½Ã½ºÅÛ°ü¸®ÀÚÀÇ ½°ÅÍ, Ä¿ÇǴнº - ÆÁ, °­Á http://coffeenix.net ½Ã½ºÅÛ°ü¸®ÀÚÀÇ ½°ÅÍ - *NIX, º¸¾È, ³×Æ®¿÷ ¿î¿µ, IT Á¤º¸ ko Çä! php 5.3.9¿¡¼­ error log°¡ UTC ½Ã°£À¸·Î ³²´Â´Ù. http://coffeenix.net/board_view.php?bd_code=1732 ÀÛ¼ºÀÚ : ÁÁÀºÁøÈ£(truefeel, http://coffeenix.net/ )
ÀÛ¼ºÀÏ : 2012.1.31(È­)

1¿ù¿¡ ³ª¿Â php 5.3.9¹öÀü¿¡¼­ error log¸¦ ³²±æ ¶§ UTC±âÁØÀ¸·Î ·Î±×°¡ ³²´Â´Ù.
·Î±× ½Ã°£¿¡ +9½Ã°£( 05:23:29 UTCÀ̶ó¸é 14:23:29 )À» »ìÆìºÁ¾ßÇÑ´Ù´Â °ÍÀº ¿©°£ ºÒÆíÇÑ°Ô ¾Æ´Ï´Ù.

 
[13-Jan-2012 13:51:51] ... »ý·« ... <-- 5.3.8ÀÌÇÏ, 5.2.x ¹öÀü¿¡¼­´Â localtime±âÁØÀ¸·Î Á¤»óÀûÀ¸·Î ³²´Â´Ù.
[13-Jan-2012 05:23:29 UTC] ... »ý·« ... <-- 5.3.9¹öÀüºÎÅÍ UTC±âÁØÀ¸·Î ·Î±×°¡ ³²´Â´Ù.
 




1. ¿Ö UTC±âÁØÀ¸·Î ·Î±×°¡ ³²À»±î

main/main.c ¼Ò½º¸¦ »ìÆìºÃ´õ´Ï error logÀÇ ³¯Â¥Æ÷¸ËÀÌ º¯°æµÇ¾ú´Ù.

1) php 5.3.8 ÀÌÇÏ, 5.2.x¹öÀü (5.3.8¹öÀü¿¡¼­ 588¹ø°ÁÙ)

 
error_time_str = php_format_date("d-M-Y H:i:s", 11, error_time, 1 TSRMLS_CC);
 


2) php 5.3.9, 5.4 ¹öÀü

5.3.9¹öÀü ±âÁØÀ¸·Î 603¹ø°ÁÙÀ» º¸¸é ´ÙÀ½°ú °°ÀÌ µÇ¾î ÀÖ´Ù.

 
error_time_str = php_format_date("d-M-Y H...]]> À¥ ÇÁ·Î±×·¡¹Ö / PHP Tue, 31 Jan 2012 18:24:33 +0900 IBM GPFS ÆÄÀϽýºÅÛ¿¡¼­ sshÆ÷Æ® º¯°æ http://coffeenix.net/board_view.php?bd_code=1731 ÀÛ¼ºÀÚ : ÁÁÀºÁøÈ£(truefeel, http://coffeenix.net/ )
ÀÛ¼ºÀÏ : 2011.11.18(±Ý)
Á¤¸®ÀÏ : 2011.12.5(¿ù)

IBM GPFS´Â Ŭ·¯½ºÅÍ ³ëµå°£¿¡ Åë½ÅÀ» ssh¿Í scp·Î ÇÑ´Ù(rsh, rcp·Îµµ ÇÏÁö¸¸ ºñÃß). º¸¾ÈÀ» À§ÇØ ssh ±âº» Æ÷Æ® 22¸¦ ´Ù¸¥ °ÍÀ¸·Î º¯°æÇÏ·Á¸é ¾î¶»°Ô ÇؾßÇÒ±î?
¸ÕÀú ³ëµå°£¿¡ ¿ø°Ý Åë½Å¿ë ¸í·ÉÀÌ ¾î¶² °ÍÀ¸·Î µÇ¾î ÀÖ´ÂÁö º¸ÀÚ. ssh¿Í scp·Î Åë½ÅÇÏ°í ÀÖ´Â°Ô È®ÀεȴÙ.

 
# mmlscluster

GPFS cluster information
========================
GPFS cluster name: gpfs.node1
GPFS cluster id: 13882347407468541209
GPFS UID domain: gpfs.node1
Remote shell command: /usr/bin/ssh
Remote file copy command: /usr/bin/scp

... »ý·« ...
 





1. ssh Æ÷Æ® º¯°æ

22 ±âº»Æ÷Æ®¸¦ -> 2323 Æ÷Æ®·Î º¯°æÇÑ´Ù°í °¡Á¤Çغ¸ÀÚ.
GPFS°¡ ÇöÀç 22¹ø Æ÷Æ®·Î Åë½ÅÁßÀ̱⠶§¹®¿¡, ¹Ù·Î 2323Æ÷Æ®·Î º¯°æÇؼ­´Â ¾ÈµÈ´Ù. 22¹ø°ú 2323Æ÷Æ®¸¦ 'µ¿½Ã¿¡' »ç¿ë°¡´ÉÇÏ°Ô sshd¸¦ ¼³Á¤...]]> µð½ºÅ© °ü¸® / ÆÄÀϽýºÅÛ / mount Fri, 27 Jan 2012 18:28:31 +0900 IBM GPFS ÆÄÀϽýºÅÛ¿¡¼­ snapshot http://coffeenix.net/board_view.php?bd_code=1730 ÀÛ¼ºÀÏ : 2011.12.29(¸ñ)
ÀÛ¼ºÀÚ : ÁÁÀºÁøÈ£(truefeel, http://coffeenix.net/ )


1. snapshot »ý¼º

 
* Çü½Ä : mmcrsnapshot </dev/µð¹ÙÀ̽º¸í> <½º³À¼¦¸í>
 


ÆÄÀϽýºÅÛ´ç ½º³À¼¦Àº ÃÖ´ë 31°³±îÁö Á¦ÇѵǾî ÀÖ´Ù.

 
# mmcrsnapshot /dev/gpfs1 data1_snap1
Writing dirty data to disk
Quiescing all file system operations
Writing dirty data to disk again
Creating snapshot.
Resuming operations.
#
# mmcrsnapshot /dev/gpfs1 data1_snap1 <-- °°Àº À̸§ÀÌ ÀÌ¹Ì Á¸ÀçÇؼ­ »ý¼ºÀÌ ¾ÈµÈ´Ù.
File exists
Snapshot directory data1_snap1 already exists.
mmcrsnapshot: Command failed. Examine previous error messages to determine cause.
#
# mmcrsnapshot /dev/gpfs1 data1_snap32 <-- ÃÖ´ë 31°³±îÁö Á¦ÇѵǾî ÀÖ´Ù.
Cannot create a new snapshot until an existing one is deleted.
File system "gpfs1" has a limit of 31 online snapshots.
mmcrsnapshot: Command failed. Examine previous error messages to d...]]> µð½ºÅ© °ü¸® / ÆÄÀϽýºÅÛ / mount Fri, 27 Jan 2012 18:27:28 +0900 syslogÀÇ Priority¿Í Facility °ª http://coffeenix.net/board_view.php?bd_code=1729 ÀÛ¼ºÀÚ : ÁÁÀºÁøÈ£(truefeel, http://coffeenix.net/ )
ÀÛ¼ºÀÏ : 2012.1.9(¿ù)

/usr/include/sys/syslog.h (FreeBSD´Â /usr/include/syslog.h)ÆÄÀÏÀ» º¸°í °ªÀ» °è»êÇß´Ù.
·Î±ë ¼³Á¤½Ã ¼ýÀÚ·Î ¼³Á¤ÇؾßÇÒ °æ¿ì¿¡ »ç¿ë

 
/* priorities (these are ordered) */
#define LOG_EMERG 0 /* system is unusable */
#define LOG_ALERT 1 /* action must be taken immediately */
#define LOG_CRIT 2 /* critical conditions */
#define LOG_ERR 3 /* error conditions */
#define LOG_WARNING 4 /* warning conditions */
#define LOG_NOTICE 5 /* normal but significant condition */
#define LOG_INFO 6 /* informational */
#define LOG_DEBUG 7 /* debug-level messages */
 


LOG_EMERG = 0
LOG_ALERT = 1
LOG_CRIT = 2
LOG_ERR = 3
LOG_WARNING = 4
LOG_NOTICE = 5
LOG_INFO = 6
LOG_DEBUG = 7

 
/* facility codes */
#define LOG_KERN (0<<3) /* kern...]]> ·Î±×(log) / syslog Mon, 09 Jan 2012 18:36:06 +0900 ARP cache timeout ±âº»°ª http://coffeenix.net/board_view.php?bd_code=1728 ÀÛ¼ºÀÚ : ÁÁÀºÁøÈ£(truefeel, http://coffeenix.net/ )
ÀÛ¼ºÀÏ : 2011.12.27(È­)

1. Linux : 60ÃÊ

 
# cat /proc/sys/net/ipv4/neigh/eth0/gc_stale_time
60
 


2. FreeBSD : 20ºÐ(1200ÃÊ)

 
# sysctl net.link.ether.inet.max_age
net.link.ether.inet.max_age: 1200
 

]]> ½Ã½ºÅÛ °ü¸® / ¼­¹ö¿î¿µ Tue, 27 Dec 2011 18:36:19 +0900 MRTG¿¡¼­ 2°³È¸¼±À» ÇϳªÀÇ ±×·¡ÇÁ·Î http://coffeenix.net/board_view.php?bd_code=1727 ÀÛ¼ºÀÏ : 2011.11.28(¿ù)
ÀÛ¼ºÀÚ : ÁÁÀºÁøÈ£(truefeel, http://coffeenix.net/ )


¾ó¸¶Àü¿¡ Ä¿ÇǴм­ºÐµéÀÇ À̾߱Ⱑ ³ª¿Í¼­ °£´ÜÈ÷ Á¤¸®ÇÑ´Ù.

2°³ÀÇ È¸¼±ÀÌ trunk·Î ¹­¿© ÀÖÀ» °æ¿ì À̸¦ ÇϳªÀÇ MRTG·Î Ç¥½ÃÇϱ⸦ ¿øÇÑ´Ù.
Áï, 1¹øÆ÷Æ® MRTG, 2¹øÆ÷Æ® MRTG ¿Ü¿¡ 1+2¹øÆ÷Æ® MRTG±îÁö 3°³ÀÇ ±×·¡ÇÁ¸¦ ±×¸®°í ½Í´Ù.
RRD·Î ±×¸®¸é ¿øÇÏ´Â ´ë·Î ½±°Ô µÇ°ÚÁö¸¸, MRTG·Î ±×¸®°í ½Í´Ù¸é Multi TargetÀ» ¼³Á¤ÇÏ¸é µÈ´Ù.

±âÁ¸ MRTG ¼³Á¤ ÆÄÀÏ¿¡´Â °¢°¢ ´ÙÀ½°ú °°Àº ÇüÅ·Πµé¾î°¡ ÀÖÀ» °ÍÀÌ´Ù.

1) 1¹ø Æ÷Æ®¿ë MRTG ¼³Á¤
Target[myrouter]: 1:public@10.0.0.1
2) 2¹ø Æ÷Æ®¿ë MRTG ¼³Á¤
Target[myrouter]: 2:public@10.0.0.1

¿©±â¿¡ ´ÙÀ½°ú °°Àº 1¹ø+2¹ø Æ÷Æ®¿ë MRTG ¼³Á¤ ÆÄÀÏÀ» ¸¸µé¾îÁÖ¸é µÈ´Ù. +±âÈ£¸¸ Çϳª ³ÖÀ¸¸é OK.

 
Target[myrouter]: 1:public@10.0.0.1 + 2:public@10.0.0.1
 


(¿¹) 1¹ø Æ÷Æ® MRTG (±×·¡ÇÁ¸¦ ÀϺΠ¼öÁ¤ÇÔ)


(¿¹) 2¹ø Æ÷Æ® MRTG


(¿¹) 1...]]> ³×Æ®¿öÅ©(network) Tue, 06 Dec 2011 19:11:46 +0900 OSº° ZFS ¹öÀü http://coffeenix.net/board_view.php?bd_code=1726 ÀÛ¼ºÀÚ : ÁÁÀºÁøÈ£(truefeel, http://coffeenix.net/ )
ÀÛ¼ºÀÏ : 2011.10.10(¿ù)


1. FreeBSD °¢ ¹öÀüº° ZFS

7.0+ : original ZFS import, ZFS v6; requires significant tuning for stable operation (no longer supported)
7.2 : still ZFS v6, improved memory handling, amd64 may need no memory tuning (no longer supported)
7.3+ : backport of new ZFS v13 code, similar to the 8.0 code
8.0 : new ZFS v13 code, lots of bug fixes - recommended over all past versions. (no longer supported)
8.1+ : ZFS v14
8.2+ : ZFS v15
9.0+ : ZFS v28


2. ZFS¹öÀüº° OS

10 - Supported by Solaris 10 U7
14 - Supported by OpenSolaris 2009.06, FreeBSD 8.1
15 - Supported by Solaris 10 10/09 (U8), FreeBSD 8.2
17 - Triple Parity RAID-Z
19 - Supported by Solaris 10 09/10
21 - Deduplication
22 - Solaris 10 9/10 (U9)
28 - FreeBSD 9.0, OpenIndiana/Illumos, ZFSOnLinux, ZFS-FUSE
30 - Encryption support, - not compatible with open implementations, only in clos...]]> µð½ºÅ© °ü¸® / ÆÄÀϽýºÅÛ / mount Mon, 10 Oct 2011 17:36:10 +0900 pam_geoip¸¦ È°¿ëÇÑ sshd ¼³Á¤ http://coffeenix.net/board_view.php?bd_code=1725 - ÀÛ¼ºÀÚ : ±èÇõÁß(Ƽ´Ï) [sky #at# tini4u.net]
- ÀÛ¼ºÀÏ : 2011-08-22
- »çÀÌÆ® : http://linux.tini4u.net/
- ¿øÁ¦¸ñ : pam_geoip¸¦ È°¿ëÇÑ sshd ¼³Á¤
- ȯ¡¡°æ : CentOS 5.6
- Å°¿öµå : pam_geoip, geoip, pam, sshd
--------------------------------------------------------------------------------------

ÀÌ ¹®¼­¿¡¼­´Â MaxMindÀÇ GeoIP µ¥ÀÌÅÍ¿Í pam ¸ðµâÀÇ ¿¬µ¿ ¹æ¹ýÀ» ´Ù·çµµ·Ï ÇÏ°Ú½À´Ï´Ù.

ÀÌ¹Ì ¿Â¶óÀÎ»ó¿¡ GeoIP DB¸¦ È°¿ëÇÏ´Â ¹æ¹ýÀº ¸¹ÀÌ Á¸ÀçÇÕ´Ï´Ù.
Apache, Nginx, PHP, iptables ±âŸ µîµî..
ÀÌ·± ¹æ¹ýÁß¿¡ ÇÑ°¡Áö·Î PAM ¸ðµâ°ú ¿¬µ¿ÇÏ¿© È°¿ëÇÏ´Â ¹æ¹ýÀ» ¾Ë¾Æº¸µµ·Ï ÇÏ°Ú½À´Ï´Ù.

1. GeoIP C API ¼³Ä¡ [ÃֽŹöÀü: http://www.maxmind.com/app/c]
c ¾ð¾î·Î Á¦ÀÛµÈ ¸ðµâµéÀ» ºôµåÇϱâ À§Çؼ­´Â MaxMind¿¡¼­ Á¦°øÇÏ´Â GeoIP C API°¡ ÇÊ¿äÇÕ´Ï´Ù.
 [root@localhost]# wget http://geolite.maxmind.com/download/geoip/api/c/GeoIP-1.4.8.tar.gz
[root@localhost]# tar xfz GeoIP-1.4.8.tar.gz; cd GeoIP-1.4.8
[root@localhost]# ./conf...]]> ssh / telnet Mon, 22 Aug 2011 18:39:46 +0900 MegaRAID¿ë Megacli ¸í·É »ç¿ëÇϱâ http://coffeenix.net/board_view.php?bd_code=1724 ÀÛ¼ºÀÚ : ÁÁÀºÁøÈ£(truefeel, http://coffeenix.net/ )
ÀÛ¼ºÀÏ : 2011.8.8(¿ù)

Dell¼­¹ö¿¡¼­´Â LSIÀÇ MegaRAID¸¦ »ç¿ëÇÑ´Ù. MegaCLI¸í·ÉÀ» »ç¿ëÇϸé, RAID±¸¼º ¹× µð½ºÅ© Á¤º¸¸¦ ½±°Ô ¾òÀ» ¼ö ÀÖ´Ù.


1. MegaCLI ¼³Ä¡

¸®´ª½º´Â LSI»çÀÌÆ®¿¡¼­ ¹Þ¾Æ ¼³Ä¡ÇÑ´Ù.
- http://www.lsi.com/search/pages/default.aspx -> Product¿¡¼­ RAID Controllers ¼±ÅÃ, OS¿¡¼­ Linux ¼±ÅÃ
FreeBSD´Â /usr/ports/sysutils/megacli/ ¿¡¼­ port ¼³Ä¡ÇÏ¸é µÈ´Ù.


2. MegaCLI ¸í·ÉÀ¸·Î Á¤º¸ ¾ò±â

1) ¹°¸®Àû µð½ºÅ©(Physical Drive, PD) Á¤º¸
./MegaCli -PDList -aALL

 
... »ý·« ...
Enclosure Device ID: 32
Slot Number: 3
Enclosure position: 0
Device Id: 3
Sequence Number: 2 <-- slot ¹øÈ£
Media Error Count: 0
Other Error Count: 0
Predictive Failure Count: 0
Last Predictive Failure Event Seq Number: 0
PD Type: SAS
Raw Size: 136.732 GB [0x11177328 Sectors]
... »ý·« ...
Inquiry Data: SEAGATE ST914685...]]> ½Ã½ºÅÛ °ü¸® / ¼­¹ö¿î¿µ Wed, 10 Aug 2011 19:16:22 +0900 iptables¿¡¼­ ƯÁ¤ ½Ã°£ ÈÄ ruleÀ» ÀÚµ¿ »èÁ¦ÇÏ´Â ¹æ¹ý http://coffeenix.net/board_view.php?bd_code=1722 ÀÛ¼ºÀÚ : ÁÁÀºÁøÈ£(truefeel, http://coffeenix.net/ )
ÀÛ¼ºÀÏ : 2011.6.14(È­)


¸®´ª½º iptables¿¡¼­ ƯÁ¤ ½Ã°£ÀÌ Áö³ª¸é ruleÀ» ÀÚµ¿À¸·Î »èÁ¦(expire)½ÃÅ°´Â ¹æ¹ýÀ» ã¾ÆºÃ´Ù.
À̸¦Å׸é ƯÁ¤ IP¸¦ 30ºÐ°£¸¸ ¶Ç´Â ÇϷ絿¾È¸¸ Â÷´Ü½ÃÅ°°í DROP¿¡¼­ »©°í ½Í´Ù¸é ¾î¶»°Ô ÇؾßÇÒ±î.

serverfault( http://serverfault.com/ )¿¡¼­ ´ë´ÜÇÑ ²Ç¼ö¸¦ ¹ß°ßÇß´Ù.

How to make iptables rules expire?
http://serverfault.com/questions/273324/how-to-make-iptables-rules-expire


1. at ¸í·ÉÀ» ÀÌ¿ëÇؼ­

at´Â cronó·³ ƯÁ¤ ½Ã°£¿¡ ÀÛ¾÷À» ½ÇÇàÇÒ ¼ö ÀÖ´Ù.

 
iptables -I INPUT -s 192.168.123.100 -j DROP
echo "iptables -D INPUT -s 192.168.123.100 -j DROP" | at @10pm
 


·êÀ» óÀ½ »ý¼ºÇÒ ¶§, 2°³ ¸í·ÉÀ» µ¿½Ã¿¡ ½ÇÇà½ÃŲ´Ù.
Çϳª´Â -I(Insert) ¶Ç´Â -A(Append)·Î iptables¿¡ ·êÀ» »ý¼ºÇÏ´Â °ÍÀÌ°í,
´Ù¸¥ Çϳª´Â -D(Delete)·Î ÁöÁ¤ ½Ã°£À̳ª ½Ã°£°£°ÝÀ» ÁöÁ¤Çؼ­ ÀÚµ¿À¸·Î »èÁ¦µÇµµ·Ï at¸í·ÉÀ» ½ÇÇà½ÃÄѵδ °ÍÀÌ´Ù. at¸í·ÉÀº Æøź ŸÀ̸Ӱ¡ ...]]> º¸¾È(security) Mon, 20 Jun 2011 18:34:53 +0900