通过cidr遍历IP地址

package main

import (
	"net"
	"fmt"
)

func hosts(cidr string) ([]string, error) {
ip, ipnet, err := net.ParseCIDR(cidr)
if err != nil {
return nil, err
}

var ips []string
for ip := ip.Mask(ipnet.Mask); ipnet.Contains(ip); inc(ip) {
ips = append(ips, ip.String())
}
return ips[1 : len(ips)-1], nil
}

func inc(ip net.IP) {
	for j := len(ip) - 1; j >= 0; j-- {
		ip[j]++
		if ip[j] > 0 {
			break
		}
	}
}

func main()  {
	hosts, _ := hosts("192.168.11.9/27")
	for _, ip := range hosts {
		 fmt.Println("sent: " + ip)
	}
}

检测一个端口是否为HTTPS

package main

import (
	"fmt"
	"time"
	"net"
	"strconv"
	"os"
)

func main(){
	t:=[]byte{0x16,0x03,0x01,0x00,0xb5,0x01,0x00,0x00,0xb1,0x03,0x03,0xb2,0xd3,0x4d,0xfd,0x63,0xbe,0x89,0xdb,0xe5,0x46,0xcc,0xaf,0x39,0x6e,0xba,0x63,0x63,0x75,0xce,0x30,0xda,0xe0,0x4f,0xab,0xa2,0x3e,0x50,0xea,0x41,0x20,0x10,0xc4,0x00,0x00,0x18,0xc0,0x2b,0xc0,0x2f,0xc0,0x2c,0xc0,0x30,0xc0,0x13,0xc0,0x14,0x00,0x9c,0x00,0x9d,0x00,0x2f,0x00,0x35,0x00,0x0a,0x00,0xff,0x01,0x00,0x00,0x70,0x00,0x00,0x00,0x15,0x00,0x13,0x00,0x00,0x10,0x77,0x77,0x77,0x2e,0x73,0x6f,0x2d,0x63,0x6f,0x6f,0x6c,0x73,0x2e,0x63,0x6f,0x6d,0x00,0x0b,0x00,0x04,0x03,0x00,0x01,0x02,0x00,0x0a,0x00,0x06,0x00,0x04,0x00,0x17,0x00,0x18,0x00,0x23,0x00,0x00,0x00,0x0d,0x00,0x20,0x00,0x1e,0x06,0x01,0x06,0x02,0x06,0x03,0x05,0x01,0x05,0x02,0x05,0x03,0x04,0x01,0x04,0x02,0x04,0x03,0x03,0x01,0x03,0x02,0x03,0x03,0x02,0x01,0x02,0x02,0x02,0x03,0x00,0x05,0x00,0x05,0x01,0x00,0x00,0x00,0x00,0x00,0x0f,0x00,0x01,0x01,0x00,0x10,0x00,0x0b,0x00,0x09,0x08,0x68,0x74,0x74,0x70,0x2f,0x31,0x2e,0x31}

	Target:="115.239.210.27"
	port:=443
	Time, _ := time.ParseDuration("1s")
	conn, err := net.DialTimeout("tcp", Target+":"+strconv.Itoa(port), Time )

	if err != nil {
		fmt.Println("ERR::" + strconv.Itoa(port) + ">" + err.Error())
		os.Exit(1)
	}
	conn.Write(t)
	recvBuf := make([]byte, 2048)
	conn.SetReadDeadline(time.Now().Add(time.Second * 2))
	_, err = conn.Read(recvBuf[:])
	conn.SetReadDeadline(time.Time{})
	fmt.Println("tlsinfo:")
	fmt.Println( string(recvBuf[:]))
	if string(recvBuf[0:4]) == string([] byte {22,3,3,0}) {
		fmt.Println("this is tls ^_^")
	}else{
		fmt.Println("this is not tls")
	}
	conn.Close()
}

iptables 禁止国外IP访问

某业务需求,禁止国外IP访问,也能在发生攻击时阻挡部分流量

由于IP地址太多, 直接用iptables 一条一条的去匹配会影响性能,故使用ipset 结合 iptables使用

yum install ipset
ipset create china hash:net hashsize 10000 maxelem 1000000
#ipset add china 1.2.3.0/24
#ipset list china

把国内的IP段添加进去

wget http://www.ipdeny.com/ipblocks/data/countries/cn.zone
for i in `cat cn.zone`
do
echo "ipset add china $i" >>ipset_result.sh
done

执行

chmod +x ipset_result.sh
./ipset_result.sh
# ipset list china  #检验

最后的iptables规则:(封禁了UDP和TCP)

-A INPUT -s 10.202.72.116/32 -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -s 10.202.72.118/32 -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -s 114.114.114.114/32 -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -p udp -j DROP
-A INPUT -s 127.0.0.1/32 -p tcp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j DROP
-A INPUT -m set --match-set china src -j ACCEPT 
-A INPUT -j DROP

ubuntu 16.04 无线网卡+AP

ubuntu 16.04   RTL8188EUS  无线网卡 安装  加 AP 模式

1.安装USB驱动
首先 插入USB无线网卡

lsusb
Bus 001 Device 011: ID 0bda:8179 Realtek Semiconductor Corp. RTL8188EUS 802.11n Wireless Network Adapter  (ID 0bda:8179 )
# usb id  可在这里查询  http://www.linux-usb.org/usb.ids

cd /opt && git clone https://github.com/lwfinger/rtl8188eu.git

首先安装必要的编译器和linux头文件
sudo apt-get install build-essential linux-headers-$(uname -r)

编译、安装驱动
make all
make install

ls ./

8188eu.ko #驱动文件

modprobe 8188eu  #加载驱动

ifconfig -a

wlx3c46d8c7efa5  #新添加的网卡
echo 8188eu >> /etc/modules  #好像即使不加入开机启动列表,网卡在重启后也能正常工作

2. 创建AP

apt-get install isc-dhcp-server  #dhcpd 服务器
apt-get remove hostapd # apt-get 安装的不支持 rtl871xdrv  驱动
git clone https://github.com/christianeisendle/hostapd_rtl871xdr   #git回来修改好的hostapd源码
cd hostapd_rtl871xdrv/hostapd
make
make install

由于rtl8188eu网卡驱动文件夹中已经自带了control_ap  就不另下(git clone https://github.com/oblique/create_ap.git)

#$DHCPD -cf ~/dhcpd.conf $NET_AP (control_ap中注释掉这一句 因为dhcpd启动有点问题)
./control_ap start wlx3c46d8c7efa5 enp4s0   #创建AP, 这时用手机就会搜索到新创建的AP,但是此时连上去还不能分配到IP

#https://www.92ez.com/?action=show&id=23389 

3.设置DHCPD服务
/etc/init.d/apparmor stop
vim /etc/apparmor.d/usr.sbin.dhcpd
/home/yy/dhcpd.conf rwl
/var/lib/dhcpd/db/dhcpd.leases rwl

#这里注意一定要添加,不然启动dhcp时会报 permission denied 权限错误 就算设置为777一样的报错
/usr/sbin/dhcpd -cf /home/yy/dhcpd.conf wlx3c46d8c7efa5  -user root -group root -lf /var/lib/dhcp/db/dhcpd.leases

然后没有报错的话,就可以用手机进行验证了

#https://help.ubuntu.com/community/isc-dhcp-server

#另也可以直接关闭apparmor就没那么多的麻烦事了, 这东西了,这东西跟selinux差不多

/etc/init.d/apparmor stop

/etc/init.d/apparmor teardown

update-rc.d -f apparmor remove

reboot

apt-get remove apparmor

#另python-nfqueue 抓包时

iptables在此种环境下应该设置为FORWARD表,不要设置为INPUT OUTPUT表

iptables -I FORWARD -j NFQUEUE --queue-num 2
iptables -I FORWARD -i wlx3c46d8c7efa5 -j NFQUEUE --queue-num 2

php禁止在php.ini中添加动态扩展

因为特殊的需求 php版本 php 7.1.8

针对文件:main/php_ini.c

if (!is_special_section && !strcasecmp(Z_STRVAL_P(arg1), PHP_EXTENSION_TOKEN)) { 
					extension_name =estrndup(Z_STRVAL_P(arg2), Z_STRLEN_P(arg2));
				zend_llist_add_element(&extension_lists.functions, &extension_name);
				}

注释掉其中的  zend_llist_add_element(&extension_lists.functions, &extension_name);  这一句, 然后重新编译

./configure –prefix=/data/phpsrc/build –enable-xx –disable-phar –without-pear

make && make install

然后再php.ini文件中再添加 extension=xxx.so   此时php就不会再加载这个扩展了。

修改php-beast扩展

vim beast.c

124 line:

zend_module_entry beast_module_entry = {
  2 #if ZEND_MODULE_API_NO >= 20010901
  1     STANDARD_MODULE_HEADER,
  0 #endif                                                                                                                                                                              
  1     “beast”, //扩展名  在phpinfo中显示的扩展名 可随意修改,迷惑作用
  2     beast_functions,
  3     PHP_MINIT(beast),
  4     PHP_MSHUTDOWN(beast),
  5     PHP_RINIT(beast),
  6     PHP_RSHUTDOWN(beast),
  7     PHP_MINFO(beast),

zend_module_entry beast_module_entry = {
  2 #if ZEND_MODULE_API_NO >= 20010901
  1     STANDARD_MODULE_HEADER,
  0 #endif                                                                                                                                                                              
  1     “swoolecompller”,  //扩展名  在phpinfo中显示的扩展名 可随意修改,迷惑作用
  2     beast_functions,
  3     PHP_MINIT(beast),
  4     PHP_MSHUTDOWN(beast),
  5     PHP_RINIT(beast),
  6     PHP_RSHUTDOWN(beast),
  7     PHP_MINFO(beast),

1417 line:

PHP_MINFO_FUNCTION(beast)                                                                                                                                                           
  1 {
  2     php_info_print_table_start();
  3     php_info_print_table_header(2,
  4         “beast V” BEAST_VERSION ” support”, “enabled”);
  5     php_info_print_table_end();
  6 
  7     DISPLAY_INI_ENTRIES();
  8 }

修改为

PHP_MINFO_FUNCTION(beast)                                                                                                                                                           
  1 {
  2     //php_info_print_table_start();
  3     //php_info_print_table_header(2,
  4      //   “beast V111111″ BEAST_VERSION ” support”, “enabled”);
  5     //php_info_print_table_end();
  6 
  7     //DISPLAY_INI_ENTRIES();
  8 }

也可以在 vim php_beast.h  
PHP_MINFO_FUNCTION(beast);  注释掉此行应用。

mysql mark

#update 子查询 limit

update vi_works du,(select voteid from public_vote ORDER by num DESC limit 0,2) b set du.state=2 where du.id=b.voteid and du.state=1;



update vi_works du,(select * from vi_works ORDER by public_vote DESC limit 0,2) b set du.state=2 where du.id=b.id and du.state=1;

javascript 实现递归转非递归 并同步

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
    <script src="//cdn.bootcss.com/jquery/2.2.4/jquery.js"></script>
    <script src="http://cdn.static.runoob.com/libs/angular.js/1.4.6/angular.min.js"></script>
</head>
<body>
<div ng-app="testapp" ng-controller="testctl">
    <input type="button" ng-click="one()" value="test">
</div>

<script>
    (function () {
        'use strict';
        angular
                .module('testapp', [
                ])
                .controller('testctl',['$scope','$http','$q',function ($scope,$http,$q) {

                    function addTask(fun, delay) {
                        if (typeof fun == 'function') {
                            var argu = Array.prototype.slice.call(arguments, 2);
                            var f = (function () {
                                fun.apply(null, argu);
                            });
                            return window.setTimeout(f, delay);
                        }
                        return window.setTimeout(fun, delay);
                    }

                    $scope.one = function (page) {
                        $scope.deferral_local = $q.defer();
                        page = page || 1;
                        var allpage=10;
                        $q.when($scope.splitfile(page)).then(function () {
                            page=page+1;
                            if(page<=allpage){
                                addTask($scope.one,100,page,"参数2","参数3","参数4");
                            }
                        });
                    };

                    $scope.dosomething = function (currentpage) {
                        /*
                        $http.get("/xxx.php").success(function (response) {
                            $scope.deferral_local.resolve('good');
                        });
                        */
                        $timeout(function () {
                            console.log(currentpage);
                            $scope.deferral_local.resolve('good');
                        },1000);

                        return $scope.deferral_local.promise;
                    };

                }]);
    }());

</script>


<script>

    /*
    for(var page=1;page<=10;page++){
        dosomething(page);
    }
    */

    /*
    function one(page) {
        page = page ||1;
        dosomething(page);
        page=page+1;
        if(page>10){
            return ;
        }else{
            one(page);
        }
    }
    */

</script>

</body>
</html>