一、tunning.sh

#!/bin/bash

# 系统优化脚本

# 使用于CentOS 6.4 x64系统

# Ver : 1.1.1

KCF=/etc/sysctl.conf

# ------- kernel Tcp/ip options config --------

kernel_conf(){

if [ `grep $1 $KCF | wc -l` -eq 0 ]

    then

        echo "$1 = $2" >> $KCF

elif [ `grep $1 $KCF | wc -l` -gt 1 ]

    then

        sed -i /$1/d $KCF

        echo "$1 = $2" >> $KCF

else

    if [ `grep $1 $KCF | awk '{print $3}'` -ne $2 ]

        then

             sed -i s# `grep $1 $KCF | awk '{print $3}'`#$2#g

    else

        echo -e "--- You hava right \033[32m $1 \033[0m config"

    fi

fi

}

# ------- kernel Local_Port_Range config --------

port_range_conf(){

if [ `grep $1 $KCF | wc -l` -eq 0 ]

    then

        echo "$1 = $2 $3" >> $KCF

elif [ `grep $1 $KCF | wc -l` -gt 1 ]

    then

        sed -i /$1/d $KCF

        echo "$1 = $2 $3" >> $KCF

else

    if [ `grep $1 $KCF | awk '{print $3}'` -ne $2 ] || [ `grep $1 $KCF | awk '{print $4}'` -ne $3 ]

        then

             sed -i s# `grep $1 $KCF | awk '{print $3}'`#$2#g

             sed -i s# `grep $1 $KCF | awk '{print $4}'`#$3#g

    else

        echo -e "--- You hava right \033[32m $1 \033[0m config"

    fi

fi

}

# ------- kernel Tcp rmen/wmen options config --------

tcp_mem_conf(){

if [ `grep $1 $KCF | wc -l` -eq 0 ]

    then

        echo "$1 = $2 $3 $4" >> $KCF

else

    sed -i /$1/d $KCF

    echo "$1 = $2 $3 $4" >> $KCF

    echo -e "--- You hava right \033[32m $1 \033[0m config"

fi

}

# TurnOFF the SELinux

sed -i "s#SELINUX=enforcing#SELINUX=disabled#g" /etc/selinux/config

setenforce 0

# set some service not start when system run

export LANG="en"

for srv_name in `chkconfig --list|grep 3:on|awk '{print $1}'`;

do

 chkconfig $srv_name off;

done

for name in crond irqbalance messagebus haldaemon network rsyslog sshd sysstat udev-post ntpd;

do

 chkconfig $name on ;

done

# NetworkManager Server config

if [ `/sbin/chkconfig --list | grep NetworkManager | wc -l` -ne 0 ]

    then

        /sbin/chkconfig NetworkManager on

        /sbin/chkconfig --list NetworkManager

else

    echo -e "--- NetworkManager server is not in , Will skip !"

fi

# Edit limits.conf

if [ `grep -E -v "^#|^$" /etc/security/limits.conf | wc -l` -eq 0 ]

    then

    cat >>/etc/security/limits.conf <<EOF

*	soft	noproc	65535

*	hard	noproc	65535

*	soft	nofile	1048576

*	hard	nofile	1048576

EOF

else

    echo "PLS check limit.conf configuation"

fi

sleep 2

# Clear system information

echo "Welcome to Server" >/etc/issue

# Kernel configuation. be fit for Nginx Apache application service.

echo  -e "#For web server" >>$KCF

kernel_conf fs.file-max 1048576

kernel_conf net.ipv4.tcp_fin_timeout 30

kernel_conf net.ipv4.tcp_timestamps 1

kernel_conf net.ipv4.tcp_tw_reuse 1

kernel_conf net.ipv4.tcp_tw_recycle 1

kernel_conf net.ipv4.tcp_window_scaling 1

kernel_conf net.ipv4.tcp_sack 1

port_range_conf net.ipv4.ip_local_port_range 1024 65535

tcp_mem_conf net.ipv4.tcp_rmem 4096 4096 16777216

tcp_mem_conf net.ipv4.tcp_wmem 4096 4096 16777216

sysctl -p

ulimit -SHn 1048576

echo -e "

Warning:

--You must command ulimit -SHn 1048576 if you don't restart system !

"

sleep 5

二、检测优化脚本

#!/bin/bash

# 系统优化项检查脚本。

export LANG="en"

SERESULT=`getenforce`

UMRESULT=`ulimit -n`

FWCURRENT=`service iptables status | grep "Firewall is not running" | wc -l`

FWSTART=`chkconfig --list iptables | awk '{print $5}'| awk -F : '{print $2}'`

FILE_MAX=`grep "fs.file-max" /etc/sysctl.conf|awk '{print $3}'`

FINTIMEOUT=`grep "tcp_fin_timeout" /etc/sysctl.conf | awk '{print $3}'`

REUSE=`grep "tcp_tw_reuse" /etc/sysctl.conf | awk '{print $3}'`

RECYCLE=`grep "tcp_tw_recycle" /etc/sysctl.conf | awk '{print $3}'`

TCPTIME=`grep "tcp_timestamps" /etc/sysctl.conf | awk '{print $3}'`

PORTRANGE_MIN=`grep "ip_local_port_range" /etc/sysctl.conf | awk '{print $3}'`

PORTRANGE_MAX=`grep "ip_local_port_range" /etc/sysctl.conf | awk '{print $4}'`

TCPWINDOW=`grep "tcp_window_scaling" /etc/sysctl.conf | awk '{print $3}'`

TCPSACK=`grep "tcp_sack" /etc/sysctl.conf | awk '{print $3}'`

# Check SELinux Configure

if [ $SERESULT = 'Disabled' ]

   then echo -e "The SElinux is $SERESULT "..................."\033[32m PASS \033[0m"

else

   echo -e "The SElinux is $SERESULT "..................."\033[31m FAILED \033[0m"

fi

# Check ulimit Configure

if [ $UMRESULT -ge 65535 ]

   then echo -e "The ulimit is $UMRESULT"........................"\033[32m PASS \033[0m"

else

   echo -e "The ulimit is $UMRESULT"....................."\033[31m FAILED \033[0m"

fi

# Check IPTABLES RUNNING & CONFIGURE

if [ $FWCURRENT -eq 0 ]

   then echo -e "The Ipteblas is running "..................."\033[31m FAILED \033[0m"

elif [ $FWSTART = 'on' ]

   then echo -e "The iptables you must stop "..................."\033[31m FAILED \033[0m"

else

   echo -e "The iptables is not running"................"\033[32m PASS \033[0m"

fi

# Check Kernel File Open Max Configure

if [ `grep "fs.file-max" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $FILE_MAX -eq 1048576 ]

    then echo -e "fs.file-max is $FILE_MAX"....................."\033[32m PASS \033[0m"

  else

    echo -e "fs.file-max is $FILE_MAX"...................."\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m fs.file-max not configure,please check! \033[0m"

fi

# Check Kernel Fin_timeout Configure

if [ `grep "tcp_fin_timeout" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $FINTIMEOUT -eq 30 ]

   then echo -e "tcp_fin_timeout is $FINTIMEOUT"......................"\033[32m PASS \033[0m"

  else

   echo -e "tcp_fin_timeout is  $FINTIMEOUT"........................"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m FIN_timeout not config ,please check! \033[0m"

fi

# Check Kernel TCP reuse Configure

if [ `grep "tcp_tw_reuse" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $REUSE -eq 1 ]

   then echo -e "tcp_tw_reuse is $REUSE"......................."\033[32m PASS \033[0m"

  else

   echo -e "tcp_tw_reuse is $REUSE".........................."\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m TCP_TW_REUSE not config ,please check! \033[0m"

fi

# Check Kernel TCP recycle Configure

if [ `grep "tcp_tw_recycle" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $RECYCLE -eq 1 ]

   then echo -e "tcp_tw_recycle is $RECYCLE"....................."\033[32m PASS \033[0m"

  else

   echo -e "tcp_tw_recycle is $RECYCLE"........................"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m TCP_TW_RECYCLE not config ,please check! \033[0m"

fi

# Check Kernel TCP timestamps Configure

if [ `grep "tcp_timestamps" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $TCPTIME -eq 1 ]

   then echo -e "tcp_timestamps is $TCPTIME"......................"\033[32m PASS \033[0m"

  else

   echo -e "tcp_timestamps is $TCPTIME"........................."\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m TCP timestamps not config ,please check! \033[0m"

fi

# Check IPv4 Port Range configure

if [ `grep "ip_local_port_range" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $PORTRANGE_MIN -eq 1024 ] && [ $PORTRANGE_MAX -eq 65535 ]

   then echo -e "ip_local_port_range is $PORTRANGE_MIN $PORTRANGE_MAX"........"\033[32m PASS \033[0m"

  else

   echo -e "ip_local_port_range is $PORTRANGE_MIN $PORTRANGE_MAX"........"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m ip_local_port_range not config ,please check! \033[0m"

fi

# Check TCP_WINDOW Configure

if [ `grep "tcp_window_scaling" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $TCPWINDOW -eq 1 ]

   then echo -e "TCP_WINDOW is $TCPWINDOW"........................."\033[32m PASS \033[0m"

  else

   echo -e "TCP_WINDOW is $TCPWINDOW"............................"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m TCP_WINDOW not config ,please check! \033[0m"

fi

# Check tcp_sack Configure

if [ `grep "tcp_sack" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $TCPSACK -eq 1 ]

   then echo -e "tcp_sack Time is $TCPSACK "..................."\033[32m PASS \033[0m"

  else

   echo -e "tcp_sack Time is $TCPSACK "......................"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m tcp_sack Time not config ,please check! \033[0m"

fi

CentOS6.5优化脚本以及检测优化脚本的更多相关文章

  1. Android应用优化之代码检测优化

    在网络层,互联网提供所有应用程序都要使用的两种类型的服务,尽管目前理解这些服务的细节并不重要,但在所有TCP/IP概述中,都不能忽略他们: 无连接分组交付服务(Connectionless Packe ...

  2. 适用于Centos6.x系统的15项优化脚本

    1#!/bin/bash 2# Date: 2018-6-8 3#version:1.2 4#实现功能:一键系统优化15项脚本,适用于Centos6.x 5###################### ...

  3. 网安等保-Linux服务器之最新Ubuntu-22.04-LTS系统内核优化与安全加固配置脚本使用分享

    关注「WeiyiGeek」公众号 设为「特别关注」每天带你玩转网络安全运维.应用开发.物联网IOT学习! 希望各位看友[关注.点赞.评论.收藏.投币],助力每一个梦想. 本章目录 目录 0x00 前言 ...

  4. Centos6.5生产环境最小化优化配置

    Centos6.5生产环境最小化优化配置,满足业务需求! 01.启动网卡 #centos6.x最小化安装后,网卡默认不是启动状态 ifup eth0  //  ifconfig eth0 up /et ...

  5. unity3d 赛车游戏——复位点检测优化、反向检测、圈数检测、赛道长度计算

    接着上一篇文章说 因为代码简短且思路简单 所以我就把这几个功能汇总为一篇文章 因为我之前就是做游戏外挂的 经过验证核实,**飞车的复位点检测.圈数检测就是以下的方法实现的 至于反向检测和赛道长度计算, ...

  6. Shell脚本实现检测某ip网络畅通情况,实战用例

    Shell脚本实现检测某ip网络畅通情况,实战用例 环境准备,linux shell 发送email 邮件:1.安装sendmailyum -y install sendmail安装好sendmail ...

  7. bash命令检测Shell脚本中的语法错误和查看详细执行过程

    (1).bash命令检测Shell脚本中的语法错误 bash -v [脚本] [root@youxi1 ~]# vim a.sh #/bin/bash sum=$[$1+$2] echoo $sum ...

  8. 自定义nagios监控脚本---磁盘检测

    自定义nagios监控脚本---磁盘检测 1. 在客户端上创建脚本/usr/local/nagios/libexec/check_disk.shvim /usr/local/nagios/libexe ...

  9. Linux利用nc命令脚本批量检测服务器指定端口是否开放

    一.nc命令检测端口的用法 # nc -v -w 10 %IP% -z %PORT% -v 显示指令执行过程. -w <超时秒数> 设置等待连线的时间. -u 表示使用UDP协议 -z 使 ...

随机推荐

  1. 牛客练习赛 小A与任务 解题报告

    小A与任务 链接: https://ac.nowcoder.com/acm/contest/369/B 来源:牛客网 题目描述 小A手头有 \(n\) 份任务,他可以以任意顺序完成这些任务,只有完成当 ...

  2. Python进制表示及转换

    进制表示: 二进制:>>> abin = 0b1000>>> abin8 八进制:>>> aoct = 0o123 (数字0,字母o)>&g ...

  3. 前端学习 -- Html&Css -- 框架集

    框架集和内联框架的作用类似,都是用于在一个页面中引入其他的外部的页面,框架集可以同时引入多个页面,而内联框架只能引入一个,在h5标准中,推荐使用框架集,而不使用内联框架. 使用frameset来创建一 ...

  4. Java: md5 加密中文 & 注意编码

    今天使用java的md5加密一个字符串(含有部分中文),遇到问题,百思不得其解. 后面网上搜索了一下,才知道是[编码]的问题. 以前在asp中用md5加密的时候,了解 gb2312和utf-8编码下, ...

  5. Codeforces Round #514 (Div. 2) D. Nature Reserve

    http://codeforces.com/contest/1059/problem/D 最大值: 最左下方和最右下方分别有一个点 r^2 - (r-1)^2 = (10^7)^2 maxr<0 ...

  6. dos初始操作和全屏方法

    1.初始操作 mount d d:\ ;选择挂载的硬盘 d:\ cd Dos cd MASM ;到达debug/edit/link/masm.exe文件的位置 ;然后可以进行debug/edit xx ...

  7. read from /dev/urandom 返回值异常

    #include<stdio.h> #include<iostream> #include <fcntl.h> #include <sys/mman.h> ...

  8. Hadoop生态圈-HUE环境部署

    Hadoop生态圈-HUE环境部署 作者:尹正杰 版权声明:原创作品,谢绝转载!否则将追究法律责任.   一.HUE简介 1>.HUE的由来 HUE全称是HadoopUser Experienc ...

  9. linux中vi的基本操作

    在vi如何查找文字 vi redis.config 在命令模式下 按 / 然后最下方会出现/ 打出你所需要查找的字.n 是代表查找下一个 如何撤销上一步的操作 1,退出编辑操作 按esc键 2,按u ...

  10. 使用JavaScript修改浏览器URL地址栏的实现代码【转】

    引用自http://www.jb51.net/article/42240.htm 现在的浏览器里,有一个十分有趣的功能,你可以在不刷新页面的情况下修改浏览器URL;在浏览过程中.你可以将浏览历史储存起 ...