us: user cpu time
sy: system cpu time
ni: user nice cpu time
id: idle cpu time
wa: io wait cpu time
hi: hardware irq (servicing hardware interrupts)
si: software irq (servicing software interrupts)
st: steal time (time in involuntary wait by virtual cpu while hypervisor is servicing another processor)
Q. I need to run a backup and other stuff everyday. How do I check and start cron service under HP-UX UNIX operating system? How do I write cron jobs?
A. Cron service is required to run jobs and tasks such as backup.
You must login as the root to run following commands. Each user that is using the cron service must have a cron configuration file in the /var/spool/cron/crontab directory. Also users are permitted if their name appeared in /var/adm/cron/cron.allow file
Task: Find out if cron is running under HP-UX
Type the following command at a shell prompt
# ps -ef | grep cron
Open /etc/rc.config.d/cron file
vi /etc/rc.config.d/cron
Set control variable to 1 to enable cron : CRON=1
Set control variable to 0 to disable : CRON=0
Close and save the file. To start or stop cron you can type the following command:
# /sbin/init.d/cron start <-- start cron
# /sbin/init.d/cron stop <-- stop cron
Task: HP-UX Start cron service
If cron is not running, simply type:
# cron
Task: Edit / create cron jobs
Type the following command to submit a cron job:
# crontab -e
List your cron file:
# crontab -l
Backup all your cron jobs:
# crontab -l > ~/backup.cron.jobs
Remove ALL cron job:
# crontab -r
Task: Crontab file format
Cron file format is as follows:
MIN HOUR DATE MONTH DAY /PATH/TO/COMMAND
0-59 0-23 1-31 1-12 0-6 /root/scripts/backup2tape.sh
Easy to remember crontab file format:
* * * * * command to be executed
- – - – -
| | | | |
| | | | —– Day of week (0 – 7) (Sunday=0 or 7)
| | | ——- Month (1 – 12)
| | ——— Day of month (1 – 31)
| ———– Hour (0 – 23)
————- Minute (0 – 59)
To run /root/script/backup at 23:00, every day, enter:
# crontab -e
Append following
0 23 * * * /root/script/backup
Run foo job very weekday (MON-Fri) at 6am, enter:
0 6 * * 1-5 /root/script/backup
For more information refer to cron and crontab man pages.
SMP(Symmetrical Multi-Processing)
对称多处理”(Symmetrical Multi-Processing)又叫SMP,是指在一个计算机上汇集了一组处理器(多CPU),各CPU之间共享内存子系统以及总线结构。它是相对非对称多处理技术而言的、应用十分广泛的并行技术。在这种架构中,一台电脑不再由单个CPU组成,而同时由多个处理器运行操作系统的单一复本,并共享内存和一台计算机的其他资源。虽然同时使用多个CPU,但是从管理的角度来看,它们的表现就像一台单机一样。系统将任务队列对称地分布于多个CPU之上,从而极大地提高了整个系统的数据处理能力。所有的处理器都可以平等地访问内存、I/O和外部终端。在对称多处理系统中,系统资源被系统中所有CPU共享,工作负载能够均匀地分配到所有可用处理器之上。
要组建SMP系统,首先最关键的一点就是需要合适的CPU相配合。我们平时看到的CPU都是单颗使用,所以看不出来它们有什么区别,但是,实际上,支持SMP功能并不是没有条件的,随意拿几块CPU来就可以建立多处理系统那简直是天方夜谭。要实现 SMP功能,我们使用的CPU必须具备以下要求:
1、CPU内部必须内置APIC(Advanced Programmable Interrupt Controllers)单元。Intel 多处理规范的核心就是高级可编程中断控制器(Advanced Programmable Interrupt Controllers–APICs)的使用。CPU通过彼此发送中断来完成它们之间的通信。通过给中断附加动作(actions),不同的CPU可以在某种程度上彼此进行控制。每个CPU有自己的APIC(成为那个CPU的本地APIC),并且还有一个I/O APIC来处理由I/O设备引起的中断,这个I/O APIC是安装在主板上的,但每个CPU上的APIC则不可或缺,否则将无法处理多CPU之间的中断协调。
2、相同的产品型号,同样类型的CPU核心。例如,虽然Athlon和Pentium III各自都内置有APIC单元,想要让它们一起建立SMP系统是不可能的,当然,即使是Celeron和Pentium III,那样的可能性也为0,甚至Coppermine核心的Pentium III和Tualatin的Pentium III也不能建立SMP系统–这是因为他们的运行指令不完全相同,APIC中断协调差异也很大。
3、完全相同的运行频率。如果要建立双Pentium III系统,必须两颗866MHz或者两颗1000MHz处理器,不可以用一颗866MHz,另一颗1000MHz来组建,否则系统将无法正常点亮。
4、尽可能保持相同的产品序列编号。即使是同样核心的相同频率处理器,由于生产批次不同也会造成不可思议的问题。两个生产批次的CPU作为双处理器运行的时候,有可能会发生一颗CPU负担过高,而另一颗负担很少的情况,无法发挥最大性能,更糟糕的是可能导致死机,因此,应该尽可能选择同一批生产的处理器来组建SMP系统。
| 命令 | 描述 | |
| • | apropos whatis | 显示和word相关的命令。 参见线程安全 |
| • | man -t man | ps2pdf – > man.pdf | 生成一个PDF格式的帮助文件 |
| which command | 显示命令的完整路径名 | |
| time command | 计算命令运行的时间 | |
| • | time cat | 开始计时. Ctrl-d停止。参见sw |
| • | nice info | 运行一个低优先级 命令(这里是info) |
| • | renice 19 -p $$ | 使脚本运行于低优先级。用于非交互任 务。 |
| 目录操作 | ||
| • | cd - | 回到前一目录 |
| • | cd | 回到用户目录 |
| (cd dir && command) | 进入目录 dir,执行命令command然后回到当前目录 | |
| • | pushd . | 将当前目录压入栈,以后你可以使用 popd回到此目录 |
| 文件搜索 | ||
| • | alias l=’ls -l –color=auto’ | 单字符文件列表命令 |
| • | ls -lrt | 按日期显示文件. 参见newest |
| • | ls /usr/bin | pr -T9 -W$COLUMNS | 在 当前终端宽度上打印9列输出 |
| find -name ‘*.[ch]‘ | xargs grep -E ‘expr’ | 在当前目录及其子目录下所有.c和.h文件中寻找’expr’. 参见findrepo | |
| find -type f -print0 | xargs -r0 grep -F ‘example’ | 在当前目录及其子目录中的常规文件中查找字符串’example’ | |
| find -maxdepth 1 -type f | xargs grep -F ‘example’ | 在当前目录下查找字符串’example’ | |
| find -maxdepth 1 -type d | while read dir; do echo $dir; echo cmd2; done | 对每一个找到的文件执行多个命令(使用while循环) | |
| • | find -type f ! -perm -444 | 寻找所有不可读 的文件(对网站有用) |
| • | find -type d ! -perm -111 | 寻找不可访问的 目录(对网站有用) |
| • | locate -r ‘file[^/]*\.txt’ | 使用 locate 查找所有符合*file*.txt的文件 |
| • | look reference | 在(有序)字典中快速查找 |
| • | grep –color reference /usr/share/dict/words | 使字典中匹配的正则表达式高亮 |
| 归档 and compression | ||
| gpg -c file | 文件加密 | |
| gpg file.gpg | 文件解密 | |
| tar -c dir/ | bzip2 > dir.tar.bz2 | 将 目录dir/压缩打包 | |
| bzip2 -dc dir.tar.bz2 | tar -x | 展开 压缩包 (对tar.gz文件使用gzip而不是bzip2) | |
| tar -c dir/ | gzip | gpg -c | ssh user@remote ‘dd of=dir.tar.gz.gpg’ | 目录dir/压缩打包并放到远程机器上 | |
| find dir/ -name ‘*.txt’ | tar -c –files-from=- | bzip2 > dir_txt.tar.bz2 | 将目录dir/及其子目录下所有.txt文 件打包 | |
| find dir/ -name ‘*.txt’ | xargs cp -a –target-directory=dir_txt/ –parents | 将目录dir/及其子目录下所有.txt按照目录结构拷 贝到dir_txt/ | |
| ( tar -c /dir/to/copy ) | ( cd /where/to/ && tar -x -p ) | 拷贝目录copy/到目录/where/to/并保持文件属性 | |
| ( cd /dir/to/copy && tar -c . ) | ( cd /where/to/ && tar -x -p ) | 拷贝目录copy/下的所有文件到目录 /where/to/并保持文件属性 | |
| ( tar -c /dir/to/copy ) | ssh -C user@remote ‘cd /where/to/ && tar -x -p’ | 拷贝目录copy/到远程目录 /where/to/并保持文件属性 | |
| dd bs=1M if=/dev/sda | gzip | ssh user@remote ‘dd of=sda.gz’ | 将整个硬盘备份到远程机器上 | |
| rsync (使用 –dry-run选项进行测试) | ||
| rsync -P rsync://rsync.server.com/path/to/file file | 只获取diffs.当下载有问题时可以作多次 | |
| rsync –bwlimit=1000 fromfile tofile | 有 速度限制的本地拷贝,对I/O有利 | |
| rsync -az -e ssh –delete ~/public_html/ remote.com:’~/public_html’ | 镜像网站(使用压缩和加密) | |
| rsync -auz -e ssh remote:/dir/ . && rsync -auz -e ssh . remote:/dir/ | 同步当前目录和远程目录 | |
| ssh (安全 Shell) | ||
| ssh $USER@$HOST command | 在$Host主机上 以$User用户运行命令(默认命令为Shell) | |
| • | ssh -f -Y $USER@$HOSTNAME xeyes | 在 名为$HOSTNAME的主机上以$USER用户运行GUI命令 |
| scp -p -r $USER@$HOST: file dir/ | 拷 贝到$HOST主机$USER’用户的目录下 | |
| ssh -g -L 8080:localhost:80 root@$HOST | 由 本地主机的8080端口转发到$HOST主机的80端口 | |
| ssh -R 1434:imap:143 root@$HOST | 由 主机的1434端口转发到imap的143端口 | |
| wget (多用途下载工具) | ||
| • | (cd cmdline && wget -nd -pHEKk http://www.pixelbeat.org/cmdline.html) | 在当前目录中下载指定网页及其相关的文件使其可完全浏 览 |
| wget -c http://www.example.com/large.file | 继 续上次未完的下载 | |
| wget -r -nd -np -l1 -A ‘*.jpg’ http://www.example.com/ | 批量下载文件到当前目录中 | |
| wget ftp://remote/file[1-9].iso/ | 下 载FTP站上的整个目录 | |
| • | wget -q -O- http://www.pixelbeat.org/timeline.html | grep ‘a href’ | head | 直接 处理输出 |
| echo ‘wget url’ | at 01:00 | 在下午一点钟 下载指定文件到当前目录 | |
| wget –limit-rate=20k url | 限制下载速度 (这里限制到20KB/s) | |
| wget -nv –spider –force-html -i bookmarks.html | 检查文件中的链接是否存在 | |
| wget –mirror http://www.example.com/ | 更 新网站的本地拷贝(可以方便地用于cron) | |
| 网络(ifconfig, route, mii-tool, nslookup 命令皆已过时) | ||
| ethtool eth0 | 显示网卡eth0的状态 | |
| ethtool –change eth0 autoneg off speed 100 duplex full | 手动设制网卡速度 | |
| iwconfig eth1 | 显示无线网卡eth1的状态 | |
| iwconfig eth1 rate 1Mb/s fixed | 手动 设制无线网卡速度 | |
| • | iwlist scan | 显示无线网络列表 |
| • | ip link show | 显示interface列表 |
| ip link set dev eth0 name wan | 重命名 eth0为wan | |
| ip link set dev eth0 up | 启动 interface eth0(或关闭) | |
| • | ip addr show | 显示网卡的IP地址 |
| ip addr add 1.2.3.4/24 brd + dev eth0 | 添 加ip和掩码(255.255.255.0) | |
| • | ip route show | 显示路由列表 |
| ip route add default via 1.2.3.254 | 设 置默认网关1.2.3.254 | |
| • | tc qdisc add dev lo root handle 1:0 netem delay 20msec | 增加20ms传输时间到 loopback设备(调试用) |
| • | tc qdisc del dev lo root | 移除上面添加的传 输时间 |
| • | host pixelbeat.org | 查寻主机的DNS IP地址 |
| • | hostname -i | 查寻本地主机的IP地址(同等于host `hostname`) |
| • | whois pixelbeat.org | 查寻某主机或莫IP地址的 whois信息 |
| • | netstat -tupl | 列出系统中的internet服务 |
| • | netstat -tup | 列出活跃的连接 |
| windows networking (samba提供所有windows相关的网络支持) | ||
| • | smbtree | 寻找一个windows主机. 参见findsmb |
| nmblookup -A 1.2.3.4 | 寻找一个指定ip的 windows (netbios)名 | |
| smbclient -L windows_box | 显示在 windows主机或samba服务器上的所有共享 | |
| mount -t smbfs -o fmask=666,guest //windows_box/share /mnt/share | 挂载一个windows共享 | |
| echo ‘message’ | smbclient -M windows_box | 发 送一个弹出信息到windows主机(XP sp2默认关闭此功能) | |
| 文本操作 (sed使用标准输入和标准输出,如果想要编辑文件,则需添加<oldfile >newfile) | ||
| sed ‘s/string1/string2/g’ | 使用 string2替换string1 | |
| sed ‘s/\(.*\)1/\12/g’ | 将任何以1结尾的字符串 替换为以2结尾的字符串 | |
| sed ‘/ *#/d; /^ *$/d’ | 删除注释和空白行 | |
| sed ‘:a; /\\$/N; s/\\\n//; ta’ | 连接 结尾有\的行和其下一行 | |
| sed ‘s/[ \t]*$//’ | 删除每行后的空白 | |
| sed ‘s/\([\\`\\"$\\\\]\)/\\\1/g’ | 将 所有转义字符之前加上\ | |
| • | seq 10 | sed “s/^/ /; s/ *\(.\{7,\}\)/\1/” | 向右排N(任意数)列 |
| sed -n ’1000p;1000q‘ | 输 出第一千行 | |
| sed -n ’10,20p;20q‘ | 输 出第10-20行 | |
| sed -n ‘s/.*<title>\(.*\)<\/title>.*/\1/ip;T;q‘ | 输出HTML文件的<title></title> 字段中的 内容 | |
| sort -t. -k1,1n -k2,2n -k3,3n -k4,4n | 排 序IPV4地址 | |
| • | echo ‘Test’ | tr ‘[:lower:]‘ ‘[:upper:]‘ | 转 换成大写 |
| • | tr -dc ‘[:print:]‘ < /dev/urandom | 过 滤掉不能打印的字符 |
| • | history | wc -l | 计算指定单词出现的次数 |
| 集合操作 (如果是英文文本的话export LANG=C可以提高速度) | ||
| sort file1 file2 | uniq | 两个未排序文件的并集 | |
| sort file1 file2 | uniq -d | 两个未排序文 件的交集 | |
| sort file1 file1 file2 | uniq -u | 两 个未排序文件的差 集 | |
| sort file1 file2 | uniq -u | 两个未排序文 件的对称差集 | |
| join -t’\0′ -a1 -a2 file1 file2 | 两个有序文件的并集 | |
| join -t’\0′ file1 file2 | 两个有序文件的交集 | |
| join -t’\0′ -v2 file1 file2 | 两个有序文 件的差集 | |
| join -t’\0′ -v1 -v2 file1 file2 | 两 个有序文件的对称差集 | |
| 数学 | ||
| • | echo ‘(1 + sqrt(5))/2′ | bc -l | 方便 的计算器(计算 φ) |
| • | echo ‘pad=20; min=64; (100*10^6)/((pad+min)*8)’ | bc | 更复杂地计算,这里计算了最大的FastE包率 |
| • | echo ‘pad=20; min=64; print (100E6)/((pad+min)*8)’ | python | Python处理数值的科学表示法 |
| • | echo ‘pad=20; plot [64:1518] (100*10**6)/((pad+x)*8)’ | gnuplot -persist | 显示FastE包率相对于包大小的图形 |
| • | echo ‘obase=16; ibase=10; 64206′ | bc | 进 制转换(十进制到十六进制) |
| • | echo $((0x2dec)) | 进制转换(十六进制到十进制) ((shell数学扩展)) |
| • | units -t ’100m/9.58s‘ ‘miles/hour’ | 单位转换(公尺到英尺) |
| • | units -t ’500GB’ ‘GiB’ | 单位转换(SI 到IEC 前缀) |
| • | units -t ’1 googol’ | 定义查找 |
| • | seq 100 | (tr ‘\n’ +; echo 0) | bc | 加 N(任意数)列. 参见 add and funcpy |
| 日历 | ||
| • | cal -3 | 显示一日历 |
| • | cal 9 1752 | 显示指定月,年的日历 |
| • | date -d fri | 这个星期五是几号. 参见day |
| • | date –date=’25 Dec’ +%A | 今年的圣诞节是星 期几 |
| • | date –date ’1970-01-01 UTC 2147483647 seconds’ | 将一相对于1970-01-01 00:00的秒数转换成时间 |
| • | TZ=’:America/Los_Angeles’ date | 显示 当前的美国西岸时间(使用tzselect寻找时区) |
| echo “mail -s ‘get the train’ P@draigBrady.com < /dev/null” | at 17:45 | 在指定的时间发送邮件 | |
| • | echo “DISPLAY=$DISPLAY xmessage cooker” | at “NOW + 30 minutes” | 在给定的时间弹出对话框 |
| locales | ||
| • | printf “%’d\n” 1234 | 根据locale输出正确的 数字分隔 |
| • | BLOCK_SIZE=\’1 ls -l | 用ls命令作类适于 locale()文件分组 |
| • | echo “I live in `locale territory`” | 从 locale数据库中展开信息 |
| • | LANG=en_IE.utf8 locale int_prefix | 查 找指定地区的locale信息。参见ccodes |
| • | locale | cut -d= -f1 | xargs locale -kc | less | 显示在locale数据库中的所有字段 |
| recode (iconv, dos2unix, unix2dos 已经过时了) | ||
| • | recode -l | less | 显示所有有效的字符集及其别名 |
| recode windows-1252.. file_to_change.txt | 转 换Windows下的ansi文件到当前的字符集(自动进行回车换行符的转换) | |
| recode utf-8/CRLF.. file_to_change.txt | 转 换Windows下的ansi文件到当前的字符集 | |
| recode iso-8859-15..utf8 file_to_change.txt | 转换Latin9(西欧)字符集文件到utf8 | |
| recode ../b64 < file.txt > file.b64 | Base64 编码 | |
| recode /qp.. < file.txt > file.qp | Quoted- printable格式解码 | |
| recode ..HTML < file.txt > file.html | 将文本文件转换成HTML | |
| • | recode -lf windows-1252 | grep euro | 在字符表中查找欧元符号 |
| • | echo -n 0×80 | recode latin-9/x1..dump | 显 示字符在latin-9中的字符映射 |
| • | echo -n 0x20AC | recode ucs-2/x2..latin-9/x | 显示latin-9编码 |
| • | echo -n 0x20AC | recode ucs-2/x2..utf-8/x | 显 示utf-8编码 |
| 光盘 | ||
| gzip < /dev/cdrom > cdrom.iso.gz | 保 存光盘拷贝 | |
| mkisofs -V LABEL -r dir | gzip > cdrom.iso.gz | 建立目录dir的光盘镜像 | |
| mount -o loop cdrom.iso /mnt/dir | 将 光盘镜像挂载到 /mnt/dir (只读) | |
| cdrecord -v dev=/dev/cdrom blank=fast | 清 空一张CDRW | |
| gzip -dc cdrom.iso.gz | cdrecord -v dev=/dev/cdrom - | 烧录光盘镜像 (使用 dev=ATAPI -scanbus 来确认该使用的 dev) | |
| cdparanoia -B | 在当前目录下将光盘音轨转录成wav文件 | |
| cdrecord -v dev=/dev/cdrom -audio *.wav | 将 当前目录下的wav文件烧成音乐光盘 (参见cdrdao) | |
| oggenc –tracknum=’track’ track.cdda.wav -o ‘track.ogg’ | 将wav文件转换成ogg格式 | |
| 磁盘空间 (参见FSlint) | ||
| • | ls -lSr | 按文件大小降序显示文件 |
| • | du -s * | sort -k1,1rn | head | 显示当 前目录下占用空间最大的一批文件. 参见dutop |
| • | df -h | 显示空余的磁盘空间 |
| • | df -i | 显示空余的inode |
| • | fdisk -l | 显示磁盘分区大小和类型(在root下执行) |
| • | rpm -q -a –qf ‘%10{SIZE}\t%{NAME}\n’ | sort -k1,1n | 显示所有在rpm发布版上安装的包,并以包字节大小为序 |
| • | dpkg-query -W -f=’${Installed-Size;10}\t${Package}\n’ | sort -k1,1n | 显示所有在deb发布 版上安装的包,并以KB包大 小为序 |
| • | dd bs=1 seek=2TB if=/dev/null of=ext3.test | 建立一个大的测试文件(不占用空间). 参见truncate |
| 监视/调试 | ||
| • | tail -f /var/log/messages | 监视 Messages日志文件 |
| • | strace -c ls >/dev/null | 总结/剖析命 令进行的系统调用 |
| • | strace -f -e open ls >/dev/null | 显 示命令进行的系统调用 |
| • | ltrace -f -e getenv ls >/dev/null | 显 示命令调用的库函数 |
| • | lsof -p $$ | 显示 当前进程打开的文件 |
| • | lsof ~ | 显示打开用户目录的进程 |
| • | tcpdump not port 22 | 显示除了ssh外的网络交 通. 参见tcpdump_not_me |
| • | ps -e -o pid,args –forest | 以树状结构显 示进程 |
| • | ps -e -o pcpu,cpu,nice,state,cputime,args –sort pcpu | sed ‘/^ 0.0 /d’ | 以CPU占用率为序显示进程 |
| • | ps -e -orss=,args= | sort -b -k1,1n | pr -TW$COLUMNS | 以内存使用量为序显示进程. 参见ps_mem.py |
| • | ps -C firefox-bin -L -o pid,tid,pcpu,state | 显示指定进程的所有线程信息 |
| • | ps -p 1,2 | 显示指定进程ID的进程信息 |
| • | last reboot | 显示系统重启记录 |
| • | free -m | 显示(剩余的)内存总量(-m以MB为单位显示) |
| • | watch -n.1 ‘cat /proc/interrupts’ | 监 测文件/proc/interrupts的变化 |
| 系统信息 (参见sysinfo) | ||
| • | uname -a | 查看内核/操作系统/CPU信息 |
| • | head -n1 /etc/issue | 查看操作系统版本 |
| • | cat /proc/partitions | 显示所有在系统中注册的分 区 |
| • | grep MemTotal /proc/meminfo | 显示系统可 见的内存总量 |
| • | grep “model name” /proc/cpuinfo | 显 示CPU信息 |
| • | lspci -tv | 显示PCI信息 |
| • | lsusb -tv | 显示USB信息 |
| • | mount | column -t | 显示所有挂载的文件系统并对齐输 出 |
| # | dmidecode -q | less | 显示SMBIOS/DMI 信息 |
| # | smartctl -A /dev/sda | grep Power_On_Hours | 系统开机的总体时间 |
| # | hdparm -i /dev/sda | 显示关于磁盘sda的信息 |
| # | hdparm -tT /dev/sda | 检测磁盘sda的读取速度 |
| # | badblocks -s /dev/sda | 检测磁盘sda上所有的 坏扇区 |
| 交互 (参见linux keyboard shortcut database) | ||
| • | readline | Line editor used by bash, python, bc, gnuplot, … |
| • | screen | 多窗口的 虚拟终端, … |
| • | mc | 强大的文件管理器,可以浏 览rpm, tar, ftp, ssh, … |
| • | gnuplot | 交 互式并可进行脚本编程的画图工具 |
| • | links | 网页浏览器 |
| miscellaneous | ||
| • | alias hd=’od -Ax -tx1z -v’ | 方便的十六进制输出。 (用法举例: • hd /proc/self/cmdline | less) |
| • | alias realpath=’readlink -f’ | 显示符号链接指向的真实路径((用法举例: • realpath ~/../$USER) |
| • | set | grep $USER | 在当前环境中查找 |
| touch -c -t 0304050607 file | 改变文件的 时间标签 (YYMMDDhhmm) | |
| • | python -m SimpleHTTPServer | Serve current directory tree at http://$HOSTNAME:8000/ |
http://www.pixelbeat.org/cmdline_zh_CN.html
[root@web7 ]# apachectl -l
Compiled in modules:
core.c
prefork.c
http_core.c
mod_so.c
#dmesg
TCP: Treason uncloaked! Peer 192.168.5.160:20179/80 shrinks window 3197852208:3197856588. Repaired.
TCP: Treason uncloaked! Peer 192.168.5.160:20179/80 shrinks window 3197882868:3197884328. Repaired.
TCP: Treason uncloaked! Peer 192.168.5.160:20179/80 shrinks window 3197950028:3197951488. Repaired.
TCP: Treason uncloaked! Peer 192.168.5.160:46916/80 shrinks window 4050823208:4050826128. Repaired.
TCP: Treason uncloaked! Peer 192.168.5.160:50764/80 shrinks window 4191509400:4191512320. Repaired.
TCP: Treason uncloaked! Peer 192.168.5.160:50764/80 shrinks window 4191544440:4191545900. Repaired.
TCP: Treason uncloaked! Peer 192.168.5.160:50764/80 shrinks window 4191560500:4191561960. Repaired.
TCP: Treason uncloaked! Peer 192.168.5.160:11981/80 shrinks window 939655679:939658599. Repaired.
TCP: Treason uncloaked! Peer 192.168.5.160:11981/80 shrinks window 939655679:939658599. Repaired.
TCP: Treason uncloaked! Peer 192.168.5.160:11981/80 shrinks window 939655679:939658599. Repaired.
产生原因
以前一直没时间关注,今天抽点时间来研究一下.
首先在网上看到这样的一段解释:
The remote host decided to shrink the TCP window size without negotiating such with your Linux box. The message is of the informational level, meaning Linux doesn’t like what it is seeing but will cope with it and carry on.
大致意思是说:这是一段一般性提示信息,说明远程主机在未经Linux主机”同意”就收缩了TCP window size,虽然Linux主机不喜欢这类举动,但是仍将继续处理这类请求.
这是一种解释,也就是这类信息可能并非危险.
另外一段解释来自Debian的邮件列表,首先回复者引用了一段源代码说明错误的来源:
>>From /usr/src/linux/net/ipv4/tcp_timer.c:
if (tp->snd_wnd == 0 && !sk->dead &&
!((1<<sk->state)&(TCPF_SYN_SENT|TCPF_SYN_RECV))) {
/* Receiver dastardly shrinks window. Our retransmits
* become zero probes, but we should not timeout this
* connection. If the socket is an orphan, time it out,
* we cannot allow such beasts to hang infinitely.
*/
#ifdef TCP_DEBUG
if (net_ratelimit())
printk(KERN_DEBUG “TCP: Treason uncloaked! Peer
%u.%u.%u.%u:%u/%u shrinks window %u:%u. Repaired.\n”,
NIPQUAD(sk->daddr), htons(sk->dport), sk->num,
tp->snd_una, tp->snd_nxt);
#endif
具体的解释是:
So it appears that someone is running some sort of “tar-pit” system that is
designed to keep sockets in a bad state and run you out of kernel memory.
I suspect that this ties in with the spam blocking things we recently
discussed. Maybe you should tell your ISP that they are to blame for such
actions being done to you and that they should “give you face” (I think that
was the term you used) by closing their open relays.
作者认为这可能和tar-pit攻击相关.并且建议联系ISP提供解决方案.
还有如下的解释:
The reason Linux is printing such messages is because your client guy is shrinking the TCP Window to 0, and the server has something to retransmit. There is something seriously wrong with your client’s stack. Which Stack/OS are you using on he client side, and which browser?
That could explain your browser showing some html tags as the server fails to send the whole page across and based on what browser you are using it is failing to parse it out.
意思是,这类错误也可能是客户端Stack错误引起的.
另一段同样引用了源代码的解释似乎直指了问题的本质:
> Treason uncloaked! Peer [IP address]:515/1022 shrinks window
> 3957222360:3957222379. Repaired.
> Our researches so far indicate the problem may be a buggy TCP stack
> in the client, that is in the DP301P+. But we still do not know
> exactly what caused the problem, nor how to prevent it happening
> again.
That comes from the kernel tcp code below. Looks like the DLink has
returned information yielding a transmit window smaller than it
previously did; specifically it returned a window of zero plus an ack
of up to byte 3957222360, thus indicating that it can accept nothing
after that byte. Previously it had sent some ack+wnd values
indicating that it would accept up to byte 3957222379.
The Linux side is now supposed to send a packet every now and then
forever until the returned window is nonzero. It does.
However, the dlink is apparently not responding in a timely manner.
Any response would either open the window or update the rcv timestamp
such that the thing will retransmit forever. It may be responding
very slowly, or just not responding at all.
The kernel prints the message after it expected but did not see a
response to the probe packet it sent to check for a nonzero window.
The kernel implements exponential backoff retransmissions until it
hasn’t seen any response in 2m, then it will bail and close the
connection. This is reasonable. It’s unclear from your report if the
connections are failing outright or just sometimes having to
retransmit a probe against a peer that shrank the window.
Disk striping is the technique of spreading data over multiple disks. The data to be stored is divided into blocks and spread across several partitions on various hard disk. Disk striping is used with or without equivalence. Disk striping helps in improving the performance of the disk.
Disk mirroring is a process in which two duplicate disks are simultaneously created with the same data. This process is expensive, as it requires two disks to store the same kind of data. This process provides maximum security as if one disk fails the system switches to the other disk immediately to another disk without any data loss.
Recent Comments