ppptp一键包 for debian/ubuntu

作者 : admin September 15, 2011 分类:一键脚本 No Comments

VPN用户管理:
直接编辑/etc/ppp/chap-secrets文件,按照相同格式添加用户名和密码即可

另附手动安装方案:
VPN 也叫虚拟专用网,常见的 VPN 类型有:点对点隧道协议(PPTP)、使用 IPsec 的第2层隧道协议(L2TP/IPsec)、安全套接字隧道协议(SSL VPN)。其中 PPTP 是安装使用最为简便的一种。


#!/bin/bash
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
export PATH

clear
CUR_DIR=$(pwd)

if [ $(id -u) != "0" ]; then
    printf "Error: You must be root to run this script!"
    exit 1
fi

echo "#############################################################"
echo "# PPTP VPN Auto Install"
echo "# Env: Debian/Ubuntu"
echo "# Created by WangYan on 2011.05.20"
echo "# Author Url: http://wangyan.org"
echo "# Version: 1.0"
echo "#############################################################"
echo ""

apt-get -y update
apt-get -y install pptpd

cat >>/etc/pptpd.conf<<EOF
localip 10.10.10.1
remoteip 10.10.10.2-254
EOF

cp /etc/ppp/pptpd-options /etc/ppp/pptpd-options.old

cat >/etc/ppp/pptpd-options<<EOF
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 8.8.8.8
ms-dns 8.8.4.4
proxyarp
debug
dump
lock
nobsdcomp
novj
novjccomp
logfile /var/log/pptpd.log
EOF

cat >>/etc/ppp/chap-secrets<<EOF
test * test *
EOF
a
sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf
sysctl -p

iptables-save > /etc/iptables.down.rules

iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -j MASQUERADE
#iptables -I FORWARD -p tcp --syn -i ppp+ -j TCPMSS --set-mss 1300

iptables-save > /etc/iptables.up.rules

cat >>/etc/ppp/pptpd-options<<EOF
pre-up iptables-restore < /etc/iptables.up.rules
post-down iptables-restore < /etc/iptables.down.rules
EOF

/etc/init.d/pptpd restart

CPU资源的shell脚本

作者 : admin September 2, 2011 分类:一键脚本,linux No Comments

使用死循环消耗CPU资源,如果服务器是有多颗CPU,可以选择消耗多少颗CPU的资源:


#! /bin/sh
# filename killcpu.sh
for i in `seq $1`
do
echo -ne "
i=0;
while true
do
i=i+1;
done" | /bin/sh &
pid_array[$i]=$! ;
done
for i in "${pid_array[@]}"; do
echo 'kill ' $i ';';
done 


使用方法很简单,参数3表示消耗3颗CPU的资源,运行后,会有一堆 kill 命令,方便 kill 进程:
[root@test02 ~]# ./killcpu.sh 3
kill 30104 ;
kill 30106 ;
kill 30108 ;
[root@test02 ~]# top
top - 15:27:31 up 264 days, 23:39, 4 users, load average: 0.86, 0.25, 0.19
Tasks: 185 total, 5 running, 180 sleeping, 0 stopped, 0 zombie
Cpu0 : 100.0% us, 0.0% sy, 0.0% ni, 0.0% id, 0.0% wa, 0.0% hi, 0.0% si
Cpu1 : 0.0% us, 0.0% sy, 0.0% ni, 100.0% id, 0.0% wa, 0.0% hi, 0.0% si
Cpu2 : 100.0% us, 0.0% sy, 0.0% ni, 0.0% id, 0.0% wa, 0.0% hi, 0.0% si
Cpu3 : 100.0% us, 0.0% sy, 0.0% ni, 0.0% id, 0.0% wa, 0.0% hi, 0.0% si
Mem: 8165004k total, 8095880k used, 69124k free, 53672k buffers
Swap: 2031608k total, 103548k used, 1928060k free, 6801364k cached

 

OpenVz一键安装openvpn

作者 : admin September 2, 2011 分类:一键脚本 No Comments

 # !/bin/sh

# OPENVPN SERVER CONFIGURATION
echo "####################################"
echo "OPENVPN SERVER CONFIGURATION"
echo "####################################"

NETTYPE=`cat /etc/sysconfig/network |grep 'GATEWAYDEV' |sed 's/GATEWAYDEV=//g;s/"//g'`
if [ "$NETTYPE" = "eth0" ]; then
echo "Sorry, this script doesn't support your vps."
exit 1
fi
if [ "$NETTYPE" = "" ]; then
echo -n "Enter your server IP : "
read -e SERVERIP
fi
if [ "$NETTYPE" = "venet0" ]; then
SERVERIP=`grep IPADDR /etc/sysconfig/network-scripts/ifcfg-venet0:0 | awk -F= '{print $2}'`
echo "Your server IP is $SERVERIP, Is that right? [y/n]: "
read -e IPSET
fi
if [ "$IPSET" = "n" ]; then
echo -n "Enter your server IP : "
read -e SERVERIP
fi
echo "=================================="
echo Your server IP is "$SERVERIP"
echo "=================================="

SERVERPORT="443"
echo -n "Enter VPN Server Port : "
read -p "(Default : 443):" SERVERPORT
if [ "$SERVERPORT" = "" ]; then
SERVERPORT="443"
fi
echo "=================================="
echo VPN Server Port is "$SERVERPORT"
echo "=================================="

CLIENTNAME="client1"
echo -n "Enter new client name : "
read -p "(Default : client1):" CLIENTNAME
if [ "$CLIENTNAME" = "" ]; then
CLIENTNAME="client1"
fi
echo "=================================="
echo Client Name is "$CLIENTNAME"
echo "=================================="

wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.i386.rpm
rpm -iv rpmforge-release-0.5.2-2.el5.rf.i386.rpm
rm -rf rpmforge-release-0.5.2-2.el5.rf.i386.rpm

yum -y install openssl openssl-devel
yum -y install openvpn
cd /etc/openvpn/
cp -R /usr/share/doc/openvpn-2.2.0/easy-rsa/ /etc/openvpn/
cd /etc/openvpn/easy-rsa/2.0/
chmod +rwx *
. ./vars
./clean-all
source ./vars

echo -e "\n\n\n\n\n\n\n" | ./build-ca
clear
echo "####################################"
echo "Feel free to accept default values"
echo "Wouldn't recommend setting a password here"
echo "Then you'd have to type in the password each time openVPN starts/restarts"
echo "####################################"
./build-key-server server
./build-dh
cp keys/{ca.crt,ca.key,server.crt,server.key,dh1024.pem} /etc/openvpn/

clear
echo "####################################"
echo "Feel free to accept default values"
echo "This is your client key, you may set a password here but it's not required"
echo "####################################"
./build-key $CLIENTNAME
cd keys/

serverudp="
local $SERVERIP
port $SERVERPORT
proto udp
dev tun
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push \"redirect-gateway\"
push \"dhcp-option DNS 8.8.8.8\"
push \"dhcp-option DNS 4.2.2.1\"
keepalive 10 120
comp-lzo
persist-key
persist-tun"

echo "$serverudp" > /etc/openvpn/server-udp.conf

servertcp="
local $SERVERIP
port $SERVERPORT
proto tcp
dev tun
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
server 10.9.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push \"redirect-gateway\"
push \"dhcp-option DNS 8.8.8.8\"
push \"dhcp-option DNS 4.2.2.1\"
keepalive 10 120
comp-lzo
persist-key
persist-tun"

echo "$servertcp" > /etc/openvpn/server-tcp.conf

clientudp="
client
remote $SERVERIP $SERVERPORT
dev tun
proto udp
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert $CLIENTNAME.crt
key $CLIENTNAME.key
ns-cert-type server
comp-lzo
redirect-gateway def1
route-delay 2
route-method exe
verb 3"

echo "$clientudp" > $CLIENTNAME-udp.ovpn

clienttcp="
client
remote $SERVERIP $SERVERPORT
dev tun
proto tcp
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert $CLIENTNAME.crt
key $CLIENTNAME.key
ns-cert-type server
comp-lzo
redirect-gateway def1
route-delay 2
route-method exe
verb 3"

echo "$clienttcp" > $CLIENTNAME-tcp.ovpn

tar czf keys.tgz ca.crt ca.key $CLIENTNAME.crt $CLIENTNAME.csr $CLIENTNAME.key $CLIENTNAME-tcp.ovpn $CLIENTNAME-udp.ovpn
mv keys.tgz /root/OpenVPN-$CLIENTNAME-tcp-udp.tgz

echo "nameserver 8.8.8.8" >> /etc/resolv.conf
echo "nameserver 4.2.2.1" >> /etc/resolv.conf
echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source $SERVERIP
/sbin/iptables -t nat -A POSTROUTING -s 10.9.0.0/24 -j SNAT --to-source $SERVERIP
iptables-save > /etc/sysconfig/iptables
/etc/rc.d/init.d/iptables save
/etc/init.d/iptables restart
sed -i "s/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g" /etc/sysctl.conf
sysctl -p

clear

/etc/init.d/openvpn start

echo "OpenVPN has been installed
Download /root/openvpn-client-tcp-udp.tgz using winscp or other sftp/scp client
Create a directory named vpn at C:\Program Files\OpenVPN\config\ and untar the content of /root/openvpn-client-tcp-udp.tgz there"

linux负载自动回收脚本

作者 : admin September 1, 2011 分类:一键脚本 No Comments

#!/bin/bash
zuptime=`top -b -n 1 | grep "^top" | awk -F',' '{print $4}'|awk -F':' '{print $2*100}'`
if [ "$zuptime" -ge '500' ]; then
#添加命令在此
fi

源码安装jail

作者 : admin August 14, 2011 分类:一键脚本 No Comments

 cd /usr/local/src
wget http://olivier.sessink.nl/jailkit/jailkit-2.11.tar.gz
tar -zxf jailkit-2.11.tar.gz
cd jailkit-2.11
./configure
make && make install
cp extra/jailkit /etc/init.d/jailkit
chmod 755 /etc/init.d/jailkit
chkconfig jailkit on

mkdir /var/chroot
chown root:root /var/chroot
#jk_init -v -j /var/chroot sftp scp jk_lsh extendedshell
jk_init -v -j /var/chroot ssh

useradd chroot-user
passwd chroot-user
#passwd chroot-user:extra/jailkit
jk_jailuser -m -n -j /var/chroot --shell=/bin/bash chroot-user


mkdir /home/chroot-user
mount --bind /var/chroot/home/chroot-user /home/chroot-user

#====
#执行/usr/sbin/jk_addjailuser [OPTIONS] chrootdir username
#建立受限用户,受限用户的组均隶属于users组

MySQL的热备份脚本

作者 : admin August 14, 2011 分类:一键脚本 No Comments

 #!/bin/bash
PATH=/usr/local/sbin:/usr/bin:/bin

# The Directory of Backup
BACKDIR=/usr/mysql_backup
# The Password of MySQL
ROOTPASS=password

# Remake the Directory of Backup
rm -rf $BACKDIR
mkdir -p $BACKDIR

# Get the Name of Database
DBLIST=`ls -p /var/lib/mysql | grep / | tr -d /`

# Backup with Database
for dbname in $DBLIST
do
mysqlhotcopy $dbname -u root -p $ROOTPASS $BACKDIR | logger -t mysqlhotcopy
done

批量查找文档中的关键字符

作者 : admin August 14, 2011 分类:一键脚本 No Comments

我们在处理文档时,有时需要查询文档中的关键字符,加以替换和修改。少量的文件一个个的查找替换,手工即可完成,对于比较多的文件夹下面的文档,人工处理是比较难的一件事。但是在Linux下面,用命令行处理,片刻即可完成,只需要一个小小的脚本。

这种方法在进行批量替换关键字时非常有用。

我们要查找此目录下的所有文档,哪个文档中包括有“acyoo.com”这个字符


#!/bin/bash

df=`find /var/www/web/ -type f`

#这个命令是列出目录下所有的文档

for file in ${df} ; do

#用for命令

if grep -q "acyoo.com" $file;then

#如果文档中包括acyoo.com这个字符时

echo $file>>web.txt

#则输出文件名到web.txt
fi
done


 

转载自: http://www.acyoo.com/archives/2250.html

Linux内存自动回收

作者 : admin August 9, 2011 分类:一键脚本 No Comments

 根据剩有内存决定执行回收,使用前需先安装bc

虽然治标不治本 但在有时候还是能起到一些效果的,需要自行添加到cron任务!


#!/bin/sh
#自动回收内存
 MEM_NUM=150
 GET_MEM=`/usr/bin/free -m | grep buffers/cache | awk '{print $4}'`
	if [ `echo "$MEM_NUM < $GET_MEM"|bc` -eq 1 ]  
		then
		#这里添加上执行参数
		#/etc/init.d/mysql restart
		#/etc/init.d/httpd restart
		#/etc/init.d/nginx restart
	fi

Linux进程监控shell脚本

作者 : admin August 9, 2011 分类:一键脚本 No Comments

主要用于监控 linux 服务器负载及内存占用,当负载或内存占用达到设置值后,便自动重启该进程以避免宕机。

crontab -e
* * * * * /bin/bash  /var/shell/cut_nginx_logs.sh




# 设置最大内存占用百分比
PID_MEM_MAX="85"
 
# 设置最大系统负载
SYS_LOAD_MAX="3"
 
# 设置需要监控的服务名称
NAME_LIST="php-fpm mysql"
 
for NAME in $NAME_LIST
do
    # 初始化内存统计
    PID_MEM_SUM=0
 
    # 获取该程序总进程数
    PID_NUM_SUM=`ps aux | grep $NAME | wc -l`
 
    # 列出每个进程内存占用百分比
    PID_MEM_LIST=`ps aux | grep $NAME | awk '{print $4}'`
 
    # 计算所有进程总内存占用
    for PID_MEM in $PID_MEM_LIST
    do
        PID_MEM_SUM=`echo $PID_MEM_SUM + $PID_MEM | bc`
    done
 
    # 获取最近一分钟系统负载
    SYS_LOAD=`uptime | awk '{print $(NF-2)}' | sed 's/,//'`
 
    # 比较内存占用和系统负载是否超过阀值
    MEM_VULE=`awk 'BEGIN{print('"$PID_MEM_SUM"'>='"$PID_MEM_MAX"'?"1":"0")}'`
    LOAD_VULE=`awk 'BEGIN{print('"$SYS_LOAD"'>='"$SYS_LOAD_MAX"'?"1":"0")}'`
 
    # 如果系统内存占用和系统负载超过阀值,则进行下面操作。
    if [ $MEM_VULE = 1 ] || [ $LOAD_VULE = 1 ] ;then
        #  写入日志
        echo $(date +"%y-%m-%d %H:%M:%S") "killall $NAME" "(MEM:$PID_MEM_SUM,LOAD:$SYS_LOAD)">> /var/log/autoreboot.log
        # 正常停止服务
        /etc/init.d/$NAME stop
        sleep 3
        # 强制关闭
        pkill $NAME
 
       #  重启
        /etc/init.d/$NAME start
       #写入日志
        echo $(date +"%y-%m-%d %H:%M:%S") "start $NAME" "(MEM:$PID_MEM_SUM,LOAD:$SYS_LOAD)" >> /var/log/autoreboot.log
    else
        echo "$NAME very health!(MEM:$PID_MEM_SUM,LOAD:$SYS_LOAD)" > /dev/null
    fi
done

使用ssh建立Socks5代理(非加密)

作者 : admin July 24, 2011 分类:一键脚本 No Comments 

ssh root@localhost -D 0.0.0.0:8800

不需要plink.exe 不需要其他任何工具,直接建立即可使用!

socks代理无加密翻墙效果一般,方便省事,对一些敏感页面链接还是显得无能为力还是得用vpn才能解决问题!

    1. 1
    2. 2
    3. 3