linux笔记之网络服务
图形化配置命令:
setup
setup
查看主机名
hostname
配置主机名/网关
vi /etc/sysconfig/network
hostname
配置主机名/网关
vi /etc/sysconfig/network
查看接口IP
ifconfig
ifconfig
接口UP/down
ifconfig eth0 up/down
ifup eth0
ifdown eth0
ifconfig eth0 up/down
ifup eth0
ifdown eth0
临时配置接口IP(重启丢失)
ifconfig eth0 192.168.0.1 netmask 255.255.255.0
ifconfig eth0 192.168.0.1 netmask 255.255.255.0
配置接口IP、子网掩码、网关
vi /etc/sysconfig/network-scripts/ifcfg-eth0
vi /etc/sysconfig/network-scripts/ifcfg-eth0
配置接口辅助地址(1个端口多个地址)
ifconfig eth0:0 172.16.0.1 netmask 255.255.255.0
更改网卡mac地址
ifconfig eth0 hw ether XXXXXXXX
ifconfig eth0 hw ether XXXXXXXX
显示网关
route
route
临时设置/删除网关
route add default gw 192.168.0.254
route add default gw 192.168.0.254
route del default gw 192.168.0.254
设置静态路由
/etc/sysconfig/static-router :
any net x.x.x.x/24 gw y.y.y.y
设置DNS
vi /etc/resolv.conf
查看使用端口
netstat -al
查看端口收发
netstat -al
查看端口收发
netstat -i
--------------
服务
服务
--------samba---------
需要包
samba-common-3.0.33-3.14.el5
samba-3.0.33-3.14.el5
samba-client-3.0.33-3.14.el5
需要包
samba-common-3.0.33-3.14.el5
samba-3.0.33-3.14.el5
samba-client-3.0.33-3.14.el5
samba服务启动、关闭、重启、重加载
service smb start/stop/restart/reload
/etc/rc.d/init.d/smb start/stop/restart/reload
service smb start/stop/restart/reload
/etc/rc.d/init.d/smb start/stop/restart/reload
系统自动加载samba服务
chkconfig --level 3 smb on
chkconfig --level 3 smb on
ntsysv
添加用户
useradd username //添加同名系统用户
smbpasswd -a username //添加用户
配置文件
vi /etc/samba/smb.conf
------cmb.conf------
[global]
workgroup = MYGROUP //工作组名或域名
server string = Samba Server Version %v //服务器说明
log file = /var/log/samba/%m.log //日志
server string = Samba Server Version %v //服务器说明
log file = /var/log/samba/%m.log //日志
security = share //不需要认证
security = user //通过账号认证(需要和系统用户名相同并另外添加)
security = server //通过第三方账号认证
security = domain //通过windows域系统认证(服务器不具备域控功能)
security = ads //通过windows域系统认证
[homes]
comment = sales //目录注释
path = /var/spool/samba //共享的目录
pubic = yes //允许匿名访问
browseable = no //隐藏共享
readonly = yes //只读
writable = yes //可读写
write list = user
write list = @group //可写组名
; valid users = %S //允许合法用户
; valid users = MYDOMAIN\%S
security = user //通过账号认证(需要和系统用户名相同并另外添加)
security = server //通过第三方账号认证
security = domain //通过windows域系统认证(服务器不具备域控功能)
security = ads //通过windows域系统认证
[homes]
comment = sales //目录注释
path = /var/spool/samba //共享的目录
pubic = yes //允许匿名访问
browseable = no //隐藏共享
readonly = yes //只读
writable = yes //可读写
write list = user
write list = @group //可写组名
; valid users = %S //允许合法用户
; valid users = MYDOMAIN\%S
# A publicly accessible directory, but read only, except for people in
# the "staff" group
; [public]
; comment = Public Stuff
; path = /home/samba
; public = yes
; writable = yes
; printable = no
; write list = +staff
# the "staff" group
; [public]
; comment = Public Stuff
; path = /home/samba
; public = yes
; writable = yes
; printable = no
; write list = +staff
-------------
dhcp服务
需要的包:
dhcp-devel-3.0.5-21.el5
dhcpv6-client-1.0.10-17.el5
dhcpv6-1.0.10-17.el5
dhcp-3.0.5-21.el5
dhcpv6-client-1.0.10-17.el5
dhcpv6-1.0.10-17.el5
dhcp-3.0.5-21.el5
----dhcpd.conf------
ddns-update-style interim; //动态dns更新
ignore client-updates; //忽略客户端更新
ddns-update-style interim; //动态dns更新
ignore client-updates; //忽略客户端更新
subnet 192.168.0.0 netmask 255.255.255.0 { //定义192.168.0.0网段作用域
# --- default gateway
option routers 192.168.0.1; //默认路由
option subnet-mask 255.255.255.0; //子网掩码
option routers 192.168.0.1; //默认路由
option subnet-mask 255.255.255.0; //子网掩码
option nis-domain "domain.org"; //
option domain-name "domain.org"; //
option domain-name-servers 192.168.1.1; //默认Dns服务器地址
option domain-name "domain.org"; //
option domain-name-servers 192.168.1.1; //默认Dns服务器地址
option time-offset -18000; # Eastern Standard Time
# option ntp-servers 192.168.1.1; //默认时间服务器
# option netbios-name-servers 192.168.1.1; //默认Wins服务器
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
# option netbios-node-type 2;
# option ntp-servers 192.168.1.1; //默认时间服务器
# option netbios-name-servers 192.168.1.1; //默认Wins服务器
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
# option netbios-node-type 2;
range dynamic-bootp 192.168.0.128 192.168.0.254; //IP范围
default-lease-time 21600; //客户端默认租约
max-lease-time 43200; //客户端最大租约
default-lease-time 21600; //客户端默认租约
max-lease-time 43200; //客户端最大租约
# we want the nameserver to appear at a fixed address
host ns {
next-server marvin.redhat.com;
hardware ethernet 12:34:56:78:AB:CD;
fixed-address 207.175.42.254;
}
}
host ns {
next-server marvin.redhat.com;
hardware ethernet 12:34:56:78:AB:CD;
fixed-address 207.175.42.254;
}
}
dhcp超级作用域(单网卡,多作用域)需要为网关配置多IP
shared-network 1234{
shared-network 1234{
option domain-name “contoso.com”
subnet 192.168.1.0 netmask 255.255.255.0 {
option routers 192.168.1.1
range dynamic-bootp 192.168.1.10 192.168.1.200
}
subnet 192.168.0.0 netmask 255.255.255.0 {
option routers 192.168.0.1
range dynamic-bootp 192.168.0.10 192.168.0.200
}
subnet 192.168.1.0 netmask 255.255.255.0 {
option routers 192.168.1.1
range dynamic-bootp 192.168.1.10 192.168.1.200
}
subnet 192.168.0.0 netmask 255.255.255.0 {
option routers 192.168.0.1
range dynamic-bootp 192.168.0.10 192.168.0.200
}
--------租约文件-------
cat /var/lib/dhcpd/dhcpd.leases
dhcpd运行时需要该文件,但RHEL5前默认没有,需要手工建立
cat /var/lib/dhcpd/dhcpd.leases
dhcpd运行时需要该文件,但RHEL5前默认没有,需要手工建立
linux服务器的dhcprelay
#dhcrelay dhcp服务器ip
linux客户端
客户端开启接口dhcp模式
vi /etc/sysconfig/network-scripts/ifcfg-eth0
BOOTPROTO=dhcp
重启网卡即可
重新申请ip
dhclient eth0
dhclient eth0
----------dns服务---------------
hosts文件 /etc/hosts
包清单:
bind-utils-9.3.6-4.P1.el5
bind-9.3.6-4.P1.el5
bind-utils-9.3.6-4.P1.el5
bind-9.3.6-4.P1.el5
配置文件
建立vi /etc/named.conf(手工建立)
建立vi /etc/named.conf(手工建立)
options
{
directory "var/named";
};
logging
{
};
view
view
#正向解析
zone "contoso.com"
{
type master;
zone "contoso.com"
{
type master;
file "contoso.com";
}
}
#反向解析
zone "1.168.192.in-addr.arpa"
{
type master;
file "named.0.168.192";
};
zone "1.168.192.in-addr.arpa"
{
type master;
file "named.0.168.192";
};
建立区域文件
vi /var/named/contoso.com
vi /var/named/contoso.com
根区域
.
测试DNS
host 域名
host 域名
dns区域复制
主dns:
zone "contoso.com"
{
type master;
file "contoso.com";
主dns:
zone "contoso.com"
{
type master;
file "contoso.com";
};
建立contoso.com.zone区域文件
建立contoso.com.zone区域文件
辅助dns服务器
zone "contoso.com"
{
type slave;
masters {192.168.0.10};
file "slaves/contoso.com.zone";
};
建立contoso.com
辅助dns服务器重启dns服务即可service named restart
{
type slave;
masters {192.168.0.10};
file "slaves/contoso.com.zone";
};
建立contoso.com
辅助dns服务器重启dns服务即可service named restart
关闭SERHEL5功能
vi /etc/seRHEL5/config
SERHEL5=disabled
vi /etc/seRHEL5/config
SERHEL5=disabled
重启
------sendmail------
sendmail.mc
dnl开头无效
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')
改为
DAEMON_OPTIONS(`Port=smtp,Addr=0.0.0.0, Name=MTA')
sendmail.mc
dnl开头无效
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')
改为
DAEMON_OPTIONS(`Port=smtp,Addr=0.0.0.0, Name=MTA')
将sendmail.mc 通过m4工具导入 sendmail.cf文件
-------FTP-------------
软件包:vsftp
在客户端方带有NAT或防火墙设备时,FTP必须配为被动模式,否则不通。
因为客户端地址被隐藏,服务器连接不到客户端
软件包:vsftp
在客户端方带有NAT或防火墙设备时,FTP必须配为被动模式,否则不通。
因为客户端地址被隐藏,服务器连接不到客户端
配置文件
vi /etc/vsftpd/vsftpd.conf
anonymous_enable=YES
anon_root=/install
vi /etc/vsftpd/vsftpd.conf
anonymous_enable=YES
anon_root=/install
anon_mkdir_write_enable
anon_max_rate //单位为MB,如果值为0表示不限速
local_enable=yes
write_enable=yes
dirmessage_enable=yes
xferlog_enable=yes
anon_max_rate //单位为MB,如果值为0表示不限速
local_enable=yes
write_enable=yes
dirmessage_enable=yes
xferlog_enable=yes
如果有上传文件夹,那么上传文件夹权限需要修改
chmod 777 dir