一、tunning.sh

#!/bin/bash

# 系统优化脚本

# 使用于CentOS 6.4 x64系统

# Ver : 1.1.1

KCF=/etc/sysctl.conf

# ------- kernel Tcp/ip options config --------

kernel_conf(){

if [ `grep $1 $KCF | wc -l` -eq 0 ]

    then

        echo "$1 = $2" >> $KCF

elif [ `grep $1 $KCF | wc -l` -gt 1 ]

    then

        sed -i /$1/d $KCF

        echo "$1 = $2" >> $KCF

else

    if [ `grep $1 $KCF | awk '{print $3}'` -ne $2 ]

        then

             sed -i s# `grep $1 $KCF | awk '{print $3}'`#$2#g

    else

        echo -e "--- You hava right \033[32m $1 \033[0m config"

    fi

fi

}

# ------- kernel Local_Port_Range config --------

port_range_conf(){

if [ `grep $1 $KCF | wc -l` -eq 0 ]

    then

        echo "$1 = $2 $3" >> $KCF

elif [ `grep $1 $KCF | wc -l` -gt 1 ]

    then

        sed -i /$1/d $KCF

        echo "$1 = $2 $3" >> $KCF

else

    if [ `grep $1 $KCF | awk '{print $3}'` -ne $2 ] || [ `grep $1 $KCF | awk '{print $4}'` -ne $3 ]

        then

             sed -i s# `grep $1 $KCF | awk '{print $3}'`#$2#g

             sed -i s# `grep $1 $KCF | awk '{print $4}'`#$3#g

    else

        echo -e "--- You hava right \033[32m $1 \033[0m config"

    fi

fi

}

# ------- kernel Tcp rmen/wmen options config --------

tcp_mem_conf(){

if [ `grep $1 $KCF | wc -l` -eq 0 ]

    then

        echo "$1 = $2 $3 $4" >> $KCF

else

    sed -i /$1/d $KCF

    echo "$1 = $2 $3 $4" >> $KCF

    echo -e "--- You hava right \033[32m $1 \033[0m config"

fi

}

# TurnOFF the SELinux

sed -i "s#SELINUX=enforcing#SELINUX=disabled#g" /etc/selinux/config

setenforce 0

# set some service not start when system run

export LANG="en"

for srv_name in `chkconfig --list|grep 3:on|awk '{print $1}'`;

do

 chkconfig $srv_name off;

done

for name in crond irqbalance messagebus haldaemon network rsyslog sshd sysstat udev-post ntpd;

do

 chkconfig $name on ;

done

# NetworkManager Server config

if [ `/sbin/chkconfig --list | grep NetworkManager | wc -l` -ne 0 ]

    then

        /sbin/chkconfig NetworkManager on

        /sbin/chkconfig --list NetworkManager

else

    echo -e "--- NetworkManager server is not in , Will skip !"

fi

# Edit limits.conf

if [ `grep -E -v "^#|^$" /etc/security/limits.conf | wc -l` -eq 0 ]

    then

    cat >>/etc/security/limits.conf <<EOF

*	soft	noproc	65535

*	hard	noproc	65535

*	soft	nofile	1048576

*	hard	nofile	1048576

EOF

else

    echo "PLS check limit.conf configuation"

fi

sleep 2

# Clear system information

echo "Welcome to Server" >/etc/issue

# Kernel configuation. be fit for Nginx Apache application service.

echo  -e "#For web server" >>$KCF

kernel_conf fs.file-max 1048576

kernel_conf net.ipv4.tcp_fin_timeout 30

kernel_conf net.ipv4.tcp_timestamps 1

kernel_conf net.ipv4.tcp_tw_reuse 1

kernel_conf net.ipv4.tcp_tw_recycle 1

kernel_conf net.ipv4.tcp_window_scaling 1

kernel_conf net.ipv4.tcp_sack 1

port_range_conf net.ipv4.ip_local_port_range 1024 65535

tcp_mem_conf net.ipv4.tcp_rmem 4096 4096 16777216

tcp_mem_conf net.ipv4.tcp_wmem 4096 4096 16777216

sysctl -p

ulimit -SHn 1048576

echo -e "

Warning:

--You must command ulimit -SHn 1048576 if you don't restart system !

"

sleep 5

二、检测优化脚本

#!/bin/bash

# 系统优化项检查脚本。

export LANG="en"

SERESULT=`getenforce`

UMRESULT=`ulimit -n`

FWCURRENT=`service iptables status | grep "Firewall is not running" | wc -l`

FWSTART=`chkconfig --list iptables | awk '{print $5}'| awk -F : '{print $2}'`

FILE_MAX=`grep "fs.file-max" /etc/sysctl.conf|awk '{print $3}'`

FINTIMEOUT=`grep "tcp_fin_timeout" /etc/sysctl.conf | awk '{print $3}'`

REUSE=`grep "tcp_tw_reuse" /etc/sysctl.conf | awk '{print $3}'`

RECYCLE=`grep "tcp_tw_recycle" /etc/sysctl.conf | awk '{print $3}'`

TCPTIME=`grep "tcp_timestamps" /etc/sysctl.conf | awk '{print $3}'`

PORTRANGE_MIN=`grep "ip_local_port_range" /etc/sysctl.conf | awk '{print $3}'`

PORTRANGE_MAX=`grep "ip_local_port_range" /etc/sysctl.conf | awk '{print $4}'`

TCPWINDOW=`grep "tcp_window_scaling" /etc/sysctl.conf | awk '{print $3}'`

TCPSACK=`grep "tcp_sack" /etc/sysctl.conf | awk '{print $3}'`

# Check SELinux Configure

if [ $SERESULT = 'Disabled' ]

   then echo -e "The SElinux is $SERESULT "..................."\033[32m PASS \033[0m"

else

   echo -e "The SElinux is $SERESULT "..................."\033[31m FAILED \033[0m"

fi

# Check ulimit Configure

if [ $UMRESULT -ge 65535 ]

   then echo -e "The ulimit is $UMRESULT"........................"\033[32m PASS \033[0m"

else

   echo -e "The ulimit is $UMRESULT"....................."\033[31m FAILED \033[0m"

fi

# Check IPTABLES RUNNING & CONFIGURE

if [ $FWCURRENT -eq 0 ]

   then echo -e "The Ipteblas is running "..................."\033[31m FAILED \033[0m"

elif [ $FWSTART = 'on' ]

   then echo -e "The iptables you must stop "..................."\033[31m FAILED \033[0m"

else

   echo -e "The iptables is not running"................"\033[32m PASS \033[0m"

fi

# Check Kernel File Open Max Configure

if [ `grep "fs.file-max" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $FILE_MAX -eq 1048576 ]

    then echo -e "fs.file-max is $FILE_MAX"....................."\033[32m PASS \033[0m"

  else

    echo -e "fs.file-max is $FILE_MAX"...................."\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m fs.file-max not configure,please check! \033[0m"

fi

# Check Kernel Fin_timeout Configure

if [ `grep "tcp_fin_timeout" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $FINTIMEOUT -eq 30 ]

   then echo -e "tcp_fin_timeout is $FINTIMEOUT"......................"\033[32m PASS \033[0m"

  else

   echo -e "tcp_fin_timeout is  $FINTIMEOUT"........................"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m FIN_timeout not config ,please check! \033[0m"

fi

# Check Kernel TCP reuse Configure

if [ `grep "tcp_tw_reuse" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $REUSE -eq 1 ]

   then echo -e "tcp_tw_reuse is $REUSE"......................."\033[32m PASS \033[0m"

  else

   echo -e "tcp_tw_reuse is $REUSE".........................."\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m TCP_TW_REUSE not config ,please check! \033[0m"

fi

# Check Kernel TCP recycle Configure

if [ `grep "tcp_tw_recycle" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $RECYCLE -eq 1 ]

   then echo -e "tcp_tw_recycle is $RECYCLE"....................."\033[32m PASS \033[0m"

  else

   echo -e "tcp_tw_recycle is $RECYCLE"........................"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m TCP_TW_RECYCLE not config ,please check! \033[0m"

fi

# Check Kernel TCP timestamps Configure

if [ `grep "tcp_timestamps" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $TCPTIME -eq 1 ]

   then echo -e "tcp_timestamps is $TCPTIME"......................"\033[32m PASS \033[0m"

  else

   echo -e "tcp_timestamps is $TCPTIME"........................."\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m TCP timestamps not config ,please check! \033[0m"

fi

# Check IPv4 Port Range configure

if [ `grep "ip_local_port_range" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $PORTRANGE_MIN -eq 1024 ] && [ $PORTRANGE_MAX -eq 65535 ]

   then echo -e "ip_local_port_range is $PORTRANGE_MIN $PORTRANGE_MAX"........"\033[32m PASS \033[0m"

  else

   echo -e "ip_local_port_range is $PORTRANGE_MIN $PORTRANGE_MAX"........"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m ip_local_port_range not config ,please check! \033[0m"

fi

# Check TCP_WINDOW Configure

if [ `grep "tcp_window_scaling" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $TCPWINDOW -eq 1 ]

   then echo -e "TCP_WINDOW is $TCPWINDOW"........................."\033[32m PASS \033[0m"

  else

   echo -e "TCP_WINDOW is $TCPWINDOW"............................"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m TCP_WINDOW not config ,please check! \033[0m"

fi

# Check tcp_sack Configure

if [ `grep "tcp_sack" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $TCPSACK -eq 1 ]

   then echo -e "tcp_sack Time is $TCPSACK "..................."\033[32m PASS \033[0m"

  else

   echo -e "tcp_sack Time is $TCPSACK "......................"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m tcp_sack Time not config ,please check! \033[0m"

fi

CentOS6.5优化脚本以及检测优化脚本的更多相关文章

  1. Android应用优化之代码检测优化

    在网络层,互联网提供所有应用程序都要使用的两种类型的服务,尽管目前理解这些服务的细节并不重要,但在所有TCP/IP概述中,都不能忽略他们: 无连接分组交付服务(Connectionless Packe ...

  2. 适用于Centos6.x系统的15项优化脚本

    1#!/bin/bash 2# Date: 2018-6-8 3#version:1.2 4#实现功能:一键系统优化15项脚本,适用于Centos6.x 5###################### ...

  3. 网安等保-Linux服务器之最新Ubuntu-22.04-LTS系统内核优化与安全加固配置脚本使用分享

    关注「WeiyiGeek」公众号 设为「特别关注」每天带你玩转网络安全运维.应用开发.物联网IOT学习! 希望各位看友[关注.点赞.评论.收藏.投币],助力每一个梦想. 本章目录 目录 0x00 前言 ...

  4. Centos6.5生产环境最小化优化配置

    Centos6.5生产环境最小化优化配置,满足业务需求! 01.启动网卡 #centos6.x最小化安装后,网卡默认不是启动状态 ifup eth0  //  ifconfig eth0 up /et ...

  5. unity3d 赛车游戏——复位点检测优化、反向检测、圈数检测、赛道长度计算

    接着上一篇文章说 因为代码简短且思路简单 所以我就把这几个功能汇总为一篇文章 因为我之前就是做游戏外挂的 经过验证核实,**飞车的复位点检测.圈数检测就是以下的方法实现的 至于反向检测和赛道长度计算, ...

  6. Shell脚本实现检测某ip网络畅通情况,实战用例

    Shell脚本实现检测某ip网络畅通情况,实战用例 环境准备,linux shell 发送email 邮件:1.安装sendmailyum -y install sendmail安装好sendmail ...

  7. bash命令检测Shell脚本中的语法错误和查看详细执行过程

    (1).bash命令检测Shell脚本中的语法错误 bash -v [脚本] [root@youxi1 ~]# vim a.sh #/bin/bash sum=$[$1+$2] echoo $sum ...

  8. 自定义nagios监控脚本---磁盘检测

    自定义nagios监控脚本---磁盘检测 1. 在客户端上创建脚本/usr/local/nagios/libexec/check_disk.shvim /usr/local/nagios/libexe ...

  9. Linux利用nc命令脚本批量检测服务器指定端口是否开放

    一.nc命令检测端口的用法 # nc -v -w 10 %IP% -z %PORT% -v 显示指令执行过程. -w <超时秒数> 设置等待连线的时间. -u 表示使用UDP协议 -z 使 ...

随机推荐

  1. Missing artifact com.github.pagehelper:pagehelper:jar:3.4.2-fix的解决方法(最简单的方法)

    在网上看的淘淘商城的项目,自己在配置maven项目的时候遇见了这个异常,按照网上教程试了试,一重启各种异常. 后来直接,就更改了自己的maven仓库就ok了. 解决方法: 对比一下,你就能够发现问题, ...

  2. java基础基础总结----- 常用DOS命令(一)

    常用DOS命令 dir(directory):列出当前目录下的文件以及文件夹 mkdir (make directory) : 创建目录 rd (remove directory): 删除目录 cd ...

  3. django中的数据库外键操作

    以MYSQL为例: (1)在model中定义两个数据表,食物信息和食物类别信息 class foodInfo(models.Model):     food_id = models.AutoField ...

  4. HTML格式化标签

    除了div.p.h1~h6.a.span这几个极常用的标签外,HTML还有一些不常见的标签(10个,5对:加粗.斜体.大小.上下标.特殊),默认效果如下: 当然,我们习惯用css编写效果来替代这些效果 ...

  5. if语句和case语句用法展示

    if语句和case语句用法展示 作者:尹正杰 版权声明:原创作品,谢绝转载!否则将追究法律责任. 一.单分支if条件语句 1>.语法格式一 if [ 条件判断式 ];then 源代码 fi 2& ...

  6. php循环删除文件夹和目录

    一定要注意文件夹中的两个目录---->   .(当前目录)  ..(上级目录) 需要对这两个目录进行过滤, 否则在删除或者遍历是会一直,对于..甚至会向你指定的文件夹的上级目录循环操作,删除重要 ...

  7. python---redis中文操作与系统中文检测

    import redis import chardet r.set("name","我是在Py3保存的中文字符串") ret = r.get("nam ...

  8. cas单点登陆。就这一篇就够了!!!!!

    前言: cas是什么我就不累赘说了.就简单说下大致的流程.首先,cas是一个独立的项目.就是一个war包,部署在tomcat上面启动就ok.然后我们要实现单点登陆,无疑是访问系统1,如果没有登录,就跳 ...

  9. Study 7 —— CSS美化背景和边框

    图片透明度属性:opacity 背景图片重复属性:background-repeat背景图片位置属性:background-position background-postion:横坐标 纵坐标; b ...

  10. tcp.validnode_checking踩过的坑

    对Oracle 检查ip合法性,就必须在服务器端的sqlnet.ora文件中设置如下参数 TCP.INVITED_NODES=(10.0.0.36,10.0.0.1,10.0.0.35) TCP.EX ...