show ip bgp regexp ^6939
show ip bgp neighbors 100.64.163.1
show ip bgp neighbors 100.64.163.1 advertised-routes
Cisco BGP常用show命令
1.常用的show 命令
查看BGP路由表
XRV8#show ip bgp all
For address family: IPv4 Unicast
BGP table version is 217, local router ID is 10.255.255.8
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 10.33.0.0/19 0.0.0.0 32768 i
*> 10.33.1.0/24 0.0.0.0 0 32768 i
*> 10.33.2.0/24 0.0.0.0 0 32768 i
*> 10.33.3.0/24 0.0.0.0 0 32768 i
查看BGP邻居表
XRV8#show ip bgp summary
BGP router identifier 10.255.255.8, local AS number 65002
BGP table version is 217, main routing table version 217
72 network entries using 10368 bytes of memory
76 path entries using 6080 bytes of memory
3/3 BGP path/bestpath attribute entries using 456 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 16928 total bytes of memory
BGP activity 140/68 prefixes, 220/144 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.201.1.1 4 65000 95 89 217 0 0 01:08:02 4
10.201.2.1 4 65000 86 90 217 0 0 01:01:00 4
查看路由表中的BGP路由
XRV8#show ip route bgp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 141 subnets, 4 masks
B 10.33.0.0/19 [200/0], 01:07:50, Null0
B 10.63.0.0/19 [20/0] via 10.201.2.1, 00:14:30
B 10.79.0.0/19 [20/0] via 10.201.2.1, 00:14:30
B 10.118.0.0/19 [200/0], 01:07:50, Null0
B 10.123.0.0/19 [200/0], 01:07:50, Null0
B 10.133.0.0/19 [20/0] via 10.201.2.1, 00:14:30
B 10.149.0.0/19 [200/0], 01:07:50, Null0
B 10.158.0.0/19 [20/0] via 10.201.2.1, 00:14:30
查看BGP路由含有某些特定路由的信息
XRV8#show ip route bgp | include 10.133.0.0
B 10.133.0.0/19 [20/0] via 10.201.2.1, 00:19:04
查看含有某些前缀的BGP路由信息
XRV8#show ip bgp 10.133.0.0
BGP routing table entry for 10.133.0.0/19, version 216
Paths: (2 available, best #2, table default)
Not advertised to any peer
Refresh Epoch 4
65000 65001, (aggregated by 65001 10.255.255.7)
10.201.1.1 from 10.201.1.1 (10.255.255.5)
Origin IGP, localpref 100, valid, external, atomic-aggregate
rx pathid: 0, tx pathid: 0
Refresh Epoch 4
65000 65001, (aggregated by 65001 10.255.255.7)
10.201.2.1 from 10.201.2.1 (10.255.255.6)
Origin IGP, localpref 100, valid, external, atomic-aggregate, best
rx pathid: 0, tx pathid: 0x0
查看某个特定的掩码区间的路由
XRV8#show ip bgp 10.133.0.0/16 longer-prefixes
BGP table version is 217, local router ID is 10.255.255.8
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* 10.133.0.0/19 10.201.1.1 0 65000 65001 i
*> 10.201.2.1 0 65000 65001 i
查看起源于某个特定AS的路由
XRV8#show ip bgp regexp 65001$
BGP table version is 217, local router ID is 10.255.255.8
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* 10.63.0.0/19 10.201.1.1 0 65000 65001 i
*> 10.201.2.1 0 65000 65001 i
* 10.79.0.0/19 10.201.1.1 0 65000 65001 i
*> 10.201.2.1 0 65000 65001 i
* 10.133.0.0/19 10.201.1.1 0 65000 65001 i
*> 10.201.2.1 0 65000 65001 i
* 10.158.0.0/19 10.201.1.1 0 65000 65001 i
*> 10.201.2.1 0 65000 65001 i
VRF
Usage Guidelines
This command is available for all IP-route tracked objects that are tracked by the track ip route global configuration command. Use this command to track a route that belongs to a specific VPN.
Examples
In the following example, the route associated with a VRF named VRF1 is tracked:
Router(config)# track 1 ip route 10.0.0.0 255.0.0.0 metric threshold
Router(config-track)# exit
Router(config)# ip vrf VRF1
Router(config-vrf)# rd 100:1
Router(config-vrf)# route-target both 100:1
!
Router(config)# interface ethernet0/2
Router(config-if)# no shutdown
Router(config-if)# ip vrf forwarding VRF1
Router(config-if)# ip address 10.0.0.2 255.0.0.0
Command | Description |
|---|
ip vrf forwarding | Associates a VPN VRF with an interface or subinterface. |
track ip route | Tracks the state of an IP route and enters tracking configuration mode. |
ip tcp adjust-mss
ip tcp adjust-mss 1452
ip mtu 1492
Examples
The following example shows the configuration of a PPPoE client with the MSS value set to 1452:
vpdn enable
no vpdn logging
!
vpdn-group 1
request-dialin
protocol pppoe
!
interface Ethernet0
ip address 192.168.100.1 255.255.255.0
ip tcp adjust-mss 1452
ip nat inside
!
interface ATM0
no ip address
no atm ilmi-keepalive
pvc 8/35
pppoe client dial-pool-number 1
!
dsl equipment-type CPE
dsl operating-mode GSHDSL symmetric annex B
dsl linerate AUTO
!
interface Dialer1
ip address negotiated
ip mtu 1492
ip nat outside
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication pap callin
ppp pap sent-username sohodyn password 7 141B1309000528
!
ip nat inside source list 101 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer1
access-list 101 permit ip 192.168.100.0 0.0.0.255 any
原文地址https://www.cisco.com/en/US/docs/ios-xml/ios/ipapp/command/ip_tcp_adjust-mss_through_ip_wccp_web-cache_accelerated.html
go get github.com/cloudflare/goflow/cmd/goflow
cd ~/go/src/github.com/cloudflare/goflow/cmd/goflow
go install
goflow -kafka=false -nf -nf.addr 192.168.1.8 -nf.port 567
goflow -h
goflow -kafka=false -nf -nf.addr 192.168.1.8 -nf.port 5678
iRedMail
https://qing.su/article/158.html
香菇肥牛大佬写了些涨经验值的内容.
poste
https://poste.io/
基于docker的一个邮件投递系统
postal
https://postal.atech.media/
https://github.com/postalhq/postal/wiki/Quick-Install
用来专门投递邮件这玩意不错的.
mailu
https://mailu.io/
https://github.com/Mailu/Mailu
mailu这玩意是基于docker运行的, 看起来好像不错, 还没搭建过,
Mail-in-a-Box
https://mailinabox.email/
https://github.com/mail-in-a-box/mailinabox
指定在ubuntu上部署, ubuntu18可以安装, 还算比较不错的.
postalserver
http://docs.postalserver.io
https://github.com/postalserver/postal
Zimbra和Modoboa好像还可以, 但还没搭建过.
未完待续
先挂一个rescue系统重启并进入,挂载/dev/sda5分区.
www.system-rescue-cd.org 可以下载, 用linux带rescue的iso也可以.
操作流程大致如下:
mkdir /mnt/sda5
mount /dev/sda5 /mnt/sda5
cp /mnt/sda5/state.tgz /tmp
cd /tmp
tar -xf state.tgz #(这一步对文件进行解压之后,会生成一个local.tgz的文件)
tar -xf local.tgz #(这一步操作结束后,tmp下会有一个etc目录)
vim etc/shadow #(把root的密码删掉)
rm -f /tmp/state.tgz /tmp/local.tgz
tar -zcvf local.tgz etc/
tar -zcvf state.tgz local.tgz
cp state.tgz /mnt/sda5/
演示地址:https://files.photo.gallery/demo/?samples
下载链接:https://cdn.jsdelivr.net/npm/files.photo.gallery/index.php
设置说明:https://forum.photo.gallery/viewtopic.php?f=66&t=9964
开心补丁:https://cdn.jsdelivr.net/gh/yyingc/[email protected]/files.js
php组建需求: fileinfo exif imagemagick
配置根目录、密码访问和排除不需要显示的目录:
// 根目录配置
'root' => '根目录路径', // root path relative to script.
'start_path' => false, // start path relative to script. If empty, root is start path
// 登录账号密码配置
'username' => 'zhujizixun',
'password' => '12345678', // Add password directly or use https://tinyfilemanager.github.io/docs/pwd.html to encrypt the password (encrypted password is more secure, as it prevents your password from being exposed directly in a file).
// 排除文件或者目录
'files_exclude' => '/.(html|xml)$/i', // '/.(pdf|jpe?g)$/i'
'dirs_exclude' => '//js|/_files(/|$)/i', //'//Convert|/football|/node_modules(/|$)/i',
'allow_symlinks' => true, // allow symlinks
location ~ /(announcements|knowledgebase|download|store|password|cart|account|subscription)(.*) { rewrite (.*) /index.php; }
location ~ /(.*)/(addons|apps|search|domains|help|services|setup|utilities|clients)(.*) { rewrite (.*) /admin/index.php;}方案一:
if (!-f $request_filename){ rewrite (.*) /index.php; }方案二:
rewrite ^/(announcements|knowledgebase|download|store|password|cart|account|subscription)(.*)$ /index.php;
其他设置:
location ~* \.(tpl|inc|cfg)$ { deny all; }
location ^~ /vendor/ { deny all; }
方案一主要匹配本地没有的就丢index.php上去, 也可以用try_files
方案二主要是直接进行rewrite.
其他配置主要是隐藏一些目录和文件不让访问.
总的来说用 location来匹配稍微稳妥一些, 例如 /admin/clientsservices.php 会被为静态匹配到, 还是得运用if来判断匹配.
smb跨网的速度慢到爆, 虽然可以在Installation profiles里面增加一个外带本地smb路径, 在能不改变就不改变的前提下解决.
在ROS里面把445,137,138,139的tcp和udp重新定向到网内的smb服务器ip上.
/ip firewall nat
add action=dst-nat chain=dstnat dst-address=远程SMB dst-address-type=!local dst-port=445,137,138,139 protocol=udp to-addresses=本地SMB
add action=dst-nat chain=dstnat dst-address=远程SMB dst-address-type=!local dst-port=445,137,138,139 protocol=tcp to-addresses=本地SMB
然后将nocps下smb目录文件同步出来, 先把nocps的smb挂载到本地目录然后用rsync进行同步, 然后再分发到其他区域的smb服务器.
其实能在路由上做nat的情况, 完全可以把smb单独出来分区域镜像跑, 但是我不太想去折腾了, 能省一步省一步.
Regular Expressions are used often for BGP route manipulation or filtering. In this lesson we’ll take a look at some useful regular expressions. First let’s take a look at the different characters that we can use:
Characters
?
| repeats the previous character one or zero times. |
*
| repeats the previous character zero or many times. |
+
| repeats the previous character one or more times. |
^
| matches the beginning of a string. |
$
| matches the end of a string. |
[]
| is a range. |
_
| matches the space between AS numbers or the end of the AS PATH list. |
\\
| is an escape character. You’ll need this for BGP confederations. |
Examples
| ^$ | matches an empty AS PATH so it will match all prefixes from the local AS. |
| ^51_ | matches prefixes from AS 51 that is directly connected to our AS. |
| _51_ | matches prefixes that transit AS 51. |
| _51$ | matches prefixes that originated in AS 51, the $ ensures that it’s the beginning of the AS PATH. |
| ^([0-9]+)_51 | matches prefixes from AS 51 where AS 51 is behind one of our directly connected AS’es. |
| ^51_([0-9]+) | matches prefixes from the clients of directly connected AS 51. |
| ^(51_)+([0-9]+) | matches prefixes from the clients of directly connected AS 51, where AS 51 might be doing AS PATH prepending. |
| ^51_([0-9]+_)+ | matches prefixes from the clients of directly connected AS 51, where the clients might be doing AS PATH prepending. |
| ^\65200\) | matches prefixed from confederation peer 65200. |
https://networklessons.com/bgp/bgp-regular-expressions-examples/
#----------------------
Summary Table
1. 查看接口的统计信息
* display interface命令用来查看接口当前运行状态和接口统计信息。
* display counters命令用来查看接口的流量统计计数。
* display counters error命令用来查看错误报文的统计信息。
* display counters rate命令用来查看接口的入方向或出方向流量速率。
* display counters top interface report用来显示接口流量TOP N的统计报告。
* display ip interface命令用来查看接口与IP相关的配置和统计信息,包括接口接收和发送的报文数、字节数和组播报文数,以及接口接收、发送、转发和丢弃的广播报文数。
2. 查看接口的状态
* display interface brief命令用来查看接口状态和配置的简要信息。
* display interface description命令用来查看指定接口的描述信息。
* display interface ethernet brief命令用来查看以太网接口的简要信息。
* display ip interface brief和display ip interface description命令用来查看接口与IP相关的简要信息,包括IP地址、子网掩码、物理链路和协议的Up/Down状态以及处于不同状态的接口数目。
3. 查看光功率和模块型号
* display interface interface-type interface-number查看某光口插入的光模块的信息。
* display transceiver diagnosis interface查看所有光口的收发光功率信息。
* display transceiver diagnosis interface interface-type interface-number查看某光口的收发光功率信息。
#!/bin/bash
dec2ip () {
local ip dec=$@
for e in {3..0}
do
((octet = dec / (256 ** e) ))
((dec -= octet * 256 ** e))
ip+=$delim$octet
delim=.
done
printf '%s\n' "$ip"
}
dec2ip "$@"#!/bin/bash
ip2dec () {
local a b c d ip=$@
IFS=. read -r a b c d <<< "$ip"
printf '%d\n' "$((a * 256 ** 3 + b * 256 ** 2 + c * 256 + d))"
}
ip2dec "$@"dec2ip ()
{
local v=$1
local i1=$((v>>24&255))
local i2=$((v>>16&255))
local i3=$((v>>8&255))
local i4=$((v&255))
printf '%d.%d.%d.%d\n' $i1 $i2 $i3 $i4
}
tohex
echo -n 10.0.14.5 | hexdump -e '/1 "%02x"';
ip2hex
gethostip -x 10.0.14.5
hex2ip
hextoip() { hex=$1; printf "%d." 0x${hex:0:2}; printf "%d." 0x${hex:2:2}; printf "%d." 0x${hex:4:2}; printf "%d" 0x${hex:6:2}; }
Linux Endpunkte
GRETAP
/bin/ip link add 命名 type gretap local 本地IPv4 remote 远程IPv4 ttl 255
/bin/ip link set dev 命名 up
VXLAN
/bin/ip link add 命名 type vxlan local 本地IPv4 remote 远程IPv4 dstport 4789 id 0 ttl 255
/bin/ip link set dev 命名 up
Ethernet over IP
# install
wget https://raw.githubusercontent.com/4b42/4ixp/master/eoip/install.sh -O /tmp/eoip.sh
chmod +x /tmp/eoip.sh
/tmp/eoip.sh
rm -f /tmp/eoip.sh
# config
cat << EOF > /etc/eoip.cfg
[eoip命名]
id=0
dst=远程IPv4
EOF
/usr/local/bin/eoip /etc/eoip.cfg
MikroTik RouterOS Endpunkte
/interface eoip add !keepalive name=命名 local-address=本地IPv4 remote-address=远程IPv4 tunnel-id=0
printf "user:$(openssl passwd -crypt 123456)\n" >>conf/htpasswd
首先, 近些年的版权投诉越来越完善, 以前中文内容基本很少有版权投诉.
从英文到�韩日资源再到中文的资源, 逐渐的中文资源的投诉越来越多, 英文等外语类的投诉相对较少了很多.
因为版权的原因, 一有投诉有的人积极处理有的人装死跑路换一家主机商,反正市面上成群结队的主机供应商可以选, 都是东躲西藏的心态, 长期以往后形成了一种拔屌无情的形态.
常见的一些特征: 大部分技术比较菜知识储备少, 被入侵或者注入只能哭; 还保持着10多年前的只会采集外链模式 ;对于版权投诉部分人呈现出暴躁的状态, 对网络资源开销较大, 类似和次于早期开飞机场的.
经验总结:
总体来说这部分人有一定不错的营收, 喜欢套近乎获取一些技术支持,获取一些优势价格以及对版权投诉宽裕处理, 比较注重所失不注重所得. 不论提供多优势多有利条件都会随时扭头翻脸.
不建议提供太多的技术支持,资源支持等等, 在成本资源和人力资源方面超支的该收钱必须得收, 没有让步的必要.
对于版权投诉该处理就处理不要嫌麻烦, 投诉量大又不处理的完全没有留的必要, 趁早清退免于问题扩大.
- «
- 1
- ...
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- ...
- 63
- »
