WDCP无法安装Wordpress解决
新的VPS给客户安装WDCP后无法安装Wordpress,点击提交数据库资料安装的时候页面被重定向,恢复WP后也无法打开插件、主题等页面。解决方法可以登入ssh,执行下面的命令:
mv /usr/lib64/libsqlite3.so.0.8.6 /usr/lib64/libsqlite3.so.0.8.6.bak
分类 运维技术 下的文章
MYSQL 日记删除与关闭或定时删除
mysql中如果我们开启bin-log日志全在mysql目录发现大量的mysql-bin.000001,mysql-bin.000002等,如果多了会发现占很大的空间,下面我来介绍mysql-bin日志关闭与删除方法。
日记删除
首先使用root权限账户登入mysql
#mysql -u root -pxxxxx
执行:mysql> reset master;
完成后退出:exit;
关闭日记或定时删除
编辑 my.cnf 注释 log-bin=mysql-bin 重启mysql即可
如果需要定时删除则 expire_logs_days = 3
意思为3天删除
CSF/LFD添加 Directadmin 服务例外,减少误报
为了减少一些误报,我们需要把 Directadmin 的一些值得信赖的服务添加CSF/LFD例外。编辑/etc/csf/csf.pignore 输入以下内容:
cmd:spamd child exe:/bin/dbus-daemon exe:/sbin/ntpd exe:/usr/bin/dbus-daemon exe:/usr/bin/dbus-daemon-1 exe:/usr/bin/fetchmail exe:/usr/bin/freshclam exe:/usr/libexec/dovecot/anvil exe:/usr/libexec/dovecot/imap exe:/usr/libexec/dovecot/imap-login exe:/usr/libexec/dovecot/managesieve exe:/usr/libexec/dovecot/managesieve-login exe:/usr/libexec/dovecot/pop3 exe:/usr/libexec/dovecot/pop3-login exe:/usr/libexec/gam_server exe:/usr/libexec/hald-addon-acpi exe:/usr/libexec/hald-addon-keyboard exe:/usr/local/bin/clamd exe:/usr/local/bin/freshclam exe:/usr/local/bin/pureftpd_uploadscan.sh exe:/usr/local/directadmin/dataskq exe:/usr/local/directadmin/directadmin exe:/usr/local/libexec/dovecot/imap exe:/usr/local/libexec/dovecot/imap-login exe:/usr/local/libexec/dovecot/pop3 exe:/usr/local/libexec/dovecot/pop3-login exe:/usr/local/mysql-5.1.54-linux-x86_64/bin/mysqld exe:/usr/local/php53/bin/php53 exe:/usr/local/php53/bin/php-cgi53 exe:/usr/local/php53/bin/php_uploadscan.sh exe:/usr/local/php53/sbin/php-fpm53 exe:/usr/local/php54/bin/php54 exe:/usr/local/php54/bin/php-cgi54 exe:/usr/local/php54/bin/php_uploadscan.sh exe:/usr/local/php54/sbin/php-fpm54 exe:/usr/local/php55/bin/php55 exe:/usr/local/php55/bin/php-cgi55 exe:/usr/local/php55/bin/php_uploadscan.sh exe:/usr/local/php55/sbin/php-fpm55 exe:/usr/local/php56/bin/php56 exe:/usr/local/php56/bin/php-cgi56 exe:/usr/local/php56/bin/php_uploadscan.sh exe:/usr/local/php56/sbin/php-fpm56 exe:/usr/local/sbin/nginx exe:/usr/sbin/exim exe:/usr/sbin/hald exe:/usr/sbin/httpd exe:/usr/sbin/mysqld exe:/usr/sbin/mysqld_safe exe:/usr/sbin/named exe:/usr/sbin/nginx exe:/usr/sbin/ntpd exe:/usr/sbin/proftpd exe:/usr/sbin/pure-ftpd exe:/usr/sbin/sshd
然后重启LFD:
/etc/init.d/lfd restart
来自:https://www.plugins-da.net/info/csf-lfd-exceptions-for-directadmin-csf.pignore
p.s. Based on this thread: http://forum.directadmin.com/showthread.php?t=49424
Linux shell curl命令获取http状态码
curl -I -m 10 -o /dev/null -s -w %{http_code} www.cnweed.com Apache: (28)No space left on device: Couldn't create accept lock
[Sun Sep 21 17:37:10 2014] [emerg] (28)No space left on device: Couldn't create accept lock (/var/log/httpd/accept.lock.8411) (5)
下午收到监控邮件有台DirectAdmin服务器Apache服务无法启动,检查错误日记后,发现如上错误。首先df -h检查硬盘是否饱和,然后ipcs -s检查ipc,发现是ipc不足。如下所示
# ipcs -s ------ Semaphore Arrays -------- key semid owner perms nsems 0x00000000 19234816 apache 600 1 0x00000000 19267585 apache 600 1 0x00000000 19300354 apache 600 1 0x00000000 19398659 apache 600 1 0x00000000 19431428 apache 600 1 0x00000000 19464197 apache 600 1 0x00000000 19562502 apache 600 1 ………………
执行如下命令清除然后重启Apache即可
ipcs -s | grep apache | perl -lane 'print `ipcrm sem $F[1]`' service httpd restart
引起这个问题的原因可能是apache没有被正确的关闭。写了个简单的shell可以加入crontab定期执行
#!/bin/bash rm -rf /var/log/weed/ipcs.log ipcs -s >> /var/log/weed/ipcs.log ipcslist=`grep -c "" /var/log/weed/ipcs.log` if [ "$ipcslist" -ge "20" ]; then ipcs -s | perl -ane '/^0x00000000/ && `ipcrm -s $F[1]`' echo $(date) "Ipc crowded, clean up" >> /var/log/weed/ipcs_clean.log fi
进程监控检查脚本-Nobody Check
#! /bin/bash
#====================================================================
# sys-mon.sh
#
# Copyright (c) 2011, WangYan <webmaster@wangyan.org>
# All rights reserved.
# Distributed under the GNU General Public License, version 3.0.
#
# Monitor system mem and load, if too high, restart some service.
#
# See: https://wangyan.org/blog/sys-mon-shell-script.html
#
# V 0.5, Date: 2011-12-08
#====================================================================
# Need to monitor the service name
# Must be in /etc/init.d folder exists
NAME_LIST="httpd nginx mysql"
# Single process to allow the maximum CPU (%)
PID_CPU_MAX="25"
# The maximum allowed memory (%)
PID_MEM_SUM_MAX="95"
# The maximum allowed system load
SYS_LOAD_MAX="6"
# Log path settings
LOG_PATH="/var/log/sys-mon.log"
# Date time format setting
DATA_TIME=$(date +"%y-%m-%d %H:%M:%S")
# Your email address
EMAIL="webmaster@example.com"
# Your website url
MY_URL="http://106.187.38.210/p.php"
#====================================================================
for NAME in $NAME_LIST
do
PID_CPU_SUM="0";PID_MEM_SUM="0"
PID_LIST=`ps aux | grep $NAME | grep -v root`
IFS_TMP="$IFS";IFS=$'\n'
for PID in $PID_LIST
do
PID_NUM=`echo $PID | awk '{print $2}'`
PID_CPU=`echo $PID | awk '{print $3}'`
PID_MEM=`echo $PID | awk '{print $4}'`
# echo "$NAME: PID_NUM($PID_NUM) PID_CPU($PID_CPU) PID_MEM($PID_MEM)"
PID_CPU_SUM=`echo "$PID_CPU_SUM + $PID_CPU" | bc`
PID_MEM_SUM=`echo "$PID_MEM_SUM + $PID_MEM" | bc`
if [ `echo "$PID_CPU >= $PID_CPU_MAX" | bc` -eq 1 ];then
if [[ "$NAME" = "php-fpm" || "$NAME" = "httpd" ]];then
sleep 5
if [ `echo "$PID_CPU >= $PID_CPU_MAX" | bc` -eq 1 ];then
echo "${DATA_TIME}: kill ${NAME}($PID_NUM) successful (CPU:$PID_CPU)" | tee -a $LOG_PATH
kill $PID_NUM
fi
else
echo "${DATA_TIME}: [WARNING!] ${NAME}($PID_NUM) cpu usage is too high! (CPU:$PID_CPU)" | tee -a $LOG_PATH
fi
fi
done
IFS="$IFS_TMP"
SYS_LOAD=`uptime | awk '{print $(NF-2)}' | sed 's/,//'`
SYS_MON="CPU:$PID_CPU_SUM MEM:$PID_MEM_SUM LOAD:$SYS_LOAD"
# echo -e "$NAME: $SYS_MON\n"
SYS_LOAD_TOO_HIGH=`awk 'BEGIN{print('$SYS_LOAD'>'$SYS_LOAD_MAX')}'`
PID_MEM_SUM_TOO_HIGH=`awk 'BEGIN{print('$PID_MEM_SUM'>'$PID_MEM_SUM_MAX')}'`
if [[ "$SYS_LOAD_TOO_HIGH" = "1" || "$PID_MEM_SUM_TOO_HIGH" = "1" ]];then
/etc/init.d/$NAME stop
sleep 5
for ((i=1;i<4;i++))
do
if [ `pgrep $NAME | wc -l` = "0" ];then
echo "$DATA_TIME: Stop $NAME successful! ($SYS_MON)" | tee -a $LOG_PATH
break
else
echo "${DATA_TIME}: [WARNING!] Stop $NAME failed[$i]! ($SYS_MON)" | tee -a $LOG_PATH
pkill $NAME && killall $NAME
fi
done
/etc/init.d/$NAME start
sleep 5
for ((ii=1;ii<4;ii++))
do
if [ `pgrep $NAME | wc -l` != "0" ];then
echo "$DATA_TIME: Start $NAME successful!" | tee -a $LOG_PATH
break
else
echo "${DATA_TIME}: [WARNING!] Start $NAME failed[$ii]! ($SYS_MON)" | tee -a $LOG_PATH
/etc/init.d/$NAME start
sleep 5
fi
done
if [ `pgrep $NAME | wc -l` != "0" ];then
echo "${DATA_TIME}: [ERROR!] Start $NAME failed! ($SYS_MON)" | mail -s "Start $NAME failed" $EMAIL
fi
fi
done
STATUS_CODE=`curl -o /dev/null -s -w %{http_code} $MY_URL`
#echo -e "STATUS CODE: $STATUS_CODE\n"
if [ "$STATUS_CODE" != "200" ];then
sleep 3
STATUS_CODE=`curl -o /dev/null -s -w %{http_code} $MY_URL`
if [ "$STATUS_CODE" != "200" ];then
echo "${DATA_TIME}: [WARNING!] Website Downtime! ($SYS_MON)" | tee -a $LOG_PATH
echo "${DATA_TIME}: [WARNING!] Website Downtime! ($SYS_MON)" | mail -s "Start $NAME failed" $EMAIL
fi
fi python脚本查找webshell
#!/usr/bin/env python
#-*- coding: utf-8 -*-
#=============================================================================
# FileName:
# Desc:
# Author: 苦咖啡
# Email: voilet@qq.com
# HomePage: http://blog.kukafei520.net
# Version: 0.0.1
# History:
#=============================================================================
import os
import sys
import re
import smtplib
#设定邮件
fromaddr = "smtp.qq.com"
toaddrs = ["voilet@qq.com"]
username = "voilet"
password = "xxxxxx"
#设置白名单
pass_file = ["api_ucenter.php"]
#定义发送邮件函数
def sendmail(toaddrs,sub,content):
'发送邮件模块'
# Add the From: and To: headers at the start!
msg = ("From: %s\r\nTo: %s\r\nSubject: %s\r\n\r\n"
% (fromaddr, ", ".join(toaddrs), sub))
msg += content
server = smtplib.SMTP('mail.funshion.com', 25,)
server.login(username, password)
server.sendmail(fromaddr, toaddrs, msg)
server.quit()
#设置搜索特征码
rulelist = [
'(\$_(GET|POST|REQUEST)\[.{0,15}\]\(\$_(GET|POST|REQUEST)\[.{0,15}\]\))',
'(base64_decode\([\'"][\w\+/=]{200,}[\'"]\))',
'eval\(base64_decode\(',
'(eval\(\$_(POST|GET|REQUEST)\[.{0,15}\]\))',
'(assert\(\$_(POST|GET|REQUEST)\[.{0,15}\]\))',
'(\$[\w_]{0,15}\(\$_(POST|GET|REQUEST)\[.{0,15}\]\))',
'(wscript\.shell)',
'(gethostbyname\()',
'(cmd\.exe)',
'(shell\.application)',
'(documents\s+and\s+settings)',
'(system32)',
'(serv-u)',
'(提权)',
'(phpspy)',
'(后门)',
'(webshell)',
'(Program\s+Files)',
'www.phpdp.com',
'phpdp',
'PHP神盾',
'decryption',
'Ca3tie1',
'GIF89a',
'IKFBILUvM0VCJD\/APDolOjtW0tgeKAwA',
'\'e\'\.\'v\'\.\'a\'\.\'l\'',
]
def Scan(path):
for root,dirs,files in os.walk(path):
for filespath in files:
isover = False
if '.' in filespath:
ext = filespath[(filespath.rindex('.')+1):]
if ext=='php' and filespath not in pass_file:
file= open(os.path.join(root,filespath))
filestr = file.read()
file.close()
for rule in rulelist:
result = re.compile(rule).findall(filestr)
if result:
print '文件:'+os.path.join(root,filespath)
print '恶意代码:'+str(result[0])
print '\n\n'
sendmail(toaddrs,"增值发现恶意代码",'文件:'+os.path.join(root,filespath)+"\n" + '恶意代码:'+str(result[0]))
break
try:
if os.path.lexists("/home/web_root/"):
print('\n\n开始扫描:'+ "/home/web_root/")
print(' 可疑文件 ')
print('########################################')
Scan("/home/web_root/")
print('提示:扫描完成--~')
else:
print '提示:指定的扫描目录不存在--- '
except IndexError:
print "请指定扫描文件目录"来自:http://blog.kukafei520.net/html/2013/811.html
Linux系统监控脚本
一个简单的系统监控脚本,有需要的朋友可以参考下。
#!/bin/bash
time=`date +"%Y-%m-%d %H:%M:%S"`
d=`date +%m%d`
N=`ps -ef | grep httpd | grep -v grep | wc -l`
Q=`ps -ef | grep java | grep -v grep | wc -l`
[ -d /root/check_log/ ] || mkdir /root/check_log
IP=`ifconfig eth0 | sed -n '2'p | awk '{print $2}' | awk -F':' '{print $2}'`
M=`uptime | awk '{print $8,$9,$10,$11,$12}'`
O=`ifconfig eth0 | sed -n '8'p | awk '{print $3,$4}'`
P=`ifconfig eth0 | sed -n '8'p | awk '{print $7,$8}'`
R=`ifconfig eth1 | sed -n '8'p | awk '{print $3,$4}'`
S=`ifconfig eth1 | sed -n '8'p | awk '{print $7,$8}'`
A=`top -bn1 | sed -n '2'p | awk '{print $2}'`
B=`top -bn1 | sed -n '2'p | awk '{print $10}'`
echo ****************************$IP**************************** >> /root/check_log/$d.log
echo "系统当前时间:" >> /root/check_log/$d.log
echo $time >> /root/check_log/$d.log
echo "---------------------check system load------------------" >> /root/check_log/$d.log
echo "系统当前负载:" >> /root/check_log/$d.log
echo $M >> /root/check_log/$d.log
echo "---------------------check 总进程数---------------------" >> /root/check_log/$d.log
echo "系统当前总进程数:" >> /root/check_log/$d.log
echo $A >> /root/check_log/$d.log
echo "系统当前僵死进程数:" >> /root/check_log/$d.log
echo $B >> /root/check_log/$d.log
echo "---------------------check 应用进程数--------------------" >> /root/check_log/$d.log
echo "当前apache进程数:" >> /root/check_log/$d.log
echo $N >> /root/check_log/$d.log
echo "当前java进程数" >> /root/check_log/$d.log
echo $Q >> /root/check_log/$d.log
echo "---------------------check Tcp连接状态-------------------" >> /root/check_log/$d.log
netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a,S[a]}' >> /root/check_log/$d.log
echo "---------------------check 网卡流量-----------------------" >> /root/check_log/$d.log
echo "当前eth0网卡流量:" >> /root/check_log/$d.log
echo "接收总流量:$O" >> /root/check_log/$d.log
echo "发送总流量:$P" >> /root/check_log/$d.log
echo "当前eth1网卡流量:" >> /root/check_log/$d.log
echo "接收总流量:$R" >> /root/check_log/$d.log
echo "发送总流量:$S" >> /root/check_log/$d.log
echo "-----------------------------check cpu load------------------------------" >> /root/check_log/$d.log
echo "系统当前cpu负载:" >> /root/check_log/$d.log
sar -u 1 10 | grep -v Linux | grep -v ^$ >> /root/check_log/$d.log
echo "-----------------------------check mem load------------------------------" >> /root/check_log/$d.log
echo "系统当前内存信息:" >> /root/check_log/$d.log
cat /proc/meminfo >> /root/check_log/$d.log
echo "-----------------------------check 磁盘空间------------------------------" >> /root/check_log/$d.log
echo "系统当前磁盘容量:" >> /root/check_log/$d.log
df -h >> /root/check_log/$d.log
echo "-----------------------------check io load-------------------------------" >> /root/check_log/$d.log
echo "系统当前io磁盘负载:" >> /root/check_log/$d.log
iostat 1 10 | grep -v ^$ | grep -v Linux | grep -v dm | grep -v hdc >> /root/check_log/$d.log
find /root/check_log/ -mtime +6 |xargs rm -f来自:http://www.jbxue.com/article/4472.html
Linux CC攻击检查检测与iptables封锁
#查看所有80端口的连接数
netstat -nat|grep -i "80"|wc -l
#对连接的IP按连接数量进行排序
netstat -anp | grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
netstat -ntu | awk '{print $5}' | egrep -o "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" | sort | uniq -c | sort -nr
#查看TCP连接状态
netstat -nat |awk '{print $6}'|sort|uniq -c|sort -rn
netstat -n | awk '/^tcp/ {print $NF}'|sort|uniq -c|sort -rn
netstat -n | awk '/^tcp/ {++S[$NF]};END {for(a in S) print a, S[a]}'
netstat -n | awk '/^tcp/ {++state[$NF]}; END {for(key in state) print key,"\t",state[key]}'
netstat -n | awk '/^tcp/ {++arr[$NF]};END {for(k in arr) print k,"\t",arr[k]}'
netstat -ant | awk '{print $NF}' | grep -v '[a-z]' | sort | uniq -c
#查看80端口连接数最多的20个IP
cat /www/web_logs/waitalone.cn_access.log|awk '{print $1}'|sort|uniq -c|sort -nr|head -100
tail -n 10000 /www/web_logs/waitalone.cn_access.log|awk '{print $1}'|sort|uniq -c|sort -nr|head -100
cat /www/web_logs/waitalone.cn_access.log|awk '{print $1}'|sort|uniq -c|sort -nr|head -100
netstat -anlp|grep 80|grep tcp|awk '{print $5}'|awk -F: '{print $1}'|sort|uniq -c|sort -nr|head -n20
netstat -ant |awk '/:80/{split($5,ip,":");++A[ip[1]]}END{for(i in A) print A,i}' |sort -rn|head -n20
#用tcpdump嗅探80端口的访问看看谁最高
tcpdump -i eth0 -tnn dst port 80 -c 1000 | awk -F"." '{print $1"."$2"."$3"."$4}' | sort | uniq -c | sort -nr |head -20
#查找较多time_wait连接
netstat -n|grep TIME_WAIT|awk '{print $5}'|sort|uniq -c|sort -rn|head -n20
#查找较多的SYN连接
netstat -an | grep SYN | awk '{print $5}' | awk -F: '{print $1}' | sort | uniq -c | sort -nr | more
#linux下实用iptables封ip段的一些常见命令:
#封单个IP的命令是:
iptables -I INPUT -s 211.1.0.0 -j DROP
#封IP段的命令是:
iptables -I INPUT -s 211.1.0.0/16 -j DROP
iptables -I INPUT -s 211.2.0.0/16 -j DROP
iptables -I INPUT -s 211.3.0.0/16 -j DROP
#封整个段的命令是:
iptables -I INPUT -s 211.0.0.0/8 -j DROP
#封几个段的命令是:
iptables -I INPUT -s 61.37.80.0/24 -j DROP
iptables -I INPUT -s 61.37.81.0/24 -j DROP
#想在服务器启动自运行的话有三个方法:
#1、把它加到/etc/rc.local中
#2、iptables-save >/etc/sysconfig/iptables可以把你当前的iptables规则放到/etc/sysconfig/iptables中,系统启动iptables时自动执行。
#3、service iptables save 也可以把你当前的iptables规则放/etc/sysconfig/iptables中,系统启动iptables时#自动执行。
#后两种更好此,一般iptables服务会在network服务之前启来,更安全。
#解封的话:
iptables -D INPUT -s IP地址 -j REJECT
iptables -F #全清掉了 Linux网络流量实时监控ifstat iftop命令详解
iftop
介绍
iftop是一款实时流量监控工具,监控TCP/IP连接等,缺点就是无报表功能。必须以root身份才能运行。
实例
默认是监控第一块网卡的流量
iftop
监控eth1
iftop -i eth1
直接显示IP, 不进行DNS反解析
iftop -n
直接显示连接埠编号, 不显示服务名称:
iftop -N
显示某个网段进出封包流量
iftop -F 192.168.1.0/24 or 192.168.1.0/255.255.255.0
基于实例讲解输出含义
执行iftop -N -n -i eth1后界面为
19.1Mb 38.1Mb 57.2Mb 76.3Mb 95.4Mb
+-----------------+-----------------+--------------------+--------------------+---------------------
192.168.1.11 => 192.168.1.66 5.3Mb 3.22Mb 3.20Mb
<= 219kb 45.7kb 49.3kb
192.168.1.11 => 192.168.1.29 144kb 30.8kb 29.6kb
<= 11.3Mb 2.38Mb 2.74Mb
192.168.1.11 => 12.2.11.71 0b 6.40kb 6.66kb
<= 0b 0b 0b
192.168.1.11 => 192.168.1.8 2.63kb 1.43kb 932b
<= 1.31kb 1.05kb 893b
192.168.1.11 => 192.168.2.78 2.53kb 1.54kb 2.15kb
<= 160b 160b 187b
192.168.1.11 => 111.126.195.69 0b 166b 69b
<= 0b 0b 0b
------------------------------------------------------------------------------------------------------
TX: cum: 9.70MB peak: 15.6Mb rates: 15.4Mb 3.26Mb 3.23Mb
RX: 8.38MB 14.9Mb 11.5Mb 2.42Mb 2.79Mb
TOTAL: 18.1MB 30.5Mb 27.0Mb 5.69Mb 6.03Mbiftop界面含义如下
第一行:带宽显示 中间部分:外部连接列表,即记录了哪些ip正在和本机的网络连接 中间部分右边:实时参数分别是该访问ip连接到本机2秒,10秒和40秒的平均流量 =>代表发送数据,<= 代表接收数据 底部三行:表示发送,接收和全部的流量 底部三行第二列:为你运行iftop到目前流量 底部三行第三列:为高峰值 底部三行第四列:为平均值
通过iftop的界面很容易找到哪个ip在霸占网络流量,这个是ifstat做不到的。不过iftop的流量显示单位是Mb,这个b是bit,是位,不是字节,而ifstat的KB,这个B就是字节了,byte是bit的8倍。初学者容易被误导。
进入iftop的命令
进入iftop画面后的一些操作命令(注意大小写) 按h切换是否显示帮助; 按n切换显示本机的IP或主机名; 按s切换是否显示本机的host信息; 按d切换是否显示远端目标主机的host信息; 按t切换显示格式为2行/1行/只显示发送流量/只显示接收流量; 按N切换显示端口号或端口服务名称; 按S切换是否显示本机的端口信息; 按D切换是否显示远端目标主机的端口信息; 按p切换是否显示端口信息; 按P切换暂停/继续显示; 按b切换是否显示平均流量图形条; 按B切换计算2秒或10秒或40秒内的平均流量; 按T切换是否显示每个连接的总流量; 按l打开屏幕过滤功能,输入要过滤的字符,比如ip,按回车后,屏幕就只显示这个IP相关的流量信息; 按L切换显示画面上边的刻度;刻度不同,流量图形条会有变化; 按j或按k可以向上或向下滚动屏幕显示的连接记录; 按1或2或3可以根据右侧显示的三列流量数据进行排序; 按<根据左边的本机名或IP排序; 按>根据远端目标主机的主机名或IP排序; 按o切换是否固定只显示当前的连接; 按f可以编辑过滤代码,这是翻译过来的说法,我还没用过这个! 按!可以使用shell命令,这个没用过!没搞明白啥命令在这好用呢! 按q退出监控。
参考:http://www.cnblogs.com/ggjucheng/archive/2013/01/13/2858923.html
Centos 修改主机名
一、临时修改
$ sudo hostname weedhost # 查看主机名 $ hostname weedhost
临时修改在重启后会恢复原样
二、永久修改
# 查看当前主机名 $ cat /etc/sysconfig/network NETWORKING=yes HOSTNAME=localhost.localdomain GATEWAY=192.168.10.1 # HOSTNAME就是主机名了,vi /etc/sysconfig/network 修改保存即可
CentOS下ssh登录限制ip
应用环境可以是安全要求比较高的VPS或者独立服务器,一般允许内网IP登入,或者VPN进去。
vi /etc/hosts.allow sshd:192.168.0.100:allow //允许IP 192.168.0.100 登录 sshd:192.168.0.:allow //允许IP 192.168.0. 网段登录 sshd:all:deny //禁止其他的所有IP登录 或者 sshd:223.227.223.*:allow //允许IP 223.227.223.* 网段登录 sshd:192.168.0.*:allow //允许IP 192.168.0.* 网段登录 sshd:all:deny //禁止其他的所有IP