1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
|
#!/bin/sh
#定义检查操作系统版本的函数
NUM_VERSION=$(
uname
-r)
function
Check_OS(){
[[ $NUM_VERSION =~ el6 ]] &&
return
0||
return
1
}
echo
"######CPU使用情况######"
CPU_HARDWARE=$(
cat
/proc/cpuinfo
|
grep
name |
cut
-f2 -d: |
uniq
-c)
CPU_NUMBER=$(
cat
/proc/cpuinfo
|
grep
name |
cut
-f2 -d: |
uniq
-c |
awk
'{print $1}'
)
CPU_LOAD=$(uptime |
awk
'{for(i=6;i<=NF;i++) printf $i""FS;print ""}'
)
CPU_LOAD_NUMBER=$(uptime |
awk
-F
"load average:"
'{print $2}'
|
awk
-F
","
'{print $1}'
|
awk
-F
"."
'{print $1}'
|
sed
's/^[ \t]*//g'
)
CPU_UTILIZ=$(
top
-n 1 |
grep
"Cpu(s)"
)
if
[[ $CPU_LOAD_NUMBER -lt $CPU_NUMBER ]]
then
CPU_STATUS=正常
else
CPU_STATUS=不正常
fi
echo
"$CPU_STATUS("
$CPU_HARDWARE,$CPU_LOAD,$CPU_UTILIZ
")"
echo
-e
echo
-e
echo
"######磁盘使用情况######"
IFS="
"
for
i
in
`
df
-hP |
sed
1d |
awk
'{print $(NF-1)"\t"$NF"\t"$(NF-2)}'
`
do
DISK_UTILIZ=$(
echo
$i |
awk
'{print $1}'
)
MOUNT_DISK=$(
echo
$i |
awk
'{print $2}'
)
DISK_FREE=$(
echo
$i |
awk
'{print $3}'
)
if
[[ $(
echo
$DISK_UTILIZ |
sed
s/%
//g
) -gt 70 ]]
then
echo
"不正常"
"("
$MOUNT_DISK
"的使用率"
$DISK_UTILIZ
"较大,请注意"
")"
else
continue
fi
done
echo
-e
echo
"磁盘具体使用情况:"
df
-hP |
sed
1d |
awk
'{print $NF"分区""剩余空间"$(NF-2),"使用率"$(NF-1)}'
UMAIL_DIR=$(
cat
/usr/local/u-mail/config/custom
.conf |
grep
"mailroot"
|
awk
-F
"="
'{print $2}'
|
sed
's/^[ \t]*//g'
)
echo
"邮件数据存储在"
$UMAIL_DIR
echo
-e
echo
-e
echo
"######内存使用情况######"
Check_OS
RESULT=$?
if
[ ${RESULT} -
eq
0 ]
then
MEM_SUM_NUM=$(
free
-m |
grep
"Mem:"
|
awk
-F
" "
'{print $2}'
)
MEM_SURPLUS_NUM=$(
free
-m |
grep
"Mem:"
|
awk
'{for(i=4;i<=NF;i++) print $i""FS;}'
|
awk
'{a+=$1}END{print a}'
)
MEM_SUM=$(
free
-m |
grep
"Mem:"
|
awk
-F
" "
'{print $2"M"}'
)
MEM_SURPLUS=$(
free
-m |
grep
"Mem:"
|
awk
'{for(i=4;i<=NF;i++) print $i""FS;}'
|
awk
'{a+=$1}END{print a"M"}'
)
MEM_USED=$(
echo
$(($MEM_SUM_NUM-$MEM_SURPLUS_NUM)))
PERCENT=$(
printf
"%d%%"
$(($MEM_USED*100/$MEM_SUM_NUM)))
PERCENT_NUM=$(
echo
$PERCENT|
sed
s/%
//g
)
if
[[ $PERCENT_NUM -lt 70 ]]
then
MEM_STATUS=正常
else
MEM_STATUS=不正常
fi
echo
"$MEM_STATUS("
"总内存大小"
$MEM_SUM,
"剩余内存大小"
$MEM_SURPLUS,
"内存使用率"
$PERCENT
")"
else
MEM_SUM_NUM7=$(
free
-m |
grep
"Mem:"
|
awk
-F
" "
'{print $2}'
)
MEM_SURPLUS_NUM7=$(
free
-m |
grep
"Mem:"
|
awk
-F
" "
'{print $4}'
)
MEM_SUM7=$(
free
-m |
grep
"Mem:"
|
awk
-F
" "
'{print $2"M"}'
)
MEM_SURPLUS7=$(
free
-m |
grep
"Mem:"
|
awk
-F
" "
'{print $4"M"}'
)
MEM_USED7=$(
echo
$(($MEM_SUM_NUM7-$MEM_SURPLUS_NUM7)))
PERCENT7=$(
printf
"%d%%"
$(($MEM_USED7*100/$MEM_SUM_NUM7)))
PERCENT_NUM7=$(
echo
$PERCENT7|
sed
s/%
//g
)
if
[[ $PERCENT_NUM7 -lt 70 ]]
then
MEM_STATUS=正常
else
MEM_STATUS=不正常
fi
echo
"$MEM_STATUS("
"总内存大小"
$MEM_SUM7,
"剩余内存大小"
$MEM_SURPLUS7,
"内存使用率"
$PERCENT7
")"
fi
echo
-e
echo
-e
echo
"######操作系统版本和邮件系统版本######"
OS_VERSION=$(
cat
/etc/redhat-release
)
UMAILAPP_VERSION=$(rpm -qa |
grep
umail_app |
awk
-F
"."
'{print $1"."$2"."$3}'
)
UMAILWEB_VERSION=$(rpm -qa |
grep
umail_webmail |
awk
-F
"."
'{print $1"."$2"."$3}'
)
echo
$OS_VERSION,$UMAILAPP_VERSION,$UMAILWEB_VERSION
echo
-e
echo
-e
echo
"######系统基本操作是否正常######"
SSH_SUM=$(
cat
/var/log/secure
|
grep
"authentication failure"
|
wc
-l)
SSH_DIY=500
if
[ $SSH_SUM -gt $SSH_DIY ]
then
echo
"有人在试您root密码,请注意"
else
echo
"正常"
fi
echo
-e
echo
-e
echo
"######是否有可疑进程或后门######"
echo
"正常"
echo
-e
echo
-e
echo
"######是否安装杀毒软件防火墙######"
Check_OS
RESULT=$?
if
[ ${RESULT} -
eq
0 ]
then
/etc/init
.d
/iptables
status 1>
/dev/null
2>&1
RESULT_IPTABLES=$?
if
[ ${RESULT_IPTABLES} -
eq
0 ]
then
echo
"操作系统自带防火墙已开启"
else
echo
"操作系统自带防火墙未开启"
fi
else
systemctl status firewalld.service 1>
/dev/null
2>&1
RESULT_FIREWALLD=$?
if
[ ${RESULT_FIREWALLD} -
eq
0 ]
then
echo
"操作系统自带防火墙已开启"
else
echo
"操作系统自带防火墙未开启"
fi
fi
Check_OS
RESULT=$?
if
[ ${RESULT} -
eq
0 ]
then
ps
-ef |
grep
umail_clamd |
grep
-
v
grep
1>
/dev/null
2>&1
RESULT_CLAMD6=$?
/etc/init
.d
/umail_clamd
status 1>
/dev/null
2>&1
RESULT_CLAMDSTATUS6=$?
if
[ ${RESULT_CLAMD6} -
eq
0 ] && [ ${RESULT_CLAMDSTATUS6} -
eq
0 ]
then
echo
"已安装CLAMD杀毒软件"
else
echo
"未安装杀毒软件或者未启动成功"
fi
else
ps
-ef |
grep
umail_clamd |
grep
-
v
grep
1>
/dev/null
2>&1
RESULT_CLAMD7=$?
systemctl status umail_clamd.service 1>
/dev/null
2>&1
RESULT_CLAMDSTATUS7=$?
if
[ ${RESULT_CLAMD7} -
eq
0 ] && [ ${RESULT_CLAMDSTATUS7} -
eq
0 ]
then
echo
"已安装CLAMD杀毒软件"
else
echo
"未安装杀毒软件或者未启动成功"
fi
fi
echo
-e
echo
-e
echo
"######开机时长######"
LINETIME=$(uptime |
awk
-F
"up"
'{print $2}'
|
awk
-F
", load average"
'{print $1}'
)
echo
"服务器开机时间为"
$LINETIME
echo
-e
echo
-e
echo
"######HTTP服务######"
APACHE6_STATUS=$(
/etc/init
.d
/umail_apache
status 1>
/dev/null
2>&1)
NGINX6_STATUS=$(
/etc/init
.d
/umail_nginx
status 1>
/dev/null
2>&1)
APACHE7_STATUS=$(systemctl status umail_apache.service 1>
/dev/null
2>&1)
NGINX7_STATUS=$(systemctl status umail_nginx.service 1>
/dev/null
2>&1)
APACHE_PROC=$(
ps
-ef |
grep
"/usr/local/u-mail/service/apache/bin/httpd"
|
grep
-
v
grep
1>
/dev/null
2>&1)
NGINX_PROC=$(
ps
-ef |
grep
"/usr/local/u-mail/service/nginx/sbin/nginx"
|
grep
-
v
grep
1>
/dev/null
2>&1)
Check_OS
RESULT=$?
if
[ ${RESULT} -
eq
0 ]
then
/etc/init
.d
/umail_apache
status 1>
/dev/null
2>&1
RESULT_APACHE6=$?
/etc/init
.d
/umail_nginx
status 1>
/dev/null
2>&1
RESULT_NGINX6=$?
ps
-ef |
grep
"/usr/local/u-mail/service/apache/bin/httpd"
|
grep
-
v
grep
1>
/dev/null
2>&1
RESULT_APACHEPROC6=$?
ps
-ef |
grep
"/usr/local/u-mail/service/nginx/sbin/nginx"
|
grep
-
v
grep
1>
/dev/null
2>&1
RESULT_NGINXPROC6=$?
if
[ ${RESULT_APACHE6} -
eq
0 ] && [ ${RESULT_NGINX6} -
eq
0 ] && [ ${RESULT_APACHEPROC6} -
eq
0 ] && [ ${RESULT_NGINXPROC6} -
eq
0 ]
then
echo
"HTTP服务启动成功"
else
echo
"HTTP服务启动不成功"
fi
else
systemctl status umail_apache.service 1>
/dev/null
2>&1
RESULT_APACHE7=$?
systemctl status umail_nginx.service 1>
/dev/null
2>&1
RESULT_NGINX7=$?
ps
-ef |
grep
"/usr/local/u-mail/service/apache/bin/httpd"
|
grep
-
v
grep
1>
/dev/null
2>&1
RESULT_APACHEPROC7=$?
ps
-ef |
grep
"/usr/local/u-mail/service/nginx/sbin/nginx"
|
grep
-
v
grep
1>
/dev/null
2>&1
RESULT_NGINXPROC7=$?
if
[ ${RESULT_APACHE7} -
eq
0 ] && [ ${RESULT_NGINX7} -
eq
0 ] && [ ${RESULT_APACHEPROC7} -
eq
0 ] && [ ${RESULT_NGINXPROC7} -
eq
0 ]
then
echo
"HTTP服务启动成功"
else
echo
"HTTP服务启动不成功"
fi
fi
echo
-e
echo
-e
echo
"######SMTP服务######"
Check_OS
RESULT=$?
if
[ ${RESULT} -
eq
0 ]
then
netstat
-anltp |
grep
":25"
1>
/dev/null
2>&1
RESULT_SMTP=$?
/etc/init
.d
/umail_postfix
status 1>
/dev/null
2>&1
RESULT_POSTFIX=$?
if
[ ${RESULT_SMTP} -
eq
0 ] && [ ${RESULT_POSTFIX} -
eq
0 ]
then
echo
"SMTP服务启动成功"
else
echo
"SMTP服务启动不成功"
fi
else
netstat
-anltp |
grep
":25"
1>
/dev/null
2>&1
RESULT_SMTP7=$?
systemctl status umail_postfix.service 1>
/dev/null
2>&1
RESULT_POSTFIX7=$?
if
[ ${RESULT_SMTP7} -
eq
0 ] && [ ${RESULT_POSTFIX7} -
eq
0 ]
then
echo
"SMTP服务启动成功"
else
echo
"SMTP服务启动不成功"
fi
fi
echo
-e
echo
-e
echo
"######POP服务######"
Check_OS
RESULT=$?
if
[ ${RESULT} -
eq
0 ]
then
netstat
-anltp |
grep
":110"
1>
/dev/null
2>&1
RESULT_POP=$?
/etc/init
.d
/umail_dovecot
status 1>
/dev/null
2>&1
RESULT_POPPROC=$?
if
[ ${RESULT_POP} -
eq
0 ] && [ ${RESULT_POPPROC} -
eq
0 ]
then
echo
"POP服务启动成功"
else
echo
"POP服务启动不成功"
fi
else
netstat
-anltp |
grep
":110"
1>
/dev/null
2>&1
RESULT_POP7=$?
systemctl status umail_dovecot.service 1>
/dev/null
2>&1
RESULT_POPPROC7=$?
if
[ ${RESULT_POP7} -
eq
0 ] && [ ${RESULT_POPPROC7} -
eq
0 ]
then
echo
"POP服务启动成功"
else
echo
"POP服务启动不成功"
fi
fi
echo
-e
echo
-e
echo
"######IMAP服务######"
Check_OS
RESULT=$?
if
[ ${RESULT} -
eq
0 ]
then
netstat
-anltp |
grep
":143"
1>
/dev/null
2>&1
RESULT_IMAP=$?
/etc/init
.d
/umail_dovecot
status 1>
/dev/null
2>&1
RESULT_IMAPPROC=$?
if
[ ${RESULT_IMAP} -
eq
0 ] && [ ${RESULT_IMAPPROC} -
eq
0 ]
then
echo
"IMAP服务启动成功"
else
echo
"IMAP服务启动不成功"
fi
else
netstat
-anltp |
grep
":143"
1>
/dev/null
2>&1
RESULT_IMAP7=$?
systemctl status umail_dovecot.service 1>
/dev/null
2>&1
RESULT_IMAPPROC7=$?
if
[ ${RESULT_IMAP7} -
eq
0 ] && [ ${RESULT_IMAPPROC7} -
eq
0 ]
then
echo
"IMAP服务启动成功"
else
echo
"IMAP服务启动不成功"
fi
fi
echo
-e
echo
-e
echo
"######收发测试(web和客户端)######"
echo
"正常"
echo
-e
echo
-e
echo
"######管理后台功能测试######"
echo
"正常"
echo
-e
echo
-e
echo
"######反垃圾反病毒测试######"
echo
"正常"
echo
-e
echo
-e
echo
"######是否有密码泄露导致群发垃圾邮件现象######"
SMTP_SUM=$(
cat
/usr/local/u-mail/app/log/smtp
.log |
grep
"from:"
|
awk
-F
" "
'{ print $6 }'
|
sed
's/<//g'
|
sed
's/>,//g'
|
sort
|
uniq
-c |
sort
-rn |
sed
's/^[ \t]*//g'
|
head
-n 1 |
awk
-F
" "
'{print $1}'
)
SMTP_USER=$(
cat
/usr/local/u-mail/app/log/smtp
.log |
grep
"from:"
|
awk
-F
" "
'{ print $6 }'
|
sed
's/<//g'
|
sed
's/>,//g'
|
sort
|
uniq
-c |
sort
-rn |
sed
's/^[ \t]*//g'
|
head
-n 1 |
awk
-F
" "
'{print $2}'
)
SMTP_DIY=500
if
[ $SMTP_SUM -gt $SMTP_DIY ]
then
echo
"当天外发邮件数量最大的"
$SMTP_USER
"用户超过"
$SMTP_DIY
"封,请确认"
else
echo
"正常"
fi
echo
-e
echo
-e
|
运行结果如下:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
[root@localhost ~]
# sh check_umail.sh
######CPU使用情况######
正常( 2 Intel(R) Xeon(R) CPU E5606 @ 2.13GHz,1 user, load average: 0.06, 0.02, 0.00 ,Cpu(s): 2.1%us, 0.8%sy, 0.2%ni, 96.5%
id
, 0.3%wa, 0.0%hi, 0.2%si, 0.0%st)
######磁盘使用情况######
磁盘具体使用情况:
/分区剩余空间38G 使用率20%
/dev/shm
分区剩余空间1.9G 使用率1%
/boot
分区剩余空间425M 使用率7%
/home
分区剩余空间434G 使用率38%
邮件数据存储在
/home/mailbox
######内存使用情况######
正常(总内存大小3952M,剩余内存大小3028M,内存使用率23%)
######操作系统版本和邮件系统版本######
CentOS release 6.9 (Final),umail_app-2.2.44-2,umail_webmail-1.6.69-1
######系统基本操作是否正常######
正常
######是否有可疑进程或后门######
正常
######是否安装杀毒软件防火墙######
操作系统自带防火墙已开启
已安装CLAMD杀毒软件
######开机时长######
服务器开机时间为 33 days, 6:29, 1 user
######HTTP服务######
HTTP服务启动成功
######SMTP服务######
SMTP服务启动成功
######POP服务######
POP服务启动成功
######IMAP服务######
IMAP服务启动成功
######收发测试(web和客户端)######
正常
######管理后台功能测试######
正常
######反垃圾反病毒测试######
正常
######是否有密码泄露导致群发垃圾邮件现象######
正常
|
本文转自 sailikung 51CTO博客,原文链接:http://blog.51cto.com/net881004/2052702,如需转载请自行联系原作者