iptables + php ÉÏÍø¼Æ·ÑʵÏÖ
×î½üÓÐÒ»¸öÏã¸ÛµÄ¾ÆµêÌá³öÐèÇó,Òªµ½¾ÆµêÒµÄÚµÄÉÌÎñÖÐÐÄʵÐмƷÑÉÏÍø, ÌṩÁËÈçϼ¼Êõ·½°¸:
1¡¢Éèһ̨CENTOS5µÄ»úÆ÷×öΪ·ÓÉ£¬°ÑÐèÒª¼Æ·ÑµÄ»úÆ÷¶¼ÉèΪÓô˷þÎñÆ÷×öÍø¹Ø¡£
2¡¢·þÎñÆ÷¿ªÆôIPTABLE£¬Í¨¹ýIPTABLE¿ØÖÆÄܲ»ÄÜʹÓû¥ÁªÍø¡£
¼Ç¼ÏÂÒÔϼ¼ÊõÒªµã:
Ò»¡¢ php¿ÉÒÔͨ¹ýshell_execÀ´Ö´ÐÐshellÖ¸Áµ«iptablesµÄÖ¸ÁîÊÇroot²ÅÓÐȨÏÞÖ´Ðеģ¬ËùÔÚÐèÒª½èÖúsudo.
¾ßÌå×ö·¨ÈçÏÂ:
1. Ö´ÐÐvisudo, ×¢Ê͵ô Default requiretty Ò»ÐÐ
2. ÔÚÎļþ×îºó£¬¼ÓÈëapache ALL = NOPASSWD: /sbin/iptables
3. ÓÃphp shell_exec("/usr/bin/sudo /sbin/iptables -I FORWARD -s xxx.xxx.xxx.xxx -j DROP")ʵÏÖ¶ÏÍø
4. ÓÃphp shell_exec("/usr/bin/sudo /sbin/iptables -I FORWARD -s xxx.xxx.xxx.xxx -j ACCEPT")ʵÏÖ¿ªÍ¨
¶þ¡¢CENTOS¿ªÆô·Óɹ¦ÄÜ:
1¡¢nano /etc/sysctl.conf£¬ÕÒµ½ÆäÖÐnet.ipv4.ip_forward£¬ÉèΪ1£¬±£´æºóÍ˳ö¡£
2¡¢sysctl -p /etc/sysctl.confÈÃÐÞ¸ÄÉúЧ¡£
Èý¡¢/etc/sysconfig/iptablesÄÚÈÝ£º
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:FORWARD ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -i eth0 -j ACCEPT
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -i eth0 -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -d 224.0.0.251 --dport 5353 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state -m tcp --dport 1404 --state NEW -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state -m tcp --dport 80 --state NEW -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state -m tcp --dport 10000 --state NEW -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
*n
Ïà¹ØÎĵµ£º
·½·¨Ò»£º½¨Ò»¸öÆ´Òô±í t_cosler £¬´æ·Åÿ¸ö×Öĸ¿ªÍ·µÄµÚÒ»¸öºº×ֵıàºÅºÍ×îºóÒ»¸öºº×ֵıàºÅ¡£
BatchFile code+------+--------+-------+
| f_PY | cBegin | cEnd |
+------+--------+-------+
| A | 45217 | 45252 | & ......
<?php
$a = 1;
function b(&$c)
{
$c++;
return $c;
}
$d=b($a); // d = 2; a = 2;
$d++; // d = 2;
echo($a); // ÏÔʾ2
?>
ÒýÓ÷µ»Ø:
<?php
$a = 1;
function &b(&$c)
{
$c++;
return $c;
}
$d=b($a); // ×¢ÒâÕâÀï dÓëb·µ»ØµÄÖµ(È·ÇÐÀ´Ëµ, ÕâÀï·µ»ØµÄ² ......
º¯ÊýÔÐÍ£ºmixed str_replace(mixed needle,mixed new_needle,mixed haystack[,int &count]);
needle£ºÒª±»Ìæ»»µÄ×Ö·û´®£¬new_needle£ºÌæ»»ÓõÄ×Ö·û´®£¬haystack£º²Ù×÷×Ö·û´®£¬count£ºÌæ»»´ÎÊý¡¾¿ÉÑ¡²ÎÊý¡¿
ÎÒÃÇÖØµãÊÔÑéǰÈý¸öÔÚʹÓÃÊý×éÊǵÄÖ´Ðз½Ê½£º
&n ......
php config
1.°²×°Apache2.2
2.°²×°php5.2(×¢ÒâÑ¡ÔñËùÓеĿâÎļþ)
3.½«phpMyAdmin½âѹ£¬¿½±´ÖÁApache2.2\htdocs\phpmyadmin(¸Ã·¾¶¿ÉÒÔ×ÔÓɸıä)Ï¡£
4.ÐÞ¸ÄÅäÖÃÎļþ£º
1)ÐÞ¸Äphp.ini
¾ßÌå²Ù×÷£º
extension_dir = "C:\Program Files\PHP\ext" (536)
extension=php ......
VisualSVNÔö¼ÓÃÜÂëphpÐÞ¸ÄÒ³Ãæ
1.¼ÙÉèVisualSVN°²×°ÔÚ C:\Program Files\VisualSVN Server
2.ÏÂÔØ²¢°²×°php windows°æ±¾£¬¼ÙÉè°²×°ÔÚc:\php
¿ÉÒÔµ½php¹Ù·½ÍøÕ¾ÏÂÔØ www.php.net
¸½¼þÖдøµÄÊÇ php-5.3.2-Win32-VC6-x86.zip
3.VisualSVNÔö¼ÓphpÖ§³Ö
×¢ÒâÐÞ¸Ä "c:/php/php5apache2_2.dll" ΪÕýȷ·¾¶
C:\ ......