Ò׽ؽØͼÈí¼þ¡¢µ¥Îļþ¡¢Ãâ°²×°¡¢´¿ÂÌÉ«¡¢½ö160KB

¡¾×ªÌûLINUX¡¿IP·ÖƬÖØ×é·ÖÎö

±¾ÎĵµµÄCopyleft¹éyfydzËùÓУ¬Ê¹ÓÃGPL·¢²¼£¬¿ÉÒÔ×ÔÓÉ¿½±´£¬×ªÔØ£¬×ªÔØʱÇë±£³ÖÎĵµµÄÍêÕûÐÔ£¬ÑϽûÓÃÓÚÈκÎÉÌÒµÓÃ;¡£
msn: yfydz_no1@hotmail.com
À´Ô´£ºhttp://yfydz.cublog.cn
1. Ç°ÑÔ
 
¶ÔIPËéƬµÄÖØ×éÊÇ·À»ðǽÌá¸ß°²È«ÐÔµÄÒ»¸öÖØÒªÊֶΣ¬Í¨¹ýÌáÇ°½øÐÐËéƬÖØ×飬¿ÉÒÔÓÐЧ·ÀÓù¸÷ÖÖËéƬ¹¥»÷£¬LinuxÄں˵ķÀ»ðǽnetfilter¾Í×Ô¶¯¶ÔIPËéƬ°ü½øÐÐÁËÖØ×飬±¾ÎĽéÉÜLinuxÄÚºËÖеÄIPÖØ×é¹ý³Ì£¬Äں˴úÂë°æ±¾2.4.26¡£
2. ´¦ÀíÁ÷³Ì
ʵÏÖIPÖØ×éµÄ»ù±¾º¯ÊýΪip_defrag()£¬ÔÚnet/ipv4/ip_fragment.cÖÐʵÏÖ£¬»ù±¾¹ý³ÌÊǽ¨Á¢ËéƬ´¦Àí¶ÓÁУ¬¶ÓÁÐÖÐÿ¸ö½ÚµãÊÇÒ»¸öÁ´±í£¬Õâ¸öÁ´±í±£´æͬһ¸öÁ¬½ÓµÄËéƬ£¬µ±ËéƬ¶¼µ½´ïÖ®ºó½øÐÐÊý¾Ý°üÖØ×飬»òÕßÔÚÒ»¶¨Ê±¼ä(ȱʡ30Ãë)ÄÚËùÓÐËéƬ°ü²»Äܵ½´ï¶øÊͷŵô¡£
2.1 Êý¾Ý½á¹¹
 
ÔÚ´¦Àí·ÖƬ°üʱ£¬½«skb°üµÄcb×ֶα£´æËéƬ¿ØÖÆÐÅÏ¢struct ipfrag_skb_cb¡£
 
#define FRAG_CB(skb) ((struct ipfrag_skb_cb*)((skb)->cb))
 
struct ipfrag_skb_cb
{
 struct inet_skb_parm h;
 int   offset;
};
 
ipq¶ÓÁнڵã½á¹¹£º
 
/* Describe an entry in the "incomplete datagrams" queue. */
struct ipq {
// ÏÂÒ»¸ö
 struct ipq *next;  /* linked list pointers   */
// ×îÐÂʹÓÃÁ´±í
 struct list_head lru_list; /* lru list member    */
// ÒÔÏÂ4ÏîÓÃÀ´Æ¥ÅäÒ»×éIP·ÖÅä
 u32  saddr;
 u32  daddr;
 u16  id;
 u8  protocol;
// ״̬±êÖ¾
 u8  last_in;
#define COMPLETE  4   // Êý¾ÝÒѾ­ÍêÕû
#define FIRST_IN  2   // µÚÒ»¸ö°üµ½´ï
#define LAST_IN   1   // ×îºóÒ»¸ö°üµ½´ï
//  ½ÓÊÕµ½µÄIPËéƬÁ´±í
 struct sk_buff *fragments; /* linked list of received fragments */
// lenÊǸù¾Ý×îÐÂIPËéƬÖеÄÆ«ÒÆÐÅÏ¢µÃ³öµÄÊý¾Ý×ܳ¤
 int  len;  /* total length of original datagram */
// meatÊÇËùÓÐËéƬʵ¼Ê³¤¶ÈµÄÀÛ¼Ó
 int  meat;
 spinlock_t lock;
 atomic_t refcnt;
// ³¬Ê±
 struct timer_list timer; /* when will this queue expire?  */
// Ç°Ò»Ïî¶ÓÁеØÖ·
 struct ipq **pprev;
// Êý¾Ý½øÈëÍø¿¨µÄË÷ÒýºÅ
&


Ïà¹ØÎĵµ£º

Security Enhanced LinuxµÄÀúÊ·


       Ò»¸öСÀúÊ·½«ÓÐÖúÓÚ°ïÖúÄúÀí½â Security-Enhanced Linux£¨SELinux£©——¶øÇÒËü±¾ÉíÒ²ÊǶÎÓÐȤµÄÀúÊ·¡£
ÃÀ¹ú¹ú¼Ò°²È«¾Ö
£¨National
Security
Agency£¬NSA£©³¤Ê±¼äÒÔÀ´¾Í¹Ø×¢´ó²¿·Ö²Ù×÷ϵͳÖÐÊÜÏ޵ݲȫÄÜÁ¦¡£±Ï¾¹£¬ËûÃǵŤ×÷Ö®Ò»¾ÍÊÇҪȷ±£ÃÀ¹ú¹ú·À²¿Ê¹ÓõļÆËã»úÔÚà ......

Notes for Advanced Linux Programming 4. Threads

4.  Threads
To use the POSIX standard thread API (pthreads), link libpthread.so
to your program.
4.1. Thread Creation
Each thread in a process is identified by a thread ID,
pthread_t.
The pthread_self function returns the thread ID of the current
thread.
This thread IDs can be compared ......

LinuxÉèÖû·¾³±äÁ¿Ð¡½á

1
¡¢×ܽᱳ¾°
ÔÚ
linux
ϵͳÏ£¬Èç¹ûÄãÏÂÔز¢°²×°ÁËÓ¦ÓóÌÐò£¬ºÜÓпÉÄÜÔÚ¼üÈëËüµÄÃû³Æʱ³öÏÖ
“command not found”
µÄÌáʾÄÚÈÝ¡£Èç¹ûÿ´Î¶¼µ½°²×°Ä¿±êÎļþ¼ÐÄÚ£¬ÕÒµ½¿ÉÖ´ÐÐÎļþÀ´½øÐвÙ×÷¾ÍÌ«·±ËöÁË¡£ÕâÉæ¼°µ½»·¾³±äÁ¿
PATH
µÄÉèÖÃÎÊÌ⣬¶ø
PATH
µÄÉèÖÃÒ²ÊÇÔÚ
linux
϶¨ÖÆ»·¾³±äÁ¿µÄÒ»¸ö×é³É²¿·Ö¡£ ......

Linux°²×°apache¡¢phpºÍmysql·½·¨

apacheµÄÔ´Âë°²×° 
½«Ñ¹Ëõ°ü½âѹ֮ºó½øÈëÏàÓ¦µÄĿ¼
./configure \   #--------------------Ô¤±àÒëÃüÁî
"--prefix=/usr/local/apache" \  #--------------------°²×°Â·¾¶Îª“/usr/local/apache”
"--with-included-apr" \
"--enable-so" \ #--------------------¿ªÆôÏàÓ¦µÄÀ©Õ¹Ä£¿é ......

¡¾×ªÌûLINUX¡¿netfilterÖеÄconntrackÄÚºËÔĶÁ±Ê¼Ç(1)

2008-07-07 22:04×´ ̬¼ì²â(stateful inspection)ÊÇÓÉCheckPoint¹«Ë¾×îÏÈÌá³öµÄ£¬¿ÉËãÊÇ·À»ðǽ¼¼ÊõµÄÒ»ÏîÍ»ÆÆÐÔ±ä¸ï£¬°Ñ°ü¹ýÂ˵ĿìËÙÐԺʹúÀíµÄ°²È«ÐԺܺõؽáºÏÔÚÒ»Æ𣬠ĿǰÒѾ­ÊÇ·À»ðǽ×îÁ÷Ðеļì²â·½Ê½¡£×´Ì¬¼ì²âµÄ¸ù±¾Ë¼ÏëÊǶÔËùÓÐÍøÂçÊý¾Ý½¨Á¢“Á¬½Ó”µÄ¸ÅÄ´Ë“Á¬½Ó”ÊÇÃæÏò“Á¬½Ó&rdquo ......
© 2009 ej38.com All Rights Reserved. ¹ØÓÚE½¡ÍøÁªÏµÎÒÃÇ | Õ¾µãµØͼ | ¸ÓICP±¸09004571ºÅ