[root@yuguotianqing scripts]# cat optimize.sh
#!/bin/bash
#autbor yuguotianqing QQ 157245227
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
mkdir -p /server/scripts
#SElinux off 关闭SElinux
sed -i ‘s#SELINUX=enforcing#SELINUX=disabled#g‘ /etc/selinux/config &&grep "SELINUX=disabled" /etc/selinux/config &&setenforce 0
#iptables off 关闭防火墙
/etc/init.d/iptables stop
/etc/init.d/iptables stop
chkconfig iptables off
#Startup service optimization 关闭自开机启动项
chkconfig --list|grep 3:on |egrep -v "crond|sshd|network|rsyslog|sysstat"|awk ‘{print "chkconfig",$1,"off"}‘|bash &&chkconfig --list |grep 3:on
#Add Chinese characters 设置中文字符集
cp /etc/sysconfig/i18n /etc/sysconfig/i18n.ori &&echo ‘LANG="zh_CN.UTF-8"‘ >/etc/sysconfig/i18n &&source /etc/sysconfig/i18n &&echo $LANG
#System time synchronization 互联网和系统时间同步
echo ‘#tmime sync by wen at 2017-12-28‘ >>/var/spool/cron/root &&echo ‘*/5 * * * * /usr/sbin/ntpdate time.nist.gov >/dev/null 2>&1‘ >>/var/spool/cron/root &&crontab -l
#Enlarge the text descriptor 加大文件描述符
echo ‘* - nofile 65535‘>>/etc/security/limits.conf &&tail -1 /etc/security/limits.conf
#make kernel 内核优化
cat >>/etc/sysctl.conf<<EOF
net.ipv4.tcp_fin_timeout = 2
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_keepalive_time = 600
net.ipv4.ip_local_port_range = 4000 65000
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.tcp_max_tw_buckets = 36000
net.ipv4.route.gc_timeout = 100
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_synack_retries = 1
net.core.somaxconn = 16384
net.core.netdev_max_backlog = 16384
net.ipv4.tcp_max_orphans = 16384
net.ipv4.ip_conntrack_max = 25000000
net.nf_conntrack_max = 25000000
net.netfilter.nf_conntrack_max = 25000000
net.netfilter.nf_conntrack_tcp_timeout_established = 180
net.netfilter.nf_conntrack_tcp_timeout_time_wait = 120
net.netfilter.nf_conntrack_tcp_timeout_close_wait = 60
net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 120
EOF
#yum 安装常用服务软件
yum install lrzsz nmap tree dos2unix nfs-utils rpcbind telnet -y &&rpm -aq lrzsz nmap tree dos2unix nc nfs-utils rpcbind telnet``
原文:http://blog.51cto.com/ygtq666/2060903