首页 > 代码库 > Linux课程第二十二天学习笔记
Linux课程第二十二天学习笔记
####################空壳邮件####################
[root@maillinux ~]# vim /etc/named.rfc1912.zones
-----------------------------------------------
37 zone "westos.org" IN {
38 type master;
39 file "westos.org.zone";
40 allow-update { none; };
41 };
42
:wq
-----------------------------------------------
[root@maillinux ~]# cd /var/named
[root@maillinux named]# cp -p westos.com.zone westos.org.zone
##一定要加"-p"参数
[root@maillinux named]# vim westos.org.zone
-----------------------------------------------
1 $TTL 1D
2 @ IN SOA dns.westos.org. root.westos.org. (
3 0 ; serial
4 1D ; refresh
5 1H ; retry
6 1W ; expire
7 3H ) ; minimum
8 NS dns.westos.org.
9 dns A 172.25.50.100
10 westos.org. MX 1 172.25.50.100.
:wq
-----------------------------------------------
[root@maillinux named]# dig -t mx westos.org |grep MX
;westos.org. IN MX
westos.org. 86400 IN MX 1 172.25.50.100.
[root@maillinux named]# rm -fr /etc/postfix/main.cf
[root@maillinux named]# yum reinstall postfix -y
......
[root@maillinux named]# systemctl restart postfix.service
[root@maillinux named]# vim /etc/postfix/main.cf
-----------------------------------------------
75 myhostname = maillinux.linux.com
83 mydomain = linux.com
98 myorigin = westos.org
113 inet_interfaces = all
116 #inet_interfaces = localhost
140 local_transport = error:local delivery disabled ##不允许本地投递
164 mydestination = ##不接收任何邮件
313 relayhost = 172.25.50.200 ##指定真实的邮件服务器IP地址
:wq
-----------------------------------------------
[root@maillinux named]# systemctl restart postfix.service
[root@mailwestos ~]# vim /etc/postfix/main.cf
-----------------------------------------------
264 mynetworks = 172.25.50.0/24
:wq
-----------------------------------------------
[root@mailwestos ~]# systemctl restart postfix.service
[root@mailwestos ~]# cd /home/vmail/
[root@mailwestos vmail]# ls
mail westos.org
[root@mailwestos vmail]# rm -fr *
[root@mailwestos vmail]# ls
[root@maillinux named]# mail admin@westos.org
Subject: test
test
test
.
EOT
[root@maillinux named]# mailq
Mail queue is empty
[root@mailwestos vmail]# ls
westos.org
[root@mailwestos vmail]# cd westos.org/
[root@mailwestos westos.org]# ls
admin
[root@mailwestos westos.org]# cd admin/
[root@mailwestos admin]# ls
cur new tmp
#####################
##### Apache #####
#####################
Apche提供httpd协议
--网站主流架构--
lamp=linux apache mysql php
lnmp=linux nginx mysql php
以上都是开源软件,所以成为主流
--网站开发语言--
静态:html
动态:php cgi jsp asp
--中间件(翻译语言)--
tomcat jboss 等等
squid代理软件
反向代理,也就是通常所说的Web服务器加速
通过在Internet上增加一个高速的Web缓冲服务器(即:Web反向代理服务器),来降低实际的Web服务器的负载。
go语言
nmap著名的黑客软件
index.html里写的是html语句
[root@localhost ~]# hostnamectl set-hostname web1.westos.com
[root@localhost ~]# reboot
等待重启
[root@web1 ~]# yum install httpd -y
......
[root@web1 ~]# cd /var/www/html/
[root@web1 html]# ls
[root@web1 html]# vim index.html
测试http://172.25.254.115
[root@web1 html]# echo hello world >file
测试http://172.25.254.115/file
[root@web1 html]# netstat -antlpe |grep httpd
tcp6 0 0 :::80 :::* LISTEN 0 78225 4642/httpd
[root@web1 html]# rpm -qc httpd
/etc/httpd/conf.d/autoindex.conf
/etc/httpd/conf.d/userdir.conf
/etc/httpd/conf.d/welcome.conf
/etc/httpd/conf.modules.d/00-base.conf
/etc/httpd/conf.modules.d/00-dav.conf
/etc/httpd/conf.modules.d/00-lua.conf
/etc/httpd/conf.modules.d/00-mpm.conf
/etc/httpd/conf.modules.d/00-proxy.conf
/etc/httpd/conf.modules.d/00-systemd.conf
/etc/httpd/conf.modules.d/01-cgi.conf
/etc/httpd/conf/httpd.conf
/etc/httpd/conf/magic
/etc/logrotate.d/httpd
/etc/sysconfig/htcacheclean
/etc/sysconfig/httpd
==index优先级==
[root@web1 html]# vim /etc/httpd/conf/httpd.conf
164 DirectoryIndex file index.html
[root@web1 html]# systemctl reload httpd
测试http://172.25.254.115
hello world
[root@web1 html]# rm -fr file
测试http://172.25.254.115
web1.westos.com 123
[root@web1 html]# rm -fr index.html
测试http://172.25.254.115
apache测试页
##有问题,发现还是web1.westos.com 123,不知怎么又好了,可能是缓存
==http手册==
[root@web1 html]# yum install httpd-manual -y
......
[root@web1 html]# systemctl restart httpd
测试http://172.25.254.115/manual
==更改访问目录==
[root@web1 html]# getenforce
Enforcing
[root@web1 html]# ls -Zd
drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 .
[root@web1 html]# mkdir -p /www/westos
[root@web1 html]# semanage fcontext -a -t httpd_sys_content_t ‘/www/westos(/.*)?‘
[root@web1 html]# restorecon -RvvF /www/
restorecon reset /www context unconfined_u:object_r:default_t:s0->system_u:object_r:default_t:s0
restorecon reset /www/westos context unconfined_u:object_r:default_t:s0->system_u:object_r:httpd_sys_content_t:s0
[root@web1 html]# cd /www/westos/
[root@web1 westos]# ls
[root@web1 westos]# vim index.html
1 /www/westos’s page
[root@web1 westos]# vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 Require all granted
123 </Directory>
[root@web1 westos]# systemctl reload httpd
[root@web1 westos]# vim index.html
/www/westos’s page
测试http://172.25.254.115
==更改端口号==
[root@web1 westos]# vim /etc/httpd/conf/httpd.conf
42 Listen 8080
[root@web1 westos]# systemctl reload httpd
测试http://172.25.254.115:8080 ##8080默认是tomcat的端口
[root@web1 westos]# vim /etc/httpd/conf/httpd.conf
42 Listen 80
[root@web1 westos]# systemctl reload httpd ##重新加载速度更快
测试http://172.25.254.115
==访问ip限制==
[root@web1 westos]# vim /etc/httpd/conf/httpd.conf
121 <Directory "/www/westos">
122 Require all granted
123 Order Allow,Deny
124 Allow from all
125 Deny from 172.25.254.115
126 </Directory>
[root@web1 westos]# systemctl reload httpd
测试:
115:http://172.25.254.115不能访问
15:http://172.25.254.115可以访问
[root@web1 westos]# vim /etc/httpd/conf/httpd.conf
121 <Directory "/www/westos">
122 Require all granted
123 Order Deny,Allow
124 Allow from 172.25.254.115
125 Deny from all
126 </Directory>
[root@web1 westos]# systemctl reload httpd
测试:
115:http://172.25.254.115可以访问
15:http://172.25.254.115不能访问
[root@web1 westos]# vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 Require all granted
123 Order Deny,Allow
124 Allow from 172.25.254.0/24
125 Deny from all
126 </Directory>
[root@web1 westos]# systemctl reload httpd
测试:
只允许172.25.254.0/24这个网段访问
==用户名,密码访问==
[root@web1 westos]# cd /etc/httpd/
[root@web1 httpd]# ls
conf conf.d conf.modules.d logs modules run
[root@web1 httpd]# htpasswd -cm htpasswdfile admin
New password:
Re-type new password:
Adding password for user admin
[root@web1 httpd]# cat htpasswdfile
admin:$apr1$WbKugIGj$2HGUWRwGSXS41wsCTbvod/
[root@web1 httpd]# htpasswd -m htpasswdfile westos
New password:
Re-type new password:
Adding password for user westos
[root@web1 httpd]# cat htpasswdfile
admin:$apr1$WbKugIGj$2HGUWRwGSXS41wsCTbvod/
westos:$apr1$cgzYLUVZ$zSkX6bfpFZkDQxrONSofc/
[root@web1 httpd]# vim /etc/httpd/conf/httpd.conf
121 <Directory "/www/westos">
122 #Require all granted
123 Authuserfile /etc/httpd/htpasswdfile
124 Authname "Please input username and password"
125 Authtype basic
126 Require user admin
127 </Directory>
[root@web1 httpd]# systemctl reload httpd
测试http://172.25.254.115
admin验证成功
westos验证不成功
ctrl+shift+delete点击清空缓存
[root@web1 httpd]# vim /etc/httpd/conf/httpd.conf
121 <Directory "/www/westos">
122 #Require all granted
123 Authuserfile /etc/httpd/htpasswdfile
124 Authname "Please input username and password"
125 Authtype basic
126 Require valid-user
127 </Directory>
[root@web1 httpd]# systemctl reload httpd
测试http://172.25.254.115
admin验证成功
westos验证成功
==music.westos.com; news.westos.com==
[root@web1 httpd]# vim /etc/httpd/conf/httpd.conf
119 DocumentRoot "/var/www/html"
120 #DocumentRoot "/www/westos"
[root@web1 httpd]# systemctl reload httpd
[root@web1 httpd]# cd /var/www/html/
[root@web1 html]# ls
[root@web1 html]# vim index.html
1 www.westos.com
测试http://172.25.254.115正常
[root@web1 html]# vim /etc/hosts
6 172.25.254.115 www.westos.com westos.com music.westos.com news.westos.com
[root@web1 html]# mkdir /var/www/virtual/music.westos.com/html -p
[root@web1 html]# mkdir /var/www/virtual/news.westos.com/html -p
[root@web1 ~]# cd /var/www/virtual/music.westos.com/html
[root@web1 html]# vim index.html
1 music.westos.com
[root@web1 html]# cd /var/www/virtual/news.westos.com/html
[root@web1 html]# vim index.html
1 news.westos.com
[root@web1 html]# cd /etc/httpd/conf.d/
[root@web1 conf.d]# ls
autoindex.conf manual.conf README userdir.conf welcome.conf
[root@web1 conf.d]# vim default.conf
1 <Virtualhost _default_:80>
2 Documentroot /var/www/html
3 Customlog "logs/default.log" combined ##combined表示日志级别是全部
4 </Virtualhost>
5 <Directory "/var/www/html">
6 Require all granted
7 </Directory>
[root@web1 conf.d]# cp default.conf music.conf
[root@web1 conf.d]# vim music.conf
1 <Virtualhost *:80>
2 Servername music.westos.com
3 Documentroot /var/www/virtual/music.westos.com/html
4 Customlog "logs/music.log" combined
5 </Virtualhost>
6 <Directory "/var/www/virtual/music.westos.com/html">
7 Require all granted
8 </Directory>
[root@web1 conf.d]# cp music.conf news.conf
[root@web1 conf.d]# vim news.conf
1 <Virtualhost *:80>
2 Servername news.westos.com
3 Documentroot /var/www/virtual/news.westos.com/html
4 Customlog "logs/news.log" combined
5 </Virtualhost>
6 <Directory "/var/www/virtual/news.westos.com/html">
7 Require all granted
8 </Directory>
[root@web1 conf.d]# systemctl reload httpd
[root@web1 conf.d]# firefox &
测试:
www.westos.com
news.westos.com
music.westos.com
测试成功
客户端加密,服务端解密
客户拿到证书加密,服务器拿key解密
install上面装好就有证书,下面生成证书
[root@web1 conf.d]# yum install mod_ssl -y
......
[root@foundation15 conf.d]# yum install crypto-utils -y
......
│ The key will be stored in │
│ /etc/pki/tls/private/www.westos.com.key │
│ The certificate stored in │
│ /etc/pki/tls/certs/www.westos.com.crt
[root@web1 conf.d]# genkey www.westos.com
/usr/bin/keyutil -c makecert -g 1024 -s "CN=www.westos.com, OU=linux, O=westos, L=xi‘an, ST=shannxi, C=CN" -v 1 -a -z /etc/pki/tls/.rand.8103 -o /etc/pki/tls/certs/www.westos.com.crt -k /etc/pki/tls/private/www.westos.com.key
cmdstr: makecert
cmd_CreateNewCert
command: makecert
keysize = 1024 bits
subject = CN=www.westos.com, OU=linux, O=westos, L=xi‘an, ST=shannxi, C=CN
valid for 1 months
random seed from /etc/pki/tls/.rand.8103
output will be written to /etc/pki/tls/certs/www.westos.com.crt
output key written to /etc/pki/tls/private/www.westos.com.key
Generating key. This may take a few moments...
Made a key
Opened tmprequest for writing
/usr/bin/keyutil Copying the cert pointer
Created a certificate
Wrote 882 bytes of encoded data to /etc/pki/tls/private/www.westos.com.key
Wrote the key to:
/etc/pki/tls/private/www.westos.com.key
[root@web1 ~]# ls /etc/pki/tls/certs
ca-bundle.crt localhost.crt Makefile www.westos.com.crt
ca-bundle.trust.crt make-dummy-cert renew-dummy-cert
[root@web1 conf.d]# vim ssl.conf
100 SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
107 SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
测试:真机打开firefox,输入https://172.25.254.115/
本文出自 “施超Linux学习笔记” 博客,谢绝转载!
Linux课程第二十二天学习笔记