系統相關php
1 Ubuntu14.04相關 2 安裝 - VMware 3 Install Ubuntu 4 Continue 5 Install Now 6 Continue 7 Shanghai 8 Continue 9 用戶名/登陸帳號設置 - Continue 10 Restart now
內核相關html
1 查看內核版本 2 uname -r
網絡相關java
sysctl -w net.ipv4.ip_forward=1 #臨時開啓路由轉發 service network restart #重啓網絡配置 永久開啓路由轉發 修改/etc/sysctl.conf文件 將 net.ipv4.ip_forward=0改成net.ipv4.ip_forward=1
快捷鍵python
1 Ctrl + Alt + t - 打開終端
源相關:mysql
1 更新源:sudo apt-get update 2 修改源:/etc/apt/sources.list 3 源整理: 4 源1(系統默認) 5 deb http://mirrors.aliyun.com/ubuntu/ xenial main restricted universe multiverse 6 deb http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted universe multiverse 7 deb http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted universe multiverse 8 deb http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse 9 deb http://mirrors.aliyun.com/ubuntu/ xenial-proposed main restricted universe multiverse 10 deb-src http://mirrors.aliyun.com/ubuntu/ xenial main restricted universe multiverse 11 deb-src http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted universe multiverse 12 deb-src http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted universe multiverse 13 deb-src http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse 14 deb-src http://mirrors.aliyun.com/ubuntu/ xenial-proposed main restricted universe multiverse 15 deb http://archive.canonical.com/ubuntu/ xenial partner 16 deb http://extras.ubuntu.com/ubuntu/ xenial main 17 源2: 18 deb http://old-releases.ubuntu.com/ubuntu/ raring main universe restricted multiverse 19 deb-src http://old-releases.ubuntu.com/ubuntu/ raring main universe restricted multiverse 20 deb http://old-releases.ubuntu.com/ubuntu/ raring-security main universe restricted multiverse 21 deb-src http://old-releases.ubuntu.com/ubuntu/ raring-security main universe restricted multiverse 22 deb http://old-releases.ubuntu.com/ubuntu/ raring-updates main universe restricted multiverse 23 deb-src http://old-releases.ubuntu.com/ubuntu/ raring-updates main universe restricted multiverse 24 deb http://old-releases.ubuntu.com/ubuntu/ raring-backports main restricted universe multiverse 25 deb-src http://old-releases.ubuntu.com/ubuntu/ raring-backports main restricted universe multiverse 26 deb http://old-releases.ubuntu.com/ubuntu/ raring-proposed main restricted universe multiverse 27 deb-src http://old-releases.ubuntu.com/ubuntu/ raring-proposed main restricted universe multiverse 28 源3(東北大學): 29 deb-src http://mirror.neu.edu.cn/ubuntu/ xenial main restricted #Added by software-properties 30 deb http://mirror.neu.edu.cn/ubuntu/ xenial main restricted 31 deb-src http://mirror.neu.edu.cn/ubuntu/ xenial restricted multiverse universe #Added by software-properties 32 deb http://mirror.neu.edu.cn/ubuntu/ xenial-updates main restricted 33 deb-src http://mirror.neu.edu.cn/ubuntu/ xenial-updates main restricted multiverse universe #Added by software-properties 34 deb http://mirror.neu.edu.cn/ubuntu/ xenial universe 35 deb http://mirror.neu.edu.cn/ubuntu/ xenial-updates universe 36 deb http://mirror.neu.edu.cn/ubuntu/ xenial multiverse 37 deb http://mirror.neu.edu.cn/ubuntu/ xenial-updates multiverse 38 deb http://mirror.neu.edu.cn/ubuntu/ xenial-backports main restricted universe multiverse 39 deb-src http://mirror.neu.edu.cn/ubuntu/ xenial-backports main restricted universe multiverse #Added by software-properties 40 deb http://archive.canonical.com/ubuntu xenial partner 41 deb-src http://archive.canonical.com/ubuntu xenial partner 42 deb http://mirror.neu.edu.cn/ubuntu/ xenial-security main restricted 43 deb-src http://mirror.neu.edu.cn/ubuntu/ xenial-security main restricted multiverse universe #Added by software-properties 44 deb http://mirror.neu.edu.cn/ubuntu/ xenial-security universe 45 deb http://mirror.neu.edu.cn/ubuntu/ xenial-security multiverse 46 源4(清華大學): 47 # deb cdrom:[Ubuntu 16.04 LTS _Xenial Xerus_ - Release amd64 (20160420.1)]/ xenial main restricted 48 deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ xenial main restricted 49 deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ xenial-updates main restricted 50 deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ xenial universe 51 deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ xenial-updates universe 52 deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ xenial multiverse 53 deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ xenial-updates multiverse 54 deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ xenial-backports main restricted universe multiverse 55 deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ xenial-security main restricted 56 deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ xenial-security universe 57 deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ xenial-security multiverse 58 源5(阿里雲): 59 # deb cdrom:[Ubuntu 16.04 LTS _Xenial Xerus_ - Release amd64 (20160420.1)]/ xenial main restricted 60 deb-src http://archive.ubuntu.com/ubuntu xenial main restricted #Added by software-properties 61 deb http://mirrors.aliyun.com/ubuntu/ xenial main restricted 62 deb-src http://mirrors.aliyun.com/ubuntu/ xenial main restricted multiverse universe #Added by software-properties 63 deb http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted 64 deb-src http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted multiverse universe #Added by software-properties 65 deb http://mirrors.aliyun.com/ubuntu/ xenial universe 66 deb http://mirrors.aliyun.com/ubuntu/ xenial-updates universe 67 deb http://mirrors.aliyun.com/ubuntu/ xenial multiverse 68 deb http://mirrors.aliyun.com/ubuntu/ xenial-updates multiverse 69 deb http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse 70 deb-src http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse #Added by software-properties 71 deb http://archive.canonical.com/ubuntu xenial partner 72 deb-src http://archive.canonical.com/ubuntu xenial partner 73 deb http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted 74 deb-src http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted multiverse universe #Added by software-properties 75 deb http://mirrors.aliyun.com/ubuntu/ xenial-security universe 76 deb http://mirrors.aliyun.com/ubuntu/ xenial-security multiverse
域名-IP轉換:linux
1 /etc/resolv.conf 2 8.8.8.8 Google DNS
Apache:nginx
安裝:sudo apt install apache2 重啓:/etc/init.d/apache2 restart 默認配置文件路徑:/etc/apache2/apache2.conf 查看版本:apachectl -v 查看/修改端口 /etc/apache2/ports.conf
默認頁面路徑 /var/www/html
Python相關sql
1 安裝 sudo apt-get install python-pip 2 檢測 pip -V
工具相關docker
1 VMware Tools 2 安裝 3 虛擬機安裝Vmware Tools 4 解壓 5 cd 到 目錄 6 sudo su 切換 root權限 7 ./vmware-install.pl 8 回車 all the time 9 重啓
Docker相關apache
1 安裝 sudo apt install docker.io 2 查看版本 - docker -v 3 啓動docker後臺服務 - sudo service docker start
啓動 systemctl start docker 守護進程重啓 sudo systemctl daemon-reload 重啓docker服務 systemctl restart docker 重啓docker服務 sudo service docker restart 關閉docker service docker stop 關閉docker systemctl stop docker
ElasticSearch相關
安裝 wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-5.5.0.zip unzip elasticsearch-5.5.0.zip mv elasticsearch-5.5.0 /data/home/es/lcoal cd elasticsearch-5.5.0/bin ./elasticsearch 添加帳號 groupadd testes useradd testes -g elasticsearch chown -R testes:elasticsearch elasticsearch-5.5.0 增刪改查 1、數據寫入: HTTP method:POST URL:http://127.0.0.1:9200/index-docs-name/data-type-name -d "{jsonstr}" 返回:{"_index":"index-name","_type":"typename","_id":"idstr","_version":"1","created":"true"} 2、數據獲取: HTTP method :GET URL:http://127.0.0.1:9200/index-docs-name/data-type-name/id 返回:數據的json結構 3、數據刪除: HTTP method :DELETE URL:http://127.0.0.1:9200/index-docs-name/data-type-name/id 或者:http://127.0.0.1:9200/index-docs-name(可使用通配符)刪除多個文檔 4、數據更新: (1)全量再次寫入 HTTP method:POST URL:http://127.0.0.1:9200/index-docs-name/data-type-name/id -d "{jsonstr}" 返回:{"_index":"index-name","_type":"typename","_id":"idstr","_version":"1","created":"true"} (2)局部更新: HTTP method:POST URL:http://127.0.0.1:9200/index-docs-name/data-type-name/id/_update -d "{jsonstr}" 5、數據查詢 (1)全文搜索 HTTP method : GET URL : http://127.0.0.1:9200[/index-docs-name/data-type-name]/_search[?q=xxx] -d "{json}" (2)聚合請求: 在查詢的search輸入的結構體中寫聚合語句便可。 新建模板 請求方式--PUT 請求地址a.b.c.d:9200/_template/your_temp_name 模板: { "template":"whoisinfo",#模板名,索引名字同樣自動適配。 "order":"7",#模板號 "state":"open", "settings": { "index": { "creation_date": "1491451435658", "number_of_shards": "5",#本身控制 "number_of_replicas": "1",#本身控制 "uuid": "0GCKTzVTRAaw-z47TfCaZQ", "version": { "created": "2030399" } } } "mapping":{ "domain":{#這裏是這個模板下第n類數據的樣子 "properties":{ "colunm_name":{ "index":"not_analyzed" "type":"date/string……" "format":"strict_date_optional_time||epoch_millis"#這裏是時間格式 } } } } } 索引與映射 (一)、映射 1、建立 Method : PUT URL : http://127.0.0.1:9200/index-docs-name/_mappind -d "{jsonstr}" 2、新增字段 Method : PUT URL : http://127.0.0.1:9200/index-docs-name/_mappind/mapping-name -d "{jsonstr}" 3、刪除映射會刪除數據 Method : DELETE URL : http://127.0.0.1:9200/index-docs-name/_mappind/mapping-name 4、獲取映射 Method : GET URL : http://127.0.0.1:9200/index-docs-name/_mappind/mapping-name (二)常見的字段定義 type 數據類型 index 是否分詞(not_analyzed) format 格式 多重索引 "name":{ "type":"xxxxx" "fields"::{"xxx":"xxxx"} } 分頁查詢 建立Elasticsearch對象 es = Elasticsearch([{'host':'192.168.1.103','port':9200}]) 建立分頁機制 resp = es.search(index, body=query, scroll="24h",size=10000) 24h 是scrollid 有效時間 scroll_id = resp['_scroll_id'] id就是標識 total = resp["hits"]["total"] 總量 獲取數據 resp = es.scroll(scroll_id=scroll_id, scroll="24h") rdoc = resp["hits"]["hits"] scroll_id = resp['_scroll_id'] rdoc是每一個數據項字典結構體的list LogStash 安裝 #step-one:依賴於java jdk 因此預先安裝JDK 1、下載jdk 首選1.7 2、tar xzvf jdk-7u55-linux-x86.tar.gz 3、mkdir /usr/lib/jvm 4、mv jdk1.7.0_55 /usr/lib/jvm/ 5、gedit ~/.bashrc 在末尾輸入一下內容並保存退出 export JAVA_HOME=/usr/lib/jvm/jdk1.7.0_55 export JRE_HOME=${JAVA_HOME}/jre export CLASSPATH=.:${JAVA_HOME}/lib:${JRE_HOME}/lib export PATH=${JAVA_HOME}/bin:$PATH 6、source ~/.bashrc(多個帳戶下) #step-two:安裝logstash 1、方法1--源代碼安裝 wget https://download.elastic.co/logstash/logstash/logstash-1.5.1.tar.gz tar zxvf logstash-1.5.1.tar.gz mv logstash-1.5.1 logstash cd ./logstash/ 測試語句:bin/logstash -e 'input { stdin { } } output { stdout {} }' 配置測試語句: bin/logstash -e 'input { stdin { } } output { stdout { codec => rubydebug } }' 2、方法2--elasticsearch官方倉庫安裝 wget -O http://packages.elasicsearch.org/GPG-KEY-elasticsearch | apt-key add -cat >> /etc/apt/sources.list deb http//packages.elasticsearch.org/logstash/1.5/debian stable main apt-get update apt-get install logstash 按照logstash配置文件運行logstash bin/logstash -f logstash.conf 配置文件logstash.conf示例 input { stdin{ } } output{ stdout{ codec => rubydebug } elasticsearch { embedded => true } } 配置語法: 1、第一個概念:區段,也就是上文中的input 或者output都是一個區段 #區段以內定義鍵值對# 2、數據類型 (1)布爾型 true 和 false (2)字符串 "hostname" (3)數值 514 (4)數組 [] 相似python中的隊列 (5)哈希 match => { key1 => "value1" , key2 => "value2" } 3、語法規則 (1)字段讀取支持倒序下標 例如a[-1] (2)條件判斷if / else if / else (3)判斷操做符 != , == , < ,> ,<= ,>= ,=~ ,!~ ,in ,not in , and ,or ,nand ,xor, !{} 4、命令行參數 -e 執行 -f 配置文件 -l 錯誤日誌的輸出文件 -P 加載插件\ --verbose 輸出必定到調試日誌 --debug 輸出更多調試信息 logstash的處理過程 |filtername |xxx <inputname <logA >outputname >elasticsearch logstash處理的是事件,事件的流轉過程; 輸入 -》 過濾 -》 輸出 plugin命令: 查看本機有多少插件可用 plugin list 安裝插件 plugin install xxxx 升級插件 plugin update xxx logstash運行 1、服務模式 services logstash start 2、nohup模式 nohup logstash -f ./logstash.conf & 3、screen模式(避免用戶退出命令行到哦之程序退出 screen -dmS elksc1 screen -r elksc1 screen list 標準輸出入 input { stdin{ add_field => {"key" => "value"} codec => plain tags => {"add"}標籤 type => "std"類型 } } 文件輸入 input { file { path => ["fiel1","file2",...] type => "systen" start_position => "beginning"duqushujuweizhi #discover_interval 每隔多久去檢查下path選的下新文件 默認15s #execlude 排出文件 list #sincedb/sincedb_write_interval #start_interval 每隔多久監聽下新文件 } } TCP 輸入: input { tcp { port => 8888 mode => server ssl_enable => false } } 網絡導入舊數據時候經常使用 與nc配合 nc 127.0.0.1 8888 < olddata syslog輸入: input { syslog { port => "514" } } collectd輸入: input { collectd { port => 25289 type => colletced } } Codec 1、json codec => "json" 注意對於nginx日誌 能夠把-替換成0 2、多行事件編碼 codec => multiline { pattern => "^\[" negate => true waht => "previous" } 3、網絡流編碼: codec => netflow { definitions => "/opt/logstash-1.4.2/lib/logstash/codec/netflow/netflow.yaml" version => [5] } 時間處理: filter { gork { match => ["message","%{HTTPDATE:logdate}"] } date { match => ["logdate","dd/MMM/yyyy:HH:mm:ss Z"] } } gork 正則捕獲 語法 gork { match => { "message"=> "%{WORD} {NUMBER:request_time:float} %{WORD}" } } match => {"message"=>"%{SYSLOGBASE} %{DATA:message}"}
計劃任務
crontab -l ls -alh /var/spool/cron ls -al /etc/ | grep cron ls -al /etc/cron* cat /etc/cron* cat /etc/at.allow cat /etc/at.deny cat /etc/cron.allow cat /etc/cron.deny cat /etc/crontab cat /etc/anacrontab cat /var/spool/cron/crontabs/root
不安全的文件/文件夾權限配置
cat ~/.bash_history cat ~/.nano_history cat ~/.atftp_history cat ~/.mysql_history cat ~/.php_history
明文用戶名/密碼搜索
#刪除用戶 userdel 用戶名
#根據uid反查用戶名 getent passwd 0
grep -i user [filename] grep -i pass [filename] grep -C 5 "password" [filename] find . -name "*.php" -print0 | xargs -0 grep -i -n "var $password"
日誌相關
/bin/systemctl restart rsyslog.service -- NewStart Carrier Grade Server Linux release 5/centos7 #重啓日誌服務
常見問題1:
1 Linux下出現Read-only file system 2 mount -o remount rw /
常見問題2:
userdel: cannot open /etc/passwd -》
chattr -i /etc/passwd /etc/shadow /etc/group /etc/gshadow
工具安裝
Mysql
環境 Ubuntu 64 14.04-Desktop
檢查是否安裝MySQL
dpkg -l | grep mysql
安裝
sudo apt-get install mysql-server
檢查是否安裝成功
netstat -tap | grep mysql
卸載
sudo rm /var/lib/mysql/ -R
sudo rm /etc/mysql/ -R
sudo apt-get autoremove mysql* --purge
sudo apt-get remove apparmor
問題
/usr/bin/dpkg returned an error code (1)
解決方案:
(1)sudo mv /var/lib/dpkg/info /var/lib/dpkg/info.bk
(2)sudo mkdir /var/lib/dpkg/info
(3)sudo apt-get update
(4)sudo apt-get install -f
(5)sudo mv /var/lib/dpkg/info/* /var/lib/dpkg/info.bk
(6)sudo rm -rf /var/lib/dpkg/info
(7)sudo mv /var/lib/dpkg/info.bk /var/lib/dpkg/info
程序名/端口/進程:
經過進程id查看佔用的端口:netstat -nap | grep 2708
經過PID查看進程:ps -aux |grep -v grep|grep 28990
關閉端口 sudo iptables -A INPUT -p tcp --dport $PORT -j DROP" sudo iptables -A OUTPUT -p tcp --dport $PORT -j DROP"
或者 lsof -i :8080|grep -v "PID"|awk '{print "kill -9",$2}'|sh
防火牆相關
禁止全部的ip訪問本機的固定端口 iptables -I INPUT -p tcp --dport 80 -j DROP 啓用全部的ip訪問本機的固定端口 iptables -I INPUT -p tcp --dport 80 -j ACCEPT 容許指定IP訪問本機固定端口(須要先禁止全部的ip訪問固定端口) iptables -I INPUT -s 192.168.1.123 -p tcp --dport 22 -j ACCEPT 禁止某個IP地址的PING iptables –A Filter –p icmp –s 192.168.0.1 –j DROP 只容許PING 202.96.134.133 其它公網IP都不準PING "iptables -A Filter -p icmp -s 192.168.100.200 -d 202.96.134.133 -j ACCEPT iptables -A Filter -p icmp -j DROP" 備份iptables cp /etc/sysconfig/iptables /var/tmp 保存iptables service iptables save 重啓防火牆 service iptables restart 服務器只開啓收發郵件功能 "iptables -I Filter -m mac --mac-source 00:0F:EA:25:51:37 -j DROP iptables -I Filter -m mac --mac-source 00:0F:EA:25:51:37 -p udp --dport 53 -j ACCEPT iptables -I Filter -m mac --mac-source 00:0F:EA:25:51:37 -p tcp --dport 25 -j ACCEPT iptables -I Filter -m mac --mac-source 00:0F:EA:25:51:37 -p tcp --dport 110 -j ACCEPT" 只容許訪問指定網址 "iptables -A Filter -p udp --dport 53 -j ACCEPT iptables -A Filter -p tcp --dport 53 -j ACCEPT iptables -A Filter -d www.3322.org -j ACCEPT iptables -A Filter -d img.cn99.com -j ACCEPT iptables -A Filter -j DROP" 指定時間上網 "iptables -A Filter -s 10.10.10.253 -m time --timestart 6:00 --timestop 11:00 --days Mon,Tue,Wed,Thu,Fri,Sat,Sun -j DROP iptables -A Filter -m time --timestart 12:00 --timestop 13:00 --days Mon,Tue,Wed,Thu,Fri,Sat,Sun -j ACCEPT iptables -A Filter -m time --timestart 17:30 --timestop 8:30 --days Mon,Tue,Wed,Thu,Fri,Sat,Sun -j ACCEPT" 基於MAC,只能收發郵件,其它都拒絕 "iptables -I Filter -m mac --mac-source 00:0A:EB:97:79:A1 -j DROP iptables -I Filter -m mac --mac-source 00:0A:EB:97:79:A1 -p tcp --dport 25 -j ACCEPT iptables -I Filter -m mac --mac-source 00:0A:EB:97:79:A1 -p tcp --dport 110 -j ACCEPT" 禁用QQ防火牆配置 "iptables -A Filter -p udp --dport ! 53 -j DROP iptables -A Filter -d 218.17.209.0/24 -j DROP iptables -A Filter -d 218.18.95.0/24 -j DROP iptables -A Filter -d 219.133.40.177 -j DROP" 禁用MSN配置 "iptables -A Filter -p udp --dport 9 -j DROP iptables -A Filter -p tcp --dport 1863 -j DROP iptables -A Filter -p tcp --dport 80 -d 207.68.178.238 -j DROP iptables -A Filter -p tcp --dport 80 -d 207.46.110.0/24 -j DROP"