/ etc Directory file introduction / etc is the hometown of the configuration file under Linux, many management and modifications are here
3. Network configuration file
3.1 / etc / hosts
# / etc / hosts
# File format: ipaddress hostname aliases
# File function: Provide the host name to the IP address, it is recommended to use the host used often
# Add this file, you can also add a machine without DNS records to this file.
# This will convenient network application
127.0.0.1 Localhost Localhost.localdomain
202.118.66.81 Helius.dlut.edu.cn Helius
3.2 /etc/resolv.conf
File function: DNS client profile, set the IP address of the DNS server and DNS domain name
Related files: /etc/host.conf
file format:
DomainName domain name
Search domain name
Nameserver PRIMARY_DNS_SERVER_IP_ADDRESS
Nameserver Second_DNS_SERVER_IP_ADDRESS
Where DomainName and Search may exist at the same time, only one; Nameserver can specify multiple
Sample file content:
Search dlut.edu.cn
Nameserver 202.118.66.6
3.3 /etc/host.conf
Function: Specify the host name lookup method, usually finger the file / etc / hosts first, find the DNS server request.
For most users don't have to change this file content.
Linux: /etc/host.conf file content
ORDER HOSTS, BIND
Multi on
Soalris: /etc/nsswitch.conf HOSTS item
Hosts Files, DNS
3.4 / etc / hostname (Linux Redhat 5.x Distribution)
Function: Set the host name, there may be differences between different Linux, please use
Egrep hostname /etc/rc.d/init.d/*
or
Egrep hostname /etc/init.d/*
Find the host name setting file and method on the corresponding version.
Linux RedHat 5.x corresponds to file: / etc / sysconfig / network HostName item.
3.5 /etc/inetd.conf
Internet Super Server, Related Procedures: / USR / SBIN / INETD
Corresponding service:
Telnet
ftp
POP3
R * RSH RCP rlogin (recommended to close the R service)
Other services are best turned off
#
# inetd.conf this File Describes The Services That Will Be Available
# THROUGH The inetd TCP / IP Super Server. To Re-Configure
# The running inetd process, edit this file, the send the
Inetd process a sighup sign.
#
# Version: @ (#) / etc / inetd.conf 3.10 05/27/93
#
# Authors: Original Taken from BSD UNIX 4.3 / Tahoe.
# Fred n. van kempen,
#
# Modified for debian Linux by Ian A. Murdock
#
# Modified for rhs linux by marc ewing
#
#
#
# Echo, discard, daytime, and chargen are buy primarily for testing. #
# T re-read this file after change, just do a 'killall -hup inetd'
#
#echo stream tcp nowait root internal
#echo dgram udp Wait root internal
#discard Stream TCP NOWAIT ROOT INTERNAL
#discard Dgram Udp Wait Root Internal
#daytime stream TCP NOWAIT ROOT INTERNAL
# Daytime Dgram Udp Wait Root Internal
#chargen stream TCP NOWAIT ROOT INTERNAL
#Chargen Dgram UDP WAIT ROOT INTERNAL
#
# Tse Cene Standard Services.
#
FTP Stream TCP NOWAIT ROOT / USR / SBIN / TCPD IN.FTPD -L -A
Telnet Stream TCP NOWAIT ROOT / USR / SBIN / TCPD in.telnetd
Gopher stream TCP NOWAIT ROOT / USR / SBIN / TCPD GN
# do not uncomment SMTP UNSS You * really * know what you are doing.
# SMTP Is Handled by The sendmail daemon now, not smtpd. it does not
# Run from here, IT is started at boot time from /etc/rc.d/rc#.d.
#SMTP Stream TCP NOWAIT ROOT / USR / BIN / SMTPD SMTPD
#nntp stream tcp noait root / usr / sbin / tcpd in.nntpd
#
# Shell, login, Exec AND Talk Are BSD protocols.
#
Shell Stream TCP NOWAIT ROOT / USR / SBIN / TCPD IN.RSHD
Login Stream TCP NOWAIT ROOT / USR / SBIN / TCPD in.rlogind
#exec stream tcp noetait root / usr / sbin / tcpd in.rexecd
Talk Dgram Udp Wait Root / USR / SBIN / TCPD in.talkd
NTALK DGRAM UDP WAIT ROOT / USR / SBIN / TCPD IN.ntalkd
#dtalk stream tcp waut nobody / usr / sbin / tcpd in.dtalkd
#
# POP AND IMAP MAIL Services ET AL
#
POP-2 Stream TCP NOWAIT ROOT / USR / SBIN / TCPD IPOP2D
POP-3 Stream TCP NOWAIT ROOT / USR / SBIN / TCPD IPOP3D
IMAP Stream TCP NOWAIT ROOT / USR / SBIN / TCPD IMAPD
#
# The Internet uucp service.
#
#uucp stream tcp nowait uucp / usr / sbin / tcpd / usr / lib / uucp / uucico -l
#
# TFTP Service IS Provided Primarily for Booting. Most Sites
# Run this Only on Machines Acting As "Boot Servers." Do Not Uncomment # this unless YOU * NEED * IT.
#
#TFTP DGRAM UDP WAIT ROOT / USR / SBIN / TCPD in.tftpd
#bootps Dgram Udp Wait Root / USR / SBIN / TCPD BOOTPD
#
# Finger, SYSTAT AND NETSTAT GIVE OUT USER Information Which May BE
# Valuable to Potential "System Crackers." MANY SITES choose to disable
# Some or all of these services to impRove Security.
#
# cfinger is for gnu finger, Which is currently not in use in rhs linux
#
Finger stream tcp noait root / usr / sbin / tcpd in.fingerd
#cfinger stream tcp noait root / usr / sbin / tcpd in.cfingerd
#nsystat stream TCP NOWAIT GUEST / USR / SBIN / TCPD / BIN / PS --AUWWX
#NetStat Stream TCP NOWAIT GUEST / USR / SBIN / TCPD / BIN / NETSTAT-F inet
#
# Time service is buy for clock syncronization.
#
Time Stream TCP NOWAIT NOBODY / USR / SBIN / TCPD in.TIMED
Time Dgram UDP WAIT NOBOBODY / USR / SBIN / TCPD in.timed
#
# Authentication
#
Auth Stream TCP NOWAIT NOBODY /USR/SBIN/IN.IDENTD INDENTD -L -E -O
#
# End of inetd.conf
Linuxconf Stream TCP WAIT ROOT / BIN / LinuxConf Linuxconf - HTTP
3.6 inetd.conf related files / etc / services (Sysv / BSD / Linux
Basically do not have to edit, Linux comes with most of the services, Solaris may need to increase (POP3),
Refer to the appropriate server installation instructions, all available network services are listed in this file.
#
# Services this file describes The Various Services That Are
# Available from the TCP / IP Subsystem. IT Should BE
# Consulted instead of using the number in the arpa
# include files, or, worse, just guessing them.
#
# Version: @ (#) / etc / soldector 2.00 04/30/93
#
# Author: fred n. van kempen,
#
# File format: Service Name Port Number / Protocol Service Alias
TCPMUX 1 / TCP # RFC-1078
ECHO 7 / TCP
ECHO 7 / UDP
Discard 9 / TCP Sink Null
Discard 9 / UDP Sink Null
SYSTAT 11 / TCP USERS
Daytime 13 / TCP
Daytime 13 / UDP
NetStat 15 / TCP
QOTD 17 / TCP QuoteChargen 19 / TCP TTYTST SOURCE
Chargen 19 / UDP TTYTST SOURCE
FTP-DATA 20 / TCP
FTP 21 / TCP
Telnet 23 / TCP
SMTP 25 / TCP Mail
Time 37 / TCP TIMSERVER
Time 37 / UDP TIMSERVER
RLP 39 / UDP Resource # Resource location
Name 42 / UDP Nameserver
WHOIS 43 / TCP NICNAME # USUALLY TO SRI-NIC
Domain 53 / TCP
Domain 53 / UDP
MTP 57 / TCP # deprecated
Bootps 67 / udp # bootp server
Bootpc 68 / udp # bootp client
TFTP 69 / UDP
Gopher 70 / TCP # Gopher Server
RJE 77 / TCP
Finger 79 / TCP
HTTP 80 / TCP # www is buy by some broker
WWW 80 / TCP # progs, http is more correcture
Link 87 / TCP TTYLINK
Kerberos 88 / UDP KDC # kerberos Authentication - UDP
Kerberos 88 / TCP KDC # kerberos Authentication - TCP
SUPDUP 95 / TCP # BSD SupdUpd (8)
Hostnames 101 / TCP hostname # usually to sri-nic
ISO-TSAP 102 / TCP
X400 103 / TCP # iso mail
X400-SND 104 / TCP
CSNet-NS 105 / TCP
POP-2 109 / TCP # PostOffice V.2
POP-3 110 / TCP # PostOffice V.3
POP 110 / TCP # PostOffice V.3
SunRPC 111 / TCP
SunRPC 111 / TCP Portmapper # RPC 4.0 Portmapper UDP
SunRPC 111 / UDP
SunRPC 111 / UDP Portmapper # RPC 4.0 Portmapper TCP
Auth 113 / TCP Ident # User Verification
SFTP 115 / TCP
UUCP-PATH 117 / TCP
NNTP 119 / TCP USENET # Network News TRANSFER
NTP 123 / TCP # Network Time Protocol
NTP 123 / UDP # Network Time Protocol
NetBIOS-NS 137 / TCP NBNS
NetBIOS-NS 137 / UDP NBNS
NetBIOS-DGM 138 / TCP NBDGM
NetBIOS-DGM 138 / UDP NBDGM
NetBIOS-SSN 139 / TCP NBSSN
IMAP 143 / TCP # IMAP NetWork Mail Protocol
News 144 / TCP news # window system
SNMP 161 / UDP
SNMP-TRAP 162 / UDP
EXEC 512 / TCP # BSD Rexecd (8)
BIFF 512 / UDP COMSAT
Login 513 / TCP # BSD Rlogind (8)
Who 513 / udp whod # BSD RWHOD (8)
Shell 514 / TCP CMD # BSD RSHD (8)
Syslog 514 / udp # bsd syslogd (8)
Printer 515 / TCP Spooler # BSD LPD (8)
Talk 517 / UDP # bsd talkd (8) NTALK 518 / UDP # SUNOS TALKD (8)
EFS 520 / TCP # for lucasfilm
Route 520 / UDP Router Routed # 521 / UDP TOO
TIMED 525 / UDP TIMESERVER
Tempo 526 / TCP NewDate
Courier 530 / TCP RPC # experimental
Conference 531 / TCP Chat
NetNews 532 / TCP Readnews
Netwall 533 / udp # -for Emergency Broadcasts
UUCP 540 / TCP UUCPD # BSD UUCPD (8) UUCP Service
Klogin 543 / TCP # kerberos Authenticated Rlogin
Kshell 544 / TCP cmd # and remote shell
New-rwho 550 / udp new -who # Experimental
Remotefs 556 / TCP RFS_SERVER RFS # Brunhoff Remote FileSystem
RMonitor 560 / UDP RMonitord # Experimental
Monitor 561 / udp # Experimental
PCSERVER 600 / TCP # ECD Integrated PC Board SRVR
Mount 635 / UDP # NFS Mount Service
PCNFS 640 / UDP # PC-NFS DOS Authentication
BWNFS 650 / UDP # BW-NFS DOS Authentication
Kerberos-Adm 749 / TCP # kerberos 5 admin / changepw
Kerberos-ADM 749 / UDP # kerberos 5 admin / changepw
Kerberos-sec 750 / udp # kerberos Authentication - UDP
Kerberos-Sec750 / TCP # kerberos Authentication - TCP
Kerberos_Master 751 / UDP # kerberos Authentication
Kerberos_master 751 / tcp # kerberos Authentication
KRB5_PROP 754 / TCP # kerberos Slave PropAgation
Listen 1025 / TCP Listener RFS Remote_File_SHARING
NTERM 1026 / TCP Remote_login Network_Terminal
KPOP 1109 / TCP # Pop with Kerberos
Ingreslock 1524 / TCP
TNET 1600 / TCP # Transputer Net daemon
Cfinger 2003 / TCP # gnu finger
NFS 2049 / UDP # NFS File Service
Eklogin 2105 / TCP # kerberos Encrypted Rlogin
KRB524 4444 / TCP # kerberos 5 to 4 Ticket Xlator
IRC 6667 / TCP # internet relay chat
DOS 7000 / TCP MSDOS
# End of services.
Linuxconf 98 / TCP # added by LinuxConf rpm
3.7 /etc/hosts.allow /etc/hosts.dey (under Linux, or using TCPD, refer to inetd.conf)
/etc/hosts.allow Settings Allows the use of the Inetd service, such as: All: 202.118 Allown all requests from 202.118.x.x
/etc/hosts.deny settings that do not allow inetd's machines
Please refer to the online documentation of the setting order of these two files:
Man TCPD
Man Hosts.Allow
Man hosts.deny
Internet Network Service Access Control File,
For servers with higher security requirements, XINETD is used instead of inetd,
XINETD Debian comes with other sources to compile software
3.8 / ETC / NetWorks / ETC / NETMASKS
List the network address required by routing, related commands / usr / sbin / route, of course, you can also use these two
Document, you can use the IP address and network mask position when maintaining the routing table.
EXAMPLE:
/ ETC / NetWorks
DLRIN 202.199.128.0
/ ETC / NETMASKS
202.199.128.0 255.255.240.0
Add a static routing entry:
------------- DDN
| Cisco 2511 <--------------> DLMU 202.118.64.0/255.255.255.0
| <--------------> DLNA 210.47.192.0/255.255.240.0
----- -------
| 202.118.66.254
| 202.118.66.16
------- ------- ------------ ---------
| Switch / Hub ------- Network Center --- LAN Router
----- ----- ------------ ---- ----
| | |
|
| 202.118.68.0/255.255.252.0
| --------------
------------ 202.118.66.81 (Test Machine)
| --------------
|
|
| 202.118.66.1 (Default Router)
----- -------
| Router
----- -------
| 202.112.30.65/255.255.255.252
| DDN
| PPP
|
| 202.112.30.66/255.255.255.252
CERNET / INTERNET
(1) 202.118.66.81 (HELIUS) <-> 202.118.66.18 (peony)
202.118.066.081
255.255.255.0 and
-------------------
202.118.066.0 Network address in the same IP network segment
IP Address <-> Mac (Media Access Address)
202.118.66.18 08: 00: 20: 96: 01: 6A
202.118.66.81 00: 80: C8: 4C: 6A: D0
202.118.66.1 00: 60: 5C: F3: FF: 75
202.118.66.81 -> 202.118.66.18
Ethernet data package:
08: 00: 20: 96: 01: 6A 00: 80: C8: 4C: 6A: D0 IP Data
(2) 202.118.66.81 -> 202.112.0.36
Not in the same IP segment, through indirect delivery (via router). [HBWork @ linden hbwork] $ netstat -rn
Kernel IP Routing Table
Destination Gateway Genmask Flags MSS WINDOW IRTT IFACE
202.118.66.0 0.0.0.0 255.255.255.0 U 1500 0 0 ETH0
127.0.0.0 0.0.0.0 255.0.0.0 U 3584 0 0 LO
0.0.0.0 202.118.66.1 0.0.0.0 UG 1500 0 0 Eth0
^^^^^^^
Default router
(3) Add a static route
Related Commands: / USR / SBIN / ROUTE or / SBIN / ROUTE
Linkux needs to join the routing entry of your own network
/ sbin / route add -net 202.118.66.0 Netmask 255.255.255.0 ETH0
/ SBIN / ROUTE Add -Net 202.199.128.0 Netmask 255.255.240.0 GW 202.118.66.254
OR:
/ SBIN / ROUTE Add -Net DLRIN GW 202.118.66.254
OR:
/ sbin / route add -net dlrin GW DLRIN-GW
/ SBIN / ROUTE ADD DEFAULT GW 202.118.66.1
9. / etc / passwd
User password file
10. / etc / shadow (if there is this file, the system supports the Shadow mechanism)
$ ls -l / etc / shadow
-rwx ------ Root .... / etc / shadow
11. / ETC / FSTAB
File System Table
# 设备 设备 MountPoint FileSystem Type Load Options ... FSCK Sign
/ DEV / HDA1 / EXT2 Defaults 1 1
/ DEV / HDA6 / Home Ext2 Defaults 1 2
/ DEV / HDA3 / USR EXT2 Defaults 1 2
/ dev / hda5 / var xt2 defaults 1 2
/ DEV / HDA2 SWAP SWAP DEFAULTS 0 0
/ DEV / FD0 / MNT / FLOPPY Auto Sync, User, Noauto, Nosuid, Nodev, UnhiDe 0
0
/ DEV / CDROM / MNT / CDROM AUTO User, Noauto, Nosuid, Nodev, Ro 0 0
None / Proc Proc Defaults 0 0
SOLAIRS Corresponding file: / etc / vfstab
12. / ETC / Exports
NFS (Network File System) Server output file system table, it is best not to use NFS.
NFS related processes:
Solaris: Mountd, NFSIOD
/etc/init.d/nfs.server
Linux: kernel supports NFS, / Proc / FileSystem, or by loading modules implementation,
13./etc/default (Solaris 2.x)
The content is the IP address of default router,
Under Linux:
RedHat 5.x: / etc / sysconfig / network
GATEWAY = 202.118.66.1
GatewayDev = Eth0
Debian: /etc/init.d/network
#! / bin / sh
IFConfig Lo 127.0.0.1
Route Add -Net 127.0.0.0
Ipaddr = 202.118.66.88
Netmask = 255.255.255.0
NetWork = 202.118.66.0
Broadcast = 202.118.66.255gateway = 202.118.66.1
IFCONFIG ETH0 $ NETMASK $ BROADCAST $
Route Add -net $
["$"] && route add default GW $ metric 1
14. / etc / bashrc /etc/csh.cshrc / etc / profile
/ ETC / Bashrc Bash (Bourne Again Shell) Runtime Command
Shell Script is using the most
System User Default Environmental Settings, Path, Umask, Term Type
/etc/csh.cshrc CSH Runtime Command
15. / etc / ftpaccess
FTP access control file, file location varies, pass
#egrep ftp /etc/inetd.conf
FTP Stream TCP NOWAIT ROOT / USR / SBIN / TCPD IN.FTPD -L -A
^^^^^^
FTP server daemon file name
#ewhich in.ftpd
/usr/sbin/in.ftpd
#strings /usr/sbin/in.ftpd | Egrep ftpaccess
/ etc / ftpaccess
The relevant configuration is described in the FTP server configuration.
16. / ETC / FTPUSERS
Ftp users are not allowed, generally include root, uucp, bin, etc.
17. / etc / ftpconvions / etc / ftpgroups
FTP server configuration file
18. / etc / group user group file
19. /etc/sendmail.cf (linux) Sendmail (Email server) configuration file
/etc/sendmail.cw Local host name
Host name: gingko.dlut.edu.cn
I hope to receive:
User@gingko.dlut.edu.cn
User@mail.dlut.edu.cn
User@dlut.edu.cn
/ ETDC / AliaseS mail alias file
/etc/aliases.db email alias binary data file, use newaliases to establish
/etc/sendmail.hf sendmail help file,
$ Telnet MailServer 25
Trying 202.118.66.8 ...
Connected to Gingko.
Escape Character is '^]'.
220 gingko.dlut.edu.cn Esmtp sendmail 8.9.1 / 8.9.1; Tue, 2 Feb 1999 10:41:20 080
0 (CST)
Help
214-this Is Sendmail Version 8.9.1
214-Topics:
214- Helo Ehlo Mail Rcpt Data
214- Rset Noop Quit Help VRFY
214- EXPN VERB ETRN DSN
214-for more info use "help".
214-TO Report Bugs in The Implementation Send Email To
214-
Sendmail-bugs@sendmail.org.
214-for local information send email to postmaster at your site.
214 End of Help Info
The above directory structure is Linux directory structure, the Solaris 2.x directory structure is:
/etc/mail/sendmail.cf
/etc/mail/sendmail.cw
/etc/mail/sendmail.hf
/ etc / mail / aliases
/etc/mail/aliases.db
20. / etc / ISSUE system enters the information (main control desk)
Information display information when /etc/issue.net telnet (Strings In.Telnetd | Egrep Issue)
/ etc / motord user enters the system prompt information
21. /etc/named.boot
DNS (Bind 4.9.x) boot file
Example file: (CACHING Only Server)
Directory / etc / namedb
Primary 0.0.127.in-addr.Arpa named.local
Cache. root.cache
Where root.cache files can be obtained by DIG:
Dig @ ns.internic.net. ns> /etc/namedb/root.cache
The name of the named.local file is as follows:
@ In SOA localhost. Root.localhost.
199020301
10800
3600
86400
86400)
IN ns localhost.
1 in ptr localhost.
/etc/named.conf
DNS (bind 8.1.x) boot file
(Under Redhat 5.2 available /usr/doc/bind-8.1.2/named-bootconf.pl will be bind 4.9.x
The named.boot file is converted to bind8 named.conf file format, the execution process is as follows:
/usr/doc/bind-8.1.2/named-boot.boot> /etc/named.conf)
22. /etc/host.equiv
$ Homen / .rhosts
R * (Rlogin, RSH, RCP, REXEC "service trust host
format:
Host Name (FQDN) User List
23. /etc/ld.so.conf (Linux)
Dynamic Link Library Directory list, corresponding command ldconfig
$ Ld_library_path Solaris under the corresponding environment variable
List the dynamic link library used by the corresponding file with LDD
/ etc / default [119] LDD / USR / UCB / LS
Libc.so.1 => /usr/lib/libc.so.1
Libdl.so.1 => /usr/lib/libdl.so.1
* After modifying this file, use the command ldconfig to regenerate the directory list and the list of connection files.
24. /etc/pam.d/login (Linux redhat)
Auth request /lib/security/pam_securetty.so
/ etc / securetty (linux redhat, debian)
ROOT logged in the terminal device list, TTY [1-8] is the device on the main console,
TTYP * (Linux) Remote Login Terminal (Telnet) device
/ etc / default / login (Solaris)
# I10.10, root can only login onhat device.
# Comment this line out to allow recapote login by root.
#
Console = / dev / console
Note You can allow superuser root to log in from the remote host Telnet
/etc/login.defs linux debian login control file
25. Linux loader /etc/lilo.conf
Multiple start files,
**** After modifying this file, you must perform LILO,
**** Re-install new Linux kernel to modify this file and perform LILO
26. /etc/syslog.conf
Syslogd Configuration File,
27. /etc/smb.conf
Samba server profile, share Linux file system with Windows 9x / NT
28. / etc / nologin system does not want the user to log in when you want to shut down, this file is generated, this file is displayed to the user.
Refused information, users can't enter the system at this time. If there is this file when the system restarts,
Any user cannot use the system after the machine is started, at which point it is possible to consider the file from the floppy disk or disc boot to delete this file, then
Restart the system.
29. / etc / security
Setting those terminals allow root to log in, in general, set to only the user on the console may use root.
Note: The PAM mechanism is used under RedHat, the corresponding file is / etc / securetty.
30. / ETC / X11 / *
Xfree86 profile.
31. / etc / shells
Users can use the shell list, if you force the / etc / passwd file, you can also use it in the list
The shell program, but users who are not in this list will not be able to use the FTP to connect the system.
32. / ETC / MTAB
The information created when the system is started, the content is the file system already mount, this file content is dynamic
New, reference / proc / mounts.
