Reliable Penguin

Linux Server Migrations, Systems Administration & Programming
 

Category: Networking

Pages: 1 2 >>

03/30/10

Permalink 05:25:34 am, by admin Email , 57 words   English (US)
Categories: Linux, Networking

Block IP Address With IPTables

Need to block am IP address from your server? Here's an IPTables command:

/sbin/iptables -I INPUT -s w.x.y.z -j DROP

where w.x.y.z is the IP address to be blocked.

Here's a way to block and address with just the route command:

/sbin/route add -host w.x.y.z reject

PermalinkPermalinkLeave a comment »

11/17/09

Permalink 07:23:17 am, by admin Email , 112 words   English (US)
Categories: Networking

IPTables - Filter ICMP Timestamp Requests & Replies

Here's how to filter or block ICMP timestamp requests and replies.

On Redhat/CentOS, edit /etc/sysconfig/iptables and add the following lines

-A RH-Firewall-1-INPUT -p ICMP --icmp-type timestamp-request -j DROP
-A RH-Firewall-1-INPUT -p ICMP --icmp-type timestamp-reply -j DROP

and then run:

/sbin/iptables restart

Or run the following commands:

/sbin/iptables -I RH-Firewall-1-INPUT 1 -p ICMP --icmp-type timestamp-request -j DROP
/sbin/iptables -I RH-Firewall-1-INPUT 1 -p ICMP --icmp-type timestamp-reply -j DROP
/sbin/service iptables save

Recently on an Ubantu server we just added these lines to /etc/rc.local:

/sbin/iptables -I INPUT 1 -p ICMP --icmp-type timestamp-request -j DROP
/sbin/iptables -I INPUT 1 -p ICMP --icmp-type timestamp-reply -j DROP
PermalinkPermalinkLeave a comment »

03/03/05

Permalink 08:06:54 am, by admin Email , 693 words   English (US)
Categories: Tomcat, Networking

OpenNMS Install

OpenNMS is a great network monitoring tool. Here's the OpenNMS site:

http://www.opennms.org

In this case I'm going to do an install on to a RedHat Fedora Core 1 server. Here's the installation guide:

https://sourceforge.net/docman/display_doc.php?docid=23937&group_id=4141

The first step is to install the various prerequisites:

- Java 2 SDK 1.4.2 or later from http://java.sun.com

We did a stock install of the 1.4.2_07 tar/gz package to /usr/local/. Don't forget to export the JAVA_HOME environment variable:

export JAVA_HOME=/usr/local/j2sdk1.4.2_07/

- Tomcat 4 from http://jakarta.apache.org/tomcat/index.html

We did a standard install of the 4.1.31 tar/gz package following the instructions here:

http://jakarta.apache.org/tomcat/tomcat-4.1-doc/RUNNING.txt

The install was placed at /usr/local/jakarta-tomcat-4.0.

We added the following lines to /etc/rc.local to start Tomcat on bootup and open the appropriate firewall ports:


# tomcat startup
export JAVA_HOME=/usr/local/j2sdk1.4.2_07
export CATALINA_HOME=/usr/local/jakarta-tomcat-4.0
$CATALINA_HOME/bin/startup.sh
iptables -A INPUT -p tcp --dport 8080 -j ACCEPT

At this point Tomcat was accessible at http://{myipaddress}:8080

- RRDTool from http://people.ee.ethz.ch/~oetiker/webtools/rrdtool/

We used the 1.0.49 source tar/gz package and built it using the instructions in the enclosed README file. The package was installed to: /usr/local/rrdtool-1.0.49

Had to add a --enable-shared option to the configure command line to get the shared libraries to build.

Had to symlink rrdtool into /usr/bin so that opennms could find it:

ln -s /usr/local/rrdtool-1.0.49/bin/rrdtool /usr/bin/rrdtool

Also edited /etc/ld.so.conf and add "/usr/local/rrdtool-1.0.49/lib/" - the path to the rddtool shared libraries. Finally ran ldconfig to update the cache.

- PostgreSQL 7.2 or later from http://www.postgresql.org/

We used the 7.4.7 release and installed the following binary rpms:

postgresql-7.4.7-2PGDG.i686.rpm
postgresql-contrib-7.4.7-2PGDG.i686.rpm
postgresql-devel-7.4.7-2PGDG.i686.rpm
postgresql-docs-7.4.7-2PGDG.i686.rpm
postgresql-jdbc-7.4.7-2PGDG.i686.rpm
postgresql-libs-7.4.7-2PGDG.i686.rpm
postgresql-pl-7.4.7-2PGDG.i686.rpm
postgresql-server-7.4.7-2PGDG.i686.rpm
postgresql-tcl-7.4.7-2PGDG.i686.rpm
postgresql-test-7.4.7-2PGDG.i686.rpm

After installing we did the following commands to start the database and set it to start on bootup:


service postgresql start
chkconfig --level 345 postgresql on

And that does it for the prerequisites.

We'll now install OpenNMS, still following the instructions at:

https://sourceforge.net/docman/display_doc.php?docid=23937&group_id=4141

To keep the install simple we used the FC1 RPM binaries provided by OpenNMS. After downloading we had three files:

opennms-1.2.0-1_fc1.i386.rpm
opennms-docs-1.2.0-1_fc1.i386.rpm
opennms-webapp-1.2.0-1_fc1.i386.rpm

Next we tried to install the first rpm with:

rpm -i opennms-1.2.0-1_fc1.i386.rpm

We ran into some problems with missing dependancies at this point. First we had to install:

compat-libstdc++-7.3-2.96.118.i386.rpm

which was downloaded from RPMFind.

Then we installed with dependancies turned off.

rpm -i --nodeps opennms-1.2.0-1_fc1.i386.rpm
rpm -i opennms-docs-1.2.0-1_fc1.i386.rpm
rpm -i --nodeps opennms-webapp-1.2.0-1_fc1.i386.rpm

Many of the opennms files get installed to:

/opt/OpenNMS

Next we'll setup the installer:

export OPENNMS_HOME=/opt/OpenNMS
$OPENNMS_HOME/bin/runjava -s

And run the installer:

$OPENNMS_HOME/bin/install -disU

This failed with jdbc errors about problems connection to postgres.

To fix it we added the following firewall rule:

iptables -A INPUT -s 127.0.0.1 -p tcp --dport 5432 -j ACCEPT

And modified the pg_hba.conf file to this:

local all all ident sameuser
host all all 127.0.0.1 255.255.255.255 trust

Now the installer ran properly.

Next we ran the installer for the webapps:

export CATALINA_HOME=/usr/local/jakarta-tomcat-4.0
$OPENNMS_HOME/bin/install -y -w $CATALINA_HOME/webapps -W $CATALINA_HOME/server/lib

This worked without any problems.

Next we tried to start opennms with:

$OPENNMS_HOME/bin/opennms.sh start

This took a really long time to return and then reported that startup had failed. In fact startup worked it just takes several minutes.

We had to restart tomcat before we could get to the webapp at:

http://{myipaddress}:8080/opennms

The initial login was user "admin" and password "admin"

Finally we set opennms to start on boot with:

chkconfig --add opennms

PermalinkPermalink

01/08/05

Permalink 02:04:41 pm, by admin Email , 68 words   English (US)
Categories: Networking, RedHat

Fixing ethernet interface speed

On redhat, the ETHTOOL_OPTS can provide some control over interface speed. Here's the description from documentation:

 
ETHTOOL_OPTS=...
      Any device-specific options supported by ethtool. For example,
      if you wanted to force 100Mb full duplex:
        ETHTOOL_OPTS="speed 100 duplex full autoneg off"
      Note that changing speed or duplex settings almost always
      requires disabling autonegotiation with 'autoneg off'.

The ethtool utility provides extensive low level control over ethernet interfaces.

PermalinkPermalink
Permalink 01:57:18 pm, by admin Email , 89 words   English (US)
Categories: Apache, Networking, RedHat

Redhat Network Config Resources

Here are some handy references about network config on redhat:

  • /usr/share/doc/initscripts-<version>/sysconfig.txt — A guide to available options for network configuration files, including IPv6 options not covered in this chapter.
  • /usr/share/doc/iproute-<version>/ip-cref.ps — This file contains a wealth of information about the ip command, which can be used to manipulate routing tables, among other things. Use the ggv or kghostview application to view this file.
  • http://www.redhat.com/docs/manuals/enterprise/RHEL-3-Manual/ref-guide/ch-networkscripts.html
PermalinkPermalink

1 2 >>

July 2010
Sun Mon Tue Wed Thu Fri Sat
 << <   > >>
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31

Reliable Penguin

Reliable Penguin offers Linux Server Migrations, Systems Administration & Programming. Visit our main website at:

http://www.reliablepenguin.com

Search

Bookmark and Share

Categories

XML Feeds

What is RSS?
free open source blog