sun's longitude:56 56 46 
¡¤ ÀÚÀ¯°Ô½ÃÆÇ ¡¤ ¹¯°í´äÇϱ⠡¤ ¾ËÆĹ®¼­ ¡¤ RPMS list
¡¤ »ç¿ëÀÚ¹®¼­ ¡¤ ÆÁ/FAQ¸ðÀ½ ¡¤ ¸®´ª½ºLinks ¡¤ ÀÚ·á½Ç
¡¤ ¼­¹öÁ¤º¸ ¡¤ ¿î¿µÀÚ ¡¤ Books/FAQ ¡¤ FreeBSD
 
/board/read.php:¼Ò½ºº¸±â   
 

Áú¹®°ú ´äº¯ °Ô½ÃÆÇÀÔ´Ï´Ù.

ÇöÀç ½Ç½Ã°£À¸·Î ÀÌ°÷ ¼­¹öÀÇ ¼³Á¤ÆÄÀÏ(¸î°³)¸¦ º¸¿©ÁÖ°í ÀÖ½À´Ï´Ù.
¼­¹öÀÇ ¼³Á¤³»¿ë¿¡ °üÇÑ Áú¹®Àº ¸ÕÀú ÀÌ°÷ ¼­¹öÀÇ ¼³Á¤³»¿ëÀ» Âü°íÇÏ½Ã±æ ¹Ù¶ø´Ï´Ù.
[*** ¾²±â ±ÝÁö´Ü¾î ÆÐÅÏ ***]
±Û º»¹® Áß°£¿¡ ¾÷·ÎµåÇÒ À̹ÌÁö¸¦ Ãß°¡ÇÏ´Â ¹æ¹ý : @@À̹ÌÁöÀ̸§@@
ex) @@foo.gif@@
2432 ¹ø ±ÛÀÇ ´äÀå±Û: Re: named °¡ ÀÌ»óÇؼ­ ¹®Àǵ帳´Ï´Ù.
±Û¾´ÀÌ: »êÀÌ [ȨÆäÀÌÁö] ±Û¾´³¯: 2005³â 12¿ù 11ÀÏ 20:32:30 ÀÏ(Àú³á) Á¶È¸: 1727 

[½¸µ¹]´ÔÀÌ ³²±â½Å ±Û:

>-----------------------------------------
>´äº¯ÀÚ°¡ ±âº»ÀûÀ¸·Î Âü°íÇÒ ³»¿ëÀÔ´Ï´Ù.
>- ¹èÆ÷ÆÇ(¿É¼Ç)    : Æäµµ¶óÄÚ¾î4
>- Ä¿³Î¹öÀü(¿É¼Ç)  : 2.6.14-1.1644_FC4
>- µ¥¸ó¹öÀü(¿¹:apache 1.3.27) : bind-9.3.1-14_FC4
>- µ¥¸ó¼³Ä¡À¯Çü(RPM/ÄÄÆÄÀÏ/±âŸ)
 : RPM
>-----------------------------------------
>
>¾È³çÇϼ¼¿ä.
>
>ÀϺ»¿¡ ¼ÂÆÃÇÑ ¼­¹ö°¡ ¹®Á¦°¡ »ý°Ü ¹®Àǵ帳´Ï´Ù.
>ÀÏ´Ü Áõ»óÀ» ¸»¾¸ µå¸®ÀÚ¸é...
>
>www.abc.com
>www.abc.co.jp
>
>ÀÌ·± µµ¸ÞÀÎÀÌ µÎ°³°¡ ÀÖ½À´Ï´Ù. bind ¼³Á¤À» ÇÏ°í..
>nslookup ¶Ç´Â dig ¸¦ »ç¿ëÇؼ­ ÁúÀǸ¦ Çغ¸¸é..
>(dig @168.126.63.1 www.abc.co.jp)
>
>¿øÇÏ´Â ip¸¦ °¡Áö°í ¿É´Ï´Ù. 
>·ÎÄÃ,¿ÜºÎ ¸ðµÎ Á¤»óÀûÀ¸·Î ip¸¦ °¡Áö°í ¿É´Ï´Ù.
>

´äº¯ÀÌ ´Ê¾ú½À´Ï´Ù.

dig +trace ....

ÀÌ·±½ÄÀ¸·Î +trace ¿©·¯¹ø Å×½ºÆ®ÇØ º¸¼¼¿ä.
¾Æ¸¶µµ 2Â÷ ³×ÀÓ¼­¹ö°¡ ÀÖ´Ù¸é Master/Slave µ¿±âÈ­ ¹®Á¦Àΰ͵µ
°°³×¿ä.

>±×·±µ¥ À§ µµ¸ÞÀÎÀ¸·Î À¥ÆäÀÌÁö Á¢¼Ó½Ã ¹®Á¦°¡ ¹ß»ýÇÕ´Ï´Ù.
>PC¿¡ µû¶ó¼­ À¥ÆäÀÌÁö¸¦ Á¤»óÀûÀ¸·Î Ç¥½ÃÇÏ´Â PC°¡ Àִ¹ݸé...
>ÆäÀÌÁö¸¦ ãÀ»¼ö ¾ø´Ù°í ³ª¿À´Â PC°¡ ÀÖ½À´Ï´Ù.
>
>¹°·Ð ÆäÀÌÁö¸¦ ¸øã´Â PC¿¡¼­ nslookupµîÀ¸·Î µµ¸ÞÀÎÀ» °Ë»öÇغ¸¸é...
>Á¤»óÀûÀ¸·Î IP¸¦ ¾ò¾î¿É´Ï´Ù.
>
>¾à°£ ÀǽɵǴ ºÎºÐÀÌ Àִµ¥..
>Apache´Â iptableÀ» »ç¿ëÇؼ­ Æ÷Æ®Æ÷¿öµùÀ¸·Î ³»ºÎ¿¡¼­ ¼­ºñ½º µÇ°í ÀÖ½À´Ï´Ù.
Æ÷Æ®Æ÷¿öµùÀÌ µÆ´Ù ¾ÈµÆ´Ù ÇÏ´Â ¹®Á¦ Àϼöµµ ÀÖ´Ù°í »ý°¢Àº µì´Ï´Ù.
>
>iptable rule À» ¿Ã·Áº¾´Ï´Ù. ¾Æ·¡ ·êÀº Ä¿³Î 2.4¹öÀü¿¡¼­ ½ÇÁ¦·Î »ç¿ëÇÏ°í ¿î¿µÇÏ´ø
³»¿ëÀ» °¡Á®´Ù°¡ 2.6¹öÀü¿¡¼­ ±×³É »ç¿ëÇß½À´Ï´Ù.
>
>³Ê¹« µÎ¼­¾øÀÌ Áú¹®À» µå¸°°Ç ¾Æ´ÑÁö ¸ð¸£°Ú³×¿ä.
>Áú¹®¿¡ ºÎÁ·ÇÑ ³»¿ëÀÖÀ¸¸é ¾Ë·ÁÁÖ¼¼¿ä.
>
>±×·³ ¼ö°íÇϼ¼¿ä :)
>
>
>#!/bin/sh
>FWVER=0.73s
>echo -e "\nLoading STRONGER rc.firewall - version $FWVER..\n"
>IPTABLES=/sbin/iptables
>LSMOD=/sbin/lsmod
>DEPMOD=/sbin/depmod
>INSMOD=/sbin/insmod
>GREP=/bin/grep
>AWK=/bin/awk
>SED=/bin/sed
>IFCONFIG=/sbin/ifconfig
>
>EXTIF0="ppp0"
>
>INTIF0="eth1"
>INTIF1="eth2"
>INTIF2="eth0"
>echo "  External Interface:  $EXTIF0"
>echo "  External Interface:  $INTIF0"
>echo "  Internal Interface:  $INTIF1"
>echo "  DMZ      Interface:  $INTIF2"
>echo "  ---"
>
>EXTIP0="`$IFCONFIG $EXTIF0 | $GREP 'inet addr' | $AWK '{print $2}' |
\
>$SED -e 's/.*://'`"
>
>echo "  External IP: $EXTIP0"
>echo "  ---"
>
>INTNET0="192.168.1.0/24"
>INTIP0="192.168.1.1/24"
>echo "  Internal Network: $INTNET0"
>echo "  Internal IP:      $INTIP0"
>echo "  ---"
>INTNET1="192.168.2.0/24"
>INTIP1="192.168.2.1/24"
>echo "  Internal Network: $INTNET1"
>echo "  Internal IP:      $INTIP1"
>echo "  ---"
>INTNET2="192.168.0.0/24"
>INTIP2="192.168.0.1/24"
>echo "  DMZ      Network: $INTNET2"
>echo "  DMZ      IP:      $INTIP2"
>echo "  ---"
>
>UNIVERSE="0.0.0.0/0"
>
>echo "  - Verifying that all kernel modules are ok"
>$DEPMOD -a
>
>echo -en "    Loading kernel modules: "
>
>echo -en "ip_tables, "
>if [ -z "` $LSMOD | $GREP ip_tables | $AWK {'print $1'} `" ];
then
>   $INSMOD ip_tables
>fi
>
>echo -en "ip_conntrack, "
>if [ -z "` $LSMOD | $GREP ip_conntrack | $AWK {'print $1'} `" ];
then
>   $INSMOD ip_conntrack
>fi
>
>echo -e "ip_conntrack_ftp, "
>if [ -z "` $LSMOD | $GREP ip_conntrack_ftp | $AWK {'print $1'} `" ];
then
>   $INSMOD ip_conntrack_ftp
>fi
>
>echo -en "                             ip_conntrack_irc, "
>if [ -z "` $LSMOD | $GREP ip_conntrack_irc | $AWK {'print $1'} `" ];
then
>   $INSMOD ip_conntrack_irc
>fi
>
>echo -en "iptable_nat, "
>if [ -z "` $LSMOD | $GREP iptable_nat | $AWK {'print $1'} `" ];
then
>   $INSMOD iptable_nat
>fi
>
>echo -e "ip_nat_ftp"
>if [ -z "` $LSMOD | $GREP ip_nat_ftp | $AWK {'print $1'} `" ];
then
>   $INSMOD ip_nat_ftp
>fi
>
>echo "  ---"
>
>echo "  Enabling forwarding.."
>echo "1" > /proc/sys/net/ipv4/ip_forward
>
>echo "  Enabling DynamicAddr.."
>echo "1" > /proc/sys/net/ipv4/ip_dynaddr
>
>echo "  ---"
>
>echo "  Clearing any existing rules and setting default policy to
DROP.."
>$IPTABLES -P INPUT DROP
>$IPTABLES -F INPUT
>$IPTABLES -P OUTPUT DROP
>$IPTABLES -F OUTPUT
>$IPTABLES -P FORWARD DROP
>$IPTABLES -F FORWARD
>$IPTABLES -F -t nat
>
>if [ -n "`$IPTABLES -L | $GREP drop-and-log-it`" ]; then
>   $IPTABLES -F drop-and-log-it
>fi
>$IPTABLES -X
>$IPTABLES -Z
>
>echo "  Creating a DROP chain.."
>$IPTABLES -N drop-and-log-it
>$IPTABLES -A drop-and-log-it -j LOG
>$IPTABLES -A drop-and-log-it -j DROP
>
>echo -e "\n   - Loading INPUT rulesets"
>
>$IPTABLES -A INPUT -i lo -s $UNIVERSE -d $UNIVERSE -j ACCEPT
>
>$IPTABLES -A INPUT -i $INTIF0 -s $INTNET0 -d $UNIVERSE -j ACCEPT
>$IPTABLES -A INPUT -i $INTIF1 -s $INTNET1 -d $UNIVERSE -j ACCEPT
>$IPTABLES -A INPUT -i $INTIF2 -s $INTNET2 -d $UNIVERSE -j ACCEPT
>
>$IPTABLES -A INPUT -i $EXTIF0 -s $UNIVERSE -d $EXTIP0 -m state --state
ESTABLISHED,RELATED -j ACCEPT
>
>$IPTABLES -A INPUT -i $EXTIF0 -s $INTNET0 -d $UNIVERSE -j
drop-and-log-it
>$IPTABLES -A INPUT -i $EXTIF0 -s $INTNET1 -d $UNIVERSE -j
drop-and-log-it
>$IPTABLES -A INPUT -i $EXTIF0 -s $INTNET2 -d $UNIVERSE -j
drop-and-log-it
>
># NameServer
>#
>echo -e "      - Allowing EXTERNAL access to the Name server"
>$IPTABLES -A INPUT -i $EXTIF0 -m state --state NEW,ESTABLISHED,RELATED -p tcp -s
$UNIVERSE -d $EXTIP0 --dport 42 -j ACCEPT
>$IPTABLES -A INPUT -i $EXTIF0 -m state --state NEW,ESTABLISHED,RELATED -p udp -s
$UNIVERSE -d $EXTIP0 --dport 42 -j ACCEPT
>$IPTABLES -A INPUT -i $EXTIF0 -m state --state NEW,ESTABLISHED,RELATED -p tcp -s
$UNIVERSE -d $EXTIP0 --dport 53 -j ACCEPT
>$IPTABLES -A INPUT -i $EXTIF0 -m state --state NEW,ESTABLISHED,RELATED -p udp -s
$UNIVERSE -d $EXTIP0 --dport 53 -j ACCEPT
>$IPTABLES -A INPUT -s $UNIVERSE -d $UNIVERSE -j drop-and-log-it
>
>echo -e "   - Loading OUTPUT rulesets"
>
>$IPTABLES -A OUTPUT -o lo -s $UNIVERSE -d $UNIVERSE -j ACCEPT
>
>$IPTABLES -A OUTPUT -o $INTIF0 -s $EXTIP0 -d $INTNET0 -j ACCEPT
>$IPTABLES -A OUTPUT -o $INTIF0 -s $EXTIP0 -d $INTNET1 -j ACCEPT
>$IPTABLES -A OUTPUT -o $INTIF0 -s $EXTIP0 -d $INTNET2 -j ACCEPT
>$IPTABLES -A OUTPUT -o $INTIF1 -s $EXTIP0 -d $INTNET0 -j ACCEPT
>$IPTABLES -A OUTPUT -o $INTIF1 -s $EXTIP0 -d $INTNET1 -j ACCEPT
>$IPTABLES -A OUTPUT -o $INTIF1 -s $EXTIP0 -d $INTNET2 -j ACCEPT
>$IPTABLES -A OUTPUT -o $INTIF2 -s $EXTIP0 -d $INTNET0 -j ACCEPT
>$IPTABLES -A OUTPUT -o $INTIF2 -s $EXTIP0 -d $INTNET1 -j ACCEPT
>$IPTABLES -A OUTPUT -o $INTIF2 -s $EXTIP0 -d $INTNET2 -j ACCEPT
>
>$IPTABLES -A OUTPUT -o $INTIF0 -s $INTIP1 -d $INTNET0 -j ACCEPT
>$IPTABLES -A OUTPUT -o $INTIF0 -s $INTIP1 -d $INTNET1 -j ACCEPT
>$IPTABLES -A OUTPUT -o $INTIF0 -s $INTIP1 -d $INTNET2 -j ACCEPT
>$IPTABLES -A OUTPUT -o $INTIF1 -s $INTIP1 -d $INTNET0 -j ACCEPT
>$IPTABLES -A OUTPUT -o $INTIF1 -s $INTIP1 -d $INTNET1 -j ACCEPT
>$IPTABLES -A OUTPUT -o $INTIF1 -s $INTIP1 -d $INTNET2 -j ACCEPT
>$IPTABLES -A OUTPUT -o $INTIF2 -s $INTIP2 -d $INTNET0 -j ACCEPT
>$IPTABLES -A OUTPUT -o $INTIF2 -s $INTIP2 -d $INTNET1 -j ACCEPT
>$IPTABLES -A OUTPUT -o $INTIF2 -s $INTIP2 -d $INTNET2 -j ACCEPT
>
>$IPTABLES -A OUTPUT -o $EXTIF0 -s $UNIVERSE -d $INTNET0 -j
drop-and-log-it
>$IPTABLES -A OUTPUT -o $EXTIF0 -s $UNIVERSE -d $INTNET1 -j
drop-and-log-it
>$IPTABLES -A OUTPUT -o $EXTIF0 -s $UNIVERSE -d $INTNET2 -j
drop-and-log-it
>
>$IPTABLES -A OUTPUT -o $EXTIF0 -s $EXTIP0 -d $UNIVERSE -j ACCEPT
>
>$IPTABLES -A OUTPUT -s $UNIVERSE -d $UNIVERSE -j drop-and-log-it
>
>echo -e "   - Loading FORWARD rulesets"
>
>echo "     - FWD: Allow all connections OUT and only existing/related
IN"
>#PORTFWIPHTTP="192.168.0.11:80-192.168.0.12:80"
>#PORTFWIPFTP="192.168.0.11:21-192.168.0.12:21"
>PORTFWIPHTTP="192.168.0.11:80"
>PORTFWIPFTP="192.168.0.11:21"
>$IPTABLES -A PREROUTING -t nat -p tcp -d $EXTIP0 --dport 80 -j DNAT --to
$PORTFWIPHTTP
>$IPTABLES -A FORWARD -i $EXTIF0 -o $INTIF2 -p tcp --dport 80 -m state --state
NEW,ESTABLISHED,RELATED -j ACCEPT
>$IPTABLES -A PREROUTING -t nat -p tcp -d $EXTIP0 --dport 21 -j DNAT --to
$PORTFWIPFTP
>$IPTABLES -A FORWARD -i $EXTIF0 -o $INTIF2 -p tcp --dport 21 -m state --state
NEW,ESTABLISHED,RELATED -j ACCEPT
>
>$IPTABLES -A FORWARD -i $EXTIF0 -o $INTIF0 -m state --state ESTABLISHED,RELATED -j
ACCEPT
>$IPTABLES -A FORWARD -i $EXTIF0 -o $INTIF1 -m state --state ESTABLISHED,RELATED -j
ACCEPT
>$IPTABLES -A FORWARD -i $EXTIF0 -o $INTIF2 -m state --state ESTABLISHED,RELATED -j
ACCEPT
>
>$IPTABLES -A FORWARD -i $INTIF1 -o $EXTIF0 -j ACCEPT
>$IPTABLES -A FORWARD -i $INTIF2 -o $EXTIF0 -j ACCEPT
>
>$IPTABLES -A FORWARD -i $INTIF1 -o $INTIF0 -j ACCEPT
>$IPTABLES -A FORWARD -i $INTIF2 -o $INTIF0 -j ACCEPT
>$IPTABLES -A FORWARD -i $INTIF0 -o $INTIF1 -j ACCEPT
>$IPTABLES -A FORWARD -i $INTIF2 -o $INTIF1 -j ACCEPT
>$IPTABLES -A FORWARD -i $INTIF0 -o $INTIF2 -j ACCEPT
>$IPTABLES -A FORWARD -i $INTIF1 -o $INTIF2 -j ACCEPT
>
>$IPTABLES -A FORWARD -j drop-and-log-it
>
>echo -e "\nDone.\n" 

========================================

 
ÀÌÀü±Û : named °¡ ÀÌ»óÇؼ­ ¹®Àǵ帳´Ï´Ù.
´ÙÀ½±Û : ½½·¹ÀÌºê ¼­¹öÀÇ dns µ¿ÀÛ ¤Ð.¤Ñ  		  from 58.231.29.16
JS(Redhands)Board 0.4 +@
named °¡ ÀÌ»óÇؼ­ ¹®Àǵ帳´Ï´Ù. ½½·¹ÀÌºê ¼­¹öÀÇ dns µ¿ÀÛ ¤Ð.¤Ñ
Àμâ¿ë 

apache lighttpd linuxchannel.net 
Copyright 1997-2024. linuxchannel.net. All rights reserved.

Page loading: 0.03(server) + (network) + (browser) seconds