U E D R , A S I H C RSS

FrontPage king/2004-12

Dec 30, 2004
/var/log/messages 에서 "martian source" 로그 계속 뿌려질때
Submitted by king @ 12-30 [05:06 pm]
스푸핑된 패킷이나 소스라우팅, Redirect 패킷에 대해 로그파일에 정보를 남기
도록 설정이 되어있기 때문입니다...
sysctl -a 라고 해서
net.ipv4.conf.eth0.log_martians=1로 설정 되어있는지 확인해보구, 1로 되어
있던걸 0으로 바꿔주면 로그기록을 하지 않습니다.

escada wrote..
: ll header: ff:ff:ff:ff:ff:ff:00:d0:59:4b:aa:76:08:00
: martian source 255.255.255.255 from 127.0.0.1, on dev eth0
: ll header: ff:ff:ff:ff:ff:ff:00:d0:59:4b:aa:76:08:00
: martian source 255.255.255.255 from 127.0.0.1, on dev eth0
: ll header: ff:ff:ff:ff:ff:ff:00:d0:59:4b:aa:76:08:00
: martian source 255.255.255.255 from 127.0.0.1, on dev eth0
: ll header: ff:ff:ff:ff:ff:ff:00:d0:59:4b:aa:76:08:00
: martian source 255.255.255.255 from 127.0.0.1, on dev eth0
: ll header: ff:ff:ff:ff:ff:ff:00:d0:59:4b:aa:76:08:00
: martian source 255.255.255.255 from 127.0.0.1, on dev eth0
: ll header: ff:ff:ff:ff:ff:ff:00:d0:59:4b:aa:76:08:00
: martian source 255.255.255.255 from 127.0.0.1, on dev eth0
: ll header: ff:ff:ff:ff:ff:ff:00:d0:59:4b:aa:76:08:00
: martian source 255.255.255.255 from 127.0.0.1, on dev eth0
: ll header: ff:ff:ff:ff:ff:ff:00:d0:59:4b:aa:76:08:00
: martian source 255.255.255.255 from 127.0.0.1, on dev eth0
: ll header: ff:ff:ff:ff:ff:ff:00:d0:59:4b:aa:76:08:00
: 
: 위의 로그는 어떤 현상인가여?
: 부팅시와 커널메세지로 계속 콘솔로 뿌려지던데..
\

# sysctl -a | grep martian \
을 하면 현재 값을 확인할 수 있고

# sysctl -e net.ipv4.conf.all.log_martians=0 

또는

/etc/sysctl.conf 파일에 
ipv4.conf.all.log_martians = 0 이라고 적어주고

# sysctl -p /etc/sysctl.conf 해주면 된다
\

eepro100 "sleep mode" bug fix
Submitted by king @ 12-30 [03:21 pm]

diag run: eepro100-diag -e -f
To fix run: eepro100-diag -G -w -w -w -f

모니위키 보안설정 강화
Submitted by king @ 12-30 [11:30 am]
1. 사용자등록 못함
# cd /wiki/data
# chmod 500 user\
위와 같이 해주면, 디렉토리 퍼미션 때문에 사용자 등록을 할 수 없다
물론 어느글이던 읽는건 마음대로 할 수 있다.

2. config.php 설정
$security_class="needtologin";\
로긴을 해야 페이지를 수정/추가 할 수 있게 해 놨다.

/etc/cron.d/sysstat
Submitted by king @ 12-30 [10:17 am]
[han313:/etc/cron.d]# cat sysstat
# run system activity accounting tool every 10 minutes
*/10 * * * * root /usr/lib/sa/sa1 1 1
# generate a daily summary of process accounting at 23:53
53 23 * * * root /usr/lib/sa/sa2 -A
\

Dec 28, 2004
/lib/libc.so.6
Submitted by king @ 12-28 [11:17 am]
ns root # /lib/libc.so.6
GNU C Library 20040808 release version 2.3.4, by Roland McGrath et al.
Copyright (C) 2004 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
Compiled by GNU CC version 3.3.4 20040623 (Gentoo Linux 3.3.4-r1, ssp-3.3.2-2, pie-8.7.6).
Compiled on a Linux 2.6.8 system on 2004-12-19.
Available extensions:
        GNU libio by Per Bothner
        crypt add-on version 2.1 by Michael Glad and others
        Native POSIX Threads Library by Ulrich Drepper et al
        BIND-8.2.3-T5B
        NIS(YP)/NIS+ NSS modules 0.19 by Thorsten Kukuk
Thread-local storage support included.
For bug reporting instructions, please see:
<http://www.gnu.org/software/libc/bugs.html>.
\

Dec 24, 2004
한아얄씨 접속법 (6660~6669 포트막힌곳)
Submitted by king @ 12-24 [04:04 pm]
서버 : iz4u.hanirc.org (iz4u.net)
포트 : 8080

Dec 23, 2004
마루타 make.conf
Submitted by king @ 12-23 [10:35 am]
ns root # cat /etc/make.conf
# These settings were set by the catalyst build script that automatically built this stage
# Please consult /etc/make.conf.example for a more detailed example
#CFLAGS="-O2 -march=athlon-xp -fomit-frame-pointer"
CFLAGS="-O3 -march=athlon-xp -fomit-frame-pointer"
CHOST="i686-pc-linux-gnu"
CXXFLAGS="${CFLAGS}"
#MAKEOPTS="-j2"
GENTOO_MIRRORS="http://mirror.gentoo.gr.jp/"
USE="-arts -kde -qt -doc -debug 3dnow X aac aalib acl acpi alsa apache2 avi berkdb bmp bzlib cjk cdr crypt curl db2 fam ftp gdbm gnome gpm gtk gtk2 iconv java joystick maildir mmx mpeg mozilla msn mysql ncurses nls nptl opengl perl png python sasl sdl sqlite svga tiff usb wmf xine xv xvid zlib multichar ssl readline pam oggvorbis encode truetype freetype libg++ libwww mad mikmod motif imlib xml2 jpeg ithreads imap"
\

Dec 20, 2004
fonts
Submitted by king @ 12-20 [11:18 pm]
 * 윈도우 굴림, 바탕, 신굴림
http://onionmixer.net/~tongseob/font/gulim.ttc
http://onionmixer.net/~tongseob/font/batang.ttc
http://onionmixer.net/~tongseob/font/ngulim.ttf

 * 윤디자인 폰트 (unicode)
http://onionmixer.net/~tongseob/font/YoonFonts.tar.gz

 * 은진체, 은글꼴
http://onionmixer.net/~tongseob/font/ttf-alee_4.1.tar.gz
http://onionmixer.net/~tongseob/font/un-fonts-core-1.0.tar.gz
http://onionmixer.net/~tongseob/font/un-fonts-extra-1.0.1.tar.gz

 * bluetux
http://onionmixer.net/~tongseob/font/jin3.pcf.gz
http://onionmixer.net/~tongseob/font/jin4.pcf.gz
\

redhat-artwork gnome theme
Submitted by king @ 12-20 [10:17 pm]
# emerge x11-themes/redhat-artwork
\

gentoo apache2 설치
Submitted by king @ 12-20 [05:05 pm]
Here's a list of what I had to do to get apache "fully" working with SSL support:

1. create the folder "/etc/apache2/conf/ssl"
2. (re)emerge apache
3. create the folder "/usr/lib/apache2/logs"
4. create the folder "/var/cache/apache2"
5. Un-comment APACHE2_OPTS="-D SSL" in "/etc/conf.d/apache2".
6. /etc/init.d/apache2 restart

12월 셋째주 스팸발송 유동 IP List (Blocking)
Submitted by king @ 12-20 [02:09 pm]

Dec 19, 2004
USE Flags
Submitted by king @ 12-19 [03:57 pm]
USE="-arts -kde -qt -doc -debug 3dnow X aac aalib acl acpi alsa apache2 avi berkdb bmp bzlib cjk cdr crypt curl db2 fam ftp gdbm gnome gpm gtk gtk2 iconv java joystick maildir mmx mpeg mozilla msn mysql ncurses nls nptl opengl perl png python sasl sdl sqlite svga tiff usb wmf xine xv xvid zlib multichar ssl readline pam oggvorbis encode truetype freetype libg++ libwww mad mikmod motif imlib xml2 jpeg ithreads imap"
\

Dec 16, 2004
unix time stamp to human time
Submitted by king @ 12-16 [12:12 pm]
$ perl -e'$\="\n"; print scalar localtime(shift);' 1086628571.242
Mon Jun  7 13:16:11 2004
\

bmp, xmms, winamp bluecurve skin
Submitted by king @ 12-16 [10:28 am]

Dec 15, 2004
procps-3.2.4 깔았을경우 업데이트 되는 패키지 리스트
Submitted by king @ 12-15 [04:33 pm]
[root@ns procps-3.2.4]# make install
install -D --owner 0 --group 0 --mode a=rx uptime /usr/bin/uptime
install -D --owner 0 --group 0 --mode a=rx tload /usr/bin/tload
install -D --owner 0 --group 0 --mode a=rx free /usr/bin/free
install -D --owner 0 --group 0 --mode a=rx w /usr/bin/w
install -D --owner 0 --group 0 --mode a=rx top /usr/bin/top
install -D --owner 0 --group 0 --mode a=rx vmstat /usr/bin/vmstat
install -D --owner 0 --group 0 --mode a=rx watch /usr/bin/watch
install -D --owner 0 --group 0 --mode a=rx skill /usr/bin/skill
install -D --owner 0 --group 0 --mode a=rx snice /usr/bin/snice
install -D --owner 0 --group 0 --mode a=rx kill /bin/kill
install -D --owner 0 --group 0 --mode a=rx sysctl /sbin/sysctl
install -D --owner 0 --group 0 --mode a=rx pmap /usr/bin/pmap
install -D --owner 0 --group 0 --mode a=rx pgrep /usr/bin/pgrep
install -D --owner 0 --group 0 --mode a=rx pkill /usr/bin/pkill
install -D --owner 0 --group 0 --mode a=rx slabtop /usr/bin/slabtop
install -D --owner 0 --group 0 --mode a=rx pwdx /usr/bin/pwdx
install -D --owner 0 --group 0 --mode a=r uptime.1 /usr/share/man/man1/uptime.1
install -D --owner 0 --group 0 --mode a=r tload.1 /usr/share/man/man1/tload.1
install -D --owner 0 --group 0 --mode a=r free.1 /usr/share/man/man1/free.1
install -D --owner 0 --group 0 --mode a=r w.1 /usr/share/man/man1/w.1
install -D --owner 0 --group 0 --mode a=r top.1 /usr/share/man/man1/top.1
install -D --owner 0 --group 0 --mode a=r watch.1 /usr/share/man/man1/watch.1
install -D --owner 0 --group 0 --mode a=r skill.1 /usr/share/man/man1/skill.1
install -D --owner 0 --group 0 --mode a=r kill.1 /usr/share/man/man1/kill.1
install -D --owner 0 --group 0 --mode a=r snice.1 /usr/share/man/man1/snice.1
install -D --owner 0 --group 0 --mode a=r pgrep.1 /usr/share/man/man1/pgrep.1
install -D --owner 0 --group 0 --mode a=r pkill.1 /usr/share/man/man1/pkill.1
install -D --owner 0 --group 0 --mode a=r pmap.1 /usr/share/man/man1/pmap.1
install -D --owner 0 --group 0 --mode a=r sysctl.conf.5 /usr/share/man/man5/sysctl.conf.5
install -D --owner 0 --group 0 --mode a=r vmstat.8 /usr/share/man/man8/vmstat.8
install -D --owner 0 --group 0 --mode a=r sysctl.8 /usr/share/man/man8/sysctl.8
install -D --owner 0 --group 0 --mode a=r slabtop.1 /usr/share/man/man1/slabtop.1
install -D --owner 0 --group 0 --mode a=r pwdx.1 /usr/share/man/man1/pwdx.1
ldconfig
cd /usr/bin/ && ln -f skill snice
cd /usr/bin/ && ln -f pgrep pkill
\

12월 1일 스팸발송 유동 IP List (Blocking)
Submitted by king @ 12-15 [04:22 pm]

ntop - network monitoring !!!
Submitted by king @ 12-15 [03:43 pm]

winXP 에서 msn 메신저 한글입력 오류
Submitted by king @ 12-15 [10:04 am]

Dec 10, 2004
iptable 사용방법
Submitted by king @ 12-10 [04:19 pm]
--begin script--
#!/bin/sh

# 우선 모든 Rule을 정리한다.

/sbin/iptables -F

# sshd 응답을 받아들인다.

/sbin/iptables -A INPUT -i eth0 -p tcp --source-port 22 -j ACCEPT 

# 다음으로 각각에 대한 정책을 세운다.
* 주의사항 : 원격에서 작업하면 바로 DROP 되므로, 로컬에서 작업해야한다 
단, 위와같이 sshd 포트인 22번을 열어두었을 경우는 작업계속 가능하다.

/sbin/iptables -P INPUT DROP
/sbin/iptables -P OUTPUT ACCEPT
/sbin/iptables -P FORWARD DROP

# localhost에서의 traffic을 받아들인다.

/sbin/iptables -A INPUT -i lo -j ACCEPT

# 확립된 연결에 대한 Packet을 받아들인다.

/sbin/iptables -A INPUT -i eth0 -p tcp ! --syn -j ACCEPT

# DNS 응답을 받아들인다.

/sbin/iptables -A INPUT -i eth0 -p tcp --source-port 53 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p udp --source-port 53 -j ACCEPT

# 인증 연결을 거부한다(그렇지 않을 경우 메일서버가 오랫동안 타임아웃 상태가 될 것이다.)
/sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 113 -j REJECT

# echo나 목적지에 도착 못하거나 시간 초과된 icmp packet들을 받아들인다.

/sbin/iptables -A INPUT -i eth0 -p icmp --icmp-type 0 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --icmp-type 3 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --icmp-type 11 -j ACCEPT

--end script&#8212; 
\

Dec 09, 2004
manpage 사용법
Submitted by king @ 12-09 [05:53 pm]
             1 Commands
                        Those commands that can be executed by the user  from
                        within a shell.

              2 System calls
                        Those  functions  which must be performed by the ker-
                        nel.

              3 Library calls
                        Most of the libc functions, such as qsort(3).

              4 Special files
                        Files found in /dev.

              5 File formats and conventions
                        The format for /etc/passwd and  other  human-readable
                        files.

              6 Games

              7 Conventions and miscellaneous
                        A  description  of  the  standard file system layout,
                        network protocols, ASCII and other  character  codes,
                        this man page, and other things.

              8 System management commands
                        Commands  like  mount(8), many of which only root can
                        execute.

              9 Kernel routines
                        This is an obsolete  manual  section.   Once  it  was
                        thought  a  good  idea  to  document the Linux kernel
                        here, but in fact very little  has  been  documented,
                        and   the   documentation  that  exists  is  outdated
                        already. There are better sources of information  for
                        kernel developers.
\

Dec 08, 2004
bluetux 옹이 만든 글꼴
Submitted by king @ 12-08 [03:48 pm]

cvs서버 설정하기
Submitted by king @ 12-08 [11:05 am]
하우cvs서버 설정하기 | 노하우 2004/08/20 20:36
http://blog.naver.com/skytango/100005088308

설정이라기보다. 웬만한 리눅스에는 다 깔려있으므로 기동하는 법 정도를 적어봅니다.



cvs server 설정방법

1. cvs 가 깔려있는지 확인한다.
rpm -q | grep cvs
깔려있지 않다면 cvs rpm을 받아 설치한다.

2. CVSROOT를 환경변수로 잡아준다.
export CVSROOT=/home/cvs/

3. /etc/xinetd.d/ 에 다음과 같은 파일을 추가 시킨다.
cvspserver

service cvspserver
{
disable = no
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/bin/cvs
server_args = -f --allow-root=/home/cvs pserver
log_on_failure += USERID
}

4. /etc/init.d 에 가서 xinetd를 리로드시킨다.
./xinetd reload

5. cvs를 초기화한다.
cvs init

6. /home/cvs/CVSROOT에 가보면 디렉토리가 생성되어 있다.

Dec 06, 2004
emerge error
Submitted by king @ 12-06 [10:07 pm]
x31 nabi # emerge nabi-0.15.ebuild
emerging by path implies --oneshot... adding --oneshot to options.

*** emerging by path is broken and may not always work!!!

Calculating dependencies
*** You are emerging a masked package. It is MUCH better to use
*** /etc/portage/package.* to accomplish this. See portage(5) man
*** page for details.
>>> Waiting 10 seconds before starting...
>>> (Control-C to abort)...
Continuing... in: 10 9 8 7 6 5
\
  • 해결방법

ACCEPT_KEYWORDS="~x86" emerge \=nabi-0.15
\
이런식으로 입력을 하면 된다 !!!

4DESK
Submitted by king @ 12-06 [06:58 pm]

2004년 12월 6일 현재 한아얄씨 채널 자동조인 리스트
Submitted by king @ 12-06 [04:32 pm]
/j #blue
/j #debian
/j #gentoo
/j #gnome
/j #kida_팬클럽
/j #kldp
/j #linux
/j #onion
/j #perky
/j #soojung
/j #is.mina
/j #gentoo_doc
/j #CodeFest

Dec 03, 2004
gaim icon 바꾸기
Submitted by king @ 12-03 [01:42 am]
<까나리|X31> onion_x31win: /usr/share/pixmaps/gaim/status/default/msn.png  이놈이 버디아이콘
<까나리|X31> (교체해 주시면되요)
<까나리|X31> onion_x31win: /usr/share/pixmaps/gaim/icons/online.png 이놈은 트레이 아이콘
<까나리|X31> 카피만 하면 끝 -0-
\

Install GNU/Linux without any CD, floppy, USB-key, nor any other remov
Submitted by king @ 12-02 [03:40 pm]
Valid XHTML 1.0! Valid CSS! powered by MoniWiki
last modified 2004-12-30 17:06:30
Processing time 0.0595 sec