四劍客面試真題-2
1.擷取本機IP,並用IP:192.168.5.101 的格式顯示 使用ifconfig命令檢視並擷取
ip:192.168.5.101
ifconfig
ifconfig ens33 |grep -oE 'inet (addr:)?([0-9\.]+)' |grep -Eo '([0-9\.]+)'
ip addr show ens33 | grep -oP '(inet \d+(\.\d+){3})'
hostname -I |awk '{print "ip:"$1}'
實際效果演示
[root@master ~]# hostname -I |awk '{print "ip:"$1}'
ip:10.0.1.134
[root@master ~]# ifconfig | grep -oE "inet (addr:)?([0-9.]+)" | grep -v "127.0.0.1" | awk '{print "ip:"$2}'
ip:10.0.1.134
[root@master ~]# ifconfig eno16777736 | egrep -o 'inet (addr:(\b[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\b)|(\b[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\b))' | egrep -o '\b[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\b'
10.0.1.134
[root@master ~]# ifconfig eno16777736 |grep -oE 'inet (addr:)?([0-9\.]+)' |grep -Eo '([0-9\.]+)'
10.0.1.134
[root@master ~]# ip addr show eno16777736 |grep -oP '(inet \d+(\.\d+){3})'
inet 10.0.1.134
2 .匹配所有以root開頭的行
grep '^root' test.txt
awk '/^root/' test.txt
sed -n '/^root/p' test.txt
less test.txt |egrep '^root'
egrep '^root' test.txt
實際效果演示
[root@master ~]# grep '^root' test.txt
root
root
root
root
root
[root@master ~]# awk '/^root/' test.txt
root
root
root
root
root
[root@master ~]# sed -n '/^root/p' test.txt
root
root
root
root
root
[root@master ~]# less test.txt |egrep '^root'
root
root
root
root
root
[root@master ~]# egrep '^root' test.txt
root
root
root
root
root
- 統計nginx日誌裡訪問次數最多的前10個IP
awk '{print $1}' access.log |sort | uniq -c |sort -nr |head -n 10
grep -oE '\b([0-9]{1,3}\.){3}[0-9]{1,3}\b' access.log |sort |uniq -c |sort nr |head -10
實際效果演示
[root@master ~]# awk '{print $3}' access.log |sort |uniq -c|sort -nr|head -n 10
251790
22890 GET
2462 192.168.127.12
1851 10.0.0.1
1822 192.168.0.1
1784 172.16.31.10
962 209
765 54
711 111
699 88
4 檢測nginx訪問成功狀態碼200 的IP及次數
awk '$9 == "200" {print $1}' access.log |sort |uniq -c |sort -nr
grep '200' access.log |cut -d' ' -f1|sort |uniq -c |sort -nr
grep '200' access.log | awk '{print $1}' | sort | uniq -c | sort -nr
實際效果演示
[root@master ~]# grep '200' access.log |cut -d' ' -f1|sort |uniq -c |sort -nr
597 200
404 200.46
[root@master ~]# grep '200' access.log | awk '{print $1}' | sort | uniq -c | sort -nr
597 200
404 200.46
5 檢視埠的程序號
lsof -i:22
netstat -tulpn
ss -tulpn
fuser -n tcp 22
netstat -anp |grep 22
ss -anp |grep 22
ps aux |grep 22
注意:fuser 需要安裝 包名psmisc
實際效果演示
[root@master ~]# fuser -n tcp 22
22/tcp: 1133 12933 20200
[root@master ~]# lsof -i :22
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sshd 1133 root 3u IPv4 17110 0t0 TCP 10.0.1.134:ssh->10.0.1.1:11729 (ESTABLISHED)
sshd 12933 root 3u IPv4 66385 0t0 TCP 10.0.1.134:ssh->10.0.1.1:5394 (ESTABLISHED)
sshd 20200 root 3u IPv4 77683 0t0 TCP *:ssh (LISTEN)
sshd 20200 root 4u IPv6 77685 0t0 TCP *:ssh (LISTEN)
[root@master ~]# ss -tulpn |grep 22
tcp LISTEN 0 128 *:22 *:* users:(("sshd",pid=20200,fd=3))
tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=20200,fd=4))
[root@master ~]# netstat -tulpn |grep 22
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 20200/sshd
tcp6 0 0 :::22 :::* LISTEN 20200/sshd
[root@master ~]# netstat -anp |grep 22
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 20200/sshd
tcp 0 36 10.0.1.134:22 10.0.1.1:11729 ESTABLISHED 1133/sshd: root@pts
tcp 0 0 10.0.1.134:22 10.0.1.1:5394 ESTABLISHED 12933/sshd: root@pt
tcp6 0 0 :::22 :::* LISTEN 20200/sshd
unix 2 [ ] DGRAM 1057777 30224/pickup
unix 3 [ ] STREAM CONNECTED 80228 20668/auditd
unix 2 [ ] DGRAM 80226 20668/auditd
unix 3 [ ] STREAM CONNECTED 80227 20668/auditd
[root@master ~]# ss -an |grep 22
u_str ESTAB 0 0 * 80228 * 80227
u_dgr UNCONN 0 0 * 80226 * 7953
u_str ESTAB 0 0 * 80227 * 80228
tcp LISTEN 0 128 *:22 *:*
tcp ESTAB 0 0 10.0.1.134:22 10.0.1.1:11729
tcp ESTAB 0 0 10.0.1.134:22 10.0.1.1:5394
tcp LISTEN 0 128 [::]:22 [::]:*
[root@master ~]# ps aux |grep 22
root 1 0.0 0.3 43572 3824 ? Ss Mar16 0:01 /usr/lib/systemd/systemd --system --deserialize 22
root 22 0.0 0.0 0 0 ? S Mar16 0:00 [rcuob/13]
root 31 0.0 0.0 0 0 ? S Mar16 0:00 [rcuob/22]
root 122 0.0 0.0 0 0 ? S Mar16 0:00 [rcuob/113]
root 131 0.0 0.0 0 0 ? S Mar16 0:00 [rcuob/122]
root 160 0.0 0.0 0 0 ? S Mar16 0:00 [rcuos/22]
root 220 0.0 0.0 0 0 ? S Mar16 0:00 [rcuos/82]
root 221 0.0 0.0 0 0 ? S Mar16 0:00 [rcuos/83]
root 222 0.0 0.0 0 0 ? S Mar16 0:00 [rcuos/84]
root 223 0.0 0.0 0 0 ? S Mar16 0:00 [rcuos/85]
root 224 0.0 0.0 0 0 ? S Mar16 0:00 [rcuos/86]
root 225 0.0 0.0 0 0 ? S Mar16 0:00 [rcuos/87]
root 226 0.0 0.0 0 0 ? S Mar16 0:00 [rcuos/88]
root 227 0.0 0.0 0 0 ? S Mar16 0:00 [rcuos/89]
root 228 0.0 0.0 0 0 ? S Mar16 0:00 [rcuos/90]
root 229 0.0 0.0 0 0 ? S Mar16 0:00 [rcuos/91]
root 260 0.0 0.0 0 0 ? S Mar16 0:00 [rcuos/122]
root 13017 0.1 0.2 148288 2232 pts/2 S+ 00:23 0:26 top
polkitd 14251 0.0 1.2 612244 12132 ? Ssl 00:24 0:00 /usr/lib/polkit-1/polkitd --no-debug
root 20304 0.0 0.2 89812 2228 ? Ss 00:24 0:00 /usr/libexec/postfix/master -w
root 20524 0.0 0.3 224960 3500 ? Ssl 00:24 0:01 /usr/sbin/rsyslogd -n
postfix 30224 0.0 0.4 89916 4100 ? S 03:44 0:00 pickup -l -t unix -u
root 56178 0.0 0.0 0 0 ? S 02:22 0:00 [kworker/u256:1]
root 128834 0.0 0.0 112812 976 pts/0 R+ 04:42 0:00 grep --color=auto 22
6.使用grep找出/etc/passwd檔案中以root開頭以bash結尾的行,並顯示行號
grep -n '^root.*bash$' /etc/passwd
實際效果演示
[root@master ~]# grep -n '^root.*bash$' /etc/passwd
1:root:x:0:0:root:/root:/bin/bash
- 使用find查詢/usr/最近7天修改過的檔案複製到/dir
find /usr/ -type f -mtime -7 -exec cp {} /dir/ \;
實際效果演示
[root@master usr]# find /usr/ -type f -mtime -7 -exec cp {} /dir/ \;
[root@master usr]#
[root@master dir]# cd /dir
[root@master dir]# cd /usr/
[root@master usr]# ls
bin etc games include lib lib64 libexec local sbin share src tmp
- 把/etc/passwd的第1-3行內容另存 testx.txt
head -n 3 /etc/passwd > testx.txt
sed -n '1,3p' /etc/passwd > testx.txt
awk 'NR>=1 && NR<=3' /etc/passwd > testx.txt
實際效果演示
[root@master ~]# head -n 3 /etc/passwd > testx.txt
[root@master ~]# cat testx.txt
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
[root@master ~]# sed -n '1,3p' /etc/passwd > testx.txt
[root@master ~]# cat testx.txt
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
[root@master ~]# awk 'NR>=1 && NR<=3' /etc/passwd > testx.txt
[root@master ~]# cat testx.txt
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin