Beruflich Dokumente
Kultur Dokumente
1 Server (
Lan)
4. Select Other
5. (6 Select Thailand 89:;:9<= T 5 >;<
? @A>;<)
6. Select No
7. Select Thailand
8. DEA Thailand
9. Select Atl+Shift
30. [\:;]9<?Q>;<)
31. R;P);DE=>;<) R CD : Select Continue R^_` Restart
32. 6E<a: Restart DE= Login 9= User Password [P`;= (
Lan 9DE=>;<))
33. 6E<a: Login 9= User Password [P`;=
# nano /etc/network/interfaces
auto eth0
iface eth0 inet static
address 192.168.0.100
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.1
# dns-* options are implemented by the resolvconf package, if
installed
dns-nameservers 192.168.0.1
# apt-get update
# apt-get -y upgrade
D:c ip_forward
Forward packet
! /etc/sysctl.conf
# nano /etc/sysctl.conf
<`[\@89 Restart
# nano /etc/modules
loop
lp
fuse
tun >>> $45
# modprobe tun
# nano /etc/rc.local
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.
exit 0
# nano /etc/default/chillispot
# /etc/default/chillispot
#
# Enable on system start?
# Change to 1 if you want it to be enabled.
# Please make sure you have configured chillispot first.
ENABLED=0 >>> +%?$,. ENABLED=1
#
# chillispot default configuration
CHILLICFG=/etc/chilli.conf
#
# daemon arguments
DAEMON_ARGS="--conf $CHILLICFG"
# nano /etc/chilli.conf
# cp /usr/share/doc/chillispot/firewall.iptables /etc/init.d/chilli.iptables
# chmod a+x /etc/init.d/chilli.iptables
# ln -s ../init.d/chilli.iptables /etc/rcS.d/S41chilli.iptables
# /etc/init.d/chilli.iptables
# /etc/init.d/chillispot restart
D:c File chilli.iptables R^_` SSH Rc[ eth1 9
# nano /etc/init.d/chilli.iptables
EXTIF="eth0"
INTIF="eth1"
# /etc/init.d/chilli.iptables
# /etc/init.d/chillispot restart
ChilliSpot Start R;P);DE= Notebook :<) Network = etc1
9 IP Address a: Server DE=
Restart Apache
# /etc/init.d/apache2 restart
; Database freeradius
# nano /etc/freeradius/sql.conf
sql {
# Database type
# Current supported are: rlm_sql_mysql, rlm_sql_postgresql,
# rlm_sql_iodbc, rlm_sql_oracle, rlm_sql_unixodbc, rlm_sql_freetds
driver = "rlm_sql_mysql"
# Connect info
server = "localhost"
login = "root"
password = "rootpass" >>> +%?$,. Password root $
# Database table configuration
radius_db = "radius"
# nano /etc/freeradius/clients.conf
# nano /etc/freeradius/users
#
#"John Doe" Cleartext-Password := "hello"
# Reply-Message = "Hello, %u"
#
# Dial user back and telnet to the default host for that port
#
# reboot
# /etc/init.d/freeradius stop
# freeradius -XXX -A
# /etc/init.d/freeradius start
# nano /etc/freeradius/radiusd.conf
>>> .?.
w / See "Authorization Queries" in sql.conf
#
# Look in an SQL database. The schema of the database
# is meant to mirror the "users" file.
#
# See "Authorization Queries" in sql.conf
# sql >>> +%?$,. sql (# $ %)
# /etc/init.d/freeradius restart
# nano /etc/freeradius/sql.conf
#
# Set to 'yes' to read radius clients from the database ('nas' table)
#readclients = yes >>> +%?$,. readclients = yes (# $ %)
}
# nano /etc/freeradius/radiusd.conf
>>> .?.
w / See "Accounting queries" in sql.conf
#
# Instead of sending the query to the SQL server,
# write it into a log file.
>>> .?.
w / See "Authentication Logging Queries" in sql.conf
#
# Instead of sending the query to the SQL server,
# write it into a log file.
# /etc/init.d/freeradius restart
; Certificate
# mkdir /etc/apache2/ssl
; Certificate
# /etc/init.d/apache2 force-reload
; virtualhost = Link SSL
# nano /etc/apache2/sites-available/hotspot
# /etc/init.d/apache2 reload
Open Port
# nano /etc/apache2/ports.conf
#Listen 80
#
#<IfModule mod_ssl.c>
# Listen 443
#</IfModule>
Listen 192.168.3.1:80 >>> +%?$,. IP eth1 Server
Listen 192.168.3.1:443 >>> +%?$,. IP eth1 Server
# nano /etc/apache2/sites-available/default
DocumentRoot /var/www/
<Directory />
Options FollowSymLinks
AllowOverride None
# nano /etc/apache2/apache2.conf
# nano /etc/hosts
127.0.0.1 localhost
192.168.0.100 THAIEN-HOTSPOT >>> +%?$,. 192.168.3.1 THAIEN-
HOTSPOT
# /etc/init.d/apache2 restart
Restart Apache
# /etc/init.d/apache2 restart
9. " /?. %
login hotspot http://google.co.th
10. " / % Internet
"* User Password
$
(User == test Password == secret)
]9<? ezradius
Config ezradius
% . .
G
(/. &# radius %.% .
.(/
"*?#5%
Tool > Config editor
:;R^]` group
?$#G %&,$#*.(/
Attribute : Simultaneous-Use G % login @ .%..
.
$ .?%#.w
Logig @ .%..(/ "..
w ?
Perator : :=+#( Value : 1 (?% %@ .%."? Value : 0)
'%.w.$$45
Attribute ?%# teacher %."%.(/
$#
. w 5
(18000 .) ?#'% login ? redirect ,*$/
http://www.srp.ac.th
:;a<9:; user
User Online
?/"& ,''/. user (. *&/
"*,
View > Online users
'(""&,
****6R6g ezRadius ****
# nano /etc/init.d/chillispot
PIDFILE=/var/run/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
# nano /etc/chilli.conf
# TAG: macsuffix
# Suffix to add to MAC address in order to form the username.
# Normally you do not need to uncomment this tag.
#macsuffix suffix
# /etc/init.d/chillispot restart
9{:;(L@c User @6E<
$5
.5"w squid ?/?.
$%/ cache +#( sarg *.%..
?.$/
# nano /etc/squid/squid.conf
"*?+%".w
http_port 3128
#cache_mem 8 MB
#cache_dir ufs /var/spool/squid 100 16 256
#acl our_networks src 192.168.2.0/24
#http_access allow our_networks
access.log /path/access.log squid
#emulate_httpd_log off
<`;P;[ squid
# /etc/init.d/squid restart
'%.w.? user $. proxy .(/
"*,+%
# chilli.iptables
# nano /etc/init.d/chilli.iptables
# nano /etc/init.d/chilli.iptables
# nano /etc/squid/squid.conf
<`;P;[ squid
# /etc/init.d/squid restart
<`(6 transparent [\@
# /etc/init.d/chilli.iptables
# tail /var/log/squid/access.log -f
Ctrl+c %
:;9{;@c SARG (Squid report)
# sarg
'%.w.%$"&*.%$/"$#*/
"*"&'% IE "$#
"*454 http://192.168.3.1/squid-reports
# nano /etc/crontab
# nano /etc/logrotate.d/squid
/var/log/squid/access.log {
daily
compress
delaycompress
rotate 2
missingok
nocreate
sharedscripts
# prerotate
# test ! -x /usr/sbin/sarg-maint || /usr/sbin/sarg-maint
# endscript
# postrotate
# test ! -e /var/run/squid.pid || /usr/sbin/squid -k rotate
# endscript
}
>>> +%$,.
/var/log/squid/access.log /var/log/squid/store.log {
daily
compress
# delaycompress
rotate 1
missingok
nocreate
sharedscripts
# prerotate
# test ! -x /usr/sbin/sarg-maint || /usr/sbin/sarg-maint
# endscript
# postrotate
# test ! -e /var/run/squid.pid || /usr/sbin/squid -k rotate
# endscript
}
>>> $45
/var/log/squid/cache.log {
weekly
compress
rotate 2
missingok
nocreate
sharedscripts
}
# nano /etc/freeradius/radiusd.conf
detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d
>>> +%?$,.
detailfile = ${radacctdir}/%{Client-IP-Address}/details
# nano /etc/logrotate.d/freeradius
/var/log/freeradius/*.log {
weekly
rotate 52
compress
notifempty
}
>>> +%$,.
/var/log/freeradius/radacct/127.0.0.1/details {
daily
compress
rotate 1
missingok
notifempty
}
# /etc/init.d/freeradius restart
# /etc/cron.daily/logrotate
(@[P`@P?W9; folder /home/LOG =DE=@A>;<) (>;[P`<;RQ@ :k
;@P?RE
# mkdir /home/LOG
# nano /home/changeaccess.sh
#!/bin/sh
timeaccess=`date +%Y-%m-%d`
cp /var/log/squid/access.log.1.gz /home/LOG/$timeaccess-access.log.gz
cp /var/log/squid/store.log.1.gz /home/LOG/$timeaccess-store.log.gz
cp /var/log/freeradius/radacct/127.0.0.1/details.1.gz
/home/LOG/$timeaccess-freeradius.log.gz
# chmod +x /home/changeaccess.sh
R=EaAR;P:(L
# cd /home
# ./changeaccess.sh
# nano /etc/crontab
# nano /home/clearlog.sh
rm /var/log/freeradius/radutmp
rm /var/log/freeradius/radwtmp
touch /var/log/freeradius/radutmp
touch /var/log/freeradius/radwtmp
chown freerad:freerad /var/log/freeradius/radutmp
chown freerad:freerad /var/log/freeradius/radwtmp
+% permittion
$#.
# cd /home
# ./clearlog.sh
# mii-tool
# du –sh /var/spool/squid
]9<? bandwidthd D[@ sarg (@ ubuntu
# nano /etc/apache2/apache2.conf
# /etc/init.d/apache2 restart
# nano /etc/bandwidthd/bandwidthd.conf
meta_refresh 150
# bandwidthd
# /etc/init.d/bandwidthd restart
9{WE6@R=)RE>;<) http://192.168.3.1/bandwidthd
<? crontab (6 bandwidthd <^R9[c{E[g:=<@@ R[P>_@ 5@[P
# nano /etc/crontab
#
#sarg squid report
00 * * * root /usr/bin/sarg
#bandwidthd
50 * * * root /usr/bin/bandwidt
#Shut Down
10 0 * * * root shutdown -h now
# cd /tmp/
# wget http://downloads.sourceforge.net/phpsyslogviewer/phpsyslogviewer-7.2.1.tar.bz2
]9<?8Q;D:; bzip2 9=>\<` <{(@ /tmp/ @A>;<)
# wget
http://jaist.dl.sourceforge.net/sourceforge/phpsyslogviewer/speedupd-
7.3.2.tar.bz2
# cd phpsyslogviewer-7.2.1
2. $& mysql "*
mysql -u root -p +#, .?. root
# mysql -u root -p
mysql> exit;
# nano install/newuser.sql.php
// 02110-1301, USA.
// -------------------------------------------------------------------
// -------------------------------------------------------------------
Save DE= Exit 9RE
*****User DEA Password r?\:<@
# php install/newuser.sql.php
# cp -R htdocs /var/www/phpsyslogviewer
+%# .%G /var/www/phpsyslogviewer/config.php $4G
%?."
$%
*%/. &#".w
# nano /var/www/phpsyslogviewer/config.php
>>> +%$,.
# dpkg-buildpackage –rfakeroot
..w$'("+4$%'(%&# debian G
speedupd_7.3.0_i386.deb (?/ 64
bit OS '(G
speedupd_7.3.0_amd64.deb) ?5"w+4$%'+#(%?."?%/
# speedupd.conf".w
# cd ..
# ls
# dpkg -i speedupd_7.3.0_i386.deb
D:c Config speedupd
# nano /etc/speedupd.conf
dbusername = syslog
dbpassword = syslog
dbhostname = localhost
dbdatabase = syslog
>>> +%$,.
dbusername = root
dbpassword = mysqlroot
dbhostname = localhost
dbdatabase = syslogng
# /etc/init.d/speedupd start
QRQ@:;:\6@9> syslog-ng
# nano /etc/syslog-ng/syslog-ng.conf
***options
options {
recv_time_zone (+07:00);
send_time_zone (+07:00);
sync (0);
time_reopen (100);
log_fifo_size (1000);
long_hostnames (off);
use_dns (no);
use_fqdn (no);
create_dirs (yes);
chain_hostnames(yes);
keep_hostname (yes);
};
***source
source s_sys {
file ("/proc/kmsg" log_prefix("kernel: "));
unix-stream ("/dev/log");
internal();
udp(ip(0.0.0.0) port(514));
tcp(ip(0.0.0.0) port(514) keep-alive(yes));
};
***destination
destination d_mysql {pipe("/var/log/mysql.pipe" template("INSERT
INTO logs (host, facility, priority, level, tag, datetime, program, msg)
VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG',
'$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC', '$PROGRAM', '$MSG'
);\n") template-escape(yes));
};
***filter
filter f_kernel { facility (kern); };
filter f_messages { level(info..emerg) and not (facility(mail) or
facility(authpriv) or facility(cron)); };
***log
log {source(s_sys); filter(f_messages); destination(d_mysql); };
log {source(s_sys); filter(f_kernel); destination(d_mysql); };
# nano syslog2mysql.sh
#!/bin/bash
if [ ! -e /var/log/mysql.pipe ]
then
mkfifo /var/log/mysql.pipe
fi
while [ -e /var/log/mysql.pipe ]
do
mysql -u root --password=radius syslogng < /var/log/mysql.pipe >/dev/null
done
[\:;RQEP`@][}]wE DE=;<@>\<`Q@P?
# chmod +x syslog2mysql.sh
# ./syslog2mysql.sh &
# /etc/init.d/syslog-ng start
****6R6g****
a::;]9<? phpsyslogviewer DE= phpsyslogviewer PD log
Start,stop c Syslog-ng R[@<?@
:;>a: squid Q< syslog
# nano /etc/init.d/rc.capture
#!/bin/bash
tail -F /var/log/squid/access.log | logger -t squid -p user.info &
tail -F /var/log/freeradius/radacct/127.0.0.1/details | logger -t radiusd -p
user.info &
a:@<?@<`(6;O;<@9DEA;E]> (6[\@[g:>;<?6E<RQ9R>;_`
# ln -s /etc/init.d/rc.capture /etc/rcS.d/S88rccapture
<`(6 rc.capture [\@
# /etc/init.d/rc.capture
;=a) syslog
# tail -f /var/log/syslog
[9E(L@ Internet
]9<? webmin
# cd /var
# cd webmin-1.480
# sh setup.sh
:;[\@c Samba aA[\@{)@ Port 137,138 DEA 139
* 137 Name Service : SMB '( port .w .%G
$G
45$ "* %
/ package UDP (User Datagram Protocol) (
"* IP $*)
* 138 Datagram Service : SMB '( port .w.% Browse ?G $G
# nano /etc/init.d/chilli.iptables
cD9>=@<)O_
=]g[}] :;AR:g