分类: myPhp

centos5下vsftp 的安装设置

1. #yum install vsftp -y

2. #yum install db4-utils  -y

3.#cd /etc/vsftpd

4. vi vsftpd.conf

anonymous_enable=NO
local_enable=YES
chroot_local_user=YES
guest_enable=YES
guest_username=apache
listen=YES
listen_port=21
anon_umask=022
dirmessage_enable=YES
ftpd_banner=Welcome to FTP service.
local_umask=022
pam_service_name=vsftpd
user_config_dir=/etc/vsftpd/user_conf.d
vsftpd_log_file=/var/log/vsftpd.log
xferlog_enable=YES
xferlog_std_format=YES
pasv_enable=YES
pasv_min_port=30000
pasv_max_port=30999
pasv_promiscuous=YES

max_per_ip=2
max_clients=500
#anon_max_rate=50000
#local_max_rate=50000

5.# mv /etc/pam.d/vsftpd /etc/pam.d/vsftpd.pam

6. #vi /etc/pam.d/vsftpd

auth required /lib/security/pam_userdb.so db=/etc/vsftpd/login
account required /lib/security/pam_userdb.so db=/etc/vsftpd/login

7. #vi /etc/vsftpd/Makefile (只能tab不能有空格)

POSSIBLE += $(shell test -f login && echo login.db)
all: ${POSSIBLE}
%.db: %
 @db_load -T -t hash -f $< $@
clean:
 rm -f *.db *~
start:
 /usr/local/sbin/vsftpd /etc/vsftpd/vsftpd.conf &
stop:
 killall vsftpd

8.#vi /etc/vsftpd/login

第一行帐户名第二行密码

9. #mkdir /etc/vsftpd/user_conf.d

10.#vi /etc/vsftpd/user_conf.d/帐户名

anonymous_enable=NO
dirmessage_enable=YES
guest_enable=YES
guest_username=apache
listen=YES
local_enable=YES
local_root=目录名
local_umask=022

write_enable=YES

anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
anon_umask=022

max_per_ip=0
anon_max_rate=0
local_max_rate=0
data_connection_timeout=300
pasv_enable=YES
pasv_min_port=30000
pasv_max_port=30999

9.#make login.db

10.#vi /etc/sysconfig/iptables

-A RH-Firewall-1-INPUT -p tcp -m state –state NEW -m tcp –dport 21 -j ACCEPT

11.#service iptables retart

12.#chkconfig vsftpd on

13.配置基本就完成了,

mrtg 在centos5 上的安装

1、安装metg包

  # yum -y install mrtg*

2、安装 snmp 包

#yum -y install net-snmp*
#vi /etc/snmp/snmpd.conf

将#view systemview included mib2 修改为 view mib2 included .iso.org.dod.internet.mgmt.mib-2 fc

将 access notConfigGroup “” any noauth exact systemview none none 修改为 access notConfigGroup “” any noauth exact mib2 none none

3、启动snmp

#service snmpd start

#chkconfig –level 2345 snmpd on

查看端口的开启状况 

 netstat -tunlp |grep snmp

tcp        0      0 0.0.0.0:199             0.0.0.0:*               LISTEN      4973/snmpd          

udp        0      0 0.0.0.0:161             0.0.0.0:*                           4973/snmpd

4、MRTG生成供浏览图像需要httpd服务的支持,同时也需要gcc,gd,libpng和zlib四个软件包的支持,而gcc,gd的正常运行也需要其它的几个软件,下面一并安装它们

#yum install –y gcc-*

#yum install –y gd-*

#yum install –y libpng-*

#yum install –y zlib-* 

5、配置 apache

6、生成脚本

# /usr/bin/cfgmaker public@localhost > mrtg.cfg

# /usr/bin/indexmaker -output=/home/website/mrtg/index.html mrtg.cfg

# env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg

使用openvpn做远程登录局域网故障备忘

远程默认连接局域网,常规方法网上到处可见

这里记录最终的server配置文件及client 配置文件

 server.conf

——-

local 192.168.10.2
port 1194
proto tcp
dev tun
ca ca.crt
cert server.crt
key server.key  # This file should be kept secret
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push “route 192.168.10.0 255.255.255.0”
client-config-dir ccd

route 192.168.10.1 255.255.255.0
client-to-client
duplicate-cn
keepalive 10 120
tls-auth ta.key 0 # This file is secret
comp-lzo
max-clients 100
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
log         /var/log/openvpn.log
log-append  /var/log/openvpn.log
verb 3
mute 20

——

client.ovpn

———-

client
dev tun
proto tcp
remote vpnservicename 1194
resolv-retry infinite
nobind
user nobody
group nobody
persist-key
persist-tun
ca ca.crt
cert zb02.crt
key zb02.key
ns-cert-type server
tls-auth ta.key 1
comp-lzo
verb 3
route 192.168.10.0 255.255.255.0 10.8.0.1

———–

iptables 需要增加内容

-A RH-Firewall-1-INPUT -p udp -m udp –dport 1194 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp –dport 1194 -j ACCEPT

-A RH-Firewall-1-INPUT -j REJECT –reject-with icmp-host-prohibited

shell#>iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j MASQUERADE

mysql 进程中总是有很多 unauthenticated user 用户

多机连接 mysql,做服务器群,最近总发现有很多 unauthenticated user ,经查询是mysql 做反查超时造成的,

查了些资料说要修改 my.inf ,同时要增加 hosts 文件中关于服务器的地址。不知道是否真的管用,还需要在观察些时间吧 

port=3306

set-variable = key_buffer_size=64M
set-variable = max_connections=1024
set-variable = interactive_timeout=30
set-variable = wait_timeout=30
set-variable = join_buffer_size=10M
set-variable = long_query_time=20
set-variable = table_cache=256
set-variable = sort_buffer=4M
set-variable = record_buffer=1M
set-variable = back_log=500

skip-name-resolve
skip-locking