8月 102018
 

安装

MacBookAir:~ harveymei$ brew install ansible
==> Installing dependencies for ansible: libyaml, openssl, gdbm, readline, sqlite, python@2
==> Installing ansible dependency: libyaml
==> Downloading https://homebrew.bintray.com/bottles/libyaml-0.2.1.high_sierra.bottle.tar.gz
######################################################################## 100.0%
==> Pouring libyaml-0.2.1.high_sierra.bottle.tar.gz
🍺 /usr/local/Cellar/libyaml/0.2.1: 9 files, 298.9KB
==> Installing ansible dependency: openssl
==> Downloading https://homebrew.bintray.com/bottles/openssl-1.0.2o_2.high_sierra.bottle.tar.gz
######################################################################## 100.0%
==> Pouring openssl-1.0.2o_2.high_sierra.bottle.tar.gz
==> Caveats
A CA file has been bootstrapped using certificates from the SystemRoots
keychain. To add additional certificates (e.g. the certificates added ina
the System keychain), place .pem files in
/usr/local/etc/openssl/certs

and run
/usr/local/opt/openssl/bin/c_rehash

This formula is keg-only, which means it was not symlinked into /usr/local,
because Apple has deprecated use of OpenSSL in favor of its own TLS and crypto libraries.

If you need to have this software first in your PATH run:
echo 'export PATH="/usr/local/opt/openssl/bin:$PATH"' >> ~/.bash_profile

For compilers to find this software you may need to set:
LDFLAGS: -L/usr/local/opt/openssl/lib
CPPFLAGS: -I/usr/local/opt/openssl/include

==> Summary
🍺 /usr/local/Cellar/openssl/1.0.2o_2: 1,792 files, 12.3MB
==> Installing ansible dependency: gdbm
==> Downloading https://homebrew.bintray.com/bottles/gdbm-1.17.high_sierra.bottle.tar.gz
######################################################################## 100.0%
==> Pouring gdbm-1.17.high_sierra.bottle.tar.gz
🍺 /usr/local/Cellar/gdbm/1.17: 20 files, 581.4KB
==> Installing ansible dependency: readline
==> Downloading https://homebrew.bintray.com/bottles/readline-7.0.5.high_sierra.bottle.tar.gz
######################################################################## 100.0%
==> Pouring readline-7.0.5.high_sierra.bottle.tar.gz
==> Caveats
This formula is keg-only, which means it was not symlinked into /usr/local,
because macOS provides the BSD libedit library, which shadows libreadline.
In order to prevent conflicts when programs look for libreadline we are
defaulting this GNU Readline installation to keg-only.

For compilers to find this software you may need to set:
LDFLAGS: -L/usr/local/opt/readline/lib
CPPFLAGS: -I/usr/local/opt/readline/include

==> Summary
🍺 /usr/local/Cellar/readline/7.0.5: 46 files, 1.5MB
==> Installing ansible dependency: sqlite
==> Downloading https://homebrew.bintray.com/bottles/sqlite-3.24.0.high_sierra.bottle.tar.gz
######################################################################## 100.0%
==> Pouring sqlite-3.24.0.high_sierra.bottle.tar.gz
==> Caveats
This formula is keg-only, which means it was not symlinked into /usr/local,
because macOS provides an older sqlite3.

If you need to have this software first in your PATH run:
echo 'export PATH="/usr/local/opt/sqlite/bin:$PATH"' >> ~/.bash_profile

For compilers to find this software you may need to set:
LDFLAGS: -L/usr/local/opt/sqlite/lib
CPPFLAGS: -I/usr/local/opt/sqlite/include

==> Summary
🍺 /usr/local/Cellar/sqlite/3.24.0: 11 files, 3.5MB
==> Installing ansible dependency: python@2
==> Downloading https://homebrew.bintray.com/bottles/python@2-2.7.15_1.high_sierra.bottle.1.tar.gz
######################################################################## 100.0%
==> Pouring python@2-2.7.15_1.high_sierra.bottle.1.tar.gz
==> /usr/local/Cellar/python@2/2.7.15_1/bin/python -s setup.py --no-user-cfg install --force --verbose --single-version-externally-managed --record=installed.txt --install-scripts=/usr/local/Cellar/python
==> /usr/local/Cellar/python@2/2.7.15_1/bin/python -s setup.py --no-user-cfg install --force --verbose --single-version-externally-managed --record=installed.txt --install-scripts=/usr/local/Cellar/python
==> /usr/local/Cellar/python@2/2.7.15_1/bin/python -s setup.py --no-user-cfg install --force --verbose --single-version-externally-managed --record=installed.txt --install-scripts=/usr/local/Cellar/python
==> Caveats
Pip and setuptools have been installed. To update them
pip install --upgrade pip setuptools

You can install Python packages with
pip install <package>

They will install into the site-package directory
/usr/local/lib/python2.7/site-packages

See: https://docs.brew.sh/Homebrew-and-Python
==> Summary
🍺 /usr/local/Cellar/python@2/2.7.15_1: 4,672 files, 82.6MB
==> Installing ansible
==> Downloading https://homebrew.bintray.com/bottles/ansible-2.6.2.high_sierra.bottle.tar.gz
######################################################################## 100.0%
==> Pouring ansible-2.6.2.high_sierra.bottle.tar.gz
🍺 /usr/local/Cellar/ansible/2.6.2: 12,187 files, 153.4MB
==> Caveats
==> openssl
A CA file has been bootstrapped using certificates from the SystemRoots
keychain. To add additional certificates (e.g. the certificates added in
the System keychain), place .pem files in
/usr/local/etc/openssl/certs

and run
/usr/local/opt/openssl/bin/c_rehash

This formula is keg-only, which means it was not symlinked into /usr/local,
because Apple has deprecated use of OpenSSL in favor of its own TLS and crypto libraries.

If you need to have this software first in your PATH run:
echo 'export PATH="/usr/local/opt/openssl/bin:$PATH"' >> ~/.bash_profile

For compilers to find this software you may need to set:
LDFLAGS: -L/usr/local/opt/openssl/lib
CPPFLAGS: -I/usr/local/opt/openssl/include

==> readline
This formula is keg-only, which means it was not symlinked into /usr/local,
because macOS provides the BSD libedit library, which shadows libreadline.
In order to prevent conflicts when programs look for libreadline we are
defaulting this GNU Readline installation to keg-only.

For compilers to find this software you may need to set:
LDFLAGS: -L/usr/local/opt/readline/lib
CPPFLAGS: -I/usr/local/opt/readline/include

==> sqlite
This formula is keg-only, which means it was not symlinked into /usr/local,
because macOS provides an older sqlite3.

If you need to have this software first in your PATH run:
echo 'export PATH="/usr/local/opt/sqlite/bin:$PATH"' >> ~/.bash_profile

For compilers to find this software you may need to set:
LDFLAGS: -L/usr/local/opt/sqlite/lib
CPPFLAGS: -I/usr/local/opt/sqlite/include

==> python@2
Pip and setuptools have been installed. To update them
pip install --upgrade pip setuptools

You can install Python packages with
pip install <package>

They will install into the site-package directory
/usr/local/lib/python2.7/site-packages

See: https://docs.brew.sh/Homebrew-and-Python
MacBookAir:~ harveymei$

配置

手动建立目录/etc/ansible/
手动建立主机配置文件/etc/ansible/hosts
密钥保存路径:/用户/harveymei/.ssh/
8月 092018
 

1)生成SSH密钥对并复制公钥到远程受控主机

2)安装EPEL以安装Ansible软件包

[harveymei@oms ~]$ yum info ansible
Loaded plugins: fastestmirror
Determining fastest mirrors
epel 12631/12631
Installed Packages
Name 
Arch : noarch
Version : 2.6.2
Release : 1.el7
Size : 52 M
Repo : installed
From repo : epel
Summary : SSH-based configuration management, deployment, and task execution system
URL : http://ansible.com
License : GPLv3+
Description : Ansible is a radically simple model-driven configuration management,
: multi-node deployment, and remote task execution system. Ansible works
: over SSH and does not require any software or daemons to be installed
: on remote nodes. Extension modules can be written in any language and
: are transferred to managed machines automatically.

[harveymei@oms ~]$

3)编辑主机配置文件

[root@oms ~]# vi /etc/ansible/hosts
[fileserver]
node01.linuxcache.com
node02.linuxcache.com
node03.linuxcache.com
node03.linuxcache.com
node05.linuxcache.com
node06.linuxcache.com
node07.linuxcache.com

4)使用Ansible在远程主机执行一条命令

[harveymei@oms ~]$ ansible fileserver --private-key=.ssh/id_ecdsa_ansible -m command -a uptime -u ops 
node01.linuxcache.com | SUCCESS | rc=0 >>
15:46:37 up 6 days, 23:33, 2 users, load average: 0.03, 0.04, 0.08

node02.linuxcache.com | SUCCESS | rc=0 >>
15:46:34 up 6 days, 23:27, 1 user, load average: 0.06, 0.03, 0.05

node03.linuxcache.com | SUCCESS | rc=0 >>
15:46:34 up 6 days, 23:28, 1 user, load average: 0.00, 0.01, 0.05

node04.linuxcache.com | SUCCESS | rc=0 >>
15:46:35 up 6 days, 23:23, 1 user, load average: 0.06, 0.03, 0.05

node05.linuxcache.com | SUCCESS | rc=0 >>
15:46:42 up 6 days, 23:29, 1 user, load average: 0.00, 0.05, 0.07

node06.linuxcache.com | SUCCESS | rc=0 >>
15:46:37 up 6 days, 23:22, 1 user, load average: 0.00, 0.01, 0.05

node07.linuxcache.com | SUCCESS | rc=0 >>
15:46:43 up 6 days, 23:29, 1 user, load average: 0.00, 0.01, 0.05

[harveymei@oms ~]$
在配置文件中指定SSH用户后无需在命令中指定-u参数
[root@oms ~]# vi /etc/ansible/hosts
node01.linuxcache.com ansible_ssh_user=ops
node02.linuxcache.com ansible_ssh_user=ops
node03.linuxcache.com ansible_ssh_user=ops
node03.linuxcache.com ansible_ssh_user=ops
node05.linuxcache.com ansible_ssh_user=ops
node06.linuxcache.com ansible_ssh_user=ops
node07.linuxcache.com ansible_ssh_user=ops

Ansible常用模块及用法

copy模块
ansible fileserver -m copy -a "src=/tmp/abc.txt dest=~/"

command模块
ansible fileserver -m command -a pwd

shell模块(Shell模块默认不加载环境变量)
ansible fileserver -m shell -a ". .bash_profile;ll /|grep tmp"

script模块
ansible fileserver -m script -a "~/run.sh"
8月 092018
 

SSH密钥对生成及快速导入以支持免密码登录

生成指定加密类型和强度的密钥对

MacBookAir:~ harveymei$ ssh-keygen -b 256 -t ecdsa -C ansible
Generating public/private ecdsa key pair.
Enter file in which to save the key (/Users/harveymei/.ssh/id_ecdsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /Users/harveymei/.ssh/id_ecdsa.
Your public key has been saved in /Users/harveymei/.ssh/id_ecdsa.pub.
The key fingerprint is:
SHA256:h3ROH2cqNPGJ8MRPru6RR+8uzupeXfGS6jsx1xTKIFI ansible
The key's randomart image is:
+---[ECDSA 256]---+
|        oEo      |
|       . =.=.. . |
|        o O+* +..|
|       . * ooB .+|
|        S +.+ ooo|
|         ..+o+.o.|
|         .o ++o  |
|          .*o.   |
|         +=o==o  |
+----[SHA256]-----+
MacBookAir:~ harveymei$ ls .ssh/
id_ecdsa        id_ecdsa.pub    known_hosts
MacBookAir:~ harveymei$

使用ssh-copy-id命令快速将公钥复制到目的主机

MacBookAir:~ harveymei$ ssh-copy-id -i .ssh/id_ecdsa.pub root@149.28.83.35
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: ".ssh/id_ecdsa.pub"
The authenticity of host '149.28.83.35 (149.28.83.35)' can't be established.
ECDSA key fingerprint is SHA256:Y+28z8sSqCprILoRIh1Qnob+uEWH3xaW5w8GbNR6y2o.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@149.28.83.35's password: 

Number of key(s) added: 1

Now try logging into the machine, with: "ssh 'root@149.28.83.35'"
and check to make sure that only the key(s) you wanted were added.

MacBookAir:~ harveymei$ 

导入成功后再次进行SSH连接,成功登录目的主机且无需验证密码

MacBookAir:~ harveymei$ ssh root@149.28.83.35
Last login: Thu Aug  9 05:51:38 2018 from 149.28.80.116
[root@test2 ~]# cat .ssh/authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC3MYnwqtWc5ncDiHw68s2534geuihRIoRrMDMjPOywgvZBN1Aok7CeALV+CqBaZyQV+K0vfOGa8ENBF35gM/SZi6wShaz1cKIURHXYRzCFjNU2eUACX9YjULxGbaYZwlu2jehy2Wt1BSpW20vUKlkZwBlfbpZLTHVhkbmxryEYVrsETu7vsj4les3UeIwdx+Dre4qyTHZB9uQiGtAQHFi+hjhIatDDuAaaca5pLif2UCej/XAxhvHgEaD/NUem0B3Rikvig0w3issneiNOfjAdIP0VCQ735oXdIm3TgoY5Mqdum7vPTz0QSRZW7ijByCmoPZ02/9G87AWwpgewOtCYuPwfGuy39Hl47fyT3012PVf4Z8ja2GW9PskidRG+mEJsYwPtpLV+6hoK3g4kEf297qp4k/YW6MDd9Ip2GVyvTviXPsMYVt4i7pUfRZeJ86F2GnaU5EvqwMncKFP348AzpkDtf50CXtVcjlV9ix+Hsw5tugzq9vaDjql8KCBaz07DWRb3eyTNicMKf5h37rJYV8w9jiMOILhFyyF4BQ6DtC7lwhDhYOJsi6G/Pp55v6eXltc3hS3kY9gfAUTTKYekvZRAz06TSJkgJ2sYo3Fdp0VuK3VhGDoS8YdCZSqLRYI4tHDDzfL5LGRd+vpX5W5wTTDdv9+kfQTXcklwBolFpw== root@test
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGduOgGxggQGK0a3ELs6cbMfAcY8P60/Y8mt/Ye2AZRFHYP7AME6NqAinWEPatFuw32S/mPuf8TQUjzAXZ3OMko= ansible
[root@test2 ~]# 
[root@test2 ~]# exit
Connection to 149.28.83.35 closed.
MacBookAir:~ harveymei$
8月 092018
 

添加Mongodb Yum软件仓库源

[root@tunnel ~]# sudo tee -a /etc/yum.repos.d/mongodb-org-3.6.repo << EOF
> [mongodb-org-3.6]
> name=MongoDB Repository
> baseurl=https://repo.mongodb.org/yum/redhat/7/mongodb-org/3.6/x86_64/
> gpgcheck=1
> enabled=1
> gpgkey=https://www.mongodb.org/static/pgp/server-3.6.asc
> EOF
[mongodb-org-3.6]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/7/mongodb-org/3.6/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-3.6.asc
[root@tunnel ~]#

添加Pritunl Yum软件仓库源

[root@tunnel ~]# sudo tee -a /etc/yum.repos.d/pritunl.repo << EOF
> [pritunl]
> name=Pritunl Repository
> baseurl=https://repo.pritunl.com/stable/yum/centos/7/
> gpgcheck=1
> enabled=1
> EOF
[pritunl]
name=Pritunl Repository
baseurl=https://repo.pritunl.com/stable/yum/centos/7/
gpgcheck=1
enabled=1
[root@tunnel ~]# cat /etc/yum.repos.d/pritunl.repo 
[pritunl]
name=Pritunl Repository
baseurl=https://repo.pritunl.com/stable/yum/centos/7/
gpgcheck=1
enabled=1
[root@tunnel ~]#

更新Yum缓存

[root@tunnel ~]# yum makecache

导入GPG签名公钥

[root@tunnel ~]# gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 7568D9BB55FF9E5287D586017AE645C0CF8E292A
gpg: directory `/root/.gnupg' created
gpg: new configuration file `/root/.gnupg/gpg.conf' created
gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/root/.gnupg/secring.gpg' created
gpg: keyring `/root/.gnupg/pubring.gpg' created
gpg: requesting key CF8E292A from hkp server keyserver.ubuntu.com
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key CF8E292A: public key "Pritunl <contact@pritunl.com>" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
[root@tunnel ~]#
[root@tunnel ~]# gpg --armor --export 7568D9BB55FF9E5287D586017AE645C0CF8E292A > key.tmp; sudo rpm --import key.tmp; rm -f 
key.tmp
[root@tunnel ~]#

使用Yum安装Pritunl和Mongodb

[root@tunnel ~]# yum -y install pritunl mongodb-org

启动服务,并注册系统服务

[root@tunnel ~]# systemctl start mongod pritunl
[root@tunnel ~]# systemctl enable mongod pritunl
Created symlink from /etc/systemd/system/multi-user.target.wants/pritunl.service to /etc/systemd/system/pritunl.service.
[root@tunnel ~]# systemctl status mongod
● mongod.service - High-performance, schema-free document-oriented database
Loaded: loaded (/usr/lib/systemd/system/mongod.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2018-08-08 10:07:00 UTC; 28s ago
Docs: https://docs.mongodb.org/manual
Main PID: 1732 (mongod)
CGroup: /system.slice/mongod.service
└─1732 /usr/bin/mongod -f /etc/mongod.conf

Aug 08 10:06:59 tunnel systemd[1]: Starting High-performance, schema-free document-oriented database...
Aug 08 10:06:59 tunnel mongod[1729]: about to fork child process, waiting until server is ready for connections.
Aug 08 10:06:59 tunnel mongod[1729]: forked process: 1732
Aug 08 10:07:00 tunnel systemd[1]: Started High-performance, schema-free document-oriented database.
[root@tunnel ~]# systemctl status pritunl
● pritunl.service - Pritunl Daemon
Loaded: loaded (/etc/systemd/system/pritunl.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2018-08-08 10:06:59 UTC; 35s ago
Main PID: 1724 (pritunl)
CGroup: /system.slice/pritunl.service
├─1724 /usr/lib/pritunl/bin/python2 /usr/lib/pritunl/bin/pritunl start
└─1778 pritunl-web

Aug 08 10:06:59 tunnel systemd[1]: Started Pritunl Daemon.
Aug 08 10:06:59 tunnel systemd[1]: Starting Pritunl Daemon...
[root@tunnel ~]#

查看服务及端口监听

[root@tunnel ~]# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name 
tcp 0 0 127.0.0.1:27017 0.0.0.0:* LISTEN 1732/mongod 
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 673/sshd 
tcp6 0 0 :::443 :::* LISTEN 1778/pritunl-web 
tcp6 0 0 ::1:9755 :::* LISTEN 1724/python2 
tcp6 0 0 :::80 :::* LISTEN 1778/pritunl-web 
tcp6 0 0 :::22 :::* LISTEN 673/sshd 
[root@tunnel ~]#

生成初始设置密钥

[root@tunnel ~]# pritunl setup-key
ba0cc9655df84af33bd5ab1baad20dac
[root@tunnel ~]#

登录Web管理界面进行配置

https://66.80.120.167/login

初始用户名密码:pritunl/pritunl

1)添加组织
2)添加用户
3)添加服务器
4)将组织附加到服务器
5)启动服务器
6)下载用户配置文件

防火墙及规则设置
禁用Firewalld防火墙

systemctl disable firewalld
systemctl stop firewalld

安装并启用iptables防火墙

yum -y install iptables-services
systemctl status iptables
systemctl enable iptables
systemctl start iptables

添加iptables规则并保存

iptables -I INPUT -p tcp --dport 80 -j ACCEPT
iptables -I INPUT -p tcp --dport 443 -j ACCEPT
iptables -I INPUT -p udp --dport 9443 -j ACCEPT
service iptables save
启动VPN Server服务
查看网络监听
[root@tunnel ~]# netstat -lntup
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name 
tcp 0 0 127.0.0.1:27017 0.0.0.0:* LISTEN 1732/mongod 
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 673/sshd 
tcp6 0 0 :::443 :::* LISTEN 1778/pritunl-web 
tcp6 0 0 ::1:9755 :::* LISTEN 1724/python2 
tcp6 0 0 :::80 :::* LISTEN 1778/pritunl-web 
tcp6 0 0 :::22 :::* LISTEN 673/sshd 
udp 0 0 127.0.0.1:323 0.0.0.0:* 435/chronyd 
udp 0 0 0.0.0.0:68 0.0.0.0:* 1216/dhclient 
udp6 0 0 :::9443 :::* 4926/openvpn 
udp6 0 0 ::1:323 :::* 435/chronyd 
[root@tunnel ~]#

查看网络接口状态

[root@tunnel ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host 
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 56:00:01:9f:8e:77 brd ff:ff:ff:ff:ff:ff
inet 66.80.120.167/23 brd 66.80.121.255 scope global dynamic eth0
valid_lft 85018sec preferred_lft 85018sec
inet6 2002:19f0:6001:3d90:5400:1ff:fe9f:8e77/64 scope global mngtmpaddr dynamic 
valid_lft 2591663sec preferred_lft 604463sec
inet6 fe80::5400:1ff:fe9f:8e77/64 scope link 
valid_lft forever preferred_lft forever
3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
link/none 
inet 10.20.30.1/24 brd 10.20.30.255 scope global tun0
valid_lft forever preferred_lft forever
inet6 fe80::fd51:af66:8daf:bb96/64 scope link flags 800 
valid_lft forever preferred_lft forever
[root@tunnel ~]#

查看防火墙状态

[root@tunnel ~]# cat /etc/sysconfig/iptables
# Generated by iptables-save v1.4.21 on Wed Aug 8 11:53:56 2018
*nat
:PREROUTING ACCEPT [117:7699]
:INPUT ACCEPT [20:1442]
:OUTPUT ACCEPT [8:552]
:POSTROUTING ACCEPT [8:552]
-A POSTROUTING -s 10.20.30.0/24 -o eth0 -m comment --comment pritunl-5b6ac2d6627aae06bc506714 -j MASQUERADE
COMMIT
# Completed on Wed Aug 8 11:53:56 2018
# Generated by iptables-save v1.4.21 on Wed Aug 8 11:53:56 2018
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [2028:1155767]
-A INPUT -p udp -m udp --dport 9443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -i tun4 -m comment --comment pritunl-5b6ac2d6627aae06bc506714 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -o tun4 -m comment --comment pritunl-5b6ac2d6627aae06bc506714 -j ACCEPT
-A FORWARD -i tun4 -m comment --comment pritunl-5b6ac2d6627aae06bc506714 -j ACCEPT
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A OUTPUT -o tun4 -m comment --comment pritunl-5b6ac2d6627aae06bc506714 -j ACCEPT
COMMIT
# Completed on Wed Aug 8 11:53:56 2018
[root@tunnel ~]#

在Linux CLI下以非交互式密码验证进行VPN连接

[root@localhost ~]# cd harveymei/

添加账户验证文件,用户名密码各占一行

[root@localhost harveymei]# vi account.txt

修改VPN配置文件,添加账户验证文件

[root@localhost harveymei]# vi LINUXCACHE_harveymei_LINUXCACHE.ovpn
auth-user-pass account.txt

启动

[root@localhost ~]# openvpn --daemon --cd harveymei/ --config LINUXCACHE_harveymei_LINUXCACHE.ovpn --log-append /var/log/openvpn.log
8月 072018
 

Ripple为历史交易数据查询启用总账历史维护

查看节点node的本地总账数据库编号范围

[tom@node ripple]$ rippled server_info --conf /usr/local/ripple/etc/rippled.cfg |grep complete
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 06:58:46.893224092 HTTPClient:NFO Connecting to 127.0.0.1:8008

"complete_ledgers" : "9-140454",
[tom@node ripple]$

查询一笔先前提交的交易详情

[tom@node ripple]$ rippled tx 6A7F157E02AB0E9E134D1F48110413ABF5CA29D61824E3358AAA516D3B6CB67D --conf /usr/local/ripple/etc/rippled.cfg 
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 06:58:52.518035660 HTTPClient:NFO Connecting to 127.0.0.1:8008

{
"result" : {
"Account" : "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
"Fee" : "10",
"Flags" : 2147483648,
"RegularKey" : "rac2ReJMqmtpUAysDiNnxurmEY6iwVns82",
"Sequence" : 1,
"SigningPubKey" : "0330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD020",
"TransactionType" : "SetRegularKey",
"TxnSignature" : "30440220011A56103E3FCFD990879A9E7BE30F9FF3DA618227772C23513D97FCF7E9FBF502201C2A15D155F73615B3C05FEA936DCDE320323B1549B19A30AC02E7DB91FDF9E3",
"date" : 586519652,
"hash" : "6A7F157E02AB0E9E134D1F48110413ABF5CA29D61824E3358AAA516D3B6CB67D",
"inLedger" : 891,
"ledger_index" : 891,
"meta" : {
"AffectedNodes" : [
{
"ModifiedNode" : {
"FinalFields" : {
"Account" : "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
"Balance" : "99999999999999990",
"Flags" : 65536,
"OwnerCount" : 0,
"RegularKey" : "rac2ReJMqmtpUAysDiNnxurmEY6iwVns82",
"Sequence" : 2
},
"LedgerEntryType" : "AccountRoot",
"LedgerIndex" : "2B6AC232AA4C4BE41BF49D2459FA4A0347E1B543A4C92FCEE0821C0201E2E9A8",
"PreviousFields" : {
"Balance" : "100000000000000000",
"Flags" : 0,
"Sequence" : 1
}
}
}
],
"TransactionIndex" : 0,
"TransactionResult" : "tesSUCCESS"
},
"status" : "success",
"validated" : true
}
}
[tom@node ripple]$

在一个较晚加入私链网络的节点test中查看当前已完成的总账数据库编号范围

[tom@test ~]$ rippled server_info --conf /usr/local/ripple/etc/rippled.cfg |grep complete
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 06:59:33.065045846 HTTPClient:NFO Connecting to 127.0.0.1:8008

"complete_ledgers" : "86363-140471",
[tom@test ~]$

查询交易详情,提示无法找到交易

[tom@test ~]$ rippled tx 6A7F157E02AB0E9E134D1F48110413ABF5CA29D61824E3358AAA516D3B6CB67D --conf /usr/local/ripple/etc/rippled.cfg
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 07:00:39.579715595 HTTPClient:NFO Connecting to 127.0.0.1:8008

{
"result" : {
"error" : "txnNotFound",
"error_code" : 29,
"error_message" : "Transaction not found.",
"request" : {
"command" : "tx",
"transaction" : "6A7F157E02AB0E9E134D1F48110413ABF5CA29D61824E3358AAA516D3B6CB67D"
},
"status" : "error"
}
}
[tom@test ~]$

查询交易所在账本信息,提示未找到该账本

[tom@test ~]$ rippled ledger 891 --conf /usr/local/ripple/etc/rippled.cfg 
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 07:00:44.318081015 HTTPClient:NFO Connecting to 127.0.0.1:8008

{
"result" : {
"error" : "lgrNotFound",
"error_code" : 21,
"error_message" : "ledgerNotFound",
"request" : {
"command" : "ledger",
"ledger_index" : 891
},
"status" : "error"
}
}
[tom@test ~]$

启用总账历史维护配置并重新启动节点服务

[ledger_history]
full

启用总账历史维护配置后,当前节点已完成账本complete_ledgers编号范围向两端扩大

[tom@test ~]$ rippled server_info --conf /usr/local/ripple/etc/rippled.cfg |grep complete 
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 07:11:30.943085415 HTTPClient:NFO Connecting to 127.0.0.1:8008

"complete_ledgers" : "77754-140710",
[tom@test ~]$ rippled server_info --conf /usr/local/ripple/etc/rippled.cfg |grep complete
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 07:23:47.692259040 HTTPClient:NFO Connecting to 127.0.0.1:8008

"complete_ledgers" : "68996-140955",
[tom@test ~]$ rippled server_info --conf /usr/local/ripple/etc/rippled.cfg |grep complete
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 07:46:40.158108447 HTTPClient:NFO Connecting to 127.0.0.1:8008

"complete_ledgers" : "52277-141412",
[tom@test ~]$ rippled server_info --conf /usr/local/ripple/etc/rippled.cfg |grep complete 
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 07:59:33.520702510 HTTPClient:NFO Connecting to 127.0.0.1:8008

"complete_ledgers" : "43083-141669",
[tom@test ~]$ rippled server_info --conf /usr/local/ripple/etc/rippled.cfg |grep complete
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 08:08:41.423772524 HTTPClient:NFO Connecting to 127.0.0.1:8008

"complete_ledgers" : "36331-141852",
[tom@test ~]$ rippled server_info --conf /usr/local/ripple/etc/rippled.cfg |grep complete
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 08:43:18.161251559 HTTPClient:NFO Connecting to 127.0.0.1:8008

"complete_ledgers" : "32570-142543",
[tom@test ~]$ rippled server_info --conf /usr/local/ripple/etc/rippled.cfg |grep complete
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 08:43:43.923573899 HTTPClient:NFO Connecting to 127.0.0.1:8008

"complete_ledgers" : "32570-142552",
[tom@test ~]$ rippled server_info --conf /usr/local/ripple/etc/rippled.cfg |grep complete
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 08:43:46.535821957 HTTPClient:NFO Connecting to 127.0.0.1:8008

"complete_ledgers" : "32570-142553",
[tom@test ~]$

在不指定earliest_seq时,默认的已完成总账complete_ledgers最低值为32570,在私链上需指定该参数以包括该编号之前的历史总账。

[node_db]
type=NuDB
path=/usr/local/ripple/db/nudb
advisory_delete=0
earliest_seq=1

已完成总账同步状态

[tom@test ~]$ rippled server_info --conf /usr/local/ripple/etc/rippled.cfg |grep complete
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 08:54:03.283201753 HTTPClient:NFO Connecting to 127.0.0.1:8008

"complete_ledgers" : "27899-142758",
[tom@test ~]$ rippled server_info --conf /usr/local/ripple/etc/rippled.cfg |grep complete
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 09:09:17.659041802 HTTPClient:NFO Connecting to 127.0.0.1:8008

"complete_ledgers" : "16748-143063",
[tom@test ~]$ rippled server_info --conf /usr/local/ripple/etc/rippled.cfg |grep complete
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 09:31:28.145139033 HTTPClient:NFO Connecting to 127.0.0.1:8008

"complete_ledgers" : "645-143506",
[tom@test ~]$ rippled server_info --conf /usr/local/ripple/etc/rippled.cfg |grep complete
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 09:32:43.897708626 HTTPClient:NFO Connecting to 127.0.0.1:8008

"complete_ledgers" : "7-143531",
[tom@test ~]$ rippled server_info --conf /usr/local/ripple/etc/rippled.cfg |grep complete
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 09:32:47.002578477 HTTPClient:NFO Connecting to 127.0.0.1:8008

"complete_ledgers" : "7-143532",
[tom@test ~]$ rippled server_info --conf /usr/local/ripple/etc/rippled.cfg |grep complete
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 09:32:48.851592760 HTTPClient:NFO Connecting to 127.0.0.1:8008

"complete_ledgers" : "7-143533",
[tom@test ~]$ rippled server_info --conf /usr/local/ripple/etc/rippled.cfg |grep complete
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 09:32:50.681739140 HTTPClient:NFO Connecting to 127.0.0.1:8008

"complete_ledgers" : "7-143533",
[tom@test ~]$

当前私链对端节点已完成总账的状态信息

[tom@test ~]$ rippled peers --conf /usr/local/ripple/etc/rippled.cfg |grep complete_ledgers
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 09:33:20.473793774 HTTPClient:NFO Connecting to 127.0.0.1:8008

"complete_ledgers" : "11 - 143543",
"complete_ledgers" : "141543 - 143543",
"complete_ledgers" : "8 - 143543",
"complete_ledgers" : "141543 - 143543",
"complete_ledgers" : "9 - 143543",
"complete_ledgers" : "141543 - 143543",
"complete_ledgers" : "141543 - 143543",
"complete_ledgers" : "141543 - 143543",
"complete_ledgers" : "10 - 143543",
"complete_ledgers" : "141542 - 143542",
"complete_ledgers" : "141543 - 143543",
"complete_ledgers" : "141543 - 143543",
[tom@test ~]$

历史总账同步后查询交易所在总账信息

[tom@test ~]$ rippled ledger 891 --conf /usr/local/ripple/etc/rippled.cfg
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 09:34:04.257744351 HTTPClient:NFO Connecting to 127.0.0.1:8008

{
"result" : {
"ledger" : {
"accepted" : true,
"account_hash" : "DDF8DFF58D91375576EA026F01F50E3AE9B829440420878AF2D6282A6466287E",
"close_flags" : 0,
"close_time" : 586519652,
"close_time_human" : "2018-Aug-02 10:07:32.000000000",
"close_time_resolution" : 10,
"closed" : true,
"hash" : "EB702434D82270AFB4AFD952E5829C2741A40178CD0CD8ACBE53554031CE62FA",
"ledger_hash" : "EB702434D82270AFB4AFD952E5829C2741A40178CD0CD8ACBE53554031CE62FA",
"ledger_index" : "891",
"parent_close_time" : 586519651,
"parent_hash" : "0C38EB1DD432DBE4ED888C5AC9E21A12DB4770C25885BA35E7C42CA461B7FE1B",
"seqNum" : "891",
"totalCoins" : "99999999999999990",
"total_coins" : "99999999999999990",
"transaction_hash" : "D3DB2B4E309220CA89EB9521617F2314869519A7280C7747BD7585CF184922A3"
},
"ledger_hash" : "EB702434D82270AFB4AFD952E5829C2741A40178CD0CD8ACBE53554031CE62FA",
"ledger_index" : 891,
"status" : "success",
"validated" : true
}
}

历史总账同步后查询交易详情

[tom@test ~]$ rippled tx 6A7F157E02AB0E9E134D1F48110413ABF5CA29D61824E3358AAA516D3B6CB67D --conf /usr/local/ripple/etc/rippled.cfg
Loading: "/usr/local/ripple/etc/rippled.cfg"
2018-Aug-07 09:34:12.003683590 HTTPClient:NFO Connecting to 127.0.0.1:8008

{
"result" : {
"Account" : "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
"Fee" : "10",
"Flags" : 2147483648,
"RegularKey" : "rac2ReJMqmtpUAysDiNnxurmEY6iwVns82",
"Sequence" : 1,
"SigningPubKey" : "0330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD020",
"TransactionType" : "SetRegularKey",
"TxnSignature" : "30440220011A56103E3FCFD990879A9E7BE30F9FF3DA618227772C23513D97FCF7E9FBF502201C2A15D155F73615B3C05FEA936DCDE320323B1549B19A30AC02E7DB91FDF9E3",
"date" : 586519652,
"hash" : "6A7F157E02AB0E9E134D1F48110413ABF5CA29D61824E3358AAA516D3B6CB67D",
"inLedger" : 891,
"ledger_index" : 891,
"meta" : {
"AffectedNodes" : [
{
"ModifiedNode" : {
"FinalFields" : {
"Account" : "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
"Balance" : "99999999999999990",
"Flags" : 65536,
"OwnerCount" : 0,
"RegularKey" : "rac2ReJMqmtpUAysDiNnxurmEY6iwVns82",
"Sequence" : 2
},
"LedgerEntryType" : "AccountRoot",
"LedgerIndex" : "2B6AC232AA4C4BE41BF49D2459FA4A0347E1B543A4C92FCEE0821C0201E2E9A8",
"PreviousFields" : {
"Balance" : "100000000000000000",
"Flags" : 0,
"Sequence" : 1
}
}
}
],
"TransactionIndex" : 0,
"TransactionResult" : "tesSUCCESS"
},
"status" : "success",
"validated" : true
}
}
[tom@test ~]$
8月 022018
 

https://dev.mysql.com/doc/refman/5.6/en/server-system-variables.html#sysvar_max_connections

系统变量属性

Property Value
Command-Line Format --max-connections=#
System Variable max_connections
Scope Global
Dynamic Yes
Type integer
Default Value 151
Minimum Value 1
Maximum Value 100000

查看最大连接数

mysql> show variables like "max_connections";
+-----------------------------------------------+-----------------+
| Variable_name | Value |
+-----------------------------------------------+-----------------+
| max_connections | 151 |
+-----------------------------------------------+-----------------+
1 rows in set (0.00 sec)

mysql> show variables like "max_connections";
+--------------------+-------+
| Variable_name | Value |
+--------------------+-------+
| max_connections | 214 |
+--------------------+-------+
1 rows in set (0.00 sec)

修改

[root@localhost ~]# cat /usr/lib/systemd/system/mysqld.service
#
# Simple MySQL systemd service file
#
# systemd supports lots of fancy features, look here (and linked docs) for a full list:
# http://www.freedesktop.org/software/systemd/man/systemd.exec.html
#
# Note: this file ( /usr/lib/systemd/system/mysql.service )
# will be overwritten on package upgrade, please copy the file to
#
# /etc/systemd/system/mysql.service
#
# to make needed changes.
#
# systemd-delta can be used to check differences between the two mysql.service files.
#

[Unit]
Description=MySQL Community Server
After=network.target
After=syslog.target

[Install]
WantedBy=multi-user.target
Alias=mysql.service

[Service]
User=mysql
Group=mysql

# Execute pre and post scripts as root
PermissionsStartOnly=true

# Needed to create system tables etc.
ExecStartPre=/usr/bin/mysql-systemd-start pre

# Start main service
ExecStart=/usr/bin/mysqld_safe --basedir=/usr

# Don't signal startup success before a ping works
ExecStartPost=/usr/bin/mysql-systemd-start post

# Give up if ping don't get an answer
TimeoutSec=600

Restart=always
PrivateTmp=false

LimitNOFILE=65535
LimitNPROC=65535
[root@localhost ~]#

重启服务

[root@localhost ~]# systemctl daemon-reload
[root@localhost ~]# systemctl restart mysqld

查看最大连接数

mysql> show variables like 'max_connections';
+--------------------------+-----------------+
| Variable_name | Value |
+--------------------------+-----------------+
| max_connections | 5000 |
+--------------------------+-----------------+
1 rows in set (0.01 sec)

mysql>
7月 312018
 

Ripple私链修正案加载启用和禁用

https://developers.ripple.com/known-amendments.html
https://developers.ripple.com/feature.html
https://developers.ripple.com/pseudo-transaction-types.html
https://developers.ripple.com/enableamendment.html
https://developers.ripple.com/setfee.html
https://developers.ripple.com/commandline-usage.html

1) 按照公链上修正案启用情况,在Validator节点配置禁用的修正案。(截止2018/07/31版本1.0.1)

[veto_amendments]
157D2D480E006395B76F948E3E07A45A05FE10230D88A7993C71F97AE4B1F2D1 Checks
86E83A7D2ECE3AD5FA87AB2195AE015C950469ABF0B72EAACED318F74886AE90 CryptoConditionsSuite
3012E8230864E95A58C60FD61430D7E1B4D3353195F2981DC12B0C7C0950FFAC FlowCross

2)优先启动具有验证能力的Validator节点,在所有Validator节点使用–start参数初始化。

nohup rippled --start --silent --conf /usr/local/ripple/etc/rippled.cfg &

3)在Validator节点共识后,确认修正案启用状态后,启动所有其他节点。

nohup rippled --silent --conf /usr/local/ripple/etc/rippled.cfg &

待启用的修正案和费用投票伪交易信息(Ledger 257)

{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "4C97EBA926031A7CF7D7B36FDE3ED66DDA5421192D63DE53FFB46E43B9DC8373",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "03A8562B0B308086AD800BB13D606FB5DF92ECCCAC3FF8A05977B14D94A9545A"
}

2018-Jul-27 06:59:12.378896746 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.378983710 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "E2E6F2866106419B88C50045ACE96368558C345566AC8F2BDF5A5B5587F0E6FA",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "0CEFF064D1DF549ACDA4D150A875C18E904E132D2D68ADD9011AEC9DBBDB2692"
}

2018-Jul-27 06:59:12.379190642 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.379270861 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "B4D44CC3111ADD964E846FC57760C8B50FFCD5A82C86A72756F6B058DDDF96AD",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "10F716EB339C7ED414D981769579BF206B2F2B3C1F312BC89550E4B640ED051E"
}

2018-Jul-27 06:59:12.379449474 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.379530090 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "740352F2412A9909880C23A559FCECEDA3BE2126FED62FC7660D628A06927F11",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "175AF10120102ECFA2611B467E8AC485DABC73D1BD629ECC40568825F98C458C"
}

2018-Jul-27 06:59:12.379692615 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.379771002 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "B9E739B8296B4A1BB29BE990B17D66E21B62A300A909F25AC55C22D6C72E1F9D",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "404CDEDD458FF8D05FD545AE8DA15B0CAEA8287A156548D4059786D7C0A319BA"
}

2018-Jul-27 06:59:12.379930037 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.380006051 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "6C92211186613F9647A89DFFBAB8F94C99D4C7E956D495270789128569177DA1",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "41DCC90FB1FB64F5FD7644487329EA98129E557679DD6A52EE737C9E362174AC"
}

2018-Jul-27 06:59:12.380174636 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.380250865 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "1D3463A5891F9E589C5AE839FFAC4A917CE96197098A1EF22304E1BC5B98A454",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "4A2C094D80A1B0612B56FC8560270A8BC03420E0BF2020F38F6F835D681415DD"
}

2018-Jul-27 06:59:12.380422042 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.380500291 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "58BE9B5968C4DA7C59BA900961828B113E5490699B21877DEF9A31E9D0FE5D5F",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "4E481F53CBA7CF4AD61199C8B27F262674090A114036895F6EB1EAD757E5A05A"
}

2018-Jul-27 06:59:12.380667611 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.380743309 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "08DE7D96082187F6E6578530258C77FAABABE4C20474BDB82F04B021F1A68647",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "605F449FA3060552F443F3B7E289F46F00DC66EE05353E1C055ADFF49D0A9E8D"
}

2018-Jul-27 06:59:12.380905660 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.380980361 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "3012E8230864E95A58C60FD61430D7E1B4D3353195F2981DC12B0C7C0950FFAC",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "66FC2E45DCA2965C5E4567C189E241BFD42190CAFC0A00187C3B325813B73669"
}

2018-Jul-27 06:59:12.381161275 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.381239563 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "42426C4D4F1009EE67080A9B7965B44656D7714D104A72F9B4369F97ABF044EE",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "6F8AF89E879AE690B079FF9BB96C9BDCD3388177CCBAF6E8AB00A64DA0A62B80"
}

2018-Jul-27 06:59:12.381424677 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.381502558 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "CA7C02118BA27599528543DFE77BA6838D1B0F43B447D4D7F53523CE6A0E9AC2",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "828A36D361989C526037D3EB42B21D697BD38C7C4943570AECBEF3ED3EBEF01B"
}

2018-Jul-27 06:59:12.381672634 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.381753469 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"BaseFee" : "000000000000000A",
"Fee" : "0",
"LedgerSequence" : 257,
"ReferenceFeeUnits" : 10,
"ReserveBase" : 20000000,
"ReserveIncrement" : 5000000,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "SetFee",
"hash" : "9CCE3C7AD8ABF51C3E2B36D5BA8C1197BD3CAD20AD1B60BB7D036147D870008E"
}

2018-Jul-27 06:59:12.381899206 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.381973825 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "7117E2EC2DBF119CA55181D69819F1999ECEE1A0225A7FD2B9ED47940968479C",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "A02BB0E81031D057C98FD0055D081731909F3A892CAB1AB883086B3323630261"
}

2018-Jul-27 06:59:12.382155191 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.382231059 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "6781F8368C4771B83E8B821D88F580202BCB4228075297B19E4FDC5233F1EFDC",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "A1C64E36E139558FB64F8C34600E3D84A6AAA9F9F1301A456D715F84D5B11F01"
}

2018-Jul-27 06:59:12.382413554 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.382490188 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "07D43DCE529B15A10827E5E04943B496762F9A88E3268269D69C44BE49E21104",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "AADDCCF30327892249F3494DDAF8C8743506D94E6F9995081B02523F33ED4E8D"
}

2018-Jul-27 06:59:12.382662561 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.382736565 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "1562511F573A19AE9BD103B5D6B9E01B3B46805AEC5D3C4805C902B514399146",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "BA4226EBCE6C6FAA4E26482FDE69E03D9DF2485272C9BC210F77772E09DE97F6"
}

2018-Jul-27 06:59:12.382917309 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.382991818 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "DC9CA96AEA1DCF83E527D1AFC916EFAF5D27388ECA4060A88817C1238CAEE0BF",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "C4279529BDDF1AF328BB500B03864A126C59F5B58E579604BE5F5911F0318572"
}

2018-Jul-27 06:59:12.383175902 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.383249883 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "86E83A7D2ECE3AD5FA87AB2195AE015C950469ABF0B72EAACED318F74886AE90",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "C60B3B10B988B956429B485107CE5E6B5925CC27AB8E132D22636A3192C6E883"
}

2018-Jul-27 06:59:12.383445925 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.383520137 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "532651B4FD58DF8922A49BA101AB3E996E5BFBF95A913B3E392504863E63B164",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "D3EA7DDDF8AE62AC7C807E88F8EF883869CDFFA22658B39BBD7C8F7D41BB5675"
}

2018-Jul-27 06:59:12.383699254 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.383772376 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "42EEA5E28A97824821D4EF97081FE36A54E9593C6E4F20CBAE098C69D2E072DC",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "E05072F26A1E2F43E66847F4986BE3CB3D323EBD578912DDC148FC2157C94583"
}

2018-Jul-27 06:59:12.383966376 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.384040527 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "157D2D480E006395B76F948E3E07A45A05FE10230D88A7993C71F97AE4B1F2D1",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "E3CF691D959ED5B4FBC75BC5EEB5EA020204374928CF678DC9A6C085C667D8B2"
}

2018-Jul-27 06:59:12.384232391 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.384318483 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "F64E1EABBE79D55B3BB82020516CEC2C582A98A6BFE20FBE9BB6A0D233418064",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "E595A8E9D46F023C8EB29F42425FC661B08E71DBCD50B38ABCF50C77204B9C04"
}

2018-Jul-27 06:59:12.384511673 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.384585993 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "CC5ABAE4F3EC92E94A59B1908C2BE82D2228B6485C00AFF8F22DF930D89C194E",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "F6001BD9851654459F1CDFD45FC65F102CD2604E11F290B7AB66A0393909E069"
}

2018-Jul-27 06:59:12.384779875 Ledger:WRN Transaction in ledger 257 affects no accounts
2018-Jul-27 06:59:12.384855401 Ledger:WRN 
{
"Account" : "rrrrrrrrrrrrrrrrrrrrrhoLvTp",
"Amendment" : "67A34F2CF55BFC0F93AACD5B281413176FEE195269FA6D95219A2DF738671172",
"Fee" : "0",
"Flags" : 65536,
"LedgerSequence" : 257,
"Sequence" : 0,
"SigningPubKey" : "",
"TransactionType" : "EnableAmendment",
"hash" : "F8195FE322CA39D004A5666451829D94C0A6109BD4905B1D038429D24080433E"
}
7月 272018
 

托管交易字段构造

{
"Account": "rf1BiGeXwwQoi8Z2ueFYTEXSwuJYfV2Jpn",
"TransactionType": "EscrowCreate",
"Amount": "10000",
"Destination": "rsA2LpzuawewSBQXkiju3YQTMzW13pAAdW",
"CancelAfter": 533257958,
"FinishAfter": 533171558,
"Condition": "A0258020E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855810100",
"DestinationTag": 23480,
"SourceTag": 11747
}

交易字段CancelAfter和FinishAfter必须指定,且FinishAfter指定的时间点必须早于CancelAfter指定的时间点。
在修正案fix1571(于1.0.0版本引入)(当前已生效)中要求,必须指定FinishAfter字段和Condition字段中的一个或全部。
时间戳指定的时间点,必须是自Ripple Epoch(Ripple纪元)(January 1, 2000 00:00 UTC)起所经历的秒数,且该值在交易提交后不可改变。

1)提交一笔基于时间的托管交易,等待托管过期,并取消交易

当前时间
[root@rippled ~]# date
Fri Jul 13 12:18:36 UTC 2018
在此时间后可取消交易
CancelAfter:2018-07-16 00:00
1531699200-946684800=585014400
在此时间后可提取资金
FinishAfter: 2018-07-14 00:00
1531526400-946684800=584841600

提交交易及交易返回(占用1个单位储备金额度,消耗10Drops,托管1XRP)

curl -k -H 'Content-Type: application/json' -X POST -d '
{
"method": "sign",
"params": [
{
"tx_json" : {
"TransactionType" : "EscrowCreate",
"Account" : "rpMT7rVHb9wskPVZHycRqXjrHH6Jc9dDv5",
"Destination" : "rPMDsqFDs8YGgfRvvEViC9Xbezw4hGsUgi",
"Amount" : 1000000,
"CancelAfter": 585014400,
"FinishAfter": 584841600
},
"secret" : "###",
"offline": false,
"fee_mult_max": 10
}
]
}' localhost:5005

F8937D49ABA8C3F616789FB9EB13DF42F6A6F863787E49C05C458480BB9A0489

托管未在有效期内提取,在达到可取消时间后,取消该笔托管交易,返还资金给付款方

curl -k -H 'Content-Type: application/json' -X POST -d '
{
"method": "sign",
"params": [
{
"tx_json" : {
"TransactionType" : "EscrowCancel",
"Account" : "rpMT7rVHb9wskPVZHycRqXjrHH6Jc9dDv5",
"Owner" : "rpMT7rVHb9wskPVZHycRqXjrHH6Jc9dDv5",
"OfferSequence": 34
},
"secret" : "###",
"offline": false,
"fee_mult_max": 10
}
]
}' localhost:5005

8AB365CD1A14B775CDB2CE1002BE5522B4064031EF1624393D5C66A64CEDDE11

2)提交一笔基于时间的托管交易,在托管提取有效期内提取资金

当前时间
[root@rippled ~]# date
Thu Jul 19 09:25:34 UTC 2018
基本时间计算
[root@rippled ~]# date -d ‘2018-07-19 10:00:00’ +%s
1531994400
[root@rippled ~]# date -d ‘2018-07-19 10:15:00’ +%s
1531995300
[root@rippled ~]#
在此时间后可取消交易
CancelAfter:2018-07-19 10:15:00
1531995300-946684800= 585310500
在此时间后可提取资金
FinishAfter: 2018-07-19 10:00:00
1531994400-946684800= 585309600

提交托管交易

curl -k -H 'Content-Type: application/json' -X POST -d '
{
"method": "sign",
"params": [
{
"tx_json" : {
"TransactionType" : "EscrowCreate",
"Account" : "rpMT7rVHb9wskPVZHycRqXjrHH6Jc9dDv5",
"Destination" : "rPMDsqFDs8YGgfRvvEViC9Xbezw4hGsUgi",
"Amount" : 1000000,
"CancelAfter": 585310500,
"FinishAfter": 585309600
},
"secret" : "###",
"offline": false,
"fee_mult_max": 10
}
]
}' localhost:5005

0939A6DD03C52812304B8D136A8E8A4410857454443D8870E1F16C409171A661

提取托管资金

curl -k -H 'Content-Type: application/json' -X POST -d '
{
"method": "sign",
"params": [
{
"tx_json" : {
"TransactionType" : "EscrowFinish",
"Account" : "rPMDsqFDs8YGgfRvvEViC9Xbezw4hGsUgi",
"Owner" : "rpMT7rVHb9wskPVZHycRqXjrHH6Jc9dDv5",
"OfferSequence": 36
},
"secret" : "###",
"offline": false,
"fee_mult_max": 10
}
]
}' localhost:5005

未到可提取时间点时提取的交易返回

[root@rippled ~]# date
Thu Jul 19 09:37:12 UTC 2018
[root@rippled ~]#

{
"result" : {
"engine_result" : "tecNO_PERMISSION",
"engine_result_code" : 139,
"engine_result_message" : "No permission to perform requested operation.",
"status" : "success",
"tx_blob" : "1200022280000000240000001520190000002468400000000000000A732103F9B92F34FC2C0E873543D18B6B792F2325D3D592F4BF99F1905151C7A0538A1A744730450221009BFCAA9C24E2522A5BB5FB58C286D45B9D4C54AAC86A5E6B08DE87DFAC14778602200EE80148B6EE354F8B7AE2A3BD290A328AFEFF50D91D879827CD4DF9D77AF4488114F52524FC1F994334DDE86CC633E2383928B67A5582140ED68995C96301AF05997C7242D6F75371F3587F",
"tx_json" : {
"Account" : "rPMDsqFDs8YGgfRvvEViC9Xbezw4hGsUgi",
"Fee" : "10",
"Flags" : 2147483648,
"OfferSequence" : 36,
"Owner" : "rpMT7rVHb9wskPVZHycRqXjrHH6Jc9dDv5",
"Sequence" : 21,
"SigningPubKey" : "03F9B92F34FC2C0E873543D18B6B792F2325D3D592F4BF99F1905151C7A0538A1A",
"TransactionType" : "EscrowFinish",
"TxnSignature" : "30450221009BFCAA9C24E2522A5BB5FB58C286D45B9D4C54AAC86A5E6B08DE87DFAC14778602200EE80148B6EE354F8B7AE2A3BD290A328AFEFF50D91D879827CD4DF9D77AF448",
"hash" : "3C84D69EFAE8C4C607B072E04D1EC22227BB2554FB5EB1AD93EFE5F049557B7F"
}
}
}

到达可提取时间点后提取的交易返回

[root@rippled ~]# date
Thu Jul 19 10:00:20 UTC 2018
[root@rippled ~]#

{
"result" : {
"engine_result" : "tesSUCCESS",
"engine_result_code" : 0,
"engine_result_message" : "The transaction was applied. Only final in a validated ledger.",
"status" : "success",
"tx_blob" : "1200022280000000240000001620190000002468400000000000000A732103F9B92F34FC2C0E873543D18B6B792F2325D3D592F4BF99F1905151C7A0538A1A7446304402205BBE5FDD7A67AB638016CAFA2513E472E510E6B7976607385617E3A9E1FF6E0702201216F0FC3C3B6BBA8249EE9828666E47CAB553AF25CBAA76E1484C00582AB4EC8114F52524FC1F994334DDE86CC633E2383928B67A5582140ED68995C96301AF05997C7242D6F75371F3587F",
"tx_json" : {
"Account" : "rPMDsqFDs8YGgfRvvEViC9Xbezw4hGsUgi",
"Fee" : "10",
"Flags" : 2147483648,
"OfferSequence" : 36,
"Owner" : "rpMT7rVHb9wskPVZHycRqXjrHH6Jc9dDv5",
"Sequence" : 22,
"SigningPubKey" : "03F9B92F34FC2C0E873543D18B6B792F2325D3D592F4BF99F1905151C7A0538A1A",
"TransactionType" : "EscrowFinish",
"TxnSignature" : "304402205BBE5FDD7A67AB638016CAFA2513E472E510E6B7976607385617E3A9E1FF6E0702201216F0FC3C3B6BBA8249EE9828666E47CAB553AF25CBAA76E1484C00582AB4EC",
"hash" : "64EFAE4DB75B69627F3EBF7D4850655AC18350A997985BBB9B68A7742C26A7F2"
}
}
}
7月 222018
 

生成一个账户

{
"result" : {
"account_id" : "rUyUa2dg3eCsTYzxTavACcmGmPr5muN1cW",
"key_type" : "secp256k1",
"master_key" : "TED CARL FOLD GALE GLIB PEN BURR FLIT AMOK REEL NOD ACID",
"master_seed" : "sh5How4HaV76TK6S9Tqt9qfnraaTH",
"master_seed_hex" : "90C812E73155F06065CA58C40F72CC3F",
"public_key" : "aBQsesLPSgmgfVUysK8Qakvf3uGJeceUjmsAgm7z5kPKdEcZ9xqi",
"public_key_hex" : "03130F5D37F3C1C9EC5A8A4569C271051CB192FCBF346ABF141D74CD5F9F4D3788",
"status" : "success"
}
}

发起一笔Payment交易

[root@rippled ~]# curl -k -H 'Content-Type: application/json' -X POST -d '
> {
> "method": "sign",
> "params": [
> {
> "offline": false,
> "secret": "###",
> "tx_json": {
> "Account": "raex7tk3x88HGm7TyPaEhj71x3iWdvRM4A",
> "Amount": "10",
> "Destination": "rUyUa2dg3eCsTYzxTavACcmGmPr5muN1cW",
> "TransactionType": "Payment"
> },
> "fee_mult_max": 10
> }
> ]
> }' localhost:5005

未达到基本储备金额度要求(20XRP)的付款激活交易失败返回

{
"result" : {
"engine_result" : "tecNO_DST_INSUF_XRP",
"engine_result_code" : 125,
"engine_result_message" : "Destination does not exist. Too little XRP sent to create it.",
"status" : "success",
"tx_blob" : "1200002280000000240000006061400000000000000A68400000000000000A732103C125726E7D2DAC95FA3BF2C9E4ADF936253E3413F7128DBE142F3A799BDA60EA74463044022071EC0FA91BFC01D8EDF1EDFC7F308E313B6463A634FCF789B7A1317DDA760915022063B9564872A47B95F0E1F0BAC1AF9769990DE4E2ABA8D1934C8ECA29EFB8682D81143E0655270D699B5731416C2225EC2630DACD1D4583148349F0AC2817253F359D33E1082F2FBC57FC7F7F",
"tx_json" : {
"Account" : "raex7tk3x88HGm7TyPaEhj71x3iWdvRM4A",
"Amount" : "10",
"Destination" : "rUyUa2dg3eCsTYzxTavACcmGmPr5muN1cW",
"Fee" : "10",
"Flags" : 2147483648,
"Sequence" : 96,
"SigningPubKey" : "03C125726E7D2DAC95FA3BF2C9E4ADF936253E3413F7128DBE142F3A799BDA60EA",
"TransactionType" : "Payment",
"TxnSignature" : "3044022071EC0FA91BFC01D8EDF1EDFC7F308E313B6463A634FCF789B7A1317DDA760915022063B9564872A47B95F0E1F0BAC1AF9769990DE4E2ABA8D1934C8ECA29EFB8682D",
"hash" : "6BC6E8F1370D6BD4DEAEBBBB572D4A5FE29ACA81723FE104AA5963CE27D38F06"
}
}
}

Ripple官方浏览器交易详情链接

https://xrpcharts.ripple.com/#/transactions/6BC6E8F1370D6BD4DEAEBBBB572D4A5FE29ACA81723FE104AA5963CE27D38F06
6月 262018
 

创世账号信息

AccountID:rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh
MasterSeed/Secret:snoPBrXtMeMyMHUVTgbuqAfg1SUTb
TotalCoins:100000000000000000

为创世账号生成和启用RegularKey并禁用MasterSeed
1)生成RegularKey

curl -k -H 'Content-Type: application/json' -X POST -d '
{
"method": "wallet_propose",
"params": [
{
"key_type": "secp256k1"
}
]
}' http://localhost:8008
{"result":{"account_id":"ratab3YWDfFXn5HXSpeHmU8ybZ9MNMJLHR","key_type":"secp256k1","master_key":"PIT FED BAY JUKE TRUE SUB NEST ADDS BURY VETO HANG WIRE","master_seed":"sawgEVr2AyVsekSKdng9yvD2hxHTd","master_seed_hex":"F93759FA841DA9C37C04EF5119680234","public_key":"aBRrpkhvwV66hCtNpZcuz3vJvRZLNbUiP3nLDavj6Z5jJB21G7GR","public_key_hex":"0390D540145E7FEABA03948D2E2F438A5F5BEB9DAC6CDC1CFE8F09C4FB1EBD68A3","status":"success"}}

2)为创世账号启用RegularKey

curl -k -H 'Content-Type: application/json' -X POST -d '
{
"method": "sign",
"params": [
{
"tx_json": {
"TransactionType": "SetRegularKey",
"Account": "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
"RegularKey": "ratab3YWDfFXn5HXSpeHmU8ybZ9MNMJLHR"
},
"secret": "snoPBrXtMeMyMHUVTgbuqAfg1SUTb"
}
]
}' http://localhost:8008
{"result":{"status":"success","tx_blob":"1200052280000000240000000168400000000000000A73210330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD02074473045022100C9D3479A4CBA7620CBDFFE34B60DAA9566FF429235D3D9DB6DB9DA8A57AF7F02022042B43C0975C1B130654E53AEAAFBB37420FE82B06FF2F673F8D7D14BB45B85728114B5F762798A53D543A014CAF8B297CFF8F2F937E888144082820A7E5AB5992534142CEA0D78151D9E9915","tx_json":{"Account":"rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh","Fee":"10","Flags":2147483648,"RegularKey":"ratab3YWDfFXn5HXSpeHmU8ybZ9MNMJLHR","Sequence":1,"SigningPubKey":"0330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD020","TransactionType":"SetRegularKey","TxnSignature":"3045022100C9D3479A4CBA7620CBDFFE34B60DAA9566FF429235D3D9DB6DB9DA8A57AF7F02022042B43C0975C1B130654E53AEAAFBB37420FE82B06FF2F673F8D7D14BB45B8572","hash":"DE38DC47C9CDF7B7576F7AC0C6F075C7BF18824B29A3EEAA2351E6E841B07C54"}}}
{
"result" : {
"engine_result" : "tesSUCCESS",
"engine_result_code" : 0,
"engine_result_message" : "The transaction was applied. Only final in a validated ledger.",
"status" : "success",
"tx_blob" : "1200052280000000240000000168400000000000000A73210330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD02074473045022100C9D3479A4CBA7620CBDFFE34B60DAA9566FF429235D3D9DB6DB9DA8A57AF7F02022042B43C0975C1B130654E53AEAAFBB37420FE82B06FF2F673F8D7D14BB45B85728114B5F762798A53D543A014CAF8B297CFF8F2F937E888144082820A7E5AB5992534142CEA0D78151D9E9915",
"tx_json" : {
"Account" : "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
"Fee" : "10",
"Flags" : 2147483648,
"RegularKey" : "ratab3YWDfFXn5HXSpeHmU8ybZ9MNMJLHR",
"Sequence" : 1,
"SigningPubKey" : "0330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD020",
"TransactionType" : "SetRegularKey",
"TxnSignature" : "3045022100C9D3479A4CBA7620CBDFFE34B60DAA9566FF429235D3D9DB6DB9DA8A57AF7F02022042B43C0975C1B130654E53AEAAFBB37420FE82B06FF2F673F8D7D14BB45B8572",
"hash" : "DE38DC47C9CDF7B7576F7AC0C6F075C7BF18824B29A3EEAA2351E6E841B07C54"
}
}
}

3)发起AccountSet交易禁用创世账号的MasterSeed(最后一次使用MasterSeed)(asfDisableMaster)

curl -k -H 'Content-Type: application/json' -X POST -d '
{
"method": "sign",
"params": [
{
"offline": false,
"secret": "snoPBrXtMeMyMHUVTgbuqAfg1SUTb",
"tx_json": {
"Account": "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
"SetFlag": 4,
"TransactionType": "AccountSet"
},
"fee_mult_max": 10
}
]
}' localhost:8008
{"result":{"status":"success","tx_blob":"1200032280000000240000000220210000000468400000000000000A73210330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD0207446304402205D6C52A67E5A596955B4E9466B8869762EA9D655EAE4F03FD901ACE2DB506936022050CB5DDF494BF7625516814DDAD938E329E4147FE34CB6AC1AD433719E21FC8B8114B5F762798A53D543A014CAF8B297CFF8F2F937E8","tx_json":{"Account":"rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh","Fee":"10","Flags":2147483648,"Sequence":2,"SetFlag":4,"SigningPubKey":"0330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD020","TransactionType":"AccountSet","TxnSignature":"304402205D6C52A67E5A596955B4E9466B8869762EA9D655EAE4F03FD901ACE2DB506936022050CB5DDF494BF7625516814DDAD938E329E4147FE34CB6AC1AD433719E21FC8B","hash":"328C416EBD9B8BD336018D4ED1D57FBD591309560BC5D7F915A80F8678456981"}}}
{
"result" : {
"engine_result" : "tesSUCCESS",
"engine_result_code" : 0,
"engine_result_message" : "The transaction was applied. Only final in a validated ledger.",
"status" : "success",
"tx_blob" : "1200032280000000240000000220210000000468400000000000000A73210330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD0207446304402205D6C52A67E5A596955B4E9466B8869762EA9D655EAE4F03FD901ACE2DB506936022050CB5DDF494BF7625516814DDAD938E329E4147FE34CB6AC1AD433719E21FC8B8114B5F762798A53D543A014CAF8B297CFF8F2F937E8",
"tx_json" : {
"Account" : "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
"Fee" : "10",
"Flags" : 2147483648,
"Sequence" : 2,
"SetFlag" : 4,
"SigningPubKey" : "0330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD020",
"TransactionType" : "AccountSet",
"TxnSignature" : "304402205D6C52A67E5A596955B4E9466B8869762EA9D655EAE4F03FD901ACE2DB506936022050CB5DDF494BF7625516814DDAD938E329E4147FE34CB6AC1AD433719E21FC8B",
"hash" : "328C416EBD9B8BD336018D4ED1D57FBD591309560BC5D7F915A80F8678456981"
}
}
}

4)查看创世账号的RegularKey启用状态及余额

{
"result" : {
"account_data" : {
"Account" : "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
"Balance" : "99999999999999980",
"Flags" : 1114112,
"LedgerEntryType" : "AccountRoot",
"OwnerCount" : 0,
"PreviousTxnID" : "328C416EBD9B8BD336018D4ED1D57FBD591309560BC5D7F915A80F8678456981",
"PreviousTxnLgrSeq" : 27079,
"RegularKey" : "ratab3YWDfFXn5HXSpeHmU8ybZ9MNMJLHR",
"Sequence" : 3,
"index" : "2B6AC232AA4C4BE41BF49D2459FA4A0347E1B543A4C92FCEE0821C0201E2E9A8"
},
"ledger_current_index" : 27100,
"status" : "success",
"validated" : false
}
}

5)测试(使用创世账号原始MasterSeed发起一笔空AccountSet交易)

curl -k -H 'Content-Type: application/json' -X POST -d '
{
"method": "sign",
"params": [
{
"offline": false,
"secret": "snoPBrXtMeMyMHUVTgbuqAfg1SUTb",
"tx_json": {
"Account": "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
"TransactionType": "AccountSet"
},
"fee_mult_max": 10
}
]
}' localhost:8008
{"result":{"error":"masterDisabled","error_code":23,"error_message":"Master key is disabled.","request":{"command":"sign","fee_mult_max":10,"offline":false,"secret":"snoPBrXtMeMyMHUVTgbuqAfg1SUTb","tx_json":{"Account":"rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh","TransactionType":"AccountSet"}},"status":"error"}}