Linux One-click Optimization (for Redhat and derivative versions)

#!/bin/bash

#set env

Export lang= "en_US. UTF-8 "

Export path= $PATH:/bin/sbin:/usr/sbin

#whether ROOT to running user

if [[$ (WhoAmI)! = root]];then

echo "Please su-root run the script."

Fi

Service= ' which service '

chkconfig= ' which chkconfig '

. /etc/init.d/functions

#set time

Inittime () {

Yum-y Install ntpdate >/dev/null 2>&1

Ntpdate asia.pool.ntp.org >/dev/null 2>&1

echo "*/5 * * * * * ntpdate asia.pool.ntp.org >>/var/spool/cron/root 2>/dev/null" >/var/spool/cron/root 2> /dev/null

[$?-eq 0] && action "Inittime is OK"/bin/true | | Exit 1

Sleep 3

}

#install Packages

Inittool () {

Yum-y install Sysstat net-snmp lrzsz SAR gcc gcc-c++ >/dev/vull 2>&1

Yum groupinstall "Compatibility Libraries" "Base" "Development tools" >/dev/null 2>&1

Yum groupinstall "Debugging Tools" "Dial-up Networking support" >/dev/null 2>&1

[$?-eq 0] && action "Inittool is OK"/bin/true | | Exit 1

Sleep 3

}

#update the System lang

initi18n () {

cat/etc/sysconfig/i18n >/etc/sysconfig/i18n.bak

Echo lang= "en_US. UTF-8 ">>/etc/sysconfig/i18n

source/etc/sysconfig/i18n

[$?-eq 0] && action "initi18n is OK:"/bin/true | | Exit 1

Sleep 3

}

#start iptables

Initselinux () {

selinux= "'/usr/sbin/getenforce '"

Cat/etc/selinux/config >/etc/selinux/config.bak

[$selinux! = "Disabled"] &&/usr/sbin/setenforce 0 >/dev/null 2>& 1 | | echo "SELinux is ok ... "

Sleep 3

}

#close not need to service

Initservice () {

Export lang= "en_US. UTF-8 "

For i in ' chkconfig--list | Grep-i "3:on" | awk ' {print '} ';d o chkconfig $i off; Done

For I in Crond network Rsyslog sshd;do chkconfig--level 3 $i On;done

[$?-eq 0] && action "Initservice is OK:"/bin/true | | Exit 1

Sleep 3

}

#youhua for SSH

Initssh () {

Cat/etc/ssh/sshd_config >/etc/ssh/sshd_config.bak

Useradd User >/dev/null 2>&1

echo "feb803873cc1401f" | passwd--stdin User

Sed-i ' s/#Port 22/port 22/'/etc/ssh/sshd_config

Sed-i ' s/#PermitRootLogin yes/permitrootlogin yes/'/etc/ssh/sshd_config

Sed-i ' s/#PermitEmptyPasswords no/permitemptypasswords no/'/etc/ssh/sshd_config

/etc/init.d/sshd Stop >/dev/null 2>& 1

[$?-eq 0] | | Exit 1

/etc/init.d/sshd Start >/dev/null 2>& 1

[$?-eq 0] && action "Initssh is ok ..." | | Exit 1

}

#change file Inode

OpenFiles () {

cat/etc/security/limits.conf >/etc/security/limits.conf.bak

echo "ULIMIT-HSN 65535" >>/etc/security/limits.conf

[$?-eq 0] && action "limit is OK"/bin/true | | Exit 1

Sleep 3

}

#youhua kernel

Openkernel () {

Modprobe Bridge >/dev/null 2>& 1

cat/etc/sysctl.conf >/etc/sysctl.conf.bak

Cat >>/etc/sysctl.conf << EOF

########################################################

Net.ipv4.icmp_echo_ignore_broadcasts = 1

net.ipv4.icmp_ignore_bogus_error_responses = 1

Net.ipv4.tcp_syncookies = 1

Net.ipv4.conf.all.log_martians = 1

Net.ipv4.conf.default.log_martians = 1

Net.ipv4.conf.all.accept_source_route = 0

Net.ipv4.conf.default.accept_source_route = 0

Net.ipv4.conf.all.rp_filter = 1

Net.ipv4.conf.default.rp_filter = 1

net.ipv4.conf.all.accept_redirects = 0

net.ipv4.conf.default.accept_redirects = 0

net.ipv4.conf.all.secure_redirects = 0

net.ipv4.conf.default.secure_redirects = 0

net.ipv4.conf.all.send_redirects = 0

net.ipv4.conf.default.send_redirects = 0

Kernel.exec-shield = 1

Kernel.randomize_va_space = 1

Fs.file-max = 65535

Kernel.pid_max = 65536

Net.core.netdev_max_backlog = 4096

net.ipv4.tcp_window_scaling = 1

Net.ipv4.tcp_max_syn_backlog = 4096

Net.ipv4.tcp_max_tw_buckets = 4096

Net.ipv4.tcp_keepalive_time = 20

Net.ipv4.ip_forward = 0

Net.ipv4.tcp_mem = 192000 300000 732000

Net.ipv4.tcp_rmem = 51200 131072 204800

Net.ipv4.tcp_wmem = 51200 131072 204800

Net.ipv4.tcp_keepalive_timenet.ipv4.tcp_keepalive_time = 20

NET.IPV4.TCP_KEEPALIVE_INTVL = 5

Net.ipv4.tcp_keepalive_probes = 2

Net.ipv4.tcp_orphan_retries = 3

Net.ipv4.tcp_syn_retries = 3

Net.ipv4.tcp_synack_retries = 3

Net.ipv4.tcp_retries2 = 5

Net.ipv4.tcp_fin_timeout = 30

Net.ipv4.tcp_max_orphans = 2000

Net.ipv4.tcp_tw_reuse = 1

Net.ipv4.tcp_tw_recycle = 1

vm.min_free_kbytes=409600

vm.vfs_cache_pressure=200

Vm.swappiness = 40

Vm.dirty_expire_centisecs = 1500

Vm.dirty_writeback_centisecs = 1000

Vm.dirty_ratio = 20

Vm.dirty_background_ratio = 100

######################################################

Eof

/sbin/sysctl-p >/dev/null 2>& 1

[$?-eq 0] && action "kernel is OK"/bin/true | | Exit 1

Sleep 1

}

#init_snmp

Init_snmp () {

Cp/etc/snmp/snmpd.conf/etc/snmp/snmpd.conf.bak

Sed-i ' s/#view all/view all/'/etc/snmp/snmpd.conf

Sed-i ' s/#access myrogroup/access myrogroup/'/etc/snmp/snmpd.conf

${chkconfig} snmpd on >/dev/null 2>&1

${service} snmpd Start >/dev/null 2>&1

[$?-eq 0] && action "SNMPD is starting"/bin/true | | Exit 0

}

Initdos () {

echo >/proc/sys/net/ipv4/tcp_keepalive_time

Echo 2 >/proc/sys/net/ipv4/tcp_keepalive_probes

echo 2048 >/proc/sys/net/ipv4/tcp_max_syn_backlog

Echo 1 >/proc/sys/net/ipv4/tcp_synack_retries

Echo 1 >/proc/sys/net/ipv4/tcp_syn_retries

Echo 1 >/proc/sys/net/ipv4/tcp_syncookies

[$?-eq 0] && action "SNMPD is starting"/bin/true | | Exit 0

}

Inittime

Inittool

initi18n

Initselinux

Initservice

Initssh

OpenFiles

Openkernel

Init_snmp

Initdos

echo "Don t forget start your iptables."

This article from the "three-line, must have my teacher Yan" blog, please be sure to keep this source http://lovers.blog.51cto.com/5850489/1585178

Linux One-click Optimization (for Redhat and derivative versions)