Собственно необходимо посмотреть какой часовой пояс используется в системе и есть ли переход на зимнее время.
делаю
root@debiantest:/etc# zdump -v /etc/localtime | grep 2014
root@debiantest:/etc#
Как еще можно посмотреть часовой пояс ?
собственно есть не обновляемый комп с debian 6 22 октября меняются таймзоны вопрос как поправить таймзону на нем ?
Собственно стоит задача перенести debian c 1 жесткого диска на другой , что то подобное когда то делал c помощью tar ноу же не помню что и как , может кто нибудь занимался чем то подобным ? Собственно представляю это так сжать все с сохраняемого винта в архив а потом распаковать этот архив на новый винт, получив точную копию того что было.
Было два софт radi 1 и 5 на 1 был boot на 5 все остальное в один прекрасный день комп перестал грузится (raid 5 not enough operationl devices for md1 2/4 failed) Подскажите что делать ? В bios винты видятся все. Как вариант поробую щас загрузится с live cd GParted Live
имее
eth0 Link encap:Ethernet HWaddr 90:2b:34:e7:20:55
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::922b:34ff:fee7:2055/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:12222971 errors:0 dropped:0 overruns:0 frame:0
TX packets:19714230 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2099311957 (1.9 GiB) TX bytes:21789564957 (20.2 GiB)
Interrupt:42 Base address:0xa000
eth1 Link encap:Ethernet HWaddr 00:22:b0:52:6b:ff
inet6 addr: fe80::222:b0ff:fe52:6bff/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:19963450 errors:0 dropped:282 overruns:0 frame:0
TX packets:9122777 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:22534267574 (20.9 GiB) TX bytes:1812518739 (1.6 GiB)
Interrupt:20 Base address:0xc000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:5393677 errors:0 dropped:0 overruns:0 frame:0
TX packets:5393677 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2889087108 (2.6 GiB) TX bytes:2889087108 (2.6 GiB)
ppp0 Link encap:Point-to-Point Protocol
inet addr:******* P-t-P:10.10.50.93 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:162675 errors:0 dropped:0 overruns:0 frame:0
TX packets:98131 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:215600786 (205.6 MiB) TX bytes:7486446 (7.1 MiB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:472 (472.0 B) TX bytes:252 (252.0 B)
root@eldorado:/etc/network/if-up.d# cat firewall
#!/bin/bash
modprobe ip_tables
modprobe ip_conntrack
modprobe ip_conntrack_ftp
modprobe ip_conntrack_irc
modprobe iptable_nat
#этот модуль позволяет работать с ftp в пассивном режиме
modprobe ip_nat_ftp
modprobe ip_nat_irc
#очистка цепочек
iptables -F INPUT
iptables -F FORWARD
iptables -F OUTPUT
iptables -t nat -F PREROUTING
iptables -t nat -F POSTROUTING
iptables -t mangle -F
#Запрет всего
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
#разрешаем все входящие пакеты на интрефейс замыкания на себя иначе ничего не работает
iptables -A INPUT -i lo -j ACCEPT
#РАЗРЕШЕНЫ ТОЛЬКО ВХОДЯЩИЕ СОЗДАННЫЕ НАШИМИ ИСХОДЯЩИМИ
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
#Правила повышающие безопасность
#Блочим входящие tcp соединения не syn пакетом (либо ошибка либо атака)
iptables -I INPUT -m conntrack --ctstate NEW -p tcp ! --syn -j DROP
iptables -I INPUT -m conntrack --ctstate NEW,INVALID -p tcp --tcp-flags SYN,ACK SYN,ACK -j REJECT
#Фильтруем ICMP по типам
iptables -A INPUT -p icmp -j ACCEPT
iptables -A OUTPUT -p icmp -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 3 -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 8 -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 12 -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type 0 -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type 3 -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type 4 -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type 11 -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type 12 -j ACCEPT
#Запрещаем пинги из локальной сети
#iptables -I FORWARD -s 192.168.1.0/24 -p icmp -j DROP
#разрешаем доступ из локальной сети на порты 22(ssh),3128 прокси squid,80 - apache веб морды
iptables -A INPUT -i eth0 -p udp --dport 53 -j ACCEPT
iptables -A INPUT -i eth0 -p udp --dport 10001 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 8443 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 8081 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 8880 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 8843 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 27117 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 443 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -m multiport --dport 22,25,110,80,3128,443 -j ACCEPT
#Доступ по SSh из нета
iptables -A INPUT -i ppp0 -p tcp -m multiport --dport 22 -j ACCEPT
############OpenVPN#######################
#Разрешаем доступ к openvpn серверу отовсюду
iptables -A INPUT -p tcp --dport 1194 -j ACCEPT
# разрешаем всем openvpn-клиентам соединение с интернетами
iptables -A FORWARD -i tun0 -o ppp0 -j ACCEPT
############OpenVPN#######################
################Доступ к видеорегистраторам отовсюду#################
iptables -A INPUT -p tcp --dport 85 -j ACCEPT
iptables -A INPUT -p tcp --dport 9000 -j ACCEPT
#####################################################################
#подстройка mtu без этого правила компы ходящие мимо прокси не открывают некоторые сайты
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
#Разрешаем хождение через цепочку форвард пакетов идущих в ответ на пакеты с eth0
iptables -A FORWARD -i ppp0 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
#Заварачивае веб трафик из сети на squid
#iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.1.1:3128
#Маскарадим то что прошло через цепочку forward
iptables -t nat -I POSTROUTING -s 192.168.1.0/24 -o ppp0 -j MASQUERADE
#Даем доступ к центру управления юнифай с компов сети
iptables -A FORWARD -p tcp --dport 443 -d 192.168.1.1 -o eth0 -j ACCEPT
#Мио прокси
#https
iptables -A FORWARD -p tcp --dport 443 -o ppp0 -j ACCEPT
iptables -A FORWARD -s 192.168.1.184 -o ppp0 -j ACCEPT
#https для unifi
#Почтовые клиенты
iptables -A FORWARD -p tcp --dport 25 -o ppp0 -j ACCEPT
iptables -A FORWARD -p tcp --dport 110 -o ppp0 -j ACCEPT
#Пробрасуем пот 85 в сеть
#iptables -t nat -A PREROUTING -p tcp -d ******* --dport 85 -j DNAT --to-destination 192.168.1.5:85
#iptables -A FORWARD -i eth0 -d 192.168.1.5 -p tcp --dport 85 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp -d ****** --dport 85 -j DNAT --to-destination 192.168.1.5:85
iptables -t nat -A POSTROUTING -p tcp --dst 192.168.1.5 --dport 85 -j SNAT --to-source *******
Может неточно выразился в теме но ситуация следующая - есть куча компов разбросанных по городу в с интернетом (за прокси с nat или просто на них есть нет). Необходимо периодически подключаться к ним удаленно и осуществлять поддержку юзеров, причем пользователи наши далеки от продвинутости и хотелось чтоб вообще их действия были минимизированы. Пробовали ammy admyn более мене подходит есть ли под линухами похожие реализации ?
Собственно есть комп с debian 7 и бесперебойник apc es 700 установил пакет apcupsd и настроил его , возникла следующая проблема - выдер гиваю ибп из розетки жду время заданое в настройках для выключения - комп не тушится + плюс к этому после отключения иногда все всиснет наглухо (не помогает ничечего) в логах
2014-05-23 08:41:21 +0400 apcupsd error shutdown completed
2014-05-23 08:44:02 +0400 apcupsd 3.14.10 (13 September 2011) debian startup succeeded
2014-05-23 08:45:06 +0400 Power failure.
2014-05-23 08:45:11 +0400 Running on UPS batteries.
2014-05-23 08:49:50 +0400 Mains returned. No longer on UPS batteries.
2014-05-23 08:49:50 +0400 Power is back. UPS running on mains.
2014-05-23 08:50:48 +0400 apcupsd 3.14.10 (13 September 2011) debian startup succeeded
2014-05-23 08:52:36 +0400 Power failure.
2014-05-23 08:52:42 +0400 Running on UPS batteries.
2014-05-23 08:56:54 +0400 apcupsd 3.14.10 (13 September 2011) debian startup succeeded
2014-05-23 08:57:42 +0400 Power failure.
2014-05-23 08:57:48 +0400 Running on UPS batteries.
2014-05-23 08:58:36 +0400 Mains returned. No longer on UPS batteries.
2014-05-23 08:58:36 +0400 Power is back. UPS running on mains.
2014-05-23 08:59:21 +0400 apcupsd 3.14.10 (13 September 2011) debian startup succeeded
2014-05-23 09:01:52 +0400 apcupsd exiting, signal 15
2014-05-23 09:01:52 +0400 apcupsd shutdown succeeded
2014-05-23 09:02:03 +0400 apcupsd 3.14.10 (13 September 2011) debian startup succeeded
2014-05-23 09:02:22 +0400 Power failure.
2014-05-23 09:02:28 +0400 Running on UPS batteries.
2014-05-23 09:07:36 +0400 apcupsd 3.14.10 (13 September 2011) debian startup succeeded
2014-05-23 09:11:42 +0400 Communications with UPS restored.
2014-05-23 09:13:42 +0400 Power failure.
2014-05-23 09:13:48 +0400 Running on UPS batteries.
2014-05-23 09:20:15 +0400 apcupsd 3.14.10 (13 September 2011) debian startup succeeded
2014-05-23 09:23:18 +0400 apcupsd exiting, signal 15
2014-05-23 09:23:18 +0400 apcupsd shutdown succeeded
2014-05-23 09:23:29 +0400 apcupsd 3.14.10 (13 September 2011) debian startup succeeded
2014-05-23 09:23:36 +0400 Power failure.
2014-05-23 09:23:42 +0400 Running on UPS batteries.
2014-05-23 09:29:48 +0400 apcupsd 3.14.10 (13 September 2011) debian startup succeeded
2014-05-23 09:43:22 +0400 apcupsd exiting, signal 15
2014-05-23 09:43:22 +0400 apcupsd shutdown succeeded
2014-05-23 09:43:33 +0400 apcupsd 3.14.10 (13 September 2011) debian startup succeeded
2014-05-23 09:44:35 +0400 apcupsd exiting, signal 15
2014-05-23 09:44:35 +0400 apcupsd shutdown succeeded
2014-05-23 09:44:46 +0400 apcupsd 3.14.10 (13 September 2011) debian startup succeeded
2014-05-23 09:44:48 +0400 Power failure.
2014-05-23 09:44:54 +0400 Running on UPS batteries.
файл настроек
root@eldorado:/etc/apcupsd# cat apcupsd.conf
## apcupsd.conf v1.1 ##
#
# for apcupsd release 3.14.10 (13 September 2011) - debian
#
# "apcupsd" POSIX config file
#
# ========= General configuration parameters ============
#
# UPSNAME xxx
# Use this to give your UPS a name in log files and such. This
# is particulary useful if you have multiple UPSes. This does not
# set the EEPROM. It should be 8 characters or less.
#UPSNAME
# UPSCABLE <cable>
# Defines the type of cable connecting the UPS to your computer.
#
# Possible generic choices for <cable> are:
# simple, smart, ether, usb
#
# Or a specific cable model number may be used:
# 940-0119A, 940-0127A, 940-0128A, 940-0020B,
# 940-0020C, 940-0023A, 940-0024B, 940-0024C,
# 940-1524C, 940-0024G, 940-0095A, 940-0095B,
# 940-0095C, M-04-02-2000
#
UPSCABLE usb
# To get apcupsd to work, in addition to defining the cable
# above, you must also define a UPSTYPE, which corresponds to
# the type of UPS you have (see the Description for more details).
# You must also specify a DEVICE, sometimes referred to as a port.
# For USB UPSes, please leave the DEVICE directive blank. For
# other UPS types, you must specify an appropriate port or address.
#
# UPSTYPE DEVICE Description
# apcsmart /dev/tty** Newer serial character device, appropriate for
# SmartUPS models using a serial cable (not USB).
#
# usb <BLANK> Most new UPSes are USB. A blank DEVICE
# setting enables autodetection, which is
# the best choice for most installations.
#
# net hostname:port Network link to a master apcupsd through apcupsd's
# Network Information Server. This is used if the
# UPS powering your computer is connected to a
# different computer for monitoring.
#
# snmp hostname:port:vendor:community
# SNMP network link to an SNMP-enabled UPS device.
# Hostname is the ip address or hostname of the UPS
# on the network. Vendor can be can be "APC" or
# "APC_NOTRAP". "APC_NOTRAP" will disable SNMP trap
# catching; you usually want "APC". Port is usually
# 161. Community is usually "private".
#
# netsnmp hostname:port:vendor:community
# OBSOLETE
# Same as SNMP above but requires use of the
# net-snmp library. Unless you have a specific need
# for this old driver, you should use 'snmp' instead.
#
# dumb /dev/tty** Old serial character device for use with
# simple-signaling UPSes.
#
# pcnet ipaddr:username:passphrase:port
# PowerChute Network Shutdown protocol which can be
# used as an alternative to SNMP with the AP9617
# family of smart slot cards. ipaddr is the IP
# address of the UPS management card. username and
# passphrase are the credentials for which the card
# has been configured. port is the port number on
# which to listen for messages from the UPS, normally
# 3052. If this parameter is empty or missing, the
# default of 3052 will be used.
#
UPSTYPE usb
#DEVICE /dev/ttyS0
# POLLTIME <int>
# Interval (in seconds) at which apcupsd polls the UPS for status. This
# setting applies both to directly-attached UPSes (UPSTYPE apcsmart, usb,
# dumb) and networked UPSes (UPSTYPE net, snmp). Lowering this setting
# will improve apcupsd's responsiveness to certain events at the cost of
# higher CPU utilization. The default of 60 is appropriate for most
# situations.
#POLLTIME 60
# LOCKFILE <path to lockfile>
# Path for device lock file. Not used on Win32.
LOCKFILE /var/lock
# SCRIPTDIR <path to script directory>
# Directory in which apccontrol and event scripts are located.
SCRIPTDIR /etc/apcupsd
# PWRFAILDIR <path to powerfail directory>
# Directory in which to write the powerfail flag file. This file
# is created when apcupsd initiates a system shutdown and is
# checked in the OS halt scripts to determine if a killpower
# (turning off UPS output power) is required.
PWRFAILDIR /etc/apcupsd
# NOLOGINDIR <path to nologin directory>
# Directory in which to write the nologin file. The existence
# of this flag file tells the OS to disallow new logins.
NOLOGINDIR /etc
#
# ======== Configuration parameters used during power failures ==========
#
# The ONBATTERYDELAY is the time in seconds from when a power failure
# is detected until we react to it with an onbattery event.
#
# This means that, apccontrol will be called with the powerout argument
# immediately when a power failure is detected. However, the
# onbattery argument is passed to apccontrol only after the
# ONBATTERYDELAY time. If you don't want to be annoyed by short
# powerfailures, make sure that apccontrol powerout does nothing
# i.e. comment out the wall.
ONBATTERYDELAY 6
#
# Note: BATTERYLEVEL, MINUTES, and TIMEOUT work in conjunction, so
# the first that occurs will cause the initation of a shutdown.
#
# If during a power failure, the remaining battery percentage
# (as reported by the UPS) is below or equal to BATTERYLEVEL,
# apcupsd will initiate a system shutdown.
BATTERYLEVEL 5
# If during a power failure, the remaining runtime in minutes
# (as calculated internally by the UPS) is below or equal to MINUTES,
# apcupsd, will initiate a system shutdown.
MINUTES 1
# If during a power failure, the UPS has run on batteries for TIMEOUT
# many seconds or longer, apcupsd will initiate a system shutdown.
# A value of 0 disables this timer.
#
# Note, if you have a Smart UPS, you will most likely want to disable
# this timer by setting it to zero. That way, you UPS will continue
# on batteries until either the % charge remaing drops to or below BATTERYLEVEL,
# or the remaining battery runtime drops to or below MINUTES. Of course,
# if you are testing, setting this to 60 causes a quick system shutdown
# if you pull the power plug.
# If you have an older dumb UPS, you will want to set this to less than
# the time you know you can run on batteries.
TIMEOUT 0
# Time in seconds between annoying users to signoff prior to
# system shutdown. 0 disables.
ANNOY 300
# Initial delay after power failure before warning users to get
# off the system.
ANNOYDELAY 60
# The condition which determines when users are prevented from
# logging in during a power failure.
# NOLOGON <string> [ disable | timeout | percent | minutes | always ]
NOLOGON disable
# If KILLDELAY is non-zero, apcupsd will continue running after a
# shutdown has been requested, and after the specified time in
# seconds attempt to kill the power. This is for use on systems
# where apcupsd cannot regain control after a shutdown.
# KILLDELAY <seconds> 0 disables
KILLDELAY 0
#
# ==== Configuration statements for Network Information Server ====
#
# NETSERVER [ on | off ] on enables, off disables the network
# information server. If netstatus is on, a network information
# server process will be started for serving the STATUS and
# EVENT data over the network (used by CGI programs).
NETSERVER on
# NISIP <dotted notation ip address>
# IP address on which NIS server will listen for incoming connections.
# This is useful if your server is multi-homed (has more than one
# network interface and IP address). Default value is 0.0.0.0 which
# means any incoming request will be serviced. Alternatively, you can
# configure this setting to any specific IP address of your server and
# NIS will listen for connections only on that interface. Use the
# loopback address (127.0.0.1) to accept connections only from the
# local machine.
NISIP 127.0.0.1
# NISPORT <port> default is 3551 as registered with the IANA
# port to use for sending STATUS and EVENTS data over the network.
# It is not used unless NETSERVER is on. If you change this port,
# you will need to change the corresponding value in the cgi directory
# and rebuild the cgi programs.
NISPORT 3551
# If you want the last few EVENTS to be available over the network
# by the network information server, you must define an EVENTSFILE.
EVENTSFILE /var/log/apcupsd.events
# EVENTSFILEMAX <kilobytes>
# By default, the size of the EVENTSFILE will be not be allowed to exceed
# 10 kilobytes. When the file grows beyond this limit, older EVENTS will
# be removed from the beginning of the file (first in first out). The
# parameter EVENTSFILEMAX can be set to a different kilobyte value, or set
# to zero to allow the EVENTSFILE to grow without limit.
EVENTSFILEMAX 10
#
# ========== Configuration statements used if sharing =============
# a UPS with more than one machine
#
# Remaining items are for ShareUPS (APC expansion card) ONLY
#
# UPSCLASS [ standalone | shareslave | sharemaster ]
# Normally standalone unless you share an UPS using an APC ShareUPS
# card.
UPSCLASS standalone
# UPSMODE [ disable | share ]
# Normally disable unless you share an UPS using an APC ShareUPS card.
UPSMODE disable
#
# ===== Configuration statements to control apcupsd system logging ========
#
# Time interval in seconds between writing the STATUS file; 0 disables
STATTIME 0
# Location of STATUS file (written to only if STATTIME is non-zero)
STATFILE /var/log/apcupsd.status
# LOGSTATS [ on | off ] on enables, off disables
# Note! This generates a lot of output, so if
# you turn this on, be sure that the
# file defined in syslog.conf for LOG_NOTICE is a named pipe.
# You probably do not want this on.
LOGSTATS off
# Time interval in seconds between writing the DATA records to
# the log file. 0 disables.
DATATIME 0
# FACILITY defines the logging facility (class) for logging to syslog.
# If not specified, it defaults to "daemon". This is useful
# if you want to separate the data logged by apcupsd from other
# programs.
#FACILITY DAEMON
#
# ========== Configuration statements used in updating the UPS EPROM =========
#
#
# These statements are used only by apctest when choosing "Set EEPROM with conf
# file values" from the EEPROM menu. THESE STATEMENTS HAVE NO EFFECT ON APCUPSD.
#
# UPS name, max 8 characters
#UPSNAME UPS_IDEN
# Battery date - 8 characters
#BATTDATE mm/dd/yy
# Sensitivity to line voltage quality (H cause faster transfer to batteries)
# SENSITIVITY H M L (default = H)
#SENSITIVITY H
# UPS delay after power return (seconds)
# WAKEUP 000 060 180 300 (default = 0)
#WAKEUP 60
# UPS Grace period after request to power off (seconds)
# SLEEP 020 180 300 600 (default = 20)
#SLEEP 180
# Low line voltage causing transfer to batteries
# The permitted values depend on your model as defined by last letter
# of FIRMWARE or APCMODEL. Some representative values are:
# D 106 103 100 097
# M 177 172 168 182
# A 092 090 088 086
# I 208 204 200 196 (default = 0 => not valid)
#LOTRANSFER 208
# High line voltage causing transfer to batteries
# The permitted values depend on your model as defined by last letter
# of FIRMWARE or APCMODEL. Some representative values are:
# D 127 130 133 136
# M 229 234 239 224
# A 108 110 112 114
# I 253 257 261 265 (default = 0 => not valid)
#HITRANSFER 253
# Battery charge needed to restore power
# RETURNCHARGE 00 15 50 90 (default = 15)
#RETURNCHARGE 15
# Alarm delay
# 0 = zero delay after pwr fail, T = power fail + 30 sec, L = low battery, N = never
# BEEPSTATE 0 T L N (default = 0)
#BEEPSTATE T
# Low battery warning delay in minutes
# LOWBATT 02 05 07 10 (default = 02)
#LOWBATT 2
# UPS Output voltage when running on batteries
# The permitted values depend on your model as defined by last letter
# of FIRMWARE or APCMODEL. Some representative values are:
# D 115
# M 208
# A 100
# I 230 240 220 225 (default = 0 => not valid)
#OUTPUTVOLTS 230
# Self test interval in hours 336=2 weeks, 168=1 week, ON=at power on
# SELFTEST 336 168 ON OFF (default = 336)
#SELFTEST 336
Неожиданно перестали идти бэкапы в логах на сервере
05-May 08:03 backup-dir JobId 2833: Start Backup JobId 2833, Job=BackupLotos.2014-05-05_08.03.47_05
05-May 08:05 backup-dir JobId 2833: There are no more Jobs associated with Volume "Full". Marking it purged.
05-May 08:05 backup-dir JobId 2833: All records pruned from Volume "Full"; marking it "Purged"
05-May 08:05 backup-dir JobId 2833: Recycled volume "Full"
05-May 08:05 backup-dir JobId 2833: Using Device "FileStorage"
05-May 08:05 backup-sd JobId 2833: Recycled volume "Full" on device "FileStorage" (/home/backup), all previous data lost.
05-May 08:11 andrey-fd JobId 2833: Generate VSS snapshots. Driver="Win32 VSS", Drive(s)="CD"
05-May 08:06 backup-dir JobId 2833: Fatal error: Network error with FD during Backup: ERR=Interrupted system call
05-May 08:06 backup-dir JobId 2833: Fatal error: No Job status returned from FD.
05-May 08:06 backup-dir JobId 2833: Bacula backup-dir 5.2.6 (21Feb12):
Build OS: x86_64-pc-linux-gnu debian 7.0
JobId: 2833
Job: BackupLotos.2014-05-05_08.03.47_05
Backup Level: Full
Client: "andrey-fd" 5.2.6 (21Feb12) Microsoft Windows XP Professional Service Pack 2 (build 2600),Cross-compile,Win32
FileSet: "WinSet" 2013-04-29 12:00:00
Pool: "Full-Pool" (From Job FullPool override)
Catalog: "MyCatalog" (From Client resource)
Storage: "Win" (From command line)
Scheduled time: 05-May-2014 08:03:43
Start time: 05-May-2014 08:05:51
End time: 05-May-2014 08:06:12
Elapsed time: 21 secs
Priority: 10
FD Files Written: 0
SD Files Written: 0
FD Bytes Written: 0 (0 B)
SD Bytes Written: 0 (0 B)
Rate: 0.0 KB/s
Software Compression: None
VSS: no
Encryption: no
Accurate: no
Volume name(s): Full
Volume Session Id: 2
Volume Session Time: 1399262413
Last Volume Bytes: 193 (193 B)
Non-fatal FD errors: 1
SD Errors: 0
FD termination status: Error
SD termination status: Error
Termination: Backup Canceled
В чем может быть проблема ?
есть две подсети 192.168.3.* и 192.168.2.* в первой есть прокси снетом (192.168.3.125 два интефейса eth0 - сеть eth1- нет ) во второй есть комп на который нужно дать нет 192.168.2.1 (eth0 - lan) делаю
на 192.168.3.125
route add -net 192.168.2.0/24 dev eth0
на 192.168.2.1
route add -net 192.168.3.0/24 dev eth0
и пробрасую через iptables 192.168.2.1 в нет напрямую
iptables -A FORWARD -s 192.168.2.1 -o ppp0 -j ACCEPT
пинги между компами ходят
oot@debianvirt:~# ping 192.168.3.125
PING 192.168.3.125 (192.168.3.125) 56(84) bytes of data.
64 bytes from 192.168.3.125: icmp_req=1 ttl=64 time=0.374 ms
64 bytes from 192.168.3.125: icmp_req=2 ttl=64 time=0.388 ms
^C
--- 192.168.3.125 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.374/0.381/0.388/0.007 ms
root@debianvirt:~# ping mail.ru
ping: unknown host mail.ru
Есть прокси на лине sams+squid2+фаер на iptables мой скрипт фаера
root@proxy:/etc/network/if-up.d# cat firewall
#!/bin/bash
modprobe ip_tables
modprobe ip_conntrack
modprobe ip_conntrack_ftp
modprobe ip_conntrack_irc
modprobe iptable_nat
#этот модуль позволяет работать с ftp в пассивном режиме
modprobe ip_nat_ftp
modprobe ip_nat_irc
#очистка цепочек
iptables -F INPUT
iptables -F FORWARD
iptables -F OUTPUT
iptables -t nat -F PREROUTING
iptables -t nat -F POSTROUTING
iptables -t mangle -F
#Запрет всего
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
#разрешаем все входящие пакеты на интрефейс замыкания на себя иначе ничего не работает
iptables -A INPUT -i lo -j ACCEPT
#РАЗРЕШЕНЫ ТОЛЬКО ВХОДЯЩИЕ СОЗДАННЫЕ НАШИМИ ИСХОДЯЩИМИ
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
#Правила повышающие безопасность
#Блочим входящие tcp соединения не syn пакетом (либо ошибка либо атака)
iptables -I INPUT -m conntrack --ctstate NEW -p tcp ! --syn -j DROP
iptables -I INPUT -m conntrack --ctstate NEW,INVALID -p tcp --tcp-flags SYN,ACK SYN,ACK -j REJECT
#Фильтруем ICMP по типам
#iptables -A INPUT -p icmp -j ACCEPT
#iptables -A OUTPUT -p icmp -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 3 -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 8 -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 12 -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type 0 -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type 3 -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type 4 -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type 11 -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type 12 -j ACCEPT
#Запрещаем пинги из локальной сети
#iptables -I FORWARD -s 192.168.3.0/24 -p icmp -j DROP
#Разрешаем принимать dns запросы на 53 udp и tcp порт от сервера горгаза 192.168.3.74
iptables -A INPUT -i eth0 -s 192.168.3.74 -p udp --dport 53 -j ACCEPT
iptables -A INPUT -i eth0 -s 192.168.3.74 -p tcp --dport 53 -j ACCEPT
#разрешаем доступ из локальной сети на порты 22(ssh),3128 прокси squid,80 - apache веб морды
iptables -A INPUT -i eth0 -p tcp -m multiport --dport 22,80,3128 -j ACCEPT
#Разрешаем запросы на сервер времени
iptables -A INPUT -i eth0 -p udp --dport 123 -j ACCEPT
#подстройка mtu без этого правила компы ходящие мимо прокси не открывают некоторые сайты
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
#Разрешаем хождение через цепочку форвард пакетов идущих в ответ на пакеты с eth0
iptables -A FORWARD -i ppp0 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
#Пробрасывем ip внет на всех портах 192.168.3.50 - тот кого надо прокинуть
#iptables -A FORWARD -s 192.168.3.50 -o ppp0 -j ACCEPT
#Пробрасывем ip внет на 25,110 портах 192.168.3.90 - тот кого надо прокинуть
#iptables -A FORWARD -s 192.168.3.90 -o ppp0 -p tcp -m multiport --dport 25,110 -j ACCEPT
###Компы ходящие мимо прокси !!!####
#
iptables -A FORWARD -s 192.168.3.97 -o ppp0 -j ACCEPT
#igor
iptables -A FORWARD -s 192.168.3.99 -d srv1.cloud.megaindex.ru -o ppp0 -j ACCEPT
# андрей линукс и винда
iptables -A FORWARD -s 192.168.3.127 -o ppp0 -j ACCEPT
#Маскарадим то что прошло через цепочку forward
iptables -t nat -I POSTROUTING -s 192.168.3.0/24 -o ppp0 -j MASQUERADE
собственно при запуске config error cannot open config file etc/bacula/bat.conf отказано в доступе , а из по root через alt+f2 kdesu bat стартует подскажите в чем косяк , ясно что не хватает прав а что делать дальше пока не понял
необходимо востановить данные с бэк апа на линух машину 192.168.3.101-сервер бэкапа на бакуле (backup) 192.168.3.15-клиент (debiantest)
на сервере в bacula-dir.conf
создаю
Client {
Name = debiantest-fd
Address = 192.168.3.15
FDPort = 9102
Catalog = MyCatalog
Password = "759123" # password for FileDaemon 2
File Retention = 2 months # 30 days
Job Retention = 2 months # six months
AutoPrune = yes # Prune expired Jobs/Files
}
ставлю на клиента bacula-fd и bacula-console-qt bacula-fd.conf
root@debiantest:/etc/bacula# cat bacula-fd.conf
#
# Default Bacula File Daemon Configuration file
#
# For Bacula release 5.2.6 (21 February 2012) -- debian 7.0
#
# There is not much to change here except perhaps the
# File daemon Name to
#
#
# List Directors who are permitted to contact this File daemon
#
Director {
Name = backup-dir
Password = "759123"
}
#
# Restricted Director, used by tray-monitor to get the
# status of the file daemon
#
Director {
Name = backup-mon
Password = "xRvFL3Ablqto_bFmN6pBJZhLSK8B6hhIh"
Monitor = yes
}
#
# "Global" File daemon configuration specifications
#
FileDaemon { # this is me
Name = debiantest-fd
FDport = 9102 # where we listen for the director
WorkingDirectory = /var/lib/bacula
Pid Directory = /var/run/bacula
Maximum Concurrent Jobs = 20
FDAddress = 192.168.3.101
}
# Send all messages except skipped files back to Director
Messages {
Name = Standard
director = debiantest-dir = all, !skipped, !restored
}
bat.conf
root@debiantest:/etc/bacula# cat bat.conf
#
# Bacula Administration Tool (bat) configuration file
#
Director {
Name = backup-dir
DIRport = 9101
address = 192.168.3.101
Password = "ne3pY6YN39K3V1RT5nwx5Y3W1WjmMRIDR"
}
запускаю bat на клиенте щелкаю по пунту klients вижу всех описание установленных клиентов , кроме debiantest, щелкаю по нему и выбираю status client получаю Failed to connect to Client debiantest-fd.
подскажите где ошибся ?
Поставил новую ситему на свежее железов в итоге в кедах мигает курсор мыши особенно заметно когда наводишь его на кнопки закрыть свернуть в верху окон. Информация о системе :
Linux debiantest 3.2.0-4-amd64 #1 SMP Debian 3.2.51-1 x86_64 GNU/Linux
00:00.0 Host bridge: Intel Corporation Haswell DRAM Controller (rev 06)
Subsystem: Giga-byte Technology Device 5000
00:02.0 VGA compatible controller: Intel Corporation Device 041e (rev 06)
Subsystem: Giga-byte Technology Device d000
00:03.0 Audio device: Intel Corporation Haswell HD Audio Controller (rev 06)
Subsystem: Intel Corporation Device 2010
Kernel driver in use: snd_hda_intel
00:14.0 USB controller: Intel Corporation Lynx Point USB xHCI Host Controller (rev 05)
Subsystem: Giga-byte Technology Device 5007
Kernel driver in use: xhci_hcd
00:16.0 Communication controller: Intel Corporation Lynx Point MEI Controller #1 (rev 04)
Subsystem: Giga-byte Technology Device 1c3a
00:1a.0 USB controller: Intel Corporation Lynx Point USB Enhanced Host Controller #2 (rev 05)
Subsystem: Giga-byte Technology Device 5006
Kernel driver in use: ehci_hcd
00:1b.0 Audio device: Intel Corporation Lynx Point High Definition Audio Controller (rev 05)
Subsystem: Giga-byte Technology Device a002
Kernel driver in use: snd_hda_intel
00:1c.0 PCI bridge: Intel Corporation Lynx Point PCI Express Root Port #1 (rev d5)
Kernel driver in use: pcieport
00:1c.2 PCI bridge: Intel Corporation Lynx Point PCI Express Root Port #3 (rev d5)
Kernel driver in use: pcieport
00:1c.3 PCI bridge: Intel Corporation 82801 PCI Bridge (rev d5)
00:1d.0 USB controller: Intel Corporation Lynx Point USB Enhanced Host Controller #1 (rev 05)
Subsystem: Giga-byte Technology Device 5006
Kernel driver in use: ehci_hcd
00:1f.0 ISA bridge: Intel Corporation Lynx Point LPC Controller (rev 05)
Subsystem: Giga-byte Technology Device 5001
00:1f.2 SATA controller: Intel Corporation Lynx Point 6-port SATA Controller 1 [AHCI mode] (rev 05)
Subsystem: Giga-byte Technology Device b005
Kernel driver in use: ahci
00:1f.3 SMBus: Intel Corporation Lynx Point SMBus Controller (rev 05)
Subsystem: Giga-byte Technology Device 5001
02:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168B PCI Express Gigabit Ethernet controller (rev 06)
Subsystem: Giga-byte Technology GA-EP45-DS5/GA-EG45M-DS2H Motherboard
Kernel driver in use: r8169
03:00.0 PCI bridge: Intel Corporation 82801 PCI Bridge (rev 41)
Кеды 4.8.4
собственно была поставлена задача бэкапить каталог максимальный размер которого не будет превышать 10 g
*
*
job {
Name = "BackupServer1"#имя
Type = Backup #Тип backup,restore и т.п.
Level = Full #Уровень полный
Client = server1-fd # имя клиента
FileSet = "server1Set"# Набор файлов для сохранения описывается ниже
Schedule = "winschedule" # Название расписание где определно с какой периодичностью бэкапит, описано ниже
Storage = Win # Файловое хранилище куда сохранять
Messages = Standard # Уведомление
Pool = Win # Pool куда пишем бэкапы
#Делаем отдельные pool для каждого типа бэкпа
Full Backup Pool = server1Full-Pool
Incremental Backup Pool = server1Inc-Pool
Differential Backup Pool = server1Diff-Pool
Priority = 10 # Приоритет давая приоритеты от 1 до 10 регулируем последовательность выполнения
Write Bootstrap = "/var/lib/bacula/%c.bsr" # Этот файл позволяет востанавливать копии если есть какие либо проблемы с sql каталогом
}
*
*
Pool {
Name = server1Full-Pool
Pool Type = Backup
Recycle = yes # Bacula can automatically recycle Volumes
AutoPrune = yes # Prune expired volumes
Volume Retention = 15 days # one year
Maximum Volume Jobs = 1
Maximum Volume Bytes = 10G # Limit Volume size to something reasonable
Maximum Volumes = 4 # Limit number of Volumes in Pool
Label Format = "Full-"
}
Связка squid+sams2 до недавнего времени все работало как часики , но буквально пару дней на зад в браузере юзеров при обращении к сайтам стало появлятся окно прокси сервер не доступен , за хожу по ssh на проксик squid лежит в cache.log
2013/12/19 16:33:58| Starting Squid Cache version 2.7.STABLE9 for i386-debian-linux-gnu...
2013/12/19 16:33:58| Process ID 7150
2013/12/19 16:33:58| With 1024 file descriptors available
2013/12/19 16:33:58| Using epoll for the IO loop
2013/12/19 16:33:58| DNS Socket created at 0.0.0.0, port 54342, FD 6
2013/12/19 16:33:58| Adding nameserver 77.75.129.3 from /etc/resolv.conf
2013/12/19 16:33:58| Adding nameserver 8.8.8.8 from /etc/resolv.conf
2013/12/19 16:33:58| helperOpenServers: Starting 5 'samsredir' processes
2013/12/19 16:33:58| User-Agent logging is disabled.
2013/12/19 16:33:58| Referer logging is disabled.
2013/12/19 16:33:58| logfileOpen: opening log /var/log/squid/access.log
2013/12/19 16:33:58| Unlinkd pipe opened on FD 17
2013/12/19 16:33:58| Swap maxSize 102400 + 8192 KB, estimated 8507 objects
2013/12/19 16:33:58| Target number of buckets: 425
2013/12/19 16:33:58| Using 8192 Store buckets
2013/12/19 16:33:58| Max Mem size: 8192 KB
2013/12/19 16:33:58| Max Swap size: 102400 KB
2013/12/19 16:33:58| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2013/12/19 16:33:58| logfileOpen: opening log /var/log/squid/store.log
2013/12/19 16:33:58| Rebuilding storage in /var/spool/squid (CLEAN)
2013/12/19 16:33:58| Using Least Load store dir selection
2013/12/19 16:33:58| Set Current Directory to /var/spool/squid
2013/12/19 16:33:58| Loaded Icons.
2013/12/19 16:33:58| Accepting proxy HTTP connections at 0.0.0.0, port 3128, FD 19.
2013/12/19 16:33:58| Accepting ICP messages at 0.0.0.0, port 3130, FD 20.
2013/12/19 16:33:58| HTCP Disabled.
2013/12/19 16:33:58| WCCP Disabled.
2013/12/19 16:33:58| Ready to serve requests.
2013/12/19 16:33:58| Done reading /var/spool/squid swaplog (2302 entries)
2013/12/19 16:33:58| Finished rebuilding storage from disk.
2013/12/19 16:33:58| 2302 Entries scanned
2013/12/19 16:33:58| 0 Invalid entries.
2013/12/19 16:33:58| 0 With invalid flags.
2013/12/19 16:33:58| 2302 Objects loaded.
2013/12/19 16:33:58| 0 Objects expired.
2013/12/19 16:33:58| 0 Objects cancelled.
2013/12/19 16:33:58| 0 Duplicate URLs purged.
2013/12/19 16:33:58| 0 Swapfile clashes avoided.
2013/12/19 16:33:58| Took 0.3 seconds (8436.6 objects/sec).
2013/12/19 16:33:58| Beginning Validation Procedure
2013/12/19 16:33:58| Completed Validation Procedure
2013/12/19 16:33:58| Validated 2302 Entries
2013/12/19 16:33:58| store_swap_size = 90380k
2013/12/19 16:33:59| WARNING: url_rewriter #1 (FD 8) exited
2013/12/19 16:33:59| WARNING: url_rewriter #2 (FD 9) exited
2013/12/19 16:33:59| WARNING: url_rewriter #3 (FD 10) exited
2013/12/19 16:33:59| Too few url_rewriter processes are running
2013/12/19 16:33:59| storeDirWriteCleanLogs: Starting...
2013/12/19 16:33:59| WARNING: Closing open FD 19
2013/12/19 16:33:59| commSetEvents: epoll_ctl(EPOLL_CTL_DEL): failed on fd=19: (1) Operation not permitted
2013/12/19 16:33:59| Finished. Wrote 2302 entries.
2013/12/19 16:33:59| Took 0.0 seconds (5533653.8 entries/sec).
FATAL: The url_rewriter helpers are crashing too rapidly, need help
root@proxy:/home/rab/rab SQUID# sed -e '/^ *#/d; /^[ \t]*$/d' squid.conf
acl Sams2Time1 time MTWHFAS 00:00-23:59
acl Sams2Template1 src 192.168.3.102
acl Sams2Template1 src 192.168.3.103
acl Sams2Template1 src 192.168.3.117
acl Sams2Template1 src 192.168.3.126
acl Sams2Template1 src 192.168.3.13
acl Sams2Template1 src 192.168.3.157
acl Sams2Template1 src 192.168.3.16
acl Sams2Template1 src 192.168.3.19
acl Sams2Template1 src 192.168.3.24
acl Sams2Template1 src 192.168.3.26
acl Sams2Template1 src 192.168.3.29
acl Sams2Template1 src 192.168.3.4
acl Sams2Template1 src 192.168.3.41
acl Sams2Template1 src 192.168.3.43
acl Sams2Template1 src 192.168.3.48
acl Sams2Template1 src 192.168.3.50
acl Sams2Template1 src 192.168.3.51
acl Sams2Template1 src 192.168.3.52
acl Sams2Template1 src 192.168.3.55
acl Sams2Template1 src 192.168.3.58
acl Sams2Template1 src 192.168.3.6
acl Sams2Template1 src 192.168.3.63
acl Sams2Template1 src 192.168.3.65
acl Sams2Template1 src 192.168.3.67
acl Sams2Template1 src 192.168.3.71
acl Sams2Template1 src 192.168.3.72
acl Sams2Template1 src 192.168.3.75
acl Sams2Template1 src 192.168.3.76
acl Sams2Template1 src 192.168.3.77
acl Sams2Template1 src 192.168.3.80
acl Sams2Template1 src 192.168.3.81
acl Sams2Template1 src 192.168.3.83
acl Sams2Template1 src 192.168.3.88
acl Sams2Template1 src 192.168.3.9
acl Sams2Template1 src 192.168.3.92
acl Sams2Template1 src 192.168.3.93
acl Sams2Template1 src 192.168.3.94
acl Sams2Template1 src 192.168.3.96
acl Sams2Template1 src 192.168.3.97
acl Sams2Template3 src 192.168.3.127
acl Sams2Template3 src 192.168.3.15
acl Sams2Template3 src 192.168.3.64
acl Sams2Template3 src 192.168.3.82
acl Sams2Template3 src 192.168.3.90
acl Sams2Template3 src 192.168.3.99
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow Sams2Template1
http_access allow Sams2Template3
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all
icp_access allow localnet
icp_access deny all
http_port 3128
hierarchy_stoplist cgi-bin ?
access_log /var/log/squid/access.log squid
url_rewrite_program /usr/bin/samsredir
url_rewrite_children 5
acl Sams2Proxy dst your.ip.address
url_rewrite_access deny Sams2Proxy
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
refresh_pattern . 0 20% 4320
acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
upgrade_http0.9 deny shoutcast
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
extension_methods REPORT MERGE MKACTIVITY CHECKOUT
hosts_file /etc/hosts
coredump_dir /var/spool/squid
Подскажите в чем может быть затык
имеем прокси сервер , сервер бэкапа оба сервака на debian плюс планируется расширение парка серверов , стоит задача упростить мониторинг логов на текущих и вновь подключаемых серверах. Если кто сталкивался подскажите варианты решения этой задачи
Собственно есть задача - покрыть wif определенную территорию, подскажите есть ли реализации программных контролеров wifi под debian ?
Собственно запускаю bat (версия 5.2.6 , 5)
Connecting to Director 192.168.3.101:9101
1000 OK: backup-dir Version: 5.2.6 (21 February 2012)
после этого сообщения идет куча других о прошедших бэкапах
Собствено нужно бэкапить 1 папку раз в неделю в 21 00 (Full) глубина архива -15 дней
# Backup winhost
Job {
Name = "BackupWin"#имя
Type = Backup #Тип backup,restore и т.п.
Level = Full #Уровень полный
Client = andrey-fd # имя клиента
FileSet = "WinSet"# Набор файлов для сохранения описывается ниже
Schedule = "winschedule" # Название расписание где определно с какой периодичностью бэкапит, описано ниже
Storage = Win # Файловое хранилище куда сохранять
Messages = Standard # Уведомление
Pool = Win # Pool куда пишем бэкапы
Priority = 10 # Приоритет давая приоритеты от 1 до 10 регулируем последовательность выполнения
Write Bootstrap = "/var/lib/bacula/%c.bsr" # Этот файл позволяет востанавливать копии если есть какие либо проблемы с sql каталогом
}
FileSet {
Name = "WinSet"
Include {
Options {
# signature = MD5
# compression = GZIP
# recurse = yes
# portable = no
# noatime = yes
# checkfilechanges = yes
signature = MD5
ignore Case = yes
compression = GZIP
wildfile = "*.mp3"
wildfile = "*.mp4"
wildfile = "*.wav"
wildfile = "*.3gp"
wildfile = "*.gif"
wildfile = "*.avi"
wildfile = "ntuser.dat"
wilddir = "tmp"
wilddir = "TMP"
wilddir = "Temporary Internet Files"
wilddir = "recycled"
# wilddir = "ALTA"
# regexfile = "*.dt"
exclude = yes
}
#
# Put your list of files here, preceded by 'File =', one per line
# or include an external list with:
#
# File = <file-name
#
# Note: / backs up everything on the root partition.
# if you have other partitions such as /usr or /home
# you will probably want to add them too.
#
# By default this is defined to point to the Bacula binary
# directory to give a reasonable FileSet to backup to
# disk storage during initial testing.
#
File = "C:/Documents and Settings/spg"
}
}
Schedule {
Name = "winschedule"
Run = Full 1st sun at 23:05
Storage {
Name = Win
Address = 192.168.3.101
SDPort = 9103
Password = "HMZJEKZ826yOS3Bk1nboH-6DWQN90Ptx8"
Device = FileStorage
Media Type = File
}
Pool {
Name = Win
Pool Type = Backup
Recycle = yes
AutoPrune = yes
Volume Retention = 15 days
Maximum Volume Bytes = 60G
Maximum Volumes = 20
}
Дальше создаю 1 том в pool win в него и будут литься бэкапы. Правильно ли я все понял и сделал ?
Собственно есть объект из 3-х зданий + уличная площадка (wifi нужен везде). Получается треугольник со сторонами 100 и 100 и основанием 200 метров на территории куча деревьев . На объекте возможно будет до 100 клиентов wifi совокупно (может быть и больше). Подскажите как лучше реализовать и какое оборудование использовать ?
Перемещено beastie из general
| ← предыдущие | следующие → |