顯示文章

這裡允許您檢視這個會員的所有文章。請注意, 您只能看見您有權限閱讀的文章。


主題 - 路人甲

頁: [1]
1
請問wifi AP接到vlan isolated的port,wifi使用者可以達到isolated嗎?

代碼: [選擇]
                   ++
                   |
                   |  p-port
+------------------+------------------+
|                                     |
|                                     |
|                                     |
+-------+-----+----------------+------+
        |     |                |
  i-port|     | i-port         | i-port
        |     |                |
        |     |                |
        |     +                |
        +                      |
                            +--+--+
                            |     |
                            |     |  wifi AP
                            +-----+


2
請先看以下的連結
以下這個連結是for windows,那請教各位 linux 預設的 MTU:1500 需要做調整嗎?
http://hnroam.hinet.net/adsl/Adsl_TCP_1536.html

3
Dear All~

HINET撥接ADSL提供多個浮動IP,心血來潮
但是成功的取得PPPoE連線,卻無法使用,在此想請教各位


[root@lab1 sysconfig]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:50:22:8C:AB:D2
          inet addr:10.0.0.2  Bcast:10.0.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:18582629 errors:368 dropped:0 overruns:0 frame:0
          TX packets:17049260 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:2526097461 (2409.0 Mb)  TX bytes:2233473978 (2130.0 Mb)
          Interrupt:10 Base address:0x8000

eth1      Link encap:Ethernet  HWaddr 00:50:BA:04:34:BF
          inet addr:192.168.1.254  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6414326 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8954850 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:1264687851 (1206.1 Mb)  TX bytes:1446380177 (1379.3 Mb)
          Interrupt:9 Base address:0x6600

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:12085 errors:0 dropped:0 overruns:0 frame:0
          TX packets:12085 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1315619 (1.2 Mb)  TX bytes:1315619 (1.2 Mb)

ppp0      Link encap:Point-to-Point Protocol
          inet addr:61.223.91.204  P-t-P:61.231.217.254  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
          RX packets:316716 errors:0 dropped:0 overruns:0 frame:0
          TX packets:341607 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:47779191 (45.5 Mb)  TX bytes:28898321 (27.5 Mb)

ppp1      Link encap:Point-to-Point Protocol
          inet addr:61.223.121.192  P-t-P:61.231.217.254  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
          RX packets:355 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:27444 (26.8 Kb)  TX bytes:30 (30.0 b)

[root@lab1 sysconfig]# cat network
NETWORKING=yes
FORWARD_IPV4=yes
HOSTNAME=lab1.no-ip.org
DOMAINNAME=no-ip.org
GATEWAYDEV=ppp0
(這行怎麼辦?)

[root@lab1 sysconfig]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
61.231.217.254  0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
61.231.217.254  0.0.0.0         255.255.255.255 UH    0      0        0 ppp1
10.0.0.0        0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         61.231.217.254  0.0.0.0         UG    0      0        0 ppp0

從別台traceroute 回來 --> ppp1
[root@dns /etc/mail]# traceroute 61.223.121.192
traceroute to 61.223.121.192 (61.223.121.192), 30 hops max, 38 byte packets
 1  61-218-32-254.HINET-IP.hinet.net (61.218.32.254)  51.891 ms  42.874 ms  43.591 ms
 2  tp-s2-c6r6.router.hinet.net (168.95.81.194)  43.095 ms  39.550 ms  40.122 ms
 3  211.22.34.121 (211.22.34.121)  40.362 ms  41.685 ms  40.640 ms
 4  h1.s82.ts.hinet.net (168.95.82.1)  45.078 ms  42.493 ms  44.582 ms
 5  * * *
 6  * * *

從別台traceroute 回來 --> ppp0
[root@dns /etc/mail]# traceroute 61.223.91.204
traceroute to 61.223.91.204 (61.223.91.204), 30 hops max, 38 byte packets
 1  61-218-32-254.HINET-IP.hinet.net (61.218.32.254)  51.691 ms  44.396 ms  43.705 ms
 2  tp-s2-c6r6.router.hinet.net (168.95.81.194)  41.510 ms  145.944 ms  49.748 ms
 3  211.22.34.121 (211.22.34.121)  39.658 ms  82.124 ms  42.809 ms
 4  h1.s82.ts.hinet.net (168.95.82.1)  48.573 ms  45.682 ms  45.307 ms
 5  61-223-91-204.HINET-IP.hinet.net (61.223.91.204)  108.889 ms  128.748 ms  119.720 ms

自己可以PING到ppp1
[root@lab1 sysconfig]# ping 61.223.121.192
PING 61.223.121.192 (61.223.121.192) from 61.223.121.192 : 56(84) bytes of data.
64 bytes from 61.223.121.192: icmp_seq=1 ttl=64 time=0.291 ms
64 bytes from 61.223.121.192: icmp_seq=2 ttl=64 time=0.217 ms

--- 61.223.121.192 ping statistics ---
2 packets transmitted, 2 received, 0% loss, time 1007ms
rtt min/avg/max/mdev = 0.217/0.254/0.291/0.037 ms


ppp0 是之前就用了,可以ping出去也可ping進來
但ppp1 就不行了,而ppp0與ppp1的gateway是ISP同一台ADSL的設備
這樣子ROUTING要怎麼設定?

4
Linux 討論版 / iptables 的疑問
« 於: 2003-12-19 18:26 »
Dear All~

研讀了第七章﹕架設 NAT
有些不了解的地方,望各位學長們解疑

先祝大家
          聖誕快樂 Merry Christmas :D

   

# ------------- flushing ----------
echo "Cleaning up..."
iptables -F -t filter
iptables -X -t filter
iptables -Z -t filter
iptables -F -t nat
iptables -X -t nat
iptables -Z -t nat

1. 如上iptables的tables不是有三個嗎
   那需要清 mangle嗎?
    iptables -F -t mangle
    iptables -X -t mangle
    iptables -Z -t mangle
======================================================
iptables -I INPUT -i ppp0 -p TCP --syn -j DROP
iptables -I FORWARD -i ppp0 -p TCP ! --syn -j ACCEPT

2. 在上述規則,可以改成這樣嗎?
    iptables -I INPUT -i ppp0 -p TCP --syn -j DROP
    iptables -I FORWARD -i ppp0 -p TCP --syn -j DROP
   或者可以改成一條嗎?
    ipiptables -I PREROUTING -i ppp0 -p TCP --syn -j DROP
    反正我NAT SERVER和內部的PC都拒絕 外來主動連線
======================================================
3. 另外 iptables是由上而下比對條件,符合了就不再比對下面的規則
   所以在增加 規則時都幾乎是用 -A,那下兩條可以改成 -A嗎?
   我對 -I用法 還不了解,哪時需要他勒?
iptables -I INPUT -i ppp0 -p TCP --syn -j DROP
iptables -I FORWARD -i ppp0 -p TCP ! --syn -j ACCEPT

5
Linux 討論版 / rrtool 可以畫中文字??
« 於: 2003-08-16 18:29 »
疑~~
看了 http://phorum.study-area.org/viewtopic.php?t=17336&highlight=rrd
為什麼 rrtool 可以畫中文字??

可否請 abelyang 大哥 解疑

以下是小弟的版本(用rpm裝的)
[root@mrtg rrd_cfg]# rpm -qa|grep rrdtool
rrdtool-1-33

6
Linux 討論版 / apt 問題
« 於: 2003-06-11 18:29 »
請教各位高手,我參考這篇 想以apt client更新rpm
http://www.study-area.org/tips/security.txt
也找過(很多非英文看不懂,有英文的也看到想吐)
http://www.google.com.tw/search?q=%22could+not+open+RPM+package+list+file%22+%2C+apt&ie=UTF-8&oe=UTF-8&hl=zh-TW&btnG=Google+%E6%90%9C%E5%B0%8B&lr=
還是不能解決以下問題,請大家幫我解惑吧



[root@mrtg apt]# cat sources.list
rpm ftp://linux.nctu.edu.tw/dists/redhat/apt i386 redhat-7.3-updates
rpm-src ftp://linux.nctu.edu.tw/dists/redhat/apt i386 redhat-7.3-updates

[root@mrtg etc]# apt-get update
Err ftp://linux.nctu.edu.tw i386 release
  PASS failed, server said: You are already logged in!
Err ftp://linux.nctu.edu.tw i386/redhat-7.3-updates pkglist
  PASS failed, server said: You are already logged in!
Err ftp://linux.nctu.edu.tw i386/redhat-7.3-updates release
  PASS failed, server said: You are already logged in!
Err ftp://linux.nctu.edu.tw i386/redhat-7.3-updates srclist
  PASS failed, server said: You are already logged in!
Failed to fetch ftp://linux.nctu.edu.tw/dists/redhat/apt/i386/base/release  PASS
 failed, server said: You are already logged in!
Failed to fetch ftp://linux.nctu.edu.tw/dists/redhat/apt/i386/base/pkglist.redha
t-7.3-updates  PASS failed, server said: You are already logged in!
Failed to fetch ftp://linux.nctu.edu.tw/dists/redhat/apt/i386/base/release.redha
t-7.3-updates  PASS failed, server said: You are already logged in!
Failed to fetch ftp://linux.nctu.edu.tw/dists/redhat/apt/i386/base/srclist.redha
t-7.3-updates  PASS failed, server said: You are already logged in!
Reading Package Lists... Done
Collecting File Provides... Error!
E: could not open RPM package list file /var/state/apt/lists/linux.nctu.edu.tw_d
ists_redhat_apt_i386_base_pkglist.redhat-7.3-updates: (no error)
E: Problem opening /var/state/apt/lists/linux.nctu.edu.tw_dists_redhat_apt_i386_
base_pkglist.redhat-7.3-updates
E: The package lists or status file could not be parsed or opened.

[root@mrtg etc]# apt-get check
Reading Package Lists... Done
Collecting File Provides... Error!
E: could not open RPM package list file /var/state/apt/lists/linux.nctu.edu.tw_dists_redhat_apt_i386_base_pkglist.redhat-7.3-updates: (no error)
E: Problem opening /var/state/apt/lists/linux.nctu.edu.tw_dists_redhat_apt_i386_base_pkglist.redhat-7.3-updates
E: The package lists or status file could not be parsed or opened.

[root@mrtg state]# ll
total 8
drwxr-xr-x    3 root     root         4096 Jun 11 12:10 apt
drwxr-xr-x    2 root     root         4096 Apr 24 09:19 aptitude
[root@mrtg state]# ll apt
total 4
drwxr-xr-x    3 root     root         4096 Jun 11 12:35 lists
[root@mrtg state]# ll apt/lists/
total 4
-rw-r-----    1 root     root            0 Jun 11 17:59 lock
drwxr-xr-x    2 root     root         4096 Jun 11 14:45 partial
這裡把lock刪掉再試也不行

[root@mrtg etc]# rpm -qa|grep apt
apt-devel-0.5.4cnc9-1
apt-0.5.4cnc9-1
aptitude-0.2.11.1-4

7
Linux 討論版 / 動態DNS的MX紀錄
« 於: 2002-10-13 23:35 »

請教各位前輩
我想要更新動態DNS的MX紀錄,
但是範例 "prereq" 這是怎樣的功能?

prereq yxrrset domain name type [rdata]
      Makes the existence of an RRset of type type owned by domain name
      a prerequisite to performing the update

prereq nxrrset
      Makes the non-existence of an RRset of type type owned by domain
      name a prerequisite to performing the update specified in successive
      update commands

prereq yxdomain domain name
      Makes the existence of the domain name specified a prerequisite to
      performing the update

prereq nxdomain
      Makes the non-existence of the domain name specified a prerequisite
      to performing the update

update delete domain name [type] [rdata]
      Deletes the domain name specified or, if type is also specified,
      deletes the RRset specified or, if rdata is also specified, deletes the
      record matching domain name, type, and rdata

update add domain name ttl [class] type rdata
      Adds the record specified to the zone. Note that the TTL, in addition to
      the type and resource-record-specific data, must be included, but the
      class is optional, and defaults to IN

So, for example, the command:

% nsupdate
> prereq nxdomain dakota.west.acmebw.com.
> update add dakota.west.acmebw.com. 333 in a 192.168.0.4
>
tells the server to add an address for dakota.west.acmebw.com only if the domain name does not already exist. Note that the last blank line is nsupdate's cue to send the update.

The command:

% nsupdate
> prereq yxrrset dakota.west.acmebw.com. in mx
> update delete dakota.west.acmebw.com. in mx
> update add dakota.west.acmebw.com. in mx 10 dakota.west.acmebw.com.
> update add dakota.west.acmebw.com. in mx 50 store-forward.mindspring.com.
>

http://216.239.35.100/search?q=cache:4YDGbbswAtgC:hr.uoregon.edu/davidrl/misc/NetworkingBookshelf/dnsbind/ch10_03.htm+nsupdate+,+mx&hl=zh-TW&ie=UTF-8

8
請問各位高手
我以參閱了netman的 '動態 DNS 設定技巧'

執行 nsupdate
client端出現 >>>> clocks are unsynchronized
server端的log出現 >>> May 22 21:54:30 dns named[1086]: client 61.223.88.167#1029: request has invalid signature: tsig verify failure

是不是兩方的時間要同步阿??

9
Network 討論版 / 一個ip的反解
« 於: 2002-05-19 13:25 »

named.conf
--------------------------------------------------------
zone "181.90.223.61.in-addr.arpa" IN {
        type master;   
        file "181.90.223.61.rev";
};

各位前輩
我看了netman大師 dns的那篇文章,是用一個網段來做例子
那我的adsl只有一個ip,那這樣的設定可以嗎?


181.90.223.61.rev
---------------------------------------------------------
$TTL    86400
@  IN  SOA dns.test.org.tw. root.dns.test.org.tw. (
                                      2001111601 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
@   IN  NS  dns.test.org.tw.

181.90.223.61.in-addr.arpa.  IN  PTR dns.test.org.tw.


10
Network 討論版 / MX的觀念
« 於: 2002-05-17 14:13 »


看了dns那篇文章
對MX的觀念還是不懂
能否為我解惑勒
thanks~
 
$TTL    86400
$ORIGIN siyongc.domain.
@ IN  SOA  rh71.siyongc.domain. root.rh71.siyongc.domain. (
2001111601 28800 14400 3600000 86400 )
        IN  NS     rh71.siyongc.domain.
        IN  NS     lp64.dmz.domain.
        IN  MX  10 rh71.siyongc.domain.
        IN  MX  20 lp64.dmz.domain.
@       IN  A      192.168.100.23
 
假設一封信寄給 root@h71.siyongc.domain
而 rh71.siyongc.domain 沒回應
此時會先將郵件暫時佇列( queue ) 在 lp64.dmz.domain
沒錯吧
那不就可以設別人的 mail server 嗎?
譬如
IN  MX  30 ms1.hinet.net.
IN  MX  40 etwebs.com.
 
如果不行,那要如何防止別人
把mail server當佇列的機器?


11
Linux 討論版 / Relaying denied
« 於: 2002-03-10 19:42 »

請問各位高手,這是啥問題

用outlook寄信出現

無法傳送郵件,因為某位收件者被伺服器拒絕。
被拒絕的電子郵件地址是 'aaaa@ms1.hinet.net"。 主旨 '111', 帳戶: 'abc.efg.qw',
伺服器: 'abc.efg.qw', 通訊協定: SMTP, 伺服器回應: '550 5.7.1
... Relaying denied', 連接埠: 25, 安全(SSL): 否, 伺服器錯誤: 550, 錯誤碼: 0x800CCC79
-------------------------------------

telnet 到主機去寄信---ok
用outlook寄到自己主機內的一個帳號----ok

12
Linux 討論版 / 一定要裝bind才可收信嗎??
« 於: 2002-02-27 12:26 »

於dns的觀念,請教各位高手..
在twnic已註冊domain--->abc.com.tw
ping http://www.abc.com.tw ------OK!
ping ftp.abc.com.tw ------OK!

server -->red hat 7.1

/etc/hosts
127.0.0.1               localhost.localdomain localhost
xxx.xxx.22.222          abc.com.tw abc
xxx.xxx.22.222          http://www.abc.com.tw www
xxx.xxx.22.222          ftp.abc.com.tw ftp

/etc/sysconfig/network
NETWORKING=yes
HOSTNAME=abc.com.tw
GATEWAY="xxx.xxx.22.254"
GATEWAYDEV="eth0"
FORWARD_IPV4="yes"

/etc/resolv.conf
domain abc.com.tw
search abc.com.tw http://www.abc.com.tw ftp.abc.com.tw
nameserver 168.95.1.1
nameserver 168.95.192.1

apache 還沒裝
sendmail 8.11.2
DNS(bind) 沒裝

請問
1.TWNIC的dns server不是已幫我domain指向ip
可以 telnet domain
ftp domain
但sendmail可以寄出,卻收不到外面來的信,why??
2.一定要裝bind才可收信嗎??
3.上面的一些設定是不是多此一舉

頁: [1]