Programmer Group

brief introduction At present, a connection trace quintuple is the source destination IP, the transport layer protocol, and the source destination port. In multi-tenant environment, the private address network of tenants may overlap. If only one CT is distinguished by these five elements, it can not meet the needs of multi-tenants. So the conce ...

Tomcat -- About Project Configuration Configuration Ports - involving three ports - modifying conf/server.xml # Close the port of tomcat <Server port="8005" shutdown="SHUTDOWN"> # Establish access to http, browser access <Connector port="8080" protocol="HTTP/1.1" connection ...

Several states in user-mode connection tracking A connection tracking system defines several states in which a connection may be in: NEW: The initial state of a connection (e.g. the arrival of a SYN packet in a TCP connection), or the firewall receives only traffic in one direction (e.g. before the firewall receives a reply packet). ESTABLISHE ...

Contents System Service Management file management view log Compression and decompression Disk and Network Management firewall ftp operation Installation and Management of Software Other System Service Management systemctl The state of each service in the output system: systemctl list-units --type=service View the running status of the serv ...

iptables The iptables service is used to process or filter traffic policy items (rules). Multiple rules can form a rule chain, which is categorized according to the location of data packet processing. Preprocessing data packets (PREROUTING) before routing; Processing incoming data packets (INPUT); Processing Outgoing Packets (OUTPUT); Proc ...

Article Directory HAProxy Scheduling Algorithm 1. Static algorithms 1. static-rr 2. first 2. Dynamic algorithms: 1. roundrobin 2. leastconn 3. Hybrid algorithm 1. source 2. uri 3. url_param: 4. hdr 5. rdp-cookie 6. random Difference between ...

Absrtact: This paper mainly studied how to configure firewall in Linux system. iptables command Iptables is not exactly a firewall, the real firewall is a Netfilter running in the system kernel, and iptables is only a tool to operate netfilter. Its main function is to interact with users, get the user's requirements, and convert them into inf ...

kubernetes Off-line Installation Package, only three steps kube-proxy source code parsing ipvs has higher performance and stability than iptables mode. This paper focuses on the source code analysis of iptables mode. If you want to understand the principle of iptables mode, you can refer to its implementation. There is no difference in architec ...

1.Basic concepts statefulset, which can be translated into stateful settings. Contrast with deployment The pod created by deployment deployment is stateless. The rescheduling of pod, the name of pod hostname, the order of starting pod and deleting pod are random. The deployment uses shared storage, and all pods share a single volume. The pod c ...

Using StrongSwan to study IPSec is a good practice to understand IPSec. However, there are so many pits in the process of using Strong Swan, and there are so many incomplete online tutorials that I can hardly explain every step thoroughly, which leads me to scratch my ears and cheeks in the process of using Strong Swan. Programmers naturally w ...