Tuesday, February 16, 2010
Delete Scheduled files every 2 weeks in linux Centos
find /var/spool/asterisk/monitor/ -mtime +12 -type f -exec rm -rf {} \;
Saturday, February 13, 2010
Debian isn't showing all my ram! Debian can't read all RAM x32 on x64 machine
But there's a problem; you ordered your system with 4 GB of RAM but you are only able to see 2. Well this may just be an issue with the default Debian kernel.
Section 1: Checking available RAM
1. First thing's first, how much RAM does your system believe that it has available?
toystory:~# free -m
total used free shared buffers cached
Mem: 1012 44 968 0 3 22
-/+ buffers/cache: 18 994
Swap: 94 0 94
2. You can also check the server physically to see what sort of RAM is actually installed if you have lshw installed. Let's install it and take a look:
toystory:~# apt-get install lshw
. . . installation of package should go okay here . . .
toystory:~# lshw -C memory
As with any command you will receive a fair amount of information that you were not necessarily looking for. The section that you are interested in will look something like this:
*-bank:0
description: DIMM Synchronous 333 MHz (3.0 ns)
product: PartNum0
vendor: Manufacturer0
physical id: 0
serial: SerNum0
slot: DIMM0
size: 1GB
width: 64 bits
clock: 333MHz (3.0ns)
*-bank:1
description: DIMM Synchronous 333 MHz (3.0 ns)
product: PartNum1
vendor: Manufacturer1
physical id: 1
serial: SerNum1
slot: DIMM1
size: 1GB
width: 64 bits
clock: 333MHz (3.0ns)
*-bank:2
description: DIMM Synchronous 333 MHz (3.0 ns)
product: PartNum1
vendor: Manufacturer1
physical id: 1
serial: SerNum2
slot: DIMM1
size: 1GB
width: 64 bits
clock: 333MHz (3.0ns)
*-bank:3
description: DIMM Synchronous 333 MHz (3.0 ns)
product: PartNum1
vendor: Manufacturer1
physical id: 1
serial: SerNum3
slot: DIMM1
size: 1GB
width: 64 bits
clock: 333MHz (3.0ns)
This should list the sticks of RAM that are actually installed to the system. Looks like 4 separate sticks of 1 GB RAM installed to me. Let's move on to solving this problem.
Section 2: The Bigmem Kernel
Due to some optimizations made at the kernel level of Linux there are a few different "maximum memory" specifications that are set to achieve maximum performance, but you are probably most concerned about getting to your RAM immediately, so let's get to that. The first thing that you need to do is install the "bigmem" kernel package if it is not already installed. Our default installations of Debian come with this installed so you should not need to do this, but just in case take the following steps.
1. Check to see if the kernel is already installed. If something like linux-image-2.6-686-bigmem shows up here, then skip down to Section 3 because you're all set
toystory:~# dpkg --get-selections | grep bigmem
2. Go ahead and install the package
toystory:~# apt-get install linux-image-2.6-686-bigmem
3. Check to make sure it's installed okay.
toystory:~# dpkg --get-selections | grep bigmem
linux-image-2.6-686-bigmem install
toystory:~#
That's all there is to the installation for our purposes. Custom kernel compilation is outside of the scope of this article.
Section 3: Configuring Grub
By default our installations of Debian use the grub bootloader. If you have not made any changes, a command like this will tell you what kernels you have configured within grub.
toystory:~# grep "Debian GNU" /boot/grub/menu.lst | nl -v0
0 title Debian GNU/Linux, kernel 2.6.18-5-k7
1 title Debian GNU/Linux, kernel 2.6.18-5-k7 (single-user mode)
2 title Debian GNU/Linux, kernel 2.6.18-5-686-bigmem
3 title Debian GNU/Linux, kernel 2.6.18-5-686-bigmem (single-user mode)
4 title Debian GNU/Linux, kernel 2.6.18-4-k7
5 title Debian GNU/Linux, kernel 2.6.18-4-k7 (single-user mode)
We want to use our bigmem kernel (not in single user mode of course) so we'll need to update the "default" entry in grub's configuration file.
1. So what is the current default entry?
toystory:~# grep ^default /boot/grub/menu.lst
default 0
2. So open your favorite text editor and find the line that says "default #" and change it to the number that you found above. Here we are in vi:
3. Now all you have to do is reboot. So give it a go and reboot to see what happens!
Section 1: Checking available RAM
1. First thing's first, how much RAM does your system believe that it has available?
toystory:~# free -m
total used free shared buffers cached
Mem: 1012 44 968 0 3 22
-/+ buffers/cache: 18 994
Swap: 94 0 94
2. You can also check the server physically to see what sort of RAM is actually installed if you have lshw installed. Let's install it and take a look:
toystory:~# apt-get install lshw
. . . installation of package should go okay here . . .
toystory:~# lshw -C memory
As with any command you will receive a fair amount of information that you were not necessarily looking for. The section that you are interested in will look something like this:
*-bank:0
description: DIMM Synchronous 333 MHz (3.0 ns)
product: PartNum0
vendor: Manufacturer0
physical id: 0
serial: SerNum0
slot: DIMM0
size: 1GB
width: 64 bits
clock: 333MHz (3.0ns)
*-bank:1
description: DIMM Synchronous 333 MHz (3.0 ns)
product: PartNum1
vendor: Manufacturer1
physical id: 1
serial: SerNum1
slot: DIMM1
size: 1GB
width: 64 bits
clock: 333MHz (3.0ns)
*-bank:2
description: DIMM Synchronous 333 MHz (3.0 ns)
product: PartNum1
vendor: Manufacturer1
physical id: 1
serial: SerNum2
slot: DIMM1
size: 1GB
width: 64 bits
clock: 333MHz (3.0ns)
*-bank:3
description: DIMM Synchronous 333 MHz (3.0 ns)
product: PartNum1
vendor: Manufacturer1
physical id: 1
serial: SerNum3
slot: DIMM1
size: 1GB
width: 64 bits
clock: 333MHz (3.0ns)
This should list the sticks of RAM that are actually installed to the system. Looks like 4 separate sticks of 1 GB RAM installed to me. Let's move on to solving this problem.
Section 2: The Bigmem Kernel
Due to some optimizations made at the kernel level of Linux there are a few different "maximum memory" specifications that are set to achieve maximum performance, but you are probably most concerned about getting to your RAM immediately, so let's get to that. The first thing that you need to do is install the "bigmem" kernel package if it is not already installed. Our default installations of Debian come with this installed so you should not need to do this, but just in case take the following steps.
1. Check to see if the kernel is already installed. If something like linux-image-2.6-686-bigmem shows up here, then skip down to Section 3 because you're all set
toystory:~# dpkg --get-selections | grep bigmem
2. Go ahead and install the package
toystory:~# apt-get install linux-image-2.6-686-bigmem
3. Check to make sure it's installed okay.
toystory:~# dpkg --get-selections | grep bigmem
linux-image-2.6-686-bigmem install
toystory:~#
That's all there is to the installation for our purposes. Custom kernel compilation is outside of the scope of this article.
Section 3: Configuring Grub
By default our installations of Debian use the grub bootloader. If you have not made any changes, a command like this will tell you what kernels you have configured within grub.
toystory:~# grep "Debian GNU" /boot/grub/menu.lst | nl -v0
0 title Debian GNU/Linux, kernel 2.6.18-5-k7
1 title Debian GNU/Linux, kernel 2.6.18-5-k7 (single-user mode)
2 title Debian GNU/Linux, kernel 2.6.18-5-686-bigmem
3 title Debian GNU/Linux, kernel 2.6.18-5-686-bigmem (single-user mode)
4 title Debian GNU/Linux, kernel 2.6.18-4-k7
5 title Debian GNU/Linux, kernel 2.6.18-4-k7 (single-user mode)
We want to use our bigmem kernel (not in single user mode of course) so we'll need to update the "default" entry in grub's configuration file.
1. So what is the current default entry?
toystory:~# grep ^default /boot/grub/menu.lst
default 0
2. So open your favorite text editor and find the line that says "default #" and change it to the number that you found above. Here we are in vi:
3. Now all you have to do is reboot. So give it a go and reboot to see what happens!
Thursday, February 11, 2010
Install Brekeke Advanced SIP on linux Debian!
first add deb http://ftp.nl.debian.org/debian/ lenny main contrib non-free
to /etc/apt-sources.list
then follow up this simple steps:
1- wget http://mirror.cc.columbia.edu/pub/software/apache/tomcat/tomcat-5/v5.5.28/bin/apache-tomcat-5.5.28.tar.gz
2- apt-cache search java | grep jdk
3- apt-get install sun-java6-jdk
4- tar -xzvf apache-tomcat-6.0.24.tar.gz
5- mkdir /usr/local/tomcat5.5
6- gulfsip:/home/downs# mv apache-tomcat-5.5.28 /usr/local/
7- gulfsip:/usr/local/tomcat5.5# mv apache-tomcat-5.5.28/ tomcat5.5
8- export JAVA_HOME=/usr/lib/jvm/java-6-sun-1.6.0.12
export PATH=/usr/lib/jvm/java-6-sun-1.6.0.12/bin:$PATH
9- Start tomcat /usr/local/tomcat5.5/bin/./startup.sh
10- copy the proxy.war file into: /usr/local/tomcat5.5/webapps
11- Make sure Tomcat is running: http://X.X.X.X:8080/
12- run the SIP server: http://X.X.X.X:8080/proxy
to /etc/apt-sources.list
then follow up this simple steps:
1- wget http://mirror.cc.columbia.edu/pub/software/apache/tomcat/tomcat-5/v5.5.28/bin/apache-tomcat-5.5.28.tar.gz
2- apt-cache search java | grep jdk
3- apt-get install sun-java6-jdk
4- tar -xzvf apache-tomcat-6.0.24.tar.gz
5- mkdir /usr/local/tomcat5.5
6- gulfsip:/home/downs# mv apache-tomcat-5.5.28 /usr/local/
7- gulfsip:/usr/local/tomcat5.5# mv apache-tomcat-5.5.28/ tomcat5.5
8- export JAVA_HOME=/usr/lib/jvm/java-6-sun-1.6.0.12
export PATH=/usr/lib/jvm/java-6-sun-1.6.0.12/bin:$PATH
9- Start tomcat /usr/local/tomcat5.5/bin/./startup.sh
10- copy the proxy.war file into: /usr/local/tomcat5.5/webapps
11- Make sure Tomcat is running: http://X.X.X.X:8080/
12- run the SIP server: http://X.X.X.X:8080/proxy
Wednesday, February 10, 2010
ConfigServer Security & Firewall notes!!
My question was:
what if I did place my server IP: 10.54.6.170 in the csf.allow
and I want it as the ONLY server to access 10.54.6.170 for port 22
How I can restrict other IPs to access this 22 ports other than 10.54.6.170 ?
=======> ANSWER <=======
Checking over the csf.allow file, I see it provides examples of what I think is very important to secure your server:
# The trust rules can be made in advanced format with 4 options
# (proto:flow:port:ip);
# 1) protocol: [packet protocol tcp/udp]
# 2) flow in/out: [packet direction, inbound or outbound]
# 3) s/d=port: [packet source or destination port]
# 4) s/d=ip(/xx) [packet source or destination address, masking supported]
#
# Syntax:
# proto:flow:[s/d]=port:[s/d]=ip(/mask)
# s - source , d - destination , flow - packet flow in/out
#
# Examples:
# inbound to destination port 22 from 192.168.2.1
# tcp:in:d=22:s=192.168.2.1
#
# outbound to destination port 23 to destination host 192.168.2.1
# out:d=23:d=192.168.2.1
#
# inbound to destination port 3306 from 192.168.5.0/24
# d=3306:s=192.168.5.0/24
here was my simple rule:
d=22:s=10.54.6.170/28
and I did restart /etc/nit.d/csf --restart
what if I did place my server IP: 10.54.6.170 in the csf.allow
and I want it as the ONLY server to access 10.54.6.170 for port 22
How I can restrict other IPs to access this 22 ports other than 10.54.6.170 ?
=======> ANSWER <=======
Checking over the csf.allow file, I see it provides examples of what I think is very important to secure your server:
# The trust rules can be made in advanced format with 4 options
# (proto:flow:port:ip);
# 1) protocol: [packet protocol tcp/udp]
# 2) flow in/out: [packet direction, inbound or outbound]
# 3) s/d=port: [packet source or destination port]
# 4) s/d=ip(/xx) [packet source or destination address, masking supported]
#
# Syntax:
# proto:flow:[s/d]=port:[s/d]=ip(/mask)
# s - source , d - destination , flow - packet flow in/out
#
# Examples:
# inbound to destination port 22 from 192.168.2.1
# tcp:in:d=22:s=192.168.2.1
#
# outbound to destination port 23 to destination host 192.168.2.1
# out:d=23:d=192.168.2.1
#
# inbound to destination port 3306 from 192.168.5.0/24
# d=3306:s=192.168.5.0/24
here was my simple rule:
d=22:s=10.54.6.170/28
and I did restart /etc/nit.d/csf --restart
Subscribe to:
Posts (Atom)