Clear PageCache only
# sync; echo 1 > /proc/sys/vm/drop_caches
Clear dentries and inodes
# sync; echo 2 > /proc/sys/vm/drop_caches
Clear PageCache, dentries and inodes
# sync; echo 3 > /proc/sys/vm/drop_caches
Seperate Private Key and Certificate file
#Generate certificates bundle file
openssl pkcs12 -nokeys -in server-cert-key-bundle.p12 -out server-ca-cert-bundle.pem
#Generate server key file.
openssl pkcs12 -nocerts -nodes -in server-cert-key-bundle.p12 -out server.key
Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM
openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes
Create a .pfx/.p12 certificate file using OpenSSL
openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt
Src: https://www.sslshopper.com/article-most-common-openssl-commands.html
1. Get the bundle from Comodo in crt format, or sometimes like a zip file.
2. Place the bundle on your Zimbra mailbox server. You should receive, or download, the next files:
AddTrustExternalCARoot.crt COMODORSAAddTrustCA.crt COMODORSADomainValidationSecureServerCA.crt my_domain_com.crt
or
since comodo is acquired by Sectigo, the updated zip might appear as below: Continue reading “Installing a Comodo SSL on Zimbra using CLI” »
Over the years, it has become a key element of Pohela Boishakh celebrations. The world’s most popular search engine has created a doodle depicting the Mongol Shobhajatra procession to welcome Pohela Boishakh, the first day of the Bangla New Year.
The doodle, featuring a tiger, has been on Google’s homepage since early Sunday.
Mongol Shobhajatra was inscribed on Unesco’s Representative List of Intangible Cultural Heritage in November 2016.
The procession, introduced in Jessore in 1985—and replicated in Dhaka in 1989—features large colourful masks, carnival floats of birds and animals, and other motifs of Bangladeshi culture.
Over the years, it has become a key element of the Pohela Boishakh celebrations among Bangalis at home and abroad.
Radical Islamist groups and parties have been demanding that the procession be scrapped, dubbing it “anti-Islamic.”
Pohela Boishakh celebrations started during Mughal Emperor Akbar’s reign, when it was customary to clear all dues on the last day of the Bangla month Chaitra as businessmen would open “halkhata” — new books of accounts for the new year.
A Google Doodle is a special, temporary, alteration of the logo on Google’s homepage that is intended to celebrate: holidays, events, achievements, and people. Google Doodles were introduced in 1998.
Today we will setup a Site to Site ipsec VPN with Strongswan, which will be configured with PreShared Key Authentication.
After our tunnels are established, we will be able to reach the private ips over the vpn tunnels.
Get the Dependencies:
Update your repository indexes and install strongswan:
$ apt update && sudo apt upgrade -y $ apt install strongswan -y
Set the following kernel parameters:
$ cat >> /etc/sysctl.conf << EOF net.ipv4.ip_forward = 1 net.ipv4.conf.all.accept_redirects = 0 net.ipv4.conf.all.send_redirects = 0 EOF $ sysctl -p /etc/sysctl.conf
Generate Preshared Key:
We will need a preshared key that both servers will use: Continue reading “Setup a Site to Site IPsec VPN With Strongswan and PreShared Key Authentication” »
In the admin interface go to
Global Settings -> General Information -> Default domain and enter the name of your domain.
Users in that domain can now login without the @domain part.
You can get the correct version here at this URL:
https://developer.apple.com/download/more/
to download a your version of Xcode you want. Specifically, get 9.2.1. This is the recent version that works with mac OS Sierra.
Alternatively, this link works good too-
Before going into how to use the scp command, let’s start by reviewing the basic syntax. The scp utility expressions take the following form:
scp [OPTION] [user@]SRC_HOST:]file1 [user@]DEST_HOST:]file2
OPTION – scp options such as cipher, ssh configuration, ssh port, limit, recursive copy ..etc
[user@]SRC_HOST:]file1 – Source file.
[user@]DEST_HOST:]file2 – Destination file
Local file should be specified using an absolute or relative path while remote file names should include a user and host specification.
scp provides a number of options that control every aspect of its behavior. The most widely used options are:
-P Specifies the remote host ssh port.
-p Preserves files modification and access times.
-q Use this option if you want to suppress the progress meter and non-error messages.
-C. This option will force scp to compresses the data as it is sent to the destination machine.
-r This option will tell scp to recursively copy directories. Continue reading “SCP Command Syntax” »
You can make a general IP ban list. You need to go to Port forwarding / Destination NAT
It is important the rule is the first one, else the precending rules will overide the block. If you a list of country and/or IP CIR go to www countryipblocks net
In this tutorial, I use the hostname server1.example.com with the IP p 192.168.1.100. These settings might differ for you, so you have to replace them where appropriate.
I will add the EPEL repo here to install latest phpMyAdmin as follows:
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY* yum -y install epel-release
To edit files on the shell, I’ll install the nano editor. If you prefer vi for file editing, then skip this step.
yum -y install nano
Installing MySQL / MariaDB
MariaDB is a MySQL fork of the original MySQL developer Monty Widenius. MariaDB is compatible with MySQL and I’ve chosen to use MariaDB here instead of MySQL. Run this command to install MariaDB with yum:
yum -y install mariadb-server mariadb
Then we create the system startup links for MySQL (so that MySQL starts automatically whenever the system boots) and start the MySQL server: Continue reading “Install LAMP on Centos 7 with PHP 5.x/7.0/7.1/7.2” »
After you login in you Endian Appliance, simply issue the following command:
root@endian # netwizard
You will be asked a couple of questions. If the network has already been configured, the current values are shown: simply press Enter if you want to keep that value. The snippet below shows some possible values. Note that you should enter the network interfaces as eth1, eth2, and so on and not as br0, br1, and so on. IP ranges should be written in CIDR notation.
Network Configuration Wizard ---------------------------- Hostname? myappliance. Domain? mydomain RED interface type <STATIC/DHCP/GATEWAY>? DHCP RED device <eth0/eth1/eth2/eth3>? eth3 Green devices <eth0/eth1/eth2>? eth0 Green IPs (IP/CIDR)? 172.20.0.1/24 Orange devices <eth1/eth2>? eth1 Orange IPs (IP/CIDR)? 172.21.30.1/24 Blue devices ? eth2 Blue IPs (IP/CIDR)? 172.22.30.1/24 Enable SSH access <on/off>? on Allow access to ports 22, 80 and 10443 from any interface <on/off>? off
Continue reading “Endian Community (3.x)- network configuration using CLI- Netwizard” »
Management URL: https://192.168.0.15:10443 Green IP: 192.168.0.15/24 ----------------- 0) Shell 1) Reboot 2) Change Root Password 3) Change Admin Password 4) Restore Factory Defaults Choice: 0[endian]: login
root's password: Welcome to Endian Firewall Appliance release 2.5-0 (Deployset #0) [endian] root: bash
Continue reading “Endian Community (2.5.1)- Change the green IP address from console” »
