XDQ的笔记本

centos 7 firewalld audit and report

 • 
rule port port="12082" protocol="tcp" log prefix="proxy-port-activity" limit value="1/m" audit accept

ausearch -m NETFILTER_PKT | aureport -h --summary

Windows Server 2012/2016 RDS 部署使用非443端口远程桌面网关

 • 

在管理终端powershell执行以下命令

Set-RDSessionCollectionConfiguration –CollectionName "<Your Session  Collectionnam>" -CustomRdpProperty "  gatewayhostname:s:<RDGW-FQDN>:<yourport>" -ConnectionBroker  <Your RD ConnectionBroker>
<Your Session  Collectionnam>    远程桌面集合名称
<RDGW-FQDN>                      远程桌面网关FQDN
<yourport>                       远程桌面网关端口
<Your RD ConnectionBroker>       远程桌面会话主机名称

Windows Server Core 配置 Windows Internal Database 内存限制

 •  Filed under windows, wid, sql server
安装Microsoft ODBC Driver 13.1 for SQL Server

http://go.microsoft.com/fwlink/?LinkId=825608

安装Microsoft Command Line Utilities 13.1 for SQL Server

https://www.microsoft.com/en-us/download/details.aspx?id=53591

执行sqlcmd
cd c:\Program Files\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn
SQLCMD.EXE -E -S \\.\pipe\Microsoft##WID\tsql\query
显示高级选项
exec sp_configure 'show advanced option', '1';
reconfigure;
查询当前设置(max server memory行)
exec sp_configure;
go
设置内存限制为(2048MB)
exec sp_configure 'max server memory', 2048;
reconfigure with override;
go
退出
quit
重启wid服务

Centos7 apache使用freeipa pki提供证书

 •  Filed under centos, centos7, linux, selinux, freeipa

安装apache和mod_nss

sudo yum install httpd mod_nss -y

配置mod_nss

sudo sh -c "echo 'Listen 443' >> /etc/httpd/conf.d/nssconfig.conf"
sudo sh -c "echo 'NSSCipherSuite +aes_128_sha_256,+aes_256_sha_256,+ecdhe_ecdsa_aes_128_gcm_sha_256,+ecdhe_ecdsa_aes_128_sha,+ecdhe_ecdsa_aes_256_sha,+ecdhe_rsa_aes_128_gcm_sha_256,+ecdhe_rsa_aes_128_sha,+ecdhe_rsa_aes_256_sha,+rsa_aes_128_gcm_sha_256,+rsa_aes_128_sha,+rsa_aes_256_sha' >> /etc/httpd/conf.d/nssconfig.conf"
sudo sh -c "echo 'NSSCertificateDatabase /etc/httpd/alias' >> /etc/httpd/conf.d/nssconfig.conf"

从/etc/httpd/conf.d/nss.conf中删除默认虚拟主机

获取证书

ipa-getcert request -d /etc/httpd/alias -n 'alianame' -K HTTP/'hostname' -D 'FQDN.com'

配置https虚拟主机

<VirtualHost *:443>
    ServerName FQDN

    NSSEngine on
    NSSNickname alianame

    ProxyPass / http://localhost:8080/
    ProxyPassReverse / http://localhost:8080/
    RequestHeader set X-Forwarded-Proto "https"
</VirtualHost>

使用存储空间整合SSD空间

 • 

最进空余了几块不同容量的固态硬盘打算将它们合并到一个分区用来放steam,可惜Windows10控制面板默认的存储池设置很不理想,只好用powershell

确认将加入存储池的硬盘
Windows会自动将没有分区的硬盘标为可加入存储池。

Get-PhysicalDisk -CanPool $True

创建存储池,使用4k逻辑扇区,默认关闭回写缓存
"ssd" 可以替换为任意希望的名字

$pd = Get-PhysicalDisk -CanPool $True
$spname = "ssd"
New-StoragePool -PhysicalDisks $pd –StorageSubSystemFriendlyName "*" -FriendlyName $spname –LogicalSectorSizeDefault 4096 –WriteCacheSizeDefault 0

创建虚拟硬盘
column相当于raid0中硬盘的数量,按我有的1个512,2个256,选择2可以使用大部分的空间并增加一倍的持续速度

$vdname = "games"
$column = 2
$vd1 = New-VirtualDisk -StoragePoolFriendlyName $spname -FriendlyName $vdname -MediaType SSD -ResiliencySettingName Simple -WriteCacheSize 0 -NumberOfColumns $column -ProvisioningType Fixed -UseMaximumSize