GhostBSD 22.01 启用 ipfw 网络防火墙,简体中文输入法设置方法,ipfw 防火墙添加屏蔽 TCP RST 命令脚本,

作者 jingyue, 二月 28, 2020, 01:24:53 下午

jingyue

引用
It is BSD

GhostBSD is built on top of FreeBSD code, and its roots go back to the University of California Berkeley Unix Research. Historically it was referred to as "BSD Unix" or "Berkeley Unix." However, today it is called BSD for Berkeley Software Distribution.
GhostBSD-22.01.x 官方软件源的 wine 有 bug,不支持自由门和无界浏览,
引用
GhostBSD 22.01 安装 i386-wine,
引用
> su

# pkg update

# pkg install wget
> wget -c https://pkg.freebsd.org/FreeBSD:12:amd64/quarterly/All/i386-wine-6.0.1,1.pkg
# ( 这个 i386-wine-6.0.1,1.pkg 下载链接已经失效, <—— 2022年06月, )

# chmod +x i386-wine-6.0.1,1.pkg

# pkg install i386-wine-6.0.1,1.pkg
SHA256 (i386-wine-6.0.1,1.pkg) = 1825dcb211f6c6ebbfc81c6cc97d17013b01cd2a6d75ef0804904be690d22ea4
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

GhostBSD 22.01 启用 ipfw 网络防火墙,简体中文输入法设置方法,
引用
GhostBSD Official Image

Official images are maintained and supported by GhostBSD developers and contributors. Developers and contributors will assume that when a user refers to GhostBSD on Telegram, the Forums or a bug report, you refer to GhostBSD with MATE. As of now, MATE is the only official DE.
GhostBSD 光盘映像是 Live-DVD ,可直接光盘启动,既可在电脑光驱上试用,又可以安装到硬盘上,

官方网站 https://www.ghostbsd.org/
官方下载 https://www.ghostbsd.org/download
官方论坛 https://forums.ghostbsd.org/index.php

GhostBSD 22.01 基于 FreeBSD 13.0-STABLE 源代码,简体中文 MATE 1.26.0 桌面,ZFS 文件系统,ipfw 网络防火墙,
引用
Minimum System Requirements

    64-bit processor
    4 GB of RAM
    15 GB of free hard drive space
    Network card

Note: GhostBSD can't successfully install in a system with less than  4G of ram because once GhostBSD is booted, it is running from the ram and not from the USB flash drive or DVD. 
What is the FreeBSD-STABLE concept?
引用
What is the FreeBSD-STABLE concept?
   
FreeBSD-STABLE is the development branch from which major releases are made. Changes go into this branch at a slower pace and with the general assumption that they have first been tested in FreeBSD-CURRENT. However, at any given time, the sources for FreeBSD-STABLE may or may not be suitable for general use, as it may uncover bugs and corner cases that were not yet found in FreeBSD-CURRENT. Users who do not have the resources to perform testing should instead run the most recent release of FreeBSD.
引用
FreeBSD-STABLE 是开发分支,从中发布 -RELEASE 版本。更改进入该分支的步伐较慢,并且通常假定它们已经在 FreeBSD-CURRENT 中进行了首次测试。但是,在任何给定时间,FreeBSD-STABLE 的来源可能适合也可能不适合一般使用,因为它可能会发现在 FreeBSD-CURRENT 中尚未发现的错误和极端情况。没有资源执行测试的用户应该运行 FreeBSD 的-RELEASE 版本。

参考链接:https://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/introduction.html#idp44957688


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~_001_~~~~~~~~~启用 ipfw 网络防火墙默认规则~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


GhostBSD 22.01 启用 ipfw 网络防火墙默认规则,

1),root 权限下,用编辑器 ee 打开 /etc/rc.conf ,
引用
# ee /etc/rc.conf
把下面这三行用浏览器复制/粘贴到 /etc/rc.conf  文件里面,(配合上下左右箭头),
引用
firewall_enable="YES"            # Set to YES to enable firewall functionality             
firewall_script="/etc/rc.firewall"       # Which script to run to set up the firewall
firewall_type="WORKSTATION"         # Firewall type (see /etc/rc.firewall)     
然后,同时按住 [control]键 + [c]键,
输入命令 exit 按回车键,

2),给文件 /etc/rc.firewall 添加可执行属性,
引用
# chmod +x /etc/rc.firewall
3),重启电脑,
引用
# reboot

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~_002_~~~~~~~~~GhostBSD 21.10 安装简体中文汉化包~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

安装 zh-auto-cn-l10n 软件包,可以浏览简体中文网页,
引用
# pkg update
引用
# pkg search cn
引用
# pkg install zh-auto-cn-l10n-1.1_3

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~_003_~~~~~~~~~安装-ibus-简体中文-智能拼音-输入法~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

GhostBSD 21.10 安装简体中文拼音输入法 zh-ibus-libpinyin,
引用
# pkg update
引用
# pkg search pinyin
引用
# pkg install zh-ibus-libpinyin-1.11.1
把下面这些文本拷贝/添加到用户目录下的 .xprofile 文件内即可,(root 权限下,用编辑器 ee 打开 .xprofile )
引用
#!/bin/sh
export XIM=ibus
export GTK_IM_MODULE=ibus
export QT_IM_MODULE=ibus
export XMODIFIERS=@im=ibus
export XIM_PROGRAM="ibus-daemon"
export XIM_ARGS="--daemonize --xim"
然后,同时按住 [control]键 + [c]键,输入命令 exit 按回车键,
# 从新启动电脑之后,ibus 输入法框架可以在终端里和文本文件上面写简体中文字了,
引用
# reboot
设置 ibus 输入法:——》系统——》首选项 ——》其它 ——》ibus首选项 ——》输入法 ——》添加 ——》中文 ——》智能拼音 ——》添加


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~_004_~~~~~~~~~GhostBSD 21.10 在线安装红酒-wine-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

在线安装红酒 wine ,
引用
# pkg search wine
引用
# pkg install i386-wine-6.0.1,1


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~_005_~~~~~~~~~用命令挂载 FAT32 格式的 U 盘~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

用下面这个命令挂载 FAT32 格式的 U 盘可显示中文文件名,(否则中文文件的名字都显示为 ?????? 问号,)
引用
# mount_msdosfs -L zh_CN.UTF-8 /dev/da1s1 /mnt
其中 /dev/da1s1 需查看U盘设备的具体显示名字而定,
引用
# ls /dev
用命令拷贝中文名字的文件,
引用
# cp xxx /mnt
用命令卸载 U 盘,
引用
# umount -f /mnt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~_006_~~~~~~~~~用【终端】命令运行自由门~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

【终端】运行自由门,
引用
> wine fg797p.exe
[自由门7.97专业版]成功连接6个服务器,端口:8580, 通道(A)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~_007_~~~~~~~~~(防火墙规则)屏蔽中间人 RST 攻击~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

网络防火墙 ipfw 添加两条(临时的)屏蔽中间人 RST 攻击的规则,终端命令,(firewall_type="workstation")

IPv4
引用
    # ipfw add 510 drop tcp from any to me tcpflags rst in
IPv6
引用
    # ipfw add 520 drop tcp from any to me6 tcpflags rst in

查看 ipfw 网络防火墙已经生效的过滤规则,和已经屏蔽的 TCP RST 数据包的数目,
引用
# ipfw -a list

引用自: jingyue 于 三月 22, 2017, 02:26:39 上午
几个安全好用的 Linux / UNIX 操作系统——应用比较

https://distrowatch.com/table.php?distribution=ghostbsd

https://www.minghui.org/mh/articles/2023/1/20/为什么会有人类-455562.html
https://www.minghui.org/mh/articles/2023/4/17/为什么要救度众生-458929.htm

https://www.minghui.org/mh/articles/2024/9/30/为什么人类是迷的社会-483472.html
世上几人醒
https://gb.falundafa.org/chigb/hy4/hy4-051.htm

https://www.minghui.org/mh/articles/2024/8/5/深蓝色的法轮-480298.html
https://www.minghui.org/mh/articles/2010/5/18/【征稿选登】李洪志师父在92东方健康博览会的奇迹-223842.html
https://www.minghui.org/mh/articles/2012/11/3/未来人的神话——忆师尊在哈尔滨传法-264844.html
https://www.minghui.org/mh/articles/2014/5/11/【庆祝513】回忆师尊在北京传法的片段-291380.html
https://www.minghui.org/mh/articles/2022/5/21/【庆祝513】忆师恩-万载难遇的机缘(上)-442904.html
https://www.minghui.org/mh/articles/2022/5/21/【庆祝513】忆师恩-万载难遇的机缘(下)-443903.html
https://www.minghui.org/mh/articles/2023/6/11/在东方博览会上见证师父的神通法力-461847.html
https://www.minghui.org/mh/articles/2024/1/15/一名英国学员在神韵演出现场看到的(译文)-471044.html

jingyue

GhostBSD 22.01 给 ipfw 网络防火墙添加屏蔽 TCP RST 攻击的规则 (永久的),

1)创建一个 ipfw 网络防火墙规则命令脚本文件,
鼠标右键——》创建文档,重命名为 ipfw_tcp_rst

把下面这些文本复制(拷贝)粘贴到 ipfw_tcp_rst 里面,保存,
引用
#!/bin/sh
ipfw add 510 drop tcp from any to me tcpflags rst in
ipfw add 520 drop tcp from any to me6 tcpflags rst in
2)root权限下,从【终端】把 ipfw_tcp_rst 拷贝到 /etc/ 目录下,
引用
# cp ipfw_tcp_rst /etc/
3)root 权限下,从【终端】给文件 /etc/ipfw_tcp_rst 添加可执行属性,
引用
# chmod +x /etc/ipfw_tcp_rst

4)root 权限下,从【终端】用编辑器 ee 打开 /etc/rc.conf ,
引用
# ee /etc/rc.conf
把下面这些内容行用浏览器复制/粘贴到 /etc/rc.conf  文件里面,(配合上下左右箭头),
引用
firewall_coscripts="/etc/ipfw_tcp_rst"     # List of executables/scripts to run after
                                        # firewall starts/stops             
然后,同时按住 [control]键 + [c]键,
输入命令 exit 按回车键,

5)root 权限下,从【终端】重启电脑,
引用
# reboot
https://www.minghui.org/mh/articles/2023/1/20/为什么会有人类-455562.html
https://www.minghui.org/mh/articles/2023/4/17/为什么要救度众生-458929.htm

https://www.minghui.org/mh/articles/2024/9/30/为什么人类是迷的社会-483472.html
世上几人醒
https://gb.falundafa.org/chigb/hy4/hy4-051.htm

https://www.minghui.org/mh/articles/2024/8/5/深蓝色的法轮-480298.html
https://www.minghui.org/mh/articles/2010/5/18/【征稿选登】李洪志师父在92东方健康博览会的奇迹-223842.html
https://www.minghui.org/mh/articles/2012/11/3/未来人的神话——忆师尊在哈尔滨传法-264844.html
https://www.minghui.org/mh/articles/2014/5/11/【庆祝513】回忆师尊在北京传法的片段-291380.html
https://www.minghui.org/mh/articles/2022/5/21/【庆祝513】忆师恩-万载难遇的机缘(上)-442904.html
https://www.minghui.org/mh/articles/2022/5/21/【庆祝513】忆师恩-万载难遇的机缘(下)-443903.html
https://www.minghui.org/mh/articles/2023/6/11/在东方博览会上见证师父的神通法力-461847.html
https://www.minghui.org/mh/articles/2024/1/15/一名英国学员在神韵演出现场看到的(译文)-471044.html

jingyue

GhostBSD 22.01  升级(更新)系统上安装的所有软件包,

从【终端】执行命令,
引用
> su
引用
# pkg update
引用
# pkg upgrade

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 其它 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

从【终端】增大音量(临时的),
引用
> mixer 100:100
Setting the mixer vol from 75:75 to 100:100.
https://www.minghui.org/mh/articles/2023/1/20/为什么会有人类-455562.html
https://www.minghui.org/mh/articles/2023/4/17/为什么要救度众生-458929.htm

https://www.minghui.org/mh/articles/2024/9/30/为什么人类是迷的社会-483472.html
世上几人醒
https://gb.falundafa.org/chigb/hy4/hy4-051.htm

https://www.minghui.org/mh/articles/2024/8/5/深蓝色的法轮-480298.html
https://www.minghui.org/mh/articles/2010/5/18/【征稿选登】李洪志师父在92东方健康博览会的奇迹-223842.html
https://www.minghui.org/mh/articles/2012/11/3/未来人的神话——忆师尊在哈尔滨传法-264844.html
https://www.minghui.org/mh/articles/2014/5/11/【庆祝513】回忆师尊在北京传法的片段-291380.html
https://www.minghui.org/mh/articles/2022/5/21/【庆祝513】忆师恩-万载难遇的机缘(上)-442904.html
https://www.minghui.org/mh/articles/2022/5/21/【庆祝513】忆师恩-万载难遇的机缘(下)-443903.html
https://www.minghui.org/mh/articles/2023/6/11/在东方博览会上见证师父的神通法力-461847.html
https://www.minghui.org/mh/articles/2024/1/15/一名英国学员在神韵演出现场看到的(译文)-471044.html

快速回复

警告: 该贴已经至少 180 天没有更改。
除非你一定要回复,否则也许考虑发一个新贴会更好。

Note: this post will not display until it has been approved by a moderator.

名称:
电子邮件:
验证码:
请将此框留空:
三乘七等于几?(请用阿拉伯数字回答):
Shortcuts: ALT+S post or ALT+P preview