OpenWRT优化无线速率

路由刷了OpenWRT之后无线速率一直都只有大概130Mbps,可是路由无线是300Mbps的,遂上网搜索之
打开无限配置文件

vi /etc/config/wireless

需要做如下修改

config wifi-device 'ra0'
    **option noscan '1'**
    option type 'rt2860v2'
    option mode '9'
    option channel 'auto'
    option txpower '100'
    *option ht '40'*
    option country 'US'
    option disabled '0'

config wifi-iface
    option device 'ra0'
    option network 'lan'
    option mode 'ap'
    option ssid 'xxxxxxxx'
    option encryption 'psk2'
    option key 'xxxxxxxxxx'
    **option wmm '1'**

两个号部分是需要添加的,一个号部分是要修改的。
这样处理之后,串一堵墙PC显示速率270Mbps,基本满意。
而本地100M的带宽的下载速度也从原来的30Mbs上升到了50Mbps,考虑到无线的因素,基本满意了,要靠谱还是得上网线啊。

Debian下配置OpenVPN使用static-key验证

一.更新系统

apt-get update && apt-get upgrade -y

二.安装OpenVPN

apt-get install openvpn udev lzop
cd /etc/openvpn/
openvpn --genkey --secret static.key
nano /etc/openvpn/server.conf

dev tun
port 8888
;proto tcp-server
ifconfig 10.8.0.1 10.8.0.2
secret static.key
  
keepalive 10 60
comp-lzo
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log /var/log/openvpn/openvpn.log
verb 4
push "redirect-gateway def1 bypass-dhcp" 

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

客户端配置文件

remote 公网IP 8888
dev tun
;proto tcp-client
ifconfig 10.152.10.2 10.152.10.1
secret static.key
comp-lzo
verb 3
redirect-gateway def1
dhcp-option DNS 203.80.96.9
dhcp-option DNS 168.95.192.1

一个进程只能连一个客户端,要多开的话需要开多个进程。

在Debian Wheezy/Stable 7.x (64-bit)部署Docker

Docker 需要内核版本3.8+, 但是Wheezy的内核版本是3.2,所以不能直接安装,但是wheezy-backports源里内核版本是3.16,所以是完美支持的.
1.编辑 /etc/apt/sources.list

echo "deb http://http.debian.net/debian wheezy-backports main" >> /etc/apt/sources.list

2.更新内核

apt-get update
apt-get install -t wheezy-backports linux-image-amd64

3.安装docker

curl -sSL https://get.docker.com/ | sh

4.如果你想docker运行在非root用户下,你需要运行

usermod -aG docker your-user

编译Nginx反代Inoreader

最近Inoreader实在是太慢了,无奈折腾了一个反向代理,记录下笔记
编译安装Nginx

groupadd www
useradd -s /sbin/nologin -g www www
wget http://nginx.org/download/nginx-1.6.2.tar.gz
tar -xvf nginx-1.6.2.tar.gz
git clone https://github.com/cuber/ngx_http_google_filter_module
git clone https://github.com/yaoweibin/ngx_http_substitutions_filter_module
git clone https://github.com/alibaba/nginx-http-concat.git
cd nginx-1.6.2
./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-ipv6 --add-module=/root/ngx_http_substitutions_filter_module --add-module=/root/nginx-http-concat
make && make install
ln -s /usr/local/nginx/sbin/nginx /usr/bin/nginx
wget -c https://dl.dropboxusercontent.com/u/3052739/files/shell/nginx/init.d.nginx
cp init.d.nginx /etc/init.d/nginx
chmod +x /etc/init.d/nginx
cd /usr/local/nginx/conf
wget -c https://dl.dropboxusercontent.com/u/3052739/files/shell/nginx/nginx.conf
mkdir /home/wwwlogs/
chmod 777 /home/wwwlogs
mkdir /home/wwwroot/
chmod +w /home/wwwroot
chown -R www:www /home/wwwroot
mkdir /usr/local/nginx/conf/vhost
/etc/init.d/nginx restart

反向代理配置文件

proxy_temp_path   /home/wwwroot/proxy_temp_dir 1 2;
proxy_cache_path /home/wwwroot/proxy_cache_dir levels=1:2 keys_zone=inoreader:50m inactive=1d max_size=1g;

log_format  inoreader.aenes.com  '$remote_addr - $remote_user [$time_local] $request '
             '$status $body_bytes_sent $http_referer '
             '$http_user_agent $http_x_forwarded_for';
server{
    listen 80;
    server_name inoreader.aenes.com;
    rewrite ^(.*) https://inoreader.aenes.com$1 permanent;
    }
server{
    listen 443;
    server_name inoreader.aenes.com;

    ssl on;
    ssl_certificate /root/cert/inoreader.crt;
    ssl_certificate_key /root/cert/inoreader.key;
    ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP;

    location /{
    proxy_redirect https://www.inoreader.com/ https://inoreader.aenes.com/;
    proxy_pass https://www.inoreader.com/;
    proxy_set_header Accept-Encoding "";
    subs_filter 'href="/images' 'href="https://dn-inoreader.qbox.me/images';
    subs_filter 'fonts.googleapis.com' 'fonts.lug.ustc.edu.cn';
    subs_filter 'www.inoreader.com' 'inoreader.aenes.com';
    subs_filter 'href="/m' 'href="https://inoreader.aenes.com/m';
    subs_filter 'src="/include' 'src="https://dn-inoreader.qbox.me/include';
    subs_filter 'src="/innoworks' 'src="https://dn-inoreader.qbox.me/innoworks';
    subs_filter 'href="/include' 'src="https://dn-inoreader.qbox.me/include';
    #subs_filter 'href="/css' 'src="https://dn-inoreader.qbox.me/css';
    subs_filter 'src="/images' 'src="https://dn-inoreader.qbox.me/images';

    proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
    client_max_body_size       10m;
    client_body_buffer_size    128k;

    proxy_connect_timeout      90;
    proxy_send_timeout         90;
    proxy_read_timeout         90;

    proxy_cache_key "$scheme://$host$request_uri";
    proxy_cache inoreader; 
    proxy_cache_valid 200 302 12h; 
    proxy_cache_valid 301 1d; 
    proxy_cache_valid any 1h;
    proxy_cache_bypass $cookie_user;
    proxy_no_cache $cookie_user; 

    proxy_buffer_size          4k;
    proxy_buffers              4 32k;
    proxy_busy_buffers_size    64k;
    proxy_temp_file_write_size 64k;
        }
    access_log  /home/wwwlogs/inoreader.aenes.com.log  inoreader.aenes.com;
    }

最后,反向代理地址:https://inoreader.aenes.com/

安装zabbix笔记

groupadd zabbix
useradd -r -s /sbin/nologin -g zabbix zabbix
wget wget http://sourceforge.net/projects/zabbix/files/ZABBIX%20Latest%20Stable/2.4.3/zabbix-2.4.3.tar.gz
tar zxvf zabbix-2.4.3.tar.gz
mkdir /home/wwwroot/default/zabbix
mv -f /root/zabbix-2.4.3/frontends/php/* /home/wwwroot/default/zabbix
cd zabbix-2.4.3
./configure --prefix=/usr/local/zabbix --enable-server --enable-agent --enable-proxy --with-mysql --with-net-snmp --with-libcurl --with-mysql=/usr/local/mysql/bin/mysql_config
ln -s /usr/local/mysql/include/mysql_com.h /usr/local/mysql/include/mysql/mysql_com.h
ln -s /usr/local/mysql/include/mysql_time.h /usr/local/mysql/include/mysql/mysql_time.h
ln -s /usr/local/mysql/include/my_list.h /usr/local/mysql/include/mysql/my_list.h
ln -s /usr/local/mysql/include/typelib.h /usr/local/mysql/include/mysql/typelib.h
ln -s /usr/local/mysql/include/my_alloc.h /usr/local/mysql/include/mysql/my_alloc.h
ln -s /usr/local/mysql/include/mysqld_error.h /usr/local/mysql/include/mysql/mysqld_error.h
make
make install

mysql -uroot -ppass
create database zabbix character set utf8;
CREATE USER 'zabbix'@'localhost';
SET PASSWORD FOR 'zabbix'@'localhost' = PASSWORD('pass');
grant all on zabbix.* to zabbix@localhost identified by 'pass';
flush privileges
use zabbix;
source /root/zabbix-2.4.3/database/mysql/schema.sql
source /root/zabbix-2.4.3/database/mysql/images.sql
source /root/zabbix-2.4.3/database/mysql/data.sql
show tables;
quit

cp /root/zabbix-2.4.3/misc/init.d/debian/* /etc/init.d/
nano /usr/local/zabbix/etc/zabbix_server.conf
nano /etc/init.d/zabbix-agent
/usr/local/zabbix/sbin
nano /etc/init.d/zabbix-server
/etc/init.d/zabbix-server restart
/etc/init.d/zabbix-agent restart
netstat -anpt | grep zabbix

dpkg-reconfigure locales
nano zabbix/include/locales.inc.php
'zh_CN' => array('name' => _('Chinese (zh_CN)'),        'display' => true),