Linux常用脚本命令大全

测速

wget -qO- bench.sh|bash 

1，Centos 6.X / Centos 7.X 安装SNMP 整合一键脚本：

yum -y install wget && wget http://down.wshost.cc/SH/snmp/Centos_Snmp.sh && chmod 755 Centos_Snmp.sh && sh Centos_Snmp.sh

2、Centos7防火墙

放行端口

firewall-cmd --permanent --zone=public --add-port=80/tcp

firewall-cmd --permanent --zone=public --add-port=443/tcp

firewall-cmd --permanent --zone=public --add-port=161/udp

firewall-cmd --permanent --zone=public --add-port=18650/tcp

firewall-cmd --reload

批量放行端口

firewall-cmd –permanent –zone=public –add-port=1024-65535/tcp

firewall-cmd –permanent –zone=public –add-port=3071/tcp

firewall-cmd –permanent –zone=public –add-port=5571/tcp

qemu-img convert -p -f vhdx -O qcow2

# 检查是否允许 NAT 转发

firewall-cmd –query-masquerade

# 开启 NAT 转发

firewall-cmd –permanent –zone=public –add-masquerade

# 禁止防火墙 NAT 转发

firewall-cmd –remove-masquerade

# 添加

firewall-cmd –permanent –zone=public –add-forward-port=port=80:proto=tcp:toaddr=156.230.245.74:toport=80

firewall-cmd –permanent –zone=public –add-forward-port=port=443:proto=tcp:toaddr=156.230.245.74:toport=443

# 移除

firewall-cmd –permanent –zone=public –remove-forward-port=port=20616:proto=tcp:toaddr=156.230.245.74:toport=20616

firewall-cmd –reload && firewall-cmd –list-all

封禁IP：

firewall-cmd –permanent –add-rich-rule=”rule family=’ipv4′ source address=’222.222.222.222′ reject”  單個IP

firewall-cmd –permanent –add-rich-rule=”rule family=’ipv4′ source address=’222.222.222.0/24′ reject” IP段

firewall-cmd –permanent –add-rich-rule=”rule family=ipv4 source address=192.168.1.2 port port=80  protocol=tcp  accept” 單個IP的某個端口

拒絕訪問只需把 accept 換成 reject、刪除該規則把 –add-rich-rule 改成 –remove-rich-rule即可

删除放行端口

firewall-cmd –permanent –zone=public –remove-port=443/tcp

重新读取防火墙配置

firewall-cmd –reload

拷贝镜像到指定服务器

scp -P 10704 -r /home/kvm/images/* root@172.31.252.25:/home/kvm/images/

开启防火墙

systemctl start firewalld.service   

systemctl enable firewalld.service

单独放行指定IP，指定端口，一定要先删除放行端口

firewall-cmd –permanent –add-rich-rule=”rule family=”ipv4″ source address=”45.138.70.220″ port protocol=”tcp” port=”80″ accept”

firewall-cmd –permanent –add-rich-rule=”rule family=”ipv4″ source address=”45.138.70.20″ port protocol=”tcp” port=”80″ accept”

firewall-cmd –permanent –add-rich-rule=”rule family=”ipv4″ source address=”23.225.6.170″ port protocol=”tcp” port=”80″ accept”

firewall-cmd –permanent –add-rich-rule=”rule family=”ipv4″ source address=”23.225.6.171″ port protocol=”tcp” port=”80″ accept”

firewall-cmd –permanent –add-rich-rule=”rule family=”ipv4″ source address=”23.225.6.173″ port protocol=”tcp” port=”80″ accept”

firewall-cmd –permanent –add-rich-rule=”rule family=”ipv4″ source address=”188.116.19.158″ port protocol=”tcp” port=”80″ accept”

firewall-cmd –permanent –add-rich-rule=”rule family=”ipv4″ source address=”188.116.19.160″ port protocol=”tcp” port=”80″ accept”

删除单独放行的指定IP端口

firewall-cmd –permanent –remove-rich-rule=”rule family=”ipv4″ source address=”156.227.67.226″ port protocol=”tcp” port=”80″ accept”

查看现有的规则

firewall-cmd –list-all

查看文件详细大小

du -sh * | sort -n

查看当前目录下的目录个数（不包含子目录中的目录）

ls -l | grep “^d” | wc -l

删除CDN被控

service cdnbest stop

service kangle stop

rm -rf /vhs

防CC-preset msg

HTTP/1.1 200 OK

Content-Type: text/html; charset=utf-8

Connection: keep-alive

Cache-Control: no-cache,no-store

Recaptcha: sakura

<html><body><script language=”javascript”>window.location=”{{url}}”;</script><a href=”{{url}}”><div class=”notice”>

<div class=”title”>You have verified successfully</div>

<div class=”description”>Please wait, you are being redirected …</div>

</div></a></body></html>

firewall-cmd –permanent –add-rich-rule=”rule family=”ipv4″ source address=”188.116.19.125″ port protocol=”tcp” port=”80″ accept”

firewall-cmd –permanent –add-rich-rule=”rule family=”ipv4″ source address=”188.116.19.136″ port protocol=”tcp” port=”80″ accept”

firewall-cmd –permanent –add-rich-rule=”rule family=”ipv4″ source address=”188.116.19.123″ port protocol=”tcp” port=”80″ accept”

firewall-cmd –permanent –add-rich-rule=”rule family=”ipv4″ source address=”188.116.19.180″ port protocol=”tcp” port=”80″ accept”

MTProxy—go

wget -N –no-check-certificatehttps://raw.githubusercontent.com/ToyoDAdoubi/doubi/master/mtproxy.sh&& chmod +x mtproxy.sh && bash mtproxy.sh

dd27441013c20d8eb

9ad62c01cc3851777