gdb core.13844 bt
}
libc.so故障修复{
grep: error while loading shared libraries: /lib64/libc.so.6: ELF file OS ABI invalid
ls /lib64/libc-[tab]
export LD_PRELOAD=/lib64/libc-2.7.so
ln -f -s /lib64/libc-2.7.so /lib64/libc.so.6
}
无法分配内存 { fork: Cannot allocate memory cat /proc/sys/kernel/pid_max }
sudo{
echo myPassword | sudo -S ls /tmp visudo 用户 别名(可用all)=NOPASSWD:命令1,命令2 user ALL=NOPASSWD:/bin/su wangming linuxfan=NOPASSWD:/sbin/apache start,/sbin/apache restart UserName ALL=(ALL) ALL UserName ALL=(ALL) NOPASSWD: ALL peterli ALL=(ALL) NOPASSWD:/sbin/service Defaults requiretty Defaults !visiblepw
}
grub开机启动项添加{
vim /etc/grub.conf title ms-dos rootnoverify (hd0,0) chainloader +1
}
stty{
stty iuclc stty -iuclc stty olcuc stty -olcuc stty size stty eof "string" stty -echo stty echo stty -echo;read;stty echo;read stty igncr stty -igncr stty erase '#' stty erase '^?'
定时输入{
timeout_read(){ timeout=$1 old_stty_settings=`stty -g` stty -icanon min 0 time 100 eval read varname stty "$old_stty_settings" }
read -t 10 varname
}
检测用户按键{
old_tty_settings=$(stty -g) stty -icanon Keypress=$(head -c1) echo "Key pressed was \""$Keypress"\"." stty "$old_tty_settings" exit 0
}
}
iptables{
内建三个表:nat mangle 和 filter filter预设规则表,有INPUT、FORWARD 和 OUTPUT 三个规则链 vi /etc/sysconfig/iptables INPUT FORWARD OUTPUT ACCEPT REJECT DROP -A -D -E -p -P -s -j -i -o -m --sport --dport
iptables -F iptables-restore < 规则文件 /etc/init.d/iptables save /etc/init.d/iptables restart iptables -L -n iptables -t nat -nL
iptables实例{
iptables -L INPUT iptables -X allowed iptables -Z INPUT iptables -N allowed iptables -P INPUT DROP iptables -A INPUT -s 192.168.1.1 iptables -A INPUT -d 192.168.1.1 iptables -A INPUT -i eth0 iptables -A FORWARD -o eth0 iptables -A INPUT -p tcp iptables -D INPUT 8 iptables -D INPUT --dport 80 -j DROP iptables -R INPUT 8 -s 192.168.0.1 -j DROP iptables -I INPUT 8 --dport 80 -j ACCEPT iptables -A INPUT -i eth0 -j DROP iptables -A INPUT -p tcp -s IP -j DROP iptables -A INPUT -p tcp -s IP --dport port -j DROP iptables -A INPUT -s IP -p tcp --dport port -j ACCEPT iptables -A INPUT -p tcp --dport 22 -j DROP iptables -A INPUT -i eth0 -p icmp -m icmp --icmp-type 8 -j DROP iptables -A INPUT -i eth0 -p icmp -j DROP iptables -t filter -A INPUT -i eth0 -p tcp --syn -j DROP iptables -A INPUT -f -m limit --limit 100/s --limit-burst 100 -j ACCEPT iptables -A INPUT -i eth0 -s 192.168.62.1/32 -p icmp -m icmp --icmp-type 8 -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 80 -m state --state NEW -m recent --update --seconds 5 --hitcount 20 --rttl --name WEB --rsource -j DROP
}
iptables配置实例文件{
*filter :INPUT ACCEPT [637:58967] :FORWARD DROP [0:0] :OUTPUT ACCEPT [5091:1301533] -A INPUT -s 127.0.0.1 -p tcp -j ACCEPT -A INPUT -s 192.168.0.0/255.255.0.0 -p tcp -j ACCEPT -A INPUT -p tcp --dport 80 -j ACCEPT -A INPUT -s 192.168.10.37 -p tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,URG RST -j DROP -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p tcp -m tcp -j REJECT --reject-with icmp-port-unreachable COMMIT
}
iptables配置实例{
iptables -A INPUT -s 192.168.0.3/24 -p tcp -j ACCEPT iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT ACCEPT iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT iptables -A OUTPUT -p tcp --sport 80 -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp --dport 110 -j ACCEPT iptables -A INPUT -p tcp --dport 25 -j ACCEPT iptables -A OUTPUT -p icmp -j ACCEPT (OUTPUT设置成DROP的话) iptables -A INPUT -p icmp -j ACCEPT (INPUT设置成DROP的话) IPTABLES -A INPUT -i lo -p all -j ACCEPT (如果是INPUT DROP) IPTABLES -A OUTPUT -o lo -p all -j ACCEPT(如果是OUTPUT DROP)
}
centos6的iptables基本配置{ *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -s 222.186.135.61 -p tcp -j ACCEPT -A INPUT -p tcp --dport 80 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,URG RST -j DROP -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT }
添加网段转发{
echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j MASQUERADE iptables -t nat -A POSTROUTING -s 10.0.0.0/255.0.0.0 -o eth0 -j SNAT --to 192.168.10.158 iptables -t nat -nL
}
端口映射{
route add -net 10.10.20.0 netmask 255.255.255.0 gw 10.10.20.111 echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A PREROUTING -d 外网IP -p tcp --dport 9999 -j DNAT --to 10.10.20.55:22 iptables -t nat -A POSTROUTING -s 10.10.20.0/24 -j SNAT --to 外网IP iptables -t nat -nL
}
}
}
4 服务{
/etc/init.d/sendmail start /etc/init.d/sendmail stop /etc/init.d/sendmail status /date/mysql/bin/mysqld_safe --user=mysql & /bin/systemctl restart mysqld.service vi /etc/rc.d/rc.local /etc/rc.d/rc3.d/S55sshd ln -s -f /date/httpd/bin/apachectl /etc/rc.d/rc3.d/S15httpd ipvsadm -ln ipvsadm -C xm list virsh ./bin/httpd -M httpd -t -D DUMP_MODULES echo 内容| /bin/mail -s "标题" 收件箱 -f 发件人 "`echo "内容"|iconv -f utf8 -t gbk`" | /bin/mail -s "`echo "标题"|iconv -f utf8 -t gbk`" 收件箱 /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
chkconfig{
chkconfig service on|off|set chkconfig --level 35 httpd off chkconfig --level 35 httpd on chkconfig --list chkconfig --list |grep httpd chkconfig –-list [service]
}
systemctl{
systemctl is-active *.service systemctl is-enabled *.service systemctl mask *.service systemctl unmask cups.service systemctl enable *.service systemctl disable *.service systemctl start *.service systemctl stop *.service systemctl restart *.service systemctl reload *.service systemctl status *.service systemctl --failed systemctl poweroff systemctl reboot systemctl rescue systemctl emergency systemctl list-dependencies systemctl list-unit-files journalctl -r -u elasticsearch.service /etc/systemd/system/falcon-agent.service [Unit] Description=This is zuiyou monitor agent After=network.target remote-fs.target nss-lookup.target
[Service] User= root Type=simple PIDFile=/opt/falcon-agent/var/app.pid ExecStartPre=/usr/bin/rm -f /opt/falcon-agent/var/app.pid ExecStart=/opt/falcon-agent/control start ExecReload=/bin/kill -s HUP $MAINPID KillMode=process KillSignal=SIGQUIT TimeoutStopSec=5 PrivateTmp=true Restart=always LimitNOFILE=infinity
[Install] WantedBy=multi-user.target
systemctl daemon-reload
}
nginx{
yum install -y make gcc openssl-devel pcre-devel bzip2-devel libxml2 libxml2-devel curl-devel libmcrypt-devel libjpeg libjpeg-devel libpng libpng-devel openssl
groupadd nginx useradd nginx -g nginx -M -s /sbin/nologin
mkdir -p /opt/nginx-tmp
wget http://labs.frickle.com/files/ngx_cache_purge-1.6.tar.gz tar fxz ngx_cache_purge-1.6.tar.gz
tar zxvpf nginx-1.4.4.tar.gz cd nginx-1.4.4
./configure \ --user=nginx \ --group=nginx \ --prefix=/usr/local/nginx \ --with-http_ssl_module \ --with-http_realip_module \ --with-http_gzip_static_module \ --with-http_stub_status_module \ --add-module=/opt/ngx_cache_purge-1.6 \ --http-client-body-temp-path=/opt/nginx-tmp/client \ --http-proxy-temp-path=/opt/nginx-tmp/proxy \ --http-fastcgi-temp-path=/opt/nginx-tmp/fastcgi \ --http-uwsgi-temp-path=/opt/nginx-tmp/uwsgi \ --http-scgi-temp-path=/opt/nginx-tmp/scgi
make && make install
/usr/local/nginx/sbin/nginx –t /usr/local/nginx/sbin/nginx -t -c /opt/nginx/conf/nginx.conf /usr/local/nginx/sbin/nginx /usr/local/nginx/sbin/nginx -s reload /usr/local/nginx/sbin/nginx -s stop
}
elasticsearch{
vim /etc/sysctl.conf vm.max_map_count = 262144
vim /etc/security/limits.conf * soft memlock unlimited * hard memlock unlimited sysctl -p
curl 'localhost:9200/_cat/health?v' curl 'localhost:9200/_cat/nodes?v' curl 'localhost:9200/_cat/indices?v' curl 127.0.0.1:9200/indexname -XDELETE curl -XGET http://localhost:9200/_cat/shards curl '127.0.0.1:9200/_cat/indices'
}
mysql常用命令{
mysqlcheck -uroot -p -S mysql.sock --optimize --databases account mysqlbinlog slave-relay-bin.000001 mysqladmin -h myhost -u root -p create dbname
flush privileges; show databases; use dbname; show tables; desc tables; drop database name; drop table name; create database name; select column from table; show processlist; show full processlist; select user(); show slave status\G; show variables; show status; show table status show grants for user@'%' drop table if exists user create table if not exists user select host,user,password from user; create table ka(ka_id varchar(6),qianshu int); show variables like 'character_set_%'; show variables like '%timeout%'; delete from user where user=''; delete from user where user='sss' and host='localhost' ; drop user 'sss'@'localhost'; ALTER TABLE mytable ENGINE = MyISAM ; SHOW TABLE STATUS from dbname where Name='tablename'; mysql -uroot -p -A -ss -h10.10.10.5 -e "show databases;" CREATE TABLE innodb (id int, title char(20)) ENGINE = INNODB grant replication slave on *.* to 'user'@'%' identified by 'pwd'; ALTER TABLE player ADD INDEX weekcredit_faction_index (weekcredit, faction); alter table name add column accountid(column) int(11) NOT NULL(column); update host set monitor_state='Y',hostname='xuesong' where ip='192.168.1.1'; select * from information_schema.processlist where command!='sleep'; select * from atable where name='on' AND t<15 AND host LIKE '10%' limit 1,10; show create database ops_deploy; show create table updatelog; alter database ops_deploy CHARACTER SET utf8; alter table `updatelog` default character set utf8; alter table `updatelog` convert to character set utf8;
自增表{
create table xuesong (id INTEGER PRIMARY KEY AUTO_INCREMENT, name CHAR(30) NOT NULL, age integer , sex CHAR(15) ); insert into xuesong(name,age,sex) values(%s,%s,%s)
}
登录mysql的命令{
mysql -h110.110.110.110 -P3306 -uroot -p mysql -uroot -p -S /data1/mysql5/data/mysql.sock -A --default-character-set=GBK
}
shell执行mysql命令{
mysql -u root -p'123' xuesong < file.sql mysql -u$username -p$passwd -h$dbhost -P$dbport -A -e " use $dbname; delete from data where date=('$date1'); " mysql -uroot -p -S mysql.sock -e "use db;alter table gift add column accountid int(11) NOT NULL;flush privileges;" 2>&1 |grep -v Warning
}
mysql字符集相关{
show variables like '%character%';
show global variables like '%char%'; show global variables like 'coll%'; show character set; show collation; show create table table_name \G show create database database_name \G show create procedure procedure_name \G show procedure status \G alter database db_name default charset utf8; create database db_name character set utf8; alter table tab_name default charset utf8 collate utf8_general_ci;
alter database dbsdq character set utf8mb4 collate utf8mb4_unicode_ci; use dbsdq; alter table tt2 character set utf8mb4 collate utf8mb4_unicode_ci; alter table tt2 modify c2 varchar(10) character set utf8mb4;
}
备份数据库{
mysqldump -h host -u root -p --default-character-set=utf8 dbname >dbname_backup.sql mysqldump -h host -u root -p --database --default-character-set=utf8 dbname >dbname_backup.sql /bin/mysqlhotcopy -u root -p mysqldump -u root -p -S mysql.sock --default-character-set=utf8 dbname table1 table2 > /data/db.sql mysqldump -uroot -p123 -d database > database.sql
grant select on db_name.* to dbbackup@"localhost" Identified by "passwd"; mysqldump -hlocalhost -P 3306 -u dbbackup --single-transaction -p"passwd" --database dbname >dbname.sql
innobackupex --user=root --password="" --defaults-file=/data/mysql5/data/my_3306.cnf --socket=/data/mysql5/data/mysql.sock --slave-info --stream=tar --tmpdir=/data/dbbackup/temp /data/dbbackup/ 2>/data/dbbackup/dbbackup.log | gzip 1>/data/dbbackup/db50.tar.gz
}
还原数据库{
mysql -h host -u root -p dbname < dbname_backup.sql source 路径.sql
}
赋权限{
grant all on zabbix.* to user@"$IP"; grant select on database.* to user@"%" Identified by "passwd"; grant all privileges on database.* to user@"$IP" identified by 'passwd'; grant all privileges on database.* to user@"localhost" identified by 'passwd' with grant option; grant select, insert, update, delete on database.* to user@'ip'identified by "passwd"; revoke all on *.* from user@localhost; GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, EXECUTE, CREATE ROUTINE, ALTER ROUTINE ON `storemisc_dev`.* TO 'user'@'192.168.%'
}
更改密码{
update user set password=password('passwd') where user='root' mysqladmin -u root password 'xuesong'
}
mysql忘记密码后重置{
cd /data/mysql5 /data/mysql5/bin/mysqld_safe --user=mysql --skip-grant-tables --skip-networking & use mysql; update user set password=password('123123') where user='root';
}
mysql主从复制失败恢复{
slave stop; reset slave; change master to master_host='10.10.10.110',master_port=3306,master_user='repl',master_password='repl',master_log_file='master-bin.000010',master_log_pos=107,master_connect_retry=60; slave start;
}
sql语句使用变量{
use xuesong; set @a=concat('my',weekday(curdate())); set @sql := concat('CREATE TABLE IF NOT EXISTS ',@a,'( id INT(11) NOT NULL )'); select @sql; prepare create_tb from @sql; execute create_tb;
}
检测mysql主从复制延迟{
1、在从库定时执行更新主库中的一个timeout数值 2、同时取出从库中的timeout值对比判断从库与主库的延迟
}
死锁{
show OPEN TABLES where In_use > 0; show variables like 'innodb_print_all_deadlocks'; set global innodb_print_all_deadlocks = 1; innodb_print_all_deadlocks = 1
}
mysql慢查询{
select * from information_schema.processlist where command in ('Query') and time >5\G
开启慢查询日志{
[mysqld] log-slow-queries=/var/lib/mysql/slowquery.log long_query_time=5 log-queries-not-using-indexes log-long-format show variables like "%slow%"; set global slow_query_log='ON';
}
mysqldumpslow慢查询日志查看{
-s -t -g
mysqldumpslow -s c -t 20 host-slow.log mysqldumpslow -s r -t 20 host-slow.log mysqldumpslow -t 10 -s t -g "left join" host-slow.log
show global status like '%slow%'; show variables like '%slow%'; show variables like '%long%'; desc select * from wei where text='xishizhaohua'\G; create index text_index on wei(text);
}
Percona Toolkit 慢日志分析工具
}
mysql操作次数查询{
select * from information_schema.global_status;
com_select com_delete com_insert com_update
}
}
mongodb{
一、启动{
./mongod --port 27017 --fork --logpath=/opt/mongodb/mongodb.log --logappend --dbpath=/opt/mongodb/data/ ./mongod --port 27017 --fork --logpath=/opt/mongodb/mongodb.log --logappend --dbpath=/opt/mongodb/data/ --auth
cat /opt/mongodb/mongodb.conf port=27017 fork=true auth=true logappend=true logpath=/opt/mongodb/mongodb.log dbpath=/opt/mongodb/data/ shardsvr=true maxConns=600 ./mongod -f /opt/mongodb/mongodb.conf
bind_ip journal syncdelay directoryperdb repairpath
}
二、关闭{
./mongo use admin db.shutdownServer()
kill -2 pid kill -15 pid
}
三、开启认证与用户管理{
./mongo use admin db.addUser("root","123456") db.addUser('zhansan','pass',true) ./mongo 127.0.0.1:27017/mydb -uroot -p123456 show collections db.system.users.find(); db.system.users.remove({user:"zhansan"})
}
四、登录{
192.168.1.5:28017 mongo mongo 192.168.1.5:27017/databaseName
}
五、查看状态{
db.runCommand({"serverStatus":1}) globalLock mem indexCounters backgroudFlushing opcounters asserts
./mongostat insert query update delete locked qr|qw ar|aw conn time
mongostat -h 127.0.0.1 --port 27047 --authenticationDatabase admin -u zadmin -p Keaphh9e mongotop -h 127.0.0.1 --port 27047 --authenticationDatabase admin -u zadmin -p Keaphh9e
}
六、常用命令{
db.listCommands()
db.runCommand({"buildInfo" : 1}) db.runCommand({"collStats" : tablename}) db.runCommand({"dropDatabase" : 1}) db.runCommand({"isMaster" : 1}) db.runCommand({"ping" : 1}) db.runCommand({"repaireDatabase" : 1}) db.runCommand({"serverStatus" : 1}) db.runCommand({"renameCollection" : 集合名, "to":集合名}) db.runCommand({"listDatabases" : 1})
mongo 172.20.20.1:27072/mdb --eval "db.tb.count();" mongo --host 172.20.20.1 --port 27049
rs.config(); rs.status(); db.currentOp() db.runCommand( { logRotate : 1 } ) rs.slaveOk() rs.addArb("172.16.10.199:27020"); rs.add({host: "10.2.2.2:27047", priority: 0, hidden: true}) rs.remove("172.20.80.216:27047"); rs.stepDown(120) show dbs use post show tables db.tb.drop() db.tb.remove({}) db.tb.count() db.tb.find() db.tb.find({_id:37530555}) db.tb.find().sort({_id:-1}).limit(1) db.tb.find({"processed" : {"$ne" : true}}).limit(1); db.tb.find({"processed" : {"$eq" : true}}).limit(1); db.tb.find({"processed" : {"$exists" : false}}).limit(1);
db.tb.ensureIndex({"status":1}, {background:true}) db.tb.getIndexes() db.tb.ensureIndex({"c_type":1},{backgrounnd:true}) db.tb.dropIndex({"c_type":1});
}
七、进程控制{
db.currentOp() db.$cmd.sys.inprog.findOne() opid op ns query lockType
db.killOp(opid值) db.$cmd.sys.killop.findOne({op:opid值})
}
八、备份还原{ db.runCommand({"fsync":1,"lock":1}) db.$cmd.sys.unlock.findOne() db.currentOp()
mongoexport -d test -c t1 -o t1.dat -c -d mongoexport -d test -c t1 -csv -f num -o t1.dat -csv -f
mongoimport -d test -c t1 -file t1.dat mongoimport -d test -c t1 -type csv --headerline -file t1.dat --headerline
mongodump -d test -o /bak/mongodump mongorestore -d test --drop /bak/mongodump/* --drop --gzip
mongodump --host 127.0.0.1:27080 -d dbname -c tablename -o /data/reports/ mongodump --host 127.0.0.1:27080 -d dbname -c tablename -o /data/reports/reports -u root -p tAvaa5yNUE --authenticationDatabase admin
mongorestore --host 127.0.0.1:27080 -d dbname -c tablename --drop --dir=/data/reports/tablename.bson
db.copyDatabase(fromdb, todb, fromhost, username, password, mechanism) db.copyDatabase('mate','mate', '172.16.255.176:27047')
}
九、修复{
mongod --repair db.repairDatabase() {"repairDatabase":1}
}
十、python使用mongodb{
原文: http://blog.nosqlfan.com/html/2989.html
easy_install pymongo import pymongo connection=pymongo.Connection('localhost',27017) db = connection.test_database collection = db.test_collection
文档添加, _id自动创建 import datetime post = {"author": "Mike", "text": "My first blog post!", "tags": ["mongodb", "python", "pymongo"], "date": datetime.datetime.utcnow()} posts = db.posts posts.insert(post) ObjectId('...')
批量插入 new_posts = [{"author": "Mike", "text": "Another post!", "tags": ["bulk", "insert"], "date": datetime.datetime(2009, 11, 12, 11, 14)}, {"author": "Eliot", "title": "MongoDB is fun", "text": "and pretty easy too!", "date": datetime.datetime(2009, 11, 10, 10, 45)}] posts.insert(new_posts) [ObjectId('...'), ObjectId('...')]
获取所有collection db.collection_names()
获取单个文档 posts.find_one()
查询多个文档 for post in posts.find(): post
加条件的查询 posts.find_one({"author": "Mike"})
高级查询 posts.find({"date": {"$lt": "d"}}).sort("author")
统计数量 posts.count()
加索引 from pymongo import ASCENDING, DESCENDING posts.create_index([("date", DESCENDING), ("author", ASCENDING)])
查看查询语句的性能 posts.find({"date": {"$lt": "d"}}).sort("author").explain()["cursor"] posts.find({"date": {"$lt": "d"}}).sort("author").explain()["nscanned"]
}
}
JDK安装{
vim /etc/profile.d/jdk.sh export JAVA_HOME=/usr/local/jdk1.8.0_151 export PATH=$JAVA_HOME/bin:$PATH
. /etc/profile jps -ml jstat -gc 18381 1s 30 }
redis动态加内存{
./redis-cli -h 10.10.10.11 -p 6401 save config get * config get maxmemory config set maxmemory 15360000000
}
nfs{
yum install nfs-utils portmap yum install nfs-utils rpcbind
vim /etc/exports /data/images 10.10.10.0/24(rw,sync,no_root_squash)
service portmap restart service rpcbind restart service nfs restart service nfs reload showmount -e showmount -a showmount -e 10.10.10.3 mount -t nfs 10.10.10.3:/data/images/ /data/img
umount -f /data/img/
nfsstat -c nfsstat -cn nfsstat -r nfsstat –s
}
hdfs{ hdfs --help
hdfs dfs -help hdfs dfs -ls /logs hdfs dfs -ls /user/ hdfs dfs -cat hdfs dfs -df hdfs dfs -du hdfs dfs -rm hdfs dfs -tail hdfs dfs –put localSrc dest
hdfs dfsadmin -help hdfs dfsadmin -report }
}
5 网络{
rz sz ifconfig eth0 down ifconfig eth0 up ifup eth0:0 mii-tool em1 traceroute www.baidu.com vi /etc/resolv.conf nslookup www.moon.com dig -x www.baidu.com dig +trace -t A domainname dig +short txt hacker.wp.dg.cx host -t txt hacker.wp.dg.cx lynx wget -P path -O name url dhclient eth1 mtr -r www.baidu.com ipcalc -m "$ip" -p "$num" curl -I www.baidu.com curl -s www.baidu.com queryperf -d list -s DNS_IP -l 2 telnet ip port echo "show " |nc $ip $port nc -l -p port nc -nv -z 10.10.10.11 1080 |grep succeeded curl -o /dev/null -s -m 10 --connect-timeout 10 -w %{http_code} $URL curl -X POST -d "user=xuesong&pwd=123" http://www.abc.cn/Result curl -s http://20140507.ip138.com/ic.asp curl http://IP/ -H "X-Forwarded-For: ip" -H "Host: www.ttlsa.com" ifconfig eth0:0 192.168.1.221 netmask 255.255.255.0 echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all net rpc shutdown -I IP_ADDRESS -U username%password wget --random-wait -r -p -e robots=off -U Mozilla www.example.com sshpass -p "$pwd" rsync -avzP /dir user@$IP:/dir/ rsync -avzP --delete /dir/ user@$IP:/dir/ rsync -avzP -e "ssh -p 22 -e -o StrictHostKeyChecking=no" /dir user@$IP:/dir
抓包{
-i eth1 -t -s 0 -c 100 dst port ! 22 tcpdump tcp port 22 tcpdump -n -vv udp port 53 tcpdump port 10001 -A -s0 tcpdump -i any host x.x.x.x -s 0 -w /tmp/cap.pcap tcpdump -i any -s 0 host 172.20.81.107 or host 172.16.3.72 -C 50 -W 5 -w /tmp/20190122ng.cap
}
一次短链接失败故障定位{
ss -nl |grep :80 watch -n 1 'nstat -z -t 1 | grep -e TcpActiveOpens -e TcpExtListenOverflows -e TcpAttemptFails -e TcpPassiveOpen -e TcpExtTCPSynRetrans -e TcpRetransSegs -e TcpOutSegs -e TcpInSegs'
TcpAttemptFails TCP建立链接失败,包括前后端 TcpExtTCPSynRetrans TCP向后端建立链接失败
listen 10.87.128.29:51528 default_server backlog=4096;
https://m.aliyun.com/yunqi/articles/118472?spm=5176.8091938.0.0.11e86ccF4oOeZ }
网卡流量查看{
watch more /proc/net/dev iptraf nethogs -d 5 eth0 eth1 iftop -i eth0 -n -P
sar { -n参数有6个不同的开关: DEV | EDEV | NFS | NFSD | SOCK | ALL DEV显示网络接口信息 EDEV显示关于网络错误的统计数据 NFS统计活动的NFS客户端的信息 NFSD统计NFS服务器的信息 SOCK显示套 接字信息 ALL显示所有5个开关
sar -n DEV 1 10
rxpck/s txpck/s rxbyt/s txbyt/s rxcmp/s txcmp/s rxmcst/s
}
}
netstat{
-a -t -u -n netstat -anlp netstat -tnlp netstat -r }
ss{
ss -s ss -l ss -tnlp ss -ant ss -u -a ss dst 192.168.119.113 ss dst 192.168.119.113:http ss dst 192.168.119.113:3844 ss src 192.168.119.103:16021 ss -o state established '( dport = :smtp or sport = :smtp )' ss -o state established '( dport = :http or sport = :http )' ss -x src /tmp/.X11-unix/*
}
并发数查看{
netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}' SYN_RECV ESTABLISHED TIME_WAIT CLOSE_WAIT
}
ssh{
ssh -p 22 user@192.168.1.209 ssh -p 22 root@192.168.1.209 CMD scp -P 22 file root@ip:/dir scp -l 100000 file root@ip:/dir sshpass -p 'pwd' ssh -n root@$IP "echo hello" ssh -o StrictHostKeyChecking=no $IP ssh -t "su -" scp root@192.168.1.209:/RemoteDir /localDir pscp -h host.ip /a.sh /opt/sbin/ ssh -N -L2001:remotehost:80 user@somemachine ssh -t host_A ssh host_B ssh -t -p 22 $user@$Ip /bin/su - root -c {$Cmd}; ssh-keygen -t rsa ssh-copy-id -i xuesong@10.10.10.133 vi $HOME/.ssh/authorized_keys sshfs name@server:/path/to/folder /path/to/mount/point fusermount -u /path/to/mount/point ssh user@host cat /path/to/remotefile | diff /path/to/localfile - su - user -c "ssh user@192.168.1.1 \"echo -e aa |mail -s test mail@163.com\"" pssh -h ip.txt -i uptime
SSH反向连接{
ssh -NfR 1234:localhost:2223 user1@123.123.123.123 -p22 ss -ant ssh localhost -p1234
} }
网卡配置文件{
vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0 BOOTPROTO=none BROADCAST=192.168.1.255 HWADDR=00:0C:29:3F:E1:EA IPADDR=192.168.1.55 NETMASK=255.255.255.0 NETWORK=192.168.1.0 ONBOOT=yes TYPE=Ethernet GATEWAY=192.168.1.1
}
route {
route route add default gw 192.168.1.1 dev eth0 route add -net 172.16.0.0 netmask 255.255.0.0 gw 10.39.111.254 route del -net 172.16.0.0 netmask 255.255.0.0 gw 10.39.111.254
}
静态路由{
vim /etc/sysconfig/static-routes any net 192.168.12.0/24 gw 192.168.0.254 any net 192.168.13.0/24 gw 192.168.0.254
}
解决ssh链接慢{
sed -i 's/GSSAPIAuthentication yes/GSSAPIAuthentication no/' /etc/ssh/sshd_config sed -i '/#UseDNS yes/a\UseDNS no' /etc/ssh/sshd_config /etc/init.d/sshd reload
}
nmap{
nmap -PT 192.168.1.1-111 nmap -O 192.168.1.1 nmap -sV 192.168.1.1-111 nmap -sS 192.168.1.1-111 nmap -P0 192.168.1.1-111 nmap -d 192.168.1.1-111 nmap -D 192.168.1.1-111 nmap -p 20-30,139,60000- nmap -P0 -sV -O -v 192.168.30.251
nmap -sF 192.168.1.1-111 nmap -sX 192.168.1.1-111 nmap -sN 192.168.1.1-111
}
流量切分线路{
vi /etc/iproute2/rt_tables 252 bgp2 ip route add default via 第二个出口上线IP(非默认网关) dev eth1 table bgp2 ip route add from 本机第二个ip table bgp2 ip route list table 252 ip rule list
}
snmp{
snmptranslate .1.3.6.1.2.1.1.3.0 DISMAN-EVENT-MIB::sysUpTimeInstance snmpdf -v 1 -c public localhost snmpnetstat -v 2c -c public -a 192.168.6.53 snmpwalk -v 2c -c public 10.152.14.117 .1.3.6.1.2.1.1.3.0 snmpwalk -v 2c -c public 10.152.14.117 sysUpTimeInstance
}
TC流量控制{
tc qdisc del dev eth0 root handle 1: tc qdisc add dev eth0 root handle 1: htb r2q 1 tc class add dev eth0 parent 1: classid 1:1 htb rate 12mbit ceil 15mbit tc filter add dev eth0 parent 1: protocol ip prio 16 u32 match ip dst 10.10.10.1/24 flowid 1:1
tc -s -d qdisc show dev eth0 tc class show dev eth0 tc filter show dev eth0
限制上传下载{
tc qdisc del dev tun0 root tc qdisc add dev tun0 root handle 2:0 htb tc class add dev tun0 parent 2:1 classid 2:10 htb rate 30kbps tc class add dev tun0 parent 2:2 classid 2:11 htb rate 30kbps tc qdisc add dev tun0 parent 2:10 handle 1: sfq perturb 1 tc filter add dev tun0 protocol ip parent 2:0 u32 match ip dst 10.18.0.0/24 flowid 2:10 tc filter add dev tun0 parent ffff: protocol ip u32 match ip src 10.18.0.0/24 police rate 30kbps burst 10k drop flowid 2:11
tc qdisc del dev tun0 root tc qdisc add dev tun0 root handle 2:0 htb tc class add dev tun0 parent 2:1 classid 2:10 htb rate 30kbps tc class add dev tun0 parent 2:2 classid 2:11 htb rate 30kbps tc qdisc add dev tun0 parent 2:10 handle 1: sfq perturb 1 tc filter add dev tun0 protocol ip parent 2:0 u32 match ip dst 10.18.0.0/24 flowid 2:10 tc filter add dev tun0 parent ffff: protocol ip u32 match ip src 10.18.0.0/24 police rate 30kbps burst 10k drop flowid 2:11
}
}
}
6 磁盘{
df -Ph df -T df -i du -h dir du -sh * mount -l fdisk -l fdisk /dev/hda3 mkfs -t ext4 /dev/hda3 fsck -y /dev/sda6 lsof |grep delete tmpwatch -afv 10 /tmp cat /proc/filesystems mount -o remount,rw / iotop smartctl -H /dev/sda smartctl -i /dev/sda smartctl -a /dev/sda e2label /dev/sda5 e2label /dev/sda5 new-label ntfslabel -v /dev/sda8 new-label tune2fs -j /dev/sda tune2fs -l /dev/sda mke2fs -b 2048 /dev/sda5 dumpe2fs -h /dev/sda5 mount -t iso9660 /dev/dvd /mnt mount -t ntfs-3g /dev/sdc1 /media/yidong mount -t nfs 10.0.0.3:/opt/images/ /data/img mount -o loop /software/rhel4.6.iso /mnt/
磁盘IO性能检测{
iostat -x 1 10
% user % system % idle % iowait
rrqm/s wrqm/s r/s w/s rsec/s wsec/s rkB/s wkB/s avgrq-sz avgqu-sz await svctm %util
IO性能衡量标准{
1、 如果 %util 接近 100%,说明产生的I/O请求太多,I/O系统已经满负荷,该磁盘可能存在瓶颈。 2、 idle 小于70% IO压力就较大了,一般读取速度有较多的wait. 3、 同时可以结合 vmstat 查看查看b参数(等待资源的进程数)和wa参数(IO等待所占用的CPU时间的百分比,高过30%时IO压力高) 4、 svctm 一般要小于 await (因为同时等待的请求的等待时间被重复计算了),svctm 的大小一般和磁盘性能有关,CPU/内存的负荷也会对其有影响,请求过多也会间接导致 svctm 的增加. await 的大小一般取决于服务时间(svctm) 以及 I/O 队列的长度和 I/O 请求的发出模式. 如果 svctm 比较接近 await,说明 I/O 几乎没有等待时间;如果 await 远大于 svctm,说明 I/O 队列太长,应用得到的响应时间变慢,如果响应时间超过了用户可以容许的范围,这时可以考虑更换更快的磁盘,调整内核 elevator 算法,优化应用,或者升级 CPU 5、 队列长度(avgqu-sz)也可作为衡量系统 I/O 负荷的指标,但由于 avgqu-sz 是按照单位时间的平均值,所以不能反映瞬间的 I/O 洪水。
}
}
iotop{
yum install iotop
-o -b -n NUM -d SEC -p PID -u USER
r o p a q
}
创建swap文件方法{
dd if=/dev/zero of=/swap bs=1024 count=4096000 mkswap /swap swapon /swap /swap swap swap defaults 0 0 cat /proc/swaps swapoff -a swapon -a
}
新硬盘挂载{
fdisk /dev/sdc p d n w mkfs.ext4 -L 卷标 /dev/sdc1 mount /dev/sdc1 /mnt vi /etc/fstab LABEL=/data /data ext4 defaults 1 2 /dev/sdb1 /data4 ext4 defaults 1 2 /dev/sdb2 /data4 ext4 noatime,defaults 1 2
第一个数字"1"该选项被"dump"命令使用来检查一个文件系统应该以多快频率进行转储,若不需要转储就设置该字段为0 第二个数字"2"该字段被fsck命令用来决定在启动时需要被扫描的文件系统的顺序,根文件系统"/"对应该字段的值应该为1,其他文件系统应该为2。若该文件系统无需在启动时扫描则设置该字段为0 当以 noatime 选项加载(mount)文件系统时,对文件的读取不会更新文件属性中的atime信息。设置noatime的重要性是消除了文件系统对文件的写操作,文件只是简单地被系统读取。由于写操作相对读来说要更消耗系统资源,所以这样设置可以明显提高服务器的性能.wtime信息仍然有效,任何时候文件被写,该信息仍被更新。
mount -a
}
大磁盘2T和16T分区{
parted /dev/sdb (parted) mklabel gpt (parted) print (parted) mkpart primary 0KB 22.0TB Is this still acceptable to you? Yes/No? Yes Ignore/Cancel? Ignore (parted) print Model: LSI MR9271-8i (scsi) Disk /dev/sdb: 22.0TB Sector size (logical/physical): 512B/512B Partition Table: gpt Number Start End Size File system Name Flags 1 17.4kB 22.0TB 22.0TB primary (parted) quit
mkfs.ext4 /dev/sdb1
Size of device /dev/sdb1 too big to be expressed in 32 bits using a blocksize of 4096.
yum -y install xfsprogs mkfs.xfs -f /dev/sdb1
}
阿里云扩容磁盘{
yum install cloud-utils-growpart yum install xfsprogs df -h fdisk -l growpart /dev/vda 1 resize2fs /dev/vda1 xfs_growfs /dev/vda1 df -h
}
raid原理与区别{
raid0至少2块硬盘.吞吐量大,性能好,同时读写,但损坏一个就完蛋 raid1至少2块硬盘.相当镜像,一个存储,一个备份.安全性比较高.但是性能比0弱 raid5至少3块硬盘.分别存储校验信息和数据,坏了一个根据校验信息能恢复 raid6至少4块硬盘.两个独立的奇偶系统,可坏两块磁盘,写性能非常差
}
}
7 用户{
users groups who -q groupadd useradd user passwd username userdel -r chown -R user:group chown y\.li:mysql umask chgrp finger echo "xuesong" | passwd user --stdin useradd -g www -M -s /sbin/nologin www useradd -g www -M -s /bin/false www useradd -d /data/song -g song song usermod -l newuser olduser usermod -g user group usermod -d dir -m user usermod -G group user gpasswd -d user group su - user -c " #cmd1; "
恢复密码{
}
特殊权限{
s或 S (SUID):对应数值4 s或 S (SGID):对应数值2 t或 T :对应数值1 大S:代表拥有root权限,但是没有执行权限 小s:拥有特权且拥有执行权限,这个文件可以访问系统任何root用户可以访问的资源 T或T(Sticky):/tmp和 /var/tmp目录供所有用户暂时存取文件,亦即每位用户皆拥有完整的权限进入该目录,去浏览、删除和移动文件
}
}
8 脚本{
shopt sh -x sh -n set -e (a=bbk) basename /a/b/c dirname $RANDOM $$ source FileName sleep 5 trap trap "" 2 3 $PWD $HOME $OLDPWD cd - local ret yes yes |rm -i * ls -p /home ls -d /home/ time a.sh echo -n aa;echo bb echo -e "s\tss\n\n\n" echo $a | cut -c2-6 echo {a,b,c}{a,b,c}{a,b,c} echo $((2#11010)) echo aaa | tee file echo {1..10} printf '%10s\n'|tr " " a pwd | awk -F/ '{ print $2 }' tac file |sed 1,3d|tac tail -3 file outtmp=/tmp/$$`date +%s%N`.outtmp :(){ :|:& };: echo -e "\e[32mcolour\e[0m" echo -e "\033[32mcolour\033[m" echo -e "\033[0;31mL\033[0;32mO\033[0;33mV\033[0;34mE\t\033[0;35mY\033[0;36mO\033[0;32mU\e[m"
正则表达式{
^ $ . * + ? ? [] [^] \ < > x\{m\} x\{m,\} x\{m,n\} X? X+ () (ab|de)+ [[:alpha:]] [[:lower:]] [[:upper:]] [[:digit:]] [[:digit:][:lower:]]
元字符{
\d \D \w \W
}
字符类:空白字符{
\s \S \b \n \r \t \b \0
}
字符类:锚定字符{
\b \B \A \Z \z \G
}
捕获{
(exp) (?<name>exp) (?:exp)
}
零宽断言{
(?=exp) (?<=exp) (?!exp) (?<!exp) (?
}
特殊字符{
http://en.wikipedia.org/wiki/Ascii_table ^H \010 \b ^M \015 \r 匹配特殊字符: ctrl+V ctrl不放在按H或M 即可输出^H,用于匹配
}
}
流程结构{
if判断{
if [ $a == $b ] then echo "等于" else echo "不等于" fi
}
case分支选择{
case $xs in 0) echo "0" ;; 1) echo "1" ;; *) echo "其他" ;; esac
}
while循环{
num=1 while [ $num -lt 10 ] do echo $num ((num=$num+2)) done grep a a.txt | while read a do echo $a done while read a do echo $a done < a.txt
}
for循环{
w=`awk -F ":" '{print $1}' c` for d in $w do $d done for ((i=0;i<${#o[*]};i++)) do echo ${o[$i]} done
}
until循环{
until command do body done
}
流程控制{
break N continue N continue
}
}
变量{
A="a b c def" A=`cmd` A=$(cmd) eval a=\$$a i=2&&echo $((i+3)) i=2&&echo $[i+3] a=$((2>6?5:8)) $1 $2 $* env env | grep "name" set read name readonly name readonly export name export name="RedHat" export Stat$nu=2222 unset name export -n name shift name + 0 number " " a='ee';b='a';echo ${!b} : ${a="cc"}
数组{
A=(a b c def) ${#A[*]} ${A[*]} ${A[@]} ${A[2]}
}
定义变量类型{
declare 或 typeset -r 只读(readonly一样) -i 整形 -a 数组 -f 函数 -x export declare -i n=0
}
系统变量{
$0 $n $* $@ $# $$ $! $?
}
变量引用技巧{
${name:+value} ${name:-value} ${name:?value} ${name:=value} ${#A} ${A:4:9} ${A:(-1)} ${A/www/http} ${A//www/http}
定义了一个变量: file=/dir1/dir2/dir3/my.file.txt ${file#*/} ${file##*/} ${file#*.} ${file##*.} ${file%/*} ${file%%/*} ${file%.*} ${file%%.*}
}
}
test条件判断{
expression为字符串操作{
-n str -z str
}
expression为文件操作{
-a -b -p -c -r -d -s -e -S -f -x -g -u -G -w -k -t fd -o -O !
}
expression为整数操作{
expr1 -a expr2 expr1 -o expr2
}
两值比较{
整数 字符串 -lt < -gt > -le <= -ge >= -eq == -ne !=
}
test 10 -lt 5 echo $? test -n "hello" [ $? -eq 0 ] && echo "success" || exit
}
重定向{
cmd 1> fiel cmd > file 2>&1 cmd 2> file cmd 2>> file cmd >> file 2>&1 cmd < file >file2 cat <>file cmd < file cmd cmd << delimiter cmd; #从 stdin 中读入,直至遇到 delimiter 分界符 delimiter
>&n <&n <&- >&- n<&- n>&-
}
运算符{
$[]等同于$(()) ~var var\<<str # 左移运算符,把var中的二进制位向左移动str位,忽略最左端移出的各位,最右端的各位上补上0值,每做一次按位左移就有var乘2 var>>str var&str var^str var|str
运算符优先级{ 级别 运算符 说明 1 =,+=,-=,/=,%=,*=,&=,^=,|=,<<=,>>= 2 || 3 && 4 | 5 ^ 6 & 7 ==,!= 8 <=,>=,<,> 9 \<<,>> 10 +,- 11 *,/,% 12 ! ,~ 13 -,+ }
}
数学运算{
$(( )) + - * / ** & | ^ ! %
let{
let let x=16/4 let x=5**5
}
expr{
expr 14 % 9 SUM=`expr 2 \* 3` LOOP=`expr $LOOP + 1` expr length "bkeep zbb" expr substr "bkeep zbb" 4 9 expr index "bkeep zbb" e expr 30 / 3 / 2 expr bkeep.doc : '.*' expr bkeep.doc : '\(.*\).doc'
数值测试{
rr=3.4 expr $rr + 1 expr: non-numeric argument rr=5 expr $rr + 1 6
}
}
bc{
echo "m^n"|bc seq -s '+' 1000 |bc seq 1 1000 |tr "\n" "+"|sed 's/+$/\n/'|bc }
}
grep{
-c -h -i -l -n -s -v -e -w -wc -o -P -A3 -B3 -C3
grep -v "a" txt grep -w 'a\>' txt grep -i "a" txt grep "a[bB]" txt grep '[0-9]\{3\}' txt grep -E "word1|word2|word3" file grep word1 file | grep word2 |grep word3 echo quan@163.com |grep -Po '(?<=@.).*(?=.$)' echo "I'm singing while you're dancing" |grep -Po '\b\w+(?=ing\b)' echo 'Rx Optical Power: -5.01dBm, Tx Optical Power: -2.41dBm' |grep -Po '(?<=:).*?(?=d)' echo 'Rx Optical Power: -5.01dBm, Tx Optical Power: -2.41dBm' | grep -Po '[-0-9.]+' echo '["mem",ok],["hardware",false],["filesystem",false]' |grep -Po '[^"]+(?=",false)' echo '["mem",ok],["hardware",false],["filesystem",false]' |grep -Po '\w+",false'|grep -Po '^\w+'
grep用于if判断{
if echo abc | grep "a" > /dev/null 2>&1 then echo "abc" else echo "null" fi
}
}
tr{
-c -d -s [a-z] [A-Z] [0-9] \octal [O*n]
tr中特定控制字符表达方式{
\a Ctrl-G \007 \b Ctrl-H \010 \f Ctrl-L \014 \n Ctrl-J \012 \r Ctrl-M \015 \t Ctrl-I \011 \v Ctrl-X \030
}
tr A-Z a-z tr " " "\n" tr -s "[\012]" < plan.txt tr -s ["\n"] < plan.txt tr -s "[\015]" "[\n]" < file tr -s "[\r]" "[\n]" < file tr -s "[:]" "[\011]" < /etc/passwd tr -s "[:]" "[\t]" < /etc/passwd echo $PATH | tr ":" "\n" 1,$!tr -d '\t' tr "\r" "\n"<macfile > unixfile tr "\n" "\r"<unixfile > macfile tr -d "\r"<dosfile > unixfile awk '{ print $0"\r" }'<unixfile > dosfile
}
seq{
-s -w -f
seq 10 100 seq 1 10 |tac seq -s '+' 90 100 |bc seq -f 'dir%g' 1 10 | xargs mkdir seq -f 'dir%03g' 1 10 | xargs mkdir
}
trap{
信号 说明 HUP(1) INT(2) QUIT(3) ABRT(6) ALRM(14) TERM(15)
trap捕捉到信号之后,可以有三种反应方式: 1、执行一段程序来处理这一信号 2、接受信号的默认操作 3、忽视这一信号
第一种形式的trap命令在shell接收到 signal list 清单中数值相同的信号时,将执行双引号中的命令串: trap 'commands' signal-list trap "commands" signal-list
}
awk{
-F ~ == !~ = != +=
\b \f \n \r \t \c
-F"[ ]+|[%]+" [a-z]+ [a-Z] [a-z] [:alnum:] [:alpha:] [:cntrl:] [:digit:] [:graph:] [:lower:] [:print:] [:punct:] [:space:] [:upper:] [:xdigit:] [[:digit:][:lower:]]
内建变量{ $n $0 ARGC ARGIND ARGV CONVFMT ENVIRON ERRNO FIELDWIDTHS FILENAME FNR FS IGNORECASE NF NR OFMT OFS ORS RLENGTH RS RSTART SUBSEP BEGIN END }
内置函数{ gsub(r,s) gsub(r,s,t) index(s,t) length(s) match(s,r) split(s,a,fs) sprint(fmt,exp) sub(r,s) substr(s,p) substr(s,p,n) }
awk判断{ awk '{print ($1>$2)?"第一排"$1:"第二排"$2}' awk '{max=($1>$2)? $1 : $2; print max}' awk '{if ( $6 > 50) print $1 " Too high" ;\ else print "Range is OK"}' file awk '{if ( $6 > 50) { count++;print $3 } \ else { x+5; print $2 } }' file }
awk循环{ awk '{i = 1; while ( i <= NF ) { print NF, $i ; i++ } }' file awk '{ for ( i = 1; i <= NF; i++ ) print NF,$i }' file }
awk '/Tom/' file awk '/^Tom/{print $1}' awk '$1 !~ /ly$/' awk '$3 <40' awk '$4==90{print $5}' awk '/^(no|so)/' test awk '$3 * $4 > 500' awk '{print NR" "$0}' awk '/tom/,/suz/' awk '{a+=$1}END{print a}' awk 'sum+=$1{print sum}' awk '{a+=$1}END{print a/NR}' awk '!s[$1 $3]++' file awk -F'[ :\t]' '{print $1,$2}' awk '{print "'"$a"'","'"$b"'"}' awk '{if(NR==52){print;exit}}' awk '/关键字/{a=NR+2}a==NR {print}' awk 'gsub(/liu/,"aaaa",$1){print $0}' ll | awk -F'[ ]+|[ ][ ]+' '/^$/{print $8}' awk '{$1="";$2="";$3="";print}' echo aada:aba|awk '/d/||/b/{print}' echo aada:abaa|awk -F: '$1~/d/||$2~/b/{print}' echo Ma asdas|awk '$1~/^[a-Z][a-Z]$/{print }' echo aada:aaba|awk '/d/&&/b/{print}' awk 'length($1)=="4"{print $1}' awk '{if($2>3){system ("touch "$1)}}' awk '{sub(/Mac/,"Macintosh",$0);print}' awk '{gsub(/Mac/,"MacIntosh",$1); print}' awk -F '' '{ for(i=1;i<NF+1;i++)a+=$i ;print a}' awk '{ i=$1%10;if ( i == 0 ) {print i}}' awk 'BEGIN{a=0}{if ($1>a) a=$1 fi}END{print a}' awk 'BEGIN{a=11111}{if ($1<a) a=$1 fi}END{print a}' awk '{if(A)print;A=0}/regexp/{A=1}' awk '/regexp/{print A}{A=$0}' awk '{if(!/mysql/)gsub(/1/,"a");print $0}' awk 'BEGIN{srand();fr=int(100*rand());print fr;}' awk '{if(NR==3)F=1}{if(F){i++;if(i%7==1)print}}' awk '{if(NF<1){print i;i=0} else {i++;print $0}}' echo +null:null |awk -F: '$1!~"^+"&&$2!="null"{print $0}' awk -v RS=@ 'NF{for(i=1;i<=NF;i++)if($i) printf $i;print ""}' awk '{b[$1]=b[$1]$2}END{for(i in b){print i,b[i]}}' awk '{ i=($1%100);if ( $i >= 0 ) {print $0,$i}}' awk '{b=a;a=$1; if(NR>1){print a-b}}' awk '{a[NR]=$1}END{for (i=1;i<=NR;i++){print a[i]-a[i-1]}}' awk -F: '{name[x++]=$1};END{for(i=0;i<NR;i++)print i,name[i]}' awk '{sum2+=$2;count=count+1}END{print sum2,sum2/count}' awk -v a=0 -F 'B' '{for (i=1;i<NF;i++){ a=a+length($i)+1;print a }}' awk 'BEGIN{ "date" | getline d; split(d,mon) ; print mon[2]}' file awk 'BEGIN{info="this is a test2010test!";print substr(info,4,10);}' awk 'BEGIN{info="this is a test2010test!";print index(info,"test")?"ok":"no found";}' awk 'BEGIN{info="this is a test2010test!";print match(info,/[0-9]+/)?"ok":"no found";}' awk '{for(i=1;i<=4;i++)printf $i""FS; for(y=10;y<=13;y++) printf $y""FS;print ""}' awk 'BEGIN{for(n=0;n++<9;){for(i=0;i++<n;)printf i"x"n"="i*n" ";print ""}}' awk 'BEGIN{info="this is a test";split(info,tA," ");print length(tA);for(k in tA){print k,tA[k];}}' awk '{if (system ("grep "$2" tmp/* > /dev/null 2>&1") == 0 ) {print $1,"Y"} else {print $1,"N"} }' a awk '{for(i=1;i<=NF;i++) a[i,NR]=$i}END{for(i=1;i<=NF;i++) {for(j=1;j<=NR;j++) printf a[i,j] " ";print ""}}' netstat -an|awk -v A=$IP -v B=$PORT 'BEGIN{print "Clients\tGuest_ip"}$4~A":"B{split($5,ip,":");a[ip[1]]++}END{for(i in a)print a[i]"\t"i|"sort -nr"}' cat 1.txt|awk -F" # " '{print "insert into user (user,password,email)values(""'\''"$1"'\'\,'""'\''"$2"'\'\,'""'\''"$3"'\'\)\;'"}' >>insert_1.txt awk 'BEGIN{printf "what is your name?";getline name < "/dev/tty" } $1 ~name {print "FOUND" name " on line ", NR "."} END{print "see you," name "."}' file
取本机IP{ /sbin/ifconfig |awk -v RS="Bcast:" '{print $NF}'|awk -F: '/addr/{print $2}' /sbin/ifconfig |awk '/inet/&&$2!~"127.0.0.1"{split($2,a,":");print a[2]}' /sbin/ifconfig |awk -v RS='inet addr:' '$1!="eth0"&&$1!="127.0.0.1"{print $1}'|awk '{printf"%s|",$0}' /sbin/ifconfig |awk '{printf("line %d,%s\n",NR,$0)}' }
查看磁盘空间{ df -h|awk -F"[ ]+|%" '$5>14{print $5}' df -h|awk 'NR!=1{if ( NF == 6 ) {print $5} else if ( NF == 5) {print $4} }' df -h|awk 'NR!=1 && /%/{sub(/%/,"");print $(NF-1)}' df -h|sed '1d;/ /!N;s/\n//;s/ \+/ /;' }
排列打印{ awk 'END{printf "%-10s%-10s\n%-10s%-10s\n%-10s%-10s\n","server","name","123","12345","234","1234"}' txt awk 'BEGIN{printf "|%-10s|%-10s|\n|%-10s|%-10s|\n|%-10s|%-10s|\n","server","name","123","12345","234","1234"}' awk 'BEGIN{ print " *** 开 始 *** "; print "+-----------------+"; printf "|%-5s|%-5s|%-5s|\n","id","name","ip"; } $1!=1 && NF==4{printf "|%-5s|%-5s|%-5s|\n",$1,$2,$3" "$11} END{ print "+-----------------+"; print " *** 结 束 *** " }' txt }
awk经典题{ 分析图片服务日志,把日志(每个图片访问次数*图片大小的总和)排行,也就是计算每个url的总访问大小 说明:本题生产环境应用:这个功能可以用于IDC网站流量带宽很高,然后通过分析服务器日志哪些元素占用流量过大,进而进行优化或裁剪该图片,压缩js等措施。 本题需要输出三个指标: 【被访问次数】 【访问次数*单个被访问文件大小】 【文件名(带URL)】 测试数据 59.33.26.105 - - [08/Dec/2010:15:43:56 +0800] "GET /static/images/photos/2.jpg HTTP/1.1" 200 11299
awk '{array_num[$7]++;array_size[$7]+=$10}END{for(i in array_num) {print array_num[i]" "array_size[i]" "i}}' }
awk练习题{
wang 4 cui 3 zhao 4 liu 3 liu 3 chang 5 li 2
1 通过第一个域找出字符长度为4的 2 当第二列值大于3时,创建空白文件,文件名为当前行第一个域$1 (touch $1) 3 将文档中 liu 字符串替换为 hong 4 求第二列的和 5 求第二列的平均值 6 求第二列中的最大值 7 将第一列过滤重复后,列出每一项,每一项的出现次数,每一项的大小总和
1、字符串长度 awk 'length($1)=="4"{print $1}' 2、执行系统命令 awk '{if($2>3){system ("touch "$1)}}' 3、gsub(/r/,"s",域) 在指定域(默认$0)中用s替代r (sed 's///g') awk '{gsub(/liu/,"hong",$1);print $0}' a.txt 4、列求和 awk '{a+=$2}END{print a}' 5、列求平均值 awk '{a+=$2}END{print a/NR}' awk '{a+=$2;b++}END{print a,a/b}' 6、列求最大值 awk 'BEGIN{a=0}{if($2>a) a=$2 }END{print a}' 7、将第一列过滤重复列出每一项,每一项的出现次数,每一项的大小总和 awk '{a[$1]++;b[$1]+=$2}END{for(i in a){print i,a[i],b[i]}}' }
awk处理复杂日志{ 6.19: DHB_014_号百总机服务业务日报:广州 到达数异常! DHB_023_号百漏话提醒日报:珠海 到达数异常! 6.20: DHB_014_号百总机服务业务日报:广州 到达数异常!到
awk -F '[_ :]+' 'NF>2{print $4,$1"_"$2,b |"sort";next}{b=$1}'
广州 DHB_014 6.19 } }
sed{
-n -i -e -r
b p d s g i a r y q
& * ? $ .* \(a\)
模式空间{
n h H g G x ! D N p
}
标签函数{
: lable b lable t labe
sed -e '{:p1;/A/s/A/AA/;/B/s/B/BB/;/[AB]\{10\}/b;b p1;}' echo 'sd f f [a b c cddd eee]' | sed ':n;s#\(\[[^ ]*\) *#\1#;tn' echo "198723124.03"|sed -r ':a;s/([0-9]+)([0-9]{3})/\1,\2/;ta'
}
引用外部变量{
sed -n ''$a',10p' sed -n ""$a",10p"
}
sed 10q sed -n '$=' sed -n '5,/^no/p' sed -i "/^$f/d" a sed -i '/aaa/,$d' sed -i "s/=/:/" c sed -i "/^pearls/s/$/j/" sed '/1/,/3/p' file sed -n '1p' file sed '5i\aaa' file sed '5a\aaa' file echo a|sed -e '/a/i\b' echo a|sed -e '/a/a\b' echo a|sed 's/a/&\nb/g' seq 10| sed -e{1,3}'s/./a/' sed -n '/regexp/!p' sed '/regexp/d' sed '$!N;s/\n//' sed '/baz/s/foo/bar/g' sed '/baz/!s/foo/bar/g' echo a|sed -e 's/a/#&/g' sed 's/foo/bar/4' sed 's/\(.*\)foo/\1bar/' sed 's/\(.*\)foo\(.*foo\)/\1bar\2/' sed 's/[0-9][0-9]$/&5' sed -n ' /^eth\|em[01][^:]/{n;p;}' sed -n -r ' /eth|em[01][^:]/{n;p;}' echo -e "1\n2"|xargs -i -t sed 's/^/1/' {} sed '/west/,/east/s/$/*VACA*/' sed 's/[^1-9]*\([0-9]\+\).*/\1/' sed -n '/regexp/{g;1!p;};h' sed -n ' /regexp/{n;p;}' sed -n 's/\(mar\)got/\1ianne/p' sed -n 's/\([0-9]\+\).*\(t\)/\2\1/p' sed -i -e '1,3d' -e 's/1/2/' sed -e 's/@.*//g' -e '/^$/d' sed -n -e "{s/^ *[0-9]*//p}" echo abcd|sed 'y/bd/BE/' sed '/^#/b;y/y/P/' 2 sed '/suan/r readfile' sed -n '/no/w writefile' sed '/regex/G' sed '/regex/{x;p;x;G;}' sed 'n;d' sed 'G;G' sed '/^$/d;G' sed 'n;n;n;n;G;' sed -n '5~5p' seq 1 30|sed '5~5s/.*/a/' sed -n '3,${p;n;n;n;n;n;n;}' sed -n 'h;n;G;p' seq 1 10|sed '1!G;h;$!d' ls -l|sed -n '/^.rwx.*/p' sed = filename | sed 'N;s/\n/\t/' sed 's/^[ \t]*//' sed 's/^[ \t]*//;s/[ \t]*$//' sed '/{abc,def\}\/\[111,222]/s/^/00000/' echo abcd\\nabcde |sed 's/\\n/@/g' |tr '@' '\n' cat tmp|awk '{print $1}'|sort -n|sed -n '$p' sed -n '{s/^[^\/]*//;s/\:.*//;p}' /etc/passwd sed = filename | sed 'N;s/^/ /; s/ *\(.\{6,\}\)\n/\1 /' /sbin/ifconfig |sed 's/.*inet addr:\(.*\) Bca.*/\1/g' |sed -n '/eth/{n;p}'
修改keepalive配置剔除后端服务器{
sed -i '/real_server.*10.0.1.158.*8888/,+8 s/^/#/' keepalived.conf sed -i '/real_server.*10.0.1.158.*8888/,+8 s/^#//' keepalived.conf
}
模仿rev功能{
echo 123 |sed '/\n/!G;s/\(.\)\(.*\n\)/&\2\1/;//D;s/.//;' /\n/!G; s/\(.\)\(.*\n\)/&\2\1/; //D; s/.//;
}
}
xargs{
-t 先打印命令,然后再执行 -i 用每项替换 {} find / -perm +7000 | xargs ls -l seq 1 10 |xargs -i date -d "{} days " +%Y-%m-%d
}
dialog菜单{
窗体类型{ --calendar --checklist --form --fselect --gauge --infobox --inputbox --inputmenu --menu --msgbox(message) --password --pause --radiolist --tailbox --tailboxbg --textbox --timebox --yesno(yes/no) }
窗体参数{ --separate-output --ok-label "提交" --cancel-label "取消" --title "标题" --stdout --backtitle "上标" --no-shadow --menu "菜单名" 20 60 14 --clear --no-cancel --insecure --begin <y> <x> --timeout <秒> --defaultno --default-item <str> --sleep 5 --max-input size --keep-window }
dialog --title "Check me" --checklist "Pick Numbers" 15 25 3 1 "one" "off" 2 "two" "on" dialog --title "title" --radiolist "checklist" 20 60 14 tag1 "item1" on tag2 "item2" off dialog --title "title" --menu "MENU" 20 60 14 tag1 "item1" tag2 "item2" dialog --title "Installation" --backtitle "Star Linux" --gauge "Linux Kernel" 10 60 50 dialog --title "标题" --backtitle "Dialog" --yesno "说明" 20 60 dialog --title "公告标题" --backtitle "Dialog" --msgbox "内容" 20 60 dialog --title "hey" --backtitle "Dialog" --infobox "Is everything okay?" 10 60 dialog --title "hey" --backtitle "Dialog" --inputbox "Is okay?" 10 60 "yes" dialog --title "Array 30" --backtitle "All " --textbox /root/txt 20 75 dialog --title "Add" --form "input" 12 40 4 "user" 1 1 "" 1 15 15 0 "name" 2 1 "" 2 15 15 0 dialog --title "Password" --insecure --passwordbox "请输入密码" 10 35 dialog --stdout --title "日历" --calendar "请选择" 0 0 9 1 2010 dialog --title "title" --menu "MENU" 20 60 14 tag1 "item1" tag2 "item2" 2>tmp a=`dialog --title "title" --stdout --menu "MENU" 20 60 14 tag1 "item1" tag2 "item2"`
dialog菜单实例{ while : do clear menu=`dialog --title "title" --stdout --menu "MENU" 20 60 14 1 system 2 custom` [ $? -eq 0 ] && echo "$menu" || exit while : do case $menu in 1) list="1a "item1" 2a "item2"" ;; 2) list="1b "item3" 2b "item4"" ;; esac result=`dialog --title "title" --stdout --menu "MENU" 20 60 14 $list` [ $? -eq 0 ] && echo "$result" || break read done done }
}
select菜单{
select menuitem in pick1 pick2 pick3 退出 do echo $menuitem case $menuitem in 退出) exit ;; *) select area in area1 area2 area3 返回 do echo $area case $area in 返回) break ;; *) echo "对$area操作" ;; esac done ;; esac done
}
shift{
./cs.sh 1 2 3 until [ $# -eq 0 ] do echo "第一个参数为: $1 参数个数为: $#" shift done
}
getopts给脚本加参数{
while getopts 🆎 name do case $name in a) aflag=1 ;; b) bflag=1 bval=$OPTARG ;; \?) echo "USAGE:`basename $0` [-a] [-b value]" exit 1 ;; esac done if [ ! -z $aflag ] ; then echo "option -a specified" echo "$aflag" echo "$OPTIND" fi if [ ! -z $bflag ] ; then echo "option -b specified" echo "$bflag" echo "$bval" echo "$OPTIND" fi echo "here $OPTIND" shift $(($OPTIND -1)) echo "$OPTIND" echo " `shift $(($OPTIND -1))` "
}
tclsh{
set foo "a bc" set b {$a}; set a 3; incr a 3; set c [expr 20/5]; puts $foo; set qian(123) f; set qian(1,1,1) fs; parray qian; string length $qian; string option string1 string2; set a 1;while {$a < 3} { set a [incr a 1;]; };puts $a for {initialization} {condition} {increment} {body} for {set i 0} {$i < 10} {incr i} {puts $i;} if { 表达式 } { } else { } switch $x { 字符串1 { 操作1 ;} 字符串2 { 操作2 ;} } foreach element {0 m n b v} { switch $element { } }
expect交互{
exp_continue interact expect "password:" send "passwd\r"
ssh后sudo{
/usr/bin/expect -c ' set timeout 5 spawn ssh -o StrictHostKeyChecking=no xuesong1@192.168.42.128 "sudo grep xuesong1 /etc/passwd" expect { "passphrase" { send_user "sshkey\n" send "xuesong\r"; expect { "sudo" { send_user "sudo\n" send "xuesong\r" interact } eof { send_user "sudo eof\n" } } } "password:" { send_user "ssh\n" send "xuesong\r"; expect { "sudo" { send_user "sudo\n" send "xuesong\r" interact } eof { send_user "sudo eof\n" } } } "sudo" { send_user "sudo\n" send "xuesong\r" interact } eof { send_user "ssh eof\n" } } '
}
ssh执行命令操作{
/usr/bin/expect -c " proc jiaohu {} { send_user expect_start expect { password { send ${RemotePasswd}\r; send_user expect_eof expect { \"does not exist\" { send_user expect_failure exit 10 } password { send_user expect_failure exit 5 } Password { send ${RemoteRootPasswd}\r; send_user expect_eof expect { incorrect { send_user expect_failure exit 6 } eof } } eof } } passphrase { send ${KeyPasswd}\r; send_user expect_eof expect { \"does not exist\" { send_user expect_failure exit 10 } passphrase{ send_user expect_failure exit 7 } Password { send ${RemoteRootPasswd}\r; send_user expect_eof expect { incorrect { send_user expect_failure exit 6 } eof } } eof } } Password { send ${RemoteRootPasswd}\r; send_user expect_eof expect { incorrect { send_user expect_failure exit 6 } eof } } \"No route to host\" { send_user expect_failure exit 4 } \"Invalid argument\" { send_user expect_failure exit 8 } \"Connection refused\" { send_user expect_failure exit 9 } \"does not exist\" { send_user expect_failure exit 10 }
\"Connection timed out\" { send_user expect_failure exit 11 } timeout { send_user expect_failure exit 3 } eof } } set timeout $TimeOut switch $1 { Ssh_Cmd { spawn ssh -t -p $Port -o StrictHostKeyChecking=no $RemoteUser@$Ip /bin/su - root -c \\\"$Cmd\\\" jiaohu } Ssh_Script { spawn scp -P $Port -o StrictHostKeyChecking=no $ScriptPath $RemoteUser@$Ip:/tmp/${ScriptPath##*/}; jiaohu spawn ssh -t -p $Port -o StrictHostKeyChecking=no $RemoteUser@$Ip /bin/su - root -c \\\"/bin/sh /tmp/${ScriptPath##*/}\\\" ; jiaohu } Scp_File { spawn scp -P $Port -o StrictHostKeyChecking=no -r $ScpPath $RemoteUser@$Ip:${ScpRemotePath}; jiaohu } } " state=`echo $?`
}
交互双引号引用较长变量{
RemoteUser=xuesong12 Ip=192.168.1.2 RemotePasswd=xuesong Cmd="/bin/echo "$PubKey" > "$RemoteKey"/authorized_keys"
/usr/bin/expect -c " set timeout 10 spawn ssh -o StrictHostKeyChecking=no $RemoteUser@$Ip {$Cmd}; expect { password: { send_user RemotePasswd\n send ${RemotePasswd}\r; interact; } eof { send_user eof\n } } "
}
telnet交互{
Ip="10.0.1.53" a="\{\'method\'\:\'doLogin\'\,\'params\'\:\{\'uName\'\:\'bobbietest\'\}" /usr/bin/expect -c" set timeout 15 spawn telnet ${Ip} 8000 expect "Escape" send "${a}\\r" expect { -re "\"err.*none\"" { exit 0 } timeout { exit 1 } eof { exit 2 } } " echo $?
}
模拟ssh登录{
Ip='192.168.1.6' RemoteUser='user' RemotePasswd='userpasswd' RemoteRootPasswd='rootpasswd' /usr/bin/expect -c " set timeout -1 spawn ssh -t -p $Port -o StrictHostKeyChecking=no $RemoteUser@$Ip expect { password { send_user RemotePasswd send ${RemotePasswd}\r; expect { \"does not exist\" { send_user \"root user does not exist\n\" exit 10 } password { send_user \"user passwd error\n\" exit 5 } Last { send \"su - batch\n\" expect { Password { send_user RemoteRootPasswd send ${RemoteRootPasswd}\r; expect { \"]#\" { send \"sh /tmp/update.sh update\n \" expect { \"]#\" { send_user ${Ip}_Update_Done\n } eof } } } } } } } } \"No route to host\" { send_user \"host not found\n\" exit 4 } \"Invalid argument\" { send_user \"incorrect parameter\n\" exit 8 } \"Connection refused\" { send_user \"invalid port parameters\n\" exit 9 } \"does not exist\" { send_user \"root user does not exist\" exit 10 } timeout { send_user \"connection timeout \n\" exit 3 } eof } " state=`echo $?`
}
}
}
}
9 实例{
从1叠加到100{
echo $[$(echo +{1..100})] echo $[(100+1)*(100/2)] seq -s '+' 100 |bc
}
判断参数是否为空-空退出并打印null{
echo $1 name=${1:?"null"} echo $name
}
循环数组{
for ((i=0;i<${#o[*]};i++)) do echo ${o[$i]} done
}
判断路径{
if [ -d /root/Desktop/text/123 ];then echo "找到了123" if [ -d /root/Desktop/text ] then echo "找到了text" else echo "没找到text" fi else echo "没找到123文件夹" fi
}
找出出现次数最多{
awk '{print $1}' file|sort |uniq -c|sort -k1r
}
判断脚本参数是否正确{
./test.sh -p 123 -P 3306 -h 127.0.0.1 -u root if [ $# -ne 8 ];then echo "USAGE: $0 -u user -p passwd -P port -h host" exit 1 fi
while getopts :u:p:P:h: name do case $name in u) mysql_user=$OPTARG ;; p) mysql_passwd=$OPTARG ;; P) mysql_port=$OPTARG ;; h) mysql_host=$OPTARG ;; *) echo "USAGE: $0 -u user -p passwd -P port -h host" exit 1 ;; esac done
if [ -z $mysql_user ] || [ -z $mysql_passwd ] || [ -z $mysql_port ] || [ -z $mysql_host ] then echo "USAGE: $0 -u user -p passwd -P port -h host" exit 1 fi
echo $mysql_user $mysql_passwd $mysql_port $mysql_host
}
正则匹配邮箱{
^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$
}
打印表格{
clear awk 'BEGIN{ print "+--------------------+--------------------+"; printf "|%-20s|%-20s|\n","Name","Number"; print "+--------------------+--------------------+"; }' a=`grep "^[A-Z]" a.txt |sort +1 -n |awk '{print $1":"$2}'` for list in $a do name=`echo $list |awk -F: '{print $1}'` number=`echo $list |awk -F: '{print $2}'` awk 'BEGIN{printf "|%-20s|%-20s|\n","'"$name"'","'"$number"'"; print "+--------------------+--------------------+"; }' done awk 'BEGIN{ print " *** The End *** " print " " }'
}
判断日期是否合法{
while read a do if echo $a | grep -q "-" && date -d $a +%Y%m%d > /dev/null 2>&1 then if echo $a | grep -e '^[0-9]\{4\}-[01][0-9]-[0-3][0-9]$' then break else echo "您输入的日期不合法,请从新输入!" fi else echo "您输入的日期不合法,请从新输入!" fi done echo "日期为$a"
}
打印日期段所有日期{
qsrq=20010101 jsrq=20010227 n=0 >tmp while :;do current=$(date +%Y%m%d -d"$n day $qsrq") if [[ $current == $jsrq ]];then echo $current >>tmp;break else echo $current >>tmp ((n++)) fi done rq=`awk 'NR==1{print}' tmp`
}
数学计算的小算法{
A=1 B=1 while [ $A -le 10 ] do SUM=`expr $A \* $B` echo "$SUM" if [ $A = 10 ] then B=`expr $B + 1` A=1 fi A=`expr $A + 1` done
}
多行合并{
sed '{N;s/\n//}' file awk '{printf(NR%2!=0)?$0" ":$0" \n"}' awk '{printf"%s ",$0}' awk '{if (NR%4==0){print $0} else {printf"%s ",$0}}' file
}
横竖转换{
cat a.txt | xargs cat a.txt | xargs -n1
}
竖行转横行{
cat file|tr '\n' ' ' echo $(cat file)
for i in `cat file` do a=${a}" "${i} done echo $a
}
取用户的根目录{
while read name pass uid gid gecos home shell do echo $home done < /etc/passwd
}
远程打包{
ssh -n $ip 'find '$path' /data /opt -type f -name "*.sh" -or -name "*.py" -or -name "*.pl" |xargs tar zcvpf /tmp/data_backup.tar.gz'
}
把汉字转成encode格式{
echo 论坛 | tr -d "\n" | xxd -i | sed -e "s/ 0x/%/g" | tr -d " ,\n" %c2%db%cc%b3 echo 论坛 | tr -d "\n" | xxd -i | sed -e "s/ 0x/%/g" | tr -d " ,\n" | tr "[a-f]" "[A-F]" %C2%DB%CC%B3
}
把目录带有大写字母的文件名改为全部小写{
for f in *;do mv $f `echo $f |tr "[A-Z]" "[a-z]"` done
}
查找连续多行,在不连续的行前插入{
lastrow=null i=0 cat incl|while read line do i=`expr $i + 1` if echo "$lastrow" | grep "#include <[A-Z].h>" then if echo "$line" | grep -v "#include <[A-Z].h>" then sed -i ''$i'i\\/\/All header files are include' incl i=`expr $i + 1` fi fi lastrow="$line" done
}
查询数据库其它引擎{
path1=/data/mysql/data/ dbpasswd=db123 engine=InnoDB
if [ -d $path1 ];then
dir=`ls -p $path1 |awk '/\/$/'|awk -F'/' '{print $1}'` for db in $dir do number=`mysql -uroot -p$dbpasswd -A -S "$path1"mysql.sock -e "use ${db};show table status;" |grep -c $engine` if [ $number -ne 0 ];then echo "${db}" fi done fi
}
批量修改数据库引擎{
for db in test test1 test3 do tables=`mysql -uroot -pdb123 -A -S /data/mysql/data/mysql.sock -e "use $db;show tables;" |awk 'NR != 1{print}'`
for table in $tables do mysql -uroot -pdb123 -A -S /data/mysql/data/mysql.sock -e "use $db;alter table $table engine=MyISAM;" done done
}
将shell取到的数据插入mysql数据库{
mysql -u$username -p$passwd -h$dbhost -P$dbport -A -e " use $dbname; insert into data values ('','$ip','$date','$time','$data') "
}
两日期间隔天数{
D1=`date -d '20070409' +"%s"` D2=`date -d '20070304 ' +"%s"` D3=$(($D1 - $D2)) echo $(($D3/60/60/24))
}
while执行ssh只循环一次{
cat - seq 10 | while read line; do ssh localhost "cat -"; done seq 10 | while read line; do ssh -n localhost "cat -"; done
}
ssh批量执行命令{
while read line do Ip=`echo $line|awk '{print $1}'` Passwd=`echo $line|awk '{print $2}'` ssh -n localhost "cat -" sshpass -p "$Passwd" ssh -n -t -o StrictHostKeyChecking=no root@$Ip "id" done<iplist.txt
Iplist=`awk '{print $1}' iplist.txt` for Ip in $Iplist do Passwd=`awk '/'$Ip'/{print $2}' iplist.txt` sshpass -p "$Passwd" ssh -n -t -o StrictHostKeyChecking=no root@$Ip "id" done
}
在同一位置打印字符{
echo -ne "\t" for i in `seq -w 100 -1 1` do echo -ne "$i\b\b\b"; sleep 1; done
}
多进程后台并发简易控制{
test () { echo $a sleep 5 } for a in `seq 1 30` do test & echo $! ((num++)) if [ $num -eq 6 ];then echo "wait..." wait num=0 fi done wait
}
shell并发{
tmpfile=$$.fifo mkfifo $tmpfile exec 4<>$tmpfile rm $tmpfile thred=4 seq=(1 2 3 4 5 6 7 8 9 21 22 23 24 25 31 32 33 34 35)
{ for (( i = 1;i<=${thred};i++ )) do echo; done } >&4
for id in ${seq} do read (./ur_command ${id};echo >&4 ) & done <&4 wait exec 4>&-
}
shell并发函数{
function ConCurrentCmd() { Thread=30
CurFileName=iplist.txt
FifoFile="$$.fifo"
mkfifo $FifoFile
exec 6<>$FifoFile rm $FifoFile
for ((i=0;i<=$Thread;i++));do echo;done >&6
exec 5<$CurFileName
Count=0 while read -u5 line do read -u6 let Count+=1 { echo $Count
function
echo >&6 } & done
wait
exec 6>&-
exec 5>&- }
并发例子{
pnum=3
task () { echo "$u start" sleep 5 echo "$u done" }
FifoFile="$$.fifo" mkfifo $FifoFile exec 6<>$FifoFile rm $FifoFile for ((i=0;i<=$pnum;i++));do echo;done >&6
for u in `seq 1 20` do read -u6 { task [ $? -eq 0 ] && echo "${u} 次成功" || echo "${u} 次失败" echo >&6 } & done wait exec 6>&-
} }
函数{
ip(){ echo "a 1"|awk '$1=="'"$1"'"{print $2}' } web=a ip $web
}
检测软件包是否存在{
rpm -q dialog >/dev/null if [ "$?" -ge 1 ];then echo "install dialog,Please wait..." yum -y install dialog rpm -q dialog >/dev/null [ $? -ge 1 ] && echo "dialog installation failure,exit" && exit echo "dialog done" read fi
}
游戏维护菜单-修改配置文件{
conf=serverlist.xml AreaList=`awk -F '"' '/<s/{print $2}' $conf`
select area in $AreaList 全部 退出 do echo "" echo $area case $area in 退出) exit ;; *) select operate in "修改版本号" "添加维护中" "删除维护中" "返回菜单" do echo "" echo $operate case $operate in 修改版本号) echo 请输入版本号 while read version do if echo $version | grep -w 10[12][0-9][0-9][0-9][0-9][0-9][0-9] then break fi echo 请从新输入正确的版本号 done case $area in 全部) case $version in 101*) echo "请确认操作对 $area 体验区 $operate" read sed -i 's/101[0-9][0-9][0-9][0-9][0-9][0-9]/'$version'/' $conf ;; 102*) echo "请确认操作对 $area 正式区 $operate" read sed -i 's/102[0-9][0-9][0-9][0-9][0-9][0-9]/'$version'/' $conf ;; esac ;; *) type=`awk -F '"' '/'$area'/{print $14}' $conf |cut -c1-3` readtype=`echo $version |cut -c1-3` if [ $type != $readtype ] then echo "版本号不对应,请从新操作" continue fi
echo "请确认操作对 $area 区 $operate" read
awk -F '"' '/'$area'/{print $12}' $conf |xargs -i sed -i '/'{}'/s/10[12][0-9][0-9][0-9][0-9][0-9][0-9]/'$version'/' $conf ;; esac ;; 添加维护中) case $area in 全部) echo "请确认操作对 $area 区 $operate" read awk -F '"' '/<s/{print $2}' $conf |xargs -i sed -i 's/'{}'/&维护中/' $conf ;; *) echo "请确认操作对 $area 区 $operate" read sed -i 's/'$area'/&维护中/' $conf ;; esac ;; 删除维护中) case $area in 全部) echo "请确认操作对 $area 区 $operate" read sed -i 's/维护中//' $conf ;; *) echo "请确认操作对 $area 区 $operate" read sed -i '/'$area'/s/维护中//' $conf ;; esac ;; 返回菜单) break ;; esac done ;; esac echo "回车重新选择区" done
}
keepalive剔除后端服务{
if [ X$2 == X ];then echo "error: IP null" read exit fi case $1 in del) sed -i '/real_server.*'$2'.*8888/,+8 s/^/#/' /etc/keepalived/keepalived.conf /etc/init.d/keepalived reload ;; add) sed -i '/real_server.*'$2'.*8888/,+8 s/^#//' /etc/keepalived/keepalived.conf /etc/init.d/keepalived reload ;; *) echo "Parameter error" ;; esac
}
抓取系统中负载最高的进程{
LANG=C PATH=/sbin:/usr/sbin:/bin:/usr/bin interval=1 length=86400 for i in $(seq 1 $(expr ${length} / ${interval}));do date LANG=C ps -eT -o%cpu,pid,tid,ppid,comm | grep -v CPU | sort -n -r | head -20 date LANG=C cat /proc/loadavg { LANG=C ps -eT -o%cpu,pid,tid,ppid,comm | sed -e 's/^ *//' | tr -s ' ' | grep -v CPU | sort -n -r | cut -d ' ' -f 1 | xargs -I{} echo -n "{} + " && echo ' 0'; } | bc -l sleep ${interval} done fuser -k $0
}
申诉中国反垃圾邮件联盟黑名单{
IpList=`awk '$1!~"^#"&&$1!=""{print $1}' host.list`
QueryAdd='http://www.anti-spam.org.cn/Rbl/Query/Result' ComplaintAdd='http://www.anti-spam.org.cn/Rbl/Getout/Submit'
CONTENT='我们是一家正规的XXX。xxxxxxx。恳请将我们的发送服务器IP移出黑名单。谢谢! 处理措施: 1.XXXX。 2.XXXX。' CORP='abc.com' WWW='www.abc.cm' NAME='def' MAIL='def@163.com.cn' TEL='010-50000000' LEVEL='0'
for Ip in $IpList do Status=`curl -d "IP=$Ip" $QueryAdd |grep 'Getout/ShowForm?IP=' |grep -wc '申诉脱离'` if [ $Status -ge 1 ];then IpStatus="黑名单中" results=`curl -d "IP=${Ip}&CONTENT=${CONTENT}&CORP=${CORP}&WWW=${WWW}&NAME=${NAME}&MAIL=${MAIL}&TEL=${TEL}&LEVEL=${LEVEL}" $ComplaintAdd |grep -E '您的黑名单脱离申请已提交|该IP的脱离申请已被他人提交|申请由于近期内有被拒绝的记录'` echo $results if echo $results | grep '您的黑名单脱离申请已提交' > /dev/null 2>&1 then complaint='申诉成功' elif echo $results | grep '该IP的脱离申请已被他人提交' > /dev/null 2>&1 then complaint='申诉重复' elif echo $results | grep '申请由于近期内有被拒绝的记录' > /dev/null 2>&1 then complaint='申诉拒绝' else complaint='异常' fi else IpStatus='正常' complaint='无需申诉' fi echo "$Ip $IpStatus $complaint" >> $(date +%Y%m%d_%H%M%S).log done
}
Web Server in Awk{
BEGIN { x = 1 port = 8080 host = "/inet/tcp/" port "/0/0" url = "http://localhost:" port status = 200 reason = "OK" RS = ORS = "\r\n" doc = Setup() len = length(doc) + length(ORS) while (x) { if ($1 == "GET") RunApp(substr($2, 2)) if (! x) break print "HTTP/1.0", status, reason |& host print "Connection: Close" |& host print "Pragma: no-cache" |& host print "Content-length:", len |& host print ORS doc |& host close(host) host |& getline } doc = Bye() len = length(doc) + length(ORS) print "HTTP/1.0", status, reason |& host print "Connection: Close" |& host print "Pragma: no-cache" |& host print "Content-length:", len |& host print ORS doc |& host close(host) }
function Setup() { tmp = "<html>\ <head><title>Simple gawk server</title></head>\ <body>\ <p><a href=" url "/xterm>xterm</a>\ <p><a href=" url "/xcalc>xcalc</a>\ <p><a href=" url "/xload>xload</a>\ <p><a href=" url "/exit>terminate script</a>\ </body>\ </html>" return tmp }
function Bye() { tmp = "<html>\ <head><title>Simple gawk server</title></head>\ <body><p>Script Terminated...</body>\ </html>" return tmp }
function RunApp(app) { if (app == "xterm") {system("xterm&"); return} if (app == "xcalc" ) {system("xcalc&"); return} if (app == "xload" ) {system("xload&"); return} if (app == "exit") {x = 0} }
}
}
10 经验{ 1.服务上线,在启动注册流量时大量报错, 下游服务摘除,重启后, 上游还用原有的链接去链接, 导致请求失败. 2.systemd守护的进程,在tmp下找不到对应文件, 配置安全tmp项PrivateTmp改为false PrivateTmp=false 3.统一服务内部调用关系,一个服务对应一个域名 4.统一服务服务返回的状态码,报警只需要针对5xx就可以发现问题. 5.在服务雪崩后,恢复服务,用户可能有大量重试,所以放流量也要小比例放流量,逐步恢复 }
|