Jump to content
新域网络技术论坛

Jamers

论坛管理员
  • Content Count

    232
  • Joined

  • Last visited

Everything posted by Jamers

  1. 在linux环境下,可以直接使用 composer install这样的操作,但是在windows里不能这么调用,必须使用 x:\php\php.exe x:\...\composer.phar install这样的操作方式,是不是感觉到太麻烦了?用这个脚本吧。 把这个文件composer.bat和composer.phar放在同一个目录下,然后设置一下自动搜索PATH,包含PHP的路径以及新增的这个目录(可以同时放到同一个目录下)。 @echo off php.exe %~dp0composer.phar %1 %2 %3 %4 %5 %6 %7 %8 %9 然后你就可以在命令行下的任何目录直接调用composer install之类的操作了。
  2. $where 使用示例: db.test.find({ "detail.test": {$nin:[null],$exists: true}, $where: function() { var ret = false; for(var curr in this.detail.test) { //print(this.detail.test[curr].nums); if (this.detail.test[curr].nums >= 100) { ret = true; break; } } return ret; } }); 以上仅为演示使用$where的方式,上面的功能推荐用子元素匹配处理,上面的效率太低了 db.test.find({ 'detail.test': { '$elemMatch': {'nums': {'$gte': 100}} }, } 查看print输出日志需要到服务器上直接查看日志,不推荐打开日志 tail -f /var/db/mongodb/mongod.log
  3. 试想一个场景: 自己Push了一个Commit后,后续有其他人也相继Push了相应的代码到Git库里,结果你发现自己的代码里的敏感信息,这时候怎么处理? 以下是测试过的处理方式: 进入git bash界面,到指定目录 git log 找到自己提交的前一个commit的hash值 git rebase -i hash 把自己的 pick own_hash 改成 drop own_hash 保存退出 git push origin HEAD --force 然后就一切正常啦 git log 查看一下
  4. 顺便把安装方式也一并添加一下吧。 报错如下: Warning: Invalid argument supplied for foreach() in Command.php on line 249 Warning: Invalid argument supplied for foreach() in /usr/local/share/pear/PEAR/Command.php on line 249 curl -O http://pear.php.net/go-pear.phar php go-pear.phar 一般安装在: /usr/local/bin/pecl ee `which pecl` 到最后一行,把-n 去掉就可以了。
  5. 啥也不说了,看代码片断 <a :href="['/demo.html?id='+item.id]" v-if="item.id">保单</a>
  6. 代理,我要代理 cd /usr/ports/www/squid make install clean #要身份验证,把mysql模块选上 cd /usr/ports/databases/p5-DBD-mysql/ make install clean # # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS # visible_hostname localhost auth_param basic program /usr/local/libexec/squid/basic_db_auth \ --dsn "DBI:mysql:host=localhost;port=3306;database=squid" \ --user squid --password squid --plaintext --persist auth_param basic children 5 auth_param basic realm Web-Proxy auth_param basic credentialsttl 1 minute auth_param basic casesensitive off acl db-auth proxy_auth REQUIRED http_access allow db-auth #http_port 3128 https_port 443 cert=/etc/ssl/squid.crt key=/etc/ssl/squid.key request_header_access Via deny all request_header_access X-Forwarded-For deny all request_header_access All allow all reply_header_access Server deny all reply_header_access X-Cache deny all reply_header_access X-Cache-Lookup deny all reply_header_access Warning deny all reply_header_access Expires deny all reply_header_access Cache-Control deny all reply_header_access age deny all #证书最好用正式签发的,因为访问代理服务器的时候需要使用与证书一致的域名进行访问 cd /etc/ssl openssl req -new -sha256 -keyout squid.key -nodes -x509 -days 3650 -out squid.crt openssl req -new -sha512 > squid.csr 密码:qqbx.cn openssl rsa -in privkey.pem -out squid.key openssl x509 -in squid.csr -out squid.crt -req -signkey squid.key -days 3650
  7. 很多情况下,用户频繁请求文件,会带走很多流量,其实有的时候根本没必要请求,怎么办呢?通过rewrite把所有的请求集中管理起来,判断有没有缓存,没缓存强制设置缓存,另外检查本地修改时间,如果已经修改直接更新,就是不知道上传到服务器上去的文件修改时间会不会一起改变,待测试! /* RewriteEngine on #RewriteBase /Test/ RewriteCond %{REQUEST_FILENAME} ^.*?\.(css|js|jpg|png)$ RewriteRule ^(.*)$ p304.php/$1 [QSA,PT,L] */ //静态文件尝试使用304方式优化 //缓存时间10年 $cache_time = 315360000; $root = $_SERVER['DOCUMENT_ROOT']; $file = $_SERVER['REQUEST_URI']; if (isset($_SERVER['REDIRECT_URL'])) { $file = $_SERVER['REDIRECT_URL']; }else{ $f = explode('?',$file); $file = $f[0]; } if (file_exists($root.$file)) { $is304 = false; if (isset($_SERVER["HTTP_IF_MODIFIED_SINCE"])) { $lt = strtotime($_SERVER["HTTP_IF_MODIFIED_SINCE"]); $ft = filemtime($root.$file); if ($ft <= $lt) $is304 = true; } if ($is304) { header($_SERVER["SERVER_PROTOCOL"].' 304 Not Modified'); header("Cache-Control: max-age=$cache_time"); }else{ header("Last-Modified: " . gmdate("D, d M Y H:i:s", time()) . " GMT"); header("Expires: " . gmdate("D, d M Y H:i:s", time() + $cache_time) . " GMT"); header("Cache-Control: max-age=$cache_time"); echo(file_get_contents($root . $file)); } }else{ header($_SERVER["SERVER_PROTOCOL"].' 404 Not Found'); }
  8. 使用FREEBSD的时候,使用SSH方式进行git操作的时候就经常30秒左右才有反应。经过ssh -v ip分析一直Dnslookup时候等回应,默认超时时间应该是30秒,所以就在这个环节等待30秒后继续处理后续动作,所以就慢了。 找到原因了,就去处理吧,首先,我们连接git服务器的时候是作为客户端的,所以sshd_config是不需要处理的。 ee /etc/ssh/ssh_config #把下列参数设置上就OK了 VerifyHostKeyDNS no 这个参数就是说不较验服务器DNS,设置完成后再去git操作时就快如闪电了。
  9. CI_ENV设置用以切换不同的配置文件。 apache httpd.conf下面添加,可选参数:development,testing,production <IfModule env_module> SetEnv CI_ENV development </IfModule>
  10. 今天把codeigniter升级到3.1.8,所有配置文件都看过了,就是使用 xxxx.xx/index.php/welcome 直接显示404,然后打印$_SERVER变量中发现居然没有PATH_INFO,然后开始漫长的搜索。 最后处理结果: 在apache的配置文件中目录配置中,添加下列语句: AcceptPathInfo On 然后重启Apache,就可以了。。唉。。。
  11. webp是Google 2010年推出的新图像格式,到目前为止也只有Google自己支持。它的优势也非常明显。 目前只有一半左右的浏览器支持,我们想使用这个图片格式还是得费一番功夫,首先判断浏览器是否支持这个格式,如果支持直接使用webp,如果不支持使用传统的图片格式。 判断方式有两种方式: 一、通过浏览器请求头进行判断,Accept 中是否包含 image/webp ,如果包含就是支持,否则就是不支持,这里切换文件也相对比较方便,即使客户端关闭JS也不会有影响,推荐使用此模式进行处理。 二、用JS进行前端判断,然后前端用js切换图片。 alert(support.webp2);即可 /** * 检测浏览器是否支持webp格式(异步方式) * @param callback */ var support = {}; checkWebpAsync = function(callback) { if (support.webp2 === undefined) { var img = new Image(); var tid = setTimeout(function(){ support.webp2 = false; callback && callback(support.webp2,true); img.onload = img.onerror = null; img = null; },500); img.onload = img.onerror = function() { clearTimeout(tid); support.webp2 = img.width === 2 && img.height === 2; callback && callback(support.webp2,false); }; img.src = "data:image/webp;base64,UklGRjoAAABXRUJQVlA4IC4AAACyAgCdASoCAAIALmk0mk0iIiIiIgBoSygABc6WWgAA/veff/oPP8bA//LwYAAA"; }else{ callback && callback(support.webp2); } } checkWebpAsync();
  12. .vmoptions文件最后加上: -Dawt.usesystemAAFontSettings=lcd -Dawt.java2d.opengl=true 以开启JDK的硬件加速功能.
  13. 数组快速旋转代码: #顺时针旋转二维数组 def r_rotate(self, matrix): """ :type matrix: List[List[int]] :rtype: void Do not return anything, modify matrix in-place instead. """ matrix[:] = map(list, zip(*matrix[::-1])) # 逆时针旋转二维数组 def l_rotate(self, matrix): """ :type matrix: List[List[int]] :rtype: void Do not return anything, modify matrix in-place instead. """ matrix[:] = map(list, zip(*matrix))[::-1] def disp(self, matrix): for i in matrix: print(i) print('='*10)
  14. 一个简单的封装,自行安装hashlib,hashlib中有一些函数定义的,但实际使用起来比较麻烦,特意用这个来尝试使用Class封装一下。 封装文件:tools.py # -*- Coding: UTF-8 -*- import hashlib class tools: def md5(self, str): return hashlib.md5(str).hexdigest() def sha1(self, str): return hashlib.sha1(str).hexdigest() def sha512(self, str): return hashlib.sha512(str).hexdigest() if __name__ == '__main__': t = tools() print t.md5('admin') 正常情况,我们可以在命令行测试一下:python tools.py 会显示'admin'的MD5值,简单封装完成了,调用吧 调用文件demo.py #!/usr/local/bin/python # -*- Coding: UTF-8 -*- import sys from tools import * str = 'admin' if len(sys.argv)>1: str = "" for i in range(1, len(sys.argv)): str += sys.argv[i]+' ' t = tools() print('Str: %s,Md5: %s' % (str, t.md5(str))) print('Str: %s,Sha1: %s' % (str, t.sha1(str))) print('Str: %s,sha512: %s' % (str, t.sha512(str)))
  15. 数学算法原理: 三点一线判定: 1. 三个点x轴或y轴一致,True 2. 任意两条线的斜率一致,True, (x1-x2)/(y1-y2) == (x1-x3)/(y1-y3)
  16. 由于系统没字体,所以没使用中文的title # -*- coding: UTF-8 -*- import matplotlib.pyplot as plt from matplotlib.font_manager import FontProperties x = [[0], [1], [2]] y = [[0], [1], [2]] if ((x[0][0] == x[1][0] and x[0][0] == x[2][0]) or (y[0][0] == y[1][0] and y[0][0] == y[2][0]) or ((x[0][0]-x[1][0])/(y[0][0]-y[1][0]) == (x[0][0]-x[2][0])/(y[0][0]-y[2][0]))): online = True else: online = False #title = u'三点是否在一条直线上?:'+str(online) title = 'Is the three point in a straight line? '+str(online) plt.figure() plt.title(title) plt.xlabel('x') plt.ylabel('y') plt.axis([-2, 10, -2, 10]) plt.grid(True) plt.plot(x, y, 'k.') plt.plot(x, y, 'g-') plt.show()
  17. 用了python自己的http服务,速度明显快了,同样的请求,差不多200ms就可以完成了。 # -*- coding: UTF-8 -*- import tornado.httpserver import tornado.ioloop import tornado.options import tornado.web import jieba import json from tornado.options import define, options define("port", default=8000, help="run on the given port", type=int) class IndexHandler(tornado.web.RequestHandler): def get(self): sstr = self.get_argument('str', '') self.set_header("Content-Type", "application/json;charset:UTF-8") self.write(self.jjcut(sstr)) def post(self): sstr = self.get_argument('str',"") self.set_header("Content-Type", "application/json;charset:UTF-8") self.write(self.jjcut(sstr)) def jjcut(self,sstr=""): if (sstr == ''): sstr = '他来到了天安门广场' t = "jieba V" + jieba.__version__ out = {"TITLE": t} seg_list = jieba.cut(sstr, cut_all=True) # print("Full Mode: " + "/ ".join(seg_list)) # 全模式 out['FULL'] = "||".join(seg_list) seg_list = jieba.cut(sstr, cut_all=False) # print("Default Mode: " + "/ ".join(seg_list)) # 精确模式 out['DEF'] = "||".join(seg_list) # seg_list = jieba.cut(str) # 默认是精确模式 # print(", ".join(seg_list)) seg_list = jieba.cut_for_search(sstr) # 搜索引擎模式 # print(", ".join(seg_list)) out['SEARCH'] = "||".join(seg_list) return json.dumps(out) if __name__ == "__main__": tornado.options.parse_command_line() app = tornado.web.Application(handlers=[(r"/", IndexHandler)]) http_server = tornado.httpserver.HTTPServer(app) http_server.listen(options.port) tornado.ioloop.IOLoop.instance().start()
  18. python里有个结巴分词工具,看着还不错,我们PHP上能够尝试用它么? 先来分词py脚本 : # -*- coding: UTF-8 -*- import sys import jieba import json str = "" for i in range(1, len(sys.argv)): str += sys.argv[i]+' ' if (str == ""): str = "他来到了网易杭研大厦" t = "jieba V"+jieba.__version__ out = {"TITLE":t} seg_list = jieba.cut(str, cut_all=True) #print("Full Mode: " + "/ ".join(seg_list)) # 全模式 out['FULL'] = "||".join(seg_list) seg_list = jieba.cut(str, cut_all=False) #print("Default Mode: " + "/ ".join(seg_list)) # 精确模式 out['DEF'] = "||".join(seg_list) #seg_list = jieba.cut(str) # 默认是精确模式 #print(", ".join(seg_list)) seg_list = jieba.cut_for_search(str) # 搜索引擎模式 #print(", ".join(seg_list)) out['SEARCH'] = "||".join(seg_list) print json.dumps(out) 再来PHP脚本: <?php //路径请自行定义 $script = '/usr/local/www/apache24/data/py/tst.py'; $str = "我家住在黄土高坡"; if (isset($_REQUEST['str'])) $str = $_REQUEST['str']; header('Content-Type:application/json;charset:UTF-8'); system("python {$script} {$str}"); 现在只有一个问题,运行速度有点慢,同样的文字,python端只需要0.2秒,但PHP请求需要2-3秒。。看样子后续还是要改成直接用python返回相应请求。
  19. 之前一直用PHPED的断点调试功能,它是采用的PHPDBG,没有合适的远程调试IDE。前期也一直在使用PHPStorm,与PHPED的大部分功能都很相像。当时唯一没搞出来的就是断点调试,经过一番摸索终于实现了。PHPStorm与PHPED相比的优点有以下几点: 1. 风格多变,可以有很多种不同类型的风格切换,虽然PHPED也有,但是变化不如它多,当然这也不是一个多大的优势 2. 支持其他扩展名解析为PHP文件(PHPED中不能实现) 3. 自带格式化代码功能,包括json/PHP/xml/html……(PHPED中需要用插件才能实现,并且不能同步这么多) 与PHPED相比感觉不如意的地方: 1. 代码提示中注释部分一直没有PHPED人性化 2. 各种配置较多,不如PHPED容易使用(也不能算什么缺点吧,毕竟功能多) 好了废话不多说了,两种情况,一种Windows,php.ini 配置文件如下: [Xdebug] zend_extension="F:\PHP\ext\php_xdebug-2.5.5-5.6-vc11-x86_64.dll" xdebug.profiler_enable=on xdebug.trace_output_dir="F:\PHP\xdebug" xdebug.profiler_output_dir="F:\PHP\xdebug" xdebug.remote_enable=on xdebug.remote_handler=dbgp xdebug.remote_host=0.0.0.0 xdebug.remote_port=9001 xdebug.idekey=PHPSTORM xdebug.remote_connect_back=1 freebsd中的php.ini [Xdebug] xdebug.remote_enable=on xdebug.remote_handler=dbgp xdebug.remote_host=0.0.0.0 xdebug.remote_port=9001 xdebug.idekey=PHPSTORM xdebug.remote_connect_back=1 PHP端的配置大概就是这样,然后看IDE中的配置吧。 安装浏览器插件:详见官网 https://confluence.jetbrains.com/display/PhpStorm/Browser+Debugging+Extensions 安装完后把IDE Key设置成和PHP端设置的一样,上面的配置中都是 PHPSTORM Languages & Frameworks / PHP / Debug Xdebug Debug Port: 9001 Languages & Frameworks / PHP / Debug / DBGp Proxy IDE Key: PHPSTORM HOST: 服务器或者本地IP Port:服务器端口,一般是80 Languages & Frameworks / PHP / Servers 添加一个服务器 HOST:服务器或者本地IP Port:服务器端口 Debugger: Xdebug Use path mappings: 将本地路径与服务器上的路径对应设置一下 保存就可以了。
  20. 有的时候我们在企业内部无法使用别名或者虚拟域名访问内部服务器,比如HTTP根据不同的主机头访问不同站点,所以只能够开设一堆的端口,非常不雅观。那我们在内网如何实现这些功能呢?非常简单自行架设一个DNS服务器,网络内部通过路由器将DNS服务器全部指向自行架设的DNS服务器上,然后我们需要维护的域名指向某个IP,就达到我们的目的了,如果将端口映射到外网,也能够提供DNS服务,想想那些恶心的DNS劫持,有了它之后基本都不会遇到(除非你设置的上级DNS服务器还是那些运营商的)。 言归正转,我们有FREEBSD,肯定想在它的基础上架设DNS服务器,FREEBSD下有个从20世纪80年代就开始使用的DNS服务器软件,目前已经是互联网上部署最多的DNS服务器了,目前版本为9.11。另外我想实现用数据库保存DNS解析记录,这样可以简单的实现web管理。 #选择相应模块安装bind911 cd /usr/ports/dns/bind911/ make install #安装数据库 cd /usr/ports/databases/postgresql10-server make install 创建数据库并设置好相应权限: ee /var/db/postgres/data96/pg_hba.conf #添加一行,允许管理员从任何IP用密码登录 host all webmaster 0.0.0.0/0 md5 ee /var/db/postgres/data96/postgresql.conf listen_addresses = '*' #允许数据库及BIND自动启动 ee /etc/rc.conf postgresql_enable="YES" named_enable="YES" #初始化postgres数据库 /usr/local/etc/rc.d/postgresql initdb #启动数据库 /usr/local/etc/rc.d/postgresql start #建立管理员帐号 createuser -P -d -s -U postgres webmaster 这是原始脚本,也可以使用下面导出的SQL文件 create database dns_dlz; create table dns_records( zone character varying(256), host character varying(256) NOT NULL default '@', ttl integer, view character varying(256), type character varying(256), mx_priority integer, data character varying(256), resp_person character varying(256), serial integer, refresh integer, retry integer, expire integer, minimum integer ); create INDEX dns_records_host_index on dns_records (host); create INDEX dns_records_type_index on dns_records ("type"); create INDEX dns_records_zone_index on dns_records ("zone"); # zone sample.com #soa 记录 insert into dns_records(zone, host, ttl, view, type, mx_priority, data, resp_person, serial, refresh, retry, expire, minimum) values ('sample.com', '@', 600, 'LOCAL', 'SOA', NULL, 'sample.com.', 'root.sample.com.', 2011083001, 28800, 14400, 86400, 86400); insert into dns_records(zone, host, ttl, view, type, mx_priority, data, resp_person, serial, refresh, retry, expire, minimum) values ('sample.com', '@', 600, 'ANY', 'SOA', NULL, 'sample.com.', 'root.sample.com.', 2011083001, 28800, 14400, 86400, 86400); #dns 记录 insert into dns_records(zone, host, ttl, view, type, mx_priority, data, resp_person, serial, refresh, retry, expire, minimum) values ('sample.com', '@', 600, 'LOCAL', 'NS', NULL, 'ns1.sample.com.', NULL, 2011083001, 28800, 14400, 86400, 86400); insert into dns_records(zone, host, ttl, view, type, mx_priority, data, resp_person, serial, refresh, retry, expire, minimum) values ('sample.com', '@', 600, 'ANY', 'NS', NULL, 'ns1.sample.com.', NULL, 2011083001, 28800, 14400, 86400, 86400); #A记录 time.sample.com insert into dns_records(zone, host, ttl, view, type, mx_priority, data, resp_person, serial, refresh, retry, expire, minimum) values ('sample.com', 'time', 600, 'LOCAL', 'A', NULL, '10.0.0.8', NULL, 2011083001, 28800, 14400, 86400, 86400); insert into dns_records(zone, host, ttl, view, type, mx_priority, data, resp_person, serial, refresh, retry, expire, minimum) values ('sample.com', 'time', 600, 'ANY', 'A', NULL, '222.222.222.8', NULL, 2011083001, 28800, 14400, 86400, 86400); #A记录 ns1.sample.com insert into dns_records(zone, host, ttl, view, type, mx_priority, data, resp_person, serial, refresh, retry, expire, minimum) values ('sample.com', 'ns1', 600, 'LOCAL', 'A', NULL, '10.0.0.10', NULL, NULL, NULL, NULL, NULL, NULL); insert into dns_records(zone, host, ttl, view, type, mx_priority, data, resp_person, serial, refresh, retry, expire, minimum) values ('sample.com', 'ns1', 600, 'ANY', 'A', NULL, '222.222.222.10', NULL, NULL, NULL, NULL, NULL, NULL); #mx记录 insert into dns_records(zone, host, ttl, view, type, mx_priority, data, resp_person, serial, refresh, retry, expire, minimum) values ('sample.com', '@', 600, 'LOCAL', 'MX', 10, 'mail.sample.com.', NULL, NULL, NULL, NULL, NULL, NULL); insert into dns_records(zone, host, ttl, view, type, mx_priority, data, resp_person, serial, refresh, retry, expire, minimum) values ('sample.com', '@', 600, 'ANY', 'MX', 10, 'mail.sample.com.', NULL, NULL, NULL, NULL, NULL, NULL); 其他域名的添加方式类似,将zone项替换为对于的域名即可 /* Navicat PGSQL Data Transfer Source Server : PostgreSQL86 Source Server Version : 90605 Source Host : 192.168.1.86:5432 Source Database : dns_dlz Source Schema : public Target Server Type : PGSQL Target Server Version : 90605 File Encoding : 65001 Date: 2017-09-13 14:47:24 */ -- ---------------------------- -- Table structure for dns_records -- ---------------------------- DROP TABLE IF EXISTS "dns_records"; CREATE TABLE "dns_records" ( "zone" varchar(256) COLLATE "default", "host" varchar(256) COLLATE "default" DEFAULT '@'::character varying NOT NULL, "ttl" int4, "view" varchar(256) COLLATE "default", "type" varchar(256) COLLATE "default", "mx_priority" int4, "data" varchar(256) COLLATE "default", "resp_person" varchar(256) COLLATE "default", "serial" int4, "refresh" int4, "retry" int4, "expire" int4, "minimum" int4 ) WITH (OIDS=FALSE) ; -- ---------------------------- -- Records of dns_records -- ---------------------------- BEGIN; INSERT INTO "dns_records" VALUES ('sample.com', '*', '600', 'ANY', 'A', null, '58.210.147.58', null, null, null, null, null, null); INSERT INTO "dns_records" VALUES ('sample.com', '*', '600', 'LOCAL', 'A', null, '192.168.1.85', null, null, null, null, null, null); INSERT INTO "dns_records" VALUES ('sample.com', '@', '600', 'ANY', 'MX', '10', 'mail.sample.com.', null, null, null, null, null, null); INSERT INTO "dns_records" VALUES ('sample.com', '@', '600', 'ANY', 'NS', null, 'ns1.sample.com.', null, '2011083001', '28800', '14400', '86400', '86400'); INSERT INTO "dns_records" VALUES ('sample.com', '@', '600', 'ANY', 'SOA', null, 'sample.com.', 'root.sample.com.', '2011083001', '28800', '14400', '86400', '86400'); INSERT INTO "dns_records" VALUES ('sample.com', '@', '600', 'LOCAL', 'MX', '10', 'mail.sample.com.', null, null, null, null, null, null); INSERT INTO "dns_records" VALUES ('sample.com', '@', '600', 'LOCAL', 'NS', null, 'ns1.sample.com.', null, '2011083001', '28800', '14400', '86400', '86400'); INSERT INTO "dns_records" VALUES ('sample.com', '@', '600', 'LOCAL', 'SOA', null, 'sample.com.', 'root.sample.com.', '2011083001', '28800', '14400', '86400', '86400'); INSERT INTO "dns_records" VALUES ('sample.com', 'mail', '600', 'ANY', 'A', null, '58.210.147.58', null, '2011083001', '28800', '14400', '86400', '86400'); INSERT INTO "dns_records" VALUES ('sample.com', 'mail', '600', 'LOCAL', 'A', null, '192.168.1.86', null, '2011083001', '28800', '14400', '86400', '86400'); INSERT INTO "dns_records" VALUES ('sample.com', 'ns1', '600', 'ANY', 'A', null, '58.210.147.58', null, null, null, null, null, null); INSERT INTO "dns_records" VALUES ('sample.com', 'ns1', '600', 'LOCAL', 'A', null, '192.168.1.86', null, null, null, null, null, null); INSERT INTO "dns_records" VALUES ('sample.com', 'www', '600', 'ANY', 'A', null, '58.210.147.58', null, null, null, null, null, null); INSERT INTO "dns_records" VALUES ('sample.com', 'www', '600', 'LOCAL', 'A', null, '192.168.1.86', null, null, null, null, null, null); COMMIT; -- ---------------------------- -- Alter Sequences Owned By -- ---------------------------- -- ---------------------------- -- Indexes structure for table dns_records -- ---------------------------- CREATE INDEX "dns_records_host_index" ON "dns_records" USING btree ("host"); CREATE INDEX "dns_records_type_index" ON "dns_records" USING btree ("type"); CREATE INDEX "dns_records_zone_index" ON "dns_records" USING btree ("zone"); 修改几个配置文件: cd /usr/local/etc/namedb rndc-confgen >rndc.conf tail -n6 rndc.conf | head -n5 | sed -e s/#\//g >named.conf rm -f rndc.conf rndc-confgen -a -c rndc.key dnssec-keygen -a hmac-md5 -b 128 -n HOST local dnssec-keygen -a hmac-md5 -b 128 -n HOST any 以下几个示例配置文件: named.conf // $FreeBSD: head/dns/bind911/files/named.conf.in 443607 2017-06-14 22:54:43Z mat $ // // Refer to the named.conf(5) and named(8) man pages, and the documentation // in /usr/local/share/doc/bind for more details. // // If you are going to set up an authoritative server, make sure you // understand the hairy details of how DNS works. Even with // simple mistakes, you can break connectivity for affected parties, // or cause huge amounts of useless Internet traffic. options { // All file and path names are relative to the chroot directory, // if any, and should be fully qualified. directory "/usr/local/etc/namedb/working"; pid-file "/var/run/named/pid"; dump-file "/var/dump/named_dump.db"; statistics-file "/var/stats/named.stats"; // If named is being used only as a local resolver, this is a safe default. // For named to be accessible to the network, comment this option, specify // the proper IP address, or delete this option. #listen-on { 127.0.0.1; }; // If you have IPv6 enabled on this system, uncomment this option for // use as a local resolver. To give access to the network, specify // an IPv6 address, or the keyword "any". // listen-on-v6 { ::1; }; // These zones are already covered by the empty zones listed below. // If you remove the related empty zones below, comment these lines out. disable-empty-zone "255.255.255.255.IN-ADDR.ARPA"; disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA"; disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA"; // If you've got a DNS server around at your upstream provider, enter // its IP address here, and enable the line below. This will make you // benefit from its cache, thus reduce overall DNS traffic in the Internet. forwarders { 223.5.5.5; 223.6.6.6; 8.8.8.8; }; // If the 'forwarders' clause is not empty the default is to 'forward first' // which will fall back to sending a query from your local server if the name // servers in 'forwarders' do not have the answer. Alternatively you can // force your name server to never initiate queries of its own by enabling the // following line: // forward only; // If you wish to have forwarding configured automatically based on // the entries in /etc/resolv.conf, uncomment the following line and // set named_auto_forward=yes in /etc/rc.conf. You can also enable // named_auto_forward_only (the effect of which is described above). // include "/usr/local/etc/namedb/auto_forward.conf"; /* Modern versions of BIND use a random UDP port for each outgoing query by default in order to dramatically reduce the possibility of cache poisoning. All users are strongly encouraged to utilize this feature, and to configure their firewalls to accommodate it. AS A LAST RESORT in order to get around a restrictive firewall policy you can try enabling the option below. Use of this option will significantly reduce your ability to withstand cache poisoning attacks, and should be avoided if at all possible. Replace NNNNN in the example with a number between 49160 and 65530. */ // query-source address * port NNNNN; }; // If you enable a local name server, don't forget to enter 127.0.0.1 // first in your /etc/resolv.conf so this server will be queried. // Also, make sure to enable it in /etc/rc.conf. // The traditional root hints mechanism. Use this, OR the slave zones below. //zone "." { type hint; file "/usr/local/etc/namedb/named.root"; }; /* Slaving the following zones from the root name servers has some significant advantages: 1. Faster local resolution for your users 2. No spurious traffic will be sent from your network to the roots 3. Greater resilience to any potential root server failure/DDoS On the other hand, this method requires more monitoring than the hints file to be sure that an unexpected failure mode has not incapacitated your server. Name servers that are serving a lot of clients will benefit more from this approach than individual hosts. Use with caution. To use this mechanism, uncomment the entries below, and comment the hint zone above. As documented at http://dns.icann.org/services/axfr/ these zones: "." (the root), ARPA, IN-ADDR.ARPA, IP6.ARPA, and a few others are available for AXFR from these servers on IPv4 and IPv6: xfr.lax.dns.icann.org, xfr.cjr.dns.icann.org */ /* zone "." { type slave; file "/usr/local/etc/namedb/slave/root.slave"; masters { 192.0.32.132; // lax.xfr.dns.icann.org 2620:0:2d0:202::132; // lax.xfr.dns.icann.org 192.0.47.132; // iad.xfr.dns.icann.org 2620:0:2830:202::132; // iad.xfr.dns.icann.org }; notify no; }; zone "arpa" { type slave; file "/usr/local/etc/namedb/slave/arpa.slave"; masters { 192.0.32.132; // lax.xfr.dns.icann.org 2620:0:2d0:202::132; // lax.xfr.dns.icann.org 192.0.47.132; // iad.xfr.dns.icann.org 2620:0:2830:202::132; // iad.xfr.dns.icann.org }; notify no; }; zone "in-addr.arpa" { type slave; file "/usr/local/etc/namedb/slave/in-addr.arpa.slave"; masters { 192.0.32.132; // lax.xfr.dns.icann.org 2620:0:2d0:202::132; // lax.xfr.dns.icann.org 192.0.47.132; // iad.xfr.dns.icann.org 2620:0:2830:202::132; // iad.xfr.dns.icann.org }; notify no; }; zone "ip6.arpa" { type slave; file "/usr/local/etc/namedb/slave/ip6.arpa.slave"; masters { 192.0.32.132; // lax.xfr.dns.icann.org 2620:0:2d0:202::132; // lax.xfr.dns.icann.org 192.0.47.132; // iad.xfr.dns.icann.org 2620:0:2830:202::132; // iad.xfr.dns.icann.org }; notify no; }; */ /* Serving the following zones locally will prevent any queries for these zones leaving your network and going to the root name servers. This has two significant advantages: 1. Faster local resolution for your users 2. No spurious traffic will be sent from your network to the roots */ /* // RFCs 1912, 5735 and 6303 (and BCP 32 for localhost) zone "localhost" { type master; file "/usr/local/etc/namedb/master/localhost-forward.db"; }; zone "127.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/localhost-reverse.db"; }; zone "255.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; // RFC 1912-style zone for IPv6 localhost address (RFC 6303) zone "0.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/localhost-reverse.db"; }; // "This" Network (RFCs 1912, 5735 and 6303) zone "0.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; // Private Use Networks (RFCs 1918, 5735 and 6303) zone "10.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "16.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "17.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "18.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "19.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "20.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "21.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "22.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "23.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "24.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "25.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "26.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "27.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "28.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "29.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "30.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "31.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "168.192.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; // Shared Address Space (RFC 6598) zone "64.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "65.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "66.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "67.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "68.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "69.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "70.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "71.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "72.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "73.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "74.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "75.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "76.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "77.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "78.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "79.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "80.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "81.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "82.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "83.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "84.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "85.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "86.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "87.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "88.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "89.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "90.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "91.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "92.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "93.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "94.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "95.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "96.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "97.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "98.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "99.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "100.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "101.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "102.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "103.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "104.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "105.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "106.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "107.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "108.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "109.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "110.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "111.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "112.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "113.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "114.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "115.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "116.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "117.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "118.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "119.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "120.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "121.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "122.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "123.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "124.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "125.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "126.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "127.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; // Link-local/APIPA (RFCs 3927, 5735 and 6303) zone "254.169.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; // IETF protocol assignments (RFCs 5735 and 5736) zone "0.0.192.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; // TEST-NET-[1-3] for Documentation (RFCs 5735, 5737 and 6303) zone "2.0.192.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "100.51.198.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "113.0.203.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; // IPv6 Example Range for Documentation (RFCs 3849 and 6303) zone "8.b.d.0.1.0.0.2.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; // Router Benchmark Testing (RFCs 2544 and 5735) zone "18.198.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "19.198.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; // IANA Reserved - Old Class E Space (RFC 5735) zone "240.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "241.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "242.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "243.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "244.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "245.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "246.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "247.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "248.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "249.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "250.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "251.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "252.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "253.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "254.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; // IPv6 Unassigned Addresses (RFC 4291) zone "1.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "3.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "4.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "5.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "6.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "7.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "8.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "9.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "a.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "b.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "c.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "d.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "e.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "0.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "1.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "2.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "3.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "4.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "5.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "6.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "7.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "8.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "9.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "a.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "b.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "0.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "1.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "2.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "3.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "4.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "5.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "6.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "7.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; // IPv6 ULA (RFCs 4193 and 6303) zone "c.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "d.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; // IPv6 Link Local (RFCs 4291 and 6303) zone "8.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "9.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "a.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "b.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; // IPv6 Deprecated Site-Local Addresses (RFCs 3879 and 6303) zone "c.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "d.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "e.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; zone "f.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; // IP6.INT is Deprecated (RFC 4159) zone "ip6.int" { type master; file "/usr/local/etc/namedb/master/empty.db"; }; */ // NB: Do not use the IP addresses below, they are faked, and only // serve demonstration/documentation purposes! // // Example slave zone config entries. It can be convenient to become // a slave at least for the zone your own domain is in. Ask // your network administrator for the IP address of the responsible // master name server. // // Do not forget to include the reverse lookup zone! // This is named after the first bytes of the IP address, in reverse // order, with ".IN-ADDR.ARPA" appended, or ".IP6.ARPA" for IPv6. // // Before starting to set up a master zone, make sure you fully // understand how DNS and BIND work. There are sometimes // non-obvious pitfalls. Setting up a slave zone is usually simpler. // // NB: Don't blindly enable the examples below. :-) Use actual names // and addresses instead. /* An example dynamic zone key "exampleorgkey" { algorithm hmac-md5; secret "sf87HJqjkqh8ac87a02lla=="; }; zone "example.org" { type master; allow-update { key "exampleorgkey"; }; file "/usr/local/etc/namedb/dynamic/example.org"; }; */ /* Example of a slave reverse zone zone "1.168.192.in-addr.arpa" { type slave; file "/usr/local/etc/namedb/slave/1.168.192.in-addr.arpa"; masters { 192.168.1.1; }; }; */ include "/usr/local/etc/namedb/rndc.key"; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; }; }; key "any" { algorithm hmac-md5; secret "09o8VJg1+JLEKTD/QrSc5g=="; }; key "local" { algorithm hmac-md5; secret "8tS+9+4siNa0n8oTnuEFsQ=="; }; acl "dns_ip" { 192.168.1.86; #master #10.0.0.9; #slave }; acl "LOCAL" { 192.168.1.0/24; 192.168.2.0/24; 192.168.10.0/24; }; include "/usr/local/etc/namedb/local_acl.conf"; include "/usr/local/etc/namedb/any.conf"; #logging { # category edns-disabled { null; }; # channel query_log { # file "/var/named/data/query.log" versions 3 size 20m; # severity info; # print-time yes; # print-category yes; # }; # category queries { # query_log; # }; #}; local_acl.conf #local network view view "local" { #match-clients { key local; LOCAL; }; #使用文件存储zone使用,用于master slave同步 match-clients { LOCAL; }; #使用数据库时的配置,无需同步 allow-query-cache { LOCAL; }; #allow-transfer { key local; }; #使用文件存储zone使用,用于master slave同步 #server 10.0.0.9 { keys { local; }; }; #使用文件存储zone使用,用于master slave同步 #允许内部ip地址递归查询 allow-recursion { 192.168.1.0/24; 127.0.0.1; }; #------使用文件存储zone 配置----------- # zone "sample.com" { # type master; #slave 配置 type slave; # file "/etc/named/sample.com.in.zone" # # masters { 10.0.0.8; }; #slave 配置 # }; # zone "1.0.10.in-addr.arpa" { # type master; #slave 配置 type slave; # file "/etc/named/0.0.10.in-addr.arpa; # # masters { 10.0.0.8; }; #slave 配置 # }; #------使用文件存储zone 配置----------- #---dlz postgresql database configure---- dlz "postgres zone" { database "postgres 1 {host=localhost port=5432 dbname=dns_dlz user=postgres} {select zone from dns_records where zone = '$zone$' limit 1} {select ttl, type, mx_priority, case when lower(type)='txt' then '\"' || data || '\"' when lower(type)='soa' then data || ' ' || resp_person || ' ' || serial || ' ' || refresh || ' ' || retry || ' ' || expire || ' ' || minimum else data end from dns_records where zone = '$zone$' and lower(view)='local' and host = '$record$'} {} {select ttl, type, host, mx_priority, case when lower(type)='txt' then '\"' || data || '\"' else data end, resp_person, serial, refresh, retry, expire, minimum from dns_records where zone = '$zone$'}"; }; }; any.conf view "any" { #match-clients { key local; ANY; }; #使用文件存储zone使用,用于master slave同步 match-clients { ANY; }; #使用数据库时的配置,无需同步 allow-query-cache { ANY; }; #allow-transfer { key any; }; #使用文件存储zone使用,用于master slave同步 #server 10.0.0.9 { keys { any; }; }; #使用文件存储zone使用,用于master slave同步 allow-recursion { 127.0.0.1; 192.168.1.0/24; }; #------使用文件存储zone 配置----------- #zone "sample.com" { # type master; # file "/etc/named/sample.com.zone"; # # masters { 10.0.0.8; }; #slave 配置 #}; #zone "222.222.222.in-addr.arpa" { # type master; #slave 配置 type slave; # file "/etc/named/222.222.222.in-addr.arpa"; # # masters { 10.0.0.8; }; #slave 配置 #}; #------使用文件存储zone 配置----------- #---dlz postgresql database configure---- dlz "postgres zone" { database "postgres 1 {host=localhost port=5432 dbname=dns_dlz user=postgres} {select zone from dns_records where zone = '$zone$' limit 1} {select ttl, type, mx_priority, case when lower(type)='txt' then '\"' || data || '\"' when lower(type)='soa' then data || ' ' || resp_person || ' ' || serial || ' ' || refresh || ' ' || retry || ' ' || expire || ' ' || minimum else data end from dns_records where zone = '$zone$' and lower(view)='any' and host = '$record$'}"; }; #---dlz postgresql database configure---- }; 因为我使用的是FREEBSD 11.0,不支持TCP_FASTOPEN,所以还得编译内核才能够使用BIND ee /etc/sysctl.conf #添加 net.inet.tcp.fastopen.enabled=1 cd /usr/src/sys/i386/conf mkdir ~/kernels/ cp GENERIC TCPOPEN mv TCPOPEN ~/kernels/TCPOPEN ln -s ~/kernels/TCPOPEN ee TCPOPEN #最后添加 # TFO TCP Fast Open TCP_FASTOPEN options TCP_RFC7413 cd /usr/src make buildkernel KERNCONF=TCPOPEN #编译完后安装 make installkernel KERNCONF=TCPOPEN #然后重启 shutdown -r now 重启后应该就能够正常使用相应服务了。
  21. 日常开发中经常需要按照一定的规则将类文件放在指定目录,正常情况下需要include或require一堆文件,非常的不方便,一般来说可以使用spl_autoload_register进行自动加载,大型项目开发时还会用到namespace,特意整理了一份支持几种方式的自动调用。 /** * 根命名空间自动加载类 * 支持命名空间及正常方式加载类 * @since 2017-09-07 * @author Jamers */ namespace { @session_start(); if (!defined("ROOT")) { define("ROOT",dirname(__FILE__).DIRECTORY_SEPARATOR); } if (defined('STDIN')) chdir(dirname(__FILE__)); function autoload($cls) { $base = 'class'.DIRECTORY_SEPARATOR; if (strtolower($cls)=='smarty') { $file = ROOT.'libs/Smarty-3.1.30/Smarty.class.php'; }else{ $a = explode('\\',$cls); $a[count($a)-1] = 'Cls_'.ucfirst($a[count($a)-1]); $file = ROOT.$base.implode(DIRECTORY_SEPARATOR,$a).'.php'; } if (file_exists($file)) { include_once($file); }else{ try { $err = 'Can\'t found '.$file; throw new Exception($err); }catch(Exception $e){ exit($e->getFile().':'.$e->getLine().'<br><br> "'.$e->getMessage().'"<br><br><b>Track:</b><br>'.$e->getTraceAsString()); } } return true; } spl_autoload_register('autoload'); }
  22. 假设三台服务器组网成6个redis集群相关设置备忘: 这样如果是一台服务器停机,可以保证redis集群正常运作。
  23. 上面集群已经架设完毕,但是无法自动进行切换主从关系。还需要进一步设置: ee /usr/local/etc/sentinel.conf #修改参数:下面为参考设置,可自行调整 daemonize yes logfile "/var/log/sentinel_log.log" sentinel monitor mymaster 192.168.1.86 6379 2 sentinel down-after-milliseconds mymaster 10000 sentinel parallel-syncs mymaster 1 sentinel failover-timeout mymaster 180000 sentinel monitor my6380 192.168.1.86 6380 2 sentinel down-after-milliseconds my6380 10000 sentinel parallel-syncs my6380 1 sentinel failover-timeout my6380 180000 sentinel monitor my6381 192.168.1.86 6381 2 sentinel down-after-milliseconds my6381 10000 sentinel parallel-syncs my6381 1 sentinel failover-timeout my6381 180000 启动: redis-server /usr/local/etc/sentinel.conf --sentinel 暂时未找到做好的脚本可以自动执行,只能放在rc.local里了。 rc.local #!/bin/sh /usr/local/bin/redis-server /usr/local/etc/sentinel.conf --sentinel
×
×
  • Create New...