{"id":205460,"date":"2013-12-10T14:51:03","date_gmt":"2013-12-10T10:51:03","guid":{"rendered":"http:\/\/savepearlharbor.com\/?p=205460"},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-29T21:00:00","slug":"","status":"publish","type":"post","link":"https:\/\/savepearlharbor.com\/?p=205460","title":{"rendered":"\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0448\u043b\u044e\u0437\u0430 \u0434\u043b\u044f \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u043e\u0433\u043e \u043e\u0444\u0438\u0441\u0430 CentOS, Iptables, NAT, Squid Transparent, Sarg<\/span>"},"content":{"rendered":"
\t\t\t\u041f\u0440\u043e\u0448\u043b\u0438 \u0432\u0440\u0435\u043c\u0435\u043d\u0430, \u043a\u043e\u0433\u0434\u0430 \u0432 \u043d\u0430\u0448\u0435\u043c \u043e\u0444\u0438\u0441\u0435 \u0431\u044b\u043b\u043e 2 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430, \u0438 DSL \u043c\u043e\u0434\u0435\u043c \u043d\u0430 4 \u043f\u043e\u0440\u0442\u0430 \u0441 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u043e\u043c \u0432 2 \u043c\u0435\u0433\u0430\u0431\u0438\u0442\u0430
\u0441\u043f\u0430\u0441\u0430\u043b \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044e. \u0421\u0435\u0439\u0447\u0430\u0441 \u0432 \u043e\u0444\u0438\u0441\u0435 5 \u0440\u0430\u0431\u043e\u0447\u0438\u0445 \u043c\u0430\u0448\u0438\u043d \u0438 1 \u0441\u0435\u0440\u0432\u0435\u0440 \u0434\u043b\u044f \u0437\u0430\u0434\u0430\u0447 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432.<\/p>\n

\u041f\u0440\u0438 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0438 \u0432\u0441\u0435\u0445 \u0432 \u0441\u0432\u0438\u0447 \u0441\u043e \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u043c Tp Link \u0448\u043b\u044e\u0437\u043e\u043c, \u0435\u0441\u043b\u0438 \u043a\u0442\u043e \u043d\u0430\u0447\u0438\u043d\u0430\u043b \u043a\u0430\u0447\u0430\u0442\u044c, \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0437\u0430\u0432\u0438\u0441\u0430\u043b \u0443 \u0432\u0441\u0435\u0445. \u0411\u044b\u043b\u043e \u043f\u0440\u0438\u043d\u044f\u0442\u043e \u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0441\u0432\u043e\u0439 \u0448\u043b\u044e\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430, \u0441 \u0448\u0435\u0439\u043f\u0435\u0440\u043e\u043c \u0442\u0440\u0430\u0444\u0438\u043a\u0430, DNS, DHCP \u0438 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u043e\u0439 ( squid + sarg) \u0438 \u043f\u0440\u043e\u043a\u0441\u0438.<\/p>\n

\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0431\u044b\u043b \u0432\u044b\u0431\u0440\u0430\u043d DualCore pentium, 4 GB RAM \u0441 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u0431\u043e\u0440\u0442\u0443 CentOS 6.4 minimal.
\u0418\u0442\u0430\u043a, \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0438\u043c \u043a \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u043d\u0430\u0448\u0435\u0433\u043e \u0431\u0443\u0434\u0443\u0449\u0435\u0433\u043e \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0448\u043b\u044e\u0437\u0430.<\/p>\n

\u0417\u0430\u0434\u0430\u0447\u0430 \u0441\u0442\u043e\u0438\u0442, \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c<\/b>:
\u0420\u0430\u0437\u0434\u0430\u0447\u0443 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0447\u0435\u0440\u0435\u0437 NAT (iptables, htb), DHCP,DNS, HTTPD, NGINX, SARG
<\/a> <\/p>\n

\u041f\u0435\u0440\u0432\u044b\u0439 \u0448\u0430\u0433, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0433\u043e \u0431\u0430\u0437\u043e\u0432\u043e\u0433\u043e \u0441\u043e\u0444\u0442\u0430<\/h5>\n

\u0414\u043e\u0431\u0430\u0432\u0438\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 <\/p>\n

rpm --import http:\/\/apt.sw.be\/RPM-GPG-KEY.dag.txt rpm -ivh http:\/\/packages.sw.be\/rpmforge-release\/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm  rpm --import https:\/\/fedoraproject.org\/static\/0608B895.txt rpm -ivh http:\/\/dl.fedoraproject.org\/pub\/epel\/6\/x86_64\/epel-release-6-8.noarch.rpm  rpm --import http:\/\/rpms.famillecollet.com\/RPM-GPG-KEY-remi rpm -ivh http:\/\/rpms.famillecollet.com\/enterprise\/remi-release-6.rpm <\/code><\/pre>\n
  \u041e\u0447\u0438\u0441\u0442\u0438\u043c \u043a\u0435\u0448 YUM  <\/p>\n
yum clean all <\/code><\/pre>\n
  \u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c \u0441\u043e\u0444\u0442 \u0434\u043b\u044f \u0441\u0431\u043e\u0440\u043a\u0438  <\/p>\n
yum -y groupinstall "Development tools" <\/code><\/pre>\n
  \u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c \u0434\u0440\u0443\u0433\u0438\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u0443\u0442\u0438\u043b\u0438\u0442\u044b  <\/p>\n
yum -y install git mc htop lftp unzip zlib zlib-devel openssl openssl-devel patch libtool re2c bison fprintd-pam subversion sshfs curlftpfs <\/code><\/pre>\n
\u0412\u0442\u043e\u0440\u043e\u0439 \u0448\u0430\u0433, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 nginx<\/h5>\n
  <\/p>\n
useradd nginx -s \/bin\/false -M -U  mkdir \/var\/run\/nginx\/ chown -R nginx:nginx \/var\/run\/nginx\/ mkdir \/var\/log\/nginx\/ chown -R nginx:nginx \/var\/log\/nginx\/  cd \/usr\/src wget http:\/\/nginx.org\/download\/nginx-1.4.2.tar.gz tar xvzf nginx* cd nginx* git clone  https:\/\/github.com\/yaoweibin\/nginx_tcp_proxy_module.git git clone git:\/\/github.com\/mikewest\/nginx-static-etags.git patch -p1 < nginx_tcp_proxy_module\/tcp.patch  wget -O release-1.6.29.5-beta.zip https:\/\/github.com\/pagespeed\/ngx_pagespeed\/archive\/release-1.6.29.5-beta.zip unzip release-1.6.29.5-beta.zip cd ngx_pagespeed-release-1.6.29.5-beta\/ wget --no-check-certificate -O 1.6.29.5.tar.gz https:\/\/dl.google.com\/dl\/page-speed\/psol\/1.6.29.5.tar.gz tar -xzvf 1.6.29.5.tar.gz  cd \/usr\/src\/nginx* .\/configure --error-log-path=\/var\/log\/nginx\/error_log --pid-path=\/var\/run\/nginx\/nginx.pid --lock-path=\/var\/lock\/subsys\/nginx --add-module=nginx-static-etags --add-module=nginx_tcp_proxy_module --add-module=ngx_pagespeed-release-1.6.29.5-beta --user=nginx --group=nginx --with-http_realip_module --with-http_stub_status_module --with-http_gzip_static_module --without-http_geo_module --without-http_ssi_module --without-http_empty_gif_module --without-http_browser_module --without-mail_pop3_module --without-mail_imap_module --without-mail_smtp_module --with-pcre=\/usr\/src\/pcre-8.33 --without-http_memcached_module --without-http_scgi_module --without-http_uwsgi_module --without-http_fastcgi_module --http-fastcgi-temp-path= --http-uwsgi-temp-path= --prefix=\/server\/nginx --with-ipv6 make make install  cd \/server\/nginx\/conf\/ && rm -f fastcgi.conf fastcgi.conf.default fastcgi_params fastcgi_params.default koi-utf koi-win mime.types.default nginx.conf.default scgi_params scgi_params.default uwsgi_params uwsgi_params.default win-utf mkdir \/server\/nginx\/conf\/conf.d\/ <\/code><\/pre>\n
  \u0421\u043e\u0437\u0434\u0430\u0434\u0438\u043c \u0444\u0430\u0439\u043b nginx.conf:  <\/p>\n
touch \/server\/nginx\/conf\/nginx.conf <\/code><\/pre>\n
  \u0421\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 nginx.conf  <\/p>\n
worker_processes  8;  events {     worker_connections  25000;     use epoll; }  http {     include            mime.types;     default_type       application\/octet-stream;      sendfile           on;     tcp_nopush         on;      gzip             on;     gzip_min_length  1000;     gzip_proxied     any;     gzip_types text\/plain text\/xml application\/xml application\/x-javascript text\/javascript text\/css text\/json;     gzip_comp_level  8;      client_max_body_size 20M;      server     {         listen      192.168.5.1:80 default_server;         stub_status on;          location = \/apache-stats         {             proxy_pass              http:\/\/127.0.0.1:80;         }          allow 192.168.5.1;         deny all;     }      include conf.d\/*.conf; } <\/code><\/pre>\n
  \u0424\u0430\u0439\u043b \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430:  <\/p>\n
touch \/etc\/init.d\/nginx chmod +x \/etc\/init.d\/nginx <\/code><\/pre>\n
#!\/bin\/bash # chkconfig: - 58 74 #  # Source function library. . \/etc\/init.d\/functions  # Source networking configuration. . \/etc\/sysconfig\/network  if [ -f \/etc\/sysconfig\/nginx ];then         . \/etc\/sysconfig\/nginx fi  RETVAL=0 prog="nginx"  start() {   # Check that networking is up.   [ "$NETWORKING" = "no" ] && exit 1          echo -n $"Starting $prog: "         daemon \/server\/nginx\/sbin\/nginx $OPTIONS   RETVAL=$?         echo         [ $RETVAL -eq 0 ] && touch \/var\/lock\/subsys\/nginx   return $RETVAL }  stop() {         echo -n $"Shutting down $prog: "   killproc \/server\/nginx\/sbin\/nginx   RETVAL=$?         echo         [ $RETVAL -eq 0 ] && rm -f \/var\/lock\/subsys\/nginx   return $RETVAL }  # See how we were called. case "$1" in   start)   start         ;;   stop)   stop         ;;   status)   status nginx   RETVAL=$?   ;;   restart|reload)   stop   start   RETVAL=$?   ;;   condrestart)   if [ -f \/var\/lock\/subsys\/nginx ]; then       stop       start       RETVAL=$?   fi   ;;   *)         echo $"Usage: $0 {start|stop|restart|condrestart|status}"         RETVAL=3 esac  exit $RETVAL <\/code><\/pre>\n
\u0422\u0440\u0435\u0442\u0438\u0439 \u0448\u0430\u0433, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 httpd<\/h5>\n
  \u0414\u043b\u044f \u0410\u043f\u0430\u0447\u0430 \u043f\u043e\u0441\u0442\u0430\u0432\u0438\u043c APR, APR-UTIL, PCRE<\/b>
  \u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 APR  <\/p>\n
cd \/usr\/src wget http:\/\/apache.ip-connect.vn.ua\/\/apr\/apr-1.5.0.tar.gz tar xvzf apr-1.5.0* cd apr-1.5.0 .\/configure --prefix=\/server\/misc\/apr make make install <\/code><\/pre>\n
  \u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 APR-UTIL  <\/p>\n
yum -y install openldap-devel nss nss-devel  cd \/usr\/src wget http:\/\/apache.ip-connect.vn.ua\/\/apr\/apr-util-1.5.3.tar.gz tar xvzf apr-util* cd apr-util-* .\/configure --prefix=\/server\/misc\/apr-util --with-apr=\/server\/misc\/apr --with-crypto --with-ldap make make install <\/code><\/pre>\n
  \u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 PCRE  <\/p>\n
cd \/usr\/src wget http:\/\/ftp.exim.llorien.org\/pcre\/pcre-8.33.tar.gz tar xvzf pcre-8.33.tar.gz cd pcre* .\/configure --prefix=$PCRE_DIR make make install <\/code><\/pre>\n
  \u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 APACHE  <\/p>\n
useradd apache -s \/bin\/false -M -U  mkdir \/var\/run\/httpd\/ && chown -R apache:apache \/var\/run\/httpd\/ mkdir \/var\/log\/httpd\/ && chown -R apache:apache \/var\/log\/httpd\/  cd \/usr\/src wget http:\/\/mpm-itk.sesse.net\/mpm-itk-2.4.4-04.tar.gz tar xvzf mpm* wget http:\/\/archive.apache.org\/dist\/httpd\/httpd-2.4.6.tar.gz tar xvzf httpd* cp -r httpd-2.4.6 httpd-2.4.6.orig cd httpd-2.4.6 patch -p1 < \/usr\/src\/mpm-itk-2.4.4-04\/patches\/r1389339-pre-htaccess-hook.diff rm -rf \/usr\/src\/httpd-2.4.6.orig .\/buildconf --with-apr=\/usr\/src\/apr-1.4.8 --with-apr-util=\/usr\/src\/apr-util-1.5.2 .\/configure --prefix=\/server\/httpd --with-mpm=prefork --with-apr=\/server\/misc\/apr --with-apr-util=\/server\/misc\/apr-util --with-pcre=\/server\/misc\/pcre --disable-version --disable-status --enable-rewrite=static --enable-realip=static --enable-mods-static="authn_file mime authn_core authz_host authz_groupfile authz_user authz_core access_compat auth_basic reqtimeout filter log_config env headers setenvif unixd dir alias realip status info" make make install  cd \/usr\/src\/mpm* .\/configure --with-apxs=\/server\/httpd\/bin\/apxs make make install  mkdir -p \/server\/httpd\/conf\/conf.d\/sites\/ rm -rf \/server\/httpd\/man rm -rf \/server\/httpd\/manual rm -rf \/server\/httpd\/icons rm -rf \/server\/httpd\/cgi-bin rm -rf \/server\/httpd\/logs rm -rf \/server\/httpd\/conf\/extra rm -rf \/server\/httpd\/conf\/original  mkdir \/var\/www chown root:root \/var\/www  chown -R apache:apache \/server\/httpd <\/code><\/pre>\n
  \u041f\u043e\u043f\u0440\u0430\u0432\u0438\u043c httpd.conf \u043a \u0442\u0430\u043a\u043e\u043c\u0443 \u0432\u0438\u0434\u0443:  <\/p>\n
ServerRoot  "\/server\/httpd" Listen      127.0.0.1:80  LoadModule  mpm_itk_module modules\/mpm_itk.so LoadModule  remoteip_module modules\/mod_remoteip.so  <IfModule unixd_module>     User apache     Group apache <\/IfModule>  ServerAdmin webmaster@{HOSTNAME} ServerName  {HOSTNAME}  <IfModule dir_module>     DirectoryIndex index.html <\/IfModule>  <Files ".ht*">     Require all denied <\/Files>  ErrorLog "\/var\/log\/httpd\/error_log" LogLevel warn PidFile \/var\/run\/httpd\/httpd.pid  <IfModule log_config_module>     LogFormat "%h %l %u %t \\"%r\\" %>s %b \\"%{Referer}i\\" \\"%{User-Agent}i\\"" combined     LogFormat "%h %l %u %t \\"%r\\" %>s %b" common     CustomLog "\/var\/log\/httpd\/access_log" common     #CustomLog "\/var\/log\/httpd\/logs\/access_log" combined <\/IfModule>  <IfModule alias_module>     ScriptAlias \/cgi-bin\/ "\/server\/httpd\/cgi-bin\/" <\/IfModule>  <Directory "\/server\/httpd\/cgi-bin">     AllowOverride None     Options None     Require all granted <\/Directory>  <IfModule mime_module>     TypesConfig conf\/mime.types     AddType application\/x-compress .Z     AddType application\/x-gzip .gz .tgz <\/IfModule>  <IfModule prefork.c>     StartServers    6     MinSpareServers 5     MaxSpareServers 10     ServerLimit 256     MaxClients  256     MaxRequestsPerChild 10000 <\/IfModule>  ServerName 127.0.0.1 IncludeOptional conf\/conf.d\/*.conf IncludeOptional conf\/conf.d\/sites\/*.conf  # Timeout: The number of seconds before receives and sends time out. Timeout 60 # KeepAlive: Whether or not to allow persistent connections (more than one request per connection). Set to "Off" to deactivate. KeepAlive On # MaxKeepAliveRequests: The maximum number of requests to allow during a persistent connection. Set to 0 to allow an unlimited amount. We recommend you leave this number high, for maximum performance. MaxKeepAliveRequests 100 # KeepAliveTimeout: Number of seconds to wait for the next request from the same client on the same connection. KeepAliveTimeout 5 # Set to one of:  Full | OS | Minor | Minimal | Major | Prod where Full conveys the most information, and Prod the least. ServerTokens Prod  UseCanonicalName Off AccessFileName .htaccess ServerSignature Off HostnameLookups Off ExtendedStatus On <IfModule reqtimeout_module>   RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500 <\/IfModule>  <IfModule remoteip_module>     RemoteIPHeader X-Forwarded-For     RemoteIPInternalProxy 127.0.0.1 <\/IfModule> <\/code><\/pre>\n
  \u0421\u043e\u0437\u0434\u0430\u0434\u0438\u043c \u0444\u0430\u0439\u043b \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430:  <\/p>\n
touch \/etc\/init.d\/httpd chmod +x \/etc\/init.d\/httpd <\/code><\/pre>\n
  \u0441 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u044b\u043c:  <\/p>\n
#!\/bin\/bash # # httpd        Startup script for the Apache HTTP Server # # chkconfig: - 85 15 # description: The Apache HTTP Server is an efficient and extensible  \\ #              server implementing the current HTTP standards. # processname: httpd # config: \/server\/httpd\/conf\/httpd.conf # pidfile: \/var\/run\/httpd\/httpd.pid # ### BEGIN INIT INFO # Provides: httpd # Required-Start: $local_fs $remote_fs $network $named # Required-Stop: $local_fs $remote_fs $network # Should-Start: distcache # Short-Description: start and stop Apache HTTP Server # Description: The Apache HTTP Server is an extensible server #  implementing the current HTTP standards. ### END INIT INFO  # Source function library. . \/etc\/rc.d\/init.d\/functions  # Start httpd in the C locale by default. HTTPD_LANG="C"  # This will prevent initlog from swallowing up a pass-phrase prompt if # mod_ssl needs a pass-phrase from the user. INITLOG_ARGS=""  # Set HTTPD=\/usr\/sbin\/httpd.worker in \/etc\/sysconfig\/httpd to use a server # with the thread-based "worker" MPM; BE WARNED that some modules may not # work correctly with a thread-based MPM; notably PHP will refuse to start.  # Path to the apachectl script, server binary, and short-form for messages. apachectl=\/server\/httpd\/bin\/apachectl httpd=\/server\/httpd\/bin\/httpd prog=httpd pidfile=\/var\/run\/httpd\/httpd.pid lockfile=\/var\/lock\/subsys\/httpd RETVAL=0 STOP_TIMEOUT=10  # The semantics of these two functions differ from the way apachectl does # things -- attempting to start while running is a failure, and shutdown # when not running is also a failure.  So we just do it the way init scripts # are expected to behave here. start() {         echo -n $"Starting $prog: "         LANG=$HTTPD_LANG daemon --pidfile=${pidfile} $httpd $OPTIONS         RETVAL=$?         echo         [ $RETVAL = 0 ] && touch ${lockfile}         return $RETVAL }  # When stopping httpd, a delay (of default 10 second) is required # before SIGKILLing the httpd parent; this gives enough time for the # httpd parent to SIGKILL any errant children. stop() {         echo -n $"Stopping $prog: "         killproc -p ${pidfile} -d ${STOP_TIMEOUT} $httpd         RETVAL=$?         echo         [ $RETVAL = 0 ] && rm -f ${lockfile} ${pidfile} } reload() {     echo -n $"Reloading $prog: "     if ! LANG=$HTTPD_LANG $httpd $OPTIONS -t >&\/dev\/null; then         RETVAL=6         echo $"not reloading due to configuration syntax error"         failure $"not reloading $httpd due to configuration syntax error"     else         # Force LSB behaviour from killproc         LSB=1 killproc -p ${pidfile} $httpd -HUP         RETVAL=$?         if [ $RETVAL -eq 7 ]; then             failure $"httpd shutdown"         fi     fi     echo }  # See how we were called. case "$1" in   start)         start         ;;   stop)         stop         ;;   status)         status -p ${pidfile} $httpd         RETVAL=$?         ;;   restart)         stop         start         ;;   condrestart|try-restart)         if status -p ${pidfile} $httpd >&\/dev\/null; then                 stop                 start         fi         ;;   force-reload|reload)         reload         ;;   graceful|help|configtest|fullstatus)         $apachectl $@         RETVAL=$?         ;;   *)         echo $"Usage: $prog {start|stop|restart|condrestart|try-restart|force-reload|reload|status|fullstatus|graceful|help|configtest}"         RETVAL=2 esac  exit $RETVAL <\/code><\/pre>\n
\u0427\u0435\u0442\u0432\u0435\u0440\u0442\u044b\u0439 \u0448\u0430\u0433, \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0440\u0430\u0437\u0434\u0430\u0447\u0438 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430<\/h5>\n
  \u041d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e \u0434\u0432\u0430 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430:
  eth0 \u2014 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u043e\u0442 \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u0430
  eth1 \u2014 \u041d\u0430\u0448\u0430 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u0430\u044f \u0441\u0435\u0442\u044c<\/p>\n
  \u0421\u043e\u0437\u0434\u0430\u0435\u043c \u0444\u0430\u0439\u043b \/iptables \u0441 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u044b\u043c:  <\/p>\n
#!\/bin\/sh PATH=\/usr\/sbin:\/sbin:\/bin:\/usr\/bin # - \u041e\u0447\u0438\u0449\u0430\u0435\u043c \u0442\u0430\u0431\u043b\u0438\u0446\u044b iptables -F iptables -t nat -F iptables -t mangle -F iptables -X iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -m state --state NEW ! -i eth0 -j ACCEPT iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables -A FORWARD -i eth0 -o eth0 -j REJECT iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to 192.168.5.1:3128 echo 1 > \/proc\/sys\/net\/ipv4\/ip_forward <\/code><\/pre>\n
  \u0414\u0430\u0435\u043c \u043f\u0440\u0430\u0432\u0430 \u043d\u0430 \u0437\u0430\u043f\u0443\u0441\u043a \u0444\u0430\u0439\u043b\u0430:  <\/p>\n
chmod +x \/iptables <\/code><\/pre>\n
  \u0417\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u043c  <\/p>\n
\/iptables <\/code><\/pre>\n
  \u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u0443\u0435\u043c \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441:  <\/p>\n
mcedit \/etc\/sysconfig\/network-scripts\/ifcfg-eth1 <\/code><\/pre>\n
  <\/p>\n
DEVICE=eth1 HWADDR=00:0E:0C:73:E4:F9 TYPE=Ethernet ONBOOT=yes NM_CONTROLLED=yes BOOTPROTO=static IPADDR=192.168.5.1 NETMASK=255.255.255.0 GATEWAY=192.168.1.106 NETWORK=192.168.5.0 <\/code><\/pre>\n
  GATEWAY \u2014 \u0430\u0439\u043f\u0438 eth0 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430<\/p>\n
  \u041f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u043c \u0441\u0435\u0442\u044c:  <\/p>\n
service network restart <\/code><\/pre>\n
\u041f\u044f\u0442\u044b\u0439 \u0448\u0430\u0433, \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 dhcpd<\/h5>\n
  \u0423\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u043c \u0435\u0433\u043e \u0447\u0435\u0440\u0435\u0437 yum  <\/p>\n
yum -y install dhcpd <\/code><\/pre>\n
  \u041a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0438\u0440\u0443\u0435\u043c:  <\/p>\n
mcedit \/etc\/dhcp\/dhcpd.conf <\/code><\/pre>\n
  <\/p>\n
ddns-update-style none; ignore client-updates; DHCPARGS="eth1"; INTERFACES="eth1";  subnet 192.168.5.0 netmask 255.255.255.0 {     range 192.168.5.100 192.168.5.200;     option routers 192.168.5.1;     option subnet-mask 255.255.255.0;     option domain-name ".loc";     option domain-name-servers 192.168.5.1;     option time-offset -18000;     default-lease-time 21600;     max-lease-time 43200; }  host astraPC1 {     hardware ethernet 00:21:91:91:11:42;     fixed-address 192.168.5.6; }  host astraPC2 {     hardware ethernet D0:27:88:43:7E:AE;     fixed-address 192.168.5.7; }  host astraPC3 {     hardware ethernet D0:27:88:43:7F:0E;     fixed-address 192.168.5.8; }  host astraPC4 {     hardware ethernet 90:2B:34:BB:15:F2;     fixed-address 192.168.5.9; }  host astraPC5 {     hardware ethernet 90:2B:34:BA:E1:55;     fixed-address 192.168.5.10; } <\/code><\/pre>\n
  \u0417\u0434\u0435\u0441\u044c \u043c\u044b \u0443\u043a\u0430\u0437\u0430\u043b\u0438 dns \u0441\u0435\u0440\u0432\u0435\u0440, \u0430\u0439\u043f\u0438 \u043d\u0430\u0448\u0435\u0433\u043e \u0448\u043b\u044e\u0437\u0430. \u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 DNS \u043b\u043e\u0433\u0438\u0447\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0447\u0442\u043e \u0442\u043e \u043f\u0440\u043e\u0441\u0442\u043e\u0435, \u044f \u0432\u044b\u0431\u0440\u0430\u043b dnsmasq<\/p>\n
\u0428\u0430\u0433 \u0448\u0435\u0441\u0442\u043e\u0439, \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 dns \u0441\u0435\u0440\u0432\u0435\u0440\u0430<\/h5>\n
  <\/p>\n
yum -y install dnsmasq <\/code><\/pre>\n
  DHCP \u0443 \u043d\u0430\u0441 \u0443\u0436\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d, \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b \u043d\u0430\u043c \u043d\u0435 \u043d\u0443\u0436\u0435\u043d, \u043a\u043e\u043d\u0444\u0438\u0433 \u0444\u0430\u0439\u043b \u0434\u043e\u0432\u043e\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u043f\u043e \u043f\u0440\u0438\u043d\u0446\u0438\u043f\u0443 \u0432\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u0442\u043e\u043b\u044c\u043a\u043e \u0442\u043e, \u0447\u0442\u043e \u043d\u0443\u0436\u043d\u043e  <\/p>\n
interface=eth1 no-dhcp-interface=eth1 port=53 # - \u041e\u043f\u0446\u0438\u044f \u0434\u043b\u044f \u043f\u043e\u0434\u0445\u0432\u0430\u0442\u0430 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a \/etc\/hosts localise-queries all-servers # - \u043e\u0447\u0438\u0441\u0442\u043a\u0430 \u043a\u0435\u0448\u0430 \u043f\u0440\u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 clear-on-reload # - DNS \u0448\u043b\u044e\u0437\u0430 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 server=192.168.1.1 <\/code><\/pre>\n
  \u0412 \/etc\/hosts \u0434\u043b\u044f \u043d\u0430\u0448\u0435\u0439 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b \u0431\u044b\u043b\u0438 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0445\u043e\u0441\u0442\u044b:  <\/p>\n
192.168.5.1 sarg.loc 192.168.5.1 mysql.loc <\/code><\/pre>\n
  SARG \u2014 \u0433\u0435\u043d\u0435\u0440\u0430\u0442\u043e\u0440 \u043b\u043e\u0433\u043e\u0432 \u0434\u043b\u044f SQUID<\/p>\n
\u0428\u0430\u0433 \u0441\u0435\u0434\u044c\u043c\u043e\u0439, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 squid<\/h5>\n
  <\/p>\n
yum -y install squid <\/code><\/pre>\n
  \u041a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u043f\u0440\u0430\u0432\u0438\u043c \u0434\u043e \u0442\u0430\u043a\u043e\u0433\u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044f:  <\/p>\n
acl manager proto cache_object acl localhost src 127.0.0.1\/32 ::1 acl to_localhost dst 127.0.0.0\/8 0.0.0.0\/32 ::1 acl lan src 192.168.5.1\/32  acl localnet src 10.0.0.0\/8\t# RFC1918 possible internal network acl localnet src 172.16.0.0\/12\t# RFC1918 possible internal network acl localnet src 192.168.0.0\/16\t# RFC1918 possible internal network acl localnet src fc00::\/7       # RFC 4193 local private network range acl localnet src fe80::\/10      # RFC 4291 link-local (directly plugged) machines  acl SSL_ports port 443 acl Safe_ports port 80\t\t# http acl Safe_ports port 21\t\t# ftp acl Safe_ports port 443\t\t# https acl Safe_ports port 70\t\t# gopher acl Safe_ports port 210\t\t# wais acl Safe_ports port 1025-65535\t# unregistered ports acl Safe_ports port 280\t\t# http-mgmt acl Safe_ports port 488\t\t# gss-http acl Safe_ports port 591\t\t# filemaker acl Safe_ports port 777\t\t# multiling http acl CONNECT method CONNECT  http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports  http_access allow localnet http_access allow localhost http_access allow lan http_access deny all  # - \u041f\u0440\u043e\u0437\u0440\u0430\u0447\u043d\u044b\u0439 \u043f\u0440\u043e\u043a\u0441\u0438 http_port 3128 transparent  hierarchy_stoplist cgi-bin ? coredump_dir \/var\/spool\/squid refresh_pattern ^ftp:\t\t1440\t20%\t10080 refresh_pattern ^gopher:\t1440\t0%\t1440 refresh_pattern -i (\/cgi-bin\/|\\?) 0\t0%\t0 refresh_pattern .\t\t0\t20%\t4320  # - \u041f\u0440\u0435\u0432\u0440\u0430\u0449\u0430\u0435\u043c squid \u0432 \u0430\u043d\u043e\u043d\u0438\u043c\u043d\u044b\u0439 \u043f\u0440\u043e\u043a\u0441\u0438 forwarded_for off request_header_access From deny all request_header_access Server deny all request_header_access Link deny all request_header_access X-Forwarded-For deny all request_header_access Via deny all request_header_access Cache-Control deny all visible_hostname myhost.com <\/code><\/pre>\n
\u0428\u0430\u0433 \u0432\u043e\u0441\u044c\u043c\u043e\u0439, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 sarg<\/h5>\n
  <\/p>\n
yum -y install sarg <\/code><\/pre>\n
  \u0422.\u043a \u0432 \u043d\u0430\u0448\u0435\u0439 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u043d\u0435 \u0432\u0430\u0436\u043d\u044b \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438, \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0435 \u0432\u043f\u043e\u043b\u043d\u0435 \u043f\u043e\u0434\u0445\u043e\u0434\u044f\u0442, \u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0435 \u043d\u0443\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u0443\u043a\u0430\u0437\u0430\u0442\u044c \u043f\u0430\u043f\u043a\u0443, \u043a\u0443\u0434\u0430 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0442\u044c \u043b\u043e\u0433\u0438, \u043f\u0440\u0430\u0432\u0438\u043c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u0434\u043e \u0442\u0430\u043a\u043e\u0433\u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044f:  <\/p>\n
mcedit \/usr\/local\/etc\/sarg.conf <\/code><\/pre>\n
  <\/p>\n
output_dir \/var\/www\/sarg\/public_html\/sarg.loc <\/code><\/pre>\n
  SARG \u0436\u0435\u043b\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0432 \u043a\u0440\u043e\u043d, \u0447\u0442\u043e \u0431\u044b \u043e\u043d \u043a\u0430\u0436\u0434\u044b\u0439 \u0434\u0435\u043d\u044c \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u043b \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0443. \u0413\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u044f \u043b\u043e\u0433\u043e\u0432 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0441\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u043e\u043c \u043a\u043e\u043c\u0430\u043d\u0434\u044b:  <\/p>\n
sarg <\/code><\/pre>\n
\u0428\u0430\u0433 \u0434\u0435\u0432\u044f\u0442\u044b\u0439, \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 HTB<\/h5>\n
  <\/p>\n
wget -O \/etc\/init.d\/htb wget http:\/\/downloads.sourceforge.net\/project\/htbinit\/HTB.init\/0.8.5\/htb.init-v0.8.5?use_mirror=citylan <\/code><\/pre>\n
  \u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0448\u0435\u0439\u043f\u0435\u0440\u0430 \u0437\u0430\u0432\u0438\u0441\u044f\u0442 \u043e\u0442 \u0432\u0430\u0448\u0438\u0445 \u043d\u0443\u0436\u0434. \u0412 \u043d\u0430\u0448\u0435\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0431\u044b\u043b\u0438:
  \u0428\u0438\u0440\u0438\u043d\u0430 \u043a\u0430\u043d\u0430\u043b\u0430: 6Mbit\/sec
  \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439: 5
  \u041f\u0440\u0438\u043c\u0435\u0447\u0430\u043d\u0438\u0435: \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0440\u0435\u0434\u043a\u043e \u0441\u043a\u0430\u0447\u0438\u0432\u0430\u044e\u0442, \u0447\u0430\u0441\u0442\u043e \u00ab\u0441\u0435\u0440\u0444\u044f\u0442\u00bb \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435.<\/p>\n
  \u0421\u043e\u0437\u0434\u0430\u0435\u043c \u0444\u0430\u0439\u043b\u044b:  <\/p>\n
cd \/etc\/sysconfig\/htb touch eth1 touch eth1-2.root touch eth1-2:06.astraPC1 touch eth1-2:07.astraPC2 touch eth1-2:08.astraPC3 touch eth1-2:09.astraPC4 touch eth1-2:10.astraPC5 <\/code><\/pre>\n
  eth1 \u2014 \u041a\u043e\u0440\u043d\u0435\u0432\u043e\u0439 \u0444\u0430\u0439\u043b \u043d\u0430\u0448\u0435\u0433\u043e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430
  # \u2014 \u0422\u043e\u0447\u043d\u043e\u0441\u0442\u044c \u0448\u0435\u0439\u043f\u0435\u0440\u0430  <\/p>\n
R2Q=20 DEFAULT=0 <\/code><\/pre>\n
  eth1-2.root \u2014 \u0417\u0430\u0434\u0430\u0435\u043c \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0434\u043b\u044f \u0432\u0441\u0435\u0439 \u0446\u0435\u043f\u043e\u0447\u043a\u0438  <\/p>\n
RATE=6Mbit CEIL=6Mbit <\/code><\/pre>\n
  eth1-2:06.astraPC1 \u2014 \u0424\u0430\u0439\u043b \u0434\u043b\u044f \u043c\u0430\u0448\u0438\u043d\u044b, \u0434\u043b\u044f \u0443\u0434\u043e\u0431\u0441\u0442\u0432\u0430 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435 \u0444\u0430\u0439\u043b\u0430 \u2014 \u0445\u043e\u0441\u0442 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430, \u0430 \u043f\u0440\u0435\u0444\u0438\u043a\u0441 \u2014 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u043e\u043a\u0442\u0435\u0442 \u0430\u0439\u043f\u0438  <\/p>\n
BURST=100kb RATE=1024Kbit CEIL=3064Kbit LEAF=sfq PRIO=1 RULE=192.168.5.6 <\/code><\/pre>\n
  \u041e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0441\u0434\u0435\u043b\u0430\u043d\u044b \u043f\u043e \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0438. \t\t\t<\/p>\n
<\/div>\n<\/p><\/div>\n
 \u0441\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b \u0441\u0442\u0430\u0442\u044c\u0438  http:\/\/habrahabr.ru\/post\/205460\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
 \t\t\t\u041f\u0440\u043e\u0448\u043b\u0438 \u0432\u0440\u0435\u043c\u0435\u043d\u0430, \u043a\u043e\u0433\u0434\u0430 \u0432 \u043d\u0430\u0448\u0435\u043c \u043e\u0444\u0438\u0441\u0435 \u0431\u044b\u043b\u043e 2 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430, \u0438 DSL \u043c\u043e\u0434\u0435\u043c \u043d\u0430 4 \u043f\u043e\u0440\u0442\u0430 \u0441 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u043e\u043c \u0432 2 \u043c\u0435\u0433\u0430\u0431\u0438\u0442\u0430
  \u0441\u043f\u0430\u0441\u0430\u043b \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044e. \u0421\u0435\u0439\u0447\u0430\u0441 \u0432 \u043e\u0444\u0438\u0441\u0435 5 \u0440\u0430\u0431\u043e\u0447\u0438\u0445 \u043c\u0430\u0448\u0438\u043d \u0438 1 \u0441\u0435\u0440\u0432\u0435\u0440 \u0434\u043b\u044f \u0437\u0430\u0434\u0430\u0447 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432.<\/p>\n
  \u041f\u0440\u0438 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0438 \u0432\u0441\u0435\u0445 \u0432 \u0441\u0432\u0438\u0447 \u0441\u043e \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u043c Tp Link \u0448\u043b\u044e\u0437\u043e\u043c, \u0435\u0441\u043b\u0438 \u043a\u0442\u043e \u043d\u0430\u0447\u0438\u043d\u0430\u043b \u043a\u0430\u0447\u0430\u0442\u044c, \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0437\u0430\u0432\u0438\u0441\u0430\u043b \u0443 \u0432\u0441\u0435\u0445. \u0411\u044b\u043b\u043e \u043f\u0440\u0438\u043d\u044f\u0442\u043e \u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0441\u0432\u043e\u0439 \u0448\u043b\u044e\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430, \u0441 \u0448\u0435\u0439\u043f\u0435\u0440\u043e\u043c \u0442\u0440\u0430\u0444\u0438\u043a\u0430, DNS, DHCP \u0438 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u043e\u0439 ( squid + sarg) \u0438 \u043f\u0440\u043e\u043a\u0441\u0438.<\/p>\n
  \u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0431\u044b\u043b \u0432\u044b\u0431\u0440\u0430\u043d DualCore pentium, 4 GB RAM \u0441 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u0431\u043e\u0440\u0442\u0443 CentOS 6.4 minimal.
  \u0418\u0442\u0430\u043a, \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0438\u043c \u043a \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u043d\u0430\u0448\u0435\u0433\u043e \u0431\u0443\u0434\u0443\u0449\u0435\u0433\u043e \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0448\u043b\u044e\u0437\u0430.<\/p>\n
  \u0417\u0430\u0434\u0430\u0447\u0430 \u0441\u0442\u043e\u0438\u0442, \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c<\/b>:
  \u0420\u0430\u0437\u0434\u0430\u0447\u0443 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0447\u0435\u0440\u0435\u0437 NAT (iptables, htb), DHCP,DNS, HTTPD, NGINX, SARG  <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-205460","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts\/205460","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=205460"}],"version-history":[{"count":0,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts\/205460\/revisions"}],"wp:attachment":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=205460"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=205460"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=205460"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}