Netkiller Linux 手札
   下一页
Home | http://netkiller.sourceforge.net/ | Mirror 1

Netkiller Linux 手札

Debian/Ubuntu Cookbook

Mr. Neo Chan, 陈景峰

 


中国广东省深圳市宝安区龙华镇
518109
+86 755 29812080
+86 755 29812080

文档出处
 http://netkiller.8800.org/
 http://netkiller.hikz.com/
 http://netkiller.homelinux.org/

版权 © 2006, 2007, 2008, 2009, 2010 Netkiller(Neo Chan). All rights reserved.

版权声明

转载请与作者联系,转载时请务必标明文章原始出处和作者信息及本声明。

文档最近一次更新于 Sat Feb 27 02:07:00 UTC 2010

内容摘要

本文档讲述Linux系统涵盖了系统管理与配置包括:

  1. 域名服务器,代理服务器,防火墙,VPN

  2. WEB服务器 lighttpd apache fastcgi mod_php mod_perl

  3. 数据库服务器,mysql/mysql cluster postgresql

  4. 数据同步,镜像,备份,恢复

  5. 系统/网络监控

  6. 集群,负载均衡

对初学Linux的爱好者忠告

玩Linux最忌reboot(重新启动)这是windows玩家坏习惯

Linux只要接上电源你就不要再想用reboot,shutdown,halt,poweroff命令,Linux系统和应用软件一般备有reload,reconfigure,restart/start/stop...不需要安装软件或配置服务器后使用reboot重新引导计算机

在Linux系统里SIGHUP信号被定义为刷新配置文件,有些程序没有提供reload参数,你可以给进程发送HUP信号,让它刷新配置文件,而不用restart.通过pkill,killall,kill 都可以发送HUP信号例如: pkill -HUP httpd

系列文档

下面是我多年积累下来的经验整理文档供大家参考:

Netkiller Linux 手札 | Netkiller Ubuntu 手札 | Netkiller CentOS 手札 | Netkiller Shell 手札

Netkiller Developer 手札 | Netkiller Version Control 手札 | Netkiller Database 手札 | Netkiller LDAP 手札

Netkiller Architect 手札 | Netkiller Security 手札 | Netkiller Cisco IOS 手札

Netkiller Postfix 手札 | Netkiller Document 手札 | Netkiller FreeBSD 手札

鸣谢

目录

自述
本文目的
内容简介
读者对象
作者简介
联系作者
1. Introduction
Open Source and License
Distribution information
Linux Installation
I. System
2. Ubuntu Server Edition
3. CentOS - The Community ENTerprise Operating System
II. Network Application
4. network tools
curl / w3m / lynx
iptraf - Interactive Colorful IP LAN Monitor
5. DHCP
DHCP Server
dhclient
release matching connections
6. DNS/Bind
bind9
Load Balancing
view
tools
7. Proxy Server
Apache Proxy
Squid - Internet Object Cache (WWW proxy cache)
源码安装
debian/ubuntu 安装
配置
Squid 管理
禁止页面被Cache
Squid 实用案例
Web page proxy
Surrogafier
CGIproxy
PHPProxy
BBlocked
Glype
Zelune
SOCKS
Socks5
dante-server - SOCKS (v4 and v5) proxy daemon(danted)
hpsockd - HP SOCKS server
8. Point to Point
download
rtorrent - ncurses BitTorrent client based on LibTorrent
mldonkey-server - Door to the 'donkey' network
amule - client for the eD2k and Kad networks, like eMule
9. News Group (innd)
User Authentication
usenet 管理
通过SSL连接
src.rpm 安装
10. IRC - Internet Relay Chat
ircd-irc2 - The original IRCNet IRC server daemon
ircd-hybrid
11. jabber
ejabberd - Distributed, fault-tolerant Jabber/XMPP server written in Erlang
ejabberdctl
DJabberd
freetalk - A console based Jabber client
Developer
python-xmpp
12. NET SNMP (Simple Network Management Protocol)
安装SNMP
例出MBI
SNMP v3
Cacti
13. Sniffer
nmap - Network exploration tool and security / port scanner
tcpdump - A powerful tool for network monitoring and data acquisition
监控网络但排除 SSH 22 端口
monitor mysql tcp package
nc - TCP/IP swiss army knife
Nessus
14. OpenSSH
maximum number of authentication
disable root SSH login
Automatic SSH / SSH without password
disable password authentication
Putty
OpenSSH Tunnel
SOCKS v5 Tunnel
OpenSSH for Windows
15. Network Authentication
OpenLDAP
Server
Client
User and Group Management
FreeRADIUS
ldap
mysql
WAP2 Enterprise
Kerberos
CentOS 安装
Install by apt-get
生成kerberos的本地数据库
16. IP,Router And LAN (Local Area Network)
iproute2
添加路由
删除路由
增加默认路由
cache
策略路由
负载均衡
MASQUERADE
ip tunnel
VLAN
Zebra
17. Firewall
sysctl - configure kernel parameters at runtime
net.ipv4.ip_forward
iptables - administration tools for packet filtering and NAT
Getting Started
User-defined Chain
Common Chains Filtering
Interfaces
IP Addresses
Ports and Protocols
IPTables and Connection Tracking
NAT
IPV6
ulogd - The Netfilter Userspace Logging Daemon
ufw - program for managing a netfilter firewall
/etc/default/ufw
ip_forward
DHCP
Samba
Firewall GUI Tools
Shorewall Tools
Endian Firewall
Smooth Firewall
18. OpenVPN (openvpn - Virtual Private Network daemon)
Openvpn Server
Openvpn Client
OpenVPN GUI for Windows
Windows Server
Windows Client
point-to-point VPNs
源码安装
vpn 案例
19. pptpd
20. Ipsec VPN
openswan - IPSEC utilities for Openswan
strongswan - IPSec utilities for strongSwan
ipsec-tools - IPsec tools for Linux
21. Stunnel - universal SSL tunnel
III. Web Application
22. Lighttpd and fastcgi
quick install with aptitude
to compile and then install lighttpd
shell script
Module
simple-vhost
enable fastcgi
ssl
redirect
rewrite
alias.url
auth
compress module
mod_expire
status
fastcgi
PHP
Python
Perl
23. Nginx
24. LAMP
Install
Quick install apache with aptitude
XAMPP for Linux
Compile and then install Apache
Apache 调优
worker
Listen
Module
Output a list of modules compiled into the server.
Apache Status
Alias / AliasMatch
Redirect / RedirectMatch
Rewrite
Proxy
deflate
mod_expires
Apache Log
跟踪用户的cookie
Charset
PHP 5
Mod Perl
25. Tomcat 安装与配置
install java
install tomcat
Connector
mod_jk
mod_proxy_ajp
RewriteEngine 连接 Tomcat
Testing file
Script 1
Shell Script 2
26. Resin
安装Resin
Debian/Ubuntu
源码安装Resin
Compiling mod_caucho.so
27. Application Service
Zope
JBoss - JBoss Enterprise Middleware
28. Search Engine
Solr
Embedded Jetty
Jetty
Tomcat
solr-php-client
multicore
中文分词
Nutch
29. Web Server Optimization
ulimit
open files
php.ini
Resource Limits
File Uploads
Session Shared
PATHINFO
APC Cache (php-apc - APC (Alternative PHP Cache) module for PHP 5)
Zend Optimizer
eaccelerator
Memcached
khttpd
30. Web Analysis
综合测试
awstats
webalizer
31. varnish - a state-of-the-art, high-performance HTTP accelerator
Varnish Install
status
varnishadm
清除缓存
log file
IV. File Transfer, Synchronize, Storage And Backup/Restore
32. Download Tools
wget - retrieves files from the web
下载所有图片
axel - A light download accelerator - Console version
33. FTP (File Transfer Protocol)
ncftp
batch command
ncftpget
ncftpput
FileZilla
vsftpd - The Very Secure FTP Daemon
ProFTPD + MySQL / OpenLDAP 用户认证
Proftpd + MySQL
Proftpd + OpenLDAP
Pure-FTPd + LDAP + MySQL + PGSQL + Virtual-Users + Quota
34. Samba
install
smb.conf
Security consideration
by Example
share
user
smbfs
test
smbclient
35. File Synchronize
rsync - fast remote file copy program (like rcp)
install with source
install with aptitude
upload
download
mirror
step by step to learn rsync
rsync examples
rsync for windows
tsync
Unison File Synchronizer
local
remote
config
csync2 - cluster synchronization tool
server
node
test
Advanced Configuration
36. Network Storage - Openfiler
Accounts
Volumes
RAID
iSCSI
Quota
Shares
37. Backup / Restore
Simple Backup
Bacula, the Open Source, Enterprise ready, Network Backup Tool for Linux, Unix, Mac and Windows.
Amanda: Open Source Backup
38. inotify
inotify-tools
Incron - cron-like daemon which handles filesystem events
inotify-tools + rsync
pyinotify
39. Distributed Filesystem
DRBD (Distributed Replicated Block Device)
disk and partition
Installation
configure
Starting
Using
Coda
GlusterFS
MogileFS
Lustre
Hadoop - HDFS
V. Monitor and Assistant
40. System
pmap - report memory map of a process
Webmin
logwatch
nulog
41. Network
Cacti
Nagios
BIG BROTHER
Bandwidth
OpenNMS
42. Web
awstats
webalizer
43. Zenoss
44. Ganglia
VI. Cluster / Load Balancing
45. Linux Virtual Server
环境配置
VS/NAT
VS/TUN
VS/DR
配置文件
ipvsadm script
debug
ipvsadm monitor
46. keepalived
安装
test
47. heartbeat+ldirectord
48. HAProxy - fast and reliable load balancing reverse proxy
VII. Multimedia
49. ImageMagick
install
convert
批量转换
resize
50. How to add metadata to digital pictures from the command line
51. broadcast streaming
gnump3d - A streaming server for MP3 and OGG files
icecast2 - Ogg Vorbis and MP3 streaming media server
installation from source
shoutcast
PeerCast
52. To convert multimedia format
To convert .rm files to .mp3
encode to Macromedia Flash format
VIII. Mail Server
53. mail user agent (MUA)
mutt - text-based mailreader supporting MIME, GPG, PGP and threading
alpine - Text-based email client, friendly for novices but powerful
fetchmail - SSL enabled POP3, APOP, IMAP mail gatherer/forwarder
54. exim4 - meta-package to ease Exim MTA (v4) installation
install
configure
FAQ
Mailing to remote domains not supported
55. postfix - High-performance mail transport agent
install
configure
56. FAQ
POP Sniffer
57. Voice over IP
Gnu Gatekeeper
Gnu Gatekeeper Install
Gnu Gatekeeper Configure
Gnu Gatekeeper Test
Asterisk (OpenSource Linux PBX that supports both SIP and H.323)
OpenSER SIP Server
58. Open Source Distributed Computing
Boinc (berkeley 分布式计算平台)
ubuntu apt-get 安装
rc.local
A. 附录
参考文档
Linux 下载排名
B. 历史记录

表格清单

1.1. Linux partition
17.1. net.ipv4.ip_forward
36.1. Volume Group Management

范例清单

18.1. server.conf
18.2. client.conf
18.3. server.ovpn
18.4. client.ovpn
18.5. openvpn.conf
18.6. office.conf
18.7. home.ovpn
22.1. /etc/init.d/lighttpd
22.2. fastcgi.conf
24.1. index.php
24.2. mod_perl.conf
25.1. /etc/profile.d/java.sh
25.2. /etc/rc.d/init.d/www
28.1. /etc/profile.d/java.sh
29.1. /etc/init.d/memcached
35.1. examples
35.2. backup to a central backup server with 7 day incremental
35.3. backup to a spare disk
35.4. mirroring vger CVS tree
35.5. automated backup at home
35.6. Fancy footwork with remote file lists
35.7. /etc/csync2.cfg
40.1. config.php
41.1. cacti config.php
46.1. keepalived.conf
   下一页
   自述