Absolute FreeBSD, 2nd Edition 看书记录[原创]
Absolute FreeBSD, 2nd Edition 看书记录[原创]
FreeBSD, 2nd Edition
The Complete Guide to FreeBSD
by Michael W. Lucas
#ABSOLUTE FreeBSD 2ND Edition
#The Complete Guide To FreeBSD
#------------------------------------------------------
# load boot/kernel.good/kernel
# fsck -p
# loader.conf配置
# verbose_loading="NO" 详细显示启动信息
# console="vidconsole"
# console="comconsole" 串口控制台
# console="comconsole vidconsole" 同时设置
# kern.maxuser="32"
# boot_verbose="NO"
# autoboot_delay="10"
# beastie_disable="NO"
# loader_logo="fbsdbw" logo设置
#------------------------------------------------------
#------------------------------------------------------
# rc.conf设置
# rc_debus="NO"
# rc_info="NO"
# swapfile="NO"
# tmpfs="AUTO"
# tmpsize="20M"
# tmpmfs_flags="-S"
#root_rw_mount="YES"
#fsk_y_enable="NO"
#后台运行fsck
#background_fsck="YES"
#background_fsck_delay="60"
#syslogd_enable="YES" log服务
#syslogd_flags="-s"
#inetd_enable="NO" xinetd_enable="NO"
#sshd_enable="YES"
#sshd_flags=""
ntpd_enable="NO"
ntpd_flags="-p /var/run/ntpd.pid -f /var/db/ntpd.drift"
hostname="mybsd" 设置主机名
pf_enable="NO" 使能pf
//
tcp_extensions="YES"
log_in_vain="0" p115页
//丢弃icmp包,防别人ping
icmp_drop_redirect="NO"
icmp_log_redirect="NO"
#------------------------------------------------------
#network_interfaces="" #p324
#sshd_enable="YES"
# ifconfig_em0="inet 192.168.1.8 netmask 255.255.255.0"
# ifconfig_em0="dhcp"
# ifconfig_em0_alias="192.168.1.9 netmask 255.255.255.0"
# defaultrouter="192.168.1.1"
# gateway_enable="NO"
# router_enable="NO"
# keymap=NO"
# blanktime="300" 秒为单位
#
# font8x16="NO"
# font8x14="NO"
# font8x8="NO"
#
# moused_enable="NO"
# moused_type="AUTO"
#
# allscreens_flags=""
# allscreens_kbdflags="" #kidcontrol -b off
#
# linux_enable="NO"
# ldconfig_paths="/usr/lib /usr/X11R6/lib"
# kern_securelevel_enable="NO"
# kern_securelevel="-1"
#
# p152页
# sysctl功能
# kern 内核功能
# vm 虚拟内存
# vfs 文件系统
# net 网络
# debug 调试
# hw 硬件
# user 用户态接口信息
# p1003_1b posix behavior
# compat Kernel compatibility with foreign software (seee Chapter 12)
# security 安全特性
# dev 设备驱动
#================================
#kern.bootfile = /boot/kernel
#查看sysctls信息
#sysctl kern
#kern.ostype: FreeBSD
#kern.osrelease: 7.1-Release
#kern.osrevision: xxx
#================================
#sysctl kern.securelevel
#kern.securelevel: -1
#每个进程能打开的最大文件数
#sysctl -d kern.maxfilesperproc
#kern.maxfilesperproc: Maximum file allowed open per process
#hw.model: AMD Atholon(tm) 64 X2 Dual Core
#vfs.usermount: 0
#sysctl vfs.usermount=1
================================
#通过设置loader.conf来实现引导期的sysctl设置
#hw.ata.atapi_dma="0"
#==================================
#查看内核模块
#kldstat
kldload /boot/kernel/wlan_wep.ko
kldunload wlan_wep.ko
#可以直接补全不需要全名
#==================================
procfs_load="YES" #挂载 /proc
#==================================
#定制内核
#备份以前的内核
cp -Rp /boot/kernel /boot/kernel.good
#在使用新编译内核启动失败时可以
#可以使用load 加载内核和驱动模块
ok load /boot/kernel.good/kernel
ok load /boot/kernel.good/acpi.ko
ok boot
#==========================
mv /boot/kernel /boot/kernel.test
mkdir /boot/kernel
#cp /boot/kernel.good/* /boot/kernel/
cd /usr/src/sys/i386/conf/
vim MYKERNEL
make LINT
#cd /usr/src
make KERNCONF=MYKERNEL INSTKERNAME=test kernel
#make kernel 相当于make buildkernel + make installkernel
#==========================
#nextboot -k kenel.test
#mv /boot/kernel /boot/kernel.previous
#mv /boot/kernel.test /boot/kernel
#==========================
#内核选项打开APE使能超越4G内存限制
#---------P194页--------------
#rc.conf中的格式 ifconfig_interfacename="ifconfig arguments"
#ifconfig fxp0 192.168.1.250/24 media 1000baseTX mediaopt full-duplex
#ifconfig_re0="192.168.1.250 255.255.255.0 media 1000baseTX mediaopt full-duplex"
#route add default 192.168.1.1
#在rc.conf中的设置为 defaultrouter="192.168.1.1"
#梆定多IP方法
#ifconfig_fxp0_alias0="192.168.1.5/32"
#p197页 ifconfig fxp1 name test1 修改网络设备接口名
#rc.conf中设置 ifconfig_fxp1_name="test1"
#ifconfig_fxp1_name="dmz2"
#ifconfig_dmz2="192.168.1.2 netmask 255.255.255.0"
#ifconfig_dmz2_alias0="192.168.1.3"
#ifconfig_fxp0="DHCP"
#-------------------------------------
#查看当前网络状态
#netstat -w 5 -d (-w 后接时间表示5秒刷新 )
#netstat -4 查看tcp/udp 4 的情况
#Port Listeners in Detail
#netstat -na -f inet (只关心网络连接因为默认要把本地的也显示出来)
#Network Capacity in the kernel
#netstat -m
#优化网络
#sysctl kern.ipc.nmbclusters
#kern.ipc.nmbclusters: 25600
#sysctl net.inet.tcp.sendspace
#sysctl net.inet.tcp.recvspace
#sysctl net.inet.udp.recvspace
#-------------------------------------
#p206 Polling
#ifconfig re0 polling
#-------------------------------------
#安全
#chflags schg /boot/kernel/kernel
#chflags noschg /boot/kernel/kernel
#chflags -R schg /bin
#-------------------------------------
#####P243页磁盘与文件系统###
#fd* Floppy disks
#acd* IDE CD drivers
#ad* ATA and SATA hard disks and partitions
#cd* SCSI CD Driver
#da* SCSI SAS USB盘等
#du -h -d0 $HOME
#du -h -d1 $HOME
#FFS MOUNT OPT
#noatime, noexec, nosuid, nosymfollow
####Write Caching
#在/boot/loader.conf
#hw.ata.wc=0
#mount -t cd9660 /dev/acd0 /cdrom
#mount -t msdos -u axlrose -g mygroup /dev/da0s1 /media/usbdisk
#p264页 Create an FFS Filesystem
# disklabel -r -w /dev/fd0 fd1440
# (-r raw方式访问,因为没有文件系统)
# (-w write写入磁盘)
# newfs /dev/fd0
# newfs_msdos /dev/fd0
#/dev/acd0 /cdrom cd9660 ro,noauto 0 0
#/dev/fd0 /mnt msdosfs ro,noauto 0 0
#p264页tmpfs
#---------------------------------
#创建及挂载内存盘
#在home xxx下创建大小为8M size的内存盘
# mdmfs -s 8m md /home/mwlucas/test
# mdmfd -F diskimage.file md /mnt
# (-F 指定文件)
#卸载内存盘
# umount /mnt =>> mdconfig -d -u 41
# (-d destroy -u 设置号 -u 41 = /dev/md41)
# /etc/fstab
# md /home/mwlucas/test mfs rw,-s 8m 0 0
# 挂载磁盘境像
# mdconfig -a -t vnode -f /home/mwlucas/7.1-RELEASE-cd1.iso md0
# (-a attach -d
# mount -t cd9660 /dev/md0 /mnt
# mdconfig -l (--list)
# md0 md1
# mdconfig -l -u 1
# md1 vnode 456M /slice1/usr/home/mwclus/iso/osma-51-live.iso
#创建一个空的文件系统文件
#dd if=/dev/zero of=filesystem.file bs=1m count=1k
# mdconfig -a -t vnode -f filesystem.file md0
# newfs -U /dev/md0 (-U 使能softupdate)
# mount /dev/md0 /mnt
# 在 /etc/fstab中的挂载方法 P270页
#md /mnt mfs rw,-P,-F/home/mwlucas/filesystem.file 0 0
#---------------------------------
#添加新硬盘 P272
#创建slices
#/dev/da10s1b none swap sw 0 0
#---------------------------------
#P276页 NFS文件系统
# nfs_server_enable="YES"
# rpcbind_enable="YES"
# mountd_enable="YES"
# rpc_lockd_enable="YES"
# rpc_statd_enable="YES"
# p280页
# mount -o tcp,intr,soft,-w=32768,-r=32768 server:/usr/home/mwlucas /mnt
#---------------------------------
#p283页 samba
# smbutil view //unix@ntserv1 (查看samba服务器)
# smbutil logout //unix@ntserv1
# mount_smbfs //unix@ntserv1/MP3 /home/axlrose/smbmount
#---------------------------------
#---------------------------------
#p286 devfs
#/etc/devfs.conf
# action realdevice desiredvalue
#p290
#devd(8) Example: Laptops
#ifconfig_wi0="inet dhcp ssid WriteFaster wepkey
# 0xdeadbeefbadc0decafe123467 weptxkey 1 wepmode on channel 1"
#
#--------spawning-----p302
# ALL : PARANOID : spawn (/bin/echo %a >> /var/log/misconfigured) \
# : allow
#---------------------------------
#-------------------
#p328
#Preparing for Intrusions with mtree
# mtree -x -ic -K cksum -K md5digest -K sha256digest -p / -X /home/mw/mtree-exclude > /tmp/mtree.out
#reacting to an Intrusion
# mtree -f savedspec -f newspec > mtree.differences
#-------------------
#------------------------------------------------------
#p359 pkg_add PKG_TMPDIR PKGDIR PACKAGEROOT PACKAGESITE
#p361 pkg_info -aR (-a all -R require)
# pkg_info -W /usr/local/bin/gtail
#p367 make WITH_DEBUG=1 install (给make 传递参数)
#------------------------------------------------------
#------------------------------------------------------
#p383
#rcorder /etc/rc.d/* /usr/local/etc/rc.d/*
##!/bin/sh
# PROVIDE: rpcbind
# REQUIRE: NETWORKING ntpdate
# . /etc/rc.subr
# name="rpcbind"
# rcvar="set_rcvar"
# command="/usr/sbin/${name}"
# load_rc_config $name
# run_rc_command "$1"
#------------------------------------------------------
#------------------------------------------------------
#ldconfig -r (p387)
#/etc/default/rc.conf
#ldconfig_paths="/usr/lib/compat /usr/local/lib"
#ldconfig_local_dirs="/usr/local/libdata/ldconfig" (ports和pkg 要用到这个变量)
# setenv LD_LIBRARY_PATH /home/mwlucas/lib:/tmp/testlibs
#------------------------------------------------------
#------------------------------------------------------
#p399 Identifying and Setting Brands
#brandelf /bin/sh
# brandelf -t Linux /usr/local/bin/program
# linprocfs in fstab
# linproc /compat/linux/proc linprocfs rw 0 0
# pgp -h
#------------------------------------------------------
#------------------------------------------------------
#--p422 mergemaster -p
#--p426 make check-old
#--p427 mergemaster -iU
#--p431 交叉编译FreeBSD
#make TARGET=sparc64 buildworld && make TARGET=sparc64 buildkernel
#--p439 portmaster sudo
# portmaster -o editors/emacs20 editors/emacs21
#------------------------------------------------------
#------------------------------------------------------
#--p565 磁盘
#备份Slice Table
# fdisk -p /dev/da0 > da0.slice.backup
# fdisk -f da0.slice.backup /dev/da0
# 改变Slice Table
# fdisk -BI /dev/da17 (-B reinit the MBR)
# fdisk -u /dev/da17
# 读Disklabels
# disklabel /dev/ad0s1
# 备份和恢复Disklabels
# disklabel /dev/da0s1 > da0s1.label.bakcup
# disklabel -R /dev/da0s1 da0s1.label.backup
# --p572 Missing Disklabels
# disklabel -w /dev/da0
# 构建文件系统 nwefs -U /dev/da2s1d
#------------------------------------------------------
#------------------------------------------------------
#Process vmstat (-r -b -w)
# top Load Average (当前分钟 5分钟前 15分钟前)
# Memory (Active memory
# FreeMemory Cache Memory InactiveMemory
#运行top时按下 M 键进入 I/O 监控显示,类似iotop
# --p615
# sysctl vm.v_free_target
# sysctl hw.pagesize
#------------------------------------------------------
#------------------------------------------------------
#--p645 Diskless Packages and Files
#安装包 cp /usr/ports/packages/All/jdk-1.5.0.11p5,1.tbz /var/diskless/1
# pkg_add -C /var/diskless/1 /jdk-1.5.0.11p5,1.tbz
#------------------------------------------------------
版权声明:本文内容由网络用户投稿,版权归原作者所有,本站不拥有其著作权,亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容,请联系我们jiasou666@gmail.com 处理,核实后本网站将在24小时内删除侵权内容。
最近发表
推荐文章
热评文章
