项目背景
由于原始项目: https://github.com/telephone/LookingGlass/
原作者已有数年未更新维护且项目仅为英文版 ( 最新版本号: v1.3.0 ) ,所以本次采用国人基于原项目 v1.3.0 进行一些汉化及优化版本。
- Fork后的修改:
- 修改IPv4下的路由追踪,结果将包含由IPIP提供的IP地理信息数据
- 修改configure.sh文件测试文件生成方式,改由DD命令生成测试文件
- 汉化index.php文件,并适度修改底部作者信息
- 添加英文页面,调整路由追踪结果语言
- 修改IPv6下的路由追踪,结果将包含由IPIP提供的IP地理信息数据
项目地址:https://github.com/ILLKX/LookingGlass
部署流程
环境要求
- PHP >= 5.3
- PHP PDO with SQLite driver (required for rate-limit)
- SSH/Terminal access (able to install commands/functions if non-existent)
环境安装
此处忽略Nginx安装,请自行准备
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
yum install -y php55w-fpm php55w-pdo
项目包准备
mkdir /opt/web_static
cd /opt/web_static/
wget https://github.com/ILLKX/LookingGlass/archive/master.zip
unzip master.zip
LookingGlass-master/LookingGlass
# 执行安装,脚本会自行安装相关依赖及编译
./configure.sh
在安装最后会有如下提示指引你做初始配置
配置流程:
### ###
# Starting configuration #
### ###
Running setup:
Enter your website name (Header/Logo) []: NesNode
Enter the public URL to this LG (including http://) []: https://looking-glass.nestealin.com
Enter the servers location []: AUS-SYD-1-Node
Enter the test IPv4 address []: 8.8.8.8
Enter the test IPv6 address (Re-enter everytime this script is run) []:
Enter the size of test files in MB (Example: 25 50 100) []: 25
Do you wish to enable rate limiting of network commands? (y/n): y
Enter the # of commands allowed per hour (per IP) []: 5
Removing old test files:
Creating new test files:
Creating 25MB test file
Would you like to choose a different theme? (y/n): n
Creating Config.php...
Creating SQLite database...
Enter the username of your webserver (E.g. www-data): www
Enter the user group of your webserver (E.g. www-data): www
Fixing MTR permissions...
Fixing besttrace permissions...
Installation is complete
PHP-FPM配置
vi /etc/php-fpm.d/www.conf
将 listen
、 user
、 group
三个参数注释,并添加如下配置:
listen = /var/run/php5-fpm.sock
listen.owner = www
listen.owner = www
user = www
group = www
用于对接Nginx,请确保Nginx与PHP-FPM运行的系统用户一致。
Nginx配置参考
server {
listen 80;
server_name lookingglass.nestealin.com ;
rewrite ^(.*)$ https://$host$1 permanent;
}
server {
listen 443 ssl;
server_name lookingglass.nestealin.com;
access_log logs/$http_host.access.main.log main;
error_log logs/lookingglass.nestealin.com.error.log error;
ssl_certificate keys/server.cer;
ssl_certificate_key keys/server.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 ;
root /opt/web_static/LookingGlass-master;
set $cgi_pass 'unix:/var/run/php5-fpm.sock';
############# DO NOT EDIT BELOW THIS LINE #############
# Do not send Nginx version
server_tokens off;
# Set index and use UTF-8
index index.php;
charset utf-8;
# Avoid clickjacking. If you need to allow [i]frames, you can use SAMEORIGIN
# or even set an uri with ALLOW-FROM uri
add_header X-Frame-Options DENY;
# This header enables the Cross-site scripting (XSS) filter built into most
# recent web browsers. It's usually enabled by default anyway, so the role
# of this header is to re-enable the filter
add_header X-XSS-Protection "1; mode=block";
# Validate request type
if ($request_method !~ ^(GET|HEAD|POST)$ ) {
return 403;
}
# Disable log for favicon.ico
location = /favicon.ico {
log_not_found off;
access_log off;
}
# Disable log for robots.txt
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny access to private folder/s
# Assumes LookingGlass is on a root install
location ~ ^/LookingGlass {
deny all;
return 404;
}
# Deny access to hidden files/folders
location ~ /\. {
deny all;
access_log off;
log_not_found off;
return 404;
}
# CSS/IMG/JS caching policy. Access log is turned off by default
location ~* \.(?:css|js|gif|jpe?g|png)$ {
access_log off;
expires 30d;
add_header Cache-Control public;
break;
}
# Disable Gzip for test files
location ~* \.test$ {
gzip off;
sendfile on;
}
# Full PHP setup. No includes necessary
location ~ \.php$ {
fastcgi_pass $cgi_pass;
fastcgi_index index.php;
# FastCGI params
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param REDIRECT_STATUS 200;
# Enable output buffering
try_files $uri = 404;
fastcgi_buffering on;
fastcgi_buffer_size 1k;
fastcgi_buffers 128 1k;
fastcgi_max_temp_file_size 0;
gzip off;
}
}
启动 PHP-FPM 及 reload Nginx 即可完成部署
service php-fpm start
chkconfig php-fpm on
访问验证
访问地址:https://lookingglass.nestealin.com/
Host
用于获取域名DNS解析
MTR
用于检测远程主机到目标主机的时延信息
Traceroute/Besttrace
用于检测远程主机到目标主机的路由线路走向
触发限频
可能遇到的问题
执行traceroute时没有反应
请确保运行 PHP-FPM 的系统用户有权限执行besttrace命令; 如果本机已存在besttrace也请确保有相关执行权限。
解决方式参考:
chown root.root /usr/local/besttrace/besttrace chmod +s /usr/local/besttrace/besttrace
其他
暴雪战网的Looking-Glass: https://looking-glass.battlenet.com.cn/?lang=zh_Hans_CN
Vultr的Looking-Glass: https://sgp-ping.vultr.com/
Bandwagon的Looking-Glass: https://dc3.bwg.net/lg/