LFCE: Ịwụnye ọrụ netwọk na ịhazi mmalite akpaaka na buut - akụkụ 1

Onye Injinia Asambodo Linux Foundation (LFCE) dị njikere ịwụnye, hazie, jikwaa, na idozi ọrụ netwọkụ na sistemu Linux, ma ọ bụ ya na-ahụ maka imepụta na mmejuputa ụkpụrụ ụlọ.

Ewebata Mmemme Asambodo Foundation Linux.

N'ime usoro isiokwu 12 a, akpọrọ Nkwadebe maka ule LFCE (Linux Foundation Certified Engineer), anyị ga-ekpuchi ngalaba na ikike achọrọ na Ubuntu, CentOS, na openSUSE:

Ịwụnye Ọrụ netwọk

Mgbe a bịara n'ịtọlite na iji ụdị ọrụ netwọk ọ bụla, ọ na-esiri ike iche n'echiche na Linux enweghị ike ịbụ akụkụ nke ya. N'isiokwu a, anyị ga-egosi otu esi etinye ọrụ netwọk ndị a na Linux (a ga-ekpuchi nhazi ọ bụla na isiokwu dị iche iche na-abịa):

  1. NFS (Sistemụ Njikwa netwọkụ) sava
  2. Sava webụ Apache
  3. Squid Proxy Server + SquidGuard
  4. Ihe nkesa ozi-e (Postfix + Dovecot), na
  5. Iptables

Na mgbakwunye, anyị ga-achọ ijide n'aka na ọrụ ndị ahụ niile malitere na-akpaghị aka na buut ma ọ bụ na-achọrọ.

Anyị ga-achọpụtarịrị na ọbụlagodi mgbe ị nwere ike ịgba ọsọ ọrụ netwọkụ ndị a niile n'otu igwe anụ ahụ ma ọ bụ nkesa nkeonwe, otu n'ime ihe mbụ a na-akpọ \iwu nke nchekwa netwọk na-agwa ndị na-ahụ maka sistemụ ka ha zere. Kedu ihe bụ ikpe na-akwado nkwupụta ahụ? nke fọdụrụ kwa.

Ugbu a, ọ bụrụ n'ezie na ịchọrọ ịwụnye ọtụtụ ọrụ netwọk n'otu igwe (na ụlọ nyocha, dịka ọmụmaatụ), jide n'aka na ị na-eme ka ọ bụrụ naanị ndị ị chọrọ n'otu oge, ma gbanyụọ ha ma emechaa.

Tupu anyị amalite, anyị kwesịrị ịkọwapụta na isiokwu dị ugbu a (yana ndị ọzọ na usoro LFCS na LFCE) na-elekwasị anya n'echiche dabere na arụmọrụ, ya mere enweghị ike. nyochaa nkọwa usoro ihe niile gbasara isiokwu ndị a kpuchiri ekpuchi. Otú ọ dị, anyị ga-ewebata isiokwu ọ bụla na ozi dị mkpa dị ka mmalite.

Iji jiri ọrụ netwọk ndị a, ị ga-achọ gbanyụọ firewall maka oge ahụ ruo mgbe anyị ga-amụta otu esi ekwe ka okporo ụzọ kwekọrọ na firewall.

Biko mara na akwadoghị nke a maka nrụpụta mmepụta, mana anyị ga-eme ya naanị maka ebumnuche mmụta.

Na nrụnye Ubuntu ndabara, firewall ekwesịghị ịdị na-arụ ọrụ. Na openSUSE na CentOS, ị ga-achọ gbanyụọ ya nke ọma:

# systemctl stop firewalld
# systemctl disable firewalld 
or
# or systemctl mask firewalld

Nke a na-ekwu, ka anyị malite!

NFS n'onwe ya bụ ụkpụrụ netwọkụ, nke ụdị ọhụrụ ya bụ NFSv4. Nke a bụ ụdị nke anyị ga-eji n'ime usoro isiokwu a.

Ihe nkesa NFS bụ usoro ọdịnala nke na-enye ndị ahịa Linux dịpụrụ adịpụ aka ịkwanye òkè ya na netwọk ma soro usoro faịlụ ndị ahụ na-emekọrịta ihe dị ka a na-agbanye ha na mpaghara, na-enye ohere ịmepụta ihe nchekwa maka netwọk.

# yum update && yum install nfs-utils

# aptitude update && aptitude install nfs-kernel-server

# zypper refresh && zypper install nfsserver

Maka nkọwa zuru ezu, gụọ akụkọ anyị na-agwa otu esi ahazi NFS Server na Client na sistemụ Linux.

Sava webụ Apache bụ mmejuputa FOSS siri ike na ntụkwasị obi nke sava HTTP. Dịka njedebe nke Ọktoba 2014, Apache na-arụ ọrụ nde saịtị 385, na-enye ya 37.45% òkè nke ahịa ahụ. Ị nwere ike iji Apache jee ozi webụsaịtị kwụ ọtọ ma ọ bụ ọtụtụ ndị ọbịa mebere n'otu igwe.

# yum update && yum install httpd		[On CentOS]
# aptitude update && aptitude install apache2 		[On Ubuntu]
# zypper refresh && zypper install apache2		[On openSUSE]

Maka ntụzịaka zuru ezu karị, gụọ akụkọ anyị na-esote nke na-egosi otu esi emepụta ndị ọbịa Apache nke dabeere na IP yana otu esi echedo sava weebụ Apache.

  1. Apache IP Dabere na Aha Dabere Mebere Bochum
  2. Ndụmọdụ maka nchekwa na nchekwa sava Apache

Squid bụ ihe nkesa proxy yana daemon cache webụ ma, dị ka nke a, na-arụ ọrụ dị ka onye na-agbata n'ọsọ n'etiti ọtụtụ kọmputa ndị ahịa na ịntanetị (ma ọ bụ rawụta ejikọrọ na ịntanetị), ebe ọ na-eme ngwa ngwa arịrịọ ugboro ugboro site na ịchekwa ọdịnaya weebụ. na mkpebi DNS n'otu oge. Enwere ike iji ya gọnarị (ma ọ bụ nye) ohere ịnweta URL ụfọdụ site na ngalaba netwọk ma ọ bụ dabere na mkpụrụokwu amachibidoro, ma na-edobe faịlụ ndekọ nke njikọ niile emere na mpụga ụwa na ndabere onye ọrụ.

Squidguard bụ redirector na-emejuputa ndetu ojii iji kwalite squid, ma jikọta ya na ya n'enweghị nsogbu.

# yum update && yum install squid squidGuard			[On CentOS] 
# aptitude update && aptitude install squid3 squidguard		[On Ubuntu]
# zypper refresh && zypper install squid squidGuard 		[On openSUSE]

Postfix bụ onye na-ebufe njem ozi (MTA). Ọ bụ ngwa na-ahụ maka ịkwọgharị na izipu ozi email site na isi iyi gaa na sava ozi na-aga, ebe dovecot bụ ihe nkesa email IMAP na POP3 a na-ejikarị na-ebuga ozi site na MTA ma na-ebuga ha na igbe ozi onye ọrụ ziri ezi.

Dovecot plugins maka ọtụtụ sistemu njikwa nchekwa data mmekọrịta dịkwa.

# yum update && yum install postfix dovecot 				[On CentOS] 
# aptitude update && aptitude postfix dovecot-imapd dovecot-pop3d 	[On Ubuntu]
# zypper refresh && zypper postfix dovecot				[On openSUSE]

N'okwu ole na ole, firewall bụ akụrụngwa netwọkụ nke a na-eji jikwaa ịnweta ma ọ bụ site na netwọk nkeonwe, yana iji megharịa okporo ụzọ mbata na ọpụpụ dabere na iwu ụfọdụ.

Iptables bụ ngwa arụnyere na ndabara na Linux ma na-eje ozi dị ka ihu n'ihu na modul kernel netfilter, bụ nke kacha arụ ọrụ maka imejuputa firewall iji rụọ ọrụ nzacha/redirection na ọrụ ntụgharị netwọkụ.

Ebe ọ bụ na arụnyere iptables na Linux site na ndabara, naanị ị ga-ahụ na ọ na-agba ọsọ. Iji mee nke ahụ, anyị kwesịrị ịlele na ebudatara modul iptables:

# lsmod | grep ip_tables

Ọ bụrụ na iwu a dị n'elu alaghachighị ihe ọ bụla, ọ pụtara na modul ip_tables erubeghị. N'okwu ahụ, mee iwu na-esonụ iji buo modul.

# modprobe -a ip_tables

Gụọkwa: Ntụzịaka bụ isi na Linux Iptables Firewall

Na-ahazi ọrụ akpaghị aka na buut

Dị ka a tụlere na ijikwa usoro mmalite usoro na ọrụ - Akụkụ 7 nke usoro isiokwu 10 gbasara asambodo LFCS, enwere ọtụtụ sistemụ na ndị njikwa ọrụ dị na Linux. Ihe ọ bụla ị họọrọ, ịkwesịrị ịma ka esi amalite, kwụsị, na malitegharịa ọrụ netwọk na-achọ, yana otu esi eme ka ha nwee ike ịmalite na-akpaghị aka na buut.

Ị nwere ike ịlele ihe bụ sistemụ na njikwa ọrụ gị site na iji iwu a:

# ps --pid 1

Dabere na mmepụta nke iwu dị n'elu, ị ga-eji otu n'ime iwu ndị a iji hazie ma ọrụ ọ bụla kwesịrị ịmalite na-akpaghị aka na buut ma ọ bụ na ọ bụghị:

----------- Enable Service to Start at Boot -----------
# systemctl enable [service]

----------- Prevent Service from Starting at Boot -----------
# systemctl disable [service] # prevent [service] from starting at boot

----------- Start Service at Boot in Runlevels A and B -----------
# chkconfig --level AB [service] on 

-----------  Don’t Start Service at boot in Runlevels C and D -----------
# chkconfig --level CD service off

Hụ na edemede /etc/init/[service].conf dị ma nwee nhazi pere mpe, dịka:

# When to start the service
start on runlevel [2345]
# When to stop the service
stop on runlevel [016]
# Automatically restart process in case of crash
respawn
# Specify the process/command (add arguments if needed) to run
exec /absolute/path/to/network/service/binary arg1 arg2

Ị nwekwara ike ịlele akụkụ 7 nke usoro LFCS (nke anyị kpọtụrụ aha na mmalite nke ngalaba a) maka iwu ndị ọzọ bara uru iji jikwaa ọrụ netwọk na-achọ.

Nchịkọta

Ka ọ dị ugbu a, ị ga-arụnye ọrụ netwọk niile akọwara n'isiokwu a, yana ikekwe na-eji nhazi ndabara na-arụ ọrụ. N'isiokwu ndị ọzọ anyị ga-enyocha ka esi ahazi ha dị ka mkpa anyị si dị, yabụ jide n'aka na ị nọ na-ekiri! Ma biko nweere onwe gị ịkọrọ gị ihe gị (ma ọ bụ biputere ajụjụ, ọ bụrụ na ị nwere ihe ọ bụla) na isiokwu a site na iji ụdị dị n'okpuru.

    Banyere LFCE
  1. Gịnị kpatara ị nweta asambodo ntọala Linux?
  2. Debanye aha maka ule LFCE