一、tunning.sh

#!/bin/bash

# 系统优化脚本

# 使用于CentOS 6.4 x64系统

# Ver : 1.1.1

KCF=/etc/sysctl.conf

# ------- kernel Tcp/ip options config --------

kernel_conf(){

if [ `grep $1 $KCF | wc -l` -eq 0 ]

    then

        echo "$1 = $2" >> $KCF

elif [ `grep $1 $KCF | wc -l` -gt 1 ]

    then

        sed -i /$1/d $KCF

        echo "$1 = $2" >> $KCF

else

    if [ `grep $1 $KCF | awk '{print $3}'` -ne $2 ]

        then

             sed -i s# `grep $1 $KCF | awk '{print $3}'`#$2#g

    else

        echo -e "--- You hava right \033[32m $1 \033[0m config"

    fi

fi

}

# ------- kernel Local_Port_Range config --------

port_range_conf(){

if [ `grep $1 $KCF | wc -l` -eq 0 ]

    then

        echo "$1 = $2 $3" >> $KCF

elif [ `grep $1 $KCF | wc -l` -gt 1 ]

    then

        sed -i /$1/d $KCF

        echo "$1 = $2 $3" >> $KCF

else

    if [ `grep $1 $KCF | awk '{print $3}'` -ne $2 ] || [ `grep $1 $KCF | awk '{print $4}'` -ne $3 ]

        then

             sed -i s# `grep $1 $KCF | awk '{print $3}'`#$2#g

             sed -i s# `grep $1 $KCF | awk '{print $4}'`#$3#g

    else

        echo -e "--- You hava right \033[32m $1 \033[0m config"

    fi

fi

}

# ------- kernel Tcp rmen/wmen options config --------

tcp_mem_conf(){

if [ `grep $1 $KCF | wc -l` -eq 0 ]

    then

        echo "$1 = $2 $3 $4" >> $KCF

else

    sed -i /$1/d $KCF

    echo "$1 = $2 $3 $4" >> $KCF

    echo -e "--- You hava right \033[32m $1 \033[0m config"

fi

}

# TurnOFF the SELinux

sed -i "s#SELINUX=enforcing#SELINUX=disabled#g" /etc/selinux/config

setenforce 0

# set some service not start when system run

export LANG="en"

for srv_name in `chkconfig --list|grep 3:on|awk '{print $1}'`;

do

 chkconfig $srv_name off;

done

for name in crond irqbalance messagebus haldaemon network rsyslog sshd sysstat udev-post ntpd;

do

 chkconfig $name on ;

done

# NetworkManager Server config

if [ `/sbin/chkconfig --list | grep NetworkManager | wc -l` -ne 0 ]

    then

        /sbin/chkconfig NetworkManager on

        /sbin/chkconfig --list NetworkManager

else

    echo -e "--- NetworkManager server is not in , Will skip !"

fi

# Edit limits.conf

if [ `grep -E -v "^#|^$" /etc/security/limits.conf | wc -l` -eq 0 ]

    then

    cat >>/etc/security/limits.conf <<EOF

*	soft	noproc	65535

*	hard	noproc	65535

*	soft	nofile	1048576

*	hard	nofile	1048576

EOF

else

    echo "PLS check limit.conf configuation"

fi

sleep 2

# Clear system information

echo "Welcome to Server" >/etc/issue

# Kernel configuation. be fit for Nginx Apache application service.

echo  -e "#For web server" >>$KCF

kernel_conf fs.file-max 1048576

kernel_conf net.ipv4.tcp_fin_timeout 30

kernel_conf net.ipv4.tcp_timestamps 1

kernel_conf net.ipv4.tcp_tw_reuse 1

kernel_conf net.ipv4.tcp_tw_recycle 1

kernel_conf net.ipv4.tcp_window_scaling 1

kernel_conf net.ipv4.tcp_sack 1

port_range_conf net.ipv4.ip_local_port_range 1024 65535

tcp_mem_conf net.ipv4.tcp_rmem 4096 4096 16777216

tcp_mem_conf net.ipv4.tcp_wmem 4096 4096 16777216

sysctl -p

ulimit -SHn 1048576

echo -e "

Warning:

--You must command ulimit -SHn 1048576 if you don't restart system !

"

sleep 5

二、检测优化脚本

#!/bin/bash

# 系统优化项检查脚本。

export LANG="en"

SERESULT=`getenforce`

UMRESULT=`ulimit -n`

FWCURRENT=`service iptables status | grep "Firewall is not running" | wc -l`

FWSTART=`chkconfig --list iptables | awk '{print $5}'| awk -F : '{print $2}'`

FILE_MAX=`grep "fs.file-max" /etc/sysctl.conf|awk '{print $3}'`

FINTIMEOUT=`grep "tcp_fin_timeout" /etc/sysctl.conf | awk '{print $3}'`

REUSE=`grep "tcp_tw_reuse" /etc/sysctl.conf | awk '{print $3}'`

RECYCLE=`grep "tcp_tw_recycle" /etc/sysctl.conf | awk '{print $3}'`

TCPTIME=`grep "tcp_timestamps" /etc/sysctl.conf | awk '{print $3}'`

PORTRANGE_MIN=`grep "ip_local_port_range" /etc/sysctl.conf | awk '{print $3}'`

PORTRANGE_MAX=`grep "ip_local_port_range" /etc/sysctl.conf | awk '{print $4}'`

TCPWINDOW=`grep "tcp_window_scaling" /etc/sysctl.conf | awk '{print $3}'`

TCPSACK=`grep "tcp_sack" /etc/sysctl.conf | awk '{print $3}'`

# Check SELinux Configure

if [ $SERESULT = 'Disabled' ]

   then echo -e "The SElinux is $SERESULT "..................."\033[32m PASS \033[0m"

else

   echo -e "The SElinux is $SERESULT "..................."\033[31m FAILED \033[0m"

fi

# Check ulimit Configure

if [ $UMRESULT -ge 65535 ]

   then echo -e "The ulimit is $UMRESULT"........................"\033[32m PASS \033[0m"

else

   echo -e "The ulimit is $UMRESULT"....................."\033[31m FAILED \033[0m"

fi

# Check IPTABLES RUNNING & CONFIGURE

if [ $FWCURRENT -eq 0 ]

   then echo -e "The Ipteblas is running "..................."\033[31m FAILED \033[0m"

elif [ $FWSTART = 'on' ]

   then echo -e "The iptables you must stop "..................."\033[31m FAILED \033[0m"

else

   echo -e "The iptables is not running"................"\033[32m PASS \033[0m"

fi

# Check Kernel File Open Max Configure

if [ `grep "fs.file-max" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $FILE_MAX -eq 1048576 ]

    then echo -e "fs.file-max is $FILE_MAX"....................."\033[32m PASS \033[0m"

  else

    echo -e "fs.file-max is $FILE_MAX"...................."\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m fs.file-max not configure,please check! \033[0m"

fi

# Check Kernel Fin_timeout Configure

if [ `grep "tcp_fin_timeout" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $FINTIMEOUT -eq 30 ]

   then echo -e "tcp_fin_timeout is $FINTIMEOUT"......................"\033[32m PASS \033[0m"

  else

   echo -e "tcp_fin_timeout is  $FINTIMEOUT"........................"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m FIN_timeout not config ,please check! \033[0m"

fi

# Check Kernel TCP reuse Configure

if [ `grep "tcp_tw_reuse" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $REUSE -eq 1 ]

   then echo -e "tcp_tw_reuse is $REUSE"......................."\033[32m PASS \033[0m"

  else

   echo -e "tcp_tw_reuse is $REUSE".........................."\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m TCP_TW_REUSE not config ,please check! \033[0m"

fi

# Check Kernel TCP recycle Configure

if [ `grep "tcp_tw_recycle" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $RECYCLE -eq 1 ]

   then echo -e "tcp_tw_recycle is $RECYCLE"....................."\033[32m PASS \033[0m"

  else

   echo -e "tcp_tw_recycle is $RECYCLE"........................"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m TCP_TW_RECYCLE not config ,please check! \033[0m"

fi

# Check Kernel TCP timestamps Configure

if [ `grep "tcp_timestamps" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $TCPTIME -eq 1 ]

   then echo -e "tcp_timestamps is $TCPTIME"......................"\033[32m PASS \033[0m"

  else

   echo -e "tcp_timestamps is $TCPTIME"........................."\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m TCP timestamps not config ,please check! \033[0m"

fi

# Check IPv4 Port Range configure

if [ `grep "ip_local_port_range" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $PORTRANGE_MIN -eq 1024 ] && [ $PORTRANGE_MAX -eq 65535 ]

   then echo -e "ip_local_port_range is $PORTRANGE_MIN $PORTRANGE_MAX"........"\033[32m PASS \033[0m"

  else

   echo -e "ip_local_port_range is $PORTRANGE_MIN $PORTRANGE_MAX"........"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m ip_local_port_range not config ,please check! \033[0m"

fi

# Check TCP_WINDOW Configure

if [ `grep "tcp_window_scaling" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $TCPWINDOW -eq 1 ]

   then echo -e "TCP_WINDOW is $TCPWINDOW"........................."\033[32m PASS \033[0m"

  else

   echo -e "TCP_WINDOW is $TCPWINDOW"............................"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m TCP_WINDOW not config ,please check! \033[0m"

fi

# Check tcp_sack Configure

if [ `grep "tcp_sack" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $TCPSACK -eq 1 ]

   then echo -e "tcp_sack Time is $TCPSACK "..................."\033[32m PASS \033[0m"

  else

   echo -e "tcp_sack Time is $TCPSACK "......................"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m tcp_sack Time not config ,please check! \033[0m"

fi

CentOS6.5优化脚本以及检测优化脚本的更多相关文章

  1. Android应用优化之代码检测优化

    在网络层,互联网提供所有应用程序都要使用的两种类型的服务,尽管目前理解这些服务的细节并不重要,但在所有TCP/IP概述中,都不能忽略他们: 无连接分组交付服务(Connectionless Packe ...

  2. 适用于Centos6.x系统的15项优化脚本

    1#!/bin/bash 2# Date: 2018-6-8 3#version:1.2 4#实现功能:一键系统优化15项脚本,适用于Centos6.x 5###################### ...

  3. 网安等保-Linux服务器之最新Ubuntu-22.04-LTS系统内核优化与安全加固配置脚本使用分享

    关注「WeiyiGeek」公众号 设为「特别关注」每天带你玩转网络安全运维.应用开发.物联网IOT学习! 希望各位看友[关注.点赞.评论.收藏.投币],助力每一个梦想. 本章目录 目录 0x00 前言 ...

  4. Centos6.5生产环境最小化优化配置

    Centos6.5生产环境最小化优化配置,满足业务需求! 01.启动网卡 #centos6.x最小化安装后,网卡默认不是启动状态 ifup eth0  //  ifconfig eth0 up /et ...

  5. unity3d 赛车游戏——复位点检测优化、反向检测、圈数检测、赛道长度计算

    接着上一篇文章说 因为代码简短且思路简单 所以我就把这几个功能汇总为一篇文章 因为我之前就是做游戏外挂的 经过验证核实,**飞车的复位点检测.圈数检测就是以下的方法实现的 至于反向检测和赛道长度计算, ...

  6. Shell脚本实现检测某ip网络畅通情况,实战用例

    Shell脚本实现检测某ip网络畅通情况,实战用例 环境准备,linux shell 发送email 邮件:1.安装sendmailyum -y install sendmail安装好sendmail ...

  7. bash命令检测Shell脚本中的语法错误和查看详细执行过程

    (1).bash命令检测Shell脚本中的语法错误 bash -v [脚本] [root@youxi1 ~]# vim a.sh #/bin/bash sum=$[$1+$2] echoo $sum ...

  8. 自定义nagios监控脚本---磁盘检测

    自定义nagios监控脚本---磁盘检测 1. 在客户端上创建脚本/usr/local/nagios/libexec/check_disk.shvim /usr/local/nagios/libexe ...

  9. Linux利用nc命令脚本批量检测服务器指定端口是否开放

    一.nc命令检测端口的用法 # nc -v -w 10 %IP% -z %PORT% -v 显示指令执行过程. -w <超时秒数> 设置等待连线的时间. -u 表示使用UDP协议 -z 使 ...

随机推荐

  1. 修复Mysql主从不同步shell

    使用第三方工具MySQL Enterprise Monitor,MySQL企业版监控工具.MONyog – MySQL Monior and Advisor,MONyog大家都不陌生,windows下 ...

  2. Spring Cloud学习(一)

    Spring Cloud是什么? Spring Cloud是一系列框架的有序集合.它利用Spring Boot的开发便利性巧妙地简化了分布式系统基础设施的开发,如服务发现注册.配置中心.消息总线.负载 ...

  3. /dev/null 2>&1 什么意思

    在Unix中,标准输入设备 stdin是0, stdout 是1, stderr是 2.    /dev/null 2>&1这样的写法意思是将标准输出和错误输出全部重定向到/dev/nu ...

  4. 【HDU3085】nightmare2 双向BFS

    对于搜索树分支很多且有明确起点和终点的情况时,可以采用双向搜索来减小搜索树的大小. 对于双向BFS来说,与单向最大的不同是双向BFS需要按层扩展,表示可能到达的区域.而单向BFS则是按照单个节点进行扩 ...

  5. 【洛谷P5020】货币系统 完全背包

    题目大意:给定 N 个数,求在这 N 个数中至少选出几个数能表示出所有数字,输出最少的个数. 题解:由于只有小的数字可以表示大的数字,因此首先需要对这 N 个数字进行从小到大排序.排序之后就变成一道不 ...

  6. $\mathcal{FFT}$·$\mathcal{Fast \ \ Fourier \ \ Transformation}$快速傅立叶变换

    \(2019.2.18upd:\) \(LINK\) 之前写的比较适合未接触FFT的人阅读--但是有几个地方出了错,大家可以找一下233 啊-本来觉得这是个比较良心的算法没想到这么抽搐这个算法真是将一 ...

  7. Yosimite10.10(Mac os)安装c/c++内存检测工具valgrind

    1.下载支持包m4-1.4.13.tar.gz $ curl -O http://mirrors.kernel.org/gnu/m4/m4-1.4.13.tar.gz 2. 解压m4-1.4.13.t ...

  8. 启动tomcat时报错:java.util.concurrent.ExecutionException: org.apache.catalina.LifecycleException:A child container failed during start

    解决方法:https://www.cnblogs.com/xiangxinhouse/p/6377842.html

  9. nxlog windows安装部署

    nxlog 介绍 nxlog 是用 C 语言写的一个跨平台日志收集处理软件.其内部支持使用 Perl 正则和语法来进行数据结构化和逻辑判断操作.不过,其最常用的场景.是在 windows 服务器上,作 ...

  10. Struts2中遇到的问题

    问题1: 最近在学习的时候用到了Struts2.5,在一系列操作之后Tomcat部署成功了,然而之后在测试的时候却出现了问题,网页无法正常响应,并且报出了Wrong method was define ...