Administrations

Squid as Transparent Proxy on CentOs 6.4

by

In this tutorial I am going to configure squid acting as transparent proxy what does it means? It means we have no part of configurations on the client end, just to setup squid in transparent proxy mode so it will sits between client and internet. And redirect their port 80 requests to 3128 port which is default squid port. Here the simple steps which you need to perform on squid server.

Lab Environment: 

  • CetnOs 6.4 (as squid transparent proxy server), Hostname = pxy.lintut.com
  • eth0 : (Connected to Internet) IP = 192.168.1.211/24, Gateway = 192.168.1.1 and DNS = 8.8.8.8
  • eth1 : (Connected to LAN) IP = 10.0.0.1/24, and DNS = 172.0.0.1
  • Xp Pro SP3 (Client PC for testing). Hostname = xp1.lintut.com IP = 10.0.0.11/8, Gateway = 10.0.0.1(squid Server’s IP) and DNS = 10.0.0.3

Step-1 Installing squid packages.

yum install squid -y

Step-2 Edit squid configuration file ‘/etc/squid/squid.conf’.

Read more

Share

Reset lost root password on Ubuntu 18.04 Bionic Beaver Linux

by

Boot Into GRUB menu

The first step is to reboot into the GRUB menu. If Ubuntu 18.04 Bionic Beaver is the only operating system installed you need to keep pressing SHIFT for the GRUB menu to show up.

Edit Grub Menu

Using arrows select the Ubuntu menu or the menu you use to boot your system and hit the e key. This will allow you to edit the menu:

Read more

Share

install and Configure SAMBA in Debian Squeeze

by

Samba is a free software re-implementation of SMB/CIFS networking protocol, originally developed by Australian Andrew Tridgell. As of version 3, Samba provides file and print services for various Microsoft Windows clients and can integrate with a Windows Server domain, either as a Primary Domain Controller (PDC) or as a domain member. It can also be part of an Active Directory domain.Samba runs on most Unix and Unix-like systems, such as Linux, Solaris, AIX and the BSD variants, including Apple’s Mac OS X Server (which was added to the Mac OS X client in version 10.2). Samba is standard on nearly all distributions of Linux and is commonly included as a basic system service on other Unix-based operating systems as well. Samba is released under the GNU General Public License. The name Samba comes from SMB (Server Message Block), the name of the standard protocol used by the Microsoft Windows network file system.  (Wikipedia).

1-Specify  the  Samba Server

lets give my example server with IP 192.168.58.142

2- Install Samba

open  terminal and  install samba package and dependencies

$sudo apt-get install libcupsys2 samba samba-common

You will see the following questions:

Read more

Share

Change cluster node IP in Proxmox

by

To update the present cluster host proxmox following files need to be updated:

/etc/network/interfaces
/etc/hosts
/etc/pve/corosync.conf (only on one node necessary)

However, corosync.conf needs special way to edit the file!

Edit corosync.conf

Editing the corosync.conf file is not always very straightforward. There are two on each cluster node, one in /etc/pve/corosync.conf and the other in /etc/corosync/corosync.conf. Editing the one in our cluster file system will propagate the changes to the local one, but not vice versa. The configuration will get updated automatically as soon as the file changes. This means changes which can be integrated in a running corosync will take effect immediately. So you should always make a copy and edit that instead, to avoid triggering some unwanted changes by an in-between safe.

cp /etc/pve/corosync.conf /etc/pve/corosync.conf.new

Then open the config file with your favorite editor, nano and vim.tiny are preinstalled on any Proxmox VE node for example.

Read more

Share

Enable and install SSL on Debian 8 apache server

by

Configure Apache2 for SSL.

root@www:~# vi /etc/apache2/sites-available/default-ssl.conf
# line 3: change to webmaster's email

ServerAdmin webmaster@srv.world
# line 32,33: change to the one created in [1]

SSLCertificateFile /etc/ssl/private/server.crt

SSLCertificateKeyFile /etc/ssl/private/server.key
root@www:~# a2ensite default-ssl
Enabling site default-ssl.

Read more

Share

How to define outgoing firewall rules on pFSense

by

LAN rules are defining rights to access internet services from your local network. So, if you block port 80 and 443 nobody from your LAN will be able to access internet. WAN rules are defining access to the resources in your LAN (or DMZ) from the internet. In this short LAB we`ll be defining LAN rules. Let’s say we want to block access to the port 443 from our local network.

My blog is on port 443, so after defining this rule we should not be able to access my blog from LAB network (or any other HTTPS secured website for that matter)

Login to your pFSense configuration via web browser – mine is is still located on http://10.20.20.1/

Select Firewall | Rules

Read more

Share

Boot CentOS 8 / RHEL 8 Server in Single User Mode or root password reset

by

Using “rd.break” keyword

Reboot Your CentOS 8 or RHEL 8 Server and go to grub boot loader screen by interrupting auto boot and choose first line which includes the kernel (In case you have multiple kernel lines choose the appropriate one which suits to your environment). Below is the CentOS 8 boot loader screen,

Press ‘e’ to enter in the edit mode and then go to the end of line which starts with ‘linux‘ word, type the keyword “rd.break”

Read more

Share

Clone KVM-based Virtual Machines on Redhat / CentOS Linux

by

Prerequisite: Operating System and Software Versions

  • Operating System: – Redhat 7.3
  • Software: – libvirtd (libvirt) 2.0.0

Obtain Source Virtual Machine’s information

Before we begin cloning any virtual machine we first need to obtain some basic information about it. The absolute minimum information required about the source virtual machine we are about to clone would be its name and number of disk in use. To get virtual machines name run:

# virsh list
Id Name State
----------------------------------------------------
1 server1.local running

Next, we may would like to know the number of disk our source virtual machines is using as well as its location. The information about disks location is optional as it only provides us with a hint on where to store new clone disk files for the sake of consistency: # virsh dumpxml server1.local | grep "source file"
<source file='/var/lib/libvirt/images/server1.local.qcow2'/>
<source file='/var/lib/libvirt/images/server1.local-1.qcow2'/>
<source file='/var/lib/libvirt/images/server1.local-2.qcow2'/>

From the above output we can see that our original virtual machine has three disks stored in location /var/lib/libvirt/images/.

Read more

Share

Ubuntu 18.04: Disable Netplan switch back to networking /etc/network/interfaces

by

The following procedure works for Ubuntu 18.04 (Bionic Beaver)

I. Reinstall the ifupdown package:

# apt-get update
# apt-get install ifupdown

II. Configure your /etc/network/interfaces file with configuration stanzas such as:

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

allow-hotplug enp0s3
auto enp0s3
iface enp0s3 inet static
address 192.168.1.133
netmask 255.255.255.0
broadcast 192.168.1.255
gateway 192.168.1.1
# Only relevant if you make use of RESOLVCONF(8)
# or similar...
dns-nameservers 1.1.1.1 1.0.0.1

III. Make the configuration effective (no reboot needed):

Read more

Share