2009年2月15日 星期日

在 CentOS 5.2 上安裝 JRE (Java rumtime)

http://java.sun.com/javase/downloads/index.jsp 下載 java for linux rpm檔案 , rpm版本會自動設定路徑
(假設下載檔名 jre.bin) 下載後 chmod 755 jre.bin
./jre.bin
讀完License agreement 後輸入 yes
就會動解壓縮安裝完成
安裝的檔案會到 /usr/java/default
測試安裝版本 java -version

2009年2月14日 星期六

Java Server 以AES加密資料透過 socket 傳輸到 Flex3 client 範例

這個範例是以 J2SE撰寫Server , 讓Flex3客戶端以socket連接到Server然後Server的資料以AES 128bit ECB PKCS5Padding加密傳輸到Flex3 , Flex3使用 com.hurlant.crypto.Crypto 套件解密 AES。

使用的 IDE工具為
Java : NetBeans IDE 6.5 + JDK1.6(J2SE)
Flex3 : AdobeFlex Builder 3 + Hurlant加解密套件

Source code 未經整理 , 只是純心得記錄!

Java Server 部分的 code: Server.java (要把 hurlant套件放在同一個 src 目錄下)
package servertest;

import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.net.ServerSocket;
import java.net.Socket;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.LinkedList;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.SecretKeySpec;

public class Server extends ServerSocket {

private static ArrayList User_List = new ArrayList();
private static ArrayList Threader = new ArrayList();
private static int Thread_Counter = 0;
protected static final int SERVER_PORT = 8108;
DateFormat fDT = new SimpleDateFormat("yyyy/M/d H:m:s.S");
public static byte[] ciphertext;

public static void main(String[] args) throws IOException {

byte[] myKey = "1234567887654321".getBytes();
byte[] bText = "Kirk".getBytes();


byte[] decrypted;

SecretKeySpec key = new SecretKeySpec(myKey, "AES");

try {
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key);
ciphertext = cipher.doFinal(bText);
System.out.println(new String(ciphertext));
cipher.init(Cipher.DECRYPT_MODE, key);
decrypted = cipher.doFinal(ciphertext);
System.out.println(new String(decrypted));
} catch (IllegalBlockSizeException ex) {
Logger.getLogger(Server.class.getName()).log(Level.SEVERE, null, ex);
} catch (BadPaddingException ex) {
Logger.getLogger(Server.class.getName()).log(Level.SEVERE, null, ex);
} catch (InvalidKeyException ex) {
Logger.getLogger(Server.class.getName()).log(Level.SEVERE, null, ex);
} catch (NoSuchAlgorithmException ex) {
Logger.getLogger(Server.class.getName()).log(Level.SEVERE, null, ex);
} catch (NoSuchPaddingException ex) {
Logger.getLogger(Server.class.getName()).log(Level.SEVERE, null, ex);
}

new Server();
}

public Server() throws FileNotFoundException, IOException {
super(SERVER_PORT);
new Broadcast();

try {
while (true) {
Socket socket = accept();
new CreateServerThread(socket);
}
} finally {
close();
}
}

class Broadcast extends Thread {

private byte[] EncryptS(String S) {
byte[] ciphertext = null;
byte[] myKey = "1234567887654321".getBytes();
try {
SecretKeySpec key = new SecretKeySpec(myKey, "AES");
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key);
ciphertext = cipher.doFinal(S.getBytes());
} catch (IllegalBlockSizeException ex) {
Logger.getLogger(Server.class.getName()).log(Level.SEVERE, null, ex);
} catch (BadPaddingException ex) {
Logger.getLogger(Server.class.getName()).log(Level.SEVERE, null, ex);
} catch (InvalidKeyException ex) {
Logger.getLogger(Server.class.getName()).log(Level.SEVERE, null, ex);
} catch (NoSuchAlgorithmException ex) {
Logger.getLogger(Server.class.getName()).log(Level.SEVERE, null, ex);
} catch (NoSuchPaddingException ex) {
Logger.getLogger(Server.class.getName()).log(Level.SEVERE, null, ex);
}
return ciphertext;
}

public Broadcast() {
start();
}

@Override
public void run() {
while (true) {
Date Now = new Date();
for (int i = 0; i < Threader.size(); i++) {
CreateServerThread client = (CreateServerThread) Threader.get(i);
client.sendMessage(EncryptS("0300," + fDT.format(Now)));
//client.sendMessage(Server.ciphertext);
}
try {
Thread.sleep(800);
} catch (InterruptedException ex) {
Logger.getLogger(Server.class.getName()).log(Level.SEVERE, null, ex);
}
}
}
}

class RecvThread extends Thread {

private Socket client;
private BufferedReader in;

public RecvThread(Socket s) throws IOException {
client = s;
in = new BufferedReader(new InputStreamReader(client.getInputStream()));
start();
}

@Override
public void run() {
String s = "";
while (!client.isClosed()) {
try {
if ((s = in.readLine()) != null) {
System.out.println(s);
} else if (s == null) {
client.close();
}
} catch (IOException ex) {
Logger.getLogger(Server.class.getName()).log(Level.SEVERE, null, ex);
}
}
}
}


//--- CreateServerThread
class CreateServerThread extends Thread {

private Socket client;
private BufferedReader in;
private DataOutputStream out;
private String Username;
private LinkedList MSGs = new LinkedList();
private Date lastResponse = new Date();

public CreateServerThread(Socket s) throws IOException {
client = s;
in = new BufferedReader(new InputStreamReader(client.getInputStream()));
//out = new PrintWriter(client.getOutputStream(), true);
out = new DataOutputStream(client.getOutputStream());
new RecvThread(client);
start();
}

public void sendMessage(byte[] msg) {
System.out.println(msg);
if (msg != null) {
MSGs.add(msg);
}
}

@Override
public void run() {
try {
Thread_Counter++;
Threader.add(this);

String s;
while (!client.isClosed()) {
if (MSGs.size() > 0) {
//String tmm = (String) MSGs.getFirst();
//MSGs.removeFirst();
byte[] tmn = (byte[]) MSGs.getFirst();
out.write(tmn, 0, tmn.length);
//out.println(tmn);
MSGs.removeFirst();
}
Thread.sleep(20);
}
client.close();
} catch (InterruptedException ex) {
Logger.getLogger(Server.class.getName()).log(Level.SEVERE, null, ex);
} catch (IOException ex) {
Logger.getLogger(Server.class.getName()).log(Level.SEVERE, null, ex);
} finally {
try {
client.close();
} catch (IOException e) {
}
Thread_Counter--;
Threader.remove(this);
User_List.remove(Username);
}
}
}
}

Flex的source code如下: EncReceiver.as
package
{
import com.hurlant.crypto.Crypto;
import com.hurlant.crypto.symmetric.ICipher;
import com.hurlant.util.Hex;

import flash.display.Shape;
import flash.display.Sprite;
import flash.events.TimerEvent;
import flash.external.ExternalInterface;
import flash.utils.ByteArray;
import flash.utils.Timer;

public class EncReceiver extends Sprite
{
private var socket:CustomSocket;
private var tt:Timer;
private var tt1:Timer;
private var CGUID:String="";
private var BBHOST:String="";
private var BBPORT:String="";
private var FIN:String="";
private var isConnecting:Boolean=false;
private var circle:Shape;
private var loc:Boolean=false;

private var key:ByteArray;
private var cipher:ICipher;

private var data:ByteArray;
private var EncString:String="";

private var dcounter:int=0;

public function EncReceiver()
{
ExternalInterface.addCallback("ENCODE", onENCODE);
ExternalInterface.addCallback("DECODE", onDECODE);

key=Hex.toArray("b6e39f9ee5f571ba9496f068c9d390ad");
cipher=Crypto.getCipher("aes128-ecb", key);

circle=new Shape();
circle.graphics.beginFill(0xff0000, 0.5);
circle.graphics.drawCircle(10, 10, 10);
circle.graphics.endFill();
addChild(circle);


CGUID=root.loaderInfo.parameters["CGUID"];
//BBHOST = root.loaderInfo.parameters["BBHOST"];
//BBPORT = root.loaderInfo.parameters["BBPORT"];
BBHOST="ap1.spp888.com";
BBPORT="7070";

BBHOST="192.168.88.140";
BBPORT="8108";

socket = new CustomSocket(BBHOST,int(BBPORT));

tt=new Timer(500, 0);
tt.addEventListener(TimerEvent.TIMER, onTT);
tt.start();
tt1=new Timer(100, 0);
tt1.addEventListener(TimerEvent.TIMER, onTT1);
tt1.start();
}

private function onENCODE():void
{
EncString="Hello 我是帥哥... 這是 AES128bits 加密系統... 你好嘛??";
data=Hex.toArray(Hex.fromString(EncString));
cipher.encrypt(data);
ExternalInterface.call("setFOUT", Hex.fromArray(data));
}


private function onDECODE():void
{
cipher.decrypt(data);
ExternalInterface.call("setFOUT", Hex.toString(Hex.fromArray(data)));
}


private function onTT1(event:TimerEvent):void
{
if (socket)
if (socket.connected)
{
circle.graphics.clear();
circle.graphics.beginFill(0x00ff00, 0.8);
if (loc)
{
circle.graphics.drawCircle(20, 10, 10);
}
else
{
circle.graphics.drawCircle(10, 10, 10);
}
circle.graphics.endFill();
loc=!loc;
dcounter=0;
}
else
{
circle.graphics.clear();
circle.graphics.beginFill(0xff0000, 0.8);
if (loc)
{
circle.graphics.drawCircle(20, 10, 10);
}
else
{
circle.graphics.drawCircle(10, 10, 10);
}
circle.graphics.endFill();
dcounter++;
//ExternalInterface.call("setFOUT", "disconnected : " + dcounter);
isConnecting=false;
tt.start(); //try connect
}

}

private function onTT(event:TimerEvent):void
{
if (!isConnecting)
{
//ExternalInterface.call("showalert", "connect");
//socket=new CustomSocket(BBHOST, int(BBPORT));
socket.getconnect();

isConnecting=true;
}

if (socket.connected)
{
tt.stop();
trace("timer stop!");
//loginto();
}
}

private function loginto():void
{
socket.writeln("100"); //獲得全部期貨商品資料
socket.writeln("109"); //獲得全部期貨商品資料
}

}
}

import flash.errors.*;
import flash.events.*;
import flash.net.Socket;
import mx.utils.StringUtil;
import flash.external.ExternalInterface;
import com.hurlant.crypto.Crypto;
import com.hurlant.crypto.symmetric.ICipher;
import com.hurlant.util.Hex;
import flash.utils.ByteArray;

class CustomSocket extends Socket
{

public var response:String="";
public var FOUT:String="";
public var FOUTINDEX:String="";

private var key:ByteArray;
private var cipher:ICipher;

private var data:ByteArray;
private var EncString:String="";

private var bbhost:String="";
private var bbport:int=0;


public function CustomSocket(host:String=null, port:uint=0)
{
bbhost = host;
bbport = port;
super();
configureListeners();
}

public function getconnect():void {
super.connect(bbhost, bbport);
}

private function configureListeners():void
{
addEventListener(Event.CLOSE, closeHandler);
addEventListener(Event.CONNECT, connectHandler);
addEventListener(IOErrorEvent.IO_ERROR, ioErrorHandler);
addEventListener(SecurityErrorEvent.SECURITY_ERROR, securityErrorHandler);
addEventListener(ProgressEvent.SOCKET_DATA, socketDataHandler);
}

public function writeln(str:String):void
{
str+="\r\n";
try
{
writeUTFBytes(str);
flush();
}
catch(e:IOError)
{
trace(e);
}
}

private function readResponse():void
{
var bytes:ByteArray=new ByteArray();
readBytes(bytes, 0, bytesAvailable);

//var str:String = readUTFBytes(bytesAvailable);
//response = str;
//trace("resp:" + response);
//用 0XOA 0XOD 切 TOKEN

//var bb:Array = str.split("\r\n");

key=Hex.toArray(Hex.fromString("1234567887654321"));
cipher=Crypto.getCipher("aes128-ecb", key);


//for (var i:int=0;i<bb.length-1;i++) {
//var sstr:String = bb[i];
data=bytes;
cipher.decrypt(data);
ExternalInterface.call("setFOUT", Hex.toString(Hex.fromArray(data)));
//}


}

private function closeHandler(event:Event):void
{
trace("closeHandler: " + event);
trace(response.toString());
}

private function connectHandler(event:Event):void
{
trace("connectHandler: " + event);
//sendRequest();
}

private function ioErrorHandler(event:IOErrorEvent):void
{
trace("ioErrorHandler: " + event);
}

private function securityErrorHandler(event:SecurityErrorEvent):void
{
trace("securityErrorHandler: " + event);
}

private function socketDataHandler(event:ProgressEvent):void
{
trace("socketDataHandler: " + event);
readResponse();
}
}

Flex3 跑的 html code 如下 : EncReceiver.html (EncReceivere.swf要放在同一個目錄)
<!-- saved from url=(0014)about:internet -->
<html lang="en">

<!--
Smart developers always View Source.

This application was built using Adobe Flex, an open source framework
for building rich Internet applications that get delivered via the
Flash Player or to desktops via Adobe AIR.

Learn more about Flex at http://flex.org
// -->

<head>
<meta http-equiv="Content-Type" content="text/html; charset=big5" />

<!-- BEGIN Browser History required section -->
<link rel="stylesheet" type="text/css" href="history/history.css" />
<!-- END Browser History required section -->

<title></title>
<script src="AC_OETags.js" language="javascript"></script>

<!-- BEGIN Browser History required section -->
<script src="history/history.js" language="javascript"></script>
<!-- END Browser History required section -->

<style>
body { margin: 0px; overflow:hidden }
</style>
<script language="JavaScript" type="text/javascript">
<!--
// -----------------------------------------------------------------------------
// Globals
// Major version of Flash required
var requiredMajorVersion = 9;
// Minor version of Flash required
var requiredMinorVersion = 0;
// Minor version of Flash required
var requiredRevision = 124;
// -----------------------------------------------------------------------------
// -->

var flashplayer;

function detectFP() {
if (navigator.appName.indexOf("Microsoft") != -1) {
flashplayer = window.EncReceiver;
} else {
//alert("no IE");
flashplayer = window.document.EncReceiver;
}
}


function showalert(ttt) {
alert(ttt);
}

function getPARAM(ttt) {
return document.getElementById(ttt).value;
}

function setFOUT(ttt) {
document.getElementById("fooo").innerHTML = ttt;
}


</script>
</head>

<body onload="detectFP();">
<script language="JavaScript" type="text/javascript">
<!--
// Version check for the Flash Player that has the ability to start Player Product Install (6.0r65)
var hasProductInstall = DetectFlashVer(6, 0, 65);

// Version check based upon the values defined in globals
var hasRequestedVersion = DetectFlashVer(requiredMajorVersion, requiredMinorVersion, requiredRevision);

if ( hasProductInstall && !hasRequestedVersion ) {
// DO NOT MODIFY THE FOLLOWING FOUR LINES
// Location visited after installation is complete if installation is required
var MMPlayerType = (isIE == true) ? "ActiveX" : "PlugIn";
var MMredirectURL = window.location;
document.title = document.title.slice(0, 47) + " - Flash Player Installation";
var MMdoctitle = document.title;

AC_FL_RunContent(
"src", "playerProductInstall",
"FlashVars", "MMredirectURL="+MMredirectURL+'&MMplayerType='+MMPlayerType+'&MMdoctitle='+MMdoctitle+"",
"width", "35",
"height", "25",
"align", "middle",
"id", "EncReceiver",
"quality", "high",
"bgcolor", "#ffffff",
"name", "EncReceiver",
"allowScriptAccess","sameDomain",
"type", "application/x-shockwave-flash",
"pluginspage", "http://www.adobe.com/go/getflashplayer"
);
} else if (hasRequestedVersion) {
// if we've detected an acceptable version
// embed the Flash Content SWF when all tests are passed
AC_FL_RunContent(
"src", "EncReceiver",
"width", "35",
"height", "25",
"align", "middle",
"id", "EncReceiver",
"quality", "high",
"bgcolor", "#ffffff",
"name", "EncReceiver",
"allowScriptAccess","sameDomain",
"type", "application/x-shockwave-flash",
"pluginspage", "http://www.adobe.com/go/getflashplayer"
);
} else { // flash is too old or we can't detect the plugin
var alternateContent = 'Alternate HTML content should be placed here. '
+ 'This content requires the Adobe Flash Player. '
+ '<a href=http://www.adobe.com/go/getflash/>Get Flash</a>';
document.write(alternateContent); // insert non-flash content
}


// -->
</script>
<noscript>
<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" name="EncReceiver"
id="EncReceiver" width="35" height="25"
codebase="http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab">
<param name="movie" value="EncReceiver.swf" />
<param name="quality" value="high" />
<param name="bgcolor" value="#ffffff" />
<param name="allowScriptAccess" value="sameDomain" />
<param name="FlashVars" value="CGUID={CGUID}&BBHOST=ap1.stw888.com&BBPORT=8009" />
</object>
</noscript>
<p>
<input type=button name=aaa value="Encode" onclick="flashplayer.ENCODE();">
<input type=button name=aaa value="Decode" onclick="flashplayer.DECODE();"><br>
<span id=fooo></span>
</body>
</html>


執行的時候先把 Java Server 跑起來

然後再跑 flex , 這時 IE 會被帶起來 , 成功執行後 , 會再 IE 下面顯示 0300,現在時間 , 如果時間有一直更新則為正確執行

這個 Flex 有斷線自動重連的機制

如果非本機執行 , 則要考慮 FlashPolicy 的問題 (Java Server 可以把 policy xml 加到連線送的資料上去)

2009年2月13日 星期五

iptables 基本防禦設定

iptables給web伺服器用的基本防禦設定

# 設定核心的安全相關參數
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
echo 1 > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
echo 0 > /proc/sys/net/ipv4/conf/all/accept_source_route
echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects
echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
echo 3 > /proc/sys/net/ipv4/tcp_retries1
echo 30 > /proc/sys/net/ipv4/tcp_fin_timeout
echo 1400 > /proc/sys/net/ipv4/tcp_keepalive_time
echo 0 > /proc/sys/net/ipv4/tcp_window_scaling
echo 0 > /proc/sys/net/ipv4/tcp_sack
echo 0 > /proc/sys/net/ipv4/tcp_timestamps

 

# 允許流經 lookback 介面的封包進出
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A INPUT -i ! lo -s 127.0.0.0/8 -j DROP
iptables -A OUTPUT -o ! lo -d 127.0.0.0/8 -j DROP

 

# 將可疑封包丟棄
iptables -A INPUT -m state --state INVALID -j DROP
iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags FIN,RST FIN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,FIN FIN -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,URG URG -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,PSH PSH -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL FIN -j DROP

CentOS 5.2 + Apache2 + PHP5 + GD + FreeType + FreeTDS + jpeg6 + zlib + libpng 完整可用安裝方法

注意事項 :
預設把所有套件裝在 /usr/local/web/ 底下
不需要的設定請自行斟酌
下載的檔案都暫時先放在 /tmp


安裝步驟 :

開機放入 CentOS 5.2 iso DVD
安裝套件請不要選擇任何套件 (把 KDE 的選項拿掉)
按照設定安裝到完成後重開機 (把DVD移出)

重開機後
Firewall 把防火牆關掉

把以下不需要的Service 都停掉
apmd
autofs
bluetooth
cups
hidd
ip6table
isdn
pcscd
pcmcia
sendmail
yum-updatesd
設定完成後登入
 
找尋最快 yum server
yum install yum-fastestmirror -y
 
 
同步時間 , 如果沒有 ntpdate , 要先
yum install ntp -y
 
每小時同步時間
若要設定每天執行一次
vi /etc/cron.hourly/ntpdate.sh
新增指令檔 “ntpdate.sh”,內容如下:
 
#! /bin/bash
ntpdate time.stdtime.gov.tw
hwclock --systohc
 
chmod 755 /etc/cron.hourly/ntpdate.sh 
 
更新套件
yum update -y
 
設定 DNS Server
vi /etc/resolv.conf
 
nameserver 168.95.1.1
nameserver 139.175.55.244
 
 

安裝編譯工具
yum groupinstall 'Development Tools' -y
yum install gettext -y
yum install libxml2 libxml2-devel -y

mkdir /usr/local/web/

cd /tmp
安裝jpeg6
cd /tmp
tar zxvf jpegsrc.v6b.tar.gz
cd jpeg-6b
mkdir /usr/local/web/jpeg6
mkdir /usr/local/web/jpeg6/bin
mkdir /usr/local/web/jpeg6/lib
mkdir /usr/local/web/jpeg6/include
mkdir /usr/local/web/jpeg6/man
mkdir /usr/local/web/jpeg6/man/man1
./configure --prefix=/usr/local/web/jpeg6/ --enable-shared --enable-static
make ; make install

安裝 zlib
cd /tmp
cd zlib-1.2.3
./configure --prefix=/usr/local/web/zlib
make ; make install

安裝 libpng
cd /tmp
tar zxvf libpng-1.2.34.tar.gz
cd libpng-1.2.34
./configure --prefix=/usr/local/web/libpng
make ; make install

安裝 freetype
cd /tmp
cd freetype-2.3.7
./configure --prefix=/usr/local/web/freetype
make ; make install

安裝 gd
cd /tmp
cd gd-2.0.35
./configure --prefix=/usr/local/web/gd --with-jpeg=/usr/local/web/jpeg6/ --with-png=/usr/local/web/libpng --with-zlib=/usr/local/web/zlib --with-freetype=/usr/local/web/freetype/
vi gd_png.c
把 include "png.h"改成 include "/usr/local/web/libpng/include/png.h"
make ; make install

安裝 freetds
cd /tmp
cd freetds-0.82
./configure --prefix=/usr/local/web/freetds --with-tdsver=8.0 --enable-msdblib
make ; make install
touch /usr/local/web/freetds/include/tds.h
touch /usr/local/web/freetds/lib/libtds.a

安裝 apache2
cd /tmp
cd httpd-2.2.11
./configure --prefix=/usr/local/web/apache2 --enable-so --enable-info --enable-rewrite --enable-mime-magic --with-mpm=worker
make ; make install
(prefork 比較慢 , 不採用 , 除非有相容的問題)#./configure --prefix=/usr/local/web/apache2 --enable-so --enable-info --enable-rewrite --enable-mime-magic

安裝 php
cd /tmp
cd php-5.2.8
./configure --prefix=/usr/local/web/php --with-jpeg-dir=/usr/local/web/jpeg6 --with-zlib=/usr/local/web/zlib --with-png-dir=/usr/local/web/libpng --with-gd=/usr/local/web/gd --with-freetype-dir=/usr/local/web/freetype --with-mssql=/usr/local/web/freetds --enable-magic-quotes --with-apxs2=/usr/local/web/apache2/bin/apxs
make ; make install


修改 FreeTDS 設定 (也可以直接COPY設定好的機器
 rsync -av -e ssh root@192.168.1.xx:/usr/local/web/freetds/etc/freetds.conf /usr/local/web/freetds/etc/freetds.conf  )
 
vi /usr/local/web/freetds/etc/freetds.conf
最後面加上需要連結的 MSSQL Server
[31_db]
host = 192.168.1.xx
port = 1433
client charset = UTF-8
tds version = 8.0
 
 
把 httpd.conf , vhost.conf 放到 /usr/local/web/apache2/conf

把 php.ini 放到 /usr/local/web/php/lib

編輯  vi /etc/rc.d/rc.local
新增一行
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
防禦 SYN 攻擊

重開機並啟動 apache 服務 /usr/local/web/apache2/bin/apachectl -k start


Adobe Flex Builder 3 源始碼格式化 FlexFormatter

先下載 Flex Formatter  http://sourceforge.net/projects/flexformatter/

把下載的 jar 檔案放到 Flex Builder 3 目錄的 plugins 目錄 (預設目錄 C:\Program Files\Adobe\Flex Builder 3\plugins\ )

啟動 Flex Builder , 就會再 tool bar 上看到多兩個小 icon

VMware ESXi 3.5 複製clone VM 的方法

到 ESXi 的主控端(主機上) , 按 alt-F1
打入  unsupported
打入提示的root密碼
這時候出現主控端  , 打入 vi /etc/inetd.conf
找到 #ssh (可以按 "/" 然後 ssh)
把 #ssh 前面的 #井號刪掉 (可以在井號上按 x)
然後按 :wq 儲存離開 
按 alt-F2 可以回到主控端的待機畫面
然後把 ESXi 重新開機 (記得先 Poweroff VM)

用 ssh 軟體連線到 ESXi 的 ip

登入以後找到要複製的原始 vmdk  (例如/vmfs/volumes/datastore1/CentOS52i386/CentOS52i386.vmdk )
假入要複製成為的VM為 /vmfs/volumes/datastore1/CentOS-71/CentOS71.vmdk

先建立新的VM的目錄 mkdir /vmfs/volumes/datastore1/CentOS-71

然後用 vmkfstools -i /vmfs/volumes/datastore1/CentOS52i386/CentOS52i386.vmdk /vmfs/volumes/datastore1/CentOS-71/CentOS71.vmdk
就會開始複製了

大約幾分鐘後就會完成了 , 在 /vmfs/volumes/datastore1/CentOS-71 目錄下看到 vmdk檔
離開ssh

完成後回到 VMware Infrastructure Client 新增一個 VM 
Virtual Machine Configuration 選 Custom
在 Disk 部分選擇 Use an existing virtual disk , 然後選擇剛剛那個複製的 vmdk
這樣就完成了
可以 Power on VM 試試看囉

追蹤者