在IIS 7 里添加 .7z 文件 MIME类型
环境:Windows 2008 R2
过程:
图1:在浏览器地址栏里输入完整的.7z文件网址,提示404 - 找不到文件或目录
图2:在IIS站点管理界面,打开 “MIME 类型”
图3:点击“添加”,增加文件扩展名为.7z,MIME类型为 application/octet-stream
图4:保存设置后。再在浏览器里访问.7z文件网址,浏览器会弹框提示保存到哪了
参考:
替换typecho默认模板中外部的http文件链接为https
新版本的浏览器,对包含http文件链接的站点访问,不显示绿色的。使用谷歌浏览器访问本博客,会在地址栏右端显示“不运行不安全的脚本”。通过浏览器自带的F12调试工具,知道是外部的一个css和两个js脚本文件引用地址(cdn.staticfile.org)是http,并不是https开头的。
操作:
1.转到typecho文件目录,执行 grep -rnw './' -e 'cdn.staticfile.org' 查看到http网址引用,在 usr/themes/default/header.php 中
2.sed -i 's/http:\/\/cdn.staticfile.org/https:\/\/cdn.staticfile.org/g' usr/themes/default/header.php 用https替换http
3.再次在浏览器测试,谷歌浏览器显示网页是https的,正常
参考:
在Debian 9系统里安装dante socks5
sock5方便公司管理业务,如外网的访问。
环境:debian 9, dante 1.4.1
过程:
1.apt update # 更新软件仓库
2.apt-get install dante-server # 安装dante服务端
3.vi /etc/danted.conf # 编辑danted的配置文件内容,如下
# 标准错误记录
logoutput: stderr
# 使用本地所有可用网络接口的 3721 端口
internal: 0.0.0.0 port = 3721
# 输出接口设置为 eth0
external: eth0
# socks的验证方法,设置为 pam.username,本例中,是使用系统用户验证,即使用adduser添加用户
socksmethod: pam.username
# user.privileged: root
user.unprivileged: nobody
user.libwrap: nobody
# 访问规则
client pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
}
socks pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
protocol: tcp udp
socksmethod: pam.username
log: connect disconnect
}
socks block {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect error
}
4.adduser --no-create-home --shell /usr/sbin/nologin liujia2 # 添加一个本地用户,不创建默认目录和登录Shell
5.systemctl start danted # 启动 danted 服务
6.在浏览器里设置socks5代理,访问测试网站,显示socks5服务器的IP地址
7.如服务器有IPv6,可以访问IPv6网站,如 ipv6.baidu.com
参考:
9月3日开学啦
今天周一,学生上课,开学了。早上7点多,路上就开始热闹起来了,有大人牵小孩走路的;有开摩托搭小孩的;也有开小车送小孩上学的。
图1:和中埂上,学生买好扫把、洗身桶等,返校
图2:学府花园附近,应该是二小学生,带小水桶在学校搞卫生后,返家
图3:东堤路上,学生带拖把回家
在Windows 2008 R2 SP1无人值守安装配置文件Unattend.xml里使用powershell.exe
之前在Windows 2016和Windows 10的无人值守安装文件Unattend.xml里使用powershell.exe,直接这样写 powershell.exe 就可以了。但在Windows 2008 R2 SP1这样写,是不行的。一定要写powershell.exe的完整路径,即 C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe。
以下是示例:
- 设置administrator密码
- 设置自动登录
- 在防火墙里允许远程桌面连接
- 将活动(插有网线)的网卡重命名(为iEthernet)
- 为名为iEthernet的网卡设置静态IP
- 为名为iEthernet的网卡设置DNS
- 不允许外网访问TCP 135,137,139和445端口
<file xml Unattend.xml>
<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<settings pass="specialize">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<fDenyTSConnections>false</fDenyTSConnections>
</component>
<component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<UserAuthentication>0</UserAuthentication>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<InputLocale>007f:00000804</InputLocale>
<SystemLocale>zh-CN</SystemLocale>
<UILanguage>zh-CN</UILanguage>
<UserLocale>zh-CN</UserLocale>
</component>
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<AutoLogon>
<Password>
<Value>xinNIANhao2019</Value>
<PlainText>true</PlainText>
</Password>
<Enabled>true</Enabled>
<LogonCount>2</LogonCount>
<Username>Administrator</Username>
</AutoLogon>
<FirstLogonCommands>
<SynchronousCommand wcm:action="add">
<CommandLine>C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -command "$wmi = Get-WmiObject -Class Win32_NetworkAdapter -Filter "netconnectionstatus=2"; $wmi.NetConnectionID = 'iEthernet'; $wmi.Put()"</CommandLine>
<Description>rename nic name</Description>
<Order>1</Order>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>netsh interface ip set address name="iEthernet" static 144.172.126.32 255.255.255.0 144.172.126.1 1</CommandLine>
<Description>set static ip address</Description>
<Order>2</Order>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>netsh interface ip set dns name="iEthernet" static 8.8.8.8</CommandLine>
<Description>set dns server</Description>
<Order>3</Order>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=135 name="Block_TCP-135"</CommandLine>
<Description>Block_TCP-135</Description>
<Order>4</Order>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=137 name="Block_TCP-137"</CommandLine>
<Description>Block_TCP-137</Description>
<Order>5</Order>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=139 name="Block_TCP-139"</CommandLine>
<Description>Block_TCP-139</Description>
<Order>6</Order>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=445 name="Block_TCP-445"</CommandLine>
<Description>Block_TCP-445</Description>
<Order>7</Order>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>netsh advfirewall firewall add rule dir=in action=allow protocol=TCP localport=3389 name="Allow_TCP-3389"</CommandLine>
<Description>Allow_TCP-3389</Description>
<Order>8</Order>
</SynchronousCommand>
</FirstLogonCommands>
<UserAccounts>
<AdministratorPassword>
<Value>xinNIANhao2019</Value>
<PlainText>true</PlainText>
</AdministratorPassword>
</UserAccounts>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<SkipMachineOOBE>true</SkipMachineOOBE>
</OOBE>
<TimeZone>China Standard Time</TimeZone>
</component>
</settings>
<cpi:offlineImage cpi:source="catalog:d:/temp/install_windows server 2012 r2 serverdatacenter.clg" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
</unattend>图1:安装好系统后,可以查看 C:\Windows\panther\Unattend.xml 文件内容,回看设置
图2:C:\Windows\panther\UnattendGC\setupact.txt 可以查看无人值守安装准备内容
参考:
- https://social.technet.microsoft.com/Forums/windows/en-US/19e79485-a4ba-4305-a3ff-2c4f981ecdfd/trying-to-use-powershell-script-with-quotsynchronouscommandquot-section-in-unattend-file?forum=winserversetup
- https://blogs.technet.microsoft.com/heyscriptingguy/2014/01/14/renaming-network-adapters-by-using-powershell/