Welcome to Oracle Database Administrator Home
24x7 oracle database support and solutions
Oracle DBA Home     Routine Maintenance     PostgreSQL     Unix Commands     CVS     Oracle FAQ     Oracle Concepts     SQLPlus     OEM     ASM     Data Guard     RAC     RMAN     Networking     OAS     Partitioning      
Server Parameter File
Optimizer Statistics
Oracle Expdp
Oracle Database Backup
Oracle Database Tuning
Oracle DBA Scripts
Oracle PLSQL
Oracle Newsletter
Unix Shell Scripts
Perl Scripts
Database Auditing
Oracle Database Patching
Oracle Tools
Changing the sysman passw
Top 20 Monitoring SQL
SOP
Useful Unix Scripts

Search on an entire directory, finding all the instances of the text "findtext"
find . -type f -exec grep "findtext" {} \; -print 

 

find . -type f -print0 | xargs -0 sed -i 's/replacewith/whatever/g'

 

#!/bin/sh
                         
for file in $(grep -il "Hello" *.txt)
do
sed -e "s/Hello/Goodbye/ig" $file > /tmp/tempfile.tmp
mv /tmp/tempfile.tmp $file
done

 

 

Find and Replace

 

#!/bin/bash

 

# This script will search and replace all regular files for a string

 

# supplied by the user and replace it with another string.

 

#

 

function usage {

 

echo ""

 

echo "Search/replace script"

 

echo " Written by Sachchida ojha"

 

echo " sojha@secure-elements.com"

 

echo " http://www.secure-elements.com"

 

echo ""

 

echo "Not enough parameters provided."

 

echo "Usage: ./$0 searchstring replacestring"

 

echo "Remember to escape any special characters in the searchstring or the replacestring"

 

echo ""

 

}

 

#check for required parameters

 

if [ ${#1} -gt 0 ] && [ ${#2} -gt 0 ];

 

then

 

for f in `find -type f`;

 

do

 

cp $f $f.bak

 

echo "The string $1 will be replaced with $2 in $f"

 

sed s/$1/$2/g < $f.bak > $f

 

rm $f.bak

 

done

 

else

 

#print usage informamtion

 

usage

 

fi

 

 

 

SERVER INFO

 

#!/bin/bash

 

free > serverinfo.txt
vmstat >> serverinfo.txt
iostat >> serverinfo.txt
mpstat >> serverinfo.txt
sar >> serverinfo.txt
ps -ely >> serverinfo.txt
tar cvfz serverinfo.tgz serverinfo.txt
rm serverinfo.txt

 

Firewall Setup

 

#!/bin/sh
#
# Firewall

 


## Set your IP address
MYIP=`/sbin/ifconfig eth0 | grep inet | awk '{print $2}' | sed 's#addr:##g'`
#
## Flush rules & reset counters
iptables -F
iptables -Z
#
## Set policies
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
#
## Drop all incoming fragments
iptables -A INPUT -i eth0 -f -j DROP
#
## Drop outside packets with local addresses - anti-spoofing measure
#iptables -A INPUT -s $MYIP -i ! lo -j DROP
iptables -A INPUT -s 127.0.0.0/8 -i ! lo -j DROP
#iptables -A INPUT -s 10.0.0.0/8 -i ! lo -j DROP
#iptables -A INPUT -s 192.168.1.0/16 -i ! lo -j DROP
iptables -A INPUT -s 224.0.0.0/4 -i ! lo -j DROP
iptables -A INPUT -s 0.0.0.0/8 -i ! lo -j DROP
iptables -A INPUT -s 255.255.255.255 -i ! lo -j DROP
iptables -A INPUT -s 169.254.0.0/16 -i ! lo -j DROP
iptables -A INPUT -s 221.240.102 -i ! lo -j DROP
iptables -A INPUT -s 203.215.94.193 -i ! lo -j DROP
iptables -A INPUT -s 218.71.137.68 -i ! lo -j DROP
#
## Pass all locally-originating packets
iptables -A INPUT -i lo  -j ACCEPT
iptables -A OUTPUT -o lo  -j ACCEPT
#
##
## Administration Ports
##
## Accept ICMP ping echo requests
## (this allows other people to ping your machine, among other things),
iptables -A INPUT -p icmp --icmp-type echo-request  -j ACCEPT
#
## Accept ssh (port 22)
iptables -A INPUT -p tcp -m tcp --syn --dport 22  -d $MYIP -j ACCEPT
#
## Accept smtp (port 25)
#iptables -A INPUT -p tcp -m tcp --syn --dport 25  -d $MYIP -j ACCEPT
#
## Accept dns (port 53)
iptables -A INPUT -p udp -m udp -s 0/0 --dport 53 -d 0/0  -j ACCEPT
iptables -A INPUT -p tcp -m tcp -s 0/0 --dport 53 -d 0/0  -j ACCEPT
#
## Accept postgresql (port 5432)
iptables -A INPUT -p tcp -m tcp --syn --dport 5432  -d $MYIP -j ACCEPT
#
## Accept squid (port 3128)
iptables -A INPUT -p tcp -m tcp --syn --dport 3128  -d $MYIP -j ACCEPT
#

 

##
## Communications Ports
##

 

## setup TCP https redirect to non-root port and disabling registration
/sbin/iptables -t nat -A PREROUTING -p tcp --dport 443 -i eth0 -j REDIRECT --to-port 4443

 

#
## Accept https (port 4443)
iptables -A INPUT -p tcp -m tcp --syn --dport 4443  -d $MYIP -j ACCEPT
#
## Accept https (port 4444)
iptables -A INPUT -p tcp -m tcp --syn --dport 4444  -d $MYIP -j ACCEPT
#
## Accept https (port 8445)
iptables -A INPUT -p tcp -m tcp --syn --dport 8445  -d $MYIP -j ACCEPT
#
## Accept https (port 8446)
iptables -A INPUT -p tcp -m tcp --syn --dport 8446  -d $MYIP -j ACCEPT
#
## Accept https (port 8447)
iptables -A INPUT -p tcp -m tcp --syn --dport 8447  -d $MYIP -j ACCEPT
#
## Accept https (port 8448)
iptables -A INPUT -p tcp -m tcp --syn --dport 8448  -d $MYIP -j ACCEPT

 

## Accept https (port 8449)
iptables -A INPUT -p tcp -m tcp --syn --dport 8449  -d $MYIP -j ACCEPT

 

#
## Accept remote debugging (port 8787)
iptables -A INPUT -p tcp -m tcp --syn --dport 8787  -d $MYIP -j ACCEPT
#
## Accept https (port 1098)
iptables -A INPUT -p tcp -m tcp --syn --dport 1098  -d $MYIP -j ACCEPT
#
## Accept https (port 1099)
iptables -A INPUT -p tcp -m tcp --syn --dport 1099  -d $MYIP -j ACCEPT
#

 

## Allow inbound established and related outside communication
iptables -A INPUT -m state --state ESTABLISHED,RELATED  -j ACCEPT
#
## Drop outside initiated connections
iptables -A INPUT -m state --state NEW -j REJECT
#
## Allow all outbound tcp, udp, icmp traffic with state
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED  -j ACCEPT
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED  -j ACCEPT
iptables -A OUTPUT -p icmp -m state --state NEW,ESTABLISHED,RELATED  -j ACCEPT
#
## Save rules
service iptables save
#
#
echo "iptables configuration is complete"
echo ""
echo "Check your rules - iptables -L -n"
echo ""

 

echo "iptables configured saved and configured to start on boot"
chkconfig iptables on