海运的博客

N1盒子armbian/ubuntu/linux系统修改日志输出到内存

发布时间:February 28, 2019 // 分类:N1 // No Comments

N1盒子的存储设备是emmc,为了延长emmc的使用寿命尽可能的将读写文件在内存中完成。
修改systemd journald日志存放目录为内存,也就是/run/log目录,限制最大使用内存空间64MB:

sed -i 's/#Storage=auto/Storage=volatile/' /etc/systemd/journald.conf
sed -i 's/#RuntimeMaxUse=/RuntimeMaxUse=64M/' /etc/systemd/journald.conf

然后重新启动systemd-journald服务:

systemctl restart systemd-journald

修改rsyslog日志存放目录为/run/log:

sed -i 's/\/var\/log/\/run\/log/g' /etc/rsyslog.d/50-default.conf

修改rsyslog运行用户为root,不然/run/log没写入权限:

sed 's/PrivDropToUser syslog/PrivDropToUser root/' /etc/rsyslog.conf  
sed 's/PrivDropToUser syslog/PrivDropToGroup root/' /etc/rsyslog.conf 

然后重启rsyslog即可:

systemctl restart rsyslog

修改nginx日志目录:

sed -i 's/\/var\/log/\/run\/log/g' /etc/nginx/nginx.conf
mkdir /run/log/nginx
systemctl restart nginx

修改php-fpm日志目录:

sed -i 's/\/var\/log/\/run\/log/g' /etc/php/7.2/fpm/php-fpm.conf
systemctl restart php7.2-fpm

cups修改日志目录:

sed -i 's/\/var\/log/\/run\/log/g' /etc/cups/cups-files.conf
mkdir /run/log/cups
systemctl restart cups

samba修改配置文件日志目录:

log file = /run/log/samba/log.%m
max log size = 50 
mkdir /run/log/samba
systemctl restart smbd

添加个开机启动脚本在启动时创建/run/log目录下nginx cups samba目录。

cat /lib/systemd/system/mklogdir.service
[Unit]
Description=mklogdir
Before=network.target

[Service]
Type=oneshot
ExecStart=/usr/bin/mklogdir.sh

[Install]
WantedBy=multi-user.target

修改日志轮询logrotate:

sed -i 's/\/var\/log/\/run\/log/g' /etc/logrotate.d/cups-daemon 
sed -i 's/\/var\/log/\/run\/log/g' /etc/logrotate.d/nginx 
sed -i 's/\/var\/log/\/run\/log/g' /etc/logrotate.d/php7.2-fpm 
sed -i 's/\/var\/log/\/run\/log/g' /etc/logrotate.d/rsyslog 
sed -i 's/\/var\/log/\/run\/log/g' /etc/logrotate.d/samba 

基于p2p穿透的虚拟局域网

发布时间:February 28, 2019 // 分类: // No Comments

tincvpn
ZeroTier
n2n

测试宽带最大tcp连接数

发布时间:February 19, 2019 // 分类: // No Comments

git clone https://github.com/yedf/handy.git
yum install make gcc-c++ -y
cd handy/
./build_config 
make && make install

服务端执行:

#启动1进程监听端口299到300,管理端口301
./10m/10m-svr 299 300 1 301

客户端执行:

#启动1进程在100秒内发起10000连接,远程端口299到300,每180秒发送心跳包64字节。
./10m/10m-cli www.haiyun.me 299 300 10000 100 1 180 64 301

参考:
https://zhuanlan.zhihu.com/p/21378825

联通中兴F607ZA光猫通过telnet查看超级密码

发布时间:February 17, 2019 // 分类: // No Comments

telnet账号:root密码:Zte521
通过telnet登录输入以下命令查看:

sendcmd 1 DB p DevAuthInfo
#sendcmd 1 DB p UserInfo

超级用户登录地址:http://192.168.1.1/cu.html
Openwrt路由下访问光猫web:https://www.haiyun.me/archives/openwrt-modem-web.html

openwrt使用dnspod api自动更新ddns

发布时间:February 12, 2019 // 分类:OpenWrt // No Comments

通过dnspod api实现动态ddns更新ip,ipv4和ipv6支持,shell脚本如下:

#!/bin/bash
token="www.haiyun.me"
domain="haiyun.me"
if which jq > /dev/null; then
  json="jq"
elif which jsonfilter > /dev/null; then
  json="jsonfilter"
else
  echo 'please install jq or jsonfilter'
  exit
fi
if ! which curl > /dev/null || ! which curl > /dev/null; then
  echo 'please install curl and grep'
  exit
fi
if [[ $1 == "list" ]]; then
  curl -s -d "login_token=$token&format=json&domain=$domain" "https://dnsapi.cn/Record.List" | jq -r -M '.records[]|.name + "\t\t " + .type + "\t\t " + .value'
  exit
fi
if [[ $1 == "delete" ]]; then
  if [[ ! $3 || ! $2 ]]; then
    echo 'use ddns.sh delete name type'
    exit
  fi
  id=$(curl -s -d "login_token=$token&format=json&domain=$domain" "https://dnsapi.cn/Record.List" | jq -r -e ".records | .[] | select(.name == \"$2\" and .type == \"${3^^}\")|.id")
  if [[ $id ]]; then
    if curl -s -d "login_token=$token&format=json&domain=$domain&record_id=$id" https://dnsapi.cn/Record.Remove | grep -q '"code":"1"'; then
      echo "sus"
    fi
  else
    echo 'no record'
  fi
  exit
fi
if [[ ! $1 || ! $2 ]]; then
  echo 'use ddns.sh name ip'
  echo 'use ddns.sh list'
  echo 'use ddns.sh delete name type'
  exit
fi
name=$1
new_ip=$2
if [[ $new_ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
  #sleep 10
  #curl http://192.168.168.6/announce.php --silent --output /dev/null
  record_type='A'
  echo 'ipv4'
elif [[ $new_ip =~ ^([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}$ ]]; then
  echo 'ipv6'
  record_type='AAAA'
else
  echo "invalid IP address $new_ip"
  #logger -t ddns "invalid IP address $new_ip"
  exit
fi
curl -s -d "login_token=$token&format=json&domain=$domain" "https://dnsapi.cn/Record.List" -o /tmp/dns.txt
if ! grep -q '"code":"1"' /tmp/dns.txt; then
  echo 'get record list error'
  exit
fi

if [[ $record_type == "AAAA" ]]; then
  if [[ $json == "jq" ]]; then
    id=$(jq -r -e ".records | .[] | select(.name == \"$name\" and .type == \"AAAA\")|.id" /tmp/dns.txt)
    ip=$(jq -r -e ".records | .[] | select(.name == \"$name\" and .type == \"AAAA\")|.value" /tmp/dns.txt)
  else
    ip=$(jsonfilter -i /tmp/dns.txt -e "@.records[@.name='$name'&&@.type='AAAA'].value")
    id=$(jsonfilter -i /tmp/dns.txt -e "@.records[@.name='$name'&&@.type='AAAA'].id")
  fi
elif [[ $record_type == "A" ]]; then
  if [[ $json == "jq" ]]; then
    id=$(jq -r -e ".records | .[] | select(.name == \"$name\" and .type == \"A\")|.id" /tmp/dns.txt)
    ip=$(jq -r -e ".records | .[] | select(.name == \"$name\" and .type == \"A\")|.value" /tmp/dns.txt)
  else
    ip=$(jsonfilter -i /tmp/dns.txt -e "@.records[@.name='$name'&&@.type='A'].value")
    id=$(jsonfilter -i /tmp/dns.txt -e "@.records[@.name='$name'&&@.type='A'].id")
  fi
fi
#echo $name;
#echo $id;
#echo $ip;
#echo $new_ip;
if [[ $ip == $new_ip ]]; then
  echo 'no update needed'
  exit
fi
if [[ $id ]]; then
  echo "mod ip"
  if curl -s -d "login_token=$token&format=json&domain=$domain&record_id=$id&value=$new_ip&record_type=$record_type&record_line_id=0&sub_domain=$name" https://dnsapi.cn/Record.Modify | grep -q '"code":"1"'; then
    echo "sus"
  fi
else
  echo "add ip"
  if curl -s -d "login_token=$token&format=json&domain=$domain&sub_domain=$name&record_type=$record_type&record_line_id=0&value=$new_ip" https://dnsapi.cn/Record.Create | grep -q '"code":"1"'; then
    echo "sus"
  fi
fi

在/lib/netifd/ppp-up文件内调用上面的脚本,当pppoe网络连接成功时会执行此文件,$4变量为pppoe连接的本地IP。

/usr/bin/update-ip.sh name $4 > /dev/null 2>&1 &

pppoe只能传递公网ipv4,使用ifstatus可获取pppoe接口ipv6地址和分配内网的ipv6前缀,根据mac生成的ipv6后缀可为内网其它机器做ddns。

ifstatus wan_6
ifstatus wan
ubus call network.interface dump
jsonfilter -i /tmp/wan6.txt -e '@["ipv6-prefix"][0].address'
jsonfilter -i /tmp/wan6.txt -e '@["ipv6-address"][0].address' 

PHP版本:
https://www.haiyun.me/archives/1186.html

分类
最新文章
最近回复
  • crowjin: 你确定这能过滤??不是所有请求都返回空地址::?
  • : linux系统上单个网卡多条宽带拨号获取公网IP,外网可以访问这些IP,有偿! Q:25299...
  • 硅谷少年: 非常有用,感谢分享
  • spartan2: https://dashboard.hcaptcha.com/welcome_accessib...
  • 海运: 应该能,在购买页面先手工跳过cf机器验证,后续一定时间内不更换ip应该不会再次验证。
  • spartan: 大佬斯巴达开启了CF的机器识别验证,请问插件能自动跳过吗? 另外这个脚本有没有简单使用说明,新...
  • vincent: 膜拜大佬
  • 海运: proxy-header或proxy_protocol
  • liangjw: 如果是 内部调用 或者 中间存在 代理 而上一个代理又在内网 ,那怎么处理来自代理私有IP?
  • chainofhonor: 感谢,用dnsmasq设置自动判断BIOS和UEFI成功了