网络配置状态信息搜集
来自Jack's Lab
(版本间的差异)
(→dnsmasq) |
(→dnsmasq) |
||
| 第9行: | 第9行: | ||
== dnsmasq == | == dnsmasq == | ||
| − | |||
| − | |||
<source lang=bash> | <source lang=bash> | ||
| 第43行: | 第41行: | ||
ptr-record=1.31.168.192.in-addr.arpa,XiaoQiang | ptr-record=1.31.168.192.in-addr.arpa,XiaoQiang | ||
resolv-file=/tmp/resolv.conf.dummy | resolv-file=/tmp/resolv.conf.dummy | ||
| + | |||
| + | root@XiaoQiang:/# ps | grep dns | ||
| + | 3643 nobody 1220 S /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf | ||
| + | 5609 root 34028 S /usr/sbin/pdnsd --daemon -p /var/run/pdnsd.pid | ||
| + | 24027 root 1476 S grep dns | ||
| + | |||
</source> | </source> | ||
2014年7月21日 (一) 15:01的版本
目录 |
1 Ethernet
2 Wireless
3 dnsmasq
root@XiaoQiang:/# cat /var/etc/dnsmasq.conf # auto-generated config file from /etc/config/dhcp conf-dir=/etc/dnsmasq.d/ address=/workforme.stat.localdomain/127.0.0.1 dhcp-authoritative domain-needed filterwin2k clear-on-reload localise-queries read-ethers bogus-priv expand-hosts neg-ttl=10 max-ttl=10 cache-size=3000 dns-forward-max=1000 server=/lan/ dhcp-leasefile=/data/dhcp.leases local-ttl=0 addn-hosts=/tmp/hosts dhcp-range=lan,192.168.31.100,192.168.31.249,255.255.255.0,12h dhcp-option-force=lan,43,XIAOMI_ROUTER no-dhcp-interface=eth0.2 address=/XiaoQiang/192.168.31.1 ptr-record=1.31.168.192.in-addr.arpa,XiaoQiang resolv-file=/tmp/resolv.conf.dummy root@XiaoQiang:/# ps | grep dns 3643 nobody 1220 S /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf 5609 root 34028 S /usr/sbin/pdnsd --daemon -p /var/run/pdnsd.pid 24027 root 1476 S grep dns
4 pdnsd
5 iptables
配置文件在 /etc/config/firewall
root@XiaoQiang:/# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination delegate_input all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination delegate_forward all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination delegate_output all -- anywhere anywhere Chain MINIUPNPD (1 references) target prot opt source destination Chain delegate_forward (1 references) target prot opt source destination forwarding_rule all -- anywhere anywhere /* user chain for forwarding */ ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED zone_lan_forward all -- anywhere anywhere zone_wan_forward all -- anywhere anywhere reject all -- anywhere anywhere Chain delegate_input (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere input_rule all -- anywhere anywhere /* user chain for input */ ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED zone_lan_input all -- anywhere anywhere zone_wan_input all -- anywhere anywhere Chain delegate_output (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere output_rule all -- anywhere anywhere /* user chain for output */ ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED zone_lan_output all -- anywhere anywhere zone_wan_output all -- anywhere anywhere Chain forwarding_lan_rule (1 references) target prot opt source destination Chain forwarding_rule (1 references) target prot opt source destination macfilter_wan all -- anywhere anywhere Chain forwarding_wan_rule (1 references) target prot opt source destination Chain input_lan_rule (1 references) target prot opt source destination Chain input_rule (1 references) target prot opt source destination macfilter_admin tcp -- anywhere XiaoQiang multiport dports www,https,telnet,ssh Chain input_wan_rule (1 references) target prot opt source destination Chain macfilter_admin (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere MAC 4C:21:D0:40:42:D4 ACCEPT all -- anywhere anywhere MAC F8:A4:5F:5A:60:66 Chain macfilter_lan (0 references) target prot opt source destination Chain macfilter_wan (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere MAC 4C:21:D0:40:42:D4 ACCEPT all -- anywhere anywhere MAC F8:A4:5F:5A:60:66 Chain output_lan_rule (1 references) target prot opt source destination Chain output_rule (1 references) target prot opt source destination Chain output_wan_rule (1 references) target prot opt source destination Chain reject (3 references) target prot opt source destination REJECT tcp -- anywhere anywhere reject-with tcp-reset REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain zone_lan_dest_ACCEPT (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain zone_lan_forward (1 references) target prot opt source destination forwarding_lan_rule all -- anywhere anywhere /* user chain for forwarding */ zone_wan_dest_ACCEPT all -- anywhere anywhere /* forwarding lan -> wan */ zone_lan_src_REJECT all -- anywhere anywhere Chain zone_lan_input (1 references) target prot opt source destination input_lan_rule all -- anywhere anywhere /* user chain for input */ zone_lan_src_ACCEPT all -- anywhere anywhere Chain zone_lan_output (1 references) target prot opt source destination output_lan_rule all -- anywhere anywhere /* user chain for output */ zone_lan_dest_ACCEPT all -- anywhere anywhere Chain zone_lan_src_ACCEPT (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain zone_lan_src_REJECT (1 references) target prot opt source destination reject all -- anywhere anywhere Chain zone_wan_dest_ACCEPT (2 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain zone_wan_forward (1 references) target prot opt source destination MINIUPNPD all -- anywhere anywhere forwarding_wan_rule all -- anywhere anywhere /* user chain for forwarding */ zone_wan_src_REJECT all -- anywhere anywhere Chain zone_wan_input (1 references) target prot opt source destination input_wan_rule all -- anywhere anywhere /* user chain for input */ ACCEPT udp -- anywhere anywhere udp dpt:bootpc /* Allow-DHCP-Renew */ ACCEPT icmp -- anywhere anywhere icmp echo-request /* Allow-Ping */ ACCEPT tcp -- anywhere anywhere tcp dpt:socks /* 'xunlei wan accept tcp port 1080 4662 2080 2062' */ ACCEPT tcp -- anywhere anywhere tcp dpt:4662 /* 'xunlei wan accept tcp port 1080 4662 2080 2062' */ ACCEPT tcp -- anywhere anywhere tcp dpt:2080 /* 'xunlei wan accept tcp port 1080 4662 2080 2062' */ ACCEPT tcp -- anywhere anywhere tcp dpt:2062 /* 'xunlei wan accept tcp port 1080 4662 2080 2062' */ ACCEPT udp -- anywhere anywhere udp dpt:4661 /* xunlei wan accept udp port 4661 3027 888 666 2037 2061 2048 2066 */ ACCEPT udp -- anywhere anywhere udp dpt:3027 /* xunlei wan accept udp port 4661 3027 888 666 2037 2061 2048 2066 */ ACCEPT udp -- anywhere anywhere udp dpt:888 /* xunlei wan accept udp port 4661 3027 888 666 2037 2061 2048 2066 */ ACCEPT udp -- anywhere anywhere udp dpt:666 /* xunlei wan accept udp port 4661 3027 888 666 2037 2061 2048 2066 */ ACCEPT udp -- anywhere anywhere udp dpt:2037 /* xunlei wan accept udp port 4661 3027 888 666 2037 2061 2048 2066 */ ACCEPT udp -- anywhere anywhere udp dpt:2061 /* xunlei wan accept udp port 4661 3027 888 666 2037 2061 2048 2066 */ ACCEPT udp -- anywhere anywhere udp dpt:2048 /* xunlei wan accept udp port 4661 3027 888 666 2037 2061 2048 2066 */ ACCEPT udp -- anywhere anywhere udp dpt:2066 /* xunlei wan accept udp port 4661 3027 888 666 2037 2061 2048 2066 */ zone_wan_src_REJECT all -- anywhere anywhere Chain zone_wan_output (1 references) target prot opt source destination output_wan_rule all -- anywhere anywhere /* user chain for output */ zone_wan_dest_ACCEPT all -- anywhere anywhere Chain zone_wan_src_REJECT (2 references) target prot opt source destination reject all -- anywhere anywhere
