📄 etc目录文件介绍.htm
字号:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<!-- saved from url=(0048)http://www.linuxforum.net/books/jy/M.924793469.A -->
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=gb2312">
<META content="MSHTML 6.00.2800.1106" name=GENERATOR></HEAD>
<BODY><PRE>发信人: albin (阿乐斌), 信区: LINUX
标 题: LINUX选修课讲义:/etc目录文件介绍
发信站: 碧海青天 (Fri Apr 23 00:22:02 1999), 转信
版权声明:
本文内容为大连理工大学LINUX选修课讲义,欢迎大家转载,但禁止使用本材料进行
任何商业性或赢利目活动。转载时请本保留版权声明。
作者:何斌武,hbwork@dlut.edu.cn,大连理工大学网络中心,April 1999.
URL: ftp://ftp.dlut.edu.cn/pub/PEOPLE/albin/
------------------------------------------------------------------------------
3. 网络配置文件
3.1 /etc/hosts
#/etc/hosts
#文件格式: IPaddress hostname aliases
#文件功能: 提供主机名到IP地址的对应关系,建议将自己经常使用的主机
# 加入此文件中,也可将没有DNS记录的机器加入到此文件中,
# 这样会方便网络应用
127.0.0.1 localhost localhost.localdomain
202.118.66.81 helius.dlut.edu.cn helius
3.2 /etc/resolv.conf
文件功能:DNS客户机配置文件,设置DNS服务器的IP地址及DNS域名
相关文件:/etc/host.conf
文件格式:
domainname 域名
search 域名
nameserver Primary_DNS_Server_IP_address
nameserver Second_DNS_Server_IP_address
其中domainname和search可同时存在,也可只有一个;nameserver可指定多个
示例文件内容:
search dlut.edu.cn
nameserver 202.118.66.6
3.3 /etc/host.conf
功能:指定主机名查找方法,通常指先查找文件/etc/hosts,找不到时再向DNS服务器请求。
对于大多数用户不用改动此文件内容。
Linux: /etc/host.conf文件内容
order hosts, bind
multi on
Soalris: /etc/nsswitch.conf 中的hosts项
hosts files, dns
3.4 /etc/HOSTNAME ( Linux Redhat 5.x Distribution)
功能:设置主机名,不同LINUX之间可能有所差别,请使用
egrep hostname /etc/rc.d/init.d/*
或
egrep hostname /etc/init.d/*
查找相应版本上的主机名设置文件及方法。
Linux Redhat 5.x对应文件: /etc/sysconfig/network的HOSTNAME项。
3.5 /etc/inetd.conf
Internet 超级服务器, 相关程序: /usr/sbin/inetd
相应服务:
telnet
ftp
pop3
r* rsh rcp rlogin (建议最好关闭r服务)
其他服务最好关掉
#
# inetd.conf This file describes the services that will be available
# through the INETD TCP/IP super server. To re-configure
# the running INETD process, edit this file, then send the
# INETD process a SIGHUP signal.
#
# Version: @(#)/etc/inetd.conf 3.10 05/27/93
#
# Authors: Original taken from BSD UNIX 4.3/TAHOE.
# Fred N. van Kempen, <waltje@uwalt.nl.mugnet.org>
#
# Modified for Debian Linux by Ian A. Murdock <imurdock@shell.portal.com>
#
# Modified for RHS Linux by Marc Ewing <marc@redhat.com>
#
# <service_name> <sock_type> <proto> <flags> <user> <server_path> <args>
#
# Echo, discard, daytime, and chargen are used primarily for testing.
#
# To re-read this file after changes, just do a 'killall -HUP inetd'
#
#echo stream tcp nowait root internal
#echo dgram udp wait root internal
#discard stream tcp nowait root internal
#discard dgram udp wait root internal
#daytime stream tcp nowait root internal
#daytime dgram udp wait root internal
#chargen stream tcp nowait root internal
#chargen dgram udp wait root internal
#
# These are standard services.
#
ftp stream tcp nowait root /usr/sbin/tcpd in.ftpd -l -a
telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd
gopher stream tcp nowait root /usr/sbin/tcpd gn
# do not uncomment smtp unless you *really* know what you are doing.
# smtp is handled by the sendmail daemon now, not smtpd. It does NOT
# run from here, it is started at boot time from /etc/rc.d/rc#.d.
#smtp stream tcp nowait root /usr/bin/smtpd smtpd
#nntp stream tcp nowait root /usr/sbin/tcpd in.nntpd
#
# Shell, login, exec and talk are BSD protocols.
#
shell stream tcp nowait root /usr/sbin/tcpd in.rshd
login stream tcp nowait root /usr/sbin/tcpd in.rlogind
#exec stream tcp nowait root /usr/sbin/tcpd in.rexecd
talk dgram udp wait root /usr/sbin/tcpd in.talkd
ntalk dgram udp wait root /usr/sbin/tcpd in.ntalkd
#dtalk stream tcp waut nobody /usr/sbin/tcpd in.dtalkd
#
# Pop and imap mail services et al
#
pop-2 stream tcp nowait root /usr/sbin/tcpd ipop2d
pop-3 stream tcp nowait root /usr/sbin/tcpd ipop3d
imap stream tcp nowait root /usr/sbin/tcpd imapd
#
# The Internet UUCP service.
#
#uucp stream tcp nowait uucp /usr/sbin/tcpd /usr/lib/uucp/uucico -l
#
# Tftp service is provided primarily for booting. Most sites
# run this only on machines acting as "boot servers." Do not uncomment
# this unless you *need* it.
#
#tftp dgram udp wait root /usr/sbin/tcpd in.tftpd
#bootps dgram udp wait root /usr/sbin/tcpd bootpd
#
# Finger, systat and netstat give out user information which may be
# valuable to potential "system crackers." Many sites choose to disable
# some or all of these services to improve security.
#
# cfinger is for GNU finger, which is currently not in use in RHS Linux
#
finger stream tcp nowait root /usr/sbin/tcpd in.fingerd
#cfinger stream tcp nowait root /usr/sbin/tcpd in.cfingerd
#systat stream tcp nowait guest /usr/sbin/tcpd /bin/ps -auwwx
#netstat stream tcp nowait guest /usr/sbin/tcpd /bin/netstat -f inet
#
# Time service is used for clock syncronization.
#
time stream tcp nowait nobody /usr/sbin/tcpd in.timed
time dgram udp wait nobody /usr/sbin/tcpd in.timed
#
# Authentication
#
auth stream tcp nowait nobody /usr/sbin/in.identd in.identd -l -e -o
#
# End of inetd.conf
linuxconf stream tcp wait root /bin/linuxconf linuxconf --http
3.6 inetd.conf相关文件/etc/services(SYSV/BSD/LINUX相同)
基本不用编辑,linux自带的已包含大部分服务, Solaris 可能需要增加(POP3),
参考相应的服务器安装说明,在此文件中列出了所有可用的网络服务。
#
# services This file describes the various services that are
# available from the TCP/IP subsystem. It should be
# consulted instead of using the numbers in the ARPA
# include files, or, worse, just guessing them.
#
# Version: @(#)/etc/services 2.00 04/30/93
#
# Author: Fred N. van Kempen, <waltje@uwalt.nl.mugnet.org>
#
# 文件格式:服务名称 端口号/协议 服务别名
tcpmux 1/tcp # rfc-1078
echo 7/tcp
echo 7/udp
discard 9/tcp sink null
discard 9/udp sink null
systat 11/tcp users
daytime 13/tcp
daytime 13/udp
netstat 15/tcp
qotd 17/tcp quote
chargen 19/tcp ttytst source
chargen 19/udp ttytst source
ftp-data 20/tcp
ftp 21/tcp
telnet 23/tcp
smtp 25/tcp mail
time 37/tcp timserver
time 37/udp timserver
rlp 39/udp resource # resource location
name 42/udp nameserver
whois 43/tcp nicname # usually to sri-nic
domain 53/tcp
domain 53/udp
mtp 57/tcp # deprecated
bootps 67/udp # bootp server
bootpc 68/udp # bootp client
tftp 69/udp
gopher 70/tcp # gopher server
rje 77/tcp
finger 79/tcp
http 80/tcp # www is used by some broken
www 80/tcp # progs, http is more correct
link 87/tcp ttylink
kerberos 88/udp kdc # Kerberos authentication--udp
kerberos 88/tcp kdc # Kerberos authentication--tcp
supdup 95/tcp # BSD supdupd(8)
hostnames 101/tcp hostname # usually to sri-nic
iso-tsap 102/tcp
x400 103/tcp # ISO Mail
x400-snd 104/tcp
csnet-ns 105/tcp
pop-2 109/tcp # PostOffice V.2
pop-3 110/tcp # PostOffice V.3
pop 110/tcp # PostOffice V.3
sunrpc 111/tcp
sunrpc 111/tcp portmapper # RPC 4.0 portmapper UDP
sunrpc 111/udp
sunrpc 111/udp portmapper # RPC 4.0 portmapper TCP
auth 113/tcp ident # User Verification
sftp 115/tcp
uucp-path 117/tcp
nntp 119/tcp usenet # Network News Transfer
ntp 123/tcp # Network Time Protocol
ntp 123/udp # Network Time Protocol
netbios-ns 137/tcp nbns
netbios-ns 137/udp nbns
netbios-dgm 138/tcp nbdgm
netbios-dgm 138/udp nbdgm
netbios-ssn 139/tcp nbssn
imap 143/tcp # imap network mail protocol
NeWS 144/tcp news # Window System
snmp 161/udp
snmp-trap 162/udp
exec 512/tcp # BSD rexecd(8)
biff 512/udp comsat
login 513/tcp # BSD rlogind(8)
who 513/udp whod # BSD rwhod(8)
shell 514/tcp cmd # BSD rshd(8)
syslog 514/udp # BSD syslogd(8)
printer 515/tcp spooler # BSD lpd(8)
talk 517/udp # BSD talkd(8)
ntalk 518/udp # SunOS talkd(8)
efs 520/tcp # for LucasFilm
route 520/udp router routed # 521/udp too
timed 525/udp timeserver
tempo 526/tcp newdate
courier 530/tcp rpc # experimental
conference 531/tcp chat
netnews 532/tcp readnews
netwall 533/udp # -for emergency broadcasts
uucp 540/tcp uucpd # BSD uucpd(8) UUCP service
klogin 543/tcp # Kerberos authenticated rlogin
kshell 544/tcp cmd # and remote shell
new-rwho 550/udp new-who # experimental
remotefs 556/tcp rfs_server rfs # Brunhoff remote filesystem
rmonitor 560/udp rmonitord # experimental
monitor 561/udp # experimental
pcserver 600/tcp # ECD Integrated PC board srvr
mount 635/udp # NFS Mount Service
pcnfs 640/udp # PC-NFS DOS Authentication
bwnfs 650/udp # BW-NFS DOS Authentication
kerberos-adm 749/tcp # Kerberos 5 admin/changepw
kerberos-adm 749/udp # Kerberos 5 admin/changepw
kerberos-sec 750/udp # Kerberos authentication--udp
kerberos-sec 750/tcp # Kerberos authentication--tcp
kerberos_master 751/udp # Kerberos authentication
kerberos_master 751/tcp # Kerberos authentication
krb5_prop 754/tcp # Kerberos slave propagation
listen 1025/tcp listener RFS remote_file_sharing
nterm 1026/tcp remote_login network_terminal
kpop 1109/tcp # Pop with Kerberos
ingreslock 1524/tcp
tnet 1600/tcp # transputer net daemon
cfinger 2003/tcp # GNU finger
nfs 2049/udp # NFS File Service
eklogin 2105/tcp # Kerberos encrypted rlogin
krb524 4444/tcp # Kerberos 5 to 4 ticket xlator
irc 6667/tcp # Internet Relay Chat
dos 7000/tcp msdos
# End of services.
linuxconf 98/tcp # added by linuxconf RPM
3.7 /etc/hosts.allow /etc/hosts.deny (Linux下,或使用了tcpd, 参考inetd.conf)
/etc/hosts.allow 设置允许使用inetd服务的机器,如: All:202.118即允许所有来自
202.118.x.x的请求
/etc/hosts.deny 设置不允许使用inetd的机器
这两个文件的设定顺序请参考在线文档:
man tcpd
man hosts.allow
man hosts.deny
Internet 网络服务访问控制文件,
对于安全性要求较高的服务器建议采用xinetd替代inetd,
xinetd debian自带,其他的可以用源代码进行编译安装
3.8 /etc/networks /etc/netmasks
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -