基础服务安装:

[root@ftp ~]# mount /dev/cdrom /mnt

mount: block device /dev/sr0 is write-protected, mounting read-only

[root@ftp ~]# yum -y install vsftpd bind bind-chroot bind-utils dhcp 


1.配置dhcp服务:

[root@ftp ~]# vi /etc/dhcp/dhcpd.conf

:r /usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample  ##读取模板配置

:%g/^#/d  ##删除注释

:%g/^$/d  ##删除空行


option domain-name "linuxfan.cn";

option domain-name-servers 192.168.100.110;

default-lease-time 600;

max-lease-time 7200;

log-facility local7;

subnet 192.168.100.0 netmask 255.255.255.0 {

  range 192.168.100.50 192.168.100.99;

  option routers 192.168.100.117;

  next-server 192.168.100.110;

  filename "pxelinux.0";

}

:wq

[root@ftp ~]# /etc/init.d/dhcpd start

正在启动 dhcpd:                                           [确定]

[root@ftp ~]# chkconfig dhcpd on

[root@ftp ~]# netstat -utpln |grep dhcp

udp        0      0 0.0.0.0:67         0.0.0.0:*            1264/dhcpd


2.配置ftp服务:

1)修改vsftpd配置并实现要求:

[root@ftp ~]# cd /etc/vsftpd/

[root@ftp vsftpd]# cp vsftpd.conf vsftpd.conf.bak  ##备份配置文件

[root@ftp vsftpd]# vi vsftpd.conf  

:%g/^$/d

:%g/^#/d

修改如下:


anonymous_enable=YES

local_enable=YES

write_enable=YES

local_umask=022

dirmessage_enable=YES

xferlog_enable=YES

connect_from_port_20=YES

xferlog_std_format=YES

chroot_local_user=YES

ls_recurse_enable=NO

listen=YES

pam_service_name=vsftpd

userlist_enable=YES

tcp_wrappers=YES


pasv_enable=YES

pasv_min_port=24500

pasv_max_port=24600

chown_uploads=YES

chown_username=u01

local_root=/var/ftproot/

anon_root=/var/ftproot/

ftpd_banner=Welcome to linuxfan.cn FTP service.

anon_upload_enable=NO

listen_address=192.168.100.110

local_umask=022

:wq


[root@ftp vsftpd]# useradd -d /var/ftproot -c "ftp admin user" -u 110 u01; echo pwd@123 |passwd --stdin u01

[root@ftp vsftpd]# id u01

uid=110(u01) gid=500(u01) 组=500(u01)

[root@ftp vsftpd]# grep u01 /etc/passwd

u01:x:110:500:ftp admin user:/var/ftproot:/bin/bash

[root@ftp vsftpd]# chmod 755 /var/ftproot/

[root@ftp vsftpd]# /etc/init.d/vsftpd restart

[root@ftp vsftpd]# netstat -utpln |grep ftp

tcp     0    0     192.168.100.110:21    0.0.0.0:*         LISTEN      1310/vsftpd

[root@ftp vsftpd]# chkconfig vsftpd on

2)访问测试:

wKiom1c22fXDw26QAAEDxXYlMcM384.png


3.配置dns服务:

修改配置文件:

[root@ftp ~]# cd /var/named/chroot/etc/

[root@ftp etc]# cp /usr/share/doc/bind-9.8.2/sample/etc/named.conf ./

[root@ftp etc]# vi named.conf   #配置文件

修改如下:

options

{

        directory               "/var/named";   //"Working" directory

        dump-file               "data/cache_dump.db";

        statistics-file         "data/named_stats.txt";

        memstatistics-file      "data/named_mem_stats.txt";

        listen-on port 53       { 192.168.100.110; };

        allow-query             { 192.168.100.0/24; };

        allow-query-cache       { 192.168.100.0/24; };

        recursion yes;

};


logging

{

        channel default_debug {

                file "data/named.run";

                severity dynamic;

        };

};


zone "." IN {

                type hint;

                file "/var/named/named.ca";

        };


zone "linuxfan.cn." IN {

                type master;

                file "linuxfan.cn.zone";

        };

zone "100.168.192.in-addr.arpa" IN {

                type master;

                file "192.168.100.arpa";

        };

:wq

[root@ftp etc]# cd ../var/named/

[root@ftp named]# cp /usr/share/doc/bind-9.8.2/sample/var/named/named.localhost ./

[root@ftp named]# mv named.localhost linuxfan.cn.zone

[root@ftp named]# vi linuxfan.cn.zone   ##正向解析配置文件

修改如下:

$TTL 1D

@ IN SOA linuxfan.cn. root.linuxfan.cn. (

0 ; serial

1D ; refresh

1H ; retry

1W ; expire

3H ) ; minimum

@ IN NS ns.linuxfan.cn.

mail IN MX 10 mail.linuxfan.cn.

@ IN A 192.168.100.110

ns IN A 192.168.100.110

ftp IN CNAME ns

dhcp IN CNAME ns

mail IN A 192.168.100.113

www IN A 192.168.100.111

db IN A 192.168.100.112

tech IN A 192.168.100.114

kvm IN A 192.168.100.115

monitor IN A 192.168.100.116

gateway IN A 192.168.100.117

:wq

[root@ftp named]# cp linuxfan.cn.zone 192.168.100.arpa

[root@ftp named]# vi 192.168.100.arpa  ##反向解析配置文件

修改如下:

$TTL 1D

@ IN SOA linuxfan.cn. root.linuxfan.cn. (

0 ; serial

1D ; refresh

1H ; retry

1W ; expire

3H ) ; minimum

@ IN NS ns.linuxfan.cn.

mail IN MX 10 mail.linuxfan.cn.

110 IN PTR ns.linuxfan.cn.

ftp IN CNAME ns

dhcp IN CNAME ns

113 IN PTR mail.linuxfan.cn.

111 IN PTR www.linuxfan.cn.

112 IN PTR db.linuxfan.cn.

114 IN PTR tech.linuxfan.cn.

115 IN PTR kvm.linuxfan.cn.

116 IN PTR monitor.linuxfan.cn.

117 IN PTR gateway.linuxfan.cn.

:wq

[root@ftp named]# cp /usr/share/doc/bind-9.8.2/sample/var/named/named.ca ./

[root@ftp named]# named-checkzone linuxfan.cn.zone 192.168.100.arpa  ##测试配置文件

zone linuxfan.cn.zone/IN: mail.linuxfan.cn.zone/MX 'mail.linuxfan.cn' (out of zone) has no addresses records (A or AAAA)

zone linuxfan.cn.zone/IN: loaded serial 0

OK

[root@ftp named]# /etc/init.d/named restart

停止 named:                                               [确定]

启动 named:                                               [确定]

[root@ftp named]# chkconfig named on

[root@ftp ~]# netstat -utpln |grep 53

tcp        0      0 192.168.100.110:53     0.0.0.0:*         LISTEN      1987/named          

tcp        0      0 127.0.0.1:953          0.0.0.0:*         LISTEN      1987/named          

tcp        0      0 ::1:953         :::*                    LISTEN      1987/named          

udp   0  0 192.168.100.110:53            0.0.0.0:*                  1987/named


使用nslookup测试