分类目录归档:Uncategorized

MySQL Python tutorial

This is MySQL Python programming tutorial. It covers the basics of MySQL programming with Python. It uses the MySQLdb module. The examples were created and tested on Ubuntu Linux.

There is a similar PostgreSQL Python tutorial, MySQL Visual Basic tutorial, or MySQL PHP tutorial on ZetCode. SQLAlchemy tutorial covers SQLAlchemy SQL Toolkit and Object Relational Mapper. If you need to refresh your knowledge of the Python language, there is a full Python tutorial. You may also consider to look at the MySQL tutorial, too.

About MySQL database

MySQL is a leading open source database management system. It is a multi user, multithreaded database management system. MySQL is especially popular on the web. It is one part of the very popular LAMP platform which consists of Linux, Apache, MySQL, and PHP. Currently MySQL is owned by Oracle. MySQL database is available on most important OS platforms. It runs on BSD Unix, Linux, Windows, or Mac OS. Wikipedia and YouTube use MySQL. These sites manage millions of queries each day. MySQL comes in two versions: MySQL server system and MySQL embedded system. 继续阅读

How to assign multiple IP addresses to one network interface on CentOS

The practice of configuring multiple IP addresses on a particular network interface is called IP aliasing. IP aliasing is useful when you set up multiple sites on virtual web hosting on a single interface, or maintain multiple connections to a network each of which serves a different purpose. You can assign multiple IP addresses to one network interface from a single subnet or completely different ones.

All existing Linux distributions including CentOS supports IP aliasing. Here is how to bind multiple IP addresses to a single network interface on CentOS.

If you would like to set up IP aliasing on the fly, there are two ways to do it. One way is to use ifconfig, and the other method is to use ip command. Using these two methods, let me show you how to add two extra IP addresses to eth0. 继续阅读

Linux、Windows Server Password Security Policy Strengthen

catalog

1. windows Security and Protection(Logon and Authentication)
2. windows密码强制安全策略
3. PAM(Pluggable Authentication Modules)
4. linux密码强制安全策略配置

 

1. windows Security and Protection(Logon and Authentication)

This page lists resources for logon and authentication in Windows Server 2003, which includes passwords, Kerberos, NTLM, Transport Layer Security/Secure Sockets Layer (TLS/SSL), and Digest. In addition, some protocols are combined into authentication packages, such as Negotiate and Schannel, as part of an extensible authentication architecture.

0x1: Create an extensive defense model

1. Educate your users about how to best protect their accounts from unauthorized attacks 
https://technet.microsoft.com/en-us/library/cc784090#BKMK_UserBP

2. Use the system key utility (Syskey) on computers throughout your network. The system key utility uses strong encryption techniques to secure account password information that is stored in the Security Accounts Manager (SAM) database. 
    1) The system key utility: https://technet.microsoft.com/en-us/library/cc783856
    2) create or update a system key: 

3. Define password policy that ensures that every user is following the password guidelines that you decide are appropriate 
https://technet.microsoft.com/en-us/library/cc784090#BKMK_PasswordPolicy

4. Consider whether implementing account lockout policy is appropriate for your organization. 
https://technet.microsoft.com/en-us/library/cc784090#BKMK_AccountLockout
 

继续阅读

How to Create and Setup LUNs using LVM in “iSCSI Target Server” on RHEL/CentOS/Fedora – Part II

LUN is a Logical Unit Number, which shared from the iSCSI Storage Server. The Physical drive of iSCSI target server shares its drive to initiator over TCP/IP network. A Collection of drives called LUNs to form a large storage as SAN (Storage Area Network). In real environment LUNs are defined in LVM, if so it can be expandable as per space requirements.

Create LUNS using LVM in Target Server

Create LUNS using LVM in Target Server

Why LUNS are Used?

LUNS used for storage purpose, SAN Storage’s are build with mostly Groups of LUNS to become a pool, LUNs are Chunks of a Physical disk from target server. We can use LUNS as our systems Physical Disk to install Operating systems, LUNS are used in Clusters, Virtual servers, SAN etc. The main purpose of Using LUNS in Virtual servers for OS storage purpose. LUNS performance and reliability will be according to which kind of disk we using while creating a Target storage server. 继续阅读

How to Install and Configure HAProxy on CentOS/RHEL 7/6/5

HAProxy is a very fast and reliable solution for high availability, load balancing, It supports TCP and HTTP-based applications. Now a days most of websites need 99.999% uptime for there site, which are not possible with single server setup. Then we need some high availability environment which can easily manage with single server failure. 继续阅读

IP Range To CIDR Convertor

IP Range To CIDR Convertor

// Convert a given Ip range to CIDR notation.

# cat rangeToCidr
/* rangeToCidr.c - Convert Ip ranges to CIDR */

/*
modification history http://snippets.dzone.com/tag/cidr
--------------------
,17sep08,karn written
*/

/* includes */

#include
#include
#include
#include #include
#include
#include
#include

/* defines */
//#define DBG
#ifdef DBG
#define DEBUG(x) fprintf(stderr,x)
#else
#define DEBUG
#endif /* DBG */

#define IP_BINARY_LENGTH 32+1 /* 32 bits ipv4 address +1 for null */
#define IP_HEX_LENGTH 10
#define MAX_CIDR_MASK 32
#define MAX_CIDR_LEN 18+1 /*255.255.255.255/32*/

/* Forward declaratopms */
void rangeToCidr(uint32_t from ,uint32_t to,
void (callback)(char *cidrNotation));
int ipToBin(uint32_t ip , char * pOut);

void printNotation(char *cidrNotation);

/* Globals */

/*******************************************************************************
*
* ipToBin - convert an ipv4 address to binary representation
* and pads zeros to the beginning of the string if
* the length is not 32
* (Important for ranges like 10.10.0.1 - 20.20.20.20 )
*
* ip - ipv4 address on host order
* pOut - Buffer to store binary.
*
* RETURNS: OK or ERROR
*/

int ipToBin(uint32_t ip , char * pOut)
{
char hex[IP_HEX_LENGTH];
int i;
int result=0;
int len;
char pTmp[2];
int tmp;
/*
* XXX: Could use bit operations instead but was easier to debug
*/
char binMap[16][5] = {
"0000","0001","0010","0011", "0100",
"0101","0110","0111","1000", "1001",
"1010","1011","1100", "1101","1110","1111",
};
pTmp[1]=0x0;
memset(hex,0x0,sizeof(hex));
len=sprintf(hex,"%x",ip);

for(i=0;i IP_BINARY_LENGTH-1)
return -1;

/* Success */
return 0;
}

/*******************************************************************************
* main :
*
* arg1 : Start Ip Address
* arg2 : End Ip address
*/

int main (int argc,char **argv)
{
long fromIp, toIp;
struct in_addr addr;
if(argc !=3 )
{
printf("Usage: %s \n",argv[0]);
return(0);
}

/* All operation on host order */
if (inet_aton(argv[1],&addr) == 0)
goto error;
fromIp = ntohl(addr.s_addr);

if (inet_aton(argv[2],&addr) ==0)
goto error;
toIp = ntohl(addr.s_addr);

rangeToCidr(fromIp,toIp,printNotation);

return 0;
error:
printf("Invalid Argument\n");
return -EINVAL;
}

/*******************************************************************************
*
* rangeToCidr - convert an ip Range to CIDR, and call 'callback' to handle
* the value.
*
* from - IP Range start address
* to - IP Range end address
* callback - Callback function to handle cidr.
* RETURNS: OK or ERROR
*/

void rangeToCidr(uint32_t from ,uint32_t to,
void (callback)(char *cidrNotation))
{
int cidrStart = 0;
int cidrEnd = MAX_CIDR_MASK - 1;
long newfrom;
long mask;
char fromIp[IP_BINARY_LENGTH];
char toIp[IP_BINARY_LENGTH];
struct in_addr addr;
char cidrNotation[MAX_CIDR_LEN];

memset (fromIp,0x0,sizeof(fromIp));
memset (toIp,0x0,sizeof(toIp));

if ( ipToBin(from,fromIp) != 0 )
return;
if ( ipToBin(to,toIp) != 0 )
return;

DEBUG ("from %lu to %lu\n", from,to);
DEBUG("from %s\n",fromIp);
DEBUG("to %s\n",toIp);

if(from < to ) { /* Compare the from and to address ranges to get the first * point of difference */ while(fromIp[cidrStart]==toIp[cidrStart]) cidrStart ++; cidrStart = 32 - cidrStart -1 ; DEBUG("cidrStart is %u\n",cidrStart); /* Starting from the found point of difference make all bits on the * right side zero */ newfrom = from >> cidrStart +1 << cidrStart +1 ; /* Starting from the end iterate reverse direction to find * cidrEnd */ while( fromIp[cidrEnd] == '0' && toIp[cidrEnd] == '1') cidrEnd --; cidrEnd = MAX_CIDR_MASK - 1 - cidrEnd; DEBUG("cidrEnd is %u\n",cidrEnd); if(cidrEnd <= cidrStart) { /* * Make all the bit-shifted bits equal to 1, for * iteration # 1. */ mask = pow (2, cidrStart ) - 1; DEBUG("it1 is %lu \n",newfrom | mask ); rangeToCidr (from , newfrom | mask, callback); DEBUG("it2 is %lu \n",newfrom | 1 << cidrStart); rangeToCidr (newfrom | 1 << cidrStart ,to ,callback); } else { addr.s_addr = htonl(newfrom); sprintf(cidrNotation,"%s/%d", inet_ntoa(addr), MAX_CIDR_MASK-cidrEnd); if (callback != NULL) callback(cidrNotation); } } else { addr.s_addr = htonl(from); sprintf(cidrNotation,"%s/%d",inet_ntoa(addr),MAX_CIDR_MASK); if(callback != NULL) callback(cidrNotation); } } /******************************************************************************* * * printNotation - This is an example callback function to handle cidr notation. * * RETURNS: */ void printNotation(char *cidrNotation) { printf("%s\n",cidrNotation); }
编译:

# gcc rangeToCidr.c -lm -o rang2cidr

Perl版本:

#!/usr/bin/perl -w
# range2cidr.pl

use Net::CIDR;
use Net::CIDR ':all';

if (@ARGV == 0) {
die "Usage Example: $0 192.168.0.0-192.168.255.255 \n";
}

print join("\n", Net::CIDR::range2cidr("$ARGV[0]")) . "\n";

合并CIDR:

#!/usr/bin/perl

use Net::CIDR::Lite;

my $cidr = Net::CIDR::Lite->new;

$cidr->add("202.38.175.0/24");
$cidr->add("202.38.174.0/24");
$cidr->add("202.38.173.0/24");
$cidr->add("202.38.172.0/24");
$cidr->add("202.38.171.0/24");
$cidr->add("202.38.170.0/24");
$cidr->add("202.38.169.0/24");
$cidr->add("202.38.168.0/24");

print "$_\n" for $cidr->list;
// 执行结果:202.38.168.0/21

Linux 系统中一些针对文件系统的节能技巧

文件系统是 Linux 系统的重要组成部分,文件系统的配置和使用对整个系统的运行有着重要的影响。本文介绍了一些 Linux 系统上对文件系统的配置技巧,达到节省能耗并目的,有的技巧还可以提高系统的性能。虽然文件系统的节能成效比起 CPU 和显示器的节能来显得比较轻微,但是积少成多,绿色的地球将靠我们一点一滴来完成。

本文假设用户的主要文件系统驻留在硬盘之上。硬盘是系统中相对于 CPU、内存等设备来说活动时间比较少的部件。如果硬盘处于空闲状态时,耗电量是很少的;而在启动进行读写的时候,耗电量会大大增加。所以通过文件系统节能的核心思想就是,尽量减少磁盘 I/O,使硬盘更多的处于空闲状态。 继续阅读

LINUX内存监控

 #!/bin/bash    
    #  
    # 监控内存使用状态 以便做出响应,可以添加到/etc/rc.local中作为守护进程脚本运行    
    #  
    # free#              total       used       free     shared    buffers     cached  
    # Mem:       2074716     702972    1371744          0     123612     478028  
    # -/+ buffers/cache:     101332    1973384  
    # Swap:      4088532          0    4088532   
    #  
    MINRATIO="0.05" 
    #while true  
    while :  
    do  
        MemTotal=`free|grep "Mem"|awk '{ print $2 }'`  
        MemFree=`free|grep "Mem"|awk '{ print $4 }'`  
        Result=`echo | awk '{ print "'$MemFree'" / "'$MemTotal'" }'`  
        RetVal=`awk 'BEGIN { print ("'$Result'" < "'$MINRATIO'"); }'`  
     
        if [ ${RetVal} -eq 1 ]; then  
        #    echo "Restart Apache"  
            /usr/local/apache/bin/apachectl restart  
        fi  
        sleep 60  
    done 

继续阅读