分类 Linux 相关 下的文章

Linux 模块学习笔记

  1. 使用 lsmod 命令查看已经load 的内核模块, 它其实读取的是 /proc/modules 的信息
  2. 当系统需要某个内核模块的功能的时候, 如果该模块还么有加载, 作为 daemon 的 kmod 进程就会使用 modprobe 命令去加载该模块;
  3. modprobe 可以接受模块的名称, 如: softdog, 或者该模块的别名, 如: char-major-10-30. 标准名称和别名的映射在文件 /etc/modprobe.conf 中, 如: alias char-major-10-30 softdog;
  4. 模块的依赖关系在 /lib/modules/version/modules.dep 中;
  5. depmod 会创建新的依赖关系;

以上内容可能过时, 来源: https://tldp.org/LDP/lkmpg/2.6/html/x44.html

Linux kprobes & uprobes, static tracepoint knowledge links

  1. Kernel Probes: https://www.kernel.org/doc/Documentation/kprobes.txt#:~:text=Kprobes%20enables%20you%20to%20dynamically,when%20the%20breakpoint%20is%20hit.
  2. Uprobe: https://www.kernel.org/doc/Documentation/trace/uprobetracer.txt
  3. https://kernelnewbies.org/Linux_3.5#Uprobes:_userspace_probes
  4. https://lwn.net/Articles/499190/
  5. static tracepoint and how it works: https://www.kernel.org/doc/Documentation/trace/tracepoints.txt

Linux /dev/ 目录下的一些特殊文件目录

总结一些 /dev 目录下的特殊文件或目录

  1. /dev/null
    空文件, 可以往里面丢任何不想要的东西, 从里面读只能对到一个空
  2. /dev/zero
    空文件, 可以往里面丢任何不想要的东西, 从里面读能返回一个一直有空值的流, 一直返回空值
  3. /dev/shm
    shm = shared memory, 是个目录, 在内存里面开辟的tmpfs文件系统, 所以操作极快. 往里面填文件, 很快占满内存.
  4. /dev/random /dev/urandom /dev/arandom
    通过搜集系统驱动和其它源的信息, 产生伪随机数. 上述三个有区别, 比如在是不是 block 操作;

草稿 用例驱动 讲明白 iptables 防火墙

涉及:
The iptables firewall works by interacting with the packet filtering hooks in the Linux kernel’s networking stack. These kernel hooks are known as the netfilter framework.

Every packet that enters networking system (incoming or outgoing) will trigger these hooks as it progresses through the stack, allowing programs that register with these hooks to interact with the traffic at key points. The kernel modules associated with iptables register at these hooks in order to ensure that the traffic conforms to the conditions laid out by the firewall rules.

Netfilter 的前身(Linux 2.2.x ipchains and Linux 2.0.x ipfwadm),后继 nftables iptables (table, chain, rule, policy)
network offload 到硬件

iptables 防火墙工具 基于 kernel 的netfilter 包过滤框架(package filter framework)
防火墙 policy 对应 iptables rule
iptables 语法:

参考: https://en.wikipedia.org/wiki/Netfilter
https://www.netfilter.org/
https://www.digitalocean.com/community/tutorials/a-deep-dive-into-iptables-and-netfilter-architecture
https://www.linode.com/docs/security/firewalls/control-network-traffic-with-iptables/