0基础上手python、PHP编程，域自助服务台，具备第三方APP提醒，自助改密解锁等功能 王工自研域自助服务台架构图，具备长期未改密企业微信提醒、自助改密解锁等功能全面对标宁盾微软AD自助修改密码解决方案https://www.nington.com/solution-adpassword/每年可为公司节省5W-10W元说明 王工域控为windows2022，Self Service Password搭建在OracleLinux8上，python版本为python3最新版本，PHP为OracleLinux8默认源中的PHP7预览 通知改密自助改密架构解析： 1、域控上域账户维护pager属性(寻呼机)，修改为企业微信ID2、域控运行扫描脚本，通过计算上次修改密码时间，超过指定日期，进行企业微信提醒；如果未维护pager属性，写入日志3、Self Service Password域控自助服务台二次开发，改为企业微信接收验证码改密4、进行企业微信提醒时，先查询redis缓存，如果access_token不存在，则获取一次，如果存在，直接使用，缓存5400秒自动过期。5、建立企业微信应用，可参考我的zabbix文章搭建前提1、已维护域控pager属性为企业微信userid，此信息需要企业微信管理员后台查询。2、已正确部署Self Service Password，可以看我之前的文章。3、已部署redis，建议使用docker部署，一定要设置redis密码4、已为php增加php-redis扩展docker一键部署redis 红帽系系统默认为podman替代dockerpodman pull redis podman run --restart=always -p 6379:6379 --name myredis -d redis --requirepass passwd@123持久化参数--appendonly yes扫描脚本： 扫描脚本同样有两部分组成，第一部分是powershell脚本，用于获取域用户信息 可指定OU、可自定义要获取的用户属性，生成的文件放在C盘根目录下1.txt，与python脚本对应 adgetuser.ps1Get-ADUser -Filter 'Name -like "*"' -SearchBase "OU=测试组,OU=用户OU,DC=90apt,DC=com" -Properties * | Select-Object name,passwordlastset,pager > c:/1.txt运行结果 name passwordlastset pager ---- --------------- ----- 王忘杰1 2023/5/18 16:39:05 WangWangJie1 王忘杰2 2022/9/26 16:50:41 WangWangJie2第二部分是扫描通知脚本，由主python文件和配置文件ad.config组成，运行后生成errlog.txt日志文件ad.config属性说明corpid:appsecret:agentid:content:内容1content1:内容2content2:内容3admin:闲置属性ip:redis地址port:redis端口passwd:redis密码passwddate:密码多少天未修改进行提醒{ "corpid" : "xxxx", "appsecret" : "xxxx", "agentid" : "xxxx", "content" : "亲爱的 ", "content1" : " 域用户 :\n您的计算机域账户已经超过 ", "content2" : " 天没有修改密码了（电脑登录密码），请您立即更改。\n重置密码过程请遵循以下原则：\n○密码长度最少 8 位；\n○密码中不可出现公司和本人中英文拼写\n○密码符合复杂性需求（大写字母、小写字母、数字和符号四种中必须有三种）\n操作方式：\n您可以通过 自助密码服务台http://xx/修改密码，在公司内网中，手机、笔记本、台式机均可访问", "admin" : "xxxx", "ip" : "xxxx", "port" : "xxxx", "passwd" : "xxxx", "passwddate" : xx }主python文件import requests,json,redis,time,logging from datetime import datetime, timedelta def get_weixintoken(): #获取微信token token_url = 'https://qyapi.weixin.qq.com/cgi-bin/gettoken?corpid=' + config[0] + '&corpsecret=' + config[1] req = requests.get(token_url) accesstoken = req.json()['access_token'] return accesstoken def get_redistoken(): readredis = redis.Redis(connection_pool=redis.ConnectionPool(host=config[7],port=config[8],password=config[9],decode_responses=True)) if readredis.get('key') == None: readredis.set('key', get_weixintoken(),ex=5400) return (readredis.get('key')) else: return readredis.get('key') def post_weixin(userweixin,content): body = { "touser": userweixin, "msgtype": "text", "agentid": config[2], "text": { "content": content } } postweixin = requests.post( 'https://qyapi.weixin.qq.com/cgi-bin/message/send?access_token='+get_redistoken(),data=json.dumps(body)) return(postweixin.text) def get_config(): config = json.loads(open("ad.config", encoding='utf-8').read()) return [config['corpid'],config['appsecret'],config['agentid'],config['content'],config['content1'],config['content2'],config['admin'],config['ip'],config['port'],config['passwd'],config['passwddate']] def user_check(): f = open("C:\\1.txt", "r", encoding='utf-16') lines = f.readlines() f = open('errlog.txt', 'w') for line in lines: try: x = line.replace("/", "-") y = x.split() time_1 = y[1] time_2 = time.strftime("%Y-%m-%d", time.localtime()) time_1_struct = datetime.strptime(time_1, "%Y-%m-%d") time_2_struct = datetime.strptime(time_2, "%Y-%m-%d") day = (time_2_struct - time_1_struct).days userweixin = y[3] username= y[0] if day > config[10]: day = str(day) time.sleep(1) try: post = post_weixin(userweixin,config[3]+username+config[4]+day+config[5]) postjson=json.loads(post) if postjson['errmsg'] != "ok": f.write("发送失败,可能微信号错误 " + userweixin+"\n") except : None else: None except: f.write("没有微信号 "+ line) f.close() config = get_config() #post_weixin() user_check()脚本使用 编译为EXE文件，和ad.config，放在域控服务器通过定时任务运行即可。Self Service Password企业微信脚本项目目录/usr/share/self-service-password/配置文件/usr/share/self-service-password/conf/config.inc.local.php配置文件中修改短信通知方式## SMS # Use sms $use_sms = true; # SMS method (mail, api) $sms_method = "api"; $sms_api_lib = "lib/weixin.inc.php"; # GSM number attribute $sms_attributes = array( "pager" );编写企业微信通知脚本 /usr/share/self-service-password/lib/weixin.inc.php<?php //连接本地的 Redis 服务 function get_token(){ $redis = new Redis(); $redis->connect('修改用自己的IP地址', 修改用自己的端口); $redis->auth('修改用自己的redis密码'); $key = $redis->get("key"); if ($key) { return $key; } else { $url='https://qyapi.weixin.qq.com/cgi-bin/gettoken?corpid=修改用自己的&corpsecret=修改用自己的'; $jsondb = file_get_contents($url); $jsondb = json_decode($jsondb, true); $key = $jsondb['access_token']; $redis->set("key", $key); $redis->expire("key", 5400); return $key; } } function send_sms_by_api($mobile, $message) { $postdata = array( 'touser' => "$mobile", 'msgtype' => 'text', 'agentid' => '修改用自己的', 'text' => array( 'content' => "$message" ) ); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, 'https://qyapi.weixin.qq.com/cgi-bin/message/send?access_token=' . get_token()); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($postdata)); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $errmsg = json_decode(curl_exec($ch))->errmsg; if ($errmsg=="ok") { return 1; } else { return 0; } } ?>修改中文显示 比如把短信修改成企业微信，可直接修改语言文件/usr/share/self-service-password/lang/zh-CN.inc.phpPHP安装redis扩展 https://www.vvave.net/archives/how-to-install-php-pecl-redis-on-centos8-official-repo-php.html 总结 简单

中小型企业开源或免费网络安全方案建设 依托等级保护2.0一、二、三级指导以及开源或免费安全软件进行网络安全建设，但注意，此方案并不能让你顺利通过等保认证，等保是生意不是技术。传统企业架构王工开源或免费网络安全方案

HFish威胁捕捉与诱骗蜜罐系统 项目官网https://hfish.net/工作原理部署架构安装步骤 项目提供一键安装https://hfish.net/#/2-0-deploy增加节点 按生成的一键包安装即可特色功能 1、云端高交互蜜罐，由Hfish提供云端环境进行渗透过程记录2、攻击态势大屏

遭遇一起典型钓鱼邮件攻击 钓鱼邮件为APT（高级持续性攻击）常用攻击手段，有针对性、目的明确、持续时间长。钓鱼邮件伪装成合同链接诱导点击钓鱼网站伪装为网易企业邮箱官网，使用linkpc.net免费二级域名，并填充邮件接收方地址网易企业邮箱官网实际为一张截图通过代码在图片上建立伪装登录窗口，无论输入任何内容都会显示无效密码输入两次密码后，跳转邮件接收方官网，欺骗点击者认为只是登陆错误此时对方已获取邮箱密码，完成钓鱼攻击过程。

Algorius Net Viewer网络可视化监控管理软件 官网https://algorius.com/价格 免费版支持25个设备，好用请支持正版哦https://algorius.com/purchase/pricing.html程序下载https://algorius.com/download/resources.html安装均为下一步程序界面配置设备配置ping最后我的使用情况

可视化Uptime状态监控平台Uptime Kuma 项目地址https://github.com/louislam/uptime-kuma可以监控 HTTP(s) / TCP / HTTP(s) Keyword / Ping / DNS Record / Push / Steam Game Server / Docker Containers的正常运行时间一键安装docker run -d --restart=always -p 3001:3001 -v uptime-kuma:/app/data --name uptime-kuma louislam/uptime-kuma:1升级docker pull louislam/uptime-kuma:1 docker stop uptime-kuma docker rm uptime-kuma docker run -d --restart=always -p 3001:3001 -v uptime-kuma:/app/data --name uptime-kuma louislam/uptime-kuma:1主页面配置独立状态页配置企业微信通知

0基础上手python编程，批量自动备份H3C交换机配置并进行企业微信通知 王工已重新编写脚本，请查看最新文章交换机自动备份配置(h3c)python2备份基于CSDN@willwillwanghttps://blog.csdn.net/wq298102526/article/details/108796824python3自行编写定时计划，每天7点备份，7点40发送告警0 7 * * * python2 /root/swbackup.py > /root/swbackup.log 40 7 * * * python3 /root/swbackupweixin.py >> /root/swbackup.logpython2备份脚本 swbackup.py利用telnetlib交互登录查看交换机配置并保存，可修改命令后用于任意品牌交换机#!/usr/bin/python2 # -*- coding: UTF-8 -*- import telnetlib import time import re import codecs import time import os now = time.strftime("%y%m%d") path = "/root/backup/%s"%now if not os.path.exists(path): os.makedirs(path) Hostall = """172.16.1.1 172.16.1.2 """ Hostlist = Hostall.splitlines() for Host in Hostlist: try: tn = telnetlib.Telnet(Host, timeout=15) time.sleep(5) tn.write(b'admin\n') time.sleep(5) tn.write(b'admin@123\n') time.sleep(5) tn.write(b'screen-length disable\n') tn.write(b'dis cur\n') tn.read_some() tn.write(b'undo screen-length disable\n') tn.write(b'quit\n') mac1 = tn.read_all() f1 = open('%s/%s'%(path,Host),'wb') f1.write(mac1) f1.close() print ("%s finish"%Host) except: print("fail %s"%Host) python3通知脚本拥有python3企业微信应用通知和企业微信机器人通知，其中企业微信应用通知、温湿度使用了zabbix中现有脚本。#!/usr/bin/python3 # -*- coding: UTF-8 -*- import time,os,requests,json,subprocess from datetime import datetime from collections import Counter lines = open("/root/swbackup.log", "r", encoding='utf-8').read().split() finish = lines.count('finish') fail = lines.count('fail') total = str(finish + fail) finish = str(finish) fail = str(fail) time_2 = time.strftime("%Y-%m-%d", time.localtime()) printfinish = (time_2+"-总计备份交换机"+total+"台-成功"+finish+"台-失败"+fail+"台") os.system("/usr/lib/zabbix/alertscripts/weixin.py %s %s %s" % ("wangwangjie","交换机备份报告",printfinish)) response2 = requests.get("https://devapi.qweather.com/v7/weather/now?用自己的和风天气API") data1=json.loads(response2.text) data2=json.dumps(data1['now']) data2=json.loads(data2) data3 ="早上好！ \n当前天气情况\n环境温度"+data2['temp']+" 体感温度"+data2['feelsLike']+" 天气状况 "+data2['text']+"\n风向 "+data2['windDir']+" 风力等级"+data2['windScale']+" 风速"+data2['windSpeed']+" 湿度"+data2['humidity']+" 能见度"+data2['vis']+"公里\n" data4 = "备份交换机"+total+"台-成功"+finish+"台-失败"+fail+"台\n" data5 = "机房温度"+str(os.popen("/etc/zabbix/script/get_temp.sh").read())+"机房湿度"+str(os.popen("/etc/zabbix/script/get_hum.sh").read()) url = 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=用自己的企业微信机器人通知' body = body = { "msgtype": "news", "news": { "articles" : [ { "title" : time_2, "description" : data3+data4+data5, "url" : "90apt.com", "picurl" : "微信机器人上方图片" } ] } } headers = {"Content-Type": "application/json"} response = requests.post(url,json=body,headers=headers) print(response.text) print(response.status_code)

Self Service Password域账号自助服务台 已更新docker版，1分钟部署完成https://90apt.com/4604{lamp/}项目官网：https://www.ltb-project.org/documentation/self-service-password.htmlgithub：https://github.com/ltb-project/self-service-password文档：https://self-service-password.readthedocs.io/en/latest/本文采用oracle linux8系统安装安装：1、安装php-smartyhttps://pkgs.org/download/php-SmartyDownload latest remi-release rpm from http://rpms.remirepo.net/enterprise/8/remi/x86_64/ Install remi-release rpm: rpm -Uvh remi-release*rpm Install php-Smarty rpm package: dnf --enablerepo=remi install php-Smarty2、安装self-service-passwordConfigure the yum repository: /etc/yum.repos.d/ltb-project.repo [ltb-project-noarch] name=LTB project packages (noarch) baseurl=https://ltb-project.org/rpm/$releasever/noarch enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project Then update: yum update Import repository key: rpm --import https://ltb-project.org/documentation/_static/RPM-GPG-KEY-LTB-project You are now ready to install: yum install self-service-password3、安装openldapyum install -y openldap4、AD域导出证书Self Service Password必须以LDAPS方式连接域控，因此需要加载证书添加角色和功能-AD证书服务证书颁发机构web注册配置证书服务证书颁发机构开启AD域证书服务刷新策略导出证书个人证书导出转换证书openssl x509 -inform der -in ad01.cer -out ad01.pem cat ad01.pem >> /etc/openldap/certs/ldaps.pemopenldap配置文件/etc/openldap/ldap.conf TLS_CACERT /etc/openldap/certs/ldaps.pem TLS_REQCERT allow5、Self Service Password配置文件需生成独立配置文件cd /usr/share/self-service-password/conf/ cp config.inc.php config.inc.local.php我的配置文件config.inc.local.php，主要放上改动的部分和注释<?php $debug = false; //debug模式关闭 # LDAP $ldap_url = "ldaps://ad1.90apt.com:636"; //AD服务器 $ldap_starttls = false; $ldap_binddn = "CN=wangwangjie,CN=Users,DC=90apt,DC=com"; //使用的域控管理员用户 $ldap_bindpw = "passwd@123"; //上面域控管理员密码 $ldap_base = "OU=王工有限公司,OU=用户OU,DC=90apt,DC=com"; //应用的OU范围 $ldap_login_attribute = "sAMAccountName"; //登陆属性 $ldap_fullname_attribute = "cn"; //全名属性 $ldap_filter = "(&(objectClass=user)(sAMAccountName={login})(!(userAccountControl:1.2.840.113556.1.4.803:=2)))"; //AD需要这么配置 $ldap_use_exop_passwd = false; $ldap_use_ppolicy_control = false; $ad_mode = true; //启用AD模式 $ad_options=[]; # Force account unlock when password is changed $ad_options['force_unlock'] = true; //更改密码时强制解锁账户 # Force user change password at next login $ad_options['force_pwd_change'] = false; # Allow user with expired password to change password $ad_options['change_expired_password'] = true; //允许过期的用户修改密码 # Local password policy # This is applied before directory password policy # Minimal length $pwd_min_length = 8; //最短密码位数 # Maximal length $pwd_max_length = 0; # Minimal lower characters $pwd_min_lower = 0; # Minimal upper characters $pwd_min_upper = 0; # Minimal digit characters $pwd_min_digit = 0; # Minimal special characters $pwd_min_special = 0; # Definition of special characters $pwd_special_chars = "^a-zA-Z0-9"; //特殊字符 # Forbidden characters #$pwd_forbidden_chars = "@%"; # Don't reuse the same password as currently $pwd_no_reuse = true; //不使用重复密码 # Check that password is different than login $pwd_diff_login = true; //密码不能与账号相同 # Check new passwords differs from old one - minimum characters count $pwd_diff_last_min_chars = 0; # Forbidden words which must not appear in the password $pwd_forbidden_words = array(); # Forbidden ldap fields # Respective values of the user's entry must not appear in the password # example: $pwd_forbidden_ldap_fields = array('cn', 'givenName', 'sn', 'mail'); $pwd_forbidden_ldap_fields = array(); # Complexity: number of different class of character required $pwd_complexity = 3; //需要不同类别的字符 # use pwnedpasswords api v2 to securely check if the password has been on a leak $use_pwnedpasswords = false; # Show policy constraints message: # always # never # onerror $pwd_show_policy = "always"; //显示约束信息 # Position of password policy constraints message: # above - the form # below - the form $pwd_show_policy_pos = "above"; //在表格上显示 # disallow use of the only special character as defined in `$pwd_special_chars` at the beginning and end $pwd_no_special_at_ends = false; # Who changes the password? # Also applicable for question/answer save # user: the user itself # manager: the above binddn $who_change_password = "manager"; //谁的权限修改 ## Token # Use tokens? # true (default) # false $use_tokens = true; # Crypt tokens? # true (default) # false $crypt_tokens = true; # Token lifetime in seconds $token_lifetime = "3600"; ## Mail # LDAP mail attribute $mail_attributes = array( "userPrincipalName","mail", "gosaMailAlternateAddress", "proxyAddresses" ); //邮箱形式 # Get mail address directly from LDAP (only first mail entry) # and hide mail input field # default = false $mail_address_use_ldap = true; //直接从域控获取邮箱 # Who the email should come from $mail_from = "wangwangjie@90apt.com"; $mail_from_name = "域账号自助改密解锁服务"; $mail_signature = "本邮件为通过密码自助修改LDAP账号密码，无需回复，如有重置密码遇到问题可以联系运维同学"; # Notify users anytime their password is changed $notify_on_change = true; # PHPMailer configuration (see https://github.com/PHPMailer/PHPMailer) $mail_sendmailpath = '/usr/sbin/sendmail'; $mail_protocol = 'smtp'; $mail_smtp_debug = 0; $mail_debug_format = 'html'; $mail_smtp_host = 'smtp.90apt.com'; $mail_smtp_auth = true; $mail_smtp_user = 'wangwangjie@90apt.com'; $mail_smtp_pass = 'passwd@123'; $mail_smtp_port = 25; $mail_smtp_timeout = 30; $mail_smtp_keepalive = false; $mail_smtp_secure = 'tls'; $mail_smtp_autotls = true; $mail_smtp_options = array(); $mail_contenttype = 'text/plain'; $mail_wordwrap = 0; $mail_charset = 'utf-8'; $mail_priority = 3; ## SMS # Use sms $use_sms = true; # SMS method (mail, api) $sms_method = "api"; $sms_api_lib = "lib/smsapi.inc.php"; //自编写短信api，从短信平台的帮助文档里找 # GSM number attribute $sms_attributes = array( "mobile", "pager", "ipPhone", "homephone" ); # Partially hide number $sms_partially_hide_number = true; # Send SMS mail to address. {sms_attribute} will be replaced by real sms number $smsmailto = "{sms_attribute}@service.provider.com"; # Subject when sending email to SMTP to SMS provider $smsmail_subject = "Provider code"; # Message $sms_message = "{smsresetmessage} {smstoken}"; # Remove non digit characters from GSM number $sms_sanitize_number = false; # Truncate GSM number $sms_truncate_number = false; $sms_truncate_number_length = 10; # SMS token length $sms_token_length = 6; # Max attempts allowed for SMS token $max_attempts = 5; # Encryption, decryption keyphrase, required if $use_tokens = true and $crypt_tokens = true, or $use_sms, or $crypt_answer # Please change it to anything long, random and complicated, you do not have to remember it # Changing it will also invalidate all previous tokens and SMS codes $keyphrase = "90apt"; //关键词 # Display menu on top $show_menu = true; //显示菜单 # Logo $logo = "images/logo.png"; //logo # Background image $background_image = "images/90apt.png"; //壁纸 参考链接：https://blog.csdn.net/qq_33574974/article/details/128440776https://blog.csdn.net/qq_43536701/article/details/112290651https://blog.csdn.net/sunny05296/article/details/87634602https://blog.csdn.net/jnloverll/article/details/120333488https://www.cnblogs.com/cf-cf/p/12027495.htmlhttps://hebye.com/docs/ldap/ldap-1d9e6e2dts5avhttps://zhuanlan.zhihu.com/p/445700057?utm_id=0https://cloud.tencent.com/developer/article/1937696https://blog.csdn.net/weixin_44728369/article/details/117558938https://blog.csdn.net/weixin_34163313/article/details/115243146https://blog.csdn.net/hc1017/article/details/81293323?locationNum=1&fps=1https://www.cnblogs.com/skymyyang/p/13653294.htmlhttps://blog.csdn.net/qq461391728/article/details/115867721?ops_request_misc=%257B%2522request%255Fid%2522%253A%2522162848744116780265427748%2522%252C%2522scm%2522%253A%252220140713.130102334..%2522%257D&request_id=162848744116780265427748&biz_id=0&utm_medium=distribute.pc_search_result.none-task-blog-2~all~sobaiduend~default-1-115867721.pc_search_result_control_group&utm_term=self+service+password+%E5%9F%9F%E8%B4%A6%E5%8F%B7&spm=1018.2226.3001.4187https://blog.csdn.net/yanchuandong/article/details/119598665https://blog.51cto.com/u_10630242/2538982

FusionCompute 虚拟机安装tools重启后tools未运行 华为官方说明https://support.huawei.com/enterprise/zh/knowledge/EKB1100039465执行chkconfig qemu-ga off 关闭操作系统自带的qemu-ga工具

社区安全能力建设，长亭科技雷池 Web 应用防火墙 官网 https://waf-ce.chaitin.cn/介绍 雷池（SafeLine WAF）Web应用防火墙由长亭科技出品，其核心检测能力由智能语义分析算法驱动，对0day具有一定的天然免疫能力。便捷性：采用容器化部署，一条命令即可完成安装，0 成本上手；安全配置开箱即用，无需人工维护，可实现安全躺平式管理安全性：首创业内领先的智能语义分析算法，精准检测、低误报、难绕过；语义分析算法无规则，面对未知特征的 0day 攻击不再手足无措高性能：无规则引擎，线性安全检测算法，平均请求检测延迟在 1 毫秒级别；并发能力强，单核轻松检测 2000+ TPS，只要硬件足够强，可支撑的流量规模无上限高可用：流量处理引擎基于 Nginx 开发，性能与稳定性均可得到保障；内置完善的健康检查机制，服务可用性高达 99.99%部署情况 我司使用某国产OA系统，该OA系统在近一年中，几乎每月都会出现一到两次“高危级”漏洞，为了在0day出现到修复前的真空期进行安全防御，我司对Web应用防火墙进行了考察； 市面上绝大部分WAF都是基于规则进行命中，在此领域黑客对抗激烈，社区经常出现针对某WAF的规则绕过教程，并且基于规则的WAF几乎无法对0day进行防御，而基于AI机器学习的WAF误报严重，常常会造成OA访问中断；在一段时间测试后，最终选择了雷池 Web 应用防火墙。 在2023年4月23日对雷池进行测试，并对误拦截进行处理；在2023年5月24日对雷池进行正式切换，此时版本为1.5.1。里程碑记录 在部署后的6月份，我司OA出现了前台SQL注入漏洞，7月份出现了文件上传漏洞、XXE漏洞；而此漏洞均在雷池天然防护范围中，为漏洞修复真空期赢得了宝贵的时间。当前我司雷池累计访问量已近千万在系统漏洞修复真空期，日均拦截攻击独立IP两位数已加入IP 情报共享计划，共建社区安全雷池安装确保机器上正确安装 Docker 和 Compose V2docker info # >= 20.10.6 docker compose version # >= 2.0.0注意配置docker镜像加速以及docker网卡修改网段防止冲突部署安装运行mkdir -p /safeline && cd safeline # 下载并执行 setup bash -c "$(curl -fsSLk https://waf-ce.chaitin.cn/release/latest/setup.sh)"雷池升级自动一键更新 WARN: 雷池 SafeLine 服务会重启，流量会中断一小段时间，根据业务情况选择合适的时间来执行升级操作。 # 请到 compose.yaml 同级目录下执行下面脚本 cd /safeline | bash -c "$(curl -fsSLk https://waf-ce.chaitin.cn/release/latest/upgrade.sh)" #升级成功后, 可以执行以下命令删除旧版本 Docke 镜像, 以释放磁盘空间 docker rmi $(docker images | grep "safeline" | grep "none" | awk '{print $3}')最后一切，只为安全！

Oracle、Alma、Centos、RHEL linux8 安装docker、加速源、镜像源 安装 设置docker仓库yum install -y yum-utils yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo安装yum install docker-ce docker-ce-cli containerd.io————————————————版权声明：本文为CSDN博主「wesley_wwk」的原创文章，遵循CC 4.0 BY-SA版权协议，转载请附上原文出处链接及本声明。原文链接：https://blog.csdn.net/wwkms/article/details/105708100加速源 yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo镜像源 cat /etc/docker/daemon.json{ "bip": "192.168.120.1/24", "log-driver": "json-file", "log-opts": { "max-file": "3", "max-size": "10m" }, "registry-mirrors": [ "https://pfti226w.mirror.aliyuncs.com", "https://hub-mirror.c.163.com", "https://docker.m.daocloud.io", "https://ghcr.io", "https://mirror.baidubce.com", "https://docker.nju.edu.cn" ] }

参加了2023年上半年软考 首先祝大家软考科科75分王工在今天参加了2023年上半年计算机技术与软件专业技术资格（水平）考试-中级-网络工程师考试，为了考试，总计学习时间约为3小时，泰酷啦上午都是选择题，感觉能得50分左右，题目还是难度适中，好好学问题就不大。中午没人请我吃发，小伙伴早上8点半才起床，9点考试，开车两个小时，现场也没有遇到粉丝，呜呜呜下午题有点难，软考的网络配置都是以华为为主，而且考了BGP，众所周知，王工只用华三和OSPF，所以下午考糊了，预计三十分左右我们考场抓到了两个作弊的，看网友反馈，今年肯定是发生了泄题，有完整的原题答案被搜出来了当然，考试已经结束了，无论通过与否，等出成绩，我会在贴出来，无论多少分。