#!/bin/bash SUBJECT="I am subject" EMAIL="user@domain.com" EMAILMESSAGE="" echo "Hello World" > $EMAILMESSAGE echo "I am test text" >> $EMAILMESSAGE /bin/mail -s "$SUBJECT" "$EMAIL" < $EMAILMESSAGE
Как да накараме mdadm да ни информира ако имаме проблем с някой от RAID масивите?
Елементарно:
mdadm --monitor --scan --mail=MAIL@DOMAIN.com --delay=3600 --daemonize --test
Тези команди ще ви помогнат да се защитите от DoS атака. Посредством тях, ще блокирате всяко IP, което за 60 секунди има повече от 20 връзки (connections) към текущата машина:
iptables -I INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --set iptables -I INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 20 -j DROP
Резултат от командата:
[root@server ~]# netstat -alpn| grep ":80"| awk '{ print $5 }'| cut -d: -f4| sort| uniq -c | sort -n 1 * 3 66.249.72.131 16 81.100.74.82 17 82.12.246.158 19 212.183.140.13 19 78.148.123.94 20 85.211.47.252 20 86.166.141.234 20 87.97.215.7 20 89.253.191.173 20 91.92.170.172 20 94.156.57.170 20 94.169.158.18 22 77.78.11.99
Разбира се това е само пример и можете да смените стоностите за секунди (60) и брои връзки (20).
Имайте впредвид, че максималните стойности за –seconds са 60, а за –hitcount са 20
За да премахнете правило (RULE) от iptables използвайте следните команди.
Лист на всички правила в iptables:
iptables -L INPUT -n --line-numbers
[root@server ~]# iptables -L INPUT -n --line-numbers Chain INPUT (policy ACCEPT) num target prot opt source destination 1 DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 state NEW recent: UPDATE seconds: 60 hit_count: 20 name: DEFAULT side: source 2 tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 state NEW recent: SET name: DEFAULT side: source 3 fail2ban-SSH tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 4 DROP all -- 67.195.0.0/24 0.0.0.0/0 [root@server ~]#
За да изтрием правилото за блокиране на IP-тата в този случай пишем:
iptables -D INPUT 1
Как да разберем колко конекции (connections) имаме към определен порт на нашата машина.
Командата дава списък с IP–та и за всяко едно от тях брои връзките, които то (IP-то) е направило към машината. Текущата команда сканира връзките към порт 80:
netstat -alpn| grep ":80"| awk '{ print $5 }'| cut -d: -f4| sort| uniq -c | sort -n
This is very useful things in my Linux = .bashrc and my Mac = .bash_profile
Linux = .bashrc | /etc/profile
I just found this useful link with .bashrc examples bashrc examples
I use “HISTTIMEFORMAT=’%F %T ‘ ”
Here is full list for timestamps TIMESTAMPS
Here is my HISTORY section in .bashrc
# don't put duplicate lines in the history. See bash(1) for more options # don't overwrite GNU Midnight Commander's setting of `ignorespace'. export HISTCONTROL=$HISTCONTROL${HISTCONTROL+,}ignoredups # ... or force ignoredups and ignorespace export HISTCONTROL=ignoreboth # append to the history file, don't overwrite it shopt -s histappend # for setting history length see HISTSIZE and HISTFILESIZE in bash(1) # check the window size after each command and, if necessary, # update the values of LINES and COLUMNS. shopt -s checkwinsize
/etc/profile
export PATH export HISTTIMEFORMAT='%F %T ' HISTSIZE=100000 # history size use big motherfucker size HISTFILESIZE=1000 # file log size HISTCONTROL=erasedups # dont dublucate HISTCONTROL=ignorespace #ignorepsaces DATA=`date` # variable for `date` HISTFILE=~/.bash_history.$DATA # histfile will look .bash_histori + command `date`
Here is something very useful for me and i put it in my .bashrc
1. random pass generator
2. simple console calculator
3. colours
4. easy access servers with alias
genpasswd() { local l=$1 [ "$l" == "" ] && l=20 tr -dc A-Za-z0-9-!@%^*_ < /dev/urandom | head -c ${l} | xargs } function calc () { { echo "$*" | bc -l; } } alias ls='ls --color' # i want my grep to color my search word and exclude my grep command alias grep='grep -v grep | grep --color=auto' alias fgrep='fgrep --color=auto' alias egrep='egrep --color=auto'
Lets see it in action :
[14:21]vhristev@hristev:~$ genpasswd nHwl*W8Yp4v__T-whmn2 [14:21]vhristev@hristev:~$ calc 54-4 50 [14:21]vhristev@hristev:~$ ps aux | grep nginx root 1920 0.0 0.2 27772 1084 ? Ss Mar10 0:00 nginx: master process /usr/sbin/nginx www-data 1921 0.0 0.4 28700 2416 ? S Mar10 0:01 nginx: worker process www-data 1922 0.0 0.4 28536 2280 ? S Mar10 0:01 nginx: worker process www-data 1925 0.0 0.4 28536 2244 ? S Mar10 0:02 nginx: worker process www-data 1926 0.0 0.4 28536 2252 ? S Mar10 0:02 nginx: worker process [14:22]vhristev@hristev:~$
Why I need put colors in my prompt ?
- We are humans and make mistakes.I remember one day how I execute command on different server and … in fact it was not so big deal but if it was ???
- If you have 1-2 machines its not so useful but if you have 10 or more you may want to put some RED or YELLOW color in your prompt to identify your important servers.
\A – the current time in 24-hour HH:MM format
33[00;31m – RED
33[01;32m – Yellow
if [ "$color_prompt" = yes ]; then PS1='${debian_chroot:+($debian_chroot)}\[33[00;31m\]\u@\[33[01;32m\]\h\[33[00m\]:\[33[01;34m\]\w\[33[00m\]\$ ' else PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ ' fi unset color_prompt force_color_prompt # If this is an xterm set the title to user@host:dir case "$TERM" in xterm*|rxvt*) PS1="\[33[0;35m\]\[33[01;33m\][\A]\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1" ;; *) ;; esac
And voalaaa… you get the prettiest bash prompt :
You can see another idea for customize your PS1 prompt
I want to access my servers very easy without typing every time USER/HOSTNAME/PORT in this case i use aliases
syntax= “alias NAME_OF_COMMAND=’real command’
example= alias homepc=’ssh -l root 192.168.10.10 -p 3333′
Now when i put this in my ~/.bashrc and update it (source ~/.bashrc) when i type “homepc” command “ssh -l root 192.168.10.10 -p 3333″ will be executed
In action:
Bash special characters codes
* \a : an ASCII bell character (07) * \d : the date in "Weekday Month Date" format (e.g., "Tue May 26") * \D{format} : the format is passed to strftime(3) and the result is inserted into the prompt string; an empty format results in a locale-specific time representation. The braces are required * \e : an ASCII escape character (033) * \h : the hostname up to the first '.' * \H : the hostname * \j : the number of jobs currently managed by the shell * \l : the basename of the shell’s terminal device name * \n : newline * \r : carriage return * \s : the name of the shell, the basename of $0 (the portion following the final slash) * \t : the current time in 24-hour HH:MM:SS format * \T : the current time in 12-hour HH:MM:SS format * \@ : the current time in 12-hour am/pm format * \A : the current time in 24-hour HH:MM format * \u : the username of the current user * \v : the version of bash (e.g., 2.00) * \V : the release of bash, version + patch level (e.g., 2.00.0) * \w : the current working directory, with $HOME abbreviated with a tilde * \W : the basename of the current working directory, with $HOME abbreviated with a tilde * \! : the history number of this command * \# : the command number of this command * \$ : if the effective UID is 0, a #, otherwise a $ * \nnn : the character corresponding to the octal number nnn * \\ : a backslash * \[ : begin a sequence of non-printing characters, which could be used to embed a terminal control sequence into the prompt * \] : end a sequence of non-printing characters
Here is my MacBook .bash_profile some good function ps and grep some process example = psgrep apache will ps aux | grep apache .
This is script who will generate or upload ssh key to remote system
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 | #!/bin/bash # This was written only for simple usage #Valentin Hristev ### Enter username and IP(or hostname) for REMOTE machine echo -n "Enter remote username: " read USR echo -n "Remote username is set to $USR " case $usr in esac echo "" echo -n "Enter remote ip/host address: " read HOST echo -n "Remote ip/host is set to $HOST " case $usr in esac #echo -n "Default SSH port is 22 if you want to change it please open ssh_gen with your favourite text editor and change "PORT=" PORT_NUMMER" echo -n "Enter PORT: " read PORT echo -n "Remote port is $PORT " case $usr in esac echo -n "Your config is :User = $USR Host = $HOST Port = $PORT " #PORT="22" NEWKEY="yes" # Generate SSH keys RSA makekey () { if [ $NEWKEY == "yes" ]; then ssh-keygen -t rsa -f ~/.ssh/identity fi } # Check for file "authozed_keys" if file is not there create it. checkfile () { if [ -f ~/.ssh/authorized_keys ]; then touch ~/.ssh/authorized_keys fi } # Check for ".ssh" if dir is not there create it. upload () { cat ~/.ssh/identity.pub | ssh -p $PORT $USR@$HOST 'sh -c "if [ ! -d .ssh ] ; then mkdir .ssh ; chmod 700 .ssh ; fi cat - >>~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"' echo "Done..................... " } ## Main Menu press_enter () { echo "" echo -n "Press Enter to continue" read clear } selection= until [ "$selection" = "0" ]; do echo "" echo "*******PROGRAM MENU"********** echo "1 - Generate & Upload New Key" echo "2 - Upload Old Key" echo "" echo "0 - exit " echo "" echo -n "Enter choose: " read selection echo "" case $selection in 1 ) checkfile ; makekey ; upload ;; 2 ) upload ;; 0 ) exit ;; * ) echo "Please enter 1, 2 or 0"; press_enter esac done exit 0 #END |
Here is script in action
При преглед на една от машините днес забелязах, че един cron е останал висящ в опашката и са зависнали близо 60 негови изпълнения.
user 312 0.0 0.0 60376 7164 ? Ss Jan14 1:26 /usr/local/php/bin/php /www/domain.com/www/root/dumper.php
user 635 0.0 0.0 60000 7476 ? Ss 2010 2:24 /usr/local/php/bin/php /www/domain.com/www/root/dumper.php
user 740 0.0 0.0 60000 6656 ? Ss 2010 2:29 /usr/local/php/bin/php
.............
За да убия всичките процеси наведнъж и да не пиша отделно PID на всеки процес, използвах следната команта:
ps aux | grep dumper | kill `awk '{print $2}'`
Въпросната команда обикала дървото с процесите и навсякъде където срещне думата “dumper” kill-ва процеса.
В момента съм в процес на ъпгрейд на бекъп системата ми. Не се учудвайте ако видите нещо да е “не както трябва”, защото все пак цялата система е писана за лични нужди и скоро няма изгледи да бъде пусната за масово ползване.
За пореден път: авторите на блога не отговарят за щетите, които може да нанесете на системата си, използвайки и прилагайки статиите написани тук!
Ето го и скрипта 
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 | #!/bin/bash DBUSER="root" DBPASS="password_here" DIR="/home/blagomir/test/" DUMP="/usr/bin/mysqldump" DATABASES=`mysql -u $DBUSER -p$DBPASS -e"show databases"` for b in $DATABASES ; do TABLES=`mysql -u $DBUSER -p$DBPASS -e"show tables from $b"` echo "==============================================" echo "Backup database $b" for t in $TABLES ; do VARIABLE="Tables_in_$b" if [[ "$VARIABLE" != $t ]]; then echo "Backup table $b.$t" $DUMP -u $DBUSER -p$DBPASS --database $b --table $t > $DIR$b.$t.sql fi done echo "Done backup $b" echo "==============================================" done |