const 发布的文章

“const”

刊登在郑州市政府官网的“关于促进房地产业良性循环和健康发展的通知 here”并称,引导在郑金融机构加大个人住房按揭贷款投放,下调住房贷款利率。

此外,政策提出对大学生等给予购房补贴、外来务工人员可按照本市缴存职工同等条件申请住房公积金贷款、鼓励老年人来郑投亲养老,允许其投靠家庭新购一套住房等。

同时,推行货币化安置。实施安置房建设工作三年行动,结合房地产市场形势,坚持以货币化安置为主。对未开工建设的安置房,鼓励拆迁群众选择货币化安置。

诸葛找房数据研究中心提供的监测数据显示,今年1月,郑州新房成交6,686套,较去年12月环比下降30.7%;二手房成交3,561套,环比下降29%,同比下降18.1%。

此前,中国地方政府的楼市政策出现实质性松绑。山东省菏泽市“无房无贷”购房者首付比例从之前的三成降至两成,而重庆以及江西赣州的不少银行亦被报已将首套房贷首付比例降至20%。

中国房地产贷款市场宽松信号愈发明显,深圳、广州的多家银行已分别下调首套房贷款利率15BP(基点)和20BP。分析人士认为,一线城市降房贷利率的做法将极大鼓励其他城市效仿,而金融机构集体下调按揭定价,定有助于在3月后稳住中国楼市。

降低房企资金压力

房企融资方面,郑州的楼市新政提出,定期组织银企对接,鼓励金融机构对受困企业贷款展期、续贷,加大房地产企业并购贷款支持,有效缓解市场主体资金链运行压力。

同时对支持开发贷、降低个人按揭贷款利率的金融机构,在政府新增财政存款、基金账户等存放方面予以优先支持。分析人士认为,此举将进一步提高金融机构参与房地产业风险化解积极性。

政策并提出,稳定住宅用地供应节奏,土地竞拍保证金最低比例下调至挂牌价的20%,土地出让金可在成交后一年内实行分期缴纳。

“此条政策降低了房企拿地的资金压力,加快房企开工销售增速,对房企来说是有利的,也有利于房地产市场的内部良性循环,”诸葛找房数据研究中心负责人王小嫱说。

不过,郑州的规定提高了预售的门槛,并继续强调严格预售监管。

“即便销售在二季度回暖,房地产行业信用分化的整体格局也不会出现变化,”中信证券称,部分企业仍然面临偿债压力,很多公司的盈利能力可能明显下降。

中国本地媒体日前报导称,全国性的商品房预售资金监督管理办法已于近日制定出台,这印证了路透1月的独家报导。

中国房地产业协会会长冯俊稍早表示,商品房预售资金监管新规是为保交楼和维护购房人合法权益作出的必要制度安排,既不是要刺激房地产投资或消费,也不是要控制或遏制房地产市场的发展。

中国住房和城乡建设部上周四强调,要保持房地产市场平稳运行,保持调控政策的连续性和稳定性,增强调控政策的协调性和精准性,继续稳妥实施房地产长效机制;加强土地、金融和市场监管等政策的协同,坚决处置个别房地产企业因债务违约引发的房地产项目逾期交付风险。

虽然房地产行业整体融资压力目前仍存,但接受路透调查的15家机构多数认为,随着房地产投资增速回暖以及相关支持政策的进一步深化,下半年房企的融资压力会有所缓解,系统性债务风险可以避免。
https://cn.reuters.com/article/zhengzhou-rea-residential-house-loan-030-idCNKBS2KZ07D?il=0

列出当前存在的网络接口

tshark -D
  1. ciscodump (Cisco remote capture)
  2. dpauxmon (DisplayPort AUX channel monitor capture)
  3. randpkt (Random packet generator)
  4. sdjournal (systemd Journal Export)
  5. sshdump (SSH remote capture)
  6. udpdump (UDP Listener remote capture)

    sudo tshark -D

Running as user "root" and group "root". This could be dangerous.

  1. eth0
  2. any
  3. lo (Loopback)
  4. docker0
  5. nflog
  6. nfqueue
  7. usbmon1
  8. ciscodump (Cisco remote capture)
  9. dpauxmon (DisplayPort AUX channel monitor capture)
  10. randpkt (Random packet generator)
  11. sdjournal (systemd Journal Export)
  12. sshdump (SSH remote capture)
  13. udpdump (UDP Listener remote capture)

tshark对指定网卡监听,抓包

sudo tshark -i <interface>

抓取网卡eth0的流量并写入capture123.pcap

tshark -i eth0 -w capture123.pcap

读取之前的文件capture123.pcap

tshark -i eth0 -r capture123.pcap

抓取网卡eth0的流量10分钟

tshark -i eth0 -a duration:600

注: 默认时间单位为秒

抓取网卡eth0的10000个数据包

tshark -c 10000 -i eth0

抓取网卡eth0涉及192.168.1.1的流量报文

tshark -i eth0 -f "host 192.168.1.1"

注: 与wireshark、tcpdump一致,均使用BPF过滤表达式
抓取网卡eth0指定协议的流量报文

tshark -i eth0 -f "<协议名>"

协议名可以为: tcp, udp, dns, icmp, http等

实时打印当前mysql查询语句

tshark -s 512 -i eth1 -n -f 'tcp dst port 3306' -R 'mysql.query' -T fields -e mysql.query

说明:

-s 512 :只抓取前512个字节数据
-i eth0 :监听eth0网卡
-n :禁止域名解析
-f ‘tcp dst port 3306’ :只捕捉协议为tcp,目的端口为3306的数据包
-R ‘mysql.query’ :过滤出mysql.query查询语句的报文
-T fields -e mysql.query :打印mysql查询语句
实时打印当前http请求的url(包括域名)

tshark -s 512 -i eth1 -n -f 'tcp dst port 8000' -R 'http.host and http.request.uri' -T fields -e http.host -e http.request.uri -l | tr -d 't'

说明:

-s 512 :只抓取前512个字节数据
-i eth1 :监听eth1网卡
-n :禁止网络对象名称解析
-f ‘tcp dst port 8000’ :只捕捉协议为tcp,目的端口为8000的数据包
-R ‘http.host and http.request.uri’ :过滤出http.host和http.request.uri
-T fields -e http.host -e http.request.uri :打印http.host和http.request.uri
-l :输出到标准输出
读取之前抓包文件进行报文数据分析
需要从抓包的文件evidence04.pcap中提取出报文相关数据信息,如时间、源IP、目的IP、协议名、源Port、標Port、包大小等信息,最后输出到csv文件。

tshark -r evidence.pcap -T fields -e frame.time_relative -e ip.src -e ip.dst -e ip.proto -e tcp.srcport -e tcp.dstport -e frame.len -E header=n -E separator=, -E quote=n -E occurrence=f > output.csv

说明:

-r evidence.pcap 需要分析的报文记录文件(pcap格式)
-T fields 输出格式,选fields按字段,也可以选json等其他格式,需结合-e 及 -E使用
-e frame.time_relative 取出封包的相对时间
-e ip.src 提取源IP
-e ip.dst 提取目的IP
-e ip.proto 提取协议名
-e tcp.srcport 提取源Port
-e tcp.dstport 提取目的Port
-e frame.len 提取数据帧大小
-E header=n 是否输出字段名称(cvs的第1行)
-E separator=, 指定分割符,/t是tab,/s是一格空格
-E quote=n 指定是否对字段用引号,d是双引号,s是单引号,n是不用
-E occurrence=f 多值时是否保留,f是第一个值,l是最后一个值,a是所有值都列出,默认全部
output.csv 输出文件路径及名称
DNS报文过滤
使用tshark过滤dns cap包中源ip、目的ip、request请求

tshark -r test.cap -T fields -e frame.time -e ip.src -e ip.dst -e dns.qry.name -R 'udp.dstport==53 || dns'
说明:

-r test.pcap 需要分析的报文记录文件(pcap格式)
-T fields 输出格式,选fields按字段,也可以选json等其他格式,需结合-e 及 -E使用
-e frame.time 提取数据帧时间
-e ip.src 提取源IP
-e ip.dst 提取目的IP
-e dns.qry.name 提取dns查询的域名信息
-R 'udp.dstport==53 || dns' 显示过滤,仅对udp目标端口为53或者dns协议的报文进行处理
默认直接显示在终端上,不记录文件。

tshark: Couldn't run /usr/bin/dumpcap in child process: Permission denied
解决办法:
On Debian and Debian derivatives such as Ubuntu, if you have installed Wireshark from a package, 1.try running

sudo dpkg-reconfigure wireshark-common

selecting "<Yes>" in response to the question

2.adding yourself to the "wireshark" group by running

sudo usermod -a -G wireshark {your username}
  1. then logging out and logging back in again.

tshark 示例

tshark -T ek -e data.data -i eth0 "udp port 12345"

Capturing on 'eth0'
{"index" : {"_index": "packets-2022-03-03", "_type": "pcap_file"}}
{"timestamp" : "1646291304083", "layers" : {"data_data": ["ff:ff:00:b0:e1:3e:c9:42:6f:32:01:19:21:23:07:10:27:12:49:bd:ad:cb:d5:32:01:00:01:00:40:32:01:62:19:61:61:29:82:20:19:10:21:20:29:10:21:cb:d5:42:31:53:30:36:30:00:00:00:00:00:00:01:00:00:2e:11:0f:04:02:00:1c:00:00:05:d0:a1:d0:cd:c6:fb:b3:b5:00:00:00:00:00:00:00:00:32:34:31:35:31:34:54:00:00:00:00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:bd:ad:cb:d5:32:01:00:01:17:40:32:01:19:21:23:07:10:27:12:49:20:19:10:21:20:29:10:21:cb:d5:42:31:53:30:36:30:00:00:00:00:00:00:01:ff:ff:ff:ff:ff:ff:ff:20:01:00:00:00:00:85:59"]}}
{"index" : {"_index": "packets-2022-03-03", "_type": "pcap_file"}}
{"timestamp" : "1646291304084", "layers" : {"data_data": ["ff:ff:00:10:f1:00:3e:c9:42:6f:32:01:19:21:23:07:10:27:12:49:61:b9"]}}

tshark 高端用法
tshark结合elasticsearch分析WIFI网络流量
https://harrunisk.github.io/2018-09-12-ElasticWifiAnalysisEn/

  • Tshark captures wireless packets by using filters.

    tshark -a duration:600 -i phy0.mon -t ad -t ad -lT fields -E separator=, -E quote=d -e _ws.col.Time -e wlan.fc.type -e wlan.fc.type_subtype -e radiotap.dbm_antsignal -e frame.len -e radiotap.datarate > tshark.csv

  • Tshark writes captured wireless packets as .csv.
  • Filebeat listens .csv file sends to Logstash.
  • Logstash filters data again and sends to Elasticsearch.
  • Analyze data by using Kibana. Dashboard, graph etc.

架构图

tshark 输出csv格式数据
命令

tshark -a duration:6 -t ad -t ad  -Tfields -E separator=, -E quote=d -e ip.src -e ip.dst -e data.len -i eth0 "udp port 12345"

结果

"61.54.103.229","172.18.73.109","182"
"172.18.73.109","61.54.103.229","22"
"61.153.149.53","172.18.73.109","182"
"172.18.73.109","61.153.149.53","22"
"223.112.138.246","172.18.73.109","182"
"172.18.73.109","223.112.138.246","22"

tshark支持将pcap报文分析后生成json文件导入elasticsearch,同时支持elasticsearch的批量导入接口_bulk的格式,命令如下:

tshark -r test_trace.pcap -T ek > test_trace.pcap.json

之后可以将json文件通过curl导入。

curl -s -H "Content-Type: application/x-ndjson" -XPOST "localhost:9200/foo/_bulk" --data-binary "@/Users/test-elastic/test_trace.pcap.json"

网络流量回溯分析(https://paper.seebug.org/427/

ubuntu20 安装最新版的wireshark/tshark
默认的tshark 版本还是2.6.10

tshark -v

TShark (Wireshark) 2.6.10 (Git v2.6.10 packaged as 2.6.10-1~ubuntu18.04.0)

tshark -v 

TShark (Wireshark) 3.2.3 (Git v3.2.3 packaged as 3.2.3-1)

安装最新的
可选

sudo apt-get install software-properties-common
sudo add-apt-repository ppa:wireshark-dev/stable
sudo apt update
sudo apt -y install wireshark tshark
tshark -v

TShark (Wireshark) 3.4.8 (Git v3.4.8 packaged as 3.4.8-1~ubuntu20.04.0+wiresharkdevstable1)

wireshark/tshark相关权限配置

sudo usermod -a -G wireshark $USER
sudo chgrp wireshark /usr/bin/dumpcap
sudo chmod 750 /usr/bin/dumpcap
sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap

Then verify it by submitting command line :

sudo getcap /usr/bin/dumpcap

/usr/bin/dumpcap = cap_net_admin,cap_net_raw+eip
tshark -G elastic-mapping
Starting with Wireshark 3.0.0rc1, TShark can now generate an Elasticsearch mapping file by using the -G elastic-mapping option.
Analyzing Network Packets with Wireshark, Elasticsearch, and Kibana
https://www.elastic.co/cn/blog/analyzing-network-packets-with-wireshark-elasticsearch-and-kibana

Rsyslog简介

Rsyslog 是一个快速处理收集系统日志的程序,提供了高性能、安全功能和模块化设计。rsyslog 是syslog 的升级版,它将多种来源输入输出转换结果到目的地。reliable syslog over TCP, SSL/TLS and RELP

Rsyslog can be configured in a client/server model. When configured as a client, it sends logs to a remote server over the network via TCP/UDP protocols. As a server, it receives logs over the network from remote client on port 514 TCP/UDP or any custom port on which it is configured to listen on.

Install Rsyslog on Ubuntu 20.04
Rsyslog is the default syslogd on Debian systems and is usually installed on Ubuntu 20.04 by default.
You can verify this by checking the version of installed rsyslog.

apt list -a rsyslog

Listing... Done
rsyslog/bionic,bionic-updates,now 8.32.0-1ubuntu4 amd64 [installed]

rsyslogd -v

rsyslogd 8.32.0, compiled with:

Setup Rsyslog Server on Ubuntu 20.04
配置Rsyslog 服务器模式
Open the ryslog configuration file for editing;

vim /etc/rsyslog.conf

找到#### MODULES ####部分,修改成如下所示:

# provides UDP syslog reception
module(load="imudp")
input(type="imudp" port="5140")

# provides TCP syslog reception
module(load="imtcp")
input(type="imtcp" port="5140")

重新启动rsyslog

sudo systemctl restart rsyslog

查看监听是否正常

netstat -na |grep 0:514

tcp 0 0 0.0.0.0:5140 0.0.0.0:* LISTEN
udp 0 0 0.0.0.0:5140 0.0.0.0:*

ss -4altunp | grep 514

udp UNCONN 0 0 0.0.0.0:5140 0.0.0.0:*
tcp LISTEN 0 25 0.0.0.0:5140 0.0.0.0:*

如果有防火墙,打开防火墙

ufw allow 5140/udp
ufw allow 5140/tcp

限制允许访问的IP地址/域名

vim /etc/rsyslog.conf

...

###########################
#### GLOBAL DIRECTIVES ####
###########################
# $AllowedSender - specifies which remote systems are allowed to send syslog messages to rsyslogd
$AllowedSender UDP, 192.168.57.0/24, [::1]/128, *.example.net, servera.example.com
$AllowedSender TCP, 192.168.58.0/24, [::1]/128, *.example.net, servera.example.com

配置保存的文件/模板

vim /etc/rsyslog.conf
# provides TCP syslog reception
module(load="imtcp")
input(type="imtcp" port="5140")

#Custom template to generate the log filename dynamically based on the client's IP address.
$template RemInputLogs, "/var/log/remotelogs/%FROMHOST-IP%/%PROGRAMNAME%.log"
*.* ?RemInputLogs

检查配置文件是否正确

rsyslogd -f /etc/rsyslog.conf -N1

rsyslogd: version 8.2001.0, config validation run (level 1), master config /etc/rsyslog.conf
rsyslogd: End of config validation run. Bye.

没有问题,重新Rsyslog服务

systemctl restart rsyslog

Rsyslogd is now ready to receive logs from remote hosts.

配置Rsyslog客户端转发日志到服务器
验证tcp/udp远程连接
Verify Remote Rsyslog Server Ports Connection
To verify connectivity to remote rsyslog server TCP port 5140, run the command below;

telnet 192.168.57.3 5140

Verify connectivity to UDP port 5140. Since you cannot telnet to UDP port 514, use netcat command. On the server, run the command below;

nc -ul 5140

On the client, run the command below, press ENTER and type anything. You should be able to see what you type on the server.

nc -u 192.168.57.3 5140

配置客户端

vim /etc/rsyslog.conf

To send authentication logs over port 5140/UDP, add the following line at the end of the file.

# Send logs to remote syslog server over UDP
auth,authpriv.* @192.168.57.3:5140

To send all logs over port 5140/TCP, add the following line at the end of the file.

# Send logs to remote syslog server over TCP 5140
*.* @@192.168.57.3:5140

如果你的日志非常重要,不接受丢失,就配置下面参数,保存到磁盘上面。

# Define Disk Queue Buffer in case the server goes down
$ActionQueueFileName queue # define a file name for disk assistance.
$ActionQueueMaxDiskSpace 1g  # The maximum size that all queue files together will use on disk.
$ActionQueueSaveOnShutdown on  # specifies that data should be saved at shutdown
$ActionQueueType LinkedList  # holds enqueued messages in memory which makes the process very fast. 
$ActionResumeRetryCount -1  # prevents rsyslog from dropping messages when retrying to connect if server is not responding,

Restart the rsyslog service on the client.

systemctl restart rsyslog

You can now log out of the client and login again. The authentication logs should be available on rsyslog server.

Login to the Rsyslog server and verify the same.

ls /var/log/remotelogs/

send specific logs to remote server

The following sample monitors two files. If you need just one, remove the second one. If you need more, add them according to the sample ;). This code must be placed in /etc/rsyslog.conf (or wherever your distro puts rsyslog’s config files). Note that only commands actually needed need to be specified. The second file uses less commands and uses defaults instead.

module(load="imfile" PollingInterval="10") #needs to be done just once

# File 1
input(type="imfile"
      File="/path/to/file1"
      Tag="tag1"
      Severity="error"
      Facility="local7")

# File 2
input(type="imfile"
      File="/path/to/file2"
      Tag="tag2")

# ... and so on ... #

relp rsyslog 相关
relp服务器端配置
https://www.rsyslog.com/doc/v8-stable/configuration/modules/imrelp.html
前提条件

apt-get install rsyslog-relp

Edit /etc/rsyslog.conf to enable RELP input module. For example, to listen on port 2514:

module(load="imrelp") # needs to be done just once
input(type="imrelp" port="2514" maxDataSize="10k")

配置tls支持
Receive RELP traffic via TLS¶
This receives RELP traffic via TLS using the recommended “openssl” library. Except for encryption support the scenario is the same as in Example 1.

Certificate files must exist at configured locations. Note that authmode “certvalid” is not very strong - you may want to use a different one for actual deployments. For details, see parameter descriptions.

module(load="imrelp" tls.tlslib="openssl")
input(type="imrelp" port="2514" maxDataSize="10k"
             tls="on"
             tls.cacert="/tls-certs/ca.pem"
             tls.mycert="/tls-certs/cert.pem"
             tls.myprivkey="/tls-certs/key.pem"
             tls.authmode="certvalid"
             tls.permittedpeer="rsyslog")

客户端配置
Sending msgs with omrelp
The following sample sends all messages to the central server “centralserv” at port 2514 (note that that server must run imrelp on port 2514).

module(load="omrelp")
action(type="omrelp" target="centralserv" port="2514")

Sending msgs with omrelp via TLS
This is the same as the previous example but uses TLS (via OpenSSL) for operations.

Certificate files must exist at configured locations. Note that authmode “certvalid” is not very strong - you may want to use a different one for actual deployments. For details, see parameter descriptions.

module(load="omrelp" tls.tlslib="openssl")
action(type="omrelp"
             target="centralserv" port="2514" tls="on"
             tls.cacert="tls-certs/ca.pem"
             tls.mycert="tls-certs/cert.pem"
             tls.myprivkey="tls-certs/key.pem"
             tls.authmode="certvalid"
             tls.permittedpeer="rsyslog")

旧命令用下面这个
This module uses old-style action configuration to keep consistent with the forwarding rule. So far, no additional configuration directives can be specified. To send a message via RELP, use

*.*  :omrelp:<server>:<port>;<template>

rsyslog 新命令都是使用action的方式
Use the following configuration in /etc/rsyslog.conf or create a file with the following content in the /etc/rsyslog.d/ directory:

*.* action(type="omfwd"
      queue.type="linkedlist"
      queue.filename="example_fwd"
      action.resumeRetryCount="-1"
      queue.saveOnShutdown="on"
      target="example.com" port="6514" protocol="tcp"
     )

Sample syslog.conf 配置tcp 使用 tls通信
Keep in mind that this rsyslog.conf accepts messages via TCP, only. The only other source accepted is messages from the server itself.

module(load="imuxsock") # local messages
module(load="imtcp" # TCP listener
    StreamDriver.Name="gtls"
    StreamDriver.Mode="1" # run driver in TLS-only mode
    StreamDriver.Authmode="anon"
    )

# make gtls driver the default and set certificate files
global(
    DefaultNetstreamDriver="gtls"
    DefaultNetstreamDriverCAFile="/path/to/contrib/gnutls/ca.pem"
    DefaultNetstreamDriverCertFile="/path/to/contrib/gnutls/cert.pem"
    DefaultNetstreamDriverKeyFile="/path/to/contrib/gnutls/key.pem"
    )

    # start up listener at port 6514
    input(
    type="imtcp"
    port="6514"
    )

Be sure to safeguard at least the private key (machine-key.pem)! If some third party obtains it, you security is broken!

omfwd用法

Example 1
The following command sends all syslog messages to a remote server via TCP port 10514.

action(type="omfwd" Target="192.168.2.11" Port="10514" Protocol="tcp" Device="eth0")

Example 2
In case the system in use has multiple (maybe virtual) network interfaces network namespaces come in handy, each with its own routing table. To be able to distribute syslogs to remote servers in different namespaces specify them as separate actions.

action(type="omfwd" Target="192.168.1.13" Port="10514" Protocol="tcp" NetworkNamespace="ns_eth0.0")
action(type="omfwd" Target="192.168.2.24" Port="10514" Protocol="tcp" NetworkNamespace="ns_eth0.1")
action(type="omfwd" Target="192.168.3.38" Port="10514" Protocol="tcp" NetworkNamespace="ns_eth0.2")

rsyslog central logging to hostname.log excluding localhost

# Add on top of the RULES statement

$template remote, "/var/log/%HOSTNAME%.log"
if ($fromhost-ip != "127.0.0.1" ) then -?remote
& stop

storing-messages-from-a-remote-system-into-a-specific-file
Config Statements

$ModLoad imtcp
$InputTCPServerRun 10514
# do this in FRONT of the local/regular rules
if $fromhost-ip startswith '192.0.1.' then /var/log/network1.log
& ~
if $fromhost-ip startswith '192.0.2.' then /var/log/network2.log
& ~
# local/regular rules, like
*.* /var/log/syslog.log

How it works
It is important that the rules processing the remote messages come before any rules to process local messages. The if’s above check if a message originates on the network in question and, if so, writes them to the appropriate log. The next line (“& ~”) is important: it tells rsyslog to stop processing the message after it was written to the log. As such, these messages will not reach the local part. Without that “& ~”, messages would also be written to the local files.

Also note that in the filter there is a dot after the last number in the IP address. This is important to get reliable filters. For example, both of the addresses “192.0.1.1” and “192.0.10.1” start with “192.0.1” but only one actually starts with “192.0.1.”!

参考文档:https://blog.csdn.net/McwoLF/article/details/110121026
https://www.rsyslog.com/doc/v8-stable/configuration/modules/omrelp.html
https://gist.github.com/drmalex07/bb178d61f800488446d22de4301160f1
https://www.rsyslog.com/doc/v8-stable/tutorials/tls_cert_server.html
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/sec-using_the_new_syntax_for_rsyslog_queues
https://www.rsyslog.com/doc/v8-stable/configuration/modules/omfwd.html

温胆汤,真的是神一样的存在。

它到底是一个怎么的药方?

很简单:茯苓30克,半夏6克,枳实6克,炙甘草6克,陈皮6克,竹茹6克。

温胆汤泡脚的禁忌
update:2022-3-4
温胆汤属于是中医当中的一个比较传统的方剂,该方剂是把几种不同的中药材相互配伍之后,经过煎煮后进行泡脚,温胆汤比较适合痰湿体质的人群,该方剂一般要连续使用10-14天,在每次泡脚使用的时候,泡脚水达到脚面的部位泡25分钟左右即可,当然水温不能太高,如果水凉了可以加热水。
温胆汤泡脚的禁忌
如果是热胖子(实热型的胖子一般都是比较结实,力气大,饭量大,容易饿,睡眠好,嗓门大,脸红唇红,皮肤比较粗糙),就直接用这个方子;寒胖子(一般肤色黄暗或黄白的肥胖,其皮肤湿润,体型腹大而松软,臀腿松坠,食欲旺盛、易疲劳、多汗或易汗,浮肿,尤其是下肢浮肿为多,且多伴有膝关节疼痛),就把方中的竹茹去掉。如您寒湿严重(舌体白,舌苔白腻,齿痕明显,容易腹泻),无湿热特征(无黄苔,无舌体红,无大便干燥,小便黄的特征),则可每付加生姜3-4片同煮。
小贴士:
刚开始泡温胆汤最好连续泡8-10天,如果痰湿或湿热非常重,刚开始泡温胆汤最好连续泡10-14天;后续可每周泡2-4次,或每个月在感觉症状明显的时候连续泡7-14天。
温胆汤的功效与作用
温胆汤中的多种中药材,都是能清热解毒的中药材,人们在服用后,就可以清理身体内的热度,而且还能针对人们因为热毒出现的心烦焦虑等,都有很好的调节作用,能清热除烦,另外还可以安神,在日常生活中,如果出现心神不宁或者是失眠多梦等情况,就可以通过这样的传统方剂,进而能提高人们的肝胆功能,进而能减轻人们的这些症状。而且这也是一种可以清热方剂,能清除人们身体内的热毒,还能清理人们身体内的湿热,针对湿热引起的呕吐等,都有很好的治疗作用。
温胆汤泡脚配方
配方:茯苓30克,陈皮6克,法半夏6克,竹茹6克,枳实6克,炙甘草6克
用法:上述药材熬水,大火煮开后,小火再煮30分钟,滤出药汁,然后将药汁分成两份,早晚兑入温热水泡脚,水温不要太热,水淹过脚背即可,泡25分钟左右为宜。
一般体内有痰湿的人,脾胃吸收的能力还不如脚底经络吸收的好
Referenced from:http://www.360doc.com/content/20/1114/22/38574890_945872818.shtml

top 命令可列出各个进程对系统资源的利用情况。其中有 VIRT, RES, SHR, CODE, DATA 等几个字段,用来描述进程对内存的使用情况。(后二者默认不展示,需要按下 F 键,将相关字段调出来)。

top virt
VIRT Virtual Memory Size (KiB):进程使用的所有虚拟内存;包括代码(code)、数据(data)、共享库(shared libraries),以及被换出(swap out)到交换区和映射了(map)但尚未使用(未载入实体内存)的部分。

top res
RES Resident Memory Size (KiB):进程所占用的所有实体内存(physical memory),不包括被换出到交换区的部分。

top shr
SHR Shared Memory Size (KiB):进程可读的全部共享内存,并非所有部分都包含在 RES 中。它反映了可能被其他进程共享的内存部分。
top code
CODE Code Size (KiB):进程所占用的实体内存中,可执行代码所占用的内存大小。此项亦称为驻存代码集合(Text Resident Set, TRS)。
top data
DATA Data + Stack Size (KiB):进程所占用的实体内存中,除去可执行代码所占用部分之外的内存大小。此项亦称为驻存数据集合(Data Resident Set, DRS)。

top 命令的数据源
top 命令读取的是 /proc/<pid>/statm 当中的数据。

你可以通过 cat /proc/<pid>/statm 来查看。它有 7 列,分别是以内存页计算的 VIRT, RES, SHR, CODE, LRS, DATA, DIRTY。其中 LRS 和 DIRTY 自 Linux 2.6 开始不再使用。内存页的大小是 4KiB,因此,将内存页的数量乘以 4,就是以 KiB 计算的内存占用大小。
top 内存泄漏
如果观察到程序稳定运行时 RES - SHR 不断增长,则可能预示着程序存在内存泄漏现象。

top 内存泄漏 分析解决步骤
A、第一次分析与处理
现象:%MEM 字段 ,进程使用的物理内存百分比 与 VIRT 字段,进程使用的虚拟内存总量,均随运行时间不断增加

分析: 明显的发生了内存泄漏,很容易想到new的数据是否delete。通过分析 问题出在 其他人的 数据模拟模块相关代码中:new 的数据没有delete掉。

优化: 于是优化相关代码后再次验证,确保所有new的数据均得到正确的delete,也包括malloc申请的空间也得到正确的free。

B、第二次分析与处理
现象: 再次通过top命令采集数据, %MEM 字段 ,进程使用的物理内存百分比 与 RES 字段进程使用的、未被换出的物理内存大小 不再增加 , 但是VIRT 字段,进程使用的虚拟内存总量还是在不断增加

分析: %MEM 字段 与 RES 字段 不再增加说明第一次分析与处理的效果是有的。继续计算出VIRT字段数据每次增加的量,发现每次增加的是一个固定值。

比较下 实存(RES) 与 虚存(VIRT) 具体包括什么:

VIRT: 进程“需要的”虚拟内存大小,包括进程使用的库、代码、数据,以及malloc、new分配的堆空间和分配的栈空间等;

RES: 进程当前使用的内存大小,包括使用中的malloc、new分配的堆空间和分配的栈空间,但不包括swap out量;

相比于 RES,VIRT还包括了进 程使用的库、代码、数据,受到 文章 http://bbs.chinaunix.net/thread-682816-1-1.html 的启发对 线程的申请释放进行了排查,通过 函数 pthread_setname_np 给每个线程取不同名字(15个字符) 参见 https://blog.csdn.net/lqy971966/article/details/104752947 ,重新编译并运行程序,通过 命令ps -T -p 进程号 查看某个进程的线程 ,可以发现有几个名字的线程数量在不断增加,线程没有回收释放,而这正是导致VIRT不断增加的原因,进一步分析代码问题还是出在数据模拟模块相关代码中。