判断端口通不通的几种方法

2014年8月22日 21:05

 
通常使用"telnet ip port"判断端口通不通. 有其它方法吗?先看下面的几种方法

准备环境

启动一个web服务器,提供端口.
[wyq@localhost ~]$ python -m SimpleHTTPServer 8080
Serving HTTP on 0.0.0.0 port 8080 ...
用其它web服务器提供端口也一样,由于python比较方便,这里就用它

使用telnet判断

telnet是windows标准服务,可以直接用;如果是linux机器,需要安装telnet.
 
用法: telnet ip port
 
先用telnet连接不存在的端口
[wyq@localhost ~]$ telnet localhost 9000
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
直接提示连接被拒绝
 
再连接上面提供的端口
[wyq@localhost ~]$ telnet localhost 8080
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
看到"Connected to localhost." 可以知道连接成功了.
 
后台服务器有什么反映?
[wyq@localhost monitor]$ python -m SimpleHTTPServer 8080
Serving HTTP on 0.0.0.0 port 8080 ...
没有任何反映
 
此时telnet停住了,随便输入一个字符"a",然后回车
[wyq@localhost ~]$ telnet localhost 8080
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
a
<head>
<title>Error response</title>
</head>
<body>
<h1>Error response</h1>
<p>Error code 400.
<p>Message: Bad request syntax ('a').
<p>Error code explanation: 400 = Bad request syntax or unsupported method.
</body>
Connection closed by foreign host.
 
再看服务器
[wyq@localhost monitor]$ python -m SimpleHTTPServer 8080
Serving HTTP on 0.0.0.0 port 8080 ...
127.0.0.1 - - [22/Aug/2014 07:15:16] code 400, message Bad request syntax ('a')
127.0.0.1 - - [22/Aug/2014 07:15:16] "a" 400 -
 
上面是linux环境下telnet连接一个web服务端口的情况. 

使用ssh判断

ssh是linux的标准配置并且最常用,可以用来判断端口吗? 
 
用法: ssh -v -p port username@ip
-v 调试模式(会打印日志).
-p 指定端口
usernmae可以随意
 
连接不存在端口
[wyq@localhost ~]$ ssh -v -p 9000 wyq@localhost
OpenSSH_6.4, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /home/wyq/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 51: Applying options for *
debug1: Connecting to localhost [127.0.0.1] port 9000.
debug1: connect to address 127.0.0.1 port 9000: Connection refused
ssh: connect to host localhost port 9000: Connection refused
"Connection refused"表示端口不可用
 
连接存在的端口
[wyq@localhost ~]$ ssh -v -p 8080 wyq@localhost
OpenSSH_6.4, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /home/wyq/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 51: Applying options for *
debug1: Connecting to localhost [127.0.0.1] port 8080.
debug1: Connection established.
debug1: identity file /home/wyq/.ssh/id_rsa type 1
debug1: identity file /home/wyq/.ssh/id_rsa-cert type -1
debug1: identity file /home/wyq/.ssh/id_dsa type -1
debug1: identity file /home/wyq/.ssh/id_dsa-cert type -1
debug1: identity file /home/wyq/.ssh/id_ecdsa type -1
debug1: identity file /home/wyq/.ssh/id_ecdsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.4
debug1: ssh_exchange_identification: <head>

debug1: ssh_exchange_identification: <title>Error response</title>

debug1: ssh_exchange_identification: </head>

debug1: ssh_exchange_identification: <body>

debug1: ssh_exchange_identification: <h1>Error response</h1>

debug1: ssh_exchange_identification: <p>Error code 400.

debug1: ssh_exchange_identification: <p>Message: Bad request syntax ('SSH-2.0-OpenSSH_6.4').

debug1: ssh_exchange_identification: <p>Error code explanation: 400 = Bad request syntax or unsupported method.

debug1: ssh_exchange_identification: </body>

ssh_exchange_identification: Connection closed by remote host
"Connection established" 表示已经连上端口
 
服务器输出
[wyq@localhost ~]$ python -m SimpleHTTPServer 8080
Serving HTTP on 0.0.0.0 port 8080 ...
127.0.0.1 - - [22/Aug/2014 13:32:55] code 400, message Bad request syntax ('SSH-2.0-OpenSSH_6.4')
127.0.0.1 - - [22/Aug/2014 13:32:55] "SSH-2.0-OpenSSH_6.4" 400 -
 

使用wget判断

wget是linux下的下载工具,需要先安装.
 
用法: wget ip:port
 
连接不存在的端口
[wyq@localhost ~]$ wget localhost:9000
--2014-08-22 13:36:42--  http://localhost:9000/
正在解析主机 localhost (localhost)... 127.0.0.1
正在连接 localhost (localhost)|127.0.0.1|:9000... 失败:拒绝连接。
连接存在的端口
[wyq@localhost ~]$ wget localhost:8080
--2014-08-22 13:37:22--  http://localhost:8080/
正在解析主机 localhost (localhost)... 127.0.0.1
正在连接 localhost (localhost)|127.0.0.1|:8080... 已连接。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:2770 (2.7K) [text/html]
正在保存至: “index.html”

100%[======================================>] 2,770       --.-K/s 用时 0s      

2014-08-22 13:37:22 (105 MB/s) - 已保存 “index.html” [2770/2770])

总结

提供端口服务,则使用了tcp协议,上面是以web服务器为例。如果服务器是更简单的tcp服务器,三个工具同样适用.
三个工具的共同点是:1.以tcp协议为基础;2.能访问指定端口. 遵循这两点可以找到很多工具.
在windows下使用telnet比较方便,linux下个人就比较喜欢用wget.
 
 

 

Tags: 端口;windows;linux
评论(0) 阅读(18222)

linux与linux之间共享目录

2014年6月19日 22:46

简述

在linux与windows之间共享目录使用smbfs. 但是在linux与linux之间共享目录要用nfs(Network File System网络文件系统). 服务端用nfs提供共享目录服务,客户端通过mount将共享目录挂载到本地.

以fedora 20设置共享目录为例

  • 安装nfs
fedora 20要安装以下两个包
[wyq@localhost ~]$ rpm -qa |grep nfs
libnfsidmap-0.25-8.fc20.x86_64
nfs-utils-1.3.0-2.1.fc20.x86_64
  • 配置共享目录
在/etc/exports文件中添加以下内容
/home/wyq/share  192.* (insecure,rw,sync,no_root_squash)
  • 设置防火墙,允许nfs服务
输入sudo firewall-config打开防火墙配置界面,选中nfs服务
  • 启动nfs服务
sudo service nfs start
  • 挂载目录
sudo mount -t nfs 127.0.0.1:/home/wyq/share /home/wyq/mount
  • 取消挂载
umount /home/wyq/mount
 
 
 
exports配置文件说明
/home/wyq/share 共享的目录
192.*           允许访问的主机IP, 如果不能确定 ,请使用 *(在fedora 20实验中表示任意IP时,不用加星号,否则nfs会无法启动) 
insecure        一个安全选项, 如果nfs服务端口号小于1024则可以不添加这个选项, 否则不添加的话, 是无法访问的.其他主机访问的话就会被拒绝.
rw              共享目录的权限,rw 是可读写的权限,只读的权限是ro.
sync            同步的选项, 可选的还有 async. sync是不使用缓存,随时写入同步, async是使用缓存的.
no_root_squash  NFS服务共享的目录的属性, 如果用户是root, 那么对这个目录就有root的权限.
 
启动nfs失败示例
  • 启动nfs时提示失败
[wyq@localhost workspace]$ sudo service nfs start
Redirecting to /bin/systemctl start  nfs.service
Job for nfs-server.service failed. See 'systemctl status nfs-server.service' and 'journalctl -xn' for details.
  • 根据提示查看错误信息
[wyq@localhost workspace]$ sudo systemctl status nfs-server.service
nfs-server.service - NFS Server
   Loaded: loaded (/usr/lib/systemd/system/nfs-server.service; disabled)
   Active: failed (Result: exit-code) since 四 2014-06-19 22:20:37 CST; 5s ago
  Process: 4984 ExecStopPost=/usr/sbin/exportfs -f (code=exited, status=0/SUCCESS)
  Process: 4980 ExecStop=/usr/sbin/rpc.nfsd 0 (code=exited, status=0/SUCCESS)
  Process: 3778 ExecStartPost=/usr/libexec/nfs-utils/scripts/nfs-server.postconfig (code=exited, status=0/SUCCESS)
  Process: 3761 ExecStart=/usr/sbin/rpc.nfsd $RPCNFSDARGS $RPCNFSDCOUNT (code=exited, status=0/SUCCESS)
  Process: 5371 ExecStartPre=/usr/sbin/exportfs -r (code=exited, status=1/FAILURE)
  Process: 5369 ExecStartPre=/usr/libexec/nfs-utils/scripts/nfs-server.preconfig (code=exited, status=0/SUCCESS)
 Main PID: 3761 (code=exited, status=0/SUCCESS)

6月 19 22:20:37 localhost.localdomain systemd[1]: Starting NFS Server...
6月 19 22:20:37 localhost.localdomain exportfs[5371]: exportfs: No options for /home/wyq/share *: suggest *(sync) to avoid warning
6月 19 22:20:37 localhost.localdomain exportfs[5371]: exportfs: No host name given with /home/wyq/share (insecure,rw,sync,no_root_squash), suggest *(insecure,rw,sync,no_root_squash) to avoid warning
6月 19 22:20:37 localhost.localdomain exportfs[5371]: exportfs: incompatible duplicated export entries:
6月 19 22:20:37 localhost.localdomain exportfs[5371]: exportfs:         *:/home/wyq/share (0x422) [IGNORED]
6月 19 22:20:37 localhost.localdomain exportfs[5371]: exportfs:         *:/home/wyq/share (0x425)
6月 19 22:20:37 localhost.localdomain systemd[1]: nfs-server.service: control process exited, code=exited status=1
6月 19 22:20:37 localhost.localdomain systemd[1]: Failed to start NFS Server.
6月 19 22:20:37 localhost.localdomain systemd[1]: Unit nfs-server.service entered failed state.
注意到信息中"exportfs: incompatible duplicated export entries:" 意思是有重复配置
  • 查看配置文件/etc/exports, 内容如下
/home/wyq/share  *  (insecure,rw,sync,no_root_squash)
  • 猜测是配置错误导致nfs无法启动
将配置更改为以下几种,逐一尝试
第一种
/home/wyq/share  192.*  (insecure,rw,sync,no_root_squash)
第二种
/home/wyq/share  (insecure,rw,sync,no_root_squash)
 
发现使用以上两种方式的配置,nfs均能正常启动并且被挂载.
  • 结论
在fedora 20的nfs配置文件/etc/exports中,如果想让任意主机访问共享目录,不需要用*表示,不填即表示任意主机.
 
 

Tags: mount;共享目录
评论(0) 阅读(2249)

ssh登陆提示Too many authentication failures for wyq

2014年5月05日 16:58

 
碰到使用ssh登陆,直接出现认证失败次数太多的问题.
 
在自己机器上模拟了下面测试.
 
ssh登陆系统,未输入密码就提示认证失败
[wyq@localhost ~]$ ssh wyq@192.168.1.107
Received disconnect from 192.168.1.107: 2: Too many authentication failures for wyq
查看/etc/sshd/sshd_config尝试认证次数
MaxAuthTries 1
 
最大认证次数为1,为什么还没有输入密码就已经提示 Too many authentication failures ?
 
开启ssh的debug模式
[wyq@localhost ~]$ ssh -v wyq@192.168.1.107
OpenSSH_6.4, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /home/wyq/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 51: Applying options for *
debug1: Connecting to 192.168.1.107 [192.168.1.107] port 22.
debug1: Connection established.
debug1: identity file /home/wyq/.ssh/id_rsa type 1
debug1: identity file /home/wyq/.ssh/id_rsa-cert type -1
debug1: identity file /home/wyq/.ssh/id_dsa type -1
debug1: identity file /home/wyq/.ssh/id_dsa-cert type -1
debug1: identity file /home/wyq/.ssh/id_ecdsa type -1
debug1: identity file /home/wyq/.ssh/id_ecdsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.4
debug1: match: OpenSSH_6.4 pat OpenSSH*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none
debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 66:29:e1:f3:32:92:64:da:98:bc:ab:f8:9c:a4:63:02
debug1: Host '192.168.1.107' is known and matches the ECDSA host key.
debug1: Found key in /home/wyq/.ssh/known_hosts:21
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
Cannot determine realm for numeric host address

debug1: Unspecified GSS failure.  Minor code may provide more information
Cannot determine realm for numeric host address

debug1: Unspecified GSS failure.  Minor code may provide more information


debug1: Unspecified GSS failure.  Minor code may provide more information
Cannot determine realm for numeric host address

debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/wyq/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /home/wyq/.ssh/id_dsa
debug1: Trying private key: /home/wyq/.ssh/id_ecdsa
debug1: Next authentication method: password
wyq@192.168.1.107's password: 
发现在提示输入密码前它已经进行了几次验证
debug1: Next authentication method: gssapi-keyex
debug1: Next authentication method: gssapi-with-mic
debug1: Next authentication method: publickey
debug1: Next authentication method: password
原来在密码认证之前,ssh已经进行了几种认证.
应该是他们导致的,具体原因就不是很清楚.
 
还有一个问题就是MaxAuthTries值再大,也只能输入三次密码.
这个问题也很疑惑的.
 
挺奇怪的,管理人员怎么喜欢修改MaxAuthTries的值?
ssh登陆密码输入错误,被中断后,别人再ssh不行吗?
默认值很合理的,完全没有必要修改.
 

Tags: ssh
评论(0) 阅读(2784)

linux端口使用权限

2014年3月25日 09:55

在Linux系统中,监听1024以下端口需要root权限。因此,如果想监听80,需要使用sudo命令启动程序。
  • 示例
[wyq@localhost ~]$ python -m SimpleHTTPServer 80
Traceback (most recent call last):
  File "/usr/lib64/python2.7/runpy.py", line 162, in _run_module_as_main
    "__main__", fname, loader, pkg_name)
  File "/usr/lib64/python2.7/runpy.py", line 72, in _run_code
    exec code in run_globals
  File "/usr/lib64/python2.7/SimpleHTTPServer.py", line 220, in <module>
    test()
  File "/usr/lib64/python2.7/SimpleHTTPServer.py", line 216, in test
    BaseHTTPServer.test(HandlerClass, ServerClass)
  File "/usr/lib64/python2.7/BaseHTTPServer.py", line 595, in test
    httpd = ServerClass(server_address, HandlerClass)
  File "/usr/lib64/python2.7/SocketServer.py", line 419, in __init__
    self.server_bind()
  File "/usr/lib64/python2.7/BaseHTTPServer.py", line 108, in server_bind
    SocketServer.TCPServer.server_bind(self)
  File "/usr/lib64/python2.7/SocketServer.py", line 430, in server_bind
    self.socket.bind(self.server_address)
  File "/usr/lib64/python2.7/socket.py", line 224, in meth
    return getattr(self._sock,name)(*args)
socket.error: [Errno 13] Permission denied

 

评论(0) 阅读(1123)

fedora中iptables与firewall的关系

2014年3月13日 16:09

fedora上有两个防火墙iptables和firewall.
 
它们间的关系
iptables用于过滤数据包,属于网络层防火墙.
firewall能够允许哪些服务可用,那些端口可用.... 属于更高一层的防火墙。
 
firewall的底层是使用iptables进行数据过滤,建立在iptables之上。
 
默认的iptables配置
[wyq@localhost ~]$ sudo iptables -L -n
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination 
 
firewall启动后,查看iptables的配置
可以看到,firewall修改了iptables中链路
[wyq@localhost sysconfig]$ sudo iptables -L -n
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
INPUT_direct  all  --  0.0.0.0/0            0.0.0.0/0           
INPUT_ZONES_SOURCE  all  --  0.0.0.0/0            0.0.0.0/0           
INPUT_ZONES  all  --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED

...........
 
 
firewall可以提供高层的防火墙。
 
所以fedora系统中的设置防火墙,最好使用firewall
 

Tags: 防火墙;firewall;iptables
评论(2) 阅读(2818)

iptables用法

2014年3月13日 15:44

iptables过滤网络包. 属于网络层防火墙.
 
命令行设置
  • 启用端口
iptables -A INPUT -p tcp --dport 8000 -j ACCEPT
 
  • 保存配置
sudo serivce iptables save
 
  • 重启iptables,使配置生效
sudo serivce iptables restart
 
配置文件
  • 永久生效
修改/etc/sysconfig/iptables文件
-A INPUT -p tcp --dport 8080 -j ACCEPT
注意要加在最后一个COMMIT前
 
否则会出现错误
Redirecting to /bin/systemctl restart  iptables.service
Job for iptables.service failed. See 'systemctl status iptables.service' and 'journalctl -xn' for details.
 
 
基本用法
  •  查看本机iptables设置
iptables -L -n
 
  •  启用端口
iptables -A INPUT -p tcp --dport 8000 -j ACCEPT
 
  •  禁用端口
iptables -A INPUT -p tcp --dport 8000 -j REJECT
 
  •  清除规则
iptables -F   清除filter中的所有规则链的规则
iptables -X   清除filter中使用者自定链中的规则
 

Tags: 防火墙
评论(0) 阅读(1095)

fedora的firewall配置

2014年3月13日 14:16

iptables可以过滤数据包,属于网络层的防火墙。fedora中还有一层防火墙软件firewall。属于更高一层的防火墙,并且是动态防火墙,修改配置后,会自动生效,不需要重启。
可以控制服务,控制端口,设置安全区域,设置端口转发等功能。
 
配置工具
1. firewall-config 图形配置界面
2. firewall-cmd 命令行配置
 
firewall-cmd用法
启用端口
firewall-cmd [--zone=<zone>] --add-port=<port>[-<port>]/<protocol> [--timeout=<seconds>]
示例
firewall-cmd --add-port=8080/tcp
禁用端口
firewall-cmd [--zone=<zone>] --remove-port=<port>[-<port>]/<protocol>
示例
firewall-cmd --remove-port=8080/tcp
 
启用服务
firewall-cmd [--zone=<zone>] --add-service=<service> [--timeout=<seconds>]
示例
firewall-cmd --add-service=http
禁用服务
firewall-cmd [--zone=<zone>] --remove-service=<service>
示例
firewall-cmd --zone=home --remove-service=http
 
上面是临时配置,系统重启后会失效。
如果加上参数--permanent,就会永久配置,重启后依然有效。
 
 

 

Tags: fedora;firewall;防火墙
评论(0) 阅读(2098)

ssh在远程执行多个命令

2014年1月21日 11:18

执行单个命令

ssh wyq@135.32.9.98 'ps -ef |grep process.py'

在远程主机上执行命令"ps -ef |grep process.py",在本机就可以看到输出.

使用分号分隔,允许一次执行多个命令

ssh wyq@135.32.9.98 'cd ~/src; sh start.sh'

进入到~/src目录,然后执行脚本sh start.sh

 

评论(0) 阅读(3262)

yum更新initscripts和selinux失败

2014年1月20日 09:32

来源 http://stevenrosenberg.net/blog/linux/fedora/2014_0118_fedora_update_scriptlet_problem

最近在fedora20中用yum更新,会出现问题

[wyq@localhost ~]$ sudo yum -y  update
已加载插件:fastestmirror, langpacks, refresh-packagekit
Loading mirror speeds from cached hostfile
 * fedora: mirrors.yun-idc.com
 * fedora-sohu: mirrors.yun-idc.com
 * updates: mirrors.yun-idc.com
 * updates-sohu: mirrors.yun-idc.com
正在解决依赖关系
--> 正在检查事务
---> 软件包 initscripts.x86_64.0.9.50-1.fc20 将被 升级
---> 软件包 initscripts.x86_64.0.9.51-1.fc20 将被 更新
---> 软件包 selinux-policy-targeted.noarch.0.3.12.1-116.fc20 将被 升级
---> 软件包 selinux-policy-targeted.noarch.0.3.12.1-117.fc20 将被 更新
--> 解决依赖关系完成

依赖关系解决

================================================================================
 Package                     架构       版本                  源           大小
================================================================================
正在更新:
 initscripts                 x86_64     9.51-1.fc20           updates     414 k
 selinux-policy-targeted     noarch     3.12.1-117.fc20       updates     3.6 M

事务概要
================================================================================
升级  2 软件包

总下载量:4.0 M
Downloading packages:
Delta RPMs reduced 414 k of updates to 194 k (53% saved)
(1/2): initscripts-9.50-1.fc20_9.51-1.fc20.x86_64.drpm     | 194 kB   00:01     
(2/2): selinux-policy-targeted-3.12.1-117.fc20.noarch.rpm  | 3.6 MB   00:13     
--------------------------------------------------------------------------------
总计                                               253 kB/s | 3.8 MB  00:15     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
error: %pre(initscripts-9.51-1.fc20.x86_64) scriptlet failed, exit status 127
Error in PREIN scriptlet in rpm package initscripts-9.51-1.fc20.x86_64
error: initscripts-9.51-1.fc20.x86_64: install failed
error: %pre(selinux-policy-targeted-3.12.1-117.fc20.noarch) scriptlet failed, exit status 127
Error in PREIN scriptlet in rpm package selinux-policy-targeted-3.12.1-117.fc20.noarch
initscripts-9.50-1.fc20.x86_64 was supposed to be removed but is not!
  验证中      : initscripts-9.50-1.fc20.x86_64                              1/4 
  验证中      : selinux-policy-targeted-3.12.1-117.fc20.noarch              2/4 
selinux-policy-targeted-3.12.1-116.fc20.noarch was supposed to be removed but is not!
  验证中      : selinux-policy-targeted-3.12.1-116.fc20.noarch              3/4 
  验证中      : initscripts-9.51-1.fc20.x86_64                              4/4 

失败:
  initscripts.x86_64 0:9.50-1.fc20                                              
  initscripts.x86_64 0:9.51-1.fc20                                              
  selinux-policy-targeted.noarch 0:3.12.1-116.fc20                              
  selinux-policy-targeted.noarch 0:3.12.1-117.fc20 

需要关闭selinux

sudo setenforce 0 //临时关闭selinux

sudo yum -y update //此时再更新,即可

sudo setenforce 1 //开启selinux

评论(0) 阅读(930)

在用proxychains时, ping用不了怎么办

2014年1月16日 10:49

一般用ping来测试网络是否连通. 在用proxychains代理时,发现ping用不了
[wyq@localhost ~]$ proxychains ping 135.32.9.98
ProxyChains-3.1 (http://proxychains.sf.net)
ERROR: ld.so: object 'libproxychains.so.3' from LD_PRELOAD cannot be preloaded: ignored.
PING 135.32.9.98 (135.32.9.98) 56(84) bytes of data.
proxychains支持的是socks,http, https协议.它们以tcp或者udp协议为基础. 所以proxychains只支持使用tcp或udp协议的程序. ping用的是ICMP协议,不以tcp或udp为基础,所以用不了。
 
有其它办法吗?
以tcp或udp为基础,测试网络是否可用的工具,比较好用的有wget
[wyq@localhost ~]$ proxychains wget 135.32.9.98
ProxyChains-3.1 (http://proxychains.sf.net)
--2014-01-16 09:44:57--  http://135.32.9.98/
正在连接 135.32.9.98:80... |S-chain|-<>-192.168.1.115:1080-<><>-135.32.9.98:80-<--denied
失败:拒绝连接。
虽然提示拒绝连接,但是输出信息,已能说明网络连通了.
 
wget本身简单易用,在这种情况下,用来测试网络是否可用,还是比较适合的。
 

评论(0) 阅读(2099)