2016年8月30日星期二

Linux Iptables

	iptables -P [INPUT、OUTPUT、FORWARD] [ACCEPT、REJECT、DROP]
	iptables -A [INPUT、OUTPUT、FORWARD] -i [eth0、eth1、enoxxx] -s [192.168.1.32][192.168.1.0/24] -d [192.168.1.32][192.168.1.0/24] -p [tcp、udp、icmp、all] --dport [0~65535] -j [ACCEPT、REJECT、DROP、LOG]

	-P Default Policy
	-A chain
	-i 網路介面進入
	-o 網路介面離開
	-s 來源
	-d 目的
	-m mac --mac-source aa:bb:cc:dd:ee:ff
	-p Protocol [tcp、udp、icmp、all]
	--sport 來源 port
	--dport 目的 port
	-j 動作 [ACCEPT、REJECT、DROP、LOG]

	-F Delete all rules in chain or all chains
	-X Delete a user-defined chain
	-Z Zero the packet and byte counters in all chains

view raw 20160831C00.sh hosted with ❤ by GitHub

	[root@localhost ~]# iptables -P INPUT DROP
	[root@localhost ~]# iptables -A INPUT -p tcp --dport 22 -j ACCEPT
	[root@localhost ~]# iptables -A INPUT -p tcp --dport 80 -j ACCEPT

view raw 20160831C01.sh hosted with ❤ by GitHub

	[root@localhost ~]# iptables-save
	# Generated by iptables-save v1.4.21 on Wed Aug 31 01:26:18 2016
	*filter
	:INPUT DROP [2:340]
	:FORWARD ACCEPT [0:0]
	:OUTPUT ACCEPT [3:308]
	-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
	-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
	COMMIT
	# Completed on Wed Aug 31 01:26:18 2016

view raw 20160831C02.sh hosted with ❤ by GitHub

	[root@localhost ~]# iptables -L -n
	Chain INPUT (policy DROP)
	target prot opt source destination
	ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
	ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22

	Chain FORWARD (policy ACCEPT)
	target prot opt source destination

	Chain OUTPUT (policy ACCEPT)
	target prot opt source destination

view raw 20160831C03.sh hosted with ❤ by GitHub

	[root@localhost ~]# iptables -F
	[root@localhost ~]# iptables -X
	[root@localhost ~]# iptables -Z
	[root@localhost ~]# iptables -P INPUT DROP
	[root@localhost ~]# iptables -A INPUT -p tcp --dport 22 -m mac --mac-source aa:bb:cc:dd:ee:ff -j ACCEPT
	#使用網卡位置進行管制
	[root@localhost ~]# iptables -A INPUT -p tcp --dport 80 -j ACCEPT
	[root@localhost ~]# iptables-save

view raw 20160831C04.sh hosted with ❤ by GitHub

2016年8月29日星期一

Linux History

	[root@localhost ~]# history
	#前面省略
	201 LANG=C
	212 ifup eno33554992
	215 history 10
	214 vi ~/.bash_history
	215 history
	216 vi ~/.bashrc
	217 hostname
	218 ip a
	219 ip route
	220 nmcli c s
	#顯示歷史指令
	#參數介紹
	-c 刪除紀錄
	-a 新增
	-w 寫入 histfiles
	#資料庫位置
	~/.bash_history

view raw 20160830B01.sh hosted with ❤ by GitHub

	[root@localhost ~]# history 3
	218 ip a
	219 ip route
	220 nmcli c s
	#只列出最近的3筆資料

view raw 20160830B02.sh hosted with ❤ by GitHub

	[root@localhost ~]# ![number]
	#執行[history 序號]
	[root@localhost ~]# !!
	#執行上一個指令

	[root@localhost ~]# !219
	ip route
	default via 192.168.1.1 dev eno33554992
	169.254.0.0/16 dev eno16777736 scope link metric 1002
	169.254.0.0/16 dev eno33554992 scope link metric 1003
	192.168.1.0/24 dev eno33554992 proto kernel scope link src 192.168.1.108
	192.168.2.0/24 dev eno16777736 proto kernel scope link src 192.168.2.131
	#[219]為 ip route

view raw 20160830B03.sh hosted with ❤ by GitHub

LAB 20160830A

	[root@host ~]# grub2-mkconfig -o /boot/grub2/grub.cfg
	Generating grub configuration file ...
	Found linux image: /boot/vmlinuz-3.10.0-229.14.1.el7.x86_64
	Found initrd image: /boot/initramfs-3.10.0-229.14.1.el7.x86_64.img
	Found linux image: /boot/vmlinuz-3.10.0-229.4.2.el7.x86_64
	Found initrd image: /boot/initramfs-3.10.0-229.4.2.el7.x86_64.img
	Found linux image: /boot/vmlinuz-3.10.0-229.el7.x86_64
	Found initrd image: /boot/initramfs-3.10.0-229.el7.x86_64.img
	Found linux image: /boot/vmlinuz-0-rescue-605f01abef434fb98dd1309e774b72ba
	Found initrd image: /boot/initramfs-0-rescue-605f01abef434fb98dd1309e774b72ba.img
	done

	#參考資料:https://wiki.centos.org/zh-tw/HowTos/Grub2
	#參考資料:http://blog.xuite.net/towns/hc/302507344-CentOS+7+%E5%AE%89%E8%A3%9D%E3%80%81%E6%9E%B6%E8%A8%AD%E8%88%87%E4%BD%BF%E7%94%A8
	[root@localhost ~]# nmcli d s
	DEVICE TYPE STATE CONNECTION
	eno16777736 ethernet connected eno16777736
	eno33554992 ethernet disconnected --
	lo loopback unmanaged --

	[root@localhost ~]# nmcli c s -a
	NAME UUID TYPE DEVICE
	eno16777736 00725176-7c31-45f0-b1ce-068b26f52793 802-3-ethernet eno16777736

	[root@localhost ~]# nmcli con add type ethernet con-name eno33554992 ifname eno33554992
	Connection 'eno33554992' (b771edf9-3a00-40b1-a81e-dd0ed5178941) successfully added.

	[root@localhost ~]# ls /etc/sysconfig/network-scripts/ \|grep eno33554992
	ifcfg-eno33554992

	[root@localhost ~]# nmcli c u eno33554992

view raw 20160830A01.sh hosted with ❤ by GitHub

VMWare Guest OS Network Bridged Error

進入 Virtual Network Editor

選擇目前對外連線網卡

Linux Single User Mode

[code language="bash"] systemd.unit=rescue.target [/code] [code language="bash"] mount -o remount,ro / [/code]

參考位置:https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sec-Terminal_Menu_Editing_During_Boot.html

2016年8月18日星期四

Linux Proc Mac Address

	[root@rhel7 ~]# cat /proc/net/arp
	IP address HW type Flags HW address Mask Device
	10.10.10.201 0x1 0x2 00:0C:29:01:98:01 * eth0
	10.10.10.202 0x1 0x2 00:0C:29:01:98:02 * eth0
	10.10.10.203 0x1 0x2 00:0C:29:01:98:03 * eth0
	10.10.10.204 0x1 0x2 00:0C:29:01:98:04 * eth0
	10.10.10.205 0x1 0x2 00:0C:29:01:98:05 * eth0
	10.10.10.206 0x1 0x2 00:0C:29:01:98:06 * eth0

view raw 20160818B01.sh hosted with ❤ by GitHub

2016年8月17日星期三

Windows Xcopy command

	xcopy "Source" "Destination" /s /i /f /d

	#/l:列出不會處理
	#/s:包含子目錄
	#/f:複製時顯示完整資訊

view raw 20160818A01.sh hosted with ❤ by GitHub

2016年8月16日星期二

Linux 修改主機名稱 hostnamectl

	[root@localhost ~]# hostnamectl --static
	localhost
	#顯示主機名稱

view raw 20160817A01.sh hosted with ❤ by GitHub

	[root@localhost ~]# hostnamectl set-hostname rhel7
	#修改主機名稱
	[root@localhost ~]# hostnamectl --static
	rhel7
	[root@localhost ~]# cat /etc/hostname
	rhel7
	[root@localhost ~]# cat /proc/sys/kernel/hostname
	rhel7
	#查看結果

view raw 20160817A02.sh hosted with ❤ by GitHub

	[root@localhost ~]# hostnamectl
	Static hostname: rhel7
	Icon name: computer-vm
	Chassis: vm
	Machine ID: 1777c017e8374173a8583ce5f614fa4f
	Boot ID: 26ed9169c9874131a73592d7cd6dfb63
	Virtualization: microsoft
	Operating System: CentOS Linux 7 (Core)
	CPE OS Name: cpe:/o:centos:centos:7
	Kernel: Linux 3.10.0-123.el7.x86_64
	Architecture: x86_64

	#查看詳細資訊

view raw 20160817A03.sh hosted with ❤ by GitHub

2016年8月6日星期六

古諺用語

古語

今非昔比

【解釋】現在不是過去能比得上的。多指形勢、自然面貌等發生了巨大的變化。
【出處】元・關漢卿《謝天香》第四折：“小官今非昔比，官守所拘，功名在念豈敢飲酒？”
【示例】“勝敗軍家常事”，何得為愧。～，不可欺敵。（明・許仲琳《封神演義》第三十八回）
【拼音碼】jfxb
【用法】主謂式；作謂語、定語、分句；形容變化非常大
【英文】the present cannot compare with the past

今: jīn ㄐㄧㄣˉ1）現在：～天。～生。～世。～番（這次）。古為～用。～...
非: fēi ㄈㄟˉ1）不，不是：～凡。～法。～分（fèn）。～禮。～但。～...
昔: xī ㄒㄧˉ1）以前，從前：～者。～人。往～。今～對比。2）古同“夕”...
比: bǐ ㄅㄧˇ1）較量高低、長短、遠近、好壞等：～賽。～附。對～。評～。...

法器

拂塵

2016年7月30日星期六

Juniper DHCP Server 設定

	root# show system services dhcp pool 192.168.2.0/24 \|display set
	set system services dhcp pool 192.168.2.0/24 address-range low 192.168.2.150
	set system services dhcp pool 192.168.2.0/24 address-range high 192.168.2.175
	set system services dhcp pool 192.168.2.0/24 name-server 8.8.8.8
	set system services dhcp pool 192.168.2.0/24 router 192.168.2.10

	#DHCP Server 設定

view raw 2016080101.sh hosted with ❤ by GitHub

	set security zones security-zone trust interfaces ge-0/0/1.0 host-inbound-traffic system-services dhcp
	set security zones security-zone trust interfaces ge-0/0/1.0 host-inbound-traffic system-services ping

	# 開啟服務

view raw 2016080102.sh hosted with ❤ by GitHub

Juniper 介面開啟 ICMP

	root# show security zones \|display set
	set security zones security-zone trust tcp-rst
	set security zones security-zone trust interfaces ge-0/0/1.0 host-inbound-traffic system-services dhcp
	set security zones security-zone trust interfaces ge-0/0/1.0 host-inbound-traffic system-services ping
	set security zones security-zone untrust screen untrust-screen
	set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services ping

	# trust 開啟 dhcp
	# trust 與 untrust 開啟 ping

view raw 20160802A.sh hosted with ❤ by GitHub

2016年6月26日星期日

PHP 來源網段判斷顯示結果

	<?php
	/*
	1.來源網段為[192.168.1.0/24]，顯示結果為[Net1]。
	2.來源網段為[192.168.2.0/24]，顯示結果為[Net2]。
	3.來源網段為[192.168.3.0/24]，顯示結果為[Net3]。
	4.非以上三網段，則顯示[None]。
	*/
	$ip=$_SERVER["REMOTE_ADDR"];

	/1.[192.168.1.0]/
	if(ip_vs_net($ip,"192.168.1.0","255.255.255.0")){
	echo 'Net1';

	/2.[192.168.2.0]/
	} elseif(ip_vs_net($ip,"192.168.2.0","255.255.255.0")){
	echo 'Net2';

	/3.[192.168.3.0]/
	} elseif(ip_vs_net($ip,"192.168.3.0","255.255.255.0")){
	echo 'Net3';

	} else {
	echo 'None'
	}

	function ip_vs_net($ip,$network,$mask){
	if(((ip2long($ip))&(ip2long($mask)))==ip2long($network)){
	return 1;
	} else {
	return 0;
	}
	}
	?>

view raw 2016062701.php hosted with ❤ by GitHub

2016年5月25日星期三

Linux Bash

shell 的 PID：『 echo $$ 』
指令回傳值：『 echo $? 』
連續指令的種類：『 ; 』、『 && 』、『 || 』

shell 的 PID：『 echo $$ 』

	[root@rhel7 ~]# echo $$
	6601
	[root@rhel7 ~]# ps aux \|grep 6601
	root 6601 0.0 0.4 115484 2124 pts/0 Ss 13:03 0:00 -bash
	root 7450 0.0 0.1 112640 980 pts/0 S+ 13:32 0:00 grep --color=auto 6601

view raw 2016052610.sh hosted with ❤ by GitHub

指令回傳值：『 echo $? 』

	[root@rhel7 ~]# true
	[root@rhel7 ~]# echo $?
	0

view raw 2016052620.sh hosted with ❤ by GitHub

	[root@rhel7 ~]# false
	[root@rhel7 ~]# echo $?
	1

view raw 2016052621.sh hosted with ❤ by GitHub

連續指令的種類：『 ; 』、『 && 』、『 || 』

	[root@rhel7 ~]# id \|\| pwd
	uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

view raw 2016052620.sh hosted with ❤ by GitHub

	[root@rhel7 ~]# id && pwd
	uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
	/root

view raw 2016052621.sh hosted with ❤ by GitHub

	[root@rhel7 ~]# id ; pwd
	uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
	/root

view raw 2016052622.sh hosted with ❤ by GitHub

	[root@rhel7 ~]# false \|\| echo "Oops, fail"
	Oops, fail
	[root@rhel7 ~]# true \|\| echo "Will not be printed"
	[root@rhel7 ~]# true && echo "Things went well"
	Things went well
	[root@rhel7 ~]# false ; echo "This will always run"
	This will always run

view raw 2016052630.sh hosted with ❤ by GitHub

連續指令『 cmd1 』失敗的結果：

	[root@rhel7 ~]# foo \|\| id
	-bash: foo: command not found
	uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
	[root@rhel7 ~]# foo && id
	-bash: foo: command not found
	[root@rhel7 ~]# foo ; id
	-bash: foo: command not found
	uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

view raw 2016052640.sh hosted with ❤ by GitHub

2016年5月23日星期一

Apache Configuration Sections

連結位置：http://httpd.apache.org/docs/current/sections.html

PHP HTML 轉換為 PHP

	<html>
	<head>
	<title>Page Title</title>
	</head>
	<body>

	<h1>This is a Heading</h1>
	<p>This is a paragraph.</p>

	</body>
	</html>

view raw 2016052403.html hosted with ❤ by GitHub

	<?php
	echo "<html>\n";
	echo "<head>\n";
	echo "<title>Page Title</title>\n";
	echo "</head>\n";
	echo "<body>\n";
	echo "\n";
	echo "<h1>This is a Heading</h1>\n";
	echo "<p>This is a paragraph.</p>\n";
	echo "\n";
	echo "</body>\n";
	echo "</html>\n";
	?>

view raw 2016052404.php hosted with ❤ by GitHub

http://www.yellowpipe.com/yis/tools/HTML_converter/

view raw 2016052405.lnk hosted with ❤ by GitHub

PHP 顯示範圍內任意數值

	<?php
	echo rand(5200,6000);
	?>

view raw 2016052402.php hosted with ❤ by GitHub

PHP HTML 內加入 PHP

	<html>

	<head>
	<title>Information</title>
	</head>

	<body>

	<?php
	/*
	multiline
	*/

	// Single line comments
	# Another comment

	echo "<p>"Data processed</>";

	date_default_timezone_set('UTC')

	echo date('h:i:s:u a, l F jS Y e');

	?>
	</body>
	</html>

view raw 2016052401.php hosted with ❤ by GitHub

資料來源:https://www.youtube.com/watch?v=7TF00hJI78Y

2016年5月7日星期六

Linux 使用者管理

	[root@localhost /]# useradd user1 ;echo passwd \|passwd user1 --stdin
	更改使用者 user1 的密碼。
	passwd：所有驗證 token 都已成功更新。
	#新增使用者與建立密碼。

view raw 2016050802.sh hosted with ❤ by GitHub

	[root@localhost /]# useradd user2 ;echo passwd \|passwd user2 --stdin;id user2
	Changing password for user user2.
	passwd: all authentication tokens updated successfully.
	uid=504(user2) gid=504(user2) groups=504(user2)
	#查詢[uid]

view raw 2016050803.sh hosted with ❤ by GitHub

	[root@localhost /]# useradd -u 1234 user3 ;echo passwd \|passwd user3 --stdin;id user3
	Changing password for user user3.
	passwd: all authentication tokens updated successfully.
	uid=1234(user3) gid=1234(user3) groups=1234(user3)
	#建立帳戶，指定[uid]。

view raw 2016050804.sh hosted with ❤ by GitHub

	[root@localhost /]# useradd -g Manager user5
	[root@localhost /]# id user5
	uid=1236(user5) gid=1236(Manager) groups=1236(Manager)
	#建立帳戶時，指定群組。

view raw 2016050805.sh hosted with ❤ by GitHub

	[root@localhost ~]# useradd u1
	[root@localhost ~]# groupadd admins
	#建立帳戶與群組。
	[root@localhost ~]# grep u1 /etc/passwd
	u1:x:507:509::/home/u1:/bin/bash
	#查詢帳號資訊
	[root@localhost ~]# usermod -s /sbin/nologin u1
	[root@localhost ~]# grep u1 /etc/passwd
	u1:x:507:509::/home/u1:/sbin/nologin
	#將可用[bash]修改為[nologin]。
	[root@localhost ~]# usermod -g admins u1
	[root@localhost ~]# id u1
	uid=507(u1) gid=505(admins) groups=505(admins)
	#將[u1]加入[admins]群組。

view raw 2016050806.sh hosted with ❤ by GitHub

Linux 搜尋工具 find

	[root@localhost ~]# find [路徑] -user [帳號] -exec [指令] {} [目的位置] \;

	#後續需要進行動作需要搭配 -exec、{}
	# {}為find找尋出來的項目
	#結尾必須加上 \;

view raw 2016050801.sh hosted with ❤ by GitHub

	[root@localhost ~]# find /home -user s1 \|sort
	/home/s1
	/home/s1/.bash_history
	/home/s1/.bash_logout
	/home/s1/.bash_profile
	/home/s1/.bashrc

	#搜尋 /home 底下 owner 為 s1 的資料
	#並且搜尋出來的資料，需要按照檔名進行排列

view raw 2016050802.sh hosted with ❤ by GitHub

	[root@rhel7 ~]# find /TEMP/ -name "*.txt"
	/TEMP/123.txt
	/TEMP/456.txt
	#找所有 txt 檔案

view raw 2016050803.sh hosted with ❤ by GitHub

	[root@rhel7 ~]# find /TEMP/ -name 123 -type d
	/TEMP/123
	#找 123 目錄

view raw 2016050804.sh hosted with ❤ by GitHub

	[root@rhel7 ~]# find /TEMP/ -type d
	/TEMP/
	/TEMP/123
	/TEMP/234
	/TEMP/345
	#找所有目錄

view raw 2016050805.sh hosted with ❤ by GitHub

	[root@localhost ~]# find /home -user andy -exec ls -al {} \;
	total 20
	drwx------. 2 andy andy 4096 Jul 17 03:45 .
	drwxr-xr-x. 7 root root 4096 Jul 17 03:45 ..
	-rw-r--r--. 1 andy andy 18 Jul 18 2013 .bash_logout
	-rw-r--r--. 1 andy andy 176 Jul 18 2013 .bash_profile
	-rw-r--r--. 1 andy andy 124 Jul 18 2013 .bashrc
	-rw-r--r--. 1 andy andy 124 Jul 18 2013 /home/andy/.bashrc
	-rw-r--r--. 1 andy andy 18 Jul 18 2013 /home/andy/.bash_logout
	-rw-r--r--. 1 andy andy 176 Jul 18 2013 /home/andy/.bash_profile
	#查詢目錄內Owner為[andy]的資料

view raw 2016050810.sh hosted with ❤ by GitHub

2016年5月5日星期四

Juniper 查看歷史指令

	root> show cli history
	14:01:17 -- configure
	14:24:22 -- show version
	14:27:40 -- show configuration \|set
	14:27:52 -- configure
	14:41:26 -- show system alarms
	14:41:37 -- .showchassishardware
	14:41:51 -- show chassis hardware
	14:41:59 -- show chassis fpc pic-status
	14:42:07 -- show ppp interface pp0 extensive
	14:42:37 -- show log messages
	14:42:42 -- show log messages \|no-more
	14:43:16 -- show configuration \|display set \|no-more
	14:55:44 -- configure
	14:57:57 -- show cli history

	root>

view raw 2016050615.sh hosted with ❤ by GitHub

Juniper 顯示設定

	root# run show configuration \|display set
	set version 12.1R1.9
	set system syslog user * any emergency
	set system syslog file messages any notice
	set system syslog file messages authorization info
	set system syslog file interactive-commands interactive-commands any

	[edit]

view raw 2016050614.sh hosted with ❤ by GitHub

Juniper 網路卡設定

	[edit]
	root# set interfaces em0 unit 0 family inet address 192.168.1.1/24

view raw 2016050615.sh hosted with ❤ by GitHub

Juniper 設定主機名稱

	[edit]
	root@R1# set system host-name R1

	[edit]
	root@R1# set system domain-name icto.corp

	[edit]
	root@R1# set system name-server 8.8.8.8

view raw 2016050614.sh hosted with ❤ by GitHub

Juniper 設定靜態路由

	[edit]
	root@R1# set routing-options static route 10.50.0.0/24 next-hop 192.168.1.5
	[edit]
	root@R1# commit
	commit complete

	[edit]
	root@R1# run show route

	inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
	+ = Active Route, - = Last Active, * = Both

	10.10.0.1/32 *[Local/0] 01:59:43
	Reject
	10.50.0.0/24 *[Static/5] 00:00:03
	> to 192.168.1.5 via em0.0
	192.168.1.0/24 *[Direct/0] 01:59:43
	> via em0.0
	192.168.1.1/32 *[Local/0] 01:59:43
	Local via em0.0

	[edit]

view raw 2016050612.sh hosted with ❤ by GitHub

Juniper 顯示路由資訊

	[edit]
	root@R1# run show route

	inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
	+ = Active Route, - = Last Active, * = Both

	10.10.0.1/32 *[Local/0] 01:59:02
	Reject
	192.168.1.0/24 *[Direct/0] 01:59:02
	> via em0.0
	192.168.1.1/32 *[Local/0] 01:59:02
	Local via em0.0

	[edit]

view raw 2016050611.sh hosted with ❤ by GitHub

	root@R1# run show route table inet.0
	#顯示單撥路由
	root@R1# run show route table inet.1
	#顯示多撥路由

view raw 2016050613.sh hosted with ❤ by GitHub

Linux 硬碟分割

新的磁碟管理工具：gdisk
查看磁區分割狀態：lsblk
核心的磁區分割狀態：/proc/partitions
查看磁碟ID：blkid
傳統的磁碟分割工具：fdisk
範例：
1. gfisk：新增一個磁碟分割區

新的磁碟管理工具：gdisk

[root@rhel7 ~]# yum install gdisk -y

view raw 2016050606.sh hosted with ❤ by GitHub

	[root@rhel7 ~]# gdisk -l /dev/sda
	GPT fdisk (gdisk) version 0.8.6

	Partition table scan:
	MBR: MBR only
	BSD: not present
	APM: not present
	GPT: not present


	***************************************************************
	Found invalid GPT and valid MBR; converting MBR to GPT format.
	***************************************************************

	Disk /dev/sda: 266338304 sectors, 127.0 GiB
	Logical sector size: 512 bytes
	Disk identifier (GUID): 75131CAA-CA89-4CB7-865F-FBC4C4228B56
	Partition table holds up to 128 entries
	First usable sector is 34, last usable sector is 266338270
	Partitions will be aligned on 2048-sector boundaries
	Total free space is 202440637 sectors (96.5 GiB)

	Number Start (sector) End (sector) Size Code Name
	1 2048 411647 200.0 MiB 8300 Linux filesystem
	2 411648 41371647 19.5 GiB 8300 Linux filesystem
	3 41371648 61851647 9.8 GiB 8300 Linux filesystem
	5 61853696 63901695 1000.0 MiB 8200 Linux swap

view raw 2016050607.sh hosted with ❤ by GitHub

	[root@rhel7 ~]# gdisk /dev/sdb
	GPT fdisk (gdisk) version 0.8.6

	Partition table scan:
	MBR: not present
	BSD: not present
	APM: not present
	GPT: not present

	Creating new GPT entries.

	Command (? for help): m
	b back up GPT data to a file
	c change a partition's name
	d delete a partition
	i show detailed information on a partition
	l list known partition types
	n add a new partition
	o create a new empty GUID partition table (GPT)
	p print the partition table
	q quit without saving changes
	r recovery and transformation options (experts only)
	s sort partitions
	t change a partition's type code
	v verify disk
	w write table to disk and exit
	x extra functionality (experts only)
	? print this menu

	Command (? for help):

view raw 2016050609.sh hosted with ❤ by GitHub

lsblk

	[root@rhel7 ~]# lsblk
	NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
	sda 8:0 0 127G 0 disk
	├─sda1 8:1 0 200M 0 part /boot
	├─sda2 8:2 0 19.5G 0 part /
	├─sda3 8:3 0 9.8G 0 part /usr
	├─sda4 8:4 0 1K 0 part
	└─sda5 8:5 0 1000M 0 part [SWAP]
	sdb 8:16 0 127G 0 disk
	sr0 11:0 1 1024M 0 rom

view raw 2016050605.sh hosted with ❤ by GitHub

核心的磁區分割狀態：/proc/partitions

	[root@rhel7 ~]# cat /proc/partitions
	major minor #blocks name

	11 0 1048575 sr0
	8 16 133169152 sdb
	8 0 133169152 sda
	8 1 204800 sda1
	8 2 20480000 sda2
	8 3 10240000 sda3
	8 4 1 sda4
	8 5 1024000 sda5

view raw 2016050604.sh hosted with ❤ by GitHub

查看磁碟ID：blkid

	[root@rhel7 ~]# blkid
	/dev/sda1: UUID="059b93ee-695e-4929-8453-82e922e2bada" TYPE="xfs"
	/dev/sda2: UUID="58eb227d-08b5-47b8-8a6b-909f3bb3c8be" TYPE="xfs"
	/dev/sda3: UUID="881ba74d-1888-4dd8-9400-5562ec68172b" TYPE="xfs"
	/dev/sda5: UUID="202a5349-b907-40f3-ac16-80944c40a6a1" TYPE="swap"

view raw 2016050608.sh hosted with ❤ by GitHub

傳統的磁碟分割工具：fdisk

	[root@rhel7 ~]# fdisk -l

	Disk /dev/sdb: 136.4 GB, 136365211648 bytes, 266338304 sectors
	Units = sectors of 1 * 512 = 512 bytes
	Sector size (logical/physical): 512 bytes / 512 bytes
	I/O size (minimum/optimal): 512 bytes / 512 bytes


	Disk /dev/sda: 136.4 GB, 136365211648 bytes, 266338304 sectors
	Units = sectors of 1 * 512 = 512 bytes
	Sector size (logical/physical): 512 bytes / 512 bytes
	I/O size (minimum/optimal): 512 bytes / 512 bytes
	Disk label type: dos
	Disk identifier: 0x0009d590

	Device Boot Start End Blocks Id System
	/dev/sda1 * 2048 411647 204800 83 Linux
	/dev/sda2 411648 41371647 20480000 83 Linux
	/dev/sda3 41371648 61851647 10240000 83 Linux
	/dev/sda4 61851648 266338303 102243328 5 Extended
	/dev/sda5 61853696 63901695 1024000 82 Linux swap / Solaris

view raw 2016050601.sh hosted with ❤ by GitHub

	[root@rhel7 ~]# fdisk /dev/sdb
	Welcome to fdisk (util-linux 2.23.2).

	Changes will remain in memory only, until you decide to write them.
	Be careful before using the write command.

	Device does not contain a recognized partition table
	Building a new DOS disklabel with disk identifier 0x082377de.

	Command (m for help): p

	Disk /dev/sdb: 136.4 GB, 136365211648 bytes, 266338304 sectors
	Units = sectors of 1 * 512 = 512 bytes
	Sector size (logical/physical): 512 bytes / 512 bytes
	I/O size (minimum/optimal): 512 bytes / 512 bytes
	Disk label type: dos
	Disk identifier: 0x082377de

	Device Boot Start End Blocks Id System

	Command (m for help):

view raw 2016050602.sh hosted with ❤ by GitHub

	[root@rhel7 ~]# fdisk /dev/sda
	Welcome to fdisk (util-linux 2.23.2).

	Changes will remain in memory only, until you decide to write them.
	Be careful before using the write command.


	Command (m for help): p

	Disk /dev/sda: 136.4 GB, 136365211648 bytes, 266338304 sectors
	Units = sectors of 1 * 512 = 512 bytes
	Sector size (logical/physical): 512 bytes / 512 bytes
	I/O size (minimum/optimal): 512 bytes / 512 bytes
	Disk label type: dos
	Disk identifier: 0x0009d590

	Device Boot Start End Blocks Id System
	/dev/sda1 * 2048 411647 204800 83 Linux
	/dev/sda2 411648 41371647 20480000 83 Linux
	/dev/sda3 41371648 61851647 10240000 83 Linux
	/dev/sda4 61851648 266338303 102243328 5 Extended
	/dev/sda5 61853696 63901695 1024000 82 Linux swap / Solaris

	Command (m for help):

view raw 2016050603.sh hosted with ❤ by GitHub

範例：gfisk：增一個磁碟分割區

	[root@rhel7 ~]# gdisk /dev/sdb
	GPT fdisk (gdisk) version 0.8.6

	Partition table scan:
	MBR: not present
	BSD: not present
	APM: not present
	GPT: not present

	Creating new GPT entries.

	Command (? for help): n
	Partition number (1-128, default 1):
	First sector (34-266338270, default = 2048) or {+-}size{KMGTP}:
	Last sector (2048-266338270, default = 266338270) or {+-}size{KMGTP}: +1G
	Current type is 'Linux filesystem'
	Hex code or GUID (L to show codes, Enter = 8300):
	Changed type of partition to 'Linux filesystem'

	Command (? for help): p
	Disk /dev/sdb: 266338304 sectors, 127.0 GiB
	Logical sector size: 512 bytes
	Disk identifier (GUID): 57920DFF-C2D3-46BF-B1E1-A45181220B6C
	Partition table holds up to 128 entries
	First usable sector is 34, last usable sector is 266338270
	Partitions will be aligned on 2048-sector boundaries
	Total free space is 264241085 sectors (126.0 GiB)

	Number Start (sector) End (sector) Size Code Name
	1 2048 2099199 1024.0 MiB 8300 Linux filesystem

	Command (? for help): w

	Final checks complete. About to write GPT data. THIS WILL OVERWRITE EXISTING
	PARTITIONS!!

	Do you want to proceed? (Y/N): y
	OK; writing new GUID partition table (GPT) to /dev/sdb.
	The operation has completed successfully.

view raw 2016050610.sh hosted with ❤ by GitHub

2016年5月1日星期日

Linux RHEL7 查看所有開機過程

	[root@localhost ~]# vi /boot/grub2/grub.cfg
	#linux16 /vmlinuz-3.10.0-123.el7.x86_64 root=UUID=8ede3c03-88e9-4189-92b2-0d77b2e44d9d ro rd.lvm.lv=centos/swap vconsole.font=latarcyrheb-sun16 rd.lvm.lv=centos/root crashkernel=auto vconsole.keymap=us rhgb quiet net.ifnames=0

	linux16 /vmlinuz-3.10.0-123.el7.x86_64 root=UUID=8ede3c03-88e9-4189-92b2-0d77b2e44d9d ro rd.lvm.lv=centos/swap vconsole.font=latarcyrheb-sun16 rd.lvm.lv=centos/root crashkernel=auto vconsole.keymap=us net.ifnames=0

	#將 rhgb quiet 拿掉即可

view raw 20160509.sh hosted with ❤ by GitHub

Linux Script 大量查詢 Domain MX RR

	domain=$(cat /root/mx.txt)
	for domain in $domain
	do
	dig @8.8.8.8 $domain mx\|grep -v ";"\|grep -v '^\s*$'
	done

view raw 20160508.sh hosted with ❤ by GitHub

Cisco Route OSPF

建立 Area

	R1#conf t
	Enter configuration commands, one per line. End with CNTL/Z.
	R1(config)#router ospf 1
	R1(config-router)#netwo
	R1(config-router)#network 192.168.1.0 255.255.255.0 area 1
	R1(config-router)#network 10.30.0.0 255.255.255.0 area 13
	R1(config-router)#do wr
	Building configuration...
	[OK]

view raw 2016050106 hosted with ❤ by GitHub

查看鄰居

	R1#show ip ospf neighbor

	Neighbor ID Pri State Dead Time Address Interface
	10.10.0.1 128 FULL/BDR 00:00:33 192.168.1.1 FastEthernet0/0
	10.20.0.1 128 FULL/DR 00:00:32 192.168.1.2 FastEthernet0/0

view raw 2016050107.sh hosted with ❤ by GitHub

R1 Config

	!
	hostname R1
	!
	interface FastEthernet0/0
	ip address 192.168.2.1 255.255.255.0
	duplex auto
	speed auto
	!
	interface FastEthernet0/1
	ip address 10.1.0.1 255.255.255.0
	duplex auto
	speed auto
	!
	!
	router ospf 1
	log-adjacency-changes
	network 10.1.0.0 0.0.0.255 area 1
	network 192.168.2.1 0.0.0.0 area 0
	!

view raw 2016050104 hosted with ❤ by GitHub

R2 Config

	!
	hostname R2
	!
	!
	interface FastEthernet0/0
	ip address 192.168.2.2 255.255.255.0
	duplex auto
	speed auto
	!
	interface FastEthernet0/1
	ip address 10.2.0.1 255.255.255.0
	duplex auto
	speed auto
	!
	router ospf 1
	log-adjacency-changes
	network 10.2.0.0 0.0.0.255 area 2
	network 192.168.2.2 0.0.0.0 area 0
	!

view raw 2016050105 hosted with ❤ by GitHub

Cisco 介面設定 IP

設定IP、啟用網卡

	R1#conf
	R1(config)#int f0
	R1(config-if)#ip address 192.168.1.3 255.255.255.0
	R1(config-if)#no sh

view raw 2016050101.sh hosted with ❤ by GitHub

	R1(config-if)#do sh ip int br
	Interface IP-Address OK? Method Status Protocol
	Ethernet0 unassigned YES unset administratively down down
	Ethernet1 unassigned YES unset administratively down down
	FastEthernet0 192.168.1.3 YES manual up up

view raw 2016050102.sh hosted with ❤ by GitHub

連線測試

	R1(config-if)#do ping 192.168.1.1

	Type escape sequence to abort.
	Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
	!!!!!
	Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
	R1(config-if)#do ping 192.168.1.2

	Type escape sequence to abort.
	Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
	!!!!!
	Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

view raw 2016050103.sh hosted with ❤ by GitHub

2016年4月29日星期五

Cisco 查看網路介面

	R1#sh ip int brief
	Interface IP-Address OK? Method Status Protocol
	Ethernet0 unassigned YES unset administratively down down
	Ethernet1 unassigned YES unset administratively down down
	FastEthernet0 unassigned YES unset administratively down down

view raw 2016043004.sh hosted with ❤ by GitHub

Cisco 設定主機名稱

	Router>en
	Router#conf t
	Enter configuration commands, one per line. End with CNTL/Z.
	Router(config)#hostname R1
	R1(config)#exit
	R1#wr

view raw 2016043003.sh hosted with ❤ by GitHub

Juniper 系統關機

	root> request system halt
	warning: The configuration has been changed but not committed
	Halt the system ? [yes,no] (no) yes


	* FINAL System shutdown message from root@ *

	System going down IMMEDIATELY


	Shutdown NOW!
	[pid 1556]

view raw 2016043002 hosted with ❤ by GitHub

Juniper 回復原廠設定

	root# load factory-default
	warning: activating factory configuration

	[edit]
	root# commit

view raw 2016043001 hosted with ❤ by GitHub

2016年4月28日星期四

Windows Power Shell 取得日期 Get-Date

	PS C:\Users\Administrator> Get-Date -Format yyyMMdd
	20160429

view raw 2016042901 hosted with ❤ by GitHub

Windows Power Shell 查看 Eventlog

取得所有 Eventlog

	PS C:\> get-eventlog -list

	Max(K) Retain OverflowAction Entries Log
	------ ------ -------------- ------- ---
	20,480 0 OverwriteAsNeeded 706 Application
	20,480 0 OverwriteAsNeeded 0 HardwareEvents
	512 7 OverwriteOlder 9 Hewlett-Packard
	512 7 OverwriteOlder 0 Internet Explorer
	20,480 0 OverwriteAsNeeded 0 Key Management Service
	20,480 0 OverwriteAsNeeded 3,590 Security
	20,480 0 OverwriteAsNeeded 3,658 System
	15,360 0 OverwriteAsNeeded 91 Windows PowerShell

view raw 2016042808 hosted with ❤ by GitHub

查看前 50 筆 Log

	PS C:\> get-eventlog -newest 50 Hewlett-Packard

	Index Time EntryType Source InstanceID Message
	----- ---- --------- ------ ---------- -------
	9 三月 01 10:52 Error HPSF.exe 2000 HP Error ID: -2146233087 於 System.Windows.Ma...
	8 三月 01 10:43 Error HPSF.exe 2000 HP Error ID: -2146233087 於 System.Windows.Ma...
	7 三月 01 09:38 Error HPSF.exe 2000 HP Error ID: -2146233087 於 System.Windows.Ma...
	6 二月 26 01:16 Error HPSF.exe 2000 HP Error ID: -2146233087 於 System.Windows.Ma...
	5 二月 26 00:42 Error HPSF.exe 2000 HP Error ID: -2146233087 於 System.Windows.Ma...
	4 二月 25 05:10 Error HPSF.exe 2000 HP Error ID: -2146233087 於 System.Windows.Ma...
	3 二月 25 05:10 Error HPSF.exe 2000 HP Error ID: -2146233087 於 System.Windows.Ma...
	2 二月 25 05:10 Error HPSF.exe 2000 HP Error ID: -2146233087 於 System.Windows.Ma...
	1 二月 25 05:09 Error HPSF.exe 2000 HP Error ID: -2146233087 於 System.Windows.Ma...

view raw 2016042809 hosted with ❤ by GitHub

Linux 網路管理工具 ip

顯示 IP

	[root@rhel7 ~]# ip a s
	1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
	link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
	inet 127.0.0.1/8 scope host lo
	valid_lft forever preferred_lft forever
	inet6 ::1/128 scope host
	valid_lft forever preferred_lft forever
	2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
	link/ether 00:15:5d:22:b4:04 brd ff:ff:ff:ff:ff:ff
	inet 192.168.100.100/24 brd 192.168.100.255 scope global eth0
	valid_lft forever preferred_lft forever
	inet6 fe80::215:5dff:fe22:b404/64 scope link
	valid_lft forever preferred_lft forever

view raw 2016042806.sh hosted with ❤ by GitHub

	[root@rhel7 ~]# ip a s dev eth0 \|grep inet \|awk '{ print $2}'
	192.168.100.100/24
	fe80::215:5dff:fe22:b404/64

view raw 2016042805.sh hosted with ❤ by GitHub

顯示 Gateway

	[root@rhel7 ~]# ip route
	default via 192.168.100.254 dev eth0
	192.168.100.0/24 dev eth0 proto kernel scope link src 192.168.100.100
	169.254.0.0/16 dev eth0 scope link metric 1002

view raw 2016042807.sh hosted with ❤ by GitHub

Linux 防火牆管理工具 firewalld

列出目前狀態

	[root@rhel7 ~]# firewall-cmd --list-all
	public (default, active)
	interfaces: eth0
	sources:
	services: dhcpv6-client ssh
	ports:
	masquerade: no
	forward-ports:
	icmp-blocks:
	rich rules:

view raw 2016042207.sh hosted with ❤ by GitHub

新增目標「暫時」

	[root@rhel7 ~]# firewall-cmd --add-port=80/tcp
	success
	[root@rhel7 ~]# firewall-cmd --add-port=443/tcp
	success

view raw 2016042208.sh hosted with ❤ by GitHub

	[root@rhel7 ~]# firewall-cmd --list-all \|grep ports
	ports: 443/tcp 80/tcp
	forward-ports:

view raw 2016042209.sh hosted with ❤ by GitHub

新增目標「永久」

	[root@rhel7 ~]# firewall-cmd --permanent --add-port=80/tcp
	success
	[root@rhel7 ~]# firewall-cmd --permanent --add-port=443/tcp
	success

view raw 2016042210.sh hosted with ❤ by GitHub

	[root@rhel7 ~]# firewall-cmd --permanent --list-all
	public (default)
	interfaces:
	sources:
	services: dhcpv6-client ssh
	ports: 443/tcp 80/tcp
	masquerade: no
	forward-ports:
	icmp-blocks:
	rich rules:

view raw 2016042211.sh hosted with ❤ by GitHub

Linux 服務管理工具 systemctl

服務的停止與啟動

	[root@rhel7 ~]# systemctl start httpd
	[root@rhel7 ~]# systemctl stop httpd
	[root@rhel7 ~]# systemctl restart httpd

view raw 2016042802.sh hosted with ❤ by GitHub

顯示所有服務

	[root@rhel7 ~]# systemctl list-unit-files --type service
	UNIT FILE STATE
	auditd.service enabled
	autovt@.service disabled
	avahi-daemon.service enabled
	brandbot.service static
	console-getty.service disabled
	console-shell.service disabled
	cpupower.service disabled
	crond.service enabled
	dbus-org.fedoraproject.FirewallD1.service enabled

view raw 2016042803.sh hosted with ❤ by GitHub

啟動執行與停止服務

	[root@rhel7 ~]# systemctl enable httpd
	ln -s '/usr/lib/systemd/system/httpd.service' '/etc/systemd/system/multi-user.target.wants/httpd.service'
	[root@rhel7 ~]# systemctl disable httpd
	rm '/etc/systemd/system/multi-user.target.wants/httpd.service'

view raw 2016042804 hosted with ❤ by GitHub

Linux 縱向擷取工具 awk

	[root@rhel7 ~]# tail /etc/passwd \|awk -F: '{ print $1 }'
	nobody
	dbus
	polkitd
	avahi
	avahi-autoipd
	postfix
	sshd
	admin
	apache
	mysql

view raw 2016042801.sh hosted with ❤ by GitHub

2016年4月22日星期五

Linux 橫向擷取工具 grep

[root@rhel7 ~]# cat [file] |grep 'option1\|option2\|option3'

view raw 20160422B01.sh hosted with ❤ by GitHub

	[root@rhel7 ~]# systemctl list-unit-files --type service \|grep 'firewall\\|postfix\\|httpd'
	firewalld.service enabled
	httpd.service disabled
	postfix.service enabled
	#查詢多筆資訊

view raw 20160422B02.sh hosted with ❤ by GitHub

	[root@rhel7 ~]# egrep "postfix\|mysql" /etc/passwd
	postfix:x:89:89::/var/spool/postfix:/sbin/nologin
	mysql:x:998:997:MySQL server:/var/lib/mysql:/sbin/nologin
	#使用[egrep]查詢多筆資訊

view raw 20160422B03.sh hosted with ❤ by GitHub

2016年4月21日星期四

Linux 文字改寫的好幫手 sed

文字改寫的好幫手

文字替換

	[root@rhel7 ~]# echo abcd \|sed s/a/z/
	zbcd
	#文字替換
	[root@rhel7 ~]# echo "abcd" \|sed "s/a/z/"
	zbcd
	#引號

view raw 20160422A01.sh hosted with ❤ by GitHub

	[root@rhel7 ~]# echo old old \| sed s/old/new/g
	new new
	#文字替換
	[root@rhel7 ~]# echo "abcd" \|sed "s/a/z/"
	zbcd

view raw 20160422A02.sh hosted with ❤ by GitHub

	[root@rhel7 ~]# echo "this is bad" \| sed 's/bad/good/w out.txt'
	this is good
	#替換文件內文字
	[root@rhel7 ~]# cat out.txt
	this is good
	#查看結果

view raw 20160422A03.sh hosted with ❤ by GitHub

	[root@rhel7 ~]# echo "今天心情很差" \| sed s/差/好/g
	今天心情很好
	#中文範例

view raw 20160422A04.sh hosted with ❤ by GitHub

2016年4月19日星期二

Linux RHEL7 網路連線查看工具 ss

簡介：自RHEL7發行開始，就已移除了舊有的「netstat」而使用「ss」來取代。

參數介紹

	[root@rhel7 ~]# man ss
	-a, --all
	-l, --listening
	-n, --numeric
	ss -t -a
	Display all TCP sockets.
	Display all UDP sockets.

view raw 2016042202.sh hosted with ❤ by GitHub

基本服務查詢

	[root@rhel7 ~]# ss -lt
	State Recv-Q Send-Q Local Address:Port Peer Address:Port
	LISTEN 0 100 127.0.0.1:smtp :
	LISTEN 0 50 :mysql :*
	LISTEN 0 128 :ndmp :*
	LISTEN 0 128 :ssh :*
	LISTEN 0 100 ::1:smtp :::*
	LISTEN 0 128 :::http :::*
	LISTEN 0 128 :::ssh

view raw 2016042001.sh hosted with ❤ by GitHub

	[root@rhel7 ~]# ss -ltn
	State Recv-Q Send-Q Local Address:Port Peer Address:Port
	LISTEN 0 100 127.0.0.1:25 :
	LISTEN 0 50 :3306 :*
	LISTEN 0 128 :10000 :*
	LISTEN 0 128 :22 :*
	LISTEN 0 100 ::1:25 :::*
	LISTEN 0 128 :::80 :::*
	LISTEN 0 128 :::22 :::*

view raw 2016042201.sh hosted with ❤ by GitHub

訂閱：文章 (Atom)

2016年8月30日 星期二

2016年8月29日 星期一

2016年8月18日 星期四

2016年8月17日 星期三

2016年8月16日 星期二

2016年8月6日 星期六

古語

法器

2016年7月30日 星期六

2016年6月26日 星期日

2016年5月25日 星期三

2016年5月23日 星期一

2016年5月7日 星期六

2016年5月5日 星期四

2016年5月1日 星期日

2016年4月29日 星期五

2016年4月28日 星期四

2016年4月22日 星期五

2016年4月21日 星期四