Archive for the ‘Documentation’ Category

How to allow pings through a Windows Xp/Vista/7 firewall.

Open a command prompt using “Run as administrator” (Right mouse click on “Command Prompt” in Accessories.).

Enter:
netsh firewall set icmpsetting 8 enable

In Windows 7, this command has been deprecated and replaced with the following:

netsh advfirewall firewall add rule name=”ICMP Allow incoming V4 echo request” protocol=icmpv4:8,any dir=in action=allow

In Windows Server 2012 R2, to allow RDP access:

netsh advfirewall firewall add rule name=”RDP Allowed” protocol=tcp localport=3389 dir=in action=allow

Yum through a proxy with and without authentication.

Make sure you no other yum update service/process running.

Proxy variable without authentication:

export http_proxy=”http://proxyserver:port”

Proxy variable with authentication:

export http_proxy=”http://username:password@proxyserver:port”

How to configure VNC on CentOS/RedHat/Fedora

Configure VNC to run at startup

vi /etc/sysconfig/vncservers

VNCSERVERS=”1:username”
VNCSERVERARGS[1]=”-geometry 1024×768″

Use ntsysv to configure vncserver to run at startup.

Configure vnc session to use GNOME

su – username # if necessary
cd .vnc
cp -p xstartup xstartup.orig

vi xstartup
###Begin file###
#!/bin/sh

# Uncomment the following two lines for normal desktop:
unset SESSION_MANAGER
exec /etc/X11/xinit/xinitrc

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
xterm -geometry 80×24+10+10 -ls -title “$VNCDESKTOP Desktop” &
startx &
###End file###

Note: Make sure there is not blank line after the startx line.

service vncserver restart

Use your vnc client to connect to hostname:1.

Great tools for monitoring linux performance real time.

top: Basic system monitoring tool. The following three tools use the same kind of display method.

iptstate: Used to monitor iptables traffic.

atop: Used to monitor overall system. Keeps historical data too.

iftop: Used to monitor network interfaces

Examples:

iptstate -f -L -t

atop 3

iftop -i eth1

top

Using tar over ssh.

Backup to a remote file location using tar over ssh:
tar cvzf – /localdirectory | ssh ssh root@remotehostname “dd of=/remotefilename”

Backup to a remote tape device using tar over ssh:
tar cvzf – /localdirectory | ssh ssh root@remotehostname $(mt -f remotetapedevice rewind; dd of=/remotetapedevice)$

Restore from a remote file location using tar over ssh:
cd /
ssh root@remotehostname “dd if=/remotefilename” | tar zxvf –

Examples:
Backup:
tar cvzf – /boot | ssh ssh root@thisis.myserver.name “dd of=/backup/boot.tar.gz”
tar cvzf – /boot | ssh ssh root@thisis.myserver.name $(mt -f /dev/nrst0 rewind; dd of=/dev/nrst0)$
Restore:
ssh root@thisis.myserver.name “dd if=/boot.tar.gz” | tar zxvf –

Used to successfully shrink a Microsoft SQL 2000 database.

Note: I do not believe that I have to do all this, but it did work. It did not shrink the log using the DBCC commands below as expected. I will update as learn more, but needed to get this written down, since it did achieve what I had wanted (to reduce the size of the log).

From isql:
DBCC SHRINKFILE(dblogname, size)
BACKUP log dbname WITH TRUNCATE_ONLY
DBCC SHRINKFILE(dblogname, size)

From MSSQL Enterprise manager:

Shrink DB Option in Enterprise Manager

Shrink DB Window

Shrink DB File Window

Postfix address rewriting or delivery test.

sendmail -bv emailaddress

From the sendmail man page:

-bv Do not collect or deliver a message. Instead, send an email
report after verifying each recipient address. This is useful
for testing address rewriting and routing configurations.

How to modify bind order in Windows XP.

This is where you modify the bind order of network interfaces in Windows XP.

Interface Bind Order

It is best to make sure the Remote connections or VPN interfaces are at the bottom to avoid sending unnecessary traffic over the remote connection.

Debugging email address problems in sendmail.

sendmail -bt
3,0 someemailaddress

sendmail -bt -d21.4
3,0 someemailaddress

sendmail -bt -d41.4
3,0 someemailaddress

sendmail -bt -d60.1 -d32.12
3,0 someemailaddress

SMTP Auth using saslauthd and IMAP authentication – Redhat/CentOS/Fedora

I used the following procedure to support SMTP Auth on a CentOS5 machine.

Created a name in my DNS to use for the outgoing mail server on remote mail clients. This will allow me to easilly migrate the service to another server or IP address.

Made the following modifications my /etc/postfix/mail.cf. This configures postfix to support SMTP Auth.

vi /etc/postfix/main.cf

# JGZ 4/16/2008 – Begin – To enable SMTP Auth using dovecot (IMAP) authentication.
# Enable SASL Authentication
smtpd_sasl_auth_enable = yes

# Report Authenticated Username In Headers
smtpd_sasl_authenticated_header = yes

# Set Path for SASL Auth (this references the smtpd.conf file created earlier)
smtpd_sasl_path = smtpd

# Support Broken Microsoft Clients
broken_sasl_auth_clients = yes

# Enable on authenticated user to send
smtpd_recipient_restrictions = permit_sasl_authenticated, reject_unauth_destination
# JGZ 4/16/2008 – End – To enable SMTP Auth using dovecot (IMAP) authentication.

Reload postfix to implement the changes:
postfix reload

Made a backup copy of my /etc/sysconfig/saslauthd:
cp -p /etc/sysconfig/saslauthd /etc/sysconfig/saslauthd.orig

Modify /etc/sysconfig/saslauthd to support IMAP authentication and specify the remote IMAP server. Note: you can use a name or IP address. Furthermore, you can use 127.0.0.1 is running the IMAP server on the same machine. I used a name to better accommodate changes I might need to make.
vi /etc/sysconfig/saslauthd

# JGZ 4/16/2008 – to authenicate via IMAP server
MECH=”rimap”

# JGZ 4/16/2008 – To send authentication request to remote server.
#FLAGS=
FLAGS=”-O imap.server.name”

Start saslauthd.
service saslauthd start

Configure saslauthd to start at boot up via ntsysv.

This works well. It is very simple. While the IMAP password is transmitted twice to send and receive mail, the password is encrypted.

Return top

INFORMATION