Brain's Workbench
Scenerio-
eth0- 172.30.0.100 | Gateway- 172.30.0.97
eth1- 192.168.2.247 | Gateway- 192.168.2.1
Need to connect to SIP BOX destination (fictitious)- 202.140.1.1
eth0 has not internet access but it uses the mentioned (172.30.0.97) as gateway to reach 202.140.1.1 server
eth0 has internet access by using 192.168.2.1 gateway.
Here goes the configuration on /etc/sysconfig/network-scripts/ifcfg-eth0
Downloading Cacti
You can download the newest version of Cacti from its website.
wget http://www.cacti.net/downloads/cacti-0.8.7b.tar.gz
Installing Cacti
Install apache webserver with php support, mysql database server, snmp, some php modules and rrdtool.
apt-get install apache2 libapache2-mod-php5 php5 php5-cli php5-mysql php5-gd php5-snmp mysql-client mysql-server libmysqlclient15-dev snmp snmpd rrdtool
Add a user account for cacti.
1:1 NAT maps a single Public IP Address to one of your computer within your local area network (LAN). Unlike port forwarding, 1:1 NAT forwards all ports from one external IP to one internal IP.
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.1.2 -j SNAT --to-source 83.229.64.2 iptables -t nat -A PREROUTING -i eth0 -d 83.229.64.2 -j DNAT --to-destination 192.168.1.2 iptables -A FORWARD -s 83.229.64.2 -j ACCEPT iptables -A FORWARD -d 192.168.1.2 -j ACCEPT
Port forwarding allows remote computers, for example, computers on the Internet, to connect to a specific computer or service within a private local area network (LAN).
Typical applications include the following:
In Linux, you can configure port forwarding using iptables command.
The below example is to enable the port forwarding of port 80 of the external ip address “83.229.64.2” to the port 80 of the computer inside the LAN with the ip address of “192.168.1.2”.
iptables -t nat -A PREROUTING -i eth0 -d 83.229.64.1 -p tcp --dport 80 -j DNAT --to-destination 192.168.1.2:80 iptables -A FORWARD -p tcp --dport 80 -j ACCEPT
Assumptions:
NFS Server IP: 172.16.5.100
NFS Client Node1: 172.16.5.101
NFS Client Node2: 172.16.5.102
NFS Client Node3: 172.16.5.103
NFS Client Node4: 172.16.5.104
On the NFS Server:
Install nfs-kernel-server Install nfs-kernel-server and nfs-common Install nfs-common on the computer that has the files to be shared.
apt-get update && sudo apt-get install nfs-kernel-server nfs-common
Edit the exports file that shows what to share and with whom. So run:
Servers do not exist in isolation, and those servers with only the most basic SSH configuration can be vulnerable to brute force attacks. fail2ban provides a way to automatically protect the server from malicious signs. The program works by scanning through log files and reacting to offending actions such as repeated failed login attempts.
Because fail2ban is not available from CentOS, we should start by downloading the EPEL repository:
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
Follow up by installing fail2ban:
yum install fail2ban
The default fail2ban configuration file is location at /etc/fail2ban/jail.conf. The configuration work should not be done in that file, however, and we should instead make a local copy of it.
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
After the file is copied, you can make all of your changes within the new jail.local file. Many of possible services that may need protection are in the file already. Each is located in its own section, configured and turned off.
It’s a silly though, after updated from webGUI zpanel’s dashboard, the updated password wasn’t just working!!!
So had to google a while and found the answer- keeping it for future reference-
setzadmin -set password
Note: In “password” area type “your new password”
That’s it!
For 64 Bit
rpm –import http://fedoraproject.org/static/0608B895.txt
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -ivh epel-release-6-8.noarch.rpm
For 32 Bit
rpm –import http://fedoraproject.org/static/0608B895.txt
wget http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
rpm -ivh epel-release-6-8.noarch.rpm
Additional Add Remi Repo
rpm –import http://rpms.famillecollet.com/RPM-GPG-KEY-remi
rpm -ivh http://rpms.famillecollet.com/enterprise/remi-release-6.rpmyum install yum-priorities
Edit /etc/yum.repos.d/epel.repo…
vi /etc/yum.repos.d/epel.repo
Update: Feb-04-2024
Enable the EPEL Repository on CentOS 6.x, RHEL 6.x, or Oracle Linux 6.4 or higher. This section describes how to download and install the EPEL repository.
Download the EPEL repository:
wget https://archives.fedoraproject.org/pub/archive/epel/6/x86_64/epel-release-6-8.noarch.rpm
Install the EPEL repository:
rpm -Uvh epel-release-6*.rpm
Linux Virtual Server
The Linux Virtual Server Project is a project to cluster many real servers together into a highly available, high-performance virtual server. The LVS load balancer handles connections from clients and passes them on the the real servers (so-called Layer 4 switching) and can virtualize almost any TCP or UDP service, like HTTP, HTTPS, NNTP, FTP, DNS, ssh, POP3, IMAP4, SMTP, etc. It is fully transparent to the client accessing the virtual service.
Homepage: http://www.LinuxVirtualServer.org/
BalanceNG
BalanceNG is a modern software IP load balancing solution. It is small, fast, and easy to use and setup. It offers session persistence, different distribution methods (Round Robin, Random, Weighted Random, Least Session, Least Bandwidth, Hash, Agent, and Randomized Agent) and a customizable UDP health check agent in source code. It supports VRRP to set up high availability configurations on multiple nodes. It supports SNMP, integrating the BALANCENG-MIB with Net-SNMPD. It implements a very fast in-memory IP-to-location database, allowing powerful location-based server load-balancing.
Homepage:http://www.inlab.de/balanceng/
HAproxy
HAproxy is a high-performance and highly-robust TCP and HTTP load balancer which provides cookie-based persistence, content-based switching, advanced traffic regulation with surge protection, automatic failover, run-time regex-based header control, Web-based reporting, advanced logging to help trouble-shooting buggy applications and/or networks, and a few other features. Its own event-driven state machine achieves 20,000 hits per second and surpasses GigaEthernet on modern hardware, even with tens of thousands of simultaneous connections.
Homepage:http://haproxy.1wt.eu/
This article is about setting up MySQL Master-Master database replication between two Cloud Servers. Master-Master data replication allows for replicated data, stored on multiple computers, to be updated by any authorized contributing member of the group. This allows for more open collaboration than Master-Slave replication where any needed changes identified by a group member must to be submitted to the designated “master” of the node.
The operating system we will use is Debian 5 (Lenny).
Installing MySQL