1、详细描述一次加密通讯的过程,结合图示最佳。
2、描述创建私有CA的过程,以及为客户端发来的证书请求进行办法证书。
3、描述DNS查询过程以及DNS服务器类别。
4、搭建一套DNS服务器,负责解析magedu.com域名(自行设定主机名及IP)
(1)、能够对一些主机名进行正向解析和逆向解析;
(2)、对子域cdn.magedu.com进行子域授权,子域负责解析对应子域中的主机名;
(3)、为了保证DNS服务系统的高可用性,请设计一套方案,并写出详细的实施过程。
1、 详细描述一次加密通讯的过程,结合图示最佳。
一次会话,发邮件,用户和用户之间的数据加密: (1)生成数据; (2)用单向加密数据生成特征码; (3)用自己的私钥加密特征码放在数据后面; (4)生成临时会话密钥加密特征码和数据; (5)用对方的公钥加密临时密钥。
单向加密:只能加密,不能解密,提取数据指纹(特征码),来保证数据的完整性,如上图的第二步,单向加密的协议有MD5,SHA等 非对称加密:公钥和私钥成对出现,私钥必须本机器保存,用公钥加密的数据,只能使用与之配对儿 的私钥解密;反之亦然,数字签名是私钥加密特征码,如上图的第三步;实现对称秘钥交换,如上图 第五步 对称加密:加密和解密使用同样的密钥,实现数据加密,产生对称密钥,如上图的第四步
2、描述创建私有CA的过程,以及为客户端发来的证书请求进行办法证书。
1、创建所需要的文件(在192.168.190.131) 2、CA自签证书(在192.168.190.131) (1)生成私钥文件(/etc/pki/CA/private/cakey.pem): (2)生成自签证书(/etc/pki/CA/cacert.pem) 3、发证 (1)用到证书的主机生成证书请求(在192.168.190.135) 生成私钥文件:(/tmp/test.key) 生成证书请求:(/tmp/test.csr) (2)把请求文件传输给CA(192.168.190.135) (3)CA签署证书,并将证书还给请求者:(192.168.190.131)
下面开始创建CA(192.168.190.131):
[root@localhost ~]# ls /etc/pki/CA certs crl newcerts private [root@localhost ~]# cd !$ cd /etc/pki/CA
1、创建所需要的文件
[root@localhost CA]# touch index.txt [root@localhost CA]# echo 01 > serial [root@localhost CA]# cat !$ cat serial 01
2、CA自签证书
(1)生成私钥文件(/etc/pki/CA/private/cakey.pem):
[root@localhost CA]# ( umask 077;openssl genrsa -out /etc/pki/CA/private/cakey.pem 2048 ) Generating RSA private key, 2048 bit long modulus ...+++ ..................................+++ e is 65537 (0x10001) [root@localhost CA]# ll private/ total 4 -rw-------. 1 root root 1675 Sep 2 13:40 cakey.pem
(2)生成自签证书(/etc/pki/CA/cacert.pem)
[root@localhost CA]# openssl req -new -x509 -key /etc/pki/CA/private/cakey.pem -days 7300 -out /etc/pki/CA/cacert.pem You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:Anhui Locality Name (eg, city) [Default City]:Hefei Organization Name (eg, company) [Default Company Ltd]:CANGE Organizational Unit Name (eg, section) []:Qixinban Common Name (eg, your name or your server's hostname) []:ca.change.com Email Address []:caadmin@change.com # cacert.pem是证书,内含CA公钥
3、发证(在另一个主机上192.168.190.135)
(1)用到证书的主机生成证书请求
生成私钥文件:(/tmp/test.key)
[root@localhost tmp]# ( umask 077;openssl genrsa -out /tmp/test.key 2048 ) Generating RSA private key, 2048 bit long modulus ...+++ ............................+++ e is 65537 (0x10001)
生成证书请求:(/tmp/test.csr)
[root@localhost tmp]# openssl req -new -key /tmp/test.key -days 365 -out /tmp/test.csr You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:Anhui Locality Name (eg, city) [Default City]:Hefei Organization Name (eg, company) [Default Company Ltd]:CANGE Organizational Unit Name (eg, section) []:Qixinban Common Name (eg, your name or your server's hostname) []:ca.change.com Email Address []:caadmin@change.com Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:123456 An optional company name []:CANGE
(2)把请求文件传输给CA(192.168.190.135)
[root@localhost tmp]# scp /tmp/test.csr root@192.168.190.131:/tmp/
(3)CA签署证书,并将证书还给请求者:(192.168.190.131)
[root@localhost CA]# openssl ca -in /tmp/test.csr -out /tmp/test.crt -days 365 Using configuration from /etc/pki/tls/openssl.cnf Check that the request matches the signature Signature ok Certificate Details: Serial Number: 1 (0x1) Validity Not Before: Sep 2 06:47:04 2016 GMT Not After : Sep 2 06:47:04 2017 GMT Subject: countryName = CN stateOrProvinceName = Anhui organizationName = CANGE organizationalUnitName = Qixinban commonName = ca.change.com emailAddress = caadmin@change.com X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Netscape Comment: OpenSSL Generated Certificate X509v3 Subject Key Identifier: 95:1B:A9:FC:E3:F9:03:A7:43:9F:FE:F5:1B:9D:1C:7C:DD:1B:71:2E X509v3 Authority Key Identifier: keyid:A0:D7:52:FE:07:17:91:62:F4:AC:AE:4E:77:E5:1E:44:92:D8:97:BE Certificate is to be certified until Sep 2 06:47:04 2017 GMT (365 days) Sign the certificate? [y/n]:y 1 out of 1 certificate requests certified, commit? [y/n]y Write out database with 1 new entries Data Base Updated
查看证书中信息:(index.txt)
[root@localhost CA]# cat index.txt serialV 170902064704Z 01 unknown /C=CN/ST=Anhui/O=CANGE/OU=Qixinban/CN=ca.change.com/emailAddress=caadmin@change.com02
3、描述DNS查询过程以及DNS服务器类别。
一、DNS:(Domain Name Service)域名系统,因特网上作为域名和IP地址相互映射的一个分布式 数据库,能够使用户更方便的访问互联网,而不用去记住能够被机器直接读取的IP数串。使用tcp/53 进行区域传输,udp/53进行查询操作;根域名全球13台服务器,顶级域名(国家级cn uk… ,通用级 org com net…,反向域),二级域名,三级域名 二、DNS查询方法: 1、递归查询:要求DNS直接给出域名对应的IP。 2、迭代查询:通常是发生在DNS服务器间,当请求的域名不再自己所负责的解析范围内,便开始从根 迭代直到查询到相应解析为止。
三、DNS查询过程: 服务器向根域名服务器发出查询请求,根服务器返回可以查询到的服务器列表,然后在向该服务器发 送相同的请求获取结果。 Client –> hosts文件 –> DNS Service–>Local Cache –> DNS Server (recursion递归) –> Server Cache –> iteration(迭代) –>其他DNS服务器 四、DNS服务器类别: 1、主DNS服务器:维护所负责解析的域内解析库服务器,解析库由管理维护; 2、从DNS服务器:从主DNS服务器或其它的从DNS服务器那里区域传输一份解析库; 3、缓存DNS服务器:为客户端缓存客户端曾经查询的记录,找不到时,DNS服务器去迭代查询; 4、转发器:当请求的DNS记录不在自己所负责的解析区域时,交给转发器处理,转发器去迭代查询。
4、搭建一套DNS服务器,负责解析magedu.com域名(自行设定主机名及IP)
(1)、能够对一些主机名进行正向解析和逆向解析;
(2)、对子域cdn.magedu.com进行子域授权,子域负责解析对应子域中的主机名;
(3)、为了保证DNS服务系统的高可用性,请设计一套方案,并写出详细的实施过程。
首先,要给每个服务器安装bind: [root@localhost ~]# yum install bind -y 主服务器(父域):192.168.190.131 magedu.com 从服务器:192.168.190.134 ns2.magedu.com 子域:192.168.190.135 cdn.magedu.com
(1)、能够对一些主机名进行正向解析和逆向解析; 配置服务器的正解和反解,主服务器(父域):192.168.190.131 magedu.com (2)、对子域cdn.magedu.com进行子域授权,子域负责解析对应子域中的主机名; 子域:192.168.190.135 cdn.magedu.com (3)、为了保证DNS服务系统的高可用性,请设计一套方案,并写出详细的实施过程 配置主从服务器,从服务器:192.168.190.134 ns2.magedu.com
一、主服务器的配置(192.168.190.131)
1、 配置缓冲名称服务器/etc/named.conf
[root@localhost ~]# vim /etc/named.conf options { // listen-on port 53 { 127.0.0.1; }; // listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { any; }; recursion yes; // dnssec-enable yes; // dnssec-validation yes; /* Path to ISC DLV key */ // bindkeys-file "/etc/named.iscdlv.key"; // managed-keys-directory "/var/named/dynamic"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { type hint; file "named.ca"; }; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key";
2、主DNS名称服务器
(1)在主配置文件中定义区域 /etc/named.rfc1912.zones
[root@localhost ~]# vim /etc/named.conf #在最后面添加 zone "magedu.com" IN { # 正向解析 type master; # 类型为主DNS file "magedu.com.zone"; # 正向解析文件位置 };
(2)定义区域解析库文件 /var/named/magedu.com.zone
[root@localhost ~]# vim /var/named/magedu.com.zone $TTL 8640 $ORIGIN magedu.com. @ IN SOA ns1.magedu.com. admin.magedu.com. ( # SOA字段 20160843001 # 版本号,同步一次+1 1H # 更新时间1h 2M # 更新失败,重试更新时间 2min 3D # 更新失败多长时间后此DNS失效时间3day 1D # 解析不到请求不予回复的时间 ) IN NS ns1.magedu.com. # 域名服务器 IN NS ns2.magedu.com. # 从服务器 IN MX 10 mx1.magedu.com. # 定义邮件服务器,10指优先级 ns1 IN A 192.168.190.131 # ns1域名服务器的IP地址 ns2 IN A 192.168.190.134 # ns2从服务器的IP地址 mx1 IN A 192.168.190.130 # mx1邮件服务器的IP地址 www IN A 192.168.190.132 # www.magedu.com的IP地址 cname IN CNAME www # 别名
检查语法错误:
[root@localhost ~]# named-checkconf [root@localhost ~]# named-checkzone "magedu.com.zone" /var/named/magedu.com.zone zone magedu.com.zone/IN: magedu.com.zone/MX 'mx1.magedu.com' (out of zone) has no addresses records (A or AAAA) zone magedu.com.zone/IN: loaded serial 2016083001 OK
3、反向区域
(1)定义区域 /etc/named.rfc1912.zones
[root@localhost ~]# vim /etc/named.conf #在最后面添加 zone "190.168.192.in-addr.arpa" IN { # 反向解析 type master; # 类型为主DNS file "192.168.190.zone"; # 反向解析文件位置 };
(2)区域解析库文件 /var/named/192.168.190.zone
$TTL 86440 @ IN SOA ns1.magedu.com. admin.magedu.com. ( 2016083001 1H 2M 3D 1D) IN NS ns1.magedu.com. 131 IN PTR ns1.magedu.com.
(3)更改两个自定义区域文件的权限为640和属组为named
[root@localhost ~]# chmod 640 /var/named/magedu.com.zone /var/named/192.168.190.zone [root@localhost ~]# chown :named /var/named/magedu.com.zone /var/named/192.168.190.zone
(4)重启DNS,然后进行正向方向解析测试
[root@localhost ~]# service named restart Stopping named: [ OK ] Starting named: [ OK ] [root@localhost ~]# rndc reload server reload successful [root@localhost ~]# dig -t A www.magedu.com @192.168.190.131 # 正向解析 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6 <<>> -t A www.magedu.com @192.168.190.131 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16244 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;www.magedu.com. IN A ;; ANSWER SECTION: www.magedu.com. 86440 IN A 192.168.190.132 ;; AUTHORITY SECTION: magedu.com. 86440 IN NS ns1.magedu.com. ;; ADDITIONAL SECTION: ns1.magedu.com. 86440 IN A 192.168.190.131 ;; Query time: 1 msec ;; SERVER: 192.168.190.131#53(192.168.190.131) ;; WHEN: Thu Sep 1 10:46:07 2016 ;; MSG SIZE rcvd: 82 [root@localhost ~]# dig -x 192.168.190.131 @192.168.190.131 # 反向解析 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6 <<>> -x 192.168.190.131 @192.168.190.131 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10250 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;131.190.168.192.in-addr.arpa. IN PTR ;; ANSWER SECTION: 131.190.168.192.in-addr.arpa. 86440 IN PTR ns1.magedu.com. ;; AUTHORITY SECTION: 190.168.192.in-addr.arpa. 86440 IN NS ns1.magedu.com. ;; ADDITIONAL SECTION: ns1.magedu.com. 86440 IN A 192.168.190.131 ;; Query time: 0 msec ;; SERVER: 192.168.190.131#53(192.168.190.131) ;; WHEN: Thu Sep 1 10:47:23 2016 ;; MSG SIZE rcvd: 104
二、从服务器配置(192.168.190.134)
在上面的配置ns2的IP地址是192.168.190.134,把此服务器配置为从服务器。 注意:从服务器一定要在主服务器上通过NS体现出来,否则更新配置时,主服务无法主动通知从服务器。 从服务器不需要区域文件,只要在named.rfc1912.zone文件中配置区域,指定为slave ,并指定 masters的IP地址便可。同步成功后,自动会在/var/named/slaves/目录下创建区域的文件。
1、主配置文件/etc/named.rfc1912.zone
[root@localhost ~]# vim /etc/named.rfc1912.zones # 在后面直接添加 zone "magedu.com" IN { type slave; masters { 192.168.190.131; }; file "slaves/magedu.com.zone"; }; [root@localhost ~]# service named restart Stopping named: [ OK ] Starting named: [ OK ]
2、查看从服务器同步过来的区域配置文件/var/named/slaves/magedu.com.zone
[root@localhost ~]# cat /var/named/slaves/magedu.com.zone $ORIGIN . $TTL 86440 ; 1 day 40 seconds magedu.com IN SOA ns1.magedu.com. admin.magedu.com. ( 2016083001 ; serial 3600 ; refresh (1 hour) 120 ; retry (2 minutes) 259200 ; expire (3 days) 86400 ; minimum (1 day) ) NS ns1.magedu.com. NS ns2.magedu.com. MX 10 mx1.magedu.com. $ORIGIN magedu.com. cname CNAME www mx1 A 192.168.190.130 ns1 A 192.168.190.131 ns2 A 192.168.190.134 www A 192.168.190.132
3、反解从服务器的配置/etc/named.rfc1912.zones
[root@localhost ~]# vim /etc/named.rfc1912.zones # 直接在后面添加 zone "190.168.192.in-addr.arpa" IN { type slave; masters { 192.168.190.131; }; file "slaves/192.168.190.zone"; }; [root@localhost ~]# service named restart Stopping named: . [ OK ] Starting named: [ OK ]
查看日志文件 /var/log/messages
[root@localhost ~]# tail /var/log/messages
4、查看同步过来的反解区域配置文件/var/named/slaves/192.168.190.zone
[root@localhost ~]# cat /var/named/slaves/192.168.190.zone $ORIGIN . $TTL 86440 ; 1 day 40 seconds 190.168.192.in-addr.arpa IN SOA ns1.magedu.com. admin.magedu.com. ( 2016083001 ; serial 3600 ; refresh (1 hour) 120 ; retry (2 minutes) 259200 ; expire (3 days) 86400 ; minimum (1 day) ) NS ns1.magedu.com. $ORIGIN 190.168.192.in-addr.arpa. 131 PTR ns1.magedu.com.
三、子域授权
1、在父域(192.168.190.131):
(1)缓存名称服务器: /etc/named.conf 通过forward启动全局转发,转发给上层172.16.92.20。 如果此父域能够访问根域服务器,此可配可不配。 [root@localhost ~]# vim /etc/named.conf # 在options里面添加 forward first; forwarders { 172.16.92.20; }; dnssec-enable no; dnssec-validation no;
(2)在区域解析库文件添加授权子域:/var/named/magedu.com.zone [root@localhost ~]# vim /var/named/magedu.com.zone IN NS centos cdn.magedu.com. IN NS centos.cdn.magedu.com.#子域名称服务器 centos.cdn.magedu.com. IN A 192.168.190.135#子域名称服务器主机记录 [root@localhost ~]# rndc reload server reload successful
2、 子域 192.168.190.135:
(1)缓存名称服务器:/etc/named.conf
[root@localhost ~]# vim /etc/named.conf options { // listen-on port 53 { 127.0.0.1; }; // listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { any; }; recursion yes; dnssec-enable no; dnssec-validation no; /* Path to ISC DLV key */ /* Path to ISC DLV key */ // bindkeys-file "/etc/named.iscdlv.key"; // managed-keys-directory "/var/named/dynamic"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { type hint; file "named.ca"; }; #zone "magedu.com" IN { # type forward; # forward only; # type forwarders { 192.168.190.131; }; #};
(2)在主配置文件中定义区域:/etc/named.rfc1912.zones
[root@localhost ~]# vim /etc/named.rfc1912.zones # 在后面直接添加 zone "cdn.magedu.com" IN { type master; file "cdn.magedu.com.zone"; };
(3)定义区域解析库文件:/var/named/cdn.magedu.com.zone
[root@localhost ~]# vim /var/named/cdn.magedu.com.zone $TTL 86440 $ORIGIN cdn.magedu.com. @ IN SOA centos.cdn.magedu.com. admin.centos.cdn.magedu.com. ( 2016083001 1H 2M 3D 1D) IN NS centos.cdn.magedu.com. centos IN A 192.168.190.135 www IN A 192.168.190.132 * IN A 192.168.190.132
(4)更改区域文件的权限为640和属组为named
[root@localhost ~]# chmod 640 /var/named/cdn.magedu.com.zone [root@localhost ~]# chown :named !$ chown :named /var/named/cdn.magedu.com.zone [root@localhost ~]# service named restart Stopping named: [ OK ] Starting named: [ OK ]
(5)重启DNS并检验结果
[root@localhost ~]# rndc reload server reload successful [root@localhost ~]# rndc status version: 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6 CPUs found: 1 worker threads: 1 number of zones: 20 debug level: 0 xfers running: 0 xfers deferred: 0 soa queries in progress: 0 query logging is OFF recursive clients: 0/0/1000 tcp clients: 0/100 server is up and running 测试: [root@localhost ~]# dig -t NS cdn.magedu.com @192.168.190.135 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6 <<>> -t NS cdn.magedu.com @192.168.190.135 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2745 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; QUESTION SECTION: ;cdn.magedu.com. IN NS ;; ANSWER SECTION: cdn.magedu.com. 86440 IN NS centos.cdn.magedu.com. ;; ADDITIONAL SECTION: centos.cdn.magedu.com. 86440 IN A 192.168.190.135 ;; Query time: 1 msec ;; SERVER: 192.168.190.135#53(192.168.190.135) ;; WHEN: Thu Sep 1 19:12:06 2016 ;; MSG SIZE rcvd: 69 [root@localhost ~]# dig -t A centos.cdn.magedu.com @192.168.190.135 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6 <<>> -t A centos.cdn.magedu.com @192.168.190.135 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9330 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;centos.cdn.magedu.com. IN A ;; ANSWER SECTION: centos.cdn.magedu.com. 86440 IN A 192.168.190.135 ;; AUTHORITY SECTION: cdn.magedu.com. 86440 IN NS centos.cdn.magedu.com. ;; Query time: 0 msec ;; SERVER: 192.168.190.135#53(192.168.190.135) ;; WHEN: Thu Sep 1 19:15:04 2016 ;; MSG SIZE rcvd: 69 [root@localhost ~]# dig -t A www.cdn.magedu.com @192.168.190.135 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6 <<>> -t A www.cdn.magedu.com @192.168.190.135 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25602 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;www.cdn.magedu.com. IN A ;; ANSWER SECTION: www.cdn.magedu.com. 86440 IN A 192.168.190.132 ;; AUTHORITY SECTION: cdn.magedu.com. 86440 IN NS centos.cdn.magedu.com. ;; ADDITIONAL SECTION: centos.cdn.magedu.com. 86440 IN A 192.168.190.135 ;; Query time: 0 msec ;; SERVER: 192.168.190.135#53(192.168.190.135) ;; WHEN: Thu Sep 1 19:22:47 2016 ;; MSG SIZE rcvd: 89 [root@localhost ~]# dig -t A www.magedu.com @192.168.190.131 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6 <<>> -t A www.magedu.com @192.168.190.131 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20167 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;www.magedu.com. IN A ;; ANSWER SECTION: www.magedu.com. 86440 IN A 192.168.190.132 ;; AUTHORITY SECTION: magedu.com. 86440 IN NS ns2.magedu.com. magedu.com. 86440 IN NS ns1.magedu.com. ;; ADDITIONAL SECTION: ns1.magedu.com. 86440 IN A 192.168.190.131 ns2.magedu.com. 86440 IN A 192.168.190.134 ;; Query time: 1 msec ;; SERVER: 192.168.190.131#53(192.168.190.131) ;; WHEN: Thu Sep 1 19:23:29 2016 ;; MSG SIZE rcvd: 116
原创文章,作者:二极管,如若转载,请注明出处:http://www.178linux.com/43368
评论列表(1条)
有图有文字,思路清晰,赞。