本機安裝 1. l2tp+ipsec 2.ikev2 3. openvpn 4.apache 5.snmp+snmpd+mib-downloader 6.mrtg 7.ftp 8.......... get noip 2339835994@qq.com/passme Install noip2 from source cd /usr/local/src/ sudo wget http://www.no-ip.com/client/linux/noip-duc-linux.tar.gz sudo tar xf noip-duc-linux.tar.gz cd noip-2.1.9-1/ sudo make sudo make install If you get make not found or missing gcc then you do not have the gcc compiler tools on your machine. At https://help.ubuntu.com/community/InstallingCompilers you can find install instructions if you need help. Configure the Client As root (or with sudo) issue the below command: sudo /usr/local/bin/noip2 -C (dash capital C, this will create the default config file) Create a Systemd service Create the file $sudo nano /etc/systemd/system/noip2.service and paste the following: ---------------------------------------------------------------------------- [Unit] Description=No-IP Dynamic DNS Update Client After=network.target [Service] Type=forking ExecStart=/usr/local/bin/noip2 [Install] WantedBy=multi-user.target ------------------------------------------- Activating systemctl status noip2.service systemctl start noip2.service (start immediately) systemctl enable noip2.service (start on boot) ##Created symlink /etc/systemd/system/multi-user.target.wants/noip2.service -> /etc/systemd/system/noip2.service. 9.... cat auth.log | grep CN= > user_$(date '+%Y%m%d').log 10....vsftpd https://devanswers.co/installing-ftp-server-vsftpd-ubuntu-18-04/ ------更改(設定)檔案夾的歸屬人------ chown -R www-data:www-data /var/www/mrtg sudo chown -R hckao:hckao /var/www/html/vpn ---------------------------------------------------- 2020-08-17 儲存空間紀錄 hckao@H96PLUS:~$ df -h Filesystem Size Used Avail Use% Mounted on udev 972M 0 972M 0% /dev tmpfs 285M 32M 253M 12% /run /dev/mmcblk0p2 14G 1.3G 13G 9% / tmpfs 1.4G 0 1.4G 0% /dev/shm tmpfs 5.0M 4.0K 5.0M 1% /run/lock tmpfs 1.4G 0 1.4G 0% /sys/fs/cgroup tmpfs 1.4G 4.0K 1.4G 1% /tmp /dev/mmcblk0p1 128M 62M 67M 48% /boot /dev/zram0 49M 12M 33M 27% /var/log tmpfs 285M 0 285M 0% /run/user/1000 ----------------------------------- 一些指令 ethtool eth0 | grep -i speed du -h 可知目前此資料夾下所有檔案與資料夾所佔硬碟大小總數 du -s 可知目前此資料夾總共佔用硬碟大小總數,以G為單位 du -sh 可知目前此資料夾總共佔用硬碟大小總數,以G為單位 --------iptables-------------教學 sudo iptables -A INPUT -s 120.242.213.219 -j DROP sudo iptables -A INPUT -s 120.242.213.219 -j ACCEPT iptables -A INPUT -s 123.123.123.123 -j DROP # 將 123.123.123.123 全部擋掉 iptables -A INPUT -s 92.63.194.0/24 -j DROP 列出所有規則,前面加上行號 iptables -L INPUT -n --line-numbers 要刪除某一行的規則 iptables -D INPUT 1 # 若只有上述那行,那就是 1 iptables -D INPUT 3 # 若有多行,只要刪除第三行 iptables -A INPUT -s 123.123.123.123 -j DROP # 將 123.123.123.123 全部擋掉 列出所有規則,前面加上行號 sudo iptables -L INPUT -n --line-numbers 要刪除某一行的規則 sudo iptables -D INPUT 1 # 若只有上述那行,那就是 1 sudo iptables -D INPUT 3 # 若有多行,只要刪除第三行 ---------需要清查的ip--------------- Aug 17 09:35:40 localhost pluto[3398]: "l2tp-psk"[8] 216.218.206.114 #9: responding to Main Mode from unknown peer 216.218.206.114:26432 Aug 17 09:35:40 localhost pluto[3398]: "l2tp-psk"[8] 216.218.206.114 #9: OAKLEY_CAST_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM Aug 17 09:35:40 localhost pluto[3398]: "l2tp-psk"[8] 216.218.206.114 #9: no acceptable Oakley Transform Aug 17 09:35:40 localhost pluto[3398]: "l2tp-psk"[8] 216.218.206.114 #9: sending notification NO_PROPOSAL_CHOSEN to 216.218.206.114:26432 101.251.238.53 iptables -A INPUT -s 92.63.194.0/24 -j DROP ------------------------------------ hckao@H96PLUS:~$ sudo systemctl stop getty@ttyS0 hckao@H96PLUS:~$ sudo systemctl disable getty@ttyS0 以下可以解決 [root @ pix2] /var/log # systemctl stop serial-getty@ttyS0.service [root @ pix2] /var/log # systemctl disable serial-getty@ttyS0.service 結果 show 出 root@x96:/home/hckao# systemctl disable serial-getty@ttyS0.service Removed /etc/systemd/system/getty.target.wants/serial-getty@ttyS0.service. ------------------------------------ 永遠放在最後面 sudo nano /var/www/html/mrtg/114.34.34.104_3.log sudo nano /var/www/html/mrtg/114.34.34.104_5.log sudo nano /var/www/html/mrtg/114.34.34.104_6.log ---以下是用在syslog 查pptpd的用戶------ Client finished 查sshd用字 Failed password -------------- ethtool eth0 | grep -i speed sudo cat /var/log/auth.log |grep l2tp sudo cat /var/log/auth.log |grep l2tp > l2tp_$(date '+%Y%m%d').log sudo cat /var/log/auth.log |grep xauth-psk > ipsec_$(date '+%Y%m%d').log sudo cat /var/log/auth.log |grep ikev2 > ikev2_$(date '+%Y%m%d').log sudo cat /var/log/auth.log |grep Authentication > user_$(date '+%Y%m%d').log sudo cat /var/log/auth.log |grep peer > peer_$(date '+%Y%m%d').log sudo cat /var/log/auth.log |grep traffic 永遠放在最後面 ------------------------------