FreeBSD System Management

Download tool Fetch

• Similar to wget, such as: Fetch FTP://FTP.CENTER.KL.EDU.TW/XXX.TGZ

Configuration file Directory

• /etc/defaults/system default boot configuration and scripts
• /etc/periodic/Scheduled Tasks

View hardware Information

• Pciconf-lv
• Sysctl Hw.model HW.NCPU
• DMESG | Grep-i CPU (similar: memory, sector, etc. corresponding to ram and HDD)

File Protection

• Chflags sunlink XXX: Prevent misunderstanding delete
• Chflags nosunlink XXX: The sign that starts with no indicates the release status
• Chflags simmutable/sbin/* and Chflags-r Simmutable/bin:set the system immutable (non-modifiable) flag

System Services

• /etc/netstart #初始化网络服务
• /etc/rc.d/netif Restart #重载 IP configuration
• /etc/rc.d/routing Restart #重载 route configuration
• Default route settings and changes: Route add/change default xx.xx.xx.xx
• Query Routing Table:netstat-rn
• Querying network Interface traffic statistics: netstat-i
• Querying TCP Network online scenarios: netstat-t
• Query all network online scenarios: netstat-a
• View service Listening Status: Sockstat-4 #IPv4, Sockstat-6 #IPv6
• Turn off Port 6000 for X: Edit/usr/x11r6/bin/startx, set serverargs= "-nolisten TCP"
• A large number of system configurations are changed at once to make them effective once, without restarting: SH/ETC/RC
• System administrator-written startup script storage path:/USR/LOCAL/ETC/RC.D

command line using shortcut keys

• CTRL + A header
• Ctrl+e End of Line
• Ctrl+u Delete from current position to beginning of line
• Ctrl+k Delete from current position to end of line
• Ctrl+w clears a single word to the beginning of the line

User Management

• Adduser/rmuser/chpass

/etc/rc.conf Common parameters

• Syslogd_flags= "-SS": SS (two s) Prohibit records from remote hosts, allow only local logs
• Clear_tmp_enable= "YES": Empty/tmp at system startup
• Update_motd= "No": Disable system rebuild/ETC/MOTD file
• #ICMP重定向, Ping is forbidden
• Icmp_drop_redirect= "YES": ICMP Redirect, disable ping
• Log_in_vain= "YES": Logs all connections attempting to connect to a closed port
• Accounting_enable= "YES": Enable system Audit function
• ifconfig_alc0= "inet 10.1.1.10/8" #可设置为 "DHCP" Get IP automatically
• ifconfig_alc0= "inet 10.1.1.11/32" #同一网络的多个地址, except for the first one, the remaining netmask are set to 255.255.255.255
• ifconfig_alc0_alias0= "inet 172.16.10.10/16" #设置多个 IP
• Defaultrouter= "10.1.1.1": Default gateway
• Sshd_enable= "YES": Set random Start

/etc/sysctl.conf Common parameters

• kern.ipc.somaxconn=32768: Number of concurrent connections, default 128
• Security.bsd.see_other_uids=0: Prevents users from viewing other users ' processes
• KERN.SECURELEVEL=0/1/2:kernel Safety level, 2 indicates the highest level
• Kern.ipc.shm_use_phys=1: Shared memory uses only physical memory and does not use swap
• kern.ipc.shmmax=67108864: Maximum amount of memory that can be occupied by a single SHM segment (unit: bytes/b)
• kern.ipc.shmall=32768: System shared memory can be allocated total pages, page size can be obtained by getconf PAGESIZE command, usually 4096

Package Management:

• Portsnap fetch: Download ports mirror image
• Portsnap extract: Expand ports mirror, each option can be used in combination, such as: Portsnap fetch extract
• PORTSNAP Update: Updating ports tree
• Freebsd-update Fetch: Download system updates
• Freebsd-update Install: Installing system Updates
• Freebsd-update cron: Concurrent check update, mainly used in cron

Other

FreeBSD System Management