Archive | April, 2009

Howto Configure Ethernet Bridge

Posted on April 28, 2009 by admin in Project Gallery

Let’s assume you have a server with two Ethernet network interface. You wish to bridge traffic between the interfaces. Here are the commands to setup the bridge: 1. Take eth0 off line ifconfig eth0 down 2. Take eth1 off line ifconfig eth1 down 3. Define a bridge named “bridge01″ brctl addbr bridge01 4. Add eth0 [...]

Let’s assume you have a server with two Ethernet network interface. You wish to bridge traffic between the interfaces. Here are the commands to setup the bridge:

1. Take eth0 off line

ifconfig eth0 down

2. Take eth1 off line

ifconfig eth1 down

3. Define a bridge named “bridge01″

brctl addbr bridge01

4. Add eth0 to the bridge named “bridge01″

brctl addif bridge01 eth0

5. Add eth1 to the bridge named “bridge01″

brctl addif bridge01 eth1

6. Bring up the Ethernet interfaces with no IP addresses:

ifconfig eth0 0.0.0.0 up
ifconfig eth1 0.0.0.0 up

7. Bring the bridge online with a single ip address

ifconfig bridge01 192.168.100.101 up

Try to test by ping from one side of the bridge to the other. It may take up to 30 seconds for the ping to start running due to the learning phase on the bridge.

If it fails then double check the above setup. Take a look at the MAC addresse that the bridge sees with:

brctl showmacs br1

Verify that there is no bridge filtering is turned on:

# cd /proc/sys/net/bridge
# for f in bridge-nf-*; do echo 0 > $f; done

Also might need to enable IP forwarding in /etc/sysctl or with:

echo "1" > /proc/sys/net/ipv4/ip_forward

If you actually want to be able to filter via iptables, the bridged traffic then turn on bridge-nf for iptables:

echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables

Now bridged packets will be passed through the FORWARD chain. So for example to log all packets one could do:

iptables -I FORWARD -j LOG

or to block all UDP traffic:

/sbin/iptables -A FORWARD --protocol udp -j DROP

Additional resources:

NetBridge
Ethernet Bridge + netfilter Howto
Bridge-nf FAQ

View Comments Continue Reading →

Mount Windows drive share on RHEL5

Posted on April 24, 2009 by admin in Linux, RedHat

RHEL5 replaced the old smbmount command with mount.cifs so to mount a shared Windows drive do something like: mount -t cifs //servername/sharename /mnt/mountpoint \ -o username=myusername,password=mypassword Bookmark on Delicious Digg this post Recommend on Facebook share via Reddit Share with Stumblers Tweet about it Subscribe to the comments on this post Print for later Bookmark [...]

RHEL5 replaced the old smbmount command with mount.cifs so to mount a shared Windows drive do something like:

mount -t cifs //servername/sharename /mnt/mountpoint \
 -o username=myusername,password=mypassword
View Comments Continue Reading →

Reinstall grub in MBR

Posted on April 14, 2009 by admin in RedHat

Two approaches to this. The first is to use the grub-install utility: grub-install –root-directory=/boot /dev/??? The second approach is to use the grub command line: 1. Start the grub command line: grub 2. Determine the boot device: find /boot/grub/stage1 You’ll get something like “(hd0,0)”. 3. Tell grub where the root is: root (hd0,0) 4. Install [...]

Two approaches to this. The first is to use the grub-install utility:

grub-install --root-directory=/boot /dev/???

The second approach is to use the grub command line:

1. Start the grub command line:

grub

2. Determine the boot device:

find /boot/grub/stage1

You’ll get something like “(hd0,0)”.

3. Tell grub where the root is:

root (hd0,0)

4. Install the MBR:

setup (hd0,0)
View Comments Continue Reading →

Fix strange characters from pstree on RedHat.

Posted on April 10, 2009 by admin in RedHat

By default on Redhat, the output from pstree is scrambled like this: initââ¬âEvMgrCâââEvMgrCâââ4*[EvMgrC] ââatd ââbdflush ââcrondâââcrondâââshâââwget ââcvdâââcvdâââ8*[cvd] ââhttpdâââ31*[httpd] ââirqbalance ââkeventd ââkhubd ââ2*[kjournald] ââklogd ââkscand ââksoftirqd/0 ââksoftirqd/1 ââksoftirqd/2 ââksoftirqd/3 ââkswapd ââkupdated ââmdrecoveryd ââ6*[mingetty] ââminiserv.pl ââmysqld_safeâââmysqld âânsrexecdââânsrexecd ââportmap ââ2*[portsentry] âârhnsd ââsaslauthdâââ4*[saslauthd] ââscsi_eh_0 ââsshdâââsshdâââsshdâââbashâââsuâââbashâââpstree ââsvscanbootââ¬âreadproctitle â ââsvscanââ¬âsuperviseâââqmail-sendââ¬âqmail-clean â â ââqmail-lspawn â â ââqmail-rspawn â ââ3*[superviseâââmultilog] â ââsuperviseâââtcpserverâââ6*[rblsmtpdâââfixcrio] â [...]

By default on Redhat, the output from pstree is scrambled like this:

initââ¬âEvMgrCâââEvMgrCâââ4*[EvMgrC]
     ââatd
     ââbdflush
     ââcrondâââcrondâââshâââwget
     ââcvdâââcvdâââ8*[cvd]
     ââhttpdâââ31*[httpd]
     ââirqbalance
     ââkeventd
     ââkhubd
     ââ2*[kjournald]
     ââklogd
     ââkscand
     ââksoftirqd/0
     ââksoftirqd/1
     ââksoftirqd/2
     ââksoftirqd/3
     ââkswapd
     ââkupdated
     ââmdrecoveryd
     ââ6*[mingetty]
     ââminiserv.pl
     ââmysqld_safeâââmysqld
     âânsrexecdââânsrexecd
     ââportmap
     ââ2*[portsentry]
     âârhnsd
     ââsaslauthdâââ4*[saslauthd]
     ââscsi_eh_0
     ââsshdâââsshdâââsshdâââbashâââsuâââbashâââpstree
     ââsvscanbootââ¬âreadproctitle
     â            ââsvscanââ¬âsuperviseâââqmail-sendââ¬âqmail-clean
     â                     â                        ââqmail-lspawn
     â                     â                        ââqmail-rspawn
     â                     ââ3*[superviseâââmultilog]
     â                     ââsuperviseâââtcpserverâââ6*[rblsmtpdâââfixcrio]
     â                     ââsuperviseâââtcpserver
     ââsyslogd
     ââvsftpd
     ââxinetd

There are a couple of ways to clear this up so that it looks like this:

init─┬─EvMgrC───EvMgrC───4*[EvMgrC]
     ├─atd
     ├─bdflush
     ├─crond
     ├─cvd───cvd───8*[cvd]
     ├─httpd───22*[httpd]
     ├─irqbalance
     ├─keventd
     ├─khubd
     ├─2*[kjournald]
     ├─klogd
     ├─kscand
     ├─ksoftirqd/0
     ├─ksoftirqd/1
     ├─ksoftirqd/2
     ├─ksoftirqd/3
     ├─kswapd
     ├─kupdated
     ├─mdrecoveryd
     ├─6*[mingetty]
     ├─miniserv.pl
     ├─mysqld_safe───mysqld
     ├─nsrexecd───nsrexecd
     ├─portmap
     ├─2*[portsentry]
     ├─rhnsd
     ├─saslauthd───4*[saslauthd]
     ├─scsi_eh_0
     ├─sshd───sshd───sshd───bash───su───bash───pstree
     ├─svscanboot─┬─readproctitle
     │            └─svscan─┬─supervise───qmail-send─┬─qmail-clean
     │                     │                        ├─qmail-lspawn
     │                     │                        └─qmail-rspawn
     │                     ├─3*[supervise───multilog]
     │                     ├─supervise───tcpserver───12*[rblsmtpd───fixcrio]
     │                     └─supervise───tcpserver
     ├─syslogd
     ├─vsftpd
     └─xinetd

Here are two possible solutions:

1. Use “pstree -G” to force VT100 line drawing

2. Do “export LANG=’en_US’” to change the language from UTF-8 to English

View Comments Continue Reading →

Hide PHP Version

Posted on April 10, 2009 by admin in Apache, PHP

To hide the PHP version from HTTP responses, edit /etc/php.ini and change: expose_php = On to: expose_php = Off Then restart apache. Bookmark on Delicious Digg this post Recommend on Facebook share via Reddit Share with Stumblers Tweet about it Subscribe to the comments on this post Print for later Bookmark in Browser Tell a [...]

To hide the PHP version from HTTP responses, edit /etc/php.ini and change:

expose_php = On

to:

expose_php = Off

Then restart apache.

View Comments Continue Reading →