顯示文章

這裡允許您檢視這個會員的所有文章。請注意, 您只能看見您有權限閱讀的文章。


主題 - wst2080

頁: [1]
1
需求: 當網路只開放Port 22 , 如何同時能使用 SSH 與 HTTP

目前看到是這種的解決方案~
http://kix.in/2008/12/16/ssh-http-multiplexer/

若改用iptables 不知道是否能達成
我昨天測試了這個方法~ 是無法達成這個功能~
iptables -A PREROUTING -i eth0 -p tcp --dport 22 -m string --algo bm --string "GET" -j REDIRECT --to-port 80

昨天看到人家在問這方面的問題,我也感到好奇~ 想說透過 iptables 的 String Module 來達成~
想說若當中有 Match到 OPTION、GET、PUT、DELETE....等等~
就能夠過REDIRECT到Port 80然後讓Apache去回應網頁給用戶端!

不過昨晚想了很久~ 還是無法達到這樣的需求~~ 不知道有哪位先進會有更好的方法來達成~

感謝指教~~~

2
這是我今天早上收到的電郵~~~~

The results of your RHCE Certification Exam are reported below. The RHCE Certification Exam allows candidates to qualify for the Red Hat Certified Engineer (RHCE) and Red Hat Certified Technician (RHCT) certificates. Please note that the RHCE designation is understood to both include and supersede the RHCT designation.


SECTION I: TROUBLESHOOTING AND SYSTEM MAINTENANCE
RHCE requirements: completion of compulsory items (50 points)
overall section score of 80 or higher
RHCT requirements: completion of compulsory items (50 points)

Compulsory Section I score: 50.0
Non-compulsory Section I score: 50.0
Overall Section I score: 100

SECTION II: INSTALLATION AND CONFIGURATION
RHCE requirements: score of 70 or higher on RHCT components (100 points)
score of 70 or higher on RHCE components (100 points)

RHCT requirement: score of 70 or higher on RHCT components (100 points)

RHCT components score: 93.5
RHCE components score: 96.4

RHCE Certification: PASS

Congratulations -- you are now certified as a Red Hat Certified Engineer! Your RHCE Certificate number is 8050093xxxxxxxx. The attached file is your personal print-ready certificate.

You are entitled to print this document and use it to demonstrate that you are an RHCE, provided you remain an RHCE in good standing. You may not modify or change the document's contents in any way, nor
may you appropriate any elements of this document for use in other electronic documents or printed materials. You may only print the document in its entirety. Any other use of the document must be approved by Red Hat, Inc.





----- 上個月考試只差10就考到RHCE了說,不過有個安慰獎~~~ RHCT...
這次就更加努力的準備一個月,來加強考試的熟悉程度與操作方面~~~
只要熟練~~~ 早上的部份差不多一個小時內都可以完成 (包含PhaseA and B)
下午的部份差不多兩個小時內就可以搞定 (包含系統安裝與組態設定等)

-------------------------------------------------------------------
 ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D
這陣子的努力 總算不是白費了


----------這是上個月考試的成績--------------------------------------

SECTION I: TROUBLESHOOTING AND SYSTEM MAINTENANCE
RHCE requirements: completion of compulsory items (50 points)
overall section score of 80 or higher

RHCT requirements: completion of compulsory items (50 points)

Compulsory Section I score: 50.0
Non-compulsory Section I score: 20.0
Overall Section I score: 70

SECTION II: INSTALLATION AND CONFIGURATION
RHCE requirements: score of 70 or higher on RHCT components (100 points)
score of 70 or higher on RHCE components (100 points)

RHCT requirement: score of 70 or higher on RHCT components (100 points)

RHCT components score: 74.1%
RHCE components score: 80.0%

RHCT Certification: PASS
RHCE Certification: NO PASS


3
今天想說來玩玩sendmail~~~

看著vbird的文章來修改活用~~~

發現一個小小好玩的地方~ 那就是 /etc/access 這個檔案~~~

我測試的結果是...

1.2.3.4 RELAY #這樣是可以被RELAY的
1.2.3.0/255.255.255.0 #這樣就不能被RELAY
1.2.3.0/24 #這樣也不能被RELAY
1.2.3 #這樣就可以被RELAY了~~~

小小的測試發現~~ 分享分享~~

總覺得奇怪~ 想說postfix (我之前是接觸postfix) 都可以設定 mynetworks 類似這樣的設定~ 想說應該sendmail 這個老牌的MTA應該也支援吧~ 結果跟著設定(127.0.0.1)這樣變化發現~ 會有 Relaying denied 這樣的錯誤訊息出現~ 要修改成上面提到能夠RELAY的格式來設定才可以進行RELAY等相關行為!


4
目的:  於Windows XP的OS系統上建置能夠提供 RedHat Like Linux Installation Server 來提供用戶端的 Remote Install

運用: 通常除非下載DVD的版本,通常Linux需要多片的光碟。 若是建置在環境當中來建置大量的RedHat Like Linux 用戶端的話,則此方面的應用是相當的方便!

PS1: 本文章依舊需要 Linux 與 Windows 基本知識與相關的Debug的邏輯排障
PS2: 本文章僅技術分享,歡迎討論! 但請勿針對兩種作業系統的立場來做嘴砲、筆戰,甚至有鬥爭的狀況發生!
PS3: 本文章雖然不會應用於RHCE考試上面,但是依然在於考試當中也是需要遠端來安裝,本文章會在後半部稍微講解相關的過程。
PS4: 本文章內容還蠻枯燥! 請有興趣者耐心讀下去;若無耐心者,就請回吧!
PS5: 本文章雖然講解枯燥! 但是具有上面前幾點的智慧,相信應該是"按圖施工 保證成功" 吧!
PS6: 本文章所提到的 RedHat Like Linux 則是涵蓋 (RHEL、CentOS、Fedora)

建置系統需求:
1. 符合Windows XP 或者類似之Windows OS Base
2. apache 2.x for Windows (提供Web服務)
3. Ser-U 7.0 for Windows (提供FTP服務)
4. Omni-NFS Server v4.3 for Windows (提供NFS服務)

問題發現:
1. 若使用 Windows 所提供的 IIS 來提供 Web 與 FTP ,雖然發現服務倒是可以正常提供,但是在於需要呼叫遠端的RPM來給予複製安裝時,則會發生錯誤!

2. 若使用微軟所提供的NFS軟體套件 (Service For Unix,SFU) ,檔案與Omni-NFS Server相比之下較大之外,不能於用戶端(Windows 2000 Professional、Windows XP)來提供NFS的服務

3. 若使用 Apache for Windows , 則該所提供的服務目錄(DocumentRoot)須在本機上且不可為網路磁碟,經過測試發現Apache將網路磁碟視為一個檔案而發生服務無法正常啟動的狀態

4. 若提供遠端用戶端安裝的服務(Web、FTP、NFS)比較之下,則NFS的傳輸速度優於兩者!

實施要綱:
一、於Windows XP 的機器上建立該目錄,並將光碟內所有的內容複製到機器內的同一目錄之下。
二、於Windows XP 的機器上建置 Web 服務
三、於Windows XP 的機器上建置 FTP 服務
四、於Windows XP 的機器上建置 NFS 服務
五、驗證Web、FTP、NFS的服務是否能正常提供
六、於用戶端透過各項服務(Web、FTP、NFS)連線給予遠端安裝作業系統


實做步驟:

1. 將下載回來的 RedHat Like Linux (Fedora、CentOS、RHEL,之後則簡稱RH Like等)給予複製到硬碟當中,以本實做的案例為進入光碟槽當中,將所有的檔案全選,開始複製到Windows XP端的硬碟當中。 當然,若下載五個ISO的檔案或者光碟片,全部均要複製到同一個目錄當中。若有發生重複的狀況,請覆蓋該重複的檔案!
(xcopy [光碟代號] [目的端] /E             ex: xcopy d: e:\linux /E )


RHEL 5 複製完成的模樣


CentOS 5 複製完成的模樣


2. 去下載各個提供服務的軟件! 請愛用google來搜尋 Apache 、 Serv-U 、 Omni-NFS Server v4.3 for Windows
http://ftp.tcc.edu.tw/pub/Apache/httpd/binaries/win32/apache_2.2.10-win32-x86-openssl-0.9.8i.msiApache 按我下載、http://www.serv-u.com/susetup4.exeServ-U 按我下載、http://www.xlink.com/download/forms/reg_nfserver_demo.htmOmni-NFS Server 按我下載
PS: 每個link均有可能會隨著時間改變而做變動!


3.首先安裝Apache,這部份就請自行參考圖給予一一操作! (需要注意的就是設定主機名稱那步驟!)





















4. 安裝完成後 Apache 的自我測試





5. 設定Apache









記得修改完成要存檔!


只要有修改到設定檔,都必須將服務重新啟動才會套用設定!


6. 使用瀏覽器來測試Apache是否能正常服務 (http://localhost)


PS: 由於Apache是Freeware...符合GNU的管理規範! 所以沒有使用期限之問題存在!


7. 安裝 Serv-U























8. 設定 Serv-U





不要勾選 http、https、sftp 這些服務! 若真的需要,請修改連接埠!










新增一個 匿名 的帳號


在密碼的欄位千萬不要輸入任何字元,直接點選 下一步 即可!








9. 利用瀏覽器來測試 FTP 的服務是否正常


PS: Serv-U 僅提供30天的使用期限,若有需要者,請自行購買或者想辦法!


10. 建置 NFS 服務









有沒有續號與密碼已經不是那麼重要了! 至少NFS是可以提供服務的!














11. 設定 NFS 組態














Caution: 由於均需要設定各目錄之NFS的服務! 以下請活用!








12. 遠端測試 NFS 的服務 (是用於有安裝NFS-Client套件之Unix-Like的OS)



13.  此次實做的目錄之下的相關目錄與檔案



14.  將光碟內或者剛剛複製的目錄當中的 image 目錄下的 boot.iso 給予燒錄成光碟 (BootCD)





5
小弟我利用CentOS 5.2版來實做 FreeRadius ...

想說利用RADIUS的機制去驗證Wireless的用戶端的連線登入。

架構如圖
[attachment=1]

實做的過程都有參考國家高速網路中心的唐可忠先生與台中縣教網中心的黃國順
的技術簡報
http://rd.tyc.edu.tw/modules.php?name=Tutorial&mode=visit&tid=10

http://www.tcc.edu.tw/upload/etest/1116859196_以Radius+WPA建構校園無線網路.ppt


利用 圖一 的 Client 端來測試,都可以得到正確的結果!
[attachment=2]
[attachment=4]

Server的回應
[attachment=3]


若使用WIN XP於NB的機器上login的時候,就會發生錯誤!

[root@localhost sbin]# radiusd -X
Starting - reading configuration files ...
reread_config:  reading radiusd.conf
Config:   including file: /etc/raddb/proxy.conf
Config:   including file: /etc/raddb/clients.conf
Config:   including file: /etc/raddb/snmp.conf
Config:   including file: /etc/raddb/eap.conf
 main: prefix = "/usr"
 main: localstatedir = "/var"
 main: logdir = "/var/log/radius"
 main: libdir = "/usr/lib"
 main: radacctdir = "/var/log/radius/radacct"
 main: hostname_lookups = no
 main: snmp = no
 main: max_request_time = 30
 main: cleanup_delay = 5
 main: max_requests = 1024
 main: delete_blocked_requests = 0
 main: port = 0
 main: allow_core_dumps = no
 main: log_stripped_names = no
 main: log_file = "/var/log/radius/radius.log"
 main: log_auth = no
 main: log_auth_badpass = no
 main: log_auth_goodpass = no
 main: pidfile = "/var/run/radiusd/radiusd.pid"
 main: user = "radiusd"
 main: group = "radiusd"
 main: usercollide = no
 main: lower_user = "no"
 main: lower_pass = "no"
 main: nospace_user = "no"
 main: nospace_pass = "no"
 main: checkrad = "/usr/sbin/checkrad"
 main: proxy_requests = no
 proxy: retry_delay = 5
 proxy: retry_count = 3
 proxy: synchronous = no
 proxy: default_fallback = yes
 proxy: dead_time = 120
 proxy: post_proxy_authorize = no
 proxy: wake_all_if_all_dead = no
 security: max_attributes = 200
 security: reject_delay = 1
 security: status_server = no
 main: debug_level = 0
read_config_files:  reading dictionary
read_config_files:  reading naslist
Using deprecated naslist file.  Support for this will go away soon.
read_config_files:  reading clients
read_config_files:  reading realms
radiusd:  entering modules setup
Module: Library search path is /usr/lib
Module: Loaded exec
 exec: wait = yes
 exec: program = "(null)"
 exec: input_pairs = "request"
 exec: output_pairs = "(null)"
 exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
 pap: encryption_scheme = "crypt"
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
 mschap: use_mppe = yes
 mschap: require_encryption = yes
 mschap: require_strong = yes
 mschap: with_ntdomain_hack = no
 mschap: passwd = "(null)"
 mschap: ntlm_auth = "(null)"
Module: Instantiated mschap (mschap)
Module: Loaded System
 unix: cache = no
 unix: passwd = "(null)"
 unix: shadow = "/etc/shadow"
 unix: group = "(null)"
 unix: radwtmp = "/var/log/radius/radwtmp"
 unix: usegroup = no
 unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
 eap: default_eap_type = "peap"
 eap: timer_expire = 60
 eap: ignore_unknown_eap_types = no
 eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
 gtc: challenge = "Password: "
 gtc: auth_type = "PAP"
rlm_eap: Loaded and initialized type gtc
 tls: rsa_key_exchange = no
 tls: dh_key_exchange = yes
 tls: rsa_key_length = 512
 tls: dh_key_length = 512
 tls: verify_depth = 0
 tls: CA_path = "(null)"
 tls: pem_file_type = yes
 tls: private_key_file = "/etc/raddb/certs/cert-srv.pem"
 tls: certificate_file = "/etc/raddb/certs/cert-srv.pem"
 tls: CA_file = "/etc/raddb/certs/demoCA/cacert.pem"
 tls: private_key_password = "whatever"
 tls: dh_file = "/etc/raddb/certs/dh"
 tls: random_file = "/etc/raddb/certs/random"
 tls: fragment_size = 1024
 tls: include_length = yes
 tls: check_crl = no
 tls: check_cert_cn = "(null)"
 tls: cipher_list = "(null)"
 tls: check_cert_issuer = "(null)"
rlm_eap_tls: Loading the certificate file as a chain
rlm_eap: Loaded and initialized type tls
 peap: default_eap_type = "mschapv2"
 peap: copy_request_to_tunnel = no
 peap: use_tunneled_reply = no
 peap: proxy_tunneled_request_as_eap = yes
rlm_eap: Loaded and initialized type peap
 mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
 preprocess: huntgroups = "/etc/raddb/huntgroups"
 preprocess: hints = "/etc/raddb/hints"
 preprocess: with_ascend_hack = no
 preprocess: ascend_channels_per_line = 23
 preprocess: with_ntdomain_hack = no
 preprocess: with_specialix_jetstream_hack = no
 preprocess: with_cisco_vsa_hack = no
 preprocess: with_alvarion_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
 realm: format = "suffix"
 realm: delimiter = "@"
 realm: ignore_default = no
 realm: ignore_null = no
Module: Instantiated realm (suffix)
Module: Loaded files
 files: usersfile = "/etc/raddb/users"
 files: acctusersfile = "/etc/raddb/acct_users"
 files: preproxy_usersfile = "/etc/raddb/preproxy_users"
 files: compat = "no"
Module: Instantiated files (files)
Module: Loaded Acct-Unique-Session-Id
 acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded detail
 detail: detailfile = "/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
 detail: detailperm = 384
 detail: dirperm = 493
 detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
 radutmp: filename = "/var/log/radius/radutmp"
 radutmp: username = "%{User-Name}"
 radutmp: case_sensitive = yes
 radutmp: check_with_nas = yes
 radutmp: perm = 384
 radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
rad_recv: Access-Request packet from host 10.0.100.100:3647, id=0, length=47
        User-Name = "wst2080"
        User-Password = "XXXXXX"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
    rlm_realm: No '@' in User-Name = "wst2080", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 0
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module "eap" returns noop for request 0
    users: Matched entry DEFAULT at line 152
    users: Matched entry wst2080 at line 155
  modcall[authorize]: module "files" returns ok for request 0
modcall: leaving group authorize (returns ok) for request 0
  rad_check_password:  Found Auth-Type Local
auth: type Local
auth: user supplied User-Password matches local User-Password
Sending Access-Accept of id 0 to 10.0.100.100 port 3647
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 10.0.100.100:3648, id=1, length=47
        User-Name = "wst2080"
        User-Password = "XXXXXX"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
  modcall[authorize]: module "preprocess" returns ok for request 1
  modcall[authorize]: module "chap" returns noop for request 1
  modcall[authorize]: module "mschap" returns noop for request 1
    rlm_realm: No '@' in User-Name = "wst2080", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 1
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module "eap" returns noop for request 1
    users: Matched entry DEFAULT at line 152
    users: Matched entry wst2080 at line 155
  modcall[authorize]: module "files" returns ok for request 1
modcall: leaving group authorize (returns ok) for request 1
  rad_check_password:  Found Auth-Type Local
auth: type Local
auth: user supplied User-Password matches local User-Password
Sending Access-Accept of id 1 to 10.0.100.100 port 3648
Finished request 1
Going to the next request
--- Walking the entire request list ---
Waking up in 5 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 0 with timestamp 491433f6
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 1 ID 1 with timestamp 491433f7
Nothing to do.  Sleeping until we see a request.
rad_recv: Access-Request packet from host 10.0.100.240:1812, id=22, length=86
        User-Name = "wst2080"
        NAS-IP-Address = 10.0.100.240
        Calling-Station-Id = "00-14-A4-42-53-XX"
        EAP-Message = 0x0248000c0177737432303830
        Message-Authenticator = 0xd2ddae507d49bcbc8d972f48ee12f052
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
  modcall[authorize]: module "preprocess" returns ok for request 2
  modcall[authorize]: module "chap" returns noop for request 2
  modcall[authorize]: module "mschap" returns noop for request 2
    rlm_realm: No '@' in User-Name = "wst2080", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 2
  rlm_eap: EAP packet type response id 72 length 12
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 2
    users: Matched entry DEFAULT at line 152
    users: Matched entry wst2080 at line 155
  modcall[authorize]: module "files" returns ok for request 2
modcall: leaving group authorize (returns updated) for request 2
  rad_check_password:  Found Auth-Type Local
auth: type Local
auth: No User-Password or CHAP-Password attribute in the request
auth: Failed to validate the user.
Delaying request 2 for 1 seconds
Finished request 2
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 22 to 10.0.100.240 port 1812
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 2 ID 22 with timestamp 4914340b
Nothing to do.  Sleeping until we see a request.



後面的Debug訊息事發生Reject的問題,也就是從NB透過AP來做RADIUS的時候所發生被拒絕的問題!

這部份就讓我感到不解! 還煩請高手多加的解惑! 感激不盡!



6
Linux 討論版 / 請問關於SAMBA掛載的問題
« 於: 2008-06-04 12:51 »
smbclient -L [ip] -N
可以看到網路芳鄰所分享的目錄

但是在於RHEL 5 當中使用
mount -t //[ip]/[share-name]  [mount point]
是可以掛載成功...

但是同樣的指令在 FC6 執行 就會出現

unknown filesystem type smbfs

但是將格式改成 cifs 就可以掛載

mount -t cifs //hppavilion/wayne /mnt/nfs

那請問一下, cifs .... 是什麼檔案系統格式呢??? FC6怎麼會無法辨識 smbfs 呢?

還煩請高手解小弟之疑惑!!! 感謝!!!

7
小弟在 /etc/passwd 當中發現這行
beagleindex:x:58:58:User for Beagle indexing:/var/cache/beagle:/bin/false
不知道這個帳號要做什麼用的...
觀看 cat /var/log/secure
Jan 28 04:02:06 ns5 su: pam_unix(su:session): session opened for user beagleindex by (uid=0)
Jan 28 04:02:12 ns5 su: pam_unix(su:session): session closed for user beagleindex
Jan 28 04:02:12 ns5 su: pam_unix(su:session): session opened for user beagleindex by (uid=0)
Jan 28 04:02:12 ns5 su: pam_unix(su:session): session closed for user beagleindex
發現連線的蹤跡...
這算是正常嗎?! 還感謝大大的回答!!!
OS: FC5

8
請問高手...關於中文編碼的問題...
在小弟的實驗過程當中...使用USB隨身碟來做兩種平台的檔案傳輸...但是在中文檔名上似乎有點問題!
請參閱:http://www.mobile01.com/topicdetail.php?f=233&t=468977&last=4401401
當中已經利用 http://ext2fsd.sourceforge.net/projects/projects.htm#ext2fsd 當中...
安裝這樣的驅動程式 來讓 Windows 能夠對ext的檔案系統作存取的動作...
可是中文檔名還是有問題... 是否能不需更動到 Linux 的語系編碼...來做檔案交換呢?!
RHEL5 預設 應該是 zh_TW. UTF8  不以改為 zh_TW.Big5 語系...
是否有辦法解決呢?!
印象中Windows 應該也是支援UTF的格式阿!!! 怎麼兩邊會變的不相容呢?!
用ext的組態使用UTF8的存檔模式...在不修改Linux語下之下可以判讀...
但是Windows系統卻是空無一物...不過再度拷貝就會提示檔案已存在!!!
還煩請高手解決小弟的疑惑...感謝!!!

9
請問板上的高手...
小弟有一個問題是...
在鳥哥與柏青哥的書中有提到NIS限定信任的網段與主機等等的組態設定檔案為
/etc/netgroup
可是又有看到pviva的教學當中...類似限定信任設定的組態檔案可為
/var/yp/securenets
...
請問這兩個檔案設定的功能是否相同呢???!!!
還煩請勞價高手們解答小弟的疑惑...感謝!!!

頁: [1]