Submitted by admin on 2013, March 3, 9:18 PM
1,bind 保存区域文件都是用文本文档来保存的,当数据量大的时候很容易造成操作错误。当数据量大的时候可以考虑数据库的模式。bind+mysql 数据库,有两种方式Bind DLZ 和 Mysql-bind
http://hi.baidu.com/wzypunk/item/45ca82fc25f76051c9f3374e 使用Mysql-bind实现mysql管理bind配置
http://www.vpsa.net/?post=59 bind-dlz+mysql搭建智能dns
(发现最近没时间了,就不捣鼓实验了,)
2,named.conf 配置文件详解
Named.conf是bind9的最先读取的一个文件,named支持如下语句:
Acl
Controls
Include
Key
Logging
Lwres
Options
Server
Trusted-keys
View
Zone
其中主要的是acl,controls,include,logging,key,options,view,zone其他的很少用到我们就来详细的对这些进行解释一下
—————-
Acl用来对bind的访问进行限制,是一个全局的设置,前面配置的acl在整个bind中都适用,和路由器里面的access-list有同工之处,语法是
acl acl-name {
address_match_list
};
其中的address match list是一个地址列表,如”192.168.0.0/24;”,记住最后一定得有分号,有多个的话中间用分号格开,如192.168.0.0/32;192.168.1.0/24;
bind内置了4个acl分别是:
any(不是all) 对应所有的,也就是0.0.0.0/0.
none 对应为空.
localhost 对应本地机器.
localnets 对应本地网络.
—————-
Controls主要用于对bind进行控制,如:
key “rndc-key” {
algorithm hmac-md5;
secret “VkMaNHXfOiPQqcMVYJRyjQ==”;
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { “rndc-key”; };
};
设置rndc控制的端口以及端口,keys用来设置控制的密钥.
—————-
include是一个非常有用的选项,作用是包含一个文件进来,如果需要写程序来读写bind的配置文件,这个将会用到,因为bind的配置文件很不规则,但是用了include后,就可以变的很规则,就和数据库一样了J,功用和c语言里面的include一样.
—————-
Options是用于设置bind的一些选项,我们将重点介绍,BING9支持的选项如下:
options {
blackhole { <address_match_element>;; … };
coresize <size>;;
datasize <size>;;
deallocate-on-exit <boolean>;; // obsolete
directory <quoted_string>;;
dump-file <quoted_string>;;
fake-iquery <boolean>;; // obsolete
files <size>;;
has-old-clients <boolean>;; // obsolete
heartbeat-interval <integer>;;
host-statistics <boolean>;; // not implemented
interface-interval <integer>;;
listen-on [ port <integer>; ] { <address_match_element>;; … };
listen-on-v6 [ port <integer>; ] { <address_match_element>;; … };
match-mapped-addresses <boolean>;;
memstatistics-file <quoted_string>;; // not implemented
multiple-cnames <boolean>;; // obsolete
named-xfer <quoted_string>;; // obsolete
pid-file <quoted_string>;;
port <integer>;;
random-device <quoted_string>;;
recursive-clients <integer>;;
rrset-order { [ class <string>; ] [ type <string>; ] [ name
<quoted_string>; ] <string>; <string>;; … }; // not implemented
serial-queries <integer>;; // obsolete
serial-query-rate <integer>;;
stacksize <size>;;
statistics-file <quoted_string>;;
statistics-interval <integer>;; // not yet implemented
tcp-clients <integer>;;
tkey-dhkey <quoted_string>; <integer>;;
tkey-gssapi-credential <quoted_string>;;
tkey-domain <quoted_string>;;
transfers-per-ns <integer>;;
transfers-in <integer>;;
transfers-out <integer>;;
treat-cr-as-space <boolean>;; // obsolete
use-id-pool <boolean>;; // obsolete
use-ixfr <boolean>;;
version <quoted_string>;;
allow-recursion { <address_match_element>;; … };
allow-v6-synthesis { <address_match_element>;; … };
sortlist { <address_match_element>;; … };
topology { <address_match_element>;; … }; // not implemented
auth-nxdomain <boolean>;; // default changed
minimal-responses <boolean>;;
recursion <boolean>;;
provide-ixfr <boolean>;;
request-ixfr <boolean>;;
fetch-glue <boolean>;; // obsolete
rfc2308-type1 <boolean>;; // not yet implemented
additional-from-auth <boolean>;;
additional-from-cache <boolean>;;
query-source <querysource4>;;
query-source-v6 <querysource6>;;
cleaning-interval <integer>;;
min-roots <integer>;; // not implemented
lame-ttl <integer>;;
max-ncache-ttl <integer>;;
max-cache-ttl <integer>;;
transfer-format ( many-answers | one-answer );
max-cache-size <size_no_default>;;
check-names <string>; <string>;; // not implemented
cache-file <quoted_string>;;
allow-query { <address_match_element>;; … };
allow-transfer { <address_match_element>;; … };
allow-update-forwarding { <address_match_element>;; … };
allow-notify { <address_match_element>;; … };
notify <notifytype>;;
notify-source ( <ipv4_address>; | * ) [ port ( <integer>; | * ) ];
notify-source-v6 ( <ipv6_address>; | * ) [ port ( <integer>; | * ) ];
also-notify [ port <integer>; ] { ( <ipv4_address>; | <ipv6_address>;
) [ port <integer>; ]; … };
dialup <dialuptype>;;
forward ( first | only );
forwarders [ port <integer>; ] { ( <ipv4_address>; | <ipv6_address>; )
[ port <integer>; ]; … };
maintain-ixfr-base <boolean>;; // obsolete
max-ixfr-log-size <size>;; // obsolete
transfer-source ( <ipv4_address>; | * ) [ port ( <integer>; | * ) ];
transfer-source-v6 ( <ipv6_address>; | * ) [ port ( <integer>; | * ) ];
max-transfer-time-in <integer>;;
max-transfer-time-out <integer>;;
max-transfer-idle-in <integer>;;
max-transfer-idle-out <integer>;;
max-retry-time <integer>;;
min-retry-time <integer>;;
max-refresh-time <integer>;;
min-refresh-time <integer>;;
sig-validity-interval <integer>;;
zone-statistics <boolean>;;
};
obsolete是已经过时的选项,这里不用考虑, not yet implemented是尚未完成的选项,这里也不用考虑,下面详细介绍这里面的有用选项注意,前面打”*”的为选项)
blockhole 定义服务器不对查询进行反应的地址列表,也就是”黑名单”,比如说3721的ip段:218.244.44.0/24,当设置了黑名单后,对于这个段的请求查询,服务器将不会作出反应.
directory 设置bind的数据文件的存放位置:如 directory “/var/named”
dump-file 设置当执行rndc dumpdb命令后的导出文件存放绝对路径,如果没有指定的话,缺省文件为named_dump.db,放在directory指定的目录下面.
pid-file 设置bind的进程号pid文件.
interface-interval 设置bind检查网卡变化的周期.
forward 值有first和only两项, first则首先转发到”forwarders”中的服务器,然后自己查询,only则仅转发到 “转发服务器列表”中的服务器,不再自己查询
forwarders设置转发服务器地址列表,语法同acl中的语法.
listen-on 设置bind的绑定ip和端口,如listen-on 53 {192.168.0.1;};
max-cache-size 设置最大缓存的大小,如max-cache-size 5M
version 设置客户查询DNS版本好的返回信息,如果不想让客户探测到当前的版本好,就用这个好了,如version mydns1.0;
auth-nxdomain 是否做为权威服务器回答域不存在(Auth-nxdomain)
如果设置为’yes’,则允许服务器以权威性(authoritatively)的方式返回NXDOMAIN(该域不存在)的回答,否则就不会作权威性的回答,缺省值为”是”.
notify 在主服务器更新时是否通知辅助服务器(notify)
如果设置为”yes”,则在主服务器区域数据发生变化时,就会向在域的”域名服务器“中列出的服务器和“亦通知”中列出的服务器发送更新通知。这些服务器接受到更新通知后,就会向主服务器发送请求传输的消息,然后区域文件得以更新。
recursion 是否允许递规查询(recursion)
如果设置为”yes”,则允许服务器采用递归的方式进行查询,也就是当要查询的地址不在服务器的数据库列表中时,服务器将一级一级的查询,直到查到为止。(一般对局域网都打开)
设置为”no”,并不意味着服务器对于请求的递归查询不给予回答,而是对于请求的递归查询,不再向上级服务器请求,也不缓存,如果不对请求的递归查询回答,可以清空缓存,然后设置为“NO”.
allow-query 允许普通查询的地址列表(allow-query):
设置允许进行普通查询的ip地址列表,在域中的设置将覆盖全局设置,默认情况下是允许所有的地址进行普通查询.
allow-recursion允许递归查询的地址列表(allow-recursion):
设置允许进行递归查询的ip地址列表,缺省值是允许所有地址进行查询,需要注意的是当设置了不允许递归查询后,如果仍然能够查询部分外部的域名,那是因为dns的缓存在起作用,将缓存清除以后就可以了.
allow-transfer允许服务器进行区域传输的地址列表(Allow-transfer):
(注意的是视区和域中的设置将覆盖全局设置).
allow-notify 允许更新通知的地址列表(allow-notify)
当服务器作为辅助服务器的时候,设置这个可以对收到的更新通知进行判断,只是接收该列表的更新通知.默认情况下,只是接收来自主服务器的更新通知。对于其他服务器的更新通知,会忽略掉.
also-notify 更新时亦通知下列地址(also-notify):
设置发送更新通知的时候,不仅是域名服务器中列出的地址,亦通知此地址列表中的地址。
应用服务 | 评论:0
| Trackbacks:0
| 阅读:914
Submitted by admin on 2013, February 21, 12:56 PM
http://www.actphp.com/ajaxcity/
php | 评论:0
| Trackbacks:0
| 阅读:998
Submitted by admin on 2013, February 19, 1:07 PM
请求域名:www.test.com
源服务器:www.test2.com
本来通过squid服务器用www.test.com请求正常,因为换了源服务器,又懒得改原来的图片url,所以想通过squid来自动替换域名。
只要改一个语句,改掉原来的 cache_peer 后的地址到新服务器,并在name=img后面加上forceddomain=www.test2.com,如下:
cache_peer www.test2.com parent 80 0 no-query originserver name=test forceddomain=www.test2.com
官方说明(http://www.squid-cache.org/Doc/config/cache_peer/):
forceddomain=name
Set the Host header of requests forwarded to this peer.
Useful in accelerator setups where the server (peer)
expects a certain domain name but clients may request
others. ie example.com or www.example.com
squid/缓存 | 评论:0
| Trackbacks:0
| 阅读:1055
Submitted by admin on 2013, February 4, 3:41 PM
linux | 评论:0
| Trackbacks:0
| 阅读:903
Submitted by admin on 2013, January 10, 11:11 PM
PHPZip.class.php报unpack() [function.unpack]: Type v: not enough input, need 2, have 0 in解决办法
正常的在win环境下是没问题的,但是在linux环境下就会报unpack() [function.unpack]: Type v: not enough input, need 2, have 0 in错误,解决办法就是
在类文件中找到 if($bytes == 0x504b0506) 改成 if(substr(dechex($bytes),-8,8) == '504b0506') 就是这样。
--------------
$bytes=($bytes << 8) | ord($byte);
改为
$bytes=(($bytes << 40)>>32)| ord($byte);
php | 评论:0
| Trackbacks:0
| 阅读:1569
Submitted by admin on 2013, January 8, 9:12 PM
1.
Error: Configure: error: xml2-config not found. Please check your libxml2 installation.
Fix: yum install libxml2 libxml2-devel
# aptitude install libxml2-dev (For ubuntu)
2.
Error: configure: error: Cannot find OpenSSL’s
Fix: yum install openssl openssl-devel
3.
Error: Configure: error: Please reinstall the BZip2 distribution
Fix: yum install bzip2 bzip2-devel
4.
Error: Configure: error: Please reinstall the libcurl distribution -easy.h should be in /include/curl/
Fix: yum install curl curl-devel (For Redhat & Fedora)
# install libcurl4-gnutls-dev (For Ubuntu)
5.
Error: Configure: error: libjpeg.(also) not found.
Fix: yum -y install gd
yum -y install gd-devel
yum install libjpeg libjpeg-devel
6.
Error: Configure: error: libpng.(also) not found.
Fix: yum install libpng libpng-devel
#apt-get install libpng12-dev
7) Configure: error: freetype.h not found.
Solutions :
yum install freetype-devel
8) Configure: error: Unable to locate gmp.h
Solutions :
yum install gmp-devel
9) Configure: error: Cannot find MySQL header files under /usr.
Note that the MySQL client library is not bundled anymore!
Solutions :
yum install mysql-devel (For Redhat & Fedora)
# apt-get install libmysql++-dev (For Ubuntu)
10) Configure: error: Please reinstall the ncurses distribution
Solutions :
yum install ncurses ncurses-devel
11) Checking for unixODBC support… configure: error: ODBC header file ‘/usr/include/sqlext.h’ not found!
Solutions :
yum install unixODBC-devel
12. --with-pspell=shared
Error: Configure: error: Cannot find pspell
Fix: yum install pspell-devel
13) --with-mcrypt=shared
Error: configure: error: mcrypt.h not found. Please reinstall libmcrypt.
Fix: yum install libmcrypt-devel
# apt-get install libmcrypt-dev
14) Configure: error: snmp.h not found. Check your SNMP installation.
Solutions :
yum install net-snmp net-snmp-devel
15)开启LDAP服务还需要
yum -y install openldap-devel openldap-servers openldap-clients
16)configure: error: No curses/termcap library found
网上有的说法是:
–with-named-curses-libs=/usr/lib/libncursesw.so.5
其实是不对的,虽然能解决configure的错误,但是make的时候会提示错误,正确的做法应该是
yum -y install ncurses-devel (for redhat)
apt-get install libncurses5-dev(for debian)
17)configure: error: cannot find output from lex; giving up
yum -y install flex
18)configure: error: mod_deflate has been requested but can not be built due to prerequisite failures
yum -y install zlib-devel openssl-devel
debian:apt-get install zlib1g-dev
19)configure: error: libXpm.(a|so) not found.
apt-get install libxpm-dev
20) configure: error: Could not find pcre.h in /usr
Fix: yum install pcre-devel
21) configure: error: Could not find libpcre.(a|so) in /usr
Fix: cp /usr/lib/libpcre.a /usr/libpcre.a
Refer: http://bugs.php.net/bug.php?id=1647
22. --with-db4
Error: configure: error: DBA: Could not find necessary header file(s).
Fix: yum install gdbm-devel db4-devel
Error: configure: error: Header contains different version
Fix: --with-libdir=lib (--libdir=/usr/lib64, which is wrong)
Refer: http://bugs.php.net/bug.php?id=40707
23) configure: error: utf8_mime2text() has new signature, but U8T_CANONICAL is missing
Fix: yum install libc-client-devel
24. --enable-intl=shared
Error: configure: error: Unable to detect ICU prefix or no failed. Please verify ICU install prefix and make sure icu-config works.
25.--with-ldap=shared
Error: configure: error: Cannot find ldap.h
Fix: yum install openldap-devel
Error: configure: error: Cannot find ldap libraries in /usr/lib64.
26.--with-readline=shared
Error: configure: error: Please reinstall readline - I cannot find readline.h
Fix: yum install readline-devel
27.--with-tidy=shared
Error: configure: error: Cannot find libtidy
Fix: yum install libtidy-devel
28.--with-xsl=shared
Error: configure: error: xslt-config not found. Please reinstall the libxslt >= 1.1.0 distribution
Fix: yum install libxslt-devel
apache/web | 评论:0
| Trackbacks:0
| 阅读:1048
Submitted by admin on 2013, January 8, 9:12 PM
yum install libxml2-devel.x86_64
configure: error: Cannot find OpenSSL’s
yum install openssl-devel.x86_64
configure: error: Could not find pcre.h in /usr/local
yum install pcre-devel.x86_64
configure: error: Could not find pcre.h in /usr/local
"--with-pcre-regex=/usr/include" \
configure: error: Could not find libpcre.(a|so) in /usr/include
"--with-pcre-regex=/usr" \
configure: error: Please reinstall the libcurl distribution -
easy.h should be in /include/curl/
yum install curl-devel.x86_64
configure: error: libjpeg.(a|so) not found.
yum install libjpeg-devel.x86_64
configure: error: libpng.(a|so) not found.
yum install libpng-devel.x86_64
configure: error: freetype.h not found.
yum install freetype-devel.x86_64
configure: error: Please reinstall the iconv library.
"--with-iconv" \
configure: error: mcrypt.h not found. Please reinstall libmcrypt.
yum install libmcrypt.x86_64 libmcrypt-devel.x86_64
configure: error: Please reinstall libmhash – I cannot find mhash.h
yum install mhash.x86_64 mhash-devel.x86_64
Note that the MySQL client library is not bundled anymore!
yum install php-mysql.x86_64 mysql-devel.x86_64
configure: error: Please reinstall the BZip2 distribution
yum install bzip2-devel.x86_64
configure: error: utf8_mime2text() has new signature, but U8T_CANONICAL is missing. This should not happen. Check config.log for additional information.
DISABLE IMAP
configure: error: Cannot find pspell
yum install aspell-devel.x86_64
configure: error: Cannot find libtidy
yum install libtidy.x86_64 libtidy-devel.x86_64
error: xslt-config not found. Please reinstall the libxslt >= 1.1.0 distribution
yum install libxslt.x86_64 libxslt-devel.x86_64
collect2: ld returned 1 exit status
yum install glibc-utils.x86_64 libtool-ltdl-devel.x86_64
Step by step to guide PHP Compile
Step 1: Update & Install Development Tools & Libraries
yum update yum group install "Development Tools" yum group install "Development Libraries"
apache/web | 评论:0
| Trackbacks:0
| 阅读:1739
Submitted by admin on 2013, January 8, 9:11 PM
1. 安装Apahce, PHP, Mysql, 以及php连接mysql库组件。
yum -y install httpd php mysql mysql-server php-mysql
2. 配置开机启动服务
/sbin/chkconfig httpd on [设置apache服务器httpd服务开机启动]
/sbin/chkconfig --add mysqld [在服务清单中添加mysql服务]
/sbin/chkconfig mysqld on [设置mysql服务开机启动]
/sbin/service httpd start [启动httpd服务,与开机启动无关]
/sbin/service mysqld start [启动mysql服务,与开机无关]
3.设置 mysql数据库root帐号密码。
mysqladmin -u root password 'newpassword' [引号内填密码]
4. 让mysql数据库更安全
mysql -u root -p [此时会要求你输入刚刚设置的密码,输入后回车即可]
mysql> DROP DATABASE test; [删除test数据库]
mysql> DELETE FROM mysql.user WHERE user = ''; [删除匿名帐户]
mysql> FLUSH PRIVILEGES; [重载权限]
5. 按照以上的安装方式, 配置出来的默认站点目录为/var/www/html/新建一个php脚本:
phpinfo();
?>
6. 新建一个数据库,添加一个数据库用户,设置用户权限。写个php脚本测试一下数据库连接吧。
mysql> CREATE DATABASE my_db;
mysql> GRANT ALL PRIVILEGES ON my_db.* TO 'user'@'localhost' IDENTIFIED BY 'password';
//安 装apache扩展
yum -y install httpd-manual mod_ssl mod_perl mod_auth_mysql
//安装php的扩展
yum install php-gd
yum -y install php-gd php-xml php-mbstring php-ldap php-pear php-xmlrpc
// 安装mysql扩展
yum -y install mysql-connector-odbc mysql-devel libdbi-dbd-mysql
7, 如果命令行没有phpize,运行以下命令
yum -y install php-devel
8,安装pdo
pecl install pdo
PHP_PDO_SHARED=1 pecl install pdo_mysql
pecl install PDO_SQLITE
9, 安装memcache
yum -y install php-pecl-memcache
10, 安装php-eaccelerator
yum install php-eaccelerator.i686
CentOS 5.x 系统下使用yum 升级php到5.2.x 最方便方法
近期使用testlink 1.82 ,提及php需要升级到5.2以上,而centos 5.x目前提供php版本为5.1.6,
通过以下方法升级PHP到5.2比较方便,现推荐给大家。
先将以下地址导入。
# rpm --import http://www.jasonlitka.com/media/RPM-GPG-KEY-jlitka
# vi /etc/yum.repos.d/CentOS-Base.repo 增加下面信息
[utterramblings]
name=Jason's Utter Ramblings Repo
baseurl=http://www.jasonlitka.com/media/EL$releasever/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://www.jasonlitka.com/media/RPM-GPG-KEY-jlitka
执行命令,自动升级。
yum update php -y
yum install libmcrypt -y
apache/web | 评论:0
| Trackbacks:0
| 阅读:928
