鸭子的路标

 
Tags


Filed under

linux

 
August 20, 2009

命令行下的Apache日志分析

1,查看apache进程:
ps aux | grep httpd | grep -v grep | wc -l

2,查看80端口的tcp连接:
netstat -tan | grep "ESTABLISHED" | grep ":80" | wc -l

3,通过日志查看当天ip连接数,过滤重复:

cat access_log | grep "24/Jul/2007" | awk '{print $2}' | sort | uniq -c | sort -nr

4,当天ip连接数最高的ip都在干些什么(原来是蜘蛛):
cat access_log | grep "24/Jul/2007:00" | grep "61.135.166.230" | awk '{print $8}' | sort | uniq -c | sort -nr | head -n 10

5,当天访问页面排前10的url:

cat access_log | grep "24/Jul/2007:00" | awk '{print $8}' | sort | uniq -c | sort -nr | head -n 10

6,用tcpdump嗅探80端口的访问看看谁最高
tcpdump -i eth0 -tnn dst port 80 -c 1000 | awk -F"." '{print $1"."$2"."$3"."$4}' | sort | uniq -c | sort -nr
接着从日志里查看该ip在干嘛:
cat access_log | grep 220.181.38.183| awk '{print $1"\t"$8}' | sort | uniq -c | sort -nr | less


7,查看某一时间段的ip连接数:
grep "2006:0[7-8]" www20060723.log | awk '{print $2}' | sort | uniq -c| sort -nr | wc -l

via zftown.com

Loading mentions Retweet
Filed under  //   apache   linux   nginx  

Comments [0]

August 14, 2009

TCPDUMP中文手册最详细的手册

TCPDUMP中文手册最详细的手册
via blog.163.com

tcpdump-转储网络上的数据流
总览(SYNOPSIS)
tcpdump[-adeflnNOpqStvx][-ccount][-Ffile]

[-iinterface][-rfile][-ssnaplen]

[-Ttype][-wfile][expression]

描述(DESCRIPTION)
Tcpdump打印出在某个网络界面上,匹配布尔表达式expression的报头.

对于SunOS的nit或bpf界面:要运行tcpdump,你必须有/dev/nit或/dev/bpf*的读访问权限.

对于Solaris的dlpi:你必须有网络仿真设备(networkpseudodevice),如/dev/le的读访问权限.

对于HP-UX的dlpi:你必须是root,或者把它安装成root的设置uid程序.对于IRIX的snoop:你必须是root,或者把它安装成root的设置uid程序.对于Linux:你必须是root,或者把它安装成root的设置uid程序.

对于Ultrix和DigitalUNIX:一旦超级用户使用pfconfig(8)开放了promiscuous操作模式(promiscuous-mode),任何用户都可以运行tcpdump.

对于BSD:你必须有/dev/bpf*的读访问权限.

Loading mentions Retweet
Filed under  //   linux   tcpdump  

Comments [0]

August 6, 2009

Clamav + Amavisd-new配置笔记 - linux

perl -MCPAN -e shell
install Archive::Tar
install Archive::Zip
install Compress::Zlib
install Convert::TNEF
install Convert::UUlib
install MIME::Base64
install MIME::Parser
install Mail::Internet
install Net::Server
install Net::SMTP
install Digest::MD5
install IO::Stringy
install Time::HiRes
install Unix::Syslog
install BerkeleyDB
install Digest::SHA1
install DBI
install DB_File
install Net::DNS
install IP::Country
exit
#须手动安装Net::DNS
cd /opt/perl
tar -zxvf Net-DNS-0.63.tar.gz
cd cd Net-DNS-0.63
perl Makefile.PL
make;make install
#============ 可选安装项 ======================
perl -MCPAN -e shell
install HTML::Parser
install Mail::SPF
install Mail::SPF::Query
install Mail::SpamAssassin::Plugin::Razor2
install IO::Socket::INET6
install IO::Socket
exit
cd /opt/perl
tar -zxvf Net-Ident-1.20.tar.gz
cd Net-Ident-1.20
perl Makefile.PL
make;make install
cd /opt/perl
tar -zxvf Crypt-OpenSSL-Random-0.04.tar.gz
cd Crypt-OpenSSL-Random-0.04
perl Makefile.PL
make;make install
# 不选择make test
perl -MCPAN -e shell
install Crypt::OpenSSL::RSA
install Mail::DomainKeys
install Mail::DKIM
install LWP::UserAgent
install HTTP::Date
install Encode::Detect
install Mail::SpamAssassin
exit
cd /opt/perl
tar -zxvf Mail-ClamAV-0.22.tar.gz
cd Mail-ClamAV-0.22
perl Makefile.PL
make;make install
via blog.chinaunix.net

Loading mentions Retweet
Filed under  //   dns   linux   perl  

Comments [0]

August 3, 2009

基于CentOS下Nagios在nginx下安装

Check out this website I found at limylau.blog.51cto.com

1.确定Centos系统中是否安装如下软件包:
Apache
GCC compiler
GD development libraries
2.如果没有安装,则按如下方式进行安装:
yum -y install httpd
yum -y install gcc
yum -y install glibc glibc-common
yum -y install gd gd-devel
3.创建一个nagios user并为其设置password
useradd nagios
passwd nagios
4.创建用户组并将nagios user和apache user加入到用户组中
groupadd nagcmd
usermod -a -G nagcmd nagios
usermod -a -G nagcmd apache
5.下载nagios软件包及nagios插件
wget [url]http://osdn.dl.sourceforge.net/sourceforge/nagios/nagios-3.0.6.tar.gz[/url]
wget [url]http://osdn.dl.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.11.tar.gz[/url]
6.编译安装nagios
tar xzf nagios-3.0.6.tar.gz
cd nagios-3.0.6
./configure --with-command-group=nagcmd
make all
make install
make install-init
make install-config
make install-commandmode
7.配置web接口
make install-webconf
htpasswd -c /usr/local/nagios/etc/htpasswd.users nagios
重启apache服务器,让刚才的配置生效。
8.安装nagios插件
tar xzf nagios-plugins-1.4.11.tar.gz
cd nagios-plugins-1.4.11
./configure --with-nagios-user=nagios --with-nagios group=nagios
make
make install
9.把nagios服务增加到服务清单中并设置开机自启动
chkconfig --add nagios
chkconfig nagios on
10.检查nagios服务器是否存在配置错误。
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
若没有错误信息就启动nagios服务器
service nagios start
11.在ie中输入http://“nagios server ipaddress”/nagios/,测试nagios服务器是否已经能正确安装。
安装到此完成,之后做troubleshooting.
-----------------------------

Loading mentions Retweet
Filed under  //   linux   nagios   nginx  

Comments [2]

July 27, 2009

svn: Can't convert string from 'UTF-8' to native encoding

svn: Can't convert string from 'UTF-8' to native encoding

svn: Can't convert string from 'UTF-8' to native encoding
系统AS4中文版,执行 post-commit check out版本出现上述错误,解决的办法是在root权限下在任何目录下执行LANG="zh_CN.UTF-8"
这真是一个不是问题的问题,可能是为了方便将语言格式改成E文造成的
via bbs.iusesvn.com

Loading mentions Retweet
Filed under  //   linux   svn  

Comments [0]

July 9, 2009

CentOs 安装 svn

# yum install mod_dav_svn subversionDependencies Resolved
# vim /etc/httpd/conf/httpd.conf

# 配置httpd.conf

# service httpd start
# chkconfig httpd on

# cd /etc/httpd/conf.d/
# vim subversion.conf


------------------------------------------------------------------------------------------------------
<Location /svn>
   DAV svn
   SVNParentPath /var/www/svn/

   # Limit write permission to list of valid users.
   #<LimitExcept GET PROPFIND OPTIONS REPORT>
      # Require SSL connection for password protection.
      # SSLRequireSSL

      AuthType Basic
      AuthName "Authorization Realm"
      AuthUserFile /etc/svn-auth-conf
      AuthzSVNAccessFile /etc/svn-access
      Require valid-user
   #</LimitExcept>
</Location>
------------------------------------------------------------------------------------------------------

# htpasswd -cm /etc/svn-auth-conf yourusernameNew
# vim /etc/svn-access
------------------------------------------------------------------------------------------------------
[groups]
developers = lankelan
[repos:/]
@developers = rw
[doname:/]
@developers = rw
------------------------------------------------------------------------------------------------------

# svnadmin create doname
# service httpd restart



#####
注:DB目录应该有可写权限

Loading mentions Retweet
Filed under  //   linux   svn  

Comments [0]

July 6, 2009

CentOS 5.2 安装memcached

选项说明:
-d选项是启动一个守护进程,
-m是分配给Memcache使用的内存数量,单位是MB,我这里是10MB,
-u是运行Memcache的用户,我这里是root,
-l是监听的服务器IP地址,如果有多个地址的话,我这里指定了服务器的IP地址10.0.0.90,
-p是设置Memcache监听的端口,我这里设置了12000,最好是1024以上的端口,
-c选项是最大运行的并发连接数,默认是1024,我这里设置了256,按照你服务器的负载量来设定,
-P是设置保存Memcache的pid文件,我这里是保存在 /tmp/memcached.pid

发现报错“/usr/local/bin/memcached: error while loading shared libraries: libevent-1.3.so.1: cannot open shared object file: No such file or directory”
因为我装的是64位服务器,加上以下一句解决

via blog.fj18.com

/usr/local/bin/memcached -d -m 1024 -u root -l 10.0.0.90 -p 12000 -c 256 -P /tmp/memcached.pid

Loading mentions Retweet
Filed under  //   linux   memcached  

Comments [0]

July 5, 2009

Shell Script To Create BIND Zone Files

Check out this website I found at bash.cyberciti.biz

First, you need to customize configuration file as follows.
Sample ns.profile.nixcraft.net configuration file

Define your default TTL, EMAIL ID and other stuff. Also, set your mail server and nameserver IPs using bash array. Save file as follows ns.profile.nixcraft.net:

Loading mentions Retweet
Filed under  //   bind   dns   linux  

Comments [0]

July 3, 2009

centos5.3 bind配置过程

via hi.baidu.com

按照这篇文章成功在CentOs5.3上配置了bind-9.6.1
参照了这篇文章
http://www.linuxdiyf.com/viewarticle.php?id=16156

Loading mentions Retweet
Filed under  //   bind   dns   linux  

Comments [1]

July 3, 2009

DNS服务全攻略

http://blog.51cto.com/viewpic.php?refimg=" + this.src)" viewpic.php?refimg=" + this.src)" border="0" height="293" alt="image" style="border-left-width: 0px; border-bottom-width: 0px; border-right-width: 0px;" width="454" />
via redking.blog.51cto.com

2.2 DNS所需软件
bind-9.3.3-10.el5.i386.rpm:该包为DNS服务的主程序包。服务器端必须安装该软件包,后面的数字为版本号。
bind-utils-9.3.3-10.el5.i386.rpm:该包为客户端工具,默认安装,用于搜索域名指令。

Loading mentions Retweet
Filed under  //   bind   dns   linux  

Comments [0]