海运的博客

linux/ubuntu/centos系统多ip指定出口ip

发布时间:February 21, 2021 // 分类: // No Comments

1.修改路由表指定默认路由源ip,也可设置metric优先级指定出口ip:

ip route change default via 192.168.1.1 dev eth0 src 192.168.1.9

2.也可使用iptables snat,扩展可对目标ip、端口、应用软件等单独指定出口ip。

iptables -t nat -I POSTROUTING -o eth0 -d 0.0.0.0/0 -j SNAT --to-source 192.168.1.9

ubuntu安装Knot 域名权威Authoritative DNS服务器配置ddns动态更新ip

发布时间:February 4, 2021 // 分类:DNS // No Comments

目前在使用dnspod更新ddns ip,但是dnspod免费账号ttl最低设置为600,对于要求及时更新的可自己搭建dns服务器更新ddns,本文使用knot,相对bind有占用资源小,配置简单优点。

apt install knot knot-dnsutils

生成远程更新验证key并添加到配置文件,首行格式用于客户端knsupdate验证key:

keymgr -t key_knsupdate
# hmac-sha256:key_knsupdate:USWfnZKqVwfbv/rcaJtyJA+Evj9eS6v23BmXFO0h0r0=
key:
  - id: key_knsupdate
    algorithm: hmac-sha256
    secret: USWfnZKqVwfbv/rcaJtyJA+Evj9eS6v23BmXFO0h0r0=

knot配置文件,knsupdate和主从同步可使用key或ip认证:

server:
    identity: 
    version: 
    nsid: 
    rundir: "/run/knot"
    user: knot:knot
    #listen: [ 0.0.0.0@53, 127.0.0.1@53, ::1@53 ]
    listen: 192.168.1.1@53

log:
  - target: syslog
    any: info

# hmac-sha256:key_knsupdate:USWfnZKqVwfbv/rcaJtyJA+Evj9eS6v23BmXFO0h0r0=
key:
  - id: key_knsupdate
    algorithm: hmac-sha256
    secret: USWfnZKqVwfbv/rcaJtyJA+Evj9eS6v23BmXFO0h0r0=

remote:
  - id: slave
    address: 192.168.2.1@53
    key: key_knsupdate

  - id: master
    address: 192.168.1.1@53
    key: key_knsupdate

acl:
  - id: acl_slave
    #address: 192.168.2.1
    key: key_knsupdate
    action: transfer

  - id: acl_master
    #address: 192.168.1.1
    key: key_knsupdate
    action: notify

  - id: acl_knsupdate
    #address: [ 127.0.0.1, 192.168.1.1 ]
    key: key_knsupdate
    action: update

template:
  - id: default
    storage: "/var/lib/knot"
    file: "%s.zone"

zone:
    # Master zone
  - domain: ddns.haiyun.me
    notify: slave
    #acl: acl_slave
    acl: [ acl_slave, acl_knsupdate ]

knot dns主从同步配置,以上配置文件zone为master,slave要将zone替换为:

zone:
    # Slave zone
  - domain: ddns.haiyun.me
    master: master
    zonefile-load: whole
    acl: acl_master

zone文件:

cat /var/lib/knot/ddns.haiyun.me.zone 
;; Zone dump (Knot DNS 2.7.8)
ddns.haiyun.me.         3600    SOA     ns1.haiyun.me. admin.haiyun.me. 2021020415 60 60 1800 60
ddns.haiyun.me.         3600    NS      ns1.haiyun.me.
ddns.haiyun.me.         3600    NS      ns2.haiyun.me.
1.ddns.haiyun.me.       10      A       1.1.1.1
1.ddns.haiyun.me.       10      AAAA    ::1
www.ddns.haiyun.me.     10      A       1.1.1.1
;; Written 6 records
;; Time 2021-02-04 17:52:03 CST

使用knsupdate动态更新dns ip:

cat > cmd.txt << EOF
server 127.0.0.1
zone ddns.haiyun.me.
del 1.ddns.haiyun.me.
add 1.ddns.haiyun.me. 10 A 1.1.1.1
add 1.ddns.haiyun.me. 10 AAAA ::1
show
send
answer
quit
EOF
knsupdate -y "hmac-sha256:key_knsupdate:USWfnZKqVwfbv/rcaJtyJA+Evj9eS6v23BmXFO0h0r0=" cmd.txt

或通过knotc更改dns记录:

knotc zone-begin ddns.haiyun.me
knotc zone-set ddns.haiyun.me www 10 A 1.1.1.1
knotc zone-commit ddns.haiyun.me

参考:
https://www.knot-dns.cz/docs/2.7/html/reference.html
https://www.knot-dns.cz/docs/2.7/singlehtml/index.html
https://en.wikipedia.org/wiki/Comparison_of_DNS_server_software
https://blog.groverchou.com/2020/08/10/Knot-DNS-%E4%BD%BF%E7%94%A8%E6%95%99%E7%A8%8B/

ubuntu 20.04安装hwe最新内核kernel

发布时间:February 3, 2021 // 分类: // No Comments

ubuntu 20.04内核版本为5.4,通过hwe可安装5.8内核,虚拟机运行ubuntu可选择linux-virtual内核,节省硬盘空间,标准内核安装linux-generic。

#包含header,edge更新版本
#linux-virtual-hwe-20.04-edge
apt install linux-virtual-hwe-20.04
#仅包含内核及模块
apt install linux-image-virtual-hwe-20.04
apt install linux-generic-hwe-20.04
apt install linux-image-generic-hwe-20.04

也可选择安装最新版本ppa ubuntu内核

nginx配置webdav及使用curl测试

发布时间:February 2, 2021 // 分类:Nginx // No Comments

需安装http-dav-ext扩展,有时使用非标准webdav客户端删除目录时最后不带/,nginx删除目录失败返回409,alias不支持rewrite使用root。

  location /webdav/ {
    satisfy any;
    allow 127.0.0.1;
    deny all;
    #root /;
    #if (-d $request_filename) { rewrite ^(.*[^/])$ $1/ break; }
    alias /webdav/;
    dav_methods PUT DELETE MKCOL COPY MOVE;
    dav_ext_methods PROPFIND OPTIONS;
    dav_access user:rw group:r all:r;
    create_full_put_path  on;
    port_in_redirect off;
    autoindex on;
    autoindex_localtime on;
    charset utf-8;
    auth_basic "Login";
    auth_basic_user_file htpasswd;
  }

配置nginx webdav不同用户使用不同的家目录:

map $remote_user $home {
  default      $remote_user;
  ''           guest;
}
server {
  listen 80 default_server;
  listen [::]:80 default_server;
  server_name _;

  root /var/www/html;
  index index.html index.htm index.nginx-debian.html;

  try_files $uri /;

  location / {
    #if (-d $request_filename) { rewrite ^(.*[^/])$ $1/ break; }
    alias /data/webdav/$home/;
    #dav_methods PUT DELETE MKCOL COPY MOVE;
    dav_ext_methods PROPFIND OPTIONS;
    dav_access user:r group:r all:r;
    create_full_put_path on;
    port_in_redirect off;
    autoindex on;
    autoindex_localtime on;
    charset utf-8;
    auth_basic "Login";
    auth_basic_user_file htpasswd;
  }

  #access_log off;
  access_log /var/log/nginx/webdav.log;
  error_log  /var/log/nginx/webdav_error.log;
}

使用curl测试webdav:
新建目录,注意最后一定要带/,不然返回409,MKCOL can create a collection only

curl -X MKCOL https://www.haiyun.me/webdav/test/

上传文件:

curl -T filename https://www.haiyun.me/webdav/

重命名文件:

curl -X MOVE --header 'Destination:https://www.haiyun.me/webdav/newname' https://www.haiyun.me/webdav/filename

删除文件:

curl -X DELETE https://www.haiyun.me/webdav/filename

php协程异步扩展swoole使用

发布时间:January 17, 2021 // 分类:PHP // No Comments

ubuntu 20.04 php7.4编译安装swoole:

apt install php-cli php-dev libcurl4-openssl-dev php-curl libc-ares-dev
wget https://github.com/swoole/swoole-src/archive/v4.8.13.tar.gz
tar zxf v4.8.13.tar.gz
cd swoole-src-4.8.13
phpize
./configure --enable-openssl --enable-http2 --enable-swoole-curl --enable-cares
make && make install
echo 'extension=swoole.so' > /etc/php/7.4/cli/conf.d/20-swoole.ini
php --ri swoole
#减小swoole.so文件的大小
strip -s /usr/lib/php/20190902/swoole.so

debian12安装swoole5:

apt install php-cli php-dev libcurl4-openssl-dev php-curl libc-ares-dev libbrotli-dev
wget https://github.com/swoole/swoole-src/archive/refs/tags/v5.1.4.tar.gz
./configure --enable-openssl --enable-swoole-curl --enable-cares

swoole原生协程http客户端:

<?php
//Co::set(['hook_flags' => SWOOLE_HOOK_ALL]);
$count = 10;
Co\run(function () use (&$result, $count) {
  $wg = new \Swoole\Coroutine\WaitGroup();
  $result = [];
  for ($i = 1; $i <= $count; $i++) {
    $wg->add();
    go(function () use ($i, $wg, &$result) {
      $cli = new Swoole\Coroutine\Http\Client('www.baidu.com', 80);
      $cli->set(['timeout' => 10]);
      $cli->setHeaders([
        'Host' => 'www.baidu.com',
        'User-Agent' => 'Mozilla/5.0 Firefox/78.0',
      ]);
      $cli->get('/');
      $result[$i] = $cli->getStatusCode();
      $cli->close();
      $wg->done();
    });
  }
  $wg->wait();
});
var_dump($result);

以hook方式协程运行php curl:

<?php
//Co::set(['hook_flags' => SWOOLE_HOOK_ALL]);
Co\run(function () {
  $chan = new Swoole\Coroutine\Channel(10);
  for ($i = 1; $i <= 10; $i++) {
    go(function () use ($i, $chan) {
      $header = array(
        'User-Agent: Mozilla/5.0 Firefox/78.0'
      );
      $ch = curl_init();
      curl_setopt($ch, CURLOPT_URL, "http://www.baidu.com");
      curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
      curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
      curl_exec($ch);
      $code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
      curl_close($ch);
      $chan->push(['index' => $i, 'code' => $code]);
    });
  }
  for ($i = 1; $i <= 10; $i++) {
    $res = $chan->pop();
    var_dump($res);
  }
});
  1. 1
  2. ...
  3. 15
  4. 16
  5. 17
  6. 18
  7. 19
  8. 20
  9. 21
  10. ...
  11. 195
分类
最新文章
最近回复
  • opnfense: 谢谢博主!!!解决问题了!!!我之前一直以为内置的odhcp6就是唯一管理ipv6的方式
  • liyk: 这个方法获取的IPv6大概20分钟之后就会失效,默认路由先消失,然后Global IPV6再消失
  • 海运: 不好意思,没有。
  • zongboa: 您好,請問一下有immortalwrt設定guest Wi-Fi的GUI教學嗎?感謝您。
  • 海运: 恩山有很多。
  • swsend: 大佬可以分享一下固件吗,谢谢。
  • Jimmy: 方法一 nghtp3步骤需要改成如下才能编译成功: git clone https://git...
  • 海运: 地址格式和udpxy一样,udpxy和msd_lite能用这个就能用。
  • 1: 怎么用 编译后的程序在家里路由器内任意一台设备上运行就可以吗?比如笔记本电脑 m参数是笔记本的...
  • 孤狼: ups_status_set: seems that UPS [BK650M2-CH] is ...
归档