Squid + PAM Motuhēhēnga kei CentOS 7- SMB Networks

Taupū whanui o te raupapa: Tuihono Rorohiko mo nga SME: Whakataki

Kia ora e hoa ma, e hoa ma!

Te taitara o te tuhinga me penei: «MATE + NTP + Dnsmasq + Ratonga Gateway + Apache + Squid me te Motuhēhēnga o te PAM i roto i nga Centos 7 - SME Networks«. Mo nga take whaihua ka poroa e maatau.

Kei te haere tonu taatau whakamotuhēhēnga ki nga kaiwhakamahi o te rohe i runga i te rorohiko Linux ma te whakamahi i te PAM, ana ko tenei ka kite maatau me pehea te whakarato i te ratonga Takawaenga me te Squid mo tetahi hononga rorohiko iti, ma te whakamahi i nga tohu whakamotuhēhēnga kua pupurihia ki taua rorohiko. kei te rere te kaiwhakarato Tuhinga.

Ahakoa e mohio ana taatau he mahi noa noa i enei ra, ki te whakamana i nga ratonga ki te OpenLDAP, te Kaiwhakahaere Rarangi Whaiaronga a Red Hat 389, te Whaiaronga Hohe Microsoft, me etahi atu. E whakapono ana maatau me haere maatau i nga mea ngawari ki te matatini.

Taurangi

Te riipene

He umanga iti nei - he ruarua nei nga rauemi tahua- kua whakatapua ki te tautoko i te whakamahinga o te Raupaparorohiko Koreutu me te hunga i kowhiri i te ingoa o Mai i Linux.Fan. He momo ngahau OS ratou CentOS whakarōpūtia ki te tari kotahi. I hokona e raatau tetahi waahanga mahi - ehara i te kaitoha ngaio - ka whakatapua e raatau hei "kaiwhakarato."

Kaore nga kaiwhakaako i te mohio nui ki te whakamahi i tetahi kaitoha OpenLDAP he Samba 4 AD-DC ranei, kaore hoki e taea e raatau ki te raihana i tetahi Whaiaronga Hohe Microsoft. Heoi, me whiwhi ratonga Ipurangi na roto i te Takawaenga mo a raatau mahi o ia ra - kia tere te tirotiro - me tetahi waahi ki te penapena i a raatau tuhinga tino nui me te mahi hei kape taapiri.

Ko te nuinga kei te whakamahi tonu i nga punaha whakahaere a Microsoft, engari e hiahia ana ratou ki te whakarereke ki nga punaha Whakahaere-a-Linux, ka tiimata mai i te "Tūmau".

Kei te hiahia hoki ratou ki te whai i ta raatau ake kaituku mēra kia motuhake - mai i te timatanga - o nga ratonga penei i a Gmail, Yahoo, HotMail, me era atu, koina ta raatau e whakamahia ana i tenei wa.

Ma te Paetahaahi me nga Ture Huarahi ki te Ipurangi e whakapumau ki roto i te ADSL Router kua kirimana.

Kaore o raatau ingoa ingoa tuturu na te mea kaore e hiahia ki te whakaputa i tetahi ratonga i runga i te Ipurangi.

Ko te CentOS 7 hei kaiwhakarato kaore he GUI

Kei te tiimata mai i te taaputanga hou o te kaituku kaore he mahinga whakairoiro, a ko te waahanga anake ka tohua e maatau i te waa mahi ko te «Tūmau Hanganga»I kite taatau i nga tuhinga o mua o te raupapa.

Tautuhinga tuatahi

[root @ linuxbox ~] # ngeru / etc / ingoa rangatira 
pouaka rorohiko

[root @ linuxbox ~] # ngeru / etc / manaaki
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 :: 1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.10.5 linuxbox.fromlinux.fan linuxbox

[root @ linuxbox ~] # ingoa rangatira
pouaka rorohiko

[root @ linuxbox ~] # ingoa rangatira -f
pouaka linux.fromlinux.fan

[root @ linuxbox ~] # ip addr rārangi
[root @ linuxbox ~] # ifconfig -a
[root @ linuxbox ~] # ls / sys / akomanga / net /
ens32 ens34 na

Ka whakaweto e matou te Kaiwhakahaere Whatunga

[root @ linuxbox ~] # systemctl kati a NetworkManager

[root @ linuxbox ~] # systemctl mono i a NetworkManager

[root @ linuxbox ~] # systemctl mana NetworkManager
● NetworkManager.service - Kaiwhakahaere Whatunga Utaina: utaina (/usr/lib/systemd/system/NetworkManager.service; monokia; tatūkē kaihoko: whakahohea) Hohe: koretake (kua mate) Tuhinga: tangata: NetworkManager (8)

[root @ linuxbox ~] # ifconfig -a

Ka whakatauhia e maatau nga hononga whatunga

Ko te atanga Ens32 LAN e hono ana ki te Whatunga a-roto

[root @ linuxbox ~] # nano / etc / sysconfig / tuhinga-tuhi / ifcfg-ens32
DEVICE=ens32
ONBOOT=yes
BOOTPROTO=static
HWADDR=00:0c:29:da:a3:e7
NM_CONTROLLED=no
IPADDR=192.168.10.5
NETMASK=255.255.255.0
GATEWAY=192.168.10.1
DOMAIN=desdelinux.fan
DNS1=127.0.0.1
ZONE = iwi whanui

[root @ linuxbox ~] # Ifdown ens32 && mena ka whai ake

Hanga34 WAN atanga hono ki te Ipurangi

[root @ linuxbox ~] # nano / etc / sysconfig / tuhinga-tuhi / ifcfg-ens34
DEVICE = ens34 ONBOOT = ae BOOTPROTO = static HWADDR = 00: 0c: 29: da: a3: e7 NM_CONTROLLED = kore IPADDR = 172.16.10.10 NETMASK = 255.255.255.0 # Kua honoa te pouara ADSL ki # tenei atanga me # te wahitau e whai ake nei GATEWAY IP = 172.16.10.1 DOMAIN = desdelinux.fan DNS1 = 127.0.0.1
ZONE = waho

[root @ linuxbox ~] # Ifdown ens34 && mena ka whai ake4

Whirihoranga Repositories

[root @ linuxbox ~] # cd /etc/yum.repos.d/
[root @ linuxbox ~] # mkdir taketake
[root @ linuxbox ~] # mv Centos- * taketake /

[root @ linuxbox ~] # nano centos.repo
[Base-Repo]
name=CentOS-$releasever
baseurl=http://192.168.10.1/repos/centos/7/base/x86_64/
gpgcheck=0
enabled=1

[CentosPlus-Repo]
name=CentOS-$releasever
baseurl=http://192.168.10.1/repos/centos/7/centosplus/x86_64/
gpgcheck=0
enabled=1

[Epel-Repo]
name=CentOS-$releasever
baseurl=http://192.168.10.1/repos/centos/7/epel/x86_64/
gpgcheck=0
enabled=1

[Updates-Repo]
name=CentOS-$releasever
baseurl=http://192.168.10.1/repos/centos/7/updates/x86_64/
gpgcheck=0
enabled=1

[root @ linuxbox yum.repos.d] # yum horoia katoa
Kua utaina nga monomai: tere, whakaata, putunga Horoi horoi: Whare-Repo CentosPlus-Repo Epel-Repo Media-Repo: Whakahou-Repo Te horoi i nga mea katoa Te horoi i te raarangi whakaata tere
[root @ linuxbox yum.repos.d] # whakahoutanga yum
Mono Utaina: whakaata tere, awangawanga Base-Repo | 3.6 kB 00:00 CentosPlus-Repo | 3.4 kB 00:00 Epel-Repo | 4.3 kB 00:00 Papaaho-Repo | 3.6 kB 00:00 Whakahōu-Repo | 3.4 kB 00:00 (1/9): Base-Repo / roopu_gz | 155 kB 00:00 (2/9): Epel-Repo / roopu_gz | 170 kB 00:00 (3/9): Pāpāho-Repo / roopu_gz | 155 kB 00:00 (4/9): Epel-Repo / updateinfo | 734 kB 00:00 (5/9): Pāpāho-Repo / tuatahi_db | 5.3 MB 00:00 (6/9): CentosPlus-Repo / primary_db | 1.1 MB 00:00 (7/9): Whakahōu-Repo / primary_db | 2.2 MB 00:00 (8/9): Epel-Repo / primary_db | 4.5 MB 00:01 (9/9): Base-Repo / primary_db | 5.6 MB 00:01 Te whakatau i nga whakaata tere rawa Kaore he putea i tohua hei whakahou

Te Karere "Kaore he putea i tohua hei whakahou»Ka whakaatuhia mai na te mea i te wa o te whakaurunga i whakaatuhia e maatau nga taaputanga rohe ano kei a maatau.

Centos 7 me te taiao papamahi MATE

Hei whakamahi i nga taputapu whakahaere pai rawa atu me te atanga whakairoiro e whakawhiwhia mai ana e CentOS / Red Hat ki a maatau, na te mea ka ngaro tonu ta maatau ki te GNOME2, ka whakatau maatau ki te whakauru i te MATE hei taiao papamahi.

[root @ linuxbox ~] # yum groupinstall "X Matapihi punaha"
[root @ linuxbox ~] # whakauru roopu i te "Papamahi MATE"

Hei tirotiro he pai te utaina o te MATE, ka mahia e matou enei whakahau e whai ake nei i roto i te papatohu -puta, mamao atu ranei:

[root @ linuxbox ~] # systemctl wehe i te kauwhata.target

a kia utaina te taiao papamahi -i runga i te tiima o te rohe- pai, e whakaatu ana i te rama hei urunga whakairoiro. Ka patohia e matou te ingoa o te kaiwhakamahi o te rohe me tana kupuhipa, ka uru matou ki te MATE.

Ki te korero ki te pūnaha ko te reanga whakaeke taunoa ko te taiao 5 -whakamarama- ka hangaia e maatau te hono hono:

[root @ linuxbox ~] # ln -sf /lib/systemd/system/runlevel5.target /etc/systemd/system/default.target

Ka whakaara ano e maatau te punaha ka pai nga mahi katoa.

Ka whakauruhia e maatau te Ratonga Taima mo nga Whatunga

[root @ linuxbox ~] # yum whakauru ntp

I te wa e whakauruhia ana ka whirihorahia e maatau te karaka o te rohe me te kaitono o nga taputapu sysadmin.fromlinux.fan me te IP 192.168.10.1. Na, ka tiakina e matou te konae ntp.conf taketake na:

[root @ linuxbox ~] # cp /etc/ntp.conf /etc/ntp.conf.original

Na, ka hangaia e maatau he mea hou me nga korero e whai ake nei:

[root @ linuxbox ~] # nano /etc/ntp.conf # Tūmau kua whirihorahia i te wa e whakauruhia ana: server 192.168.10.1 iburst # Mo etahi atu korero, tirohia nga wharangi tangata o: # ntp.conf (5), ntp_acc (5) , ntp_auth (5), ntp_clock (5), ntp_misc (5), ntp_mon (5). driftfile / var / lib / ntp / drift # Whakaaetia te tukutahi me te putake o te waa, engari kaua e # tuku i te punawai ki te korero, ki te whakarereke ranei i tenei ratonga, aukati i te kore whakakapi i te ingoa kore. :: 127.0.0.1 # Whakawhāiti iti iho ki te rorohiko i te whatunga paetata. aukati i te 1 kanohi 192.168.10.0 whakaingoa i te notrap # Whakamahia nga kaituku kaupapa a te hapori pool.ntp.org # Mena kei te hiahia koe ki te whakauru atu ki te kaupapa, tirohia te # (http://www.pool.ntp.org/join.html). #broadcast 255.255.255.0 autokey tūmau # haapurororaa broadcastclient # haapurororaa kiritaki #broadcast 192.168.10.255 autokey # #multicastclient tūmau multicast 224.0.1.1 # kiritaki multicast #manycastserver 224.0.1.1 # manycast #manycastclient tūmau 239.255.254.254 autokey # manycast kiritaki pāhotanga 239.255.254.254. 192.168.10.255 # Whakahohehia te tuhinga crypto a te iwi. #crypto whakauru / etc / ntp / crypto / pw # Kōnae matua kei roto nga tohu me nga tohu matua # whakamahia ana i te wa e mahi ana koe me nga tohu kīwaha matua hangarite / etc / ntp / kī # Tauwhāiti ngā tautuhi matua whirinaki. #trkeykey 4 8 42 # Tauwhāitihia te tautuhi matua hei whakamahi me te taputapu ntpdc. #requestkey 8 # Tauwhāitihia te tautuhi matua hei whakamahi me te taputapu ntpq. #controlkey 8 # Whakahohea te tuhi o nga rehita tatauranga. #statistics hourstats cryptostats loopstats peertats # Monokia te wehenga wehe ki te aukati i te whakarahinga o # whakaeke ma te whakamahi i te whakahau monlist ntpdc, ka kore e whakauruhia te haki noquery i te herenga # taunoa. Panuihia te CVE-2013-5211 # mo nga korero taipitopito. # Panui: Kaore i monokia te Arotuku me te haki herenga iti. monokia te aroturuki

Ka taea e maatau, tiimata me te tirotiro i te ratonga NTP

[root @ linuxbox ~] # systemctl mana honpd
● ntpd.service - Ratonga Wā Whatunga utaina: utaina (/usr/lib/systemd/system/ntpd.service; monokia; tatūkē kaihoko: monokia) Hohe: koretake (kua mate)

[root @ linuxbox ~] # systemctl whakahohe i te ntpd
Hanga symlink mai i /etc/systemd/system/multi-user.target.wants/ntpd.service ki /usr/lib/systemd/system/ntpd.service.

[root @ linuxbox ~] # systemctl tiimata ntpd
[root @ linuxbox ~] # systemctl mana honpd

[root @ linuxbox ~] # systemctl mana honpdntpd.service - Ratonga Wā Whatunga
   Utaina: utaina (/usr/lib/systemd/system/ntpd.service; whakahohea; kaihoko tatūkē: monokia) Hohe: hohe (rere) mai i te Paraire 2017-04-14 15:51:08 EDT; 1s ago Tukanga: 1307 ExecStart = / usr / sbin / ntpd -u ntp: ntp $ OPTIONS (code = exited, status = 0 / SUCCESS) Matua PID: 1308 (ntpd) CGroup: /system.slice/ntpd.service └─ 1308 / usr / sbin / ntpd -u ntp: ntp -g

Ntp me te Pātahiahi

[root @ linuxbox ~] # pātūahi-cmd --tauta-hohe-rohe
waho
  atanga: ens34
tūmatanui
  atanga: ens32

[root @ linuxbox ~] # firewall-cmd --zone = public --add-port = 123 / udp --permanent
angitu
[root @ linuxbox ~] # pātūahi-cmd - uta ano
angitu

Ka taea e maatau te whakarite i te Dnsmasq

I kite taatau i roto i te tuhinga o mua o te raupapa SMB Networks, kua whakauruhia a Dnsamasq ma te taunoa i runga i te CentOS 7 Infrastructure Server.

[root @ linuxbox ~] # teihana systemctl dnsmasq
● dnsmasq.service - Tūmau Keteroki DNS. Utaina: utaina (/usr/lib/systemd/system/dnsmasq.service; monokia; kaihoko tatūkē: monokia) Hohe: koretake (kua mate)

[root @ linuxbox ~] # systemctl whakahohea dnsmasq
Hanga symlink mai i /etc/systemd/system/multi-user.target.wants/dnsmasq.service ki /usr/lib/systemd/system/dnsmasq.service.

[root @ linuxbox ~] # systemctl tiimata dnsmasq
[root @ linuxbox ~] # teihana systemctl dnsmasq
● dnsmasq.service - Tūmau Keteroki DNS. Utaina: utaina (/usr/lib/systemd/system/dnsmasq.service; whakahohea; kaihoko tatūkē: hauā) Hohe: hohe (rere) mai i te Paraire 2017-04-14 16:21:18 EDT; 4s ago PID Matua: 33611 (dnsmasq) CGroup: /system.slice/dnsmasq.service └─33611 / usr / sbin / dnsmasq -k

[root @ linuxbox ~] # mv /etc/dnsmasq.conf /etc/dnsmasq.conf.original

[root @ linuxbox ~] # nano /etc/dnsmasq.conf
# ----------------- ----------------- # WHAKAPONO TUPURI # ----------------------------- ------------------------------------ rohe-hiahiatia # Kaua e tukuna nga ingoa kaore he waahanga rohe bogus-priv # Kaua e tukuna nga wahitau ki te waahi-kaore i whakatuihia nga kaiwhakawhiwhi-manaaki # Taapiri aunoatia te rohe ki te atanga manaaki = ens32 # Atanga LAN tino-raupapa # ota e patai ana koe ki te /etc/resolv.conf file conf-dir = / etc /dnsmasq.d rohe = desdelinux.fan # Wāhitau ingoa rohe = / time.windows.com / 192.168.10.5 # Ka tuku i tetahi waahanga kore o te uara WPAD. E hiahiatia ana kia pai te whakahaere a te # Windos 7 me muri mai. ;-) dhcp-options = 252, "\ n" # Kōnae hei whakaatu i te HOSTS ka "rāhuitia" addn-host = / etc / banner_add_hosts local = / desdelinux.fan / # ---------- ------------- ------- # REGISTROSCNAMEMXTXT # ----------------- --------------------------- # Ko tenei momo rehitatanga me urunga # ki te / etc / host # konae 192.168.10.5 linuxbox.fromlinux.fan linuxbox # cname = ALIAS, REAL_NAME cname = mail.fromlinux.fan, linuxbox.fromlinux.fan # MX TUHU # Ka whakahokia he rekoata MX me te ingoa "desdelinux.fan" kua tohua # mo te rorohiko mail.desdelinux. powhiriwhiri me te kaupapa matua o te 10 mx-host = desdelinux.fan, mail.desdelinux.fan, 10 # Ko te taunga taunoa mo nga rekoata MX e hangaia ana # ma te whakamahi i te waahanga localmx ko: mx-target = mail.desdelinux.fan # Whakahoki he rekoata MX e tohu ana ki te mx-whaainga mo nga KATOA # miihini takiwa localmx # TXT rekoata. Ka taea hoki e taatau te whakaatu i tetahi rekoata SPF rekoata = desdelinux.fan, "v = spf1 a-katoa" txt-record = desdelinux.fan, "DesdeLinux, to Blog i whakatapua ki te Raupaparorohiko Koreutu" # --------- ------------- -------- # RANGE ME NGĀ WHAKAMAHI # ----------------- ---------------------------- Ko te # IPv4 awhe me te waa riihi # 1 ki te 29 mo nga Servers me etahi atu hiahia dhcp -range = 192.168.10.30,192.168.10.250,8h dhcp-riihi-max = 222 # Ko te rahinga o nga wahitau hei riihi # ma te taunoa he 150 # awhe IPV6 # dhcp-awhe = 1234 ::, ra-anake # He kowhiringa mo te RANGE # TUPONO dhcp-kōwhiringa = 1,255.255.255.0 # NETMASK dhcp-kōwhiringa = 3,192.168.10.5 # ROUTER GATEWAY dhcp-whiringa = 6,192.168.10.5 # DNS Servers dhcp-options = 15, desdelinux.fan # DNS Ingoa Rohe dhcp-whiringa = 19,1 , 28,192.168.10.255 # kōwhiringa ip-whakamua I TE dhcp-whiringa = 42,192.168.10.5 # BROADCAST dhcp-whiringa = XNUMX # NTP dhcp-mana # DHCP mana i runga i te rainaiti # ---------------- ---------------- ----------------------------------- # Ki te hiahia koe ki te penapena i / var / takiuru / korero i te roko o te pātai # wetewetea te raina i raro nei # ----------------- ----------------------------
# takiuru-paatai
# Mutunga o te konae /etc/dnsmasq.conf # ----------------- ----------------------------

Ka hangaia e matou te konae / etc / banner_add_hosts

[root @ linuxbox ~] # nano / etc / banner_add_hosts
192.168.10.5 windowsupdate.com 192.168.10.5 ctldl.windowsupdate.com 192.168.10.5 ocsp.verisign.com 192.168.10.5 csc3-2010-crl.verisign.com 192.168.10.5 www.msftncsi.com 192.168.10.5 ipv6.msftncsi.com 192.168.10.5 teredo.ipv6.microsoft.com 192.168.10.5 ds.download.windowsupdate.com 192.168.10.5 download.microsoft.com 192.168.10.5 fe2.update.microsoft.com 192.168.10.5 crl.microsoft.com 192.168.10.5 www .download.windowsupdate.com 192.168.10.5 win8.ipv6.microsoft.com 192.168.10.5 spynet.microsoft.com 192.168.10.5 spynet1.microsoft.com 192.168.10.5 spynet2.microsoft.com 192.168.10.5 spynet3.microsoft.com 192.168.10.5. 4 spynet192.168.10.5.microsoft.com 5 spynet192.168.10.5.microsoft.com 15 tari192.168.10.5client.microsoft.com 192.168.10.5 addons.mozilla.org XNUMX crl.verisign.com

Whakatau wāhitau IP

[root @ linuxbox ~] # nano / etc / manaaki
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 :: 1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.10.5 linuxbox.fromlinux.fan linuxbox 192.168.10.1 sysadmin.fromlinux.fan sysadmin

Ka whirihorahia e matou te konae /etc/resolv.conf - whakaotinga

[root @ linuxbox ~] # nano /etc/resolv.conf
rapu desdelinux.fan nameserver 127.0.0.1 # Mo nga uiui DNS o waho, kaore hoki i te rohe # desdelinux.fan # local = / desdelinux.fan / nameserver 8.8.8.8

Ka tirohia e matou te taarua o te konae dnsmasq.conf, ka tiimata ka tirotiro i te ahuatanga o te ratonga

[root @ linuxbox ~] # dnsmasq --test
dnsmasq: takawaenga tirohia OK.
[root @ linuxbox ~] # systemctl ka tiimata ano te dnsmasq
[root @ linuxbox ~] # teihana systemctl dnsmasq

Dnsmasq me te Pātūahi

[root @ linuxbox ~] # pātūahi-cmd --tauta-hohe-rohe
waho
  atanga: ens34
tūmatanui
  atanga: ens32

Ratonga rohe o Te Ingoa Ingoa Rohe (dns). Kawa Tuhinga o mua «IP me te Whakamuna«

[root @ linuxbox ~] # firewall-cmd --zone = public --add-port = 53 / tcp --permanent
angitu
[root @ linuxbox ~] # firewall-cmd --zone = public --add-port = 53 / udp --permanent
angitu

Uiui Dnsmasq ki nga kaiwhakarato DNS o waho

[root @ linuxbox ~] # firewall-cmd --zone = external --add-port = 53 / tcp --permanent
angitu
[root @ linuxbox ~] # firewall-cmd --zone = external --add-port = 53 / udp --permanent
angitu

Ratonga Tuhinga o mua o Tūmau BOOTP (dhcp). Kawa ippc «Ipurangi Puka Pluribus Ipurangi«

[root @ linuxbox ~] # firewall-cmd --zone = public --add-port = 67 / tcp --permanent
angitu
[root @ linuxbox ~] # firewall-cmd --zone = public --add-port = 67 / udp --permanent
angitu

[root @ linuxbox ~] # pātūahi-cmd - uta ano
angitu

[root @ linuxbox ~] # pātūahi-cmd --info-rohe tūmatanui tūmatanui (hohe)
  whaainga: taunoa-icmp-aukati-hurihuri: kaore he atanga: punawai ens32: ratonga: dhcp dns ntp ssh tauranga: 67 / tcp 53 / udp 123 / udp 67 / udp 53 / tcp kawa: masquerade: no forward-ports: sourceports: icmp -para: ture rangatira:

[root @ linuxbox ~] # pātūahi-cmd --info-rohe ā-waho (hohe)
  whaainga: taunoa-icmp-aukati-hurihuri: kaore he atanga: punawai ens34: ratonga: tauranga dns: 53 / udp 53 / tcp kawa: kopikopiko: ae nga tauranga anga whakamua: punautu: icmp-poraka: tohu-raru ka whakahoki i te pouara-whakatairanga pouara- tono ture-tinei ture rangatira:

Mena kei te hiahia maatau ki te whakamahi i tetahi atanga whakairoiro hei whirihora i te Pātahiahi i CentOS 7, ka tirohia te raarangi whanui - ka whakawhirinaki ki te taiao papamahi e puta mai ai te submenu - te tono «Papamahi», ka mahia e maatau ana ka uru ki te kupuhipa a te kaiwhakamahi. pakiaka, ka uru atu maatau ki te atanga papatono penei. I te MATE ka kitea i te raarangi «Pūnaha »->" Whakahaeretanga "->" Pātūahi ".

Ka tohua e maatau te Rohe «tūmatanui»Ana ka whakamanahia nga Ratonga e hiahia ana matou kia taangia ki runga i te LAN, tae noa mai ki tenei wa dhcp, dns, ntp me te ssh. Whai muri i te kowhiri i nga ratonga, me te whakaatu he pai nga mahi katoa, me huri e tatou te Runtime ki te Tuturu. Ki te mahi i tenei ka haere maatau ki te raarangi whiringa ka kowhiri i te waahanga «Te wa oma ki te pumau".

A muri ake ka tohua e maatau te Rohe «waho»Ana ka tirotirohia kei te tuwhera nga Tauranga e tika ana hei korerorero ki te Ipurangi. KAUA E whakaputahia nga Ratonga i tenei Rohe ki te kore e tino mohio ki ta maatau mahi!.

Kaua e wareware ki te whakarereke i nga whakarereketanga ma te kowhiringa «Te wa oma ki te pumau»Na ka utaina ano te rewera PātahiD, i nga wa katoa ka whakamahi maatau i tenei taputapu whakairoiro kaha.

NTP me Dnsmasq mai i te kaihoko Windows 7

Tukutahinga me te NTP

waho

Wāhitau IP Riihi

Microsoft Windows [Putanga 6.1.7601] Mana pupuri (c) 2009 Microsoft Corporation. Pūmau te mana. C: \ Kaiwhakamahi \ buzz> ipconfig / katoa Windows IP Whirihora Ingoa Kaihautū. . . . . . . . . . . . : HITITU
   Tuhinga o mua. . . . . . . :
   Momo Node. . . . . . . . . . . . : Haangai i te IP Routing Whakahohea. . . . . . . . : Kaore he WINS Takawaenga Whakahohea. . . . . . . . : Kaore he Rarangi Suffix Rapu Suffix. . . . . . : desdelinux.fan Ethernet adapter Hononga Rohe Rohe: Hononga-motuhake DNS Suffix. : desdelinux.fan Whakaahuatanga. . . . . . . . . . . : Intel (R) PRO / 1000 MT Whatunga Hononga Tinana Wāhitau Tinana. . . . . . . . . : 00-0C-29-D6-14-36 DHCP Whakahohea. . . . . . . . . . . : Ae WhakahoahoaHoa Whakahohea. . . . : Na ko tenei
   Wāhitau IPv4. . . . . . . . . . . : 192.168.10.115 (Aroahia)
   Kopare Subnet. . . . . . . . . . . : 255.255.255.0 I Rīhi Mai. . . . . . . . . . : Paraire, Paenga-whāwhā 14, 2017 5:12:53 PM Ka Pau Rīhi. . . . . . . . . . : Hatarei, Paenga-whāwhā 15, 2017 1:12:53 AM Kuwae Taunoa. . . . . . . . . : 192.168.10.1 Tūmau DHCP. . . . . . . . . . . : 192.168.10.5 Tūmau DNS. . . . . . . . . . . : 192.168.10.5 NetBIOS mo Tcpip. . . . . . . . : Whakaahei i te Tunnel adapter Hononga Rohe Rohe * 9: State Media. . . . . . . . . . . : Kua whakakorehia e te Media te Whakaputaa DNS-honoa. : Whakaahuatanga. . . . . . . . . . . : Microsoft Teredo Tunneling Adapter Tinana Wāhanga. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Whakahohea. . . . . . . . . . . : Kaore i Whirihorahia Aunoa . . . : Ae Tunnel adapter isatap.fromlinux.fan: Media State. . . . . . . . . . . : Kua whakakorehia e te Media te Whakaputaa DNS-honoa. : desdelinux.fan Whakaahuatanga. . . . . . . . . . . : Microsoft ISATAP Whurutau # 2 Wāhitau Tinana. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Whakahohea. . . . . . . . . . . : Kaore i Whirihorahia Aunoa . . . : Ae C: \ Kaiwhakamahi \ buzz>

Aki

Ko te uara nui ki nga kaihoko o te Matapihi ko te "Tuatahi Dns Panui" me te "Whakapiki hono honohono". Ki te kore e whakamahia te Microsoft Domain Controller, kaore e tukuna mai e te punaha whakahaere tetahi uara ki a ia. Mena kei te raru taatau i tetahi keehi e rite ana ki te korero i te timatanga o te tuhinga a e hiahia ana maua ki te whakaatu marama i taua uara, me anga ke atu ki ta te whakaahua e whai ake nei e whakaae, whakaae ki nga panoni ka tiimata ano te kaihoko.

 

Mena ka rere ano taatau CMD -> ipconfig / katoa ka whiwhi maatau i enei:

Microsoft Windows [Putanga 6.1.7601] Mana pupuri (c) 2009 Microsoft Corporation. Pūmau te mana. C: \ Kaiwhakamahi \ buzz> ipconfig / katoa Windows IP Whirihora Ingoa Kaihautū. . . . . . . . . . . . : HITITU
   Tuhinga o mua. . . . . . . : desdelinux.fan
   Momo Node. . . . . . . . . . . . : Haangai i te IP Routing Whakahohea. . . . . . . . : Kaore he WINS Takawaenga Whakahohea. . . . . . . . : Kaore he Rarangi Suffix Rapu Suffix. . . . . . : desdelinux.fan

Ko era atu o nga uara kei te noho huri noa

Arowhai DNS

buzz @ sysadmin: ~ $ host spynet.microsoft.com
spynet.microsoft.com he wahitau 127.0.0.1 Kaihaututu spynet.microsoft.com kaore i kitea: 5 (REFUSED) spynet.microsoft.com mika ka whakahaerehia e 1 mail.fromlinux.fan.

buzz @ sysadmin: ~ $ manaaki linuxbox
linuxbox.desdelinux.fan he wahitau 192.168.10.5 linuxbox.desdelinux.fan mēra ka whakahaerehia e te 1 mail.desdelinux.fan.

buzz @ sysadmin: ~ $ manaaki sysadmin
sysadmin.desdelinux.fan he wahitau 192.168.10.1 sysadmin.desdelinux.fan reta ka whakahaerehia e te 1 mail.desdelinux.fan.

buzz @ sysadmin: ~ $ host mail
mail.desdelinux.fan he ingoa ingoakore mo te linuxbox.desdelinux.fan. linuxbox.desdelinux.fan he wahitau 192.168.10.5 linuxbox.desdelinux.fan mēra ka whakahaerehia e te 1 mail.desdelinux.fan.

Ka whakauruhia e maatau -mo te whakamatautau anake- he Kaiwhakarite DNS Mana NSD i sysadmin.fromlinux.fan, a kei te whakauru maatau i te IP IP 172.16.10.1 kei roto i te puranga /etc/resolv.conf Tuhinga o mua pouaka linux.fromlinux.fan, hei whakatau he tika te whakamahi a Dnsmasq i tana mahi Whakamua. Ko nga pouaka onepu kei runga i te kaituku NSD favt.org y toujague.org. He pakiwaitara nga IP katoa mai i nga whatunga takitahi.

Mena ka whakakorehia e maatau te hononga WAN Tuhinga34 te whakamahi i te whakahau ifdown ens34, Kaore e taea e Dnsmasq te patapatai i nga kaiwhakarato DNS o waho.

[buzz @ linuxbox ~] $ sudo ifdown ens34 [buzz @ linuxbox ~] $ host -t mx toujague.org
Kaihautu toujague.org kaore i kitea: 3 (NXDOMAIN)

[buzz @ linuxbox ~] $ host pizzapie.favt.org
Host pizzapie.favt.org kaore i kitea: 3 (NXDOMAIN)

Me whakamahi te atanga ens34 ka tirotiro ano:

[buzz @ linuxbox ~] $ sudo mena ka whai ake34
buzz @ linuxbox ~] $ host pizzapie.favt.org
pizzapie.favt.org he ingoakii mo paisano.favt.org. paisano.favt.org he wahitau 172.16.10.4

[buzz @ linuxbox ~] $ host pizzapie.toujague.org
Pizzas.toujague.org Kaihaututu kaore i kitea: 3 (NXDOMAIN)

[buzz @ linuxbox ~] $ host poblacion.toujague.org
poblacion.toujague.org he wahitau 169.18.10.18

[buzz @ linuxbox ~] $ host -t NS favt.org
favt.org ingoa ingoa server ns1.favt.org. favt.org ingoa ingoa server ns2.favt.org.

[buzz @ linuxbox ~] $ host -t NS toujague.org
toujague.org ingoa ingoa server ns1.toujague.org. toujague.org ingoa ingoa server ns2.toujague.org.

[buzz @ linuxbox ~] $ host -t MX toujague.org
toujague.org mika kua whawha e te 10 mail.toujague.org.

Me korero mai i sysadmin.fromlinux.fan:

buzz @ sysadmin: ~ $ ngeru /etc/resolv.conf 
rapuhia mai i linux.fan nameserver 192.168.10.5

xeon @ sysadmin: ~ $ host mail.toujague.org
mail.toujague.org he wahitau 169.18.10.19

Kei te mahi te Dnsmasq penei Whakamua tika

Tuhinga

I roto i te pukapuka i te whakatakotoranga PDF «Whirihoranga Tūmau Linux»I tuhia i te Hurae 25, 2016, e te Kaituhi Joel Barrios alatan (darkshram@gmail.com - http://www.alcancelibre.org/), he tuhinga i tukuna atu e au ki nga tuhinga o mua, he pene katoa kua whakatapua ki te Nga Kōwhiringa Whirihoranga Taketake.

Na te hiranga o te Paetukutuku - Ratonga Takawaenga, ka tangohia e maatau te Kupu Whakataki i hanga mo te Squid i roto i te pukapuka kua whakahuatia ake nei:

105.1. Kupu Whakataki.

105.1.1. He aha te Tuakawaenga Takawaenga (Takawaenga)?

Ko te kupu i te reo Ingarihi "Takawaenga" he tikanga tino whanui, me te wa ano autaia, ahakoa
he rite tonu te orite ki te kupu a te "Takawaenga". Te tikanga whakamaorihia, i roto i te tino tikanga, as māngai o whakamanahia (te tangata whai mana ki tetahi atu).

Un Tūmau Takawaenga Ka tautuhia he rorohiko, he taputapu ranei e tuku ana i te ratonga whatunga e uru ana ki te tuku i nga kaihoko ki te hono hononga tuuru ki etahi atu ratonga whatunga. I roto i enei mahinga ka whai ake enei:

  • Ka hono te kaihoko ki a Tūmau takawaenga.
  • Ka tono te kaihoko he hononga, he konae, he rauemi atu ranei e waatea ana i runga i tetahi atu kaituku.
  • Ma te Kaituku Takawaenga e whakarato te rauemi ma te hono atu ki te kaituku kua tohua
    te tuku atu ranei mai i te kete.
  • I etahi waa Tūmau Takawaenga Ka taea te whakarereke i te tono a te kaihoko, te
    whakautu a te kaiwhakarato mo nga kaupapa maha.

te Tūmau Takawaenga i te nuinga o te waa ka mahi ratau ano he pakitara ahi e mahi ana i te Taumata Whatunga, e mahi ana hei taatari putea, penei i te iptables te whakahaere ranei i te Taumata Taupuna, te whakahaere i nga momo ratonga, peera i te Kaituku TCP. I runga i te horopaki, ko te pakitara ahi e mohiotia ana ko BPD o Braupapa Phurihuri Device tika ranei tātari pute.

Tuhinga o mua Tūmau Takawaenga hei mahi hei keteroki mo te ihirangi whatunga (te nuinga HTTP), ma te whakatata mai ki nga kaihoko te keteroki o nga wharangi me nga konae e waatea mai ana i te whatunga i runga i nga kaiwhakarato HTTP mamao, kia ahei nga kaihoko o te whatunga rohe ki te uru ki a raatau. tere me te pono ake.

Ka tae ana he tono mo tetahi rauemi Whatunga kua tohua i roto i te URL (Uniform Rpūtake Lwheke) te Tūmau Takawaenga Tuhinga o mua URL i roto i te kete. Mena ka kitea, te Tūmau Takawaenga Ka whakautu ki te kaihoko ma te tuku wawe i nga korero kua tonoa. Mena kei te ngaro nga korero i tonoa i te keteroki, te Tūmau Takawaenga ka tangohia mai i tetahi kaitoha mamao, ka tukuna ki te kaihoko i tono atu me te pupuri i tetahi kape ki roto i te keteroki. Ko nga korero kei roto i te keteroki ka nekehia atu ma te algorithm mutunga kia rite ki te tau, te rahi me te hitori o nga whakautu ki nga tono (hits) (tauira: LRU, LFUDA y GDSF).

Ka taea e nga Kaitoha Takawaenga mo te ihirangi Whatunga (Taupono Tukutuku) te mahi hei taatari mo nga korero kua tukuna, ma te whakamahi i nga kaupapa here aukati kia rite ki nga paearu taapiri..

Ko te putanga o te wheke ka whakauruhia e maatau ko 3.5.20-2.el7_3.2 mai i te whare putunga whakahōunga.

Tāutanga

[root @ linuxbox ~] # yum whakauruhia te wheke

[root @ linuxbox ~] # ls / etc / wheke /
cachemgr.conf errorpage.css.default  wheke.conf
cachemgr.conf.deime mime.conf              wheke.conf.default
errorpage.css mime.conf.default

[root @ linuxbox ~] # systemctl whakahohe i te wheke

Mea nui

  • Ko te whainga matua o tenei tuhinga ko te Whakamana i nga kaiwhakamahi o te rohe ki te hono atu ki te Squid mai i etahi atu rorohiko hono ki te LAN. Hei taapiri, whakatauhia te kaupapa matua o te kaituku mahi ka tapirihia atu etahi atu ratonga. Ehara ko te tuhinga i whakatapua ki te Squid penei.
  • Kia mohio ai koe ki nga whirihoranga a Squid, panuihia te /usr/share/doc/squid-3.5.20/squid.conf.documented file, e 7915 nga raina.

SELinux me te wheke

[root @ linuxbox ~] # getsebool -a | wheke wheke
squid_connect_any -> i runga i te squid_use_tproxy -> whakaweto

[root @ linuxbox ~] # setebool -P squid_connect_any = kei

Tatūnga

[root @ linuxbox ~] # nano /etc/squid/squid.conf
# LAN acl localnet src 192.168.10.0/24 acl SSL_ports tauranga 443 21
acl Haumaru_ports tauranga 80 # http acl Haumaru_ports tauranga 21 # ftp acl Haumaru tauranga 443 # https acl Haumaru Haumaru tauranga 70 # tauranga gopher acl Haumaru_ports 210 # wais acl Haumaru Haumaru 1025-65535 # tauranga kore rehita acl Haumaru Haumaru 280 # http-mgmt acl Haumaru Haumaru 488 # gss-http acl Haumaru Haumaru 591 # filmaker acl Haumaru tauranga 777 # maha http acl Tikanga Hono HONUA # Ka whakakahoretia e matou nga paatai ​​mo nga tauranga kore-whakaahuru http_access whakakahore! Haumaru_ports # Ka whakakahoretia e matou te tikanga HONEKE mo nga tauranga kore-haumaru http_access whakakahore Hono! SSL_ports # Uru ki Ko te kaiwhakahaere Cache anake mai i te localhost http_access ka whakaaehia te kaiwhakahaere localhost http_access whakakahore i te kaiwhakahaere # Ka tino taunaki matou kia kore e whai ake te hunga e whai ake nei hei tiaki i nga tono tukutuku harakore # e rere ana i runga i te kaitoha takawaenga e whakaaro ana ko te # anake ka uru ki nga ratonga i runga i te "localhost" he rohe kaiwhakamahi http_whiwhiwhiwhiwhiwhiwhiwhi ki_localhost # # INSERT TO OWN RULE (S) HERE TO ALLOW ACCESS MAI TAIKI # # Whakaaetanga PAM
auth_param kaupapa taketake / usr / lib64 / wheke / taketake_pam_auth
auth_param tamariki taketake 5 auth_param kaupapa taketake mai i linux.fan auth_param taketake taipitopito tuakiri 2 haora auth_param basic caseensitive off # E hiahiatia ana te motuhēhēnga Acl kia uru atu ki nga Kaiwhakaakaha Squid proxy_auth E TONO # Whakaaetia ana e maatau te urunga ki nga kaiwhakamahi pono # na roto i te PAM http_whiwhiwhi ki te uru acl ftp proto FTP http_access tukua ftp http_access tukua localnet http_access tukua localhost # Ka whakakahoretia e matou tetahi atu huarahi ki te takawaenga http_access whakakahore katoa # Squid te tikanga whakarongo ki tauranga 3128 http_port 3128 # Ka waiho e tatou nga "coredumps" i te raarangi cache tuatahi coredump_dir / var / spool / wheke # # Taapirihia tetahi o taau ake tāurunga_pattern tāurunga i runga ake o enei. # tāmata_pattern ^ ftp: 1440 20% 10080 tāmata_pattern ^ gopher: 1440 0% 1440 tāmata_pattern -i (/ cgi-bin / | \?) 0 0% 0 tāmata_pattern. 0 20% 4320 cache_mem 64 MB # Cache memory memory_replacement_policy lru cache_replaced_policy heap LFUDA cache_dir aufs / var / spool / squid 4096 16 256 maximum_object_size 4 MB cache_swap_low 85 cache_swap_highux 90 cache_mgr buzz@desuxnamexin.huri

Ka tirohia e matou te taarua o te konae /etc/squid/squid.conf

[root @ linuxbox ~] # wheke -k wetiweti
2017/04/16 15: 45: 10 | Whakaoho: Te Tiimata i Nga Kaupapa Motuhēhēnga ...
 2017/04/16 15: 45: 10 | Whakaoho: Kaupapa Motuhēhēnga Tīmata 'taketake' 2017/04/16 15: 45: 10 | Whakaoho: Kaupapa Motuhēhēnga Tīmata 'digest' 2017/04/16 15: 45: 10 | Whakaoho: Ko te Kaupapa Motuhēhēnga Tīmata 'whiriwhiri' 2017/04/16 15: 45: 10 | Whakaoho: Kaupapa Motuhēhēnga Tīmata 'ntlm' 2017/04/16 15: 45: 10 | Whakaoho: Motuhēhēnga tuatahi.
 2017/04/16 15: 45: 10 | Tukatuka Tukatuka Kōnae: /etc/squid/squid.conf (hohonu 0) 2017/04/16 15: 45: 10 | Tukatuka: acl localnet src 192.168.10.0/24 2017/04/16 15: 45: 10 | Tukatuka: acl SSL_ports tauranga 443 21 2017/04/16 15: 45: 10 | Tukatuka: acl Haumaru_ports tauranga 80 # http 2017/04/16 15: 45: 10 | Tukatuka: acl Haumaru_ports tauranga 21 # ftp 2017/04/16 15: 45: 10 | Tukatuka: acl Safe_ports tauranga 443 # https 2017/04/16 15: 45: 10 | Tukatuka: acl Haumaru_ports tauranga 70 # gopher 2017/04/16 15: 45: 10 | Tukatuka: acl Haumaru_ports tauranga 210 # wais 2017/04/16 15: 45: 10 | Tukatuka: acl Haumaru_ports tauranga 1025-65535 # tauranga kore rehitatia 2017/04/16 15: 45: 10 | Tukatuka: acl Haumaru_ports tauranga 280 # http-mgmt 2017/04/16 15: 45: 10 | Tukatuka: acl Haumaru-tauranga tauranga 488 # gss-http 2017/04/16 15: 45: 10 | Tukatuka: acl Safe_ports tauranga 591 # filmaker 2017/04/16 15: 45: 10 | Tukatuka: acl Safe_ports tauranga 777 # maha http 2017/04/16 15: 45: 10 | Tukatuka: acl tikanga HUITU Hononga 2017/04/16 15: 45: 10 | Tukatuka: http_access whakakahore! Haumaru_ports 2017/04/16 15: 45: 10 | Tukatuka: http_access whakakahore Hono! SSL_ports 2017/04/16 15: 45: 10 | Tukatuka: http_access tukua te kaiwhakahaere localhost 2017/04/16 15: 45: 10 | Tukatuka: http_access whakakahore kaiwhakahaere 2017/04/16 15: 45: 10 | Tukatuka: http_access whakakahore ki_localhost 2017/04/16 15: 45: 10 | Tukatuka: auth_param kaupapa matua / usr / lib64 / wheke / taketake_pam_auth 2017/04/16 15: 45: 10 | Tukatuka: auth_param tamariki taketake 5 2017/04/16 15: 45: 10 | Tukatuka: auth_param kaupapa taketake mai i linux.fan 2017/04/16 15: 45: 10 | Tukatuka: auth_param taipitopito tuakiri pono 2 haora 2017/04/16 15: 45: 10 | Te tukatuka: auth_param take matua ngawari ki te 2017/04/16 15: 45: 10 | Tukatuka: acl Ko te hunga ngakaunui proxy_auth KAUPAPA 2017/04/16 15: 45: 10 | Tukatuka: http_access whakakahore! Ngai hihiri 2017/04/16 15: 45: 10 | Tukatuka: acl ftp proto FTP 2017/04/16 15: 45: 10 | Tukatuka: http_access tukua ftp 2017/04/16 15: 45: 10 | Tukatuka: http_access tukua localnet 2017/04/16 15: 45: 10 | Tukatuka: http_access tukua localhost 2017/04/16 15: 45: 10 | Tukatuka: http_access whakakahore katoa 2017/04/16 15: 45: 10 | Tukatuka: http_port 3128 2017/04/16 15: 45: 10 | Tukatuka: coredump_dir / var / spool / squid 2017/04/16 15: 45: 10 | Tukatuka: whakahou_pattern ^ ftp: 1440 20% 10080 2017/04/16 15: 45: 10 | Tukatuka: whakahou_pattern ^ gopher: 1440 0% 1440 2017/04/16 15: 45: 10 | Tukatuka: whakahou_pattern -i (/ cgi-bin / | \?) 0 0% 0 2017/04/16 15: 45: 10 | Tukatuka: whakahou_pattern. 

Ka whakaritehia e maatau nga whakaaetanga ki roto / usr / lib64 / wheke / taketake_pam_auth

[root @ linuxbox ~] # chmod u + s / usr / lib64 / wheke / taketake_pam_auth

Ka hangaia e matou te raarangi keteroki

# Ake ra ... [root @ linuxbox ~] # whakamutua te wheke ratonga
Ko te anga ki te / ipu / systemctl whakamutua te wheke. Ratonga

[root @ linuxbox ~] # wheke -z
[root @ linuxbox ~] # 2017/04/16 15:48:28 tamariki1 | Tautuhia te Whaiaronga o Naianei ki / var / spool / wheke 2017/04/16 15:48:28 kid1 | Kei te hanga i nga whaiaronga huri ngaro 2017/04/16 15:48:28 kid1 | / var / spool / wheke he 2017/04/16 15:48:28 tamariki1 | Te hanga whaiaronga ki / var / spool / wheke / 00 2017/04/16 15:48:28 kid1 | Te hanga whaiaronga ki / var / spool / wheke / 01 2017/04/16 15:48:28 kid1 | Te hanga whaiaronga ki / var / spool / wheke / 02 2017/04/16 15:48:28 kid1 | Te hanga whaiaronga ki / var / spool / wheke / 03 2017/04/16 15:48:28 kid1 | Te hanga whaiaronga ki / var / spool / wheke / 04 2017/04/16 15:48:28 kid1 | Te hanga whaiaronga ki / var / spool / wheke / 05 2017/04/16 15:48:28 kid1 | Te hanga whaiaronga ki / var / spool / wheke / 06 2017/04/16 15:48:28 kid1 | Te hanga whaiaronga ki / var / spool / wheke / 07 2017/04/16 15:48:28 kid1 | Te hanga whaiaronga ki / var / spool / wheke / 08 2017/04/16 15:48:28 kid1 | Te hanga whaiaronga ki / var / spool / wheke / 09 2017/04/16 15:48:28 kid1 | Te hanga whaiaronga ki / var / spool / wheke / 0A 2017/04/16 15:48:28 kid1 | Te hanga whaiaronga ki / var / spool / wheke / 0B 2017/04/16 15:48:28 kid1 | Te hanga whaiaronga ki / var / spool / wheke / 0C 2017/04/16 15:48:29 tamariki1 | Te hanga whaiaronga ki / var / spool / wheke / 0D 2017/04/16 15:48:29 kid1 | Te hanga whaiaronga ki / var / spool / wheke / 0E 2017/04/16 15:48:29 kid1 | Te hanga whaiaronga ki / var / paraoa / wheke / 0F

I tenei wa, ki te roa te wa e hoki mai ai te tohu whakahau - kaore nei i whakahokia mai ki ahau - purihia te Enter.

[root @ linuxbox ~] # tiimata tiimata ratonga
[root @ linuxbox ~] # wheke ratonga timata ano
[root @ linuxbox ~] # te mana o te wheke mahi
Te anga ki te / ipu / systemctl status squid.service ● squid.service - Squid caching proxy Loaded: utaina (/usr/lib/systemd/system/squid.service; monokia; tatūkē kaihoko: monokia) Hohe: hohe (rere) mai i te rohe 2017-04-16 15:57:27 EDT; 1s ago Tukanga: 2844 ExecStop = / usr / sbin / squid -k katinga -f $ SQUID_CONF (waehere = putaatu, mana = 0 / MANUITANGA) Tukanga: 2873 ExecStart = / usr / sbin / wheke $ SQUID_OPTS -f $ SQUID_CONF (waehere = exited, status = 0 / SUCCESS) Tukanga: 2868 ExecStartPre = / usr / libexec / squid / cache_swap.sh (code = exited, status = 0 / SUCCESS) Matua PID: 2876 (wheke) CGroup: /system.slice/squid .service └─2876 / usr / sbin / squid -f /etc/squid/squid.conf Apr 16 15:57:27 linuxbox systemd [1]: Timata mai i te takawaenga a Squid Caching ... Apr 16 15:57:27 linuxbox systemd [1]: I tiimata te tiimatanga o te kaitutei Squid. Apr 16 15:57:27 wheke linuxbox [2876]: Ko te Matua Squid: ka tiimata nga tamariki 1 Apr 16 15:57:27 wheke linuxbox [2876]: Maatua Squid: (wheke-1) mahinga 2878 ... ed Apr 16 15 : 57: 27 wheke linuxbox [2876]: Squid Matua: (wheke-1) mahinga 2878 ... 1 Tohutohu: Ko etahi raina i whakakahoretia, whakamahia -e ki te whakaatu katoa

[root @ linuxbox ~] # ngeru / var / takiuru / karere | wheke wheke

Whakatika Pātūahi

Me whakatuwhera hoki tatou i te Rohe «wahoTuhinga o mua 80HTTP y 443 HTTPS kia taea ai e te Iwi te korero ki te Ipurangi.

[root @ linuxbox ~] # firewall-cmd --zone = external --add-port = 80 / tcp --permanent
angitu
[root @ linuxbox ~] # firewall-cmd --zone = external --add-port = 443 / tcp --permanent
angitu
[root @ linuxbox ~] # pātūahi-cmd - uta ano
angitu
[root @ linuxbox ~] # pātūahi-cmd --info-rohe ā-waho
waho (hohe) whaainga: taunoa icmp-poraka-hurihuri: kaore he atanga: punawai34: ratonga: tauranga dns: 443 / tcp 53 / udp 80 / tcp 53 / tcp
  tikanga: masquerade: yes forward-ports: sourceports: icmp-blocks: parameter-problem redirect router-whakatairanga router-solicitation source-quench rich rules:
  • Ehara i te mea mangere ki te haere ki te tono whakairoiro «Tautuhinga Pātūahi»Ana tirohia ko nga tauranga 443 tcp, 80 tcp, 53 tcp, me te 53 udp e tuwhera ana mo te rohe«waho«, A KĀORE i whakaputahia e mātou tetahi ratonga maana.

Panui kei runga i te kaupapa-awhina awhina_pam_auth

Mena ka korerohia e maatau te pukapuka o tenei whakamahinga tangata taketake_pam_auth Ka panui matou ko te kaituhi tonu kei te taunaki i te kaupapa kia nekehia te kaupapa ki tetahi raarangi kaore he mana o nga kaiwhakamahi noa ki te whakauru ki taua taputapu.

I tetahi atu, e mohiotia ana me tenei kaupapa whakamana, ka haere nga tohu ki nga tuhinga maamaa ana kaore e pai mo nga taiao kino, panuihia nga whatunga tuwhera.

Jeff Yestrumskas whakatapua te tuhinga «Pehea-ki: Whakaritehia he takawaenga tukutuku haumaru ma te whakamahi i te SSL whakamunatanga, Squid Caching Proxy me PAM motuhēhēnga»Ki te take o te whakapiki i te ahuru me tenei kaupapa whakamotuhēhē kia taea ai te whakamahi i roto i nga whatunga tuwhera pea te mauahara.

Ka whakauruhia e matou a httpd

Hei huarahi ki te tirotiro i nga mahi o te wheke - me te aha hoki o Dnsmasq- ka whakauruhia e maatau te ratonga httpd -Apache kaiwhakarato paetukutuku- kaore e hiahiatia kia mahia. I roto i te konae e pa ana ki te Dnsmasq / etc / banner_add_hosts Ka whakaatuhia e maatau nga papaanga e hiahia ana matou kia aukatia, a ka tino tohua e matou te IP IP kei a ratou pouaka rorohiko. Na, ki te tono maatau kia uru atu ki tetahi o enei papaanga, te wharangi kaainga o te httpd.

[root @ linuxbox ~] # yum whakauru httpd [root @ linuxbox ~] # systemctl whakahohea httpd
Hanga symlink mai i /etc/systemd/system/multi-user.target.wants/httpd.service ki /usr/lib/systemd/system/httpd.service.

[root @ linuxbox ~] # systemctl tiimata httpd

[root @ linuxbox ~] # systemctl mana httpd
● httpd.service - Ko te Apache HTTP Server Utaina: utaina (/usr/lib/systemd/system/httpd.service; whakahohea; tatūkē kaihoko: hauā) Hohe: hohe (rere) mai i te Ra 2017-04-16 16:41: 35 EDT; 5s ago Tuhinga: tangata: httpd (8) tangata: apachectl (8) PID Matua: 2275 (httpd) Tūnga: "Tukatuka tono ..." CGroup: /system.slice/httpd.service ├─2275 / usr / sbin / httpd -DFOREGROUND ├─2276 / usr / sbin / httpd -DFOREGROUND ├─2277 / usr / sbin / httpd -DFOREGROUND ├─2278 / usr / sbin / httpd -DFOREGROUND ├─2279 / usr / sbin / httpd -DFOREGROUND └─2280 / usr / sbin / httpd -DFOREGROUND Apr 16 16:41:35 linuxbox systemd [1]: Te tiimata i te Apache HTTP Server ... Apr 16 16:41:35 linuxbox systemd [1]: I tiimata te Apache HTTP Server.

SELinux me Apache

He maha nga kaupapa here a Apache ki te whirihora i roto i te horopaki SELinux.

[root @ linuxbox ~] # getsebool -a | grep httpd
httpd_anon_write -> off httpd_builtin_scripting -> i runga i httpd_can_check_spam -> atu httpd_can_connect_ftp -> off httpd_can_connect_ldap -> off httpd_can_connect_mythtv -> off httpd_can_connect off_zdbi_bwork_bwork_b__work httpd_can_network_memcache -> atu httpd_can_network_relay -> atu httpd_can_sendmail -> atu httpd_dbus_avahi -> atu httpd_dbus_sssd -> atu httpd_dontaudit_search_dirs -> atu httpd_enable_cgi -> httpd_enable_offmirs -> httpd_enable_enable offpd_server_offmirs -> httpd_enablem offpd_server_enable_cgi -> offhpd_enablem atu httpd_graceful_shutdown -> i runga i te httpd_manage_ipa -> atu ki te httpd_mod_auth_ntlm_winbind -> atu ki te httpd_mod_auth_pam -> atu ki te httpd_read_user_content -> atu ki te httpd_run_ipa -> atu ki te httpr_whiwhiwhiwhiwhiwhiwhiwhiwhiwhiwhiwhi_whiwhiwhiwhiwhiwhiwhiwhiwhi httpd_ssi_exec -> off httpd_sys_script_anon_write -> off httpd_tmp_exec -> off httpd_tty_comm - > off httpd_unified -> off httpd_use_cifs -> off httpd_use_fusefs -> off httpd_use_gpg -> off httpd_use_nfs -> off httpd_use_openstack -> off httpd_use_sasl -> off httpd_verify_dns -> off

Ka whirihorahia e matou nga mea e whai ake nei:

Tukuna he imeera ma Apache

pakiaka @ linuxbox ~] # setebool -P httpd_can_sendmail 1

Tukua a Apache ki te panui i nga korero kei roto i nga raarangi kaainga a nga kaiwhakamahi o te rohe

pakiaka @ linuxbox ~] # setebool -P httpd_read_user_content 1

Tukua kia whakahaerea ma te FTP me te FTPS ranei tetahi raarangi whakahaere e te
Apache tukua ranei a Apache kia mahi hei kaiwhakarato FTP e whakarongo ana mo nga tono ma te tauranga FTP

[root @ linuxbox ~] # setebool -P httpd_enable_ftp_server 1

Mo etahi atu korero, panuihia Whirihoranga Tūmau Linux.

Ka tirohia e maatau te Motuhēhēnga

Kei te noho tonu ki te whakatuwhera tirotiro i runga i te turanga mahi me te tohu, hei tauira, ki http://windowsupdate.com. Ka tirohia e tika ana te tono ki te whaarangi kaainga Apache i te pouaka linux. Ina hoki, ko nga ingoa o te papaanga kua whakahuatia ki te konae / etc / banner_add_hosts ka tukuna koe ki te whaarangi ano.

Ko nga whakaahua kei te mutunga o te tuhinga e whakaatu ana.

Whakahaeretanga Kaiwhakamahi

Ka mahia e maatau ma te whakamahi i te taputapu whakairoiro «Te whakahaere kaiwhakamahi»Ka uru atu ma te rarangi punaha -> Whakahaeretanga -> Te whakahaere Kaiwhakamahi. I nga wa katoa ka taapirihia e maatau he kaiwhakamahi hou, ka hangaia tana kōpaki / kaainga / kaiwhakamahi aunoa.

 

Ngā kaperuarua

Nga kaihoko Linux

Ko te tirotiro noa o te konae me te tohu e hiahia ana koe ki te hono, hei tauira: ssh: // buzz @ linuxbox / home / buzz a, i muri i te whakauru i te kupuhipa, ka whakaatuhia te raarangi home o te kaiwhakamahi buzz.

Kaihoko Matapihi

I nga kaihoko o Matapihi, ka whakamahia e matou te taputapu WinSCP. Ka oti te whakauru, ka whakamahia e maatau penei:

 

 

Māmā, tika?

Whakarāpopoto

Kua kite taatau ka taea te whakamahi i te PAM ki te whakamana i nga ratonga i roto i te whatunga iti me te taiao e tino wehea ana mai i nga ringa o mūrere. Ko te nuinga na te mea na te pono o nga motuhēhēnga tuuturu e haere i roto i nga tuhinga maamaa na reira ehara i te kaupapa whakamana kia whakamahia i roto i nga whatunga tuwhera penei i nga taunga rererangi, whatunga Wi-Fi, etc. Heoi, he mahinga whakamana ngawari noa, he ngawari ki te whakamahi me te whirihora.

I korerohia nga korero

Putanga PDF

Tangohia te tuhinga PDF Here.

Tae noa ki te tuhinga o muri!


Ko nga korero o te tuhinga e piri ana ki o maatau kaupapa o matatika whakatika. Ki te ripoata i tetahi paatene paato Here.

9 korero, waiho maau

Waiho to korero

Ka kore e whakaputaina tō wāhitau īmēra. Kua tohua ngā āpure e hiahiatia ana ki *

*

*

  1. He kawenga mo nga raraunga: Miguel Ángel Gatón
  2. Te kaupapa o te raraunga: Whakahaerehia te SPAM, te whakahaere korero.
  3. Ture: To whakaae
  4. Whakawhitinga korero: Kaore nga korero e tukuna ki nga taha tuatoru engari ma te ture herenga.
  5. Rokiroki raraunga: Paetukutuku e whakahaerehia ana e Occentus Networks (EU)
  6. Tika: I nga wa katoa ka taea e koe te whakaiti, te whakaora me te muku i o korero.

  1.   NauTiluS ka mea

    He whakaoranga nui kua whakaorangia Mr. Fico. Mauruuru mo te tohatoha i o matauranga.

  2.   lagarto ka mea

    Kei te mohio ahau he pehea te uaua ki te whakakao i tetahi tuhinga me te taumata taipitopito, me nga whakamatautau tino marama, me te mea nui ake me nga kaupapa me nga rautaki i taunga ki nga paerewa. Ka tangohia noa e au taku potae ki tenei taonga o nga koha, nui atu te mihi ki a koe Fico mo tenei mahi pai.

    Kaore ano au kia whakakotahi i te wheke me te pono o te pam engari ka kaha ahau ki te mahi i tenei mahi i taku whare taiwhanga ... Te awhi whaainga ka haere tonu !!

  3.   kaikaiwhenua ka mea

    NaTiluS: Ka nui te mihi ki a koe mo o korero me to aro mātai.
    Ngahau: Ki a koe hoki, ka nui te mihi ki a koe mo o korero me to aro mātai.

    Ko te wa me te whakapau kaha ki te hanga tuhinga penei, ka ea noa i te panui me nga korero a te hunga e toro ana ki te hapori FromLinux. Ko te tumanako he pai ki a koe i roto i o mahi ia ra.
    Ka haere tonu taatau!

  4.   ingoamuna ka mea

    He takoha tangata maere !!!! Ka panuihia e au au tuhinga katoa ka taea e au te kii ahakoa mo te tangata kaore nei i te matauranga matatau ki te Raupaparorohiko Koreutu (penei i ahau) ka ahei te whai i tenei tuhinga tino pai. Kia ora !!!!

  5.   IWO ka mea

    Mauruuru Fico mo tenei tuhinga pai ano hoki; Me te mea kaore i ranea ma nga pou katoa kua oti te whakaputa, kei roto i tenei he ratonga kaore i kapi i mua e te PYMES Series, a he mea tino nui tenei: ko te "SQUID", ko te Takawaenga ranei o te LAN. Kaore he mea ma matou ko te whanau o te hunga e whakaaro ana he "sysadmins" matou kei konei etahi atu rauemi pai hei ako me te whakaroha i o maatau mohiotanga.

  6.   kaikaiwhenua ka mea

    Kia ora koutou katoa mo o korero. Ma te tuhinga e whai ake nei te korero mo te kaituku korerorero a te Prosody me te whakamana mo nga tohu o te rohe (PAM) ma te taha o Cyrus-SASL, ana ka whakamahia taua ratonga ki runga i tenei kaituku.

  7.   kenpachiRo17 ka mea

    I te taangata pai !!!! He nui te koha mo te hunga penei i ahau kaore nei i te tino mohio mo te Raupaparorohiko Koreutu e ngakaunui ana ki te ako me nga tuhinga tino ataahua penei i tenei. Kei te whai au i o koha a kei te hiahia au ki te mohio ko tehea tuhinga ka tono mai koe kia tiimata ahau ki tenei raarangi o nga Whatunga SME, mai i taku panui i runga i te ahua koretake a ki taku whakaaro he nui nga korero whai kiko ki te ngaro i nga korero katoa. Ki te kore e nui ake, tena koutou, kia watea te maatauranga tohatoha, me te Raupaparorohiko !!

    1.    kaikaiwhenua ka mea

      Kia ora e te tangata whenua !!!. Ka tūtohu ahau kia tiimata mai i te tiimatanga, ahakoa he ahua roa pea, koinei te huarahi poto rawa kia kore e ngaro. I roto i te taupū-kaore e whakahoutia me nga tuhinga e rua kua pahure- https://blog.desdelinux.net/redes-computadoras-las-pymes-introduccion/, na matou i whakarite te raupapa paanui kua tohua mo te Raupapa, ka tiimata me pehea taku Teihana mahi, kei te haere tonu me etahi pou kua whakatapua mo tenei kaupapa Mariko, whai me te maha o nga puhera KAUPAPA, Isc-Dhcp-Tūmau, me Dnsmasq, me te aha hoki tae noa ki te waahanga whakatinanatanga ratonga mo te hononga SME, kei kona tonu tatou i tenei wa. Ko te tumanako ka awhinahia koe.

      1.    kenpachiRo17 ka mea

        Ka pai !!!! I tenei wa ka tiimata au me te raupapa mai i te tiimatanga, me te tumanako ki nga tuhinga hou. Kia ora !!!!