OOP第四到第六次训练总结

Posted HoYoGen

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了OOP第四到第六次训练总结相关的知识,希望对你有一定的参考价值。

一、前言

本文章主要是对作者大学编程学习的记录,本篇文章主要是对OOP的第四到六次训练的总结。

现如今,我已经正式的进入了OOP的学习,难度也确实逐渐在提升,这三次作业与前三次比较起来,代码量和难度都有了明显的提升,已经是一个新的阶段,而三次训练一次总结也恰好将学习分为了不同阶段。

第一阶段是小试牛刀,本阶段让我初步品尝到了OOP的难度,与前三次相比也确实略显力不从心了,着实有难度,不过还是那句话,有难度才会有进步,也是正真品尝到了Java的滋味。

1、主要知识点

这三次练习,在我看来,是我们的练习从语法练习转向程序设计思想训练的过渡阶段,对我们训练的重心渐渐转变了,本次作业的主要知识点倾向于对我们程序设计思想的训练,重点考察了类间关系、单一职责原则,也对继承与多态进行了考察,语法知识已成为实现的基础,所以并非主要考查点。

2、作业题量

与前三次相比,本次作业的代码量大大提升,代码量最少的第四次训练的代码量就可与上一次代码量最大的第三次作业相比,第五次作业的代码行数接近一千行,第六次接近两千行。

代码量还是算比较大的,不过倒也算在可承受范围之内。

3、作业难度

同样与前三次作业相比,此次作业还是十分有难度的。

第四次作业主要是难在第一题,其他题目都比较简单,第一题的难度超过了先前做的所有题目的难度;

第五次作业主要是最后两题比较难,虽然有前几次作业相同类型的铺垫,但是要真正理清每一个类每一个方法的作用还是有难度的,不过好在做好了其中一个另一个也能有清晰的思路,便也降低了些工作量;

第六次作业难度超过了第四五次,前两题的难度有些许提升,后三题更是感觉直接上了难度,若是没有合理的设计要夺走很多弯路不说,还会导致许多要求难以达成。

总的来说,本次作业还是十分有难度的。

2、设计与分析

此部分主要是对第四次作业的第一题、第五次作业的五六题、第六次作业四五题进行分析(其他题目暂时不做过多分析)

1、第四次作业第一题

以下为本题的要求:

设计点菜计价程序,根据输入的信息,计算并输出总价格。

输入内容按先后顺序包括两部分:菜单、订单,最后以"end"结束。

菜单由一条或多条菜品记录组成,每条记录一行

每条菜品记录包含:菜名、基础价格 两个信息。

订单分:桌号标识、点菜记录和删除信息、代点菜信息。每一类信息都可包含一条或多条记录,每条记录一行或多行。

桌号标识独占一行,包含两个信息:桌号、时间。

桌号以下的所有记录都是本桌的记录,直至下一个桌号标识。

点菜记录包含:序号、菜名、份额、份数。份额可选项包括:1、2、3,分别代表小、中、大份。

不同份额菜价的计算方法:小份菜的价格=菜品的基础价格。中份菜的价格=菜品的基础价格1.5。小份菜的价格=菜品的基础价格2。如果计算出现小数,按四舍五入的规则进行处理。

删除记录格式:序号 delete

标识删除对应序号的那条点菜记录。

如果序号不对,输出"delete error"

代点菜信息包含:桌号 序号 菜品名称 份额 分数

代点菜是当前桌为另外一桌点菜,信息中的桌号是另一桌的桌号,带点菜的价格计算在当前这一桌。

程序最后按输入的先后顺序依次输出每一桌的总价(注意:由于有代点菜的功能,总价不一定等于当前桌上的菜的价格之和)。

每桌的总价等于那一桌所有菜的价格之和乘以折扣。如存在小数,按四舍五入规则计算,保留整数。

折扣的计算方法(注:以下时间段均按闭区间计算):

周一至周五营业时间与折扣:晚上(17:00-20:30)8折,周一至周五中午(10:30--14:30)6折,其余时间不营业。

周末全价,营业时间:9:30-21:30

如果下单时间不在营业范围内,输出"table " + t.tableNum + " out of opening hours"

参考以下类的模板进行设计:菜品类:对应菜谱上一道菜的信息。

Dish

String name;//菜品名称

int unit_price; //单价

int getPrice(int portion)//计算菜品价格的方法,输入参数是点菜的份额(输入数据只能是1/2/3,代表小/中/大份)

菜谱类:对应菜谱,包含饭店提供的所有菜的信息。

Menu

Dish\\[\\] dishs ;//菜品数组,保存所有菜品信息

Dish searthDish(String dishName)//根据菜名在菜谱中查找菜品信息,返回Dish对象。

Dish addDish(String dishName,int unit_price)//添加一道菜品信息

点菜记录类:保存订单上的一道菜品记录

Record

int orderNum;//序号\\\\

Dish d;//菜品\\\\

int portion;//份额(1/2/3代表小/中/大份)\\\\

int getPrice()//计价,计算本条记录的价格\\\\

订单类:保存用户点的所有菜的信息。

Order

Record\\[\\] records;//保存订单上每一道的记录

int getTotalPrice()//计算订单的总价

Record addARecord(int orderNum,String dishName,int portion,int num)//添加一条菜品信息到订单中。

delARecordByOrderNum(int orderNum)//根据序号删除一条记录

findRecordByNum(int orderNum)//根据序号查找一条记录

### 输入格式:

桌号标识格式:table + 序号 +英文空格+ 日期(格式:YYYY/MM/DD)+英文空格+ 时间(24小时制格式: HH/MM/SS)

菜品记录格式:

菜名+英文空格+基础价格

如果有多条相同的菜名的记录,菜品的基础价格以最后一条记录为准。

点菜记录格式:序号+英文空格+菜名+英文空格+份额+英文空格+份数注:份额可输入(1/2/3), 1代表小份,2代表中份,3代表大份。

删除记录格式:序号 +英文空格+delete

代点菜信息包含:桌号+英文空格+序号+英文空格+菜品名称+英文空格+份额+英文空格+分数

最后一条记录以“end”结束。

### 输出格式:

按输入顺序输出每一桌的订单记录处理信息,包括:

1、桌号,格式:table+英文空格+桌号+”:”

2、按顺序输出当前这一桌每条订单记录的处理信息,

每条点菜记录输出:序号+英文空格+菜名+英文空格+价格。其中的价格等于对应记录的菜品\\*份数,序号是之前输入的订单记录的序号。如果订单中包含不能识别的菜名,则输出“\\*\\* does not exist”,\\*\\*是不能识别的菜名

如果删除记录的序号不存在,则输出“delete error”

最后按输入顺序一次输出每一桌所有菜品的总价(整数数值)格式:table+英文空格+桌号+“:”+英文空格+当前桌的总价

本次题目不考虑其他错误情况,如:桌号、菜单订单顺序颠倒、不符合格式的输入、序号重复等,在本系列的后续作业中会做要求。

输入格式:

桌号标识格式:table + 序号 +英文空格+ 日期(格式:YYYY/MM/DD)+英文空格+ 时间(24小时制格式: HH/MM/SS)

菜品记录格式:

菜名+英文空格+基础价格

如果有多条相同的菜名的记录,菜品的基础价格以最后一条记录为准。

点菜记录格式:序号+英文空格+菜名+英文空格+份额+英文空格+份数注:份额可输入(1/2/3), 1代表小份,2代表中份,3代表大份。

删除记录格式:序号 +英文空格+delete

代点菜信息包含:桌号+英文空格+序号+英文空格+菜品名称+英文空格+份额+英文空格+分数

最后一条记录以“end”结束。

输出格式:

按输入顺序输出每一桌的订单记录处理信息,包括:

1、桌号,格式:table+英文空格+桌号+“:”

2、按顺序输出当前这一桌每条订单记录的处理信息,

每条点菜记录输出:序号+英文空格+菜名+英文空格+价格。其中的价格等于对应记录的菜品\\*份数,序号是之前输入的订单记录的序号。如果订单中包含不能识别的菜名,则输出“\\*\\* does not exist”,\\*\\*是不能识别的菜名

如果删除记录的序号不存在,则输出“delete error”

最后按输入顺序一次输出每一桌所有菜品的总价(整数数值)格式:table+英文空格+桌号+“:”+英文空格+当前桌的总价

本次题目不考虑其他错误情况,如:桌号、菜单订单顺序颠倒、不符合格式的输入、序号重复等,在本系列的后续作业中会做要求。

本题主要的要求是设计点菜程序以实现对不同桌号点菜的记录;

要实现菜单能够录入菜品

同时根据题目给出的信息画出基本类图:

 其中Dish类用于储存每一道菜品的信息,Menu类用于存放菜品信息,Record类用于记录点菜信息,Order类用于对所有菜品信息进行相关操作

后续由于为进行代码实现,便不过多分析。。。

2、第五次作业第五题

以下为本题的要求:

参考题目7-2的要求,设计如下几个类:DateUtil、Year、Month、Day,其中年、月、日的取值范围依然为:year∈[1900,2050] ,month∈[1,12] ,day∈[1,31] , 设计类图如下:

应用程序共测试三个功能:

  1. 求下n天
  2. 求前n天
  3. 求两个日期相差的天数

注意:严禁使用Java中提供的任何与日期相关的类与方法,并提交完整源码,包括主类及方法(已提供,不需修改)

在简单看了下题目后,我首先是将代码的基本框架写好,先根据题目给出的类图,将各个类的各个属性及方法基本写好,后续再进行实现。

根据类图中的关系,先写好了Year类,同时分析属性value的作用,发现Year,Month,Day类里都有value属性,便知value是对年份月份和日期进行具体操作的属性;

然后将Year类的基本构造方法和属性的getter和setter写好,接下来是用于判断是否为闰年的isLeapYear方法,由于有先前的相关代码,便可直接拿来使用;

validate方法用于判断年份是否非法,直接根据年份的值是否在范围内来判断便可;

yearIncrement方法和yearReduction方法用于实现属性value的增减以实现年份的增减;

至此便实现Year类;

然后是Month类:

同样的先写好了属性及构造方法及getter、setter;

然后resetMax方法和resetMin方法,resetMax方法只需判断此时的月份是否为0,若为0则将月份数重置为12,同时年份减1,resetMin方法则判断月份是否为13,若为13重置为1,同时年份加1;

/**
* 更新month,year
*/
public void resetMin()
// 当month超过月份最大值时
if (this.value == 13)
// month更新为1
this.value = 1;
// year++
this.year.yearIncrement();



/**
* 更新month,year
*/
public void resetMax()
// 当month低于最小值时
if (this.value == 0)
// month更新为12
this.value = 12;
// year--
this.year.yearReduction();

同样的validate方法只需判断月份是否位于一到十二之间;

monthIncrement和monthReduction方法同样是只写一个value++和value--;

至此便实现了Month类;

接着的Day类实现思路与Month类相似,只是多了个用于获取月份天数的数组类属性,同时vaildate也发生变化,在判断时需要调用Year类中的判断是否为闰年的方法来对二月份的天数进行更改,然后再结合不同月份的不同最大天数来判断天数是否正确,同时需要注意的是需要在判断之前加一个判断年份和月份是否正确的判断语句,年月成功了才进行日期的判断,否则会造成数据超出数组长/**

 * 判断day是否合法
*/
public boolean vaildate()
// 通过对平闰年的判断来改变2月份的天数
if (this.month.getYear().isLeapYear())
this.mon_maxnum[1] = 29;
else
this.mon_maxnum[1] = 28;

// 在月份输入正确的情况下判断日期,避免超过数组长度
if (this.month.validate())
// 当日期小于1或大于本月最大天数是日期输入错误
if (this.value < 1 || this.value > this.mon_maxnum[this.month.getValue() - 1])
return false;
else
return true;

else
return false;

还需要注意的是resetMax方法和resetMin方法,同样开始一个判断是否闰年然后改变月份天数,然后resetMax则判断天数是否为0,若为0则日期重置为上月的最大天数,月份减1,resetMin则判断天数是否等于本月最大天数加1,若是则重置天数为1,月份数加1,需要注意的是需将月份数的改变操作置于日期重置操作之前,否则当本月为1月时进行resetMax操作会导致天数重置出现错误,12月进行resetMin操作同样如此;

/**
* 更新day,month,year
*/
public void resetMin()
// 通过对平闰年的判断来改变2月份的天数
if (this.month.getYear().isLeapYear())
this.mon_maxnum[1] = 29;
else
this.mon_maxnum[1] = 28;

// 当day超过了本月最大天数时
if (this.value == this.mon_maxnum[this.month.getValue() - 1] + 1)
// month++
this.month.monthIncrement();
// 更新Month,year
this.month.resetMin();
// day变为1
this.value = 1;



/**
* 更新day,month,year
*/
public void resetMax()
// 通过对平闰年的判断来改变2月份的天数
if (this.month.getYear().isLeapYear())
this.mon_maxnum[1] = 29;
else
this.mon_maxnum[1] = 28;

// 当day低于了本月最小天数时
if (this.value == 0)
// month--
this.month.monthReduction();
// 更新month,year
this.month.resetMax();
// day变为前一个月的最大天数
this.value = this.mon_maxnum[this.month.getValue() - 1];

最后的DateUtil类:

同样写好构造方法和getter、setter;

然后checkInputValidity方法,用于判断输入是否合法,只需要年月日都正确即正确,便需要调用三个类的判断年月日合法方法来判断便可;

接下来的compareDates方法,qualTwoDates方法和showDate方法;

然后是最主要的三个方法,分别用于求前n天,后n天和两个日期相差的天数;

getNextNDays方法只需用循环将输入的不断减1直到n等于0,同时进行调用dayIncrement方法增加天数再调用resetMin方法重置天数即可;

/**
* 求下n天
*/
public DateUtil getNextNDays(int n)
for(; n > 0; n--)
// day++
this.day.dayIncrement();
// 更新day,year,month
this.day.resetMin();

return this;

getPreviousNDays方法同样是用循环不断使n减1,到n等于0时退出循环,同时调用dayReduction方法,进行日期减操作,再调用resetMax方法进行重置天数操作;

/**
* 求前n天
*/
public DateUtil getPreviousNDays(int n)
for(; n > 0; n--)
// day--
this.day.dayReduction();
// 更新day,year,month
this.day.resetMax();

return this;

然后getDaysOfDates方法,先定义一个num用于计算相差的天数,先判断两个日期的先后,若日期相等则直接返回0,前一个日期大于后一个日期则运用循环,num不断加1,当前后日期相等时退出循环,同时进行调用dayIncrement方法增加天数再调用resetMin方法重置天数即可,在后一个日期大于前一个时调用dayReduction方法,进行日期减操作,再调用resetMax方法进行重置天数操作即可;

    /**
* 求两日期相隔天数
*/
public int getDaysofDates(DateUtil date)
// 相差天数
int num = 0;
// 根据两个日期的先后来进行不同操作
if (this.equalTwoDates(date))
// 如果两个日期相等则返回0
return 0;
else if (this.compareDates(date))
// 如果前一个日期早于后一个则运用循环计算相差天数,当两个日期相同时跳出循环
for(; !this.equalTwoDates(date); num++)
// day++
this.day.dayIncrement();
// 更新day,year,month
this.day.resetMin();

else
// 如果前一个日期晚于后一个则运用循环计算相差天数,当两个日期相同时跳出循环
for(; !this.equalTwoDates(date); num++)
// day--
this.day.dayReduction();
// 更新day,year,month
this.day.resetMax();


return num;

至此便实现了DateUtil方法;

最后的Main类直接取用第三次作业最后一题给出的Main类再稍作修改即可得到。

至此便实现了本题。

以下是我根据我代码反向生成的类图:

 

 以下是通过SourceMonitor生成对本题代码的分析:

以下是本题的源码:

import java.util.Scanner;

public class Main 
    public static void main(String[] args) 
        Scanner input = new Scanner(System.in);
        int year = 0;
        int month = 0;
        int day = 0;

        int choice = input.nextInt();

        if (choice == 1)  // test getNextNDays method
            int m = 0;
            year = Integer.parseInt(input.next());
            month = Integer.parseInt(input.next());
            day = Integer.parseInt(input.next());

            DateUtil date = new DateUtil(day, month, year);

            if (!date.checkInputValidity()) 
                System.out.println("Wrong Format");
                System.exit(0);
            

            m = input.nextInt();

            if (m < 0) 
                System.out.println("Wrong Format");
                System.exit(0);
            

            System.out.println(date.getNextNDays(m).showDate());
         else if (choice == 2)  // test getPreviousNDays method
            int n = 0;
            year = Integer.parseInt(input.next());
            month = Integer.parseInt(input.next());
            day = Integer.parseInt(input.next());

            DateUtil date = new DateUtil(day, month, year);

            if (!date.checkInputValidity()) 
                System.out.println("Wrong Format");
                System.exit(0);
            

            n = input.nextInt();

            if (n < 0) 
                System.out.println("Wrong Format");
                System.exit(0);
            

            System.out.println(date.getPreviousNDays(n).showDate());
         else if (choice == 3)     //test getDaysofDates method
            year = Integer.parseInt(input.next());
            month = Integer.parseInt(input.next());
            day = Integer.parseInt(input.next());

            int anotherYear = Integer.parseInt(input.next());
            int anotherMonth = Integer.parseInt(input.next());
            int anotherDay = Integer.parseInt(input.next());

            DateUtil fromDate = new DateUtil(day, month, year);
            DateUtil toDate = new DateUtil(anotherDay, anotherMonth, anotherYear);

            if (fromDate.checkInputValidity() && toDate.checkInputValidity()) 
                System.out.println(fromDate.getDaysofDates(toDate));
             else 
                System.out.println("Wrong Format");
                System.exit(0);
            
        
        else
            System.out.println("Wrong Format");
            System.exit(0);
        
    

public class DateUtil 
    private Day day;

    public DateUtil() 

    

    public DateUtil(int d, int m, int y) 
        this.day = new Day(y, m, d);
    

    public Day getDay() 
        return this.day;
    

    public void setDay(Day day) 
        this.day = day;
    

    /**
     * 判断输入是否正确
     */
    public boolean checkInputValidity() 
        // 若year,month,day同时正确则正确
        if (this.day.vaildate() && this.day.getMonth().validate()
                && this.day.getMonth().getYear().validate()) 
            return true;
         else 
            return false;
        
    

    /**
     *比较两个日期的先后
     */
    public boolean compareDates(DateUtil date) 
        // 逐层判断,先比较年再比较月份最后比较日期
        if (this.day.getMonth().getYear().getValue()
                > date.getDay().getMonth().getYear().getValue()) 
            return false;
         else if (this.day.getMonth().getYear().getValue()
                < date.getDay().getMonth().getYear().getValue()) 
            return true;
         else 
            if (this.day.getMonth().getValue() > date.getDay().getMonth().getValue()) 
                return false;
             else if (this.day.getMonth().getValue() < date.getDay().getMonth().getValue()) 
                return true;
             else 
                if (this.getDay().getValue() > date.getDay().getValue()) 
                    return false;
                 else 
                    return true;
                
            
        
    

    /**
     * 判断两个日期是否相同
     */
    public boolean equalTwoDates(DateUtil date) 
        // 直接比较两个日期的年月日是否相同
        if (this.day.getMonth().getYear().getValue()
                == date.getDay().getMonth().getYear().getValue()
                && this.day.getMonth().getValue() == date.getDay().getMonth().getValue()
                && this.getDay().getValue() == date.getDay().getValue()) 
            return true;
         else
            return false;
        
    

    /**
     * 转换日期格式
     */
    public String showDate() 
        String year = Integer.toString(this.day.getMonth().getYear().getValue());
        String month = Integer.toString(this.day.getMonth().getValue());
        String day = Integer.toString(this.day.getValue());
        String date = year + "-" + month + "-" + day;
        return date;
    

    /**
     * 求下n天
     */
    public DateUtil getNextNDays(int n) 
        for(; n > 0; n--) 
            // day++
            this.day.dayIncrement();
            // 更新day,year,month
            this.day.resetMin();
        
        return this;
    

    /**
     * 求前n天
     */
    public DateUtil getPreviousNDays(int n) 
        for(; n > 0; n--) 
            // day--
            this.day.dayReduction();
            // 更新day,year,month
            this.day.resetMax();
        
        return this;
    

    /**
     * 求两日期相隔天数
     */
    public int getDaysofDates(DateUtil date) 
        // 相差天数
        int num = 0;
        // 根据两个日期的先后来进行不同操作
        if (this.equalTwoDates(date)) 
            // 如果两个日期相等则返回0
            return 0;
         else if (this.compareDates(date)) 
            // 如果前一个日期早于后一个则运用循环计算相差天数,当两个日期相同时跳出循环
            for(; !this.equalTwoDates(date); num++) 
                // day++
                this.day.dayIncrement();
                // 更新day,year,month
                this.day.resetMin();
            
         else 
            // 如果前一个日期晚于后一个则运用循环计算相差天数,当两个日期相同时跳出循环
            for(; !this.equalTwoDates(date); num++) 
                // day--
                this.day.dayReduction();
                // 更新day,year,month
                this.day.resetMax();
            
        
        return num;
    

public class Day extends DateUtil
    private int value = 0;
    private Month month;
    private int[] mon_maxnum = 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31;

    public Day() 

    

    public Day(int yearValue, int monthValue, int dayValue) 
        this.month = new Month(yearValue, monthValue);
        this.value = dayValue;
    

    public int getValue() 
        return this.value;
    

    public void setValue(int value) 
        this.value = value;
    

    public Month getMonth() 
        return this.month;
    

    public void setMonth(Month month) 
        this.month = month;
    

    /**
     * 判断day是否合法
     */
    public boolean vaildate() 
        // 通过对平闰年的判断来改变2月份的天数
        if (this.month.getYear().isLeapYear()) 
            this.mon_maxnum[1] = 29;
         else 
            this.mon_maxnum[1] = 28;
        
        // 在月份输入正确的情况下判断日期,避免超过数组长度
        if (this.month.validate()) 
            // 当日期小于1或大于本月最大天数是日期输入错误
            if (this.value < 1 || this.value > this.mon_maxnum[this.month.getValue() - 1]) 
                return false;
             else 
                return true;
            
         else 
            return false;
        
    

    /**
     * 更新day,month,year
     */
    public void resetMin() 
        // 通过对平闰年的判断来改变2月份的天数
        if (this.month.getYear().isLeapYear()) 
            this.mon_maxnum[1] = 29;
         else 
            this.mon_maxnum[1] = 28;
        
        // 当day超过了本月最大天数时
        if (this.value == this.mon_maxnum[this.month.getValue() - 1] + 1) 
            // month++
            this.month.monthIncrement();
            // 更新Month,year
            this.month.resetMin();
            // day变为1
            this.value = 1;
        
    

    /**
     * 更新day,month,year
     */
    public void resetMax() 
        // 通过对平闰年的判断来改变2月份的天数
        if (this.month.getYear().isLeapYear()) 
            this.mon_maxnum[1] = 29;
         else 
            this.mon_maxnum[1] = 28;
        
        // 当day低于了本月最小天数时
        if (this.value == 0) 
            // month--
            this.month.monthReduction();
            // 更新month,year
            this.month.resetMax();
            // day变为前一个月的最大天数
            this.value = this.mon_maxnum[this.month.getValue() - 1];
        
    

    public void dayIncrement() 
        // day++
        this.value++;
    

    public void dayReduction() 
        // day--
        this.value--;
    

public class Month extends Day
    private int value = 0;
    private Year year;

    public Month() 
    

    public Month(int yearValue, int monthValue) 
        this.year = new Year(yearValue);
        this.value = monthValue;
    

    public int getValue() 
        return this.value;
    

    public void setValue(int value) 
        this.value = value;
    

    public Year getYear() 
        return this.year;
    

    public void setYear(Year year) 
        this.year = year;
    

    /**
     * 判断month是否合法
     */
    public boolean validate() 
        // 如果month小于等于12大于等于1则合法
        if (this.value >= 1 && this.value <=12) 
            return true;
         else 
            return false;
        
    

    /**
     * 更新month,year
     */
    public void resetMin() 
        // 当month超过月份最大值时
        if (this.value == 13) 
            // month更新为1
            this.value = 1;
            // year++
            this.year.yearIncrement();
        
    

    /**
     * 更新month,year
     */
    public void resetMax() 
        // 当month低于最小值时
        if (this.value == 0) 
            // month更新为12
            this.value = 12;
            // year--
            this.year.yearReduction();
        
    

    public void monthIncrement() 
        // momnth++
        this.value++;
    

    public void monthReduction() 
        // month--;
        this.value--;
    

public class Year extends Month
    private int value = 0;

    public Year() 

    

    public Year(int value) 
        this.value = value;
    

    public int getValue() 
        return value;
    

    public void setValue(int value) 
        this.value = value;
    

    /**
     *判断是否为闰年
     */
    public boolean isLeapYear() 
        if (this.value % 4 == 0 && this.value % 100 !=0 || this.value % 400 ==0) 
            return true;
         else 
            return false;
        
    

    /**
     *判断年份是否合法
     */
    public boolean validate() 
        // 当年份大于等于1900小于等于2050时合法
        if (this.value >= 1900 && this.value <= 2050) 
            return true;
         else 
            return false;
        
    

    public void yearIncrement() 
        // year++
        this.value++;
    

    public void yearReduction() 
        // year--
        this.value--;
    

 3、第五次作业第六题

本题题目要求与上题相同,只是要求对类图进行修改

本题与上题各方法的实现思路基本相同,只不过是将年月日的父类都赋为了DateUtil,使得能够更为直接的实现方法的调用,其他思路基本相同,便不做过多赘述

以下为根据本题源码生成的类图:

然后是SourceMonitor生成的源码分析:

最后是本题源码:

import java.util.Scanner;

public class Main 
    public static void main(String[] args) 
        Scanner input = new Scanner(System.in);
        int year = 0;
        int month = 0;
        int day = 0;

        int choice = input.nextInt();

        if (choice == 1)  // test getNextNDays method
            int m = 0;
            year = Integer.parseInt(input.next());
            month = Integer.parseInt(input.next());
            day = Integer.parseInt(input.next());

            DateUtil date = new DateUtil(year, month, day);

            if (!date.checkInputValidity()) 
                System.out.println("Wrong Format");
                System.exit(0);
            

            m = input.nextInt();

            if (m < 0) 
                System.out.println("Wrong Format");
                System.exit(0);
            

            System.out.print(date.getYear().getValue() + "-" + date.getMonth().getValue() +
                    "-" + date.getDay().getValue() + " next " + m + " days is:");
            System.out.println(date.getNextNDays(m).showDate());
         else if (choice == 2)  // test getPreviousNDays method
            int n = 0;
            year = Integer.parseInt(input.next());
            month = Integer.parseInt(input.next());
            day = Integer.parseInt(input.next());

            DateUtil date = new DateUtil(year, month, day);

            if (!date.checkInputValidity()) 
                System.out.println("Wrong Format");
                System.exit(0);
            

            n = input.nextInt();

            if (n < 0) 
                System.out.println("Wrong Format");
                System.exit(0);
            

            System.out.print(date.getYear().getValue() + "-" + date.getMonth().getValue() +
                    "-" + date.getDay().getValue() + " previous " + n + " days is:");
            System.out.println(date.getPreviousNDays(n).showDate());
         else if (choice == 3)     //test getDaysofDates method
            year = Integer.parseInt(input.next());
            month = Integer.parseInt(input.next());
            day = Integer.parseInt(input.next());

            int anotherYear = Integer.parseInt(input.next());
            int anotherMonth = Integer.parseInt(input.next());
            int anotherDay = Integer.parseInt(input.next());

            DateUtil fromDate = new DateUtil(year, month, day);
            DateUtil toDate = new DateUtil(anotherYear, anotherMonth, anotherDay);

            if (fromDate.checkInputValidity() && toDate.checkInputValidity()) 
                System.out.println("The days between " + fromDate.showDate() +
                        " and " + toDate.showDate() + " are:"
                        + fromDate.getDaysofDates(toDate));
             else 
                System.out.println("Wrong Format");
                System.exit(0);
            
        
        else
            System.out.println("Wrong Format");
            System.exit(0);
        
    

import java.util.Scanner;

public class Main 
    public static void main(String[] args) 
        Scanner input = new Scanner(System.in);
        int year = 0;
        int month = 0;
        int day = 0;

        int choice = input.nextInt();

        if (choice == 1)  // test getNextNDays method
            int m = 0;
            year = Integer.parseInt(input.next());
            month = Integer.parseInt(input.next());
            day = Integer.parseInt(input.next());

            DateUtil date = new DateUtil(year, month, day);

            if (!date.checkInputValidity()) 
                System.out.println("Wrong Format");
                System.exit(0);
            

            m = input.nextInt();

            if (m < 0) 
                System.out.println("Wrong Format");
                System.exit(0);
            

            System.out.print(date.getYear().getValue() + "-" + date.getMonth().getValue() +
                    "-" + date.getDay().getValue() + " next " + m + " days is:");
            System.out.println(date.getNextNDays(m).showDate());
         else if (choice == 2)  // test getPreviousNDays method
            int n = 0;
            year = Integer.parseInt(input.next());
            month = Integer.parseInt(input.next());
            day = Integer.parseInt(input.next());

            DateUtil date = new DateUtil(year, month, day);

            if (!date.checkInputValidity()) 
                System.out.println("Wrong Format");
                System.exit(0);
            

            n = input.nextInt();

            if (n < 0) 
                System.out.println("Wrong Format");
                System.exit(0);
            

            System.out.print(date.getYear().getValue() + "-" + date.getMonth().getValue() +
                    "-" + date.getDay().getValue() + " previous " + n + " days is:");
            System.out.println(date.getPreviousNDays(n).showDate());
         else if (choice == 3)     //test getDaysofDates method
            year = Integer.parseInt(input.next());
            month = Integer.parseInt(input.next());
            day = Integer.parseInt(input.next());

            int anotherYear = Integer.parseInt(input.next());
            int anotherMonth = Integer.parseInt(input.next());
            int anotherDay = Integer.parseInt(input.next());

            DateUtil fromDate = new DateUtil(year, month, day);
            DateUtil toDate = new DateUtil(anotherYear, anotherMonth, anotherDay);

            if (fromDate.checkInputValidity() && toDate.checkInputValidity()) 
                System.out.println("The days between " + fromDate.showDate() +
                        " and " + toDate.showDate() + " are:"
                        + fromDate.getDaysofDates(toDate));
             else 
                System.out.println("Wrong Format");
                System.exit(0);
            
        
        else
            System.out.println("Wrong Format");
            System.exit(0);
        
    

import java.util.Scanner;

public class Main 
    public static void main(String[] args) 
        Scanner input = new Scanner(System.in);
        int year = 0;
        int month = 0;
        int day = 0;

        int choice = input.nextInt();

        if (choice == 1)  // test getNextNDays method
            int m = 0;
            year = Integer.parseInt(input.next());
            month = Integer.parseInt(input.next());
            day = Integer.parseInt(input.next());

            DateUtil date = new DateUtil(year, month, day);

            if (!date.checkInputValidity()) 
                System.out.println("Wrong Format");
                System.exit(0);
            

            m = input.nextInt();

            if (m < 0) 
                System.out.println("Wrong Format");
                System.exit(0);
            

            System.out.print(date.getYear().getValue() + "-" + date.getMonth().getValue() +
                    "-" + date.getDay().getValue() + " next " + m + " days is:");
            System.out.println(date.getNextNDays(m).showDate());
         else if (choice == 2)  // test getPreviousNDays method
            int n = 0;
            year = Integer.parseInt(input.next());
            month = Integer.parseInt(input.next());
            day = Integer.parseInt(input.next());

            DateUtil date = new DateUtil(year, month, day);

            if (!date.checkInputValidity()) 
                System.out.println("Wrong Format");
                System.exit(0);
            

            n = input.nextInt();

            if (n < 0) 
                System.out.println("Wrong Format");
                System.exit(0);
            

            System.out.print(date.getYear().getValue() + "-" + date.getMonth().getValue() +
                    "-" + date.getDay().getValue() + " previous " + n + " days is:");
            System.out.println(date.getPreviousNDays(n).showDate());
         else if (choice == 3)     //test getDaysofDates method
            year = Integer.parseInt(input.next());
            month = Integer.parseInt(input.next());
            day = Integer.parseInt(input.next());

            int anotherYear = Integer.parseInt(input.next());
            int anotherMonth = Integer.parseInt(input.next());
            int anotherDay = Integer.parseInt(input.next());

            DateUtil fromDate = new DateUtil(year, month, day);
            DateUtil toDate = new DateUtil(anotherYear, anotherMonth, anotherDay);

            if (fromDate.checkInputValidity() && toDate.checkInputValidity()) 
                System.out.println("The days between " + fromDate.showDate() +
                        " and " + toDate.showDate() + " are:"
                        + fromDate.getDaysofDates(toDate));
             else 
                System.out.println("Wrong Format");
                System.exit(0);
            
        
        else
            System.out.println("Wrong Format");
            System.exit(0);
        
    

import java.util.Scanner;

public class Main 
    public static void main(String[] args) 
        Scanner input = new Scanner(System.in);
        int year = 0;
        int month = 0;
        int day = 0;

        int choice = input.nextInt();

        if (choice == 1)  // test getNextNDays method
            int m = 0;
            year = Integer.parseInt(input.next());
            month = Integer.parseInt(input.next());
            day = Integer.parseInt(input.next());

            DateUtil date = new DateUtil(year, month, day);

            if (!date.checkInputValidity()) 
                System.out.println("Wrong Format");
                System.exit(0);
            

            m = input.nextInt();

            if (m < 0) 
                System.out.println("Wrong Format");
                System.exit(0);
            

            System.out.print(date.getYear().getValue() + "-" + date.getMonth().getValue() +
                    "-" + date.getDay().getValue() + " next " + m + " days is:");
            System.out.println(date.getNextNDays(m).showDate());
         else if (choice == 2)  // test getPreviousNDays method
            int n = 0;
            year = Integer.parseInt(input.next());
            month = Integer.parseInt(input.next());
            day = Integer.parseInt(input.next());

            DateUtil date = new DateUtil(year, month, day);

            if (!date.checkInputValidity()) 
                System.out.println("Wrong Format");
                System.exit(0);
            

            n = input.nextInt();

            if (n < 0) 
                System.out.println("Wrong Format");
                System.exit(0);
            

            System.out.print(date.getYear().getValue() + "-" + date.getMonth().getValue() +
                    "-" + date.getDay().getValue() + " previous " + n + " days is:");
            System.out.println(date.getPreviousNDays(n).showDate());
         else if (choice == 3)     //test getDaysofDates method
            year = Integer.parseInt(input.next());
            month = Integer.parseInt(input.next());
            day = Integer.parseInt(input.next());

            int anotherYear = Integer.parseInt(input.next());
            int anotherMonth = Integer.parseInt(input.next());
            int anotherDay = Integer.parseInt(input.next());

            DateUtil fromDate = new DateUtil(year, month, day);
            DateUtil toDate = new DateUtil(anotherYear, anotherMonth, anotherDay);

            if (fromDate.checkInputValidity() && toDate.checkInputValidity()) 
                System.out.println("The days between " + fromDate.showDate() +
                        " and " + toDate.showDate() + " are:"
                        + fromDate.getDaysofDates(toDate));
             else 
                System.out.println("Wrong Format");
                System.exit(0);
            
        
        else
            System.out.println("Wrong Format");
            System.exit(0);
        
    

public class DateUtil 
    private Year year;
    private Month month;
    private Day day;
    private int[] mon_maxnum = 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31;

    public DateUtil() 

    

    public DateUtil(int y, int m, int d) 
        this.year = new Year(y);
        this.month = new Month(m);
        this.day = new Day(d);
    

    public Month getMonth() 
        return this.month;
    

    public void setMonth(Month month) 
        this.month = month;
    

    public Day getDay() 
        return this.day;
    

    public void setDay(Day day) 
        this.day = day;
    

    public Year getYear() 
        return this.year;
    

    public void setYear(Year year) 
        this.year = year;
    

    /**
     * 更新day,month,year
     */
    public void setDayMin() 
        // 通过对平闰年的判断来改变2月份的天数
        if (this.year.isLeapYear()) 
            this.mon_maxnum[1] = 29;
         else 
            this.mon_maxnum[1] = 28;
        
        // 当day超过了本月最大天数时
        if (this.day.getValue() == this.mon_maxnum[this.month.getValue() - 1] + 1) 
            // month++
            this.month.monthIncrement();
            // 当month超过月份最大值时
            if (this.month.getValue() == 13) 
                // 更新Month
                this.month.resetMin();
                // year++
                this.year.yearIncrement();
            
            // day变为1
            this.day.setValue(1);
        
    

    /**
     * 更新day,month,year
     */
    public void setDayMax() 
        // 通过对平闰年的判断来改变2月份的天数
        if (this.year.isLeapYear()) 
            this.mon_maxnum[1] = 29;
         else 
            this.mon_maxnum[1] = 28;
        
        // 当day低于了本月最小天数时
        if (this.day.getValue() == 0) 
            // month--
            this.month.monthReduction();
            // 当month低于月份最小值时
            if (this.month.getValue() == 0) 
                // 更新Month
                this.month.resetMax();
                // year--
                this.year.yearReduction();
            
            // day变为前一月最大天数
            this.day.setValue(this.mon_maxnum[this.month.getValue() - 1]);
        
    
    /**
     * 判断输入是否正确
     */
    public boolean checkInputValidity() 
        if (this.month.validate() && this.year.validate()) 
            // 通过对平闰年的判断来改变2月份的天数
            if (this.year.isLeapYear()) 
                this.mon_maxnum[1] = 29;
             else 
                this.mon_maxnum[1] = 28;
            
            // 当日期小于1或大于本月最大天数是日期输入错误
            if (this.day.getValue() < 1 || this.day.getValue() > this.mon_maxnum[this.month.getValue() - 1]) 
                return false;
             else 
                return true;
            
         else 
            return false;
        
    

    /**
     * 求下n天
     */
    public DateUtil getNextNDays(int n) 
        for(; n > 0; n--) 
            // day++
            this.day.dayIncrement();
            // 更新// 更新day,year,month
            this.setDayMin();
        
        return this;
    

    /**
     * 求前n天
     */
    public DateUtil getPreviousNDays(int n) 
        for(; n > 0; n--) 
            // day--
            this.day.dayReduction();
            // 更新day,year,month
            this.setDayMax();
        
        return this;
    

    /**
     *比较两个日期的先后
     */
    public boolean compareDates(DateUtil date) 
        // 逐层判断,先比较年再比较月份最后比较日期
        if (this.year.getValue() > date.year.getValue()) 
            return false;
         else if (this.year.getValue() < date.year.getValue()) 
            return true;
         else 
            if (this.month.getValue() > date.month.getValue()) 
                return false;
             else if (this.month.getValue() < date.month.getValue()) 
                return true;
             else 
                if (this.day.getValue() > date.day.getValue()) 
                    return false;
                 else 
                    return true;
                
            
        
    

    /**
     * 判断两个日期是否相同
     */
    public boolean equalTwoDates(DateUtil date) 
        // 直接比较两个日期的年月日是否相同
        if (this.day.getValue() == date.day.getValue()
                && this.month.getValue() == date.month.getValue()
                && this.year.getValue() == date.year.getValue()) 
            return true;
         else 
            return false;
        
    

    /**
     * 求两日期相隔天数
     */
    public int getDaysofDates(DateUtil date) 
        // 相差天数
        int num = 0;
        // 根据两个日期的先后来进行不同操作
        if (this.equalTwoDates(date)) 
            // 如果两个日期相等则返回0
            return 0;
         else if (this.compareDates(date)) 
            // 如果前一个日期早于后一个则运用循环计算相差天数,当两个日期相同时跳出循环
            for(; !this.equalTwoDates(date); num++) 
                // day++
                this.day.dayIncrement();
                // 更新day,year,month
                this.setDayMin();
            
         else 
            // 如果前一个日期晚于后一个则运用循环计算相差天数,当两个日期相同时跳出循环
            for(; !this.equalTwoDates(date); num++) 
                // day--
                this.day.dayReduction();
                // 更新day,year,month
                this.setDayMax();
            
        
        return num;
    

    /**
     * 转换日期格式
     */
    public String showDate() 
        String year = Integer.toString(this.year.getValue());
        String month = Integer.toString(this.month.getValue());
        String day = Integer.toString(this.day.getValue());
        String date = year + "-" + month + "-" + day;
        return date;
    

public class Day 
    private int value = 0;

    public Day() 
    

    public Day(int value) 
        this.value = value;
    

    public int getValue() 
        return this.value;
    

    public void setValue(int value) 
        this.value = value;
    

    public void dayIncrement() 
        // day++
        this.value++;
    

    public void dayReduction() 
        // day--
        this.value--;
    

public class Month extends DateUtil
    private int value = 0;

    public Month() 
    

    public Month(int value) 
        this.value = value;
    

    public int getValue() 
        return this.value;
    

    public void setValue(int value) 
        this.value = value;
    

    /**
     * 判断month是否合法
     */
    public boolean validate() 
        // 如果month小于等于12大于等于1则合法
        if (this.value >= 1 && this.value <=12) 
            return true;
         else 
            return false;
        
    

    public void resetMin() 
        // 更新month为最小值
        this.value = 1;
    

    public void resetMax() 
        // 更新month为最大值
        this.value = 12;
    

    public void monthIncrement() 
        // momnth++
        this.value++;
    

    public void monthReduction() 
        // month--;
        this.value--;
    

public class Year extends DateUtil
    private int value = 0;

    public Year() 
    

    public Year(int value) 
        this.value = value;
    

    public int getValue() 
        return this.value;
    

    public void setValue(int value) 
        this.value = value;
    

    /**
     *判断是否为闰年
     */
    public boolean isLeapYear() 
        if (this.value % 4 == 0 && this.value % 100 !=0 || this.value % 400 ==0) 
            return true;
         else 
            return false;
        
    

    /**
     *判断年份是否合法
     */
    public boolean validate() 
        // 当年份大于等于1900小于等于2050时合法
        if (this.value >= 1820 && this.value <= 2020) 
            return true;
         else 
            return false;
        
    

    public void yearIncrement() 
        // year++
        this.value++;
    

    public void yearReduction() 
        // year--
        this.value--;
    

本题便分析至此;

4、第六次作业第四题

 以下为本题的要求:

设计ATM仿真系统,具体要求参见作业说明。
OO作业8-1题目说明.pdf

输入格式:

每一行输入一次业务操作,可以输入多行,最终以字符#终止。具体每种业务操作输入格式如下:

  • 存款、取款功能输入数据格式:
    卡号 密码 ATM机编号 金额(由一个或多个空格分隔),
    其中,当金额大于0时,代表取款,否则代表存款。
  • 查询余额功能输入数据格式:
    卡号

输出格式:

①输入错误处理

  • 如果输入卡号不存在,则输出Sorry,this card does not exist.
  • 如果输入ATM机编号不存在,则输出Sorry,the ATM\'s id is wrong.
  • 如果输入银行卡密码错误,则输出Sorry,your password is wrong.
  • 如果输入取款金额大于账户余额,则输出Sorry,your account balance is insufficient.
  • 如果检测为跨行存取款,则输出Sorry,cross-bank withdrawal is not supported.

②取款业务输出

输出共两行,格式分别为:

[用户姓名]在[银行名称]的[ATM编号]上取款¥[金额]

当前余额为¥[金额]

其中,[]说明括起来的部分为输出属性或变量,金额均保留两位小数。

③存款业务输出

输出共两行,格式分别为:

[用户姓名]在[银行名称]的[ATM编号]上存款¥[金额]

当前余额为¥[金额]

其中,[]说明括起来的部分为输出属性或变量,金额均保留两位小数。

④查询余额业务输出

¥[金额]

金额保留两位小数。

首先根据题目,将所需要的类创建好,分别有用于储存卡信息的Card类、用于储存账户信息的Account类、用于储存用户信息的User类,用于储存ATM信息的ATM类、用于储存银行信息的Bank类以及最后一个中国银联ChinaUnionPay类;

对于各个类的关系,卡需要有一个卡号属性,和一个密码属性;

由于一个账户可以有多张卡,则一个Account类中需要有一个Card[]属性,同时还需要账号属性,还需要一个banlance属性对保存账户余额;

一个用户可以有多个账户,则一个User类中需要的属性有名字name和Account[]属性;

一个银行可以有多个用户和多台ATM,所以Bank类中需要有的属性有,name、User[]、ATM[];

最后ChinaUnionPay类有多个银行则需一个Bank[]属性;

对于数据的处理,我想到了借鉴第六次作业第三题的解决方法来实现数据处理,首先将所有数据存入一个StringBuilder中,再将这个StringBuilder传入DealData类中,再在DealData类中进行处理;

同时使用一个Check类来检验数据合法性,以及输入的数据需要进行的操作;

对于Card类,只需要写出其属性、构造方法及getter、setter即可;

对于Account类,同样先是属性及其getter、setter和构造方法,但由于需要对账户余额进行操作,则需要deposit方法来实现存款操作,withdrawal方法来实现取款;

User类、Bank类则只需·构造方法和属性的getter、setter;

ChinaUnionPay类中主要还需要一个initialize方法来对各个数据进行初始化;

DealData类需要一个getDealResult方法来对数据进行处理,同时需要一个StringBuilder属性来储存所有输入信息;

Check类中,checkCardNum方法检测是否有该卡号、checkATMNum方法检测是否有该ATM号、checkPassword方法用于检查密码是否正确、checkBalanceSufficent方法检测余额是否充足、checkCrossBankWithdrawal方法检测是否为跨行取款以及checkIsInquire方法来判断是否执行取款操作;

而Main类main方法中,根据第三题的思路,可以将输入数据全部存入一个StringBuilder中传入DealData类中再对其操作,所以main方法中只需要一个循环,不断判断输入的信息是否为#,不是#则将该信号加入到StringBuilder上同时加上一个换行符以便后续分割,再调用DealData类中的方法即可实现相关操作,值得注意的是在得到信息后需用replaceAll方法将原信息中的多个空格替换为单个空格以实现题目中的要求;

主要需要实现的是DealData类和Check类,其他类比较简单,便不做过多赘述;

对于Check类的方法,前三个判断卡号是否存在、ATM机号是否存在以及密码是否正确的只需通过正则表达式判断即可,判断取款金额是否超过余额则需通过传入的提款金额和当前账户的余额来进行比较进行判断,判断是否跨行取款则需通过对卡号的分类和ATM号的分类来判断是否属于同一银行来判断,最后判断是否为查询余额操作只需判断输入的改行信息除了卡号是否还有其他信息便可;

public class Check 

/**
* 判断输入卡号是否存在
*/
public boolean checkCardNum(String cardNum)
if (Pattern.matches("62(170000100(413157(09|15|18)|51320007)" +
"|220815020(01312(389|390|399|400)|51320(785|786)))", cardNum))
return true;
else
return false;



/**
* 判断输入ATM号是否存在
*/
public boolean checkATMNum(String ATMNum)
if (Pattern.matches("0[123456]", ATMNum))
return true;
else
return false;



/**
* 判断密码是否正确
*/
public boolean checkPassword(String password)
if (password.equals("88888888"))
return true;
else
return false;



/**
* 判断取款额度是否超过余额
*/
public boolean checkBalanceSufficient(Account account, double amount)
if (amount <= account.getBanlance())
return true;
else
return false;



/**
* 判断是否为跨行操作
*/
public boolean checkCrossBankWithdrawal(String cardNum, String ATMNum)
if (cardNum.substring(2, 4).equals("17")
&& Pattern.matches("0[1234]", ATMNum))
return true;
else if (cardNum.substring(2, 4).equals("22")
&& Pattern.matches("0[56]", ATMNum))
return true;
else
return false;



/**
* 判断是否为查询操作
*/
public boolean checkIsInquire(String line)
String[] datas = line.split(" ");
// 如果分割后的输入信息超过一个则非查询操作
if (datas.length > 1)
return false;
else
return true;


对于DealData类中的getDealDataResult方法,先将StringBuilder类中的信息按行分割为多个字符串,然后定义好ChinaUnionPay类和Check类再进行初始化,接着运用循环逐行判断,每一行先判断输入信息是要进行什么操作,再判断各个信息的正确性及余额是否充足及是否为跨行取款,同时此处定义bankNum、userNum和accountNum来定卡号所属银行、用户、账户,再判断卡号正确后根据卡号的信息来分类便可,至此便可得知卡号具体归属,最后再根据输入信息中是需要取款或是存款来判断,若是取款则需判断余额是否充足,存款则无需判断,在改变账户存款信息后再输出相应的改变即可;

public class DealData 
private StringBuilder sb;

public DealData()


public DealData(StringBuilder sb)
this.sb = sb;


/**
* 获取处理信息的结果
*/
public void getDealDataResult()
// 将所有输入信息按行分割
String[] lines = sb.toString().split("\\n");
ChinaUnionPay chinaUnionPay = new ChinaUnionPay();
// 初始化
chinaUnionPay.initialize();
Check check = new Check();
for(int i = 0; i < lines.length; i++)
// 用于确定输入卡号的归属
int bankNum = 0, userNum = 0, accountNum = 0;
String[] datas = lines[i].split(" ");
// 判断输入行是用于余额查询还是存取款
if (!check.checkIsInquire(lines[i]))
// 如果输入卡号错误则输出相应错误并退出程序
if (!check.checkCardNum(datas[0]))
System.out.println("Sorry,this card does not exist.");
System.exit(0);
else
// 判断卡号的归属,如果卡号的34位是17则是中国建设银行
if (datas[0].substring(2, 4).equals("17"))
bankNum = 0;
// 如果卡号的12位是4则是杨过的
if (datas[0].substring(11, 12).

magedu.com-网络班第四期-29-张健华-第六次作业

本周作业内容:

1、详细描述一次加密通讯的过程,结合图示最佳。

一、client_hello

  客户端发起请求,以明文传输请求信息,包含版本信息,加密套件候选列表,压缩算法候选列表,随机数,扩展字段等信息,相关信息如下:

支持的最高TSL协议版本version,从低到高依次 SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2,当前基本不再使用低于 TLSv1 的版本


客户端支持的加密套件 cipher suites 列表, 每个加密套件对应前面 TLS 原理中的四个功能的组合:认证算法 Au (身份验证)、密钥交换算法 KeyExchange(密钥协商)、对称加密算法 Enc (信息加密)和信息摘要 Mac(完整性校验)


支持的压缩算法 compression methods 列表,用于后续的信息压缩传输


随机数 random_C,用于后续的密钥的生成


二、server_hello+server_certificate+sever_hello_done

server_hello, 服务端返回协商的信息结果,包括选择使用的协议版本 version,选择的加密套件 cipher suite,选择的压缩算法 compression method、随机数 random_S 等,其中随机数用于后续的密钥协商


server_certificates, 服务器端配置对应的证书链,用于身份验证与密钥交换


server_hello_done,通知客户端 server_hello 信息发送结束


三、证书校验

  客户端验证证书的合法性,如果验证通过才会进行后续通信,否则根据错误情况不同做出提示和操作,合法性验证包括如下:

[证书链]的可信性 trusted certificate path


证书是否吊销 revocation,有两类方式离线 CRL 与在线 OCSP,不同的客户端行为会不同


有效期 expiry date,证书是否在有效时间范围


域名 domain,核查证书域名是否与当前的访问域名匹配,匹配规则后续分析


四、client_key_exchange+change_cipher_spec+encrypted_handshake_message

client_key_exchange,合法性验证通过之后,客户端计算产生随机数字 Pre-master,并用证书公钥加密,发送给服务器


此时客户端已经获取全部的计算协商密钥需要的信息:两个明文随机数 random_C 和 random_S 与自己计算产生的 Pre-master,计算得到协商密钥

enc_key=Fuc(random_C, random_S, Pre-Master)


change_cipher_spec,客户端通知服务器后续的通信都采用协商的通信密钥和加密算法进行加密通信


encrypted_handshake_message,结合之前所有通信参数的 hash 值与其它相关信息生成一段数据,采用协商密钥 session secret 与算法进行加密,然后发送给服务器用于数据与握手验证


五、change_cipher_spec+encrypted_handshake_message

服务器用私钥解密加密的 Pre-master 数据,基于之前交换的两个明文随机数 random_C 和 random_S,计算得到协商密钥:enc_key=Fuc(random_C, random_S, Pre-Master)


计算之前所有接收信息的 hash 值,然后解密客户端发送的 encrypted_handshake_message,验证数据和密钥正确性


change_cipher_spec, 验证通过之后,服务器同样发送 change_cipher_spec 以告知客户端后续的通信都采用协商的密钥与算法进行加密通信


encrypted_handshake_message, 服务器也结合所有当前的通信参数信息生成一段数据并采用协商密钥 session secret 与算法加密并发送到客户端


六、握手结束

客户端计算所有接收信息的 hash 值,并采用协商密钥解密 encrypted_handshake_message,验证服务器发送的数据和密钥,验证通过则握手完成


七、加密通信

开始使用协商密钥与算法进行加密通信




2、描述创建私有CA的过程,以及为客户端发来的证书请求进行办法证书。

[[email protected]8 ~]# cd /etc/pki/CA                          ###在CA主机 node8  上创建CA时所需要的文件

[[email protected] CA]# ls

certs  crl  newcerts  private

[[email protected] CA]# touch index.txt

[[email protected] CA]# echo 01 > serial

[[email protected] CA]# ls

certs  crl  index.txt  newcerts  private  serial


[[email protected] CA]# (umask 077;openssl genrsa -out private/cakey.pem 2048)     ###创建私钥文件

Generating RSA private key, 2048 bit long modulus

...............................................+++

...........+++

e is 65537 (0x10001)

[[email protected] CA]# ls -l private/

total 4

-rw------- 1 root root 1675 Mar 24 00:05 cakey.pem


[[email protected] CA]# openssl req -new -x509 -key /etc/pki/CA/private/cakey.pem -days 7300 -out /etc/pki/CA/cacert.pem   ###CA主机生成证书请求,自己为自己颁发证书

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter ‘.‘, the field will be left blank.

-----

Country Name (2 letter code) [XX]:CN

State or Province Name (full name) []:Beijing

Locality Name (eg, city) [Default City]:Beijing

Organization Name (eg, company) [Default Company Ltd]:Magedu Ltd

Organizational Unit Name (eg, section) []:Ops

Common Name (eg, your name or your server‘s hostname) []:ca.magedu.com

Email Address []:[email protected]





[[email protected] ~]# cd /etc/httpd                             ###需要使用证书的主机 node6   上生成私钥文件

[[email protected] httpd]# mkdir ssl

[[email protected] httpd]# cd ssl

[[email protected] ssl]# (umask 077;openssl genrsa -out httpd.key 2048)     ###生成私钥文件

Generating RSA private key, 2048 bit long modulus

..+++

.............................................................................+++

e is 65537 (0x10001)

[[email protected] ssl]# ls

httpd.key

[[email protected] ssl]# openssl req -new -key httpd.key -days 365 -out http.csr     ###生成CA请求

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter ‘.‘, the field will be left blank.

-----

Country Name (2 letter code) [XX]:CN

State or Province Name (full name) []:Beijing

Locality Name (eg, city) [Default City]:Beijing

Organization Name (eg, company) [Default Company Ltd]:Magedu Ltd

Organizational Unit Name (eg, section) []:Ops

Common Name (eg, your name or your server‘s hostname) []:node6.magedu.com

Email Address []:[email protected]


Please enter the following ‘extra‘ attributes

to be sent with your certificate request

A challenge password []:

An optional company name []:


[[email protected] ssl]# scp http.csr [email protected]:/tmp/                          ###向CA主机发送请求请求

[email protected]‘s password: 

http.csr                                      100% 1066     1.0KB/s   00:00 



[[email protected] tmp]# openssl req -new -key httpd.key -days 365 -out http.csr       ###CA签署证书

Error opening Private Key httpd.key

139911856179016:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen(‘httpd.key‘,‘r‘)

139911856179016:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:

unable to load Private Key

[[email protected] tmp]# openssl ca -in /tmp/http.csr -out /tmp/crt -days 365

Using configuration from /etc/pki/tls/openssl.cnf

Check that the request matches the signature

Signature ok

Certificate Details:

        Serial Number: 1 (0x1)

        Validity

            Not Before: Mar 24 07:24:23 2017 GMT

            Not After : Mar 24 07:24:23 2018 GMT

        Subject:

            countryName               = CN

            stateOrProvinceName       = Beijing

            organizationName          = Magedu Ltd

            organizationalUnitName    = Ops

            commonName                = node6.magedu.com

            emailAddress              = [email protected]

        X509v3 extensions:

            X509v3 Basic Constraints: 

                CA:FALSE

            Netscape Comment: 

                OpenSSL Generated Certificate

            X509v3 Subject Key Identifier: 

                84:4B:9D:5A:39:8B:78:B8:1D:FE:35:01:5C:91:38:41:87:47:C2:E5

            X509v3 Authority Key Identifier: 

                keyid:C3:E6:6E:C1:1D:21:CF:B7:23:CE:95:1C:F0:CB:3D:06:E1:67:65:16


Certificate is to be certified until Mar 24 07:24:23 2018 GMT (365 days)

Sign the certificate? [y/n]:y



1 out of 1 certificate requests certified, commit? [y/n]y

Write out database with 1 new entries

Data Base Updated


[[email protected] tmp]# scp /tmp/crt 192.168.1.60:/etc/httpd/ssl                   ###CA将签署过的证书发回发送请求的主机

[email protected]‘s password: 

crt                                           100% 4652     4.5KB/s   00:00 


[[email protected] ssl]# ll                                                       ###CA签署的证书已经生成

total 16

-rw-r--r-- 1 root root 4652 Mar 24 00:26 crt

-rw-r--r-- 1 root root 1066 Mar 24 00:18 http.csr

-rw------- 1 root root 1679 Mar 24 00:16 httpd.key


[[email protected] CA]# cat index.txt                                              ###查看证书的索引文件

V180324072423Z01unknown/C=CN/ST=Beijing/O=Magedu Ltd/OU=Ops/CN=node6.magedu.com/[email protected]





3、搭建一套DNS服务器,负责解析magedu.com域名(自行设定主机名及IP)

  (1)、能够对一些主机名进行正向解析和逆向解析;

  (2)、对子域cdn.magedu.com进行子域授权,子域负责解析对应子域中的主机名;

  (3)、为了保证DNS服务系统的高可用性,请设计一套方案,并写出详细的实施过程


[[email protected] ~]# yum install bind   ###安装dns服务器命令,命令可加-y选项

Loaded plugins: fastestmirror, refresh-packagekit, security

Setting up Install Process

.

.

.

Total download size: 5.0 M

Is this ok [y/N]: y                    ###手动输入y,同意安装

Downloading Packages:

(1/3): bind-9.8.2-0.47.rc1.el6_8.4.x86_64.rpm            | 4.0 MB     00:04     

(2/3): bind-libs-9.8.2-0.47.rc1.el6_8.4.x86_64.rpm       | 890 kB     00:00     

(3/3): bind-utils-9.8.2-0.47.rc1.el6_8.4.x86_64.rpm      | 187 kB     00:00     

--------------------------------------------------------------------------------

.

.

.

Installed:

  bind.x86_64 32:9.8.2-0.47.rc1.el6_8.4                                         


Dependency Updated:

  bind-libs.x86_64 32:9.8.2-0.47.rc1.el6_8.4                                    

  bind-utils.x86_64 32:9.8.2-0.47.rc1.el6_8.4                                   


Complete!                                ###完成安装


[[email protected] ~]#rpm -ql bind | less     ###rpm -q获得软件包相关搜索的信息,在-q子选项中l查看指定的程序包安装后生成的所有文件

/etc/NetworkManager/dispatcher.d/13-named

/etc/logrotate.d/named

/etc/named

/etc/named.conf                             ###主配置文件

/etc/named.iscdlv.key

/etc/named.rfc1912.zones                    ###区域配置文件

/etc/named.root.key

/etc/portreserve/named

/etc/rc.d/init.d/named                      ###启动脚本

/etc/rndc.conf

/etc/rndc.key

/etc/sysconfig/named                        ###脚本的配置文件

.

/usr/sbin/named                              ###主程序

.                        

/var/log/named.log                           ###日志文件

/var/named                                   ###解析库文件

/var/named/data


[[email protected] named]# ls                   ###在/var/named 区域解析库

data  

dynamic  

named.ca                                     ###全球根服务器

named.empty  

named.localhost  

named.loopback  

slaves


[[email protected] named]# service named start  ###启动named程序服务

Generating /etc/rndc.key:                                  [  OK  ]

Starting named:                                            [  OK  ]


[[email protected] named]# vim /etc/named.conf  ###主配置


options {                                       ###主配置:options {}

//      listen-on port 53 { 127.0.0.1; };       ###行首//表示注销本行,表示监听所有地址

//      listen-on-v6 port 53 { ::1; };          ###在C和C++下行首//表示注销本行

        directory       "/var/named";

        dump-file       "/var/named/data/cache_dump.db";

        statistics-file "/var/named/data/named_stats.txt";

        memstatistics-file "/var/named/data/named_mem_stats.txt";

//      allow-query     { localhost; };         ###本行localhost表示仅允许本机来访问,可以修改为any表示所有人能访问

        recursion yes;


//      dnssec-enable yes;                      ###DNS安全认证的机制

//      dnssec-validation yes;                  ###DNS安全认证的机制


        /* Path to ISC DLV key */

//      bindkeys-file "/etc/named.iscdlv.key";

//

//      managed-keys-directory "/var/named/dynamic";

};



[[email protected] named]# vim /etc/named.rfc1912.zones  ###区域解析库


zone "localhost.localdomain" IN {

        type master;

        file "named.localhost";

        allow-update { none; };

};


zone "magedu.com" IN {                         ###创建magedun.com解析库

        type master;                           ###类型为主

        file "magedu.com.zone";

};


[[email protected] named]# cd /var/named           ###

[[email protected] named]# vim magedu.com.zone     ###创建magedu.com.zone并设置

$TTL 86400                                      ### 缓存有效期86400秒=1天

@        IN       SOA      ns1.magedu.com. admin.magedu.com (    ###4列为主DNS服务器名称,5列为管理员邮箱

                           2017020801           ###序列号

                           1H                   ###刷新时间

                           5M                   ###重置时间

                           7D                   ###过期时间7天

                           1D )                 ###否定答案时间1天

       

         IN       NS       ns1.magedu.com.

         IN       NS       NS2.magedu.com.

         IN       MX 10    MX1

         IN       MX 20    mx2

ns1      IN       A        192.168.1.156

ns2      IN       A        192.168.1.159

mx1      IN       A        192.168.1.13

mx2      IN       A        192.168.1.14

www      IN       A        192.168.1.156

ftp      IN       CNAME    www



[[email protected] named]# named-checkconf        ###检查主配置文件是否有语法错误


[[email protected] named]# named-checkzone "magedu.com" /var/named/magedu.com.zone

zone magedu.com/IN: loaded serial 4133585741

OK

###检测域名magedu.com和区域解析库文件有没有语法错误


[[email protected] named]# pwd

/var/named

[[email protected] named]# ll

-rw-r--r--. 1 root  root   619 Feb  7 22:15 magedu.com.zone

[[email protected] named]# id named

uid=25(named) gid=25(named) groups=25(named)

[[email protected] named]# chmod 640 magedu.com.zone           ###修改属组只读,其他用户无权限

[[email protected] named]# ll

-rw-r-----. 1 root  root   619 Feb  7 22:15 magedu.com.zone

[[email protected] named]# chown :named magedu.com.zone        ###修改属组为named,这样named程序能访问

-rw-r-----. 1 root  named  619 Feb  7 22:15 magedu.com.zone

[[email protected] named]# service named restart               ###重启named服务

Stopping named: .                                          [  OK  ]

Starting named:                                            [  OK  ]

[[email protected] named]# rndc status                         ###显示详细信息

version: 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4

CPUs found: 1

worker threads: 1

number of zones: 20

debug level: 0

xfers running: 0

xfers deferred: 0

soa queries in progress: 0

query logging is OFF

recursive clients: 0/0/1000

tcp clients: 0/100

server is up and running

[[email protected] named]# service named reload                 ###让named重读配置

Reloading named:                                           [  OK  ]


[[email protected] named]# dig -t A www.magedu.com @192.168.1.156   ###让本机测试


; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4 <<>> -t A www.magedu.com @192.168.1.156

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64435

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2


;; QUESTION SECTION:

;www.magedu.com.INA


;; ANSWER SECTION:

www.magedu.com.86400INA192.168.1.156


;; AUTHORITY SECTION:

magedu.com.86400INNSns1.magedu.com.

magedu.com.86400INNSNS2.magedu.com.


;; ADDITIONAL SECTION:

ns1.magedu.com.86400INA192.168.1.156

NS2.magedu.com.86400INA192.168.1.12


;; Query time: 30 msec

;; SERVER: 192.168.1.175#53(192.168.1.156)

;; WHEN: Tue Feb  7 23:27:25 2017

;; MSG SIZE  rcvd: 116


[[email protected] named]# vim /etc/named.rfc1912.zones  ###增加反向区域解析库


zone "1.168.192.in-addr.arpa" IN {

        type master;

        file "192.168.1.zone";

};




[[email protected] named]# vim 192.168.1.zone     ###配置反向解析

$TTL 86400

$ORIGIN 1.168.192.in-addr.arpa.                                  ###arpa后的.必不可少

@        IN       SOA      ns1.magedu.com. admin.magedu.com. ( :wq  ###com后的.必不可少

                           2017020801

                           1H

                           5M

                           7D

                           1D )

         IN        NS      ns1.magedu.com.    ###com后的.必不可少

         IN        NS      ns2.magedu.com.    ###com后的.必不可少

156      IN        PTR     ns1.magedu.com.    ###com后的.必不可少

156      IN        PTR     www.magedu.com.    ###com后的.必不可少

12       IN        PTR     nx1.magedu.com.    ###com后的.必不可少

12       IN        PTR     www.magedu.com.    ###com后的.必不可少

13       IN        PTR     nx2.magedu.com.    ###com后的.必不可少


[[email protected] named]# chmod 640 192.168.1.zone

[[email protected] named]# chown :named 192.168.1.zone

[[email protected] named]# named-checkzone "1.168.192. in-addr.arpa" 192.168.1.zone

zone 1.168.192.in-addr.arpa/IN: loaded serial 2017020801

OK

[[email protected] named]# named-checkconf         ###检测主配置文件是否有错

[[email protected] named]# service named reload

Reloading named:                                           [  OK  ]

[[email protected] named]# host -t PTR 192.168.1.156 192.168.1.156   ###测试

Using domain server:

Name: 192.168.1.156

Address: 192.168.1.156#53

Aliases: 


175.1.168.192.in-addr.arpa domain name pointer www.magedu.com.

175.1.168.192.in-addr.arpa domain name pointer ns1.magedu.com.


[[email protected] named]# dig -x 192.168.1.12 @192.168.1.156      ###测试反向解析


; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4 <<>> -x 192.168.1.12 @192.168.1.156

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51564

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2


;; QUESTION SECTION:

;12.1.168.192.in-addr.arpa.INPTR


;; ANSWER SECTION:

12.1.168.192.in-addr.arpa. 86400 INPTRnx1.magedu.com.    ###反向解析

12.1.168.192.in-addr.arpa. 86400 INPTRwww.magedu.com.    ###反向解析

;; AUTHORITY SECTION:

1.168.192.in-addr.arpa.86400INNSns1.magedu.com.

1.168.192.in-addr.arpa.86400INNSns2.magedu.com.


;; ADDITIONAL SECTION:

ns1.magedu.com.86400INA192.168.1.156

ns2.magedu.com.86400INA192.168.1.12


;; Query time: 0 msec

;; SERVER: 192.168.1.175#53(192.168.1.156)

;; WHEN: Wed Feb  8 00:53:27 2017

;; MSG SIZE  rcvd: 157


[[email protected] slaves]# service iptables stop                     ###Linux防火墙(Iptables)关闭 即时生效,重启后失效

iptables: Setting chains to policy ACCEPT: filter          [  OK  ]

iptables: Flushing firewall rules:                         [  OK  ]

iptables: Unloading modules:                               [  OK  ]





[[email protected] ~]# yum install bind -y

.

.

.

Dependency Updated:

  bind-libs.x86_64 32:9.8.2-0.47.rc1.el6_8.4                                    

  bind-utils.x86_64 32:9.8.2-0.47.rc1.el6_8.4                                   


Complete!

[[email protected] ~]# vim /etc/named.conf                    ###修改配置

options {

        listen-on port 53 { 192.168.1.156;  127.0.0.1; };  ###增加192.168.1.156;

//      listen-on-v6 port 53 { ::1; };                     ###注销本行

        directory       "/var/named";

        dump-file       "/var/named/data/cache_dump.db";

        statistics-file "/var/named/data/named_stats.txt";

        memstatistics-file "/var/named/data/named_mem_stats.txt";

        allow-query     { any; };                           ###修改any

        recursion yes;


//      dnssec-enable yes;                                  ###注销本行

//      dnssec-validation yes;                              ###注销本行


        /* Path to ISC DLV key */

//      bindkeys-file "/etc/named.iscdlv.key";              ###注销本行

//

//      managed-keys-directory "/var/named/dynamic";        ###注销本行

};


[[email protected] ~]# vim /etc/named.rfc1912.zones            ###增加


zone "magedu.com" IN {

        type slave;

        masters { 192.168.1.156; };


        file "slaves/magedu.com.zone";


};




[[email protected] slaves]# ss -tnl

State      Recv-Q Send-Q        Local Address:Port          Peer Address:Port 

LISTEN     0      3             192.168.1.159:53                       *:*  


[[email protected] slaves]# ss -unl

State      Recv-Q Send-Q        Local Address:Port          Peer Address:Port 

UNCONN     0      0             192.168.1.159:53                       *:*   


[[email protected] slaves]# dig -t axfr magedu.com @192.168.1.159


; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4 <<>> -t axfr magedu.com @192.168.1.159

;; global options: +cmd

magedu.com.86400INSOAns1.magedu.com. admin.magedu.com.magedu.com. 20170208 3600 300 604800 86400

magedu.com.86400INMX10 MX1.magedu.com.

magedu.com.86400INMX20 mx2.magedu.com.

magedu.com.86400INNSns1.magedu.com.

magedu.com.86400INNSns2.magedu.com.

ftp.magedu.com.86400INCNAMEwww.magedu.com.

mx1.magedu.com.86400INA192.168.1.13

mx2.magedu.com.86400INA192.168.1.14

ns1.magedu.com.86400INA192.168.1.156

ns2.magedu.com.86400INA192.168.1.159

www.magedu.com.86400INA192.168.1.156

magedu.com.86400INSOAns1.magedu.com. admin.magedu.com.magedu.com. 20170208 3600 300 604800 86400

;; Query time: 21 msec

;; SERVER: 192.168.1.159#53(192.168.1.159)

;; WHEN: Thu Feb  9 23:47:46 2017

;; XFR size: 12 records (messages 1, bytes 299)



[[email protected] slaves]# rndc reload

server reload successful




[[email protected] slaves]# service named reload

Reloading named:                                           [  OK  ]



[[email protected] ~]# cd /var/named/slaves

[[email protected] slaves]#ls

magedu.com.zone

[[email protected] slaves]# cat magedu.com.zone 

$ORIGIN .

$TTL 86400; 1 day

magedu.comIN SOAns1.magedu.com. admin.magedu.com.magedu.com. (

20170208   ; serial

3600       ; refresh (1 hour)

300        ; retry (5 minutes)

604800     ; expire (1 week)

86400      ; minimum (1 day)

)

NSns1.magedu.com.

NSns2.magedu.com.

MX10 MX1.magedu.com.

MX20 mx2.magedu.com.

$ORIGIN magedu.com.

ftpCNAMEwww

mx1A192.168.1.13

mx2A192.168.1.14

ns1A192.168.1.156

ns2A192.168.1.159

wwwA192.168.1.156

















[[email protected] ~]# vim /etc/named.conf                      ###配置父域服务器主配置文件

options {

//      listen-on port 53 { 192.168.1.156;  127.0.0.1; };    ###注销本行

//      listen-on-v6 port 53 { ::1; };                       ###注销本行

        directory       "/var/named";

        dump-file       "/var/named/data/cache_dump.db";

        statistics-file "/var/named/data/named_stats.txt";

        memstatistics-file "/var/named/data/named_mem_stats.txt";

        allow-query     { any; };

        recursion yes;


        dnssec-enable no;                                    ###修改dnssec-enable no

        dnssec-validation no;                                ###dnssec-validation no


        /* Path to ISC DLV key */

//      bindkeys-file "/etc/named.iscdlv.key";               ###注销本行

//

//      managed-keys-directory "/var/named/dynamic";         ###注销本行

};


[[email protected] ~]# vim /etc/named.rfc1912.zones             ###增加区域解析库文件

zone "magedu.com" IN {

        type master;

        file "magedu.com.zone";

};


[[email protected] ~]# cd /var/named

[[email protected] named]# vim magedu.com.zone 

$ORIGIN magedu.com.

.

@        IN       SOA      ns1.magedu.com. admin.magedu.com. (

                           20170208

                           1H

                           5M

                           7D

                           1D )

         IN       NS       ns1

         IN       NS       ns2

         IN       MX 10    MX1

         IN       MX 20    mx2

ns1      IN       A        192.168.1.156

ns2      IN       A        192.168.1.160


www      IN       A        192.168.1.156


*        IN       A        192.168.1.156


cdn      IN       NS       ns1.cdn                       ####增加子域

cdn      IN       NS       ns2.cdn                       ####增加子域

ns1.cdn  IN       A        192.168.1.156                 ####增加子域

ns2.cdn  IN       A        192.168.1.160                 ####增加子域


[[email protected] named]# chmod 640 magedu.com.zone           ###修改属组只读,其他用户无权限

[[email protected] named]# ll

-rw-r-----. 1 root  root   619 Feb  7 22:15 magedu.com.zone

[[email protected] named]# chown :named magedu.com.zone        ###修改属组为named,这样named程序能访问

-rw-r-----. 1 root  named  619 Feb  7 22:15 magedu.com.zone


[[email protected] named]# service named reload

Reloading named:                                           [  OK  ]

[[email protected] named]# dig -t A www.magedu.com @192.168.1.156    ###测试父域


; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4 <<>> -t A www.magedu.com @192.168.1.156

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52751

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2


;; QUESTION SECTION:

;www.magedu.com.INA


;; ANSWER SECTION:

www.magedu.com.86400INA192.168.1.156


;; AUTHORITY SECTION:

magedu.com.86400INNSns2.magedu.com.

magedu.com.86400INNSns1.magedu.com.


;; ADDITIONAL SECTION:

ns1.magedu.com.86400INA192.168.1.156

ns2.magedu.com.86400INA192.168.1.160


;; Query time: 3 msec

;; SERVER: 192.168.1.156#53(192.168.1.156)

;; WHEN: Fri Feb 10 01:09:42 2017

;; MSG SIZE  rcvd: 116







[[email protected] ~]# vim /etc/named.conf              ###配置子域服务器

options {

//      listen-on port 53 { 192.168.1.156; 127.0.0.1; 192.168.1.159;  };

//      listen-on-v6 port 53 { ::1; };

        directory       "/var/named";

        dump-file       "/var/named/data/cache_dump.db";

        statistics-file "/var/named/data/named_stats.txt";

        memstatistics-file "/var/named/data/named_mem_stats.txt";

        allow-query     { any; };

        recursion yes;


//      dnssec-enable yes;

//      dnssec-validation yes;


        /* Path to ISC DLV key */

//      bindkeys-file "/etc/named.iscdlv.key";

//

//      managed-keys-directory "/var/named/dynamic";

};

[[email protected] named]# service named restart

Stopping named: .                                          [  OK  ]

Starting named:                                            [  OK  ]


[[email protected] named]# vim /etc/named.rfc1912.zones   ###配置区域文件增加

zone "cdn.magedu.com" IN {

        type master;


        file "cdn.magedu.com.zone";


};



[[email protected] ~]# cd /var/named

[[email protected] named]# vim cdn.magedu.com.zone 

$TTL 1d


$ORIGIN cdn.magedu.com.

@        IN       SOA      ns1.cdn.magedu.com. admin.cdn.magedu.com. (

                           20170208

                           1H

                           5M

                           7D

                           1D )

         IN       NS       ns1

         IN       NS       ns2

ns1      IN       A        192.168.1.159

ns2      IN       A        192.168.1.160

www      IN       A        192.168.1.160


*        IN       A        192.168.1.160

~                                                                               

~                                           

[[email protected] named]# chmod 640 cdn.magedu.com.zone           ###修改属组只读,其他用户无权限

[[email protected] named]# ll

-rw-r-----. 1 root  root   619 Feb  7 22:15 cdn.magedu.com.zone

[[email protected] named]# chown :named cdn.magedu.com.zone        ###修改属组为named,这样named程序能访问

-rw-r-----. 1 root  named  619 Feb  7 22:15 cdn.magedu.com.zone


[[email protected] named]# service named restart

Stopping named:                                            [  OK  ]

Starting named:                                            [  OK  ]

[[email protected] named]# dig -t A www.cdn.magedu.com @192.168.1.159     ###测试子域服务是否正常


; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4 <<>> -t A www.cdn.magedu.com @192.168.1.159

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7327

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2


;; QUESTION SECTION:

;www.cdn.magedu.com.INA


;; ANSWER SECTION:

www.cdn.magedu.com.86400INA192.168.1.160


;; AUTHORITY SECTION:

cdn.magedu.com.86400INNSns1.cdn.magedu.com.

cdn.magedu.com.86400INNSns2.cdn.magedu.com.


;; ADDITIONAL SECTION:

ns1.cdn.magedu.com.86400INA192.168.1.159

ns2.cdn.magedu.com.86400INA192.168.1.160


;; Query time: 0 msec

;; SERVER: 192.168.1.159#53(192.168.1.159)

;; WHEN: Fri Feb 10 01:22:48 2017

;; MSG SIZE  rcvd: 120


[[email protected] named]# dig -t NS cdn.magedu.com @192.168.1.156 +norecurse       ####在父域中解析+norecurse不进行递归请求


; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4 <<>> -t NS cdn.magedu.com @192.168.1.156 +norecurse

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26678

;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2


;; QUESTION SECTION:

;cdn.magedu.com.INNS


;; AUTHORITY SECTION:

cdn.magedu.com.86400INNSns1.cdn.magedu.com.

cdn.magedu.com.86400INNSns2.cdn.magedu.com.


;; ADDITIONAL SECTION:

ns1.cdn.magedu.com.86400INA192.168.1.156

ns2.cdn.magedu.com.86400INA192.168.1.160


;; Query time: 0 msec

;; SERVER: 192.168.1.156#53(192.168.1.156)

;; WHEN: Fri Feb 10 01:39:48 2017

;; MSG SIZE  rcvd: 100



[[email protected] named]# vim /etc/named.conf                ###在父域中配置转发服务器

options {

//      listen-on port 53 { 192.168.1.156;  127.0.0.1; };

//      listen-on-v6 port 53 { ::1; };

        directory       "/var/named";

        dump-file       "/var/named/data/cache_dump.db";

        statistics-file "/var/named/data/named_stats.txt";

        memstatistics-file "/var/named/data/named_mem_stats.txt";

        allow-query     { any; };                                          

        recursion yes;

        forward first;                                       ###定义全局转发

        forwarders { 210.22.84.3; };                         ###定义转发服务器地址

        dnssec-enable no;                                    ###设置为dnssec-enable no

        dnssec-validation no;                                ###设置为dnssec-validation no


        /* Path to ISC DLV key */

//      bindkeys-file "/etc/named.iscdlv.key";

//

//      managed-keys-directory "/var/named/dynamic";

};


[[email protected] named]# service named restart

Stopping named:                                            [  OK  ]

Starting named:                                            [  OK  ]


[[email protected] named]# dig -t A www.baidu.com @192.168.1.156    ###测试转发服务器


; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4 <<>> -t A www.baidu.com @192.168.1.156

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44891

;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 13, ADDITIONAL: 0


;; QUESTION SECTION:

;www.baidu.com.INA


;; ANSWER SECTION:

www.baidu.com.830INCNAMEwww.a.shifen.com.

www.a.shifen.com.94INA61.135.169.125

www.a.shifen.com.94INA61.135.169.121


;; AUTHORITY SECTION:

.172084INNSb.root-servers.net.

.172084INNSm.root-servers.net.

.172084INNSh.root-servers.net.

.172084INNSa.root-servers.net.

.172084INNSk.root-servers.net.

.172084INNSf.root-servers.net.

.172084INNSe.root-servers.net.

.172084INNSj.root-servers.net.

.172084INNSl.root-servers.net.

.172084INNSi.root-servers.net.

.172084INNSd.root-servers.net.

.172084INNSc.root-servers.net.

.172084INNSg.root-servers.net.


;; Query time: 470 msec

;; SERVER: 192.168.1.156#53(192.168.1.156)

;; WHEN: Mon Feb 13 20:48:31 2017

;; MSG SIZE  rcvd: 301






[[email protected] named]#vim /etc/named.rfc1912.zones     ###增加子域区域解析库的转发机制

zone "magedu.com" IN {

        type forward;

        forward only;

        forwarders { 192.168.1.156; };

};


[[email protected] named]# service named restart

Stopping named: .                                          [  OK  ]

Starting named:                                            [  OK  ]




[[email protected] named]# rndc flush                     ###清除dns缓存

[[email protected] named]# dig -t A www.magedu.com @192.168.1.159    ###测试本机


; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4 <<>> -t A www.magedu.com @192.168.1.159

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60596

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2


;; QUESTION SECTION:

;www.magedu.com.INA


;; ANSWER SECTION:

www.magedu.com.86400INA192.168.1.156


;; AUTHORITY SECTION:

magedu.com.86400INNSns2.magedu.com.

magedu.com.86400INNSns1.magedu.com.


;; ADDITIONAL SECTION:

ns1.magedu.com.86400INA192.168.1.156

ns2.magedu.com.86400INA192.168.1.160


;; Query time: 3 msec

;; SERVER: 192.168.1.159#53(192.168.1.159)

;; WHEN: Mon Feb 13 21:23:16 2017

;; MSG SIZE  rcvd: 116


[[email protected] named]# dig -t A www.baidu.com @192.168.1.159     ###测试baidu.com


; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4 <<>> -t A www.baidu.com @192.168.1.159

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53453

;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 5, ADDITIONAL: 5


;; QUESTION SECTION:

;www.baidu.com.INA


;; ANSWER SECTION:

www.baidu.com.1200INCNAMEwww.a.shifen.com.

www.a.shifen.com.300INA111.206.223.205

www.a.shifen.com.300INA111.206.223.206


;; AUTHORITY SECTION:

a.shifen.com.1200INNSns4.a.shifen.com.

a.shifen.com.1200INNSns1.a.shifen.com.

a.shifen.com.1200INNSns5.a.shifen.com.

a.shifen.com.1200INNSns2.a.shifen.com.

a.shifen.com.1200INNSns3.a.shifen.com.


;; ADDITIONAL SECTION:

ns1.a.shifen.com.1200INA61.135.165.224

ns2.a.shifen.com.1200INA180.149.133.241

ns5.a.shifen.com.1200INA119.75.222.17

ns4.a.shifen.com.1200INA115.239.210.176

ns3.a.shifen.com.1200INA61.135.162.215


;; Query time: 1841 msec

;; SERVER: 192.168.1.159#53(192.168.1.159)

;; WHEN: Mon Feb 13 21:31:17 2017

;; MSG SIZE  rcvd: 260





[[email protected] named]# vim /etc/named.conf      ###在主配置中增加访问控制选项


acl slaves {

        192.168.1.156; 127.0.0.1;

};



[[email protected] named]# dig -t AXFR magedu.com @192.168.1.156    ###测试本机成功


; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4 <<>> -t AXFR magedu.com @192.168.1.156

;; global options: +cmd

magedu.com.86400INSOAns1.magedu.com. admin.magedu.com. 20170208 3600 300 604800 86400

magedu.com.86400INNSns1.magedu.com.

magedu.com.86400INNSns2.magedu.com.

magedu.com.86400INMX10 MX1.magedu.com.

magedu.com.86400INMX20 mx2.magedu.com.

*.magedu.com.86400INA192.168.1.156

ftp.magedu.com.86400INCNAMEwww.magedu.com.

mx1.magedu.com.86400INA192.168.1.13

mx2.magedu.com.86400INA192.168.1.14

ns1.magedu.com.86400INA192.168.1.156

ns2.magedu.com.86400INA192.168.1.160

cdn.magedu.com.86400INNSns1.cdn.magedu.com.

cdn.magedu.com.86400INNSns2.cdn.magedu.com.

ns1.cdn.magedu.com.86400INA192.168.1.156

www.magedu.com.86400INA192.168.1.156

magedu.com.86400INSOAns1.magedu.com. admin.magedu.com. 20170208 3600 300 604800 86400

;; Query time: 21 msec

;; SERVER: 192.168.1.156#53(192.168.1.156)

;; WHEN: Tue Feb 14 00:20:35 2017

;; XFR size: 16 records (messages 1, bytes 362)


[[email protected] named]# dig -t AXFR magedu.com @192.168.1.159     ###测试其他地址失败


; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4 <<>> -t AXFR magedu.com @192.168.1.159

;; global options: +cmd

; Transfer failed.




4、请描述一次完整的http请求处理过程;

(1) 建立或处理连接:接收请求或拒绝请求


(2) 接收请求:

        接收来自于网络的请求报文中对某资源的一次请求的过程;

        并发访问响应模型(Web I/O):

   单进程I/O结构:启动一个进程处理用户请求,而且一次只处理一个;多个请求被串行响应;

   多进程I/O结构:并行启动多个进程,每个进程响应一个请求;

            复用I/O结构:一个进程响应n个请求;

                多线程模型:一个进程生成N个线程,每个线程响应一个用户请求;

                事件驱动:event-driven

            复用的多进程I/O结构:启动多个(m)进程,每个进程响应n个请求;


(3) 处理请求:对请求报文进行解析,并获取请求的资源及请求方法等相关信息

        元数据:请求报文首部

            <method:请求方法> <URL:> <VERSION:>

            Host: www.magedu.com   请求的主机名称

            Connection:这次请求的链接方式


(4) 访问资源:获取请求报文中请求的资源

        web服务器,即存放了web资源的服务器,负责向请求者提供对方请求的静态资源,或动态运行后生成的资源;这些资源放置于本地文件系统某路径下,此路径通常称为DocRoot

        文档根:/var/www/html/

                images/1.jpg

                示例 http://www.magedu.com/images/1.jpg路径映射为/var/www/html/images/1.jpg

        web服务器资源路径映射方式:

              (a) docroot

              (b) alias

              (c) 虚拟主机docroot

              (d) 用户家目录docroot      

(5) 构建响应报文

        资源的MIME类型:

                  显式分类

                  魔法分类

                  协商分类

        URL重定向:web服务构建的响应并非客户端请求的资源,而是资源另外一个访问路径;


(6) 发送响应报文

(7) 记录日志


5、httpd所支持的处理模型有哪些,他们的分别使用于哪些环境。

(1)prefork:多进程模型,每个进程响应一个请求;

                 一个主进程:负责生成n个子进程,子进程也称为工作进程,每个子进程处理一个用户请求;

                 即便没有用户请求,也会预先生成多个空闲进程,随时等待请求到达;

                 最大不会超过1024个;

(2)worker:多线程模型,每个线程响应一个请求;

                 一个主进程:生成多个子进程,每个子进程负责生个多个线程,每个线程响应一个请求;

(3)event:事件驱动模型,每个线程响应n个请求;

                  一个主进程:生成m个子进程,每个进程直接n个请求;






6、建立httpd服务器(基于编译的方式进行),要求:

     提供两个基于名称的虚拟主机:

    (a)www1.stuX.com,页面文件目录为/web/vhosts/www1;错误日志为/var/log/httpd/www1.err,访问日志为/var/log/httpd/www1.access;

    (b)www2.stuX.com,页面文件目录为/web/vhosts/www2;错误日志为/var/log/httpd/www2.err,访问日志为/var/log/httpd/www2.access;

    (c)为两个虚拟主机建立各自的主页文件index.html,内容分别为其对应的主机名;

    (d)通过www1.stuX.com/server-status输出httpd工作状态相关信息,且只允许提供帐号密码才能访问(status:status);


[[email protected] ~]# rpm -ql httpd      ###安装生成文件


[[email protected] ~]# rpm -qc httpd      ###安装生成配置文件

/etc/httpd/conf.d/welcome.conf         ###/etc/httpd/conf.d/为主配置文件提供辅助

/etc/httpd/conf/httpd.conf             ###主配置文件 ,/etc/httpd/系统程序根目录

/etc/rc.d/init.d/httpd                 ###服务脚本

/etc/sysconfig/httpd                   ###服务脚本的配置文件

/var/www/error/HTTP_NOT_FOUND.html.var        ###提供报错网页

/var/www/error/HTTP_BAD_GATEWAY.html.var      ###提供报错网页 


[[email protected] ~]# rpm -ql httpd |grep bin   ###主程序文件有3个

/usr/sbin/httpd

/usr/sbin/httpd.event           

/usr/sbin/httpd.worker




/var/log/httpd                          ###日志文件

access_log                              ###访问日志

error_log                               ###错误日志



[[email protected] conf]# yum install httpd -y    ###按装httpd服务

Loaded plugins: fastestmirror, refresh-packagekit, security

Setting up Install Process

Loading mirror speeds from cached hostfile

.

.

.

Updated:

  httpd.x86_64 0:2.2.15-56.el6.centos.3                                         


Dependency Updated:

  httpd-tools.x86_64 0:2.2.15-56.el6.centos.3                                   


Complete!


[[email protected] conf]#cd /etc/httpd/conf     

[[email protected] conf]#vim httpd.conf       ###修改监听端口

#

# Listen: Allows you to bind Apache to specific IP addresses and/or

# ports, in addition to the default. See also the <VirtualHost>

# directive.

#

# Change this to Listen on specific IP addresses as shown below to 

# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)

#

#Listen 12.34.56.78:80

Listen 80

Listen 192.168.1.173:80                      ###修改监听本机80端口


[[email protected] conf]# service httpd start   ###启动httpd服务

Starting httpd: httpd: Could not reliably determine the server‘s fully qualified domain name, using localhost.localdomain for ServerName

                                                           [  OK  ]

[[email protected] conf]# telnet 192.168.1.173 80   ###测试服务

Trying 192.168.1.173...

Connected to 192.168.1.173.

Escape character is ‘^]‘.

^

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">

<html><head>

<title>501 Method Not Implemented</title>

</head><body>

<h1>Method Not Implemented</h1>

<p>^ to / not supported.<br />

</p>

<hr>

<address>Apache/2.2.15 (CentOS) Server at localhost.localdomain Port 80</address>

</body></html>

Connection closed by foreign host.


[[email protected] conf]# ps aux |grep httpd    ###查看httpd启动使用的模块

root      4233  0.0  0.3 184356  3856 ?        Ss   22:46   0:00 /usr/sbin/httpd

apache    4236  0.0  0.3 184488  3084 ?        S    22:46   0:00 /usr/sbin/httpd

apache    4237  0.0  0.2 184488  2520 ?        S    22:46   0:00 /usr/sbin/httpd

apache    4238  0.0  0.2 184488  2512 ?        S    22:46   0:00 /usr/sbin/httpd

apache    4239  0.0  0.2 184488  2512 ?        S    22:46   0:00 /usr/sbin/httpd

apache    4240  0.0  0.2 184488  2512 ?        S    22:46   0:00 /usr/sbin/httpd

apache    4241  0.0  0.2 184488  2512 ?        S    22:46   0:00 /usr/sbin/httpd

apache    4242  0.0  0.2 184488  2512 ?        S    22:46   0:00 /usr/sbin/httpd

apache    4243  0.0  0.2 184488  2512 ?        S    22:46   0:00 /usr/sbin/httpd

root      4338  0.0  0.0 103252   840 pts/0    S+   22:59   0:00 grep httpd



[[email protected] conf]# httpd -l              ###查看静态编译的模块     

Compiled in modules:                         ###

  core.c                                     ###核心莫块

  prefork.c                                  ###启动类型为prefork

  http_core.c                                ###httpd功能模块

  mod_so.c                                   ###支持模块装卸载功能


[[email protected] conf]# httpd -M              ###查看静态编译的模块和动态装载的模块



[[email protected] conf]# vim /etc/sysconfig/httpd    ###修改配置启动worker模块

# Configuration file for the httpd service.


#

# The default processing model (MPM) is the process-based

# ‘prefork‘ model.  A thread-based model, ‘worker‘, is also

# available, but does not work with some modules (such as PHP).

# The service must be stopped before changing this variable.

#

#HTTPD=/usr/sbin/httpd.worker

HTTPD=/usr/sbin/httpd.worker                 ###是脚本默认配置启用worker模块

#



[[email protected] conf]# service httpd restart

Stopping httpd:                                            [  OK  ]

Starting httpd: httpd.worker: Could not reliably determine the server‘s fully qualified domain name, using localhost.localdomain for ServerName

                                                           [  OK  ]

[[email protected] conf]# ps aux |grep httpd     ###查看httpd启动使用的模块为worker

root      4443  0.0  0.4 184564  4076 ?        Ss   23:11   0:00 /usr/sbin/httpd.worker

apache    4446  0.0  0.5 528824  5392 ?        Sl   23:11   0:00 /usr/sbin/httpd.worker

apache    4448  0.0  0.5 528824  5380 ?        Sl   23:11   0:00 /usr/sbin/httpd.worker

apache    4449  0.0  0.5 528824  5388 ?        Sl   23:11   0:00 /usr/sbin/httpd.worker

root      4559  0.0  0.0 103252   840 pts/0    S+   23:11   0:00 grep httpd


[[email protected] conf]# service iptables stop        ###iptables关闭服务

iptables: Setting chains to policy ACCEPT: filter          [  OK  ]

iptables: Flushing firewall rules:                         [  OK  ]

iptables: Unloading modules:                               [  OK  ]

[[email protected] conf]# setenforce 0                  ###关闭selinux



[[email protected] conf]# cd ~

[[email protected] ~]# mkdir /www/htdocs -pv

mkdir: created directory `/www‘

mkdir: created directory `/www/htdocs‘

[[email protected] ~]# vim /www/htdocs/index.html      ###编辑个测试页面

test page


[[email protected] ~]# vim /etc/httpd/conf/httpd.conf   ###编辑主配置文件修改路径


#

# DocumentRoot: The directory out of which you will serve your

# documents. By default, all requests are taken from this directory, but

# symbolic links and aliases may be used to point to other locations.

#

#DocumentRoot "/var/www/html"

DocumentRoot "/www/htdocs"                          ###编辑主配置文件修改路径

   


[[email protected] ~]# service httpd restart

Stopping httpd:                                            [  OK  ]

Starting httpd: httpd.worker: Could not reliably determine the server‘s fully qualified domain name, using localhost.localdomain for ServerName

                                                           [  OK  ]

[[email protected] ~]# vim /etc/httpd/conf/httpd.conf   ###编辑主配置文件修改路径

#

# This should be changed to whatever you set DocumentRoot to.

#

<Directory "/www/htdocs">                           ###编辑路径为/www/htdocs

# The Options directive is both complicated and important.  Please see

# http://httpd.apache.org/docs/2.2/mod/core.html#options

# for more information.

#

    Options -Indexes FollowSymLinks                  ###Indexes索引功能默认开启,建议关闭在Indexes前加“-”                



[[email protected] ~]# cd /www/htdocs/

[[email protected] htdocs]# ls

index.html

[[email protected] htdocs]# mv index.html test.html

[[email protected] htdocs]# cp /etc/fstab fstab.html

[[email protected] htdocs]# ls /etc/httpd/conf.d/

mod_dnssd.conf  README  welcome.conf

[[email protected] htdocs]# mv /etc/httpd/conf.d/welcome.conf{,.bak}

[[email protected] htdocs]# !se

service httpd restart

Stopping httpd:                                            [  OK  ]

Starting httpd: httpd.worker: Could not reliably determine the server‘s fully qualified domain name, using localhost.localdomain for ServerName

                                                           [  OK  ]


[[email protected] ~]# vim /etc/httpd/conf/httpd.conf   ###编辑主配置文件

# The Options directive is both complicated and important.  Please see

# http://httpd.apache.org/docs/2.2/mod/core.html#options

# for more information.

#

 

     Options  None                                    ###修改FollowSymLinks 为None,不允许跟踪符号链接文件


[[email protected] ~]# vim /etc/httpd/conf/httpd.conf   ###编辑主配置文件做访问控制

#

# Controls who can get stuff from this server.

#

    Order allow,deny

    Allow from all                                     ###允许所有主机访问


[[email protected] ~]# vim /etc/httpd/conf/httpd.conf   ###编辑主配置文件日志设定

#

# ErrorLog: The location of the error log file.

# If you do not specify an ErrorLog directive within a <VirtualHost>

# container, error messages relating to that virtual host will be

# logged here.  If you *do* define an error logfile for a <VirtualHost>

# container, that host‘s errors will be logged there and not here.

#

ErrorLog logs/error_log


#

# The following directives define some format nicknames for use with

# a CustomLog directive (see below).

#

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

LogFormat "%h %l %u %t \"%r\" %>s %b" common

LogFormat "%{Referer}i -> %U" referer

LogFormat "%{User-agent}i" agent


[[email protected] htdocs]# tail /var/log/httpd/access_log  ###查看日志

192.168.1.191 - - [16/Feb/2017:18:16:37 -0800] "GET / HTTP/1.1" 403 281 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"


[[email protected] htdocs]# vim /etc/httpd/conf/httpd.conf    ###编辑主配置文件网页别名

# Aliases: Add here as many aliases as you need (with no limit). The format is 

# Alias fakename realname

#

# Note that if you include a trailing / on fakename then the server will

# require it to be present in the URL.  So "/icons" isn‘t aliased in this

# example, only "/icons/".  If the fakename is slash-terminated, then the 

# realname must also be slash terminated, and if the fakename omits the 

# trailing slash, the realname must also omit it.

#

# We include the /icons/ alias for FancyIndexed directory listings.  If you

# do not use FancyIndexing, you may comment this out.

#

Alias /icons/ "/var/www/icons/"

Alias /bbs/  "/forum/"                                    ###别名设置把/bbs/替换为/forum/


[[email protected] htdocs]# vim /etc/httpd/conf/httpd.conf    ###编辑主配置文件

<Directory "/www/htdocs/admin">

    Options None

    AllowOverride None

    AuthType Basic                                          ###认证方式Basic

    AuthName "admin private"

    AuthUserFile "/etc/httpd/conf.d/.htpasswd"              ###用户帐号文件

    Require valid-user                                      ###允许所有用户访问

    

</Directory>



[[email protected] htdocs]# htpasswd -c -m /etc/httpd/conf.d/.htpasswd tom   ###提供账号和密码存储 -c首次创建文件

New password: 

Re-type new password: 

Adding password for user tom

[[email protected] htdocs]# htpasswd  -m /etc/httpd/conf.d/.htpasswd jerry   ###使用md5加密用户密码

New password: 

Re-type new password: 

Adding password for user jerry

[[email protected] htdocs]# tail /etc/httpd/conf.d/.htpasswd                 ###

tom:$apr1$1v8JvrvI$efJgvcFucqCUeFoV/HlEN/

jerry:$apr1$3Dra68QB$abLxY3gMIG7RebtPBs35B/


[[email protected] htdocs]# vim /etc/httpd/conf/httpd.conf

<Directory "/www/htdocs/admin">

    Options None

    AllowOverride None

    AuthType Basic

    AuthName "admin private"

    AuthUserFile "/etc/httpd/conf.d/.htpasswd"

    Require user jerry                                                  ###指明只有jerry能登陆

#   Require valid-user


</Directory>

[[email protected] htdocs]# service httpd reload                          ###重读配置文件

Reloading httpd: 


[[email protected] htdocs]# vim /etc/httpd/conf/httpd.conf

<Directory "/www/htdocs/admin">

    Options None

    AllowOverride None

    AuthType Basic

    AuthName "admin private"

    AuthUserFile "/etc/httpd/conf.d/.htpasswd"

    AuthGroupFile "/etc/httpd/conf.d/.htgroup"                        ###配置组文件

    Require group webadmin                                            ###指明webadmin组能访问

#   Require valid-user


</Directory>


[[email protected] htdocs]# vim /etc/httpd/conf/httpd.conf

#DocumentRoot "/www/htdocs"


<VirtualHost 192.168.1.191:80>

     ServerName web1.magedu.com

     DocumentRoot "/vhosts/web1/htdocs"

</VirtualHost>


<VirtualHost 192.168.1.10:80>

     ServerName web2.magedu.com

     DocumentRoot "/vhosts/web2/htdocs"

</VirtualHost>



[[email protected] htdocs]# service httpd configtest                       ###测试语法错误 或者httpd -t简写

Warning: DocumentRoot [/vhosts/web1/htdocs] does not exist

Warning: DocumentRoot [/vhosts/web2/htdocs] does not exist

httpd.worker: Could not reliably determine the server‘s fully qualified domain name, using localhost.localdomain for ServerName

Syntax OK

[[email protected] htdocs]# cd ~

[[email protected] ~]# mkdir -pv /vhosts/{web1,web2,web3,web4}/htdocs     ###创建报错的文件

mkdir: created directory `/vhosts‘

mkdir: created directory `/vhosts/web1‘

mkdir: created directory `/vhosts/web1/htdocs‘

mkdir: created directory `/vhosts/web2‘

mkdir: created directory `/vhosts/web2/htdocs‘

mkdir: created directory `/vhosts/web3‘

mkdir: created directory `/vhosts/web3/htdocs‘

mkdir: created directory `/vhosts/web4‘

mkdir: created directory `/vhosts/web4/htdocs‘

[[email protected] ~]# vim /vhosts/web1/htdocs/index.html


page at web1

[[email protected] ~]# vim /vhosts/web2/htdocs/index.html

page at web2

[[email protected] ~]# httpd -t

httpd: Could not reliably determine the server‘s fully qualified domain name, using localhost.localdomain for ServerName

Syntax OK

[[email protected] ~]# ip addr add 192.168.1.10/16 dev eth0               ###为虚拟机添加第二个网址

[[email protected] ~]# ip addr list

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host 

       valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:d9:ac:68 brd ff:ff:ff:ff:ff:ff

    inet 192.168.1.191/24 brd 192.168.1.255 scope global eth0

    inet 192.168.1.10/16 scope global eth0

    inet6 fe80::20c:29ff:fed9:ac68/64 scope link 

       valid_lft forever preferred_lft forever

3: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN 

    link/ether 6a:5d:05:41:b8:0d brd ff:ff:ff:ff:ff:ff

[[email protected] ~]# service httpd reload                              ###重读配置文件

Reloading httpd: 




[[email protected] htdocs]# vim /etc/httpd/conf/httpd.conf              ###配置基于端口的访问控制

#

# Listen: Allows you to bind Apache to specific IP addresses and/or

# ports, in addition to the default. See also the <VirtualHost>

# directive.

#

# Change this to Listen on specific IP addresses as shown below to 

# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)

#

#Listen 12.34.56.78:80

Listen 80

Listen 8080                                                        ###修改监听所有8080端口


<VirtualHost 192.168.1.10:8080>                                    ###修改web3端口8080

     ServerName web3.magedu.com

     DocumentRoot "/vhosts/web3/htdocs"

</VirtualHost>


[[email protected] ~]# vim /vhosts/web3/htdocs/index.html

page at web3


[[email protected] ~]# service httpd reload                              ###重读配置文件

Reloading httpd: 

[[email protected] htdocs]# vim /etc/httpd/conf/httpd.conf  

#

# Use name-based virtual hosting.

#

NameVirtualHost 192.168.1.191:80                                       ###修改主机名



<VirtualHost 192.168.1.191:80>

     ServerName web1.magedu.com

     DocumentRoot "/vhosts/web1/htdocs"

</VirtualHost>


<VirtualHost 192.168.1.191:80>

     ServerName web2.magedu.com

     DocumentRoot "/vhosts/web2/htdocs"

</VirtualHost>


<VirtualHost 192.168.1.191:80>

     ServerName web3.magedu.com

     DocumentRoot "/vhosts/web3/htdocs"

</VirtualHost>


[[email protected] htdocs]# vim /etc/httpd/conf/httpd.conf

<VirtualHost 192.168.1.191:80>

     ServerName web1.magedu.com

     DocumentRoot "/vhosts/web1/htdocs"

     CustomLog logs/web1_access_log combined      ###设置专用日志,日志格式combined

</VirtualHost>

[[email protected] ~]# vim /etc/hosts                ###设置本机解析

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4

::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

192.168.1.191      web1.magedu.com web2.magedu.com web3.magedu.com


[[email protected] ~]#  curl http://web1.magedu.com   ###测试

page at web1

[[email protected] ~]#  curl http://web2.magedu.com   ###

page at web2

[[email protected] ~]#  curl http://web3.magedu.com   ###

page at web3


[[email protected] htdocs]# vim /etc/httpd/conf/httpd.conf

# Allow server status reports generated by mod_status,

# with the URL of http://servername/server-status

# Change the ".example.com" to match your domain to enable.

#

<Location /server-status>

    SetHandler server-status

    Order deny,allow

    Deny from all

    Allow from 192.168.1.191                       ###内置的status页面让本机192.168.1.191访问

</Location>


# ExtendedStatus controls whether Apache will generate "full" status

# information (ExtendedStatus On) or just basic information (ExtendedStatus

# Off) when the "server-status" handler is called. The default is Off.

#

ExtendedStatus On                                ###提供更详细的信息


[[email protected] htdocs]# vim /etc/httpd/conf/httpd.conf   ###使用mod_deflate模块压缩页面优化传输速度


LoadModule deflate_module modules/mod_deflate.so          ###启用莫块


SetOutputFilter DEFLATE

# mod_deflate configuration



# Restrict compression to these MIME types        

                        AddOutputFilterByType DEFLATE text/plain

                        AddOutputFilterByType DEFLATE text/html

                        AddOutputFilterByType DEFLATE application/xhtml+xml

                        AddOutputFilterByType DEFLATE text/xml

                        AddOutputFilterByType DEFLATE application/xml

                        AddOutputFilterByType DEFLATE application/x-javascript   

                        AddOutputFilterByType DEFLATE text/javascript

                        AddOutputFilterByType DEFLATE text/css

# Level of compression (Highest 9 - Lowest 1)   

DeflateCompressionLevel 9


# Netscape 4.x has some problems.

BrowserMatch ^Mozilla/4 gzip-only-text/html                        

# Netscape 4.06-4.08 have some more problems

BrowserMatch ^Mozilla/4\.0[678] no-gzip                        


# MSIE masquerades as Netscape, but it is fine

BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html


[[email protected] ~]# httpd -t                           ###测试是否有语法错误

httpd: Could not reliably determine the server‘s fully qualified domain name, using localhost.localdomain for ServerName

Syntax OK


[[email protected] ~]# httpd -M |grep deflate

httpd: Could not reliably determine the server‘s fully qualified domain name, using localhost.localdomain for ServerName

 deflate_module (shared)

Syntax OK

[[email protected] ~]# service httpd restart

Stopping httpd:                                            [  OK  ]

Starting httpd: httpd.worker: Could not reliably determine the server‘s fully qualified domain name, using localhost.localdomain for ServerName

                                                           [  OK  ]






[[email protected] ~]# cd /etc/pki/CA                      ###在主机192.168.1.162上生成CA证书服务器

[[email protected] CA]# ls

certs  crl  newcerts  private

[[email protected] CA]# (umask 077;openssl genrsa -out private/cakey.pem 2048)   ###配置证书服务

Generating RSA private key, 2048 bit long modulus

..........................................................+++

..........................................................+++

e is 65537 (0x10001)

[[email protected] CA]# ll

total 16

drwxr-xr-x. 2 root root 4096 Oct 15  2014 certs

drwxr-xr-x. 2 root root 4096 Oct 15  2014 crl

drwxr-xr-x. 2 root root 4096 Oct 15  2014 newcerts

drwx------. 2 root root 4096 Feb 19 22:06 private

[[email protected] CA]# ll private/

total 4

-rw-------. 1 root root 1675 Feb 19 22:06 cakey.pem

[[email protected] CA]# touch index.txt                                        ###创建

[[email protected] CA]# echo 01 >serial                                        ###输入

[[email protected] CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 7300   ###配置

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter ‘.‘, the field will be left blank.

-----

Country Name (2 letter code) [XX]:CN

State or Province Name (full name) []:Beijing

Locality Name (eg, city) [Default City]:Benjing

Organization Name (eg, company) [Default Company Ltd]:MageEdu Ltd

Organizational Unit Name (eg, section) []:Ops

Common Name (eg, your name or your server‘s hostname) []:ca.magedu.com

Email Address []:[email protected]

[[email protected] CA]# ll                                                    ###查看

total 24

-rw-r--r--. 1 root root 1432 Feb 19 22:11 cacert.pem

drwxr-xr-x. 2 root root 4096 Oct 15  2014 certs

drwxr-xr-x. 2 root root 4096 Oct 15  2014 crl

-rw-r--r--. 1 root root    0 Feb 19 22:08 index.txt

drwxr-xr-x. 2 root root 4096 Oct 15  2014 newcerts

drwx------. 2 root root 4096 Feb 19 22:06 private

-rw-r--r--. 1 root root    3 Feb 19 22:08 serial






[[email protected] ~]# (umask 077;openssl genrsa -out  httpd.key 1024)           ###在主机192.168.1.191添加客户端CA

Generating RSA private key, 1024 bit long modulus

....................................................................++++++

....++++++

e is 65537 (0x10001)

[[email protected] ~]# ll

total 68

-rw-------. 1 root root  2674 Feb  7 03:16 anaconda-ks.cfg

-rw-------. 1 root root   887 Feb 19 22:16 httpd.key

-rw-r--r--. 1 root root 41433 Feb  7 03:16 install.log

-rw-r--r--. 1 root root  9154 Feb  7 03:14 install.log.syslog

[[email protected] ~]# cd /etc/httpd

[[email protected] httpd]# ls

conf  conf.d  logs  modules  run

[[email protected] httpd]# cd ssl/

-bash: cd: ssl/: No such file or directory

[[email protected] httpd]# mkdir ssl

[[email protected] httpd]# cd ssl

[[email protected] ssl]# (umask 077;openssl genrsa -out  httpd.key 1024)        ###配置

Generating RSA private key, 1024 bit long modulus

....................++++++

......++++++

e is 65537 (0x10001)

[[email protected] ssl]# ll

total 4

-rw-------. 1 root root 887 Feb 19 22:17 httpd.key

[[email protected] ssl]# openssl req -new  -key httpd.key -out httpd.csr       ###配置

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter ‘.‘, the field will be left blank.

-----

Country Name (2 letter code) [XX]:CN

State or Province Name (full name) []:Beijing

Locality Name (eg, city) [Default City]:Beijing

Organization Name (eg, company) [Default Company Ltd]:MageEdu Ltd

Organizational Unit Name (eg, section) []:Ops

Common Name (eg, your name or your server‘s hostname) []:web1.magedu.com

Email Address []:[email protected]


Please enter the following ‘extra‘ attributes

to be sent with your certificate request

A challenge password []:                        ###密码为空

An optional company name []:                    ###密码为空

[[email protected] ssl]# ll

total 8

-rw-r--r--. 1 root root 712 Feb 19 22:33 httpd.csr

-rw-------. 1 root root 887 Feb 19 22:17 httpd.key

[[email protected] ssl]# scp httpd.csr [email protected]:/tmp/           ###传送信息去CA服务器

The authenticity of host ‘192.168.1.162 (192.168.1.162)‘ can‘t be established.

RSA key fingerprint is 8c:59:ee:24:7b:03:af:8d:23:5f:2e:81:89:a0:07:38.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added ‘192.168.1.162‘ (RSA) to the list of known hosts.

[email protected]‘s password: 

Permission denied, please try again.

[email protected]‘s password:                                          ###输入服务器密码

httpd.csr                                     100%  712     0.7KB/s   00:00    

[[email protected] ssl]# 




[[email protected] CA]# openssl ca -in /tmp/httpd.csr -out certs/web1.magedu.com.crt -days 365    ###在主机192.168.1.162上配置

Using configuration from /etc/pki/tls/openssl.cnf

Check that the request matches the signature

Signature ok

Certificate Details:

        Serial Number: 1 (0x1)

        Validity

            Not Before: Feb 20 07:06:47 2017 GMT

            Not After : Feb 20 07:06:47 2018 GMT

        Subject:

            countryName               = CN

            stateOrProvinceName       = Beijing

            organizationName          = MageEdu Ltd

            organizationalUnitName    = Ops

            commonName                = web1.magedu.com

            emailAddress              = [email protected]

        X509v3 extensions:

            X509v3 Basic Constraints: 

                CA:FALSE

            Netscape Comment: 

                OpenSSL Generated Certificate

            X509v3 Subject Key Identifier: 

                30:C0:E8:6B:54:31:C6:39:29:DA:C3:CD:E8:3E:74:0D:D9:67:E5:BE

            X509v3 Authority Key Identifier: 

                keyid:67:46:99:85:11:0E:9D:09:64:D8:9D:35:C8:E3:4D:DE:60:47:EE:2D


Certificate is to be certified until Feb 20 07:06:47 2018 GMT (365 days)

Sign the certificate? [y/n]:y



1 out of 1 certificate requests certified, commit? [y/n]y

Write out database with 1 new entries

Data Base Updated

[[email protected] CA]# ls

cacert.pem  crl        index.txt.attr  newcerts  serial

certs       index.txt  index.txt.old   private   serial.old

[[email protected] CA]# ls newcerts/

01.pem

[[email protected] CA]# ls certs/

web1.magedu.com.crt

[[email protected] CA]# scp certs/web1.magedu.com.crt 192.168.1.191:/etc/httpd/ssl/   ###传送给客户端

The authenticity of host ‘192.168.1.191 (192.168.1.191)‘ can‘t be established.

RSA key fingerprint is 77:45:3b:cc:50:44:35:f8:ca:98:2e:e6:6e:c1:76:0e.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added ‘192.168.1.191‘ (RSA) to the list of known hosts.

[email protected]‘s password:                                                    ###需要输入客服端主机密码 

web1.magedu.com.crt                            100% 3892     3.8KB/s   00:00    

[[email protected] CA]# 


[[email protected] ssl]# ll                                                    ###在主机192.168.1.191上

total 12

-rw-r--r--. 1 root root  712 Feb 19 22:33 httpd.csr

-rw-------. 1 root root  887 Feb 19 22:17 httpd.key

-rw-r--r--. 1 root root 3892 Feb 19 23:14 web1.magedu.com.crt

[[email protected] ssl]# httpd -M | grep ssl

httpd: Could not reliably determine the server‘s fully qualified domain name, using localhost.localdomain for ServerName

Syntax OK

[[email protected] ssl]# yum install mod_ssl -y


Installed:

  mod_ssl.x86_64 1:2.2.15-56.el6.centos.3                                       


Complete!

[[email protected] ssl]# httpd -M | grep ssl

httpd: Could not reliably determine the server‘s fully qualified domain name, using localhost.localdomain for ServerName

 ssl_module (shared)

Syntax OK

[[email protected] ssl]# rpm -ql mod_ssl

/etc/httpd/conf.d/ssl.conf

/usr/lib64/httpd/modules/mod_ssl.so

/var/cache/mod_ssl

/var/cache/mod_ssl/scache.dir

/var/cache/mod_ssl/scache.pag

/var/cache/mod_ssl/scache.sem

[[email protected] ssl]# cd ../conf.d/

[[email protected] conf.d]# pwd

/etc/httpd/conf.d

[[email protected] conf.d]# ls

mod_dnssd.conf  README  ssl.conf  welcome.conf.bak

[[email protected] conf.d]# cp ssl.conf{,.bak}

[[email protected] conf.d]# vim ssl.conf


##

## SSL Virtual Host Context

##


<VirtualHost *:443>


# General setup for the virtual host, inherited from global configuration

DocumentRoot "/var/web1/htdocs"

ServerName web1.magedu.com



#   SSL Cipher Suite:

# List the ciphers that the client is permitted to negotiate.

# See the mod_ssl documentation for a complete list.

SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:!RC4+RSA:+HIGH:+MEDIUM:+LOW


#   Server Certificate:

# Point SSLCertificateFile at a PEM encoded certificate.  If

# the certificate is encrypted, then you will be prompted for a

# pass phrase.  Note that a kill -HUP will prompt again.  A new

# certificate can be generated using the genkey(1) command.

SSLCertificateFile /etc/httpd/ssl/web1.magedu.com.crt


#   Server Private Key:

#   If the key is not combined with the certificate, use this

#   directive to point at the key file.  Keep in mind that if

#   you‘ve both a RSA and a DSA private key you can configure

#   both in parallel (to also allow the use of DSA ciphers, etc.)

SSLCertificateKeyFile /etc/httpd/ssl/httpd.key



[[email protected] ~]# openssl s_client -connect 192.168.1.191:443 -CAfile /etc/pki/CA/cacert.pem     ###在192.168.1.162主机上测试

CONNECTED(00000003)

depth=1 C = CN, ST = Beijing, L = Benjing, O = MageEdu Ltd, OU = Ops, CN = ca.magedu.com, emailAddress = [email protected]

verify return:1

depth=0 C = CN, ST = Beijing, O = MageEdu Ltd, OU = Ops, CN = web1.magedu.com, emailAddress = [email protected]

verify return:1

---

GET / HTTP/1.1                                         ###请求协议

Host: web1.magedu.com

HTTP/1.1 400 Bad Request                               ###请求主机

Date: Mon, 20 Feb 2017 07:55:01 GMT

Server: Apache/2.2.15 (CentOS)

Vary: Accept-Encoding

Content-Length: 308

Connection: close

Content-Type: text/html; charset=iso-8859-1


<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">

<html><head>

<title>400 Bad Request</title>

</head><body>

<h1>Bad Request</h1>

<p>Your browser sent a request that this server could not understand.<br />

</p>

<hr>

<address>Apache/2.2.15 (CentOS) Server at web1.magedu.com Port 443</address>

</body></html>

closed


[[email protected] conf.d]# ab -c 100 -n 10000 http://192.168.1.181/   ####压力测试-n: 总的请求数-c:模拟的并发数

This is ApacheBench, Version 2.3 <$Revision: 655654 $>

Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/

Licensed to The Apache Software Foundation, http://www.apache.org/


Benchmarking 192.168.1.181 (be patient)

Completed 1000 requests

Completed 2000 requests

Completed 3000 requests

Completed 4000 requests

Completed 5000 requests

Completed 6000 requests

Completed 7000 requests

Completed 8000 requests

Completed 9000 requests

Completed 10000 requests

Finished 10000 requests



Server Software:        Apache/2.2.15

Server Hostname:        192.168.1.181

Server Port:            80


Document Path:          /

Document Length:        277 bytes


Concurrency Level:      100

Time taken for tests:   2.039 seconds

Complete requests:      10000

Failed requests:        0

Write errors:           0

Non-2xx responses:      10026

Total transferred:      4812480 bytes

HTML transferred:       2777202 bytes

Requests per second:    4905.37 [#/sec] (mean)

Time per request:       20.386 [ms] (mean)

Time per request:       0.204 [ms] (mean, across all concurrent requests)

Transfer rate:          2305.37 [Kbytes/sec] received


Connection Times (ms)

              min  mean[+/-sd] median   max

Connect:        0    7   3.6      8      29

Processing:     6   12   3.2     12      27

Waiting:        1    9   1.8      9      26

Total:         17   20   2.7     19      47


Percentage of the requests served within a certain time (ms)

  50%     19

  66%     20

  75%     20

  80%     21

  90%     22

  95%     23

  98%     26

  99%     34

 100%     47 (longest request)



7、为第6题中的第2个虚拟主机提供https服务,使得用户可以通过https安全的访问此web站点;

   (1)要求使用证书认证,证书中要求使用的国家(CN)、州(HA)、城市(ZZ)和组织(MageEdu);

   (2)设置部门为cdn,主机名为www2.stuX.com,邮件为[email protected]


8、建立samba共享,共享目录为/data,要求:(描述完整的过程)

  1)共享名为shared,工作组为magedu;

  2)添加组develop,添加用户gentoo,centos和ubuntu,其中gentoo和centos以develop为附加组,ubuntu不属于develop组;密码均为用户名;

  3)添加samba用户gentoo,centos和ubuntu,密码均为“mageedu”;

  4)此samba共享shared仅允许develop组具有写权限,其他用户只能以只读方式访问;

  5)此samba共享服务仅允许来自于172.16.0.0/16网络的主机访问;


[[email protected] ~]# yum -y install samba

[[email protected] ~]# rpm -ql samba |less

               /etc/samba/smb.conf              ###主配置文件

               /etc/rc.d/init.d/nmb             ###启动脚本

               /etc/rc.d/init.d/smb             ###启动脚本

[[email protected] ~]# service nmb start;service sm start

Starting NMB services:                                     [  OK  ]

Starting SMB services:                                     [  OK  ]

[[email protected] ~]# netstat -tunl

[[email protected] samba]# groupadd develop

[[email protected] samba]# useradd -g develop centos

[[email protected] samba]# useradd -g develop gentoo

[[email protected] samba]# useradd ubuntu

[[email protected] samba]# passwd gentoo

[[email protected] samba]# passwd centos

[[email protected] samba]# passwd ubuntu

[[email protected] samba]# smbpasswd -a gentoo

[[email protected] samba]# smbpasswd -a centos

[[email protected] samba]# smbpasswd -a ubuntu


[[email protected] samba]# vim smb.conf


# Hosts Allow/Hosts Deny lets you restrict who can connect, and you can

# specifiy it as a per share option as well

#

        workgroup = magedu

[shared]

        path = /data

        guest ok = no                             ###来宾禁用

        writable = no                             ###禁止写权限

        write list = +develop                     ###添加写用户组



自定义共享

[shared_name]

path = /path/to/share_directory

comment = Comment string

guest ok = {yes|no}

public = {yes|no}

writable = {yes|no}

read only ={yes|no}

write list = +GROUP_NAME


smbpasswd:

    -a Sys-user:为系统添加samba用户

    -d : 禁用

    -e : 启用

    -x : 删除

[[email protected] samba]# testparm                                 ###测试语法是否有错误

Load smb config files from /etc/samba/smb.conf

rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)

Processing section "[homes]"

Processing section "[printers]"

Processing section "[shared]"

Loaded services file OK.

Server role: ROLE_STANDALONE

Press enter to see a dump of your service definitions


[global]

workgroup = MAGEDU

server string = Samba Server Version %v

log file = /var/log/samba/log.%m

max log size = 50

client signing = required

idmap config * : backend = tdb

hosts allow = 192.168.0.0/24

cups options = raw


[homes]

comment = Home Directories

read only = No

browseable = No


[printers]

comment = All Printers

path = /var/spool/samba

printable = Yes

print ok = Yes

browseable = No


[shared]

path = /data

write list = +develop

read only = No

guest ok = No

[[email protected] samba]#setfacl -m g:develop:rwx /data                    ###对本地目录添加组权限

[[email protected] samba]# service nmb restart;service smb restart

Shutting down NMB services:                                [  OK  ]

Starting NMB services:                                     [  OK  ]

Shutting down SMB services:                                [  OK  ]

Starting SMB services:                                     [  OK  ]



[[email protected] ~]# smbclient  //192.168.1.20/shared -U centos       ###在samba客户机上测试

Enter centos‘s password: 

Domain=[MAGEDU] OS=[Unix] Server=[Samba 3.6.23-36.el6_8]

smb: \> 

smb: \> ls

  .                                   D        0  Mon Mar 27 01:36:36 2017

  ..                                 DR        0  Mon Mar 27 01:30:54 2017

  test.txt                                     0  Mon Mar 27 01:36:36 2017


39127 blocks of size 2097152. 35626 blocks available

smb: \> lcd /etc/

smb: \> put issue                                           ###上传成功

putting file issue as \issue (9.2 kb/s) (average 9.2 kb/s)

smb: \> ls

  .                                   D        0  Tue Mar 28 00:15:47 2017

  ..                                 DR        0  Mon Mar 27 01:30:54 2017

  test.txt                                     0  Mon Mar 27 01:36:36 2017

  issue                               A       47  Tue Mar 28 00:15:47 2017


39127 blocks of size 2097152. 35626 blocks available

smb: \> quit

                    


[[email protected] ~]# smbclient  //192.168.1.20/shared -U gentoo

Enter gentoo‘s password: 

Domain=[MAGEDU] OS=[Unix] Server=[Samba 3.6.23-36.el6_8]

smb: \> ls

  .                                   D        0  Tue Mar 28 00:23:27 2017

  ..                                 DR        0  Mon Mar 27 01:30:54 2017

  test.txt                                     0  Mon Mar 27 01:36:36 2017

  issue                               A       47  Tue Mar 28 00:15:47 2017


39127 blocks of size 2097152. 35626 blocks available

smb: \> lcd /etc/

smb: \> put passwd                                        ###上传成功

putting file passwd as \passwd (464.5 kb/s) (average 464.5 kb/s)


[[email protected] ~]# smbclient  //192.168.1.20/shared -U ubuntu

Enter ubuntu‘s password: 

Domain=[MAGEDU] OS=[Unix] Server=[Samba 3.6.23-36.el6_8]

smb: \> ls

  .                                   D        0  Tue Mar 28 00:23:27 2017

  ..                                 DR        0  Mon Mar 27 01:30:54 2017

  test.txt                                     0  Mon Mar 27 01:36:36 2017

  issue                               A       47  Tue Mar 28 00:15:47 2017


39127 blocks of size 2097152. 35626 blocks available

smb: \> lcd /etc/

smb: \> put passwd                                        ###上传失败                         

NT_STATUS_ACCESS_DENIED opening remote file \passwd

smb: \> ls

  .                                   D        0  Tue Mar 28 00:23:27 2017

  ..                                 DR        0  Mon Mar 27 01:30:54 2017

  test.txt                                     0  Mon Mar 27 01:36:36 2017

  issue                               A       47  Tue Mar 28 00:15:47 2017


39127 blocks of size 2097152. 35626 blocks available

smb: \> ^C



9、搭建一套文件vsftp文件共享服务,共享目录为/ftproot,要求:(描述完整的过程)

  1)基于虚拟用户的访问形式;

  2)匿名用户只允许下载,不允许上传;

  3)禁锢所有的用户于其家目录当中;

  4)限制最大并发连接数为200:;

  5)匿名用户的最大传输速率512KB/s

  6)虚拟用户的账号存储在mysql数据库当中。

  7)数据库通过NFS进行共享。

[[email protected] ~]# yum -y install vsftpd

[[email protected] ~]# rpm -ql vsftpd | less


/etc/pam.d/vsftpd           ###用户认证

/etc/rc.d/init.d/vsftpd     ###服务脚本

/etc/vsftpd                 ###配置文件目录

/etc/vsftpd/ftpusers

/etc/vsftpd/user_list

/usr/sbin/vsftpd            ###主程序

/var/ftp                    ###匿名用户共享资源位置  

[[email protected] ~]# yum install finger

[[email protected] ~]# service vsftpd start

Starting vsftpd for vsftpd:                                [  OK  ]

[[email protected] ~]# ss -tnlp



[[email protected] ~]# yum install ftp -y                      ###在客户机上安装ftp客户端

Connected to 192.168.1.20 (192.168.1.20).

220 (vsFTPd 2.2.2)

Name (192.168.1.20:root): zjh2

331 Please specify the password.

Password:

230 Login successful.

Remote system type is UNIX.

Using binary mode to transfer files.

ftp> ls

227 Entering Passive Mode (192,168,1,20,180,9).

150 Here comes the directory listing.

drwxr-xr-x    2 500      500          4096 Mar 10 02:07 Desktop

drwxr-xr-x    2 500      500          4096 Mar 10 02:07 Documents

drwxr-xr-x    2 500      500          4096 Mar 10 02:07 Downloads

drwxr-xr-x    2 500      500          4096 Mar 10 02:07 Music

drwxr-xr-x    2 500      500          4096 Mar 10 02:07 Pictures

drwxr-xr-x    2 500      500          4096 Mar 10 02:07 Public

drwxr-xr-x    2 500      500          4096 Mar 10 02:07 Templates

drwxr-xr-x    2 500      500          4096 Mar 10 02:07 Videos

226 Directory send OK.



[[email protected] ~]# cd /etc/vsftpd

[[email protected] vsftpd]# vim vsftpd.conf

anonymous_enable=YES                ###启用匿名用户

anon_upload_enable=NO               ###匿名用户无法上传

anon_mkdir_write_enable=NO          ###匿名用户无法创建目录

anon_ohter_write_enable=YES         ###匿名用户无法删除


local_enable=YES                    ###系统用户

write_enable=YES                    ###本地用户写权限

local_umask=022                     ###本地用户上传文件权限

chroot_local_user=YES               ###锁定所有ftp本地用户于家目录

chroot_list_enable=YES              ###锁定文件中指定ftp本地用户于家目录

#chroot_list_file=/etc/vsftpd/chroot_list     ###锁定的配置文件,需要手动创建

xferlog_enable=YES                   ###启动日志

xferlog_std_format=YES               ###日志格式

#xferlog_file=/var/log/xferlog       ###日志文件

#chown_uploads=YES                   ###改变上传文件属主

#chown_username=whoever              ###改变上传文件属主

#ftpd_banner=Welcome to blah FTP service.    ###开机显示信息

 

pam_service_name=vsftpd

userlist_enable=YES                  ###用户控制

userlist_deny=NO                     ###黑名单|白名单

/etc/vsftpd/user_list                ###控制文件路径

tcp_wrappers=YES

max_client=200                       ###最大并发连接数

max_per_ip                           ###每个ip同时发起并发请求

anon_max_ip=512                      ###匿名最大传输速率

local_max_ip                         ###本地最大传输速率



[[email protected] vsftpd]# cd /var/ftp

[[email protected] ftp]# ls

pub

[[email protected] ftp]# mkdir upload

[[email protected] ftp]# setfacl -m u:ftp:rwx upload/

[[email protected] ftp]# getfacl upload/

# file: upload/

# owner: root

# group: root

user::rwx

user:ftp:rwx

group::r-x

mask::rwx

other::r-x

[[email protected] ftp]# service vsftpd reload

Shutting down vsftpd:                                      [  OK  ]

Starting vsftpd for vsftpd:                                [  OK  ]



[[email protected] ftp]# cd /etc/vsftpd/

[[email protected] vsftpd]# ls

ftpusers  user_list  vsftpd.conf  vsftpd.conf.bak  vsftpd_conf_migrate.sh

[[email protected] vsftpd]# vim ftpusers           ###黑名单


[[email protected] vsftpd]#yum install pam_mysql          ###安装mysql模块

[[email protected] ~]# rpm -ql pam_mysql                  ####

/lib64/security/pam_mysql.so

/usr/share/doc/pam_mysql-0.7

/usr/share/doc/pam_mysql-0.7/COPYING

/usr/share/doc/pam_mysql-0.7/CREDITS

/usr/share/doc/pam_mysql-0.7/ChangeLog

/usr/share/doc/pam_mysql-0.7/NEWS

/usr/share/doc/pam_mysql-0.7/README



[[email protected] ~]# yum -y install  mysql-server mysql-devel pam_mysql   ###安装mysql


[[email protected] ~]# service mysqld start

[[email protected] ~]# mysql

mysql> CREATE DATABASE vsftpd;                                         ###创建vsftpd表格

mysql> use vsftpd;

mysql> GRANT SELECT ON vsftpd.* TO [email protected]‘192.168.%.%‘ IDENTIFIED BY ‘mageedu‘ ;  ###允许远程连接

mysql> FLUSH PRIVILEGES;                                                ###刷新

mysql> Ctrl-C -- exit!


[[email protected] vsftpd]# mysql -uvsftp -h192.168.1.134 -p                    ###在vsftp服务器远程登录mysql

Enter password: 

mysql> SHOW DATABASES;

+--------------------+

| Database           |

+--------------------+

| information_schema |

| test               |

| vsftpd             |

+--------------------+

3 rows in set (0.01 sec)


mysql> Ctrl-C -- exit!



[[email protected] ~]# mysql                                        ###在mysql服务器上创建表格,且创建新用户


mysql> CREATE TABLE users (

    -> id INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,

    -> name VARCHAR(50) BINARY NOT NULL,

    -> password CHAR(48) BINARY NOT NULL );

Query OK, 0 rows affected (0.05 sec)


mysql> DESC users;

+----------+------------------+------+-----+---------+----------------+

| Field    | Type             | Null | Key | Default | Extra          |

+----------+------------------+------+-----+---------+----------------+

| id       | int(10) unsigned | NO   | PRI | NULL    | auto_increment |

| name     | varchar(50)      | NO   |     | NULL    |                |

| password | char(48)         | NO   |     | NULL    |                |

+----------+------------------+------+-----+---------+----------------+

3 rows in set (0.00 sec)


mysql> INSERT INTO users (name,password) VALUES (‘tom‘,password(‘mageedu‘)),(‘jerry‘,password(‘mageedu‘));

Query OK, 2 rows affected (0.00 sec)

Records: 2  Duplicates: 0  Warnings: 0


mysql> SELECT * FROM users;

+----+-------+-------------------------------------------+

| id | name  | password                                  |

+----+-------+-------------------------------------------+

|  1 | tom   | *9A94EE7D14C10908118B62D2DA88E6932E11E438 |

|  2 | jerry | *9A94EE7D14C10908118B62D2DA88E6932E11E438 |

+----+-------+-------------------------------------------+

2 rows in set (0.00 sec)


[[email protected] vsftpd]# cd /etc/pam.d/

[[email protected] pam.d]# vim vsftpd.mysql


auth required /lib/security/pam_mysql.so user=vsftpd passwd=magedu host=192.168.1.134  db=vsftpd table=users usercolumn=name passwdcolumn=password crypt=0

account required /lib/security/pam_mysql.so user=vsftpd passwd=magedu host=192.168.1.134 db=vsftpd table=users usercolumn=name passwdcolumn=password crypt=0


[[email protected] vsftpd]# vim vsftpd.conf

anonymous_enable=NO

pam_service_name=vsftpd.mysql

guest_enable=YES

guest_username=vuser

user_config_dir=/etc/vsftpd/vusers_config


[[email protected] vsftpd]# mkdir vusers

[[email protected] vsftpd]# cd vusers/

[[email protected] vusers]# vim tom


non_upload_enable=yes

anon_mkdir_write_enable=yes

anon_other_write_enable=yes


[[email protected] vusers]# vim jerry


non_upload_enable=no

anon_mkdir_write_enable=no

anon_other_write_enable=no


本文出自 “linux” 博客,请务必保留此出处http://zjh10512.blog.51cto.com/7682381/1912408

以上是关于OOP第四到第六次训练总结的主要内容,如果未能解决你的问题,请参考以下文章

pta第四次到第六次题目集

第六次学习总结&&第四次实验总结

OOP学习的第二次BLOG

马哥2016全新Linux+Python高端运维班第四期-第六次作业

第四到八章 章节性总结

magedu.com-网络班第四期-29-张健华-第六次作业