Linux pе -- { Linux tΪAȪ daemons - 鸟哥的 Linux 私房菜

̪sG2003/02/11

O daemonG/etc/services, RWWh,
tΪ Daemons bG /etc/rc.d/init.d/, /etc/xinetd.conf, /etc/xinetd.d,
ѪR xinetd.conf
TCP_Wrappers G /etc/hosts.allow, /etc/hosts.deny,
tζ}ҪAG netstat, ntsysv, chkconfig,
UӪAȪ²满
Dm

O daemon

pGz``Whdݤ@ǸƪܡAרO Unix-Like @~tΡAp FreeBSD, Unix, Linux Aӷ|``ť daemons oӦrA daemon OFrIHo`QHADaemon rWNNOyu@Bc]HzٯuOI_I ^_^"" C򥻤WAڭ̪ Linux D``|@ǭnDA׬OӦۥtΪnDΪ̬O Client ݪAȭnDAϥunnDӪɭԡAq`NOUU˪ daemons tdh_ӭnu@ Servers Ӥu@աI daemons ثeذ򥻪ҦAOO stand_alone P super daemon ؤ觋AUNӻ@o daemon u@AG

stand_alone G NrWNӻAstand alone NOyWߪҰʡzNA]NOA daemon ҰʤAN`nbOoILM|@ΨtΪ귽A̤juINOAL|@ҰʪաIҥHnDӪɭԡALN|ܧֳt^oI``Φbo@ daemon AȦp` httpd o@ӧYO@ҡI

super daemon G ۹ stand alone 觋Ao@تAȪҰʤ觋hOǥѲΤ@@ daemon ӭtd_ӪAȡIo@ӲΤ@td daemon NO inet oAȰաILAbӪ Linux oiM󤤡AhOϥ xinet oӳ]woIڭ̳o̥H Mandrake xinet ӰCAȭnDӪɭԡAӭnD|e xinet oӪAȡAM xinet ھڸӺnDeӪƫʥ]e ( Ӥe|O IP P port ) ӱNƫʥ]eڹB@AȡIӸӪAȳoӮɭԤ~|ҰʪI̱`쪺NO ftp oAȰաIoس̤juINOSƫʥ]ӪɭԡAӪAȤ|@ڨtθ귽 ( ӪAȷ|b sleeping AaI ) AO۹諸ALɶ]|CA]٭nO@qɶhyzӪAȧrI

oرҰʪ觋@ӤnOHաIӥB٭nݸӥDu@tPڪγ~IҦpADOΨӧ@ WWW AA httpd ۵MNH stand alone Ұʤ觋ΡIƹWAڭ̱``} stand alone P super daemon pAiHȦ檺fӧ@dҡI

stand alone G bȦ̭A]@س@AȪfAҦpsfAҥHAAݭnsɭԡAeӵfANyMHzzAȰաI

super daemon G bȦ̭]٦t~@ؽƦXAfAPɴbBիסBڵ~ȡAAݭn𫟺@~ȪɭԡANݭneӵfAObfo~AAݨD椧A᭱@yޡIbSIӧAu@Fz򨺭ӤSN}lu@hIMӸY٦ի׻Pڵtd~ȪSOHL̦bFHKKIݬݳBܳܯoIo̴N|ޥXt~@ӰDաI]Ȧ椵ѪHSOAҥHoӵf᭱FA~٦ܦhHIQ@QAoӵfOny@ӧAӤU@ӡz٬OyA̪ڮӡAڥBzzOHIOOӤ@ˡH

@

multi-threadedGNOڭ̴쪺AȤᤧnDLӡA@LUhAҥH@ӪAȦPɷ|tdnXӵ{ǡC

@

single-threadedGoӴNOثeڭ̡yHȦẕ`觋աAצpAϥ@Ӥ@ӨӡAĤ@ӨSBzeA᭱бƶIKKIҥHpG client nDMjWܡAoǱߨ쪺 client ioW@I

t~Aݭn`NOAJMȦYoصfPɦsbAҥHoAb Linux tθ̭Ao daemon OiHPɦsbաI]NOAYǪAȥiHϥ stand alone ӱҰʡAӦLAȫhiHϥ xinet ( Ϊ̬O inet ) jPpNOo˰աIFIIH

/etc/services

OOKIoӮɭԴNSoͤFt@ӰDoIګ򪾹DnNڪưe쨺ӵfhIxIӵfOgLOFΪܡHҥHAnsBbBΪ̬Oi״ڡAiHbPfӧA򴫨ڪpӻOA]ڭ̪ TCP ʥ]̭t port P IP aINǤwgť port QOoǵfAp@ӧA TCP ʥ]KiH̾ڤPݨDAӨF@˪ port ӯAȤFI]AAsuO FTP, WWW, smtp nA藍|QdաI
@
nFApGڷQnDo port OѨӪAȩұҰʪOHb Linux tθ̭ɮצbӵfPAȪ ( services and ports ) IINOjW /etc/services oɮװաIڭ̨@q``ݨ쪺 port PAȪϬqӬݤ@UnFI
@

[root @test root]# vi /etc/services
....
ftp-data        20/tcp
ftp-data        20/udp
ftp             21/tcp
ftp             21/udp
ssh             22/tcp                          # SSH Remote Login Protocol
ssh             22/udp                          # SSH Remote Login Protocol
telnet          23/tcp
telnet          23/udp
smtp            25/tcp          mail
smtp            25/udp          mail
nameserver      42/tcp          name            # IEN 116
nameserver      42/udp          name            # IEN 116
domain          53/tcp          nameserver      # name-domain server
domain          53/udp          nameserver
....
<daemon name>   <port PA>   < ӪAȪ >

@
WOAĤ@欰 daemon W١BĤG欰 daemon ҨϥΪ port XPƫʥ]ǰeɭԪADníw tcp ʥ]P}lֳt udp ʥ]I|ӨҤlA e-mail oHw smtp oӪAȡAӳoӪAȪϥΤ port Y 25 աINoˡI
@

ЯSO`NIMɭԱziHǥѭק /etc/services ӧ@ӪAȪ port ALäĳpA]ܦi|y@Ǩw~pIo̯S@fI]Dzn[]@ӦaUA_hܡAϥ /etc/services ]wNnաI^

Daemon RWWhG

C@ӪAȪ}o̡Ab}oL̪AȮɡASOGưաILALצpAoǪAȪWٳQإߤAQW Linux ϥήɡAq`bAȪW٤|[W@ d AҦpҦʩROإߪ at, P cron oӪAȡAq`|Q٬ atd P crondAo d NNO daemon NCҥHAb귽޲z@Aڭ̨ϥΤF ps P top [{ǮɡA|o{ܦh xxxd {ǡAIq`NO@ daemon {oI

tΪ Daemons b̡G

nFIڭ̤wgDF daemon @ΤAAӭnQתOAḺҰʪ scripts Ob̧rIHIUNӻ@oG

stand alone G oөmb /etc/rc.d/init.d/ oӥؿ̭AXGҦ RPM w˪M󤧱Ұʶسbo̰աI

super daemon G oӤu@@AȨNO xinet Ϊ̬O inet աIЪ`NA xinet ]O@ daemon OILO stand alone ҰʪA]NOL|@bťjaݨDAҥH xinet Ұ scripts gb /etc/rc.d/init.d/xinetd o scripts ̭oIObo daemon YAȤ]wةOHINOgb /etc/xinetd.conf P /etc/xinetd.d/ oӥؿ̭ɮסI

/etc/rc.d/init.d/*

OKIAѤ@U stand alone daemon OҰʪOHI²Apڭ̭nҰ syslog oOnɪAȡAnҰʥLܡANUFG

/etc/rc.d/init.d/syslog start

service syslog start

YOɦW[W start YiAΪ̬Oϥ Red Hat ~o service script ӶiҰʪ\IpGAٰOoڭ̫eX`L shell scripts ܡAγ\ٰOo case ..... esac oӦܩʪتykaIHSIoXAȴNOH bash scripts Y case ykgI]Aun[W᭱ѼơAp@ӡA scripts N|۰ʪhMɨӰoIpG쪺ܡAiHbAtθ̭ӥؿU}@ɮר[ݤ@UANDpgoI

/etc/xinetd.conf

oɮ״NO]w xinet AȪѼɮװաI

/etc/xinetd.d/*

oӥؿ̭Ҧɮ״NOӧOW xinet ҦAȰաIҦpW wu-ftpd telnet P pop3 I

ѪR xinetd.conf

@ӨAb /etc/rc.d/init.d/ ̭ scripts Ooi̤ RPM ҴѪApGzۦoiAn骺ܡAiHHo˪觋ӿW߱ҰʪILAڭ̤]iHg super daemon Ӻ޲zڭ̪AȡA]o super daemon iHѬ۷h\AרOwʤ譱\AҥHAڭ̴Nӽͤ@ͦpϥγoӪFaI
@
Ӭݤ@ݹw] /etc/xinetd.conf oɮתeOaI
@

#
# Simple configuration file for xinetd
#
# Some defaults, and include /etc/xinetd.d/
defaults
{
        instances               = 60
        log_type                = SYSLOG authpriv
        log_on_success          = HOST PID
        log_on_failure          = HOST
        cps                     = 25 30
}
includedir /etc/xinetd.d

e榡G
service <service_name>
{
       <attribute> <assign_op> <value> <value> ...
       ...
}

@
bWw]dҷAOGypGSw services ( defaults ) N {} ̭]wӰ椧Iz`pUIWҤlrҥܡA <> YƧڭ̥ӻ@UGG assign_op DnTاΦAOpUG
= G ܫ᭱]wѼƴNOo˰աI
+= G ܫ᭱]wybӪ]wY[JsѼz
-+ G ܫ᭱]wybӪѼƱ˱o̿JѼIz
γ~ӬۦPAqЯdNInFIUAӻ@ attribute P value I

attribute
(\) assing_op
(\ʧ@)
(d)

@]wءG

disable yes
no \ server iHΪ̬OI
]w yes ܸӪAȤI

socket_type stream
dgram
raw su TCP ʥ]ɡAhϥ stream
su UDP ʥ]ɡAhϥ dgram
raw N server ݭnP IP ͡I

protocol tcp
udp
... oӪF軡OAsuAϥΪO@بwIHUӨwNiHѦ /etc/protocols eI~ADOAۤv]wAȡA_hoӥiHγ]wաI

wait yes
no oNOڭ̭责쪺 Multi-threaded P single-threaded 觋աI@ӻAڭ̧ƱjanDiHPɳQҥΡAҥHiH]w wait = no

user UID
root ٰOoڭ̦b b޲z @g쪺 UID ܡHաIo UID NO UID աIn`NOApAAȱҰʪ̤nH root DܡAoӦaNiHܨLϥΪ̡AҦp nobody IoөNN]|w@sbI~Aݭn`No UID sb /etc/passwd C

group GID user NۦPIuOo GID ϥΪ̤]sb /etc/group I

instances number
UNLIMITED oӬOybP@ɶAP@ӪAȥiH\suƥzNAAiHgJ@ӡyƦrzӱsuƥءA]iHϥ UNLIMITED ӧiDtΡySWzoIҦpAbPɬqȤ\ ftp su 30 ӡAo̴NiHJ 30 աI

nice -19 ~ 19 ٰOoڭ̦b {Ǻ޲z ̭ͨ쪺 nice OܡHIաIo̴NOoӪFoIƦrVp( t )Nӵ{ǶVuQI

server program
/usr/sbin/in.ftpd oӴNOXoӪAȪҰʵ{IҦpnҰ ftp ܡANO in.ftpd o{աIҥHoӮɭԦbo̿J server = /usr/sbin/in.ftpd

server_args @ǰѼ oӿJNOA server ̻ݭnJ@ǰѼưաIҦp in.ftpd Aڭ̥iNݭnJ -l -a oӰѼƻI

log_on_success PID
HOST
USERID
EXIT
DURATION by\nJzAݭnOءGPID server ҰʮɭԪ process ID AHOST ݥD IPBUSERID nJ̪bBEXTI }ɭ԰OءBDURATION ӨϥΪ̨ϥΦAȦh[H

log_on_failure HOST
USERID
ATTEMPT
RECORD nJѤQ syslog nJءGHOSTݥD IPAUSERIDnJ̱bBATTEMPTOnJѪ̥ϪNϬBRECORDOݥDTIHά󥻾 server Ұʪ]IDn login, shell, exec, finger OiHϥΦbo̡I( 򥻤WAiHb /etc/hosts.allow /etc/hosts.deny Ѽge )C

i]wءG

env 'name=value' o@ӶإiHA]wܼơAܼƪ]wWhiHѦ { BASH Shell C

port number o̥iH]wPAȻP port AOаOA port PAȦW٥P /etc/services OۦP~I

redirect IP_Address port N client ݹڭ server nDAt@DWhIIoӦnIҦpHnϥΧA ftp ɡAAiHNLt@WhI IP_Address NNt@ݥD IP oI

includedir directory_path ܱNYӥؿUҦɮ׳Li xinetd.conf oӳ]wYIoF観ΦhFAp@ӧڭ̥iH@Ӥ@ӳ]wPءIӤݭnNҦAȳgb xinetd.conf IAiHb /etc/xinetd.conf o{oӳ]wI

w޶ءG

bind IP_Address oӬO]wy\ϥΦ@AȪdzNI|ӨҤlӻAA Linux DW IP AӧAuQn IP1 iHϥΦ@AȡA IP2 ϥΦAȡAo̴NiHN IP1 gJYiI IP2 NiHϥΦ@ server oI

interface IP_Address bind ۦPI

only_from 0.0.0.0
192.168.1.0/24
host_name
domain_name oFΦbwWA]NOިyuo̭Ww IP Ϊ̬ODW٥iHnJIzpGO 0.0.0.0 ܩҦ PC ҥinJApGO 192.168.1.0/24 hܬ C class IY 192.168.1.1 ~ 192.168.1.255 ҥinJIt~A]iH domain name AҦp .ev.ncku.edu.tw NiHjut IP nJADϥθ server I

no_access 0.0.0.0
192.168.1.0/24
host_name
domain_name only_from thաINOΨӺ޲zi_iJA Linux DҥΧA server AȪ޲zءI no_access ܡyinJz PC oI

access_times 00:00-12:00
HH:MM-HH:MM oӶئb]wyӪA server ҰʪɶzAϥΪO 24 pɪ]wIҦpA ftp nb 8 I 16 I}񪺸ܡANOG 08:00-16:00C

umask 000
777
022 ٰOob ɮv ̭L umask oӪFܡHISINOӰNoIiH]wϥΪ̫إߥؿΪ̬Oɮ׮ɭԪݩʡItΫĳȬO 022 C

MWѼƤݭnCӳ]wաIun]wݭnNiHաIӦb /etc/xinetd.conf oɮ׷A@w|ݨy includedir = /etc/xinetd.d zo@IoOAF /etc/xinetd.conf ~AҦb /etc/xinetd.d ɮ׳OiHΨӳ]wաIInFAڭ̨|²檺 telnet ҤlaINO /etc/xinetd.d/telnet oɮסApGA Mandrake 9.0 SoɮסA٨Swtelnet-server-krb5-1.2.5-1mdkoӮMAХw˥LaIMALeIoˡG
@

service telnet
{
@@@@disable@@@@ = yes@@@@@@@@ <==Aȹw]O
@@@@flags@@@@@ = REUSE@@@@@@@ <==B~ϥΪѼ
@@@@socket_type@@ = stream@@@@@@@<==ϥ tcp ʥ]`ΪsuA
@@@@wait@@@@@@= no @@@@@@@@ <==ݵݡAiHPɤ\hӳsu
@@@@user@@@@@@= root@@@@@@@@<==Ұʵ{ǪϥΪ̨
@@@@server@@@@@= /usr/sbin/telnetd@ <==AȱҰʪ{
@@@@server_args@@ = -a none @@@@@@<==Wӵ{Ѽ
@@@@log_on_failure@+= USERID @@@@@@<==~nJɡAnOUӪe
}

@
W椤AwgFC@ѼƪNqIpG쥻w]ȧAäNAAiHק令wPh@IC]Ao Linux O@DAӥBLAOO~ 140.116.44.125 P鷺 192.168.0.254 oӡApGAQn鷺PAӹ~YAAiHo˪ӳ]wOG
@

# w鷺Pӳ]wG
service telnet
{
@@@@disable@@@@ = no@@@@@@@@ <==w]NOҰ telnet A
@@@@bind @@@@@ = 192.168.0.254@@@ <==u\gѳoӤdʥ]i
@@@@only_from @@@= 192.168.0.0/24@@@<==u\ 192.168.0.0/24 oӺq
@@@@@@@@@@@@@@@@@@@@@@@@ DsuiӨϥ telnet A
@@@@instances @@@= UNLIMITED @@@@@<==Pɤ\suI
@@@@nice @@@@@ = 0 @@@@@@@@@<==ϥΪuǸ
@@@@flags@@@@@ = REUSE @@@@@@@<==B~ϥΪѼ
@@@@socket_type @@= stream@@@@@@@<==ϥ tcp ʥ]`ΪsuA
@@@@wait@@@@@@= no@@@@@@@@@<==ݵݡAiHPɤ\hӳsu
@@@@user@@@@@@= root@@@@@@@@<==Ұʵ{ǪϥΪ̨
@@@@server @@@@ = /usr/sbin/telnetd @<==AȱҰʪ{
@@@@server_args@@ = -a none @@@@@@<==Wӵ{Ѽ
@@@@log_on_failure@+= USERID @@@@@@<==~nJɡAnOUӪe
}
# Aw~suӶi歭OI
service telnet
{
@@@@disable@@@@ = no                  <==w]NOҰ telnet A
@@@@bind @@@@@ = 140.116.44.125      <==u\gѳoӤdʥ]i
@@@@only_from @@@= 140.116.0.0/16      <==u\ 140.116.0.0 ~ 140.116.255.255
                                                oӺqsuiӨϥ telnet A
@@@@only_from @@@= .edu.tw             <==Ƴ]wAuаȬɤ~suI
@@@@no_access @@@= 140.116.32.{10,26} <==\o PC nJ
@@@@access_times@@= 1:00-9:00 20:00-23:59
                                              <==CѥuoӮɬq}A
@@@@umask @@@@@= 022                 <==إɮ׮ɪw]ݩʳ]w
@@@@instances @@@= 10                  <==Pɥu\ 10 ӳsu
@@@@nice@@@@@@= 10                  <==ϥΪuǸC
@@@@flags @@@@@= REUSE               <==B~ϥΪѼ
@@@@socket_type @@= stream              <==ϥ tcp ʥ]`ΪsuA
@@@@wait@@@@@@= no                  <==ݵݡAiHPɤ\hӳsu
@@@@user@@@@@@= root                <==Ұʵ{ǪϥΪ̨
@@@@server@@@@@= /usr/sbin/telnetd   <==AȱҰʪ{
@@@@server_args @@= -a none             <==Wӵ{Ѽ
@@@@log_on_failure@+= USERID             <==~nJɡAnOUӪe
}

IpW]wAڭ̥iHN telnet ҰʶضihIp@ӡANUڭ̪w@OIרpGiHw藍Pӳ]wAKKIN[oILAЪ`NIpGӤW]wAzDWN|}F 23 port AOOӤӨϥΪOIIun?P˪AA]iHwۤvߦnӳ]wAL daemon ϥLb xinetd UOI

TCP_Wrappers

nFAۤUӧڭ̭nӻ@AF xinetd ~A٦t@ӥiHקQάYǪAȶiJ Linux DkANO``ϥΪ /etc/hosts.allow P /etc/hosts.deny oIoӤ觋Oڭ̱``bϥΪkAo̥XӤ²檺]w觋IG TCP_Wrappers ]iH@ӳ̤hFA]O̤hAҥHMn]wYoI
@
s TCP_Wrappers OH wrappers ]qNAҥHAoӮM󥻨\NObR TCP ƫʥ]աIڭ̵yLڭ̺ʥ]ƥDnOH TCP ʥ]DAo TCP ʥ]YܤְOFӷPإD IP P port A]AYǥѤR TCP ʥ]ANiHݧڭnnoӸƶiJḒoIҥHաAڭ̭nϥ TCP_Wrappers ӱުANO

ӷ IP

port (NOAȰ)

TCP_Wrappers ]w TCP ʥ]O_iHiJ]wɦb /etc/hosts.allow P /etc/hosts.deny C]A򥻤WApG@ӪAȬO xinetd TCP_Wrappers ɡAӪAȴN| hosts.allow P hosts.deny ޲zFIӦpGAۤvw˪M( Yϥ Tarball w˪觋M )ADۦwq䴩 TCP_Wrappers \ A_hNLkϥγoӪNoIKKI
@
oɮ׬OFΪH褣OLILDnOΨӳWd TCP ʥ]WhAҥHOA̭OMNOGyY IP bSwAȤO_iJDzIngHoɮתe򥻪ykOG
@

<service> : <IP, domain, hostname...> : <allow|deny>

@
ҥHڭ̭nXӨ service_name ~AҦpHڭ̭𫍧 telnet ҡA service_name OOHNOW server oӳ]w᭱{WٰաIҥHA telnet b Mandrake UW٬ telnetd ( `NAbL distribution AoӦW٥i|ܡAҦp Red Hat OpenLinux OH in.telnetd WIҥHo̽аѦұztθ̭]wөwI)C ]ApGAQ 140.116.44.202 oӦ} 140.116.32.0/255.255.255.0 o C class iJADܡAiHo˦b /etc/hosts.deny ̭]wG
@

[root @test root]# vi /etc/hosts.deny
telnetd: 140.116.44.202 : deny
telnetd: 140.116.32.0/255.255.255.0 : deny

@
oˤ@ӡANLkH telnet iJADաIKaILAJMpAn]w /etc/hosts.allow /etc/hosts.deny ɮשOHI򥻤WAL̨ӪYG

ɮ /etc/hosts.allow sbɡAhHɮפ]wǡF

Ӧb /etc/hosts.allow SWw쪺ƶANb /etc/hosts.deny ~]wI

]NOA /etc/hosts.allow ]wu /etc/hosts.deny oIAѤFܡH򥻤WAun hosts.allow ]NFA]ڭ̥iHN allow P deny gbP@ɮפAuOoˤ@ӦGoIõLA]Aq`ڭ̳OG

\iJgb /etc/hosts.allow F

\iJhgb /etc/hosts.deny C

Ajդ@A service_name yݡzA xinetd Ϊ̬O /etc/rc.d/init.d/* ̭{W٭nۦPCnFAڭ٬OH telnet ҤlӻnFA{b]@Ӥwy{ӳ]wANOG

u\ 140.116.44.0/255.255.255.0 P 140.116.79.0/255.255.255.0 oӺA 140.116.141.99 oӥDiHiJڭ̪ telnet AF

~AL IP ױI

o˫hiH]w /etc/hosts.allow oɮצG
@

[root @test root]# vi /etc/hosts.allo
telnetd: 140.116.44.0/255.255.255.0 : allow
telnetd: 140.116.79.0/255.255.255.0 : allow
telnetd: 140.116.141.99 : allow

@
AӡA]w /etc/hosts.deny yױzAG
@

[root @test root]# vi /etc/hosts.deny
telnetd: ALL : deny

@
ALL NyzNIIܴΧaI򦳨Sw]wAҦpALH˧ڪ telnet port ɡAڴNNL IP OIHӪd߻P{ҤΡIAiHN /etc/hosts.deny oɮק令oӼˤlG
@

[root @test root]# vi /etc/hosts.deny
telnetd: ALL : spawn (echo Security notice from host `/bin/hostname`; \
echo; /usr/sbin/safe_finger @%h ) | \
/bin/mail -s "%d-%h security" root & \
: twist ( /bin/echo -e "\n\nWARNING connection not allowed. Your attempt has been logged. \n\n\nĵiz|\nJAzsuN|QAåB@H᪺Ѧ\n\n ". )

@
bWҤlArry root zAiHgAӤHbΪ̨L e-mail AHKܤ֥H root nJ Linux DɡAeyDpAt~A̫XAY :twist ᪺X欰P@Cp@ӡAg\qյnJADɡA𫍧ùWN|ܤW̫@AåBNL IP H root ]Ϊ̬OAۤvHc^̥hI]GYǨSw tcp_wrappers M distribution AѩS safe_finger {AҥHLk\AoIٽЦh[`NOI^

tζ}ҪA

nFA{b]zwgDF daemons ҰɮשmؿA]DFAȻP port AnpdߥثetΤWwgҰʤFAȩOHnAVFIwgǹLF ps P top ӭn|Τ~CIISAiHϥ ps P top ӧMwgҰʤFAȪ{ǻPL PID OILAڭ̫򪾹DӪAȱҰʪ port O@ӡHInDIiHϥ netstat oӺA[Oˬdڭ̪ port OIƦܥL]iHڭ̧ port {ǩO( PID )InFAڭ̴NӸլݬݳoӫOΪkaI

netstat

@

[root @test /root]# netstat [-r] [-i interface]
[root @test /root]# netstat [-antulp]
ѼƻG
-r GܥX route NF
-i GܥX interface eA ifconfig աI
-a GܥXثeҦsuAI
-n Gw]pAܥX host |H host name {AY n hiH port P host HƦr
-t G tcp ʥ]su欰
-u G udp ʥ]suA
-l G LISTEN e
-p GPܦ@su PID I(`NGu root ~Ϧ\I)
dҡG
[root @test /root]# netstat -r <==KKIܥXثeѪI
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window irtt Iface
140.116.141.253 *               255.255.255.255 UH       40 0          0 ppp0
192.168.1.0     *               255.255.255.0   U        40 0          0 eth0
192.168.0.0     *               255.255.255.0   U        40 0          0 eth0
127.0.0.0       *               255.0.0.0       U        40 0          0 lo
default         140.116.141.253 0.0.0.0         UG       40 0          0 ppp0
[root @test /root]# netstat -i eth0 <==ݬݩUܥXeAO_ ifconfig eth0 rIH
Kernel Interface table
Iface   MTU Met   RX-OK RX-ERR RX-DRP RX-OVR   TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0   1500   077199373      0      0      169616342      0      0      0 BMRU
lo    16436   0 1130485      0      0      0 1130485      0      0      0 LRU
[root @test /root]# netstat -an <==ܩҦsuAAåBHƦrA
[root @test /root]# netstat -tul<== LISTEN tcp P udp suAApUG
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 *:mysql                 *:*                     LISTEN
tcp        0      0 *:netbios-ssn           *:*                     LISTEN
tcp        0      0 *:pop3                  *:*                     LISTEN
tcp        0      0 *:http                  *:*                     LISTEN
tcp        0      0 *:ftp                   *:*                     LISTEN
tcp        0      0 *:ssh                   *:*                     LISTEN
tcp        0      0 *:smtp                  *:*                     LISTEN
udp        0      0 *:netbios-ns            *:*
`NGW LISTEN ܸ port Owgb ť AȰաIӥ䪺 tcp O tcp ʥ]I
[root @test /root]# netstat -anp | more<==oӫOܱ`UFIаOoI

@
netstat iOܤF_OA@wnǷ|IרLiHڭAѥثeADsuAIP}Ҫ port ǡIҥH@woǷ|~rIpGAOUFG
@
netstat -a | more
netstat -an | more
@
@w|o{I_ǡH򦳪 port |HAȦW(ҦpWҤl̪ pop3 ...)|H port XܩOIHKKINO /etc/services H -n oӰѼƪγ~աIAiHo{OApG netstat -a ɡAܥXӪ port Xb /etc/services sbAȦW٪ɭԡAw]LN|ܥXӪAȦWٰաIOYb /etc/services 䤣ɮתܡA۵MN٬OH port XܪI[WF -n ѼƫAצpAL|H port IP ܰաI
@
t~A -p ]ܦIרOb@ǲW䧮suX{ɡAiH netstat Vanp | mored PID AMAHڭ̤eͨ쪺 tθ귽޲z AQ kill ӱ PID {ǡI ~Aϥ netstat Vtlp ]iHoثeb LISTEN port AȦW١AKKI˴NiHD port Oӵ{ǨӱҰʪIܫKQz?
@

ProtoGOʥ]Ϊ̬OqTwաI tcp , udp O`I

Local AddressGaݪ IP P Port ApG /etc/services sbAȦW١ANHAȦWܡF

Foreign Address Gť@ӦaϻP port F

stateGACNܦhաI򥻪G

LISTEN GYťA port I

ESTABLISHEDGwإ߳susup

TIME_WAITGӳsubثewgOݪAFIHɦi|_uI

@
netstat iHdo۷hTIרb port ɡI]ڭnN ftp Anϥ ntsysv, chkconfig Hάݤ@U /etc/rc.d/rc.local Y]woIЪ`NAoӮɭԶȬONy}w]ҰzӤwAèSثeAȡA]zo{ ftp ٦bҰʪءAAnNLANG@

ϥ ntsysv chkconfig N wu-ftpd eŸF

XAH /etc/rc.d/init.d/xinet restart Ϊ̬O service xinet restart ӭsҰ xinet oӪAȡF

AH netstat -a | more ݤ@U ftp O_٦b LISTEN OH

@
oˤ~OIPzioIn sshd HIKKIۤvլݬoI(`NGƹWAb Linux tΤAny}Y port zANOݭnyҰʩYӪAȡzաI]AAiHXY port AȡA{AȡAiӱҰʩLA򨺭ӸgѸӪAȦӱҰʪ port A۵MN|FI)

UӪAȪ²满

UO@ linux tΤW` daemons AjaiHѦҬݬI

AȦW

Ѽ

w]ϥ port

O_ݭn

anacron

/etc/anacrontab

Sϥ port

A Linux DäOѭԶ}ɭԡAo anacron NiHAby crontab zJwɶS檺u@I|ӨҤlӻAADbߤW 12:00 |۰AO crontab oӨҦʤu@Ob 4:00 u@AoӮɭԨҦʤu@OSܡHI anacron NiHϥΰաI

pGDwg 24 pɶ}AӥBF cron Aoӵ{NݭnҰʤFC

apmd

/etc/sysconfig/apmd

Sϥ port

apmd O Adventage Power Management daemon YgAUWqAiHΨAѨtΪyqqqzApGⴣq~ݭnaڷQI

򥻤WAڭ̨ϥΪWΪ̬O@}AjPWݭnϥΦ@ daemonC

arpwatch

/etc/sysconfig/arpwatch

Sϥ

oOΨӫʴdy Hardware IP (MAC) P Software IP (TCP/IP IP) z daemonA٥iH e-mail qtκ޲zI

@몺Dӻݭno daemon I

atd

/etc/at.allow, /etc/at.deny

Sϥ port

o`ӤͤFaINO@ϥΪҦʩROoIpGѰOFIhdݤ@UI

oӳq`ݭnҰʰաILApGA@볣Oϥ cron AoӪF褣ҰʼvT]ܤjI

autofs

/etc/rc.d/init.d/autofs

Sϥ port

oӪFϥΦb۰ʱ@Ǹ˸m daemon

ݭn}I

xinet chargen
chargen-udp

oFDn port O 19 F

Dn\b󴣨ݥrNNaIڤ]O....

@ӻAαҰʰաI

crond

/etc/crontab

Sϥ port

ΨӰ ҦʩRO daemonI

ȥҰI

xinet daytime
daytime-udp

oFϥ 13 port I

Ψӧ@ daytime AȡAoO NTP (Network Time Protocol) W@NA تbiɶեu@CLA]L|psuL{𺢮ɶA åBOHWXǰeA]FSت~Aثewgܤ֨ϥγoNFI

αҰ

xinet echo
echo-udp

ϥ port 7

αҰʰI

xinet finger

/etc/xinetd.d/finger

port 79

̤j\NOݪϥΪ̥iHdݥaݪϥΪ̸T

ѩ󦳦wWU{ASnܡAnҰI

gpm

/etc/sysconfig/mouse

Sϥ port

brҦ̭iHϥ mouse ӱqơyƻsBKWBʴСz\I

SnܡAĳOyzI

httpd

/etc/httpd/conf/httpd.conf

ϥ 80 port H() 443

oӴNOjW WWW DAȶ}Ҫ{աI

ݧAݨDoI WWW hnҰʡI

Dm ( nݵ׽бNƹʨyGzUťճBAUťճBYi )

2002/07/10GĤ@
2003/02/11GssƻP[J FAQ

AȦW	Ѽ w]ϥ port O_ݭn
anacron	/etc/anacrontab Sϥ port A Linux DäOѭԶ}ɭԡAo anacron NiHAby crontab zJwɶS檺u@I\|ӨҤlӻAADbߤW 12:00 \|۰AO crontab oӨҦʤu@Ob 4:00 u@AoӮɭԨҦʤu@OSܡHI anacron NiHϥΰաI pGDwg 24 pɶ}AӥBF cron Aoӵ{NݭnҰʤFC
apmd	/etc/sysconfig/apmd Sϥ port apmd O Adventage Power Management daemon YgAUWqAiHΨAѨtΪyqqqzApGⴣq~ݭnaڷQI 򥻤WAڭ̨ϥΪWΪ̬O@}AjPWݭnϥΦ@ daemonC
arpwatch	/etc/sysconfig/arpwatch Sϥ oOΨӫʴdy Hardware IP (MAC) P Software IP (TCP/IP IP) z daemonA٥iH e-mail qtκ޲zI @몺Dӻݭno daemon I
atd	/etc/at.allow, /etc/at.deny Sϥ port o`ӤͤFaINO@ϥΪҦʩROoIpGѰOFIhdݤ@UI oӳq`ݭnҰʰաILApGA@볣Oϥ cron AoӪF褣ҰʼvT]ܤjI
autofs	/etc/rc.d/init.d/autofs Sϥ port oӪFϥΦb۰ʱ@Ǹ˸m daemon ݭn}I
xinet chargen chargen-udp	oFDn port O 19 F Dn\b󴣨ݥrNNaIڤ]O.... @ӻAαҰʰաI
crond	/etc/crontab Sϥ port ΨӰ ҦʩRO daemonI ȥҰI
xinet daytime daytime-udp	oFϥ 13 port I Ψӧ@ daytime AȡAoO NTP (Network Time Protocol) W@NA تbiɶեu@CLA]L\|psuL{𺢮ɶA åBOHWXǰeA]FSت~Aثewgܤ֨ϥγoNFI αҰ
xinet echo echo-udp	ϥ port 7 αҰʰI
xinet finger	/etc/xinetd.d/finger port 79 ̤j\NOݪϥΪ̥iHdݥaݪϥΪ̸T ѩ󦳦wWU{ASnܡAnҰI
gpm	/etc/sysconfig/mouse Sϥ port brҦ̭iHϥ mouse ӱqơyƻsBKWBʴСz\I SnܡAĳOyzI
httpd	/etc/httpd/conf/httpd.conf ϥ 80 port H() 443 oӴNOjW WWW DAȶ}Ҫ{աI ݧAݨDoI WWW hnҰʡI

attribute (\)	assing_op (\ʧ@)	(d)
@]wءG
disable	yes no	\ server iHΪ̬OI ]w yes ܸӪAȤI
socket_type	stream dgram raw	su TCP ʥ]ɡAhϥ stream su UDP ʥ]ɡAhϥ dgram raw N server ݭnP IP ͡I
protocol	tcp udp ...	oӪF軡OAsuAϥΪO@بwIHUӨwNiHѦ /etc/protocols eI~ADOAۤv]wAȡA_hoӥiHγ]wաI
wait	yes no	oNOڭ̭责쪺 Multi-threaded P single-threaded 觋աI@ӻAڭ̧ƱjanDiHPɳQҥΡAҥHiH]w wait = no
user	UID root	ٰOoڭ̦b b޲z @g쪺 UID ܡHաIo UID NO UID աIn`NOApAAȱҰʪ̤nH root DܡAoӦaNiHܨLϥΪ̡AҦp nobody IoөNN]\|w@sbI~Aݭn`No UID sb /etc/passwd C
group	GID	user NۦPIuOo GID ϥΪ̤]sb /etc/group I
instances	number UNLIMITED	oӬOybP@ɶAP@ӪAȥiH\suƥzNAAiHgJ@ӡyƦrzӱsuƥءA]iHϥ UNLIMITED ӧiDtΡySWzoIҦpAbPɬqȤ\ ftp su 30 ӡAo̴NiHJ 30 աI
nice	-19 ~ 19	ٰOoڭ̦b {Ǻ޲z ̭ͨ쪺 nice OܡHIաIo̴NOoӪFoIƦrVp( t )Nӵ{ǶVuQI
server	program /usr/sbin/in.ftpd	oӴNOXoӪAȪҰʵ{IҦpnҰ ftp ܡANO in.ftpd o{աIҥHoӮɭԦbo̿J server = /usr/sbin/in.ftpd
server_args	@ǰѼ	oӿJNOA server ̻ݭnJ@ǰѼưաIҦp in.ftpd Aڭ̥iNݭnJ -l -a oӰѼƻI
log_on_success	PID HOST USERID EXIT DURATION	by\nJzAݭnOءGPID server ҰʮɭԪ process ID AHOST ݥD IPBUSERID nJ̪bBEXTI }ɭ԰OءBDURATION ӨϥΪ̨ϥΦAȦh[H
log_on_failure	HOST USERID ATTEMPT RECORD	nJѤQ syslog nJءGHOSTݥD IPAUSERIDnJ̱bBATTEMPTOnJѪ̥ϪNϬBRECORDOݥDTIHά󥻾 server Ұʪ]IDn login, shell, exec, finger OiHϥΦbo̡I( 򥻤WAiHb /etc/hosts.allow /etc/hosts.deny Ѽge )C
i]wءG
env	'name=value'	o@ӶإiHA]wܼơAܼƪ]wWhiHѦ { BASH Shell C
port	number	o̥iH]wPAȻP port AOаOA port PAȦW٥P /etc/services OۦP~I
redirect	IP_Address port	N client ݹڭ server nDAt@DWhIIoӦnIҦpHnϥΧA ftp ɡAAiHNLt@WhI IP_Address NNt@ݥD IP oI
includedir	directory_path	ܱNYӥؿUҦɮ׳Li xinetd.conf oӳ]wYIoF観ΦhFAp@ӧڭ̥iH@Ӥ@ӳ]wPءIӤݭnNҦAȳgb xinetd.conf IAiHb /etc/xinetd.conf o{oӳ]wI
w޶ءG
bind	IP_Address	oӬO]wy\ϥΦ@AȪdzNI\|ӨҤlӻAA Linux DW IP AӧAuQn IP1 iHϥΦ@AȡA IP2 ϥΦAȡAo̴NiHN IP1 gJYiI IP2 NiHϥΦ@ server oI
interface	IP_Address	bind ۦPI
only_from	0.0.0.0 192.168.1.0/24 host_name domain_name	oFΦbwWA]NOިyuo̭Ww IP Ϊ̬ODW٥iHnJIzpGO 0.0.0.0 ܩҦ PC ҥinJApGO 192.168.1.0/24 hܬ C class IY 192.168.1.1 ~ 192.168.1.255 ҥinJIt~A]iH domain name AҦp .ev.ncku.edu.tw NiHjut IP nJADϥθ server I
no_access	0.0.0.0 192.168.1.0/24 host_name domain_name	only_from thաINOΨӺ޲zi_iJA Linux DҥΧA server AȪ޲zءI no_access ܡyinJz PC oI
access_times	00:00-12:00 HH:MM-HH:MM	oӶئb]wyӪA server ҰʪɶzAϥΪO 24 pɪ]wIҦpA ftp nb 8 I 16 I}񪺸ܡANOG 08:00-16:00C
umask	000 777 022	ٰOob ɮv ̭L umask oӪFܡHISINOӰNoIiH]wϥΪ̫إߥؿΪ̬Oɮ׮ɭԪݩʡItΫĳȬO 022 C