IT2013. 9. 14. 20:43

centos openssh 소스 컴파일시 zlib error

반응형


centos openssh  소스 컴파일시 zlib  error

발생시 다음과 같이 진행 하시오



configure: error: *** zlib.h missing - please install first or check config.log ***


[root@santafe openssh-6.2p2]# yum -y install zlib-devel 

 Installing : 1:pkgconfig-0.23-9.1.el6.i686                                                         1/2

  Installing : zlib-devel-1.2.3-29.el6.i686                                                          2/2

  Verifying  : 1:pkgconfig-0.23-9.1.el6.i686                                                         1/2

  Verifying  : zlib-devel-1.2.3-29.el6.i686                                                          2/2


[root@santafe openssh-6.2p2]# yum -install openssl-devel
Loaded plugins: fastestmirror, presto
Loading mirror speeds from cached hostfile
 * base: ftp.neowiz.com
 * extras: ftp.neowiz.com
 * updates: ftp.neowiz.com
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package openssl-devel.i686 0:1.0.0-27.el6_4.2 will be installed
--> Processing Dependency: krb5-devel for package: openssl-devel-1.0.0-27.el6_4.2.i686
--> Running transaction check
---> Package krb5-devel.i686 0:1.10.3-10.el6_4.6 will be installed
--> Processing Dependency: libselinux-devel for package: krb5-devel-1.10.3-10.el6_4.6.i686
--> Processing Dependency: libcom_err-devel for package: krb5-devel-1.10.3-10.el6_4.6.i686
--> Processing Dependency: keyutils-libs-devel for package: krb5-devel-1.10.3-10.el6_4.6.i686
--> Running transaction check
---> Package keyutils-libs-devel.i686 0:1.4-4.el6 will be installed
---> Package libcom_err-devel.i686 0:1.41.12-14.el6_4.2 will be installed
---> Package libselinux-devel.i686 0:2.0.94-5.3.el6_4.1 will be installed
--> Processing Dependency: libsepol-devel >= 2.0.32-1 for package: libselinux-devel-2.0.94-5.3.el6_4.1.i686
--> Processing Dependency: pkgconfig(libsepol) for package: libselinux-devel-2.0.94-5.3.el6_4.1.i686
--> Running transaction check
---> Package libsepol-devel.i686 0:2.0.41-4.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

=========================================================================================================
 Package                        Arch            Version                         Repository          Size
=========================================================================================================
Installing:
 openssl-devel                  i686            1.0.0-27.el6_4.2                updates            1.1 M
Installing for dependencies:
 keyutils-libs-devel            i686            1.4-4.el6                       base                28 k
 krb5-devel                     i686            1.10.3-10.el6_4.6               updates            493 k
 libcom_err-devel               i686            1.41.12-14.el6_4.2              updates             31 k
 libselinux-devel               i686            2.0.94-5.3.el6_4.1              updates            136 k
 libsepol-devel                 i686            2.0.41-4.el6                    base                64 k

Transaction Summary
=========================================================================================================
Install       6 Package(s)

Total download size: 1.9 M
Installed size: 4.7 M
Is this ok [y/N]: y
Downloading Packages:
Setting up and reading Presto delta metadata
Processing delta metadata
Package(s) data still to download: 1.9 M
(1/6): keyutils-libs-devel-1.4-4.el6.i686.rpm                                     |  28 kB     00:00
(2/6): krb5-devel-1.10.3-10.el6_4.6.i686.rpm                                      | 493 kB     00:03
(3/6): libcom_err-devel-1.41.12-14.el6_4.2.i686.rpm                               |  31 kB     00:00
(4/6): libselinux-devel-2.0.94-5.3.el6_4.1.i686.rpm                               | 136 kB     00:01
(5/6): libsepol-devel-2.0.41-4.el6.i686.rpm                                       |  64 kB     00:00
(6/6): openssl-devel-1.0.0-27.el6_4.2.i686.rpm                                    | 1.1 MB     00:07
---------------------------------------------------------------------------------------------------------
Total                                                                    131 kB/s | 1.9 MB     00:14
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : libsepol-devel-2.0.41-4.el6.i686                                                      1/6
  Installing : libselinux-devel-2.0.94-5.3.el6_4.1.i686                                              2/6
  Installing : libcom_err-devel-1.41.12-14.el6_4.2.i686                                              3/6
  Installing : keyutils-libs-devel-1.4-4.el6.i686                                                    4/6
  Installing : krb5-devel-1.10.3-10.el6_4.6.i686                                                     5/6
  Installing : openssl-devel-1.0.0-27.el6_4.2.i686                                                   6/6
  Verifying  : keyutils-libs-devel-1.4-4.el6.i686                                                    1/6
  Verifying  : libcom_err-devel-1.41.12-14.el6_4.2.i686                                              2/6
  Verifying  : krb5-devel-1.10.3-10.el6_4.6.i686                                                     3/6
  Verifying  : libselinux-devel-2.0.94-5.3.el6_4.1.i686                                              4/6
  Verifying  : openssl-devel-1.0.0-27.el6_4.2.i686                                                   5/6
  Verifying  : libsepol-devel-2.0.41-4.el6.i686                                                      6/6

Installed:
  openssl-devel.i686 0:1.0.0-27.el6_4.2

Dependency Installed:
  keyutils-libs-devel.i686 0:1.4-4.el6                krb5-devel.i686 0:1.10.3-10.el6_4.6
  libcom_err-devel.i686 0:1.41.12-14.el6_4.2          libselinux-devel.i686 0:2.0.94-5.3.el6_4.1
  libsepol-devel.i686 0:2.0.41-4.el6


[root@santafe openssh-6.2p2]# yum install make


[root@santafe openssh-6.2p2]# ./configure --prefix=/usr/local/ssh --with-ssl-dir=/usr/local/ssl






반응형
저작자표시 비영리 변경금지

'IT' 카테고리의 다른 글

vsftpd 접속 500 oops error 대처법  (0) 2013.09.14
umask 설정  (0) 2013.09.14
tomcat 80포트를 8080 포트로 리다이렉팅 하는 법  (0) 2013.09.14
iptables  (0) 2013.09.14
톰켓 시작 데몬 등록  (0) 2013.09.14
Posted by Dream Come True
IT2013. 9. 14. 13:26

tomcat 80포트를 8080 포트로 리다이렉팅 하는 법

반응형

First verify that Tomcat is running on port 8080. Run the following command

# netstat -ntl

The output will look something like

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN
tcp        0      0 ::ffff:127.0.0.1:8005       :::*                        LISTEN
tcp        0      0 :::8009                     :::*                        LISTEN
tcp        0      0 :::8080                     :::*                        LISTEN
tcp        0      0 :::22                       :::*                        LISTEN

Run the following command to redirect port 80 traffic to port 8080

# iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

Run the folloing command to verify that redirect is working fine

# iptables -t nat -L

The output will look something like

Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
REDIRECT   tcp  --  anywhere             anywhere            tcp dpt:http redir ports 8080

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

Run the following command to remove the routing

# iptables -t nat -D PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

다른 방법 아래
/etc/sysconfig/iptables

iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080


반응형
저작자표시 비영리 변경금지

'IT' 카테고리의 다른 글

umask 설정  (0) 2013.09.14
centos openssh 소스 컴파일시 zlib error  (0) 2013.09.14
iptables  (0) 2013.09.14
톰켓 시작 데몬 등록  (0) 2013.09.14
솔라리스 reboot 없이 네트웍 재시작  (0) 2013.09.11
Posted by Dream Come True
IT2013. 9. 14. 12:43

iptables

반응형

2. 21.23.25.80 포트를 차단하는 정책(각각 하나씩 규칙을 만들것)

iptables -A INPUT -p tcp --dport 21 -j DROP

iptables -A INPUT -p tcp --dport 23 -j DROP

iptables -A INPUT -p tcp --dport 25 -j DROP

iptables -A INPUT -p tcp --dport 80 -j DROP




0. 기본정책을 ACCEPT로 설정

iptables -P INPUT ACCEPT

iptables -P OUTPUT ACCEPT

iptables -P FORWARD ACCEPT



6. 출발지 IP 192.168.10.1 부터 192.168.10.100, 그리고 192.168.150.0/24이고 목적지IP 는 192.168.10.170이고 목적지 포트는 3306일 경우 차단하는 정책

 

iptables -A INPUT -p tcp -s 192.168.150.0/24 -d 192.168.10.170 --dport 3306 -j DROP

iptables -A INPUT -p tcp -m iprange --src-range 192.168.10.1-192.168.10.100 -d 192.168.10.170 --dport 3306 -j DROP



# 허용할 IP

iptables -A -i eth0 -s 192.168.0.1 -j ACCEPT

iptables -A -i eth0 -s 192.168.0.2 -j ACCEPT

...

iptables -A -i eth0 -s 192.168.0.10 -j ACCEPT


# 나머지 모든 것을 막음.

iptables -A INPUT -j REJECT




jlp--smaple 

# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

#***********************************
#80 CONNECT --> 8080 REDIRECT BY JLP
#***********************************
-A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080

-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT



반응형
저작자표시 비영리 변경금지

'IT' 카테고리의 다른 글

centos openssh 소스 컴파일시 zlib error  (0) 2013.09.14
tomcat 80포트를 8080 포트로 리다이렉팅 하는 법  (0) 2013.09.14
톰켓 시작 데몬 등록  (0) 2013.09.14
솔라리스 reboot 없이 네트웍 재시작  (0) 2013.09.11
FileZilla Server  (0) 2013.09.11
Posted by Dream Come True
IT2013. 9. 14. 12:12

톰켓 시작 데몬 등록

반응형

ln -s /opt/apache-tomcat-7.0.11 /opt/apache-tomcat


chmod 755 /etc/init.d/tomcat

chkconfig --add tomcat

chkconfig --level 234 tomcat on


chkconfig --list tomcat

tomcat          0:off   1:off   2:on    3:on    4:on    5:off   6:off


#!/bin/bash  

# description: Tomcat Start Stop Restart  

# processname: tomcat  

# chkconfig: 234 20 80  

JAVA_HOME=/usr/java/jdk1.6.0_26  

export JAVA_HOME  

PATH=$JAVA_HOME/bin:$PATH  

export PATH  

CATALINA_HOME=/usr/share/apache-tomcat-7.0.19  

  

  

case $1 in  

start)  

sh $CATALINA_HOME/bin/startup.sh  

;;   

stop)     

sh $CATALINA_HOME/bin/shutdown.sh  

;;   

restart)  

sh $CATALINA_HOME/bin/shutdown.sh  

sh $CATALINA_HOME/bin/startup.sh  

;;   

esac    

exit 0


서비스 시작

1
service tomcat start

서비스 종료

1
service tomcat stop

서비스 재시작

1
service tomcat restart


tomcat user  로 만들어 실행 시킨다

root 로 실행 하게 되면 보안상 취약 하다.


useradd -g tomcat -d /opt/www/apache-tomcat-7.0.42/tomcat tomcat

chown -Rf tomcat.tomcat /opt/www/apache-tomcat-7.0.42/



반응형
저작자표시 비영리 변경금지

'IT' 카테고리의 다른 글

tomcat 80포트를 8080 포트로 리다이렉팅 하는 법  (0) 2013.09.14
iptables  (0) 2013.09.14
솔라리스 reboot 없이 네트웍 재시작  (0) 2013.09.11
FileZilla Server  (0) 2013.09.11
net use /delete  (0) 2013.09.10
Posted by Dream Come True

티스토리툴바