[ 脚本 ] RHEL6.x 及Centos6.x 初始化脚本
2024-09-24 18:57:07
#!/bin/bash # check network
echo "-------------check Network-------------"
ping -c -t mirrors.aliyun.com >/dev/null >&
if [[ $? == ]]; then
echo "nameserver 61.134.1.4
nameserver 218.30.19.40" > /etc/resolv.conf
fi
ping -c -t www.baidu.com >/dev/null >&
if [[ $? == ]]; then
echo "Network err!"
exit
else
echo "Network OK."
fi # set hostname
IP=$(ifconfig | grep cas | awk -F '[ :]+' '{print $4}')
sed -i "s/localhost.localdomain/$IP/g" /etc/sysconfig/network
hostname $IP
# update yum echo "-------------update Yum-------------"
rm -rf /etc/yum.repos.d/* && curl http://mirrors.aliyun.com/repo/Centos-6.repo > /etc/yum.repos.d/CentOS-Base.repo
sed -i 's/\$releasever/6/g' /etc/yum.repos.d/CentOS-Base.repo # 如果是centos系统,请删除本行。
yum clean all && yum makecache
yum install -y ntp vim if [ -f /usr/sbin/ntpdate ];then
/usr/sbin/ntpdate tiger.sina.com.cn
/sbin/hwclock -w
else
echo "ntpdate can't found !"
exit
fi
echo "* 3 * * * /usr/sbin/ntpdate tiger.sina.com.cn > /dev/null 2>&1" >> /etc/crontab
/etc/init.d/crond restart # set ulimit echo "-------------set ulimit-------------"
echo "ulimit -SHn 102400" >> /etc/rc.local
cat >> /etc/security/limits.conf << EOF
* soft nproc 65535
* hard nproc 65535
* soft nofile 65535
* hard nofile 65535
EOF # set sysctl echo "-------------set sysctl-------------"
cat >> /etc/sysctl.conf << EOF
fs.file-max = 655350
net.ipv4.ip_local_port_range = 1024 65500
net.ipv4.tcp_max_tw_buckets = 1500
net.ipv4.tcp_max_syn_backlog = 1500
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_fin_timeout = 5
net.ipv4.tcp_keepalive_time = 120
net.core.somaxconn = 65535
net.core.netdev_max_backlog = 2000
EOF
/sbin/sysctl -p
echo "sysctl set OK!!" # disable ipv6 echo "-------------disable ipv6-------------"
echo "alias net-pf-10 off" >> /etc/modprobe.d/ipv6off.conf
echo "alias ipv6 off" >> /etc/modprobe.d/ipv6off.conf
/sbin/chkconfig --level 35 ip6tables off
echo "ipv6 is disabled!" # set ssh
echo "-------------set ssh-------------"
SSH_PORT=50000 sed -i "s/#Port 22/Port $SSH_PORT/" /etc/ssh/sshd_config
sed -i "s/#MaxAuthTries 6/MaxAuthTries 6/" /etc/ssh/sshd_config
sed -i "s/#UseDNS yes/UseDNS no/" /etc/ssh/sshd_config
service sshd restart # set iptables
echo "-------------set iptables-------------"
cat > /etc/sysconfig/iptables << EOF
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m multiport --dports 2200,80 -j ACCEPT
-A INPUT -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A OUTPUT -p tcp -m tcp --sport 50000 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p tcp -m multiport --dports 80,443 -j ACCEPT
-A OUTPUT -p icmp -j ACCEPT
COMMIT
EOF
#/etc/init.d/iptables restart
echo "----------------------finished-------------------------"
read -p 'reboot? (y/n): ' yn
if [ $yn == 'y' -o $yn == 'Y' ];then
reboot
else
exit
fi
PS: 执行本脚本后,ssh端口修改为50000
最新文章
- Android基础学习第二篇—Activity
- jquery mobile 输入框无边框
- python连mysql时避免出现乱码
- 4.VS2010C++建立DLL工程
- Android EditText边框颜色的selector 使用focus标记当前填写的框
- atomikos的Jta配置
- WebForm
- JS实现Tab切换
- 在WIN7系统下用Quartus ii 11.1 NIOS II 11.1 有时候会出现Nios II 的Run as hardware 中报错:Downloading ELF Process failed
- UEFI引导系统
- Java创建、重命名、删除文件和文件夹(转)
- grid栅格布局
- kubernetes实践之运行aspnetcore webapi微服务
- 「luogu2486」[SDOI2011] 染色
- ubuntu 14.04 安装 OpenCV -2.4.13
- Road Crossing Game Template 学习
- ubuntu下安装nodejs和npm
- 格式与布局 float 左右悬浮边框
- TFS签入代码时,自动修改工作项的状态为“已解决”
- C# this关键字(给底层类库扩展成员方法)