/l3/users/lav/nt-bsdnet/root :1 :2 :3 :4 :5 :6 :7 :8 :9 :10 :11 :12 |
|
#screen -x
|
#exit
exit Connection to 192.168.15.2 closed. |
#exit
exit Connection to 192.168.15.2 closed. |
#ssh 192.168.15.2
Password: Last login: Tue Sep 19 14:10:09 2006 from 192.168.15.4 Linux linux2.linux.nt 2.4.27-speakup #1 Thu Aug 19 21:46:14 CEST 2004 i686 The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. No mail. l3-agent is already running: pid=3284; pidfile=/root/.lilalo/l3-agent.pid |
#ssh 192.168.15.2
Password: Last login: Tue Sep 19 14:10:09 2006 from 192.168.15.4 Linux linux2.linux.nt 2.4.27-speakup #1 Thu Aug 19 21:46:14 CEST 2004 i686 The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. No mail. l3-agent is already running: pid=3284; pidfile=/root/.lilalo/l3-agent.pid |
#pkg-version kde
bash: pkg-version: command not found |
#pkg-version
bash: pkg-version: command not found |
#pkg-version
bash: pkg-version: command not found |
#pkg_info -v
pkg_info: missing package name(s) usage: pkg_info [-bcdDEfgGiIjkLmopPqQrRsvVxX] [-e package] [-l prefix] [-t template] -a | pkg-name ... pkg_info [-qQ] -W filename pkg_info [-qQ] -O origin pkg_info |
#pkg_info -v
pkg_info: missing package name(s) usage: pkg_info [-bcdDEfgGiIjkLmopPqQrRsvVxX] [-e package] [-l prefix] [-t template] -a | pkg-name ... pkg_info [-qQ] -W filename pkg_info [-qQ] -O origin pkg_info |
#pkg-version -v
bash: pkg-version: command not found |
#pkg-version -v
bash: pkg-version: command not found |
#pkg_info -u
pkg_info: illegal option -- u usage: pkg_info [-bcdDEfgGiIjkLmopPqQrRsvVxX] [-e package] [-l prefix] [-t template] -a | pkg-name ... pkg_info [-qQ] -W filename pkg_info [-qQ] -O origin pkg_info |
#pkg_info -u
pkg_info: illegal option -- u usage: pkg_info [-bcdDEfgGiIjkLmopPqQrRsvVxX] [-e package] [-l prefix] [-t template] -a | pkg-name ... pkg_info [-qQ] -W filename pkg_info [-qQ] -O origin pkg_info |
#pkg_info -v
pkg_info: missing package name(s) usage: pkg_info [-bcdDEfgGiIjkLmopPqQrRsvVxX] [-e package] [-l prefix] [-t template] -a | pkg-name ... pkg_info [-qQ] -W filename pkg_info [-qQ] -O origin pkg_info |
#pkg_info -v
pkg_info: missing package name(s) usage: pkg_info [-bcdDEfgGiIjkLmopPqQrRsvVxX] [-e package] [-l prefix] [-t template] -a | pkg-name ... pkg_info [-qQ] -W filename pkg_info [-qQ] -O origin pkg_info |
#pkg_info
OpenEXR-1.2.1_1 A high dynamic-range (HDR) image file format apr-nothr-db4-1.0.1_1 The Apache Group's Portability Library arts-1.4.2,1 Audio system for the KDE integrated X11 desktop artswrapper-1.2.2 Setuid wrapper for arts aspell-0.60.3 Spelling checker with better suggestion logic than ispell bash-3.0.16_1 The GNU Project's Bourne Again SHell bitstream-vera-1.10_1 Bitstream Vera TrueType font collection boehm-gc-6.5 Garbage collection and memory leak detection for C and C++ boost-python-1.32.0_2 Free peer-reviewed portable C++ source libraries bsdpan-Term-VT102-0.82 Term::VT102 - a class to emulate a DEC VT102 terminal ... xorg-fonts-type1-6.8.2 X.Org Type1 fonts xorg-fontserver-6.8.2 X font server from X.Org xorg-libraries-6.8.2 X11 libraries and headers from X.Org xorg-manpages-6.8.2 X.Org library manual pages xorg-nestserver-6.8.2 Nesting X server from X.Org xorg-printserver-6.8.2 X Print server from X.Org xorg-server-6.8.2_6 X.Org X server and related programs xorg-vfbserver-6.8.2 X virtual framebuffer server from X.Org xpdf-3.00_7 Display PDF files, and convert them to other formats xterm-203 Terminal emulator for the X Window System |
#pkg_info
OpenEXR-1.2.1_1 A high dynamic-range (HDR) image file format apr-nothr-db4-1.0.1_1 The Apache Group's Portability Library arts-1.4.2,1 Audio system for the KDE integrated X11 desktop artswrapper-1.2.2 Setuid wrapper for arts aspell-0.60.3 Spelling checker with better suggestion logic than ispell bash-3.0.16_1 The GNU Project's Bourne Again SHell bitstream-vera-1.10_1 Bitstream Vera TrueType font collection boehm-gc-6.5 Garbage collection and memory leak detection for C and C++ boost-python-1.32.0_2 Free peer-reviewed portable C++ source libraries bsdpan-Term-VT102-0.82 Term::VT102 - a class to emulate a DEC VT102 terminal ... xorg-fonts-type1-6.8.2 X.Org Type1 fonts xorg-fontserver-6.8.2 X font server from X.Org xorg-libraries-6.8.2 X11 libraries and headers from X.Org xorg-manpages-6.8.2 X.Org library manual pages xorg-nestserver-6.8.2 Nesting X server from X.Org xorg-printserver-6.8.2 X Print server from X.Org xorg-server-6.8.2_6 X.Org X server and related programs xorg-vfbserver-6.8.2 X virtual framebuffer server from X.Org xpdf-3.00_7 Display PDF files, and convert them to other formats xterm-203 Terminal emulator for the X Window System |
#portupgrade
bash: portupgrade: command not found |
#portupgrade
bash: portupgrade: command not found |
#pkg_add -r portupgrade
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.0-release/Latest/portupgrade.tbz... Done. Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.0-release/All/ruby-1.8.2_4.tbz... Done. Deinstalling obsoleted packages that are now part of ruby... ==== Note that some of the standard libraries are provided as separate ports since they require extra dependencies: converters/ruby-iconv iconv module databases/ruby-gdbm: GDBM module lang/ruby-tcltklib: Tcl/Tk libraries japanese/ruby-tcltklib: Tcl/Tk libraries for Japanized Tcl/Tk x11-toolkits/ruby-tk: Tk modules japanese/ruby-tk: Tk modules for Japanized Tcl/Tk lang/ruby-mode.el: Emacs lisp modules Install them as occasion demands. (Make sure to define RUBY_VER=1.8 when you build and install them) ==== Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.0-release/All/ruby18-bdb1-0.2.2.tbz... Done. |
#pkg_add -r portupgrade
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.0-release/Latest/portupgrade.tbz... Done. Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.0-release/All/ruby-1.8.2_4.tbz... Done. Deinstalling obsoleted packages that are now part of ruby... ==== Note that some of the standard libraries are provided as separate ports since they require extra dependencies: converters/ruby-iconv iconv module databases/ruby-gdbm: GDBM module lang/ruby-tcltklib: Tcl/Tk libraries japanese/ruby-tcltklib: Tcl/Tk libraries for Japanized Tcl/Tk x11-toolkits/ruby-tk: Tk modules japanese/ruby-tk: Tk modules for Japanized Tcl/Tk lang/ruby-mode.el: Emacs lisp modules Install them as occasion demands. (Make sure to define RUBY_VER=1.8 when you build and install them) ==== Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.0-release/All/ruby18-bdb1-0.2.2.tbz... Done. |
#dig @213.130.26.7 mail.ru ns
; <<>> DiG 9.3.1 <<>> @213.130.26.7 mail.ru ns ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16502 ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 6 ;; QUESTION SECTION: ;mail.ru. IN NS ;; ANSWER SECTION: mail.ru. 681 IN NS ns.mail.ru. ... ns.mail.ru. 12210 IN A 194.67.23.130 ns1.mail.ru. 12210 IN A 194.67.57.103 ns2.mail.ru. 1979 IN A 194.67.57.104 ns3.mail.ru. 12210 IN A 194.67.23.17 ns4.mail.ru. 11691 IN A 194.67.57.4 ns5.mail.ru. 12210 IN A 194.67.23.232 ;; Query time: 157 msec ;; SERVER: 213.130.26.7#53(213.130.26.7) ;; WHEN: Tue Sep 19 15:54:20 2006 ;; MSG SIZE rcvd: 228 |
#dig @213.130.26.7 mail.ru ns
; <<>> DiG 9.3.1 <<>> @213.130.26.7 mail.ru ns ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16502 ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 6 ;; QUESTION SECTION: ;mail.ru. IN NS ;; ANSWER SECTION: mail.ru. 681 IN NS ns.mail.ru. ... ns.mail.ru. 12210 IN A 194.67.23.130 ns1.mail.ru. 12210 IN A 194.67.57.103 ns2.mail.ru. 1979 IN A 194.67.57.104 ns3.mail.ru. 12210 IN A 194.67.23.17 ns4.mail.ru. 11691 IN A 194.67.57.4 ns5.mail.ru. 12210 IN A 194.67.23.232 ;; Query time: 157 msec ;; SERVER: 213.130.26.7#53(213.130.26.7) ;; WHEN: Tue Sep 19 15:54:20 2006 ;; MSG SIZE rcvd: 228 |
#dig @213.130.26.7 mail.ru ns |less
|
#ipfw delete 1
|
#iiconfig
bash: iiconfig: command not found |
#iiconfig
bash: iiconfig: command not found |
#ipfw list
00100 reset tcp from any to any dst-port 19 00200 allow tcp from any to any dst-port 22 00300 allow tcp from any to any dst-port 25 65000 reset tcp from any to any in setup 65100 allow ip from any to any 65535 deny ip from any to any |
#ipfw list
00100 reset tcp from any to any dst-port 19 00200 allow tcp from any to any dst-port 22 00300 allow tcp from any to any dst-port 25 65000 reset tcp from any to any in setup 65100 allow ip from any to any 65535 deny ip from any to any |
#ipfw add 1000 allow udp from me to any 53 keep-state
01000 allow udp from me to any dst-port 53 keep-state |
#ipfw add 1000 allow udp from me to any 53 keep-state
01000 allow udp from me to any dst-port 53 keep-state |
#ipfw add 2000 deny udp fro any to any
02000 deny udp from any to any |
#ipfw add 2000 deny udp fro any to any
02000 deny udp from any to any |
#ipfw show | grep ^[12]000
|
#ipfw show | grep ^[12]000
|
#ipfw listrep ^[12]000
|
#ipfw listrep ^[12]000
|
#ipfw list
00100 reset tcp from any to any dst-port 19 00200 allow tcp from any to any dst-port 22 00300 allow tcp from any to any dst-port 25 01000 allow udp from me to any dst-port 53 keep-state 02000 deny udp from any to any 65000 reset tcp from any to any in setup 65100 allow ip from any to any 65535 deny ip from any to any |
#ipfw list
00100 reset tcp from any to any dst-port 19 00200 allow tcp from any to any dst-port 22 00300 allow tcp from any to any dst-port 25 01000 allow udp from me to any dst-port 53 keep-state 02000 deny udp from any to any 65000 reset tcp from any to any in setup 65100 allow ip from any to any 65535 deny ip from any to any |
#ipfw list | grep ^012]000
01000 allow udp from me to any dst-port 53 keep-state 02000 deny udp from any to any |
#ipfw list | grep ^012]000
01000 allow udp from me to any dst-port 53 keep-state 02000 deny udp from any to any |
#[root@fbsd1:~]# ipfw list | grep ^0[12]000
01000 allow udp from me to any dst-port 53 keep-state 02000 deny udp from any to any |
#dig @192.168.15.254 mail.ru ns
; <<>> DiG 9.3.1 <<>> @192.168.15.254 mail.ru ns ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58063 ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;mail.ru. IN NS ;; ANSWER SECTION: mail.ru. 21600 IN NS ns.mail.ru. mail.ru. 21600 IN NS ns1.mail.ru. mail.ru. 21600 IN NS ns2.mail.ru. mail.ru. 21600 IN NS ns3.mail.ru. mail.ru. 21600 IN NS ns4.mail.ru. mail.ru. 21600 IN NS ns5.mail.ru. ;; Query time: 4193 msec ;; SERVER: 192.168.15.254#53(192.168.15.254) ;; WHEN: Tue Sep 19 16:13:34 2006 ;; MSG SIZE rcvd: 132 |
#[root@fbsd1:~]# ipfw list | grep ^0[12]000
01000 allow udp from me to any dst-port 53 keep-state 02000 deny udp from any to any |
#dig @192.168.15.254 mail.ru ns
; <<>> DiG 9.3.1 <<>> @192.168.15.254 mail.ru ns ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58063 ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;mail.ru. IN NS ;; ANSWER SECTION: mail.ru. 21600 IN NS ns.mail.ru. mail.ru. 21600 IN NS ns1.mail.ru. mail.ru. 21600 IN NS ns2.mail.ru. mail.ru. 21600 IN NS ns3.mail.ru. mail.ru. 21600 IN NS ns4.mail.ru. mail.ru. 21600 IN NS ns5.mail.ru. ;; Query time: 4193 msec ;; SERVER: 192.168.15.254#53(192.168.15.254) ;; WHEN: Tue Sep 19 16:13:34 2006 ;; MSG SIZE rcvd: 132 |
#dig @192.168.15.254 mail.ru ns
; <<>> DiG 9.3.1 <<>> @192.168.15.254 mail.ru ns ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46767 ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;mail.ru. IN NS ;; ANSWER SECTION: mail.ru. 21599 IN NS ns5.mail.ru. mail.ru. 21599 IN NS ns.mail.ru. mail.ru. 21599 IN NS ns1.mail.ru. mail.ru. 21599 IN NS ns2.mail.ru. mail.ru. 21599 IN NS ns3.mail.ru. mail.ru. 21599 IN NS ns4.mail.ru. ;; Query time: 1 msec ;; SERVER: 192.168.15.254#53(192.168.15.254) ;; WHEN: Tue Sep 19 16:13:35 2006 ;; MSG SIZE rcvd: 132 |
#dig @192.168.15.254 mail.ru ns
; <<>> DiG 9.3.1 <<>> @192.168.15.254 mail.ru ns ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46767 ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;mail.ru. IN NS ;; ANSWER SECTION: mail.ru. 21599 IN NS ns5.mail.ru. mail.ru. 21599 IN NS ns.mail.ru. mail.ru. 21599 IN NS ns1.mail.ru. mail.ru. 21599 IN NS ns2.mail.ru. mail.ru. 21599 IN NS ns3.mail.ru. mail.ru. 21599 IN NS ns4.mail.ru. ;; Query time: 1 msec ;; SERVER: 192.168.15.254#53(192.168.15.254) ;; WHEN: Tue Sep 19 16:13:35 2006 ;; MSG SIZE rcvd: 132 |
#grep syslog /etc/services
syslog 514/udp |
#grep syslog /etc/services
syslog 514/udp |
#grep syslog /etc/defaults/rc.conf
syslogd_enable="YES" # Run syslog daemon (or NO). syslogd_program="/usr/sbin/syslogd" # path to syslogd, if you want a different one. syslogd_flags="-s" # Flags to syslogd (if enabled). amd_flags="-a /.amd_mnt -l syslog /host /etc/amd.map /net /etc/amd.map" newsyslog_enable="YES" # Run newsyslog at startup. newsyslog_flags="-CN" # Newsyslog flags to create marked files |
#grep syslog /etc/defaults/rc.conf
syslogd_enable="YES" # Run syslog daemon (or NO). syslogd_program="/usr/sbin/syslogd" # path to syslogd, if you want a different one. syslogd_flags="-s" # Flags to syslogd (if enabled). amd_flags="-a /.amd_mnt -l syslog /host /etc/amd.map /net /etc/amd.map" newsyslog_enable="YES" # Run newsyslog at startup. newsyslog_flags="-CN" # Newsyslog flags to create marked files |
#man syslogd
|
#man syslogd
|
#grep syslog /etc/defaults/rc.conf
syslogd_enable="YES" # Run syslog daemon (or NO). syslogd_program="/usr/sbin/syslogd" # path to syslogd, if you want a different one. syslogd_flags="-s" # Flags to syslogd (if enabled). amd_flags="-a /.amd_mnt -l syslog /host /etc/amd.map /net /etc/amd.map" newsyslog_enable="YES" # Run newsyslog at startup. newsyslog_flags="-CN" # Newsyslog flags to create marked files |
#grep syslog /etc/defaults/rc.conf
syslogd_enable="YES" # Run syslog daemon (or NO). syslogd_program="/usr/sbin/syslogd" # path to syslogd, if you want a different one. syslogd_flags="-s" # Flags to syslogd (if enabled). amd_flags="-a /.amd_mnt -l syslog /host /etc/amd.map /net /etc/amd.map" newsyslog_enable="YES" # Run newsyslog at startup. newsyslog_flags="-CN" # Newsyslog flags to create marked files |
#vi /etc/rc.conf
24a25,26 > syslogd_flags="-s" > |
#vi /etc/rc.conf
|
#/etc/rc.d/syslogd restart
Stopping syslogd. Starting syslogd. |
#/etc/rc.d/syslogd restart
Stopping syslogd. Starting syslogd. |
#pkg_add -r netcat
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.0-release/Latest/netcat.tbz... Done. |
#pkg_add -r netcat
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.0-release/Latest/netcat.tbz... Done. |
#ipfw list
00100 reset tcp from any to any dst-port 19 00200 allow tcp from any to any dst-port 22 00300 allow tcp from any to any dst-port 25 01000 allow udp from me to any dst-port 53 keep-state 02000 deny udp from any to any 65000 reset tcp from any to any in setup 65100 allow ip from any to any 65535 deny ip from any to any |
#ipfw list
00100 reset tcp from any to any dst-port 19 00200 allow tcp from any to any dst-port 22 00300 allow tcp from any to any dst-port 25 01000 allow udp from me to any dst-port 53 keep-state 02000 deny udp from any to any 65000 reset tcp from any to any in setup 65100 allow ip from any to any 65535 deny ip from any to any |
#ipfw delete 1000
|
#ipfw delete 1000
|
#ipfw delete 200
|
#ipfw delete 200
|
#tail -f /var/log/messages
CENTERICQ 4.20.0 UNSENT: 0 icq:_ o play: not found play: not found Sep 19 15:02:37 fbsd1 sshd[426]: error: accept: Software caused connection abort Sep 19 15:02:38 fbsd1 kernel: Limiting closed port RST response from 253 to 200 packets/sec ... Sep 19 15:02:42 fbsd1 kernel: Limiting closed port RST response from 275 to 200 packets/sec Sep 19 15:02:44 fbsd1 xinetd[6217]: service echo-stream, accept: Software caused connection abort (errno = 53) Sep 19 15:30:12 fbsd1 su: user to root on /dev/ttyp9 + [icq] ÓÏÅÄÉÎÅÎÉÅ Ó ÓÅÒ×ÅÒÏÍ Sep 19 16:15:36 fbsd1 syslogd: exiting on signal 15ÏÓÔÏÑÌÓÑ Sep 19 16:15:36 fbsd1 syslogd: kernel boot file is /boot/kernel/kernel ^C |
#tail -f /var/log/messages
Sep 19 15:02:37 fbsd1 sshd[426]: error: accept: Software caused connection abort Sep 19 15:02:38 fbsd1 kernel: Limiting closed port RST response from 253 to 200 packets/sec Sep 19 15:02:38 fbsd1 xinetd[6217]: service imap4, accept: Software caused connection abort (errno = 53) Sep 19 15:02:39 fbsd1 kernel: Limiting closed port RST response from 233 to 200 packets/sec Sep 19 15:02:41 fbsd1 kernel: Limiting closed port RST response from 256 to 200 packets/sec Sep 19 15:02:42 fbsd1 kernel: Limiting closed port RST response from 275 to 200 packets/sec Sep 19 15:02:44 fbsd1 xinetd[6217]: service echo-stream, accept: Software caused connection abort (errno = 53) Sep 19 15:30:12 fbsd1 su: user to root on /dev/ttyp9 Sep 19 16:15:36 fbsd1 syslogd: exiting on signal 15 Sep 19 16:15:36 fbsd1 syslogd: kernel boot file is /boot/kernel/kernel ^C |
#ps aux | grep syslog
root 39195 0.0 0.2 1292 788 ?? Is 4:15PM 0:00.00 /usr/sbin/syslogd |
#ps aux | grep syslog
root 39195 0.0 0.2 1292 788 ?? Is 4:15PM 0:00.00 /usr/sbin/syslogd |
#ps wux | grep syslog
root 39195 0.0 0.2 1292 788 ?? Ss 4:15PM 0:00.00 /usr/sbin/syslogd -s root 39445 0.0 0.2 1508 936 pa S+ 4:17PM 0:00.00 grep syslog |
#ps wux | grep syslog
root 39195 0.0 0.2 1292 788 ?? Ss 4:15PM 0:00.00 /usr/sbin/syslogd -s root 39445 0.0 0.2 1508 936 pa S+ 4:17PM 0:00.00 grep syslog |
#vi /etc/rc.conf
25c25 < syslogd_flags="-s" --- > syslogd_flags="" |
#vi /etc/rc.conf
25c25 < syslogd_flags="-s" --- > syslogd_flags="" |
#/etc/rc.d/syslogd restart
Stopping syslogd. Starting syslogd. |
#/etc/rc.d/syslogd restart
Stopping syslogd. Starting syslogd. |
#ps waux | grep syslog
root 39525 0.0 0.2 1292 804 ?? Ss 4:17PM 0:00.00 /usr/sbin/syslogd root 39538 0.0 0.4 3216 2064 pa R+ 4:17PM 0:00.00 grep syslog (bash) |
#ps waux | grep syslog
root 39525 0.0 0.2 1292 804 ?? Ss 4:17PM 0:00.00 /usr/sbin/syslogd root 39538 0.0 0.4 3216 2064 pa R+ 4:17PM 0:00.00 grep syslog (bash) |
#tail -f /var/log/messages
Sep 19 15:02:38 fbsd1 xinetd[6217]: service imap4, accept: Software caused connection abort (errno = 53) Sep 19 15:02:39 fbsd1 kernel: Limiting closed port RST response from 233 to 200 packets/sec Sep 19 15:02:41 fbsd1 kernel: Limiting closed port RST response from 256 to 200 packets/sec Sep 19 15:02:42 fbsd1 kernel: Limiting closed port RST response from 275 to 200 packets/sec Sep 19 15:02:44 fbsd1 xinetd[6217]: service echo-stream, accept: Software caused connection abort (errno = 53) Sep 19 15:30:12 fbsd1 su: user to root on /dev/ttyp9 Sep 19 16:15:36 fbsd1 syslogd: exiting on signal 15 Sep 19 16:15:36 fbsd1 syslogd: kernel boot file is /boot/kernel/kernel Sep 19 16:17:24 fbsd1 syslogd: exiting on signal 15 Sep 19 16:17:24 fbsd1 syslogd: kernel boot file is /boot/kernel/kernel Sep 19 16:17:35 linux2.linux.nt Hello Sep 19 16:18:30 linux2.linux.nt 00000000 0f 36 ac 89 3c 95 df b4 4d 67 ff 94 20 22 68 44 |.6..<...Mg.. "hD| 00000010 c9 d4 ca db 27 cc 67 69 52 cb c3 2d c9 ff 68 31 |....'.giR..-..h1| 00000020 59 d3 b9 e2 fa bf f1 b5 03 cf f0 20 54 d6 18 63 |Y.......... T..c| 00000030 ac d4 6f 43 1e 61 a6 cc 6a 76 38 d0 8f 74 6e c6 |..oC.a..jv8..tn.| 00000040 3d 65 7f 7a 12 3d 6a 39 73 36 6f 74 11 91 Sep 19 16:18:50 linux2.linux.nt 00000000 3c 99 bc 41 1b cf 58 af 6d ac 75 de 52 fc 9d a5 |<..A..X.m.u.R...| 00000010 8d a5 a8 c9 b6 dc 9f 85 af 59 fc da 0f a7 9d e7 |.........Y......| 00000020 81 e0 46 7f 53 56 ec 5b e9 d4 58 66 95 d9 d7 60 |..F.SV.[..Xf...`| 00000030 42 6d e1 cf 73 6c ec 1e d7 20 cf b4 2d 36 c2 03 |Bm..sl... ..-6..| 00000040 a6 c4 d5 95 3e ab 91 99 5a 60 0b 93 2f 57 ^C |
#tail -f /var/log/messages
Sep 19 15:02:38 fbsd1 xinetd[6217]: service imap4, accept: Software caused connection abort (errno = 53) Sep 19 15:02:39 fbsd1 kernel: Limiting closed port RST response from 233 to 200 packets/sec Sep 19 15:02:41 fbsd1 kernel: Limiting closed port RST response from 256 to 200 packets/sec Sep 19 15:02:42 fbsd1 kernel: Limiting closed port RST response from 275 to 200 packets/sec Sep 19 15:02:44 fbsd1 xinetd[6217]: service echo-stream, accept: Software caused connection abort (errno = 53) Sep 19 15:30:12 fbsd1 su: user to root on /dev/ttyp9 Sep 19 16:15:36 fbsd1 syslogd: exiting on signal 15 Sep 19 16:15:36 fbsd1 syslogd: kernel boot file is /boot/kernel/kernel Sep 19 16:17:24 fbsd1 syslogd: exiting on signal 15 Sep 19 16:17:24 fbsd1 syslogd: kernel boot file is /boot/kernel/kernel Sep 19 16:17:35 linux2.linux.nt Hello Sep 19 16:18:30 linux2.linux.nt 00000000 0f 36 ac 89 3c 95 df b4 4d 67 ff 94 20 22 68 44 |.6..<...Mg.. "hD| 00000010 c9 d4 ca db 27 cc 67 69 52 cb c3 2d c9 ff 68 31 |....'.giR..-..h1| 00000020 59 d3 b9 e2 fa bf f1 b5 03 cf f0 20 54 d6 18 63 |Y.......... T..c| 00000030 ac d4 6f 43 1e 61 a6 cc 6a 76 38 d0 8f 74 6e c6 |..oC.a..jv8..tn.| 00000040 3d 65 7f 7a 12 3d 6a 39 73 36 6f 74 11 91 Sep 19 16:18:50 linux2.linux.nt 00000000 3c 99 bc 41 1b cf 58 af 6d ac 75 de 52 fc 9d a5 |<..A..X.m.u.R...| 00000010 8d a5 a8 c9 b6 dc 9f 85 af 59 fc da 0f a7 9d e7 |.........Y......| 00000020 81 e0 46 7f 53 56 ec 5b e9 d4 58 66 95 d9 d7 60 |..F.SV.[..Xf...`| 00000030 42 6d e1 cf 73 6c ec 1e d7 20 cf b4 2d 36 c2 03 |Bm..sl... ..-6..| 00000040 a6 c4 d5 95 3e ab 91 99 5a 60 0b 93 2f 57 ^C |
#ipfw add 1000 allow udp from me to any 53 keep-state
01000 allow udp from me to any dst-port 53 keep-state |
#ipfw add 1000 allow udp from me to any 53 keep-state
01000 allow udp from me to any dst-port 53 keep-state |
#ipfw add 2000 deny udp from any to any
02000 deny udp from any to any |
#ipfw add 2000 deny udp from any to any
02000 deny udp from any to any |
#dig @192.168.15.254 mail.ru ns
; <<>> DiG 9.3.1 <<>> @192.168.15.254 mail.ru ns ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26494 ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;mail.ru. IN NS ;; ANSWER SECTION: mail.ru. 21210 IN NS ns4.mail.ru. mail.ru. 21210 IN NS ns5.mail.ru. mail.ru. 21210 IN NS ns.mail.ru. mail.ru. 21210 IN NS ns1.mail.ru. mail.ru. 21210 IN NS ns2.mail.ru. mail.ru. 21210 IN NS ns3.mail.ru. ;; Query time: 1 msec ;; SERVER: 192.168.15.254#53(192.168.15.254) ;; WHEN: Tue Sep 19 16:20:04 2006 ;; MSG SIZE rcvd: 132 |
#dig @192.168.15.254 mail.ru ns
; <<>> DiG 9.3.1 <<>> @192.168.15.254 mail.ru ns ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26494 ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;mail.ru. IN NS ;; ANSWER SECTION: mail.ru. 21210 IN NS ns4.mail.ru. mail.ru. 21210 IN NS ns5.mail.ru. mail.ru. 21210 IN NS ns.mail.ru. mail.ru. 21210 IN NS ns1.mail.ru. mail.ru. 21210 IN NS ns2.mail.ru. mail.ru. 21210 IN NS ns3.mail.ru. ;; Query time: 1 msec ;; SERVER: 192.168.15.254#53(192.168.15.254) ;; WHEN: Tue Sep 19 16:20:04 2006 ;; MSG SIZE rcvd: 132 |
#dig @192.168.15.254 kernel.org
; <<>> DiG 9.3.1 <<>> @192.168.15.254 kernel.org ns ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4161 ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1 ;; QUESTION SECTION: ;kernel.org. IN NS ;; ANSWER SECTION: kernel.org. 86400 IN NS ns.vger.kernel.org. kernel.org. 86400 IN NS ns1.q.port80.se. kernel.org. 86400 IN NS ns1.kernel.org. kernel.org. 86400 IN NS ns2.gimp.org. kernel.org. 86400 IN NS ns2.kernel.org. kernel.org. 86400 IN NS ns3.kernel.org. ;; ADDITIONAL SECTION: ns1.q.port80.se. 604794 IN A 217.75.109.220 ;; Query time: 1497 msec ;; SERVER: 192.168.15.254#53(192.168.15.254) ;; WHEN: Tue Sep 19 16:20:16 2006 ;; MSG SIZE rcvd: 172 |
#dig @192.168.15.254 kernel.org
; <<>> DiG 9.3.1 <<>> @192.168.15.254 kernel.org ns ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4161 ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1 ;; QUESTION SECTION: ;kernel.org. IN NS ;; ANSWER SECTION: kernel.org. 86400 IN NS ns.vger.kernel.org. kernel.org. 86400 IN NS ns1.q.port80.se. kernel.org. 86400 IN NS ns1.kernel.org. kernel.org. 86400 IN NS ns2.gimp.org. kernel.org. 86400 IN NS ns2.kernel.org. kernel.org. 86400 IN NS ns3.kernel.org. ;; ADDITIONAL SECTION: ns1.q.port80.se. 604794 IN A 217.75.109.220 ;; Query time: 1497 msec ;; SERVER: 192.168.15.254#53(192.168.15.254) ;; WHEN: Tue Sep 19 16:20:16 2006 ;; MSG SIZE rcvd: 172 |
#tail -f /var/log/messages
Sep 19 15:02:42 fbsd1 kernel: Limiting closed port RST response from 275 to 200 packets/sec Sep 19 15:02:44 fbsd1 xinetd[6217]: service echo-stream, accept: Software caused connection abort (errno = 53) Sep 19 15:30:12 fbsd1 su: user to root on /dev/ttyp9 Sep 19 16:15:36 fbsd1 syslogd: exiting on signal 15 Sep 19 16:15:36 fbsd1 syslogd: kernel boot file is /boot/kernel/kernel Sep 19 16:17:24 fbsd1 syslogd: exiting on signal 15 Sep 19 16:17:24 fbsd1 syslogd: kernel boot file is /boot/kernel/kernel Sep 19 16:17:35 linux2.linux.nt Hello Sep 19 16:18:30 linux2.linux.nt 00000000 0f 36 ac 89 3c 95 df b4 4d 67 ff 94 20 22 68 44 |.6..<...Mg.. "hD| 00000010 c9 d4 ca db 27 cc 67 69 52 cb c3 2d c9 ff 68 31 |....'.giR..-..h1| 00000020 59 d3 b9 e2 fa bf f1 b5 03 cf f0 20 54 d6 18 63 |Y.......... T..c| 00000030 ac d4 6f 43 1e 61 a6 cc 6a 76 38 d0 8f 74 6e c6 |..oC.a..jv8..tn.| 00000040 3d 65 7f 7a 12 3d 6a 39 73 36 6f 74 11 91 Sep 19 16:18:50 linux2.linux.nt 00000000 3c 99 bc 41 1b cf 58 af 6d ac 75 de 52 fc 9d a5 |<..A..X.m.u.R...| 00000010 8d a5 a8 c9 b6 dc 9f 85 af 59 fc da 0f a7 9d e7 |.........Y......| 00000020 81 e0 46 7f 53 56 ec 5b e9 d4 58 66 95 d9 d7 60 |..F.SV.[..Xf...`| 00000030 42 6d e1 cf 73 6c ec 1e d7 20 cf b4 2d 36 c2 03 |Bm..sl... ..-6..| 00000040 a6 c4 d5 95 3e ab 91 99 5a 60 0b 93 2f 57 ^C |
#tail -f /var/log/messages
Sep 19 15:02:42 fbsd1 kernel: Limiting closed port RST response from 275 to 200 packets/sec Sep 19 15:02:44 fbsd1 xinetd[6217]: service echo-stream, accept: Software caused connection abort (errno = 53) Sep 19 15:30:12 fbsd1 su: user to root on /dev/ttyp9 Sep 19 16:15:36 fbsd1 syslogd: exiting on signal 15 Sep 19 16:15:36 fbsd1 syslogd: kernel boot file is /boot/kernel/kernel Sep 19 16:17:24 fbsd1 syslogd: exiting on signal 15 Sep 19 16:17:24 fbsd1 syslogd: kernel boot file is /boot/kernel/kernel Sep 19 16:17:35 linux2.linux.nt Hello Sep 19 16:18:30 linux2.linux.nt 00000000 0f 36 ac 89 3c 95 df b4 4d 67 ff 94 20 22 68 44 |.6..<...Mg.. "hD| 00000010 c9 d4 ca db 27 cc 67 69 52 cb c3 2d c9 ff 68 31 |....'.giR..-..h1| 00000020 59 d3 b9 e2 fa bf f1 b5 03 cf f0 20 54 d6 18 63 |Y.......... T..c| 00000030 ac d4 6f 43 1e 61 a6 cc 6a 76 38 d0 8f 74 6e c6 |..oC.a..jv8..tn.| 00000040 3d 65 7f 7a 12 3d 6a 39 73 36 6f 74 11 91 Sep 19 16:18:50 linux2.linux.nt 00000000 3c 99 bc 41 1b cf 58 af 6d ac 75 de 52 fc 9d a5 |<..A..X.m.u.R...| 00000010 8d a5 a8 c9 b6 dc 9f 85 af 59 fc da 0f a7 9d e7 |.........Y......| 00000020 81 e0 46 7f 53 56 ec 5b e9 d4 58 66 95 d9 d7 60 |..F.SV.[..Xf...`| 00000030 42 6d e1 cf 73 6c ec 1e d7 20 cf b4 2d 36 c2 03 |Bm..sl... ..-6..| 00000040 a6 c4 d5 95 3e ab 91 99 5a 60 0b 93 2f 57 ^C |
#ipfw list
00100 reset tcp from any to any dst-port 19 00200 allow tcp from any to any dst-port 22 00300 allow tcp from any to any dst-port 25 01000 allow udp from me to any dst-port 53 keep-state 02000 deny udp from any to any 65000 reset tcp from any to any in setup 65100 allow ip from any to any 65535 deny ip from any to any |
#ipfw list
00100 reset tcp from any to any dst-port 19 00200 allow tcp from any to any dst-port 22 00300 allow tcp from any to any dst-port 25 01000 allow udp from me to any dst-port 53 keep-state 02000 deny udp from any to any 65000 reset tcp from any to any in setup 65100 allow ip from any to any 65535 deny ip from any to any |
#dig @192.168.15.254 mail.ru ns
; <<>> DiG 9.3.1 <<>> @192.168.15.254 mail.ru ns ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64986 ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;mail.ru. IN NS ;; ANSWER SECTION: mail.ru. 21136 IN NS ns3.mail.ru. mail.ru. 21136 IN NS ns4.mail.ru. mail.ru. 21136 IN NS ns5.mail.ru. mail.ru. 21136 IN NS ns.mail.ru. mail.ru. 21136 IN NS ns1.mail.ru. mail.ru. 21136 IN NS ns2.mail.ru. ;; Query time: 1 msec ;; SERVER: 192.168.15.254#53(192.168.15.254) ;; WHEN: Tue Sep 19 16:21:19 2006 ;; MSG SIZE rcvd: 132 |
#dig @192.168.15.254 mail.ru ns
; <<>> DiG 9.3.1 <<>> @192.168.15.254 mail.ru ns ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64986 ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;mail.ru. IN NS ;; ANSWER SECTION: mail.ru. 21136 IN NS ns3.mail.ru. mail.ru. 21136 IN NS ns4.mail.ru. mail.ru. 21136 IN NS ns5.mail.ru. mail.ru. 21136 IN NS ns.mail.ru. mail.ru. 21136 IN NS ns1.mail.ru. mail.ru. 21136 IN NS ns2.mail.ru. ;; Query time: 1 msec ;; SERVER: 192.168.15.254#53(192.168.15.254) ;; WHEN: Tue Sep 19 16:21:19 2006 ;; MSG SIZE rcvd: 132 |
#ipfw -d show
00100 4 176 reset tcp from any to any dst-port 19 00200 2296 182889 allow tcp from any to any dst-port 22 00300 11 484 allow tcp from any to any dst-port 25 01000 20 2342 allow udp from me to any dst-port 53 keep-state 02000 2 1636 deny udp from any to any 65000 3352 147488 reset tcp from any to any in setup 65100 10090 5197342 allow ip from any to any 65535 110 6580 deny ip from any to any ## Dynamic rules (9): 01000 1 182 (10s) STATE udp 192.168.15.21 60282 <-> 192.168.15.254 53 01000 1 160 (8s) STATE udp 192.168.15.21 59768 <-> 192.168.15.254 53 |
#ipfw -d show
00100 4 176 reset tcp from any to any dst-port 19 00200 2296 182889 allow tcp from any to any dst-port 22 00300 11 484 allow tcp from any to any dst-port 25 01000 20 2342 allow udp from me to any dst-port 53 keep-state 02000 2 1636 deny udp from any to any 65000 3352 147488 reset tcp from any to any in setup 65100 10090 5197342 allow ip from any to any 65535 110 6580 deny ip from any to any ## Dynamic rules (9): 01000 1 182 (10s) STATE udp 192.168.15.21 60282 <-> 192.168.15.254 53 01000 1 160 (8s) STATE udp 192.168.15.21 59768 <-> 192.168.15.254 53 |
#ipfw -d show
00100 4 176 reset tcp from any to any dst-port 19 00200 2305 183453 allow tcp from any to any dst-port 22 00300 11 484 allow tcp from any to any dst-port 25 01000 22 2576 allow udp from me to any dst-port 53 keep-state 02000 2 1636 deny udp from any to any 65000 3352 147488 reset tcp from any to any in setup 65100 10114 5201015 allow ip from any to any 65535 110 6580 deny ip from any to any ## Dynamic rules (10): |
Время первой команды журнала | 15:28:52 2006- 9-19 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
Время последней команды журнала | 16:21:21 2006- 9-19 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
Количество командных строк в журнале | 101 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
Процент команд с ненулевым кодом завершения, % | 9.90 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
Процент синтаксически неверно набранных команд, % | 9.90 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
Суммарное время работы с терминалом *, час | 0.87 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
Количество командных строк в единицу времени, команда/мин | 1.92 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
Частота использования команд |
|
В журнал автоматически попадают все команды, данные в любом терминале системы.
Для того чтобы убедиться, что журнал на текущем терминале ведётся, и команды записываются, дайте команду w. В поле WHAT, соответствующем текущему терминалу, должна быть указана программа script.
Команды, при наборе которых были допущены синтаксические ошибки, выводятся перечёркнутым текстом:
$ l s-l bash: l: command not found |
Если код завершения команды равен нулю, команда была выполнена без ошибок. Команды, код завершения которых отличен от нуля, выделяются цветом.
$ test 5 -lt 4 |
Команды, ход выполнения которых был прерван пользователем, выделяются цветом.
$ find / -name abc find: /home/devi-orig/.gnome2: Keine Berechtigung find: /home/devi-orig/.gnome2_private: Keine Berechtigung find: /home/devi-orig/.nautilus/metafiles: Keine Berechtigung find: /home/devi-orig/.metacity: Keine Berechtigung find: /home/devi-orig/.inkscape: Keine Berechtigung ^C |
Команды, выполненные с привилегиями суперпользователя, выделяются слева красной чертой.
# id uid=0(root) gid=0(root) Gruppen=0(root) |
Изменения, внесённые в текстовый файл с помощью редактора, запоминаются и показываются в журнале в формате ed. Строки, начинающиеся символом "<", удалены, а строки, начинающиеся символом ">" -- добавлены.
$ vi ~/.bashrc
|
Для того чтобы изменить файл в соответствии с показанными в диффшоте изменениями, можно воспользоваться командой patch. Нужно скопировать изменения, запустить программу patch, указав в качестве её аргумента файл, к которому применяются изменения, и всавить скопированный текст:
$ patch ~/.bashrc |
Для того чтобы получить краткую справочную информацию о команде, нужно подвести к ней мышь. Во всплывающей подсказке появится краткое описание команды.
Если справочная информация о команде есть, команда выделяется голубым фоном, например: vi. Если справочная информация отсутствует, команда выделяется розовым фоном, например: notepad.exe. Справочная информация может отсутствовать в том случае, если (1) команда введена неверно; (2) если распознавание команды LiLaLo выполнено неверно; (3) если информация о команде неизвестна LiLaLo. Последнее возможно для редких команд.
Большие, в особенности многострочные, всплывающие подсказки лучше всего показываются браузерами KDE Konqueror, Apple Safari и Microsoft Internet Explorer. В браузерах Mozilla и Firefox они отображаются не полностью, а вместо перевода строки выводится специальный символ.
Время ввода команды, показанное в журнале, соответствует времени начала ввода командной строки, которое равно тому моменту, когда на терминале появилось приглашение интерпретатора
Имя терминала, на котором была введена команда, показано в специальном блоке. Этот блок показывается только в том случае, если терминал текущей команды отличается от терминала предыдущей.
Вывод не интересующих вас в настоящий момент элементов журнала, таких как время, имя терминала и других, можно отключить. Для этого нужно воспользоваться формой управления журналом вверху страницы.
Небольшие комментарии к командам можно вставлять прямо из командной строки. Комментарий вводится прямо в командную строку, после символов #^ или #v. Символы ^ и v показывают направление выбора команды, к которой относится комментарий: ^ - к предыдущей, v - к следующей. Например, если в командной строке было введено:
$ whoami
user
$ #^ Интересно, кто я?в журнале это будет выглядеть так:
$ whoami
user
Интересно, кто я? |
Если комментарий содержит несколько строк, его можно вставить в журнал следующим образом:
$ whoami
user
$ cat > /dev/null #^ Интересно, кто я?
Программа whoami выводит имя пользователя, под которым мы зарегистрировались в системе. - Она не может ответить на вопрос о нашем назначении в этом мире.В журнале это будет выглядеть так:
$ whoami user
|
Комментарии, не относящиеся непосредственно ни к какой из команд, добавляются точно таким же способом, только вместо симолов #^ или #v нужно использовать символы #=
1 2 3 4Группы команд, выполненных на разных терминалах, разделяются специальной линией. Под этой линией в правом углу показано имя терминала, на котором выполнялись команды. Для того чтобы посмотреть команды только одного сенса, нужно щёкнуть по этому названию.
LiLaLo (L3) расшифровывается как Live Lab Log.
Программа разработана для повышения эффективности обучения Unix/Linux-системам.
(c) Игорь Чубин, 2004-2008