aamall

2017������12·���13������

Let's Encrypt¹¹���·\³\���\���\���

# /opt/letsencrypt/certbot-auto certonly --non-interactive --agree-tos --webroot -w \���\­\���\���\���\���\������¼\��� -d \���\���\���\��я��¾ --email �����叢�²@gmail.com

���­�����⡭��䏢����������3\���·���¡�cron������»���¹��Џ����я�����½��쏪�»��������������¡�

�돪�²¼\³\���\���\���¼���¹���·���²���

Upgrading certbot-auto 0.18.1 to 0.20.0...
Replacing certbot-auto...
Creating virtual environment...
Installing Python packages...
Installation succeeded.
/opt/eff.org/certbot/venv/lib/python2.6/site-packages/cryptography/__init__.py:26: DeprecationWarning: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of cryptography will drop support for Python 2.6
DeprecationWarning
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Cert is due for renewal, auto-renewing...
Renewing an existing certificate
/opt/eff.org/certbot/venv/lib/python2.6/site-packages/acme/jose/jwa.py:110: DeprecationWarning: signer and verifier have been deprecated. Please use sign and verify instead.
signer = key.signer(self.padding, self.hash)
Performing the following challenges:
http-01 challenge for \���\���\���\��я��¾
Using the webroot path /home/web/\���\���\���\��я��¾/html for all unmatched domains.
Waiting for verification...
Cleaning up challenges

IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/\���\���\���\��я��¾/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/\���\���\���\��я��¾/privkey.pem
Your cert will expire on 2018-03-12. To obtain a new or tweaked
version of this certificate in the future, simply run certbot-auto
again. To non-interactively renew *all* of your certificates, run
"certbot-auto renew"
- If you like Certbot, please consider supporting our work by:

Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le

#

tuzzy92 at 02:00����Permalink����Comments(0)���� ����HTTPD | SSL

2011������09·���19������

���叢�������叢�������������叢����²��я�����

OS������\Ð���¼\���\���\���\��\���\�ߏ�����·«�����������ӏ��¹������¡�
������¾���µ�����������ޏ�����������\Ð���¼\���\���\���\��\���\�ߏ�¡�
\���\���\¹\������¼\������¼½������µ���·��������������������������¡�

���FreeBSD
# uname -a
FreeBSD v-web02.localhost 8.2-RELEASE FreeBSD 8.2-RELEASE #0: Fri Feb 18 02:24:46 UTC 2011 [email protected]:/usr/obj/usr/src/sys/GENERIC i386
#

���CentOS
# uname -a
Linux v-dev32.localhost 2.6.18-274.3.1.el5 #1 SMP Tue Sep 6 20:14:03 EDT 2011 i686 i686 i386 GNU/Linux
# cat /etc/issue
CentOS release 5.7 (Final)
Kernel \r on an \m

#

tuzzy92 at 05:37����Permalink����Comments(0)����

2011������09·���17������

CentOS5.7������squid�����ҏ�돩�\���\���\¹\������¼\���

CentOS5.7���̏��������������·�����ď��������¼ (���½�����Ï��������¹���������¼)

�����я�����������iso\���\���\���\���\���\���\���\������¼\������·�����������Ï�����»�ߏ����������ď����������я�����������»��Ώ��������������������·�����������Ï�¡�
�����������������я��폢�폢��

�����򏪿³�����ҏ��µ���·�����������Ώ����ď�����squid�����������������������·��������¡�
³����«������\���\�돢���ҏ��«�����ď�������­���̏�������������������������¡�

# tail -5 /usr/local/squid/var/logs/cache.log
2011/09/17 04:02:11| WARNING: preventing off_t overflow for http://ftp.***.jp/Linux/centos/5/isos/i386/CentOS-5.7-i386-bin-DVD-1of2.iso
2011/09/17 04:02:11| WARNING: preventing off_t overflow for http://ftp.***.jp/Linux/centos/5/isos/i386/CentOS-5.7-i386-bin-DVD-1of2.iso
2011/09/17 04:02:11| WARNING: preventing off_t overflow for http://ftp.***.jp/Linux/centos/5/isos/i386/CentOS-5.7-i386-bin-DVD-1of2.iso
2011/09/17 04:02:11| WARNING: preventing off_t overflow for http://ftp.***.jp/Linux/centos/5/isos/i386/CentOS-5.7-i386-bin-DVD-1of2.iso
2011/09/17 04:02:11| WARNING: preventing off_t overflow for http://ftp.***.jp/Linux/centos/5/isos/i386/CentOS-5.7-i386-bin-DVD-1of2.iso
#

��������squid¾��آ�·
# /usr/local/squid/sbin/squid -v
Squid Cache: Version 3.1.12
configure options: '--prefix=/usr/local/squid' '--enable-useragent-log' '--enable-referer-log' '--enable-linux-netfilter' '--enable-removal-policies=heap,lru' '--enable-storeio=diskd,ufs' '--disable-ipv6' '--disable-ident-lookups' '--disable-internal-dns' --with-squid=/usr/local/src/squid-3.1.12 --enable-ltdl-convenience
#

�����я�����������»��ӏ�����\���\���\���\���
# ./configure --help | grep -i large
--with-large-files Enable support for large files (logs etc).
POSIX_V6_ILP32_OFFBIG 32 bits with large file support
POSIX_V6_LPBIG_OFFBIG large pointers and files
XBS5_ILP32_OFFBIG 32 bits with large file support (legacy)
XBS5_LPBIG_OFFBIG large pointers and files (legacy)
#

�����я�����\��\���\��\������¼\���
./configure \
--prefix=/usr/local/squid \
--with-large-files \
--enable-large-cache-files \
--enable-useragent-log \
--enable-referer-log \
--enable-linux-netfilter \
--enable-removal-policies="heap,lru" \
--enable-storeio="diskd,ufs" \
--disable-ipv6 \
--disable-ident-lookups \
--disable-internal-dns && make && make install

�����я�����³��������¡�
# /usr/local/squid/sbin/squid -v
Squid Cache: Version 3.1.12
configure options: '--prefix=/usr/local/squid' '--with-large-files' '--enable-large-cache-files' '--enable-useragent-log' '--enable-referer-log' '--enable-linux-netfilter' '--enable-removal-policies=heap,lru' '--enable-storeio=diskd,ufs' '--disable-ipv6' '--disable-ident-lookups' '--disable-internal-dns' --with-squid=/usr/local/src/squid-3.1.12 --enable-ltdl-convenience
#

DL������������򏫳

tuzzy92 at 04:51����Permalink����Comments(0)���� ����SQUID | LINUX

2011������09·���11������

�돫⏢�­���³���­CentOS6.x����������¾���

�돫⏢�­���³���­CentOS6.x\���\���\¹\������¼\���������¾��⏢¡�

�����������돢����text\������¼\���������������\���\���\¹\������¼\��������򏪳���¡�
\���\���\¹\������¼\���²���������������[tab]+[space]+text��¡�

�����쏢�������������­�����ď�¡��ޏ�������������¡�¡�¡�
�돪�²¼�돫⏪���Џ��·����������������������������

���á돫⏪���Џ��µ
http://wiki.centos.org/Manuals/ReleaseNotes/CentOS6.0/Japanese

=====���³���³���«������
\���\­\¹\��� \���\���\¹\������¼\������¼������ GUI \���\���\¹\������¼\������¼������������³��я��·���������­���½�����������폢�������̏����������������¹��¡򏪤������­������������\��Џ��¼\���\��\·\���\��� \���\���\��\���\�����¡�\¹\���\������¼\���������¹½��������򏪳�������\���\���\�ޏ��¼\������������쏪���ҏ�����\µ\����¼\������·���������»�����я�¡�¾��䏢돪㏢����¾����돪�\���\���\������¼����������¼��\���\­\���\���\���\����������������������������»²¾������·���������������������µ��������¡�
���³���³������������=====

���Ï��½����������¼��\���\­\���\���\���\���
http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Installation_Guide/ch-guimode-x86.html#id4594292

�����������я��«¼«���³�����㏢�̏����돢����������������������µ������̏��¹��������¡�
redhat����������ď���������������폢�폢��

tuzzy92 at 02:06����Permalink����Comments(0)����

2011������07·���18������

CentOS6.0������\���\���\¹\������¼\������·�����������Ώ����ď�¡�

���������������¹���̏��������µ�����я�¡�ryouji���µ������
\³\���\���\��������������̏����������Ï�𡭏������������������¹����

���������������¼������������������image������DL���·������\���\���\¹\������¼\������������������­���������·�����ď�¡�
�����������¼������𡭏����������я��������µ��������¡�

������������Scientific Linux����ޏ�����256MB������\���\���\�����������������¡�
���½�����я�����¾���µ�����������������������������������������������䏢���������������ď�¡�

��������������������������������������������¡�������¡�����������»��Џ����������������������я��������«��������������¡�
������������»��ӏ����������ӏ�������������������������¡�
»����������������������«������512MB�����������򏪢��Ώ��·������\���\���\¹\������¼\�����¡�

text\������¼\������µ�����������������������ď���
���½���·������ALT+F2�����������⏢������������𡯏��������������­����������������
�����Ï�����������²���¼��ҏ���������������swap��������돪�½���������\��Џ��¼\���\��\·\���\���
(/dev/sda1)���̏��������­�����������������������������я�¡�

# uname -a
Linux v-dev32.localhost 2.6.32-71.29.1.el6.i686 #1 SMP Mon Jun 27 18:07:00 BST 2011 i686 i686 i386 GNU/Linux

# cat /etc/issue
CentOS Linux release 6.0 (Final)
Kernel \r on an \m

#

# grep "@" anaconda-ks.cfg
@base
@core
@development
@server-policy
#

# fdisk -l

Disk /dev/sda: 12.9 GB, 12884901888 bytes
255 heads, 63 sectors/track, 1566 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x0007d3ae

Device Boot Start End Blocks Id System
/dev/sda1 * 1 1436 11533312 83 Linux
/dev/sda2 1436 1567 1048576 82 Linux swap / Solaris
#

# getenforce
Enforcing
#

��OS\���\���\¹\������¼\������\���\��ӏ��¼\���������SELinux������¹¹������\���\���\��\���\�돢����½Ð���������³���������«�����������ď�¡�

RH�����Ρ�¹OS����������������������¼���������������������������я����������������Ï��«������¡�

tuzzy92 at 03:07����Permalink����Comments(0)���� ����»�������� | LINUX

2011������07·���17������

CentOS���������������µ

������������������������������������������������������������������������������▄▄▄██████▄
������������███▀������������█████████��������������▄▄▄▄█████▀▀������████▀▀
����������███▀����██������███▀����▄███▀������������������▀▀▀▀��������������███▀
��������██▀����▄███▀███▄▄▄███����������������������������������▄▄▄█▀
����▄███▄▄██▀����█▀������▀████��������������������������������������▀██▄
����▀▀▀▀███▄��������������▄██▀█▄▄������������������������������������███
����������██▀����███��������██▀������▀███▄▄������������������������������███
������▄████▀▀██����▄█▀▄▄��������▀█████▄▄������������������������███
������▀█▀▀������█▄▄█▀��������████▄������▀███▀▀▀��������������������███
▄��������███����▀███��������������▀▀▀��������������������������������������███
███������███������▀▀��������������������������������������������������������███
����███������▀������������������▀████▄����������������������������▄▄▄▄████
������▀������������������������������▀████����������������������������▀█████

��������������

����ޏ�����������RH�����Ρ�¹������Scientific Linux�����ҏ�����¾��⡭�����­(VMware \���\���\���256MB)������
\���\���\¹\������¼\������·�����������Ï�����»�ߏ����������ď��ޏ�������¡�\���\���\������̏��­�����������������������������������䏢���������������ď�����orz��¡�

����Scientific Linux
http://www.scientificlinux.org/

½Ð���µ������������(½Ð���»������������)���������������������������­���������·�����������Ώ��·����������CentOS

tuzzy92 at 05:36����Permalink����Comments(2)���� ����»�������� | LINUX

2011������06·���05������

apache2������h264������\¹\���\������¼\���\���\�돢��h264_streaming_module

����h264 - Trac
http://h264.code-shop.com/trac/

����flow player
http://flowplayer.org/index.html

�돪������¾���²��Ï��·������flowplayer��¡�
h264�����²���������돩����������������������­���������̏�¡�\¹\���\������¼\���\���\�돢���������������������������������������Ï���ߏ����ď����쏢����·������������̏������������ď�¡�
(�돫������DL���·���������«��������돩������������������������Ï���돢�­)

»����������̏��������������«������flv�����������С�¹���·������\¹\���\������¼\���\���\�돢�µ���»�����������������ď��̏����������������Џ�����������������¡�
������������������»��ӏ�����²���¼��ҏ��������������⏢�������������·�����ď�����5����̏�����������¾���²��Ï��·�����������������������ď������̏��³������\���\���\������¼\�����¡�
nmr���µ�����я�¡�GOD���¹���돢���������������¡�

»����·�����������Ώ����ď��������µ���������µ��������돩���������¡�����������������������¡�

apahce2·���������\���\���\������¼\���������������������¡��³������������µ���������apache1·������«������apache2.2·���������������¹¹��¡�
php������\���\���\¹\������¼\������������¹���²���¼���������³�����돢���������ď���������������½��������������¡�

# wget http://h264.code-shop.com/download/apache_mod_h264_streaming-2.2.7.tar.gz
# tar xvfz apache_mod_h264_streaming-2.2.7.tar.gz
# cd mod_h264_streaming-2.2.7 ; pwd
# ./configure --with-apxs=/usr/local/apache2/bin/apxs && make && make install

��apache������conf�������돪�²¼µ­½���
LoadModule h264_streaming_module /usr/local/apache2/modules/mod_h264_streaming.so
AddHandler h264-streaming.extensions .mp4



tuzzy92 at 23:47����Permalink����Comments(0)���� ����Other 

2011������02·���24������

lsyncd2.0

µ��������������������ď�����\���\���\������¼\Ð���¼\���\���\���\��\���\�ߏ��·�����������ď�¡�

����ޡ���䏪����������rsyncd¾������²�����������������������������������������Ώ����ď�������¡�

����lsyncd
http://code.google.com/p/lsyncd/

����lua
http://www.lua.org/

��򏪡�돪����
����ޡ���䏢�µ��¡�192.168.11.71:/usr/local/apache2/htdocs/sync/
����ޡ���䏪������¡�192.168.11.72:/usr/local/apache2/htdocs/sync/

���lsyncd
# wget http://lsyncd.googlecode.com/files/lsyncd-2.0.2.tar.gz
# tar xvzf lsyncd-2.0.2.tar.gz
# cd lsyncd-2.0.2 ; pwd

# ./configure

checking for LUA... configure: error: Package requirements (lua >= 5.1.3) were not met:

No package 'lua' found

lua���̏��������������������������µ

���lua
# cd ../ ; pwd
# wget http://www.lua.org/ftp/lua-5.1.4.tar.gz
# tar xvzf lua-5.1.4.tar.gz
# cd lua-5.1.4 ; pwd
# make linux

In file included from lua.h:16,
from lua.c:15:
luaconf.h:275:31: error: readline/readline.h: No such file or directory
luaconf.h:276:30: error: readline/history.h: No such file or directory
lua.c: In function 'pushline':
lua.c:182: warning: implicit declaration of function 'readline'
lua.c:182: warning: assignment makes pointer from integer without a cast
lua.c: In function 'loadline':
lua.c:210: warning: implicit declaration of function 'add_history'
make[2]: *** [lua.o] Error 1
make[2]: Leaving directory `/usr/local/src/lua-5.1.4/src'
make[1]: *** [linux] Error 2
make[1]: Leaving directory `/usr/local/src/lua-5.1.4/src'
make: *** [linux] Error 2

readline������\��\������¼���������������������µ

# yum install readline-devel.i386
# make linux

/usr/bin/ld: cannot find -lncurses
collect2: ld returned 1 exit status
make[2]: *** [lua] Error 1
make[2]: Leaving directory `/usr/local/src/lua-5.1.4/src'
make[1]: *** [linux] Error 2
make[1]: Leaving directory `/usr/local/src/lua-5.1.4/src'
make: *** [linux] Error 2

ncurses������\��\������¼���������������������µ

# yum install ncurses-devel.i386

# make linux
# make install
cd src && mkdir -p /usr/local/bin /usr/local/include /usr/local/lib /usr/local/man/man1 /usr/local/share/lua/5.1 /usr/local/lib/lua/5.1
cd src && install -p -m 0755 lua luac /usr/local/bin
cd src && install -p -m 0644 lua.h luaconf.h lualib.h lauxlib.h ../etc/lua.hpp /usr/local/include
cd src && install -p -m 0644 liblua.a /usr/local/lib
cd doc && install -p -m 0644 lua.1 luac.1 /usr/local/man/man1

# which lua
/usr/local/bin/lua

���lsyncd��돩�������
# cd ../lsyncd-2.0.2 ; pwd
/usr/local/src/lsyncd-2.0.2
# ./configure

checking for LUA... configure: error: Package requirements (lua >= 5.1.3) were not met:

No package 'lua' found

�����쏢���������쏢�������������������������������µ

# find / -type f -name "lualib.h"
/usr/local/include/lualib.h
/usr/local/src/lua-5.1.4/src/lualib.h
# find / -type f -name "liblua.a"
/usr/local/lib/liblua.a
/usr/local/src/lua-5.1.4/src/liblua.a

# export LUA_CFLAGS='-I/usr/local/include -lm -ldl'
# export LUA_LIBS='/usr/local/lib/liblua.a'

# ./configure
# make
# make install

# which lsyncd
/usr/local/bin/lsyncd
#

���/etc/lsyncd.conf
settings = {
logfile = "/var/log/lsyncd/lsyncd.log",
statusFile = "/var/log/lsyncd/lsyncd.status",
nodaemon = true,
}

sync{
default.rsync,
source="/usr/local/apache2/htdocs/sync/",
target="[email protected]:/usr/local/apache2/htdocs/sync/",
rsyncOps="-Hax",
}

���µ��������\¹\���\���\��\���
#!/bin/bash
#
# lsyncd
#
# chkconfig: - 99 20
# description: lsyncd auto start script

. /etc/rc.d/init.d/functions

start() {
pid=`pidof lsyncd`
if [ $? -eq 0 ]; then
echo "lsyncd (pid $pid) is running..."
exit
fi

/usr/local/bin/lsyncd /etc/lsyncd.conf &

pid=`pidof lsyncd`
if [ $? -eq 0 ]; then
echo "Starting lsyncd (pid $pid)"
else
echo "Error lsyncd is not running"
fi
}

stop() {
echo "Stopping lsyncd"
/bin/kill -9 `/sbin/pidof lsyncd`
until [ -z $(/sbin/pidof lsyncd) ]; do :; done
}

case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
status)
pid=`pidof lsyncd`
if [ $? -eq 0 ]; then
echo "lsyncd (pid $pid) is running..."
else
echo "lsyncd is not running"
fi
;;
*)
echo "Usage: lsyncd {start|stop|restart|status}"
exit 1
esac

exit $?

���\���\��\������¼\������¼\���
/etc/logrotate.d/syslog ������������²���

���³������
# pwd
/usr/local/apache2/htdocs/sync
# mkdir -p dir_01/dir_02 && touch dir_01/01.txt && touch dir_01/dir_02/02.txt

����\���\��
Wed Feb ** **:**:** 2011 Normal: Calling rsync with filter-list of new/modified files/dirs
/dir_01/***
/dir_01/
/
/dir_01/dir_02/***
/dir_01/dir_02/
/dir_01/01.txt
/dir_01/dir_02/02.txt
Wed Feb ** **:**:** 2011 Normal: Finished a list = 0

���Ï���ޡ���䏪����
# pwd
/usr/local/apache2/htdocs/sync
# ls -R
dir_01

./dir_01:
01.txt dir_02

./dir_01/dir_02:
02.txt

tuzzy92 at 00:11����Permalink����Comments(1)���� ����������²��㏪���»�� | LINUX

2011������02·���23������

cbq.init�����������������������ѡ돫������폢����

�����²��я��������򏪳���������������¡�돫���¡������������폢��������³����«���������������·��������������¡�½��ԏ��¹����������������������»��ӏ���µ������³�����������ď�¡�

\µ���¼\���\¹������»���������\����¼\���������¹������������
���½�����Ï�����������������������\����¼\������������������������
\����¼\������������������ѡ돫������폢���������ҏ����Ώ��������·�����������Ώ����ď�¡�

���\¹\���\���\��\��������Ώ�����
# cp -ip /usr/share/doc/iproute-2.6.18/examples/cbq.init-v0.7.3 /etc/init.d/cbq.init
# chmod +x /etc/init.d/cbq.init

# chkconfig --add cbq.init
# chkconfig --list cbq.init
cbq.init 0:off 1:off 2:on 3:on 4:on 5:on 6:off
#

���80������\����¼\������������������ѡ돫�������50Kbit�����������폢�������¹�����������Ώ�����
# cd /etc/sysconfig/cbq/ ; pwd
/etc/sysconfig/cbq
#

���á���只����������\µ\���\��\���������������������������������
# mv -i cbq-0000.example .cbq-0000.example

���Ï����ď��¾µ�̏���� cbg-\���\������¼\�����������ď��»���.����̏��«���������������¹���������¾�����
# vi cbq-100.http
==============================
DEVICE=ppp0,100Mbit,10Mbit
RATE=50Kbit
WEIGHT=5Kbit
PRIO=5
RULE=\��\������¼\Ð\���IP\��\���\���\¹:80,
==============================

rate�����������폢����������������»���������
WEIGHT������rate������1/10�����ҏ����Ώ�������¡��������¼���«���������������������я�¡�
\���\���\��ď��¼\���\���\������̏��½�����Ï����������������������������ď�¡�

# /etc/init.d/cbq.init compile(�����ԏ���ߏ��������ޏ����������Ώ��������������������̏���̏��«������)
/sbin/tc qdisc del dev ppp0 root
/sbin/tc qdisc add dev ppp0 root handle 1 cbq bandwidth 100Mbit avpkt 3000 cell 8
/sbin/tc class change dev ppp0 root cbq weight 10Mbit allot 1514

/sbin/tc class add dev ppp0 parent 1: classid 1:100 cbq bandwidth 100Mbit rate 50Kbit weight 5Kbit prio 5 allot 1514 cell 8 maxburst 20 avpkt 3000 bounded
/sbin/tc qdisc add dev ppp0 parent 1:100 handle 100 tbf rate 50Kbit buffer 10Kb/8 limit 15Kb mtu 1500
/sbin/tc filter add dev ppp0 parent 1:0 protocol ip prio 100 u32 match ip src \��\������¼\Ð\���IP\��\���\���\¹ match ip sport 80 0xffff classid 1:100

# /etc/init.d/cbq.init start

���³������
# /etc/init.d/cbq.init list

### eth0: queueing disciplines

qdisc pfifo_fast 0: bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1

### eth1: queueing disciplines

qdisc pfifo_fast 0: bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1

### ppp0: queueing disciplines

qdisc cbq 1: rate 100000Kbit (bounded,isolated) prio no-transmit
qdisc tbf 100: parent 1:100 rate 50000bit burst 10Kb lat 819.2ms

### ppp0: traffic classes

class cbq 1: root rate 100000Kbit (bounded,isolated) prio no-transmit
class cbq 1:100 parent 1: leaf 100: rate 50000bit (bounded) prio 5
class tbf 100:1 parent 100:

### ppp0: filtering rules

filter parent 1: protocol ip pref 100 u32
filter parent 1: protocol ip pref 100 u32 fh 800: ht divisor 1
filter parent 1: protocol ip pref 100 u32 fh 800::800 order 2048 key ht 800 bkt 0 flowid 1:100
match 7901f9de/ffffffff at 12
match 00500000/ffff0000 at 20

# /etc/init.d/cbq.init stats
### eth0: queueing disciplines

qdisc pfifo_fast 0: bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
Sent 58221108459 bytes 137153302 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0

### eth1: queueing disciplines

qdisc pfifo_fast 0: bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
Sent 163878209113 bytes 173976400 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0

### ppp0: queueing disciplines

qdisc cbq 1: rate 100000Kbit (bounded,isolated) prio no-transmit
Sent 5668163 bytes 28005 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
borrowed 0 overactions 0 avgidle 240 undertime 0
qdisc tbf 100: parent 1:100 rate 50000bit burst 10Kb lat 819.2ms
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0

### ppp0: traffic classes

class cbq 1: root rate 100000Kbit (bounded,isolated) prio no-transmit
Sent 5668215 bytes 28006 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
borrowed 0 overactions 0 avgidle 240 undertime 0
class cbq 1:100 parent 1: leaf 100: rate 50000bit (bounded) prio 5
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
borrowed 0 overactions 0 avgidle 1.36171e+07 undertime 0
class tbf 100:1 parent 100:


### ppp0: filtering rules

filter parent 1: protocol ip pref 100 u32
filter parent 1: protocol ip pref 100 u32 fh 800: ht divisor 1
filter parent 1: protocol ip pref 100 u32 fh 800::800 order 2048 key ht 800 bkt 0 flowid 1:100 (rule hit 28007 success 0)
match 7901f9de/ffffffff at 12 (success 27998 )
match 00500000/ffff0000 at 20 (success 0 )

#

�񡯏��¾\µ���¼\Ð����������������̏����ӏ�����\���\���\���\���������wget���·�����������Ώ�����

0% [] 236,283 5.90K/s eta 13h 11m

���������������������

tuzzy92 at 02:13����Permalink����Comments(0)���� ����Other | LINUX

2011������02·���15������

tc�����������������������ѡ돫������폢����

��������Ώ�����
tc qdisc add dev ppp0 root handle 1: htb default 0
tc class add dev ppp0 parent 1:0 classid 1:0 htb rate 5Mbit

���³������
tc -s qdisc show dev ppp0
tc -s class show dev ppp0

���������¹¹
tc class replace dev ppp0 parent 1:0 classid 1:0 htb rate 10Mbit

���²���½���
tc class del dev ppp0 classid 1:0
tc qdisc del dev ppp0 root

��������¡����������������������������쏢����\���\������¼\���\Ð\���\��� \¹\��ԏ��¼\���\���\¹\���
http://www.bspeedtest.jp/ ������������\¹\��ԏ��¼\���\���\��\���\���

��򏪢��Ώ����������
\µ���¼\Ð1[N] 73.0Mbps
\µ���¼\Ð2[S] 68.2Mbps
²¼������¼��؏�ď��������: 73Mbps(73.0Mbps,9.13MByte/s)
¾����������������ď��������: 77Mbps(77.0Mbps,9.63MByte/s)

���10Mbit�����������Ώ�����
\µ���¼\Ð1[N] 68.2Mbps
\µ���¼\Ð2[S] 72.4Mbps
²¼������¼��؏�ď��������: 72Mbps(72.4Mbps,9.05MByte/s)
¾����������������ď��������: 6.0Mbps(6.09Mbps,762kByte/s)

# tc qdisc add dev ppp0 root handle 1: htb default 0
# tc class add dev ppp0 parent 1:0 classid 1:0 htb rate 10Mbit

# tc -s qdisc show dev ppp0
qdisc htb 1: r2q 10 default 0 direct_packets_stat 11663
Sent 10922626 bytes 22898 pkt (dropped 480, overlimits 952 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0

# tc -s class show dev ppp0
class htb 1: root prio 0 rate 10000Kbit ceil 10000Kbit burst 2850b cburst 2850b
Sent 6953759 bytes 16936 pkt (dropped 714, overlimits 0 requeues 0)
rate 2254Kbit 670pps backlog 0b 0p requeues 0
lended: 16936 borrowed: 0 giants: 0
tokens: 2242 ctokens: 2242
#

���5Mbit������������¹¹
\µ���¼\Ð1[N] 65.6Mbps
\µ���¼\Ð2[S] 72.7Mbps
²¼������¼��؏�ď��������: 72Mbps(72.7Mbps,9.09MByte/s)
uptest skipped

# tc class replace dev ppp0 parent 1:0 classid 1:0 htb rate 5Mbit

# tc -s qdisc show dev ppp0
qdisc htb 1: r2q 10 default 0 direct_packets_stat 11663
Sent 42199666 bytes 97838 pkt (dropped 4448, overlimits 9052 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0

# tc -s class show dev ppp0
class htb 1: root prio 0 rate 5000Kbit ceil 5000Kbit burst 2225b cburst 2225b
Sent 37583352 bytes 90202 pkt (dropped 4906, overlimits 0 requeues 0)
rate 3365Kbit 956pps backlog 0b 0p requeues 0
lended: 90202 borrowed: 0 giants: 0
tokens: 2049 ctokens: 2049
#

���¾�����Ώ����������쏢����������·���²��������������Џ��­���

tuzzy92 at 00:16����Permalink����Comments(3)����

2011������02·���14������

PPPoE \«���¼\���\���\������¼\���

²���¼��ҏ��������������⏢����Linux������\������¼\���¹½�����叢�·�����������������я��������ޏ�����\¹\��ԏ��¼\������̏����������������������������������Ï����������ҏ��·�����ď�������¡�
PPPoE������\«���¼\���\���\������¼\�������������돢�«���·�����������Ώ����ď�������¡�����\��\���\Ð\���\¹�����ҏ����������������ď�¡�

��»²¾���µ­»���(Netscreen������������«������������)
http://blog.livedoor.jp/tuzzy92/archives/51815564.html#

\«���¼\���\���\������¼\���������������²��ď��폢�폢��
�������������������Џ����������я��«�����������Ï�������������������������¡񏪤���������µ��𡯏��������������Ð��¡�

³�돪���ԏ����䏪�³DEV /etc/sysconfig/network-scripts/ifcfg-ppp0 ������
²¼µ­µ­½��ҏ����ҏ�����µ­

LINUX_PLUGIN=/usr/lib/pppd/2.4.4/rp-pppoe.so
MTU=1452

��������¡�\���\���\���\������¼\�����돩�µ��������
��������¡�\��\���\»\¹³������

# ps ax | grep ppp
3288 ? S 0:00 /bin/bash /sbin/adsl-connect /etc/sysconfig/network-scripts/ifcfg-ppp0
3327 ? Ss 0:00 /usr/sbin/pppd ipparam ppp0 linkname ppp0 plugin /usr/lib/pppd/2.4.4/rp-pppoe.so eth0 noipdefault noauth default-asyncmap defaultroute hide-password nodetach mtu 1452 mru 1492 noaccomp noccp nobsdcomp nodeflate nopcomp novj novjccomp user f.su4y-****@atson.net lcp-echo-interval 20 lcp-echo-failure 3

OK
��������¡����������������������������쏢����\���\������¼\���\Ð\���\��� \¹\��ԏ��¼\���\���\¹\���
http://www.bspeedtest.jp/ ������������\¹\��ԏ��¼\���\���\��\���\���

\µ���¼\Ð1[N] 65.6Mbps
\µ���¼\Ð2[S] 75.2Mbps
²¼������¼��؏�ď��������: 75Mbps(75.2Mbps,9.40MByte/s)
¾����������������ď��������: 81Mbps(81.6Mbps,10.2MByte/s)

�����������я��«�����������������������������������������������𡭢������������������я��������¹���ޏ��������

tuzzy92 at 04:26����Permalink����Comments(0)���� ����Other | LINUX

2011������02·���13������

�����������̏����������Ï��쏪����������ď��

#¾��䏢돪㏢���䏢�«���·���������̏���������¼��؏����¡돪�

livedoor\���\���\�돢������������ď�������쏢����\���\���\���\���
����ޏ��½���������������������·�����ď�������¡�\���\���\���\���\��\���\���\�돢����¼��twitter������³����ޏ������������������������������ď�¡�

��ď����ď������������������������������������������������������������������������ď��(������������������������������)
���½���·���������µ»��ӏ�����������²���·�����¡�

�����䏪���ӏ����������������̏����������Ï�¡񏪪���������ď��(������������������������������)��¡���������������������������ޏ��½����

����\���\���\���\���\��\���\���\�돢����¼��twitter
http://blog.livedoor.com/nacchan/


tuzzy92 at 23:55����Permalink����Comments(0)���� ����»�������� 

2011������02·���07������

\���\��\���\���\���\������¼\µ ������������������¹���������

������½µ�����½����������¹(2·���)¹��ԏ����������ď��ޏ��������������������������������«�����������ď���������\���\���\���������¹��������Џ�¡�

������������¼��������������؏��ޏ�������¡�
��­�����؏����������ҏ�����������������������(������������������������\���\���\��������������򏪢��Ώ��·�����ď���������)\���\��ӏ��¼\�����¡�
# find /etc/ -type f | xargs egrep "r8169"
/etc/modprobe.conf:alias eth1 r8169
/etc/sysconfig/hwconf:driver: r8169

»����·������10GB�����̏�����\���\���\���\��������ҏ��¾�������¡�
³����«�������������������������ޏ�����������²���¹�����ď�㏢������
# uptime
02:43:51 up 1:03, 1 user, load average: 9.13, 7.27, 3.94

���³������������²���\���\���\���\������¼\���������Giga²½���돪�»����(²��ď��«�����돢���������������������������������Ï�����µ�������������)��¡�

\³\\ PCI\Ð\¹ 1000M100M10M LAN\\\\ CG-LAPCIGTR 4519157009690\³\\ PCI\Ð\¹ 1000M...

\³\���\�� PCI\Ð\¹ 1000M����100M����10M LAN\��\���\��\��� CG-LAPCIGTR 4519157009690\³\���\�� PCI\Ð\¹ 1000M...
²���³�����¡�1,743�ޏ�Ώ���������¹��Џ�¡񏪡����������������



tuzzy92 at 02:53����Permalink����Comments(0)���� ����Other 

2011������01·���31������

\«\���6 10m������\���\���\�ޏ����ҏ��������������������­�����ď�����

NIC����\���\�̏��������Ð�ޏ�Џ��·���������������«�����������ď�������������
�����������䏪���������������������������������Ï�����������

# ifconfig -a eth1
eth1 Link encap:Ethernet HWaddr 00:0A:79:88:8C:12
inet addr:192.168.11.1 Bcast:192.168.11.255 Mask:255.255.255.0
inet6 addr: fe80::20a:79ff:fe88:8c12/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:685995174 errors:0 dropped:0 overruns:0 frame:0
TX packets:720061314 errors:0 dropped:0 overruns:2 carrier:0
collisions:0 txqueuelen:1000
RX bytes:4028562739 (3.7 GiB) TX bytes:1311108297 (1.2 GiB)
Interrupt:201 Base address:0xf00
#

[ELECOM(\\\³\)] \²¼\Т돪\«\\\¼6½µLAN\ޏ¼\\ LD-GM/BK10

[ELECOM(\��\���\³\���)] \²���¼\��������Т������돪�\«\���\��\������¼6½���µ���LAN\�ޏ��¼\���\��� LD-GM/BK10
²���³�����¡�1,750�ޏ�Ώ���������¹��Џ�¡񏪡����������������



tuzzy92 at 23:15����Permalink����Comments(0)���� ����Other | LINUX

2011������01·���22������

squid \���\��\������¼\������¼\���������\���\��²��ҏ�����(squid-graph)

���»���������«���������������«������\­\���\���\·\���\���\���\�����¡�������³���������·�����ď���������
������������»��ӏ�����squid-graph

����squid-graph
http://squid-graph.sourceforge.net/

���
# wget http://downloads.sourceforge.net/project/squid-graph/squid-graph/3.2/squid-graph-3.2.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fsquid-graph%2Ffiles%2F&ts=1295629882&use_mirror=jaist
# tar xvfz squid-graph-3.2.tar.gz

������³«���·���������������­������\���\��\���\���\���\���������������squid-graph�����ҏ���̏����ӏ�����\���\��\���\���\���\���������mv���·������½��쏪�»

���squid \���\��\������¼\������¼\���
# /usr/local/squid/sbin/squid -k rotate

���\���\��²��ҏ�����
# /usr/local/bin/squid-graph \n--tcp-only --cumulative --start=����돩���䏢����0»���0�����0������ \n--output-dir=����̏����ӏ�����\���\��\���\���\���\��� < ²��ҏ��������о���\���\��

\������¼\������¼\���������\���\��²��ҏ�����������0»���0����̏�����cron������»���¹��Џ����������������������𡭢�������
�����䏩���䏢����\­\���\���\·\���\���\���\�����¡�������34.48%����³���������������ď���������ޏ�����\��⏢�¼\������Ð���������«���«�����ď��«�����������������¡��


�񡯏����쏢��������1
# /usr/local/squid/sbin/squid -k
/usr/local/squid/sbin/squid: option requires an argument -- k
Usage: squid [-cdhvzCFNRVYX] [-s | -l facility] [-f config-file] [-[au] port] [-k signal]
-a port Specify HTTP port number (default: 3128).
-d level Write debugging to stderr also.
-f file Use given config-file instead of
/usr/local/squid/etc/squid.conf
-h Print help message.
-k reconfigure|rotate|shutdown|interrupt|kill|debug|check|parse
Parse configuration file, then send signal to
running copy (except -k parse) and exit.
-s | -l facility
Enable logging to syslog.
-u port Specify ICP port number (default: 3130), disable with 0.
-v Print version.
-z Create swap directories
-C Do not catch fatal signals.
-D OBSOLETE. Scheduled for removal.
-F Don't serve any requests until store is rebuilt.
-N No daemon mode.
-R Do not set REUSEADDR on port.
-S Double-check swap during rebuild.
-X Force full debugging.
-Y Only return UDP_HIT or UDP_MISS_NOFETCH during fast reload.

�񡯏����쏢��������2
# squid-graph --help

Squid Graph 3.2 release Help (linux, perl 5.008008)

Usage examples:
squid-graph [options] < logfile.log
cat logfile.log | squid-graph [options]
tail -n 10000 logfile.log | squid-graph [options]

Command line options (options marked * are compulsary):

* --output-dir=output-dir (or -o=output-dir)
Specifies the directory which stores the output files.

--start=start-time (or -s=start-time)
Specifies the graph start time in seconds since 1970.
When not specified, 24 hours before the current time is
used as default.

--end=end-time (or -e=end-time)
Specifies the graph end time in seconds since 1970.
When not specified, the current time is used as default.

--title="report-title"
Specifies the report title. When not specified, "Squid
Graph Logfile Analysis Report" is used as default.

--tcp-only
Specifies that only TCP access and transfer graphs are
generated. When not specified, both TCP and UDP graphs
are generated.

--udp-only
Specifies that only UDP access and transfer graphs are
generated. When not specified, both TCP and UDP graphs
are generated.

--cumulative (or -c)
Enables generation of cumulative graphs instead of the
default histograms.

--no-transfer-duration (or -d)
Disables plotting of average transfer duration graph(s).

--no-console-log (or -n)
Disables logging of messages to console.

--help (or -h)
Displays this help message.

For more info, please visit http://squid-graph.sourceforge.net/

squid_log




tuzzy92 at 02:23����Permalink����Comments(0)���� ����SQUID | LINUX

2011������01·���21������

\���\³\���\³�����²���+squid

\µ���¼\о���������\���\³\���\³�����²������������²��������ҏ����򏪤���
²�����������������������������PC������\���\³\���\³�����²��������ҏ��«������������(Ž��Ρ�\Ž���)Ž³Ž���Ž��(�������½������)

# squid.conf������������
refresh_pattern -i \.(smilevideo|nicovideo)\.jp\/smile 25200 90% 50400 ignore-reload ignore-no-cache ignore-no-store ignore-private
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 1440 40% 4320 ignore-reload ignore-no-cache ignore-no-store ignore-private

cgi-bin/? ���½���·������\���\���\���\���\���������������¾���������µ­½��ҏ��¹������»��ӏ�������¡�
.(smilevideo|nicovideo).jp/smile ������\���\���\������·������URL���������������¹�����㏢����\­\���\���\·\������¹������(������������)��¡�

������������������������cache_dir������maximum_object_size������\µ\���\��돢���ҏ��������­�����������������Ώ��������·�����ď�¡�

store.log��������­������µ­½��ҏ�����
**********.*** SWAPOUT 00 00000817 C20C9C19251201F0740E464523D4AFF1 200 1295622230 1246547219 1308582230 video/mp4 32411692/32411692 GET http://smile-pcm12.nicovideo.jp/smile?

access.log��������­������µ­½��ҏ��̏����������«�����������Ï�����������������������������������(������»�ߏ�����)��¡�

**********.*** 4640 *.*.*.* TCP_HIT/200 25863485 GET http://smile-pso51.nicovideo.jp/smile? - NONE/- video/mp4

������������������²��ď����㏢�������«�����ď����������²������̏��«�����ӏ����ď�����������������»��ӏ���

tuzzy92 at 23:55����Permalink����Comments(0)���� ����SQUID | LINUX

2011������01·���18������

[���������������µ������] \���\«���¼������\­\���\���\·\���\µ���¼\Ð

�����������»��Џ�����������\­\���\���\·\���\µ���¼\Ð������¼��������Џ��­������µ�����������������������¡�
����ޏ���������������������¹\����Џ�ġ����������ď�����\���\���\¹\������¼\���

���Ï�����¼��HP
http://www.squid-cache.org/

���\���\���\¹\������¼\���
# wget http://www.squid-cache.org/Versions/v3/3.1/squid-3.1.10.tar.gz
# tar xvfz squid-3.1.10.tar.gz
# cd squid-3.1.10 ; pwd

# ./configure \
--prefix=/usr/local/squid \
--enable-useragent-log \
--enable-referer-log \
--enable-linux-netfilter \
--enable-removal-policies="heap,lru" \
--enable-storeio="diskd,ufs" \
--disable-ipv6 \
--disable-ident-lookups \
--disable-internal-dns

# make
# make install

# touch /etc/sysconfig/squid

���\��\«\���\���\�����돫�����
# useadd -d /usr/local/squid -s /sbin/nologin squid
# chown -R squid:squid /usr/local/squid/var/

��������Ώ�����(¾��䏢돪㏢����/usr/local/squid/etc/squid.conf.documented������»²¾���)
# vi /usr/local/squid/etc/squid.conf

### ACL
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl homenet src 192.168.11.0/24
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1

acl SSL_ports port 443
acl Safe_ports port 80 # http
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

http_access allow homenet
http_access allow localhost
http_access deny all

# Squid normally listens to port 3128
http_port 8080 transparent

# We recommend you to use at least the following line.
hierarchy_stoplist cgi-bin ?

# Uncomment and adjust the following to add a disk cache directory.
#cache_dir ufs /usr/local/squid/var/cache 100 16 256

# Leave coredumps in the first cache dir
coredump_dir /usr/local/squid/var/cache

# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i \.index.(html|htm)$ 0 40% 10080
refresh_pattern -i \.(html|htm|css|js)$ 1440 40% 40320
refresh_pattern -i \.(gif|png|jpg|jpeg|ico)$ 10080 90% 43200 ignore-reload ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private
refresh_pattern -i \.(iso|avi|wav|mp3|mp4|mpeg|swf|flv|x-flv)$ 43200 90% 43200 ignore-reload ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private
refresh_pattern -i \.(deb|rpm|exe|zip|tar|tgz|ram|rar|bin|ppt|doc|tiff)$ 10080 90% 43200 ignore-reload ignore-no-cache ignore-no-store ignore-must-revalidate ignore-private
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 40% 40320

### SEQULITY
request_header_access X-Forwarded-For deny all
request_header_access Via deny all
request_header_access Cache-Control deny all

### USE
cache_effective_user squid
cache_effective_group squid

### CACHE
maximum_object_size_in_memory 512 KB
maximum_object_size 10240 KB
cache_dir ufs /usr/local/squid/var/cache 1024 16 256

### LOGS
access_log /usr/local/squid/var/logs/access.log squid
cache_store_log /usr/local/squid/var/logs/store.log squid

### PID
pid_filename /usr/local/squid/var/run/squid.pid

### MEMORY
memory_pools on
memory_pools_limit 256 MB

���µ��������
# vi /etc/init.d/squid

#!/bin/bash
# squid This shell script takes care of starting and stopping
# Squid Internet Object Cache
#
# chkconfig: - 90 25
# description: Squid - Internet Object Cache. Internet object caching is \
# a way to store requested Internet objects (i.e., data available \
# via the HTTP, FTP, and gopher protocols) on a system closer to the \
# requesting site than to the source. Web browsers can then use the \
# local Squid cache as a proxy HTTP server, reducing access time as \
# well as bandwidth consumption.
# pidfile: /usr/local/squid/var/run/squid.pid
# config: /usr/local/squid/etc/squid.conf

PATH=/usr/local/squid/sbin:/usr/local/sbin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
export PATH

# Source function library.
. /etc/rc.d/init.d/functions

# Source networking configuration.
. /etc/sysconfig/network

# don't raise an error if the config file is incomplete
# set defaults instead:
#SQUID_OPTS=${SQUID_OPTS:-"-D"}
SQUID_PIDFILE_TIMEOUT=${SQUID_PIDFILE_TIMEOUT:-20}
SQUID_SHUTDOWN_TIMEOUT=${SQUID_SHUTDOWN_TIMEOUT:-100}

# determine the name of the squid binary
[ -f /usr/local/squid/sbin/squid ] && SQUID=/usr/local/squid/sbin/squid

prog="$SQUID"

# determine which one is the cache_swap directory
CACHE_SWAP=`sed -e 's/#.*//g' /usr/local/squid/etc/squid.conf | \
grep cache_dir | awk '{ print $3 }'`
[ -z "$CACHE_SWAP" ] && CACHE_SWAP=/usr/local/squid/var/cache

RETVAL=0

start() {

#check if the squid conf file is present
if [ ! -f /usr/local/squid/etc/squid.conf ]; then
echo "Configuration file /usr/local/squid/etc/squid.conf missing" 1>&2
exit 6
fi
. /etc/sysconfig/squid

# don't raise an error if the config file is incomplete.
# set defaults instead:
#SQUID_OPTS=${SQUID_OPTS:-"-D"}
SQUID_PIDFILE_TIMEOUT=${SQUID_PIDFILE_TIMEOUT:-20}
SQUID_SHUTDOWN_TIMEOUT=${SQUID_SHUTDOWN_TIMEOUT:-100}

if [ -z "$SQUID" ]; then
echo "Insufficient privilege" 1>&2
exit 4
fi

for adir in $CACHE_SWAP; do
if [ ! -d $adir/00 ]; then
echo -n "init_cache_dir $adir... "
$SQUID -z -F -D >> /usr/local/squid/var/logs/squid.out 2>&1
fi
done
echo -n $"Starting $prog: "
$SQUID $SQUID_OPTS >> /usr/local/squid/var/logs/squid.out 2>&1
RETVAL=$?
if [ $RETVAL -eq 0 ]; then
timeout=0;

while : ; do
[ ! -f /usr/local/squid/var/run/squid.pid ] || break
if [ $timeout -ge $SQUID_PIDFILE_TIMEOUT ]; then
RETVAL=1
break
fi
sleep 1 && echo -n "."
timeout=$((timeout+1))
done
fi
[ $RETVAL -eq 0 ] && touch /usr/local/squid/var/run/squid.pid
[ $RETVAL -eq 0 ] && echo_success
[ $RETVAL -ne 0 ] && echo_failure
echo
return $RETVAL
}

stop() {
. /etc/sysconfig/squid

# don't raise an error if the config file is incomplete.
# set defaults instead:
SQUID_SHUTDOWN_TIMEOUT=${SQUID_SHUTDOWN_TIMEOUT:-100}

echo -n $"Stopping $prog: "
$SQUID -k check >> /usr/local/squid/var/logs/squid.out 2>&1
RETVAL=$?
if [ $RETVAL -eq 0 ] ; then
$SQUID -k shutdown &
timeout=0
while : ; do
[ -f /usr/local/squid/var/run/squid.pid ] || break
if [ $timeout -ge $SQUID_SHUTDOWN_TIMEOUT ]; then
echo
return 1
fi
sleep 2 && echo -n "."
timeout=$((timeout+2))
done
echo_success
echo
else
echo_failure
if [ ! -e /usr/local/squid/var/run/squid.pid ]; then
RETVAL=0
fi
echo
fi
return $RETVAL
}

reload() {
. /etc/sysconfig/squid
# don't raise an error if the config file is incomplete.
# set defaults instead:
#SQUID_OPTS=${SQUID_OPTS:-"-D"}

$SQUID $SQUID_OPTS -k reconfigure
}

restart() {
stop
start
}

condrestart() {
[ -e /usr/local/squid/var/run/squid.pid ] && restart || :
}

rhstatus() {
status $SQUID && $SQUID -k check
}

probe() {
return 0
}

case "$1" in
start)
start
;;

stop)
stop
;;

reload)
reload
;;

restart)
restart
;;

condrestart)
condrestart
;;

status)
rhstatus
;;

probe)
exit 0
;;

*)
echo $"Usage: $0 {start|stop|status|reload|restart|condrestart}"
exit 2
esac

exit $?

# chmod 755 /etc/init.d/squid
# chkconfig --add squid
# chkconfig squid on

# /etc/init.d/squid start

# ps awwxu | grep squid
root 10534 0.0 0.0 4008 592 pts/5 R+ 00:58 0:00 grep squid
root 12031 0.0 0.1 6832 1304 ? Ss Jan17 0:00 /usr/local/squid/sbin/squid
squid 12033 0.6 9.8 104416 101488 ? S Jan17 1:15 (squid)
squid 12040 0.0 0.0 2880 812 ? S Jan17 0:00 (unlinkd)
squid 14944 0.0 0.1 3212 1220 ? S 00:22 0:00 (dnsserver)
squid 14945 0.0 0.1 3212 1204 ? S 00:22 0:00 (dnsserver)
squid 14946 0.0 0.1 3212 1208 ? S 00:22 0:00 (dnsserver)
squid 14947 0.0 0.1 3212 1208 ? S 00:22 0:00 (dnsserver)
squid 14948 0.0 0.1 3212 1204 ? S 00:22 0:00 (dnsserver)
[root@fw-tuzzy etc]#

���������²���\��\���\­\·�����Ώ�����
# iptables -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
# iptables -t nat -A POSTROUTING -o eth0-s $_MY_NETWORK -j MASQUERADE

��eth1=\���\���\��ď��¼\���\���������NIC eth0=\��\������¼\Ð\���������NIC

���\���\��³������
# tail -F /usr/local/squid/var/logs/access.log
TCP_HIT|TCP_MEM_HIT���̏�������������µ���»���������������������

tuzzy92 at 01:21����Permalink����Comments(0)���� ����SQUID | LINUX

2011������01·���05������

2011���������������·²���\���\���\���\������¼\���������giga²½���·�����������Ώ�����

���µ���¹���̏���������������������������10�����䏢�������������������������������«�����������ď��̏�¡�\���\���\���\������¾��������̏�����3�����䏢����\¹\��ԏ��¼\���\��\���\�ߏ�¡�
3�����䏢������������𡯏��Ð��𡭏�������������������������\���\���\��������������������5�����������ҏ����������������ď�����������������������ޏ��������­���½��������������¡�

���򏢱���������²��򏪤���������
����vmware�������ޏ�ď����Џ��·������������������\µ���¼\Ð������\���\���\���\������¼\���������������������
����snmp(or HotSaNIC)������\Ð\��

���µ���������³���������쏢����������NAS������¹½�����叢���������Џ����������Ï�������������¡�
��giga��������������𡯏��ÐPC����GIGAµ��㡭��폢�������¹����������������¡�

���Ï�����������������\¹\���\���\���(LSW4-GT-8NS)
http://buffalo.jp/products/catalog/network/lsw4-gt-8ns/

����PC����GIGA
http://www.pc-giga.com/



tuzzy92 at 00:23����Permalink����Comments(0)���� ����Other 

2010������12·���07������

openssh\³\���\���\��\��\���\��\·\���\���

\½���¼\¹���«������openssh�����ҏ����Џ�����������¾���¹�����¡�\³\���\���\��\��\���\��\·\���\��я�����������¼�����·������������������
hosts.allow/hosts.deny(TCP Wrappers)�����������������������폢�������̏��������­�����������������я�������������¡�
�������������������«�����������ď�����������¡�

# ./configure --help | grep wrappers
--with-tcp-wrappers[=PATH] Enable tcpwrappers support (optionally in PATH)
#

tuzzy92 at 23:55����Permalink����Comments(0)���� ����SSH 

2010������12·���06������

vnc��돪�¾���¹½������

���³����������������������������

vnc-server-4.1.2-14.el5_5.4.i386
xorg-x11-twm-1.0.1-3.1.i386
xterm-215-8.el5_4.1.i386

�����䏪���䏢���������Ώ��·���ޏ��������Ð���³������

fonts-japanese.noarch

����½���²���µ��������»��Џ�����\���\¹\������¼\��������Ώ�����
# vncserver

You will require a password to access your desktops.

Password:
Verify:

New 'v-admin.localhost:1 (root)' desktop is v-admin.localhost:1

Creating default startup script /root/.vnc/xstartup
Starting applications specified in /root/.vnc/xstartup
Log file is /root/.vnc/v-admin.localhost:1.log

#

����³������
# netstat -nap | grep -i vnc
tcp 0 0 0.0.0.0:5801 0.0.0.0:* LISTEN 2602/Xvnc
tcp 0 0 0.0.0.0:5901 0.0.0.0:* LISTEN 2602/Xvnc
tcp 0 0 0.0.0.0:6001 0.0.0.0:* LISTEN 2602/Xvnc
tcp 0 0 :::6001 :::* LISTEN 2602/Xvnc
unix 2 [ ACC ] STREAM LISTENING 11587 2602/Xvnc /tmp/.X11-unix/X1
unix 3 [ ] STREAM CONNECTED 11749 2602/Xvnc /tmp/.X11-unix/X1
unix 3 [ ] STREAM CONNECTED 11747 2602/Xvnc /tmp/.X11-unix/X1
unix 3 [ ] STREAM CONNECTED 11745 2602/Xvnc /tmp/.X11-unix/X1
unix 3 [ ] STREAM CONNECTED 11744 2609/vncconfig
#

����vnc\���\������¼\�����������䏪�³
vnc

tuzzy92 at 01:52����Permalink����Comments(0)���� ����Other | LINUX

2010������11·���16������

vmware \���\���\¹\������¼\���\���\��

# ./vmware-install.pl
Creating a new VMware Server installer database using the tar4 format.

Installing VMware Server.

In which directory do you want to install the binary files?
[/usr/bin]

What is the directory that contains the init directories (rc0.d/ to rc6.d/)?
[/etc/rc.d]

What is the directory that contains the init scripts?
[/etc/rc.d/init.d]

In which directory do you want to install the daemon files?
[/usr/sbin]

In which directory do you want to install the library files?
[/usr/lib/vmware]

The path "/usr/lib/vmware" does not exist currently. This program is going to
create it, including needed parent directories. Is this what you want?
[yes]

In which directory do you want to install the manual files?
[/usr/share/man]

In which directory do you want to install the documentation files?
[/usr/share/doc/vmware]

The path "/usr/share/doc/vmware" does not exist currently. This program is
going to create it, including needed parent directories. Is this what you want?
[yes]

The installation of VMware Server 2.0.2 build-203138 for Linux completed
successfully. You can decide to remove this software from your system at any
time by invoking the following command: "/usr/bin/vmware-uninstall.pl".

Before running VMware Server for the first time, you need to configure it by
invoking the following command: "/usr/bin/vmware-config.pl". Do you want this
program to invoke the command for you now? [yes]

Making sure services for VMware Server are stopped.

Stopping VMware autostart virtual machines:
Virtual machines [FAILED]
Stopping VMware management services:
VMware Virtual Infrastructure Web Access
VMware Server Host Agent [FAILED]
Stopping VMware services:
VMware Authentication Daemon [ OK ]
Virtual machine monitor [ OK ]

You must read and accept the End User License Agreement to continue.
Press enter to display it.

NOTICE: BY DOWNLOADING AND INSTALLING, COPYING OR OTHERWISE USING THE
SOFTWARE, YOU AGREE TO BE BOUND BY THE TERMS OF THIS VMWARE MASTER END
USER LICENSE AGREEMENT ("EULA"). IF YOU DO NOT AGREE TO THE TERMS OF
THIS EULA, YOU MAY NOT DOWNLOAD, INSTALL, COPY OR USE THE SOFTWARE, AND
YOU MAY RETURN THE UNUSED SOFTWARE TO THE VENDOR FROM WHICH YOU ACQUIRED
IT WITHIN THIRTY (30) DAYS AND REQUEST A REFUND OF THE LICENSE FEE, IF
ANY, ALREADY PAID UPON SHOWING PROOF OF PAYMENT. "YOU" MEANS THE
NATURAL PERSON OR THE ENTITY THAT IS AGREEING TO BE BOUND BY THIS EULA,
THEIR EMPLOYEES AND THIRD PARTY CONTRACTORS THAT PROVIDE SERVICES TO
YOU. YOU SHALL BE LIABLE FOR ANY FAILURE BY SUCH EMPLOYEES AND THIRD
PARTY CONTRACTORS TO COMPLY WITH THE TERMS OF THIS AGREEMENT.

1. DEFINITIONS

1.1 "Designated Administrative Access" means that access to the
standard user interfaces of a given instance of the Software
(designated in this section) that you may grant to a designated
third party (a) for which you have provided advance written notice
to VMware that you are providing outsourced services and (b) for
whose dedicated benefit you have licensed such instance of the
Software. Designated Administrative Access is applicable only
where you are 1) an IT outsourcing company that is providing
outsourced IT services to a client company and 2) applicable only
to the following Software: ESX Server, VMware Server and
VirtualCenter.

1.2 "GPL Software" means GPL software licensed to you under the GNU
General Public License as published by the Free Software Foundation
(GPL). A copy of the GPL is included on the media on which you
received the Software or included in the files you downloaded, if
you acquired the Software by electronic download.

1.3 "Guest Operating Systems" means instances of third-party operating
systems licensed by you and installed in a Virtual Machine and run
using the Software.

1.4 "Licensed Additional Module" means additional modules that may be
provided with and/or used in conjunction with the Software for
which you have paid the applicable license fee and accepted any
applicable additional license terms.

1.5 "Open Source Software" means various open source software
components licensed under the terms of applicable open source
license agreements included in the materials relating to such
software. Open Source Software is composed of individual software
components, each of which has its own copyright and its own
applicable license conditions. The Open Source Software licenses
can be found in the open_source_licenses.txt file, other materials
accompanying the software package, the documentation or
corresponding source files available at
http://www.vmware.com/download/open_source.html.

1.6 "Processor" means a single, physical chip that houses no more than
four (4) processor cores.


1.7 "Sample Programs" means sample client management programs or
scripts that may be distributed with the Software.

1.8 "Server" means a single physical computer of a type that meets the
specifications as set forth in the applicable product documentation
posted at http://www.vmware.com/support/pubs/. Multiple computers
that share processing power or operate in a networked configuration
as a single logical computer, such as a "server farm" or similar
arrangement, constitute multiple Servers for the purpose of this
EULA.

1.9 "Software" means software products that are licensed to you under
this EULA, including, but not limited to, any related components
purchased or provided with the Software, application programming
interfaces, associated media, printed materials, online or
electronic documentation, and any updates and maintenance releases
thereto.

1.10 "Software License Key" means, if applicable, a serial number issued
to you by VMware to activate and use the Software. A separate,
additional Software License Key may be required to activate and use
each Licensed Additional Module.

1.11 "VMware Tools" means a suite of utilities and drivers that may
enhance the performance and functionality of your Guest Operating
System. VMware Tools may include some or all of the following,
depending on your Guest Operating System: an SVGA driver, a mouse
driver, the VMware Tools control panel and support for features
such as shared folders, drag and drop in Windows guests, shrinking
virtual disks, time synchronization with the host, VMware Tools
scripts, and connection and disconnection of devices while the
virtual machine is running.

1.12 "Virtual Machine" means an instance of a Guest Operating System and
any application programs installed thereon, running on a computing
device on which the Software is installed, or suspended to disk or
any other storage media accessible by the computing device.



2. EVALUATION LICENSES

2.1 General. If available, the Software and each Licensed Additional
Module may be activated with no-cost evaluation Software License
Key(s). You acknowledge that Evaluation Software License Keys have
an expiration date ("Expiration Date") and that VMware is not
obligated to permit further use of the Software.

2.2 Evaluation License. If you activate the Software or any Licensed
Additional Module with an evaluation Software License Key
("Evaluation Product") you may use the Evaluation Product until the
Expiration Date only to evaluate the suitability of the Evaluation
Product for licensing on a for-fee basis. You may acquire
evaluation Software License Key(s) for Licensed Additional Modules.
In such case, the Licensed Additional Modules are licensed to you
subject to the terms of this "EVALUATION LICENSES" section.

2.3 Evaluation Product Warranty Disclaimer. During the use of the
Evaluation Product, the limited 90-day warranty referenced in
Section 7.1 below is not applicable to you. THE EVALUATION PRODUCT
IS PROVIDED TO YOU "AS IS" WITHOUT WARRANTY OF ANY KIND, WHETHER
EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE. VMWARE AND ITS
LICENSORS BEAR NO LIABILITY FOR ANY DAMAGES RESULTING FROM USE (OR
ATTEMPTED USE) OF THE EVALUATION PRODUCT THROUGH AND AFTER THE
EXPIRATION DATE.

2.4 No Support. VMware has no duty to provide support to you during
your use of the Evaluation Product.

3. GRANT AND USE RIGHTS FOR SOFTWARE.

3.1 License. The Software is licensed, not sold. Subject to the terms
of this EULA, VMware hereby grants you a non-exclusive, non-
transferable license, without rights to sublicense, to use the
object code of the Software for the purpose as set forth in the
applicable documentation for the Software and to the extent
permitted by your payment of applicable license fees under a VMware
approved licensing model and/or your Software License Key subject
to the software product specific terms specified in this EULA.
Depending upon the model utilized to compute the applicable license
fees paid by you to use the Software (whether per Processor, per
Virtual Machine, per user, or any other VMware approved licensing
model), an applicable Software License Key may limit your usage of
the Software accordingly. You may use the documentation
accompanying the Software in connection with permitted uses of the
Software. If the Software is a version that you have converted or
exchanged from a valid licensed prior version, you agree that by
using the Software you will no longer use the prior version.
VMware reserves the right to require the certification of the
destruction of such previous version of the Software.


3.2 License Limitations. You may not copy the Software except for a
reasonable number of machine-readable copies of the Software for
backup or archival purposes and except as expressly permitted in
this EULA. You may not remove any titles, trademarks or trade
names, copyright notices, legends, or other proprietary markings on
the Software. You are not granted any rights to any trademarks or
service marks of VMware. VMware retains all rights not expressly
granted to you in this EULA.

3.3 Restrictions. You may not (i) sell, lease, license, sublicense,
distribute or otherwise transfer in whole or in part the Software
or the Software License Key to another party; (ii) provide,
disclose, divulge or make available to, or permit use of the
Software in whole or in part by, any third party (except Designated
Administrative Access) without VMware's prior written consent; or
(iii) modify or create derivative works based upon the Software.
Except to the extent expressly permitted by applicable law, and to
the extent that VMware is not permitted by that applicable law to
exclude or limit the following rights, you may not decompile,
disassemble, reverse engineer, or otherwise attempt to derive
source code from the Software, in whole or in part. You may use
the Software to conduct internal performance testing and
benchmarking studies, the results of which you (and not
unauthorized third parties) may publish or publicly disseminate;
provided that VMware has reviewed and approved of the methodology,
assumptions and other parameters of the study. Please contact
VMware at [email protected] to request such review.

3.4 GPL Software. You can redistribute and/or modify the GPL Software
under the terms of the GPL. You may obtain a copy of the source
code corresponding to the binaries for the GPL Software (the "GPL
Source Files") by downloading the GPL Source Files from VMware's
Web site at http://www.vmware.com/download/open_source.html, or by
sending a request, with your name and address, to Vmware at the
address specified under the heading "Contact Information" below, in
which case Vmware will mail a copy of the GPL Source Files to you
on a CD or equivalent physical medium. This offer to obtain a copy
of the GPL Source Files is valid for three years from the date you
acquired this Software product.

3.5 VMware Tools. You may distribute the VMware Tools to any third
party provided that (i) you do not modify the VMware Tools; (ii)
you distribute the VMware Tools in object code format only and
solely in conjunction with, and as part of, the Virtual Machine you
create with the Software; (iii) you do not use VMware's name, logo
or trademarks to market the Virtual Machine you create with the
Software and (iv) you agree to indemnify, hold harmless, and defend
VMware from and against any claims or lawsuits, including
attorneys' fees, that arise or result from the use or distribution
of the Virtual Machine you create. Notwithstanding the foregoing,
you may refer to VMware names, logos or trademarks to indicate that
the Virtual Machine you create with the Software are compatible
with or designed for use with the Software.

3.6 Licenses required for third-party software. The Software enables
you to run multiple instances of third-party guest operating
systems and application programs. You are responsible for obtaining
any licenses necessary to operate any such third-party software,
including Guest Operating Systems.

3.7 Sample Programs. The Software may include Sample Programs. You
may use and distribute Sample Programs under the terms set forth in
the applicable Sample Programs files. VMware does not provide
support services for Sample Programs.

3.8 VMware License Programs. VMware makes available VMware License
programs (for e.g., VMware Academic License). If you have received
the Software pursuant to these VMware License programs, the then-
current terms and conditions posted on
http://www.vmware.com/download/eula/vmtn.html
for that program shall apply for use of the products under such
VMware License programs.

3.9 Audit Rights. You will maintain accurate records as to your use of
the Software as authorized by this EULA, for at least two (2) years
from the last day on which support and subscription services
("Services") expired for the applicable Software. VMware, or
persons designated by VMware, will, at any time during the period
when you are obliged to maintain such records, be entitled to
inspect such records and your computing devices, in order to verify
that the Software is used by you in accordance with the terms of
this EULA and that you have paid the applicable license fees and
Services fees for the Software; provided that VMware may conduct no
more than one (1) audit in any twelve (12) month period. You shall
promptly pay to VMware any underpayments revealed by any such
audit. Any such audit will be performed at VMware's expense during
normal business hours, provided that you shall promptly reimburse
VMware for the cost of such audit and any applicable fees if such
audit reveals an underpayment by you of more than five percent (5%)
of the amounts payable by you to VMware for the period audited.

4. TITLE. VMware retains all right, title, and interest in and to the
Software and the Software License Key and in all related
copyrights, trade secrets, patents, trademarks, and any other
intellectual and industrial property and proprietary rights,
including registrations, applications, renewals, and extensions of
such rights.

5. SUPPORT AND SUBSCRIPTION SERVICES NOT INCLUDED

VMware will not provide any support services under this EULA. This
EULA does not give you any rights to any updates or upgrades to the
Software or to any extensions or enhancements to the Software
developed by VMware at any time in the future. VMware may offer
support and subscription services separately. If you have
purchased VMware support and subscription services with the
Software, these services are provided to you under the Support
Contract Terms and Conditions posted on VMware's Web site at
http://www.vmware.com/support/ and by accepting the terms of this
EULA you are accepting these Support Contract Terms and Conditions.
Any supplemental software code or related materials that VMware
provides to you as part of any support and subscription services
are to be considered part of the Software and are subject to the
terms and conditions of this EULA. VMware may use any technical
information you provide to VMware for any VMware business purposes
without restriction, including for product support and development.
VMware will not use information in a form that personally
identifies you.

6. TERMINATION

6.1 Termination. VMware may terminate this EULA immediately and
without notice if you fail to comply with any term of this EULA.

6.2 Effect of Termination. In the event of termination, you must
destroy all copies of the Software and Software License Key. In
addition you must remove all copies of the Software, including all
backup copies, from the Server and all computers and terminals on
which it is installed. From time to time, VMware may change the
terms of this EULA. VMware will notify you of such change. Your
continued use of the Software will indicate your agreement to the
change.

7. LIMITED WARRANTY AND LIMITATION OF LIABILITY

7.1 Limited Warranty. VMware warrants that the media, if any, on which
the Software is delivered will be free of defects and that the Software
will substantially conform to the description contained in the
applicable end user documentation with respect to the particular
Software licensed under this EULA in each case for a period of 90 days
after the date of shipment of the Software License Key to you ("Warranty
Period"). If during the Warranty Period the media is defective and the
version of that Software is still commercially available, your sole
remedy will be that VMware shall, at its option, repair or replace the
defective media returned to VMware within the Warranty Period. If you
are returning a defective media, please email VMware at [email protected]
to request a Return Authorization number (RMA) and further instructions.
If during the Warranty Period the Software does not substantially
conform to the description contained in the applicable end user
documentation, your sole remedy will be that VMware shall, at it option,
correct the defects in the Software or refund the license fees you paid,
if any, related to the Software provided that (a) the Software has been
properly installed and used at all times and in accordance with the
instructions in the applicable end user documentation; (b) no
modification, alteration or addition has been made to the Software
product by persons other than VMware or VMware's authorized
representative; and (c) VMware receives written notice of the non-
conformity within ninety (90) days following shipment. EXCEPT FOR THE
PRECEDING EXPRESS LIMITED WARRANTY, TO THE MAXIMUM EXTENT PERMITTED BY
APPLICABLE MANDATORY LAW, VMWARE AND ITS LICENSORS PROVIDE THE SOFTWARE
WITHOUT ANY WARRANTIES OF ANY KIND, EXPRESS, IMPLIED, STATUTORY, OR IN
ANY OTHER PROVISION OF THIS EULA OR COMMUNICATION WITH YOU, AND VMWARE
AND ITS LICENSORS SPECIFICALLY DISCLAIM ANY IMPLIED WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

7.2 LIMITATION OF LIABILITY. TO THE MAXIMUM EXTENT PERMITTED BY
APPLICABLE MANDATORY LAW, IN NO EVENT WILL VMWARE AND ITS LICENSORS BE
LIABLE FOR ANY LOST PROFITS OR BUSINESS OPPORTUNITIES, LOSS OF USE,
BUSINESS INTERRUPTION, LOSS OF DATA, OR ANY OTHER INDIRECT, SPECIAL,
INCIDENTAL, OR CONSEQUENTIAL DAMAGES UNDER ANY THEORY OF LIABILITY,
WHETHER BASED IN CONTRACT, TORT, NEGLIGENCE, PRODUCT LIABILITY, OR
OTHERWISE. BECAUSE SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR
LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES, THE
PRECEDING LIMITATION MAY NOT APPLY TO YOU. VMWARE AND ITS LICENSORS'
LIABILITY UNDER THIS EULA WILL NOT, IN ANY EVENT, EXCEED THE LICENSE
FEES, IF ANY, PAID BY YOU FOR THE SOFTWARE LICENSED TO YOU UNDER THIS
EULA. THE FOREGOING LIMITATIONS SHALL APPLY TO THE MAXIMUM EXTENT
PERMITTED BY APPLICABLE LAW, REGARDLESS OF WHETHER VMWARE OR ITS
LICENSORS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES AND
REGARDLESS OF WHETHER ANY REMEDY FAILS OF ITS ESSENTIAL PURPOSE.

8. GENERAL

8.1 Entire Agreement. This Agreement sets forth VMware's entire
liability and your exclusive remedy with respect to the Software
and supersedes the terms of any purchase orders and any other
communications or advertising with respect to the Software. You
acknowledge that this Agreement is a complete statement of the
agreement between you and VMware with respect to the Software, and
that there are no other prior or contemporaneous understandings,
promises, representations, or descriptions with respect to the
Software.

8.2 Headings. Headings under this EULA are intended only for
convenience and shall not affect the interpretation of this EULA.

8.3 Waiver and Modification. No failure of either party to exercise or
enforce any of its rights under this EULA will act as a waiver of
those rights. This EULA may only be modified, or any rights under
it waived, by a written document executed by the party against
which it is asserted.

8.4 Severability. If any provision of this EULA is found illegal or
unenforceable, it will be enforced to the maximum extent
permissible, and the legality and enforceability of the other
provisions of this EULA will not be affected.

8.5 Governing Law. This EULA will be governed by California law and
the United States of America, without regard to its choice of law
principles. The United Nations Convention for the International
Sale of Goods shall not apply.

8.6 Government Restrictions. You may not export or re-export the Soft-
ware except in compliance with the United States Export
Administration Act and the related rules and regulations and
similar non-U.S. government restrictions, if applicable. The
Software and accompanying documentation are deemed to be
"commercial computer software" and "commercial computer software
documentation," respectively, pursuant to DFAR Section 227.7202 and
FAR Section 12.212(b), as applicable. Any use, modification,
reproduction, release, performing, displaying, or disclosing of the
Software by the U.S. Government shall be governed solely by the
terms of this EULA.

8.7 Contact Information. If you have any questions about this EULA, or
if you want to contact VMware for any reason, please direct all
correspondence to: VMware, Inc., 3401 Hillview Avenue, Palo Alto,
CA 94304, United States of America or email [email protected].

8.8 Other. VMware and VMTN are trademarks and/or registered trademarks
of VMware, Inc. in the United States and/or various jurisdictions.


9. SOFTWARE PRODUCT SPECIFIC TERMS AND CONDITIONS

In addition to the above, the following Software products shall also be
subject to the following terms and conditions set forth below. In the
event of any conflict between the following product-specific terms and
conditions and the preceding sections, the product-specific terms and
conditions shall control.

9.1 VMware Server:
(a) Additional Definitions:
"Redistributable Components" means the Programming API library that may
be provided in conjunction with the Software and licensed under the
Redistributable Components product specific terms and conditions.
"VirtualCenter Server Software" is a proprietary component of the
Software which includes, without limitation, the management agent
software that is installed on each managed Server and a proprietary Web
Service Interface.
"VMware Virtual Infrastructure Client Software" is a proprietary client
component of the Software that provides the user interface and enables
management of the Software.
"VMware WebAccess" is a proprietary component that provides console
access to and management of Virtual Machines created with the Software.
"Web Service Interface" means a programmatic interface to perform
management operations on Servers that are activated for management by
the VirtualCenter Server Software through software programs written by
you or a third party.
(b) Additional License Terms:
VMware grants you a nonexclusive, nontransferable license, without
rights to sublicense, to (i) install or have installed a single instance
of the Software and each Licensed Additional Module on a single Server,
unless permitted by VMware to have multiple instances on a single Server
or to have multiple instances on multiple Servers; (ii) use the Software
and each Licensed Additional Module solely for information processing
and computing purposes, including the hosting of computer application-
based services from a Virtual Machine and provision of such services via
an internal or external network, provided such services may not consist
of services to a third party that provide primarily computing or
processing power (such as utility computing or grid computing) or any
computer application-based service that is traded, rented, leased or
sold on a Virtual Machine basis; and (iii) use and reproduce the VMware
Virtual Infrastructure Client Software or VMware WebAccess (in object
code form only) for the purposes of installation and operation on an
unlimited number of your own internal computers or terminals solely for
the purpose of accessing the Server on which the Software is installed;
(iv) internally use and reproduce the Redistributable Components to
create programs that interface with the Redistributable Components to
manage Virtual Machines ("Your Management Programs"); and (v) internally
use Your Management Programs solely for the purpose of managing Virtual
Machines operated on VMware software products installed on your own
internal Servers and computers. Subject to the above, each copy of the
Software may not be used by any other person, whether or not such person
is employed by or otherwise associated with your entity.
Distributing the Software. VMware Server is intended for your personal
non-commercial use only. If you are interested in distributing the
Software for internal or external use, promotion, review or as part of a
solution, please apply now at http://www.vmware.com/go/distribution.





Do you accept? (yes/no)yes

Thank you.

The bld-2.6.18-8.el5-i686smp-RHEL5 - vmmon module loads perfectly into the
running kernel.

The bld-2.6.18-8.el5-i686smp-RHEL5 - vmci module loads perfectly into the
running kernel.

The bld-2.6.18-8.el5-i686smp-RHEL5 - vsock module loads perfectly into the
running kernel.

Do you want networking for your virtual machines? (yes/no/help) [yes]

Configuring a bridged network for vmnet0.

Please specify a name for this network.
[Bridged]

The following bridged networks have been defined:

. vmnet0 is bridged to eth0

All your ethernet interfaces are already bridged.

Do you want to be able to use NAT networking in your virtual machines? (yes/no)
[yes]

Configuring a NAT network for vmnet8.

Please specify a name for this network. [NAT]

Do you want this program to probe for an unused private subnet? (yes/no/help)
[yes]

Probing for an unused private subnet (this can take some time)...

The subnet 172.16.201.0/255.255.255.0 appears to be unused.

The following NAT networks have been defined:

. vmnet8 is a NAT network on private subnet 172.16.201.0.

Do you wish to configure another NAT network? (yes/no) [no]

Do you want to be able to use host-only networking in your virtual machines?
[yes]

Configuring a host-only network for vmnet1.

Please specify a name for this network.
[HostOnly]

Do you want this program to probe for an unused private subnet? (yes/no/help)
[yes]

Probing for an unused private subnet (this can take some time)...

The subnet 172.16.127.0/255.255.255.0 appears to be unused.

The following host-only networks have been defined:

. vmnet1 is a host-only network on private subnet 172.16.127.0.

Do you wish to configure another host-only network? (yes/no) [no]

The bld-2.6.18-8.el5-i686smp-RHEL5 - vmnet module loads perfectly into the
running kernel.

Please specify a port for remote connections to use [902]

Please specify a port for standard http connections to use [8222]

Please specify a port for secure http (https) connections to use [8333]

The current administrative user for VMware Server is ''. Would you like to
specify a different administrator? [no]

Using root as the VMware Server administrator.

In which directory do you want to keep your virtual machine files?
[/var/lib/vmware/Virtual Machines] /Virtual

Please enter your 20-character serial number.

Type XXXXX-XXXXX-XXXXX-XXXXX or 'Enter' to cancel: A0N4M-FYL2T-UF3FM-4K135

Creating a new VMware VIX API installer database using the tar4 format.

Installing VMware VIX API.

In which directory do you want to install the VMware VIX API binary files?
[/usr/bin]

In which directory do you want to install the VMware VIX API library files?
[/usr/lib/vmware-vix/lib]

The path "/usr/lib/vmware-vix/lib" does not exist currently. This program is
going to create it, including needed parent directories. Is this what you want?
[yes]

In which directory do you want to install the VMware VIX API document pages?
[/usr/share/doc/vmware-vix]

The path "/usr/share/doc/vmware-vix" does not exist currently. This program is
going to create it, including needed parent directories. Is this what you want?
[yes]

The installation of VMware VIX API 1.6.2 build-203138 for Linux completed
successfully. You can decide to remove this software from your system at any
time by invoking the following command: "/usr/bin/vmware-uninstall-vix.pl".

Enjoy,

--the VMware team

Starting VMware services:
Virtual machine monitor [ OK ]
Virtual machine communication interface [ OK ]
VM communication interface socket family: [ OK ]
Virtual ethernet [ OK ]
Bridged networking on /dev/vmnet0 [ OK ]
Host-only networking on /dev/vmnet1 (background) [ OK ]
DHCP server on /dev/vmnet1 [ OK ]
Host-only networking on /dev/vmnet8 (background) [ OK ]
DHCP server on /dev/vmnet8 [ OK ]
NAT service on /dev/vmnet8 [ OK ]
VMware Server Authentication Daemon (background) [ OK ]
Shared Memory Available [ OK ]
Starting VMware management services:
VMware Server Host Agent (background) [ OK ]
VMware Virtual Infrastructure Web Access
Starting VMware autostart virtual machines:
Virtual machines [ OK ]

The configuration of VMware Server 2.0.2 build-203138 for Linux for this
running kernel completed successfully.

#

tuzzy92 at 22:26����Permalink����Comments(0)���� ����Other | LINUX

2010������11·���01������

mail from smartd �������½������3����

¹¹������������𡯏�����

--------------------- Smartd Begin ------------------------

Currently unreadable (pending) sectors detected:
/dev/hdd - 48 Time(s)
2 unreadable sectors detected

Offline uncorrectable sectors detected:
/dev/hdd - 48 Time(s)
4 offline uncorrectable sectors detected

---------------------- Smartd End -------------------------

tuzzy92 at 19:45����Permalink����Comments(0)���� ����TROUBLE | LINUX

2010������10·���12������

mail from smartd �������½������2����

������𡯏�����

--------------------- Smartd Begin ------------------------


Currently unreadable (pending) sectors detected:
/dev/hdd - 48 Time(s)
2 unreadable sectors detected

Offline uncorrectable sectors detected:
/dev/hdd - 48 Time(s)
3 offline uncorrectable sectors detected

---------------------- Smartd End -------------------------

tuzzy92 at 01:14����Permalink����Comments(0)���� ����TROUBLE | LINUX

2010������10·���11������

½Ð�����������������������򏪿³(����������)���̏���̏��«������������������

������¾��⡭�����­½��������²½+²¼µ­¼���¹��ԏ�����OK
���µ���������䏪���ӏ���̏����Џ�������¡�
���������������«½Ð�����������������������򏪿³(����������)���̏���̏��«�������������������«�돫������ӏ�����²���

������­�����⏢�������·�����ď�����\������¼\���
body NG_WORD_J /\=P2q\$\$7O/
describe NG_WORD_J Contains NG word
score NG_WORD_J 2.0

���libiconv
# wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.13.tar.gz
# wget http://www2d.biglobe.ne.jp/~msyk/software/libiconv/libiconv-1.13-ja-1.patch.gz

# tar xvfz libiconv-1.13.tar.gz
# gunzip libiconv-1.13-ja-1.patch.gz
# cd libiconv-1.13 ; pwd
# patch -p1 < ../libiconv-1.13-ja-1.patch
# ./configure && make && make install

���mecab
# wget http://jaist.dl.sourceforge.net/sourceforge/mecab/mecab-0.98.tar.gz
# tar xvfz mecab-0.98.tar.gz
# cd mecab-0.98 ; pwd
# ./configure --with-charset=utf8 && make && make install

# wget http://downloads.sourceforge.net/mecab/mecab-ipadic-2.7.0-20070801.tar.gz?use_mirror=jaist
# tar xvzf mecab-ipadic-2.7.0-20070801.tar.gz
# cd mecab-ipadic-2.7.0-20070801 ; pwd
# ./configure --with-charset=utf-8 && make && make install

# mecab
µ���¼��ҏ�����µ­¼��ԏ���µ\¼��ӏ�����µ��¼��ҏ��¹������
µ���¼��� ���¾»���,�돫�������,*,*,*,*,µ���¼���,\­\·\���,\­\·\���
������ ½���»���,����񏪤���²½,*,*,*,*,������,\���,\���
µ­¼��� ���¾»���,�돫�������,*,*,*,*,µ­¼���,\­\·\���,\­\·\���
���� ½���»���,³���½���»���,�돫�������,*,*,*,����,\��,\��
µ\¼��� ���¾»���,�돫�������,*,*,*,*,µ\¼���,\­\·\���,\­\·\���
������ ½���»���,³���½���»���,�돫�������,*,*,*,������,\���,\���
µ��¼��� ���¾»���,\µ�����Џ����䏪�³,*,*,*,*,µ��¼���,\­\·\���,\­\·\���
���¹������ �����»���,¼«����,*,*,\µ�����Џ���\¹\���,����Ï�����·���,���¹������,\¹\���,\¹\���

# mecab -O wakati
µ���¼��ҏ�����µ­¼��ԏ���µ\¼��ӏ�����µ��¼��ҏ��¹������
µ���¼��� ������ µ­¼��� ���� µ\¼��� ������ µ��¼��� ���¹������
���¹���������������������������������������������������������Ï�����
���¹������������ ������ ������������ ������ ������������ ������ �����Ï�����

���Text::MeCab
�� Devel::CheckLib(cpan)
# echo "/usr/local/lib" >> /etc/ld.so.conf
# ldconfig

# wget http://ftp.yz.yamagata-u.ac.jp/pub/lang/cpan/authors/id/D/DM/DMAKI/Text-MeCab-0.20010.tar.gz
# tar xvzf Text-MeCab-0.20010.tar.gz
# cd Text-MeCab-0.20010 ; pwd
# perl Makefile.PL && make && make install

���spamassassin
��Digest::SHA1(cpan)
��HTML::Parser(cpan)
��Net::DNS (cpan)

# wget http://www.meisei-u.ac.jp/mirror/apache/dist/spamassassin/source/Mail-SpamAssassin-3.2.5.tar.gz
# wget http://spamassassin.jp/download/sa3.2/spamassassin-3.2.5-ja-test1.patch

# tar xvfz Mail-SpamAssassin-3.2.5.tar.gz
# cd Mail-SpamAssassin-3.2.5 ; pwd
# patch -p1 < ../spamassassin-3.2.5-ja-test1.patch
# perl Makefile.PL && make && make install

��������Ώ�����
# cd /etc/mail/spamassassin ; pwd
# echo "normalize_charset 1" >> local.cf

# wget http://spamassassin.jp/download/sa3.2/tokenizer.pre
# vi tokenizer.pre
²¼µ­\³\���\���\���\��\���\���
loadplugin Mail::SpamAssassin::Plugin::Tokenizer::MeCab

���·���²���(�돫������ԏ������ď��)
pts rule name description
---- ---------------------- --------------------------------------------------
2.0 NG_WORD_J BODY: Contains NG word

tuzzy92 at 05:38����Permalink����Comments(0)���� ����MAIL | SPAMASSASSIN

2010������09·���29������

mail from smartd

�����������̏����ď�����������������\���\���\»���¼\���

���µ������������²��ď�����»����������«����

--------------------- Smartd Begin ------------------------


Currently unreadable (pending) sectors detected:
/dev/hdd - 48 Time(s)
2 unreadable sectors detected

Offline uncorrectable sectors detected:
/dev/hdd - 48 Time(s)
2 offline uncorrectable sectors detected

---------------------- Smartd End -------------------------

tuzzy92 at 00:17����Permalink����Comments(0)���� ����TROUBLE | LINUX

2010������08·���23������

�돪�»���¼���»��Ï��µ���������������� (spamassassin���spamd)

procmail\���\�돢���ҏ����������������ď��������������������¡�­µ­½��ҏ��̏���

[22780] warn: spamassassin: killed by SIGPIPE
[11407] warn: spamassassin: killed by SIGPIPE
[14747] warn: spamassassin: killed by SIGPIPE
[15257] warn: spamassassin: killed by SIGPIPE
[15469] warn: spamassassin: killed by SIGPIPE

����������㏢����������spamassassin����²��ď��������«���������򏪿³(DB����������²½����½���������»��Џ�����\���\���\��������ԏ��­����)������
�����ӏ���������������������������������������������������������������¡�

���³�������½¾�����µ������­������������\���\��\���\���������������\������¼\���������0\Ð\���\���������\���\���\���\���(����������������������ޏ�����������������»���)������
²½���·���������·�����������Ï������³�����������������������돢������¡�

����Џ��������쏢����������돩̏��̏����ԏ�����������������������¡����������������������я��н����������������«�����ӏ����ď�������������������¡�
»���������½��������ӏ��������·���������³������������������»��������Џ��·������������������spamassassin���«������spamd�����������⏢������������𡯏����������Ώ����ď�¡�

���\������¼\��/\��\������¼\�ߏ�돫�����
# pw useradd spamd -d /dev/null -s /dev/null
# id spamd ; finger spamd

Login: spamd Name: User Spamd
Directory: /dev/null Shell: /dev/null
Never logged in.
No Mail.
No Plan.

���µ�������돪���Ώ�����
# mkdir -p /usr/local/spamassassin/supervise/spamassassin
# cd /usr/local/spamassassin/supervise/spamassassin ; pwd
# chmod +t .
# mkdir -p log/main
# touch log/status
# chown logadmin:logadmin log/main log/status

# vi /usr/local/spamassassin/supervise/spamassassin/run
==========
#!/bin/sh

PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin
export PATH

exec env - PATH=$PATH \
spamd -u spamd -g spamd \
-m5 --ipv4only --syslog=stder 2>&1
==========

# vi /usr/local/spamassassin/supervise/spamassassin/log/run
==========
#!/bin/sh
exec setuidgid logadmin multilog t s1000000 n100 ./main
==========

# chmod 755 run log/run

���spamassassin ��� spamd�����Ώ�����
��user/group����spamd����������������������¹¹���̏���̏����
# chmod 770 /home/user/.spamassassin
# chgrp -R spamd /home/user/.spamassassin/
# chmod g+wr /home/user/.spamassassin/*

���.procmailrc ������¹¹

:0fw: spamassassin.lock
| /usr/local/bin/spamassassin

��­

:0fw: spamassassin.lock
| /usr/local/bin/spamc

���µ��������
# ln -s /usr/local/spamassassin/supervise/spamassassin /service/spamassassin

���·���Ð������������������»��ҏ����ҏ��«�����������Ώ�����������


tuzzy92 at 04:11����Permalink����Comments(2)���� ����MAIL | SPAMASSASSIN

2010������08·���17������

rsync����������������������������������������\���\��\·\���\��я����ҏ���������������²��������¡돫�������

���½�������¾������ --inplace

# man rsync | grep inplace
--inplace update destination files in-place

�돪؏��������
\���\���\���\���������������ď�������¡돫������ԏ���̏����ҏ�����¹¹���¹������¾���¹�����������¡����䏪���쏢����\���\���\���\������������¾������½��Џ��­¹��Џ����я��������·�����������Ï��³������������»���¼����¡��³������\���\��\·\���\��я��̏��µ������¾���¹�����¡�돫�»���\���\���\���\��������ҏ�돫��������������돪����·���������«�����������ӏ��­��¹��𡯏�������¡�\���\�̏���ޡ돪�������µ��Ï�����������\���\���\���\���������\Ð\���\���\��\���\�ߏ��¹������¾���¹�������������̏�ď�䏢¡�

��http://omake.accense.com/wiki/LinuxBackupScript �������������돫⏪����

tuzzy92 at 03:59����Permalink����Comments(0)���� ����Other 

2010������08·���16������

procmail ½��������\������¼\�����돫�½���

.procmailrc ������������²���

# Duplication Mail
:0 Wh: msgid.lock
| formail -D 8192 msgid.cache

W:\���\��\���\���/\��\���\��\���\���������½��쏪�»�����ҏ����ԏ����������ӏ�����������������\���\��\���\���(\��\������¼\���\���\»���¼\��������ҏ����ӏ��µ������������)
h:¾���·���������\���\���\������·������\������¼\���������action�����������������(\���\���\���\���\���)

formail:msgid.cache������������������\���\���\���\���������¼��؏�ď��·������Message-ID�����ҏ����Ώ����Џ��·��¡񏩡�ޡ돫�Message-ID������»�������\������¼\������̏��������µ���������������­�����ď���������������Џ��¹������
-D 8192:msgid.cache������8192\Ð\���\��������������������Ώ����Џ��¹������

�����������Ώ�����������msgid.cache����½Ð����������������������������������³���������·������

$ file msgid.cache
msgid.cache: data
$

strings ��������������ď�������ҏ��«���������������������������������叢����������

tuzzy92 at 23:55����Permalink����Comments(0)���� ����MAIL | Other

2010������07·���31������

google apps (standard)���������Ð�����ď��·�����������Ώ����ď�¡� ~���½������3~

google apps (standard)�����������Ώ��������������­����������������
����\������¼\���
����\«\���\���\������¼
����\���\­\���\���\���\���
����\µ\���\���
������4¼�������

\���\���\���\���\���������URL������
https://docs.google.com/a/\���\���\���\��я��¾
���������ޏ��������½�����я����������я�����������������������������������������¡�

������������»��ӏ�����\«\¹\���\���URL���������Ώ�����

���ӡ����������²�����������¡ߡ�쏢��\µ���¼\���\¹���������Ώ�������¡ߡ�쏢��\������¼\�����¡�
����\���\��\���\��\���\���\¹��¡ߡ�쏢��URL�����ҏ�����¹¹��¡�
������¹\���­������\µ\���\���\���\���\��я����ҏ��Ð������

���½���·������NS���������Ώ�����
��bind�����Ώ���������
**** IN CNAME ghs.google.com.

�돪�²¼·«�����������ӏ��·

������http://\µ\���\���\���\���\���/������������\���\��\���\���²������½

tuzzy92 at 01:13����Permalink����Comments(0)���� ����GOOGLE 

2010������07·���28������

google apps (standard)���������Ð�����ď��·�����������Ώ����ď�¡� ~���½������2~

���­������²½�����¡돪�\���\���\���\���½������­���������³���������«��������ď��»��С����

MX�������Ð�����ď����ҏ��·�����������������������������������ď������������·�����������Ώ����ď�¡�

��bind�����Ώ���������

IN MX 10 ASPMX.L.GOOGLE.COM.
IN MX 20 ALT1.ASPMX.L.GOOGLE.COM.
IN MX 20 ALT2.ASPMX.L.GOOGLE.COM.
IN MX 30 ASPMX2.GOOGLEMAIL.COM.
IN MX 30 ASPMX3.GOOGLEMAIL.COM.
IN MX 30 ASPMX4.GOOGLEMAIL.COM.
IN MX 30 ASPMX5.GOOGLEMAIL.COM.

�돪�²¼google���«������������\���\���\»���¼\���

������µ��ҏ�����������\���\���\���\��я����� MX \���\³���¼\���������³���������·���������������������¹��¡� ���돪�»���¹������������������������ 48 »��С���ӏ����̏����㏢�«���«���������³���������̏����������������¹��¡�

Google ������\µ���¼\Ð���¼������\��\���\��\������¼\������·���������������������¹... ���돪�»������������������ 1 »��С���ӏ����̏����㏢�«���«���������³���������̏����������������¹��¡�
\������¼\�����¼����\������¼\���������»��������Џ��������­�����������������Ï�¡�Google ������\µ���¼\Ð���¼������¹¹���·���·���������������������¹��¡�

\������¼\���- »��������Џ�����

���������­�����ď�����

���������­�����ď��ޏ��������µ������²��ď��·�����������Ï��폢�폢��



tuzzy92 at 02:24����Permalink����Comments(0)���� ����GOOGLE 

2010������07·���27������

google apps (standard)���������Ð�����ď��·�����������Ώ����ď�¡�

¹\����Џ�ġ����«������

1)²¼µ­URL���������������½���·¹��Џ�����
http://www.google.com/apps/intl/ja/group/index.html

2)³������������\������¼\������̏�����������

3)�����������\³\���\���\������¼\���\���\���\���������\���\��\���\���

4)���­������²½�����¡돪�\���\���\���\���½������­���������³������(CNAME���Ð������)
����BIND���������������Ώ���������
googleffffffff****** IN CNAME google.com.

5)google³������������ : ��«���������������³���³
\���\���\���\��я�����½������­��������� Google ������³���������������������¹��¡򡭡돪�»���¹������������������������ 48 »��С���ӏ����̏����㏢�«���«���������³���������̏����������������¹��¡�

���³���­������������½µ����

tuzzy92 at 23:17����Permalink����Comments(0)���� ����GOOGLE 

2010������07·���26������

LVM������»����·�����������Ώ�����

�����叢���я����������������ď�ԏ�����HDD������\¹\���\������¼\�������������������»��ӏ����ҏ��·�����ď��«�����������ď������������̏�����¡�


���\��Џ��¼\���\��\·\���\���¾��؏�����
Disk /dev/hdd: 300.0 GB, 300090728448 bytes
255 heads, 63 sectors/track, 36483 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot Start End Blocks Id System
/dev/hdd1 1 36483 293049666 8e Linux LVM

���PV(�����쏪����\���\���\������¼\���)��돫�����
# pvcreate /dev/hdd1
# pvdisplay
--- Physical volume ---
PV Name /dev/hdd1
VG Name HDD
PV Size 279.47 GB / not usable 1.31 MB
Allocatable yes
PE Size (KByte) 4096
Total PE 71545
Free PE 7545
Allocated PE 64000
PV UUID XOzpWn-3cZr-KqDr-4Cmx-U0sz-6FLR-B3LKfX

���VG(\���\���\������¼\���\��\������¼\��)��돫�����
# vgcreate HDD /dev/hdd1
# vgdisplay
--- Volume group ---
VG Name HDD
System ID
Format lvm2
Metadata Areas 1
Metadata Sequence No 3
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 2
Open LV 1
Max PV 0
Cur PV 1
Act PV 1
VG Size 279.47 GB
PE Size 4.00 MB
Total PE 71545
Alloc PE / Size 64000 / 250.00 GB
Free PE / Size 7545 / 29.47 GB
VG UUID FYDF2B-VzfF-IlS8-QG1f-O0m0-VTOC-GFwmuC

���LV(������������\���\���\������¼\���)��돫�����
# lvcreate -n MEDIA --size 5G HDD
# lvcreate -n BACKUP --size 200G HDD

# lvdisplay
--- Logical volume ---
LV Name /dev/HDD/MEDIA
VG Name HDD
LV UUID Yk1s2d-CTbG-39vq-RItQ-Cqmp-vhK5-dwrU6B
LV Write Access read/write
LV Status available
# open 1
LV Size 5.00 GB
Current LE 1280
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 253:0

--- Logical volume ---
LV Name /dev/HDD/BACKUP
VG Name HDD
LV UUID Qwtp5z-G2cY-SWP4-u7I7-5BYt-TZZX-A2esD3
LV Write Access read/write
LV Status available
# open 1
LV Size 200.00 GB
Current LE 51200
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 253:1

���\���\���\���\���\·\¹\���\�����돩�������������\���\���\���\���
# mkfs.ext3 /dev/HDD/MEDIA
# mkfs.ext3 /dev/HDD/BACKUP

# mkdir /MEDIA
# mkdir /BACKUP

# mount -t ext3 /dev/HDD/MEDIA /MEDIA
# mount -t ext3 /dev/HDD/BACKUP /BACKUP

��fstab
/dev/HDD/MEDIA /MEDIA ext3 defaults 1 2
/dev/HDD/BACKUP /BACKUP ext3 defaults 1 2

���³������\(5G���10G) ��\���\���\���\���\���OK
# lvextend -L +5G /dev/HDD/MEDIA
Extending logical volume MEDIA to 10.00 GB
Logical volume MEDIA successfully resized

# resize2fs /dev/HDD/MEDIA 10G
resize2fs 1.39 (29-May-2006)
Filesystem at /dev/HDD/MEDIA is mounted on /MEDIA; on-line resizing required
Performing an on-line resize of /dev/HDD/MEDIA to 2621440 (4k) blocks.
The filesystem on /dev/HDD/MEDIA is now 2621440 blocks long.

# lvdisplay
--- Logical volume ---
LV Name /dev/HDD/MEDIA
VG Name HDD
LV UUID Yk1s2d-CTbG-39vq-RItQ-Cqmp-vhK5-dwrU6B
LV Write Access read/write
LV Status available
# open 1
LV Size 10.00 GB
Current LE 2560
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 253:0

--- Logical volume ---
LV Name /dev/HDD/BACKUP
VG Name HDD
LV UUID Qwtp5z-G2cY-SWP4-u7I7-5BYt-TZZX-A2esD3
LV Write Access read/write
LV Status available
# open 1
LV Size 200.00 GB
Current LE 51200
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 253:1

���½���¾���(10G���5G) ��\���\���\���\���\��я�����������������
# umount /MEDIA/
# resize2fs /dev/HDD/MEDIA 5G
resize2fs 1.39 (29-May-2006)
Please run 'e2fsck -f /dev/HDD/MEDIA' first.

# e2fsck -f /dev/HDD/MEDIA
e2fsck 1.39 (29-May-2006)
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking directory structure
Pass 3: Checking directory connectivity
Pass 4: Checking reference counts
Pass 5: Checking group summary information
/dev/HDD/MEDIA: 97/1310720 files (63.9% non-contiguous), 149272/2621440 blocks
# resize2fs /dev/HDD/MEDIA 5G
resize2fs 1.39 (29-May-2006)
Resizing the filesystem on /dev/HDD/MEDIA to 1310720 (4k) blocks.
The filesystem on /dev/HDD/MEDIA is now 1310720 blocks long.

#

# lvreduce -L 5G /dev/HDD/MEDIA
WARNING: Reducing active logical volume to 5.00 GB
THIS MAY DESTROY YOUR DATA (filesystem etc.)
Do you really want to reduce MEDIA? [y/n]: y
Reducing logical volume MEDIA to 5.00 GB
Logical volume MEDIA successfully resized
#

# lvdisplay
--- Logical volume ---
LV Name /dev/HDD/MEDIA
VG Name HDD
LV UUID Yk1s2d-CTbG-39vq-RItQ-Cqmp-vhK5-dwrU6B
LV Write Access read/write
LV Status available
# open 0
LV Size 5.00 GB
Current LE 1280
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 253:0

--- Logical volume ---
LV Name /dev/HDD/BACKUP
VG Name HDD
LV UUID Qwtp5z-G2cY-SWP4-u7I7-5BYt-TZZX-A2esD3
LV Write Access read/write
LV Status available
# open 1
LV Size 200.00 GB
Current LE 51200
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 253:1

#

# mount -t ext3 /dev/HDD/MEDIA /MEDIA/

tuzzy92 at 21:42����Permalink����Comments(0)���� ����Other | LINUX

2010������06·���22������

µ�ߏ��·�����ӏ�����������LVS�����Ώ��������·�����ď�����������������������������»���

��򏢱µ������µ­½���
virtual=192.168.11.200:80
real=192.168.11.71:80 gate 1
real=192.168.11.72:80 gate 1
scheduler=wrr
protocol=tcp

# /etc/init.d/ldirectord status
Error [10079] reading file /etc/ha.d/ldirectord.cf at line 8: Unknown command real=192.168.11.71:80 gate 1

��ha-log(��������)
ResourceManager[4859]: 2010/06/22_18:57:32 ERROR: Return code 2 from /etc/ha.d/resource.d/ldirectord


���½������µ(\���\��ӏ�����²���)
virtual=192.168.11.200:80
[tab]real=192.168.11.71:80 gate 1
[tab]real=192.168.11.72:80 gate 1
[tab]scheduler=wrr
[tab]protocol=tcp

²���·���
����돢�«���������³�����Ï����������������ď��������ޏ���



tuzzy92 at 19:49����Permalink����Comments(0)���� ����������²��㏪���»�� | LINUX

2010������04·���21������

VMware+FreeBSD

VMware+FreeBDS

���������¼���«NTP����ޡ���䏢��¼�����������������������¡��������������«date\���\���������������������������¡�
���½�����я�����¼«����̏�����loader.conf

����WMware
http://www.vmware.com/jp/

/boot/loader.conf��������­������µ­
kern.hz=100

���µ»��ӏ���ޡ���䏢��¼��������������ď�¡�

# uname -a
FreeBSD v-web02.localhost 7.3-RELEASE FreeBSD 7.3-RELEASE #0: Sun Mar 21 06:15:01 UTC 2010 [email protected]:/usr/obj/usr/src/sys/GENERIC i386

# ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
*192.168.11.1 130.69.251.23 2 u 3 64 377 0.295 -0.139 0.719
#

tuzzy92 at 03:26����Permalink����Comments(0)���� ����Other 

2010������04·���20������

zabbix����½�������䏪���Ώ����������ԏ���

����zabbix������¼��HP
http://www.zabbix.com/

����zabbix�����я�����¼��HP
http://www.zabbix.jp/


001

²��ď�����¹�����𡯏����돢��������¼���������¡�


002

����I agree��¡ߏ�����\���\��\���\������·����������¼���������¡�


003

���������������ok��¡ߏ���������������³���������·����������¼���������¡�


004

����Test cennection��¡ߏ�����\���\���\���\������·����������ok��¡ߏ���������������¼���������¡�


005

\���\���\���\���\�����������������������¼���������¡�


006

³���������·����������¼���������¡�


007

����Configuration file: ok��¡ߏ�����³���������·����������¼���������¡�


008

���돪�»���쏢���쏪�������������������������·�����ď�¡�

tuzzy92 at 01:25����Permalink����Comments(0)���� ���������»��� | LINUX

2010������04·���18������

zabbix����\�����¼\���\��\���\��������ԏ���

����zabbix������¼��HP
http://www.zabbix.com/

����zabbix�����я�����¼��HP
http://www.zabbix.jp/

���\���\���\¹\������¼\���������������(CentOS FreeBSD����Ï�����)
# wget http://prdownloads.sourceforge.net/zabbix/zabbix-1.6.9.tar.gz
# tar xvfz zabbix-1.6.9.tar.gz
# cd zabbix-1.6.9 ; pwd
# ./configure --prefix=/usr/local/zabbix --enable-agent && make
# make install

���CentOS
���\��\«\���\���\�����돫�����
# useradd zabbix -d /usr/local/zabbix -s /sbin/nologin

��Ï����Ώ�����
# cp -ip /usr/local/src/zabbix-1.6.9/misc/conf/zabbix_agentd.conf /usr/local/zabbix/etc/zabbix_agent.conf
# vi /usr/local/zabbix/etc/zabbix_agent.conf

Server=127.0.0.1(\������¼\«\���������¾���¹���)
Server=192.168.11.61(\���\������¼\���������¾���¹���)
Timeout=3
PidFile=/usr/local/zabbix/var/run/zabbix_agent.pid
LogFile=/usr/local/zabbix/var/log/zabbix_agent.log

# mkdir -p /usr/local/zabbix/var/run/
# mkdir /usr/local/zabbix/var/log
# chown -R zabbix:zabbix /usr/local/zabbix/var

���µ��������\¹\���\���\��\���
# cp -ip /usr/local/src/zabbix-1.6.9/misc/init.d/fedora/core/zabbix_agentd /etc/init.d/.
# vi /etc/init.d/zabbix_agentd

# diff /usr/local/src/zabbix-1.6.9/misc/init.d/fedora/core/zabbix_agentd /etc/init.d/.
19c19
< BASEDIR=/opt/zabbix
---
> BASEDIR=/usr/local/zabbix
25c25,28
< FULLPATH=$BASEDIR/bin/$BINARY_NAME
---
> FULLPATH=$BASEDIR/sbin/$BINARY_NAME
>
> # Conf file
> CONFFILE=$BASEDIR/etc/zabbix_agent.conf
28c31
< PIDFILE=/var/tmp/$BINARY_NAME.pid
---
> PIDFILE=$BASEDI/var/run/$BINARY_NAME.pid
68c71
< action $"Starting $BINARY_NAME: " $FULLPATH
---
> action $"Starting $BINARY_NAME: " $FULLPATH -c $CONFFILE

# chkconfig --add zabbix_agentd
# chkconfig zabbix_agentd on
# chkconfig --list zabbix_agentd
zabbix_agentd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
#

���FreeBSD
���\��\«\���\���\�����돫�����
# pw useradd zabbix -d /usr/local/zabbix -s /sbin/nologin

��Ï����Ώ�����
# mkdir /etc/zabbix
# vi /etc/zabbix/zabbix_agentd.conf
# cat /etc/zabbix/zabbix_agentd.conf
Server=192.168.11.61
Timeout=3
PidFile=/usr/local/zabbix/var/run/zabbix_agent.pid
LogFile=/usr/local/zabbix/var/log/zabbix_agent.log

# mkdir -p /usr/local/zabbix/var/run/
# mkdir /usr/local/zabbix/var/log
# chown -R /usr/local/zabbix/var

���µ��������\¹\���\���\��\���
# cp -ip /usr/local/src/zabbix-1.6.9/misc/init.d/freebsd/zabbix_agentd /usr/local/etc/rc.d/zabbix_agentd
# cat /usr/local/etc/rc.d/zabbix_agentd

#!/bin/sh

. /etc/rc.subr

name="zabbix_agentd"
load_rc_config ${name}
rcvar=`set_rcvar`
command="${prefix:-"/usr/local/zabbix"}/sbin/${name}"

run_rc_command "$1"

tuzzy92 at 23:55����Permalink����Comments(0)���� ���������»��� | LINUX

2010������04·���14������

zabbix����\µ���¼\Ð�����ԏ���

Xymon�����ҏ����䏪���ӏ��·��������������������ď��\«·�����
���ޏ����������쏢����2����䏢����»��������������������ď��³���������������·(���µ�����·���)zabbix������\µ���¼\Ð�����»��������ҏ��·�����������Ώ����ď�¡�

���Ï��ޏ����������쏢���я�����¼��HP
http://www.tbs.co.jp/anime/k-on/
==========

����zabbix������¼��HP
http://www.zabbix.com/

����zabbix�����я�����¼��HP
http://www.zabbix.jp/

���\���\���\¹\������¼\���������������
# pwd
/usr/local/src

# wget http://prdownloads.sourceforge.net/zabbix/zabbix-1.6.9.tar.gz
# tar xvfz zabbix-1.6.9.tar.gz
# cd zabbix-1.6.9 ; pwd
# # ./configure --prefix=/usr/local/zabbix \
--enable-server \
--with-mysql=/usr/local/mysql/bin/mysql_config \
--with-net-snmp=/usr/local/snmpd/bin/net-snmp-config
# make
# make install

���\��\«\���\���\�����돫�����
# useadd zabbix -d /usr/local/zabbix -s /sbin/nologin
# # id zabbix ; finger zabbix
uid=9002(zabbix) gid=9003(zabbix) groups=9003(zabbix)
Login: zabbix Name: (null)
Directory: /usr/local/zabbix Shell: /sbin/nologin
Never logged in.
No mail.
No Plan.

���MySQL¼��Џ�����
# /usr/local/mysql/bin/mysql
> create database zabbix;
> grant all privileges on zabbix.* to zabbixuser@localhost identified by '\���\¹\������¼\���';
> select host,user,password from mysql.user where user = 'zabbixuser';
+-----------+------------+-------------------------------------------+
| host | user | password |
+-----------+------------+-------------------------------------------+
| localhost | zabbixuser | *EB78EF437313CE03C5371F9E2D46CE0CCCFA2245 |
+-----------+------------+-------------------------------------------+

����½��������\������¼\��ď���·¹��Џ�����
# cd create/schema/ ; pwd
/usr/local/src/zabbix-1.6.9/create/schema
# cat mysql.sql | /usr/local/mysql/bin/mysql zabbix

# cd ../data/ ; pwd
/usr/local/src/zabbix-1.6.9/create/data
# cat images_mysql.sql | /usr/local/mysql/bin/mysql zabbix
cat data.sql | /usr/local/mysql/bin/mysql zabbix

���½��ԏ��¹�����Ώ�����
# mkdir /usr/local/zabbix/etc/
# mkdir -p /usr/local/zabbix/var/run/
# mkdir /usr/local/zabbix/var/log

# cp -ip /usr/local/src/zabbix-1.6.9/misc/conf/zabbix_server.conf /usr/local/zabbix/etc/.

# vi /usr/local/zabbix/etc/zabbix_server.conf
# cat /usr/local/zabbix/etc/zabbix_server.conf

SenderFrequency=30
DebugLevel=3
Timeout=5

PidFile=/usr/local/zabbix/var/run/zabbix_server.pid
LogFile=/usr/local/zabbix/var/log/zabbix_server.log
AlertScriptsPath=/usr/local/zabbix/bin

DBName=zabbix
DBUser=zabbixuser
DBPassword=\���\¹\������¼\���
DBSocket=/tmp/mysql.sock

����µ��������\¹\���\���\��\���
# cp -ip /usr/local/src/zabbix-1.6.9/misc/init.d/fedora/core/zabbix_server /etc/init.d/zabbix_server
# vi /etc/init.d/zabbix_server

# diff /usr/local/src/zabbix-1.6.9/misc/init.d/fedora/core/zabbix_server /etc/init.d/zabbix_server
19c19
< BASEDIR=/opt/zabbix
---
> BASEDIR=/usr/local/zabbix
25c25,28
< FULLPATH=$BASEDIR/bin/$BINARY_NAME
---
> FULLPATH=$BASEDIR/sbin/$BINARY_NAME
>
> # Conf file
> CONFFILE=$BASEDIR/etc/zabbix_server.conf
28c31
< PIDFILE=/var/tmp/$BINARY_NAME.pid
---
> PIDFILE=$BASEDIR/var/tmp/$BINARY_NAME.pid
68c71
< action $"Starting $BINARY_NAME: " $FULLPATH
---
> action $"Starting $BINARY_NAME: " $FULLPATH -c $CONFFILE
#

# chkconfig --add zabbix_server
# chkconfig zabbix_server on
# chkconfig --list zabbix_server
zabbix_server 0:off 1:off 2:on 3:on 4:on 5:on 6:off

���apache¼��Џ�����
# mkdir /usr/local/apache2/htdocs/zabbix/
# cp -ipR /usr/local/src/zabbix-1.6.9/frontends/php/* /usr/local/apache2/htdocs/zabbix/.
# vi /usr/local/apache2/htdocs/zabbix/include/db.inc.php

�񡯏�����¹¹������
if(!isset($DB)){
$DB = array();
if(isset($DB_TYPE)) $DB['TYPE'] = "MYSQL" ;
if(isset($DB_SERVER)) $DB['SERVER'] = "localhost" ;
if(isset($DB_PORT)) $DB['PORT'] = "3306" ;
if(isset($DB_DATABASE)) $DB['DATABASE'] = "zabbix" ;
if(isset($DB_USER)) $DB['USER'] = "zabbixuser" ;
if(isset($DB_PASSWORD)) $DB['PASSWORD'] = "\���\¹\������¼\���" ;
}

���³������
http://your.domain/zabbix/index.php

tuzzy92 at 03:21����Permalink����Comments(0)���� ���������»��� | LINUX

2010������03·���01������

Do you need to run 'sa-update'

perl\��\���\��\������¼\������spamassassin��돩�\���\���\¹\������¼\������·�����ď����я��������ޏ�����
�����Ï���������������돢������������������������������������¡�

config: no rules were found! Do you need to run 'sa-update'? at /usr/bin/spamassassin line 403.
procmail: Program failure (255) of "/usr/bin/spamassassin"

sa-update�����������я�����»�����������������������������������������������»�ߏ����������ď��ޏ�����¼�������������돢𡯏�����¼���¹��ԏ��·�����ď�����
pgp���̏����������������������䏢���������������ď�¡�

$ wget ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.10.tar.gz
$ tar xvfz gnupg-1.4.10.tar.gz
$ cd gnupg-1.4.10 ; pwd
$ ./configure && make
$ sudo make install

������\���\���\¹\������¼\������·�����ď�������돩�������¼���¹���

$ sudo sa-update

���µ»��ӏ�����µ�������

tuzzy92 at 03:36����Permalink����Comments(0)���� ����SPAMASSASSIN | TROUBLE

2009������12·���15������

Xymon�����������������������»���(���½������2 \���\���\���\��\���\��������Ώ�����)

��򏢱���¼��HP
����Xymon
http://hobbitmon.sourceforge.net/

���\��\«\���\���\�����돫�����(\·\��\���������»������ď��»����������̏���ߏ��̏��������������«�����������ԏ���������)
# groutadd -g 1000 xymon
# useradd -u 1000 -g 1000 -m -d /usr/local/habbit -s /bin/bash xymon
# passwd xymon

���xymon \���\���\���\��\���\���\���\���\¹\������¼\���
# wget http://downloads.sourceforge.net/project/hobbitmon/hobbitserver/4.2.2/xymon-4.2.2.tar.gz?use_mirror=jaist

# tar xvfz xymon-4.2.2.tar.gz
# cd xymon-4.2.2 ; pwd

��CentOS������¾���¹���
# ./configure --client

��FreeBSD������¾���¹���
# 'MAKE=gmake ./configure.client'

==================================================
Configuration script for Xymon client

This script asks a few questions and builds a Makefile to compile Xymon

Checking your make-utility

Xymon normally keeps all of the client configuration files
on the Xymon server. If you prefer, it is possible to use
a local client configuration file instead - if so, answer
'client' to the next question.
NB: Local configuration requires the PCRE libs on each host.

Server side client configuration, or client side [server] ?

Checking for Large File Support ...
Large File Support OK

What userid will be running Xymon [xymon] ?

Found passwd entry for user xymon:x:1000:1000::/usr/local/xymon:/bin/bash

Where do you want the Xymon installation [/usr/local/xymon] ?

OK, will configure to use /usr/local/xymon as the Xymon toplevel directory

What is the IP-address of your Xymon server [127.0.0.1] ?
192.168.11.73

Using Linux Makefile settings

Created Makefile with the necessary information to build Xymon
Some defaults are used, so do look at the Makefile before continuing.

Configuration complete - now run make (GNU make) to build the tools
==================================================

��CentOS������¾���¹���
# make && make install

��FreeBSD������¾���¹���
# gmake && gmake install

���µ��������\¹\���\���\��\��������Ώ�����
# cp -ip ./rpm/hobbit-client.init /etc/init.d/xymon-client
# chown root:root /etc/init.d/xymon-client
# chmod 755 /etc/init.d/xymon-client
# chkconfig --add xymon-client

# cat /etc/init.d/xymon-client
��½��ԏ��¹������¹¹(���µ���¹������µ��������\¹\���\���\��\������̏��¹���²���¼\���\�ޏ�����������������)

#! /bin/sh
#
# hobbit-client This shell script takes care of starting and stopping
# the hobbit client.
#
# chkconfig: 2345 80 20
# description: hobbit is a network monitoring tool that allows \
# you to monitor hosts and services. This client reports local \
# system statistics (cpu-, memory-, disk-utilisation etc) \
# to the Hobbit server.

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/local/xymon/client/runclient.sh
NAME=xymon
DESC=xymon

test -x $DAEMON || exit 0

CMD="$1"

# Include hobbit-client defaults if available
#DMNOPTS=""
#if [ -f /etc/default/hobbit-client ] ; then
# . /etc/default/hobbit-client
#else
# echo "Installation failure - missing /etc/default/hobbit-client"
# exit 1
#fi

#if [ "$HOBBITSERVERS" = "" ]; then
# echo "Please configure HOBBITSERVERS in /etc/default/hobbit-client"
# exit 1
#fi

#set $HOBBITSERVERS
#if [ $# -eq 1 ]; then
# echo "BBDISP=\"$HOBBITSERVERS\"" >/var/run/hobbitclient-runtime.cfg
# echo "BBDISPLAYS=\"\"" >>/var/run/hobbitclient-runtime.cfg
#else
# echo "BBDISP=\"0.0.0.0\"" >/var/run/hobbitclient-runtime.cfg
# echo "BBDISPLAYS=\"$HOBBITSERVERS\"" >>/var/run/hobbitclient-runtime.cfg
#fi

if [ "$CLIENTHOSTNAME" != "" ]; then
DMNOPTS="${DMNOPTS} --hostname=${CLIENTHOSTNAME}"
fi
if [ "$CLIENTOS" != "" ]; then
DMNOPTS="${DMNOPTS} --os=${CLIENTOS}"
fi

set -e

case "$CMD" in
start)
echo -n "Starting $DESC: "
su -c "$DAEMON $DMNOPTS start" - xymon
echo "$NAME."
;;
stop)
echo -n "Stopping $DESC: "
su -c "$DAEMON stop" - xymon
echo "$NAME."
;;
status)
su -c "$DAEMON status" - xymon
;;
restart)
echo -n "Restarting $DESC: "
su -c "$DAEMON stop" - xymon
su -c "$DAEMON $DMNOPTS start" - xymon
echo "$NAME."
;;
*)
N=/etc/init.d/$NAME
# echo "Usage: $N {start|stop|status|restart}" >&2
echo "Usage: $N {start|stop|status|restart}" >&2
exit 1
;;
esac

exit 0

���\µ���¼\Ð�����Ï����Ώ�����
/usr/local/xymon/server/etc/bb-hosts �������돪�²¼������²���

[ip\��\���\���\¹] [\���\¹\������¾]


tuzzy92 at 20:30����Permalink����Comments(0)���� ���������»��� | LINUX

2009������12·���14������

Xymon�����������������������»���(���½������1 \µ���¼\Ð�����Ώ�����)

��򏢱���¼��HP
����Xymon
http://hobbitmon.sourceforge.net/

����fping
http://www.fping.com/

���fping\���\���\¹\������¼\���
# wget http://fping.sourceforge.net/download/fping.tar.gz
# tar xvfz fping.tar.gz
# cd cd fping-2.4b2_to ; pwd
# ./configure && make && make install

���\��\«\���\���\�����돫�����(\·\��\���������»������ď��»����������̏���ߏ��̏��������������«�����������ԏ���������)
# groutadd -g 1000 xymon
# useradd -u 1000 -g 1000 -m -d /usr/local/habbit -s /bin/bash xymon
# passwd xymon

���xymon\���\���\¹\������¼\���
��What is the IP-address of this host [127.0.0.1] ? ���������ԏ���̡돪�³�돢����\���\���\���\���\���

# wget http://downloads.sourceforge.net/project/hobbitmon/hobbitserver/4.2.2/xymon-4.2.2.tar.gz?use_mirror=jaist
# tar xvzf xymon-4.2.2.tar.gz
# cd xymon-4.2.2 ; pwd
# ./configure

==================================================
Configuration script for Xymon
This script asks a few questions and builds a Makefile to compile Xymon

Checking your make-utility
Checking pre-requisites for building Xymon

Checking for fping ...
Hobbit has a built-in ping utility (hobbitping)
However, it is not yet fully stable and therefore it
may be best to use the external fping utility instead.
I found fping in /usr/local/sbin/fping
Do you want to use it [Y/n] ?
y
Checking to see if '/usr/local/sbin/fping 127.0.0.1' works ...
127.0.0.1 is alive
OK, will use '/usr/local/sbin/fping' for ping tests
NOTE: If you are using an suid-root wrapper, make sure the 'hobbit'
user is also allowed to run fping without having to enter passwords.
For 'sudo', add something like this to your 'sudoers' file:
hobbit: ALL=(ALL) NOPASSWD: /usr/local/sbin/fping

Checking for RRDtool ...
test-rrd.c: In function 'main':
test-rrd.c:30: error: too few arguments to function 'rrd_graph'
make: *** [test-compile] Error 1
Not RRDtool 1.0.x, checking for 1.2.x
Found RRDtool include files in /usr/include
Found RRDtool libraries in /usr/lib

Checking for PCRE ...
Found PCRE include files in /usr/include
Found PCRE libraries in /usr/lib

Checking for OpenSSL ...
Found OpenSSL include files in /usr/local/ssl/include
Found OpenSSL libraries in /usr/local/ssl/lib

Xymon can use the OpenSSL library to test SSL-enabled services
like POP3S, IMAPS, NNTPS and TELNETS. If you have the OpenSSL
library installed, I recommend that you enable this.

Do you want to be able to test SSL-enabled services (y) ?

Checking for LDAP ...
Found LDAP include files in /usr/include
Found LDAP libraries in /usr/lib

Xymon can use your OpenLDAP LDAP client library to test LDAP servers.

Do you want to be able to test LDAP servers (y) ?

Enable experimental support for LDAP/SSL (OpenLDAP 2.x only) (y) ?

Checking for Large File Support ...
Large File Support OK

Setting up for a Xymon server

What userid will be running Xymon [xymon] ?

Found passwd entry for user xymon:x:1000:1000::/usr/local/xymon:/bin/bash

Where do you want the Xymon installation [/usr/local/xymon] ?

OK, will configure to use /usr/local/xymon as the Xymon toplevel directory

What URL will you use for the Xymon webpages [/xymon] ?

Where to put the Xymon CGI scripts [/usr/local/xymon/cgi-bin] ?
(Note: This is the filesystem directory - we will get to the URL shortly)

What is the URL for the Xymon CGI directory [/xymon-cgi] ?
(Note: This is the URL - NOT the filesystem directory)

********************** SECURITY NOTICE ****************************
If your Xymon server is accessible by outsiders, then you should
restrict access to the CGI scripts that handle enable/disable of
hosts, and acknowledging of alerts. The easiest way to do this is
to put these in a separate CGI directory and require a password to
access them.
Even if your Xymon server is on a secured, internal network, you
may want to have some operations (like disabling a host) be password-
protected - that lets you see who disabled or acknowledged an alert.

Where to put the Xymon Administration CGI scripts [/usr/local/xymon/cgi-secure] ?
(Note: This is the filesystem directory - we will get to the URL shortly)

What is the URL for the Xymon Administration CGI directory [/xymon-seccgi] ?
(Note: This is the URL - NOT the filesystem directory)

** Note that you may need to modify your webserver configuration.
** After installing, see /usr/local/xymon/server/etc/hobbit-apache.conf for an example configuration.

To generate Xymon availability reports, your webserver
must have write-access to a directory below the Xymon
top-level directory. I can set this up if you tell me
what group-ID your webserver runs with. This is typically
'nobody' or 'apache' or 'www-data'

What group-ID does your webserver use [nobody] ?
daemon

Where to put the Xymon logfiles [/var/log/xymon] ?

What is the name of this host [v-03.localhost] ?

What is the IP-address of this host [127.0.0.1] ?
192.168.11.73

Where should I install the Xymon man-pages (/usr/local/man) ?

Using Linux Makefile settings

Created Makefile with the necessary information to build Xymon
Some defaults are used, so do look at the Makefile before continuing.

Configuration complete - now run make (GNU make) to build the tools
==================================================

# make && make install

���µ��������\¹\���\���\��\��������Ώ�����
# cp -ip ./rpm/hobbit-init.d /etc/init.d/xymon
# chown root:root /etc/init.d/xymon
# chmod 755 /etc/init.d/xymon

��½��ԏ��¹������¹¹(���µ���¹������µ��������\¹\���\���\��\������̏��¹���²���¼\���\�ޏ�����������������)

# cat /etc/init.d/xymon

#! /bin/sh
#
# hobbit This shell script takes care of starting and stopping
# hobbit(the Hobbit network monitor)
#
# chkconfig: 2345 80 20
# description: hobbit is a network monitoring tool that allows \
# you to monitor hosts and services. The monitor status is available \
# via a webpage.

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/local/xymon/server/hobbit.sh
NAME=xymon
DESC=xymon

test -x $DAEMON || exit 0

# Include hobbit defaults if available
if [ -f /etc/default/hobbit ] ; then
. /etc/default/hobbit
fi

set -e

case "$1" in
start)
echo -n "Starting $DESC: "
su -c "$DAEMON start" - xymon
echo "$NAME."
;;
stop)
echo -n "Stopping $DESC: "
su -c "$DAEMON stop" - xymon
echo "$NAME."
;;
status)
su -c "$DAEMON status" - xymon
;;
reload|force-reload)
echo "Reloading $DESC configuration files."
su -c "$DAEMON reload" - xymon
echo "$NAME."
;;
restart)
echo -n "Restarting $DESC: "
su -c "$DAEMON restart" - xymon
echo "$NAME."
;;
rotate)
echo -n "Rotating logs for $DESC: "
su -c "$DAEMON rotate" - xymon
echo "$NAME."
;;
*)
N=/etc/init.d/$NAME
# echo "Usage: $N {start|stop|status|restart|reload|force-reload}" >&2
echo "Usage: $N {start|stop|status|estart|force-reload}" >&2
exit 1
;;
esac

exit 0

# chkconfig --add xymon

���\���\��\������¼\������¼\��������Ώ�����
# cp -ip ./rpm/hobbit.logrotate /etc/logrotate.d/xymon
# chown root:root /etc/logrotate.d/xymon

��½��ԏ��¹������¹¹(���µ���¹������µ��������\¹\���\���\��\������̏��¹���²���¼\���\�ޏ�����������������)

# cat /etc/logrotate.d/xymon

#
# Logrotate fragment for Hobbit.
#
/var/log/xymon/*.log {
weekly
compress
delaycompress
rotate 5
missingok
nocreate
sharedscripts
postrotate
/etc/init.d/xymon rotate
endscript
}

���apache�����Ώ�����(hobbit-apache.conf������include���¹�����������������Ï����� ����������������̏����ӏ�����������¹¹)
# /usr/local/xymon/server/etc/hobbit-apache.conf /usr/local/apache2/conf/.

���fping½������µ
# chown root:xymon /usr/local/sbin/fping
# chmod 4710 /usr/local/sbin/fping
# ls -l /usr/local/sbin/fping
-rwsr-xr-x 1 root xymon 48835 Dec 14 02:22 /usr/local/sbin/fping

tuzzy92 at 23:55����Permalink����Comments(0)���� ���������»��� | LINUX

2009������12·���08������

lsyncd+rsyncd������������������\���\��\���\���\���\�������ޡ����

��򏪡�돪����
����web\µ���¼\Ð������2������(CentOS5.4/FreeBSD7.2)
���Ï���ޡ���䏢�µ\���\��\���\���\���\���������192.168.11.71:/usr/local/apache2/htdocs/sync/
���Ï���ޡ���䏪����\���\��\���\���\���\���������192.168.11.72:/usr/local/apache/htdocs/sync/

���\���\������¼\���
lsync

��򏢱���¼��HP
����lsyncd
http://code.google.com/p/lsyncd/

����xinetd
http://www.xinetd.org/


���web02(����ޡ���䏪����)���������Ώ�����
���xinetd\���\���\¹\������¼\���
# wget http://www.xinetd.org/xinetd-2.3.14.tar.gz
# tar xvfz xinetd-2.3.14.tar.gz
# cd xinetd-2.3.14
# ./configure && make && make install

���/etc/xinetd.d/rsync
# default: off
# description: The rsync server is a good addition to an ftp server, as it \n# allows crc checksumming etc.
service rsync
{
disable = no
socket_type = stream
wait = no
user = root
server = /usr/local/bin/rsync
server_args = --daemon --config=/etc/rsyncd.conf
log_on_failure += USERID
}

���/etc/rsyncd.conf
hosts allow = 192.168.11.0/24
log file = /var/log/rsyncd.log
use chroot = no
max connections = 5

[sync]
path = /usr/local/apache/htdocs/sync
uid = root
gid = wheel
read only = false

���µ��������\¹\���\���\��\���(/usr/local/etc/rc.d/xinetd)
#!/bin/sh
##
# PROVIDE: xinetd
# REQUIRE: DAEMON
#
# Add the following line to /etc/rc.conf to enable xinetd:
#
# xinetd_enable="YES"
#

. /etc/rc.subr

name=xinetd
rcvar=`set_rcvar`

command=/usr/local/sbin/xinetd > /dev/null 2>&1
pidfile=/var/run/xinetd.pid

xinetd_enable=${xinetd_enable:-"NO"}
xinetd_flags=${xinetd_flags:-"-f /etc/xinetd.conf -pidfile ${pidfile}"}

load_rc_config $name
run_rc_command "$1"

���/etc/rc.conf ������������µ­
xinetd_enable="YES"

���web01(����ޡ���䏢�µ)���������Ώ�����
���lsyncd\���\���\¹\������¼\���
# wget http://lsyncd.googlecode.com/files/lsyncd-1.26.tar.gz
# tar xvfz lsyncd-1.26.tar.gz
# cd lsyncd-1.26 ; pwd
# ./configure && make && make install
# cp -ip lsyncd.conf.xml /etc/lsyncd.conf.xml

���/etc/lsyncd.conf.xml
[lsyncd version="1"]

[settings]

[logfile filename = "/var/log/lsyncd"/]
[binary filename = "/usr/local/bin/rsync"/]
[pidfile filename = "/var/run/lsyncd.pid"/]

[callopts]
[option text="-lt%r"/]
[option text="--delete"/]
[exclude-file/]
[source/]
[destination/]
[/callopts]

[/settings]

[directory]
[source path = "/usr/local/apache2/htdocs/sync"/]
[target path = "192.168.11.72::sync"/]
[/directory]

[/lsyncd>

���µ��������\¹\���\���\��\���(/etc/rc.d/init.d/lsyncd)

#!/bin/bash
#
# lsyncd
#
# chkconfig: 345 56 50
# description: xinetd is a powerful replacement for inetd. \n# xinetd has access control mechanisms, extensive \n# logging capabilities, the ability to make services \n# available based on time, and can place \n# limits on the number of servers that can be started, \n# among other things.
#
# processname: /opt/lsyncd/binlsyncd

#Source function library
. /etc/rc.d/init.d/functions

PATH=$PATH:/sbin:/bin:/usr/bin:/usr/sbin:/usr/local/lsyncd/bin

# Soruce networking configuration
[ -r /etc/sysconfig/lsync ] && . /etc/sysconfig/lsyncd

option="$SHORT_LOG $IGNORE_START_ERRORS $DEBUG"

RETVAL=0

prog="/usr/local/bin/lsyncd"

start(){
echo -n $"Starting $prog: "
daemon $prog $option
RETVAL=$?
echo
touch /var/lock/subsys/lsyncd
return $RETVAL
}

stop(){
echo -n $"Stopping $prog: "
killproc $prog
RETVAL=$?
echo
rm -f /var/lock/subsys/lsyncd
return $RETVAL

}

reload(){
echo -n $"Reloading configuration: "
killproc $prog -HUP
RETVAL=$?
echo
return $RETVAL
}

restart(){
stop
start
}

condrestart(){
[ -e /var/lock/subsys/lsyncd ] && restart
return 0
}


# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status $prog
;;
restart)
restart
;;
reload)
reload
;;
condrestart)
condrestart
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|reload}"
RETVAL=1
esac

exit $RETVAL

���\���\��\������¼\������¼\��������Ώ�����(������¹\�����Ώ��������������¾)
# vi /etc/logrotate.d/lsyncd

/var/log/lsyncd {
daily
copytruncate
compress
notifempty
missingok
postrotate
/etc/rc.d/init.d/lsyncd restart 2>&1 > /dev/null || true
endscript
}

��򏢱���¾���
���µ��������
���Ï���ޡ���䏪����
# /usr/local/etc/rc.d/xinetd star

���Ï���ޡ���䏢�µ
# /etc/init.d/lsyncd start

���Ï���ޡ���䏪����\���\��
2009/12/08 16:54:55 [1146] rsync to sync/ from unknown (192.168.11.71)
2009/12/08 16:54:55 [1146] receiving file list
2009/12/08 16:54:55 [1146] sent 77 bytes received 169 bytes total size 0

���Ï���ޡ���䏢�µ\���\��
Tue Dec 8 17:45:15 2009: Starting up
Tue Dec 8 17:45:15 2009: watching /usr/local/apache2/htdocs/sync
Tue Dec 8 17:45:16 2009: --- Entering normal operation with [1] monitored directories ---

���\���\���\���\��������ҏ�����²������·�����������Ώ�����
[web01] # touch /usr/local/apache2/htdocs/sync/test.txt

Tue Dec 8 17:51:01 2009: event CREATE:test.txt triggered.
Tue Dec 8 17:51:01 2009: rsyncing /usr/local/apache2/htdocs/sync/ --> 192.168.11.72::sync/
Tue Dec 8 17:51:01 2009: event CLOSE_WRITE:test.txt triggered.
Tue Dec 8 17:51:01 2009: rsyncing /usr/local/apache2/htdocs/sync/ --> 192.168.11.72::sync/

���Ï���ޡ���䏪����
2009/12/08 16:57:08 [1190] connect from web01.localhost (192.168.11.71)
2009/12/08 16:57:08 [1190] rsync to sync/ from web01.localhost (192.168.11.71)
2009/12/08 16:57:08 [1190] receiving file list
2009/12/08 16:57:08 [1192] connect from web01.localhost (192.168.11.71)
2009/12/08 16:57:08 [1190] sent 57 bytes received 100 bytes total size 0
2009/12/08 16:57:08 [1192] rsync to sync/ from web01.localhost (192.168.11.71)
2009/12/08 16:57:08 [1192] receiving file list
2009/12/08 16:57:08 [1192] sent 35 bytes received 58 bytes total size 0

tuzzy92 at 18:56����Permalink����Comments(0)���� ����������²��㏪���»�� 

2009������11·���24������

lighttpd������\���\��\������¼\������¼\���

\���\���\¹\������¼\������·���������·���Ð�����������������䏪���ӏ��·������������������lighttpd
µ��������������������ď�����\���\�돢�̏����叢���������叢�����������돫������������������������ď�¡�

lighttpd¼«��ď��������������(������������)\���\��\������¼\������¼\���µ����½������������������(���������·������)����������
cronlog������������\��\���\��\���\���������²��Ï��·������\���\��\������¼\������¼\������¹��������¡�

���Ï�����¼��HP
http://cronolog.org/

���\���\���\¹\������¼\���
# wget http://cronolog.org/download/cronolog-1.6.2.tar.gz
# tar xvfz cronolog-1.6.2.tar.gz
# cd cronolog-1.6.2 ; pwd
# ./configure && make && make install

���lighttpd.conf������½���
server.errorlog = "|/usr/local/sbin/cronolog /usr/local/lighttpd/logs/error.log.%Y%m%d"
accesslog.filename = "|/usr/local/sbin/cronolog /usr/local/lighttpd/logs/access.log.%Y%m%d"

�����Ώ�����������reload

���³������
# ls -1 /usr/local/lighttpd/logs/*.log.2009*
/usr/local/lighttpd/logs/access.log.20091124
/usr/local/lighttpd/logs/error.log.20091124

tuzzy92 at 02:29����Permalink����Comments(0)���� ����lighttpd | HTTPD

2009������11·���23������

heartbeat������������������LVS\µ���¼\о������¹²½

keepalived���«������heartbeat������������¹¹���·LVS\µ���¼\Ð������¾������¹²½������»����·�����������Ώ�����

��򏪡�돪����
����LVS������2������(CentOS5.4 active/stand by VIP:192.168.11.200)
����WEB\µ���¼\Ð������2������(CentOS5.4/FreeBSD7.2)
����¾���µ­3����������������ޡ돫�\���\���\���\������¼\���������(192.168.11.0/24)

���\���\������¼\���
LVS-02

��򏢱���¼��HP
����The High Availability Linux \��\���\���\��\���\���
http://www.linux-ha.org/ja/HomePage_ja/

����IPVS
http://www.linux-vs.org/

���LVS\µ���¼\Ð�����Ώ�����
���\���\���\¹\������¼\���(yum������)
heartbeat.i386
heartbeat-ldirectord.i386
ipvsadm.i386

# yum list installed | egrep -i "heartbeat|IPVS"
Failed to set locale, defaulting to C
heartbeat.i386 2.1.3-3.el5.centos installed
heartbeat-ldirectord.i386 2.1.3-3.el5.centos installed
heartbeat-pils.i386 2.1.3-3.el5.centos installed
heartbeat-stonith.i386 2.1.3-3.el5.centos installed
ipvsadm.i386 1.24-10 installed

���authkeys�����Ώ�����(»²¹��� /usr/share/doc/heartbeat-2.1.3/authkeys)
# cd /etc/ha.d ; pwd
# vi authkeys

auth 1
1 crc

# chmod 600 authkeys

���ha.cf(ucast�돪�³��돫�½���)
logfile /var/log/ha-log

keepalive 2
deadtime 30
warntime 10
initdead 120

udpport 694
ucast eth0 192.168.11.51 #LVS02������IP\��\���\���\¹
auto_failback off

respawn hacluster /usr/lib/heartbeat/ipfail
apiauth ipfail gid=haclient uid=hacluster

node v-lvs01.localhost
node v-lvs02.localhost

��node ������uname -n������·���²���������µ­½���

���haresources
v-lvs01.localhost 192.168.11.200/24/eth0 ldirectord

�񡯏�돪�������������ldirectord������heartbeat·Ð���³������ldirectord������µ�������돢�¹�����������������������á돪؏����
�񡯏��·�����ď��̏�����������µ��������\¹\���\���\��\���������ldirectord������on���������¹����������̏���ߏ�����������������

���ldirectord.cf
checktimeout=3
checkinterval=10
logfile="/var/log/ldirectord.log"

autoreload=yes

virtual=192.168.11.200:80
real=192.168.11.54:80 gate 1
real=192.168.11.52:80 gate 1
scheduler=wrr
protocol=tcp

���³���³�����������������Ώ��������·�����ď�����heartbeat������µ��������
���½���·������LVS01������VIP���̏�Ģ�������������������������������»��ӏ�����³������

[LVS01]# ifconfig -a | grep -w inet
inet addr:192.168.11.50 Bcast:192.168.11.255 Mask:255.255.255.0
inet addr:192.168.11.200 Bcast:192.168.11.255 Mask:255.255.255.0
inet addr:127.0.0.1 Mask:255.0.0.0
[LVS02]# ifconfig -a | grep -w inet
inet addr:192.168.11.51 Bcast:192.168.11.255 Mask:255.255.255.0
inet addr:127.0.0.1 Mask:255.0.0.0

��򏢱���¾���
���������������
1)active�����ҏ������������·��¡�VIP���̏�ď���돪䏢�¹������»��ӏ�����³������
2)��ď���돪䏢����(���µ)active������µ�����돢�·��¡�VIP���̏�ď���돪䏢�·������������»��ӏ�����³������

���1)������1������������VIP���̏�ď���돪䏢�·�������������������������̏��������«������
[LVS01]# /etc/init.d/heartbeat stop
Stopping High-Availability services:
[ OK ]

[LVS01]# ifconfig -a | grep -w inet
inet addr:192.168.11.50 Bcast:192.168.11.255 Mask:255.255.255.0
inet addr:127.0.0.1 Mask:255.0.0.0

[LVS01]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn

[LVS02]# ifconfig -a | grep -w inet
inet addr:192.168.11.51 Bcast:192.168.11.255 Mask:255.255.255.0
inet addr:192.168.11.200 Bcast:192.168.11.255 Mask:255.255.255.0
inet addr:127.0.0.1 Mask:255.0.0.0

[LVS02]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.11.200:80 wrr
-> 192.168.11.54:80 Route 1 0 0
-> 192.168.11.52:80 Route 1 0 0


��LVS01\���\��
heartbeat[6153]: 2009/11/23_02:38:55 info: Heartbeat shutdown in progress. (6153)
heartbeat[6789]: 2009/11/23_02:38:55 info: Giving up all HA resources.
ResourceManager[6802]: 2009/11/23_02:38:55 info: Releasing resource group: v-lvs01.localhost 192.168.11.200/24/eth0 ldirectord
ResourceManager[6802]: 2009/11/23_02:38:55 info: Running /etc/ha.d/resource.d/ldirectord stop
ResourceManager[6802]: 2009/11/23_02:38:57 info: Running /etc/ha.d/resource.d/IPaddr 192.168.11.200/24/eth0 stop
IPaddr[6888]: 2009/11/23_02:38:57 INFO: ifconfig eth0:0 down
IPaddr[6859]: 2009/11/23_02:38:57 INFO: Success
heartbeat[6789]: 2009/11/23_02:38:57 info: All HA resources relinquished.
heartbeat[6153]: 2009/11/23_02:38:59 info: killing /usr/lib/heartbeat/ipfail process group 6175 with signal 15
heartbeat[6153]: 2009/11/23_02:39:02 WARN: 1 lost packet(s) for [v-lvs02.localhost] [154:156]
heartbeat[6153]: 2009/11/23_02:39:02 info: No pkts missing from v-lvs02.localhost!
heartbeat[6153]: 2009/11/23_02:39:03 info: killing HBFIFO process 6155 with signal 15
heartbeat[6153]: 2009/11/23_02:39:03 info: killing HBWRITE process 6156 with signal 15
heartbeat[6153]: 2009/11/23_02:39:03 info: killing HBREAD process 6157 with signal 15
heartbeat[6153]: 2009/11/23_02:39:03 info: Core process 6156 exited. 3 remaining
heartbeat[6153]: 2009/11/23_02:39:03 info: Core process 6155 exited. 2 remaining
heartbeat[6153]: 2009/11/23_02:39:03 info: Core process 6157 exited. 1 remaining
heartbeat[6153]: 2009/11/23_02:39:03 info: v-lvs01.localhost Heartbeat shutdown complete.

��LVS02\���\��
heartbeat[4182]: 2009/11/23_02:38:58 info: Received shutdown notice from 'v-lvs01.localhost'.
heartbeat[4182]: 2009/11/23_02:38:58 info: Resources being acquired from v-lvs01.localhost.
heartbeat[4249]: 2009/11/23_02:38:58 info: acquire all HA resources (standby).
heartbeat[4250]: 2009/11/23_02:38:58 info: No local resources [/usr/share/heartbeat/ResourceManager listkeys v-lvs02.localhost] to acquire.
ResourceManager[4275]: 2009/11/23_02:38:58 info: Acquiring resource group: v-lvs01.localhost 192.168.11.200/24/eth0 ldirectord
IPaddr[4301]: 2009/11/23_02:38:58 INFO: Resource is stopped
ResourceManager[4275]: 2009/11/23_02:38:58 info: Running /etc/ha.d/resource.d/IPaddr 192.168.11.200/24/eth0 start
IPaddr[4398]: 2009/11/23_02:38:59 INFO: Using calculated netmask for 192.168.11.200: 255.255.255.0
IPaddr[4398]: 2009/11/23_02:38:59 INFO: eval ifconfig eth0:0 192.168.11.200 netmask 255.255.255.0 broadcast 192.168.11.255
IPaddr[4369]: 2009/11/23_02:38:59 INFO: Success
ResourceManager[4275]: 2009/11/23_02:39:00 info: Running /etc/ha.d/resource.d/ldirectord start
heartbeat[4249]: 2009/11/23_02:39:01 info: all HA resource acquisition completed (standby).
heartbeat[4182]: 2009/11/23_02:39:01 info: Standby resource acquisition done [all].
harc[4514]: 2009/11/23_02:39:01 info: Running /etc/ha.d/rc.d/status status
mach_down[4535]: 2009/11/23_02:39:02 info: Taking over resource group 192.168.11.200/24/eth0
ResourceManager[4564]: 2009/11/23_02:39:02 info: Acquiring resource group: v-lvs01.localhost 192.168.11.200/24/eth0 ldirectord
IPaddr[4590]: 2009/11/23_02:39:02 INFO: Running OK
ResourceManager[4564]: 2009/11/23_02:39:04 info: Running /etc/ha.d/resource.d/ldirectord start
mach_down[4535]: 2009/11/23_02:39:05 info: /usr/share/heartbeat/mach_down: nice_failback: foreign resources acquired
mach_down[4535]: 2009/11/23_02:39:05 info: mach_down takeover complete for node v-lvs01.localhost.
heartbeat[4182]: 2009/11/23_02:39:05 info: mach_down takeover complete.
heartbeat[4182]: 2009/11/23_02:39:56 WARN: node v-lvs01.localhost: is dead
heartbeat[4182]: 2009/11/23_02:39:56 info: Dead node v-lvs01.localhost gave up resources.
heartbeat[4182]: 2009/11/23_02:39:56 info: Link v-lvs01.localhost:eth0 dead.
ipfail[4189]: 2009/11/23_02:39:56 info: Status update: Node v-lvs01.localhost now has status dead
ipfail[4189]: 2009/11/23_02:39:58 info: NS: We are dead. :<
ipfail[4189]: 2009/11/23_02:39:58 info: Link Status update: Link v-lvs01.localhost/eth0 now has status dead
ipfail[4189]: 2009/11/23_02:40:00 info: We are dead. :<
ipfail[4189]: 2009/11/23_02:40:00 info: Asking other side for ping node count.

���2)auto_failback off���̏��­�����⏢�����돪�¼«�����\���\��\���\���\Ð\���\������·������������
[LVS01]# /etc/init.d/heartbeat start
Starting High-Availability services:
2009/11/23_02:43:20 INFO: Resource is stopped
[ OK ]

[LVS01]# ifconfig -a | grep -w inet
inet addr:192.168.11.50 Bcast:192.168.11.255 Mask:255.255.255.0
inet addr:127.0.0.1 Mask:255.0.0.0

[LVS01]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn

[LVS02]# ifconfig -a | grep -w inet
inet addr:192.168.11.51 Bcast:192.168.11.255 Mask:255.255.255.0
inet addr:192.168.11.200 Bcast:192.168.11.255 Mask:255.255.255.0
inet addr:127.0.0.1 Mask:255.0.0.0

[LVS02]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.11.200:80 wrr
-> 192.168.11.54:80 Route 1 0 0
-> 192.168.11.52:80 Route 1 0 0

��LVS01\���\��
heartbeat[7030]: 2009/11/23_02:43:20 info: Version 2 support: false
heartbeat[7030]: 2009/11/23_02:43:20 WARN: Logging daemon is disabled --enabling logging daemon is recommended
heartbeat[7030]: 2009/11/23_02:43:20 info: **************************
heartbeat[7030]: 2009/11/23_02:43:20 info: Configuration validated. Starting heartbeat 2.1.3
heartbeat[7031]: 2009/11/23_02:43:20 info: heartbeat: version 2.1.3
heartbeat[7031]: 2009/11/23_02:43:20 info: Heartbeat generation: 1258825420
heartbeat[7031]: 2009/11/23_02:43:20 info: glib: ucast: write socket priority set to IPTOS_LOWDELAY on eth0
heartbeat[7031]: 2009/11/23_02:43:20 info: glib: ucast: bound send socket to device: eth0
heartbeat[7031]: 2009/11/23_02:43:20 info: glib: ucast: bound receive socket to device: eth0
heartbeat[7031]: 2009/11/23_02:43:20 info: glib: ucast: started on port 694 interface eth0 to 192.168.11.51
heartbeat[7031]: 2009/11/23_02:43:20 info: G_main_add_TriggerHandler: Added signal manual handler
heartbeat[7031]: 2009/11/23_02:43:20 info: G_main_add_TriggerHandler: Added signal manual handler
heartbeat[7031]: 2009/11/23_02:43:20 info: G_main_add_SignalHandler: Added signal handler for signal 17
heartbeat[7031]: 2009/11/23_02:43:21 info: Local status now set to: 'up'
heartbeat[7031]: 2009/11/23_02:43:21 info: Link v-lvs02.localhost:eth0 up.
heartbeat[7031]: 2009/11/23_02:43:21 info: Status update for node v-lvs02.localhost: status active
harc[7038]: 2009/11/23_02:43:22 info: Running /etc/ha.d/rc.d/status status
heartbeat[7031]: 2009/11/23_02:43:22 info: Comm_now_up(): updating status to active
heartbeat[7031]: 2009/11/23_02:43:22 info: Local status now set to: 'active'
heartbeat[7031]: 2009/11/23_02:43:22 info: Starting child client "/usr/lib/heartbeat/ipfail" (498,496)
heartbeat[7054]: 2009/11/23_02:43:22 info: Starting "/usr/lib/heartbeat/ipfail" as uid 498 gid 496 (pid 7054)
heartbeat[7031]: 2009/11/23_02:43:23 info: remote resource transition completed.
heartbeat[7031]: 2009/11/23_02:43:23 info: remote resource transition completed.
heartbeat[7031]: 2009/11/23_02:43:23 info: Local Resource acquisition completed. (none)
heartbeat[7031]: 2009/11/23_02:43:23 info: Initial resource acquisition complete (T_RESOURCES(them))
ipfail[7054]: 2009/11/23_02:43:31 info: Ping node count is balanced.

��LVS02\���\��
heartbeat[4182]: 2009/11/23_02:43:22 info: Heartbeat restart on node v-lvs01.localhost
heartbeat[4182]: 2009/11/23_02:43:22 info: Link v-lvs01.localhost:eth0 up.
heartbeat[4182]: 2009/11/23_02:43:22 info: Status update for node v-lvs01.localhost: status init
heartbeat[4182]: 2009/11/23_02:43:22 info: Status update for node v-lvs01.localhost: status up
ipfail[4189]: 2009/11/23_02:43:22 info: Link Status update: Link v-lvs01.localhost/eth0 now has status up
ipfail[4189]: 2009/11/23_02:43:22 info: Status update: Node v-lvs01.localhost now has status init
ipfail[4189]: 2009/11/23_02:43:22 info: Status update: Node v-lvs01.localhost now has status up
harc[4687]: 2009/11/23_02:43:22 info: Running /etc/ha.d/rc.d/status status
harc[4702]: 2009/11/23_02:43:22 info: Running /etc/ha.d/rc.d/status status
heartbeat[4182]: 2009/11/23_02:43:23 info: Status update for node v-lvs01.localhost: status active
ipfail[4189]: 2009/11/23_02:43:23 info: Status update: Node v-lvs01.localhost now has status active
harc[4717]: 2009/11/23_02:43:23 info: Running /etc/ha.d/rc.d/status status
heartbeat[4182]: 2009/11/23_02:43:24 info: remote resource transition completed.
ipfail[4189]: 2009/11/23_02:43:24 info: Asking other side for ping node count.
ipfail[4189]: 2009/11/23_02:43:32 info: No giveup timer to abort.

tuzzy92 at 02:53����Permalink����Comments(2)���� ����������²��㏪���»�� | LINUX

2009������11·���17������

keepalived������������������LVS\µ���¼\о������¹²½

��򏪡�돪����
����LVS������2������(CentOS5.4 active/stand by VIP:192.168.11.200)
����WEB\µ���¼\Ð������2������(CentOS5.4/FreeBSD7.2)
����¾���µ­3����������������ޡ돫�\���\���\���\������¼\���������(192.168.11.0/24)

���\���\������¼\���
lvs02


��򏢱���¼��HP
����keepalived
http://www.keepalived.org/

����IPVS
http://www.linux-vs.org/

���LVS\µ���¼\Ð�����Ώ�����
���Keepalived.conf(priority�돪�³�돩��ޡ돫�)
����active
vrrp_instance vip_httpd {
interface eth0
virtual_router_id 1

state BACKUP
garp_master_delay 5
priority 101
nopreempt
advert_int 1

authentication {
auth_type PASS
auth_pass secret
}

virtual_ipaddress {
192.168.11.200/24 dev eth0
}
}

virtual_server 192.168.11.200 80 {
delay_loop 3
lvs_sched rr
lvs_method DR
protocol TCP

real_server 192.168.11.54 80 {
weight 1
inhibit_on_failure
HTTP_GET {
url {
path /index.html
status_code 200
}
connect_timeout 3
}
}

real_server 192.168.11.52 80 {
weight 1
inhibit_on_failure
HTTP_GET {
url {
path /index.html
status_code 200
}
connect_timeout 3
}
}

����stand by
vrrp_instance vip_httpd {
interface eth0
virtual_router_id 1

state BACKUP
garp_master_delay 5
priority 100
nopreempt
advert_int 1

authentication {
auth_type PASS
auth_pass secret
}

virtual_ipaddress {
192.168.11.200/24 dev eth0
}
}

virtual_server 192.168.11.200 80 {
delay_loop 3
lvs_sched rr
lvs_method DR
protocol TCP

real_server 192.168.11.54 80 {
weight 1
inhibit_on_failure
HTTP_GET {
url {
path /index.html
status_code 200
}
connect_timeout 3
}
}

real_server 192.168.11.52 80 {
weight 1
inhibit_on_failure
HTTP_GET {
url {
path /index.html
status_code 200
}
connect_timeout 3
}
}

���³������
����active(VIP������»�������������������������)
# ip add | grep -w inet
inet 127.0.0.1/8 scope host lo
inet 192.168.11.50/24 brd 192.168.11.255 scope global eth0
inet 192.168.11.200/24 scope global secondary eth0

# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.11.200:80 rr
-> 192.168.11.52:80 Route 1 0 0
-> 192.168.11.54:80 Route 1 0 0

����stand by(VIP���������·)
# ip add | grep -w inet
inet 127.0.0.1/8 scope host lo
inet 192.168.11.51/24 brd 192.168.11.255 scope global eth0

# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.11.200:80 rr
-> 192.168.11.52:80 Route 1 0 0
-> 192.168.11.54:80 Route 1 0 0

��򏢱���¾���
���������������
1)active�����ҏ������������·��¡�VIP���̏�ď���돪䏢�¹������»��ӏ�����³������
2)��ď���돪䏢����(���µ)active������µ�����돢�·��¡�VIP���̏�ď���돪䏢�·������������»��ӏ�����³������

���1)
����active
# ipvsadm -L -n
[root@v-lvs01 keepalived]# ip add | grep -w inet
inet 127.0.0.1/8 scope host lo
inet 192.168.11.50/24 brd 192.168.11.255 scope global eth0

# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn

Nov 17 01:52:41 v-lvs01 Keepalived: Terminating on signal
Nov 17 01:52:41 v-lvs01 Keepalived: Stopping Keepalived v1.1.19 (11/16,2009)
Nov 17 01:52:41 v-lvs01 Keepalived_vrrp: Terminating VRRP child process on signal
Nov 17 01:52:41 v-lvs01 Keepalived_healthcheckers: Terminating Healthchecker child process on signal
Nov 17 01:52:41 v-lvs01 Keepalived_vrrp: VRRP_Instance(vip_httpd) removing protocol VIPs.


����stand by
# ip add | grep -w inet
inet 127.0.0.1/8 scope host lo
inet 192.168.11.51/24 brd 192.168.11.255 scope global eth0
inet 192.168.11.200/24 scope global secondary eth0

# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.11.200:80 rr
-> 192.168.11.52:80 Route 1 0 0
-> 192.168.11.54:80 Route 1 0 0

Nov 17 01:52:44 v-lvs-02 Keepalived_vrrp: VRRP_Instance(vip_httpd) Transition to MASTER STATE
Nov 17 01:52:45 v-lvs-02 Keepalived_vrrp: VRRP_Instance(vip_httpd) Entering MASTER STATE
Nov 17 01:52:45 v-lvs-02 Keepalived_vrrp: VRRP_Instance(vip_httpd) setting protocol VIPs.
Nov 17 01:52:45 v-lvs-02 Keepalived_vrrp: VRRP_Instance(vip_httpd) Sending gratuitous ARPs on eth0 for 192.168.11.200
Nov 17 01:52:45 v-lvs-02 Keepalived_healthcheckers: Netlink reflector reports IP 192.168.11.200 added
Nov 17 01:52:45 v-lvs-02 Keepalived_vrrp: Netlink reflector reports IP 192.168.11.200 added
Nov 17 01:52:51 v-lvs-02 Keepalived_vrrp: VRRP_Instance(vip_httpd) Sending gratuitous ARPs on eth0 for 192.168.11.200
Nov 17 01:52:59 v-lvs-02 ntpd[2058]: kernel time sync enabled 0001


���2)
���Ï��µactive
# ip add | grep -w inet
inet 127.0.0.1/8 scope host lo
inet 192.168.11.50/24 brd 192.168.11.255 scope global eth0

# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.11.200:80 rr
-> 192.168.11.52:80 Route 1 0 0
-> 192.168.11.54:80 Route 1 0 0

Nov 17 01:55:23 v-lvs01 Keepalived: Starting Keepalived v1.1.19 (11/16,2009)
Nov 17 01:55:23 v-lvs01 Keepalived: Starting Healthcheck child process, pid=2370
Nov 17 01:55:23 v-lvs01 Keepalived_healthcheckers: Netlink reflector reports IP 192.168.11.50 added
Nov 17 01:55:23 v-lvs01 Keepalived_healthcheckers: Registering Kernel netlink reflector
Nov 17 01:55:23 v-lvs01 Keepalived_healthcheckers: Registering Kernel netlink command channel
Nov 17 01:55:23 v-lvs01 Keepalived: Starting VRRP child process, pid=2371
Nov 17 01:55:23 v-lvs01 Keepalived_vrrp: Netlink reflector reports IP 192.168.11.50 added
Nov 17 01:55:23 v-lvs01 Keepalived_vrrp: Registering Kernel netlink reflector
Nov 17 01:55:23 v-lvs01 Keepalived_vrrp: Registering Kernel netlink command channel
Nov 17 01:55:23 v-lvs01 Keepalived_vrrp: Registering gratutious ARP shared channel
Nov 17 01:55:23 v-lvs01 Keepalived_healthcheckers: Opening file '/etc/keepalived/keepalived.conf'.
Nov 17 01:55:23 v-lvs01 Keepalived_healthcheckers: Configuration is using : 11772 Bytes
Nov 17 01:55:23 v-lvs01 Keepalived_healthcheckers: Using LinkWatch kernel netlink reflector...
Nov 17 01:55:23 v-lvs01 Keepalived_healthcheckers: Activating healtchecker for service [192.168.11.54:80]
Nov 17 01:55:23 v-lvs01 Keepalived_healthcheckers: Activating healtchecker for service [192.168.11.52:80]
Nov 17 01:55:23 v-lvs01 Keepalived_vrrp: Opening file '/etc/keepalived/keepalived.conf'.
Nov 17 01:55:23 v-lvs01 Keepalived_vrrp: Configuration is using : 33828 Bytes
Nov 17 01:55:23 v-lvs01 Keepalived_vrrp: Using LinkWatch kernel netlink reflector...
Nov 17 01:55:24 v-lvs01 Keepalived_vrrp: VRRP_Instance(vip_httpd) Entering BACKUP STATE
Nov 17 01:55:24 v-lvs01 Keepalived_vrrp: VRRP sockpool: [ifindex(2), proto(112), fd(10,11)]

���Ï��µstand by
# ip add | grep -w inet
inet 127.0.0.1/8 scope host lo
inet 192.168.11.51/24 brd 192.168.11.255 scope global eth0
inet 192.168.11.200/24 scope global secondary eth0

# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.11.200:80 rr
-> 192.168.11.52:80 Route 1 0 0
-> 192.168.11.54:80 Route 1 0 0

��\���\�돢�������������������������·

������¾��⡭�돪�»

tuzzy92 at 02:01����Permalink����Comments(0)���� ����������²��㏪���»�� | LINUX

2009������11·���16������

keepalived+ipvsadm������������������web\µ���¼\Ð������²��㏪���»��

��򏪡�돪����
����LVS������1������(CentOS5.4)
����WEB\µ���¼\Ð������2������(CentOS5.4/FreeBSD7.2)
����¾���µ­3����������������ޡ돫�\���\���\���\������¼\���������(192.168.11.0/24)

���\���\������¼\���
LVS01


��򏢱���¼��HP
����keepalived
http://www.keepalived.org/

����IPVS
http://www.linux-vs.org/

���LVS\µ���¼\Ð�����Ώ�����
���ipvsadm\���\���\¹\������¼\���
# yum install ipvsadm.i386

���keepalived\���\���\¹\������¼\���
# wget http://www.keepalived.org/software/keepalived-1.1.19.tar.gz
# tar xvfz keepalived-1.1.19.tar.gz
# cd keepalived-1.1.19 ; pwd
# ./configure --with-kernel-dir=/lib/modules/2.6.18-164.el5/build

Keepalived configuration
------------------------
Keepalived version : 1.1.19
Compiler : gcc
Compiler flags : -g -O2
Extra Lib : -lpopt -lssl -lcrypto
Use IPVS Framework : Yes
IPVS sync daemon support : Yes
Use VRRP Framework : Yes
Use Debug flags : No

# cp -ip keepalived.spec /usr/src/redhat/SPECS/.
# cp -ip ../keepalived-1.1.19.tar.gz /usr/src/redhat/SOURCES/.
# cd /usr/src/redhat/SPECS/ ; pwd
# vi keepalived.spec

������¹¹�����:Version: 1.1.18
������¹¹������:Version: 1.1.19

# rpmbuild -ba keepalived.spec

���Ï����䏢����������������
error: Bad owner/group: /usr/src/redhat/SPECS/keepalived.spec

# ls -l /usr/src/redhat/SPECS/keepalived.spec
-rw-r--r-- 1 root 1000 5230 Nov 16 17:47 /usr/src/redhat/SPECS/keepalived.spec

���Ï��¾���·������
# chgrp root /usr/src/redhat/SPECS/keepalived.spec
# ls -l /usr/src/redhat/SPECS/keepalived.spec
-rw-r--r-- 1 root root 5230 Nov 16 17:47 /usr/src/redhat/SPECS/keepalived.spec

���Ï�돩�������¼���¹���
# rpmbuild -ba keepalived.spec

# cd ../RPMS/i386/ ; pwd
# rpm -ivh keepalived-1.1.19-5.i386.rpm

���keepalived.conf������½���

vrrp_instance vip_httpd {
interface eth0
virtual_router_id 1

virtual_ipaddress {
192.168.11.200/24 dev eth0
}
}

virtual_server 192.168.11.200 80 {
delay_loop 3
lvs_sched rr
lvs_method DR
protocol TCP

real_server 192.168.11.52 80 {
weight 1
inhibit_on_failure
HTTP_GET {
url {
path /index.html
status_code 200
}
connect_timeout 3
}
}

real_server 192.168.11.54 80 {
weight 1
inhibit_on_failure
HTTP_GET {
url {
path /index.html
status_code 200
}
connect_timeout 3
}
}

���ip_fowward�����Ώ�����(����������������𡯏�����)
# echo '1' > /proc/sys/net/ipv4/ip_forward


���web\µ���¼\Ð�����Ώ�����(����������������𡯏�����)
����web1
# ifconfig lo:0 192.168.11.200 netmask 255.255.255.255
# vi /etc/sysctl.conf

net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2

# sysctl -p

# ifconfig -a | grep -w inet
inet addr:192.168.11.52 Bcast:192.168.11.255 Mask:255.255.255.0
inet addr:127.0.0.1 Mask:255.0.0.0
inet addr:192.168.11.200 Mask:255.255.255.255
# ip add | grep -w inet
inet 127.0.0.1/8 scope host lo
inet 192.168.11.200/32 brd 192.168.11.200 scope global lo:0
inet 192.168.11.52/24 brd 192.168.11.255 scope global eth0


����web2
# ifconfig lo0 alias 192.168.11.200 netmask 255.255.255.255

# ifconfig -a | grep -w inet
inet 192.168.11.54 netmask 0xffffff00 broadcast 192.168.11.255
inet 127.0.0.1 netmask 0xff000000
inet 192.168.11.200 netmask 0xffffffff
# ip add | grep -w inet
-bash: ip: command not found (orz)


���돩�������LVS\µ���¼\Ð������������
���µ��������
# /etc/init.d/ipvsadm start
# /etc/init.d/keepalived start

���³������
# ifconfig -a | grep -w inet(VIP������½Ð������������)
inet addr:192.168.11.50 Bcast:192.168.11.255 Mask:255.255.255.0
inet addr:127.0.0.1 Mask:255.0.0.0

# ip add | grep -w inet(VIP½Ð������)
inet 127.0.0.1/8 scope host lo
inet 192.168.11.50/24 brd 192.168.11.255 scope global eth0
inet 192.168.11.200/24 scope global secondary eth0

# ipvsadm -L
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.11.200:http rr
-> 192.168.11.52:http Route 1 0 0
-> 192.168.11.54:http Route 1 0 0


�񡯏��¾\µ���¼\Ð������������
# curl http://192.168.11.200/
web01
# curl http://192.168.11.200/
web02
# curl http://192.168.11.200/
web01
# curl http://192.168.11.200/
web02
#

���web01������apache�����ҏ������������·�����������Ώ�����
# ipvsadm -L
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.11.200:http rr
-> 192.168.11.52:http Route 0 0 3
-> 192.168.11.54:http Route 1 0 8

�񡯏��¾\µ���¼\Ð������������
# curl http://192.168.11.200/
web02
# curl http://192.168.11.200/
web02
# curl http://192.168.11.200/
web02
# curl http://192.168.11.200/
web02
# curl http://192.168.11.200/
web02
#

LVS¼«��ď��������¾������¹²½���������½���������Ï���������������

tuzzy92 at 01:05����Permalink����Comments(0)���� ����������²��㏪���»�� | LINUX

2009������10·���21������

apache2������lighttpd������ab���·�����������Ώ����ď������돫������䏪�����³������������������

����ޡ돫�����������������\��⏢�¼\���������ab���·�����������Ώ�����

����conf����������Ï�����\���\���\���\���\���
����apache2������ab���\µ���¼\Ð\���\��ӏ��¼\������lighttpd������ab

\���\���\��������������� -n 8000 -c 800
��-n 10000 -c 1000������������apache2���«�������ޏ�Џ����⏢�̏��µ�����������������������ď�������

���·���²���
Server Software: Apache/2.2.13
Server Hostname: ******
Server Port: 80

Document Path: /index.html
Document Length: 14 bytes

Concurrency Level: 800
Time taken for tests: 17.741 seconds
Complete requests: 8000
Failed requests: 0
Write errors: 0
Total transferred: 2480000 bytes
HTML transferred: 112000 bytes
Requests per second: 450.94 [#/sec] (mean)
Time per request: 1774.052 [ms] (mean)
Time per request: 2.218 [ms] (mean, across all concurrent requests)
Transfer rate: 136.52 [Kbytes/sec] received

Connection Times (ms)
min mean[+/-sd] median max
Connect: 0 424 1442.3 1 9005
Processing: 1 609 2036.8 236 17639
Waiting: 1 608 2036.8 236 17639
Total: 182 1032 2446.9 240 17719

Percentage of the requests served within a certain time (ms)
50% 240
66% 251
75% 305
80% 498
90% 3225
95% 3734
98% 9295
99% 16639
100% 17719 (longest request)

==============================
Server Software: lighttpd/1.4.23
Server Hostname: ******
Server Port: 80

Document Path: /index.html
Document Length: 14 bytes

Concurrency Level: 800
Time taken for tests: 9.898 seconds
Complete requests: 8000
Failed requests: 0
Write errors: 0
Total transferred: 1976000 bytes
HTML transferred: 112000 bytes
Requests per second: 808.21 [#/sec] (mean)
Time per request: 989.844 [ms] (mean)
Time per request: 1.237 [ms] (mean, across all concurrent requests)
Transfer rate: 194.95 [Kbytes/sec] received

Connection Times (ms)
min mean[+/-sd] median max
Connect: 0 339 1520.3 1 9018
Processing: 1 253 778.3 142 8526
Waiting: 1 253 778.3 141 8526
Total: 96 592 1779.0 144 9521

Percentage of the requests served within a certain time (ms)
50% 144
66% 150
75% 157
80% 163
90% 210
95% 3164
98% 9108
99% 9272
100% 9521 (longest request)

tuzzy92 at 00:07����Permalink����Comments(0)���� ����lighttpd | HTTPD

2009������10·���20������

apache����������ޏ�����������������������lighttpd�����ҏ����Ώ��������·�����������Ώ�����

���apache 1.3.41
<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</Files>

<VirtualHost *:80>

ServerName vh-01.com
ServerAlias www.vh-01.com vh-01.net www.vh-01.net

DocumentRoot /home/vh-01.com/htdocs
ScriptAlias /cgi-bin/ /home/vh-01.com/cgi-bin/

ErrorLog /home/vh-01.com/logs/error_log
CustomLog /home/vh-01.com/logs/access_log combined

<Directory /home/vh-01.com/htdocs>
Options FollowSymLinks
DirectoryIndex index.html index.htm
</Directory>

<Directory /home/vh-01.com/htdocs/basic>
AuthType Basic
AuthName Common
AuthUserFile /home/vh-01.com/.htpasswd
Require valid-user
</Directory>

<Directory /home/vh-01.com/htdocs/acl>
Order Deny,Allow
Deny from ALL
Allow from 192.169.11.0/24
</Directory>

</VirtualHost>

<IfDefine SSL>
<VirtualHost *:443>

ServerName vh-01.com

DocumentRoot /home/web/vh-01.com/html
ScriptAlias /cgi-bin/ /home/web/vh-01.com/cgi-bin/

ErrorLog /home/web/vh-01.com/logs/error_log
CustomLog /home/web/vh-01.com/logs/access_log combined

SSLEngine on
SSLCertificateFile /usr/local/apache/conf/ssl.crt/vh-01.com.crt
SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/vh-01.com.key
SSLCertificateChainFile /usr/local/apache/conf/ssl.ca/vh-01.com.ca

<Directory /home/vh-01.com/htdocs>
Options FollowSymLinks
DirectoryIndex index.html index.htm
</Directory>

<Directory /home/vh-01.com/htdocs/basic>
AuthType Basic
AuthName Common
AuthUserFile /home/vh-01.com/.htpasswd
Require valid-user
</Directory>

<Directory /home/vh-01.com/htdocs/acl>
Order Deny,Allow
Deny from ALL
Allow from 192.169.11.0/24
</Directory>

SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown

</VirtualHost>
</IfDefine>

==============================

���lighttpd 1.4.23

$HTTP["host"] =~ "(www\.|)vh-01\.(com|net)" {

url.access-deny = ( "~", ".htpasswd", ".htaccess" )

server.document-root = "/home/vh-01.con/htdocs"
alias.url = ("/cgi-bin/" => "/home/vh-01.con/cgi-bin/")

accesslog.filename = "/home/vh-01.con/logs/access_log"

server.follow-symlink = "enable"
index-file.names = ( "index.html", "index.php" )

auth.backend = "htpasswd"
auth.backend.htpasswd.userfile = "/home/vh-01.con/.htpasswd"

auth.require = ( "/basic/" =>
( "method" => "basic",
"realm" => "Common",
"require" => "valid-user"
)
)

$HTTP["remoteip"] != "192.168.11.0/24" {
$HTTP["url"] =~ "^/acl" {
url.access-deny = ( "" )
}
}

}

$SERVER["socket"] == "*:443" {

url.access-deny = ( "~", ".htpasswd", ".htaccess" )

server.name = "vh-01.con"
ssl.engine = "enable"
ssl.pemfile = "/usr/local/lighttpd/conf/ssl/vh-01.com.pem"

server.document-root = "/home/vh-01.con/htdocs"
alias.url = ("/cgi-bin/" => "/home/vh-01.con/cgi-bin/")

accesslog.filename = "/home/vh-01.con/logs/ssl_access_log"

server.follow-symlink = "enable"
index-file.names = ( "index.html", "index.php" )

auth.backend = "htpasswd"
auth.backend.htpasswd.userfile = "/home/vh-01.con/.htpasswd"

auth.require = ( "/basic/" =>
( "method" => "basic",
"realm" => "Common",
"require" => "valid-user"
)
)

$HTTP["remoteip"] != "192.168.11.0/24" {
$HTTP["url"] =~ "^/acl" {
url.access-deny = ( "" )
}
}

}

tuzzy92 at 03:45����Permalink����Comments(0)���� ����lighttpd | HTTPD

2009������10·���12������

lighttpd(vh ssl �����¾���)

lighttpd������2������

��򏢱���¼��HP
����lighttpd
http://www.lighttpd.net/

����fastcgi
http://www.fastcgi.com/drupal/

����openssl
http://www.openssl.org/

���vh�����Ώ�����
����$HTTP["host"] =~���������¹���������³���������������µµ�̏��½���½����»�����𡯏�����(������¾���������$HTTP["host"] ==)
����apache�����������������Ï���ServerAlias��¡ߏ������������������������������µµ�̏��½���½�����������������Џ���
����error\���\�돢����1���������·���«�����Ώ��������������­������������(�돫������ӏ�돪�������������µ­½��ҏ��µ������������������������error\���\�돢�������Ώ���돢돫�)
����lighttpd.conf���������������������µµ�̏��½���½����»�����𡯏����������������ď�����*.conf�����㏪���¼�ޏ��·������������������������������

��������Ώ���������
$HTTP["host"] =~ "(www\.|)vh-01\.(com|net)" {
server.document-root = "/home/vh-01.com/htdocs"
accesslog.filename = "/home/vh-01.com/logs/access_log"

index-file.names = ( "index.php", "index.html" )

}

$HTTP["host"] == "vh-02.com" {
server.document-root = "/home/vh-02.com/htdocs"
accesslog.filename = "/home/vh-02.com/logs/access_log"

index-file.names = ( "index.html", "index.php" )
}

���SSL
����pem=crt+key
����\���\¹��������­���·������key������pem���������¹������»��ӏ�������돩�µ��������»��Џ�����������\���\¹\���\������¼\��돢���ҏ��¹���«������������������������������

��������Ώ���������
$SERVER["socket"] == "192.168.11.50:443" {
ssl.engine = "enable"
ssl.pemfile = "/usr/local/lighttpd/conf/ssl/vh-01.com.pem"
server.name = "vh-01.com"

server.document-root= "/home/vh-01.net/htdocs"
accesslog.filename = "/home/vh-01.net/logs/ssl_access_log"
}

��򏪮��¾���
����lighttpd.conf������ server.modules ������ mod_auth������\³\���\���\���\���\���

���basic�����¾��⏪��
auth.backend = "htpasswd"
auth.backend.htpasswd.userfile = "/home/vh-01.com/.htpasswd"

auth.require = ( "/admin/basic/" =>
(
"method" => "basic",
"realm" => "Common",
"require" => "valid-user"
)
)

���digest�����¾��⏪��
auth.backend = "htdigest"
auth.backend.htdigest.userfile = "/home/vh-01.com/.htdigest"

auth.require = ( "/admin/digest/" =>
(
"method" => "digest",
"realm" => "secret",
"require" => "valid-user"
)
)

tuzzy92 at 23:55����Permalink����Comments(0)���� ����lighttpd | HTTPD

2009������10·���11������

lighttpd(php/cgi����돢돫�����������)

��򏢱���¼��HP
����lighttpd
http://www.lighttpd.net/

����fastcgi
http://www.fastcgi.com/drupal/

����php
http://www.php.net/

���\���\���\¹\������¼\���
���fstcgi
# wget http://www.fastcgi.com/dist/fcgi-2.4.0.tar.gz
# tar xfz fcgi-2.4.0.tar.gz
# cd fcgi-2.4.0 ; pwd
# ./configure && make && make install

# perl -MCPAN -e 'install FCGI'
# perl -MCPAN -e 'install CGI::Fast'

���lighttpd
# wget http://www.lighttpd.net/download/lighttpd-1.4.23.tar.gz
# tar xfz lighttpd-1.4.23.tar.gz
# cd lighttpd-1.4.23 ; pwd
# ./configure \
--prefix=/usr/local/lighttpd \
--with-openssl && make && make install

���php(5.3·���������--enable-fastcgi���̏��µ������돪�5.2·���������»���������)
# wget http://jp.php.net/get/php-5.2.11.tar.gz/from/this/mirror
# tar xvfz php-5.2.11.tar.gz
# cd php-5.2.11 ; pwd
./configure \
--prefix=/usr/local/php-fast \
--enable-fastcgi \
--with-pic \
--with-openssl=shared,/usr/local/ssl \
--with-mysql=/usr/local/mysql \
--with-mysqli=shared,/usr/local/mysql/bin/mysql_config \
--with-curl \
--without-iconv \
--with-bz2 \
--with-zlib \
--enable-pcntl \
--enable-mbstring \
--enable-mbregex \
--with-gd \
--enable-gd-native-ttf \
--enable-gd-jis-conv \
--with-freetype-dir=/usr \
--with-zlib-dir=/usr \
--with-png-dir=/usr \
--with-jpeg-dir=/usr \
--with-libxml-dir=/usr \
--with-xmlrpc=shared \
--with-ldap=shared \
--with-ldap-sasl \
--enable-dom=shared \
--with-snmp=shared,/usr/local/snmpd \
--enable-soap=shared \
--with-xsl=shared,/usr \
--enable-xmlreader=shared \
--enable-xmlwriter=shared && make && make install

��򏪢��Ώ�����
���µ�������돪���Ώ�����
# cd lighttpd-1.4.23 ; pwd
# cp -ip ./doc/rc.lighttpd.redhat /etc/init.d/lighttpd
# chkconfig --add lighttpd
# chkconfig lighttpd on
# chkconfig --list lighttpd
lighttpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off

���conf�����Ώ�����
# mkdir /usr/local/lighttpd/conf/
# mkdir /usr/local/lighttpd/htdocs/
# mkdir /usr/local/lighttpd/logs/

# chown www:www /usr/local/lighttpd/logs

# cp -ip ./doc/lighttpd.conf /usr/local/lighttpd/conf/.
# cp -ip ./doc/sysconfig.lighttpd /etc/sysconfig/lighttpd

����lighttpd.conf������¹¹������

(server.modules������²¼µ­2\���½���������\³\���\���\���\���\���)
"mod_fastcgi",
"mod_cgi",

(²¼µ­�����»��Џ�����¹¹)
server.username = "www"
server.groupname = "www"
server.document-root = "/usr/local/lighttpd/htdocs/"
server.errorlog = "/usr/local/lighttpd/logs/error.log"
accesslog.filename = "/usr/local/lighttpd/logs/access.log"


fastcgi.server = ( ".php" =>
( "localhost" =>
(
"socket" => "/tmp/php-fastcgi.socket",
"bin-path" => "/usr/local/php-fast/bin/php-cgi"
)
)
)

cgi.assign = ( ".pl" => "/usr/bin/perl",
".cgi" => "/usr/bin/perl" )


tuzzy92 at 22:52����Permalink����Comments(0)���� ����lighttpd | LINUX

2009������08·���15������

fetchmail������gmai l�������½������2����

���Ï�����¼��HP
http://www.fetchmail.info/

�������������䏩�������³gmail���«������fetch���������­������������������������������

fetchmail: pop.gmail.com fingerprints do not match!
19154:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s3_clnt.c:894:
fetchmail: SSL connection failed.
fetchmail: socket error while fetching from [email protected]

.fetchmailrc�����������Ώ��������·������������sslfingerprint���̏����Џ����������������ď��«����������
������½������µ

$ fetchmail -v(�돫������ԏ������ď��)
fetchmail: pop.gmail.com key fingerprint: 92:73:17:4C:34:4B:68:F7:B2:17:71:42:0D:7F:9F:33

.fetchmailrc ������¾���µ­������½������µ���·������³����������������򏫳

������������������������\Ð���¼\���\���\���\��\���\��

#fetchmail --version
This is fetchmail release 6.3.4+SSL+NLS.

#wget http://download.berlios.de/fetchmail/fetchmail-6.3.11.tar.bz2

#tar xfj fetchmail-6.3.11.tar.bz2
#cd fetchmail-6.3.11 ; pwd
/usr/local/src/fetchmail-6.3.11

# ./configure --with-ssl && make && make install

#fetchmail --version
This is fetchmail release 6.3.11+SSL+NLS.

tuzzy92 at 00:57����Permalink����Comments(0)���� ����MAIL | TROUBLE
<% for ( var i = 0; i < 7; i++ ) { %> <% } %>
<%= wdays[i] %>
<% for ( var i = 0; i < cal.length; i++ ) { %> <% for ( var j = 0; j < cal[i].length; j++) { %> <% } %> <% } %>
0) { %> id="calendar-61877-day-<%= cal[i][j]%>"<% } %>><%= cal[i][j] %>
Help me"1"
Recent Comments
<%==comments[n].author%>
<% } %>
Help me"2"
Latest article
Let's Encrypt¹¹���·\³\���\���\���
���叢�������叢�������������叢����²��я�����
CentOS5.7������squid�����ҏ�돩�\���\���\¹\������¼\���
�돫⏢�­���³���­CentOS6.x����������¾���
CentOS6.0������\���\���\¹\������¼\������·�����������Ώ����ď�¡�
CentOS���������������µ
apache2������h264������\¹\���\������¼\���\���\�돢��h264_streaming_module
lsyncd2.0
cbq.init�����������������������ѡ돫������폢����
tc�����������������������ѡ돫������폢����
PPPoE \«���¼\���\���\������¼\���
�����������̏����������Ï��쏪����������ď��
\���\��\���\���\���\������¼\µ ������������������¹���������
\«\���6 10m������\���\���\�ޏ����ҏ��������������������­�����ď�����
squid \���\��\������¼\������¼\���������\���\��²��ҏ�����(squid-graph)
\���\³\���\³�����²���+squid
[���������������µ������] \���\«���¼������\­\���\���\·\���\µ���¼\Ð
2011���������������·²���\���\���\���\������¼\���������giga²½���·�����������Ώ�����
openssh\³\���\���\��\��\���\��\·\���\���
vnc��돪�¾���¹½������
vmware \���\���\¹\������¼\���\���\��
mail from smartd �������½������3����
mail from smartd �������½������2����
½Ð�����������������������򏪿³(����������)���̏���̏��«������������������
mail from smartd
�돪�»���¼���»��Ï��µ���������������� (spamassassin���spamd)
rsync����������������������������������������\���\��\·\���\��я����ҏ���������������²��������¡돫�������
procmail ½��������\������¼\�����돫�½���
google apps (standard)���������Ð�����ď��·�����������Ώ����ď�¡� ~���½������3~
google apps (standard)���������Ð�����ď��·�����������Ώ����ď�¡� ~���½������2~
google apps (standard)���������Ð�����ď��·�����������Ώ����ď�¡�
LVM������»����·�����������Ώ�����
µ�ߏ��·�����ӏ�����������LVS�����Ώ��������·�����ď�����������������������������»���
VMware+FreeBSD
zabbix����½�������䏪���Ώ����������ԏ���
zabbix����\�����¼\���\��\���\��������ԏ���
zabbix����\µ���¼\Ð�����ԏ���
Do you need to run 'sa-update'
Xymon�����������������������»���(���½������2 \���\���\���\��\���\��������Ώ�����)
Xymon�����������������������»���(���½������1 \µ���¼\Ð�����Ώ�����)
lsyncd+rsyncd������������������\���\��\���\���\���\�������ޡ����
lighttpd������\���\��\������¼\������¼\���
heartbeat������������������LVS\µ���¼\о������¹²½
keepalived������������������LVS\µ���¼\о������¹²½
keepalived+ipvsadm������������������web\µ���¼\Ð������²��㏪���»��
apache2������lighttpd������ab���·�����������Ώ����ď������돫������䏪�����³������������������
apache����������ޏ�����������������������lighttpd�����ҏ����Ώ��������·�����������Ώ�����
lighttpd(vh ssl �����¾���)
lighttpd(php/cgi����돢돫�����������)
fetchmail������gmai l�������½������2����
subsonic������mp3\¹\���\������¼\���\���\��
���·�����������؏���������������Urchi UTM�����ҏ����Ώ��������·�����������Ώ�����
��ď������������������������������Ώ��������·������Urchin������돩�½���·��
��ď�������������������������²������postgres&Urchin������\���\��²��ҏ�����
awstats������\���\���\���\���\��\���\��� jawstats
postfix�����Ώ�����(����������������������)
apache������yum���«������\���\���\¹\������¼\������·�����ď�����web\��⏢�¼\������̏�����»���²½���ޏ��·�����ď�����
Proftpd������¾��䏢돪㏢����\���\�돢����¼��������� ExtendedLog
���������ޏ��������������폢�ޏ��������������������������������������ޏ�����������������mmeasure
postfixadmin\���\���\¹\������¼\���
POSTFIX����\���\��폢�¼\��ď���M���SQL
vh�����������������ѡ돫������폢���� mod-cband
apache php \Ð���¼\���\���\��я�����³«¼��
sar������\��\���\���²½ Ksar
mail���html²½(mhonarc)
Hyper Estraier �������������������������
�����������䏢�������ď�����������mecab�����ҏ����������������������Ώ����ġ��
\���\���\¹\������¼\������·������3�����䏢���ď����������ď��«���������½���������½������sar������»��������������������Ώ�����
ruby gems rails
Flowplayer ������(¹���)�����²��������叢ď��(������)
�������������\������\­���¼\��䏢�¼\��������ҏ����²��ҏ�����½��䏢�·�����ď�����\­���¼�����ҏ��������������·�����ď����� orz
SquirreMail�����䏪���䏢����²½
\������¼\��������¼��؏�ď��������������Ώ�����
apache+mod_layout
2008������12·���31�����䏢���������Ï����������Ï��������̏����������������·������
\½���¼\¹\���\���\�ޏ��¼\��������ҡ���������� paco
��µ��𡯏�������𡯏����������������ҏ���������
µ�ߏ��·�����ӏ�����������XOOPS�����ҏ����Џ����������������Ώ�����
scponly
���������«�����������������ď��«�����������������������\³\���\���\��������ҏ����ď����ď����������������Ώ�����
unzip
\���\���\���\���\���\���\�����돫�����
���������������²���������������������«����������CMS\������¼\��� Nucleus
[CentOS]4.7µ­����돢����yum������rpm������remove���·������²�����̏��򏪤��������Џ�����»��ӏ�����������������������������
\���\��\���\�ޏ��¼\·\���\���¹\���­������²�����̏���ޡ돫�\µ���¼\Ð������\���\��\���\�ޏ��¼\·\���\��я��·�����������Ώ�����
mergelog - a fast tool to merge http log files by date
proftpd \���\���\���\¹\���\���\�ߏ���������¾���
CentOS5.2 + MySQL5.1x
Master�����ҏ����������������돢����\���\��\���\�ޏ��¼\·\���\��я��·�����������Ώ�����
MySQL\Ð\���\���\���\���\��¼«����돢돫�½��䏪���Ώ�����
mplayer Plug-in 3.55
mt\���\���\¹\������¼\���³Ð½���
bind 9.5.0\���\������¼\¹
net-snmp-5.4.1.2
bash: rsync: command not found
sl
root��������������돫�½��䏢�������­������������\���\���\���\���(\���\��\���\���\���\���)
Linux������ipod�����ҏ���gtkpod
qmailadmin-limits ������������������qmailadmin�����폢����
FreeBSD7.0�����ҏ����Џ����������������Ώ�����
Help me"3"

'); label.html('\ \���\���\���\���\��\���\���\�돢����������¹­¹��Ï�����\��Џ��¼\½\���\���\���\��돢����������²�������̏��������������ď�����\���\���\­���¼(cookie)������»��������Џ��·���������������������¹��¡�
\ ���³������\Ð\������¼�����ҏ��������������������«�ޏ�䏪���������·��Џ��³���¹���������³������������\���\���\­���¼������»��������Џ�����¾µ����������������ď����������������ď������������������µ���»�����������������ď��������­���������¹��¡�
\ �����������ď�¡�����µ��ҏ�����������������¼���\��Џ��¼\���\������¼���������������������쏢�ޏ�����½���������������¼������³���­��������������������¡�\���\���\­���¼������»��������Џ����ҡ�����������¹���������³���������������������­���������¹��¡�
\ ¾��䏢돪㏢����\���\���\���\���\�񏪿��̏�����µ�̏����я����ҏ��³���������������������µ��������¡�\ '); banner.append(label); var closeButton = $('