Сетевые Средства Linux - Р.В.Смит

TV
AODISON
WESLEY
ii
Linux
Advanced
Linux
Networking
Roderick W. Smith
A
TT
ADDISON-WESLEY
Boston San Francisco New York Toronto Montreal
London Munich Paris Madrid Capetown Sydney
Tokyo Singapore Mexico City
Linux
.
-
2003
32.973.26-018.2.75
50
681.3.07
""
. . .
. .
"" :
info@williamspublishing.com, http://www.williamspublishing.com
, , .
50
Linux. : . . . : "",
2003. 672 . : . . . .
ISBN 5-8459-0426-9 (.)
, Linux. DHCP-, Samba NFS,
, NTP-, X Window. He , Internet-:
DNS, SMTP, HTTP FTP. .
Linuxconf, Webmin SWAT.
,
.
32.973.26-018.2.75
.

, ,
, Addison-Wesley Publishing
Company, Inc.
Authorized translation from the English language edition published by Pearson Education, Inc., Copyright 2002
All rights reserved. No part of this book may be reproduced, stored in retrieval system or transmitted in any
form or by any means, electronic, mechanical, photocopying, recording, or otherwise without either the prior written
permission the Publisher.
Russian language edition published by Williams Publishing House according to the Agreement with R&I Enterprises International, Copyright 2003
ISBN 5-8459-0426-9 (.)

ISBN 0-201-77423-2 (.)
"", 2003
Pearson Education, Inc., 2002

I.
1.
2.
3.
4.
.
5. IP- DHCP
6. Kerberos
7. Samba
8. NFS
9.
10.
11. : POP IMAP
12.
13.
14. X Window VNC
15.
16.
17.
III. Internet
18.
19. : SMTP
20. Web-
21. FTP-
IV.
22.
23. chroot
24.
25. iptables
26.

25
26
51
81
95
125
126
145
174
207
223
240
254
278
300
322
354
372
390
425
426
447
491
534
555
556
581
592
607
630
651

Linux

Linux

,

18
20
20
21
22
22
23
23
I.
25
1.

TCP/IP
IPv6
QoS

HTTP-

Ethernet

,

PC Card

, , ,

,

26
26
29
29
30
32
32
32
33
34
35
37
37
38
39
41
42
42
43
44
45
46
48
50
2. TCP/IP

DHCP
IP-

DNS

-

51
51
52
54
56
60
65
67
68
70
3.

OSI

TCP/IP
AppleTalk
AppleTalk
IPX/SPX
IPX/SPX
IPX/SPX Linux
NetBEUI
NetBEUI
NetBEUI Linux
NetBEUI
81
81
82
83
85
86
86
89
89
90
91
91
92
92
94
4.
SysV

inetd
/etc/inetd.conf
TCP Wrappers
xinetd
/etc/xinetd.conf

71
74
78
80
95
95
96
99
100
103
104
105
107
110
111
113
114

Linuxconf
YaST YaST2
ksysv

II.
116
116
118
120
122
124
125
5. IP- DHCP
DHCP

DHCP
IP-

-
-

NetBIOS
DNS-
126
127
128
129
130
130
133
134
134
138
138
139
140
141
144
6. Kerberos
Kerberos
Kerberos
Kerberos
Kerberos
Kerberos
Kerberos

Kerberos

Kerberos
Kerberos
Kerberos
145
146
147
147
151
151
152
153
154
155
156
159
160
161
161
162
162
163
166
172
7. Samba
Samba
Samba
Samba
Samba

Samba NetBIOS
Samba
Samba
Samba

Windows

Samba

PostScript-
, PostScript
Samba
postexec

Linux -
PDF-
174
175
176
176
176
177
178
180
182
184
185
186
187
189
190
190
192
194
197
197
200
201
205
206
8. NFS
NFS
NFS Linux

NFSv2 NFSv3

NFS

,

,

207
207
208
208
209
210
211
211
214
216
217
218
9.
LPD
219
220
'
222
222
223
223
_10
Linux
BSD LPD
/etc/hosts.lpd
BSD LPD
LPRng
/etc/lpd.perms
LPRng-
CUPS
/etc/cups/cupsd.conf
BSD LPD LPRng
CUPS
225
227
227
228
229
229
232
232
233
236
237
239
10.

NTP

Linux
ntp.conf
NTP
NTP
Samba
Samba
Windows-

240
240
241
241
244
245
246
249
251
252
11. : POP IMAP

POP IMAP

POP
IMAP

POP
POP Linux
POP
IMAP
IMAP Linux
IMAP
Fetchmail
Fetchmail
fetchmailconf
.fetchmailrc
254
255
256
256
258
258
260
262
263
263
264
264
265
265
265
266
268
273
277
252
253
11
12.

NNTP
INN

INN

Leafnode
Leafnode
Leafnode

278
279
280
282
283
284
291
291
292
293
298
299
13.

rlogind
rlogind
rlogind
rlogind
Telnet
, Telnet
Telnet
Telnet
SSH
SSH
SSH
, SSH
sshd_config
SSH-
300
301
301
301
302
304
305
306
307
309
310
311
312
313
314
316
321
14. X Window VNC

,

X Window
X Window
- -
- -
- SSH
-

XDMCP

VNC
VNC
VNC
322
323
324
325
327
330
331
332
334
334
335
340
342
342
344
12
VNC
VNC
VNC

345
346
347
351
353
15.

, Linux
,

354
354
356
356
358
361
361
362
364
366
369
370
16.

Linux
Linuxconf
Linuxconf
Linuxconf Web-
Webmin
Webmin
Webmin
Samba SWAT
SWAT
SWAT

372
372
17.

,
,
tar
tar

,
,
SMB/CIFS
Windows Linux
390
390
392
392
393
394
394
398
399
401
404
404
373
374
375
377
379
380
381
383
384
384
387
389

AMANDA
AMANDA
AMANDA
AMANDA
AMANDA
AMANDA

III. Internet
13
410
413
414
415
416
416
421
422
424
425
18.
DNS
DNS,
DNS

DNS Linux
DNS
BIND

,
DHCP

426
427
427
429
430
432
433
433
434
435
436
437
438
438
440
441
442
443
444
445
446
19. : SMTP
SMTP
, SMTP Linux

SMTP
SMTP

sendmail
sendmail
447
448
449
450
451
454
454
455
455
457
460
460
14
sendmail
sendmail

sendmail
Exim
Exim

Exim
Exim
Exim
Postfix
Postfix

Postfix
Postfix
Postfix
Procmail
Procmail

Procmail
20. Web-
Web-
, Web- Linux
Apache
Apache
Apache

Apache
kHTTPd

, CGI-
CGI-
CGI-
CGI-
Web-
, SSL
SSL
Apache, SSL

Web-
462
462
463
466
467
467
468
469
469
471
474
474
475
476
477
479
480
481
482
486
487
489
490
491
491
494
495
496
497
498
501
503
504
506
506
508
510
511
512
512
513
515
516
516
517
520

, Web-
Web-
Web-

Apache
Analog
Webalizer
21. -
-
, FTP- Linux
FTP-
FTP-
WU-FTPD
ProFTPd
FTP-
FTP-
FTP-
, FTP-
IV.
22.

,
,

Web-,
,
15
520
523
524
525
525
527
530
533
534
534
537
538
538
539
543
548
549
550
551
554
555
556
557
557
562
562
563
564
566
568
568
569
570
571
571
575
576
577
578
578
580
16
23. chroot
chroot
chroot

chroot
chroot
chroot
BIND chroot
chroot
581
581
583
583
584
585
586
586
587
587
590
591
24.

iproute2
ip
tc

routed
.
GateD
Zebra
592
593
594
594
594
595
595
595
596
596
597
597
598
601
601
604
604
605
606
25. iptables
iptables
iptables
iptables
iptables

NAT- iptables
NAT
iptables NAT-

,
iptables
607
607
610
612
612
612
615
615
622
622
625
625
626
626
17
627
629
26.
VPN
, VPN
Linux

-
FreeS/WAN
FreeS/WAN

VPN
630
631
633
634
634
634
636
637
641
642
643
648
648
650
651
Linux
Linux, .
.
, Help Net Security, www.net-security.org
Linux
. .
. , Linux Online
. 700
, Linux.
.
, West, DiverseBooks . com

11 2001 .
,
.
20
. 1970- 1980-. 1990- - . , World Wide Web Web-, Internet

. , -
. , .
, . ,
Internet.
Internet , , .
, Internet, , ,
.
Linux.
86, Linux , . Linux ,
.
Linux , .
? ,
, . , Linux, : HTTP- (
Apache), , Telnet SSH, , NFS Samba, .
.
, , . ,
,
, , , . , , , DHCP-,
Kerberos. . ,
.
, , Apache Samba, .
, ,
. , ,
, .

Linux , Linux.
Linux.
, Linux, , ,
- UNIX, , .
21
Linux, , , (Marcel Gagne) Linux System Administration: A User s Guide
(Addison-Wesley, 2002) (Vicki Stanfield) Linux System
Administration (Sybex, 2001).
, Apache Samba, , ,
, , xntpd xf s,
. , , , ,
, chroot,
, . . -
, ,
.

.
UNIX, Windows, MacOS , , ,
Linux.
, .
. ,
Linux, .
Linux
Linux ,
Linux ;
, . Linux
. , , Linux, ,
, . . , ; ,
. . ,
, , Linux,
sendmail, Exim Postfix. Linux
.
Linux.
,
.
. ,
Caldera OpenLinux 3.1, Debian GNU/Linux 2.2, Mandrake 8.1, Red Hat 7.2,
Slackware 7.0, SuSE 7.3 TurboLinux 7.0. ' ,
. , , , Linux , FTP, . . , . ,
22
,
.

,
. , ,
, Internet,
. ,
. .
I. ; .
, ,
.
II. , , , .
DHCP, Kerberos, Samba NFS, LPD,
, POP IMAP, , , X Window VNC, ,
.
III. ,
Internet. DNS, , SMTP, Web- FTP-.
IV. . , chroot,
, iptables,
NAT VPN.
,
,
.
.
, . , , ,
.
, , , , , , .
, , . # ,
root ( ).
$, ,
. . ,
, \.
, ,
.
,
. ,
23
, , , ,
. .
,
, , .
, ,
.
, ,
. , , , .
,
I . , , ,
,
, , ,
.
f " ", ,
. ' ' ., , /
?! , , , ,*'
" ; .
IP- . ,
(192.168.0.0-192.168.255.255, 172.16.0.0-172.31.255.255 10.0.0.010.255.255.255). , ,
, , Internet.

,
rodsmith@rodsbooks.com. Web-, , http://www.rodsbooks.com/
adv-net/.
(Karen Gettman) , .
(Emily Frey),
. , ,
.
24
(Karel Baloun), (Amy Fong), (Howard Lee
Harkness), (Harold Hauck), X. (Eric H. Herrin II),
(David King), (Rob Kolstad), (Matthew Miller),
(Ian Redfern) (Alexy Zinin).
, , , ,
. (David King)
Linux. , , (Neil Salkind) Studio
(Michael Slaughter) Addison-Wesley,
.
" " .
Linux; . .
, Linux ,
,
.
, , ,
. .
, .
, .
. , TCP/IP , .
Linux,
. .
,
,
. , Linux Kernel HOWTO (http:
//www. linuxdoc. org/HOWTO/Kernel-HOWTO. html) , Linux.

, , . , , . ,
, , -
1.
27
(, ,
).
, , , ( ,
). , Linux, http: //www. kernel. org.
, f t p : //sunsite. unc. edu , Linux. (,
, , ,
, .
, , .)
^^
%^
, .
(, 2.4.17), , . (, 2.5.2) ,
.
. , ,
.
,
. ,
. ,
. (back-port)
.
/ u s r / s r c / l i n u x
/ u s r / s r c ( ,
/usr/src/linux-2 .4 .17).
/usr/src/linux, .
, , ,
/usr/src/linux. ,
,
, .
/usr/src/linux,
. .
make conf ig. .
.
.
.
.
make menuconfig. , .
- . -
28
I.
Loadable module supper

Processor type and fe*
General setup
Memory Technology De
Paralel port support
Plug and Play canfigurai
Block devices
Multi-device support (F
Networking options
Telephony Support
ATAflDBMFM/RU. supp
Networtting options [
Help
* y ' j v f n ! v n , Packet socket

*v | v
Help
Packet socket: mmapped 10
Help
4/_yJ|v n^ljf % Hetlink device emulation

* '-v
j|v " j Network, packet filtering (replaces Ipchatns)

* n |
Network packet teriitgdehugojng
*_^BJ) Socket Hte*ig
Help| J
__ Help J
y]iv-_ra vn.i Unix domain sockets
I-2SJ
v " TCP/IP networking
_2!LJ
J5SJ
^n;| IP: multicasting

lrt
advanc
*" "J _ _
vJ4
|||
Help I
witor
.* ''
IPs as> tteWter xnkw * routing Key
J^J
Help
IP: (,-<<!! notwdrt! aifclrass tj-anslaili
Hdp
'H*.HlclwH)f>aU>
Help
v v '
Mam Menu
xt ,
, &**
. 1.1. Linux ,

, .
.
make xconf ig. make
menuconf ig, , .
.
X Window (X Window X).
.
; . make menuconf ig make xconf ig,
( , make xconf ig,
. 1.1).
Networking Options Network Device Support,
.
. Y, N, . 1.1. Y N
, ( modular compilation
) , ,
. .
1.
29
2.4.x Linux, ,
2.4.17. , ,
, -, .
2.2.x ; . 2.5.x
CML2, .
http: //tuxedo. org/~esr/cm!2/.

Networking Options , .
( TCP/IP).

, .

Linux , , ,
(socket). , .
,
.

; . , . .
Packet Socket.
, . ; ,
.
tcpdump, TCP IP. . . ,
, .
Packet Socket: Mapped IO. Packet Socket , , , .
Unix Domain Sockets. Linux ,
. syslogd , X Window (-
-,
30
I.
). Unix Domain Sockets , . ,
Unix Domain Sockets TCP-. ;
,
.
.
Packet Socket.

,
. IP- ( 25).
, IP- Internet
IP-. , , .
Socket Filtering. , , , . Socket Filtering
, ( ).
. , . DHCP
DHCP. DHCP (Dynamic Host Configuration
Protocol ),
.
Network Packet Filtering. , IP-.
Network Packet Filtering ; Network Packet Filtering Debugging,
. , IP: Netfilter Configuration.
.
Connection Tracking.
, . ,
. Connection Tracking , IP- , IP- . IP-.
Connection Tracking . , FTP,
IP-.
1.
31
IP Tables Support. iptables,

IP- (
25). IP
Tables Support ,
iptables .
, Match
Support. Connection S*ate Match Support, (stateful packet inspection).
25.
Packet Filtering, Full NAT LOG Target Support .
,
IP-.
Full NAT .
ipchains (2.2-Style) Support.
,
ipchains ( 2.2.x). ipchains , IP Tables Support
. ( iptables
ipchains , .) ,
ipchains.
ipfwadm (2.0-Style) Support. 2.0.x ipfwadm.
, ipfwadm,
. , ipfwadm
iptables, ipchains. ipfwadm-
iptables,
.
2.0.x 2.4.x Linux
. 2.4.x ; , ,
. ,
IP: Netfilter Configuration, .
,
.
,
Linux , , . ,
, . ,
.
32
I.
TCP/IP
,
. . , ,
, , . , ,
Internet. 24. , Linux
, IP: Advanced Router.
IPv6
Internet TCP/IP, ,
IP (IPv4). ,
, IPv4 . IP IPv4 32- , . . 232,
4294967296.
. IP. , IPv4
. , . . 2002 .,
, IPv4, ,
.
IPv6, IPv4. IPv6
128- IP-. IP- 2128, 3,4
1038 2,2 1018 .
IPv6 .
, IPv6, .

IPv6, IPv6, IPv6 Protocol (Experimental) Networking
Options. ,
IPv6: Netfiler Configuration.
, IPv6.
IPv6, Yes
Prompt for Development Incomplete Code/Drivers Code Maturity Level Options. To "" . IPv6 , ,
IPv6, .
, IPv6, "" , .
QoS
, Linux

. , , .
, ,
1.
33
. , Linux FIFO (first in/first out " "),

, , ,
, . .
, , , , . , , ,
, Internet-, . QoS
(quality of service ). QoS
and/or Fair Queueing Networking Options.
QoS, QoS and/or
Fair Queueing . . .
, CBQ Packet Scheduler
SFQ Queue. FIFO. QoS Support
Packet Classifier API, Differentiated Services Resource Reservation Protocol. QoS . QoS,
,
.
, QoS , ,
. , , ,
. , ,
. , ,
U32 Classifier,
.
QoS
, ip tc. 24,
, . ip tc
iproute2 + tc Notes (http://snafu.freedom.org/linux2.2Xiproute-notes.
html) Differentiated Services on Linux (http: / / d i f f serv. sourcef orge. net).

Linux . , ,
, . ,

. , NFS
, .
34
I.
2.4.x : HTTP, NFS

SBM/CIFS.
^^
, .
^^. , Linux , , ,
.
HTTP-
World Wide Web HTTP
(Hypertext Transfer Protocol ). , Linux HTTP,
Kernel HTTPd Acceleration. , /proc/sys/net/khttpd,
. HTTP
20.
HTTP ,
Web- (, ) . ,
. , Web-, , , Web-, Apache.
Apache;
" " Web-.
NFS
NFS (Network Filesystem ), Sun, .
NFS ,
. NFS Linux.
NFS 8.
, , ,
NFS. , NFS,
Network File Systems File Systems ( Networking
Options, ). NFS .
NFS File System Support.
NFS (. . , NFS , ).
Provide NFSvS Client Support. NFS
. 3 (NFSv3). , , NFS File System Support,
NFSvS. NFSvS NFS File System Support
.
1.
35
Root File System on NFS. , IP: Kernel Level Autoconfiguration Networking Options. Root
File System on NFS Linux.
.
NFS Server Support. Linux
NFS (. . ), .
NFS.
Provide NFSvS Server Support. NFS,
, .
NFSv3-mraeHTa, NFSv3
NFS.
NFS Linux UNIX.
,
.
SMB/CIFS
NFS , . Macintosh AppleTalk;
IPX/SPX, Novell. Linux, NFS, Samba, 8MB (Server Message Block
). CIFS (Common Internet
Filesystem ).
Samba 7.
Samba , , Linux SMB/CIFS ; .
Linux SMB/CIFS, 8MB File System Support, NFS File System
Support. (Use a Default NLS Default Remote NLS Option)
NLS (National Language Support
). ,
, , .
Linux SMB/CIFS, SMB/CIFS.
smbclient. ; ,
FTP.

TCP/IP, Internet, , Linux
. , -
36
I.
, Networking Options. ,
, TCP/IP Networking. ,
; .
Asynchronous Transfer Mode (ATM). ATM. ATM , ,
2.4.x , , Networking Options.
The IPX Protocol. IPX (Internetwork Packet Exchange ), Novell, , Netware. , Marsjnwe (
http://www.redhat.com/support/
docs/tips/Netware/netware.html). NCP File System Support, Network File Systems File Systems,
Netware, , NFS SMB/CIFS
Windows.
AppleTalk Protocol Support. Apple pleTalk,
Macintosh. AppleTalk Linux , Netatalk (http: //netatalk, sourcef orge. net/).
DECnet Support. DEC (Digital Equipment Corporation)
DECnet. Linux
DECnet, .
DECnet ,
http://linux-decnet.sourceforge.net.
Linux , Acorn Econet.
TCP/IP - . Internet ,
, TCP/IP. ,
, , Apple AppleTalk,
Macintosh AppleTalk,
TCP/IP.
Linux NetBEUI.
Windows SMB/CIFS.
3 .
1. '
37

Network Device Support ,
.
. Ethernet-, Network Device Support
, .
, Linux ,
. PC Card ( ) , Network
Device Support. , , .
,
Network Device Support, Network Device Support.
, .
Ethernet
, . . 2002 ., Ethernet.
, , , Ethernet . ,
, , Ethernet- .
, Ethernet- ,
'. , , : Ethernet (10 or lOOMbit) Ethernet (1000 Mbit).
. , , , 10
100 .
Ethernet- 100 (100- Ethernet), 1000 ( Ethernet).
Ethernet- 10 .
^^
Ethernet- ,
^ . ( 10 Ethernet-), ( 100-
Ethernet-, 10- Ethernet-) - ( Ethernet-). 100
( ). -
5 .
Ethernet (10 or lOOMbit) .
3Com, SMC, Racal-Interlan . ISA (Industry Standard Architecture),
EISA (Extended ISA), VLB (VESA Local Bus) PCI (Peripheral Component In-
38
I.
terconnect). Ethernet-.
- .
Ethernet-, Network Device Support . , ,
PC Card , USB Ethernet
USB Support. USB, , , ,
UHCI Support, OHCI Support, , , USB ADMtek Pegasus-Based Ethernet Device
Support.

, Ethernet ,
. Linux
. , Ethernet, ,
,
. , Network Device
Support.
Token Ring. Token Ring, IBM,
Ethernet, 1990 . Ethernet
. Token Ring
16 , 100 .
Token Ring 150-300 .
Token Ring Token Ring
Devices Network Device Support.
LocalTalk. Macintosh Apple , (LocalTalk), (AppleTalk) . LocalTalk
86; Linux.
AppleTalk Devices. , Linux, Macintosh, LocalTalk.
LocalTalk 2 .
ARCnet. ,
, , . ARCnet
19 10 . , - .
ARCnet ARCnet Devices. ,
, ARCnet (RFC 1051 RFC 1201).
FDDI CDDI. FDDI (Fiber Distributed Data Interface - ) CDDI (Copper Distributed Data Interface ""
1.
39
) 100 . FDDI 10 Ethernet , 2 . , Ethernet - 5 .

2.4.17, FDDI/CDDI,
, FDDI Driver Support.
HIPPI. HIPPI (High Performance Parallel Interface ) 800 1600 .

25 , - 300, - 10 . 2.4.17 HIPPI Essential RoadRunner. , .
Fiber Channel. - ,
133-1062 . - 10 . 2.4.17
Fiber Channel Interphase 5526 Tachyon.
, Token Ring,
, , . , FDDI HIPPI,
,
, ,
. Linux , Linux ,
.
^^
^^
, , Linux, Ethernet. , , ,
. Ethernet . ethO, ethl
. . , ,
Token Ring trO, FDDI fddil.
" " . , , , , , . ,
40
I.
, (, 200 ). ,
200 ,
Ethernet, 200 ,
56 , .
Internet-
, .

Internet. , . ,
, . , ,
.
DSL (Digital Subscribe Line ) . DSL, ADSL
(Asymmetric DSL DSL) SDSL (Single-Line, Symmetric DSL , DSL). DSL-
.
. , -
.

, Ethernet. , , , Ethernet-, , Linux.
, (Point-to-Point
Protocol over Ethernet Ethernet).
Linux,
over Ethernet Network Device Support (
). over Ethernet ,
Support. , Roaring Penguin
( http: //www. roaringpenguin. com/pppoe/).
Ethernet USB.
2.4.17 , Alcatel Linux- Speed Touch USB DSL (http: //www. alcatel.
com/consumer/dsl/supuser.htm). USB-
http: / / w w w . linux-usb. org.
, ADSL-, PCI-.
Linux. , 2.4.17
General Instruments Surfboard 1000
. (one-way) , -
1.
41
.
, .
. Diamond 1MM DSL http://www.rodsbooks.com/network/network-dsl.html,
Ethernet-
2.4.x .
, , , .
, . ,
,
. , , , WAN (Wide-Area Network).
, WAN-.

. Linux ;
Wan Interfaces Network Device Support.
, , , , Wan Interfaces
Support, .

, ,
.
, . , -
, , ,
.
,
Ethernet-. 9 Ethernet, , , , .
802.11 802.11. 802.11 2 1 .
,
. 802.11 11 5,5, 2 1 . Bluetooth,
1 . .
ATM 155 .
, PC Card, . ,
, , .
42
I.
Internet. ISA PCI-,

. PC Card, ISA PCI Linux ;
.
Linux , Wireless LAN (Non-Hamradio).
, , (, 802.lib Bluetooth). , Wireless Extensions Wireless Tools, ,
Linux. http: //www. hpl.
hp. com/personal/Jean_Tourrilhes/Linux/Tools .html. , .
PC Card
PC Card.
( Linux PC Card PCMCIA. PC Card . Linux ,
, PC Card Card Services. PC Card Card Services
, . Card Services , http:
//pcmcia-cs.sourceforge.net.
2.4.17 PC Card PCMCIA
Network Device Support. , , Wireless LAN (Non-Hamradio). , ISA PCI. , , Ethernet PC Card
ethO, , 2.
, 2.4.x, PC Card . , PC Card
Linux. Card Services. 2.4.x, PC
Card ;
, SCSI- .

. ,
(Point-to-Point Protocol ).
, .
2.
1.
43
,
(Point-to-Point Protocol) Support Network Device Support.
, , Support
for Async Serial Ports Deflate Compression. ,

, .
DSL-, over Ethernet. -
.
, , , ,
. , , Ethernet-
.
,
.
,
. Linux SLIP (Serial Line
Internet Protocol Internet ),
, . SLIP , Internet-,
. SLIP Linux
. , ,
dial-on-demand, . . - , SLIP
.
SLIP,
FLIP (Parallel Line Internet Protocol Internet ). , ,
( ).
,
RS-232; ,
, Ethernet .
PLIP, PLIP (Parallel Port) Support
Network Device Support; Parallel Port Support , 86
PC-Style Hardware. PLIP
PLIP Mini-HOWTO (http: //www. linuxdoc. org/HOWTO/mini/PLIP. html).
Turbo Laplink, .

, , .
,
44
I.
. , . .
, | , .
, EIDE, SCSI, , .
,
.
,
(, ). Linux Kernel HOWTO,
http://www.linuxdoc.org/HOWTO/Kernel-HOWTO.html (
).
Linux.
, , ,

,
, ,
Ethernet-. . 1.1 , , .
Packet Socket. Y, N. Y (Yes)
, , ,
, N (No) . "" . ,
, .
, . ,
(, Packet Socket: Mmapped IO, . 1.1),
.
.
, ,
. , ,
. ,
. , , , , ,
. Root File System on NFS,
.
, ,
, ,
: ,
1.
45
. , ,
. Linux
, , .

. ,
, , ,
.
Linux , , ,
, .
,
,
. ( , ,
, .) ,
,
Linux, , , , .
.
. (
TCP/IP; , ; ,
, .) , ,
, ,
NFS, ,
NFS . , , NFS
,
, , , NFS,
.
, , , ,

, . , .
, ; , .
LOADIN (DOS-
Linux) , . LOADIN ,
.

, make xconf ig
, ,
. :
46
4
f
f
t
I.
make dep
make bzImage
make modules
make modules_install
. dep
dependency, make dep , .
, .
, bzlmage /usr/src/linux/arch/i386/
boot. . , make z Image (
bzlmage , LILO,
, z Image). z Image, bzlmage
. 86,
make bzlmage make vmlinux.
. ,
, . , 86, 1386 ,
. , , PowerPC
.
make modules, , . make modules_install , , /lib/modules. , /lib/modules
, , , , .
^^
make dep, make bzlmage ( ) make
%\ modules , ,
, . make modules_install
root.
,
. , , , ,
, . ,
. , .
.
,
, , ,
, . ,
, .
1.
47
. ,
. , , .
. ,
, , , .
, .
.
, ,
. , , .
:
, . , .
, , .
, make dep, . ,
( , . .
, , ,
).
. ,
, make , , .
,
. ,
.
, make clean,
, .
. GNU Compiler (GCC) , , . GCC,
Red Hat 7.0, 2.2.x,
2.4.x. ( Red Hat 7.0
GCC; ,
kgcc.)
. GCC ,
. signal 11, GCC . , ,
. http: //www. bitwizard.
nl/sigll.
48
I.
, , , Linux,
.os .linux.misc. ,
, , .
( , , .)

, .
, / u s r / s r c /
Iinux/arch/i386/boot ( i386 , ).
/boot. , , . ,
bzImage-2 . 4 .17 bzImage-2 . 4 .17-xfs. make
modules_install , ,
/lib/modules/x. . z, x . y . z .
/boot . , .
Linux Loader (LILO); /etc/lilo.conf. 1.1 lilo. conf, .
1.1. lilo. conf
boot=/dev/sda
map=/boot/map
install=/boot/boot.b
prompt
default=linux
timeout=50
image=/boot/vmlinuz
label=linux
root=/dev/sda6
read-only
LILO 86. ,
""S\ .
LILO . .

, .
1. /etc/lilo. conf .
1.
49
2. , , . image=. , image=
other=. 1.1 .
3. image= , . , image=/boot/vmlinuz
image=/boot/bzImage-2 .4 .17. ( Linux
vmlinuz.)
4. label= , = ,
mykernel 2417.
.
.
5. .
6. lilo ,
.
, /etc/lilo . conf
f . . 6 . ,
, .
LILO , . ,
, lilo:.
, /etc/lilo.conf
, .
def ault=. =, ,
. 4, lilo.
Linux LILO.
LILO Grand Unified Boot Loader (GRUB). GRUB . ,
Linux DOS- LOADIN. , , DOS, ,
DOS . Linux :
:> LOADIN BZIMAGE root=/dev/sda6 ro
BZIMAGE , DOS,
a /dev/sda6 , Linux. , ,
( Linux ).
LOADIN , , LILO. , LOADIN Linux, LILO
. DOS, FreeDOS (http: //www. f reedos . org), . LOADIN
Linux. - dosutils.
50
I.
Linux -,
. Linux , .
,
, , . ,
, : Networking Options Network Device Support.
. ,
, .
, LILO.
2

TCP/IP
Linux
, .
, : IP-, DHCP (Dynamic Host Configuration Protocol
) (Point-to-Point Protocol). DHCP IP-,
. IP- .
, , . , . ,
, ,
.

. 1,
: Linux
. .
, . LILO,
append, /etc/lilo. conf. , , ethO (
) 0x240.
append="ether=0,0,0x24 0, ethO"
52
I.
append , . , ;
. , ,
.
.
, /etc/modules .conf (
/etc/conf .modules). , :
alias ethO ne
options ne io=0x240
, ethO,
- 0x240, , . .
, .
,
, . ,
/etc/modules .conf.
. /etc/modules . conf,
Linux . - , insmod.
# insmod ne
. , , , /etc/.d/rc.local
/etc/re.d/boot.local.
, SLIP
PLIP, . ,
, , .
, : , .
. , , USB, .
DHCP
DHCP, Linux , IP-,
DHCP. DHCP DHCP,
, .
53
2. TCP/IP
This dialog allows you

to configure your IP
address.
You can select
dynamic address
assignment, if you
have a DHCP server
running on your local
network. You also
should select this if
you do not have a
static IP address
assigned to you by
your cable or DSL
provider. Network
addresses will then be
obtained
automatically from
the server.
Configuration will be
finished by clicking the
Next button.
Network address setup

Network device jettiO ,,' '
Choose the setup ftiethcd
Subnet mask
Detailed settings
._;
. 2.1. DHCP
, IP-, , , .
, DHCP, . . "\ IP- , 5.
DHCP IP-.
Linux DHCP
, , .
, ,
.
Linuxconf (Red Hat Mandrake), COAS (Caldera), YaST YaST2 (SuSE).
. 2.1 YaST2 Automatic address setup (via
DHCP). IP DHCP.
, DHCP ;
.
DHCP. Linux
DHCP: pump, dhclient, dhcpxd dhcpcd ( DHCP dhcpd). ,
DHCP, DHCP, Linux. ,
- DHCP .
54
I.
DHCP. , DHCP. , -,
. , DHCP, .
, , - DHCP.
.
- . (NIC network interface card), DHCP IP-
. , , -
(, ) .
DHCP, , .
. 2.1 Linux
DHCP, , DHCP, , DHCP.
( if up Debian, , , ,
DHCP. if up , /etc/network/interfaces.) DHCP,
, ,
. ,
, . 2.1,
DHCP.
, DHCP, DHCP,
. , , .
, DHCP. , . , DHCP
, ; dhcpcd,
-h _.
( . 2.1),
, IP-
DHCP.
IP-
DHCP , IP- . (,
DHCP) DHCP. , DHCP .
IP- . -
2.1. DHCP Linux

Linux
DHCP
no
dhclient
DHCP
Debian GNU/
Linux 2.2
Linux Mandrake 8.1
pump
dhcpcd
dhcpcd
dhclient, dhcpxd

DHCP
/etc/sysconf ig/
network- scripts/
ifup-dhcp
/sbin/ifup
( )
/sbin/ifup
Red Hat Linux 7.2
pump
dhcpcd
/sbin/ifup
Slackware Linux 8.0
dhcpcd
SuSE Linux 7.3
dhcpcd
dhclient
TurboLinux 7
dhclient
/etc/re. d/rc.
inetl
/etc/init .d/
dhclient
/sbin/ifup
Caldera OpenLinux
Server 3.1

/etc/sysconf ig/network,
/etc/sysconf ig/network- scripts/
if cf g-ethO, /etc/dhcp/dhclient . conf
/etc/ network/ inter faces
ifcfg-ethO
ifcfg-ethO
/etc/re. conf ig
ifcfg-ethO
56
I.
. , ,
, .
<^ , -, IP-; in
. , IP-
. ( DNS IP-
18.) IP-,
, DHCP (
, 5),
DNS.

, , . , IP- , . if conf ig,
, , , .
ifconfig
i f c o n f i g .
:
i f c o n f i g [ ] []
ifconfig.
.
ifconfig , , . . .
(, ethO trl),
.
, ifconfig .

.
ifconfig , , . ,
, ifconfig,
. .
up . IP-. ,
, ( IP- . 2.2). up ;
2. TCP/IP
57
2.2. IP-
Class A
Class
Class
1.0.0.0-127.255.255.255
128.0.0.0-191.255.255.255
192.0.0.0-223.255.255.255
10.0.0.0-10.255.255.255
172.16.0.0-172.31.255.255
192.168.0.0-192.168.255.255
255.0.0.0
255.255.0.0
255.255.255.0
if conf ig IP-,
.
down. up, . .
("" ).
netmask nm. .
, IP- ;
. , ,
(. 2.2).
up , .
[-]promisc. ,
. (promise) (-promise) ,
(promiscuous mode), , .
. ( , .)
.
mtu . MTU (Maximim Transfer Unit ), . .
. Ethernet MTU 1500,
. ( MTU, ,
MTU.
,
,
.)
add /_. ,
up netmask, IPv6. ( IPv6
Internet.)
1, IPv6 , IPv4.
, . . 2002 .,
.
del / _. add, . .
16-, .
58
I.
media . (, 10Base-2 10Base-T). ,

(, media 10Base-T).
.
hw .
. , ,
DHCP IP-, , .
, . ;
hw .
: (, ether Ethernet ARCnet
ARCnet) . ,
.
txqueulen . , . . , .
100, .
,
, Telnet SSH.
if conf ig
. , Ethernet- 172.23.45.67.
# i f c o n f i g ethO 1 7 2 . 2 3 . 4 5 . 6 7
, .
# ifconfig ethO 172.23.45.67 netmask 255.255.255.0 mtu 1420
, , IP- , .
;
, . , , , . ,
255.255.255.0 24 .
, . ,
, IP- . , 172.23.45.67/24 172.23.45.67 255.255.255.0.
if conf ig
up ; netmask nm .
2. TCP/IP
59
IP-
,-:-",, .,",.,-.. ->.,>; ',';$..'---,-. - >, ,'<<- -.--'', /'':-'.;V '
IP- , * ! . ,

. 192.168.. ( ),
172.16.0.0-172.31.255.255 ( ) 10... ( ). Internet,
; - ,
\"\'
".-.
:;
, , . 2.2,
D . D (
),
;
.
.
. 2.2 . G 1990-
. , , IP-,
, ',
. CIDR
(Classless Inter-Domain Routing ) IP-, .
, , , , 10.34.56.0/24 .34.57.0/24. ; , ' , , .
.
, , , tfconfig
10.34,56.78, -;
255.0.0.0 . ,
10.34.56.0/24 255.255.255.01

, if conf ig
. :
# ifconfig ethO up 192.168.1.1
# ifconfig ethl up 172.23.45.67/24
'
ethO 192.168.1.1,
ethl 172.23.45.67; ethl
255.255.255.0. . , ? , ,
, ,
10.9.8.7. , ,
? ( )
. , ,
.
60
I.

. -, ,
.
, ,
. . ,
, Linux, . 127.0.0.0/8,
IP- 127.0.0.1. ,
.
, .
, . , , ,
.
(Address Resolution Protocol ). , , ,
, , ,
. Linux
, .
route.
Internet
^* ,
. , , ;
, .

, ,
, . , ,
, ,
, . . , .
,
, ,
.
, Internet. .
, ,
. . 2.2 , route -n ( route
). , , , ,
, . 255.255.255.255, . . . -
61
2. TCP/IP
.rodsmlthQspesker rodsmlthl$ route -n

Kernel IP routing table
Destination
Gateway
Genask
2 5 5 . 2 5 5 . 2 5 5 . 2 5 5 0.0.0.0
255.255.255.255
10.92 .68 . 0
0 0 0 0
255.2SS.255.0
1S2.168.1.0
0.0.0.0
255.255.255.0
127.0.0.0
0.000
255.0,0.0
0.0.0.0
1092.68.1
0.0.0.0
(rods1thQspeaker rodsmlth]$ I
Flags Metric Ref

UH
U
U
U
IJC
Use
0
0
0
0
0
[face
EthO
ethl
ethO
10
ethl
. 2.2. ,
,
Destination, , Genmask
ethO, .
10.92.68.0 192.168.1.0,
;
255.255.255.0, Genmask.
ethl ethO.
, .
(
Linux, Debian,
, ). ,
1 ( If ). , 0.0.0.0, .
0.0.0.0 ,
, ,
. ethl. , (
10.92.68.1).
if conf ig , .
, . , Linux,
. , , , . ,
, .
route
route ,
. (, -, ,
IP-).
route , . route :
route add | del [-net | -host] target [netmask nm] [gateway gw]
[metric m] [mss m] [window W ] [[dev] interface]
.
62
I.
add I del. add , , del .

. .
[-net I -host].
(-net), (-host).
route ,
. , ,
.
__. , . 0.0.0.0 default.
.
[netmask nm]. , , , route,
Linux, .
, route netmask nm. (
, , .)
[gateway gw]. , ,
. ,
, route gateway gw.
, .
[metric ]. . 2.2 Metric. , . . "" .
"" . , ,
,
, "" . metric ,
. 24.
[mss ]. mss (MSS Maximum Segment Size). metric ,
.
[window ff]. (TCP Window Size) ,
, . ,
, ,
2. TCP/IP
63
. , , .
( Linux
64 ). , (, ),
128 .
[ [dev] _$]. , Linux IP- . , route [dev] _. ( dev ,
, ethO trl.)
route . , i f c o n f i g
. route
.
# route add O . O . O . O gw 1 0 . 9 2 . 6 8 . 1
0.0.0.0 default;
. route
, -net .

, i f c o n f i g

. .
, ,
.
i f c o n f i g .
route
.
Linux,
. , IP-.
, :
# echo "1" > /proc/sys/net/ipv4/ip_forward
(. . ), ,
IP-.
64
I.
. , , .
, , ,
, ,
. ,
. ,
, .
IP-, Internet , ,
,
NAT (Network Address Translation ).
25. NAT
, ,
, .
.

, . , .
,
Internet. . , . 2.3.
, , , . ,
, ;
,
. Office 2 ,
, , Office 1. Office 1 .
Internet, , ,
172.20.0.0/16, Office 2.
, :
# route add -net 172.20.0.0 netmask 255.255.0.0 gw 172.21.1.1
, . 2.3, ,
Office 1 Office 2

fj
CJ
f+
.
, , .
.
2. TCP/IP
Office 1
10.98.17.0/24
65
Office 2
172.20.0.0/16
. 2.3. , , ,
, Office 2 Office 1 172.21.1.1. ,

Office 2 ( Office 2 Office 2 , Office 1
).
Office 1 route ,
:
, , Office 2.
, Office 1
,
, .
.
, Office 1 , Internet.
Office 1 : , . . ,
Internet, ,
Office 2. ( Office 1 -,
, , , .
,
.) , .
DNS
, , .
IP-. ,
. (,
www. awl. com) IP-, ,
66
I.
(DNS Domain Name System). , DNS

.
DNS ,
. ,
DNS.
Internet .
, . ,
/etc/resolv. conf.
, name serve , IP-
DNS. ( domain) ,
. , ,
(, mail. threeroomco. com mail). /etc/resolv. conf, ,
2.1.
2.1. /etc/resolv.conf
domain threeroomco.com
search tworoomco.com fourroomco.com
nameserver 10.98.17.34
nameserver 172.20.13.109
search f , . , , 2.1 (tworoomco.com

f ourroomco. com), www. ,
, /etc/resolv.
conf, www, , , ,
. , , . ,
, ,
domain search. , , /etc/resolv. conf,
www. awl. com, www.awl.com.threeroomco.com, www.awl.com.tworoomco.
com w w w . a w l . c o m . f o u r r o o m c o . c o m
www. awl. com. , com .
/etc/resolv. conf , . . Linux
.
, Linux
DNS, . -
2. TCP/IP
67
, 18. 18
. ,
, , Internet.

TCP/IP , . , Linux hostnane,
. ,
. (, hostnane larch,
threeroomco. com), .
-f -file hostnane ,
hostnane -f /etc/HOSTNAME. , . /etc/hostnane,
/etc/HOSTNAME ,
(. . 2.1).
, .
, Usenet, , . /etc/hosts.
, DNS. /etc/hosts
, IP-, . IP- ,
, ,
larch.threeroomco.com.
. , larch.
DNS , /etc/hosts. DNS
DNS , /etc/hosts
. , , ,
127.0.0.1 localhost. localdovaib localhost.
/etc/hosts .
1 0 . 9 2 . 6 8 . 1 larch.threeroomco.com larch
1 2 7 . 0 . 0 . 1 localhost.localdomain localhost
( sendmail), , DNS
/etc/hosts.
,
hostnane /etc/hosts
68
I.
. ( DNS
.)
, /etc/hosts; DNS . /etc/hosts

.
DNS.

.
/etc/hosts DNS /etc/resolv. conf.
, , , , .
. , if conf ig, route hostnane, ,
. ,
.
.

(
; Debian Slackware, ,
).
Red Hat Mandrake. Linuxconf
, .
, LinuxPPC.
, , , .
linuxconf, . ( ), , Web-,
.
SuSE. SuSE YaST (Yet Another Setup Tool)
YaST2. YaST . YaST2
, YaST, . YaST2 . 2.1.
yast yast2.
Caldera. Caldera COAS (Caldera Open Administration System) .
xterm coastool.
2. TCP/IP
69
TurboLinux. TurboLinux
TurboLinux Configuration Crnter.
turbocfgcenter.
. Webmib (http: //www. webmib.
com/webmib/) , Web.
Linux, ,
Linux, UNIX. Linux
, Webmib ,
.
-,
.
, , . ,
, . 2.1, Static Address
Setup, IP-, Hostname and Nameserver
Routing .
. . , ,
. ,
. .

. 2.1 , DHCP .
IP-.
, ifconfig, route, hostnane .
,
, ,
DHCP IP-. ,
, ,
,
.
,
.
/etc/re.d/rc. local, SuSE
, /etc/re. d/boot. local. Debian ,
/etc/re. boot. , ifconfig route.
, , , .
, .
70
I.
-
,
Linux ,
(, Ethernet). ( II III).
,
IV. .
. ,
, , Internet; . ,
Internet ,
IP-. NAT,
25. , NAT
, -. -
.
. Ethernet
DSL , . Linux,
' .

Roaring Penguin (http://www.roaringpenguin.com/pppoe/).
RPM.
i
Roaring Penguin [,,
asdl-setup tkpppoe (asdl-fsetup - , tkpppoe Roaring Penguin, |\, ).

asdl-start. asdl-start -.
, ,
, ,
i j
, Roaring Penguin ,
. Linux DSL
Ethernet; ,
Ethernet-. DSL
USB .
.
.
/,!
,,- ,
2. TCP/IP
71

; . ,
. -
. , - Linux,
, , Windows. , - ,
Linux.

.
, Desktop Environment (KDE). ,
. KDE GNOME ( GNU Network
Object Model Environment, GNOME), ,
, X-ISP (http: / / x i s p . hellug. gr).
^^
HA^fcv, . ,
.
/dev/ttySO, /dev/ttySl - .
devf s (http:
//www.atnf.csiro.au/~rgooch/linux/docs/devfs.html), /dev/tts/0, /dev/tts/1 . . ,
minicom Seyon ( Linux). AT, ,
Linux.
, xterm kppp.
, . 2.4. , Connect to
, Ligin ID . , ,
.
1. Setup. Configuration
(. 2.5) , .
2. New. , . , , ,
. -
72
I.
Connect to:
Login ID:
{penguin
Password:
" snow log window
. 2.4.
, ,

. 2.5. Configuration , -, , ,
,
, New
Account, . 2.6.
3. Connection Name .
4. Add. ,
. ,
, Phone Number.
, .
, .
73
2. TCP/IP
Dial Setup Connection Name: j A Small ISP

Phone Number;
Authentication;
.,,^,
!x store password
, Customize pppd arguments..-
OK
ncelj
. 2.6. New Account

5. PAP (Password
Authentication Protocol ), , New Account .
, , CHAP (Challenge Handshake Authentication Protocol
).
6. DNS,
DNS New Account DNS
IP Address, Add.
7. New Account. ,
Configuration (. . 2.5).
8. Device Configuration. Modem Device ,
. /dev/modem,
/dev/ttySO, /dev/ttySl .
Connection Speed. 57600, 115200
. ( .)
.
. ,

, .
74
I.
9. Configuration.
(. . 2.4).
Configuration, New Account, . , , .

^
,
. ,
, , . HOWTO (http: //www. linuxdoc. org/
HOWTO/PPP-HOWTO/) -, - .
-
. Connect
( ).
, , "" ,
. ,
Show Log Window .
, , ,
Connect ( Login ID) .
Connect. ,
( Store
Password New Account).
Connect .
. ( ,
.) , , ,
.
, .
, . | , .
, -, . , ,
-, (,
).
, -
.

,
-, . , , --
2. TCP/IP
75
,
. . ,
.
.

, , , PAR , ,
, /etc/ppp/pap-secrets. (
CHAP /etc/ppp/chap-secrets. chap-secrets , pap-secrets.)
/etc/ppp/pap-secrets ; :
_ IP-

. .
1_ . , . ,
Linux;
.
. ,
-. , ,
*, , .
. , ,
.
IP-. IP-, . , - IP-, (. .
).
pap-secrets . ,
| , ,
- . . ,
.
pap-secrets root, .
pap-secrets.
, pap-secrets
76
I.
. pap-secrets
.
penguin * wSterfowl

, CHAP, ,
.
, , /usr/share/doc/ppp-sepcim/scripts;
, ,
2.4.0. .
-on. , ,
Linux-
(pppd).
ppp-on-dialer. -on ppp-on-dialer pppd,
ppp-on-dialer .
ppp-of f. -.
, -on, ppp-on-dialer.
, , , ,
, /usr/local/bin. -on
.
TELEPHONE
. TELEPHONE=
123-4567.
ACCOUNT PASSWORD. , ;
.
IP- IP , LOCAL_IP
REMOTE_IP. , ,
NETMASK.
.
DIALER_SCRIPT , ppp-on-dialer. (, DIALER_SCRIPT
, , , .) /etc/ppp/
ppp-on-dialer, , ,
ppp-on-dialer .
2. TCP/IP
77
pppd.
. , , , . , , ( /dev/ttySO),
( 38400, 115200, , ).
-on,
ppp-on-dialer. pppd , , , , ( ,
CHAP). chap, . , , .
, ,
, chat .
. , ABORT chat .
(\), ,
. ( chat
; "-"
.) .
ppp-on-dialer.
, ,
. ( ACCOUNT
PASSWORD; -on.)
#, ,
. , .
, pppd
CHAP, chat .
CHAP , , ,
, . , , , .

.
-
. ,
-on, . ( -on , PATH,
.) ,
; .
78
I.
, Internet
- Internet-.
, , (
/var/log/messages). pppd, ,
. -
-, chat .
, ,
, http: //groups . goggle. com.
, Usenet
Linux. , -. , , , , , .
, HOWTO.
,
- root. . , , .
. ,
, , SUID, root.
, . ,
,
. , , , , .
IP- DNS, -. /etc/resolv. conf ( ).

. -
, ,
. ,
, , Internet,
. (dial-on-demand). Linux
diald. ,
, -. ,
, . , ,
2. TCP/IP
79
, , ,
Internet; -, .
, , diald
-, . ,
, , ,
.
. , , Web-
. , - ,
Web- , . , -, ,
, -.
diald , Linux SLIP ( 1).
SLIP diald. , -.
, diald Linux,
. http://diald.sourceforge.net, ,
diald RPM Debian, http: //www. rpmf ind. net http: / / w w w . debian. org/distrib.
packages.
diald , .
/etc/diald.conf. , , -on, , ,
(device), (speed).
local remote IP-
diald. ,
, . IP-,
, , 192.168...
/etc/ppp/diald-dialer.
ppp-on-dialer.
, ppp-on-dialer.
/usr/lib/diald/standard. filter. . , diald .
, , - ,
/usr/lib/diald/standard.filter.
80
I.
CHAP, , /etc/ppp/pap- secrets

/etc/ppp/chap-secrets. ,
-, . /etc/resolv. conf DNS,
. diald,
/usr/sbin/diald. root. diald
, , -. Internet ,
, - Internet.
.
, diald
, SysV
(/etc/re. d/rc. local /etc/re. d/boot. local). diald ,
NAT-.
,
. Ethernet. Linux
Ethernet. IP- , DHCP. Linux
.
, Ethernet. -.
. - pppd, Linux .
pppd ,
diald. ,
Ethernet .
,
. ,
, .
. 1, , ,
. TCP/IP.
TCP/IP Internet, ,
,
Linux. 2 TCP/IP.
, , Linux.

TCP/IP. : AppleTalk, IPX
NetBEUI. , Macintosh PC Windows. .

, ,
, , ,
. .
.
82
I.
OSI
OSI (Open System Interconnection ).
, . , , ,
OSI, . ,
. . OSI , , , , . .
. ( ,
. ,
.)
. ,
. , , ,
, , , . . 3.1
.
^
OSI ,
,
. TCP/IP, AppleTalk NetBEUI
OSI. TCP/IP
, .
OSI ;
, . ( .
, .) ,
, . , ,
. , , Web- Web-. ,
. (
, , SSL,
.)
,
.
.
, ,
. , ,
,
83
3.
. 3.1.

.
,

,
. , ,
, , .
, ,
. , TCP/IP, Linux, Windows,
MacOS BeOS, , , .

, ,
, .
. -
84
I.
]1*-< TCP- RP-

Ethernet
Ethernet
. 3.2. .
,

, ( ,
, ). , , , ,
. ,
.
FTP (File Transfer Protocol ) Ethernet.
TCP/IP.
, Ethernet.
. , ,
( , ).
, , .
. 3.2. .
,
, , Ethernet IP- Ethernet-. . IP, TCP FTP,
. 3.2, .
,
. ,
.
, . 3.2. ,
Web-, FTP, . 3.2,
HTTP. , Ethernet,
Ethernet ,
. ,
, . . .
3.
85
Internet,
, , .
,
, , IP- , ,
, , ,
, . . ,
, .
.
TCP/IP
TCP/IP . ,
.
, .
TCP/IP .
, . . TCP/IP
. Internet;
, . TCP/IP ( IPv4 32 , IPv6
128- ; IP- 2),
, .
, TCP/IP
Internet.
TCP/IP UNIX; Linux ""
. Linux, UNIX
. , ,
UNIX Linux, TCP/IP,
.
TCP/IP HTTP, FTP, SMTP (Simple Network Mail Protocol ), NFS (Network File System
), Telnet, SSH (Secure Shell ), NNTP (Network
News Transfer Protocol ), X Window
. , ,
,
. , , Windows
NetBEUI (NetBIOS Extended User Interface
NetBIOS), 8MB (Server Message Block
) / CIFS (Common Internet Filesystem ) NetBIOS (Network Basic Input/Output System -). Windows 95 Windows
. , Apple,
, AppleTalk, .
,
, . , , -
86
I.
, TCP/IP. ,
Macintosh AppleTalk, DOS Windows
IPX NetBEUI.
Linux.
AppleTalk
AppleTalk
LocalTalk. Macintosh,
1980-. ( , AppleTalk;
.) Ethernet Apple AppleTalk
Ethernet;
EtherTalk. Linux AppleTalk
LocalTalk, Ethernet.
, Linux, Macintosh,
LocalTalk,
AppleTalk Ethernet. Macintosh
Linux AppleTalk ,
Ethernet-.
AppleTalk
TCP/IP, AppleTalk 32- . IP-, AppleTalk : .
IP, : 16 32 , 16 .
AppleTalk , .
. ( ,
, .)
AppleTalk- , , .
, , , .
. , .
Netatalk ( , AppleTalk Linux) AppleTalk- TCP/IP. , ,
larch. threeroomco. com, Nettalk
larch. . (
, ,
TCP/IP.)
AppleTalk-, , ,
, .
3.
87
AppleTalk
. AppleTalk, MacOS,
Windows NT 2000, Linux, BeOS .
AppleTalk , ,
MacOS. ,
, .
, Macintosh MacOS X, NFS. Netatalk (http://nettalk.sourceforge.net),
AppleTalk Linux,
.
AppleTalk
. ,
TCP/IP Netatalk (
, ,
, Netatalk). , . TCP/IP
IV.
AppleTalk Linux
Netatalk, Linux,
AppleTalk.
.
AppleTalk. afpd
Linux . Macintosh. AppleTalk, TCP/IP, , Linux
Macintosh,
. ( , LocalTalk Ethernet.)
afpd. conf, /etc/atalk. AppleVolumes . default, AppleVolumes . system
Macintosh,
MacOS.
AppleTalk. papd Linux
Macintosh. Ghostscript (
Linux) papd
PostScript- , . ,
, AppleTalk TCP/IP.
AppleTalk. Linux , AppleTalk,
88
I.
. , Linux
, Macintosh, , .
Linux .
. , 9, Linux
.
; , , -. , , pap -p Laser2 saraple.ps ,
sample .ps Laser2.

atalkd, AppleTalk ( ,
AppleTalk- ).
atalkd. conf,
/etc/atalk.
Netatalk ,
, Linux AppleTalk.
1.03b-alpha afpfs,
. , Linux , Macintosh, NFS
SMB/CIFS, MacOS NFS- DAVE
(http: / /www. thursby. com).
, AppleTalk ,
,
. ,
AppleVolumes .default. ,

(, ~), /mnt.
/rant "Mount Points" options=noadouble
. ,
Macintosh /mnt, options, .
noadouble, , AppleDouble ,
, . (AppleDouble
, . AppleDouble ,
MacOS.)
Netatalk , ,
, .
Netatalk , SysV
. ( 4.)
atalkd, af pd papd. Netatalk
, atalkd ; -
3.
89
.
, &.
IPX/SPX
IPX (Internetwork Packet Exchange )
Novell . , Xerox.
IPX SPX (Sequences Packet Exchange
). IPX SPX , AppleTalk NetBEUI. IPX/SPX NetWare, , DOS,
Windows ,
IPX/SPX. IPX/SPX
NCP (NetWare Core Protocol NetWare),
. IPX/SPX Linux;
( 1),
.
IPX/SPX
TCP/IP AppleTalk, IPX/SPX 32- ,
, 2391002. , ,
, . ,
; IPX/SPX .
,
IPX/SPX, , IPX/SPX Ethernet, , , 48-
.
,
IPX/SPX .
IPX-, TCP/IP. (
IP IPX.
, IPX/SPX .
IPX/SPX SAP (Service Advertisement Protocol ).
, . , IPX- .
,
,
SAP-.
90
I.
IPX/SPX Linux
Linux-, IPX/SPX . (Caldera NetWare, Linux , . ftp://ftp.calderasystems.com/pub/old-products/netware/,
2.035.) IPX/SPX Linux .
NCPFS . Linux NCP. Network
File Systems File Systems.
Linux NetWare.
ncpmount, ncpf s.
LinWare. NCP. 0.95 beta,
1.3.x, , 1996 . . Iwared f t p : //sunsite.unc.edu/pub/Linux/
system/network/daemons/.
Mars_nwe. , NetWare- Linux,
http: //www.compu-art .de/mars_nwe/. . Mars_nwe HOWTO, ,
http://www.redhat.com/support/docs/tips/
Netware/netware.html. Mars_nwe ,
.
/etc/nwserv.conf /etc/nwserv/nwserv.conf. Mars_nwe
,
nwserv.
, IPX ( 1).
ipxutils,
, IPX/SPX .
( ncpf s.)
, Linux NetWare,
Mars_nwe. , , , . ; ,
. .
1 .
Linux . ,
, .
3.
91
7 , .
bindery- NetWare, , .
13 , .
, Linux. ,
. bindery-, Mars_nwe ,
. , , 15 . ,
.
Mars_nwe , IPX- . NetWare. ncpmount , ipx_conf igure. NetWare.
, , :
# ipx_configure auto_interface=on auto_primary=on
# ncpmount -S NW_SERV -U anne -P p4rtu3a /mnt/nwmount
, NW_SERV, ,
/mnt/nwmount, p4rtu3a.
NetBEUI
NetBEUI AppleTalk IPX, NetBEUI
IBM Microsoft DOS,
Windows OS/2. Linux ( 2.4.x) NetBEUI
. NetBEUI
NetBIOS TCP/IP, Linux ( NetBIOS
NBT). , NetBEUI
,
.
NetBEUI
AppleTalk IPX, NetBEUI . NetBEUI
256 . NetBEUI , TCP/IP,
, TCP/IP, AppleTalk IPX, . NetBEUI
. NetBEUI
: . , ,
. , NetBEUI, , .
92
I.
NetBEUI ,
, , Ethernet. AppleTalk IPX,
NetBEUI TCP/IP .
NetBEUI SMB/CIFS, .
NFS/lpd Linux UNIX NCR SMB/CIFS TCP/IP;
, ,
Windows. NetBEUI , .
, ,
, NetBEUI.
NetBEUI Linux
Linux NetBEUI-,
. 2000 . Procom Technologies (http: / /www. procom. com) NetBEUI
Linux, Samba ( 7),
Samba NetBEUI. ; Web- Procom.
, . , 2.0.x,
NetBEUI ( , 2.2.18). NetBEUI Samba, 2.0.7, ,
Samba 3.0. NetBEUI
Linux, Samba. , ,
NetBEUI Linux, , ,
, TCP/IP.
NetBEUI Linux 2.0.x Samba 2.0.6
.
Linux Samba NetBEUI
, NetBEUI.
; NetBEUI Samba. netb;
NetBIOS.
NetBEUI
, NetBEUI, README, .
. , Makefile,
, Linux Samba,
, .
Linux Samba, . Makefile,
-
3.
93
. ,
. .
,
Linux, Samba. , http: / /
www. kernel. org http: //www. samba. org, ,
, ftp://sunsite.unc.edu.
. ,
NetBEUI .
NetBEUI

.
netb. start, NetBEUI. NetBEUI,
netb stop. NetBEUI Linux
netb.
nbview.
NetBEUI. /proc/sys/netbeui, , , .
nbstatus. nbstatus
. , nbstatus SERVER SERVER.
nbadmin. NetBEUI
, NetBEUI
NetBEUI-. bind, unbind
drop. , nbadmin bind
ethO nbadmin drop 102. ( nbview.)
netb start,
Samba. NetBEUI nmbd (
NetBIOS), smbd ( 8MB) smbclient ( Samba, ). -Z <NETBEUI | 1>
, TCP/IP NetBEUI. , , smbd NetBEUI, smbd -Z NETBEUI.
, -S smbd NetBEUI- .
, , Linux,
NetBEUI SMB/CIFS NAME.
Samba, NetBEUI, Procom,
(, Samba) :
# netb start
# nmbd -Z NETBEUI
# smbd -Z NETBEUI -S
94
I.

Samba. Samba , 7. NetBEUI, . -, NetBEUI-, TCP/IP, -,
, NetBEUI
Internet.
, NetBIOS . ' Linux Samba
.
, - . , . TCP/IP.
Internet,
Linux. , TCP/IP, .
AppleTalk, IPX NetBEUI. ; ,
, . , ,
. Linux
. NetBEUI Linux Samba, .
( II III)
. , - , , .
, ; ,
.
, ,
.
, Linux, ; .
:
System V (SysV), , inetd xinetd,
. ,
.
. ,
, .
SysV
, System V UNIX, AT&T, UNIX Linux.
, .
SysV, , start stop. ,
. , , restart, . restart
, .
96
I.
SysV .
,
,
, , . , . , , .
, , , .
SysV (runlevel).
, , . ( SysV
, , , ,
.) ,
SysV
.
, .

SysV , .
, , , , . . 4.1 , SysV. ,
. 4.1 , , ,
( ).
? ,
( 0 6).
0 6,
.
, ,
,
.
.
SysV
. , ,
.
.
Red Hat, Mandrake, TurboLinux; Caldera.
/ e t c / r e . d / i n i t . d ,
/etc/re. d/rc? . d. , Slackware,
4.1. Linux

/etc/ re . d/rc . boot

SysV
/etc/ re . d/init . d

SysV
/etc/re. d/rc?. d
/etc/ re . d/rc . local
Caldera
OpenLinux
Server 3.1
Debian GNU/
Linux 2.2
Linux
Mandrake 8.1
Red Hat
Linux 7.2
Slackware
Linux 8.0
SuSE
Linux 7.1
TurboLinux 7.0
/etc/init . d/rcS
/etc/init. d
/etc/re?. d
/etc/re . d/rc . sysinit
/etc/ re. d/ re?. d

/etc/ re. boot
/etc/re . d/rc . local
/etc/re . d/rc . sysinit
/etc/re. d/init. d
/etc/ re . d/rc? . d
/etc/ re . d/rc . local
/etc/re. d/rc. S
/etc/re. d
He
/etc/init . d/boot
/etc/re. d
/etc/re. d/rc?. d

/etc/ re . d
/etc/ re . d/boot . local
/etc/ re . d/rc . sysinit
/etc/re. d/rc?. d
/etc/re . d/rc . local
98
I.
-.
, , Slackware
. , , /etc/re. d/rc. 4
4.
Linux ( Slackware)
SysV.
##, "S" "", ## ,
, . , network nf s - SlOnetwork
K20nfs. ,
. , ##, , . ("S" "") ,
("S" start) ("" kill)
. , SlOnetwork ,
network (
, ), K20nfs
, , nf s (
NFS) . , "S" "",
. , ,
SlOnetwork, , SSH
( S55sshd). ,
"".
, , . , Mandrake , ,
SlOnetwork, Debian S35networking.
, .
, , , . ,
,
.
. , , , ,
.
, SuSE. SysV /etc/re. conf ig. ,
SysV. ( ,
, START_HM8_CEPBJEPA="yes"),
,
"S". Caldera , /etc/sysconf ig/daemons.
. ONBOOT
, ,
Caldera .
4.
99

SysV, , .
, SysV.
,
, . ,
, ,
.
, . , ,
, , "S"
"". , . , , ,
.
, ,
.
, . , Mandrake,
Postfix.
$ find /etc/re.d -name "*postfix"
/etc/re.d/rcO.d/K30postfix
/etc/re.d/rcl.d/K30postfix
/etc/re.d/rc2.d/S80postfix
/etc/re.d/rc5.d/S8Opostfix
/etc/re.d/.d/K30postfix
/etc/re.d/init.d/postfix
, Postfix 2-5 80. ,
, 1 6,
30. Postfix 3, SSOpostf ix , ,
KSOpostf ix.
, ,
, start
stop. , , Postfix
Mandrake, :
# /etc/re.d/init.d/postfix stop
Linux . ,
, .
SysV . (
.)
100
I.
Slackware, , , . , ,
4, / e t c / r e . d / r c . 4.
, ; /etc/'re. d/rc. inet2 ( ,
, /etc/re .d/rc. inetl).
, , , .
( .)

, . ,
. , , ,
, , SSOpostf ix sBOpostf ix
(. . "S" "s" ). . ,
; Red Hat , , Mandrake.
,
SysV, , ,
.
,
- .
, .
chkconfig
chkconfig, SysV, . , , .
chkconfig :
chkconfig <list]add|del> []
chkconfig [level ] [on|off|reset]
,
( -list),
SysV ( -add -del).
( ) ( SysV).
.
, Postfix. , Postfix postfix,
:
4.
# chkconfig list postfix

postfix
0:off
l:off
2:on
101
3:on
4:on
5:on
6:off
Postfix . ,
find. chkconfig on, ,
"S", off ,
"".
chkconfig -list, ,
chkconfig .
xinetd, , , , .
-add ( ), ^del . ,
. , chkconfig -del postfix SysV
, Postfix. Linux
SysV,
. ,
.
, -add.
chkconfig on, off reset.
, .
-level, . , Postfix 3.
:
# chkconfig level 3 postfix o f f
. , chkconfig -list
. , off on. ,
, . , ,
3-5, 345 -level.
,
reset.
# chkconfig postfix reset
Postfix
. ,
-level .
chkconfig
SysV, xinetd. , chkconfig ,
FTP , .
FTP ,
102
I.
SysV.
-level , -list . , , , xinetd. -add -del
on o f f . /etc/xinetd.d
, . xinetd .
SysV chkconf ig . , sshd,
. ,
, , SysV stop
.
ntsysv
ntsysv
. , , -level ;
-level ,
. , ntsysv . ntsysv . 4.1.
ntsysv ,
SysV. ntsysv , xinetd. ,
.
* ,
; ,
. <>
( 1390 .Red Hat ,;Sof Urer<$

What eorvices should bo auton*at.icHij wtrt.e<J?
<Pi> for mor<a InforwatJtori on a e&rvice
. 4.1. ntsysv
SysV
4.
103
<Enter>; ,
.
ntsysv , , ;
.
, . ,
,
, .

, , . ,
SysV .
.
SysV; .
"S", Linux
start, "", stop.
Linux , ?
/etc/inittab,
init , . init . /etc/inittab
.
id:5:initdefault:
id, , , ,
( 5), .
,
. , 1 6 . 0
, 1 , 6
. 2-5 ; . Caldera, Red Hat
Mandrake SuSE7.3 TurboLinux
( X Window ), 5 ( X Window ). SuSE 3
5
2 3, Slackware 3 4. Debian
2-5 , SysV,
,
( , /etc/inittab). /etc/inittab
,
. , ,
, , .
104
I.
0 6.
| ,
. ,
.
, telinit ( init).
telinit :
telinit [-t __] []
. Linux SIGTERM SIGKILL. SIGTERM
"" ; . SIGKILL , , ,
. telinit SIGTERM. ,
telinit SIGKILL. -t .
, , .
, telinit, .
. , ,
, . ,
. .
, . /etc/inittab a, b . .
telinit,
/etc/inittab; .
Q q. , telinit
/etc/inittab
.
S, s. .
U, . init;
/etc/inittab .
? , , . X Window. /etc/inittab
; SysV.
, X Window.
inetd
- (,
1
4.
105
65535). , ,
. , , SMTP (Simple
Mail Transfer Protocol ),
TCP- 25, a HTTP (Hypertext Transfer Protocol
), , 80.
inetd ,
Linux. .
, , . , ,
.
. -,
;
, . -, ,
, ;
. , ( , - ).
, . , .
, ,
.
/etc/inetd.conf
inetd /etc/inetd.conf.
(, #),
, inetd.conf ,
. ,
/etc/inetd. conf, .
telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd
,
.
. , . , /etc/
services. , , ,
telnet 23'/tcp, . . ,
telnet, 23. inetd ,
/etc/services. , , inetd, , .
/etc/services.
. , . stream, dgram, raw, rdm seqpacket.
106
I.
. .
, TCP UDP. /etc/protocols,
top udp.
wait/nowait. : wait
nowait. wait ( dgram).
nowait. ,
, inetd . (multi-threaded);
nowait. , ,
, - , (single-threaded);
wait. ,
wait , wait. 60.
, inetd
. , 40.
. inetd
. . ,
. ,
, Apache , nobody
Apache, .
root, , Telnet-.
, ,
. , nobody. nogroup
, nobody
nogroup.
-. -, inetd, . /usr/sbin/tcpd. tcpd , ,
TCP Wrappers ( TCP Wrappers ).
, inetd,
TCP Wrappers, . . , inetd,
tcpd. TCP Wrappers ,
.
, . .
, , -. ,
. TCP Wrappers, ;
in. telnetd. (
, .)
4.
107
/etc/inetd. conf . , . (
, . inetd .) ,
,
inetd. conf. .
, , , ,
, ,
.
, inetd,
/etc/inetd. conf, . . , (,
, ). inetd. conf
, ,
, FTP- (ProFTPd WU-FTPD). , , , , ,
.
Linux,
/etc/inetd.conf ( xinetd,
) , . , .
, , inetd.conf,
;
.
,
, Internet.
,
SysV, ,
Linux.
TCP Wrappers
, TCP Wrappers
inetd . TCP Wrappers ; ,
. , , Telnet ,
. , Telnet, ,
, . . TCP Wrappers
,
.
108
I.
TCP Wrappers : /etc/ hosts, allow

/etc/hosts.deny. , . hosts.allow , ; .
hosts.deny, , , ;
. , hosts . allow.
hosts.deny,
.
( ,
), TCP Wrappers .
^_
^\
TCP Wrappers ,
25. TCP Wrappers , ,
, , ,
, NIS.
, # ,
. hosts.allow
hosts . deny :
_ : _
,
. , . ,
/etc/services.
ALL, . ,
, TCP Wrappers.
, TCP Wrappers. | ALL ,
. , , ,
inetd TCP Wrappers,
TCP Wrappers .
,
. ,
. .
.
IP-. IP-,
10.102.201.23. .
IP-. IP- . , ; . ,
10.102.201. 10.102.201.0/24. ,
IP-/. hosts.allow hosts.deny IPv6. [:::::::]/ ,
4.
109
, ,
.
. ,
badcracker.threeroomco.com.
.
, , , DNS , .
. , . ,
. . threeroomco. com, , threeroomco. com.
NIS. @,
NIS (Network Information Services ). ,
NIS.
,
. .
ALL. .
LOCAL. .
, .
UNKNOWN. ,
.
KNOWN. , IP- .
PARANOID. , IP-.
,
, ,
DNS.
DNS. DNS , .
/etc/hosts . allow, , .
telnet,ftp : 192.168.34. dino.pangaea.edu
ssh : LOCAL .pangaea.edu
Telnet FTP, 192.168.34.0/24 dino .pangaea .edu.
, SSH
, , pangaea. edu. , TCP Wrappers
. , inetd TCP Wrappers Apache,
.
110
I.
,
, .
, ident
( auth), , . , TCP Wrappers,
. , ,
Internet, . ,
.
EXCEPT.
. , /etc/hosts.deny:
www : badcracker.org EXCEPT goodguy@exception.badcracker.org
Web- , badcracker. org. ,
goodguy@exception.badcracker.org. , goodguy@exception.badcracker.org
/etc/hosts.allow.
, /etc/hosts .deny,
:
ALL : ALL
, TCP Wrappers, , .
, /etc/hosts.
allow. . , , , Telnet,
. ( ,
Telnet- , , . , ,
Telnet-. 13.)
xinetd
inetd ,
Linux. 2000 .
xinetd. xinetd inetd TCP Wrappers. .
xinetd inetd TCP Wrappers, , , inetd TCP Wrappers,
xinetd. xinetd TCP Wrappers,
,
inetd. 2002 . xinetd Red Hat Mandrake
4.
111
;
xinetd.
/etc/xinetd.conf
inetd,
inetd. xinetd
/etc/xinetd.conf. ,
xinetd. conf, Red Hat Mandrake,
. ,
, /etc/xinetd. d
. xinetd SysV; , . ,
Telnet /etc/xinetd.d/telnet.
xinetd ,
xinetd. conf, Red Hat Mandrake
/etc/xinetd.d.
, /etc/xinetd.conf
, /etc/xinetd. d, .
, inetd. conf. ,
Telnet-, inetd. conf.
service telnet
{
socket_type = stream
protocol
= tcp
wait
= no
user
= root
server
= /usr/sbin/in.telnetd
}
xinetd .
, inetd, . ,
TCP Wrappers, ( , Telnet- TCP Wrappers,
/usr/bin/tcpd server server_args,
/ u s r / s b i n / i n . telnetd).
inetd xinetd , .
.
.
. , xinetd , . ,
, , -
112
I.
TCP Wrappers.
.
. , inetd, . xinetd
disable = yes, . , defaults /etc/
xinetd.conf disables = _,
, .
.
disable = no, , .
. ,
redirect = _,
(. , , )
IP-. , , /etc/xinetd.d/telnet
dummy, threeroomco.com, redirect = 192 .168 . 3 .78,
Telnet- dummy.threeroomco.com
192.168.3.78. NAT , , . iptables, xinetd,
.
. log_on_success log_on_f ailure xinetd, ,
. ' ( ), HOST (
), USERID ( , ), EXIT ( ) DURATION ( ).
, , ,
= += -=.
. , xinetd, . per_source , xinetd
. ( UNLIMITED .) instances , xinetd ( ,
per_source). cps
, : , xinetd , ( ), , .
, xinetd, nice;
nice. , max_load,
4.
113
, , xinetd , .
, , ,
, .

, defaults /etc/xinetd.conf.
defaults , xinetd. defaults, , ,
.
/etc/xinetd. conf , /etc/xinetd.d, xinetd.
xinetd SysV, / e t c / r e . d / i n i t . d / x i n e t d
restart ( ).
- xinetd SIGUSR1 SIGUSR2,
kill. SIGUSR1 xinetd
.
SIGUSR2 , ,
.

xinetd ,
, TCP Wrappers.
, xinetd .
xinetd TCP Wrappers;
xinetd,
TCP Wrappers. xinetd,
, . , , .
. xinetd
only_f r no-access, ,
/etc/hosts . allow /etc/hosts . deny TCP Wrappers. , , . only_f rom , ( ). , no-access
" "; , , , . , , .
. only_from no-access IP- (, 172.23.45.67), , (,
172.23.0.0 172.23.0.0/16) (172.23.0.0/16),
, /etc/networks, (,
114
I.
badguy. threeroomco. com). ,

xinetd . xinetd ,
.
. , , access_times. :--., ,
08:00-18:00 , 8 18 . access_times . ,
Telnet- 08:00-18:00, ,
17:58, .
. . bind ( interface, bind). IP-, . , ethl
172.19.28.37 bind = 172.19.28.37,
, ethl.
ethO ;
, , .
, . , ,
Internet
-, Telnet FTP. bind
xinetd , Telnet FTP
, .
xinetd.
.

, Linux
SysV, . X, /etc/inittab .
X . Slackware /etc/re. d/rc/inet2. ,
,
.
Linux . 4.1.
, ,
, SysV
- .
SysV , ,
, ,
4.
115
. , Mandrake , SuSE,
SysV,
SuSE, . ,
. ,
Linux.
, , ,
.
SysV .
, .
SysV, , ( ,
, ,
). SysV . SysV, ,
( SysV bash).
, .

. ,
, . ,
Telnet-.
/usr/sbin/in.telnetd
, (. .
).
, ,
&. ,
.
, , ,
, & .
,
. , bash , ,
. SysV.
, . , SuSE boot. local ,
re. local Red Hat, SuSE
, , Red Hat
,
, . , , ,
, SysV
, .
. , SysV,
stop, , -
116
I.
,
. ,
kill, killall .
Linux
,
, ,
. Linux , .
KDE ( Desktop Environment ) GNOME (GNU Network Object Model Environment
GNU). xterm. (
root;
.) Linuxconf ( Red Hat , , , Mandrake),
YaST YaST2 ( SuSE) ksysv ( ntsysv,
, ).
0^.
Webmin SWAT, %\ , Web. ,
Linuxconf, , ;
Web-.
16.
Linuxconf
Linuxconf . , ,
. Linuxconf (
), ( ), Web- (
16).
lirmxconf,
(gnome-linux-conf linuxconf-gui). Linuxconf , , Linuxconf
.
,
Web .
. , Red Hat , Mandrake
.
117
4.
loalhostlocaldomaln: Linuxconf 1,24 (subrev 2)1
File
Help
Preferences
; Control I
ontrol panel
- Activate configuration
- Shutdown/Reboot
> Mount/Unmount file systems

- Configure superuser scheduled tasks
- Archive configurations
- Switch system profile
*5 Control files and systems
f dates, time
Features
: Sewle*control\'i\
V '
,,;.,
,Vou can eiedlvly enable or disable

any services. You can disable services on a permanent
basis or on a temporary basis. Temporary means that
Linuxconf will remind you about those and will reactivate
1;
' at the next reboot,
apmd
arpwatch
atd
autofs
chargen-udp:
chargen:
Automatic Running
Manual
Automatic Running
Automatic Running
Manual
Dismiss
Help
. 4.2. linuxconf
Linux
Linuxconf Web-
"^ Linuxconf h t t p : / / w w w . s o l u c o r p . q c . c a / l i n u x c o n f / . Red Hat 7.2 Mandrake 8.1,
. ,

. ,
Linuxconf:
, .
Linuxconf Red Hat Mandrake,
.
Web- Linuxconf.
Linuxconf ;
: Config, Control Status.
; , . ( Linuxconf Mandrake
, , . ,
.) . 4.2 Linuxconf Red Hat; ControlOControl PanelOControl Service Actinity.
SysV xinetd.
, .
1. Linuxconf ControlOControl PanelOControl Service
Actinity (. . 4.2).
2. , . , sendmail sendmail
. Linuxconf ,
.
118
I.
(localhostlocatdomain: Linuxconf 1,23 (subrev 2)
File Preferences
Service em*r,
Conrig control
% Control panel
:tivate configuration
- Shutdown/Reboot
3-Mounf Unmount file systems
Configure superuser scheduled tasks
Archive configurations
Switch system profile
I Control files and systems
You can enable/disable a service

or you can start and stop it manually
BaSe-Sfg |Run leveisjj
Level 0
Levett-'j/v
JHaB
' '"""'",
,,
'-,:\v
",j single user fy %y,,
Level 2'(default)' rMultl-user/Text
;.-.
'',''
:
'' ~
Level 3 (default) rr Multt-user/TffitfFull network

Level 4 (default) r Not used ,
Level 5 (default) fr Muttl-usef/Graphieal.-'
Level e
' '
J Rettoot
. 4.. linuxconf

3. Run Levels. ,
. 4.3.
,
.
4. Accept, Dismiss Service Control.
5. FileOAct/Changes,
. Do It, .
. ,
chkconf ig SysV.
, Linuxconf .
Red Hat Mandrake,
. Web- Linuxconf,
. ,
,
.
YaST YaST2
SuSE YaST (Yet Another Setup Tool) YaST2.
YaST , a YaST2 .
, . YaST2, -
YaST, .
119
4.
I Hardware
I Post a support query
'> RC-Config Editor
Mlsc
Network
. 4.4. YaST , ,
( YaST , , .)
YaST , yast; , YaST2,
, yast2.
YaST2 . 4.4. , , , ,
, .
SuSE
SysV / e t c / r e , config. YaST .
RC-Config Editor, Misc.
, . 4.5.
, , StartVariablesOStart-Network. ,
. 4.5, YaST . Yes No,
.
YaST .
, , / e t c / r e . c o n f i g ;
, SysV. ,
(NetworkONetwork-Basics) , -
120
I.
etc
start-Variabes
I Start-Network
1 ;
HLstart
j : :- pppd_dod_start
' \ ! starLbwnfsd
start_loopback
start_marsnwe
starLnamed
start_nscd
starLpcnfsd
start_portmap
start_pppoed
start_routed
start rusersd
START_INETD:
start the inet daemon in multi-user? ("yes" or "no") this is
needed, if you have to telnet/rlogin to your own machine. It
is also needed for the man page formatter in SuSE Help
system.
. 4.5. Yes No
root (SecurityOSecurity-Basics).
, YaST.
Network.
, NFS Sendmail Configuration,
NFS sendmail. NFS
sendmail 8 19,
YaST.
ksysv
chkconf ig ntsysv, SysV
( , ). , ,
. ,
;
ksysv tksysv. ksysv KDE, . tksysv
. Red Hat ,
. ksysv . 4.6.
ksysv, tksysv SysV;
,
. Available Ser-
121
4.
fnes5us.rodsbooks.com -SysV-lnlt Editor)!
Settings Help
SS
Runlevela
Nr
09
09
10
@ nfslock
nutnlock
portmap
proftpd
random
rawdevices
rstatd
rusersd
Name
f) firewall "
^ sound
23 ul9d
0 network
10 0 usb
20 0 random
30 0 syslog
40 &] crond
Sloj
Name
start
Nr
Name
05 0 harddrake
05 0kudzu
09 firewall
09 0 sound
09 0ulogd
10 network
^ usb
11 0 portmap
20 ^1 random
10 " "
11 ffi Dortmao
Nr,
Name
01 0thttpd
10 0acpid
alsasound
rstatd
rusersd
d
prolpd
nfslock
rstatd
rusersd
0 amd
20
ZO
Runtevelg
Start
Nr I Name
05 0 harddrake
05 jgkudzu
09 f3 firewall
0 ulogd
network
vmware
acpld
alsasound
rstatd
0 rusersd
amd
0 amd
_ Idap
45 0 arpwatch
40 fj^ldap
Show Runlevels
. 4,6. ,

vices , , , ,
. ,
, , Service Entry (. 4.7). Service
, Entry , ,
, .
,
Stop, , Start . ,
. Available Services , . ksysv
, , . ,
20 30, ksysv
25. , ,
, Sorting Number
(. . 4.7). , ksysv , ,
. ksysv, -
122
I.
ai'^KIProperties for postfix -Sy5V-initEdltor|'|M- ti#
Entry
3$rvie
fJame
jôstfiA
Potnls to service jpostfix

Sorting number:
80
. 4.7.
ksysv , SysV
, -
Start, Stop, ,
.
ksysv tksysv ,
, Linuxconf YaST. ,
SysV, ,
.
SysV,
. ,
, ,
SysV.

, ,
-, . , , . , ,
SysV , /etc/xinetd.d.
, , , , -.
. 4.2 ,
.
, Linux ( ,
, )
SysV. , , , .
SysV
,
123
4.
4.2.

SysV
.
.
.
. SysV ,

. -
.
.

(chkconf ig, ksysv . .).

. , , , Samba, ,
. , , , nmbd .
,
.
SysV, . ,
(, Telnet FTP). , Apache,
Apache , . , Debian,
, SysV . ,
SysV
.
, Linux (inetd xinetd). , xinetd,
inetd, inetd .
SysV . , ,
.
124
I.
,
SysV, ,
. ,
, . SysV,
, .
;
. , .
.
Linux ,
.
Linux: SysV,
. Linux, , ,
. SysV, ,
: inetd xinetd. ,
, , .
II

5
IP-
DHCP
2 TCP/IP. DHCP (Dynamic

Host Configuration Protocol ).
DHCP, .
DHCP IP- ,
. , DHCP, IP-
, IP- . DHCP
. DHCP ,
DHCP. DHCP .
DHCP,
, . ,
DHCP. DHCP IP , DHCP
.
IP-. ,
DHCP , Samba DNS.
DHCP, . ,
,
. DHCP , ,
, . (Droms) (Lemon) The
DHCP Handbook: Understanding, Deploying, and Managing Automated Configuration Services (New Riders Publishing, 1999) (Kercheval) DHCP: A Guide to Dynamic
TCP/IP Network Configuration (Prentice Hall, 1999).
5. IP- DHCP
127
DHCP
, DHCP ,
DHCP.
: - DHCP.
, DHCP. . "" ,
, :
IP- DHCP.
IP- , , 2.
, . DHCP, Linux,
IP- , Linux, , : UNIX, Windows,
MacOS, OS/2, BeOS . . DHCP , TCP/IP.
IP- ; .
DHCP , IP.
, DHCP, . , IP. , , . , DHCP,
IP-.
DHCP
IP-. , DHCP ,
, DHCP, .
DHCP ,
IP- .
DHCP . DHCP ,
- . ( ,
, IP- .)
DHCP DHCP ,
, . ,
DHCP. DHCP ,
.
, .
DHCP ,
, IP-.
128
II.
DHCP. , ,
IP- .
0^
^, DHCP DHCP .
DHCP.
DHCP IP-, ,
. , , DHCP. ,
, DHCP .
,
( ), .
, IP-, .
. , DHCP
.
DHCP , .
DHCP.
DHCP Linux,
. DHCP Linux.
, Internet
DSL-. DHCP. , DHCP Linux,
. , DHCP
, , , IP-.
DHCP SysV.
, . (
5.)

DHCP, , . ,
Packet Socket Socket Filtering. ( 1
dhcpd Socket Filtering; .)
1.
DHCP ,
255.255.255.255. Linux
(, 192.168.1.255).
DHCP ( Windows), , ,
5. IP- DHCP
129
DHCP, . :
# route add -host 2 5 5 . 2 5 5 . 2 5 5 . 2 5 5 dev ethO
ethO , . . ,
route -n. , . 255.255.255.255 ,
.
DHCP
Linux DHCP,
Internet Software Consortium (http: //www. isc. org/products/DHCP/). Internet Software Consortium (ISC) 2000 . 3.0 DHCP, 2002 .
Linux 2.0 DHCP. , ,
2.0 3.0, 3.0 , ,
DNS-, .
DHCP dhcpd.conf,
/etc /etc/dhdcp.
Linux, dhcpd.conf , . ,
dhcpd dhcp. leases,
/var/lib/dhcp. dhcp. leases
. DHCP IP-
DHCP. DHCP, IP-. , ,
. dhcp. leases
Ethernet- . dhcp. leases
; ,
, , -, ,
dhcp. leases.
dhcpd. conf, #, . , , .
. DHCP , (, ),
(, ), , (, ).
. (, ), IP-,
, .
, . . -
130
II.
DHCP ,
.
. . , ,
. , dhcpd. conf
, ,
.
host teela {
hardware Ethernet 00:05:02:al:76:da;
fixed-address 192.168.1.2;
}
. , host, ( teela), , , . ,
, . ,
. ; dhcpd
, .
IP-
DHCP, IP-. ,
, . IP- , IP-, ,
IP-, . ; ,
, ,
.
IP-. ,
. IP- . , , ,
, :
IP- ,
DNS IP-.
; . DHCP DNS,
IP-.

5.1 dhcpd. conf,
IP-.
5. IP- DHCP
131
, .
5.1. dhcpd. conf
defIt-1ase-1ime 720;
max-lease-time 10800;
option subnet-mask 255.255.255.0;
option routers 192.168.1.1;
option domain-name-servers 192.168.1.1, 172.17.102.200;
option domain-name "threeroomco.com";
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.50 192.168.1.150;
, ;
. , , . ( default-lease-time
max-lease-time) . , , DHCP
, IP-.
default-lease-time ,
DHCP. 7200 ,
120 . ,
max-lease-time; 10800 , 180 .
.
DHCP
.
, IP- . , ; DHCP
, . DHCP ,
60 ; . (,
),
, 5.1.
, , default-lease-time max-lease-time
.
, DHCP, : , (),
DNS . , , 2,
IP- .
IP-, ,
132
II.
, DNS
. , DHCP
IP-. , 5.1, . .
. 5.1, ;.
, , , dhcpd. conf.
filename "_". dhcpd . , DHCP
;
filename.
.
next-server "_". ,
, filename.
, ,
, DHCP.
server-name "_". .
, , , .
boot-unknown-clients . , true, dhcpd IP-
, . false, ,
host.
option broadcast-address IP-. , . .
get-lease-hostnames . true,
dhcpd DNS, IP-.
, (, ).
false.
use-host-decl-names .
get-lease-hostnames. true, dhcpd DNS, , host.
true.
5. IP- DHCP
133
get-lease-hostnames use-host-decl-names ,
DHCP .
get-lease-hostnames dhcpd DNS ,
DNS. ,
DHCP ,
DHCP ,
IP-, DHCP DNS.
dhcpd. conf ,
option.
, , X Window,
. , , , IP-.
,
dhcpd.conf.
; , DHCP X Window.
dhcpd. conf.
, ,
.

5.1 DHCP,
IP-.
subnet, :
subnet 192.168.1.0 netmask 2 5 5 . 2 5 5 . 2 5 5 . 0 {
range 192.168.1.50 192.168.1.150;
}
, 192.168.1.0/24. , ,
. , DHCP. range IP-, , .
192.168.1.50-192.168.1.150.
, (192.168.1.0/24), ,
IP- , DHCP.
dhcpd.conf subnet.
, .
, , .
dhcpd, 3.0, subnet , , DHCP. ,
134
II.
192.168.1.0/24 172.20.30.0/24, DHCP 192.168.1.0/24,

dhcpd. conf subnet, .
subnet 172.20.30.0 netmask 255.255.255.0 {
, , DHCP,
| : ,
DHCP.
, , .
DHCP,
, . DHCP
. ( 25.) DHCP ,
.
, DHCP,
. 3.0
dhcpd .

IP- . Internet- , , .
IP- (,
) (
).
, DHCP
, .
, , DHCP, - .
; , ping, ,
. IP-
. (
IP-.) dhcpd IP-. - dhcpd , - IP-.
dhcpd ,
, IP-.
-
-
. Ethernet - ,

, 00:80:C8:FA:3B:OA. ,
5. IP- DHCP
135
Ethernet , - , dhcpd , , ,
, . (
, -, - ,
.) , , Ethernet, .
- Ethernet ; ,
Ethernet-. h t t p : / / w w w . c o f f e r . c o m / m a c _ f i n d / http://www.cavebear.
com/CaveBear/Ethernet/vendor .html. DHCP , ,
DHCP. ,
Ethernet- , ,
.
dhcpd -
IP-, -. ,
, .
-. ,
, - Ethernet-. ,
.
-
Linux UNIX - if conf ig. if conf ig ethO ( ifconf ig ), if conf ig
.
:
ethO
Link encap:Ethernet HWaddr 0 0 : 8 0 : C 6 : F 9 : 3 B : B A
- HWaddr;
00:80:C6:F9:3B:BA. , Ethernet . , TCP/IP.
Windows 2000, -
IPCONFIG, if conf ig Linux. , ,
IPCONFIG /ALL.
:
Physical Address
: 00-50-BF-19-7E-99
Windows Me WINIPCFG, ,
IPCONFIG, .
136
II.
* Adapts i
JNDIS5.0dnvw
A*etefA!Mr* f
----
168.1.3
Subnet Mk f
253.255.2550,
192168.1.1
>eUfc Gatewqy
lL-'-
' Release
* |
Raaw
RenegAI | Ma Wo
. 5.1. WINIPCFG DHCP Windows 9x/Me
, . 5.1, -
Adapter Address.
DHCP Macintosh
MacOS Classic, - TCP/IP Control Panel.
Info TCP/IP Info, -.
MacOS X Network,
. 5.2.
Network
Show All
Displ.lv>
Sound
Location
Network
SUItup DUk
Automatic
Configure: 'Built-in Ethernet
IP Address
192.168.1.2
(Provided bv DHCP scrverl
DHCP Client ID:

(Optional)
Search Domains
(Optional)
Ethernet Address: 00:OS:02:a7.76:da

Example: appfe.com, eArUiitnlc.net
Click the lock to prevent further changes.
. 5.2. MacOS X -
Network
5. IP- DHCP
137
, -,
; ,
.
-
- DHCP.
, . DHCP ,
IP-. ( /var/lib/dhcp/dhcpd. leases).
, :
lease 192.168.1.50 {
starts 4 2002/07/19 21:37:20;
ends 4 2002/07/19 23:17:20;
binding state active;
next binding state free;
hardware ethernet 00:50:56:82:01:03;
}
IP-, , , , - (hardware
ethernet : 5 0 : 5 6 : 8 2 : 0 1 : 0 3 ) .
-, , IP- .
.
- Linux (
/var/log/messages). , dhcpd, :
# grep dhcpd /var/log/messages I tail -n 1
Jul 19 18:27:38 speaker dhcpd: DHCPACK on 192.168.1.50 to
0 0 : 5 0 : 5 6 : 8 2 : 0 1 : 0 3 via ethO
, DHCP IP-
. IP-, ,
-. ,
- DHCP ,
. IP-, . ,
, - tail, 1.
, , , IP- DHCP, -
. Linux- ,
IP- .
# 192.168.1.50
Address
HWtype
HWaddress
Flags Mask
Iface
192.168.1.50
ether
00:50:56:82:01:03
ethO
138
II.
, . ping.
: ping - 192 .168 .1. 50
-
dhcpd - IP-,
. , 5.1,
, , DNS . ,
IP-, host. subnet . host
.
host teela {
hardware ethernet 00:05:02:a7:76:da;
}
host,
. ( , , , use-host-decl-names.)
. (hardware) -, .
Ethernet-, ; , Token Ring
token-ring. (fixed-address) IP-, . , ,
DHCP, ,
range, subnet. 192.168.1.2, 192.168.1.50-192.168.1.150, 5.1,
192.168.1.0/24, .
dhcpd.conf ,
IP-.
, DHCP , . dhcpd. conf
range, host, , - host,
, subnet.

, , , ; . hardware fixed-address host.
, , , .
option host-name ""; -
5.
IP-
DHCP
139
DHCP .
get-lease-hostnames use-host-decl-names. ,
.
.
, , ,
. , . , host group. :
group {
get-lease-hostnames true;
host teela {
hardware ethernet 00 : 05 : 02 : a? :76:da;
}
host nessus {
hardware ethernet 00 : 50 :BF: 19: 7E: 99;
group {
use-host-decl-names true;
host hindmost {
hardware ethernet 00:50:56:81:01:03;
}
host louiswu {
hardware ethernet 00:eO : 98:71: 60 :cl;
, (teela nessus),
DNS. (hindmost louiswu) , host.
, , ( filename next-server)
TCP/IP (

).

DHCP , . ,
DHCP .
DHCP, , -
140
II.
.
get-lease-hostnames; DHCP DNS.
NetBIOS
NetBIOS, SMB/CIFS,
,
TCP/IP. ( SMB/CIFS, 7.)
DHCP ,
, Windows. .
dhcpd. conf .
option netbios-name-servers _. NetBIOS
, , TCP/IP-. NetBIOS
, ,
, DNS.
NBNS (NetBIOS Name Service - NetBIOS) WINS (Windows Internet Name Service Windows).
DHCP Windows- , option netbios-name-servers.
dhcpd. conf , DHCP WINS.
option netbios-node-type _. , . ,

WINS. 1 8. 1 2

WINS. 4 8 : 4 , , WINS, a 8 ,
WINS,
. , WINS, 8,
.
,
.
option netbios-dd-server _. NetBIOS: NBDD (NetBIOS Datagram Distribution
NetBIOS). ,
. ,
.
141
5. IP- DHCP
uisl
, nines
|
Advanced
I < NetBIOS
DNS ConfigutSkm | Galew* VflNS Con0B*fon | (PA4
Contact JKW n*t>* MMMxto M outljrauRMd to
ffinbk, WINS Resolution , '

loabteWINS .
. 5.3. Windows NetBIOS-, DHCP

option netbios-scope . NetBIOS , NetBIOS.
NetBIOS ,
NetBIOS- . ,
. (
group.)
DHCP IP- Windows-, . ( Samba Linux , DHCP;
Windows). ,
dhcpd. conf :
option netbios-name-servers 192.168.1.1;
option netbios-node-type 8;
, Windows , , Use DHCP for WINS Resolution TCP/IP Properties (. 5.3). Disable WINS Resolution,
WINS. Enable WINS Resolution,
IP- WINS.
DNS-
, DHCP
, . DHCP
142
II.
, IP- ( ), DHCP DNS

; DNS ,
DHCP. DHCP , ,
. Internet, . DNS ,
Internet .
.
dhcpd, 3.0, DNS. 3
DNS: ad-hoc (, ) interim ( ). ; Internet dhcpd.
DNS . DHCP
, DNS.
DNS ddnsupdate-style, : ad-hoc, interim
none ( ). DNS, ddns-update-style dhcpd. conf ad-hoc,
interim ( ).
DNS , DNS
| .
DNS 18.
ad-hoc
ad-hoc .
.
1. host ddns-hostname,
.
2. (,
), DHCP
.
3. ,
DHCP.
4. , host.
.
, DHCP DNS. DHCP ,
5. IP- DHCP
143
, ddns-domainname
( ), domain-name.
DHCP DNS. , ( IP-).
, DHCP PTR, ( IP- ).
interim
interim ad-hoc, DNS.
DNS,
dhcpd.conf allow client-updates ignore
client-updates. .
DHCP ,
DNS, PTR DHCP
, . DNS
, DHCP ,
, , dhcpd.conf.
PTR.
DNS, interim
, ad-hoc. DNS
, . ,
, DHCP. , , DHCP threeroomco. com. ad-hoc , threeroomco. com,
. DNS, , dino. pangaea. edu.
.
DHCP DNS, PTR dino . pangaea. edu.
. , ,
. , ,
. ,
, , ,
.
DNS
!
Internet DSL- :
. IP- DHCP '
. , ;
DHCP DNS Linux.
DNS. ( , .)
;
::;
144
II.
'., DNS ^ In, ternet. ,

IP- >$ ^. ,||
, DNS ,
. IP- . , DNS,
, Perl ,
Linux.
.'
~
,"** * '[
' ?-"-^
^^
, DNS^ http://www.technopagan.org/dynaini/, http://www.
geocities.com/kiore_nz/ http://dns .highsynth.com. DNS,
/ .
DHCP , .
, ,
. , DHCP ;
, .
DHCP , IP , , . , DHCP , .
IP-; DHCP DNS.
3 DHCP Linux.
6

Kerberos
Linux . ,
, .
(, POP- FTP-), .
, ,
.
, ( ),
. Kerberos.
. ,
.
Kerberos : ,
.
Cerberus, .
Web-,
Kerberos.
Kerberos,
, Kerberos .
, Kerberos - .
, , ,
.
Kerberos Kerberos. ; ,
Kerberos, , . Kerberos,
146
II.
, , Kerberos. , Web- Kerberos http:

//web.mit.edu/kerberos/www/.
, Kerberos, .
Kerberos
, 25 ( ,
). , Kerberos
. Kerberos , ,
, .
, , ,
, . , Kerberos .
, ,
, , -
, .
Kerberos , , ,
. , . ,
.
Kerberos . Kerberos Linux UNIX- , Windows, MacOS . . ( Kerberos, Microsoft,
. Web- Kerberos, MIT, Kerberos, Windows
.) .
Kerberos
. ,
, POP, Kerberos (
). Kerberos, Linux.
, Kerberos Windows, MacOS .
k .//'^,' , , ~ ; ,-
1960- , '
. 1980- .
, UNIX . , , # ,
- , X-,
6. Kerberos
147
. .
86. , (
*
/ " ;
, ' 1~*
; * Windows,
vMacOS, Linux UNIX, -'
^ ,
!? . , ^
/;,. , ' -
|/^|- ; |^;';-] "
|&;1^^
^^!-^ ,
S
B "" , *
"' * ;*,' ^-^^. , >>>
:
"psLeibero's, % , '* , ,
, , ,,
<f - _ < ' ,
' <; .i '.-'?,>> *;-'*!,?; 9
'^ 86 -!|
^, ^ . -1
.
Linux .' - j
j . ^ ,
^ ( 13 : 14).
?! , ,
; , , . , *
- , -*.
; Kerberos, ^?; ,(, ,, ,,_ * - ,_ '^ ,J|f.tl ^4
Kerberos
Kerberos ,
Kerberos,
(key distribution center ). ,
Kerberos . , Kerberos, (Kerberized
application). Kerberos, ,
Kerberos .
Kerberos,
Kerberos .
Kerberos
Kerberos , . .
148
II.
Kerberos .
Kerberos .
Kerberos
Kerberos KDC. (realm) Kerberos. Kerberos Internet. , threeroomco.com
Kerberos;
THREEROOMCO. COM. Internet, Kerberos
. Internet Kerberos, ,
. Kerberos
.
Kerberos, , REALM1. THREEROOMCO. COM
REALM1.THREEROOMCO.COM.
Kerberos
. , Kerberos . ,
.
Kerberos , Kerberos, , . . . Kerberos , Kerberos. ,
Kerberos ,
(, ).
Kerberos ,
. , : (primary), (instance) (realm).
/. , .
; , ftp. ,
, . ,
f l u f f y : ,
, ,
. admin. THREEROOMCO. COM, f luf f ySTHREEROOMCO. COM f luf f y/admin@
THREEROOMCO.COM.
, Kerberos
Kerberos, ,
. .
.
, . , ,
6. Kerberos
149
. , .
.
. , .

, Kerberos .
, . ,
, .
, ,
.
, , (POP IMAP).
,
.
.
. Kerberos.
. Kerberos , .
. , ,
, . (
).
, , ,
.
.
Kerberos ,
,
Kerberos . Kerberos
. .
1. , , , .
2. ( Kerberos)
TGT (ticket-granting ticket ). Kerberos, TGS (ticket-granting
service ).
3. KDC . , KDC
. , , , . , , ,
.
150
II.
4. TGT , . ,
.
.
5. , , KDC , . ,
, .
( KDC)
, , , , , ,
. ; .
,
.
6. , ( ).
7. . .
8. , .
, .
( ,
. .), .
9. . , ,
, . ,
.
, Kerberos
, , (
).
, ,
.
, .
, | . , ,
-, .
.
, Kerberos.
NTP (Network Time Protocol ),
10.
6. Kerberos
151
Kerberos
Kerberos,
. , . (
, ) .
. KDC ,
.
, , .
, , , ,
.
, ,
, . ,
, . , Pentium , 32
,
. ,
, , .
, , , . ,
,
. ,
.
Kerberos
Kerberos, http:
//web. mit. edu/kerberos/www/. MIT Kerberos
V5 Release 1.2.1 ,
( Linux ). Kerberos V4
Windows MacOS ( MacOS Classic, MacOS X).
Kerberos V5 Kerberos V4, ,
, .
X Window, Kerberos . , , MIT,
. Kerberos (Royal Institute of Technology)
h t t p : / / w w w . p d c . k t h . s e / k t h - k r b / . eBones,
, , krb4.
, FTP-
binaries, , Linux.
, : . eBones ( , eBones 1.1) Kerberos V4.
152
II.
(Center for Parallel Computers)

Kerberos, Heimdal; http:
//www.pdc. kth. se/heimdal/. MIT Kerberos V5. ,
Linux,
.
Kerberos
Linux. , Debian 2.2 eBones Heimdal,
Mandrake 8.1 Red Hat 7.2 Kerberos V5, a SuSE 7.3
Heimdal. Caldera 3.1, Slackware 8.0 TurboLinux 7.0 Kerberos
, ,
, Linux.
Kerberos V5, MIT. Kerberos V4
. , Kerberos V5, . ,
Kerberos V5 Red Hat,
MIT.
Kerberos
Kerberos Kerberos, KDC.
Linux, , /etc. ,
Kerberos , , .
.
.
, ,
Kerberos . ,
Kerberos.
, Kerberos , . MIT configure, , make make install.
Kerberos, . configure enable-shared;
Kerberos, . . , Kerberos . , Kerberos
Red Hat , krb5-libs, krb5-server
krb5-workstation.
.
6. Kerberos
153

Kerberos /etc/krb5 .
conf . ;
, . ,
, , .
krb5 . conf KDC 6.1.
6.1. krb5 . conf
[logging]
default = FILE :/var/log/krb51ibs. log
kdc = FILE :/var/log/krb5kdc. log
admin_server = FILE: /var/log/kadmind. log
[libdefaults]
ticket_lifetime = 2 4 0 0 0
default_realm = THREEROOMCO . COM
dns_lookup_realm = false
dng_lookup_kdc = false
[realms]
THREEROOMCO . COM = {
kdc = kerberos .threeroomco.com: 88
kdc = kerberos-1 .threeroomco.com: 88
kdc = kerberos-2 . threeroomco. com: 88
admin_server = kerberos .threeroomco.com: 749
' default_domain = threeroomco.com
[domain_realm]
. threeroomco . com = THREEROOMCO . COM
threeroomco.com = THREEROOMCO . COM
outsider.threeroomco.com = PANGAEA.EDU
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
,
( "=") .
, . , [ realms ], 6.1, ,
THREEROOMCO. COM.
, .
154
II.
0^
, HA^tv , Kerberos.
[login] [kdc]. ,
[appdefaults].
KDC kdc. conf.
, KDC,
krb5 . conf .
kdc. conf krb5 . conf.

, krb5 . conf kdc. conf . , ,
KDC, . Kerberos ,
.
krbS.conf
krbS.conf [realms],
. [domain_realm]
Kerberos Internet. 6. \.
[realms] KDC KDC THREEROOMCO. .
kerberos kerberos-, , . Kerberos
( ),
. , . admin-server , .
, , ( , 749). default_domain
, .
Kerberos, . , def ault_domain .
krb5. conf . , [ realms ] , ,
, .
, [domain_realm], Kerberos. (
) , Kerberos, . 6.1 , ,
threeroomco . com ( threeroomco. com), THREEROOMCO.COM. outsider,
threeroomco. com, PANGAEA.EDU.
6. Kerberos
155
DNS- CNAME,
, krb5 . conf . KDC, , .
, KDC IP-.
, NAT (Network Address
Translation ), DNS-
KDC, ,
KDC. KDC
, DNS.
kdc.conf
kdc.conf , krbS.conf.
kdc.conf 6.2. Kerberos [ realms ]. kdc. conf,
,
EXAMPLE. COM. [realms] , , .
, . [ kdcdef aults ]
.
6.2. kdc. conf
IkdcdefaultsT
"
acl_file = /var/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
[realms]
THREEROOMCO.COM = {
master_key_type = des-cbc-crc
supported_enctypes = des-cbc-crc:normal des3-cbc-raw:normal \
des3-cbc-shal:normal des-cbc-crc:v4 des-cbc-crc:afs3

Kerberos (master key),
stash-. Slash-
, , .
stash- ,
.
stash- , , KDC, root. ,
. -
156
II.
, :
,
- ,
.
, .
.
. , "yesterday I went
to the dentist" yiwttd.
,
yi9Wt%Td, .
slash-
kdb5_util.
# kdb5_util create -r THREEROOMCO.COM -s
Initializing database '/var/kerberos/krb5kdc/principal' for
realm 'THREEROOMCO.COM',
master key name 'K/M@THREEROOMCO.COM'
You will be prompted for the database Master Password.
It is important that you NOT FORGET this password.
Enter KDC database master key:
Re-enter KDC database master key to verify:
, ,
.
kdb5_util
. /var/kerberos/krb5kdc
, Kerberos, /us r /local /var/krb5kdc. , kdb5_util.
Stash- . k5 . _ . kSstash.
principal principal. ok, Kerberos. ( principal principal. db.)
principal. kadmS principal. kadmS. lock,
Kerberos.
- stash-, ,
kdb5_util, -s. Kerberos .

Kerberos kdb5_util Kerberos, . .
.
6. Kerberos
157
6.1. ACL
d
D
m
i
I
1
L
*
ACL
Kerberos ACL (Access Control Lists
) , acl_f ile
kdc. conf. , :
Kerberos
ACL Kerberos ACL

, . ACL
, . ACL Kerberos
Kerberos. ACL Kerberos
ACL .
( Kerberos) (
).
"*". , */admin@
THREEROOMCO. admin
THREEROOMCO. . KDC
.
() ACL, . .
. 6.1. , . ,
all , , .
( ) .
, . ,
. Kerberos, "*".
:
158
II.
*/admin@THREEROOMCO.COM *
admin
Kerberos. . ,
, , .

Kerberos
kadmin kadmin. local. kadmin KDC ; .
kadmin. local . kadmin .local
, , kadmin
. , , KDC
Kerberos, .
kadmin kadmin. local , , , , . . , .
, . ,
admin/admindTHREEROOMCO.COM,
addprinc.
# kadmin.local
Authenticating as principal root/admin@THREEROOMCO.COM with
password.
kadmin.local: addprinc admin/admin@THREEROOMCO.COM
WARNING: no policy specified for admin/admin@THREEROOMCO.COM;
defaulting to no policy
Enter password for principal "admin/admin@THREEROOMCO.COM":
Re-enter password for principal "admin/admin@THREEROOMCO.COM":
Principal "admin/admin@THREEROOMCO.COM" created.
^^
, .
HA^V:\ .
, ,
(keytab). , Kerberos .
; Kerberos .
, kadmin. local
ktadd.
kadmin.local: ktadd -k /var/kerberos/krb5kdc/kadm5.keytab \
kadmin/admin kadmin/changepw
, , -k.
, admin_keytab
kdc. conf. -k , -
6. Kerberos
159
, kadmin/admin kadmin/changepw (
Kerberos;
).
, , , KDC.
addprinc. , ,
f luf f y@THREEROOMCO. COM. :
kadmin.local:
addprinc fluffy@THREEROOMCO.COM
-randkey,
, .
, .
, , , kadmin.
, _/_@ _ ( , , pop ftp). , host.
, host, ktadd.
, . . -k.
, . -:
kadmin , ,
ktadd , .
, .
^_@1_,
host/kerberos-1. threeroomco. com/THREEROOMCO. . , , ( ) KDC .
KDC , .
kadmin,
quit.

Kerberos- . , 4. Kerberos
, , ,
SysV. krbSkdc, kadmin.
SysV , krbSkdc kadmin, Kerberos.
,
160
II.
"&".
(/etc/re. d/rc. local).

KDC , . krbS.conf kdc.conf, kdb5_util
, ACL ktadd
kadmin. local, .
KDC , KDC (, , , KDC). . kpropd.acl /var/
kerberos/krbSkdc /usr/local/var/krb5kdc. :
host/kerberos.threeroomco.com@THREEROOMCO.COM
host/kerberos-1.threeroomco.com@THREEROOMCO.COM
KDC,
KDC : kpropd klogind.
. /etc/inetd. conf
:
krb5_prop stream tcp nowait root /usr/kerberos/sbin/kpropd
kpropd eklogin stream tcp nowait root \
/usr/kerberos/sbin/klogind klogind -k -c -e
, . xinetd,
( . 4). /etc/services krb5_prop eklogin,
:
krb5_prop
754/tcp
#
# Kerberos
eklogin
2105/tcp
#
#
KDC :
. , , 6.3. ,
, . , kprop .
.
6. Kerberos
161
6.3. , Kerberos

_
__
_
#T7bin7sh
"
"
"
"
"
/usr/kerberos/sbin/kdb5_util dump
/usr/kerberos/var/krb5kdc/slave_datatrans
/usr/kerberos/sbin/kprop -f
/usr/kerberos/var/krb5kdc/slave_datatrans \
kerberos-1.mil.threeroomco.com
Kerberos
Kerberos ,
. ,
Kerberos . , .

. , , Kerberos
. , .

,
. , , [realms] [domain_realm]
krb5 . conf , .
, , .
(./_$_)
, (,
Telnet, : telnet/ _%_). ,
, kadmin. local ,
. , , addprinc, .
kadmin. local :
kadmin.local: addprinc \
host/gingko.threeroomco.com@THREEROOMCO.COM
kadmin.local:
addprinc \
telnet/gingko.threeroom.com@THREEROOMCO.COM
kadmin.local:
ktadd -k gingko.keytab \
host/gingko.threeroomco.com telnet/gingko.threeroomco.com
gingko. keytab, , /etc , , krb5 . keytab. ,
162
II.
, ,
scp. ,
, root,
.
, . ktadd -k gingko. keytab;
. , ; , ,
Kerberos.

, Kerberos
, , , Telnet FTP, shell, exec login.
. , inetd, /etc/inetd. conf
:
klogin
stream tcp nowait root
root /usr/kerberos/sbin/klogind \
klogind -k -c
eklogin stream tcp nowait root /usr/kerberos/sbin/klogind \
klogind -k -c -e
kshell stream tcp nowait root /usr/kerberos/sbin/kshd \
kshd -k -c -A
ftp
stream , tcp nowait root / u s r / k e r b e r o s / s b i n / f t p d \
ftpd -a
telnet stream tcp nowait root /usr/kerberos/sbin/telnetd \
telnetd -a valid
.
, Kerberos,
. . , .
Kerberos
Kerberos, .
_@ _, kadmin
kadmin. local. , Kerberos. ,
, . ,
. , Kerberos
,
.
6. Kerberos
163
Kerberos
, Kerberos .
. ,
:
Kerberos. , - Kerberos ;
Kerberos , .
Kerberos
Kerberos ,
Kerberos. .
kinit. .
"" Kerberos; kinit Kerberos . kinit
KDC . ,
Kerberos.
;
, . ,
, . kinit minerva@PANGAEA.EDU. kinit .
, ,
kinit.
klist. ( ),
, .
kinit , klist .
kpasswd. kpasswd Kerberos; Kerberos.
passwd.
kpasswd .
kdestroy. .
,
, Kerberos.
,
kdestroy. ,
.
kdestroy .logout, . xinitrc

, . (
) kdestroy .
164
II.
? kinit kdestroy
. , klist. :
$ kinit
Password for fluffy@THREEROOMCO.COM:
$ klist
Ticket cache: FILE:/tmp/krb5cc_500
Default principal: fluffy@THREEROOMCO.COM
Valid starting
10/09/02 14:38:57
Expires
10/10/02 00:38:57
Service principal
krbtgt/THREEROOMCO.COM@\
THREEROOMCO.COM
Kerberos 4 ticket cache: /tmp/tkt500

klist: You have no tickets cached
$ kpasswd
Password for fluffy@THREEROOMCO.COM:
Enter new password:
Enter it again:
Password changed.
$ kdestroy
$ klist
klist: No credentials cache f i l e found (ticket cache
FILE:/tmp/krb5cc_500)
Kerberos 4 ticket cache: /tmp/tkt500
klist: You have no tickets cached
kinit, , , klist krbtgt. klist
;
( ).
klist ,
. ,
. kinit, , ,
. kdestroy .

-, Kerberos, ,
, .
- ,
. Kerberos
. , -
6. Kerberos
165
telnet,
. .
telnet. telnet, Kerberos,
telnet .
telnet _,
. , - ( ) -f
( ).
rlogin. rlogin ( 13).
,
Kerberos, -f. , telnet - -f.
ftp.
Kerberos, ( ,
<Enter>).
ftp, Kerberos, ,
Kerberos. Kerberos,
.
rsh. , , telnet, rlogin
. ,
-f.
rep. ; Kerberos.
. , Kerberos V5. . , ,
Kerberos , .

, ,
. , Kerberos.
Kerberos (, ,
), .
Kerberos, , Kerberos.
-,
166
II.
. ,
Internet . ,
Telnet, su , , ,
root.
. ksu, .
Kerberos, , /usr/local/bin (, , /usr/local/sbin).
, , . , Kerberos Red Hat /usr/kerberos/bin.
, , , , PATH,
, . ( PATH /etc/profile,
, Bash, . bashrc.
Kerberos
Kerberos ,
. , : ,
Kerberos ( kinit). ,
. Kerberos :
login. krb5 ksu. . -, Linux Kerberos. ,
.
login. krb5 f kinit , root.
kinit , login. krb5, ,
.
root .
, login. krb5,
. .
Kerberos
Linux
getty ( getty mingetty, mgetty vgetty). /etc/inittab,
/bin/login. , Telnet,
/bin/login. login. krb5, -
6. Kerberos
167
/bin/login. , . ,
:
# mv /bin/login /bin/login-original
# /usr/kerberos/sbin/login.krb5 /bin/login
login. krb5, /bin/login. login
Kerberos. , kin it.
/etc/passwd, ,
,
Kerberos. ,
Kerberos. , ,
/bin/login, SSH.

su . Kerberos
ksu,
.
.
, ksu, (
/etc/krb5 . keytab).
ksu SUID, , , , root. Kerberos ,
( chmod a+s /usr/
kerberos/bin/ksu).
, , ,
.
. kSlogin . kSusers. .
,
. ksu
, ( ,
,
Telnet). .kSlogin . , Kerberos.
. kSusers ;
, .
168
Kerberos, , . *.
, minerva@THREEROOMCO.COM /bin/Is /usr/bin/zip.
minerva@THREEROOMCO.COM /bin/Is / u s r / b i n / z i p
ksu su ,
, .
. kSlogin . kSusers , .
.
, .
,
- _. , , /bin/
Is f l u f f y , f l u f f y -e /bin/Is.

login su ,
Kerberos, , ,
. ,
Kerberos. , , Kerberos;
vlock xscreensaver (
, ,
, , ). Kerberos,
,
Kerberos.
(Pluggable Authentication Module )
Linux.
, (, FTP, login, ,
X Window), ,
, (/etc/passwd, /etc/shadow
Linux).
. , ,
, , , .
. Kerberos ,
Kerberos . , .
6. Kerberos
169
Kerberos . , ,
, , Kerberos. ,
Kerberos. , ,
FTP-,
Kerberos. , ,
,
.
Linux ,
Linux, .
, .
(Derrik Brashier). Kerberos V4. f t p : / / f t p .
dementia.org/pub/pam/; , , pam_krb4. (
1998 .).
, .
(Frank Cusack). , MIT Kerberos V5 Heimdal, http: / /www. nectar. com/zope/krb/.
; Solaris,
Linux.
(Curtis King). f t p :
/ / f t p . dementia.org/pub/pam/; pam_krb5-l .1.3. tar .gz.
, .
Red Hat. Kerberos V5 Red Hat pam_krb5.
RPM,
Red Hat .
, ,
.
Debian. Debian Kerberos V5 Heimdal Iibpam-krb5
libpam-heimdal. Web- Debian , , http: / / f t p . nl. debian.
org/debian/pool/non-US/main/libp/libpam-krb5/ h t t p : / / f t p .
nl.debian.org/debian/pool/non-US/main/libp/libpam-heimdal/.
Kerberos ,
.
170
II.
,
/lib/security /usr/lib/security. Red Hat pam_krb5 . so pam_krb5af s . so.
,
/etc/pam.d.
, . , /etc/pam.d/login
login .
( ) , Kerberos. , Red Hat, .
/usr/share/doc/pam_krb5-BepcHH/pam.d, . ,
/etc/pam.d. , ,
.
login. login.
Kerberos, login. krb5
login.
gdm. GNOME Display Manager, GDM, . ( GDM
14.)
xdm. , , X Display Manager, XDM. XDM
Display Manager. ,
Kerberos
, Mandrake .
su sudo. su, ,
. ksu
, Kerberos, , su. sudo sudo.
passwd. , ,
passwd, .
vlock. vlock , . , .
,
vlock .
xlock xscreensaver. X Window (. . , vlock).
xscreensaver , .
6. Kerberos
171
, Kerberos; . - Kerberos,
. , FTP-, /etc/pam.d/ftp. KDC, ;
, , ,
.
,
Kerberos . ,
, : auth ( ), account
( ), password ( ) session ( ). 6.4 gdm,
Kerberos Red Hat.
6.4. Kerberos
_____
auth
required
auth
sufficient
nullok likeauth
auth
required
account
required
password
required
password
required
nullok use_authtok
session
session
session
^w
^
required
optional
optional
/lib/security/pam_nologin.so
/lib/security/pam_unix.so shadow md5 \
/Iib/security/pam_krb5.so use_first_pass
/lib/security/pam_unix.so
/lib/security/pam_cracklib.so
/lib/security/pam_unix.so shadow md5 \
/lib/security/pam_unix.so
/Iib/security/pam_krb5.so
/lib/security/pam_console.so
-, 6.4. ,
para_krb5 . so, .
auth session,
Kerberos
. auth use_f irst_pass, Kerberos ,
. kinit, . , . , ,
172
II.
password, :
password
required
/Iib/security/pam_krb5.so use_authtok
, password passwd,
, .
session,
. , , xscreensaver linuxconf ; ,
.
, /etc/pam.d. , ,
pam_krb5.so, ,
pam__pwdb. so, . pam_pwdb. so
, , ,
Kerberos. , , , ,
Kerberos, ,
. password ,
passwd,
.
; . , ,
, , .
,
.
, GDM, .
Kerberos , .
, ,
Kerberos . Kerberos, ,
,
. , , , . .
6. Kerberos
173
Kerberos, Linux; , .
Kerberos,
Kerberos. (key distribution center );
. .
,
Kerberos
. .
7

Samba
1990-
Linux.
, Linux , .
Windows,
, Windows, Linux-, . . ,
. Samba ,
8MB (Server Message Block ), CIFS (Common Internet Filesystem
). SMB/CIFS ,
NetBIOS (
, ,
Windows). , Samba Linux ,
Windows. Samba , ,
.
, Samba
, Samba. ,
Samba , NetBIOS;
, NetBIOS. Samba,
, ; , .
Samba, -
7. Samba
175
,
.
Samba , . , Samba
, . ; , man smb.conf. ,
Samba, , , Linux Samba Server Administration (Sybex,
2001), (Eckstein) - (Collier-Brown) Using Samba (O'Reilly, 1999).
Samba
Samba , ,
. ,
. ,
, , , ,
.
. .
, ,
. .
NetBIOS SMB/CIFS DOS
Windows, , Samba ,
. Samba
DOS Windows. , ,
DOS Windows ; FILE. TXT, f i l e . txt
File.txt . Linux, , . Windows Linux, Samba
. , SMB/CIFS
DOS Windows,
. ,
, , .
Linux , Samba .
,
OS/2, Samba .
Samba ,
DOS, Windows, OS/2 , SMB/CIFS. UNIX, Macintosh, BeOS
SMB/CIFS. ,
. Linux -
176
II.
( , Linux NFS,
8), Samba . SMB/CIFS (
) NFS ( IP-, ).
Samba
Samba , Samba (
, Samba ).
, ,
. , , .
, , NetBIOS.
Samba
Samba smb. conf. Linux : /etc, /etc/samba
/etc/samba.d. Linux,
smb. conf #. , . ,
:
[__]
,
, . . ,
, ,
. [global].
, , ,
[global].
Samba ,
:
=
Samba ,
, , .
, Linux, .
; Yes, True 1
( No, False 0).
Samba
NetBIOS , ,
. , harding.threeroomco.com
7. Samba
177
BILLY, USPRES.
TCP/IP NetBIOS,
. NetBIOS
: . ( NetBIOS
.) Samba
, .
^^
NetBIOS .
^ \ .
, , , .
; . , Samba, (
).
workgroup:
workgroup = USPRES
,
USPRES. ,
, Windows, . , Samba
Network Neighborhood My Network Places. Samba.
Samba NetBIOS TCP/IP . , harding.
threeroomco. com Samba NetBIOS- HARDING. netbios name. netbios aliases
NetBIOS. , ,
BILLY, WILLIAM.
netbios name = BILLY
netbios aliases = WILLIAM
, , , NetBIOS, .
.

SMB/CIFS
. ,
, . SMB/CIFS . SMB/CIFS
, Linux. SMB/CIFS ,
178
Linux, Samba . smbpasswd, .

Windows, Windows 95 OSR2 Windows NT 4.0 SP3,
. Samba
, Windows .
, Samba,
Windows. Samba,
, ,
.
encrypt passwords.
Samba
smbpasswd, Yes . smbpasswd, :
# smbpasswd - _
smbpasswd ( ). smbpasswd
, smbpasswd . smbpasswd
, smbpasswd . ,
.
hosts allow hosts
deny. /etc/hosts .allow /etc/hosts .deny
TCPWrappers, 4. , , ,
. ,
192.168.7.0/24 algernon.
pangaea.edu.
hosts allow = 1 9 2 . 1 6 8 . 7 . algernon.pangaea.edu
Samba NetBIOS,
. ,
, Samba". , ,
Samba .
v
Samba NetBIOS
NetBIOS .
NetBIOS TCP/IP ; .
TCP/IP. ; Windows 2000, Windows XP Samba .
, NetBIOS.
7. Samba
179
Imhosts.
IP- , Imhosts
, /etc/hosts Linux.
.
, . ,
,
. . , , ,
.
WINS-. NBNS (NetBIOS Name Service NetBIOS),
WINS (Windows Internet Name Service
Internet- Windows), IP.
Samba WINS-,
[global] smb. conf :
wins support = Yes
WINS- (
). NetBIOS ,
WINS-. WINS- , . Windows
TCP/IP Properties, . 7.1. Use
DHCP for WINS Resolution, Windows DHCP. ( DHCP- 5.)
Samba NetBIOS WINS-,
smb. conf : wins server name resolve
order. IP- WINS-. ,
. Samba , name resolve order. (
host beast TCP/IP ,
NetBIOS.)
.
wins server = 192.168.1.1
name resolve order = wins Imhosts host beast
WINS- .
, , ,
. ( NetBIOS-
. . Samba
.)
180
II.
. 7.1. TCP/IP Properties Windows WINS-
Samba
Network Neighborhood My Network Places.
Web-. ,
SMB/CIFS, NetBIOS (. 7.2).
, SMB/CIFS. ,
.
, , .
, ,
, .
Windows. ,
?
NetBIOS
(local master browser). SMB/CIFS, , SMB/CIFS
. , , ,
,
. .
, .
.
NetBIOS ,
(domain master browser)
7. Samba
Ed*
Vie
ftmnes
181
Tod! Mel
iS X
Desktop
My Documents
- My Computer
g-IP My Network Places
a Entire Network
"â Computers Near Me
+ ^ Louswu
SJNessus
-- Speaker
backup
cd-create
mounts
J CJ nettegon
office97
rodsmith
J wnprags
' ^ rodsmith on speaker
backup
cd-create
cd-print
hp4000-ps
lexmark
mounts
office??
pdf-create
raw
netlogon
. 7.2. Windows
, ,
,

, , .
,
( ) .
.
. (election),
, , . . ,
; , ,
. , Samba
"", . (
) , Samba ,
.
Samba , , .
[global] :
browse list = Yes
local master = Yes
preferred master = Yes
os level = 65
182
II.
browse list , Samba

, .
Yes , . local master
Yes. Samba , ,
. Yes preferred master,
,
, . No.
Samba, Yes preferred master
.
. os level , . ,
. os level = 65
Windows (
Windows Me Windows 2000), Samba,
os level. , Samba ,
os level, 0.
Samba , -, ,
, -, domain master = Yes.
.
. , (Samba Windows) .
, ,
domain master .
Samba
, NetBIOS ,
. ,
. , , . ,
, . ,
, , .
.
. , Windows. ,
. ,
.
7. Samba
183
NetBIOS:
(primary domain controller PDC) (backup domain controller ). PDC ,
BDC. Samba ,
.
Samba ,
[global] smb. conf :
security = User
encrypt passwords = Yes
domain logons = Yes
security , Linux. ( Samba 2.0.0 .)
encrypt passwords .
. , , domain logons. domain logons
Yes, Samba ,
smbpasswd.
Windows WINS. Samba.
workgroup,
smb. conf.
Windows NT, 2000 ,
. -, , Samba, 2.2.0,
Windows NT, , 2.2.1 ,
Windows Windows 2000 Service Pack 2 (SP2). Samba 2.2.0
, NT/2000
Windows NT 4.0. , Samba. -, Samba NT/2000/XP Linux ,
(trust account). , :
# groupadd -r trust
# useradd -r -g trust -d /dev/null -s /dev/null client$
# smbpasswd -a -m client
groupadd ;
. (
, .
.) useradd
NetBIOS CLIENT. $
. smbpasswd client smbpasswd.
$. Windows NT/2000/XP
, ;
Samba.
184
II.
rlogon vaJdafa
\vlren you ba on.

OTieWndowiNTdotnen
RINDWORLD
Cancel
. 7.. Windows

.
. Windows 9x/Me
Network Microsoft Networks Properties.
Client for Microsoft Networks Properties, . 7.3. Log On to Windows NT Domain .
Windows 2000, My Computer Properties, System
Properties. Network Identification Properties.
. , , .

Samba
WINS , Samba . Samba
, ,
smb.conf [global].
, ,
.
7. Samba
185

Samba, , :
[sample]
path = /home/samba/shared-dir
browseable = Yes
read only = No
[sample].
Windows (. . 7.2) SAMPLE. /home/samba/shared-dir.
SAMPLE, . browseable = Yes , browseable . Yes browseable
, . (
, browseable = No,
. ,
, , Address
.) Samba ,
; . , , read only = No
: writeable = Yes write ok = Yes.
, , , Linux. Samba
(, , ).
Samba , .
, Samba , [homes ].
[homes ], Samba
.
path . Samba
, .
,
(, rodsmith, . 7.2).
browseable = No, [homes] , .
[homes] smb.conf. ,
, , , Samba . (
, ,
.)
Samba, , , [homes] .
186
II.
, , , [global].
, .
Windows
Linux Windows .
, Windows, DOS,
Samba , DOS- , Windows. , Windows
DOS Samba :
Linux , DOS Windows.
Linux Windows
, Linux , . . FILE. TXT,
file. txt File. txt ;
. , , .
Linux, Windows ,
, , ,
. DOS
; ,
.
case sensitive, , ,
Samba .
No , Samba
Windows DOS. , Samba
, , . .
Windows. , . , sensitive = Yes,
Windows . , , Samba. sensitive = Yes ,
, , Linux,
.
preserve case short preserve case ,
Samba . Yes, Samba ,
. No Samba .
default case. Lower, Upper.
preserve case ,
short preserve case. ( , DOS, . . 8
3 ;
8.3.) DOS-,
7. Samba
187
short preserve case = No. Linux

, DOS-
.
SMB/CIFS 8.3 , .
, DOS 16- Windows. Linux , Samba
8.3. mangled names = Yes (
' ) 8.3; mangled names = No,
.

Linux , UNIX. SMB/CIFS
-. SMB/CIFS
, , , ,
Samba Linux. , Samba
Linux, Samba . Samba . , force user force group
Samba , , ,
. :
[jekyl]
path = /home/samba/jekyl
read only = No
force user = hyde
, , , , Linux
hyde. muriel
, hyde. To ,
henry. , Samba, , ,
Linux.
, Linux /home/samba/jekyl.
, hyde. force group, ,
.
, force
user, .
force user force group
Samba. , , ,
188
II.
.
force user; , , ,
, .
. , , ,
.
Linux, SMB/CIFS ,
, , . Samba DOS Windows 9x/Me,
. , , . create mask
directory mask, .
- ; ,
, Samba. create mask
0744, directory mask 0755.
, .
-, ,
DOS, ,
.
DOS Windows , Linux. Samba ,
. Samba ,
.
.
map archive. Yes (
), DOS , . DOS Windows
, . ,
Samba, .
,
create mask, .
map system. Yes,
DOS , . No, . .
. DOS Windows . ,
Samba, .
map hidden. Yes,
DOS , Linux .
No. DOS Windows , ,
7. Samba
189
,
, .
Samba Linux,
. Linux , DOS .
, , hide dot
files = No.
create mask, ,
map archive, map system hidden.
map system hidden, create mask,
.
Windows NT/2000/XP ,
Windows 9x/Me. Windows NT/2000/XP ACL (Access Control Lists
), . Samba
, Linux Windows ACL.
Samba , Windows NT/2000/XP.
ACL nt acl support; Yes.
Windows NT/2000/XP Linux, No.
DOS Windows 9x/Me ,

. , ,
create mask
directory mask. ACL ,
, .

Samba . hosts allow hosts deny
, , , . Samba
.
valid users invalid users.
, . valid users,
, . , . ,
invalid users " ". ,
, ,
.
valid users invalid users,
write list read list. ,
190
II.
. ,
. ,
, . ,
. write list.

:
[control]
path = /home/samba/control
read only = Yes
invalid users = thomas susan
write list = gertrude henry
. (thomas susan) ,
gertrude henry , .

Samba
, , , , .
,
. . ,
, . , ,
, .
, , .
, ,
, Windows-.
Linux, ,
.
PostScript- , .
^^
^^
, ,
Linux. ( Ghostscript,
Samba.)

, printable = Yes print
ok = Yes ( ). ,
7. Samba
191
, ( Linux, /var/spool/
Ipd). /trap, Linux /var/spool/samba.
,
, . , chmod 1777 / chmod o+t
/. ( 1777 .
, .)
. .
[laser]
comment = Laser printer in Room 7

path = /var/spool/samba
printable = Yes
comment LASER. ( .)
,
laser. ,
name. , , name = lp
, 1.
Linux .
BSD, LPRng CUPS
(Common Unix Printing System UNIX) . ,
Samba.
printing, . BSD, LPRng CUPS (
Linux ). Samba
Linux, , , . Linux ,
print command,
, Samba . %s , .
. print command
Samba .
,
.
,
, .
[printers]. Samba
/etc/printcap
. [homes], [printers]
browseable = No, PRINTERS - Windows. Yes,
.
192
II.
PostScript-
.
Samba;
. Windows ,
. , , , Samba, , . Windows,
Linux ,
PostScript. , , .
PostScript- , .
.
Windows Samba , PostScript, , , .
, , PostScript- Windows, Samba , .
.
Samba, , , .
Samba , PostScript. PostScript-
. PostScript

. , PostScript, . ,
PostScript-,
.
,
| PostScript, , Windows.

, PostScript.
, PostScript-.
PostScript Adobe (http://www.adobe.com). ,
, PostScript . ,
PostScript Hewlett Packard Lexmark. PostScript ,
.
Samba ,
PostScript, Adobe,
, .
7. Samba
193
(^^
Then jetting hava teen chwun to **(*>!(.1 should not change ,
unlttijiaufiaveipedliewasoiwlodaw.' ^, ^, ~
-PeS$ipHa>jiiaje j^|-^--x^
r Bitmap comptMsbn'f
Uwft6a(!tl*V*r2<IW
D*lefiftat- -,*.~~-*-~~~~~~~-~
f 6&4
" ' " ' ,
. 7.4. <Ctrl+D> Linux,
PostScript,
PostScript- Windows.
, . ( Adobe PostScript, ,
PostScript-, Adobe.)
PostScript, Samba ; .
.
,
, PostScript-, Windows,
<Ctrl+D>. PostScript- , Linux.
, , PostScript. <Ctrl+D>,
, ASCII-. ASCII-
PostScript-, PostScript-.
PostScript-. .
Windows,
<Ctrl+D>. Properties
, Advanced Send CTRL+D Before Job. ( Send CTRL+D After
Job .)
, PostScript-
, .
, Windows-
.
, -
<Ctrl+D>, postscript = Yes.
194
II.
Samba PostScript- .
, PostScript,
<Ctrl+D>. , Windows-.
, ,
, .
,
PostScript
Samba , PostScript. PostScript-
Linux PostScript , . ,
,
, Linux (raw queue). , , .
,
Samba.
Ghostscript
, , PostScript, Linux- PostScript-.
, , , Ghostscript. Ghostscript ( h t t p : / / w w w . c s . w i s c . e d u /
~ghost/) PostScript-, , . GNU- Ghostscript, , Linux. -
Ghostscript, Ghostscript Aladdin. Ghostscript , http: / /www. linuxprinting.
org/printer_list.cgi.
Linux, Ghostscript, , . ,
, PostScript-,
Ghostscript. ,
, . PostScript-
( Samba
). Windows- PostScript ( Apple LaserWriter,
QMS magicolor). , <Ctrl+D>, , PostScript.
7. Samba
195
PostScript- Windows PostScript- ,

. %% [ LastPage ] %%.
, , Windows. . ,
Ghostscript, , gs,
>/dev/null. Ghostscript /dev/nUll. Caldera
/var/spool/lpd/uMtf_ovepedu/printf liter. Red Hat,
Mandrake TurboLinux / u s r / l i b / r h s / r h s - p r i n t f i l t e r s /
ps-to-printer.fpi.
, PostScript-
, , PostScript, Linux , ,
. Linux
, , . , ,
, (raw
queue).
,
/etc/printcap ( , BSD LPRng). ,
if= if.
Linux, ,
. .
Ip|hp4000|raw:\
:lp=/dev/lpO:\
:sd=/var/spool/lpd/lp:\
:mx#0:\
:sh:\
:if=:
: lp, hp4000 raw.
/dev/lpO,
/var/spool/lpd/lp. (,
Samba. Samba,
/var/spool/lpd/lp.) #0
, a sh . if=
, .
, , postscript . ,
No. PostScript
, .
196
II.

, Samba, ,
PostScript, , PostScript- ,
. , , .
, , , PostScript,
. ( Linux, [printers] .) ,
.
,
. , .
Ghostscript Linux PostScript- ,
. , .
, , . Linux ,
. ,
, .
, . , Samba, ,
. ,
Ghostscript
.
, .
, ,
PostScript .
,
PostScript-, . Ghostscript, .
Ghostscript ,
.
.
Ghostscript;
,
Linux. , Ghostscript .
, PostScript- (, ,
), EPS (Encapsulated PostScript).
7. Samba
197
, Ghostscript PostScript-,
. Ghostscript ,
, . .
.

. Ghostscript, .
Linux . ,
.
, . , , ,
.
, , Ghostscript , . ,
.
, .
, , Ghostscript,
.
Samba
Samba
. ,
. Samba
,
. postexec
, .
postexec
Samba postexec, . ,
, , postexec, . , ,
Samba billy@harding. threeroomco. com,
:
= mail -s "Share being used" \
billySharding.threeroomco.com
198
II.
, Samba
billy@harding.threeroomco.com. Subject
"Share being used", , .
postexec, , , . Windows- SMB/CIFS, ,
, , Network Neighborhood My Network Places,
.
postexec root
preexec root postexec. , , root root postexec,
root. , , . , .
, ,
.
Samba , . 7.1.
postexec , , , , . . ( ,
. 7.1,
.)
postexec , , . , ,
, , Windows,
Linux, . , postexec
; .
postexec
. ( Samba ,
, follow symlinks = No.)
, postexec
. ,
- .
, , Samba .
, , ,
.
7. Samba
199
7.1. , Samba
%d
%g
%G
%h
%
%1
%j
%L
%
%
%N
%
%
%R
%s
%S
%
%
%U
%v
. : OS2
(OS/2), Samba, UNKNOWN, WfWg (DOS Windows for Workgroups), Win2K,
Win95 (Windows 95 98) WinNT

, , %
, , %U
( TCP/IP)
, %
IP-

NetBIOS-
NetBIOS-
( TCP/IP)
NIS
, ,
,
SMB/CIFS. : CORE, COREPLUS,
LANMAN1, LANMAN2 NT 1
,

UNIX
, UNIX (
, %)
Samba
. ,
/etc, , postex.ec,
/etc .
,
.
, . Windows-, Samba,
.
, .
200
II.
,
Windows .
. (, ) ,
. ,
postexec, .
postexec,

.
.
, . max connections.
, max connections = 1.
, Network Neighborhood My Network Places
.

print
command, .
, , . print command PostScript- ,
. ,
, Windows. , print command.
Linux PostScript-
Windows. Windows-, ,
Respond (http: //www.boerde.de/~horstf/) .
PostScript- , , PDF- . print command
.
, PostScript.
Linux, ,
print command . ,
7. Samba
201
, ,
.
Linux, , ,
postexec. ,
.
.
postexec, print command
, . , , ,
force user .
print command , . 7.1 ( , %s,
, postexec ).
% , ; ,
, .
print command
postexec. , postexec .
, ,
print command, . ,

.
Linux
-
Samba
-. , , . ,
, -.
-. ,
Samba,
Linux -. . -,
. -,
, .
Samba
.
202
II.
postexec
-
, Samba -. .
- postexec .
1. .
2. , -.
3. mkisof s .
4. - cdrecord .
5. , .
, , :
[cd-create]
path = /home/samba/cd-create
create mask = 0666
directory mask = 0777
read only = No
max connections = 1
= /bin/rm -r %P/*
postexec = /usr/local/bin/create-cd %H %P %U
. Samba. 3-5 /usr/local/bin/
create-cd, . 7.1.
7.1. , -
#!/bin/sh
# $1 - ,
# $2 -
# $3 - ,
mkisofs -J - - $l/image.iso $2
cdrecord speed=2 dev=4,0 $l/image.iso
mail -s "CD-R creation finished" $3
rm $l/image.iso
rm -r $2/*
.
create-cd /usr/local/bin.
, , ,
7. Samba
203
( chmod + /usr/
local/bin/create-cd). mkisof s cdrecord .
Samba [ cd-create ].
, , ,
, , ,
.
SUID cdrecord. chmod a+s /usr/bin/cdrecord. . , -, force group.
-: [cd-create]
postexec root postexec. ,
create-cd , cdrecord.

. Windows, Network Neighborhood My Network Places.
Map Network Drive.
.
, -,
Samba. , ,
. ,
,
My Computer
Disconnect.
, Windows . ( Windows 9x/Me) . (
) -,
, , .
, .
, , . ,
. , ,
, . , . ,
, , .
. , ,
Samba - %, .
204
-
- ,
Windows 9x/Me,
, , .
. Windows- Samba zip, , -. , ,
-.
create-cd. :
[cd-print]
printable = Yes
print command = /usr/local/bin/print-cd %H %s %U %P; rm %s
, % Samba. ,
/var/spool/samba. - , 7.2.
7.2. - print command
#T/bin/sh~ ~
'
- - - - - .
# $1 - ,
# $2 - zip-
# $3 - ,
# $4 - zip-
mkdir -p $l/cdr/samba
cd $l/cdr/samba
unzip $4/$2
mkisofs -J -r -o $l/image.iso ./
cdrecord speed=2 dev=4,0 $l/image.iso
mail -s "CD-R creation finished" $3
rm $l/image.iso
rm -r $l/cdr/samba
, , , [cd-create] create-cd.
, , ,
mkisofs cdrecord , cdrecord SUID,
root. - zip-
, COPY DOS Windows.
:\> COPY FILE.ZIP\\SERVER\CD-PRINT
FILE. ZIP . , SERVER
7. Samba
205
. . ; zip .
COPY %1 \\SERVER\CD-PRINT
. . , , , MAKECD. ,
MAKECD FILE. ZIP. ,
. , - . . .
. , ,

. .
, , , .
,
. , ,
.
PDF-
PostScript- PDF-.
, , ,
PostScript-. :
[pdf-create]
comment = Create a PDF file
printable = Yes
print command = gs -dNOPAUSE -q -dBATCH -sDEVICE=pdfwrite \
-sOutputFile=%H/%s.pdf %s; rm %s
\, , :
Samba ,
.
.
print command Ghostscript
(gs). -dNOPAUSE, -q -dBATCH
, . -sDEVICE=pdfwrite ,
PDF-, -sOutputFile=%H/%s .pdf
, . pdf. PDF- .
, PDF-
.
206
II.
Samba ,
.
. Samba
Linux,
. Samba ,
(, Samba
). . , ,
,
. Samba .
Samba ,
.
8

NFS
Server Message Block (SMB)/Common Internet Filesystem (CIFS), , , DOS, Windows, OS/2
. UNIX Linux, ,
. UNIX Linux , NFS (Network Filesystem ).
SMB/CIFS, NFS . 9.
NFS
, NFS UNIX
Linux.
. ,
, .
NFS ; , , . , Kerberos,
NFS .
. ""
. ,
NFS. , , NFS
, .
NFS ,
UNIX, NFS , Windows, OS/2 MacOS.
208
II.
. Linux ,
.
SMB/CIFS Linux. ,
Samba Linux ,
NFS .
UNIX Linux
Windows MacOS, NFS. ( MacOS X UNIX,
NFS ,
MacOS .)
, NFS
| . NFS ,
, .
NFS , ,
IP-. ,
IP- , , NFS, . , NFS.
,
Samba , ,
scp, SSH (Secure Shell ).
NFS Linux
1998-2002 . NFS Linux ; .
, .
NFS, Linux,
, , NFS- , ( , ) . NFS-
Linux , http: //nf s . sourcef orge. net.

NFS
. NFS Linux
. ,
. , , ,
, . (,
,
209
8. NFS
v Y
* " ; Coda ffle system support (advanced network fs)
I* n i
OK
<
Help
Provide NFSvS server support

1
Uext
frev
. 8.1. Linux , NFS
.) , , .
, NFS , .
NFS Server Support Network File Systems File Systems (. 8.1). , NFS.
, NFS, . , , knf sd,
NFS nf sd.
Linux NFS File System Support. NFS,

mount , NFS, .
NFS ,
.
NFSv2 NFSvS
, NFS . 2002 . 3 NFS, NFSv3. (
NFSv4, . NFSv4 ,
h t t p : / / w w w . n f s v 4 . o r g . ) NFSvS ( NFSv4), NFS NFSv2. To
Linux 2.2.x. NFSv3 2.2.18. ( , NFSv3.) NFSv3
, , , (
NFSv2 Linux, -
210
II.
). , NFSv3
NQNFS (Not Quite NFS) TCP ( NFSv2
UDP-). , 2002 . TCP
Linux . NFSv2 , , a NFSv3 (
) . NFSv3 Linux
. 2.4.x. 2.4.17 -
.
NFSvS, NFS , Provide
NFSvS Server Support ( NFS
Server Support). , NFSvS
Provide NFSvS Client Support. NFS , NFSvS,
NFSv2, NFSv2.
NFSvS, , , , .
nf s-utils 0.1.6
mount 2.10. ; rpm dp kg. ,
, mount, :
$ rpm -q mount
mount-2.llb-5mdk
, 2.11 mount,
NFSvS.

TCP/IP . , , , SMTP (Simple Mail
Transfer Protocol ), 25,
Web-, HTTP (Hyptertext Transfer Protocol
), 80.
, ,
. NFS , -.
NFS .
( 111)
. (NFS UDP 2049, NFSvS TCP 2049.)
RPC (Remote Procedure Call ).
8. NFS
211
portmap, . ,
. portmap
inetd, TCP Wrappers. , , .
, /etc/hosts .deny :
portmap : ALL
portmap ,
/etc/hosts . allow.
portmap : 192.168.1.
4 TCP Wrappers, ,
.
,
portmap. , ,
.
, .
IP-.
NFS- .
(
) NFS. NFS SysV ( nf s). Linux
SysV. NFS
. , ; , restart .
: /etc/re. d/init. d/nf s restart.
NFS
, NFS ,
. , ,
. ,
NFS, mount,
NFS
.

NFS /etc/exports.
, .
:
_ !() [2() [ . . . ] ]
212
II.
/home /usr/XHR6.
, . ,
, /etc /,
, , . , ,
/dev, ,
. , ,
, , /dev, ,
. , NFS,
, /dev
, . . (
, nodev, .)

. , , .
. , ,
.
.
. ,
larch larch.threeroomco.com, ,
, .
, , , .
, .
(?),
, (*), . , * . threeroomco. com
threeroomco. com. (?) (*) (.), , . ,
*.threeroomco.com mulberry.bush,
threeroomco.com.
NIS. NIS (Network Information Service ), NIS,
@.
, IP- .
, , 172.19.0.0/
255.255.0.0. , , 172.19.0.0/16. ( IP-
, .)
IP-,
8. NFS
213
DNS NIS, . IP-

,
, IP- . , IP-
, . , , ,
DHCP, 5
.
, portmap
TCP Wrappers. . . ,
. , , , ,
.
. , .
25.
Linux ;
. , Red Hat,
NFS, . ,
NFS, , 25,
.
.
.
. ; .
. .
sync async.
.
, ,
. ,
; . , NFSv2 , ,
, NFS Linux
. NFSv3 ,
. NFSv3
async, - NFS Linux
.
wdelay no_wdelay. NFS, Linux, , , , .
.
214
II.
, wdelay no_wdelay. wdelay

.

, /etc/exports,
. , NFS , ,
Samba. ,
. ,
/etc/exports, .
secure insecure. NFS ,
, 1023.
UNIX Linux root ( 1024 ).
, ,
1023 (. . insecure), , ,
. ,
, insecure .
rw. ,
rw .
knf sd, ,
, , , ,
rw. ,
.
hide nohide. , NFS /us r
, /usr/local . /usr,
/usr/local? . 2.2.x
. NFS , hide nohide. hide
, nohide . ,
hide.
.
noaccess. ,
. , ,
/home, /home/abrown.
/etc/exports /home
/home/abrown, noaccess.
/home/abrown.
subtree_check no_subtree_check. , . NFS -
8. NFS
215
, ,
, . (subtree checks) , ,
. no_subtree_check. subtree_check,
, .
, .
root_squash no_root_squash. NFS , root, .
. , ,
root .
, , ,
root, no_root_squash.
, , .
all_squash no_all_squash. ,
, .
all_squash. no_all_squash all_squash.
anonuid anongid. , , nobody. , (UID) (GID).
anonuid anongid. root, , .
PC/NFS,
.
, anonuid=504.
/etc/exports 8.1. : /usr/XllR6 /home. , , noaccess /home/abrown.
( ,
; .) /usr/XHR6
/home gingko 192.168.4.0/24,
. /usr/XHR6 , /home .
gingko /usr/XllR6
, 514, /home
.
216
II.
8.1. /etc/exports
7usr/XllR6 gingko(ro,anonuid=5047 192.168.4.0/24Tro)
/home gingko(rw,no_subtree_check) 192.168.4.0/255.255.255.0(rw)
/home/abrown (noaccess)

. mount, NFS . : ___
. , ,
/home /mnt/userf lies:
# mount larch:/home /mnt/userflies
, ,
/etc/f stab. mount,
.
nf s (
mount, , Linux ). /etc/ f stab
, mount.
larch:/home /mnt/userflies n f s defaults
, /mnt/userf lies,
/home larch.
NFS , Linux. , , , . , , , NFS .
NFS ,
,
, . , Ethernet-, NFS ,
. NFS
.
, NFS .
.
, , , NFS
. ,
. NFS
UID GID. ,
.
.
8. NFS
217
mount,
NFS
. mount .
hard. , ,
, .
.
soft. NFS , .
, ( timeo=).
nodev. ,
NFS. , , NFS
.
nosuid. SUID , .
. SUID .
.
NFS. , , NFS.
, , , NFS . ,
.
mount,
-, :
# mount - ,nodev larch:/home /mnt/userfiles
/etc/fstab, (
defaults).

: NFS ( knf sd) .
( ,
.) ,
NFS.
. rsize wsize
mount , . ,
218
II.
4096. , , : larch: /home /mnt/userfiles - rsize=8192.

/etc/ f stab ( defaults).
.
noatime mount Linux , . Linux
,
. ,
.
NFS. ,
NFS
. ,
. ,
.
,
. ,
.
RPCNFSDCOUNT=8.
,
NFS. NFS , . ,
, NFS- . NFS
. ,
. (
EIDE- DMA SCSI; SCSI , EIDE.)
NFS , , : NFS, . , , , -
. , . (
hdparm, -t.)

Linux, ,
(UID)
/etc/passwd. , (GID) /etc/group. NFS
/etc/passwd:
. , ,
8. NFS
219
UID.
.
^^
,
^ , .
, . , . ,
,
. NFS , ,
,
.
, ,
.

UID GID . ,
504,
, UID
504. GID.
, UID GID .
, , ,
.
usermod.
, , UID abrown 507 504,
:
# usermod -u 504 abrown
/etc/passwd ,
. ( ,
, .)
. ,
, .
groupmod .
usermod, -.
, GID pro j ect3 127,
:
# groupmod -g 127 projects
220
II.
UID GID , , I . ,
, ,
. ,
. , ,
/trap.
, , .
, abrown
alyson . , , , ,
alyson. NFS, ,
abrown.
, .
UID GID , , NFS.
UID, ,
, GID. Kerberos,
6. , NFS Linux
NIS; map_nis.
/etc/exports , NFS
NIS .

,
, , . ,
. 8.1. gingko
, larch .
(james) . james
, . larch, alyson , ,
gingko, , (UID, 500, larch ). ,
Jennie samuel, , ,
.
. NFS , , . 8.1.
map_static;
8. NFS
221
8.1.
alyson
james
Jennie
samuel
UID gingko
500
501
502
503
UID larch
504
501
503
502
. /etc/exports
, :
/home larch(rw,map_static=/etc/nfs/larch-map)
, , /home
larch, / e t c / n f s /
larch-map. map_static , .
larch-map 8.2. , #, . , uid, , ,
gid, . ( ) .
, UID GID,
. , 8.2 , UID 504
UID 500 . -, NFS .
.
8.2.
# larch
#
uid
0-99
#
504
500
uid
501
501
uid
503
502
uid
502
503
uid
#
0-99
gid
100-102
100
gid
. , 8.2 UID 501,
. UID , , , . 8.2 ,
UID ( 100) .
0-99. GID 100-102 GUID
222
II.
100.
, .
UID
.
, , .
; . ,
.

,
,
map_daemon.
, ugidd rpc. ugidd.
. -, ugidd . ,
, Debian. -, ugidd , . -,
,
( , /etc/hosts .allow). , , ,

nobody.
NFS , UNIX Linux. Samba, NFS

. NFS , Samba. , NFS
,

.
, Linux, BSD
UNIX. , LPD
(Line Printer Daemon ), , Windows
MacOS, . LPD
; , . LPD, ,
.
(, Ghostscript,
http: / / w w w . e s . wise. edu/~ghost/) .
LPD, , .
;
, Linux. LPD, , LPD
Linux.
: BSD LPD, LPRng
CUPS.
LPD
. - , (
). ,
, . ,
.
SMB/CIFS, (Samba).
224
II.
UNIX : NFS LPD.

LPD ; , ,
, ,
. , . , ,
( $300 ) $1500
. $1500 .
, , LPD.
LPD . ,
SMB/CIFS.
AppleTalk ( Linux Netatalk).
, : LPD,
? ,
.
? Linux , Linux .
,
, . UNIX Linux,
LPD. DOS, Windows
OS/2 SMB/CIFS. Macintosh
AppleTalk, MacOS X LPD.
?
, . , .
, , - . ,
, ,
.
.
NFS, LPD , . . ,
.
IP- . ,
, , ,
. ,
, , ,
SMB/CIFS. , UNIX Linux, , ,
, , ,
9.
225
, .
IPP (Internet Printing Protocol ),
CUPS, ,
.
,
Windows, LPD, ,
SMB/CIFS.
UNIX, Linux MacOS , SMB/CIFS, .
,
. , Linux, UNIX.
, . ,
Linux, UNIX, Windows, MacOS , Linux.
:
? Ethernet- , USB * . . ,
. , ,
, .
.
;
386. Linux - , .
,
Ghostscript, PostScript. PostScript.
USB-,
. , ,
.
Linux
UNIX Linux , , LPD. 2001 . Linux
.
BSD LPD.
Linux. Linux- ,
226
II.
9.1. Linux

Caldera OpenLinux Server 3.1
Debian GNU/Linux 2.2
Linux Mandrake 8.1
Red Hat Linux 7.2
Slackware Linux 8.0
SuSE Linux 7.3
TurboLinux 7.0
CUPS
BSD LPD
LPRng
LPRng
BSD LPD
LPRng
LPRng
LPRng,CUPS
CUPS
CUPS
BSD LPD. LPRng CUPS BSD

LPD, -. BSD LPD
;
.
LPRng. , h t t p : / / w w w . a s t a r t . c o m / l p r n g / L P R n g . h t m l ,
BSD LPD. BSD LPD
. , , . Linux
, PostScript.
Common UNIX Printing System (CUPS). CUPS
http: //www. cups . org. BSD LPD , LPRng, ,
. , CUPS,
. (
, CUPS , .) LPD, CUPS
IPP.
UNIX-
. UNIX,
SysV. BSD LPD, ,
, BSD LPD. , ,
1 1.
. 9.1 , Linux. , , ,
. , , (
4).
9.
227
^
"" "" ,
. 9.1,' . ,
Mandrake
>
, : LPRng
CUPS, Debian .
J
Linux, , ,
BSD LPD. LPRng, ,
. CUPS,
BSD LPD LPRng,
, ,
CUPS.
BSD LPD
BSD LPD : /etc/
hosts . Ipd /etc/printcap. , .
, , .
/etc/printcap , ,
,
. , , .
, . ,
Ghostscript PostScript-
, .
/etc/hosts.Ipd
BSD LPD , . .
. ,
/etc/hosts . Ipd. ,
. , IP- NIS.
@, , ,
+. + , , . -, ,
. /etc/hosts . Ipd 9.1. gingko ,
, . +@groupl NIS- groupl. oak. threeroomco. com ,
groupl.
228
II.
9.1. /etc/hosts. Ipd

gingko
birch.threeroomco.com
192.168.1.7
+@groupl
-oak.threeroomco.com
/etc/hosts . Ipd, ,
# ,
; .
/etc/hosts.Ipd /etc/hosts,
f equiv. /etc/hosts . equiv ,
; , rlogin .
; . ,
.
BSD LPD
/etc/printcap BSD LPD
(printcap printer capabilities ).
, ,
( , ,
USB-) ( LPD-
, SMB/CIFS, AppleTalk
). ,
:.
; , , \, ,
.
.
/etc/printcap
. ,
,
Ghostscript, , ,
, Linux.
, ,
. .
1. , . , lp=/dev/lpO ,
/dev/lpO ( ).
,
(, 1=).
rm. LPD. , oak,
9.
229
rm=oak. ,
; , .
( ) IP-.
. , rm.
. ,
InkJet, /etc/printcap
rp=inkjet. ,
. , ,
, InkJet 11
canon. ;
.
, ,
, 1 rm .
,
rm, , .
, , 1,
rm . , ,

. ( , ,
Ghostscript,
.)
LPD-,
. ,
, SMB/CIFS AppleTalk.
, ,
if. Samba Netatalk.
LPRng
LPRng , BSD
LPD. , LPRng
BSD LPD. LPRng /etc/printcap,
, BSD LPD.
LPRng -. ,
, LPRng ,
/etc/lpd. perms.
/etc/lpd.perms
/etc/lpd.perms .
Ipd. perms
(/var/spool/lpd/u*7_ovepedu). , , /etc/Ipd.perms
.
230
II.
Ipd. perms, . #. /etc/hosts . Ipd,

.
.
DEFAULT ACCEPT
DEFAULT REJECT
ACCEPT [ = [,]* ]*
REJECT [ = [, ]* ]*
, . .
. LPRng,
Linux, /etc/lpd.perms
DEFAULT ACCEPT. , BSD LPD
localhost, 127.0.0.1 (. . ,
). , LPRng
, ACCEPT REJECT.
ACCEPT REJECT , . ,
Key . 9.2, , . Connect . Job Spool Job
Print .
Ipq, Iprm 1 , ,
.
( , ,
).
( . 9.2 ).
, NOT. IP- ,
/ .
, , , . ,
/etc/lpd.perms:
ACCEPT SERVlCE=M SAMEHOST SAMEUSER
ACCEPT SERVICE=M SERVER REMOTEUSER=root
REJECT SERVICE=M
, Iprm . SERVICE=M, ,
Iprm.
SERVICE . 9.2. SAMEHOST
SAMEUSER, , ,
, , , .
SERVER REMOTEUSER=root. , , root, . , Iprm. (LPRng
Ipd.perms , , . ACCEPT SERVICE=M
9.2. , Ipd. perms

Key
SERVICE
USER
HOST
GROUP
IP
PORT
REMOTEUSER
REMOTEHOST
REMOTEGROUP
REMOTE IP
CONTROLLINE
PRINTER
FORWARD
SAMEHOST
SAMEUSER
SERVER
Connect
X

IP-

IP-

Job Spool
R
IP-
IP-

Job Print
P
IP-
IP-
Ipq
Iprm
IP-

IP-
IP-
IP-

IP-

232
II.
REJECT SERVICE=M, ACCEPT REJECT.)

, LPRng , .
,
,
. , LPRng
.

. (
25). ,
LPRng. ,
, ,
172.22.0.0/16, , ;
. :
ACCEPT SERVICE=X SERVER
REJECT SERVICE=X NOT REMOTEIP=172.22.0.0/16
,
, . (
, 127.0.0.1, REMOTEIP=127 . 0 . 0 . 1 SERVER ).

, .
, , , 172.22.0.0/16.
, REJECT
ACCEPT ,
.
LPRng-
/etc/printcap LPRng
BSD LPD. , , lp, rm ,
, BSD LPD, LPRng.
,
-. .
BSD LPD LPRng LPD, LPRng BSD LPD . CUPS. , CUPS
, .
CUPS
CUPS, Unix Linux, .
9.
233
BSD LPD ( LPRng),

CUPS , , Linux.
, . CUPS LPD,
LPD, , CUPS. , CUPS IPP,
HTTP, Web- . CUPS , ;
PPD (PostScript Printer
Description);
; . CUPS
,
.
CUPS :
, BSD LPD LPRng.
, CUPS;
.
, ,
KUPS (http://cups.sourceforge.net/kups/) ESP Print Pro (http://www.
easysw. com/printpro/). CUPS , Web-,
http:
//localhost:631.
CUPS
. , , ,_,
_ . , . CUPS
http: //www.cups .org/sam.html.
/etc/cups/cupsd.conf
CUPS /etc/cups/cupsd. conf. CUPS HTTP, Apache ( 20).
CUPS ,
/etc/cups/printers . conf /etc/cups/classes . conf, . Ipadmin, cupsd.conf .
cupsd. conf , , , . ,
.
234
II.
Allow. from, All

None, ( ,
), IP- IP- .
, ,
.
,
Allow. Location.
AuthClass. AuthClass Anonymous ( ), User, System Group. Anonymous , ;
BSD LPD.
. System ,
sys, SystemGroup.
Group, ,
AuthGroupName.
BrowseAddress. CUPS
, , , . BrowseAddress.
IP-, ,
192.168.23.34:631. ( 631 CUPS.)
255.255.255.255:631, . . 631.
BrowseAllow. ,
. BrowseAllow (
from
) , .
.
BrowseDeny. ,
BrowseAllow. " " .
BrowseOrder. BrowseAllow, BrowseDeny,
BrowseOrder .
BrowseOrder Allow, Deny BrowseOrder
Deny, Allow.
Browselnterval.
. 0 .
, BrowseTimeout,
.
BrowsePoll. IP- . ,
.
BrowsePort. 631,
.
9.
235
BrowseTimeout. , , CUPS .
, Browselnterval,
CUPS-.
Browsing. , On O f f , .
On.
Deny. , Allow. , . Deny Location.
HostNameLookups. Off, On
Double. Off , On , Double,
, IP-. Double
,
,
DNS. O f f ; (
DNS).
Listen. Listen,
CUPS , '. .
IP- ( 631). ,
Listen 192 .168 . 23 . 8 : 631 , 192.168.23.8. Listen
; 127.0.0.1.
Location. ; . , Location
Allow Deny, (, , ). Location, , </Location>. <Location> /admin
( ), /classes ( ),
/ j o b s ( ) /printers ().
MaxClients. MaxClients , .
, 100.
Order. ,
BrowseOrder, Allow Deny. Order
236
II.
Allow, Deny , Allow Deny, Order Deny, Allow

.
Port. CUPS 631, ,
. ,
. , Port ,
CUPS BSD LPD .
/etc/cups/cupsd.conf, CUPS, .
CUPS , . , , , , ,
172.22.0.0/16.
<Location /printers>
BrowseAllow from 127.0.0.1
BrowseAllow from 172.22.0.0/16
Allow from 127.0.0.1
Allow from 172.22.0.0/16
</Location>
Location /printers,
. , (
/admin) ( /jobs)
. CUPS, , ( 25).
BSD LPD LPRng

, /etc/
cups/cupsd. conf, , IPP.
BSD LPD, LPRng; LPD. (
IPP LPRng, .) ,
CUPS , LPD. CUPS cups-lpd.
cups-lpd , inetd xinetd ( 4). cups-lpd
/usr/lib/cups/daemon, /etc/inetd. conf :
printer stream tcp nowait Ip /usr/lib/cups/daemon/cups-lpd \
cups-lpd
9.
237
inetd xinetd, 4,
cups-lpd xinetd. CUPS
BSD LPD,
.
CUPS ,
f LPD. , /etc/cups/cupsd. conf .
CUPS ,
.
CUPS
CUPS Ipadmin, . , Web-;
Web- , ,
URL http: //localhost: 631. (
, ,
localhost ,
CUPS.) ,
.
Ipadmin.
# Ipadmin - _ - -v Ipd://./_ \
-m ppdfile.ppd
_ , ,
. , , _
. Ipd, LPD.
Ipd ipp. ( , -v
parallel: /dev/lpO .) - PPD- , CUPS .
PPD; /usr/share/cups/model.
PPD PostScript. PPD http: //www. linuxprinting. org/
driver_list. cgi. Ghostscript,
CUPS-O-Matic Generate CUPS PPD.
PPD, .
,
, , , . ,
, PPD, .
238
II.
File Edit View,, Go
Back
ii HJ$ "
Netscape: Printer on nessus.rodsbooks.com -CUPS v1.t.4

Coitimunicalor
a ,: , A ,*.
ftetoatf - Hos
Search
-a,; '
Netscape
Print ,' Security
Location; v t t p / A e s s u s 1 /printers
Administration
Classes
Help Jobs
Printers
Software
Printer
Default Destination; hpjQ
Description; HP 4000
Location: speaker.rodshooks.cam
printer State: Me accepting jobs.
Oavfe* URI; Ipdy/speaker,ractsbook,eorrv'hp40eQ'
Printer State: Me, accepting jobs.

Device URI: parallel:/dew/IpO
. 9.1. Web- CUPS ,
,
IPP. . LPD.
,
Ipadmin. .
, , -v
.
,
Web. CUPS
HTTP. Web- . 9.1. , URL , ,
631. CUPS . , Do Administration Tasks Manage Printers.
Manage Printers . 9.1.
. , hp4000,
LPD. , lexmark, . Modify Printer, ,
9.
239
, Configure Printer, , .
Linux BSD LPD, , - .

,
Linux. LPRng CUPS.
, CUPS , Web-.
,
. , , 515 631
, ( 515 631
LPD IPP). , ,
. LPRng LPD, a CUPS
IPP.
, . , , ,
. ,
, , , ( ,
).
; , . ,
. ,
,
.

, , . ,
, ,
, .
, .
.

,
. , ,
( " " , ).
, . , , ,
, ,
, , -
10.
241
.
. , Kerberos, , .
, .
, , . , , .
, , , .
, UNIX Linux,
, , .
. , .
,
, .
, ,
. ,
.
NTP
, ,
NTP (Network Time Protocol ),
RFC 1305 ( h t t p : / / w w w . i e t f . o r g / r f c / r f c l 3 0 5 . t x t ) . RFC 958, RFC 1059 RFC 1119.
, . . 2002 , NTP ^ 4,
3 . Web- NTP
http: //www. eecis . udel. edu/~ntp/.NTP
, ,
, , ; ,
, . . , . NTP
, Linux. NTP Linux,
. . ,
NTP,
, .
QV^
NTP, SNTP (Simple NTP
HA^tx NTP). SNTP , NTP.

. ,
242
II.
. . GPS (Global Positioning System

) , .
( ,
http://www.eecis.udel.edu/~ntp/hardware.html.)
,
, 0.
( , ).
, , , 1. ,
Internet, ,
. ,
1, 2 . .
( , ).
, .
.
, ,
, . . , , ,
, ,
.
NTP ( 64 ,
1024 ). NTP , , .
( ) ,
. , NTP ;
, , .
( .)
NTP ( /etc/ntp/drift,
/var/state/ntp. drift ), "" .
, NTP
.
10.
243
1000 , NTP ,
, . NTP
.
NTP ntpdate,
. ntpdate NTP.
NTP, , , . (
,
, NTP .
, .)
, , 2.
1 ,
NTP, . 3
.
NTP,
.
, NTP 3. ,
. - ,
,

1.
.
NTP (Coordinated Universal Time
UTC), (Greenwich Mean Time
GMT) . UTC GMT
. , UTC ,
. UTC , .
UTC . ,
.
, 86, ,
. Linux
, , UTC, , UTC.
Linux, UTC,
.
Linux Windows ( ,
), . ,
. , . ,
244
II.
NTP Linux ,
Linux .
hwclock -systohc -localtime;
. UTC, -localtime
-utc.
Linux
NTP Linux ntp : xntp, xntp3 xntpd. "" (experimental), ,
. , NTP 4,
. Linux 4 NTP,
3.
NTP NTP . .
ntpd. , NTP. (
xntpd.) , , , .
,
. ( .)
ntpdate. , ntpd;
. , ntpdate
. ntpdate .
ntptrace.
.
NTP, , NTP.
.
ntpq. NTP-.
.
xntpdc. NTP. , ntpq.
NTP, Linux
. rdate,
ntpdate; .
rdate ,
. ntpdate. ntpdate
, rdate
.
10.
245
ntp.conf
NTP ntp. conf, /etc. , ,
, #,
NTP. .
server [key ] [version ] [prefer].
, -"
NTP. IP-
. ntp. conf
server, NTP .
. ,
key, , ,
. , . prefer ,
.
fudge stratum . , , 127.127.1.0 ( ) 7 NTP .
,
.
d r i f t f i l e __.
, .
NTP
.
broadcast [key ] [version ] [ttl ].
, .
, (
224.0.1.1). , NTP
.
broadcastclient [yes | no]. NTP ,

NTP.
ntp. conf ,
. , HTML,
/usr/share/doc/xntp-.
ntp. conf, , . server,
246
II.
NTP. . , ,
,
. ,

2. ; http://www.eecis.udel.edu/~mills/ntp/servers.htm.
Web-,
1 2. , . ,
. , , , , "" , ,
.

NTP, ping.
, ping-
.
, , , , . ,
, .
, Internet.
, , , .
GPS , , 1.
. 127.127.0.0/16,
server. Linux. , ,
http: //www.eecis .udel. edu/~ntp/hardware .html.
ntp . conf NTP. SysV ( SysV
4). ntpdate, ntpd ,
. ntpd
, ,
.
, ntpd, .
NTP
xclock,
NTP ntpq. , .
10.
247
. . ntpq .
host 1_. ntpq , . host, NTP . , ntpq, ntpq remote.
threeroomco.com.
hostnames [yes | no]. yes, ntpq, , (
). ,
IP-. -,
ntpq.
ntpversion _. NTP, NTP.
quit. ntpq .
peers. . , .
host,
, ntp. conf. , ,
, , ; ;
;
, ; , .
, , , . + ,
,
; * ,
; " " ,
. , ntpq , .
peers Ipeers ( ) opeers ( ,
).
associations.
. IP-,
, .
lassociations,passociations Ipassociations.
readvar _ _.
. . readvar rv, a mreadvar .
248
II.
ntpq> peers
remote
LOCAL(0)
*cs.calunb1a.edu
caesar.cs.1sc.
ns2.D03.pnap.ne
ntpq> |
refid
st t when poll reach
LOCAL(0)
71
clepsydra.dec. 2 a
ben.cs.n1sc.edu 2 u
navobsl.nustl.e 2 u
47
64 377
638 1024 377
578 1024 377
582 1024 377
delay
0.000
52.667
54.510
60.646
offset
jitter
0.000
-22.793
-24.900
-17.340
0.000
3.686
4.793
4.289
. 10.1. ntpq
NTP-
readlist _. readvar, .
readlist rl, a mreadlist
.
pstatus _. pstatus
. readlist.
writevar _ _. . ,
.
ntpq NTP . ,
. . 10.1 ntpq;
, NTP . ntpq ntpd,
, ( ). , ,
. 10.1. + *
, , ,
. , .
, , ,
, .
, ,
ntpq . , ' - IP-
. (
.
, .)
ntpd
, . , ping? He NTP? (,
UDP, 123.) -
10.
249
? ( ,
.)

, . , 100 100 .
, , .
, .
. -, ,
, . , , 100
100,1 ,
. -, , .
, ,
, . .
'.,''.
,
. , ( "") ( 86
0). ,
, . . "" .
"" , . , , . ( Linux . , Real-Time Linux;
http://fsnuabs.cora/conanunity/.) . :
, Enhanced/.Real Time Clock
.Character, Devices.
,_ ; -. '",-. '
'i,,;/-.-
.' f. - , , . - , . ' - , . _ .
""4 ,
,
. . .
-/, "" / . NTP "",
. , NTP ,

; ' ;_}.
'.,
NTP
,
NTP,
250
II.
, , NTP, .
, , NTP-,
. ntpd,
, , .
NTP. ,
NTP,
, Internet.
NTP .

, ntpd.
UTC . , ntpd
"" . , , , , ,
. , ntpd
.
, "" ( ),
, , Internet. ntpd
ntpdate.
rdate, ntpdate .
NTP
ntpd. ,
ntpdate. NTP
ntpdate . NTP 4
ntpdate.
ntpdate, , .
, . .
-. ntpdate .
,
; ,
. . . ,
, .
-. ,
.
- . NTP
.
- __. ntpdate
, .
10.
251
(
1 8).
-q. -q ,
. , ;
.
-s.
.
-. ntpdate
123.
( 1024).
.
ntpdate , , , , .

-q, ntpdate ,
.
ntpdate
. ntpdate ,
, , , .
ntpdate NTP- ntpd.
,
| ntpdate . -
, , .
ntpdate , 1:23 3:48.
,
,
.
Samba

, NTP ,
Linux. NTP, . SMB/CIFS,
. ( Samba
7.) NTP ,
Samba, , Samba ,
252
II.
NTP Windows-. (Samba

, SMB/CIFS, Windows.)

Samba
, smb. conf, Samba, ,
. [global]
, , . , time server,
. smb. conf :
time server = Yes
, Samba SMB/CIFS .
, ntpdate, rdate . , ,
Samba ,
.
^^
SMB/CIFS ,
^ NTP.
Windows- .
Windows-

Windows, :
:\> NET TI\\SERVER /SET /YES
SERVER NetBIOS- Samba. ntpdate Linux, .

, ,
. . (
, , SETTIME.BAT) Startup.
, , . ( AUTOEXEC. BAT ,
.)
Windows 2000 NTP. NET TIME /SETSNTP:NTP_cepsep
NTP_cepeep. NTP,
.
10.
253

, , ,
, .
, - . , , NTP. , NTP ( ntpd xntpd),
, NTP. NTP
3, 2 ( NTP
1 ).
3 ntpd ntpdate. NTP
, GPS.

- rdate SMB/CIFS, Samba.
NET Windows. NET Windows,
NTP.
11
:
POP IMAP
Internet. . , , , . Linux .
, .
.
,
. (
SMTP 19.) . ,
, ,
.
0^.
HA"^?\
19, , , , ,
, . SMTP Linux, Linux
.
, ,
, , 19.
, .
Linux .
Fetchmail, ,
, .
11. : POP IMAP
255

, . , Linux,
, , . : " , ?" .
.
Linux-, pine, mutt KMail. ,
. , Telnet, SSH (Secure Shell )
X Window. ( 13 14.)
, ,
, . .
.
,
.
, UNIX ,
. , Windows
MacOS. Linux
, X Window. Windows
MacOS. , , Windows MacOS, .
.
IP- , . ,
, .
, ,
.
, , , .

. ,

.
256
II.
POP IMAP
.
,

.
: POP (Post Office Protocol ) IMAP
(Internet Message Access Protocol Internet). , ,
.
. ,
, .

,
. ,
, , . ,
, ( , )
.
.
, (relay). , , . ,
,
. ,
, sammy@threeroomco.com. DNS, ,
mail.threeroomco.com. , , , gingko. threeroomco. com.
, , larch.threeroomco.com.
(,
trilobite.pangaea.edu). (, franklin.pangaea.edu). ,
, (
osgood.pangaea.edu). . , , . 11.1.
SMTP (Simple Mail Transfer Protocol ). , - ,
trilobite.pangaea.edu gingko.threeroomco.com.
gingko. threeroomco. com, , -
257
11. : POP IMAP

trilobite.pangea.edu
franklin.pangea.edu
SMTP
osgood.pangea.edu
SMTP
SMTP
larch.threeroomco.com
ginko.threeroomco.com
mail.threeroomco.com
. 11.1.
, .
,
,
, (
larch. threeroomco. com) . ,
,
, . POP, .
. 11.1 . (
, ). ,
, . 11.1. ,
. . ,
, , , , , , ,
. ,
,
, .
, . , SMTP .
, . , . . , franklin.pangaea.edu SMTP, , -
258
II.
ponyexpress.pangaea.edu (POP ).
ponyexpress.pangaea.edu SMTP, .
, , , , ,
. - ,
. ,
, . ,
.
. , ,
POP . ,
POP ,
POP
.
. "" . ,
,
, . IMAP
(, , ),
.
POP ,
.

, POP, .
, ,
, . ,
,
. ,

, POP, ,
, POP.
POP
POP .
-3, TCP-
110. ( -2 109.) , Internet, POP-
11. : POP IMAP
259
. -3 . USER ( ), PASS
( ), RETR ( ), DELE ( ) QUIT
( ). POP-, , 11.1.
-3
telnet.
.
11.1. -3
$ telnet nessus 110
Trying 192.168.1.3. ..
Connected to nessus.rodsbooks.com.
Escape character is 'A]'.
+OK POPS nessus.rodsbooks.com v7.64 server ready
USER rodsmith
+OK User name accepted, password please
PASS password
+OK Mailbox open, 1 messages
RETR 1
+OK 531 octets
>From rodsmith Wed Aug 8 14:38:46 2001
Return-Path: <ben@pangaea.edu>
Delivered-To: rodsmith@nessus.rodsbooks.com
Received: from speaker.rodsbooks.com (speaker.rodsbooks.com
[192.168.1.1])
by nessus.rodsbooks.com (Postfix) with SMTP id EB2A01A2BD
for <rodsmith@nessus.rodsbooks.com>; Wed, 8 Aug 2001
14:38:26 -0400 (EOT)
Message-Id: <20010808183826.EB2A01A2BD@nessus.rodsbooks.com>
Date: Wed, 8 Aug 2001 14:38:26 -0400 (EDT)
From: ben@pangaea.edu
To: undisclosed-recipients:;
Status:
This is a test message.
DELE 1
+OK Message deleted
QUIT
+OK Sayonara
Connection closed by foreign host.
11.1, POP . ;
260
II.
+ mailbox open, I messages. ( RETR 1) ( DELE 1).

POP :
. ,
. ,
. ( , ) .
, ,
.
11.1, ,>
,>
f
.
From: Return-Path: , benSpangaea. edu. . , Received:,
, , ,
. , , ;
Received:. , speaker. rodsbooks . com nessus . rodsbooks . com.
pangaea. edu .
(MAP
POP, IMAP , IMAP . IMAP,
, , .
; IMAP-4 . (IMAP-4
143.)
IMAP 11.2.
, POP ( 11.1).
, 11.2
IMAP.
11.2. IMAP-4
$ telnet nessus 143
Trying 192.168.1.3. . .
Connected to nessus.rodsbooks.com.
A
Escape character is ' ]'.
* OK nessus.rodsbooks.com IMAP4revl v!2.264.phall server ready
Al LOGIN rodsmith password
Al OK LOGIN completed
A2 SELECT Inbox
* 1 EXISTS
11. : POP IMAP
261
* NO Trying to get mailbox lock from process 29559

* 1 RECENT
* OK [UIDVALIDITY 997295985] UID validity status
* OK [UIDNEXT 4] Predicted next UID
* FLAGS (\Answered \Flagged \Deleted \Draft \Seen)
* OK [ PERMANENTFLAGS (\* \Answered \Flagged \Deleted \Draft \Seen)]
Permanent flags
* OK [UNSEEN 1] first unseen message in /var/spool/mail/rodsmith
A2 OK [READ-WRITE] SELECT completed
A3 FETCH I BODY [HEADER]
* 1 FETCH (BODY [HEADER] {494}
>From rodsmith Wed Aug 8 16:02:47 2001
Return-Path: <ben@pangaea.edu>
Delivered-To : rodsmithdnessus . rodsbooks . com
Received: from speaker.rodsbooks.com (speaker.rodsbooks.com
[192.168.1.1] )
by nessus.rodsbooks.com (Postfix) with SMTP id 2C7121A2BD
for <rodsmith@nessus .rodsbooks .com>; Wed, 8 Aug 2001
16:02:25 -0400 (EOT)
Message-Id: <20010808200225 . 2C7121A2BD@nessus . rodsbooks . com>
Date: Wed, 8 Aug 2001 16:02:25 -0400 (EOT)
From: ben@pangaea.edu
To : undisclosed-recipients : ;
* 1 FETCH (FLAGS (\Recent \Seen))

A3 OK FETCH completed
A4 FETCH 1 BODY [TEXT]
* 1 FETCH (BODY[TEXT] {25}
This is a test message.
)
A4 OK FETCH completed
A5 COPY 1 demos
A5 OK COPY completed
A6 LOGOUT
* BYE nessus.rodsbooks.com IMAP4revl server terminating connection
A6 OK LOGOUT completed
1 1 .2 , POP. IMAP ,
, LOGOUT LOGOUT.
, .
IMAP ( A3 4
).
262
II.
( 2),
( 5). 11.2
. , , FETCH.
IMAP ,
http: //www. ietf. org/rf c/rf c2060 . txt.
IMAP, , ,
. . IMAP ,
- . .
IMAP,
(UW IMAP; http: //www.washington.edu/imap/). . INBOX,
, ,
, /vax/spool/mail/_. IMAP, INBOX.
, . , UW IMAP
.
.
. , , ,
. , , ,
.

, . ,
. POP
,
, . IMAP.
, , ,
. POP , IMAP, , IMAP,
POP.
, , , IMAP,
. POP- INBOX, ,
IMAP. ,
. POP
, , .
11. : POP IMAP
263
POP IMAP , | , . ,
, ,
. POP ,
SSL-.
, ,
. ,
POP IMAP Internet.
, TCP Wrappers
xinetd. , , .
POP
, POP
. , , .
, SMTP. He .
: mbox ( ) maildir
( ). , sendmail, Postfix, and Exim, no
mbox, , qmail, maildir. Postfix, Exim qmail
mbox, maildir. POP ,
SMTP.
POP Linux
POP Linux.
, ,
, SMTP
, , , POP , . , POP.
UW IMAP. IMAP, (http://
www.washington.edu/imap/), POP.
Linux mbox,
SMTP.
Cyrus IMAP. UW IMAP, Cyras IMAP (http://asg.web.cmu.edu/
cyrus/imapd/) IMAP POP. mbox.
nupop. nupop (http://nupop.sourceforge.net)
, ,
.
264
II.
maildir,
qmail.
Courier. Courier (http: / /www. courier-mta. org)
POP, IMAP SMTP. Courier POP IMAP
Courier-IMAP (http://www.inter7.com/courierimap/).
maildir.
QPopper. , (http: //www. eudora. com/
qpopper/) SMTP- qmail. QPopper 3.0
. 4.0
. QPopper mbox. QPopper 4.0 SSL-.
qmail-pop3d. qmail (http: //www.
qmail.org) maildir. SMTP- qmail, qmail-pop3d
POP.
,
POP. http://www.sourceforge.net
POP, , IMAP, SMTP . UW IMAP, Cyrus, QPopper
.
POP
, POP ( 4).
xinetd. He ,
/etc/inetd. conf. POP ,
inetd xinetd. POP , .
.
UW IMAP POP Linux. ,
, .
SMTP , POP . - POP .
, POP, ,
.
IMAP
IMAP ,
POP. , UW IMAP -
11. : POP IMAP
265
Linux, ,
. .
IMAP Linux
, ,
UW IMAP, Cyrus IMAP Courier, IMAP.
2002 . IMAP, .
http: //www. sourcef orge. net. , , Web
IMAP.
Linux, UW IMAP, .
, ,
. ( ;
.
CONFIG, .) Cyras IMAP
. ,
; mbox.
IMAP
Linux UW IMAP, imap. IMAP
. UW IMAP
Linux, ,
, IMAP. IMAP ,
, , .
Fetchmail
Fetchmail .
, , . Fetchmail
; Fetchmail
. Fetchmail , , . f etchmailrc,
. fetchmailconf,
Fetchmail. .
266
II.
"""

. Fetchmail .
Fetchmail
, . , , ,
. , , , , ,
IP- . ,
, .
.
Linux, Internet . Linux,
Internet -, .

, . ,
, POP
. ( , )
;
POP .
, Internet . , ,
, . Internet
; ,
, .
.
, . , , . Linux,
Internet , ,
. ( , .)
,
, ,
.
11. : POP IMAP
267
. , ,
. , ,
, Fetchmail (
) .
POP IMAP. , , , , POP,
IMAP.
Linux POP . IMAP ,
, , IMAP.

'~
>.'",'
- -, . ,
,
, .
, (
, , ). Fetchmail , ,
. ., :
, ,
. .

, . '.. , .
. (, ) '
,
. ,
. , ,
, ,' ?
Internet ,
Fetchmail. . , Fetchmail -;;
ppp-on-dialer, 2. Fetchmail!
, .
interface monitor, . Fetchmail "
.
'
268
II.
.
.
POP, ,
. , , ,
, ,
, . Fetchmail.
Fetchmail,
, . (Fetchmail
, ). Fetchmail , , .
Fetchmail , .
. Fetchmail
, .
, , ,
Fetchmail . . ,
. , Fetchmail .
.
fetchmailconf
Fetchmail . ,
. Fetchmail , . Fetchmail
fetchmailconf, .
. fetchmailrc, fetchmailconf.
Linux fetchmailconf . ,
Fetchmail , . X Window, Tcl/Tk, fetchmailconf
. Fetchmail .
.
1. , xterm
fetchmailconf. Fetchmail Launcher, , , , Fetchmail
.
11. : POP IMAP
269
Fetchmail root,
îy . , , , root, Fetchmail
. ( Fetchmail ,
, root, .) ,
, .
,
Fetchmail ,
.
2. Configure Fetchmail Fetchmail Launcher. Fetchmail Configurator, ,
, . , ,
,
. ,
.
3. Expert Configuration Fetchmail Configurator.
Fetchmail Expert Configurator, . 11.2.
Fetchmail , Poll
Interval ,
(, 1200 20 ). ,
Fetchmail ,
, 0. Postmaster ,
, Fetchmail.
, . , ,
. Help, .
4. Fetchmail Expert Configurator , .
, . , <Enter> Fetchmail Host _
(. 11.3). ,
Fetchmail Expert Configurator New Server.
, ,
.
5. Fetchmail Host _ Protocol,
User Entries for _ Security. Run Controls ,
, (
). Multidrop Options , . -
270
II.
fetch mall expert configurator
Configurator expert centrals
Save
Quit
Help
Fetchmal Run Controls
Interval:
Postmaster: jradsmtth
ft Bounces to senrter?!
j send spam bounces?]
3 Invisible mode?:
ftioms/rodsmlth
Remote Mall Server Configurations

New Server
Edit
Delete
Help
. 11.2. Fetchmail Expert

Configurator
, Fetchmail

. , , , ,
,
.
6. Protocol Fetchmail Host _
. Auto;
, ,
, . Probe for Supported Protocols, ,
, . ,
telnet. telnet 11.1
11.2.
7. , Security, ,
, . Interface to Monitor
, . Fetchmail
, . , IP Range to Check Before Poll,
, , IP- . IP- ,
/; Fetchmail , , . ,
271
11. : POP IMAP
ilMHUHHKFetchmail host nessus.rodsb<x>ks.com)flH|HHHHi

Server options for querying nessus.rodsbooks.corn
O K | Quitj
Help
Multidrop options
Run Controls
Pdfl nessus.rodsbooks.cDm hormally?
Envelope address header: {Received
True name of nessus .rodsboolj
Envelope headers to skip: JO
Cycles to skip between pods: JO
Name prefix to strip:
Server timeout (seconds):
J300
Help
Hew alias:
* auto
pr Enable multidrop DNS lookup 7

DNS aliases
|
Protocol
POPZ v POP3 v APOP
V KPOP v IMAP
On server P port:
ETRN v ODMR
Delete j
|0
j POP3: track 'seen' with client-side UIDUT

Probe for supported protocols j
Domains to be considered local

New domain: [
Help
User entries fornesius.rodsbooks.com

New user:
Delete!
Edit I Delete
Help
\.t
Help
Security
IP range to check before pol: j
Interface to monitor
[
Help
. 11.3. Fetchmail Host _
172.20.0.0/255.255.0.0, Fetchmail
,
172.20.0.0/16.
8. User Entries for _ New User. ,
.
<Enter> Fetchmail User _ Querying _
(. 11.4). ,
.
9. Fetchmail User _ Querying
_ Password Authentication. , , . ,
Local Names , . ,
;
. Forwarding Options
. ,
Fetchmail
. Forwarding Options, Processing
Options Resource Limits ,
. Fetchmail
Suppress Deletion of Messages After Reading Process-
272
II.
i!jHHHHK(Fetchmail user rodsmlth querying nessusjodsbaeksxom]|j||HBI|||HHe^Bi
User options forrodsmlth querying ne3sus.radSDOoks.com
OK j Quit I
Help
Authentication
|
Password:
Processing Options
j Suppress deletion of messages alter reading
j Use SSL?
j Fetch old messages as wel as new
SSL key:
SSL certificate:
j Flush seen messages before retrieval

Rewrite // messages to enable reply
Local names
New name:
J Force CR/LFatendof each Bne
jrodjmlth
'
Delete j
Pj
Help
j Undo MIME armoring on header and body

j Drop status Unas from forwarded messages
j Drop DeHvered-To lines from forwarded messages
Forwarding Options
Listeners to forward to
Resource Umlts
Message sue Droll:
0
Newtstaner: j
Dateta [
j Strip CR from end of each Nne

J Pass 8 bits even though SMTP says 7BIT
Size warning interval:
Max messages to fetch per pel:
Max messages to forward per poi: 0
Append to MAIL FROM line:
Interval between expunges:
Set RCPT To address:
j Me after each poll (IMAP only)
Connection setup command:
Connection wrapup command: |

Local delivery agent:
BSMTP output
ffle:
Listener spam-block codes: J571 550 501

Pass-through properties:
New folder:
Remote folders (IMAP only)

j
IS
Delete [
J UseLMTP?
. 11.4. Fetchmail

ing Options,
Fetchmail. , ,
. Remote Folders IMAP,
Fetchmail , INBOX.
, , Fetchmail | .fetchmailrc. Fetchmail , , 0600
(rw
), ,
. , , , ,
.
10. Fetchmail User _ Querying _
, Fetchmail Host _.
. fetchmailrc, Save
Fetchmail Expert Configurator.
11. : POP IMAP
273
11. , Test
Fetchmail Fetchmail Launcher. Fetchmail , . . , "
, . ,
Fetchmail. ,
Quit.
,
f . ,
Fetchmail , (, ,
,
). (
. 9).
, fetchmailconf, , . ,
.
. Fetchmail. ,
, . f etchmailrc
.
.fetchmailrc
fetchmailconf, , . fetchmailrc.
. , , fetchmailconf.
. fetchmailrc 11.3.
11.3. . fetchmailrc
# Fetchmail file for retrieving mail from mail.abigisp.net
# and imap.asmallisp.com
set postmaster rodsmith
set bouncemail
set daemon 1800
set syslog
poll mail.abigisp.net with proto POPS

user rodericksmith there with password abc!23
is rodsmith here fetchall forcecr
smtphost speaker.rodsbooks.com
poll imap.asmallisp.com with proto IMAP
user rodsmith there with password A1B2C3
is rodsmith here
274
II.
, # , Fetchmail . 11.3 . set

, , Fetchmail Run Controls Fetchmail Expert Configurator
f etchmailconf (. 11.2). . , 11.3 poll,
,
. f etchmailconf Fetchmail Host _ Fetchmail User _
Querying _ (. 11.3 11.4). poll ,
, ,
, .
.
Fetchmail .
, Fetchmail,
. (, ). ,
.
.
set postmaster _.
, ,
. . ,
, postmaster root. (
SMTP postmaster, , . postmaster Fetchmail
SMTP , .)

postmaster _.
set bouncemail. ,
. set bouncemail set no bouncemail,
postmaster, Fetchmail.
set daemon . , Fetchmail
( ).
, Fetchmail , ,
.
set daemon , daemon . Fetchmail daemon 0, ,
, ,
. f etchmailrc .
11. : POP IMAP
275
set logfile _. ,
Fetchmail .
set syslog. Fetchmail , .
. f etchmailrc poll . .
poll
_ - _
server poll.
skip, Fetchmail .
, . f etchmailrc. Fetchmail ,
. ,
, , . (
, .fetchmailrc .) and, with, has, wants options ;
":", ";" ",". , poll
.
.
proto protocol . , , .
, Fetchmail . , . f etchmailrc,
-.
interface /IP-/_. , , Fetchmail
. , ethl , IP- ,
IP-. , ethl/192 .168 .1. /
2 5 5 . 2 5 5 . 2 5 5 . 0 , , Fetchmail , ethl
192.168.1.1 192.168.1.254. -I, .
monitor . Fetchmail, , ,
. Fetchmail ,
, . -.
, .
user , username .
poll. ,
276
II.
,
here, . there
, . - .
pass , password . , . .
is to . . (. . user with pass ).
, here,
, .
there .
smtphost _. Fetchmail , , . .
localhost. , , , .
. , Fetchmail,
localhost . -S, .
keep. Fetchmail . , .
, , . -k,
, keep.
f etchall. Fetchmail ,
. f etchall ,
. -, .
forcecr.
CR/LF ( ). ,
. qmail ;
forcecr.
, Fetchmail
, . , jack j ill
Jill, Fetchmail jill. ,
, , - , (multidrop mode).
11. : POP IMAP
277
, Fetchmail, Procmail, 19. Procmail ,

.
,
SMTP.
, , Internet.
Telnet, SSH
. -3
IMAP-4. IMAP
POP,
. POP.
Fetchmail "" , , ,
. , Fetchmail .
.
12

11 .
, . .
" ", (Usenet) " ".
,
. , ,
. , .

, , , .
, , . , /
, ,
. . ,
,
, , .
, .
^^
^.
, " ". ,
. , ,
, Usenet.
Usenet,
.
12.
279

.
Usenet. Usenet. ,
.
Usenet , ,
.
. , , . , , .
,
, .
. ,
.
,
.
, Usenet
,
. . Usenet
, , .
Usenet
.
, ,
, .
, /var/
| spool/news. Linux , , , /var. ,
, /var /var/spool/news
.
, , , /var/spool/news, ,
.
(, ).
,
, , .
; ,
.
280
II.
Usenet
, , ,
. ,
, , ,
. , , Giganews (http://www.giganews.com), Supernews (http://
www. super news . com) NewsGuy (http: / / www. newsguy. com). , , ,
http: //www. news servers .net. http: //groups .google .com
. Web-.
, Usenet
.

( ),
, , Leafnode, .
, Leafnode, ,
, Usenet. Internet, , ,
; . , , . Leafnode ,
. ,
.
, .
NNTP
NNTP (Network News Transfer Protocol
). , NNTP 119. ,

NNTP. ,
, TCP/IP. NNTP ,
,
.
NNTP , . ,
. (
, .)
. , .
12.
281
, , , . , .
, . , , . ,
comp. os . linux. misc . os . linux. hardware comp.
os. linux, . comp. dcom. modems comp. os . linux. misc comp. os . linux. hardware, rec. arts . s f . dune .
,
Message-Id, . , , . , Usenet. ,
.
NNTP: (push protocol) (pull protocol).
, .
, . , . , , .
. ,
.
, , . ,
, , .
, , . (
,
.) .
, , , , ,
, , .

.
,
. , .
. ,
, , . , ,
( Tiny College),
(Pangaea University). ,
, news . tiny. edu, -
282
II.
pa news . pangaea. edu.

, news . tiny. edu news.pangaea.edu.
, Tiny College ;
news . tiny. edu news . pangaea. edu. Pangaea University, , . .
. , ,
news . pangaea. edu , news . tiny. edu. Tiny
College .
Pangaea University ,
. , ,
.
, .
,
. , , . . .
, , NNTP. ,
. ,
, ,
, .
, .
, , , , .
"",
. ,
, .
INN
, Linux, InterNetNews, INN (http: //www. isc . org/products/
INN/). INN , .
, innd, .
nnrpd .
innxmit, , , nntpsend.
,
.
/etc/news, /var/lib/news
.
INN Linux
inn. 2.2.2 INN,
INN 2.x INN 2.2.2. INN
12.
283
Cleanfeed. Cleanfeed ,
. (
.
, , , ,
, .)

, Usenet, .
, . NNTP
, , . ,
.
.
, , , ,
, . , , Internet ,
, . ,
NewsGuy (http: //www. newsguy. com).
1
%;: '"'"'"

, ^
., .
, , ,;
, . .
, -*
/,* , ,
binary binaries. , ,
alt, ."
, , - (outsourcing),
. NDS
, IP- . ' :, * ,
; , . ;
, , .. ^
,
', .
,
-
284
II.
, . ,
NewsGuy
1200 ,
, Pentium 400, 500 ,
64 . 3 .
, , . ,
, .
, ,
.
INN
INN . , , , . . ,
. ( Usenet-,
, , ,
.)
INN,
(, ,
. .).

/etc/news/inn. conf. :
_:
.
inn. conf, , . ,
, .
organization. . ,
organization,
, .
server. , INN.
, , , ,
. ,
localhost,
.
pathhost. , INN Path. -
12.
285
, . , ,
news.threeroomco.com.
moderatormailer. , . . ,
, .
, , ; .
%s@uunet. uu. net.
domain. , threeroomco.
com. INN.
f romhost. , INN
From, . ,
.
complaints. ,
, , ,
, , , ,
, . . complaints ,
.
inn. conf , , .
,
inn. conf.

inn. conf . : active newsgroups.
, pathdb, inn. conf ( /var/lib/news).
active , .
. .
, , :
_ _ _
, . os .linux.misc.

, .
0000000000 0000000001. ( INN ,
, ,
.
286
II.
- .) ,
. .
. .
, .
. , , , .
. . ,
, .
j . , , , . INN , .
. .
, .
=. . , , , .
.
, , . ,
, Usenet. , , ,
, threeroomco. com,
threeroomco.support, threeroomco.support.bigproduct threeroomco.
accounting. ,
active.
INN _
_ active . _ , , _
. _
; ,
.
newsgroups , active. active, newsgroups .
, . ,
.

, . , , : , .
12.
287
, .
, , .
( , ).

, , , , , , .
/etc/news/newsfeeds. /etc/news/newsfeeds , :
_:[,. . . ] : [ , ...]:
.
, \. , , .

. .
_. , .
,
.
. . , , ,
, (*).
, comp. os . * comp. os.
!, ,
; , .
@, , ,
. , , ! comp. os . linux. comp. os . linux
comp. os . linux. hardware, comp. os .
linux.hardware. @.os .linux
. INN news feeds , comp. os . *, ! comp. os .
linux, INN comp. os, ! comp. os . linux. ,
, comp. os. *
! comp. os. linux.
. ;
, . ,
< ,
, , ,
, ,
288
II.
.
.
. .
, ,
. . news feeds,
, , .
news feeds ,
. , /etc/news/nntpsend. ctl, INN . news feeds, nntpsend. ctl
, , .
.
_: _:_: []
_ ,
news feeds, _ .
_ , ; , 2
. , innxmit, .
.
,
. , ,
, , .
, Internet . ,
, , .
,
INN .
, innd, ,
, , INN. innd , . /etc/news/
incoming. conf, innd,
, .
, incoming. conf,
: . ( peer); . ( .) , ,
. , . incoming.conf ,
, 12.1.
12.
289
12.1. incoming, conf

#
streaming: true
max-connections: 50
# Allow NNTP posting from localhost
peer ME {
hostname: "localhost, 127.0.0.1
# fiveroomco.com
peer fiveroom {
hostname : news . f iveroomco . com
patterns: *, ! threeroomco . *
hostname. ,
. ,
, patterns;
, news feeds. , .
, , incoming. conf.

, . innd , /etc/news/nnrp. access.
, :
_: : 1_?: : _
.
_. IP- . *, . , ,
* . threeroomco. com
threeroomco. com. IP-
IP-/ , 172.20.0.0/16.
.
: R ( ), ( ), N
( NEWNEWS) L ( , ).
.
_?. . , , ,
, . +
, Linux. , ,
290
II.
, "" .
, .
. , .
_. ,
, newsgroups.
. ,
, .
, *.
nnrp. access , . ,
,
.
,
/etc/news/expire. ctl
. , INN. :
: : : __:
. .
, * , . . comp. os . * comp. os.
. , , (),
(U) ().
. Expires,
. ,
, ( ), . , ,
6, Expires , .
. , Expires
7 ,
. ,
. never , . ( never, .
,
.)
__. .
, Expires.
,
. never ,
.
12.
291
. ,
Expires,
. , 10
, Expires 100,
. __,

never.

INN SysV.
, ,
.
innd .
. , . , , crontab-, /etc/cron. d, /etc/cron. interval
, . , , crontab- .
, .
, ,
.
ctlindd, .
ctlindd -h.
Leafnode
INN , .
,
. , Internet. ,
,
,
. - . ,
. INN, . INN
,
,
INN.
292
II.
. Leafnode
(http: //www.leafnode.org).
Leafnode , . NNTPCache (http://www.nntpcache.org), Noffle (http://nof f i e .
sourceforge.net), sn (http://infa.abo.fi/~patrik/sn/) NewsCache (http: //www. inf osys . tuwien. ac. at/NewsCache/).
Leafnode
INN, Leafnode . .
leafnode. , NNTP.
,
.
fetchnews. ,
. ,
.
fetchnews , .
texpire. , Leafnode
/var/spool/news. , .
texpire. .
newsq. ,
, .
Leafnode .
, fetchnews . Leafnode ,

, . , , ,
.
,
.
Leafnode ,
. Leafnode ( ,
fetchnews)
. Leafnode
, , , .
12.
293
, Leafnode , , , , .
. ,
. Internet-
, Leafnode, , . Leafnode , ,
. Leafnode ,
,
,
.
0
2002 . Leafnode 1.9.19.

(2.0) . 2.0
. 1.9.x .
, Leafnode . ,
Leafnode
. 20-25 .
Leafnode, INN .
, Leafnode, , .
, Usenet,
. f etchnews , ,
, .
Leafnode
Leafnode : leafnode,
f etchnews texpire. , , ,
. Leafnode Linux,
.

Leafnode con fig;
/etc/leafnode. , , #. ,
:
-
Leafnode : server
expire. ; Leafnode,
294
II.
, . ,
conf ig, .
server. , , server = news.abigisp.net.
server, .
expire. ( ),
.
username. ,
.
password. ,
.
, . conf ig root, , ,
. , .
port. 119.
.
nodesc. , , .
Leafnode ,
nodesc = 1.
timeout. fetchnews
, .
-.
groupexpire _.
, . . ,
comp. os. linux comp. os .
linux.*.
maxf etch. Leafnode
, .
maxf etch, Leafnode . ,
,
initialfetch. , . initialfetch
, .
12.
295
delaybody. Leafnode , .
maxf etch . Leafnode
. ,
. ,
. 1 delaybody,
,
.
maxcrosspost. .
,
maxcrosspost, . ,
, .
maxage. , Usenet, .
Leafnode , , , .
maxage .
maxlines. maxlines, ,
, ,
. .
minlines. minlines, ,
, ,
. .
maxbytes. , .
.
timeout_short. Leafnode .
.
timeout_long, Leafnode .
.
timeout_active. Leafnode , . ,
. 90 .
filterfile. ,
. (
.) .
296
II.
hostname. .
Leafnode, , .
, ,
.

Leafnode: leafnode, fetchnews texpife.
, -.
leafnode
, leafnode
inetd xinetd. inetd. conf.
nntp stream tcp nowait news /usr/sbin/tcpd /usr/sbin/leafnode
, xinetd,
, leafnode;
/etc/xinetd.d. , inetd xinetd, , Leafnode ,
. , leafnode
, INN .
Leafnode ! .
,
TCP Wrappers.

f etchnews ; ,
. ( , , newsg.) ,
/etc/leafnode/config. ,
f etchnews ,

.
f etchnews .
-v. . v ,
. ,
v (-vvvv). , f etchnews ,
.
12.
297
- . ,

.
-1. , Leafhode . ,
.
-. , ,
, - .
-f. , , , , . (
90 .) .
-. f etchnews , , , ,
.
, , , f etchnews.

f etchnews, fetchnews -. Leafhode 2.0 ,
fetchnews .
Leafnode, , fetchnews. fetchnews

, - ( ppp-on-dialer, 2). fetchnews
, Internet
Internet
, , . ,
fetchnews, , . fetchnews
-, ( Internet).

texpire , ,
, /etc/leaf node/conf ig . ,
. , texpire
. Leafnode , /etc/cron. daily .
298
II.
,
texpire crontab.
, texpire
. ( .)
, ,
, . - , ,
, .
f etchnews, texpire
-v. -f. ,
, , texpire . -f texpire ,
. , -,
tar, .
, ,
. -f.

Leafnode , . , . , , , obnoxious@annoying.edu, , . From. Leafnode "" .
/etc/leafnode/fliters, . /etc/leafnode/fliters . ,
, obnoxious @annoying. edu,
:
From:.*obnoxious@annoying\.edu
, ( From:). .*, , . obnoxious@annoying.edu ,

,
(\).
19.
Leafnode . filter file /etc/ leaf node/

conf ig, .
/etc/leafnode/filters,
.
12.
"
299
.
Usenet , ,
. ,
. ,
, Usenet.
,
. Usenet , INN, Linux.
;
. , ,
, .
, ,
,
. Leafnode.
, , NNTP.
. Leafnode :
Internet.

.
13

,
. , , 10, , ,
15, . , , , (remote login server).

, .

.
.
. , .
- , , pine
mutt, , Vi Emacs . .
,
X Window, KMail Nedit; ,
, 14.
, : rlogind, Telnet SSH. . . ,
rlogind , a SSH
. , rlogind Telnet SSH. ( Kerberos
6.)
13.
301
,
.
Linux .
, , ,
, .
| . , ,
,
POP. , POP ,
. , .
,
. .
,
.
rlogind
rlogind ,
r-.
UNIX. rlogin rlogind in. rJLogind. rlogind
, . ,
rlogind .
rlogind
rlogind . /etc/inetd.conf
rlogind, . , ,
. xinetd,
rlogind, /etc/xinetd.d.
, , ,
. , rlogind, . 4.
rlogind .
302
II.
-. rlogind ,
. -
.
-. , .
-h. rlogind . rhosts . -h , .
-1. .rhosts
. , -h.
-L. , .rhosts hosts.equiv.
-h, -1 -L
| rlogind, Linux
. ,
; .
rlogind
, r-, . , , . ,
rlogind , , rlogind , .
rlogind, Kerberos .
rlogind.
rlogind,
.
1. , . - rlogin
512-1023. , rlogind
. rlogin, , 1024 root.

Linux root. ,
1024 , .
2. DNS, IP .
13.
303
3. , DNS-, , , rlogind -,
IP- . IP- -L -1 , rlogind
~/ . rhosts /etc/hosts . equiv ,
. ,
rlogind .
4. IP-, DNS-, IP-, , , -L -1,
, , rlogind
.
, rlogind . , ,
. , .
, rlogind , . . , - rlogin,
-1, rlogin -I s jones.
rlogind , , . rhosts,
rlogind . , , IP- , ,
, . rhosts .
. , ,
rlogind . rlogind
:
,
.
[rodsmith@nessus rodsmith]$ rlogin speaker
Last login: Mon Aug 12
1 4 : 4 8 : 5 8 2002 from nessus on 4
[rodsmith@speaker rodsmith]$
rlogind , , ,
. rlogind
, .
, , , rlogind.
304
II.
,
. rlogind, Telnet
, SSH .
rlogind
rlogind , , , .
, , . , , ,
. .
/etc/hosts. equiv.
. ,
, , , r-. , ,
. (, j u l i a
f red), .
~/.rhosts.
,
. ,
, . ,
( ).
. rhosts, ,
.
, ~/ . rhosts , ,
|
. ,
rlogind . -
rlogind, TCP Wrappers
.
r- ,
rlogin, rep rsh.
BSD LPD ( 9),
.
, ,
-.
. .
[+(-][_] [_]
+ -, ,
. , ,
+ . -
13.
305
. , , .
+, . | ( ), .
r-.
+ ,
.
IP- (, 192.168.34.56)
(, gingko.threeroomco.com).
, , ,
, gingko.
@, NIS ( NIS
).
,
. .rhosts, , , , . rhosts. , , . rhosts,
julia, :
172.21.13.14 jbrown
jbrown, 172.21.13.14,
j u l i a . ( , ,
jbrown rlogin, -1 julia.)
/etc/hosts . equiv .
, ,
, root. , , /etc/hosts,
equiv, , jbrown, 172.21.13.14, julia,
, root. , /etc/hosts . equiv, . ,
, -.
rlogind
~/.rhosts /etc/hosts .equiv . , .
rlogind inetd xinetd,
TCPWrappers. ,
TCP- 513 (, rlogind).
Telnet
Telnet Internet. Telnet ( , telnet)
306
II.
Linux. , Telnet-, ,
, , Linux, UNIX VMS.
Telnet , rlogind, ,
TCP/IP, . Telnet
Linux, .
Telnet SysV. Telnet , , ,
.
Telnet ,
, rlogind. Telnet, ,
Telnet ,
. , ,
Telnet. Kerberos,
,
Telnet.
, Telnet
Telnet , .
, Telnet, -. , Caldera netkit-telnet, Debian telnetd, Mandrake Red
Hat telnet-server, Slackware tcpipl, SuSE nkitserv TurboLinux
telnet. , telnetd, Debian, Telnet, , telnet
TurboLinux, , . Telnet , ,
. 4 (, Telnet,
telnetd in. telnetd).
Telnet ,
. , Telnet .
, , .
-D _. . , telnetd
. ,
, . options,
report ( ),
netdata ptydata (
).
13.
307
-h. telnetd ,
, . -h
. ,
Telnet,
,
.
-L _. telnetd /bin/login.
.
-. rlogind, telnetd ,
. - .
,
. Telnet- , . , Telnet, , ,

SSH. Kerberos, Telnet,
.
Telnet
telnetd /etc/issue.net . ,
, , . -h, telnetd,
. , , Telnet-. ,
, .
.
, , . , ,
, , .
( ). /etc/issue. ( X Window .
X Window 14.)
/etc/issue. net.
.
, telnetd . . 13.1.
, /etc/issue. net :
308
II.
13.1. , /etc/issue .net
%t
%h
%D
%d
%s
%m
%
%v
%%
(, -
)

NIS ( NIS )

(Linux)
()

( )
%
Welcome to %h.
Current time is %d.
Notice: For authorized users only!
maple. threeroomco. com,
:
$ telnet maple.threeroomco.com
Trying 172.21.32.43...
Connected to maple.threeroomco.com.
Escape character is ' ] ' .
Welcome to maple.threeroomco.com.
Current time is 10:57 on Monday, 12 August 2 0 0 2 .
Notice: For authorized users only!
Linux ( , Caldera, Mandrake
Red Hat) /etc/issue /etc/issue.net . /etc/re. d/rc. local.
, Mandrake 8.1, .
# /etc/issue
# . ,
# /etc/issue, ,
if [ - /usr/bin/linux_logo ];then
/usr/bin/linux_logo -c -n -f > /etc/issue
echo "" /etc/issue
else
> /etc/issue
fi
echo "$R" /etc/issue
echo "Kernel $(uname -r) on $a $SMP$(uname -m) / \1" /etc/issue
if [ "$SECURITY" -le 3 ];then
echo "Welcome to %h" > /etc/issue.net
echo "$R" /etc/issue.net
echo "Kernel $(uname -r) on $a $SMP$(uname -m)"
13.
309
/etc/issue.net
else
echo "Welcome to Mandrake Linux" > /etc/issue.net

echo "
" /etc/issue.net
fi
^^ 7.2 Red Hat issue
HA^fcx issue. net. Caldera 3.1 Mandrake 8.1 - /etc/re. d/rc. local.
,
.
, .
/etc/issue /etc/issue.net,
/etc/re. d/rc. local . , ,
/etc/issue /etc/issue.net,
.
Telnet
, /etc/issue,
net, telnetd /bin/login , -L. /bin/login . (login: Password:).
, /bin/login
, .
Telnet , ,
.
,
. telnetd
-L,
, telnetd. rlogind,
Telnet , . . ,
. ( ,
. Telnet
.)
, Internet
.
, , Telnet,
.
, . ,
, ,
.
, , .
, .
310
II.
, , , .
Telnet su, , .
rlogind , . Telnet
rlogind , , , ,
Telnet , , ,
.
? ,
, . -
, , , . ,
, Telnet. He
Telnet . ,
. su root , Telnet,
. Telnet
, Internet. Telnet,
, , ,
.
SSH
, ,
Linux SSH (Secure Shell ). , , . ,

, , , . (
, . , ,
.)
SSH , . , SSH , ,
, , ,
.
13.
311
2001 SSH
. , SSH (OpenSSH) . , (SSH),
.
, ,
Web- . , , ,
.
SSH
SSH, Linux:
SSH (http://www.ssh.com/products/ssh/), SSH, OpenSSH, (http:
//www.openssh.org). OpenSSH Linux, , Caldera 3.1, Debian 2.2, Mandrake 8.1, Red Hat 7.2, Slackware 7.0 SuSE 7.3.
, , ,
Web- OpenSSH. (
SSH .)
SSH .
^^
^%\
OpenSSH
OpenBSD. OpenSSH . h t t p : / / w w w . o p e n s s h . o r g / p o r t a b l e . h t m l OpenSSH , OpenBSD,
Linux.
.
2001 3.1 SSH.

OpenSSH 3.O.2. 3.0.x
. 3.1 SSH PKI (Public Key Infrastructure ),
, , . SSH
OpenSSH; , SSH
SSH.
SSH OpenSSH , , SSH, ,
. , . SSH , ,
,
SSH, , . ,
SSH 2, SSH 3, SSH 2.
OpenSSH . openssh, SSH,
312
II.
openssh-client openssh-server, .
SSH Telnet, SSH . . SSH http: //www. f reessh. org.
SSH ,
Windows MacOS. SSH
;
.
SSH
SSH , SSH . ,
, ,
. , SSH-
. , SSH-
, ,
X Window. ( X Window 14.)
,
.
,
SSH. (VPN Virtual Private
Network). VPN
HOWTO (http: //www. linuxdoc . org/HOWTO/VPN-HOWTO. html).
SSH
, . ,
SSH scp,
. .
scp [[!]!:]_! \
[[2]2:]_2]
scp , r-,
. scp .
(, FTP),
scp , ,
. ,
.
sf tp, ftp, . FTP , gFTP (http: / / g f tp. seul. org), SSH. , SSH, ,
Telnet FTP.
SSH ( sshd) SSH-
( Linux ssh), scp sftp.
13.
313
.
SSH- 22.
, SSH
, SSH ,
SysV. , . ,
, , , .
, ,
sshd .
-i, .
SSH ,
. , OpenSSH 3.0.2, .
-d. . ,
, . -d (sshd
d), .
-D. , , -d,
.
-. , , sshd,
,
.
-f _. /etc/ssh/sshd_conf ig,
.
-1. , (inetd xinetd). sshd
, .
- . . 22.
-q. . ( ,
.)
-4. sshd , IPv4, IPv6.
, sshd ,
IPv4.
-6. , IPv6.
314
II.
sshd , .
, sshd.
sshd , . SSH .
SysV, , ,
. ,
:
# ssh-keygen -q -t rsal -f /etc/ssh/ssh_host_key -C '' -N ' '
# ssh-keygen -q -t rsa -f /etc/ssh/ssh_host_rsa_key -C ' ' -N ''
# ssh-keygeri -q -t dsa -f /etc/ssh/ssh_host_dsa_key -C " -N ' '
*.
: , , (private key), , , ,
(public key). , , . , , . pub. : (ssh_host_key, ssh_host_key.pub, ssh_host_rsa_key,
ssh_host_rsa_key.pub, ssh_host_dsa_key ssh_host_dsa_key.pub ( /etc/ssh).
, , . ,
.
sshd_config
sshd sshd_config, /etc/ssh. (He sshd_conf ig ssh_conf ig, .)
sshd_conf ig .
:

, , #, . sshd_config
, sshd, . , ,
,
, PermitRootLogin. ,
sshd_conf ig, .
Port. .
22.
HostKey. , . , -
13.
315
.
/etc/ssh/ssh_host_ke. .
KeyRegenerationlnterval. SSH- , .
, -
. ( , , ,
. , ,
.) ( )
. .
PermitRootLogin. yes . sshd
root . , , , ,
, ( root).
PermitRootLogin ,
, root su.
IgnoreRhosts. yes ,
sshd ~/.rhosts.
IgnoreRhosts
RhostsAuthentication yes, sshd, rlogind, .

IgnoreRhosts .
RhostsAuthentication.
SSH : IgnoreRhosts RhostsAuthentication.
RhostsAuthentication , .
.
RSAAuthentication. 1 SSH ,
. .
, yes
RSAAuthentication ( ).
PubkeyAuthentication. ,
RSAAuthentication, 2 SSH.
PasswordAuthentication. yes , . ,
PasswordAuthentication, .
316
II.
XII Forwarding. , SSH

-. ,
, . yes XllForwarding , SSH
X Window. SSH. ForwardXll;
/etc/ssh/ssh_config.
SSH .
,
, .
, SSH-, , , ,
, . , sshd.
SSH-
SSH
. . .
, . .
, .

.
, SSH, . ,
; , , ,
, .
, SSH-
SSH .
. .
1. , , RhostsAuthentication
IgnoreRhosts . , ; .
2. , RSA-.
.
3. RSA-, . -
13.
317
,
. ,
. ,
, .
4. , .
.
, , /etc/ssh
. SSH-
.
~ / . s s h , .
SSH ,
. ( ,
.)
, ssh ,
:
@(a@@(a@@@@@@(ag@@@@(ag@@(a@@@@@@@@@@@@@@(a@@@(a(a@@@@g@@@@@@@@(a@@@
@ WARNING:
REMOTE HOST IDENTIFICATION HAS CHANGED!
@@@@@@@g@@@@@@@@@@@@@@@@@@@@@@@@@@g@@@@@@@@@@@@@@@g@@@@@@g@
IT
IS
POSSIBLE
THAT
SOMEONE
IS
DOING
SOMETHING NASTY!
,
.
, , ,
~ / . ssh/known_hosts ~/ . ssh/known_hosts2 (
).
telnetd, sshd /bin/login; sshd . ( , sshd login,
UseLogin sshd_conf ig.) , sshd telnetd login. login
, sshd .

. ~ / . ssh. ,
SSH .
,
.

; . ,
.
1. , SSH-.
318
II.
2. , 2 SSH.
; .
$ ssh-keygen -q -t rsa -f ~/.ssh/id_rsa -C ' ' -N ''
-N ' ', ssh-keygen .

" <Enter> - ,'
.

.
3. ~/id_rsa.pub . (
. ,
, .pub.)
scp.
$ scp ~/.ssh/id_rsa.pub server:.ssh/id_rsa.client
4. . ssh,
.
5. ~/ . ssh . , ,
id_rsa. client.
6. authorized_keys2. :
$ cat id_rsa.client authorized_keys2
,
SSH 2. ,
- . -2 SSH- ,
2 SSH.
$ ssh -2 server
,
f , .
,
. SSH . IP-,
, , ,
( rlogind ).
, , ,
, . ,
( , ), SSH
.
RS - SSH 1,
.
, , .
13.
319
. 2 -t rsa -f ~/.ssh/id_rsa -t rsal -f

~/. ssh/identity. RSA 1.
.
. 6 identity.pub authorized_keys2,
authorized_keys.
, ssh, -2.
, . , RSAAuthentication ( 1) PubkeyAuthentication
( 2), /etc/ssh/sshd_conf ig.
, SSH- ,
.

.
ssh-agent
SSH- ,
ssh-agent. ssh-agent SSH- , .
ssh-agent , .
1. , ,
SSH. ssh-keygen -N '',
.
2. , SSH, ssh-agent /bin/bash,
ssh-agent Bash. ssh-agent , . (
Bash .)
3. RSA- SSH ssh-agent,
ssh-add ~/. ssh/id_rsa. ( 1 SSH ~/ . ssh/
id_rsa .) , ssh-add .
SSH SSH-; , . ssh-agent
, SSH ssh-agent .
, ssh-agent, ssh-agent
, , ,
ssh, ssh-agent.
, , ssh ssh-agent
320
ssh-add, , . ssh-agent ,
. ,
ssh-agent.
/etc/passwd , ssh-agent. , /etc/passwd
/bin/bash, /usr/bin/ssh-agent
/bin/bash. ( ssh-agent
.)
ssh-agent /bin/bash; , ssh-add ~/ . ssh/id_rsa ssh
. , .
, xterm
ssh-agent, .
X Window
startx, ssh-agent startx.
ssh-agent X Window .
,
.xsession ( )
. xsession-nosshagent, . xsession,
ssh-agent ~/ .xsession-nosshagent.
ssh-agent
X Window, , ssh-add, SSH .
ssh-agent
, ssh-add -1.
ssh-add -d. ssh-add -d SSH-, ( ).
ssh-agent , SSH
. , ssh-agent.
,

. ,
, ,
ssh-agent.
13.
321
.
, , ,
.
Linux
rlogind, Telnet SSH. SSH,
Internet. (
Telnet, , .) rlogind Telnet
, . ,
, Internet, ,
. . , , ,
, . SSH, .
14

X Window
VNC
13 rlogind, Telnet SSH.

, ,
Linux , . Linux ( UNIX)
, - ,
.
, .
, , rlogind, Telnet SSH, ,
The GIMP, Netscape Navigator StarOffice. ( , Emacs,
, ,
, .)
, ,
.
Linux X Window.
Linux, , ,
, ,
.
X Window, VNC (Virtual Network Computing ),
X Window, .
.
14. X Window VNC
323
,

, ,
,
, . , ,
, ,
. , , StarOffice, The GIMP, KMail .
, , .
, .
.
. -,
. ( .)
.
.
.
. ,
X- ,
X Window.
. ,
. ,
. ,
. ,
,
.
.
, . , .
,
. , .
, , -.
.

. . , , , .
324
II.
,
.
.
,
.
.
,
. , ,
.

, , . ,
, .
, . , .
, ,
. ,
Internet .
100

, . , , ,
, ,
. , .
( VNC ; ,
. SSH ,
, .)

X Window
, X Window, Linux. , X Window
. - , , ,
. ,
.
14. X Window VNC
325
X Window
, , , .
. ,
, . ,
, , , . X Window
; X Window -. , X Window,
. - X Window, ,
, ,
-.
, ,
.
, , . - .
WordPerfect NFS. WordPerfect
, NFS. WordPerfect , . . NFS , ,
. ( NFS Linux, WordPerfect .) NFS
, .
, WordPerfect X Window. ,
X Window ,
. WordPerfect X Window
, - . ,
, .
X Window . 14.1.
X Window ( ). - -;

. 14.1. X Window ,
326
II.
, (
15). - , ..
VNC ,
X Window. VNC
. ,
, . , .
-, . VNC
. SSH
, X Window " "
, .
; {
*/1/-""\ ,*'"'"!;'':~, IM^\ ""^\
", X Window, Linux UNIX,
| ? ^ / . -;'
t/'4''' Windows,"OS/2 MacbS,
" ^ -.'
^ J:XFree86 ^(http: //xfree86.cygwin. com Windows, http: // ,
j,a.is.gmd,cie7~veit/os2/xf86os2.html OS/2 http://mrcla, com/ ',
, XpnX/ MacOS X), MI/X Windows MacOS Classic (http://www.
microimiges."com/freestuf/mix/), Exceed 'Windows (http://wwwf
lhci;%om/products/nc/exceed/), Xmanager i- Windows (http://www.
H^!esarang4.'!cpm'/products/xmanager.html) Xtools ' MacOS X (http: .
//www. tenon, com/piroducts/xtools/). : . , , Windows -%
, Linux,
; X Window, Http://www.microimages.com/mix/prices. htm,
Y" ', ;
, , -. X Window, , . X-
\ -. X- > , Network Computing Devices (NCD; http: / /www, ncd. com) Hewlett
? Packard (http://www,.hp.com). , , , TFTR (Trivial File Transfer Protocol -r
); . TFTP >
, X-.)
, X- , , ^ ,
; , -,
. X- .
Linux -,
. ,
.
' ,
"
*,- '^ * 'V '* ^ " ""
>'
14. X Window VNC
327
Linux -.
.
, X Window, . . , - (. 14.1), -. - Linux
-, . ,
, .
-,
; X Window , .
, Qt GTK+.
, RPM Debian, ,
.
- , ,
, - X Window. -
, , ,
. - -.
- , - , .
- -
, X Window .
Linux
X-; ,
, . ,
Linux - , , .
: xhost xauth.
xhost
xhost
-. ,
xterm , , :
$ xhost +biggie.threeroomco.com
- , biggie. threeroomco. com. ,
, - ,
, , .
( xhost +), - .
328
II.
^.
- Windows, MacOS ,
^ \ . Linux
xhost +.
xhost ,
, . ,
xhost , . ,
.
- , .
-
xauth.
xauth
xauth , .
X Window,
. xauth
, xhost, .
xauth . Xauthority, . ,
. , xauth .
Linux, .Xauthority . xauth. xauth ,
. .Xauthority . X ,
. ( . Xauthority ,
, -.
. Xauthority.) - -,
.Xauthority .Xauthority
.
. .
1. , X Window, xauth.
xauth , . xauth
-, .
2. list. ,
.Xauthority. ,
, , term, threeroomco. com: 0. /unix, , list
localhost. .
0. ,
-,
. ?
14. X Window VNC
329
, , 0.
(,
MIT-MAGIC-COOKIE-1) 32- .
, .
3. extract _ -.
, ,
. , extract xfer-auth term.
threeroomco.com: 0. .Xauthority
.
.
4. exit, xauth.
5. , extract,
( , , ). :
FTP NFS, . .
6. , -.
7. xauth, xauth .
8. merge _.
, extract
. (, .)
9. list. , , -, .
, , - .
10. exit, xauth
. (, xauth quit,
. quit ,
.)
SSH, .
A
# xauth list _ :0 | sed -e ' s / /add /' | ssh \

_ - xauth
xauth , sed add , , xauth
-. .
_ , ,
, -.
330
II.
add (/) .
xauth ,
add .
SSH ,
.
- -, ,
, , - (
). X Window . Xauthority , .
xauth ,
, ,
xhost. , xauth
. - , IP-.
.
Internet,
-.
X Window ,
SSH-. - SSH
.
- xauth.
, - XDM, GDM . -
startx, xauth .
startx ( /usr/XHR6/bin) ,
-auth _; .Xauthority, . startx .
- -
, xhost xauth, -. , ,
term.threeroomco.com, biggie. threeroomco. com ,
wrongone. threeroomco. com X-, .
Linux ,
, -.
- DISPLAY , - .
, , -,
:
$ echo $DISPLAY
14. X Window VNC
331
biggie.threeroomco.com:0.
( biggie.
threeroomco.com: 0. 0) ,
. ( 0 0.0;
.) DISPLAY -
,
. :
$ export DISPLAY=term.threeroomco.com:0
, -. - .
, - -, . .
xhost, xauj.li .
- SSH
, , ,
- , . , , -, , , telnet. -,
- -. ,
, xclock, ( xclock) . ,
. , - .
, ,
.
, ,
, X Window
. SSH. - -, ,
.
, SSH,
13. X Window SSH
, SSH.
/etc/ssh/ssh_conf ig SSH
( , -)
yes ForwardXll.
, ssh -X. ( ; - ,
.)
/etc/ssh/sshd_conf ig , SSH ( -),
332
II.
XllForwarding yes. SSH

, -
SSH-.
- SSH "" -.
, SSH DISPLAY , X
- ( - 10, TCP- 6010).
SSH. , SSH SSH. , ,
- (
DISPLAY ), , ,
SSH, -. , SSH " " -, SSH ""
X Window.
-.
, . -
, NAT-, SSH, , Telnet
. , SSH .
,
. - SSH . ,
, SSH .
- - . SSH 200 ,
.
, . ,
, .
,
.
, Linux UNIX. - Windows,
MacOS, OS/2 , ,
SSH -. SSH , .
, SSH.
-
-. ,
. .
.
14. X Window VNC
333
1. -. Linux, -
. - startx. Windows, MacOS
- .
2. - . - , X Window ,

. , xhost , -, xauth .
SSH , ,
, ,
SSH SSH.
3. -. , -,
, Telnet SSH. , X Window.
4. - -. ,
-, -
DISPLAY.
, , : export DISPLAY=term.
threeroomco.com:0.
5. -. -,
, .
, xterm,
.
,
, 2 4, . Windows MacOS
. , - Telnet
. xterm. ,
- xterm. - .
-. , ,
- . . , , ,
X Window . - ;
334
II.

, , ,
-, -. ; , -
, .
, Telnet, SSH ,
.
, X Window. XDMCP (X Display Manager Control Protocol X). Linux ,
XDMCP ( XDMCP
, -), , ,
, XDMCP .
, XDMCP ( , -). Linux
XDMCP, X , XDMCP ,
.
XDMCP
-, , Telnet. Telnet , -;
, -
. XDMCP Telnet, SSH
, . Telnet, Telnet
. XDMCP , XDMCP
X Window;
, . -; XDMCP
, xauth.
, XDMCP .
XDMCP -.
Linux - .
. 14.2.
XDMCP.
14. X Window VNC
335
Welcome to nesstis
ft
book
julia
rodsmith
Login:
root
Pas*yordJ j
Session Type:
. 14.2.
.
, ,

XDMCP ,
/etc /etc/Xll. , , . XDMCP-,
. , XDMCP. Linux XDMCP: X
Display Manager (XDM) KDM (KDE Display Manager) GDM
(GNOME Display Manager).
XDM
XDM XDMCP;
. GDM KDM, XDM Linux. , , .
.xsession, . (
Xsession, / e t c / X l l /etc/Xll/xdm.)
.xsession, ,
, .
( , , ) - XDM , XDM
.
336
II.
XDM
XDM
/etc/Xll/xdm/xdm-conf ig.
:
DisplayManager.requestPort: 0
XDM ,
UDP- 177. , XDMCP, (
#).
xdm-conf ig, , /etc/Xll/xdm/Xaccess. ,
XDM. ,
. ,
. ( # .)
, . CHOOSER , BROADCAST,
CHOOSER, , XDMCP .
*, , XDM. ,

.
*
* CHOOSER BROADCAST
, ,
* . ;
, . , threeroomco. com,
. ,
.
*.threeroomco.com
bronto.pangaea.edu
stego.pangaea.edu
bronto.pangaea.edu CHOOSER BROADCAST
stego.pangaea.edu CHOOSER BROADCAST
^^
XDMCP ,
%\ XDM.
.

/etc/Xll/xdm/Xservers , XDM. XDM
.
14. X Window VNC
337
(
):
:0 local /usr/XHR6/bin/X
, (:0).
XDM -. , XDM
,
, :
term.threeroomco.com:0 foreign
foreign , .
, XDMCP . Xservers,
local. ,
- XDM. , X. -,
-.
, X ^" , XDM. , , X-
.

KDM XDM. , KDM , Session Type,
, Quit ( Shutdown),
- ( ) ( ). ,
KDM, . 14.2.
, XDM, , ,
KDM. , KDM
XDM. kdmrc, . /opt/kde2/share/conf ig /usr/share/conf ig.
, . SessionTypes.
, .
, Xsession
Xsession.d, /etc/Xll /etc/Xll/xdm. ,
, ,
.
SESSION . chksession,
KDM GDM. ,
338
II.

.
, . xsession, .
,
KDM Default.
GDM
, GDM , . , KDM, GDM , /etc/Xll/gdm.
gdm. conf.
, XDMCP, ,
GDM, ,
. , [xdmcp] gdm.conf. =0 =1.
, GDM X- ,
XDMCP, Honorlndirect=0 Honorlndirect=l.
, GDM , -
, ,
[ servers ]. , :
0=/usr/bin/Xll/X
GDM , - ( /usr/bin/Xll/X) -.
, GDM -.
, GDM
. ( GDM Session.)
/etc/Xll/gdm/
Sessions. /etc/Xll/xdm/Xsession.
,
,
.
.xsession.
XDMCP
XDMCP,
X Window .
5, . , SuSE, 7.2, 3, Slackware
4. Debian , ,
X Window , .
/etc/
inittab, :
id:5 rinitdefault:
14. X Window VNC
339
, . ;
.
X Window, XDMCP .
telinit. ,
telinit 5 5.
telinit .
XDMCP, , .
, , , , -.
telinit. , XDMCP, kill
killall, . XDMCP ,
SIGHUP; .
XDMCP,
.
XDMCP, Linux, .
prefdm. Linux, , Red
Hat Mandrake, XDMCP
prefdm ( /etc/Xll).
XDMCP /etc/sysconfig/desktop.
KDE, GNOME AnotherLevel,
XDMCP- KDM, GDM XDM.
SysV. Debian , ,
XDMCP SysV, /etc/
init.d/xdm. , XDMCP.
SuSE, XDMCP, xdm, DISPLAYMANAGER,
/etc/re.config.
. XDMCP Slackware /etc/re, d/rc. 4. 4, Slackware
, . 4
, xdm Debian SuSE. Caldera
, /etc/re. d/rc. gui.
Slackware ,
KDM, GDM, XDM. Caldera
. ,
.
340
II.

, XDMCP- ;
, . , XDMCP -. XDMCP XDMCP,
-. (- Windows,
, . 14.3.)
Connect ( ), , . 14.2.
- . -,
.
-, Windows
MacOS, , XDMCP. , -, Windows, . 14.4.
, . , XDMCP, -, XDMCP. .
.
Do Not Use XDM (Passive). , - Telnet
XDMCP
- ( foreign,
/etc/Xll/xdm/Xservers). XDMCP
, -, .
-,
XDMCP.
XDM Query. , - , IP- .
XDMCP, , -
leeldiodsbooks.com (192.163.1.21 [Available (toad: 0.00.0.00,0.00)
. 14.3. XDMCP ,
-
14. X Window VNC
341
input
Put. 14.4. XDMCP

XDMCP
. 14.2. ,
. XDM Query - XDMCP.
, , XDMCP -.
XDM Broadcast. , -. - , XDMCP
, . 14.3. (
Register Hosts to Search, . 14.4).
XDM Indirect. , , ,
. IP- XDMCP ; X .
XDMCP .
XDMCP X, Windows. To
XFree86, Linux. , . -query _,
-broadcast -indirect. - .
$ /usr/XHR6/bin/X -indirect xdmcp-server.threeroomco.com
, - Windows,
. -broadcast
342
II.
; XDMCP,
.
Linux
X-. , - XDMCP.
, -
: -query, -broadcast -indirect.
,
XDMCP , ,
- -indirect. , X 386.

VNC
X Window Linux. X Window
, .
X Window , .
VNC. VNC X Window,
. VNC -.
.
VNC
,
.
,
. VNC,
, ,
, VNC, VNC.
X Window, , ,
, VNC . - , , ,
-, -? , VNC
, . , VNC, -,
- . -
VNC , - -, , VNC
VNC, . . 14.5 , VNC.
14. X Window VNC
343
'
'
VNC-
. 14.5. VNC - VNC. , , -

,
- -,
.
-, VNC, , VNC . , VNC -,
, VNC , ,
, VNC, .
, , ,
. . , VNC
; , , . (,
, VNC XDMCP.)
344
II.
VNC , Telnet, , XDMCP

- SSH. VNC , . , VNC
, Internet.
X Window . X - ; , .
X Window .
X Window, VNC . VNC ,
. , VNC X. , , - , -
. VNC, , .
,
. ,
. VNC , ; ,
X Window, .
, VNC, ,
VNC, , TightVNC (http: //www. tightvnc. com) TridiaVNC
(http: //Www. developvn. org). , TightVNC TridiaVNC ,
. VNC SSH. ,
, .
VNC X Window , VNC Windows MacOS. VNC
- VNC.
VNC Windows MacOS , , VNC Linux,
, .
VNC, Windows MacOS, , VNC Linux. Windows MacOS VNC
,
.
VNC
, VNC, Web- VNC http:
/ / w w w . u k . research, att. com/vnc/. VNC -
14. X Window VNC
345
Linux (VNC ). ,
( vnc), ( vncserver vnc).
Tight VNC TridiaVNC ,
.
VNC Linux , , VNC
(, 3.3.3r2 VNC).
1. , tar xvfz vnc-3 . 3 . 3r2_x86_linux_2 . .
tgz. vnc_x86_linux_2 . 0.
2. vncviewer, vncserver, vncpasswd, vncconnect Xvnc
, PATH.
-: vnc_x86_linux_2 .
(, /opt)
PATH. ,
.
3. , VNC, .vnc. .
,
. ,
700 (rwX
).
4. , VNC, vncpasswd.
, vncpasswd .
, VNC
, Linux. ( VNC
XDMCP, Linux,
. 3 4 .)
,
VNC. VNC Java-.
VNC Web, Java. Java classes.
README.
VNC
VNC, , .
, , VNC ,
.
:
$ vncserver
346
II.
New ' X ' desktop is vncserv.threeroomco.com:!

Starting applications specified in /home/rodsmith/.vnc/xstartup
Log file is /home/rodsmith/.vnc/vncserv.threeroomco.com:!.log
, ;
. 1 ,
(vncserv. threeroomco. com: 1).
VNC - ( Xvnc). -
, startx; . VNC
, , . -. 0 X, , VNC, ,
1. VNC 2, 3
. .
SSH
f VNC, , , , VNC, ( ) .
, .
, SSH xauth -.
, vncserver export XAUTHORITY=~/ .Xauthority, .
, , SSH.
VNC, ,
-kill:
$ vncserver -kill :1
VNC; vncserver. VNC ,
.
, , .
, , ,
VNC, , .
YNC

, VNC Linux,
vncviewer. , ,
VNC .
$ vncviewer vncserv.threeroomco.com:!
VNC server supports protocol version 3.3 (viewer 3.3)
Password:
14. X Window VNC
347
. VNC
, , , , . - , , Linux.
, VNC .
, VNC
0, Linux , X. VNC,
Windows MacOS. , VNC
, .
, Windows MacOS,
VNC Linux.
, VNC (, vncserv. threeroomco. com: 1).
, ,
VNC.
VNC
VNC , . ,
, NEdit (http: //www. nedit.
org) VNC. NEdit , . .
. , , ,
. VNC. VNC ,
, , .

, VNC, Xvnc.
- ( -) VNC
( VNC). , , ,
VNC Xvnc . ,
vncserver, VNC.
vncserver Perl; ,
VNC, . ,
, , .
, . vncserver , , ,
SGetXDisplayDefaults ( ) .
, . ,
, #,
. , ,
SGetXDisplayDef aults ( ) .
348
II.
. Xvnc . , $geometry. ,
900 675, :
$geometry = "900x675";
VNC VNC ,
, .
.
,
.
. nepeM6HHyro$depth, , . 16 , , , ,
. VNC;
16- .
, , .
, . , , . Add font path and color database s t u f f here.
-fp $cmd, Xvnc.
VNC .
15.
, . vncserver, ,
$def aultXStartup, . vncserver
. twm, . ,
, twm
, startkde, sawmill icewrn. ,
vncserver, ,
.
.
Perl, ,
, , , .
, Xvnc;
$cmd. , , . Xvnc -help &> Xvnc-help.txt
Xvnc-help. txt, Xvnc.
14. X Window VNC
349
vncserver,
. ,
.
vncserver, , . ,
Debian. , , vncserver. . , Debian
$ f ontpath.

VNC vncserver.
, .
VNC.
, .
. vncserver
, , . , -geometry __
.
Xvnc.
.
VNC
~/ . vnc/xstartup. xterm.
, X Window.
. , Debian
/etc/Xll/Xsession, , , ~ / . xsession.
,
. , . ,
-geometry vncserver,
, . : vncserver - VNC,
.
XDMCP VNC
VNC : , VNC, ,
, . .
VNC - XDMCP .
.
350
II.
-, VNC - XDMCP . , ,
VNC - -query _.
xinetd, :
service vnc
{
disable = no
socket_type = stream
protocol = tcp
wait = no
user = nobody
server = / u s r / l o c a l / b i n / X v n c
server_args = -inetd -query vncserv -once
}
. ,
-inetd Xvnc , , -query
vncserv , vncserv. -once , , ;
, , VNC
. Xvnc, -geometry
-fp. , /etc/services .
vnc 5900/tcp
VNC 5900-5999, 58005899 Web- ( Java-). 5900 0, 5901 1 . .
, XDMCP VNC 0. , XDMCP
, -query. , -
. , 0
800 600, 1 1024 768 . .
/etc/services :
. VNC
XDMCP. (,
VNC-, .)
VNC
, .
, VNC XDMCP XDMCP -.
. .
VNC . ,
; , .
14. X Window VNC
351
VNC -
VNC. VNC , , - Windows MacOS
.
VNC .
- VNC, ,
, X.
VNC
X Window, VNC
X Window .

. 14.1 , . ,

. , VNC- .
SSH, , , ,
.
, , ?
. X Window Linux UNIX .
, X Window , .
X Window Linux Windows MacOS, -
, . VNC
, , ( X Window, - ,
, - ). VNC
, . X Window,
.
14.1. ,
SSH-

(

)
XDMCP.
VNC XDMCP
VNC
14. X Window VNC
353
. ,
, ,

. Linux X Window,
.
X Window : - , , XDMCP .
VNC. ,
.
15

, .
-. , "" . "", ,
. "" .
( , ), . , ;
. .
Web-, ,
. , ,
. ,
, .
Linux
.
, .
, . .
,
.
, Linux, ,
X Window.
. .

, X Window,
, . XFree86 FontPath.
15.
355
XF86Config, /etc
/etc/Xl 1. - . 1990- Linux
. . ,
.
- , ,
. , - ,
. , , XFree86 4.0,
TrueType. XFree86 , , ,
. TrueType
, XFree86. TrueType
XFree86 , ,
. , , Multiple Master, .
, ,
, . ,
,
. ,
. ;
,
.
.
, , , , -, ,
. ,
. -
, , .
, WYSIWYG (what-you-see-is-what-you-get).

.
.
; f , ,
. .
, . ,
, ; ,
.
356
II.

: (
). . ,
Linux, .
.

,
( ), ,
. .
-
, , .
,
X Window . (
, ,
, .) .
. .
. 15.1, . , , ,
. ( , ) .
, , .
. ;
. (
. . g, j , p, q . , . 15.1
, .)
, .
.
, .
(dpi
dots per inch), . . , .
, .
72 120 dpi,
, , 144-1200 dpi. ( ,
144, ; ,
15.
357
. 15.1. ,
,
, .)
, , 1200 dpi.

,
.
. 1980- . . ,
.
( ).
9-14 . . , , ,
12 144 dpi.
358
II.

, ,
, .
(, 12 10 ),
.
, , .
. 1980- , , ,
, 1990-

.
.
.
X Window SNF (Server Normal Format ),
. , X Window PCF (Portable Compiled Font ). BDF
(Bitmap Distribution Format ) X Window, - ,
BDF PCF.
. Linux,
.
^^
^\
XFree86 PCF-, gzip.

. PCF- .pcf .gz. X, .
, Linux, X Window. .
, Packed Font ( . pk).
,
, ,
Packed Font, .

, , , .
, .
,
(, ), , , ,
15.
359
15.1. , . 15.1
. .

10000
10000
20000
20000

10000
60000
60000
40000
, . ,
, .
,
. . 15.1. 8 x 8 , 80000 80000,
, . 15.1.
.
, .
, . , .
. , .
(hint).
, .
, ,
, , .
, , . ,
, . ,
.
,
, . , ,
, ,
. .
,
(. . ) .
. , ,
, ,
.
360
II.
. Bitstream Speedo, Adobe Type 1, Type 3, Type 5, Type 42 Apple

TrueType. ( Type 42 TrueType, PostScript-.)
, ,
. ,
. , ,
. , ,
, .
Linux ( , XFree86) Speedo
Adobe 1. Speedo , 1 ; -
Internet. , 1 Linux. Windows
MacOS TrueType , 1. , TrueType Windows. ,
TrueType , 1,
, .
TrueType
, 1.
Microsoft TrueType, . Web- http://www.microsoft.com/typography/

fontpack/. ,
Windows 3.1, Linux.
( Windows) zip-; Linux unzip. .
Web- , ,
, , , ,
Web-.
XFree86, 4.0, TrueType , . TrueType

X Window, TrueType .
X Window , .
, , . Ghostscript (PostScript-
, PostScript) :
Ghostscript 1, TrueType.
15.
361
. , ,
.
xf s, XFree86,
. - , , .
, .
, . XFree86 xf s,
, ,
. . ,
, -,
.
, Linux
Linux xf s, XFree86. X Window, . , /usr/XHR6/bin; , ,
XFree86-xfs xfs.
XFree86, 4.0, , TrueType.
, , .
xf stt. TrueType. Type 1,
BDF .
TrueType XFree86, ,
XFree86 4.0. TrueType, xf stt
. x f s t t ftp://ftp.metalab.unc.edu/pub/Linux/
X l l / f o n t s / x f s t t - 1 . 1 .tar . gz (
xf stt-1.1. tar. gz ). x f s t t , ,
, , .
(, 86 PowerPC), x f s t t
.
362
II.
xf sft. xfs, XFree86 3.3.x. x f s f t TrueType FreeType (http: / / f reetype. sourcef orge. net/
index2 . html). ,
TrueType, Type I, BDF . x f s f t xfs, XFree86 4.0;
XFree86.
- x f s f t , , h t t p : / / w w w . d c s . e d . a c . u k / h o m e / j e c /
programs/xfsft/.
TrueType -.
, Windows MacOS.
, , ,
. xf stt, x f s f t
. -
, .
Windows MacOS (anti-aliasing). _

, . ,
. X Window 4.0.2
. , , http:
//sdb.suse.de/en/sdb/html/chofman_ttf_72.html.
,
Linux, . , ,
. . x f s x f s f t . xf stt
.
,

Linux XFree86 XFree86
XF86Config /etc /etc/Xll. , Font Path,
.
XFSGConf ig .
FontPath "/usr/XllR6/lib/fonts/Typel/"
15.
363
FontPath "unix/:7100"
FontPath "tcp/zapf:7100"
^^
, , ^\ .
FontPath.
,
. Linux , XF86Config , ( ).
,
, FontPath
.
,
. unix , , UNIX. (7100)
, . , ,
, .
.
, . tcp
, .
( zapf) , . (
, zapf. threeroomco. com.) , ,
, .
, , , 7100. (
1.)
. , , . , 7101
7102.
.
/ e t c / X l l / f s / c o n f , conf con fig.
. SysV, , , . , Red Hat, SysV
, . . ,
. , ,
364
- ,
.

, , , ,
. . ,
, .
.
,
.
,
xf s -conf ig /___.

. ,
, .
,
X Window. ,
, . X Window, -
.
, .
TCP-. Red Hat 7.2 /etc/Xl 1/
fs/config no-listen = tcp,
TCP-. ,
7100. ,
, ,
. Red Hat
SysV xf s.
1. Mandrake 8.1
1.
.
,
( /etc/re. d / i n i t . d/xf s) . , daemon xfs -port -1, 1 7100 , . /etc/XF86Conf ig,
/etc/Xl 1 ( -
XF86Conf ig XF86Conf ig-4), ,
15.
365
. FontPath, unix/ : -1, -1

7100 , xfs.
x f s , - ( Restart X Server
Mandrake).

| . , , , . , .
SysV, x f s Red
Hat Mandrake, restart, .
, stop, start.
,
- ,
. ,
XF86Config FontPath.
FontPath, tcp. , ,
, , . , , , ,
FontPath ,
. ,
FontPath, , . ,
, .
,
f , , .
FontPath, ,
, . ( . , .
, X Window, .)
, .
, Internet,
, . , ,
Internet,
. ,
. ,
, .
, ,
Internet . , -
366
II.
, , .
iptables 25.

, , , , Linux UNIX. (- Windows,
MacOS .)
,
: (
, -)
.

(
/ e t c / X l l / f s / c o n f i g /etc/Xll/fs/conf).
FontPath, XF86Config,
conf ig conf catalogue. ,
, .
catalogue = / u s r / X l l R 6 / l i b / X l l / f o n t s / 7 5 d p i : u n s c a l e d ,
/usr/XllR6/lib/Xll/fonts/Typel,
/usr/XllR6/lib/Xll/fonts/TrueType,
/usr/XHR6/lib/Xll/fonts/75dpi
catalogue . . , . : unsealed,
, , ,
, .
unsealed : , , ,
, , (
).
XF86Config. 75dpi , , .
, Typel TrueType,
75dpi
.
, catalogue,
. , ,
, Internet -, .
, ,
. , -
15.
367
. ( ,
.)

.
fonts . dir, :
__1 XLFD1
__2 XLFD1
, ,
. . , ,
(, goodf ont. ttf tlf 32 . pf b).
.
1 . PFB (Printer Font
Binary ) ;
fonts . dir. PFB-
fonts . dir PFA (Printer Font ASCII ASCII ),
, . , ,
.pfm, . afb . afm. ,
1.
(XLFD
X Logical Font Descriptor). .
-bitstream-charter-medium-r-normal0-0-0-0-p-0-iso8859-1
,
(-). (bitstream);
(charter); "" (medium); , (); (normal);
( ); (,
, , ); , ();
(0 ) (iso8859-l).
XLFD ,
. XLFD
fonts . dir .
^^
. ^\ , Times . Times , ,
fonts.dir XLFD.
,
, , .
368
II.
, fonts.dir
1, , typelinst.
Linux, .
1
:
# typelinst
typelinst ,
XLFD- fonts .
dir. , , , 21 fonts . dir,
, .
fonts . dir, typel inst, , , , , . - ,
fonts .dir, . .
, , ,
, , , ,
.
TrueType.
ttmkf dir FreeType,
xf sf t XFree86 4.0. ttmkf dir typelinst,
-.
,
. ,
-. , , :
# ttmkfdir - - fonts.dir
, ,
, -. ,
.
, typelinst ttmkfdir
f fonts.dir . , fonts . dir.
, fonts . dir . ,
.
fonts.dir . , -,
, , .
:
# xset fp rehash
15.
369
, -.
-, , - .
, ,
, . ,
, ,
,
. , X Window
.
, , (,
), .
.
, .
, Linux, FontTastic (http:
//www.bitstream.com/categories/developer/fonttastic/).
, X Window
, . FontTastic , ,
,
.
, -. , , - , X Window. , ,
. . ,
- , .
, ,
. -
,
. .
FontTastic, . . (
TrueType , PostScript-, 42. ,
, . -
370
II.
.)
FontTastic, (,
, . .),
.
FontTastic ,
Linux.
: Corel WordPerfect Office 2000 (
) VistaSource ApplixWare Office
(http://www.vistasource.com/products/axware/).
, FontTastic
. FontTastic
,
.
FontTastic . , ,
,
. .
,
, .
WYSIWYG - .
,
X Window. WordPerfect 8.
. , ,
.
, . ,
, .
, X Window ,
. , , .
,
.
FontTastic.
. . , ,
. X, . ,
, ,
15.
371
-; , ,
. , ,
. , , .
,
.
16

, 13 14, .
. , . ,
. , , . ,
, . (Linuxconf Webmin), ,
(Samba Web Administration Tool,
SWAT). , .
.
. .
Web-, ,
Web-. Linuxconf,
Web-, . ,
, 13 14, ,

, .
16.
373

,
. , ,
, .
, , . . ,

.
.
Linuxconf Webmin, , , .
, . . , SWAT,
Samba, . SWAT
Samba, Linux
.
HTTP,
Web-. , , , Web-.

URL.

Linux
, , Linux. , , ,

. , , ,
Linux inetd, xinetd,
SysV . . , Linux (, YaST,
SuSE), , , Linuxconf Webmin, .
Linuxconf Webmin Linux
.
,
,
374
II.
. , :
, , . ,
(, SysV /etc/inittab) (, Apache, sendmail
Samba). Linuxconf Webmin, , .
. Web-,
.
, Linuxconf Webmin, .
, , . ,
.
, .
Linuxconf Red Hat. , Red Hat 7.1
Linuxconf.
, (
SWAT), . , SWAT
(smb. conf).
, SWAT Samba, . , SWAT, .
Linuxconf
Linuxconf Red Hat Mandrake,

.
, Caldera, Debian, Slackware SuSE. http://www.solucorp.qc.ca/linuxconf/, ,
Linuxconf.
Linuxconf , ,
. Linuxconf ,
Web-. Web-
, , . Web-
.
16.
375
Linuxconf
Linuxconf
( GNOMELinuxconf, Solucorp ). Java-.
Web- ,
. Linuxconf
.
Linuxconf
Linuxconf . Linux inetd xinetd. ,
/etc/services . Linuxconf :
linuxconf 98/tcp
, , linuxconf -http. /etc/
inetd. conf :
linuxconf stream tcp wait root /bin/linuxconf linuxconf http
xinetd Linuxconf , /etc/xinetd.d linuxconf-web
linuxconf, .
Linuxconf , ,
disable = yes, , yes
.

Linuxconf, , , Web-. 98. , , remote. threeroomco. com, URL
http: //remote. threeroomco. com: 98. Web-
, Linux ,
Linux, UNIX, Windows, MacOS .
Linuxconf Web-,
. , , Linuxconf - Web-
, Enter, .
. , .
, ,
Linuxconf, , . ,
Linuxconf . .
376
II.
f{|essus.rodsbooks.com; Linuxcon... ^
This is the main entry to Linux configuration.
Use the TAB Key to navigate between the field
section and the button bar at the bottom.
Check out the help for this screen. It Is an
introduction to Linuxconf
' Linuxconf htrnl access control]

^fflnffil
Networking
Users accounts
Miscellaneous services
.jln/yar/log/linuxconWitmlaccess.log
network or host
1127.0.0.1
netmaskfopt)
]255255.255.255
network or host (l;92.168.1.0

netmask(opf)
boot mode
Enable network access

Log access
File systems
Vou can specify wnlch networks or hosts are allowed

to access linuxconf to configure your computer
(They need a password still)
Linuxconf listen on port 98. Point your browser to
http://your_machine:38/
network or host
netmaskfopf)
[255255.255.0
I
|
network or host
. 16.1. Linuxconf
-,

. 16.2. Linuxconf ,

1. linuxconf root.
linuxconf.
Linuxconf ,
. X Window
Linuxconf, Linuxconf. Linuxconf,
Mandrake, . 16.1. Linux
-,
.
2. ConfigONetworkingOMiscOLinuxconf Network Access Options. , . 16.2,
. ( .)
16.
377
3. Enable Network Access. Linuxconf

.
4. network or host 127.0.0.1, netmask(opt) 255.255.255.255. Linuxconf .
5. network or host , Linux. netmask(opt)
. , , . 16.2,
, , 192.168.1.0/24.
6. , ,
( ), Linuxconf.
7. Accept, Dismiss Quit,
Linuxconf. ,
, .
, Do It.
Linuxconf
,
5 6. , ,
, Linuxconf. (
, .)
Linuxconf Web-
Web-, Linuxconf, , URL, http: //_: 98.
IP-. Linuxconf.
Enter, , . root ,
Linux.
Linuxconf . 16.3.
, . 16.3, , , Web-. -
, ,
, . , , . 16.3,
Networking Config, ,
, Linuxconf Network Access Misc,
Web-, . 16.4.
, , . 16.2.
, Linuxconf.
Web- Linuxconf ,
, , , Web- -
378
II.
Netscape nessusrodsboote wm'nessusrodsbooks.corrv Llnuxconf 1 21 (subrev 5)
tp://nessus.rodsbook*.com:98/htftl:/
This is the main entry to Linux configuration, check out the heip for this screen. It is an introduction
to Unuxconf
Networking
Users accounts
boot mg_dg_
MHMHD
Control panel
Control files and systems
data u time
. 16.3. Linuxconf, Web,

, ,
. Accept ( . 16.4, , )
. , Linuxconf, ,
.
Web-,
f Linuxconf, Accept, . , Linuxconf , Web Back.
. 16.1 16.3, Linuxconf
. Linuxconf
Web-, .
, Accept,
Back. He ,
, . , Linuxconf
. - ,
Linuxconf . , Linuxconf , /etc,
379
16.
(Netscape: nessus.rodsbookscom:Unuxconf html access control]
|#
;4.apj.
-**,
'e**^;fftvfew - efd
-7"'.'Searcli
, sAiA^k tee*tf>' |http//neaius rodat
Security
ks com 96/htnl /ok, -Networking/ok, --Linuxconf-net A
ni*uj.tQ(b'bp(jkt.conii LlnujiConf 1.21 ffubntv
Enable network access

Log access
Q in /var/log/linuxconf/htmlaccess.log
network or host ]>27.o.o.i

netmask(opt)
[sitTsB.iit!
network or host 32.161.1.1

netmask(opt)
ll2ss.2ss.2S!
network or host j!
netmask(opt)
. 16.4. Linuxconf , ,
,
/usr/local/etc, .
Linuxconf . , Linuxconf
, .
Linuxconf Web-. Linuxconf -,
, , . ,
.

Webmin
Webmin (http://www.webmin.com/webmin/)
, Linuxconf. Linux. Webmin Linux, UNIX (,
Solaris FreeBSD), MacOS. ( http://www.webmin.com/webmin/support.html.)
Webmin Linuxconf. Web-
380
II.
min ,

Linuxconf.
Web min
Linux, , Mandrake Webmin ( Debian 3.0).
Webmin Web-. Webmin RPM, tar-.
Webmin RPM , ,
. tar-,
. Webmin tar- .
1. root, ,
Webmin. /usr/local,
, /opt.
2. Webmin, tar xvfz //webmin. tar. gz.
webmin-, Webmin.
3. Webmin cd webmin-.
4. . / i n s t a l l , sh. , , Perl. .
, , (
Webmin).
Webmin, .
Webmin Perl,
. ,
. Webmin ,
Perl,
Linux.
Webmin , /etc/webmin ( Webmin tar, ). , , ,
config miniserv.conf. , , Webmin , . ,
miniserv. users .
381
16.
( Webmin RPM, root /etc/passwd /etc/shadow.

Webmin tar-,
.) /etc/webmin
, Webmin.
Webmin
SysV. , , Perl- Webmin
/etc/webmin/start.
Webmin
Webmin, ,
Linuxconf. URL Web- ( 10000), ,
Web- Web-, . 16.5. Linuxconf,
Webmin ,
, Linuxconf. , , System Servers. Webmin
Webmin. Hardware
(, ), Others
.
Netscape: Webmin 0.86 on speaker.rodsbooks.com (Caldera Openllnux 3,1) J
File
Edit
View
Forward
00
Coi
--
Reload
Search
* Netscape
A-
Home
<*
Print
* Shop
' ;'-:-p
Security
; iittp//spe ake dsb oka com
Webmin
Version 0.88 on speaker.rodsbooks.com (Caldera OpenLinux 3.1)

Webmin
!
Webmin Actions too.
Webmin Ccnfigyratian
- Webmin Servers Index
WsbrninUsers
Logout
. 16.5. Webmin ,

382
II.
tp //speaker rodabooka. -lOOO/bindS/

Global Server Options
i\J
Other DNS Serusrs
Logging and Errors
Access Control Lists
Files and Directories
Forwarding and
Addresses and
Topology
Miscellaneous Options
Zone Defaults
Existing DNS Zones
rodsbooks.com
' '
. 16.6. . ,
, , Webmin
Web-, , , . , , DNS, , Web-,
,
. , . 16.6, ,
DNS, . , , , , .
. 16.7. , Save, .
Apply Changes, . , ,
, Stop Start.
, Stop, Start.
Webmin ,
. , ,
, Webmin .
,
.
, Module Configuration, ,
Web-, -
383
16.
;-)'~'11^^^^
\ UJCStfiorH jbttg // ^ flab ooks com 100 00 /b ind8 /c onf _ rvar ding cgi
Webmin
Index
Module
Forwarding and Transfers
Servers to forward queries to
Lookup dlrectlv If no response from forwarder <s Yes No Default

Ma*lrw..n*mBtransfertlme
-,
'
Zone transfer format
0 Or at a time Many Default
Maximum concurrent zone transfers
pa
. 16.7. Webmin ,
Linuxconf
. ,
Webmin .
Webmin , Linuxconf. Webmin Linuxconf, Linuxconf
. ,. .
Webmin, Logout, (. 16.5). Webmin ,
Web-,
Linuxconf.
Samba SWAT
SWAT (Samba Web Administration Tool), Linuxconf Webmin, . , SWAT
Samba. ,
,
Webmin Linuxconf, , SWAT
Samba. SWAT
Samba,
,
, . SWAT
384
II.
, . Help, Web-
, ,
,
smb. conf. SWAT ,
smb. conf include,
. ,
Samba,
SWAT.
SWAT
SWAT swat.
, 4, swat
. /etc/inetd. conf
:
swat stream tcp nowait.400 root /usr/sbin/tcpd /usr/sbin/swat
xinetd, SWAT
/etc/xinetd.d/swat. SWAT,
, disable = yes. , yes . ,
inetd xinetd, , SWAT ,
.
^^
SWAT Samba (samba, samba-common,
HA^\ samba-server . .),
( swat samba-swat). Mandrake, Slackware, SuSE TurboLinux SWAT Samba,
Caldera, Debian Red Hat SWAT .
SWAT 901. inetd, xinetd
/etc/services :
swat 901/tcp
.
SWAT
SWAT ,
Webmin Linuxconf, URL 901. ,
SWAT Samba,
samba. threeroomco. com, URL
http: //samba. threeroomco. com: 901. ,
Web-, .
385
16.
Samba NetBIOS, SMB/CIFS

. SWAT ,
NetBIOS, SWAT
, NetBIOS. Samba . , Windows
NetBIOS, , Linux,
.
,
, SWAT .
, root. (
SWAT, , Linux,
, Samba.)
, SWAT , . ,
, . ,
root , SWAT , . 16.8.
: Globals, Shares,
Printers, Status, View Password.
smb.conf [Netscape: Samba Web Administration Tool)
"*
Back
h W I,. 1.4, in .11 .HltM^lll^llliaîtlj^lîaH!..!!!.,.*.......!, ,, _ _ , l . , l . I 1|...,.,|,....|||.,.>>14&|>.1|1 IH.Illi .1.
HOME
GLOBALS
SHARES
PRINTERS
STATUS
VIEW
1 Illlllll.llllllfllhSillitlill M,.linirt.>t^.l.lM>.JM.
PASSWORD
Welcome to SWATI
Please choose a configuration action using one of the above buttons
Samba Documentation
Daemons
smbd - the SMB daemon
nmbd - the NetBIOS nameserver
winbin^d ^ the vrinbtnd daemon
Configuration Files
'
. 16.8. SWAT ,
, Samba
386
II.
[Netscape; Samba Web Administration Tool
F*te' Edit
Back
View - Go~ CotfttiKwilcator
:tf
Fw/^rti
"*
Reload
4fc
Hoffie
*. ..&
Search
Netscape
Print
Security
Shop
^J* BOOWfat* ,& We*; SttpTT/speaker rodsbooka.con-901/global
Global Variables
Cpmmit Changes) jReset Values| '.Advanced View)
Basa Options
Help
workgroup
Help
netbics name
Help
server string
HSpcftktt to JUUjnl>
Halo
interfaces
92.168.1.1/2SS.255.255.0
{set: Default]
Sacurlty Options
Help
security
. 16.9. Samba
, . Status
. View
smb. conf, Password . , root, Globals, Shares Printers ,
Status Password .
, Web-
Samba.
Samba Globals,
Shares Printers. Globals, . 16.9,
[globals] smb.conf. NetBIOS,
, .
Shares Printers . ,
.
, , Choose Share
Choose Printer, Choose Share Choose Printer.
,
.
, ,
, Delete Share Delete Printer.
16.
387
, ,
, Create Share Create
Printer. , ,
smb.conf; SWAT . ,
.
7, [homes] , , , .
, *, , [printers].
[printers], , [printers], ,
.
Globals, Shares Printers Advanced View. (
Globals Shares
.)
Samba. Advanced View
, , Advanced View
Basic View. Basic View SWAT
. Samba
, , Advanced
View . 4
, , .
Globals, Shares Printers
Commit Changes,
srab. conf. Samba, . ,
Status. Restart smbd, Restart nmbd.
( ,
, ,
.) SWAT, Web-,
.
, , : (
)
.
.
. ,
,
.
388
II.
. ,
, . , , .
, .

, . 13,
,
, SSH, , . ,
SSH Linuxconf SWAT,
. Webmin
SSL (http: //www.openssl .org), , ,
SSL. , Linuxconf SWAT ( Webmin
) ,
.
, , ,
. , 13,
, root .
,
, su. : root.
Webmin
, , . ( ,
"" , .)
, , .
, Linuxconf IP-
, .
xinetd, , , TCP Wrappers.
. , IP-, ,
.
, .
, , - .
, SSH.
SSH-; . -
16.
389
, , , , .
, , SWAT,
, , Linuxconf
Webmin. . SWAT, ,
, /etc. ,
, Telnet. ,
.
, . IV.
Linux,
, . , ,
, .
, .
Linuxconf Webmin.
Linux, ,

. ,
, SWAT. ,
, .
1 17
'""""^
,
, .
,
, .
X-. ,
. ,
, . ,
. , -.
, ,
:
tar ,
Linux UNIX, Samba Windows AMANDA.
, .
, . , ,
(Preston) Unix Backup & Recovery (O'Reilly, 1999).
.
, Linux,
, tar, cpio dump, .
, -
17.
391
, ,
, , ,
. (

.) ,
, .
. ,
, . , ,
100 1000 . .
, ,
, ,
. ,
.
,
, '> '*'
;,
'' , , , ,,,
, - .,
- ' .
10QO .
, 5 20 ,. , DAT (Digital Audio Tape
) DLT (Digital Linear Tape ).
^
DLT "" . -
,
.
. ';'?,--'
,
, , - ;
. , - .
- ( ) DVD. - -1
(630 ) ^
, , ^
. \
' DVD , ." one-;
: , ''
. !
( - 10 100 ), :
. Linux ,,
, : "
, cdrecord. c'taKHX
, , - *
.
} .;.'
t
392
II.
" , . ,
', , - >
. . ..
-,
;
.-.'. - ' , -/W
-:
' ; .
*: %,'
'"<>
-/,
.
, .
, , .

.
, , ; ,
. ,
. , ; , , . ,
. .
.
^<
, , , ,
, , . , , , , , .
.

.
,
, , , , -,
, . ,
. , , -
rshd Samba. , ,
.
. ,
17.
393
,
. , , .
.
, ,
, , .
, .
. , , -; . ,
Linux UNIX,
root, .
, , , , . ,
, .
, ,
.
, ,
, .
,
, , , ( ),
, .
. .
.
,
, ,
(, ).
. ,
, . ,
,
, Zip.
. .
, NFS SMB/CIFS, , FTP, . IP-
394
II.
, , /etc/shadow.
, .
, , , . ,
,
. , AMANDA, SUID.
.
, f , .
, . ,
.
.
.
, , , ,
root.
tar
tar ,
Linux UNIX.
, . tape archive (
). tar
, . tar Linux
, cpio dump.
Linux.
tar; ,
, ,
, smbtar AMANDA.
tar
tar ; . tar : .
tar, , ,
, , . . . ,
, , ,
395
17.
gzip bzip2 . . tar

:
tar [] _
.
, tar
. ,
(/).
. 17.1 17.2 tar.
.
, tar.

. , SCSI
. /dev/stO
/dev/nstO. /home
:
# tar create verbose file /dev/stO /home
, . 17.1 17.2,

# tar cvf /dev/stO
/home
tar ( one-file-system, same

-permissions, listed-incremental --verify) . Linux (, /) . , ,
, . --one-file-system
, . one-file-system
exclude exclude-from, -
17.1. tar
create
concatenate
append
A
r
update
--diff compare
list
--extract --get
t
x

tar-

,
,
,

396
II.
17.2. tar
absolute-paths
bzip2
directory
exclude
exclude-from
file
()
X
[:]
-gzip ungzip
-listed-incremental=jaU7i
-multi-volume
-one-file-system
-same-permissions
-preserve-permissions
-tape-length N
-verbose
-verify
/

bzip2. ( tar )

,

,

. ( , .)

gzip ungzip
,

;
multi-volume

,
,
/.
same-permissions , tar . , umask.
same-permissions .
tar listed-incremental,
, -
17.
397
. tar
, . tar listed-incremental ,
. , , , .
. .
( ,
, , , ,
. , ,
, .) ,
. ,
,
machinel, machine2 . .
verify ,
. , , ,
. (
.) tar verify dif f,
. , , , ,
. , , /tmp
.
, . , /us, ,
.

, bzip2 gzip . tar, , . bzip2
gzip , ,
, , , .
, ,
. - ,
.
, . , BRU (http: //www. tolisgroup. com)
.
398
II.

, ,
,
. ,
, , ,
, , ,
, , . ,
, , . ,
,
, .

, . , , .
: /dev/stO, /dev/nstO,
/dev/htO /dev/nhtO.
SCSI, EIDE/ATAPI. ,
, (nonrewinding
device). , ,
. ,
(rewinding device).
. , , .
, ,
, . , ,
, 1, 2 . .
, . , , , .
/dev/qftO /dev/nqftO. , .
.
Linux.

, . SCSI SCSI,
SCSI.
EIDE/ATAPI EIDE, EIDE/ATAPI.
, .
, .
17.
399
, ,
.
,
mt.
, ,
, .
mt tar . .
, tar, .
tar mt, .
mt :
mt [-f ] []
[]
: f sf (forward space files

), bsf (backward space files ), rewind ( ) datcompression ( ; 0 , 1 ). ,

.
# tar cvplf /dev/nstO testdir-1/
# tar cvplf /dev/nstO testdir-2/
# mt -f /dev/nstO rewind
# tar df /dev/nstO testdir-1/
# mt -f /dev/nstO fsf 1
# tar df /dev/nstO testdir-2/
. tar
, ,
, .
mt .
.
,
tar,
, ,
tar, -, tar .
, tar.
,
.
400
file, . 17.2, tar .

, ,
, . ,
, rshd
( in. rshd).
. rshd tar ,
. rshd
Linux .
/etc/inetd. conf :
shell stream tcp nowait root /usr/sbin/tcpd \
/usr/sbin/in.rshd -h
xinetd,
/etc/xinetd.conf
/etc/xinetd.d.
, TCP
Wrappers xinetd. rshd IP-. TCP Wrappers
xinetd ,
, rshd
, .
rshd IP-, .
, , . rshd ,
root, , .
-h,
inetd. conf. , ,
. -h,
,
. (
.)
-h rshd .
| -. SSH
ssh rsh. tar
ssh.
, ,
-h , . SSH
,
.
17.
401
, . .
, ,
. ,
Internet, , ,
.

, . ,
, :
# tar cvlpf buserver:/dev/stO /home /var /
/home, /var /
, buserver. , .
,
.
, , mt. , mt -f buserver: /dev/nstO
rewind .
, , . , ,
, . , , ,
.
,
, , , . ,
; , , .
NFS.
, , .
^^
,
^ \ NFS.
Windows smbmount.
Linux ,
.
NFS.
402
II.
,

Linux 8.
, , , .
/, . ,
,
.
;
.
,
, . . ,

,
. , ,
.
. , ,
root,
. , no_root_squash.
, .
,
, , ,
. ,
IP-.
,
, ,
.
, , : /home,
/var / ( ).
/etc/exports. buserver, :
/home
/var
/
buserver(ro,no_root_squash)
rw
NFS. . , ,
j brown,
, .
17.
403
, ,
.

, , ,
, , , , , , . , bud lent, /mnt/client, .
.
#
#
#
#
#
mount -t n f s - soft buclient:/ /mnt/client

mount -t nfs -o soft buclient:/var /mnt/client/var
mount -t nfs -o soft buclient:/home /mnt/client/home
cd /mnt/client
tar cvlf /dev/stO home var ./
, NFS , ,
.
,
mount.
, cd.
. , . tar
, ; .
, /mnt/client
.
:
# tar cvlf /dev/stO /mnt/client/home /mnt/client/var /mnt/client
/mnt/client. ( absolute-paths, / mnt/client.)
, , , mnt/client.
,
, .
, J ,
. - soft. NFS
tar ,
"" .
404
II.
SMB/CIFS
tar rshd, ,
NFS, ,
.
.
SMB/CIFS.
,
Windows. 7 Samba,
Windows Linux SMB/CIFS.
, Windows, Linux.
Samba,
7.
Windows
Linux
, , Samba , NFS,
Samba Windows .
, smbtar,
Windows.

, , -,
. Windows SMB/CIFS.
Samba Linux,
Linux . (
, ).
Windows SMB/CIFS,
. Control
Panel, Network Network and
Dial-Up Connections. Windows 9x/Me,
Network, Network.
Windows NT 2000
Network and Dial-Up Connections Properties.
File and Printer Sharing for Microsoft Networks.
, Add Install. , File and Printer Sharing for Microsoft Networks, . 17.1.
, .
405
17.
Ook * Network Service M you Mr* to Met, ftencfck QIC. V jroths

sn JntfdWon <fsU *, <**, Hv Disk.
NtwokSeivfc
Fie and PiMer Shacinj f MfctwoR NttwBk
QoS Packet Scheduler
SAP Agent
Cancel
. 17.1. Windows SMB/CIFS,

File and Printer Sharing for
Microsoft Networks
Identification Network (Windows 9x/Me)
System Control Panel (Windows 2000).
SMB/CIFS, , . .
1. My Computer , ,
Sharing. ( , , , SMB/CIFS .)
Properties, . 17.2.
2. , Shared As Share This
Folder. , .
Linux. ( Windows 2000
New Share.)
3. Windows 9x/Me Access Type
.
, ,
( Windows 9x/Me,
, Full Access
). Windows 2000 Security ,
.
4. , .
406
II.
11
< |] Took j Hardware Stains j Security) Quota |
You can share this folder among other users on your
network. To enable sharing for this loer.<*4 Share s
Do not share this folder
~& Share this foHer
Shete name*
| C$
Garment
jDefau share
Urn ML
~,
ft Maximum alowed
(~Afa
Users
To set permissions for how users access th

fotder over the network. eSek Penwsswt.
To configure settings for Offfine
this stood fofcto, dick Caching.
Cancel '
. 17.2. Sharing Windows 2000.

Windows 9x/Me

5. . 1-4 , .
. , Network Neighborhood .
Linux
smbclient.
smbtar
Samba smbtar. , tar SMB/CIFS.
smbtar , tar smbclient,
, Windows. smbtar
, . smbtar :
smbtar -s __ \
[- __] [- _]
[- ] [-d ] [-t ] [~r] [-v]
, smbtar. .
17.
407
s __.
. NetBIOS- . name resolve
order smb.conf, DNS-
.
__. ( 2 ). backup.
_. , , , . , Windows 9x/Me
, ,
.
. ,
. , ,
( , smbtar ),
, ( ps). smbtar
, ,
root.
d . , . ,
, -d .
t . ,
, ,
.
$, ,
tar. out.
. smbtar .
-, .
v. .
-v , smbtar .
,
CDRIVE WORK. :
# smbtar -s WORK -p password -x CDRIVE -t /dev/stO -v
, ,
. , smbtar tar, ,

tar.
408
II.
smbmount
smbtar,
Linux SMB/CIFS.
mount smbmount.
mount smbf s,
NetBIOS- Windows,
. :
# mount -t smbfs //WORK/CDRIVE /rant/backup - \
username=fred,password=password
smbmount :
# smbmount //WORK/CDRIVE /mnt/backup - \
username=fred,password=password
^^
smbmount 2.0.x Samba HA%^ .
. smbmount, 2.0.5-2.2.2 Samba.

t
, mount smbmount . , ,
smbtar. , mount smbmount,

tar. , ,
, .
Windows
umount smbumount. umount .
# umount /mnt/backup
Windows
Windows
Linux. . , mount smbmount , Windows.
, Windows. FAT (File Allocation Table ),
Windows 9x/Me Windows NT, 2000 ,
, ,
. 8.3.
Windows . , , , ,
. ( 8.3, ,
,
, File. txt. , 8.3 -
17.
409
.)
Linux - , 8.3, .
Windows, Linux 8.3, , mount smbmount, ,
(, f i l e . txt).
, 8.3 , ,
. ,
Windows .
smbtar 8.3
, . , Windows ,
, ,
, . smbtar,
Linux, 8.3,
, . . ,
.
, .
8.3, . Windows ;
DOS, Windows, DIR,
, . Linux
, ,
Windows. , ,
. ,
, .
, Windows 8.3, .
. ,
.
. , . ,
Windows Program Files.
APPS, , .
. , , ,
.
.
,
. ,
410
II.
PATH AUTOEXEC. BAT, .

, 8.3
.
, . 8.3 Windows , , . , longfilename.txt
8.3 LONGFI~1 .TXT. , 8.3
~1, .
, . Windows- Linux . , .
, Windows , .
^
NTFS (New Technology Filesystem 4 ^. ), Windows NT, 2000 ,
8.3, . , ,
FAT.

Samba .
Samba,
. ,
, .

.
. , (, Zip
Jaz). . , ,
,
.
. ,
, , . . 7.
17.
411
. , . ,
.
, ,
, .

,
Samba. , , ,

. , max connections, ,
.
, Zip,
/mnt/zip.
[zip]
comment = Zip Backups
path = /mnt/zip
read only = No
max connections = 1
preexec = /bin/mount /mnt/zip
postexec = /bin/umount /mnt/zip
SMB/CIFS, ,
Windows, , , , deadtime, ,
.
deadtime = 5. ,
.
, , . Zip
.
, Linux. , , , ,
. ,
, Windows, , FAT.
,
Linux, FAT, ext2fs ,
Linux.
412
.
, . 7
, -. , 7, .
[backup]
printable = Yes
print command = /usr/local/bin/samba-backup %H %s %U \
/var/spool/samba; rm %s
,
zip-. zip- tar /usr/local/bin/samba-backup,
17.1. ,
, smbtar. print command, zip- .
zip- Linux.
17.1. , ,

_____
_
# $1 = ,
#

# $2 = zip-
# $3 = ,
# $4 = zip-
mkdir -p $1/backup/samba
cd $l/backup/samba
unzip $4/$2
tar cvpf /dev/stO ./ > $l/tar.out
mail -s "Backup finished" $3 < $l/tar.out
rm $l/tar.out
rm -r $1/backup/samba
, | . , ,
. , root.
smb.conf force user, , "".
, ;
force group.
17.
413
, zip. , tar-, . (
17.1).
, Windows, tar Linux, Windows
.

7,

. Windows
bat-, ,
. ,
17.1, ,
.
,
Linux,
, . tar-,
,
Linux.
rshd. Samba, IP- , rshd
. ,
. , ,
,
.
AMANDA

, . , ,
, . , . AMANDA (Advanced Maryland Automatic Network Disk Archiver).
, , , . AMANDA
Linux Debian, Red Hat, Mandrake SuSE. , Web- AMANDA (http: //www. amanda. org).
414
II.
AMANDA , | , AMANDA,
, , , . ,
AMANDA . ,
with-user with-group
. ,
, AMANDA.
AMANDA
AMANDA , . ,
, .
.
NFS, rshd AMANDA . (
, Windows, AMANDA smbclient
SMB/CIFS.)
AMANDA , . ,
. , , .
, .
, tar
listed-incremental ( ). AMANDA ,

.
Samba, , AMANDA

, . ( AMANDA , , .)
AMANDA .
,
. ,
. AMANDA
, . , 1 , AMANDA
1 ,
, 1 . .
17.
415

AMANDA
AMANDA , ,
, , -.
, Linux UNIX,
AMANDA amandad. - .
/etc/inetd. conf :
amanda dgram udp wait amanda amandad amandad
amandad amanda.
, , .
, , , ,
amandad. xinetd, .
xinetd 4.
AMANDA
^< , , . amandad ,
root.
AMANDA /etc/services
. :
amanda 10080/udp

/etc/services, . AMANDA . ,
.
, ,
.

.
.amandahosts, ,
AMANDA.
,
. , amanda buserver. threeroomco. com .
buserver.threeroomco.com amanda
, ,
Windows, AMANDA SMB/CIFS. -
416
Windows
SMB/CIFS .
AMANDA

, .
, AMANDA
, AMANDA , . , , ,
. .
/etc/inetd. conf :
amandaidx stream tcp nowait amanda amindexd amindexd
amidxtape stream tcp nowait amanda amidxtaped amidxtaped
, , , , .
xinetd, , 4.
, /etc/services :
amandaidx 10082/tcp
amidxtape 10083/tcp
, AMANDA, . AMANDA
.
AMANDA
AMANDA amanda. conf, /etc
/usr/local/etc. AMANDA
. , AMANDA (
amanda). amanda, .
, , ,
/usr/local/etc/amanda/Daily, , , /usr/local/etc/amanda/Archive.
AMANDA ,
. example
.

amanda.conf ,
, . , ,
17.
417
, ,
:
dumpcycle 4 weeks
.
.
, . , , , , .
. , , AMANDA. org
.
mailto. AMANDA , , .
, .
dumpuser. , . AMANDA
with-user.
dumpcycle. , .
runspercycle. AMANDA ,
.
. , ,
dumpcycle, . runspercycle,
20, ,
, AMANDA .
4 , AMANDA . (,
AMANDA .
runspercycle ,
AMANDA , .)
tapecycle. , . ,
, tapecycle , runspercycle.
tapetype. , , AMANDA , . , ,
. ,
, . tapetype, AMAN-,
DA, . tape-src make tapetype. ./tapetype -f /dev/ (
418
II.
, ).
. ,
. , . : ,
, .
tapedev. Linux,
.
/dev/nstO /dev/nhtO.
netusage. , AMANDA .
labelstr. , AMANDA .
. .
tpchanger, changerf lie changerdev. ,
. example .
infofile, logdir indexdir. AMANDA
i n f o f i l e logdir. , indexdir
, .
.
,
. holdingdisk,
. directory ( ) use ( , ).
, chunksize. , chunksize,
, . ( chunksize ,
.
, . ,
2.2.x 86 2 .)

AMANDA , . amlabel.
, .
amlabel :
17.
419
$ amlabel Daily DailySetl23

Daily , amanda. conf. amlabel . DailySetl23 .
,
labelstr amanda.conf, AMANDA
. AMANDA .
, .

amanda. conf,
AMANDA, dumptype. ,
. dumptype .
compress [client | server] [best | f a s t | none ].
, . .
best , ,
. f a s t
, .
.
exclude [list] "", , list,
AMANDA exclude
exclude-from tar.
holdingdisk __. yes
, AMANDA, .
index __. yes
, AMANDA , , .
, ,
.
kencrypt _. ,
, , Kerberos.
, yes, , Kerberos. Kerberos
6.
program " ". AMANDA tar, dump, .
, .
AMANDA dump ( DUMP ).
tar, ,
GNUTAR. ( Samba tar.)
420
II.
skip-incr _. true,
,
, .
. , dumpcycle, .
.
. , . , amanda. conf,
, global, .
,
. ,
, , .
dump ext2fs,
tar ReiserFS.

amanda.conf , , ,
. diski 1st, , amanda. conf.
AMANDA di ski 1st.
, ,
, .
disklist ,
.
, , .
(, /dev/hda2 hda2) (, /home). , #,
. disklist 17.2.
17.2. disklist
#
buserver.threeroomco.com /
root-tar
buserver.threeroomco.com /var
user-tar
buserver.threeroomco.com /hold
holding-disk
# Linux UNIX
buclient.threeroomco.com /
root-tar
buclient.threeroomco.com /home
user-tar
# Windows
buserver.threeroomco.com //WINPC/DRIVEC
user-tar
17.
421
. /hold
buserver.threeroomco.com .

holdingdisk, . ,
, . Windows Linux UNIX,
Samba, NetBIOS- Windows (WINPC)
(DRIVEC). 17.2 ,
Samba, , . (, , Samba
, .)
Windows,
; AMANDA Samba smbclient.
Samba smbclient , tar dump. , Samba,
/etc/amandapass. . AMANDA
SAMBA, Windows NT, 2000
. ,
, AMANDA
with-samba-user.
AMANDA
AMANDA, amdump. , . .
, . ,
: amdump Daily. , amdump , , .
AMANDA , , .
. dumpcycle
, ,
, AMANDA
.
, AMANDA
.
, amdump. ,
, . , . , ,
. .
422
II.
AMANDA . , ,
mailto, amanda. conf.
, ,
. , ,
, .

. , ,
,
.
.
. . , ,
, . , .
, create
tar, extract , .
,
, , -, ,
, . .
. , .
. , , , root
rm -r /.
, , .
, .
,
, .
, ,
. , , - .

17.
423
, , .
Linux Windows 9x/Me, Linux.

Samba, , SMB/CIFS.
Linux. ,
FDISK DOS,
, SYS . Windows NT, 2000
, ,
NTFS.
.
dd, Linux, ,
Drivelmage.

, , . , ,
tar- rshd NFS Samba.
, , , , ,
, .
,
.
AMANDA , , ,
,
.
amrecover, , amrestore. amrecover
root, . setdate (
), cd ( ), add ( , ) extract ( ). extract amrecover ,
.
, , , .

. , ,
. ,
424
II.
, -
.
, .
, ,
, , , ,
.
.

, NFS, SMB/CIFS, rshd, AMANDA , tar, dump, cpio .
.
, ,
. ,
tar.
, AMANDA. , ,
. , .
.
III
Internet
18

, TCP/IP,
, IP, . ,
.
DNS- (Domain Name System ),
. 2
. , ,
, DNS . ,
Internet DNS.
DNS , ,

.
DNS , . , . ,
, DNS, . ,
DNS , DHCP.
DNS
, , , Kerberos , , Telnet. , , .
,
DNS , . (Albitz) (Liu) DNS and
BIND, 4th Edition (O'Reilly, 2001) (Hunt) Linux DNS Server Administration
(Sybex, 2000).
18.
427
DNS
DNS ,
. , .
DNS,
Internet
DNS. , , ,
, DNS. , DNS Web-, URL
http://www.whitehouse.gov. DNS
www. whitehouse. gov IP- . DNS
, DNS. IP- , ,
DNS; , , . DNS, ,
( www.whitehouse.gov). IP-, ,
(TLD top-level domain).
.com, .gov, .uk . .
, DNS- . gov, ,
. gov. DNS . gov , IP-
, whitehouse . gov,
DNS. whitehouse.gov IP-, www. whitehouse . gov, , ,
. IP-
DNS Web-,
Web-. . 18.1.
. , DNS
IP- Internet.
. , ,
. . , DNS
. DNS

, . DNS
, .
, . , DNS
. com, .
, , -
428
III. Internet

www.whitehouse.gov

,

.gov

.gov

www.whitehouse.gov
www.whitehouse.gov

www.whitehouse.gov
-*

,

.gov
www.whitehouse.gov

whitehouse.gov
. 18.1. DNS
IP- ,
.
,
, DNS. ,
DNS,
, whitehouse.gov .
, DNS,
, ,
Internet IP.
18.
429
, DNS, ,
DNS.
_

DNS, , . , . ,
() DNS-, ()
.
DNS, , . , DNS, Internet.

, ,
( ). , , DNS- Granite Canyon (http: //www.granitecanyon.
com). ; : "
, ".
, DNS, .
DNS-, DSL . , DNS-, DNS,
, IP-. IP- . DNS-
, . DNS- .
, URL: h t t p : / /
www.technopagan.org/dynamic/ h t t p : / / w w w . o t h . n e t / d y n d n s . h t m l .
,
DNS, . , DNS , .
DNS,
. ,
DNS, ,
DNS.
.
DNS
DNS .
IP- , . .
, , /etc/resolv. conf.
DNS .
430
III. Internet
, , . , DNS
.
, .
DNS , , ,
. , DNS
, . ,
DNS, .
, ,
. DNS , Internet
.
DNS . , , Linux UNIX
/etc/hosts. ( , . , Windows 9x/Me
C:\WINDOWS\HOSTS.) /etc/hosts ; IP-,
. /etc/hosts
.
192.168.78.109 gingko.threeroomco.com gingko
Linux /etc/hosts ,
localhost 127.0.0.1. , ,
. /etc/hosts ,
DNS.
/etc/hosts , DNS .
/etc/hosts , DHCP
IP-.

DNS
. DNS ,
.
DNS , . .
, Internet. ,
, .unused.
18.
431
(ccTLD country code top-level domain). . , .us , . se .

(gTLD generic top-level domain).
.
.com, .net, .org .gov. 2001 .
gTLD; , , .biz .museum.
, ccTLD
gTLD. ;
.
, .
. com,
. org, . net TLD. ccTLD
. , , . , , http: / /www.
NewRegistrars.com http://www.icann.org/registrars/accredited
-list.html. gTLD
10 35 .
, gTLD . gov . edu,
ccTLD . ccTLDs, , ,
http://www.iana.org/cctld/cctld-whois.htm.
2001 .
. us. 2002 . TLD . us.
. us, http: / / w w w . nic. us.
, ccTLD, . , . uk . gov. uk .co.uk,
. , TLD .uk, . . , . gov. uk
, . . uk
( , gTLD . com).
,
. IP-
DNS, . DNS, . , DNS , .
, DNS, , , ,
DNS. DNS, .
.
432
III. Internet
DNS Linux
, DNS, ,
.
. .
BIND. BIND (Berkeley Internet Name Domain) , DNS Linux. .
BIND , ,
http://www.isc.org/products/BIND/.
9.2.0, ,
. . 2002 ., Linux 8.2.x . ,
4.9.x , .
djbdns. D. J. Bernstein's DNS server ( DNS . . )
, BIND,
. , .
, . BIND djbdns. djbdns Web- http: / / c r . . to/djbdns .
html.
pdnsd. , proxy-
DNS.
DNS. , BIND djbdns. pdnsd
http://home.t-online.de/home/Moestl/.
dnscache. pdnsd, dnscache proxy- DNS.
. pdnsd,
dnscache ,
localhost (127.0.0.1). , http://cr..to/djbdns/dnscache.html.
, Linux, DNS BIND,
. , , djbdns. Proxy- DNS
.
,
. BIND,
djbdns.
18.
433
DNS
DNS :
DNS ( BIND named) . ,
. (
DNS BIND DHCP.) DNS
, DNS (
, ) .
() . ,
, , ,
.
BIND
BIND named.
conf. /etc.
Linux , , /etc . - ,
BIND ( /usr/share/doc/bind-).
named, conf 18.1.
18.1. named, conf
options {
directory "/var/named/";
auth-nxdomain yes;
forwarders {
10.232.7.98;
10.232.45.1;
forward first;
};
zone "." {
type hint;
file "named.ca";
zone "threeroomco.com" {
type master;
file "named.threeroomco.com";
zone "1.168.192.in-addr.arpa"{
type master;
434
III.
Internet
f i l e "named. 192. 168.1";
zone "0 . 0 . 127.in-addr.arpa" {

type master;
file "named. local";
named, conf . 18.1

options zone. options
, , ,
. zone
IP-. , named. conf,
(;). , BIND .
named. conf ,
.
/var/named , directory.
, named . conf, .

,
DNS, . .
BIND.
named. db. cache /var/named. ,
.
named, , , FTP, ftp: / / f t p . rs . internic.
net/domain/.
dig,
dig @a. root-servers .net . ns > named, . ,
, named . .
, DNS. DNS ,
, ,
, DNS (
2).
, /var/named.
, , /etc/named. conf. 18.1 ,
18.
435
, file, zone " . ".

( ,
.)

BIND .
1. BIND ,
, .
2. , .
.
3. , .
. ,
.
BIND .
DNS, .
, BIND
, , , ,
. .
, , , Internet ,
,
. , , Internet .
DNS
. , ,
.
,
DNS ? DNS
, ,
Internet. , DNS
,
.
forwarders forward (.
18.1). forwarders IP- DNS, , . forward
: only f i r s t . forward only, BIND
DNS,
forwarders, . f i r s t forward , BIND
436
III. Internet
DNS, (,
),
. , , , ,
.

BIND , , , IP-.
.
(, threeroomco.com, 18.1) IP- ( ,
in-addr. arpa). DNS .
. , ("."), . type hint,
, , file.
. DNS ,
BIND , . 18.1 threeroomco. com.
. DNS IP-,
. , in-addr .arpa.
, . . IP-, . , 192.168.1.0/24
1.168.192.in-addr.arpa.
,
. .
master. , (master), .
DNS , , , master. 18.1.
slave. , (slave),
DNS. .
. DNS ,
.
stub. , NS,
. . .
, DNS . , threeroomco. com sub. threeroomco. com
18.
437
DNS. BIND
threeroomco.com sub.threeroomco.com
stub, DNS sub.threeroomco.com.
DNS ,
sub. threeroomco. com. sub.threeroomco.com.
forward. forward options, forward
BIND,
DNS. BIND , .
, forwarders, BIND,
DNS .
hint. .
, . BIND
, .
, 18.1, hint master.
.

,
DNS. , .
, .
, . ,
/etc/named, conf. , ,
, , 18.1.
threeroomco. com :
type slave;
masters { 192.168.1.50; }
};
, threeroomco. com DNS, 192.168.1.50.
, .
masters DNS;
. (
.) ,
. ,
438
III.
Internet
. ,
.
slave , ( threeroomco . com 1 . 168 .192 . in-addr . arpa,
18.1). localhost (0 . . 127 . in-addr. arpa 18.1) slave
.
, , , , zone.
, ,
. ,
, .
,
, .
DNS,
allow- transfer. options, . ,
192.168.1.0/24 172.19.98.23, :
allow-transfer {
192.168.1/24;
172.19.98.23;

/etc/named. conf, , , DNS
. /etc/named . conf
master, .
IP-. ,
,
. ,
.

1 8.2 .
(threeroomco . com. ) , . .
,
IP-. .
.
DNS . , f Internet (Web-, FTP,
), , Linux , ,
439
18.
, /etc/resolv.conf. , ,
, . ,
. DNS, . ,
, , .
, .
gingko.threeroomco.com.threeroomco.com.
18.2.
IN
SOA
spruce.threeroomco.com. \
threeroomco.com.
admin.threeroomco.com. (
2002043004
serial ( )
3600
refresh ()
retry ( )
600
expire ( )
604800
default_ttl ( )
86400
gingko . threeroomco . com .
birch
spruce
threeroomco . com .
WWW
kelp
@
@
@
IN
IN
IN
IN
IN
IN
IN
IN
IN
A
A
A
A
CNAME
CNAME
MX
MX
NS
192.168.1.1
192.168.1.2
192.168.1.3
192.168.1.4
gingko
j acques . pangaea . edu .
10 birch.threeroomco.com.
20 mail.pangaea.edu.
spruce . threeroomco . com .
:
IN _ _
, . IN Internet . IN ,
. ,
, , .
IP- .
, , . , ,
, .
440
III. Internet
BIND | -: named, conf ,

.
BIND,
.
/var/named,
, .
db. - named, -. , , , /etc/
named, conf.

SOA (Start of Authority ).
, , SOA. ,
. , , /etc/named, conf (
!). .
. ( 18.2 spruce. threeroomco.
com.) . 18.2
(\).
, ,
. ,
.
. ( 18.2 admin.
threeroomco.com.) ,
. .
, @, ,
admin. threeroomco. com. admin@threeroomco.
com.
. , , .
18.2 , . , serial, ,
. ,
. ( YYYYMMDD),
, . refresh .
3600, 18.2, , , ,
. retry ,

, . expire
18.
441
, ,
.
. expire , ,
refresh. default_ttl .
DNS .
(86400 18.2)
(604800). IP-
, ,
.

IP-. , ,
, IP-.
@, . MX
NS ( 18.2). ,
.
.
. A (address ) ,
IP-.
( ), gingko. threeroomco.
com., , birch spruce.
, , ,
18.2 threeroomco.com. IP 192.168.1.4.
CNAME. CNAME (canonical name )
. , .
, , . , 18.2 kelp
. CNAME , IP- . ,
Web- , www
. ,
.
PTR. 18.2 PTR .
.
NS. NS (name server ) . NS,
, SOA. , @. IP-
, , .
442
III. Internet
MX. MX (mail exchanger ) . g

. : . (, lorax@threeroomco. com), MX.
, ( 18.2 birch. threeroomco. com.). , , ( 18.2
mail. pangaea. edu.). ,
, ,
MX, . , , MX, .
19.
, . , ,
.
18.2 . .

18.1 ,
. DNS IP-.
, in-addr. .
/etc/named.conf , .
, IP- , . ,
192.168.1.0/24 1.168 .192 . in-addr ..
, ,
. SOA NS,
PTR.
MX, CNAME. 18.3
, , 18.2.
PTR (,
1 192.168.1.1), IP-, in-addr. . 18.3 .
.
, ,
,
, birch birch. threeroomco. com. birch.1.168.192.in-addr..
18.
443
18.3.
1.168.192.in-addr.arpa. IN SOA spruce.threeroomco.com. \
admin.threeroomco.com. (
2 0 0 2 0 4 3 0 0 4 ; serial
3600
; refresh
600
; retry
604800
; expire
86400
; default ttl
2 .1 .168. 192 . in-addr. arpa .

3 .1 .168. 192 . in-addr. arpa .
4 .1 .168. 192 . in-addr. arpa .
@
IN
IN
IN
IN
IN
PTR
PTR
PTR
PTR
NS
gingko . threeroomco .com.

birch . threeroomco .com.
spruce . threeroomco .com.
threeroomco . com .
spruce . threeroomco .com.
,

DNS, . ( localhost).
DNS .
-, , Web-, Internet
. , ,
.
200 , , , .
, ,
.
, .
, , , , 18.1,
,
localhost ( 0 . 0 . 1 2 7 . in-addr. arpa), (.). .
DNS, , forwarders forward, options. forwarders
DNS . BIND . forward first, 18.1,
444
III. Internet
forward only. , , forwarders, .

| forward first, , ,
, , BIND .
, .
, Internet
.
, . , BIND,
, . , BIND

. , BIND
dnscache pdnsd.
( , ), IP-
, . ,
- DNS.
DHCP
IP- DHCP, , , DHCP,
. 5 : DHCP IP-
DHCP DNS . , . .
DHCP , IP-, .
, , birch. threeroomco. com
192.168.1.2. DHCP, DNS, .
, .
, .
5 DHCP DNS. BIND, named.conf.
allow-update. :
type master;
18.
445
allow-update { 192.168.1.1; }
};
BIND IP-
192.168.1.1. , , DHCP.
.
DNS Internet f ,
DNS- .
DHCP , ,
DNS. ,
DNS DHCP
(127.0.0.1).
*
DNS , 4, DNS SysV
. DNS .
host. host
Linux;
bind-utils. DNS . host ,
/etc/resolv. conf , . , IP-.
$ host www.awl.com
w w w . a w l . c o m is a nickname for awl.com
awl.com has address 165.193.123.224
, , ,
www. awl. com (
CNAME) awl.com. 165.193.123.224. , DNS . , . , ,
.
, -t. ,
MX , :
$ host -t MX awl.com
awl.com mail is handled by 100 m a i l h o s t . u u . n e t .
awl.com mail is handled by 10 oldtms702.pearsontc.com.
awl.com mail is handled by 20 oldtms701.pearsontc.com.
, awl. com : oldtms702 .pearsontc.com( 10),oldtms701 .pearsontc.com(-
446
III. Internet
20) m a i l h o s t . u u . n e t ( 100). DNS

, IP- .
$ host www.awl.com spruce

Using domain server:
Name: spruce.threeroomco.com
Address: 192.168.1.3
Aliases:
www.awl.com is a nickname for awl.com
awl.com has address 165.193.123.224
, , , , host
DNS.
host
. nslookup.
, host,
.
, DNS. ,
IP- , , , IP- .
DNS , , ,
. ,
, . IP-, ,
, .
19
:
SMTP
11 POP IMAP, .
.
, :
.
.
.
11.

SMTP (Simple Mail Transfer Protocol ). ,
Internet, SMTP. ,
, SMTP,
. Linux ,
SMTP .
Linux SMTP,
. SMTP: sendmail, Exim Postfix. ,
Procmail, SMTP.
SMTP,
, , .

,
. , SMTP, : (Costales) (Allman) Sendmail (O'Reilly, 1997), (Hunt) Linux Sendmail
Administration (Sybex, 2001), (Hazel) Exim: The Mail Transfer Agent (O'Reilly, 2001),
448
III. Internet
(Blum) Postfix (Sams, 2001), (Sill) The qmail Handbook (APress, 2001) (McCarthy) The Procmail Companion (Addison Wesley, 2001).
SMTP
SMTP ( mail transfer agent).
,
. SMTP , ,
.
, SMTP.
SMTP Linux .
. SMTP . , SMTP, (, pine mutt), ,
.
.
,
Internet. SMTP .
, ,
, . ,
.
.
. ,
, , .
SMTP. , , . ,
, , ,
root.

, Linux SMTP . ,
. (
, , SMTP ,
.)
SMTP,
, .
, , .
,
.
19. : SMTP
449
. . , ,
.
. , , SMTP , ,
.
, . , ,
.
, SMTP
Linux
sendmail. Linux
sendmail. ,
. sendmail. sendmail
, ,
. Web- sendmail
http: //www. sendmail. org.
Exim. , sendmail,
, Exim .
Debian , . Web-
Exim http: / /www. exim. org.
Postfix. sendmail, Exim ""
. , Postfix .
, , ,
. , .
Postfix sendmail.
Mandrake. Postfix
, http: //www. p o s t f i x . org.
qmail. Postfix, qmail ,
. qmail , sendmail, , Exim Postfix,
sendmail. sendmail qmail
. qmail
sendmail, Linux
450
III. Internet
, . Web- qmail http: //www. qmail. org.

, Linux . Small (http://www.gnu.org/
software/smail/smail.html), Courier (http://www.courier-mta.org)
OpenMail (http://www.openmail.com/cyc/om/00/). ,
.
: sendmail, Exim, Postfix qmail.
, .
,
, . SMTP.
, .

, ,
. , , , .
, sendmail .
sendmail Exim Postfix.
, , sendmail,
Exim Postfix,
sendmail. ( sendmail, Exim
Postfix mbox, . . .)
sendmail qmail , qmail
maildir (, ). ,
qmail sendmail, qmail
(
, 11).

.
.
. , . , mail. threeroomco. com,
: jennie@mail.threeroomco.com.
, . ,
, .
. ,
, , -
19. : SMTP
451
DNS MX. , MX . , , , threeroomco. com, MX,

mail.threeroomco.com. ,
jennie@threeroomco.com,
mail. threeroomco. com. DNS
MX,
.
.
DNS, MX,
18. mail.
threeroomco. com, MX :
@
IN
MX
10
mail.threeroomco.com.
, /var/named. @ ,
. IN , Internet, a MX . 10
. , , , ,
, . .
, .
^^\
, .
SMTP.
J
SMTP
, SMTP. , (envelope header), (message header) (message data).
From , SMTP-.
, , ,
.
, . , .
From: :, , .
Received:, , , Subject:,
.
452
III. Internet
^_
.
^\
.
SMTP
.
....
'
maildir, , ,
SMTP-, . , ,
From , Received: . ,
.
, SMTP, SMTP-. 19.1 ,
telnet. ( , SMTP-
telnet ).
19.1. SMTP-
$ telnet louiswu.rodsbooks.com 25
Trying 192.168.1.5. . .
Connected to louiswu.rodsbooks.com.
Escape character is 'A]'.
220 louiswu ESMTP Exim 3.12 #1 Wed, 30 Oct 2002 12:01:29 -0500
HELO nessus.rodsbooks.com
250 louiswu Hello nessus.rodsbooks.com [192.168.1.3]
MAIL FROM:<rodsmith@nessus.rodsbooks.com>
250 <rodsmith@nessus.rodsbooks.com> is syntactically correct
RCPT TO:<rodsmith@louiswu.rodsbooks.com>
250 <rodsmith@louiswu.rodsbooks.com> is syntactically correct
DATA
354 Enter message, ending with " . " on a line by itself
From: <rodsmith@nessus.rodsbooks.com>
To: <rodsmith@louiswu.rodsbooks.com>
Subject: A Sample SMTP Session
This is the text of the message.
250 OK id=15z87H-OOOOCX-00
QUIT
221 louiswu closing connection
SMTP- , SMTP
( , 19.1,
telnet).
, HELO EHLO.
MAIL FROM: RCPT TO: From .
SMTP ,
19. : SMTP
453
. ,
, , . DATA , .
, .
( . 19.1,
.)
. , , .
SMTP- , .
. , , HELO MAIL FROM, From:. ,
, MAIL
FROM From: .
, IP- ; 19.1 HELO.
. 19.1 , .
, , ,
, :
.
, . , ,
.
. SMTP ,
.
RCPT :, .
RCPT :,
,
.
,
.
. ,
19.1,
. Exim 3.12.
;
, .
,
. 19.1
MAIL FROM: RCPT TO: 250
is syntactically correct. , , ,
454
III. Internet
, RCPT :.
, : . Exim
, .
, ,
.
SMTP
,
.
, .

. , SMTP,
, hostname. HELO MAIL FROM:,
From: . ,
, .
, . , ,
franklin.threeroomco.com. , ,
, threeroomco. com. (
,
, ,
.) , ,
, , , , . , .
, f r a n k l i n . threeroomco. com,
threeroomco. com.
, ,
. , ,
,
.
,
.
19. : SMTP
" '"'
455
,
, . ,
, , , , , .
,
.
, .

, , ,
, . , f r a n k l i n . threeroomco.
com. SMTP ,
f r a n k l i n . threeroomco. com.
MX, ,
threeroomco. com. , , ,
,
. ,
, f ourroomco. com.
, , ,
. ,
(, , ).
.

, . , .
. ,
, .
, . SMTP
, ,
.
SMTP , ,
. , ,
. ,
456
III. Internet
. ,
, , , .
, . ,
, , .
, , . ,
, ,
.
, , ,
.
, ,
,
. , ,
, , . - ,
SMTP
POP. POP SMTP ,
IP-
. POP , .
SSH
SMTP.
, SMTP
SMTP. , , ,
, . , -
. , , , ,
, , SMTP .
.
, . ,
, . , SMTP
, . , SMTP ( ) -
19. : SMTP
457
- ,
. ,
sendmail. , , , sendmail-ispl. cf
sendmailisp2 . cf. , -,
sendmail. cf.

. , E-mail ,
. " "
. -,
: Web-, . .
-, , , , .
; ,
, , , . . ,
:
.
, .
:
.

, , ,
. .
.
.
, , , .
, , . , ,
,
,
.
IP-.
IP-, -
458
HI. Internet
. , (. . ,
), ,
, . . . , , ,
. IP-,
, . 19.1.
, . Procmail, , . Procmail
, ,
SpamBouncer (http: //www. spambouncer. org).
Procmail.
. ,
, Vipul's Razor (http: / / r a z o r .
sourcef orge. net). SHA- (Secure Hash
Algorithm ) .
SHA-

Vipul's Razor.
, , IP- , . ,
, .
.
, .
(false positive).
, . ,
. IP-
RBL RSS. IP-
RBL, RSS DUL, MAPS (Mail Abuse Prevention System ), .

, ,
, , .
, . . , ,
.
19.1. IP-,

Dial-Up List (DUL)
URL
http://mail-abuse.
org/dul/

dialups.
mail-abuse.org
Realtime Blackhole
List (RBL)
http://mail-abuse,
org/rbl/
blackholes.
mail-abuse.org
Relay Spam Stopper

(RSS)
http: //mail-abuse.
org/rss/
relays.mail-abuse.
org
relays.ordb.org
Open Relay Database
http:
(ORDB)
//www.ordb.org
RFC Ignorant
http://
www. rfc-ignorant.
org
Web
IP-, -. , ,
,
,
.
, ,

,
, ,
,
, ,
.
, RSS,

.

RFC Ignorant
IP- ,
, RFC.
,

460
III. Internet
, ,
(open relay). ,
, Internet, . , sendmail,
. , ,
, .
, ,
, , telnet
relay-test .mail-abuse. org.
. ,
. ,
; ,
, .
, , http: //mail-abuse. org/tsi/.
sendmail
sendmail . Linux,
Caldera, Red Hat, Slackware, SuSE TurboLinux. Debian Mandrake
SMTP, sendmail .
, 8.12.2 sendmail, Linux 8.11.x
.
sendmail , ,
, , , sendmail. ,
sendmail:
,
.
sendmail
sendmail sendmail. cf;
/etc. , , ,
.
, sendmail. cf, ,
, 4 sendmail.cf. , 4, ., . Red Hat
19. : SMTP
461
/etc/sendmail.mc, Slackware /usr/src/sendmail/cf / c f / l i n u x .

smtp.mc, SuSE /etc/mail/linux.mc. ,
m4 ,
.cf. , SuSE 7.1 sendmail.cf 1669 ,
linux.mc 221 ,
( dnl).
sendmail. cf 4, 4 . SuSE
:
# m4 < /etc/mail/linux.mc > /etc/sendmail.cf
Linux
sendmail.cf 4, . , Red Hat
sendmail-cf.
sendmail. cf. | sendmail. cf 4 .
, , ,
sendmail.
sendmail.
Linux sendmail SysV,
restart .
4 :
_('
!'[, *2' [ , . . . ] )
, define
MASQUERADE_AS. , , sendmail, always_add_domain, . .
.
, ,
5 : . .
4 ,
, sendmail. cf .
sendmail.cf, sendmail
.
access.db. access.
access .db ,
sendmail. sendmail . sendmail makemap, access
access. db, access . db.
462
III. Internet
aliases, db. (aliases). ,

. , , root postmaster. ,
root,
. access.db,
aliases.db .
/etc /etc/mail.
, , sendmail.
sendmail
, SMTP , , ,
.
.
4 :
MASQUERADE_AS(*_')
FEATURE(masquerade_envelope)
MASQUERADE_AS , From: ,
. ,
, . FEATURE (masquerade_envelope)
From:, .
, , ,
.
MASQUERADE_DOMAIN(* -' )
FEATURE(4imited_masquerade' )
sendmail , -. ,
.
sendmail
, , .
, sendmail . sendmail ,
. . Red Hat /etc/mail/local-host-names, SuSE
/etc/sendmail.cw. , sendmail.cf
, Fw. ,
. , -
19. : SMTP
463
, . ,
#, .

,
. , sendmail,
, , , , . ,
. , , ,
. sendmail , .
sendmail
.

.
.
, ,
. "relaying denied" (" ").
sendmail , . ,
FEATURE, .
relay_entire_domain. , sendmail , , .
sendmail DNS. relay_entire_domain
.
relay_local_f rom. sendmail,
, From: , . relay_local_f rom ,
From:, . .
.
relay_based_on_MX. , sendmail , , ,
MX, .
relay_based_on_MX . ,
sendmail,
DNS. -
464
111. Internet
. , ,
MX .
relay_hosts_only. , sendmail
. , ,
. ,
.
access_db.
sendmail. relay_hosts_only, sendmail ,

.
, .

| promiscuous_relay, . .

.
4.
FEATURE('access_db')
,
, , access.db,
, .
, sendmail
access .db. /etc /etc/mail
access. access .
# localhost.. .
localhost.localdomain
RELAY
localhost
RELAY
127.0.0.1
RELAY
#
192.168.99
RELAY
. sendmail , .
. , ,
192.168.99.0/24. IP- , IP- ,
.
RELAY, access
.
. sendmail , , , .
19. : SMTP
465
RELAY. , , , , .
, ,
.
REJECT. ,
, .
.
DISCARD. , REJECT,
.
. REJECT, .
access,
. makemap, :
# makemap hash /etc/mail/access.db < /etc/mail/access
sendmail , .
access sendmail.
sendmail

sendmail . , ,
,
.

. Linux, sendmail, ,
, IP-, , ,
. , ,
. .
sendmail, ,
. ,
4 :
FEATURE('nullclient', ôutgoing.mail.relay')
outgoing.mail.relay ,
. sendmail.f sendmail,
. sendmail, ,
.
466
III. Internet
sendmail

sendmail . access access.db. access.db
.
, IP-, REJECT DISCARD,
. , .
, , ,
. , , , .
IP-.
, 4
dnsbl.
FEATURE(dnsbl, 'blackholes.mail-abuse.org', 'Rejected - see \
http://www.mail-abuse.org/rbl/')
sendmail , MAPS RBL. ,
. , .
Web-, IP-, . ,
, ,
.
8.10 sendmail IP-
. ,
. http: //mail-abuse. org/rbl/usage. html.
, . , access IP- ,
.
. promiscuous_relay .
sendmail, 8.9.0, , | . ,
. http://mail-abuse.org/tsi/ar-fix.
html#sendmail_8. sendmail, 8.8.4, . .
19. : SMTP
467
Exim
Exim Debian GNU/Linux . . ,
, Exim PowerTools Red Hat, Red Hat
. sendmail, Exim ,
Exim . Exim , sendmail;
, , , , ,
.
^^
^
Exim Debian,
,
Debian. Exim
.
Exim
Exim exim. conf. /etc. ,
:
=
, , , #.
exim.conf, Debian, , .
.
Exim Debian
eximconf ig, exim. conf.
Exim;
exim. conf. , exim. conf ,
eximconf ig . eximconf ig ,
Exim. , ,
.
exim. conf, Exim . , Debian, .

/etc/aliases. ,
sendmail. , , , . , root: amelia, , root,
amelia. aliases , -
468
III. Internet
. , root: ameliaS
pangaea. edu , , root, amelia@pangaea.edu.
sendmail, Exim aliases
.
/etc/email-addresses. From: . ,
ben: bfranklin@pangaea.edu , , ben,
bf ranklin@pangaea. edu.
eximconf /etc/aliases ,
, postmaster root, ,
root, , .
,
. /etc/email-addresses, Debian, .

, , ,
hostname, . qualify_domain.
. , .
, exim. conf :
qualify_domain = threeroomco.com
ben , , , From: , Exim
threeroomco. com. threeroomco.
com, Exim . , From: :
ben@threeroomco.com.
, , primary_hostname. qualify_domain, qualif y_domain.
primary_hostname Exim . , , Received:.
/etc/email-addresses.
, /etc/email-addresses ,
exim. conf. :
*@threeroomco.com ${lookup{$1}lsearch{/etc/email-addresses}\
{$value}fail} bcfrF
, exim. conf. , . Exim
19. : SMTP
469
threeroomco. com, /etc/email-addresses . , /etc/email-addresses

( ), , ,
( ) . ; , email-addresses.
. exim. conf, , ,
email-addresses.
, Exim. Exim, http: //www. exim. org/eximhtml-3.30/doc/html/spec_34,html.
Exim
exim. conf , , .
.
local_domains.
, . Exim
. , local_domains = localhost: threeroomco.
com Exim , localhost threeroomco.com , ,
. qualify_recipient. qualify_recipient
, .
local_domains_include_host. true,
Exim , . , local_domains.
local_domains_include_host_literals. true, Exim , IP- . , Exim 172.24.98.2 ben, Exim
ben@ [ 1 7 2 . 2 4 . 9 8 . 2 ] . , , false local_domains_
include_host_literals.
eximconf ig
, . ,
, , ,
.
Exim
sendmail, Exim ,
, ,
470
III. Internet
. eximconf ig , ,
. Exim exim. conf.
Exim
exim. conf,
, .
host_accept_relay. Exim ,
,
( ). host_accept_
relay = localhost, Exim , . (
, IP-, ) , . , host_accept_
relay = localhost: 192 .168 . 99 . 0 / 2 4 :* .pangaea. edu ,
,
192.168.99.0/24, pangaea. edu. IP- , ,
.
relay_domains.
, . Exim
, , . , ,
. , (*) ,
host_accept_relay.
relay_domains_include_local_mx. yes
, , MX DNS. ,
Exim . ,
DNS MX.
sender_address_relay. , ,
. , ,
host_accept_relay. (
, relay_match_
host_or_sender = yes, ,
.) , -
19. : SMTP
471
,
.
Exim ,
. . , , ,
host_auth_accept_relay (
) tls_host_accept_relay ( , TLS).
Exim
,
. Exim , , eximconf ig
, . ,
eximconf ig, :
smarthost:
driver = domainlist
transport = remote_smtp
route_list = "* franklin.threeroomco.com bydns_a"
end
Exim , ,
, franklin.threeroomco.com.
, .
Exim
Exim .
, , , ,
. .
host_reject. exim.conf.
, IP-,
. , , , . , host_reject
= * .badspammer. net: 10 .16. 8 . 0/24 , badspammer.net, 10.16.8.0/24 .
,
host_reject, . ,
.
472
III. Internet
host_reject_recipients. , host_
reject,
, , ,
RCPT :. .
sender_reject. .
, . , sender_re j ect = spammer@abigisp. com:
badspammer. net , badsparnmer. net
spammer@abigisp.com . Exim , .
,
.
sender_reject_recipients.
sender_reject, , , . .
RCPT :. sender_re j ect,
.
, . Exim . . forward, . Exim
. , ,
Procmail, .
f i l t e r . txt. gz,
Exim. Debian GNU/Linux
/usr/doc/exim; gunzip.
,
, , . ,
Exim ,
IP-. , exim. conf, .
rtrt^domains. , IP- ( . 19.1).

/warn /reject. /warn Exim , ( Procmail), a /re j ect ,
. , /accept ( " ")
/skiprelay ( host_accept_relay,
IP- ).
rbl_hosts. * ;
, , , -
19. : SMTP
473
IP-, rbl_doraains.
.
, *;
!. , rbl_hosts = lok.pangaea.
edu: * ok.pangaea.edu
IP-.
rbl_reject_recipients. /warn /reject
rbl_domains ,
. , Exim
. rbl_re ject_recipients.
rbl_reject_
recipients = no, Exim .
recipients_reject_except.
IP-. , recipients_reject_
except = postmaster@threeroomco. com, Exim , postmaster@threeroomco.com,
, , IP-.
,
IP-, , Exim. , , Exim ,
. .
headers_check_syntax. Exim , . , , , . , true header s_check_syntax.
helo_verify. SMTP
HELO EHLO, . Exim , ,
. , , helo_verif = * ,
. helo_verif
HELO EHLO, IP-
. ,
.
, , , . .
message_size_limit.
,
. 0 message_size_
474
III. Internet
limit, . ,
. .
, Exim, ,
,
.
Postfix
Exim, Postfix .
Postfix , SMTP
. Postfix , . .
. Postfix , Exim.
SMTP, Postfix , , , ,
.
Postfix Mandrake,
, Debian SuSE. PowerTools. RPM-, Mandrake,
Linux, SysV, , . Postfix Mandrake,
Postfix,
. Postfix Mandrake .
Postfix
Postfix main.cf, /etc/postfix.
:
=
main. cf ,
. ,
S .
( ):
myhostname = franklin.threeroomco.com
myorigin $myhostname
myhostname f r a n k l i n .
threeroomco. com, myorigin. Postfix, ,
, ,
.
main. cf , ,
#. ,
19. : SMTP
475
Postfix,
.
main. cf . sendmail,
( . db)
. ,
. db. aliases ( aliases. db).
sendmail, aliases ,
. , root: amelia , ,
root, amelia.
aliases aliases .db,
postalias aliases, , aliases.

. db, , Postfix .
, postfix reload
Postfix, SysV.

myorigin , Postfix
.
$myhostname, , ,
. ,

, .
myorigin, :
myorigin threeroomco.com
, $mydomain. $mydomain
$myhostname, , . , $myhostname franklin.threeroomco.com,
$mydomain threeroomco.com. main.conf
. ,
.
myorigin .
,
SMTP, From:, .

, , , , .
, , , Postfix , From: ben@client. threeroomco. com. , client ,
ben@client.threeroomco.com. , $mydomain
476
III. Internet
threeroomco. com, :
masquerade_domains = $mydomain
Postfix , , ,
$mydomain. From: :
, $mydomain, .
Postfix .
, Postfix
. sender_canonical_maps.
sender_canonical_maps = hash:/etc/postfix/sender_canonical
sender_canonical , . , , , . client.threeroomco.com localhost
threeroomco.com:
Sclient.threeroomco.com @threeroomco.com
@localhost @threeroomco.com
.
, ,
. , , , , .
sender__canonical postmap sender_canonical.
Postfix, postfix reload
.
,
. ,
, Postfix , myorigin. masquerade_domains , ,
, Linux UNIX.
From:, Received:.
, ,
, From: .
Postfix
, Postfix . , , Postfix mydestination.
$myhostname localhost. $mydomain. , $mydomain
threeroomco.com, a $myhostname f r a n k l i n , threeroomco.
19. : SMTP
477
com, Postfix , f r a n k l i n ,
threeroomco.com localhost.threeroomco.com.
. , ,
$mydomain. localhost.
mydestination . , , ,
:
mydestination = localhost, localhost.$mydomain, $myhostname,
$mydomain
, mydestination ,
\ . ,
_
.
Postfix ,
mydestination.
.
Postfix
, Postfix , . , main. cf,
, .
Postfix
Postfix , .
,
$mynetworks. , ,
localhost.
, $relay_domains.

$mydestination.
,
, $relay_domains, .
, Postfix
, , ,
, .
, . ,
$mynetworks $relay_domains ( ). , , Postfix
work, threeroomco. com. :
478
III. Internet
mynetworks = 127.0.0.0/8
relay_domains = work.threeroomco.com
, , .
:
mynetworks = 1 9 2 . 1 6 8 . 9 9 . 0 / 2 4 , 1 7 2 . 2 4 . 0 . 0 / 1 6 , 1 2 7 . 0 . 0 . 0 / 8
relay_domains = $raydestination, pangaea.edu
, 192.168.99.0/
24,172.24.0.0/16 localhost (127.0.0.0/8), ,
$mydestination pangaea.edu.
mynetworks, relay_domains smtpd_sender_restrictions.
main.cf,
. permit_mx_backup relay_based_on_MX sendmail. smtpd_
sender_restrictions Postfix.
Postfix
, Postfix , relayhost. ,
main. cf, , . , ,
MX, -,
relayhost . , , f r a n k l i n . threeroomco. com,
main. cf :
relayhost = franklin.threeroomco.com
, -,
, MX, franklin.threeroomco.com
$mydomain. ,
, , Postfix .
Postfix DNS.
(, /etc/hosts),
:
disable_dns_lookups = yes
Postfix ,
DNS . Postfix
/etc/hosts.
19. : SMTP
479
Postfix

sendmail Exim, Postfix , . , , IP-.
, Postfix, , ,
. ,
main.cf. , ,
.
header_checks = regexp:/etc/postfix/bad_headers
bad_headers , 19.2.
, , ,
, . POSIX (regexp: ), PCRE (: ).
19.2. Postfix,
#### Subject: ,
/ A Subject: ADV:/ REJECT
/ A S u b j e c t : Accept V i s a / REJECT
#### From: Received: ,
####
/ (From|Received):.*badspammer\.net/ REJECT
/"From: spammer@abigisp\ .net/ REJECT
""*^
. , , egrep.
header_checks , . IP. .
maps_rbl_domains = relays.mail-abuse.org, dialups.mail-abuse.org
smtpd_client_restrictions = reject_maps_rbl
maps_rbl_domains , IP- ( . 19.1).
, . ,
, , ,
, . reject_maps_rbl, smtpd_client_restrictions
. , reject_unknown_client -
480
III. Internet
Postfix, DNS, . Postfix.

, Postfix ,
. .
smtpd_helo_required .
yes, Postfix , SMTP HELO
EHLO. , , ,
SMTP.
smtpd_helo_restrictions. Postfix HELO EHLO SMTP-.
smtpd_helo_restrictions . , reject_unknown_hostname , Postfix
,
MX. reject_non_fqdn_hostname , .
smtpd_helo_restrictions Postfix.
smtpd_sender_restrictions. Postfix
, , From: . , reject_unknown_
sender_domain , From: ,
, reject_non_fqdn_sender , .
Postfix , .
Postfix , . , .
, Postfix , . ,
Postfix
sendmail, Postfix
, , . , , .
Procmail
SMTP, , ,
. ,
, .
, .
Linux ,
19. : SMTP
481
Procmail. Procmail , .
, Procmail, . Procmail, ,
, .
Procmail

, . ,
. , ,
. , , ,
, .
,
, Procmail.
Procmail ,
. . , , ,
, ,
. , ,
, , .
Procmail . Procmail , , , .
, .
" ", , .
Procmail. , , ,
.
Procmail
. , , Procmail,
, .
Procmail , , Postfix
egrep.
Procmail
. , , , .
Procmail . Procmail
/etc/procmailrc. Procmail .procmailrc,
482
III. Internet
. , ,
, , .
Linux /etc/procmailrc , f Procmail root. , , Procmail,
. , ,
, ,
. .procmailrc, , ,
Procmail .
Procmail .
. , , , #.
, . Procmail , $ ( ) $MAILDIR (, ). , .
, MAILDIR = $HOME/Mail
$MAILDIR , Mail,
.
. Procmail (recipe).
. , ,
. ,
. : (delivering) (nondelivering).
,
.
, . .
Procmail.
. Procmail
, .
Procmail . , Procmail
, $DEFAULT. ,
, /vax/spool/mail/_.

, ,
. :
19. : SMTP
483
:0 [] [:[_ ]]
[]
: ,
.

: 0. 0 ,
, : 1 , . : 0 , Procmail.
.
. ,
.
. .
D. .
D .
. , ""
. "" .
w. , Procmail ,
. ,
.
W. w, .
.
, ,
. Procmail
, . , ; , ,
, , . ,
( ). ,
.
(, ) , *. , , Procmail (
). , .
.
. . Procmail *.
484
III. Internet
$. .
.. , . ,
d.g dog, dig, dug
, d .
*. ( ) , , . ,
. , , 802, , 1618,
802.*1618.
+. , *,
.
?. , .
! \ 2. ,
,
|. ,
|.
() *. *, , .
[ ]. , , ,
. , [aeiou]
, , 1, .
(-), . , [m-q]
, , , q.
\. . , \ . .

, Procmail.
, . ,
. , . , ,
. , .
,
, .
.
!. . !, , , , . , ,
, postmaster.
19. : SMTP
485
<. ,
.
>. ,
.
Procmail,
. , Procmail . Procmail sendmail,
Exim, Postfix , mbox. qmail , maildir,
Procmail (/), , Procmail
maildir. Procmail
,
.
, Procmail ,
.
!. , Procmail ,
. , .
I . UNIX . Procmail . , Procmail .

.
{. .
, , . ( ,
. , .) ,
. ,
,
.
.
. ,
, . ,
, Procmail
. , , .
, ,
.
486
III.
Internet

Procmail. 19.3 Procmail,
.
.procmailrc,
.
19.3. Procmail
MAILDIR" =~~$711.
# . ,
t postmaster
:0
*! (From| ) : . *postmaster
{
:0
* .*301.*S.*1618
/dev/null
:0
* From: . *badspanuner\ . net
/dev/null
:0
* Subject: .*\$\$\$
/dev/null
# rug david
#
:0
* From: . *david@pangaea\.edu
* Subject: . *rug
! amy@threeroomco.com
#
:0:
* : . *list@mailinglist\ .example\ .com
$MAILDIR/mailinglist
19.3 Procmail.
. , , ,
, , postmaster.
( , -
19. : SMTP
487
.) ,
*! \ : . *postmaster ,
.
.
. , ,
.
. 19.3 , . ( ) ,
301, S 1618. ,
301 S.1618, . ,
, badspammer. net,
, Subject: $.
. /dev/null, . . . /dev/null
.
, .
. ,
, , . .
:
david@pangaea. edu, rug
Sub j ect:. ,
.
. .
, list@mailinglist.example.com, , , . :
, .
, ,
, .
, 19.3, , ,
. , , .

Procmail ,
. , -
488
III. Internet
.
Procmail .
SpamBouncer. Procmail, . , SpamBouncer, ,
. , . SpamBouncer,
Web-, http: //www. spambouncer. org.
SmartList. , , Procmail.
SmartList
FAQ, http://www.hartzler.net/smartlist/
SmartList-FAQ.html.
. (Timo Salmi) Web- (http://www.uwasa.fi/~ts/info/proctips.html), Procmail. ,
, , SpamBouncer SmartList,
"" .
Procmail . Web- http: / /
handsonhowto.com/pmaill02.html Procmail,
, .
, ,
, Internet Procmail recipes.
Web- Procmail http: //www.
procmail.org.
.procmailrc. ,
/etc/procmailrc. , SpamBouncer, , ,
.
, , .
| , .
,
.
, .
Procmail. , SMTP telnet (
25).
19. : SMTP
489
Procmail
, Procmail
. Linux Procmail .
, , .
sendmail. Procmail, 4 . ,
define( 1_1_', Vusr/bin/procmail'),
sendmail , Procmail.
FEATURE (local_procmail) MAILER (procmail) sendmail
Procmail .
Exim. exim.conf,
, procmail_pipe. Procmail . ,
.
Postfix. main. cf, ,
Procmail mailbox_command.
, Postfix , Procmail.
Linux Procmail. . Procmail ,
,
. forward,
:
"|IFS=' '&&p=/usr/bin/procmail&&test -f $p&&exec $p \
- Y f - | | e x i t 75 #_"
, ,
.
490
III. Internet
Internet. Linux , sendmail,

, Exim Postfix. , SMTP , , ,
. , , ,
,
. . SMTP
Procmail. Procmail , ,
, . Procmail
, ,
, .
I 11
40&
W**^
/)
Web-
World Wide Web Internet

, , Internet
, . Internet, , , Web.
Web- . Web, , "" Internet.
Linux Web- ,
Apache.
.
, Web-, , ,
, , , Web-.
Web- , Web-.
Web- Linux ,
, , . .
Web-,
, ,
, : (Engelschall) Apache
Desktop Reference (Addison Wesley, 2001) (Auld) Linux Apache Server Administration (Sybex, 2001). ,
Web-. (Meltzer)
(Michalski), Writing CGI Applications with Perl (Addison Wesley, 2001).
Web-
Web- , Web- .
, , ,
.
492
III. Internet
Web- , HTTP (Hypertext Transfer Protocol ). Web- ( , 80).

HTTP- ( Web-) Web- . , Web- , ,
CGI-, ,
. . HTTP
Web- .
Web- Web- ,
, URL (Uniform Resource Locator ). ( Web- . Web ,
, .) URL http: //,
URL , f t p : //.
Web- http: // https : //;
.
, Web Web-. Web- , ,
Web-.
.
: , , .
Web- .
Web-, . ,
, . Web- Web-, , .
, ,
.
Web- Web-. Web, , , Web, URL. URL ,
. Web-, Web-
, Web-.
Web-, Web. , Web-
. , Web-
, , .
, , ,
, DNS ( DNS 18). ,
Web- 10.102.201.1
www , DNS
:
20. Web-
www
IN A
493
10.102.201.1
, , . ,
, Web-, ,
.
Web-. , , Internet,
Web-. (, ,
200 ,
, , ,
.) (, ), Web-.
(
, ). ,
. , ,
CGI SSL.
Web- . ,
Web- , .
,
.
Web-, .
URL , http: //www.abigisp.net/~UMH/.
. Web , ,
, URL .
,
Web- . Web-
, , , .
: , , . Linux Web . Web- ,
. ,
Web- . ,
Linux Web-
, .
: Web- , . Web- ,
Web-.
494
III. Internet
, Web-
Linux
,
Web- Linux. ,
,
"", . Web-, Linux.
Apache.
Linux. , , Apache. Netcraft (http://www.
netcraf t. com), 2002 . 65% Internet Web-
Apache. , . Apache Web- , CGI SSL-. Web- Apache
http://httpd.apache.org.
Roxen. Web-; Apache. Web-, .
Roxen ,
http://www.roxen.com/products/webserver/.
thttpd. . Apache
300 ( ), thttpd 50 .
. , CGI, SSL-.
http://www.acme.com/software/
thttpd/thttpd.html.
Zeus. Web-, Linux,
, Zeus .
; 1700 . , Web- Zeus (http: //www. zeus . . uk/products/
zws/),
.
Web-.
Web- . Web-,
Linux. , Web-

.
, ,
. .
20. Web-
495
. HTTP
, Web-.
, ,
16, Web-.
Web-, , 80.
.
,
. , HTTP,
.
, Apache, Linux. - , ,
thttpd. , Apache, , ,
. Apache ,
,
.
, ,
, kHTTPd.
, .
thttpd Zeus. ,
, .
, .
(, ), Web .
Apache, ,
, ,
Web- . ,
Apache,
.
Apache
, Web-, Apache. ,
(. . , ), ,
.
Apache . ,
496
III. Internet
Apache, , . Apache
,
.
Apache
Apache httpd.
conf. ,
. Caldera SuSE httpd. conf /etc/httpd; Debian Slackware /etc/apache
(Slackware - /etc/apache/httpd. conf .default;

); Red Hat TurboLinux httpd.conf /etc/httpd/conf/.
, httpd. conf, #, . , , :

, .
, . .
. .
<Directory /home/httpd/html>
Options FollowSymLinks
AllowOverride None
</Directory>
, ,
. , , .
Apache , . ,
httpd. conf.
access.conf.
AccessConfig httpd.conf. access.conf
<Directory>, .
, AccessConfig /dev/null,
access. conf.
mime.types. Web- , , Web- MIME (Multipurpose Internet Mail Extensions Internet). ,
MIME- text/plain , ,
a image/ jpeg JPEG (Joint Photographic
Experts Group ).
mime. types MIME- -
20. Web-
497
. , , .txt .asc, MIME- text/plain. ,

Web- . , ,
, Web-.
,
.
magic. MIME-
.
. , ,
"" . , , magic. , .
magic .
Apache
4 . Apache
: ,
SysV .
SysV ,
, ,
.
Apache ;
Debian , '.
, ,
, Apache.
- , ,
Web- ,
Apache ,
, , . , ,
thttpd Web-,
.
Apache,
ServerType. Apache
standalone inetd. , Apache
. , , SysV
Apache inetd,
, SysV Apache, SysV, /etc/inetd. conf
, , inetd.
, .
498
III. Internet
Apache apache,
httpd.
, .

, , . Apache ( /home/
httpd/html). Apache ,
, , . , , ,
Web-.
, Apache. .
ServerType. .
standalone inetd.
User Group. Linux
. , Apache.
Apache nobody
, .
,
.
, .
<?^^

^^ Apache ,
root.
ServerTokens. Apache , . ProductOnly, . Min,
OS Full ( , ),
ProductOnly, .
, , ProductOnly
|
ServerTokens, . -
, Linux, . , .
20. Web-
499
MinSpareServers MaxSpareServers. Apache

, . . MinSpareServers
MaxSpareServers , .
, MinSpareServers,
, Apache . , , MaxSpareServers, .
,
, , .
,
.
5 10. , MinSpareServers MaxSpareServers
, .
, , , .
, Apache
MaxSpareServers, . , . MaxSpareServers
, ,
.
MaxClients. , .
150. , , . Web-

MaxClients, Apache. ,
. MaxClients ,
.
, MaxClients,
, Web-, Apache. Web-
,
MaxClients.
Listen. Apache
, 80.
, . , Listen 1 9 2 . 1 6 8 . 3 4 . 9 8 : 8 0 8 0
Apache, ,
500
III. Internet
192.168.34.98 8080.
Listen 8000 ,
8000.
BindAddress. , Apache,
, , , Apache . ,
BindAddress 192 .168 . 34 . 98, 192.168.34.98. Apache
BindAddress *, Apache .
, , BindAddress 127 .0.0.1. . URL http : / / 1 2 7 . 0 . 0 . 1

http://localhost.
Port. Apache,
. 80.
ServerAdmin.
. webmaster. SMTP,
, .
, , , .
ServerName. , , .
Def aultType. Apache MIME- , "" , MIME-, .
text /plain, . Def aultType ,, Web-
, , , MIME-
.
HostnameLookups. On O f f .
On, Apache , , . , .
, .
LogLevel. Apache . , debug,
info, notice, warn, error, crit, alert emerg LogLevel.
20. Web-
501
( , .) warn.
CustomLog. :
, . , , Web-.
common, agent, referer combined.
httpd.conf , .
,
CustomLog.
, , httpd.conf .
. , Apache , .

URL .
. URL (, http: / / ftp: //)
, . , HTTP ( URL
http: //). URL,
https : //.
. , URL,
, Web-. , URL http: / /
www.threeroomco.com/thepage/index.html www.
threeroomco. com. ( . ,
DNS CNAME.
( DNS 18.)
. HTTP- . URL ( ). , URL http://www.threeroomco.com/thepage/index.
html thepage/index.html.
, Linux.
, Web-.
URL , Web- ,
Directorylndex.
. URL . , Web- .
URL #.
502
III. Internet
URL, FTP,
.
Apache ,
, Web-.
, Web-
. , , .
ServerRoot.
, Apache.
"/usr" .
.
DocumentRoot. , ,
, Web-. "/home/httpd/html" . (
httpd. conf .)
DocumentRoot ,
f Linux , Apache .
UserDir. ,
URL, , Apache .
UserDir , .
, public_html URL http: //www. threeroomco.
compilation/~abrown/photos . html. Apache photos .html, public_html abrown. disabled
, , , .
, disabled , .
<IfModule>, , Apache, . (
Apache .)
Directorylndex. URL ;
( ).
Apache URL, , Directorylndex.
index.html, .
. URL http: //www. threeroomco.
com/public/, Apache index.html,
public , DocumentRoot.
, Apache .
20. Web-
503
Apache , .
, , Web- .
,
. , . , Apache
, .
Apache
Apache , Web- . , , Apache . , .
, ,
, . Apache .
httpd. conf,
, LoadModule. .
LoadModule mime_module
lib/apache/mod_mime.so
(
mime_module) , (lib/apache/
mod_mime. so). , ServerRoot,
.
, ,
Apache. , , httpd -1 ( apache -1). ,
Apache LoadModule,
, AddModule.
AddModule mod_mime.
AddModule
. Apache LoadModule, AddModule.
, ;
Apache ,
Web-. , , . ,
, , Apache, ,
.
Apache , , . Web- Apache Module Register http: //modules . apache. org.
504
III. Internet
, , ,
Web- .
kHTTPd
, UNIX, , , Linux,
: (kernel space processes) (user
space processes). ,
, ,
. ,
. , ,
. , ,
.
, , ,
, Web- ,
,
. . 20.1 Web- ( Apache)
. , ,
,
. , .
HTTP-,
Web-, .
,
. 2.4.x
, Web- kHTTPd. h t t p : / / w w w . f e n r u s . d e m o n . n l . ,
, , /proc/sys/net/khttpd.
HTTP-
HTTP-

Apache

HTTP-
HTTP-
. 20.1. Web-, ,

20. Web-
505
,
.
1. kHTTPd Linux. Kernel HTTPd Acceleration, Networking Options.

.
2. Apache ,
8080 , 80.
3. kHTTPd. , insmod khttpd.
4. kHTTPd , 80. echo 80 > /proc/sys/net/
khttpd/serverport.
5. echo 8080 > /proc/sys/net/clientport.
kHTTPd ,
, Apache, 8080. ( 2
, 8080, .)
6. kHTTPd,
. echo /home/httpd/html > /proc/
sys/net/khttpd/documentroot, /home/httpd/html
, , , httpd.conf
DocumentRoot.
7. Web- HTML-,
, /proc/sys/
net/khttpd/dynamic.
8. echo 1 > /proc/sys/net/khttpd/start, kHTTPd .
SysV.
SysV ,
4-8 .
, ,
, , . kHTTPd
(, , CGI-), Web-,
. , 2 5.
, Web- CGI-,
kHTTPd . ,
kHTTPd , Apache .
506
III. Internet
,
, . , kHTTPd ,
, Apache . kHTTPd , , ,
. , kHTTPd,

Apache.
kHTTPd , . Red Hat TUX, ,
,
Linux.

Web-, , Web-, . Web Web-. ,
, Web-, . Web-, , .
Web- Apache,
. , , .
, CGI-
.
,
. .
HTML-. Internet
HTML (Hypertext Markup Language ). HTML . htm . html
. .
, <> , </> . HTML Web-
, Internet ( , Web).
. , ,
.
Web-.
. . txt. , Web- ,
20. Web-
507
, .
. HTML- , .
. ,
, .
, .
. Web-
PDF, Microsoft Word, . zip . tar, , .
, .
,
DocumentRoot UserRoot .
, ,
: ,
. , , , :
.
,
. Internet,
. .
. URL
, Web-, .
( ).
Search ( ,
) Web, Web-
.
Internet-. , Internet-, Web-
"" .
Web- Web- , ,
, . Web-, Web Web-, Web- , .
Web-, . Web
, . , Slashdot (http://slashdot.org),
. Web- cookie, -
508
III. Internet
. ( cookie
.)
Web-.
. Web-
Web- ,
HTML- ( )
, .
Web- .
Web-. Web- Web-,
, , ,
. , , Web-, ,

. , , ,
Web- , . Web- HTML-,
.
CGI-. CGI (Common Gateway Interface ) , HTML-, Web-. CGI-
. , , Perl. Web- CGI , URL.
Web- , ,
Web-, .
SSI (Server Side Includes ) , ,
CGI-, Web-, SSI . SSI , CGI,
Web-, ,
.
Web-. , , CGI, CGI .
, Web-, CGI-,
. . , , CGI-, .
CGI-
CGI-, Apache . URL, ,
20. Web-
509
, , ,
Web- . CGI-
Apache .
. CGI- Apache ,
.
CGI Apache.
LoadModule cgi_module
1ib/apache/mod_cgi.so
, CGI-, Apache,
AddModule. ( ,
.)
AddModule mod_cgi.
Apache CGI- . CGI
. .
ScriptAlias. . -,
Apache , , , CGI-. -, , , ,
URL. , ScriptAlias /scripts/ "/home/
httpd/cgi-bin/" /home/httpd/cgi-bin/
/scripts URL. , URL
http://www.threeroomco.com/scripts/test.pl, test.pl, /home/httpd/
cgi-bin/. Apache LoadModule AddModule
; ,
, httpd.conf. CGI- mod_alias.
.
, , .
Options +ExecCGI. CGI- , +ExecCGI Options.
, (. .
<Directory>).
. htaccess. ,
.htaccess. .htaccess Options
+ExecCGI, Apache CGI-, .
, httpd.conf
AllowOverride Options;
, . htaccess.
510
III. Internet
Options +ExecCGI AllowOverride Options f .

,
.
.htaccess .
Apache
ScriptAlias, /home/httpd/cgi-bin
/cgi-bin URL. .
CGI- , /home/httpd/cgi-bin. .
, , ,
.
Web- FTP-, /home/httpd/cgi-bin
chmod + _.
CGI-
, CGI- ,
.
CGI-;
. CGI-,
Web- http://httpd.apache.org/docs/howto/
cgi. html , .
CGI- Web- . ,
, . , Web-,
CGI- HTML
, Web-. (,
.)
HTML-, CGI- Content-Type
MIME- , .
:
Content-type: text/html\r\n\r\n
MIME- text/html, ,
CGI- HTML-. \ r \ n \ r \ n ,
. . CGI-, Perl, 20.1. ,
. , CGI-, . URL
, "Hello, Web".
20. Web-
511
20.1. CGI-, Perl

#!/usr/bin/perl
print "Content-type: text/html\r\n\r\n";
print "Hello, Web";
. ,
, . -. =,
- &. , CGI, .
city=Oberlin&state=OH&zip=44074
, . Perl .
Perl CGI-.

CGI-
Web- CGI-, ,
Web-, .
, . , Web- CGI . CGI- ,
. , , ,
. , CGI-
,
. .
, ,
CGI-. User Group httpd.conf. CGI- , , ,
, , , CGI-.
,
Apache;
. .
, .
, , . , ,
Web-, , .
512
III. Internet
Web-, , http: //www. cpan. org.

, Web-,
, . , ,
Web-, . ,
, IV.
Web-
. Web Web- SSL (Secure Sockets Layer
). SSL
. SSL- Apache , , mod_ssl (http: //www.
modssl.org) , Apache-SSL (http:
//www.apache-ssl.org). SSL- ,
.
, SSL
SSL , , SSH. ( , , OpenSSH
OpenSSL,
Apache, SSL.) SSL
, Web- Web-.
. SSL , .
, Web- Web- , .
,
.
, , , , ,
, . , ,
, , .
.
Internet . ,
, . , URL http: //www. abigretailer. com, ,
, ? ,
DNS
. SSL .
20. Web-
513
, , . , ( certificate authority),
, . , ,
,
, . ( , .
, 2001 . Microsoft ,
.)
,
. , . , , . http: //www. apache-ssl.
org/#Digital_Certif icates. , Web- , , Web- .
SSL , 80.
HTTP (HTTPS)
443. Web- , URL, ,
https: //. Apache SSL,
, - 80 443, .
, ,
(, Apache SSL- thttpd
HTTP-).
SSL
Apache SSL-, SSL-. Linux
.
SSLeay (http://www2.psy.uq.edu.au/~ftp/Crypto/ssleay/)
OpenSSL (http://www.openssl.org)
OpenSSL Linux.
Linux, Debian, Mandrake, Red Hat SuSE. SSLeay OpenSSL ,
(ssleay openssl) .
OpenSSL . Internet , ,
. Apache SSL .
, ;
514
III. Internet
# openssl req $@ -new -x509 -nodes \

-config /usr/share/doc/apache-ssl/examples/ssleay.cnf \
-out /etc/apache-SSI/apache.pern \
-keyout /etc/apache-SSI/apache.pern
, SSL /etc/apache-ssl,
/usr/share/
doc/apache-ssl/examples/ssleay. cnf.
. ,
.
, \ .
openssl ,
. ,
/etc/apache-SSI/apache.pern.
,
. , , , Web-,
, , , . , Opera
Linux, . 20.2.
.
Certificate signer not found)-
Th* KM certificate tor tnlt server 1 registered Vou mey iristali'tWe certrlcate AcceptrtrntaKT
*^
louiswu.rodsbooks com
rodsbooks
Woonsocket
Rhode Island, US
-4
K)"
>
''
-^
louiswu.rodsbooks.com
rodsBooks
Woonsocket
Rhode Island, US
https://loulswu.rodsbooks.com/
Connection : US V1.0 126 bit C4 (RSA/SHA)
Certificate version: 3Serlal number: 0
Not valid before:Nov 520:50:132001 QMT
Not valid aflerDec 5 20:50:13 2001 GMT
Fingerprint: 14 46 38 04 13 F8 34 AA 3D 01 B6 7E 3 6 CO 88
. 20.2. , , , ,
,

20. Web-
515
Apache,
SSL
, SSL Apache . SSL-
Apache. SSL- ,
SSL-.
Apache , SSL,
.
, SSL,
, ,
Apache. , Debian Apache,
SSL, /etc/apache-ssl,
Apache /etc/
apache. SSL-
Apache SSL, ,
, , . .
ServerType. SSL , ServerType
standalone.
. SSL
443. , Listen
.
. LoadModule AddModule
,
SSL. , , ,
.
SSLRequireSSL. <Directory>, , SSL. (
.) SSLRequireSSL . , , , ,
.
SSLEnable. SSLEnable SSL
. SSLRequireSSL,
.
SSLCACertif icatePath. , . , SSLCACertificatePath
/etc/apache-ssl.
SSLCertif icateFile. ,
(, /etc/apache-SSI/apache .pern).
516
III. Internet
, SSL- . ,
Apache
.
, SSL-. , URL,
https : //. , , ,
. 20.2. ,
(
).
Internet, , | Web-. , , .
, , (, , )
.
,

.

Apache Web, Web-. Web-? ,
, Web-. Web-
,
. , , Apache .

Web- - , , . ( Web-
, DNS-.) .
(
), Apache ,

. ,
, .

Web-, Web-,
20. Web-
517
. (
Web- )
,
, .
.
,
Internet.
, Web-
. , , Web.
, , .
Web-.

.
, , , , .
.
VirtualDocumentRoot
VirtualDocumentRoot , . ,
. VirtualDocumentRoot ,
. (
. 20.1.)
:
VirtualDocumentRoot /home/httpd/%0
20.1. ,

%%
%
%N.
%
,
, . N ,
. , 1 , 2
. . N : 1
, 2 . .
, N, ,
.
, .
518
III. Internet
, /home/
httpd, , . , URL http://www.threeroomco.com/index.
html, /home/httpd/www.threeroomco.com/index.
html. ,
Web-, (
/home/httpd). .
.
VirtualDocumentRoot /home/httpd/%-1/%-2
, , ,
URL http://www.threeroomco.com/index.html, Apache /home/httpd/com/threeroomco/index.html (
). ,
:
VirtualDocumentRoot /home/httpd/%-2.1/%0
URL http: //www. threeroomco. com/index. html Apache /home/httpd/t/www.threeroomco.com/index.html.
%-2 .1 (. 1) (-2), .
VirtualDocumentRoot, Off UseCanonicalName.
UseCanonicalName Off
UseCanonicalName On,
, Apache , . ,
index. html Web- products . html,
Apache , . . Off
UseCanonicalName, Apache
, .
<VirtualHost>
. Apache .
NameVirtualHost.
Apache , .
*; . , NameVirtualHost
IP-, ;
, , -
20. Web-
519
, , .
<VirtualHost>. , . ,
NameVirtualHost. </VirtualHost>. , ; ,
,
.
, <VirtualHost>, ServerName ( , )
DocumentRoot. , CGI-. , Web-:
NameVirtualHost *
<VirtualHost *>
ServerName www.threeroomco.com
DocumentRoot /home/httpd/threeroomco/html
ScriptAlias /cgi-bin/ "/home/httpd/threeroomco/cgi-bin/"
</VirtualHost>
<VirtualHost *>
ServerName www.pangaea.edu
DocumentRoot /home/httpd/pangaea-u/html
</VirtualHost>
, www. threeroomco. com , /home/httpd/threeroomco/html, , /home/httpd/threeroomco/cgi-bin.
www. pangaea. edu, /home/httpd/pangaea-u/html, CGI-
.
VirtualDocumentRoot, <VirtualHost>
. , VirtualDocumentRoot ; .
<VirtualHost>, , .
520
III. Internet
Web-

Web-, , Web-,
, , Web. Web- (, )
, ,
Web-, HTML-. HTML-,
, (, ), .
HTML- , Web-,
.
,
Web-
,
, Web-. , Web- Web-,
.
Web- HTML-. , . HTML- 20.2. , HTML-, : ,
, , , . ,
. , .
,
/.
, . , ,
. . ,
, Web-.
, 20.2, , . ,
HTML-.
<HTML>. , HTML-. , , .
<HEAD>. HTML- .
, ( <TITLE>). <HEAD>.
20. Web-
521
20.2. HTML-
<!DOCTYPE HTML PUBLIC "-//iETF/YDTD HTML 2.6//EN">
<HTMLXHEAD>
<TITLE>RpHMep Web"=</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<CENTERXH1 ALIGN= "CENTER" > Web"=</Hl></CENTER>
<IMG SRC="graphics/logo.jpg" ALT="Logo" WIDTH="197"
HEIGHT="279"> <> Web"=CTpaHH4a <
HREF="http://www.threeroomco.com/anotherpage.html">
.<//>
</BODYX/HTML>
<TITLE>. , ,
. ,
<BODY>. HTML-.
<BODY> , , .
<1>. , ,
, . Web, .
1 (<1>), 6 (<>). 20.2
<1> ALIGN, Web-
, . ,
,
, ,
<CENTER>.
<CENTER>. 20.2 ,
<1>, ALIGN,
<CENTER>.
, ,
, <CENTER>,
ALIGN.
<IMG>. Web-
. <IMG> 20.2.
<IMG> . SRC , ; , ,
, SRC URL
. ALT , . , ,
. WIDTH HEIGHT
522
III. Internet
,
, .
<>. . Web-
, , .
< HREFX <> (
URL , ,
HREF). . , URL
HREF.
, Web-.
, HTML ,
, , , , ,
, .
HTML , - .
.
HTML-, Web-
. , , 20.2 , Web- <IMG>.
, , , . ,
MIME- .
mime. types, . Apache
MIME- , .
,
, ,
.
Web- ,
, Web. .
GIF. Graphics Interchange Format ( )
1980-.
. , , ,
. GIF 8 , . .
256 .
PNG. Portable Network Graphic ( )
. GIF, PNG
(
24- , PNG
64 ). PNG ,
. PNG
http://www.libpng.org/pub/png/.
20. Web-
523
JPEG. Joint Photographic Expert Group (

) . GIF PNG,
.
JPEG 24 .
, , , , .
JPEG . ,
(, PNG JPEG). JPEG-
.
JPEG- . , . ,
. , Web, , , , , ,
.
Web-
HTML- , Web- .

WYSIWYG (what you see is what you get); , ,
, . Apache , Web-,
. Microsoft Front Page.
Web-, ,
Apache .
.
, HTML-,
. Apache , HTML- ,
FTP.
, Web-.
. HTML. (
, ,
HTML, HTML-
.) ,
524
III. Internet
, Web-. Linux HTML-

Applix Words, StarOffice WordPerfect.
Web-. Web-, Linux, Netscape, HTML-.
Web-, .
Web-.
HTML-. , Linux, ASHE (http: //
www.cs.rpi.edu/pub/puninj/ASHE/), August ( h t t p : / / w w w . l l s . s e /
~johanb/august/), Bluefish (http://bluefish.openoffice.nl) WebSphere
(http://www-4.ibm.com/software/webservers/hpbuilder/).
, .
Web-,
, Web-.
- , Web-,
, .
Web-
Web- , HTML, HTML-, . HTML
. , , HTML-, .
Web-, 20.2, -
. ,
<CENTER>, ALIGN . ,
, ,
, Web-, . ,
Web-, , . ( , Web-,
. , , . ,
, .
,
. 20.2 , .
.)
- HTML-,
Web- . ,
20. Web-
525
Web-: Netscape Navigator Microsoft Internet Explorer.

. , Linux
Mozilla (http: / / w w w . m o z i l l a . , Netscape Navigator, ), Opera (http: //www. opera. com) queror ( KDE). Lynx
(http: / / lynx. browser. org), .
, Web- , . Lynx
, ,
. Web-
, ,
Web- ,
. ,
. Windows
Internet Explorer, , MacOS, BeOS OS/2, . ,
.
, ,
, Web-.

Web-. ,
, Web-. , , , , .
,
, .
Analog Webalizer.
Apache, CustomLog. Apache
,
, , , .
Apache
Apache ; CustomLog.
combined, . combined :
192.168.1.1 - - [ 0 6 / N o v / 2 0 0 2 : 1 6 : 4 5 : 4 9 -0500] "GET /index.html \
/1.0" 200 8597 "-" "Mozilla (Xll; I; Linux 2 . 0 . 3 2 1586)"
526
III. Internet
.
IP- .
, .
. ,
.
identd, HTTP-. (
, , .)
. Apache .
(
-0500).
HTTP-. HTTP- , (GET), (/index.html) HTML (1.0). , ,
Web-, .
. Apache , .
200, , . , 3, , ,
4 5, .
. 8597 , Apache .
.
, .
HTML-,
URL .
Apache .
, , ,
, . ,
URL .
. ,
, . (,
Netscape Mozilla.)
, , , , .
, proxy-.
, , , ,
, .
,
20. Web-
527
, .
Linux
,
(
). /etc/cron. d /etc/cron. interval. , ,
,
.
Analog
Analog (http: / /www. analog. ex) ,
. , .
, Analog, , http://www.statslab.cam.ac.uk/~sretl/stats/stats.html. Analog .
Analog , Web-.
Analog
Analog analog. cf g, /etc. ,
, Analog, .
, SEARCHENGINE ,
. Analog Web-, . Analog
:
LOGFILE __$_
OUTFILE _____
HOSTNAME "_"
. ,
Analog ,
. Analog HTML . ,
Web-.
( Analog HTML-,
httpd/html/analog/index.html;
.) HOSTNAME Analog.
.
, Analog , , . ,
.
528
III. Internet
. Analog ,
analog, cfg ,
Analog (. . /usr/bin),
/etc. , /usr/bin
, ,
Analog , /etc,
In -s /etc/analog.cfg /usr/bin.
. Analog , .
/var/lib/analog/lang, Analog
/usr/bin/lang. ,
In -s /var/lib/analog/lang /usr/bin.
. Analog , .
, Analog
.
/var/www/html/images, ,
Analog, ,
, images . ,
, In -s /var/www/html/ images.
. ,
analog-5 . 01-lmdk Mandrake.
Analog
Analog analog.
, ,
, Analog
. , Analog
.
Analog (
, ).
. , Analog ,
,
(, ), .
Analog
Analog .
,
, .
.
. , Web-: , , ,
20. Web-
529
, ,
.
. , . ,
.
. ,
(, . .).
.
. -
, , ,
. ,
.
. ,
, ,
.
.
, , .
.
, ,
, .
, - proxy-
.
. Analog , , Web-
. 4. 5. ,
.
.
, Web- . ,
, .
, ,
, .
. (JPEG, HTML
. .), Web-.
, , .
. Web-
. ,
530
III. Internet
, (
).
. ,
Web-.
, ,
Web-. , ,
Analog . Apache,
Analog .
Analog . , HTML-, Analog,
. ,
Analog .
Analog ,
, ,
, , , Apache. , Analog, , ,
.
Report Magic (http: //www. reportmagic. com).
Webalizer
Webalizer (http: //www. webalizer. org) , Analog. Analog, Webalizer
HTML-, Web- . Webalizer
.
, Web-, . , Webalizer,
http://www.webalizer.org/sample/.
Webalizer
Webalizer webalizer .conf,
/etc. Analog,
Webalizer , Web-
. :
LogFile ___
OutputDir _____
Analog Webalizer ,
Analog , Webalizer , .
Web-, , Webalizer, Web-.
, Web-,
20. Web-
531
Webalizer URL, f i l e : / / .
Webalizer, , , .
Incremental. yes, Webalizer
.
. , , Webalizer
. yes Incremental
, ,
. no, Webalizer
.
HostName. ,
( ReportTitle).
GroupDomains. .
,
. , GroupDomains 2.
gingko. pangaea. edu birch. pangaea. edu
pangaea. edu.
, Webalizer.
GroupSite. . ,
GroupSite * . abigisp. net , abigisp.net.
HideSite. ,
GroupSite. GroupSite HideSite .
Webalizer Analog.
, Webalizer. ,
.
Webalizer
Webalizer webalizer.
Analog, Webalizer, root.

, Webalizer. ,
Webalizer .
yes Incremental.
Apache, . , . ,
Webalizer , .
Webalizer
, Webalizer,
. -
532
III. Internet
pa . (
.) , ,
, Web-,
.
Web-, , .
.
. , , ,
.
. Web-
, Web-
. ,
.
. ,
, .
, ,
.
URL . Webalizer ,
URL. ( URL ,
.) URL
, , URL,
.
. , Webalizer,
.
(entry page) ,
, (exit page) ,
.
. Webalizer Web-, , ,
.
GroupSite,
Webalizer.
, .
, Webalizer , , .
. ,
, Web-,
URL . Webalizer .
20. Web-
533
. Webalizer Web, .
. Webalizer .
, Web US Commercial, Network .

Web- Internet. ,
, .
Web- ,
, .
Web- , ,
, Web-. SSL , ,
Web-. Web-,
Web- : Web- . Web-
, ,
,
. Web-. , Web-
, , .
Web-.
1 JIciBci 2* 1
FTP-
FTP (File Transfer Protocol )

Internet.
, . FTP- , , .
FTP- Web- ,
.
FTP- . FTP, , Linux. , FTP-,
. ,
. , .
FTP-
FTP- Web-, 20,
Samba NFS, (
7 8).
.
,
. FTP- HTTP, Samba NFS.
. FTP-,
, . ( FTP-, .)
Web- , ,
Web- .
, ,
, ,
IP-.
21. FTP-
535
. ,
FTP-,
.
NFS Samba. Web-
, . Web-
.
. FTP- ,
. Internet. FTP-, . FTP,
. , FTP,
Kerberos, 6.
Web- ,
. Samba
. NFS , . ,
NFS, . scp sf tp, SSH, ,
FTP , .
Internet ,
. ,
,
.
. Samba NFS, FTP . FTP-, (,
-),
. Web- -;
, . FTP , : ,
. 21.
( )
, . ,
, ,
, .
. ,
, NFS Samba, , . ,
,
536
III. Internet
. . FTP, HTTP .
FTP HTTP, , ,
, ,
, .
, FTP.
Linux Linux FTP Filesystem
(http: //f tpf s. source forge. net). FTP .
. ,
, FTP- .
. Web-
, HTTP
.
. FTP- Web- , , TCP/IP; DOS. FTP
HTTP, :
NFS UNIX Linux, a Samba DOS,
Windows OS/2. ,
, .
,
.
. Linux FTP-,
, , . ,
.
NFS, Samba HTTP, . , FTP-,
,
.
, FTP
.
.
Linux , FTP-
. , FTP- ,
21. FTP-
537
, . FTP.
. FTP-, ,
,
. FTP- (, )
Web-.
Web-, FTP- .
. , ,
.
Internet , FTP-
. FTP- ,
, - "" . FTP-
, , , ,
. , ,
,
, .
, ,
, .
.
, FTP-
Linux
, FTP Linux. , ,
.
BSD FTPD. BSD Unix FTP-,
Linux. , , Linux
OpenBSD FTPD. BSD FTPD Debian SuSE. FTP- BSD FTPD
, , ,
Linux.
ProFTPd. ProFTPd, Web- http: / /www.
prof tpd. org, Debian, Mandrake, Slackware, SuSE Tur-
538
III. Internet
boLinux. 2002 .
ProFTPd , Apache.
WU-FTPD. Washington University FTP Daemon (WU-FTPD)
FTP- Unix. Web- WU-FTPD http: //www. wu- f tpd. or . Caldera, Debian,
Mandrake, Red Hat, SuSE TurboLinux.
.
FTP-. ProFTPd
WU-FTPD, Linux. ProFTPd
WU-FTPD.
WU-FTPD
, .
, BSD FTPD.
FTP-
FTP-, . , , WU-FTPD,
, ProFTPd, SysV. ,
, . FTP-
, , ,
, . , ,
, ,
FTP-
. -, . FTP .
FTP-
Linux 4. , FTP-, ,
. ,
.
.
, inetd, /etc/inetd.
conf FTP-.
FTP- .
inetd.conf , ,
inetd. FTP-,
21. FTP-
539
, inetd. conf , , -
.
, xinetd FTP-, /etc/xinetd. d .
. disable = yes, ,
- .
. , FTP- ,
disable. ( ,
.)
, - inetd xinetd,.
. FTP-, . FTP-,
, , -.
FTP- , SysV .
, , , , . Linux,
Debian Mandrake, ProFTPd.
ProFTPd , FTP- .
, , FTP- (
). FTP-
. , ftp,
Linux:
$ ftp harding.threeroomco.com
ftp: connect: Connection refused
, FTP- .
, . , ,
, , .
, , .
WU-FTPD
WU-FTPD . , -
.
, WU-FTPD .
540
III. Internet
WU-FTPD
, WU-FTPD,
/etc. ftp.
f tpaccess. WU-FTPD f tpaccess. , , TCP/IP-, FTP-,
.
f tpconversions. , f tpaccess .
,
.
ftphosts. ,
FTP-, . , allow, ,
, deny,
. , deny sJones , sjones FTP- ,
deny badsite. pangaea. edu
, badsite.pangaea. edu.
ftpusers. , WU-FTPD. WU-FTPD;
(Pluggable Authentication Module).
FTP-. ,
root, nobody daemon.
ftpservers.
. ,
. IP- , . , FTP-, , WU-FTPD
, . , 192 .168 .21. 8 /etc/f tpd/trusted ,
192.168.21.8
/etc/ftpd/trusted. ,
.
f tpaccess.
ftphosts, ftpusers ftpservers .
, , f tpaccess,
ftpconversions.
21. FTP-
541
WU-FTPD
, WU-FTPD,
. , Linux. ftpaccess class,
:
class
.
. all. .
. , . real ,
guest , , a anonymous FTP-.
. IP-, ,
. ! , . * .
, OR. , threeroomco.com, pangaea.edu ,
.
ftpaccess :
class
all
real,guest,anonymous
*
,
. , , , , ,
. ,
.
ftpaccess .
deny _ ___. WUFTPD , , ,
. deny f tphosts,
, . ,
, , .
autogroup _ [, . . .]. ,
WU-FTPD setgid .
, ,
, ,
.
defumask umask [, ]. WU-FTPD, , , ,
umask.
542
III. Internet
timeout _ __$. -.
accept, connect, data, idle, maxidle rf c931.
noretrieve [relative I absolute]
[188=_]
_
. .
, .
. relative absolute ,
( chroof)
( ).
, /. ,
noretrieve /etc /usr, , / e t c n / u s r .
noretrieve ,
1
/etc/passwd, /etc/shadow , /etc/ftpaccess, core ( ) .
allowretrieve [relative|absolute] [1=_] _

. , noretrieve.
,
noretrieve.
noretrieve.
message _ [] [ ]. message , FTP- . , ,
login, . &=,
.
. , message . message cwd=*,
.message, .
,
-.
compress [yes I no] [, ]. . , , ,
. (, f i l e file. gz.) , ,
ftpconversions.
tar [yes | ] [, ].
compress, tar-.
.
21. FTP-
543
chmod, delete, overwrite, rename umask. yes , , ,

. . , delete no guest,
anonymous guest anonymous .
dns refuse_mismatch _. WUFTPD , IP- , DNS-. ,
, , .
.
dns refuse_no_reverse _. ,
DNS- ,
. .
WU-FTPD.
,
, f tpaccess. ,
FTP-.
ProFTPd
ProFTPd
Apache, ,
Apache, ProFTPd .
ProFTPd
ProFTPd proftpd.conf; , /etc. ,
ProFTPd. , ,
#. :
[]
, . , .
. , /. , Limit,
.
<Limit WRITE>
DenyAll
Allow from 172.21.33.
</Limit>
, ProFTPd
f tpusers. ,
WU-FTPD. , ,
544
III. Internet
FTP-. ( , ProFTPd , , , ftpusers.)

ProFTPd ftpusers, ,
nobody, daemon root. , .
, ftpusers ,
- FTP-.
ProFTPd
ProFTPd ,
. ProFTPd, http: //www.proftpd.org/docs/.
, , ,
.

, , , ,
. .
<Anonymous _>. FTP-. , ,
, -. ,
, .
ProFTPd chroot
( chroot ( ) 23).
<Directory _>. , .
, /.
ProFTPd, , ,
<Directory /*>. ,
.
<Global>. <Global> , ,
<VirtualHost>.
<Limit _>'. FTP-, , .
: CWD, CDUP, MKD,
RNFR, RNTO, DELE, RMD, RETR STOR.
,
. READ ( ), WRITE ( ),
DIRS ( ) ALL ( ). ,

LOGIN.
<VirtualHost >. ProFTPd
. -
21. FTP-
545
IP- ,
, .
.
, ; . ,
. ,
. . FTP-
.
Allow [from] _. <Limit> , .
IP-, ,
( ) IP-.
.
all . Allow
from, ,
.
IP-.
FTP- DNS-.
AllowAll. ProFTPd ,
. AllowAll
<Directory>, <Limit> <Anonymous>, , .
AllowGroup _. , <Limit> . , .
, .
!, ,
. ,
, ,
DenyAll.
AllowOverwrite [on | of f ]. , . off, .
AllowUser _. AllowUser
, . !,
, .
DefaultRoot _ [_].
.
546
III. Internet
. /,
. ~ . Def aultRoot ,
. ,
AllowGroup.
Def aultRoot ~, , . , ProFTPd

.
DefaultTransferMode [ascii (binary]. FTP- . (binary) , (ascii)

. ,
, , , . DefaultTransferMode , .
ascii .
Deny [from] _. , Allow.
<Limit> .
DenyAll. <Limit>,
<Anonymous> <Directory>.
. ,
,
DenyAll.
DenyGroup _. , <Limit>.
, AllowGroup.
DenyUser _.
AllowUser. <Limit>.
DisplayConnect _.
, ProFTPd , . , .
DisplayFirstChdir _. ProFTPd ,
,
. .message, .message,
, .
DisplayLogin _.
DisplayConnect, .
21. FTP-
547
Group _. ProFTPd root,

. .
,
ProFTPd.
nogroup, ftp .
MaxClients \ .
, . (, 30)
,
.
Maxlnstances . MaxClients, MaxClients
, Maxlnstances , . Maxlnstances ProFTPd
,
.
Order allow, deny | deny, allow. <Limit> , , ProFTPd
, .
, . , , . Order deny, allow.
,
, , , .
RootLogin on | o f f . ProFTPd root. RootLogin on,
root FTP-. ( , ,
, , root
/etc/ftpusers.)
Serverldent on | off ["-" ]. , ProFTPd
. on , -. ,
FTP- ProFTPd. , ,
.
ServerName "-".
, , Serverldent. Serverldent
, ,
ServerName.
ServerType inetd I standalone. ProFTPd , inetd ,
548
III. Internet
SysV ,
standalone. ProFTPd , (inetd), root
(standalone).
SyslogLevel
emerglalert|crit|error[warn|notice|info|debug.
,
.
: erne rg , a debug
.
Trans f erLog _ \ NONE. ( NONE). ,
. <Anonymous>,
<VirtualHost> <Global>, .
Umask _ [__ ].
umas k, (, , ). 022,
.
UseFtpUsers on | o f f . o f f UseFtpUsers, /etc/f tpusers.
on.
UserAlias _. ProFTPd
, .
, . , UserAlias jones ronald, jones
ronald. (
FTP-, ftp.)
, , , , ProFTP .
, .
<Anonymous> .
, . , ,
, .
-
FTP- FTP-. , FTP-
21. FTP-
549
Web-, FTP-
Web- . , , FTP- FTP, . , HTTP FTP,
, .
FTP-,
. FTP-
,
, . ,
, ,
.
-
FTP- . FTP- , , . HTML- , FTP-;
ftp: // (, ftp: / / f t p . threeroomco. com/pub/manual.pdf).
FTP- .
, ^, : . Web-. , , FTP-,
. ,
. ,
,
. FTP- .
, FTP-, .
, , FTP-,
.
, , FTP-,
. , , . FTP chroot, 23.
chroot ,
| . , FTP-. ,
,
.
550
III. Internet
FTP- chroot, . ,
FTP- Linux, . , ProFTPd,
chroot,
, , ,
.
FTP- ( ProFTPd)
SysV. (
WU-FTPD). FTP- ,
chroot ( ) , root.
FTP- , chroot . ( , FTP-
,
chroot ().)
FTP- , .
.

FTP-
FTP- , . ,
FTP- , Web- . , , .
, , FTP- ( WU-FTPD), .
, FTP- , ,
chroot, . FTP-
.
.
FTP- ,
. , FTP . (
.)
FTP- , FTP-.
,
FTP-, .
, FTP- ( ). ,
,
, .
21. FTP-
551
,
-
FTP-, Linux,
FTP-. , . ,
FTP- WU-FTPD, ProFTPd. ( ),
.

FTP- .
, /home/ftp, .
root, ,
FTP-,
755 (rwxr-xr-x).
, , .
,
.
FTP .
pub. ,
. pub . ,
ftp .
bin. FTP- . /bin ( ,
chroot ( ) ) . Is, , tar, gzip zcat ( gzip). FTP-, , , , bin ,
,
/bin . , FTP- ,
. , ,
, .
lib. , /bin. /bin FTP
/bin , ,
. Idd. ,
, , Is,
Idd /bin/Is.
552
1(1. Internet
etc. FTP- , /etc:

passwd group.
/etc . ftp (
,
).
, FTP-.
, FTP,
, . ,
, , gzip.
/bin FTP.
WU-FTPD,
-
, FTP-
WU-FTPD, /etc/ftpaccess.
.
class. , . ,
.
compress, tar, chmod, delete, overwrite rename. .
,
, , .
,
, .
anonymous-root. chroot, WU-FTPD.
WU-FTPD root. ,
ftp. , WU-FTPD FTP-, .
ProFTPd,
FTP-
ProFTPd, FTP-, proftpd.conf. ,
, .
<Anonymous /home/ftp>
User
Group
ftp
ftp
21. FTP-
553
anonymous
ftp
UserAlias
anonymous ftp
t chroot
<Limit WRITE>
DenyAll
</Limit>
</Anonymous>
<Anonymous> , ,
.
ProFTPd , chroot,
/home /ftp.
User Group ProFTPd , . ProFTPd
.
, FTP
.
UserAlias , anonymous.
, <Limit WRITE>, DenyAll. .
FTP, . , ,
,
.
, anonymous, , AnonRequires Pas sword on.
/etc/passwd /etc/shadow. ( ProFTPd ,
chroot,
/etc/passwd /etc/shadow.)
, FTP- ,
, . FTP- ,
, ,
/etc/f tpusers.
554
III. Internet
FTP- Internet,
Web-.
FTP-
(
) (
). Linux
FTP- WU-FTPD ProFTPd.
, ,
. -.
ProFTPd Apache. .
,
FTP-.
IV

22

Linux , .
. , Linux,
,
. ,
. , ,
, , . ,
.
,
Web-, . , ,
, ,
, .
, ;
; , , ; ,
. , ,
. , 23 ;
25 ,
; 26
Internet .
, , , , (Mann)
(Mitchell) Linux System Security: The Administrator's Guide to Open Source Security Tools
(Prentice Hall, 1999), (Garfinkel) (Spafford) Practical
UNIX & Internet Security, 2nd Edition (O'Reilly, 1996). , , (Constain-
22.
557
tine) (Ziegler) Linux Firewalls (New Riders, 2001).

, , Linux, , ,
(McClure), (Scambray) (Kurtz) Hacking
Exposed, 3rd Edition (McGraw-Hill, 2001).

,
, , . ,
, .
,
, . , . ,
, .

: , , ,
.
. ,
.
,
Linux ,
. ,
, .

, , . ,
, . ,
, ,
. GNOME RPM,
Red Hat, YaST SuSE, Storm Package Manager ( Storm, Debian). GNOME RPM, , . 22.1. ,
. , , , , ,
, .
, tar-
. , ,
. (, , ,
, ,
558
IV.
Packages Operations Help

Install
Unselect
Unlnstall
Query
Find
Verify
Web find
- Editors
-QFHe tools
I \ (^Graphical desktop
raphics
- ^Monitorim
^Daemons
ESFile transfer
QMail
- Other
jRemote access
-Ca Office
St.
_T
acKsges selected. 1
. 22.1. ,
. ,
, .)

, ,
.
.
/etc/inetd. conf /etc/xinetd.conf,
/etc/xinetd. d. , , . inetd
, #, , , , . xinetd
disable = yes.
SysV. , SysV, ,
( /etc/re. d/rc? . d /etc/re? . d, ?
). ,
. , ,
SysV, , , , .
.
. , ,
re. local boot, local.
, , , .
, ,
.
22.
559
, SysV, 4.
, ntsysv tksysv. ,
(Caldera, Mandrake, Red Hat TurboLinux) chkconf ig list, , SysV,
xinetd.
,
, , , . , ,
, . , ,
, .

ps. . , . ps
, ps ax.
, ps, , , ps,
more less. , grep. , sendmail,
ps | grep sendmail. , ps
, . ,
ps.
$ ps ax
PID TTY
STAT
TIME COMMAND
1 ?
S
0:15 init [3]
502 ?
S
0:05 named -u bind
520 ?
S
0:01 cupsd
535 ?
SW
0 : 0 0 [nfsd]
1741 pts/4
S
0 : 0 0 /bin/bash
4168 ?
S
0 : 0 0 httpd
ps . , ,
. ps init, 1. , .
init,
. , ,
. [nfsd].
, [nfsd] NFS,
. named, cupsd httpd . . -,
"d", -, ( TTY ?). , /bin/bash
, TTY pts/4, . .
.
560
IV.
ps, , . man ,
. ,
, .
, . rpm -qf __. ( Debian
dp kg -S __.)
ps, , , . ,
ps , .
, .
netstat
ps , ,
,
. netstat.
. ps, netstat
. netstat -1. -1 netstat ,
, ,
- , . ps,
netstat ,
less more.
netstat ,
, , , netstat . ,
,
.

, , , . Nessus (http: //www.nessus .org), SAINT
(http: //www.wwdsi.com/saint/)Nmap(http: //www.insecure.org/nmap/).
, , . ,
, ,
. , . ,
nmap gingko. threeroomco. com.
, .
,
, .
, ,
. ,
(, netstat) .
22.
561
, , ,
.
f , .
, . ,
,
.
:
. . ,
, , . , ,
.
, . , ,
, ,
, , . .
, ,
IP- .

, ,
. .
Linux, ,
. , , ,
, . ,
, Internet.
, , , . ,
, .
, . ,
. , , .
X Window, .
, .
, . , , 13 14,
, . ,
SysV.
, , .
562
IV.
, , . , ,
, .

, , .
.
, ,
. , /etc/inetd. conf SysV. 4.
. , , , .
. , ,
.
, , ^f . ,
, ,
. , SysV , .
.
, , .
, . ,
, ,
. ,
.

, , "" . , ,
" ". , .
, , iptables ( 25).
.
,
. , , . ,
,
. ,
, .
22.
563

, .
, , ,
. ,
. , .
, FTP- . , ,
.
: ,
( , ). , , DHCP .
, , , . , Web FTP-, ,
. , ,
.
,
, . , ,
,
, .
, .
. , , , , ,
. , .
.
, , , , . .
.
, . , ,
, ,
. ,
,
. , , . , ,
, 0755 0775 umask. ,
0700.
564
IV.

. .

.
,
, .
, . , ,
.
.
, .
# usermod -e 2003-07-04 george
, george
4 2003 . (
, useradd -.)
, ,
. ,
, .
.
, , . ,
,
;
# chage - 30 -W 5 george
, george
30 5
. george
,
.
,
.
, , , . ,
,
, ,
, . , . ,
last ,
/var/log/auth, .
, ,
, -
22.
565
.
. ,
, ,
, .
, ,
. . . (
:
/etc/shadow , , .)

. .
,
. ,
, .
, /var/log/
messages /var/log/secure. (
.) , , . , ,
telnet , ,
, .
, .
, .
, . , , Simple Watcher (SWATCH, http://oit.ucsb.edu/~eta/
swatch/). .
auth ( Linux
identd). , ,
, , . - ,
, . , ,
,
.
.
.
566
IV.
,
, .

,
. Linux /etc/shadow (
Linux /etc/passwd).
; .
, , ,
. , , ,
. , .
,
.
, ,
, . , , , .
, . ,
. , , . :
.

. , ,
bunpen. , , . , "yesterday I went to the dentist"
yiwttd. , . ( .
, ,
.) , , ,
.
.
.
. ,
, , . , BUnPeN
YiWTtd. ,
.
22.
567
.
,
BU3nP&eN Y+iWTtd2.
.
,
.
BU3nNe&P.
. , , . .
, , , , ,
.
, ,
, , Crack
(http://www.users.dircon.co.uk/~crypto/). , , .
, , " ,
. ,
, ,
, .
, , .
, . ( ). ,
. , , .
.
, . ,
. . .
"".
. , , . ,
Internet. , Ethernet
. , , .
,
,
, , . , .
.
56
IV.

, ,
- . ,
,
, , .
, , , , , .

, -. , .
. ,
, (
, ), . ,
.
, , .
, ,
,
. , , man, , .
,
, . (
, .)
Web-, Internet, ,
, .
,
root. ( )
, , , . , /etc/passwd. ,
. , . root
. , root
. , 1024,
. ( root
, , ,
.)
, , . ,
.
, . -
22.
569
, ,
.

.
Web- , . , , Web-, . , Web-, , . ,
Linux . , -
.
Web- Linux. Linux
Web-, , . Web Web- , . , Web-
. ,
Web-; .
. -
Linux, . , Web-
.
. Web-, ,
Internet,
Linux.
. , , . ,
, , . Web ,
.
, .
Web-, . - Web- , , .
570
IV.

, .
. .
apt-get. Debian ,
. apt-get , .
apt-get update, apt-get dist-upgrade,
, .
apt-get -s -u upgrade, apt-get
, . apt-get ,
/etc/apt/sources . list , Debian.
apt-get .
Red Hat Update Agent. Red Hat Update Agent. ,

Red Hat. . Update Agent . http:
//www.redhat.com/docs/manuals/RHNetwork/ref-guide/.

, , . , . . , ( , , ,
, tar-). , , ,
" ".
DNS
. ,
Debian, , .
apt-get . , . (
apt-get -s -u upgrade.) , , ,
, ,
.

, . -
22.
571
,
, .

, ,
, .
, . ,
Linux. , ,
.
,
,
.
Web-, ,
, ,
"". , , ,
. ;
, ,
.

, .
,
.
,
, , /etc/passwd
/bin.
. . , ,
, , .
( , . , /etc/passwd.)

Linux ,
. .
Debian RPM
.
verify ( -V) rpm.
.
572
(.
# rpm -V postfix
S.5.... /etc/postfix/aliases
S.5.... /etc/postfix/main.cf
, .
, . , "S"
, , "5"
MD5, "" , . ,
, , , , .
, , Postfix,
,
.
Debian dlocate,
Debian 2.2. ,
:
# dlocate -mdScheck postfix
MD5
postfix , .
, rpm -Va. ,

. .
, more less.
rpm dlocate .
, , : . ,
.
. ,
/bin/bash,
RPM- bash. rpm -Va . ;
, . .
,
, .
, .
Tripwire
Tripwire (http: / /www. tripwire. org).
Linux. ,
Web-. Tripwire, , , , Web-,
, , . Tripwire -
22.
573
, ,
, . Tripwire
,
. , . Tripwire
, .
Tripwire ,
.
Tripwire .
. Tripwire .
tripwire -initialize. , Tripwire , . databases ,
/usr/lib/tripwire/databases. .
. , Tripwire. tripwire -update
__, , .
. , Tripwire . tripwire
-interactive. ,
, ,
.
. .
Tripwire ,
tripwire.
. Tripwire .
Tripwire /etc/tripwire/tw. conf ig.
, ,
#, . ,
. :
[ ! | = ] [_ \ }
.
!. , . ,
.
574
IV.
=. , , , , . . =
, Tripwire , , .
. ,
, /etc /us. ,
. ,
. ,
/usr /usr/local , ,
, /usr, /usr/
local.
_. Tripwire ,
.
[ + | - ] [pinugsamcl23456789] . . .. + - . .
, , i
(mode), n , , g
, s , , m
, , 0-9
.
. . R, +pinugsm!2-ac3456789. L (+pinugsacm!23456789), , N (+pinugsamc!23456789),
, ,
(-pinugsamcl23456789), .
Tripwire,
. databases. Tripwire
/usr/lib/tripwire/databases. , .
.
, ,
-. ,
Tripwire ,
( ).
Tripwire , .

. . , ,
22.
575
Linux. ,
. .

.
,
.
Tripwire ,
. ,
, .
, . ,
Tripwire Linux.

- , ,
.
,
, Tripwire, .
.
. ,
/var/log, . ,
, . , SWATCH, , . , , ,
, , ,
- .
.
, , , , . ,
,
.
.
. , ,
. ,
, .
"" . ,
, ,
, .
576
IV.
, , .
. , , , . , , . (
.)
, ,
. , ,
Web-, Telnet- , , .
. , , ,
. . , ,
, -, ,
, .
Web-, .
,
. , , . .

.
. , , . , , ,
.
,
. , . , , , .
,
. , , ,
. ,
,

, .
. ,
22.
577
. , .
.
. , ,
. -
.
, , ,
Linux. /home
. , .
.
.
, ,
. ,
.
.
, ,
.
, , Tripwire (
) .
.
.
, .
, , , , .
, , .
,
, , , .
, .

,
,
. ,
, , , .
, ,
, ,
, ,
. , , , . Web, , ;
.
578
IV.
Web-,
Internet Web-, , , . Web- .
Web-, .
Web-, Linux.
Linux Internet Web-,
.
. , ,
.
Web- CERT/CC. Computer Emergency Response Team Coordination Center
(CERT/CC) , .
Web- CERT/CC http: //www. cert. org.
Web- CIAC. Computer Incident Advisory Capability (CIAC) Web-, http: //www. ciac. org/ciac/.
, CERT/CC.
Linux Weekly News, . Linux Weekly News
(http://lwn.net) , Linux.
Linux. (URL . , Web-,
Security Linux Weekly News.)
Web- SecurityFocus. (http://www.securityfocus.com)
. , ,
CERT/CC CIAC.
, , ,
, ,
, . ,
, ( , , ).
,

Web-, ; . Web- .
.
, .
22.
579
; , .
, . , ,
, .
, ,
, Procmail,
, .
.
. ,
. , ,
,
, .
, , Linux.
CERT/CC. Web-, CERT/CC
, .
, majordomodcert.
org, subscribe cert-advisory.
CIAC. CERT/CC, CIAC , , . , majordomo@tholia.llnl.gov, subscribe
ciac-bulletin.
Bugtraq. , . ,
. , listserv@netspace.org.
subscribe bugtraq.
comp.security. .security (, comp. security. unix). , ( ) . comp. security, firewalls.
comp.os.linux.security. Linux.
, Linux, , UNIX, Linux

-
UNIX. , Linux,
.
580
IV.
Linux,
. , , ,
, ,
,
. , , ,
, Web-, ,
. Linux, , , ,
, . , , ,
.
23, 25 26 ,
Linux.
23
hroot
,
. , ,
. , .
chroot. ,
, .
chroot ,
. , chroot,
, chroot, .
chroot
Linux /. . chroot
;
. chroot . 23.1.
, , /opt/chroot, /,
/opt/chroot. , /etc/passwd, /opt/chroot/etc/passwd ,
.
chroot chroot ( ) . chroot ( ) , chroot,
. .
chroot .
,
,
chroot.
582
IV.
chroot
. 23.1. chroot , ,

. chroot (),
chroot ( ) , . . ,
chroot. ,
, chroot.
,
chroot. , , ,
.
chroot ,
.
.
chroot Linux,
, ,
, chroot. , ,
. chroot .
chroot
, ,
. ,
chroot.
( FTP).
, Telnet,
Linux. ,
chroot.
chroot , .
. , , chroot, .
23. hroot
583
, , chroot
root, chroot ( )
. ( ,
.) root ,
chroot, . , , , ,
. , , chroot ,
.
chroot ,
. , ,
chroot DNS ,
. ,
. , ,
chroot, ,
,
, .
, chroot,
,
. , , , , ,
, .
chroot
chroot,
.
. ,
Linux,
,
.

chroot. .
BIND chroot.

chroot .
, , /. ,
. , , chroot /opt/chroot,
584
IV.
.
chroot , . ,
Linux. chroot
/bin, /sbin, /usr, /lib, /etc /var.
,
Linux; , chroot ,
, .
chroot ,
. , FTP sendmail,
/opt/chroot/f tp /opt/chroot/sendmail.

chroot, . .
chroot ( ) ,
chroot . chroot, .
chroot ( ) .
, chroot ( ) , , , ,
chroot, . , chroot ( ) .
, ,
FTP. ( FTP 21.)
chroot ( ) , chroot. chroot
, , . ,
chroot . ,
, . , , , ,
. , , tar, rpm
dpkg. , chroot ;
, . ,
, strace. strace
__, , , , .
^^
^
chroot.
, .
23. chroot
585

chroot , .
.
. . /lib /usr/lib. , , Idd. ,
, ,
Idd /usr/sbin/named.
chroot.
.
. , Web- CGI-,
Perl (/usr/bin/perl) , . Perl
chroot. , , , , ,
. , , Web-.
. .
, ,
, /dev/zero /dev/null. /dev. ,
mknod. : mknod /opt/chroot/
dev/stO 9 0. , chroot ,
.
. ,
. , /. . /etc/f stab
chroot. / , . , /

.
.
/etc/passwd, /etc/group, /etc/shadow ,
. , Pluggable Authentication Module, , ,
/etc/pam.conf, /etc/pam.dn /etc/security, /lib /lib/security (
586
IV,
). ,
chroot, .
. ,
. syslogd, chroot.
,
syslogd.
, chroot ( ) ,
, ,
chroot. chroot ( ) ,
, .
, chroot .
, , . , , ,
, (
, ). - ,
.

chroot
chroot, .
,
chroot . .
chroot.
chroot
chroot ( ) , ,
,
chroot. , ProFTPd <Anonymous>, , chroot. chroot, ,
, .
chroot ( ) , ,
Linux,
chroot.
, .
chroot. :
23. chroot
587
chroot __ _ [_]
,
chroot. , ,
, ;
. ,
/opt/chroot/bin/server, /opt/chroot , chroot :
# chroot /opt/chroot /bin/server
SysV , ,
chroot.
. , chroot ,
, . , ,
chroot. , , , SysV
.
chroot
chroot ,
, .
.
chroot root
, 0640 (rw-r
).
, , . ,
chroot, -
root.
, .
BIND chroot
chroot.
, . BIND,
18.
chroot ,
. Linux
; Debian 2.2.
^^
BIND
^ chroot. ,
chroot ( ) , FTP.
BIND.
Debian, apt-get.
588
IV.
# apt-get install bind

,
/etc/resolv.conf. , enroot
. Debian . , , :
f ps aux I grep named
root
7656 0 . 0 1.5 2184 1492 ?
S
13:29
/usr/sbin/named
# host awl.com localhost
awl.com
A
165.193.123.224
0:00 \
, BIND :
IP- awl. com,
localhost. awl. com , Internet, localhost IP . ,
(command not found), dnsutils, host. ( Linux ,
bind-utils.)
, ,
f /etc/init.d/bind stop
chroot BIND.
#
#
#
#
mkdir -p /opt/chroot/usr/sbin /opt/chroot/var/cache/bind

mkdir /opt/chroot/lib /opt/chroot/etc
cp /usr/sbin/named /opt/chroot/usr/sbin
cp -rp /etc/bind/ /opt/chroot/etc
c^^
^^
BIND
chroot.
^
. BIND
chroot ( ) ,
chroot . .
.

.
, . Idd,
chroot.
f Idd /usr/sbin/named
libc.so.6 => / l i b / l i b c . s o . 6 ( 0 x 4 0 0 1 7 0 0 0 )
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 ( 0 x 4 0 0 0 0 0 0 0 )
# cp / l i b / l i b c . s o . 6 /lib/ld-linux.so.2 /opt/chroot/lib
23. chroot
589
.
# chroot /opt/chroot /usr/sbin/named
awl.com
A
165.193.123.224
, , named, , chroot.
, BIND (
Debian /etc/init.d/bind) ,
chroot. , SysV
. SysV
( Debian start-stop-daemon ndc).
/var/run, chroot
.
# mkdir -p /opt/chroot/sbin /opt/chroot/var/run
# /usr/sbin/ndc /opt/chroot/usr/sbin
# /sbin/start-stop-daemon /opt/chroot/sbin
SysV startstop-daemon ndc chroot /opt/
chroot. , start-stop-daemon /, chroot.
, /etc/f stab , /, /opt/chroot/proc.
mount -, / chroot.
/ ,
| . SysV
, start-stop-daemon, SysV .
,
SysV .
# /etc/init.d/bind start
awl.com
A
165.193.123.224
,
chroot, /usr/sbin /etc/bind, .
, chroot.
BIND chroot,
-t named, chroot ( )
. :
# /usr/sbin/named -t /opt/chroot
, chroot , ,
named ,
. ,
590
IV.
chroot ( ) . -t SysV,
/.
chroot
Linux, . ,
chroot, ,
,
root.
chroot
chroot ,
. ,
chroot.
. Linux .
chroot, ,
. mount
bind, , ,
chroot.
2.4.x.
,
.
. chroot. , , . . .
, ,
chroot.
. ,
chroot.
. ,

.
. chroot
. , , Web- CGI,
. chroot , . .
. ,
.
23. chroot
591
chroot ,
. , .
, chroot Linux.
. chroot ( ) ,
chroot. , . chroot .
chroot , .
chroot.
chroot, . chroot ,
.
24

Linux , Linux .
PDA . ( ) Linux .
,
,
Internet. , Internet,
, , . Linux . ,
.
.
NAT- Linux,
, .
, Linux , .
, .
. , , , (LeBlanc) . Linux Routing
(New Riders, 2002).
24.
593
, ,
. ,
Internet, , ,
. , ,
:
# echo "1" > /proc/sys/net/ipv4/ip_forward

.
'
, , , ,
, . Linux,
Internet
SDSL. NAT, ,
, ,
. ,
, ,
, . , , ,
. , ,
Linux .

, . , , Internet. , ,
, , . ,
, , .
,
. , , ,
. , ,
Internet .
Internet ,
,
.
594
IV.

2.4.x .
Networking Options. IP: Advanced
Router; , IP: Advanced
Router. : , ,
, . . ,
Y ( , , ).
. , .
:
, .
2.4.17.
.

,
Linux, IP: Policy Routing. .
. , ,
. , , . IP: Use Netfilter MARK Value as Routing
Key. ,
Packet Filtering, .
NAT-. NAT ""
, Internet.
, IP-,
, . ,
NAT-,
IP: Fast NAT, NAT-.
( NAT 25.)
, , iproute2,
. .

IP- TOS (Type-of-Service
). , .
.
24.
595
, IP:
Use TOS Value as Routing Key.
iproute2. 70S . TOS,
.

, . ,
, , 10.201.0.0/16, ethl. He ,
; . , , , , ,
10.201.34.0/24, . , , .
10.201.0.0/16,
, .
IP: Equal Cost Multipath . ,
, , .
.
.

IP: Verbose Route Monitoring
. . , ,
.
, , .
,
, . ,
. (
,
, , .)

Linux , 64 . , , IP: Large Routing
Tables. .
596
IV.

, Internet- , , Web-, Web- .
, , . ,
.
255.255.255.255, , .
, , , , . ,
192.168.34.0/24 192.168.34.255.
DHCP DHCP. ,
.
( ).
- . Multicast Backbone (MBONE; http://www.cs.columbia.edu/~hgs/
internet/mbone-faq.html). Internet. ; (link-local).
, .
, , IP: Multicast Routing. ,
: IP: PIM-SM Version 1 Support IP:
PIM-SM Version 2 Support.
.
, , mrouted. Linux. , ,
ftp://ftp..com/pub/communications/ipmulti/beta-test/; h t t p : / / j u k i e . n e t / ~ b a r t /
multicast/Linux-Mrouted-MiniHOWTO.html. IP:
PIM-SM Version 2 Support, pimd (http: //netweb. use.
edu/pim/pimd/).

Linux " / " (first-come/first-served).
,
.
,
, -
24.
597
. Linux
. QoS and/or Fair Queueing,
Networking Options.
QoS and/or Fair Queueing . , , iproute2.
, ,
, , .
, .
. | 2.4.17 , CSZ, . .
iproute2
iproute2 Linux.
iproute. FTP-,
, f t p : / / f t p . i n r . a c .
ru/ip-routing/. iproute2 , (ip
tc) .
ip
ip , ,
, .
IP: Advanced Router. ip
:
ip [list | add I del]
ip .
rule. (add), (del) (list).
,
[from ] [to ] [tos _]
[dev _] [pref ]
from to IP-, tos (
, 4). dev
(, ethO), a pref . Linux , ,
. , , :
[table _] [nat ]
[prohibit I reject I unreachable]
, , nat , a prohibit,
598
IV.
reject unreachable ,
.
ip .
# ip rule add from 1 7 2 . 2 0 . 2 4 . 1 2 8 dev ethO table 2
, , ,
172.20.24.128 ethO
2. , , , 2? Linux
route. , ip route.
.
route, ,
route. ip route , route,
, . , 2 :
ip route add 1 0 . 2 0 1 . 0 . 0 / 1 6 dev ethl table 2
ip table 2,
route. , ,
10.201.0.0/16, ethl.
tc
tc ,
QoS and/or Fair Queueing. ,
, . . , ; , .
, , , ,
. tc ,
.
tc :
tc []
, tc.
. tc -statistics ( -s),
-details ( -d) -raw ( -).
. qdisc, class filter.
qdisc , ,
class ,
(
), a filter .
. , ,
tc . .
24.
599
tc , , ,
. ,
, 100 , , . , Internet
ethO, ethl;
IP- 192.168.1.0/24, 192.168.2.0/24.
ethl.
t tc qdisc add dev ethl root handle 10: cbq bandwidth lOOMbit \
avpkt 1000
.
add dev ethl. , ethl.
root. .
.
handle 10. (handle) .
cbq. ,
. CBQ (Class-Based-Queueing )
.
QoS and/or Fair Queueing.
bandwidth lOOMbit.
.
,
.
avpkt 1000. , , ,
, , .
.
. :
# tc class add dev ethl parent 10:0 classid 10:1 cbq \
bandwidth lOOMbit rate lOOMbit allot 1514 weight lOMbit \
prio 8 maxburst 20 avpkt 1000
, ,
. ,
.
. , ,
, .
class. qdisc,
class, .
600
IV.
parent 10:0. . , , 0.
classid 10:1. .
allot 1514. MTU
( ).
weight IMbit. . ,
.
prio 8. . ,
.
, .
bandwidth lOOMbit rate SOMbit allot 1514 weight SMbit \
prio 5 maxburst 20 avpkt 1000 bounded
bandwidth lOOMbit rate SOMbit allot 1514 weight SMbit \
prio 5 maxburst 20 avpkt 1000 bounded
classid.
, 50
. ( , 60
40 .) bounded ,
, .
, ,
. bounded, , , ""
.
, .
.
# tc qdisc add dev ethl parent 10:100 sfq quantum 1514b \
perturb 15
# tc qdisc add dev ethl parent 10:200 sfq quantum 1514b \
perturb 15
,
. Linux , SFQ (Stochastic Fairness
Queueing , ).
, . , .
, , , , (192.168.1.0/24
192.168.2.0/24). :
24.
601
# tc filter add dev ethl parent 10:0 protocol ip prio 100 u32 \
match ip dst 1 9 2 . 1 6 8 . 1 . 0 / 2 4 flowid 10:100
# tc f i l t e r add dev ethl parent 10:0 protocol ip prio 100 u32 \
match ip dst 1 9 2 . 1 6 8 . 2 . 0 / 2 4 flowid 10:200
, filter.
, .
32, IP-.
Internet . ,
. , ethl ethO,
filter dst src.

. ,
, . , ip, iproute2,
, . ,
,
, ip. .
: ,
.
, . ,
, IP-. ,
.

,
Linux, ,
.
. , .
. , , .
, . .
,
, , ,
.
, . 24.1. , -
602
IV.
172.23.0.0/16
172.22.0.0/16
. 24.1.

. ,
.
, ; internet ( ).
Internet (
).
w
. ,
. ,
.
,
.
. , .
, .
603
24.
IrodsnithUspeaker * route -n
<ernel IP routine table
destination
Gateway
192.168.1.0
0.0.0.0
127.0.0.0
0.0.0.0
D.0.0.0
192.168.1.25
IrodsnithUspeaker /] I
Genmask
255.255.255.0
255.0.0.0
0.0.0.0
Flags
U
U
UG
Metric Ref
1
0
If ace
ethO
lo
ethO
. 24.2. Metric

. , , Linux, route. . 24.2 (
, ).
Metric. , , 127.0.0.0/8 (localhost) 192.168.1.0/24 (
), , .
. , . 24.1,
, Metric. ,
Linux ; , ,
, .

, . , . 24.1, ,
, . ,
.
.
- . , .
,
.
RIP (Routing Information Protocol ).
.
. , , ,
.
,
.
OSPF (Open Shortest Path First
).
604
IV.
routed
UNIX RIP. Linux
routed, . , RIP, (, 172.22.0.0)
( , , ).
0 15. 15 ,
. RIP -
, . RIP ;
Internet .
, ,
, , ,
, 15.
routed Linux . , 4.
/etc/gateways, . /etc/gateways .
net 0 . 0 . 0 . 0 gateway 1 7 2 . 2 2 . 7 . 1 metric I active
(net 0 . 0 . 0 . 0 ) , 172.22.7.1. 1. active
, . ,
, active passive.
routed /etc/gateways,
. routed , , , RIP.
.
GateD
RIP UNIX,
. ,
, 15 ;
.
.
. ,
RIP , ,
, . , ,
, , RIP,
.
.
2 RIP (RIPv2) .
, RIP
. RIPv2 GateD (http: //www. gated.
24.
605
net). GateD /etc/gated, conf. GateD gdc,

. GateD . , RIP
RIPv2, . , GateD SysV .
RIP RIPv2, GateD OSPF.
, Zebra, .
Zebra
Linux
Zebra, ,
.
RIP. Zebra RIP RIPv2, RIP IPv6,
RIPng. RIP RIPv2 ripd, RIPng ripngd.
OSPF. OSPF ospfd,
OSPF IPv6 ospf 6d. RIP, OSPF ,
.
BGP (Border Gateway Protocol ) Internet. bgpd.
zebra. , , .
zebra ; telnet.
. , RIP RIPv2, zebra ripd.
, /etc /etc/zebra.
. , /etc/zebra/ospfd.conf
ospfd.
. ! # . , , .
hostname. ,
.
password. zebra
. .
.
enable password. , zebra. ,
, .
606
IV.
router . . , ripd. conf router rip, ospf d. conf

router ospf, bgpd.conf router bgp __
. ( IP-.
BGP ,
64512-65535.)
zebra , telnet.
2601. telnet .
$ telnet localhost 2601
: enable ( ), configure ( ) show ( ).
; ?.
Cisco, Zebra .
, , ,
, . Linux,
if conf ig route, , . , . Linux
. Linux, , , ,
, , . iproute2
, , QoS ,
.
,
.
25

iptables
Linux, TCP/IP, , . .
, , ,
TCP/IP, .
iptables Linux , .
, . iptables
NAT (Network Address Translation ).
NAT-,
. , ,
.
iptables . ,
, , .
(Ziegler) Linux Firewalls, 2nd Edition (New Riders, 2001),
(Sonnenreich) (Yates) Building Linux and OpenBSD Firewalls (Wiley, 2000).
ipchains, iptables.
iptables
2.4.x , , . 25.1. ,
.
, : INPUT
608
IV.
. 25.1.
Linux
FORWARD. ,
. INPUT .
(, Netscape, telnet .) (Apache, telnetd .). ,
. ,
, NFS, , Web- kHTTPd.
, ,
FORWARD OUTPUT.
, . 25.1.
; , , ,
. . , ,
.
, . 25.1, . ,
IP- , , ,
. , .
, , .
, . ACCEPT ( ), DROP ( ), QUEUE (
) RETURN ( -
25. iptables
609
). .
REJECT ( , ), MASQUERADE (
NAT-) LOG (
).
. , . 25.1,
filter, . nat ( NAT-) mangle (
).
. .
Linux, a iptables ,
. iptables
, . 25.1, . , INPUT , , , OUTPUT
, , .
, NAT- .
, iptables, ; .
iptables . ,
Red Hat Mandrake, ,
NAT-. , iptables, SysV
.

iptables 2.4.x.
. , 2.2.x Ipcliains; 2.0^ ipf wadm.
. iptables 2.4.x, 2.2.x. ,
(stateful packet inspection), .
.
, 2.4.x, ipchains ipf wadm.
, . ,
, ,
, . ,
, iptables,
, 2.4.x.
610
IV.
. ipfwadm i1 ipchains,mi -|>

2,4,, ,!
. ipfwadm ipchains -^
'. , . 2.0.x 2.2.x,
f , 2.4.x.
^^ , ip tables, I TCP Wrappers, xinetd , >, . '*
IP-. || , ;'^| .
;; ,
.
| iptables , ,
'> -, f . , xinetd ;,
,f , iptables .
iptables
iptables, . 2.4
Networking Options . , , .
Network Packet Filtering. Networking Options.
Connection Tracking. Netfilter Configuration
Networking Options. NAT-. ( Netfilter Configuration.)
FTP Protocol Support. NAT-
FTP. Linux
.
IP Tables Support. NAT-. ,
. , . Connection
State Match Support,
.
Packet Filtering.
NAT-, . .
25. iptables
611
REJECT Target Support. Packet Filtering , .

.
Full NAT. , , NAT, , .
MASQUERADE Target Support. Full NAT
IP- NAT-,
. ,
Help, , MASQUERADE Target Support IP-, . IP-, ,
IP- .
Packet Mangling. , , ,
mangle. Packet Mangling.
LOG Target Support.
, .
ipchains (2.2-style) Support. ,
ipchains, .
ipchains.
ipfwadm (2.0-style) Support. , ipfwadm, .
ipfwadm.
, ipchains ipfwadm, IP Tables Support Connection Tracking. , iptables .

.
, ,
iptables.
.
,
. . , iptables
ip__tables,
insmod ip_tables. , ,
/lib/modules/BepcHH/net/ipv4/netf liter. , ,
.
612
IV.
iptables
- , iptables, .
,
, . , iptables -L. -t
-, .
( filter,
iptables nat mangle.) -L
iptables , .
# iptables -L -t filter
Chain INPUT (policy ACCEPT)
target
prot opt source
destination
Chain FORWARD (policy ACCEPT)
target
prot opt source
destination
Chain OUTPUT (policy ACCEPT)

target
prot opt source
destination
, , , filter . ,
, , , , . ( SysV, firewall, .)
, -F.
# iptables -F INPUT -t filter
, filter , . , , .
iptables
iptables .
. , , .
, , , .
IP-, .

, , , .
,
. -
25. iptables
613
. ,
Telnet Internet
. . , ,
, . , ,
, proxy-, , , ,
, , . , proxy-, . ,
Java JavaScript.
, .
TCP/IP, , , , . ,
, .
,
.
,
Internet. , . (
. 25.2.) . , , Internet ,
. ,
, ,
. ,
25 . ( .)

,
" ", .
, ,
.

. , , .
NAT , . ,
, .
, , SMTP-,
. ,
SMTP-, SMTP, , SMTP- ,
. ( ,
SMTP .)
, .
614
IV.
*HxV /
'"'
*
1
II
()
. 25.2. , ,

. 25.1, ,
Linux, INPUT, FORWARD OUTPUT.
.
INPUT . , , ,
.
FORWARD .
, , .
OUTPUT . , ,
, .
.
, , ,
INPUT FORWARD, INPUT OUTPUT.
, FORWARD OUTPUT, ,
OUTPUT , , -
25. iptables
615
, FORWARD
.

, , . , ,
, .
- iptables.
# iptables -P INPUT DROP
# iptables -P OUTPUT DROP
# iptables -P FORWARD DROP
,
filter. (ACCEPT, DROP, QUEUE, RETURN . .).
ACCEPT, DROP REJECT. ACCEPT
Linux , , a DROP . REJECT, DROP, ,
, Linux , (
, , , ).
,
DROP REJECT, ,
, . ACCEPT,
, .
, , , , -
. , DROP
REJECT, . ,
.

append ( -) iptables.
,
jump ( -j), ACCEPT, DROP REJECT.
iptables, , :
# iptables append CHAIN _ jump
:
# iptables -A CHAIN _ -j
append iptables .
delete, -D. .
insert, -I. . . -
616
IV.
, iptables (
append ).
replace, -R. . , .
list, -L. .
iptables .
, iptables. ,
iptables. , , IP-.
^^
^
,
. (, Telnet ,
, ),
.
, . ,
.

. , , ,
, , 25. destination-port (dport).
, protocol (-p),
(tcp, udp, icmp all). source-port
(sport) , . , , :
# iptable(s -A INPUT -p tcp dport 25 -j ACCEPT
# iptables -A OUTPUT -p tcp sport 25 -j ACCEPT
, ,
25, ,
( 25). , , . ,
DROP REJECT,
INPUT , , , OUTPUT , ,
. INPUT destination-port, OUTPUT
source-port. ,
, , , ,
, , , , . , ,
FORWARD ,
25. iptables
617
destination-port source-port, .
IP-. , . , ,
,
SMTP .
DROP REJECT,
.
.
.
, INPUT,
source-port, , OUTPUT, destination-port. , , FORWARD ,
source-port destination-port. , IP- .
, , .
. 1024-65535.
source-port destination-port , , source-port 1024 : 65535. ! syn. ,
syn, ,
, ! , . . ,
.
IP-
IP- IP-. IP- source (-s), IP- destination (-d). ,
172.24.0.0/16, , , , ,
. :
# iptables -A INPUT -s 1 7 2 . 2 4 . 0 . 0 / 1 6 -j DROP
# iptables -A OUTPUT -d 1 7 2 . 2 4 . 0 . 0 / 1 6 -j DROP
-s -d , . , , ,
. , ,
, ,
10.34.176.0/24, SSH ( SSH
22). :
618
IV.
# iptables -A FORWARD -s 10.34.176.0/24 - tcp \

destination-port 22 -j ALLOW
t iptables -A FORWARD -d 10.34.176.0/24 -p tcp \
source-port 22 -j ALLOW
FORWARD, SSH ,
( ). ,
, . 192.168.9.0/24,
:
# iptables -A INPUT -s 192.168.9.0/24 - tcp \
destination-port 22 -j ALLOW
# iptables -A OUTPUT -d 192.168.9.0/24 -p tcp \
source-port 22 -j ALLOW
,
ethl.
, .
, , , , . , in-interf
(-i), , INPUT FORWARD, ,
out-interface (-), FORWARD OUTPUT. ,
192.168.9.0/24, , , ethl, Internet ethO. , ,
:
# iptables -A INPUT -s 1 9 2 . 1 6 8 . 9 . 0 / 2 4 -i ethO -j DROP
# iptables -A FORWARD -s 1 9 2 . 1 6 8 . 9 . 0 / 2 4 -i ethO -j DROP
# iptables -A FORWARD -s 1 1 9 2 . 1 6 8 . 9 . 0 / 2 4 -i ethl -j DROP
# iptables -A OUTPUT -s 1 1 9 2 . 1 6 8 . 9 . 0 / 2 4 -i ethl -j DROP
( ethO) , , ,
. , Internet ( ethl), IP-
, .

, Linux, . ,
, , ,
. ( syn,
25. iptables
619
, . ,
, . TCP.) , , IP-,
, . , , , ,
.

state, - . state
. , . ! state .
state.
INVALID. ,
.
NEW. .
ESTABLISHED. .
RELATED. , (, ICMP-, ).
! state INVALID
ESTABLISHED,RELATED.
state NEW,
. , ,
, DROP
REJECT, HTTP 80. , ,
,
, . ,
, :
# iptables -A INPUT -m state -p tcp dport 80 \
State NEW,ESTABLISHED,RELATED -j ACCEPT
# iptables -A OUTPUT -m state -p tcp sport 80 \
state ESTABLISHED,RELATED -j ACCEPT
. , , NEW state ,
.
Web-.
, 2.4.x.
. iptables.
620
IV.

iptables ,
. , new-chain
(-N) , fragment (-f),
, , tcp- flags
TCP-. Linux,
iptables.

, . 25.1.
, Web- SSH- , .
, , 25.1. iptables . .
, . , 25.1, .
25.1. , iptables
#!/bin/sh
iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
# NDS-
iptables -A INPUT -p udp sport 53 -j ACCEPT
iptables -A OUTPUT -p udp dport 53 -j ACCEPT
#
iptables -A INPUT -m state -p tcp dport 1024:65535 \
state ESTABLISHED,RELATED -s 192.168.9.0/24 -j ACCEPT
iptables -A OUTPUT -m state -p tcp sport 1024:65535 \
! state INVALID -d 192.168.9.0/24 -j ACCEPT
# HTTP-
iptables -A INPUT -m state -p tcp dport 80 \
25. iptables
621
! state INVALID -j ACCEPT

iptables -A OUTPUT -m state -p tcp sport 80 \
state ESTABLISHED, RELATED -j ACCEPT
# SSH-
I ( 1 9 2 . 1 6 8 . 9 . 0 / 2 4 )
iptables -A INPUT -m state -p tcp dport 22 \
! state INVALID -s 1 9 2 . 1 6 8 . 9 . 0 / 2 4 -j ACCEPT
\
iptables -A OUTPUT -m state -p tcp sport 22 \
State ESTABLISHED,RELATED -d 1 9 2 . 1 6 8 . 9 . 0 / 2 4 -j ACCEPT
# 1
iptables -A INPUT -s 1 2 7 . 0 . 0 . 1 -i lo -j ACCEPT
iptables -A OUTPUT -d 1 2 7 . 0 . 0 . 1 -o lo -j ACCEPT
, 25.1.
. iptables , , .
DROP. ,
FORWARD. ,
.
DNS. DNS, , " NDS", DNS (UDP- 53).
; .
, .
. , " ", , (1024-65535). INPUT OUTPUT
. ,
INPUT , ,
, , .
INPUT OUTPUT .

, ,
.
, Web-. Web-, , , , Web-, IP-.
622
IV.
,
.
, SSH. ,
SSH, Web-,
IP-. SSH-
.
. , , Linux (1).
.
, ,
1, 127.0.0.1.
NAT-
iptables
,
iptables . NAT-,
iptables. NAT TCP- IP, . NAT , , ,
NAT .
NAT
NAT TCP- IP. , NAT- IP- . ,
.
. , , IP-, ,
. NAT, -
Internet-, ,
, .
. NAT , , . , , Web-
. , DNS, NAT
.
. NAT IP-
25. iptables
623
. ,
,
. , ,
, NAT.
.
IP-, ""
IP-. ,
Internet . ,
NAT- .
NAT.
NAT- IP-.
NAT.
NAT . , NAT, Linux.
iptables. , NAT-,
: Internet,
.
, NAT, . NAT- .
NAT,
NAT-. , Internet,
(, Web-), ,
NAT-. ,
Web- 172.18.127.45. HTTP-; , , IP- (,
192.168.9.32). , ; NAT-. Web, NAT- , IP-
IP- (, 10.34.176.7) .
Web- , , NAT, . , NAT- , 192.168.9.32, , , ,
, . . 25.3 . ,
, NAT,
NAT-
.
NAT-, IP-, .
IP-, . ,
624
IV.
NAT-
192.168.9.32
192.168.9.33

. 25.3. NAT- IP-
. NAT ,
.
, NAT .

, NAT-,
. ,
.
NAT. IP- ,
. , NAT Linux,
, , Internet NAT- .
NAT , ,
. -
25. iptables
625
" ",
.
iptables
NAT-
NAT Linux nat,
. filter, nat : PREROUTING,
POSTROUTING OUTPUT. , OUTPUT nat
filter. NAT
:
# iptables -t nat -A POSTROUTING - _ -j \
MASQUERADE
I echo ' ' > /proc/sys/net/ipv4/ip_forward
NAT- iptables
modprobe iptable_nat.

, Internet,
ethl. Linux , , , IP-.
Linux ( ,
NAT).
NAT- . NAT-
, , Internet.
, NAT-, ,
" ", . ,
, ,
. NAT-
, .
, NAT, . , .
, NAT- . 80486.

,
.
, iptables.
626
IV.
,
.
, - Ij>NS.
.
,
.
. ,
.
, NAT-,
. NAT- , ,
.
NAT-.
,
(, ).
, .
, (, Web-),
IP-.
iptables
Linux, NAT, .
iptables. :
# iptables -t nat -A PREROUTING -p tcp -i external-interface \
destination-port port-num -j DNAT to dest-addr:port-num
.
, NAT (-t nat).
-A PREROUTING, ,
. NAT , .
, TCP- (-p tcp).
, , (-i
_) (-destination-port _
).
- j DNAT, , NAT (SNAT) NAT (DNAT).
25. iptables
627
to _:_, , .
, , 192.168.9.33,
80. , ,
to, ,
destination-port.
, .
NAT , , .
^^
, ^^ . , , xinetd. xinetd ,
, ,
.

iptables, , .
, .
, .
| , ,
. ,
, ,
.
, .
. , ,
.
iptables LOG,
. , LOG ; ,
, , . LOG .
LOG ,
, . , ,
.
628
IV.
, , ,
, .
, , , .
DENY REJECT, , .
ACCEPT, ,
, DENY REJECT
LOG.
, ACCEPT.
172.24.0.0/16;
.
#
#
#
#
iptables
iptables
iptables
iptables
-A INPUT -s 1 7 2 . 2 4 . 0 . 0 / 1 6 -j LOG
-A OUTPUT -d 1 7 2 . 2 4 . 0 . 0 / 1 6 -j LOG
-A INPUT -s 1 7 2 . 2 4 . 0 . 0 / 1 6 -j DROP
-A OUTPUT -d 1 7 2 . 2 4 . 0 . 0 / 1 6 -j DROP
, ,
DROP LOG.
, . ,
LOG DROP, ,
, .
/var/log/messages , .
Nov 18 22:13:21 teela kernel: IN=ethO OUT=
M A C = 0 0 : 0 5 : 0 2 : a 7 : 7 6 : d a : 0 0 : 5 0 : b f : 1 9 : 7 e : 9 9 : 0 8 : 0 0 SRC=192.168.1.3
DST=192.168.1.2 LEN=40 TOS=OxlO PREC=OxOO TTL=64 10=16023 DF
PROTO=TCP SPT=4780 DPT=22 WINDOW=32120 RES=OxOO ACK URGP=0
.
. .
. teela.
. IN=ethO ,
ethO.
. , OUT= .
-. = -:
.
25. iptables
629
IP- . SRC= DST=

IP- .
. SPT= DPT=
.
.
, , (LEN=), (TTL=) .
LOG ,
, .
log-prefix . 29 , ,
.
iptables ,
NAT, . . ,
, , NAT- . iptables
, .
iptables .
26

Internet .
, Telnet FTP, . , ,
. ,
, Internet, , .
, .
f ,
. , , .
Kerberos, 6.

. . ,
, , (VPN Virtual Private Network). , .
VPN
Internet, . , VPN .
, VPN,
VPN: PPTP FreeS/WAN, .
26.
631
VPN
VPN . , Internet, VPN. VPN
.
VPN . . , ,
, , TCP Wrappers
, . VPN ,
, .
VPN , , . VPN , , ,
. ,
, NFS Telnet, VPN
Internet. ( , , .)
, VPN, ; VPN.
, .
, ,
, .
, VPN.
VPN
. ,
-. VPN, ,
. VPN . 26.1. VPN-, , , NAT , .
VPN-
, .
. 26.1 ,
VPN
.
VPN .
. VPN- . VPN-, .
. 26.2.
632
IV.
. 26.1. VPN ,
,

VPN,
. , ,
. ,
, .
Ethernet, 100 , VPN-
VPN-
VPN-
. 26.2. VPN
26.
633
1 1,5 , .
ADSL-, ,
.
600-1500 ,
100-300 . ,
Internet , 56 .

VPN . VPN ,
. , VPN
. ,
.
, VPN, , . ,
, , , VPN - , ,
SSH.
,
VPN
, VPN. , VPN, . , VPN.
(Point-to-Point Tunneling Protocol )
Forum, , . , , .
Windows.
- Linux; (http://poptop. lineo.
com).
FreeS/WAN. FreeS/WAN (http: //www. f reeswan. org) VPN- Linux.
. VPN,
Linux.
SSH. SSH VPN.
VPN. .
634
IV.
, Windows- VPN-. ; ,
(remote access switch). FreeS/WAN
, Linux. VPN , VPN-
Linux.
Linux
Linux, Linux,
. - pppd. ,
pppd . pppd
. - Linux, Windows;
, -.

Linux, Debian
Mandrake. pptpd pptpd-server.
, Linux, ,
, Internet. Linux
, Web- ,
http://poptop.lineo.com.
Linux
VPN. ,
, pppd. , (Microsoft Point-to-Point
Encryption Microsoft).
- pppd Linux.
.

.
.
1. /etc/ppp/options. pppd, VPN-
. /etc/ppp/options
.
debug
name _
auth
require-chap
26.
635
192.168.1.1:192.168.1.100
. ; , VPN- (192.168.1.1), , VPN- (192.168.1.100).
, IP-, VPN-. VPN.
2. /etc/ppp/chap-secrets ,
.
vpnl vpnpass.
vpnl * vpnpass *
/etc/ppp/chap-secrets | , .
root . ,
. , VPN-,
.
3. /etc/inittab pptpd , #.
telinit Q, .
pptpd
. , ,
/etc/inittab
.
4. root pptpd, .
-
. ,
. ,
.
| ,
. VPN , ,
VPN .
, /etc /etc/ppp. /etc/ppp.
.
636
IV.
debug. ,
. ,
.
localip. IP-: , . IP-
localip. , , . , localip 192 .168.9.7,192 .168 .
9.100-150 192.168.9.7 192.168.9.100
192.168.9.150. , .
remoteip. IP-, .
,
. IP- , localip.
listen. IP-,
, pptpd , .
.

pppd, , ,
. , , pppd , a pppd
, Linux.
pppd,
.
, pppd
Linux. , http:
//mirror.binarix.com/ppp-mppe/.
.
Linux. Linux ,
kernel, kernel-2 .4 . 9-13mppe.i386.rpm.
,
, . ,
.
. pppd - 2.4.1- 3mdk. i 5 8 6 .
rpm .
pppd.
~_
http://mirror.binarix.com/ppp-mppe/ , Mandrake,
Linux, , . , , .
RPM,
alien. Debian
RPM, Debian tar-.
26.
637
, http:
//pptpclient. sourcef orge. net. , -mppe, pppd ,
.
-
,
. .
Linux. Linux ,
http: / /www. kernel. org. Linux , ,
, .
pppd. ftp:
//cs.anu.edu.au/pub/software/ppp/.
OpenSSL. - ,
OpenSSL OpenSSL. http://www.openssl.org.
Linux. http://mirror.binarix.com/
-mppe/ , linux
patch.gz, linux-2.4.16-openssi-0.9.-bmppe.patch.gz.
pppd. pppd http: / / m i r r o r . b i n a r i x . com/ppp-mppe/.
patch. gz, -2 .4 .1-openssl0.9.6-mppepatch.gz.
, , pppd.
, pppd, ( gunzip filename,
patch.gz), (cd ___;
patch -pi < patchfile .patch), (make menuconfig
make xconfig Linux . /configure pppd),
(make bzlmage make modules Linux make pppd)
( make modules\_install LILO Linux, make install pppd).
, , ,
, .
-
- Windows,
, Windows
. - Linux
. VPN- VPN-
638
IV.
, . ,
.
- Linux
-, Linux. , Linux,
-, PPTP-Linux.
, http://cag.lcs.mit.edu/~cananian/
Projects/PPTP/ http://pptpclient.sourceforge.net. http:
//pptpclient.sourceforge.net PPTP-Linux
TAR- RPM, 86 Alpha.
PPTP-Linux , , .
, PPTP-Linux
pppd . ,
, pppd . .
PPTP-Linux.
PPTP-Linux pptp-command. PPTP-Linux .
1. pptp-command.
2. : start, stop, setup quit. 3.
3. , . 2, Add a New CHAP secret.
4. .
VPN. VPN- Windows,
NetBIOS. , arbor\\maple,
maple arbor.
5. .
( ).
,
.
6. . ,
VPN-.
7. ,
. 5 Add a NEW PPTP Tunnel.
8. . , ;
Other.
, , Other.
26.
639
9. , , IP- VPN-
.
route. , add -host 172.19.87.1 gw DEF_GW
, 172.19.87.1
.
10. . 7 Configure
resolv.conf.
11. , 9. DNS, /etc/resolv. conf. .
12. . 8 Select a
default tunnel.
13. . ,
9 ( ).
14. 9 Quit.
.
PPTP-Linux -. VPN- pptp-command. , 3, 1 (start).
. VPN .
VPN-
VPN. VPN- , VPN- ping. traceroute, , VPN. Internet- , ,
. VPN- VPN
- , Linux
.
- Windows
- Windows, , . Windows 9x/Me Windows NT/2000/XP,
. Internet-. -
Windows Me.
1. Add/Remove Programs Control Panel.
Add/Remove Programs Properties.
2. Add/Remove Programs Properties Windows Setup.
640
IV.
. 26.3. VPN- Microsoft VPN Adapter, ,

3. Communications .
Communications.
4. Communications Virtual Private Networking.
5. Communications, Add/Remove
Programs Properties. Windows . , .
6. Dial-Up Networking Control Panel.
7. Make New Connection. Make
New Connection Wizard, . 26.3.
8. , , Microsoft
VPN Adapter (. . 26.3).
9. Next. Make New Connection , IP- VPN.
10. Next. ,
. Finish.
Dial-Up Networking . , Windows Connect
, . 26.4. , , IP- VPN. Connect
( ).
IP-, VPN. , ,
, My Network Places ( Windows
641
26.
, ' J=. Ititewt,Window? , WbAwj ME

-AdyancedepfonE'r;'
|7 JEnabte software yxnnico>ai

vPNLhk
rAlowednelwoik
A-'-v-M
Connect
I. ' .ênite t
. 26.4. Connect To
VPN-
. 26.5.
VPN-,
Network Neighborhood).
. , , , ,
.
. 26.4, Connect To
. , , Connect
Automatically, Windows,
. Properties
. , . 26.5,
VPN-. ,
Networking Security. ,
Networking, ,
, , VPN.
TCP/IP Settings, IP DNS . Security .
, NetBIOS. ,
, .
FreeS/WAN
FreeS/WAN , ,
Linux. , FreeS/WAN
, Internet. ,
642
IV.
FreeS/WAN, . .
FreeS/WAN ,
. FreeS/WAN,
(http: //www. freeswan.org/freeswan_
trees/freeswan-1. 91/doc/conf ig.html).
FreeS/WAN
FreeS/WAN Linux SuSE Mandrake.
FreeS/WAN, Web- FreeS/WAN, http: //www. freeswan.org. , FTP (ftp:
//ftp.xs4all.nl/pub/crypto/freeswan/), Web-, . FreeS/WAN , . FreeS/WAN Linux, ,
.
, FreeS/WAN Web-.
FreeS/WAN .
. FreeS/WAN , GCC, make, .

Linux.
. FreeS/WAN Linux, /usr/src/linux.
,
FreeS/WAN.
GMP. FreeS/WAN GMP (http: //www, swox.
com/gmp/).
Linux. , .
ncurses. FreeS/WAN
ncurses. , .
, ,
.
FreeS/WAN .
1. , .
2. FreeS/WAN, , usr/src. f reeswan-,
.
26.
643
3. FreeS/WAN , ,
Linux FreeS/WAN. make oldgo FreeS/WAN,
, make ogo make conf ig, make menugo
make menuconf ig, make xgo make xconf ig.
.
4. make kinstall .
, make modules_install
.
5. LILO, GRUB ,
Linux. /usr/src/
linux/arch/architecture-code/boot, /etc/lilo.
conf ( ) lilo (
).
6. . ,
.
FreeS/WAN.
/etc/ipsec. secrets, . , ,
( ).
FreeS/WAN, , .
, , , FreeS/WAN , .

FreeS/WAN : /etc/ipsec.secrets
/etc/ipsec.conf. . /etc/
ipsec. secrets , /etc/ipsec. conf .

, FreeS/WAN /etc/
ipsec. secrets, .
,
# ipsec rsasigkey 128 > /root/rsa.key
128- /root/rsa.key.
, , . ,
644
IV.
, . :
: RSA {
RSA . ,
,
(}). /etc/ipsec. secrets.
VPN-, FreeS/WAN.
, ipsec rsasigkey,
, #pubkey=. ,
, . ,
.
ipsec.conf
FreeS/WAN /etc/ipsec.
conf. , , , . /etc/ipsec. conf :
config setup, conn %default conn remotename.

config setup . /etc/ipsec.
conf, , :
config setup
# THIS SETTING MUST BE CORRECT or almost nothing will work;
# %defaultroute is okay for most simple cases,
interfaces=%defaultroute
# Debug-logging controls: "none" for (almost) none, "all" \
for lots.
klipsdebug=none
plutodebug=none
# Use auto= parameters in conn descriptions to control \
startup actions.
plutoload=%search
plutostart=%search
# Close down old connection when new one using same ID shows \
up.
uniqueids=yes
interfaces, FreeS/WAN , VPN. %def aultroute , FreeS/WAN
. . interfaces
ethO pppl:
interfaces="ipsecO=ethO ipsecl=pppl"
26.
645
klipsdebug plutodebug KLIPS (Kernel IP Security IP- ) Pluto. Pluto

FreeS/WAN . , all.
Pluto FreeS/WAN. plutoload plutostart , .
, , , ; .
,
,
conn. FreeS/WAN
%default. , , .
keyingtries. , FreeS/WAN
. 0 ,
.
, keyingtries .
authby. ,
authby=rsasig. , RSA. ,
.
, ,
. ,
, .
,
.
,
, conn. conn , . , ,
. , conn, . . 26.6, ,
FreeS/WAN. VPN-, , "". FreeS/WAN IP-, .
.
le f t subnet. , FreeS/WAN.
, . 26.6, 172.16.0.0/16.
left. , VPN.
%def aultroute,
IP-. . 26.6 10.0.0.1.
lef tnexthop. IP- , VPN. , . 26.6, 10.0.0.10.
646
'
IV.
, KLIPS , ,
.
leftfirewall. , VPN-,
IP-, (,
NAT), VPN-
, leftf irewall=yes.
rightnexthop. IP- , .
right. VPN. . left, .
rightsubnet. IP- . ,
. 26.6, 192.168.1.0/24.
lef tid. "" . IP-,
, @ (, @vpn. threeroomco.
com). , @, ,
IP-.
rightid. "" VPN-.
lef trsasigkey. RSA- /etc/ipsec. secrets "" VPN-.
rightrsasigkey. RSA- /etc/ipsec.secrets
"" VPN-.
auto. plutoload plutostart ,
FreeS/WAN.
plutoload=%search auto=add, , , , plutstart=
%search auto-start, .
, "", "". , . ,
, , boscinci, , , "", , , "".
; FreeS/WAN , ,
.
647
26.
leftsubnet:
172.16.0.16
172.16.1.1
VPN-
left: 10.0.0.1
leftnexthop: 10.0.0.10

rightnexthop : 10.88.23.10
right: 10.88.0.1
VPN-
192.168.1.1
rightsubnet:
192.168.1.0/24
. 26.6. FreeS/WAN , VPN
648
IV.

FreeS/WAN
: ipsec ,
.
, ,
ipsec . ,
; , FreeS/WAN
.
ipsec ,
# ipsec setup start
,
plutoload, plutostart auto, , . auto=add,
, .
,
# ipsec auto up
ipsec , boscinci. . , ,
ipsec look.
VPN, , . , ping, traceroute
telnet, , Internet,
, VPN.
/etc/
ipsec. conf. ,
ipsec setup start.
FreeS/WAN SysV
.
VPN
VPN .
. VPN . 26.1, 26.2 26.6.
,
. VPN ,
VPN- Windojvs. Windows :
VPN, Internet-.
. 26.7.
VPN , ,
, Internet-
649
26.
VPN-
VPN-
. 26.7. VPN- , Internet-,

( , VPN-). , Windows ,
. , VPN- , , ,
. , VPN-, , , ,
.
VPN .
VPN. VPN-
, . , VPN-
: VPN-
. VPN- ,
, VPN- , ,
. , , .
VPN-. , VPN-,
650
IV.
, . ,
VPN,
VPN- , Internet-. VPN X Window,
-, .
VPN-.
. , -,
,
.
, , iptables,
25. VPN-,
.
VPN . ,
Internet-. ,
, .
VPN , Linux. VPN
, PPTP-Linux,
FreeS/WAN.
VPN-, a FreeS/WAN .
VPN, ,
, VPN-
.

Access Control Lists, 157
ACL, 157
Address Resolution Protocol, 60
ADSL, 40
Advanced Maryland Automatic Network Disk
Archiver, 413
AMANDA, 390; 413
Analog, 525; 527
Apache, 494; 495
AppleTalk, 36; 81; 85; 86
apt-get, 570
ARCnet, 38
ARP, 60
ASHE, 524
Asymmetric DSL, 40
ATM, 36
August, 524
BGP, 605
BIND, 432; 433
Bitstream Speedo, 360
Bluefish, 524
Border Gateway Protocol, 605
BSD FTPD, 557
bzip2, 595
Caldera Open Administration System, 68
ccTLD, 431
CDDI, 38
CGI, 508
CGI-, 505
Challenge Handshake Authentication Protocol,
73
CHAP, 73
chkconfig, /00
CIDR, 59
CIFS, 35; 85; 174; 207
Classless Inter-Domain Routing, 59
Cleanfeed, 283
COAS, 53; 68
Common Gateway Interface, 505
Common Internet Filesystem, 35; 85; 174; 207
Common UNIX Printing System, 226
Coordinated Universal Time, 243
Copper Distributed Data Interface, 38
Country code top-level domain, 431
Courier, 264; 450
CUPS, 226; 232
Cyrus IMAP, 263
D
DAT, 397
DECnet, 36
DHCP, 51; 126
Digital Audio Tape, 397
Digital Linear Tape, 39/
Digital Subscribe Line, 40
DLT, 39/
DNS, 66
DNS-, 426
dnscache, 432
Domain Name System, 66; 426
DSL, 40
DUL, 458
Dynamic Host Configuration Protocol, 51; 126
E
Encapsulated PostScript, /96
EPS, /96
Ethernet, 37
Exceed, 326
Exim, 447; 449; 467
ext2fs, 4//
FAT, 408; 411

FDDI, 35
Fetchmail, 254; 265
fetchnews, 292
652
Fiber Channel, 39
Fiber Distributed Data Interface, 38
File Allocation Table, 408
File Transfer Protocol, 84; 534
FontTastic, 369
FreeS/WAN, 633; 641
FreeType, 368
FTP, 84; 85; 534
G
GateD, 605
GDM, 335; 338
gFTP, 312
Ghostscript, 194
GIF, 522
Giganews, 280
Global Positioning System, 242
GMP, 642
GMT, 243
GNOME, 71
GNOME Display Manager, 335
GNOME PPP, 71
GNOME RPM, 557
GNU Network Object Model Environment, 71
GPS, 242
Grand Unified Boot Loader, 49
Graphics Interchange Format, 522
Greenwich Mean Time, 243
GRUB, 49
gTLD, 431
gzip, 395
ipchains, 609
ipfwadm, 60P
iptables, 607; 60P
IPv4, 32
IPv6, 32
IPX, 36; 81; 89
ISC, 729
Joint Photographic Expert Group, 523

JPEG, 523
Desktop Environment, 71
kadmin, /53; 162
KDC, 147
KDE, 71
KDE Display Manager, 335
kdestroy, 163
KDM, 335; 337
Kerberos, 145
kHTTPd, 495
kinit, 163
klist, 163
klogind, 760
KMail, 255
Konqueror, 525
kpasswd, 163
KPPP, 71
kpropd, 760
ksysv, 776; 720
H
Heimdal, 752
High Performance Parallel Interface, 39
HIPPI, 39
hostnane, 67
HTML, 520
HTTP, 34; 85; 492
Hypertext Transfer Protocol, 34; 492
I
ifconfig, 56
MAP, 256; 260
inetd, 705
INN, 252
Internet Explorer, 525
Internet Message Access Protocol, 256
Internet Software Consortium, 129
InterNetNews, 282
Internetwork Packet Exchange, 36; 89
IP, 84
Leafnode, 250; 292

LILO, 48; 49
Line Printer Daemon, 223
Linux Loader, 48
Linuxconf, 53; 65; 776; 372; 374
LinWare, 90
LocalTalk, 35
LPD, 223
LPRng, 226
Lynx, 525
M
-, 729; 734
Mail Abuse Prevention System, 455
MAPS, 455
Mars_nwe, 90
Maximim Transfer Unit, 57
Maximum Segment Size, 62
653

MBONE, 596
MSS, 62
mt, 399
MTU, 57
Multicast Backbone, 596
mutt, 255
N
named, 433
NAT, 64; 607; 622
NAT-, 607; 622
nbadmin, 93
nbstatus, 93
nbview, 93
NCP, 89
ncurses, 642
NEdit, 347
Netatalk, 36; 87
netb, 93
NetBEUI, 81; 85; 91
NetBIOS, 55; 174
NetBIOS Extended User Interface, 85
Netscape Navigator, 525
netstat, 560
NetWare Core Protocol, 89
Network Address Translation, 64; 607
Network Basic Input/Output System, 85
Network Filesystem, 34; 207
Network Information Service, 272
Network News Transfer Protocol, 280
Network Time Protocol, 241
NewsGuy, 250
newsq, 292
NFS, 34; 85; 207
NIS, 272
nkitserv, 306
NNTP, 55; 250
NTP, 241
ntpdate, 244
ntpq, 244
ntptrace, 244
ntsysv, 102
nupop, 263
Open Shortest Path First, 603

Open System Interconnection, 52
OpenMail, 450
OpenSSH, 311
Opera, 514; 525
OSPF, 603; 605
-, 452
Packed Font, 355
, 765
PAP, 73
Parallel Line Internet Protocol, 43
Password Authentication Protocol, 73
PCF, 355
PDF, 205
pdnsd, 432
PFA, 367
PFB,367
pine, 255
PKI, 311
FLIP, 43
Pluggable Authentication Module, 765
PNG, 522
Point-to-Point Protocol, 42; 51
Point-to-Point Protocol over Ethernet, 40
POP, 256; 255
PoPToP, 634
Portable Compiled Font, 355
Portable Network Graphic, 522
portmap, 211
Post Office Protocol, 256
Postfix, 447; 449; 474
PostScript, 792
PostScript Printer Description, 233
PostScript-, 792
PostScript-, 793
PostScript-, 792
PowerTools, 474
PPD, 233
PPP, 42; 51; 70
PPPoE, 40; 70
PPTP, 633
PPTP-Linux, 635
Printer Font ASCII, 367
Procmail, 447; 481
ProFTPd, 537; 543
ps, 559
Public Key Infrastructure, 377
qmail, 449
qmail-pop3d, 264
QoS, 33
QPopper, 264
quality of service, 33
654
R
-, 301
RBL, 458
, 312
Remote Procedure Call, 210
Respond, 200
rewinding device, 398
RIP, 603; 605
RIPv2, 605
rlogind, 300; 301
route, 61
routed, 604
Routing Information Protocol, 603
Roxen, 494
RFC, 210
rshd, 400
RSS, 458
Samba, 35; 174
Samba Web Administration Tool, 372
scp, 312
SDSL, 40
Secure Hash Algorithm, 458
Secure Shell, 310
sendmail, 447; 449
Sequences Packet Exchange, 89
Serial Line Internet Protocol, 43
Server Message Block, 35; 85; 174; 207
Server Normal Format, 358
Server Side Includes, 505
SFQ, 600
sftp, 312
SHA, 458
Simple Mail Transfer Protocol, 256; 447
SLIP, 43
Smail, 450
SmartList, 488
SMB. 35; 85; 174; 207
smbmount, 408
smbtar, 406
SMTP, 55; 256; 447
SMTP-, 452
SMTP-, 452
SNF, 358
SpamBouncer, 488
SPX, 59
SSH, 55; 300; 370; 311
ssh-agent, 319
sshd, 372
SSI, 505
SSL, 573
Start of Authority, 440
Slash-, 55
Storm Package Manager, 557
strace, 584
Supernews, 250
SWAT, 372; 353
Symmetric DSL, 40
tar, 394
tc, 5P5
TCP, 84
TCP Window Size, 62
TCP Wrappers, 106; 107
TCP/IP, 84
telinit, 104
Telnet, 55; 300; 305
telnetd, 306
TeX, 355
texpire, 2P2
TFTP, 326
TGS, 149
TOT, 149
thttpd, 495
Ticket-granting service, 149
Ticket-granting ticket, 149
TightVNC, 344
TLD, 427
Token Ring, 35
Top-level domain, 427
TOS, 594
TridiaVNC, 344
Tripwire, 572
Trivial File Transfer Protocol, 326
TrueType, 360
TurboLinux Configuration Cmter, 69
Type-of-Service, 594
Type 1, 360
Type 3, 360
Type 42, 360
Type 5, 360
Uniform Resource Locator, 492

Update Agent, 570
URL, 492; 501
USB, 40
Usenet, 275
UTC, 243
UW IMAP, 262; 263
655
Virtual Network Computing, 322

Virtual Private Network, 312; 630
VNC, 322; 342
VPN, 312; 630
WAN-, 41
Web-, 524
Web-, 492
Web- , 494
Web-, 492
Webalizer, 525; 550
Webmib, 69
Webmin, 372; 379; 380
WebSphere, 524
WU-FTPD, 538; 539
WYSIWYG, 523
X Display Manager, 335

X Display Manager Control Protocol, 334
X Logical Font Descriptor, 367
-, 330
-, 327
-, 324
-, 325
-, 331
X-, 323; 326
xauth, J25
XDM, 555
XDMCP, 554
XDMCP-, 555
XFree86, 526
XFree86-xfs, 361
xfs, 361
xfsft, 562
xfstt, 56/
xhost, 527
xinetd, 110
XLFD, 567
Xmanager, 526
xntp, 244
xntp3, 244
xntpd, 244
xntpdc, 244
Xtools, 526
X Window, 524
YaST, 55; 68; 116; 118; 557

YaST2, 55; 68; 116; 118
z
Zebra, 605
Zeus, 494
, 199
, 448
, 566
-, 554; 548
, 557
, 129
, 729
, 41
, 520
, 188
, 75; 745; 572; 554
Kerberos, 745
, 575
, 577
, 566
, 556
, 47
, 47
, 745
, 556
, 746; 605; 672
NAT-, 594
, 759; 760
, 455; 456
, 759
, 456
, 572; 650
, 576
, 576
, 757
, 456
, 422
., 622
, 240
, 455; 456
, 566
656
, 181
, 41
, 571
DHCP, 131
, 348
, 29
, 243
NIS, 212
, 275; 281
, 596
, 283
DHCP, 129
, 520
DNS, 144
IP-, 56
DNS-, 429
IP-, 130
, 496; 543
, 333-335; 337
, 598
, 183
, 91; 177
NetBIOS, 777
TCP/IP, 777
, 427
,
431
, 242
, 451; 453
, 451; 453
, 314; 512
, 441; 450
CNAME, 441
MX, 442; 451
NS, 441
PTR, 441
SOA, 440
, 95
, 240
, 356
, 86; 436
, 96
8.3, 408
, 397
, 48
, 311
, 191
SysV, 95
, 33; 596
, 147
, 164
, 161; 162
, 541
IP-, 59
AMANDA, 415
BSD LPD, 225
CUPS, 233; 237
DHCP, 52
Kerberos, 148
LPRng, 232
NTP, 241
VNC, 342
X Window, 325
, 392
, 150
, 634
, 43
, 174; 182
, 356; 359
, 436
, 427
, 427
, 240
, 374; 5/2
, 367
, 455
, /45
, 596
, 455
, 436
, 605
DNS, 429
, 114
657
, 391
, 62
, 594
, 32; 63; 592
, 592
, 57
, 454; 462; 474; 475
, 356
, 147
ad-hoc, 142
interim, 142; 143
, 62; 601
, 106
OSI, 82
, 255
, 255
, 51; 503
, 44
, 367
, 276
Telnet, J07
, 359
,
565
, 410
, 525
, 346
, 148; 154
Kerberos, 148; 154
, 557
DNS, 142
, 436
, 442
, 27
, 314; 512
, 1
, 410
DHCP, 131
, 148
, 174
, 180
, 755
, 183
, 180
, 314; 512
, 460
, 218
, 210
, 194; 195
signal 11, 47
, 242
, 29
DHCP, 129
, 436
, 56
, 613
, 112
, 625
, 556
chroot, 54.2; 557
, 242
, 556
, 565
, 6/5
, 422
, 57
, 67
, 504
, 205
, 598
, 257
, 755
, 675
SUID, 205
, 502
, 148; 157
, 679
, 567
Kerberos, 145
, 257
, 254; 447
, 257
,254
, 772
, 627
658
, 182
, 504
, 553
, 67
, 200; 413
, 34
, 557
, 354
, 91; 177
, 27
, 333
, 176; 185
, 790,
, 410
, 180
, 790
, 62
, 356
, 622
, 147
, 359
, 356
, 623
, 593
, 41

, 487
, /75
, 57
, 57
, 205
, 390
,
, 2; 399
, 392; 401
, 183
, 359
, 256; 448; 455; 477
, 482
, 527; 530
, 590
, 362
, 359
AMANDA, 414
BSD LPD, 225

CUPS, 233
DHCP, 52; 727
DNS, 742; 426; 427
FTP, 534
Kerberos, 148; 152
LPRng, 229
NBNS, 779
NFS, 208
NTP, 241
Samba, 777
VNC, 342
WINS, 779
XDMCP, 334
X Window, 325
, 174; 426
NetBIOS, 1 78
, 278
, 256
, 790
, 255; 256
Kerberos, 767
, 392
, 300
, 354; 360
, 572
, 573
, 57
, 56
SIGUSR1, 773
SIGUSR2, 773
GID, 279
UID, 279
, 557
, 240
, 775
, 41
, 253; 455; 457; 479
IP-, 457
, 334; 335; 337
, 27
IP-, 56; 727
TCP/IP, 85
, 81
, 95; 705; 770
postexec, 797
659

, 797
Samba, 797
SysV, 95
, 620
, 60
, 594
, 367
, 331
, 312
, 372
, , 305
, 243
, 431
, 773
, 96; 703
, 398
, 398
, 39
,
700
, 134
, 30; 471
, 594
, 505
, 317
, 147
, 147
, 608
, 422
, 397
, 179
, 179
, 128
, 312; 512; 535
, 32
, 354
, 148
, 272
, 242
, 767; 330
, 728
, 775
, 525
, 184
, 26
, 27
, 758
Linux
. .
. .
. .
. .
. .
. .
,
,
"".
101509, , . , . 43, . 1.
. . 090230 23.06.99
.
27.02.2003. 70x100/16.
Times. .
. . . 47,7. .-. . 44,6.
3000 . 2537.
" "
,
.
197110, -, ., 15.
TCP/IP
.
&;

.'.'! * x

,
. TCP/IP
Internet.
.

,
. ,
,

.
,
Linux. /

.
, , , , . ,
,

.
, .
, , .
www.williamspublishing.com
LINUX

Linux

.

,

,

.

.

Linux: Red Hat 7.2,
SuSE 7.3 Debian 3.0.
,

Linux-.

www.williamspublishing.com .
,
,
,
Linux.

,
,

.
,
,

LINUX -
,
,


:
, 2- ., Linux. .

Linux , .
,
,
, Linux. ,
Linux Unix ,
,
Linux, .

.

.

,
,
-
.

LINUX
.
Linux*
Internet

.

,

Internet.

Linux,
,

DMZ.

,

.

ipchains,
Red
Hat .6.0.
.
, ,
-
ipchains,

ipfwadm.

,

,
.

.

,
,
,

.

LINUX.
Linux

, . ,

Internet,
. , ,
, ( ,
).
( ) Linux .

.
sendmail

Internet, (
). ,
,
.

Linux.
,

, .
,
.
.

, ,

,
.

, , -
.

-! i
Java C++,
.

RPC, SSL,
,
,
IPv6.
,
,
.
www.williamspublishing.com ,
.

.
LINUX.
Linux
"

LINUX

, Linux

Linux.
,
,
,

- , Linux, ,

.
- . Linux (RIP-1, RIP-2
OSPF), (DVMRP,
MOSPF, PIM-SM PIM-DM)

(EGP, BGP, BGMP MSDP).

IPv4 IPv6

. Linux Linux
, routed, gated, mrouted, pimd,
pppd, rip2ad pptpd;
, ifconfig, netstat, route, arp, ping, traceroute tcpdump; Linux
'
,
, .
. , www.williamspublishing.com

, .

Linux,
,
,
.
Linux*

LINUX,
- .
Linux
,
Linux, ,
.

KDE GNOME,
,

Linux
.
.

Caldera
OpenLinux, Red Hat Linux Debian
GNU/Linux,
Linux.

Linux
, .
^^
;- ^;;:;^
C++.
C++ Iii-Depth, . 1
.
C++.
,

C++.
,
.
C++,
-,
,
. ,
C++. * ' "
C++.
C++ In-Depth, . 2
^ ;;'' * ~, ^
, . My
'/%,,: ,.,' * -"'
, , ,
+-
C++ ,
,
. -
C++, ,
, , C++
, .
" /-^^'-*///'-*,
C++.
C++ In-Depth * 3

'"'?,-<
,
,
- C++.
, ,
, C++ , .
.
Loki, Web-
. C++.
" C++.
C++ In-Depth, . 4
Cammep

C++
Exceptional C++ More Exceptional C++ ,
C++ In-Depth, ,
C++.
Guru of the Week,
C++, ,
.
www.dialektika.com
... ""
I .
\ ,
I . 180 ...
I "".
[ :

| 100% , ,
i . , ,
1 , ,
] :

I <
:
| |
|
"-"
Cisco SYSTEMS
I. www.ciscopress.ru
Linux/

,

.
, ,
,

.
'
Linux , ,
, .
,
.
II , . DHCP, Kerberos, Samba,
, . III
Internet- DNS, SMTP (sendmail, Postfix Exim), HTTP (Apache)
FTP. IV , enroot,

iptables VPN.
.

i
:
Calde
OpenLinux, Debian GNU/Linu
Mandrake, Red Hat, Slackware, SuS
Turbo Linux.
<
.

Linux
[

, :

" Linu

.
,
Linu?

.
Linux.
, Broadband Internet Connections (Addison-Wesley, 2002), Linu
Samba Server Administration (Sybex, 2001), The Multi-Boot Configuration Handboo
(Que, 2000), Linux: Networking for your Office (SAMS, 2000). ,
Tufts University.
ISBN 5-8459-0426-9
ADDISON
WESLEY http://wvw.awl.com/cseng/
9 "785845"904263"

Сетевые Средства Linux - Р.В.Смит

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Сетевые Средства Linux - Р.В.Смит

Загружено:

Авторское право:

Доступные форматы

TV

ISBN 5-8459-0426-9 (.)

11. : POP IMAP

14. X Window VNC

. 1970- 1980-. 1990- - . , World Wide Web Web-, Internet

Loadable module supper

* y ' j v f n ! v n , Packet socket

Packet socket: mmapped 10

4/_yJ|v n^ljf % Hetlink device emulation

j|v " j Network, packet filtering (replaces Ipchatns)

Network packet teriitgdehugojng

*_^BJ) Socket Hte*ig

y]iv-_ra vn.i Unix domain sockets

v " TCP/IP networking

^n;| IP: multicasting

IPs as> tteWter xnkw * routing Key

IP: (,-<<!! notwdrt! aifclrass tj-anslaili

IP Tables Support. iptables,

. , Linux FIFO (first in/first out " "),

2.4.x : HTTP, NFS

) 100 . FDDI 10 Ethernet , 2 . , Ethernet - 5 .

Internet. ISA PCI-,

This dialog allows you

Network address setup

2.1. DHCP Linux

Red Hat Linux 7.2

Slackware Linux 8.0

SuSE Linux 7.3

media . (, 10Base-2 10Base-T). ,

.rodsmlthQspesker rodsmlthl$ route -n

Flags Metric Ref

add I del. add , , del .

, Office 2 Office 1 172.21.1.1. ,

(DNS Domain Name System). , DNS

search f , . , , 2.1 (tworoomco.com

, /etc/hosts; DNS . /etc/hosts

Dial Setup Connection Name: j A Small ISP

, Customize pppd arguments..-

. 2.6. New Account

Configuration, New Account, . , , .

CHAP, , /etc/ppp/pap- secrets

]1*-< TCP- RP-

/etc/ re . d/rc . local

/etc/re . d/rc . sysinit

/etc/ re. d/ re?. d

/etc/re . d/rc . sysinit

/etc/ re . d/rc . local

/etc/ re . d/rc . sysinit

/etc/re . d/rc . local

# chkconfig list postfix

( 1390 .Red Hat ,;Sof Urer<$

<Pi> for mor<a InforwatJtori on a e&rvice

TCP Wrappers : /etc/ hosts, allow

badguy. threeroomco. com). ,

> Mount/Unmount file systems

,Vou can eiedlvly enable or disable

You can enable/disable a service

",j single user fy %y,,

Level 2'(default)' rMultl-user/Text

Level 3 (default) rr Multt-user/TffitfFull network

I Post a support query

'> RC-Config Editor

Potnls to service jpostfix

_^BJ) Socket Hteig