commend line and some service
TRANSCRIPT
-
8/6/2019 Commend Line and Some Service
1/24
Mt s lnh v phm tt dng trong Linux
Posted: Thng Hai 23, 2011 by Anh Tun in LinuxTh:Asia, Da Nang, Hard disk drive, Microsoft Windows, Provinces, Vietnam, Vietnamese people, Windows0
Rate This
1. Cc lnh c bn
# ls // ging nh dir ca windows# vi // m trnh son tho vn bn text# passwd // i password user hin ti# chmod // cp quyn cho th mc v tp tin (chmod 777) l ton quy# chgrp // thay i group cho th mc v tp tin
# chown // thay i owner th mc v tp tin# cp a b // copy file a vo th mc b# reboot // khi ng li h thng# shutdown -h now // shutdown h thng (tt my)
2. Networking (hn ch s dng khi ang ch remote):
# ifconfig // xem v config ip ca server# setup // chn Network Configuration set IP cho server# vi /etc/resolv.conf // cu hnh dns cho server# ifdown eht0 // down card mng eth0
# ifup eht0 // up card mng eth0# service network restart // khi ng li service mng
3. Kim tra h thng
# top // xem tnh trng s dng ti nguyn RAM, CPU ca h thng# uptime // xem tnh trng trung bnh ca h thng v thi gian h thng online# fdisk -l // xem cc cng HDD c trn server# df -h // kim tra mc s dng cng HDD# cat /proc/cpuinfo // kim tra CPU# cat /proc/meminfo // kim tra mc s dng b nh
# du -hs // kim tra dung lng th mc
4. Webserver v MySQL
# service httpd status // xem tnh trng webserver# service httpd restart // khi ng li webserver# service mysqld restart // khi ng li mysql
-
8/6/2019 Commend Line and Some Service
2/24
# mysqlcheck -Aao -auto-repair -u[MySqlAdmin] -p[Password] // kim tra sa v optimizemysql database
5. Nn v gii nn
# tar -cvzpf archive.tgz /home/example/public_html/folder // nn mt th mc# tar -tzf backup.tar.gz // lit k file nn gz# tar -xvf archive.tar // gii nn mt file tar
6. Trong terminal
* + L: xo ton b mn hnh, ging lnh clear* + D: exit session, ging lnh exit* + R: tm mt lnh chy trc y, nhn + R sau bt u g mt phn ca cu lnh, hthng s t hon tt phn cn li da trn cc cu lnh c thc hin trc * : t ng hon tt cu lnh
* + : dn (paste) ni dung copy vo terminal* + PageUp: cun mn hnh ln trn mt trang* + + F2 ( + F2> nu ang ch console): chuyn sang virtual terminal th 2, tng t viF3, F4
7. Trong GNOME
* + + D: hin th desktop, ging + D trong Windows* + + : chuyn sang workspace trc/k tip* + W: ng ca s hin thi* + Q: thot khi chng trnh hin thi
* + F1: Hin th main menu* + F2: Hin th hp thoi chy dng lnh, ging + R trong Windows* + F5: B phng to ca s hin thi* + F9: Thu nh ca s hin thi* + F10: Phng to ca s hin thi
8. Trong OpenOffice:
* + + B: chuyn font sang dng subscript, ging + + trong MS Word* + + P: chuyn font sang dng supperscript, ging + + + trong MS Word* + 1: Single line spacing
* + 2: Double line spacing* + 5: 1.5 line spacing
9. Trong vi (vim)
Cc phm sau y c s dng trong ch nhp lnh (khng phi ch nhp vn bn). vit v vi th cn mt bi ring, nn y cheva ch nu ra mt s phm/lnh chnh, ch ccphm/lnh sau y c phn bit ch hoa v ch thng:
-
8/6/2019 Commend Line and Some Service
3/24
* G: ti cui file* #G: ti dng th # (v d 10G, 100G)* H: ti u trang* dd: xa dng hin thi* yy: copy dng hin thi
* p: dn xung dng di dng hin thi* P: dn vo trc v tr con tr* /: bt u tm kim* ^: ti u dng* $: ti cui dng* %: ti du ng (m) ngoc tng ng* %s/old_text/new_text/g: thay th tt c cc old_text bng new_text* ch nhp vn bn, g + P s dng auto text completion
Cch copy file v folder t my linux ti my linux
dng commandPosted: Thng Su 9, 2011 by Anh Tun in Linux0
Rate This
copy t linux sang linux c rt nhiu cch, nh: samba, nfs, scp,
1. Samba th phi ci t cu hnh hi phc tp 1 cht, nhng li 1 ci l c th share cho c ccmy xi windows->v vy b qua ci ny.
2. NFS cu hnh d dng hn, tc copy nhanh nht trong my cch trn.Sau y l hng dn c bn cch copy bng nfs.
2.1.Trn my ngun:
[root@test ~]# nano /etc/exports
Ti y ta s thy cc th mc c export ra cho my khc. V d:
/u03 10.0.0.*(ro,sync,no_root_squash).
Ngha l export th mc /u03 cho cc my thuc lp 10.0.0.x. nu mun tt c cc my u thyta c th dng
/u03 *(ro,sync,no_root_squash)
-
8/6/2019 Commend Line and Some Service
4/24
ro: ngha l share ch c, nu mun ghi th l rw Cc tham s cn li ko quan trng ch l ch copy ng b or khng ng b(sync hoc async). Sau khi ng li service nfs thayi c hiu lc
[root@test ~]# service nfs restart
Shutting down NFS mountd: [ OK ]Shutting down NFS daemon: [ OK ]Shutting down NFS quotas: [ OK ]Shutting down NFS services: [ OK ]Starting NFS services: [ OK ]Starting NFS quotas: [ OK ]Starting NFS daemon: [ OK ]Starting NFS mountd: [ OK ]
2.2. Trn my ch. Thc hin lnh mount th mc export t my ngun.
[root@test ~]# mount -t nfs 192.168.3.10:/u03 /mnt/u02
/u03 chnh l th mc bn my ngun.
/mnt/u02 chnh l th mc bn my ch ta mun mount n.
Khi thnh cng bc ny ta c th vo th mc /mnt/u02 s thy cc file ca /u03.
3. Lnh scp dng copy qua port ssh, s chm hn nfs mt cht nhng ko phi cu hnh.
scp -r user@destination:/file or folder /folderV d
scp -r [email protected]:/oracle/backup /oracle
s copy ton b th mc backup v /oracle
Khi g lnh trn s yu cu ng key(chn yes) v nhp mt khu user
Hng dn ci t samba n gin
Posted: Thng Mi Mt 19, 2010 by Anh Tun in Linux0
Rate This
1. Install Samba
-
8/6/2019 Commend Line and Some Service
5/24
Trch dn# yum -y install samba
2. To Folder luu de mount HDD hoc luu tr
Trch dn#mkdir/cpanel
3. Cu hnh Samba
./ M File smb.conf >
Trch dn#vim /etc/samba/smb.conf
./ Kim ch no c dng nh bn di > nhn phm Insert s
Trch dnsecurity = user
passdb backend = tdbsam
Thm du # trc 2 dng
Trch dn#security = user
#passdb backend = tdbsam./ Thm vo cui File smb.confdng ni dung sau
Trch dn[Cpanel]path = /cpanel
writable = yes
browseable = yes
public = yes
./ Thot ra: Phm ESC > Nhn phm sau: :wq > Enter
./ Chnh cho Samba start lc khi ng
Trch dn
-
8/6/2019 Commend Line and Some Service
6/24
#chkconfig smb on
./ Khi ng Samba
Trch dn
#service smb start
4. Set quyn li
Trch dn#chmod 777 /cpanel -R
Nh tt Firewall
Windows > Start > Run > \\IP_my_Linux
inux command linePosted: Thng Mi Mt 19, 2010 by Anh Tun in Linux1
Rate This
Command Description
apropos whatisShow commands pertinent to string. See threadsafe
man -t man | ps2pdf > man.pdf make a pdf of a manual page
which command Show full path name of command time command See how long a command takes
time cat Start stopwatch. Ctrl-d to stop. See also s
dir navigation
cd - Go to previous directory
cd Go to $HOME directory
(cd dir && command)Go to dir, execute command and return tocurrent dir
pushd .Put current dir on stack so you can popdto it
file searching
alias l=ls -l color=auto quick dir listing
ls -lrtList files by date. See also newest andfind_mm_yyyy
ls /usr/bin | pr -T9 -W$COLUMNS Print in 9 columns to width of terminal
-
8/6/2019 Commend Line and Some Service
7/24
find -name *.[ch] | xargs grep -E exprSearch expr in this dir and below. See afindrepo
find -type f -print0 | xargs -r0 grep -F exampleSearch all regular files for example in thdir and below
find -maxdepth 1 -type f | xargs grep -F exampleSearch all regular files for example in thdir
find -maxdepth 1 -type d | while read dir; do echo $dir;echo cmd2; done
Process each item with multiple comman(in while loop)
find -type f ! -perm -444Find files not readable by all (useful for wsite)
find -type d ! -perm -111Find dirs not accessible by all (useful for site)
locate -r file[^/]*\.txtSearch cached index for names. This re isglob *file*.txt
look reference Quickly search (sorted) dictionary for pre
grepcolorreference /usr/share/dict/wordsHighlight occurances of regular expressiodictionary
archives and compression
gpg -c file Encrypt file
gpg file.gpg Decrypt file
tar -c dir/ | bzip2 > dir.tar.bz2 Make compressed archive of dir/
bzip2 -dc dir.tar.bz2 | tar -xExtract archive (use gzip instead of bzip2tar.gz files)
tar -c dir/ | gzip | gpg -c | ssh user@remote ddof=dir.tar.gz.gpg
Make encrypted archive of dir/ on remotemachine
find dir/ -name *.txt | tar -c files-from=- | bzip2 >dir_txt.tar.bz2
Make archive of subset of dir/ and below
find dir/ -name *.txt | xargs cp -a target-directory=dir_txt/ parents
Make copy of subset of dir/ and below
( tar -c /dir/to/copy ) | ( cd /where/to/ && tar -x -p )Copy (with permissions) copy/ dir to/where/to/ dir
( cd /dir/to/copy && tar -c . ) | ( cd /where/to/ && tar -x -p )Copy (with permissions) contents of copyto /where/to/
( tar -c /dir/to/copy ) | ssh -C user@remote cd /where/to/&& tar -x -p
Copy (with permissions) copy/ dir toremote:/where/to/ dir
dd bs=1M if=/dev/sda | gzip | ssh user@remote ddof=sda.gz
Backup harddisk to remote machine
rsync (Network efficient file copier: Use the dry-run option for testing)
rsync -P rsync://rsync.server.com/path/to/file file Only get diffs. Do multiple times for
-
8/6/2019 Commend Line and Some Service
8/24
troublesome downloads
rsync bwlimit=1000 fromfile tofileLocally copy with rate limit. Its like niceI/O
rsync -az -e ssh delete ~/public_html/remote.com:~/public_html
Mirror web site (using compression andencryption)
rsync -auz -e ssh remote:/dir/ . && rsync -auz -e ssh .remote:/dir/
Synchronize current directory with remotone
ssh (Secure SHell)
ssh $USER@$HOST commandRun command on $HOST as $USER (decommand=shell)
ssh -f -Y $USER@$HOSTNAME xeyesRun GUI command on $HOSTNAME as$USER
scp -p -r $USER@$HOST: file dir/Copy with permissions to $USERs homedirectory on $HOST
ssh -g -L 8080:localhost:80 root@$HOST Forward connections to $HOSTNAME:8out to $HOST:80
ssh -R 1434:imap:143 root@$HOSTForward connections from $HOST:1434 imap:143
ssh-copy-id $USER@$HOSTInstall $USERs public key on $HOST fopassword-less log in
wget (multi purpose download tool)
(cd dir/ && wget -nd -pHEKkhttp://www.pixelbeat.org/cmdline.html)
Store local browsable version of a page tocurrent dir
wget -c http://www.example.com/large.file Continue downloading a partially downlofile
wget -r -nd -np -l1 -A *.jpg http://www.example.com/dir/Download a set of files to the currentdirectory
wget ftp://remote/file[1-9].iso/ FTP supports globbing directly
wget -q -O- http://www.pixelbeat.org/timeline.html | grep ahref | head
Process output directly
echo wget url | at 01:00 Download url at 1AM to current dir
wget limit-rate=20k urlDo a low priority download (limit to 20Kin this case)
wget -nv spider force-html -i bookmarks.html Check links in a file
wget mirror http://www.example.com/Efficiently update a local copy of a site(handy from cron)
networking (Note ifconfig, route, mii-tool, nslookup commands are obsolete)
ethtool eth0 Show status of ethernet interface eth0
ethtool change eth0 autoneg off speed 100 duplex full Manually set ethernet interface speed
-
8/6/2019 Commend Line and Some Service
9/24
iwconfig eth1 Show status of wireless interface eth1
iwconfig eth1 rate 1Mb/s fixed Manually set wireless interface speed
iwlist scan List wireless networks in range
ip link show List network interfaces
ip link set dev eth0 name wan Rename interface eth0 to wan ip link set dev eth0 up Bring interface eth0 up (or down)
ip addr show List addresses for interfaces
ip addr add 1.2.3.4/24 brd + dev eth0 Add (or del) ip and mask (255.255.255.0
ip route show List routing table
ip route add default via 1.2.3.254 Set default gateway to 1.2.3.254
host pixelbeat.orgLookup DNS ip address for name or viceversa
hostname -iLookup local ip address (equivalent to ho`hostname`)
whois pixelbeat.org Lookup whois info for hostname or ip ad
netstat -tupl List internet services on a system
netstat -tup List active connections to/from system
windows networking (Note samba is the package that provides all this windows specific networkingsupport)
smbtree Find windows machines. See also findsm
nmblookup -A 1.2.3.4Find the windows (netbios) name associawith ip address
smbclient -L windows_boxList shares on windows machine or sambserver
mount -t smbfs -o fmask=666,guest //windows_box/share/mnt/share
Mount a windows share
echo message | smbclient -M windows_boxSend popup to windows machine (off bydefault in XP sp2)
text manipulation (Note sed uses stdin and stdout. Newer versions support inplace editing with the -i op
sed s/string1/string2/g Replace string1 with string2
sed s/\(.*\)1/\12/g Modify anystring1 to anystring2
sed / *#/d; /^ *$/d Remove comments and blank lines
sed :a; /\\$/N; s/\\\n//; ta Concatenate lines with trailing \
sed s/[ \t]*$// Remove trailing spaces from lines
sed s/\([`"$\]\)/\\\1/gEscape shell metacharacters active withindouble quotes
seq 10 | sed s/^/ /; s/ *\(.\{7,\}\)/\1/ Right align numbers
-
8/6/2019 Commend Line and Some Service
10/24
sed -n 1000{p;q} Print 1000th line
sed -n 10,20p;20q Print lines 10 to 20
sed -n s/.*\(.*\).*/\1/ip;T;q Extract title from HTML web page
sed -i 42d ~/.ssh/known_hosts Delete a particular line
sort -t. -k1,1n -k2,2n -k3,3n -k4,4n Sort IPV4 ip addresses echo Test | tr [:lower:] [:upper:] Case conversion
tr -dc [:print:] < /dev/urandom Filter non printable characters
tr -s [:blank:] \t
-
8/6/2019 Commend Line and Some Service
11/24
cal 9 1752 Display a calendar for a particular month
date -d fri What date is it this friday. See also day
[ $(date -d "tomorrow" +%d) = "01" ] || exitexit a script unless its the last day of themonth
date date=25 Dec +%A What day does xmas fall on, this year date date=@2147483647
Convert seconds since the epoch (1970-0UTC) to date
TZ=America/Los_Angeles dateWhat time is it on west coast of US (usetzselect to find TZ)
date date=TZ=America/Los_Angeles 09:00 next FriWhats the local time for 9AM next Fridawest coast US
locales
printf %d\n 1234Print number with thousands groupingappropriate to locale
BLOCK_SIZE=\1 ls -l Use locale thousands grouping in ls. See
echo I live in `locale territory` Extract info from locale database
LANG=en_IE.utf8 locale int_prefixLookup locale info for specific country. Salso ccodes
locale | cut -d= -f1 | xargs locale -kc | less List fields available in locale database
recode (Obsoletes iconv, dos2unix, unix2dos)
recode -l | lessShow available conversions (aliases on eline)
recode windows-1252.. file_to_change.txt Windows ansi to local charset (auto doCRLF conversion)
recode utf-8/CRLF.. file_to_change.txt Windows utf8 to local charset
recode iso-8859-15..utf8 file_to_change.txt Latin9 (western europe) to utf8
recode ../b64 < file.txt > file.b64 Base64 encode
recode /qp.. < file.qp > file.txt Quoted printable decode
recode ..HTML < file.txt > file.html Text to HTML
recode -lf windows-1252 | grep euro Lookup table of characters
echo -n 080 | recode latin-9/x1..dumpShow what a code represents in latin-9
charmap echo -n 0x20AC | recode ucs-2/x2..latin-9/x Show latin-9 encoding
echo -n 0x20AC | recode ucs-2/x2..utf-8/x Show utf-8 encoding
CDs
gzip < /dev/cdrom > cdrom.iso.gz Save copy of data cdrom
mkisofs -V LABEL -r dir | gzip > cdrom.iso.gz Create cdrom image from contents of dir
-
8/6/2019 Commend Line and Some Service
12/24
mount -o loop cdrom.iso /mnt/dirMount the cdrom image at /mnt/dir (readonly)
cdrecord -v dev=/dev/cdrom blank=fast Clear a CDRW
gzip -dc cdrom.iso.gz | cdrecord -v dev=/dev/cdrom -Burn cdrom image (use dev=ATAPI -scato confirm dev)
cdparanoia -BRip audio tracks from CD to wav files incurrent dir
cdrecord -v dev=/dev/cdrom -audio -pad *.wavMake audio CD from all wavs in current (see also cdrdao)
oggenc tracknum=track track.cdda.wav -o track.ogg Make ogg file from wav file
disk space (See also FSlint)
ls -lSr Show files by size, biggest last
du -s * | sort -k1,1rn | headShow top disk users in current dir. See aldutop
du -hs /home/* | sort -k1,1h Sort paths by easy to interpret disk usage
df -h Show free space on mounted filesystems
df -i Show free inodes on mounted filesystems
fdisk -lShow disks partitions sizes and types (runroot)
rpm -q -a qf %10{SIZE}\t%{NAME}\n | sort -k1,1nList allpackages by installed size (Bytes)rpm distros
dpkg-query -W -f=${Installed-Size;10}\t${Package}\n |sort -k1,1n
List allpackages by installed size (KBytedeb distros
dd bs=1 seek=2TB if=/dev/null of=ext3.testCreate a large test file (taking no space). also truncate
> file truncate data of file or create an empty fi
monitoring/debugging
tail -f /var/log/messages Monitor messages in a log file
strace -c ls >/dev/nullSummarise/profile system calls made bycommand
strace -f -e open ls >/dev/null List system calls made by command
ltrace -f -e getenv ls >/dev/null List library calls made by command
lsof -p $$ List paths that process id has open
lsof ~ List processes that have specified path op
tcpdump not port 22Show network traffic except ssh. See alsotcpdump_not_me
ps -e -o pid,args forest List processes in a hierarchy
ps -e -o pcpu,cpu,nice,state,cputime,args sort pcpu | sed /^ List processes by % cpu usage
-
8/6/2019 Commend Line and Some Service
13/24
0.0 /d
ps -e -orss=,args= | sort -b -k1,1n | pr -TW$COLUMNSList processes by mem (KB) usage. See aps_mem.py
ps -C firefox-bin -L -o pid,tid,pcpu,state List all threads for a particular process
ps -p 1,2 List info for particular process IDs last reboot Show system reboot history
free -mShow amount of (remaining) RAM (-mdisplays in MB)
watch -n.1 cat /proc/interrupts Watch changeable data continuously
udevadm monitor Monitor udev events to help configure ru
system information (see also sysinfo) (# means root access is required)
uname -a Show kernel version and system architect
head -n1 /etc/issue Show name and version of distribution
cat /proc/partitions Show all partitions registered on the syste grep MemTotal /proc/meminfo Show RAM total seen by the system
grep model name /proc/cpuinfo Show CPU(s) info
lspci -tv Show PCI info
lsusb -tv Show USB info
mount | column -tList mounted filesystems on the system (align output)
grep -F capacity: /proc/acpi/battery/BAT0/info Show state of cells in laptop battery
# dmidecode -q | less Display SMBIOS/DMI information# smartctl -A /dev/sda | grep Power_On_Hours
How long has this disk (system) beenpowered on in total
# hdparm -i /dev/sda Show info about disk sda
# hdparm -tT /dev/sda Do a read speed test on disk sda
# badblocks -s /dev/sda Test for unreadable blocks on disk sda
interactive (see also linux keyboard shortcuts)
readline Line editor used by bash, python, bc, gnu
screen Virtual terminals with detach capability, mc
Powerful file manager that can browse rptar, ftp, ssh,
gnuplot Interactive/scriptable graphing
links Web browser
xdg-open .open a file or url with the registered deskapplication
-
8/6/2019 Commend Line and Some Service
14/24
Cch s dng Telnet v ng dng
1- Gii thiu:Telnet l mt chng trnh cho php bn kt ni v ng nhp vo mt my tnh xa (trongLAN, internet). Khi kt ni thnh cng, my tnh ca bn s thc hin chc nng nh trm trunggian gi yu cu n my tnh xa.
Bn c th dng my tnh ca mnh truy cp thng tin, thc thi cc chng trnh v s dngmt s ti nguyn khc trn my tnh xa.
2- S dng telnet:Bt u t command prompt, g vo telnet, nu bn dng 9x, n s a bn vo trnh windowstelnet. Bn cng c th chy menu Start/Run. ch nh lnh, bn c th dng cc lnh sau:OPEN : m mt kt nI n my tnh xa, gi l 1telnet sessionCLOSE : ng kt ni v tr v du nhc I lnhQUIT: ng kt ni v thot telnet
: nhn phm enter s a bn thot khI ch du nhc lnh v tr li telnet sessionSET ECHO: bt/tt ch hin cc lnh nh vo trong windows telnet. Lu trong 2k s lSET LOCAL_ECHO
kt ni, ta dng lnh OPEN hoc cng c th trc tip bng lnhtelnet vd:telnet anyhost.com 12345Trying 123.123.112.12 port 12345Connected to anyhost.comEscape character is.
Sau khi kt ni xong, bn trong mt telnet session. C th dng k t escape trn trv du nhc lnh.
3- ng dng telnet truy cp POP email:a- c mail:Cc internet mail server cho php truy cp thng qua giao thc POP (Post Office Protocol), cng110. Nu POP server bn ang dng l anyhost.com, th ta s dng lnh sau: telnet anyhost.com110Mt s cc lnh c th bn cn dng khi truy cp POP emailUSER : m hp th ca usernamePASS : mt khu cho hp th
LIST : lit k cc emails trong hp thRETR : xem th c th t l number, c lit k trong lnh LISTTOP : xem th nh RETR, nhng dng li khi hin c sdng nht nhDELE : xa th c th t numberQUIT : ng telnet session
V d, ta s truy cp vo yahoo xem mail, ta thc hin lnh:telnet pop.mail.yahoo.com 110 v ch mt cht...
-
8/6/2019 Commend Line and Some Service
15/24
Nu thnh cng, bn s nhn c dng thng tin sau:+OK hello from popgate
K t y, nu trc khi m 1 telnet session, bn c dng SET ECHO, th nhng g bn nhvo s hin ln, khng th bn phi nhp cc lnh tht chnh xcNhp tn user
USER w_hat95+OK password required
Nhp mt khuPASS anhyeuemnhieulam+OK maildrop ready, 2 messages (2983 octets) (34232 2324232)
y, mail box ca ti c 2 tin, k n l tng kch thc ca cc email, cc s cn li bnkhng cn quan tmBn dng lnh list lit k cc email, bao gm stt v size:list
1 17282 1205.
xem mt mail c stt no , bn dng lnh retr retr 1Ch mt cht, bn s nhn c nhng thng tin y v mail , bao gm ton b header vni dung
vd:+OK 1783 octetsX-Apparently-To: [email protected] via web20306.mail.yahoo.com; 04 Jan 2002 23:48:08 -0800 (PST)
X-RocketRCL: 1037;1;2465408753Received: from web11904.mail.yahoo.com (216.136.172.18)by mta621.mail.yahoo.com with SMTP; 04 Jan 2002 23:48:08 -0800 (PST)Message-ID: Received: from [61.214.156.105] by web11904.mail.yahoo.com via HTTP; Fri, 04 Jan2002 23:48:08 PSTDate: Fri, 4 Jan 2002 23:48:08 -0800 (PST)From: Joel Subject: Re: hi?To: F M In-Reply-To:
MIME-Version: 1.0Content-Type: multipart/alternative; boundary="0-888944639-1010216888=:34368"......vvv.
V nhng thng tin trong email header,bn t tm hiu ly! )Nu nhng thng tin lit k trn qu nhiu, bn khng kp xem, hy dng lnh top lit k theo s lng dng nht nh
-
8/6/2019 Commend Line and Some Service
16/24
vd: top 1 10 -> s lit k 10 dng u (k c header) ca email s 1, sau khi hin xong 10 dngcho bn xem, ch vi giy, n s tip tc hin cc dng k tip cho n khi ton b email cxem!?
xa 1 email, bn dng lnh dele vd: dele 2 -> s xa email th 2 trong danh sch
Sau khi check xong emails, bn ng telnet session bng lnh QUIT, bn s c a v dunhc lnhBt li ca vic check email POP dng telnet l bn khng c c giao din d nhn nh cctrnh check POP mail khc. Bn cng khng th tr li t cc mail c c.
b- Gi mail:Tng t nh trn, cc internet mail server s cung cp mt giao thc l SMTP (Simple MailTransfer Protocol) cho php bn send email thng qua server , cng 25.
Mt s lnh bn cn dng:HELO : gii thiu host, thng tin ny khng cn thit
MAIL FROM: RCPT TO: DATA : sau khi enter, bn nhp ni dung email. Sau khi nhp xong, munkt thc, bn phi xung hng v nhp du chm '.'RSET xa cc thng tin ln gi mi nht, dng khi bn mun gi n mt ngi khcQUIT : thotHELP xem tr gip v cc lnh, lnh ny ty thuc vo mail server bn ang connect
V d, i vi yahoo:Bn thc hin lnh telnet smtp.mail.yahoo.com 25Ch mt lc, nu kt ni thnh cng, bn s nhn c thng tin sau:220 smtp011.mail.yahoo.com ESMTP
Kt ni:helo smtp.mail.yahoo.com250 smtp011.mail.yahoo.com
Nhp thng tin ngi gi:mail from: [email protected] okNhp thng tin ngi nhn:rcpt to:[email protected] Joel250 okNhp ni dung:
data blsdfsdfsd354 go ahead
Subject: hi Joel, how r u these days?Hi Joel,R u busy this late evening?If ur free, get to Mo^.ng Mo* bar. I need to talk to you.See ya,
-
8/6/2019 Commend Line and Some Service
17/24
W_Hat.250 ok 1010373599 qp 48077
ng telnet sessionQuit
Bn c th thao kho mt v d v send mail thng qua SMTP ti:http://www.kbcafe.com/articles/smtp.html
2-Th ba, ngy 12 thng mt nm 20103- Hng Dn Ci t Firewall-Proxy
Chng ta xy dng m hnh Firewall kt hp Proxy qun l mi hnh ng trong hthng, trnh c nhng ri ro khng mong mun.M hnh tham kho nh sau:
thc hin, chng ta cn ci t cc chng trnh sau: ShoreWall: lm firewall, qun l traffic, chn ng dng da vo port, Squid: lm proxy, cache web, qun l hnh vi user, Sarg: monitor proxy.
Do ti nguyn hn hp, nn ta thc hin n trn cng 1 my, RAM chng 2GB l c.Bi vit ny dng Cent OS 5.4 (p dng lun cho cc distro ca cent, nh RedHat).Cc gi h tr cho ci t:
#yum install -y gcc gcc-c++ ;compilerCi t gi rpmforge-release t http://dag.wieers.com/rpm/packages/rpmforge-release/#wget http://dag.wieers.com/rpm/packages/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.i386.rpm#rpm ivh /rpmforge-release-0.3.6-1.el5.rf.i386.rpmGi ny n t ng i tm nhng th cn thit cho ta khi cn.
I. ShoreWall:1. Gii thiu:
Shorewall l chng trnh qun l iptables, gip ta iu khin c hnh vi traffic mcL3.2. Ci t:Download cc gi cn thit, n nh ti thi im tihttp://www.shorewall.net/pub/shorewall/#mkdir /source#cd source#wget http://www.shorewall.net/pub/shorewall/4.2/shorewall-4.2.2/shorewall-shell-
-
8/6/2019 Commend Line and Some Service
18/24
4.2.2.tar.bz2#wget http://www.shorewall.net/pub/shorewall/4.2/shorewall-4.2.2/shorewall-perl-4.2.2.2.tar.bz2#wget http://www.shorewall.net/pub/shorewall/4.2/shorewall-4.2.2/shorewall-common-4.2.2.1.tar.bz2
#tar -jxvf shorewall-shell-4.2.2.tar.bz2#tar -jxvf shorewall-perl-4.2.2.2.tar.bz2#tar -jxvf shorewall-common-4.2.2.1.tar.bz2
Vo cc directory va gii nn, ci t:#./install.shVo ni cha cc file cu hnh cho shorewall#cd /etc/shorewall
To cc zones trong /etc/shorewall/zones#ZONE TYPE OPTIONS IN OUT
# OPTIONS OPTIONSfw firewallloc ipv4net ipv4dmz ipv4
Khai bo cc interfaces tng ng vi cc zonez trong file /etc/shorewall/interfaces#ZONE INTERFACE BROADCAST OPTIONSnet eth0loc eth1dmz eth2
Khai bo trong cc policy trong /etc/shorewall/policy#SOURCE DEST POLICY LOG LIMIT: CONNLIMIT:# LEVEL BURST MASKloc net REJECT infoloc dmz REJECT infoloc fw REJECT infonet all ACCEPT infodmz all ACCEPT info$FW all ACCEPT
Dng SNAT cc my trong LAN, DMZ i internet bng IP public, trong file/etc/shorewall/masq#INTERFACE SOURCE ADDRESS PROTO PORT(S) IPSEC MARKeth0 eth1eth0 eth2
Dng DNAT cc my ngoi internet truy cp vo my ta publish, trong file/etc/shorewall/rules
-
8/6/2019 Commend Line and Some Service
19/24
#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARKCONNLIMIT TIME
ACCEPT loc fw icmp echo-requestACCEPT loc dmz icmp echo-request
ACCEPT loc net tcp 80,443ACCEPT loc net udp 53DNAT net dmz:172.27.1.104 tcp 80 - ; gi s ta ang publish web server 172.27.1.104
REDIRECT loc 3128 tcp www - !172.27.1.105 ;172.27.1.105 l my Proxy server, dngny user truy cp internet u b t ng qua cho proxy x l.
Chnh li STARTUP_ENABLED=Yes trong file /etc/shorewall/shorewall.conf# vi /etc/shorewall/shorewall.confSTARTUP_ENABLED=Yes
Start dch v shorewall:#shorewall start#shorewall restart#shorewall clear //Xa cc rule trong cache
Vy l xong phn shorewall.
II. Squid:1. Gii thiu:Hin c rt nhiu chng trnh lm proxy, nhng ta chn squid bi nhng tnh nng uvit ca n (tnh ti thi im hin ti): Qun l cache theo kiu chia nh, gip truy cp nhanh hn (trong khi ISA th gom 1cc, v 15GB th die) H tr ICP , t ng cp nht thng tin ca nhng URL c sn trong cache, m boni dung mi lin tc ( mt s chng trnh proxy khng h tr ci ny phi set thi gianupdate, ch khng ch c c thng tin c). Khc phc c tnh trng ch h tr HTTP, HTTPs, FTP nh cc proxy khc. .C th lm c mi th theo mnh trn squid.
2. Ci t:#yum -y install squidCu hnh cc thng s c bn:(ta ch cn thay i mt s ty chn l squid c th hotng c, mc nh squid cm tt c cc browser truy cp)Ta nn copy file squid.conf.default thnh file squid.conf.#cp /etc/squid/squid.conf.default /etc/squid.conf#vi /etc/squid/squid.conf#squid lang nghe cac proxy client tren port 3128, c th i li port ty thch
-
8/6/2019 Commend Line and Some Service
20/24
#thong so transparent de no co the lam viec voi firewall redirecthttp_port 3128 transparent //line 919
#port su dung ICPicp_port 3130 //line 1449
#cahe_mem = RAM/3, o day la RAM he thong = 256cache_mem 60 MB //line 1576cache_swap_low 90 //line 1838cache_swap_high 95
#cache_dir: cu hnh th mc lu d liu c cache#default: cache_dir ufs /var/spool/squid 100 16 256#squid se luu cache tai /var/spool/squid voi kich thuoc cache=5000MB#level-1 subdirectory =16 la so thu muc con tao trong squid#level-2 subdirectory=256
cache_dir ufs /var/spool/squid 5000 16 256 //line 1782#cache_access_log: lu tr activity request ca client yu cu n proxy server truycp webcache_access_log /var/log/squid/access.log //line 1961
#cache_log: lu tr thng tin chung v cachecache_log /var/log/squid/cache.log //line 1962
#cache_store_log: lu tr cc thng tin v i tng c cache trn proxy, thi gian lutr...cache_store_log /var/log/squid/store.log //line 1971
#cache_effective_user, cache_effective_group: ngi dng v nhm c th thay i squidcache_effective_user squidcache_effective_group squid
cache_replacement_policy heap LFUDA // thut ton cache amemory_replacement_policy heap GDSF //thut ton cache RAMmaximum_object_size_in_memory 32 KB // file ln nht c th RAM cachemaximum_object_size 1000 MB // file ln nht c th cache
#Access Control List v Access Control Operators: dng ngn chn vic truy xut davo tn #min, a ch IP. Mc nh, squid t chi tt c, v vy phi cu hnh li
acl mynetwork src "/etc/squid/allowip.txt" //line 591http_access allow mynetworkhttp_access deny all
visible_hostname squid
-
8/6/2019 Commend Line and Some Service
21/24
Khi ng squid:#/etc/init.d/squid startNu c bo li do khng c quyn ghi trong /var/spool/squid, ta phi gn cho user/groupsquid c quyn 770.
#chmod 770 /var/spool/squidCho n auto start:#chkconfig squid on
3. Ty bin nng cao trong squid:a. Cm truy cp website da trn domain nh:Thm vo trong file cu hnh mt s phn nh sau:#vi /etc/squid/squid.conf//deny website in ban_listacl denywebsite dstdom_regex "/etc/squid/ban_list"
http_access deny denywebsiteTo file ban_list#vi /etc/squid/ban_listyahoo.comvnexpress.netnhacso.net
b. Hn ch ni dung cc file download:#vi /etc/squid/squid.confacl home_network src 192.168.1.0/24acl denyfiletypes url_regex -i .mp3$ .mpg$ .mpeg$ .mp2$ .avi$ .wmv$ .wma$ .exe$http_access deny denyfiletypeshttp_access allow home_network
Nu mun ch cho 1 net no c download th thm vo !net_muon_choacl it-server src "/etc/squid/it-server.txt"http_access deny denyfiletypes !it-serversau son file it-server.txt gm net mnh mun cho download cc file trn
c. Cu hnh squid proxy iu khin bng thng:Thm vo file cu hnh mt s phn nh sau:#Add control bandwidthacl ip src "/etc/squid/ip.txt"acl all src 0.0.0.0/0.0.0.0#Add control bandwidthdelay_pools 1delay_class 1 2delay_access 1 allow ipdelay_access 1 deny all
-
8/6/2019 Commend Line and Some Service
22/24
delay_parameters 1 -1/-1 15000/15000
Vi delay_parameters 1 -1/-1 15000/15000 ta s gii hn bng thng cho cc clientkhng th vt qu 15000 tng ng 15Kbps.Sau to file /etc/squid/ip.txt nh sau:
#vi /etc/squid/ip.txt192.168.1.33/24192.168.1.34/24
d. Cu hnh ni dung hin ra khi client b cm truy cp site no :Chnh sa file /usr/share/squid/errors/English/ERR_ACCESS_DENIED#vi /usr/share/squid/errors/English/ERR_ACCESS_DENIEDgi th ty bin ni dung hin ra khi user truy cp mt trang web no m ta cm.
e. Hn ch dung lng download:Gi s ta hn ch khng cho download trn 10MB, ngoi tr IT
Nu mun ch cho 1 net no c download th thm vo !net_muon_cho#vi /etc/squid/squid.confacl network src "/etc/squid/network.txt"acl it-server src "/etc/squid/it-server.txt"reply_body_max_size 10000000 allow network !it-server
Xem thng tin squid:#squidclient mgr:info //xem tnh trng cache#uptime //xem ti#top //xem tng hp tnh trng h thng
III. Cu hnh Sarg monitor squid log:D nhin ta cn phi monitor squid log bit c user truy cp site no nhiu,download ci g, 1. Ci t:#yum -y install gd gd-devel#yum -y install sarg
Nn 2 thng s sau trong file cu hnh ca sarg#vi /etc/sarg/sarg.confaccess_log /var/log/squid/access.log ( file log ca squid )output_dir /var/www/sarg/ONE-SHOT ( th mc cha report )
Cho php IP no c xem report ca sarg:#vi /etc/httpd/conf.d/sarg.confAllow from 192.168.0.1,127.0.0.1 //allow IP to see report
Cc file script ly thng tin theo ngy, theo tun, theo thng:#vi /etc/cron.daily/sarg#!/bin/bash
-
8/6/2019 Commend Line and Some Service
23/24
# Get yesterday's dateYESTERDAY=$(date --date "1 days ago" +%d/%m/%Y)
exec /usr/bin/sarg \
-o /var/www/sarg/daily \-d $YESTERDAY &>/dev/nullexit 0
#vi /etc/cron.weekly/sarg#!/bin/bash
# Get one week ago dateWEEKAGO=$(date --date "7 days ago" +%d/%m/%Y)
exec /usr/bin/sarg \
$LOG_FILES \-o /var/www/sarg/weekly \-d $WEEKAGO-$YESTERDAY &>/dev/nullexit 0
#vi /etc/cron.monthly/sarg#!/bin/bash
# Get 1 month ago dateMONTHAGO=$(date --date "1 month ago" +%d/%m/%Y)
exec /usr/bin/sarg \$LOG_FILES \-o /var/www/sarg/monthly \-d $MONTHAGO-$YESTERDAY &>/dev/nullexit 0
To ch s index:#sarg -ixChy ln u:#/usr/bin/sarg#/etc/cron.daily/sarg#/etc/cron.weekly/sarg#/etc/cron.monthly/sarg
2. Cu hnh Crontab:Trong file /etc/crontab thm vo nhng dng sau#vi /etc/crontab1 0 * * * root /etc/cron.daily/sarg1 1 * * 0 root /etc/cron.weekly/sarg
-
8/6/2019 Commend Line and Some Service
24/24
1 2 1 * * root /etc/cron.monthly/sarg
Note : /etc/init.d/httpd startKim tra: http://IP_server_proxy/sarg
3. Setup Real Time cho Squid:SqStat l mt on script cho php xem cc kt ni ca user ang active qua squid. Ndng cachemgr protocol ly thng tin t squid proxy server.Ta download SqStat t http://samm.kiev.ua/sqstat/ gi sqstat-1.20.tar.gz.Yu cu h thng phi ci squid v php 4.1 tr ln.
Ci t SqStat: gii nn gi download v vo trong th mc /var/www/html/ , i tn thmc sqstat-1.20 thnh realtime, vo th mc realtime i tn file config.inc.php.defaultsli thnh config.inc.php , sa li file config.inc.php vi thng s nh sau :
/* Squid proxy server ip address or host name */
$squidhost[0]="localhost"; //line 13/* Squid proxy server port */$squidport[0]=3128; //y l port lng nghe ca squid, nu squid thay i phi i y
i tn tp tin sqstat.php thnh index.php.Restart httpd.
Vo trnh duyt g http://IP_squid/realtime.
Trn trnh duyt chnh s c nhng thng s nh sau:
Auto refresh : chnh thng s s refresh li sau thi gian c th no ( n v tnh l s ) ,mc nh l 0 sUpdate : ly thng s kt ni ti thi im hin tiStop : dng li
Tham kho ti:http://www.shorewall.net/shorewall_setup_guide.htm#Conceptshttp://www.squid-cache.org/Doc/config/
If you found these helpful, please contribute to help.