筆記八

時間 2019-12-19

標籤筆記简体版

原文原文鏈接

######################################################linux

#############第十單元.selinux的初級管理##################ios

######################################################數據庫

1.什麼時selinuxvim

selinux，內核級增強型防火牆api

2.如何管理selinux級別緩存

selinux開啓或者關閉）安全

vim /etc/sysconfig/selinuxbash

selinux=disabled ##關閉狀態服務器

selinux=Enforcing ##強制狀態ide

selinux=Permissive ##警告狀態

getenforce ##查看狀態

當selinux開啓時

setenforce 0|1 ##更改selinux運行級別

3.如何更改文件安全上下文(標籤)

若是文件的安全上下文與服務不匹配，則看不到文件

臨時更改）

chcon -t 安全上下文文件

chcon -t public_content_t /publicftp -R

實例:

[root@server7 mnt]# chcon -t public_content_t /var/ftp/pub/ -R

永久更改）

semanage fcontext -l ##列出內核安全上下文列表內容

semanage fcontext -a -t public_content_t '/publicftp(/.*)?'

restorecon -FvvR /publicftp/

實例:

作此實驗時，接上面

[root@server7 ~]# lftp 172.25.7.11

lftp 172.25.7.11:~> ls

lftp 172.25.7.11:/> ls

lftp 172.25.7.11:/> quit

[root@server7 ~]# semanage fcontext -a -t public_content_t '/ftpdir(/.*)?'

[root@server7 ~]# semanage fcontext -l | grep ftpdir

/ftpdir(/.*)? all files system_u:object_r:public_content_t:s0

/tftpboot directory system_u:object_r:tftpdir_t:s0

/tftpboot/.* all files system_u:object_r:tftpdir_t:s0

/var/lib/tftpboot(/.*)? all files system_u:object_r:tftpdir_rw_t:s0

[root@server7 ~]# lftp 172.25.7.11

lftp 172.25.7.11:~> ls

lftp 172.25.7.11:/> quit

[root@server7 ~]# restorecon -RvvF /ftpdir/

restorecon reset /ftpdir/lzt3/lzt3file context system_u:object_r:default_t:s0->system_u:object_r:public_content_t:s0

[root@server7 ~]# lftp 172.25.7.11

lftp 172.25.7.11:~> ls

drwxr-xr-x 3 0 0 29 Nov 19 01:25 lzt1

drwxr-xr-x 3 0 0 29 Nov 19 01:34 lzt2

drwxr-xr-x 2 0 0 21 Nov 13 07:44 lzt3

lftp 172.25.7.11:/> quit

4.如何控制selinux對服務功能的開關

getsebool -a | grep 服務名稱

getsebool -a | grep ftp

setsebool -P 功能bool值 on|off

setsebool -P ftpd_anon_write on ##此處-P表示永久性，注意P爲大寫

chcon -t public_content_rw_t /var/ftp/pub/ ##修改/var/ftp/pub的標籤爲public_content_rw_t(rw表示可寫)

實例:

[root@server7 ~]# lftp 172.25.7.11

lftp 172.25.7.11:~> ls

drwxrwxr-x 2 0 50 17 Nov 19 02:55 pub

lftp 172.25.7.11:/> cd pub/

lftp 172.25.7.11:/pub> ls

-rw-r--r-- 1 0 0 0 Nov 19 02:55 file

lftp 172.25.7.11:/pub> put /etc/passwd

put: Access failed: 553 Could not create file. (passwd)

lftp 172.25.7.11:/pub> quit

[root@server7 ~]# chcon -t public_content_rw_t /var/ftp/pub

[root@server7 ~]# lftp 172.25.7.11

lftp 172.25.7.11:~> ls

drwxrwxr-x 2 0 50 17 Nov 19 02:55 pub

lftp 172.25.7.11:/> cd pub/

lftp 172.25.7.11:/pub> ls

-rw-r--r-- 1 0 0 0 Nov 19 02:55 file

lftp 172.25.7.11:/pub> put /etc/passwd

put: Access failed: 553 Could not create file. (passwd)

lftp 172.25.7.11:/pub> quit

[root@server7 ~]# setenforce 0 ##將selinux設置成爲警告模式

[root@server7 ~]# lftp 172.25.7.11

lftp 172.25.7.11:~> cd pub/

lftp 172.25.7.11:/pub> put /etc/passwd

2079 bytes transferred

lftp 172.25.7.11:/pub> quit

[root@server7 ~]# getsebool -a | grep ftp

ftp_home_dir --> off

ftpd_anon_write --> off

ftpd_connect_all_unreserved --> off

ftpd_connect_db --> off

ftpd_full_access --> off

[root@server7 ~]# setsebool -P ftpd_anon_write on

[root@server7 ~]# getsebool -a | grep ftp

ftp_home_dir --> off

ftpd_anon_write --> on

ftpd_connect_all_unreserved --> off

ftpd_connect_db --> off

ftpd_full_access --> off

[root@server7 ~]# lftp 172.25.7.11

lftp 172.25.7.11:~> ls

drwxrwxr-x 2 0 50 30 Nov 19 03:40 pub

lftp 172.25.7.11:/pub> put /etc/group

874 bytes transferred

lftp 172.25.7.11:/pub> ls

-rw-r--r-- 1 0 0 0 Nov 19 02:55 file

-rw------- 1 14 50 874 Nov 19 03:49 group

-rw------- 1 14 50 2079 Nov 19 03:40 passwd

lftp 172.25.7.11:/pub> quit

5.監控selinux的錯誤信息

setroubleshoot-server

#########################################

##############第十一單元.系統恢復########

#########################################

1.系統啓動流程

通電

bios(主板上的只讀存儲中，basic input or output system)

做用，硬件檢測，激活硬件

grub系統引導（grub引導分爲兩個階段）

1）階段1 mbr（主引導記錄）主引導記錄在硬盤上的0磁道，一扇區，446個字節

*）dd if=/dev/zero of=/dev/vda bs=446 count=1 能夠清空mbr

*）進入到挽救模式，執行chroot /mnt/sysp_w_picpath切換到真實/環境，

並執行grub2-install /dev/vda

而後執行兩次exit

再選擇從硬盤啓動

2）階段2 grub文件引導階段

找到/boot分區

讀取/boot/grub2/grub.cfg

文件丟失，沒有重啓以前，執行:grub2-mkconfig >/boot/grub2/grub.cfg

@@@!!! 狀況一(trouble test2,trouble test3的第二步):刪除了/boot/grub2/grub.cfg 即，執行 rm -fr /boot/grub2/grub.cfg

(若執行了reboot，則,選擇從網卡或者光盤啓動，而後執行:

grub> set root='hd0,msdos1'

grub> linux16 /boot/vmlinuz-3.10.0-123. el7.x86_64 ro root=/dev/vda1

grub> initrd16 /boot/initramfs-3.10.0-123.el7.x86_64.img

grub> boot

而後選擇從硬盤啓動

)

啓動內核，只讀掛載/設備

檢測設備

對設備驅動進行初始化

進入系統初始化階段

內核丟失，重新安裝內核安裝包就能夠解決

rpm -ivh kernel-xxxxx.rpm --force

@@@!!!狀況二(trouble test3的第一步): 刪除了/boot/vmlinuz-3.10.0-123. el7.x86_64

(若執行了reboot，則,選擇從網卡或者光盤啓動，而後執行:

bash-4.2# chroot /mnt/sysp_w_picpath

bash-4.2# cd /mnt

bash-4.2# lftp 172.25.254.250

lftp 172.25.254.250:/> cd pub/rhel7.0/Packages

lftp 172.25.254.250: cd pub/rhel7.0/Packages/> get kernel-3.10.0-123.el7.x86_64.rpm

lftp 172.25.254.250: cd pub/rhel7.0/Packages/> quit

bash-4.2# rpm2cpio kernel-3.10.0-123.el7.x86_64.rpm | cpio -id

bash-4.2# cd boot/

bash-4.2# cp vmlinuz-3.10.0-123. el7.x86_64 /boot

bash-4.2# exit

而後選擇從硬盤啓動

)

系統初始化階段

系統初始化階段加載initrd鏡像

開啓初始化進程systemd

開始selinux

加載內核參數

初始化系統時鐘，鍵盤，主機名稱

從新讀寫掛載/設備

激活raid，lvm

激活配額

啓動multi-user.target.wants中的全部服務

服務列表:

runlever0.target -> poweroff.target

runlever1.target -> rescue.target

runlever2.target -> multi-user.target

runlever3.target -> multi-user.target

runlever4.target -> multi-user.target

runlever5.target -> grapical.target

runlever6.target -> reboot.target

設定啓動級別

systemctl set-default + 啓動級別

/etc/systemd/system/default.target

@@重啓示例(trouble test6):

[root@localhost ~]# rm -fr /etc/systemd/system/default.target

[root@localhost ~]# ln -s /usr/lib/systemd/system/reboot.target /etc/systemd/system/default.target

[root@localhost ~]# reboot

(在進入到默認啓動頁面時，按‘e’進入編輯頁面，只修改

linux16 /boot/vmlinuz-3.10.0-123.el7.x86_64 root=UUID=9bf...-848e-..883d1 rw rd.break 而後按'ctrl+x'進入新的編輯環境

switch_root:/# chroot /sysroot/

sh-4.2# rm -fr /etc/systemd/system/default.target

sh-4.2# ln -s /usr/lib/systemd/system/graphical.target /etc/systemd/system/default.target

sh-4.2# exit

switch_root:/# exit 接着會繼續進入啓動頁面，虛擬機啓動

)

開啓虛擬控制檯

啓動圖形

initramfs-`uname -r`.img的使用：

mkinitrd /boot/initramfs-`uname -r`.img `uname -r` 或

mkinitrd /boot/initramfs-$(uname -r).img $(uname -r) 進行恢復

@@@!!!狀況三:刪除了/boot/initramfs-3.10.0-123.el7.x86_64.img 即，rm -fr /boot/initramfs-3.10.0-123.el7.x86_64.img

(而後執行 reboot,選擇從網卡或光盤啓動:

bash-4.2# chroot /mnt/sysp_w_picpath

bash-4.2# cd /boot/

bash-4.2# mkinitrd /boot/initramfs-$(uname -r).img $(uname -r)

bash-4.2# exit

而後選擇從硬盤啓動

)

@@@!!!狀況四(trouble test4):刪除了/boot分區，即，rm -fr /boot

(而後執行reboot，選擇從網卡或光盤啓動:

bash-4.2# chroot /mnt/sysp_w_picpath/

bash-4.2# cd /boot/

bash-4.2# ls

bash-4.2# mkinitrd /boot/initramfs-$(uname -r).img $(uname -r)

bash-4.2# cd /boot/

bash-4.2# grub2-install /dev/vda

bash-4.2# cd grub2/

bash-4.2# ls

bash-4.2# cd /

bash-4.2# rpm -ivh kernel-3.10.0-123.el7.x86_64.rpm --force

bash-4.2# cd /boot/grub2

bash-4.2# grub2-mkconfig > grub.cfg

bash-4.2# exit

而後選擇從硬盤啓動)

@@@!!!注意:如若rpm的數據庫發生錯誤，則，執行:

bash-4.2# cd /var/lib/rpm

bash-4.2# rm -fr _*

bash-4.2# rpmdb --rebuilddb

而後接着執行:rpm -ivh kernel-3.10.0-123.el7.x86_64.rpm --force 直至結束)

修改了超級用戶密碼(忘記)/忘記超級用戶密碼,重啓後:

(在進入到默認啓動頁面時，按‘e’進入編輯頁面，只修改

linux16 /boot/vmlinuz-3.10.0-123.el7.x86_64 root=UUID=9bf...-848e-..883d1 rw rd.break 而後按'ctrl+x'進入新的編輯環境

switch_root:/# chroot /sysroot/

bash-4.2# passwd ##修改新密碼

bash-4.2# touch /.autorelabel ##/.autorelabel此文件是讓selinux從新讀取已加載過的配置文件

bash-4.2# exit

switch_root:/# exit

)

下載trouble.rpm包:

而後執行:

ipm -ivh trouble-1.0-1.el7.x86_64.rpm

執行完後就可使用trouble命令了。

例如: trouble test2

trouble練習:

@@test1:

(在進入到默認啓動頁面時，按‘e’進入編輯頁面，只修改

linux16 /boot/vmlinuz-3.10.0-123.el7.x86_64 root=UUID=9bf...-848e-..883d1 rw rd.break 而後按'ctrl+x'進入新的編輯環境

switch_root:/# chroot /sysroot/

bash-4.2# passwd ##修改新密碼

bash-4.2# touch /.autorelabel ##/.autorelabel此文件是讓selinux從新讀取已加載過的配置文件

bash-4.2# exit

switch_root:/# exit

)

@@test2:

(選擇從網卡或者光盤啓動，而後執行:

grub> set root='hd0,msdos1'

grub> linux16 /boot/vmlinuz-3.10.0-123. el7.x86_64 ro root=/dev/vda1

grub> initrd16 /boot/initramfs-3.10.0-123.el7.x86_64.img

grub> boot

而後選擇從硬盤啓動

)

@@test3:

第一步 (選擇從網卡或者光盤啓動，而後執行:

bash-4.2# chroot /mnt/sysp_w_picpath

bash-4.2# cd /mnt

bash-4.2# rpm2cpio kernel-3.10.0-123.el7.x86_64.rpm | cpio -id

bash-4.2# cd boot/

bash-4.2# cp vmlinuz-3.10.0-123. el7.x86_64 /boot

bash-4.2# exit

而後選擇從硬盤啓動

第二步

grub> set root='hd0,msdos1'

grub> linux16 /boot/vmlinuz-3.10.0-123. el7.x86_64 ro root=/dev/vda1

grub> initrd16 /boot/initramfs-3.10.0-123.el7.x86_64.img

grub> boot

)

@@test4:

(選擇從網卡或光盤啓動:

bash-4.2# chroot /mnt/sysp_w_picpath/

bash-4.2# cd /boot/

bash-4.2# ls

bash-4.2# mkinitrd /boot/initramfs-$(uname -r).img $(uname -r)

bash-4.2# cd /boot/

bash-4.2# grub2-install /dev/vda

bash-4.2# cd grub2/

bash-4.2# ls

bash-4.2# cd /

bash-4.2# rpm -ivh kernel-3.10.0-123.el7.x86_64.rpm --force

bash-4.2# cd /boot/grub2

bash-4.2# grub2-mkconfig > grub.cfg

bash-4.2# exit

而後選擇從硬盤啓動)

@@test5:

(選擇從網卡或光盤啓動:

sh-4.2# chroot /mnt/sysp_w_picpath/

報錯信息:failed to run command /bin/bash:No such file or dirrectory

sh-4.2# cp /bin/bash /mnt/sysp_w_picpath/bin/bash

sh-4.2# boot

而後選擇從硬盤啓動)

@@test6:

(在進入到默認啓動頁面時，按‘e’進入編輯頁面，只修改

linux16 /boot/vmlinuz-3.10.0-123.el7.x86_64 root=UUID=9bf...-848e-..883d1 rw rd.break 而後按'ctrl+x'進入新的編輯環境

switch_root:/# chroot /sysroot/

sh-4.2# rm -fr /etc/systemd/system/default.target

sh-4.2# ln -s /usr/lib/systemd/system/graphical.target /etc/systemd/system/default.target

sh-4.2# exit

switch_root:/# exit 接着會繼續進入啓動頁面，虛擬機啓動

)

#############dns高速緩存#########

第一步(服務配置):

修改server主機ip爲172.25.254.107 (做爲dns服務器端)

修改server主機ip爲172.25.254.207 (做爲dns客戶端)

兩臺主機同時作:

修改yum源爲http：//172.25.254.250/rhel7

yum install bind -y

systemctl status named

systemctl start named

systemctl enable named

server主機:

firewall-cmd --permanent --add-service=dns

firewall-cmd --reload

vim /etc/named.conf

修改內容爲:

行數內容

11 listen-on port 53 { any; }; ##設定端口開放，any表示全部interface都開

17 allow-query { any; }; ##回答全部人的問題

18 forwarders { 172.25.254.250; }; ##緩存誰的答案

32 dnssec-validation no; ##表示不發佈dns表

desktop主機:

vim /etc/resolv.conf

添加內容爲:

nameserver 172.25.254.107 ##在第三行添加

而後進行測試,如:

dig www.xxx.com

示例:

[root@client-dns ~]# dig www.qq.com

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.qq.com

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26942

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 4096

;; QUESTION SECTION:

;www.qq.com. IN A

;; ANSWER SECTION:

www.qq.com. 300 IN A 113.142.21.81

;; AUTHORITY SECTION:

www.qq.com. 83653 IN NS ns-cnc1.qq.com.

www.qq.com. 83653 IN NS ns-tel1.qq.com.

www.qq.com. 83653 IN NS ns-os1.qq.com.

www.qq.com. 83653 IN NS ns-cmn1.qq.com.

;; ADDITIONAL SECTION:

ns-cmn1.qq.com. 2939 IN A 183.232.120.59

ns-cmn1.qq.com. 2939 IN A 182.254.16.102

ns-cmn1.qq.com. 2939 IN A 182.254.111.100

;; Query time: 53 msec

;; SERVER: 172.25.254.107#53(172.25.254.107)

;; WHEN: Sun Nov 20 01:53:10 EST 2016

;; MSG SIZE rcvd: 190

第二步(正向解析，規範名稱-CNAME):

配置(server主機):

修改/etc/named.conf文件的內容:

刪除第18行，即，刪除 forwarders { 172.25.254.250; };

退出保存

vim /etc/named.rfc1912.zones

修改內容爲:

在第25行添加內容爲:

25 zone "westos.com" IN {

26 type master;

27 file "westos.com.zone";

28 allow-update { none; };

29 };

退出保存,而後執行:

cd /var/named

cp -p named.localhost westos.com.zone ##必定要加-p，-p的做用是權限

vim /var/named/westos.com.zone

修改文件/var/named/westos.com.zone內容爲:

(!!!@@@注意:修改此文件時必定要注意「.」的存在，若不帶"."則系統自動日後面添加.westos.com)

1 $TTL 1D

2 @ IN SOA dns.westos.com. root.westos.com. (注意「.」) (

3 0 ; serial

4 1D ; refresh

5 1H ; retry

6 1W ; expire

7 3H ) ; minimum

8 NS dns.westos.com.(注意「.」)

9 dns A 172.25.254.107

10 www A 172.25.254.108

11 AAAA ::1

12 bbs CNAME www.westos.com.

13 westos.com. MX 1 172.25.254.107. ##發送郵件的地址

退出保存後，執行:

systemctl restart named

測試(desktop主機):

[root@client-dns ~]# dig www.westos.com

;www.westos.com. IN A

;; ANSWER SECTION:

www.westos.com. 86400 IN A 172.25.254.108

;; AUTHORITY SECTION:

westos.com. 86400 IN NS dns.westos.com.

;; ADDITIONAL SECTION:

dns.westos.com. 86400 IN A 172.25.254.107

;; Query time: 2 msec

;; SERVER: 172.25.254.107#53(172.25.254.107)

;; WHEN: Sun Nov 20 02:26:03 EST 2016

;; MSG SIZE rcvd: 93

[root@client-dns ~]# dig bbs.westos.com

;bbs.westos.com. IN A

;; ANSWER SECTION:

bbs.westos.com. 86400 IN CNAME www.westos.com.

www.westos.com. 86400 IN A 172.25.254.108

;; AUTHORITY SECTION:

westos.com. 86400 IN NS dns.westos.com.

;; ADDITIONAL SECTION:

dns.westos.com. 86400 IN A 172.25.254.107

;; Query time: 2 msec

;; SERVER: 172.25.254.107#53(172.25.254.107)

;; WHEN: Sun Nov 20 02:54:42 EST 2016

;; MSG SIZE rcvd: 111

第三步(反向解析):

vim /etc/named.rfc1912.zones

編寫/etc/named.rfc1912.zones文件內容:

在第43行添加:

43 zone "254.25.172.in-addr.arpa" IN {

44 type master;

45 file "westos.com.ptr";

46 allow-update { none; };

47 };

退出保存後

cd /var/named

cp -p named.loopback westos.com.ptr

vim westos.com.ptr

內容爲:

1 $TTL 1D

2 @ IN SOA dns.westos.com. root.westos.com. (

3 0 ; serial

4 1D ; refresh

5 1H ; retry

6 1W ; expire

7 3H ) ; minimum

8 NS dns.westos.com.

9 A 172.25.254.107

10 AAAA ::1

11 111 PTR www.westos.com.

12 110 PTR www.lover.com.

退出保存後，執行:

systemctl restart named

測試(desktop主機):

使用命令: dig -x 172.25.254.110 （ip值）

[root@client-dns ~]# dig -x 172.25.254.110

;110.254.25.172.in-addr.arpa. IN PTR

;; ANSWER SECTION:

110.254.25.172.in-addr.arpa. 86400 IN PTR www.lover.com.

;; AUTHORITY SECTION:

254.25.172.in-addr.arpa. 86400 IN NS dns.westos.com.

;; ADDITIONAL SECTION:

dns.westos.com. 86400 IN A 172.25.254.107

;; Query time: 2 msec

;; SERVER: 172.25.254.107#53(172.25.254.107)

;; WHEN: Sun Nov 20 03:09:51 EST 2016

;; MSG SIZE rcvd: 124

[root@client-dns ~]# dig -x 172.25.254.111

;111.254.25.172.in-addr.arpa. IN PTR

;; ANSWER SECTION:

111.254.25.172.in-addr.arpa. 86400 IN PTR www.westos.com.

;; AUTHORITY SECTION:

254.25.172.in-addr.arpa. 86400 IN NS dns.westos.com.

;; ADDITIONAL SECTION:

dns.westos.com. 86400 IN A 172.25.254.107

;; Query time: 2 msec

;; SERVER: 172.25.254.107#53(172.25.254.107)

;; WHEN: Sun Nov 20 03:09:57 EST 2016

;; MSG SIZE rcvd: 118

第四步(雙向解析):

配置/etc/named.conf文件，以下:

50 /*zone "." IN {

51 type hint;

52 file "named.ca";

53 };

55 include "/etc/named.rfc1912.zones";

56 include "/etc/named.root.key";

57 */

58 view localnet {

59 match-clients { 172.25.254.107; };

60 zone "." IN {

61 type hint;

62 file "named.ca";

63 };

64 include "/etc/named.rfc1912.zones";

65 };

68 view internet {

69 match-clients { any; };

70 zone "." IN {

71 type hint;

72 file "named.ca";

73 };

74 include "/etc/named.rfc1912.zones.inter";

75 };

退出保存

cp -p /etc/named.rfc1912.zones /etc/named.rfc1912.zones.inter

vim /etc/named.rfc1912.zones.inter

內容爲:

25 zone "westos.com" IN {

26 type master;

27 file "westos.com.inter";

28 allow-update { none; };

29 };

43 zone "254.25.172.in-addr.arpa" IN {

44 type master;

45 file "westos.com.ptr.inter";

46 allow-update { none; };

退出保存

cp -p /var/named/westos.com.zone /var/named/westos.com.inter

vim /etc/named/westos.com.inter

修改內容爲:

8 NS dns.westos.com.

9 dns A 172.25.0.107

10 www A 172.25.0.108

11 AAAA ::1

12 bbs CNAME www.westos.com.

13 westos.com. MX 1 172.25.0.207.

退出保存

cp -p /var/named/westos.com.ptr /var/named/westos.com.ptr.inter

vim /var/named/westos.com.ptr.inter

修改內容爲:

8 NS dns.westos.com.

9 A 172.25.254.107

10 AAAA ::1

11 111 PTR www.force.com.

12 110 PTR www.250.com.

退出保存

而後執行:

systemctl restart named

按照上述順序，在此處重啓服務正常，若想在配置完/etc/named.conf文件後，當即restart服務，則須要把上述順序顛倒

測試一(server主機):

@@@注意:若出現不匹配現象，則須要修改/etc/resolv.conf 文件，文件內容修改成:

nameserver 172.25.254.107 ##在第三行添加

[root@dns-server named]# dig -x 172.25.254.110

;110.254.25.172.in-addr.arpa. IN PTR

;; ANSWER SECTION:

110.254.25.172.in-addr.arpa. 86400 IN PTR www.lover.com.

;; AUTHORITY SECTION:

254.25.172.in-addr.arpa. 86400 IN NS dns.westos.com.

;; ADDITIONAL SECTION:

dns.westos.com. 86400 IN A 172.25.254.107

;; Query time: 2 msec

;; SERVER: 172.25.254.107#53(172.25.254.107)

;; WHEN: Sun Nov 20 04:04:21 EST 2016

;; MSG SIZE rcvd: 124

[root@dns-server ~]# dig www.westos.com

;www.westos.com. IN A

;; ANSWER SECTION:

www.westos.com. 86400 IN A 172.25.254.108

;; AUTHORITY SECTION:

westos.com. 86400 IN NS dns.westos.com.

;; ADDITIONAL SECTION:

dns.westos.com. 86400 IN A 172.25.254.107

;; Query time: 1 msec

;; SERVER: 172.25.254.107#53(172.25.254.107)

;; WHEN: Sun Nov 20 04:00:23 EST 2016

;; MSG SIZE rcvd: 93

測試二(desktop主機):

[root@client-dns ~]# dig www.westos.com

;www.westos.com. IN A

;; ANSWER SECTION:

www.westos.com. 86400 IN A 172.25.0.108

;; AUTHORITY SECTION:

westos.com. 86400 IN NS dns.westos.com.

;; ADDITIONAL SECTION:

dns.westos.com. 86400 IN A 172.25.0.107

;; Query time: 2 msec

;; SERVER: 172.25.254.107#53(172.25.254.107)

;; WHEN: Sun Nov 20 04:00:02 EST 2016

;; MSG SIZE rcvd: 93

[root@client-dns ~]# dig -x 172.25.254.110

;110.254.25.172.in-addr.arpa. IN PTR

;; ANSWER SECTION:

110.254.25.172.in-addr.arpa. 86400 IN PTR www.250.com.

;; AUTHORITY SECTION:

254.25.172.in-addr.arpa. 86400 IN NS dns.westos.com.

;; ADDITIONAL SECTION:

dns.westos.com. 86400 IN A 172.25.0.107

;; Query time: 1 msec

;; SERVER: 172.25.254.107#53(172.25.254.107)

;; WHEN: Sun Nov 20 04:04:38 EST 2016

;; MSG SIZE rcvd: 122

相關標籤/搜索

每日一句

每一个你不满意的现在，都有一个你没有努力的曾经。