由于某种蛋疼的需求,一个隔离环境下一台CentOS,搭建FTP、DNS、DHCP、MAIL、WEBMAIL等各种服务。
实施过程中bind 名称解析随DHCP自动更新,有一点点小麻烦。openwebmail安装也比较难受。
现记录于下。常规配置略过。
DNS随DHCP动态更新:
使用dnssec–keygen –a HMAC-MD5 –b 128 –n USER ddns命令来生成密钥,
密钥生成后,会在当前目录下自动生成两个密钥文件Kbobddns.+157+xxx.key和Kbobddns.+157+xxx.private。
添加密钥信息到以下配置文件中。
named.rfc1912.zones:
- zone "0.20.172.in-addr.arpa" IN {
- type master;
- file "0.20.172.zone";
- allow-update { key ddns; };
- };
- zone "coretronic-dmt.com" IN {
- type master;
- file "coretronic-dmt.com.zone";
- allow-update { key ddns; };
- };
dhcpd.conf:
- authoritative;
- ddns-update-style interim;
- ignore client-updates;
- subnet 172.20.0.0 netmask 255.255.255.0 {
- option routers 172.20.0.250;
- option subnet-mask 255.255.255.0;
- option nis-domain "coretronic-dmt.com";
- option domain-name "coretronic-dmt.com";
- option domain-name-servers 172.20.0.1;
- option time-offset -18000; # Eastern Standard Time
- range dynamic-bootp 172.20.0.10 172.20.0.100;
- default-lease-time 21600;
- max-lease-time 43200;
- # we want the nameserver to appear at a fixed address
- host ns {
- next-server marvin.redhat.com;
- hardware ethernet 12:34:56:78:AB:CD;
- fixed-address 207.175.42.254;
- }
- }
- key ddns {
- algorithm hmac-md5;
- secret RAEDpzKNBs8dRIAbP8ClCw==;
- };
- zone coretronic-dmt.com. {
- primary 172.20.0.1;
- key ddns;
- }
- zone 0.20.172.in-addr.arpa {
- primary 172.20.0.1;
- key ddns;
- }
named.conf:
- options {
- listen-on port 53 { 172.20.0.1; };
- listen-on-v6 port 53 { ::1; };
- directory "/var/named";
- dump-file "/var/named/data/cache_dump.db";
- statistics-file "/var/named/data/named_stats.txt";
- memstatistics-file "/var/named/data/named_mem_stats.txt";
- // Those options should be used carefully because they disable port
- // randomization
- // query-source port 53;
- // query-source-v6 port 53;
- allow-query { any; };
- allow-query-cache { any; };
- };
- logging {
- channel default_debug {
- file "data/named.run";
- severity dynamic;
- };
- };
- view localhost_resolver {
- match-clients { any; };
- match-destinations { any; };
- recursion yes;
- include "/etc/named.rfc1912.zones";
- };
- key ddns {
- algorithm hmac-md5;
- secret "RAEDpzKNBs8dRIAbP8ClCw==";
- };
重启named、dhcpd,使用客户端电脑自动获取IP地址,即可自动正反向解析。
Openwebmail安装起来麻烦,默认yum是找不到这个组件的,下载openwebmail的rmp包,各种依赖需求使得几乎不可行。具体操作如下:
- yum install yum*
- cd /etc/yum.repos.d/
- wget
- yum --nogpgcheck localinstall perl-Text-Iconv-1.7-1.el5.rf.i386.rpm
- yum install openwebmail
- yum install sendmail*
- yum install php-*
- yum install dovecot
perl-Text-Iconv-1.7-1.el5.rf.i386.rpm 是手动下载,本地安装。
运行./openwebmail-tool.pl --init,根据提示修改dbm.conf。
新增用户,即可使用webmail。
webmail访问方法:
http://
ip/cgi-bin/openwebmail/openwebmail.pl
阅读(2833) | 评论(0) | 转发(0) |