eastgame.net 显示域名过期,但是应该又续了一年,所有的子站点无论是论坛,字幕,目前都打不开。
TLF 曾经是中国 0day 的一面旗帜,无数免费的电影,音乐,小软件,大型 ISO 软件都从这里流出,而这一切都是可以免费获得的。
TLF 是 the last fantasy 的缩写,代表了“最后的、终极的幻想与神奇”。
历经无数次严打,但是一次次都能挺过来,尽管官方一再要求国内站点必须备案,但该站点长期以来未见备案,真是后台很硬,抑或有其它门道?而这一次不知能否安然度过劫难。
最近好像又来了一次严打盗版,让我们一起来祈祷吧。
一般在 Linux 上安装 PPTP VPN 服务器有些麻烦,要编译内核,打补丁,起初我以为在 xen 虚拟机上也是这样,对于 Linode 远端的 xen 虚拟机,重新编译内核肯定是不行的了,但是今天居然发现 mppe 居然已经被支持了:
root@ubuntu:/etc/ppp/ip-up.d# zcat /proc/config.gz | grep -i mpp
CONFIG_PPP_MPPE=y
这样就简单了:
apt-get install ppp pptpd
vi /etc/pptpd.conf
option /etc/ppp/options-pptpd
localip 10.0.0.1
remoteip 10.0.0.2-10
vi /etc/ppp/options-pptpd
name *
debug debug
logfd 2
lock
mtu 1450
mru 1450
proxyarp
auth
ipcp-accept-local
ipcp-accept-remote
lcp-echo-failure 3
lcp-echo-interval 5
deflate 0
+chap
+mschap-v2
mppe required
/etc/ppp/chap-secrets
Username * Password *
/etc/init.d/pptpd start
然后就可以了。
省去编译内核的麻烦。但不支持 mppc。
OpenVPN 管理接口使得可以通过外部 TCP socket 来对 OpenVPN 进行管理,使得开发者和管理者可以更全面丰富地控制 OpenVPN。也支持 UNIX 域套接字。
wootaw@rose:~$ telnet 0 7505
Trying 0.0.0.0...
Connected to 0.
Escape character is '^]'.
>INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info
status
OpenVPN CLIENT LIST
Updated,Sun Sep 6 12:43:17 2009
Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
chenyajun,219.142.118.227:1173,798891,698972,Sat Sep 5 22:27:53 2009
ROUTING TABLE
Virtual Address,Common Name,Real Address,Last Ref
192.168.2.10,chenyajun,219.142.118.227:1173,Sun Sep 6 12:31:15 2009
GLOBAL STATS
Max bcast/mcast queue length,0
END
help
Management Interface for OpenVPN 2.1_rc19 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] built on Sep 3 2009
Commands:
auth-retry t : Auth failure retry mode (none,interact,nointeract).
bytecount n : Show bytes in/out, update every n secs (0=off).
echo [on|off] [N|all] : Like log, but only show messages in echo buffer.
exit|quit : Close management session.
forget-passwords : Forget passwords entered so far.
help : Print this message.
hold [on|off|release] : Set/show hold flag to on/off state, or
release current hold and start tunnel.
kill cn : Kill the client instance(s) having common name cn.
kill IP:port : Kill the client instance connecting from IP:port.
log [on|off] [N|all] : Turn on/off realtime log display
+ show last N lines or 'all' for entire history.
mute [n] : Set log mute level to n, or show level if n is absent.
needok type action : Enter confirmation for NEED-OK request of 'type',
where action = 'ok' or 'cancel'.
needstr type action : Enter confirmation for NEED-STR request of 'type',
where action is reply string.
net : (Windows only) Show network info and routing table.
password type p : Enter password p for a queried OpenVPN password.
pid : Show process ID of the current OpenVPN process.
client-auth CID KID : Authenticate client-id/key-id CID/KID (MULTILINE)
client-auth-nt CID KID : Authenticate client-id/key-id CID/KID
client-deny CID KID R : Deny auth client-id/key-id CID/KID with reason text R
client-kill CID : Kill client instance CID
client-pf CID : Define packet filter for client CID (MULTILINE)
signal s : Send signal s to daemon,
s = SIGHUP|SIGTERM|SIGUSR1|SIGUSR2.
state [on|off] [N|all] : Like log, but show state history.
status [n] : Show current daemon status info using format #n.
test n : Produce n lines of output for testing/debugging.
username type u : Enter username u for a queried OpenVPN username.
verb [n] : Set log verbosity level to n, or show if n is absent.
version : Show current version number.
END
revoke-full 提供了撤销证书的功能,对应生成文件 crl.pem,在服务器端加上 crl-verify PATH_TO_CRL_PEM,则撤销的证书将不能再登陆了。
部分敏感内容以 * 表示。
可以看到服务器端向客户端推送了什么选项。 Read the rest of this entry »