Postfix SMTP Rotating IP using IPTables

I got 5 Public IPs. i’m Gonna configure them, so Postfix can use multiple interfaces/ips for outgoing smtp connections.

First we need creating Interface aliases for those 5 public IPs.

In my system, using centos:

# cd /etc/sysconfig/network-scripts/
# cp ifcfg-eth0 ifcfg-eth0:1
Edit ifcfg-eth0:1
# vi ifcfg-eth0\:1
DEVICE=eth0 <-- default device
HWADDR=XX:XX:XX:XX:XX:XX
ONBOOT=yes
TYPE=Ethernet
BOOTPROTO=none
IPADDR=202.XXX.XX.2 <-- default eth0 IP address
PREFIX=24
GATEWAY=202.XXX.XX.1
DNS1=202.XXX.XX.XX

Change DEVICE and IPADDR parameters Continue reading “Postfix SMTP Rotating IP using IPTables” »

Share

vestacp open: /etc/named.conf: permission denied

This was the error I was getting after a doing a little change in the named.conf in my newly installed vesta control panel. While restarting the named, I was getting this error-

[root@vesta2 ~]# systemctl status named.service
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Mon 2022-08-01 14:37:25 +06; 6s ago
Process: 3478 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=1/FAILURE)
Process: 3475 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS)

Aug 01 14:37:25 vesta2.geospacehosting.com named[3480]: found 2 CPUs, using 2 worker threads
Aug 01 14:37:25 vesta2.geospacehosting.com named[3480]: using 1 UDP listener per interface
Aug 01 14:37:25 vesta2.geospacehosting.com named[3480]: using up to 21000 sockets
Aug 01 14:37:25 vesta2.geospacehosting.com named[3480]: loading configuration from '/etc/named.conf'
Aug 01 14:37:25 vesta2.geospacehosting.com named[3480]: open: /etc/named.conf: permission denied
Aug 01 14:37:25 vesta2.geospacehosting.com named[3480]: loading configuration: permission denied
Aug 01 14:37:25 vesta2.geospacehosting.com systemd[1]: named.service: control process exited, code=exited status=1
Aug 01 14:37:25 vesta2.geospacehosting.com systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
Aug 01 14:37:25 vesta2.geospacehosting.com systemd[1]: Unit named.service entered failed state.
Aug 01 14:37:25 vesta2.geospacehosting.com systemd[1]: named.service failed.

Solution:

Step-1: Execute the following command-

restorecon -RFv /etc/named.conf

Step-2: Setting permission-

chmod 644 /etc/named.conf
Share

Observium Installer Script on Ubuntu 20.04 or Debian 11

Automated Installation

Observium has an automated install script for use on Ubuntu and Debian systems. Using the automated installation script is as easy as downloading it, running it and answering a few simple questions, start with:

wget http://www.observium.org/observium_installscript.sh
chmod +x observium_installscript.sh
./observium_installscript.sh

You may need to install wget on bare installations

apt install wget

For manual installation you may read the link below-

https://docs.observium.org/install_debian/#manual-installation

Share

Enabling Ping requests to OCI Instance

If you want to test with Ping requests you’ll need to modify the Ingress rules on the security list associated with the VCN, Subnet, network device, thing, what ever, to allow ICMP packets. Allowing ICMP traffic is not required, it’s an option. Please only take this option if you understand the possible impact. The following directions cover enabling ICMP requests for a subnet. Continue reading “Enabling Ping requests to OCI Instance” »

Share

Generating an SSH Key Pair on Windows Using the PuTTYgen and use it on OCI with machine instance

The PuTTYgen program is part of PuTTY, an open source networking client for the Windows platform.
To generate an SSH key pair on Windows using the PuTTYgen program:

  1. Download and install PuTTY or PuTTYgen.To download PuTTY or PuTTYgen, go to http://www.putty.org/ and click the You can download PuTTY here link.
  2. Run the PuTTYgen program.The PuTTY Key Generator window is displayed.
  3. Set the Type of key to generate option to SSH-2 RSA.
  4. In the Number of bits in a generated key box, enter 2048.
  5. Click Generate to generate a public/private key pair.As the key is being generated, move the mouse around the blank area as directed. (Optional) Enter a passphrase for the private key in the Key passphrase box and reenter it in the Confirm passphrase box.
  6. Click Save private key to save the private key to a file. To adhere to file-naming conventions, you should give the private key file an extension of .ppk (PuTTY private key). Note: The .ppk file extension indicates that the private key is in PuTTY’s proprietary format. You must use a key of this format when using PuTTY as your SSH client. It cannot be used with other SSH client tools. Refer to the PuTTY documentation to convert a private key in this format to a different format.
  7. Select all of the characters in the Public key for pasting into OpenSSH authorized_keys file box.Make sure you select all the characters, not just the ones you can see in the narrow window. If a scroll bar is next to the characters, you aren’t seeing all the characters.


    Example-

    ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEA0Bp2Pf+u2KfbackWAjOYbtT1Ub8oLhWFrAShUqXk5QjDZI2K/p8y/9sY3S9bNJThWvdFFsY7EjQZmiEL1vlj+/AaZ3/Ht3/WHR9R6zOeEr3nDxoN13jVZH9QU0a7028xf2R35Y4a3CI3TOCUPnvJN2B38rZ9Ruz/HMjOrEit7PhKSJ2OD2xdqVHI3lDXQ75aO1r79kC3lYL7PD+R0zHjtj0ugwbd97SUB02T85yjeJelBfHFni62vC+MF9bo0h0ZMKqP1PYKhxkgYTv+vK+ZxNoLgNOeTDf8HDvkHBuSTnuJL5tF8VEakIJ2uK9ht8uSKtQcNcrmtTmYlIcCI6THOw== rsa-key-20220629
  8. Right-click somewhere in the selected text and select Copy from the menu.
  9. Open a text editor and paste the characters, just as you copied them. Start at the first character in the text editor, and do not insert any line breaks.
  10. Save the text file in the same folder where you saved the private key, using the .pub extension to indicate that the file contains a public key.
    1. If you or others are going to use an SSH client that requires the OpenSSH format for private keys (such as the ssh utility on Linux), export the private key:On the Conversions menu, choose Export OpenSSH key.
    2. Save the private key in OpenSSH format in the same folder where you saved the private key in .ppk format, using an extension such as .openssh to indicate the file’s content.
Share

Install MariaDB 10 on Centos or Springdale Linux

Step 1: Add MariaDB Yum Repository

Start by adding the MariaDB YUM repository file MariaDB.repo for RHEL/CentOS and Fedora systems.

# nano /etc/yum.repos.d/MariaDB.repo

Now add the following lines to your respective Linux distribution version as shown.

[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.1/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1

Continue reading “Install MariaDB 10 on Centos or Springdale Linux” »

Share

Disable ipv6 on Linux Machine

Disable on Centos/RHEL system:

1. Append below lines in /etc/sysctl.conf:

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1

NOTE : To disable IPv6 on a single interface add below lines to /etc/sysctl.conf :

net.ipv6.conf.[interface].disable_ipv6 = 1 ### put interface name here [interface]
net.ipv6.conf.default.disable_ipv6 = 1

2. To make the settings affective, execute :

# sysctl -p

Disable on Debian/Ubuntu system:

One method to make this option persist is modifying /etc/sysctl.conf.  Add the following lines to the file:

net.ipv6.conf.all.disable_ipv6=1
net.ipv6.conf.default.disable_ipv6=1
net.ipv6.conf.lo.disable_ipv6=1

For the settings to take effect use:

sudo sysctl -p
Share

Install Development Tool on CentOS and Debian

Well, in my working domain I face these tools to be installed, so that most of the dependent tools or programs that need to be deployed later don’t face much of dependency issue. So here goes the installation process for both the OS.

On CentOS/RHEL system use the follwoing command (either one of it would work)-

Type the following yum command as root user:

# yum group install "Development Tools"

Continue reading “Install Development Tool on CentOS and Debian” »

Share

Install Proxmox VE 7 on Debian 11 (Bullseye)

Step 1: Update Debian OS

Ensure your Debian 11 (Bullseye) operating system is upgraded.

sudo apt -y update && sudo apt -y upgrade

Once the upgrade process is complete, reboot the server

sudo systemctl reboot

Step 2: Set Proxmox Server hostname

Let’s set a hostname on the server

sudo hostnamectl set-hostname proxmox7node01.example.com --static

Replaceproxmox7node01.example.com with correct hostname you’re setting on your system. Get the IP address of the primary interface: Continue reading “Install Proxmox VE 7 on Debian 11 (Bullseye)” »

Share

Delete Old Unused Kernels in Debian

To find out the current version of Linux kernel running on your system, use the following command.

$ uname -sr
Linux 4.12.0-041200-generic

To list all installed kernels on your system, issue this command.

$ dpkg -l | grep linux-image | awk '{print$2}'

linux-image-4.12.0-041200-generic
linux-image-4.8.0-22-generic
linux-image-extra-4.8.0-22-generic
linux-image-generic

Remove Old Unused Kernels on Debian and Ubuntu

Run the commands below to remove a particular linux-image along with its configuration files, then update grub2 configuration, and lastly reboot the system.

$ sudo apt remove --purge linux-image-4.4.0-21-generic
$ sudo update-grub2
$ sudo reboot
Share