<![CDATA[包子博客]]> http://blog.iloveu.sh.cn/ PJBlog3 2012-01-04T21:37:28+08:00 <![CDATA[Linux Web服务器网站故障分析常用的命令]]> 冷酷到底 http://blog.iloveu.sh.cn/ seganert@iloveu.sh.cn 2012-01-04T21:37:28+08:00 2012-01-04T21:37:28+08:00 1.查看TCP连接状态
netstat -nat |awk '{print $6}'|sort|uniq -c|sort -rn

netstat -n | awk '/^tcp/ {++S[$NF]};END {for(a in S) print a, S[a]}' 或
netstat -n | awk '/^tcp/ {++state[$NF]}; END {for(key in state) print key,"t",state[key]}'
netstat -n | awk '/^tcp/ {++arr[$NF]};END {for(k in arr) print k,"t",arr[k]}'

netstat -n |awk '/^tcp/ {print $NF}'|sort|uniq -c|sort -rn

netstat -ant | awk '{print $NF}' | grep -v '[a-z]' | sort | uniq -c



2.查找请求数请20个IP(常用于查找攻来源):

netstat -anlp|grep 80|grep tcp|awk '{print $5}'|awk -F: '{print $1}'|sort|uniq -c|sort -nr|head -n20

netstat -ant |awk '/:80/{split($5,ip,":");++A[ip[1]]}END{for(i in A) print A[i],i}' |sort -rn|head -n20



3.用tcpdump嗅探80端口的访问看看谁最高

tcpdump -i eth0 -tnn dst port 80 -c 1000 | awk -F"." '{print $1"."$2"."$3"."$4}' | sort | uniq -c | sort -nr |head -20


4.查找较多time_wait连接

netstat -n|grep TIME_WAIT|awk '{print $5}'|sort|uniq -c|sort -rn|head -n20

5.找查较多的SYN连接

netstat -an | grep SYN | awk '{print $5}' | awk -F: '{print $1}' | sort | uniq -c | sort -nr | more

6.根据端口列进程

netstat -ntlp | grep 80 | awk '{print $7}' | cut -d/ -f1


网站日志分析篇1(Apache):

1.获得访问前10位的ip地址

cat access.log|awk '{print $1}'|sort|uniq -c|sort -nr|head -10
cat access.log|awk '{counts[$(11)]+=1}; END {for(url in counts) print counts[url], url}'

2.访问次数最多的文件或页面,取前20

cat access.log|awk '{print $11}'|sort|uniq -c|sort -nr|head -20

3.列出传输最大的几个exe文件(分析下载站的时候常用)

cat access.log |awk '($7~/.exe/){print $10 " " $1 " " $4 " " $7}'|sort -nr|head -20

4.列出输出大于200000byte(约200kb)的exe文件以及对应文件发生次数

cat access.log |awk '($10 > 200000 && $7~/.exe/){print $7}'|sort -n|uniq -c|sort -nr|head -100

5.如果日志最后一列记录的是页面文件传输时间,则有列出到客户端最耗时的页面

cat access.log |awk  '($7~/.php/){print $NF " " $1 " " $4 " " $7}'|sort -nr|head -100

6.列出最最耗时的页面(超过60秒的)的以及对应页面发生次数

cat access.log |awk '($NF > 60 && $7~/.php/){print $7}'|sort -n|uniq -c|sort -nr|head -100

7.列出传输时间超过 30 秒的文件

cat access.log |awk '($NF > 30){print $7}'|sort -n|uniq -c|sort -nr|head -20

8.统计网站流量(G)

cat access.log |awk '{sum+=$10} END {print sum/1024/1024/1024}'

9.统计404的连接

awk '($9 ~/404/)' access.log | awk '{print $9,$7}' | sort

10. 统计http status

cat access.log |awk '{counts[$(9)]+=1}; END {for(code in counts) print code, counts[code]}'
cat access.log |awk '{print $9}'|sort|uniq -c|sort -rn

10.蜘蛛分析,查看是哪些蜘蛛在抓取内容。

/usr/sbin/tcpdump -i eth0 -l -s 0 -w - dst port 80 | strings | grep -i user-agent | grep -i -E 'bot|crawler|slurp|spider'


网站日分析2(Squid篇)按域统计流量

zcat squid_access.log.tar.gz| awk '{print $10,$7}' |awk 'BEGIN{FS="[ /]"}{trfc[$4]+=$1}END{for(domain in trfc){printf "%st%dn",domain,trfc[domain]}}'


数据库篇
1.查看数据库执行的sql

/usr/sbin/tcpdump -i eth0 -s 0 -l -w - dst port 3306 | strings | egrep -i 'Select|Update|Delete|Insert|SET|COMMIT|ROLLBACK|Create|Drop|Alter|CALL'


系统Debug分析篇
1.调试命令
strace -p pid
2.跟踪指定进程的PID
gdb -p pid
]]> http://blog.iloveu.sh.cn/default.asp?id=330 <![CDATA[[教程] DHD 刷机失败变砖的自救方法]]> 冷酷到底 http://blog.iloveu.sh.cn/ seganert@iloveu.sh.cn 2011-12-22T09:04:20+08:00 2011-12-22T09:04:20+08:00



1. 在PC 上安装配置Android SDK 刷机失败后手机变砖无法在手机上完成操作,智能借助Android SDK工具,所以你必须在操作的PC上下载并安装Android SDK程序,程序下载地址和安装配置方法见Android SDK官网 http://developer.android.com/sdk/

2. 安装Android 手机USB 驱动程序 安装完Android SDK后就可以把手机通过USB线缆连接至PC,开启手机电源后PC会提示安装设备驱动程序,不要让系统自动查找驱动程序安装,选择自定义驱动程序位置,因为已经安装了Android SDK,驱动程序的位置默认为Android SDK的安装目录下的usb_driver子目录,选择从这个目录安装驱动程序。

3. 下载一个可用Recovery 程序 变砖的Android手机能否复活的关键就是Recovery程序,因为recovery程序意味着你可以再次刷新的ROM,相当于给PC重新安装操作系统。Android平台有很多可用的recovery程序,推荐使用最常见的Clock Recovery程序,注意recovery程序针对不同手机型号有不同版本的程序,下载时注意和手机型号匹配。把下载的recovery程序放在某一目录备用,比如c:\\recovery-RA-Magic-v2.3.1.img

4. 关键步骤:重新给变砖的手机安装recovery 程序 在PC上打开命令提示符(Windows系统,开始,运行,输入cmd回车),输入 #adb devices 回车,如果返回一串序列号说明手机已经正常连接。在命令提示符使用cd命令切换到recovery程序所在的目录。然后输入下面的命令
# adb reboot bootloader 回车后手机应该会进入fastboot模式,然后再执行下面的命令把recovery程序安装到手机上
#fastboot flash recovery-RA-Magic-v2.3.1.img 回车后如果看到下面的提示就说明recovery程序已经成功安装。
fastboot flash recovery recovery-RA-Magic-v2.3.1.img
sending ‘recovery’ (4594 KB)… OKAY
writing ‘recovery’… OKAY
拔掉手机USB连接线,关机,重新按指定键看看是否可以重新进入recovery模式了,到这一部手机已经成功复活了,现在可以重新刷机给手机再安装一个操作系统了。]]> http://blog.iloveu.sh.cn/default.asp?id=329 <![CDATA[RSYNC On Unix & Linux]]> 冷酷到底 http://blog.iloveu.sh.cn/ seganert@iloveu.sh.cn 2011-12-02T10:45:20+08:00 2011-12-02T10:45:20+08:00 软件及平台
FreeBSD 5.2 (Server and Client)
Server IP:172.18.5.251 Hostname: freebsd-1
Client IP:172.18.5.247 Hostname: freebsd-2
apache_1.3.29
rsync-2.5.7
目的
备份Rsync Server(172.18.5.251)上的 /usr/local/www/data-dist 目录下所有内容,到Rsync Client(172.18.5.247)的/backup/www 下

安装及配置

一,Rsync Server
Step 1: 安装
freebsd-1#cd /usr/ports/net/rsync
freebsd-1#make install clean
Step 3: 配置rsyncd.conf
freebsd-1#vi /usr/local/etc/rsyncd.conf //加入以下内容
[www]
comment = web server backup
path = /usr/local/www/data-dist
auth users = tonny
uid = nobody
gid = nogroup
secrets file = /usr/local/etc/rsyncd.secrets
read only = no

Step 4: 配置rsyncd.secrets
freebsd-1#vi /usr/local/etc/rsyncd.secrets //加入以下内容
tonny:123456 // 认证所需的用户名/密码
freebsd-1#chmod 600 rsyncd.secrets

Step 5: 配置rc.conf
freebsd-1#vi /etc/rc.conf //加入以下内容
rsyncd_enable="YES"

Step 6: 启动 Rsync daemon模式
freebsd-1#vi /usr/local/etc/rc.d/rsyncd.sh //加入以下内容
command_args="-4 --daemon" <<<--- 启用ipv4 协议
freebsd-1#/usr/local/etc/rc.d/rsyncd.sh start

Step 7: 检查Rsync daemon启动状态
freebsd-1# sockstat | grep rsync
root rsync 440 3 dgram -> /var/run/log
root rsync 440 4 tcp4 *:873 *:*
二,Rsync Client
Step 1: 安装
freebsd-2#cd /usr/ports/net/rsync
freebsd-2#make install clean

Step 2: 建立备份目录
freebsd-2#cd /
freebsd-2#mkdir -p backup/www

Step 3: 配置rsyncd.secrets
freebsd-2#vi /usr/local/etc/rsyncd.secrets //加入以下内容
123456 //Rsync Server上的认证密码,不用输入用户名
freebsd-2#chmod 600 rsyncd.secrets

Step 4: 检查备份同步状态
freebsd-2#/usr/local/bin/rsync -avzP --delete
--password-file=/usr/local/etc/rsyncd.secrets tonny@172.18.5.251::www
/backup/www/

--->>> 将Rsync Server的Web页面,备份或同步到了Rsync Client的/backup/www下

Step 5: Auto Rsync Shell:
freebsd-2#cd /usr/local/etc/rc.d/
freebsd-2#chmod a-x rsyncd.sh
freebsd-2#vi rsync.sh //加入以下内容
#!/bin/sh
/usr/local/bin/rsync -avzP --delete
--password-file=/usr/local/etc/rsyncd.secrets tonny@172.18.5.251::www
/backup/www/
freebsd-2#chmod a+x rsync.sh
freebsd-2#crontab -e //加入以下内容(每天下午5点半自动备份同步)
30 17 * * * /usr/local/etc/rc.d/rsync.sh
三,高级应用(Rsync With SSH)
Rsync Server
freebsd-1#/usr/bin/ssh-keygen -d
Rsync Client
freebsd-2#/usr/bin/ssh-keygen -d
freebsd-2#scp ~/.ssh/id_dsa.pub 172.18.5.251:/root/.ssh/authorized_keys
freebsd-2#ssh-agent csh 或 (ssh-agent bash) --->>> #echo $SHELL
查看当前SHELL
freebsd-2#ssh-add id_dsa --->>> 输入 passphase

freebsd-2#/usr/local/bin/rsync -avzP --delete -e ssh
172.18.5.251:/usr/local/www/data-dist/ /backup/www/
PS: 参数说明
-a, --archive archive mode, equivalent to -rlptgoD
//档案模式
-v, --verbose
//详细模式
-z, --compress compress file data
//压缩文件
-P equivalent to --partial --progress
//显示进度
--delete
This tells rsync to delete any files on the receiving side
that
aren't on the sending side.
//保持远程机器的文件同步性
-e ssh use SSH connection
//使用SSH连接,保证数据安全

参考
http://rsync.samba.org/ rsync 网站
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/openssh.html
freebsd handbook手册
]]> http://blog.iloveu.sh.cn/default.asp?id=328 <![CDATA[centos 下使用 yum 安装ntfs-3g]]> 冷酷到底 http://blog.iloveu.sh.cn/ seganert@iloveu.sh.cn 2011-11-25T12:09:57+08:00 2011-11-25T12:09:57+08:00
# wget http://dag.wieers.com/rpm/packages/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
# rpm -ivh rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-*
# yum --enablerepo=rpmforge install -y fuse fuse-ntfs-3g dkms dkms-fuse]]> http://blog.iloveu.sh.cn/default.asp?id=327 <![CDATA[天秤座蜜语]]> 冷酷到底 http://blog.iloveu.sh.cn/ seganert@iloveu.sh.cn 2011-11-03T08:53:32+08:00 2011-11-03T08:53:32+08:00 http://blog.iloveu.sh.cn/default.asp?id=326 <![CDATA[最不会谈恋爱的五星座]]> 冷酷到底 http://blog.iloveu.sh.cn/ seganert@iloveu.sh.cn 2011-10-18T10:41:49+08:00 2011-10-18T10:41:49+08:00   天秤座天生就是“逃避专业户”,尤其是和感情有关的问题,天秤座在感情上一直都比较被动,基本上是走配合对方的路线,从感情一开始考虑要不要接受犹豫不决,一直到缘尽时无法抽身,他们很难理出头绪,如果在一段感情中他万般牺牲却又换得被辜负的下场,天秤们往往会消沉好一阵子,甚至可能逃离熟悉的环境到陌生的环境重新开始。



虽然说 都喜欢本分点的女孩。但好像真的对于这种性格 很难和本分的女孩发展到一起。
大家都被动了 还怎么谈朋友和发展起来呢。。
看来我只能和很主动激情 奔放 的人能谈的起来和发展]]> http://blog.iloveu.sh.cn/default.asp?id=325 <![CDATA[Smack That--棚拍比基尼(打酱油视频作品) ]]> 冷酷到底 http://blog.iloveu.sh.cn/ seganert@iloveu.sh.cn 2011-09-07T22:12:07+08:00 2011-09-07T22:12:07+08:00
Flash动画
在线播放

]]> http://blog.iloveu.sh.cn/default.asp?id=324 <![CDATA[COM+ The run-time environment has detected an inco]]> 冷酷到底 http://blog.iloveu.sh.cn/ seganert@iloveu.sh.cn 2011-09-01T10:34:44+08:00 2011-09-01T10:34:44+08:00
Ran into another mine field the other day - blew my foot right off before I could even realize what was happening.

The client received this error:

The run-time environment has detected an inconsistency in its internal state. This indicates a potential instability in the process that could be caused by the custom components running in the COM+ application, the components they make use of, or other factors. Error in d:\nt\com\complus\src\comsvcs\threads\stathread.cpp(284), hr = 80070000: CSTAThread: CoGetApartmentID failed

The run-time environment has detected an inconsistency in its internal state. This indicates a potential instability in the process that could be caused by the custom components running in the COM+ application, the components they make use of, or other factors. Error in d:\nt\com\complus\src\comsvcs\threads\stathread.cpp(271), hr = 80070057: CSTAThread: CoInitializeEx failed

The run-time environment has detected an inconsistency in its internal state. This indicates a potential instability in the process that could be caused by the custom components running in the COM+ application, the components they make use of, or other factors. Error in d:\nt\com\complus\src\comsvcs\threads\stathreadpool.cpp(1230), hr = 8000ffff: CSTAThreadPool: Unable to get bind thread.

The run-time environment has detected an inconsistency in its internal state. This indicates a potential instability in the process that could be caused by the custom components running in the COM+ application, the components they make use of, or other factors. Couldn't get ApartmentID from STAPool

The COM+ component was configured to use a large number of threads on startup but this was working fine for several years in production. The workaround was to reduce the number of pre-allocated threads, but why was this issue surfacing?

As it turns out, the desktop heap size was the root cause. Each process running on the desktop is treated differently for "Interactive User" vs "Non-interactive User". Windows reads a registry key to determine how to treat these groups of users:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\SubSystems\Windows --> SharedSection = 1024,3072,512
You can read up more on this here http://blogs.msdn.com/ntdebugging/archive/2007/01/04/desktop-heap-overview.aspx.

In the settings above, you can see that the heap is set to 3072 KB for Interactive user and just 512 KB for non-interactive users. This heap is used for system resource (e.g. thread handles). The small size prevents dllhost.exe from creating more threads.

By increasing the heap allocated for non-interactive users (from 512 -->1024) the problem was solved.
]]> http://blog.iloveu.sh.cn/default.asp?id=323 <![CDATA[在FreeBSD上建立一个功能完整的邮件服务器]]> 冷酷到底 http://blog.iloveu.sh.cn/ seganert@iloveu.sh.cn 2011-08-30T13:52:37+08:00 2011-08-30T13:52:37+08:00

以下的安装在FreeBSD 5.2.1系统上完成

1.更新 ports

# cvsup -gL 2 -h cvsup.freebsdchina.org /usr/share/examples/cvsup/ports-supfile  


2. 安装 openssl+apache 服务器  

# cd /usr/ports/security/openssl
# make install
# make clean
# cd /usr/ports/www/apache2
# make install  
# make clean  
# vi /etc/rc.conf

apache2_enable="YES"


3. 安装 openwebmail  

# cd /usr/ports/mail/openwebmail/  
# make WITH_QUOTA=yes install
# make clean  


4. 安装 postfix ,在安装过程中用yes回答提出的问题

# cd /usr/ports/mail/postfix/  
# make install
# make clean  

# vi /etc/rc.conf

为了能启动postfix加入:  

sendmail_enable="YES"  
sendmail_flags="-bd"  
sendmail_pidfile="/var/spool/postfix/pid/master.pid"  
sendmail_outbound_enable="NO"  
sendmail_submit_enable="NO"  


5. 安装 vm-pop3d  

# cd /usr/ports/mail/vm-pop3d  
# make install  
# make clean  


6. 配置 postfix  
  
# vi /usr/local/etc/postfix/main.cf  

添加:

myhostname = mail.hotsales.cn
mydomain = mail.hotsales.cn
virtual_alias_maps=hash:/usr/local/etc/postfix/virtual  
alias_maps=hash:/usr/local/etc/postfix/aliases  
default_privs=nobody  
allow_mail_to_commands = alias,forward,include  
allow_mail_to_files = alias,forward,include  


下面我加入一个 mail.hotsales.cn 的虚拟域,并添加一个用户baold
# vi /usr/local/etc/postfix/virtual  

添加:  

mail.hotsales.cn  anything        //之间用[tab]
baold@mail.hotsales.cn   baold.mail.hotsales.cn     //之间用[tab]  

执行下面的命令,生成 virtual.db:  

# cd /usr/local/etc/postfix/
# postmap virtual

# vi /usr/local/etc/postfix/aliases

添加:  

baold.mail.hotsales.cn:/var/spool/virtual/mail.hotsales.cn/baold

执行下面的命令,生成 aliases.db:  

# cd /usr/local/etc/postfix
# postalias aliases

  

7. 配置 vm-pop3d 使其开机自动执行  
  
# cd /usr/local/etc/rc.d
# mv vm-pop3d.sh.sample vm-pop3d.sh

配置 openwebmail 支持 mail.hotsales.cn 域,创建下面的文件:

# vi /usr/local/www/cgi-bin/openwebmail/etc/sites.conf/mail.hotsales.cn  

=========================== mail.hotsales.cn =======================
auth_module auth_vdomain.pl
auth_withdomain yes  
mailspooldir /var/spool/virtual/mail.hotsales.cn
use_syshomedir no  
use_homedirspools no  
enable_autoreply no  
enable_setforward no  
enable_vdomain yes  
vdomain_admlist baold        //这里设置了这个域的管理员
vdomain_maxuser 500  
vdomain_vmpop3_pwdpath /usr/local/etc/virtual
vdomain_vmpop3_pwdname passwd  
vdomain_vmpop3_mailpath /var/spool/virtual  
vdomain_postfix_aliases /usr/local/etc/postfix/aliases  
vdomain_postfix_virtual /usr/local/etc/postfix/virtual  
vdomain_postfix_postalias /usr/local/sbin/postalias  
vdomain_postfix_postmap /usr/local/sbin/postmap  
# quota设置部分
quota_module quota_du.pl
quota_limit 52400           //定义了邮箱大小
quota_threshold 85  
delmail_ifquotahit no  
delfile_ifquotahit no
=========================== mail.hotsales.cn =======================

# mkdir -p /var/spool/virtual/mail.hotsales.cn  
# chown nobody /var/spool/virtual/mail.hotsales.cn  
# chgrp mail /var/spool/virtual/mail.hotsales.cn  

# mkdir -p /usr/local/etc/virtual/mail.hotsales.cn  
# touch /usr/local/etc/virtual/mail.hotsales.cn/passwd  
# chmod 644 /usr/local/etc/virtual/mail.hotsales.cn/passwd  

# htpasswd /usr/local/etc/virtual/mail.hotsales.cn/passwd baold
# chmod 755 /usr/local/www/cgi-bin/openwebmail/etc/users  

# sync
# reboot

8. 最后通过浏览器登陆到OPENWEBMAIL

http://mail.hotsales.cn/cgi-bin/openwebmail/openwebmail.pl



第二部分:防病毒、垃圾邮件:clamav+amavisd-new+spam


1.0 安装clamav:

# cd /usr/ports/security/clamav
# make install
# make clean

# vi /usr/local/etc/clamav.conf  
===============================clamav.conf============================
# Comment or remove the line below.
# Example
LogFile /var/log/clamav/clamd.log
LogFileMaxSize 1M
LogTime
LogVerbose
PidFile /var/run/clamav/clamd.pid
DataDirectory /usr/local/share/clamav
LocalSocket /tmp/clamd
StreamMaxLength 10M
MaxThreads 10
MaxDirectoryRecursion 15
User clamav
ScanMail
ScanArchive
ScanRAR
ArchiveMaxFileSize 10M
ArchiveMaxRecursion 5
ArchiveMaxFiles 1000
ClamukoScanOnOpen
ClamukoScanOnClose
ClamukoScanOnExec
ClamukoIncludePath /var/spool/virtual
ClamukoMaxFileSize 6M
ClamukoScanArchive
===============================clamav.conf============================

1.1 更新病毒库

# /usr/local/etc/rc.d/clamav-freshclam.sh start

2.0 安装amavisd-new

# cd /usr/ports/security/amavisd-new
# make install
# make clean

# cd /usr/local/etc
# mv amavisd.conf-dist amavisd.conf
# vi amavisd.conf
============================== amavisd.conf ===============================
$MYHOME = '/var/amavis';          # (default is '/var/amavis')
$mydomain = 'mail.hotsales.cn';     # (no useful default)
$daemon_user  = 'vscan';         # (no default;  customary: vscan or amavis)
$daemon_group = 'vscan';         # (no default;  customary: vscan or amavis)

$log_level = 0;  

$sa_spam_subject_tag = '***SPAM***'

$virus_admin = "root\@$mydomain";
$spam_admin = "baold\@$mydomain";
$mailfrom_notify_admin     = "baold\@$mydomain";
$mailfrom_notify_recip     = "baold\@$mydomain";
$mailfrom_notify_spamadmin = "baold\@$mydomain";

$inet_socket_bind = '127.0.0.1';
$forward_method = 'smtp:127.0.0.1:10025';
$notify_method = $forward_method;        
$inet_socket_port = 10024;
$max_servers  =  2;

['Clam Antivirus-clamd',
   \&ask_daemon, ["CONTSCAN {}\n", '/tmp/clamd'],
   qr/\bOK$/, qr/\bFOUND$/,
   qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
============================== amavisd.conf ===============================

2.1 要启动clamav和amavisd-new需要配置一下/etc/rc.conf

# vi /etc/rc.conf

spamd_enable="YES"
amavisd_enable="YES
clamav_clamd_enable="YES"


3.0 由于在安装amavisd-new时spamassassin被一起安装了下面对其进行配置

3.1 建立过滤规则:

# cd /usr/local/etc/mail/spamassassin
# env LANG=C vi local.cf
=============================== local.cf ===============================
# SpamAssassin config file for version x.xx
# generated by http://www.yrex.com/spam/spamconfig.php (version 1.01)

# How many hits before a message is considered spam.
required_hits 4.0

# Whether to change the subject of suspected spam
rewrite_subject 1

# Text to prepend to subject if rewrite_subject is used
subject_tag *****SPAM*****

# Encapsulate spam in an attachment
report_safe 1

# Use terse version of the spam report
use_terse_report 0

# Enable the Bayes system
use_bayes 1

# Enable Bayes auto-learning
auto_learn 1

# Enable or disable network checks
skip_rbl_checks 1
use_razor2 0
use_dcc 0
use_pyzor 0

# Mail using languages used in these country codes will not be marked
# as being possibly spam in a foreign language.
# - chinese english  
ok_languages zh en  

# Mail using locales used in these country codes will not be marked
# as being possibly spam in a foreign language.
ok_locales en zh
score SUBJ_FULL_OF_8BITS 2
score NO_REAL_NAME 4.0
=============================== local.cf ===============================

3.2 下载新的垃圾邮件地址列表文件

# cd /usr/local/share/spamassassin
# fetch http://anti-spam.org.cn/rules/sa/55_diy_score.cf


4.0 对POSFIX进行配置,在他的配置文件中添加下面的一些内容

# vi /usr/local/etc/postfix/master.cf

---------------------- master.cf ---------------------
smtp-amavis unix -   -   n     -       2  smtp
        -o smtp_data_done_timeout=1200
        -o disable_dns_lookups=yes
                                                                                
127.0.0.1:10025 inet n -       n       -       -  smtpd
        -o content_filter=
        -o local_recipient_maps=
        -o relay_recipient_maps=
        -o smtpd_restriction_classes=
        -o smtpd_client_restrictions=
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o mynetworks=127.0.0.0/8
---------------------- master.cf ---------------------

# vi /usr/local/etc/postfix/main.cf

content_filter = smtp-amavis:[127.0.0.1]:10024

好了,现在一个基于FreeBSD的功能相对完整的邮件服务器就建立起来了,虚拟域的管理员可以登陆OPENWEBMAIL进行用户的添加、删除等操作,虚拟用户可以通过OPENWEBMAIL修改自己的密码。
]]> http://blog.iloveu.sh.cn/default.asp?id=322 <![CDATA[在Redhat 9下实现双机热备和集群功能]]> 冷酷到底 http://blog.iloveu.sh.cn/ seganert@iloveu.sh.cn 2011-08-30T13:51:14+08:00 2011-08-30T13:51:14+08:00 heartbeat-1.0.4-2.rh.9.um.1.i386.rpm                
heartbeat-pils-1.0.4-2.rh.9.um.1.i386.rpm  
heartbeat-stonith-1.0.4-2.rh.9.um.1.i386.rpm
net-snmp-5.0.6-17.i386.rpm
按顺序一次安装
1、heartbeat-pils-1.0.4-2.rh.9.um.1.i386.rpm
2、net-snmp-5.0.6-17.i386.rpm
3、heartbeat-stonith-1.0.4-2.rh.9.um.1.i386.rpm
4、heartbeat-1.0.4-2.rh.9.um.1.i386.rpm
#rpm -ivh heartbeat-pils-1.0.4-2.rh.9.um.1.i386.rpm
#rpm -ivh net-snmp-5.0.6-17.i386.rpm
#rpm -ivh heartbeat-stonith-1.0.4-2.rh.9.um.1.i386.rpm
#rpm -ivh heartbeat-1.0.4-2.rh.9.um.1.i386.rpm
安装完成之后,开始配置主服务器。配置文件位于/etc/ha.d下,用rpm安装之后不会产生配置文件,需要从/usr/share/doc/heartbeat-1.0.4下,把ha.cf,,,,authkeys,,,,,,,,haresources,,,,三个文件cp到/etc/ha.d下面。
文件在ha.cf是主要heartbeat的配置文件,authkeys是heartbeat的安全配置文件,haresource文件是heartbeat的资源文件
其文件说明如下:
ha.cf
#############################################################################################
#
# There are lots of options in this file.  All you have to have is a set
# of nodes listed {"node ...}
# and one of {serial, bcast, mcast, or ucast}
#
# ATTENTION: As the configuration file is read line by line,
#     THE orDER OF DIRECTIVE MATTERS!
#
#     In particular, make sure that the timings and udpport
#     et al are set before the heartbeat media are defined!
#     All will be fine if you keep them ordered as in this
#     example.
#
#
#       Note on logging:
#       If any of debugfile, logfile and logfacility are defined then they
#       will be used. If debugfile and/or logfile are not defined and
#       logfacility is defined then the respective logging and debug
#       messages will be loged to syslog. If logfacility is not defined
#       then debugfile and logfile will be used to log messges. If
#       logfacility is not defined and debugfile and/or logfile are not
#       defined then defaults will be used for debugfile and logfile as
#       required and messages will be sent there.
#
# File to write debug messages to
debugfile /var/log/ha-debug       【heartbeat的debug信息记录文件】
#
#
#  File to write other messages to
#
logfile /var/log/ha-log    【日志文件】
#
#
# Facility to use for syslog()/logger
#
logfacility local  0            【记录日志在syslog中,可选项】
#
#
# A note on specifying "how long" times below...
#
# The default time unit is seconds
#  10 means ten seconds
#
# You can also specify them in milliseconds
#  1500ms means 1.5 seconds
#
#
# keepalive: how long between heartbeats?
#
keepalive  3    【每3秒发送一次keeplive消息】
#
# deadtime: how long-to-declare-host-dead?
#
deadtime 15       【如果15秒没有收到keeplive消息将会认为节点已经失效】
#
# warntime: how long before issuing "late heartbeat" warning?
# See the FAQ for how to use warntime to tune deadtime.
#
warntime 10         【在日志中记录最后心跳last heartbeat-best 前的警告时间】
#
#
# Very first dead time (initdead)
#
# On some machines/OSes, etc. the network takes a while to come up
# and start working right after you've been rebooted.  As a result
# we have a separate dead time for when things first come up.
# It should be at least twice the normal dead time.
#
initdead 60        【如果节点的机器重启后,可能需要一些时间启动网络,这个时间与deadtime不一样,要单独对待】
#
#
# nice_failback:  determines whether a resource will
# automatically fail back to its "primary" node, or remain
# on whatever node is serving it until that node fails.
#
# The default is "off", which means that it WILL fail
# back to the node which is declared as primary in haresources
#
# "on" means that resources only move to new nodes when
# the nodes they are served on die.  This is deemed as a
# "nice" behavior (unless you want to do active-active).
#
nice_failback on           【如果主节点失效之后,重新恢复后,不会再成为主节点,                              只有当当前主节点失效,此节点才可恢复为主节点】
#
# hopfudge maximum hop count minus number of nodes in config
#hopfudge 1
#
#
# Baud rate for serial ports...
# (must precede "serial" directives)
#
#baud 19200
#
# serial serialportname ...
#serial /dev/ttyS0 # Linux
#serial /dev/cuaa0 # FreeBSD
#serial /dev/cua/a # Solaris
#
# What UDP port to use for communication?
#  [used by bcast and ucast]
#
#udpport 694
#
# What interfaces to broadcast heartbeats over?
#
#bcast eth1  # Linux
#bcast eth1 eth2 # Linux
#bcast le0  # Solaris
#bcast le1 le2  # Solaris
#
# Set up a multicast heartbeat medium
# mcast [dev] [mcast group] [port] [ttl] [loop]
#
# [dev]  device to send/rcv heartbeats on
# [mcast group] multicast group to join (class D multicast address
#   224.0.0.0 - 239.255.255.255)
# [port]  udp port to sendto/rcvfrom (no reason to differ
#   from the port used for broadcast heartbeats)
# [ttl]  the ttl value for outbound heartbeats.  This affects
#   how far the multicast packet will propagate.  (1-255)
# [loop]  toggles loopback for outbound multicast heartbeats.
#   if enabled, an outbound packet will be looped back and
#   received by the interface it was sent on. (0 or 1)
#   This field should always be set to 0.
#  
#
mcast eth1 225.0.0.22 694 10    【使用组播225.0.0.22,端口694发送keeplive消息】
#
# Set up a unicast / udp heartbeat medium
# ucast [dev] [peer-ip-addr]
#
# [dev]  device to send/rcv heartbeats on
# [peer-ip-addr] IP address of peer to send packets to
#
#ucast eth0 192.168.1.2
#
#
# Watchdog is the watchdog timer.  If our own heart doesn't beat for
# a minute, then our machine will reboot.
#
#watchdog /dev/watchdog
#
#       "Legacy" STONITH support
#       Using this directive assumes that there is one stonith
#       device in the cluster.  Parameters to this device are
#       read from a configuration file. The format of this line is:
#
#         stonith <stonith_type> <configfile>
#
#       NOTE: it is up to you to maintain this file on each node in the
#       cluster!
#
#stonith baytech /etc/ha.d/conf/stonith.baytech
#
#       STONITH support
#       You can configure multiple stonith devices using this directive.
#       The format of the line is:
#         stonith_host <hostfrom> <stonith_type> <params...>
#         <hostfrom> is the machine the stonith device is attached
#              to or * to mean it is accessible from any host.
#         <stonith_type> is the type of stonith device (a list of
#              supported drives is in /usr/lib/stonith.)
#         <params...> are driver specific parameters.  To see the
#              format for a particular device, run:
#           stonith -l -t <stonith_type>
#
#
# Note that if you put your stonith device access information in
# here, and you make this file publically readable, you're asking
# for a denial of service attack ;-)
#
#
#stonith_host *     baytech 10.0.0.3 mylogin mysecretpassword
#stonith_host ken3  rps10 /dev/ttyS1 kathy 0
#stonith_host kathy rps10 /dev/ttyS1 ken3 0
#      
# Tell what machines are in the cluster
# node nodename ... -- must match uname -n
node rh-9-a    【定义节点名称,必须是节点的主机名】
node rh-9-b
#
# Less common options...
#
# Treats 10.10.10.254 as a psuedo-cluster-member
#
#ping www.163.com www.google.com
#
# Started and stopped with heartbeat.  Restarted unless it exits
#    with rc=100
#
#respawn userid /path/name/to/run
##################################################################
authkeys


#
# Authentication file.  Must be mode 600
#
#
# Must have exactly one auth directive at the front.
# auth send authentication using this method-id
#
# Then, list the method and key that go with that method-id
#
# Available methods: crc sha1, md5.  Crc doesn't need/want a key.
#
# You normally only have one authentication method-id listed in this file
#
# Put more than one to make a smooth transition when changing auth
# methods and/or keys.
#
#
# sha1 is believed to be the "best", md5 next best.
#
# crc adds no security, except from packet corruption.
#  Use only on physically secure networks.
#
auth 3             【指定认证加密方式,3 表示加密方式的行号】
#1 crc
#2 sha1 HI!
3 md5 Hello!             【使用md5加密,密码为hello!】


####################################################################################################################################

#
# This is a list of resources that move from machine to machine as
# nodes go down and come up in the cluster.  Do not include
# "administrative" or fixed IP addresses in this file.
#
# <VERY IMPORTANT NOTE>
# The haresources files MUST BE IDENTICAL on all nodes of the cluster.
#
# The node names listed in front of the resource group information
# is the name of the preferred node to run the service.  It is
# not necessarily the name of the current machine.  If you are running
# nice_failback OFF then these services will be started
# up on the preferred nodes - any time they're up.
#
# If you are running with nice_failback ON, then the node information
# will be used in the case of a simultaneous start-up.
#
# BUT FOR ALL OF THESE CASES, the haresources files MUST BE IDENTICAL.
# If your files are different then almost certainly something
# won't work right.
# </VERY IMPORTANT NOTE>
#
#
# We refer to this file when we're coming up, and when a machine is being
# taken over after going down.
#
# You need to make this right for your installation, then install it in
# /etc/ha.d
#
# Each logical line in the file constitutes a "resource group".
# A resource group is a list of resources which move together from
# one node to another - in the order listed.  It is assumed that there
# is no relationship between different resource groups.  These
# resource in a resource group are started left-to-right, and stopped
# right-to-left.  Long lists of resources can be continued from line
# to line by ending the lines with backslashes ("\").
#
# These resources in this file are either IP addresses, or the name
# of scripts to run to "start" or "stop" the given resource.
#
# The format is like this:
#
#node-name resource1 resource2 ... resourceN
#
#
# If the resource name contains an :: in the middle of it, the
# part after the :: is passed to the resource script as an argument.
#       Multiple arguments are separated by the :: delimeter
#
# In the case of IP addresses, the resource script name IPaddr is
# implied.
#
# For example, the IP address 135.9.8.7 could also be represented
# as IPaddr::135.9.8.7
#
# THIS IS IMPORTANT!!     vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
#
# The given IP address is directed to an interface which has a route
# to the given address.  This means you have to have a net route
# set up outside of the High-Availability structure.  We don't set it
# up here -- we key off of it.
#
# The broadcast address for the IP alias that is created to support
# an IP address defaults to the highest address on the subnet.
#
# The netmask for the IP alias that is created defaults to the same
# netmask as the route that it selected in in the step above.
#
# The base interface for the IPalias that is created defaults to the
# same netmask as the route that it selected in in the step above.
#
# If you want to specify that this IP address is to be brought up
# on a subnet with a netmask of 255.255.255.0, you would specify
# this as IPaddr::135.9.8.7/24 .  
#
# If you wished to tell it that the broadcast address for this subnet
# was 135.9.8.210, then you would specify that this way:
#  IPaddr::135.9.8.7/24/135.9.8.210
#
# If you wished to tell it that the interface to add the address to
# is eth0, then you would need to specify it this way:
#  IPaddr::135.9.8.7/24/eth0
#
#       And this way to specify both the broadcast address and the
#       interface:
#  IPaddr::135.9.8.7/24/eth0/135.9.8.210
#
# The IP addresses you list in this file are called "service" addresses,
# since they're they're the publicly advertised addresses that clients
# use to get at highly available services.
#
# For a hot/standby (non load-sharing) 2-node system with only
# a single service address,
# you will probably only put one system name and one IP address in here.
# The name you give the address to is the name of the default "hot"
# system.
#
# Where the nodename is the name of the node which "normally" owns the
# resource.  If this machine is up, it will always have the resource
# it is shown as owning.
#
# The string you put in for nodename must match the uname -n name
# of your machine.  Depending on how you have it administered, it could
# be a short name or a FQDN.
#
#-------------------------------------------------------------------
#
# Simple case: One service address, default subnet and netmask
#  No servers that go up and down with the IP address
#
#just.linux-ha.org 135.9.216.110
#
#-------------------------------------------------------------------
#
# Assuming the adminstrative addresses are on the same subnet...
# A little more complex case: One service address, default subnet
# and netmask, and you want to start and stop http when you get
# the IP address...
#
#just.linux-ha.org 135.9.216.110 http
#-------------------------------------------------------------------
#
# A little more complex case: Three service addresses, default subnet
# and netmask, and you want to start and stop http when you get
# the IP address...
#
#just.linux-ha.org 135.9.216.110 135.9.215.111 135.9.216.112 httpd
#-------------------------------------------------------------------
#
# One service address, with the subnet, interface and bcast addr
#       explicitly defined.
#
#just.linux-ha.org 135.9.216.3/28/eth0/135.9.216.12 httpd
#
#-------------------------------------------------------------------
#
#       An example where a shared filesystem is to be used.
#       Note that multiple aguments are passed to this script using
#       the delimiter '::' to separate each argument.
#
rh-9-a  11.1.1.96/24/eth0     【定义主节点使用的公网IP,掩码和接口名称】
#
# Regarding the node-names in this file:
#
# They must match the names of the nodes listed in ha.cf, which in turn
# must match the `uname -n` of some node in the cluster.  So they aren't
# virtual in any sense of the word.
#


根据情况更改配置文件,两台服务器的heartbeat配置必须一样,这样才能启动heartbeat,
启动heartbeat:
/etc/rc.d/init.d/heartbeat start [stop|restart]
]]> http://blog.iloveu.sh.cn/default.asp?id=321