shell学习二十七--循环控制命令
发布时间:2020-12-15 09:12:23 所属栏目:安全 来源:网络整理
导读:循环控制命令 break continue exit 对比: break continue exit一般用于循环结构中控制循环(for,while,if)的走向。 命令 说明 break n n 表示跳出循环的层数,如果省略n表示跳出整个循环。 continue n n 表示退到第n层继续循环,如果省略n表示跳出本次循
|
循环控制命令 break continue exit 对比: break continue exit一般用于循环结构中控制循环(for,while,if)的走向。 命令 说明 break n n 表示跳出循环的层数,如果省略n表示跳出整个循环。 continue n n 表示退到第n层继续循环,如果省略n表示跳出本次循环,忽略本次循环的剩余代码,进入循环的下一次循环。 exit n n 退出当前shell程序,n为返回值,n也可以省略,再下一个shell里通过$?接收这个n值。 return n n 用于在函数里,作为函数的返回值,用于判断函数执行是否正常。 实例1: [root@node01 day13]# vi break01.sh #!/bin/sh for ((i=0; i<=5; i++)) do if [ $i -eq 3 ] ;then #continue; break; #exit fi echo $i done echo "ok" [root@node01 day13]# sh break01.sh 0 1 2 ok [root@node01 day13]# vi break01.sh #!/bin/sh for ((i=0; i<=5; i++)) do if [ $i -eq 3 ] ;then #continue; #break; exit fi echo $i done echo "ok" [root@node01 day13]# sh break01.sh 0 1 2 [root@node01 day13]# vi break01.sh #!/bin/sh for ((i=0; i<=5; i++)) do if [ $i -eq 3 ] ;then continue; #break; #exit fi echo $i done echo "ok" [root@node01 day13]# sh break01.sh 0 1 2 4 5 ok 实例2: 开发shell脚本实现给服务器临时配置多个别名ip,并可以随时撤销配置的所有ip。 ip地址为:192.168.145.120--192.168.145.150,其中192.168.145.130不能设置。 配置ip命令(ifconfig/ip)提示:ifconfig eth0:0 192.168.145.130/24 up #!/bin/sh for ((i=130;i<=150;i++)) do if [ $i -eq 130 ];then continue fi ifconfig eth0:$i 192.168.145.$i/24 up done 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:a7:4c:37 brd ff:ff:ff:ff:ff:ff inet 192.168.145.130/24 brd 192.168.145.255 scope global eth0 inet 192.168.145.131/24 brd 192.168.145.255 scope global secondary eth0:131 inet 192.168.145.132/24 brd 192.168.145.255 scope global secondary eth0:132 inet 192.168.145.133/24 brd 192.168.145.255 scope global secondary eth0:133 inet 192.168.145.134/24 brd 192.168.145.255 scope global secondary eth0:134 inet 192.168.145.135/24 brd 192.168.145.255 scope global secondary eth0:135 inet 192.168.145.136/24 brd 192.168.145.255 scope global secondary eth0:136 inet 192.168.145.137/24 brd 192.168.145.255 scope global secondary eth0:137 inet 192.168.145.138/24 brd 192.168.145.255 scope global secondary eth0:138 inet 192.168.145.139/24 brd 192.168.145.255 scope global secondary eth0:139 inet 192.168.145.140/24 brd 192.168.145.255 scope global secondary eth0:140 inet 192.168.145.141/24 brd 192.168.145.255 scope global secondary eth0:141 inet 192.168.145.142/24 brd 192.168.145.255 scope global secondary eth0:142 inet 192.168.145.143/24 brd 192.168.145.255 scope global secondary eth0:143 inet 192.168.145.144/24 brd 192.168.145.255 scope global secondary eth0:144 inet 192.168.145.145/24 brd 192.168.145.255 scope global secondary eth0:145 inet 192.168.145.146/24 brd 192.168.145.255 scope global secondary eth0:146 inet 192.168.145.147/24 brd 192.168.145.255 scope global secondary eth0:147 inet 192.168.145.148/24 brd 192.168.145.255 scope global secondary eth0:148 inet 192.168.145.149/24 brd 192.168.145.255 scope global secondary eth0:149 inet 192.168.145.150/24 brd 192.168.145.255 scope global secondary eth0:150 inet6 fe80::20c:29ff:fea7:4c37/64 scope link valid_lft forever preferred_lft forever 3: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN link/ether 42:17:c7:b3:af:ed brd ff:ff:ff:ff:ff:ff [root@node01 day13]# /etc/init.d/network restart Shutting down interface eth0: Device state: 3 (disconnected) [ OK ] Shutting down loopback interface: [ OK ] Bringing up loopback interface: [ OK ] Bringing up interface eth0: Active connection state: activating Active connection path: /org/freedesktop/NetworkManager/ActiveConnection/72 state: activated Connection activated [ OK ] [root@node01 day13]# ip a 1: lo: <LOOPBACK,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:a7:4c:37 brd ff:ff:ff:ff:ff:ff inet 192.168.145.130/24 brd 192.168.145.255 scope global eth0 inet6 fe80::20c:29ff:fea7:4c37/64 scope link valid_lft forever preferred_lft forever 3: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN link/ether 42:17:c7:b3:af:ed brd ff:ff:ff:ff:ff:f 实例3: 写一个脚本,实现判断192.168.145.0/24网络里,当前在线用户的ip有那些 判断在线:ping通 ping通后,返回值为0 [root@node01 day13]# vi ping.sh #!/bin/sh for i in `seq 254` do ping -c2 -i 1 -w 1 192.168.145.$i >/dev/null 2>&1 if [ $? -eq 0 ]; then echo "192.168.145.$i is up">>/data/wolf/uplist.log else echo "192.168.145.$i is down">>/data/wolf/downlist.log fi done [root@node01 ~]# tail -f /data/wolf/uplist.log 192.168.145.1 is up 192.168.145.2 is up 192.168.145.130 is up 192.168.145.131 is up 192.168.145.132 is up 192.168.145.133 is up 192.168.145.135 is up 192.168.145.136 is up 192.168.145.137 is up 192.168.145.138 is up 192.168.145.139 is up 192.168.145.141 is up 192.168.145.142 is up 192.168.145.144 is up 192.168.145.146 is up 192.168.145.149 is up 192.168.145.150 is up [root@node01 ~]# tail -f /data/wolf/downlist.log 192.168.145.29 is down 192.168.145.30 is down 192.168.145.31 is down 192.168.145.32 is down 实例4: 写一个脚本解决dos攻击产生案例 提示:根据web log或者网络连接数,监控当一个ip并发连接数或者短时内pv达到100, 就调用命令封掉对应的ip,监控频率每隔3分钟。防火墙命令为 iptables -A INPUT -s 192.168.145.130 -j DROP web也可以分析log,把单ip pv数高的疯掉。按天定义PV=1000封掉。 #!/bin/sh do awk '{print $1}' access.log|grep -v "^$"|sort|uniq -c /data/wolf/tmp.log exec </tmp/tmp.log while read line do ip=`echo $line|awk 'print $2'` count=`echo $line|awk 'print $1'` if [ $count -gt 3 ] && [ `iptables -L -n|grep "$ip"`|wc -l -lt 1 ] then iptables -A INPUT -s $ip -j DROP echo "$line is dropped" >>/data/wolf/droplist.log fi done sleep 5 done 或者通过网络连接数来判断 netstat -an|grep EST|awk -F '[ :]+' '{print $6}'|sort|uniq -c>/tmp/tmp.log 上面的脚本里的awk命令换成上面的netstat命令即可。 (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |