顯示文章

這裡允許您檢視這個會員的所有文章。請注意, 您只能看見您有權限閱讀的文章。


主題 - aaronosos

頁: [1]
1
[root@dns1 ~]# rpm -qa|grep bind
bind-9.2.5-3

[root@dns ~]# rpm -qa|grep bind
bind-9.3.2-4.1

dns1為master!!!core 3 IP為220.228.201.3
dns為slave!!!core 5 IP為220.228.201.1


dns1這台master裡面的named內設定如下
zone "turbocomm.tw" IN {
type master;
file "turbocomm.tw.hosts";
allow-transfer {
220.228.201.1;
};
allow-update { none; };
};

zone "turbocomm.com.tw" IN {
type master;
file "turbocomm.com.tw.hosts";
allow-transfer {
220.228.201.1;
};
allow-update { none; };
};

zone "0-127.201.228.220.in-addr.arpa" IN {
type master;
file "220.228.201.0-127.rev";
allow-transfer {
220.228.201.1;
};
allow-update { none; };
};


dns這台slave如下
zone "turbocomm.tw" IN {
type slave;
file "turbocomm.tw.hosts";
masters { 220.228.201.3; };
};
zone "turbocomm.com.tw" IN {
type slave;
file "turbocomm.com.tw.hosts";
masters { 220.228.201.3; };
};

zone "0-127.201.228.220.in-addr.arpa" IN {
type slave;
file "220.228.201.0-127.rev";
masters { 220.228.201.3; };
};

slave的/var/named/chroot/var/named權限改為owner named;group named
雙方開啟named這服務後

dns1(master)log如下
Nov 29 16:44:07 dns1 named[3747]: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700
Nov 29 16:44:07 dns1 named[3747]: zone localdomain/IN: loaded serial 42
Nov 29 16:44:07 dns1 named[3747]: zone localhost/IN: loaded serial 42
Nov 29 16:44:07 dns1 named[3747]: zone turbocomm.com.tw/IN: loaded serial 2007071128
Nov 29 16:44:07 dns1 named[3747]: zone turbocomm.tw/IN: loaded serial 2007071128
Nov 29 16:44:07 dns1 named: named startup succeeded
Nov 29 16:44:07 dns1 named[3747]: running
Nov 29 16:44:07 dns1 named[3747]: zone turbocomm.tw/IN: sending notifies (serial 2007071128)
Nov 29 16:44:07 dns1 named[3747]: zone turbocomm.com.tw/IN: sending notifies (serial 2007071128)
Nov 29 16:44:07 dns1 named[3747]: zone 0-127.201.228.220.in-addr.arpa/IN: sending notifies (serial 2007071109)

這些log看來都正常,並且也發了通知!!


dns(slave)log如下
Nov 29 16:46:59 dns named[2324]: listening on IPv4 interface lo, 127.0.0.1#53
Nov 29 16:46:59 dns named[2324]: listening on IPv4 interface eth0, 220.228.201.1#53
Nov 29 16:46:59 dns named[2324]: command channel listening on 127.0.0.1#953
Nov 29 16:46:59 dns named[2324]: zone 0.in-addr.arpa/IN: loaded serial 42
Nov 29 16:46:59 dns named[2324]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
Nov 29 16:46:59 dns named[2324]: zone 255.in-addr.arpa/IN: loaded serial 42
Nov 29 16:46:59 dns named[2324]: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700
Nov 29 16:46:59 dns named[2324]: zone localdomain/IN: loaded serial 42
Nov 29 16:46:59 dns named[2324]: zone localhost/IN: loaded serial 42
Nov 29 16:46:59 dns named[2324]: running
Nov 29 16:47:12 dns named[2324]: client 220.228.201.3#32779: received notify for zone 'turbocomm.tw': not authoritative
Nov 29 16:47:13 dns named[2324]: client 220.228.201.3#32779: received notify for zone 'turbocomm.com.tw': not authoritative
Nov 29 16:47:13 dns named[2324]: client 220.228.201.3#32779: received notify for zone '0-127.201.228.220.in-addr.arpa': not authoritative
Nov 29 16:47:17 dns named[2324]: lame server resolving 'turbocomm.com.tw' (in 'turbocomm.com.tw'?): 220.228.201.1#53

想問的問題是為什麼會出現not authoritative 這個錯誤訊息呢!!

覺得很奇怪的是為什麼同步不成功呢!!
會是因為版本的差異嗎?
因為之前2台是core 3的情形下是OK的!
我這組態檔之前都好好的可以work在2台core3下

因為不久前slave硬碟死了想換core5跑跑看!結果把之前備份的config檔案
丟上去新安裝好的core5後就出現此錯誤訊息!!請高手提供些意見!!

2
問各位高手們個問題!!
假設在linux上有三張網卡~二張都是接外部adsl另一張接內部
在linux上我可以利用RPDB也就是路由政策來指定
假設source為10.1.1.1我讓他從2張外部的第一章走
其他的source我就讓他們從二張外部的第二章出去!!
確保10.1.1.1網路的品質
這是可以在linux上面達成的

相同的,cisco路由器或是switch上面是否也可以利用這種功能做判斷?
這是第一個問題!!
也就是cisco路由器或switch是否也可以利用source ip來判斷所走的路線而不是利用destination ip來判斷?
eg:
10.1.1.0/24往destination 0.0.0.0在sw上我讓他封包固定從此機器上面某個port相接的linux機器出去internet
或是在router上我讓此網段封包固定從某個介面出去
10.2.1.0/24往destination0.0.0.0在sw上我讓他封包固定從此機器上面另一個port相接的linux機器出去internet
或是在router上我讓此網段封包固定從另一個介面出去
10.3.1.0/24則就是固定走sw上面設定的ip default-gateway X.X.X.X出去


第二個問題是落在switch上面!!!
假設10.1.1.254是公司的default gateway~他接到firewall另外做nat架構出去
另外此switch的default gateway是指向firewall的介面IP
另外switch上其中一個port 2接上linux機器~
此linux機器是接adsl撥號出去~也就是說此linux可以直接上網不透過firewall

LAN內部為10.1.1.0/24
如果我想讓10.1.1.0/24,只要不是destionation 21的就是往下個節點,也就是sw上預設的ip deault-gateway的IP(firewall介面)走
只要是destination port是21的我就讓他從此機器所接的port 2,也就是linux那台機器出去的話我應該需要怎麼設定??

如果這是可行的請高手們提共點意見或文件文章讓小弟我好好學習一下

3
我遇到個問題!有台機器也就是擁有plm這套軟體的機器,因為當時廠商很白吃的是利用綁住IP而不是綁網卡的方式確保只能使用在這機器上緣故,所以如果不以當時10.1.1.6來當IP的話會變成啟動不了該軟體!!!
但是因為這台機器也已經停機很久了2年了吧!現在忽然想要用此軟體!但是礙於之前10.1.1.6這IP已經給ERP系統固定住了!!
如果把ERP的固IP改掉這樣會導致其他database和其他主機一系列的更改!!會有點麻煩!
所以想說是否可以在plm這台win2000 server上面裝二網卡一張拔掉線給10.1.1.6,另一張就給其他未用到的固定IP (eg:10.1.1.7),讓傳給10.1.1.7的封包會自動導到10.1.1.6上面也就是為接線路的plm的另一張網卡上。
因為小弟對linux較熟悉,所以知道linux可以對此設定prerouting鏈路讓封包去10.1.1.7的某個port給他redirect到本機的哪個port上!這樣就可以解決了!!

但是在win2000上是否可以利用什麼軟體或是內建什麼功能可以做這樣的動作呢?

可以請各位學長們不吝嗇的教導一下小弟嗎?

4
[root@ms1 ~]# cat /var/log/maillog|grep 0651@suhangcircuit.com
Jun 26 10:41:03 ms1 postfix/cleanup[25462]: 22F673280A6: hold: header Received: from suhangcircuit.com (suhangcircuit.com [58.211.241.27])??by ms1.turbocomm.com.tw (Postfix) with SMTP id 22F673280A6??for <shelley_chang@turbocomm.com.tw>; Tue, 26 Jun 2007 10:40:39 +0800  from suhangcircuit.com[58.211.241.27]; from=<0651@suhangcircuit.com> to=<shelley_chang@turbocomm.com.tw> proto=SMTP helo=<suhangcircuit.com>

照道理說
[root@ms1 ~]# cat /var/log/maillog|grep 22F673280A6
Jun 26 10:41:03 ms1 postfix/smtpd[22173]: 22F673280A6: client=suhangcircuit.com[58.211.241.27]
Jun 26 10:41:03 ms1 postfix/cleanup[25462]: 22F673280A6: hold: header Received: from suhangcircuit.com (suhangcircuit.com [58.211.241.27])??by ms1.turbocomm.com.tw (Postfix) with SMTP id 22F673280A6??for <shelley_chang@turbocomm.com.tw>; Tue, 26 Jun 2007 10:40:39 +0800  from suhangcircuit.com[58.211.241.27]; from=<0651@suhangcircuit.com> to=<shelley_chang@turbocomm.com.tw> proto=SMTP helo=<suhangcircuit.com>
Jun 26 10:41:03 ms1 postfix/cleanup[25462]: 22F673280A6: hold: header Received: from pc105 ([192.168.1.105]) by suhangcircuit.com with Microsoft SMTPSVC(6.0.3790.1830);?? Tue, 26 Jun 2007 10:46:34 +0800 from suhangcircuit.com[58.211.241.27]; from=<0651@suhangcircuit.com> to=<shelley_chang@turbocomm.com.tw> proto=SMTP helo=<suhangcircuit.com>
Jun 26 10:41:03 ms1 postfix/cleanup[25462]: 22F673280A6: message-id=<16ff01c7b79c$32a67760$6901a8c0@suhangcircuit.com>
Jun 26 10:42:03 ms1 MailScanner[22164]: Message 22F673280A6.04BF1 from 58.211.241.27 (0651@suhangcircuit.com) to turbocomm.com.tw is spam, SpamAssassin (not cached, score=6.653, required 6, FROM_ALL_NUMS 1.92, HTML_FONT_FACE_BAD 0.45, HTML_MESSAGE 0.00, HTML_TAG_EXIST_TBODY 0.13, INFO_TLD 0.81, MAILTO_TO_SPAM_ADDR 0.28, MIME_BASE64_TEXT 1.52, SUBJECT_ENCODED_TWICE 1.54)
Jun 26 10:42:03 ms1 MailScanner[22164]: Spam Actions: message 22F673280A6.04BF1 actions are deliver,header
Jun 26 10:42:17 ms1 MailScanner[22164]: Requeue: 22F673280A6.04BF1 to 017DA3280AC
這樣是正常的,22F673280A6再轉到017DA3280AC
[root@ms1 ~]# cat /var/log/maillog|grep 017DA3280AC
Jun 26 10:42:17 ms1 MailScanner[22164]: Requeue: 22F673280A6.04BF1 to 017DA3280AC
Jun 26 10:42:17 ms1 postfix/qmgr[23846]: 017DA3280AC: from=<0651@suhangcircuit.com>, size=3254267, nrcpt=1 (queue active)
Jun 26 10:42:17 ms1 postfix/local[25565]: 017DA3280AC: to=<shelley_chang@turbocomm.com.tw>, relay=local, delay=98, status=sent (forwarded as CA24D3280A6)
Jun 26 10:42:17 ms1 postfix/qmgr[23846]: 017DA3280AC: removed
再由017DA3280AC轉到後端使用者!!這是整個流程

但是在Jun 26 11:52:04 ms1 postfix/cleanup[27262]: 5338F3280AC: hold: header Received: from pc105 ([192.168.1.105]) by suhangcircuit.com with Microsoft SMTPSVC(6.0.3790.1830);?? Tue, 26 Jun 2007 11:57:43 +0800 from suhangcircuit.com[58.211.241.27]; from=<0651@suhangcircuit.com> to=<shelley_chang@turbocomm.com.tw> proto=SMTP helo=<suhangcircuit.com>
這一封就是怪了!!
[root@ms1 ~]# cat /var/log/maillog|grep 5338F3280AC
Jun 26 11:52:04 ms1 postfix/smtpd[26454]: 5338F3280AC: client=suhangcircuit.com[58.211.241.27]
Jun 26 11:52:04 ms1 postfix/cleanup[27262]: 5338F3280AC: hold: header Received: from suhangcircuit.com (suhangcircuit.com [58.211.241.27])??by ms1.turbocomm.com.tw (Postfix) with SMTP id 5338F3280AC??for <shelley_chang@turbocomm.com.tw>; Tue, 26 Jun 2007 11:51:40 +0800  from suhangcircuit.com[58.211.241.27]; from=<0651@suhangcircuit.com> to=<shelley_chang@turbocomm.com.tw> proto=SMTP helo=<suhangcircuit.com>
Jun 26 11:52:04 ms1 postfix/cleanup[27262]: 5338F3280AC: hold: header Received: from pc105 ([192.168.1.105]) by suhangcircuit.com with Microsoft SMTPSVC(6.0.3790.1830);?? Tue, 26 Jun 2007 11:57:43 +0800 from suhangcircuit.com[58.211.241.27]; from=<0651@suhangcircuit.com> to=<shelley_chang@turbocomm.com.tw> proto=SMTP helo=<suhangcircuit.com>
Jun 26 11:52:04 ms1 postfix/cleanup[27262]: 5338F3280AC: message-id=<17b901c7b7a6$253b0eb0$6901a8c0@suhangcircuit.com>
他就這樣直接的cleanup了!!竟然沒有後續的轉發!!我想請問一下各位學長們有人遇到過這樣的情形嗎??
會是什麼原因導致的呢?為什麼同一天不同時間會導致一封進來一封就被hold到cleanup了呢?

5
因為資料庫必需用到此版本,小弟又是red hat9才接觸的,在網路上搜尋了很久都找不到,後面嘗試自己編譯又是錯誤一堆>"<

請各位高手如果有6.0 iso安裝光碟片或知道網址可下載的請分享一下,謝謝你們

6
登入嘗試經由:   MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
 登入帳戶:   Administrator
 來源工作站:   ANGEL
 錯誤碼:   0xC000006A

登入嘗試經由:   MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
 登入帳戶:   Administrator
 來源工作站:   \\EVIL
 錯誤碼:   0xC000006A

請問一下各位高手!!有個問題滿困擾我的,前幾天加了個群組原則
稽核帳戶登入事件 成功,失敗
稽核帳戶管理 成功,失敗
這二項目!!加入後發現以上的錯誤訊息!!滿納悶的是為什麼ANGEL和EVIL這二台PC會嘗試用administrator登入到這台機器呢???
那二台都是在機房裡面的機器!!我沒嘗試登入過到DC下面阿~~但是為什麼卻會出現以上的訊息呢??是否中毒或被入侵所以人家在嘗試登入DC裡呢!!
在去別的主機上面看一下evenlog也發現滿多這種情形的!!
不知道高手們有遇過這種情形嗎???是否可以幫小弟解答一下呢??


"但是由於這種現象會在每次顯示「歡迎使用」畫面時,每一個帳戶都會發生,因此如果帳戶鎖定原則設定為 3 次失敗嘗試,而「使用者 A」連續登入 3 次,「使用者 B」將會有 3 次失敗的嘗試,然後該帳戶就會被鎖定。"

上面的訊息是我在討論區得到的!!想問的是這真的是造成的原因點嘛?因為在主機上利用user A來登入三次,因此造成相同主機上的的user B失敗的嘗試登入寫在evenlog下嗎??

7
我大概知道可以利用l7-filter可以用iptables的mangle阻擋掉,但是相對整個網路架構也都要變動了,所以想請問大大們一下如何利用proxy黨掉呢?
proxy裡面我有做個設定acl block-port port 1863
然侯在http_access deny block-port但是測試都不行,有些大大的文章說他們會跑80的port出去,但就我在win netstat下看都是3128的PORT,可能他們轉為3128出去連結了吧。
有人曾經成功讓proxy阻擋MSN或QQ的嗎?是否可以分享一下呢?又或著是linux有哪些機制可以阻擋呢?是否有其他套件可以阻擋呢?

8
想請問各位大大有相關網頁的資訊嗎?去foundry關網註冊好但是一直login不進去,看他說48小時內才給我回信,可能那時才可以用吧,所以請問一下各位大大有沒有相關資料可以提供給我>"<或是有沒有相關書籍提共一下書名吧,會的都是侷限在cisco設備,真是失敗>"<

9
Linux 討論版 / sarg問題一問
« 於: 2006-08-18 10:33 »
[root@firewall ~]# /usr/bin/sarg -o /var/www/sarg/daily -d $(date +%d/%m/%Y)
SARG: Records in file: 1119, reading: 100.00%
sort: open failed: +6.5nr: No such file or directory
SARG: (index) Cannot open file: /var/www/sarg/daily/index.sort
他說不能開啟index.sort這個檔案,所以我自作聰明的touch這個檔案出來
發現他還是出現錯誤訊息
[root@firewall daily]# /usr/bin/sarg -o /var/www/sarg/daily -d $(date +%d/%m/%Y)
SARG: Records in file: 1119, reading: 100.00%
sort: open failed: +6.5nr: No such file or directory
組態檔如下/etc/httpd/conf.d/sarg
Alias /sarg /var/www/sarg

<Directory /var/www/sarg>
    DirectoryIndex index.html
    Order deny,allow
    Deny from all
    Allow from 127.0.0.1 10.1.1.17/255.255.0.0
</Directory>


sarg的版本為sarg-2.0.9-2.fc3.mack
我的環境是core5下,每次連結到10.8.1.8/sarg/daily/下後的畫面都不會出現像2006Aug18-2006Aug18的連結讓你點,而是你必須手動的輸入之後才可以連結進去。
請問各位大大有遇過這樣的情形嗎?怪了~在我家裡core3的環境下都好好的>"<

我想問題點還是出在SARG: (index) Cannot open file: /var/www/sarg/daily/index.sort
請問一下遇到這情形要怎麼處裡?

10
Linux 討論版 / postfix的LOG一問
« 於: 2006-08-16 18:13 »
Aug 16 17:46:34 ms postfix/cleanup[25289]: 65CB4FD153: hold: header Received: from mail.wv.com.tw (unknown [211.23.169.246])??by ms.turbocomm.com.tw (Postfix) with ESMTP id 65CB4FD153??for <richard@turbocomm.com.tw>;
Wed, 16 Aug 2006 17:46:17 +0800 (CST) from unknown[211.23.169.246]; from=<peterlee@wv.com.tw> to=<richard@turbocomm.com.tw> proto=ESMTP helo=<mail.wv.com.tw>
Aug 16 17:46:34 ms postfix/cleanup[25289]: 65CB4FD153: hold: header Received: from peterlee ([10.10.6.250])??(authenticated bits=0)??by mail.wv.com.tw (8.12.8/8.12.8) with ESMTP id k7G9bGDw024326??for <richard@turbocomm.com.tw>;
Wed, 16 Aug 2006 17:37:16 +0800 from unknown[211.23.169.246]; from=<peterlee@wv.com.tw> to=<richard@turbocomm.com.tw> proto=ESMTP helo=<mail.wv.com.tw>
這段message被擋下來的主要原因是unknow[211.23.169.246]
但是奇怪的事我用nslookup查看他正反解都OK阿?那麼這段maillog的主要原因到底是何事呢?還有請問一下各位大大,Aug 16 17:46:34 ms postfix/cleanup的cleanup在這裡是指作什麼是阿?

11
Linux 討論版 / proxy server 的問題
« 於: 2006-08-14 14:11 »
按照鳥哥書上的設定做完後開啟服務OK
但是試著修改cache_dir就遇到麻煩!!

cache_dir ufs /var/spool/squid 3072 16 256
cache_dir ufs /var/spool/squid1 3072 16 256
cache_dir ufs /var/spool/squid2 3072 16 256
cache_dir ufs /var/spool/squid3 3072 16 256
cache_dir ufs /var/spool/squid4 3072 16 256
cache_dir ufs /var/spool/squid5 3072 16 256

之後我mkdir /var/spool/squid和1~5
chown squid:squid /var/spool/squid和1~5
在執行squid -z後便重開啟服務後便一直出現這錯誤畫面

Aug 14 13:22:15 firewall squid[6755]: Squid Parent: child process 6765 started
Aug 14 13:22:16 firewall kernel: audit(1155532936.222:391): avc:  denied  { write } for  pid=6765 comm="squid" name="cache1" dev=sda5 ino=8241419 scontext=user_u:system_r:squid_t:s0 tcontext=user_u:object_r:var_spool_t:s0 tclass=dir
Aug 14 13:22:16 firewall (squid): storeUfsDirOpenSwapLog: Failed to open swap log.
Aug 14 13:22:16 firewall squid[6755]: Squid Parent: child process 6765 exited due to signal 6

不太了解這錯誤訊息想要傳達什麼
他說我在開swap log.這檔案開不了嗎?這檔案是存在哪裡的阿?

12
Linux 討論版 / vpn一問,請高手幫忙一下
« 於: 2006-08-13 18:50 »
我想請問一下各位高手,我已經設定完成VPN的流程,也可以利用windows的VPN設定連到linux上取得IP了,但是有一個問題,就是他default gateway是指向192.168.1.200,這IP:192.168.1.200是由linux上所取得,我如何把這dafaultGW指向192.168.1.21(也就是我linux本機的IP位置)?

PPP adapter VPN:

        Connection-specific DNS Suffix  . :
        IP Address. . . . . . . . . . . . : 192.168.1.200
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
        Default Gateway . . . . . . . . . : 192.168.1.200 <===我的問題點
已上是windows透過LINUX的VPN所取得IP位置,而我/etc/pptpd.conf的內容為
debug
option /etc/ppp/options.pptpd
localip 192.168.1.21
remoteip 192.168.1.200-210

/etc/ppp/options.pptpd的內容如下
[root@aaronosos sbin]# vi /etc/ppp/options.pptpd
## CHANGE TO SUIT YOUR SYSTEM
lock
debug
auth
+chap
proxyarp

這是在linux上取得的IP資訊
[root@aaronosos sbin]# ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:0A:48:15:FB:C5
          inet addr:192.168.1.21  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::20a:48ff:fe15:fbc5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1052 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1842 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:195258 (190.6 KiB)  TX bytes:198920 (194.2 KiB)
          Interrupt:11 Memory:d0020000-0

eth1      Link encap:Ethernet  HWaddr 00:0A:48:10:64:22
          inet addr:192.168.2.21  Bcast:192.168.2.255  Mask:255.255.255.0
          inet6 addr: fe80::20a:48ff:fe10:6422/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:605 errors:0 dropped:0 overruns:0 frame:0
          TX packets:11 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:64685 (63.1 KiB)  TX bytes:642 (642.0 b)
          Interrupt:9

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:207 errors:0 dropped:0 overruns:0 frame:0
          TX packets:207 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:22561 (22.0 KiB)  TX bytes:22561 (22.0 KiB)

ppp0      Link encap:Point-to-Point Protocol
          inet addr:59.112.13.36  P-t-P:59.112.0.254  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
          RX packets:1015 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1030 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:170046 (166.0 KiB)  TX bytes:74475 (72.7 KiB)

ppp1      Link encap:Point-to-Point Protocol
          inet addr:192.168.1.21  P-t-P:192.168.1.200            Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1400  Metric:1
          RX packets:17 errors:0 dropped:0 overruns:0 frame:0
          TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:1105 (1.0 KiB)  TX bytes:108 (108.0 b)

PPP0是我linux上撥接上網的ppp1是windows用VPN取得的IP,以下是我linux本機上路由的資訊
[root@aaronosos sbin]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
59.112.0.254    0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
192.168.1.200   0.0.0.0         255.255.255.255 UH    0      0        0 ppp1
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth1
0.0.0.0         59.112.0.254    0.0.0.0         UG    0      0        0 ppp0

照理說windows透過VPN後他的default應該是要指向linux本機的192.168.1.21我才可以透過linux出去上網,所以我的問題點是我有些程序沒作對呢?還是要在哪另行在做設定呢?

13
Linux 討論版 / 關於VPN一問~請高手幫忙一下
« 於: 2006-08-06 23:18 »
Aug 6 22:51:54 aaronosos pptpd[7301]: CTRL: Client 192.168.1.11 control connection started
Aug 6 22:51:54 aaronosos pptpd[7301]: CTRL: Starting call (launching pppd, opening GRE)
Aug 6 22:51:54 aaronosos pptpd[7301]: GRE: read(fd=5,buffer=804d5a0,len=8196) from PTY failed: status = -1 error = Input/output error
Aug 6 22:51:54 aaronosos pptpd[7301]: CTRL: PTY read or GRE write failed (pty,gre)=(5,6)
Aug 6 22:51:54 aaronosos pptpd[7301]: CTRL: Client 192.168.1.11 control connection finished
Aug 6 22:51:56 aaronosos pptpd[7303]: CTRL: Client 192.168.1.11 control connection started
Aug 6 22:51:56 aaronosos pptpd[7303]: CTRL: Starting call (launching pppd, opening GRE)
Aug 6 22:51:56 aaronosos pptpd[7303]: GRE: read(fd=5,buffer=804d5a0,len=8196) from PTY failed: status = -1 error = Input/output error
Aug 6 22:51:56 aaronosos pptpd[7303]: CTRL: PTY read or GRE write failed (pty,gre)=(5,6)
Aug 6 22:51:56 aaronosos pptpd[7303]: CTRL: Client 192.168.1.11 control connection finished
請問一下設定過VPN的高手,這錯誤訊息的原因在那呢?在此附上我的設定檔
/etc/pptpd.conf
option /etc/ppp/options.pptd
localip 192.168.1.21
remoteip 192.168.1.100-192.168.1.110

/etc/ppp/options.pptd
name *
lock
mtu 1450
mru 1450
proxyarp
auth
ipcp-accept-local
ipcp-accept-remote
lcp-echo-failure 3
lcp-echo-interval 5
deflate 0
+chap
+mschap-v2
ms-dns 168.95.1.1


/etc/ppp/chap-secrets
aaron * mypassword *

echo "1">/proc/sys/net/ipv4/ip_foward

14
Linux 討論版 / 關於在現有
« 於: 2006-07-24 17:40 »
請問一下,我在現有的/usr/src/linux/linux-2.6.14/下輸入make menuconfig後把file system的ntfs給打M儲存後打make fs/ntfs/打算給他模組化,但是編譯出來的模組怎麼會是ntfs.o呢?我是2.6後的不是應該是.ko嗎?這是我編譯時候的訊息
SPLIT include/linux/autoconf.h -> include/config/*
CC scripts/mod/empty.o
HOSTCC scripts/mod/mk_elfconfig
MKELF scripts/mod/elfconfig.h
HOSTCC scripts/mod/file2alias.o
HOSTCC scripts/mod/modpost.o
HOSTCC scripts/mod/sumversion.o
HOSTLD scripts/mod/modpost
HOSTCC scripts/kallsyms
HOSTCC scripts/conmakehash
CHK include/linux/version.h
UPD include/linux/version.h
SYMLINK include/asm -> include/asm-i386
CC arch/i386/kernel/asm-offsets.s
GEN include/asm-i386/asm-offsets.h
LD fs/ntfs/built-in.o
CC [M] fs/ntfs/aops.o
CC [M] fs/ntfs/attrib.o
CC [M] fs/ntfs/collate.o
CC [M] fs/ntfs/compress.o
CC [M] fs/ntfs/debug.o
CC [M] fs/ntfs/dir.o
CC [M] fs/ntfs/file.o
CC [M] fs/ntfs/index.o
CC [M] fs/ntfs/inode.o
CC [M] fs/ntfs/mft.o
CC [M] fs/ntfs/mst.o
CC [M] fs/ntfs/namei.o
CC [M] fs/ntfs/runlist.o
CC [M] fs/ntfs/super.o
CC [M] fs/ntfs/sysctl.o
CC [M] fs/ntfs/unistr.o
CC [M] fs/ntfs/upcase.o
LD [M] fs/ntfs/ntfs.o<====這行為什麼會是出現.o呢?

請各位大大指導一下,我現在的目的就是要讓我的kernel支援ntfs的讀取,但是不想重新編譯kernel的前提下,只要再現有的menuconfig加入ntfs讓他模組化後可以modprobe上來

15
Linux 討論版 / sendmail 一問
« 於: 2006-07-23 22:29 »
ul 23 18:12:57 aaronosos sendmail[7180]: AUTH=server, relay=winxp.lettop.aaronosos.no-ip.info [192.168.1.11], authid=aaron, mech=LOGIN, bits=0
Jul 23 18:12:57 aaronosos sendmail[7180]: k6NACv4B007180: from=<aaron@192.168.1.21>, size=2471, class=0, nrcpts=1, msgid=<000001c6ae40$8b183fc0$0b01a8c0@winxpleptop>, proto=ESMTP, daemon=MTA, relay=winxp.lettop.aaronosos.no-ip.info [192.168.1.11]
Jul 23 18:12:57 aaronosos sendmail[7180]: k6NACv4B007180: to=<aaronosos@yahoo.com.tw>, delay=00:00:00, mailer=esmtp, pri=32471, stat=queued
Jul 23 18:18:46 aaronosos sendmail[7179]: k6NACfJo007171: to=<aaronosos@yahoo.com.tw>, ctladdr=<root@aaronosos.no-ip.info> (0/0), delay=00:06:05, xdelay=00:06:01, mailer=esmtp, pri=120346, relay=mta-v2.mail.vip.tpe.yahoo.com. [203.84.195.1], dsn=4.0.0, stat=Deferred: Connection timed out with mta-v2.mail.vip.tpe.yahoo.com.

他是說允許我RELAY到203.84.195.1但是連結時間過長所以到/var/spool/mqueue去暫存等一段時間後再嘗試連結一次寄送,但是我這二個禮拜都是這樣一直逾時,可能過三四天我之前的信件才會寄到我的YAHOO信箱裡,怪怪。從DNS下去看都可以解析的了(host -t mx yahoo.com.tw)但是為什麼會出現Connection timed out with mta-v2.mail.vip.tpe.yahoo.com.
希望有人可以跟我說明一下原因到底是我這方面還是yahoo信箱那邊呢?

Jul 23 17:40:02 aaronosos sendmail[2154]: k6N9e2nf002154: aaronosos.no-ip.info [192.168.1.21] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Jul 23 17:40:02 aaronosos sendmail[2150]: k6N9e2G2002150: localhost.localdomain [127.0.0.1] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
至於這二段LOG我就有點不了解了,希望可以指教一下,謝謝

16
Linux 討論版 / 關於big sister這套件的資源
« 於: 2006-07-06 11:38 »
請問友人用過big sister這套件來當自己主機的監視系統嗎?
可以的話是否可以分享一下經驗或是文件出處?
或是是否有教科書賣?

17
Linux 討論版 / 請求nessus-2.0.x.tgz下載點
« 於: 2006-03-26 16:20 »
請求nessus-2.0.x.tgz下載點

18
Linux 討論版 / 求助關於usb的問題
« 於: 2005-09-22 16:12 »
今天灌好fedora3~然後插入USB輸入時mount /dev/sdb /media/usbdisk
一直出現ERROR,錯誤訊息入下
SCSI error:<1 0 0 0>return code = 0x10070000
end_request: I/O error,dev sdb,sector 0
FAT:unable to read boot sector
mount:/dev/sdb:can't read superblock
請問這是什麼問題呢?


輸入vi /proc/scsi/scsi後得知
Host:scsi0 Channel: 00   ID: 00   LUN: 00
Vendor:ATA MODEL:WDC WD1200JD-00H Rev:08.0
type:Direct-Access ANSI SCSI revision: 05

Host:scsi0 Channel: 00   ID: 00   LUN: 00
Vendor:LEO MODEL:MobilDisk 64MB Rev:1.89
type:Direct-Access ANSI SCSI revision: 02

我在想是不是因為scsiID的問題都是0?如果是的話我應如何解決呢?請版主解答一下謝謝

fdisl -l /dev/sdb訊息如下
Disk /dev/sdb: 65 MB, 65404928 bytes
3 heads, 42 sectors/track, 1013 cylinders
Units = cylinders of 126 * 512 = 64512 bytes

Device Boot Start End Blocks Id System
/dev/sdb1 ? 6175682 15235283 570754815+ 72 Unknown
Partition 1 has different physical/logical beginnings (non-Linux?):
phys=(357, 116, 40) logical=(6175681, 2, 19)
Partition 1 has different physical/logical endings:
phys=(357, 32, 45) logical=(15235282, 0, 7)
Partition 1 does not end on cylinder boundary.
/dev/sdb2 ? 1338806 16704110 968014120 65 Novell Netware
386
Partition 2 has different physical/logical beginnings (non-Linux?):
phys=(288, 115, 43) logical=(1338805, 2, 9)
Partition 2 has different physical/logical endings:
phys=(367, 114, 50) logical=(16704109, 0, 2
Partition 2 does not end on cylinder boundary.
/dev/sdb3 ? 14840330 30205633 968014096 79 Unknown
Partition 3 has different physical/logical beginnings (non-Linux?):
phys=(366, 32, 33) logical=(14840329, 0, 12)
Partition 3 has different physical/logical endings:
phys=(357, 32, 43) logical=(30205632, 0, 25)
Partition 3 does not end on cylinder boundary.
/dev/sdb4 ? 22902232 22902672 27749+ d Unknown
Partition 4 has different physical/logical beginnings (non-Linux?):
phys=(372, 97, 50) logical=(22902231, 1, 5)
Partition 4 has different physical/logical endings:
phys=(0, 10, 0) logical=(22902671, 2, 21)
Partition 4 does not end on cylinder boundary.

Partition table entries are not in disk order

lsmod也得知vfat已被載入~/etc/fstab也都OK~可以解說給小弟元因為何不行mount -t vfat /dev/sdb /media/usbdisk嗎?

19
課後溫習+認證考試 / 請教幾題102
« 於: 2005-05-12 21:00 »
You can give options to the kernel
a)using the append-command in /etc/lilo.conf
b)using the options-command in /etc/lilo.conf
c)appending the options to the kernel name while using the bootmanager
d)using the chopt command while running the system
e)writing the desired options to /proc/kernel
我選bc這樣對嗎?

What is described by the PS1 and PS2 enviroment variable?
a)Postscript Level 1 and Level 2 capabilities
b)Shortcuts for the commands "ps" and "ps uax"
c)The different levels for the Power Save Mode
d)The normal prompt and the following prompt of the shell
e)PS2 is a link to the mouse-port of a ps/2 mouse, PS1 doesn't exist
我選d這樣對嗎?

Writing a shellscript you want to check if the file foobar exists and is
owned by the user who runs the script. Which of
the following test commands will check this?
a)test -e foobar
b)test -r foobar
c)test -b foobar
d)test -o foobar
e)test -O foobar
我選e這樣對嗎?

Your logfiles are growing to a very huge size. What can you do, to limit the size of all logfiles to a reasonable value without losing information?
a)Enter the desired value in /etc/logfilesize.conf
b)Enter the desired value in /etc/syslog.conf
c)Run logrotate in regular intervalls (using cron)
d)Use the parameter --maxsize=xxx for the syslog daemon
e)Use the command head logfilename
要規定size這不應在/etc/logrotate.d/filename下規定size=XX嗎?不過這題我會選c?對嗎?

What is the difference between cron and anacron?
a)anacron is an old (anachronistic) version of cron
b)cronjobs get lost if the computer isn't running at the given time,          anacron jobs don't get lost.
c)cron can only be used by root, anacron can be used by every user
d)anacron can only be used by root, cron can be used by every user
e)there is no difference
選d對嗎?

You get the IP-address 191.123.234.168/29 from your ISP. What are
valid host addresse in your network?
a)191.123.234.168
b)191.123.234.169
c)191.123.234.172
d)191.123.234.175
e)191.123.234.177
191.123.234.168經過與255.255.255.248AND運算後還是191.123.234.168
255.255.255.248在NOT後與191.123.234.168做OR後得191.123.234.176
所以有效主機是位於191.123.234.169~175
選bcd對嗎?

What file is used to declare options used by pppd instead of giving them at the commandline?
a)/etc/ppp_options
b)/etc/pppd.conf
c)/etc/ppp/options
d)/etc/ppp/pppd.conf
e)/etc/ppp/pppd.options
c嗎?

What command is run by pppd after a connection was established?
a)ppp-up
b)ip-up
c)ppp-connect
d)ppp-online
e)pppup
c嗎?

You decide to use xinetd intead of inetd.What must be done in order to properly configure xinetd?
A. You must create a new configuration file for xinetd.
B. You must add xinetd to/etc/services.
C. You must add xinetd supp or[ to your tcpwrappers configuration files.
D. Nothing. xine td uses the same configuration files as inetd.
a吧~但我看testking的答案是d一個是/usr/sbin/tcpd一個是/usr/sbin/in.XXX
所以若要更改應該要複製新的檔案到xinetd.d/下再做相關更改吧?是這麼解釋嗎?

20
想請問一下~我在此檔案下加入了
-:ALL EXCEPT aaron test:LOCAL
上面不就是在設定說以本機登入的除了aaron和test外都不行登入嗎?
是需要重新啟動什麼東西嗎?因為我設定完後以其他帳號登入試,都還是可以登入進去本機,請幫忙解答一下謝謝

21
Linux 討論版 / 請幫忙解答一下(NFS問題)
« 於: 2005-04-10 19:02 »
我想請問一下關於nfs的問題,當我在server端設好了參數,`並且我也在我client端輸入
 #showmount -e linux<==我內部所設的主機名稱
我可以得到我主機所設的目錄,並且我確定我portmap和nfs都開啟了,
#rpcinfo -p linux(aerver的主機名稱)開開啟的port也都開啟了
但是當我下達 (server和client端都是我的區網)我在/etc/hosts裡都設定好了
 #mount -t nfs linux:/home/report(這是我在主機裡面所設的目錄) /home/nfs/report(這是我在client端已經見好的目錄)
 我得到的錯誤訊息是 mount: RPC: Timed Out 這是為什麼呢?
我的防火強沒設定預設全都INPUT ACCEPT,而/etc/hosts.allow有設定為portmap:192.168.1.0/255.255.255.0
 /etc/hosts.deny 設定ALL:ALL

22
課後溫習+認證考試 / 請教幾題
« 於: 2005-03-17 21:58 »
What is a X-client
A:a computer which uses the X11 Protocol to communicate
B:a computer which uses a super-computer to run applications which       are displayed on the local screen
C:a program which is dispayed on a graphical screen of an X Server
D:a computer which offers displaying on its screen
E:a computer with a graphical user interface using X11

AN:C??

What would the following command search for?
find . -size 25k
A:All files inside the current directory, which are bigger than 25 KBytes
B:All files inside the current directory, which are smaller than 25 KBytes
C:All files inside the current directory and all included subdirectories, which are bigger than 25 KBytes
D:All files inside the current directory and all included subdirectories, which are smaller than 25 KBytes
E:All files inside the current directory and all included subdirectories, which are exactly 25 KBytes big

AN:D??

User Bertha is member of different groups. How could you ensure, that
her default group is foobar?
A:Add the line "chgrp foobar" inside her startup script
B:Ensure that the groupname foobar is the first entry in her /etc/group line
C:Ensure that the GID of foobar is placed in her /etc/passwd entry
D:Ensure that the GID of foobar is the lowest GID of all her GIDs
E:Ensure that the GID of foobar is the highest GID of all her GIDs

AN:B???

How could you try to stop a hung process which refuses to accept keyboard input?
A:Ctrl-C
B:Ctrl-S
C:kill -9 PID
D:kill PID
E:ipcsend SIGKILL PID

AN:A,C,D??

You want to install a RPM packet file foobar.rpm on a debian system. What command would you use to convert the rpm-file into debian deb format?
A:alien --to-deb foobar.rpm
B:rpmtodeb foobar.rpm
C:rpm2deb foobar.rpm
D:pcktconv --to-deb foobar.rpm
E:pcktconv -o foobar.deb foobar.rpm

Which directory contains the essential commands needed on bootup?
A:/usr/bin
B:/bin
C:/etc
D:/boot
E:/lib

In the directory /home/foo exists a file named bar which is a symbolic link to the file foobar in the same directory, created with the command
ln -s foobar bar If you would copy the link to /tmp using the command
cp -d /home/foo/bar /tmp what would happen?
A:The destination /tmp/bar is a symbolic link to /tmp/foobar
B:The destination /tmp/bar is a symbolic link to /home/foo/foobar
C:The destination /tmp/bar is a regular file with the same content as /home/foo/foobar
D:The destination /tmp/bar is a hardlink using the same inode as /home/foo/foobar
E:The destination /tmp/bar is a hardlink using the same inode as /home/foo/bar

23
Linux 討論版 / 正規法的方式
« 於: 2004-11-29 14:46 »
請問一下~顯示檔案中包含3位4位和5位數的每一列是要怎麼表示
原本的想法是grep '[0-9]\{3,5\}' file1後來發現這樣是不行的~這把每行只要有3個數字的都印中來甚至超過5位數,我在書上看到grep '\<[0-9]\{3,5\}\>' file1
在經過試過後就可以了,但是小弟想知道在他們前面的\(跳脫字元)分別跳脫<>這2個符號那麼"<>"這2個符號在這正規法中是扮演什麼角色阿?

頁: [1]