Home
|
簡體中文
|
繁體中文
|
雜文
|
知乎專欄
|
Github
|
OSChina 博客
|
雲社區
|
雲棲社區
|
Facebook
|
Linkedin
|
視頻教程
|
打賞(Donations)
|
About
部分 III. Network Application
上一頁
下一頁
知乎專欄
|
多維度架構
微信號 netkiller-ebook | QQ群:128659835 請註明“讀者”
部分 III. Network Application
目錄
30. Networking 網絡管理
30.1. hosts
30.1.1. /etc/hostname
30.1.2. hostnamectl - Control the system hostname
30.1.3. /etc/host.conf
30.1.4. /etc/hosts
30.1.5. hosts.allow / hosts.deny
30.1.6. /etc/resolv.conf
30.2. Network adapter 網絡適配器
30.2.1. 介面名稱
30.3. Ethernet Interfaces 乙太網介面
30.3.1. ifquery
30.3.2. DHCP
30.3.3. CentOS
30.3.4. Ubuntu
30.4. Gateway 設置預設網關
30.4.1. CentOS
30.5. 配置 DNS
30.5.1. 常規 DNS 配置 /etc/resolv.conf
30.5.2. 安全 DNS 配置
30.5.2.1. 啟用 DNS over TLS
30.5.2.2. 啟用 DNSSEC
30.5.2.3. 同時啟用 DNS over TLS 和 DNSSEC
30.5.2.4. 配置 NetworkManager
30.6. IP forwarding(IP轉發)
30.7. bonding
30.7.1. bonding
30.7.2. Ubuntu
30.8. brctl
30.9. Wireless - WiFi 配置
30.9.1. rfkill - tool for enabling and disabling wireless devices
30.9.2. iwlist - Get more detailed wireless information from a wireless interface
30.9.3. iwconfig - configure a wireless network interface
30.9.4. /proc/net/wireless
30.10. CentOS 8
30.10.1. nmtui - Text User Interface for controlling NetworkManager
30.10.2. nmcli - command-line tool for controlling NetworkManager
30.10.2.1. 查看連接狀態
30.10.2.2. 查看介面狀態
30.10.2.3. 添加介面
30.10.2.4.
30.10.2.5. 停止介面
30.10.2.6.
30.10.2.7. 顯示設備信息
30.11. 網絡檢查命令
30.11.1. ping
30.11.2. Finding optimal MTU
30.11.3. ss - another utility to investigate sockets
30.12. Ubuntu netplan (Ubuntu 18.04 之後才用 netplan 管理網絡)
30.13. Linux IP And Router
30.13.1. netmask
30.13.1.1. iptab
30.13.1.2. netmask - a netmask generation and conversion program
30.13.2. arp - manipulate the system ARP cache
30.13.2.1. display hosts
30.13.2.2. delete a specified entry
30.13.2.3. /proc/net/arp
30.13.2.4. /etc/ethers
30.13.3. iproute2
30.13.3.1.
30.13.3.2. 添加路由
30.13.3.3. 刪除路由
30.13.3.4. 變更路由
30.13.3.5. 替換已有的路由
30.13.3.6. 增加預設路由
30.13.3.7. cache
30.13.4. 策略路由
30.13.5. 負載均衡
30.13.6. MASQUERADE
30.13.7. ip tunnel
30.13.8. VLAN
30.13.9. Zebra
31. OpenNTPD
31.1. install
31.1.1. ntpd - Network Time Protocol (NTP) daemon
31.1.2. Ubuntu
31.1.3. ntpdate
31.2. ntpdate
31.2.1. CentOS 7
31.2.2. CentOS 6
31.3. ntpd.conf / ntp.conf
31.3.1. server 配置
31.3.2. ntp 安全設置
31.4. ntpstat - show network time synchronisation status
31.5. ntpq - standard NTP query program
32. DHCP
32.1. DHCP Server
32.2. dhclient
32.3. release matching connections
33. DNS/Bind
33.1. 安裝 bind9
33.2. forwarders
33.3. Load Balancing
33.4. view
33.5. Master / Slave
33.5.1. master /etc/named.conf
33.5.1.1. /var/named/example.com.zone
33.5.1.2. /var/named/example.com.zone
33.5.2. slave /etc/named.conf
33.5.3. FAQ
33.5.3.1. Master 更改後 Slave 不同步
33.5.3.2. Master 與 Slave 的 Test
33.6. DNS tools
33.6.1. dig - DNS lookup utility
33.6.1.1. any
33.6.1.2. ns
33.6.1.3. A
33.6.1.4. mx
33.6.1.5. cname
33.6.1.6. txt
33.6.1.7. -x addr 反向解析
33.6.1.8. web dig
33.6.2. nslookup - query Internet name servers interactively
33.6.2.1. 刷新 DNS 解析緩存
33.6.2.2. 查看NS記錄
33.6.2.3. Mx 記錄
33.6.2.4. txt
33.7. DNS
33.7.1. OpenDNS
33.7.2. Google DNS
33.8. NamedManager
34. dnsmasq
34.1. Install
34.1.1. CentOS / Redhat
34.1.2. Debian / Ubuntu
34.1.3. Firewall 設置
34.2. /etc/dnsmasq.conf
34.3. dnsmasq.resolv.conf
34.4. dnsmasq.hosts
34.5. /etc/dnsmasq.d/dnsmasq.server.conf
34.6. /etc/dnsmasq.d/dnsmasq.address.conf
34.6.1. 域名劫持
34.7. FAQ
35. rinetd — internet “redirection server”
35.1. rinetd install
35.1.1. ubuntu
35.1.2. centos
35.2. rinetd.conf
35.3. 防禦腳本
35.4. rinetd.log
36. News Group (innd)
36.1. Ubuntu
36.2. CentOS
36.3. User Authentication
36.4. usenet 管理
36.5. 通過SSL連接
36.6. src.rpm 安裝
36.7. 常用新聞組
37. IRC - Internet Relay Chat
37.1. IRC Protcol
37.2. IRC Commands
37.3. ircd-irc2 - The original IRCNet IRC server daemon
37.4. ircd-hybrid
37.5. IRC Client
37.5.1. Irssi - a modular IRC client for UNIX
37.5.1.1. 安裝 Irssi
37.5.1.2. irssi 命令參數
37.5.1.3. network
37.5.1.4. server
37.5.2. ircII - interface to the Internet Relay Chat system
37.5.3. HydraIRC
37.5.4. XChat
37.5.5. F-IRC
37.6. Web IRC
37.6.1. QuakeNet Web IRC
37.6.2. freenode
37.6.3. Web IRC
37.6.4. hackint
38. jabber XMPP
38.1. ejabberd - Distributed, fault-tolerant Jabber/XMPP server written in Erlang
38.1.1. ejabberdctl
38.2. tigase
38.3. Openfire
38.4. DJabberd
38.5. freetalk - A console based Jabber client
38.6. library
38.6.1. python-xmpp
39. Proxy Server
39.1. Apache Proxy
39.2. Squid - Internet Object Cache (WWW proxy cache)
39.2.1. 源碼安裝
39.2.2. debian/ubuntu 安裝
39.2.3. 配置
39.2.3.1. 正向代理
39.2.3.2. 代理伺服器
39.2.3.3. Squid作為反向代理Cache伺服器(Reverse Proxy)
39.2.3.4. 代理+反向代理
39.2.4. Squid 管理
39.2.4.1. squidclient
39.2.4.2. reset cache
39.2.5. 禁止頁面被Cache
39.2.6. Squid 實用案例
39.2.6.1. Squid Apache/Lighttpd 在同一台伺服器上
39.2.6.2. 用非 root 用戶守護 Squid
39.2.7. squid+icap+clamav
39.3. Web page proxy
39.3.1. Surrogafier
39.3.2. CGIproxy
39.3.3. PHPProxy
39.3.4. BBlocked
39.3.5. Glype
39.3.6. Zelune
39.4. Socks/Socks5
39.4.1. Socks5
39.4.2. dante-server - SOCKS (v4 and v5) proxy daemon(danted)
39.4.3. SSH Socks5 Tunnel
39.4.4. hpsockd - HP SOCKS server
39.4.5. Shadowsocks - A secure socks5 proxy, designed to protect your Internet traffic.
39.4.5.1. Server
39.4.5.1.1. Python PyPI
39.4.5.1.2. GitHub
39.4.5.2. ssserver 命令
39.4.5.3. Client
39.4.5.3.1. Shadowsocks for Windows
40. Firewall
40.1. TCP/IP 相關內核配置項
40.1.1. net.ipv4.ip_forward
40.1.2. net.ipv4.icmp_echo_ignore_all
40.2. iptables - administration tools for packet filtering and NAT
40.2.1. Getting Started
40.2.1.1. CentOS/Redhat TUI 工具
40.2.2. 用戶自定義規則連
40.2.2.1. Chains List
40.2.2.2. Chains Refresh
40.2.2.3. Chains Admin
40.2.2.4. 重置
40.2.3. Protocols 協議
40.2.4. Interfaces 網絡適配器介面
40.2.5. 源IP地址
40.2.6. Ports 連接埠
40.2.6.1. range
40.2.6.2. multiport
40.2.7. NAT
40.2.7.1. Redirect
40.2.7.2. Postrouting and IP Masquerading
40.2.7.3. Prerouting
40.2.7.4. DNAT and SNAT
40.2.7.5. DMZ zone
40.2.8. Module(模組)
40.2.8.1. IPTables and Connection Tracking
40.2.8.2. string
40.2.8.3. connlimit
40.2.8.4. recent
40.2.8.5. limit
40.2.8.6. nth
40.2.8.6.1. DNAT
40.2.8.6.2. SNAT
40.2.8.7. random 模組
40.2.9. IPV6
40.2.10. iptables-xml - Convert iptables-save format to XML
40.2.11. access.log IP封鎖腳本
40.2.12. Example
40.2.12.1. INPUT Rule Chains
40.2.12.1.1. OpenSSH
40.2.12.1.2. FTP
40.2.12.1.3. DNS
40.2.12.1.4. WWW
40.2.12.1.5. SOCKS5
40.2.12.1.6. Mail Server
40.2.12.1.7. MySQL
40.2.12.1.8. PostgreSQL
40.2.12.1.9. DHCP
40.2.12.1.10. Samba
40.2.12.1.11. ICMP
40.2.12.1.12. 禁止IP訪問自己
40.2.12.1.13. DENY
40.2.12.2. OUTPUT Rule Chains
40.2.12.2.1. outbound
40.2.12.2.2. ICMP
40.2.12.2.3. NFS
40.2.12.2.4. SSH
40.2.12.2.5. 禁止自己訪問某個IP
40.2.12.3. Forward
40.2.12.3.1. TCPMSS
40.2.12.4. Malicious Software and Spoofed IP Addresses
40.2.12.5. /etc/sysconfig/iptables 操作系統預設配置
40.3. ulogd - The Netfilter Userspace Logging Daemon
40.4. ufw - program for managing a netfilter firewall
40.4.1. /etc/default/ufw
40.4.2. ip_forward
40.4.3. DHCP
40.4.4. Samba
40.5. CentOS 7 Firewalld
40.5.1. 如果你不習慣使用firewalld想用回Iptables
40.5.2. 安裝 firewalld
40.5.3. firewalld 配置檔案
40.5.3.1. 規則配置檔案
40.5.3.2. 服務配置檔案
40.5.3.3. 區域配置檔案
40.5.4. firewall-cmd
40.5.4.1. 查看版本號
40.5.4.2. 查看幫助
40.5.4.3. 顯示狀態
40.5.4.4. 重新載入防火牆規則
40.5.4.5. 持久化
40.5.4.6. 檢查配置正確性
40.5.4.7. 日誌選項
40.5.4.8. 拒絶所有包
40.5.4.9. 直接模式
40.5.5. 區域
40.5.5.1. 查看區域
40.5.5.2. 查看預設區域
40.5.5.3. 設置預設區域
40.5.5.4. 查看區域對應的網絡介面
40.5.5.5. 查看指定區域的所有配置
40.5.5.6. 查看所有區域的配置信息
40.5.5.7. 刪除區域
40.5.5.8. 區域介面
40.5.5.8.1. 介面列表
40.5.5.8.2. 查詢介面所在區域
40.5.5.8.3. 設置區域介面
40.5.5.9. 更在區域介面
40.5.6. 連接埠操作
40.5.6.1. 開放連接埠
40.5.6.2. 查看連接埠狀態
40.5.6.3. 禁用連接埠
40.5.6.4. 指定連接埠協議
40.5.6.5. 連接埠轉發
40.5.6.6. IP 轉發
40.5.7. 服務
40.5.7.1. 查看可用的伺服器
40.5.7.2. 啟用服務
40.5.7.3. 禁用服務
40.5.7.4. 指定區域添加服務
40.5.7.5. 查詢服務狀態
40.5.7.6. 查看持久化服務
40.5.8. IP 偽裝
40.5.8.1. 開啟 IP 偽裝
40.5.8.2. 查看 IP 偽裝
40.5.8.3. 關閉 IP 偽裝
40.5.9. 富規則
40.6. Shorewall
40.6.1. Installation Instructions
40.6.1.1. Install using RPM
40.6.1.2. Install using apt-get
40.6.2. Configuring Shorewall
40.6.2.1. zones
40.6.2.2. policy
40.6.2.3. interfaces
40.6.2.4. masq
40.6.2.5. rules
40.6.2.6. params
40.7. Firewall GUI Tools
40.8. Endian Firewall
40.9. Smooth Firewall
40.10. Sphirewall
41. Stunnel - universal SSL tunnel
42. OpenSSH
42.1. 安裝 OpenSSH
42.2. /etc/ssh/
42.2.1. IP地址限制
42.2.2. sshd_config
42.2.2.1. Authentication 配置
42.2.2.2. Automatic SSH / SSH without password
42.2.2.3. disable password authentication
42.2.2.4. GSSAPI options
42.2.2.5. 忽略known_hosts檔案
42.2.2.6. UseDNS no
42.2.2.7. 禁止root用戶登錄
42.2.2.8. 限制SSH驗證重試次數
42.2.2.9. 禁止證書登陸
42.2.2.10. 使用證書替代密碼認證
42.2.2.11. 圖形窗口客戶端記憶密碼的問題
42.2.2.12. 用戶白名單權限控制
42.2.2.13. 用戶黑名單控制
42.2.2.14. 組白名單權限
42.2.2.15. 組黑名單權限
42.2.2.16. 禁止SSH連接埠映射
42.2.3. ssh_config
42.2.3.1. ForwardAgent
42.2.4. ~/.ssh/config
42.3. ssh client
42.3.1. -o option 參數詳解
42.4. OpenSSH Tunnel
42.4.1. SOCKS v5 Tunnel
42.5. ssh-keygen — authentication key generation, management and conversion
42.5.1. .ssh/known_hosts
42.6. ssh-keyscan
42.7. ssh-copy-id - install your public key in a remote machine's authorized_keys
42.8. ssh-agent
42.8.1. ssh-add
42.8.2. Lock / Unlock agent
42.8.3. Set lifetime (in seconds) when adding identities.
42.9. OpenSSH for Windows
42.9.1. Putty Client
42.10. Google Authenticator - Android Apps on Google Play
42.11. 禁止SSH密碼窮舉
42.12. FAQ
42.12.1. Pseudo-terminal will not be allocated because stdin is not a terminal.
42.12.2. 去掉 passphrase
42.12.3. 打印調試信息
43. VPN (Virtual Private Network)
43.1. OpenVPN (openvpn - Virtual Private Network daemon)
43.1.1. 安裝 OpenVPN Server
43.1.1.1. 源碼安裝
43.1.1.2. Ubuntu
43.1.1.2.1. create keys for the server
43.1.1.2.2. create keys for the clients
43.1.1.3. CentOS
43.1.2. Easy-RSA 3
43.1.2.1. 吊銷用戶證書
43.1.2.2. 導出 PKCS 7/PKCS 12 證書
43.1.2.3. 查看請求檔案
43.1.2.4. 查看證書
43.1.2.5. 導入 req 檔案
43.1.2.6. 更新資料庫
43.1.2.7. Easy-RSA 2 吊銷(revoke)用戶證書
43.1.3. Openvpn Client
43.1.4. OpenVPN GUI for Windows
43.1.4.1. Windows Server
43.1.4.2. Windows Client
43.1.4.2.1. 客戶端路由設置
43.1.5. point-to-point VPNs
43.1.6. VPN 案例
43.1.6.1. server and client vpn
43.1.6.2. Ethernet Bridging Example
43.1.6.3. IDC Example
43.1.7. OpenVPN安全
43.2. pptpd
43.2.1. Server 服務端
43.2.2. Client 客戶端
43.2.2.1. 創建賬號
43.2.2.2. 內核模組安裝
43.2.2.3. 撥入VPN
43.2.2.4. 路由配置
43.2.2.4.1. 自動配置路由
43.2.2.4.2. 手工配置路由
43.2.3. FAQ
43.2.3.1. 800 錯誤
43.2.3.2. 測試 PPTP 連接埠
43.2.3.3. debug
43.3. l2tpd - dummy package for l2tpd to xl2tpd transition
43.4. strongswan - IPSec utilities for strongSwan
43.4.1. 安裝 strongswan VPN 伺服器
43.4.2. 防火牆配置
43.4.3. 配置 IPSEC
43.4.4. Windows 10 VPN 客戶端配置
43.4.5. FAQ
43.4.5.1. 查看證書信息
43.5. openswan - IPSEC utilities for Openswan
43.6. Ipsec VPN
43.6.1. ipsec-tools - IPsec tools for Linux
43.7. N2N VPN
43.8. Hypersocket VPN
44. Point to Point
44.1. download
44.1.1. rtorrent - ncurses BitTorrent client based on LibTorrent
44.1.2. mldonkey-server - Door to the 'donkey' network
44.1.3. amule - client for the eD2k and Kad networks, like eMule
1. tc - show / manipulate traffic control settings
1.1. 模擬網絡丟包
tc qdisc add dev eth0 root netem corrupt 0.2% loss 10%
Please enable JavaScript to view the
comments powered by Disqus.
