- 浏览: 1482757 次
- 性别:
- 来自: 北京
文章分类
- 全部博客 (691)
- linux (207)
- shell (33)
- java (42)
- 其他 (22)
- javascript (33)
- cloud (16)
- python (33)
- c (48)
- sql (12)
- 工具 (6)
- 缓存 (16)
- ubuntu (7)
- perl (3)
- lua (2)
- 超级有用 (2)
- 服务器 (2)
- mac (22)
- nginx (34)
- php (2)
- 内核 (2)
- gdb (13)
- ICTCLAS (2)
- mac android (0)
- unix (1)
- android (1)
- vim (1)
- epoll (1)
- ios (21)
- mysql (3)
- systemtap (1)
- 算法 (2)
- 汇编 (2)
- arm (3)
- 我的数据结构 (8)
- websocket (12)
- hadoop (5)
- thrift (2)
- hbase (1)
- graphviz (1)
- redis (1)
- raspberry (2)
- qemu (31)
- opencv (4)
- socket (1)
- opengl (1)
- ibeacons (1)
- emacs (6)
- openstack (24)
- docker (1)
- webrtc (11)
- angularjs (2)
- neutron (23)
- jslinux (18)
- 网络 (13)
- tap (9)
- tensorflow (8)
- nlu (4)
- asm.js (5)
- sip (3)
- xl2tp (5)
- conda (1)
- emscripten (6)
- ffmpeg (10)
- srt (1)
- wasm (5)
- bert (3)
- kaldi (4)
- 知识图谱 (1)
最新评论
-
wahahachuang8:
我喜欢代码简洁易读,服务稳定的推送服务,前段时间研究了一下go ...
websocket的helloworld -
q114687576:
http://www.blue-zero.com/WebSoc ...
websocket的helloworld -
zhaoyanzimm:
感谢您的分享,给我提供了很大的帮助,在使用过程中发现了一个问题 ...
nginx的helloworld模块的helloworld -
haoningabc:
leebyte 写道太NB了,期待早日用上Killinux!么 ...
qemu+emacs+gdb调试内核 -
leebyte:
太NB了,期待早日用上Killinux!
qemu+emacs+gdb调试内核
http://weibo.com/xianggebujimo
http://weibo.com/u/2085754030
http://weibo.com/killinux
http://weibo.com/giantchen
http://pushchen.com/
http://guoyong.me
重启vpn
linode上网
ssh隧道
http://blog.jianingy.com/2009/09/ssh%E9%9A%A7%E9%81%93%E6%8A%80%E6%9C%AF%E7%AE%80%E4%BB%8B/#viewSource
配置vpn
http://blog.tech4k.com/?tag=ubuntu
http://www.jacco2.dds.nl/networking/openswan-macosx.html
http://apple4.us/2010/05/setting-up-l2tp-vpn-on-debian-ubuntu.html
这个配置能成功vpn但是不知道怎么用,难道是长城宽带得问题?
ubuntu11.10
apt-get install openswan
/etc/ipsec.conf
sudo ipsec verify
/etc/init.d/ipsec restart
aptitude install xl2tpd
aptitude install ppp
/etc/init.d/xl2tpd restart
转发包
因为某种原因,openswan 在服务器重启后无法正常自动,所以我们可以在 /etc/rc.local 文件里写入如下语句:
http://hi.baidu.com/%CE%DE%D2%B5%C3%CD%C4%D0/blog/item/31c12e4754defc32cffca3f0.html
mac去掉证书
http://lxneng.com/posts/177
-----------
mac的客户端配置socket代理
127.0.0.1
端口 1080
参考ssh隧道;
http://blog.jianingy.com/2009/09/ssh%E9%9A%A7%E9%81%93%E6%8A%80%E6%9C%AF%E7%AE%80%E4%BB%8B/#viewSource
http://weibo.com/u/2085754030
http://weibo.com/killinux
http://weibo.com/giantchen
http://pushchen.com/
http://guoyong.me
重启vpn
/etc/init.d/ipsec restart /etc/init.d/xl2tpd restart rpm -Uvh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-2.noarch.rpm
linode上网
ssh隧道
http://blog.jianingy.com/2009/09/ssh%E9%9A%A7%E9%81%93%E6%8A%80%E6%9C%AF%E7%AE%80%E4%BB%8B/#viewSource
配置vpn
http://blog.tech4k.com/?tag=ubuntu
http://www.jacco2.dds.nl/networking/openswan-macosx.html
http://apple4.us/2010/05/setting-up-l2tp-vpn-on-debian-ubuntu.html
这个配置能成功vpn但是不知道怎么用,难道是长城宽带得问题?
ubuntu11.10
apt-get install openswan
/etc/ipsec.conf
root@haoning:~# cat /etc/ipsec.conf # /etc/ipsec.conf - Openswan IPsec configuration file # This file: /usr/share/doc/openswan/ipsec.conf-sample # # Manual: ipsec.conf.5 version 2.0 # conforms to second version of ipsec.conf specification # basic configuration config setup # Do not set debug options to debug configuration issues! # plutodebug / klipsdebug = "all", "none" or a combation from below: # "raw crypt parsing emitting control klips pfkey natt x509 dpd private" # eg: # plutodebug="control parsing" # # enable to get logs per-peer # plutoopts="--perpeerlog" # # Again: only enable plutodebug or klipsdebug when asked by a developer # # NAT-TRAVERSAL support, see README.NAT-Traversal nat_traversal=yes # exclude networks used on server side by adding %v4:!a.b.c.0/24 virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12 # OE is now off by default. Uncomment and change to on, to enable. oe=off # which IPsec stack to use. auto will try netkey, then klips then mast #protostack=auto protostack=netkey # Add connections here # sample VPN connection # for more examples, see /etc/ipsec.d/examples/ #conn sample conn L2TP-PSK-NAT rightsubnet=vhost:%priv also=L2TP-PSK-noNAT conn L2TP-PSK-noNAT authby=secret pfs=no auto=add keyingtries=3 rekey=no ikelifetime=8h keylife=1h type=transport left=YOUR.SERVER.IP.ADDRESS leftprotoport=17/1701 right=%any rightprotoport=17/%any # # Left security gateway, subnet behind it, nexthop toward right. # left=10.0.0.1 # leftsubnet=172.16.0.0/24 # leftnexthop=10.22.33.44 # # Right security gateway, subnet behind it, nexthop toward left. # right=10.12.12.1 # rightsubnet=192.168.0.0/24 # rightnexthop=10.101.102.103 # # To authorize this connection, but not actually start it, # # at startup, uncomment this. # #auto=add root@haoning:~#
root@haoning:~# cat /etc/ipsec.secrets # RCSID $Id: ipsec.secrets.proto,v 1.3.6.1 2005/09/28 13:59:14 paul Exp $ # This file holds shared secrets or RSA private keys for inter-Pluto # authentication. See ipsec_pluto(8) manpage, and HTML documentation. # RSA private key for this host, authenticating it to any other host # which knows the public part. Suitable public keys, for ipsec.conf, DNS, # or configuration of other implementations, can be extracted conveniently # with "ipsec showhostkey". # this file is managed with debconf and will contain the automatically created RSA keys include /var/lib/openswan/ipsec.secrets.inc YOUR.SERVER.IP.ADDRESS %any: PSK "YourSharedSecret" root@haoning:~#
for each in /proc/sys/net/ipv4/conf/* do echo 0 > $each/accept_redirects echo 0 > $each/send_redirects done
sudo ipsec verify
/etc/init.d/ipsec restart
aptitude install xl2tpd
root@haoning:~# cat /etc/xl2tpd/xl2tpd.conf ; ; Sample l2tpd configuration file ; ; This example file should give you some idea of how the options for l2tpd ; should work. The best place to look for a list of all options is in ; the source code itself, until I have the time to write better documetation :) ; Specifically, the file "file.c" contains a list of commands at the end. ; ; You most definitely don't have to spell out everything as it is done here ; [global] ; Global parameters: ipsec saref = yes ;port = 1701 ; * Bind to port 1701 ;auth file = /etc/ppp/chap-secrets ; auth file = /etc/l2tpd/l2tp-secrets ; * Where our challenge secrets are ; access control = yes ; * Refuse connections without IP match ; rand source = dev ; Source for entropy for random ; ; numbers, options are: ; ; dev - reads of /dev/urandom ; ; sys - uses rand() ; ; egd - reads from egd socket ; ; egd is not yet implemented ; [lns default] ; Our fallthrough LNS definition ; exclusive = no ; * Only permit one tunnel per host ;ip range = 192.168.10.2-192.168.10.250 ; * Allocate from this IP range ip range = 10.1.2.2-10.1.2.255 local ip = 10.1.2.1 ; no ip range = 192.168.0.3-192.168.0.9 ; * Except these hosts ; ip range = 192.168.0.5 ; * But this one is okay ; ip range = lac1-lac2 ; * And anything from lac1 to lac2's IP ; lac = 192.168.1.4 - 192.168.1.8 ; * These can connect as LAC's ; no lac = untrusted.marko.net ; * This guy can't connect ; hidden bit = no ; * Use hidden AVP's? ;local ip = 192.168.10.1 ; * Our local IP to use ; length bit = yes ; * Use length bit in payload? require chap = yes ; * Require CHAP auth. by peer refuse pap = yes ; * Refuse PAP authentication ; refuse chap = no ; * Refuse CHAP authentication ; refuse authentication = no ; * Refuse authentication altogether require authentication = yes ; * Require peer to authenticate ; unix authentication = no ; * Use /etc/passwd for auth. name = localhost ; * Report this as our hostname ppp debug = yes ; * Turn on PPP debugging ; pppoptfile = /etc/ppp/options.l2tpd.lns ; * ppp options file pppoptfile = /etc/ppp/options.xl2tpd ; * ppp options file length bit = yes ; call rws = 10 ; * RWS for call (-1 is valid) ; tunnel rws = 4 ; * RWS for tunnel (must be > 0) ; flow bit = yes ; * Include sequence numbers ; challenge = yes ; * Challenge authenticate peer ; ; rx bps = 10000000 ; Receive tunnel speed ; tx bps = 10000000 ; Transmit tunnel speed ; bps = 100000 ; Define both receive and transmit speed in one option ; [lac marko] ; Example VPN LAC definition ; lns = lns.marko.net ; * Who is our LNS? ; lns = lns2.marko.net ; * A backup LNS (not yet used) ; redial = yes ; * Redial if disconnected? ; redial timeout = 15 ; * Wait n seconds between redials ; max redials = 5 ; * Give up after n consecutive failures ; hidden bit = yes ; * User hidden AVP's? ; local ip = 192.168.1.1 ; * Force peer to use this IP for us ; remote ip = 192.168.1.2 ; * Force peer to use this as their IP ; length bit = no ; * Use length bit in payload? ; require pap = no ; * Require PAP auth. by peer ; require chap = yes ; * Require CHAP auth. by peer ; refuse pap = yes ; * Refuse PAP authentication ; refuse chap = no ; * Refuse CHAP authentication ; refuse authentication = no ; * Refuse authentication altogether ; require authentication = yes ; * Require peer to authenticate ; name = marko ; * Report this as our hostname ; ppp debug = no ; * Turn on PPP debugging ; pppoptfile = /etc/ppp/options.l2tpd.marko ; * ppp options file for this lac ; call rws = 10 ; * RWS for call (-1 is valid) ; tunnel rws = 4 ; * RWS for tunnel (must be > 0) ; flow bit = yes ; * Include sequence numbers ; challenge = yes ; * Challenge authenticate peer ; ; [lac cisco] ; Another quick LAC ; lns = cisco.marko.net ; * Required, but can take from default ; require authentication = yes root@haoning:~#
aptitude install ppp
root@haoning:~# cat /etc/ppp/options.xl2tpd require-mschap-v2 ms-dns 106.187.34.20 ms-dns 106.187.35.20 asyncmap 0 auth crtscts lock hide-password modem debug name l2tpd proxyarp lcp-echo-interval 30 lcp-echo-failure 4 root@haoning:~#
root@haoning:~# cat /etc/ppp/chap-secrets # Secrets for authentication using CHAP # client server secret IP addresses haohao l2tpd testpassword * #haohao * testpassword * root@haoning:~#
/etc/init.d/xl2tpd restart
转发包
iptables --table nat --append POSTROUTING --jump MASQUERADE echo 1 > /proc/sys/net/ipv4/ip_forward
因为某种原因,openswan 在服务器重启后无法正常自动,所以我们可以在 /etc/rc.local 文件里写入如下语句:
iptables --table nat --append POSTROUTING --jump MASQUERADE echo 1 > /proc/sys/net/ipv4/ip_forward for each in /proc/sys/net/ipv4/conf/* do echo 0 > $each/accept_redirects echo 0 > $each/send_redirects done /etc/init.d/ipsec restart
http://hi.baidu.com/%CE%DE%D2%B5%C3%CD%C4%D0/blog/item/31c12e4754defc32cffca3f0.html
mac去掉证书
http://lxneng.com/posts/177
需要连接一个L2TP协议的vpn, 填好信息竟然报错“IPSec 共享密钥”丢失。请验证您的设置并尝试重新连接。 但是这个vpn不需要IPSec 共享密钥啊, google了一把发现需要打补丁来绕过它。 在/etc/ppp目录下新建一个文件options, 写入下面的内容 plugin L2TP.ppp l2tpnoipsec 就可以无需密钥连接了,最后别忘了把高级设置里面"通过VPN连接发送所有流量"钩上。
-----------
ssh代理上网 ssh -N -f -D 1080 远程服务器ip lsof -i:1080 ps -ef|grep 4393 netstat -abn |grep 1080
mac的客户端配置socket代理
127.0.0.1
端口 1080
参考ssh隧道;
http://blog.jianingy.com/2009/09/ssh%E9%9A%A7%E9%81%93%E6%8A%80%E6%9C%AF%E7%AE%80%E4%BB%8B/#viewSource
发表评论
-
wordpress的helloworld
2014-04-08 16:21 11132014重新建立wordpress 1.启动fastcgi ... -
win7和ubuntu双系统的硬盘安装
2014-01-09 13:37 1653win7 ubuntu安装 准备: EasyBCD.exe u ... -
自我总结和检讨
2013-04-15 22:56 1113我学过很多东西,别人玩的时候我都在学,一直以为自己够努力了,但 ... -
eclipse的svn快捷键
2012-12-13 17:20 2653添加svn快捷键: 以设置更新为例: 1.windo ... -
需要看的
2012-08-02 23:07 750指针 gdb emacs socket epoll 网络编程 ... -
emacs使用
2012-07-31 23:08 1353c+h t c+u 8 c+f 有用 的链接 http:/ ... -
suse及业务笔记
2012-04-06 19:20 2137什么是cp什么是sp http://wenku.baidu.c ... -
bat修改host
2012-02-09 09:29 827@echo off echo project 本地测试环 ... -
What the Hell is Study Hacks?
2011-12-09 23:30 946转http://calnewport.com/blog/200 ... -
(转)OUTLOOK 如何最小化后显示在系统托盘
2011-11-07 15:48 1386http://www.cnblogs.com/pavkoo/a ... -
vmware关闭报警音
2011-10-28 17:06 1162C:\Documents and Settings\All U ... -
转(手机流量不够的来,把你的电脑变成WIFI)
2011-10-12 13:55 1024转http://blog.renren.com/share/2 ... -
chrome无法访问webstore的办法
2011-10-10 11:34 1636修改hosts 74.125.39.99 chrome.goo ... -
macbook键盘
2011-07-17 14:38 995蛋疼,键盘按键太少,没有提示 http://support.a ... -
审计 啊
2011-07-15 13:28 875http://hi.baidu.com/smallfish_x ... -
★转google全系列hosts列表
2011-07-15 10:03 960转http://www.cooerson.com/?p=270 ... -
win7效果没了
2011-06-27 21:48 944弱智问题: 今天不知道安装什么软件卸载之后win7的效果没了 ... -
哥们的友情链接,顶一个
2011-03-21 12:16 886http://davencool.iteye.com/ -
须要学习的
2011-03-12 10:47 1022去了个国内名企面了一次,知道了个“滑动门” http://bl ... -
重学设计模式
2011-02-28 11:41 1144Singleton:保证一个类仅有一个实例,并提供一个访问它的 ...
相关推荐
[Ubuntu][Linux][教學]_安裝設定#04_在Linode_VPS上架設Ubuntu
Linode linode是(大部分)完整的Go绑定到集合。 它不是特别惯用的。 目标是按照书面形式匹配API,而不是对其进行Go-ify。安装假设您有一个可以运行的Go环境: $ go get github.com/alexsacr/linode用法关于您的期望...
Api-linode_api4-python.zip,linode apilinode_api4的正式python绑定,一个api可以被认为是多个软件设备之间通信的指导手册。例如,api可用于web应用程序之间的数据库通信。通过提取实现并将数据放弃到对象中,api...
linode4j Linode API的Java实现 ##特征 干净,简单的数据访问层和数据对象。 轻松区分必需参数和可选参数。 线程安全的类似Spring的基于模板的数据访问对象。 通过Jackson的超快速序列化。 简化了对所有...
自从 Linux 4.3 开始,在 Linode 上使用 PaX/grsecurity 时,内核会在被 pv-grub 执行后不久立即崩溃。由于崩溃是在启动后极早期立刻发生的,没有任何可以用来调试的日志,同时公司也不是盖子开的,也没有办法得到母...
消极Go库,用于与Linode API进行交互。 。用法导入方式: import github.com/LunaNode/go-linode并用作linode: apiKey := "myKey"client := linode.NewClient(apiKey)linodeID, err := client.CreateLinode(6, 1) /...
在本教程中,我们将深入探讨如何使用kube-linode项目在Linode云平台上部署一个基于CoreOS的Kubernetes集群。Kubernetes(简称K8s)是一个开源的容器编排系统,用于自动化容器化应用的部署、扩展和管理。CoreOS是专为...
《Python库:linode_cli-3.1.1-py2.py3-none-any.whl的详解与应用》 在Python的开发过程中,我们经常会利用各种库来提高开发效率和代码质量。今天我们要深入探讨的是一款名为`linode-cli`的Python库,其对应的安装...
在 Linode 上部署 CoreOS 通过这项工作,您可以轻松地在上部署 。 至于今天(2015 年 1 月)CoreOS 在 Linode 上不可用。 通过这项工作,您可以使用自己的云配置轻松快速地部署 CoreOS。 安装(使用 Docker) 这是...
linode-dns-工具 用于的工具集合。 要求 您必须提供您的 linode API 密钥,您可以通过您的 linode 配置文件生成该密钥。 如果当前目录中有.linode-key文件,则使用它,否则使用主目录中的.linode-key文件。 安装 ...
《Python库:linode_api4-5.1.0-py3-none-any.whl的深度解析》 在Python的世界里,库是开发者的重要工具,它们提供了丰富的功能,简化了编程工作。今天我们要深入探讨的是一个名为`linode_api4`的Python库,版本号...
ansible-linode-nodebalancer Ansible模块来创建/更新/删除Linode Nodebalancers 要使Ansible能够读取此模块,您必须将其放在“库”文件夹中,并通过编辑ansible.cfg-( )来让ansible知道它在哪里。 安装示例 ...
Linode预配器这是一个bash脚本,它创建一个新的并进行一些基本配置。 每次我想要一台新服务器时,我基本上都厌倦了使用Web界面创建Linodes并执行相同的基本设置步骤(创建用户,上载ssh密钥,禁用root登录等)。 ...
docker-machine-driver-linode 适用于docker-machine的Linode驱动程序插件。安装docker-machine是必需的,。 然后,从为您的环境安装最新版本。从源安装如果你宁愿从源代码编译,你需要有一个工作go 1.11+环境, ...
`certbot_dns_linode-0.37.2-py2.py3-none-any.whl` 是一个Python库的轮子文件,它专为自动化证书管理工具Certbot设计,用于与Linode DNS API集成,以便在Linode的DNS服务上自动配置和验证域名以获取Let's Encrypt的...
docker-machine-linode 适用于docker-machine的Linode驱动程序插件。 需要docker-machine版本> v.0.5.0-rc1 安装 首先,需要搬运工机v0.5.0 RC2,对于如何安装文件docker-machine。 或者您可以通过运行以下命令从...
指示在 Linode 的 DNS 管理器中创建 A 记录。 下载脚本: $ git clone https://github.com/andrewchilds/linode-dyn-dns $ cd linode-dyn-dns设置您的 API 密钥,可在找到: $ echo MY_API_KEY > .key获取您的域 ID ...
_ _ _ ___ ______ _____ | | (_) | | / _ \ | ___ \_ ...适用于PHP的v4.01 Linode API [测试版]。 绝对是一项正在进行的工作。 不使用。 该软件包由澳大利亚机器人开发商H&H | Digital开发。 请访问访问我们。 该软
Linode的Terraform Provider 网站: : 说明文件: : 邮件列表:维护者此提供程序插件由Linode维护。要求 0.12.0+ 1.11.0或更高版本(以构建提供程序插件)使用提供者请参阅以开始使用Linode Provider。 该存储库中...
概述一路设置主控然后设置小兵CLUSTER_NAME=testSERVICE_IP_RANGE=10.0.0.0/16CLUSTER_POD_IP_RANGE=10.10.0.0/16POD_IP_RANGES=10.10.x.0/24条款Provisioning Master和2个奴才作为Ubuntu 15.04 设置主机名,私有IP...