Question: How to turn on scsi extended debug messages? What are the field/flag definitions of scsi_logging_level?Additional scsi logging messages can be enabled by writing to /proc/sys/dev/scsi/logging_level either via use of the echo or preferably the sysctl command. The kernel parameter consists of ten packed fields, each 3 bits in length. Each field can have a value of 0 to 7. The higher the field’s value, the more verbose the logging of messages associated with that field type.NOTE: Turning on high levels of extended logging and/or multiple types of extended logging can slow down system performance, especially during boot and shutdown. Unless needed, avoid turning on scsi logging during boot up.Run Time1. Enable :# sysctl -q -w dev.scsi.logging_level=[N]or# echo [N] > /proc/sys/dev/scsi/logging_levelWhere N specifies which fields to enable and at what level of verbosity.2. Disable:# sysctl -q -w dev.scsi.logging_level=0or# echo 0 > /p...

What is Chronyd ServiceIn CentOS/RHEL 7 and 8, the operating system’s time is set on every boot based on the hardware clock, which is a small-battery driven clock located on the motherboard of your computer. Often, this clock is too inaccurate or has not been set right, therefore it’s better to get your system time from a reliable source over the Internet (that uses real atomic time). The chrony daemon, chronyd, sets and maintains system time through a process of synchronization with a remote server using the NTP protocol for communication.In this post, we will learn to enable debug mode for chronyd service, which comes in very handy while troubleshooting any chronyd related issues. The configuration file used by chronyd service is /etc/sysconfig/chronyd.1. Edit the configuration file /etc/sysconfig/chronyd as a root user:# vi /etc/sysconfig/chronyd2. Add or Modify below line.OPTIONS="-dd"3. Copy /lib/systemd/system/chronyd.service to /etc/sys...

Configure Squid as HTTP and HTTPS Transparent ProxyLinux, Squid Proxyby adminThese days, it is really important to have proxy server to analyze web traffic of the organization. Among proxy servers, the Squid is very famous, because of it’s flexibility and easy of configuration. Squid can be operated at non-transparent and transparent mode which is going to discuss here. Main benefit of transparent mode is, clients are not aware that their requests are processed through the proxy. Simply there is no configuration at client side. So let’s look at how to configure Squid as HTTP and HTTPS Transparent Proxy Before begin please adjust the ip and other configuration as per your requirement. Below values are used only for demonstration.Internet –> ethointerface IP :- 192.168.2.39/24 Gateway:- 192.168.2.1LAN –> eth1interface IP :- 192.168.231.126/24  Gateway:- 0.0.0.0 If you have single interface no need to worry. you can create virtual interface wh...

   nginx使用 TCP代理sftp,实现访问目录文件 本文章向大家介绍nginx代理sftp，主要包括nginx代理sftp使用实例、应用技巧、基本知识点总结和需要注意事项，具有一定的参考价值，需要的朋友可以参考一下。 最近需要使用一个sftp协议的代理服务器，查了一下nginx1.9之后已经支持了，尝试一下： The ngx_stream_core_module module is available since version 1.9.0. This module is not built by default, it should be enabled with the --with-stream configuration parameter. nginx从1.9.0版本开始，新增了ngx_stream_core_module模块。默认编译的时候该模块并未编译进去，需要编译的时候添加--with-stream，使其支持stream代理。 [root@baseline opt]# / http:---- ::-- http:正在解析主机 nginx.org (nginx.org)... :1af8::a004:::e3, ., .|:1af8::a004:::e3|: (890K) [application/octet--..%[================================================================================================================================>] , 357KB/s 用...

环境 OS: Centos6-x86_64 Nginx: 1.12.1 编译安装Nginx 从1.9.0开始，nginx就支持对TCP的转发，而到了1.9.13时，UDP转发也支持了。提供此功能的模块为ngx_stream_core。不过Nginx默认没有开启此模块，所以需要手动安装。 cd /usr/local/src wget http://nginx.org/download/nginx-1.12.1.tar.gz tar zxf nginx-1.12.1.tar.gz cd nginx-1.12.1 ./configure --prefix=/usr/local/nginx --with-stream --without-http make && make install Note：由于是传输层转发，本着最小化原则，就关闭了http功能。 配置Nginx TCP转发 目标：通过3000端口访问本机Mysql(其中mysq...

Socks5服务一键搭建脚本 稳定版V1.1.8介绍一个Shell脚本，集成socks5搭建，管理，启动，添加账号等基本操作。基于socks5官方的辅助脚本，方便用户操作，并且支持快速构建socks5服务环境。脚本只提供学习交流，请在法律允许范围内使用！！！！系统支持CentOS 6.xCentOS 7.x谷歌云部分系统问题请看更新日志功能全自动无人值守安装，服务端部署只需一条命令）一键开启、关闭ss5服务添加账户，删除用户，开启账户验证，关闭账户验证，一键修改端口支持傻瓜式用户添加，小白也可以用自动修改防火墙规则输入 s5 即可启动控制面板一键安装或更新到最新wget -q -N --no-check-certificate https://raw.githubusercontent.com/wyx176/Socks5/master/install.sh && bash install.sh相关文件路径1.端口文件/etc/sysconfig/ss52.访问授权配置文件/etc/opt/ss5/ss5.conf3.用户账号信息文件/etc/opt/ss5/ss5.passwd4.部分文件修改后需要重启ss5重启命令:service ss5 restart更新日志-2019.05.19 v1.1.81.增加自动关闭防火墙2.修复centos6下启动s5服务时异常提示3.优化控制面板,选择更新时可以看到更新的内容-2019.05.12 v1.1.71.优化控制面...

Hi All,We are pleased to announce the release of Comodo Internet Security 2020 v12.2.2.7036.Here are the details:Online Setup Details:Comodo Internet Security Premiumhttp://download.comodo.com/cis/download/installs/1000/partners/cispremium_installer.exeSize: 4.78 MB (5,020,536 bytes)MD5: e40d8cb2bc789f96b855432b597ce22aSHA1: 90c2577e94cb2b1556abd50baebd52f0b4605bf6Comodo Antivirushttp://download.comodo.com/cis/download/installs/2000/partners/cav_installer.exeSize: 4.78 MB (5,020,544 bytes)MD5: c38447813fa58fc72995a9ddbdc63828SHA1: 20b8637365fc6d25b89a7d6e3cded050c2213c4bComodo Firewallhttp://download.comodo.com/cis/download/installs/2000/partners/cmd_fw_installer.exeSize: 4.78 MB (5,020,536 bytes)MD5: d6ac13d92c620cd65aa26679c8c1c88aSHA1: 4ddbcc0d12db905988fb35fcdd757a212ee32347__Offline Setup Details:Comodo Internet Security Premiumhttp://download.comodo.com/cis/download/installs/1000/standalone/cispremium_only_installer.exeSize: 80.9 MB (84,903,920 bytes)MD5: b319a61c88f9b85f7b7680e...

搭建ceph集群所有节点关闭firewall和selinuxsystemctl stop firewalld systemctl disable firewalld setenforce 0 vim /etc/selimux/config selinux=disabled添加国内ceph源cat >/etc/yum.repos.d/ceph.repo<<EOF [ceph] name=ceph baseurl=http://mirrors.aliyun.com/ceph/rpm-luminous/el7/x86_64/ gpgcheck=0 priority=1 [ceph-noarch] name=cephnoarch baseurl=http://mirrors.aliyun.com/ceph/rpm-luminous/el7/noarch/ gpgcheck=0 priority=1 [ceph-source] name=Ceph source packages baseurl=http://mirrors.aliyun.com/ceph/rpm-luminous/el7/SRPMS enabled=0 gpgcheck=1 type=rpm-md gpgkey=http://mirrors.aliyun.com/ceph/keys/release.asc priority=1 EOF yum makecache在每一个node节点执行useradd ceph-admin echo 'ceph-admin' | passwd --stdin ceph-admin echo "ceph-admin ALL = (root) NOPASSWD:ALL" > /etc/sudoers.d/ceph-admin chmod 0440 /etc/sudoers.d/ceph-admin #配置sshd可以使用password登录 sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config...

windows 2K server安装绿色版JDK与tomcat,并打包发布平时安装tomcat时，需要下载jdk安装包，我这里直接使用绿色版，不用安装。就可使用JDK与tomcat.可以先下载JTM，安装后，将jdk与tomcat目录提取出来。当然 也可以自行下载windows 版本的tomcat8与JDK安装包，然后将JDK安装好。然后将JTM的jdk目录或是自行安装的JDK目录复制到tomcat中然后再到 tomcat/bin目录中，将service.bat 中添加JDK环境变量set JAVA_HOME=H:\tomcat8\jdkset JRE_HOME=H:\tomcat8\jdk\jre在startup.bat中添加环境变量，可以使用相对路径。set JAVA_HOME=..\jdkset JRE_HOME=..\jdk\jre再使用管理员权限打开CMD或是PowerShell, 切换到tomcat/bin目录下。执行 service.bat install ,将 tomcat 安装包自动启动服务中。具体如下图，注意要有JDK环境，不能空，不然没法打开服务。正常安装后， 服务 中查看会有tomcat8 ，点启动后能正常启动。访问本机8080端口正常。

apache tomcat慢速HTTP拒绝服务攻击安全问题解决办法问题说明：HTTP协议的设计要求服务器在处理之前完全接收到请求。如果HTTP请求未完成，或者传输速率非常低，则服务器将保持其资源占用等待剩余的数据。如果服务器占用的资源太多，则会造成拒绝服务。漏洞危害：一台机器可在对自身带宽、无关服务和端口影响较小的情况下大量占用另一台机器的服务器资源，导致受害服务器拒绝服务。解决方案：1.修改配置文件server.xml，设置connectiontimeout值，默认为20000ms，修改为8000ms；此方案修改之前，请将tomcat升级到最新版本2.如果使用了jquery，设置ajax的请求超时时间。设置AJAX的全局timeout时间（默认为30000ms） $.ajaxSetup({timeout:8000});使用jQuery的$.ajaxSetup方法可以设置AJAX请求的默认参数选项，当程序中需要发起多个AJAX请求时，则不用再为每一个请求配置请求的参数。需要注意的是用$.ajaxSetup函数所设置的默认值不会应用到load()命令上。对于实用工具函数，如$.get()和$.post()，其HTTP方法不会因为使用这些默认值而被覆盖。设置GET的默认类型不会导致$.post()使用HTTP的GET方法。 3.如果使用了数据库连接池，则设置适当的超时时间。例如： < Con...