#交互脚本
[root@zabbix royoy]# cat add_del_ip_for_jjuly.sh
#!/bin/bash
# Author : royoy
# Desc : Add, delete and query IP for jjuly
# Version : 0.0.5
# Usage: : add_del_ip_for_jjuly.sh
# Source font file
. /etc/rc.d/init.d/font
salt_cmd="/usr/bin/salt"
node_group="jjuly_web"
sls_dir="jjuly_nginx_sls"
conf_file_dir="/srv/salt/sources/jjuly/nginx"
frontend_conf="${conf_file_dir}/frontend_allow.zone"
backoffice_conf="${conf_file_dir}/backoffice.zone"
blockips_conf="${conf_file_dir}/blockips.zone"
log_file="/var/log/cjjuly_ip_rsync.log"
tmp_log="/var/log/jjuly_tmp_file.log"
current_time="$(date +"%F %T")"
lock_file="/var/lock/subsys/add_del_ip_for_jjuly.lock"
ip_comment=""
ip=""
stty erase ^H
##########################
# Check if root user
[ `id -u` -ne 0 ] && {
echo "Must use the root account"
exit
}
# Check whether lock_file exsit
[ -f "$lock_file" ] && {
echo "script is running";exit
} || {
touch "$lock_file"
}
# Exit function
exit_clear(){
[ -f "$lock_file" ] && rm -f "$lock_file"
[ -f "$tmp_log" ] && rm -f "$tmp_log"
exit
}
# Format funtion
format_output_start(){
echo -e "\n\n" >> $log_file
echo "=============================== ${current_time} ==============================" >> $log_file
}
format_output_end(){
wait
[ "`awk '/Failed:/{if($2 != 0)print "ERROR"}' $tmp_log | egrep "ERROR"`" ] && {
font -red "\nERROR" -reset -n -n ; cat $tmp_log >> $log_file ;font "ERROR" -n >> $log_file ;exit_clear
} || {
font -green "\nOK" -reset -n -n ; cat $tmp_log >> $log_file ;font "OK" -n >> $log_file
}
echo "===================================== End ========================================" >> $log_file
}
# ---------------------
# Function functions
# ---------------------
ff1(){
read -p "Please input IP : " ip
echo
[ "$ip" == "exit" -o "$ip" == "" -o "$ip" == "quit" -o "$ip" == "q" -o "$ip" == "x" ] && {
font "[ No Operation ] 未操作,正常退出" -n >> $log_file
format_output_end ; exit_clear
}
}
ff2(){
[ "$IP" == "exit" -o "$IP" == "" -o "$IP" == "quit" -o "$IP" == "q" -o "$IP" == "x" ] && {
font "[ " -green "No Operation" -reset " ] " "未操作,正常退出" -n >> $log_file
format_output_end ; exit_clear
}
}
ff3(){
check_ip_valid "$IP" "x"
[ "`grep "$IP" "$1"`" ] && {
font "查询结果: " -blue "$2" -reset -yellow " [ $IP ] " -reset -green "已存在" -reset -n
} || {
font "查询结果: " -blue "$2" -reset -yellow " [ $IP ] " -reset -purple "不存在" -reset -n
}
}
ff4(){
echo "输入需要查询的IP,多个IP以空格分开(exit退出脚本)"
ff1
for IP in $ip
do
ff3 "$1" "$2"
done
}
ff5(){
[ "$1" == "blockips" ] && tmp_v1="黑名单" ;[ "$1" == "frontend" ] && tmp_v1="前" ;[ "$1" == "backoffice" ] && tmp_v1="后" ;[ "$1" == "all" ] && tmp_v1="前台和"
format_output_start
read -p "输入注释,不写则为空: " tmp_comment
ip_comment="$tmp_comment"
echo "输入需要添加的IP,多个IP以空格分开(exit退出脚本)"
ff1
[ "$1" == "blockips" ] && {
echo -e "\n添加 [ $ip ] 到"${tmp_v1}"\n" >> $log_file
} || {
echo -e "\n添加 [ $ip ] 到"${tmp_v1}"台白名单\n" >> $log_file
}
for IP in $ip
do
check_ip_valid "$IP"
[ "$1" == "blockips" ] && echo -e "deny $IP;\t\t#$current_time $ip_comment" >> $blockips_conf
[ "$1" == "frontend" ] && echo -e "allow $IP;\t\t#$current_time $ip_comment" >> $frontend_conf
[ "$1" == "backoffice" ] && sed -i "/deny all/i allow $IP;\ #$current_time $ip_comment" $backoffice_conf
[ "$1" == "all" ] && {
echo -e "allow $IP;\t\t#$current_time $ip_comment" >> $frontend_conf
sed -i "/deny all/i allow $IP;\ #$current_time $ip_comment" $backoffice_conf
}
done
ff6
format_output_end
}
ff6(){
$salt_cmd -N "$node_group" state.sls saltenv="update" ${sls_dir}.nginx_file_manage | tee -a $tmp_log ; wait
}
ff7(){
tmp_v3="$1" ; [ "$tmp_v3" == "blockips" ] && tmp_v1="黑名单" ;[ "$tmp_v3" == "frontend" ] && tmp_v1="前"
[ "$tmp_v3" == "backoffice" ] && tmp_v1="后" ;[ "$tmp_v3" == "all" ] && tmp_v1="前台和"
format_output_start
echo "输入需要删除的IP,多个IP以空格分开(exit退出脚本)"
ff1
[ "$tmp_v3" == "blockips" ] && {
echo -e "\n删除 [ $ip ] 从"${tmp_v1}"\n" >> $log_file
} || {
echo -e "\n删除 [ $ip ] 从"${tmp_v1}"台白名单\n" >> $log_file
}
tmp_v2=1
for IP in $ip
do
check_ip_valid "$IP"
p1=$(ff8 1); p2=$(ff8 2); p3=$(ff8 3); p4=$(ff8 4)
[ "$tmp_v3" == "frontend" ] && {
ff9 $p1 $p2 $p3 $p4 "$frontend_conf" || ff10 "前台"
} || {
[ "$tmp_v3" == "backoffice" ] && {
ff9 $p1 $p2 $p3 $p4 "$backoffice_conf" || ff10 "后台"
} || {
[ "$tmp_v3" == "all" ] && {
ff9 $p1 $p2 $p3 $p4 "$frontend_conf" || ff10 "前台"
ff9 $p1 $p2 $p3 $p4 "$backoffice_conf" || ff10 "后台"
} || {
ff9 $p1 $p2 $p3 $p4 "$blockips_conf" || ff10 "黑名单"
}
}
}
done
[ $tmp_v2 -eq 0 ] && { ff6 ; format_output_end ; }
}
ff8(){
echo $IP | cut -d. -f"$1"
}
ff9(){
[ "`grep "$IP" "$5"`" ] && {
sed -i "/$1\.$2\.$3\.$4/d" $5 ; tmp_v2=0
}
}
ff10(){
font -blue "$1" -reset -yellow " [ $IP ] " -reset -purple "不存在, 删除未执行" -reset -n ; font "$1 [ $IP ] 不存在, 删除未执行" -n >> $log_file
}
ff11(){
font -n -blue "$2最近5条记录如下:" -reset -n ; tail -5 "$1"
}
ff12(){
salt 'jjuly-WEB-ADMIN3-HUIDU' cmd.run '/usr/local/bin/jjuly_update' &>/dev/null
rsync_status="$?"
wait
salt 'jjuly_WebProxy_119.9.116.11' cmd.run '/usr/local/bin/jjuly_update' &>/dev/null
curl_status="$?"
wait
return "$(($rsync_status + $curl_status))"
}
ff13(){
local zone_url="http://jjuly.update.org"
local zone_file="frontend_allow.zone backoffice.zone blockips.zone"
local local_dir="/opt/update/jjuly"
for i in $zone_file
do
[ "200" -eq `curl -s -w "%{http_code}" ${zone_url}/$i -o /dev/null` ] && {
wget ${zone_url}/$i -O ${local_dir}/$i &>/dev/null
} || return 6
done
}
ff14(){
ff12 || ff12 || {
echo -e "File rsysc failed\t#${current_time}" | tee -a $log_file
exit_clear
}
ff13 || {
echo -e "File wget failed\t#${current_time}" | tee -a $log_file
exit_clear
}
}
ff15(){
ff14 && {
/bin/cp -f /opt/update/jjuly/{frontend_allow.zone,backoffice.zone,blockips.zone} /srv/salt/sources/jjuly/nginx/
}
}
ff16(){
font "rsyscing file,please wait a moment..." -n
ff15 && font "Finished" -n || {
echo -e "File copy failed\t#${current_time}" | tee -a $log_file
exit_clear
}
}
#
check_ip_valid(){
IP="$1"
while :
do
echo "$IP" | egrep -q '^([0-9]{1,3}(\.\b|$)){4}$'
[ $? -eq 0 ] && {
valid=1
for number in ${IP//./ }
do
[ $number -gt 255 ] && valid=0 && break
done
[ $valid -eq 1 ] && break
}
echo -n "IP格式错误[ " ; font -red "$IP" -reset ; echo " ],不用重新输入所有的IP,只需要修改错误的IP即可"
tmp_ip="$IP"
echo ; read -p "请输入正确的IP: " IP ; echo ;ff2
[ "$2" != "x" ] && echo -e "IP【$tmp_ip】格式错误,已修正为[$IP]\n" >> $log_file
done
}
# ---------------------
# Query module
# ---------------------
query_frontend_ip(){
ff4 "${frontend_conf}" "前台白名单"
}
query_backoffice_ip(){
ff4 "${backoffice_conf}" "后台白名单"
}
query_frontend_backoffice_ip(){
echo "输入需要查询的IP,多个IP以空格分开(exit退出脚本)"
ff1
for IP in $ip
do
ff3 "${frontend_conf}" "前台白名单"
ff3 "${backoffice_conf}" "后台白名单"
done
}
# ---------------------
# Add module
# ---------------------
add_frontend_ip(){
ff5 "frontend"
}
add_backoffice_ip(){
ff5 "backoffice"
}
add_frontend_backoffice_ip(){
ff5 "all"
}
add_block_ip(){
ff5 "blockips"
}
# ---------------------
# Delete module
# ---------------------
del_frontend_ip(){
ff7 "frontend"
}
del_backoffice_ip(){
ff7 "backoffice"
}
del_frontend_backoffice_ip(){
ff7 "all"
}
del_block_ip(){
ff7 "blockips"
}
# ---------------------
# Display module
# ---------------------
display_recent_frontend_entries(){
ff11 "$frontend_conf" "前台"
}
display_recent_backoffice_entries(){
ff11 "$backoffice_conf" "后台"
}
display_recent_all_entries(){
ff11 "$frontend_conf" "前台"
ff11 "$backoffice_conf" "后台"
}
# ---------------------
# Main module
# ---------------------
ff16
font -yellow "请选择一项操作(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16):" -n -reset
select i in 添加到前台 添加到后台 添加到前台和后台 从前台删除 从后台删除 从前台和后台删除 从前台查询 从后台查询 从前后台查询 显示前台5条 显示后台5条 显示前后台5条 添加到黑名单 从黑名单删除 更新本地配置文件 退出脚本
do
case $i in
1|添加到前台)
add_frontend_ip
;;
2|添加到后台)
add_backoffice_ip
;;
3|添加到前台和后台)
add_frontend_backoffice_ip
;;
4|从前台删除)
del_frontend_ip
;;
5|从后台删除)
del_backoffice_ip
;;
6|从前台和后台删除)
del_frontend_backoffice_ip
;;
7|从前台查询)
query_frontend_ip
;;
8|从后台查询)
query_backoffice_ip
;;
9|从前后台查询)
query_frontend_backoffice_ip
;;
10|显示前台5条)
display_recent_frontend_entries
;;
11|显示后台5条)
display_recent_backoffice_entries
;;
12|显示前后台5条)
display_recent_all_entries
;;
13|添加到黑名单)
add_block_ip
;;
14|从黑名单删除)
del_block_ip
;;
15|更新本地配置文件)
ff16
;;
*)
exit_clear
esac
font -n -yellow "请选择一项操作(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16):" -n -reset
font "1) 添加到前台\t\t9) 从前后台查询\n2) 添加到后台\t 10) 显示前台5条\n3) 添加到前台和后台 11) 显示后台5条\n4) 从前台删除\t 12) 显示前后台5条\n5) 从后台删除\t 13) 添加到黑名单\n6) 从前台和后台删除 14) 从黑名单删除\n7) 从前台查询\t 15) 更新本地配置文件\n8) 从后台查询\t 16) 退出脚本" -n
done
##script end
