Computer/FreeBSD
をテンプレートにして作成
[
トップ
] [
新規
|
一覧
|
検索
|
最終更新
|
ヘルプ
]
開始行:
&size(24){&color(olive){''FreeBSD''};};
#topicpath
#ls2
#contents
#br
- http://www.freebsd.org/
- FreeBSD UTF-8化
- http://www.bugbearr.jp/?FreeBSD%2FUTF-8%E5%8C%96
- CIDR
- https://www.softel.co.jp/labs/tools/network/
*** 一行コメント [#a7df4b23]
//#comment(below,noname)
- ifconfig em0 media 100baseTx mediaopt full-duplex -- &new{2017-05-01 (月) 09:57:16};
- CPANはwww/p5-libwww -- &new{2016-07-25 (月) 21:47:23};
- /usr/local/bin/rsync -av --iconv=UTF-8,EUC-JP-MS --delete aaa:from bbb:to -- &new{2015-03-26 (木) 17:23:39};
- 引越しのmountには-o async,noatimeを渡すと転送が捗ります -- &new{2012-06-08 (金) 11:03:04};
- インストール後にboot selectorをインストールするには,# boot0cfg -B /dev/ada0 -- &new{2011-10-01 (土) 14:54:47};
- NTFSを日本語で # mount_ntfs -o ro -CEUC-JP /dev/ada1s2 /mnt -- &new{2011-07-28 (木) 22:30:26};
- setxkbmap -option "ctrl:swapcaps" -- &new{2010-09-26 (日) 10:35:52};
- emacsを立ち上げてM-x view-fileするとROでファイルが眺められる。 -- &new{2010-06-09 (水) 13:47:59};
-slogin -Y enables trusted X11 forwarding. -- &new{2009-11-01 (日) 20:48:55};
-xdletaはbinary diff -- &new{2005-09-13 16:38:13 (Tue)};
-chown -h hoge:hoge pon でシンボリックリンクの所有者変更 -- &new{2005-07-08 15:54:34 (Fri)};
-cp -d hoge でシンボリックリンクをシンボリックリンクのままコピー -- &new{2005-07-04 18:26:11 (Mon)};
- FreeBSD .DS_Store掃除
# find /opt -name .DS_Store -print -delete
*** Let's Encrypt [#h2cf6001]
- https://letsencrypt.org/
- FreeBSD 12とApache 2.4とcertbotでLet's Encrypt!
- https://decomo.info/wiki/freebsd/apache/freebsd_12_apache24_certbot
- https://decomo.info/wiki/freebsd/apache/freebsd_13_apache24_certbot
- https://certbot.eff.org/instructions?ws=apache&os=freebsd
- In order to automatically renew the certificates, add this line to /etc/periodic.conf:
weekly_certbot_enable="YES"
- More config details in the certbot periodic script:
/usr/local/etc/periodic/weekly/500.certbot-3.8
- VirtualHost環境でLet’s Encryptを導入
- https://hp.ofuton.org/305/
- Let's Encryptを利用してApache 2.4サーバをHTTPS化する
- https://qiita.com/ariaki/items/5680cb6da6223844af4e
- certbot
# certbot certonly --webroot -w /usr/local/www/apache24/data -d dataz.dyndns.info
Successfully received certificate.
Certificate is saved at: /usr/local/etc/letsencrypt/live/dataz.dyndns.info/fullchain.pem
Key is saved at: /usr/local/etc/letsencrypt/live/dataz.dyndns.info/privkey.pem
- Let’s Encryptの証明書をRSA方式で更新。
- https://manualmaton.com/2023/05/28/lets-encrypt%E3%81%AE%E8%A8%BC%E6%98%8E%E6%9B%B8%E3%82%92rsa%E6%96%B9%E5%BC%8F%E3%81%A7%E6%9B%B4%E6%96%B0%E3%80%82/
- certbot
# certbot certonly --webroot -w /usr/local/www/apache24/data -d dataz.dyndns.info --key-type rsa
*** coreutils [#qf26d1cb]
- pkg
pkg install coreutils
- 1年以内に更新されたフィイルをディレクトリ構造を保ってコピー
find mora -mtime -365 -type f -print0 | xargs -0 gcp --parents -t /home/hasebe/mora
*** pukiwiki-1.5.4 [#z99f351a]
- mod_php80
-- install
# pkg install gcc php80-session
# cd /usr/ports/www/mod_php80
# sh
# export CC=/usr/local/bin/gcc
# make install clean
# pkg lock mod_php80
# pkg info -D mod_php80
-- https://forums.freebsd.org/threads/apache24-with-mod_php82-wont-start-up.86779/page-2
- php-fpm
-- mod_php80 -> php-fpm
# pkg delete mod_php80 php80-session php80
# pkg install php81-session
-- /etc/rc.conf
php_fpm_enable="YES"
-- /usr/local/etc/php-fpm.d/www.conf
listen = 127.0.0.1:9000
-- /usr/local/etc/apache24/httpd.conf
LoadModule proxy_module libexec/apache24/mod_proxy.so
LoadModule proxy_fcgi_module libexec/apache24/mod_proxy_fcgi.so
<FilesMatch "\.php$">
SetHandler proxy:fcgi://127.0.0.1:9000
</FilesMatch>
-- start
# /usr/local/etc/rc.d/php-fpm start
# apachectl gfraceful
*** rsync [#j87d2826]
- iconv
# cd /usr/ports/converters/libiconv/
# make config
[x] ENCODINGS
[x] PATCHES
- rsync
# ce /usr/ports/net/rsync/
# make config
[x] ICONV
(*) FLAGS
- /usr/local/bin/rsync -av --iconv=UTF-8,EUC-JP-MS --delete aaa:from bbb:to
- lock
pkg lock rsync
pkg lock libiconv
*** SoftEther VPN [#g04cb34d]
- http://ja.softether.org/
- run
# vpnserver/vpnserver start
// # vpnbridge/vpnbridge start
# vpncmd/vpncmd
- vpncmd
> ServerPasswordSet
> UserCreate
> UserPasswordSet
> BridgeCreate
> IPsecEnable
- http://ytsrvlog.blogspot.jp/2014/04/softethervpn-2.html
- ports
To run softether vpn client from startup, add
softether_client_enable="YES" in your rc.conf.
To run softether vpn server from startup, add
softether_server_enable="YES" in your rc.conf.
To run softether vpn bridge from startup, add
softether_bridge_enable="YES" in your rc.conf.
Initial and further configuration of all softether services can be
done either by using a Windows client to connect to the running
services or by vpncmd from command line.
Please note client and bridge functionality is not fully
supported on FreeBSD right now.
When removing SoftEther VPN without the desire to reinstall, please
ensure to remove the directory /var/db/softether as well.
*** /usr/src [#w0263729]
- checkout
svnlite co svn://svn.freebsd.org/base/head /usr/src
svnlite co svn://svn.freebsd.org/base/stable/10 /usr/src
- リポジトリの確認
# svnlite info
Path: .
Working Copy Root Path: /usr/src
URL: svn://svn.freebsd.org/base/head
Relative URL: ^/head
Repository Root: svn://svn.freebsd.org/base
Repository UUID: ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Revision: 303551
Node Kind: directory
Schedule: normal
Last Changed Author: mav
Last Changed Rev: 303551
Last Changed Date: 2016-07-30 19:32:28 +0900 (Sat, 30 Jul 2016)
# svnlite info
Path: .
Working Copy Root Path: /usr/src
URL: svn://svn.freebsd.org/base/stable/10
Relative URL: ^/stable/10
Repository Root: svn://svn.freebsd.org/base
Repository UUID: ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Revision: 303537
Node Kind: directory
Schedule: normal
Last Changed Author: sbruno
Last Changed Rev: 303459
Last Changed Date: 2016-07-29 05:11:34 +0900 (Fri, 29 Jul 2016)
- リポジトリの変更
# svnlite switch --relocate svn://svn.freebsd.org/base/stable/10 svn://svn.freebsd.org/base/stable/11
*** samba4 [#la944902]
- rc.conf
#samba_enable="YES"
samba_server_enable="YES"
- smb.conf
# cp /usr/local/etc/smb.conf /usr/local/etc/smb4.conf
- いったんstart/stop
# /usr/local/etc/rc.d/samba_server start
# /usr/local/etc/rc.d/samba_server stop
- ユーザ移行
# cp /usr/local/etc/samba/* /var/db/samba4/private
- wsdd
# pkg install py39-wsdd
-- /etc/rc.local
wsdd_enable="YES"
-- Windows 10はNetBIOSをツカわず、Web Service Discoveryのみになった。
-- SMBクライアントがブラウジングリストに表示されない。
*** コンソール [#g3947393]
- vtを有効化
-- /boot/loader.conf
hw.vga.textmode=0
kern.vty=vt
- sc
-- モードの確認
# vidcontrol -i mode
-- 手動設定
# vidcontrol MODE_291
-- /etc/rc.conf
allscreens_flags="MODE_291"
*** avahi [#ebe62c3c]
- dbus
# cd /usr/ports/devel/dbus
# make config
- X11
# make install clean
- avahi
# cd /usr/ports/net/avahi
# make config
- AUTOIPD
- GTK
# make install clean
# vi /usr/local/etc/avahi/avahi-daemon.conf
host-name
domain-name
# vi /etc/nsswitch.conf
hosts: files mdns dns
- mdns
# portmaster dns/nss_mdns
*** screen [#ve1f719a]
- .screen
escape ^T^T
vbell off
startup_message off
defscrollback 1000
defhstatus "^En:^Et"
-- [[screenのススメ:http://www.dekaino.net/screen/]]
|~shortcut|~command|
|c-t S|split|
|c-t TAB|switch between split screens|
|c-t X|remove|
|c-t c-[|copy|
|c-t c-]|paste|
|SPACE|set start and end point in copy mode|
#br
-.bashrc
export PS1='\h\$ '
-.emacs
(setq inhibit-startup-message t)
(setq display-time-24hr-format t)
(display-time)
(setq column-number-mode t)
(global-set-key "\M-g" 'goto-line)
(set-input-mode nil nil t) ;// -nwのときaltをmetaに
;(tool-bar-mode 0) ; // -nwのときエラーになる todo
*** FreeBSDのお引っ越し [#od3221c6]
- パーティションスキーム作成
gpart create -s gpt ada1
- boot
gpart add -s 64K -t freebsd-boot ada1
- swap
# gpart add -s 4G -t freebsd-swap ada1
- /
gpart add -s 40G -t freebsd-ufs ada1
- /opt
gpart add -t freebsd-ufs ada1
- 確認
gpart show ada1
40 3907029088 ada1 GPT (1.8T)
40 128 1 freebsd-boot (64K)
168 8388608 2 freebsd-swap (4.0G)
8388776 83886080 3 freebsd-ufs (40G)
92274856 3814754264 4 freebsd-ufs (1.8T)
3907029120 8 - free - (4.0K)
- boot loader
gpart bootcode -b /boot/pmbr -p /boot/gptboot -i 1 ada1
- 初期化
newfs /dev/ada1p3
newfs /dev/ada1p4
- /仮マウント
mount /dev/ada1p3 /mnt
- /引っ越し
dump 0aLf - / | (cd /mnt && restore rf -)
- /optを仮マウント
mount /dev/ada1p4 /mnt/opt
- /opt引っ越し
dump 0aLf - /opt | (cd /mnt/opt && restore rf -)
*** HDD追加 [#v326a93a]
- パーティションスキーム作成
# gpart create -s gpt ada1
- パーティション作成
# gpart add -t freebsd-ufs ada1
- ファイルシステム作成
# newfs /dev/ada1p1
- パーティション削除
# gpart delete -i 1 ada1
- パーティションスキーム削除
# gpart destroy ada1
*** gmirror [#q2cedc4f]
- root FSもミラーリングできる。
- 単独HDD運用からミラーリングに変更できる。
- geom -- universal control utility for GEOM classes
- gmirror -- control utility for mirrored devices
- HDD1に普通にFreeBSDをインストールする。
# Device Mountpoint FStype Options Dump Pass#
/dev/ad6s1b none swap sw 0 0
/dev/ad6s1a / ufs rw 1 1
/dev/ad6s1d /opt ufs rw 2 2
- /boot/loader.conf
kern.geom.part.check_integrity="0" # workaround
geom_mirror_load="YES"
- ミラーリングデバイスをマウントするようにfstabを書き換える。
# Device Mountpoint FStype Options Dump Pass#
/dev/mirror/gm0s1b none swap sw 0 0
/dev/mirror/gm0s1a / ufs rw 1 1
/dev/mirror/gm0s1d /opt ufs rw 2 2
- FreeBSDインストールCDとFreeBSD LIVE FS CDを作る。
- FreeBSDインストールCDから起動して、fixitのshellに入る。
- HDD1をミラーリングに追加
# gmirror label -b round-robin gm0 ad6
- 再起動することを確認する。
- HDD2を接続して起動。
- HDD2をミラーリングに追加
# gmirror insert gm0 ad8
- gmirror status
Name Status Components
mirror/gm0 COMPLETE ad6
ad8
- HDDがクラッシュするとStatusがCOMPLETEでなくなる。
- なんと電源を落とさずにHDD交換できるらしい。
- やり方はクラッシュしたときに調べるということでヨシトシよう。
- 新規インストール
-- パーティション設定でshellを起動
kldload geom_mirror
gmirror label gm0 ada0
gpart create -s gpt mirror/gm0
gpart add -s 512k -a 4k -t freebsd-boot -l "boot" mirror/gm0
gpart add -s 100g -a 4k -t freebsd-ufs -l "root" mirror/gm0
gpart add -s 4g -a 4k -t freebsd-swap -l "swap" mirror/gm0
gpart add -s 1600g -a 4k -t freebsd-ufs -l "opt" mirror/gm0
gpart bootcode -b /boot/pmbr -p /boot/gptboot -i 1 mirror/gm0
newfs -j /dev/gpt/root
newfs -j /dev/gpt/opt
vi /tmp/bsdinstall_etc/fstab
/dev/gpt/root / ufs rw,noatime 1 1
/dev/gpt/swap none swap sw 0 0
/dev/gpt/opt /opt ufs rw,noatime 2 2
mount /dev/gpt/root /mnt
exit
-- リブート前にshellを起動
vi /boot/loader.conf
kern.cam.ada.0.quirks="1"
geom_mirror_load="YES"
-- リブート後HDD追加
gmirror inster gm0 ada1
*** pf [#vd4675bb]
- packet filteringはラストマッチングルールで、デフォルトはpass
- rc.conf
pf_enable="YES"
gateway_enable="YES"
- /etc/pf.conf
-- 変数定義
ext_if="xl0"
int_if="fxp0"
internal_net="192.168.0.0/24"
-- トラフィック成形
scrub in all
scrub out all random-id max-mss 1414
-- NAT
nat on $ext_if from $internal_net to any -> ($ext_if)
-- ポートフォワード
rdr on $ext_if proto tcp from any to port 1234 -> $gbx port 1234
-- UPnP
rdr-anchor "miniupnpd"
anchor "miniupnpd"
pass out on $int_if from any to 239.0.0.0/8 keep state
pass in on $int_if from any to 239.0.0.0/8 keep state
-- SMB
block on $ext_if proto {tcp, udp} from any to any port {137, 138, 139, 445}
*** mpd [#x0b879bf]
- mpd5
startup:
default:
load pppoe_client
pppoe_client:
create bundle static B1
set iface route default
set iface enable tcpmssfix
create link static L1 pppoe
set link action bundle B1
set link no acfcomp protocomp
set link disable pap
set link accept chap
set link max-redial 0
set link mtu 1454
set link mru 1454
set link keep-alive 10 60
set auth authname xxx
set ipcp yes vjcomp
set ipcp ranges 0.0.0.0/0 0.0.0.0/0
set pppoe iface fxp0
set pppoe service ""
open
*** WLAN STA [#qe5ab091]
- /etc/rc.local
ifconfig wlan0 create wlandev ath0 mode 11a country J5
wpa_supplicant -B -Dbsd -iwlan0 -c/etc/wpa_supplicant.conf
sleep 4
dhclient wlan0
または
- /etc/rc.conf
wlans_ath0="wlan0"
ifconfig_wlan0="WPA DHCP"
ifconfig_wlan0_ipv6="inet6 accept_rtadv"
- /etc/wpa_supplicant.conf
ctrl_interface=/var/run/wpa_supplicant
network={
ssid="AirPort5"
psk="1234123412345"
}
*** WLAN AP [#j1128eec]
- manual
# ifconfig wlan0 create wlandev ath0 wlanmode hostap mode 11na country J5
# ifconfig bridge0 create addm wlan0 addm fxp0 up
- /etc/hostapd.conf
nterface=wlan0
driver=bsd
ctrl_interface=/var/run/hostapd
ctrl_interface_group=wheel
ssid=aaa
country_code=JP
#ieee80211d=1
hw_mode=a
#channel=13
auth_algs=1
#wme_enabled=1
wpa=2
wpa_passphrase=1111111111111
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP
- /etc/rc.conf
create_args_wlan0="wlanmode hostap mode 11na country J5"
wlans_ath0="wlan0"
ifconfig_wlan0="channel 3:ht/40"
hostapd_enable="YES"
cloned_interfaces="bridge0"
ifconfig_bridge0="addm wlan0 addm fxp0 up"
*** WLAN monitor [#x6588084]
- manual
# ifconfig wlan0 create wlandev ath0 wlanmode monitor mode 11a country J5
- tcpdump
# ifconfig wlan0 channel 36
# tcpdump -i wlan0 -y IEEE802_11_RADIO -e
# tcpdump -i wlan0 -I -e
*** vtund Ethernet bridge [#q02230dd]
-loader.conf
if_bridge_load="YES"
if_tap_load="YES
-サーバ側 vtund.conf
options {
port 5000; # Listen on this port.
bindaddr { iface vr0; };
# Syslog facility
syslog daemon;
# Path to various programs
ppp /usr/sbin/pppd;
ifconfig /sbin/ifconfig;
route /sbin/route;
firewall /sbin/ipchains;
ip /sbin/ip;
}
# Default session options
default {
compress no; # Compression is off by default
speed 0; # By default maximum speed, NO shaping
}
# Ethernet example. Session 'lion'.
lion {
passwd aaaaaa; # Password
type ether; # Ethernet tunnel
device tap0; # Device tap0
proto udp; # UDP protocol
compress lzo:1; # LZO compression level 1
encrypt yes; # Encryption
stat yes; # Log connection statistic
keepalive yes; # Keep connection alive
up {
ifconfig "%% 192.168.0.2 netmask 0xffffff00";
ifconfig "bridge0 create";
ifconfig "bridge0 addm tap0 addm fxp0 up";
};
down {
ifconfig "bridge0 deletem tap0 deletem fxp0";
ifconfig "bridge0 down destroy";
ifconfig "%% delete down";
};
}
- クライアント側 vtund.conf
options {
port 5000; # Connect to this port.
timeout 60; # General timeout
# Path to various programs
ppp /usr/sbin/pppd;
ifconfig /sbin/ifconfig;
route /sbin/route;
firewall /sbin/ipchains;
ip /sbin/ip;
}
# Ethernet example. Session 'lion'.
lion {
passwd aaaaaa; # Password
type ether; # Ethernet tunnel
device tap0; # Device tap1
up {
ifconfig "%% 192.168.100.253 netmask 0xffffff00";
ifconfig "bridge0 create";
ifconfig "bridge0 addm tap0 addm fxp0 up";
};
down {
ifconfig "bridge0 deletem tap0 deletem fxp0";
ifconfig "bridge0 destroy";
ifconfig "%% delete down";
};
*** ISOイメージ [#j8e84933]
- mdconfig
# mdconfig -af hoge.iso
md0
# mount -t cd9660 /dev/md0 /mnt
# mdconfig -du md0
*** 録音 [#w86022f0]
- wavrec
#!/bin/sh
mixer =rec line rec 25
wavrec -s 48000 -M -t 900 RJ-`date "+%Y-%m-%d"`.wav
終了行:
&size(24){&color(olive){''FreeBSD''};};
#topicpath
#ls2
#contents
#br
- http://www.freebsd.org/
- FreeBSD UTF-8化
- http://www.bugbearr.jp/?FreeBSD%2FUTF-8%E5%8C%96
- CIDR
- https://www.softel.co.jp/labs/tools/network/
*** 一行コメント [#a7df4b23]
//#comment(below,noname)
- ifconfig em0 media 100baseTx mediaopt full-duplex -- &new{2017-05-01 (月) 09:57:16};
- CPANはwww/p5-libwww -- &new{2016-07-25 (月) 21:47:23};
- /usr/local/bin/rsync -av --iconv=UTF-8,EUC-JP-MS --delete aaa:from bbb:to -- &new{2015-03-26 (木) 17:23:39};
- 引越しのmountには-o async,noatimeを渡すと転送が捗ります -- &new{2012-06-08 (金) 11:03:04};
- インストール後にboot selectorをインストールするには,# boot0cfg -B /dev/ada0 -- &new{2011-10-01 (土) 14:54:47};
- NTFSを日本語で # mount_ntfs -o ro -CEUC-JP /dev/ada1s2 /mnt -- &new{2011-07-28 (木) 22:30:26};
- setxkbmap -option "ctrl:swapcaps" -- &new{2010-09-26 (日) 10:35:52};
- emacsを立ち上げてM-x view-fileするとROでファイルが眺められる。 -- &new{2010-06-09 (水) 13:47:59};
-slogin -Y enables trusted X11 forwarding. -- &new{2009-11-01 (日) 20:48:55};
-xdletaはbinary diff -- &new{2005-09-13 16:38:13 (Tue)};
-chown -h hoge:hoge pon でシンボリックリンクの所有者変更 -- &new{2005-07-08 15:54:34 (Fri)};
-cp -d hoge でシンボリックリンクをシンボリックリンクのままコピー -- &new{2005-07-04 18:26:11 (Mon)};
- FreeBSD .DS_Store掃除
# find /opt -name .DS_Store -print -delete
*** Let's Encrypt [#h2cf6001]
- https://letsencrypt.org/
- FreeBSD 12とApache 2.4とcertbotでLet's Encrypt!
- https://decomo.info/wiki/freebsd/apache/freebsd_12_apache24_certbot
- https://decomo.info/wiki/freebsd/apache/freebsd_13_apache24_certbot
- https://certbot.eff.org/instructions?ws=apache&os=freebsd
- In order to automatically renew the certificates, add this line to /etc/periodic.conf:
weekly_certbot_enable="YES"
- More config details in the certbot periodic script:
/usr/local/etc/periodic/weekly/500.certbot-3.8
- VirtualHost環境でLet’s Encryptを導入
- https://hp.ofuton.org/305/
- Let's Encryptを利用してApache 2.4サーバをHTTPS化する
- https://qiita.com/ariaki/items/5680cb6da6223844af4e
- certbot
# certbot certonly --webroot -w /usr/local/www/apache24/data -d dataz.dyndns.info
Successfully received certificate.
Certificate is saved at: /usr/local/etc/letsencrypt/live/dataz.dyndns.info/fullchain.pem
Key is saved at: /usr/local/etc/letsencrypt/live/dataz.dyndns.info/privkey.pem
- Let’s Encryptの証明書をRSA方式で更新。
- https://manualmaton.com/2023/05/28/lets-encrypt%E3%81%AE%E8%A8%BC%E6%98%8E%E6%9B%B8%E3%82%92rsa%E6%96%B9%E5%BC%8F%E3%81%A7%E6%9B%B4%E6%96%B0%E3%80%82/
- certbot
# certbot certonly --webroot -w /usr/local/www/apache24/data -d dataz.dyndns.info --key-type rsa
*** coreutils [#qf26d1cb]
- pkg
pkg install coreutils
- 1年以内に更新されたフィイルをディレクトリ構造を保ってコピー
find mora -mtime -365 -type f -print0 | xargs -0 gcp --parents -t /home/hasebe/mora
*** pukiwiki-1.5.4 [#z99f351a]
- mod_php80
-- install
# pkg install gcc php80-session
# cd /usr/ports/www/mod_php80
# sh
# export CC=/usr/local/bin/gcc
# make install clean
# pkg lock mod_php80
# pkg info -D mod_php80
-- https://forums.freebsd.org/threads/apache24-with-mod_php82-wont-start-up.86779/page-2
- php-fpm
-- mod_php80 -> php-fpm
# pkg delete mod_php80 php80-session php80
# pkg install php81-session
-- /etc/rc.conf
php_fpm_enable="YES"
-- /usr/local/etc/php-fpm.d/www.conf
listen = 127.0.0.1:9000
-- /usr/local/etc/apache24/httpd.conf
LoadModule proxy_module libexec/apache24/mod_proxy.so
LoadModule proxy_fcgi_module libexec/apache24/mod_proxy_fcgi.so
<FilesMatch "\.php$">
SetHandler proxy:fcgi://127.0.0.1:9000
</FilesMatch>
-- start
# /usr/local/etc/rc.d/php-fpm start
# apachectl gfraceful
*** rsync [#j87d2826]
- iconv
# cd /usr/ports/converters/libiconv/
# make config
[x] ENCODINGS
[x] PATCHES
- rsync
# ce /usr/ports/net/rsync/
# make config
[x] ICONV
(*) FLAGS
- /usr/local/bin/rsync -av --iconv=UTF-8,EUC-JP-MS --delete aaa:from bbb:to
- lock
pkg lock rsync
pkg lock libiconv
*** SoftEther VPN [#g04cb34d]
- http://ja.softether.org/
- run
# vpnserver/vpnserver start
// # vpnbridge/vpnbridge start
# vpncmd/vpncmd
- vpncmd
> ServerPasswordSet
> UserCreate
> UserPasswordSet
> BridgeCreate
> IPsecEnable
- http://ytsrvlog.blogspot.jp/2014/04/softethervpn-2.html
- ports
To run softether vpn client from startup, add
softether_client_enable="YES" in your rc.conf.
To run softether vpn server from startup, add
softether_server_enable="YES" in your rc.conf.
To run softether vpn bridge from startup, add
softether_bridge_enable="YES" in your rc.conf.
Initial and further configuration of all softether services can be
done either by using a Windows client to connect to the running
services or by vpncmd from command line.
Please note client and bridge functionality is not fully
supported on FreeBSD right now.
When removing SoftEther VPN without the desire to reinstall, please
ensure to remove the directory /var/db/softether as well.
*** /usr/src [#w0263729]
- checkout
svnlite co svn://svn.freebsd.org/base/head /usr/src
svnlite co svn://svn.freebsd.org/base/stable/10 /usr/src
- リポジトリの確認
# svnlite info
Path: .
Working Copy Root Path: /usr/src
URL: svn://svn.freebsd.org/base/head
Relative URL: ^/head
Repository Root: svn://svn.freebsd.org/base
Repository UUID: ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Revision: 303551
Node Kind: directory
Schedule: normal
Last Changed Author: mav
Last Changed Rev: 303551
Last Changed Date: 2016-07-30 19:32:28 +0900 (Sat, 30 Jul 2016)
# svnlite info
Path: .
Working Copy Root Path: /usr/src
URL: svn://svn.freebsd.org/base/stable/10
Relative URL: ^/stable/10
Repository Root: svn://svn.freebsd.org/base
Repository UUID: ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Revision: 303537
Node Kind: directory
Schedule: normal
Last Changed Author: sbruno
Last Changed Rev: 303459
Last Changed Date: 2016-07-29 05:11:34 +0900 (Fri, 29 Jul 2016)
- リポジトリの変更
# svnlite switch --relocate svn://svn.freebsd.org/base/stable/10 svn://svn.freebsd.org/base/stable/11
*** samba4 [#la944902]
- rc.conf
#samba_enable="YES"
samba_server_enable="YES"
- smb.conf
# cp /usr/local/etc/smb.conf /usr/local/etc/smb4.conf
- いったんstart/stop
# /usr/local/etc/rc.d/samba_server start
# /usr/local/etc/rc.d/samba_server stop
- ユーザ移行
# cp /usr/local/etc/samba/* /var/db/samba4/private
- wsdd
# pkg install py39-wsdd
-- /etc/rc.local
wsdd_enable="YES"
-- Windows 10はNetBIOSをツカわず、Web Service Discoveryのみになった。
-- SMBクライアントがブラウジングリストに表示されない。
*** コンソール [#g3947393]
- vtを有効化
-- /boot/loader.conf
hw.vga.textmode=0
kern.vty=vt
- sc
-- モードの確認
# vidcontrol -i mode
-- 手動設定
# vidcontrol MODE_291
-- /etc/rc.conf
allscreens_flags="MODE_291"
*** avahi [#ebe62c3c]
- dbus
# cd /usr/ports/devel/dbus
# make config
- X11
# make install clean
- avahi
# cd /usr/ports/net/avahi
# make config
- AUTOIPD
- GTK
# make install clean
# vi /usr/local/etc/avahi/avahi-daemon.conf
host-name
domain-name
# vi /etc/nsswitch.conf
hosts: files mdns dns
- mdns
# portmaster dns/nss_mdns
*** screen [#ve1f719a]
- .screen
escape ^T^T
vbell off
startup_message off
defscrollback 1000
defhstatus "^En:^Et"
-- [[screenのススメ:http://www.dekaino.net/screen/]]
|~shortcut|~command|
|c-t S|split|
|c-t TAB|switch between split screens|
|c-t X|remove|
|c-t c-[|copy|
|c-t c-]|paste|
|SPACE|set start and end point in copy mode|
#br
-.bashrc
export PS1='\h\$ '
-.emacs
(setq inhibit-startup-message t)
(setq display-time-24hr-format t)
(display-time)
(setq column-number-mode t)
(global-set-key "\M-g" 'goto-line)
(set-input-mode nil nil t) ;// -nwのときaltをmetaに
;(tool-bar-mode 0) ; // -nwのときエラーになる todo
*** FreeBSDのお引っ越し [#od3221c6]
- パーティションスキーム作成
gpart create -s gpt ada1
- boot
gpart add -s 64K -t freebsd-boot ada1
- swap
# gpart add -s 4G -t freebsd-swap ada1
- /
gpart add -s 40G -t freebsd-ufs ada1
- /opt
gpart add -t freebsd-ufs ada1
- 確認
gpart show ada1
40 3907029088 ada1 GPT (1.8T)
40 128 1 freebsd-boot (64K)
168 8388608 2 freebsd-swap (4.0G)
8388776 83886080 3 freebsd-ufs (40G)
92274856 3814754264 4 freebsd-ufs (1.8T)
3907029120 8 - free - (4.0K)
- boot loader
gpart bootcode -b /boot/pmbr -p /boot/gptboot -i 1 ada1
- 初期化
newfs /dev/ada1p3
newfs /dev/ada1p4
- /仮マウント
mount /dev/ada1p3 /mnt
- /引っ越し
dump 0aLf - / | (cd /mnt && restore rf -)
- /optを仮マウント
mount /dev/ada1p4 /mnt/opt
- /opt引っ越し
dump 0aLf - /opt | (cd /mnt/opt && restore rf -)
*** HDD追加 [#v326a93a]
- パーティションスキーム作成
# gpart create -s gpt ada1
- パーティション作成
# gpart add -t freebsd-ufs ada1
- ファイルシステム作成
# newfs /dev/ada1p1
- パーティション削除
# gpart delete -i 1 ada1
- パーティションスキーム削除
# gpart destroy ada1
*** gmirror [#q2cedc4f]
- root FSもミラーリングできる。
- 単独HDD運用からミラーリングに変更できる。
- geom -- universal control utility for GEOM classes
- gmirror -- control utility for mirrored devices
- HDD1に普通にFreeBSDをインストールする。
# Device Mountpoint FStype Options Dump Pass#
/dev/ad6s1b none swap sw 0 0
/dev/ad6s1a / ufs rw 1 1
/dev/ad6s1d /opt ufs rw 2 2
- /boot/loader.conf
kern.geom.part.check_integrity="0" # workaround
geom_mirror_load="YES"
- ミラーリングデバイスをマウントするようにfstabを書き換える。
# Device Mountpoint FStype Options Dump Pass#
/dev/mirror/gm0s1b none swap sw 0 0
/dev/mirror/gm0s1a / ufs rw 1 1
/dev/mirror/gm0s1d /opt ufs rw 2 2
- FreeBSDインストールCDとFreeBSD LIVE FS CDを作る。
- FreeBSDインストールCDから起動して、fixitのshellに入る。
- HDD1をミラーリングに追加
# gmirror label -b round-robin gm0 ad6
- 再起動することを確認する。
- HDD2を接続して起動。
- HDD2をミラーリングに追加
# gmirror insert gm0 ad8
- gmirror status
Name Status Components
mirror/gm0 COMPLETE ad6
ad8
- HDDがクラッシュするとStatusがCOMPLETEでなくなる。
- なんと電源を落とさずにHDD交換できるらしい。
- やり方はクラッシュしたときに調べるということでヨシトシよう。
- 新規インストール
-- パーティション設定でshellを起動
kldload geom_mirror
gmirror label gm0 ada0
gpart create -s gpt mirror/gm0
gpart add -s 512k -a 4k -t freebsd-boot -l "boot" mirror/gm0
gpart add -s 100g -a 4k -t freebsd-ufs -l "root" mirror/gm0
gpart add -s 4g -a 4k -t freebsd-swap -l "swap" mirror/gm0
gpart add -s 1600g -a 4k -t freebsd-ufs -l "opt" mirror/gm0
gpart bootcode -b /boot/pmbr -p /boot/gptboot -i 1 mirror/gm0
newfs -j /dev/gpt/root
newfs -j /dev/gpt/opt
vi /tmp/bsdinstall_etc/fstab
/dev/gpt/root / ufs rw,noatime 1 1
/dev/gpt/swap none swap sw 0 0
/dev/gpt/opt /opt ufs rw,noatime 2 2
mount /dev/gpt/root /mnt
exit
-- リブート前にshellを起動
vi /boot/loader.conf
kern.cam.ada.0.quirks="1"
geom_mirror_load="YES"
-- リブート後HDD追加
gmirror inster gm0 ada1
*** pf [#vd4675bb]
- packet filteringはラストマッチングルールで、デフォルトはpass
- rc.conf
pf_enable="YES"
gateway_enable="YES"
- /etc/pf.conf
-- 変数定義
ext_if="xl0"
int_if="fxp0"
internal_net="192.168.0.0/24"
-- トラフィック成形
scrub in all
scrub out all random-id max-mss 1414
-- NAT
nat on $ext_if from $internal_net to any -> ($ext_if)
-- ポートフォワード
rdr on $ext_if proto tcp from any to port 1234 -> $gbx port 1234
-- UPnP
rdr-anchor "miniupnpd"
anchor "miniupnpd"
pass out on $int_if from any to 239.0.0.0/8 keep state
pass in on $int_if from any to 239.0.0.0/8 keep state
-- SMB
block on $ext_if proto {tcp, udp} from any to any port {137, 138, 139, 445}
*** mpd [#x0b879bf]
- mpd5
startup:
default:
load pppoe_client
pppoe_client:
create bundle static B1
set iface route default
set iface enable tcpmssfix
create link static L1 pppoe
set link action bundle B1
set link no acfcomp protocomp
set link disable pap
set link accept chap
set link max-redial 0
set link mtu 1454
set link mru 1454
set link keep-alive 10 60
set auth authname xxx
set ipcp yes vjcomp
set ipcp ranges 0.0.0.0/0 0.0.0.0/0
set pppoe iface fxp0
set pppoe service ""
open
*** WLAN STA [#qe5ab091]
- /etc/rc.local
ifconfig wlan0 create wlandev ath0 mode 11a country J5
wpa_supplicant -B -Dbsd -iwlan0 -c/etc/wpa_supplicant.conf
sleep 4
dhclient wlan0
または
- /etc/rc.conf
wlans_ath0="wlan0"
ifconfig_wlan0="WPA DHCP"
ifconfig_wlan0_ipv6="inet6 accept_rtadv"
- /etc/wpa_supplicant.conf
ctrl_interface=/var/run/wpa_supplicant
network={
ssid="AirPort5"
psk="1234123412345"
}
*** WLAN AP [#j1128eec]
- manual
# ifconfig wlan0 create wlandev ath0 wlanmode hostap mode 11na country J5
# ifconfig bridge0 create addm wlan0 addm fxp0 up
- /etc/hostapd.conf
nterface=wlan0
driver=bsd
ctrl_interface=/var/run/hostapd
ctrl_interface_group=wheel
ssid=aaa
country_code=JP
#ieee80211d=1
hw_mode=a
#channel=13
auth_algs=1
#wme_enabled=1
wpa=2
wpa_passphrase=1111111111111
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP
- /etc/rc.conf
create_args_wlan0="wlanmode hostap mode 11na country J5"
wlans_ath0="wlan0"
ifconfig_wlan0="channel 3:ht/40"
hostapd_enable="YES"
cloned_interfaces="bridge0"
ifconfig_bridge0="addm wlan0 addm fxp0 up"
*** WLAN monitor [#x6588084]
- manual
# ifconfig wlan0 create wlandev ath0 wlanmode monitor mode 11a country J5
- tcpdump
# ifconfig wlan0 channel 36
# tcpdump -i wlan0 -y IEEE802_11_RADIO -e
# tcpdump -i wlan0 -I -e
*** vtund Ethernet bridge [#q02230dd]
-loader.conf
if_bridge_load="YES"
if_tap_load="YES
-サーバ側 vtund.conf
options {
port 5000; # Listen on this port.
bindaddr { iface vr0; };
# Syslog facility
syslog daemon;
# Path to various programs
ppp /usr/sbin/pppd;
ifconfig /sbin/ifconfig;
route /sbin/route;
firewall /sbin/ipchains;
ip /sbin/ip;
}
# Default session options
default {
compress no; # Compression is off by default
speed 0; # By default maximum speed, NO shaping
}
# Ethernet example. Session 'lion'.
lion {
passwd aaaaaa; # Password
type ether; # Ethernet tunnel
device tap0; # Device tap0
proto udp; # UDP protocol
compress lzo:1; # LZO compression level 1
encrypt yes; # Encryption
stat yes; # Log connection statistic
keepalive yes; # Keep connection alive
up {
ifconfig "%% 192.168.0.2 netmask 0xffffff00";
ifconfig "bridge0 create";
ifconfig "bridge0 addm tap0 addm fxp0 up";
};
down {
ifconfig "bridge0 deletem tap0 deletem fxp0";
ifconfig "bridge0 down destroy";
ifconfig "%% delete down";
};
}
- クライアント側 vtund.conf
options {
port 5000; # Connect to this port.
timeout 60; # General timeout
# Path to various programs
ppp /usr/sbin/pppd;
ifconfig /sbin/ifconfig;
route /sbin/route;
firewall /sbin/ipchains;
ip /sbin/ip;
}
# Ethernet example. Session 'lion'.
lion {
passwd aaaaaa; # Password
type ether; # Ethernet tunnel
device tap0; # Device tap1
up {
ifconfig "%% 192.168.100.253 netmask 0xffffff00";
ifconfig "bridge0 create";
ifconfig "bridge0 addm tap0 addm fxp0 up";
};
down {
ifconfig "bridge0 deletem tap0 deletem fxp0";
ifconfig "bridge0 destroy";
ifconfig "%% delete down";
};
*** ISOイメージ [#j8e84933]
- mdconfig
# mdconfig -af hoge.iso
md0
# mount -t cd9660 /dev/md0 /mnt
# mdconfig -du md0
*** 録音 [#w86022f0]
- wavrec
#!/bin/sh
mixer =rec line rec 25
wavrec -s 48000 -M -t 900 RJ-`date "+%Y-%m-%d"`.wav
ページ名:
![[PukiWiki]](image/logo_hwiki.png "[PukiWiki]"){kind=logo}
