标签:child http协议 pid useradd ODB 操作系统 firewall existing 0 rows
lamp所谓lamp,其实就是由Linux+Apache+Mysql/MariaDB+Php/Python的一组动态网站或服务器的开源软件,除Linux外其他各部件本身都是各自独立的程序,但是因为经常被放在一起使用,拥有了越来越高的兼容度,共同组成了一个强大的Web应用程序平台。
LAMP指的是Linux(操作系统)、Apache(HTTP服务器)、MySQL(也指MariaDB,数据库软件)和PHP(有时也是指Perl或Python)的第一个字母,一般用来建立web应用平台。
##2.web服务器工作流程
在说lamp架构平台的搭建前,我们先来了解下什么是CGI,什么是FastCGI,什么是....
web服务器的资源分为两种,静态资源和动态资源
那么web服务器如何执行程序并将结果返回给客户端呢?下面通过一张图来说明一下web服务器如何处
如图所示:
阶段1显示的是httpd服务器(即apache)和php服务器通过FastCGI协议进行通信,且php为独立的服务进程运行
阶段2显示的是php程序和mysql数据库间通过mysql协议进行通信,php与mysql本没有什么联系,但是由Php语言写成的程序可以与mysql进行数据交互。同理perl和Python写的程序也可以与mysql数据库进行交互
###2.1 cgi与fastcgi
上图阶段1中提到了FastCGl,下面我们来了解下CGI与FastCGI
CGI(Common Gateway Interface,通用网关接口),CGI是外部应用程序(CGI程序)与WEB服务器之间的接口标准,是在CGI程序与Web服务器之间传递信息的过程,CGI规范允许Web服务器执行外部程序,并将它们的输出发送给Web浏览器,CGI将web的一组简单的静态超媒体文档变成一个完整的新的交互式媒体。
FastCGI(Fast Common Gateway Interface)是CGI的改良版,CGI是通过启用一个解释器进程来处理每个请求,耗时且耗资源,而FastCGI则是通过master-worker形式来处理每个请求,即启动一个master主进程,然后根据配置启动几个worker进程,当请求进来时,master会从worker进程中选择一个去处理请求,这样就避免了重复的生成和杀死进程带来的频繁Cpu上下文切换而导致耗时。
httpd与php结合的方式有以下三种:
modules :php将以httpd的扩展块形式存在,需要加载动态资源时,httpd可以直接通过php模块来加工资源并返回给客户端
FastCGI:利用php-fpm机制,启动为服务进程,php自行运行为一个服务,https通过socket与php通信
#####较于CGI方式,FastCGI更为常用,很少有人使用CGI方式来加载动态资源
###2.3web工作流程
通过上面的图说明一下web的工作流程:
web服务器收到请求后判断客户端请求的资源是静态资源或动态资源
环境说明
系统平台 | IP | 需要安装的服务 |
---|---|---|
centos7/redhat7 | 192.168.24.168 | http-2.4 mysql-5.7 php php-mysql |
lamp平台软件安装次序
httpd->mysql->php
注意:php要求httpd使用prefork MPM
关闭防火墙和SELINUX
[root@linfan ~]# systemctl stop firewalld
[root@linfan ~]# systemctl disable firewalld
[root@linfan ~]# sed -ri ‘s/(SELINUX=).*/\1disabled/g‘ /etc/selinux/config
[root@linfan ~]# setenforce 0
安装开发工具包
[root@linfan ~]# yum groups mark install ‘Development Tools‘
Loaded plugins: fastestmirror
There is no installed groups file.
Maybe run: yum groups mark convert (see man yum)
Loading mirror speeds from cached hostfile
Marked install: Development Tools
[root@linfan ~]# yum grouplist
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Available Environment Groups:
Minimal Install
Compute Node
Infrastructure Server
File and Print Server
Basic Web Server
Virtualization Host
Server with GUI
GNOME Desktop
KDE Plasma Workspaces
Development and Creative Workstation
Installed Groups:
Development Tools
Available Groups:
Compatibility Libraries
Console Internet Tools
Graphical Administration Tools
Legacy UNIX Compatibility
Scientific Support
Security Tools
Smart Card Support
System Administration Tools
System Management
Done
创建apache服务的用户和组
[root@linfan ~]# groupadd -r apache
[root@linfan ~]# useradd -r -M -s /sbin/nologin -g apache apache
安装依赖包
[root@linfan ~]# yum -y install openssl-devel pcre-devel expat-devel libtool
下载和安装apr以及apr-util
[root@linfan ~]# cd /usr/src/
[root@linfan src]# wget http://mirrors.shu.edu.cn/apache//apr/apr-1.6.3.tar.bz2
[root@linfan src]# wget http://mirrors.shu.edu.cn/apache//apr/apr-util-1.6.1.tar.bz2
[root@linfan src]# ls
apr-1.6.3.tar.bz2 apr-util-1.6.1.tar.bz2 debug kernels
[root@linfan src]# tar xf apr-1.6.3.tar.bz2
[root@linfan src]# tar xf apr-util-1.6.1.tar.bz2
[root@linfan src]# ls
apr-1.6.3 apr-1.6.3.tar.bz2 apr-util-1.6.1 apr-util-1.6.1.tar.bz2 debug kernels
[root@linfan src]# cd apr-1.6.3
[root@linfan apr-1.6.3]# vi configure
cfgfile=${ofile}T
trap "$RM \"$cfgfile\"; exit 1" 1 2 15
$RM "$cfgfile" //将此行加上注释或删除此行
root@linfan apr-1.6.3]# ./configure --prefix=/usr/local/apr
[root@linfan apr-1.6.3]# make -j && make install
[root@linfan apr-util-1.6.1]# cd /usr/src/apr-util-1.6.1
[root@linfan apr-util-1.6.1]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
[root@linfan apr-util-1.6.1]# make -j && make install
编译安装httpd
[root@linfan ~]# wget http://mirror.bit.edu.cn/apache//httpd/httpd-2.4.34.tar.bz2
[root@linfan ~]# ls
[root@linfan ~]# tar xf httpd-2.4.34.tar.bz2
[root@linfan ~]# cd httpd-2.4.34
[root@linfan httpd-2.4.34]# ./configure --prefix=/usr/local/apache \ //网站发布存放的目录
> --sysconfdir=/etc/httpd24 \ //httpd编译安装的主配置文件
> --enable-so > --enable-ssl > --enable-cgi > --enable-rewrite > --with-zlib > --with-pcre > --with-apr=/usr/local/apr > --with-apr-util=/usr/local/apr-util/ > --enable-modules=most > --enable-mpms-shared=all > --with-mpm=prefork
[root@linfan ~]# make -j && make install
安装后配置
[root@linfan ~]# echo ‘PATH=/usr/local/apache/bin:$PATH‘ > /etc/profile.d/httpd.sh
[root@linfan ~]# source /etc/profile.d/httpd.sh
[root@linfan ~]# ln -s /usr/local/apache/include/ /usr/include/httpd
[root@linfan ~]# echo ‘MANPATH /usr/local/apache/man‘ >> /etc/man.config
取消 ServerName前面的注释
[root@linfan ~]# sed -i ‘/#ServerName/s/#//g‘ /etc/httpd24/httpd.conf
启动apache
[root@linfan ~]# apachectl start
[root@linfan ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100
::1:25 :::*
安装依赖包
[root@linfan ~]# yum -y install ncurses-devel openssl-devel openssl cmake mariadb-devel
创建用户和组
[root@linfan ~]# groupadd -r -g 306 mysql
[root@linfan ~]# useradd -M -s /sbin/nologin -g 306 -u 306 mysql
下载二进制格式的mysql软件包
[root@linfan ~]# cd /usr/src/
[root@linfan src]# wget https://downloads.mysql.com/archives/get/file/mysql-5.7.22-linux-glibc2.12-x86_64.tar.gz
解压软件至/usr/local/
[root@linfan src]# ls
apr-1.6.3 apr-util-1.6.1 debug mysql-5.7.22-linux-glibc2.12-x86_64.tar.gz
apr-1.6.3.tar.bz2 apr-util-1.6.1.tar.bz2 kernels
[root@linfan src]# tar xf mysql-5.7.22-linux-glibc2.12-x86_64.tar.gz -C /usr/local/
[root@linfan src]# ls /usr/local/
apache apr-util etc include lib64 mysql-5.7.22-linux-glibc2.12-x86_64 share
apr bin games lib libexec sbin src
[root@linfan src]# cd /usr/local/
[root@linfan local]# ln -sv mysql-5.7.22-linux-glibc2.12-x86_64/ mysql
‘mysql’ -> ‘mysql-5.7.22-linux-glibc2.12-x86_64/’
[root@linfan local]# ll
total 0
drwxr-xr-x. 13 root root 152 Aug 17 12:46 apache
drwxr-xr-x. 6 root root 58 Aug 17 12:35 apr
drwxr-xr-x. 5 root root 43 Aug 17 12:40 apr-util
drwxr-xr-x. 2 root root 6 Nov 5 2016 bin
drwxr-xr-x. 2 root root 6 Nov 5 2016 etc
drwxr-xr-x. 2 root root 6 Nov 5 2016 games
drwxr-xr-x. 2 root root 6 Nov 5 2016 include
drwxr-xr-x. 2 root root 6 Nov 5 2016 lib
drwxr-xr-x. 2 root root 6 Nov 5 2016 lib64
drwxr-xr-x. 2 root root 6 Nov 5 2016 libexec
lrwxrwxrwx. 1 root root 36 Aug 17 13:54 mysql -> mysql-5.7.22-linux-glibc2.12-x86_64/
drwxr-xr-x. 9 root root 129 Aug 17 13:30 mysql-5.7.22-linux-glibc2.12-x86_64
drwxr-xr-x. 2 root root 6 Nov 5 2016 sbin
drwxr-xr-x. 5 root root 49 Jul 11 15:44 share
drwxr-xr-x. 2 root root 6 Nov 5 2016 src
修改目录/usr/locaal/mysql的属主属组
[root@linfan ~]# chown -R mysql.mysql /usr/local/mysql
[root@linfan ~]# ll /usr/local/mysql -d
lrwxrwxrwx. 1 mysql mysql 36 Aug 17 13:54 /usr/local/mysql -> mysql-5.7.22-linux-glibc2.12-x86_64/
添加环境变量
[root@linfan ~]# ls /usr/local/mysql
bin COPYING docs include lib man README share support-files
[root@linfan ~]# echo ‘export PATH=/usr/local/mysql/bin:$PATH‘ > /etc/profile.d/mysql.sh
[root@linfan ~]# . /etc/profile.d/mysql.sh
[root@linfan ~]# echo $PATH
/usr/local/mysql/bin:/usr/local/apache/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
建立数据存放目录
[root@linfan ~]# cd /usr/local/mysql
[root@linfan mysql]# mkdir /opt/data
[root@linfan mysql]# chown -R mysql.mysql /opt/data/
[root@linfan mysql]# ll /opt/
total 0
drwxr-xr-x. 2 mysql mysql 6 Aug 17 14:05 data
drwxr-xr-x. 8 root root 220 Jul 18 17:09 lin.d
初始化数据库
[root@linfan mysql]# /usr/local/mysql/bin/mysqld --initialize --user=mysql --datadir=/opt/data/
2018-08-17T06:08:33.347313Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
2018-08-17T06:08:33.873415Z 0 [Warning] InnoDB: New log files created, LSN=45790
2018-08-17T06:08:33.953310Z 0 [Warning] InnoDB: Creating foreign key constraint system tables.
2018-08-17T06:08:34.016549Z 0 [Warning] No existing UUID has been found, so we assume that this is the first time that this server has been started. Generating a new UUID: f8e46285-a1e3-11e8-b6bf-000c29c9d4ed.
2018-08-17T06:08:34.019542Z 0 [Warning] Gtid table is not ready to be used. Table ‘mysql.gtid_executed‘ cannot be opened.
2018-08-17T06:08:34.023380Z 1 [Note] A temporary password is generated for root@localhost: B<HiGFoc.8yZ
//这个命令的最后会生成一个临时密码,此处密码是B<HiGFoc.8yZ
配置mysql
[root@linfan ~]# ln -sv /usr/local/mysql/include/ /usr/local/include/mysql
‘/usr/local/include/mysql’ -> ‘/usr/local/mysql/include/’
[root@linfan ~]# echo ‘/usr/local/mysql/lib‘ > /etc/ld.so.conf.d/mysql.conf
[root@linfan ~]# ldconfig -v
生成配置文件
[root@linfan ~]# cat > /etc/my.cnf <<EOF
> [mysqld]
> basedir = /usr/local/mysql
> datadir = /opt/data
> socket = /tmp/mysql.sock
> port = 3306
> pid-file = /opt/data/mysql.pid
> user = mysql
> skip-name-resolve
> EOF
配置服务启动脚本
[root@linfan ~]# cp -a /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
[root@linfan ~]# sed -ri ‘s#^(basedir=).*#\1/usr/local/mysql#g‘ /etc/init.d/mysqld
[root@linfan ~]# sed -ri ‘s#^(datadir=).*#\1/opt/data#g‘ /etc/init.d/mysqld
启动mysql
[root@linfan ~]# service mysqld start
Starting MySQL.Logging to ‘/opt/data/linfan.err‘.
SUCCESS!
[root@linfan ~]# ps -ef|grep mysql
root 52200 1 0 14:25 pts/1 00:00:00 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/opt/data --pid-file=/opt/data/mysql.pid
mysql 52378 52200 4 14:25 pts/1 00:00:00 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/opt/data --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=linfan.err --pid-file=/opt/data/mysql.pid --socket=/tmp/mysql.sock --port=3306
root 52408 2998 0 14:25 pts/1 00:00:00 grep --color=auto mysql
[root@linfan ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 80 :::3306 :::*
修改密码
使用临时密码修改
[root@linfan ~]# mysql -uroot -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.22
Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type ‘help;‘ or ‘\h‘ for help. Type ‘\c‘ to clear the current input statement.
mysql> set password = password(‘linfan123‘);
Query OK, 0 rows affected, 1 warning (0.00 sec)
mysql> quit
Bye
配置yum源
[root@linfan ~]# cd /etc/yum.repos.d/
[root@linfan yum.repos.d]# wget http://mirrors.163.com/.help/CentOS7-Base-163.repo
[root@linfan yum.repos.d]# sed -i ‘s/\$releasever/7/g‘ /etc/yum.repos.d/CentOS7-Base-163.repo
[root@linfan yum.repos.d]# sed -i ‘s/^enabled=.*/enabled=1/g‘ /etc/yum.repos.d/CentOS7-Base-163.repo
[root@linfan yum.repos.d]# yum -y install epel-release
安装依赖包
[root@linfan ~]# yum -y install libxml2 libxml2-devel openssl openssl-devel bzip2 bzip2-devel libcurl libcurl-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel gmp gmp-devel libmcrypt libmcrypt-devel readline readline-devel libxslt libxslt-devel mhash mhash-devel
下载php
[root@linfan ~]# cd /usr/src/
[root@linfan src]# wget http://cn.php.net/distributions/php-7.2.8.tar.xz
编译安装php
[root@linfan ~]#ls
[root@linfan ~]#tar xf php-7.2.8.tar.xz
[root@linfan ~]#cd php-7.2.8
[root@linfan php-7.2.8]# ./configure --prefix=/usr/local/php7 --with-curl --with-freetype-dir --with-gd --with-gettext --with-iconv-dir --with-kerberos --with-libdir=lib64 --with-libxml-dir=/usr --with-mysqli=/usr/local/mysql/bin/mysql_config --with-openssl --with-pcre-regex --with-pdo-mysql --with-pdo-sqlite --with-pear --with-jpeg-dir --with-png-dir --with-xmlrpc --with-xsl --with-zlib --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --with-bz2 --enable-fpm --enable-bcmath --enable-libxml --enable-inline-optimization --enable-mbregex --enable-mbstring --enable-mbstring --enable-opcache --enable-pcntl --enable-shmop --enable-soap --enable-sockets --enable-sysvsem --enable-xml --enable-zip
[root@linfan php-7.2.8]# make -j $(cat /proc/cpuinfo |grep processor|wc -l)
[root@linfan php-7.2.8]# make install
安装后配置
[root@linfan ~]# echo ‘export PATH=/usr/local/php7/bin:$PATH‘ > /etc/profile.d/php7.sh
[root@linfan ~]# source /etc/profile.d/php7.sh
[root@linfan ~]# which php
/usr/local/php7/bin/php
[root@linfan ~]# php -v
PHP 7.2.8 (cli) (built: Aug 17 2018 16:27:08) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
配置php-fpm
[root@linfan php-7.2.8]# cp php.ini-production /etc/php.ini
[root@linfan php-7.2.8]# cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
[root@linfan php-7.2.8]# chmod +x /etc/rc.d/init.d/php-fpm
[root@linfan php-7.2.8]# cp /usr/local/php7/etc/php-fpm.conf.default /usr/local/php7/etc/php-fpm.conf
[root@linfan php-7.2.8]# cp /usr/local/php7/etc/php-fpm.d/www.conf.default /usr/local/php7/etc/php-fpm.d/www.conf
编辑php-fpm的配置文件(/usr/local/php7/etc/php-fpm.conf)
配置fpm的相关选项为你所需要的值:
[root@linfan ~]# vi /usr/local/php7/etc/php-fpm.conf
...
...
pm.max_children = 50 //最多同时50个进程提供50个并发服务
pm.start_servers = 5 //启动时启动5个进程
pm.min_spare_servers = 2 //最小空闲进程数
pm.max_spare_servers = 8 //最大空闲进程数
[root@linfan ~]# tail /usr/local/php7/etc/php-fpm.conf
; files from a glob(3) pattern. This directive can be used everywhere in the
; file.
; Relative path can also be used. They will be prefixed by:
; - the global prefix if it‘s been set (-p argument)
; - /usr/local/php7 otherwise
include=/usr/local/php7/etc/php-fpm.d/*.conf
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 2
pm.max_spare_servers = 8
启动php-fpm
[root@linfan ~]# service php-fpm start
Starting php-fpm done
[root@linfan ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 127.0.0.1:9000 *:*
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 80 :::3306 :::*
[root@linfan ~]# ps -ef|grep php
root 91842 1 0 16:41 ? 00:00:00 php-fpm: master process (/usr/local/php7/etc/php-fpm.conf)
nobody 91843 91842 0 16:41 ? 00:00:00 php-fpm: pool www
nobody 91844 91842 0 16:41 ? 00:00:00 php-fpm: pool www
nobody 91845 91842 0 16:41 ? 00:00:00 php-fpm: pool www
nobody 91846 91842 0 16:41 ? 00:00:00 php-fpm: pool www
nobody 91847 91842 0 16:41 ? 00:00:00 php-fpm: pool www
root 91850 75645 0 16:41 pts/2 00:00:00 grep --color=auto php
在apache httpd 2.4以后已经专门有一个模块针对FastCGI的实现,此模块为mod_proxy_fcgi.so,它其实是作为mod_proxy.so模块的扩展,因此,这两个模块都要加载,编辑httpd.conf文件,取消一下两行的注释:
启用httpd的相关模块
[root@linfan ~]# sed -i ‘/proxy_module/s/#//g‘ /etc/httpd24/httpd.conf
[root@linfan ~]# sed -i ‘/proxy_fcgi_module/s/#//g‘ /etc/httpd24/httpd.conf
在需要使用fcgi的虚拟主机中添加类似如下两行
ProxyRequests Off //关闭正向代理
ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/PATH/TO/DOCUMENT_ROOT/$1
例如
ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/var/www/html/idfsoft.com/
$1
在配置文件的最后加入以下内容
[root@linfan ~]# vim /etc/httpd24/httpd.conf
<VirtualHost 192.168.24.168:80>
ServerName www.doudou.com
DocumentRoot "/usr/local/apache/htdocs/doudou.com"
ProxyRequests Off
ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/usr/local/apache/htdo
cs/doudou.com/$1
<Directory "/usr/local/apache/htdocs/doudou.com">
Options none
AllowOverride none
Require all granted
</Directory>
</VirtualHost>
搜索AddType,添加以下内容
[root@linfan ~]# vim /etc/httpd24/httpd.conf
# If the AddEncoding directives above are commented-out, then you
# probably should define those extensions to indicate media types:
#
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType application/x-httpd-php .php //添加此行
AddType application/x-httpd-php-source .phps //添加此行
[root@linfan ~]# sed -i ‘/ DirectoryIndex/s/index.html/index.php index.html/g‘ /etc/httpd24/httpd.conf
创建虚拟主机目录并生成php测试页面
[root@linfan ~]# mkdir /usr/local/apache/htdocs/doudou.com
[root@linfan ~]# cat > /usr/local/apache/htdocs/wangqing.com/index.php <<EOF
<?php
phpinfo();
?>
EOF
[root@linfan ~]# chown -R apache.apache /usr/local/apache/htdocs/
[root@linfan ~]# ll /usr/local/apache/htdocs/ -d
drwxr-xr-x. 3 apache apache 42 Aug 17 17:35 /usr/local/apache/htdocs/
重启apache服务
[root@linfan ~]# apachectl stop
[root@linfan ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 127.0.0.1:9000 *:*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 80 :::3306 :::*
[root@linfan ~]# apachectl start
[root@linfan ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 127.0.0.1:9000 *:*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 80 :::3306 :::*
1.修改/etc/hosts文件,添加域名与IP的映射
2.在浏览器上使用域名访问,如图所示,实验成功
标签:child http协议 pid useradd ODB 操作系统 firewall existing 0 rows
原文地址:http://blog.51cto.com/13858192/2161312