amd64bit · June 18, 2018 08:44
diff --git a/new_system.sh b/new_system.sh
 #!/bin/sh

 echo "==== Disable SELinux ===="
 setenforce 0
 sed -i "s/^SELINUX=enforcing/SELINUX=disabled/" /etc/selinux/config

 echo "==== Start Yum Update ===="
 yum -y update

 echo "==== Install nano and wget ===="
 yum -y install nano wget

 echo "==== install IUS repo ===="
 wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
 wget https://centos7.iuscommunity.org/ius-release.rpm
 rpm -ivh epel-release-latest-7.noarch.rpm
 rpm -ivh ius-release.rpm

 echo "==== Start Yum Update ===="
 yum update

 echo "==== Config SSH port and AllowUser ===="
 sed -i "s/^#Port 22/Port 23/" /etc/ssh/sshd_config
 sed -i "s/^#PermitRootLogin yes/PermitRootLogin no/" /etc/ssh/sshd_config
 sed -i "s/^#UseDNS yes/UseDNS no/" /etc/ssh/sshd_config
 echo " " >> /etc/ssh/sshd_config
 echo "AllowUsers XXXXX" >> /etc/ssh/sshd_config

 echo "==== Install iptables.service ===="
 yum -y install iptables-services
 systemctl start iptables
 systemctl enable iptables
 sed -i '/-A INPUT -i lo -j ACCEPT/a -A INPUT -p tcp -m state --state NEW -m tcp --dport 23 -j ACCEPT' /etc/sysconfig/iptables

 echo "==== Config Time-Zone ===="
 timedatectl set-timezone Asia/Bangkok

 echo "==== Config SWAP 2GB ===="
 dd if=/dev/zero of=/swapfile count=2048 bs=1MiB
 chmod 600 /swapfile
 mkswap /swapfile
 swapon /swapfile
 sed -i -e '$a\/swapfile swap swap sw 0 0' /etc/fstab

 echo "==== Stop Portmapper service (portmap, rpcbind)  ===="
 systemctl stop rpcbind.service
 systemctl disable rpcbind.service

 echo "==== Config Logs flooded ===="
 echo 'if $programname == "systemd" and ($msg contains "Starting Session" or $msg contains "Started Session" or $msg contains "Created slice" or $msg contains "Starting user-" or $msg contains "Starting User Slice of" or $msg contains "Removed session" or $msg contains "Removed slice User Slice of" or $msg contains "Stopping User Slice of") then stop' >/etc/rsyslog.d/ignore-systemd-session-slice.conf
 systemctl restart rsyslog

 echo "==== Reboot ===="
 reboot
	#!/bin/sh

	echo "==== Disable SELinux ===="
	setenforce 0
	sed -i "s/^SELINUX=enforcing/SELINUX=disabled/" /etc/selinux/config

	echo "==== Start Yum Update ===="
	yum -y update

	echo "==== Install nano and wget ===="
	yum -y install nano wget

	echo "==== install IUS repo ===="
	wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
	wget https://centos7.iuscommunity.org/ius-release.rpm
	rpm -ivh epel-release-latest-7.noarch.rpm
	rpm -ivh ius-release.rpm

	echo "==== Start Yum Update ===="
	yum update

	echo "==== Config SSH port and AllowUser ===="
	sed -i "s/^#Port 22/Port 23/" /etc/ssh/sshd_config
	sed -i "s/^#PermitRootLogin yes/PermitRootLogin no/" /etc/ssh/sshd_config
	sed -i "s/^#UseDNS yes/UseDNS no/" /etc/ssh/sshd_config
	echo " " >> /etc/ssh/sshd_config
	echo "AllowUsers XXXXX" >> /etc/ssh/sshd_config

	echo "==== Install iptables.service ===="
	yum -y install iptables-services
	systemctl start iptables
	systemctl enable iptables
	sed -i '/-A INPUT -i lo -j ACCEPT/a -A INPUT -p tcp -m state --state NEW -m tcp --dport 23 -j ACCEPT' /etc/sysconfig/iptables

	echo "==== Config Time-Zone ===="
	timedatectl set-timezone Asia/Bangkok

	echo "==== Config SWAP 2GB ===="
	dd if=/dev/zero of=/swapfile count=2048 bs=1MiB
	chmod 600 /swapfile
	mkswap /swapfile
	swapon /swapfile
	sed -i -e '$a\/swapfile swap swap sw 0 0' /etc/fstab

	echo "==== Stop Portmapper service (portmap, rpcbind) ===="
	systemctl stop rpcbind.service
	systemctl disable rpcbind.service

	echo "==== Config Logs flooded ===="
	echo 'if $programname == "systemd" and ($msg contains "Starting Session" or $msg contains "Started Session" or $msg contains "Created slice" or $msg contains "Starting user-" or $msg contains "Starting User Slice of" or $msg contains "Removed session" or $msg contains "Removed slice User Slice of" or $msg contains "Stopping User Slice of") then stop' >/etc/rsyslog.d/ignore-systemd-session-slice.conf
	systemctl restart rsyslog

	echo "==== Reboot ===="
	reboot