telnet qustion

Ltaotao007 2003-10-16 12:20:44
我在redhat9.0上安装了telnet-server-0.17-25,运行成功,远程也可以登录.
但是有两个问题:
一:我创建了两个用户,设为同一组,但是一个用户telnet登录,不能进入另一个用户的目录,为什么?照说可以呀,两个用户的权限也设为同组可以读和执行.
二:我的一个用户远程登录后,从win2000,但不播放自己目录的mp3.但在服务器上登录可以播放.为什么?
请高手解答>>>>>
...全文
58 1 打赏 收藏 转发到动态 举报
写回复
用AI写文章
1 条回复
切换为时间正序
请发表友善的回复…
发表回复
zeng_xiangyang 2003-10-17
  • 打赏
  • 举报
回复
up
Keyboard shortcuts A quick reference guide to UltraEdit's default keyboard shortcuts Keymapping and custom hotkeys How to customize 键映射s and menu hotkeys Column Markers The benefit of a column maker is that it can help you to format your text/code, or in some cases to make it easier to read in complex nested logic. Quick Open UltraEdit and UEStudio provide multiple methods to quickly open files without using the standard Open File dialog. A favorite method among power users is the Quick Open in the File menu. The benefit of the quick open dialog is that it loads up very... Vertical & Horizontal Split Window This is a convenient feature when you're manually comparing files, when you want to copy/paste between multiple files, or when you simply want to divide up your edit space. Tabbed Child Windows Declutter your edit space by using the tabbed child windows feature Auto-Hide Child Windows When you're deep in your code, the most important thing is editing space. The all new auto-hide child windows give you The all new auto-hide child windows allow you to maximize your editing space by hiding the child windows against the edge of the editor. Customizing toolbars Did you know that you can not only change what is on UltraEdit's toolbars, you can also change the icon used, as well as create your own custom toolbars and tools? File tabs Understand how file tabs can be displayed, controlled and configured through the window docking system in UltraEdit/UEStudio. Create user/project tools Execute DOS or Windows commands in UltraEdit or UEStudio Temporary Files UltraEdit and UEStudio use temporary files... but what are temporary files? This power tip provides an explanation as well as some tips to get the most out of temp files. Backup and Restore Settings One of the staples of UltraEdit (and UEStudio) is its highly configurable interface and features. However, what happens when you're moving to a new system and you want to port your settings and customizations over along with UltraEdit? Add a webpage to your toolbar Use UltraEdit's powerful user tools to launch your favorite website from the click of a button on your toolbar Integrate Yahoo!, Google, Wikipedia and more with UltraEdit This tutorial will show you how to access the information you need in your browser by simply highlighting your text in the edit window and clicking your toolbar button How to install UE3 UE3 is the portable version of UltraEdit developed specifically for the U3 smart drive. You will need a U3-compatible USB drive for this power tip Scripting tutorial An introduction to UltraEdit's integrated scripting feature The List Lines Containing String option in Find The lists lines option can be a handy tool when searching because it presents all occurrences of the find string in a floating dialog box. You can use the dialog to navigate to each instance by double-clicking on one of the result lines... Scripting Access to the Clipboard How to access the Clipboard using the integrated scripting engine Scripting access to output window How to access the output window using the integrated scripting engine Writing a macro Steps to record and edit powerful macros to quickly and efficiently edit files Using "copied" and "selected" variables for dynamic macros Use copied and selected text in macros to dramatically increase the power and flexibility of UltraEdit macros Run a macro or script from the command line We are often asked if it is possible to run an UltraEdit macro or script on a file from the command line. The answer is yes - and it's not only possible, it's extremely simple! Using find/replace UltraEdit and UEStudio give you the ability to perform a find or replace through one or more files. Learn how to use UltraEdit/UEStudio's powerful find and replace. Multiline find and replace Search and replace text spanning several lines Incremental search Incremental search is an inline, progressive search that allows you to find matched text as you type, much like Firefox's search feature Regular expressions Regular Expressions are essentially patterns (rather than specific strings) that are used with Find/Replace operations. This guide can dramatically improve your speed and efficiency for Find/Replace Tagged expressions "Tagging" the find data allows UltraEdit/UEStudio to re-use the data similar to variable during a replace. For example, If ^(h*o^) ^(f*s^) matches "hello folks", ^2 ^1 would replace it with "folks hello". Perl compatible regular expressions An introduction to using Perl-style regular expressions for search/replace Perl regex tutorial: non-greedy regular expressions Have you ever built a complex Perl-style regular expression, only to find that it matches much more data than you anticipated? If you've ever found yourself pulling your hair out trying to build the perfect regular expression to match the least amoun... Remove blank lines A question we often see is "I have a lot of blank lines in my file and I don't want to go through and manually delete them. Is there an easier way to do this?" The answer is: yes! Configure FTP Set up and configure multiple FTP accounts TaskMatch Environments How to use TaskMatch Environments in UltraEdit and UEStudio Configure FTP backup Save a local copy of your files when you transfer them to FTP directories Encrypt and Decrypt Text Files Use UltraEdit to encrypt and decrypt your text files Link to remote directories Sync local directories with remote (FTP/SFTP) directories Compare Modified File Against Source File How to compare the modified file against the source file on disk. Column Based Find and Replace Need to restrict your search/replace to a specific column range? The column based search does just that... Compare Highlighted Text If you need to quickly compare of portions of text, rather than an entire file, then you need UltraEdit/UEStudio's selected text compare! The selected text compare allows you to select portions of text between 2 files and execute a compare on ONLY the se Using the SSH/telnet console A tutorial for UltraEdit/UEStudio's SSH/telent feature Adding a wordfile Adding a wordfile in UltraEdit v15.00 and greater Adding a wordfile (in v14.20 and earlier) Add a language definition to your wordfile for use with UltraEdit and UEStudio's powerful syntax highlighting Syntax highlighting and code folding Explanation of highlighting and folding definitions in the UltraEdit/UEStudio wordfile Create Your Own TaskMatch Environment How to create your own TaskMatch Environments Filtering the Explorer View How to filter the Explorer view in UltraEdit and UEStudio Group Files and Folders with Projects How to group your files and folders using Projects Adding or removing file extensions for syntax highlighting How to configure syntax highlighting to highlight different file types automatically Project Settings Advanced Project Features - Using the UltraEdit/UEStudio project settings dialog Scripting Techniques Scripting techniques for UltraEdit/UEStudio. Perl-style regular expressions for function strings Using Perl-Style regexes to identify functions in your syntax-highlighted files and populate the function list Autocorrect keywords in UltraEdit/UEStudio How to enable and disable autocorrect keywords with syntax highlighting Insert Menu Commands UltraEdit includes several special insert functions under the Insert menu. You can use these functions to insert a file into the active file, insert a string into the file at every specified increment, sample colors from anywhere on your screen, and more. Using Bookmarks UltraEdit and UEStudio provide a way for you to mark, access, and preview your favorite lines via bookmarks. We'll look at how to create, edit, and configure bookmarks in the bookmark viewer. Creating Search Favorites UltraEdit includes a Search and Replace Favorites feature that allows you to manage frequently used Find and Replace strings. Create, name, and edit your Search and Replace Favorites... Customizing The HTML Toolbar Commands The purpose of this power tip is to teach you how to customize the existing HTML tags and create your own HTML tags. Combine All Open Files into a Single Destination File Have you ever needed to combine multiple files into a single destination (output) file? You can use a combination of a script and tool to create a single file from multiple files. Sum Column/Selection in Column Mode This power tip demonstrates how to calculate the sum from a column of numeric data. Column mode How to use the features of UltraEdit's powerful column mode Advanced and column-based sort How to sort file data using the advanced sort options and the column sort options Working with CSV files Use UltraEdit's built-in handling for character-separated value files Word wrap and tab settings for different file types UltraEdit and UEStudio allow you to customize the word wrap and tab settings for any type of file. This power tip walks you through the steps to configure these customizations Versioned backup Set UltraEdit/UEStudio to automatically save versioned backups of your files Configure spell checker How to set the highly-configurable options for UltraEdit's integrated spell checker Special functions UltraEdit includes several special functions under the File menu. You can use these functions to insert a file into the current file, delete the active file, send the file through email, or insert a string into the file at every specified increment HTML preview Edit and preview your rendered HTML code in the edit window Custom templates Create templates for frequently used text. You can also assign hotkeys to your templates. Compare files/folders Integrated differences tool - comparing files and folders with UltraCompare Professional File change polling Monitor log files and more using UltraEdit's file change polling feature Vertically split the edit window Splitting the edit window in UltraEdit/UEStudio Large file text editor UltraEdit can be used to edit large text files. Learn how to configure UltraEdit to optimize editing large text files Multiple configuration environments of Ultraedit/UEstudio How to set up your separate environments for UltraEdit/UEStudio Java compiler Create a custom user tool to compile Java code, using the command line, from within UltraEdit Configure UltraEdit with javascript lint How to check your JavaScript source code for common mistakes without actually running the script or opening the web page Character properties at your fingertips Access the properties of a character with the click of a button Ctags Set up and configure Ctags for use in UltraEdit Visual SourceSafe integration Create a customized user tool to check out files from Visual SourceSafe Running WebFOCUS from UltraEdit Configure UltraEdit for use with WebFOCUS CSE HTML Validator CSE HTML Validator for Windows is the most powerful, easy to use, user configurable, and all-in-one HTML, XHTML, CSS, link, spelling, and accessibility checker available. This quick tutorial shows you how to use it and set it up in UltraEdit/UEStudio Working with Unicode in UltraEdit/UEStudio In this tutorial, we'll cover some of the basics of Unicode-encoded text and Unicode files, and how to view and manipulate it in UltraEdit. Search and delete lines found UEStudio and UltraEdit provide a way for you to search and delete found lines from your files. This short tutorial provides the steps for searching for and deleting lines by writing a simple script. Parsing XML files and editing XML files Parsing XML can be a time-consuming task, especially when large amounts of data are involved. As of v15.10, UltraEdit provides you with a the XML Window for the purpose of parsing your XML files. The XML window allows you to navigate through the XML... Using Bookmarks UltraEdit and UEStudio provide a way for you to mark, access, and preview your favorite lines via bookmarks. We'll look at how to create, edit, and configure bookmarks in the bookmark viewer. Using the CSS style builder UltraEdit and UEStudio both include a CSS style builder for you to easily configure and insert CSS styles into the active document. This power tip will show you how to use the style builder. SSH/Telnet Session Logging Log the input and output to/from the server in your SSH/Telnet sessions Edit, develop, debug, and run SAS programs This user-submitted power tip describes how to use UltraEdit as a SAS editor, as well as how to run and debug SAS programs from the editor itself Tabs to Spaces - Ignore tabs and spaces in string and comments Ever had to convert the tab characters to spaces, but wanted to leave the tabs in strings and comments untouched? In previous versions, the convert tabs to spaces feature didn't distinguish between tabs as whitespace/formatting vs. tabs in... Setting File Associations in UltraEdit/UEStudio A file association is used by Windows Explorer to determine which application will open the file when it is double-clicked (or opened) in Explorer. In the interest of speed, many UltraEdit/UEStudio users want to associate specific file types with... Windows Explorer Integration We know that many UltraEdit/UEStudio users don't operate solely from within the editor; rather, they are frequently working in Windows Explorer before going to the editor. As such, they want (and need) a quick and easy way to open files from within... Line Change Indicator Ever wanted to see what changes you've made since your last save, or have you ever wanted to know what lines you've changed during an edit session? As of UltraEdit v16.00, you can do just that with the line change indicator... Comment and Uncomment Selected Text How many times per day do you comment out a block of code? Do you ever get tired of manually typing your open and close comments? As of v16.00, simply highlight your code, click a button, and move on. It's that easy... Hide, Show, and Delete Found Lines in UltraEdit/UEStudio Over time, many of our users have asked for the ability to hide/show lines based on a Find string... you got it! As of v16.00, you can now hide/show and even delete text based on your search criteria. The following power tip will guide you through... Read Only Status Indicator Have you ever opened a file, tried incessantly to modify it, then realized it was read only? As of v16.00, UltraEdit includes an enhanced read only status indicator. For read only files, the file tab will display a lock icon. Additionally, you can... Regular Expression Builder Regular Expressions are essentially patterns, rather than literal strings, that are used to compare/match text in Find/Replace operations. As an example, the * character in a Perl regular expression matches the preceding character or expression zero or.. XML Manager: In-line editing of XML files The XML Manager allows you to navigate through complex XML data. But, what happens when you want to make a quick edit to your XML tags/data.... UltraEdit v16.00 extends the XML Manager with inline editing, giving you a faster and more elegant method... UltraEdit v16.00 Scripting Enhancements One of UltraEdit's trademark features is the ability to automate tasks through scripting. V16.00 extends the power of scripting further with includes, active document index, and more! Parse Source Code with the Function List The function list displays all the functions in the active file/project. Double clicking on a function name in the list repositions the file to the desired function. Also, as you navigate through a file, the function selected in the list changes to indica Brace Matching Brace matching is an often-used feature; it is indispensable for navigating through your code. Brace matching simply allows you to position your cursor next to an open (or close) brace and highlight the corresponding brace. Code Folding Code folding is indispensable for managing complex/nested code structures. Code folding allows you to collapse (hide) a section of code. The collapsible sections are based on the structure of the file/language Shared FTP accounts Do you use multiple IDM products - UltraEdit, UEStudio, or UltraCompare? Ever get sick of managing your FTP account information in each application? Now you can stop worrying about porting your FTP account settings! Simply configure it once and share you Auto-load macro with project Many UltraEdit/UEStudio users rely heavily on projects - and why not, projects are extremely helpful in managing related files and folder. Projects not only allow you to group/manage your files and folders, but projects also contain other items that... UEStudio 使用技巧 Using the classviewer A tour of UEStudio's classviewer which provides a parsed graphical representation of your project CVS/SVN Auto-Detect UEStudio can automatically detect and import your CVS/SVN account settings when you import a folder already under version control. IntelliTips UEStudio offers language intelligence in an exciting feature we call IntelliTips (like Intellisense). Imagine a function parameter list tooltip coupled with an intelligent auto complete tooltip for code elements of the current file Quickstart guide: Using UEStudio to develop Java applications A guide for using UEStudio to edit and develop Java applications Create a local PHP MySQL development environment How to set up a development environment for PHP/MySQL on your local machine. A development environment allows you to test your code as you develop your web application before publishing it to the web. Quickstart Guide: Using UEStudio with Borland C/C++ Compiler C/C++ developers can use UEStudio to set up and configure projects with the Borland C/C++ compiler Creating your first application Create, build, and run an application from within UEStudio Configuring VCS with UEStudio A guide for configuring version control support (VCS) in UEStudio 11 and later Configuring VCS with UEStudio (in v10.30 and earlier) A guide for configuring version control support (VCS) in UEStudio CVS Diff How to use the built-in CVS Diff commands with UEStudio and UltraCompare Add a file to version control system A trademark feature of UEStudio is it's powerful Version Control System. As you continue in your development, it is likely you will need to add files to the version control repository Compare files/folders A guide for comparing files or folders from UEStudio using the integrated diff tool Quickstart guide: Using the integrated debugger A guide for setting up integrated WinDbg debugging in UEStudio Quickstart guide: Using the integrated PHP debugger A guide for setting up the integrated PHP debugger in UEStudio Using the SSH/telnet console A guide for setting up SSH/telnet in UEStudio Keymapping and custom hotkeys A guide for customizing 键映射, menus and menu hotkeys in UEStudio Configuring SVN and CVS Accounts A cornerstone feature of UEStudio is the version control support. UEStudio supports CVS and SVN as well as multiple connection protocols. Before you can use version control, you must create an account. UEStudio has an auto-detect CVS/SVN feature, but... Group Files and Folders with Projects How to group your files and folders using Projects UltraEdit for Linux 使用技巧 FTP through Nautilus Did you know that you can access remote FTP files in UltraEdit for Linux with a variety of server connection protocols? Using Nautilus, the default file manager for the popular GNOME desktop, you can access files via FTP, SFTP, Windows shares, or even... Primary Select Using Linux's primary select feature in UltraEdit for Linux Custom terminal Set up a user tool to interact with the command line and specify a custom terminal for output Custom file browser UltraEdit for Linux allows you to right-click any file or folder in your Project (from the File View) and browse it on the file system. But did you know that you can configure which file browser is launched from UltraEdit? Scripting tutorial An introduction to the integrated scripting feature in UltraEdit for Linux Writing a macro Steps to record and edit powerful macros to quickly and efficiently edit files Vertical and horizontal split window editing This is a convenient feature when you're manually comparing files, when you want to copy/paste between multiple files, or when you simply want to divide up your edit space. Find and Replace A guide to the powerful features and options available under the "Search" menu. Find in Selected Text Find and Replace is a cornerstone feature for UltraEdit, so it is of course integral to UltraEdit for Linux. The Linux version offers the same features as in the Windows version, as well as additional features. One specific feature that was improved... Using bookmarks Provides a way for you to mark and quickly access lines of interest in your files via bookmarks. To add a bookmark, make sure the cursor is positioned on the line you'd like to bookmark. Press CTRL + F2.... Adding a wordfile Add a language definition to your wordfile for use with UltraEdit's powerful syntax highlighting Projects In UltraEdit for Linux, projects are a convenient, time-saving, feature that allow you to group and manage associated files. Additionally, Projects are integrated throughout the framework of UltraEdit making it easier to perform other actions on your... Search Favorites UltraEdit for Linux includes a Search and Replace Favorites feature that allows you to manage frequently used Find and Replace strings. Create, name, and edit your Search and Replace Favorites... Column mode How to use column and block selection mode in UltraEdit for Linux Templates How to create text editing templates in UltraEdit for Linux Keyboard shortcuts A quick reference guide to UltraEdit's (Linux) default keyboard shortcuts How to use the UltraEdit for Linux tar package This guide shows you how to download and use the tar.gz package of UltraEdit UltraEdit for Linux v1.20: Scripting enhancements One of UEx's trademark features is the ability to automate tasks through scripting; v1.2 extends the power of scripting further with includes. UltraEdit for Linux Command Line Support UltraEdit for Linux has many convenient command line options and flags for calling UEx from a console/terminal as part of a script, or simply for convenience. Advanced file sorting Sort files in UEx with a powerful array of options and settings, including optional sort keys UltraCompare 使用技巧 Compare text snippets A tutorial showing you how to compare text snippets without having to save your snippets into a file. Diff your snippets, merge your changes, save the result as a separate file, then clear out the snippets (and their temp files...) Increase your virtual memory Large file comparisons may require your system to use virtual memory. This tutorial shows you how to configure Windows to increase the amount of virtual memory on your system. Compare large files UltraCompare is a very robust file comparison tool which includes support for comparing large files even several GB large. This power tip shows you how to optimize UltraCompare for maximum performance when working with large files. Compare .zip, .rar., and .jar Archives Got Archives? UltraCompare's archive compare feature allows you to compare the contents of .zip files, .rar files, Java .jar files, and even password-protected .zip files. Use the archive compare and examine differences between archives or folders on th Version Control Comparison UltraCompare v6.40 includes major improvements to the command line support that allow greater flexibility when integrating with other applications. If you're using version control in a team development environment, then UltraCompare v6.40 is exactly... Visually inspect HTML code How to use UltraCompare Professional's integrated browser view to visually compare and inspect HTML code Compare directories using FTP/SFTP Configure FTP/SFTP accounts in UltraCompare Professional to backup or sync FTP directories and compare local and remote folders. Block and line mode merge Merge differences and save them between 2 or 3 files at the click of a button Sync files and folders with the Folder Synchronization feature Folder Synchronization is a powerful feature in UltraCompare which allows you to sync files between local, remote, network, and even FTP folders. Recursive compare Use recursive compare to evaluate subdirectories' content for differences Find and eliminate duplicate files Unnecessary and unwanted duplicate files can eat up valuable system disk space. This power tip will show you how to quickly and safely eliminate unwanted duplicate files from your system with the powerful Find Duplicates feature in UltraCompare Compare Word documents Compare multiple Microsoft Word documents - Identify and merge differences between Word documents. Command line tips Tips for running UltraCompare from a DOS command prompt Command line quick difference check Run a quick difference check between two files to quickly see if they're the same or different Ignore options Setting ignore options for file/folder comparisons in UltraCompare Ignore/compare column range Set parameters to ignore or compare up to 4 unique columns of data. Filtering files in folder mode Filtering files in UltraCompare while in folder mode Customizing the time/date format for folder comparison Many UltraCompare users in different regions of the world have different standard formats for dates and timestamps. UltraCompare provides the ability to customize the date and timestamp for your folder comparisons Editing files in UltraCompare How to use the integrated text editing capabilites within UltraCompare UltraCompare shell integration Tips for integrating UltraCompare into the right-click context menu in Windows Explorer Export/save text compare output How to export and save diff output from UltraCompare Web Compare If you work with web files, you are probably accustomed to downloading the file via FTP or viewing the source, saving the text, then doing a compare. We're sure you'll agree, this process is clunky and mechanical.... Manually Sync Your Compare Manually sync your compare lines UltraCompare Sessions If you're anything like us, you always have multiple applications running at once. Spawning multiple instances of any application makes it harder to work. So... UC gives you sessions to manage your compare operations! Customizing colors Tutorial on how to change the colors for folder/file compare in UltraCompare Reload previously active sessions When you're doing complex file and folder compare operations, it doesn't take long to open quite a few tabs. What happens when you close UC to move on to another task or to go home for the day- lose the session? Not with Reload active sessions... Session Manager If you've compared the same set of files/folders more than once... You need sessions. Sessions allow you to save compare options for a common set of files or folders which you can quickly recall anytime you open UltraCompare. Not only can you save... Workspace Manager The Workspace Manager is all about convenience, so the Explorer view allows you to drag/drop files and folders for quick and easy compare operations. Simply select the folder (or file) in the Explorer view and drag it to the compare frame. Bookmark Favorite Files/Folders in UltraCompare How to use Favorite in UltraCompare to bookmark your commonly used files/folders. FTP in Workspace Manager You can access your accounts through the Explorer tab of the Workspace Manager in UltraCompare Share FTP Accounts with UltraEdit/UEStudio Set up UltraEdit/UEStudio to share FTP accounts with UltraCompare FTP Folder Compare with CRC Have you wanted to do a quick folder compare - between a local directory and remote directory - without downloading the files first? No problem... As of v7.20, UltraCompare now supports an FTP CRC compare method. With the CRC compare feature... Mark and hide files and folders in folder compare Have you ever wanted to hide files/folders that aren't relevant for your immediate compare needs? We have... While UltraCompare offers many compare filters and ignore options, sometimes you just need more control... UltraSentry 使用技巧 Web browser cleanup Use UltraSentry to securely clean up history and temporary files associated with web browsers Application Cleaning Support Clean the sensitive data left behind after running your applications Delete browser cookies Protect your privacy and your security by securely deleting malicious or private cookies Download directory cleanup Securely delete your download history with UltraSentry Optimize your browser Using UltraSentry to improve speed, performance, and security of your browser Explorer/Microsoft office Integration Tips for integrating UltraSentry into the right-click context menu in Windows Explorer or MS Office Stealth mode Tutorial for running UltraSentry in the background or system tray Scheduling a task Tutorial for scheduling UltraSentry to automatically execute a specific cleaning task Run UltraSentry as a system service How to Schedule your profiles/cleaning operations and be sure that UltraSentry is running them whether you are logged in or not Using the Wizard UltraSentry's wizard makes secure/privacy cleaning operations quick and easy. This power tip shows you how to use the wizard. Total System Scrub Information on how to use UltraSentry's "Full System Scrub" profile to protect your privacy and secure your sensitive data Custom profiles This power tip describes how to set up your own custom profile so that you can securely clean only areas of the system that you wish to clean Securely delete email How to securely delete email on your system using UltraSentry Advanced features This power tip describes some of the advanced features and functionality of UltraSentry
Computer Networking: A Top-Down Approach, 6th Edition Solutions to Review Questions and Problems Version Date: May 2012 This document contains the solutions to review questions and problems for the 5th edition of Computer Networking: A Top-Down Approach by Jim Kurose and Keith Ross. These solutions are being made available to instructors ONLY. Please do NOT copy or distribute this document to others (even other instructors). Please do not post any solutions on a publicly-available Web site. We’ll be happy to provide a copy (up-to-date) of this solution manual ourselves to anyone who asks. Acknowledgments: Over the years, several students and colleagues have helped us prepare this solutions manual. Special thanks goes to HongGang Zhang, Rakesh Kumar, Prithula Dhungel, and Vijay Annapureddy. Also thanks to all the readers who have made suggestions and corrected errors. All material © copyright 1996-2012 by J.F. Kurose and K.W. Ross. All rights reserved Chapter 1 Review Questions There is no difference. Throughout this text, the words “host” and “end system” are used interchangeably. End systems include PCs, workstations, Web servers, mail servers, PDAs, Internet-connected game consoles, etc. From Wikipedia: Diplomatic protocol is commonly described as a set of international courtesy rules. These well-established and time-honored rules have made it easier for nations and people to live and work together. Part of protocol has always been the acknowledgment of the hierarchical standing of all present. Protocol rules are based on the principles of civility. Standards are important for protocols so that people can create networking systems and products that interoperate. 1. Dial-up modem over telephone line: home; 2. DSL over telephone line: home or small office; 3. Cable to HFC: home; 4. 100 Mbps switched Ethernet: enterprise; 5. Wifi (802.11): home and enterprise: 6. 3G and 4G: wide-area wireless. HFC bandwidth is shared among the users. On the downstream channel, all packets emanate from a single source, namely, the head end. Thus, there are no collisions in the downstream channel. In most American cities, the current possibilities include: dial-up; DSL; cable modem; fiber-to-the-home. 7. Ethernet LANs have transmission rates of 10 Mbps, 100 Mbps, 1 Gbps and 10 Gbps. 8. Today, Ethernet most commonly runs over twisted-pair copper wire. It also can run over fibers optic links. 9. Dial up modems: up to 56 Kbps, bandwidth is dedicated; ADSL: up to 24 Mbps downstream and 2.5 Mbps upstream, bandwidth is dedicated; HFC, rates up to 42.8 Mbps and upstream rates of up to 30.7 Mbps, bandwidth is shared. FTTH: 2-10Mbps upload; 10-20 Mbps download; bandwidth is not shared. 10. There are two popular wireless Internet access technologies today: Wifi (802.11) In a wireless LAN, wireless users transmit/receive packets to/from an base station (i.e., wireless access point) within a radius of few tens of meters. The base station is typically connected to the wired Internet and thus serves to connect wireless users to the wired network. 3G and 4G wide-area wireless access networks. In these systems, packets are transmitted over the same wireless infrastructure used for cellular telephony, with the base station thus being managed by a telecommunications provider. This provides wireless access to users within a radius of tens of kilometers of the base station. 11. At time t0 the sending host begins to transmit. At time t1 = L/R1, the sending host completes transmission and the entire packet is received at the router (no propagation delay). Because the router has the entire packet at time t1, it can begin to transmit the packet to the receiving host at time t1. At time t2 = t1 + L/R2, the router completes transmission and the entire packet is received at the receiving host (again, no propagation delay). Thus, the end-to-end delay is L/R1 + L/R2. 12. A circuit-switched network can guarantee a certain amount of end-to-end bandwidth for the duration of a call. Most packet-switched networks today (including the Internet) cannot make any end-to-end guarantees for bandwidth. FDM requires sophisticated analog hardware to shift signal into appropriate frequency bands. 13. a) 2 users can be supported because each user requires half of the link bandwidth. b) Since each user requires 1Mbps when transmitting, if two or fewer users transmit simultaneously, a maximum of 2Mbps will be required. Since the available bandwidth of the shared link is 2Mbps, there will be no queuing delay before the link. Whereas, if three users transmit simultaneously, the bandwidth required will be 3Mbps which is more than the available bandwidth of the shared link. In this case, there will be queuing delay before the link. c) Probability that a given user is transmitting = 0.2 d) Probability that all three users are transmitting simultaneously = = (0.2)3 = 0.008. Since the queue grows when all the users are transmitting, the fraction of time during which the queue grows (which is equal to the probability that all three users are transmitting simultaneously) is 0.008. 14. If the two ISPs do not peer with each other, then when they send traffic to each other they have to send the traffic through a provider ISP (intermediary), to which they have to pay for carrying the traffic. By peering with each other directly, the two ISPs can reduce their payments to their provider ISPs. An Internet Exchange Points (IXP) (typically in a standalone building with its own switches) is a meeting point where multiple ISPs can connect and/or peer together. An ISP earns its money by charging each of the the ISPs that connect to the IXP a relatively small fee, which may depend on the amount of traffic sent to or received from the IXP. 15. Google's private network connects together all its data centers, big and small. Traffic between the Google data centers passes over its private network rather than over the public Internet. Many of these data centers are located in, or close to, lower tier ISPs. Therefore, when Google delivers content to a user, it often can bypass higher tier ISPs. What motivates content providers to create these networks? First, the content provider has more control over the user experience, since it has to use few intermediary ISPs. Second, it can save money by sending less traffic into provider networks. Third, if ISPs decide to charge more money to highly profitable content providers (in countries where net neutrality doesn't apply), the content providers can avoid these extra payments. 16. The delay components are processing delays, transmission delays, propagation delays, and queuing delays. All of these delays are fixed, except for the queuing delays, which are variable. 17. a) 1000 km, 1 Mbps, 100 bytes b) 100 km, 1 Mbps, 100 bytes 18. 10msec; d/s; no; no 19. a) 500 kbps b) 64 seconds c) 100kbps; 320 seconds 20. End system A breaks the large file into chunks. It adds header to each chunk, thereby generating multiple packets from the file. The header in each packet includes the IP address of the destination (end system B). The packet switch uses the destination IP address in the packet to determine the outgoing link. Asking which road to take is analogous to a packet asking which outgoing link it should be forwarded on, given the packet’s destination address. 21. The maximum emission rate is 500 packets/sec and the maximum transmission rate is 350 packets/sec. The corresponding traffic intensity is 500/350 =1.43 > 1. Loss will eventually occur for each experiment; but the time when loss first occurs will be different from one experiment to the next due to the randomness in the emission process. 22. Five generic tasks are error control, flow control, segmentation and reassembly, multiplexing, and connection setup. Yes, these tasks can be duplicated at different layers. For example, error control is often provided at more than one layer. 23. The five layers in the Internet protocol stack are – from top to bottom – the application layer, the transport layer, the network layer, the link layer, and the physical layer. The principal responsibilities are outlined in Section 1.5.1. 24. Application-layer message: data which an application wants to send and passed onto the transport layer; transport-layer segment: generated by the transport layer and encapsulates application-layer message with transport layer header; network-layer datagram: encapsulates transport-layer segment with a network-layer header; link-layer frame: encapsulates network-layer datagram with a link-layer header. 25. Routers process network, link and physical layers (layers 1 through 3). (This is a little bit of a white lie, as modern routers sometimes act as firewalls or caching components, and process Transport layer as well.) Link layer switches process link and physical layers (layers 1 through2). Hosts process all five layers. 26. a) Virus Requires some form of human interaction to spread. Classic example: E-mail viruses. b) Worms No user replication needed. Worm in infected host scans IP addresses and port numbers, looking for vulnerable processes to infect. 27. Creation of a botnet requires an attacker to find vulnerability in some application or system (e.g. exploiting the buffer overflow vulnerability that might exist in an application). After finding the vulnerability, the attacker needs to scan for hosts that are vulnerable. The target is basically to compromise a series of systems by exploiting that particular vulnerability. Any system that is part of the botnet can automatically scan its environment and propagate by exploiting the vulnerability. An important property of such botnets is that the originator of the botnet can remotely control and issue commands to all the nodes in the botnet. Hence, it becomes possible for the attacker to issue a command to all the nodes, that target a single node (for example, all nodes in the botnet might be commanded by the attacker to send a TCP SYN message to the target, which might result in a TCP SYN flood attack at the target). 28. Trudy can pretend to be Bob to Alice (and vice-versa) and partially or completely modify the message(s) being sent from Bob to Alice. For example, she can easily change the phrase “Alice, I owe you $1000” to “Alice, I owe you $10,000”. Furthermore, Trudy can even drop the packets that are being sent by Bob to Alice (and vise-versa), even if the packets from Bob to Alice are encrypted. Chapter 1 Problems Problem 1 There is no single right answer to this question. Many protocols would do the trick. Here's a simple answer below: Messages from ATM machine to Server Msg name purpose -------- ------- HELO Let server know that there is a card in the ATM machine ATM card transmits user ID to Server PASSWD User enters PIN, which is sent to server BALANCE User requests balance WITHDRAWL User asks to withdraw money BYE user all done Messages from Server to ATM machine (display) Msg name purpose -------- ------- PASSWD Ask user for PIN (password) OK last requested operation (PASSWD, WITHDRAWL) OK ERR last requested operation (PASSWD, WITHDRAWL) in ERROR AMOUNT sent in response to BALANCE request BYE user done, display welcome screen at ATM Correct operation: client server HELO (userid) --------------> (check if valid userid) <------------- PASSWD PASSWD --------------> (check password) <------------- AMOUNT WITHDRAWL --------------> check if enough $ to cover withdrawl (check if valid userid) <------------- PASSWD PASSWD --------------> (check password) <------------- AMOUNT WITHDRAWL --------------> check if enough $ to cover withdrawl <------------- BYE Problem 2 At time N*(L/R) the first packet has reached the destination, the second packet is stored in the last router, the third packet is stored in the next-to-last router, etc. At time N*(L/R) + L/R, the second packet has reached the destination, the third packet is stored in the last router, etc. Continuing with this logic, we see that at time N*(L/R) + (P-1)*(L/R) = (N+P-1)*(L/R) all packets have reached the destination. Problem 3 a) A circuit-switched network would be well suited to the application, because the application involves long sessions with predictable smooth bandwidth requirements. Since the transmission rate is known and not bursty, bandwidth can be reserved for each application session without significant waste. In addition, the overhead costs of setting up and tearing down connections are amortized over the lengthy duration of a typical application session. b) In the worst case, all the applications simultaneously transmit over one or more network links. However, since each link has sufficient bandwidth to handle the sum of all of the applications' data rates, no congestion (very little queuing) will occur. Given such generous link capacities, the network does not need congestion control mechanisms. Problem 4 Between the switch in the upper left and the switch in the upper right we can have 4 connections. Similarly we can have four connections between each of the 3 other pairs of adjacent switches. Thus, this network can support up to 16 connections. We can 4 connections passing through the switch in the upper-right-hand corner and another 4 connections passing through the switch in the lower-left-hand corner, giving a total of 8 connections. Yes. For the connections between A and C, we route two connections through B and two connections through D. For the connections between B and D, we route two connections through A and two connections through C. In this manner, there are at most 4 connections passing through any link. Problem 5 Tollbooths are 75 km apart, and the cars propagate at 100km/hr. A tollbooth services a car at a rate of one car every 12 seconds. a) There are ten cars. It takes 120 seconds, or 2 minutes, for the first tollbooth to service the 10 cars. Each of these cars has a propagation delay of 45 minutes (travel 75 km) before arriving at the second tollbooth. Thus, all the cars are lined up before the second tollbooth after 47 minutes. The whole process repeats itself for traveling between the second and third tollbooths. It also takes 2 minutes for the third tollbooth to service the 10 cars. Thus the total delay is 96 minutes. b) Delay between tollbooths is 8*12 seconds plus 45 minutes, i.e., 46 minutes and 36 seconds. The total delay is twice this amount plus 8*12 seconds, i.e., 94 minutes and 48 seconds. Problem 6 a) seconds. b) seconds. c) seconds. d) The bit is just leaving Host A. e) The first bit is in the link and has not reached Host B. f) The first bit has reached Host B. g) Want km. Problem 7 Consider the first bit in a packet. Before this bit can be transmitted, all of the bits in the packet must be generated. This requires sec=7msec. The time required to transmit the packet is sec= sec. Propagation delay = 10 msec. The delay until decoding is 7msec + sec + 10msec = 17.224msec A similar analysis shows that all bits experience a delay of 17.224 msec. Problem 8 a) 20 users can be supported. b) . c) . d) . We use the central limit theorem to approximate this probability. Let be independent random variables such that . “21 or more users” when is a standard normal r.v. Thus “21 or more users” . Problem 9 10,000 Problem 10 The first end system requires L/R1 to transmit the packet onto the first link; the packet propagates over the first link in d1/s1; the packet switch adds a processing delay of dproc; after receiving the entire packet, the packet switch connecting the first and the second link requires L/R2 to transmit the packet onto the second link; the packet propagates over the second link in d2/s2. Similarly, we can find the delay caused by the second switch and the third link: L/R3, dproc, and d3/s3. Adding these five delays gives dend-end = L/R1 + L/R2 + L/R3 + d1/s1 + d2/s2 + d3/s3+ dproc+ dproc To answer the second question, we simply plug the values into the equation to get 6 + 6 + 6 + 20+16 + 4 + 3 + 3 = 64 msec. Problem 11 Because bits are immediately transmitted, the packet switch does not introduce any delay; in particular, it does not introduce a transmission delay. Thus, dend-end = L/R + d1/s1 + d2/s2+ d3/s3 For the values in Problem 10, we get 6 + 20 + 16 + 4 = 46 msec. Problem 12 The arriving packet must first wait for the link to transmit 4.5 *1,500 bytes = 6,750 bytes or 54,000 bits. Since these bits are transmitted at 2 Mbps, the queuing delay is 27 msec. Generally, the queuing delay is (nL + (L - x))/R. Problem 13 The queuing delay is 0 for the first transmitted packet, L/R for the second transmitted packet, and generally, (n-1)L/R for the nth transmitted packet. Thus, the average delay for the N packets is: (L/R + 2L/R + ....... + (N-1)L/R)/N = L/(RN) * (1 + 2 + ..... + (N-1)) = L/(RN) * N(N-1)/2 = LN(N-1)/(2RN) = (N-1)L/(2R) Note that here we used the well-known fact: 1 + 2 + ....... + N = N(N+1)/2 It takes seconds to transmit the packets. Thus, the buffer is empty when a each batch of packets arrive. Thus, the average delay of a packet across all batches is the average delay within one batch, i.e., (N-1)L/2R. Problem 14 The transmission delay is . The total delay is Let . Total delay = For x=0, the total delay =0; as we increase x, total delay increases, approaching infinity as x approaches 1/a. Problem 15 Total delay . Problem 16 The total number of packets in the system includes those in the buffer and the packet that is being transmitted. So, N=10+1. Because , so (10+1)=a*(queuing delay + transmission delay). That is, 11=a*(0.01+1/100)=a*(0.01+0.01). Thus, a=550 packets/sec. Problem 17 There are nodes (the source host and the routers). Let denote the processing delay at the th node. Let be the transmission rate of the th link and let . Let be the propagation delay across the th link. Then . Let denote the average queuing delay at node . Then . Problem 18 On linux you can use the command traceroute www.targethost.com and in the Windows command prompt you can use tracert www.targethost.com In either case, you will get three delay measurements. For those three measurements you can calculate the mean and standard deviation. Repeat the experiment at different times of the day and comment on any changes. Here is an example solution: Traceroutes between San Diego Super Computer Center and www.poly.edu The average (mean) of the round-trip delays at each of the three hours is 71.18 ms, 71.38 ms and 71.55 ms, respectively. The standard deviations are 0.075 ms, 0.21 ms, 0.05 ms, respectively. In this example, the traceroutes have 12 routers in the path at each of the three hours. No, the paths didn’t change during any of the hours. Traceroute packets passed through four ISP networks from source to destination. Yes, in this experiment the largest delays occurred at peering interfaces between adjacent ISPs. Traceroutes from www.stella-net.net (France) to www.poly.edu (USA). The average round-trip delays at each of the three hours are 87.09 ms, 86.35 ms and 86.48 ms, respectively. The standard deviations are 0.53 ms, 0.18 ms, 0.23 ms, respectively. In this example, there are 11 routers in the path at each of the three hours. No, the paths didn’t change during any of the hours. Traceroute packets passed three ISP networks from source to destination. Yes, in this experiment the largest delays occurred at peering interfaces between adjacent ISPs. Problem 19 An example solution: Traceroutes from two different cities in France to New York City in United States In these traceroutes from two different cities in France to the same destination host in United States, seven links are in common including the transatlantic link. In this example of traceroutes from one city in France and from another city in Germany to the same host in United States, three links are in common including the transatlantic link. Traceroutes to two different cities in China from same host in United States Five links are common in the two traceroutes. The two traceroutes diverge before reaching China Problem 20 Throughput = min{Rs, Rc, R/M} Problem 21 If only use one path, the max throughput is given by: . If use all paths, the max throughput is given by . Problem 22 Probability of successfully receiving a packet is: ps= (1-p)N. The number of transmissions needed to be performed until the packet is successfully received by the client is a geometric random variable with success probability ps. Thus, the average number of transmissions needed is given by: 1/ps . Then, the average number of re-transmissions needed is given by: 1/ps -1. Problem 23 Let’s call the first packet A and call the second packet B. If the bottleneck link is the first link, then packet B is queued at the first link waiting for the transmission of packet A. So the packet inter-arrival time at the destination is simply L/Rs. If the second link is the bottleneck link and both packets are sent back to back, it must be true that the second packet arrives at the input queue of the second link before the second link finishes the transmission of the first packet. That is, L/Rs + L/Rs + dprop = L/Rs + dprop + L/Rc Thus, the minimum value of T is L/Rc  L/Rs . Problem 24 40 terabytes = 40 * 1012 * 8 bits. So, if using the dedicated link, it will take 40 * 1012 * 8 / (100 *106 ) =3200000 seconds = 37 days. But with FedEx overnight delivery, you can guarantee the data arrives in one day, and it should cost less than $100. Problem 25 160,000 bits 160,000 bits The bandwidth-delay product of a link is the maximum number of bits that can be in the link. the width of a bit = length of link / bandwidth-delay product, so 1 bit is 125 meters long, which is longer than a football field s/R Problem 26 s/R=20000km, then R=s/20000km= 2.5*108/(2*107)= 12.5 bps Problem 27 80,000,000 bits 800,000 bits, this is because that the maximum number of bits that will be in the link at any given time = min(bandwidth delay product, packet size) = 800,000 bits. .25 meters Problem 28 ttrans + tprop = 400 msec + 80 msec = 480 msec. 20 * (ttrans + 2 tprop) = 20*(20 msec + 80 msec) = 2 sec. Breaking up a file takes longer to transmit because each data packet and its corresponding acknowledgement packet add their own propagation delays. Problem 29 Recall geostationary satellite is 36,000 kilometers away from earth surface. 150 msec 1,500,000 bits 600,000,000 bits Problem 30 Let’s suppose the passenger and his/her bags correspond to the data unit arriving to the top of the protocol stack. When the passenger checks in, his/her bags are checked, and a tag is attached to the bags and ticket. This is additional information added in the Baggage layer if Figure 1.20 that allows the Baggage layer to implement the service or separating the passengers and baggage on the sending side, and then reuniting them (hopefully!) on the destination side. When a passenger then passes through security and additional stamp is often added to his/her ticket, indicating that the passenger has passed through a security check. This information is used to ensure (e.g., by later checks for the security information) secure transfer of people. Problem 31 Time to send message from source host to first packet switch = With store-and-forward switching, the total time to move message from source host to destination host = Time to send 1st packet from source host to first packet switch = . . Time at which 2nd packet is received at the first switch = time at which 1st packet is received at the second switch = Time at which 1st packet is received at the destination host = . After this, every 5msec one packet will be received; thus time at which last (800th) packet is received = . It can be seen that delay in using message segmentation is significantly less (almost 1/3rd). Without message segmentation, if bit errors are not tolerated, if there is a single bit error, the whole message has to be retransmitted (rather than a single packet). Without message segmentation, huge packets (containing HD videos, for example) are sent into the network. Routers have to accommodate these huge packets. Smaller packets have to queue behind enormous packets and suffer unfair delays. Packets have to be put in sequence at the destination. Message segmentation results in many smaller packets. Since header size is usually the same for all packets regardless of their size, with message segmentation the total amount of header bytes is more. Problem 32 Yes, the delays in the applet correspond to the delays in the Problem 31.The propagation delays affect the overall end-to-end delays both for packet switching and message switching equally. Problem 33 There are F/S packets. Each packet is S=80 bits. Time at which the last packet is received at the first router is sec. At this time, the first F/S-2 packets are at the destination, and the F/S-1 packet is at the second router. The last packet must then be transmitted by the first router and the second router, with each transmission taking sec. Thus delay in sending the whole file is To calculate the value of S which leads to the minimum delay, Problem 34 The circuit-switched telephone networks and the Internet are connected together at "gateways". When a Skype user (connected to the Internet) calls an ordinary telephone, a circuit is established between a gateway and the telephone user over the circuit switched network. The skype user's voice is sent in packets over the Internet to the gateway. At the gateway, the voice signal is reconstructed and then sent over the circuit. In the other direction, the voice signal is sent over the circuit switched network to the gateway. The gateway packetizes the voice signal and sends the voice packets to the Skype user.   Chapter 2 Review Questions The Web: HTTP; file transfer: FTP; remote login: Telnet; e-mail: SMTP; BitTorrent file sharing: BitTorrent protocol Network architecture refers to the organization of the communication process into layers (e.g., the five-layer Internet architecture). Application architecture, on the other hand, is designed by an application developer and dictates the broad structure of the application (e.g., client-server or P2P). The process which initiates the communication is the client; the process that waits to be contacted is the server. No. In a P2P file-sharing application, the peer that is receiving a file is typically the client and the peer that is sending the file is typically the server. The IP address of the destination host and the port number of the socket in the destination process. You would use UDP. With UDP, the transaction can be completed in one roundtrip time (RTT) - the client sends the transaction request into a UDP socket, and the server sends the reply back to the client's UDP socket. With TCP, a minimum of two RTTs are needed - one to set-up the TCP connection, and another for the client to send the request, and for the server to send back the reply. One such example is remote word processing, for example, with Google docs. However, because Google docs runs over the Internet (using TCP), timing guarantees are not provided. a) Reliable data transfer TCP provides a reliable byte-stream between client and server but UDP does not. b) A guarantee that a certain value for throughput will be maintained Neither c) A guarantee that data will be delivered within a specified amount of time Neither d) Confidentiality (via encryption) Neither SSL operates at the application layer. The SSL socket takes unencrypted data from the application layer, encrypts it and then passes it to the TCP socket. If the application developer wants TCP to be enhanced with SSL, she has to include the SSL code in the application. A protocol uses handshaking if the two communicating entities first exchange control packets before sending data to each other. SMTP uses handshaking at the application layer whereas HTTP does not. The applications associated with those protocols require that all application data be received in the correct order and without gaps. TCP provides this service whereas UDP does not. When the user first visits the site, the server creates a unique identification number, creates an entry in its back-end database, and returns this identification number as a cookie number. This cookie number is stored on the user’s host and is managed by the browser. During each subsequent visit (and purchase), the browser sends the cookie number back to the site. Thus the site knows when this user (more precisely, this browser) is visiting the site. Web caching can bring the desired content “closer” to the user, possibly to the same LAN to which the user’s host is connected. Web caching can reduce the delay for all objects, even objects that are not cached, since caching reduces the traffic on links. Telnet is not available in Windows 7 by default. to make it available, go to Control Panel, Programs and Features, Turn Windows Features On or Off, Check Telnet client. To start Telnet, in Windows command prompt, issue the following command > telnet webserverver 80 where "webserver" is some webserver. After issuing the command, you have established a TCP connection between your client telnet program and the web server. Then type in an HTTP GET message. An example is given below: Since the index.html page in this web server was not modified since Fri, 18 May 2007 09:23:34 GMT, and the above commands were issued on Sat, 19 May 2007, the server returned "304 Not Modified". Note that the first 4 lines are the GET message and header lines inputed by the user, and the next 4 lines (starting from HTTP/1.1 304 Not Modified) is the response from the web server. FTP uses two parallel TCP connections, one connection for sending control information (such as a request to transfer a file) and another connection for actually transferring the file. Because the control information is not sent over the same connection that the file is sent over, FTP sends control information out of band. The message is first sent from Alice’s host to her mail server over HTTP. Alice’s mail server then sends the message to Bob’s mail server over SMTP. Bob then transfers the message from his mail server to his host over POP3. 17. Received: from 65.54.246.203 (EHLO bay0-omc3-s3.bay0.hotmail.com) (65.54.246.203) by mta419.mail.mud.yahoo.com with SMTP; Sat, 19 May 2007 16:53:51 -0700 Received: from hotmail.com ([65.55.135.106]) by bay0-omc3-s3.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Sat, 19 May 2007 16:52:42 -0700 Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Sat, 19 May 2007 16:52:41 -0700 Message-ID: Received: from 65.55.135.123 by by130fd.bay130.hotmail.msn.com with HTTP; Sat, 19 May 2007 23:52:36 GMT From: "prithula dhungel" To: prithula@yahoo.com Bcc: Subject: Test mail Date: Sat, 19 May 2007 23:52:36 +0000 Mime-Version: 1.0 Content-Type: Text/html; format=flowed Return-Path: prithuladhungel@hotmail.com Figure: A sample mail message header Received: This header field indicates the sequence in which the SMTP servers send and receive the mail message including the respective timestamps. In this example there are 4 “Received:” header lines. This means the mail message passed through 5 different SMTP servers before being delivered to the receiver’s mail box. The last (forth) “Received:” header indicates the mail message flow from the SMTP server of the sender to the second SMTP server in the chain of servers. The sender’s SMTP server is at address 65.55.135.123 and the second SMTP server in the chain is by130fd.bay130.hotmail.msn.com. The third “Received:” header indicates the mail message flow from the second SMTP server in the chain to the third server, and so on. Finally, the first “Received:” header indicates the flow of the mail messages from the forth SMTP server to the last SMTP server (i.e. the receiver’s mail server) in the chain. Message-id: The message has been given this number BAY130-F26D9E35BF59E0D18A819AFB9310@phx.gbl (by bay0-omc3-s3.bay0.hotmail.com. Message-id is a unique string assigned by the mail system when the message is first created. From: This indicates the email address of the sender of the mail. In the given example, the sender is “prithuladhungel@hotmail.com” To: This field indicates the email address of the receiver of the mail. In the example, the receiver is “prithula@yahoo.com” Subject: This gives the subject of the mail (if any specified by the sender). In the example, the subject specified by the sender is “Test mail” Date: The date and time when the mail was sent by the sender. In the example, the sender sent the mail on 19th May 2007, at time 23:52:36 GMT. Mime-version: MIME version used for the mail. In the example, it is 1.0. Content-type: The type of content in the body of the mail message. In the example, it is “text/html”. Return-Path: This specifies the email address to which the mail will be sent if the receiver of this mail wants to reply to the sender. This is also used by the sender’s mail server for bouncing back undeliverable mail messages of mailer-daemon error messages. In the example, the return path is “prithuladhungel@hotmail.com”. With download and delete, after a user retrieves its messages from a POP server, the messages are deleted. This poses a problem for the nomadic user, who may want to access the messages from many different machines (office PC, home PC, etc.). In the download and keep configuration, messages are not deleted after the user retrieves the messages. This can also be inconvenient, as each time the user retrieves the stored messages from a new machine, all of non-deleted messages will be transferred to the new machine (including very old messages). Yes an organization’s mail server and Web server can have the same alias for a host name. The MX record is used to map the mail server’s host name to its IP address. You should be able to see the sender's IP address for a user with an .edu email address. But you will not be able to see the sender's IP address if the user uses a gmail account. It is not necessary that Bob will also provide chunks to Alice. Alice has to be in the top 4 neighbors of Bob for Bob to send out chunks to her; this might not occur even if Alice provides chunks to Bob throughout a 30-second interval. Recall that in BitTorrent, a peer picks a random peer and optimistically unchokes the peer for a short period of time. Therefore, Alice will eventually be optimistically unchoked by one of her neighbors, during which time she will receive chunks from that neighbor. The overlay network in a P2P file sharing system consists of the nodes participating in the file sharing system and the logical links between the nodes. There is a logical link (an “edge” in graph theory terms) from node A to node B if there is a semi-permanent TCP connection between A and B. An overlay network does not include routers. Mesh DHT: The advantage is in order to a route a message to the peer (with ID) that is closest to the key, only one hop is required; the disadvantage is that each peer must track all other peers in the DHT. Circular DHT: the advantage is that each peer needs to track only a few other peers; the disadvantage is that O(N) hops are needed to route a message to the peer that is closest to the key. 25. File Distribution Instant Messaging Video Streaming Distributed Computing With the UDP server, there is no welcoming socket, and all data from different clients enters the server through this one socket. With the TCP server, there is a welcoming socket, and each time a client initiates a connection to the server, a new socket is created. Thus, to support n simultaneous connections, the server would need n+1 sockets. For the TCP application, as soon as the client is executed, it attempts to initiate a TCP connection with the server. If the TCP server is not running, then the client will fail to make a connection. For the UDP application, the client does not initiate connections (or attempt to communicate with the UDP server) immediately upon execution Chapter 2 Problems Problem 1 a) F b) T c) F d) F e) F Problem 2 Access control commands: USER, PASS, ACT, CWD, CDUP, SMNT, REIN, QUIT. Transfer parameter commands: PORT, PASV, TYPE STRU, MODE. Service commands: RETR, STOR, STOU, APPE, ALLO, REST, RNFR, RNTO, ABOR, DELE, RMD, MRD, PWD, LIST, NLST, SITE, SYST, STAT, HELP, NOOP. Problem 3 Application layer protocols: DNS and HTTP Transport layer protocols: UDP for DNS; TCP for HTTP Problem 4 The document request was http://gaia.cs.umass.edu/cs453/index.html. The Host : field indicates the server's name and /cs453/index.html indicates the file name. The browser is running HTTP version 1.1, as indicated just before the first pair. The browser is requesting a persistent connection, as indicated by the Connection: keep-alive. This is a trick question. This information is not contained in an HTTP message anywhere. So there is no way to tell this from looking at the exchange of HTTP messages alone. One would need information from the IP datagrams (that carried the TCP segment that carried the HTTP GET request) to answer this question. Mozilla/5.0. The browser type information is needed by the server to send different versions of the same object to different types of browsers. Problem 5 The status code of 200 and the phrase OK indicate that the server was able to locate the document successfully. The reply was provided on Tuesday, 07 Mar 2008 12:39:45 Greenwich Mean Time. The document index.html was last modified on Saturday 10 Dec 2005 18:27:46 GMT. There are 3874 bytes in the document being returned. The first five bytes of the returned document are : question was to get you to retrieve and read an RFC). Sections 8.1.2 and 8.1.2.1 of the RFC indicate that either the client or the server can indicate to the other that it is going to close the persistent connection. It does so by including the connection-token "close" in the Connection-header field of the http request/reply. HTTP does not provide any encryption services. (From RFC 2616) “Clients that use persistent connections should limit the number of simultaneous connections that they maintain to a given server. A single-user client SHOULD NOT maintain more than 2 connections with any server or proxy.” Yes. (From RFC 2616) “A client might have started to send a new request at the same time that the server has decided to close the "idle" connection. From the server's point of view, the connection is being closed while it was idle, but from the client's point of view, a request is in progress.” Problem 7 The total amount of time to get the IP address is . Once the IP address is known, elapses to set up the TCP connection and another elapses to request and receive the small object. The total response time is Problem 8 . . Problem 9 The time to transmit an object of size L over a link or rate R is L/R. The average time is the average size of the object divided by R:  = (850,000 bits)/(15,000,000 bits/sec) = .0567 sec The traffic intensity on the link is given by =(16 requests/sec)(.0567 sec/request) = 0.907. Thus, the average access delay is (.0567 sec)/(1 - .907)  .6 seconds. The total average response time is therefore .6 sec + 3 sec = 3.6 sec. The traffic intensity on the access link is reduced by 60% since the 60% of the requests are satisfied within the institutional network. Thus the average access delay is (.0567 sec)/[1 – (.4)(.907)] = .089 seconds. The response time is approximately zero if the request is satisfied by the cache (which happens with probability .6); the average response time is .089 sec + 3 sec = 3.089 sec for cache misses (which happens 40% of the time). So the average response time is (.6)(0 sec) + (.4)(3.089 sec) = 1.24 seconds. Thus the average response time is reduced from 3.6 sec to 1.24 sec. Problem 10 Note that each downloaded object can be completely put into one data packet. Let Tp denote the one-way propagation delay between the client and the server. First consider parallel downloads using non-persistent connections. Parallel downloads would allow 10 connections to share the 150 bits/sec bandwidth, giving each just 15 bits/sec. Thus, the total time needed to receive all objects is given by: (200/150+Tp + 200/150 +Tp + 200/150+Tp + 100,000/150+ Tp ) + (200/(150/10)+Tp + 200/(150/10) +Tp + 200/(150/10)+Tp + 100,000/(150/10)+ Tp ) = 7377 + 8*Tp (seconds) Now consider a persistent HTTP connection. The total time needed is given by: (200/150+Tp + 200/150 +Tp + 200/150+Tp + 100,000/150+ Tp ) + 10*(200/150+Tp + 100,000/150+ Tp ) =7351 + 24*Tp (seconds) Assuming the speed of light is 300*106 m/sec, then Tp=10/(300*106)=0.03 microsec. Tp is therefore negligible compared with transmission delay. Thus, we see that persistent HTTP is not significantly faster (less than 1 percent) than the non-persistent case with parallel download. Problem 11 Yes, because Bob has more connections, he can get a larger share of the link bandwidth. Yes, Bob still needs to perform parallel downloads; otherwise he will get less bandwidth than the other four users. Problem 12 Server.py from socket import * serverPort=12000 serverSocket=socket(AF_INET,SOCK_STREAM) serverSocket.bind(('',serverPort)) serverSocket.listen(1) connectionSocket, addr = serverSocket.accept() while 1: sentence = connectionSocket.recv(1024) print 'From Server:', sentence, '\n' serverSocket.close() Problem 13 The MAIL FROM: in SMTP is a message from the SMTP client that identifies the sender of the mail message to the SMTP server. The From: on the mail message itself is NOT an SMTP message, but rather is just a line in the body of the mail message. Problem 14 SMTP uses a line containing only a period to mark the end of a message body. HTTP uses “Content-Length header field” to indicate the length of a message body. No, HTTP cannot use the method used by SMTP, because HTTP message could be binary data, whereas in SMTP, the message body must be in 7-bit ASCII format. Problem 15 MTA stands for Mail Transfer Agent. A host sends the message to an MTA. The message then follows a sequence of MTAs to reach the receiver’s mail reader. We see that this spam message follows a chain of MTAs. An honest MTA should report where it receives the message. Notice that in this message, “asusus-4b96 ([58.88.21.177])” does not report from where it received the email. Since we assume only the originator is dishonest, so “asusus-4b96 ([58.88.21.177])” must be the originator. Problem 16 UIDL abbreviates “unique-ID listing”. When a POP3 client issues the UIDL command, the server responds with the unique message ID for all of the messages present in the user's mailbox. This command is useful for “download and keep”. By maintaining a file that lists the messages retrieved during earlier sessions, the client can use the UIDL command to determine which messages on the server have already been seen. Problem 17 a) C: dele 1 C: retr 2 S: (blah blah … S: ………..blah) S: . C: dele 2 C: quit S: +OK POP3 server signing off b) C: retr 2 S: blah blah … S: ………..blah S: . C: quit S: +OK POP3 server signing off C: list S: 1 498 S: 2 912 S: . C: retr 1 S: blah ….. S: ….blah S: . C: retr 2 S: blah blah … S: ………..blah S: . C: quit S: +OK POP3 server signing off Problem 18 For a given input of domain name (such as ccn.com), IP address or network administrator name, the whois database can be used to locate the corresponding registrar, whois server, DNS server, and so on. NS4.YAHOO.COM from www.register.com; NS1.MSFT.NET from ww.register.com Local Domain: www.mindspring.com Web servers : www.mindspring.com 207.69.189.21, 207.69.189.22, 207.69.189.23, 207.69.189.24, 207.69.189.25, 207.69.189.26, 207.69.189.27, 207.69.189.28 Mail Servers : mx1.mindspring.com (207.69.189.217) mx2.mindspring.com (207.69.189.218) mx3.mindspring.com (207.69.189.219) mx4.mindspring.com (207.69.189.220) Name Servers: itchy.earthlink.net (207.69.188.196) scratchy.earthlink.net (207.69.188.197) www.yahoo.com Web Servers: www.yahoo.com (216.109.112.135, 66.94.234.13) Mail Servers: a.mx.mail.yahoo.com (209.191.118.103) b.mx.mail.yahoo.com (66.196.97.250) c.mx.mail.yahoo.com (68.142.237.182, 216.39.53.3) d.mx.mail.yahoo.com (216.39.53.2) e.mx.mail.yahoo.com (216.39.53.1) f.mx.mail.yahoo.com (209.191.88.247, 68.142.202.247) g.mx.mail.yahoo.com (209.191.88.239, 206.190.53.191) Name Servers: ns1.yahoo.com (66.218.71.63) ns2.yahoo.com (68.142.255.16) ns3.yahoo.com (217.12.4.104) ns4.yahoo.com (68.142.196.63) ns5.yahoo.com (216.109.116.17) ns8.yahoo.com (202.165.104.22) ns9.yahoo.com (202.160.176.146) www.hotmail.com Web Servers: www.hotmail.com (64.4.33.7, 64.4.32.7) Mail Servers: mx1.hotmail.com (65.54.245.8, 65.54.244.8, 65.54.244.136) mx2.hotmail.com (65.54.244.40, 65.54.244.168, 65.54.245.40) mx3.hotmail.com (65.54.244.72, 65.54.244.200, 65.54.245.72) mx4.hotmail.com (65.54.244.232, 65.54.245.104, 65.54.244.104) Name Servers: ns1.msft.net (207.68.160.190) ns2.msft.net (65.54.240.126) ns3.msft.net (213.199.161.77) ns4.msft.net (207.46.66.126) ns5.msft.net (65.55.238.126) d) The yahoo web server has multiple IP addresses www.yahoo.com (216.109.112.135, 66.94.234.13) e) The address range for Polytechnic University: 128.238.0.0 – 128.238.255.255 f) An attacker can use the whois database and nslookup tool to determine the IP address ranges, DNS server addresses, etc., for the target institution. By analyzing the source address of attack packets, the victim can use whois to obtain information about domain from which the attack is coming and possibly inform the administrators of the origin domain. Problem 19 The following delegation chain is used for gaia.cs.umass.edu a.root-servers.net E.GTLD-SERVERS.NET ns1.umass.edu(authoritative) First command: dig +norecurse @a.root-servers.net any gaia.cs.umass.edu ;; AUTHORITY SECTION: edu. 172800 IN NS E.GTLD-SERVERS.NET. edu. 172800 IN NS A.GTLD-SERVERS.NET. edu. 172800 IN NS G3.NSTLD.COM. edu. 172800 IN NS D.GTLD-SERVERS.NET. edu. 172800 IN NS H3.NSTLD.COM. edu. 172800 IN NS L3.NSTLD.COM. edu. 172800 IN NS M3.NSTLD.COM. edu. 172800 IN NS C.GTLD-SERVERS.NET. Among all returned edu DNS servers, we send a query to the first one. dig +norecurse @E.GTLD-SERVERS.NET any gaia.cs.umass.edu umass.edu. 172800 IN NS ns1.umass.edu. umass.edu. 172800 IN NS ns2.umass.edu. umass.edu. 172800 IN NS ns3.umass.edu. Among all three returned authoritative DNS servers, we send a query to the first one. dig +norecurse @ns1.umass.edu any gaia.cs.umass.edu gaia.cs.umass.edu. 21600 IN A 128.119.245.12 The answer for google.com could be: a.root-servers.net E.GTLD-SERVERS.NET ns1.google.com(authoritative) Problem 20 We can periodically take a snapshot of the DNS caches in the local DNS servers. The Web server that appears most frequently in the DNS caches is the most popular server. This is because if more users are interested in a Web server, then DNS requests for that server are more frequently sent by users. Thus, that Web server will appear in the DNS caches more frequently. For a complete measurement study, see: Craig E. Wills, Mikhail Mikhailov, Hao Shang “Inferring Relative Popularity of Internet Applications by Actively Querying DNS Caches”, in IMC'03, October 27­29, 2003, Miami Beach, Florida, USA Problem 21 Yes, we can use dig to query that Web site in the local DNS server. For example, “dig cnn.com” will return the query time for finding cnn.com. If cnn.com was just accessed a couple of seconds ago, an entry for cnn.com is cached in the local DNS cache, so the query time is 0 msec. Otherwise, the query time is large. Problem 22 For calculating the minimum distribution time for client-server distribution, we use the following formula: Dcs = max {NF/us, F/dmin} Similarly, for calculating the minimum distribution time for P2P distribution, we use the following formula: Where, F = 15 Gbits = 15 * 1024 Mbits us = 30 Mbps dmin = di = 2 Mbps Note, 300Kbps = 300/1024 Mbps. Client Server N 10 100 1000 u 300 Kbps 7680 51200 512000 700 Kbps 7680 51200 512000 2 Mbps 7680 51200 512000 Peer to Peer N 10 100 1000 u 300 Kbps 7680 25904 47559 700 Kbps 7680 15616 21525 2 Mbps 7680 7680 7680 Problem 23 Consider a distribution scheme in which the server sends the file to each client, in parallel, at a rate of a rate of us/N. Note that this rate is less than each of the client’s download rate, since by assumption us/N ≤ dmin. Thus each client can also receive at rate us/N. Since each client receives at rate us/N, the time for each client to receive the entire file is F/( us/N) = NF/ us. Since all the clients receive the file in NF/ us, the overall distribution time is also NF/ us. Consider a distribution scheme in which the server sends the file to each client, in parallel, at a rate of dmin. Note that the aggregate rate, N dmin, is less than the server’s link rate us, since by assumption us/N ≥ dmin. Since each client receives at rate dmin, the time for each client to receive the entire file is F/ dmin. Since all the clients receive the file in this time, the overall distribution time is also F/ dmin. From Section 2.6 we know that DCS ≥ max {NF/us, F/dmin} (Equation 1) Suppose that us/N ≤ dmin. Then from Equation 1 we have DCS ≥ NF/us . But from (a) we have DCS ≤ NF/us . Combining these two gives: DCS = NF/us when us/N ≤ dmin. (Equation 2) We can similarly show that: DCS =F/dmin when us/N ≥ dmin (Equation 3). Combining Equation 2 and Equation 3 gives the desired result. Problem 24 Define u = u1 + u2 + ….. + uN. By assumption us <= (us + u)/N Equation 1 Divide the file into N parts, with the ith part having size (ui/u)F. The server transmits the ith part to peer i at rate ri = (ui/u)us. Note that r1 + r2 + ….. + rN = us, so that the aggregate server rate does not exceed the link rate of the server. Also have each peer i forward the bits it receives to each of the N-1 peers at rate ri. The aggregate forwarding rate by peer i is (N-1)ri. We have (N-1)ri = (N-1)(usui)/u = (us + u)/N Equation 2 Let ri = ui/(N-1) and rN+1 = (us – u/(N-1))/N In this distribution scheme, the file is broken into N+1 parts. The server sends bits from the ith part to the ith peer (i = 1, …., N) at rate ri. Each peer i forwards the bits arriving at rate ri to each of the other N-1 peers. Additionally, the server sends bits from the (N+1) st part at rate rN+1 to each of the N peers. The peers do not forward the bits from the (N+1)st part. The aggregate send rate of the server is r1+ …. + rN + N rN+1 = u/(N-1) + us – u/(N-1) = us Thus, the server’s send rate does not exceed its link rate. The aggregate send rate of peer i is (N-1)ri = ui Thus, each peer’s send rate does not exceed its link rate. In this distribution scheme, peer i receives bits at an aggregate rate of Thus each peer receives the file in NF/(us+u). (For simplicity, we neglected to specify the size of the file part for i = 1, …., N+1. We now provide that here. Let Δ = (us+u)/N be the distribution time. For i = 1, …, N, the ith file part is Fi = ri Δ bits. The (N+1)st file part is FN+1 = rN+1 Δ bits. It is straightforward to show that F1+ ….. + FN+1 = F.) The solution to this part is similar to that of 17 (c). We know from section 2.6 that Combining this with a) and b) gives the desired result. Problem 25 There are N nodes in the overlay network. There are N(N-1)/2 edges. Problem 26 Yes. His first claim is possible, as long as there are enough peers staying in the swarm for a long enough time. Bob can always receive data through optimistic unchoking by other peers. His second claim is also true. He can run a client on each host, let each client “free-ride,” and combine the collected chunks from the different hosts into a single file. He can even write a small scheduling program to make the different hosts ask for different chunks of the file. This is actually a kind of Sybil attack in P2P networks. Problem 27 Peer 3 learns that peer 5 has just left the system, so Peer 3 asks its first successor (Peer 4) for the identifier of its immediate successor (peer 8). Peer 3 will then make peer 8 its second successor. Problem 28 Peer 6 would first send peer 15 a message, saying “what will be peer 6’s predecessor and successor?” This message gets forwarded through the DHT until it reaches peer 5, who realizes that it will be 6’s predecessor and that its current successor, peer 8, will become 6’s successor. Next, peer 5 sends this predecessor and successor information back to 6. Peer 6 can now join the DHT by making peer 8 its successor and by notifying peer 5 that it should change its immediate successor to 6. Problem 29 For each key, we first calculate the distances (using d(k,p)) between itself and all peers, and then store the key in the peer that is closest to the key (that is, with smallest distance value). Problem 30 Yes, randomly assigning keys to peers does not consider the underlying network at all, so it very likely causes mismatches. Such mismatches may degrade the search performance. For example, consider a logical path p1 (consisting of only two logical links): ABC, where A and B are neighboring peers, and B and C are neighboring peers. Suppose that there is another logical path p2 from A to C (consisting of 3 logical links): ADEC. It might be the case that A and B are very far away physically (and separated by many routers), and B and C are very far away physically (and separated by many routers). But it may be the case that A, D, E, and C are all very close physically (and all separated by few routers). In other words, a shorter logical path may correspond to a much longer physical path. Problem 31 If you run TCPClient first, then the client will attempt to make a TCP connection with a non-existent server process. A TCP connection will not be made. UDPClient doesn't establish a TCP connection with the server. Thus, everything should work fine if you first run UDPClient, then run UDPServer, and then type some input into the keyboard. If you use different port numbers, then the client will attempt to establish a TCP connection with the wrong process or a non-existent process. Errors will occur. Problem 32 In the original program, UDPClient does not specify a port number when it creates the socket. In this case, the code lets the underlying operating system choose a port number. With the additional line, when UDPClient is executed, a UDP socket is created with port number 5432 . UDPServer needs to know the client port number so that it can send packets back to the correct client socket. Glancing at UDPServer, we see that the client port number is not “hard-wired” into the server code; instead, UDPServer determines the client port number by unraveling the datagram it receives from the client. Thus UDP server will work with any client port number, including 5432. UDPServer therefore does not need to be modified. Before: Client socket = x (chosen by OS) Server socket = 9876 After: Client socket = 5432 Problem 33 Yes, you can configure many browsers to open multiple simultaneous connections to a Web site. The advantage is that you will you potentially download the file faster. The disadvantage is that you may be hogging the bandwidth, thereby significantly slowing down the downloads of other users who are sharing the same physical links. Problem 34 For an application such as remote login (telnet and ssh), a byte-stream oriented protocol is very natural since there is no notion of message boundaries in the application. When a user types a character, we simply drop the character into the TCP connection. In other applications, we may be sending a series of messages that have inherent boundaries between them. For example, when one SMTP mail server sends another SMTP mail server several email messages back to back. Since TCP does not have a mechanism to indicate the boundaries, the application must add the indications itself, so that receiving side of the application can distinguish one message from the next. If each message were instead put into a distinct UDP segment, the receiving end would be able to distinguish the various messages without any indications added by the sending side of the application. Problem 35 To create a web server, we need to run web server software on a host. Many vendors sell web server software. However, the most popular web server software today is Apache, which is open source and free. Over the years it has been highly optimized by the open-source community. Problem 36 The key is the infohash, the value is an IP address that currently has the file designated by the infohash.   Chapter 3 Review Questions Call this protocol Simple Transport Protocol (STP). At the sender side, STP accepts from the sending process a chunk of data not exceeding 1196 bytes, a destination host address, and a destination port number. STP adds a four-byte header to each chunk and puts the port number of the destination process in this header. STP then gives the destination host address and the resulting segment to the network layer. The network layer delivers the segment to STP at the destination host. STP then examines the port number in the segment, extracts the data from the segment, and passes the data to the process identified by the port number. The segment now has two header fields: a source port field and destination port field. At the sender side, STP accepts a chunk of data not exceeding 1192 bytes, a destination host address, a source port number, and a destination port number. STP creates a segment which contains the application data, source port number, and destination port number. It then gives the segment and the destination host address to the network layer. After receiving the segment, STP at the receiving host gives the application process the application data and the source port number. No, the transport layer does not have to do anything in the core; the transport layer “lives” in the end systems. For sending a letter, the family member is required to give the delegate the letter itself, the address of the destination house, and the name of the recipient. The delegate clearly writes the recipient’s name on the top of the letter. The delegate then puts the letter in an envelope and writes the address of the destination house on the envelope. The delegate then gives the letter to the planet’s mail service. At the receiving side, the delegate receives the letter from the mail service, takes the letter out of the envelope, and takes note of the recipient name written at the top of the letter. The delegate then gives the letter to the family member with this name. No, the mail service does not have to open the envelope; it only examines the address on the envelope. Source port number y and destination port number x. An application developer may not want its application to use TCP’s congestion control, which can throttle the application’s sending rate at times of congestion. Often, designers of IP telephony and IP videoconference applications choose to run their applications over UDP because they want to avoid TCP’s congestion control. Also, some applications do not need the reliable data transfer provided by TCP. Since most firewalls are configured to block UDP traffic, using TCP for video and voice traffic lets the traffic though the firewalls. Yes. The application developer can put reliable data transfer into the application layer protocol. This would require a significant amount of work and debugging, however. Yes, both segments will be directed to the same socket. For each received segment, at the socket interface, the operating system will provide the process with the IP addresses to determine the origins of the individual segments. For each persistent connection, the Web server creates a separate “connection socket”. Each connection socket is identified with a four-tuple: (source IP address, source port number, destination IP address, destination port number). When host C receives and IP datagram, it examines these four fields in the datagram/segment to determine to which socket it should pass the payload of the TCP segment. Thus, the requests from A and B pass through different sockets. The identifier for both of these sockets has 80 for the destination port; however, the identifiers for these sockets have different values for source IP addresses. Unlike UDP, when the transport layer passes a TCP segment’s payload to the application process, it does not specify the source IP address, as this is implicitly specified by the socket identifier. Sequence numbers are required for a receiver to find out whether an arriving packet contains new data or is a retransmission. To handle losses in the channel. If the ACK for a transmitted packet is not received within the duration of the timer for the packet, the packet (or its ACK or NACK) is assumed to have been lost. Hence, the packet is retransmitted. A timer would still be necessary in the protocol rdt 3.0. If the round trip time is known then the only advantage will be that, the sender knows for sure that either the packet or the ACK (or NACK) for the packet has been lost, as compared to the real scenario, where the ACK (or NACK) might still be on the way to the sender, after the timer expires. However, to detect the loss, for each packet, a timer of constant duration will still be necessary at the sender. The packet loss caused a time out after which all the five packets were retransmitted. Loss of an ACK didn’t trigger any retransmission as Go-Back-N uses cumulative acknowledgements. The sender was unable to send sixth packet as the send window size is fixed to 5. When the packet was lost, the received four packets were buffered the receiver. After the timeout, sender retransmitted the lost packet and receiver delivered the buffered packets to application in correct order. Duplicate ACK was sent by the receiver for the lost ACK. The sender was unable to send sixth packet as the send win
ICS - Internet Component Suite - V8 - Delphi 7 to RAD Studio 10 Seattle ======================================================================= (Aka FPIETTE's Components) Revised: March 3, 2016 http://www.overbyte.be/ http://wiki.overbyte.be/ Table of content: ----------------- - Legal issues - Donate - Register - Contributions - Latest Versions - Version Control repository - Installation - Available VCL Components - Sample applications - About SSL - Support - Release notes - Midware - Known problems - Special thanks Legal issues: ------------- Copyright (C) 1997-2016 by Fran鏾is PIETTE Rue de Grady 24, 4053 Embourg, Belgium SSL implementation includes code written by Arno Garrels, Berlin, Germany, contact: ICS is freeware. This software is provided 'as-is', without any express or implied warranty. In no event will the author be held liable for any damages arising from the use of this software. Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions: 1. The origin of this software must not be misrepresented, you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation would be appreciated but is not required. 2. Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software. 3. This notice may not be removed or altered from any source distribution. 4. You must register this software by sending a picture postcard to the author. Use a nice stamp and mention your name, street address, EMail address and any comment you like to say. 5. As this code make use of OpenSSL, your rights are restricted by OpenSSL license as soon as you use any SSL feature. See http://www.openssl.org for details. Donate ------ ICS is freeware. You can use it without paying anything except the registration postcard (see "register" below). But of course donations are welcome. You can send cash (Euro currency or US Dollars) in an envelop to my street address or buy a gift certificate at Amazon in the UK. I will then use it to buy books. Here is the direct URL at Amazon UK (nearest to my home, please don't use another): http://www.amazon.co.uk/exec/obidos/gc-email-order1/ref=g_gc_email/202-6198323-6681414 For more generous amount, contact me by email. Register -------- ICS is freeware. If you use the components, you must register by sending a picture postcard showing the area you live in and some beautiful stamps for my kids who are stamp collectors. Do not use an envelop, I collect USED postcards sent to me. Write on the postcard that it is your ICS registration. Address your card to: Francois PIETTE, rue de Grady 24, 4053 Embourg, Belgium. Don't forget to mention your name, street address, EMail and web site. Contributions: -------------- ICS has been designed by Fran鏾is PIETTE but many other peoples are working on the components and sample programs. The history of changes in each source file list all developers having contributed (When no name is given, the change is by F. Piette). I can't list all contributors here but I want to specially thanks two specially active contributors: - Arno Garrels - Angus Robertson Latest versions: --------------- The latest versions of ICS can be downloaded from the ICS Wiki web site: http://wiki.overbyte.be/wiki/index.php/ICS_Download ICS V5 and V6 are archive releases no longer updated, last supported release was 2007. ICS V7 is a stable release that may still be updated for major bugs, but not for new releases of Delphi, latest it supported was XE3. ICS V8 is the current development release which is held in a public Version Control repository that is zipped each night for easy download. The download page above also includes the OpenSSL binaries needed to support SSL. ICS V8 supports Delphi 64-bit and Mac OS-X projects. Note that latest C++ Builder version supported is XE3 (lack of spare time, sorry). ICS V9 is in early development and is planned to support Android. There are no current plans for ICS for iOS. Version Control repository: --------------------------- svn://svn.overbyte.be/ics or http://svn.overbyte.be:8443/svn/ics (Usercode = ics, password = ics) Installation: ------------- ICS V8 has been designed for Embarcadero Delphi 2009 and up, and C++ Builder 2009 and up, but is fully compatible with Borland Delphi 7 and CodeGear 2006 and 2007. Embarcadero RAD Studio includes Delphi and C++ Builder. http://www.embarcadero.com/ With Delphi XE2 and later, VCL 64-bit Windows targets are supported for Delphi only. Currently FireMonkey is partly supported for Delphi only (there are still a few non-ported components). ICS for Mac OSX is currently experimental. The zip file has sub-directories in it. You must use the WinZip "Use folder names" option to restore this directory tree or you will have problems because the files would not be in their proper subdirectories. Please note most of these directories are differently named to ICS V7 and earlier, to ease support of multiple versions of Delphi and platforms, and to ease location of similar sample projects. Please don't install V8 over an existing V7 installation, it will be a mess of old and new. This is the new V8 sub-directory layout: .\ Info directory .\Install Component packages project groups for all versions .\Packages (was Delphi\Vc32) Delphi (7 and up) and C++Builder (2006 and up) packages projects .\Source (was Delphi\Vc32) ICS Delphi source code built into packages .\Source\Include (was Delphi\Vc32) .inc files (including OverbyteIcsDefs.inc) .\Source\Extras (was Delphi\Vc32) Extra source code not built into packages .\Source\zobj125 (was Delphi\Vc32) ZLIB C OBJ include files .\Lib Unit output directories for all package builds, subdirectories | for 2007+ will be created on building the packages \$(Config) Release / Debug | \$(Platform) Win32 / Win64 / OSX32 | \ D7..XE8, 10 Seattle includes .dcu and .dfm files for Delphi and .obj and .hpp files for C++ Builder .\Samples Delphi Win32/Win64 common source for all demos .\Samples\delphi\BroswerDemo Delphi Win32/Win64 Web Browser sample application (all Delphi versions) .\Samples\delphi\BroswerDemo\Resources Resource file, web pages and movie linked into browser demo .\Samples\delphi\FtpDemos Delphi Win32/Win64 FTP sample applications (all Delphi versions) .\Samples\delphi\MailNewsDemos Delphi Win32/Win64 SMTP, POP3, NNTP sample applications (all Delphi versions) .\Samples\delphi\MiscDemos Delphi Win32/Win64 Miscellaneous applications (all Delphi versions) .\Samples\delphi\OtherDemos Delphi Win32/Win64 DNS, Ping, SNMP, Syslog sample applications (all Delphi versions) .\Samples\delphi\PlatformDemos Delphi FireMonkey and cross-platform samples (Delphi XE2+) .\Samples\delphi\SocketDemos Delphi Win32/Win64 Socket sample applications (all Delphi versions) .\Samples\delphi\sslinternet Delphi Win32/Win64 SSL-enabled sample applications (all Delphi versions) .\Samples\delphi\WebDemos Delphi Win32/Win64 HTTP sample applications (all Delphi versions) .\Samples\delphi\WebDemos\WebAppServerData Directory for WebAppServ demo data files .\Samples\delphi\WebDemos\WebServData Directory for WebServ demo data files .\Samples\cpp\internet C++Builder sample applications .\Samples\cpp\internet\cb2006 C++Builder 2006 projects .\Samples\cpp\internet\cb2007 C++Builder 2007 projects .\Samples\cpp\internet\cb2009 C++Builder 2009 projects .\Samples\cpp\internet\cb2010 C++Builder 2010 projects .\Samples\cpp\internet\cbXE C++Builder XE projects .\Samples\cpp\internet\cbXE2 C++Builder XE2 projects UPGRADING and REINSTALLING Uninstall an existing ICS package (Menu | Component | Install Packages, select the component package and click Remove). Rename the old ICS directory and unzip to a new or empty directory, remove the old path from the library path and add either the new .\Source directory to the library path under Tools | Options |... or the appropriate .\Lib subdirectory according to version, ie .\Lib\Debug\Win32\D2007 for Delphi 2007. The latter has the advantage that the ICS source code won't be recompiled whenever your project is build. Also under Tools | Options |... add the new .\Source directory to the Browsing path. All DELPHI and C++ BUILDER VERSIONS/WIN32 Always upgrade your compiler with the latest update available from Embarcadero. Always update your system with http://windowsupdate.microsoft.com SSL or not SSL? By default the SSL code is compiled into the run-time package and additional SSL- enabled components are installed. In order to not compile the SSL code into the run-time package and to not install the SSL-Enabled components you need to remove the conditional define USE_SSL from both the run-time and design-time package. However if you do not build your applications with run-time packages it is recommended to build the packages with default settings. The SSL code will the be compiled into your applications depending on whether the conditional define USE_SSL is set in the project options or not (this requires having the .\Source directory in either in the library path or in projects Search path). Actual use of SSL in your applications also requires the OpenSSL files LIBEAY32.DLL and SSLEAY32.DLL being available somewhere in the path. Note different DLLs are needed for Win32 and Win64 applications. The ICS distribution includes the latest Win32 OpenSSL files in the .\OpenSSL-Win32 directory and the two main DLLs duplicated in .\Samples\delphi\sslinternet. Other OpenSSL files, including older and Win64, may be downloaded from: http://wiki.overbyte.be/wiki/index.php/ICS_Download INSTALLATION USING THE INSTALL PROJECT GROUPS For each Delphi and C++ Builder version one project group is provided in directory .\Install: Delphi 7 : D7Install.bpg Delphi 2006 : D2006Install.bdsgroup Delphi 2007 : D2007Install.groupproj Delphi 2009 : D2009Install.groupproj Delphi 2010 : D2010Install.groupproj Delphi XE : DXeInstall.groupproj Delphi XE2 : DXe2Install.groupproj // VCL only, no FireMonkey components Delphi XE2 : DXe2InstallVclFmx.groupproj // Both VCL and FireMonkey components Delphi XE3 : DXe3Install.groupproj // VCL only, no FireMonkey components Delphi XE3 : DXe3InstallVclFmx.groupproj // Both VCL and FireMonkey components Delphi XE4 : DXe4Install.groupproj // VCL only, no FireMonkey components Delphi XE4 : DXe4InstallVclFmx.groupproj // Both VCL and FireMonkey components Delphi XE5 : DXe5Install.groupproj // VCL only, no FireMonkey components Delphi XE5 : DXe5InstallVclFmx.groupproj // Both VCL and FireMonkey components Delphi XE6 : DXe6Install.groupproj // VCL only, no FireMonkey components Delphi XE6 : DXe6InstallVclFmx.groupproj // Both VCL and FireMonkey components Delphi XE7 : DXe7Install.groupproj // VCL only, no FireMonkey components Delphi XE7 : DXe7InstallVclFmx.groupproj // Both VCL and FireMonkey components Delphi XE8 : DXe8Install.groupproj // VCL only, no FireMonkey components Delphi XE8 : DXe8InstallVclFmx.groupproj // Both VCL and FireMonkey components Delphi 10 Seattle : D10SInstall.groupproj // VCL only, no FireMonkey components Delphi 10 Seattle : D10SInstallVclFmx.groupproj // Both VCL and FireMonkey components C++ Builder 2006 : CB2006Install.bdsgroup C++ Builder 2007 : CB2007Install.groupproj C++ Builder 2009 : CB2009Install.groupproj C++ Builder 2010 : CB2010Install.groupproj C++ Builder XE : CBXeInstall.groupproj C++ Builder XE2 : CBXe2Install.groupproj // VCL only no FireMonkey components C++ Builder XE2 : CBXe2InstallVclFmx.groupproj // Both VCL and FireMonkey components C++ Builder XE3 : CBXe3InstallVclFmx.groupproj // Both VCL and FireMonkey components 1 - Do a File/Open Project, navigate to the Install directory, select the correct file and open it. The project manager view should now display two package projects, one run-time and one design-time package. The run-time package name contains the "Run" suffix. The design-time package name contains the "Design" suffix. 2 - Select and Build the run-time package (do not install). 3 - Select and Install the design-time package. After a few seconds, you should have a dialog box telling you the package has been installed with a bunch of new components registered in the Tool Palette under "Overbyte ICS" and "Overbyte ICS SSL". Then do a "Save All" and a "Close All". 4 - One package is installed, called 'Overbyte ICS Design-Time Package for Delphi xxx'. 5 - Various directories under .\Samples\delphi\ include samples that illustrate use of all the ICS components, see later. FIREMONKEY CROSS PLATFORM PACKAGES: 1 - For XE2 and later, DXe?Install (where ? is the version) installs VCL components only, while DXe?InstallVclFmx also installs FireMonkey cross platform components (three run time packages). In order to use this feature first uninstall the old design-time package. 2 = Build all three run-time packages for all available platforms (32-bit and 64-bit Windows and Mac OS X) in the order they are listed in project manager. 3 - Next build and install the three design-time packages in the order they are listed in project manager. 4 - Three packages are installed, called: 'Overbyte ICS Common Design-Time Package for Delphi xxx' 'Overbyte ICS FMX Design-Time Package for Delphi xxx' 'Overbyte ICS VCL Design-Time Package for Delphi xxx' Note that the new packaging is still beta/alpha, both package names and included units might change in a future beta drop. The old VCL packages are still there however they do no longer support FireMonkey and of course only one set of packages can be installed in the IDE at the same time, if you want both VCL and FMX install DXe2InstallVclFmx.groupproj only. Currently the XE2 package cache is buggy and should be disabled by adding the -nocache parameter. 5 - The .\Samples\delphi\PlatformDemos\ folder contains FireMonkey sample projects that may all be built with FireMonkey for Mac OS X (and Windows). ALTERNATE INSTALLATION USING THE PACKAGE PROJECT FILES: For each Delphi and C++ Builder version two package project files exist in the .\Packages directory. One run-time and one design-time package project file. The run-time file name contains the "Run" suffix. The design-time file name contains the "Design" suffix. PACKAGE PROJECT FILE NAMES - VCL: Delphi 7 : OverbyteIcsD7Run.dpk, OverbyteIcsD7Design.dpk Delphi 2006 : OverbyteIcsD2006Run.bdsproj, OverbyteIcsD2006Design.bdsproj Delphi 2007 : OverbyteIcsD2007Run.dproj, OverbyteIcsD2007Design.dproj Delphi 2009 : OverbyteIcsD2009Run.dproj, OverbyteIcsD2009Design.dproj Delphi 2010 : OverbyteIcsD2010Run.dproj, OverbyteIcsD2010Design.dproj Delphi XE : OverbyteIcsDXeRun.dproj, OverbyteIcsDXeDesign.dproj Delphi XE2 : OverbyteIcsDXe2Run.dproj, OverbyteIcsDXe2Design.dproj Delphi XE3 : OverbyteIcsDXe3Run.dproj, OverbyteIcsDXe3Design.dproj Delphi XE4 : OverbyteIcsDXe4Run.dproj, OverbyteIcsDXe4Design.dproj Delphi XE5 : OverbyteIcsDXe5Run.dproj, OverbyteIcsDXe5Design.dproj Delphi XE6 : OverbyteIcsDXe6Run.dproj, OverbyteIcsDXe6Design.dproj Delphi XE7 : OverbyteIcsDXe7Run.dproj, OverbyteIcsDXe7Design.dproj Delphi XE8 : OverbyteIcsDXe8Run.dproj, OverbyteIcsDXe8Design.dproj Delphi 10 Seattle : OverbyteIcsD10SRun.dproj, OverbyteIcsD10SDesign.dproj C++ Builder 2006 : OverbyteIcsCB2006Run.bdsproj, OverbyteIcsCB2006Design.bdsproj C++ Builder 2007 : OverbyteIcsCB2007Run.cbproj, OverbyteIcsCB2007Design.cbproj C++ Builder 2009 : OverbyteIcsCB2009Run.cbproj, OverbyteIcsCB2009Design.cbproj C++ Builder 2010 : OverbyteIcsCB2010Run.cbproj, OverbyteIcsCB2010Design.cbproj C++ Builder XE : OverbyteIcsCBXeRun.cbproj, OverbyteIcsCBXeDesign.cbproj C++ Builder XE2 : OverbyteIcsCBXe2Run.cbproj, OverbyteIcsCBXe2Design.cbproj C++ Builder XE3 : OverbyteIcsCBXe3Run.cbproj, OverbyteIcsCBXe3Design.cbproj PACKAGE PROJECT FILE NAMES - FireMonkey and VCL: Delphi XE2 FMX/VCL : IcsCommonDXe2Run.dproj, IcsCommonDXe2Design.dproj Delphi XE2 VCL : IcsVclDXe2Run.dproj, IcsVclDXe2Design.dproj Delphi XE2 FMX : IcsFmxDXe2Run.dproj, IcsFmxDXe2Design.dproj Delphi XE3 FMX/VCL : IcsCommonDXe3Run.dproj, IcsCommonDXe3Design.dproj Delphi XE3 VCL : IcsVclDXe3Run.dproj, IcsVclDXe3Design.dproj Delphi XE3 FMX : IcsFmxDXe3Run.dproj, IcsFmxDXe3Design.dproj Delphi XE4 FMX/VCL : IcsCommonDXe4Run.dproj, IcsCommonDXe4Design.dproj Delphi XE4 VCL : IcsVclDXe4Run.dproj, IcsVclDXe4Design.dproj Delphi XE4 FMX : IcsFmxDXe4Run.dproj, IcsFmxDXe4Design.dproj Delphi XE5 FMX/VCL : IcsCommonDXe5Run.dproj, IcsCommonDXe5Design.dproj Delphi XE5 VCL : IcsVclDXe5Run.dproj, IcsVclDXe5Design.dproj Delphi XE5 FMX : IcsFmxDXe5Run.dproj, IcsFmxDXe5Design.dproj Delphi XE6 FMX/VCL : IcsCommonDXe6Run.dproj, IcsCommonDXe6Design.dproj Delphi XE6 VCL : IcsVclDXe6Run.dproj, IcsVclDXe6Design.dproj Delphi XE6 FMX : IcsFmxDXe6Run.dproj, IcsFmxDXe6Design.dproj Delphi XE7 FMX/VCL : IcsCommonDXe7Run.dproj, IcsCommonDXe7Design.dproj Delphi XE7 VCL : IcsVclDXe7Run.dproj, IcsVclDXe7Design.dproj Delphi XE7 FMX : IcsFmxDXe7Run.dproj, IcsFmxDXe7Design.dproj Delphi XE8 FMX/VCL : IcsCommonDXe8Run.dproj, IcsCommonDXe8Design.dproj Delphi XE8 VCL : IcsVclDXe8Run.dproj, IcsVclDXe8Design.dproj Delphi XE8 FMX : IcsFmxDXe8Run.dproj, IcsFmxDXe8Design.dproj Delphi 10 Seattle FMX/VCL: IcsCommonD10SRun.dproj, IcsCommonD10SDesign.dproj Delphi 10 Seattle VCL : IcsVclD10SRun.dproj, IcsVclD10SDesign.dproj Delphi 10 Seattle FMX : IcsFmxD10SRun.dproj, IcsFmxD10SDesign.dproj C++ Builder XE2 FMX/VCL : IcsCommonCBXe2Run.dproj, IcsCommonDXe2Design.dproj C++ Builder XE2 VCL : IcsVclCBXe2Run.dproj, IcsVclCBXe2Design.dproj C++ Builder XE2 FMX : IcsFmxCBXe2Run.dproj, IcsFmxCBXe2Design.dproj C++ Builder XE3 FMX/VCL : IcsCommonCBXe3Run.dproj, IcsCommonDXe3Design.dproj C++ Builder XE3 VCL : IcsVclCBXe3Run.dproj, IcsVclCBXe3Design.dproj C++ Builder XE3 FMX : IcsFmxCBXe3Run.dproj, IcsFmxCBXe3Design.dproj 1 - Open and Build the run-time package project (do not install!). 2 - Open and Install the design-time package project. (Do a File/Open Project, browse to the .\Packages directory. Select the correct file and open it. Then in the project manager view, right-click on the package, then click on either the Build or Install button.) 3 - For Delphi XE2 and later, a 64-bit run-time package can be built by changing the package target platform to 64-bit Windows. This has the same name as the 32-bit package, so a different package output directory needs to be specified in Tools / Options / Delphi Options for 64-bit Windows. After a few seconds, you should have a dialog box telling you the package has been installed with a bunch of new components registered in the Tool Palette under "Overbyte ICS" and "Overbyte ICS SSL". Then do a "Save All" and a "Close All". DELPHI 2006/WIN32, 2007/WIN32, 2009/WIN32, 2010/WIN32, XE/WIN32: Having installed the package, verify that the appropriate Win32 Library Path (Tools / Options / Delphi Options / Library - Win32 / Library Path) has been added, .\Lib subdirectory according to version, ie .\Lib\Debug\Win32\D2007 for Delphi 2007. If not, add it manually. It is not mandatory to add .\Lib to the global Delphi path, but it will be much easier for you because otherwise you'll have to add it to each project. DELPHI XE2/WIN32, XE3/WIN32, XE4/WIN32, XE5/WIN32, XE6/WIN32, XE7/WIN32, XE8/WIN32, 10 Seattle/WIN32, XE2/WIN64, XE3/WIN64, XE4/WIN64, XE5/WIN64, XE6/WIN64, XE7/WIN64, XE8/WIN64, 10 Seattle/WIN64: Similar to above, but the Library path is specified separately for 32-bit and 64-bit Windows Platforms. DELPHI 7: Add VC32 directory path to your library path (Tools menu / Environment Options / Library / Library Path. Add .\Lib\Debug\Win32\D7 path at the end of the existing path). SAMPLE DELPHI PROJECTS Once the package is installed, you may open the sample projects. The samples are split into several directories according to protocols, most with a project group that can be opened in all versions of Delphi. .\Samples\delphi\BroswerDemo .\Samples\delphi\FtpDemos\FtpDemos.bpg .\Samples\delphi\MailNewsDemos\MailNewsDemos.bpg .\Samples\delphi\MiscDemos\MiscDemos.bpg .\Samples\delphi\OtherDemos\OtherDemos.bpg .\Samples\delphi\PlatformDemos\XSamples.groupproj .\Samples\delphi\SocketDemos\SocketDemos.bpg .\Samples\delphi\sslinternet\SslDemos.bpg .\Samples\delphi\WebDemos\WebDemos.bpg Full details of the sample projects are shown later in this document. You might get some dialog box telling you that resource files are missing (they may not have been included in the zip file to save space) and are recreated by Delphi. It is OK. Any other error message is a problem you should fix. After all resource files have been recreated, you should see in the project manager a group of projects. To compile all samples in the group at once, do Project / Build all projects. This may take a few minutes. Note 1: Delphi may run out of memory if you ask to compile all projects at once. If you have not enough RAM, then compile each project individually. Note 2: Delphi has warnings which triggers a lot of messages for 100% OK code. You can turn those warnings off in the project/ options / Compiler messages and deselecting: "Deprecated symbol", "Platform symbol", "unsafe type", "unsafe code", "unsafe typecast". Those are intended for .NET and Linux portability. You can safely ignore them if you run windows. For you facility, I included a utility SetProjectOptions (source code, you must compile it) in the internet directory. This utility will update project options to disable the warnings. Once the components are all installed, you may open the sample projects each one after the other and compile them. For each project, do file/open and select the dpr file in the internet directory. Then Project/Build All. C++ BUILDER 2006, 2007, 2009, 2010, XE, XE2, XE3: Follow the installation procedure described for Delphi 2006. Just change the project group and package name: use CB2006, CBXe, etc, see above. You can't have Delphi 2006 and CBuilder 2006 packages installed at the same time in the IDE. So when switching from one to the other, be sure to remove the one you don't need. Building the FireMonkey CBXE2InstallVclFmx C++ packages for OSX may trigger an ILINK32 error, this is a bug in C++ Builder reported as QC #103668 the Win32 packages should build without errors. Once the components are all installed, you may open the sample projects each one after the other and compile them. For each project, do file/open and select the dpr file in the internet directory. Then Project/Build All. Projects are located in SAMPLES\CPP\INTERNET\CB2006\ (or CB2006, CBXE, etc) with a project group in each directory, OverbyteIcsCB2006Sam.bdsgroup, OverbyteIcsCBXe2Sam.groupproj, etc. It is likely that for each project, C++ Builder complains about a missing .res file. This is not a problem, C++ Builder will recreate it as needed. They have not been included to save space in the zip file. Once the components are all installed, you may open the sample projects each one after the other and compile them. For each project, do file/open and select the dpr file in the internet directory. Then Project/Build All. NOTES: - You may have an error message, using Delphi or C++ Builder complaining about Font.Charset, OldCreateOrder and other properties. Those are new properties in newer Delphi or C++ Builder versions, newer than the version you use. You can safely ignore those errors because those properties are not used by the components nor sample programs. You may encounter this error at run time. To avoid it, you must open each form at design time and ignore the error. Then recompile. If you don't ignore the error at design time, you'll have it at runtime ! - If you have Delphi or C++ Builder complaining about a file not found, add .\source directory to your library path. - If you are using C++ Builder you may encounter an error at link time such as "Unable to open file MWBCB30.LIB" (or other libs). This is a bug in C++ Builder. To solve it, you can edit project option file (right click in project manager) and remove any reference to the missing libraries. - Don't forget that the C++Builder components are located in .\delphi\vc32 which is object pascal source code (not a problem for C++Builder, just indicate that the *.pas files are displayed when installing). C++Builder will create the *.hpp files. There are some on-line help files in the VC32 directory. Available VCL Components ------------------------ - The following is a list of the files that should be installed in order to properly add all of the available components in this collection: > OverbyteIcsCharsetComboBox.pas Provides easy MIME charset selection > OverbyteIcsDnsQuery DNS lookup component - useful for getting MX records > OverbyteIcsDprUpdFix.pas IDE plugin for Delphi 2009 and 2010 to update old projects > OverbyteIcsEmulVT.pas ANSI terminal emulation in a control > OverbyteIcsFingCli.pas FINGER client protocol - Find information about user > OverbyteIcsFtpCli.pas FTP client protocol - file transfer > OverbyteIcsFtpSrv.pas FTP server protocol - file transfer > OverbyteIcsFtpSrvT.pas FTP server protocol - helpers > OverbyteIcsHttpAppServer.pas HTTP server protocol - used to build advanced web servers > OverbyteIcsHttpProt.pas HTTP client protocol - used by the web > OverbyteIcsHttpSrv.pas HTTP server protocol - used to build web servers > OverbyteIcsLogger.pas A component to log information > OverbyteIcsMimeDec.pas MIME component - decode file attach, use with POP3 > OverbyteIcsMultiProgressBar.pas A segmented progress bar > OverbyteIcsMultipartFtpDownloader.pas FTP client protocol - download one file using simultaneous connections to speedup download > OverbyteIcsMultipartHttpDownloader.pas HTTP client protocol - download one file using simultaneous connections to speedup download > OverbyteIcsNntpCli.pas NNTP client protocol - send and receive newsgroups messages > OverbyteIcsPing.pas ICMP echo protocol - ping a host > OverbyteIcsPop3Prot.pas POP3 client protocol - get mail from mail server > OverbyteIcsReg.pas Register design components > OverbyteIcsSmtpProt.pas SMTP client protocol - send mail to server > OverbyteIcsSmtpSrv.pas SMTP server protocol - receive mail from client > OverbyteIcsSnmpCli.pas SNMP client protocol - network management > OverbyteIcsSnmpMsgs.pas SNMP client protocol - message helper > OverbyteIcsSysLogClient.pas Syslog Client Protocol - receive syslog messages > OverbyteIcsSysLogDefs.pas Syslog Protocol - helpers > OverbyteIcsSysLogServer.pas Syslog Server Protocol - send syslog messages > OverbyteIcsTnCnx.pas TELNET client protocol - terminal emulation protocol > OverbyteIcsTnEmulVT.pas TELNET and ANSI terminal emulation combined > OverbyteIcsTnOptFrm.pas TELNET Client configuration form > OverbyteIcsTnScript.pas TELNET client protocol - with automation > OverbyteIcsWSocket.pas Winsock component - TCP, UDP, DNS,... > OverbyteIcsWSocketE.pas Register procedure and property editor for TWSocket > OverbyteIcsWSocketS.pas Winsock component for building servers > OverbyteIcsWSocketTS.pas Winsock component for building multithreaded servers - The following list support and utilities units: > OverbyteIcsAsn1Utils.pas ASN1 utilities (for TSnmpClient component) > OverbyteIcsAvlTrees.pas Implements a fast cache-like data storage > OverbyteIcsCharsetUtils.pas MIME-charset functions > OverbyteIcsCookies.pas Client Cookie Handling > OverbyteIcsCRC.pas 32 bit CRC computation > OverbyteIcsCsc.pas character set routines > OverbyteIcsDES.pas Implementation of the Data Encryption Standard (DES) > OverbyteIcsDigestAuth.pas HTTP Digest Access Authentication > OverbyteIcsFormDataDecoder.pas Decode a MIME data block as generated by a HTML form > OverbyteIcsHttpCCodZLib.pas Supports GZIP coding for HttpContCod > OverbyteIcsHttpContCod.pas HTTP Content Coding support, uses extra units > OverbyteIcsIcmp.pas ICMP protocol support, used by the PING component > OverbyteIcsIconv.pas Headers for iconv library (LGPL) > OverbyteIcsLIBEAY.pas Delphi encapsulation for LIBEAY32.DLL (OpenSSL) > OverbyteIcsMD4.pas Implementation of the MD4 Message-Digest Algorithm > OverbyteIcsMD5.pas Implementation of the MD5 Message-Digest Algorithm > OverbyteIcsMimeUtil.pas Support routines for MIME standard > OverbyteIcsMLang.pas A few header translations from MS mlang.h > OverbyteIcsNtlmMsgs.pas Client NTLM authentification messages used within HTTP protocol > OverbyteIcsNtlmSsp.pas Server NTLM authentification of user credentials using Windows SSPI > OverbyteIcsOneTimePw.pas One Time Password support functions, used by FTP > OverbyteIcsSHA1.pas Implementation of US Secure Hash Algorithm 1 (SHA1) > OverbyteIcsSocketUtils.pas Cross platform socket utilities for ICS > OverbyteIcsSSLEAY.pas Delphi encapsulation for SSLEAY32.DLL (OpenSSL) > OverbyteIcsSslSessionCache.pas A very fast external SSL-session-cache component > OverbyteIcsSslThrdLock.pas Implementation of OpenSsl thread locking (Windows); > OverbyteIcsSspi.pas A few header translations from MS sspi.h and security.h > OverbyteIcsStreams.pas Fast streams for ICS > OverbyteIcsThreadTimer.pas A custom timer class using custom timer messages from one or more threads > OverbyteIcsTicks64.pas GetTickCount64 support for all versions of Windows > OverbyteIcsTimeList.pas List of items with expiry times, used for WebSessions > OverbyteIcsTypes.pas Common types, mainly for backward compiler compatibility > OverbyteIcsURL.pas Support routines for URL handling > OverbyteIcsUtils.pas Vast number of common utilities, many supporting Unicode for D7/2007 > OverbyteIcsWSockBuf.pas FIFO buffers for TWSocket > OverbyteIcsWebSession.pas Web session support for THttpAppSrv and MidWare > OverbyteIcsWinnls.pas A few header translations for Unicode Normalization in winnls.h > OverbyteIcsWinsock.pas Some Winsock initialisations > OverbyteIcsWndControl.pas A class that encapsulates a windows message queue and a message map > OverbyteIcsZLibDll.pas Zlib support, interface to external zlib.dll functions > OverbyteIcsZlibHigh.pas Zlib support, high level interface for compression and decompression > OverbyteIcsZLibObj.pas Zlib support, interface to zlib linked C OBJ functions FireMonkey Cross Platform Support: ---------------------------------- For Delphi and C++ Builder XE2 and later, FireMonkey Desktop applications are an alternate to VCL Forms applications, supporting cross platforms of Windows 32-bit and 64-bit and Mac OS X (and perhaps other platforms in future). FireMonkey uses different visual components to VCL, while some non-visual components can be used for both VCL and FMX projects, while other components need special versions, such as ICS. Earlier betas of V8 used the conditional define "FMX" which is *no longer required in project options. Instead in your existing ICS FireMonkey app. add either "Ics.Fmx" to the unit scope names in project options or apply the following changes in the uses clause, rename: OverbyteIcsWndControl -> Ics.Fmx.OverbyteIcsWndControl OverbyteIcsWSocket -> Ics.Fmx.OverbyteIcsWSocket OverbyteIcsFtpCli -> Ics.Fmx.OverbyteIcsFtpCli OverbyteIcsFtpSrv -> Ics.Fmx.OverbyteIcsFtpSrv OverbyteIcsHttpProt -> Ics.Fmx.OverbyteIcsHttpProt OverbyteIcsWSocketS -> Ics.Fmx.OverbyteIcsWSocketS OverbyteIcsSmtpProt -> Ics.Fmx.OverbyteIcsSmtpProt.pas OverbyteIcsPop3Prot -> Ics.Fmx.OverbyteIcsPop3Prot.pas OverbyteIcsNntpCli -> Ics.Fmx.OverbyteIcsNntpCli.pas OverbyteIcsPing -> Ics.Fmx.OverbyteIcsPing.pas OverbyteIcsDnsQuery -> Ics.Fmx.OverbyteIcsDnsQuery.pas OverbyteIcsFingCli -> Ics.Fmx.OverbyteIcsFingCli.pas OverbyteIcsSslSessionCache -> Ics.Fmx.OverbyteIcsSslSessionCache.pas OverbyteIcsSslThrdLock -> Ics.Fmx.OverbyteIcsSslThrdLock.pas OverbyteIcsHttpSrv -> Ics.Fmx.OverbyteIcsHttpSrv.pas OverbyteIcsSocketUtils -> Ics.Fmx.OverbyteIcsSocketUtils.pas OverbyteIcsMultipartFtpDownloader -> Ics.Fmx.OverbyteIcsMultipartFtpDownloader.pas OverbyteIcsMultipartHttpDownloader -> Ics.Fmx.OverbyteIcsMultipartHttpDownloader.pas OverbyteIcsHttpAppServer -> Ics.Fmx.OverbyteIcsHttpAppServer.pas OverbyteIcsThreadTimer -> Ics.Fmx.OverbyteIcsThreadTimer.pas OverbyteIcsCharsetComboBox -> Ics.Fmx.OverbyteIcsCharsetComboBox.pas { Demo units } OverbyteIcsWebAppServerCounter -> Ics.Fmx.OverbyteIcsWebAppServerCounter OverbyteIcsWebAppServerMailer -> Ics.Fmx.OverbyteIcsWebAppServerMailer The list above is also the list of units that now have different names in the FireMonkey framework however most of them share the same source file. Dropping a ICS component on the form will add the correct unit name for each framework automatically (don't forget to disable the package cache as described above). Unit OverbyteIcsLibrary.pas has been *deprecated* and ICS IPv8 doesn't use it anymore. If you used it in your own code read the comment in OverbyteIcsLibrary.pas, search for "deprecated". Sample applications: -------------------- With V8, the sample applications are now grouped into directories according to general functionality, to make it easier to compare related samples. Many samples are similar. When searching for something, always look at the date the demos where created. The most recent is always the best code! In the lists below, ACTIVE!! indicates applications that are actively maintained to test and support new functionality in the ICS components. These may not be simplest samples, but are usually the first to try when learning about a component. Delphi Win32/Win64 Web Browser sample application ------------------------------------------------- .\Samples\delphi\BroswerDemo > FrameBrowserIcs.dpr Web Browser using HtmlViewer component - ACTIVE!! Note this sample needs HtmlViewer component installed Delphi Win32/Win64 FTP sample applications ------------------------------------------ .\Samples\delphi\FtpDemos\FtpDemos.bpg - Project group > OverbyteIcsBasFtp.dpr Basic FTP client program > OverbyteIcsConFtp.dpr Basic console mode FTP client > OverbyteIcsFtpAsy.dpr Example of asynchronous FTP client > OverbyteIcsFtpMulti.dpr Demo to do several FTP downloads in parallel to get a list of files > OverbyteIcsFtpMultipartDownload.dpr Demo to FTP download a single large file in several parts in parallel > OverbyteIcsFtpServ.dpr General purpose FTP server, uses TSocketServer - ACTIVE!! > OverbyteIcsFtpThrd.dpr Demo of multithreaded FTP client, see also FTPASY > OverbyteIcsFtpTst.dpr Basic graphical FTP client - ACTIVE!! Delphi Win32/Win64 SMTP, POP3, NNTP sample applications ------------------------------------------------------- .\Samples\delphi\MailNewsDemos\MailNewsDemos.bpg - Project group > OverbyteIcsBasNntp.dpr Basic NNTP client program > OverbyteIcsConPop3.dpr Basic console mode demo for POP3 (mail receive) > OverbyteIcsConSmtp.dpr Basic console mode demo for SMTP (mail send) > OverbyteIcsMailHtml.dpr Example of HTML formatted EMail sending, including embedded images - ACTIVE!! > OverbyteIcsMailRcv.dpr Internet EMail access using POP3 protocol - ACTIVE!! > OverbyteIcsMailSnd.dpr Example of EMail sending using SMTP, including file attach - ACTIVE!! > OverbyteIcsMailSndAsync.dpr Example of parallel EMail sending with multiple connections > OverbyteIcsMimeDemo.dpr Example of EMail decoding (attached files are extracted) - ACTIVE!! > OverbyteIcsNewsReader.dpr Example of TNntpCli component (Send/receive newsgroups) - ACTIVE!! > OverbyteIcsSmtpServer.dpr Internet EMail server using SMTP protocol - ACTIVE!! Delphi Win32/Win64 Miscellaneous applications --------------------------------------------- .\Samples\delphi\MiscDemos\MiscDemos.bpg - Project group > OverbyteIcsBufStrmTst.dpr Test of buffered stream classes > OverbyteIcsCacheTest.dpr Test of TCacheTree class used in TSslAvlSessionCache > OverbyteIcsMD4Test.dpr Test program for MD4 unit > OverbyteIcsMD5File.dpr Example of MD5 unit: computer MD5 checksum for files > OverbyteIcsMD5Test.dpr Test program for MD5 unit > OverbyteIcsOneTimePassword.dpr One Time Password test routines for OverByteIcsOneTimePw unit > OverbyteIcsSHA1Test.dpr Test program for SHA unit > OverbyteIcsThreadTimerDemo.dpr Demo for TIcsThreadTimer > OverbyteIcsTicks64Demo.dpr GetTickCount64 test routines for OverbyteIcsTicks64 unit > OverbyteIcsTimerDemo.dpr Very simple demo for TIcsTimer > OverByteIcsWndControlTest.dpr Test program for windows and threads Delphi Win32/Win64 DNS, Ping, SNMP, Syslog sample applications -------------------------------------------------------------- .\Samples\delphi\OtherDemos\OtherDemos.bpg - Project group > OverbyteIcsBatchDnsLookup.dpr Batch async DNS lookup using DnsLookup (IPv6 and IPv4) > OverbyteIcsConPing.dpr Basic console mode demo for ping component > OverbyteIcsDll1.dpr Demo showing how to use a TWSocket component in a DLL > OverbyteIcsDll2.dpr Demo showing how to use a THttpCli component in a DLL > OverbyteIcsDllTst.dpr Test program calling ICSDLL1 and ICSDLL2 > OverbyteIcsDnsLook.dpr Example of name resolution (IPv6 and IPv4) > OverbyteIcsDnsResolver.dpr Batch async DNS lookup event driven using DnsQuery > OverbyteIcsFinger.dpr Example of TFingerCli component > OverbyteIcsNsLookup.dpr Demo for the DnsQuery component > OverbyteIcsPingTst.dpr Demo for the ping component, includes trace route > OverbyteIcsSnmpCliTst.dpr Demo for SNMP (simple network management protocol) component > OverbyteIcsSysLogClientDemo.dpr Demo for SysLog client component > OverbyteIcsSysLogServerDemo.dpr Demo for SysLog server component Delphi FireMonkey cross-platform samples (Delphi XE2 and later) --------------------------------------------------------------- All these samples may be built for Mac OS X (and Windows). .\Samples\delphi\PlatformDemos\XSamples.groupproj > IcsCliDemo.dproj Example of client for SRVDEMO, IPV4 only > IcsTcpSrvIPv6.dproj Basic server without client forms, event-driven, IPv4/IPV6 > IcsConSmtp.dproj Basic console mode demo for SMTP (mail send) > IcsMailSnd.dproj Example of EMail sending using SMTP, including file attach > IcsMailRcv.dproj Internet EMail access using POP3 protocol > IcsHttpsTst.dproj Example of THttpCli component (GET), show many features > IcsWebServ.dproj Demo of HTTP server, uses TSocketServer > IcsWebAppServ.dproj Advanced HTTP server demo, uses WebServ, adds sessions > IcsFtpTst.dproj Basic graphical FTP client > IcsFtpServ.dproj General purpose FTP server, uses TSocketServer > IcsUdpLstn.dproj UDP listen demo > IcsUdpSend.dproj UDP send demo > IcsBatchDnsLookup.dproj Batch async DNS lookup using DnsLookup (IPv6 and IPv4) > IcsDll1.dproj Demo showing how to use a TWSocket component in a DLL > IcsDll2.dproj Demo showing how to use a THttpCli component in a DLL > IcsDllTst.dproj Test program calling ICSDLL1 and ICSDLL2 > IcsThreadTimerDemo.dproj Very simple demo for TIcsTimer Delphi Win32/Win64 Socket sample applications --------------------------------------------- .\Samples\delphi\SocketDemos\SocketDemos.bpg - Project group > OverbyteIcsBinCliDemo.dpr Client program to receive binary and delimited text data. Works with BinTcpSrv demo. > OverbyteIcsCliDemo.dpr Example of client for SRVDEMO, IPV4 only - ACTIVE!! > OverbyteIcsClient5.dpr Basic client GUI applications > OverbyteIcsClient7.dpr Simple client application demonstrating TWSocket > OverbyteIcsConCli1.dpr Basic client/server console applications > OverbyteIcsConCli2.dpr Basic client/server console applications with thread > OverbyteIcsConSrv1.dpr Basic server application in console mode > OverbyteIcsConUdpLstn.dpr Console application to listen for UDP messages > OverbyteIcsDynCli.dpr Demo of dynamically created TWSocket components > OverbyteIcsMtSrv.dpr Basic server, multi-threaded, see THRDSRV for better code > OverbyteIcsRecv.dpr Simple file receive (server), use with SENDER demo (client) > OverbyteIcsSender.dpr Simple file send (client), use with RECV demo (server) > OverbyteIcsServer5.dpr Basic server GUI applications > OverbyteIcsSocksTst.dpr How to use TWSocket with SOCKS protocol (firewall traversing) > OverbyteIcsSrvDemo.dpr Example of server using a TTable - ACTIVE!! > OverbyteIcsSrvTcp.dpr Basic server without client forms, event-driven > OverbyteIcsSvcTcp.dpr Same as SRVTCP but as an NT/2K/XP service > OverbyteIcsTWSChat.dpr Chat program (both client and server in a single program) > OverbyteIcsTcpSrv.dpr Basic server without client forms, event-driven, IPv4 only - ACTIVE!! > OverbyteIcsTcpSrvIPv6.dpr Basic server without client forms, event-driven, IPv4/IPV6 - ACTIVE!! > OverbyteIcsTelnetClient.dpr Telnet client using a TnEmulVT > OverbyteIcsThrdSrv.dpr Basic multithreaded TCP server, banner sent in main thread > OverbyteIcsThrdSrvV2.dpr Basic multithreaded TCP server, banner sent in worker thread > OverbyteIcsThrdSrvV3.dpr Basic TCP server showing how to use TWSocketThrdServer > OverbyteIcsTnDemo.dpr Telnet client using a TMemo > OverbyteIcsTnSrv.dpr Basic TCP server with client forms, event-driven > OverbyteIcsUdpLstn.dpr UDP listen demo > OverbyteIcsUdpSend.dpr UDP send demo Delphi Win32/Win64 SSL-enabled sample applications -------------------------------------------------- .\Samples\delphi\sslinternet\SslDemos.bpg - Project group > OverbyteIcsHttpsTst.dpr Example of TSslHttpCli component (GET) - ACTIVE!! > OverbyteIcsPemTool.dpr ICS Pem Certificate Tool - Create and import certificates in OpenSLL PEM format > OverbyteIcsSimpleSslCli.dpr Example of simple SSL client using TSslWSocket - ACTIVE!! > OverbyteIcsSimpleSslServer.dpr Example of SSL server using TSslWSocket - ACTIVE!! > OverbyteIcsSslFtpServ.dpr General purpose FTP SSL server, uses TSocketServer - ACTIVE!! > OverbyteIcsSslFtpTst.dpr Basic graphical FTP SSL client - ACTIVE!! > OverbyteIcsSslMailRcv.dpr Internet EMail access using POP3 protocol and SSL - ACTIVE!! > OverbyteIcsSslMailSnd.dpr Example of EMail sending using SMTP and SSL - ACTIVE!! > OverbyteIcsSslNewsRdr.dpr Example of TSslNntpCli component (Send/receive newsgroups) - ACTIVE!! > OverbyteIcsMsVerify.dpr Verify and show an OpenSSL certificate or certificate chain using class TMsCertChainEngine which uses MS crypto API - ACTIVE!! > OverbyteIcsSslSniSrv.dpr Test of Server Name Indication (SNI) in server mode - ACTIVE!! > OverbyteIcsSslWebServ.dpr Demo of HTTPS server, uses TSocketServer - ACTIVE!! > OverbyteIcsSslWebAppServer.dpr Advanced HTTPS server demo, uses WebServ, adds sessions - ACTIVE!! > OverbyteIcsSslSmtpServer.dpr Internet EMail server using SMTP protocol and SSL - ACTIVE!! Delphi Win32/Win64 HTTP sample applications ------------------------------------------- .\Samples\delphi\WebDemos\WebDemos.bpg - Project group > OverbyteIcsConHttp.dpr Basic console mode HTTP client > OverbyteIcsHttpAsp.dpr Example of THttpCli component with cookie (POST to an ASP page) > OverbyteIcsHttpAsy.dpr Example of THttpCli component with multiple async requests (GET) > OverbyteIcsHttpChk.dpr Example of THttpCli to check for valid URL using HEAD request > OverbyteIcsHttpDmo.dpr Simple HTTP client demo with proxy > OverbyteIcsHttpGet.dpr Example of THttpCli component (GET into a file) > OverbyteIcsHttpMultipartDownload.dpr Demo application for TMultipartHttpDownloader to download files using simultaneous connections > OverbyteIcsHttpPg.dpr Example of THttpCli component (POST to CGI script) > OverbyteIcsHttpPost.dpr Example of THttpCli component (POST), work with WebServ sample - ACTIVE!! > OverbyteIcsHttpThrd.dpr Example of THttpCli component (multi-threaded GET) > OverbyteIcsHttpTst.dpr Example of THttpCli component (GET), show many features - ACTIVE!! > OverbyteIcsIsapi.dll Example of FTP client component within an ISAPI extension > OverbyteIcsWebAppServer.dpr Advanced HTTP server demo, uses WebServ, adds sessions - ACTIVE!! > OverbyteIcsWebServ.dpr Demo of HTTP server, uses TSocketServer - ACTIVE!! Two samples are not in the project group since they need extra components installed > OverbyteIcsRestDemo.drp Demo program showing how to use REST API from Google and Yahoo > OverbyteIcsRestJsonDemo.drp Demo program showing how to use REST API from Google Search and JSON Sample Notes ------------ Note 1: Not all samples have been rewritten in C++ for C++ Builder. And those rewritten are frequently much simpler. So C++ Builder user: have a look at the Delphi sample too ! Note 2: Follow "UserMade" link on ICS web site to find more sample programs written by ICS users. As explained in the component installation, you may encounter an error loading a sample application or running it. This may be because the last time I loaded the form, I was using another Delphi or C++ Builder version which has new properties. You can safely ignore messages related to those new properties. They are not used in the samples. (The properties are CharSet, OldCreateOrder and others). You can also encounter error about duplicate resources. You can ignore them safely. If you have those errors, open each form in the IDE, ignore the error then recompile. If you don't open the form in the IDE, you'll get the errors at runtime and your program will abort. When installing a new version, always delete old dcu, obj, dcpil and always recompile everything ! Close everything before recompiling the library or packages. When installing a new version, be sure to unzip it in the same directory tree as the old one or you'll mess both versions. About SSL: ---------- TSslWSocket and TSslWSocketServer component are derived from the standard TWSocket and TWSocketServer component. The SSL code is compiled into the component only if you define USE_SSL symbol to your packages and projects. Just add USE_SSL to the defines in the project or package options and recompile everything. The components make use of LIBEAY32.DLL and SSLEAY32.DLL to handle SSL protocol stuff. The DLLs are dynamically loaded at runtime. It means that the DLLs will only be required at runtime when you first make use of a SSL function. Your applications will run on systems without OpenSSL DLLs as long as you don't call any SSL function. The files may be downloaded from: http://wiki.overbyte.be/wiki/index.php/ICS_Download Most ICS components have their SSL enabled counter part. They work exactly the same way as the regular component except when SSL specific stuff is needed, for example certificates. To support SSL stuff, the SSL-enabled version use some new properties, events and methods. Many sample programs have their SSL-enabled counter part in a separate sources located in SslInternet folder. SSL certificates: To make use of SSL, you frequently need certificates. I provide some demo certificates I built using command line OpenSSL tool. PEM certificates can be opened by a text editor, LF as well as CRLF are allowed as line breaks. CACERT.PEM : A demo certificate for "Example CA" 01CERT.PEM : A demo certificate which is signed by CACERT.PEM 01KEY.PEM : A demo private key for 01CERT.PEM Passphrase is "password". CLIENT.PEM : A demo certificate and private key. Passphrase is "password". SERVER.PEM : A demo certificate and private key. Passphrase is "password". ROOT.PEM : A demo CA certificate. Passphrase is "password". TRUSTEDCABUNDLE.PEM : A demo CA file in PEM format containing multiple well known root CA certificates to be specified in property CA Path of the demo applications. Read the comments included in this file. 6F6359FC.0 : Located in sub directory SslInternet\TrustedCaStore, it's the file CACERT.PEM stored with a hashed file name. Directory TrustedCaStore can be specified in property CA Path of the demo applications. For details about certificate, see the excellent book: "Network security with OpenSSL", O'Reilly, ISBN 10: 0-596-00270-X The SSL demo project OverbyteIcsPemTool may be used to create self signed PEM certificates, certificate requests for commercial use, to convert existing certificates in the Windows Certificate Store to PEM format understood by OpenSSL and to examine PEM certificates. You will find more information in IcsSslHowTo.txt file. Commercial SSL certificates: To avoid browsers giving certificate warning messages, you need to purchase a SSL certificate from one of numerous companies, such as Verisign, Thawte GeoTrust or RapidSSL. Prices vary dramatically and are often cheaper from resellers such as Servertastic than from the main issuing companies. The main purpose of an SSL certificate is to prove the identity of the owner of a web site, ideally the company behind the web site. That usually requires paper work identifying the company is submitted and also proof the domain being protected is owned by that company, it usually also involves telephone calls. Such certificates are usually called fully validated and cost $120 or more each year for a single domain, ie secure.website.com. Wild card certificates cost $350 or more, but protect multiple sub-domains, ie web.website.com as well. Extended Validation certificates cost from $450 a year, and show the company name in green in the address bar. For testing and simple use, instant issued SSL certificates cost from $15 per year and protect a single domain only with automated checking reducing the cost (an email to admin@website.com to prove you receive email for the domain, perhaps a telephone call as well). Note these instant certificates do not include a company name. To buy and install an SSL certificate for use with ICS and OpenSSL follow these steps: 1 - Build the SSL demo project OverbyteIcsPemTool. Take Extras, Create Certificate Requests, fill in the various fields (check other certificates if uncertain, the Common Name is the domain to protect, ie secure.website.com and E-Mail should be an email address at the than domain, ideally admin or administrator, 2048 bits. Click Create, and specify two file names, first for the private key (mykey.pem) then the certificate request file (myreq.pem). The request can also be done using OpenSSL command line arguments, or you can build it into your own application. 2 - Choose you SSL supplier and certificate type, at some point during the ordering process you will be asked for the certificate request, so open the PEM file you saved with a text editor and copy the base64 encoded block starting -BEGIN CERTIFICATE REQUEST- into the web form. It should be decoded and displayed so you check it's correct. The private key is not needed for the certificate to be issued. At this point the validation process starts as mentioned above, which might take hours or weeks to complete. 3 - Eventually the SSL certificate should be issued, either by email or made available to download from the supplier's web site. It should be in X.509 format in a base64 encoded block starting -BEGIN CERTIFICATE- which should be saved as a PEM file (mycert.pem). There should also be an Intermediate CA certificate, with which your new certificate was signed, which should also be saved as a file (mycacert.pem). This may also be downloadable from the supplier as a bundle file and should be common to any certificates they issue, ie RapidSSL_CA_bundle.pem. 4 - The OverbyteIcsPemTool tool has a View PEM button that allows examination of your new PEM files. 5 - The three PEM files now need to be attached to the SslContext component in your application, with properties SslCertFile, SslPrivKeyFile and SslCAFile. The request certificate file has no further use. Support: -------- There is a mailing list to discuss F. Piette's components and applications. To subscribe surf to http://lists.elists.org/mailman/listinfo/twsocket. Do not use an aliased EMail address, use your real EMail address, the one you'll use to post messages. After asking for subscription, you'll receive a confirmation email you must reply to it or you will _not_ be added to the subscriber's list (this is to check for email path and also make sure someone doesn't subscribe you without your consent). Once you have been registered with the mailing list processor, you can send messages to twsocket@elists.org. Every subscriber will receive a copy of your message. I will respond, but anybody is welcome to respond to each other's messages. So every body can share his expertise. There are many other useful mailing lists at http://www.elists.org ! Before asking a question, browse the message archive you can download from the support page on the web site (click the "support" button from main page) and from the mailing list web site http://lists.elists.org/mailman/listinfo/twsocket. Google is also archiving the list with some delay. If you found a bug, please make a short program that reproduces the problem attach it to a message addressed to me. If I can reproduce the problem, I can find a fix ! Do not send exe file but just source code and instructions. Always use the latest version (beta if any) before reporting any bug. You are also encouraged to use the support mailing list to ask for enhancements. You are welcome to post your own code. The support mailing list has sometimes a heavy traffic. If it is too much for you, you can select "digest" mode in which mailing list processor will mail you only one big message per day. To select digest mode goto http://lists.elists.org/mailman/listinfo/twsocket. You can also subscribe to another mailing list called twsocket-announce which will receive only very few messages when major bug fixes or updates are done. The subscription process is the same as for the other mailing list. See above procedure. Release notes ------------- There is no global release notes. Each component and sample has his own history. You can find those histories in the comment in the beginning of each source file. There are also a bunch of useful comments in the source code. You should at least browse the source for the components you are interested in. MidWare ------- If you wants to build client/server applications using TCP/IP protocol, you can do it easily with ICS. But you can do it much more easily using another freeware product from Fran鏾is Piette: MidWare. Available from the same web site http://www.overbyte.be. francois.piette@overbyte.be francois.piette@swing.be http://www.overbyte.be/ http://wiki.overbyte.be/
CISCO 技术大集合 {适合你们的技术} 二、命令状态 1. router> 路由器处于用户命令状态,这时用户可以看路由器的连接状态,访问其它网络和主机,但不能看到和更改路由器的设置内容。 2. router# 在router>提示符下键入enable,路由器进入特权命令状态router#,这时不但可以执行所有的用户命令,还可以看到和更改路由器的设置内容。 3. router(config)# 在router#提示符下键入configure terminal,出现提示符router(config)#,此时路由器处于全局设置状态,这时可以设置路由器的全局参数。 4. router(config-if)#; router(config-line)#; router(config-router)#;… 路由器处于局部设置状态,这时可以设置路由器某个局部的参数。 5. > 路由器处于RXBOOT状态,在开机后60秒内按ctrl-break可进入此状态,这时路由器不能完成正常的功能,只能进行软件升级和手工引导。 6. 设置对话状态 这是一台新路由器开机时自动进入的状态,在特权命令状态使用SETUP命令也可进入此状态,这时可通过对话方式对路由器进行设置。   返回目录 三、设置对话过程 1. 显示提示信息 2. 全局参数的设置 3. 接口参数的设置 4. 显示结果 利用设置对话过程可以避免手工输入命令的烦琐,但它还不能完全代替手工设置,一些特殊的设置还必须通过手工输入的方式完成。 进入设置对话过程后,路由器首先会显示一些提示信息: --- System Configuration Dialog --- At any point you may enter a question mark '?' for help. Use ctrl-c to abort configuration dialog at any prompt. Default settings are in square brackets '[]'. 这是告诉你在设置对话过程中的任何地方都可以键入“?”得到系统的帮助,按ctrl-c可以退出设置过程,缺省设置将显示在‘[]’中。然后路由器会问是否进入设置对话: Would you like to enter the initial configuration dialog? [yes]: 如果按y或回车,路由器就会进入设置对话过程。首先你可以看到各端口当前的状况: First, would you like to see the current interface summary? [yes]: Any interface listed with OK? value "NO" does not have a valid configuration Interface IP-Address OK? Method Status Protocol Ethernet0 unassigned NO unset up up Serial0 unassigned NO unset up up ……… ……… … …… … … 然后,路由器就开始全局参数的设置: Configuring global parameters: 1.设置路由器名: Enter host name [Router]: 2.设置进入特权状态的密文(secret),此密文在设置以后不会以明文方式显示: The enable secret is a one-way cryptographic secret used instead of the enable password when it exists. Enter enable secret: cisco 3.设置进入特权状态的密码(password),此密码只在没有密文时起作用,并且在设置以后会以明文方式显示: The enable password is used when there is no enable secret and when using older software and some boot images. Enter enable password: pass 4.设置虚拟终端访问时的密码: Enter virtual terminal password: cisco 5.询问是否要设置路由器支持的各种网络协议: Configure SNMP Network Management? [yes]: Configure DECnet? [no]: Configure AppleTalk? [no]: Configure IPX? [no]: Configure IP? [yes]: Configure IGRP routing? [yes]: Configure RIP routing? [no]: ……… 6.如果配置的是拨号访问服务器,系统还会设置异步口的参数: Configure Async lines? [yes]: 1) 设置线路的最高速度: Async line speed [9600]: 2) 是否使用硬件流控: Configure for HW flow control? [yes]: 3) 是否设置modem: Configure for modems? [yes/no]: yes 4) 是否使用默认的modem命令: Configure for default chat script? [yes]: 5) 是否设置异步口的PPP参数: Configure for Dial-in IP SLIP/PPP access? [no]: yes 6) 是否使用动态IP地址: Configure for Dynamic IP addresses? [yes]: 7) 是否使用缺省IP地址: Configure Default IP addresses? [no]: yes 8) 是否使用TCP头压缩: Configure for TCP Header Compression? [yes]: 9) 是否在异步口上使用路由表更新: Configure for routing updates on async links? [no]: y 10) 是否设置异步口上的其它协议。 接下来,系统会对每个接口进行参数的设置。 1.Configuring interface Ethernet0: 1) 是否使用此接口: Is this interface in use? [yes]: 2) 是否设置此接口的IP参数: Configure IP on this interface? [yes]: 3) 设置接口的IP地址: IP address for this interface: 192.168.162.2 4) 设置接口的IP子网掩码: Number of bits in subnet field [0]: Class C network is 192.168.162.0, 0 subnet bits; mask is /24 在设置完所有接口的参数后,系统会把整个设置对话过程的结果显示出来: The following configuration command script was created: hostname Router enable secret 5 $1$W5Oh$p6J7tIgRMBOIKVXVG53Uh1 enable password pass ………… 请注意在enable secret后面显示的是乱码,而enable password后面显示的是设置的内容。 显示结束后,系统会问是否使用这个设置: Use this configuration? [yes/no]: yes 如果回答yes,系统就会把设置的结果存入路由器的NVRAM中,然后结束设置对话过程,使路由器开始正常的工作。 返回目录   四、常用命令 1. 帮助 在IOS操作中,无论任何状态和位置,都可以键入“?”得到系统的帮助。 2. 改变命令状态 任务 命令 进入特权命令状态 enable 退出特权命令状态 disable 进入设置对话状态 setup 进入全局设置状态 config terminal 退出全局设置状态 end 进入端口设置状态 interface type slot/number 进入子端口设置状态 interface type number.subinterface [point-to-point | multipoint] 进入线路设置状态 line type slot/number 进入路由设置状态 router protocol 退出局部设置状态 exit 3. 显示命令 任务 命令 查看版本及引导信息 show version 查看运行设置 show running-config 查看开机设置 show startup-config 显示端口信息 show interface type slot/number 显示路由信息 show ip router 4. 拷贝命令 用于IOS及CONFIG的备份和升级 5. 网络命令 任务 命令 登录远程主机 telnet hostname|IP address 网络侦测 ping hostname|IP address 路由跟踪 trace hostname|IP address   6. 基本设置命令 任务 命令 全局设置 config terminal 设置访问用户及密码 username username password password 设置特权密码 enable secret password 设置路由器名 hostname name 设置静态路由 ip route destination subnet-mask next-hop 启动IP路由 ip routing 启动IPX路由 ipx routing 端口设置 interface type slot/number 设置IP地址 ip address address subnet-mask 设置IPX网络 ipx network network 激活端口 no shutdown 物理线路设置 line type number 启动登录进程 login [local|tacacs server] 设置登录密码 password password   五、配置IP寻址   1. IP地址分类 IP地址分为网络地址和主机地址二个部分,A类地址前8位为网络地址,后24位为主机地址,B类地址16位为网络地址,后16位为主机地址,C类地址前24位为网络地址,后8位为主机地址,网络地址范围如下表所示: 种类 网络地址范围 A  1.0.0.0 到126.0.0.0有效 0.0.0.0 和127.0.0.0保留 B 128.1.0.0到191.254.0.0有效 128.0.0.0和191.255.0.0保留 C 192.0.1.0 到223.255.254.0有效 192.0.0.0和223.255.255.0保留 D 224.0.0.0到239.255.255.255用于多点广播 E 240.0.0.0到255.255.255.254保留 255.255.255.255用于广播 2. 分配接口IP地址 任务 命令 接口设置 interface type slot/number 为接口设置IP地址 ip address ip-address mask 掩玛(mask)用于识别IP地址中的网络地址位数,IP地址(ip-address)和掩码(mask)相与即得到网络地址。 3. 使用可变长的子网掩码 通过使用可变长的子网掩码可以让位于不同接口的同一网络编号的网络使用不同的掩码,这样可以节省IP地址,充分利用有效的IP地址空间。 如下图所示: Router1和Router2的E0端口均使用了C类地址192.1.0.0作为网络地址,Router1的E0的网络地址为192.1.0.128,掩码为255.255.255.192, Router2的E0的网络地址为192.1.0.64,掩码为255.255.255.192,这样就将一个C类网络地址分配给了二个网,既划分了二个子网,起到了节约地址的作用。 4. 使用网络地址翻译(NAT) NAT(Network Address Translation)起到将内部私有地址翻译成外部合法的全局地址的功能,它使得不具有合法IP地址的用户可以通过NAT访问到外部Internet. 当建立内部网的时候,建议使用以下地址组用于主机,这些地址是由Network Working Group(RFC 1918)保留用于私有网络地址分配的. l Class A:10.1.1.1 to 10.254.254.254 l Class B:172.16.1.1 to 172.31.254.254 l Class C:192.168.1.1 to 192.168.254.254 命令描述如下: 任务 命令 定义一个标准访问列表 access-list access-list-number permit source [source-wildcard] 定义一个全局地址池 ip nat pool name start-ip end-ip {netmask netmask | prefix-length prefix-length} [type rotary] 建立动态地址翻译 ip nat inside source {list {access-list-number | name} pool name [overload] | static local-ip global-ip} 指定内部和外部端口 ip nat {inside | outside} 如下图所示, 路由器的Ethernet 0端口为inside端口,即此端口连接内部网络,并且此端口所连接的网络应该被翻译,Serial 0端口为outside端口,其拥有合法IP地址(由NIC或服务提供商所分配的合法的IP地址),来自网络10.1.1.0/24的主机将从IP地址池c2501中选择一个地址作为自己的合法地址,经由Serial 0口访问Internet。命令ip nat inside source list 2 pool c2501 overload中的参数overload,将允许多个内部地址使用相同的全局地址(一个合法IP地址,它是由NIC或服务提供商所分配的地址)。命令ip nat pool c2501 202.96.38.1 202.96.38.62 netmask 255.255.255.192定义了全局地址的范围。 设置如下: ip nat pool c2501 202.96.38.1 202.96.38.62 netmask 255.255.255.192 interface Ethernet 0 ip address 10.1.1.1 255.255.255.0 ip nat inside ! interface Serial 0 ip address 202.200.10.5 255.255.255.252 ip nat outside ! ip route 0.0.0.0 0.0.0.0 Serial 0 access-list 2 permit 10.0.0.0 0.0.0.255 ! Dynamic NAT ! ip nat inside source list 2 pool c2501 overload line console 0 exec-timeout 0 0 ! line vty 0 4 end   六、配置静态路由 通过配置静态路由,用户可以人为地指定对某一网络访问时所要经过的路径,在网络结构比较简单,且一般到达某一网络所经过的路径唯一的情况下采用静态路由。 任务 命令 建立静态路由 ip route prefix mask {address | interface} [distance] [tag tag] [permanent] Prefix :所要到达的目的网络 mask :子网掩码 address :下一个跳的IP地址,即相邻路由器的端口地址。 interface :本地网络接口 distance :管理距离(可选) tag tag :tag值(可选) permanent :指定此路由即使该端口关掉也不被移掉。 以下在Router1上设置了访问192.1.0.64/26这个网下一跳地址为192.200.10.6,即当有目的地址属于192.1.0.64/26的网络范围的数据报,应将其路由到地址为192.200.10.6的相邻路由器。在Router3上设置了访问192.1.0.128/26及192.200.10.4/30这二个网下一跳地址为192.1.0.65。由于在Router1上端口Serial 0地址为192.200.10.5,192.200.10.4/30这个网属于直连的网,已经存在访问192.200.10.4/30的路径,所以不需要在Router1上添加静态路由。 Router1: ip route 192.1.0.64 255.255.255.192 192.200.10.6 Router3: ip route 192.1.0.128 255.255.255.192 192.1.0.65 ip route 192.200.10.4 255.255.255.252 192.1.0.65 同时由于路由器Router3除了与路由器Router2相连外,不再与其他路由器相连,所以也可以为它赋予一条默认路由以代替以上的二条静态路由, ip route 0.0.0.0 0.0.0.0 192.1.0.65 即只要没有在路由表里找到去特定目的地址的路径,则数据均被路由到地址为192.1.0.65的相邻路由器。 返回目录   一、HDLC   HDLC是CISCO路由器使用的缺省协议,一台新路由器在未指定封装协议时默认使用HDLC封装。 1. 有关命令 端口设置 任务 命令 设置HDLC封装 encapsulation hdlc 设置DCE端线路速度 clockrate speed 复位一个硬件接口 clear interface serial unit 显示接口状态 show interfaces serial [unit] 1 注:1.以下给出一个显示Cisco同步串口状态的例子. Router#show interface serial 0 Serial 0 is up, line protocol is up Hardware is MCI Serial Internet address is 150.136.190.203, subnet mask is 255.255.255.0 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255 Encapsulation HDLC, loopback not set, keepalive set (10 sec) Last input 0:00:07, output 0:00:00, output hang never Output queue 0/40, 0 drops; input queue 0/75, 0 drops Five minute input rate 0 bits/sec, 0 packets/sec Five minute output rate 0 bits/sec, 0 packets/sec 16263 packets input, 1347238 bytes, 0 no buffer Received 13983 broadcasts, 0 runts, 0 giants 2 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 2 abort 22146 packets output, 2383680 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets, 0 restarts 1 carrier transitions 2. 举例     设置如下: Router1: interface Serial0 ip address 192.200.10.1 255.255.255.0 clockrate 1000000 Router2: interface Serial0 ip address 192.200.10.2 255.255.255.0 ! 3. 举例使用E1线路实现多个64K专线连接. 相关命令: 任务 命令 进入controller配置模式 controller {t1 | e1} number 选择帧类型 framing {crc4 | no-crc4} 选择line-code类型 linecode {ami | b8zs | hdb3} 建立逻辑通道组与时隙的映射 channel-group number timeslots range1 显示controllers接口状态 show controllers e1 [slot/port]2 注: 1. 当链路为T1时,channel-group编号为0-23, Timeslot范围1-24; 当链路为E1时, channel-group编号为0-30, Timeslot范围1-31. 2.使用show controllers e1观察controller状态,以下为帧类型为crc4时controllers正常的状态. Router# show controllers e1 e1 0/0 is up. Applique type is Channelized E1 - unbalanced Framing is CRC4, Line Code is HDB3 No alarms detected. Data in current interval (725 seconds elapsed): 0 Line Code Violations, 0 Path Code Violations 0 Slip Secs, 0 Fr Loss Secs, 0 Line Err Secs, 0 Degraded Mins 0 Errored Secs, 0 Bursty Err Secs, 0 Severely Err Secs, 0 Unavail Secs Total Data (last 24 hours) 0 Line Code Violations, 0 Path Code Violations, 0 Slip Secs, 0 Fr Loss Secs, 0 Line Err Secs, 0 Degraded Mins, 0 Errored Secs, 0 Bursty Err Secs, 0 Severely Err Secs, 0 Unavail Secs 以下例子为E1连接3条64K专线, 帧类型为NO-CRC4,非平衡链路,路由器具体设置如下: shanxi#wri t Building configuration... Current configuration: ! version 11.2 no service udp-small-servers no service tcp-small-servers ! hostname shanxi ! enable secret 5 $1$XN08$Ttr8nfLoP9.2RgZhcBzkk/ enable password shanxi ! ! ip subnet-zero ! controller E1 0 framing NO-CRC4 channel-group 0 timeslots 1 channel-group 1 timeslots 2 channel-group 2 timeslots 3 ! interface Ethernet0 ip address 133.118.40.1 255.255.0.0 media-type 10BaseT ! interface Ethernet1 no ip address shutdown ! interface Serial0:0 ip address 202.119.96.1 255.255.255.252 no ip mroute-cache ! interface Serial0:1 ip address 202.119.96.5 255.255.255.252 no ip mroute-cache ! interface Serial0:2 ip address 202.119.96.9 255.255.255.252 no ip mroute-cache ! no ip classless ip route 133.210.40.0 255.255.255.0 Serial0:0 ip route 133.210.41.0 255.255.255.0 Serial0:1 ip route 133.210.42.0 255.255.255.0 Serial0:2 ! line con 0 line aux 0 line vty 0 4 password shanxi login ! end 广域网设置:   一、HDLC   HDLC是CISCO路由器使用的缺省协议,一台新路由器在未指定封装协议时默认使用HDLC封装。 1. 有关命令 端口设置 任务 命令 设置HDLC封装 encapsulation hdlc 设置DCE端线路速度 clockrate speed 复位一个硬件接口 clear interface serial unit 显示接口状态 show interfaces serial [unit] 1 注:1.以下给出一个显示Cisco同步串口状态的例子. Router#show interface serial 0 Serial 0 is up, line protocol is up Hardware is MCI Serial Internet address is 150.136.190.203, subnet mask is 255.255.255.0 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255 Encapsulation HDLC, loopback not set, keepalive set (10 sec) Last input 0:00:07, output 0:00:00, output hang never Output queue 0/40, 0 drops; input queue 0/75, 0 drops Five minute input rate 0 bits/sec, 0 packets/sec Five minute output rate 0 bits/sec, 0 packets/sec 16263 packets input, 1347238 bytes, 0 no buffer Received 13983 broadcasts, 0 runts, 0 giants 2 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 2 abort 22146 packets output, 2383680 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets, 0 restarts 1 carrier transitions 2. 举例     设置如下: Router1: interface Serial0 ip address 192.200.10.1 255.255.255.0 clockrate 1000000 Router2: interface Serial0 ip address 192.200.10.2 255.255.255.0 ! 3. 举例使用E1线路实现多个64K专线连接. 相关命令: 任务 命令 进入controller配置模式 controller {t1 | e1} number 选择帧类型 framing {crc4 | no-crc4} 选择line-code类型 linecode {ami | b8zs | hdb3} 建立逻辑通道组与时隙的映射 channel-group number timeslots range1 显示controllers接口状态 show controllers e1 [slot/port]2 注: 1. 当链路为T1时,channel-group编号为0-23, Timeslot范围1-24; 当链路为E1时, channel-group编号为0-30, Timeslot范围1-31. 2.使用show controllers e1观察controller状态,以下为帧类型为crc4时controllers正常的状态. Router# show controllers e1 e1 0/0 is up. Applique type is Channelized E1 - unbalanced Framing is CRC4, Line Code is HDB3 No alarms detected. Data in current interval (725 seconds elapsed): 0 Line Code Violations, 0 Path Code Violations 0 Slip Secs, 0 Fr Loss Secs, 0 Line Err Secs, 0 Degraded Mins 0 Errored Secs, 0 Bursty Err Secs, 0 Severely Err Secs, 0 Unavail Secs Total Data (last 24 hours) 0 Line Code Violations, 0 Path Code Violations, 0 Slip Secs, 0 Fr Loss Secs, 0 Line Err Secs, 0 Degraded Mins, 0 Errored Secs, 0 Bursty Err Secs, 0 Severely Err Secs, 0 Unavail Secs 以下例子为E1连接3条64K专线, 帧类型为NO-CRC4,非平衡链路,路由器具体设置如下: shanxi#wri t Building configuration... Current configuration: ! version 11.2 no service udp-small-servers no service tcp-small-servers ! hostname shanxi ! enable secret 5 $1$XN08$Ttr8nfLoP9.2RgZhcBzkk/ enable password shanxi ! ! ip subnet-zero ! controller E1 0 framing NO-CRC4 channel-group 0 timeslots 1 channel-group 1 timeslots 2 channel-group 2 timeslots 3 ! interface Ethernet0 ip address 133.118.40.1 255.255.0.0 media-type 10BaseT ! interface Ethernet1 no ip address shutdown ! interface Serial0:0 ip address 202.119.96.1 255.255.255.252 no ip mroute-cache ! interface Serial0:1 ip address 202.119.96.5 255.255.255.252 no ip mroute-cache ! interface Serial0:2 ip address 202.119.96.9 255.255.255.252 no ip mroute-cache ! no ip classless ip route 133.210.40.0 255.255.255.0 Serial0:0 ip route 133.210.41.0 255.255.255.0 Serial0:1 ip route 133.210.42.0 255.255.255.0 Serial0:2 ! line con 0 line aux 0 line vty 0 4 password shanxi login ! end 返回目录   二、PPP   PPP(Point-to-Point Protocol)是SLIP(Serial Line IP protocol)的继承者,它提供了跨过同步和异步电路实现路由器到路由器(router-to-router)和主机到网络(host-to-network)的连接。 CHAP(Challenge Handshake Authentication Protocol)和PAP(Password Authentication Protocol) (PAP)通常被用于在PPP封装的串行线路上提供安全性认证。使用CHAP和PAP认证,每个路由器通过名字来识别,可以防止未经授权的访问。 CHAP和PAP在RFC 1334上有详细的说明。 1. 有关命令 端口设置 任务 命令 设置PPP封装 encapsulation ppp1 设置认证方法 ppp authentication {chap | chap pap | pap chap | pap} [if-needed][list-name | default] [callin] 指定口令 username name password secret 设置DCE端线路速度 clockrate speed 注:1、要使用CHAP/PAP必须使用PPP封装。在与非Cisco路由器连接时,一般采用PPP封装,其它厂家路由器一般不支持Cisco的HDLC封装协议。 2. 举例 路由器Router1和Router2的S0口均封装PPP协议,采用CHAP做认证,在Router1中应建立一个用户,以对端路由器主机名作为用户名,即用户名应为router2。同时在Router2中应建立一个用户,以对端路由器主机名作为用户名,即用户名应为router1。所建的这两用户的password必须相同。 设置如下: Router1: hostname router1 username router2 password xxx interface Serial0 ip address 192.200.10.1 255.255.255.0 clockrate 1000000 ppp authentication chap ! Router2: hostname router2 username router1 password xxx interface Serial0 ip address 192.200.10.2 255.255.255.0 ppp authentication chap !   返回目录   三、x.25 1. X25技术 X.25规范对应OSI三层,X.25的第三层描述了分组的格式及分组交换的过程。X.25的第二层由LAPB(Link Access Procedure, Balanced)实现,它定义了用于DTE/DCE连接的帧格式。X.25的第一层定义了电气和物理端口特性。 X.25网络设备分为数据终端设备(DTE)、数据电路终端设备(DCE)及分组交换设备(PSE)。DTE是X.25的末端系统,如终端、计算机或网络主机,一般位于用户端,Cisco路由器就是DTE设备。DCE设备是专用通信设备,如调制解调器和分组交换机。PSE是公共网络的主干交换机。 X.25定义了数据通讯的电话网络,每个分配给用户的x.25 端口都具有一个x.121地址,当用户申请到的是SVC(交换虚电路)时,x.25一端的用户在访问另一端的用户时,首先将呼叫对方x.121地址,然后接收到呼叫的一端可以接受或拒绝,如果接受请求,于是连接建立实现数据传输,当没有数据传输时挂断连接,整个呼叫过程就类似我们拨打普通电话一样,其不同的是x.25可以实现一点对多点的连接。其中x.121地址、htc均必须与x.25服务提供商分配的参数相同。X.25 PVC(永久虚电路),没有呼叫的过程,类似DDN专线。 2. 有关命令: 任务 命令 设置X.25封装 encapsulation x25 [dce] 设置X.121地址 x25 address x.121-address 设置远方站点的地址映射 x25 map protocol address [protocol2 address2[...[protocol9 address9]]] x121-address [option] 设置最大的双向虚电路数 x25 htc citcuit-number1 设置一次连接可同时建立的虚电路数 x25 nvc count2 设置x25在清除空闲虚电路前的等待周期 x25 idle minutes 重新启动x25,或清一个svc,启动一个pvc相关参数 clear x25 {serial number | cmns-interface mac-address} [vc-number] 3 清x25虚电路 clear x25-vc 显示接口及x25相关信息 show interfaces serial show x25 interface show x25 map show x25 vc 注:1、虚电路号从1到4095,Cisco路由器默认为1024,国内一般分配为16。 2、虚电路计数从1到8,缺省为1。 3、在改变了x.25各层的相关参数后,应重新启动x25(使用clear x25 {serial number | cmns-interface mac-address} [vc-number]或clear x25-vc命令),否则新设置的参数可能不能生效。同时应对照服务提供商对于x.25交换机端口的设置来配置路由器的相关参数,若出现参数不匹配则可能会导致连接失败或其它意外情况。 3. 实例: 3.1. 在以下实例中每二个路由器间均通过svc实现连接。 路由器设置如下: Router1: interface Serial0 encapsulation x25 ip address 192.200.10.1 255.255.255.0 x25 address 110101 x25 htc 16 x25 nvc 2 x25 map ip 192.200.10.2 110102 broadcast x25 map ip 192.200.10.3 110103 broadcast ! Router2: interface Serial0 encapsulation x25 ip address 192.200.10.2 255.255.255.0 x25 address 110102 x25 htc 16 x25 nvc 2 x25 map ip 192.200.10.1 110101 broadcast x25 map ip 192.200.10.3 110103 broadcast ! Router: interface Serial0 encapsulation x25 ip address 192.200.10.3 255.255.255.0 x25 address 110103 x25 htc 16 x25 nvc 2 x25 map ip 192.200.10.1 110101 broadcast x25 map ip 192.200.10.2 110102 broadcast ! 相关调试命令: clear x25-vc show interfaces serial show x25 map show x25 route show x25 vc 3.2. 在以下实例中路由器router1和router2均通过svc与router连接,但router1和router2不通过svc直接连接,此三个路由器的串口运行RIP路由协议,使用了子接口的概念。由于使用子接口,router1和router2均学习到了访问对方局域网的路径,若不使用子接口,router1和router2将学不到到对方局域网的路由。 子接口(Subinterface)是一个物理接口上的多个虚接口,可以用于在同一个物理接口上连接多个网。我们知道为了避免路由循环,路由器支持split horizon法则,它只允许路由更新被分配到路由器的其它接口,而不会再分配路由更新回到此路由被接收的接口。 无论如何,在广域网环境使用基于连接的接口(象 X.25和Frame Relay),同一接口通过虚电路(vc)连接多台远端路由器时,从同一接口来的路由更新信息不可以再被发回到相同的接口,除非强制使用分开的物理接口连接不同的路由器。Cisco提供子接口(subinterface)作为分开的接口对待。你可以将路由器逻辑地连接到相同物理接口的不同子接口, 这样来自不同子接口的路由更新就可以被分配到其他子接口,同时又满足split horizon法则。 Router1: interface Serial0 encapsulation x25 ip address 192.200.10.1 255.255.255.0 x25 address 110101 x25 htc 16 x25 nvc 2 x25 map ip 192.200.10.3 110103 broadcast ! router rip network 192.200.10.0 ! Router2: interface Serial0 encapsulation x25 ip address 192.200.11.2 255.255.255.0 x25 address 110102 x25 htc 16 x25 nvc 2 x25 map ip 192.200.11.3 110103 broadcast ! router rip network 192.200.11.0 ! Router: interface Serial0 encapsulation x25 x25 address 110103 x25 htc 16 x25 nvc 2 ! interface Serial0.1 point-to-point ip address 192.200.10.3 255.255.255.0 x25 map ip 192.200.10.1 110101 broadcast ! interface Serial0.2 point-to-point ip address 192.200.11.3 255.255.255.0 x25 map ip 192.200.11.2 110102 broadcast ! router rip network 192.200.10.0 network 192.200.11.0 ! 返回目录   帧中继是一种高性能的WAN协议,它运行在OSI参考模型的物理层和数据链路层。它是一种数据包交换技术,是X.25的简化版本。它省略了X.25的一些强健功能,如提供窗口技术和数据重发技术,而是依靠高层协议提供纠错功能,这是因为帧中继工作在更好的WAN设备上,这些设备较之X.25的WAN设备具有更可靠的连接服务和更高的可靠性,它严格地对应于OSI参考模型的最低二层,而X.25还提供第三层的服务,所以,帧中继比X.25具有更高的性能和更有效的传输效率。 帧中继广域网的设备分为数据终端设备(DTE)和数据电路终端设备(DCE),Cisco路由器作为 DTE设备。 帧中继技术提供面向连接的数据链路层的通信,在每对设备之间都存在一条定义好的通信链路,且该链路有一个链路识别码。这种服务通过帧中继虚电路实现,每个帧中继虚电路都以数据链路识别码(DLCI)标识自己。DLCI的值一般由帧中继服务提供商指定。帧中继即支持PVC也支持SVC。 帧中继本地管理接口(LMI)是对基本的帧中继标准的扩展。它是路由器和帧中继交换机之间信令标准,提供帧中继管理机制。它提供了许多管理复杂互联网络的特性,其中包括全局寻址、虚电路状态消息和多目发送等功能。 2. 有关命令: 端口设置 任务 命令 设置Frame Relay封装 encapsulation frame-relay[ietf] 1 设置Frame Relay LMI类型 frame-relay lmi-type {ansi | cisco | q933a}2 设置子接口 interface interface-type interface-number.subinterface-number [multipoint|point-to-point] 映射协议地址与DLCI frame-relay map protocol protocol-address dlci [broadcast]3 设置FR DLCI编号 frame-relay interface-dlci dlci [broadcast] 注:1.若使Cisco路由器与其它厂家路由设备相连,则使用Internet工程任务组(IETF)规定的帧中继封装格式。 2.从Cisco IOS版本11.2开始,软件支持本地管理接口(LMI)“自动感觉”, “自动感觉”使接口能确定交换机支持的LMI类型,用户可以不明确配置LMI接口类型。 3.broadcast选项允许在帧中继网络上传输路由广播信息。 3. 帧中继point to point配置实例: Router1: interface serial 0 encapsulation frame-relay ! interface serial 0.1 point-to-point ip address 172.16.1.1 255.255.255.0 frame-reply interface-dlci 105 ! interface serial 0.2 point-to-point ip address 172.16.2.1 255.255.255.0 frame-reply interface-dlci 102 ! interface serial 0.3 point-to-point ip address 172.16.4.1 255.255.255.0 frame-reply interface-dlci 104 ! Router2: interface serial 0 encapsulation frame-relay ! interface serial 0.1 point-to-point ip address 172.16.2.2 255.255.255.0 frame-reply interface-dlci 201 ! interface serial 0.2 point-to-point ip address 172.16.3.1 255.255.255.0 frame-reply interface-dlci 203 ! 相关调试命令: show frame-relay lmi show frame-relay map show frame-relay pvc show frame-relay route show interfaces serial go top 4. 帧中继 Multipoint 配置实例: Router1: interface serial 0 encapsulation frame-reply ! interface serial 0.1 multipoint ip address 172.16.1.2 255.255.255.0 frame-reply map ip 172.16.1.1 201 broadcast frame-reply map ip 172.16.1.3 301 broadcast frame-reply map ip 172.16.1.4 401 broadcast ! Router2: interface serial 0 encapsulation frame-reply ! interface serial 0.1 multipoint ip address 172.16.1.1 255.255.255.0 frame-reply map ip 172.16.1.2 102 broadcast frame-reply map ip 172.16.1.3 102 broadcast frame-reply map ip 172.16.1.4 102 broadcast ! 五、ISDN   1. 综合数字业务网(ISDN) 综合数字业务网(ISDN)由数字电话和数据传输服务两部分组成,一般由电话局提供这种服务。ISDN的基本速率接口(BRI)服务提供2个B信道和1个D信道(2B+D)。BRI的B信道速率为64Kbps,用于传输用户数据。D信道的速率为16Kbps,主要传输控制信号。在北美和日本,ISDN的主速率接口(PRI)提供23个B信道和1个D信道,总速率可达1.544Mbps,其中D信道速率为64Kbps。而在欧洲、澳大利亚等国家,ISDN的PRI提供30个B信道和1个64Kbps D信道,总速率可达2.048Mbps。我国电话局所提供ISDN PRI为30B+D。 2. 基本命令 任务 命令 设置ISDN交换类型 isdn switch-type switch-type1 接口设置 interface bri 0 设置PPP封装 encapsulation ppp 设置协议地址与电话号码的映射 dialer map protocol next-hop-address [name hostname] [broadcast] [dial-string] 启动PPP多连接 ppp multilink 设置启动另一个B通道的阈值 dialer load-threshold load 显示ISDN有关信息 show isdn {active | history | memory | services | status [dsl | interface-type number] | timers} 注:1.交换机类型如下表,国内交换机一般为basic-net3。 按区域分关键字 交换机类型 Australia basic-ts013 Australian TS013 switches Europe basic-1tr6 German 1TR6 ISDN switches basic-nwnet3 Norway NET3 switches (phase 1) basic-net3 NET3 ISDN switches (UK, Denmark, and other nations); covers the Euro-ISDN E-DSS1 signalling system primary-net5 NET5 switches (UK and Europe) vn2 French VN2 ISDN switches vn3 French VN3 ISDN switches Japan ntt Japanese NTT ISDN switches primary-ntt Japanese ISDN PRI switches North America basic-5ess AT&T basic rate switches basic-dms100 NT DMS-100 basic rate switches basic-ni1 National ISDN-1 switches primary-4ess AT&T 4ESS switch type for the U.S. (ISDN PRI only) primary-5ess AT&T 5ESS switch type for the U.S. (ISDN PRI only) primary-dms100 NT DMS-100 switch type for the U.S. (ISDN PRI only) New Zealand basic-nznet3 New Zealand Net3 switches 3. ISDN实现DDR(dial-on-demand routing)实例: 设置如下: Router1: hostname router1 user router2 password cisco ! isdn switch-type basic-net3 ! interface bri 0 ip address 192.200.10.1 255.255.255.0 encapsulation ppp dialer map ip 192.200.10.2 name router2 572 dialer load-threshold 80 ppp multilink dialer-group 1 ppp authentication chap ! dialer-list 1 protocol ip permit ! Router2: hostname router2 user router1 password cisco ! isdn switch-type basic-net3 ! interface bri 0 ip address 192.200.10.2 255.255.255.0 encapsulation ppp dialer map ip 192.200.10.1 name router1 571 dialer load-threshold 80 ppp multilink dialer-group 1 ppp authentication chap ! dialer-list 1 protocol ip permit ! Cisco路由器同时支持回拨功能,我们将路由器Router1作为Callback Server,Router2作为Callback Client。 与回拨相关命令: 任务 命令 映射协议地址和电话号码,并在接口上使用在全局模式下定义的PPP回拨的映射类别。 dialer map protocol address name hostname class classname dial-string 设置接口支持PPP回拨 ppp callback accept 在全局模式下为PPP回拨设置映射类别 map-class dialer classname 通过查找注册在dialer map里的主机名来决定回拨. dialer callback-server [username] 设置接口要求PPP回拨 ppp callback request 设置如下: Router1: hostname router1 user router2 password cisco ! isdn switch-type basic-net3 ! interface bri 0 ip address 192.200.10.1 255.255.255.0 encapsulation ppp dialer map ip 192.200.10.2 name router2 class s3 572 dialer load-threshold 80 ppp callback accept ppp multilink dialer-group 1 ppp authentication chap ! map-class dialer s3 dialer callback-server username dialer-list 1 protocol ip permit ! Router2: hostname router2 user router1 password cisco ! isdn switch-type basic-net3 ! interface bri 0 ip address 192.200.10.2 255.255.255.0 encapsulation ppp dialer map ip 192.200.10.1 name router1 571 dialer load-threshold 80 ppp callback request ppp multilink dialer-group 1 ppp authentication chap ! dialer-list 1 protocol ip permit ! 相关调试命令: debug dialer debug isdn event debug isdn q921 debug isdn q931 debug ppp authentication debug ppp error debug ppp negotiation debug ppp packet show dialer show isdn status 举例:执行debug dialer命令观察router2呼叫router1,router1回拨router2的过程. router1#debug dialer router2#ping 192.200.10.1 router1# 00:03:50: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up 00:03:50: BRI0:1:PPP callback Callback server starting to router2 572 00:03:50: BRI0:1: disconnecting call 00:03:50: %LINK-3-UPDOWN: Interface BRI0:1, changed state to down 00:03:50: BRI0:1: disconnecting call 00:03:50: BRI0:1: disconnecting call 00:03:51: %LINK-3-UPDOWN: Interface BRI0:2, changed state to up 00:03:52: callback to router2 already started 00:03:52: BRI0:2: disconnecting call 00:03:52: %LINK-3-UPDOWN: Interface BRI0:2, changed state to down 00:03:52: BRI0:2: disconnecting call 00:03:52: BRI0:2: disconnecting call 00:04:05: : Callback timer expired 00:04:05: BRI0:beginning callback to router2 572 00:04:05: BRI0: Attempting to dial 572 00:04:05: Freeing callback to router2 572 00:04:05: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up 00:04:05: BRI0:1: No callback negotiated 00:04:05: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up 00:04:05: dialer Protocol up for Vi1 00:04:06: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed state to up 00:04:06: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, chang ed state to up 00:04:11: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 572 #router1 4. ISDN访问首都在线263网实例: 本地局部网地址为10.0.0.0/24,属于保留地址,通过NAT地址翻译功能,局域网用户可以通过ISDN上263网访问Internet。263的ISDN电话号码为2633,用户为263,口令为263,所涉及的命令如下表: 任务 命令 指定接口通过PPP/IPCP地址协商获得IP地址 ip address negotiated 指定内部和外部端口 ip nat {inside | outside} 使用ppp/pap作认证 ppp authentication pap callin 指定接口属于拨号组1 dialer-group 1 定义拨号组1允许所有IP协议 dialer-list 1 protocol ip permit 设定拨号,号码为2633 dialer string 2633 设定登录263的用户名和口令 ppp pap sent-username 263 password 263 设定默认路由 ip route 0.0.0.0 0.0.0.0 bri 0 设定符合访问列表2的所有源地址被翻译为bri 0所拥有的地址 ip nat inside source list 2 interface bri 0 overload 设定访问列表2,允许所有协议 access-list 2 permit any 具体配置如下: hostname Cisco2503 ! isdn switch-type basic-net3 ! ip subnet-zero no ip domain-lookup ip routing ! interface Ethernet 0 ip address 10.0.0.1 255.255.255.0 ip nat inside no shutdown ! interface Serial 0 shutdown no description no ip address ! interface Serial 1 shutdown no description no ip address ! interface bri 0 ip address negotiated ip nat outside encapsulation ppp ppp authentication pap callin ppp multilink dialer-group 1 dialer hold-queue 10 dialer string 2633 dialer idle-timeout 120 ppp pap sent-username 263 password 263 no cdp enable no ip split-horizon no shutdown ! ip classless ! ! Static Routes ! ip route 0.0.0.0 0.0.0.0 bri 0 ! ! Access Control List 2 ! access-list 2 permit any ! dialer-list 1 protocol ip permit ! ! Dynamic NAT ! ip nat inside source list 2 interface bri 0 overload snmp-server community public ro ! line console 0 exec-timeout 0 0 ! line vty 0 4 ! end 5. Cisco765M通过ISDN拨号上263 由于Cisco765的设置命令与我们常用的Cisco路由器的命令不同,所以以下列举了通过Cisco765上263访问Internet的具体命令行设置步骤。 >set system c765 c765> set multidestination on c765> set switch net3 c765> set ppp multilink on c765> cd lan c765:LAN> set ip routing on c765:LAN> set ip address 10.0.0.1 c765:LAN> set ip netmask 255.0.0.0 c765:LAN> set briding off c765:LAN>cd c765> set user remotenet New user remotenet being created c765:remotenet> set ip routing on c765:remotenet> set bridging off c765:remotenet> set ip framing none c765:remotenet> set ppp clientname 263 c765:remotenet> set ppp password client Enter new Password: 263 Re-Type new Password: 263 c765:remotenet> set ppp authentication out none c765:remotenet> set ip address 0.0.0.0 c765:remotenet> set ip netmask 0.0.0.0 c765:remotenet> set ppp address negotiation local on c765:remotenet> set ip pat on c765:remotenet> set ip route destination 0.0.0.0/0 gateway 0.0.0.0 c765:remotenet> set number 2633 c765:remotenet> set active 命令描述如下: 任务 命令 设置路由器系统名称 set system c765 允许路由器呼叫多个目的地 set multidestination on 设置ISDN交换机类型为NET3 set switch net3 允许点到点间多条通道连接实现负载均衡 set ppp multilink on 关掉桥接 set briding off 建立用户预制文件用于设置拨号连接参数- 可以设置多个用户预制文件用于相同的物理端口对应于不同的连接。 set user remotenet 使用PPP/IPCP set ip framing none 设置上网用户帐号 set ppp clientname 263 设置上网口令 set ppp password client Enter new Password: 263 Re-Type new Password: 263 不用PPP/CHAP或PAP做认证 set ppp authentication out none 允许地址磋商 set ppp address negotiation local on 设置地址翻译 set ip pat on 设置默认路由 set ip route destination 0.0.0.0/0 gateway 0.0.0.0 设置ISP的电话号码 set number 2633 激活用户预制文件 set active   返回目录   六、PSTN   电话网络(PSTN)是目前普及程度最高、成本最低的公用通讯网络,它在网络互连中也有广泛的应用。电话网络的应用一般可分为两种类型,一种是同等级别机构之间以按需拨号(DDR)的方式实现互连,一种是ISP为拨号上网为用户提供的远程访问服务的功能。 1. 远程访问 1.1.Access Server基本设置: 选用Cisco2511作为访问服务器,采用IP地址池动态分配地址.远程工作站使用WIN95拨号网络实现连接。 全局设置: 任务 命令 设置用户名和密码 username username password password 设置用户的IP地址池 ip local pool {default | pool-name low-ip-address [high-ip-address]} 指定地址池的工作方式 ip address-pool [dhcp-proxy-client | local] 基本接口设置命令: 任务 命令 设置封装形式为PPP encapsulation ppp 启动异步口的路由功能 async default routing 设置异步口的PPP工作方式 async mode {dedicated | interactive} 设置用户的IP地址 peer default ip address {ip-address | dhcp | pool [pool-name]} 设置IP地址与Ethernet0相同 ip unnumbered ethernet0 line拨号线设置: 任务 命令 设置modem的工作方式 modem {inout|dialin} 自动配置modem类型 modem autoconfig discovery 设置拨号线的通讯速率 speed speed 设置通讯线路的流控方式 flowcontrol {none | software [lock] [in | out] | hardware [in | out]} 连通后自动执行命令 autocommand command 访问服务器设置如下: Router: hostname Router enable secret 5 $1$EFqU$tYLJLrynNUKzE4bx6fmH// ! interface Ethernet0 ip address 10.111.4.20 255.255.255.0 ! interface Async1 ip unnumbered Ethernet0 encapsulation ppp keepalive 10 async mode interactive peer default ip address pool Cisco2511-Group-142 ! ip local pool Cisco2511-Group-142 10.111.4.21 10.111.4.36 ! line con 0 exec-timeout 0 0 password cisco ! line 1 16 modem InOut modem autoconfigure discovery flowcontrol hardware ! line aux 0 transport input all line vty 0 4 password cisco ! end 相关调试命令: show interface show line 1.2. Access Server通过Tacacs服务器实现安全认证: 使用一台WINDOWS NT服务器作为Tacacs服务器,地址为10.111.4.2,运行Cisco2511随机带的Easy ACS 1.0软件实现用户认证功能. 相关设置: 任务 命令 激活AAA访问控制 aaa new-model 用户登录时默认起用Tacacs+做AAA认证 aaa authentication login default tacacs+ 列表名为no_tacacs使用ENABLE口令做认证 aaa authentication login no_tacacs enable 在运行PPP的串行线上采用Tacacs+做认证 aaa authentication ppp default tacacs+ 由TACACS+服务器授权运行EXEC aaa authorization exec tacacs+ 由TACACS+服务器授权与网络相关的服务请求。 aaa authorization network tacacs+ 为EXEC会话运行记帐.进程开始和结束时发通告给TACACS+服务器。 aaa accounting exec start-stop tacacs+ 为与网络相关的服务需求运行记帐包括SLIP,PPP,PPP NCPs,ARAP等.在进程开始和结束时发通告给TACACS+服务器。 aaa accounting network start-stop tacacs+ 指定Tacacs服务器地址 tacacs-server host 10.111.4.2 在Tacacs+服务器和访问服务器设定共享的关键字,访问服务器和Tacacs+服务器使用这个关键字去加密口令和响应信息。这里使用tac作为关键字。 tacacs-server key tac 访问服务器设置如下: hostname router ! aaa new-model aaa authentication login default tacacs+ aaa authentication login no_tacacs enable aaa authentication ppp default tacacs+ aaa authorization exec tacacs+ aaa authorization network tacacs+ aaa accounting exec start-stop tacacs+ aaa accounting network start-stop tacacs+ enable secret 5 $1$kN4g$CvS4d2.rJzWntCnn/0hvE0 ! interface Ethernet0 ip address 10.111.4.20 255.255.255.0 ! interface Serial0 no ip address shutdown interface Serial1 no ip address shutdown ! interface Group-Async1 ip unnumbered Ethernet0 encapsulation ppp async mode interactive peer default ip address pool Cisco2511-Group-142 no cdp enable group-range 1 16 ! ip local pool Cisco2511-Group-142 10.111.4.21 10.111.4.36 tacacs-server host 10.111.4.2 tacacs-server key tac ! line con 0 exec-timeout 0 0 password cisco login authentication no_tacacs line 1 16 login authentication tacacs modem InOut modem autoconfigure type usr_courier autocommand ppp transport input all stopbits 1 rxspeed 115200 txspeed 115200 flowcontrol hardware line aux 0 transport input all line vty 0 4 password cisco ! end 2. DDR(dial-on-demand routing)实例 此例通过Cisco 2500系列路由器的aux端口实现异步拨号DDR连接。Router1拨号连接到Router2。其中采用PPP/CHAP做安全认证,在Router1中应建立一个用户,以对端路由器主机名作为用户名,即用户名应为Router2。同时在Router2中应建立一个用户,以对端路由器主机名作为用户名,即用户名应为Router1。所建的这两用户的password必须相同。 相关命令如下: 任务 命令 设置路由器与modem的接口指令 chat-script script-name EXPECT SEND EXPECT SEND (etc.) 设置端口在挂断前的等待时间 dialer idle-timeout seconds 设置协议地址与电话号码的映射 dialer map protocol next-hop-address [name hostname] [broadcast] [modem-script modem-regexp] [system-script system-regexp] [dial-string] 设置电话号码 dialer string dial-string 指定在特定线路下路由器默认 使用的chat-script script {dialer|reset} script-name Router1: hostname Router1 ! enable secret 5 $1$QKI7$wXjpFqC74vDAyKBUMallw/ ! username Router2 password cisco chat-script cisco-default "" "AT" TIMEOUT 30 OK "ATDT \T" TIMEOUT 30 CONNECT \c ! interface Ethernet0 ip address 10.0.0.1 255.255.255.0 ! interface Async1 ip address 192.200.10.1 255.255.255.0 encapsulation ppp async default routing async mode dedicated dialer in-band dialer idle-timeout 60 dialer map ip 192.200.10.2 name Router2 modem-script cisco-default 573 dialer-group 1 ppp authentication chap ! ip route 10.0.1.0 255.255.255.0 192.200.10.2 dialer-list 1 protocol ip permit ! line con 0 line aux 0 modem InOut modem autoconfigure discovery flowcontrol hardware Router2: hostname Router2 ! enable secret 5 $1$F6EV$5U8puzNt2/o9g.t56PXHo. ! username Router1 password cisco ! interface Ethernet0 ip address 10.0.1.1 255.255.255.0 ! interface Async1 ip address 192.200.10.2 255.255.255.0 encapsulation ppp async default routing async mode dedicated dialer in-band dialer idle-timeout 60 dialer map ip 192.200.10.1 name Router1 dialer-group 1 ppp authentication chap ! ip route 10.0.0.0 255.255.255.0 192.200.10.1 dialer-list 1 protocol ip permit ! line con 0 line aux 0 modem InOut modem autoconfigure discovery flowcontrol hardware ! 相关调试命令: debug dialer debug ppp authentication debug ppp error debug ppp negotiation debug ppp packet show dialer 3. 异步拨号备份DDN专线: 此例主连接采用DDN专线,备份线路为电话拨号。当DDN专线连接正常时,主端口S0状态为up,line protocol亦为up,则备份线路状态为standby,line protocol为down,此时所有通信均通过主接口进行。当主接口连接发生故障时,端口状态为down,则激活备份接口,完成数据通信。此方法不适合为X.25做备份。因为,配置封装为X.25的接口只要和X.25交换机之间的连接正常其接口及line protocol的状态亦为 up,它并不考虑其它地方需与之通信的路由器的状态如何,所以若本地路由器状态正常,而对方路由器连接即使发生故障,本地也不会激活备份线路。例4将会描述如何为X.25做拨号备份。 以下是相关命令: 任务 命令 指定主线路改变后,次线路状态发生改变的延迟时间 backup delay {enable-delay | never} {disable-delay | never} 指定一个接口作为备份接口 backup interface type number hostname c2522rb ! enable secret 5 $1$J5vn$ceYDe2FwPhrZi6qsIIz6g0 enable password cisco ! username c4700 password 0 cisco ip subnet-zero chat-script cisco-default "" "AT" TIMEOUT 30 OK "ATDT \T" TIMEOUT 30 CONNECT \c chat-script reset atz ! interface Ethernet0 ip address 16.122.51.254 255.255.255.0 no ip mroute-cache ! interface Serial0 backup delay 10 10 backup interface Serial2 ip address 16.250.123.18 255.255.255.252 no ip mroute-cache no fair-queue ! interface Serial1 no ip address no ip mroute-cache shutdown ! interface Serial2 physical-layer async ip address 16.249.123.18 255.255.255.252 encapsulation ppp async mode dedicated dialer in-band dialer idle-timeout 60 dialer map ip 16.249.123.17 name c4700 6825179 dialer-group 1 ppp authentication chap ! interface Serial3 no ip address shutdown no cdp enable ! interface Serial4 no ip address shutdown no cdp enable ! interface Serial5 no ip address no ip mroute-cache shutdown ! interface Serial6 no ip address no ip mroute-cache shutdown ! interface Serial7 no ip address no ip mroute-cache shutdown ! interface Serial8 no ip address no ip mroute-cache shutdown ! interface Serial9 no ip address no ip mroute-cache shutdown ! interface BRI0 no ip address no ip mroute-cache shutdown ! router eigrp 200 network 16.0.0.0 ! ip classless ! dialer-list 1 protocol ip permit ! line con 0 line 2 script dialer cisco-default script reset reset modem InOut modem autoconfigure discovery rxspeed 38400 txspeed 38400 flowcontrol hardware line aux 0 line vty 0 4 password cisco login ! end c2522rb# 4. 异步拨号备份X.25: 设置X.25的拨号备份,首先X.25连接的端口必须运行动态路由协议,异步拨号口必须使用静态路由.本例选择EIGRP作为路由选择协议,将静态路由的Metric的值设置为200,由于EIGRP的默认Metric为90,所以当同时有两条路径通往同一网段时,其中Metric值小的路径生效,而当X.25连接出现问题时,路由器无法通过路由协议学习到路由表,则此时静态路由生效,访问通过拨号端口实现。当X.25连接恢复正常时,路由器又可以学习到路由表,则由于 Metric值的不同,静态路由自动被动态路由所代替,这样就实现了备份的功能。 路由器Router1配置如下: hostname router1 ! enable secret 5 $1$UTvD$99YiY2XsRMxHudcYeHn.Y. enable password cisco ! username router2 password cisco ip subnet-zero chat-script cisco-default "" "AT" TIMEOUT 30 OK "ATDT \T" TIMEOUT 30 CONNECT \c chat-script reset atz interface Ethernet0 ip address 202.96.38.100 255.255.255.0 ! interface Serial0 ip address 202.96.0.1 255.255.255.0 encapsulation x25 x25 address 10112227 x25 htc 16 x25 map ip 202.96.0.2 10112225 broadcast ! interface Serial1 no ip address shutdown ! ! interface Async 1 ip address 202.96.1.1 255.255.255.252 encapsulation ppp dialer in-band dialer idle-timeout 60 dialer map ip 202.96.1.2 name router2 modem-script cisco-default 2113470 dialer-group 1 ppp authentication chap ! router eigrp 200 redistribute connected network 202.96.0.0 ! ip route 202.96.37.0 255.255.255.0 202.96.1.2 200 dialer-list 1 protocol ip permit line con 0 line aux 0 script dialer cisco-default script reset reset modem InOut modem autoconfigure discovery transport input all rxspeed 38400 txspeed 38400 flowcontrol hardware line vty 0 4 password cisco login ! end 路由器Router2配置如下: hostname router2 ! enable secret 5 $1$T4IU$2cIqak8f/E4Ug6dLT0k.J0 enable password cisco ! username router1 password cisco ip subnet-zero chat-script cisco-default "" "AT" TIMEOUT 30 OK "ATDT \T" TIMEOUT 30 CONNECT \c chat-script reset atz ! interface Ethernet0 ip address 202.96.37.100 255.255.255.0 ! interface Serial0 ip address 202.96.0.2 255.255.255.0 no ip mroute-cache encapsulation x25 x25 address 10112225 x25 htc 16 x25 map ip 202.96.0.1 10112227 broadcast ! interface Serial1 no ip address shutdown ! interface Async1 ip address 202.96.1.2 255.255.255.252 encapsulation ppp keepalive 30 async default routing async mode dedicated dialer in-band dialer idle-timeout 60 dialer wait-for-carrier-time 120 dialer map ip 202.96.1.1 name router1 modem-script cisco-default 2113469 dialer-group 1 ppp authentication chap ! router eigrp 200 redistribute static network 202.96.0.0 ! no ip classless ip route 202.96.38.0 255.255.255.0 202.96.1.1 200 dialer-list 1 protocol ip permit ! line con 0 exec-timeout 0 0 line aux 0 script reset reset modem InOut modem autoconfigure discovery transport input all rxspeed 38400 txspeed 38400 flowcontrol hardware line vty 0 4 password cisco login ! end   路由协议: 一、RIP协议   RIP(Routing information Protocol)是应用较早、使用较普遍的内部网关协议(Interior Gateway Protocol,简称IGP),适用于小型同类网络,是典型的距离向量(distance-vector)协议。文档见RFC1058、RFC1723。 RIP通过广播UDP报文来交换路由信息,每30秒发送一次路由信息更新。RIP提供跳跃计数(hop count)作为尺度来衡量路由距离,跳跃计数是一个包到达目标所必须经过的路由器的数目。如果到相同目标有二个不等速或不同带宽的路由器,但跳跃计数相同,则RIP认为两个路由是等距离的。RIP最多支持的跳数为15,即在源和目的网间所要经过的最多路由器的数目为15,跳数16表示不可达。 1. 有关命令 任务 命令 指定使用RIP协议 router rip 指定RIP版本 version {1|2}1 指定与该路由器相连的网络 network network 注:1.Cisco的RIP版本2支持验证、密钥管理、路由汇总、无类域间路由(CIDR)和变长子网掩码(VLSMs) 2. 举例 Router1: router rip version 2 network 192.200.10.0 network 192.20.10.0 ! 相关调试命令: show ip protocol show ip route   返回目录   二、IGRP协议   IGRP (Interior Gateway Routing Protocol)是一种动态距离向量路由协议,它由Cisco公司八十年代中期设计。使用组合用户配置尺度,包括延迟、带宽、可靠性和负载。 缺省情况下,IGRP每90秒发送一次路由更新广播,在3个更新周期内(即270秒),没有从路由中的第一个路由器接收到更新,则宣布路由不可访问。在7个更新周期即630秒后,Cisco IOS 软件从路由表中清除路由。 1. 有关命令 任务 命令 指定使用RIP协议 router igrp autonomous-system1 指定与该路由器相连的网络 network network 指定与该路由器相邻的节点地址 neighbor ip-address 注:1、autonomous-system可以随意建立,并非实际意义上的autonomous-system,但运行IGRP的路由器要想交换路由更新信息其autonomous-system需相同。 2.举例 Router1: router igrp 200 network 192.200.10.0 network 192.20.10.0 ! 三、OSPF协议   OSPF(Open Shortest Path First)是一个内部网关协议(Interior Gateway Protocol,简称IGP),用于在单一自治系统(autonomous system,AS)内决策路由。与RIP相对,OSPF是链路状态路有协议,而RIP是距离向量路由协议。 链路是路由器接口的另一种说法,因此OSPF也称为接口状态路由协议。OSPF通过路由器之间通告网络接口的状态来建立链路状态数据库,生成最短路径树,每个OSPF路由器使用这些最短路径构造路由表。 文档见RFC2178。 1.有关命令 全局设置 任务 命令 指定使用OSPF协议 router ospf process-id1 指定与该路由器相连的网络 network address wildcard-mask area area-id2 指定与该路由器相邻的节点地址 neighbor ip-address 注:1、OSPF路由进程process-id必须指定范围在1-65535,多个OSPF进程可以在同一个路由器上配置,但最好不这样做。多个OSPF进程需要多个OSPF数据库的副本,必须运行多个最短路径算法的副本。process-id只在路由器内部起作用,不同路由器的process-id可以不同。 2、wildcard-mask 是子网掩码的反码, 网络区域ID area-id在0-4294967295内的十进制数,也可以是带有IP地址格式的x.x.x.x。当网络区域ID为0或0.0.0.0时为主干域。不同网络区域的路由器通过主干域学习路由信息。 2.基本配置举例: Router1: interface ethernet 0 ip address 192.1.0.129 255.255.255.192 ! interface serial 0 ip address 192.200.10.5 255.255.255.252 ! router ospf 100 network 192.200.10.4 0.0.0.3 area 0 network 192.1.0.128 0.0.0.63 area 1 ! Router2: interface ethernet 0 ip address 192.1.0.65 255.255.255.192 ! interface serial 0 ip address 192.200.10.6 255.255.255.252 ! router ospf 200 network 192.200.10.4 0.0.0.3 area 0 network 192.1.0.64 0.0.0.63 area 2 ! Router3: interface ethernet 0 ip address 192.1.0.130 255.255.255.192 ! router ospf 300 network 192.1.0.128 0.0.0.63 area 1 ! Router4: interface ethernet 0 ip address 192.1.0.66 255.255.255.192 ! router ospf 400 network 192.1.0.64 0.0.0.63 area 1 ! 相关调试命令: debug ip ospf events debug ip ospf packet show ip ospf show ip ospf database show ip ospf interface show ip ospf neighbor show ip route 3. 使用身份验证 为了安全的原因,我们可以在相同OSPF区域的路由器上启用身份验证的功能,只有经过身份验证的同一区域的路由器才能互相通告路由信息。 在默认情况下OSPF不使用区域验证。通过两种方法可启用身份验证功能,纯文本身份验证和消息摘要(md5)身份验证。纯文本身份验证传送的身份验证口令为纯文本,它会被网络探测器确定,所以不安全,不建议使用。而消息摘要(md5)身份验证在传输身份验证口令前,要对口令进行加密,所以一般建议使用此种方法进行身份验证。 使用身份验证时,区域内所有的路由器接口必须使用相同的身份验证方法。为起用身份验证,必须在路由器接口配置模式下,为区域的每个路由器接口配置口令。 任务 命令 指定身份验证 area area-id authentication [message-digest] 使用纯文本身份验证 ip ospf authentication-key password 使用消息摘要(md5)身份验证 ip ospf message-digest-key keyid md5 key 以下列举两种验证设置的示例,示例的网络分布及地址分配环境与以上基本配置举例相同,只是在Router1和Router2的区域0上使用了身份验证的功能。: 例1.使用纯文本身份验证 Router1: interface ethernet 0 ip address 192.1.0.129 255.255.255.192 ! interface serial 0 ip address 192.200.10.5 255.255.255.252 ip ospf authentication-key cisco ! router ospf 100 network 192.200.10.4 0.0.0.3 area 0 network 192.1.0.128 0.0.0.63 area 1 area 0 authentication ! Router2: interface ethernet 0 ip address 192.1.0.65 255.255.255.192 ! interface serial 0 ip address 192.200.10.6 255.255.255.252 ip ospf authentication-key cisco ! router ospf 200 network 192.200.10.4 0.0.0.3 area 0 network 192.1.0.64 0.0.0.63 area 2 area 0 authentication ! 例2.消息摘要(md5)身份验证: Router1: interface ethernet 0 ip address 192.1.0.129 255.255.255.192 ! interface serial 0 ip address 192.200.10.5 255.255.255.252 ip ospf message-digest-key 1 md5 cisco ! router ospf 100 network 192.200.10.4 0.0.0.3 area 0 network 192.1.0.128 0.0.0.63 area 1 area 0 authentication message-digest ! Router2: interface ethernet 0 ip address 192.1.0.65 255.255.255.192 ! interface serial 0 ip address 192.200.10.6 255.255.255.252 ip ospf message-digest-key 1 md5 cisco ! router ospf 200 network 192.200.10.4 0.0.0.3 area 0 network 192.1.0.64 0.0.0.63 area 2 area 0 authentication message-digest ! 相关调试命令: debug ip ospf adj debug ip ospf events   返回目录   四、重新分配路由   在实际工作中,我们会遇到使用多个IP路由协议的网络。为了使整个网络正常地工作,必须在多个路由协议之间进行成功的路由再分配。 以下列举了OSPF与RIP之间重新分配路由的设置范例: Router1的Serial 0端口和Router2的Serial 0端口运行OSPF,在Router1的Ethernet 0端口运行RIP 2,Router3运行RIP2,Router2有指向Router4的192.168.2.0/24网的静态路由,Router4使用默认静态路由。需要在Router1和Router3之间重新分配OSPF和RIP路由,在Router2上重新分配静态路由和直连的路由。 范例所涉及的命令 任务 命令 重新分配直连的路由 redistribute connected 重新分配静态路由 redistribute static 重新分配ospf路由 redistribute ospf process-id metric metric-value 重新分配rip路由 redistribute rip metric metric-value Router1: interface ethernet 0 ip address 192.168.1.1 255.255.255.0 ! interface serial 0 ip address 192.200.10.5 255.255.255.252 ! router ospf 100 redistribute rip metric 10 network 192.200.10.4 0.0.0.3 area 0 ! router rip version 2 redistribute ospf 100 metric 1 network 192.168.1.0 ! Router2: interface loopback 1 ip address 192.168.3.2 255.255.255.0 ! interface ethernet 0 ip address 192.168.0.2 255.255.255.0 ! interface serial 0 ip address 192.200.10.6 255.255.255.252 ! router ospf 200 redistribute connected subnet redistribute static subnet network 192.200.10.4 0.0.0.3 area 0 ! ip route 192.168.2.0 255.255.255.0 192.168.0.1 ! Router3: interface ethernet 0 ip address 192.168.1.2 255.255.255.0 ! router rip version 2 network 192.168.1.0 ! Router4: interface ethernet 0 ip address 192.168.0.1 255.255.255.0 ! interface ethernet 1 ip address 192.168.2.1 255.255.255.0 ! ip route 0.0.0.0 0.0.0.0 192.168.0.2 !   五、IPX协议设置   IPX协议与IP协议是两种不同的网络层协议,它们的路由协议也不一样,IPX的路由协议不象IP的路由协议那样丰富,所以设置起来比较简单。但IPX协议在以太网上运行时必须指定封装形式。 1. 有关命令 启动IPX路由 ipx routing 设置IPX网络及以太网封装形式 ipx network network [encapsulation encapsulation-type]1 指定路由协议,默认为RIP ipx router {eigrp autonomous-system-number | nlsp [tag] | rip} 注:1.network 范围是1 到FFFFFFFD. IPX封装类型列表 接口类型 封装类型 IPX帧类型 Ethernet novell-ether (默认) arpa sap snap Ethernet_802.3 Ethernet_II Ethernet_802.2 Ethernet_Snap Token Ring sap (默认) snap Token-Ring Token-Ring_Snap FDDI snap (默认) sap novell-fddi Fddi_Snap Fddi_802.2 Fddi_Raw 举例: 在此例中,WAN的IPX网络为3a00,Router1所连接的局域网IPX网络号为2a00,在此局域网有一台Novell服务器,IPX网络号也是2a00, 路由器接口的IPX网络号必须与在同一网络的Novell服务器上设置的IPX网络号相同。路由器通过监听SAP来建立已知的服务及自己的网络地址表,并每60秒发送一次自己的SAP表。 Router1: ipx routing interface ethernet 0 ipx network 2a00 encapsulation sap ! interface serial 0 ipx network 3a00 ! ipx router eigrp 10 network 3a00 network 2a00 ! Router2: ipx routing interface ethernet 0 ipx network 2b00 encapsulation sap ! interface serial 0 ipx network 3a00 ! ipx router eigrp 10 network 2b00 network 3a00 ! 相关调试命令: debug ipx packet debug ipx routing debug ipx sap debug ipx spoof debug ipx spx show ipx eigrp interfaces show ipx eigrp neighbors show ipx eigrp topology show ipx interface show ipx route show ipx servers show ipx spx-spoof   五、IPX协议设置   IPX协议与IP协议是两种不同的网络层协议,它们的路由协议也不一样,IPX的路由协议不象IP的路由协议那样丰富,所以设置起来比较简单。但IPX协议在以太网上运行时必须指定封装形式。 1. 有关命令 启动IPX路由 ipx routing 设置IPX网络及以太网封装形式 ipx network network [encapsulation encapsulation-type]1 指定路由协议,默认为RIP ipx router {eigrp autonomous-system-number | nlsp [tag] | rip} 注:1.network 范围是1 到FFFFFFFD. IPX封装类型列表 接口类型 封装类型 IPX帧类型 Ethernet novell-ether (默认) arpa sap snap Ethernet_802.3 Ethernet_II Ethernet_802.2 Ethernet_Snap Token Ring sap (默认) snap Token-Ring Token-Ring_Snap FDDI snap (默认) sap novell-fddi Fddi_Snap Fddi_802.2 Fddi_Raw 举例: 在此例中,WAN的IPX网络为3a00,Router1所连接的局域网IPX网络号为2a00,在此局域网有一台Novell服务器,IPX网络号也是2a00, 路由器接口的IPX网络号必须与在同一网络的Novell服务器上设置的IPX网络号相同。路由器通过监听SAP来建立已知的服务及自己的网络地址表,并每60秒发送一次自己的SAP表。 Router1: ipx routing interface ethernet 0 ipx network 2a00 encapsulation sap ! interface serial 0 ipx network 3a00 ! ipx router eigrp 10 network 3a00 network 2a00 ! Router2: ipx routing interface ethernet 0 ipx network 2b00 encapsulation sap ! interface ser
集合了 所有的 Unix命令大全 登陆服务器时输入 公帐号 openlab-open123 telnet 192.168.0.23 自己帐号 sd08077-you0 ftp工具 192.168.0.202 tools-toolss 老师测评网址 http://172.16.0.198:8080/poll/ 各个 shell 可互相切换 ksh:$ sh:$ csh:guangzhou% bash:bash-3.00$ 一、注意事项 命令和参数之间必需用空格隔开,参数和参数之间也必需用空格隔开。 一行不能超过256个字符;大小写有区分。 二、特殊字符含义 文件名以“.”开头的都是隐藏文件/目录,只需在文件/目录名前加“.”就可隐藏它。 ~/ 表示主目录。 ./ 当前目录(一个点)。 ../ 上一级目录(两个点)。 ; 多个命令一起用。 > >> 输出重定向 。将一个命令的输出内容写入到一个文件里面。如果该文件存在, 就将该文件的内容覆盖; 如果不存在就先创建该文件, 然后再写入内容。 输出重定向,意思就是说,将原来屏幕输出变为文件输出,即将内容输到文件中。 < << 输入重定向。 本来命令是通过键盘得到输入的,但是用小于号,就能够使命令从文件中得到输入。 \ 表示未写完,回车换行再继续。 * 匹配零个或者多个字符。 ? 匹配一个字符。 [] 匹配中括号里的内容[a-z][A-Z][0-9]。 ! 事件。 $ 取环境变量的值。 | 管道。把前一命令的输出作为后一命令的输入,把几个命令连接起来。 |经常跟tee连用,tee 把内容保存到文档并显示出来。 三、通用后接命令符 -a 所有(all)。 -e 所有(every),比a更详细。 -f 取消保护。 -i 添加提示。 -p 强制执行。 -r 目录管理。 分屏显示的中途操作 空格 继续打开下一屏; 回车 继续打开下一行; b 另外开上一屏; f 另外开下一屏; h 帮助; q或Ctrl+C 退出; /字符串 从上往下查找匹配的字符串; ?字符串 从下往上查找匹配的字符串; n 继续查找。 四、退出命令 exit 退出; DOS内部命令 用于退出当前的命令处理器(COMMAND.COM) 恢复前一个命令处理器。 Ctrl+d 跟exit一样效果,表中止本次操作。 logout 当csh时可用来退出,其他shell不可用。 clear 清屏,清除(之前的内容并未删除,只是没看到,拉回上面可以看回)。 五、目录管理命令 pwd 显示当前所在目录,打印当前目录的绝对路径。 cd 进入某目录,DOS内部命令 显示或改变当前目录。 cd回车/cd ~ 都是回到自己的主目录。 cd . 当前目录(空格再加一个点)。 cd .. 回到上一级目录(空格再加两个点)。 cd ../.. 向上两级。 cd /user/s0807 从绝对路径去到某目录。 cd ~/s0807 直接进入主目录下的某目录(“cd ~"相当于主目录的路径的简写)。 ls 显示当前目录的所有目录和文件。 用法 ls [-aAbcCdeEfFghHilLmnopqrRstux1@] [file...] ls /etc/ 显示某目录下的所有文件和目录,如etc目录下的。 ls -l (list)列表显示文件(默认按文件名排序), 显示文件的权限、硬链接数(即包含文件数,普通文件是1,目录1+)、用户、组名、大小、修改日期、文件名。 ls -t (time)按修改时间排序,显示目录和文件。 ls -lt 是“-l”和“-t”的组合,按时间顺序显示列表。 ls -F 显示文件类型,目录“/ ”结尾;可执行文件“*”结尾;文本文件(none),没有结尾。 ls -R 递归显示目录结构。即该目录下的文件和各个副目录下的文件都一一显示。 ls -a 显示所有文件,包括隐藏文件。 文件权限 r 读权限。对普通文件来说,是读取该文件的权限;对目录来说,是获得该目录下的文件信息。 w 写权限。对文件,是修改;对目录,是增删文件与子目录。 (注 删除没有写权限的文件可以用 rm -f ,这是为了操作方便,是人性化的设计)。 x 执行权限;对目录,是进入该目录 - 表示没有权限 形式 - rw- r-- r-- 其中 第一个是文件类型(-表普通文件,d表目录,l表软链接文件) 第2~4个是属主,生成文件时登录的人,权限最高,用u表示 第5~7个是属组,系统管理员分配的同组的一个或几个人,用g表示 第8~10个是其他人,除属组外的人,用o表示 所有人,包括属主、属组及其他人,用a表示 chmod 更改权限; 用法 chmod [-fR] <绝对模式> 文件 ... chmod [-fR] <符号模式列表> 文件 ... 其中 <符号模式列表> 是一个用逗号分隔的表 [ugoa]{+|-|=}[rwxXlstugo] chmod u+rw 给用户加权限。同理,u-rw也可以减权限。 chmod u=rw 给用户赋权限。与加权限不一样,赋权限有覆盖的效果。 主要形式有如下几种 chmod u+rw chmod u=rw chmod u+r, u+w chmod u+rw,g+w, o+r chmod 777( 用数字的方式设置权限是最常用的) 数字表示权限时,各数位分别表示属主、属组及其他人; 其中,1是执行权(Execute),2是写权限(Write),4是读权限(Read), 具体权限相当于三种权限的数相加,如7=1+2+4,即拥有读写和执行权。 另外,临时文件/目录的权限为rwt,可写却不可删,关机后自动删除;建临时目录:chmod 777 目录名,再chmod +t 目录名。 id 显示用户有效的uid(用户字)和gid(组名) 用法 id [-ap] [user] id 显示自己的。 id root 显示root的。 id -a root 显示用户所在组的所有组名(如root用户,是所有组的组员) df 查看文件系统,查看数据区 用法 df [-F FSType] [-abeghklntVvZ] [-o FSType 特定选项] [目录 | 块设备 | 资源] df -k 以kbytes显示文件大小的查看文件系统方式 六、显示文件内容 more 分屏显示文件的内容。 用法 more [-cdflrsuw] [-行] [+行号] [+/模式] [文件名 ...]。 显示7个信息:用户名 密码 用户id(uid) 组id(gid) 描述信息(一般为空) 用户主目录 login shell(登录shell) cat 显示文件内容,不分屏(一般用在小文件,大文件显示不下);合并文件,仅在屏幕上合并,并不改变原文件。 用法 cat [ -usvtebn ] [-|文件] ... tail 实时监控文件,一般用在日志文件,可以只看其中的几行。 用法 tail [+/-[n][lbc][f]] [文件] tail [+/-[n][l][r|f]] [文件] 七、文件/目录的增删 echo 显示一行内容。 touch 如果文件/目录不存在,则创建新文件/目录;如果文件存在,那么就是更新该文件的最后访问时间, 用法 touch [-acm] [-r ref_file] 文件... touch [-acm] [MMDDhhmm[yy]] 文件... touch [-acm] [-t [[CC]YY]MMDDhhmm[.SS]] file... mkdir 创建目录(必须有创建目录的权限) 用法 mkdir [-m 模式] [-p] dirname ... mkdir dir1/dir2 在dir1下建dir2 mkdir dir13 dir4 dir5 连建多个 mkdir ~/games 用户主目录下建(默认在当前目录下创建) mkdir -p dir6/dir7/dir8 强制创建dir8;若没有前面的目录,会自动创建dir6和dir7。 不用-p时,若没有dir6/dir7,则创建失败。 cp 复制文件/目录 cp 源文件 目标文件 复制文件;若已有文件则覆盖 cp -r 源目录 目标目录 复制目录;若已有目录则把源目录复制到目标目录下, 没有目标目录时,相当于完全复制源目录,只是文件名不同。 cp beans apple dir2 把beans、apple文件复制到dir2目录下 cp -i beans apple 增加是否覆盖的提示 mv 移动或重命名文件/目录 用法 mv [-f] [-i] f1 f2 mv [-f] [-i] f1 ... fn d1 mv [-f] [-i] d1 d2 mv 源文件名 目标文件名 若目标文件名还没有,则是源文件重命名为目标文件;若目标文件已存在,则源文件覆盖目标文件。 mv 源文件名 目标目录 移动文件 mv 源目录 目标目录 若目标目录不存在,则源目录重命名;若目标目录已存在,则源目录移动到目标目录下。 rm 删除文件/目录 用法 rm [-fiRr] 文件 ... rm 文件名 删除文件。 rm -r 目录名 删除目录。 rm –f 文件 只要是该文件或者目录的拥有者,无论是否有权限删除,都可以用这个命令参数强行删除。 rm -rf * 删除所有文件及目录 rmdir 删除空目录。只可以删除空目录。 ln 创建硬链接或软链接,硬链接=同一文件的多个名字;软链接=快捷方式 用法 ln [-f] [-n] [-s] f1 [f2] ln [-f] [-n] [-s] f1 ... fn d1 ln [-f] [-n] -s d1 d2 ln file1 file1.ln 创建硬链接。感觉是同一文件,删除一个,对另一个没有影响;须两个都删除才算删除。 ln -s file1 file1.sln 创建软链接。可跨系统操作,冲破操作权限;也是快捷方式。 八、时间显示 date 显示时间,精确到秒 用法 date [-u] mmddHHMM[[cc]yy][.SS] date [-u] [+format] date -a [-]sss[.fff] cal 显示日历 cal 9 2008 显示2008年9月的日历; cal 显示当月的 用法 cal [ [月] 年 ] 九、帮助 man 帮助( format and display the on-line manual pages) 用法 man [-] [-adFlrt] [-M 路径] [-T 宏软件包] [-s 段] 名称 ... man [-] [-adFlrt] [-M path] [-T macro-package] [-s section] name... man [-M 路径] -k 关键字 ... man [-M 路径] -f 文件 ... awk 按一定格式输出(pattern scanning and processing language) 用法 awk [-Fc] [-f 源代码 | 'cmds'] [文件] 十、vi 底行模式 /? 命令模式 i a o 输入模式 vi 的使用方法 1、光标 h 左 j 下 k 上 l 右 set nu 显示行号(set nonu) 21 光标停在指定行 21G 第N行 (G到文件尾,1G到文件头) 如果要将光标移动到文件第一行,那么就按 1G H 屏幕头 M 屏幕中间 L 屏幕底 ^ 或 shift+6 行首 $ 或 shift+4 行尾 Ctrl+f 下翻 Ctrl+b 上翻 2、输入 (输入模式) o 光标往下换一行 O (大写字母o)在光标所在行上插入一空行 i 在光标所在位置的前面插入字母 a 在光标所在位置的后面插入一个新字母 退出插入状态。 3、修改替换 r 替换一个字符 dd 删除行,剪切行 (5dd删除5行) 5,10d 删除 5 至 10 行(包括第 5行和第 10 行) x 删除一个字符 dw 删除词,剪切词。 ( 3dw删除 3 单词) cw 替换一个单词。 (cw 和 dw 的区别 cw 删除某一个单词后直接进入编辑模式,而dw删除词后仍处于命令模式) cc 替换一行 C 替换从光标到行尾 yy 复制行 (用法同下的 Y ,见下行) Y 将光标移动到要复制行位置,按yy。当你想粘贴的时候,请将光标移动到你想复制的位置的前一个位置,然后按 p yw 复制词 p 当前行下粘贴 1,2co3 复制行1,2在行3之后 4,5m6 移动行4,5在行6之后 u 当你的前一个命令操作是一个误操作的时候,那么可以按一下 u键,即可复原。只能撤销一次 r file2 在光标所在处插入另一个文件 ~ 将字母变成大写 J 可以将当前行与下一行连接起来 /字符串 从上往下找匹配的字符串 ?字符串 从下往上找匹配的字符串 n 继续查找 1,$s/旧串/新串/g 替换全文(或者 %s/旧串/新串/g) (1表示从第一行开始) 没有g则只替换一次,加g替换所有 3、存盘和退出 w 存盘 w newfile 存成新文件 wq 存盘再退出VI(或者ZZ或 X) q! 强行退出不存盘 查看用户 users 显示在线用户(仅显示用户名)。 who 显示在线用户,但比users更详细,包括用户名、终端号、登录时间、IP地址。 who am i 仅显示自己,(但包括用户名、端口、登录时间、IP地址;信息量=who)。 whoami 也仅显示自己,但只有用户名(仅显示自己的有效的用户名)。 w 显示比who更多内容,还包括闲置时间、占CPU、平均占用CPU、执行命令。 用法 w [ -hlsuw ] [ 用户 ] su 改变用户,需再输入密码。 用法 su [-] [ username [ arg ... ] ] su - 相当于退出再重新登录。 查找 find 查找文件 用法 find [-H | -L] 路径列表 谓词列表 find / -name perl 从根目录开始查找名为perl的文件。 find . -mtime 10 -print 从当前目录查找距离现在10天时修改的文件,显示在屏幕上。 (注 “10”表示第10天的时候;如果是“+10”表示10天以外的范围;“-10”表示10天以内的范围。) grep 文件中查找字符;有过滤功能,只列出想要的内容 用法 grep -hblcnsviw 模式 文件 . . . 如 grep abc /etc/passwd 在passwd文件下找abc字符 wc 统计 -l 统计行数; -w统计单词数; -c 统计字符数 如 grep wang /etc/passwd|wc -l 统计passwd文件含“wang”的行数 du 查看目录情况 如 du -sk * 不加-s会显示子目录,-k按千字节排序 用法 du [-a] [-d] [-h|-k] [-r] [-o|-s] [-H|-L] [文件...] 进程管理 ps 显示进程。 用法 ps [ -aAdeflcjLPyZ ] [ -o 格式 ] [ -t 项列表 ] [ -u 用户列表 ] [ -U 用户列表 ] [ -G 组列表 ] [ -p 进程列表 ] [ -g 程序组列表 ] [ -s 标识符列表 ] [ -z 区域列表 ] ps 显示自己的进程。 ps -e 显示每个进程,包括空闲进程。 ps -f 显示详情。 ps -ef 组合-e和-f,所有进程的详情。 ps -U uidlist(用户列表) 具体查看某人的进程。 kill pkill sleep jobs 用法 jobs [-l ] fg %n bg %n stop %n 挂起(仅csh能用) Ctrl+C Ctrl+Z 网络链接 ping usage ping host [timeout] usage ping -s [-l | U] [adLnRrv] [-A addr_family] [-c traffic_class] [-g gateway [-g gateway ...]] [-F flow_label] [-I interval] [-i interface] [-P tos] [-p port] [-t ttl] host [data_size] [npackets] ifconfig -a /sbin/ifconfig 查看本机的IP地址 netstat -rn rlogin ftp 帮助文件 [sd0807@localhost ~]$ help GNU bash, version 3.1.17(1)-release (i686-redhat-linux-gnu) These shell commands are defined internally. Type `help' to see this list. Type `help name' to find out more about the function `name'. Use `info bash' to find out more about the shell in general. Use `man -k' or `info' to find out more about commands not in this list. A star (*) next to a name means that the command is disabled. JOB_SPEC [&] (( expression )) . filename [arguments] [ arg... ] [[ expression ]] alias [-p] [name[=value] ... ] bg [job_spec ...] bind [-lpvsPVS] [-m keymap] [-f fi break [n] builtin [shell-builtin [arg ...]] caller [EXPR] case WORD in [PATTERN [| PATTERN]. cd [-L|-P] [dir] command [-pVv] command [arg ...] compgen [-abcdefgjksuv] [-o option complete [-abcdefgjksuv] [-pr] [-o continue [n] declare [-afFirtx] [-p] [name[=val dirs [-clpv] [+N] [-N] disown [-h] [-ar] [jobspec ...] echo [-neE] [arg ...] enable [-pnds] [-a] [-f filename] eval [arg ...] exec [-cl] [-a name] file [redirec exit [n] export [-nf] [name[=value] ...] or false fc [-e ename] [-nlr] [first] [last fg [job_spec] for NAME [in WORDS ... ;] do COMMA for (( exp1; exp2; exp3 )); do COM function NAME { COMMANDS ; } or NA getopts optstring name [arg] hash [-lr] [-p pathname] [-dt] [na help [-s] [pattern ...] history [-c] [-d offset] [n] or hi if COMMANDS; then COMMANDS; [ elif jobs [-lnprs] [jobspec ...] or job kill [-s sigspec | -n signum | -si let arg [arg ...] local name[=value] ... logout popd [+N | -N] [-n] printf [-v var] format [arguments] pushd [dir | +N | -N] [-n] pwd [-LP] read [-ers] [-u fd] [-t timeout] [ readonly [-af] [name[=value] ...] return [n] select NAME [in WORDS ... ;] do CO set [--abefhkmnptuvxBCHP] [-o option] [arg ...] shift [n] shopt [-pqsu] [-o long-option] opt source filename [arguments] suspend [-f] test [expr] time [-p] PIPELINE times trap [-lp] [arg signal_spec ...] true type [-afptP] name [name ...] typeset [-afFirtx] [-p] name[=valu ulimit [-SHacdfilmnpqstuvx] [limit umask [-p] [-S] [mode] unalias [-a] name [name ...] unset [-f] [-v] [name ...] until COMMANDS; do COMMANDS; done variables - Some variable names an wait [n] while COMMANDS; do COMMANDS; done { COMMANDS ; } 输入 man help BASH_BUILTINS(1) BASH_BUILTINS(1) NAME bash, :, ., [, alias, bg, bind, break, builtin, cd, command, compgen, complete, continue, declare, dirs, disown, echo, enable, eval, exec, exit, export, fc, fg, getopts, hash, help, history, jobs, kill, let, local, logout, popd, printf, pushd, pwd, read, readonly, return, set, shift, shopt, source, suspend, test, times, trap, type, typeset, ulimit, umask, una- lias, unset, wait - bash built-in commands, see bash(1) BASH BUILTIN COMMANDS Unless otherwise noted, each builtin command documented in this section as accepting options preceded by - accepts -- to signify the end of the options. For example, the :, true, false, and test builtins do not accept options. : [arguments] No effect; the command does nothing beyond expanding arguments and performing any specified redirections. A zero exit code is returned. . filename [arguments] source filename [arguments] Read and execute commands from filename in the current shell environment and return the exit status of the last command executed from filename. If filename does not contain a slash, file names in PATH are used to find the directory containing file- name. The file searched for in PATH need not be executable. When bash is not in posix mode, the current directory is searched if no file is found in PATH. If the sourcepath option to the shopt builtin command is turned off, the PATH is not searched. If any arguments are supplied, they become the positional parameters when filename is executed. Otherwise the positional parameters are unchanged. The return status is the status of the last command exited within the script (0 if no commands are executed), and false if filename is not found or cannot be read. alias [-p] [name[=value] ...] Alias with no arguments or with the -p option prints the list of aliases in the form alias name=value on standard output. When arguments are supplied, an alias is defined for each name whose value is given. A trailing space in value causes the next word to be checked for alias substitution when the alias is expanded. For each name in the argument list for which no value is supplied, the name and value of the alias is printed. Alias returns true unless a name is given for which no alias has been defined. bg [jobspec ...] Resume each suspended job jobspec in the background, as if it had been started with &. If jobspec is not present, the shell’s notion of the current job is used. bg jobspec returns 0 unless run when job control is disabled or, when run with job con- trol enabled, any specified jobspec was not found or was started without job control. bind [-m keymap] [-lpsvPSV] bind [-m keymap] [-q function] [-u function] [-r keyseq] bind [-m keymap] -f filename bind [-m keymap] -x keyseq:shell-command bind [-m keymap] keyseq:function-name bind readline-command Display current readline key and function bindings, bind a key sequence to a readline function or macro, or set a readline variable. Each non-option argument is a command as it would appear in .inputrc, but each binding or command must be passed as a sepa- rate argument; e.g., ’"\C-x\C-r": re-read-init-file’. Options, if supplied, have the following meanings: -m keymap Use keymap as the keymap to be affected by the subsequent bindings. Accept- able keymap names are emacs, emacs-standard, emacs-meta, emacs-ctlx, vi, vi-move, vi-command, and vi-insert. vi is equivalent to vi-command; emacs is equivalent to emacs-standard. -l List the names of all readline functions. -p Display readline function names and bindings in such a way that they can be re-read. -P List current readline function names and bindings. -v Display readline variable names and values in such a way that they can be re- read. -V List current readline variable names and values. -s Display readline key sequences bound to macros and the strings they output in such a way that they can be re-read. -S Display readline key sequences bound to macros and the strings they output. -f filename Read key bindings from filename. -q function Query about which keys invoke the named function. -u function Unbind all keys bound to the named function. -r keyseq Remove any current binding for keyseq. -x keyseq:shell-command Cause shell-command to be executed whenever keyseq is entered. The return value is 0 unless an unrecognized option is given or an error occurred. break [n] Exit from within a for, while, until, or select loop. If n is specified, break n levels. n must be ≥ 1. If n is greater than the number of enclosing loops, all enclosing loops are exited. The return value is 0 unless the shell is not executing a loop when break is executed. builtin shell-builtin [arguments] Execute the specified shell builtin, passing it arguments, and return its exit sta- tus. This is useful when defining a function whose name is the same as a shell builtin, retaining the functionality of the builtin within the function. The cd builtin is commonly redefined this way. The return status is false if shell-builtin is not a shell builtin command. cd [-L|-P] [dir] Change the current directory to dir. The variable HOME is the default dir. The variable CDPATH defines the search path for the directory containing dir. Alterna- tive directory names in CDPATH are separated by a colon (:). A null directory name in CDPATH is the same as the current directory, i.e., ‘‘.’’. If dir begins with a slash (/), then CDPATH is not used. The -P option says to use the physical directory structure instead of following symbolic links (see also the -P option to the set builtin command); the -L option forces symbolic links to be followed. An argument of - is equivalent to $OLDPWD. If a non-empty directory name from CDPATH is used, or if - is the first argument, and the directory change is successful, the absolute path- name of the new working directory is written to the standard output. The return value is true if the directory was successfully changed; false otherwise. caller [expr] Returns the context of any active subroutine call (a shell function or a script exe- cuted with the . or source builtins. Without expr, caller displays the line number and source filename of the current subroutine call. If a non-negative integer is supplied as expr, caller displays the line number, subroutine name, and source file corresponding to that position in the current execution call stack. This extra information may be used, for example, to print a stack trace. The current frame is frame 0. The return value is 0 unless the shell is not executing a subroutine call or expr does not correspond to a valid position in the call stack. command [-pVv] command [arg ...] Run command with args suppressing the normal shell function lookup. Only builtin com- mands or commands found in the PATH are executed. If the -p option is given, the search for command is performed using a default value for PATH that is guaranteed to find all of the standard utilities. If either the -V or -v option is supplied, a description of command is printed. The -v option causes a single word indicating the command or file name used to invoke command to be displayed; the -V option produces a more verbose description. If the -V or -v option is supplied, the exit status is 0 if command was found, and 1 if not. If neither option is supplied and an error occurred or command cannot be found, the exit status is 127. Otherwise, the exit status of the command builtin is the exit status of command. compgen [option] [word] Generate possible completion matches for word according to the options, which may be any option accepted by the complete builtin with the exception of -p and -r, and write the matches to the standard output. When using the -F or -C options, the vari- ous shell variables set by the programmable completion facilities, while available, will not have useful values. The matches will be generated in the same way as if the programmable completion code had generated them directly from a completion specification with the same flags. If word is specified, only those completions matching word will be displayed. The return value is true unless an invalid option is supplied, or no matches were generated. complete [-abcdefgjksuv] [-o comp-option] [-A action] [-G globpat] [-W wordlist] [-P prefix] [-S suffix] [-X filterpat] [-F function] [-C command] name [name ...] complete -pr [name ...] Specify how arguments to each name should be completed. If the -p option is sup- plied, or if no options are supplied, existing completion specifications are printed in a way that allows them to be reused as input. The -r option removes a completion specification for each name, or, if no names are supplied, all completion specifica- tions. The process of applying these completion specifications when word completion is attempted is described above under Programmable Completion. Other options, if specified, have the following meanings. The arguments to the -G, -W, and -X options (and, if necessary, the -P and -S options) should be quoted to protect them from expansion before the complete builtin is invoked. -o comp-option The comp-option controls several aspects of the compspec’s behavior beyond the simple generation of completions. comp-option may be one of: bashdefault Perform the rest of the default bash completions if the compspec gen- erates no matches. default Use readline’s default filename completion if the compspec generates no matches. dirnames Perform directory name completion if the compspec generates no matches. filenames Tell readline that the compspec generates filenames, so it can per- form any filename-specific processing (like adding a slash to direc- tory names or suppressing trailing spaces). Intended to be used with shell functions. nospace Tell readline not to append a space (the default) to words completed at the end of the line. plusdirs After any matches defined by the compspec are generated, directory name completion is attempted and any matches are added to the results of the other actions. -A action The action may be one of the following to generate a list of possible comple- tions: alias Alias names. May also be specified as -a. arrayvar Array variable names. binding Readline key binding names. builtin Names of shell builtin commands. May also be specified as -b. command Command names. May also be specified as -c. directory Directory names. May also be specified as -d. disabled Names of disabled shell builtins. enabled Names of enabled shell builtins. export Names of exported shell variables. May also be specified as -e. file File names. May also be specified as -f. function Names of shell functions. group Group names. May also be specified as -g. helptopic Help topics as accepted by the help builtin. hostname Hostnames, as taken from the file specified by the HOSTFILE shell variable. job Job names, if job control is active. May also be specified as -j. keyword Shell reserved words. May also be specified as -k. running Names of running jobs, if job control is active. service Service names. May also be specified as -s. setopt Valid arguments for the -o option to the set builtin. shopt Shell option names as accepted by the shopt builtin. signal Signal names. stopped Names of stopped jobs, if job control is active. user User names. May also be specified as -u. variable Names of all shell variables. May also be specified as -v. -G globpat The filename expansion pattern globpat is expanded to generate the possible completions. -W wordlist The wordlist is split using the characters in the IFS special variable as delimiters, and each resultant word is expanded. The possible completions are the members of the resultant list which match the word being completed. -C command command is executed in a subshell environment, and its output is used as the possible completions. -F function The shell function function is executed in the current shell environment. When it finishes, the possible completions are retrieved from the value of the COMPREPLY array variable. -X filterpat filterpat is a pattern as used for filename expansion. It is applied to the list of possible completions generated by the preceding options and argu- ments, and each completion matching filterpat is removed from the list. A leading ! in filterpat negates the pattern; in this case, any completion not matching filterpat is removed. -P prefix prefix is added at the beginning of each possible completion after all other options have been applied. -S suffix suffix is appended to each possible completion after all other options have been applied. The return value is true unless an invalid option is supplied, an option other than -p or -r is supplied without a name argument, an attempt is made to remove a comple- tion specification for a name for which no specification exists, or an error occurs adding a completion specification. continue [n] Resume the next iteration of the enclosing for, while, until, or select loop. If n is specified, resume at the nth enclosing loop. n must be ≥ 1. If n is greater than the number of enclosing loops, the last enclosing loop (the ‘‘top-level’’ loop) is resumed. The return value is 0 unless the shell is not executing a loop when con- tinue is executed. declare [-afFirtx] [-p] [name[=value] ...] typeset [-afFirtx] [-p] [name[=value] ...] Declare variables and/or give them attributes. If no names are given then display the values of variables. The -p option will display the attributes and values of each name. When -p is used, additional options are ignored. The -F option inhibits the display of function definitions; only the function name and attributes are printed. If the extdebug shell option is enabled using shopt, the source file name and line number where the function is defined are displayed as well. The -F option implies -f. The following options can be used to restrict output to variables with the specified attribute or to give variables attributes: -a Each name is an array variable (see Arrays above). -f Use function names only. -i The variable is treated as an integer; arithmetic evaluation (see ARITHMETIC EVALUATION ) is performed when the variable is assigned a value. -r Make names readonly. These names cannot then be assigned values by subsequent assignment statements or unset. -t Give each name the trace attribute. Traced functions inherit the DEBUG and RETURN traps from the calling shell. The trace attribute has no special mean- ing for variables. -x Mark names for export to subsequent commands via the environment. Using ‘+’ instead of ‘-’ turns off the attribute instead, with the exception that +a may not be used to destroy an array variable. When used in a function, makes each name local, as with the local command. If a variable name is followed by =value, the value of the variable is set to value. The return value is 0 unless an invalid option is encountered, an attempt is made to define a function using ‘‘-f foo=bar’’, an attempt is made to assign a value to a readonly variable, an attempt is made to assign a value to an array variable without using the compound assignment syntax (see Arrays above), one of the names is not a valid shell variable name, an attempt is made to turn off readonly status for a readonly variable, an attempt is made to turn off array status for an array variable, or an attempt is made to display a non-exis- tent function with -f. dirs [-clpv] [+n] [-n] Without options, displays the list of currently remembered directories. The default display is on a single line with directory names separated by spaces. Directories are added to the list with the pushd command; the popd command removes entries from the list. +n Displays the nth entry counting from the left of the list shown by dirs when invoked without options, starting with zero. -n Displays the nth entry counting from the right of the list shown by dirs when invoked without options, starting with zero. -c Clears the directory stack by deleting all of the entries. -l Produces a longer listing; the default listing format uses a tilde to denote the home directory. -p Print the directory stack with one entry per line. -v Print the directory stack with one entry per line, prefixing each entry with its index in the stack. The return value is 0 unless an invalid option is supplied or n indexes beyond the end of the directory stack. disown [-ar] [-h] [jobspec ...] Without options, each jobspec is removed from the table of active jobs. If the -h option is given, each jobspec is not removed from the table, but is marked so that SIGHUP is not sent to the job if the shell receives a SIGHUP. If no jobspec is present, and neither the -a nor the -r option is supplied, the current job is used. If no jobspec is supplied, the -a option means to remove or mark all jobs; the -r option without a jobspec argument restricts operation to running jobs. The return value is 0 unless a jobspec does not specify a valid job. echo [-neE] [arg ...] Output the args, separated by spaces, followed by a newline. The return status is always 0. If -n is specified, the trailing newline is suppressed. If the -e option is given, interpretation of the following backslash-escaped characters is enabled. The -E option disables the interpretation of these escape characters, even on systems where they are interpreted by default. The xpg_echo shell option may be used to dynamically determine whether or not echo expands these escape characters by default. echo does not interpret -- to mean the end of options. echo interprets the following escape sequences: \a alert (bell) \b backspace \c suppress trailing newline \e an escape character \f form feed \n new line \r carriage return \t horizontal tab \v vertical tab \\ backslash \0nnn the eight-bit character whose value is the octal value nnn (zero to three octal digits) \nnn the eight-bit character whose value is the octal value nnn (one to three octal digits) \xHH the eight-bit character whose value is the hexadecimal value HH (one or two hex digits) enable [-adnps] [-f filename] [name ...] Enable and disable builtin shell commands. Disabling a builtin allows a disk command which has the same name as a shell builtin to be executed without specifying a full pathname, even though the shell normally searches for builtins before disk commands. If -n is used, each name is disabled; otherwise, names are enabled. For example, to use the test binary found via the PATH instead of the shell builtin version, run ‘‘enable -n test’’. The -f option means to load the new builtin command name from shared object filename, on systems that support dynamic loading. The -d option will delete a builtin previously loaded with -f. If no name arguments are given, or if the -p option is supplied, a list of shell builtins is printed. With no other option arguments, the list consists of all enabled shell builtins. If -n is supplied, only disabled builtins are printed. If -a is supplied, the list printed includes all builtins, with an indication of whether or not each is enabled. If -s is supplied, the output is restricted to the POSIX special builtins. The return value is 0 unless a name is not a shell builtin or there is an error loading a new builtin from a shared object. eval [arg ...] The args are read and concatenated together into a single command. This command is then read and executed by the shell, and its exit status is returned as the value of eval. If there are no args, or only null arguments, eval returns 0. exec [-cl] [-a name] [command [arguments]] If command is specified, it replaces the shell. No new process is created. The arguments become the arguments to command. If the -l option is supplied, the shell places a dash at the beginning of the zeroth arg passed to command. This is what login(1) does. The -c option causes command to be executed with an empty environ- ment. If -a is supplied, the shell passes name as the zeroth argument to the exe- cuted command. If command cannot be executed for some reason, a non-interactive shell exits, unless the shell option execfail is enabled, in which case it returns failure. An interactive shell returns failure if the file cannot be executed. If command is not specified, any redirections take effect in the current shell, and the return status is 0. If there is a redirection error, the return status is 1. exit [n] Cause the shell to exit with a status of n. If n is omitted, the exit status is that of the last command executed. A trap on EXIT is executed before the shell termi- nates. export [-fn] [name[=word]] ... export -p The supplied names are marked for automatic export to the environment of subsequently executed commands. If the -f option is given, the names refer to functions. If no names are given, or if the -p option is supplied, a list of all names that are exported in this shell is printed. The -n option causes the export property to be removed from each name. If a variable name is followed by =word, the value of the variable is set to word. export returns an exit status of 0 unless an invalid option is encountered, one of the names is not a valid shell variable name, or -f is sup- plied with a name that is not a function. fc [-e ename] [-nlr] [first] [last] fc -s [pat=rep] [cmd] Fix Command. In the first form, a range of commands from first to last is selected from the history list. First and last may be specified as a string (to locate the last command beginning with that string) or as a number (an index into the history list, where a negative number is used as an offset from the current command number). If last is not specified it is set to the current command for listing (so that ‘‘fc -l -10’’ prints the last 10 commands) and to first otherwise. If first is not speci- fied it is set to the previous command for editing and -16 for listing. The -n option suppresses the command numbers when listing. The -r option reverses the order of the commands. If the -l option is given, the commands are listed on standard output. Otherwise, the editor given by ename is invoked on a file contain- ing those commands. If ename is not given, the value of the FCEDIT variable is used, and the value of EDITOR if FCEDIT is not set. If neither variable is set, is used. When editing is complete, the edited commands are echoed and executed. In the second form, command is re-executed after each instance of pat is replaced by rep. A useful alias to use with this is ‘‘r="fc -s"’’, so that typing ‘‘r cc’’ runs the last command beginning with ‘‘cc’’ and typing ‘‘r’’ re-executes the last command. If the first form is used, the return value is 0 unless an invalid option is encoun- tered or first or last specify history lines out of range. If the -e option is sup- plied, the return value is the value of the last command executed or failure if an error occurs with the temporary file of commands. If the second form is used, the return status is that of the command re-executed, unless cmd does not specify a valid history line, in which case fc returns failure. fg [jobspec] Resume jobspec in the foreground, and make it the current job. If jobspec is not present, the shell’s notion of the current job is used. The return value is that of the command placed into the foreground, or failure if run when job control is dis- abled or, when run with job control enabled, if jobspec does not specify a valid job or jobspec specifies a job that was started without job control. getopts optstring name [args] getopts is used by shell procedures to parse positional parameters. optstring con- tains the option characters to be recognized; if a character is followed by a colon, the option is expected to have an argument, which should be separated from it by white space. The colon and question mark characters may not be used as option char- acters. Each time it is invoked, getopts places the next option in the shell vari- able name, initializing name if it does not exist, and the index of the next argument to be processed into the variable OPTIND. OPTIND is initialized to 1 each time the shell or a shell script is invoked. When an option requires an argument, getopts places that argument into the variable OPTARG. The shell does not reset OPTIND auto- matically; it must be manually reset between multiple calls to getopts within the same shell invocation if a new set of parameters is to be used. When the end of options is encountered, getopts exits with a return value greater than zero. OPTIND is set to the index of the first non-option argument, and name is set to ?. getopts normally parses the positional parameters, but if more arguments are given in args, getopts parses those instead. getopts can report errors in two ways. If the first character of optstring is a colon, silent error reporting is used. In normal operation diagnostic messages are printed when invalid options or missing option arguments are encountered. If the variable OPTERR is set to 0, no error messages will be displayed, even if the first character of optstring is not a colon. If an invalid option is seen, getopts places ? into name and, if not silent, prints an error message and unsets OPTARG. If getopts is silent, the option character found is placed in OPTARG and no diagnostic message is printed. If a required argument is not found, and getopts is not silent, a question mark (?) is placed in name, OPTARG is unset, and a diagnostic message is printed. If getopts is silent, then a colon (:) is placed in name and OPTARG is set to the option charac- ter found. getopts returns true if an option, specified or unspecified, is found. It returns false if the end of options is encountered or an error occurs. hash [-lr] [-p filename] [-dt] [name] For each name, the full file name of the command is determined by searching the directories in $PATH and remembered. If the -p option is supplied, no path search is performed, and filename is used as the full file name of the command. The -r option causes the shell to forget all remembered locations. The -d option causes the shell to forget the remembered location of each name. If the -t option is supplied, the full pathname to which each name corresponds is printed. If multiple name arguments are supplied with -t, the name is printed before the hashed full pathname. The -l option causes output to be displayed in a format that may be reused as input. If no arguments are given, or if only -l is supplied, information about remembered commands is printed. The return status is true unless a name is not found or an invalid option is supplied. help [-s] [pattern] Display helpful information about builtin commands. If pattern is specified, help gives detailed help on all commands matching pattern; otherwise help for all the builtins and shell control structures is printed. The -s option restricts the infor- mation displayed to a short usage synopsis. The return status is 0 unless no command matches pattern. history [n] history -c history -d offset history -anrw [filename] history -p arg [arg ...] history -s arg [arg ...] With no options, display the command history list with line numbers. Lines listed with a * have been modified. An argument of n lists only the last n lines. If the shell variable HISTTIMEFORMAT is set and not null, it is used as a format string for strftime(3) to display the time stamp associated with each displayed history entry. No intervening blank is printed between the formatted time stamp and the history line. If filename is supplied, it is used as the name of the history file; if not, the value of HISTFILE is used. Options, if supplied, have the following meanings: -c Clear the history list by deleting all the entries. -d offset Delete the history entry at position offset. -a Append the ‘‘new’’ history lines (history lines entered since the beginning of the current bash session) to the history file. -n Read the history lines not already read from the history file into the current history list. These are lines appended to the history file since the begin- ning of the current bash session. -r Read the contents of the history file and use them as the current history. -w Write the current history to the history file, overwriting the history file’s contents. -p Perform history substitution on the following args and display the result on the standard output. Does not store the results in the history list. Each arg must be quoted to disable normal history expansion. -s Store the args in the history list as a single entry. The last command in the history list is removed before the args are added. If the HISTTIMEFORMAT is set, the time stamp information associated with each history entry is written to the history file. The return value is 0 unless an invalid option is encountered, an error occurs while reading or writing the history file, an invalid offset is supplied as an argument to -d, or the history expansion supplied as an argument to -p fails. jobs [-lnprs] [ jobspec ... ] jobs -x command [ args ... ] The first form lists the active jobs. The options have the following meanings: -l List process IDs in addition to the normal information. -p List only the process ID of the job’s process group leader. -n Display information only about jobs that have changed status since the user was last notified of their status. -r Restrict output to running jobs. -s Restrict output to stopped jobs. If jobspec is given, output is restricted to information about that job. The return status is 0 unless an invalid option is encountered or an invalid jobspec is sup- plied. If the -x option is supplied, jobs replaces any jobspec found in command or args with the corresponding process group ID, and executes command passing it args, returning its exit status. kill [-s sigspec | -n signum | -sigspec] [pid | jobspec] ... kill -l [sigspec | exit_status] Send the signal named by sigspec or signum to the processes named by pid or jobspec. sigspec is either a case-insensitive signal name such as SIGKILL (with or without the SIG prefix) or a signal number; signum is a signal number. If sigspec is not present, then SIGTERM is assumed. An argument of -l lists the signal names. If any arguments are supplied when -l is given, the names of the signals corresponding to the arguments are listed, and the return status is 0. The exit_status argument to -l is a number specifying either a signal number or the exit status of a process termi- nated by a signal. kill returns true if at least one signal was successfully sent, or false if an error occurs or an invalid option is encountered. let arg [arg ...] Each arg is an arithmetic expression to be evaluated (see ARITHMETIC EVALUATION). If the last arg evaluates to 0, let returns 1; 0 is returned otherwise. local [option] [name[=value] ...] For each argument, a local variable named name is created, and assigned value. The option can be any of the options accepted by declare. When local is used within a function, it causes the variable name to have a visible scope restricted to that function and its children. With no operands, local writes a list of local variables to the standard output. It is an error to use local when not within a function. The return status is 0 unless local is used outside a function, an invalid name is sup- plied, or name is a readonly variable. logout Exit a login shell. popd [-n] [+n] [-n] Removes entries from the directory stack. With no arguments, removes the top direc- tory from the stack, and performs a cd to the new top directory. Arguments, if sup- plied, have the following meanings: +n Removes the nth entry counting from the left of the list shown by dirs, start- ing with zero. For example: ‘‘popd +0’’ removes the first directory, ‘‘popd +1’’ the second. -n Removes the nth entry counting from the right of the list shown by dirs, starting with zero. For example: ‘‘popd -0’’ removes the last directory, ‘‘popd -1’’ the next to last. -n Suppresses the normal change of directory when removing directories from the stack, so that only the stack is manipulated. If the popd command is successful, a dirs is performed as well, and the return status is 0. popd returns false if an invalid option is encountered, the directory stack is empty, a non-existent directory stack entry is specified, or the directory change fails. printf [-v var] format [arguments] Write the formatted arguments to the standard output under the control of the format. The format is a character string which contains three types of objects: plain charac- ters, which are simply copied to standard output, character escape sequences, which are converted and copied to the standard output, and format specifications, each of which causes printing of the next successive argument. In addition to the standard printf(1) formats, %b causes printf to expand backslash escape sequences in the cor- responding argument (except that \c terminates output, backslashes in \', \", and \? are not removed, and octal escapes beginning with \0 may contain up to four digits), and %q causes printf to output the corresponding argument in a format that can be reused as shell input. The -v option causes the output to be assigned to the variable var rather than being printed to the standard output. The format is reused as necessary to consume all of the arguments. If the format requires more arguments than are supplied, the extra format specifications behave as if a zero value or null string, as appropriate, had been supplied. The return value is zero on success, non-zero on failure. pushd [-n] [dir] pushd [-n] [+n] [-n] Adds a directory to the top of the directory stack, or rotates the stack, making the new top of the stack the current working directory. With no arguments, exchanges the top two directories and returns 0, unless the directory stack is empty. Arguments, if supplied, have the following meanings: +n Rotates the stack so that the nth directory (counting from the left of the list shown by dirs, starting with zero) is at the top. -n Rotates the stack so that the nth directory (counting from the right of the list shown by dirs, starting with zero) is at the top. -n Suppresses the normal change of directory when adding directories to the stack, so that only the stack is manipulated. dir Adds dir to the directory stack at the top, making it the new current working directory. If the pushd command is successful, a dirs is performed as well. If the first form is used, pushd returns 0 unless the cd to dir fails. With the second form, pushd returns 0 unless the directory stack is empty, a non-existent directory stack element is specified, or the directory change to the specified new current directory fails. pwd [-LP] Print the absolute pathname of the current working directory. The pathname printed contains no symbolic links if the -P option is supplied or the -o physical option to the set builtin command is enabled. If the -L option is used, the pathname printed may contain symbolic links. The return status is 0 unless an error occurs while reading the name of the current directory or an invalid option is supplied. read [-ers] [-u fd] [-t timeout] [-a aname] [-p prompt] [-n nchars] [-d delim] [name ...] One line is read from the standard input, or from the file descriptor fd supplied as an argument to the -u option, and the first word is assigned to the first name, the second word to the second name, and so on, with leftover words and their intervening separators assigned to the last name. If there are fewer words read from the input stream than names, the remaining names are assigned empty values. The characters in IFS are used to split the line into words. The backslash character (\) may be used to remove any special meaning for the next character read and for line continuation. Options, if supplied, have the following meanings: -a aname The words are assigned to sequential indices of the array variable aname, starting at 0. aname is unset before any new values are assigned. Other name arguments are ignored. -d delim The first character of delim is used to terminate the input line, rather than newline. -e If the standard input is coming from a terminal, readline (see READLINE above) is used to obtain the line. -n nchars read returns after reading nchars characters rather than waiting for a com- plete line of input. -p prompt Display prompt on standard error, without a trailing newline, before attempt- ing to read any input. The prompt is displayed only if input is coming from a terminal. -r Backslash does not act as an escape character. The backslash is considered to be part of the line. In particular, a backslash-newline pair may not be used as a line continuation. -s Silent mode. If input is coming from a terminal, characters are not echoed. -t timeout Cause read to time out and return failure if a complete line of input is not read within timeout seconds. This option has no effect if read is not reading input from the terminal or a pipe. -u fd Read input from file descriptor fd. If no names are supplied, the line read is assigned to the variable REPLY. The return code is zero, unless end-of-file is encountered, read times out, or an invalid file descriptor is supplied as the argument to -u. readonly [-apf] [name[=word] ...] The given names are marked readonly; the values of these names may not be changed by subsequent assignment. If the -f option is supplied, the functions corresponding to the names are so marked. The -a option restricts the variables to arrays. If no name arguments are given, or if the -p option is supplied, a list of all readonly names is printed. The -p option causes output to be displayed in a format that may be reused as input. If a variable name is followed by =word, the value of the vari- able is set to word. The return status is 0 unless an invalid option is encountered, one of the names is not a valid shell variable name, or -f is supplied with a name that is not a function. return [n] Causes a function to exit with the return value specified by n. If n is omitted, the return status is that of the last command executed in the function body. If used outside a function, but during execution of a script by the . (source) command, it causes the shell to stop executing that script and return either n or the exit status of the last command executed within the script as the exit status of the script. If used outside a function and not during execution of a script by ., the return status is false. Any command associated with the RETURN trap is executed before execution resumes after the function or script. set [--abefhkmnptuvxBCHP] [-o option] [arg ...] Without options, the name and value of each shell variable are displayed in a format that can be reused as input for setting or resetting the currently-set variables. Read-only variables cannot be reset. In posix mode, only shell variables are listed. The output is sorted according to the current locale. When options are specified, they set or unset shell attributes. Any arguments remaining after the options are processed are treated as values for the positional parameters and are assigned, in order, to $1, $2, ... $n. Options, if specified, have the following meanings: -a Automatically mark variables and functions which are modified or created for export to the environment of subsequent commands. -b Report the status of terminated background jobs immediately, rather than before the next primary prompt. This is effective only when job control is enabled. -e Exit immediately if a simple command (see SHELL GRAMMAR above) exits with a non-zero status. The shell does not exit if the command that fails is part of the command list immediately following a while or until keyword, part of the test in an if statement, part of a && or ││ list, or if the command’s return value is being inverted via !. A trap on ERR, if set, is executed before the shell exits. -f Disable pathname expansion. -h Remember the location of commands as they are looked up for execution. This is enabled by default. -k All arguments in the form of assignment statements are placed in the environ- ment for a command, not just those that precede the command name. -m Monitor mode. Job control is enabled. This option is on by default for interactive shells on systems that support it (see JOB CONTROL above). Back- ground processes run in a separate process group and a line containing their exit status is printed upon their completion. -n Read commands but do not execute them. This may be used to check a shell script for syntax errors. This is ignored by interactive shells. -o option-name The option-name can be one of the following: allexport Same as -a. braceexpand Same as -B. emacs Use an emacs-style command line editing interface. This is enabled by default when the shell is interactive, unless the shell is started with the --noediting option. errtrace Same as -E. functrace Same as -T. errexit Same as -e. hashall Same as -h. histexpand Same as -H. history Enable command history, as described above under HISTORY. This option is on by default in interactive shells. ignoreeof The effect is as if the shell command ‘‘IGNOREEOF=10’’ had been exe- cuted (see Shell Variables above). keyword Same as -k. monitor Same as -m. noclobber Same as -C. noexec Same as -n. noglob Same as -f. nolog Currently ignored. notify Same as -b. nounset Same as -u. onecmd Same as -t. physical Same as -P. pipefail If set, the return value of a pipeline is the value of the last (rightmost) command to exit with a non-zero status, or zero if all command

23,110

社区成员

发帖
与我相关
我的任务
社区描述
Linux/Unix社区 应用程序开发区
社区管理员
  • 应用程序开发区社区
加入社区
  • 近7日
  • 近30日
  • 至今
社区公告
暂无公告

试试用AI创作助手写篇文章吧