一、tunning.sh

#!/bin/bash

# 系统优化脚本

# 使用于CentOS 6.4 x64系统

# Ver : 1.1.1

KCF=/etc/sysctl.conf

# ------- kernel Tcp/ip options config --------

kernel_conf(){

if [ `grep $1 $KCF | wc -l` -eq 0 ]

    then

        echo "$1 = $2" >> $KCF

elif [ `grep $1 $KCF | wc -l` -gt 1 ]

    then

        sed -i /$1/d $KCF

        echo "$1 = $2" >> $KCF

else

    if [ `grep $1 $KCF | awk '{print $3}'` -ne $2 ]

        then

             sed -i s# `grep $1 $KCF | awk '{print $3}'`#$2#g

    else

        echo -e "--- You hava right \033[32m $1 \033[0m config"

    fi

fi

}

# ------- kernel Local_Port_Range config --------

port_range_conf(){

if [ `grep $1 $KCF | wc -l` -eq 0 ]

    then

        echo "$1 = $2 $3" >> $KCF

elif [ `grep $1 $KCF | wc -l` -gt 1 ]

    then

        sed -i /$1/d $KCF

        echo "$1 = $2 $3" >> $KCF

else

    if [ `grep $1 $KCF | awk '{print $3}'` -ne $2 ] || [ `grep $1 $KCF | awk '{print $4}'` -ne $3 ]

        then

             sed -i s# `grep $1 $KCF | awk '{print $3}'`#$2#g

             sed -i s# `grep $1 $KCF | awk '{print $4}'`#$3#g

    else

        echo -e "--- You hava right \033[32m $1 \033[0m config"

    fi

fi

}

# ------- kernel Tcp rmen/wmen options config --------

tcp_mem_conf(){

if [ `grep $1 $KCF | wc -l` -eq 0 ]

    then

        echo "$1 = $2 $3 $4" >> $KCF

else

    sed -i /$1/d $KCF

    echo "$1 = $2 $3 $4" >> $KCF

    echo -e "--- You hava right \033[32m $1 \033[0m config"

fi

}

# TurnOFF the SELinux

sed -i "s#SELINUX=enforcing#SELINUX=disabled#g" /etc/selinux/config

setenforce 0

# set some service not start when system run

export LANG="en"

for srv_name in `chkconfig --list|grep 3:on|awk '{print $1}'`;

do

 chkconfig $srv_name off;

done

for name in crond irqbalance messagebus haldaemon network rsyslog sshd sysstat udev-post ntpd;

do

 chkconfig $name on ;

done

# NetworkManager Server config

if [ `/sbin/chkconfig --list | grep NetworkManager | wc -l` -ne 0 ]

    then

        /sbin/chkconfig NetworkManager on

        /sbin/chkconfig --list NetworkManager

else

    echo -e "--- NetworkManager server is not in , Will skip !"

fi

# Edit limits.conf

if [ `grep -E -v "^#|^$" /etc/security/limits.conf | wc -l` -eq 0 ]

    then

    cat >>/etc/security/limits.conf <<EOF

*	soft	noproc	65535

*	hard	noproc	65535

*	soft	nofile	1048576

*	hard	nofile	1048576

EOF

else

    echo "PLS check limit.conf configuation"

fi

sleep 2

# Clear system information

echo "Welcome to Server" >/etc/issue

# Kernel configuation. be fit for Nginx Apache application service.

echo  -e "#For web server" >>$KCF

kernel_conf fs.file-max 1048576

kernel_conf net.ipv4.tcp_fin_timeout 30

kernel_conf net.ipv4.tcp_timestamps 1

kernel_conf net.ipv4.tcp_tw_reuse 1

kernel_conf net.ipv4.tcp_tw_recycle 1

kernel_conf net.ipv4.tcp_window_scaling 1

kernel_conf net.ipv4.tcp_sack 1

port_range_conf net.ipv4.ip_local_port_range 1024 65535

tcp_mem_conf net.ipv4.tcp_rmem 4096 4096 16777216

tcp_mem_conf net.ipv4.tcp_wmem 4096 4096 16777216

sysctl -p

ulimit -SHn 1048576

echo -e "

Warning:

--You must command ulimit -SHn 1048576 if you don't restart system !

"

sleep 5

二、检测优化脚本

#!/bin/bash

# 系统优化项检查脚本。

export LANG="en"

SERESULT=`getenforce`

UMRESULT=`ulimit -n`

FWCURRENT=`service iptables status | grep "Firewall is not running" | wc -l`

FWSTART=`chkconfig --list iptables | awk '{print $5}'| awk -F : '{print $2}'`

FILE_MAX=`grep "fs.file-max" /etc/sysctl.conf|awk '{print $3}'`

FINTIMEOUT=`grep "tcp_fin_timeout" /etc/sysctl.conf | awk '{print $3}'`

REUSE=`grep "tcp_tw_reuse" /etc/sysctl.conf | awk '{print $3}'`

RECYCLE=`grep "tcp_tw_recycle" /etc/sysctl.conf | awk '{print $3}'`

TCPTIME=`grep "tcp_timestamps" /etc/sysctl.conf | awk '{print $3}'`

PORTRANGE_MIN=`grep "ip_local_port_range" /etc/sysctl.conf | awk '{print $3}'`

PORTRANGE_MAX=`grep "ip_local_port_range" /etc/sysctl.conf | awk '{print $4}'`

TCPWINDOW=`grep "tcp_window_scaling" /etc/sysctl.conf | awk '{print $3}'`

TCPSACK=`grep "tcp_sack" /etc/sysctl.conf | awk '{print $3}'`

# Check SELinux Configure

if [ $SERESULT = 'Disabled' ]

   then echo -e "The SElinux is $SERESULT "..................."\033[32m PASS \033[0m"

else

   echo -e "The SElinux is $SERESULT "..................."\033[31m FAILED \033[0m"

fi

# Check ulimit Configure

if [ $UMRESULT -ge 65535 ]

   then echo -e "The ulimit is $UMRESULT"........................"\033[32m PASS \033[0m"

else

   echo -e "The ulimit is $UMRESULT"....................."\033[31m FAILED \033[0m"

fi

# Check IPTABLES RUNNING & CONFIGURE

if [ $FWCURRENT -eq 0 ]

   then echo -e "The Ipteblas is running "..................."\033[31m FAILED \033[0m"

elif [ $FWSTART = 'on' ]

   then echo -e "The iptables you must stop "..................."\033[31m FAILED \033[0m"

else

   echo -e "The iptables is not running"................"\033[32m PASS \033[0m"

fi

# Check Kernel File Open Max Configure

if [ `grep "fs.file-max" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $FILE_MAX -eq 1048576 ]

    then echo -e "fs.file-max is $FILE_MAX"....................."\033[32m PASS \033[0m"

  else

    echo -e "fs.file-max is $FILE_MAX"...................."\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m fs.file-max not configure,please check! \033[0m"

fi

# Check Kernel Fin_timeout Configure

if [ `grep "tcp_fin_timeout" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $FINTIMEOUT -eq 30 ]

   then echo -e "tcp_fin_timeout is $FINTIMEOUT"......................"\033[32m PASS \033[0m"

  else

   echo -e "tcp_fin_timeout is  $FINTIMEOUT"........................"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m FIN_timeout not config ,please check! \033[0m"

fi

# Check Kernel TCP reuse Configure

if [ `grep "tcp_tw_reuse" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $REUSE -eq 1 ]

   then echo -e "tcp_tw_reuse is $REUSE"......................."\033[32m PASS \033[0m"

  else

   echo -e "tcp_tw_reuse is $REUSE".........................."\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m TCP_TW_REUSE not config ,please check! \033[0m"

fi

# Check Kernel TCP recycle Configure

if [ `grep "tcp_tw_recycle" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $RECYCLE -eq 1 ]

   then echo -e "tcp_tw_recycle is $RECYCLE"....................."\033[32m PASS \033[0m"

  else

   echo -e "tcp_tw_recycle is $RECYCLE"........................"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m TCP_TW_RECYCLE not config ,please check! \033[0m"

fi

# Check Kernel TCP timestamps Configure

if [ `grep "tcp_timestamps" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $TCPTIME -eq 1 ]

   then echo -e "tcp_timestamps is $TCPTIME"......................"\033[32m PASS \033[0m"

  else

   echo -e "tcp_timestamps is $TCPTIME"........................."\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m TCP timestamps not config ,please check! \033[0m"

fi

# Check IPv4 Port Range configure

if [ `grep "ip_local_port_range" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $PORTRANGE_MIN -eq 1024 ] && [ $PORTRANGE_MAX -eq 65535 ]

   then echo -e "ip_local_port_range is $PORTRANGE_MIN $PORTRANGE_MAX"........"\033[32m PASS \033[0m"

  else

   echo -e "ip_local_port_range is $PORTRANGE_MIN $PORTRANGE_MAX"........"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m ip_local_port_range not config ,please check! \033[0m"

fi

# Check TCP_WINDOW Configure

if [ `grep "tcp_window_scaling" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $TCPWINDOW -eq 1 ]

   then echo -e "TCP_WINDOW is $TCPWINDOW"........................."\033[32m PASS \033[0m"

  else

   echo -e "TCP_WINDOW is $TCPWINDOW"............................"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m TCP_WINDOW not config ,please check! \033[0m"

fi

# Check tcp_sack Configure

if [ `grep "tcp_sack" /etc/sysctl.conf| wc -l` -ne 0  ]

then

  if [ $TCPSACK -eq 1 ]

   then echo -e "tcp_sack Time is $TCPSACK "..................."\033[32m PASS \033[0m"

  else

   echo -e "tcp_sack Time is $TCPSACK "......................"\033[31m FAILED \033[0m"

  fi

else

  echo -e "\033[34m tcp_sack Time not config ,please check! \033[0m"

fi

CentOS6.5优化脚本以及检测优化脚本的更多相关文章

  1. Android应用优化之代码检测优化

    在网络层,互联网提供所有应用程序都要使用的两种类型的服务,尽管目前理解这些服务的细节并不重要,但在所有TCP/IP概述中,都不能忽略他们: 无连接分组交付服务(Connectionless Packe ...

  2. 适用于Centos6.x系统的15项优化脚本

    1#!/bin/bash 2# Date: 2018-6-8 3#version:1.2 4#实现功能:一键系统优化15项脚本,适用于Centos6.x 5###################### ...

  3. 网安等保-Linux服务器之最新Ubuntu-22.04-LTS系统内核优化与安全加固配置脚本使用分享

    关注「WeiyiGeek」公众号 设为「特别关注」每天带你玩转网络安全运维.应用开发.物联网IOT学习! 希望各位看友[关注.点赞.评论.收藏.投币],助力每一个梦想. 本章目录 目录 0x00 前言 ...

  4. Centos6.5生产环境最小化优化配置

    Centos6.5生产环境最小化优化配置,满足业务需求! 01.启动网卡 #centos6.x最小化安装后,网卡默认不是启动状态 ifup eth0  //  ifconfig eth0 up /et ...

  5. unity3d 赛车游戏——复位点检测优化、反向检测、圈数检测、赛道长度计算

    接着上一篇文章说 因为代码简短且思路简单 所以我就把这几个功能汇总为一篇文章 因为我之前就是做游戏外挂的 经过验证核实,**飞车的复位点检测.圈数检测就是以下的方法实现的 至于反向检测和赛道长度计算, ...

  6. Shell脚本实现检测某ip网络畅通情况,实战用例

    Shell脚本实现检测某ip网络畅通情况,实战用例 环境准备,linux shell 发送email 邮件:1.安装sendmailyum -y install sendmail安装好sendmail ...

  7. bash命令检测Shell脚本中的语法错误和查看详细执行过程

    (1).bash命令检测Shell脚本中的语法错误 bash -v [脚本] [root@youxi1 ~]# vim a.sh #/bin/bash sum=$[$1+$2] echoo $sum ...

  8. 自定义nagios监控脚本---磁盘检测

    自定义nagios监控脚本---磁盘检测 1. 在客户端上创建脚本/usr/local/nagios/libexec/check_disk.shvim /usr/local/nagios/libexe ...

  9. Linux利用nc命令脚本批量检测服务器指定端口是否开放

    一.nc命令检测端口的用法 # nc -v -w 10 %IP% -z %PORT% -v 显示指令执行过程. -w <超时秒数> 设置等待连线的时间. -u 表示使用UDP协议 -z 使 ...

随机推荐

  1. SharePoint 2013 APP 开发示例 (五)跨域访问 Web Service (REST API)

          虽然 JQuery 也能通过授权header实现跨域, 但SharePoint 提供了更简单的方法,它被实现在SP.RequestExecutor里 .它能访问跨域的服务包括REST AP ...

  2. Jenkins中使用Azure Powershell连接Service Fabric报错not recognized的原因与解决办法

    一.使用背景 在涉及Azure service Fabric的自动化应用场景中,依赖于Service Fabric的Azure Powershell cmdlets,我们可以使用Jenkins能实现c ...

  3. laravel 模型事件 updated 触发条件

    1. 只有 $sku->{attribute} != $sku->getOriginal({attribute}) 不一致的时候才会触发 getDirty() 不为空的时候才触发, 而且不 ...

  4. python3 获取Linux系统信息

    系统信息 import platform platform.uname() platform.architecture() CPU信息 /proc/cpuinfo文件包含了系统处理器单元的信息. #! ...

  5. 即将上线的Spark服务器面临的一系列填坑笔记

    即将上线的Spark服务器面临的一系列填坑笔记 作者:尹正杰 版权声明:原创作品,谢绝转载!否则将追究法律责任. 把kafka和flume倒腾玩了,以为可以轻松一段时间了,没想到使用CDH部署的spa ...

  6. 面向对象【day07】:面向对象概念介绍(二)

    本节内容 1.概念 2.特性 3.面向对象介绍 一丶概念 1.面向对象编程 OOP(Object-Oriented Programming)编程是利用“类”和“对象”来创建各种模型来实现对真实世界的描 ...

  7. 函数和常用模块【day05】:装饰器高潮(三)

    本节内容 1.概述 2.装饰器定义 3.装饰器定义 4.带参数的生成器 一.概述 我们之前介绍了大幅片的内容,感觉跟装饰器半毛钱关系都没有,其实不然,我们分别详细阐述了高阶函数和内置函数,下面我们就来 ...

  8. Dapper总结(一)---基本CRUD操作

    一.dapper是什么 dapper是一款轻量级的ORM(Object Relationship Mapper),它负责数据库和编程语言之间的映射.SqlConnection,MysqlConnect ...

  9. loadrunner controller如何执行测试

    使用Virtual User Generator编写需要测试的脚本   打开controller,在左侧的available scripts里选择需要测试的脚本添加(Add)到scripts in s ...

  10. Spring第一个helloWorld

    Spring 简介: 轻量级:Spring是非侵入性的-基于Spring开发的应用中的对象可以不依赖于Spring的API 依赖注入(DI—dependdency injection.IOC) 面向切 ...