/var/net/sys/admin/blog

Archives for Tutorials category

Objective: to copy/send or tee packets coming from enp3s4f1 and send to a destination IP via the enp3s4f0 management/data port
ServerA = enp3s4f1 (connected to a switch1 span port) (no IP address)
enp3s4f0  (connected to switch2 as management/data port)
(IP is 192.168.100.99)
ServerB destination IP = 192.168.100.100  (same IP range)

This is based on commer’s post in LQ below:

http://www.linuxquestions.org/questions/linux-networking-3/how-to-route-forward-packets-in-promiscuous-mode-832698/

  1. Configure  the bridge interface and bind enp3s4f1  into it. Disable Spanning Tree Protocol (STP) if necessary. Bring up the bridge interface

#brctl addbr br0
#brctl stp br0 off
# brctl addif br0 enp3s4f1
#ifconfig br0 up

Share

My friend had this Raspberry Pi B+ and wants to use it as a media centre to play his video collection from his NAS storage.  I gave him an option to install Raspbian then install on top those open source media player application. Ended up he wanted the easier way so recommended the OpenELEC. But there’s another thing, he only have Macbook Pro as a laptop.

OpenELEC or short for Open Embedded Linux Entertainment Center, is a free and open source operating system that provides functionality as a complete media center as it is built around Kodi(previously XBMC).

Installation procedure:

Share

Installation & Setup of Free Tacacs+ server in Linux
(Tested via GNS3 & VirtualBox)

Software Used:

GNS3 0.8.3.1
-use 3700 IOS as Router & DHCP
-use Ethernet switch to connect hosts
-use VirtualBox guest running on Ubuntu Linux server 12.04.2 LTS

http://shrubbery.net/tac_plus/
ftp://ftp.shrubbery.net/pub/tac_plus

Installation:

1.Login as root and install dependencies such as tcp wrappers and compilation tools e.g. gcc, bison, flex, make

If you’re not sure if these packages are installed, you can use the command:

dpkg -s [packagename]

Sample:

root@freelinux:~# dpkg -s gcc bison flex

Package `gcc’ is not installed and no info is available.

Share

For the tutorial “Securing your OpenSSH server in Linux” , key-based authentication is one way to secure your SSH server. Below are the details how it’s done:

Users can login remotely to Secure Shell(SSH) server using public/private key without typing the password. This can put added security on your boxes as it reduces password cracking attempts. Aside from that, it will give convenience to users especially if running scripts that require SCP or SFTP transfers.

These are the steps on doing this:

1. Generate a public/private key pair on the client to identify on the servers. It can be protected with password/passphrase or choose not to have

Share

Securing your OpenSSH server in Linux

Secure Shell (SSH) is a program used to secure communication between two entities, often used as a replacement for Telnet and the Berkeley protocols such as remote shell (RSH) and remote login (Rlogin). SSH is also used as a secure remote copy utility, replacing traditional protocols such as the File Transfer Protocol (FTP) and Remote Copy Protocol (RCP).

For this tutorial, we are going to demonstrate steps on securing your OpenSSH which is a free version of the SSH protocol suite.

Note: Steps 1-9 can be done by  tweaking your sshd_config and do ssh service restart after changes to take effect.

Share

Linux comes with a built-in syslog package that you can use as a centralized syslog server. Basically, it can be used to send all log files from your network devices or appliances in a remote and centralized location. There are also some popular syslog packages for Linux that you can use  such as syslog-ng,rsyslog & splunk syslog server which all offers more features and flexibility.

On this tutorial, we are going to use the syslogd/sysklogd server which is a multi-platform and proven stable software.

[Syslog Server]

1.verify if the sysklogd package is installed.

Share

The following procedure will install and configure snmp daemon on your Redhat-based distribution such as CentOS & Fedora. Here are the steps:

1. Verify if snmp package is installed, there are few ways

[root@localhost ~]# rpm -qa | grep snmp

[root@localhost ~]# snmpwalk
-bash: snmpwalk: command not found

[root@localhost ~]# ls /etc/snmp*
ls: /etc/snmp*: No such file or directory

This mean net-snmp package is not installed yet

2. Install net-snmp & net-snmp-utils package via yum or up2date

Share

It’s getting important now to have websites that display good on mobile devices, and according to the statistics more than 85% smartphone owners access the internet on their mobile devices. There are a lot of ways to build mobile sites and also few options how to serve these to your mobile users. There are 2 popular ways to do it:

1. detects the http user-agent and if matches a mobile user-agent, then visitors will see a mobile version of the website. Normally, the easiest way to do it by installing mobile theme plugins especially for WordPress users. URLs or domain name will be the same for desktop and mobile visitors, and they have an option to swtich between the regular or mobile theme websites.

Share

Basically, you just need to use the CLI command “ifconfig” which stands for interface configuration. It uses
to configure and query TCP/IP network interface parameters

ifconfig interface [aftype] options

where:

interface: eth0,eth1, em0
aftype: inet (default,TCP/IP), inet6(IPV6)
options: up,down, arp,promisc, mtu ##, broadcast xx.xx.xx.xx , netmask xx.xx.xx.xx

See the man page for more details

Common use of ifconfig:

Display info on all network interfaces, including active and active
#ifconfig -a

View network settings of specific interface
#ifconfig eth0

Disable an Interface
#ifconfig eth0 down

Enable an Interface
#ifconfig eth0 up

Share

INTRODUCTION

A memory upgrade can be one of the least expensive methods of improving computer’s performance. Memory is often the largest limiting factor in application deployment

especially in a Virtual Server environment. Additional RAM will provide provisioning of additional guest domains since CPU is barely utilized.

This document will provide information on the steps on upgrading the memory of server, during and after action plans that needs to undertake.

When upgrading the memory on a Linux server, it is very important to understand the existing memory of the system, which will help plan the activity without opening

Share
 

About FLT

This site is dedicated to everyone who likes to learn and explore the beautiful world of Linux. If you have comments and suggestions, please feel free to email at freelinuxtutorials@gmail.com. I am happy to serve and share things esp. that is free and enjoyable as Linux.