CentOS6 에서 방화벽(FIrewall Configuration) 이 작동하지 않을때

Posted by 주원이^^
2019. 3. 8. 14:11 리눅스/trouble shooting
336x280(권장), 300x250(권장), 250x250, 200x200 크기의 광고 코드만 넣을 수 있습니다.

CentOS6 에서 방화벽(FIrewall Configuration) 이 작동하지 않을때

1. system-config-firewall-tui 을 install/update 하는 방법

    프로그램 이름은 system-config-firewall-tui로, GUI를 설치하지 않고도 사용할 수 있습니다. 

    설치(업데이트) 하려면 다음과 같이 명령합니다.

yum install setuptool system-config-firewall-tui

    setuptool이 꼭 필요한 것은 아니나 긴 명령어를 사용할 필요가 없어서 설치하는 것입니다.

   setuptool을 설치하지 않았다면 'system-config-firewall-tui' 이와같이 긴 명령을 입력해야 합니다.

   (또는 setup은 되나 firewall Configuration 이 작동하지 않을때 setuptool을 update 합니다.)

2. setup은 동작 하지만 FIrewall Configuration 이 작동하지 않을때 'fw_tui.py' 을 수정하는 방법 

    fw_tui.py 파일을 수정합니다.

         ( /usr/share/system-config-firewall/fw_tui.py)

    vim +34 /usr/share/system-config-firewall/fw_tui.py

    명령줄(34번)을 '#' 주석 처리 합니다 ( import fw_nw  라인)


    저장 하고 . 

    ‘system-config-firewall-tui’ 명령으로 작동한다. (CentOS6.6에서)  --- Good luck.

참고 (검색 자료에서):

Run these to turn off the firewall in CentOS:

  service iptables save
  service iptables stop
  chkconfig iptables off

프로토콜 기본정보

Posted by 주원이^^
2017. 7. 31. 15:55 리눅스/기본정보(OS)
336x280(권장), 300x250(권장), 250x250, 200x200 크기의 광고 코드만 넣을 수 있습니다.

Common/Popular IANA-Registered Ports

1TCPtcpmuxTCP port service multiplexer
5TCPrjeRemote Job Entry
7TCPechoEcho service
9TCPdiscardNull service for connection testing
11TCPsystatSystem Status service for listing connected ports
13TCPdaytimeSends date and time to requesting host
17TCPqotdSends quote of the day to connected host
18TCPmspMessage Send Protocol
19TCPchargenCharacter Generation service; sends endless stream of characters
20TCPftp-dataFTP data port
21TCPftpFile Transfer Protocol (FTP) port; sometimes used by File Service Protocol (FSP)
22TCPsshSecure Shell (SSH) service
23TCPtelnetThe Telnet service
25TCPsmtpSimple Mail Transfer Protocol (SMTP)
37TCPtimeTime Protocol
39TCPrlpResource Location Protocol
42TCPnameserverInternet Name Service
43TCPnicnameWHOIS directory service
49TCPtacacsTerminal Access Controller Access Control System for TCP/IP based authentication and access
50TCPre-mail-ckRemote Mail Checking Protocol
53TCPdomaindomain name services (such as BIND)
63TCPwhois++WHOIS++, extended WHOIS services
67TCPbootpsBootstrap Protocol (BOOTP) services; also used by Dynamic Host Configuration Protocol (DHCP) services
68TCPbootpcBootstrap (BOOTP) client; also used by Dynamic Host Control Protocol (DHCP) clients
69TCPtftpTrivial File Transfer Protocol (TFTP)
70TCPgopherGopher Internet document search and retrieval
71TCPnetrjs-1Remote Job Service
72TCPnetrjs-2Remote Job Service
73TCPnetrjs-3Remote Job Service
73TCPnetrjs-4Remote Job Service
79TCPfingerFinger service for user contact information
80TCPhttpHyperText Transfer Protocol (HTTP) for World Wide Web (WWW) services
88TCPkerberosKerberos network authentication system
95TCPsupdupTelnet protocol extension
101TCPhostnameHostname services on SRI-NIC machines
102TCPiso-tsapISO Development Environment (ISODE) network applications
105TCPcsnet-nsMailbox nameserver; also used by CSO nameserver
107TCPrtelnetRemote Telnet
109TCPpop2Post Office Protocol version 2
110TCPPOP3Post Office Protocol version 3
111TCPsunrpcRemote Procedure Call (RPC) Protocol for remote command execution, used by Network Filesystem (NFS)
113TCPauthAuthentication and Ident protocols
115TCPsftpSecure File Transfer Protocol (SFTP) services
117TCPuucp-pathUnix-to-Unix Copy Protocol (UUCP) Path services
119TCPnntpNetwork News Transfer Protocol (NNTP) for the USENET discussion system
123TCPntpNetwork Time Protocol (NTP)
137TCPnetbios-nsNETBIOS Name Service used in Red Hat Enterprise Linux by Samba
138TCPnetbios-dgmNETBIOS Datagram Service used in Red Hat Enterprise Linux by Samba
139TCPnetbios-ssnNETBIOS Session Service used in Red Hat Enterprise Linux by Samba
143TCPIMAPInternet Message Access Protocol (IMAP)
161TCPsnmpSimple Network Management Protocol (SNMP)
162TCPsnmptrapTraps for SNMP
163TCPcmip-manCommon Management Information Protocol (CMIP)
164TCPcmip-agentCommon Management Information Protocol (CMIP)
174TCPmailqMAILQ email transport queue
177TCPxdmcpX Display Manager Control Protocol (XDMCP)
178TCPnextstepNeXTStep window server
179TCPbgpBorder Gateway Protocol
191TCPprosperoProspero distributed filesystem services
194TCPircInternet Relay Chat (IRC)
199TCPsmuxSNMP UNIX Multiplexer
201TCPat-rtmpAppleTalk routing
202TCPat-nbpAppleTalk name binding
204TCPat-echoAppleTalk echo
206TCPat-zisAppleTalk zone information
209TCPqmtpQuick Mail Transfer Protocol (QMTP)
210TCPz39.50NISO Z39.50 database
213TCPipxInternetwork Packet Exchange (IPX), a datagram protocol commonly used in Novell Netware environments
220TCPIMAP3Internet Message Access Protocol version 3
245TCPlinkLINK / 3-DNS iQuery service
347TCPfatservFATMEN file and tape management server
363TCPrsvp_tunnelRSVP Tunnel
369TCPrpc2portmapCoda file system portmapper
370TCPcodaauth2Coda file system authentication services
389TCPldapLightweight Directory Access Protocol (LDAP)
427TCPsvrlocService Location Protocol (SLP)
434TCPmobileip-agentMobile Internet Protocol (IP) agent
435TCPmobilip-mnMobile Internet Protocol (IP) manager
443TCPhttpsSecure Hypertext Transfer Protocol (HTTP)
444TCPsnppSimple Network Paging Protocol
445TCPmicrosoft-dsServer Message Block (SMB) over TCP/IP
464TCPkpasswdKerberos password and key changing services
468TCPphoturisPhoturis session key management protocol
487TCPsaftSimple Asynchronous File Transfer (SAFT) protocol
488TCPgss-httpGeneric Security Services (GSS) for HTTP
496TCPpim-rp-discRendezvous Point Discovery (RP-DISC) for Protocol Independent Multicast (PIM) services
500TCPisakmpInternet Security Association and Key Management Protocol (ISAKMP)
535TCPiiopInternet Inter-Orb Protocol (IIOP)
538TCPgdomapGNUstep Distributed Objects Mapper (GDOMAP)
546TCPdhcpv6-clientDynamic Host Configuration Protocol (DHCP) version 6 client
547TCPdhcpv6-serverDynamic Host Configuration Protocol (DHCP) version 6 Service
554TCPrtspReal Time Stream Control Protocol (RTSP)
563TCPnntpsNetwork News Transport Protocol over Secure Sockets Layer (NNTPS)
565TCPwhoamiwhoami user ID listing
587TCPsubmissionMail Message Submission Agent (MSA)
610TCPnpmp-localNetwork Peripheral Management Protocol (NPMP) local / Distributed Queueing System (DQS)
611TCPnpmp-guiNetwork Peripheral Management Protocol (NPMP) GUI / Distributed Queueing System (DQS)
612TCPhmmp-indHyperMedia Management Protocol (HMMP) Indication / DQS
631TCPippInternet Printing Protocol (IPP)
636TCPldapsLightweight Directory Access Protocol over Secure Sockets Layer (LDAPS)
674TCPacapApplication Configuration Access Protocol (ACAP)
694TCPha-clusterHeartbeat services for High-Availability Clusters
749TCPkerberos-admKerberos version 5 (v5) ‘kadmin’ database administration
750TCPkerberos-ivKerberos version 4 (v4) services
765TCPwebsterNetwork Dictionary
767TCPphonebookNetwork Phonebook
873TCPrsyncrsync file transfer services
992TCPtelnetsTelnet over Secure Sockets Layer (TelnetS)
993TCPIMAPSInternet Message Access Protocol over Secure Sockets Layer (IMAPS)
994TCPircsInternet Relay Chat over Secure Sockets Layer (IRCS)
995TCPPOP3sPost Office Protocol version 3 over Secure Sockets Layer (POP3S)


UNIX-Specific Ports

512TCPexecAuthentication for remote process execution
512UDPbiff [comsat]Asynchrous mail client (biff) and service (comsat)
513TCPloginRemote Login (rlogin)
513UDPwho [whod]whod user logging daemon
514TCPshell [cmd]Remote shell (rshell) and remote copy (rcp) with no logging
514UDPsyslogUNIX system logging service
515printer [spooler]Line printer (lpr) spooler
517UDPtalkTalk remote calling service and client
518UDPntalkNetwork talk (ntalk) remote calling service and client
519utime [unixtime]UNIX time (utime) protocol
520TCPefsExtended Filename Server (EFS)
520UDProuter [route, routed]Routing Information Protocol (RIP)
521ripngRouting Information Protocol for Internet Protocol version 6 (IPv6)
525timed [timeserver]Time daemon (timed)
526/TCPtempo [newdate]Tempo
530TCPcourier [rpc]Courier Remote Procedure Call (RPC) protocol
531TCPconference [chat]Internet Relay Chat
532netnewsNetnews newsgroup service
533UDPnetwallNetwall for emergency broadcasts
540TCPuucp [uucpd]UNIX-to-UNIX copy services
543TCPkloginKerberos version 5 (v5) remote login
544TCPkshellKerberos version 5 (v5) remote shell
548afpovertcpAppletalk Filing Protocol (AFP) over Transmission Control Protocol (TCP)
556remotefs [rfs_server, rfs]Brunhoff’s Remote Filesystem (RFS)


Ports Submitted To IANA By Network Community

1080socksSOCKS network application proxy services
1236bvcontrol [rmtcfg]Remote configuration server for Gracilis Packeten network switches[a]
1300h323hostcallscH.323 telecommunication Host Call Secure
1433ms-sql-sMicrosoft SQL Server
1434ms-sql-mMicrosoft SQL Monitor
1494icaCitrix ICA Client
1512winsMicrosoft Windows Internet Name Server
1524ingreslockIngres Database Management System (DBMS) lock services
1525prospero-npProspero non-privileged
1645datametrics [old-radius]Datametrics / old radius entry
1646sa-msg-port [oldradacct]sa-msg-port / old radacct entry
1649kermitKermit file transfer and management service
1701l2tp [l2f]Layer 2 Tunneling Protocol (LT2P) / Layer 2 Forwarding (L2F)
1718h323gatediscH.323 telecommunication Gatekeeper Discovery
1719h323gatestatH.323 telecommunication Gatekeeper Status
1720h323hostcallH.323 telecommunication Host Call setup
1758tftp-mcastTrivial FTP Multicast
1759UDPmtftpMulticast Trivial FTP (MTFTP)
1789helloHello router communication protocol
1812radiusRadius dial-up authentication and accounting services
1813radius-acctRadius Accounting
1911mtpStarlight Networks Multimedia Transport Protocol (MTP)
1985hsrpCisco Hot Standby Router Protocol
1986licensedaemonCisco License Management Daemon
1997gdp-portCisco Gateway Discovery Protocol (GDP)
2049nfs [nfsd]Network File System (NFS)
2102zephyr-srvZephyr distributed messaging Server
2103zephyr-cltZephyr client
2104zephyr-hmZephyr host manager
2401cvspserverConcurrent Versions System (CVS) client/server operations
2430TCPvenusVenus cache manager for Coda file system (codacon port)
2430UDPvenusVenus cache manager for Coda file system (callback/wbc interface)
2431TCPvenus-seVenus Transmission Control Protocol (TCP) side effects
2431UDPvenus-seVenus User Datagram Protocol (UDP) side effects
2432UDPcodasrvCoda file system server port
2433TCPcodasrv-seCoda file system TCP side effects
2433UDPcodasrv-seCoda file system UDP SFTP side effect
2600hpstgmgr [zebrasrv]Zebra routing[b]
2601discp-client [zebra]discp client; Zebra integrated shell
2602discp-server [ripd]discp server; Routing Information Protocol daemon (ripd)
2603servicemeter [ripngd]Service Meter; RIP daemon for IPv6
2604nsc-ccs [ospfd]NSC CCS; Open Shortest Path First daemon (ospfd)
2605nsc-posaNSC POSA; Border Gateway Protocol daemon (bgpd)
2606netmon [ospf6d]Dell Netmon; OSPF for IPv6 daemon (ospf6d)
2809corbalocCommon Object Request Broker Architecture (CORBA) naming service locator
3130icpv2Internet Cache Protocol version 2 (v2); used by Squid proxy caching server
3306mysqlMySQL database service
3346trnsprntproxyTransparent proxy
4011pxePre-execution Environment (PXE) service
4321rwhoisRemote Whois (rwhois) service
4444krb524Kerberos version 5 (v5) to version 4 (v4) ticket translator
5002rfeRadio Free Ethernet (RFE) audio broadcasting system
5308cfengineConfiguration engine (Cfengine)
5999cvsup [CVSup]CVSup file transfer and update tool
6000TCPx11 [X]X Window System services
7000afs3-fileserverAndrew File System (AFS) file server
7001afs3-callbackAFS port for callbacks to cache manager
7002afs3-prserverAFS user and group database
7003afs3-vlserverAFS volume location database
7004afs3-kaserverAFS Kerberos authentication service
7005afs3-volserAFS volume management server
7006afs3-errorsAFS error interpretation service
7007afs3-bosAFS basic overseer process
7008afs3-updateAFS server-to-server updater
7009afs3-rmtsysAFS remote cache manager service
9876sdSession Director for IP multicast conferencing
10080amandaAdvanced Maryland Automatic Network Disk Archiver (Amanda) backup services
11371pgpkeyserverPretty Good Privacy (PGP) / GNU Privacy Guard (GPG) public keyserver
11720h323callsigaltH.323 Call Signal Alternate
13720bprdVeritas NetBackup Request Daemon (bprd)
13721bpdbmVeritas NetBackup Database Manager (bpdbm)
13722bpjava-msvcVeritas NetBackup Java / Microsoft Visual C++ (MSVC) protocol
13724vnetdVeritas network utility
13782bpcdVeritas NetBackup
13783vopiedVeritas VOPIE authentication daemon
22273wnn6 [wnn4]Kana/Kanji conversion system
26000quakeQuake (and related) multi-player game servers
26208wnn6-dsWnn6 Kana/Kanji server
33434tracerouteTraceroute network tracking tool



Red Hat Enterprise Linux (RHEL) Ports

15tcpnetstatNetwork Status (netstat)
98tcplinuxconfLinuxconf Linux administration tool
106poppassdPost Office Protocol password change daemon (POPPASSD)
465tcpsmtpsSimple Mail Transfer Protocol over Secure Sockets Layer (SMTPS)
616tcpgiiGated (routing daemon) Interactive Interface
808omirr [omirrd]Online Mirror (Omirr) file mirroring services
871tcpsupfileservSoftware Upgrade Protocol (SUP) server
901tcpswatSamba Web Administration Tool (SWAT)
953rndcBerkeley Internet Name Domain version 9 (BIND 9) remote configuration tool
1127tcpsupfiledbgSoftware Upgrade Protocol (SUP) debugging
1178tcpskkservSimple Kana to Kanji (SKK) Japanese input server
1313tcpxtelFrench Minitel text information system
1529tcpsupport [prmsd, gnatsd]GNATS bug tracking system
2003tcpcfingerGNU finger
2150ninstallNetwork Installation Service
2988afbackupafbackup client-server backup system
3128tcpsquidSquid Web proxy cache
3455prsvpRSVP port
5432postgresPostgreSQL database
4557tcpfaxFAX transmission service (old service)
4559tcphylafaxHylaFAX client-server protocol (new service)
5232sgi-dglSGI Distributed Graphics Library
5354noclogNOCOL network operation center logging daemon (noclogd)
5355hostmonNOCOL network operation center host monitoring
5680tcpcannaCanna Japanese character input interface
6010tcpx11-ssh-offsetSecure Shell (SSH) X11 forwarding offset
6667ircdInternet Relay Chat daemon (ircd)
7100tcpxfsX Font Server (XFS)
7666tcptircproxyTircproxy IRC proxy service
8008http-altHypertext Tranfer Protocol (HTTP) alternate
8080webcacheWorld Wide Web (WWW) caching service
8081tproxyTransparent Proxy
9100tcpjetdirect [laserjet, hplj]Hewlett-Packard (HP) JetDirect network printing service
9359mandelspawn [mandelbrot]Parallel mandelbrot spawning program for the X Window System
10081kamandaAmanda backup service over Kerberos
10082tcpamandaidxAmanda index server
10083tcpamidxtapeAmanda tape server
20011isdnlogIntegrated Services Digital Network (ISDN) logging system
20012vboxdISDN voice box daemon (vboxd)
22305tcpwnn4_KrkWnn Korean input system
22289tcpwnn4_CncWnn Chinese input system
22321tcpwnn4_TwtWnn Chinese input system (Taiwan)
24554binkpBinkley TCP/IP Fidonet mailer daemon
27374aspAddress Search Protocol
60177tfidoIfmail FidoNet compatible mailer service
60179fidoFidoNet electronic mail and news network

'리눅스 > 기본정보(OS)' 카테고리의 다른 글

fstab 설정하기  (0) 2015.09.15
GPT 2TB 이상 하드디스크 사용 파티셔닝  (0) 2014.07.30
centos 버전 확인  (1078) 2014.06.19
로그 분석하는방법  (482) 2012.02.02
자신의 하드웨어 정보 보기  (2375) 2011.11.19
이 댓글을 비밀 댓글로

모니터링 툴

Posted by 주원이^^
2017. 7. 20. 14:59 리눅스/모니터링
336x280(권장), 300x250(권장), 250x250, 200x200 크기의 광고 코드만 넣을 수 있습니다.

시스템 관리자나 개발자들은 가끔씩 서버의 프로세스, CPU, 메모리, 네트워크, 디스크 등과 같은 리소스 상태를 모니터링 해야 할 필요가 있습니다. 이번 포스팅은 리눅스 커맨트라인 기반의 cpu, memory, network, disk, process 를 실시간 모니터링 하는 툴들을 알아 봅니다. 소개하는 툴들은 통계 기반의 리소스 사용량 정보를 보여주고 실시간으로 그 내용을 업데이트 합니다. 

1. Top

Top 명령어는 프로세스의 cpu와 메모리 사용량을 확인하는 가장 인기있는 툴입니다. 이 명령어는 가장 리소르를 많이 사용하는 순서대로 프로세스 리스트를 정렬해서 보여줍니다. 프로세스 리스트와 함께 cpu와 메모리 사용량을 확인 할 수 있습니다. "h" 키를 누르면 도움말 화면을 보여줍니다. 

2. Htop

Htop은 여러분이 가장 즐겨쓰는 툴이 될 것입니다. Top과 비슷하지만 더 정제되고 다양한 기능들을 보기좋은 UI를 이용해 보여줍니다. Htop은 리눅스에 기본적으로 설치되어 있지는 않지만 Ubuntu, Fedora, CentOS 등에서 쉽게 설치 가능합니다. 

아래는 유용한 htop 단축키들입니다.

M: 메모리 사용량으로 프로세스를 정렬

P: CPU 사용량으로 프로세스를 정렬 

?: 도움말 

k: 현재 또는 선택된 프로세스를 종료 

F2: 디스플레이 옵션 지정을 위한 셋업 메뉴 

/: 프로세스 찾기

3. Atop

Atop은 시스템 리소스와 프로세스를 모니터링 하는 툴입니다. 이것은 현재 cpu, memory, disk, network 의 사용량을 프로세스 별로 보여줍니다. Top 또는 Htop과 비슷한 기능을 제공합니다. 

4. Nmon

Nmon은 cpu, memory, network disk 사용량을 모니터링 하고 프로세스 리스트를 보여주는 사용하기 쉬운 툴이다. Nmon은 간단해서 모니터링 결과를 보여주는 기능은 제공하지만 프로세스를 관리하거나 모니터링 출력 화면을 수정하는 기능은 제공하지 않는다. 하지만 통계 결과를 스트레드시트 파일로 저장할 수 있다. 

5. Glances

파이썬으로 작성된 Glances 는 Nmon과 비슷하게 cpu, 메모리, 네트웤 디스크와 프로세스 정보들에 대한 통계를 보여준다. Nmon과 마찬가지로 통계 정보 외에 다른 기능들은 제공하지 않는다. "h" 키를 누르면 도움말 기능이 실행된다. 

6. Saidar

Saidar는 소개한 모든 툴들 중에 가장 심플한 툴이다. Saidar의 결과 화면은 cpu, 프로세서, 메모리, 스왑, 네트워크 I/O, 디스크 I/O, 파일 시스템 정보들을 보여준다. 하지만 결과 화면에서 현재 작동중인 프로세스 리스트들을 보여주지는 않는다. 

출처: http://minooz.tistory.com/166 [우주 Blog]

'리눅스 > 모니터링' 카테고리의 다른 글

cockpit 웹UI 모니터링  (0) 2017.07.20
이 댓글을 비밀 댓글로