cp /usr/share/doc/glibc-common-2.17/gai.conf /etc/
echo 'precedence ::ffff:0:0/96 100' >> /etc/gai.confCentos/linux ipv4优先
发布时间:September 29, 2018 // 分类: // No Comments
BT/utorrent连接加密及标志
发布时间:September 29, 2018 // 分类: // No Comments
Protocol Encryption (PE):
Azureus与uTorrent共同制定的加密协议, 以绕过ISP封锁或干扰BT
禁用---传出不加密,但接受加密传入
启用---尝试传出加密,若连接失败,转为不加密传出
强制---尝试传出加密,若连接失败,仍保持加密传出
允许传入旧式连接---允许传入旧式的非加密连接,建议勾选,否则将拒绝所有未加密的传入连接
以下2种模式均接受加密的传入连接且为双向加密:
所有模式 (加密/非加密连接均接受, ut默认模式)
传出连接---〉启用
允许传入旧式连接---〉勾选
强制模式 (仅接受加密连接,拒绝所有未加密的连接申请,可增强反吸血保护)
传出连接---〉强制
允许传入旧式连接---〉不勾选
uTorrent 用户标识缩写含义:
了解对方用户标识缩写含义,知己知彼,有助于分析一些传输问题
D = 正在下载 (我方有意从对方下载且被接受)
d = 对方拒绝 (我方有意从对方下载但被拒绝)
U = 正在上传 (对方有意从我方下载且被接受)
u = 拒绝上传 (对方有意从我方下载但被拒绝)
K = 我方无意下载 (我方无意从对方下载虽对方未拒绝)
? = 对方无意下载 (对方无意从我方下载虽我方未拒绝)
F = 错误用户(对方曾传来散列校验失败的区块, 但还未达屏蔽对方的程度)
S = 静态用户(静态等待, 双方之间无活动达高级参数中设定的静态等待时限,但未屏蔽对方)
O = 宽容用户(在无其他更好的用户选择前,不拒绝对方连接,uT在用户接入优先级排序上有一套轮循optimistic unchoke规则 )
I = 已建立传入连接的用户
X = 通过用户交换(PEX)或IPv6/IPv4穿遂连接的用户
H = 通过DHT连接的用户
h = 通过UDP内网穿透(UDP Hole Punching)连接的用户
L = 通过本地用户发现连接的本地用户
P = 通过uTP连接的用户
E = 所有模式用户 (加密或非加密连接均接受)
e = 强制模式用户 (仅接受加密连接)
参考:
https://github.com/transmission/transmission/wiki/Peer-Status-Text
IPXE网络引导通过kickstart和preseed自动安装centos/ubuntu/debian系统
发布时间:September 28, 2018 // 分类: // No Comments
编译ipxe,也可从netboot.xyz下载编译好的,netboot默认包含一些常用系统的安装规则。
apt install git make gcc mtools binutils liblzma-dev -y
git clone git://git.ipxe.org/ipxe.git
cd ipxe/src
sed -i -e '/DOWNLOAD_PROTO_HTTPS/ s/#undef/#define/' config/general.h
sed -i 's/#undef\tDOWNLOAD_PROTO_NFS/#define\tDOWNLOAD_PROTO_NFS/' config/general.h
sed -i 's/\/\/#define\ PING_CMD/#define\ PING_CMD/' config/general.h
sed -i 's/\/\/#define\ IPSTAT_CMD/#define\ IPSTAT_CMD/' config/general.h
sed -i 's/\/\/#define\ REBOOT_CMD/#define\ REBOOT_CMD/' config/general.h
sed -i 's/\/\/#define\ POWEROFF/#define\ POWEROFF/' config/general.h
make bin/ipxe.lkrn如需iso:
apt install genisoimage isolinux
make bin/ipxe.iso加入grub引导项,set root为boot目录所在分区,/ipxe.lkrn为文件相对于boot所在分区的绝对路径,如果boot为单独分区刚为/ipxe.lkrn,非单独分区为/boot/ipxe.lkrn,hd0为第一个硬盘,msdos1为第一个mbr分区,如果是gpt使用gpt1。
cat >> /etc/grub.d/40_custom <<EOF
menuentry 'ipxe boot' {
set root='hd0,msdos1'
linux16 /ipxe.lkrn
initrd16 /ipxe.initrd
}
EOF
sed -i 's/GRUB_DEFAULT=.*/GRUB_DEFAULT="ipxe boot"/' /etc/default/grub
grub2-mkconfig -o /boot/grub2/grub.cfg 调用ipxe规则的几种方法:
1.grub引导参数和HTTP调用远程文件:
#ipxe启动后dhcp获取IP然后获取netboot规则。
linux16 /ipxe.lkrn dhcp && chain --autofree https://boot.netboot.xyz2.本地文件ipxe.initrd:
#!ipxe
imgfree
set net0/ip 192.168.168.4
set net0/netmask 255.255.255.0
set net0/gateway 192.168.168.1
set dns 192.168.168.1
ifopen net0
chain --autofree https://boot.netboot.xyz3.编译时也可将规则嵌入进去:
make bin/ipxe.lkrn EMBED=boot.ipxecentos7 ipx网络安装规则:
#!ipxe
set base http://mirrors.aliyun.com/centos/7/os/x86_64
kernel ${base}/images/pxeboot/vmlinuz inst.repo=${base} ks=https://www.haiyun.me/centos7.cfg inst.vnc inst.vncpassword=12345678 net.ifnames=0 biosdevname=0 inst.headless ip=192.168.168.4::192.168.168.1:255.255.255.0::eth0:none nameserver=192.168.168.1
initrd ${base}/images/pxeboot/initrd.img
boot生成ubuntu ipxe网络安装规则:
#!/bin/bash
set -x
network=dhcp
network=static
release=bionic
release=focal
address=192.168.1.9
netmask=255.255.255.0
gateway=192.168.1.1
nameserver=192.168.1.1
mirror="http://mirrors.aliyun.com"
mirror="http://archive.ubuntu.com"
cfg="https://www.haiyun.me/ubuntu.cfg"
file="ubuntu.ipxe"
#file="/www/ubuntu.ipxe"
if [ "$release" == 'focal' ]; then
base=${mirror}/ubuntu/dists/${release}/main/installer-amd64/current/legacy-images/netboot/ubuntu-installer/amd64
else
base=${mirror}/ubuntu/dists/${release}/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64
fi
if [ "$network" == 'static' ]; then
cat > $file << EOF
#!ipxe
kernel ${base}/linux auto=true url=${cfg} keymap=us domain= hostname=ubuntu-server interface=auto netcfg/get_ipaddress=${address} netcfg/get_netmask=${netmask} netcfg/get_gateway=${gateway} netcfg/get_nameservers=${nameserver} netcfg/disable_autoconfig=true netcfg/do_not_use_netplan=true
initrd ${base}/initrd.gz
boot
EOF
else
cat > $file << EOF
#!ipxe
kernel ${base}/linux auto=true url=${cfg} keymap=us domain= hostname=ubuntu-server interface=auto netcfg/do_not_use_netplan=true
initrd ${base}/initrd.gz
boot
EOF
fikickstart文件:
install
#url --url="http://mirror.centos.org/centos/7/os/x86_64/"
url --url="http://mirrors.aliyun.com/centos/7/os/x86_64/"
text
skipx
unsupported_hardware
eula --agreed
#rootpw --plaintext 123456
#echo 'import crypt,getpass; print crypt.crypt(getpass.getpass(), "$6$16_CHARACTER_SALT_HERE")' | python -
rootpw --iscrypted $6$16_CHARACTER_SAL$dvFZEFR66m38M3u3K4os2Yi4j88oTRaF9Q7XkKK4VFlMlwS9l17oTjXI043rfpNxDkB8/1ntrOiAFQGeYgwEZ.
authconfig --enableshadow --passalgo=sha512
keyboard --vckeymap=us --xlayouts='us'
lang en_US.UTF-8
timezone Asia/Shanghai
firstboot --disable
firewall --disabled
selinux --disabled
#network --bootproto=static --device=eth0 --gateway=192.168.168.1 --ip=192.168.168.50 --nameserver=192.168.168.1 --netmask=255.255.255.0 --ipv6=auto --activate
network --hostname=centos7-x64
reboot
services --enabled="chronyd"
zerombr
clearpart --all --drives=sda
ignoredisk --only-use=sda
bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda
#autopart --type=lvm
#part / --asprimary --fstype ext4 --size=5120
#part swap --asprimary --size=1024
#part /home --asprimary --fstype ext4 --size=5120 --grow
part /boot --fstype ext4 --size 200 --asprimary
part swap --size 1024 --asprimary
part pv.01 --size 1 --grow --asprimary
volgroup rootvg pv.01
logvol / --fstype ext4 --vgname=rootvg --size=1 --grow --name=rootlv
vnc --password=12345678
#repo --name=base --baseurl=http://mirror.centos.org/centos/7/os/x86_64/
%packages
@^minimal
@core
chrony
kexec-tools
%endubuntu18.04 ipx网络安装规则:
#!ipxe
set mirror https://mirrors.aliyun.com/
set release bionic
set arch amd64
set base-url ${mirror}/ubuntu/dists/${release}/main/installer-${arch}/current/images/netboot/ubuntu-installer/${arch}
kernel ${base-url}/linux auto=true url=https://www.haiyun.me/ubuntu.cfg keymap=us domain= hostname=ubuntu-server interface=auto netcfg/get_ipaddress=192.168.168.4 netcfg/get_netmask=255.255.255.0 netcfg/get_gateway=192.168.168.1 netcfg/get_nameservers=192.168.168.1 netcfg/disable_dhcp=true
initrd ${base-url}/initrd.gz
bootpreseed文件:
d-i debian-installer/locale string en_US
d-i console-setup/ask_detect boolean false
d-i keyboard-configuration/xkb-keymap select us
#使用静态IP
#d-i netcfg/choose_interface select auto
#d-i netcfg/disable_autoconfig boolean true
#d-i netcfg/dhcp_failed note
#d-i netcfg/dhcp_options select Configure network manually
#d-i netcfg/get_ipaddress string 192.168.168.4
#d-i netcfg/get_netmask string 255.255.255.0
#d-i netcfg/get_gateway string 192.168.168.1
#d-i netcfg/get_nameservers string 192.168.168.1
#d-i netcfg/confirm_static boolean true
#d-i netcfg/get_hostname string ubuntu-server
#d-i netcfg/get_domain string
d-i hw-detect/load_firmware boolean true
d-i mirror/country string manual
#d-i mirror/http/hostname string mirrors.aliyun.com
d-i mirror/http/hostname string archive.ubuntu.com
d-i mirror/http/directory string /ubuntu
d-i mirror/http/proxy string
d-i passwd/root-login boolean ture
d-i passwd/make-user boolean false
#d-i passwd/root-password password 123456
#d-i passwd/root-password-again password 123456
#echo 'import crypt,getpass; print crypt.crypt(getpass.getpass(), "$6$16_CHARACTER_SALT_HERE")' | python -
d-i passwd/root-password-crypted password $6$16_CHARACTER_SAL$CIIxSZip5SHbUDtMlgweMCsEMqUsp4kGjo
d-i user-setup/allow-password-weak boolean true
d-i user-setup/encrypt-home boolean false
d-i clock-setup/utc boolean false
d-i time/zone string Asia/Shanghai
d-i clock-setup/ntp boolean true
#d-i partman-auto/disk string /dev/sda
d-i partman/early_command string debconf-set partman-auto/disk "$(list-devices disk | head -n1)"
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-md/device_remove_md boolean true
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
d-i partman/default_filesystem string ext4
d-i partman/mount_style select uuid
d-i partman-auto/choose_recipe select boot-root
d-i partman-auto/method string regular
d-i partman-auto/expert_recipe string \
boot-root :: \
5120 1 5120 ext4 \
$primary{ } $bootable{ } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ / } \
. \
1 3 -1 ext4 \
$primary{ } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /home } \
. \
1024 2 1024 linux-swap \
$primary{ } \
method{ swap } format{ } \
.
#d-i partman-auto/choose_recipe select boot-root
#d-i partman-auto/method string regular
#d-i partman-auto/expert_recipe string \
# boot-root :: \
# 1 2 -1 ext4 \
# $primary{ } \
# method{ format } format{ } \
# use_filesystem{ } filesystem{ ext4 } \
# mountpoint{ / } \
# . \
# 128 1 128 linux-swap \
# $primary{ } \
# method{ swap } format{ } \
# .
#d-i partman-auto/choose_recipe select boot-lvm
#d-i partman-auto/method string lvm
#d-i partman-auto-lvm/guided_size string 100%
#d-i partman-auto-lvm/new_vg_name string vg00
#d-i partman-lvm/confirm boolean true
#d-i partman-lvm/confirm_nooverwrite boolean true
#d-i partman-auto/expert_recipe string \
# boot-lvm :: \
# 1024 1 1024 ext4 \
# $primary{ } $bootable{ } \
# method{ format } format{ } \
# use_filesystem{ } filesystem{ ext4 } \
# mountpoint{ /boot } \
# . \
# 1 2 -1 ext4 \
# $primary{ } \
# $defaultignore{ } \
# method{ lvm } \
# device{ /dev/sda } \
# vg_name{ vg00 } \
# . \
# 1024 3 1024 swap \
# $lvmok{ } lv_name{ lv_swap } in_vg{ vg00 } \
# method{ swap } format{ } \
# . \
# 1 4 -1 ext4 \
# $lvmok{} lv_name{ lv_root } in_vg{ vg00 } \
# method{ format } format{ } \
# use_filesystem{ } filesystem{ ext4 } \
# mountpoint{ / } \
# .
tasksel tasksel/first multiselect minimal
d-i pkgsel/update-policy select none
d-i pkgsel/include string openssh-server vim wget tmux net-tools software-properties-common
d-i pkgsel/upgrade select none
d-i grub-installer/only_debian boolean true
d-i grub-installer/bootdev string default
d-i finish-install/reboot_in_progress note
d-i debian-installer/exit/reboot boolean true
d-i preseed/late_command string cd /target/;\
echo 'UseDNS no' >> etc/ssh/sshd_config;\
echo 'AddressFamily inet' >> etc/ssh/sshd_config;\
echo 'PermitRootLogin yes' >> etc/ssh/sshd_config;
#d-i anna/choose_modules string network-console
#d-i network-console/password password 123456
#d-i network-console/password-again password 123456注:Centos7安装内存不得小于2G,可不使用ipxe直接下载centos/ubuntu网络安装文件到本地添加到grub自动安装,使用ipxe方便管理。
参考:
https://netboot.xyz/providers/digitalocean/
https://access.redhat.com/documentation/zh-cn/red_hat_enterprise_linux/7/html/installation_guide/chap-anaconda-boot-options
https://access.redhat.com/documentation/zh-cn/red_hat_enterprise_linux/7/html/installation_guide/sect-kickstart-syntax
https://help.ubuntu.com/lts/installation-guide/amd64/apbs02.html
https://help.ubuntu.com/lts/installation-guide/amd64/apbs04.html
https://help.ubuntu.com/lts/installation-guide/example-preseed.txt
ubuntu 通过ppa源安装最新版qbittorrent
发布时间:September 28, 2018 // 分类:PT // No Comments
添加源时出错:
add-apt-repository ppa:qbittorrent-team/qbittorrent-stable
ERROR: '~qbittorrent-team' user or team does not exist.确认ppa用户名没错后用curl测试http获取是否正常,提示证书无效:
curl 'https://launchpad.net/~qbittorrent-team/+archive/ubuntu/qbittorrent-stable'
curl: (60) SSL certificate problem: certificate is not yet valid安装证书后再试:
apt-get install ca-certificates依旧出现错误,查看系统时间不对,通过ntp更新时间解决:
ntpdate ntp.ubuntu.com或查看Technical details about this PPA,手工添加源和gpg key。
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 401E8827DA4E93E44C7D01E6D35164147CA69FC4cat <<EOF > /etc/apt/sources.list.d/qbittorrent-ppa.list
deb https://ppa.launchpadcontent.net/qbittorrent-team/qbittorrent-stable/ubuntu `lsb_release -c -s` main
deb-src https://ppa.launchpadcontent.net/qbittorrent-team/qbittorrent-stable/ubuntu `lsb_release -c -s` main
EOFinitrd.img解压与打包
发布时间:September 26, 2018 // 分类: // No Comments
查看文件压缩类型:
file initrd.img如果是gzip:
mv initrd.img initrd.img.gz
gzip -d initrd.img.gz如果是xz:
initrd.img initrd.img.xz
mv xz -d initrd.img.xz解压出来是cpio archive文件,然后文件解压出来:
cpio -i -d < initrd.img打包:
find . | cpio -H newc --create --verbose | gzip -9 > ../initrd.img分类
- Apache (13)
- Nginx (45)
- PHP (86)
- IIS (8)
- Mail (17)
- DNS (16)
- Cacti (14)
- Squid (5)
- Nagios (4)
- Puppet (7)
- CentOS (13)
- Iptables (23)
- RADIUS (3)
- OpenWrt (41)
- DD-WRT (1)
- VMware (9)
- 网站程序 (2)
- 备份存储 (11)
- 常用软件 (20)
- 日记分析 (10)
- Linux基础 (18)
- 欧诺代理 (0)
- Linux服务 (18)
- 系统监控 (4)
- 流量监控 (7)
- 虚拟化 (28)
- 伪静态 (2)
- LVM (3)
- Shell (18)
- 高可用 (2)
- 数据库 (16)
- FreeBSD (3)
- 网络安全 (25)
- Windows (35)
- 网络工具 (22)
- 控制面板 (3)
- 系统调优 (10)
- Cisco (3)
- VPN (6)
- ROS (20)
- Vim (14)
- KMS (4)
- PXE (2)
- Mac (1)
- Git (1)
- PE (1)
- LNS (2)
- Xshell (7)
- Firefox (13)
- Cygwin (4)
- OpenSSL (9)
- Sandboxie (3)
- StrokesPlus (1)
- AutoHotKey (4)
- Total Commander (3)
- WordPress (3)
- iMacros (6)
- Typecho (2)
- Ollydbg (1)
- Photoshop (1)
- 正则 (3)
- Debian (3)
- Python (8)
- NoSQL (6)
- 消息队列 (4)
- JS (7)
- Tmux (3)
- GO (7)
- HHVM (2)
- 算法 (1)
- Docker (2)
- PT (15)
- N1 (16)
- K2P (6)
- LUKS (4)
最新文章
- sandboxie plus运行firefox 140播放视频全屏不能覆盖任务栏
- TEWA-1100G光猫使用
- 烽火光猫HG5382A3使用
- 记联通更换移动XG-040G-MD光猫
- smokeping slave同步错误illegal attempt to update using time解决
- 使用valgrind定位解决smartdns内存泄露
- 此内容被密码保护
- debian12下initramfs-tools配置ip子网掩码255.255.255.255/32失败解决
- iPhone查看屏幕供应商
- 光猫拨号ImmortalWrt/OpenWRT路由获取ipv6遇到的问题
最近回复
- nono: 修改光猫型号是做啥子用的
- 960: root账号默认密码hg2x0 不对哇
- rer: 感谢分享!~
- opnfense: 谢谢博主!!!解决问题了!!!我之前一直以为内置的odhcp6就是唯一管理ipv6的方式
- liyk: 这个方法获取的IPv6大概20分钟之后就会失效,默认路由先消失,然后Global IPV6再消失
- 海运: 不好意思,没有。
- zongboa: 您好,請問一下有immortalwrt設定guest Wi-Fi的GUI教學嗎?感謝您。
- 海运: 恩山有很多。
- swsend: 大佬可以分享一下固件吗,谢谢。
- Jimmy: 方法一 nghtp3步骤需要改成如下才能编译成功: git clone https://git...
归档
- August 2025
- March 2025
- February 2025
- August 2024
- May 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- May 2023
- April 2023
- February 2023
- January 2023
- December 2022
- September 2022
- July 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- July 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- July 2019
- April 2019
- March 2019
- February 2019
- January 2019
- December 2018
- November 2018
- October 2018
- September 2018
- August 2018
- July 2018
- June 2018
- April 2018
- March 2018
- February 2018
- January 2018
- December 2017
- October 2017
- September 2017
- August 2017
- July 2017
- April 2017
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- July 2016
- June 2016
- November 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- May 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- February 2014
- January 2014
- December 2013
- November 2013
- October 2013
- August 2013
- July 2013
- June 2013
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- November 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- October 2011
- September 2011
- August 2011
- July 2011