You are on page 1of 672

TV

AODISON
WESLEY

ii

Linux

Advanced
Linux
Networking
Roderick W. Smith

A
TT
ADDISON-WESLEY
Boston San Francisco New York Toronto Montreal
London Munich Paris Madrid Capetown Sydney
Tokyo Singapore Mexico City

Linux
.

-
2003

32.973.26-018.2.75
50
681.3.07
""
. . .
. .
"" :
info@williamspublishing.com, http://www.williamspublishing.com

, , .
50

Linux. : . . . : "",
2003. 672 . : . . . .
ISBN 5-8459-0426-9 (.)
, Linux. DHCP-, Samba NFS,
, NTP-, X Window. He , Internet-:
DNS, SMTP, HTTP FTP. .
Linuxconf, Webmin SWAT.
,
.
32.973.26-018.2.75

.

, ,
, Addison-Wesley Publishing
Company, Inc.
Authorized translation from the English language edition published by Pearson Education, Inc., Copyright 2002
All rights reserved. No part of this book may be reproduced, stored in retrieval system or transmitted in any
form or by any means, electronic, mechanical, photocopying, recording, or otherwise without either the prior written
permission the Publisher.
Russian language edition published by Williams Publishing House according to the Agreement with R&I Enterprises International, Copyright 2003

ISBN 5-8459-0426-9 (.)


ISBN 0-201-77423-2 (.)

"", 2003
Pearson Education, Inc., 2002


I.
1.
2.
3.
4.
.
5. IP- DHCP
6. Kerberos
7. Samba
8. NFS
9.
10.
11. : POP IMAP
12.
13.
14. X Window VNC
15.
16.
17.
III. Internet
18.
19. : SMTP
20. Web-
21. FTP-
IV.
22.
23. chroot
24.
25. iptables
26.

25
26
51
81
95
125
126
145
174
207
223
240
254
278
300
322
354
372
390
425
426
447
491
534
555
556
581
592
607
630
651


Linux


Linux

,

18
20
20
21
22
22
23
23

I.

25

1.




TCP/IP
IPv6
QoS

HTTP-


Ethernet

,


PC Card


, , ,

,

26
26
29
29
30
32
32
32
33
34
35
37
37
38
39
41
42
42
43
44
45
46
48

50

2. TCP/IP

DHCP
IP-


DNS


-



51
51
52
54
56
60
65
67
68
70

3.

OSI

TCP/IP
AppleTalk
AppleTalk
IPX/SPX
IPX/SPX
IPX/SPX Linux
NetBEUI
NetBEUI
NetBEUI Linux
NetBEUI

81
81
82
83
85
86
86
89
89
90
91
91
92
92
94

4.
SysV




inetd
/etc/inetd.conf
TCP Wrappers
xinetd
/etc/xinetd.conf

71
74
78
80

95
95
96
99
100
103
104
105
107
110
111
113
114


Linuxconf
YaST YaST2
ksysv

II.

116
116
118
120
122
124

125

5. IP- DHCP
DHCP

DHCP
IP-



-
-


NetBIOS
DNS-

126
127
128
129
130
130
133
134
134
138
138
139
140
141
144

6. Kerberos
Kerberos
Kerberos
Kerberos
Kerberos
Kerberos
Kerberos






Kerberos


Kerberos
Kerberos
Kerberos

145
146
147
147
151
151
152
153
154
155
156
159
160
161
161
162
162
163
166
172

7. Samba
Samba
Samba
Samba
Samba

Samba NetBIOS
Samba
Samba
Samba

Windows


Samba

PostScript-
, PostScript
Samba
postexec

Linux -
PDF-

174
175
176
176
176
177
178
180
182
184
185
186
187
189
190
190
192
194
197
197
200
201
205
206

8. NFS
NFS
NFS Linux

NFSv2 NFSv3

NFS







,

,

207
207
208
208
209
210
211
211
214
216
217
218

9.
LPD

219
220
'

222
222
223
223

_10

Linux
BSD LPD
/etc/hosts.lpd
BSD LPD
LPRng
/etc/lpd.perms
LPRng-
CUPS
/etc/cups/cupsd.conf
BSD LPD LPRng
CUPS

225
227
227
228
229
229
232
232
233
236
237
239

10.

NTP

Linux
ntp.conf
NTP
NTP
Samba
Samba
Windows-

240
240
241
241
244
245
246
249
251
252

11. : POP IMAP



POP IMAP


POP
IMAP

POP
POP Linux
POP
IMAP
IMAP Linux
IMAP
Fetchmail
Fetchmail
fetchmailconf
.fetchmailrc

254
255
256
256
258
258
260
262
263
263
264
264
265
265
265
266
268
273
277

252
253

11

12.

NNTP
INN

INN

Leafnode
Leafnode
Leafnode

278
279
280
282
283
284
291
291
292
293
298
299

13.

rlogind
rlogind
rlogind
rlogind
Telnet
, Telnet
Telnet
Telnet
SSH
SSH
SSH
, SSH
sshd_config
SSH-

300
301
301
301
302
304
305
306
307
309
310
311
312
313
314
316
321

14. X Window VNC


,

X Window
X Window
- -
- -
- SSH
-

XDMCP


VNC
VNC
VNC

322
323
324
325
327
330
331
332
334
334
335
340
342
342
344

12

VNC
VNC
VNC

345
346
347
351
353

15.






, Linux
,


354
354
356
356
358
361
361
362
364
366
369
370

16.


Linux
Linuxconf
Linuxconf
Linuxconf Web-
Webmin
Webmin
Webmin
Samba SWAT
SWAT
SWAT

372
372

17.


,
,
tar
tar

,
,
SMB/CIFS
Windows Linux

390
390
392
392
393
394
394
398
399
401
404
404

373
374
375
377
379
380
381
383
384
384
387
389


AMANDA
AMANDA
AMANDA
AMANDA
AMANDA
AMANDA

III. Internet

13

410
413
414
415
416
416
421
422
424

425

18.
DNS
DNS,
DNS

DNS Linux
DNS
BIND









,
DHCP

426
427
427
429
430
432
433
433
434
435
436
437
438
438
440
441
442
443
444
445
446

19. : SMTP
SMTP
, SMTP Linux

SMTP
SMTP




sendmail
sendmail

447
448
449
450
451
454
454
455
455
457
460
460

14

sendmail
sendmail

sendmail
Exim
Exim

Exim
Exim
Exim
Postfix
Postfix

Postfix
Postfix
Postfix
Procmail
Procmail



Procmail

20. Web-
Web-
, Web- Linux
Apache
Apache
Apache


Apache
kHTTPd

, CGI-
CGI-
CGI-
CGI-
Web-
, SSL
SSL
Apache, SSL



Web-

462
462
463
466
467
467
468
469
469
471
474
474
475
476
477
479
480
481
482
486
487
489
490
491
491
494
495
496
497
498
501
503
504
506
506
508
510
511
512
512
513
515
516
516
517
520


, Web-
Web-
Web-

Apache
Analog
Webalizer

21. -
-
, FTP- Linux
FTP-
FTP-
WU-FTPD
ProFTPd
FTP-
FTP-
FTP-
, FTP-

IV.
22.












,
,


Web-,
,

15
520
523
524
525
525
527
530
533
534
534
537
538
538
539
543
548
549
550
551
554

555
556
557
557
562
562
563
564
566
568
568
569
570
571
571
575
576
577
578
578
580

16

23. chroot
chroot
chroot



chroot
chroot
chroot
BIND chroot
chroot

581
581
583
583
584
585
586
586
587
587
590
591

24.









iproute2
ip
tc


routed
.
GateD
Zebra

592
593
594
594
594
595
595
595
596
596
597
597
598
601
601
604
604
605
606

25. iptables
iptables
iptables
iptables
iptables



NAT- iptables
NAT
iptables NAT-

,
iptables

607
607
610
612
612
612
615
615
622
622
625
625
626
626

17

627
629

26.
VPN
, VPN
Linux



-
FreeS/WAN
FreeS/WAN


VPN

630
631
633
634
634
634
636
637
641
642
643
648
648
650

651

Linux
Linux, .
.
, Help Net Security, www.net-security.org
Linux
. .
. , Linux Online
. 700
, Linux.
.
, West, DiverseBooks . com


11 2001 .
,
.

20

. 1970- 1980-. 1990- - . , World Wide Web Web-, Internet


. , -
. , .
, . ,
Internet.
Internet , , .
, Internet, , ,
.
Linux.
86, Linux , . Linux ,
.
Linux , .
? ,
, . , Linux, : HTTP- (
Apache), , Telnet SSH, , NFS Samba, .
.
, , . ,
,
, , , . , , , DHCP-,
Kerberos. . ,
.
, , Apache Samba, .
, ,
. , ,
, .


Linux , Linux.
Linux.
, Linux, , ,
- UNIX, , .

21
Linux, , , (Marcel Gagne) Linux System Administration: A User s Guide
(Addison-Wesley, 2002) (Vicki Stanfield) Linux System
Administration (Sybex, 2001).
, Apache Samba, , ,
, , xntpd xf s,
. , , , ,
, chroot,
, . . -
, ,
.

.
UNIX, Windows, MacOS , , ,
Linux.
, .
. ,
Linux, .

Linux
Linux ,
Linux ;
, . Linux
. , , Linux, ,
, . . , ; ,
. . ,
, , Linux,
sendmail, Exim Postfix. Linux
.
Linux.
,
.
. ,
Caldera OpenLinux 3.1, Debian GNU/Linux 2.2, Mandrake 8.1, Red Hat 7.2,
Slackware 7.0, SuSE 7.3 TurboLinux 7.0. ' ,
. , , , Linux , FTP, . . , . ,

22
,
.


,
. , ,
, Internet,
. ,
. .
I. ; .
, ,
.
II. , , , .
DHCP, Kerberos, Samba NFS, LPD,
, POP IMAP, , , X Window VNC, ,
.
III. ,
Internet. DNS, , SMTP, Web- FTP-.
IV. . , chroot,
, iptables,
NAT VPN.

,
,
.
.
, . , , ,
.
, , , , , , .
, , . # ,
root ( ).
$, ,
. . ,
, \.
, ,
.
,
. ,

23
, , , ,
. .
,
, , .
, ,
.

, ,
. , , , .

,
I . , , ,
,
, , ,
.

f " ", ,
. ' ' ., , /
?! , , , ,*'
" ; .
IP- . ,
(192.168.0.0-192.168.255.255, 172.16.0.0-172.31.255.255 10.0.0.010.255.255.255). , ,
, , Internet.


,
rodsmith@rodsbooks.com. Web-, , http://www.rodsbooks.com/
adv-net/.

(Karen Gettman) , .
(Emily Frey),
. , ,
.

24
(Karel Baloun), (Amy Fong), (Howard Lee
Harkness), (Harold Hauck), X. (Eric H. Herrin II),
(David King), (Rob Kolstad), (Matthew Miller),
(Ian Redfern) (Alexy Zinin).
, , , ,
. (David King)
Linux. , , (Neil Salkind) Studio
(Michael Slaughter) Addison-Wesley,
.

" " .
Linux; . .
, Linux ,
,
.
, , ,
. .
, .
, .
. , TCP/IP , .
Linux,
. .
,
,
. , Linux Kernel HOWTO (http:
//www. linuxdoc. org/HOWTO/Kernel-HOWTO. html) , Linux.


, , . , , . ,
, , -

1.

27

(, ,
).
, , , ( ,
). , Linux, http: //www. kernel. org.
, f t p : //sunsite. unc. edu , Linux. (,
, , ,
, .
, , .)
^^
%^

, .
(, 2.4.17), , . (, 2.5.2) ,
.
. , ,
.
,
. ,
. ,
. (back-port)
.

/ u s r / s r c / l i n u x
/ u s r / s r c ( ,
/usr/src/linux-2 .4 .17).
/usr/src/linux, .
, , ,
/usr/src/linux. ,
,
, .
/usr/src/linux,
. .
make conf ig. .
.
.
.
.
make menuconfig. , .
- . -

28

I.

Loadable module supper


Processor type and fe*
General setup
Memory Technology De
Paralel port support
Plug and Play canfigurai
Block devices
Multi-device support (F
Networking options
Telephony Support
ATAflDBMFM/RU. supp

Networtting options [

Help

* y ' j v f n ! v n , Packet socket


*v | v

Help

Packet socket: mmapped 10

Help

4/_yJ|v n^ljf % Hetlink device emulation


* '-v

j|v " j Network, packet filtering (replaces Ipchatns)


* n |

Network packet teriitgdehugojng

*_^BJ) Socket Hte*ig

Help| J

__ Help J

y]iv-_ra vn.i Unix domain sockets

I-2SJ

v " TCP/IP networking

_2!LJ
J5SJ

^n;| IP: multicasting


lrt

advanc

*" "J _ _
vJ4

|||

Help I

witor

.* ''

IPs as> tteWter xnkw * routing Key

J^J
Help

IP: (,-<<!! notwdrt! aifclrass tj-anslaili

Hdp

'H*.HlclwH)f>aU>

Help

v v '
Mam Menu

xt ,

, &**

. 1.1. Linux ,

, .
.
make xconf ig. make
menuconf ig, , .
.
X Window (X Window X).
.
; . make menuconf ig make xconf ig,
( , make xconf ig,
. 1.1).
Networking Options Network Device Support,
.
. Y, N, . 1.1. Y N
, ( modular compilation
) , ,
. .

1.

29

2.4.x Linux, ,
2.4.17. , ,
, -, .
2.2.x ; . 2.5.x
CML2, .
http: //tuxedo. org/~esr/cm!2/.


Networking Options , .
( TCP/IP).

, .


Linux , , ,
(socket). , .
,
.

; . , . .
Packet Socket.
, . ; ,
.
tcpdump, TCP IP. . . ,
, .
Packet Socket: Mapped IO. Packet Socket , , , .
Unix Domain Sockets. Linux ,
. syslogd , X Window (-
-,

30

I.
). Unix Domain Sockets , . ,
Unix Domain Sockets TCP-. ;
,
.

.
Packet Socket.


,
. IP- ( 25).
, IP- Internet
IP-. , , .
Socket Filtering. , , , . Socket Filtering
, ( ).
. , . DHCP
DHCP. DHCP (Dynamic Host Configuration
Protocol ),
.
Network Packet Filtering. , IP-.
Network Packet Filtering ; Network Packet Filtering Debugging,
. , IP: Netfilter Configuration.
.
Connection Tracking.
, . ,
. Connection Tracking , IP- , IP- . IP-.
Connection Tracking . , FTP,
IP-.

1.

31

IP Tables Support. iptables,


IP- (
25). IP
Tables Support ,
iptables .
, Match
Support. Connection S*ate Match Support, (stateful packet inspection).
25.
Packet Filtering, Full NAT LOG Target Support .
,
IP-.
Full NAT .
ipchains (2.2-Style) Support.
,
ipchains ( 2.2.x). ipchains , IP Tables Support
. ( iptables
ipchains , .) ,
ipchains.
ipfwadm (2.0-Style) Support. 2.0.x ipfwadm.
, ipfwadm,
. , ipfwadm
iptables, ipchains. ipfwadm-
iptables,
.
2.0.x 2.4.x Linux
. 2.4.x ; , ,
. ,
IP: Netfilter Configuration, .
,
.
,
Linux , , . ,
, . ,
.

32

I.

TCP/IP
,
. . , ,
, , . , ,
Internet. 24. , Linux
, IP: Advanced Router.

IPv6
Internet TCP/IP, ,
IP (IPv4). ,
, IPv4 . IP IPv4 32- , . . 232,
4294967296.
. IP. , IPv4
. , . . 2002 .,
, IPv4, ,
.
IPv6, IPv4. IPv6
128- IP-. IP- 2128, 3,4
1038 2,2 1018 .
IPv6 .
, IPv6, .

IPv6, IPv6, IPv6 Protocol (Experimental) Networking
Options. ,
IPv6: Netfiler Configuration.
, IPv6.
IPv6, Yes
Prompt for Development Incomplete Code/Drivers Code Maturity Level Options. To "" . IPv6 , ,
IPv6, .
, IPv6, "" , .

QoS
, Linux

. , , .
, ,

1.

33

. , Linux FIFO (first in/first out " "),


, , ,
, . .
, , , , . , , ,
, Internet-, . QoS
(quality of service ). QoS
and/or Fair Queueing Networking Options.
QoS, QoS and/or
Fair Queueing . . .
, CBQ Packet Scheduler
SFQ Queue. FIFO. QoS Support
Packet Classifier API, Differentiated Services Resource Reservation Protocol. QoS . QoS,
,
.
, QoS , ,
. , , ,
. , ,
. , ,
U32 Classifier,
.
QoS
, ip tc. 24,
, . ip tc
iproute2 + tc Notes (http://snafu.freedom.org/linux2.2Xiproute-notes.
html) Differentiated Services on Linux (http: / / d i f f serv. sourcef orge. net).


Linux . , ,
, . ,

. , NFS
, .

34

I.

2.4.x : HTTP, NFS


SBM/CIFS.
^^
, .
^^. , Linux , , ,
.

HTTP-
World Wide Web HTTP
(Hypertext Transfer Protocol ). , Linux HTTP,
Kernel HTTPd Acceleration. , /proc/sys/net/khttpd,
. HTTP
20.
HTTP ,
Web- (, ) . ,
. , Web-, , , Web-, Apache.
Apache;
" " Web-.

NFS
NFS (Network Filesystem ), Sun, .
NFS ,
. NFS Linux.
NFS 8.
, , ,
NFS. , NFS,
Network File Systems File Systems ( Networking
Options, ). NFS .
NFS File System Support.
NFS (. . , NFS , ).
Provide NFSvS Client Support. NFS
. 3 (NFSv3). , , NFS File System Support,
NFSvS. NFSvS NFS File System Support
.

1.

35

Root File System on NFS. , IP: Kernel Level Autoconfiguration Networking Options. Root
File System on NFS Linux.
.
NFS Server Support. Linux
NFS (. . ), .
NFS.
Provide NFSvS Server Support. NFS,
, .
NFSv3-mraeHTa, NFSv3
NFS.
NFS Linux UNIX.
,
.

SMB/CIFS
NFS , . Macintosh AppleTalk;
IPX/SPX, Novell. Linux, NFS, Samba, 8MB (Server Message Block
). CIFS (Common Internet
Filesystem ).
Samba 7.
Samba , , Linux SMB/CIFS ; .
Linux SMB/CIFS, 8MB File System Support, NFS File System
Support. (Use a Default NLS Default Remote NLS Option)
NLS (National Language Support
). ,
, , .
Linux SMB/CIFS, SMB/CIFS.
smbclient. ; ,
FTP.


TCP/IP, Internet, , Linux
. , -

36

I.

, Networking Options. ,
, TCP/IP Networking. ,
; .
Asynchronous Transfer Mode (ATM). ATM. ATM , ,
2.4.x , , Networking Options.
The IPX Protocol. IPX (Internetwork Packet Exchange ), Novell, , Netware. , Marsjnwe (
http://www.redhat.com/support/
docs/tips/Netware/netware.html). NCP File System Support, Network File Systems File Systems,
Netware, , NFS SMB/CIFS
Windows.
AppleTalk Protocol Support. Apple pleTalk,
Macintosh. AppleTalk Linux , Netatalk (http: //netatalk, sourcef orge. net/).
DECnet Support. DEC (Digital Equipment Corporation)
DECnet. Linux
DECnet, .
DECnet ,
http://linux-decnet.sourceforge.net.
Linux , Acorn Econet.
TCP/IP - . Internet ,
, TCP/IP. ,
, , Apple AppleTalk,
Macintosh AppleTalk,
TCP/IP.
Linux NetBEUI.
Windows SMB/CIFS.
3 .

1. '

37


Network Device Support ,
.
. Ethernet-, Network Device Support
, .
, Linux ,
. PC Card ( ) , Network
Device Support. , , .
,
Network Device Support, Network Device Support.
, .

Ethernet
, . . 2002 ., Ethernet.
, , , Ethernet . ,
, , Ethernet- .
, Ethernet- ,
'. , , : Ethernet (10 or lOOMbit) Ethernet (1000 Mbit).
. , , , 10
100 .
Ethernet- 100 (100- Ethernet), 1000 ( Ethernet).
Ethernet- 10 .
^^
Ethernet- ,
^ . ( 10 Ethernet-), ( 100-
Ethernet-, 10- Ethernet-) - ( Ethernet-). 100
( ). -
5 .
Ethernet (10 or lOOMbit) .
3Com, SMC, Racal-Interlan . ISA (Industry Standard Architecture),
EISA (Extended ISA), VLB (VESA Local Bus) PCI (Peripheral Component In-

38

I.

terconnect). Ethernet-.
- .
Ethernet-, Network Device Support . , ,
PC Card , USB Ethernet
USB Support. USB, , , ,
UHCI Support, OHCI Support, , , USB ADMtek Pegasus-Based Ethernet Device
Support.



, Ethernet ,
. Linux
. , Ethernet, ,
,
. , Network Device
Support.
Token Ring. Token Ring, IBM,
Ethernet, 1990 . Ethernet
. Token Ring
16 , 100 .
Token Ring 150-300 .
Token Ring Token Ring
Devices Network Device Support.
LocalTalk. Macintosh Apple , (LocalTalk), (AppleTalk) . LocalTalk
86; Linux.
AppleTalk Devices. , Linux, Macintosh, LocalTalk.
LocalTalk 2 .
ARCnet. ,
, , . ARCnet
19 10 . , - .
ARCnet ARCnet Devices. ,
, ARCnet (RFC 1051 RFC 1201).
FDDI CDDI. FDDI (Fiber Distributed Data Interface - ) CDDI (Copper Distributed Data Interface ""

1.

39

) 100 . FDDI 10 Ethernet , 2 . , Ethernet - 5 .


2.4.17, FDDI/CDDI,
, FDDI Driver Support.
HIPPI. HIPPI (High Performance Parallel Interface ) 800 1600 .

25 , - 300, - 10 . 2.4.17 HIPPI Essential RoadRunner. , .
Fiber Channel. - ,
133-1062 . - 10 . 2.4.17
Fiber Channel Interphase 5526 Tachyon.
, Token Ring,
, , . , FDDI HIPPI,
,
, ,
. Linux , Linux ,
.
^^
^^

, , Linux, Ethernet. , , ,
. Ethernet . ethO, ethl
. . , ,
Token Ring trO, FDDI fddil.

" " . , , , , , . ,

40

I.

, (, 200 ). ,
200 ,
Ethernet, 200 ,
56 , .
Internet-
, .

Internet. , . ,
, . , ,
.
DSL (Digital Subscribe Line ) . DSL, ADSL
(Asymmetric DSL DSL) SDSL (Single-Line, Symmetric DSL , DSL). DSL-
.
. , -
.

, Ethernet. , , , Ethernet-, , Linux.
, (Point-to-Point
Protocol over Ethernet Ethernet).
Linux,
over Ethernet Network Device Support (
). over Ethernet ,
Support. , Roaring Penguin
( http: //www. roaringpenguin. com/pppoe/).
Ethernet USB.
2.4.17 , Alcatel Linux- Speed Touch USB DSL (http: //www. alcatel.
com/consumer/dsl/supuser.htm). USB-
http: / / w w w . linux-usb. org.
, ADSL-, PCI-.
Linux. , 2.4.17
General Instruments Surfboard 1000
. (one-way) , -

1.

41

.
, .
. Diamond 1MM DSL http://www.rodsbooks.com/network/network-dsl.html,
Ethernet-
2.4.x .
, , , .
, . ,
,
. , , , WAN (Wide-Area Network).
, WAN-.

. Linux ;
Wan Interfaces Network Device Support.
, , , , Wan Interfaces
Support, .


, ,
.
, . , -
, , ,
.
,
Ethernet-. 9 Ethernet, , , , .
802.11 802.11. 802.11 2 1 .
,
. 802.11 11 5,5, 2 1 . Bluetooth,
1 . .
ATM 155 .
, PC Card, . ,
, , .

42

I.

Internet. ISA PCI-,


. PC Card, ISA PCI Linux ;
.
Linux , Wireless LAN (Non-Hamradio).
, , (, 802.lib Bluetooth). , Wireless Extensions Wireless Tools, ,
Linux. http: //www. hpl.
hp. com/personal/Jean_Tourrilhes/Linux/Tools .html. , .

PC Card
PC Card.
( Linux PC Card PCMCIA. PC Card . Linux ,
, PC Card Card Services. PC Card Card Services
, . Card Services , http:
//pcmcia-cs.sourceforge.net.
2.4.17 PC Card PCMCIA
Network Device Support. , , Wireless LAN (Non-Hamradio). , ISA PCI. , , Ethernet PC Card
ethO, , 2.
, 2.4.x, PC Card . , PC Card
Linux. Card Services. 2.4.x, PC
Card ;
, SCSI- .


. ,
(Point-to-Point Protocol ).
, .
2.

1.

43

,
(Point-to-Point Protocol) Support Network Device Support.
, , Support
for Async Serial Ports Deflate Compression. ,

, .
DSL-, over Ethernet. -
.
, , , ,
. , , Ethernet-
.
,
.
,
. Linux SLIP (Serial Line
Internet Protocol Internet ),
, . SLIP , Internet-,
. SLIP Linux
. , ,
dial-on-demand, . . - , SLIP
.
SLIP,
FLIP (Parallel Line Internet Protocol Internet ). , ,
( ).
,
RS-232; ,
, Ethernet .
PLIP, PLIP (Parallel Port) Support
Network Device Support; Parallel Port Support , 86
PC-Style Hardware. PLIP
PLIP Mini-HOWTO (http: //www. linuxdoc. org/HOWTO/mini/PLIP. html).
Turbo Laplink, .


, , .
,

44

I.

. , . .
, | , .
, EIDE, SCSI, , .
,
.
,
(, ). Linux Kernel HOWTO,
http://www.linuxdoc.org/HOWTO/Kernel-HOWTO.html (
).
Linux.

, , ,

,
, ,
Ethernet-. . 1.1 , , .
Packet Socket. Y, N. Y (Yes)
, , ,
, N (No) . "" . ,
, .
, . ,
(, Packet Socket: Mmapped IO, . 1.1),
.
.
, ,
. , ,
. ,
. , , , , ,
. Root File System on NFS,
.
, ,
, ,
: ,

1.

45

. , ,
. Linux
, , .

. ,
, , ,
.
Linux , , ,
, .
,
,
. ( , ,
, .) ,
,
Linux, , , , .
.
. (
TCP/IP; , ; ,
, .) , ,
, ,
NFS, ,
NFS . , , NFS
,
, , , NFS,
.
, , , ,

, . , .
, ; , .
LOADIN (DOS-
Linux) , . LOADIN ,
.


, make xconf ig
, ,
. :

46

4
f
f
t

I.

make dep
make bzImage
make modules
make modules_install

. dep
dependency, make dep , .
, .
, bzlmage /usr/src/linux/arch/i386/
boot. . , make z Image (
bzlmage , LILO,
, z Image). z Image, bzlmage
. 86,
make bzlmage make vmlinux.
. ,
, . , 86, 1386 ,
. , , PowerPC
.
make modules, , . make modules_install , , /lib/modules. , /lib/modules
, , , , .
^^
make dep, make bzlmage ( ) make
%\ modules , ,
, . make modules_install
root.
,
. , , , ,
, . ,
. , .
.

,
, , ,
, . ,
, .

1.

47

. ,
. , , .
. ,
, , , .
, .
.
, ,
. , , .
:
, . , .
, , .
, make dep, . ,
( , . .
, , ,
).
. ,
, make , , .
,
. ,
.
, make clean,
, .
. GNU Compiler (GCC) , , . GCC,
Red Hat 7.0, 2.2.x,
2.4.x. ( Red Hat 7.0
GCC; ,
kgcc.)
. GCC ,
. signal 11, GCC . , ,
. http: //www. bitwizard.
nl/sigll.

48

I.

, , , Linux,
.os .linux.misc. ,
, , .
( , , .)


, .
, / u s r / s r c /
Iinux/arch/i386/boot ( i386 , ).
/boot. , , . ,
bzImage-2 . 4 .17 bzImage-2 . 4 .17-xfs. make
modules_install , ,
/lib/modules/x. . z, x . y . z .
/boot . , .
Linux Loader (LILO); /etc/lilo.conf. 1.1 lilo. conf, .
1.1. lilo. conf

boot=/dev/sda
map=/boot/map
install=/boot/boot.b
prompt
default=linux
timeout=50
image=/boot/vmlinuz
label=linux
root=/dev/sda6
read-only

LILO 86. ,
""S\ .
LILO . .

, .
1. /etc/lilo. conf .

1.

49

2. , , . image=. , image=
other=. 1.1 .
3. image= , . , image=/boot/vmlinuz
image=/boot/bzImage-2 .4 .17. ( Linux
vmlinuz.)
4. label= , = ,
mykernel 2417.
.
.
5. .
6. lilo ,
.
, /etc/lilo . conf
f . . 6 . ,
, .
LILO , . ,
, lilo:.
, /etc/lilo.conf
, .
def ault=. =, ,
. 4, lilo.
Linux LILO.
LILO Grand Unified Boot Loader (GRUB). GRUB . ,
Linux DOS- LOADIN. , , DOS, ,
DOS . Linux :
:> LOADIN BZIMAGE root=/dev/sda6 ro
BZIMAGE , DOS,
a /dev/sda6 , Linux. , ,
( Linux ).
LOADIN , , LILO. , LOADIN Linux, LILO
. DOS, FreeDOS (http: //www. f reedos . org), . LOADIN
Linux. - dosutils.

50

I.

Linux -,
. Linux , .
,
, , . ,
, : Networking Options Network Device Support.
. ,
, .
, LILO.

2

TCP/IP
Linux
, .
, : IP-, DHCP (Dynamic Host Configuration Protocol
) (Point-to-Point Protocol). DHCP IP-,
. IP- .
, , . , . ,
, ,
.



. 1,
: Linux
. .
, . LILO,
append, /etc/lilo. conf. , , ethO (
) 0x240.
append="ether=0,0,0x24 0, ethO"

52

I.

append , . , ;
. , ,
.
.
, /etc/modules .conf (
/etc/conf .modules). , :
alias ethO ne
options ne io=0x240
, ethO,
- 0x240, , . .
, .
,
, . ,
/etc/modules .conf.
. /etc/modules . conf,
Linux . - , insmod.
# insmod ne
. , , , /etc/.d/rc.local
/etc/re.d/boot.local.
, SLIP
PLIP, . ,
, , .
, : , .
. , , USB, .

DHCP
DHCP, Linux , IP-,
DHCP. DHCP DHCP,
, .

53

2. TCP/IP

This dialog allows you


to configure your IP
address.
You can select
dynamic address
assignment, if you
have a DHCP server
running on your local
network. You also
should select this if
you do not have a
static IP address
assigned to you by
your cable or DSL
provider. Network
addresses will then be
obtained
automatically from
the server.
Configuration will be
finished by clicking the
Next button.

Network address setup


Network device jettiO ,,' '
Choose the setup ftiethcd

Subnet mask

Detailed settings

._;

. 2.1. DHCP

, IP-, , , .
, DHCP, . . "\ IP- , 5.
DHCP IP-.
Linux DHCP
, , .
, ,
.
Linuxconf (Red Hat Mandrake), COAS (Caldera), YaST YaST2 (SuSE).
. 2.1 YaST2 Automatic address setup (via
DHCP). IP DHCP.
, DHCP ;
.
DHCP. Linux
DHCP: pump, dhclient, dhcpxd dhcpcd ( DHCP dhcpd). ,
DHCP, DHCP, Linux. ,
- DHCP .

54

I.

DHCP. , DHCP. , -,
. , DHCP, .
, , - DHCP.
.
- . (NIC network interface card), DHCP IP-
. , , -
(, ) .
DHCP, , .
. 2.1 Linux
DHCP, , DHCP, , DHCP.
( if up Debian, , , ,
DHCP. if up , /etc/network/interfaces.) DHCP,
, ,
. ,
, . 2.1,
DHCP.
, DHCP, DHCP,
. , , .
, DHCP. , . , DHCP
, ; dhcpcd,
-h _.
( . 2.1),
, IP-
DHCP.

IP-
DHCP , IP- . (,
DHCP) DHCP. , DHCP .
IP- . -

2.1. DHCP Linux


Linux

DHCP
no
dhclient

DHCP

Debian GNU/
Linux 2.2
Linux Mandrake 8.1

pump

dhcpcd

dhcpcd

dhclient, dhcpxd


DHCP
/etc/sysconf ig/
network- scripts/
ifup-dhcp
/sbin/ifup
( )
/sbin/ifup

Red Hat Linux 7.2

pump

dhcpcd

/sbin/ifup

Slackware Linux 8.0

dhcpcd

SuSE Linux 7.3

dhcpcd

dhclient

TurboLinux 7

dhclient

/etc/re. d/rc.
inetl
/etc/init .d/
dhclient
/sbin/ifup

Caldera OpenLinux
Server 3.1


/etc/sysconf ig/network,
/etc/sysconf ig/network- scripts/
if cf g-ethO, /etc/dhcp/dhclient . conf
/etc/ network/ inter faces
/etc/sysconf ig/network,
/etc/sysconf ig/network- scripts/
ifcfg-ethO
/etc/sysconf ig/network,
/etc/sysconf ig/network- scripts/
ifcfg-ethO

/etc/re. conf ig
/etc/sysconf ig/network,
/etc/sysconf ig/network- scripts/
ifcfg-ethO

56

I.

. , ,
, .

<^ , -, IP-; in
. , IP-
. ( DNS IP-
18.) IP-,
, DHCP (
, 5),
DNS.


, , . , IP- , . if conf ig,
, , , .

ifconfig
i f c o n f i g .
:
i f c o n f i g [ ] []
ifconfig.
.
ifconfig , , . . .
(, ethO trl),
.
, ifconfig .

.
ifconfig , , . ,
, ifconfig,
. .
up . IP-. ,
, ( IP- . 2.2). up ;

2. TCP/IP

57

2.2. IP-

Class A
Class
Class

1.0.0.0-127.255.255.255
128.0.0.0-191.255.255.255
192.0.0.0-223.255.255.255

10.0.0.0-10.255.255.255
172.16.0.0-172.31.255.255
192.168.0.0-192.168.255.255

255.0.0.0
255.255.0.0
255.255.255.0

if conf ig IP-,
.
down. up, . .
("" ).
netmask nm. .
, IP- ;
. , ,
(. 2.2).
up , .
[-]promisc. ,
. (promise) (-promise) ,
(promiscuous mode), , .
. ( , .)
.
mtu . MTU (Maximim Transfer Unit ), . .
. Ethernet MTU 1500,
. ( MTU, ,
MTU.
,
,
.)
add /_. ,
up netmask, IPv6. ( IPv6
Internet.)
1, IPv6 , IPv4.
, . . 2002 .,
.
del / _. add, . .
16-, .

58

I.

media . (, 10Base-2 10Base-T). ,


(, media 10Base-T).
.
hw .
. , ,
DHCP IP-, , .
, . ;
hw .
: (, ether Ethernet ARCnet
ARCnet) . ,
.
txqueulen . , . . , .
100, .
,
, Telnet SSH.
if conf ig
. , Ethernet- 172.23.45.67.
# i f c o n f i g ethO 1 7 2 . 2 3 . 4 5 . 6 7
, .
# ifconfig ethO 172.23.45.67 netmask 255.255.255.0 mtu 1420
, , IP- , .
;
, . , , , . ,
255.255.255.0 24 .
, . ,
, IP- . , 172.23.45.67/24 172.23.45.67 255.255.255.0.
if conf ig
up ; netmask nm .

2. TCP/IP

59

IP-
,-:-",, .,",.,-.. ->.,>; ',';$..'---,-. - >, ,'<<- -.--'', /'':-'.;V '
IP- , * ! . ,

. 192.168.. ( ),
172.16.0.0-172.31.255.255 ( ) 10... ( ). Internet,
; - ,
\"\'
".-.
:;
, , . 2.2,
D . D (
),
;
.
.
. 2.2 . G 1990-
. , , IP-,
, ',
. CIDR
(Classless Inter-Domain Routing ) IP-, .
, , , , 10.34.56.0/24 .34.57.0/24. ; , ' , , .
.
, , , tfconfig
10.34,56.78, -;
255.0.0.0 . ,
10.34.56.0/24 255.255.255.01


, if conf ig
. :
# ifconfig ethO up 192.168.1.1
# ifconfig ethl up 172.23.45.67/24
'
ethO 192.168.1.1,
ethl 172.23.45.67; ethl
255.255.255.0. . , ? , ,
, ,
10.9.8.7. , ,
? ( )
. , ,
.

60

I.


. -, ,
.
, ,
. . ,
, Linux, . 127.0.0.0/8,
IP- 127.0.0.1. ,
.
, .
, . , , ,
.
(Address Resolution Protocol ). , , ,
, , ,
. Linux
, .
route.
Internet
^* ,
. , , ;
, .


, ,
, . , ,
, ,
, . . , .
,
, ,
.
, Internet. .
, ,
. . 2.2 , route -n ( route
). , , , ,
, . 255.255.255.255, . . . -

61

2. TCP/IP

.rodsmlthQspesker rodsmlthl$ route -n


Kernel IP routing table
Destination
Gateway
Genask
2 5 5 . 2 5 5 . 2 5 5 . 2 5 5 0.0.0.0
255.255.255.255
10.92 .68 . 0
0 0 0 0
255.2SS.255.0
1S2.168.1.0
0.0.0.0
255.255.255.0
127.0.0.0
0.000
255.0,0.0
0.0.0.0
1092.68.1
0.0.0.0
(rods1thQspeaker rodsmlth]$ I

Flags Metric Ref


UH

U
U
U
IJC

Use
0
0
0
0
0

[face
EthO
ethl
ethO
10
ethl

. 2.2. ,
,
Destination, , Genmask

ethO, .
10.92.68.0 192.168.1.0,
;
255.255.255.0, Genmask.
ethl ethO.
, .
(
Linux, Debian,
, ). ,
1 ( If ). , 0.0.0.0, .
0.0.0.0 ,
, ,
. ethl. , (
10.92.68.1).
if conf ig , .
, . , Linux,
. , , , . ,
, .

route
route ,
. (, -, ,
IP-).
route , . route :
route add | del [-net | -host] target [netmask nm] [gateway gw]
[metric m] [mss m] [window W ] [[dev] interface]
.

62

I.

add I del. add , , del .


. .
[-net I -host].
(-net), (-host).
route ,
. , ,
.
__. , . 0.0.0.0 default.
.
[netmask nm]. , , , route,
Linux, .
, route netmask nm. (
, , .)
[gateway gw]. , ,
. ,
, route gateway gw.
, .
[metric ]. . 2.2 Metric. , . . "" .
"" . , ,
,
, "" . metric ,
. 24.
[mss ]. mss (MSS Maximum Segment Size). metric ,
.
[window ff]. (TCP Window Size) ,
, . ,
, ,

2. TCP/IP

63

. , , .
( Linux
64 ). , (, ),
128 .
[ [dev] _$]. , Linux IP- . , route [dev] _. ( dev ,
, ethO trl.)
route . , i f c o n f i g
. route
.
# route add O . O . O . O gw 1 0 . 9 2 . 6 8 . 1
0.0.0.0 default;
. route
, -net .


, i f c o n f i g

. .
, ,
.
i f c o n f i g .
route
.
Linux,
. , IP-.
, :
# echo "1" > /proc/sys/net/ipv4/ip_forward
(. . ), ,
IP-.

64

I.

. , , .
, , ,
, ,
. ,
. ,
, .
IP-, Internet , ,
,
NAT (Network Address Translation ).
25. NAT
, ,
, .
.


, . , .
,
Internet. . , . 2.3.
, , , . ,
, ;
,
. Office 2 ,
, , Office 1. Office 1 .
Internet, , ,
172.20.0.0/16, Office 2.
, :
# route add -net 172.20.0.0 netmask 255.255.0.0 gw 172.21.1.1
, . 2.3, ,
Office 1 Office 2


fj
CJ
f+
.
, , .
.

2. TCP/IP
Office 1
10.98.17.0/24

65
Office 2
172.20.0.0/16

. 2.3. , , ,

, Office 2 Office 1 172.21.1.1. ,


Office 2 ( Office 2 Office 2 , Office 1
).
Office 1 route ,
:
, , Office 2.
, Office 1
,
, .
.
, Office 1 , Internet.
Office 1 : , . . ,
Internet, ,
Office 2. ( Office 1 -,
, , , .
,
.) , .

DNS
, , .
IP-. ,
. (,
www. awl. com) IP-, ,

66

I.

(DNS Domain Name System). , DNS


.
DNS ,
. ,
DNS.
Internet .
, . ,
/etc/resolv. conf.
, name serve , IP-
DNS. ( domain) ,
. , ,
(, mail. threeroomco. com mail). /etc/resolv. conf, ,
2.1.
2.1. /etc/resolv.conf
domain threeroomco.com
search tworoomco.com fourroomco.com
nameserver 10.98.17.34
nameserver 172.20.13.109

search f , . , , 2.1 (tworoomco.com


f ourroomco. com), www. ,
, /etc/resolv.
conf, www, , , ,
. , , . ,
, ,
domain search. , , /etc/resolv. conf,
www. awl. com, www.awl.com.threeroomco.com, www.awl.com.tworoomco.
com w w w . a w l . c o m . f o u r r o o m c o . c o m
www. awl. com. , com .
/etc/resolv. conf , . . Linux
.
, Linux
DNS, . -

2. TCP/IP

67

, 18. 18
. ,
, , Internet.


TCP/IP , . , Linux hostnane,
. ,
. (, hostnane larch,
threeroomco. com), .
-f -file hostnane ,
hostnane -f /etc/HOSTNAME. , . /etc/hostnane,
/etc/HOSTNAME ,
(. . 2.1).
, .
, Usenet, , . /etc/hosts.
, DNS. /etc/hosts
, IP-, . IP- ,
, ,
larch.threeroomco.com.
. , larch.
DNS , /etc/hosts. DNS
DNS , /etc/hosts
. , , ,
127.0.0.1 localhost. localdovaib localhost.
/etc/hosts .
1 0 . 9 2 . 6 8 . 1 larch.threeroomco.com larch
1 2 7 . 0 . 0 . 1 localhost.localdomain localhost

( sendmail), , DNS
/etc/hosts.

,
hostnane /etc/hosts

68

I.

. ( DNS
.)

, /etc/hosts; DNS . /etc/hosts


.
DNS.


.
/etc/hosts DNS /etc/resolv. conf.
, , , , .
. , if conf ig, route hostnane, ,
. ,
.
.



(
; Debian Slackware, ,
).
Red Hat Mandrake. Linuxconf
, .
, LinuxPPC.
, , , .
linuxconf, . ( ), , Web-,
.
SuSE. SuSE YaST (Yet Another Setup Tool)
YaST2. YaST . YaST2
, YaST, . YaST2 . 2.1.
yast yast2.
Caldera. Caldera COAS (Caldera Open Administration System) .
xterm coastool.

2. TCP/IP

69

TurboLinux. TurboLinux
TurboLinux Configuration Crnter.
turbocfgcenter.
. Webmib (http: //www. webmib.
com/webmib/) , Web.
Linux, ,
Linux, UNIX. Linux
, Webmib ,
.
-,
.
, , . ,
, . 2.1, Static Address
Setup, IP-, Hostname and Nameserver
Routing .
. . , ,
. ,
. .


. 2.1 , DHCP .
IP-.
, ifconfig, route, hostnane .
,
, ,
DHCP IP-. ,
, ,
,
.
,
.
/etc/re.d/rc. local, SuSE
, /etc/re. d/boot. local. Debian ,
/etc/re. boot. , ifconfig route.
, , , .
, .

70

I.

-
,
Linux ,
(, Ethernet). ( II III).
,
IV. .
. ,
, , Internet; . ,
Internet ,
IP-. NAT,
25. , NAT
, -. -
.
. Ethernet
DSL , . Linux,
' .

Roaring Penguin (http://www.roaringpenguin.com/pppoe/).
RPM.
i
Roaring Penguin [,,
asdl-setup tkpppoe (asdl-fsetup - , tkpppoe Roaring Penguin, |\, ).

asdl-start. asdl-start -.
, ,
, ,
i j
, Roaring Penguin ,
. Linux DSL
Ethernet; ,
Ethernet-. DSL
USB .
.
.
/,!
,,- ,

2. TCP/IP

71



; . ,
. -
. , - Linux,
, , Windows. , - ,
Linux.

.
, Desktop Environment (KDE). ,
. KDE GNOME ( GNU Network
Object Model Environment, GNOME), ,
, X-ISP (http: / / x i s p . hellug. gr).
^^
HA^fcv, . ,
.
/dev/ttySO, /dev/ttySl - .
devf s (http:
//www.atnf.csiro.au/~rgooch/linux/docs/devfs.html), /dev/tts/0, /dev/tts/1 . . ,
minicom Seyon ( Linux). AT, ,
Linux.
, xterm kppp.
, . 2.4. , Connect to
, Ligin ID . , ,
.
1. Setup. Configuration
(. 2.5) , .
2. New. , . , , ,
. -

72

I.

Connect to:
Login ID:

{penguin

Password:
" snow log window

. 2.4.
, ,

. 2.5. Configuration , -, , ,
,
, New
Account, . 2.6.
3. Connection Name .
4. Add. ,
. ,
, Phone Number.
, .
, .

73

2. TCP/IP

Dial Setup Connection Name: j A Small ISP


Phone Number;

Authentication;

.,,^,
!x store password

, Customize pppd arguments..-

OK

ncelj

. 2.6. New Account


5. PAP (Password
Authentication Protocol ), , New Account .
, , CHAP (Challenge Handshake Authentication Protocol
).
6. DNS,
DNS New Account DNS
IP Address, Add.
7. New Account. ,
Configuration (. . 2.5).
8. Device Configuration. Modem Device ,
. /dev/modem,
/dev/ttySO, /dev/ttySl .
Connection Speed. 57600, 115200
. ( .)
.
. ,

, .

74

I.

9. Configuration.
(. . 2.4).

Configuration, New Account, . , , .


^
,
. ,
, , . HOWTO (http: //www. linuxdoc. org/
HOWTO/PPP-HOWTO/) -, - .

-
. Connect
( ).
, , "" ,
. ,
Show Log Window .
, , ,
Connect ( Login ID) .
Connect. ,
( Store
Password New Account).
Connect .
. ( ,
.) , , ,
.
, .
, . | , .
, -, . , ,
-, (,
).
, -
.


,
-, . , , --

2. TCP/IP

75

,
. . ,
.
.


, , , PAR , ,
, /etc/ppp/pap-secrets. (
CHAP /etc/ppp/chap-secrets. chap-secrets , pap-secrets.)
/etc/ppp/pap-secrets ; :
_ IP-

. .
1_ . , . ,
Linux;
.
. ,
-. , ,
*, , .
. , ,
.
IP-. IP-, . , - IP-, (. .
).
pap-secrets . ,
| , ,
- . . ,
.
pap-secrets root, .
pap-secrets.
, pap-secrets

76

I.

. pap-secrets
.
penguin * wSterfowl


, CHAP, ,
.
, , /usr/share/doc/ppp-sepcim/scripts;
, ,
2.4.0. .
-on. , ,
Linux-
(pppd).
ppp-on-dialer. -on ppp-on-dialer pppd,
ppp-on-dialer .
ppp-of f. -.
, -on, ppp-on-dialer.
, , , ,
, /usr/local/bin. -on
.
TELEPHONE
. TELEPHONE=
123-4567.
ACCOUNT PASSWORD. , ;
.
IP- IP , LOCAL_IP
REMOTE_IP. , ,
NETMASK.
.
DIALER_SCRIPT , ppp-on-dialer. (, DIALER_SCRIPT
, , , .) /etc/ppp/
ppp-on-dialer, , ,
ppp-on-dialer .

2. TCP/IP

77

pppd.
. , , , . , , ( /dev/ttySO),
( 38400, 115200, , ).
-on,
ppp-on-dialer. pppd , , , , ( ,
CHAP). chap, . , , .
, ,
, chat .
. , ABORT chat .
(\), ,
. ( chat
; "-"
.) .
ppp-on-dialer.
, ,
. ( ACCOUNT
PASSWORD; -on.)
#, ,
. , .
, pppd
CHAP, chat .
CHAP , , ,
, . , , , .

.

-
. ,
-on, . ( -on , PATH,
.) ,
; .

78

I.

, Internet
- Internet-.
, , (
/var/log/messages). pppd, ,
. -
-, chat .
, ,
, http: //groups . goggle. com.
, Usenet
Linux. , -. , , , , , .
, HOWTO.
,
- root. . , , .
. ,
, , SUID, root.
, . ,
,
. , , , , .
IP- DNS, -. /etc/resolv. conf ( ).



. -
, ,
. ,
, , Internet,
. (dial-on-demand). Linux
diald. ,
, -. ,
, . , ,

2. TCP/IP

79

, , ,
Internet; -, .
, , diald
-, . ,
, , ,
.
. , , Web-
. , - ,
Web- , . , -, ,
, -.
diald , Linux SLIP ( 1).
SLIP diald. , -.
, diald Linux,
. http://diald.sourceforge.net, ,
diald RPM Debian, http: //www. rpmf ind. net http: / / w w w . debian. org/distrib.
packages.
diald , .
/etc/diald.conf. , , -on, , ,
(device), (speed).
local remote IP-
diald. ,
, . IP-,
, , 192.168...
/etc/ppp/diald-dialer.
ppp-on-dialer.
, ppp-on-dialer.
/usr/lib/diald/standard. filter. . , diald .
, , - ,
/usr/lib/diald/standard.filter.

80

I.

CHAP, , /etc/ppp/pap- secrets


/etc/ppp/chap-secrets. ,
-, . /etc/resolv. conf DNS,
. diald,
/usr/sbin/diald. root. diald
, , -. Internet ,
, - Internet.
.
, diald
, SysV
(/etc/re. d/rc. local /etc/re. d/boot. local). diald ,
NAT-.

,
. Ethernet. Linux
Ethernet. IP- , DHCP. Linux
.
, Ethernet. -.
. - pppd, Linux .
pppd ,
diald. ,
Ethernet .

,
. ,
, .
. 1, , ,
. TCP/IP.
TCP/IP Internet, ,
,
Linux. 2 TCP/IP.
, , Linux.

TCP/IP. : AppleTalk, IPX
NetBEUI. , Macintosh PC Windows. .



, ,
, , ,
. .
.

82

I.

OSI
OSI (Open System Interconnection ).
, . , , ,
OSI, . ,
. . OSI , , , , . .
. ( ,
. ,
.)
. ,
. , , ,
, , , . . 3.1
.
^

OSI ,
,
. TCP/IP, AppleTalk NetBEUI
OSI. TCP/IP
, .

OSI ;
, . ( .
, .) ,
, . , ,
. , , Web- Web-. ,
. (
, , SSL,
.)
,
.
.
, ,
. , ,
,

83

3.

. 3.1.

.
,

,
. , ,
, , .
, ,
. , TCP/IP, Linux, Windows,
MacOS BeOS, , , .


, ,
, .
. -

84

I.

]1*-< TCP- RP-


Ethernet

Ethernet

. 3.2. .
,

, ( ,
, ). , , , ,
. ,
.
FTP (File Transfer Protocol ) Ethernet.
TCP/IP.
, Ethernet.
. , ,
( , ).
, , .
. 3.2. .
,
, , Ethernet IP- Ethernet-. . IP, TCP FTP,
. 3.2, .
,
. ,
.
, . 3.2. ,
Web-, FTP, . 3.2,
HTTP. , Ethernet,
Ethernet ,
. ,
, . . .

3.

85

Internet,
, , .
,
, , IP- , ,
, , ,
, . . ,
, .
.

TCP/IP
TCP/IP . ,
.
, .
TCP/IP .
, . . TCP/IP
. Internet;
, . TCP/IP ( IPv4 32 , IPv6
128- ; IP- 2),
, .
, TCP/IP
Internet.
TCP/IP UNIX; Linux ""
. Linux, UNIX
. , ,
UNIX Linux, TCP/IP,
.
TCP/IP HTTP, FTP, SMTP (Simple Network Mail Protocol ), NFS (Network File System
), Telnet, SSH (Secure Shell ), NNTP (Network
News Transfer Protocol ), X Window
. , ,
,
. , , Windows
NetBEUI (NetBIOS Extended User Interface
NetBIOS), 8MB (Server Message Block
) / CIFS (Common Internet Filesystem ) NetBIOS (Network Basic Input/Output System -). Windows 95 Windows
. , Apple,
, AppleTalk, .
,
, . , , -

86

I.

, TCP/IP. ,
Macintosh AppleTalk, DOS Windows
IPX NetBEUI.
Linux.

AppleTalk
AppleTalk
LocalTalk. Macintosh,
1980-. ( , AppleTalk;
.) Ethernet Apple AppleTalk
Ethernet;
EtherTalk. Linux AppleTalk
LocalTalk, Ethernet.
, Linux, Macintosh,
LocalTalk,
AppleTalk Ethernet. Macintosh
Linux AppleTalk ,
Ethernet-.

AppleTalk
TCP/IP, AppleTalk 32- . IP-, AppleTalk : .
IP, : 16 32 , 16 .
AppleTalk , .
. ( ,
, .)
AppleTalk- , , .
, , , .
. , .
Netatalk ( , AppleTalk Linux) AppleTalk- TCP/IP. , ,
larch. threeroomco. com, Nettalk
larch. . (
, ,
TCP/IP.)
AppleTalk-, , ,
, .

3.

87

AppleTalk
. AppleTalk, MacOS,
Windows NT 2000, Linux, BeOS .
AppleTalk , ,
MacOS. ,
, .
, Macintosh MacOS X, NFS. Netatalk (http://nettalk.sourceforge.net),
AppleTalk Linux,
.

AppleTalk
. ,
TCP/IP Netatalk (
, ,
, Netatalk). , . TCP/IP
IV.

AppleTalk Linux
Netatalk, Linux,
AppleTalk.
.
AppleTalk. afpd
Linux . Macintosh. AppleTalk, TCP/IP, , Linux
Macintosh,
. ( , LocalTalk Ethernet.)
afpd. conf, /etc/atalk. AppleVolumes . default, AppleVolumes . system
Macintosh,
MacOS.
AppleTalk. papd Linux
Macintosh. Ghostscript (
Linux) papd
PostScript- , . ,
, AppleTalk TCP/IP.
AppleTalk. Linux , AppleTalk,

88

I.

. , Linux
, Macintosh, , .
Linux .
. , 9, Linux
.
; , , -. , , pap -p Laser2 saraple.ps ,
sample .ps Laser2.

atalkd, AppleTalk ( ,
AppleTalk- ).
atalkd. conf,
/etc/atalk.
Netatalk ,
, Linux AppleTalk.
1.03b-alpha afpfs,
. , Linux , Macintosh, NFS
SMB/CIFS, MacOS NFS- DAVE
(http: / /www. thursby. com).
, AppleTalk ,
,
. ,
AppleVolumes .default. ,

(, ~), /mnt.
/rant "Mount Points" options=noadouble
. ,
Macintosh /mnt, options, .
noadouble, , AppleDouble ,
, . (AppleDouble
, . AppleDouble ,
MacOS.)
Netatalk , ,
, .
Netatalk , SysV
. ( 4.)
atalkd, af pd papd. Netatalk
, atalkd ; -

3.

89

.
, &.

IPX/SPX
IPX (Internetwork Packet Exchange )
Novell . , Xerox.
IPX SPX (Sequences Packet Exchange
). IPX SPX , AppleTalk NetBEUI. IPX/SPX NetWare, , DOS,
Windows ,
IPX/SPX. IPX/SPX
NCP (NetWare Core Protocol NetWare),
. IPX/SPX Linux;
( 1),
.

IPX/SPX
TCP/IP AppleTalk, IPX/SPX 32- ,
, 2391002. , ,
, . ,
; IPX/SPX .
,
IPX/SPX, , IPX/SPX Ethernet, , , 48-
.
,
IPX/SPX .
IPX-, TCP/IP. (
IP IPX.
, IPX/SPX .
IPX/SPX SAP (Service Advertisement Protocol ).
, . , IPX- .
,
,
SAP-.

90

I.

IPX/SPX Linux
Linux-, IPX/SPX . (Caldera NetWare, Linux , . ftp://ftp.calderasystems.com/pub/old-products/netware/,
2.035.) IPX/SPX Linux .
NCPFS . Linux NCP. Network
File Systems File Systems.
Linux NetWare.
ncpmount, ncpf s.
LinWare. NCP. 0.95 beta,
1.3.x, , 1996 . . Iwared f t p : //sunsite.unc.edu/pub/Linux/
system/network/daemons/.
Mars_nwe. , NetWare- Linux,
http: //www.compu-art .de/mars_nwe/. . Mars_nwe HOWTO, ,
http://www.redhat.com/support/docs/tips/
Netware/netware.html. Mars_nwe ,
.
/etc/nwserv.conf /etc/nwserv/nwserv.conf. Mars_nwe
,
nwserv.
, IPX ( 1).
ipxutils,
, IPX/SPX .
( ncpf s.)
, Linux NetWare,
Mars_nwe. , , , . ; ,
. .
1 .
Linux . ,
, .

3.

91

7 , .
bindery- NetWare, , .
13 , .
, Linux. ,
. bindery-, Mars_nwe ,
. , , 15 . ,
.
Mars_nwe , IPX- . NetWare. ncpmount , ipx_conf igure. NetWare.
, , :
# ipx_configure auto_interface=on auto_primary=on
# ncpmount -S NW_SERV -U anne -P p4rtu3a /mnt/nwmount
, NW_SERV, ,
/mnt/nwmount, p4rtu3a.

NetBEUI
NetBEUI AppleTalk IPX, NetBEUI
IBM Microsoft DOS,
Windows OS/2. Linux ( 2.4.x) NetBEUI
. NetBEUI
NetBIOS TCP/IP, Linux ( NetBIOS
NBT). , NetBEUI
,
.

NetBEUI
AppleTalk IPX, NetBEUI . NetBEUI
256 . NetBEUI , TCP/IP,
, TCP/IP, AppleTalk IPX, . NetBEUI
. NetBEUI
: . , ,
. , NetBEUI, , .

92

I.

NetBEUI ,
, , Ethernet. AppleTalk IPX,
NetBEUI TCP/IP .
NetBEUI SMB/CIFS, .
NFS/lpd Linux UNIX NCR SMB/CIFS TCP/IP;
, ,
Windows. NetBEUI , .
, ,
, NetBEUI.

NetBEUI Linux
Linux NetBEUI-,
. 2000 . Procom Technologies (http: / /www. procom. com) NetBEUI
Linux, Samba ( 7),
Samba NetBEUI. ; Web- Procom.
, . , 2.0.x,
NetBEUI ( , 2.2.18). NetBEUI Samba, 2.0.7, ,
Samba 3.0. NetBEUI
Linux, Samba. , ,
NetBEUI Linux, , ,
, TCP/IP.
NetBEUI Linux 2.0.x Samba 2.0.6
.
Linux Samba NetBEUI
, NetBEUI.
; NetBEUI Samba. netb;
NetBIOS.

NetBEUI
, NetBEUI, README, .
. , Makefile,
, Linux Samba,
, .
Linux Samba, . Makefile,
-

3.

93

. ,
. .
,
Linux, Samba. , http: / /
www. kernel. org http: //www. samba. org, ,
, ftp://sunsite.unc.edu.
. ,
NetBEUI .
NetBEUI

.
netb. start, NetBEUI. NetBEUI,
netb stop. NetBEUI Linux
netb.
nbview.
NetBEUI. /proc/sys/netbeui, , , .
nbstatus. nbstatus
. , nbstatus SERVER SERVER.
nbadmin. NetBEUI
, NetBEUI
NetBEUI-. bind, unbind
drop. , nbadmin bind
ethO nbadmin drop 102. ( nbview.)
netb start,
Samba. NetBEUI nmbd (
NetBIOS), smbd ( 8MB) smbclient ( Samba, ). -Z <NETBEUI | 1>
, TCP/IP NetBEUI. , , smbd NetBEUI, smbd -Z NETBEUI.
, -S smbd NetBEUI- .
, , Linux,
NetBEUI SMB/CIFS NAME.
Samba, NetBEUI, Procom,
(, Samba) :
# netb start
# nmbd -Z NETBEUI
# smbd -Z NETBEUI -S

94

I.


Samba. Samba , 7. NetBEUI, . -, NetBEUI-, TCP/IP, -,
, NetBEUI
Internet.
, NetBIOS . ' Linux Samba
.

, - . , . TCP/IP.
Internet,
Linux. , TCP/IP, .
AppleTalk, IPX NetBEUI. ; ,
, . , ,
. Linux
. NetBEUI Linux Samba, .

( II III)
. , - , , .
, ; ,
.
, ,
.
, Linux, ; .
:
System V (SysV), , inetd xinetd,
. ,
.
. ,
, .

SysV
, System V UNIX, AT&T, UNIX Linux.
, .
SysV, , start stop. ,
. , , restart, . restart
, .

96

I.

SysV .
,
,
, , . , . , , .
, , , .
SysV (runlevel).
, , . ( SysV
, , , ,
.) ,
SysV
.
, .



SysV , .
, , , , . . 4.1 , SysV. ,
. 4.1 , , ,
( ).
? ,
( 0 6).
0 6,
.
, ,
,
.
.
SysV
. , ,

.
.
Red Hat, Mandrake, TurboLinux; Caldera.
/ e t c / r e . d / i n i t . d ,
/etc/re. d/rc? . d. , Slackware,

4.1. Linux


/etc/ re . d/rc . boot


SysV
/etc/ re . d/init . d


SysV
/etc/re. d/rc?. d

/etc/ re . d/rc . local

Caldera
OpenLinux
Server 3.1
Debian GNU/
Linux 2.2
Linux
Mandrake 8.1
Red Hat
Linux 7.2
Slackware
Linux 8.0
SuSE
Linux 7.1
TurboLinux 7.0

/etc/init . d/rcS

/etc/init. d

/etc/re?. d

/etc/re . d/rc . sysinit

/etc/ re . d/init . d

/etc/ re. d/ re?. d


/etc/ re. boot
/etc/re . d/rc . local

/etc/re . d/rc . sysinit

/etc/re. d/init. d

/etc/ re . d/rc? . d

/etc/ re . d/rc . local

/etc/re. d/rc. S

/etc/re. d

He

/etc/init . d/boot

/etc/re. d

/etc/re. d/rc?. d


/etc/ re . d
/etc/ re . d/boot . local

/etc/ re . d/rc . sysinit

/etc/ re . d/init . d

/etc/re. d/rc?. d

/etc/re . d/rc . local

98

I.

-.
, , Slackware
. , , /etc/re. d/rc. 4
4.
Linux ( Slackware)
SysV.
##, "S" "", ## ,
, . , network nf s - SlOnetwork
K20nfs. ,
. , ##, , . ("S" "") ,
("S" start) ("" kill)
. , SlOnetwork ,
network (
, ), K20nfs
, , nf s (
NFS) . , "S" "",
. , ,
SlOnetwork, , SSH
( S55sshd). ,
"".
, , . , Mandrake , ,
SlOnetwork, Debian S35networking.
, .
, , , . ,
,
.
. , , , ,
.
, SuSE. SysV /etc/re. conf ig. ,
SysV. ( ,
, START_HM8_CEPBJEPA="yes"),
,
"S". Caldera , /etc/sysconf ig/daemons.
. ONBOOT
, ,
Caldera .

4.

99



SysV, , .
, SysV.
,
, . ,
, ,
.
, . , ,
, , "S"
"". , . , , ,
.
, ,
.
, . , Mandrake,
Postfix.
$ find /etc/re.d -name "*postfix"
/etc/re.d/rcO.d/K30postfix
/etc/re.d/rcl.d/K30postfix
/etc/re.d/rc2.d/S80postfix
/etc/re.d/rc3.d/S80postfix
/etc/re.d/rc4.d/S80postfix
/etc/re.d/rc5.d/S8Opostfix
/etc/re.d/.d/K30postfix
/etc/re.d/init.d/postfix
, Postfix 2-5 80. ,
, 1 6,
30. Postfix 3, SSOpostf ix , ,
KSOpostf ix.
, ,
, start
stop. , , Postfix
Mandrake, :
# /etc/re.d/init.d/postfix stop
Linux . ,
, .
SysV . (
.)

100

I.

Slackware, , , . , ,
4, / e t c / r e . d / r c . 4.
, ; /etc/'re. d/rc. inet2 ( ,
, /etc/re .d/rc. inetl).
, , , .
( .)


, . ,
. , , ,
, , SSOpostf ix sBOpostf ix
(. . "S" "s" ). . ,
; Red Hat , , Mandrake.
,
SysV, , ,
.
,
- .
, .

chkconfig
chkconfig, SysV, . , , .
chkconfig :

chkconfig <list]add|del> []
chkconfig [level ] [on|off|reset]
,
( -list),
SysV ( -add -del).
( ) ( SysV).
.
, Postfix. , Postfix postfix,
:

4.

# chkconfig list postfix


postfix
0:off
l:off
2:on

101

3:on

4:on

5:on

6:off

Postfix . ,
find. chkconfig on, ,
"S", off ,
"".
chkconfig -list, ,
chkconfig .
xinetd, , , , .
-add ( ), ^del . ,
. , chkconfig -del postfix SysV
, Postfix. Linux
SysV,
. ,
.
, -add.
chkconfig on, off reset.
, .
-level, . , Postfix 3.
:
# chkconfig level 3 postfix o f f
. , chkconfig -list
. , off on. ,
, . , ,
3-5, 345 -level.
,
reset.
# chkconfig postfix reset
Postfix
. ,
-level .
chkconfig
SysV, xinetd. , chkconfig ,
FTP , .
FTP ,

102

I.

SysV.
-level , -list . , , , xinetd. -add -del
on o f f . /etc/xinetd.d
, . xinetd .
SysV chkconf ig . , sshd,
. ,
, , SysV stop
.

ntsysv
ntsysv
. , , -level ;
-level ,
. , ntsysv . ntsysv . 4.1.
ntsysv ,
SysV. ntsysv , xinetd. ,
.
* ,
; ,
. <>

( 1390 .Red Hat ,;Sof Urer<$


What eorvices should bo auton*at.icHij wtrt.e<J?

<Pi> for mor<a InforwatJtori on a e&rvice

. 4.1. ntsysv
SysV

4.

103

<Enter>; ,
.
ntsysv , , ;
.
, . ,
,
, .


, , . ,
SysV .
.
SysV; .
"S", Linux
start, "", stop.
Linux , ?
/etc/inittab,
init , . init . /etc/inittab
.
id:5:initdefault:
id, , , ,
( 5), .
,
. , 1 6 . 0
, 1 , 6
. 2-5 ; . Caldera, Red Hat
Mandrake SuSE7.3 TurboLinux
( X Window ), 5 ( X Window ). SuSE 3
5
2 3, Slackware 3 4. Debian
2-5 , SysV,
,
( , /etc/inittab). /etc/inittab
,
. , ,
, , .

104

I.

0 6.
| ,
. ,
.
, telinit ( init).
telinit :
telinit [-t __] []
. Linux SIGTERM SIGKILL. SIGTERM
"" ; . SIGKILL , , ,
. telinit SIGTERM. ,
telinit SIGKILL. -t .
, , .
, telinit, .
. , ,
, . ,
. .
, . /etc/inittab a, b . .
telinit,
/etc/inittab; .
Q q. , telinit
/etc/inittab
.
S, s. .
U, . init;
/etc/inittab .
? , , . X Window. /etc/inittab
; SysV.
, X Window.

inetd
- (,
1

4.

105

65535). , ,
. , , SMTP (Simple
Mail Transfer Protocol ),
TCP- 25, a HTTP (Hypertext Transfer Protocol
), , 80.
inetd ,
Linux. .
, , . , ,
.
. -,
;
, . -, ,
, ;
. , ( , - ).
, . , .
, ,
.

/etc/inetd.conf
inetd /etc/inetd.conf.
(, #),
, inetd.conf ,
. ,
/etc/inetd. conf, .
telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd
,
.
. , . , /etc/
services. , , ,
telnet 23'/tcp, . . ,
telnet, 23. inetd ,
/etc/services. , , inetd, , .
/etc/services.
. , . stream, dgram, raw, rdm seqpacket.

106

I.

. .
, TCP UDP. /etc/protocols,
top udp.
wait/nowait. : wait
nowait. wait ( dgram).
nowait. ,
, inetd . (multi-threaded);
nowait. , ,
, - , (single-threaded);
wait. ,
wait , wait. 60.
, inetd
. , 40.
. inetd
. . ,
. ,
, Apache , nobody
Apache, .
root, , Telnet-.
, ,
. , nobody. nogroup
, nobody
nogroup.
-. -, inetd, . /usr/sbin/tcpd. tcpd , ,
TCP Wrappers ( TCP Wrappers ).
, inetd,
TCP Wrappers, . . , inetd,
tcpd. TCP Wrappers ,
.
, . .
, , -. ,
. TCP Wrappers, ;
in. telnetd. (
, .)

4.

107

/etc/inetd. conf . , . (
, . inetd .) ,
,
inetd. conf. .
, , , ,
, ,
.
, inetd,
/etc/inetd. conf, . . , (,
, ). inetd. conf
, ,
, FTP- (ProFTPd WU-FTPD). , , , , ,
.

Linux,
/etc/inetd.conf ( xinetd,
) , . , .
, , inetd.conf,
;
.
,
, Internet.
,
SysV, ,
Linux.

TCP Wrappers
, TCP Wrappers
inetd . TCP Wrappers ; ,
. , , Telnet ,
. , Telnet, ,
, . . TCP Wrappers
,
.

108

I.

TCP Wrappers : /etc/ hosts, allow


/etc/hosts.deny. , . hosts.allow , ; .
hosts.deny, , , ;
. , hosts . allow.
hosts.deny,
.
( ,
), TCP Wrappers .
^_
^\

TCP Wrappers ,
25. TCP Wrappers , ,
, , ,
, NIS.

, # ,
. hosts.allow
hosts . deny :
_ : _
,
. , . ,
/etc/services.
ALL, . ,
, TCP Wrappers.
, TCP Wrappers. | ALL ,
. , , ,
inetd TCP Wrappers,
TCP Wrappers .
,
. ,
. .
.
IP-. IP-,
10.102.201.23. .
IP-. IP- . , ; . ,
10.102.201. 10.102.201.0/24. ,
IP-/. hosts.allow hosts.deny IPv6. [:::::::]/ ,

4.

109

, ,
.
. ,
badcracker.threeroomco.com.
.
, , , DNS , .
. , . ,
. . threeroomco. com, , threeroomco. com.
NIS. @,
NIS (Network Information Services ). ,
NIS.
,
. .
ALL. .
LOCAL. .
, .
UNKNOWN. ,
.
KNOWN. , IP- .
PARANOID. , IP-.
,
, ,
DNS.
DNS. DNS , .
/etc/hosts . allow, , .
telnet,ftp : 192.168.34. dino.pangaea.edu
ssh : LOCAL .pangaea.edu
Telnet FTP, 192.168.34.0/24 dino .pangaea .edu.
, SSH
, , pangaea. edu. , TCP Wrappers
. , inetd TCP Wrappers Apache,
.

110

I.

,
, .
, ident
( auth), , . , TCP Wrappers,
. , ,
Internet, . ,
.
EXCEPT.
. , /etc/hosts.deny:
www : badcracker.org EXCEPT goodguy@exception.badcracker.org
Web- , badcracker. org. ,
goodguy@exception.badcracker.org. , goodguy@exception.badcracker.org
/etc/hosts.allow.
, /etc/hosts .deny,
:
ALL : ALL

, TCP Wrappers, , .
, /etc/hosts.
allow. . , , , Telnet,
. ( ,
Telnet- , , . , ,
Telnet-. 13.)

xinetd
inetd ,
Linux. 2000 .
xinetd. xinetd inetd TCP Wrappers. .
xinetd inetd TCP Wrappers, , , inetd TCP Wrappers,
xinetd. xinetd TCP Wrappers,
,
inetd. 2002 . xinetd Red Hat Mandrake

4.

111

;
xinetd.

/etc/xinetd.conf
inetd,
inetd. xinetd
/etc/xinetd.conf. ,
xinetd. conf, Red Hat Mandrake,
. ,
, /etc/xinetd. d
. xinetd SysV; , . ,
Telnet /etc/xinetd.d/telnet.
xinetd ,
xinetd. conf, Red Hat Mandrake
/etc/xinetd.d.
, /etc/xinetd.conf
, /etc/xinetd. d, .
, inetd. conf. ,
Telnet-, inetd. conf.
service telnet
{
socket_type = stream
protocol
= tcp
wait
= no
user
= root
server
= /usr/sbin/in.telnetd
}
xinetd .
, inetd, . ,
TCP Wrappers, ( , Telnet- TCP Wrappers,
/usr/bin/tcpd server server_args,
/ u s r / s b i n / i n . telnetd).
inetd xinetd , .
.
.
. , xinetd , . ,
, , -

112

I.

TCP Wrappers.
.
. , inetd, . xinetd
disable = yes, . , defaults /etc/
xinetd.conf disables = _,
, .
.
disable = no, , .
. ,
redirect = _,
(. , , )
IP-. , , /etc/xinetd.d/telnet
dummy, threeroomco.com, redirect = 192 .168 . 3 .78,
Telnet- dummy.threeroomco.com
192.168.3.78. NAT , , . iptables, xinetd,
.
. log_on_success log_on_f ailure xinetd, ,
. ' ( ), HOST (
), USERID ( , ), EXIT ( ) DURATION ( ).
, , ,
= += -=.
. , xinetd, . per_source , xinetd
. ( UNLIMITED .) instances , xinetd ( ,
per_source). cps
, : , xinetd , ( ), , .
, xinetd, nice;
nice. , max_load,

4.

113

, , xinetd , .
, , ,
, .

, defaults /etc/xinetd.conf.
defaults , xinetd. defaults, , ,
.
/etc/xinetd. conf , /etc/xinetd.d, xinetd.
xinetd SysV, / e t c / r e . d / i n i t . d / x i n e t d
restart ( ).
- xinetd SIGUSR1 SIGUSR2,
kill. SIGUSR1 xinetd
.
SIGUSR2 , ,
.


xinetd ,
, TCP Wrappers.
, xinetd .
xinetd TCP Wrappers;
xinetd,
TCP Wrappers. xinetd,
, . , , .
. xinetd
only_f r no-access, ,
/etc/hosts . allow /etc/hosts . deny TCP Wrappers. , , . only_f rom , ( ). , no-access
" "; , , , . , , .
. only_from no-access IP- (, 172.23.45.67), , (,
172.23.0.0 172.23.0.0/16) (172.23.0.0/16),
, /etc/networks, (,

114

I.

badguy. threeroomco. com). ,


xinetd . xinetd ,
.
. , , access_times. :--., ,
08:00-18:00 , 8 18 . access_times . ,
Telnet- 08:00-18:00, ,
17:58, .
. . bind ( interface, bind). IP-, . , ethl
172.19.28.37 bind = 172.19.28.37,
, ethl.
ethO ;
, , .
, . , ,
Internet
-, Telnet FTP. bind
xinetd , Telnet FTP
, .
xinetd.
.


, Linux
SysV, . X, /etc/inittab .
X . Slackware /etc/re. d/rc/inet2. ,
,
.
Linux . 4.1.
, ,
, SysV
- .
SysV , ,
, ,

4.

115

. , Mandrake , SuSE,
SysV,
SuSE, . ,
. ,
Linux.
, , ,
.
SysV .
, .
SysV, , ( ,
, ,
). SysV . SysV, ,
( SysV bash).
, .

. ,
, . ,
Telnet-.

/usr/sbin/in.telnetd
, (. .
).
, ,
&. ,
.
, , ,
, & .
,
. , bash , ,
. SysV.
, . , SuSE boot. local ,
re. local Red Hat, SuSE
, , Red Hat
,
, . , , ,
, SysV
, .
. , SysV,
stop, , -

116

I.

,
. ,
kill, killall .

Linux
,
, ,
. Linux , .
KDE ( Desktop Environment ) GNOME (GNU Network Object Model Environment
GNU). xterm. (
root;
.) Linuxconf ( Red Hat , , , Mandrake),
YaST YaST2 ( SuSE) ksysv ( ntsysv,
, ).
0^.
Webmin SWAT, %\ , Web. ,
Linuxconf, , ;
Web-.
16.

Linuxconf
Linuxconf . , ,
. Linuxconf (
), ( ), Web- (
16).
lirmxconf,
(gnome-linux-conf linuxconf-gui). Linuxconf , , Linuxconf
.
,
Web .
. , Red Hat , Mandrake
.

117

4.
loalhostlocaldomaln: Linuxconf 1,24 (subrev 2)1
File

Help

Preferences
; Control I

ontrol panel
- Activate configuration
- Shutdown/Reboot

> Mount/Unmount file systems


- Configure superuser scheduled tasks
- Archive configurations
- Switch system profile
*5 Control files and systems
f dates, time
Features

: Sewle*control\'i\

V '

,,;.,

,Vou can eiedlvly enable or disable


any services. You can disable services on a permanent
basis or on a temporary basis. Temporary means that
Linuxconf will remind you about those and will reactivate
1;
' at the next reboot,

apmd
arpwatch
atd
autofs
chargen-udp:
chargen:

Automatic Running
Manual
Automatic Running
Automatic Running
Manual
Dismiss

Help

. 4.2. linuxconf
Linux
Linuxconf Web-
"^ Linuxconf h t t p : / / w w w . s o l u c o r p . q c . c a / l i n u x c o n f / . Red Hat 7.2 Mandrake 8.1,
. ,

. ,
Linuxconf:
, .
Linuxconf Red Hat Mandrake,
.
Web- Linuxconf.
Linuxconf ;
: Config, Control Status.
; , . ( Linuxconf Mandrake
, , . ,
.) . 4.2 Linuxconf Red Hat; ControlOControl PanelOControl Service Actinity.
SysV xinetd.
, .
1. Linuxconf ControlOControl PanelOControl Service
Actinity (. . 4.2).
2. , . , sendmail sendmail
. Linuxconf ,
.

118

I.
(localhostlocatdomain: Linuxconf 1,23 (subrev 2)
File Preferences

Service em*r,

Conrig control
% Control panel
:tivate configuration
- Shutdown/Reboot
3-Mounf Unmount file systems
Configure superuser scheduled tasks
Archive configurations
Switch system profile
I Control files and systems

You can enable/disable a service


or you can start and stop it manually
BaSe-Sfg |Run leveisjj
Level 0
Levett-'j/v

JHaB

' '"""'",
,,

'-,:\v

",j single user fy %y,,

Level 2'(default)' rMultl-user/Text

;.-.
'',''
:

'' ~

Level 3 (default) rr Multt-user/TffitfFull network


Level 4 (default) r Not used ,
Level 5 (default) fr Muttl-usef/Graphieal.-'
Level e

' '

J Rettoot

. 4.. linuxconf

3. Run Levels. ,
. 4.3.
,
.
4. Accept, Dismiss Service Control.
5. FileOAct/Changes,
. Do It, .
. ,
chkconf ig SysV.
, Linuxconf .
Red Hat Mandrake,
. Web- Linuxconf,
. ,
,
.

YaST YaST2
SuSE YaST (Yet Another Setup Tool) YaST2.
YaST , a YaST2 .
, . YaST2, -
YaST, .

119

4.

I Hardware

I Post a support query

'> RC-Config Editor

Mlsc

Network

. 4.4. YaST , ,

( YaST , , .)
YaST , yast; , YaST2,
, yast2.
YaST2 . 4.4. , , , ,
, .
SuSE
SysV / e t c / r e , config. YaST .
RC-Config Editor, Misc.
, . 4.5.
, , StartVariablesOStart-Network. ,
. 4.5, YaST . Yes No,
.
YaST .
, , / e t c / r e . c o n f i g ;
, SysV. ,
(NetworkONetwork-Basics) , -

120

I.

etc
start-Variabes
I Start-Network
1 ;
HLstart
j : :- pppd_dod_start
' \ ! starLbwnfsd
start_loopback
start_marsnwe
starLnamed
start_nscd
starLpcnfsd
start_portmap
start_pppoed
start_routed
start rusersd

START_INETD:
start the inet daemon in multi-user? ("yes" or "no") this is
needed, if you have to telnet/rlogin to your own machine. It
is also needed for the man page formatter in SuSE Help
system.

. 4.5. Yes No

root (SecurityOSecurity-Basics).
, YaST.
Network.
, NFS Sendmail Configuration,
NFS sendmail. NFS
sendmail 8 19,
YaST.

ksysv
chkconf ig ntsysv, SysV
( , ). , ,
. ,
;
ksysv tksysv. ksysv KDE, . tksysv
. Red Hat ,
. ksysv . 4.6.
ksysv, tksysv SysV;
,
. Available Ser-

121

4.
fnes5us.rodsbooks.com -SysV-lnlt Editor)!
Settings Help

SS
Runlevela

Nr
09
09

10

@ nfslock
nutnlock
portmap
proftpd
random
rawdevices
rstatd
rusersd

Name
f) firewall "
^ sound
23 ul9d
0 network

10 0 usb
20 0 random
30 0 syslog
40 &] crond
Sloj
Name

start
Nr

Name

05 0 harddrake
05 0kudzu
09 firewall
09 0 sound
09 0ulogd
10 network

^ usb

11 0 portmap
20 ^1 random

10 " "

11 ffi Dortmao

Nr,
Name
01 0thttpd
10 0acpid
alsasound
rstatd
rusersd

d
prolpd
nfslock
rstatd
rusersd

0 amd

20
ZO

Runtevelg
Start
Nr I Name
05 0 harddrake
05 jgkudzu
09 f3 firewall
0 ulogd
network

vmware
acpld
alsasound
rstatd
0 rusersd

amd

0 amd

_ Idap
45 0 arpwatch

40 fj^ldap

Show Runlevels

. 4,6. ,

vices , , , ,
. ,
, , Service Entry (. 4.7). Service
, Entry , ,
, .
,
Stop, , Start . ,
. Available Services , . ksysv
, , . ,
20 30, ksysv
25. , ,
, Sorting Number
(. . 4.7). , ksysv , ,
. ksysv, -

122

I.
ai'^KIProperties for postfix -Sy5V-initEdltor|'|M- ti#
Entry

3$rvie

fJame

j^ostfiA

Potnls to service jpostfix


Sorting number:

80

. 4.7.
ksysv , SysV
, -
Start, Stop, ,
.
ksysv tksysv ,
, Linuxconf YaST. ,
SysV, ,
.
SysV,
. ,
, ,
SysV.


, ,
-, . , , . , ,
SysV , /etc/xinetd.d.
, , , , -.
. 4.2 ,
.
, Linux ( ,
, )
SysV. , , , .
SysV
,

123

4.
4.2.

SysV
.
.
.

. SysV ,


. -

.
.


(chkconf ig, ksysv . .).

. , , , Samba, ,
. , , , nmbd .
,
.
SysV, . ,
(, Telnet FTP). , Apache,
Apache , . , Debian,
, SysV . ,
SysV
.
, Linux (inetd xinetd). , xinetd,
inetd, inetd .
SysV . , ,
.

124

I.

,
SysV, ,
. ,
, . SysV,
, .
;
. , .
.

Linux ,
.
Linux: SysV,
. Linux, , ,
. SysV, ,
: inetd xinetd. ,
, , .

II

5
IP-
DHCP

2 TCP/IP. DHCP (Dynamic


Host Configuration Protocol ).
DHCP, .
DHCP IP- ,
. , DHCP, IP-
, IP- . DHCP
. DHCP ,
DHCP. DHCP .
DHCP,
, . ,
DHCP. DHCP IP , DHCP
.
IP-. ,
DHCP , Samba DNS.
DHCP, . ,
,
. DHCP , ,
, . (Droms) (Lemon) The
DHCP Handbook: Understanding, Deploying, and Managing Automated Configuration Services (New Riders Publishing, 1999) (Kercheval) DHCP: A Guide to Dynamic
TCP/IP Network Configuration (Prentice Hall, 1999).

5. IP- DHCP

127

DHCP
, DHCP ,
DHCP.
: - DHCP.
, DHCP. . "" ,
, :
IP- DHCP.
IP- , , 2.
, . DHCP, Linux,
IP- , Linux, , : UNIX, Windows,
MacOS, OS/2, BeOS . . DHCP , TCP/IP.
IP- ; .
DHCP , IP.
, DHCP, . , IP. , , . , DHCP,
IP-.
DHCP
IP-. , DHCP ,
, DHCP, .
DHCP ,
IP- .
DHCP . DHCP ,
- . ( ,
, IP- .)
DHCP DHCP ,
, . ,
DHCP. DHCP ,
.
, .
DHCP ,
, IP-.

128

II.

DHCP. , ,
IP- .
0^
^, DHCP DHCP .

DHCP.
DHCP IP-, ,
. , , DHCP. ,
, DHCP .
,
( ), .
, IP-, .
. , DHCP
.
DHCP , .
DHCP.
DHCP Linux,
. DHCP Linux.
, Internet
DSL-. DHCP. , DHCP Linux,
. , DHCP
, , , IP-.
DHCP SysV.
, . (
5.)


DHCP, , . ,
Packet Socket Socket Filtering. ( 1
dhcpd Socket Filtering; .)
1.
DHCP ,
255.255.255.255. Linux
(, 192.168.1.255).
DHCP ( Windows), , ,

5. IP- DHCP

129

DHCP, . :
# route add -host 2 5 5 . 2 5 5 . 2 5 5 . 2 5 5 dev ethO
ethO , . . ,
route -n. , . 255.255.255.255 ,
.

DHCP
Linux DHCP,
Internet Software Consortium (http: //www. isc. org/products/DHCP/). Internet Software Consortium (ISC) 2000 . 3.0 DHCP, 2002 .
Linux 2.0 DHCP. , ,
2.0 3.0, 3.0 , ,
DNS-, .
DHCP dhcpd.conf,
/etc /etc/dhdcp.
Linux, dhcpd.conf , . ,
dhcpd dhcp. leases,
/var/lib/dhcp. dhcp. leases
. DHCP IP-
DHCP. DHCP, IP-. , ,
. dhcp. leases
Ethernet- . dhcp. leases
; ,
, , -, ,
dhcp. leases.
dhcpd. conf, #, . , , .
. DHCP , (, ),
(, ), , (, ).
. (, ), IP-,
, .
, . . -

130

II.

DHCP ,
.
. . , ,
. , dhcpd. conf
, ,
.
host teela {
hardware Ethernet 00:05:02:al:76:da;
fixed-address 192.168.1.2;
}
. , host, ( teela), , , . ,
, . ,
. ; dhcpd
, .

IP-
DHCP, IP-. ,
, . IP- , IP-, ,
IP-, . ; ,
, ,
.
IP-. ,
. IP- . , , ,
, :
IP- ,
DNS IP-.
; . DHCP DNS,
IP-.


5.1 dhcpd. conf,
IP-.

5. IP- DHCP

131

, .
5.1. dhcpd. conf
defIt-1ase-1ime 720;
max-lease-time 10800;
option subnet-mask 255.255.255.0;
option routers 192.168.1.1;
option domain-name-servers 192.168.1.1, 172.17.102.200;
option domain-name "threeroomco.com";
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.50 192.168.1.150;

, ;
. , , . ( default-lease-time
max-lease-time) . , , DHCP
, IP-.
default-lease-time ,
DHCP. 7200 ,
120 . ,
max-lease-time; 10800 , 180 .
.
DHCP
.
, IP- . , ; DHCP
, . DHCP ,
60 ; . (,
),
, 5.1.
, , default-lease-time max-lease-time
.
, DHCP, : , (),
DNS . , , 2,
IP- .
IP-, ,

132

II.

, DNS
. , DHCP
IP-. , 5.1, . .
. 5.1, ;.
, , , dhcpd. conf.
filename "_". dhcpd . , DHCP
;
filename.
.
next-server "_". ,
, filename.
, ,
, DHCP.
server-name "_". .
, , , .
boot-unknown-clients . , true, dhcpd IP-
, . false, ,
host.
option broadcast-address IP-. , . .
get-lease-hostnames . true,
dhcpd DNS, IP-.
, (, ).
false.
use-host-decl-names .
get-lease-hostnames. true, dhcpd DNS, , host.
true.

5. IP- DHCP

133

get-lease-hostnames use-host-decl-names ,
DHCP .
get-lease-hostnames dhcpd DNS ,
DNS. ,
DHCP ,
DHCP ,
IP-, DHCP DNS.
dhcpd. conf ,
option.
, , X Window,
. , , , IP-.
,
dhcpd.conf.
; , DHCP X Window.
dhcpd. conf.
, ,
.


5.1 DHCP,
IP-.
subnet, :
subnet 192.168.1.0 netmask 2 5 5 . 2 5 5 . 2 5 5 . 0 {
range 192.168.1.50 192.168.1.150;
}
, 192.168.1.0/24. , ,
. , DHCP. range IP-, , .
192.168.1.50-192.168.1.150.
, (192.168.1.0/24), ,
IP- , DHCP.
dhcpd.conf subnet.
, .
, , .
dhcpd, 3.0, subnet , , DHCP. ,

134

II.

192.168.1.0/24 172.20.30.0/24, DHCP 192.168.1.0/24,


dhcpd. conf subnet, .
subnet 172.20.30.0 netmask 255.255.255.0 {
, , DHCP,
| : ,
DHCP.
, , .
DHCP,
, . DHCP
. ( 25.) DHCP ,
.
, DHCP,
. 3.0
dhcpd .


IP- . Internet- , , .
IP- (,
) (
).
, DHCP
, .
, , DHCP, - .
; , ping, ,
. IP-
. (
IP-.) dhcpd IP-. - dhcpd , - IP-.
dhcpd ,
, IP-.

-
-
. Ethernet - ,

, 00:80:C8:FA:3B:OA. ,

5. IP- DHCP

135

Ethernet , - , dhcpd , , ,
, . (
, -, - ,
.) , , Ethernet, .
- Ethernet ; ,
Ethernet-. h t t p : / / w w w . c o f f e r . c o m / m a c _ f i n d / http://www.cavebear.
com/CaveBear/Ethernet/vendor .html. DHCP , ,
DHCP. ,
Ethernet- , ,
.
dhcpd -
IP-, -. ,
, .
-. ,
, - Ethernet-. ,
.

-
Linux UNIX - if conf ig. if conf ig ethO ( ifconf ig ), if conf ig
.
:
ethO
Link encap:Ethernet HWaddr 0 0 : 8 0 : C 6 : F 9 : 3 B : B A
- HWaddr;
00:80:C6:F9:3B:BA. , Ethernet . , TCP/IP.
Windows 2000, -
IPCONFIG, if conf ig Linux. , ,
IPCONFIG /ALL.
:
Physical Address
: 00-50-BF-19-7E-99
Windows Me WINIPCFG, ,
IPCONFIG, .

136

II.

* Adapts i
JNDIS5.0dnvw
A*etefA!Mr* f

----
168.1.3

Subnet Mk f

253.255.2550,
192168.1.1

>eUfc Gatewqy
lL-'-

' Release

* |

Raaw

RenegAI | Ma Wo

. 5.1. WINIPCFG DHCP Windows 9x/Me

, . 5.1, -
Adapter Address.
DHCP Macintosh
MacOS Classic, - TCP/IP Control Panel.
Info TCP/IP Info, -.
MacOS X Network,
. 5.2.
Network

Show All

Displ.lv>

Sound

Location

Network

SUItup DUk

Automatic

Configure: 'Built-in Ethernet

IP Address

192.168.1.2
(Provided bv DHCP scrverl

DHCP Client ID:


(Optional)

Search Domains

(Optional)

Ethernet Address: 00:OS:02:a7.76:da


Example: appfe.com, eArUiitnlc.net

Click the lock to prevent further changes.

. 5.2. MacOS X -
Network

5. IP- DHCP

137

, -,
; ,
.

-
- DHCP.
, . DHCP ,
IP-. ( /var/lib/dhcp/dhcpd. leases).
, :
lease 192.168.1.50 {
starts 4 2002/07/19 21:37:20;
ends 4 2002/07/19 23:17:20;
binding state active;
next binding state free;
hardware ethernet 00:50:56:82:01:03;
}
IP-, , , , - (hardware
ethernet : 5 0 : 5 6 : 8 2 : 0 1 : 0 3 ) .
-, , IP- .
.
- Linux (
/var/log/messages). , dhcpd, :
# grep dhcpd /var/log/messages I tail -n 1
Jul 19 18:27:38 speaker dhcpd: DHCPACK on 192.168.1.50 to
0 0 : 5 0 : 5 6 : 8 2 : 0 1 : 0 3 via ethO
, DHCP IP-
. IP-, ,
-. ,
- DHCP ,
. IP-, . ,
, - tail, 1.
, , , IP- DHCP, -
. Linux- ,
IP- .
# 192.168.1.50
Address
HWtype
HWaddress
Flags Mask
Iface
192.168.1.50
ether
00:50:56:82:01:03

ethO

138

II.

, . ping.
: ping - 192 .168 .1. 50

-
dhcpd - IP-,
. , 5.1,
, , DNS . ,
IP-, host. subnet . host
.
host teela {
hardware ethernet 00:05:02:a7:76:da;
fixed-address 192.168.1.2;
}
host,
. ( , , , use-host-decl-names.)
. (hardware) -, .
Ethernet-, ; , Token Ring
token-ring. (fixed-address) IP-, . , ,
DHCP, ,
range, subnet. 192.168.1.2, 192.168.1.50-192.168.1.150, 5.1,
192.168.1.0/24, .
dhcpd.conf ,
IP-.
, DHCP , . dhcpd. conf
range, host, , - host,
, subnet.


, , , ; . hardware fixed-address host.
, , , .
option host-name ""; -

5.

IP-

DHCP

139

DHCP .
get-lease-hostnames use-host-decl-names. ,
.
.
, , ,
. , . , host group. :
group {
get-lease-hostnames true;
host teela {
hardware ethernet 00 : 05 : 02 : a? :76:da;
fixed-address 192.168.1.2;
}
host nessus {
hardware ethernet 00 : 50 :BF: 19: 7E: 99;
fixed-address 192.168.1.3;

group {
use-host-decl-names true;
host hindmost {
hardware ethernet 00:50:56:81:01:03;
fixed-address 192.168.1.4;
}
host louiswu {
hardware ethernet 00:eO : 98:71: 60 :cl;
fixed-address 192.168.1.5;

, (teela nessus),
DNS. (hindmost louiswu) , host.
, , ( filename next-server)
TCP/IP (

).


DHCP , . ,
DHCP .
DHCP, , -

140

II.

.
get-lease-hostnames; DHCP DNS.

NetBIOS
NetBIOS, SMB/CIFS,
,
TCP/IP. ( SMB/CIFS, 7.)
DHCP ,
, Windows. .
dhcpd. conf .
option netbios-name-servers _. NetBIOS
, , TCP/IP-. NetBIOS
, ,
, DNS.
NBNS (NetBIOS Name Service - NetBIOS) WINS (Windows Internet Name Service Windows).
DHCP Windows- , option netbios-name-servers.
dhcpd. conf , DHCP WINS.
option netbios-node-type _. , . ,

WINS. 1 8. 1 2

WINS. 4 8 : 4 , , WINS, a 8 ,
WINS,
. , WINS, 8,
.
,
.
option netbios-dd-server _. NetBIOS: NBDD (NetBIOS Datagram Distribution
NetBIOS). ,
. ,
.

141

5. IP- DHCP

uisl
, nines
|
Advanced
I < NetBIOS
DNS ConfigutSkm | Galew* VflNS Con0B*fon | (PA4
Contact JKW n*t>* MMMxto M outljrauRMd to

ffinbk, WINS Resolution , '


loabteWINS .

. 5.3. Windows NetBIOS-, DHCP


option netbios-scope . NetBIOS , NetBIOS.
NetBIOS ,
NetBIOS- . ,
. (
group.)
DHCP IP- Windows-, . ( Samba Linux , DHCP;
Windows). ,
dhcpd. conf :
option netbios-name-servers 192.168.1.1;
option netbios-node-type 8;
, Windows , , Use DHCP for WINS Resolution TCP/IP Properties (. 5.3). Disable WINS Resolution,
WINS. Enable WINS Resolution,
IP- WINS.

DNS-
, DHCP
, . DHCP

142

II.

, IP- ( ), DHCP DNS


; DNS ,
DHCP. DHCP , ,
. Internet, . DNS ,
Internet .
.
dhcpd, 3.0, DNS. 3
DNS: ad-hoc (, ) interim ( ). ; Internet dhcpd.
DNS . DHCP
, DNS.
DNS ddnsupdate-style, : ad-hoc, interim
none ( ). DNS, ddns-update-style dhcpd. conf ad-hoc,
interim ( ).
DNS , DNS
| .
DNS 18.

ad-hoc
ad-hoc .
.
1. host ddns-hostname,
.
2. (,
), DHCP
.
3. ,
DHCP.
4. , host.
.
, DHCP DNS. DHCP ,

5. IP- DHCP

143

, ddns-domainname
( ), domain-name.
DHCP DNS. , ( IP-).
, DHCP PTR, ( IP- ).

interim
interim ad-hoc, DNS.
DNS,
dhcpd.conf allow client-updates ignore
client-updates. .
DHCP ,
DNS, PTR DHCP
, . DNS
, DHCP ,
, , dhcpd.conf.
PTR.
DNS, interim
, ad-hoc. DNS
, . ,
, DHCP. , , DHCP threeroomco. com. ad-hoc , threeroomco. com,
. DNS, , dino. pangaea. edu.
.
DHCP DNS, PTR dino . pangaea. edu.
. , ,
. , ,
. ,
, , ,
.
DNS
!
Internet DSL- :
. IP- DHCP '
. , ;
DHCP DNS Linux.
DNS. ( , .)
;
::;

144

II.

'., DNS ^ In, ternet. ,


IP- >$ ^. ,||
, DNS ,
. IP- . , DNS,
, Perl ,
Linux.
.'
~
,"** * '[
' ?-"-^
^^
, DNS^ http://www.technopagan.org/dynaini/, http://www.
geocities.com/kiore_nz/ http://dns .highsynth.com. DNS,
/ .

DHCP , .
, ,
. , DHCP ;
, .
DHCP , IP , , . , DHCP , .
IP-; DHCP DNS.
3 DHCP Linux.

6

Kerberos

Linux . ,
, .
(, POP- FTP-), .
, ,
.
, ( ),
. Kerberos.
. ,
.
Kerberos : ,
.
Cerberus, .
Web-,
Kerberos.
Kerberos,
, Kerberos .
, Kerberos - .
, , ,
.
Kerberos Kerberos. ; ,
Kerberos, , . Kerberos,

146

II.

, , Kerberos. , Web- Kerberos http:


//web.mit.edu/kerberos/www/.
, Kerberos, .

Kerberos
, 25 ( ,
). , Kerberos
. Kerberos , ,
, .
, , ,
, . , Kerberos .
, ,
, , -
, .
Kerberos , , ,
. , . ,
.
Kerberos . Kerberos Linux UNIX- , Windows, MacOS . . ( Kerberos, Microsoft,
. Web- Kerberos, MIT, Kerberos, Windows
.) .
Kerberos
. ,
, POP, Kerberos (
). Kerberos, Linux.
, Kerberos Windows, MacOS .
k .//'^,' , , ~ ; ,-
1960- , '
. 1980- .
, UNIX . , , # ,
- , X-,

6. Kerberos

147

. .
86. , (
*
/ " ;
, ' 1~*
; * Windows,
vMacOS, Linux UNIX, -'
^ ,
!? . , ^
/;,. , ' -
|/^|- ; |^;';-] "
|&;1^^
^^!-^ ,
S
B "" , *
"' * ;*,' ^-^^. , >>>
:
"psLeibero's, % , '* , ,
, , ,,
<f - _ < ' ,
' <; .i '.-'?,>> *;-'*!,?; 9
'^ 86 -!|
^, ^ . -1
.
Linux .' - j
j . ^ ,
^ ( 13 : 14).
?! , ,
; , , . , *
- , -*.
; Kerberos, ^?; ,(, ,, ,,_ * - ,_ '^ ,J|f.tl ^4

Kerberos
Kerberos ,
Kerberos,
(key distribution center ). ,
Kerberos . , Kerberos, (Kerberized
application). Kerberos, ,
Kerberos .
Kerberos,
Kerberos .

Kerberos
Kerberos , . .

148

II.

Kerberos .
Kerberos .

Kerberos
Kerberos KDC. (realm) Kerberos. Kerberos Internet. , threeroomco.com
Kerberos;
THREEROOMCO. COM. Internet, Kerberos
. Internet Kerberos, ,
. Kerberos
.
Kerberos, , REALM1. THREEROOMCO. COM
REALM1.THREEROOMCO.COM.
Kerberos
. , Kerberos . ,
.
Kerberos , Kerberos, , . . . Kerberos , Kerberos. ,
Kerberos ,
(, ).
Kerberos ,
. , : (primary), (instance) (realm).
/. , .
; , ftp. ,
, . ,
f l u f f y : ,
, ,
. admin. THREEROOMCO. COM, f luf f ySTHREEROOMCO. COM f luf f y/admin@
THREEROOMCO.COM.

, Kerberos
Kerberos, ,
. .
.
, . , ,

6. Kerberos

149

. , .
.
. , .

, Kerberos .
, . ,
, .
, ,
.
, , (POP IMAP).
,
.
.
. Kerberos.
. Kerberos , .
. , ,
, . (
).
, , ,
.
.
Kerberos ,
,
Kerberos . Kerberos
. .
1. , , , .
2. ( Kerberos)
TGT (ticket-granting ticket ). Kerberos, TGS (ticket-granting
service ).
3. KDC . , KDC
. , , , . , , ,
.

150

II.

4. TGT , . ,
.
.
5. , , KDC , . ,
, .
( KDC)
, , , , , ,
. ; .
,
.
6. , ( ).
7. . .
8. , .
, .
( ,
. .), .
9. . , ,
, . ,
.
, Kerberos
, , (
).
, ,
.
, .
, | . , ,
-, .
.
, Kerberos.
NTP (Network Time Protocol ),
10.

6. Kerberos

151

Kerberos
Kerberos,
. , . (
, ) .
. KDC ,
.
, , .
, , , ,
.
, ,
, . ,
, . , Pentium , 32
,
. ,
, , .
, , , . ,
,
. ,
.

Kerberos
Kerberos, http:
//web. mit. edu/kerberos/www/. MIT Kerberos
V5 Release 1.2.1 ,
( Linux ). Kerberos V4
Windows MacOS ( MacOS Classic, MacOS X).
Kerberos V5 Kerberos V4, ,
, .
X Window, Kerberos . , , MIT,
. Kerberos (Royal Institute of Technology)
h t t p : / / w w w . p d c . k t h . s e / k t h - k r b / . eBones,
, , krb4.
, FTP-
binaries, , Linux.
, : . eBones ( , eBones 1.1) Kerberos V4.

152

II.

(Center for Parallel Computers)


Kerberos, Heimdal; http:
//www.pdc. kth. se/heimdal/. MIT Kerberos V5. ,
Linux,
.
Kerberos
Linux. , Debian 2.2 eBones Heimdal,
Mandrake 8.1 Red Hat 7.2 Kerberos V5, a SuSE 7.3
Heimdal. Caldera 3.1, Slackware 8.0 TurboLinux 7.0 Kerberos
, ,
, Linux.
Kerberos V5, MIT. Kerberos V4
. , Kerberos V5, . ,
Kerberos V5 Red Hat,
MIT.

Kerberos
Kerberos Kerberos, KDC.
Linux, , /etc. ,
Kerberos , , .
.
.
, ,
Kerberos . ,
Kerberos.
, Kerberos , . MIT configure, , make make install.
Kerberos, . configure enable-shared;
Kerberos, . . , Kerberos . , Kerberos
Red Hat , krb5-libs, krb5-server
krb5-workstation.
.

6. Kerberos

153


Kerberos /etc/krb5 .
conf . ;
, . ,
, , .
krb5 . conf KDC 6.1.
6.1. krb5 . conf
[logging]
default = FILE :/var/log/krb51ibs. log
kdc = FILE :/var/log/krb5kdc. log
admin_server = FILE: /var/log/kadmind. log
[libdefaults]
ticket_lifetime = 2 4 0 0 0
default_realm = THREEROOMCO . COM
dns_lookup_realm = false
dng_lookup_kdc = false
[realms]
THREEROOMCO . COM = {
kdc = kerberos .threeroomco.com: 88
kdc = kerberos-1 .threeroomco.com: 88
kdc = kerberos-2 . threeroomco. com: 88
admin_server = kerberos .threeroomco.com: 749
' default_domain = threeroomco.com
[domain_realm]
. threeroomco . com = THREEROOMCO . COM
threeroomco.com = THREEROOMCO . COM
outsider.threeroomco.com = PANGAEA.EDU
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf

,
( "=") .
, . , [ realms ], 6.1, ,
THREEROOMCO. COM.
, .

154

II.

0^
, HA^tv , Kerberos.
[login] [kdc]. ,
[appdefaults].
KDC kdc. conf.
, KDC,
krb5 . conf .
kdc. conf krb5 . conf.


, krb5 . conf kdc. conf . , ,
KDC, . Kerberos ,
.

krbS.conf
krbS.conf [realms],
. [domain_realm]
Kerberos Internet. 6. \.
[realms] KDC KDC THREEROOMCO. .
kerberos kerberos-, , . Kerberos
( ),
. , . admin-server , .
, , ( , 749). default_domain
, .
Kerberos, . , def ault_domain .
krb5. conf . , [ realms ] , ,
, .
, [domain_realm], Kerberos. (
) , Kerberos, . 6.1 , ,
threeroomco . com ( threeroomco. com), THREEROOMCO.COM. outsider,
threeroomco. com, PANGAEA.EDU.

6. Kerberos

155

DNS- CNAME,
, krb5 . conf . KDC, , .
, KDC IP-.
, NAT (Network Address
Translation ), DNS-
KDC, ,
KDC. KDC
, DNS.

kdc.conf
kdc.conf , krbS.conf.
kdc.conf 6.2. Kerberos [ realms ]. kdc. conf,
,
EXAMPLE. COM. [realms] , , .
, . [ kdcdef aults ]
.
6.2. kdc. conf
IkdcdefaultsT
"
acl_file = /var/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
[realms]
THREEROOMCO.COM = {
master_key_type = des-cbc-crc
supported_enctypes = des-cbc-crc:normal des3-cbc-raw:normal \
des3-cbc-shal:normal des-cbc-crc:v4 des-cbc-crc:afs3


Kerberos (master key),
stash-. Slash-
, , .
stash- ,
.
stash- , , KDC, root. ,
. -

156

II.

, :
,
- ,
.
, .
.
. , "yesterday I went
to the dentist" yiwttd.
,
yi9Wt%Td, .
slash-
kdb5_util.
# kdb5_util create -r THREEROOMCO.COM -s
Initializing database '/var/kerberos/krb5kdc/principal' for
realm 'THREEROOMCO.COM',
master key name 'K/M@THREEROOMCO.COM'
You will be prompted for the database Master Password.
It is important that you NOT FORGET this password.
Enter KDC database master key:
Re-enter KDC database master key to verify:

, ,
.

kdb5_util
. /var/kerberos/krb5kdc
, Kerberos, /us r /local /var/krb5kdc. , kdb5_util.
Stash- . k5 . _ . kSstash.
principal principal. ok, Kerberos. ( principal principal. db.)
principal. kadmS principal. kadmS. lock,
Kerberos.
- stash-, ,
kdb5_util, -s. Kerberos .


Kerberos kdb5_util Kerberos, . .
.

6. Kerberos

157

6.1. ACL

d
D
m

i
I
1
L
*

ACL
Kerberos ACL (Access Control Lists
) , acl_f ile
kdc. conf. , :

Kerberos

ACL Kerberos ACL


, . ACL
, . ACL Kerberos
Kerberos. ACL Kerberos
ACL .
( Kerberos) (
).
"*". , */admin@
THREEROOMCO. admin
THREEROOMCO. . KDC
.
() ACL, . .
. 6.1. , . ,
all , , .
( ) .
, . ,
. Kerberos, "*".
:

158

II.

*/admin@THREEROOMCO.COM *
admin
Kerberos. . ,
, , .


Kerberos
kadmin kadmin. local. kadmin KDC ; .
kadmin. local . kadmin .local
, , kadmin
. , , KDC
Kerberos, .
kadmin kadmin. local , , , , . . , .
, . ,
admin/admindTHREEROOMCO.COM,
addprinc.
# kadmin.local
Authenticating as principal root/admin@THREEROOMCO.COM with
password.
kadmin.local: addprinc admin/admin@THREEROOMCO.COM
WARNING: no policy specified for admin/admin@THREEROOMCO.COM;
defaulting to no policy
Enter password for principal "admin/admin@THREEROOMCO.COM":
Re-enter password for principal "admin/admin@THREEROOMCO.COM":
Principal "admin/admin@THREEROOMCO.COM" created.
^^
, .
HA^V:\ .
, ,
(keytab). , Kerberos .
; Kerberos .
, kadmin. local
ktadd.
kadmin.local: ktadd -k /var/kerberos/krb5kdc/kadm5.keytab \
kadmin/admin kadmin/changepw
, , -k.
, admin_keytab
kdc. conf. -k , -

6. Kerberos

159

, kadmin/admin kadmin/changepw (
Kerberos;
).
, , , KDC.
addprinc. , ,
f luf f y@THREEROOMCO. COM. :
kadmin.local:

addprinc fluffy@THREEROOMCO.COM

-randkey,
, .
, .
, , , kadmin.
, _/_@ _ ( , , pop ftp). , host.
, host, ktadd.
, . . -k.
, . -:
kadmin , ,
ktadd , .
, .
^_@1_,
host/kerberos-1. threeroomco. com/THREEROOMCO. . , , ( ) KDC .
KDC , .
kadmin,
quit.


Kerberos- . , 4. Kerberos
, , ,
SysV. krbSkdc, kadmin.
SysV , krbSkdc kadmin, Kerberos.
,

160

II.

"&".
(/etc/re. d/rc. local).


KDC , . krbS.conf kdc.conf, kdb5_util
, ACL ktadd
kadmin. local, .
KDC , KDC (, , , KDC). . kpropd.acl /var/
kerberos/krbSkdc /usr/local/var/krb5kdc. :
host/kerberos.threeroomco.com@THREEROOMCO.COM
host/kerberos-1.threeroomco.com@THREEROOMCO.COM
KDC,
KDC : kpropd klogind.
. /etc/inetd. conf
:
krb5_prop stream tcp nowait root /usr/kerberos/sbin/kpropd
kpropd eklogin stream tcp nowait root \
/usr/kerberos/sbin/klogind klogind -k -c -e
, . xinetd,
( . 4). /etc/services krb5_prop eklogin,
:
krb5_prop
754/tcp
#
# Kerberos
eklogin
2105/tcp
#
#
KDC :
. , , 6.3. ,
, . , kprop .
.

6. Kerberos

161

6.3. , Kerberos

_
__
_
#T7bin7sh
"
"
"
"
"
/usr/kerberos/sbin/kdb5_util dump
/usr/kerberos/var/krb5kdc/slave_datatrans
/usr/kerberos/sbin/kprop -f
/usr/kerberos/var/krb5kdc/slave_datatrans \
kerberos-1.mil.threeroomco.com

Kerberos
Kerberos ,
. ,
Kerberos . , .

. , , Kerberos
. , .


,
. , , [realms] [domain_realm]
krb5 . conf , .
, , .
(./_$_)
, (,
Telnet, : telnet/ _%_). ,
, kadmin. local ,
. , , addprinc, .
kadmin. local :
kadmin.local: addprinc \
host/gingko.threeroomco.com@THREEROOMCO.COM
kadmin.local:
addprinc \
telnet/gingko.threeroom.com@THREEROOMCO.COM
kadmin.local:
ktadd -k gingko.keytab \
host/gingko.threeroomco.com telnet/gingko.threeroomco.com
gingko. keytab, , /etc , , krb5 . keytab. ,

162

II.

, ,
scp. ,
, root,
.
, . ktadd -k gingko. keytab;
. , ; , ,
Kerberos.


, Kerberos
, , , Telnet FTP, shell, exec login.
. , inetd, /etc/inetd. conf
:
klogin
stream tcp nowait root
root /usr/kerberos/sbin/klogind \
klogind -k -c
eklogin stream tcp nowait root /usr/kerberos/sbin/klogind \
klogind -k -c -e
kshell stream tcp nowait root /usr/kerberos/sbin/kshd \
kshd -k -c -A
ftp
stream , tcp nowait root / u s r / k e r b e r o s / s b i n / f t p d \
ftpd -a
telnet stream tcp nowait root /usr/kerberos/sbin/telnetd \
telnetd -a valid
.
, Kerberos,
. . , .

Kerberos
Kerberos, .
_@ _, kadmin
kadmin. local. , Kerberos. ,
, . ,
. , Kerberos
,
.

6. Kerberos

163

Kerberos
, Kerberos .
. ,
:
Kerberos. , - Kerberos ;
Kerberos , .

Kerberos
Kerberos ,
Kerberos. .
kinit. .
"" Kerberos; kinit Kerberos . kinit
KDC . ,
Kerberos.
;
, . ,
, . kinit minerva@PANGAEA.EDU. kinit .
, ,
kinit.
klist. ( ),
, .
kinit , klist .
kpasswd. kpasswd Kerberos; Kerberos.
passwd.
kpasswd .
kdestroy. .
,
, Kerberos.
,
kdestroy. ,
.

kdestroy .logout, . xinitrc


, . (
) kdestroy .

164

II.

? kinit kdestroy
. , klist. :
$ kinit
Password for fluffy@THREEROOMCO.COM:
$ klist
Ticket cache: FILE:/tmp/krb5cc_500
Default principal: fluffy@THREEROOMCO.COM
Valid starting
10/09/02 14:38:57

Expires
10/10/02 00:38:57

Service principal
krbtgt/THREEROOMCO.COM@\
THREEROOMCO.COM

Kerberos 4 ticket cache: /tmp/tkt500


klist: You have no tickets cached
$ kpasswd
Password for fluffy@THREEROOMCO.COM:
Enter new password:
Enter it again:
Password changed.
$ kdestroy
$ klist
klist: No credentials cache f i l e found (ticket cache
FILE:/tmp/krb5cc_500)
Kerberos 4 ticket cache: /tmp/tkt500
klist: You have no tickets cached
kinit, , , klist krbtgt. klist
;
( ).
klist ,
. ,
. kinit, , ,
. kdestroy .


-, Kerberos, ,
, .
- ,
. Kerberos
. , -

6. Kerberos

165

telnet,
. .
telnet. telnet, Kerberos,
telnet .
telnet _,
. , - ( ) -f
( ).
rlogin. rlogin ( 13).
,
Kerberos, -f. , telnet - -f.
ftp.
Kerberos, ( ,
<Enter>).
ftp, Kerberos, ,
Kerberos. Kerberos,
.
rsh. , , telnet, rlogin
. ,
-f.
rep. ; Kerberos.
. , Kerberos V5. . , ,
Kerberos , .

, ,
. , Kerberos.
Kerberos (, ,
), .
Kerberos, , Kerberos.
-,

166

II.

. ,
Internet . ,
Telnet, su , , ,
root.
. ksu, .
Kerberos, , /usr/local/bin (, , /usr/local/sbin).
, , . , Kerberos Red Hat /usr/kerberos/bin.
, , , , PATH,
, . ( PATH /etc/profile,
, Bash, . bashrc.

Kerberos
Kerberos ,
. , : ,
Kerberos ( kinit). ,
. Kerberos :
login. krb5 ksu. . -, Linux Kerberos. ,
.
login. krb5 f kinit , root.
kinit , login. krb5, ,
.
root .
, login. krb5,
. .

Kerberos
Linux
getty ( getty mingetty, mgetty vgetty). /etc/inittab,
/bin/login. , Telnet,
/bin/login. login. krb5, -

6. Kerberos

167

/bin/login. , . ,
:
# mv /bin/login /bin/login-original
# /usr/kerberos/sbin/login.krb5 /bin/login
login. krb5, /bin/login. login
Kerberos. , kin it.
/etc/passwd, ,
,
Kerberos. ,
Kerberos. , ,
/bin/login, SSH.


su . Kerberos
ksu,
.
.
, ksu, (
/etc/krb5 . keytab).
ksu SUID, , , , root. Kerberos ,
( chmod a+s /usr/
kerberos/bin/ksu).
, , ,
.
. kSlogin . kSusers. .
,
. ksu
, ( ,
,
Telnet). .kSlogin . , Kerberos.
. kSusers ;
, .

168

Kerberos, , . *.
, minerva@THREEROOMCO.COM /bin/Is /usr/bin/zip.
minerva@THREEROOMCO.COM /bin/Is / u s r / b i n / z i p
ksu su ,
, .
. kSlogin . kSusers , .
.
, .
,
- _. , , /bin/
Is f l u f f y , f l u f f y -e /bin/Is.


login su ,
Kerberos, , ,
. ,
Kerberos. , , Kerberos;
vlock xscreensaver (
, ,
, , ). Kerberos,
,
Kerberos.
(Pluggable Authentication Module )
Linux.
, (, FTP, login, ,
X Window), ,
, (/etc/passwd, /etc/shadow
Linux).
. , ,
, , , .
. Kerberos ,
Kerberos . , .

6. Kerberos

169

Kerberos . , ,
, , Kerberos. ,
Kerberos. , ,
FTP-,
Kerberos. , ,
,
.

Linux ,
Linux, .
, .
(Derrik Brashier). Kerberos V4. f t p : / / f t p .
dementia.org/pub/pam/; , , pam_krb4. (
1998 .).
, .
(Frank Cusack). , MIT Kerberos V5 Heimdal, http: / /www. nectar. com/zope/krb/.
; Solaris,
Linux.
(Curtis King). f t p :
/ / f t p . dementia.org/pub/pam/; pam_krb5-l .1.3. tar .gz.
, .
Red Hat. Kerberos V5 Red Hat pam_krb5.
RPM,
Red Hat .
, ,
.
Debian. Debian Kerberos V5 Heimdal Iibpam-krb5
libpam-heimdal. Web- Debian , , http: / / f t p . nl. debian.
org/debian/pool/non-US/main/libp/libpam-krb5/ h t t p : / / f t p .
nl.debian.org/debian/pool/non-US/main/libp/libpam-heimdal/.
Kerberos ,
.

170

II.

,
/lib/security /usr/lib/security. Red Hat pam_krb5 . so pam_krb5af s . so.
,
/etc/pam.d.
, . , /etc/pam.d/login
login .
( ) , Kerberos. , Red Hat, .
/usr/share/doc/pam_krb5-BepcHH/pam.d, . ,
/etc/pam.d. , ,
.
login. login.
Kerberos, login. krb5
login.
gdm. GNOME Display Manager, GDM, . ( GDM
14.)
xdm. , , X Display Manager, XDM. XDM
Display Manager. ,
Kerberos
, Mandrake .
su sudo. su, ,
. ksu
, Kerberos, , su. sudo sudo.
passwd. , ,
passwd, .
vlock. vlock , . , .
,
vlock .
xlock xscreensaver. X Window (. . , vlock).
xscreensaver , .

6. Kerberos

171

, Kerberos; . - Kerberos,
. , FTP-, /etc/pam.d/ftp. KDC, ;
, , ,
.
,
Kerberos . ,
, : auth ( ), account
( ), password ( ) session ( ). 6.4 gdm,
Kerberos Red Hat.

6.4. Kerberos
_____
auth
required
auth
sufficient
nullok likeauth
auth
required
account

required

password
required
password
required
nullok use_authtok
session
session
session

^w
^

required
optional
optional

/lib/security/pam_nologin.so
/lib/security/pam_unix.so shadow md5 \
/Iib/security/pam_krb5.so use_first_pass
/lib/security/pam_unix.so
/lib/security/pam_cracklib.so
/lib/security/pam_unix.so shadow md5 \
/lib/security/pam_unix.so
/Iib/security/pam_krb5.so
/lib/security/pam_console.so

-, 6.4. ,
para_krb5 . so, .

auth session,
Kerberos
. auth use_f irst_pass, Kerberos ,
. kinit, . , . , ,

172

II.

password, :
password
required
/Iib/security/pam_krb5.so use_authtok
, password passwd,
, .
session,
. , , xscreensaver linuxconf ; ,
.
, /etc/pam.d. , ,
pam_krb5.so, ,
pam__pwdb. so, . pam_pwdb. so
, , ,
Kerberos. , , , ,
Kerberos, ,
. password ,
passwd,
.
; . , ,
, , .
,
.
, GDM, .

Kerberos , .
, ,
Kerberos . Kerberos, ,
,
. , , , . .

6. Kerberos

173

Kerberos, Linux; , .
Kerberos,
Kerberos. (key distribution center );
. .
,
Kerberos
. .

7


Samba

1990-
Linux.
, Linux , .
Windows,
, Windows, Linux-, . . ,
. Samba ,
8MB (Server Message Block ), CIFS (Common Internet Filesystem
). SMB/CIFS ,
NetBIOS (
, ,
Windows). , Samba Linux ,
Windows. Samba , ,
.
, Samba
, Samba. ,
Samba , NetBIOS;
, NetBIOS. Samba,
, ; , .
Samba, -

7. Samba

175

,
.
Samba , . , Samba
, . ; , man smb.conf. ,
Samba, , , Linux Samba Server Administration (Sybex,
2001), (Eckstein) - (Collier-Brown) Using Samba (O'Reilly, 1999).

Samba
Samba , ,
. ,
. ,
, , , ,
.
. .
, ,
. .
NetBIOS SMB/CIFS DOS
Windows, , Samba ,
. Samba
DOS Windows. , ,
DOS Windows ; FILE. TXT, f i l e . txt
File.txt . Linux, , . Windows Linux, Samba
. , SMB/CIFS
DOS Windows,
. ,
, , .
Linux , Samba .
,
OS/2, Samba .
Samba ,
DOS, Windows, OS/2 , SMB/CIFS. UNIX, Macintosh, BeOS
SMB/CIFS. ,
. Linux -

176

II.

( , Linux NFS,
8), Samba . SMB/CIFS (
) NFS ( IP-, ).

Samba
Samba , Samba (
, Samba ).
, ,
. , , .
, , NetBIOS.

Samba
Samba smb. conf. Linux : /etc, /etc/samba
/etc/samba.d. Linux,
smb. conf #. , . ,
:

[__]
,
, . . ,
, ,
. [global].
, , ,
[global].
Samba ,
:
=
Samba ,
, , .
, Linux, .
; Yes, True 1
( No, False 0).

Samba
NetBIOS , ,
. , harding.threeroomco.com

7. Samba

177

BILLY, USPRES.
TCP/IP NetBIOS,
. NetBIOS
: . ( NetBIOS
.) Samba
, .
^^
NetBIOS .
^ \ .
, , , .
; . , Samba, (
).

workgroup:
workgroup = USPRES
,
USPRES. ,
, Windows, . , Samba
Network Neighborhood My Network Places. Samba.
Samba NetBIOS TCP/IP . , harding.
threeroomco. com Samba NetBIOS- HARDING. netbios name. netbios aliases
NetBIOS. , ,
BILLY, WILLIAM.
netbios name = BILLY
netbios aliases = WILLIAM

, , , NetBIOS, .
.


SMB/CIFS
. ,
, . SMB/CIFS . SMB/CIFS
, Linux. SMB/CIFS ,

178

Linux, Samba . smbpasswd, .


Windows, Windows 95 OSR2 Windows NT 4.0 SP3,
. Samba
, Windows .
, Samba,
Windows. Samba,
, ,
.
encrypt passwords.
Samba
smbpasswd, Yes . smbpasswd, :
# smbpasswd - _
smbpasswd ( ). smbpasswd
, smbpasswd . smbpasswd
, smbpasswd . ,
.
hosts allow hosts
deny. /etc/hosts .allow /etc/hosts .deny
TCPWrappers, 4. , , ,
. ,
192.168.7.0/24 algernon.
pangaea.edu.
hosts allow = 1 9 2 . 1 6 8 . 7 . algernon.pangaea.edu

Samba NetBIOS,
. ,

, Samba". , ,
Samba .
v

Samba NetBIOS
NetBIOS .
NetBIOS TCP/IP ; .
TCP/IP. ; Windows 2000, Windows XP Samba .
, NetBIOS.

7. Samba

179

Imhosts.
IP- , Imhosts
, /etc/hosts Linux.
.
, . ,
,
. . , , ,
.
WINS-. NBNS (NetBIOS Name Service NetBIOS),
WINS (Windows Internet Name Service
Internet- Windows), IP.
Samba WINS-,
[global] smb. conf :
wins support = Yes
WINS- (
). NetBIOS ,
WINS-. WINS- , . Windows
TCP/IP Properties, . 7.1. Use
DHCP for WINS Resolution, Windows DHCP. ( DHCP- 5.)
Samba NetBIOS WINS-,
smb. conf : wins server name resolve
order. IP- WINS-. ,
. Samba , name resolve order. (
host beast TCP/IP ,
NetBIOS.)
.
wins server = 192.168.1.1
name resolve order = wins Imhosts host beast
WINS- .
, , ,
. ( NetBIOS-
. . Samba
.)

180

II.

. 7.1. TCP/IP Properties Windows WINS-

Samba
Network Neighborhood My Network Places.
Web-. ,
SMB/CIFS, NetBIOS (. 7.2).
, SMB/CIFS. ,
.
, , .
, ,
, .
Windows. ,
?
NetBIOS
(local master browser). SMB/CIFS, , SMB/CIFS
. , , ,
,
. .
, .
.
NetBIOS ,
(domain master browser)

7. Samba

Ed*

Vie

ftmnes

181

Tod! Mel

iS X

Desktop
My Documents
- My Computer
g-IP My Network Places
a Entire Network
"^a Computers Near Me
+ ^ Louswu
SJNessus
-- Speaker
backup
cd-create
mounts
J CJ nettegon
office97
rodsmith
J wnprags
' ^ rodsmith on speaker

backup

cd-create

cd-print

hp4000-ps

lexmark

mounts

office??

pdf-create

raw

netlogon

. 7.2. Windows
, ,
,

, , .
,
( ) .
.
. (election),
, , . . ,
; , ,
. , Samba
"", . (
) , Samba ,
.
Samba , , .
[global] :
browse list = Yes
local master = Yes
preferred master = Yes
os level = 65

182

II.

browse list , Samba


, .
Yes , . local master
Yes. Samba , ,
. Yes preferred master,
,
, . No.
Samba, Yes preferred master
.
. os level , . ,
. os level = 65
Windows (
Windows Me Windows 2000), Samba,
os level. , Samba ,
os level, 0.
Samba , -, ,
, -, domain master = Yes.
.
. , (Samba Windows) .
, ,
domain master .

Samba
, NetBIOS ,
. ,
. , , . ,
, . ,
, , .
.
. , Windows. ,
. ,
.

7. Samba

183

NetBIOS:
(primary domain controller PDC) (backup domain controller ). PDC ,
BDC. Samba ,
.
Samba ,
[global] smb. conf :
security = User
encrypt passwords = Yes
domain logons = Yes
security , Linux. ( Samba 2.0.0 .)
encrypt passwords .
. , , domain logons. domain logons
Yes, Samba ,
smbpasswd.
Windows WINS. Samba.
workgroup,
smb. conf.
Windows NT, 2000 ,
. -, , Samba, 2.2.0,
Windows NT, , 2.2.1 ,
Windows Windows 2000 Service Pack 2 (SP2). Samba 2.2.0
, NT/2000
Windows NT 4.0. , Samba. -, Samba NT/2000/XP Linux ,
(trust account). , :
# groupadd -r trust
# useradd -r -g trust -d /dev/null -s /dev/null client$
# smbpasswd -a -m client
groupadd ;
. (
, .
.) useradd
NetBIOS CLIENT. $
. smbpasswd client smbpasswd.
$. Windows NT/2000/XP
, ;
Samba.

184

II.

rlogon vaJdafa

\vlren you ba on.


OTieWndowiNTdotnen
RINDWORLD

Cancel

. 7.. Windows

.
. Windows 9x/Me
Network Microsoft Networks Properties.
Client for Microsoft Networks Properties, . 7.3. Log On to Windows NT Domain .
Windows 2000, My Computer Properties, System
Properties. Network Identification Properties.
. , , .


Samba
WINS , Samba . Samba
, ,
smb.conf [global].
, ,
.

7. Samba

185


Samba, , :
[sample]
path = /home/samba/shared-dir
browseable = Yes
read only = No
[sample].
Windows (. . 7.2) SAMPLE. /home/samba/shared-dir.
SAMPLE, . browseable = Yes , browseable . Yes browseable
, . (
, browseable = No,
. ,
, , Address
.) Samba ,
; . , , read only = No
: writeable = Yes write ok = Yes.
, , , Linux. Samba
(, , ).
Samba , .
, Samba , [homes ].
[homes ], Samba
.
path . Samba
, .
,
(, rodsmith, . 7.2).
browseable = No, [homes] , .
[homes] smb.conf. ,
, , , Samba . (
, ,
.)
Samba, , , [homes] .

186

II.

, , , [global].
, .

Windows
Linux Windows .
, Windows, DOS,
Samba , DOS- , Windows. , Windows
DOS Samba :
Linux , DOS Windows.
Linux Windows
, Linux , . . FILE. TXT,
file. txt File. txt ;
. , , .
Linux, Windows ,
, , ,
. DOS
; ,
.
case sensitive, , ,
Samba .
No , Samba
Windows DOS. , Samba
, , . .
Windows. , . , sensitive = Yes,
Windows . , , Samba. sensitive = Yes ,
, , Linux,
.
preserve case short preserve case ,
Samba . Yes, Samba ,
. No Samba .
default case. Lower, Upper.
preserve case ,
short preserve case. ( , DOS, . . 8
3 ;
8.3.) DOS-,

7. Samba

187

short preserve case = No. Linux


, DOS-
.
SMB/CIFS 8.3 , .
, DOS 16- Windows. Linux , Samba
8.3. mangled names = Yes (
' ) 8.3; mangled names = No,
.


Linux , UNIX. SMB/CIFS
-. SMB/CIFS
, , , ,
Samba Linux. , Samba
Linux, Samba . Samba . , force user force group
Samba , , ,
. :
[jekyl]
path = /home/samba/jekyl
read only = No
force user = hyde
, , , , Linux
hyde. muriel
, hyde. To ,
henry. , Samba, , ,
Linux.
, Linux /home/samba/jekyl.
, hyde. force group, ,
.
, force
user, .
force user force group
Samba. , , ,

188

II.

.
force user; , , ,
, .
. , , ,
.
Linux, SMB/CIFS ,
, , . Samba DOS Windows 9x/Me,
. , , . create mask
directory mask, .
- ; ,
, Samba. create mask
0744, directory mask 0755.
, .
-, ,
DOS, ,
.
DOS Windows , Linux. Samba ,
. Samba ,
.
.
map archive. Yes (
), DOS , . DOS Windows
, . ,
Samba, .
,
create mask, .
map system. Yes,
DOS , . No, . .
. DOS Windows . ,
Samba, .
map hidden. Yes,
DOS , Linux .
No. DOS Windows , ,

7. Samba

189

,
, .
Samba Linux,
. Linux , DOS .
, , hide dot
files = No.
create mask, ,
map archive, map system hidden.
map system hidden, create mask,
.
Windows NT/2000/XP ,
Windows 9x/Me. Windows NT/2000/XP ACL (Access Control Lists
), . Samba
, Linux Windows ACL.
Samba , Windows NT/2000/XP.
ACL nt acl support; Yes.
Windows NT/2000/XP Linux, No.

DOS Windows 9x/Me ,


. , ,
create mask
directory mask. ACL ,
, .


Samba . hosts allow hosts deny
, , , . Samba
.
valid users invalid users.
, . valid users,
, . , . ,
invalid users " ". ,
, ,
.
valid users invalid users,
write list read list. ,

190

II.

. ,
. ,
, . ,
. write list.

:

[control]
path = /home/samba/control
read only = Yes
invalid users = thomas susan
write list = gertrude henry
. (thomas susan) ,
gertrude henry , .


Samba
, , , , .
,
. . ,
, . , ,
, .
, , .
, ,
, Windows-.
Linux, ,
.
PostScript- , .
^^
^^

, ,
Linux. ( Ghostscript,
Samba.)



, printable = Yes print
ok = Yes ( ). ,

7. Samba

191

, ( Linux, /var/spool/
Ipd). /trap, Linux /var/spool/samba.
,
, . , chmod 1777 / chmod o+t
/. ( 1777 .
, .)
. .

[laser]

comment = Laser printer in Room 7


path = /var/spool/samba
printable = Yes

comment LASER. ( .)
,
laser. ,
name. , , name = lp
, 1.
Linux .
BSD, LPRng CUPS
(Common Unix Printing System UNIX) . ,
Samba.
printing, . BSD, LPRng CUPS (
Linux ). Samba
Linux, , , . Linux ,
print command,
, Samba . %s , .
. print command
Samba .
,
.
,
, .
[printers]. Samba
/etc/printcap
. [homes], [printers]
browseable = No, PRINTERS - Windows. Yes,
.

192

II.

PostScript-
.
Samba;
. Windows ,
. , , , Samba, , . Windows,
Linux ,
PostScript. , , .
PostScript- , .
.
Windows Samba , PostScript, , , .
, , PostScript- Windows, Samba , .
.
Samba, , , .
Samba , PostScript. PostScript-
. PostScript

. , PostScript, . ,
PostScript-,
.
,
| PostScript, , Windows.

, PostScript.
, PostScript-.
PostScript Adobe (http://www.adobe.com). ,
, PostScript . ,
PostScript Hewlett Packard Lexmark. PostScript ,
.
Samba ,
PostScript, Adobe,
, .

7. Samba

193

(^^
Then jetting hava teen chwun to **(*>!(.1 should not change ,
unlttijiaufiaveipedliewasoiwlodaw.' ^, ^, ~
-PeS$ipHa>jiiaje j^|-^--x^
r Bitmap comptMsbn'f

Uwft6a(!tl*V*r2<IW

D*lefiftat- -,*.~~-*-~~~~~~~-~
f 6&4

" ' " ' ,

. 7.4. <Ctrl+D> Linux,

PostScript,
PostScript- Windows.
, . ( Adobe PostScript, ,
PostScript-, Adobe.)
PostScript, Samba ; .
.
,
, PostScript-, Windows,
<Ctrl+D>. PostScript- , Linux.
, , PostScript. <Ctrl+D>,
, ASCII-. ASCII-
PostScript-, PostScript-.
PostScript-. .
Windows,
<Ctrl+D>. Properties
, Advanced Send CTRL+D Before Job. ( Send CTRL+D After
Job .)
, PostScript-
, .
, Windows-
.
, -
<Ctrl+D>, postscript = Yes.

194

II.

Samba PostScript- .
, PostScript,
<Ctrl+D>. , Windows-.
, ,
, .

,
PostScript
Samba , PostScript. PostScript-
Linux PostScript , . ,
,
, Linux (raw queue). , , .
,
Samba.

Ghostscript
, , PostScript, Linux- PostScript-.
, , , Ghostscript. Ghostscript ( h t t p : / / w w w . c s . w i s c . e d u /
~ghost/) PostScript-, , . GNU- Ghostscript, , Linux. -
Ghostscript, Ghostscript Aladdin. Ghostscript , http: / /www. linuxprinting.
org/printer_list.cgi.
Linux, Ghostscript, , . ,
, PostScript-,
Ghostscript. ,
, . PostScript-
( Samba
). Windows- PostScript ( Apple LaserWriter,
QMS magicolor). , <Ctrl+D>, , PostScript.

7. Samba

195

PostScript- Windows PostScript- ,


. %% [ LastPage ] %%.
, , Windows. . ,
Ghostscript, , gs,
>/dev/null. Ghostscript /dev/nUll. Caldera
/var/spool/lpd/uMtf_ovepedu/printf liter. Red Hat,
Mandrake TurboLinux / u s r / l i b / r h s / r h s - p r i n t f i l t e r s /
ps-to-printer.fpi.

, PostScript-
, , PostScript, Linux , ,
. Linux
, , . , ,
, (raw
queue).
,
/etc/printcap ( , BSD LPRng). ,
if= if.
Linux, ,
. .
Ip|hp4000|raw:\
:lp=/dev/lpO:\
:sd=/var/spool/lpd/lp:\
:mx#0:\
:sh:\
:if=:
: lp, hp4000 raw.
/dev/lpO,
/var/spool/lpd/lp. (,
Samba. Samba,
/var/spool/lpd/lp.) #0
, a sh . if=
, .
, , postscript . ,
No. PostScript
, .

196

II.


, Samba, ,
PostScript, , PostScript- ,
. , , .
, , , PostScript,
. ( Linux, [printers] .) ,
.
,
. , .
Ghostscript Linux PostScript- ,
. , .
, , . Linux ,
. ,
, .
, . , Samba, ,
. ,
Ghostscript
.
, .
, ,
PostScript .
,
PostScript-, . Ghostscript, .
Ghostscript ,
.
.
Ghostscript;
,
Linux. , Ghostscript .
, PostScript- (, ,
), EPS (Encapsulated PostScript).

7. Samba

197

, Ghostscript PostScript-,
. Ghostscript ,
, . .
.

. Ghostscript, .
Linux . ,
.
, . , , ,
.
, , Ghostscript , . ,
.
, .
, , Ghostscript,
.

Samba
Samba
. ,
. Samba
,
. postexec
, .

postexec
Samba postexec, . ,
, , postexec, . , ,
Samba billy@harding. threeroomco. com,
:
= mail -s "Share being used" \
billySharding.threeroomco.com

198

II.

, Samba
billy@harding.threeroomco.com. Subject
"Share being used", , .
postexec, , , . Windows- SMB/CIFS, ,
, , Network Neighborhood My Network Places,
.
postexec root
preexec root postexec. , , root root postexec,
root. , , . , .
, ,
.
Samba , . 7.1.
postexec , , , , . . ( ,
. 7.1,
.)
postexec , , . , ,
, , Windows,
Linux, . , postexec
; .
postexec
. ( Samba ,
, follow symlinks = No.)
, postexec
. ,
- .
, , Samba .
, , ,
.

7. Samba

199

7.1. , Samba

%d
%g
%G
%h
%
%1
%j
%L
%
%
%N
%
%
%R
%s
%S
%
%
%U
%v

. : OS2
(OS/2), Samba, UNKNOWN, WfWg (DOS Windows for Workgroups), Win2K,
Win95 (Windows 95 98) WinNT

, , %
, , %U
( TCP/IP)
, %
IP-

NetBIOS-
NetBIOS-
( TCP/IP)
NIS
, ,
,
SMB/CIFS. : CORE, COREPLUS,
LANMAN1, LANMAN2 NT 1
,


UNIX
, UNIX (
, %)
Samba

. ,
/etc, , postex.ec,
/etc .
,
.
, . Windows-, Samba,
.
, .

200

II.

,
Windows .
. (, ) ,
. ,
postexec, .
postexec,

.
.
, . max connections.
, max connections = 1.
, Network Neighborhood My Network Places
.


print
command, .
, , . print command PostScript- ,
. ,
, Windows. , print command.
Linux PostScript-
Windows. Windows-, ,
Respond (http: //www.boerde.de/~horstf/) .
PostScript- , , PDF- . print command
.
, PostScript.
Linux, ,
print command . ,

7. Samba

201

, ,
.
Linux, , ,
postexec. ,
.
.
postexec, print command
, . , , ,
force user .
print command , . 7.1 ( , %s,
, postexec ).
% , ; ,
, .
print command
postexec. , postexec .
, ,
print command, . ,

.

Linux
-
Samba
-. , , . ,
, -.
-. ,
Samba,
Linux -. . -,
. -,
, .
Samba
.

202

II.

postexec
-
, Samba -. .
- postexec .
1. .
2. , -.
3. mkisof s .
4. - cdrecord .
5. , .
, , :
[cd-create]
path = /home/samba/cd-create
create mask = 0666
directory mask = 0777
read only = No
max connections = 1
= /bin/rm -r %P/*
postexec = /usr/local/bin/create-cd %H %P %U
. Samba. 3-5 /usr/local/bin/
create-cd, . 7.1.
7.1. , -
#!/bin/sh
# $1 - ,
# $2 -
# $3 - ,
mkisofs -J - - $l/image.iso $2
cdrecord speed=2 dev=4,0 $l/image.iso
mail -s "CD-R creation finished" $3
rm $l/image.iso
rm -r $2/*
.
create-cd /usr/local/bin.
, , ,

7. Samba

203

( chmod + /usr/
local/bin/create-cd). mkisof s cdrecord .
Samba [ cd-create ].
, , ,
, , ,
.
SUID cdrecord. chmod a+s /usr/bin/cdrecord. . , -, force group.
-: [cd-create]
postexec root postexec. ,
create-cd , cdrecord.

. Windows, Network Neighborhood My Network Places.
Map Network Drive.
.
, -,
Samba. , ,
. ,
,
My Computer
Disconnect.
, Windows . ( Windows 9x/Me) . (
) -,
, , .
, .
, , . ,
. , ,
, . , . ,
, , .
. , ,
Samba - %, .

204

-
- ,
Windows 9x/Me,
, , .
. Windows- Samba zip, , -. , ,
-.
create-cd. :
[cd-print]
path = /var/spool/samba
printable = Yes
print command = /usr/local/bin/print-cd %H %s %U %P; rm %s
, % Samba. ,
/var/spool/samba. - , 7.2.
7.2. - print command
#T/bin/sh~ ~
'
- - - - - .
# $1 - ,
# $2 - zip-
# $3 - ,
# $4 - zip-
mkdir -p $l/cdr/samba
cd $l/cdr/samba
unzip $4/$2
mkisofs -J -r -o $l/image.iso ./
cdrecord speed=2 dev=4,0 $l/image.iso
mail -s "CD-R creation finished" $3
rm $l/image.iso
rm -r $l/cdr/samba
, , , [cd-create] create-cd.
, , ,
mkisofs cdrecord , cdrecord SUID,
root. - zip-
, COPY DOS Windows.
:\> COPY FILE.ZIP\\SERVER\CD-PRINT
FILE. ZIP . , SERVER

7. Samba

205

. . ; zip .
COPY %1 \\SERVER\CD-PRINT
. . , , , MAKECD. ,
MAKECD FILE. ZIP. ,
. , - . . .
. , ,

. .
, , , .
,
. , ,
.

PDF-
PostScript- PDF-.
, , ,
PostScript-. :
[pdf-create]
comment = Create a PDF file
path = /var/spool/samba
printable = Yes
print command = gs -dNOPAUSE -q -dBATCH -sDEVICE=pdfwrite \
-sOutputFile=%H/%s.pdf %s; rm %s
\, , :
Samba ,
.
.
print command Ghostscript
(gs). -dNOPAUSE, -q -dBATCH
, . -sDEVICE=pdfwrite ,
PDF-, -sOutputFile=%H/%s .pdf
, . pdf. PDF- .
, PDF-
.

206

II.

Samba ,
.
. Samba
Linux,
. Samba ,
(, Samba
). . , ,
,
. Samba .
Samba ,
.

8

NFS

Server Message Block (SMB)/Common Internet Filesystem (CIFS), , , DOS, Windows, OS/2
. UNIX Linux, ,
. UNIX Linux , NFS (Network Filesystem ).
SMB/CIFS, NFS . 9.

NFS
, NFS UNIX
Linux.
. ,
, .
NFS ; , , . , Kerberos,
NFS .
. ""
. ,
NFS. , , NFS
, .
NFS ,
UNIX, NFS , Windows, OS/2 MacOS.

208

II.

. Linux ,
.
SMB/CIFS Linux. ,
Samba Linux ,
NFS .
UNIX Linux
Windows MacOS, NFS. ( MacOS X UNIX,
NFS ,
MacOS .)
, NFS
| . NFS ,
, .
NFS , ,
IP-. ,
IP- , , NFS, . , NFS.
,
Samba , ,
scp, SSH (Secure Shell ).

NFS Linux
1998-2002 . NFS Linux ; .
, .
NFS, Linux,
, , NFS- , ( , ) . NFS-
Linux , http: //nf s . sourcef orge. net.


NFS
. NFS Linux
. ,
. , , ,
, . (,
,

209

8. NFS

v Y

* " ; Coda ffle system support (advanced network fs)

I* n i
OK

<

Help

Provide NFSvS server support


1

Uext

frev

. 8.1. Linux , NFS

.) , , .
, NFS , .
NFS Server Support Network File Systems File Systems (. 8.1). , NFS.
, NFS, . , , knf sd,
NFS nf sd.

Linux NFS File System Support. NFS,


mount , NFS, .
NFS ,
.

NFSv2 NFSvS
, NFS . 2002 . 3 NFS, NFSv3. (
NFSv4, . NFSv4 ,
h t t p : / / w w w . n f s v 4 . o r g . ) NFSvS ( NFSv4), NFS NFSv2. To
Linux 2.2.x. NFSv3 2.2.18. ( , NFSv3.) NFSv3
, , , (
NFSv2 Linux, -

210

II.

). , NFSv3
NQNFS (Not Quite NFS) TCP ( NFSv2
UDP-). , 2002 . TCP
Linux . NFSv2 , , a NFSv3 (
) . NFSv3 Linux
. 2.4.x. 2.4.17 -
.
NFSvS, NFS , Provide
NFSvS Server Support ( NFS
Server Support). , NFSvS
Provide NFSvS Client Support. NFS , NFSvS,
NFSv2, NFSv2.
NFSvS, , , , .
nf s-utils 0.1.6
mount 2.10. ; rpm dp kg. ,
, mount, :
$ rpm -q mount
mount-2.llb-5mdk
, 2.11 mount,
NFSvS.


TCP/IP . , , , SMTP (Simple Mail
Transfer Protocol ), 25,
Web-, HTTP (Hyptertext Transfer Protocol
), 80.
, ,
. NFS , -.
NFS .
( 111)
. (NFS UDP 2049, NFSvS TCP 2049.)
RPC (Remote Procedure Call ).

8. NFS

211

portmap, . ,
. portmap
inetd, TCP Wrappers. , , .
, /etc/hosts .deny :
portmap : ALL
portmap ,
/etc/hosts . allow.
portmap : 192.168.1.
4 TCP Wrappers, ,
.
,
portmap. , ,
.
, .
IP-.
NFS- .
(
) NFS. NFS SysV ( nf s). Linux
SysV. NFS
. , ; , restart .
: /etc/re. d/init. d/nf s restart.

NFS
, NFS ,
. , ,
. ,
NFS, mount,
NFS
.


NFS /etc/exports.
, .
:
_ !() [2() [ . . . ] ]

212

II.

/home /usr/XHR6.
, . ,
, /etc /,
, , . , ,
/dev, ,
. , ,
, , /dev, ,
. , NFS,
, /dev
, . . (
, nodev, .)

. , , .
. , ,
.
.
. ,
larch larch.threeroomco.com, ,
, .
, , , .
, .
(?),
, (*), . , * . threeroomco. com
threeroomco. com. (?) (*) (.), , . ,
*.threeroomco.com mulberry.bush,
threeroomco.com.
NIS. NIS (Network Information Service ), NIS,
@.
, IP- .
, , 172.19.0.0/
255.255.0.0. , , 172.19.0.0/16. ( IP-
, .)
IP-,

8. NFS

213

DNS NIS, . IP-


,
, IP- . , IP-
, . , , ,
DHCP, 5
.

, portmap
TCP Wrappers. . . ,
. , , , ,
.
. , .
25.
Linux ;
. , Red Hat,
NFS, . ,
NFS, , 25,
.

.
.
. ; .
. .
sync async.
.
, ,
. ,
; . , NFSv2 , ,
, NFS Linux
. NFSv3 ,
. NFSv3
async, - NFS Linux
.
wdelay no_wdelay. NFS, Linux, , , , .
.

214

II.

, wdelay no_wdelay. wdelay


.


, /etc/exports,
. , NFS , ,
Samba. ,
. ,
/etc/exports, .
secure insecure. NFS ,
, 1023.
UNIX Linux root ( 1024 ).
, ,
1023 (. . insecure), , ,
. ,
, insecure .
rw. ,
rw .
knf sd, ,
, , , ,
rw. ,
.
hide nohide. , NFS /us r
, /usr/local . /usr,
/usr/local? . 2.2.x
. NFS , hide nohide. hide
, nohide . ,
hide.
.
noaccess. ,
. , ,
/home, /home/abrown.
/etc/exports /home
/home/abrown, noaccess.
/home/abrown.
subtree_check no_subtree_check. , . NFS -

8. NFS

215

, ,
, . (subtree checks) , ,
. no_subtree_check. subtree_check,
, .
, .
root_squash no_root_squash. NFS , root, .
. , ,
root .
, , ,
root, no_root_squash.
, , .
all_squash no_all_squash. ,
, .
all_squash. no_all_squash all_squash.
anonuid anongid. , , nobody. , (UID) (GID).
anonuid anongid. root, , .
PC/NFS,
.
, anonuid=504.
/etc/exports 8.1. : /usr/XllR6 /home. , , noaccess /home/abrown.
( ,
; .) /usr/XHR6
/home gingko 192.168.4.0/24,
. /usr/XHR6 , /home .
gingko /usr/XllR6
, 514, /home
.

216

II.

8.1. /etc/exports
7usr/XllR6 gingko(ro,anonuid=5047 192.168.4.0/24Tro)
/home gingko(rw,no_subtree_check) 192.168.4.0/255.255.255.0(rw)
/home/abrown (noaccess)


. mount, NFS . : ___
. , ,
/home /mnt/userf lies:
# mount larch:/home /mnt/userflies
, ,
/etc/f stab. mount,
.
nf s (
mount, , Linux ). /etc/ f stab
, mount.
larch:/home /mnt/userflies n f s defaults
, /mnt/userf lies,
/home larch.
NFS , Linux. , , , . , , , NFS .
NFS ,
,
, . , Ethernet-, NFS ,
. NFS
.
, NFS .
.
, , , NFS
. ,
. NFS
UID GID. ,
.
.

8. NFS

217

mount,
NFS
. mount .
hard. , ,
, .
.
soft. NFS , .
, ( timeo=).
nodev. ,
NFS. , , NFS
.
nosuid. SUID , .
. SUID .
.
NFS. , , NFS.
, , , NFS . ,
.
mount,
-, :
# mount - ,nodev larch:/home /mnt/userfiles
/etc/fstab, (
defaults).


: NFS ( knf sd) .
( ,
.) ,
NFS.
. rsize wsize
mount , . ,

218

II.

4096. , , : larch: /home /mnt/userfiles - rsize=8192.


/etc/ f stab ( defaults).
.
noatime mount Linux , . Linux
,
. ,
.
NFS. ,
NFS
. ,
. ,
.
,
. ,
.
RPCNFSDCOUNT=8.
,
NFS. NFS , . ,
, NFS- . NFS
. ,
. (
EIDE- DMA SCSI; SCSI , EIDE.)
NFS , , : NFS, . , , , -
. , . (
hdparm, -t.)


Linux, ,
(UID)
/etc/passwd. , (GID) /etc/group. NFS
/etc/passwd:
. , ,

8. NFS

219

UID.
.
^^
,
^ , .
, . , . ,
,
. NFS , ,
,
.
, ,
.




UID GID . ,
504,
, UID
504. GID.
, UID GID .
, , ,
.
usermod.
, , UID abrown 507 504,
:
# usermod -u 504 abrown
/etc/passwd ,
. ( ,
, .)
. ,
, .
groupmod .
usermod, -.
, GID pro j ect3 127,
:
# groupmod -g 127 projects

220

II.

UID GID , , I . ,
, ,
. ,
. , ,
/trap.
, , .
, abrown
alyson . , , , ,
alyson. NFS, ,
abrown.
, .
UID GID , , NFS.
UID, ,
, GID. Kerberos,
6. , NFS Linux
NIS; map_nis.
/etc/exports , NFS
NIS .


,
, , . ,
. 8.1. gingko
, larch .
(james) . james
, . larch, alyson , ,
gingko, , (UID, 500, larch ). ,
Jennie samuel, , ,
.
. NFS , , . 8.1.
map_static;

8. NFS

221

8.1.

alyson
james
Jennie
samuel

UID gingko
500
501
502
503

UID larch
504
501
503
502

. /etc/exports
, :
/home larch(rw,map_static=/etc/nfs/larch-map)
, , /home
larch, / e t c / n f s /
larch-map. map_static , .
larch-map 8.2. , #, . , uid, , ,
gid, . ( ) .
, UID GID,
. , 8.2 , UID 504
UID 500 . -, NFS .
.
8.2.
# larch
#

uid
0-99
#
504
500
uid
501
501
uid
503
502
uid
502
503
uid
#
0-99
gid
100-102
100
gid
. , 8.2 UID 501,
. UID , , , . 8.2 ,
UID ( 100) .
0-99. GID 100-102 GUID

222

II.

100.
, .
UID
.
, , .
; . ,
.


,
,
map_daemon.
, ugidd rpc. ugidd.
. -, ugidd . ,
, Debian. -, ugidd , . -,
,
( , /etc/hosts .allow). , , ,

nobody.

NFS , UNIX Linux. Samba, NFS


. NFS , Samba. , NFS
,


.

, Linux, BSD
UNIX. , LPD
(Line Printer Daemon ), , Windows
MacOS, . LPD
; , . LPD, ,
.
(, Ghostscript,
http: / / w w w . e s . wise. edu/~ghost/) .
LPD, , .
;
, Linux. LPD, , LPD
Linux.
: BSD LPD, LPRng
CUPS.

LPD
. - , (
). ,
, . ,
.
SMB/CIFS, (Samba).

224

II.

UNIX : NFS LPD.


LPD ; , ,
, ,
. , . , ,
( $300 ) $1500
. $1500 .
, , LPD.
LPD . ,
SMB/CIFS.
AppleTalk ( Linux Netatalk).
, : LPD,
? ,
.
? Linux , Linux .
,
, . UNIX Linux,
LPD. DOS, Windows
OS/2 SMB/CIFS. Macintosh
AppleTalk, MacOS X LPD.
?
, . , .
, , - . ,
, ,
.
.
NFS, LPD , . . ,
.
IP- . ,
, , ,
. ,
, , ,
SMB/CIFS. , UNIX Linux, , ,
, , ,

9.

225

, .
IPP (Internet Printing Protocol ),
CUPS, ,
.
,
Windows, LPD, ,
SMB/CIFS.
UNIX, Linux MacOS , SMB/CIFS, .
,
. , Linux, UNIX.
, . ,
Linux, UNIX, Windows, MacOS , Linux.
:
? Ethernet- , USB * . . ,
. , ,
, .
.

;
386. Linux - , .
,
Ghostscript, PostScript. PostScript.
USB-,
. , ,
.

Linux
UNIX Linux , , LPD. 2001 . Linux
.
BSD LPD.
Linux. Linux- ,

226

II.

9.1. Linux

Caldera OpenLinux Server 3.1
Debian GNU/Linux 2.2
Linux Mandrake 8.1
Red Hat Linux 7.2
Slackware Linux 8.0
SuSE Linux 7.3
TurboLinux 7.0

CUPS
BSD LPD

LPRng
LPRng
BSD LPD

LPRng
LPRng

LPRng,CUPS
CUPS

CUPS

BSD LPD. LPRng CUPS BSD


LPD, -. BSD LPD
;
.
LPRng. , h t t p : / / w w w . a s t a r t . c o m / l p r n g / L P R n g . h t m l ,
BSD LPD. BSD LPD
. , , . Linux
, PostScript.
Common UNIX Printing System (CUPS). CUPS
http: //www. cups . org. BSD LPD , LPRng, ,
. , CUPS,
. (
, CUPS , .) LPD, CUPS
IPP.
UNIX-
. UNIX,
SysV. BSD LPD, ,
, BSD LPD. , ,
1 1.
. 9.1 , Linux. , , ,
. , , (
4).

9.

227

^
"" "" ,

. 9.1,' . ,

Mandrake

>

, : LPRng
CUPS, Debian .
J

Linux, , ,
BSD LPD. LPRng, ,
. CUPS,
BSD LPD LPRng,
, ,
CUPS.

BSD LPD
BSD LPD : /etc/
hosts . Ipd /etc/printcap. , .
, , .
/etc/printcap , ,
,
. , , .
, . ,
Ghostscript PostScript-
, .

/etc/hosts.Ipd
BSD LPD , . .
. ,
/etc/hosts . Ipd. ,
. , IP- NIS.
@, , ,
+. + , , . -, ,
. /etc/hosts . Ipd 9.1. gingko ,
, . +@groupl NIS- groupl. oak. threeroomco. com ,
groupl.

228

II.

9.1. /etc/hosts. Ipd


gingko
birch.threeroomco.com
192.168.1.7
+@groupl
-oak.threeroomco.com
/etc/hosts . Ipd, ,
# ,
; .
/etc/hosts.Ipd /etc/hosts,
f equiv. /etc/hosts . equiv ,
; , rlogin .
; . ,
.

BSD LPD
/etc/printcap BSD LPD
(printcap printer capabilities ).
, ,
( , ,
USB-) ( LPD-
, SMB/CIFS, AppleTalk
). ,
:.
; , , \, ,
.
.
/etc/printcap
. ,
,
Ghostscript, , ,
, Linux.
, ,
. .
1. , . , lp=/dev/lpO ,
/dev/lpO ( ).
,
(, 1=).
rm. LPD. , oak,

9.

229

rm=oak. ,
; , .
( ) IP-.
. , rm.
. ,
InkJet, /etc/printcap
rp=inkjet. ,
. , ,
, InkJet 11
canon. ;
.
, ,
, 1 rm .
,
rm, , .
, , 1,
rm . , ,

. ( , ,
Ghostscript,
.)
LPD-,
. ,
, SMB/CIFS AppleTalk.
, ,
if. Samba Netatalk.

LPRng
LPRng , BSD
LPD. , LPRng
BSD LPD. LPRng /etc/printcap,
, BSD LPD.
LPRng -. ,
, LPRng ,
/etc/lpd. perms.

/etc/lpd.perms
/etc/lpd.perms .
Ipd. perms
(/var/spool/lpd/u*7_ovepedu). , , /etc/Ipd.perms
.

230

II.

Ipd. perms, . #. /etc/hosts . Ipd,


.
.
DEFAULT ACCEPT
DEFAULT REJECT

ACCEPT [ = [,]* ]*
REJECT [ = [, ]* ]*
, . .
. LPRng,
Linux, /etc/lpd.perms
DEFAULT ACCEPT. , BSD LPD
localhost, 127.0.0.1 (. . ,
). , LPRng
, ACCEPT REJECT.
ACCEPT REJECT , . ,
Key . 9.2, , . Connect . Job Spool Job
Print .
Ipq, Iprm 1 , ,
.
( , ,
).
( . 9.2 ).
, NOT. IP- ,
/ .
, , , . ,
/etc/lpd.perms:
ACCEPT SERVlCE=M SAMEHOST SAMEUSER
ACCEPT SERVICE=M SERVER REMOTEUSER=root
REJECT SERVICE=M

, Iprm . SERVICE=M, ,
Iprm.
SERVICE . 9.2. SAMEHOST
SAMEUSER, , ,
, , , .
SERVER REMOTEUSER=root. , , root, . , Iprm. (LPRng
Ipd.perms , , . ACCEPT SERVICE=M

9.2. , Ipd. perms


Key
SERVICE
USER
HOST
GROUP

IP
PORT
REMOTEUSER
REMOTEHOST
REMOTEGROUP
REMOTE IP
CONTROLLINE
PRINTER
FORWARD
SAMEHOST
SAMEUSER
SERVER

Connect
X


IP-



IP-

Job Spool
R

IP-

IP-

Job Print
P

IP-

IP-

Ipq

Iprm

IP-

IP-

IP-

IP-

IP-

232

II.

REJECT SERVICE=M, ACCEPT REJECT.)


, LPRng , .
,
,
. , LPRng
.

. (
25). ,
LPRng. ,
, ,
172.22.0.0/16, , ;
. :
ACCEPT SERVICE=X SERVER
REJECT SERVICE=X NOT REMOTEIP=172.22.0.0/16
,
, . (
, 127.0.0.1, REMOTEIP=127 . 0 . 0 . 1 SERVER ).

, .
, , , 172.22.0.0/16.
, REJECT
ACCEPT ,
.

LPRng-
/etc/printcap LPRng
BSD LPD. , , lp, rm ,
, BSD LPD, LPRng.
,
-. .
BSD LPD LPRng LPD, LPRng BSD LPD . CUPS. , CUPS
, .

CUPS
CUPS, Unix Linux, .

9.

233

BSD LPD ( LPRng),


CUPS , , Linux.
, . CUPS LPD,
LPD, , CUPS. , CUPS IPP,
HTTP, Web- . CUPS , ;
PPD (PostScript Printer
Description);
; . CUPS
,
.
CUPS :
, BSD LPD LPRng.
, CUPS;
.
, ,
KUPS (http://cups.sourceforge.net/kups/) ESP Print Pro (http://www.
easysw. com/printpro/). CUPS , Web-,
http:
//localhost:631.

CUPS
. , , ,_,

_ . , . CUPS
http: //www.cups .org/sam.html.

/etc/cups/cupsd.conf
CUPS /etc/cups/cupsd. conf. CUPS HTTP, Apache ( 20).
CUPS ,
/etc/cups/printers . conf /etc/cups/classes . conf, . Ipadmin, cupsd.conf .
cupsd. conf , , , . ,
.

234

II.

Allow. from, All


None, ( ,
), IP- IP- .
, ,
.
,
Allow. Location.
AuthClass. AuthClass Anonymous ( ), User, System Group. Anonymous , ;
BSD LPD.
. System ,
sys, SystemGroup.
Group, ,
AuthGroupName.
BrowseAddress. CUPS
, , , . BrowseAddress.
IP-, ,
192.168.23.34:631. ( 631 CUPS.)
255.255.255.255:631, . . 631.
BrowseAllow. ,
. BrowseAllow (
from
) , .
.
BrowseDeny. ,
BrowseAllow. " " .
BrowseOrder. BrowseAllow, BrowseDeny,
BrowseOrder .
BrowseOrder Allow, Deny BrowseOrder
Deny, Allow.
Browselnterval.
. 0 .
, BrowseTimeout,
.
BrowsePoll. IP- . ,
.
BrowsePort. 631,
.

9.

235

BrowseTimeout. , , CUPS .
, Browselnterval,
CUPS-.
Browsing. , On O f f , .
On.
Deny. , Allow. , . Deny Location.
HostNameLookups. Off, On
Double. Off , On , Double,
, IP-. Double
,
,
DNS. O f f ; (
DNS).
Listen. Listen,
CUPS , '. .
IP- ( 631). ,
Listen 192 .168 . 23 . 8 : 631 , 192.168.23.8. Listen
; 127.0.0.1.
Location. ; . , Location
Allow Deny, (, , ). Location, , </Location>. <Location> /admin
( ), /classes ( ),
/ j o b s ( ) /printers ().
MaxClients. MaxClients , .
, 100.
Order. ,
BrowseOrder, Allow Deny. Order

236

II.

Allow, Deny , Allow Deny, Order Deny, Allow


.
Port. CUPS 631, ,
. ,
. , Port ,
CUPS BSD LPD .
/etc/cups/cupsd.conf, CUPS, .
CUPS , . , , , , ,
172.22.0.0/16.
<Location /printers>
BrowseAllow from 127.0.0.1
BrowseAllow from 172.22.0.0/16
Allow from 127.0.0.1
Allow from 172.22.0.0/16
</Location>
Location /printers,
. , (
/admin) ( /jobs)
. CUPS, , ( 25).

BSD LPD LPRng


, /etc/
cups/cupsd. conf, , IPP.
BSD LPD, LPRng; LPD. (
IPP LPRng, .) ,
CUPS , LPD. CUPS cups-lpd.
cups-lpd , inetd xinetd ( 4). cups-lpd
/usr/lib/cups/daemon, /etc/inetd. conf :
printer stream tcp nowait Ip /usr/lib/cups/daemon/cups-lpd \
cups-lpd

9.

237

inetd xinetd, 4,
cups-lpd xinetd. CUPS
BSD LPD,
.
CUPS ,
f LPD. , /etc/cups/cupsd. conf .
CUPS ,
.

CUPS
CUPS Ipadmin, . , Web-;
Web- , ,
URL http: //localhost: 631. (
, ,
localhost ,
CUPS.) ,
.
Ipadmin.

# Ipadmin - _ - -v Ipd://./_ \
-m ppdfile.ppd
_ , ,
. , , _
. Ipd, LPD.
Ipd ipp. ( , -v
parallel: /dev/lpO .) - PPD- , CUPS .
PPD; /usr/share/cups/model.
PPD PostScript. PPD http: //www. linuxprinting. org/
driver_list. cgi. Ghostscript,
CUPS-O-Matic Generate CUPS PPD.
PPD, .
,
, , , . ,
, PPD, .

238

II.

File Edit View,, Go

Back
ii HJ$ "

Netscape: Printer on nessus.rodsbooks.com -CUPS v1.t.4


Coitimunicalor

a ,: , A ,*.

ftetoatf - Hos

Search

-a,; '

Netscape

Print ,' Security

Location; v t t p / A e s s u s 1 /printers

Administration

Classes

Help Jobs

Printers

Software

Printer
Default Destination; hpjQ

Description; HP 4000
Location: speaker.rodshooks.cam
printer State: Me accepting jobs.
Oavfe* URI; Ipdy/speaker,ractsbook,eorrv'hp40eQ'

Printer State: Me, accepting jobs.


Device URI: parallel:/dew/IpO

. 9.1. Web- CUPS ,

,
IPP. . LPD.

,
Ipadmin. .
, , -v
.
,
Web. CUPS
HTTP. Web- . 9.1. , URL , ,
631. CUPS . , Do Administration Tasks Manage Printers.
Manage Printers . 9.1.
. , hp4000,
LPD. , lexmark, . Modify Printer, ,

9.

239

, Configure Printer, , .

Linux BSD LPD, , - .


,
Linux. LPRng CUPS.
, CUPS , Web-.
,
. , , 515 631
, ( 515 631
LPD IPP). , ,
. LPRng LPD, a CUPS
IPP.

, . , , ,
. ,
, , , ( ,
).
; , . ,
. ,
,
.

, , . ,
, ,
, .
, .
.


,
. , ,
( " " , ).
, . , , ,
, ,
, , -

10.

241

.
. , Kerberos, , .
, .
, , . , , .
, , , .
, UNIX Linux,
, , .
. , .
,
, .
, ,
. ,
.

NTP
, ,
NTP (Network Time Protocol ),
RFC 1305 ( h t t p : / / w w w . i e t f . o r g / r f c / r f c l 3 0 5 . t x t ) . RFC 958, RFC 1059 RFC 1119.
, . . 2002 , NTP ^ 4,
3 . Web- NTP
http: //www. eecis . udel. edu/~ntp/.NTP
, ,
, , ; ,
, . . , . NTP
, Linux. NTP Linux,
. . ,
NTP,
, .
QV^
NTP, SNTP (Simple NTP
HA^tx NTP). SNTP , NTP.


. ,

242

II.

. . GPS (Global Positioning System


) , .
( ,
http://www.eecis.udel.edu/~ntp/hardware.html.)
,
, 0.
( , ).
, , , 1. ,
Internet, ,
. ,
1, 2 . .
( , ).
, .
.
, ,
, . . , , ,
, ,
.
NTP ( 64 ,
1024 ). NTP , , .
( ) ,
. , NTP ;
, , .
( .)
NTP ( /etc/ntp/drift,
/var/state/ntp. drift ), "" .
, NTP
.

10.

243

1000 , NTP ,
, . NTP
.
NTP ntpdate,
. ntpdate NTP.

NTP, , , . (
,
, NTP .
, .)
, , 2.
1 ,
NTP, . 3
.
NTP,
.
, NTP 3. ,
. - ,
,

1.
.
NTP (Coordinated Universal Time
UTC), (Greenwich Mean Time
GMT) . UTC GMT
. , UTC ,
. UTC , .
UTC . ,
.
, 86, ,
. Linux
, , UTC, , UTC.
Linux, UTC,
.
Linux Windows ( ,
), . ,
. , . ,

244

II.

NTP Linux ,
Linux .
hwclock -systohc -localtime;
. UTC, -localtime
-utc.

Linux
NTP Linux ntp : xntp, xntp3 xntpd. "" (experimental), ,
. , NTP 4,
. Linux 4 NTP,
3.
NTP NTP . .
ntpd. , NTP. (
xntpd.) , , , .
,
. ( .)
ntpdate. , ntpd;
. , ntpdate
. ntpdate .
ntptrace.
.
NTP, , NTP.
.
ntpq. NTP-.
.
xntpdc. NTP. , ntpq.
NTP, Linux
. rdate,
ntpdate; .
rdate ,
. ntpdate. ntpdate
, rdate
.

10.

245

ntp.conf
NTP ntp. conf, /etc. , ,
, #,
NTP. .
server [key ] [version ] [prefer].
, -"
NTP. IP-
. ntp. conf
server, NTP .
. ,
key, , ,
. , . prefer ,
.
fudge stratum . , , 127.127.1.0 ( ) 7 NTP .
,
.
d r i f t f i l e __.
, .
NTP
.
broadcast [key ] [version ] [ttl ].
, .
, (
224.0.1.1). , NTP
.
broadcastclient [yes | no]. NTP ,

NTP.
ntp. conf ,
. , HTML,
/usr/share/doc/xntp-.
ntp. conf, , . server,

246

II.

NTP. . , ,
,
. ,

2. ; http://www.eecis.udel.edu/~mills/ntp/servers.htm.
Web-,
1 2. , . ,
. , , , , "" , ,
.

NTP, ping.
, ping-
.
, , , , . ,
, .
, Internet.
, , , .
GPS , , 1.
. 127.127.0.0/16,
server. Linux. , ,
http: //www.eecis .udel. edu/~ntp/hardware .html.
ntp . conf NTP. SysV ( SysV
4). ntpdate, ntpd ,
. ntpd
, ,
.
, ntpd, .

NTP
xclock,
NTP ntpq. , .

10.

247

. . ntpq .
host 1_. ntpq , . host, NTP . , ntpq, ntpq remote.
threeroomco.com.
hostnames [yes | no]. yes, ntpq, , (
). ,
IP-. -,
ntpq.
ntpversion _. NTP, NTP.
quit. ntpq .
peers. . , .
host,
, ntp. conf. , ,
, , ; ;
;
, ; , .
, , , . + ,
,
; * ,
; " " ,
. , ntpq , .
peers Ipeers ( ) opeers ( ,
).
associations.
. IP-,
, .
lassociations,passociations Ipassociations.
readvar _ _.
. . readvar rv, a mreadvar .

248

II.

ntpq> peers
remote
LOCAL(0)
*cs.calunb1a.edu
caesar.cs.1sc.
ns2.D03.pnap.ne
ntpq> |

refid

st t when poll reach

LOCAL(0)
71
clepsydra.dec. 2 a
ben.cs.n1sc.edu 2 u
navobsl.nustl.e 2 u

47
64 377
638 1024 377
578 1024 377
582 1024 377

delay
0.000
52.667
54.510
60.646

offset

jitter

0.000
-22.793
-24.900
-17.340

0.000
3.686
4.793
4.289

. 10.1. ntpq
NTP-

readlist _. readvar, .
readlist rl, a mreadlist
.
pstatus _. pstatus
. readlist.
writevar _ _. . ,
.
ntpq NTP . ,
. . 10.1 ntpq;
, NTP . ntpq ntpd,
, ( ). , ,
. 10.1. + *
, , ,
. , .
, , ,
, .
, ,
ntpq . , ' - IP-
. (
.
, .)
ntpd
, . , ping? He NTP? (,
UDP, 123.) -

10.

249

? ( ,
.)


, . , 100 100 .
, , .
, .
. -, ,
, . , , 100
100,1 ,
. -, , .
, ,
, . .
'.,''.
,
. , ( "") ( 86
0). ,
, . . "" .
"" , . , , . ( Linux . , Real-Time Linux;
http://fsnuabs.cora/conanunity/.) . :
, Enhanced/.Real Time Clock
.Character, Devices.
,_ ; -. '",-. '
'i,,;/-.-
.' f. - , , . - , . ' - , . _ .
""4 ,
,
. . .
-/, "" / . NTP "",
. , NTP ,

; ' ;_}.
'.,

NTP
,
NTP,

250

II.

, , NTP, .
, , NTP-,
. ntpd,
, , .
NTP. ,
NTP,
, Internet.
NTP .

, ntpd.
UTC . , ntpd
"" . , , , , ,
. , ntpd
.
, "" ( ),
, , Internet. ntpd
ntpdate.
rdate, ntpdate .
NTP
ntpd. ,
ntpdate. NTP
ntpdate . NTP 4
ntpdate.
ntpdate, , .
, . .
-. ntpdate .
,
; ,
. . . ,
, .
-. ,
.
- . NTP
.
- __. ntpdate
, .

10.

251

(
1 8).
-q. -q ,
. , ;
.
-s.
.
-. ntpdate
123.
( 1024).
.
ntpdate , , , , .

-q, ntpdate ,
.
ntpdate
. ntpdate ,
, , , .
ntpdate NTP- ntpd.
,
| ntpdate . -
, , .
ntpdate , 1:23 3:48.
,
,
.

Samba

, NTP ,
Linux. NTP, . SMB/CIFS,
. ( Samba
7.) NTP ,
Samba, , Samba ,

252

II.

NTP Windows-. (Samba


, SMB/CIFS, Windows.)


Samba
, smb. conf, Samba, ,
. [global]
, , . , time server,
. smb. conf :
time server = Yes
, Samba SMB/CIFS .
, ntpdate, rdate . , ,
Samba ,
.
^^
SMB/CIFS ,
^ NTP.
Windows- .

Windows-


Windows, :
:\> NET TI\\SERVER /SET /YES

SERVER NetBIOS- Samba. ntpdate Linux, .


, ,
. . (
, , SETTIME.BAT) Startup.
, , . ( AUTOEXEC. BAT ,
.)
Windows 2000 NTP. NET TIME /SETSNTP:NTP_cepsep
NTP_cepeep. NTP,
.

10.

253


, , ,
, .
, - . , , NTP. , NTP ( ntpd xntpd),
, NTP. NTP
3, 2 ( NTP
1 ).
3 ntpd ntpdate. NTP
, GPS.

- rdate SMB/CIFS, Samba.
NET Windows. NET Windows,
NTP.

11
:
POP IMAP

Internet. . , , , . Linux .
, .
.
,
. (
SMTP 19.) . ,
, ,
.
0^.
HA"^?\

19, , , , ,
, . SMTP Linux, Linux
.
, ,
, , 19.

, .
Linux .
Fetchmail, ,
, .

11. : POP IMAP

255


, . , Linux,
, , . : " , ?" .
.
Linux-, pine, mutt KMail. ,
. , Telnet, SSH (Secure Shell )
X Window. ( 13 14.)
, ,
, . .
.
,
.
, UNIX ,
. , Windows
MacOS. Linux
, X Window. Windows
MacOS. , , Windows MacOS, .
.
IP- , . ,
, .
, ,
.
, , , .

. ,

.

256

II.

POP IMAP
.
,

.
: POP (Post Office Protocol ) IMAP
(Internet Message Access Protocol Internet). , ,
.
. ,
, .


,
. ,
, , . ,
, ( , )
.
.
, (relay). , , . ,
,
. ,
, sammy@threeroomco.com. DNS, ,
mail.threeroomco.com. , , , gingko. threeroomco. com.
, , larch.threeroomco.com.
(,
trilobite.pangaea.edu). (, franklin.pangaea.edu). ,
, (
osgood.pangaea.edu). . , , . 11.1.
SMTP (Simple Mail Transfer Protocol ). , - ,
trilobite.pangaea.edu gingko.threeroomco.com.
gingko. threeroomco. com, , -

257

11. : POP IMAP


trilobite.pangea.edu

franklin.pangea.edu

SMTP

osgood.pangea.edu

SMTP

SMTP

larch.threeroomco.com

ginko.threeroomco.com

mail.threeroomco.com

. 11.1.
, .
,

,
, (
larch. threeroomco. com) . ,
,
, . POP, .
. 11.1 . (
, ). ,
, . 11.1. ,
. . ,
, , , , , , ,
. ,
,
, .
, . , SMTP .
, . , . . , franklin.pangaea.edu SMTP, , -

258

II.

ponyexpress.pangaea.edu (POP ).
ponyexpress.pangaea.edu SMTP, .

, , , , ,
. - ,
. ,
, . ,
.
. , ,
POP . ,
POP ,
POP
.
. "" . ,
,
, . IMAP
(, , ),
.
POP ,
.

, POP, .
, ,
, . ,
,
. ,

, POP, ,
, POP.

POP
POP .
-3, TCP-
110. ( -2 109.) , Internet, POP-

11. : POP IMAP

259

. -3 . USER ( ), PASS
( ), RETR ( ), DELE ( ) QUIT
( ). POP-, , 11.1.
-3
telnet.
.
11.1. -3
$ telnet nessus 110
Trying 192.168.1.3. ..
Connected to nessus.rodsbooks.com.
Escape character is 'A]'.
+OK POPS nessus.rodsbooks.com v7.64 server ready
USER rodsmith
+OK User name accepted, password please
PASS password
+OK Mailbox open, 1 messages
RETR 1
+OK 531 octets
>From rodsmith Wed Aug 8 14:38:46 2001
Return-Path: <ben@pangaea.edu>
Delivered-To: rodsmith@nessus.rodsbooks.com
Received: from speaker.rodsbooks.com (speaker.rodsbooks.com
[192.168.1.1])
by nessus.rodsbooks.com (Postfix) with SMTP id EB2A01A2BD
for <rodsmith@nessus.rodsbooks.com>; Wed, 8 Aug 2001
14:38:26 -0400 (EOT)
Message-Id: <20010808183826.EB2A01A2BD@nessus.rodsbooks.com>
Date: Wed, 8 Aug 2001 14:38:26 -0400 (EDT)
From: ben@pangaea.edu
To: undisclosed-recipients:;
Status:
This is a test message.
DELE 1
+OK Message deleted
QUIT
+OK Sayonara
Connection closed by foreign host.
11.1, POP . ;

260

II.

+ mailbox open, I messages. ( RETR 1) ( DELE 1).


POP :
. ,
. ,
. ( , ) .
, ,
.

11.1, ,>
,>
f
.
From: Return-Path: , benSpangaea. edu. . , Received:,
, , ,
. , , ;
Received:. , speaker. rodsbooks . com nessus . rodsbooks . com.
pangaea. edu .

(MAP
POP, IMAP , IMAP . IMAP,
, , .
; IMAP-4 . (IMAP-4
143.)
IMAP 11.2.
, POP ( 11.1).
, 11.2
IMAP.
11.2. IMAP-4
$ telnet nessus 143
Trying 192.168.1.3. . .
Connected to nessus.rodsbooks.com.
A
Escape character is ' ]'.
* OK nessus.rodsbooks.com IMAP4revl v!2.264.phall server ready
Al LOGIN rodsmith password
Al OK LOGIN completed
A2 SELECT Inbox
* 1 EXISTS

11. : POP IMAP

261

* NO Trying to get mailbox lock from process 29559


* 1 RECENT
* OK [UIDVALIDITY 997295985] UID validity status
* OK [UIDNEXT 4] Predicted next UID
* FLAGS (\Answered \Flagged \Deleted \Draft \Seen)
* OK [ PERMANENTFLAGS (\* \Answered \Flagged \Deleted \Draft \Seen)]
Permanent flags
* OK [UNSEEN 1] first unseen message in /var/spool/mail/rodsmith
A2 OK [READ-WRITE] SELECT completed
A3 FETCH I BODY [HEADER]
* 1 FETCH (BODY [HEADER] {494}
>From rodsmith Wed Aug 8 16:02:47 2001
Return-Path: <ben@pangaea.edu>
Delivered-To : rodsmithdnessus . rodsbooks . com
Received: from speaker.rodsbooks.com (speaker.rodsbooks.com
[192.168.1.1] )
by nessus.rodsbooks.com (Postfix) with SMTP id 2C7121A2BD
for <rodsmith@nessus .rodsbooks .com>; Wed, 8 Aug 2001
16:02:25 -0400 (EOT)
Message-Id: <20010808200225 . 2C7121A2BD@nessus . rodsbooks . com>
Date: Wed, 8 Aug 2001 16:02:25 -0400 (EOT)
From: ben@pangaea.edu
To : undisclosed-recipients : ;

* 1 FETCH (FLAGS (\Recent \Seen))


A3 OK FETCH completed
A4 FETCH 1 BODY [TEXT]
* 1 FETCH (BODY[TEXT] {25}
This is a test message.
)
A4 OK FETCH completed
A5 COPY 1 demos
A5 OK COPY completed
A6 LOGOUT
* BYE nessus.rodsbooks.com IMAP4revl server terminating connection
A6 OK LOGOUT completed
Connection closed by foreign host.
1 1 .2 , POP. IMAP ,
, LOGOUT LOGOUT.
, .
IMAP ( A3 4
).

262

II.

( 2),
( 5). 11.2
. , , FETCH.
IMAP ,
http: //www. ietf. org/rf c/rf c2060 . txt.
IMAP, , ,
. . IMAP ,
- . .
IMAP,
(UW IMAP; http: //www.washington.edu/imap/). . INBOX,
, ,
, /vax/spool/mail/_. IMAP, INBOX.
, . , UW IMAP
.
.
. , , ,
. , , ,
.



, . ,
. POP
,
, . IMAP.
, , ,
. POP , IMAP, , IMAP,
POP.
, , , IMAP,
. POP- INBOX, ,
IMAP. ,
. POP
, , .

11. : POP IMAP

263

POP IMAP , | , . ,
, ,
. POP ,
SSL-.
, ,
. ,
POP IMAP Internet.
, TCP Wrappers
xinetd. , , .

POP
, POP
. , , .
, SMTP. He .
: mbox ( ) maildir
( ). , sendmail, Postfix, and Exim, no
mbox, , qmail, maildir. Postfix, Exim qmail
mbox, maildir. POP ,
SMTP.

POP Linux
POP Linux.
, ,
, SMTP
, , , POP , . , POP.
UW IMAP. IMAP, (http://
www.washington.edu/imap/), POP.
Linux mbox,
SMTP.
Cyrus IMAP. UW IMAP, Cyras IMAP (http://asg.web.cmu.edu/
cyrus/imapd/) IMAP POP. mbox.
nupop. nupop (http://nupop.sourceforge.net)
, ,
.

264

II.

maildir,
qmail.
Courier. Courier (http: / /www. courier-mta. org)
POP, IMAP SMTP. Courier POP IMAP
Courier-IMAP (http://www.inter7.com/courierimap/).
maildir.
QPopper. , (http: //www. eudora. com/
qpopper/) SMTP- qmail. QPopper 3.0
. 4.0
. QPopper mbox. QPopper 4.0 SSL-.
qmail-pop3d. qmail (http: //www.
qmail.org) maildir. SMTP- qmail, qmail-pop3d
POP.
,
POP. http://www.sourceforge.net
POP, , IMAP, SMTP . UW IMAP, Cyrus, QPopper
.

POP
, POP ( 4).
xinetd. He ,
/etc/inetd. conf. POP ,
inetd xinetd. POP , .
.
UW IMAP POP Linux. ,
, .
SMTP , POP . - POP .
, POP, ,
.

IMAP
IMAP ,
POP. , UW IMAP -

11. : POP IMAP

265

Linux, ,
. .

IMAP Linux
, ,
UW IMAP, Cyrus IMAP Courier, IMAP.
2002 . IMAP, .
http: //www. sourcef orge. net. , , Web
IMAP.
Linux, UW IMAP, .
, ,
. ( ;
.
CONFIG, .) Cyras IMAP
. ,
; mbox.

IMAP
Linux UW IMAP, imap. IMAP
. UW IMAP
Linux, ,
, IMAP. IMAP ,
, , .

Fetchmail
Fetchmail .
, , . Fetchmail
; Fetchmail
. Fetchmail , , . f etchmailrc,
. fetchmailconf,
Fetchmail. .

266

II.

"""


. Fetchmail .

Fetchmail
, . , , ,
. , , , , ,
IP- . ,
, .
.
Linux, Internet . Linux,
Internet -, .

, . ,
, POP
. ( , )
;
POP .
, Internet . , ,
, . Internet
; ,
, .
.
, . , , . Linux,
Internet , ,
. ( , .)
,
, ,
.

11. : POP IMAP

267

. , ,
. , ,
, Fetchmail (
) .
POP IMAP. , , , , POP,
IMAP.
Linux POP . IMAP ,
, , IMAP.

'~
>.'",'
- -, . ,
,
, .
, (
, , ). Fetchmail , ,
. ., :
, ,
. .

, . '.. , .
. (, ) '
,
. ,
. , ,
, ,' ?
Internet ,
Fetchmail. . , Fetchmail -;;
ppp-on-dialer, 2. Fetchmail!
, .
interface monitor, . Fetchmail "
.
'

268

II.

.
.
POP, ,
. , , ,
, ,
, . Fetchmail.
Fetchmail,
, . (Fetchmail
, ). Fetchmail , , .
Fetchmail , .
. Fetchmail
, .
, , ,
Fetchmail . . ,
. , Fetchmail .
.

fetchmailconf
Fetchmail . ,
. Fetchmail , . Fetchmail
fetchmailconf, .
. fetchmailrc, fetchmailconf.
Linux fetchmailconf . ,
Fetchmail , . X Window, Tcl/Tk, fetchmailconf
. Fetchmail .
.
1. , xterm
fetchmailconf. Fetchmail Launcher, , , , Fetchmail
.

11. : POP IMAP

269

Fetchmail root,
^iy . , , , root, Fetchmail
. ( Fetchmail ,
, root, .) ,
, .
,
Fetchmail ,
.
2. Configure Fetchmail Fetchmail Launcher. Fetchmail Configurator, ,
, . , ,
,
. ,
.
3. Expert Configuration Fetchmail Configurator.
Fetchmail Expert Configurator, . 11.2.
Fetchmail , Poll
Interval ,
(, 1200 20 ). ,
Fetchmail ,
, 0. Postmaster ,
, Fetchmail.
, . , ,
. Help, .
4. Fetchmail Expert Configurator , .
, . , <Enter> Fetchmail Host _
(. 11.3). ,
Fetchmail Expert Configurator New Server.
, ,
.
5. Fetchmail Host _ Protocol,
User Entries for _ Security. Run Controls ,
, (
). Multidrop Options , . -

270

II.
fetch mall expert configurator
Configurator expert centrals
Save

Quit

Help
Fetchmal Run Controls

Interval:

Postmaster: jradsmtth

ft Bounces to senrter?!
j send spam bounces?]
3 Invisible mode?:

ftioms/rodsmlth

Remote Mall Server Configurations


New Server

Edit

Delete

Help

. 11.2. Fetchmail Expert


Configurator
, Fetchmail


. , , , ,
,
.
6. Protocol Fetchmail Host _
. Auto;
, ,
, . Probe for Supported Protocols, ,
, . ,
telnet. telnet 11.1
11.2.
7. , Security, ,
, . Interface to Monitor
, . Fetchmail
, . , IP Range to Check Before Poll,
, , IP- . IP- ,
/; Fetchmail , , . ,

271

11. : POP IMAP

ilMHUHHKFetchmail host nessus.rodsb<x>ks.com)flH|HHHHi


Server options for querying nessus.rodsbooks.corn
O K | Quitj

Help
Multidrop options

Run Controls
Pdfl nessus.rodsbooks.cDm hormally?

Envelope address header: {Received

True name of nessus .rodsboolj

Envelope headers to skip: JO

Cycles to skip between pods: JO

Name prefix to strip:

Server timeout (seconds):

J300
Help

Hew alias:
* auto

pr Enable multidrop DNS lookup 7


DNS aliases
|

Protocol
POPZ v POP3 v APOP

V KPOP v IMAP

On server P port:

ETRN v ODMR

Delete j

|0

j POP3: track 'seen' with client-side UIDUT


Probe for supported protocols j

Domains to be considered local


New domain: [

Help

User entries fornesius.rodsbooks.com


New user:

Delete!

Edit I Delete

Help

\.t

Help

Security
IP range to check before pol: j
Interface to monitor

[
Help

. 11.3. Fetchmail Host _

172.20.0.0/255.255.0.0, Fetchmail
,
172.20.0.0/16.
8. User Entries for _ New User. ,
.
<Enter> Fetchmail User _ Querying _
(. 11.4). ,
.
9. Fetchmail User _ Querying
_ Password Authentication. , , . ,
Local Names , . ,
;
. Forwarding Options
. ,
Fetchmail
. Forwarding Options, Processing
Options Resource Limits ,
. Fetchmail
Suppress Deletion of Messages After Reading Process-

272

II.
i!jHHHHK(Fetchmail user rodsmlth querying nessusjodsbaeksxom]|j||HBI|||HHe^Bi
User options forrodsmlth querying ne3sus.radSDOoks.com
OK j Quit I

Help

Authentication
|

Password:

Processing Options
j Suppress deletion of messages alter reading

j Use SSL?

j Fetch old messages as wel as new

SSL key:
SSL certificate:

j Flush seen messages before retrieval


Rewrite // messages to enable reply

Local names
New name:

J Force CR/LFatendof each Bne

jrodjmlth

'

Delete j

Pj
Help

j Undo MIME armoring on header and body


j Drop status Unas from forwarded messages
j Drop DeHvered-To lines from forwarded messages

Forwarding Options
Listeners to forward to

Resource Umlts
Message sue Droll:
0

Newtstaner: j

Dateta [

j Strip CR from end of each Nne


J Pass 8 bits even though SMTP says 7BIT

Size warning interval:

Max messages to fetch per pel:

Max messages to forward per poi: 0

Append to MAIL FROM line:

Interval between expunges:

Set RCPT To address:

j Me after each poll (IMAP only)

Connection setup command:

Connection wrapup command: |


Local delivery agent:

BSMTP output

ffle:

Listener spam-block codes: J571 550 501


Pass-through properties:

New folder:

Remote folders (IMAP only)


j

IS
Delete [

J UseLMTP?

. 11.4. Fetchmail

ing Options,
Fetchmail. , ,
. Remote Folders IMAP,
Fetchmail , INBOX.
, , Fetchmail | .fetchmailrc. Fetchmail , , 0600
(rw
), ,
. , , , ,
.
10. Fetchmail User _ Querying _
, Fetchmail Host _.
. fetchmailrc, Save
Fetchmail Expert Configurator.

11. : POP IMAP

273

11. , Test
Fetchmail Fetchmail Launcher. Fetchmail , . . , "
, . ,
Fetchmail. ,
Quit.
,
f . ,
Fetchmail , (, ,
,
). (
. 9).
, fetchmailconf, , . ,
.
. Fetchmail. ,
, . f etchmailrc
.

.fetchmailrc
fetchmailconf, , . fetchmailrc.
. , , fetchmailconf.
. fetchmailrc 11.3.
11.3. . fetchmailrc
# Fetchmail file for retrieving mail from mail.abigisp.net
# and imap.asmallisp.com
set postmaster rodsmith
set bouncemail
set daemon 1800
set syslog

poll mail.abigisp.net with proto POPS


user rodericksmith there with password abc!23
is rodsmith here fetchall forcecr
smtphost speaker.rodsbooks.com
poll imap.asmallisp.com with proto IMAP
user rodsmith there with password A1B2C3
is rodsmith here

274

II.

, # , Fetchmail . 11.3 . set


, , Fetchmail Run Controls Fetchmail Expert Configurator
f etchmailconf (. 11.2). . , 11.3 poll,
,
. f etchmailconf Fetchmail Host _ Fetchmail User _
Querying _ (. 11.3 11.4). poll ,
, ,
, .
.
Fetchmail .
, Fetchmail,
. (, ). ,
.
.
set postmaster _.
, ,
. . ,
, postmaster root. (
SMTP postmaster, , . postmaster Fetchmail
SMTP , .)

postmaster _.
set bouncemail. ,
. set bouncemail set no bouncemail,
postmaster, Fetchmail.
set daemon . , Fetchmail
( ).
, Fetchmail , ,
.
set daemon , daemon . Fetchmail daemon 0, ,
, ,
. f etchmailrc .

11. : POP IMAP

275

set logfile _. ,
Fetchmail .
set syslog. Fetchmail , .
. f etchmailrc poll . .
poll

_ - _

server poll.
skip, Fetchmail .
, . f etchmailrc. Fetchmail ,
. ,
, , . (
, .fetchmailrc .) and, with, has, wants options ;
":", ";" ",". , poll
.
.
proto protocol . , , .
, Fetchmail . , . f etchmailrc,
-.
interface /IP-/_. , , Fetchmail
. , ethl , IP- ,
IP-. , ethl/192 .168 .1. /
2 5 5 . 2 5 5 . 2 5 5 . 0 , , Fetchmail , ethl
192.168.1.1 192.168.1.254. -I, .
monitor . Fetchmail, , ,
. Fetchmail ,
, . -.
, .
user , username .
poll. ,

276

II.

,
here, . there
, . - .
pass , password . , . .
is to . . (. . user with pass ).
, here,
, .
there .
smtphost _. Fetchmail , , . .
localhost. , , , .
. , Fetchmail,
localhost . -S, .
keep. Fetchmail . , .
, , . -k,
, keep.
f etchall. Fetchmail ,
. f etchall ,
. -, .
forcecr.
CR/LF ( ). ,
. qmail ;
forcecr.
, Fetchmail
, . , jack j ill
Jill, Fetchmail jill. ,
, , - , (multidrop mode).

11. : POP IMAP

277

, Fetchmail, Procmail, 19. Procmail ,


.

,
SMTP.
, , Internet.
Telnet, SSH
. -3
IMAP-4. IMAP
POP,
. POP.
Fetchmail "" , , ,
. , Fetchmail .
.

12

11 .
, . .
" ", (Usenet) " ".
,
. , ,
. , .

, , , .
, , . , /
, ,
. . ,
,
, , .
, .
^^
^.

, " ". ,
. , ,
, Usenet.
Usenet,
.

12.

279


.
Usenet. Usenet. ,
.
Usenet , ,
.
. , , . , , .
,
, .
. ,
.
,
.
, Usenet
,
. . Usenet
, , .
Usenet
.
, ,
, .
, /var/
| spool/news. Linux , , , /var. ,
, /var /var/spool/news
.
, , , /var/spool/news, ,
.

(, ).
,
, , .
; ,
.

280

II.

Usenet
, , ,
. ,
, , ,
. , , Giganews (http://www.giganews.com), Supernews (http://
www. super news . com) NewsGuy (http: / / www. newsguy. com). , , ,
http: //www. news servers .net. http: //groups .google .com
. Web-.
, Usenet
.

( ),
, , Leafnode, .
, Leafnode, ,
, Usenet. Internet, , ,
; . , , . Leafnode ,
. ,
.
, .

NNTP
NNTP (Network News Transfer Protocol
). , NNTP 119. ,

NNTP. ,
, TCP/IP. NNTP ,
,
.
NNTP , . ,
. (
, .)
. , .

12.

281

, , , . , .
, . , , . ,
comp. os . linux. misc . os . linux. hardware comp.
os. linux, . comp. dcom. modems comp. os . linux. misc comp. os . linux. hardware, rec. arts . s f . dune .
,
Message-Id, . , , . , Usenet. ,
.
NNTP: (push protocol) (pull protocol).
, .
, . , . , , .
. ,
.
, , . ,
, , .
, , . (
,
.) .
, , , , ,
, , .

.
,
. , .
. ,
, , . , ,
( Tiny College),
(Pangaea University). ,
, news . tiny. edu, -

282

II.

pa news . pangaea. edu.


, news . tiny. edu news.pangaea.edu.
, Tiny College ;
news . tiny. edu news . pangaea. edu. Pangaea University, , . .
. , ,
news . pangaea. edu , news . tiny. edu. Tiny
College .
Pangaea University ,
. , ,
.
, .
,
. , , . . .
, , NNTP. ,
. ,
, ,
, .
, .
, , , , .
"",
. ,
, .

INN
, Linux, InterNetNews, INN (http: //www. isc . org/products/
INN/). INN , .
, innd, .
nnrpd .
innxmit, , , nntpsend.
,
.
/etc/news, /var/lib/news
.
INN Linux
inn. 2.2.2 INN,
INN 2.x INN 2.2.2. INN

12.

283

Cleanfeed. Cleanfeed ,
. (
.
, , , ,
, .)


, Usenet, .
, . NNTP
, , . ,
.
.
, , , ,
, . , , Internet ,
, . ,
NewsGuy (http: //www. newsguy. com).
1
%;: '"'"'"

, ^
., .
, , ,;
, . .
, -*
/,* , ,
binary binaries. , ,
alt, ."
, , - (outsourcing),
. NDS
, IP- . ' :, * ,
; , . ;
, , .. ^
,
', .
,
-

284

II.

, . ,
NewsGuy
1200 ,
, Pentium 400, 500 ,
64 . 3 .
, , . ,
, .
, ,
.

INN
INN . , , , . . ,
. ( Usenet-,
, , ,
.)
INN,
(, ,
. .).


/etc/news/inn. conf. :
_:
.
inn. conf, , . ,
, .
organization. . ,
organization,
, .
server. , INN.
, , , ,
. ,
localhost,
.
pathhost. , INN Path. -

12.

285

, . , ,
news.threeroomco.com.
moderatormailer. , . . ,
, .
, , ; .
%s@uunet. uu. net.
domain. , threeroomco.
com. INN.
f romhost. , INN
From, . ,
.
complaints. ,
, , ,
, , , ,
, . . complaints ,
.
inn. conf , , .
,
inn. conf.


inn. conf . : active newsgroups.
, pathdb, inn. conf ( /var/lib/news).
active , .
. .
, , :

_ _ _
, . os .linux.misc.

, .
0000000000 0000000001. ( INN ,
, ,
.

286

II.

- .) ,
. .
. .
, .
. , , , .
. . ,
, .
j . , , , . INN , .
. .
, .
=. . , , , .
.
, , . ,
, Usenet. , , ,
, threeroomco. com,
threeroomco.support, threeroomco.support.bigproduct threeroomco.
accounting. ,
active.
INN _
_ active . _ , , _
. _
; ,
.
newsgroups , active. active, newsgroups .
, . ,
.


, . , , : , .

12.

287

, .
, , .
( , ).

, , , , , , .
/etc/news/newsfeeds. /etc/news/newsfeeds , :
_:[,. . . ] : [ , ...]:
.
, \. , , .

. .
_. , .
,
.
. . , , ,
, (*).
, comp. os . * comp. os.
!, ,
; , .
@, , ,
. , , ! comp. os . linux. comp. os . linux
comp. os . linux. hardware, comp. os .
linux.hardware. @.os .linux
. INN news feeds , comp. os . *, ! comp. os .
linux, INN comp. os, ! comp. os . linux. ,
, comp. os. *
! comp. os. linux.
. ;
, . ,
< ,
, , ,
, ,

288

II.
.
.
. .
, ,
. . news feeds,
, , .

news feeds ,
. , /etc/news/nntpsend. ctl, INN . news feeds, nntpsend. ctl
, , .
.
_: _:_: []
_ ,
news feeds, _ .
_ , ; , 2
. , innxmit, .
.
,
. , ,
, , .
, Internet . ,
, , .
,
INN .
, innd, ,
, , INN. innd , . /etc/news/
incoming. conf, innd,
, .
, incoming. conf,
: . ( peer); . ( .) , ,
. , . incoming.conf ,
, 12.1.

12.

289

12.1. incoming, conf


#
streaming: true
max-connections: 50
# Allow NNTP posting from localhost
peer ME {
hostname: "localhost, 127.0.0.1
# fiveroomco.com
peer fiveroom {
hostname : news . f iveroomco . com
patterns: *, ! threeroomco . *

hostname. ,
. ,
, patterns;
, news feeds. , .
, , incoming. conf.

, . innd , /etc/news/nnrp. access.
, :
_: : 1_?: : _
.
_. IP- . *, . , ,
* . threeroomco. com
threeroomco. com. IP-
IP-/ , 172.20.0.0/16.
.
: R ( ), ( ), N
( NEWNEWS) L ( , ).
.
_?. . , , ,
, . +
, Linux. , ,

290

II.
, "" .
, .
. , .
_. ,
, newsgroups.
. ,
, .
, *.

nnrp. access , . ,
,
.

,
/etc/news/expire. ctl
. , INN. :

: : : __:
. .
, * , . . comp. os . * comp. os.
. , , (),
(U) ().
. Expires,
. ,
, ( ), . , ,
6, Expires , .
. , Expires
7 ,
. ,
. never , . ( never, .
,
.)
__. .
, Expires.
,
. never ,
.

12.

291

. ,
Expires,
. , 10
, Expires 100,
. __,

never.


INN SysV.
, ,
.
innd .
. , . , , crontab-, /etc/cron. d, /etc/cron. interval
, . , , crontab- .
, .
, ,
.
ctlindd, .
ctlindd -h.

Leafnode
INN , .
,
. , Internet. ,
,
,
. - . ,
. INN, . INN
,
,
INN.

292

II.

. Leafnode
(http: //www.leafnode.org).
Leafnode , . NNTPCache (http://www.nntpcache.org), Noffle (http://nof f i e .
sourceforge.net), sn (http://infa.abo.fi/~patrik/sn/) NewsCache (http: //www. inf osys . tuwien. ac. at/NewsCache/).

Leafnode
INN, Leafnode . .
leafnode. , NNTP.
,
.
fetchnews. ,
. ,
.
fetchnews , .
texpire. , Leafnode
/var/spool/news. , .
texpire. .
newsq. ,
, .
Leafnode .
, fetchnews . Leafnode ,

, . , , ,
.
,
.
Leafnode ,
. Leafnode ( ,
fetchnews)
. Leafnode
, , , .

12.

293

, Leafnode , , , , .
. ,
. Internet-
, Leafnode, , . Leafnode , ,
. Leafnode ,
,
,
.
0

2002 . Leafnode 1.9.19.


(2.0) . 2.0
. 1.9.x .
, Leafnode . ,
Leafnode
. 20-25 .
Leafnode, INN .
, Leafnode, , .
, Usenet,
. f etchnews , ,
, .

Leafnode
Leafnode : leafnode,
f etchnews texpire. , , ,
. Leafnode Linux,
.


Leafnode con fig;
/etc/leafnode. , , #. ,
:

-
Leafnode : server
expire. ; Leafnode,

294

II.

, . ,
conf ig, .
server. , , server = news.abigisp.net.
server, .
expire. ( ),
.
username. ,
.
password. ,
.

, . conf ig root, , ,
. , .

port. 119.
.
nodesc. , , .
Leafnode ,
nodesc = 1.
timeout. fetchnews
, .
-.
groupexpire _.
, . . ,
comp. os. linux comp. os .
linux.*.
maxf etch. Leafnode
, .
maxf etch, Leafnode . ,
,
initialfetch. , . initialfetch
, .

12.

295

delaybody. Leafnode , .
maxf etch . Leafnode
. ,
. ,
. 1 delaybody,
,
.
maxcrosspost. .
,
maxcrosspost, . ,
, .
maxage. , Usenet, .
Leafnode , , , .
maxage .
maxlines. maxlines, ,
, ,
. .
minlines. minlines, ,
, ,
. .
maxbytes. , .
.
timeout_short. Leafnode .
.
timeout_long, Leafnode .
.
timeout_active. Leafnode , . ,
. 90 .
filterfile. ,
. (
.) .

296

II.

hostname. .
Leafnode, , .
, ,
.

Leafnode: leafnode, fetchnews texpife.
, -.

leafnode
, leafnode
inetd xinetd. inetd. conf.
nntp stream tcp nowait news /usr/sbin/tcpd /usr/sbin/leafnode
, xinetd,
, leafnode;
/etc/xinetd.d. , inetd xinetd, , Leafnode ,
. , leafnode
, INN .
Leafnode ! .
,
TCP Wrappers.


f etchnews ; ,
. ( , , newsg.) ,
/etc/leafnode/config. ,
f etchnews ,

.
f etchnews .
-v. . v ,
. ,
v (-vvvv). , f etchnews ,
.

12.

297

- . ,

.
-1. , Leafhode . ,
.
-. , ,
, - .
-f. , , , , . (
90 .) .
-. f etchnews , , , ,
.

, , , f etchnews.

f etchnews, fetchnews -. Leafhode 2.0 ,
fetchnews .

Leafnode, , fetchnews. fetchnews


, - ( ppp-on-dialer, 2). fetchnews
, Internet
Internet
, , . ,
fetchnews, , . fetchnews
-, ( Internet).


texpire , ,
, /etc/leaf node/conf ig . ,
. , texpire
. Leafnode , /etc/cron. daily .

298

II.

,
texpire crontab.
, texpire
. ( .)
, ,
, . - , ,
, .
f etchnews, texpire
-v. -f. ,
, , texpire . -f texpire ,
. , -,
tar, .
, ,
. -f.


Leafnode , . , . , , , obnoxious@annoying.edu, , . From. Leafnode "" .
/etc/leafnode/fliters, . /etc/leafnode/fliters . ,
, obnoxious @annoying. edu,
:

From:.*obnoxious@annoying\.edu

, ( From:). .*, , . obnoxious@annoying.edu ,


,
(\).
19.

Leafnode . filter file /etc/ leaf node/


conf ig, .
/etc/leafnode/filters,
.

12.

"

299

.
Usenet , ,
. ,
. ,
, Usenet.
,
. Usenet , INN, Linux.
;
. , ,
, .
, ,
,
. Leafnode.
, , NNTP.
. Leafnode :
Internet.

.

13

,
. , , 10, , ,
15, . , , , (remote login server).

, .

.
.
. , .
- , , pine
mutt, , Vi Emacs . .
,
X Window, KMail Nedit; ,
, 14.
, : rlogind, Telnet SSH. . . ,
rlogind , a SSH
. , rlogind Telnet SSH. ( Kerberos
6.)

13.

301

,
.
Linux .
, , ,
, .
| . , ,
,
POP. , POP ,
. , .
,
. .
,
.

rlogind
rlogind ,
r-.
UNIX. rlogin rlogind in. rJLogind. rlogind
, . ,
rlogind .

rlogind
rlogind . /etc/inetd.conf
rlogind, . , ,
. xinetd,
rlogind, /etc/xinetd.d.
, , ,
. , rlogind, . 4.
rlogind .

302

II.

-. rlogind ,
. -
.
-. , .
-h. rlogind . rhosts . -h , .
-1. .rhosts
. , -h.
-L. , .rhosts hosts.equiv.
-h, -1 -L
| rlogind, Linux
. ,
; .

rlogind
, r-, . , , . ,
rlogind , , rlogind , .
rlogind, Kerberos .
rlogind.
rlogind,
.
1. , . - rlogin
512-1023. , rlogind
. rlogin, , 1024 root.

Linux root. ,
1024 , .
2. DNS, IP .

13.

303

3. , DNS-, , , rlogind -,
IP- . IP- -L -1 , rlogind
~/ . rhosts /etc/hosts . equiv ,
. ,
rlogind .
4. IP-, DNS-, IP-, , , -L -1,
, , rlogind
.
, rlogind . , ,
. , .
, rlogind , . . , - rlogin,
-1, rlogin -I s jones.
rlogind , , . rhosts,
rlogind . , , IP- , ,
, . rhosts .
. , ,
rlogind . rlogind
:
,
.
[rodsmith@nessus rodsmith]$ rlogin speaker
Last login: Mon Aug 12
1 4 : 4 8 : 5 8 2002 from nessus on 4
[rodsmith@speaker rodsmith]$
rlogind , , ,
. rlogind
, .
, , , rlogind.

304

II.

,
. rlogind, Telnet
, SSH .

rlogind
rlogind , , , .
, , . , , ,
. .
/etc/hosts. equiv.
. ,
, , , r-. , ,
. (, j u l i a
f red), .
~/.rhosts.
,
. ,
, . ,
( ).
. rhosts, ,
.
, ~/ . rhosts , ,
|
. ,
rlogind . -
rlogind, TCP Wrappers
.
r- ,
rlogin, rep rsh.
BSD LPD ( 9),
.
, ,
-.
. .
[+(-][_] [_]
+ -, ,
. , ,
+ . -

13.

305

. , , .
+, . | ( ), .
r-.
+ ,
.
IP- (, 192.168.34.56)
(, gingko.threeroomco.com).
, , ,
, gingko.
@, NIS ( NIS
).
,
. .rhosts, , , , . rhosts. , , . rhosts,
julia, :
172.21.13.14 jbrown
jbrown, 172.21.13.14,
j u l i a . ( , ,
jbrown rlogin, -1 julia.)
/etc/hosts . equiv .
, ,
, root. , , /etc/hosts,
equiv, , jbrown, 172.21.13.14, julia,
, root. , /etc/hosts . equiv, . ,
, -.
rlogind
~/.rhosts /etc/hosts .equiv . , .
rlogind inetd xinetd,
TCPWrappers. ,
TCP- 513 (, rlogind).

Telnet
Telnet Internet. Telnet ( , telnet)

306

II.

Linux. , Telnet-, ,
, , Linux, UNIX VMS.
Telnet , rlogind, ,
TCP/IP, . Telnet
Linux, .
Telnet SysV. Telnet , , ,
.
Telnet ,
, rlogind. Telnet, ,
Telnet ,
. , ,
Telnet. Kerberos,
,
Telnet.

, Telnet
Telnet , .
, Telnet, -. , Caldera netkit-telnet, Debian telnetd, Mandrake Red
Hat telnet-server, Slackware tcpipl, SuSE nkitserv TurboLinux
telnet. , telnetd, Debian, Telnet, , telnet
TurboLinux, , . Telnet , ,
. 4 (, Telnet,
telnetd in. telnetd).
Telnet ,
. , Telnet .
, , .
-D _. . , telnetd
. ,
, . options,
report ( ),
netdata ptydata (
).

13.

307

-h. telnetd ,
, . -h
. ,
Telnet,
,
.
-L _. telnetd /bin/login.
.
-. rlogind, telnetd ,
. - .
,
. Telnet- , . , Telnet, , ,

SSH. Kerberos, Telnet,
.

Telnet
telnetd /etc/issue.net . ,
, , . -h, telnetd,
. , , Telnet-. ,
, .
.
, , . , ,
, , .
( ). /etc/issue. ( X Window .
X Window 14.)
/etc/issue. net.
.
, telnetd . . 13.1.
, /etc/issue. net :

308

II.

13.1. , /etc/issue .net

%t
%h
%D
%d
%s
%m
%
%v
%%

(, -
)

NIS ( NIS )

(Linux)
()

( )
%

Welcome to %h.
Current time is %d.
Notice: For authorized users only!
maple. threeroomco. com,
:
$ telnet maple.threeroomco.com
Trying 172.21.32.43...
Connected to maple.threeroomco.com.
Escape character is ' ] ' .
Welcome to maple.threeroomco.com.
Current time is 10:57 on Monday, 12 August 2 0 0 2 .
Notice: For authorized users only!
Linux ( , Caldera, Mandrake
Red Hat) /etc/issue /etc/issue.net . /etc/re. d/rc. local.
, Mandrake 8.1, .
# /etc/issue
# . ,
# /etc/issue, ,
if [ - /usr/bin/linux_logo ];then
/usr/bin/linux_logo -c -n -f > /etc/issue
echo "" /etc/issue
else
> /etc/issue
fi
echo "$R" /etc/issue
echo "Kernel $(uname -r) on $a $SMP$(uname -m) / \1" /etc/issue
if [ "$SECURITY" -le 3 ];then
echo "Welcome to %h" > /etc/issue.net
echo "$R" /etc/issue.net
echo "Kernel $(uname -r) on $a $SMP$(uname -m)"

13.

309

/etc/issue.net
else

echo "Welcome to Mandrake Linux" > /etc/issue.net


echo "
" /etc/issue.net

fi
^^ 7.2 Red Hat issue
HA^fcx issue. net. Caldera 3.1 Mandrake 8.1 - /etc/re. d/rc. local.
,
.
, .
/etc/issue /etc/issue.net,
/etc/re. d/rc. local . , ,
/etc/issue /etc/issue.net,
.

Telnet
, /etc/issue,
net, telnetd /bin/login , -L. /bin/login . (login: Password:).
, /bin/login
, .
Telnet , ,
.
,
. telnetd
-L,
, telnetd. rlogind,
Telnet , . . ,
. ( ,
. Telnet
.)
, Internet
.
, , Telnet,
.
, . ,
, ,
.
, , .
, .

310

II.

, , , .
Telnet su, , .
rlogind , . Telnet
rlogind , , , ,
Telnet , , ,
.
? ,
, . -
, , , . ,
, Telnet. He
Telnet . ,
. su root , Telnet,
. Telnet
, Internet. Telnet,
, , ,
.

SSH
, ,
Linux SSH (Secure Shell ). , , . ,

, , , . (
, . , ,
.)
SSH , . , SSH , ,
, , ,
.

13.

311

2001 SSH
. , SSH (OpenSSH) . , (SSH),
.
, ,
Web- . , , ,
.

SSH
SSH, Linux:
SSH (http://www.ssh.com/products/ssh/), SSH, OpenSSH, (http:
//www.openssh.org). OpenSSH Linux, , Caldera 3.1, Debian 2.2, Mandrake 8.1, Red Hat 7.2, Slackware 7.0 SuSE 7.3.
, , ,
Web- OpenSSH. (
SSH .)
SSH .
^^
^%\

OpenSSH
OpenBSD. OpenSSH . h t t p : / / w w w . o p e n s s h . o r g / p o r t a b l e . h t m l OpenSSH , OpenBSD,
Linux.
.

2001 3.1 SSH.


OpenSSH 3.O.2. 3.0.x
. 3.1 SSH PKI (Public Key Infrastructure ),
, , . SSH
OpenSSH; , SSH
SSH.
SSH OpenSSH , , SSH, ,
. , . SSH , ,
,
SSH, , . ,
SSH 2, SSH 3, SSH 2.
OpenSSH . openssh, SSH,

312

II.

openssh-client openssh-server, .
SSH Telnet, SSH . . SSH http: //www. f reessh. org.
SSH ,
Windows MacOS. SSH
;
.

SSH
SSH , SSH . ,
, ,
. , SSH-
. , SSH-
, ,
X Window. ( X Window 14.)
,
.
,
SSH. (VPN Virtual Private
Network). VPN
HOWTO (http: //www. linuxdoc . org/HOWTO/VPN-HOWTO. html).
SSH
, . ,
SSH scp,
. .

scp [[!]!:]_! \
[[2]2:]_2]
scp , r-,
. scp .
(, FTP),
scp , ,
. ,
.
sf tp, ftp, . FTP , gFTP (http: / / g f tp. seul. org), SSH. , SSH, ,
Telnet FTP.
SSH ( sshd) SSH-
( Linux ssh), scp sftp.

13.

313

.
SSH- 22.

, SSH
, SSH ,
SysV. , . ,
, , , .
, ,
sshd .
-i, .
SSH ,
. , OpenSSH 3.0.2, .
-d. . ,
, . -d (sshd
d), .
-D. , , -d,
.
-. , , sshd,
,
.
-f _. /etc/ssh/sshd_conf ig,
.
-1. , (inetd xinetd). sshd
, .
- . . 22.
-q. . ( ,
.)
-4. sshd , IPv4, IPv6.
, sshd ,
IPv4.

-6. , IPv6.

314

II.

sshd , .
, sshd.
sshd , . SSH .
SysV, , ,
. ,
:
# ssh-keygen -q -t rsal -f /etc/ssh/ssh_host_key -C '' -N ' '
# ssh-keygen -q -t rsa -f /etc/ssh/ssh_host_rsa_key -C ' ' -N ''
# ssh-keygeri -q -t dsa -f /etc/ssh/ssh_host_dsa_key -C " -N ' '
*.

: , , (private key), , , ,
(public key). , , . , , . pub. : (ssh_host_key, ssh_host_key.pub, ssh_host_rsa_key,
ssh_host_rsa_key.pub, ssh_host_dsa_key ssh_host_dsa_key.pub ( /etc/ssh).
, , . ,
.

sshd_config
sshd sshd_config, /etc/ssh. (He sshd_conf ig ssh_conf ig, .)
sshd_conf ig .
:

, , #, . sshd_config
, sshd, . , ,
,
, PermitRootLogin. ,
sshd_conf ig, .
Port. .
22.
HostKey. , . , -

13.

315

.
/etc/ssh/ssh_host_ke. .
KeyRegenerationlnterval. SSH- , .
, -
. ( , , ,
. , ,
.) ( )
. .
PermitRootLogin. yes . sshd
root . , , , ,
, ( root).
PermitRootLogin ,
, root su.
IgnoreRhosts. yes ,
sshd ~/.rhosts.
IgnoreRhosts

RhostsAuthentication yes, sshd, rlogind, .


IgnoreRhosts .
RhostsAuthentication.
SSH : IgnoreRhosts RhostsAuthentication.

RhostsAuthentication , .
.
RSAAuthentication. 1 SSH ,
. .
, yes
RSAAuthentication ( ).
PubkeyAuthentication. ,
RSAAuthentication, 2 SSH.
PasswordAuthentication. yes , . ,
PasswordAuthentication, .

316

II.

XII Forwarding. , SSH


-. ,
, . yes XllForwarding , SSH
X Window. SSH. ForwardXll;
/etc/ssh/ssh_config.
SSH .
,
, .
, SSH-, , , ,
, . , sshd.

SSH-
SSH
. . .
, . .
, .

.
, SSH, . ,
; , , ,
, .

, SSH-
SSH .
. .
1. , , RhostsAuthentication
IgnoreRhosts . , ; .
2. , RSA-.
.
3. RSA-, . -

13.

317

,
. ,
. ,
, .
4. , .
.
, , /etc/ssh
. SSH-
.
~ / . s s h , .
SSH ,
. ( ,
.)
, ssh ,
:
@(a@@(a@@@@@@(ag@@@@(ag@@(a@@@@@@@@@@@@@@(a@@@(a(a@@@@g@@@@@@@@(a@@@
@ WARNING:

REMOTE HOST IDENTIFICATION HAS CHANGED!

@@@@@@@g@@@@@@@@@@@@@@@@@@@@@@@@@@g@@@@@@@@@@@@@@@g@@@@@@g@
IT

IS

POSSIBLE

THAT

SOMEONE

IS

DOING

SOMETHING NASTY!

,
.
, , ,
~ / . ssh/known_hosts ~/ . ssh/known_hosts2 (
).
telnetd, sshd /bin/login; sshd . ( , sshd login,
UseLogin sshd_conf ig.) , sshd telnetd login. login
, sshd .



. ~ / . ssh. ,
SSH .
,
.

; . ,
.
1. , SSH-.

318

II.

2. , 2 SSH.
; .
$ ssh-keygen -q -t rsa -f ~/.ssh/id_rsa -C ' ' -N ''

-N ' ', ssh-keygen .


" <Enter> - ,'
.

.

3. ~/id_rsa.pub . (
. ,
, .pub.)
scp.
$ scp ~/.ssh/id_rsa.pub server:.ssh/id_rsa.client
4. . ssh,
.
5. ~/ . ssh . , ,
id_rsa. client.
6. authorized_keys2. :
$ cat id_rsa.client authorized_keys2
,
SSH 2. ,
- . -2 SSH- ,
2 SSH.
$ ssh -2 server
,
f , .
,
. SSH . IP-,
, , ,
( rlogind ).
, , ,
, . ,
( , ), SSH
.
RS - SSH 1,
.
, , .

13.

319

. 2 -t rsa -f ~/.ssh/id_rsa -t rsal -f


~/. ssh/identity. RSA 1.
.
. 6 identity.pub authorized_keys2,
authorized_keys.
, ssh, -2.
, . , RSAAuthentication ( 1) PubkeyAuthentication
( 2), /etc/ssh/sshd_conf ig.
, SSH- ,
.

.

ssh-agent
SSH- ,
ssh-agent. ssh-agent SSH- , .
ssh-agent , .
1. , ,
SSH. ssh-keygen -N '',
.
2. , SSH, ssh-agent /bin/bash,
ssh-agent Bash. ssh-agent , . (
Bash .)
3. RSA- SSH ssh-agent,
ssh-add ~/. ssh/id_rsa. ( 1 SSH ~/ . ssh/
id_rsa .) , ssh-add .
SSH SSH-; , . ssh-agent
, SSH ssh-agent .
, ssh-agent, ssh-agent
, , ,
ssh, ssh-agent.
, , ssh ssh-agent

320

ssh-add, , . ssh-agent ,
. ,
ssh-agent.
/etc/passwd , ssh-agent. , /etc/passwd
/bin/bash, /usr/bin/ssh-agent
/bin/bash. ( ssh-agent
.)
ssh-agent /bin/bash; , ssh-add ~/ . ssh/id_rsa ssh
. , .
, xterm
ssh-agent, .
X Window
startx, ssh-agent startx.
ssh-agent X Window .
,
.xsession ( )
. xsession-nosshagent, . xsession,
ssh-agent ~/ .xsession-nosshagent.
ssh-agent
X Window, , ssh-add, SSH .
ssh-agent
, ssh-add -1.
ssh-add -d. ssh-add -d SSH-, ( ).
ssh-agent , SSH
. , ssh-agent.
,

. ,
, ,
ssh-agent.

13.

321

.
, , ,
.
Linux
rlogind, Telnet SSH. SSH,
Internet. (
Telnet, , .) rlogind Telnet
, . ,
, Internet, ,
. . , , ,
, . SSH, .

14

X Window
VNC

13 rlogind, Telnet SSH.


, ,
Linux , . Linux ( UNIX)
, - ,
.
, .
, , rlogind, Telnet SSH, ,
The GIMP, Netscape Navigator StarOffice. ( , Emacs,
, ,
, .)
, ,
.
Linux X Window.
Linux, , ,
, ,
.
X Window, VNC (Virtual Network Computing ),
X Window, .
.

14. X Window VNC

323

,

, ,
,
, . , ,
, ,
. , , StarOffice, The GIMP, KMail .
, , .
, .
.
. -,
. ( .)
.
.
.
. ,
X- ,
X Window.
. ,
. ,
. ,
. ,
,
.
.
, . , .
,
. , .
, , -.
.

. . , , , .

324

II.
,
.

.
,
.
.
,
. , ,
.

, , . ,
, .
, . , .
, ,
. ,
Internet .
100

, . , , ,
, ,
. , .
( VNC ; ,
. SSH ,
, .)


X Window
, X Window, Linux. , X Window
. - , , ,
. ,
.

14. X Window VNC

325

X Window
, , , .
. ,
, . ,
, , , . X Window
; X Window -. , X Window,
. - X Window, ,
, ,
-.
, ,
.
, , . - .
WordPerfect NFS. WordPerfect
, NFS. WordPerfect , . . NFS , ,
. ( NFS Linux, WordPerfect .) NFS
, .
, WordPerfect X Window. ,
X Window ,
. WordPerfect X Window
, - . ,
, .
X Window . 14.1.
X Window ( ). - -;

. 14.1. X Window ,

326

II.

, (
15). - , ..
VNC ,
X Window. VNC
. ,
, . , .
-, . VNC
. SSH
, X Window " "
, .

; {
*/1/-""\ ,*'"'"!;'':~, IM^\ ""^\
", X Window, Linux UNIX,
| ? ^ / . -;'
t/'4''' Windows,"OS/2 MacbS,
" ^ -.'
^ J:XFree86 ^(http: //xfree86.cygwin. com Windows, http: // ,
j,a.is.gmd,cie7~veit/os2/xf86os2.html OS/2 http://mrcla, com/ ',
, XpnX/ MacOS X), MI/X Windows MacOS Classic (http://www.
microimiges."com/freestuf/mix/), Exceed 'Windows (http://wwwf
lhci;%om/products/nc/exceed/), Xmanager i- Windows (http://www.
H^!esarang4.'!cpm'/products/xmanager.html) Xtools ' MacOS X (http: .
//www. tenon, com/piroducts/xtools/). : . , , Windows -%
, Linux,
; X Window, Http://www.microimages.com/mix/prices. htm,
Y" ', ;
, , -. X Window, , . X-
\ -. X- > , Network Computing Devices (NCD; http: / /www, ncd. com) Hewlett
? Packard (http://www,.hp.com). , , , TFTR (Trivial File Transfer Protocol -r
); . TFTP >
, X-.)
, X- , , ^ ,
; , -,
. X- .
Linux -,
. ,
.
' ,
"
*,- '^ * 'V '* ^ " ""
>'

14. X Window VNC

327

Linux -.
.
, X Window, . . , - (. 14.1), -. - Linux
-, . ,
, .
-,
; X Window , .
, Qt GTK+.
, RPM Debian, ,
.
- , ,
, - X Window. -
, , ,
. - -.
- , - , .

- -
, X Window .
Linux
X-; ,
, . ,
Linux - , , .
: xhost xauth.

xhost
xhost
-. ,
xterm , , :
$ xhost +biggie.threeroomco.com
- , biggie. threeroomco. com. ,
, - ,
, , .
( xhost +), - .

328

II.

^.
- Windows, MacOS ,
^ \ . Linux
xhost +.
xhost ,
, . ,
xhost , . ,
.
- , .
-
xauth.

xauth
xauth , .
X Window,
. xauth
, xhost, .
xauth . Xauthority, . ,
. , xauth .
Linux, .Xauthority . xauth. xauth ,
. .Xauthority . X ,
. ( . Xauthority ,
, -.
. Xauthority.) - -,
.Xauthority .Xauthority
.
. .
1. , X Window, xauth.
xauth , . xauth
-, .
2. list. ,
.Xauthority. ,
, , term, threeroomco. com: 0. /unix, , list
localhost. .
0. ,
-,
. ?

14. X Window VNC

329

, , 0.
(,
MIT-MAGIC-COOKIE-1) 32- .
, .
3. extract _ -.
, ,
. , extract xfer-auth term.
threeroomco.com: 0. .Xauthority
.
.
4. exit, xauth.
5. , extract,
( , , ). :
FTP NFS, . .
6. , -.
7. xauth, xauth .
8. merge _.
, extract
. (, .)
9. list. , , -, .
, , - .
10. exit, xauth
. (, xauth quit,
. quit ,
.)
SSH, .
A

# xauth list _ :0 | sed -e ' s / /add /' | ssh \


_ - xauth
xauth , sed add , , xauth
-. .
_ , ,
, -.

330

II.

add (/) .
xauth ,
add .
SSH ,
.
- -, ,
, , - (
). X Window . Xauthority , .
xauth ,
, ,
xhost. , xauth
. - , IP-.
.
Internet,
-.
X Window ,
SSH-. - SSH
.
- xauth.
, - XDM, GDM . -
startx, xauth .
startx ( /usr/XHR6/bin) ,
-auth _; .Xauthority, . startx .

- -
, xhost xauth, -. , ,
term.threeroomco.com, biggie. threeroomco. com ,
wrongone. threeroomco. com X-, .
Linux ,
, -.
- DISPLAY , - .
, , -,
:
$ echo $DISPLAY

14. X Window VNC

331

biggie.threeroomco.com:0.
( biggie.
threeroomco.com: 0. 0) ,
. ( 0 0.0;
.) DISPLAY -
,
. :
$ export DISPLAY=term.threeroomco.com:0
, -. - .
, - -, . .
xhost, xauj.li .

- SSH
, , ,
- , . , , -, , , telnet. -,
- -. ,
, xclock, ( xclock) . ,
. , - .
, ,
.
, ,
, X Window
. SSH. - -, ,
.
, SSH,
13. X Window SSH
, SSH.
/etc/ssh/ssh_conf ig SSH
( , -)
yes ForwardXll.
, ssh -X. ( ; - ,
.)
/etc/ssh/sshd_conf ig , SSH ( -),

332

II.

XllForwarding yes. SSH


, -
SSH-.
- SSH "" -.
, SSH DISPLAY , X
- ( - 10, TCP- 6010).
SSH. , SSH SSH. , ,
- (
DISPLAY ), , ,
SSH, -. , SSH " " -, SSH ""
X Window.
-.
, . -
, NAT-, SSH, , Telnet
. , SSH .
,
. - SSH . ,
, SSH .
- - . SSH 200 ,
.
, . ,
, .
,
.
, Linux UNIX. - Windows,
MacOS, OS/2 , ,
SSH -. SSH , .
, SSH.

-
-. ,
. .
.

14. X Window VNC

333

1. -. Linux, -
. - startx. Windows, MacOS
- .
2. - . - , X Window ,

. , xhost , -, xauth .
SSH , ,
, ,
SSH SSH.
3. -. , -,
, Telnet SSH. , X Window.
4. - -. ,
-, -
DISPLAY.
, , : export DISPLAY=term.
threeroomco.com:0.
5. -. -,
, .
, xterm,
.
,
, 2 4, . Windows MacOS
. , - Telnet
. xterm. ,
- xterm. - .
-. , ,
- . . , , ,
X Window . - ;

334

II.


, , ,
-, -. ; , -
, .
, Telnet, SSH ,
.
, X Window. XDMCP (X Display Manager Control Protocol X). Linux ,
XDMCP ( XDMCP
, -), , ,
, XDMCP .
, XDMCP ( , -). Linux
XDMCP, X , XDMCP ,
.

XDMCP
-, , Telnet. Telnet , -;
, -
. XDMCP Telnet, SSH
, . Telnet, Telnet
. XDMCP , XDMCP
X Window;
, . -; XDMCP
, xauth.
, XDMCP .
XDMCP -.
Linux - .
. 14.2.
XDMCP.

14. X Window VNC

335

Welcome to nesstis

ft
book

julia

rodsmith

Login:

root

Pas*yordJ j

Session Type:

. 14.2.
.
, ,

XDMCP ,
/etc /etc/Xll. , , . XDMCP-,
. , XDMCP. Linux XDMCP: X
Display Manager (XDM) KDM (KDE Display Manager) GDM
(GNOME Display Manager).

XDM
XDM XDMCP;
. GDM KDM, XDM Linux. , , .
.xsession, . (
Xsession, / e t c / X l l /etc/Xll/xdm.)
.xsession, ,
, .
( , , ) - XDM , XDM
.

336

II.

XDM
XDM
/etc/Xll/xdm/xdm-conf ig.
:
DisplayManager.requestPort: 0
XDM ,
UDP- 177. , XDMCP, (
#).
xdm-conf ig, , /etc/Xll/xdm/Xaccess. ,
XDM. ,
. ,
. ( # .)
, . CHOOSER , BROADCAST,
CHOOSER, , XDMCP .
*, , XDM. ,

.
*
* CHOOSER BROADCAST
, ,
* . ;
, . , threeroomco. com,
. ,
.
*.threeroomco.com
bronto.pangaea.edu
stego.pangaea.edu
bronto.pangaea.edu CHOOSER BROADCAST
stego.pangaea.edu CHOOSER BROADCAST
^^
XDMCP ,
%\ XDM.
.

/etc/Xll/xdm/Xservers , XDM. XDM
.

14. X Window VNC

337

(
):
:0 local /usr/XHR6/bin/X
, (:0).
XDM -. , XDM
,
, :
term.threeroomco.com:0 foreign
foreign , .
, XDMCP . Xservers,
local. ,
- XDM. , X. -,
-.
, X ^" , XDM. , , X-
.


KDM XDM. , KDM , Session Type,
, Quit ( Shutdown),
- ( ) ( ). ,
KDM, . 14.2.
, XDM, , ,
KDM. , KDM
XDM. kdmrc, . /opt/kde2/share/conf ig /usr/share/conf ig.
, . SessionTypes.
, .
, Xsession
Xsession.d, /etc/Xll /etc/Xll/xdm. ,
, ,
.
SESSION . chksession,
KDM GDM. ,

338

II.


.
, . xsession, .
,
KDM Default.

GDM
, GDM , . , KDM, GDM , /etc/Xll/gdm.
gdm. conf.
, XDMCP, ,
GDM, ,
. , [xdmcp] gdm.conf. =0 =1.
, GDM X- ,
XDMCP, Honorlndirect=0 Honorlndirect=l.
, GDM , -
, ,
[ servers ]. , :
0=/usr/bin/Xll/X
GDM , - ( /usr/bin/Xll/X) -.
, GDM -.
, GDM
. ( GDM Session.)
/etc/Xll/gdm/
Sessions. /etc/Xll/xdm/Xsession.
,
,
.
.xsession.

XDMCP
XDMCP,
X Window .
5, . , SuSE, 7.2, 3, Slackware
4. Debian , ,
X Window , .
/etc/
inittab, :
id:5 rinitdefault:

14. X Window VNC

339

, . ;
.
X Window, XDMCP .
telinit. ,
telinit 5 5.
telinit .

XDMCP, , .
, , , , -.
telinit. , XDMCP, kill
killall, . XDMCP ,
SIGHUP; .

XDMCP,
.
XDMCP, Linux, .
prefdm. Linux, , Red
Hat Mandrake, XDMCP
prefdm ( /etc/Xll).
XDMCP /etc/sysconfig/desktop.
KDE, GNOME AnotherLevel,
XDMCP- KDM, GDM XDM.
SysV. Debian , ,
XDMCP SysV, /etc/
init.d/xdm. , XDMCP.
SuSE, XDMCP, xdm, DISPLAYMANAGER,
/etc/re.config.
. XDMCP Slackware /etc/re, d/rc. 4. 4, Slackware
, . 4
, xdm Debian SuSE. Caldera
, /etc/re. d/rc. gui.
Slackware ,
KDM, GDM, XDM. Caldera
. ,
.

340

II.


, XDMCP- ;
, . , XDMCP -. XDMCP XDMCP,
-. (- Windows,
, . 14.3.)
Connect ( ), , . 14.2.
- . -,
.
-, Windows
MacOS, , XDMCP. , -, Windows, . 14.4.
, . , XDMCP, -, XDMCP. .
.
Do Not Use XDM (Passive). , - Telnet
XDMCP
- ( foreign,
/etc/Xll/xdm/Xservers). XDMCP
, -, .
-,
XDMCP.
XDM Query. , - , IP- .
XDMCP, , -

leeldiodsbooks.com (192.163.1.21 [Available (toad: 0.00.0.00,0.00)

. 14.3. XDMCP ,
-

14. X Window VNC

341

input

Put. 14.4. XDMCP



XDMCP

. 14.2. ,
. XDM Query - XDMCP.
, , XDMCP -.
XDM Broadcast. , -. - , XDMCP
, . 14.3. (
Register Hosts to Search, . 14.4).
XDM Indirect. , , ,
. IP- XDMCP ; X .
XDMCP .
XDMCP X, Windows. To
XFree86, Linux. , . -query _,
-broadcast -indirect. - .
$ /usr/XHR6/bin/X -indirect xdmcp-server.threeroomco.com
, - Windows,
. -broadcast

342

II.

; XDMCP,
.

Linux
X-. , - XDMCP.
, -
: -query, -broadcast -indirect.
,
XDMCP , ,
- -indirect. , X 386.


VNC
X Window Linux. X Window
, .
X Window , .
VNC. VNC X Window,
. VNC -.
.

VNC
,
.
,
. VNC,
, ,
, VNC, VNC.
X Window, , ,
, VNC . - , , ,
-, -? , VNC
, . , VNC, -,
- . -
VNC , - -, , VNC
VNC, . . 14.5 , VNC.

14. X Window VNC

343

'

'

VNC-

. 14.5. VNC - VNC. , , -


,
- -,
.
-, VNC, , VNC . , VNC -,
, VNC , ,
, VNC, .
, , ,
. . , VNC
; , , . (,
, VNC XDMCP.)

344

II.

VNC , Telnet, , XDMCP


- SSH. VNC , . , VNC
, Internet.
X Window . X - ; , .
X Window .
X Window, VNC . VNC ,
. , VNC X. , , - , -
. VNC, , .
,
. ,
. VNC , ; ,
X Window, .
, VNC, ,
VNC, , TightVNC (http: //www. tightvnc. com) TridiaVNC
(http: //Www. developvn. org). , TightVNC TridiaVNC ,
. VNC SSH. ,
, .
VNC X Window , VNC Windows MacOS. VNC
- VNC.
VNC Windows MacOS , , VNC Linux,
, .
VNC, Windows MacOS, , VNC Linux. Windows MacOS VNC
,
.

VNC
, VNC, Web- VNC http:
/ / w w w . u k . research, att. com/vnc/. VNC -

14. X Window VNC

345

Linux (VNC ). ,
( vnc), ( vncserver vnc).
Tight VNC TridiaVNC ,
.
VNC Linux , , VNC
(, 3.3.3r2 VNC).
1. , tar xvfz vnc-3 . 3 . 3r2_x86_linux_2 . .
tgz. vnc_x86_linux_2 . 0.
2. vncviewer, vncserver, vncpasswd, vncconnect Xvnc
, PATH.
-: vnc_x86_linux_2 .
(, /opt)
PATH. ,
.
3. , VNC, .vnc. .
,
. ,
700 (rwX
).
4. , VNC, vncpasswd.
, vncpasswd .
, VNC
, Linux. ( VNC
XDMCP, Linux,
. 3 4 .)
,
VNC. VNC Java-.
VNC Web, Java. Java classes.
README.

VNC
VNC, , .
, , VNC ,
.
:
$ vncserver

346

II.

New ' X ' desktop is vncserv.threeroomco.com:!


Starting applications specified in /home/rodsmith/.vnc/xstartup
Log file is /home/rodsmith/.vnc/vncserv.threeroomco.com:!.log
, ;
. 1 ,
(vncserv. threeroomco. com: 1).
VNC - ( Xvnc). -
, startx; . VNC
, , . -. 0 X, , VNC, ,
1. VNC 2, 3
. .
SSH
f VNC, , , , VNC, ( ) .
, .
, SSH xauth -.
, vncserver export XAUTHORITY=~/ .Xauthority, .
, , SSH.
VNC, ,
-kill:
$ vncserver -kill :1
VNC; vncserver. VNC ,
.
, , .
, , ,
VNC, , .

YNC

, VNC Linux,
vncviewer. , ,
VNC .
$ vncviewer vncserv.threeroomco.com:!
VNC server supports protocol version 3.3 (viewer 3.3)
Password:

14. X Window VNC

347

. VNC
, , , , . - , , Linux.
, VNC .
, VNC
0, Linux , X. VNC,
Windows MacOS. , VNC
, .
, Windows MacOS,
VNC Linux.
, VNC (, vncserv. threeroomco. com: 1).
, ,
VNC.

VNC
VNC , . ,
, NEdit (http: //www. nedit.
org) VNC. NEdit , . .
. , , ,
. VNC. VNC ,
, , .


, VNC, Xvnc.
- ( -) VNC
( VNC). , , ,
VNC Xvnc . ,
vncserver, VNC.
vncserver Perl; ,
VNC, . ,
, , .
, . vncserver , , ,
SGetXDisplayDefaults ( ) .
, . ,
, #,
. , ,
SGetXDisplayDef aults ( ) .

348

II.

. Xvnc . , $geometry. ,
900 675, :
$geometry = "900x675";

VNC VNC ,
, .
.
,
.

. nepeM6HHyro$depth, , . 16 , , , ,
. VNC;
16- .
, , .
, . , , . Add font path and color database s t u f f here.
-fp $cmd, Xvnc.
VNC .
15.
, . vncserver, ,
$def aultXStartup, . vncserver
. twm, . ,
, twm
, startkde, sawmill icewrn. ,
vncserver, ,
.
.
Perl, ,
, , , .
, Xvnc;
$cmd. , , . Xvnc -help &> Xvnc-help.txt
Xvnc-help. txt, Xvnc.

14. X Window VNC

349

vncserver,
. ,
.
vncserver, , . ,
Debian. , , vncserver. . , Debian
$ f ontpath.


VNC vncserver.
, .
VNC.
, .
. vncserver
, , . , -geometry __
.
Xvnc.
.
VNC
~/ . vnc/xstartup. xterm.
, X Window.
. , Debian
/etc/Xll/Xsession, , , ~ / . xsession.
,
. , . ,
-geometry vncserver,
, . : vncserver - VNC,
.

XDMCP VNC
VNC : , VNC, ,
, . .
VNC - XDMCP .
.

350

II.

-, VNC - XDMCP . , ,
VNC - -query _.
xinetd, :
service vnc

{
disable = no
socket_type = stream
protocol = tcp
wait = no

user = nobody

server = / u s r / l o c a l / b i n / X v n c
server_args = -inetd -query vncserv -once

}
. ,
-inetd Xvnc , , -query
vncserv , vncserv. -once , , ;
, , VNC
. Xvnc, -geometry
-fp. , /etc/services .
vnc 5900/tcp
VNC 5900-5999, 58005899 Web- ( Java-). 5900 0, 5901 1 . .
, XDMCP VNC 0. , XDMCP
, -query. , -
. , 0
800 600, 1 1024 768 . .
/etc/services :
. VNC
XDMCP. (,
VNC-, .)
VNC
, .
, VNC XDMCP XDMCP -.
. .
VNC . ,
; , .

14. X Window VNC

351

VNC -
VNC. VNC , , - Windows MacOS
.
VNC .
- VNC, ,
, X.
VNC
X Window, VNC
X Window .



. 14.1 , . ,

. , VNC- .
SSH, , , ,
.
, , ?
. X Window Linux UNIX .
, X Window , .
X Window Linux Windows MacOS, -
, . VNC
, , ( X Window, - ,
, - ). VNC
, . X Window,
.

14.1. ,

SSH-


(

)

XDMCP.

VNC XDMCP

VNC

14. X Window VNC

353

. ,
, ,

. Linux X Window,
.
X Window : - , , XDMCP .
VNC. ,
.

15

, .
-. , "" . "", ,
. "" .
( , ), . , ;
. .
Web-, ,
. , ,
. ,
, .
Linux
.
, .
, . .
,
.
, Linux, ,
X Window.
. .


, X Window,
, . XFree86 FontPath.

15.

355

XF86Config, /etc
/etc/Xl 1. - . 1990- Linux
. . ,
.
- , ,
. , - ,
. , , XFree86 4.0,
TrueType. XFree86 , , ,
. TrueType
, XFree86. TrueType
XFree86 , ,
. , , Multiple Master, .
, ,
, . ,
,
. ,
. ;
,
.
.
, , , , -, ,
. ,
. -
, , .
, WYSIWYG (what-you-see-is-what-you-get).

.
.
; f , ,
. .
, . ,
, ; ,
.

356

II.


: (
). . ,
Linux, .
.


,
( ), ,
. .
-
, , .
,
X Window . (
, ,
, .) .
. .
. 15.1, . , , ,
. ( , ) .
, , .
. ;
. (
. . g, j , p, q . , . 15.1
, .)
, .
.
, .
(dpi
dots per inch), . . , .
, .
72 120 dpi,
, , 144-1200 dpi. ( ,
144, ; ,

15.

357

. 15.1. ,
,
, .)
, , 1200 dpi.

,
.
. 1980- . . ,
.
( ).
9-14 . . , , ,
12 144 dpi.

358

II.


, ,
, .
(, 12 10 ),
.
, , .
. 1980- , , ,
, 1990-

.
.
.
X Window SNF (Server Normal Format ),
. , X Window PCF (Portable Compiled Font ). BDF
(Bitmap Distribution Format ) X Window, - ,
BDF PCF.
. Linux,
.
^^
^\

XFree86 PCF-, gzip.



. PCF- .pcf .gz. X, .

, Linux, X Window. .
, Packed Font ( . pk).
,
, ,
Packed Font, .


, , , .
, .
,
(, ), , , ,

15.

359

15.1. , . 15.1

. .


10000
10000
20000
20000


10000
60000
60000
40000

, . ,
, .
,
. . 15.1. 8 x 8 , 80000 80000,
, . 15.1.
.
, .
, . , .
. , .
(hint).
, .
, ,
, , .
, , . ,
, . ,
.
,
, . , ,
, ,
. .
,
(. . ) .
. , ,
, ,
.

360

II.

. Bitstream Speedo, Adobe Type 1, Type 3, Type 5, Type 42 Apple


TrueType. ( Type 42 TrueType, PostScript-.)
, ,
. ,
. , ,
. , ,
, .
Linux ( , XFree86) Speedo
Adobe 1. Speedo , 1 ; -
Internet. , 1 Linux. Windows
MacOS TrueType , 1. , TrueType Windows. ,
TrueType , 1,
, .
TrueType
, 1.

Microsoft TrueType, . Web- http://www.microsoft.com/typography/


fontpack/. ,
Windows 3.1, Linux.
( Windows) zip-; Linux unzip. .
Web- , ,
, , , ,
Web-.

XFree86, 4.0, TrueType , . TrueType


X Window, TrueType .
X Window , .
, , . Ghostscript (PostScript-
, PostScript) :
Ghostscript 1, TrueType.

15.

361

. , ,
.

xf s, XFree86,
. - , , .
, .
, . XFree86 xf s,
, ,
. . ,
, -,
.

, Linux
Linux xf s, XFree86. X Window, . , /usr/XHR6/bin; , ,
XFree86-xfs xfs.
XFree86, 4.0, , TrueType.
, , .
xf stt. TrueType. Type 1,
BDF .
TrueType XFree86, ,
XFree86 4.0. TrueType, xf stt
. x f s t t ftp://ftp.metalab.unc.edu/pub/Linux/
X l l / f o n t s / x f s t t - 1 . 1 .tar . gz (
xf stt-1.1. tar. gz ). x f s t t , ,
, , .
(, 86 PowerPC), x f s t t
.

362

II.

xf sft. xfs, XFree86 3.3.x. x f s f t TrueType FreeType (http: / / f reetype. sourcef orge. net/
index2 . html). ,
TrueType, Type I, BDF . x f s f t xfs, XFree86 4.0;
XFree86.
- x f s f t , , h t t p : / / w w w . d c s . e d . a c . u k / h o m e / j e c /
programs/xfsft/.
TrueType -.
, Windows MacOS.
, , ,
. xf stt, x f s f t
. -
, .

Windows MacOS (anti-aliasing). _


, . ,
. X Window 4.0.2
. , , http:
//sdb.suse.de/en/sdb/html/chofman_ttf_72.html.

,
Linux, . , ,
. . x f s x f s f t . xf stt
.

,

Linux XFree86 XFree86
XF86Config /etc /etc/Xll. , Font Path,
.
XFSGConf ig .
FontPath "/usr/XllR6/lib/fonts/Typel/"

15.

363

FontPath "unix/:7100"
FontPath "tcp/zapf:7100"
^^
, , ^\ .
FontPath.
,
. Linux , XF86Config , ( ).
,
, FontPath
.
,
. unix , , UNIX. (7100)
, . , ,
, .
.
, . tcp
, .
( zapf) , . (
, zapf. threeroomco. com.) , ,
, .
, , , 7100. (
1.)
. , , . , 7101
7102.
.
/ e t c / X l l / f s / c o n f , conf con fig.
. SysV, , , . , Red Hat, SysV
, . . ,
. , ,

364

- ,
.



, , , ,
. . ,
, .
.
,
.
,
xf s -conf ig /___.

. ,
, .

,
X Window. ,

, . X Window, -
.

, .
TCP-. Red Hat 7.2 /etc/Xl 1/
fs/config no-listen = tcp,
TCP-. ,
7100. ,
, ,
. Red Hat
SysV xf s.
1. Mandrake 8.1
1.
.
,
( /etc/re. d / i n i t . d/xf s) . , daemon xfs -port -1, 1 7100 , . /etc/XF86Conf ig,
/etc/Xl 1 ( -
XF86Conf ig XF86Conf ig-4), ,

15.

365

. FontPath, unix/ : -1, -1


7100 , xfs.
x f s , - ( Restart X Server
Mandrake).

| . , , , . , .
SysV, x f s Red
Hat Mandrake, restart, .
, stop, start.
,
- ,
. ,
XF86Config FontPath.
FontPath, tcp. , ,
, , . , , , ,
FontPath ,
. ,
FontPath, , . ,
, .
,
f , , .
FontPath, ,
, . ( . , .
, X Window, .)
, .
, Internet,
, . , ,
Internet,
. ,
. ,
, .
, ,
Internet . , -

366

II.

, , .
iptables 25.


, , , , Linux UNIX. (- Windows,
MacOS .)
,
: (
, -)
.


(
/ e t c / X l l / f s / c o n f i g /etc/Xll/fs/conf).
FontPath, XF86Config,
conf ig conf catalogue. ,
, .
catalogue = / u s r / X l l R 6 / l i b / X l l / f o n t s / 7 5 d p i : u n s c a l e d ,
/usr/XllR6/lib/Xll/fonts/Typel,
/usr/XllR6/lib/Xll/fonts/TrueType,
/usr/XHR6/lib/Xll/fonts/75dpi
catalogue . . , . : unsealed,
, , ,
, .
unsealed : , , ,
, , (
).
XF86Config. 75dpi , , .
, Typel TrueType,
75dpi
.
, catalogue,
. , ,
, Internet -, .
, ,
. , -

15.

367

. ( ,
.)


.
fonts . dir, :

__1 XLFD1
__2 XLFD1
, ,
. . , ,
(, goodf ont. ttf tlf 32 . pf b).
.
1 . PFB (Printer Font
Binary ) ;
fonts . dir. PFB-
fonts . dir PFA (Printer Font ASCII ASCII ),
, . , ,
.pfm, . afb . afm. ,
1.
(XLFD
X Logical Font Descriptor). .
-bitstream-charter-medium-r-normal0-0-0-0-p-0-iso8859-1
,
(-). (bitstream);
(charter); "" (medium); , (); (normal);
( ); (,
, , ); , ();
(0 ) (iso8859-l).
XLFD ,
. XLFD
fonts . dir .
^^
. ^\ , Times . Times , ,
fonts.dir XLFD.
,
, , .

368

II.

, fonts.dir
1, , typelinst.
Linux, .
1
:
# typelinst
typelinst ,
XLFD- fonts .
dir. , , , 21 fonts . dir,
, .
fonts . dir, typel inst, , , , , . - ,
fonts .dir, . .
, , ,
, , , ,
.
TrueType.
ttmkf dir FreeType,
xf sf t XFree86 4.0. ttmkf dir typelinst,
-.
,
. ,
-. , , :
# ttmkfdir - - fonts.dir
, ,
, -. ,
.
, typelinst ttmkfdir
f fonts.dir . , fonts . dir.
, fonts . dir . ,
.
fonts.dir . , -,
, , .
:
# xset fp rehash

15.

369

, -.
-, , - .

, ,
, . ,
, ,
,
. , X Window
.
, , (,
), .
.
, .
, Linux, FontTastic (http:
//www.bitstream.com/categories/developer/fonttastic/).
, X Window
, . FontTastic , ,
,
.
, -. , , - , X Window. , ,
. . ,
- , .
, ,
. -
,
. .
FontTastic, . . (
TrueType , PostScript-, 42. ,
, . -

370

II.

.)
FontTastic, (,
, . .),
.
FontTastic ,
Linux.
: Corel WordPerfect Office 2000 (
) VistaSource ApplixWare Office
(http://www.vistasource.com/products/axware/).
, FontTastic
. FontTastic
,
.
FontTastic . , ,
,
. .
,
, .
WYSIWYG - .
,
X Window. WordPerfect 8.
. , ,
.
, . ,
, .
, X Window ,
. , , .
,
.
FontTastic.

. . , ,
. X, . ,
, ,

15.

371

-; , ,
. , ,
. , , .
,
.

16

, 13 14, .
. , . ,
. , , . ,
, . (Linuxconf Webmin), ,
(Samba Web Administration Tool,
SWAT). , .

.
. .
Web-, ,
Web-. Linuxconf,
Web-, . ,
, 13 14, ,

, .

16.

373


,
. , ,
, .
, , . . ,

.
.
Linuxconf Webmin, , , .
, . . , SWAT,
Samba, . SWAT
Samba, Linux
.
HTTP,
Web-. , , , Web-.

URL.



Linux
, , Linux. , , ,

. , , ,
Linux inetd, xinetd,
SysV . . , Linux (, YaST,
SuSE), , , Linuxconf Webmin, .
Linuxconf Webmin Linux
.
,
,

374

II.

. , :
, , . ,
(, SysV /etc/inittab) (, Apache, sendmail
Samba). Linuxconf Webmin, , .
. Web-,
.
, Linuxconf Webmin, .
, , . ,
.
, .
Linuxconf Red Hat. , Red Hat 7.1
Linuxconf.
, (
SWAT), . , SWAT
(smb. conf).
, SWAT Samba, . , SWAT, .

Linuxconf

Linuxconf Red Hat Mandrake,


.
, Caldera, Debian, Slackware SuSE. http://www.solucorp.qc.ca/linuxconf/, ,
Linuxconf.
Linuxconf , ,
. Linuxconf ,
Web-. Web-
, , . Web-
.

16.

375

Linuxconf

Linuxconf
( GNOMELinuxconf, Solucorp ). Java-.
Web- ,
. Linuxconf
.

Linuxconf
Linuxconf . Linux inetd xinetd. ,
/etc/services . Linuxconf :
linuxconf 98/tcp
, , linuxconf -http. /etc/
inetd. conf :
linuxconf stream tcp wait root /bin/linuxconf linuxconf http
xinetd Linuxconf , /etc/xinetd.d linuxconf-web
linuxconf, .
Linuxconf , ,
disable = yes, , yes
.


Linuxconf, , , Web-. 98. , , remote. threeroomco. com, URL
http: //remote. threeroomco. com: 98. Web-
, Linux ,
Linux, UNIX, Windows, MacOS .
Linuxconf Web-,
. , , Linuxconf - Web-
, Enter, .
. , .
, ,
Linuxconf, , . ,
Linuxconf . .

376

II.

f{|essus.rodsbooks.com; Linuxcon... ^
This is the main entry to Linux configuration.
Use the TAB Key to navigate between the field
section and the button bar at the bottom.
Check out the help for this screen. It Is an
introduction to Linuxconf

' Linuxconf htrnl access control]


^fflnffil

Networking

Users accounts

Miscellaneous services

.jln/yar/log/linuxconWitmlaccess.log

network or host

1127.0.0.1

netmaskfopt)

]255255.255.255

network or host (l;92.168.1.0


netmask(opf)

boot mode

Enable network access


Log access

File systems

Vou can specify wnlch networks or hosts are allowed


to access linuxconf to configure your computer
(They need a password still)
Linuxconf listen on port 98. Point your browser to
http://your_machine:38/

network or host
netmaskfopf)

[255255.255.0
I
|

network or host

. 16.1. Linuxconf
-,

. 16.2. Linuxconf ,

1. linuxconf root.
linuxconf.
Linuxconf ,
. X Window
Linuxconf, Linuxconf. Linuxconf,
Mandrake, . 16.1. Linux
-,
.
2. ConfigONetworkingOMiscOLinuxconf Network Access Options. , . 16.2,
. ( .)

16.

377

3. Enable Network Access. Linuxconf


.
4. network or host 127.0.0.1, netmask(opt) 255.255.255.255. Linuxconf .
5. network or host , Linux. netmask(opt)
. , , . 16.2,
, , 192.168.1.0/24.
6. , ,
( ), Linuxconf.
7. Accept, Dismiss Quit,
Linuxconf. ,
, .
, Do It.
Linuxconf
,
5 6. , ,
, Linuxconf. (
, .)

Linuxconf Web-
Web-, Linuxconf, , URL, http: //_: 98.
IP-. Linuxconf.
Enter, , . root ,
Linux.
Linuxconf . 16.3.
, . 16.3, , , Web-. -
, ,
, . , , . 16.3,
Networking Config, ,
, Linuxconf Network Access Misc,
Web-, . 16.4.
, , . 16.2.
, Linuxconf.
Web- Linuxconf ,
, , , Web- -

378

II.
Netscape nessusrodsboote wm'nessusrodsbooks.corrv Llnuxconf 1 21 (subrev 5)

tp://nessus.rodsbook*.com:98/htftl:/
This is the main entry to Linux configuration, check out the heip for this screen. It is an introduction
to Unuxconf

Networking
Users accounts

boot mg_dg_

MHMHD

Control panel
Control files and systems
data u time

. 16.3. Linuxconf, Web,


, ,
. Accept ( . 16.4, , )
. , Linuxconf, ,
.
Web-,
f Linuxconf, Accept, . , Linuxconf , Web Back.
. 16.1 16.3, Linuxconf
. Linuxconf
Web-, .
, Accept,
Back. He ,
, . , Linuxconf
. - ,
Linuxconf . , Linuxconf , /etc,

379

16.
(Netscape: nessus.rodsbookscom:Unuxconf html access control]

|#

;4.apj.
-**,

'e**^;fftvfew - efd

-7"'.'Searcli

, sAiA^k tee*tf>' |http//neaius rodat

Security
ks com 96/htnl /ok, -Networking/ok, --Linuxconf-net A

ni*uj.tQ(b'bp(jkt.conii LlnujiConf 1.21 ffubntv

Enable network access


Log access

Q in /var/log/linuxconf/htmlaccess.log

network or host ]>27.o.o.i


netmask(opt)

[sitTsB.iit!

network or host 32.161.1.1


netmask(opt)

ll2ss.2ss.2S!

network or host j!
netmask(opt)

. 16.4. Linuxconf , ,
,

/usr/local/etc, .
Linuxconf . , Linuxconf
, .
Linuxconf Web-. Linuxconf -,
, , . ,
.


Webmin
Webmin (http://www.webmin.com/webmin/)
, Linuxconf. Linux. Webmin Linux, UNIX (,
Solaris FreeBSD), MacOS. ( http://www.webmin.com/webmin/support.html.)
Webmin Linuxconf. Web-

380

II.

min ,

Linuxconf.

Web min
Linux, , Mandrake Webmin ( Debian 3.0).
Webmin Web-. Webmin RPM, tar-.
Webmin RPM , ,
. tar-,
. Webmin tar- .
1. root, ,
Webmin. /usr/local,
, /opt.
2. Webmin, tar xvfz //webmin. tar. gz.
webmin-, Webmin.
3. Webmin cd webmin-.
4. . / i n s t a l l , sh. , , Perl. .
, , (
Webmin).
Webmin, .
Webmin Perl,
. ,
. Webmin ,
Perl,
Linux.
Webmin , /etc/webmin ( Webmin tar, ). , , ,
config miniserv.conf. , , Webmin , . ,
miniserv. users .

381

16.

( Webmin RPM, root /etc/passwd /etc/shadow.


Webmin tar-,
.) /etc/webmin
, Webmin.
Webmin
SysV. , , Perl- Webmin
/etc/webmin/start.

Webmin
Webmin, ,
Linuxconf. URL Web- ( 10000), ,
Web- Web-, . 16.5. Linuxconf,
Webmin ,
, Linuxconf. , , System Servers. Webmin
Webmin. Hardware
(, ), Others
.
Netscape: Webmin 0.86 on speaker.rodsbooks.com (Caldera Openllnux 3,1) J
File

Edit

View

Forward

00

Coi

--

Reload

Search
* Netscape
A-

Home

<*

Print

* Shop
' ;'-:-p

Security

; iittp//spe ake dsb oka com

Webmin

Version 0.88 on speaker.rodsbooks.com (Caldera OpenLinux 3.1)


Webmin

!
Webmin Actions too.

Webmin Ccnfigyratian

- Webmin Servers Index

WsbrninUsers

Logout

. 16.5. Webmin ,

382

II.

tp //speaker rodabooka. -lOOO/bindS/


Global Server Options

i\J

Other DNS Serusrs

Logging and Errors

Access Control Lists

Files and Directories

Forwarding and

Addresses and
Topology

Miscellaneous Options

Zone Defaults

Existing DNS Zones

rodsbooks.com
' '

. 16.6. . ,
, , Webmin
Web-, , , . , , DNS, , Web-,
,
. , . 16.6, ,
DNS, . , , , , .
. 16.7. , Save, .
Apply Changes, . , ,
, Stop Start.
, Stop, Start.
Webmin ,
. , ,
, Webmin .
,
.
, Module Configuration, ,
Web-, -

383

16.

;-)'~'11^^^^

\ UJCStfiorH jbttg // ^ flab ooks com 100 00 /b ind8 /c onf _ rvar ding cgi
Webmin
Index
Module

Forwarding and Transfers

Servers to forward queries to

Lookup dlrectlv If no response from forwarder <s Yes No Default


Ma*lrw..n*mBtransfertlme

-,

'

Zone transfer format

0 Or at a time Many Default

Maximum concurrent zone transfers

pa
. 16.7. Webmin ,
Linuxconf

. ,
Webmin .
Webmin , Linuxconf. Webmin Linuxconf, Linuxconf
. ,. .
Webmin, Logout, (. 16.5). Webmin ,
Web-,
Linuxconf.

Samba SWAT
SWAT (Samba Web Administration Tool), Linuxconf Webmin, . , SWAT
Samba. ,
,
Webmin Linuxconf, , SWAT
Samba. SWAT
Samba,
,
, . SWAT

384

II.

, . Help, Web-
, ,
,
smb. conf. SWAT ,
smb. conf include,
. ,
Samba,
SWAT.

SWAT
SWAT swat.
, 4, swat
. /etc/inetd. conf
:
swat stream tcp nowait.400 root /usr/sbin/tcpd /usr/sbin/swat
xinetd, SWAT
/etc/xinetd.d/swat. SWAT,
, disable = yes. , yes . ,
inetd xinetd, , SWAT ,
.
^^
SWAT Samba (samba, samba-common,
HA^\ samba-server . .),
( swat samba-swat). Mandrake, Slackware, SuSE TurboLinux SWAT Samba,
Caldera, Debian Red Hat SWAT .
SWAT 901. inetd, xinetd
/etc/services :
swat 901/tcp
.

SWAT
SWAT ,
Webmin Linuxconf, URL 901. ,
SWAT Samba,
samba. threeroomco. com, URL
http: //samba. threeroomco. com: 901. ,
Web-, .

385

16.

Samba NetBIOS, SMB/CIFS


. SWAT ,
NetBIOS, SWAT
, NetBIOS. Samba . , Windows
NetBIOS, , Linux,
.

,
, SWAT .
, root. (
SWAT, , Linux,
, Samba.)
, SWAT , . ,
, . ,
root , SWAT , . 16.8.
: Globals, Shares,
Printers, Status, View Password.
smb.conf [Netscape: Samba Web Administration Tool)

"*

Back
h W I,. 1.4, in .11 .HltM^lll^lllia^itlj^l^iaH!..!!!.,.*.......!, ,, _ _ , l . , l . I 1|...,.,|,....|||.,.>>14&|>.1|1 IH.Illi .1.

HOME

GLOBALS

SHARES

PRINTERS

STATUS

VIEW

1 Illlllll.llllllfllhSillitlill M,.linirt.>t^.l.lM>.JM.

PASSWORD

Welcome to SWATI
Please choose a configuration action using one of the above buttons
Samba Documentation
Daemons
smbd - the SMB daemon
nmbd - the NetBIOS nameserver
winbin^d ^ the vrinbtnd daemon
Configuration Files

'

. 16.8. SWAT ,
, Samba

386

II.
[Netscape; Samba Web Administration Tool
F*te' Edit
Back

View - Go~ CotfttiKwilcator

:tf

Fw/^rti

"*

Reload

4fc

Hoffie

*. ..&

Search

Netscape

Print

Security

Shop

^J* BOOWfat* ,& We*; SttpTT/speaker rodsbooka.con-901/global

Global Variables
Cpmmit Changes) jReset Values| '.Advanced View)

Basa Options
Help

workgroup

Help

netbics name

Help

server string

HSpcftktt to JUUjnl>

Halo

interfaces

92.168.1.1/2SS.255.255.0

{set: Default]

Sacurlty Options
Help

security

. 16.9. Samba

, . Status
. View
smb. conf, Password . , root, Globals, Shares Printers ,
Status Password .
, Web-
Samba.
Samba Globals,
Shares Printers. Globals, . 16.9,
[globals] smb.conf. NetBIOS,
, .
Shares Printers . ,
.
, , Choose Share
Choose Printer, Choose Share Choose Printer.
,
.
, ,
, Delete Share Delete Printer.

16.

387

, ,
, Create Share Create
Printer. , ,
smb.conf; SWAT . ,
.
7, [homes] , , , .
, *, , [printers].
[printers], , [printers], ,
.
Globals, Shares Printers Advanced View. (
Globals Shares
.)
Samba. Advanced View
, , Advanced View
Basic View. Basic View SWAT
. Samba
, , Advanced
View . 4
, , .
Globals, Shares Printers
Commit Changes,
srab. conf. Samba, . ,
Status. Restart smbd, Restart nmbd.
( ,
, ,
.) SWAT, Web-,
.

, , : (
)
.
.
. ,
,
.

388

II.

. ,
, . , , .
, .

, . 13,
,
, SSH, , . ,
SSH Linuxconf SWAT,
. Webmin
SSL (http: //www.openssl .org), , ,
SSL. , Linuxconf SWAT ( Webmin
) ,
.
, , ,
. , 13,
, root .
,
, su. : root.
Webmin
, , . ( ,
"" , .)
, , .
, Linuxconf IP-
, .
xinetd, , , TCP Wrappers.
. , IP-, ,
.
, .
, , - .
, SSH.
SSH-; . -

16.

389

, , , , .
, , SWAT,
, , Linuxconf
Webmin. . SWAT, ,
, /etc. ,
, Telnet. ,
.
, . IV.

Linux,
, . , ,
, .
, .
Linuxconf Webmin.
Linux, ,

. ,
, SWAT. ,
, .

1 17
'""""^

,
, .
,
, .
X-. ,
. ,
, . ,
. , -.
, ,
:
tar ,
Linux UNIX, Samba Windows AMANDA.
, .
, . , ,
(Preston) Unix Backup & Recovery (O'Reilly, 1999).

.
, Linux,
, tar, cpio dump, .
, -

17.

391

, ,
, , ,
. (

.) ,
, .
. ,
, . , ,
100 1000 . .
, ,
, ,
. ,
.
,
, '> '*'
;,
'' , , , ,,,
, - .,
- ' .
10QO .
, 5 20 ,. , DAT (Digital Audio Tape
) DLT (Digital Linear Tape ).
^
DLT "" . -
,
.
. ';'?,--'
,
, , - ;
. , - .
- ( ) DVD. - -1
(630 ) ^
, , ^
. \
' DVD , ." one-;
: , ''
. !
( - 10 100 ), :
. Linux ,,
, : "
, cdrecord. c'taKHX
, , - *
.
} .;.'
t

392

II.

" , . ,
', , - >
. . ..
-,
;
.-.'. - ' , -/W
-:
' ; .
*: %,'
'"<>
-/,
.
, .
, , .


.
, , ; ,
. ,
. , ; , , . ,
. .
.
^<

, , , ,
, , . , , , , , .
.

.

,
, , , , -,
, . ,
. , , -
rshd Samba. , ,
.
. ,

17.

393

,
. , , .
.
, ,
, , .
, .
. , , -; . ,
Linux UNIX,
root, .
, , , , . ,
, .
, ,
.
, ,
, .

,
, , , ( ),
, .
. .
.
,
, ,
(, ).
. ,
, . ,
,
, Zip.
. .
, NFS SMB/CIFS, , FTP, . IP-

394

II.

, , /etc/shadow.
, .
, , , . ,
,
. , AMANDA, SUID.
.
, f , .
, . ,
.
.
.
, , , ,
root.

tar
tar ,
Linux UNIX.
, . tape archive (
). tar
, . tar Linux
, cpio dump.
Linux.
tar; ,
, ,
, smbtar AMANDA.

tar
tar ; . tar : .
tar, , ,
, , . . . ,
, , ,

395

17.

gzip bzip2 . . tar


:

tar [] _
.
, tar
. ,
(/).
. 17.1 17.2 tar.
.
, tar.

. , SCSI
. /dev/stO
/dev/nstO. /home
:
# tar create verbose file /dev/stO /home
, . 17.1 17.2,

# tar cvf /dev/stO

/home

tar ( one-file-system, same


-permissions, listed-incremental --verify) . Linux (, /) . , ,
, . --one-file-system
, . one-file-system
exclude exclude-from, -

17.1. tar

create
concatenate
append

A
r

update

--diff compare

list
--extract --get

t
x


tar-


,
,
,

396

II.

17.2. tar

absolute-paths
bzip2

directory
exclude
exclude-from
file

()
X

[:]

-gzip ungzip

-listed-incremental=jaU7i

-multi-volume

-one-file-system

-same-permissions
-preserve-permissions
-tape-length N

-verbose

-verify

/


bzip2. ( tar )


,

,

. ( , .)

gzip ungzip
,



;
multi-volume

,

,
/.
same-permissions , tar . , umask.
same-permissions .
tar listed-incremental,
, -

17.

397

. tar
, . tar listed-incremental ,
. , , , .
. .
( ,
, , , ,
. , ,
, .) ,
. ,
,
machinel, machine2 . .
verify ,
. , , ,
. (
.) tar verify dif f,
. , , , ,
. , , /tmp
.
, . , /us, ,
.

, bzip2 gzip . tar, , . bzip2
gzip , ,
, , , .
, ,
. - ,
.
, . , BRU (http: //www. tolisgroup. com)
.

398

II.



, ,
,
. ,
, , ,
, , ,
, , . ,
, , . ,
,
, .

, . , , .
: /dev/stO, /dev/nstO,
/dev/htO /dev/nhtO.
SCSI, EIDE/ATAPI. ,
, (nonrewinding
device). , ,
. ,
(rewinding device).
. , , .
, ,
, . , ,
, 1, 2 . .
, . , , , .
/dev/qftO /dev/nqftO. , .
.
Linux.

, . SCSI SCSI,
SCSI.
EIDE/ATAPI EIDE, EIDE/ATAPI.
, .
, .

17.

399

, ,
.
,
mt.
, ,
, .

mt tar . .
, tar, .

tar mt, .
mt :

mt [-f ] []

[]

: f sf (forward space files


), bsf (backward space files ), rewind ( ) datcompression ( ; 0 , 1 ). ,

.
# tar cvplf /dev/nstO testdir-1/
# tar cvplf /dev/nstO testdir-2/
# mt -f /dev/nstO rewind
# tar df /dev/nstO testdir-1/
# mt -f /dev/nstO fsf 1
# tar df /dev/nstO testdir-2/
. tar
, ,
, .
mt .
.

,
tar,
, ,
tar, -, tar .
, tar.
,
.

400

file, . 17.2, tar .


, ,
, . ,
, rshd
( in. rshd).
. rshd tar ,
. rshd
Linux .
/etc/inetd. conf :
shell stream tcp nowait root /usr/sbin/tcpd \
/usr/sbin/in.rshd -h
xinetd,
/etc/xinetd.conf
/etc/xinetd.d.
, TCP
Wrappers xinetd. rshd IP-. TCP Wrappers
xinetd ,
, rshd
, .
rshd IP-, .
, , . rshd ,
root, , .
-h,
inetd. conf. , ,
. -h,
,
. (
.)
-h rshd .
| -. SSH
ssh rsh. tar
ssh.
, ,
-h , . SSH
,
.

17.

401

, . .
, ,
. ,
Internet, , ,
.


, . ,
, :
# tar cvlpf buserver:/dev/stO /home /var /
/home, /var /
, buserver. , .
,
.
, , mt. , mt -f buserver: /dev/nstO
rewind .
, , . , ,
, . , , ,
.

,
, , , . ,
; , , .
NFS.
, , .
^^
,
^ \ NFS.
Windows smbmount.
Linux ,
.
NFS.

402

II.

,

Linux 8.
, , , .
/, . ,
,
.
;
.
,
, . . ,

,
. , ,
.
. , ,
root,
. , no_root_squash.
, .
,
, , ,
. ,
IP-.
,
, ,
.
, , : /home,
/var / ( ).
/etc/exports. buserver, :
/home
/var
/

buserver(ro,no_root_squash)
buserver(ro,no_root_squash)
buserver(ro,no_root_squash)

rw
NFS. . , ,
j brown,
, .

17.

403

, ,
.


, , ,
, , , , , , . , bud lent, /mnt/client, .
.
#
#
#
#
#

mount -t n f s - soft buclient:/ /mnt/client


mount -t nfs -o soft buclient:/var /mnt/client/var
mount -t nfs -o soft buclient:/home /mnt/client/home
cd /mnt/client
tar cvlf /dev/stO home var ./
, NFS , ,
.
,
mount.

, cd.
. , . tar
, ; .
, /mnt/client
.
:
# tar cvlf /dev/stO /mnt/client/home /mnt/client/var /mnt/client
/mnt/client. ( absolute-paths, / mnt/client.)
, , , mnt/client.
,
, .
, J ,
. - soft. NFS
tar ,
"" .

404

II.

SMB/CIFS
tar rshd, ,
NFS, ,
.
.
SMB/CIFS.
,
Windows. 7 Samba,
Windows Linux SMB/CIFS.
, Windows, Linux.
Samba,
7.

Windows
Linux
, , Samba , NFS,
Samba Windows .
, smbtar,
Windows.


, , -,
. Windows SMB/CIFS.
Samba Linux,
Linux . (
, ).
Windows SMB/CIFS,
. Control
Panel, Network Network and
Dial-Up Connections. Windows 9x/Me,
Network, Network.
Windows NT 2000
Network and Dial-Up Connections Properties.
File and Printer Sharing for Microsoft Networks.
, Add Install. , File and Printer Sharing for Microsoft Networks, . 17.1.
, .

405

17.

Ook * Network Service M you Mr* to Met, ftencfck QIC. V jroths


sn JntfdWon <fsU *, <**, Hv Disk.

NtwokSeivfc
Fie and PiMer Shacinj f MfctwoR NttwBk
QoS Packet Scheduler
SAP Agent

Cancel

. 17.1. Windows SMB/CIFS,


File and Printer Sharing for
Microsoft Networks
Identification Network (Windows 9x/Me)
System Control Panel (Windows 2000).
SMB/CIFS, , . .
1. My Computer , ,
Sharing. ( , , , SMB/CIFS .)
Properties, . 17.2.
2. , Shared As Share This
Folder. , .
Linux. ( Windows 2000
New Share.)
3. Windows 9x/Me Access Type
.
, ,
( Windows 9x/Me,
, Full Access
). Windows 2000 Security ,
.
4. , .

406

II.

11
< |] Took j Hardware Stains j Security) Quota |
You can share this folder among other users on your
network. To enable sharing for this loer.<*4 Share s
Do not share this folder
~& Share this foHer
Shete name*

| C$

Garment

jDefau share

Urn ML

~,

ft Maximum alowed
(~Afa

Users

To set permissions for how users access th


fotder over the network. eSek Penwsswt.
To configure settings for Offfine
this stood fofcto, dick Caching.

Cancel '

. 17.2. Sharing Windows 2000.


Windows 9x/Me

5. . 1-4 , .
. , Network Neighborhood .
Linux
smbclient.

smbtar
Samba smbtar. , tar SMB/CIFS.
smbtar , tar smbclient,
, Windows. smbtar
, . smbtar :
smbtar -s __ \
[- __] [- _]
[- ] [-d ] [-t ] [~r] [-v]

, smbtar. .

17.

407

s __.
. NetBIOS- . name resolve
order smb.conf, DNS-
.
__. ( 2 ). backup.
_. , , , . , Windows 9x/Me
, ,
.
. ,
. , ,
( , smbtar ),
, ( ps). smbtar
, ,
root.
d . , . ,
, -d .
t . ,
, ,
.
$, ,
tar. out.
. smbtar .
-, .
v. .
-v , smbtar .
,
CDRIVE WORK. :
# smbtar -s WORK -p password -x CDRIVE -t /dev/stO -v
, ,
. , smbtar tar, ,

tar.

408

II.

smbmount
smbtar,
Linux SMB/CIFS.
mount smbmount.
mount smbf s,
NetBIOS- Windows,
. :
# mount -t smbfs //WORK/CDRIVE /rant/backup - \
username=fred,password=password
smbmount :
# smbmount //WORK/CDRIVE /mnt/backup - \
username=fred,password=password
^^
smbmount 2.0.x Samba HA%^ .

. smbmount, 2.0.5-2.2.2 Samba.


t

, mount smbmount . , ,
smbtar. , mount smbmount,

tar. , ,
, .
Windows
umount smbumount. umount .
# umount /mnt/backup

Windows
Windows
Linux. . , mount smbmount , Windows.
, Windows. FAT (File Allocation Table ),
Windows 9x/Me Windows NT, 2000 ,
, ,
. 8.3.
Windows . , , , ,
. ( 8.3, ,
,
, File. txt. , 8.3 -

17.

409

.)
Linux - , 8.3, .
Windows, Linux 8.3, , mount smbmount, ,
(, f i l e . txt).
, 8.3 , ,
. ,
Windows .
smbtar 8.3
, . , Windows ,
, ,
, . smbtar,
Linux, 8.3,
, . . ,
.
, .
8.3, . Windows ;
DOS, Windows, DIR,
, . Linux
, ,
Windows. , ,
. ,
, .
, Windows 8.3, .
. ,
.
. , . ,
Windows Program Files.
APPS, , .
. , , ,
.
.
,
. ,

410

II.

PATH AUTOEXEC. BAT, .


, 8.3
.
, . 8.3 Windows , , . , longfilename.txt
8.3 LONGFI~1 .TXT. , 8.3
~1, .
, . Windows- Linux . , .
, Windows , .
^
NTFS (New Technology Filesystem 4 ^. ), Windows NT, 2000 ,
8.3, . , ,
FAT.


Samba .
Samba,
. ,
, .



.
. , (, Zip
Jaz). . , ,
,
.
. ,
, , . . 7.

17.

411

. , . ,
.
, ,
, .


,
Samba. , , ,

. , max connections, ,
.
, Zip,
/mnt/zip.
[zip]
comment = Zip Backups
path = /mnt/zip
read only = No
max connections = 1
preexec = /bin/mount /mnt/zip
postexec = /bin/umount /mnt/zip
SMB/CIFS, ,
Windows, , , , deadtime, ,
.
deadtime = 5. ,
.
, , . Zip
.
, Linux. , , , ,
. ,
, Windows, , FAT.
,
Linux, FAT, ext2fs ,
Linux.

412

.
, . 7
, -. , 7, .
[backup]
path = /var/spool/samba
printable = Yes
print command = /usr/local/bin/samba-backup %H %s %U \
/var/spool/samba; rm %s
,
zip-. zip- tar /usr/local/bin/samba-backup,
17.1. ,
, smbtar. print command, zip- .
zip- Linux.
17.1. , ,

_____
_
# $1 = ,
#

# $2 = zip-
# $3 = ,
# $4 = zip-
mkdir -p $1/backup/samba
cd $l/backup/samba
unzip $4/$2
tar cvpf /dev/stO ./ > $l/tar.out
mail -s "Backup finished" $3 < $l/tar.out

rm $l/tar.out
rm -r $1/backup/samba

, | . , ,
. , root.
smb.conf force user, , "".
, ;
force group.

17.

413

, zip. , tar-, . (
17.1).
, Windows, tar Linux, Windows
.


7,

. Windows
bat-, ,
. ,
17.1, ,
.
,
Linux,
, . tar-,
,
Linux.
rshd. Samba, IP- , rshd
. ,
. , ,
,
.

AMANDA

, . , ,
, . , . AMANDA (Advanced Maryland Automatic Network Disk Archiver).
, , , . AMANDA
Linux Debian, Red Hat, Mandrake SuSE. , Web- AMANDA (http: //www. amanda. org).

414

II.

AMANDA , | , AMANDA,
, , , . ,
AMANDA . ,
with-user with-group
. ,
, AMANDA.

AMANDA
AMANDA , . ,
, .
.
NFS, rshd AMANDA . (
, Windows, AMANDA smbclient
SMB/CIFS.)
AMANDA , . ,
. , , .
, .
, tar
listed-incremental ( ). AMANDA ,

.
Samba, , AMANDA

, . ( AMANDA , , .)
AMANDA .
,
. ,
. AMANDA
, . , 1 , AMANDA
1 ,
, 1 . .

17.

415


AMANDA
AMANDA , ,
, , -.
, Linux UNIX,
AMANDA amandad. - .
/etc/inetd. conf :
amanda dgram udp wait amanda amandad amandad
amandad amanda.
, , .
, , , ,
amandad. xinetd, .
xinetd 4.
AMANDA
^< , , . amandad ,
root.
AMANDA /etc/services
. :
amanda 10080/udp

/etc/services, . AMANDA . ,
.
, ,
.

.
.amandahosts, ,
AMANDA.
,
. , amanda buserver. threeroomco. com .
buserver.threeroomco.com amanda
, ,
Windows, AMANDA SMB/CIFS. -

416

Windows
SMB/CIFS .

AMANDA

, .
, AMANDA
, AMANDA , . , , ,
. .
/etc/inetd. conf :
amandaidx stream tcp nowait amanda amindexd amindexd
amidxtape stream tcp nowait amanda amidxtaped amidxtaped
, , , , .
xinetd, , 4.
, /etc/services :
amandaidx 10082/tcp
amidxtape 10083/tcp
, AMANDA, . AMANDA
.

AMANDA
AMANDA amanda. conf, /etc
/usr/local/etc. AMANDA
. , AMANDA (
amanda). amanda, .
, , ,
/usr/local/etc/amanda/Daily, , , /usr/local/etc/amanda/Archive.
AMANDA ,
. example
.


amanda.conf ,
, . , ,

17.

417

, ,
:

dumpcycle 4 weeks
.
.
, . , , , , .
. , , AMANDA. org
.
mailto. AMANDA , , .
, .
dumpuser. , . AMANDA
with-user.
dumpcycle. , .
runspercycle. AMANDA ,
.
. , ,
dumpcycle, . runspercycle,
20, ,
, AMANDA .
4 , AMANDA . (,
AMANDA .
runspercycle ,
AMANDA , .)
tapecycle. , . ,
, tapecycle , runspercycle.
tapetype. , , AMANDA , . , ,
. ,
, . tapetype, AMAN-,
DA, . tape-src make tapetype. ./tapetype -f /dev/ (

418

II.

, ).
. ,
. , . : ,
, .
tapedev. Linux,
.
/dev/nstO /dev/nhtO.
netusage. , AMANDA .
labelstr. , AMANDA .
. .
tpchanger, changerf lie changerdev. ,
. example .
infofile, logdir indexdir. AMANDA
i n f o f i l e logdir. , indexdir
, .
.
,
. holdingdisk,
. directory ( ) use ( , ).
, chunksize. , chunksize,
, . ( chunksize ,
.
, . ,
2.2.x 86 2 .)


AMANDA , . amlabel.
, .
amlabel :

17.

419

$ amlabel Daily DailySetl23


Daily , amanda. conf. amlabel . DailySetl23 .
,
labelstr amanda.conf, AMANDA
. AMANDA .
, .


amanda. conf,
AMANDA, dumptype. ,
. dumptype .
compress [client | server] [best | f a s t | none ].
, . .
best , ,
. f a s t
, .
.
exclude [list] "", , list,
AMANDA exclude
exclude-from tar.
holdingdisk __. yes
, AMANDA, .
index __. yes
, AMANDA , , .
, ,
.
kencrypt _. ,
, , Kerberos.
, yes, , Kerberos. Kerberos
6.
program " ". AMANDA tar, dump, .
, .
AMANDA dump ( DUMP ).
tar, ,
GNUTAR. ( Samba tar.)

420

II.

skip-incr _. true,
,
, .
. , dumpcycle, .
.
. , . , amanda. conf,
, global, .
,
. ,
, , .
dump ext2fs,
tar ReiserFS.


amanda.conf , , ,
. diski 1st, , amanda. conf.
AMANDA di ski 1st.
, ,
, .
disklist ,
.
, , .
(, /dev/hda2 hda2) (, /home). , #,
. disklist 17.2.
17.2. disklist
#
buserver.threeroomco.com /
root-tar
buserver.threeroomco.com /var
user-tar
buserver.threeroomco.com /hold
holding-disk
# Linux UNIX
buclient.threeroomco.com /
root-tar
buclient.threeroomco.com /home
user-tar
# Windows
buserver.threeroomco.com //WINPC/DRIVEC
user-tar

17.

421

. /hold
buserver.threeroomco.com .

holdingdisk, . ,
, . Windows Linux UNIX,
Samba, NetBIOS- Windows (WINPC)
(DRIVEC). 17.2 ,
Samba, , . (, , Samba
, .)
Windows,
; AMANDA Samba smbclient.
Samba smbclient , tar dump. , Samba,
/etc/amandapass. . AMANDA
SAMBA, Windows NT, 2000
. ,
, AMANDA
with-samba-user.

AMANDA
AMANDA, amdump. , . .
, . ,
: amdump Daily. , amdump , , .
AMANDA , , .
. dumpcycle
, ,
, AMANDA
.
, AMANDA
.
, amdump. ,
, . , . , ,
. .

422

II.

AMANDA . , ,
mailto, amanda. conf.
, ,
. , ,
, .


. , ,
,
.
.
. . , ,
, . , .
, create
tar, extract , .
,
, , -, ,
, . .
. , .
. , , , root
rm -r /.

, , .
, .
,
, .

, ,
. , , - .

17.

423

, , .

Linux Windows 9x/Me, Linux.


Samba, , SMB/CIFS.
Linux. ,
FDISK DOS,
, SYS . Windows NT, 2000
, ,
NTFS.
.
dd, Linux, ,
Drivelmage.


, , . , ,
tar- rshd NFS Samba.
, , , , ,
, .
,
.
AMANDA , , ,
,
.
amrecover, , amrestore. amrecover
root, . setdate (
), cd ( ), add ( , ) extract ( ). extract amrecover ,
.
, , , .

. , ,
. ,

424

II.

, -
.
, .
, ,
, , , ,
.

.

, NFS, SMB/CIFS, rshd, AMANDA , tar, dump, cpio .
.
, ,
. ,
tar.
, AMANDA. , ,
. , .
.

III
Internet

18

, TCP/IP,
, IP, . ,
.
DNS- (Domain Name System ),
. 2
. , ,
, DNS . ,
Internet DNS.
DNS , ,

.
DNS , . , . ,
, DNS, . ,
DNS , DHCP.
DNS
, , , Kerberos , , Telnet. , , .
,
DNS , . (Albitz) (Liu) DNS and
BIND, 4th Edition (O'Reilly, 2001) (Hunt) Linux DNS Server Administration
(Sybex, 2000).

18.

427

DNS
DNS ,
. , .

DNS,
Internet
DNS. , , ,
, DNS. , DNS Web-, URL
http://www.whitehouse.gov. DNS
www. whitehouse. gov IP- . DNS
, DNS. IP- , ,
DNS; , , . DNS, ,
( www.whitehouse.gov). IP-, ,
(TLD top-level domain).
.com, .gov, .uk . .
, DNS- . gov, ,
. gov. DNS . gov , IP-
, whitehouse . gov,
DNS. whitehouse.gov IP-, www. whitehouse . gov, , ,
. IP-
DNS Web-,
Web-. . 18.1.
. , DNS
IP- Internet.
. , ,
. . , DNS
. DNS

, . DNS
, .
, . , DNS
. com, .
, , -

428

III. Internet


www.whitehouse.gov

,

.gov


.gov

www.whitehouse.gov

www.whitehouse.gov


www.whitehouse.gov

-*

,

.gov

www.whitehouse.gov

whitehouse.gov

. 18.1. DNS

IP- ,
.
,
, DNS. ,
DNS,
, whitehouse.gov .
, DNS,
, ,
Internet IP.

18.

429

, DNS, ,
DNS.
_

DNS, , . , . ,
() DNS-, ()
.

DNS, , . , DNS, Internet.


, ,
( ). , , DNS- Granite Canyon (http: //www.granitecanyon.
com). ; : "
, ".
, DNS, .
DNS-, DSL . , DNS-, DNS,
, IP-. IP- . DNS-
, . DNS- .
, URL: h t t p : / /
www.technopagan.org/dynamic/ h t t p : / / w w w . o t h . n e t / d y n d n s . h t m l .
,
DNS, . , DNS , .
DNS,
. ,
DNS, ,
DNS.
.

DNS
DNS .
IP- , . .
, , /etc/resolv. conf.
DNS .

430

III. Internet

, , . , DNS
.
, .
DNS , , ,
. , DNS
, . ,
DNS, .
, ,
. DNS , Internet
.
DNS . , , Linux UNIX
/etc/hosts. ( , . , Windows 9x/Me
C:\WINDOWS\HOSTS.) /etc/hosts ; IP-,
. /etc/hosts
.
192.168.78.109 gingko.threeroomco.com gingko
Linux /etc/hosts ,
localhost 127.0.0.1. , ,
. /etc/hosts ,
DNS.
/etc/hosts , DNS .
/etc/hosts , DHCP
IP-.


DNS
. DNS ,
.
DNS , . .
, Internet. ,
, .unused.

18.

431

(ccTLD country code top-level domain). . , .us , . se .


(gTLD generic top-level domain).
.
.com, .net, .org .gov. 2001 .
gTLD; , , .biz .museum.
, ccTLD
gTLD. ;
.
, .
. com,
. org, . net TLD. ccTLD
. , , . , , http: / /www.
NewRegistrars.com http://www.icann.org/registrars/accredited
-list.html. gTLD
10 35 .
, gTLD . gov . edu,
ccTLD . ccTLDs, , ,
http://www.iana.org/cctld/cctld-whois.htm.
2001 .
. us. 2002 . TLD . us.
. us, http: / / w w w . nic. us.
, ccTLD, . , . uk . gov. uk .co.uk,
. , TLD .uk, . . , . gov. uk
, . . uk
( , gTLD . com).
,
. IP-
DNS, . DNS, . , DNS , .
, DNS, , , ,
DNS. DNS, .
.

432

III. Internet

DNS Linux
, DNS, ,
.
. .
BIND. BIND (Berkeley Internet Name Domain) , DNS Linux. .
BIND , ,
http://www.isc.org/products/BIND/.
9.2.0, ,
. . 2002 ., Linux 8.2.x . ,
4.9.x , .
djbdns. D. J. Bernstein's DNS server ( DNS . . )
, BIND,
. , .
, . BIND djbdns. djbdns Web- http: / / c r . . to/djbdns .
html.
pdnsd. , proxy-
DNS.
DNS. , BIND djbdns. pdnsd
http://home.t-online.de/home/Moestl/.
dnscache. pdnsd, dnscache proxy- DNS.
. pdnsd,
dnscache ,
localhost (127.0.0.1). , http://cr..to/djbdns/dnscache.html.
, Linux, DNS BIND,
. , , djbdns. Proxy- DNS
.
,
. BIND,
djbdns.

18.

433

DNS
DNS :
DNS ( BIND named) . ,
. (
DNS BIND DHCP.) DNS
, DNS (
, ) .
() . ,
, , ,
.

BIND
BIND named.
conf. /etc.
Linux , , /etc . - ,
BIND ( /usr/share/doc/bind-).
named, conf 18.1.
18.1. named, conf
options {
directory "/var/named/";
auth-nxdomain yes;
forwarders {
10.232.7.98;
10.232.45.1;
forward first;
};

zone "." {
type hint;
file "named.ca";
zone "threeroomco.com" {
type master;
file "named.threeroomco.com";

zone "1.168.192.in-addr.arpa"{
type master;

434

III.

Internet

f i l e "named. 192. 168.1";

zone "0 . 0 . 127.in-addr.arpa" {


type master;
file "named. local";

named, conf . 18.1


options zone. options
, , ,
. zone
IP-. , named. conf,
(;). , BIND .
named. conf ,
.
/var/named , directory.
, named . conf, .


,
DNS, . .
BIND.
named. db. cache /var/named. ,
.
named, , , FTP, ftp: / / f t p . rs . internic.
net/domain/.
dig,
dig @a. root-servers .net . ns > named, . ,
, named . .
, DNS. DNS ,
, ,
, DNS (
2).
, /var/named.
, , /etc/named. conf. 18.1 ,

18.

435

, file, zone " . ".


( ,
.)


BIND .
1. BIND ,
, .
2. , .
.
3. , .
. ,
.
BIND .
DNS, .
, BIND
, , , ,
. .
, , , Internet ,
,
. , , Internet .
DNS
. , ,
.
,
DNS ? DNS
, ,
Internet. , DNS
,
.
forwarders forward (.
18.1). forwarders IP- DNS, , . forward
: only f i r s t . forward only, BIND
DNS,
forwarders, . f i r s t forward , BIND

436

III. Internet

DNS, (,
),
. , , , ,
.


BIND , , , IP-.
.
(, threeroomco.com, 18.1) IP- ( ,
in-addr. arpa). DNS .
. , ("."), . type hint,
, , file.
. DNS ,
BIND , . 18.1 threeroomco. com.
. DNS IP-,
. , in-addr .arpa.
, . . IP-, . , 192.168.1.0/24
1.168.192.in-addr.arpa.
,
. .
master. , (master), .
DNS , , , master. 18.1.
slave. , (slave),
DNS. .
. DNS ,
.
stub. , NS,
. . .
, DNS . , threeroomco. com sub. threeroomco. com

18.

437

DNS. BIND
threeroomco.com sub.threeroomco.com
stub, DNS sub.threeroomco.com.
DNS ,
sub. threeroomco. com. sub.threeroomco.com.
forward. forward options, forward
BIND,
DNS. BIND , .
, forwarders, BIND,
DNS .
hint. .
, . BIND
, .
, 18.1, hint master.
.


,
DNS. , .
, .
, . ,
/etc/named, conf. , ,
, , 18.1.
threeroomco. com :
zone "threeroomco.com" {
type slave;
file "named.threeroomco.com";
masters { 192.168.1.50; }
};
, threeroomco. com DNS, 192.168.1.50.
, .
masters DNS;
. (
.) ,
. ,

438

III.

Internet

. ,
.
slave , ( threeroomco . com 1 . 168 .192 . in-addr . arpa,
18.1). localhost (0 . . 127 . in-addr. arpa 18.1) slave
.
, , , , zone.
, ,
. ,
, .
,
, .
DNS,
allow- transfer. options, . ,
192.168.1.0/24 172.19.98.23, :
allow-transfer {
192.168.1/24;
172.19.98.23;


/etc/named. conf, , , DNS
. /etc/named . conf
master, .
IP-. ,
,
. ,
.


1 8.2 .
(threeroomco . com. ) , . .
,
IP-. .
.
DNS . , f Internet (Web-, FTP,
), , Linux , ,

439

18.

, /etc/resolv.conf. , ,
, . ,
. DNS, . ,
, , .
, .
gingko.threeroomco.com.threeroomco.com.
18.2.
IN
SOA
spruce.threeroomco.com. \
threeroomco.com.
admin.threeroomco.com. (
2002043004
serial ( )
3600
refresh ()
retry ( )
600
expire ( )
604800
default_ttl ( )
86400
gingko . threeroomco . com .
birch
spruce
threeroomco . com .
WWW

kelp

@
@
@

IN
IN
IN
IN
IN
IN
IN
IN
IN

A
A
A
A
CNAME
CNAME
MX
MX
NS

192.168.1.1
192.168.1.2
192.168.1.3
192.168.1.4
gingko
j acques . pangaea . edu .
10 birch.threeroomco.com.
20 mail.pangaea.edu.
spruce . threeroomco . com .

:
IN _ _
, . IN Internet . IN ,
. ,
, , .
IP- .
, , . , ,
, .

440

III. Internet

BIND | -: named, conf ,


.
BIND,
.
/var/named,
, .
db. - named, -. , , , /etc/
named, conf.


SOA (Start of Authority ).
, , SOA. ,
. , , /etc/named, conf (
!). .
. ( 18.2 spruce. threeroomco.
com.) . 18.2
(\).
, ,
. ,
.
. ( 18.2 admin.
threeroomco.com.) ,
. .
, @, ,
admin. threeroomco. com. admin@threeroomco.
com.
. , , .
18.2 , . , serial, ,
. ,
. ( YYYYMMDD),
, . refresh .
3600, 18.2, , , ,
. retry ,

, . expire

18.

441

, ,
.
. expire , ,
refresh. default_ttl .
DNS .
(86400 18.2)
(604800). IP-
, ,
.



IP-. , ,
, IP-.
@, . MX
NS ( 18.2). ,
.
.
. A (address ) ,
IP-.
( ), gingko. threeroomco.
com., , birch spruce.
, , ,
18.2 threeroomco.com. IP 192.168.1.4.
CNAME. CNAME (canonical name )
. , .
, , . , 18.2 kelp
. CNAME , IP- . ,
Web- , www
. ,
.
PTR. 18.2 PTR .
.
NS. NS (name server ) . NS,
, SOA. , @. IP-
, , .

442

III. Internet

MX. MX (mail exchanger ) . g


. : . (, lorax@threeroomco. com), MX.
, ( 18.2 birch. threeroomco. com.). , , ( 18.2
mail. pangaea. edu.). ,
, ,
MX, . , , MX, .
19.

, . , ,
.

18.2 . .


18.1 ,
. DNS IP-.
, in-addr. .
/etc/named.conf , .
, IP- , . ,
192.168.1.0/24 1.168 .192 . in-addr ..
, ,
. SOA NS,
PTR.
MX, CNAME. 18.3
, , 18.2.
PTR (,
1 192.168.1.1), IP-, in-addr. . 18.3 .
.
, ,
,
, birch birch. threeroomco. com. birch.1.168.192.in-addr..

18.

443

18.3.
1.168.192.in-addr.arpa. IN SOA spruce.threeroomco.com. \
admin.threeroomco.com. (
2 0 0 2 0 4 3 0 0 4 ; serial
3600
; refresh
600
; retry
604800
; expire
86400
; default ttl

2 .1 .168. 192 . in-addr. arpa .


3 .1 .168. 192 . in-addr. arpa .
4 .1 .168. 192 . in-addr. arpa .
@

IN
IN
IN
IN
IN

PTR
PTR
PTR
PTR
NS

gingko . threeroomco .com.


birch . threeroomco .com.
spruce . threeroomco .com.

threeroomco . com .
spruce . threeroomco .com.

,

DNS, . ( localhost).
DNS .
-, , Web-, Internet
. , ,
.
200 , , , .
, ,
.
, .
, , , , 18.1,
,
localhost ( 0 . 0 . 1 2 7 . in-addr. arpa), (.). .
DNS, , forwarders forward, options. forwarders
DNS . BIND . forward first, 18.1,

444

III. Internet

forward only. , , forwarders, .


| forward first, , ,
, , BIND .
, .
, Internet
.
, . , BIND,
, . , BIND

. , BIND
dnscache pdnsd.
( , ), IP-
, . ,
- DNS.

DHCP
IP- DHCP, , , DHCP,
. 5 : DHCP IP-
DHCP DNS . , . .
DHCP , IP-, .
, , birch. threeroomco. com
192.168.1.2. DHCP, DNS, .
, .
, .
5 DHCP DNS. BIND, named.conf.
allow-update. :
zone "threeroomco.com" {
type master;
file "named.threeroomco.com";

18.

445

allow-update { 192.168.1.1; }

};
BIND IP-
192.168.1.1. , , DHCP.
.
DNS Internet f ,
DNS- .
DHCP , ,
DNS. ,
DNS DHCP
(127.0.0.1).

*
DNS , 4, DNS SysV
. DNS .
host. host
Linux;
bind-utils. DNS . host ,
/etc/resolv. conf , . , IP-.
$ host www.awl.com
w w w . a w l . c o m is a nickname for awl.com
awl.com has address 165.193.123.224
, , ,
www. awl. com (
CNAME) awl.com. 165.193.123.224. , DNS . , . , ,
.
, -t. ,
MX , :
$ host -t MX awl.com
awl.com mail is handled by 100 m a i l h o s t . u u . n e t .
awl.com mail is handled by 10 oldtms702.pearsontc.com.
awl.com mail is handled by 20 oldtms701.pearsontc.com.
, awl. com : oldtms702 .pearsontc.com( 10),oldtms701 .pearsontc.com(-

446

III. Internet

20) m a i l h o s t . u u . n e t ( 100). DNS


, IP- .

$ host www.awl.com spruce


Using domain server:
Name: spruce.threeroomco.com
Address: 192.168.1.3
Aliases:
www.awl.com is a nickname for awl.com
awl.com has address 165.193.123.224
, , , , host
DNS.
host
. nslookup.
, host,
.

, DNS. ,
IP- , , , IP- .
DNS , , ,
. ,
, . IP-, ,
, .

19
:
SMTP
11 POP IMAP, .
.
, :
.
.
.
11.

SMTP (Simple Mail Transfer Protocol ). ,
Internet, SMTP. ,
, SMTP,
. Linux ,
SMTP .
Linux SMTP,
. SMTP: sendmail, Exim Postfix. ,
Procmail, SMTP.
SMTP,
, , .

,
. , SMTP, : (Costales) (Allman) Sendmail (O'Reilly, 1997), (Hunt) Linux Sendmail
Administration (Sybex, 2001), (Hazel) Exim: The Mail Transfer Agent (O'Reilly, 2001),

448

III. Internet

(Blum) Postfix (Sams, 2001), (Sill) The qmail Handbook (APress, 2001) (McCarthy) The Procmail Companion (Addison Wesley, 2001).

SMTP
SMTP ( mail transfer agent).
,
. SMTP , ,
.
, SMTP.
SMTP Linux .
. SMTP . , SMTP, (, pine mutt), ,
.
.
,
Internet. SMTP .
, ,
, . ,
.
.
. ,
, , .
SMTP. , , . ,
, , ,
root.

, Linux SMTP . ,
. (
, , SMTP ,
.)
SMTP,
, .
, , .
,
.

19. : SMTP

449

. . , ,
.
. , , SMTP , ,
.
, . , ,
.

, SMTP
Linux
sendmail. Linux
sendmail. ,
. sendmail. sendmail
, ,
. Web- sendmail
http: //www. sendmail. org.
Exim. , sendmail,
, Exim .
Debian , . Web-
Exim http: / /www. exim. org.
Postfix. sendmail, Exim ""
. , Postfix .
, , ,
. , .
Postfix sendmail.
Mandrake. Postfix
, http: //www. p o s t f i x . org.
qmail. Postfix, qmail ,
. qmail , sendmail, , Exim Postfix,
sendmail. sendmail qmail
. qmail
sendmail, Linux

450

III. Internet

, . Web- qmail http: //www. qmail. org.


, Linux . Small (http://www.gnu.org/
software/smail/smail.html), Courier (http://www.courier-mta.org)
OpenMail (http://www.openmail.com/cyc/om/00/). ,
.
: sendmail, Exim, Postfix qmail.
, .
,
, . SMTP.
, .

, ,
. , , , .
, sendmail .
sendmail Exim Postfix.
, , sendmail,
Exim Postfix,
sendmail. ( sendmail, Exim
Postfix mbox, . . .)
sendmail qmail , qmail
maildir (, ). ,
qmail sendmail, qmail
(
, 11).



.
.
. , . , mail. threeroomco. com,
: jennie@mail.threeroomco.com.
, . ,
, .
. ,
, , -

19. : SMTP

451

DNS MX. , MX . , , , threeroomco. com, MX,


mail.threeroomco.com. ,
jennie@threeroomco.com,
mail. threeroomco. com. DNS
MX,
.
.
DNS, MX,
18. mail.
threeroomco. com, MX :
@

IN

MX

10

mail.threeroomco.com.

, /var/named. @ ,
. IN , Internet, a MX . 10
. , , , ,
, . .
, .
^^\

, .

SMTP.
J

SMTP
, SMTP. , (envelope header), (message header) (message data).
From , SMTP-.
, , ,
.
, . , .
From: :, , .
Received:, , , Subject:,
.

452

III. Internet

^_
.
^\
.
SMTP

.
....
'
maildir, , ,
SMTP-, . , ,
From , Received: . ,
.
, SMTP, SMTP-. 19.1 ,
telnet. ( , SMTP-
telnet ).
19.1. SMTP-
$ telnet louiswu.rodsbooks.com 25
Trying 192.168.1.5. . .
Connected to louiswu.rodsbooks.com.
Escape character is 'A]'.
220 louiswu ESMTP Exim 3.12 #1 Wed, 30 Oct 2002 12:01:29 -0500
HELO nessus.rodsbooks.com
250 louiswu Hello nessus.rodsbooks.com [192.168.1.3]
MAIL FROM:<rodsmith@nessus.rodsbooks.com>
250 <rodsmith@nessus.rodsbooks.com> is syntactically correct
RCPT TO:<rodsmith@louiswu.rodsbooks.com>
250 <rodsmith@louiswu.rodsbooks.com> is syntactically correct
DATA
354 Enter message, ending with " . " on a line by itself
From: <rodsmith@nessus.rodsbooks.com>
To: <rodsmith@louiswu.rodsbooks.com>
Subject: A Sample SMTP Session
This is the text of the message.
250 OK id=15z87H-OOOOCX-00
QUIT
221 louiswu closing connection
Connection closed by foreign host.
SMTP- , SMTP
( , 19.1,
telnet).
, HELO EHLO.
MAIL FROM: RCPT TO: From .
SMTP ,

19. : SMTP

453

. ,
, , . DATA , .
, .
( . 19.1,
.)
. , , .
SMTP- , .
. , , HELO MAIL FROM, From:. ,
, MAIL
FROM From: .
, IP- ; 19.1 HELO.
. 19.1 , .
, , ,
, :
.
, . , ,
.
. SMTP ,
.
RCPT :, .
RCPT :,
,
.
,
.
. ,
19.1,
. Exim 3.12.
;
, .
,
. 19.1
MAIL FROM: RCPT TO: 250
is syntactically correct. , , ,

454

III. Internet

, RCPT :.
, : . Exim
, .
, ,
.

SMTP
,
.
, .


. , SMTP,
, hostname. HELO MAIL FROM:,
From: . ,
, .
, . , ,
franklin.threeroomco.com. , ,
, threeroomco. com. (
,
, ,
.) , ,
, , , , . , .
, f r a n k l i n . threeroomco. com,
threeroomco. com.
, ,
. , ,
,
.
,
.

19. : SMTP

" '"'

455

,
, . ,
, , , , , .
,
.
, .


, , ,
, . , f r a n k l i n . threeroomco.
com. SMTP ,
f r a n k l i n . threeroomco. com.
MX, ,
threeroomco. com. , , ,
,
. ,
, f ourroomco. com.
, , ,
. ,
(, , ).
.


, . , .
. ,
, .
, . SMTP
, ,
.
SMTP , ,
. , ,
. ,

456

III. Internet

. ,
, , , .
, . ,
, , .
, , . ,
, ,
.
, , ,
.
, ,
,
. , ,
, , . - ,
SMTP
POP. POP SMTP ,
IP-
. POP , .
SSH
SMTP.
, SMTP
SMTP. , , ,
, . , -
. , , , ,
, , SMTP .
.

, . ,
, . , SMTP
, . , SMTP ( ) -

19. : SMTP

457

- ,
. ,
sendmail. , , , sendmail-ispl. cf
sendmailisp2 . cf. , -,
sendmail. cf.


. , E-mail ,
. " "
. -,
: Web-, . .
-, , , , .
; ,
, , , . . ,
:
.
, .
:
.


, , ,
. .
.
.
, , , .
, , . , ,
,
,
.
IP-.
IP-, -

458

HI. Internet

. , (. . ,
), ,
, . . . , , ,
. IP-,
, . 19.1.
, . Procmail, , . Procmail
, ,
SpamBouncer (http: //www. spambouncer. org).
Procmail.
. ,
, Vipul's Razor (http: / / r a z o r .
sourcef orge. net). SHA- (Secure Hash
Algorithm ) .
SHA-

Vipul's Razor.
, , IP- , . ,
, .
.
, .
(false positive).
, . ,
. IP-
RBL RSS. IP-
RBL, RSS DUL, MAPS (Mail Abuse Prevention System ), .



, ,
, , .
, . . , ,
.

19.1. IP-,

Dial-Up List (DUL)

URL
http://mail-abuse.
org/dul/


dialups.
mail-abuse.org

Realtime Blackhole
List (RBL)

http://mail-abuse,
org/rbl/

blackholes.
mail-abuse.org

Relay Spam Stopper


(RSS)

http: //mail-abuse.
org/rss/

relays.mail-abuse.
org

relays.ordb.org

Open Relay Database

http:

(ORDB)

//www.ordb.org

RFC Ignorant

http://
www. rfc-ignorant.
org

Web

IP-, -. , ,
,
,
.
, ,

,
, ,
,
, ,
.
, RSS,

.

RFC Ignorant
IP- ,
, RFC.
,

460

III. Internet

, ,
(open relay). ,
, Internet, . , sendmail,
. , ,
, .
, ,
, , telnet
relay-test .mail-abuse. org.
. ,
. ,
; ,
, .
, , http: //mail-abuse. org/tsi/.

sendmail
sendmail . Linux,
Caldera, Red Hat, Slackware, SuSE TurboLinux. Debian Mandrake
SMTP, sendmail .
, 8.12.2 sendmail, Linux 8.11.x
.
sendmail , ,
, , , sendmail. ,
sendmail:
,
.

sendmail
sendmail sendmail. cf;
/etc. , , ,
.
, sendmail. cf, ,
, 4 sendmail.cf. , 4, ., . Red Hat

19. : SMTP

461

/etc/sendmail.mc, Slackware /usr/src/sendmail/cf / c f / l i n u x .


smtp.mc, SuSE /etc/mail/linux.mc. ,
m4 ,
.cf. , SuSE 7.1 sendmail.cf 1669 ,
linux.mc 221 ,
( dnl).
sendmail. cf 4, 4 . SuSE
:
# m4 < /etc/mail/linux.mc > /etc/sendmail.cf
Linux
sendmail.cf 4, . , Red Hat
sendmail-cf.
sendmail. cf. | sendmail. cf 4 .
, , ,
sendmail.
sendmail.
Linux sendmail SysV,
restart .
4 :
_('

!'[, *2' [ , . . . ] )

, define
MASQUERADE_AS. , , sendmail, always_add_domain, . .
.
, ,
5 : . .
4 ,
, sendmail. cf .
sendmail.cf, sendmail
.
access.db. access.
access .db ,
sendmail. sendmail . sendmail makemap, access
access. db, access . db.

462

III. Internet

aliases, db. (aliases). ,


. , , root postmaster. ,
root,
. access.db,
aliases.db .
/etc /etc/mail.
, , sendmail.

sendmail
, SMTP , , ,
.
.
4 :
MASQUERADE_AS(*_')
FEATURE(masquerade_envelope)
MASQUERADE_AS , From: ,
. ,
, . FEATURE (masquerade_envelope)
From:, .
, , ,
.
MASQUERADE_DOMAIN(* -' )
FEATURE(4imited_masquerade' )
sendmail , -. ,
.

sendmail
, , .
, sendmail . sendmail ,
. . Red Hat /etc/mail/local-host-names, SuSE
/etc/sendmail.cw. , sendmail.cf
, Fw. ,
. , -

19. : SMTP

463

, . ,
#, .


,
. , sendmail,
, , , , . ,
. , , ,
. sendmail , .

sendmail
.

.
.
, ,
. "relaying denied" (" ").
sendmail , . ,
FEATURE, .
relay_entire_domain. , sendmail , , .
sendmail DNS. relay_entire_domain
.
relay_local_f rom. sendmail,
, From: , . relay_local_f rom ,
From:, . .
.
relay_based_on_MX. , sendmail , , ,
MX, .
relay_based_on_MX . ,
sendmail,
DNS. -

464

111. Internet

. , ,
MX .
relay_hosts_only. , sendmail
. , ,
. ,
.
access_db.
sendmail. relay_hosts_only, sendmail ,

.
, .

| promiscuous_relay, . .

.
4.
FEATURE('access_db')
,
, , access.db,
, .
, sendmail
access .db. /etc /etc/mail
access. access .
# localhost.. .
localhost.localdomain
RELAY
localhost
RELAY
127.0.0.1
RELAY
#
192.168.99
RELAY
. sendmail , .
. , ,
192.168.99.0/24. IP- , IP- ,
.
RELAY, access
.
. sendmail , , , .

19. : SMTP

465

RELAY. , , , , .
, ,
.
REJECT. ,
, .
.
DISCARD. , REJECT,
.
. REJECT, .
access,
. makemap, :
# makemap hash /etc/mail/access.db < /etc/mail/access
sendmail , .
access sendmail.

sendmail

sendmail . , ,
,
.

. Linux, sendmail, ,
, IP-, , ,
. , ,
. .
sendmail, ,
. ,
4 :
FEATURE('nullclient', ^outgoing.mail.relay')
outgoing.mail.relay ,
. sendmail.f sendmail,
. sendmail, ,
.

466

III. Internet

sendmail

sendmail . access access.db. access.db
.
, IP-, REJECT DISCARD,
. , .
, , ,
. , , , .
IP-.
, 4
dnsbl.
FEATURE(dnsbl, 'blackholes.mail-abuse.org', 'Rejected - see \
http://www.mail-abuse.org/rbl/')
sendmail , MAPS RBL. ,
. , .
Web-, IP-, . ,
, ,
.
8.10 sendmail IP-
. ,
. http: //mail-abuse. org/rbl/usage. html.
, . , access IP- ,
.
. promiscuous_relay .
sendmail, 8.9.0, , | . ,
. http://mail-abuse.org/tsi/ar-fix.
html#sendmail_8. sendmail, 8.8.4, . .

19. : SMTP

467

Exim
Exim Debian GNU/Linux . . ,
, Exim PowerTools Red Hat, Red Hat
. sendmail, Exim ,
Exim . Exim , sendmail;
, , , , ,
.
^^
^

Exim Debian,
,
Debian. Exim
.

Exim
Exim exim. conf. /etc. ,
:
=
, , , #.
exim.conf, Debian, , .
.

Exim Debian
eximconf ig, exim. conf.
Exim;
exim. conf. , exim. conf ,
eximconf ig . eximconf ig ,
Exim. , ,
.

exim. conf, Exim . , Debian, .


/etc/aliases. ,
sendmail. , , , . , root: amelia, , root,
amelia. aliases , -

468

III. Internet
. , root: ameliaS
pangaea. edu , , root, amelia@pangaea.edu.
sendmail, Exim aliases
.
/etc/email-addresses. From: . ,
ben: bfranklin@pangaea.edu , , ben,
bf ranklin@pangaea. edu.

eximconf /etc/aliases ,
, postmaster root, ,
root, , .
,
. /etc/email-addresses, Debian, .


, , ,
hostname, . qualify_domain.
. , .
, exim. conf :
qualify_domain = threeroomco.com
ben , , , From: , Exim
threeroomco. com. threeroomco.
com, Exim . , From: :
ben@threeroomco.com.
, , primary_hostname. qualify_domain, qualif y_domain.
primary_hostname Exim . , , Received:.
/etc/email-addresses.
, /etc/email-addresses ,
exim. conf. :
*@threeroomco.com ${lookup{$1}lsearch{/etc/email-addresses}\
{$value}fail} bcfrF
, exim. conf. , . Exim

19. : SMTP

469

threeroomco. com, /etc/email-addresses . , /etc/email-addresses


( ), , ,
( ) . ; , email-addresses.
. exim. conf, , ,
email-addresses.
, Exim. Exim, http: //www. exim. org/eximhtml-3.30/doc/html/spec_34,html.

Exim
exim. conf , , .
.
local_domains.
, . Exim
. , local_domains = localhost: threeroomco.
com Exim , localhost threeroomco.com , ,
. qualify_recipient. qualify_recipient
, .
local_domains_include_host. true,
Exim , . , local_domains.
local_domains_include_host_literals. true, Exim , IP- . , Exim 172.24.98.2 ben, Exim
ben@ [ 1 7 2 . 2 4 . 9 8 . 2 ] . , , false local_domains_
include_host_literals.
eximconf ig
, . ,
, , ,
.

Exim
sendmail, Exim ,
, ,

470

III. Internet

. eximconf ig , ,
. Exim exim. conf.

Exim
exim. conf,
, .
host_accept_relay. Exim ,
,
( ). host_accept_
relay = localhost, Exim , . (
, IP-, ) , . , host_accept_
relay = localhost: 192 .168 . 99 . 0 / 2 4 :* .pangaea. edu ,
,
192.168.99.0/24, pangaea. edu. IP- , ,
.
relay_domains.
, . Exim
, , . , ,
. , (*) ,
host_accept_relay.
relay_domains_include_local_mx. yes
, , MX DNS. ,
Exim . ,
DNS MX.
sender_address_relay. , ,
. , ,
host_accept_relay. (
, relay_match_
host_or_sender = yes, ,
.) , -

19. : SMTP

471

,
.
Exim ,
. . , , ,
host_auth_accept_relay (
) tls_host_accept_relay ( , TLS).

Exim
,
. Exim , , eximconf ig
, . ,
eximconf ig, :
smarthost:
driver = domainlist
transport = remote_smtp
route_list = "* franklin.threeroomco.com bydns_a"
end
Exim , ,
, franklin.threeroomco.com.
, .

Exim

Exim .
, , , ,
. .
host_reject. exim.conf.
, IP-,
. , , , . , host_reject
= * .badspammer. net: 10 .16. 8 . 0/24 , badspammer.net, 10.16.8.0/24 .
,
host_reject, . ,
.

472

III. Internet

host_reject_recipients. , host_
reject,
, , ,
RCPT :. .
sender_reject. .
, . , sender_re j ect = spammer@abigisp. com:
badspammer. net , badsparnmer. net
spammer@abigisp.com . Exim , .
,
.
sender_reject_recipients.
sender_reject, , , . .
RCPT :. sender_re j ect,
.
, . Exim . . forward, . Exim
. , ,
Procmail, .
f i l t e r . txt. gz,
Exim. Debian GNU/Linux
/usr/doc/exim; gunzip.
,
, , . ,
Exim ,
IP-. , exim. conf, .
rtrt^domains. , IP- ( . 19.1).

/warn /reject. /warn Exim , ( Procmail), a /re j ect ,
. , /accept ( " ")
/skiprelay ( host_accept_relay,
IP- ).
rbl_hosts. * ;
, , , -

19. : SMTP

473

IP-, rbl_doraains.
.
, *;
!. , rbl_hosts = lok.pangaea.
edu: * ok.pangaea.edu
IP-.
rbl_reject_recipients. /warn /reject
rbl_domains ,
. , Exim
. rbl_re ject_recipients.
rbl_reject_
recipients = no, Exim .
recipients_reject_except.
IP-. , recipients_reject_
except = postmaster@threeroomco. com, Exim , postmaster@threeroomco.com,
, , IP-.
,
IP-, , Exim. , , Exim ,
. .
headers_check_syntax. Exim , . , , , . , true header s_check_syntax.
helo_verify. SMTP
HELO EHLO, . Exim , ,
. , , helo_verif = * ,
. helo_verif
HELO EHLO, IP-
. ,
.
, , , . .
message_size_limit.
,
. 0 message_size_

474

III. Internet

limit, . ,
. .
, Exim, ,
,
.

Postfix
Exim, Postfix .
Postfix , SMTP
. Postfix , . .
. Postfix , Exim.
SMTP, Postfix , , , ,
.
Postfix Mandrake,
, Debian SuSE. PowerTools. RPM-, Mandrake,
Linux, SysV, , . Postfix Mandrake,
Postfix,
. Postfix Mandrake .

Postfix
Postfix main.cf, /etc/postfix.
:
=
main. cf ,
. ,
S .
( ):
myhostname = franklin.threeroomco.com
myorigin $myhostname
myhostname f r a n k l i n .
threeroomco. com, myorigin. Postfix, ,
, ,
.
main. cf , ,
#. ,

19. : SMTP

475

Postfix,
.
main. cf . sendmail,
( . db)
. ,
. db. aliases ( aliases. db).
sendmail, aliases ,
. , root: amelia , ,
root, amelia.
aliases aliases .db,
postalias aliases, , aliases.

. db, , Postfix .
, postfix reload
Postfix, SysV.


myorigin , Postfix
.
$myhostname, , ,
. ,

, .
myorigin, :
myorigin threeroomco.com
, $mydomain. $mydomain
$myhostname, , . , $myhostname franklin.threeroomco.com,
$mydomain threeroomco.com. main.conf
. ,
.
myorigin .
,
SMTP, From:, .

, , , , .
, , , Postfix , From: ben@client. threeroomco. com. , client ,
ben@client.threeroomco.com. , $mydomain

476

III. Internet

threeroomco. com, :
masquerade_domains = $mydomain
Postfix , , ,
$mydomain. From: :
, $mydomain, .
Postfix .
, Postfix
. sender_canonical_maps.
sender_canonical_maps = hash:/etc/postfix/sender_canonical
sender_canonical , . , , , . client.threeroomco.com localhost
threeroomco.com:
Sclient.threeroomco.com @threeroomco.com
@localhost @threeroomco.com
.
, ,
. , , , , .
sender__canonical postmap sender_canonical.
Postfix, postfix reload
.
,
. ,
, Postfix , myorigin. masquerade_domains , ,
, Linux UNIX.
From:, Received:.
, ,
, From: .

Postfix
, Postfix . , , Postfix mydestination.
$myhostname localhost. $mydomain. , $mydomain
threeroomco.com, a $myhostname f r a n k l i n , threeroomco.

19. : SMTP

477

com, Postfix , f r a n k l i n ,
threeroomco.com localhost.threeroomco.com.
. , ,
$mydomain. localhost.
mydestination . , , ,
:
mydestination = localhost, localhost.$mydomain, $myhostname,
$mydomain

, mydestination ,
\ . ,
_
.

Postfix ,
mydestination.
.

Postfix
, Postfix , . , main. cf,
, .

Postfix
Postfix , .
,
$mynetworks. , ,
localhost.
, $relay_domains.

$mydestination.
,
, $relay_domains, .
, Postfix
, , ,
, .
, . ,
$mynetworks $relay_domains ( ). , , Postfix
work, threeroomco. com. :

478

III. Internet

mynetworks = 127.0.0.0/8
relay_domains = work.threeroomco.com
, , .
:
mynetworks = 1 9 2 . 1 6 8 . 9 9 . 0 / 2 4 , 1 7 2 . 2 4 . 0 . 0 / 1 6 , 1 2 7 . 0 . 0 . 0 / 8
relay_domains = $raydestination, pangaea.edu
, 192.168.99.0/
24,172.24.0.0/16 localhost (127.0.0.0/8), ,
$mydestination pangaea.edu.
mynetworks, relay_domains smtpd_sender_restrictions.
main.cf,
. permit_mx_backup relay_based_on_MX sendmail. smtpd_
sender_restrictions Postfix.

Postfix
, Postfix , relayhost. ,
main. cf, , . , ,
MX, -,
relayhost . , , f r a n k l i n . threeroomco. com,
main. cf :
relayhost = franklin.threeroomco.com
, -,
, MX, franklin.threeroomco.com
$mydomain. ,
, , Postfix .
Postfix DNS.
(, /etc/hosts),
:
disable_dns_lookups = yes
Postfix ,
DNS . Postfix
/etc/hosts.

19. : SMTP

479

Postfix

sendmail Exim, Postfix , . , , IP-.
, Postfix, , ,
. ,
main.cf. , ,
.
header_checks = regexp:/etc/postfix/bad_headers
bad_headers , 19.2.
, , ,
, . POSIX (regexp: ), PCRE (: ).
19.2. Postfix,

#### Subject: ,
/ A Subject: ADV:/ REJECT
/ A S u b j e c t : Accept V i s a / REJECT
#### From: Received: ,
####
/ (From|Received):.*badspammer\.net/ REJECT
/"From: spammer@abigisp\ .net/ REJECT

""*^

. , , egrep.

header_checks , . IP. .
maps_rbl_domains = relays.mail-abuse.org, dialups.mail-abuse.org
smtpd_client_restrictions = reject_maps_rbl
maps_rbl_domains , IP- ( . 19.1).
, . ,
, , ,
, . reject_maps_rbl, smtpd_client_restrictions
. , reject_unknown_client -

480

III. Internet

Postfix, DNS, . Postfix.


, Postfix ,
. .
smtpd_helo_required .
yes, Postfix , SMTP HELO
EHLO. , , ,
SMTP.
smtpd_helo_restrictions. Postfix HELO EHLO SMTP-.
smtpd_helo_restrictions . , reject_unknown_hostname , Postfix
,
MX. reject_non_fqdn_hostname , .
smtpd_helo_restrictions Postfix.
smtpd_sender_restrictions. Postfix
, , From: . , reject_unknown_
sender_domain , From: ,
, reject_non_fqdn_sender , .
Postfix , .
Postfix , . , .
, Postfix , . ,
Postfix
sendmail, Postfix
, , . , , .

Procmail
SMTP, , ,
. ,
, .
, .
Linux ,

19. : SMTP

481

Procmail. Procmail , .
, Procmail, . Procmail, ,
, .

Procmail

, . ,
. , ,
. , , ,
, .
,
, Procmail.
Procmail ,
. . , , ,
, ,
. , ,
, , .
Procmail . Procmail , , , .
, .
" ", , .
Procmail. , , ,
.
Procmail
. , , Procmail,
, .
Procmail , , Postfix
egrep.
Procmail
. , , , .
Procmail . Procmail
/etc/procmailrc. Procmail .procmailrc,

482

III. Internet

. , ,
, , .
Linux /etc/procmailrc , f Procmail root. , , Procmail,
. , ,
, ,
. .procmailrc, , ,
Procmail .
Procmail .
. , , , #.
, . Procmail , $ ( ) $MAILDIR (, ). , .
, MAILDIR = $HOME/Mail
$MAILDIR , Mail,
.
. Procmail (recipe).
. , ,
. ,
. : (delivering) (nondelivering).
,
.
, . .
Procmail.
. Procmail
, .
Procmail . , Procmail
, $DEFAULT. ,
, /vax/spool/mail/_.


, ,
. :

19. : SMTP

483

:0 [] [:[_ ]]
[]

: ,
.


: 0. 0 ,
, : 1 , . : 0 , Procmail.
.
. ,
.
. .
D. .
D .
. , ""
. "" .
w. , Procmail ,
. ,
.
W. w, .
.
, ,
. Procmail
, . , ; , ,
, , . ,
( ). ,
.

(, ) , *. , , Procmail (
). , .
.
. . Procmail *.

484

III. Internet

$. .
.. , . ,
d.g dog, dig, dug
, d .
*. ( ) , , . ,
. , , 802, , 1618,
802.*1618.
+. , *,
.
?. , .
! \ 2. ,
,
|. ,
|.
() *. *, , .
[ ]. , , ,
. , [aeiou]
, , 1, .
(-), . , [m-q]
, , , q.
\. . , \ . .

, Procmail.
, . ,
. , . , ,
. , .
,
, .
.
!. . !, , , , . , ,
, postmaster.

19. : SMTP

485

<. ,
.
>. ,
.

Procmail,
. , Procmail . Procmail sendmail,
Exim, Postfix , mbox. qmail , maildir,
Procmail (/), , Procmail
maildir. Procmail
,
.
, Procmail ,
.
!. , Procmail ,
. , .
I . UNIX . Procmail . , Procmail .

.
{. .
, , . ( ,
. , .) ,
. ,
,
.
.
. ,
, . ,
, Procmail
. , , .
, ,
.

486

III.

Internet



Procmail. 19.3 Procmail,
.
.procmailrc,
.
19.3. Procmail

MAILDIR" =~~$711.

# . ,
t postmaster
:0
*! (From| ) : . *postmaster
{
:0
* .*301.*S.*1618
/dev/null

:0
* From: . *badspanuner\ . net
/dev/null
:0
* Subject: .*\$\$\$
/dev/null

# rug david
#
:0
* From: . *david@pangaea\.edu
* Subject: . *rug
! amy@threeroomco.com
#
:0:
* : . *list@mailinglist\ .example\ .com
$MAILDIR/mailinglist
19.3 Procmail.
. , , ,
, , postmaster.
( , -

19. : SMTP

487

.) ,
*! \ : . *postmaster ,
.
.
. , ,
.
. 19.3 , . ( ) ,
301, S 1618. ,
301 S.1618, . ,
, badspammer. net,
, Subject: $.
. /dev/null, . . . /dev/null
.
, .
. ,
, , . .
:
david@pangaea. edu, rug
Sub j ect:. ,
.
. .
, list@mailinglist.example.com, , , . :
, .
, ,
, .
, 19.3, , ,
. , , .


Procmail ,
. , -

488

III. Internet

.
Procmail .
SpamBouncer. Procmail, . , SpamBouncer, ,
. , . SpamBouncer,
Web-, http: //www. spambouncer. org.
SmartList. , , Procmail.
SmartList
FAQ, http://www.hartzler.net/smartlist/
SmartList-FAQ.html.
. (Timo Salmi) Web- (http://www.uwasa.fi/~ts/info/proctips.html), Procmail. ,
, , SpamBouncer SmartList,
"" .
Procmail . Web- http: / /
handsonhowto.com/pmaill02.html Procmail,
, .
, ,
, Internet Procmail recipes.
Web- Procmail http: //www.
procmail.org.
.procmailrc. ,
/etc/procmailrc. , SpamBouncer, , ,
.
, , .
| , .
,
.

, .
Procmail. , SMTP telnet (
25).

19. : SMTP

489

Procmail
, Procmail
. Linux Procmail .
, , .
sendmail. Procmail, 4 . ,
define( 1_1_', Vusr/bin/procmail'),
sendmail , Procmail.
FEATURE (local_procmail) MAILER (procmail) sendmail
Procmail .
Exim. exim.conf,
, procmail_pipe. Procmail . ,
.
Postfix. main. cf, ,
Procmail mailbox_command.
, Postfix , Procmail.
Linux Procmail. . Procmail ,
,
. forward,
:
"|IFS=' '&&p=/usr/bin/procmail&&test -f $p&&exec $p \
- Y f - | | e x i t 75 #_"
, ,
.

490

III. Internet

Internet. Linux , sendmail,


, Exim Postfix. , SMTP , , ,
. , , ,
,
. . SMTP
Procmail. Procmail , ,
, . Procmail
, ,
, .

I 11

40&

W**^

/)

Web-

World Wide Web Internet


, , Internet
, . Internet, , , Web.
Web- . Web, , "" Internet.
Linux Web- ,
Apache.
.
, Web-, , ,
, , , Web-.
Web- , Web-.
Web- Linux ,
, , . .
Web-,
, ,
, : (Engelschall) Apache
Desktop Reference (Addison Wesley, 2001) (Auld) Linux Apache Server Administration (Sybex, 2001). ,
Web-. (Meltzer)
(Michalski), Writing CGI Applications with Perl (Addison Wesley, 2001).

Web-
Web- , Web- .
, , ,
.

492

III. Internet

Web- , HTTP (Hypertext Transfer Protocol ). Web- ( , 80).


HTTP- ( Web-) Web- . , Web- , ,
CGI-, ,
. . HTTP
Web- .
Web- Web- ,
, URL (Uniform Resource Locator ). ( Web- . Web ,
, .) URL http: //,
URL , f t p : //.
Web- http: // https : //;
.
, Web Web-. Web- , ,
Web-.
.
: , , .
Web- .
Web-, . ,
, . Web- Web-, , .
, ,
.
Web- Web-. Web, , , Web, URL. URL ,
. Web-, Web-
, Web-.
Web-, Web. , Web-
. , Web-
, , .
, , ,
, DNS ( DNS 18). ,
Web- 10.102.201.1
www , DNS
:

20. Web-

www

IN A

493

10.102.201.1

, , . ,
, Web-, ,
.
Web-. , , Internet,
Web-. (, ,
200 ,
, , ,
.) (, ), Web-.
(
, ). ,
. , ,
CGI SSL.
Web- . ,
Web- , .
,
.
Web-, .
URL , http: //www.abigisp.net/~UMH/.
. Web , ,
, URL .
,
Web- . Web-
, , , .
: , , . Linux Web . Web- ,
. ,
Web- . ,
Linux Web-
, .
: Web- , . Web- ,
Web-.

494

III. Internet

, Web-
Linux
,
Web- Linux. ,
,
"", . Web-, Linux.
Apache.
Linux. , , Apache. Netcraft (http://www.
netcraf t. com), 2002 . 65% Internet Web-
Apache. , . Apache Web- , CGI SSL-. Web- Apache
http://httpd.apache.org.
Roxen. Web-; Apache. Web-, .
Roxen ,
http://www.roxen.com/products/webserver/.
thttpd. . Apache
300 ( ), thttpd 50 .
. , CGI, SSL-.
http://www.acme.com/software/
thttpd/thttpd.html.
Zeus. Web-, Linux,
, Zeus .
; 1700 . , Web- Zeus (http: //www. zeus . . uk/products/
zws/),
.
Web-.
Web- . Web-,
Linux. , Web-

.
, ,
. .

20. Web-

495

. HTTP
, Web-.
, ,
16, Web-.
Web-, , 80.
.
,
. , HTTP,
.
, Apache, Linux. - , ,
thttpd. , Apache, , ,
. Apache ,
,
.
, ,
, kHTTPd.
, .
thttpd Zeus. ,
, .
, .
(, ), Web .
Apache, ,
, ,
Web- . ,
Apache,
.

Apache
, Web-, Apache. ,
(. . , ), ,
.
Apache . ,

496

III. Internet

Apache, , . Apache
,
.

Apache
Apache httpd.
conf. ,
. Caldera SuSE httpd. conf /etc/httpd; Debian Slackware /etc/apache
(Slackware - /etc/apache/httpd. conf .default;

); Red Hat TurboLinux httpd.conf /etc/httpd/conf/.
, httpd. conf, #, . , , :

, .
, . .
. .
<Directory /home/httpd/html>
Options FollowSymLinks
AllowOverride None
</Directory>
, ,
. , , .
Apache , . ,
httpd. conf.
access.conf.
AccessConfig httpd.conf. access.conf
<Directory>, .
, AccessConfig /dev/null,
access. conf.
mime.types. Web- , , Web- MIME (Multipurpose Internet Mail Extensions Internet). ,
MIME- text/plain , ,
a image/ jpeg JPEG (Joint Photographic
Experts Group ).
mime. types MIME- -

20. Web-

497

. , , .txt .asc, MIME- text/plain. ,


Web- . , ,
, Web-.
,
.
magic. MIME-
.
. , ,
"" . , , magic. , .
magic .

Apache
4 . Apache
: ,
SysV .
SysV ,
, ,
.
Apache ;
Debian , '.
, ,
, Apache.

- , ,
Web- ,
Apache ,
, , . , ,
thttpd Web-,
.

Apache,
ServerType. Apache
standalone inetd. , Apache
. , , SysV
Apache inetd,
, SysV Apache, SysV, /etc/inetd. conf
, , inetd.
, .

498

III. Internet

Apache apache,
httpd.
, .


, , . Apache ( /home/
httpd/html). Apache ,
, , . , , ,
Web-.
, Apache. .
ServerType. .
standalone inetd.
User Group. Linux
. , Apache.
Apache nobody
, .
,
.
, .
<?^^

^^ Apache ,
root.
ServerTokens. Apache , . ProductOnly, . Min,
OS Full ( , ),
ProductOnly, .
, , ProductOnly
|
ServerTokens, . -
, Linux, . , .

20. Web-

499

MinSpareServers MaxSpareServers. Apache


, . . MinSpareServers
MaxSpareServers , .
, MinSpareServers,
, Apache . , , MaxSpareServers, .
,
, , .
,
.
5 10. , MinSpareServers MaxSpareServers
, .
, , , .
, Apache
MaxSpareServers, . , . MaxSpareServers
, ,
.
MaxClients. , .
150. , , . Web-

MaxClients, Apache. ,
. MaxClients ,
.

, MaxClients,
, Web-, Apache. Web-
,
MaxClients.

Listen. Apache
, 80.
, . , Listen 1 9 2 . 1 6 8 . 3 4 . 9 8 : 8 0 8 0
Apache, ,

500

III. Internet

192.168.34.98 8080.
Listen 8000 ,
8000.
BindAddress. , Apache,
, , , Apache . ,
BindAddress 192 .168 . 34 . 98, 192.168.34.98. Apache
BindAddress *, Apache .

, , BindAddress 127 .0.0.1. . URL http : / / 1 2 7 . 0 . 0 . 1


http://localhost.

Port. Apache,
. 80.
ServerAdmin.
. webmaster. SMTP,
, .
, , , .
ServerName. , , .
Def aultType. Apache MIME- , "" , MIME-, .
text /plain, . Def aultType ,, Web-
, , , MIME-
.
HostnameLookups. On O f f .
On, Apache , , . , .
, .
LogLevel. Apache . , debug,
info, notice, warn, error, crit, alert emerg LogLevel.

20. Web-

501

( , .) warn.
CustomLog. :
, . , , Web-.
common, agent, referer combined.
httpd.conf , .
,
CustomLog.
, , httpd.conf .
. , Apache , .


URL .
. URL (, http: / / ftp: //)
, . , HTTP ( URL
http: //). URL,
https : //.
. , URL,
, Web-. , URL http: / /
www.threeroomco.com/thepage/index.html www.
threeroomco. com. ( . ,
DNS CNAME.
( DNS 18.)
. HTTP- . URL ( ). , URL http://www.threeroomco.com/thepage/index.
html thepage/index.html.
, Linux.
, Web-.
URL , Web- ,
Directorylndex.
. URL . , Web- .
URL #.

502

III. Internet

URL, FTP,
.
Apache ,
, Web-.
, Web-
. , , .
ServerRoot.
, Apache.
"/usr" .
.
DocumentRoot. , ,
, Web-. "/home/httpd/html" . (
httpd. conf .)
DocumentRoot ,
f Linux , Apache .
UserDir. ,
URL, , Apache .
UserDir , .
, public_html URL http: //www. threeroomco.
compilation/~abrown/photos . html. Apache photos .html, public_html abrown. disabled
, , , .
, disabled , .
<IfModule>, , Apache, . (
Apache .)
Directorylndex. URL ;
( ).
Apache URL, , Directorylndex.
index.html, .
. URL http: //www. threeroomco.
com/public/, Apache index.html,
public , DocumentRoot.
, Apache .

20. Web-

503

Apache , .
, , Web- .
,
. , . , Apache
, .

Apache
Apache , Web- . , , Apache . , .
, ,
, . Apache .
httpd. conf,
, LoadModule. .
LoadModule mime_module
lib/apache/mod_mime.so
(
mime_module) , (lib/apache/
mod_mime. so). , ServerRoot,
.
, ,
Apache. , , httpd -1 ( apache -1). ,
Apache LoadModule,
, AddModule.
AddModule mod_mime.
AddModule
. Apache LoadModule, AddModule.
, ;
Apache ,
Web-. , , . ,
, , Apache, ,
.
Apache , , . Web- Apache Module Register http: //modules . apache. org.

504

III. Internet

, , ,
Web- .

kHTTPd
, UNIX, , , Linux,
: (kernel space processes) (user
space processes). ,
, ,
. ,
. , ,
. , ,
.
, , ,
, Web- ,
,
. . 20.1 Web- ( Apache)
. , ,
,
. , .
HTTP-,
Web-, .
,
. 2.4.x
, Web- kHTTPd. h t t p : / / w w w . f e n r u s . d e m o n . n l . ,
, , /proc/sys/net/khttpd.

HTTP-

HTTP-

Apache

HTTP-

HTTP-

. 20.1. Web-, ,

20. Web-

505

,
.
1. kHTTPd Linux. Kernel HTTPd Acceleration, Networking Options.

.
2. Apache ,
8080 , 80.
3. kHTTPd. , insmod khttpd.
4. kHTTPd , 80. echo 80 > /proc/sys/net/
khttpd/serverport.
5. echo 8080 > /proc/sys/net/clientport.
kHTTPd ,
, Apache, 8080. ( 2
, 8080, .)
6. kHTTPd,
. echo /home/httpd/html > /proc/
sys/net/khttpd/documentroot, /home/httpd/html
, , , httpd.conf
DocumentRoot.
7. Web- HTML-,
, /proc/sys/
net/khttpd/dynamic.
8. echo 1 > /proc/sys/net/khttpd/start, kHTTPd .
SysV.
SysV ,
4-8 .
, ,
, , . kHTTPd
(, , CGI-), Web-,
. , 2 5.
, Web- CGI-,
kHTTPd . ,
kHTTPd , Apache .

506

III. Internet

,
, . , kHTTPd ,
, Apache . kHTTPd , , ,
. , kHTTPd,

Apache.
kHTTPd , . Red Hat TUX, ,
,
Linux.


Web-, , Web-, . Web Web-. ,
, Web-, . Web-, , .
Web- Apache,
. , , .

, CGI-
.
,
. .
HTML-. Internet
HTML (Hypertext Markup Language ). HTML . htm . html
. .
, <> , </> . HTML Web-
, Internet ( , Web).
. , ,
.
Web-.
. . txt. , Web- ,

20. Web-

507

, .
. HTML- , .
. ,
, .
, .
. Web-
PDF, Microsoft Word, . zip . tar, , .
, .
,
DocumentRoot UserRoot .
, ,
: ,
. , , , :
.
,
. Internet,
. .
. URL
, Web-, .
( ).
Search ( ,
) Web, Web-
.
Internet-. , Internet-, Web-
"" .
Web- Web- , ,
, . Web-, Web Web-, Web- , .
Web-, . Web
, . , Slashdot (http://slashdot.org),
. Web- cookie, -

508

III. Internet

. ( cookie
.)
Web-.
. Web-
Web- ,
HTML- ( )
, .
Web- .
Web-. Web- Web-,
, , ,
. , , Web-, ,

. , , ,
Web- , . Web- HTML-,
.
CGI-. CGI (Common Gateway Interface ) , HTML-, Web-. CGI-
. , , Perl. Web- CGI , URL.
Web- , ,
Web-, .
SSI (Server Side Includes ) , ,
CGI-, Web-, SSI . SSI , CGI,
Web-, ,
.
Web-. , , CGI, CGI .
, Web-, CGI-,
. . , , CGI-, .

CGI-
CGI-, Apache . URL, ,

20. Web-

509

, , ,
Web- . CGI-
Apache .
. CGI- Apache ,
.
CGI Apache.
LoadModule cgi_module
1ib/apache/mod_cgi.so
, CGI-, Apache,
AddModule. ( ,
.)
AddModule mod_cgi.
Apache CGI- . CGI
. .
ScriptAlias. . -,
Apache , , , CGI-. -, , , ,
URL. , ScriptAlias /scripts/ "/home/
httpd/cgi-bin/" /home/httpd/cgi-bin/
/scripts URL. , URL
http://www.threeroomco.com/scripts/test.pl, test.pl, /home/httpd/
cgi-bin/. Apache LoadModule AddModule
; ,
, httpd.conf. CGI- mod_alias.
.
, , .
Options +ExecCGI. CGI- , +ExecCGI Options.
, (. .
<Directory>).
. htaccess. ,
.htaccess. .htaccess Options
+ExecCGI, Apache CGI-, .
, httpd.conf
AllowOverride Options;
, . htaccess.

510

III. Internet

Options +ExecCGI AllowOverride Options f .


,
.
.htaccess .
Apache
ScriptAlias, /home/httpd/cgi-bin
/cgi-bin URL. .
CGI- , /home/httpd/cgi-bin. .
, , ,
.
Web- FTP-, /home/httpd/cgi-bin
chmod + _.

CGI-
, CGI- ,
.
CGI-;
. CGI-,
Web- http://httpd.apache.org/docs/howto/
cgi. html , .
CGI- Web- . ,
, . , Web-,
CGI- HTML
, Web-. (,
.)
HTML-, CGI- Content-Type
MIME- , .
:
Content-type: text/html\r\n\r\n
MIME- text/html, ,
CGI- HTML-. \ r \ n \ r \ n ,
. . CGI-, Perl, 20.1. ,
. , CGI-, . URL
, "Hello, Web".

20. Web-

511

20.1. CGI-, Perl


#!/usr/bin/perl
print "Content-type: text/html\r\n\r\n";
print "Hello, Web";
. ,
, . -. =,
- &. , CGI, .
city=Oberlin&state=OH&zip=44074
, . Perl .
Perl CGI-.


CGI-
Web- CGI-, ,
Web-, .
, . , Web- CGI . CGI- ,
. , , ,
. , CGI-
,
. .
, ,
CGI-. User Group httpd.conf. CGI- , , ,
, , , CGI-.
,
Apache;
. .
, .
, , . , ,
Web-, , .

512

III. Internet

Web-, , http: //www. cpan. org.


, Web-,
, . , ,
Web-, . ,
, IV.

Web-
. Web Web- SSL (Secure Sockets Layer
). SSL
. SSL- Apache , , mod_ssl (http: //www.
modssl.org) , Apache-SSL (http:
//www.apache-ssl.org). SSL- ,
.

, SSL
SSL , , SSH. ( , , OpenSSH
OpenSSL,
Apache, SSL.) SSL
, Web- Web-.
. SSL , .
, Web- Web- , .
,
.
, , , , ,
, . , ,
, , .
.
Internet . ,
, . , URL http: //www. abigretailer. com, ,
, ? ,
DNS
. SSL .

20. Web-

513

, , . , ( certificate authority),
, . , ,
,
, . ( , .
, 2001 . Microsoft ,
.)

,
. , . , , . http: //www. apache-ssl.
org/#Digital_Certif icates. , Web- , , Web- .

SSL , 80.
HTTP (HTTPS)
443. Web- , URL, ,
https: //. Apache SSL,
, - 80 443, .
, ,
(, Apache SSL- thttpd
HTTP-).

SSL
Apache SSL-, SSL-. Linux
.
SSLeay (http://www2.psy.uq.edu.au/~ftp/Crypto/ssleay/)
OpenSSL (http://www.openssl.org)
OpenSSL Linux.
Linux, Debian, Mandrake, Red Hat SuSE. SSLeay OpenSSL ,
(ssleay openssl) .
OpenSSL . Internet , ,
. Apache SSL .
, ;

514

III. Internet

# openssl req $@ -new -x509 -nodes \


-config /usr/share/doc/apache-ssl/examples/ssleay.cnf \
-out /etc/apache-SSI/apache.pern \
-keyout /etc/apache-SSI/apache.pern

, SSL /etc/apache-ssl,
/usr/share/
doc/apache-ssl/examples/ssleay. cnf.
. ,
.
, \ .

openssl ,
. ,
/etc/apache-SSI/apache.pern.
,
. , , , Web-,
, , , . , Opera
Linux, . 20.2.
.
Certificate signer not found)-
Th* KM certificate tor tnlt server 1 registered Vou mey iristali'tWe certrlcate AcceptrtrntaKT
*^

louiswu.rodsbooks com
rodsbooks
Woonsocket
Rhode Island, US

-4

K)"

>

''

-^

louiswu.rodsbooks.com
rodsBooks
Woonsocket
Rhode Island, US

https://loulswu.rodsbooks.com/
Connection : US V1.0 126 bit C4 (RSA/SHA)
Certificate version: 3Serlal number: 0
Not valid before:Nov 520:50:132001 QMT
Not valid aflerDec 5 20:50:13 2001 GMT
Fingerprint: 14 46 38 04 13 F8 34 AA 3D 01 B6 7E 3 6 CO 88

. 20.2. , , , ,
,

20. Web-

515

Apache,
SSL
, SSL Apache . SSL-
Apache. SSL- ,
SSL-.
Apache , SSL,
.
, SSL,
, ,
Apache. , Debian Apache,
SSL, /etc/apache-ssl,
Apache /etc/
apache. SSL-
Apache SSL, ,
, , . .
ServerType. SSL , ServerType
standalone.
. SSL
443. , Listen
.
. LoadModule AddModule
,
SSL. , , ,
.
SSLRequireSSL. <Directory>, , SSL. (
.) SSLRequireSSL . , , , ,
.
SSLEnable. SSLEnable SSL
. SSLRequireSSL,
.
SSLCACertif icatePath. , . , SSLCACertificatePath
/etc/apache-ssl.
SSLCertif icateFile. ,
(, /etc/apache-SSI/apache .pern).

516

III. Internet

, SSL- . ,
Apache
.
, SSL-. , URL,
https : //. , , ,
. 20.2. ,
(
).
Internet, , | Web-. , , .
, , (, , )
.
,

.


Apache Web, Web-. Web-? ,
, Web-. Web-
,
. , , Apache .


Web- - , , . ( Web-
, DNS-.) .
(
), Apache ,

. ,
, .

Web-, Web-,

20. Web-

517

. (
Web- )
,
, .
.
,
Internet.
, Web-
. , , Web.
, , .
Web-.


.
, , , , .
.

VirtualDocumentRoot

VirtualDocumentRoot , . ,
. VirtualDocumentRoot ,
. (
. 20.1.)
:
VirtualDocumentRoot /home/httpd/%0
20.1. ,

%%
%
%N.

%
,
, . N ,
. , 1 , 2
. . N : 1
, 2 . .
, N, ,
.
, .

518

III. Internet

, /home/
httpd, , . , URL http://www.threeroomco.com/index.
html, /home/httpd/www.threeroomco.com/index.
html. ,
Web-, (
/home/httpd). .
.
VirtualDocumentRoot /home/httpd/%-1/%-2
, , ,
URL http://www.threeroomco.com/index.html, Apache /home/httpd/com/threeroomco/index.html (
). ,
:
VirtualDocumentRoot /home/httpd/%-2.1/%0
URL http: //www. threeroomco. com/index. html Apache /home/httpd/t/www.threeroomco.com/index.html.
%-2 .1 (. 1) (-2), .
VirtualDocumentRoot, Off UseCanonicalName.
UseCanonicalName Off
UseCanonicalName On,
, Apache , . ,
index. html Web- products . html,
Apache , . . Off
UseCanonicalName, Apache
, .

<VirtualHost>
. Apache .
NameVirtualHost.
Apache , .
*; . , NameVirtualHost
IP-, ;
, , -

20. Web-

519

, , .
<VirtualHost>. , . ,
NameVirtualHost. </VirtualHost>. , ; ,
,
.
, <VirtualHost>, ServerName ( , )
DocumentRoot. , CGI-. , Web-:
NameVirtualHost *
<VirtualHost *>
ServerName www.threeroomco.com
DocumentRoot /home/httpd/threeroomco/html
ScriptAlias /cgi-bin/ "/home/httpd/threeroomco/cgi-bin/"
</VirtualHost>
<VirtualHost *>
ServerName www.pangaea.edu
DocumentRoot /home/httpd/pangaea-u/html
</VirtualHost>
, www. threeroomco. com , /home/httpd/threeroomco/html, , /home/httpd/threeroomco/cgi-bin.
www. pangaea. edu, /home/httpd/pangaea-u/html, CGI-
.
VirtualDocumentRoot, <VirtualHost>
. , VirtualDocumentRoot ; .
<VirtualHost>, , .

520

III. Internet

Web-

Web-, , Web-,
, , Web. Web- (, )
, ,
Web-, HTML-. HTML-,
, (, ), .
HTML- , Web-,
.

,
Web-
,
, Web-. , Web- Web-,
.
Web- HTML-. , . HTML- 20.2. , HTML-, : ,
, , , . ,
. , .
,
/.
, . , ,
. . ,
, Web-.
, 20.2, , . ,
HTML-.
<HTML>. , HTML-. , , .
<HEAD>. HTML- .
, ( <TITLE>). <HEAD>.

20. Web-

521

20.2. HTML-
<!DOCTYPE HTML PUBLIC "-//iETF/YDTD HTML 2.6//EN">
<HTMLXHEAD>
<TITLE>RpHMep Web"=</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<CENTERXH1 ALIGN= "CENTER" > Web"=</Hl></CENTER>
<IMG SRC="graphics/logo.jpg" ALT="Logo" WIDTH="197"
HEIGHT="279"> <> Web"=CTpaHH4a <
HREF="http://www.threeroomco.com/anotherpage.html">
.<//>
</BODYX/HTML>
<TITLE>. , ,
. ,
<BODY>. HTML-.
<BODY> , , .
<1>. , ,
, . Web, .
1 (<1>), 6 (<>). 20.2
<1> ALIGN, Web-
, . ,
,
, ,
<CENTER>.
<CENTER>. 20.2 ,
<1>, ALIGN,
<CENTER>.
, ,
, <CENTER>,
ALIGN.
<IMG>. Web-
. <IMG> 20.2.
<IMG> . SRC , ; , ,
, SRC URL
. ALT , . , ,
. WIDTH HEIGHT

522

III. Internet

,
, .
<>. . Web-
, , .
< HREFX <> (
URL , ,
HREF). . , URL
HREF.
, Web-.
, HTML ,
, , , , ,
, .
HTML , - .
.
HTML-, Web-
. , , 20.2 , Web- <IMG>.
, , , . ,
MIME- .
mime. types, . Apache
MIME- , .
,
, ,
.
Web- ,
, Web. .
GIF. Graphics Interchange Format ( )
1980-.
. , , ,
. GIF 8 , . .
256 .
PNG. Portable Network Graphic ( )
. GIF, PNG
(
24- , PNG
64 ). PNG ,
. PNG
http://www.libpng.org/pub/png/.

20. Web-

523

JPEG. Joint Photographic Expert Group (


) . GIF PNG,
.
JPEG 24 .
, , , , .
JPEG . ,
(, PNG JPEG). JPEG-
.
JPEG- . , . ,
. , Web, , , , , ,
.

Web-
HTML- , Web- .

WYSIWYG (what you see is what you get); , ,
, . Apache , Web-,
. Microsoft Front Page.
Web-, ,
Apache .
.

, HTML-,
. Apache , HTML- ,
FTP.

, Web-.
. HTML. (
, ,
HTML, HTML-
.) ,

524

III. Internet

, Web-. Linux HTML-


Applix Words, StarOffice WordPerfect.
Web-. Web-, Linux, Netscape, HTML-.
Web-, .
Web-.
HTML-. , Linux, ASHE (http: //
www.cs.rpi.edu/pub/puninj/ASHE/), August ( h t t p : / / w w w . l l s . s e /
~johanb/august/), Bluefish (http://bluefish.openoffice.nl) WebSphere
(http://www-4.ibm.com/software/webservers/hpbuilder/).
, .
Web-,
, Web-.
- , Web-,
, .

Web-
Web- , HTML, HTML-, . HTML
. , , HTML-, .
Web-, 20.2, -
. ,
<CENTER>, ALIGN . ,
, ,
, Web-, . ,
Web-, , . ( , Web-,
. , , . ,
, .
,
. 20.2 , .
.)
- HTML-,
Web- . ,

20. Web-

525

Web-: Netscape Navigator Microsoft Internet Explorer.


. , Linux
Mozilla (http: / / w w w . m o z i l l a . , Netscape Navigator, ), Opera (http: //www. opera. com) queror ( KDE). Lynx
(http: / / lynx. browser. org), .
, Web- , . Lynx
, ,
. Web-
, ,
Web- ,
. ,
. Windows
Internet Explorer, , MacOS, BeOS OS/2, . ,
.

, ,
, Web-.


Web-. ,
, Web-. , , , , .
,
, .
Analog Webalizer.
Apache, CustomLog. Apache
,
, , , .

Apache
Apache ; CustomLog.
combined, . combined :
192.168.1.1 - - [ 0 6 / N o v / 2 0 0 2 : 1 6 : 4 5 : 4 9 -0500] "GET /index.html \
/1.0" 200 8597 "-" "Mozilla (Xll; I; Linux 2 . 0 . 3 2 1586)"

526

III. Internet

.
IP- .
, .
. ,
.
identd, HTTP-. (
, , .)
. Apache .
(
-0500).
HTTP-. HTTP- , (GET), (/index.html) HTML (1.0). , ,
Web-, .
. Apache , .
200, , . , 3, , ,
4 5, .
. 8597 , Apache .
.
, .
HTML-,
URL .
Apache .
, , ,
, . ,
URL .
. ,
, . (,
Netscape Mozilla.)
, , , , .
, proxy-.
, , , ,
, .
,

20. Web-

527

, .
Linux
,
(
). /etc/cron. d /etc/cron. interval. , ,
,
.

Analog
Analog (http: / /www. analog. ex) ,
. , .
, Analog, , http://www.statslab.cam.ac.uk/~sretl/stats/stats.html. Analog .
Analog , Web-.

Analog
Analog analog. cf g, /etc. ,
, Analog, .
, SEARCHENGINE ,
. Analog Web-, . Analog
:
LOGFILE __$_
OUTFILE _____
HOSTNAME "_"
. ,
Analog ,
. Analog HTML . ,
Web-.
( Analog HTML-,
httpd/html/analog/index.html;
.) HOSTNAME Analog.
.
, Analog , , . ,
.

528

III. Internet

. Analog ,
analog, cfg ,
Analog (. . /usr/bin),
/etc. , /usr/bin
, ,
Analog , /etc,
In -s /etc/analog.cfg /usr/bin.
. Analog , .
/var/lib/analog/lang, Analog
/usr/bin/lang. ,
In -s /var/lib/analog/lang /usr/bin.
. Analog , .
, Analog
.
/var/www/html/images, ,
Analog, ,
, images . ,
, In -s /var/www/html/ images.
. ,
analog-5 . 01-lmdk Mandrake.

Analog
Analog analog.
, ,
, Analog
. , Analog
.
Analog (
, ).
. , Analog ,
,
(, ), .

Analog
Analog .
,
, .
.
. , Web-: , , ,

20. Web-

529

, ,
.
. , . ,
.
. ,
(, . .).
.
. -
, , ,
. ,
.
. ,
, ,
.
.
, , .
.
, ,
, .
, - proxy-
.
. Analog , , Web-
. 4. 5. ,
.
.
, Web- . ,
, .
, ,
, .
. (JPEG, HTML
. .), Web-.
, , .
. Web-
. ,

530

III. Internet
, (
).

. ,
Web-.
, ,
Web-. , ,
Analog . Apache,
Analog .
Analog . , HTML-, Analog,
. ,
Analog .
Analog ,
, ,
, , , Apache. , Analog, , ,
.
Report Magic (http: //www. reportmagic. com).

Webalizer
Webalizer (http: //www. webalizer. org) , Analog. Analog, Webalizer
HTML-, Web- . Webalizer
.
, Web-, . , Webalizer,
http://www.webalizer.org/sample/.

Webalizer
Webalizer webalizer .conf,
/etc. Analog,
Webalizer , Web-
. :
LogFile ___
OutputDir _____
Analog Webalizer ,
Analog , Webalizer , .
Web-, , Webalizer, Web-.
, Web-,

20. Web-

531

Webalizer URL, f i l e : / / .
Webalizer, , , .
Incremental. yes, Webalizer
.
. , , Webalizer
. yes Incremental
, ,
. no, Webalizer
.
HostName. ,
( ReportTitle).
GroupDomains. .
,
. , GroupDomains 2.
gingko. pangaea. edu birch. pangaea. edu
pangaea. edu.
, Webalizer.
GroupSite. . ,
GroupSite * . abigisp. net , abigisp.net.
HideSite. ,
GroupSite. GroupSite HideSite .
Webalizer Analog.
, Webalizer. ,
.

Webalizer
Webalizer webalizer.
Analog, Webalizer, root.

, Webalizer. ,
Webalizer .
yes Incremental.
Apache, . , . ,
Webalizer , .

Webalizer
, Webalizer,
. -

532

III. Internet

pa . (
.) , ,
, Web-,
.
Web-, , .
.
. , , ,
.
. Web-
, Web-
. ,
.
. ,
, .
, ,
.
URL . Webalizer ,
URL. ( URL ,
.) URL
, , URL,
.
. , Webalizer,
.
(entry page) ,
, (exit page) ,
.
. Webalizer Web-, , ,
.
GroupSite,
Webalizer.
, .
, Webalizer , , .
. ,
, Web-,
URL . Webalizer .

20. Web-

533

. Webalizer Web, .
. Webalizer .
, Web US Commercial, Network .

Web- Internet. ,
, .

Web- ,
, .
Web- , ,
, Web-. SSL , ,
Web-. Web-,
Web- : Web- . Web-
, ,
,
. Web-. , Web-
, , .
Web-.

1 JIciBci 2* 1
FTP-

FTP (File Transfer Protocol )


Internet.
, . FTP- , , .
FTP- Web- ,
.
FTP- . FTP, , Linux. , FTP-,
. ,
. , .

FTP-
FTP- Web-, 20,
Samba NFS, (
7 8).
.
,
. FTP- HTTP, Samba NFS.
. FTP-,
, . ( FTP-, .)
Web- , ,
Web- .
, ,
, ,
IP-.

21. FTP-

535

. ,
FTP-,
.
NFS Samba. Web-
, . Web-
.
. FTP- ,
. Internet. FTP-, . FTP,
. , FTP,
Kerberos, 6.
Web- ,
. Samba
. NFS , . ,
NFS, . scp sf tp, SSH, ,
FTP , .

Internet ,
. ,
,
.
. Samba NFS, FTP . FTP-, (,
-),
. Web- -;
, . FTP , : ,
. 21.
( )
, . ,
, ,
, .
. ,
, NFS Samba, , . ,
,

536

III. Internet

. . FTP, HTTP .
FTP HTTP, , ,
, ,
, .
, FTP.
Linux Linux FTP Filesystem
(http: //f tpf s. source forge. net). FTP .
. ,
, FTP- .
. Web-
, HTTP
.
. FTP- Web- , , TCP/IP; DOS. FTP
HTTP, :
NFS UNIX Linux, a Samba DOS,
Windows OS/2. ,
, .
,
.
. Linux FTP-,
, , . ,
.
NFS, Samba HTTP, . , FTP-,
,
.
, FTP
.
.
Linux , FTP-
. , FTP- ,

21. FTP-

537

, . FTP.
. FTP-, ,
,
. FTP- (, )
Web-.
Web-, FTP- .
. , ,
.
Internet , FTP-
. FTP- ,
, - "" . FTP-
, , , ,
. , ,
,
, .
, ,
, .
.

, FTP-
Linux
, FTP Linux. , ,
.
BSD FTPD. BSD Unix FTP-,
Linux. , , Linux
OpenBSD FTPD. BSD FTPD Debian SuSE. FTP- BSD FTPD
, , ,
Linux.
ProFTPd. ProFTPd, Web- http: / /www.
prof tpd. org, Debian, Mandrake, Slackware, SuSE Tur-

538

III. Internet

boLinux. 2002 .
ProFTPd , Apache.
WU-FTPD. Washington University FTP Daemon (WU-FTPD)
FTP- Unix. Web- WU-FTPD http: //www. wu- f tpd. or . Caldera, Debian,
Mandrake, Red Hat, SuSE TurboLinux.
.
FTP-. ProFTPd
WU-FTPD, Linux. ProFTPd
WU-FTPD.
WU-FTPD
, .
, BSD FTPD.

FTP-
FTP-, . , , WU-FTPD,
, ProFTPd, SysV. ,
, . FTP-
, , ,
, . , ,
, ,
FTP-
. -, . FTP .

FTP-
Linux 4. , FTP-, ,
. ,
.
.
, inetd, /etc/inetd.
conf FTP-.
FTP- .
inetd.conf , ,
inetd. FTP-,

21. FTP-

539

, inetd. conf , , -
.
, xinetd FTP-, /etc/xinetd. d .
. disable = yes, ,
- .
. , FTP- ,
disable. ( ,
.)
, - inetd xinetd,.
. FTP-, . FTP-,
, , -.
FTP- , SysV .
, , , , . Linux,
Debian Mandrake, ProFTPd.
ProFTPd , FTP- .
, , FTP- (
). FTP-
. , ftp,
Linux:

$ ftp harding.threeroomco.com
ftp: connect: Connection refused
, FTP- .
, . , ,
, , .
, , .

WU-FTPD
WU-FTPD . , -
.
, WU-FTPD .

540

III. Internet

WU-FTPD
, WU-FTPD,
/etc. ftp.
f tpaccess. WU-FTPD f tpaccess. , , TCP/IP-, FTP-,
.
f tpconversions. , f tpaccess .
,
.
ftphosts. ,
FTP-, . , allow, ,
, deny,
. , deny sJones , sjones FTP- ,
deny badsite. pangaea. edu
, badsite.pangaea. edu.
ftpusers. , WU-FTPD. WU-FTPD;
(Pluggable Authentication Module).
FTP-. ,
root, nobody daemon.
ftpservers.
. ,
. IP- , . , FTP-, , WU-FTPD
, . , 192 .168 .21. 8 /etc/f tpd/trusted ,
192.168.21.8
/etc/ftpd/trusted. ,
.
f tpaccess.
ftphosts, ftpusers ftpservers .
, , f tpaccess,
ftpconversions.

21. FTP-

541

WU-FTPD
, WU-FTPD,
. , Linux. ftpaccess class,
:
class

.
. all. .
. , . real ,
guest , , a anonymous FTP-.
. IP-, ,
. ! , . * .
, OR. , threeroomco.com, pangaea.edu ,
.
ftpaccess :
class
all
real,guest,anonymous
*
,
. , , , , ,
. ,
.
ftpaccess .
deny _ ___. WUFTPD , , ,
. deny f tphosts,
, . ,
, , .
autogroup _ [, . . .]. ,
WU-FTPD setgid .
, ,
, ,
.
defumask umask [, ]. WU-FTPD, , , ,
umask.

542

III. Internet
timeout _ __$. -.
accept, connect, data, idle, maxidle rf c931.
noretrieve [relative I absolute]
[188=_]
_
. .
, .
. relative absolute ,
( chroof)
( ).
, /. ,
noretrieve /etc /usr, , / e t c n / u s r .

noretrieve ,
1
/etc/passwd, /etc/shadow , /etc/ftpaccess, core ( ) .

allowretrieve [relative|absolute] [1=_] _


. , noretrieve.
,
noretrieve.
noretrieve.
message _ [] [ ]. message , FTP- . , ,
login, . &=,
.
. , message . message cwd=*,
.message, .
,
-.
compress [yes I no] [, ]. . , , ,
. (, f i l e file. gz.) , ,
ftpconversions.
tar [yes | ] [, ].
compress, tar-.
.

21. FTP-

543

chmod, delete, overwrite, rename umask. yes , , ,


. . , delete no guest,
anonymous guest anonymous .
dns refuse_mismatch _. WUFTPD , IP- , DNS-. ,
, , .
.
dns refuse_no_reverse _. ,
DNS- ,
. .
WU-FTPD.
,
, f tpaccess. ,
FTP-.

ProFTPd
ProFTPd
Apache, ,
Apache, ProFTPd .

ProFTPd
ProFTPd proftpd.conf; , /etc. ,
ProFTPd. , ,
#. :
[]
, . , .
. , /. , Limit,
.
<Limit WRITE>
DenyAll
Allow from 172.21.33.
</Limit>
, ProFTPd
f tpusers. ,
WU-FTPD. , ,

544

III. Internet

FTP-. ( , ProFTPd , , , ftpusers.)


ProFTPd ftpusers, ,
nobody, daemon root. , .
, ftpusers ,
- FTP-.

ProFTPd
ProFTPd ,
. ProFTPd, http: //www.proftpd.org/docs/.
, , ,
.

, , , ,
. .
<Anonymous _>. FTP-. , ,
, -. ,
, .
ProFTPd chroot
( chroot ( ) 23).
<Directory _>. , .
, /.
ProFTPd, , ,
<Directory /*>. ,
.
<Global>. <Global> , ,
<VirtualHost>.
<Limit _>'. FTP-, , .
: CWD, CDUP, MKD,
RNFR, RNTO, DELE, RMD, RETR STOR.
,
. READ ( ), WRITE ( ),
DIRS ( ) ALL ( ). ,

LOGIN.
<VirtualHost >. ProFTPd
. -

21. FTP-

545

IP- ,
, .
.
, ; . ,
. ,
. . FTP-
.
Allow [from] _. <Limit> , .
IP-, ,
( ) IP-.
.
all . Allow
from, ,
.

IP-.
FTP- DNS-.

AllowAll. ProFTPd ,
. AllowAll
<Directory>, <Limit> <Anonymous>, , .
AllowGroup _. , <Limit> . , .
, .
!, ,
. ,
, ,
DenyAll.
AllowOverwrite [on | of f ]. , . off, .
AllowUser _. AllowUser
, . !,
, .
DefaultRoot _ [_].
.

546

III. Internet

. /,
. ~ . Def aultRoot ,
. ,
AllowGroup.

Def aultRoot ~, , . , ProFTPd


.

DefaultTransferMode [ascii (binary]. FTP- . (binary) , (ascii)


. ,
, , , . DefaultTransferMode , .
ascii .
Deny [from] _. , Allow.
<Limit> .
DenyAll. <Limit>,
<Anonymous> <Directory>.
. ,
,
DenyAll.
DenyGroup _. , <Limit>.
, AllowGroup.
DenyUser _.
AllowUser. <Limit>.
DisplayConnect _.
, ProFTPd , . , .
DisplayFirstChdir _. ProFTPd ,
,
. .message, .message,
, .
DisplayLogin _.
DisplayConnect, .

21. FTP-

547

Group _. ProFTPd root,


. .
,
ProFTPd.
nogroup, ftp .
MaxClients \ .
, . (, 30)
,
.
Maxlnstances . MaxClients, MaxClients
, Maxlnstances , . Maxlnstances ProFTPd
,
.
Order allow, deny | deny, allow. <Limit> , , ProFTPd
, .
, . , , . Order deny, allow.
,
, , , .
RootLogin on | o f f . ProFTPd root. RootLogin on,
root FTP-. ( , ,
, , root
/etc/ftpusers.)
Serverldent on | off ["-" ]. , ProFTPd
. on , -. ,
FTP- ProFTPd. , ,
.
ServerName "-".
, , Serverldent. Serverldent
, ,
ServerName.
ServerType inetd I standalone. ProFTPd , inetd ,

548

III. Internet

SysV ,
standalone. ProFTPd , (inetd), root
(standalone).
SyslogLevel
emerglalert|crit|error[warn|notice|info|debug.
,
.
: erne rg , a debug
.
Trans f erLog _ \ NONE. ( NONE). ,
. <Anonymous>,
<VirtualHost> <Global>, .
Umask _ [__ ].
umas k, (, , ). 022,
.
UseFtpUsers on | o f f . o f f UseFtpUsers, /etc/f tpusers.
on.
UserAlias _. ProFTPd
, .
, . , UserAlias jones ronald, jones
ronald. (
FTP-, ftp.)
, , , , ProFTP .
, .
<Anonymous> .
, . , ,
, .

-
FTP- FTP-. , FTP-

21. FTP-

549

Web-, FTP-
Web- . , , FTP- FTP, . , HTTP FTP,
, .
FTP-,
. FTP-
,
, . ,
, ,
.

-
FTP- . FTP- , , . HTML- , FTP-;
ftp: // (, ftp: / / f t p . threeroomco. com/pub/manual.pdf).
FTP- .
, ^, : . Web-. , , FTP-,
. ,
. ,
,
. FTP- .
, FTP-, .
, , FTP-,
.
, , FTP-,
. , , . FTP chroot, 23.
chroot ,
| . , FTP-. ,
,
.

550

III. Internet

FTP- chroot, . ,
FTP- Linux, . , ProFTPd,
chroot,
, , ,
.
FTP- ( ProFTPd)
SysV. (
WU-FTPD). FTP- ,
chroot ( ) , root.
FTP- , chroot . ( , FTP-
,
chroot ().)
FTP- , .
.


FTP-
FTP- , . ,
FTP- , Web- . , , .
, , FTP- ( WU-FTPD), .
, FTP- , ,
chroot, . FTP-
.
.
FTP- ,
. , FTP . (
.)
FTP- , FTP-.
,
FTP-, .
, FTP- ( ). ,
,
, .

21. FTP-

551

,
-
FTP-, Linux,
FTP-. , . ,
FTP- WU-FTPD, ProFTPd. ( ),
.


FTP- .
, /home/ftp, .
root, ,
FTP-,
755 (rwxr-xr-x).
, , .
,
.
FTP .
pub. ,
. pub . ,
ftp .
bin. FTP- . /bin ( ,
chroot ( ) ) . Is, , tar, gzip zcat ( gzip). FTP-, , , , bin ,
,
/bin . , FTP- ,
. , ,
, .
lib. , /bin. /bin FTP
/bin , ,
. Idd. ,
, , Is,
Idd /bin/Is.

552

1(1. Internet

etc. FTP- , /etc:


passwd group.
/etc . ftp (
,
).
, FTP-.
, FTP,
, . ,
, , gzip.
/bin FTP.

WU-FTPD,
-
, FTP-
WU-FTPD, /etc/ftpaccess.
.
class. , . ,
.
compress, tar, chmod, delete, overwrite rename. .
,
, , .
,
, .
anonymous-root. chroot, WU-FTPD.
WU-FTPD root. ,
ftp. , WU-FTPD FTP-, .

ProFTPd,
FTP-
ProFTPd, FTP-, proftpd.conf. ,
, .
<Anonymous /home/ftp>
User
Group

ftp
ftp

21. FTP-

553

anonymous
ftp
UserAlias
anonymous ftp
t chroot
<Limit WRITE>
DenyAll
</Limit>
</Anonymous>
<Anonymous> , ,
.
ProFTPd , chroot,
/home /ftp.
User Group ProFTPd , . ProFTPd
.
, FTP
.
UserAlias , anonymous.
, <Limit WRITE>, DenyAll. .
FTP, . , ,
,
.
, anonymous, , AnonRequires Pas sword on.
/etc/passwd /etc/shadow. ( ProFTPd ,
chroot,
/etc/passwd /etc/shadow.)
, FTP- ,
, . FTP- ,
, ,
/etc/f tpusers.

554

III. Internet

FTP- Internet,
Web-.
FTP-
(
) (
). Linux
FTP- WU-FTPD ProFTPd.
, ,
. -.
ProFTPd Apache. .
,
FTP-.

IV

22

Linux , .
. , Linux,
,
. ,
. , ,
, , . ,
.
,
Web-, . , ,
, ,
, .
, ;
; , , ; ,
. , ,
. , 23 ;
25 ,
; 26
Internet .
, , , , (Mann)
(Mitchell) Linux System Security: The Administrator's Guide to Open Source Security Tools
(Prentice Hall, 1999), (Garfinkel) (Spafford) Practical
UNIX & Internet Security, 2nd Edition (O'Reilly, 1996). , , (Constain-

22.

557

tine) (Ziegler) Linux Firewalls (New Riders, 2001).


, , Linux, , ,
(McClure), (Scambray) (Kurtz) Hacking
Exposed, 3rd Edition (McGraw-Hill, 2001).


,
, , . ,
, .
,
, . , . ,
, .


: , , ,
.
. ,
.

,
Linux ,
. ,
, .

, , . ,
, . ,
, ,
. GNOME RPM,
Red Hat, YaST SuSE, Storm Package Manager ( Storm, Debian). GNOME RPM, , . 22.1. ,
. , , , , ,
, .
, tar-
. , ,
. (, , ,
, ,

558

IV.

Packages Operations Help


Install

Unselect

Unlnstall

Query

Find

Verify

Web find

- Editors
-QFHe tools
I \ (^Graphical desktop
raphics
- ^Monitorim
^Daemons
ESFile transfer
QMail
- Other
jRemote access
-Ca Office
St.

_T

acKsges selected. 1

. 22.1. ,

. ,
, .)

, ,
.
.
/etc/inetd. conf /etc/xinetd.conf,
/etc/xinetd. d. , , . inetd
, #, , , , . xinetd
disable = yes.
SysV. , SysV, ,
( /etc/re. d/rc? . d /etc/re? . d, ?
). ,
. , ,
SysV, , , , .
.
. , ,
re. local boot, local.
, , , .
, ,
.

22.

559

, SysV, 4.
, ntsysv tksysv. ,
(Caldera, Mandrake, Red Hat TurboLinux) chkconf ig list, , SysV,
xinetd.
,
, , , . , ,
, . , ,
, .

ps. . , . ps
, ps ax.
, ps, , , ps,
more less. , grep. , sendmail,
ps | grep sendmail. , ps
, . ,
ps.
$ ps ax
PID TTY
STAT
TIME COMMAND
1 ?
S
0:15 init [3]
502 ?
S
0:05 named -u bind
520 ?
S
0:01 cupsd
535 ?
SW
0 : 0 0 [nfsd]
1741 pts/4
S
0 : 0 0 /bin/bash
4168 ?
S
0 : 0 0 httpd
ps . , ,
. ps init, 1. , .
init,
. , ,
. [nfsd].
, [nfsd] NFS,
. named, cupsd httpd . . -,
"d", -, ( TTY ?). , /bin/bash
, TTY pts/4, . .
.

560

IV.

ps, , . man ,
. ,
, .
, . rpm -qf __. ( Debian
dp kg -S __.)
ps, , , . ,
ps , .
, .
netstat
ps , ,
,
. netstat.
. ps, netstat
. netstat -1. -1 netstat ,
, ,
- , . ps,
netstat ,
less more.
netstat ,
, , , netstat . ,
,
.

, , , . Nessus (http: //www.nessus .org), SAINT
(http: //www.wwdsi.com/saint/)Nmap(http: //www.insecure.org/nmap/).
, , . ,
, ,
. , . ,
nmap gingko. threeroomco. com.
, .
,
, .
, ,
. ,
(, netstat) .

22.

561

, , ,
.
f , .
, . ,
,
.
:
. . ,
, , . , ,
.
, . , ,
, ,
, , . .
, ,
IP- .


, ,
. .
Linux, ,
. , , ,
, . ,
, Internet.
, , , . ,
, .
, . ,
. , , .
X Window, .
, .
, . , , 13 14,
, . ,
SysV.
, , .

562

IV.

, , . , ,
, .


, , .
.
, ,
. , /etc/inetd. conf SysV. 4.
. , , , .
. , ,
.
, , ^f . ,
, ,
. , SysV , .
.
, , .
, . ,
, ,
. ,
.


, , "" . , ,
" ". , .
, , iptables ( 25).
.
,
. , , . ,
,
. ,
, .

22.

563


, .
, , ,
. ,
. , .
, FTP- . , ,
.
: ,
( , ). , , DHCP .
, , , . , Web FTP-, ,
. , ,
.
,
, . , ,
,
, .
, .
. , , , , ,
. , .
.
, , , , . .
.
, . , ,
, ,
. ,
,
. , , . , ,
, 0755 0775 umask. ,
0700.

564

IV.


. .


.
,
, .
, . , ,
.
.
, .
# usermod -e 2003-07-04 george
, george
4 2003 . (
, useradd -.)
, ,
. ,
, .
.
, , . ,
,
;
# chage - 30 -W 5 george
, george
30 5
. george
,
.
,
.
, , , . ,
,
, ,
, . , . ,
last ,
/var/log/auth, .
, ,
, -

22.

565

.
. ,
, ,
, .
, ,
. . . (
:
/etc/shadow , , .)



. .
,
. ,
, .
, /var/log/
messages /var/log/secure. (
.) , , . , ,
telnet , ,
, .
, .
, .
, . , , Simple Watcher (SWATCH, http://oit.ucsb.edu/~eta/
swatch/). .
auth ( Linux
identd). , ,
, , . - ,
, . , ,
,
.
.
.

566

IV.

,
, .


,
. Linux /etc/shadow (
Linux /etc/passwd).
; .
, , ,
. , , ,
. , .
,
.
, ,
, . , , , .
, . ,
. , , . :
.

. , ,
bunpen. , , . , "yesterday I went to the dentist"
yiwttd. , . ( .
, ,
.) , , ,
.
.
.
. ,
, , . , BUnPeN
YiWTtd. ,
.

22.

567

.
,
BU3nP&eN Y+iWTtd2.
.
,
.
BU3nNe&P.
. , , . .
, , , , ,
.
, ,
, , Crack
(http://www.users.dircon.co.uk/~crypto/). , , .
, , " ,
. ,
, ,
, .
, , .
, . ( ). ,
. , , .
.
, . ,
. . .
"".
. , , . ,
Internet. , Ethernet
. , , .
,
,
, , . , .
.

56

IV.


, ,
- . ,
,
, , .
, , , , , .


, -. , .
. ,
, (
, ), . ,
.
, , .
, ,
,
. , , man, , .
,
, . (
, .)
Web-, Internet, ,
, .
,
root. ( )
, , , . , /etc/passwd. ,
. , . root
. , root
. , 1024,
. ( root
, , ,
.)
, , . ,
.
, . -

22.

569

, ,
.



.
Web- , . , , Web-, . , Web-, , . ,
Linux . , -
.
Web- Linux. Linux
Web-, , . Web Web- , . , Web-
. ,
Web-; .
. -
Linux, . , Web-
.
. Web-, ,
Internet,
Linux.
. , , . ,
, , . Web ,
.
, .
Web-, . - Web- , , .

570

IV.


, .
. .
apt-get. Debian ,
. apt-get , .
apt-get update, apt-get dist-upgrade,
, .
apt-get -s -u upgrade, apt-get
, . apt-get ,
/etc/apt/sources . list , Debian.
apt-get .
Red Hat Update Agent. Red Hat Update Agent. ,

Red Hat. . Update Agent . http:
//www.redhat.com/docs/manuals/RHNetwork/ref-guide/.

, , . , . . , ( , , ,
, tar-). , , ,
" ".
DNS
. ,
Debian, , .
apt-get . , . (
apt-get -s -u upgrade.) , , ,
, ,
.

, . -

22.

571

,
, .



, ,
, .
, . ,
Linux. , ,
.

,
,
.
Web-, ,
, ,
"". , , ,
. ;
, ,
.

, .
,
.
,
, , /etc/passwd
/bin.
. . , ,
, , .
( , . , /etc/passwd.)


Linux ,
. .
Debian RPM
.
verify ( -V) rpm.
.

572

(.

# rpm -V postfix
S.5.... /etc/postfix/aliases
S.5.... /etc/postfix/main.cf
, .
, . , "S"
, , "5"
MD5, "" , . ,
, , , , .
, , Postfix,
,
.
Debian dlocate,
Debian 2.2. ,
:
# dlocate -mdScheck postfix
MD5
postfix , .
, rpm -Va. ,

. .
, more less.
rpm dlocate .
, , : . ,
.
. ,
/bin/bash,
RPM- bash. rpm -Va . ;
, . .
,
, .
, .

Tripwire
Tripwire (http: / /www. tripwire. org).
Linux. ,
Web-. Tripwire, , , , Web-,
, , . Tripwire -

22.

573

, ,
, . Tripwire
,
. , . Tripwire
, .
Tripwire ,
.
Tripwire .
. Tripwire .
tripwire -initialize. , Tripwire , . databases ,
/usr/lib/tripwire/databases. .
. , Tripwire. tripwire -update
__, , .
. , Tripwire . tripwire
-interactive. ,
, ,
.
. .
Tripwire ,
tripwire.
. Tripwire .
Tripwire /etc/tripwire/tw. conf ig.
, ,
#, . ,
. :
[ ! | = ] [_ \ }
.
!. , . ,
.

574

IV.

=. , , , , . . =
, Tripwire , , .
. ,
, /etc /us. ,
. ,
. ,
/usr /usr/local , ,
, /usr, /usr/
local.
_. Tripwire ,
.
[ + | - ] [pinugsamcl23456789] . . .. + - . .
, , i
(mode), n , , g
, s , , m
, , 0-9
.
. . R, +pinugsm!2-ac3456789. L (+pinugsacm!23456789), , N (+pinugsamc!23456789),
, ,
(-pinugsamcl23456789), .
Tripwire,
. databases. Tripwire
/usr/lib/tripwire/databases. , .
.
, ,
-. ,
Tripwire ,
( ).
Tripwire , .

. . , ,

22.

575

Linux. ,
. .

.
,
.
Tripwire ,
. ,
, .
, . ,
Tripwire Linux.

- , ,
.

,
, Tripwire, .
.
. ,
/var/log, . ,
, . , SWATCH, , . , , ,
, , ,
- .
.
, , , , . ,
,
.
.
. , ,
. ,
, .
"" . ,
, ,
, .

576

IV.

, , .
. , , , . , , . (
.)
, ,
. , ,
Web-, Telnet- , , .
. , , ,
. . , ,
, -, ,
, .
Web-, .
,
. , , . .



.
. , , . , , ,
.
,
. , . , , , .
,
. , , ,
. ,
,

, .
. ,

22.

577

. , .
.
. , ,
. -
.
, , ,
Linux. /home
. , .
.
.
, ,
. ,
.
.
, ,
.
, , Tripwire (
) .
.
.
, .
, , , , .
, , .
,
, , , .
, .


,
,
. ,
, , , .
, ,
, ,
, ,
. , , , . Web, , ;
.

578

IV.

Web-,
Internet Web-, , , . Web- .
Web-, .
Web-, Linux.
Linux Internet Web-,
.
. , ,
.
Web- CERT/CC. Computer Emergency Response Team Coordination Center
(CERT/CC) , .
Web- CERT/CC http: //www. cert. org.
Web- CIAC. Computer Incident Advisory Capability (CIAC) Web-, http: //www. ciac. org/ciac/.
, CERT/CC.
Linux Weekly News, . Linux Weekly News
(http://lwn.net) , Linux.
Linux. (URL . , Web-,
Security Linux Weekly News.)
Web- SecurityFocus. (http://www.securityfocus.com)
. , ,
CERT/CC CIAC.
, , ,
, ,
, . ,
, ( , , ).

,

Web-, ; . Web- .
.
, .

22.

579

; , .
, . , ,
, .

, ,
, Procmail,
, .
.

. ,
. , ,
,
, .
, , Linux.
CERT/CC. Web-, CERT/CC
, .
, majordomodcert.
org, subscribe cert-advisory.
CIAC. CERT/CC, CIAC , , . , majordomo@tholia.llnl.gov, subscribe
ciac-bulletin.
Bugtraq. , . ,
. , listserv@netspace.org.
subscribe bugtraq.
comp.security. .security (, comp. security. unix). , ( ) . comp. security, firewalls.
comp.os.linux.security. Linux.

, Linux, , UNIX, Linux


-

UNIX. , Linux,
.

580

IV.

Linux,
. , , ,
, ,
,
. , , ,
, Web-, ,
. Linux, , , ,
, . , , ,
.
23, 25 26 ,
Linux.

23
hroot

,
. , ,
. , .
chroot. ,
, .
chroot ,
. , chroot,
, chroot, .

chroot
Linux /. . chroot
;
. chroot . 23.1.
, , /opt/chroot, /,
/opt/chroot. , /etc/passwd, /opt/chroot/etc/passwd ,
.
chroot chroot ( ) . chroot ( ) , chroot,
. .
chroot .
,
,
chroot.

582

IV.
chroot

. 23.1. chroot , ,

. chroot (),
chroot ( ) , . . ,
chroot. ,
, chroot.
,
chroot. , , ,
.
chroot ,
.
.
chroot Linux,
, ,
, chroot. , ,
. chroot .
chroot
, ,
. ,
chroot.
( FTP).
, Telnet,
Linux. ,
chroot.
chroot , .
. , , chroot, .

23. hroot

583

, , chroot
root, chroot ( )
. ( ,
.) root ,
chroot, . , , , ,
. , , chroot ,
.
chroot ,
. , ,
chroot DNS ,
. ,
. , ,
chroot, ,
,
, .
, chroot,
,
. , , , , ,
, .

chroot
chroot,
.
. ,
Linux,
,
.

chroot. .
BIND chroot.


chroot .
, , /. ,
. , , chroot /opt/chroot,

584

IV.

.
chroot , . ,
Linux. chroot
/bin, /sbin, /usr, /lib, /etc /var.
,
Linux; , chroot ,
, .
chroot ,
. , FTP sendmail,
/opt/chroot/f tp /opt/chroot/sendmail.


chroot, . .
chroot ( ) ,
chroot . chroot, .
chroot ( ) .
, chroot ( ) , , , ,
chroot, . , chroot ( ) .
, ,
FTP. ( FTP 21.)
chroot ( ) , chroot. chroot
, , . ,
chroot . ,
, . , , , ,
. , , tar, rpm
dpkg. , chroot ;
, . ,
, strace. strace
__, , , , .
^^
^

chroot.
, .

23. chroot

585


chroot , .
.
. . /lib /usr/lib. , , Idd. ,
, ,
Idd /usr/sbin/named.
chroot.
.
. , Web- CGI-,
Perl (/usr/bin/perl) , . Perl
chroot. , , , , ,
. , , Web-.
. .
, ,
, /dev/zero /dev/null. /dev. ,
mknod. : mknod /opt/chroot/
dev/stO 9 0. , chroot ,
.
. ,
. , /. . /etc/f stab
chroot. / , . , /

.
.
/etc/passwd, /etc/group, /etc/shadow ,
. , Pluggable Authentication Module, , ,
/etc/pam.conf, /etc/pam.dn /etc/security, /lib /lib/security (

586

IV,

). ,
chroot, .
. ,
. syslogd, chroot.
,
syslogd.
, chroot ( ) ,
, ,
chroot. chroot ( ) ,
, .
, chroot .
, , . , , ,
, (
, ). - ,
.


chroot
chroot, .
,
chroot . .
chroot.

chroot
chroot ( ) , ,
,
chroot. , ProFTPd <Anonymous>, , chroot. chroot, ,
, .
chroot ( ) , ,
Linux,
chroot.
, .
chroot. :

23. chroot

587

chroot __ _ [_]
,
chroot. , ,
, ;
. ,
/opt/chroot/bin/server, /opt/chroot , chroot :
# chroot /opt/chroot /bin/server
SysV , ,
chroot.
. , chroot ,
, . , ,
chroot. , , , SysV
.

chroot
chroot ,
, .
.
chroot root
, 0640 (rw-r
).
, , . ,
chroot, -
root.
, .

BIND chroot
chroot.
, . BIND,
18.
chroot ,
. Linux
; Debian 2.2.
^^
BIND
^ chroot. ,
chroot ( ) , FTP.
BIND.
Debian, apt-get.

588

IV.

# apt-get install bind


,
/etc/resolv.conf. , enroot
. Debian . , , :
f ps aux I grep named
root
7656 0 . 0 1.5 2184 1492 ?
S
13:29
/usr/sbin/named
# host awl.com localhost
awl.com
A
165.193.123.224

0:00 \

, BIND :
IP- awl. com,
localhost. awl. com , Internet, localhost IP . ,
(command not found), dnsutils, host. ( Linux ,
bind-utils.)
, ,
f /etc/init.d/bind stop
chroot BIND.
#
#
#
#

mkdir -p /opt/chroot/usr/sbin /opt/chroot/var/cache/bind


mkdir /opt/chroot/lib /opt/chroot/etc
cp /usr/sbin/named /opt/chroot/usr/sbin
cp -rp /etc/bind/ /opt/chroot/etc

c^^
^^

BIND
chroot.
^
. BIND
chroot ( ) ,
chroot . .
.


.
, . Idd,
chroot.
f Idd /usr/sbin/named
libc.so.6 => / l i b / l i b c . s o . 6 ( 0 x 4 0 0 1 7 0 0 0 )
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 ( 0 x 4 0 0 0 0 0 0 0 )
# cp / l i b / l i b c . s o . 6 /lib/ld-linux.so.2 /opt/chroot/lib

23. chroot

589

.
# chroot /opt/chroot /usr/sbin/named
# host awl.com localhost
awl.com
A
165.193.123.224
, , named, , chroot.
, BIND (
Debian /etc/init.d/bind) ,
chroot. , SysV
. SysV
( Debian start-stop-daemon ndc).
/var/run, chroot
.
# mkdir -p /opt/chroot/sbin /opt/chroot/var/run
# /usr/sbin/ndc /opt/chroot/usr/sbin
# /sbin/start-stop-daemon /opt/chroot/sbin
SysV startstop-daemon ndc chroot /opt/
chroot. , start-stop-daemon /, chroot.
, /etc/f stab , /, /opt/chroot/proc.
mount -, / chroot.
/ ,
| . SysV
, start-stop-daemon, SysV .
,
SysV .
# /etc/init.d/bind start
# host awl.com localhost
awl.com
A

165.193.123.224

,
chroot, /usr/sbin /etc/bind, .
, chroot.
BIND chroot,
-t named, chroot ( )
. :
# /usr/sbin/named -t /opt/chroot
, chroot , ,
named ,
. ,

590

IV.

chroot ( ) . -t SysV,
/.
chroot
Linux, . ,
chroot, ,
,
root.

chroot
chroot ,
. ,
chroot.
. Linux .
chroot, ,
. mount
bind, , ,
chroot.
2.4.x.
,
.
. chroot. , , . . .
, ,
chroot.
. ,
chroot.
. ,

.
. chroot
. , , Web- CGI,
. chroot , . .
. ,
.

23. chroot

591

chroot ,
. , .
, chroot Linux.
. chroot ( ) ,
chroot. , . chroot .
chroot , .
chroot.
chroot, . chroot ,
.

24

Linux , Linux .
PDA . ( ) Linux .
,
,
Internet. , Internet,
, , . Linux . ,
.
.
NAT- Linux,
, .
, Linux , .
, .
. , , , (LeBlanc) . Linux Routing
(New Riders, 2002).

24.

593

, ,
. ,
Internet, , ,
. , ,
:
# echo "1" > /proc/sys/net/ipv4/ip_forward

.

'

, , , ,
, . Linux,
Internet
SDSL. NAT, ,
, ,
. ,
, ,
, . , , ,
. , ,
Linux .


, . , , Internet. , ,
, , . ,
, , .
,
. , , ,
. , ,
Internet .
Internet ,
,
.

594

IV.


2.4.x .
Networking Options. IP: Advanced
Router; , IP: Advanced
Router. : , ,
, . . ,
Y ( , , ).
. , .
:
, .
2.4.17.
.


,
Linux, IP: Policy Routing. .
. , ,
. , , . IP: Use Netfilter MARK Value as Routing
Key. ,
Packet Filtering, .
NAT-. NAT ""
, Internet.
, IP-,
, . ,
NAT-,
IP: Fast NAT, NAT-.
( NAT 25.)
, , iproute2,
. .


IP- TOS (Type-of-Service
). , .
.

24.

595

, IP:
Use TOS Value as Routing Key.
iproute2. 70S . TOS,
.



, . ,
, , 10.201.0.0/16, ethl. He ,
; . , , , , ,
10.201.34.0/24, . , , .
10.201.0.0/16,
, .
IP: Equal Cost Multipath . ,
, , .
.
.


IP: Verbose Route Monitoring
. . , ,
.
, , .
,
, . ,
. (
,
, , .)


Linux , 64 . , , IP: Large Routing
Tables. .

596

IV.


, Internet- , , Web-, Web- .
, , . ,
.
255.255.255.255, , .
, , , , . ,
192.168.34.0/24 192.168.34.255.
DHCP DHCP. ,
.
( ).
- . Multicast Backbone (MBONE; http://www.cs.columbia.edu/~hgs/
internet/mbone-faq.html). Internet. ; (link-local).
, .
, , IP: Multicast Routing. ,
: IP: PIM-SM Version 1 Support IP:
PIM-SM Version 2 Support.
.
, , mrouted. Linux. , ,
ftp://ftp..com/pub/communications/ipmulti/beta-test/; h t t p : / / j u k i e . n e t / ~ b a r t /
multicast/Linux-Mrouted-MiniHOWTO.html. IP:
PIM-SM Version 2 Support, pimd (http: //netweb. use.
edu/pim/pimd/).


Linux " / " (first-come/first-served).
,
.
,
, -

24.

597

. Linux
. QoS and/or Fair Queueing,
Networking Options.
QoS and/or Fair Queueing . , , iproute2.
, ,
, , .
, .
. | 2.4.17 , CSZ, . .

iproute2
iproute2 Linux.
iproute. FTP-,
, f t p : / / f t p . i n r . a c .
ru/ip-routing/. iproute2 , (ip
tc) .

ip
ip , ,
, .
IP: Advanced Router. ip
:
ip [list | add I del]
ip .
rule. (add), (del) (list).
,
[from ] [to ] [tos _]
[dev _] [pref ]
from to IP-, tos (
, 4). dev
(, ethO), a pref . Linux , ,
. , , :
[table _] [nat ]
[prohibit I reject I unreachable]
, , nat , a prohibit,

598

IV.

reject unreachable ,
.
ip .
# ip rule add from 1 7 2 . 2 0 . 2 4 . 1 2 8 dev ethO table 2
, , ,
172.20.24.128 ethO
2. , , , 2? Linux
route. , ip route.
.
route, ,
route. ip route , route,
, . , 2 :
ip route add 1 0 . 2 0 1 . 0 . 0 / 1 6 dev ethl table 2
ip table 2,
route. , ,
10.201.0.0/16, ethl.

tc
tc ,
QoS and/or Fair Queueing. ,
, . . , ; , .
, , , ,
. tc ,
.
tc :

tc []
, tc.
. tc -statistics ( -s),
-details ( -d) -raw ( -).
. qdisc, class filter.
qdisc , ,
class ,
(
), a filter .
. , ,
tc . .

24.

599

tc , , ,
. ,
, 100 , , . , Internet
ethO, ethl;
IP- 192.168.1.0/24, 192.168.2.0/24.
ethl.
t tc qdisc add dev ethl root handle 10: cbq bandwidth lOOMbit \
avpkt 1000
.
add dev ethl. , ethl.
root. .
.
handle 10. (handle) .
cbq. ,
. CBQ (Class-Based-Queueing )
.
QoS and/or Fair Queueing.
bandwidth lOOMbit.
.
,
.
avpkt 1000. , , ,
, , .
.
. :
# tc class add dev ethl parent 10:0 classid 10:1 cbq \
bandwidth lOOMbit rate lOOMbit allot 1514 weight lOMbit \
prio 8 maxburst 20 avpkt 1000
, ,
. ,
.
. , ,
, .
class. qdisc,
class, .

600

IV.

parent 10:0. . , , 0.
classid 10:1. .
allot 1514. MTU
( ).
weight IMbit. . ,
.
prio 8. . ,
.
, .
# tc class add dev ethl parent 10:1 classid 10:100 cbq \
bandwidth lOOMbit rate SOMbit allot 1514 weight SMbit \
prio 5 maxburst 20 avpkt 1000 bounded
# tc class add dev ethl parent 10:1 classid 10:200 cbq \
bandwidth lOOMbit rate SOMbit allot 1514 weight SMbit \
prio 5 maxburst 20 avpkt 1000 bounded
classid.
, 50
. ( , 60
40 .) bounded ,
, .
, ,
. bounded, , , ""
.
, .
.
# tc qdisc add dev ethl parent 10:100 sfq quantum 1514b \
perturb 15
# tc qdisc add dev ethl parent 10:200 sfq quantum 1514b \
perturb 15
,
. Linux , SFQ (Stochastic Fairness
Queueing , ).
, . , .
, , , , (192.168.1.0/24
192.168.2.0/24). :

24.

601

# tc filter add dev ethl parent 10:0 protocol ip prio 100 u32 \
match ip dst 1 9 2 . 1 6 8 . 1 . 0 / 2 4 flowid 10:100
# tc f i l t e r add dev ethl parent 10:0 protocol ip prio 100 u32 \
match ip dst 1 9 2 . 1 6 8 . 2 . 0 / 2 4 flowid 10:200
, filter.
, .
32, IP-.
Internet . ,
. , ethl ethO,
filter dst src.


. ,
, . , ip, iproute2,
, . ,
,
, ip. .
: ,
.
, . ,
, IP-. ,
.


,
Linux, ,
.
. , .
. , , .
, . .
,
, , ,
.
, . 24.1. , -

602

IV.

172.23.0.0/16

172.22.0.0/16

. 24.1.

. ,
.

, ; internet ( ).
Internet (
).
w

. ,
. ,
.
,
.
. , .
, .

603

24.

IrodsnithUspeaker * route -n
<ernel IP routine table
destination
Gateway
192.168.1.0
0.0.0.0
127.0.0.0
0.0.0.0
D.0.0.0
192.168.1.25
IrodsnithUspeaker /] I

Genmask
255.255.255.0
255.0.0.0
0.0.0.0

Flags
U
U
UG

Metric Ref

1
0

If ace
ethO
lo
ethO

. 24.2. Metric

. , , Linux, route. . 24.2 (
, ).
Metric. , , 127.0.0.0/8 (localhost) 192.168.1.0/24 (
), , .
. , . 24.1,
, Metric. ,
Linux ; , ,
, .

, . , . 24.1, ,
, . ,
.
.
- . , .
,
.
RIP (Routing Information Protocol ).
.
. , , ,
.
,
.
OSPF (Open Shortest Path First
).

604

IV.

routed
UNIX RIP. Linux
routed, . , RIP, (, 172.22.0.0)
( , , ).
0 15. 15 ,
. RIP -
, . RIP ;
Internet .
, ,
, , ,
, 15.
routed Linux . , 4.
/etc/gateways, . /etc/gateways .
net 0 . 0 . 0 . 0 gateway 1 7 2 . 2 2 . 7 . 1 metric I active
(net 0 . 0 . 0 . 0 ) , 172.22.7.1. 1. active
, . ,
, active passive.
routed /etc/gateways,
. routed , , , RIP.
.

GateD
RIP UNIX,
. ,
, 15 ;
.
.
. ,
RIP , ,
, . , ,
, , RIP,
.
.
2 RIP (RIPv2) .
, RIP
. RIPv2 GateD (http: //www. gated.

24.

605

net). GateD /etc/gated, conf. GateD gdc,


. GateD . , RIP
RIPv2, . , GateD SysV .
RIP RIPv2, GateD OSPF.
, Zebra, .

Zebra
Linux
Zebra, ,
.
RIP. Zebra RIP RIPv2, RIP IPv6,
RIPng. RIP RIPv2 ripd, RIPng ripngd.
OSPF. OSPF ospfd,
OSPF IPv6 ospf 6d. RIP, OSPF ,
.
BGP (Border Gateway Protocol ) Internet. bgpd.
zebra. , , .
zebra ; telnet.
. , RIP RIPv2, zebra ripd.
, /etc /etc/zebra.
. , /etc/zebra/ospfd.conf
ospfd.
. ! # . , , .
hostname. ,
.
password. zebra
. .
.
enable password. , zebra. ,
, .

606

IV.

router . . , ripd. conf router rip, ospf d. conf


router ospf, bgpd.conf router bgp __
. ( IP-.
BGP ,
64512-65535.)
zebra , telnet.
2601. telnet .
$ telnet localhost 2601
: enable ( ), configure ( ) show ( ).
; ?.
Cisco, Zebra .

, , ,
, . Linux,
if conf ig route, , . , . Linux
. Linux, , , ,
, , . iproute2
, , QoS ,
.
,
.

25

iptables

Linux, TCP/IP, , . .
, , ,
TCP/IP, .
iptables Linux , .
, . iptables
NAT (Network Address Translation ).
NAT-,
. , ,
.
iptables . ,
, , .
(Ziegler) Linux Firewalls, 2nd Edition (New Riders, 2001),
(Sonnenreich) (Yates) Building Linux and OpenBSD Firewalls (Wiley, 2000).
ipchains, iptables.

iptables
2.4.x , , . 25.1. ,
.
, : INPUT

608

IV.

. 25.1.
Linux

FORWARD. ,
. INPUT .
(, Netscape, telnet .) (Apache, telnetd .). ,
. ,
, NFS, , Web- kHTTPd.
, ,
FORWARD OUTPUT.

, . 25.1.
; , , ,
. . , ,
.

, . 25.1, . ,
IP- , , ,
. , .
, , .
, . ACCEPT ( ), DROP ( ), QUEUE (
) RETURN ( -

25. iptables

609

). .
REJECT ( , ), MASQUERADE (
NAT-) LOG (
).
. , . 25.1,
filter, . nat ( NAT-) mangle (
).
. .
Linux, a iptables ,
. iptables
, . 25.1, . , INPUT , , , OUTPUT
, , .
, NAT- .
, iptables, ; .
iptables . ,
Red Hat Mandrake, ,
NAT-. , iptables, SysV
.

iptables 2.4.x.
. , 2.2.x Ipcliains; 2.0^ ipf wadm.
. iptables 2.4.x, 2.2.x. ,
(stateful packet inspection), .
.
, 2.4.x, ipchains ipf wadm.
, . ,
, ,
, . ,
, iptables,
, 2.4.x.

610

IV.

. ipfwadm i1 ipchains,mi -|>


2,4,, ,!
. ipfwadm ipchains -^
'. , . 2.0.x 2.2.x,
f , 2.4.x.
^^ , ip tables, I TCP Wrappers, xinetd , >, . '*
IP-. || , ;'^| .
;; ,
.
| iptables , ,
'> -, f . , xinetd ;,
,f , iptables .

iptables
iptables, . 2.4
Networking Options . , , .
Network Packet Filtering. Networking Options.
Connection Tracking. Netfilter Configuration
Networking Options. NAT-. ( Netfilter Configuration.)
FTP Protocol Support. NAT-
FTP. Linux
.
IP Tables Support. NAT-. ,
. , . Connection
State Match Support,
.
Packet Filtering.
NAT-, . .

25. iptables

611

REJECT Target Support. Packet Filtering , .


.
Full NAT. , , NAT, , .
MASQUERADE Target Support. Full NAT
IP- NAT-,
. ,
Help, , MASQUERADE Target Support IP-, . IP-, ,
IP- .
Packet Mangling. , , ,
mangle. Packet Mangling.
LOG Target Support.
, .
ipchains (2.2-style) Support. ,
ipchains, .
ipchains.
ipfwadm (2.0-style) Support. , ipfwadm, .
ipfwadm.

, ipchains ipfwadm, IP Tables Support Connection Tracking. , iptables .



.
, ,
iptables.
.

,
. . , iptables
ip__tables,
insmod ip_tables. , ,
/lib/modules/BepcHH/net/ipv4/netf liter. , ,
.

612

IV.

iptables
- , iptables, .
,
, . , iptables -L. -t
-, .
( filter,
iptables nat mangle.) -L
iptables , .
# iptables -L -t filter
Chain INPUT (policy ACCEPT)
target
prot opt source
destination
Chain FORWARD (policy ACCEPT)
target
prot opt source

destination

Chain OUTPUT (policy ACCEPT)


target
prot opt source
destination
, , , filter . ,
, , , , . ( SysV, firewall, .)
, -F.
# iptables -F INPUT -t filter
, filter , . , , .

iptables
iptables .
. , , .
, , , .
IP-, .


, , , .
,
. -

25. iptables

613

. ,
Telnet Internet
. . , ,
, . , ,
, proxy-, , , ,
, , . , proxy-, . ,
Java JavaScript.
, .
TCP/IP, , , , . ,
, .
,
.
,
Internet. , . (
. 25.2.) . , , Internet ,
. ,
, ,
. ,
25 . ( .)

,
" ", .
, ,
.

. , , .
NAT , . ,
, .
, , SMTP-,
. ,
SMTP-, SMTP, , SMTP- ,
. ( ,
SMTP .)
, .

614

IV.

*HxV /

'"'
*

1
II

()

. 25.2. , ,

. 25.1, ,
Linux, INPUT, FORWARD OUTPUT.
.
INPUT . , , ,
.
FORWARD .
, , .
OUTPUT . , ,
, .
.
, , ,
INPUT FORWARD, INPUT OUTPUT.
, FORWARD OUTPUT, ,
OUTPUT , , -

25. iptables

615

, FORWARD
.


, , . , ,
, .
- iptables.
# iptables -P INPUT DROP
# iptables -P OUTPUT DROP
# iptables -P FORWARD DROP
,
filter. (ACCEPT, DROP, QUEUE, RETURN . .).
ACCEPT, DROP REJECT. ACCEPT
Linux , , a DROP . REJECT, DROP, ,
, Linux , (
, , , ).
,
DROP REJECT, ,
, . ACCEPT,
, .
, , , , -
. , DROP
REJECT, . ,
.


append ( -) iptables.
,
jump ( -j), ACCEPT, DROP REJECT.
iptables, , :
# iptables append CHAIN _ jump
:
# iptables -A CHAIN _ -j
append iptables .
delete, -D. .
insert, -I. . . -

616

IV.

, iptables (
append ).
replace, -R. . , .
list, -L. .
iptables .
, iptables. ,
iptables. , , IP-.
^^
^

,
. (, Telnet ,
, ),
.
, . ,
.


. , , ,
, , 25. destination-port (dport).
, protocol (-p),
(tcp, udp, icmp all). source-port
(sport) , . , , :
# iptable(s -A INPUT -p tcp dport 25 -j ACCEPT
# iptables -A OUTPUT -p tcp sport 25 -j ACCEPT
, ,
25, ,
( 25). , , . ,
DROP REJECT,
INPUT , , , OUTPUT , ,
. INPUT destination-port, OUTPUT
source-port. ,
, , , ,
, , , , . , ,
FORWARD ,

25. iptables

617

destination-port source-port, .
IP-. , . , ,
,
SMTP .
DROP REJECT,
.
.
.
, INPUT,
source-port, , OUTPUT, destination-port. , , FORWARD ,
source-port destination-port. , IP- .
, , .
. 1024-65535.
source-port destination-port , , source-port 1024 : 65535. ! syn. ,
syn, ,
, ! , . . ,
.

IP-
IP- IP-. IP- source (-s), IP- destination (-d). ,
172.24.0.0/16, , , , ,
. :
# iptables -A INPUT -s 1 7 2 . 2 4 . 0 . 0 / 1 6 -j DROP
# iptables -A OUTPUT -d 1 7 2 . 2 4 . 0 . 0 / 1 6 -j DROP
-s -d , . , , ,
. , ,
, ,
10.34.176.0/24, SSH ( SSH
22). :

618

IV.

# iptables -A FORWARD -s 10.34.176.0/24 - tcp \


destination-port 22 -j ALLOW
t iptables -A FORWARD -d 10.34.176.0/24 -p tcp \
source-port 22 -j ALLOW
FORWARD, SSH ,
( ). ,
, . 192.168.9.0/24,
:
# iptables -A INPUT -s 192.168.9.0/24 - tcp \
destination-port 22 -j ALLOW
# iptables -A OUTPUT -d 192.168.9.0/24 -p tcp \
source-port 22 -j ALLOW

,
ethl.
, .
, , , , . , in-interf
(-i), , INPUT FORWARD, ,
out-interface (-), FORWARD OUTPUT. ,
192.168.9.0/24, , , ethl, Internet ethO. , ,
:
# iptables -A INPUT -s 1 9 2 . 1 6 8 . 9 . 0 / 2 4 -i ethO -j DROP
# iptables -A FORWARD -s 1 9 2 . 1 6 8 . 9 . 0 / 2 4 -i ethO -j DROP
# iptables -A FORWARD -s 1 1 9 2 . 1 6 8 . 9 . 0 / 2 4 -i ethl -j DROP
# iptables -A OUTPUT -s 1 1 9 2 . 1 6 8 . 9 . 0 / 2 4 -i ethl -j DROP
( ethO) , , ,
. , Internet ( ethl), IP-
, .


, Linux, . ,
, , ,
. ( syn,

25. iptables

619

, . ,
, . TCP.) , , IP-,
, . , , , ,
.

state, - . state
. , . ! state .
state.
INVALID. ,
.
NEW. .
ESTABLISHED. .
RELATED. , (, ICMP-, ).

! state INVALID
ESTABLISHED,RELATED.

state NEW,

. , ,
, DROP
REJECT, HTTP 80. , ,
,
, . ,
, :
# iptables -A INPUT -m state -p tcp dport 80 \
State NEW,ESTABLISHED,RELATED -j ACCEPT
# iptables -A OUTPUT -m state -p tcp sport 80 \
state ESTABLISHED,RELATED -j ACCEPT
. , , NEW state ,
.
Web-.
, 2.4.x.
. iptables.

620

IV.


iptables ,
. , new-chain
(-N) , fragment (-f),
, , tcp- flags
TCP-. Linux,
iptables.


, . 25.1.
, Web- SSH- , .

, , 25.1. iptables . .
, . , 25.1, .

25.1. , iptables
#!/bin/sh
iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
# NDS-
iptables -A INPUT -p udp sport 53 -j ACCEPT
iptables -A OUTPUT -p udp dport 53 -j ACCEPT
#
iptables -A INPUT -m state -p tcp dport 1024:65535 \
state ESTABLISHED,RELATED -s 192.168.9.0/24 -j ACCEPT
iptables -A OUTPUT -m state -p tcp sport 1024:65535 \
! state INVALID -d 192.168.9.0/24 -j ACCEPT
# HTTP-
iptables -A INPUT -m state -p tcp dport 80 \

25. iptables

621

! state INVALID -j ACCEPT


iptables -A OUTPUT -m state -p tcp sport 80 \
state ESTABLISHED, RELATED -j ACCEPT

# SSH-
I ( 1 9 2 . 1 6 8 . 9 . 0 / 2 4 )
iptables -A INPUT -m state -p tcp dport 22 \
! state INVALID -s 1 9 2 . 1 6 8 . 9 . 0 / 2 4 -j ACCEPT
\
iptables -A OUTPUT -m state -p tcp sport 22 \
State ESTABLISHED,RELATED -d 1 9 2 . 1 6 8 . 9 . 0 / 2 4 -j ACCEPT
# 1
iptables -A INPUT -s 1 2 7 . 0 . 0 . 1 -i lo -j ACCEPT
iptables -A OUTPUT -d 1 2 7 . 0 . 0 . 1 -o lo -j ACCEPT
, 25.1.
. iptables , , .
DROP. ,
FORWARD. ,
.
DNS. DNS, , " NDS", DNS (UDP- 53).
; .
, .
. , " ", , (1024-65535). INPUT OUTPUT
. ,
INPUT , ,
, , .
INPUT OUTPUT .

, ,
.
, Web-. Web-, , , , Web-, IP-.

622

IV.

,
.
, SSH. ,
SSH, Web-,
IP-. SSH-
.
. , , Linux (1).
.
, ,
1, 127.0.0.1.

NAT-
iptables
,
iptables . NAT-,
iptables. NAT TCP- IP, . NAT , , ,
NAT .

NAT
NAT TCP- IP. , NAT- IP- . ,
.
. , , IP-, ,
. NAT, -
Internet-, ,
, .
. NAT , , . , , Web-
. , DNS, NAT
.
. NAT IP-

25. iptables

623

. ,
,
. , ,
, NAT.
.
IP-, ""
IP-. ,
Internet . ,
NAT- .
NAT.
NAT- IP-.
NAT.
NAT . , NAT, Linux.
iptables. , NAT-,
: Internet,
.
, NAT, . NAT- .
NAT,
NAT-. , Internet,
(, Web-), ,
NAT-. ,
Web- 172.18.127.45. HTTP-; , , IP- (,
192.168.9.32). , ; NAT-. Web, NAT- , IP-
IP- (, 10.34.176.7) .
Web- , , NAT, . , NAT- , 192.168.9.32, , , ,
, . . 25.3 . ,
, NAT,
NAT-
.
NAT-, IP-, .
IP-, . ,

624

IV.

NAT-

192.168.9.32

192.168.9.33

. 25.3. NAT- IP-

. NAT ,
.
, NAT .

, NAT-,
. ,
.
NAT. IP- ,
. , NAT Linux,
, , Internet NAT- .
NAT , ,
. -

25. iptables

625

" ",
.

iptables
NAT-
NAT Linux nat,
. filter, nat : PREROUTING,
POSTROUTING OUTPUT. , OUTPUT nat
filter. NAT
:
# iptables -t nat -A POSTROUTING - _ -j \
MASQUERADE
I echo ' ' > /proc/sys/net/ipv4/ip_forward
NAT- iptables
modprobe iptable_nat.

, Internet,
ethl. Linux , , , IP-.
Linux ( ,
NAT).
NAT- . NAT-
, , Internet.
, NAT-, ,
" ", . ,
, ,
. NAT-
, .
, NAT, . , .
, NAT- . 80486.


,
.
, iptables.

626

IV.

,
.
, - Ij>NS.
.
,
.
. ,
.
, NAT-,
. NAT- , ,
.
NAT-.
,
(, ).
, .
, (, Web-),
IP-.

iptables
Linux, NAT, .
iptables. :
# iptables -t nat -A PREROUTING -p tcp -i external-interface \
destination-port port-num -j DNAT to dest-addr:port-num
.
, NAT (-t nat).
-A PREROUTING, ,
. NAT , .
, TCP- (-p tcp).
, , (-i
_) (-destination-port _
).
- j DNAT, , NAT (SNAT) NAT (DNAT).

25. iptables

627

to _:_, , .
, , 192.168.9.33,
80. , ,
to, ,
destination-port.
, .
NAT , , .
^^
, ^^ . , , xinetd. xinetd ,
, ,
.


iptables, , .
, .
, .
| , ,
. ,
, ,
.
, .
. , ,
.
iptables LOG,
. , LOG ; ,
, , . LOG .
LOG ,
, . , ,
.

628

IV.

, , ,
, .
, , , .

DENY REJECT, , .
ACCEPT, ,
, DENY REJECT
LOG.
, ACCEPT.
172.24.0.0/16;
.
#
#
#
#

iptables
iptables
iptables
iptables

-A INPUT -s 1 7 2 . 2 4 . 0 . 0 / 1 6 -j LOG
-A OUTPUT -d 1 7 2 . 2 4 . 0 . 0 / 1 6 -j LOG
-A INPUT -s 1 7 2 . 2 4 . 0 . 0 / 1 6 -j DROP
-A OUTPUT -d 1 7 2 . 2 4 . 0 . 0 / 1 6 -j DROP

, ,
DROP LOG.
, . ,
LOG DROP, ,
, .
/var/log/messages , .
Nov 18 22:13:21 teela kernel: IN=ethO OUT=
M A C = 0 0 : 0 5 : 0 2 : a 7 : 7 6 : d a : 0 0 : 5 0 : b f : 1 9 : 7 e : 9 9 : 0 8 : 0 0 SRC=192.168.1.3
DST=192.168.1.2 LEN=40 TOS=OxlO PREC=OxOO TTL=64 10=16023 DF
PROTO=TCP SPT=4780 DPT=22 WINDOW=32120 RES=OxOO ACK URGP=0
.
. .
. teela.
. IN=ethO ,
ethO.
. , OUT= .
-. = -:
.

25. iptables

629

IP- . SRC= DST=


IP- .
. SPT= DPT=
.
.
, , (LEN=), (TTL=) .
LOG ,
, .
log-prefix . 29 , ,
.

iptables ,
NAT, . . ,
, , NAT- . iptables
, .
iptables .

26

Internet .
, Telnet FTP, . , ,
. ,
, Internet, , .
, .
f ,
. , , .
Kerberos, 6.

. . ,
, , (VPN Virtual Private Network). , .
VPN
Internet, . , VPN .
, VPN,
VPN: PPTP FreeS/WAN, .

26.

631

VPN
VPN . , Internet, VPN. VPN
.
VPN . . , ,
, , TCP Wrappers
, . VPN ,
, .
VPN , , . VPN , , ,
. ,
, NFS Telnet, VPN
Internet. ( , , .)
, VPN, ; VPN.
, .
, ,
, .
, VPN.
VPN
. ,
-. VPN, ,
. VPN . 26.1. VPN-, , , NAT , .
VPN-
, .
. 26.1 ,
VPN
.
VPN .
. VPN- . VPN-, .
. 26.2.

632

IV.

. 26.1. VPN ,
,

VPN,
. , ,
. ,
, .
Ethernet, 100 , VPN-

VPN-

VPN-

. 26.2. VPN

26.

633

1 1,5 , .
ADSL-, ,
.
600-1500 ,
100-300 . ,
Internet , 56 .

VPN . VPN ,
. , VPN
. ,
.
, VPN, , . ,
, , , VPN - , ,
SSH.

,
VPN
, VPN. , VPN, . , VPN.
(Point-to-Point Tunneling Protocol )
Forum, , . , , .
Windows.
- Linux; (http://poptop. lineo.
com).
FreeS/WAN. FreeS/WAN (http: //www. f reeswan. org) VPN- Linux.
. VPN,
Linux.
SSH. SSH VPN.
VPN. .

634

IV.

, Windows- VPN-. ; ,
(remote access switch). FreeS/WAN
, Linux. VPN , VPN-
Linux.

Linux
Linux, Linux,
. - pppd. ,
pppd . pppd
. - Linux, Windows;
, -.


Linux, Debian
Mandrake. pptpd pptpd-server.
, Linux, ,
, Internet. Linux
, Web- ,
http://poptop.lineo.com.
Linux
VPN. ,
, pppd. , (Microsoft Point-to-Point
Encryption Microsoft).
- pppd Linux.
.


.
.
1. /etc/ppp/options. pppd, VPN-
. /etc/ppp/options
.
debug
name _
auth
require-chap

26.

635

192.168.1.1:192.168.1.100
. ; , VPN- (192.168.1.1), , VPN- (192.168.1.100).
, IP-, VPN-. VPN.
2. /etc/ppp/chap-secrets ,
.
vpnl vpnpass.
vpnl * vpnpass *
/etc/ppp/chap-secrets | , .
root . ,
. , VPN-,
.
3. /etc/inittab pptpd , #.
telinit Q, .
pptpd
. , ,
/etc/inittab
.
4. root pptpd, .
-
. ,
. ,
.
| ,
. VPN , ,
VPN .
, /etc /etc/ppp. /etc/ppp.
.

636

IV.

debug. ,
. ,
.
localip. IP-: , . IP-
localip. , , . , localip 192 .168.9.7,192 .168 .
9.100-150 192.168.9.7 192.168.9.100
192.168.9.150. , .
remoteip. IP-, .
,
. IP- , localip.
listen. IP-,
, pptpd , .
.


pppd, , ,
. , , pppd , a pppd
, Linux.
pppd,
.
, pppd
Linux. , http:
//mirror.binarix.com/ppp-mppe/.
.
Linux. Linux ,
kernel, kernel-2 .4 . 9-13mppe.i386.rpm.
,
, . ,
.
. pppd - 2.4.1- 3mdk. i 5 8 6 .
rpm .
pppd.
~_
http://mirror.binarix.com/ppp-mppe/ , Mandrake,
Linux, , . , , .

RPM,
alien. Debian
RPM, Debian tar-.

26.

637

, http:
//pptpclient. sourcef orge. net. , -mppe, pppd ,
.
-
,
. .
Linux. Linux ,
http: / /www. kernel. org. Linux , ,
, .
pppd. ftp:
//cs.anu.edu.au/pub/software/ppp/.
OpenSSL. - ,
OpenSSL OpenSSL. http://www.openssl.org.
Linux. http://mirror.binarix.com/
-mppe/ , linux
patch.gz, linux-2.4.16-openssi-0.9.-bmppe.patch.gz.
pppd. pppd http: / / m i r r o r . b i n a r i x . com/ppp-mppe/.
patch. gz, -2 .4 .1-openssl0.9.6-mppepatch.gz.
, , pppd.
, pppd, ( gunzip filename,
patch.gz), (cd ___;
patch -pi < patchfile .patch), (make menuconfig
make xconfig Linux . /configure pppd),
(make bzlmage make modules Linux make pppd)
( make modules\_install LILO Linux, make install pppd).
, , ,
, .

-
- Windows,
, Windows
. - Linux
. VPN- VPN-

638

IV.

, . ,
.

- Linux
-, Linux. , Linux,
-, PPTP-Linux.
, http://cag.lcs.mit.edu/~cananian/
Projects/PPTP/ http://pptpclient.sourceforge.net. http:
//pptpclient.sourceforge.net PPTP-Linux
TAR- RPM, 86 Alpha.
PPTP-Linux , , .
, PPTP-Linux
pppd . ,
, pppd . .
PPTP-Linux.
PPTP-Linux pptp-command. PPTP-Linux .
1. pptp-command.
2. : start, stop, setup quit. 3.
3. , . 2, Add a New CHAP secret.
4. .
VPN. VPN- Windows,
NetBIOS. , arbor\\maple,
maple arbor.
5. .
( ).
,
.
6. . ,
VPN-.
7. ,
. 5 Add a NEW PPTP Tunnel.
8. . , ;
Other.
, , Other.

26.

639

9. , , IP- VPN-
.
route. , add -host 172.19.87.1 gw DEF_GW
, 172.19.87.1
.
10. . 7 Configure
resolv.conf.
11. , 9. DNS, /etc/resolv. conf. .
12. . 8 Select a
default tunnel.
13. . ,
9 ( ).
14. 9 Quit.
.
PPTP-Linux -. VPN- pptp-command. , 3, 1 (start).
. VPN .
VPN-
VPN. VPN- , VPN- ping. traceroute, , VPN. Internet- , ,
. VPN- VPN
- , Linux
.

- Windows
- Windows, , . Windows 9x/Me Windows NT/2000/XP,
. Internet-. -
Windows Me.
1. Add/Remove Programs Control Panel.
Add/Remove Programs Properties.
2. Add/Remove Programs Properties Windows Setup.

640

IV.

. 26.3. VPN- Microsoft VPN Adapter, ,


3. Communications .
Communications.
4. Communications Virtual Private Networking.
5. Communications, Add/Remove
Programs Properties. Windows . , .
6. Dial-Up Networking Control Panel.
7. Make New Connection. Make
New Connection Wizard, . 26.3.
8. , , Microsoft
VPN Adapter (. . 26.3).
9. Next. Make New Connection , IP- VPN.
10. Next. ,
. Finish.
Dial-Up Networking . , Windows Connect
, . 26.4. , , IP- VPN. Connect
( ).
IP-, VPN. , ,
, My Network Places ( Windows

641

26.

, ' J=. Ititewt,Window? , WbAwj ME


-AdyancedepfonE'r;'

|7 JEnabte software yxnnico>ai


vPNLhk
rAlowednelwoik

A-'-v-M

Connect

I. ' .^enite t

. 26.4. Connect To
VPN-

. 26.5.
VPN-,

Network Neighborhood).
. , , , ,
.
. 26.4, Connect To
. , , Connect
Automatically, Windows,
. Properties
. , . 26.5,
VPN-. ,
Networking Security. ,
Networking, ,
, , VPN.
TCP/IP Settings, IP DNS . Security .
, NetBIOS. ,
, .

FreeS/WAN
FreeS/WAN , ,
Linux. , FreeS/WAN
, Internet. ,

642

IV.

FreeS/WAN, . .
FreeS/WAN ,
. FreeS/WAN,
(http: //www. freeswan.org/freeswan_
trees/freeswan-1. 91/doc/conf ig.html).

FreeS/WAN
FreeS/WAN Linux SuSE Mandrake.
FreeS/WAN, Web- FreeS/WAN, http: //www. freeswan.org. , FTP (ftp:
//ftp.xs4all.nl/pub/crypto/freeswan/), Web-, . FreeS/WAN , . FreeS/WAN Linux, ,
.
, FreeS/WAN Web-.
FreeS/WAN .
. FreeS/WAN , GCC, make, .

Linux.
. FreeS/WAN Linux, /usr/src/linux.
,
FreeS/WAN.
GMP. FreeS/WAN GMP (http: //www, swox.
com/gmp/).
Linux. , .
ncurses. FreeS/WAN
ncurses. , .
, ,
.
FreeS/WAN .
1. , .
2. FreeS/WAN, , usr/src. f reeswan-,
.

26.

643

3. FreeS/WAN , ,
Linux FreeS/WAN. make oldgo FreeS/WAN,
, make ogo make conf ig, make menugo
make menuconf ig, make xgo make xconf ig.
.
4. make kinstall .
, make modules_install
.
5. LILO, GRUB ,
Linux. /usr/src/
linux/arch/architecture-code/boot, /etc/lilo.
conf ( ) lilo (
).
6. . ,
.
FreeS/WAN.
/etc/ipsec. secrets, . , ,
( ).
FreeS/WAN, , .
, , , FreeS/WAN , .


FreeS/WAN : /etc/ipsec.secrets
/etc/ipsec.conf. . /etc/
ipsec. secrets , /etc/ipsec. conf .


, FreeS/WAN /etc/
ipsec. secrets, .
,
# ipsec rsasigkey 128 > /root/rsa.key
128- /root/rsa.key.
, , . ,

644

IV.

, . :

: RSA {
RSA . ,
,
(}). /etc/ipsec. secrets.
VPN-, FreeS/WAN.
, ipsec rsasigkey,
, #pubkey=. ,
, . ,
.

ipsec.conf
FreeS/WAN /etc/ipsec.
conf. , , , . /etc/ipsec. conf :
config setup, conn %default conn remotename.

config setup . /etc/ipsec.
conf, , :
config setup
# THIS SETTING MUST BE CORRECT or almost nothing will work;
# %defaultroute is okay for most simple cases,
interfaces=%defaultroute
# Debug-logging controls: "none" for (almost) none, "all" \
for lots.
klipsdebug=none
plutodebug=none
# Use auto= parameters in conn descriptions to control \
startup actions.
plutoload=%search
plutostart=%search
# Close down old connection when new one using same ID shows \
up.
uniqueids=yes
interfaces, FreeS/WAN , VPN. %def aultroute , FreeS/WAN
. . interfaces
ethO pppl:
interfaces="ipsecO=ethO ipsecl=pppl"

26.

645

klipsdebug plutodebug KLIPS (Kernel IP Security IP- ) Pluto. Pluto


FreeS/WAN . , all.
Pluto FreeS/WAN. plutoload plutostart , .
, , , ; .
,
,
conn. FreeS/WAN
%default. , , .
keyingtries. , FreeS/WAN
. 0 ,
.
, keyingtries .
authby. ,
authby=rsasig. , RSA. ,
.
, ,
. ,
, .
,
.
,
, conn. conn , . , ,
. , conn, . . 26.6, ,
FreeS/WAN. VPN-, , "". FreeS/WAN IP-, .
.
le f t subnet. , FreeS/WAN.
, . 26.6, 172.16.0.0/16.
left. , VPN.
%def aultroute,
IP-. . 26.6 10.0.0.1.
lef tnexthop. IP- , VPN. , . 26.6, 10.0.0.10.

646

'

IV.

, KLIPS , ,
.
leftfirewall. , VPN-,
IP-, (,
NAT), VPN-
, leftf irewall=yes.
rightnexthop. IP- , .
right. VPN. . left, .
rightsubnet. IP- . ,
. 26.6, 192.168.1.0/24.
lef tid. "" . IP-,
, @ (, @vpn. threeroomco.
com). , @, ,
IP-.
rightid. "" VPN-.
lef trsasigkey. RSA- /etc/ipsec. secrets "" VPN-.
rightrsasigkey. RSA- /etc/ipsec.secrets
"" VPN-.
auto. plutoload plutostart ,
FreeS/WAN.
plutoload=%search auto=add, , , , plutstart=
%search auto-start, .
, "", "". , . ,
, , boscinci, , , "", , , "".
; FreeS/WAN , ,
.

647

26.

leftsubnet:
172.16.0.16

172.16.1.1

VPN-
left: 10.0.0.1
leftnexthop: 10.0.0.10


rightnexthop : 10.88.23.10
right: 10.88.0.1

VPN-
192.168.1.1

rightsubnet:
192.168.1.0/24

. 26.6. FreeS/WAN , VPN

648

IV.


FreeS/WAN
: ipsec ,
.
, ,
ipsec . ,
; , FreeS/WAN
.
ipsec ,
# ipsec setup start
,
plutoload, plutostart auto, , . auto=add,
, .
,
# ipsec auto up
ipsec , boscinci. . , ,
ipsec look.
VPN, , . , ping, traceroute
telnet, , Internet,
, VPN.
/etc/
ipsec. conf. ,
ipsec setup start.
FreeS/WAN SysV
.

VPN
VPN .
. VPN . 26.1, 26.2 26.6.
,
. VPN ,
VPN- Windojvs. Windows :
VPN, Internet-.
. 26.7.
VPN , ,
, Internet-

649

26.
VPN-

VPN-

. 26.7. VPN- , Internet-,


( , VPN-). , Windows ,
. , VPN- , , ,
. , VPN-, , , ,
.
VPN .
VPN. VPN-
, . , VPN-
: VPN-
. VPN- ,
, VPN- , ,
. , , .
VPN-. , VPN-,

650

IV.

, . ,
VPN,
VPN- , Internet-. VPN X Window,
-, .
VPN-.
. , -,
,
.
, , iptables,
25. VPN-,
.

VPN . ,
Internet-. ,
, .
VPN , Linux. VPN
, PPTP-Linux,
FreeS/WAN.
VPN-, a FreeS/WAN .
VPN, ,
, VPN-
.


Access Control Lists, 157
ACL, 157
Address Resolution Protocol, 60
ADSL, 40
Advanced Maryland Automatic Network Disk
Archiver, 413
AMANDA, 390; 413
Analog, 525; 527
Apache, 494; 495
AppleTalk, 36; 81; 85; 86
apt-get, 570
ARCnet, 38
ARP, 60
ASHE, 524
Asymmetric DSL, 40
ATM, 36
August, 524

BGP, 605
BIND, 432; 433
Bitstream Speedo, 360
Bluefish, 524
Border Gateway Protocol, 605
BSD FTPD, 557
bzip2, 595
Caldera Open Administration System, 68
ccTLD, 431
CDDI, 38
CGI, 508
CGI-, 505
Challenge Handshake Authentication Protocol,
73
CHAP, 73
chkconfig, /00
CIDR, 59
CIFS, 35; 85; 174; 207
Classless Inter-Domain Routing, 59

Cleanfeed, 283
COAS, 53; 68
Common Gateway Interface, 505
Common Internet Filesystem, 35; 85; 174; 207
Common UNIX Printing System, 226
Coordinated Universal Time, 243
Copper Distributed Data Interface, 38
Country code top-level domain, 431
Courier, 264; 450
CUPS, 226; 232
Cyrus IMAP, 263

D
DAT, 397
DECnet, 36
DHCP, 51; 126
Digital Audio Tape, 397
Digital Linear Tape, 39/
Digital Subscribe Line, 40
DLT, 39/
DNS, 66
DNS-, 426
dnscache, 432
Domain Name System, 66; 426
DSL, 40
DUL, 458
Dynamic Host Configuration Protocol, 51; 126

E
Encapsulated PostScript, /96
EPS, /96
Ethernet, 37
Exceed, 326
Exim, 447; 449; 467

ext2fs, 4//

FAT, 408; 411


FDDI, 35
Fetchmail, 254; 265
fetchnews, 292

652

Fiber Channel, 39
Fiber Distributed Data Interface, 38
File Allocation Table, 408
File Transfer Protocol, 84; 534
FontTastic, 369
FreeS/WAN, 633; 641
FreeType, 368
FTP, 84; 85; 534

G
GateD, 605
GDM, 335; 338
gFTP, 312
Ghostscript, 194
GIF, 522
Giganews, 280
Global Positioning System, 242
GMP, 642
GMT, 243
GNOME, 71
GNOME Display Manager, 335
GNOME PPP, 71
GNOME RPM, 557
GNU Network Object Model Environment, 71
GPS, 242
Grand Unified Boot Loader, 49
Graphics Interchange Format, 522
Greenwich Mean Time, 243
GRUB, 49
gTLD, 431
gzip, 395

ipchains, 609
ipfwadm, 60P
iptables, 607; 60P
IPv4, 32
IPv6, 32
IPX, 36; 81; 89
ISC, 729

Joint Photographic Expert Group, 523


JPEG, 523

Desktop Environment, 71
kadmin, /53; 162
KDC, 147
KDE, 71
KDE Display Manager, 335
kdestroy, 163
KDM, 335; 337
Kerberos, 145
kHTTPd, 495
kinit, 163
klist, 163
klogind, 760
KMail, 255
Konqueror, 525
kpasswd, 163
KPPP, 71
kpropd, 760
ksysv, 776; 720

H
Heimdal, 752
High Performance Parallel Interface, 39
HIPPI, 39
hostnane, 67
HTML, 520
HTTP, 34; 85; 492
Hypertext Transfer Protocol, 34; 492

I
ifconfig, 56
MAP, 256; 260
inetd, 705
INN, 252
Internet Explorer, 525
Internet Message Access Protocol, 256
Internet Software Consortium, 129
InterNetNews, 282
Internetwork Packet Exchange, 36; 89
IP, 84

Leafnode, 250; 292


LILO, 48; 49
Line Printer Daemon, 223
Linux Loader, 48
Linuxconf, 53; 65; 776; 372; 374
LinWare, 90
LocalTalk, 35
LPD, 223
LPRng, 226
Lynx, 525

M
-, 729; 734
Mail Abuse Prevention System, 455
MAPS, 455
Mars_nwe, 90
Maximim Transfer Unit, 57
Maximum Segment Size, 62

653


MBONE, 596
MSS, 62
mt, 399
MTU, 57
Multicast Backbone, 596
mutt, 255

N
named, 433
NAT, 64; 607; 622
NAT-, 607; 622
nbadmin, 93
nbstatus, 93
nbview, 93
NCP, 89
ncurses, 642
NEdit, 347
Netatalk, 36; 87
netb, 93
NetBEUI, 81; 85; 91
NetBIOS, 55; 174
NetBIOS Extended User Interface, 85
Netscape Navigator, 525
netstat, 560
NetWare Core Protocol, 89
Network Address Translation, 64; 607
Network Basic Input/Output System, 85
Network Filesystem, 34; 207
Network Information Service, 272
Network News Transfer Protocol, 280
Network Time Protocol, 241
NewsGuy, 250
newsq, 292
NFS, 34; 85; 207
NIS, 272
nkitserv, 306
NNTP, 55; 250
NTP, 241
ntpdate, 244
ntpq, 244
ntptrace, 244
ntsysv, 102
nupop, 263

Open Shortest Path First, 603


Open System Interconnection, 52
OpenMail, 450
OpenSSH, 311
Opera, 514; 525
OSPF, 603; 605

-, 452
Packed Font, 355
, 765
PAP, 73
Parallel Line Internet Protocol, 43
Password Authentication Protocol, 73
PCF, 355
PDF, 205
pdnsd, 432
PFA, 367
PFB,367
pine, 255
PKI, 311
FLIP, 43
Pluggable Authentication Module, 765
PNG, 522
Point-to-Point Protocol, 42; 51
Point-to-Point Protocol over Ethernet, 40
POP, 256; 255
PoPToP, 634
Portable Compiled Font, 355
Portable Network Graphic, 522
portmap, 211
Post Office Protocol, 256
Postfix, 447; 449; 474
PostScript, 792
PostScript Printer Description, 233
PostScript-, 792
PostScript-, 793
PostScript-, 792
PowerTools, 474
PPD, 233
PPP, 42; 51; 70
PPPoE, 40; 70
PPTP, 633
PPTP-Linux, 635
Printer Font ASCII, 367
Procmail, 447; 481
ProFTPd, 537; 543
ps, 559
Public Key Infrastructure, 377

qmail, 449
qmail-pop3d, 264
QoS, 33
QPopper, 264
quality of service, 33

654

R
-, 301
RBL, 458

, 312
Remote Procedure Call, 210
Respond, 200
rewinding device, 398
RIP, 603; 605
RIPv2, 605
rlogind, 300; 301
route, 61
routed, 604
Routing Information Protocol, 603
Roxen, 494
RFC, 210
rshd, 400
RSS, 458
Samba, 35; 174
Samba Web Administration Tool, 372
scp, 312
SDSL, 40
Secure Hash Algorithm, 458
Secure Shell, 310
sendmail, 447; 449
Sequences Packet Exchange, 89
Serial Line Internet Protocol, 43
Server Message Block, 35; 85; 174; 207
Server Normal Format, 358
Server Side Includes, 505
SFQ, 600
sftp, 312
SHA, 458
Simple Mail Transfer Protocol, 256; 447
SLIP, 43
Smail, 450
SmartList, 488
SMB. 35; 85; 174; 207
smbmount, 408
smbtar, 406
SMTP, 55; 256; 447
SMTP-, 452
SMTP-, 452
SNF, 358
SpamBouncer, 488
SPX, 59
SSH, 55; 300; 370; 311
ssh-agent, 319
sshd, 372
SSI, 505

SSL, 573
Start of Authority, 440
Slash-, 55
Storm Package Manager, 557
strace, 584
Supernews, 250
SWAT, 372; 353
Symmetric DSL, 40

tar, 394
tc, 5P5
TCP, 84
TCP Window Size, 62
TCP Wrappers, 106; 107
TCP/IP, 84
telinit, 104
Telnet, 55; 300; 305
telnetd, 306
TeX, 355
texpire, 2P2
TFTP, 326
TGS, 149
TOT, 149
thttpd, 495
Ticket-granting service, 149
Ticket-granting ticket, 149
TightVNC, 344
TLD, 427
Token Ring, 35
Top-level domain, 427
TOS, 594
TridiaVNC, 344
Tripwire, 572
Trivial File Transfer Protocol, 326
TrueType, 360
TurboLinux Configuration Cmter, 69
Type-of-Service, 594
Type 1, 360
Type 3, 360
Type 42, 360
Type 5, 360

Uniform Resource Locator, 492


Update Agent, 570
URL, 492; 501
USB, 40
Usenet, 275
UTC, 243
UW IMAP, 262; 263

655

Virtual Network Computing, 322


Virtual Private Network, 312; 630
VNC, 322; 342
VPN, 312; 630

WAN-, 41
Web-, 524
Web-, 492
Web- , 494
Web-, 492
Webalizer, 525; 550
Webmib, 69
Webmin, 372; 379; 380
WebSphere, 524
WU-FTPD, 538; 539
WYSIWYG, 523

X Display Manager, 335


X Display Manager Control Protocol, 334
X Logical Font Descriptor, 367
-, 330
-, 327
-, 324
-, 325
-, 331
X-, 323; 326
xauth, J25
XDM, 555
XDMCP, 554
XDMCP-, 555
XFree86, 526
XFree86-xfs, 361
xfs, 361
xfsft, 562
xfstt, 56/
xhost, 527
xinetd, 110
XLFD, 567
Xmanager, 526
xntp, 244
xntp3, 244
xntpd, 244
xntpdc, 244
Xtools, 526
X Window, 524

YaST, 55; 68; 116; 118; 557


YaST2, 55; 68; 116; 118

z
Zebra, 605
Zeus, 494

, 199
, 448
, 566

-, 554; 548
, 557
, 129
, 729
, 41
, 520
, 188
, 75; 745; 572; 554
Kerberos, 745
, 575

, 577
, 566
, 556

, 47
, 47
, 745
, 556
, 746; 605; 672
NAT-, 594

, 759; 760
, 455; 456

, 759
, 456
, 572; 650

, 576
, 576
, 757
, 456
, 422
., 622
, 240
, 455; 456
, 566

656

, 181
, 41
, 571

DHCP, 131
, 348
, 29

, 243
NIS, 212
, 275; 281
, 596

, 283
DHCP, 129
, 520
DNS, 144
IP-, 56

DNS-, 429
IP-, 130
, 496; 543
, 333-335; 337
, 598
, 183
, 91; 177
NetBIOS, 777
TCP/IP, 777
, 427
,
431
, 242

, 451; 453
, 451; 453
, 314; 512

, 441; 450
CNAME, 441
MX, 442; 451
NS, 441
PTR, 441
SOA, 440
, 95
, 240
, 356
, 86; 436

, 96
8.3, 408
, 397
, 48
, 311

, 191
SysV, 95
, 33; 596
, 147

, 164
, 161; 162
, 541
IP-, 59

AMANDA, 415
BSD LPD, 225
CUPS, 233; 237
DHCP, 52
Kerberos, 148
LPRng, 232
NTP, 241
VNC, 342
X Window, 325
, 392
, 150
, 634
, 43
, 174; 182
, 356; 359
, 436

, 427
, 427

, 240
, 374; 5/2
, 367
, 455
, /45
, 596
, 455
, 436
, 605
DNS, 429
, 114

657

, 391
, 62
, 594
, 32; 63; 592
, 592
, 57
, 454; 462; 474; 475
, 356
, 147

ad-hoc, 142
interim, 142; 143
, 62; 601
, 106
OSI, 82
, 255
, 255
, 51; 503
, 44
, 367
, 276

Telnet, J07
, 359
,
565
, 410

, 525
, 346

, 148; 154
Kerberos, 148; 154
, 557
DNS, 142
, 436
, 442
, 27
, 314; 512
, 1
, 410
DHCP, 131
, 148

, 174
, 180
, 755
, 183

, 180

, 314; 512
, 460

, 218
, 210
, 194; 195

signal 11, 47
, 242

, 29
DHCP, 129
, 436
, 56
, 613
, 112
, 625
, 556
chroot, 54.2; 557
, 242
, 556

, 565
, 6/5

, 422
, 57
, 67

, 504
, 205
, 598
, 257
, 755
, 675
SUID, 205
, 502
, 148; 157
, 679
, 567

Kerberos, 145
, 257
, 254; 447
, 257
,254
, 772
, 627

658

, 182
, 504
, 553
, 67
, 200; 413
, 34
, 557
, 354

, 91; 177
, 27
, 333

, 176; 185
, 790,
, 410
, 180
, 790
, 62
, 356
, 622
, 147
, 359
, 356
, 623
, 593
, 41

, 487

, /75
, 57
, 57
, 205
, 390
,
, 2; 399
, 392; 401
, 183
, 359
, 256; 448; 455; 477
, 482
, 527; 530
, 590

, 362
, 359

AMANDA, 414

BSD LPD, 225


CUPS, 233
DHCP, 52; 727
DNS, 742; 426; 427
FTP, 534
Kerberos, 148; 152
LPRng, 229
NBNS, 779
NFS, 208
NTP, 241
Samba, 777
VNC, 342
WINS, 779
XDMCP, 334
X Window, 325
, 174; 426
NetBIOS, 1 78
, 278
, 256
, 790
, 255; 256
Kerberos, 767
, 392
, 300
, 354; 360
, 572
, 573

, 57
, 56

SIGUSR1, 773
SIGUSR2, 773

GID, 279
UID, 279
, 557
, 240
, 775
, 41
, 253; 455; 457; 479
IP-, 457
, 334; 335; 337
, 27
IP-, 56; 727

TCP/IP, 85
, 81
, 95; 705; 770

postexec, 797

659


, 797
Samba, 797
SysV, 95
, 620

, 60
, 594
, 367
, 331
, 312

, 372
, , 305
, 243
, 431
, 773
, 96; 703

, 398
, 398
, 39
,
700

, 134
, 30; 471
, 594
, 505
, 317

, 147
, 147
, 608

, 422
, 397

, 179
, 179
, 128
, 312; 512; 535
, 32
, 354

, 148
, 272
, 242

, 767; 330
, 728
, 775
, 525
, 184

, 26
, 27
, 758

Linux
. .
. .
. .
. .
. .
. .

,
,

"".
101509, , . , . 43, . 1.
. . 090230 23.06.99
.
27.02.2003. 70x100/16.
Times. .
. . . 47,7. .-. . 44,6.
3000 . 2537.
" "
,
.
197110, -, ., 15.

TCP/IP

.
&;


.'.'! * x


,
. TCP/IP
Internet.
.


,
. ,
,

.

,
Linux. /

.
, , , , . ,
,

.
, .
, , .

www.williamspublishing.com

LINUX


Linux


.

,

,



.



.

Linux: Red Hat 7.2,
SuSE 7.3 Debian 3.0.
,



Linux-.



www.williamspublishing.com .
,
,
,
Linux.

,
,

.

,
,

LINUX -

,
,

www.williamspublishing.com


:
, 2- ., Linux. .

Linux , .
,
,
, Linux. ,
Linux Unix ,
,
Linux, .

.


.

,
,
-
.


LINUX
.

Linux*

www.williamspublishing.com

Internet


.

,

Internet.


Linux,
,


DMZ.


,

.

ipchains,
Red
Hat .6.0.
.
, ,
-
ipchains,

ipfwadm.

,

,
.


.


,
,
,

.


LINUX.

Linux

www.williamspublishing.com




, . ,


Internet,
. , ,
, ( ,
).
( ) Linux .

.
sendmail

Internet, (
). ,
,
.


Linux.
,

, .
,
.
.

, ,

,
.

, , -
.

-! i
Java C++,
.

RPC, SSL,
,
,
IPv6.
,
,
.
www.williamspublishing.com ,
.


.

LINUX.

Linux

"


LINUX


, Linux

Linux.
,
,
,

- , Linux, ,

.
- . Linux (RIP-1, RIP-2
OSPF), (DVMRP,
MOSPF, PIM-SM PIM-DM)

(EGP, BGP, BGMP MSDP).

IPv4 IPv6

. Linux Linux
, routed, gated, mrouted, pimd,
pppd, rip2ad pptpd;
, ifconfig, netstat, route, arp, ping, traceroute tcpdump; Linux
'
,
, .
. , www.williamspublishing.com

, .


Linux,
,
,
.

Linux*


LINUX,
- .

www.williamspublishing.com

Linux
,
Linux, ,
.


KDE GNOME,
,

Linux
.
.

Caldera
OpenLinux, Red Hat Linux Debian
GNU/Linux,
Linux.


Linux
, .

^^

;- ^;;:;^

C++.
C++ Iii-Depth, . 1
.

C++.
,

C++.
,
.
C++,
-,
,
. ,
C++. * ' "

C++.
C++ In-Depth, . 2
^ ;;'' * ~, ^
, . My
'/%,,: ,.,' * -"'

, , ,
+-
C++ ,
,
. -
C++, ,
, , C++
, .
" /-^^'-*///'-*,

C++.
C++ In-Depth * 3

'"'?,-<
,
,
- C++.
, ,
, C++ , .
.
Loki, Web-
. C++.

" C++.
C++ In-Depth, . 4
Cammep


C++
Exceptional C++ More Exceptional C++ ,
C++ In-Depth, ,
C++.
Guru of the Week,
C++, ,
.

www.dialektika.com

... ""
I .
\ ,
I . 180 ...
I "".
[ :

| 100% , ,
i . , ,
1 , ,
] :

I <
:

| |
|
"-"

www.williamspublishing.com

Cisco SYSTEMS

I. www.ciscopress.ru

Linux/


,

.
, ,
,

.
'
Linux , ,
, .
,
.
II , . DHCP, Kerberos, Samba,
, . III
Internet- DNS, SMTP (sendmail, Postfix Exim), HTTP (Apache)
FTP. IV , enroot,

iptables VPN.

.

i
:
Calde
OpenLinux, Debian GNU/Linu
Mandrake, Red Hat, Slackware, SuS
Turbo Linux.
<
.



Linux
[




, :



" Linu

.
,
Linu?

.
Linux.
, Broadband Internet Connections (Addison-Wesley, 2002), Linu
Samba Server Administration (Sybex, 2001), The Multi-Boot Configuration Handboo
(Que, 2000), Linux: Networking for your Office (SAMS, 2000). ,
Tufts University.

ISBN 5-8459-0426-9

www.williamspublishing.com

ADDISON

WESLEY http://wvw.awl.com/cseng/

9 "785845"904263"