dnsmasq[28046]: Maximum number of concurrent DNS queries reached (max: 150)

  1. /usr/sbin/dnsmasq -C, --conf-file=/etc/dnsmasq.conf --dns-forward-max=15000
  2.  
  3. [root@localhost ~]# cat /etc/dnsmasq.conf
  4. resolv-file=/etc/dnsmasq.resolv.conf
  5. cache-size=150000
  6. conf-dir=/etc/dnsmasq.d
  7.  
  8. [root@localhost ~]# cat /etc/dnsmasq.resolv.conf
  9. nameserver $Your_DNS_Server

docker启动容器structure needs cleaning

  1. [root@localhost ~]# docker start a5
  2. Error response from daemon: devmapper: Error mounting '/dev/mapper/docker-8:0-131404-a2b3317f7fb2f17df64d4ebdacefa314c679c801cfa795879ed9393af06b6904' on '/var/lib/docker/devicemapper/mnt/a2b3317f7fb2f17df64d4ebdacefa314c679c801cfa795879ed9393af06b6904': structure needs cleaning
  3. Error: failed to start containers: a5
  4.  
  5. [root@localhost ~]# xfs_repair -Lv /dev/mapper/docker-8\:0-131404-a2b3317f7fb2f17df64d4ebdacefa314c679c801cfa795879ed9393af06b6904
  6. Phase 1 - find and verify superblock...
  7.         - reporting progress in intervals of 15 minutes
  8.         - block cache size set to 185504 entries
  9. Phase 2 - using internal log
  10.         - zero log...
  11. zero_log: head block 13312 tail block 12800
  12. ALERT: The filesystem has valuable metadata changes in a log which is being
  13. destroyed because the -L option was used.
  14.         - scan filesystem freespace and inode maps...
  15. agi unlinked bucket 2 is 339394 in ag 8 (inode=33893826)
  16. agi unlinked bucket 3 is 339395 in ag 8 (inode=33893827)
  17. agi unlinked bucket 6 is 339398 in ag 8 (inode=33893830)
  18. agi unlinked bucket 53 is 241717 in ag 8 (inode=33796149)
  19. agi unlinked bucket 54 is 241718 in ag 8 (inode=33796150)
  20. sb_icount 38848, counted 39936
  21. sb_ifree 558, counted 589
  22. sb_fdblocks 2050555, counted 1559049
  23.         - 10:18:34: scanning filesystem freespace - 16 of 16 allocation groups done
  24.         - found root inode chunk
  25. Phase 3 - for each AG...
  26.         - scan and clear agi unlinked lists...
  27.         - 10:18:34: scanning agi unlinked lists - 16 of 16 allocation groups done
  28.         - process known inodes and perform inode discovery...
  29.         - agno = 15
  30.         - agno = 0
  31.         - agno = 1
  32.         - agno = 2
  33.         - agno = 3
  34.         - agno = 4
  35.         - agno = 5
  36.         - agno = 6
  37.         - agno = 7
  38.         - agno = 8
  39.         - agno = 9
  40. correcting nblocks for inode 40100648, was 15331 - counted 19426
  41.         - agno = 10
  42.         - agno = 11
  43.         - agno = 12
  44.         - agno = 13
  45.         - agno = 14
  46.         - 10:18:34: process known inodes and inode discovery - 39936 of 38848 inodes done
  47.         - process newly discovered inodes...
  48.         - 10:18:34: process newly discovered inodes - 16 of 16 allocation groups done
  49. Phase 4 - check for duplicate blocks...
  50.         - setting up duplicate extent list...
  51.         - 10:18:34: setting up duplicate extent list - 16 of 16 allocation groups done
  52.         - check for inodes claiming duplicate blocks...
  53.         - agno = 0
  54.         - agno = 1
  55.         - agno = 2
  56.         - agno = 3
  57.         - agno = 4
  58.         - agno = 5
  59.         - agno = 6
  60.         - agno = 7
  61.         - agno = 8
  62.         - agno = 9
  63.         - agno = 10
  64.         - agno = 11
  65.         - agno = 12
  66.         - agno = 13
  67.         - agno = 14
  68.         - agno = 15
  69.         - 10:18:34: check for inodes claiming duplicate blocks - 39936 of 38848 inodes done
  70. Phase 5 - rebuild AG headers and trees...
  71.         - agno = 0
  72.         - agno = 1
  73.         - agno = 2
  74.         - agno = 3
  75.         - agno = 4
  76.         - agno = 5
  77.         - agno = 6
  78.         - agno = 7
  79.         - agno = 8
  80.         - agno = 9
  81.         - agno = 10
  82.         - agno = 11
  83.         - agno = 12
  84.         - agno = 13
  85.         - agno = 14
  86.         - agno = 15
  87.         - 10:18:34: rebuild AG headers and trees - 16 of 16 allocation groups done
  88.         - reset superblock...
  89. Phase 6 - check inode connectivity...
  90.         - resetting contents of realtime bitmap and summary inodes
  91.         - traversing filesystem ...
  92.         - agno = 0
  93.         - agno = 1
  94.         - agno = 2
  95.         - agno = 3
  96.         - agno = 4
  97.         - agno = 5
  98.         - agno = 6
  99.         - agno = 7
  100.         - agno = 8
  101.         - agno = 9
  102.         - agno = 10
  103.         - agno = 11
  104.         - agno = 12
  105.         - agno = 13
  106.         - agno = 14
  107.         - agno = 15
  108.         - traversal finished ...
  109.         - moving disconnected inodes to lost+found ...
  110. disconnected inode 33796149, moving to lost+found
  111. disconnected inode 33796150, moving to lost+found
  112. disconnected inode 33893826, moving to lost+found
  113. disconnected inode 33893827, moving to lost+found
  114. disconnected inode 33893830, moving to lost+found
  115. Phase 7 - verify and correct link counts...
  116.  
  117.         XFS_REPAIR Summary    Wed Jul  6 10:18:34 2016
  118.  
  119. Phase           Start           End             Duration
  120. Phase 1:        07/06 10:18:34  07/06 10:18:34
  121. Phase 2:        07/06 10:18:34  07/06 10:18:34
  122. Phase 3:        07/06 10:18:34  07/06 10:18:34
  123. Phase 4:        07/06 10:18:34  07/06 10:18:34
  124. Phase 5:        07/06 10:18:34  07/06 10:18:34
  125. Phase 6:        07/06 10:18:34  07/06 10:18:34
  126. Phase 7:        07/06 10:18:34  07/06 10:18:34
  127.  
  128. Total run time:
  129. done
  130.     
  131. [root@localhost ~]# docker start a5
  132. a5

apache目录加密并允许IP白名单

添加以下内容到Directory里,然后用htpasswd创建配置文件并添加用户名密码
重启apache后,白名单里的IP允许访问,非白名单的IP需要输入用户名密码

  1. AuthUserFile /路/径/.htpasswd
  2. AuthName "limit"
  3. AuthType Basic
  4. require valid-user
  5. satisfy any
  6. deny from all
  7. allow from $允许的IP

IP数量计算 子网掩码速查

  1. CIDR 子网掩码 IP数量
  2. /20 4096IP 255.255.240.0
  3. /21 2048IP 255.255.248.0
  4. /22 1024IP 255.255.252.0
  5. /23 512IP 255.255.254.0
  6. /24 256IP 255.255.255.0
  7. /25 128IP 255.255.255.128
  8. /26 64IP 255.255.255.192
  9. /27 32IP 255.255.255.224
  10. /28 16IP 255.255.255.240
  11. /29 8IP 255.255.255.248
  12. /30 4IP 255.255.255.252

iptables端口转发

  1. #本机端口转发
  2. iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
  3. iptables -t nat -A PREROUTING -i eth0 -p tcp --dport $public_port -j REDIRECT --to-ports $private_port
  4.  
  5. #外网端口转发需要开启ip_forward
  6. echo "1" > /proc/sys/net/ipv4/ip_forward
  7. iptables -t nat -A PREROUTING -p tcp -m tcp --dport $local_port -j DNAT --to-destination $dest:$port
  8. iptables -t nat -A POSTROUTING -p tcp -m tcp --dport $local_port -j SNAT --to-source $local_ip