一、tunning.sh

#!/bin/bash

# 系统优化脚本

# 使用于CentOS 6.4 x64系统

# Ver : 1.1.1

KCF=/etc/sysctl.conf

# ------- kernel Tcp/ip options config --------

kernel_conf(){

if [ `grep $1 $KCF | wc -l` -eq 0 ]

    then

        echo "$1 = $2" >> $KCF

elif [ `grep $1 $KCF | wc -l` -gt 1 ]

    then

        sed -i /$1/d $KCF

        echo "$1 = $2" >> $KCF

else

    if [ `grep $1 $KCF | awk '{print $3}'` -ne $2 ]

        then

             sed -i s# `grep $1 $KCF | awk '{print $3}'`#$2#g

    else

        echo -e "--- You hava right \033[32m $1 \033[0m config"

    fi

fi

}

# ------- kernel Local_Port_Range config --------

port_range_conf(){

if [ `grep $1 $KCF | wc -l` -eq 0 ]

    then

        echo "$1 = $2 $3" >> $KCF

elif [ `grep $1 $KCF | wc -l` -gt 1 ]

    then

        sed -i /$1/d $KCF

        echo "$1 = $2 $3" >> $KCF

else

    if [ `grep $1 $KCF | awk '{print $3}'` -ne $2 ] || [ `grep $1 $KCF | awk '{print $4}'` -ne $3 ]

        then

             sed -i s# `grep $1 $KCF | awk '{print $3}'`#$2#g

             sed -i s# `grep $1 $KCF | awk '{print $4}'`#$3#g

    else

        echo -e "--- You hava right \033[32m $1 \033[0m config"

    fi

fi

}

# ------- kernel Tcp rmen/wmen options config --------

tcp_mem_conf(){

if [ `grep $1 $KCF | wc -l` -eq 0 ]

    then

        echo "$1 = $2 $3 $4" >> $KCF

else

    sed -i /$1/d $KCF

    echo "$1 = $2 $3 $4" >> $KCF

    echo -e "--- You hava right \033[32m $1 \033[0m config"

fi

}

# TurnOFF the SELinux

sed -i "s#SELINUX=enforcing#SELINUX=disabled#g" /etc/selinux/config

setenforce 0

# set some service not start when system run

export LANG="en"

for srv_name in `chkconfig --list|grep 3:on|awk '{print $1}'`;

do

 chkconfig $srv_name off;

done

for name in crond irqbalance messagebus haldaemon network rsyslog sshd sysstat udev-post ntpd;

do

 chkconfig $name on ;

done

# NetworkManager Server config

if [ `/sbin/chkconfig --list | grep NetworkManager | wc -l` -ne 0 ]

    then

        /sbin/chkconfig NetworkManager on

        /sbin/chkconfig --list NetworkManager

else

    echo -e "--- NetworkManager server is not in , Will skip !"

fi

# Edit limits.conf

if [ `grep -E -v "^#|^$" /etc/security/limits.conf | wc -l` -eq 0 ]

    then

    cat >>/etc/security/limits.conf <<EOF

*	soft	noproc	65535

*	hard	noproc	65535

*	soft	nofile	1048576

*	hard	nofile	1048576

EOF

else

    echo "PLS check limit.conf configuation"

fi

sleep 2

# Clear system information

echo "Welcome to Server" >/etc/issue

# Kernel configuation. be fit for Nginx Apache application service.

echo  -e "#For web server" >>$KCF

kernel_conf fs.file-max 1048576

kernel_conf net.ipv4.tcp_fin_timeout 30

kernel_conf net.ipv4.tcp_timestamps 1

kernel_conf net.ipv4.tcp_tw_reuse 1

kernel_conf net.ipv4.tcp_tw_recycle 1

kernel_conf net.ipv4.tcp_window_scaling 1

kernel_conf net.ipv4.tcp_sack 1

port_range_conf net.ipv4.ip_local_port_range 1024 65535

tcp_mem_conf net.ipv4.tcp_rmem 4096 4096 16777216

tcp_mem_conf net.ipv4.tcp_wmem 4096 4096 16777216

sysctl -p

ulimit -SHn 1048576

echo -e "

Warning:

--You must command ulimit -SHn 1048576 if you don't restart system !

"

sleep 5

二、检测优化脚本

#!/bin/bash

# 系统优化项检查脚本。

export LANG="en"

SERESULT=`getenforce`

UMRESULT=`ulimit -n`

FWCURRENT=`service iptables status | grep "Firewall is not running" | wc -l`

FWSTART=`chkconfig --list iptables | awk '{print $5}'| awk -F : '{print $2}'`

FILE_MAX=`grep "fs.file-max" /etc/sysctl.conf|awk '{print $3}'`

FINTIMEOUT=`grep "tcp_fin_timeout" /etc/sysctl.conf | awk '{print $3}'`

REUSE=`grep "tcp_tw_reuse" /etc/sysctl.conf | awk '{print $3}'`

RECYCLE=`grep "tcp_tw_recycle" /etc/sysctl.conf | awk '{print $3}'`

TCPTIME=`grep "tcp_timestamps" /etc/sysctl.conf | awk '{print $3}'`

PORTRANGE_MIN=`grep "ip_local_port_range" /etc/sysctl.conf | awk '{print $3}'`

PORTRANGE_MAX=`grep "ip_local_port_range" /etc/sysctl.conf | awk '{print $4}'`

TCPWINDOW=`grep "tcp_window_scaling" /etc/sysctl.conf | awk '{print $3}'`

TCPSACK=`grep "tcp_sack" /etc/sysctl.conf | awk '{print $3}'`

# Check SELinux Configure

if [ $SERESULT = 'Disabled' ]

   then echo -e "The SElinux is $SERESULT "..................."\033[32m PASS \033[0m"

else

   echo -e "The SElinux is $SERESULT "..................."\033[31m FAILED \033[0m"

fi

# Check ulimit Configure

if [ $UMRESULT -ge 65535 ]

   then echo -e "The ulimit is $UMRESULT"........................"\033[32m PASS \033[0m"

else

   echo -e "The ulimit is $UMRESULT"....................."\033[31m FAILED \033[0m"

fi

# Check IPTABLES RUNNING & CONFIGURE

if [ $FWCURRENT -eq 0 ]

   then echo -e "The Ipteblas is running "..................."\033[31m FAILED \033[0m"

elif [ $FWSTART = 'on' ]

   then echo -e "The iptables you must stop "..................."\033[31m FAILED \033[0m"

else

   echo -e "The iptables is not running"................"\033[32m PASS \033[0m"

fi

# Check Kernel File Open Max Configure

if [ `grep "fs.file-max" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $FILE_MAX -eq 1048576 ]

    then echo -e "fs.file-max is $FILE_MAX"....................."\033[32m PASS \033[0m"

  else

    echo -e "fs.file-max is $FILE_MAX"...................."\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m fs.file-max not configure,please check! \033[0m"

fi

# Check Kernel Fin_timeout Configure

if [ `grep "tcp_fin_timeout" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $FINTIMEOUT -eq 30 ]

   then echo -e "tcp_fin_timeout is $FINTIMEOUT"......................"\033[32m PASS \033[0m"

  else

   echo -e "tcp_fin_timeout is  $FINTIMEOUT"........................"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m FIN_timeout not config ,please check! \033[0m"

fi

# Check Kernel TCP reuse Configure

if [ `grep "tcp_tw_reuse" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $REUSE -eq 1 ]

   then echo -e "tcp_tw_reuse is $REUSE"......................."\033[32m PASS \033[0m"

  else

   echo -e "tcp_tw_reuse is $REUSE".........................."\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m TCP_TW_REUSE not config ,please check! \033[0m"

fi

# Check Kernel TCP recycle Configure

if [ `grep "tcp_tw_recycle" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $RECYCLE -eq 1 ]

   then echo -e "tcp_tw_recycle is $RECYCLE"....................."\033[32m PASS \033[0m"

  else

   echo -e "tcp_tw_recycle is $RECYCLE"........................"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m TCP_TW_RECYCLE not config ,please check! \033[0m"

fi

# Check Kernel TCP timestamps Configure

if [ `grep "tcp_timestamps" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $TCPTIME -eq 1 ]

   then echo -e "tcp_timestamps is $TCPTIME"......................"\033[32m PASS \033[0m"

  else

   echo -e "tcp_timestamps is $TCPTIME"........................."\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m TCP timestamps not config ,please check! \033[0m"

fi

# Check IPv4 Port Range configure

if [ `grep "ip_local_port_range" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $PORTRANGE_MIN -eq 1024 ] && [ $PORTRANGE_MAX -eq 65535 ]

   then echo -e "ip_local_port_range is $PORTRANGE_MIN $PORTRANGE_MAX"........"\033[32m PASS \033[0m"

  else

   echo -e "ip_local_port_range is $PORTRANGE_MIN $PORTRANGE_MAX"........"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m ip_local_port_range not config ,please check! \033[0m"

fi

# Check TCP_WINDOW Configure

if [ `grep "tcp_window_scaling" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $TCPWINDOW -eq 1 ]

   then echo -e "TCP_WINDOW is $TCPWINDOW"........................."\033[32m PASS \033[0m"

  else

   echo -e "TCP_WINDOW is $TCPWINDOW"............................"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m TCP_WINDOW not config ,please check! \033[0m"

fi

# Check tcp_sack Configure

if [ `grep "tcp_sack" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $TCPSACK -eq 1 ]

   then echo -e "tcp_sack Time is $TCPSACK "..................."\033[32m PASS \033[0m"

  else

   echo -e "tcp_sack Time is $TCPSACK "......................"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m tcp_sack Time not config ,please check! \033[0m"

fi

CentOS6.5优化脚本以及检测优化脚本的更多相关文章

  1. Android应用优化之代码检测优化

    在网络层,互联网提供所有应用程序都要使用的两种类型的服务,尽管目前理解这些服务的细节并不重要,但在所有TCP/IP概述中,都不能忽略他们: 无连接分组交付服务(Connectionless Packe ...

  2. 适用于Centos6.x系统的15项优化脚本

    1#!/bin/bash 2# Date: 2018-6-8 3#version:1.2 4#实现功能:一键系统优化15项脚本,适用于Centos6.x 5###################### ...

  3. 网安等保-Linux服务器之最新Ubuntu-22.04-LTS系统内核优化与安全加固配置脚本使用分享

    关注「WeiyiGeek」公众号 设为「特别关注」每天带你玩转网络安全运维.应用开发.物联网IOT学习! 希望各位看友[关注.点赞.评论.收藏.投币],助力每一个梦想. 本章目录 目录 0x00 前言 ...

  4. Centos6.5生产环境最小化优化配置

    Centos6.5生产环境最小化优化配置,满足业务需求! 01.启动网卡 #centos6.x最小化安装后,网卡默认不是启动状态 ifup eth0  //  ifconfig eth0 up /et ...

  5. unity3d 赛车游戏——复位点检测优化、反向检测、圈数检测、赛道长度计算

    接着上一篇文章说 因为代码简短且思路简单 所以我就把这几个功能汇总为一篇文章 因为我之前就是做游戏外挂的 经过验证核实,**飞车的复位点检测.圈数检测就是以下的方法实现的 至于反向检测和赛道长度计算, ...

  6. Shell脚本实现检测某ip网络畅通情况,实战用例

    Shell脚本实现检测某ip网络畅通情况,实战用例 环境准备,linux shell 发送email 邮件:1.安装sendmailyum -y install sendmail安装好sendmail ...

  7. bash命令检测Shell脚本中的语法错误和查看详细执行过程

    (1).bash命令检测Shell脚本中的语法错误 bash -v [脚本] [root@youxi1 ~]# vim a.sh #/bin/bash sum=$[$1+$2] echoo $sum ...

  8. 自定义nagios监控脚本---磁盘检测

    自定义nagios监控脚本---磁盘检测 1. 在客户端上创建脚本/usr/local/nagios/libexec/check_disk.shvim /usr/local/nagios/libexe ...

  9. Linux利用nc命令脚本批量检测服务器指定端口是否开放

    一.nc命令检测端口的用法 # nc -v -w 10 %IP% -z %PORT% -v 显示指令执行过程. -w <超时秒数> 设置等待连线的时间. -u 表示使用UDP协议 -z 使 ...

随机推荐

  1. 洛谷 P3965 [TJOI2013]循环格 解题报告

    P3965 [TJOI2013]循环格 题目背景 一个循环格就是一个矩阵,其中所有元素为箭头,指向相邻四个格子. 每个元素有一个坐标(行,列),其中左上角元素坐标为\((0,0)\).给定一个起始位\ ...

  2. jieba分词器

    始终觉得官方文档是最好的学习途径.嗯,我只是一个大自然的搬运工.传送门https://github.com/fxsjy/jieba 1.分词 jieba.cut 方法接受三个输入参数: 需要分词的字符 ...

  3. Java -- JDBC_利用反射及 JDBC 元数据编写通用的查询方法

    先利用 SQL 进行查询,得到结果集: 利用反射创建实体类的对象:创建对象: 获取结果集的列的别名: 再获取结果集的每一列的值, 结合 3 得到一个 Map,键:列的别名,值:列的值: 再利用反射为 ...

  4. Elasticsearch 常见问题的解决思路

    本文为es性能监控基础的扩展,大家可以先看下性能监控基础,熟悉下es的基本原理.为翻译性质文档,感谢原作者,原始文档地址 类似于汽车的运行方式,Elasticsearch旨在让用户快速上手和运行,而无 ...

  5. eclipse index 不工作 F3 不能找到头文件

    To add paths containing code to parse, follow these steps :1. Right click on the project2. Select Pr ...

  6. A1073. Scientific Notation

    Scientific notation is the way that scientists easily handle very large numbers or very small number ...

  7. ACCESS与SQL Server下SQL Like 查询的不同

    在ACCESS中LIKE的用法Access里like的通配符用法是这样: “?”表示任何单一字符: “*”表示零个或多个字符: “#”表示任何一个数字 所以应该是: select * from dat ...

  8. [译]Golang中的优雅重启

    原文 Graceful Restart in Golang 作者 grisha 声明:本文目的仅仅作为个人mark,所以在翻译的过程中参杂了自己的思想甚至改变了部分内容,其中有下划线的文字为译者添加. ...

  9. ACPI:Memory错误解决办法

    Linux系统装在vmware12中,打开虚拟机时报错,报错内容大概如下: ACPI:memory_hp:Memory online failed for 0x100000000 - 0x400000 ...

  10. 6、Python-元组

    定义 # Python的元组与列表类似,不同之处在于元组的元素不能修改.元组使用小括号,列表使用方括号. aTuple = ('et',77,99.9) print(aTuple) 元组的操作 aTu ...