virbr0 Link encap:Ethernet HWaddr 00:00:00:00:00:00 inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0 inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:39 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:7921 (7.7 KiB)
[Apache] CustomLog ¼³Á¤
- (%t)
- [10/Oct/2000:13:55:36 -0700]
- (%h)
- 127.0.0.1
- (%{SSL_PROTOCOL}x
- TLSv1.2
- %{SSL_CIPHER}x
- ECDHE-RSA-AES128-GCM-SHA256
- (
\"%r\"
) - "GET /apache_pb.gif HTTP/1.1"
- (%b)
- 2326
- (0/424895)
- %T
- 0
- %D
- 424895
- ¼³Ä¡ Áغñ
- download : https://dev.mysql.com/downloads/mysql/5.7.html#downloads
- Select Platform¿¡¼ Linux-Generic ¼±ÅÃ
- 'Linux - Generic (glibc 2.5) (x86, 64-bit), TAR ' download
- ¼³Ä¡
- °èÁ¤»ý¼º
- useradd -r mysql -U
- ¼³Ä¡ÆÄÀÏ
- tar -xvf mysql-5.7.17-linux-glibc2.5-x86_64.tar
- tar -zxvf mysql-5.7.17-linux-glibc2.5-x86_64.tar.gz
- mv mysql-5.7.17-linux-glibc2.5-x86_64 mysql-5.7.17
- cp mysql-5.7.17/mysql.server /etc/init.d/mysqld
- chmod 755 /etc/init.d/mysqld
- vi /etc/init.d/mysqld
- Config File »ý¼º
- mkdir conf
- cp support-files/my-default.cnf /etc/my.cnf
- vi /etc/my.cnf
- Service ½ÇÇà
- service mysqld start
º¸Åë Request / Response / Error °ü·Ã ·Î±×¼³Á¤À» ÇÒ¶§ Log parameter
CustomLog "| /usr/local/sbin/cronolog ./ssl_request.log.%Y%m%d" \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b %T/%D" |
Common Log Çü½ÄÀº ´ÙÀ½°ú °°´Ù.
day = ¼ýÀÚ 2°³ month = ¼ýÀÚ 3°³ year = ¼ýÀÚ 4°³ hour = ¼ýÀÚ 2°³ minute = ¼ýÀÚ 2°³ second = ¼ýÀÚ 2°³ zone = (`+' | `-') ¼ýÀÚ 4°³ ·Î±× Çü½Ä¹®ÀÚ¿¿¡ %{format}t¸¦ »ç¿ëÇÏ¿© ´Ù¸¥ Çü½ÄÀ¸·Î ½Ã°£À» Ãâ·ÂÇÒ ¼ö ÀÖ´Ù |
¼¹ö¿¡ ¿äûÀ» ÇÑ Å¬¶óÀ̾ðÆ®(¿ø°Ý È£½ºÆ®)ÀÇ IP ÁÖ¼ÒÀÌ´Ù. |
SSL ¼³Á¤¿¡¼ »ç¿ëÇÏ´Â Protocol version |
SSL¿¡¼ »ç¿ëÇÏ´Â ¾ÏÈ£È ¾Ë°í¸®Áò |
Ŭ¶óÀ̾ðÆ®ÀÇ ¿äûÁÙÀÌ ½Öµû¿ÈÇ¥·Î ¹¿©ÀÖ´Ù. ¿äûÁÙÀº ¸Å¿ì À¯¿ëÇÑ Á¤º¸¸¦ ´ã°í ÀÖ´Ù. ù°, Ŭ¶óÀ̾ðÆ®°¡ »ç¿ëÇÑ ¸Þ½áµå´Â |
¸¶Áö¸· Ç׸ñÀº ÀÀ´ä Çì´õ¸¦ Á¦¿ÜÇÏ°í Ŭ¶óÀ̾ðÆ®¿¡°Ô º¸³»´Â ³»¿ëÀÇ Å©±â¸¦ ³ªÅ¸³½´Ù. Ŭ¶óÀ̾ðÆ®¿¡°Ô º¸³»´Â ³»¿ëÀÌ ¾ø´Ù¸é ÀÌ °ªÀº " |
%T: The time taken to serve the request, in seconds. ¿äûÀ» ó¸®Çϴµ¥ °É¸° ½Ã°£ (ÃÊ) |
%D: The time taken to serve the request, in microseconds. ¿äûÀ» ó¸®Çϴµ¥ °É¸° ½Ã°£(¸¶ÀÌÅ©·ÎÃÊ) |
¼¼»óÀ» ³Ð°í, ¿ÀǼҽº¿¡ ¾Ë¾Æ¾ß ÇÒ ³»¿ëµµ ¸¹´Ù.. ¤¾¤¾¤¾
·Î±×Æ÷¸Ë¿¡¼ »ç¿ëÇÏ´Â Æ÷¸ËÀº ´ÙÀ½°ú °°½À´Ï´Ù :
Æ÷¸Ë | ÀÇ¹Ì |
%a | ¿ø°ÝÁö IP ÁÖ¼Ò |
%A | ·ÎÄÃ IP ÁÖ¼Ò |
%B | HTTP Çì´õ¸¦ Á¦¿ÜÇÏ°í Àü¼ÛµÈ ¹ÙÀÌÆ® |
%b | HTTP Çì´õ¸¦ Á¦¿ÜÇÏ°í Àü¼ÛµÈ ¹ÙÀÌÆ®. CLF Æ÷¸Ë¿¡¼´Â , Àü¼ÛµÈ °ÍÀÌ ¾øÀ» °æ¿ì 0 À¸·Î Ç¥½ÃÇϱ⠺¸´Ù´Â ¡®-¡® ·Î Ç¥½ÃÇÑ´Ù. |
%{FOOBAR}e | ¼¹ö¿¡ ÀÇÇØ ÁöÁ¤µÈ ȯ°æº¯¼ö |
%f | ÆÄÀÏ À̸§ |
%h | ¿ø°ÝÁö È£½ºÆ® |
%H | ¿äûÇÑ ÇÁ·ÎÅäÄÝ |
%{Foobar}i | Foobar ÀÇ ³»¿ë: Ŭ¶óÀ̾ðÆ®¿¡¼ ¼¹ö·Î ¿äûµÈ Çì´õ¶óÀÎÀ¸·Î ¿¹¸¦ µéÀÚ¸é, Referer Çì´õÀÏ °æ¿ì %{Referer}i ·Î »ç¿ëµÇ¾î Áø´Ù. |
%l | ¿ø°ÝÁö »ç¿ëÀÚÀ̸§ (ÀÌ°ÍÀÌ »ç¿ëµÇ¾î Áö±â À§Çؼ´Â IdentityCheck °¡ ¹Ýµå½Ã enable µÇ¾îÁ® ÀÖ¾î¾ß ÇÑ´Ù) |
%m | ¿äû¹æ½Ä |
%{Foobar}o | ¼¹ö¿¡¼ ÀÀ´äµÇ¾î Áö´Â HTTP Çì´õ. ¿¹¸¦µé¸é : %{Content-Type}o, %{Last-Modified}o |
%p | ¿äûÀ» ó¸®ÇÏ´Â ¼¹öÀÇ ÂüÁ¶ÀûÀÎ Æ÷Æ® |
%P | Çö ¿äûÀ» ó¸®ÇÏ°í ÀÖ´Â ¾ÆÆÄÄ¡ ÀÚ½Ä ÇÁ·Î¼¼¼ÀÇ ÇÁ·Î¼¼½º ID |
%q | Äõ¸® ¹®ÀÚ¿ (Äõ¸®°¡ ÀÖÀ» °æ¿ì ¡°?¡± µÚ·Î Äõ¸®¹®ÀÌ Æ÷ÇÔµÇ¸ç ±×·¸Áö ¾ÊÀ» °æ¿ì °ø¹éÀ¸·Î 󸮵ȴÙ) |
%r | HTTP ¸Þ¼Òµå¸¦ Æ÷ÇÔÇÑ ¿äûÀÇ Ã¹ ¶óÀÎ |
%s | HTTP »óÅÂÄÚµå. ¸¸¾à Ŭ¶óÀ̾ðÆ®ÀÇ ¿äûÀÌ ³»ºÎÀûÀÎ ¸®´ÙÀÌ·ºÆ®¸¦ ¹ß»ý½ÃÄ×À» °æ¿ì %s ´Â Ãʱ⠿äûÀÇ »óÅÂÄڵ带 %>s ´Â ÃÖÁ¾»óÅ Äڵ带 Æ÷ÇÔÇÏ°Ô µÈ´Ù. ÀϹÝÀûÀ¸·Î, %s ÀÇ »ç¿ë º¸´Ù´Â %>s °¡ À¯¿ëÇÏ´Ù. |
%t | ¿äûÇÑ ½Ã°£°ú ³¯Â¥ (standard english format) |
%{format}t | strftime() function À» ÀÌ¿ëÇÑ Æ÷¸ËÇü½Ä¿¡ µû¸¥ ½Ã°£ [Day/Month/Year:Hours:Minutes:Seconds Time Zone] |
%T | ¿äûÀ» ó¸®Çϴµ¥ °É¸° ½Ã°£ (ÃÊ) |
%u | ÀÎÁõÀÌ ¿äûµÈ ¿ø°Ý »ç¿ëÀÚ À̸§ |
%U | ¿äûµÈ URL |
%v | ¿äûÀ» ó¸®ÇÏ´Â ¼¹öÀÇ ÂüÁ¶ÀûÀÎ ¼¹ö À̸§ |
%V | UseCanonicalName ¼³Á¤¿¡ µû¸¥ ¼¹ö À̸§ |
wget http://cronolog.org/download/cronolog-1.6.2.tar.gz
¸µÅ©°¡ ²÷¾îÁ®¼ ÷ºÎÇÔ.
Tomcat ¿¡¼ Http Access Log¸¦ ³²±â´Â ¹æ¹ý
$CATALINA_HOME/conf/server.xml ÆÄÀÏ ³»¿ë Áß ¾Æ·¡ ºÎºÐÀÇ ÁÖ¼®À» Á¦°ÅÇϽŠÈÄ
´ÙÀ½°ú °°ÀÌ Æ÷¸ËÀ» º¯°æÇÏ°í.
TomcatÀ» Àç ½ÃÀÛÇÏ½Ã¸é µË´Ï´Ù
[ server.xml ]
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="/ccdata/logs/app/cc_drive" prefix="drive_access_log." suffix="" pattern="%t %h "%r" %s %b %D" /> |
[ options ]
•%a - Remote IP address
•%A - Local IP address
•%b - Bytes sent, excluding HTTP headers, or '-' if zero
•%B - Bytes sent, excluding HTTP headers
•%h - Remote host name (or IP address if resolveHosts is false)
•%H - Request protocol
•%l - Remote logical username from identd (always returns '-')
•%m - Request method (GET, POST, etc.)
•%p - Local port on which this request was received
•%q - Query string (prepended with a '?' if it exists)
•%r - First line of the request (method and request URI)
•%s - HTTP status code of the response
•%S - User session ID
•%t - Date and time, in Common Log Format
•%u - Remote user that was authenticated (if any), else '-'
•%U - Requested URL path
•%v - Local server name
•%D - Time taken to process the request, in millis
•%T - Time taken to process the request, in seconds
•%I - current request thread name (can compare later with stacktraces)
TCP flag(URG, ACK, PSH, RST, SYN, FIN)
TCP(Transmission Control Protocol)´Â 3-WAY Handshake ¹æ½ÄÀ» ÅëÇØ µÎ ÁöÁ¡ °£¿¡ ¼¼¼ÇÀ» ¿¬°áÇÏ¿© Åë½ÅÀ» ½ÃÀÛ ÇÏ°í 4-WAY Handshake¸¦ ÅëÇØ ¼¼¼ÇÀ» Á¾·áÇÏ¿© Åë½ÅÀ» Á¾·á ÇÕ´Ï´Ù.
ÀÌ·¯ÇÑ ¼¼¼Ç¿¬°á°ú ÇØÁ¦ ÀÌ¿Ü¿¡µµ µ¥ÀÌÅ͸¦ Àü¼ÛÇϰųª °ÅºÎ, ¼¼¼Ç Á¾·á °°Àº ±â´ÉÀÌ ÆÐŶÀÇ FLAG °ª¿¡ µû¶ó ´Þ¶óÁö°Ô µÇ´Âµ¥, TCP FLAG´Â ±âº»ÀûÀ¸·Î 6 °¡Áö·Î ±¸¼ºµË´Ï´Ù.
FLAG ¼ø¼
+-----+-----+-----+----+-----+----+
| URG | ACK | PSH | RST | SYN | FIN |
+-----+-----+-----+----+-----+----+
°¢°¢ 1ºñÆ®·Î TCP ¼¼±×¸ÕÆ® ÇÊµå ¾È¿¡ cONTROL BIT ¶Ç´Â FLAG BIT ·Î Á¤ÀÇ µÇ¾î ÀÖ´Ù.
SYN(Synchronization:µ¿±âÈ) - S : ¿¬°á ¿äû Ç÷¡±×
TCP ¿¡¼ ¼¼¼ÇÀ» ¼º¸³ÇÒ ¶§ °¡Àå¸ÕÀú º¸³»´Â ÆÐŶ, ½ÃÄö½º ¹øÈ£¸¦ ÀÓÀÇÀûÀ¸·Î ¼³Á¤ÇÏ¿© ¼¼¼ÇÀ» ¿¬°áÇÏ´Â µ¥¿¡ »ç¿ëµÇ¸ç Ãʱ⿡ ½ÃÄö½º ¹øÈ£¸¦ º¸³»°Ô µÈ´Ù.
ACK(Acknowledgement) - Ack : ÀÀ´ä
»ó´ë¹æÀ¸·ÎºÎÅÍ ÆÐŶÀ» ¹Þ¾Ò´Ù´Â °É ¾Ë·ÁÁÖ´Â ÆÐŶ, ´Ù¸¥ Ç÷¡±×¿Í °°ÀÌ Ãâ·ÂµÇ´Â °æ¿ìµµ ÀÖ½À´Ï´Ù.
¹Þ´Â »ç¶÷ÀÌ º¸³½ »ç¶÷ ½ÃÄö½º ¹øÈ£¿¡ TCP °èÃþ¿¡¼ ±æÀÌ ¶Ç´Â µ¥ÀÌÅÍ ¾çÀ» ´õÇÑ °Í°ú °°Àº ACK¸¦ º¸³À´Ï´Ù.(ÀϹÝÀûÀ¸·Î +1 ÇÏ¿© º¸³¿) ACK ÀÀ´äÀ» ÅëÇØ º¸³½ ÆÐŶ¿¡ ´ëÇÑ ¼º°ø, ½ÇÆи¦ ÆÇ´ÜÇÏ¿© ÀçÀü¼Û Çϰųª ´ÙÀ½ ÆÐŶÀ» Àü¼ÛÇÑ´Ù.
RST(Reset) - R : Á¦ ¿¬°á Á¾·á
Àç¼³Á¤(Reset)À» ÇÏ´Â °úÁ¤ÀÌ¸ç ¾ç¹æÇâ¿¡¼ µ¿½Ã¿¡ ÀϾ´Â Áß´Ü ÀÛ¾÷ÀÌ´Ù. ºñ Á¤»óÀûÀÎ ¼¼¼Ç ¿¬°á ²÷±â¿¡ ÇØ´çÇÑ´Ù. ÀÌ ÆÐŶÀ» º¸³»´Â °÷ÀÌ ÇöÀç Á¢¼ÓÇÏ°í ÀÖ´Â °÷°ú Áï½Ã ¿¬°áÀ» ²÷°íÀÚ ÇÒ ¶§ »ç¿ëÇÑ´Ù.
PSH(Push) - P : ¹Ð¾î³Ö±â
TELNET °ú °°Àº »óÈ£ÀÛ¿ëÀÌ Áß¿äÇÑ ÇÁ·ÎÅäÄÝÀÇ °æ¿ì ºü¸¥ ÀÀ´äÀÌ Áß¿äÇѵ¥, ÀÌ ¶§ ¹ÞÀº µ¥ÀÌÅ͸¦ Áï½Ã ¸ñÀûÁöÀÎ OSI 7 Layer ÀÇ Application °èÃþÀ¸·Î Àü¼ÛÇϵµ·Ï ÇÏ´Â FLAG. ´ëÈÇü Æ®·¢ÇÈ¿¡ »ç¿ëµÇ´Â °ÍÀ¸·Î ¹öÆÛ°¡ ä¿öÁö±â¸¦ ±â´Ù¸®Áö ¾Ê°í µ¥ÀÌÅ͸¦ Àü´ÞÇÑ´Ù. µ¥ÀÌÅÍ´Â ¹öÆÛ¸µ ¾øÀÌ ¹Ù·Î À§ °èÃþÀÌ ¾Æ´Ñ 7 °èÃþÀÇ ÀÀ¿ëÇÁ·Î±×·¥À¸·Î ¹Ù·Î Àü´ÞÇÑ´Ù.
URG(Urgent) - U : ±ä±Þ µ¥ÀÌÅÍ
Urgent pointer À¯È¿ÇÑ °ÍÀÎÁö¸¦ ³ªÅ¸³½´Ù. Urgent pointer¶õ Àü¼ÛÇÏ´Â µ¥ÀÌÅÍ Áß¿¡¼ ±ä±ÞÈ÷ Àü´çÇØ¾ß ÇÒ ³»¿ëÀÌ ÀÖÀ» °æ¿ì¿¡ »ç¿ëÇÑ´Ù. ±ä±ÞÇÑ µ¥ÀÌÅÍ´Â ´Ù¸¥ µ¥ÀÌÅÍ¿¡ ºñÇØ ¿ì¼±¼øÀ§°¡ ³ô¾Æ¾ß ÇÑ´Ù.
EX) ping ¸í·É¾î ½ÇÇà µµÁß Ctrl+c ÀÔ·Â
FIN(Finish) - F : ¿¬°á Á¾·á ¿äû
¼¼¼Ç ¿¬°áÀ» Á¾·á½Ãų ¶§ »ç¿ëµÇ¸ç ´õÀÌ»ó Àü¼ÛÇÒ µ¥ÀÌÅÍ°¡ ¾øÀ½À» ³ªÅ¸³½´Ù.
±× ¿Ü
Placeholder
ÆÐŶÀÇ Ç÷¡±×¿¡ SYN, FINISH, RESET, PUSHµîÀÇ Ç÷¡±×°¡ ¼³Á¤ µÇ¾î ÀÖÁö ¾ÊÀº °æ¿ì ÀÌ Ç÷¡±×°¡ ¼¼ÆõȴÙ. ÀÌ Ç÷¡±×´Â ACKÇ÷¡±×¿Í ÇÔ²² »ç¿ëµÇ´Â °æ¿ìµµ ÀÖ´Ù.
Ãâó: http://mindgear.tistory.com/206 [Á¤¸®]
http://m.blog.naver.com/shj1126zzang/220012807672
À̹ø Æ÷½ºÆÿ¡¼´Â ¿ÍÀ̾î»þÅ© ºÐ¼®°ú ±×·¡ÇÁ ±â´ÉÀ» »ìÆ캸ÀÚ.
1. ³×Æ®¿öÅ© Á¾´ÜÁ¡°ú ´ëÈ
Á¾´ÜÁ¡(endpoint)Àº ³×Æ®¿öÅ©¿¡¼ µ¥ÀÌÅ͸¦ º¸³»°Å³ª ¹Þ´Â ÀåÄ¡´Ù.
À§ ±×¸²°ú °°ÀÌ µÎ »ç¿ëÀÚ°¡ ÀÖÀ» ¶§ 2°èÃþ¿¡¼ Åë½ÅÀº µÎ °³ÀÇ ¹°¸®Àû NICµé°ú ÇØ´ç MAC ÁÖ¼Òµé »çÀÌ¿¡¼ ÀϾÙ.
IP°£ÀÇ ´ëÈ´Â 'SYN', 'SYN/ACK', 'ACK'¿Í °°Àº ´ëȸ¦ ÇÑ´Ù.
1.1 Á¾´ÜÁ¡ º¸±â
Æ®·¡ÇÈÀ» ºÐ¼®ÇÒ ¶§ ³×Æ®¿öÅ©»óÀÇ Æ¯Á¤ Á¾´ÜÁ¡¿¡¼ ¹ß»ýÇÑ ¹®Á¦¸¦ Á¤È®È÷ ÆľÇÇÒ ÇÊ¿äµµ »ý±æ °ÍÀÌ´Ù.
Statistics -> Endpoints ¸¦ Ŭ¸¯Çϸé Á¾´ÜÁ¡ °£ÀÇ µ¥ÀÌÅ͸¦ Àü¼ÛÇÏ°í Àü¼Û¹ÞÀº ¹ÙÀÌÆ®¿Í ÆÐŶÀÇ ¼ö¿Í ÁÖ¼Ò µîÀÇ °¢ Á¾´ÜÁ¡À» À§ÇÑ Åë°èÄ¡¸¦ º¸¿©ÁØ´Ù.
À§ÀÇ ÅÇÀº Áö¿ø °¡´ÉÇÑ ¸ðµç ÇÁ·ÎÅäÄÝ°ú Á¾´ÜÁ¡À» º¸¿©ÁØ´Ù.
Name ResolutionÀº À̸§ º¯È¯À» »ç¿ëÇÏ·Á¸é Ŭ¸¯ÇÏ¸é µÈ´Ù.
ƯÁ¤ Á¾´ÜÁ¡¿¡ ¸¶¿ì½º ¿À¸¥ÂÊ ¹öÆ°À» ´©¸£¸é ´Ù¾çÇÑ ±â´ÉÀÌ ÀÖ´Ù.
1.2 ³×Æ®¿öÅ© ´ëȺ¸±â
Statistics -> Conversations¿¡ µé¾î°£´Ù.
¾Æ·¡¿Í °°Àº âÀÌ ¶ß´Âµ¥ Address A¿Í Address B °°ÀÌ ´ëÈ ¸ñ·Ï¿¡ Æ÷ÇÔµÈ Á¾´ÜÁ¡µéÀÇ ÁÖ¼Ò¿Í °¢ ÀåÄ¡ »çÀÌ¿¡ Àü´ÞµÈ ¹ÙÀÌÆ®ÀÇ ÆÐŶµéÀ» º¸¿©ÁØ´Ù.
ÀÌ ¶ÇÇÑ ¸¶¿ì½º ¿À¸¥ÂÊ ¹öÆ°À¸·Î ÇÊÅͱâ´ÉÀ» ÀÌ¿ëÇÒ ¼ö ÀÖ´Ù.
1.3 Á¾´ÜÁ¡°ú ´ëÈ Ã¢À» ÀÌ¿ëÇÑ ¹®Á¦ ÇØ°á
À§¿¡¼ ºÃ´ø Á¾´ÜÁ¡°ú ´ëÈ Ã¢Àº ³×Æ®¿öÅ©ÀÇ ¹®Á¦¸¦ ÇØ°áÇÏ´Â µ¥ ¾ÆÁÖ Áß¿äÇÏ´Ù.
³×Æ®¿öÅ©¿¡¼ »ó´çÇÑ ¾çÀÇ Æ®·¡ÇÈÀ» Àü¼ÛÇÏ´Â ¹ß½ÅÁöÀÇ À§Ä¡¸¦ ã°Å³ª °¡Àå ¸¹ÀÌ Åë½ÅÀ» ÇÏ´Â ¼¹ö¸¦ ã´Â µ¥ Áß¿äÇÏ°Ô »ç¿ëÇÑ´Ù.
EndPointsâ¿¡¼ ÆÐŶ °¹¼ö ¼øÀ¸·Î ³ª¿Çغ¸ÀÚ.
ù¹ø °´Â ·ÎÄà ȣ½ºÆ® ÀÓÀ¸·Î ³Ñ¾î°¡°í
µÎ¹ø° IP ÁÖ¼Ò¿¡¼ ¸¹Àº µ¥ÀÌÅ͸¦ º¸³»´Â °ÍÀ» º¼ ¼ö ÀÖ´Ù.
Áö±Ý ¼Ò¸®¹Ù´Ù¸¦ Äѳõ°í À̼±Èñ ³ë·¡¸¦ µè°í Àֱ⠶§¹®ÀÌ´Ù.
¸¶Âù°¡Áö·Î ConversationsâÀ» º¸ÀÚ.
¿ª½Ã 121.189.21.211°úÀÇ ´ëÈ¿¡¼ °¡Àå ¸¹Àº ÆÐŶÀ» ÁÖ°í ¹Þ´Â °ÍÀ» º¼ ¼ö ÀÖ´Ù.
2. ÇÁ·ÎÅäÄÝ °èÃþ Åë°è
¾öû³ª°Ô Å« ĸó ÆÄÀÏÀ» ´Ù·ê ¶§ ÇÁ·ÎÅäÄÝÀÇ ºÐÆ÷¸¦ °áÁ¤ÇÒ ÇÊ¿ä°¡ ÀÖ´Ù.
TCP, IP, DHCP¿Í °°Àº ÇÁ·ÎÅäÄÝÀÌ ¾î´À Á¤µµ ºñÀ²À» Â÷ÁöÇÏ´ÂÁö Åë°è°¡ ÇÊ¿äÇÒ °æ¿ì°¡ ÀÖ´Ù.
Statistic -> Protocol Hierarchy¸¦ ¼±ÅÃÇؼ ÇÁ·ÎÅäÄÝ °èÃþ Åë°è âÀ» ¿¬´Ù.
¾Æ·¡¿Í °°Àº âÀ» º¼ ¼ö ÀÖ´Ù.
À̸¦ ÅëÇØ Á¤È®ÇÑ ¼ýÀÚº¸´Ù´Â ¾î¶² ÇÁ·ÎÅäÄÝÀÌ ¸¹ÀÌ ³×Æ®¿öÅ©¸¦ Â÷ÁöÇÏ´ÂÁö º¼ ¼ö ÀÖ´Ù.
3. À̸§ º¯È¯
³×Æ®¿öÅ©¿¡¼ µ¥ÀÌÅÍ´Â 00:16:CE:6E:8B:24ó·³ ¾î·Á¿î ÁÖ¼Ò Ã¼°è·Î Àü¼ÛµÇ´Âµ¥ À̸§ º¯È¯Àº ÇϳªÀÇ ½Äº° ÁÖ¼Ò Ã¼°è¸¦ ´Ù¸¥ °ÍÀ¸·Î º¯È¯ÇÏ´Â µ¥ »ç¿ëµÇ´Â ÇÁ·ÎÅäÄÝÀÌ´Ù.
3.1 À̸§ º¯È¯ »ç¿ë
Capture -> Options À» Ŭ¸¯Çؼ Capture Options âÀ» ¿¬´Ù.
»¡°£»ö ºÎºÐÀ» º¸ÀÚ.
- Resolve MAC addresses
ARP ÇÁ·ÎÅäÄÝÀ» »ç¿ëÇÏ¿© 2°èÃþ ÁÖ¼Ò¸¦ 3°èÃþ ÁÖ¼Ò¸¦ ¹Ù²ãÁØ´Ù.
ÀÌ °ÍÀÌ ½ÇÆеǸé ethers ÆÄÀÏÀ» »ç¿ëÇÏ¿© º¯È¯À» ½ÃµµÇÑ´Ù.
¸¶Áö¸·À¸·Î MAC ÁÖ¼ÒÀÇ ¾ÕÂÊ ¼¼ ¹ÙÀÌÆ®¸¦ IEEE ÁöÁ¤ Çϵå¿þ¾î Á¦Á¶»çÀÇ À̸§À¸·Î º¯È¯½ÃÄÑÁØ´Ù.
Netgear_01:02:03 °°ÀÌ ¸»ÀÌ´Ù.
- Resolve network-layer names
³×Æ®¿öÅ© À̸§ º¯È¯Àº IP ÁÖ¼Ò °°Àº 3°èÃþ ÁÖ¼Ò¸¦ Àб⠽¬¿î DNS À̸§À¸·Î º¯È¯ ½ÃÄÑ ÁØ´Ù.
- Resolve transport-layer name
Àü¼Û(transport) À̸§ º¯È¯Àº Æ÷Æ® ¹øÈ£¸¦ ÇØ´çÇÏ´Â À̸§À¸·Î º¯È¯ÇØ º¸¿©ÁØ´Ù.
¿¹¸¦ µé¸é Æ÷Æ® 80¹øÀ» http·Î º¯È¯ÇÏ´Â °Íó·³...
3.2 À̸§ º¯È¯ÀÇ ÀáÀçÀûÀÎ °áÁ¡
1) ÀϹÝÀûÀ¸·Î Äõ¸®¸¦ º¸³Â¾îµµ ³×ÀÓ ¼¹ö¿¡¼ À̸§À» ¾Ë ¼ö ¾ø±â ¶§¹®¿¡ À̸§ º¯È¯Àº ½ÇÆÐÇÒ ¼ö ÀÖ´Ù.
2) À̸§ º¯È¯Àº ÆÄÀÏ ¾ÈÀÇ À̸§ º¯È¯¿¡ ´ëÇÑ Á¤º¸°¡ ÀúÀåµÇÁö ¾Ê±â ¶§¹®¿¡ ĸÃÄµÈ ÆÄÀÏÀ» ¿ ¶§¸¶´Ù À̸§ º¯È¯ ÀÛ¾÷ÀÌ ÀÌ·ïÁø´Ù. Áï À̸§À» º¯È¯ÇÏ´Â ¼¹ö¿¡ ¹®Á¦°¡ ÀÖÀ» ¶§´Â À̸§ º¯È¯ÀÌ ½ÇÆÐÇÑ´Ù.
3) DNS¿¡ ´ëÇÑ ÀÇÁ¸µµ´Â Ãß°¡ÀûÀÎ ÆÐŶÀÌ ¸¸µé¾îÁö´Â ¿øÀÎÀÌ µÈ´Ù. ¸ðµç DNS ±â¹Ý ÁÖ¼ÒµéÀ» ÇØ°áÇϱâ À§ÇØ ¹ß»ýÇÏ´Â Æ®·¡ÇÈÀº ĸó ÆÄÀÏÀ» ¸ðÈ£ÇÏ°Ô ¸¸µç´Ù. ¶§¹®¿¡ ÆÐŶ ºÐ¼®½Ã¿¡ ÀÚ½ÅÀÇ Æ®·¡ÇÈÀ» º¸Áö ¾Ê´Â °ÍÀÌ ÀϹÝÀûÀÌ´Ù.
4) À̸§ º¯È¯Àº Ãß°¡ÀûÀÎ ºÎÇϸ¦ ¹ß»ý½ÃŲ´Ù.
4. ÇÁ·ÎÅäÄÝ Á¤¹Ð ºÐ¼®
ÇÁ·ÎÅäÄÝ Á¤¹Ð ºÐ¼®±â´Â ¿ÍÀ̾î»þÅ©°¡ ÇÁ·ÎÅäÄÝÀ» Á» ´õ Á¤¹ÐÇÏ°Ô ºÐ¼®ÇÒ ¼ö ÀÖ°Ô ÇÑ´Ù.
4.1 Á¤¹Ð ºÐ¼®±â º¯°æ
Á¤¹Ð ºÐ¼®±â¸¦ »ç¿ëÇÑ´Ù ÇÏÁö¸¸ ³×Æ®¿öÅ©»ó¿¡¼ µðÆúÆ® Æ÷Æ®°¡ ¾Æ´Ñ Æ÷Æ®³ª Ç¥ÁØȵÇÁö ¾ÊÀº ¼³Á¤À» »ç¿ëÇÏ´Â ÇÁ·ÎÅäÄÝÀÌ ¸¹±â ¶§¹®¿¡ Ç×»ó Á¤È®ÇÏ°í Á¦´ë·Î µÈ °á°ú¸¦ º¸¿©ÁÖÁö´Â ¾Ê´Â´Ù.
ÆÐŶ Çϳª·Î ¿¹¸¦ µé¾îº¸ÀÚ.
SSLÀº È£½ºÆ® »çÀÌ¿¡¼ ¾ÈÀüÇÏ°Ô ¾ÏÈ£ÈµÈ Åë½ÅÀ» À§ÇØ »ç¿ëµÇ´Â º¸¾È ¼ÒÄÏ °èÃþ ÇÁ·ÎÅäÄÝÀÌ´Ù. ÀϹÝÀûÀ¸·Î SSL Æ®·¡ÇÈÀ» ºÁµµ ¾ÏȣȵǾî Á¤º¸¸¦ ¾òÀ» ¼ö ¾ø´Âµ¥ ¾Æ·¡ ÆÐŶÀº ÀÏ¹Ý ÅؽºÆ®¸¦ º¼ ¼ö ÀÖ´Ù.
FileZilla Server ÀÓÀ» ºÁ¼ FTP¿Í °ü·ÃµÊÀ» ¾Ë ¼ö ÀÖ°í
SSL ÇÁ·ÎÅäÄÝÀ̶ó±â º¸´Ù´Â FTP ÇÁ·ÎÅäÄÝÀÓÀ» ¿¹»óÇÒ ¼ö ÀÖ´Ù.
±×·±µ¥ Æ÷Æ®¸¦ º¸¸é 443ÀÓÀ» º¼ ¼ö ÀÖ°í
º¸Åë 443Àº HTTPS¿¡ »ç¿ëµÇ´Â Æ÷Æ®ÀÌ´Ù
ÀÚ ±×·³ Á¤¹Ð ºÐ¼®À» Çغ¸ÀÚ
1) SSL ÆÐŶ¿¡ ¸¶¿ì½º ¿À¸¥ÂÊ ¹öÆ°À» ´©¸£°í Decode As¸¦ Ŭ¸¯ÇÑ´Ù.
2) 433 Port¸¦ ¼±ÅÃÇÏ°í ¿À¸¥ÂÊ ¸®½ºÆ®¿¡¼ FTP¸¦ ¼±ÅÃÇÑ´Ù.
3) 4¹ø ÆÐŶÀÌ FTP·Î º¯°æµÇ¾ú°í »ó¼¼ÇÑ ÆÐŶ Á¤º¸¸¦ º¼ ¼ö ÀÖ´Ù.
SSL·Î µÇ¾îÀÖ´ø ÆÐŶÀÌ FTP·Î ¹Ù²î¾î Á¤º¸µéÀ» º¼ ¼ö ÀÖ´Ù.
5. Following TCP ½ºÆ®¸²
¿ÍÀ̾î»þÅ©ÀÇ °¡Àå À¯¿ëÇÑ ºÐ¼® ±â´É Áß Çϳª´Â TCP ½ºÆ®¸²À» ½±°Ô ÀÐÀ» ¼ö ÀÖ´Â ÇüÅ·ΠÀçÁ¶¸³ÇÏ´Â ±â´ÉÀÌ´Ù.
ÆÐŶ¿¡¼ ¸¶¿ì½º ¿À¸¥ÂÊ ¹öÆ°À» ´©¸£¸é Follow TCP StreamÀÌ ÀÖ´Ù.
»ö±ò·Î ±¸ºÐÇÒ ¼ö Àִµ¥
»¡°£»öÀº ¹ß½ÅÁö¿¡¼ ¸ñÀûÁö·Î
ÆĶõ»öÀº ¸ñÀûÁö¿¡¼ ¹ß½ÅÁö·ÎÀÇ Æ®·¡ÇÈÀ» È®ÀÎÇÒ ¼ö ÀÖ´Ù.
¾Æ·¡¿¡¼ »¡°£ ºÎºÐÀ» º¸¸é Ŭ¶óÀ̾ðÆ®°¡ À¥ ¼¹ö¿¡ ´ëÇÑ ¿¬°áÀ» ½ÃÀÛÇÏ´Â °ÍÀ» º¼ ¼ö ÀÖ´Ù.
ÀÌ Ã¢¿¡¼´Â ´Ù¾çÇÑ ÇüÅ·Π¹Ù²Ü ¼ö ÀÖ´Ù.
ASCII, EBCDIC, Hex, C¹è¿ µî..
6. ÆÐŶ ±æÀÌ
ÇÑ °³ÀÇ ÆÐŶÀ̳ª ±×·ì ÆÐŶÀÇ Å©±â´Â »óȲ¿¡ ´ëÇØ ¸¹Àº °ÍÀ» ¾Ë·ÁÁØ´Ù. Á¤»óÀûÀÎ »óȲÀÏ ¶§ ÀÌ´õ³Ý ³×Æ®¿öÅ©¿¡¼ ÇÁ·¹ÀÓÀÇ ÃÖ´ë Å©±â´Â 1,518¹ÙÀÌÆ®ÀÌ´Ù.
ÀÌ ¼ýÀÚ¿¡¼ ÀÌ´õ³Ý, IP¿Í TCP Çì´õ¸¦ »©¾ßÇÏ´Â °æ¿ì 7°èÃþ ÇÁ·ÎÅäÄÝÀ̳ª Çì´õ³ª µ¥ÀÌÅÍÀÇ Àü¼ÛÀ» À§ÇØ »ç¿ëµÉ ¼ö ÀÖ´Â 1,460 ¹ÙÀÌÆ®¸¦ ³²°ÜµÐ´Ù.
ÀÌ Áö½ÄÀ» ¾Ë°í ÆÐŶÀ¸·Î ¿¹¸¦ µé¾îº¸ÀÚ.
Statistics -> Packet Lengths¸¦ Ŭ¸¯ÇÑ´Ù.
âÀÌ ¶ß¸é Create_StatÀ» Ŭ¸¯ÇÑ´Ù. ÆÐŶÀÇ ±æÀÌ¿¡ µû¶ó ºÐ·ù°¡ µÈ´Ù.
À̸¦ ÅëÇØ ¾Ë ¼ö ÀÖ´Â »ç½ÇÀº 1280-2559´Â µ¥ÀÌÅÍÀÇ Àü¼ÛÀ» ³ªÅ¸³½ °ÍÀ» ÀÓÀ» ÃßÃøÇÒ ¼ö ÀÖ´Ù. 40-79 ÆÐŶµµ ¸¹Àºµ¥ ÀÌ´Â ÇÁ·ÎÅäÄÝ Á¦¾î ¼ø¼ ¹øÈ£¸¦ ³ªÅ¸³¿À» ÃßÃøÇÒ ¼ö ÀÖ´Ù.
Áï HTTP³ª FTP¿Í °°Àº µ¥ÀÌÅÍ°¡ Àü¼ÛµÇ´Â ³×Æ®¿öÅ© Åë½ÅÀ̶ó°í ÃßÃøÇÒ ¼ö ÀÖ´Ù.
ƯÈ÷ 40-79´Â µ¥ÀÌÅ͸¦ Àü´ÞÇÏÁö ¾Ê´Â TCP Á¦¾î ÆÐŶÀε¥
ÀÌ´õ³Ý Çì´õ 14, IPÇì´õ ÃÖ¼Ò 20¹ÙÀÌÆ®, TCPÆÐŶ 20¹ÙÀÌÆ®ÀÌ´Ù.
Àû¾îµµ 54¹ÙÀÌÆ®´Â Â÷ÁöÇÑ´Ù´Â ¶æÀÌ´Ù.
7. ±×·¡ÇÁ
7.1 IO ±×·¡ÇÁ
¿ÍÀ̾î»þÅ©ÀÇ IO ±×·¡ÇÁ âÀº ³×Æ®¿öÅ©¿¡¼ µ¥ÀÌÅÍÀÇ Ã³¸®·®À» ±×·¡ÇÁ·Î º¸¿©ÁØ´Ù.
Statistics¿¡ IO Graph¸¦ Ŭ¸¯ÇÑ´Ù.
¾Æ·¡¿Í °°ÀÌ Ã¢ÀÌ ¶ß´Âµ¥ ¾Æ·¡ ±×¸²Àº µÎ °³ÀÇ ÆÐŶÀ» ºñ±³ÇÑ ±×·¡ÇÁÀÌ´Ù.
Çϳª´Â ºü¸¥ ´Ù¿î·Îµå, Çϳª´Â ´À¸° ´Ù¿î·Îµå¸¦ º¸¿©ÁØ´Ù.
È®½ÇÈ÷ ºñ±³°¡ µÊÀ» º¼ ¼ö ÀÖ´Ù. ´À¸°ÂÊÀÌ ºÒ¾ÈÁ¤ÇÑ ±×·¡ÇÁ¸¦ ³ªÅ¸³»°í ÀÖ´Ù.
¸¶Âù°¡Áö·Î Filter¿Í »ö±òÀ» Àû¿ëÇÒ ¼öµµ ÀÖ´Ù.
7.2 ¿Õº¹ ½Ã°£ ±×·¡ÇÁ
¿ÍÀ̾î»þÅ©ÀÇ ¶Ç ´Ù¸¥ ±×·¡ÇÁ ±â´ÉÀº ÁÖ¾îÁø ĸó ÆÄÀÏ¿¡ ´ëÇÑ ¿Õº¹ ½Ã°£(Round-Trip Time)ÀÇ Ç¥½Ã¸¦ º¼ ¼ö ÀÖ´Â ´É·ÂÀÌ´Ù. ¿Õº¹ ½Ã°£(RTT)´Â ÆÐŶÀÌ ¼ö½ÅµÆ´Ù´Â ½ÂÀο¡ ´ëÇØ °É¸®´Â ½Ã°£ÀÌ´Ù.
ÀÌ RTTÀÇ ºÐ¼®Àº Åë½Å¿¡¼ ´À¸° ÁöÁ¡À̳ª º´¸ñ ÁöÁ¡À» ã°í ´ë±â ½Ã°£À» °áÁ¤Çϱâ À§ÇØ Á¾Á¾ ¼öÇàµÈ´Ù.
Statistics -> TCP Stream Graph -> Round Trip Time Graph¸¦ Ŭ¸¯ÇÑ´Ù.
±×·¡ÇÁ¸¦ È®ÀÎÇÒ ¼ö ÀÖ´Ù.
7.3 È帧 ±×·¡ÇÁ
È帧 ±×·¡ÇÁ ±â´ÉÀº ¿¬°áÀ» ½Ã°¢ÈÇÏ°í ½Ã°£¿¡ µû¸¥ µ¥ÀÌÅÍ È帧À» º¸¿©Áִµ¥ ¸Å¿ì À¯¿ëÇÏ´Ù.
Statistics -> Flow Graph¸¦ Ŭ¸¯ÇÑ´Ù.
¸î °¡Áö ¿É¼ÇÀ» ÇÏ°í OK¸¦ ´©¸£¸é ´ÙÀ½°ú °°ÀÌ Ã¢ÀÌ ¶á´Ù.
8. Àü¹®°¡ Á¤º¸
¿ÍÀ̾î»þÅ©¿¡¼ °¢ ÇÁ·ÎÅäÄÝ¿¡ ´ëÇÑ Á¤¹Ð ºÐ¼®±â´Â ÇØ´ç ÇÁ·ÎÅäÄÝÀ» »ç¿ëÇØ ÆÐŶ³»ÀÇ Æ¯Á¤ »óŸ¦ »ç¿ëÀÚ¿¡°Ô °æ°íÇÏ´Â µ¥ »ç¿ëµÉ ¼ö ÀÖ´Â expert info¸¦ Á¤ÀÇÇÑ´Ù.
4°¡Áö·Î ±¸ºÐµÇ´Âµ¥ ´ÙÀ½°ú °°´Ù.
1) Chat : Åë½Å¿¡ ´ëÇÑ ±âº» Á¤º¸
2) Note : Á¤»ó Åë½ÅÀÇ ÀϺΰ¡ µÇ´Â ºñÁ¤»ó ÆÐŶ
3) Warning : ´ëºÎºÐÀÌ Á¤»ó Åë½ÅÀÇ ÀϺΰ¡ ¾Æ´Ñ ºñÁ¤»ó ÆÐŶ
4) Error : ÆÐŶÀ̳ª Á¤¹Ð ºÐ¼®±â Çؼ®¿¡¼ÀÇ ¿À·ù
Analyze -> Expert Info¸¦ Ŭ¸¯ÇÑ´Ù.
¾Æ·¡¿Í °°Àº âÀÌ ¶ß´Âµ¥ Error´Â ¾ø°í Warnings 2°³, Note 19°³, Chat 3°³°¡ ÀÖ´Â °ÍÀ» º¼ ¼ö ÀÖ´Ù.
¸ðµç ¸Þ½ÃÁöÀÇ ³»¿ëÀ» º¸¸é TCP¿Í °ü·ÃµÈ °ÍÀ» ¾Ë ¼ö ÀÖ´Ù. 14°³ÀÇ Expert info ¸Þ½ÃÁö´Â TCP¿¡ ´ëÇؼ ±¸¼ºµÅ ÀÖ´Ù.
1) Chat ¸Þ½ÃÁö
- Window Update : ¼ö½ÅÀÚ¿¡ ÀÇÇØ TCP ¼ö½Å âÀÇ Å©±â°¡ º¯°æµÆ´Ù´Â °ÍÀ» ¼Û½ÅÀÚ¿¡°Ô ¾Ë¸².
2) Note ¸Þ½ÃÁö
- TCP Retransmission : ÆÐŶ ¼Õ½Ç °á°ú·Î, Áߺ¹ ACK¸¦ ¼ö½ÅÇϰųª ÆÐŶÀÇ ÀçÀü¼Û ŸÀ̸Ӱ¡ ¸¸·áµÉ ¶§ ¹ß»ý.
- Duplicate ACK : È£½ºÆ®°¡ ¿¹»óµÇ´Â ´ÙÀ½ ¼ø¼ ¹øÈ£¸¦ ¹ÞÁö ¸øÇÒ ¶§ ¸¶Áö¸·À¸·Î ¼ö½ÅÇÑ µ¥ÀÌÅÍÀÇ Áߺ¹ ACK¸¦ ¸¸µç´Ù.
- Zero Window Probe : Á¦·Î À©µµ¿ì ÆÐŶÀÌ Àü¼ÛµÈ ÈÄ TCP ¼ö½Å âÀÇ »óŸ¦ ¸ð´ÏÅ͸µÇϱâ À§ÇØ »ç¿ëÇÑ´Ù.
- Keep Alive ACK : keep-alive ÆÐŶ¿¡ ´ëÇÑ ÀÀ´äÀ¸·Î º¸³½´Ù.
- Zero Window Probe ACK : zero-window-probe ÆÐŶ¿¡ ´ëÇÑ ÀÀ´äÀ¸·Î º¸³½´Ù.
- Window is Full : ¼ö½ÅÀÚÀÇ TCP ¼ö½Å âÀÌ °¡µæ áÀ½À» ¼Û½ÅÇϴ ȣ½ºÆ®¿¡°Ô ¾Ë¸®±â À§ÇØ »ç¿ë.
3) Warning ¸Þ½ÃÁö
- Previous Segment Lost : ÆÐŶ ¼Õ½ÇÀ» Ç¥½Ã. µ¥ÀÌÅÍ ½ºÆ®¸²¿¡¼ ¿¹»óµÇ´Â ¼ø¼ ¹øÈ£°¡ »ý·«µÆÀ» ¶§ ¹ß»ý
- ACKed Lost Packet : ÆÐŶÀ» º¼ ¼ö ÀÖÁö¸¸ ½ÂÀÎµÈ ÆÐŶÀÌ ¾Æ´Ò ¶§ ¹ß»ý
- Keep Alive : ¿¬°á keep-alive ÆÐŶÀ̺¸ÀÏ ¶§ ¹ß»ý.
- Zero Window : TCP ¼ö½Å âÀÇ Å©±â¿¡ µµ´ÞÇÏ°í Á¦·Î À©µµ¿ì°¡ Àü¼ÛÀ» ¸¶Ä¥ °æ¿ì ¼Û½ÅÀÚ¿¡°Ô µ¥ÀÌÅÍ Àü¼ÛÀ» ÁßÁöÇϵµ·Ï ¿äû.
- Out-of-Order : ÆÐŶÀÌ À߸øµÈ ¼ø¼ ¹øÈ£¸¦ ¼ö½ÅÇÒ °æ¿ì ¼ø¼ ¹øÈ£¸¦ ŽÁöÇϱâ À§ÇØ »ç¿ë.
- Fast Retransmission : Áߺ¹ ACK°¡ ¹ß»ýÇϸé 20¹Ð¸®ÃÊ À̳»¿¡ ÀçÀü¼Û.
4) Error ¸Þ½ÃÁö
- No Error Messages
wireshark ¸¦ Á÷Á¢ ¼³Ä¡ÇÒ¼ö ¾ø´Â linux¿¡¼´Â
tcpdump¸¦ ÀÌ¿ëÇÏ¿©, data¸¦ ¼öÁýÇÏ°í, À̸¦ wireshark¿¡¼ ÆÄ½ÌµÈ data ÇüÅ·ΠȮÀÎ °¡´ÉÇÏ´Ù.
dump ¶ß´Â ¹æ¹ý
nohup tcpdump -i eth0 port 8209 -w tcp_8209_normal.dmp & |
network ID port ÆÄÀÏ À̸§.
tcpdump version 4.1-PRE-CVS_2012_03_26 libpcap version 1.0.0 Usage: tcpdump [-aAdDefIKlLnNOpqRStuUvxX] [ -B size ] [ -c count ] [ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ] [ -i interface ] [ -M secret ] [ -r file ] [ -s snaplen ] [ -T type ] [ -w file ] [ -W filecount ] [ -y datalinktype ] [ -z command ] [ -Z user ] [ expression ] |
networkID´Â ifconfig¸¦ ÅëÇؼ È®ÀÎ °¡´ÉÇÏ´Ù.
¿©±â eth0 ¸¦ ¾²¸éµÈ´Ù. (½ÇÁ¦ IP°¡ ¸ÅÇÎµÈ °÷..)
# ifconfig eth0 Link encap:Ethernet HWaddr 00:00:00:00:00:00 inet addr:192.168.0.1 Bcast:xxx.xxx.xxx.xxx Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:377560544 errors:0 dropped:0 overruns:0 frame:0 TX packets:322426559 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:84443880548 (78.6 GiB) TX bytes:71986599537 (67.0 GiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:951373694 errors:0 dropped:0 overruns:0 frame:0 TX packets:951373694 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:103386360462 (96.2 GiB) TX bytes:103386360462 (96.2 GiB)
|
# basedir= # datadir= # mysqld_pid_file_path= ## ÁÖ¼® ó¸® |
[client] port = 3306 #mysqlÆ÷Æ® socket = ./mysql-5.7.17/conf/mysql.sock default-character-set = utf8
[mysqld] basedir=/block3/mysql-5.7.17 #Mysql Engine Directory datadir=/block3/mysql-5.7.17/data/ #Data Directory init_connect = SET collation_connection = utf8_general_ci init_connect = SET NAMES utf8 character-set-server = utf8 collation-server = utf8_general_ci user=mysql #mysql°èÁ¤ port=3306 #mysqlÆ÷Æ® socket=/block3/mysql-5.7.17/conf/mysql.sock pid-file=/block3/mysql-5.7.17/conf/mysqld.pid [mysqldump] default-character-set = utf8 [mysql] default-character-set = utf8 # Disabling symbolic-links is recommended to prevent assorted security risks symbolic-links=0 [mysqld_safe] log-error=/block3/mysql-5.7.17/log/mysqld.log #pid-file=/var/run/mysqld/mysqld.pid default-time-zone='UTC' [mysqld] log-error=/block3/mysql/log/error.log |
Apache Httpd ¼³Ä¡
<»çÀü Lib ¼³Ä¡>
1. Apr (Apache Portable Runtime)
A. ¼³Ä¡¹öÀü : apr 1.5.2
B. ¼³Ä¡°æ·Î : /ccpkg/platform/apache/apr/
C. Download : http://apache.mirror.cdnetworks.com//apr/apr-1.5.2.tar.gz
D. ¼³Ä¡ Process
i. tar –zxvf apr-1.5.2.tar.gz
ii. cd apr-1.5.2
iii. ./configure --prefix=/ccpkg/platform/apache/apr/
iv. make && make install
2. Apr Util (Apache Portable Runtime Util)
A. ¼³Ä¡¹öÀü : apr-util 1.5.4
B. ¼³Ä¡°æ·Î : /ccpkg/platform/apache/apr/
C. Download : http://apache.mirror.cdnetworks.com//apr/apr-util-1.5.4.tar.gz
D. ¼³Ä¡ Process
i. tar -zxvf apr-util-1.5.4.tar.gz
ii. cd apr-util-1.5.4
iii. ./configure --prefix=/ccpkg/platform/apache/apr/ --with-apr=/ccpkg/platform/apache/apr/
iv. make && make install
3. pcre (Perl Compatible Regular Expressions)
A. ¼³Ä¡¹öÀü : pcre 8.40
B. ¼³Ä¡°æ·Î : /ccpkg/platform/apache/pcre/
C. Download : https://ftp.pcre.org/pub/pcre/pcre-8.40.tar.gz
D. ¼³Ä¡ Process
i. tar -zxvf pcre-8.40.tar.gz
ii. cd pcre-8.40
iii. ./configure --prefix=/ccpkg/platform/apache/pcre/ --with-apr=/ccpkg/platform/apache/apr/bin --with-apr-util=/ccpkg/platform/apache/apr/bin
iv. make && make install
4. cronolog
A. ¼³Ä¡¹öÀü : 1.6.2
B. ¼³Ä¡°æ·Î : /ccpkg/platform/apache/bin
C. Download : http://pkgs.fedoraproject.org/repo/pkgs/cronolog/cronolog-1.6.2.tar.gz/a44564fd5a5b061a5691b9a837d04979/cronolog-1.6.2.tar.gz
D. ¼³Ä¡ Process
i. tar –zxvf cronolog-1.6.2.tar.gz
ii. cd cronolog-1.6.2
iii. ./configure --prefix=/ccpkg/platform/apache/bin
iv. make && make install
5. Open SSL
A. ¼³Ä¡¹öÀü : 1.0.2k
B. ¼³Ä¡°æ·Î : /ccpkg/platform/apache/s´Ï
C. Download : https://www.openssl.org/source/openssl-1.0.2k.tar.gz
D. ¼³Ä¡ Process
i. tar –zxvf openssl-1.0.2k.tar.gz
ii. cd openssl-1.0.2k
iii. ./config --prefix=/ccpkg/platform/apache/ssl shared
iv. make && make install
6. Apache HTTP Server Project
A. ¼³Ä¡¹öÀü : httpd 2.4.25
B. ¼³Ä¡°æ·Î : /ccpkg/platform/apache
C. Download : http://apache.tt.co.kr//httpd/httpd-2.4.25.tar.gz
D. ¼³Ä¡ Process
i. tar –zxvf httpd-2.4.25.tar.gz
ii. MPM worker »ç¿ëÀ» À§ÇÑ ¼³Á¤ º¯°æ
1. /usr/local/src/httpd-2.4.9/server/mpm/worker/worker.c ÆÄÀÏ¿¡¼ ¾Æ·¡ define °ªÀ¸·Î ¼öÁ¤
#define DEFAULT_SERVER_LIMIT 64 #define DEFAULT_THREAD_LIMIT 256 |
iii. cd httpd-2.4.25
iv. ./configure --prefix=/ccpkg/platform/apache --enable-mods-shared=most --enable-so --enable-proxy --enable-ssl --with-ssl=/ccpkg/platform/apache/ssl --with-mpm=worker --with-apr=/ccpkg/platform/apache/apr --with-apr-util=/ccpkg/platform/apache/apr --with-pcre=/ccpkg/platform/apache/pcre
v. make && make install
vi. vi /ccpkg/platform/apache/conf/httpd.conf
1. LoadModule Ãß°¡(ÁÖ¼®Á¦°Å)
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so LoadModule socache_shmcb_module modules/mod_socache_shmcb.so LoadModule ssl_module modules/mod_ssl.so |
2. ½ÇÇà °èÁ¤ º¯°æ(apache °èÁ¤ Á¸Àç: adduser apache)
User apache ·Î º¯°æ Group apache ·Î º¯°æ ServerName localhost(xxx.xxx.xxx.xxx) ·Î ¼öÁ¤ |
3. HTTP Header ±ÇÇÑ(»ç¿ë) ¼³Á¤
<Directory /> <LimitExcept GET POST HEAD> Order deny,allow Deny from all </LimitExcept> AllowOverride All Require all denied </Directory> |
4. Options Indexes FollowSymLinks ºÎºÐ ÁÖ¼®Ã³¸® (<Directory ³»ºÎ )
#Options Indexes FollowSymLinks |
5. Log À§Ä¡ º¯°æ ¹× lotatelogs ¼³Á¤
(´ÙÀ½°ú °°ÀÌ ¼öÁ¤)
ErrorLog "| /ccpkg/platform/apache/bin/sbin/cronolog /ccdata/logs/platform/apache/%Y%m /error.log.%Y%m%d" CustomLog "| /ccpkg/platform/apache/bin/sbin/cronolog /ccdata/logs/platform/apache/%Y%m /access.log.%Y%m%d" common |
6. Proxy Type ¼³Á¤
(On : Forward Proxy / Off : Reverse Proxy)
ProxyRequests Off ProxyVia Off |
7. Apache º¸¾È¼³Á¤
(Apache Version Á¤º¸ ¼û±â±â)
ServerSignature Off ServerTokens Prod TraceEnable off |
8. ¼¼¼Ç ¼³Á¤
KeepAlive On KeepAliveTimeout 30 MaxKeepAliveRequests 0 |
9. server-status ¼³Á¤ Ãß°¡, IP Ãß°¡
<Location /server-status> SetHandler server-status Order Deny,Allow Deny from all Allow from xxx.xxx.xxx.xxx </Location> |
10. HTTPS Redirect ¼³Á¤ (HTTPS only)
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS) RewriteRule .* - [F] |
11. Jk Module Ãß°¡
LoadModule jk_module modules/mod_jk.so JkWorkersFile conf/workers.properties JkLogLevel info JkLogFile "| /ccpkg/platform/apache/bin/sbin/cronolog /ccdata/logs/platform/apache/.%Y%m /mod_jk.log.%Y%m%d" |
12. httpd-mpm ¼³Á¤
A. httpd-mpm configuration load (ÁÖ¼®Á¦°Å)
Include conf/extra/httpd-mpm.conf |
B. mpm worker config (apache/conf/extra/httpd-mpm.conf ¼öÁ¤)
<IfModule mpm_worker_module> StartServers 4 MinSpareThreads 256 MaxSpareThreads 512 ThreadsPerChild 64 MaxRequestWorkers 640 MaxConnectionsPerChild 0 </IfModule> |
13. HTTPS(SSL) ¼³Á¤
A. Httpd-ssl configuration load (ÁÖ¼®Á¦°Å)
Include conf/extra/httpd-ssl.conf |
14. Apache HTTPS ¼³Á¤ (/apache/conf/extra/httpd-ssl.conf)
A. Virtual Host ¼³Á¤ (Multi ¼³Á¤ °¡´É)
<VirtualHost *:443> ServerName DNS.example.com:443 ¡¦. </VirtualHost> |
B. ÀÎÁõ¼ ¼³Á¤ (Virtual Hostº° ¼³Á¤)
SSLEngine on SSLCertificateFile "/ccpkg/platform/apache/conf/cert/server.host.crt" SSLCertificateKeyFile "/ccpkg/platform/apache/conf/cert/server.host.key" SSLCACertificateFile "/ccpkg/platform/apache/conf/cert/ca.crt" |
C. Log ¼³Á¤ (Virtual Host º° ¼³Á¤°¡´É)
ErrorLog "| /ccpkg/platform/apache/bin/cronolog /ccdata/logs/platform/apache/%Y%m%d/ssl_error.log.%Y%m%d" TransferLog "| /ccpkg/platform/apache/bin/cronolog /ccdata/logs/platform/apache/%Y%m%d/ssl_access.log.%Y%m%d" CustomLog "| /ccpkg/platform/apache/bin/cronolog /ccdata/logs/platform/apache/%Y%m%d/ssl_request_log.%Y%m%d" \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" |
D. Browser º¸¾È ¼³Á¤(httpOnly, Secure Browser cookie ¼³Á¤)
Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure |
vii. Apache ½ÇÇà °èÁ¤ ±ÇÇÑ º¯°æ
1. ÀϹݰèÁ¤ ½ÇÇà °¡´É ±ÇÇÑ Ãß°¡
cd /ccpkg/platform/apache/bin chmod 4775 httpd |
Àû¿ë°á°ú
-rwsr-xr-x 1 root root 1217098 Feb 28 10:44 httpd |
2. Àбâ/¾²±â±ÇÇÑ Ãß°¡
chmod g+w /ccpkg/platform/apache/conf chmod g+w /ccpkg/platform/apache/conf/httpd.conf chmod g+w /ccpkg/platform/apache/conf/extra chmod g+w /ccpkg/platform/apache/conf/extra/httpd-mpm.conf chmod g+w /ccpkg/platform/apache/conf/extra/httpd-ssl.conf |
viii. Apache ½ÇÇà / Á¾·á
1. Start
/ccpkg/platform/apache/bin/apachectl start |
2. Stop
/ccpkg/platform/apache/bin/apachectl stop |
7. Tomcat Connector ¼³Áö
A. ¼³Ä¡¹öÀü : tomcat connector 1.2.42
B. ¼³Ä¡°æ·Î : /ccpkg/platform/apache/bin/
C. Download : http://apache.mirror.cdnetworks.com/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.42-src.tar.gz
D. ¼³Ä¡ Process
i. tar –zxvf tomcat-connectors-1.2.42-src.tar.gz
ii. cd tomcat-connectors-1.2.42-src
iii. ./configure --with-apxs=/ccpkg/platform/apache/bin/apxs
iv. make && make install
8. Apache Balancer ¼³Á¤
A. JkMount
i. Routing
JkMount /ios cc_common JkMount /ios/* cc_common
JkMount /fsw cc_drive JkMount /fsw/* cc_drive
JkMount /snw cc_stream JkMount /snw/* cc_stream |
ii. Worker ¼³Á¤
vi workers.properties
worker.list=cc_common,cc_drive,cc_stream,cc_admin, jkstatus
worker.cc_common1_1.port=8009 worker.cc_common1_1.host={WAS IP} worker.cc_common1_1.type=ajp13 worker.cc_common1_1.lbfactor=1
worker.cc_common.type=lb worker.cc_common.sticky_session=true worker.cc_common.balance_workers=cc_common1_1
worker.cc_drive1_1.port=8109 worker.cc_drive1_1.host={WAS IP} worker.cc_drive1_1.type=ajp13 worker.cc_drive1_1.lbfactor=1
worker.cc_drive2_1.port=8109 worker.cc_drive2_1.host={WAS IP} worker.cc_drive2_1.type=ajp13 worker.cc_drive2_1.lbfactor=1
worker.cc_drive.type=lb worker.cc_drive.sticky_session=true worker.cc_drive.set_session_cookie=true worker.cc_drive.session_cookie_path=/fsw #sticky cookie ¼³Á¤ worker.cc_drive.balance_workers=cc_drive1_1, cc_drive2_1
¡¦
|
iii.
B. ProxyPass ·Î ¼³Á¤ ¹æ¹ý
### Driver ### Header add Set-Cookie "ROUTEID=FSWSESSION.%{BALANCER_WORKER_ROUTE}e; path=/fsw; Secure; HttpOnly" env=BALANCER_ROUTE_CHANGED
ProxyPass /fsw balancer://syfswcluster/fsw ProxyPassReverse /fsw balancer://syfswcluster/fsw
<Proxy balancer://syfswcluster> BalancerMember ajp://{was1 IP}:9109 loadfactor=1 route=ioffice_fsw1_1 timeout=240 BalancerMember ajp://{was2 IP}:9109 loadfactor=1 route=ioffice_fsw2_1 timeout=240 ProxySet stickysession=ROUTEID ProxySet lbmethod=byrequests </Proxy> |
Apache TomcatÀÇ ¼³Ä¡ ¹× ¼³Á¤¹æ¹ý
<»çÀü Lib ¼³Ä¡>
1. Apr (Apache Portable Runtime)
A. ¼³Ä¡¹öÀü : apr 1.5.2
B. ¼³Ä¡°æ·Î : /ccpkg/platform/tomcat/apr/
C. Download : http://apache.mirror.cdnetworks.com//apr/apr-1.5.2.tar.gz
D. ¼³Ä¡ Process
i. tar –zxvf apr-1.5.2.tar.gz
ii. cd apr-1.5.2
iii. ./configure --prefix=/ccpkg/platform/tomcat/apr/
iv. make && make install
2. Apr Util (Apache Portable Runtime Util)
A. ¼³Ä¡¹öÀü : apr-util 1.5.4
B. ¼³Ä¡°æ·Î : /ccpkg/platform/tomcat/apr/
C. Download : http://apache.mirror.cdnetworks.com//apr/apr-util-1.5.4.tar.gz
D. ¼³Ä¡ Process
i. tar -zxvf apr-util-1.5.4.tar.gz
ii. cd apr-util-1.5.4
iii. ./configure --prefix=/ccpkg/platform/tomcat/apr/ --with-apr=/ccpkg/platform/tomcat/apr/
iv. make && make install
3. pcre (Perl Compatible Regular Expressions)
A. ¼³Ä¡¹öÀü : pcre 8.40
B. ¼³Ä¡°æ·Î : /ccpkg/platform/tomcat/pcre/
C. Download : https://ftp.pcre.org/pub/pcre/pcre-8.40.tar.gz
D. ¼³Ä¡ Process
i. tar -zxvf pcre-8.40.tar.gz
ii. cd pcre-8.40
iii. ./configure --prefix=/ccpkg/platform/tomcat/pcre/ --with-apr=/ccpkg/platform/tomcat/apr/bin --with-apr-util=/ccpkg/platform/tomcat/apr/bin
iv. make && make install
4. Open SSL
A. ¼³Ä¡¹öÀü : 1.0.2k
B. ¼³Ä¡°æ·Î : /ccpkg/platform/tomcat/ssl
C. Download : https://www.openssl.org/source/openssl-1.0.2k.tar.gz
D. ¼³Ä¡ Process
i. tar –zxvf openssl-1.0.2k.tar.gz
ii. cd openssl-1.0.2k
iii. ./config --prefix=/ccpkg/platform/tomcat/ssl shared
iv. make && make install
5. JDK ¼³Ä¡
A. ¼³Ä¡¹öÀü : java 8u121
B. ¼³Ä¡°æ·Î : /usr/java/jdk1.8.0_121
C. Download : http://download.oracle.com/otn-pub/java/jdk/8u121-b13/e9e7ea248e2c4826b92b3f075a80e441/jdk-8u121-linux-x64.tar.gz
D. ¼³Ä¡ Process
i. tar –zxvf jdk-8u121-linux-x64.tar.gz
ii. mv jdk1.8.0_121 /usr/java/
6. Java JCE ¼³Ä¡
A. ¼³Ä¡¹öÀü : java 8
B. ¼³Ä¡°æ·Î : /usr/java/jdk1.8.0_121/jre/lib/security
C. Download : http://download.oracle.com/otn-pub/java/jce/8/jce_policy-8.zip
D. ¼³Ä¡ Process
i. unzip jce_policy-8.zip
ii. cd UnlimitedJCEPolicyJDK8
iii. cp *.jar /usr/java/jdk1.8.0_121/jre/lib/security
7. Tomcat ¼³Ä¡
A. ¼³Ä¡¹öÀü : 8.0.41
B. ¼³Ä¡°æ·Î : /ccpkg/platform/tomcat
C. Download : http://apache.mirror.cdnetworks.com/tomcat/tomcat-8/v8.0.41/bin/apache-tomcat-8.0.41.tar.gz
D. ¼³Ä¡ Process
i. tar –zxvf apache-tomcat-8.0.41.tar.gz
ii. cd apache-tomcat-8.0.41
iii. cp –R * /ccpkg/platform/tomcat
8. tomcat-native ¼³Ä¡ (JDK ¼³Á¤¾ÈµÇ¾î ÀÖÀ¸¸é ¿¡·¯³²)
A. ¼³Ä¡¹öÀü : 1.1.34
B. ¼³Ä¡°æ·Î : /ccpkg/platform/tomcat/lib
C. Download : http://apache.mirror.cdnetworks.com/tomcat/tomcat-connectors/native/1.1.34/source/tomcat-native-1.1.34-src.tar.gz
D. ¼³Ä¡ Process
i. tar –zxvf tomcat-native-1.1.34-src.tar.gz
ii. cd tomcat-native-1.1.34-src/jni/native
iii. ./configure --with-apr=/ccpkg/platform/tomcat/apr --with-ssl=/ccpkg/platform/tomcat/ssl --prefix=/ccpkg/platform/tomcat
iv.
9. Tomcat jndi ¼³Á¤( JDBC connector)
A. ¼³Ä¡¹öÀü : mysql connector java 5.1.40
B. ¼³Ä¡°æ·Î : /ccpkg/platform/tomcat/lib
C. Download : http://central.maven.org/maven2/mysql/mysql-connector-java/5.1.40/mysql-connector-java-5.1.40.jar
D. ¼³Ä¡ Process
i. cp mysql-connector-java-5.1.40.jar /ccpkg/platform/tomcat/lib/
ii. server.xml
factory=¡±org.apache.tomcat.jdbc.pool.DataSourceFactory¡± driverClassName="com.mysql.jdbc.Driver" #single Àΰæ¿ì driverClassName="com.mysql.jdbc.ReplicationDriver" #Replication ÀÎ °æ¿ì |
10. ½ÇÇà / Á¤Áö
A. $CATALINA_HOME/bin/start.sh
B. $CATALINA_HOME/bin/stop.sh
RabbitMQ ¼³Ä¡ ¹æ¹ý
RabbitMQ ´Â AMQP(Advanced Message Queuing Protocol) ¸¦ Áö¿øÇÏ´Â ¸Þ½Ã¡ Å¥ ºê·ÎÄ¿ ÀÔ´Ï´Ù. Å¥(Queue) ÀڷᱸÁ¶ÀÇ µ¿ÀÛ¹æ¹ý ±×´ë·Î ¼¹ö·Î¼ ¿ªÈ°À» Çϵµ·Ï ¸¸µç ¼¹ö ÀÔ´Ï´Ù.
RabbitMQ´Â Erlang À̶ó´Â ¾ð¾î·Î ÀÛ¼ºµÇ¾ú½À´Ï´Ù. µû¶ó¼ ÀÌ ÆÐÅ°Áö°¡ ¼³Ä¡µÇ¾î ÀÖ¾î¾ß Çϴµ¥,
º°µµÀÇ tar ball ÇüŸ¦ Áö¿øÇÏÁö ¾Ê°í, rpm ÇüÅ·Π¼³Ä¡ÇÕ´Ï´Ù.
1. EPEL(Extra Packages for Enterprise Linux) ¼³Ä¡Çϱâ
yum install https://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-9.noarch.rpm |
2. Erlang ¼³Ä¡ (root ±ÇÇÑÀ¸·Î ½ÇÇà)
yum install erlang |
3. RabbitMQ ¼³Ä¡
A. ¼³Ä¡ ¹öÀü Version : 3.6.6-1
B.
C. Download : https://www.rabbitmq.com/install-rpm.html
https://www.rabbitmq.com/releases/rabbitmq-server/v3.6.6/rabbitmq-server-3.6.6-1.el7.noarch.rpm
D. ¼³Ä¡ Process
yum install rabbitmq-server-3.6.6-1.el7.noarch.rpm |
4. RabbitMQ ¼³Á¤
A. Data folder »ý¼º
mkdir /ccdata/rabbitmq/dbfiles chown –R rabbitmq.rabbitmq /ccdata/rabbitmq/dbfiles
mkdir /ccdata/logs/platform/rabbitmq chown –R rabbitmq.rabbitmq /ccdata/logs/platform/rabbitmq |
B. Rabbitmq Configuration
vi /etc/rabbitmq/rabbitmq-env.conf |
#rabbitmq-env.conf #Host Name HOSTNAME=cl-xxx-linux01 #Node Name NODENAME=rabbit@cl-xxx-linux01 RABBITMQ_NODE_PORT=5672 RABBITMQ_MNESIA_BASE=/ccdata/rabbitmq/dbfiles RABBITMQ_LOG_BASE=/ccdata/logs/platform/rabbitmq |
5. RabbitMQ ±âµ¿ / ÁßÁö
A. service rabbitmq-server start / stop / status
6. Management plugin ¼³Ä¡
A. rabbitmq-plugin list
B. rabbitmq-plugins enable rabbitmq_management
7. RabbitMQ Admin ¼³Ä¡
A. Download rabbitmqadmin
cd /usr/local/bin/ wget http://127.0.0.1:15672/cli/rabbitmqadmin chmod 755 rabbitmqadmin |
8. Exchange & Queue »ý¼º Script
A. vi rabbitmq-init.sh
sleep 5
# Permission chown -R rabbitmq.rabbitmq /ccdata/logs/platform/rabbitmq chown -R rabbitmq.rabbitmq /ccdata/rabbitmq
# Plugin install rabbitmq-plugins enable rabbitmq_management
# Create user rabbitmqctl add_user rabbitmq rabbitxxxx rabbitmqctl set_user_tags rabbitmq administrator rabbitmqctl set_permissions -p / rabbitmq ".*"".*"".*"
rabbitmqctl set_policy ha-all ".*" '{"ha-mode":"all"}'
# Install rabbitmqadmin cd /usr/local/bin/ wget http://127.0.0.1:15672/cli/rabbitmqadmin chmod 775 rabbitmqadmin mv rabbitmqadmin /usr/local/bin
# Insert init data # make exchange ./rabbitmqadmin delete exchange name=File.Processing ./rabbitmqadmin declare exchange name=File.Processing type=direct
#make Queue ./rabbitmqadmin declare queue name=File.DocConvertQueue durable=true # make relation exchange & queue ./rabbitmqadmin declare binding source=File.Processing destination_type=queue destination=File.DocConvertQueue routing_key=all
rabbitmqctl set_policy ha-all ".*" '{"ha-mode":"all"}'
|
B. chmod 755 rabbitmq-init.sh
C. ./rabbitmq-init.sh
D. Running »óÅ ȮÀÎ
i. rabbitmqctl status
9. Rabbitmq Clustering
A. /etc/host¿¡ server, host µî·Ï
B. cookie º¹Á¦ (1¹ø ¼¹ö vi.erlang.cookie ³»¿ëÀ» 2¹ø¼¹ö¿¡º¹Á¦
(/var/lib/rabbitmq/.erlang.cookie)
C. 2¹ø ¼¹ö¿¡¼ ½ÇÇà
rabbitmqctl stop_app rabbitmqctl join_cluster rabbit@cl-xxx-linux2 rabbitmqctl start_app |
10.
[ÂüÁ¶]
http://linux.systemv.pe.kr/centos-7-rabbitmq-%EC%84%A4%EC%B9%98/
https://dl.fedoraproject.org/pub/epel/7/x86_64/e/
https://www.rabbitmq.com/download.html
https://www.rabbitmq.com/install-rpm.html
SlackÀº ¿ö³« À¯¸íÇؼ, °³¹ßÀÚ¶ó¸é ´©±¸³ª ¾Ë °Í ÀδÙ.
ÇÏÁö¸¸, SlackÀº B2C Áï open Cloud»ó¿¡¼ µ¿ÀÛÇÏ´Â ³»¿ëÀ¸·Î ±â¾÷³» ȯ°æ ȤÀº
Redis ¼³Ä¡
https://redis.io/
1. ¼³Ä¡ ¹öÀü : 3.2.8
2. ¼³Ä¡ °æ·Î : /ccpkg/platform/redis
3. Download : http://download.redis.io/releases/redis-3.2.8.tar.gz
4. ¼³Ä¡ Process
A. tar –zxvf redis-3.2.8.tar.gz
B. cd redis-3.2.8
C. make
D. make install PREFIX=/ccpkg/platform/redis
E. mkdir /ccpkg/platform/redis/conf
F. mkdir /ccdata/logs/platform/redis
G. mkdir /ccdata/redis/data
H. cp *.conf /ccpkg/platform/redis/conf/
I. cd /ccpkg/platform/redis/conf
J. vi redis.conf
¡¦.. Daemonize yes # no -> yes·Î º¯°æ ¡¦ Logfile ¡°/ccdata/logs/platform/redis/redis.log¡± ¡¦ databases 2 # DB °³¼ö 16->2 ·Î º¯°æ ¡¦. dir /ccdata/redis/data/
- slave Àΰæ¿ì slaveof <masterip> <masterport> |
A. vi sentinel.sh
¡¦ dir /ccdata/redis/ ¡¦ sentinel monitor mymaster <materip> <port> 2 ¡¦ daemonize yes logfile "/ccdata/logs/platform/redis/ sentinel_6379.log"
|
5. Redis ½ÇÇà / Á¾·á
i. cd /ccpkg/platform/redis/bin
ii. ./redis-server ../conf/redis.conf
iii. ./redis-sendinel ../conf/sentinel.conf
6.
8. cluster
Ŭ·¯½ºÅÍ ¼³Á¤Çϱâ
Redis.conf¿¡¼ ¼³Á¤
- ¼³Á¤ÆÄÀÏÀº redis.conf¿¡ ÀÖÀ½
#### REDIS CLUSTER ### ÂüÁ¶
port 7000 cluster-enabled yes cluster-config-file nodes.conf cluster-node-timeout 5000 appendonly yes |
clusterÀÇ °æ¿ì 3node À̻󿡼 µ¿ÀÛÇÔ.
@ ruby ±â¹Ý¿¡¼ µ¿ÀÛÇÔ
[Ruby ¼³Ä¡]
- Install ruby
- rpm –ivh libyaml-0.1.4-2.el6.x86_64.rpm
#> wget http://rpms.southbridge.ru/rhel6/ruby-1.9.3/x86_64/ruby-1.9.3.p547-1.el6.x86_64.rpm
#> yum install ruby-1.9.3/x86_64/ruby-1.9.3.p547-1.el6.x86_64.rpm
rpm –ivh ruby-1.9.3.p547-1.el6.x86_64.rpm
#> yum install gcc gcc-g++ make automake autoconf curl-devel openssl-devel zlib-devel httpd-devel apr-devel apr-util-devel sqlite-devel
#> gem update
#> gem update –system
<Cluster »ý¼º>
To create a cluster, follow this steps:
1. Edit create-cluster and change the start / end port, depending on the
number of instances you want to create.
2. Use "./create-cluster start" in order to run the instances.
3. Use "./create-cluster create" in order to execute redis-trib create, so that
an actual Redis cluster will be created.
4. Now you are ready to play with the cluster. AOF files and logs for each instances are created in the current directory.
<cluster »èÁ¦>
In order to stop a cluster:
1. Use "./craete-cluster stop" to stop all the instances. After you stopped the instances you can use "./create-cluster start" to restart them if you change ideas.
2. Use "./create-cluster clean" to remove all the AOF / log files to restat with a clean environment.
Nodejs ¼³Ä¡
url : https://nodejs.org/ko/download/
1. ¼³Ä¡ ¹öÀü : v6.9.5 (includes npm 3.10.10)
2. ¼³Ä¡ °æ·Î : /ccpkg/platform/nodejs
3. Download : https://nodejs.org/dist/v6.9.5/node-v6.9.5-linux-x64.tar.xz
4. ¼³Ä¡ Process
A. tar -xvf node-v6.9.5-linux-x64.tar.xz
B. mv node-v6.9.5-linux-x64 nodejs
C. mv nodejs /ccpkg/platform/
D. vi ~/.bash_profile (node path Ãß°¡)
PATH=/ccpkg/platform/nodejs/bin:$JAVA_HOME/bin:$PATH:$HOME/bin export PATH
NODE_PATH=/ccpkg/platform/nodejs/lib/node_modules:$NODE_PATH export NODE_PATH |
E. source ~/.bash_profile
npm install –g npm npm install –g gulp npm install forever |
F.
³¡... ½±ÁÒ~~
#!/bin/sh if [ -z "`ps -eaf | grep mattermost | grep java`" ]; then echo "Mattermost was not started." else ps -eaf | grep mattermost | grep java | awk '{print $2}' | while read PID do echo "Killing $PID ..." kill -9 $PID echo echo "Mattermost is being shutdowned." done fi |
¼º´É ÃøÁ¤ ½Ã ºÎÇÏ ¸ð´ÏÅ͸µ ¹× À̽´ °ËÅ並 À§Çؼ Scouter¸¦ »ç¿ëÇÏ°í ÀÖ´Ù.
jennifer ´ëü¿ë
±âÁ¸ v0.3.8 ¿¡¼ v0.4.22·Î º¯°æÇÏ¸é¼ ¼³Á¤ (conf) º¯°æ»çÇ× Á¤¸®
1. Scouter Download
https://github.com/scouter-project/scouter
2. ¼³Ä¡ ³»¿ë
- server (Collector)
- agent ( host / tomcat agent)
- client ( monitoring agent, windows)
3. Configuration
1) Server Config
./server/conf/scouter.conf
# Agent Control and Service Port(Default : TCP 6100) net_tcp_listen_port=6100 # UDP Receive Port(Default : 6100) net_udp_listen_port=6100 # DB directory(Default : ./database) db_dir=./database # Log directory(Default : ./logs) log_dir=./logs |
2) Host agent Config
./host.agent/scouter.conf
# Scouter Server IP Address (Default : 127.0.0.1) net_collector_ip=xxx.xxx.xxx.xxx # Scouter Server Port (Default : 6100) net_collector_udp_port=6100 net_collector_tcp_port=6100 # Scouter Name(Default : tomcat1) obj_name=WAS1 # Log directory(Default : ./logs) log_dir=./logs |
3) tomcat agent Conf
./{tomcat_instance}/scouter/conf/scouter.conf
# Scouter Server IP Address (Default : 127.0.0.1) net_collector_ip=xxx.xxx.xxx.xxx # Scouter Server Port (Default : 6100) net_collector_udp_port=6100 net_collector_tcp_port=6100 # Scouter Name(Default : tomcat1) obj_name=tomcat1 # JDBC Query(Default : true) profile_sql_escape=false profile_thread_cputime_enabled=true trace_interservice_enabled=true
|
4. tomcat agent Àû¿ë ¹æ¹ý
tomcat ( Catalina options Ãß°¡ )
export CATALINA_OPTS="..... -javaagent:${CATALINA_BASE}/scouter/scouter.agent.jar -Dscouter.config=${CATALINA_BASE}/scouter/scouter.conf" |
[±âÁ¸ ¹öÀü ´ëºñ º¯°æ»çÇ× Á¤¸®]
AS-IS | TO-BE |
server_addr= | net_collector_ip= |
server_udp_port= | net_collector_udp_port= |
server_tcp_port= | net_collector_tcp_port= |
scouter_name= | obj_name= |
find ¸í·ÉÀ» ¹Þ´Â ÆÄÀÏ¿¡¼ ´Ù¸¥ ¸í·ÉÀ» ¼öÇàÇÒ ¼ö ÀÖ½À´Ï´Ù.ÇöÀç µð·ºÅ丮¿Í ÇÏÀ§ µð·ºÅ丮¿¡¼ .tmp¶ó´Â È®Àå À̸§À» °¡Áø ¸ðµç ÆÄÀÏÀ» »èÁ¦ÇÏ·Á¸é
$ find . -name '*.tmp' -exec rm {} \;
ÇöÀç µð·ºÅ丮¿Í ÇÏÀ§ µð·ºÅ丮¿¡¼ .tmp·Î ³¡³ª´Â ¸ðµç ÆÄÀÏÀ» ã¾Æ¼ ȸ鿡 ³ªÅ¸³»°í ±×ÆÄÀÏÀ» ¸ðµÎ »èÁ¦ÇÕ´Ï´Ù. -exec ¼±ÅûçÇ×Àº ´ÙÀ½ ¸í·É (rm)À» ½ÇÇàÇÕ´Ï´Ù. { } ´Â find ¸í·ÉÀÌ Ã£Àº ÆÄÀÏÀ» ÀǹÌÇÕ´Ï´Ù. ¸í·É ¹®ÀÚ¿À» ³¡³»´Â¼¼¹ÌÄÝ·Ð (;) ¾Õ¿¡
ESC ¹®ÀÚ·Î ¿ªºø±Ý(\)À» ºÙÀÔ´Ï´Ù
¸®´ª½º¿¡¼ ³ëÆ®ºÏ ¶Ñ²±À» ´Ý¾Æµµ ÀýÀü¸ðµå·Î ¹Ù²îÁö ¾Êµµ·Ï ¼³Á¤Çϱâ
vi /etc/systemd/logind.conf
¿Ö disable ½Ãų±î?
by Vivek Gite ¡¤ 0 comments
virtual network (virbr0)´Â guestµéÀÌ ³×Æ®¿÷ ¼ºñ½º¿¡ Á¢±ÙÇÏ´Â °ÍÀ» Çã¶ôÇϱâÀ§Çؼ Network address translation (NAT) ¸¦ À§ÇØ »ç¿ëµÈ´Ù. ÇÏÁö¸¸ NAT´Â ´Ê°í µ¥½ºÅ©Å¾ ¼³Ä¡¸¦ À§Çؼ ±ÇÀåµÈ´Ù. ÀÌ Network address translation (NAT)¸¦ disable½ÃÅ°±â À§Çؼ´Â ¾Æ·¡¿Í °°ÀÌ ¼³Á¤ÇÑ´Ù.
ÇöÀç ¼³Á¤»óÅ º¸±â
¾Æ·¡¿Í °°ÀÌ ¸í·ÉÇÑ´Ù:
#ifconfig
°á°ú ¿¹Á¦:
¶Ç´Â ¾Æ·¡ÀÇ ¸í·ÉÀ» ÀÌ¿ëÇضó:
# virsh net-list
°á°ú ¿¹Á¦:
Name State Autostart ----------------------------------------- default active yes
virbr0¸¦ disable ½ÃÅ°´Â ¹æ¹ý:
# ifconfig
# virsh net-destroy default
# virsh net-undefine default
# service libvirtd restart
Ãâó: http://redkite777.tistory.com/entry/¸®´ª½ºCentOS-virbr0-NAT-disable [All Days ¹«ÇѵµÀü]
for (int i = 1001; i < 10000; i+=2) {
isPrime[i] = true;
for (int j = 2; j*j <= i; j++) {
if(i%j==0) {
isPrime[i] = false;
break;
}
}
}
// 1Àº ¼Ò¼öµµ ÇÕ¼º¼öµµ ¾Æ´Ï¹Ç·Î i´Â 2ºÎÅÍ ½ÃÀÛÇÑ´Ù.
// 2ÀÇ °æ¿ì ¹Ýº¹¹®ÀÌ ½ÇÇàµÇÁö ¾ÊÀ¸¹Ç·Î defalt°ªÀ¸·Î ½ÇÇàµÈ´Ù.
// ³¡ÀÌ 1,3,7,9·Î ³¡³´Ù
// i*i <= n ±îÁö¸¸ È®ÀÎÇϸéµÊ
for (int i = 2; i*i <= num; i++) {
// 1°ú num ÀڽŠ¿Ü¿¡ ³ª´©¾îÁö´Â ¼ö°¡ ÀÖ´ÂÁö °Ë»çÇÒ Á¶°Ç¹®
if (num % i == 0) {
// ³ª´©¾îÁö´Â ¼ö°¡ ÀÖÀ» °æ¿ì isPrimeÀÇ °ªÀ» true·Î ¹Ù²Û´Ù.
isPrime = true;
// ÇÑ ¹øÀÌ¶óµµ ÀÌ Á¶°Ç¹®ÀÌ ½ÇÇàµÉ °æ¿ì numÀº ¼Ò¼ö°¡ ¾Æ´Ï¹Ç·Î ¹Ýº¹¹®À» ºüÁ®³ª¿Â´Ù.
break;
}
}
³»ºÎÀûÀ¸·Î Process°¡ file IO ȤÀº ½ÇÁ¦ Process°¡ ¸¹ÀÌ ¶° Àִ°æ¿ì.,
"ÀÚ¿øÀÌ ÀϽÃÀûÀ¸·Î »ç¿ë ºÒ°¡´ÉÇÔ"°°Àº ¿¡·¯¸¦ ¹ß»ýÇϸç, ·Î±×ÀÎ Á¶Â÷ ¾ÈµÇ´Â °æ¿ì°¡ ¹ß»ýÇÔ.
ÀÌ·± °æ¿ì´Â ¾Æ·¡¿Í °°ÀÌ Process È®ÀÎÀÌ °¡´ÉÇϸç,
# lsof | grep {account} | wc -l |
ÇØ´ç ProcessÀÇ max °ª º¯°æÀº
# vi /etc/security/limits.conf |
.... # End of file root - nproc 32768 * - nofile 65536 {account} - nproc 32768
|
¿Í °°ÀÌ Àû¿ëÇØÁÖ¸é µÈ´Ù.
Âü°í
lsof ´Â list open files ÀÇ ¾àÀÚ·Î ½Ã½ºÅÛ¿¡¼ ¿¸° ÆÄÀÏ ¸ñ·ÏÀ» ¾Ë·ÁÁÖ°í »ç¿ëÇÏ´Â ÇÁ·Î¼¼½º, µð¹ÙÀ̽º Á¤º¸, ÆÄÀÏÀÇ Á¾·ùµî »ó¼¼ÇÑ Á¤º¸¸¦ Ãâ·ÂÇØ ÁØ´Ù.
Ä÷³º° Àǹ̴ ´ÙÀ½°ú °°´Ù.
COMMAND : ½ÇÇàÇÑ ¸í·É¾î
PID : process id
USER : ½ÇÇàÇÑ »ç¿ëÀÚ
FD: File Descriptor, ÆÄÀÏÀÇ Á¾·ù.
cwd: current working directory
rtd: root directory
mem : memory-mapped file
txt: program text (code and data);
TYPE: ÆÄÀÏ Á¾·ù
DIR: µð·ºÅ͸®
CHR: character special file
REG: regular file
unix: À¯´Ð½º µµ¸ÞÀÎ ¼ÒÄÏ (MySQL µîÀÌ »ç¿ëÇÏ´Â ¼ÒÄÏÀ¸·Î ·ÎÄà ÇÁ·Î¼¼½º¿¡¼¸¸ »ç¿ë °¡´ÉÇϸç TCP/UDP º¸´Ù ¼Óµµ°¡ ¸Å¿ì ºü¸§)
DEVICE : ÀåÄ¡ ¹øÈ£
SIZE/OFF: ÆÄÀÏÀÇ Å©±â³ª ¿ÀÇÁ¼Â
NODE: ³ëµå ¹øÈ£
NAME: ÆÄÀϸí
ƯÁ¤ »ç¿ëÀÚÀÇ ¿¸° ÆÄÀÏ Ãâ·Â
-u ¿É¼ÇÀ¸·Î »ç¿ëÀÚ¸¦ ÁöÁ¤ÇÒ ¼ö ÀÖ´Ù.
ÀÚ¼¼ÇÑ »çÇ×Àº
https://www.lesstif.com/pages/viewpage.action?pageId=20776078
¿©±â¸¦ È®ÀÎ ¹Ù¶÷.