oracle_11g_install

Posted On 2008年11月8日星期六 at 时间: 23:27:00 by David Lu  

CentOS5.2 + oracle 11g
1. 用 root 登录你的 linux 系统图形环境 oracle 安装的时候需要图形接口
2. 硬件需求:
a. 至少 1G 的物理内存
b. swap 分区为 1.5~2 倍的物理内存
RAM Swap Space
Between 257 MB and 512 MB Double the size of RAM
Between 513 MB and 2048 MB 1.5 times the size of RAM
Between 2049 MB and 8192 MB Equal to the size of RAM
More than 8192 MB 0.75 times the size of RAM
c. /tmp 要有 150~200M 的容量,并且磁盘上要有 1.5~3.5G 的容量来安装 oracle 软件
Installation Type Requirement for Software Files (GB)
Enterprise Edition 3.47
Standard Edition 3.22
Custom (maximum) 3.45
3. 软件需求:
a. 操作系统: CentOS5.2
b. 内核需求: 2.6.18
c. 软件包需求:
binutils­-2.17.50.0.6-­2.el5
compat­-libstdc++-33­-3.2.3­-61
elfutils­-libelf­-0.125­-3.el5
elfutils­-libelf­-devel­-0.125
glibc-­2.5-­12
glibc­-common­-2.5­-12
glibc­-devel­-2.5­-12
gcc­-4.1.1­-52
gcc­-c++­-4.1.1­-52
libaio­-0.3.106
libaio­-devel­-0.3.106
libgcc-­4.1.1­-52
libstdc++­-4.1.1
libstdc++­-devel­-4.1.1­-52.e15
make­-3.81-­1.1
sysstat-­7.0.0
unixODBC­-2.2.11
unixODBC­-devel­-2.2.11
4. 创建 Oracle 安装所需的组和用户:
groupadd oinstall
groupadd dba
groupadd oper
useradd ­-g oinstall ­-G dba,oper oracle
5. 修改内核参数:
在/etc/sysctl.conf 中添加下列行
vm.min_free_kbytes = 1024
vm.swappiness = 10
fs.file­-max = 65536
kernel.shmall = 2097152
kernel.shmmax = 2147483648
kernel.shmmni = 4096
kernel.sem = 250 32000 100 128
net.ipv4.ip_local_port_range = 1024 65000
net.core.rmem_default = 4194304
net.core.rmem_max = 4194304
net.core.wmem_default = 262144
net.core.wmem_max = 262144
(以上参数的值都是推荐值,如果你本机的值更大的话,就无需更改;其中 fs.file­max 取值为512*PROCESSES)
运行: sysctl -­p (使以上定义的值生效)
6. 为 oracle 用户设定 shell 限制:
a. 在/etc/security/limits.conf 中添加下列行
oracle soft nproc 2047
oracle hard nproc 16384
oracle soft nofile 1024
oracle hard nofile 65536
b. 在/etc/pam.d/system­-auth 中确保有下列行
session required pam_limits.so
session required pam_unix.so
c. 在~oralce/.bash_profile 中添加如下
ulimit ­-u 16384 ­-n 65536
7. 创建 Oracle 安装目录并设制 oracle 用户的环境变量
a. 建立 Oracle 数据文件目录
mkdir ­-m 775 /opt/oracle
chown oracle:oinstall /opt/oracle
mkdir ­-m 775 /opt/oraInventory
chown oracle:oinstall /opt/oraInventory
b. 在~oracle/.bash_profile 中添加下列行
ORACLE_BASE=/opt/oracle
ORACLE_SID=orcl
ORACLE_HOME=$ORACLE_BASE/product/11.1.0/db_1
PATH=$PATH:$HOME/bin:$ORACLE_HOME/bin
export ORACLE_BASE ORACLE_SID ORACLE_HOME PATH
8. 安装 Oracle Database 11g
a. 使用 Oracle Universal Installer.(注意:执行“xhost +”命令,否则 oracle 用户不能使用当前图形接口;或者注销后使用 oracle 帐户登录)
b. 选择 Installation Type: Enterprise Edition(3.3GB) 输入 Database Password: tecent 单击 Next
c. 单击 Next.如果你没有创建 Inventory 目录,即/opt/oraInventory,则会出现错提示,点击 OK,重新指定 Inventory 目录, 设为 /opt/oracle/oraInventory 然后单击 Next.
d. 安装程序现在将验证系统是否满足安装和配置所选产品的最低要求,继续前改正任何
报告的错误,检查成功完成后,单击 Next.
e. Oracle Configuration Manager 允许你将配置信息与 Metalink 帐户相关联,你可在该窗口上选择启用它,否者直接单击 Next.
f. 查看 Summary 窗口,验证要安装的内容。然后单击 Install.
g. 安装进度显示.
h. Configuration Assistants 窗口显示.
i. 创建数据库
j. 数据库安装完成后,可以选择 Password Management解锁你要使用的用户,并更改密
码,或直接单击 OK.
k. 以 root 身份执行 orainstRoot.sh 和 root.sh
l. Oracle Database 安装完成,记住显示的 URL(我的是https://server.example.com:1158/em), 单击 Exit,Yes 退出.
m. 测试安装, 在浏览器中输入结束安装前显示的 URL,打开企业管理器登录界面,键入User Name 为 sys, Password 为 tencent, 选择 Connext As 为 SYSDBA,单击 Login.
9. 设置 Oracle 开机自启动
a. 修改/etc/oratab 文件
orcl:/opt/oracle/product/11.1.0/db_1:Y
b. 编辑/etc/init.d/oracled 启动和关闭脚本:
#!/bin/bash
#
# Oracle This shell script takes care of starting and stopping the ORACLE subsystem
#
# chkconfig: -­ 64 36
# description: ORACLE database server.
# processname: oracle
ORACLE_HOME=/opt/oracle/product/11.1.0/db_1
ORACLE_OWNER=oracle
prog=Oracled
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
start(){
if [ ­-f "$ORACLE_HOME/bin/dbstart" ] ; then
su ­ - $ORACLE_OWNER ­-c $ORACLE_HOME/bin/dbstart $ORACLE_HOME
ret=$?
if [ $ret ­-eq 0 ] ; then
action $"Starting $prog: " /bin/true
else
action $"Starting $prog: " /bin/false
fi
[ $ret ­-eq 0 ] && touch /var/lock/subsys/oracled
return $ret
fi
}
stop(){
if [ ­-f "$ORACLE_HOME/bin/dbshut" ] ; then
su ­ $ORACLE_OWNER ­-c $ORACLE_HOME/bin/dbshut $ORACLE_HOME
ret=$?
if [ $ret ­-eq 0 ] ; then
action $"Stoping $prog: " /bin/true
else
action $"Stoping $prog: " /bin/false
fi
[ $ret ­-eq 0 ] && rm ­-f /var/lock/subsys/oracled
return $ret
fi
}
restart(){
stop
start
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
*)
echo $"Usage: $0 {start|st p|restart}"
o
exit 1
esac
exit $?
c. 执行命令:chkconfig oracled on
10. 第一次安装的时候 OEM 启动正常,但重启后不会自动启动,如想用 OEM 管理数据库,执行以下命令:
emctl start dbconsole

--
知行合一

Posted in 标签: | 0 评论

make_command for SQL_SASL_TLS

Posted On at 时间: 23:14:00 by David Lu  

# final
# total make file : Mysql, SASL, TLS

make -f Makefile.init makefiles \
'CCARGS=-DHAS_MYSQL -I/usr/include/mysql -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl -DUSE_TLS' \
'AUXLIBS=-L/usr/lib/mysql -lmysqlclient -lz -lm -L/usr/lib -lsasl2 -lssl -lcrypto'

--
知行合一

Posted in 标签: | 0 评论

LAMP+MRTG+CACTI+IGENUS

Posted On at 时间: 22:58:00 by David Lu  

ATTENTION
# Set up Hostname and DNS server first
# Turn off SELINUX by edit /etc/selinux/config

LAMP Installation
#Version and Path of main packages
MYSQL_VER="5.0.45"
APACHE_VER="2.2.6"
PHP_VER="5.2.5"
ZNED_VER="3.3.3-linux-glibc23-i386"
MYSQL_LOCATION="/usr/local/mysql5"
APACHE_LOCATION="/usr/local/apache2"
PHP_LOCATION="/usr/local/php5"

#Remove all existing main softwares
rpm -e `rpm -qa | grep php` --nodeps &> /dev/null
rpm -e `rpm -qa | grep mysql` --nodeps &> /dev/null
rpm -e `rpm -qa | grep httpd` --nodeps &> /dev/null

#Installing dependent development libraries
yum install gcc gcc-c++ openssl openssl-devel libtermcap-devel libxml2-devel gmp-devel gd-devel zlib-devel curl-devel net-snmp-devel libpng-devel libjpeg-devel freetype-devel -y &> /dev/null

#Installing MySQL
tar jxf mysql-$MYSQL_VER.tar.bz2 &> /dev/null
groupadd mysql
useradd -g mysql -c "MySQL Server" mysql
cd mysql-$MYSQL_VER
./configure --prefix=$MYSQL_LOCATION \
--with-charset=gb2312 \
--with-extra-charsets=all \
--enable-assembler \
--enable-thread-safe-client \
--with-client-ldflags=-all-static \
--with-mysqld-ldflags=-all-static \
--without-debug &> /dev/null
make &> /dev/null && make install &> /dev/null
cp support-files/my-medium.cnf /etc/my.cnf
cp support-files/mysql.server /etc/init.d/mysqld
chmod 755 /etc/init.d/mysqld
chkconfig mysqld on
chown -R mysql.mysql $MYSQL_LOCATION/*
$MYSQL_LOCATION/bin/mysql_install_db --user=mysql &> /dev/null
chown -R root $MYSQL_LOCATION/*
chown -R mysql $MYSQL_LOCATION/var
ln -s $MYSQL_LOCATION/bin/* /usr/bin/
/etc/init.d/mysqld start &> /dev/null && echo "Mysql Success"; cd .. ; rm mysql-$MYSQL_VER -fr || echo "Mysql Failed"

#Installing Httpd
tar jxf httpd-$APACHE_VER.tar.bz2 &> /dev/null
cd httpd-$APACHE_VER
./configure --prefix=$APACHE_LOCATION \
--enable-ssl \
--enable-cgi \
--enable-cgid \
--enable-rewrite \
--enable-speling \
--enable-shared \
--enable-so &> /dev/null
make &> /dev/null && make install &> /dev/null
$APACHE_LOCATION/bin/apachectl start &> /dev/null && echo "apache success"; cd .. ; rm httpd-$APACHE_VER -fr || echo "apache fail"
ln -s $APACHE_LOCATION/bin/apachectl /usr/bin

#Installing libmcrypt
tar zxf libmcrypt-2.5.7.tar.gz
cd libmcrypt-2.5.7
./configure &>/dev/null && make &>/dev/null && make install &>/dev/null

#Installing PHP
tar jxf php-$PHP_VER.tar.bz2
cd php-$PHP_VER
./configure --prefix=$PHP_LOCATION \
--with-apxs2=$APACHE_LOCATION/bin/apxs \
--with-mysql=$MYSQL_LOCATION \
--with-openssl \
--with-snmp \
--with-gd \
--with-zlib \
--with-curl \
--with-libxml-dir \
--with-png-dir \
--with-jpeg-dir \
--with-freetype-dir \
--with-pear \
--with-gettext \
--with-gmp \
--with-mcrypt \
--disable-debug \
--enable-soap \
--enable-ftp \
--enable-sockets \
--enable-mbstring &> /dev/null
make &> /dev/null && make install &> /dev/null
cp php.ini-dist $PHP_LOCATION/etc/php.ini
cd .. ; rm php-$PHP_VER -fr
echo "AddType application/x-httpd-php .php .phtml " >> $APACHE_LOCATION/conf/httpd.conf
echo "" > $APACHE_LOCATION/htdocs/index.php
#DO NOT forget to add “index.php” under the section

#Installing ZendOptimizer
tar jxf ZendOptimizer-$ZEND_VER.tar.bz2
cd ZendOptimizer-$ZNED_VER
./install

MRTG--The Multi Router Traffic Grapher
MRTG Configuration HOW-TO
http://www.cyberciti.biz/nixcraft/linux/docs/uniqlinuxfeatures/mrtg/
Author’s website
http://oss.oetiker.ch/mrtg/

CACTI--too powful to explain : )
Offical website: http://www.cacti.net

IGENUS--qmail+mysql+vpopmail
Offical website: http://www.igenus.org/

--
知行合一

Posted in 标签: | 0 评论

qmail antivirus antispam

Posted On at 时间: 22:34:00 by David Lu  

1. Installing spamassassin
yum install spamassassin ­-y
wget http://www.ccert.edu.cn/spam/sa/Chinese_rules.cf ­-P /usr/share/spamassassin
chkconfig spamassassin on
service spamassassin start
2. Installing clamav
useradd ­-s /bin/false clamav
tar zxf clamav­-0.94rc1.tar.gz
cd clamav­-0.94rc1
./configure
make; make install
cp contrib/init/RedHat/clamd /etc/init.d
edit /usr/local/etc/clamd.conf and freshclam.log, comment “Example”
freshclam
chkconfig clamd on
service clamd start
3. Installing MDA
rpm -­i maildrop­-2.0.4­-1.5Server.i386.rpm
rpm ­-i maildrop­-devel­-2.0.4­-1.5Server.i386.rpm
rpm ­-i maildrop­man­2.0.4­-1.5Server.i386.rpm
4. Installing perl modules
tar zxf Time­-HiRes­-1.9715.tar.gz
cd Time-­HiRes­-1.9715; perl Makefile.pl; make; make install
tar zxf DB_File­-1.817.tar.gz
cd DB_File­-1.817; perl Makefile.pl; make; make install
tar zxf Sys-­Syslog-­0.26.tar.gz
cd Sys­-Syslog­-0.26; perl Makefile.pl; make; make install
tar zxf MIME­-Base64­-3.07.tar.gz
cd MIME­-Base64­-3.07; perl Makefile.pl; make; make install
5. Optional
tar zxf tnef­-1.4.4.tar.gz
cd tnef­-1.4.4; ./configure; make; make install
yum install sharutils unzip ­-y
6. Installing qmail­-scanner
tar zxf qmail­-scanner­-2.05.tgz
cd qmail­-scanner­-2.05
./configure ­­--admin test ­­--domain example.com ­­--unzip yes --no­-QQ­-check --qmail­-queue-binary /var/qmail/bin/qmail­-queue
./configure ­­--admin test ­­--domain example.com ­­--unzip yes --no­-QQ­-check --qmail­-queue-binary /var/qmail/bin/qmail­-queue --install
/var/qmail/bin/qmail­-scanner­-queue.pl ­-g
7. Integration qmail and qmail­scanner
edit /etc/tcp.smtp, add following lines
# No Qmail­Scanner at all for mail from 127.0.0.1
127.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail­-queue"
# Use Qmail­Scanner without SpamAssassin on any mail from the local network
192.168.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner­-queue.pl"
# Use Qmail­Scanner with SpamAssassin on any mail from the rest of the world
:allow,QMAILQUEUE="/var/qmail/bin/qmai-l­scanner­-queue.pl"
qmailctl cdb
qmailctl restart

--知行合一

Posted in 标签: | 0 评论

postfix antivirus

Posted On at 时间: 22:19:00 by David Lu  

1. Install Spamassassin
a) yum install spamassassin ­-y
b) service spamassassin start

2. Install Fprot
a) wget http://files.fprot.com/files/linuxx86/fplinuxws.rpm
b) rpm -ivh fplinuxws.rpm
c) /usr/local/fprot/tools/check­-updates.pl ( edit crontab if you want it to auto update)

3. Install MailScanner
a) Download from http://www.mailscanner.info/downloads.html
b) tar zxvf MailScanner­-4.69.9­-3.rpm.tar.gz
c) cd MailScanner
d) ./install.sh
e) mkdir /var/spool/MailScanner/spamassassin; chown postfix.postfix /var/spool/MailScanner/*
f) vi /etc/MailScanner/MailScanner.conf(change follow lines, like so)

Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
Mta = postfix
Virus Scanners = fprot
Always Include Spamassassin report = yes
Use Spamassassin = yes
SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin

g) echo /^Received:/ HOLD >>/etc/postfix/header_checks
postmap /etc/postfix/header_checks
(make sure uncomment header_checks in /etc/postfix/main.cf)
h) postfix stop; chkconfig postfix off
i) service MailScanner start
j) chkconfig MailScanner on

4. Virus test
a) Download “eicar.com” from http://www.eicar.org/anti_virus_test_file.htm
b) mail test include “eicar.com”.

加强贝式分析广告信件需要安装密码学演算和特征比对的 Razor Pyzor Dcc
1. Install Razor and Razor­-agent
Download razor from: http://razor.sourceforge.net/
tar jxvf razor­-agents­-sdk­2.07.tar.bz2
cd razor­-agents­-sdk­2.07
perl Makefile.PL && make && make install
tar jxvf razo-r­agents­-2.84.tar.bz2
cd razor­-agents­-2.84
perl Makefile.PL && make && make install
razor­-admin ­­--register ­user= test@tencent.org ­-pass=test

2. Install Pyzor
wget http://jaist.dl.sourceforge.net/sourceforge/pyzor/pyzor-­0.4.0.tar.bz2
tar jxvf pyzor­-0.4.0.tar.bz2
cd pyzor­-0.4.0
python setup.py build && python setup.py install
chmod ­-R a+rx /usr/share/doc/pyzor /usr/lib/python2.4/site­-packages/pyzor /usr/bin/pyzor
/usr/bin/pyzord

3. Install DCC
wget http://www.rhyolite.com/anti­-spam/dcc/source/dcc.tar.Z
tar zxvf dcc.tar.Z
cd dcc­-1.3.90
./configure && make && make install

--
知行合一

Posted in 标签: | 0 评论

squid+mysql

Posted On at 时间: 21:52:00 by David Lu  

squid 用户认证
htpasswd /etc/squid/passwd test
chown root:squid /etc/squid/passwd
chmod 640 /etc/squid/passwd
acl INTERNAL src 192.168.0.0/24
acl AUTHUSERS proxy_auth REQUIRED
http_access allow INTERNAL AUTHUSERS
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Squid - Home Proxy Server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
service squid reload

squid+mysql 认证
yum install gcc mysql mysql­-server mysql­-devel ­y
wget http://people.arxnet.hu/airween/mysql_auth/mysql_auth­-0.8.tar.gz
tar zxf mysql_auth­-0.8.tar.gz
cd mysql_auth­-0.8
修改 Makefile
CFLAGS = ­-I /usr/include/mysql ­-L/usr/lib/mysql
$(INSTALL) ­-o squid ­-g squid ­-m 755 mysql_auth /usr/local/libexec/mysql_auth
$(INSTALL) ­-o root ­-g root ­-m 700 mypasswd /usr/local/bin/mypasswd
$(INSTALL) ­-o squid ­-g squid ­-m 600 $(CONF) /usr/local/etc/mysql_auth.conf
$(INSTALL) ­-o squid ­-g squid ­-m 600 $(CONF) /usr/local/etc/mysql_auth.conf.default
修改 src/mysql_auth.conf
mysqld_socket /var/lib/mysql/mysql.sock
修改 src/mypassword.c
#include
修改 src/mysql_auth.c
#include
make && make install
cd scripts/
mysql <>
mypasswd test test
测试用户
mysql_auth
test test
OK!
在/etc/squid/squid.conf 中增加 mysql_auth 认证
添加下面的代码到"TAG: acl"一节的后面
auth_param basic program /usr/local/bin/mysql_auth
auth_param basic realm Squid caching server
auth_param basic children 5
auth_param basic credentialsttl 2 hours
acl password proxy_auth REQUIRED
http_access allow password
service squid start

--
知行合一

Posted in 标签: | 0 评论

rhel5.1+pptpd+freeradius+mysql

Posted On at 时间: 21:30:00 by David Lu  

安装 pptpd
echo 1 > /proc/sys/net/ipv4/ip_forward
yum install ppp ­-y
modprobe ppp­-compress­-18
wget http://poptop.sourceforge.net/yum/stable/rhel5/i386/pptpd­-1.3.4­-1.rhel5.1.i386.rpm
rpm­ -i pptpd-­1.3.4­-1.rhel5.1.i386.rpm
pptpd 的配置文件 /etc/pptpd.conf
localip 192.168.0.1
remoteip 192.168.0.234­-238
localip: pptpd server 所在服务器 IP 地址,可以设置为服务器上绑定的任意一个 IP 地址
remoteip: 设置客户端连接到 pptpd server 后可供分配的 Ip 地址范围
添加测试用户/etc/ppp/chap­-secrets
#client server secret IP addresses
david pptpd tencent *
(服务器名称必须和 options.pptpd 中 name 处设置的名称一致,否则登录验证无法通过)
service pptpd start
netstat ­-antlp | grep:1723
现在可以用 david 测试了!

支持 freeradius
yum install freeradius freeradius­-mysql ­-y
wget ftp://ftp.samba.org/pub/ppp/ppp-­2.4.4.tar.gz
tar zxf ppp­-2.4.4.tar.gz
mkdir /etc/radiusclient
cp ppp­2.4.4/pppd/plugins/radius/etc/* /etc/radiusclient
cd /etc/radiusclient
在 servers 中添加 radius 的地址和密码
#Server Name or Client/Server pair Key
#­­­­­­­­­­­­­­­­ -------------------- ­­­­­­­­­­­­­­­----------------------
#portmaster.elemental.net hardlyasecret
#portmaster2.elemental.net donttellanyone
localhost tencent

在 radiusclient.conf 中确保 radiusclient 所有相关的路径都是/etc/radiusclient 开头的

修改/etc/ppp/options.pptpd
plugin /usr/lib/pppd/2.4.4/radius.so
cd /etc/raddb
修改 clients.conf
client 127.0.0.1 {
secret = tencent (与/etc/radiusclient 中 servers 里设置的一致)
shortname = localhost
nastype = other
}

支持 mysql
修改/etc/raddb/radius.conf
$INCLUDE ${confdir}/sql.conf (去掉注释)
authorize {
#files
sql
....
}
accounting {
#radutmp
sql
....
}
session{
#radutmp
sql
}
post­auth {
sql
}
修改/etc/raddb/sql.conf
sql {
driver = "rlm_sql_mysql"
server = "localhost"
login = "radius"
password = "radius"
radius_db = "radius"
去掉 205 行 simul_count_query 的注释
....
}

yum install mysql mysql-­server mysql­-devel ­-y
service mysqld start
cd /usr/share/doc/freeradius­-1.1.3/examples
mysqladmin create radius
mysql radius < face="arial">mysql> grant all on radius.* to radius@localhost identified by 'radius';
mysql> flush privilieges;
mysql> use radius;
mysql> insert into radgroupreply (groupname,attribute,op,value) values ('user','Auth­Type',':=','Local');
mysql> insert into radgroupreply (groupname,attribute,op,value) values ('user','Service-Type',':=','Framed­-User');
mysql> insert into radgroupreply (groupname,attribute,op,value) values ('user','Framed-IP-Address',':=','255.255.255.254');
mysql> insert into radgroupreply (groupname,attribute,op,value) values ('user','Framed-IP-Netmask',':=','255.255.255.0');
mysql> insert into radcheck (username,attribute,op,value)values ('test','User-Password',':=','test');
mysql> insert into usergroup (username,groupname)values ('test','user');

Now you can use user "test" to test : )

--
知行合一

Posted in 标签: | 0 评论

Extend modules for Iptables on CentOS 5.1

Posted On at 时间: 21:13:00 by David Lu  

wget ftp://ftp.netfilter.org/pub/patch­-o­-matic­-ng/snapshot/patch-­o­-matic­-ng­20080709.tar.bz2
wget ftp://ftp.netfilter.org/pub/iptables/iptables­1.3.5.tar.bz2
tar jxf iptables­-1.3.5.tar.bz2
tar jxf patch­-o­-matic­-ng­-20080709.tar.bz2
cd /root/patch­-o­-matic­-ng­-20080709
yum install kernel­-devel ­-y
KERNEL_DIR=/usr/src/kernels/2.6.18­53.el5­-i686 IPTABLES_DIR=/root/iptables­1.3.5 ./runme ­­--download
KERNEL_DIR=/usr/src/kernels/2.6.18­53.el5­-i686 IPTABLES_DIR=/root/iptables­1.3.5 ./runme connlimit
KERNEL_DIR=/usr/src/kernels/2.6.18­53.el5­-i686 IPTABLES_DIR=/root/iptables­1.3.5 ./runme time
KERNEL_DIR=/usr/src/kernels/2.6.18­53.el5-­i686 IPTABLES_DIR=/root/iptables­1.3.5 ./runme ipp2p
­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­
Do you want to apply this patch [N/y/t/f/a/r/b/w/q/?] y
­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­
cd /usr/src/kernels/2.6.18­53.el5-­i686
make oldconfig
­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­
Connections/IP limit match support (IP_NF_MATCH_CONNLI IT) [N/m/?] (NEW) m
­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­
make modules_prepare
mv net/ipv4/netfilter/Makefile net/ipv4/netfilter/Makefile.bak
vi net/ipv4/netfilter/Makefile
obj­m := ipt_connlimit.o ipt_time.o ipt_ipp2p.o
KDIR := /lib/modules/$(shell uname ­-r)/build
PWD := $(shell pwd)
default:
$(MAKE) ­-C $(KDIR) M=$(PWD)modules

make M=net/ipv4/netfilter/
cp net/ipv4/netfilter/ipt_connlimit.ko /lib/modules/2.6.18­53.el5/kernel/net/ipv4/netfilter/
cp net/ipv4/netfilter/ipt_time.ko /lib/modules/2.6.18­53.el5/kernel/net/ipv4/netfilter/
cp net/ipv4/netfilter/ipt_ipp2p.ko /lib/modules/2.6.18­53.el5/kernel/net/ipv4/netfilter/
chmod 744 /lib/modules/2.6.18­53.el5/kernel/net/ipv4/netfilter/ipt_connlimit.ko ipt_time.ko ipt_ipp2p.ko

cd /root/iptables­-1.3.5
make KERNEL=/usr/src/kernels/2.6.18­92.el5-­i686/
make install KERNEL=/usr/src/kernels/2.6.18­92.el5­i686/ BINDIR=/sbin LIBDIR=/lib
MANDIR=/usr/share/man
depmod ­-a
modprobe ipt_connlimit
modprobe ipt_time
modprobe ipt_ipp2p

iptables ­-A INPUT ­-p tcp ­­--syn ­­--dport 22 ­-m connlimit ­­--connlimit­-above 2 -j REJECT
iptables ­-A OUTPUT ­-p tcp ­­--dport 80 ­-m time ­­--timestart 14:00 ­­--timestop 18:00 ­­-days Thu,Sun ­-j REJECT
iptables ­-A FORWARD ­-p tcp ­-m ipp2p ­­--edk ­­--bit -­j DROP

ok!

--
知行合一

Posted in 标签: | 0 评论

INSTALL MPlayer

Posted On 2008年11月5日星期三 at 时间: 18:40:00 by David Lu  

既然装上了声卡驱动,也就顺带着手把影音播放器也装了吧: )

mkdir -m 644 /usr/lib/codecs
mkdir -m 644 /usr/lib/win32codecs

chown -R root.root /usr/lib/codecs/*
chown -R root.root /usr/lib/win32codecs/*

tar jxf Blue-1.7.tar.bz2
tar jxf MPlayer-1.0rc2.tar.bz2
tar jxf all-20071007.tar.bz2 -C /usr/lib/codecs/
unzip windows-all-20071007.zip -d /usr/lib/win32codecs/

cd MPlayer-1.0rc2
./configure --enable-gui --enable-largefiles --enable-menu --prefix=/usr/local --codecsdir=/usr/lib/codecs/ --win32codecsdir=/usr/lib/win32codecs/ --confdir=/etc/mplayer --language=zh_CN

make && make install

mv Blue/ /usr/local/share/mplayer/Skin/default
# 此处Skin的S须大写,而默认为小写,对应default也要自行创建

ln -s /usr/share/fonts/chinese/TrueType/uming.ttf ~/.mplayer/subfont.ttf

vi ~/.mplayer/config

编辑内容如下:

# Write your default config options here!

# 视频输出以xv模式,启用视频加速

vo = xv

# 字幕字体文件

# font = /usr/share/fonts/zh_CN/TrueType/uming.ttf

# 字幕编码 (使用TTF字体时使用)

subcp = cp936

# 0 不自动缩放; 1 按电影高度缩放; 2 按宽度; 3 按对角线

subfont-autoscale = 2

# 字幕字体大小

subfont-text-scale = 5

# 设置OSD元素的自动绽放系数

#subfont-osd-scale = 6

#font = /home/simsun.ttf

#subcp = cp936

#subfont-autoscale = 1 #这是控制自动装载字幕的,2和0都是不自动

#subfont-text-scale =7 #字体大小


附:mplayer相关下载地址:


Mplayer安装包:http://www.mplayerhq.hu/design7/dload.html
Mplayer 视频解码包: http://www.mplayerhq.hu/design7/dload.html
Mplayer 皮肤包: http://www.mplayerhq.hu/design7/dload.html
Mplayer 字体包: http://www.mplayerhq.hu/MPlayer/contrib/fonts/

--
知行合一

Posted in 标签: | 0 评论

INSTALL ALSA

Posted On at 时间: 18:19:00 by David Lu  

ALSA出了新版本,v1.0.18,便又把声卡驱动装了第N+!遍,只盼着能解决三年以来Linux下一直没声音的痛苦。针对Intel ICH8系列,之前装ALSA,每装一次失望一次,而今天的确是个值得纪念的日子,我终于听到渴望已久的声音!

步骤简单,但意义非凡,权且做个记录吧: )

tar jxvf alsa-driver-1.0.18.tar.bz2
tar jxvf alsa-lib-1.0.18.tar.bz2
tar jxvf alsa-utils-1.0.18.tar.bz2

接下来便是编译“三步曲”了
./configure && make && make install

需要注意的是,对alsa-driver-1.0.18稍有不同
./configure --with-cards=hda-intel && make && make install

一切顺利!接下来便是一些简单的配置
alsaconf
alsamixer

测试一下,感受美妙的声音吧: )
system-config-soundcard

别忘了,同时也有了一些噪声……
xset b off

--
知行合一

Posted in 标签: | 0 评论
订阅: 博文 (Atom)