radius ubuntu，ubuntu on wayland

大家好，感谢邀请，今天来为大家分享一下radius ubuntu的问题，以及和ubuntu on wayland的一些困惑，大家要是还不太明白的话，也没有关系，因为接下来将为大家分享，希望可以帮助到大家，解决大家的问题，下面就开始吧！

logstash 和 filebeat 连接有用户名密码的elasticsearch

[图片上传失败...(image-61c09e-1619429119566)]

文件夹创建整体架构图

参考资料

vi~/.bash_profile

export JAVA_HOME=/usr/local/apps/jdk1.8.0_261

export PATH= JAVA_HOME/bin

export CLASSPATH=.: JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar

source~/.bash_profile

可以访问jdk

chmod-r 755 jdk1.8.0_261

[图片上传失败...(image-af15e0-1619429119566)]

<pre spellcheck="false" class="md-fences md-end-block ty-contain-cm modeLoaded" lang="" cid="n438" mdtype="fences" style="box-sizing: border-box; overflow: visible; font-family: var(--monospace); font-size: 0.9em; display: block; break-inside: avoid; text-align: left; white-space: normal; background-image: inherit; background-position: inherit; background-size: inherit; background-repeat: inherit; background-attachment: inherit; background-origin: inherit; background-clip: inherit; background-color: rgb(248, 248, 248); position: relative!important; border: 1px solid rgb(231, 234, 237); border-radius: 3px; padding: 8px 4px 6px; margin-bottom: 15px; margin-top: 15px; width: inherit;">mkdir/usr/local/apps/logstash

chmod 775/usr/local/apps/logstash

mkdir/usr/local/apps/filebeat

chmod 775/usr/local/apps/filebeat

mkdir/srv/logstash/log

mkdir/srv/logstash/data

chmod-R 775/srv/logstash

mkdir/srv/filebeat/log

mkdir/srv/filebeat/data

chmod-R 775/srv/filebeat

cd/usr/local/apps/logstash</pre>

wget

解压程序 tar-xvf logstash-7.11.2-linux-x86_64.tar.gz

在config下创建 mylogstash-filebeat.conf文件

<pre spellcheck="false" class="md-fences md-end-block ty-contain-cm modeLoaded" lang="" cid="n58" mdtype="fences" style="box-sizing: border-box; overflow: visible; font-family: var(--monospace); font-size: 0.9em; display: block; break-inside: avoid; text-align: left; white-space: normal; background-image: inherit; background-position: inherit; background-size: inherit; background-repeat: inherit; background-attachment: inherit; background-origin: inherit; background-clip: inherit; background-color: rgb(248, 248, 248); position: relative!important; border: 1px solid rgb(231, 234, 237); border-radius: 3px; padding: 8px 4px 6px; margin-bottom: 15px; margin-top: 15px; width: inherit;">input{

beats{

port=> 5044

}

}

output{

elasticsearch{

hosts=> ["","",""]

user=>"elastic"

password=>"gVZNqhqu636wm13h8npd"

index=>"logstash"

}

}</pre>

vi config/logstash.yml

path.data:/srv/data/logstash

nohup./logstash-f../config/mylogstash-kafka.conf&

ps-ef| grep logstash

tail-100f nohup.out

:error=>"Got response code'401' contacting Elasticsearch at UR

可能是你没有配置用户名密码

curl-XGET'localhost:9600/?pretty'

cd/usr/local/apps/filebeat

wget

tar xzvf filebeat-7.3.1-linux-x86_64.tar.gz

cd ilebeat-7.3.1-linux-x86_64

mv*../

filebeat日志目录配置

抓取扫描文件配置

vi/usr/local/apps/filebeat/filebeat.yml

<pre spellcheck="false" class="md-fences md-end-block ty-contain-cm modeLoaded" lang="" cid="n340" mdtype="fences" style="box-sizing: border-box; overflow: visible; font-family: var(--monospace); font-size: 0.9em; display: block; break-inside: avoid; text-align: left; white-space: normal; background-image: inherit; background-position: inherit; background-size: inherit; background-repeat: inherit; background-attachment: inherit; background-origin: inherit; background-clip: inherit; background-color: rgb(248, 248, 248); position: relative!important; border: 1px solid rgb(231, 234, 237); border-radius: 3px; padding: 8px 4px 6px; margin-bottom: 15px; margin-top: 15px; width: inherit;">打开以下内容

打开使能

#抓取日志的配置

enabled: true

paths:

•-/srv/filebeat/log/*.log

•-/usr/local/apps/filebeat/test.log

#logstash的配置

output.logstash:

# The Logstash hosts

hosts: ["localhost:5044"]

#日志路径配置

logging.to_files: true

logging.files:

path:/srv/filebeat/log

name: filebeat

keepfiles: 7

permissions: 0644

</pre>

权限控制

<pre mdtype="fences" cid="n108" lang="" class="md-fences md-end-block ty-contain-cm modeLoaded" spellcheck="false" style="box-sizing: border-box; overflow: visible; font-family: var(--monospace); font-size: 0.9em; display: block; break-inside: avoid; text-align: left; white-space: normal; background-image: inherit; background-position: inherit; background-size: inherit; background-repeat: inherit; background-attachment: inherit; background-origin: inherit; background-clip: inherit; background-color: rgb(248, 248, 248); position: relative!important; border: 1px solid rgb(231, 234, 237); border-radius: 3px; padding: 8px 4px 6px; margin-bottom: 15px; margin-top: 15px; width: inherit;">把文件加权限赋予rd账户

chown-R rd:rd/usr/local/apps/filebeat

后面的切换到rd账户执行

su rd

chmod go-w/usr/local/apps/filebeat/filebeat.yml

touch/usr/local/apps/filebeat/test.log

echo"asdfasdfasdf">>/usr/local/apps/filebeat/test.log

nohup./filebeat&

tail-fn 200 nohup.out</pre>

./filebeat test output测试运行状态

<pre spellcheck="false" class="md-fences md-end-block ty-contain-cm modeLoaded" lang="" cid="n387" mdtype="fences" style="box-sizing: border-box; overflow: visible; font-family: var(--monospace); font-size: 0.9em; display: block; break-inside: avoid; text-align: left; white-space: normal; background-image: inherit; background-position: inherit; background-size: inherit; background-repeat: inherit; background-attachment: inherit; background-origin: inherit; background-clip: inherit; background-color: rgb(248, 248, 248); position: relative!important; border: 1px solid rgb(231, 234, 237); border-radius: 3px; padding: 8px 4px 6px; margin-bottom: 15px; margin-top: 15px; width: inherit;">rd@localhost filebeat]$./filebeat test output

logstash: localhost:5044...

connection...

• parse host... OK

• dns lookup... OK

• addresses:::1, 127.0.0.1

• dial up... OK

TLS... WARN secure connection disabled

talk to server... OK</pre>

说明是正常的

查询es

curl-XGET--user elastic:gVZNqhqu636wm13h8npd' '

<pre spellcheck="false" class="md-fences md-end-block ty-contain-cm modeLoaded" lang="" cid="n415" mdtype="fences" style="box-sizing: border-box; overflow: visible; font-family: var(--monospace); font-size: 0.9em; display: block; break-inside: avoid; text-align: left; white-space: normal; background-image: inherit; background-position: inherit; background-size: inherit; background-repeat: inherit; background-attachment: inherit; background-origin: inherit; background-clip: inherit; background-color: rgb(248, 248, 248); position: relative!important; border: 1px solid rgb(231, 234, 237); border-radius: 3px; padding: 8px 4px 6px; margin-bottom: 15px; margin-top: 15px; width: inherit;">{"_index":"logstash","_type":"_doc","_id":"HtlkDXkBEawMgE7wuu-Z","_score":1.0,"_source":{"offset":135,"source":"/usr/local/apps/filebeat/test.log","prospector":{"type":"log"},"message":"123123123123123","@version":"1","beat":{"version":"6.2.4","name":"localhost.localdomain","hostname":"localhost.localdomain"},"@timestamp":"2021-04-26T08:56:14.094Z","tags":["beats_input_codec_plain_applied"]}},{"_index":"logstash","_type":"_doc","_id":"yjhkDXkBo6lKLCg_uhM3","_score":1.0,"_source":{"offset":151,"source":"/usr/local/apps/filebeat/test.log","prospector":{"type":"log"},"message":"123123123123123","@version":"1","beat":{"version":"6.2.4","name":"localhost.localdomain","hostname":"localhost.localdomain"},"@timestamp":"2021-04-26T08:56:14.094Z","tags":["beats_input_codec_plain_applied"]}},{"_index":"logstash","_type":"_doc","_id":"yzhkDXkBo6lKLCg_uhM3","_score":1.0,"_source":{"offset":503,"source":"/usr/local/apps/filebeat/test.log","prospector":{"type":"log"},"message":"123123123123123","@version":"1","beat":{"version":"6.2.4","name":"localhost.localdomain","hostname":"localhost.localdomain"},"@timestamp":"2021-04-26T08:56:14.096Z","tags":["beats_input_codec_plain_applied"]}},{"_index":"logstash","_type":"_doc","_id":"yDhkDXkBo6lKLCg_uhM0","_score":1.0,"_source":{"offset":711,"source":"/usr/local/apps/filebeat/test.log","prospector":{"type":"log"},"message":"123123123123123","@version":"1","beat":{"version":"6.2.4","name":"localhost.localdomain","hostname":"localhost.localdomain"},"@timestamp":"2021-04-26T08:56:14.097Z","tags":["beats_input_codec_plain_applied"]}},{"_index":"logstash","_type":"_doc","_id":"wDhkDXkBo6lKLCg_uhM0","_score":1.0,"_source":{"offset":169,"source":"/srv/filebeat/log/a.log","prospector":{"type":"log"},"message":"asdfasdfasdf","@version":"1","beat":{"version":"6.2.4","name":"localhost.localdomain","hostname":"localhost.localdomain"},"@timestamp":"2021-04-26T08:56:14.093Z","tags":["beats_input_codec_plain_applied"]}},{"_index":"logstash","_type":"_doc","_id":"wThkDXkBo6lKLCg_uhM0","_score":1.0,"_source":{"offset":279,"source":"/usr/local/apps/filebeat/test.log","prospector":{"type":"log"},"message":"123123123123123","@version":"1","beat":{"version":"6.2.4","name":"localhost.localdomain","hostname":"localhost.localdomain"},"@timestamp":"2021-04-26T08:56:14.095Z","tags":["beats_input_codec_plain_applied"]}},{"_index":"logstash","_type":"_doc","_id":"HdlkDXkBEawMgE7wuu-V","_score":1.0,"_source":{"offset":423,"source":"/usr/local/apps/filebeat/test.log","prospector":{"type":"log"},"message":"123123123123123","@version":"1","beat":{"version":"6.2.4","name":"localhost.localdomain","hostname":"localhost.localdomain"},"@timestamp":"2021-04-26T08:56:14.096Z","tags":["beats_input_codec_plain_applied"]}},{"_index":"logstash","_type":"_doc","_id":"wjhkDXkBo6lKLCg_uhM0","_score":1.0,"_source":{"offset":743,"prospector":{"type":"log"},"source":"/usr/local/apps/filebeat/test.log","message":"123123123123123","@version":"1","beat":{"version":"6.2.4","name":"localhost.localdomain","hostname":"localhost.localdomain"},"@timestamp":"2021-04-26T08:56:14.097Z","tags":["beats_input_codec_plain_applied"]}},{"_index":"logstash","_type":"_doc","_id":"DdlkDXkBEawMgE7wuu-O","_score":1.0,"_source":{"offset":39,"prospector":{"type":"log"},"source":"/usr/local/apps/filebeat/test.log","message":"asdfasdfasdf","@version":"1","beat":{"version":"6.2.4","name":"localhost.localdomain","hostname":"localhost.localdomain"},"@timestamp":"2021-04-26T08:56:14.094Z","tags":["beats_input_codec_plain_applied"]}}]}}</pre>

参考:

配置里抓取的日志但是感觉filebeat没有抓取日志

模拟产生日志

查询日志

不行那个用户只能查询

elasticsearch多个用户权限问题

Freeradius files peap-mschapv2 动态vlan

在实现radius认证和根据用户的vlan下发的环境与目标下，以ubuntu20.04为平台进行详细步骤的阐述：

首先，安装freeradius，随后在配置文件中修改default_eap_type的值为peap，以启用EAP模块。

在查看tls-config tls-common时，确认使用的公钥、私钥、ca期限均来自系统内部。若使用系统内部证书或考虑引入第三方解决方案如letsencrypt或freeradius证书工具，应避免直接使用系统证书。

接着，创建证书，这一环节需在完成系统证书配置后进行。

启用EAP模块后，编辑配置文件/etc/freeradius/3.0/clients.conf，添加允许的nas（网络访问服务器）ip与连接时使用的密钥，此处指接入点、交换机等设备信息。

在用户管理中，通过/etc/freeradius/3.0/users添加用户，确保配置与实际使用场景相符。

为了进行eap认证的测试，安装eapol_test工具，此工具是wpa_supplicant中的测试程式。在下载并编译wpa_supplicant源码后，使用netlink库，以完成eapol_test的安装。

执行测试时，需创建eapol_test配置文件与测试脚本，以模拟认证过程。

接下来，将创建证书的步骤列出，包括编辑ca.cnf、client.cnf、inner-server.cnf、server.cnf配置文件。对于每个配置文件中的countryName、stateOrProvinceName、localityName、organizationName四个属性，应保持一致性，避免出现配置错误。

完成证书生成后，编辑配置文件/etc/freeradius/3.0/mods-available/eap，进一步完善认证与vlan下发的相关配置，以确保freeradius服务能够根据用户身份动态分配vlan。

如何在ubuntu 下装idl

一、安装

以root用户运行：yum install wireshark

二、运行

在终端中键入命令：

#wireshark

bash:wireshark:command not found

#whereis wireshark

wireshark:/usr/lib/wireshark/usr/share/wireshark

#cd/usr/lib/wireshark

#ls

plugins

#cd/usr/share/wireshark; ls

AUTHORS-SHORT dtds mergecap.html tshark.html

capinfos.html dumpcap.html radius wimaxasncp

cfilters editcap.html rawshark.html wireshark-filter.html

colorfilters help services wireshark.html

COPYING idl2wrs.html smi_modules ws.css

dfilters ipmap.html text2pcap.html

diameter manuf tpncp

解决方法：

yum search wireshark（搜索匹配特定字符的rpm包）

yum install wireshark-gnome.i386（wireshark的图形界面）

#whereis wireshark

wireshark:/usr/bin/wireshark/usr/sbin/wireshark/usr/share/wireshark/usr/share/man/man1/wireshark.1.gz

#wireshark

成功！

使用

查看TCP通信包，在过滤条件中写入 tcp；Apply；

查看指定端口的包：在过滤条件中输入 tcp.port eq 7905

查看指定IP的包：ip.addr eq 192.168.1.104

查看指定IP和PORT的包：ip.addr eq 192.168.1.104 and tcp.port eq 7905

网络抓包工具Wireshark的简单使用

Ubuntu 12.04下安装Wireshark

Linux中从普通用户启动Wireshark抓包