tag:blogger.com,1999:blog-25937600859791957512024-03-13T23:31:58.805-07:00Dudu' blog (http://funbsd.8800.org)堵堵http://www.blogger.com/profile/16917369987598193025noreply@blogger.comBlogger10125tag:blogger.com,1999:blog-2593760085979195751.post-80503984433245964782009-04-16T01:13:00.000-07:002009-04-16T01:15:48.210-07:00用 WinDbg 连接 VMware 的客户系统自然是为虚拟机上的系统设置好串口设备<br /><br />设置客户系统的启动配置文件 boot.ini ,在 [operating systems] 段中加入一行以调试模式启动的配置:<br />multi(0)disk(0)rdisk(0)partition(1)WINDOWS="Microsoft Windows XP Professional Debug" /fastdetect /debugport=com1 /baudrate=115200<br />设置 WinDbg 快捷方式的命令行为:<br />"C:\Program Files\Debugging Tools for Windows\windbg.exe" -b -k com:pipe,port=\\.\pipe\com_1,resets=0<br />重新启动虚拟机上的系统,并选择新加入的启动配置进行启动<br />启动 WinDbg ,稍等一下就可以连上了。堵堵http://www.blogger.com/profile/16917369987598193025noreply@blogger.com0tag:blogger.com,1999:blog-2593760085979195751.post-33412829026867512282009-02-23T01:16:00.000-08:002009-02-23T01:17:26.517-08:00一行命令清空硬盘<span class="Apple-style-span" style="border-collapse: collapse; font-family: Verdana; font-size: 12px; -webkit-border-horizontal-spacing: 2px; -webkit-border-vertical-spacing: 2px; "><div class="post" style="margin-top: 5px; margin-right: 5px; margin-left: 5px; "><h1 style="font-size: 20px; font-family: Verdana, Tahoma, sans-serif; color: rgb(51, 51, 51); margin-top: 5px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; "><br /></h1><div class="storycontent"><p><code><br />dd if=/dev/urandom of=设备名⋯⋯</code></p><code><p>设备名:/dev/ar0, /dev/da0, /dev/ad0 ....</p><p>用于清理重要的保密数据。</p></code><p><code>美国军方要求的安全等级需要00,FF,55,AA 20遍+20遍随机数+20遍00,FF,55,AA。<br /></code></p></div><div class="feedback" style="text-align: right; clear: both; margin-right: 30px; font-size: 12px; "></div></div><div class="comments-post" style="margin-top: 5px; margin-right: 5px; margin-left: 5px; "><div id="comments"><a name="respond"></a><h3 style="margin-top: 5px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; font-size: 14px; font-family: Verdana, Tahoma, sans-serif; color: rgb(102, 102, 102); "><br /></h3></div></div></span>堵堵http://www.blogger.com/profile/16917369987598193025noreply@blogger.com0tag:blogger.com,1999:blog-2593760085979195751.post-16500497557249392152009-02-23T01:15:00.000-08:002009-02-23T01:16:17.095-08:00true 指令<span class="Apple-style-span" style="border-collapse: collapse; font-family: Verdana; font-size: 12px; -webkit-border-horizontal-spacing: 2px; -webkit-border-vertical-spacing: 2px; "><div class="post" style="margin-top: 5px; margin-right: 5px; margin-left: 5px; "><div class="storycontent"><p><code>将 /var/log/httpd-access.log 清空.</code></p><code></code><p><code># cd /var/log/<br /># true >; httpd-access.log<br /></code></p><div><span class="Apple-style-span" style="font-family: -webkit-monospace;"><br /></span></div></div><div class="feedback" style="text-align: right; clear: both; margin-right: 30px; font-size: 12px; "></div></div><div class="comments-post" style="margin-top: 5px; margin-right: 5px; margin-left: 5px; "><div id="comments"><a name="respond"></a></div></div></span>堵堵http://www.blogger.com/profile/16917369987598193025noreply@blogger.com0tag:blogger.com,1999:blog-2593760085979195751.post-51390934152209574522009-02-23T01:13:00.000-08:002009-02-23T01:14:26.317-08:00OpenBSD光盘封面图片收藏<span class="Apple-style-span" style="border-collapse: collapse; font-family: Verdana; font-size: 12px; -webkit-border-horizontal-spacing: 2px; -webkit-border-vertical-spacing: 2px; "><p> <span class="Apple-style-span" style="font-family: song; ">一个OPENBSD粉丝的封面图片收藏,可惜不能收集全。目前我只有2.1-4.4的,2.1以前的版本都没找到。</span> <a href="http://www.dugoo.net/wordpress/wp-content/uploads/2009/01/openbsd21_cover.gif" title="openbsd21_cover.gif" style="text-decoration: underline; color: rgb(0, 0, 255); "><img src="http://www.dugoo.net/wordpress/wp-content/uploads/2009/01/openbsd21_cover.thumbnail.gif" alt="openbsd21_cover.gif" style="border-top-style: none; border-right-style: none; border-bottom-style: none; border-left-style: none; border-width: initial; border-color: initial; " /></a> <span class="Apple-style-span" style="font-family: Helvetica; "><a href="http://www.dugoo.net/wordpress/wp-content/uploads/2009/01/openbsd44_cover.gif" title="openbsd44_cover.gif" style="text-decoration: underline; color: rgb(0, 0, 255); "><img src="http://www.dugoo.net/wordpress/wp-content/uploads/2009/01/openbsd44_cover.thumbnail.gif" alt="openbsd44_cover.gif" style="border-top-style: none; border-right-style: none; border-bottom-style: none; border-left-style: none; border-width: initial; border-color: initial; " /></a></span><br /></p><blockquote class="webkit-indent-blockquote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; border-width: initial; border-color: initial; border-top-style: none; border-right-style: none; border-bottom-style: none; border-left-width: 2px; border-left-style: solid; border-left-color: rgb(153, 204, 255); background-image: initial; background-repeat: initial; background-attachment: initial; -webkit-background-clip: initial; -webkit-background-origin: initial; background-color: rgb(255, 255, 255); margin-left: 10px; padding-top: 2px; padding-right: 2px; padding-bottom: 2px; padding-left: 2px; background-position: initial initial; "> <a href="http://www.dugoo.net/cover.html" style="text-decoration: underline; color: rgb(102, 0, 102); "><span class="Apple-style-span" style="font-weight: bold; ">查看全部收藏</span></a> </blockquote></span>堵堵http://www.blogger.com/profile/16917369987598193025noreply@blogger.com0tag:blogger.com,1999:blog-2593760085979195751.post-33973689847643413842009-02-23T01:10:00.000-08:002009-02-23T01:11:43.718-08:00苹果powerpc G4 openbsd键盘 delete不起作用<span class="Apple-style-span" style="border-collapse: collapse; font-family: Verdana; font-size: 12px; -webkit-border-horizontal-spacing: 2px; -webkit-border-vertical-spacing: 2px; "><div class="post" style="margin-top: 5px; margin-right: 5px; margin-left: 5px; "><h1 style="font-size: 20px; font-family: Verdana, Tahoma, sans-serif; color: rgb(51, 51, 51); margin-top: 5px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; "><br /></h1><div class="storycontent"><blockquote class="webkit-indent-blockquote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; border-width: initial; border-color: initial; border-top-style: none; border-right-style: none; border-bottom-style: none; border-left-width: 2px; border-left-style: solid; border-left-color: rgb(153, 204, 255); background-image: initial; background-repeat: initial; background-attachment: initial; -webkit-background-clip: initial; -webkit-background-origin: initial; background-color: rgb(255, 255, 255); margin-left: 10px; padding-top: 2px; padding-right: 2px; padding-bottom: 2px; padding-left: 2px; background-position: initial initial; "><p><span class="Apple-style-span" style="color: rgb(50, 61, 79); font-family: Tahoma; line-height: 16px; ">在console下可以正常使用,delete 键,但是在gnome,fvwm等下面,delete就不好用啦!! 可以说根本不起作用?? </span></p></blockquote><p> <span class="Apple-style-span" style="color: rgb(50, 61, 79); font-family: Tahoma; line-height: 16px; ">在 gnome 與 fvwm 底下,delete 可以用 Ctrl + h 鍵。</span> </p><div><br /></div></div><div class="feedback" style="text-align: right; clear: both; margin-right: 30px; font-size: 12px; "></div></div><div class="comments-post" style="margin-top: 5px; margin-right: 5px; margin-left: 5px; "><div id="comments"><a name="respond"></a></div></div></span>堵堵http://www.blogger.com/profile/16917369987598193025noreply@blogger.com0tag:blogger.com,1999:blog-2593760085979195751.post-57689180065751505132009-02-23T01:08:00.000-08:002009-02-23T01:09:40.092-08:00在手机上使用OpenVPN<span class="Apple-style-span" style="border-collapse: collapse; font-family: Arial; font-size: 12px; -webkit-border-horizontal-spacing: 2px; -webkit-border-vertical-spacing: 2px; ">文给大家介绍一下如何在Windows Mobile上使用OpenVPN.<br />OS:Windoze Mobile 6.0<br />OpenVPN client:2.1.0<br />有时候在外面,又有急事需要登录公司内网,一点办法都没有.如果在手机上能拨通OpenVPN的话,可以处理一些简单的事情.<br />先去OpenVPN官方网站下载客户端程序: <a href="http://ovpnppc.ziggurat29.com/ovpnppc-files.htm." target="_blank" style="font-family: Georgia; vertical-align: middle; line-height: normal; text-decoration: underline; color: rgb(0, 0, 255); ">http://ovpnppc.ziggurat29.com/ovpnppc-main.htm</a>安装很简单,就不多作介绍了.<br />我是安装在StorageCard上的,因此安装目录在\Storage Card\Program Files\OpenVPN,里面有一个config的目录,就是放配置文件的地方.默认安装后有一个sample.ovpn文件,配置例子,可以打开参考一下.<br />其实配置很简单,我因为电脑上安装有openvpn, 后来发现电脑上的配置文件和手机上的基本相同,不同的只是key的路径不同,比如ca.crt,电脑上设置是:<br />ca ca.crt<br />而PPC上设置为:<br />ca “\\Storage Card\\Program Files\\OpenVPN\\config\\ca.crt”(注意斜杠是成双的)<br />还有一点不同的是电脑上区分多个连接是把每个连接的配置文件放在不同目录里,按照目录名来区分;而ppc上则是放在同一目录里,用不同的.ovpn后缀文件名来区分.<br />下面是我的配置文件:<br />==============================================<br />#this is a sample configuration file that I have used successfully. I included it<br />#as a reference baseline that can be used when testing.<br />remote x.x.x.x 1194<br />client<br />proto udp<br />nobind<br />dev tap<br />comp-lzo<br />verb 3<br />resolv-retry infinite<br />persist-key<br />persist-tun<br />#explicit Windows Connection Manager provider selection; like what is on<br />#the Settings 2 tab, but can be set here in the config file. Use either<br />#the provider name or GUID (if you know it). The 1 indicates ‘exclusive’.<br />;conmgr “Sprint” 1<br />;conmgr {F079757F-9357-4000-8305-9CA6B9B6CAEC} 1<br />#especially if we are using the connection manager ‘exclusive’, then you’ll<br />#need to redirect the gateway since the connection provided by connection<br />#manager will be otherwise unavailable (i.e., ‘exclusive’). You’ll probably<br />#need to specify an alternate DNS server as well. These can be pushed from<br />#the server, or if you don’t want to push them you can explicitly set them<br />#here in the client file<br />;redirect-gateway def1<br />;dhcp-option DNS 192.168.173.1<br />#crypto certificate stuff================================<br />#In version 2.1, you can put the files inline using an xml-esque syntax.<br />#Shown here is the syntax (with the equivalent old-style form commented out).<br />#Essentially, you copy the contents of the relevant file here, between<br />#the tags.<br />#Note, the crypto files included here are the openvpn test files and<br />#are for demonstration only.<br />#The CA’s certificate==================<br />ca “\\Storage Card\\Program Files\\OpenVPN\\config\\cac0.crt”<br />#The vpn client’s certificate==========<br />cert “\\Storage Card\\Program Files\\OpenVPN\\config\\c0.crt”<br />#The vpn client’s private! key=========<br />key “\\Storage Card\\Program Files\\OpenVPN\\config\\c0.key”<br />=======================================================<br />现在来测试一下连接:<br />先连接好WiFi,打开安装的OpenVPN客户端,会自动缩小到桌面托盘上,点一下图标,见下图:<br /><img src="http://www.dugoo.net/wordpress/wp-content/uploads/2008/10/capscr0001.jpg" border="0" style="line-height: normal; " /><br />点了c0连接后托盘上的图标会和电脑上的一样变成一闪一闪的黄色,大概几秒钟时间,拨上去后会变成绿色:<br /><img src="http://www.dugoo.net/wordpress/wp-content/uploads/2008/10/capscr0002.jpg" border="0" style="line-height: normal; " /><br />我们可以查看 一下VPN的连接状态:<br /><img src="http://www.dugoo.net/wordpress/wp-content/uploads/2008/10/capscr0003.jpg" border="0" style="line-height: normal; " /><br />可以看见CONNETED字样了吧.再测试一下网络是否通:<br /><img src="http://www.dugoo.net/wordpress/wp-content/uploads/2008/10/capscr0004.jpg" border="0" style="line-height: normal; " /><br />速度还是很快的.</span>堵堵http://www.blogger.com/profile/16917369987598193025noreply@blogger.com0tag:blogger.com,1999:blog-2593760085979195751.post-10795601648870999592008-11-14T02:19:00.000-08:002008-11-14T02:21:10.816-08:00What’s new in OpenBSD 4.3 之:Chroot in OpenSSH.<span class="Apple-style-span" style="border-collapse: collapse; font-family: Verdana; font-size: 12px; -webkit-border-horizontal-spacing: 2px; -webkit-border-vertical-spacing: 2px; "><h1 style="font-size: 20px; font-family: Verdana, Tahoma, sans-serif; color: rgb(51, 51, 51); margin-top: 5px; margin-right: 0px; margin-bottom: 5px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; "><br /></h1><div class="storycontent"><p>原文: <a href="http://openbsd.maroufi.net/sshchroot.shtml" style="text-decoration: underline; color: rgb(0, 0, 255); ">http://openbsd.maroufi.net/sshchroot.shtml </a></p><p>译文:</p><p><br /></p><li><code><span class="Apple-style-span" style="color: rgb(50, 61, 79); font-family: Tahoma; line-height: 16px; ">From OpenBSD 4.3 OpenSSH has the new function ChrootDirectory. This is one of many (including me) long desired function, which up a new environment for SSH considerably simplified. Previously was a chroot SSH very complicated to configure. How does this new feature?</span><span class="Apple-style-span" style="color: rgb(50, 61, 79); font-family: Tahoma; line-height: 16px; "><span style="font-size: 150%; line-height: normal; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">Only SFTP access<br /></span><br />If you want to for its users only SFTP access is the creation of even more simple.<br /><br />In / etc / ssh / sshd_config, the parameters in subsystem sftp on internal-sftp converted:<br /><br />Subsystem SFTP internal-SFTP<br /><br />Then you can users or user groups to assign chroot directory. This is the best match with the directive of sshd:<br /><br />Match Group sftpuser<br />ChrootDirectory /home<br />ForceCommand internal-sftp<br />AllowTCPForwarding no<br /><br />In this case, of course, only the group sftpuser exist. Then, each user group sftpuser the directory / home as his / directory. The ChrootDirectory must always be a directory, the root, and not write for normal users. That is typically not the home directory of a user to ChrootDirectory, but also a directory<br /><br />In addition, you can still order the path to the home directory can be a symbolic link set:<br /><br />cd /home<br />ln -s . home<br /><br /><span style="font-size: 150%; line-height: normal; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><br />Shell-User</span><br /><br />If users are not only sftp can use, but also directly on the shell can work, is something additional configuration needed. The Force Command internal-sftp from above, however, must be removed so that other commands work.<br /><br />For a shell can be used to be such a course within the ChrootDirectory exist. In addition, even a few device files under / dev. Therefore, within the ChrootDirectory the directories dev and I can be:<br /><br />cd /home<br />mkdir bin dev<br /><br />Now the necessary equipment files. It should also ChrootDirectory not in a directory that complies with the option nodev mounted. An device files are arandom, zero, zero, stdin, stderr, stdout and tty requires:<br /><br />Device files on the partition activate:<br /><br />mount -u -o dev /home<br /><br />This change permanent (remove the nodev option in the / etc / fstab):<br /><br />vi /etc/fstab<br /><br />Next on the shell:<br /><br />cd /home/dev<br />mknod -m 644 arandom c 45 4<br />mknod -m 666 null c 2 2<br />mknod -m 666 zero c 2 12<br />mknod -m 666 stderr c 22 2<br />mknod -m 666 stdin c 22 0<br />mknod -m 666 stdout c 22 1<br />mknod -m 666 tty c 1 0<br /><br />Now you just have the shell and other needed programs / bin ChrootDirectory to copy. It must be under no dependencies OpenBSD take due account of all software in / bin are under OpenBSD statically compiled:<br /><br />cd /home/bin<br />cp -p /bin/ksh .<br />cp -p /bin/cp .<br />cp -p /bin/ls .<br />cp -p /bin/mkdir .<br />cp -p /bin/mv .<br />cp -p /bin/rm .<br />cp -p /bin/rmdir .<br />cp -p /bin/sleep .<br />cp -p /bin/test .<br />cp -p /bin/tar .<br />ln tar cpio<br />ln tar pax<br />ln ksh sh<br />ln ksh rksh<br />ln test [<br /><br />As with most of this low not require basic equipment will be more programs from / usr / bin. These can dependencies to libraries from / usr / lib, the man with the utility ldd can examine and then must be copied. It is also possible that some programs other directories and / or files need such as / usr / share or directories under / var or tmp directory. This must be on an individual basis. This is a first simple example:<br /><br /><br />cd /home<br />mkdir -p usr/bin<br />mkdir usr/lib<br />mkdir usr/libexec<br />ldd /usr/bin/env<br />cp -p /usr/bin/env usr/bin<br />cp -p /usr/lib/libc.so.43.0 usr/lib<br />cp -p /usr/libexec/ld.so usr/libexec<br />ldd /usr/bin/grep<br />cp -p /usr/bin/grep usr/bin<br />cp -p /usr/lib/libz.so.4.1 usr/lib<br />cd usr/bin<br />ln grep egrep<br />ln grep fgrep<br />ln grep zgrep<br />ln grep zegrep<br />ln grep zfgrep<br /><br />Something complicate the vi editor. It needs more temporary directories and the terminal database / etc / termcap:<br /><br />cd /home<br />ldd /usr/bin/vi<br />cp -p /usr/bin/vi usr/bin<br />cp -p /usr/lib/libcurses.so.10.0 usr/lib<br />cd usr/bin<br />ln vi ex<br />ln vi view<br />cd ../..<br />mkdir etc var<br />cp -p /etc/termcap etc<br />mkdir -m 1777 tmp<br />mkdir -m 1777 var/tmp<br /><br />Who also would like the ls command with the correct user name and groups can be displayed even the two files / etc / group and / etc / pwd.db into ChrootDirectory copy. They contain no passwords:<br /><br />cd /home<br />cp -p /etc/group etc<br />cp -p /etc/pwd.db etc<br /><br />If the SSH User not mutually into your home directories can look to still have the rights to the home directories even corrected:<br /><br />cd /home<br />chmod 700 username<br /><br />On a Web could also look like (if / var / www / users instead of the previously described / home was used):<br /><br />cd /var/www/users<br />chgrp www username<br /></span><span class="Apple-style-span" style="color: rgb(50, 61, 79); font-family: Tahoma; line-height: 16px; ">chmod 710 username</span></code></li></div></span>堵堵http://www.blogger.com/profile/16917369987598193025noreply@blogger.com0tag:blogger.com,1999:blog-2593760085979195751.post-20988419214304534362008-11-14T02:17:00.000-08:002008-11-14T02:19:14.547-08:00openbsd该使用 base system 里的 Apache-1.3 还是 ports 里的 Apache-2.x?<span class="Apple-style-span" style="border-collapse: collapse; font-family: Verdana; font-size: 12px; -webkit-border-horizontal-spacing: 2px; -webkit-border-vertical-spacing: 2px; "><div class="post" style="margin-top: 5px; margin-right: 5px; margin-left: 5px; "><div class="storycontent"><p class="postbody" style="font-size: 1.1em; line-height: 1.4em; font-family: Tahoma, 'Trebuchet MS', Helvetica, Arial, sans-serif; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">这是今天在 misc@ 里看到的一个提问:<br /></p><p class="codetitle" style="margin-top: 10px; margin-right: 5px; margin-bottom: 0px; margin-left: 5px; padding-top: 2px; padding-right: 4px; padding-bottom: 2px; padding-left: 4px; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 0px; border-left-width: 1px; color: rgb(51, 51, 51); background-color: rgb(169, 184, 194); font-family: Tahoma, Verdana, Helvetica, Arial, sans-serif; font-size: 1.1em; border-top-color: rgb(169, 184, 194); border-right-color: rgb(169, 184, 194); border-bottom-color: rgb(169, 184, 194); border-left-color: rgb(169, 184, 194); border-top-style: solid; border-right-style: solid; border-bottom-style: solid; border-left-style: solid; "><strong style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">代码:</strong></p><p class="codecontent" style="direction: ltr; margin-top: 0px; margin-right: 5px; margin-bottom: 10px; margin-left: 5px; border-top-width: 0px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px; font-weight: normal; color: rgb(0, 102, 0); font-size: 1.1em; font-family: Monaco, 'Courier New', monospace; background-color: rgb(250, 250, 250); border-top-color: rgb(169, 184, 194); border-right-color: rgb(169, 184, 194); border-bottom-color: rgb(169, 184, 194); border-left-color: rgb(169, 184, 194); border-top-style: solid; border-right-style: solid; border-bottom-style: solid; border-left-style: solid; padding-top: 5px; padding-right: 5px; padding-bottom: 5px; padding-left: 5px; ">Hi folks.<br /><br />I need a recomendation for using one or other web server for a shared web hosting for \<br />a small company.<br /><br />Always prefer using Apache from base, whenever I watch that Apache 2 include best \<br />performance compared to 1.3 (included in base), and best reverse proxy for dynamic \<br />web sites.<br /><br />Which must be the best choice for web hosting company having web 2.0, mod_perl and \<br />rails app’s ?<br /><br />Regards.<br /></p><p><br />Marc Balmer(牛人)的回答是:<br /></p><p class="codetitle" style="margin-top: 10px; margin-right: 5px; margin-bottom: 0px; margin-left: 5px; padding-top: 2px; padding-right: 4px; padding-bottom: 2px; padding-left: 4px; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 0px; border-left-width: 1px; color: rgb(51, 51, 51); background-color: rgb(169, 184, 194); font-family: Tahoma, Verdana, Helvetica, Arial, sans-serif; font-size: 1.1em; border-top-color: rgb(169, 184, 194); border-right-color: rgb(169, 184, 194); border-bottom-color: rgb(169, 184, 194); border-left-color: rgb(169, 184, 194); border-top-style: solid; border-right-style: solid; border-bottom-style: solid; border-left-style: solid; "><strong style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">代码:</strong></p><p class="codecontent" style="direction: ltr; margin-top: 0px; margin-right: 5px; margin-bottom: 10px; margin-left: 5px; border-top-width: 0px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px; font-weight: normal; color: rgb(0, 102, 0); font-size: 1.1em; font-family: Monaco, 'Courier New', monospace; background-color: rgb(250, 250, 250); border-top-color: rgb(169, 184, 194); border-right-color: rgb(169, 184, 194); border-bottom-color: rgb(169, 184, 194); border-left-color: rgb(169, 184, 194); border-top-style: solid; border-right-style: solid; border-bottom-style: solid; border-left-style: solid; padding-top: 5px; padding-right: 5px; padding-bottom: 5px; padding-left: 5px; ">Keep in mind that the Webserver in base has seen a lot of security and other<br />improvements like chroot() by default etc. It is not a stock 1.3 Apache,<br />it is only based on Apache 1.3.<br /><br />Apache 2 in ports was only imported to make it possible to test certain<br />thinks.<br /><br />If you care for security, go with the one in base. Huge and highly loaded<br />websites are served with it.<br /></p><p><br />可以通过以下链接跟踪这个 thread:<br /><a href="http://marc.info/?t=122612681000001&r=1&w=2" class="postlink" style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; text-decoration: underline; color: rgb(0, 0, 255); ">http://marc.info/?t=122612681000001&r=1&w=2</a></p><div><br /></div></div><div class="feedback" style="text-align: right; clear: both; margin-right: 30px; font-size: 12px; "></div></div><div class="comments-post" style="margin-top: 5px; margin-right: 5px; margin-left: 5px; "><div id="comments"><a name="respond"></a></div></div></span>堵堵http://www.blogger.com/profile/16917369987598193025noreply@blogger.com0tag:blogger.com,1999:blog-2593760085979195751.post-64332660840189671542008-08-19T22:36:00.000-07:002008-08-19T22:37:34.756-07:00OpenBSD NFS<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <table width="724.0" cellspacing="0" cellpadding="0" style="width: 724.0px; border-collapse: collapse"> <tbody> <tr> <td valign="middle" style="width: 724.0px; padding: 0.0px 5.0px 0.0px 5.0px"> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"><b>Skeletor configuration</b></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">NFS configuration file is /etc/exports. There are many options that you can use in your /etc/exports file, and it is best that you read the exports(5) man page. Assuming the network is 10.0.0.0, we have an /etc/exports that looks like this:</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">CODE</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"># NFS exports Database</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"># See exports(5) for more information. Be very careful, misconfiguration</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"># of this file can result in your filesystems being readable by the world.</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">/mda -alldirs -ro -network=10.0.0 -mask=255.255.255.0</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">This means that the local filesystem /mda will be made available via NFS. -alldirs specifies that clients will be able to mount at any point under the /mda mount point. -ro specifies that it will only be allowed to be mounted read-only. The last two arguments specify that only clients within the 10.0.0.0 network using a netmask of 255.255.255.0 will be authorized to mount this filesystem. This is important for some servers that are accessible by different networks.</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">portmap(8) must be running for NFS to operate. Portmap is off by default on OpenBSD 3.2 and later, so you must add the line</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">CODE</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">portmap=YES</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">to rc.conf.local(8) and reboot.</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">Next, you should add the line</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">CODE</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">nfs_server=YES</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">to /etc/rc.conf.local. This will bring up both nfsd(8) and mountd(8) when you reboot.</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"><b>Beastman configuration</b></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">You should add this code to your /etc/fstab</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">CODE</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">10.0.0.1:/mda /mnt nfs ro 0 0</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">or, if dns or /etc/hosts are configured properly,</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">CODE</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">skeletor:/mda /mnt nfs ro 0 0</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">I hope, you as an experienced user, know what to do with it? Such things as mounting it all without reboot should be common to you - just start the server manually with</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">CODE</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">/sbin/nfsd -tun 4</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">echo -n >/var/db/mountdtab</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">/sbin/mountd</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">And mount with</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">CODE</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">mount -o ro -t nfs skeletor:/mda /mnt</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">To restart the server, run</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">CODE</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">kill -HUP `cat /var/run/mountd.pid`</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">Run this to see stats</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">CODE</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">rpcinfo -p 10.0.0.1</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> </td> </tr> </tbody> </table>堵堵http://www.blogger.com/profile/16917369987598193025noreply@blogger.com0tag:blogger.com,1999:blog-2593760085979195751.post-46656357963967250942008-08-19T22:27:00.000-07:002008-08-19T22:29:31.259-07:00OpenBSD DHCP 多 vlan 配置<table width="724.0" cellspacing="0" cellpadding="0" style="width: 724.0px; border-collapse: collapse"> <tbody> <tr> <td valign="middle" style="width: 724.0px; padding: 0.0px 5.0px 0.0px 5.0px"> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">4<span style="font: 12.0px STHeiti Light">块</span>DLINK 530 ,1<span style="font: 12.0px STHeiti Light">个连接</span>Internet,3<span style="font: 12.0px STHeiti Light">个内网</span></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px STHeiti Light"><span style="font: 12.0px Verdana"> </span>-------------------------------</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"> <span style="font: 12.0px STHeiti Light">|</span> <span style="font: 12.0px STHeiti Light">|</span> <span style="font: 12.0px STHeiti Light">|</span> <span style="font: 12.0px STHeiti Light">|</span></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">vr0 <span style="font: 12.0px STHeiti Light">连接</span>Internet vr1 <span style="font: 12.0px STHeiti Light">内网交换机</span>1 vr2 <span style="font: 12.0px STHeiti Light">内网交换机</span>2 vr3 <span style="font: 12.0px STHeiti Light">内网交换机</span>3</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">59.108.38.* 192.168.1.0/24 192.168.2.0/24 172.16.71.0/24</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"><span style="font: 12.0px STHeiti Light">采用</span>OpenBSD 4.3<span style="font: 12.0px STHeiti Light">自带的</span>DHCP</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">1. /etc/dhcpd.conf</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"># cat /etc/dhcpd.conf</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">default-lease-time 36000;</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">max-lease-time 72000;</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">option domain-name-servers 59.108.38.195;</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">#ddns-update-style ad-hoc;</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">#log-facility local7;</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"># for admin vr1</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">shared-network Admin-NET {</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"> option domain-name "atyu30.com";</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">subnet 192.168.1.0 netmask 255.255.255.0 {</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"> option broadcast-address 192.168.1.255;</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"> option routers 192.168.1.1;</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"> range 192.168.1.10 192.168.1.200;</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"> }</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">}</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"># for office vr2</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">shared-network Office-NET {</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">subnet 192.168.2.0 netmask 255.255.255.0 {</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"> option broadcast-address 192.168.2.255;</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"> option routers 192.168.2.1;</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"> range 192.168.2.50 192.168.2.150;</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"> }</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">}</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"># for Server vr3</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">shared-network Server-NET {</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">subnet 172.16.71.0 netmask 255.255.255.0 {</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"> option broadcast-address 172.16.71.255;</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"> option routers 172.16.71.1;</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"> range 172.16.71.50 172.16.71.150;</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"> }</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">}</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">host Gate-OpenBSD {</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">next-server 192.168.1.100;</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">hardware ethernet 00:0E:7B:37:96:6C;</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">fixed-address 192.168.1.120;</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">}</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">}</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">2.<span style="font: 12.0px STHeiti Light">启动</span></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"># touch /var/db/dhcpd.leases</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"># dhcpd vr1 vr2 vr3</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">3./etc/rc.conf.local</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">dhcpd_flags="" # for normal use: ""</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">4./etc/dhcpd.interfaces</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">#dhcpd<span style="font: 12.0px STHeiti Light">的监听端口:</span></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana; min-height: 15.0px"><br /></p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"># cat /etc/dhcpd.interfaces</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"># $OpenBSD: dhcpd.interfaces,v 1.1 1998/08/19 04:25:45 form Exp $</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">#</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"># List of network interfaces served by dhcpd(8).</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">#</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"># ep0</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"># ed0 le0</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana"># de1</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">vr1</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">vr2</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Verdana">vr3</p> </td> </tr> </tbody> </table>堵堵http://www.blogger.com/profile/16917369987598193025noreply@blogger.com1