Download tool Fetch
- Similar to wget, such as: Fetch FTP://FTP.CENTER.KL.EDU.TW/XXX.TGZ
Configuration file Directory
- /etc/defaults/system default boot configuration and scripts
- /etc/periodic/Scheduled Tasks
View hardware Information
- Pciconf-lv
- Sysctl Hw.model HW.NCPU
- DMESG | Grep-i CPU (similar: memory, sector, etc. corresponding to ram and HDD)
File Protection
- Chflags sunlink XXX: Prevent misunderstanding delete
- Chflags nosunlink XXX: The sign that starts with no indicates the release status
- Chflags simmutable/sbin/* and Chflags-r Simmutable/bin:set the system immutable (non-modifiable) flag
System Services
- /etc/netstart #初始化网络服务
- /etc/rc.d/netif Restart #重载 IP configuration
- /etc/rc.d/routing Restart #重载 route configuration
- Default route settings and changes: Route add/change default xx.xx.xx.xx
- Query Routing Table:netstat-rn
- Querying network Interface traffic statistics: netstat-i
- Querying TCP Network online scenarios: netstat-t
- Query all network online scenarios: netstat-a
- View service Listening Status: Sockstat-4 #IPv4, Sockstat-6 #IPv6
- Turn off Port 6000 for X: Edit/usr/x11r6/bin/startx, set serverargs= "-nolisten TCP"
- A large number of system configurations are changed at once to make them effective once, without restarting: SH/ETC/RC
- System administrator-written startup script storage path:/USR/LOCAL/ETC/RC.D
command line using shortcut keys
- CTRL + A header
- Ctrl+e End of Line
- Ctrl+u Delete from current position to beginning of line
- Ctrl+k Delete from current position to end of line
- Ctrl+w clears a single word to the beginning of the line
User Management
/etc/rc.conf Common parameters
- Syslogd_flags= "-SS": SS (two s) Prohibit records from remote hosts, allow only local logs
- Clear_tmp_enable= "YES": Empty/tmp at system startup
- Update_motd= "No": Disable system rebuild/ETC/MOTD file
- #ICMP重定向, Ping is forbidden
- Icmp_drop_redirect= "YES": ICMP Redirect, disable ping
- Log_in_vain= "YES": Logs all connections attempting to connect to a closed port
- Accounting_enable= "YES": Enable system Audit function
- ifconfig_alc0= "inet 10.1.1.10/8" #可设置为 "DHCP" Get IP automatically
- ifconfig_alc0= "inet 10.1.1.11/32" #同一网络的多个地址, except for the first one, the remaining netmask are set to 255.255.255.255
- ifconfig_alc0_alias0= "inet 172.16.10.10/16" #设置多个 IP
- Defaultrouter= "10.1.1.1": Default gateway
- Sshd_enable= "YES": Set random Start
/etc/sysctl.conf Common parameters
- kern.ipc.somaxconn=32768: Number of concurrent connections, default 128
- Security.bsd.see_other_uids=0: Prevents users from viewing other users ' processes
- KERN.SECURELEVEL=0/1/2:kernel Safety level, 2 indicates the highest level
- Kern.ipc.shm_use_phys=1: Shared memory uses only physical memory and does not use swap
- kern.ipc.shmmax=67108864: Maximum amount of memory that can be occupied by a single SHM segment (unit: bytes/b)
- kern.ipc.shmall=32768: System shared memory can be allocated total pages, page size can be obtained by getconf PAGESIZE command, usually 4096
Package Management:
- Portsnap fetch: Download ports mirror image
- Portsnap extract: Expand ports mirror, each option can be used in combination, such as: Portsnap fetch extract
- PORTSNAP Update: Updating ports tree
- Freebsd-update Fetch: Download system updates
- Freebsd-update Install: Installing system Updates
- Freebsd-update cron: Concurrent check update, mainly used in cron
Other
FreeBSD System Management