####################3.gateway####################
1.路由器(略)
2.网关
路由器上和自己处在同一个网段的那个ip
3.设定网关
systemctl stop NetworkManager ##"NetworkManger"服务会记录网卡原来的信息,要先stop
vim /etc/sysconfig/network ##全局网关
GATEWAY=网关ip
vim /etc/sysconfig/network-scripts/ifcfg-网卡配置文件 ##网卡接口网关
GATEWAY=网关ip
systemctl restart network
route -n ##查询网关
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.25.0.254 0.0.0.0 UG 0 0 0 eth0
172.25.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
##172.25.0.254就是默认网关
####################
[[email protected] Desktop]# systemctl status NetworkManager
[[email protected] Desktop]# vim /etc/sysconfig/network
------------------------------------------------------------
在最后添加一行:
GATEWAY=172.25.50.200
:wq
------------------------------------------------------------
[[email protected] Desktop]# systemctl restart network.service
[[email protected] Desktop]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.25.50.200 0.0.0.0 UG 1024 0 0 eth0
172.25.50.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
[[email protected] Desktop]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
------------------------------------------------------------
在最后添加一行:
GATEWAY=172.25.50.250
:wq
------------------------------------------------------------
[[email protected] Desktop]# systemctl restart network.service
[[email protected] Desktop]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.25.50.250 0.0.0.0 UG 1024 0 0 eth0
172.25.50.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
##证明网卡接口网关优先于全局网关
[[email protected] Desktop]# strace systemctl restart network
##可以使用"starce"命令追踪网络服务重启时的系统调用
[[email protected] Desktop]# traceroute 172.25.254.50
##路由追踪
####################
####################4.DNS####################
1.DNS
DNS是一台服务器
这台服务器提供了回答客户"主机名和ip"对应关系的功能
2.设定DNS
vim /etc/resolv.conf
nameserver DNS服务器IP
vim /etc/sysconfig/network-scripts/ifcfg-网卡配置文件
DNS1=DNS服务器IP
####################
"lo"回环接口是本机的服务之间沟通的一个接口,不要删除
####################
####################
/var/named/example.com.zone ##DNS服务器上的A记录文件
------------------------------------------------------------
westos.example.com. IN A 172.25.254.250 ##这个IP地址叫做这个主机名的A记录
------------------------------------------------------------
systemctl restart named ##重启DNS服务
A记录文件在哪台主机,哪台主机就是DNS服务器
世界上顶级DNS服务器一共有13台
####################
3.本地解析文件
vim /etc/hosts
ip 主机名称
####################
[[email protected] Desktop]# ping www.baidu.com
PING www.a.shifen.com (61.135.169.125) 56(84) bytes of data. ##ping百度域名,会自动解析成IP地址
64 bytes from 61.135.169.125: icmp_seq=1 ttl=52 time=25.4 ms
^C
--- www.a.shifen.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 25.455/25.455/25.455/0.000 ms
[[email protected] Desktop]# cat /etc/resolv.conf
# Generated by NetworkManager
domain ilt.example.com
search ilt.example.com example.com
nameserver 172.25.254.250
[[email protected] Desktop]# > /etc/resolv.conf
[[email protected] Desktop]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
------------------------------------------------------------
在最后添加一行:
DNS1=172.25.50.250
:wq
------------------------------------------------------------
[[email protected] Desktop]# systemctl restart network
[[email protected] Desktop]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 172.25.50.250
##更改网卡DNS,重启服务后发现更改的还是"/etc/resolv.conf"这个文件
[[email protected] Desktop]# vim /etc/hosts
------------------------------------------------------------
在最后添加一行:
172.25.50.250 westos.example.com ##在本地解析文件中添加主机名和ip地址的对应关系
:wq
------------------------------------------------------------
[[email protected] Desktop]# ping westos.example.com
PING westos.example.com (172.25.50.250) 56(84) bytes of data.
64 bytes from westos.example.com (172.25.50.250): icmp_seq=1 ttl=64 time=0.178 ms
64 bytes from westos.example.com (172.25.50.250): icmp_seq=2 ttl=64 time=0.197 ms
^C
--- westos.example.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.178/0.187/0.197/0.016 ms
####################
4.本地解析文件和DNS读取的优先级调整
/etc/nsswitch.conf
38 #hosts: db files nisplus nis dns
39 hosts: files dns ##files代表本地解析文件,dns代表dns服务器,哪个在前面哪个优先
5.dhcp服务的配置
服务端:
[[email protected] ~]# cd /etc/dhcp
[[email protected] dhcp]# ls
dhclient.d dhcpd6.conf dhcpd.conf
[[email protected] dhcp]# vim dhcpd.conf
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp*/dhcpd.conf.example ##请查看"dhcpd.conf.example"这个文件
# see dhcpd.conf(5) man page
#
[[email protected] dhcp]# less /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example
[[email protected] dhcp]# cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf
[[email protected] dhcp]# vim dhcpd.conf
------------------------------------------------------------
修改:
7 option domain-name "example.com";
8 option domain-name-servers 172.25.0.254;
==============================
查看:
10 default-lease-time 600; ##默认租期
11 max-lease-time 7200; ##最大租期
==============================
删除:
27行,28行
==============================
删除:
从35行到结束
==============================
修改:
30 subnet 172.25.0.0 netmask 255.255.255.0 {
31 range 172.25.0.100 172.25.0.200;
32 option routers 172.25.0.254;
33 }
:wq
------------------------------------------------------------
[[email protected] dhcp]# systemctl start dhcpd
[[email protected] dhcp]# systemctl enable dhcpd
客户端:
[[email protected] Desktop]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
------------------------------------------------------------
BOOTPROTO=dhcp
:wq
------------------------------------------------------------
[[email protected] Desktop]# > /var/log/messages
[[email protected] Desktop]# systemctl restart network.service
[[email protected] Desktop]# cat /var/log/messages ##出现问题时,查看日志中的报错信息
服务端:
[[email protected] dhcp]# cat /var/lib/dhcpd/dhcpd.leases ##查看IP地址的分配信息
####################
[[email protected] Desktop]# cat /etc/hostname
cat: /etc/hostname: No such file or directory
[[email protected] Desktop]# hostnamectl
Static hostname: n/a
Pretty hostname: ?
Transient hostname: localhost
Icon name: computer
Chassis: n/a
Machine ID: 946cb0e817ea4adb916183df8c4fc817
Boot ID: c6a59612d76a4f548745e2bafbccdb49
Virtualization: kvm
Operating System: Red Hat Enterprise Linux Server 7.0 (Maipo)
CPE OS Name: cpe:/o:redhat:enterprise_linux:7.0:GA:server
Kernel: Linux 3.10.0-123.el7.x86_64
Architecture: x86_64
[[email protected] Desktop]# hostnamectl set-hostname desktop
[[email protected] Desktop]# hostnamectl
Static hostname: desktop ##重启生效
Icon name: computer
Chassis: n/a
Machine ID: 946cb0e817ea4adb916183df8c4fc817
Boot ID: c6a59612d76a4f548745e2bafbccdb49
Virtualization: kvm
Operating System: Red Hat Enterprise Linux Server 7.0 (Maipo)
CPE OS Name: cpe:/o:redhat:enterprise_linux:7.0:GA:server
Kernel: Linux 3.10.0-123.el7.x86_64
Architecture: x86_64
[[email protected] Desktop]# cat /etc/hostname
desktop
[[email protected] Desktop]# echo desktop50 > /etc/hostname
[[email protected] Desktop]# cat /etc/hostname
desktop50
[[email protected] Desktop]# hostnamectl
Static hostname: desktop50 ##重启生效
Icon name: computer
Chassis: n/a
Machine ID: 946cb0e817ea4adb916183df8c4fc817
Boot ID: c6a59612d76a4f548745e2bafbccdb49
Virtualization: kvm
Operating System: Red Hat Enterprise Linux Server 7.0 (Maipo)
CPE OS Name: cpe:/o:redhat:enterprise_linux:7.0:GA:server
Kernel: Linux 3.10.0-123.el7.x86_64
Architecture: x86_64
企业6和企业7修改hostname的区别:
企业6编辑"/etc/sysconfig/network"文件
企业7编辑"/etc/hostname"文件
####################
####################
#### 10.系统日志 ####
####################
####################1.系统日志默认分类####################
/var/log/messages ##系统服务及日志,包括服务的信息,报错等等
/var/log/secure ##系统认证信息日志
/var/log/maillog ##系统邮件服务信息日志
/var/log/cron ##系统定时任务信息日志
/var/log/boot.log ##系统启动信息日志
####################2.日志管理服务rsyslog####################
1.rsyslog负责采集日志和分类存放日志
####################
[[email protected] Desktop]# > /var/log/messages
[[email protected] Desktop]# systemctl stop rsyslog.service
[[email protected] Desktop]# cat /var/log/messages
Oct 19 05:29:36 127.0.0.1 rsyslogd: [origin software="rsyslogd" swVersion="7.4.7" x-pid="1678" x-info="http://www.rsyslog.com"] exiting on signal 15.
##关闭rsyslog服务后,查看日志只有一条信息
[[email protected] Desktop]# systemctl restart sshd.service
[[email protected] Desktop]# cat /var/log/messages
Oct 19 05:29:36 127.0.0.1 rsyslogd: [origin software="rsyslogd" swVersion="7.4.7" x-pid="1678" x-info="http://www.rsyslog.com"] exiting on signal 15.
##rsyslog服务停止收集信息,还是只有一条信息
[[email protected] Desktop]# systemctl start rsyslog.service
[[email protected] Desktop]# cat /var/log/messages
Oct 19 05:29:36 127.0.0.1 rsyslogd: [origin software="rsyslogd" swVersion="7.4.7" x-pid="1678" x-info="http://www.rsyslog.com"] exiting on signal 15.
Oct 19 05:30:00 127.0.0.1 rsyslogd: [origin software="rsyslogd" swVersion="7.4.7" x-pid="1724" x-info="http://www.rsyslog.com"] start
Oct 19 05:30:00 127.0.0.1 rsyslogd-2307: warning: ~ action is deprecated, consider using the ‘stop‘ statement instead [try http://www.rsyslog.com/e/2307 ]
Oct 19 05:29:36 127.0.0.1 systemd: Stopping System Logging Service...
Oct 19 05:29:36 127.0.0.1 systemd: Stopped System Logging Service.
Oct 19 05:29:49 127.0.0.1 systemd: Stopping OpenSSH server daemon...
Oct 19 05:29:49 127.0.0.1 systemd: Starting OpenSSH server daemon...
Oct 19 05:29:49 127.0.0.1 systemd: Started OpenSSH server daemon.
Oct 19 05:30:00 127.0.0.1 systemd: Starting System Logging Service...
Oct 19 05:30:00 127.0.0.1 systemd: Started System Logging Service.
Oct 19 05:30:01 127.0.0.1 systemd: Starting Session 3 of user root.
Oct 19 05:30:01 127.0.0.1 systemd: Started Session 3 of user root.
[[email protected] Desktop]#
##rsyslog服务把之前关闭时未收集的信息重新收集
####################
2.rsyslog日志分类
vim /etc/rsyslog.conf ##主配置文件
服务.日志级别 /存放文件
*.* /var/log/westos
systemctl restart rsyslog ##重启日志管理服务
####################
[[email protected] Desktop]# vim /etc/rsyslog.conf
--------------------------------------------------
55 *.* /var/log/westos
##将日志全部定向到/var/log/westos文件中
##新建的日志存放文件尽量放在"/var/log"下面,放在其它地方得修改一些系统参数
:wq
--------------------------------------------------
[[email protected] Desktop]# systemctl restart rsyslog.service
####################
man 5 rsyslog.conf ##查看rsyslogd配置文件的说明
#####格式#####
日志设备(类型).(连接符号)日志级别 日志处理方式(action) ##"."是连接符号
1)日志设备(可以理解为日志类型):
auth ##pam产生的日志
authpriv ##ssh,ftp等登陆信息的验证信息
cron ##时间任务相关
kern ##内核
lpr ##打印
mail ##邮件
mark(syslog)-rsyslog ##服务内部的信息,时间标识
news ##新闻组
user ##用户程序产生的相关信息
uucp ##unix to unix copy, unix主机之间相关的通讯
local 1~7 ##自定义的日志设备
2)日志级别:
debug ##有调式信息的,日志信息最多
info ##一般的日志,最常用
notic ##最具有重要性的普通条件的信息
warning ##警告级别
err ##错误级别,阻止某个功能或者模块不能正常工作的信息
crit ##严重级别,阻止整个系统或者整个软件不能正常工作的信息
alert ##需要立即修改的信息
emerg ##内和崩溃等严重信息
none ##什么都不记录
注意:从上到下,级别从低到高,记录的信息越来越少
更为详细的说明可以查看手册:man 3 syslog
3)连接符号
.xxx ##表示大于等于xxx级别的信息
.=xxx ##表示等于xxx级别的信息
.!xxx ##表示在xxx级别之外的信息
4)配置实例
1>记录到普通文件或设备文件
*.* /var/log/file.log ##绝对路径
*.* /dev/pts/0
测试:
logger -p local3.info ‘KadeFor is testing the rsyslog and logger‘
##"logger"命令用于产生日志消息
2>发送给用户(需要在线才能收到)
*.* root
*.* root,kadefor,up01 ##使用,号分隔多个用户
*.* * ##*号表示所有在线用户
3>忽略,丢弃
local3.* ~ ##忽略所有local3类型的所有级别的日志
4>执行脚本
local3.* ^/tmp/a.sh ##^号后跟可执行脚本或程序的绝对路径
##日志内容可以作为脚本的第一个参数
##可用来触发报警
3.rsyslog日志同步
####################
[[email protected] Desktop]# firewall-cmd --list-all ##防火墙允许的条目
public (default, active)
interfaces: eth0
sources:
services: dhcpv6-client ssh
ports:
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
####################
systemctl stop firewalld.service ##关闭两台主机的防火墙
配置日志发送方
*.* @172.25.0.11 ##通过udp协议把日志发送到11主机,"@"表示udp,"@@"表示tcp
systemctl restart rsyslog
配置日志接受方
15 $ModLoad imudp ##日志接受插件
16 $UDPServerRun 514 ##日志接收插件使用端口
####################
man 5 rsyslog.conf
/udp
imudp Input plugin for UDP syslog. Replaces the deprecated -r option.
Can be used like this:
$ModLoad imudp
$UDPServerRun 514
按"n"向下查找,发现
Example:
*.* @192.168.0.1
####################
[[email protected] Desktop]# systemctl restart rsyslog
[[email protected] Desktop]# netstat -anulpe | grep rsyslog
udp 0 0 0.0.0.0:514 0.0.0.0:* 0 39524 2911/rsyslogd
udp6 0 0 :::514 :::* 0 39525 2911/rsyslogd
> /var/log/messages ##两边都作
logger test message ##日志发送方
tail -f /var/log/message ##日志接收方
####################
desktop&server:
[[email protected] Desktop]# systemctl stop firewalld.service
desktop:
[[email protected] Desktop]# vim /etc/rsyslog.conf
--------------------------------------------------
51 *.* @172.25.50.200
:wq
--------------------------------------------------
[[email protected] Desktop]# systemctl restart rsyslog.service
server:
[[email protected] Desktop]# vim /etc/rsyslog.conf
--------------------------------------------------
15 $ModLoad imudp
16 $UDPServerRun 514
:wq
--------------------------------------------------
[[email protected] Desktop]# systemctl restart rsyslog.service
[[email protected] Desktop]# netstat -anulpe | grep rsyslog
udp 0 0 0.0.0.0:514 0.0.0.0:* 0 39524 2911/rsyslogd
udp6 0 0 :::514 :::* 0 39525 2911/rsyslogd
desktop&server:
[[email protected] Desktop]# > /var/log/messages
server:
[[email protected] Desktop]# tail -f /var/log/messages
desktop:
[[email protected] Desktop]# logger test
[[email protected] Desktop]# logger test
[[email protected] Desktop]# logger test
[[email protected] Desktop]# logger test
server:
Oct 17 05:27:23 localhost root: test
Oct 17 05:27:23 localhost root: test
Oct 17 05:27:24 localhost root: test
Oct 17 05:27:24 localhost root: test
####################
4.日志采集格式
$template WESTOS, "%timegenerated% %FROMHOST-IP% %syslogtag% %msg%\n"
%timegenerated% ##生成时间
%FROMHOST-IP% ##主机ip
%syslogtag% ##进程名称
%msg% ##信息
\n ##换行
$ActionfileDefaultTemplate WESTOS ##全局
*.info;mail.none;authpriv.none;cron.none /var/log/messages;WESTOS ##指定
####################
man 5 rsyslog.conf
/template
按"n"向下查找,发现
$template TraditionalFormat,"%timegenerated% %HOSTNAME% %syslogtag%%msg%\n"
####################