黄英才Blog

1xx（临时响应）
表示临时响应并需要请求者继续执行操作的状态代码。

代码 说明
100 （继续） 请求者应当继续提出请求。 服务器返回此代码表示已收到请求的第一部分，正在等待其余部分。
101 （切换协议） 请求者已要求服务器切换协议，服务器已确认并准备切换。

2xx （成功）
表示成功处理了请求的状态代码。
代码 说明
200 （成功） 服务器已成功处理了请求。 通常，这表示服务器提供了请求的网页。
201 （已创建） 请求成功并且服务器创建了新的资源。
202 （已接受） 服务器已接受请求，但尚未处理。
203 （非授权信息） 服务器已成功处理了请求，但返回的信息可能来自另一来源。
204 （无内容） 服务器成功处理了请求，但没有返回任何内容。
205 （重置内容） 服务器成功处理了请求，但没有返回任何内容。
206 （部分内容） 服务器成功处理了部分 GET 请求。

3xx （重定向）
表示要完成请求，需要进一步操作。 通常，这些状态代码用来重定向。

代码 说明
300 （多种选择） 针对请求，服务器可执行多种操作。 服务器可根据请求者 (user agent) 选择一项操作，或提供操作列表供请求者选择。
301 （永久移动） 请求的网页已永久移动到新位置。 服务器返回此响应（对 GET 或 HEAD 请求的响应）时，会自动将请求者转到新位置。
302 （临时移动） 服务器目前从不同位置的网页响应请求，但请求者应继续使用原有位置来进行以后的请求。
303 （查看其他位置） 请求者应当对不同的位置使用单独的 GET 请求来检索响应时，服务器返回此代码。
304 （未修改） 自从上次请求后，请求的网页未修改过。 服务器返回此响应时，不会返回网页内容。
305 （使用代理） 请求者只能使用代理访问请求的网页。 如果服务器返回此响应，还表示请求者应使用代理。
307 （临时重定向） 服务器目前从不同位置的网页响应请求，但请求者应继续使用原有位置来进行以后的请求。

4xx（请求错误）
这些状态代码表示请求可能出错，妨碍了服务器的处理。

代码 说明
400 （错误请求） 服务器不理解请求的语法。
401 （未授权） 请求要求身份验证。 对于需要登录的网页，服务器可能返回此响应。
403 （禁止） 服务器拒绝请求。
404 （未找到） 服务器找不到请求的网页。
405 （方法禁用） 禁用请求中指定的方法。
406 （不接受） 无法使用请求的内容特性响应请求的网页。
407 （需要代理授权） 此状态代码与 401（未授权）类似，但指定请求者应当授权使用代理。
408 （请求超时） 服务器等候请求时发生超时。
409 （冲突） 服务器在完成请求时发生冲突。 服务器必须在响应中包含有关冲突的信息。
410 （已删除） 如果请求的资源已永久删除，服务器就会返回此响应。
411 （需要有效长度） 服务器不接受不含有效内容长度标头字段的请求。
412 （未满足前提条件） 服务器未满足请求者在请求中设置的其中一个前提条件。
413 （请求实体过大） 服务器无法处理请求，因为请求实体过大，超出服务器的处理能力。
414 （请求的 URI 过长） 请求的 URI（通常为网址）过长，服务器无法处理。
415 （不支持的媒体类型） 请求的格式不受请求页面的支持。
416 （请求范围不符合要求） 如果页面无法提供请求的范围，则服务器会返回此状态代码。
417 （未满足期望值） 服务器未满足”期望”请求标头字段的要求。

5xx（服务器错误）
这些状态代码表示服务器在尝试处理请求时发生内部错误。 这些错误可能是服务器本身的错误，而不是请求出错。

代码 说明
500 （服务器内部错误） 服务器遇到错误，无法完成请求。
501 （尚未实施） 服务器不具备完成请求的功能。 例如，服务器无法识别请求方法时可能会返回此代码。
502 （错误网关） 服务器作为网关或代理，从上游服务器收到无效响应。
503 （服务不可用） 服务器目前无法使用（由于超载或停机维护）。 通常，这只是暂时状态。
504 （网关超时） 服务器作为网关或代理，但是没有及时从上游服务器收到请求。
505 （HTTP 版本不受支持） 服务器不支持请求中所用的 HTTP 协议版本。

详细内容请参考:

http://www.nginx.org/en/docs/http/ngx_http_mp4_module.html

之前打过ku6 的h.264的朋友.可以不用再为这补丁更新而烦了.

RCODE Response code – this four bit field is undefined in requests
and set in responses. The values and meanings of this field
within responses are as follows:

Mneumonic Value Description
————————————————————
NOERROR 0 No error condition.
FORMERR 1 The name server was unable to interpret
the request due to a format error.
SERVFAIL 2 The name server encountered an internal
failure while processing this request,
for example an operating system error
or a forwarding timeout.
NXDOMAIN 3 Some name that ought to exist,
does not exist.
NOTIMP 4 The name server does not support
the specified Opcode.
REFUSED 5 The name server refuses to perform the
specified operation for policy or
security reasons.
YXDOMAIN 6 Some name that ought not to exist,
does exist.
YXRRSET 7 Some RRset that ought not to exist,
does exist.
NXRRSET 8 Some RRset that ought to exist,
does not exist.

NOTAUTH 9 The server is not authoritative for
the zone named in the Zone Section.
NOTZONE 10 A name used in the Prerequisite or
Update Section is not within the
zone denoted by the Zone Section.

ZOCOUNT The number of RRs in the Zone Section.

PRCOUNT The number of RRs in the Prerequisite Section.

UPCOUNT The number of RRs in the Update Section.

ADCOUNT The number of RRs in the Additional Data Section.

Welcome to RPM and DPKG command reference. RPM is a package manager used in Red Hat Enterprise, Fedora, SuSE and many other Linux distributions. DPKG is a package manager used in Debian, Ubuntu and other Debian based distributions.

Below we will refer to {file.deb} or {file.rpm} which is a package file on the filesystem. When we refer to {package} we are talking about installed package

Installing / updating

RPM DPKG Description
rpm -i {file.rpm} dpkg -i {file.deb} Install package from a file
rpm -U {file.rpm} dpkg -i {file.deb} Update package from a file
Remove

RPM DPKG Description
rpm -e {package} dpkg -r {package} Remove a installed package
Querying

RPM DPKG Description
rpm -qa dpkg -l List all installed packages
rpm -ql {package} dpkg -L {package} List files in a installed package
rpm -qi dpkg -p {package} Show information about a installed package
rpm -qpi {file.rpm} dpkg -I {file.deb} Show information about package file
rpm -qpl {file.rpm} dpkg -c {file.deb} List files in a package file
Verifying

RPM DPKG Description
rpm -Va na Verify all installed packages
rpm -V {package} na Verify installed package

转自: http://packman.linux.is/

使用 DNS 的扩展名机制 (EDNS0)

DNS 的扩展机制（在 RFC 2671 中定义为 EDNS0）允许 DNS 请求者公布其 UDP 数据包的大小，并且更便于传输大于 512 字节（对于 UDP 数据包大小的原始 DNS 限制，RFC 1035）的数据包。DNS 服务器通过 UDP 传输层接收请求时，它对来自 OPT 资源记录 (RR) 的请求者的 UDP 数据包大小进行标识，测量其响应，以包含请求者指定的最大 UDP 数据包大小中允许的多个资源记录。有关资源记录的详细信息，请参阅资源记录参考。有关 RFC 的详细信息，请参阅DNS RFC。

ENDS0 UDP 响应

在 DNS 服务器假定请求者支持 EDNS0 之前，DNS 服务器必须接收包含 OPT 资源记录的查询。OPT 记录不包含实际 DNS 数据，其内容只与 UDP 传输层消息关联。OPT 记录将发送者的 UDP 负载大小存储在其 CLASS 字段中，并列出请求者可在请求者网络中传输的最大 UDP 负载中的字节数。

DNS 服务器接收包含公布最大 UDP 数据包大小的 OPT 记录的查询时，它将截断大于 OPT 记录中指定的限制的任何 UDP 响应的大小。

默认情况下，DNS 服务器包括 OPT 资源记录，该记录指明包含 OPT 资源记录的查询的最大响应数。有关修改 OPT 响应设置的信息，请参阅修改 EDNS0 配置。

如果 DNS 服务器接收不包含 OPT 资源记录的查询，它假定请求者的服务器不支持 EDNS0，并对假定发送者不接收大于 512 字节的 UDP 数据包的请求者进行响应。在这种情况下，DNS 服务器将其 UDP 响应大小截断为最大 512 字节。

EDNS0 UDP 查询

请求 DNS 服务器发送查询之前，它检查其高速缓存，确定响应服务器是否支持 EDNS0。如果响应 DNS 服务器支持 EDNS0，请求 DNS 服务器会将 OPT 资源记录附加到它发送的查询的附加部分。（所有查询都有五部分：头、问题、应答、授权机构和其他。）如果按照请求 DNS 服务器的高速缓存，响应 DNS 服务器不支持 EDNS0，请求 DNS 服务器不会在发送 OPT 资源记录前将其附加到查询中。有关详细信息，请参阅修改 UDP 消息的大小。

确定和缓存 EDNS0 支持

当 DNS 服务器接收包含 OPT 记录的主机的请求或响应时，DNS 服务器会缓存该主机支持的 EDNS 版本（例如，EDNS0）。如果来自主机的请求或响应中没有 OPT 记录，DNS 服务器的高速缓存会指出主机不支持 EDNS0。如果高速缓存已指出该主机支持 ENDS0，则不会更改高速缓存。

来自 http://technet.microsoft.com/zh-cn/library/cc785769(WS.10).aspx

bind 在9.8.0b1 released 中添加了一个 RPZ的功能

网上资料不多.我贴一个E文版本的说明.不译了.相对比较容易理解.
配置方法自己参考 bind 的FAQ和doc

Reverse Policy Zone (RPZ) FAQ
How much does RPZ cost?
RPZ is an open specification defined by the Internet Systems Consortium (ISC) with a reference
implementation available as a BIND extension. The BIND DNS server and RPZ extension are
available free of charge and can be downloaded from http://www.isc.org.
What is RPZ
The short answer is that Reverse Policy Zone (RPZ) enables DNS administrators to selectively
block DNS resolution of sites.
Why would I want to block DNS resolution?
There are places on the Internet that could cause harm to unsuspecting users who visit the site.
For example, lets say a site was put up on the Internet for the sole purpose of serving malware
that is advertised via spam. One of your customers gets a spammed email advertising a link on
that site and clicks on it. If the malware site’s host name or domain was listed in your RPZ aware
DNS server, your customer’s computer would be unable to resolve the address of the bad site.
Without the address, there would be no connection. You would have protected your user from
losing their personal information and/or prevented one more machine from becoming a bot.
What’s so great about RPZ?
Instantaneous threat mitigation. Let’s say you had an enterprise that consisted of 10,000 users
that pointed to 100 geographically dispersed corporate nameservers. If you identified a site that
you needed to block your employees from getting to, you could enter that site in your RPZ zone
and propagate it out to all your nameservers, worldwide, in a matter of seconds – seconds as in a
fraction of a minute. As soon as the RPZ zonefile gets propagated, your employees would be unable to resolve the ip address of the site, effectively mitigating the threat in near real time.
How does RPZ know what to block?
RPZ uses one or more files that contain host names and/or domains you want to block. When a
DNS query is made against a recursive nameserver that’s using RPZ, any host in the RPZ list will
not resolve to the actual IP address.
What does the DNS server return when a site gets blocked?
The RPZ file is actually a regular BIND zonefile. Most RPZ implementations will return an NXDOMAIN result when a blocked site is queried. NXDOMAIN essentially means that the DNS server
was unable to resolve what you asked it. You can, however, add whatever IP address you want
returned when your customer queries a blocked host or domain. Providing your own IP in response to a query on a blocked site can be useful for redirecting your customers to a warning
page.
Where do the RPZ lists of bad sites come from?
RPZ needs to know which hosts or domains you want to block from DNS resolution. You provide
that information to RPZ by adding a regular looking zone file on your DNS server, then populating
the zone with what you want to “block”. That list can be developed in-house or you can use
commercially available RPZ host files. Even if you use a commercial list, you can still add your
own list as well.What are the advantages of commercial lists?
Timeliness and completeness! At the time of this writing, the two most often used commercial
RPZ lists are rpz.spamhaus.org (a Spamhaus product) and rpz.surbl.org (a product of SURBL).
Spamhaus and SURBL continuously update their RPZ lists and push out updates about every 5
minutes. That’s every 5 minutes, every hour, every day. The domains that are listed by both
Spamhaus and SURBL are generally cultivated from links appearing in spam. New lists will
probably appear shortly that focus on other threat sources.
What do I need to implement RPZ?
The RPZ reference implementation is available as a BIND extension, so the first thing you’ll need
is a recent version of BIND that supports RPZ. The first version of BIND that natively provided
RPZ support was 9.8.0. Secondly, the DNS server you install RPZ on will only work if it’s a customer facing recursive nameserver. In other words, you want to install an RPZ aware resolver that
your clients point to for dns resolution.
How much bandwidth does RPZ need?
A properly configured nameserver that serves or receives RPZ zonefiles would use “incremental
zone transfers”. With incremental zone transfers, only the differences between the old and new
zonefile get transmitted. For example, if your RPZ zonefile contained 100,000 entries and you removed 10 and added 20 new hosts, the update would transmit only the 30 changes, not the entire
file of 110,000. This means that the zone updates generally take less than a second to propagate
to the secondaries and will result in only a few kilobits worth of traffic.
What kind of hardware do I need to support RPZ?
Generally speaking, if you’re simply receiving RPZ zonefiles, probably you can continue to use the
same hardware you currently have. The CPU overhead imposed by RPZ is negligible. The RPZ
files essentially become memory resident, so you would need enough RAM to store whatever
RPZ lists you’re using. In most cases, this would require under 1 gigabyte of additional RAM.
How many secondaries could I feed from one Bind server?
In the old days, the oldest systems got relegated for use as dns servers. Today, nameservers need
to be able to contend with DNSSEC, TSIG and millions of lookups per hour. If you’re providing
DNS services for others, you should be using modern equipment with adequate horsepower.
It’s difficult to predict what you would need in the way of hardware without knowing how much
use your system currently has. Let’s say you have a moderately sized box that has a single Nehalem quad core CPU and 8 gigs of RAM – you should be able to support well over 250 secondary nameservers that pull incremental zone transfers from you. If you’re supporting only a handful of secondaries, chances are what you have now would work just fine.
What documentation is available for RPZ?
If you download BIND you’ll find that contained within the tarball is the Bind Administrators Reference Manual (ARM). Documentation for RPZ can be found in the ARM in section 6.2.16.20.

在 bind 9.9.1a3 测试中 出现 after reducing the advertised EDNS UDP packet size to 512 octets
造成查询问题

在options选项中加入如下参数:
edns-udp-size 500;

#include <stdio.h>
#include <curl/curl.h>

static size_t WriteCallback(void *ptr, size_t size, size_t nmemb, void *data)
{
     /* we are not interested in the downloaded bytes itself,
      *      so we only return the size we would have saved ... */
       (void)ptr;  /* unused */
       (void)data; /* unused */
       return (size_t)(size * nmemb);
}

int main(int argc, char *argv[])
{
  CURL *curl;
  CURLcode res;
  FILE *headerfile;
  FILE *bodyfile;
  headerfile = fopen("header.txt", "w");
  bodyfile = fopen("/dev/null", "w");
  curl = curl_easy_init();
  if(curl) {
    res = curl_easy_setopt(curl, CURLOPT_URL, argv[1]);
    //curl_easy_setopt(curl,CURLOPT_HEADER, "http://www.sina.com.cn");
    curl_easy_setopt(curl, CURLOPT_WRITEHEADER, headerfile);
    //curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, WriteCallback);
    curl_easy_setopt(curl, CURLOPT_WRITEDATA, bodyfile);
    res = curl_easy_perform(curl);
   }

   if (CURLE_OK == res){
      double dsize;
      res = curl_easy_getinfo(curl, CURLINFO_SIZE_DOWNLOAD, &dsize);
          if((CURLE_OK == res) && (dsize > 0))
              printf("Data downloaded size: %0.3f kbyte/sec\n", dsize / 1024 );

      int code;
      res= curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &code);
          if((CURLE_OK == res) && (code > 0))
             printf("The Response code is: %d \n", code);

    double datatime;
    res = curl_easy_getinfo(curl,CURLINFO_NAMELOOKUP_TIME, &datatime);
         // if((CURLE_OK == res) && (datatime > 0))
          if((CURLE_OK == res) )
             printf("The Dns lookup time is: %0.3f sec.\n", datatime);

       double connect_time;
           res = curl_easy_getinfo(curl,CURLINFO_CONNECT_TIME, &connect_time);
               if((CURLE_OK == res) )
                  printf("The connect time  is: %0.3f sec.\n", connect_time);
       double totaltime;
     res = curl_easy_getinfo(curl, CURLINFO_TOTAL_TIME, &totaltime);
         if((CURLE_OK == res) && (totaltime > 0))
                  printf("Total download time: %0.3f sec.\n", totaltime);
    double speed;
    res = curl_easy_getinfo(curl, CURLINFO_SPEED_DOWNLOAD, &speed);
        if((CURLE_OK == res) && (speed > 0))
                 printf("Download speed: %0.3f kbyte/sec.\n", speed / 1024 );
   char *ip;
   res = curl_easy_getinfo(curl, CURLINFO_PRIMARY_IP, &ip);
           if(CURLE_OK == res)
              printf("The IP address is: %s\n", ip );
   //char * header;
   //res = curl_easy_getinfo(curl,CURLINFO_CONTENT_TYPE, &header);
   //       if(CURLE_OK == res)
   //          printf("The contet type is: %s\n", header );
   }

    /* always cleanup */
    curl_easy_cleanup(curl);
    fclose(headerfile);
    fclose(bodyfile);
  return 0;
}

编译:
gcc -Wall getall.c -o getall -lcurl

执行如下:

./getall www.selfcai.com.cn

下载地址
http://www.selfcai.com.cn/rpm/a.html
中的iso目录

361636ff15133bdb5df0ac6d311c360cf2d42be9 VeryCache-6.0-x86_64-CD.iso

方便使用.生成rpm
下载地址
http://www.selfcai.com.cn/rpm/a.html