shell script exercises

1. Count the number of files under / var/log.

//find /var/log -type f | wc -l;

2. How to output the running result of F1.txt file to F2.txt?

// ./F1 > F2.txt   shF1 > F2.txt;

3. Write a script to judge which ip addresses are currently online in the network, and ping the general rule that they are online

// #!/bin/sh
CMD="ping -W 2 -c 2"
for n in $(seq 254)
     $CMD $Ip$n &> /dev/null
     if [ $? -eq 0 ];
     echo "$Ip$n on-line"

4. Based on the following information:

	IP_Address		MAC_Address 		Interface 	Static 	80:71:7A:33:CA:A7 	br 			on 	5C:50:15:7F:3B:F5 	br 			on

Add the above file name test.txt IP in file_ Address,MAC_ The contents under address and interface are extracted, and the values are divided by ":" and displayed in format. Note:
// awk 'NR!=1{OFS=":";print $1,$2,$3}' test.txt;

5. There are four ways to assign variables in the shell, in which name is used= Method name of: (direct assignment)

//Direct assignment uses the read command to transfer parameters from the command line and use the command output;

6. Write a script, check the log once in 5 minutes, if there is violent SSH cracking, extract such IP address, de duplicate it, and sort it in descending order.

Requirements: when the same IP is brutally cracked more than 10 times, the IP address will be automatically masked. The designated office IP address ( is a trusted IP address, which is not limited by the shielding rules. The following is the log format:

Log style:
May 4 03:43:07 tz-monitor sshd{14003}: Failed password for root from port 25251 ssh2
Myy 4 03:43:07 tz-monitor sshd{14082}: invalid user postgres from
// #!/bin/bash
awk '/Failed password/{count[$(NF-3)]++}END{for (ip in count) if(count[ip]>=10){print count[ip],ip}}' /var/log/secure > /tmp/count_ip.txt
while read line
  IP=$(echo $line |awk '{print $2}')
  if [ "$IP" != "" ];then
    if ! grep -w $IP /tmp/drop_ip.txt &> /dev/null;then
      iptables -I INPUT -s $IP -j DROP
      echo $IP >> /tmp/drop_ip.txt
done < /tmp/count_ip.txt;

7. To check IP address compliance, write code in shell and list IP addresses that do not start with 199 or 200, such as 199.x.x.x or 200.x.x.x

Interface Physical Protocol IP Adderss
Eth1/0/1 up up
Eth1/0/2 up up
Loop0 up up(s)
Vlan1 *down down unassigned
Vlan500 down down
Vlan900 up up
// #!/bin/bash
while read line
  isnum=$(echo $line | awk -F "[ .]+" '{print $(NF-3)}')
  if [[ $isnum =~ ^[0-9]+$ ]];then
    if [ $isnum -ne 199 ] && [ $isnum -ne 200 ];then
      echo $line | awk  '{print $NF}'
done < /tmp/config.txt;

8. Process the following file contents, extract and count the domain name, such as processing:

//The results are as follows:
//Number of occurrences of domain name
// An highlighted block
var foo = 'bar';

9. Under the Linux operating system environment of a single server, write a line of command, and set all the data of the machine as "" log.bak "It is the suffix file. It is packed, compressed and uploaded to FTP. The FTP address is in the / home/bak folder

//  cd / find -type f -name "*.log.bak" |xargs tar zcf /tmp/all.tar.gz
ftp -i -n <<FTPIT
user username_xxx password_xxx
cd /home/bak
lcd /tmp
put all.tar.gz

10. Linux script: now you want to delete some files in this machine, / root/file.list The absolute path of these files is recorded in. Please implement it with script. /root/file.list Content example / tmp/1.file

// #!/bin/bash
while read line
  rm $line -f
done < /root/file.list;

Keywords: ftp shell Linux network

Added by brbsta on Sun, 14 Jun 2020 05:18:43 +0300