freebsd6.2在dell 1950服务器架设成功,我们公司新购买Dell 1950服务器。配置为:
cpu:志强2.0双核心
硬盘:146G SAS *2 做特殊盘阵
内存:2G
呵呵,用系统带的软件为每个盘做为一个Raid0。分别为一个盘一个raid0。扩展空间用
用freebsd6.1发现无法识别网卡。用freebsd6.2可以认识SMP和raid、NIC-Pce0和Pce1两张网卡。
做好最小系统,呵呵非常迅速。然后安装cvsup,更新ports和src。然后安装Apache+php+mysql+bind+proftp平台。呵呵bsd真的快啊。
编译内核加入IPFW防火墙模块。呵呵我比较喜欢IPFW,觉得这个名字就简单!
我写的规则:
ipfw -q -f flush
cmd="ipfw -q add"
$cmd allow tcp from any to me 2292
$cmd allow tcp from any to me 21
$cmd allow tcp from any 1024-65535 to me
$cmd allow tcp from me 25 to any
$cmd allow tcp from any to me 80
$cmd allow tcp from any to any 3306
$cmd allow tcp from me 53 to any
$cmd allow tcp from any 53 to me
$cmd allow udp from any to me 53
$cmd allow udp from me 53 to any
#$cmd deny icmp from any to me
$cmd allow udp from any 53 to any out
$cmd allow udp from any to me 53 in
$cmd allow udp from any to me 53
#$cmd deny tcp from any to me
发现有问题,希望有朋友告诉我这个ftp配置和dns的ipfw配置的信息。没有配置好。
刚才读贴子发现减少web TIME_WAIT的方法 sysctl net.inet.tcp.msl=2000然后等60秒
就可以了。sysctl net.inet.tcp.msl=2000然后等60秒
ipfw学习
ip="192.168.x.x"
# ftpdata (20)
ipfw add allow tcp from any to $ip 20 in
ipfw add allow tcp from $ip 20 to any out
# ftp (21)
ipfw add allow tcp from any to $ip 21 in
ipfw add allow tcp from $ip 21 to any out
ipfw add allow tcp from any to $ip 1024-65535 in
ipfw add allow tcp from $ip 1024-65535 to any out
# ssh (22)
ipfw add allow tcp from any to $ip 22 in
ipfw add allow tcp from $ip 22 to any out
# http (80)
ipfw add allow tcp from any to $ip 80 in
ipfw add allow tcp from $ip 80 to any out
# snmp (161)(udp)
ipfw add allow udp from any to $ip 161 in
ipfw add allow udp from $ip 161 to any out
# Samba (137,139,901)
ipfw add allow tcp from any to $ip 139 in
ipfw add allow tcp from $ip 139 to any out
ipfw add allow tcp from any to $ip 901 in#Web管理
ipfw add allow tcp from $ip 901 to any out
ipfw add allow udp from any to $ip 137 in#Win98下访问必须,XP无须
ipfw add allow udp from $ip 137 to any out
阅读(2241) | 评论(4) | 转发(0) |
