[root@localhost keepalived-1.1.12]# wget
[root@localhost keepalived-1.1.12]# tar zxvf keepalived-1.2.13.tar.gz
[root@localhost keepalived-1.1.12]# cd keepalived-1.2.13
[root@localhost keepalived-1.1.12]# ./configure
checking for openssl/ssl.h... no
configure: error:
  !!! OpenSSL is not properly installed on your system. !!!
  !!! Can not include OpenSSL headers files.            !!!
[root@localhost keepalived-1.1.12]# yum install openssl-devel
[root@localhost keepalived-1.2.13]# ./configure;make;make install
[root@localhost keepalived]# vi keepalived.conf        全局定义,vrrp实例定义,虚拟服务器定义
[root@localhost keepalived]# pwd
[root@localhost etc]# cp rc.d/init.d/keepalived  /etc/init.d/keepalived    这个命令或下面的命令都可以
[root@localhost etc]# ln -s rc.d/init.d/keepalived /etc/init.d/keepalived



[root@109-com1 rsyslog.d]# rpm -q rsyslog
[root@109-com1 rsyslog.d]# rpm -ql rsyslog
[root@109-com1 postfix]# cat /etc/rsyslog.conf
# rsyslog v5 configuration file
# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html
# If you experience problems, see
#### MODULES ####
$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
$ModLoad imklog   # provides kernel logging support (previously done by rklogd)
#$ModLoad immark  # provides --MARK-- message capability
# Provides UDP syslog reception
#$ModLoad imudp
#$UDPServerRun 514
# Provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514
# Use default timestamp format
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
# File syncing capability is disabled by default. This feature is usually not required,
# not useful and an extreme performance hit
#$ActionFileEnableSync on
# Include all config files in /etc/rsyslog.d/
$IncludeConfig /etc/rsyslog.d/*.conf
#### RULES ####
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.*                                                 /dev/console
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none                /var/log/messages
# The authpriv file has restricted access.
authpriv.*                                              /var/log/secure
# Log all the mail messages in one place.
mail.*                                                  -/var/log/maillog
# Log cron stuff
cron.*                                                  /var/log/cron
# Everybody gets emergency messages
*.emerg                                                 *
# Save news errors of level crit and higher in a special file.
uucp,news.crit                                          /var/log/spooler
# Save boot messages also to boot.log
local7.*                                                /var/log/boot.log
# ### begin forwarding rule ###
# The statement between the begin ... end define a SINGLE forwarding
# rule. They belong together, do NOT split them. If you create multiple
# forwarding rules, duplicate the whole block!
# Remote Logging (we use TCP for reliable delivery)
# An on-disk queue is created for this action. If the remote host is
# down, messages are spooled to disk and sent when it is up again.
#$WorkDirectory /var/lib/rsyslog # where to place spool files
#$ActionQueueFileName fwdRule1 # unique name prefix for spool files
#$ActionQueueMaxDiskSpace 1g   # 1gb space limit (use as much as possible)
#$ActionQueueSaveOnShutdown on # save messages to disk on shutdown
#$ActionQueueType LinkedList   # run asynchronously
#$ActionResumeRetryCount -1    # infinite retries if host is down
# remote host is: name/ip:port, e.g., port optional
#*.* @@remote-host:514
# ### end of the forwarding rule ###





[root@222-comecs cron.d]# rpm -qa|grep cron
[root@222-comecs cron.d]# rpm -ql cronie-anacron
[root@109-com1 postfix]# rpm -ql crontabs /etc/cron.daily /etc/cron.hourly /etc/cron.monthly /etc/cron.weekly /etc/crontab /usr/bin/run-parts /usr/share/man/man4/crontabs.4.gz [root@109-com1 20141104]# rpm -ql cronie /etc/cron.d /etc/cron.d/0hourly /etc/cron.deny /etc/pam.d/crond /etc/rc.d/init.d/crond /etc/sysconfig/crond /usr/bin/crontab /usr/sbin/crond /usr/share/doc/cronie-1.4.4 /usr/share/doc/cronie-1.4.4/AUTHORS /usr/share/doc/cronie-1.4.4/COPYING /usr/share/doc/cronie-1.4.4/ChangeLog /usr/share/doc/cronie-1.4.4/INSTALL /usr/share/doc/cronie-1.4.4/README /usr/share/man/man1/crontab.1.gz /usr/share/man/man5/crontab.5.gz /usr/share/man/man8/cron.8.gz /usr/share/man/man8/crond.8.gz /var/spool/cron [root@109-com1 postfix]# cat /etc/crontab SHELL=/bin/bash PATH=/sbin:/bin:/usr/sbin:/usr/bin #MAILTO=root HOME=/ # For details see man 4 crontabs # Example of job definition: # .---------------- minute (0 - 59) # | .------------- hour (0 - 23) # | | .---------- day of month (1 - 31) # | | | .------- month (1 - 12) OR jan,feb,mar,apr ... # | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat # | | | | | # * * * * * user-name command to be executed


[root@109-com1 logrotate.d]# cat /var/lib/logrotate.status
logrotate state -- version 2
"/var/log/iptraf/*.log" 2014-9-13
"/var/log/yum.log" 2014-8-27
"/var/log/asterisk/messages" 2014-11-5
"/var/log/dracut.log" 2014-8-27
"/var/log/wtmp" 2014-11-1
"/var/log/spooler" 2014-11-2
"/var/log/btmp" 2014-11-1
"/var/log/iscsiuio.log" 2014-8-27
"/var/log/maillog" 2014-11-2
"/var/log/secure" 2014-11-2
"/var/log/messages" 2014-11-2
"/var/log/cron" 2014-11-2
[root@109-com1 logrotate.d]# rpm -ql logrotate

[root@109-com1 postfix]# cat /etc/logrotate.conf
# see "man logrotate" for details
# rotate log files weekly
# keep 4 weeks worth of backlogs
rotate 4
# create new (empty) log files after rotating old ones
# use date as a suffix of the rotated file
# uncomment this if you want your log files compressed
# RPM packages drop log rotation information into this directory
include /etc/logrotate.d
# no packages own wtmp and btmp -- we'll rotate them here
/var/log/wtmp {
create 0664 root utmp
minsize 1M
rotate 1
/var/log/btmp {
create 0600 root utmp
rotate 1
# system-specific logs may be also be configured here.
[root@109-com1 postfix]# cat /etc/logrotate.d/syslog
/bin/kill -HUP `cat /var/run/ 2> /dev/null` 2> /dev/null || true


service sshd restart
Oct 31 11:46:18 250-shiyan sshd[8252]: Received signal 15; terminating.
Oct 31 11:46:18 250-shiyan sshd[8284]: Server listening on port 22.
Oct 31 11:46:18 250-shiyan sshd[8284]: Server listening on :: port 22.

login as: flt
flt@'s password:
Last login: Fri Oct 31 11:34:19 2014 from

Oct 31 11:47:07 250-shiyan sshd[8287]: Accepted password for flt from port 56942 ssh2
Oct 31 11:47:07 250-shiyan sshd[8287]: pam_unix(sshd:session): session opened for user flt by (uid=0)

[flt@250-shiyan ~]$exit
Oct 31 11:48:59 250-shiyan sshd[8287]: pam_unix(sshd:session): session closed for user flt

login as: flt
Oct 31 11:37:37 250-shiyan sshd[8255]: User flt from not allowed because not listed in AllowUsers
Oct 31 11:37:37 250-shiyan sshd[8256]: input_userauth_request: invalid user flt

flt@'s password:
Access denied

Oct 31 11:38:15 250-shiyan unix_chkpwd[8257]: password check failed for user (flt)
Oct 31 11:38:15 250-shiyan sshd[8255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=  user=flt
Oct 31 11:38:17 250-shiyan sshd[8255]: Failed password for invalid user flt from port 56895 ssh2

flt@'s password:    ctrl+c结束
Oct 31 11:38:21 250-shiyan sshd[8256]: Received disconnect from 13: Unable to authenticate



[root@ipt ~]# iptables -t nat -vnL POSTROUTING  --line-number|grep 69
53       2   104 SNAT       tcp  --  *      *        tcp dpt:3389 to:
54       0     0 SNAT       tcp  --  *      *        tcp dpt:13388 to:
[root@ipt ~]# iptables -t nat -vnL PREROUTING  --line-number|grep 69
5        0     0 DNAT       tcp  --  *      *           tcp dpt:3690 to:
33    1008 62696 ACCEPT     udp  --  *      *             udp dpt:53
34    1880 96972 ACCEPT     tcp  --  *      *             tcp dpt:80
62       2   104 DNAT       tcp  --  *      *           tcp dpt:13389 to:
63       0     0 DNAT       tcp  --  *      *           tcp dpt:13388 to:
69       0     0 DNAT       tcp  --  *      *           tcp dpt:10011 to:
[root@ipt ~]# iptables -vnL FORWARD  --line-number|grep 69
33      16  1531 ACCEPT     all  --  *      *
47     696 35483 ACCEPT     all  --  *      *
69       0     0 ACCEPT     all  --  *      *

# iptables -t filter -A INPUT -s 123.456.789.0/24 -j DROP
# iptables -t filter -A OUTPUT -d 123.456.789.0/24 -j DROP

# iptables -A INPUT -i eth1 -s -m limit --limit 5/m --limit-burst 7 -j LOG --log-prefix "IP_SPOOF A: "
# iptables -A INPUT -i eth1 -s -j DROP
# iptables -A INPUT -s -p tcp --destination-port 80 -j LOG --log-level crit

xt_layer7              13576  12
iptable_mangle          6784  1
xt_MARK                 6144  6
ipt_REDIRECT            5760  3
ipt_MASQUERADE          6656  5
iptable_nat             8964  1
nf_nat                 20372  3 ipt_REDIRECT,ipt_MASQUERADE,iptable_nat
ipt_REJECT              6912  0
nf_conntrack_ipv4      16012  17 iptable_nat,nf_nat
nf_defrag_ipv4          6016  1 nf_conntrack_ipv4
xt_tcpudp               6912  238
xt_conntrack            7424  2
nf_conntrack           61768  7 xt_layer7,ipt_MASQUERADE,iptable_nat,nf_nat,nf_conntrack_netbios_ns,nf_conntrack_ipv4,xt_conntrack
ipv6                  216820  28
iptable_filter          6656  1
ip_tables              14224  3 iptable_mangle,iptable_nat,iptable_filter
x_tables               17668  9 xt_layer7,xt_MARK,ipt_REDIRECT,ipt_MASQUERADE,iptable_nat,ipt_REJECT,xt_tcpudp,xt_conntrack,ip_tables
nf_conntrack_netbios_ns     6400  0

xt_connlimit            3238  0
iptable_nat             6158  1
nf_nat                 22759  1 iptable_nat
nf_conntrack_ipv4       9506  3 iptable_nat,nf_nat
nf_defrag_ipv4          1483  1 nf_conntrack_ipv4
iptable_filter          2793  1
ip_tables              17831  2 iptable_nat,iptable_filter
ipt_LOG                 5845  2
ipt_REJECT              2351  0
ip6t_REJECT             4628  2
nf_conntrack_ipv6       8748  2
nf_defrag_ipv6         11182  1 nf_conntrack_ipv6
xt_state                1492  2
nf_conntrack           79758  6 xt_connlimit,iptable_nat,nf_nat,nf_conntrack_ipv4,nf_conntrack_ipv6,xt_state
ip6table_filter         2889  1
ip6_tables             18732  1 ip6table_filter



[root@localhost ~]# yum install rpcbind
  rpcbind.x86_64 0:0.2.0-11.el6
Dependency Installed:
  libgssglue.x86_64 0:0.1-11.el6                                               libtirpc.x86_64 0:0.2.1-6.el6_5.2
[root@localhost ~]# rpm -ql libgssglue
[root@localhost ~]# rpm -ql libtirpc
[root@localhost ~]# rpm -ql rpcbind
[root@localhost ~]# ps -ef|grep rpc
root      3082  2368  0 17:54 pts/1    00:00:00 grep rpc
[root@localhost ~]# service rpcbind start
Starting rpcbind:                                          [  OK  ]
[root@localhost ~]# ps -ef|grep rpc
rpc       1174     1  0 18:07 ?        00:00:00 rpcbind
root      1178  1140  0 18:07 pts/0    00:00:00 grep rpc
[root@localhost ~]# rpcbind start
[root@localhost ~]# ps -ef|grep rpc
rpc       3085     1  0 17:55 ?        00:00:00 rpcbind start
root      3087  2368  0 17:55 pts/1    00:00:00 grep rpc
[root@localhost ~]# rpcbind -a
-a (abort) specified without -d (debugging) -- ignored.
rpcbind: another rpcbind is already running. Aborting
[root@localhost ~]# rpcbind -i
rpcbind: another rpcbind is already running. Aborting
[root@localhost ~]# rpcbind -s
rpcbind: another rpcbind is already running. Aborting
[root@localhost ~]# rpcbind -w
rpcbind: another rpcbind is already running. Aborting
[root@localhost ~]# cd /proc/1174/fd
[root@localhost fd]# ls
0  1  10  11  2  3  4  5  6  7  8  9
[root@localhost fd]# ll
total 0
lrwx------. 1 root root 64 Sep 18 18:10 0 -> /dev/null
lrwx------. 1 root root 64 Sep 18 18:10 1 -> /dev/null
lrwx------. 1 root root 64 Sep 18 18:10 10 -> socket:[11434]
lrwx------. 1 root root 64 Sep 18 18:10 11 -> socket:[11435]
lrwx------. 1 root root 64 Sep 18 18:10 2 -> /dev/null
lr-x------. 1 root root 64 Sep 18 18:10 3 -> /var/run/rpcbind.lock
lrwx------. 1 root root 64 Sep 18 18:10 4 -> socket:[11450]
lrwx------. 1 root root 64 Sep 18 18:10 5 -> socket:[11425]
lrwx------. 1 root root 64 Sep 18 18:10 6 -> socket:[11427]
lrwx------. 1 root root 64 Sep 18 18:10 7 -> socket:[11429]
lrwx------. 1 root root 64 Sep 18 18:10 8 -> socket:[11430]
lrwx------. 1 root root 64 Sep 18 18:10 9 -> socket:[11432]
[root@localhost fd]# cd /var/cache/
[root@localhost cache]# ls
ldconfig  rpcbind  yum
[root@localhost cache]# cd rpcbind/
[root@localhost rpcbind]# ll
total 8
-rw-------. 1 rpc rpc 124 Sep 18 18:06 portmap.xdr
-rw-------. 1 rpc rpc 668 Sep 18 18:06 rpcbind.xdr
[root@localhost rpcbind]# file *
portmap.xdr: data
rpcbind.xdr: data
[root@221-comecs ~]# rpcinfo
   program version netid     address                service    owner
    100000    4    tcp6      ::.0.111               portmapper superuser
    100000    3    tcp6      ::.0.111               portmapper superuser
    100000    4    udp6      ::.0.111               portmapper superuser
    100000    3    udp6      ::.0.111               portmapper superuser
    100000    4    tcp          portmapper superuser
    100000    3    tcp          portmapper superuser
    100000    2    tcp          portmapper superuser
    100000    4    udp          portmapper superuser
    100000    3    udp          portmapper superuser
    100000    2    udp          portmapper superuser
    100000    4    local     /var/run/rpcbind.sock  portmapper superuser
    100000    3    local     /var/run/rpcbind.sock  portmapper superuser
    100024    1    udp         status     29
    100024    1    tcp        status     29
    100024    1    udp6      ::.149.13              status     29
    100024    1    tcp6      ::.179.140             status     29
    100021    1    udp         nlockmgr   superuser
    100021    3    udp         nlockmgr   superuser
    100021    4    udp         nlockmgr   superuser
    100021    1    tcp         nlockmgr   superuser
    100021    3    tcp         nlockmgr   superuser
    100021    4    tcp         nlockmgr   superuser
    100021    1    udp6      ::.186.157             nlockmgr   superuser
    100021    3    udp6      ::.186.157             nlockmgr   superuser
    100021    4    udp6      ::.186.157             nlockmgr   superuser
    100021    1    tcp6      ::.192.127             nlockmgr   superuser
    100021    3    tcp6      ::.192.127             nlockmgr   superuser
    100021    4    tcp6      ::.192.127             nlockmgr   superuser
[root@221-comecs ~]# rpcinfo -p
   program vers proto   port  service
    100000    4   tcp    111  portmapper
    100000    3   tcp    111  portmapper
    100000    2   tcp    111  portmapper
    100000    4   udp    111  portmapper
    100000    3   udp    111  portmapper
    100000    2   udp    111  portmapper
    100024    1   udp  53846  status
    100024    1   tcp  38021  status
    100021    1   udp  34602  nlockmgr
    100021    3   udp  34602  nlockmgr
    100021    4   udp  34602  nlockmgr
    100021    1   tcp  49198  nlockmgr
    100021    3   tcp  49198  nlockmgr
    100021    4   tcp  49198  nlockmgr

[root@localhost rpcbind]# yum install nfs-utils
  nfs-utils.x86_64 1:1.2.3-39.el6_5.3
Dependency Installed:
  keyutils.x86_64 0:1.4-4.el6                     libevent.x86_64 0:1.4.13-4.el6                     nfs-utils-lib.x86_64 0:1.1.5-6.el6_5
[root@localhost rpcbind]# rpm -ql nfs-utils
[root@localhost rpcbind]# rpm -ql nfs-utils-lib
[root@localhost rpcbind]# rpm -ql keyutils
[root@localhost rpcbind]# rpm -ql libevent
[root@localhost nfs]# mount
/dev/mapper/VolGroup-lv_root on / type ext4 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
tmpfs on /dev/shm type tmpfs (rw,rootcontext="system_u:object_r:tmpfs_t:s0")
/dev/sda1 on /boot type ext4 (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)启动nfs后会多出这两行
nfsd on /proc/fs/nfsd type nfsd (rw)

