Ubuntu 22.04.1默认采用systemd-resolved作为DNS维护服务，其生成的/etc/resolv.conf文件内容如下：

# This is /run/systemd/resolve/resolv.conf managed by man:systemd-resolved(8).
# Do not edit.
#
# This file might be symlinked as /etc/resolv.conf. If you're looking at
# /etc/resolv.conf and seeing this text, you have followed the symlink.
#
# This is a dynamic resolv.conf file for connecting local clients directly to
# all known uplink DNS servers. This file lists all configured search domains.
#
# Third party programs should typically not access this file directly, but only
# through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a
# different way, replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.

nameserver 192.168.1.1
search .

如果需要修改DNS服务器，则修改文件/etc/systemd/resolved.conf中的DNS字段，示例:

#  This file is part of systemd.
#
#  systemd is free software; you can redistribute it and/or modify it under the
#  terms of the GNU Lesser General Public License as published by the Free
#  Software Foundation; either version 2.1 of the License, or (at your option)
#  any later version.
#
# Entries in this file show the compile time defaults. Local configuration
# should be created by either modifying this file, or by creating "drop-ins" in
# the resolved.conf.d/ subdirectory. The latter is generally recommended.
# Defaults can be restored by simply deleting this file and all drop-ins.
#
# Use 'systemd-analyze cat-config systemd/resolved.conf' to display the full config.
#
# See resolved.conf(5) for details.

[Resolve]
# Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
# Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
# Google:     8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google
# Quad9:      9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
DNS=223.6.6.6 119.29.29.29
#FallbackDNS=
#Domains=
#DNSSEC=no
#DNSOverTLS=no
#MulticastDNS=no
#LLMNR=no
#Cache=no-negative
#CacheFromLocalhost=no
#DNSStubListener=yes
#DNSStubListenerExtra=
#ReadEtcHosts=yes
#ResolveUnicastSingleLabel=no

再重启服务生效：

sudo systemctl restart systemd-resolved

IP归属地查询

有一些网站提供免费的API，可以批量查询给定IP的归属地。以下是一些常用的免费IP地理位置API：

1. IPinfo.io 推荐:

   • 官网: ipinfo.io
   • 免费套餐每月允许多达 50,000 次请求。
   • API调用示例: http://ipinfo.io/8.8.8.8?token=$TOKEN
   • 需要注册获取API密钥。

2. ipstack 不推荐:

   • 官网: ipstack.com
   • 免费套餐每月允许 100 次请求。
   • API调用示例: http://api.ipstack.com/{IP}?access_key=YOUR_ACCESS_KEY
   • 需要注册获取API密钥。

3. IPgeolocation.io 推荐:

   • 官网: ipgeolocation.io
   • 免费套餐每天允许 1000 次请求，每月30K次。
   • API调用示例: https://api.ipgeolocation.io/ipgeo?apiKey=YOUR_API_KEY&ip={IP}
   • 需要注册获取API密钥。

4. ipapi 不推荐:

   • 官网: ipapi.com
   • 免费套餐每月允许 100 次请求。
   • API调用示例: http://api.ipapi.com/{IP}?access_key=YOUR_ACCESS_KEY
   • 需要注册获取API密钥。

5. IP2Location 推荐:

   • 官网: ip2location.com
   • 免费试用版本每月允许 30K 次查询。
   • API调用示例: https://api.ip2location.io/?key={YOUR_API_KEY}&ip=8.8.8.8&format=json
   • 需要注册获取API密钥。

这些API服务通常都提供一定数量的免费查询额度，可以满足一些基本的需求。如果需要进行大量查询，可能需要考虑付费版本。建议在选择之前详细阅读每个服务的免费套餐条款，以确定其是否满足您的需求。

受CVE-2024-6387漏洞影响，各大版本的openssh基本上都要更新（这个漏洞存在于 OpenSSH < 4.4p1 或 8.5p1 <= OpenSSH < 9.8p1 的版本中），目前各大版本也都发布了安全更新，debian/ubuntu系升级主要两条指令：

sudo apt update
sudo apt install --only-upgrade openssh-server

升级后，确认一下版本：

ssh -V

• debian:

  bullseye (security), bullseye    1:8.4p1-5+deb11u3
    bookworm (security)    1:9.2p1-2+deb12u3
                 sid    1:9.7p1-7

• ubuntu:

  jammy    Released (1:8.9p1-3ubuntu0.10)
  mantic    Released (1:9.3p1-1ubuntu3.6)
  noble    Released (1:9.6p1-3ubuntu13.3)

常用的标准Linux环境里都有Systemd提供后台服务进程管理及保活，但是在一些特殊的运行环境还是需要简易的解决方案。

比如在serv00服务器freeBSD Linux环境下，可以写这个这样的脚本：

check_and_start_process.sh

#!/bin/bash

# Define process name and start command
PROCESS_NAME="command"
START_COMMAND="/path/to/your/command"

# Check if the process is running
if ! pgrep -f "$PROCESS_NAME" > /dev/null
then
    echo "Process $PROCESS_NAME is not running, starting it now..."
    # Start the process
    $START_COMMAND &
    if [ $? -eq 0 ]; then
        echo "Process $PROCESS_NAME started successfully."
    else
        echo "Failed to start process $PROCESS_NAME."
    fi
else
    echo "Process $PROCESS_NAME is already running."
fi

修改脚本中的PROCESS_NAME和START_COMMAND值，并增加运行权限：

chmod +x check_and_start_process.sh

接着添加定时任务：

crontab -e

每5分钟检测一次：

*/5 * * * * /path/to/check_and_start_process.sh

提示
在serv00服务器中，定时任务执行后如果会触发email，则改用：

*/5 * * * * /path/to/check_and_start_process.sh > /dev/null 2>&1