Execute Script on Connection established using Network Manager Dispatcher

If you want a script to be executed each time a Network connection is established there is a easy way to do so with Linux distributions which use the Network Manager (like Fedora, Suse, Ubuntu etc.). You simply have to copy the script to the directory /etc/NetworkManager/dispatcher.d and change the permissions to 755. (It is crucial to use 755, otherwise the script will be ignored.

chmod 755 /etc/NetworkManager/dispatcher.d/10-my-scirpt

The scipts in this directory are executed by the order of their name eg. 10-my-script will be executed before 20-my-script.

Setup Webserver Monitoring with Munin

The tool Munin offers an easy way to monitor a webserver. It comes along with a lot of features like monitoring disk and memory usage, the CPU, the fork rate of new processes and much more. The monitored data is accessible by the web browser. The setup of Munin takes only a few minutes.

First you have to install Munin. In Fedora Linux this can be done via YUM:

yum install munin munin-node

Once installed you have to edit the configuration file /etc/munin/munin.conf (The default file contains a lot of comments). For a basic setup you can add the following lines:


dbdir /var/lib/munin
htmldir /var/www/html/munin
logdir /var/log/munin
rundir  /var/run/munin


[www.example.com]
    address 127.0.0.1
    use_node_name yes

In this case “/var/www/html/” has to be the HTML directory of you webserver. What is missing now is to create the HTML directory for Munin and set the correct permissions:

mkdir -p /var/www/html/munin
chown munin:munin /var/www/html/munin

Restart Munin

/etc/init.d/munin-node restart

The monitoring is running now. The results can be accessed by the webbrowser:

http://www.djvu-pdf.com/munin/

By default there is a .htaccess password protection for this page activated. You can either remove the file /var/www/html/munin/.htaccess or create a username password combination like follows:

You can create the required password file (usually /etc/munin/munin-htpasswd, it is quoted in the .htaccess file) like follows

htpasswd -c /etc/munin/munin-htpasswd Admin

Where Admin is the username. You will be asked for the password in a prompt.

Munin produces intuitive graphs of the monitored resources like the following one:

Clone Hard Disk with Command Line Tools

If you have two hard disks in you machine and you want to be one and exact copy of the other one you can use the tool “dd” to do so.

Lets say you want /dev/sdb to be a clone of /dev/sda, then you can simply use the command:

dd if=/dev/sda of=/dev/sdb

Make sure, that /dev/sdb has at least the same size as /dev/sda!

How long does dd take?

Cloning a hard disk with dd can take several hours.

Assuming a average speed of 8 MB/s copying a disk with 120 MB would take about four hours.

Send Server Ip Address by Email

This post describes to configure a web server in a way that it sents its IP address by email in a defined interval of time. This can be useful for example if your server has a dynamic IP address that changes with the time. In this example the tool Postfix is used to sent the emails instead of sendmail since it works similar and is way easier to configure than sendmail.

Preparations:

1. Install Postfix

In a first step it is necessary to setup and install postfix. You can download the source code here but most recent linux distributions include the package already. In Fedora the setup can simply be done by:

yum install postfix

2. Configure Postfix

You need an SMTP server in order to sent the emails. If you have an email account with SMTP Server you can add the following lines to the postfix configuration file /etc/postfix/main.cf :

relayhost = smtp.provider.com:25
 
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = smtpd
smtp_sasl_password_maps = hash:/etc/postfix/passwd
smtp_sasl_type = cyrus
smtp_sasl_auth_enable = yes

Now the password file /etc/postfix/passwd has to be created. The password file has to contain the line

smtp.provider.com:25 username:password

To convert the password file in a so called postmap look-up table do the following:

postmap hash:/etc/postfix/passwd

If

postmap -q smtp.provider.com:25 /etc/postfix/passwd

gives you the correct reply everything is working fine.

3. Test Postfix
To test this configuration, postfix has to be started

postfix start

Postfix now provides a sendmail command you can use like follows to test your setup:

Create a simple text file test.mail:

From: you@provider.com
message
(compulsory blank line at the end)

and execute the command

sendmail -f you@provider.com -s recipient@provider.com < test.mail

The mail should have been sent now. If something is not working errors can be found in the following file:
/var/log/maillog

If you find something like

warning: SASL authentication failure: No worthy mechs found

status=deferred (SASL authentication failed; cannot au
thenticate to server smtp.provider.com: no mechanism available)

you probably have to add the following line to your /etc/postfix/main.cf:

smtp_sasl_security_options = noanonymous

Howto sent the IP by email:

To sent the IP address of you server by emil you simply you have execute the following simple script send_ip.sh by a cron job.

#!/bin/bash
# send_ip.sh

wget http://checkip.dyndns.com/ -O ip.txt
sendmail -f you@provider.com -s recipient@provider.com < ip.txt
rm -f ip.txt

http://checkip.dyndns.com/ can be replaced by any web page that is displaying your IP.

The only thing that is missing now is to setup a cron job that executes the script in a defined interval of time, lets they every six hours.

As root do:

crontab -e 

and add the following line:

0 */6 * * * source /home/user/send_ip.sh ;

Now start the crond and thats it!

/sbin/service crond start
chkconfig crond on

Attention!
You have to make sure, that the postfix mailing system is always running. In case to ensure that postfix sendmail command is not interferring with the “normal” sendmail command stop it.

service sendmail stop
postfix start

Multiple Domains on one IP Address using Apache Virtual Server

Using Apache Virtual Servers it is easy to make multiple domains point at the same IP address displaying different content. You just have to add the following lines to the file /etc/httpd/conf/httpd.conf and restart apache:

NameVirtualHost *:80

<VirtualHost *:80>
ServerName www.first-domain.com
ServerAlias first-domain.com *.first-domain.com
DocumentRoot /var/www/html
</VirtualHost>

<VirtualHost *:80>
ServerName www.second-domain.com
DocumentRoot /var/www/samples
</VirtualHost>


In this setup www.first-domain.com is displaying the content of /var/www/html while www.second-domain.com is displaying the content of /var/www/samples.

SSH Tunnel as Socks Proxy Server for the Web Browser

If you have SSH access to a remote host and you want to use it as proxy server for your web browser you can do so easily by opening up a SSH tunnel:

ssh -D 9999 username@host.com -N

If you now set your socks proxy in your web browser to localhost, port 9999 your traffice is redirect via host.com. In firefox you can do so in Preferences->Network->Settings

PHP Multi File Uploader with Progress Bar using APC

Important Update: If you are using PHP versions greater 5.3 you should use our new multi-file uploader script which does not depend on the APC cache. You find it here:

https://mydailyhacks.wordpress.com/2014/11/05/php-multifile-uploader-for-php-5-4-5-5/

For older PHP versions just continue reading.

This little PHP Script allows you to upload multiple files at a time to a webserver. It is pretty easy to install and can easily be adapted and extended to your specific needs. The Ajax progress bar the script brings is based on jQuery. For a proper operation of the script the Alternative PHP Cache (APC) has to be activated.

Where to get the script?

How to install APC on a linux server?

In Fedora Linux you need the following packages to install APC using the pecl command afterwards.


yum install pcre-devel  php-pear php-devel httpd-devel

pecl install apc

The file /etc/php.ini should contain the following lines:


extension=apc.so
apc.enabled = 1
apc.max_file_size = 2000M
apc.rfc1867 = 1

An introduction how to install it from the source code you find here.
http://www.electrictoolbox.com/install-apc-php-linux/

If you are not sure if APC is installed at your server contact the administrator.

Burning MP3 using Fedora and K3b

If you want create Audio CDs from your mp3 files using Fedora K3b offers a easy way. To enable K3b to burn mp3 you have also to install the package k3b-extras-freeworld.

Like this it should work:

yum install k3b k3b-extras-freeworld 

Install a Telnet Server on Fedora

A telnet server on Fedora can be installed easily. Do the following as user root:


#install the server application
yum install telnet-server

# set on if you want to activate telnet at startup
chkconfig telnet on

# restart the internet services 
/etc/init.d/xinetd restart

Simple Linux Virtual Server Setup for Fedora 15 with LVS-DR forwarding

This post describes how to setup a simple Linux Virtual Server (LVS) using a director with Fedora 15 and direct routing (LVS-DR) as forwarding method. Setting up a LVS helps you to distribute the traffic of your website to various servers. This process is called load balancing. The instructions are based on the LVS-mini-HOWTO where further information can be found.
The purpose of this exercise is to distribute the traffic of a website between two (or more) servers which host a copy website. Furthermore persistent connections are required which means that a client is always redirected to the same server for a defined interval of time. For debugging as telnet (port 23) as http (port 80) are load balanced in this setup since testing for telnet is way more easier.


What do I need?

For realizing and testing this setup you need at least 3 nodes:

(1) A client to address the LVS
(2) A node the redirects the requests (director) and operates a real server at the same time
(3) A node that only works as a real server

Each node needs one network interface card (NIC).

You can add an arbitrary number of additional real servers to the setup to increase performance. The director and real server should have installed at least Fedora 15, for the client the operating system does not matter. The three nodes are located in the same network.

In our example the director has the IP address 192.168.1.12, the real server 192.168.1.10. Both will share the virtual IP address 192.168.1.110 under which the LVS will be reachable.

Preparations for node (2), the director:
Some steps have to be done manually, the rest of the configuration can be done by the configuration script.

Fedora 15 already brings the required kernel ip_vs modules therefore it is not necessary to patch the kernel.

In a first step we install the tool ipvsadm which we use and monitor to configure and the LVS.

yum install ipvsadm

Now we have to add the following lines to the file /etc/sysctl.conf:

# Controls IP packet forwarding
net.ipv4.ip_forward = 0

# Controls source route verification
net.ipv4.conf.default.rp_filter = 0

# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0

and afterwards run

sysctl -p

to update the kernel parameters.

The configuration script:

Replace “p5p1″ by the name of your NIC (often eth0) before running the configuration script:

#!/bin/bash
#---------------mini-rc.lvs_dr-director------------------------
#set ip_forward OFF for lvs-dr director (1 on, 0 off)
#(there is no forwarding in the conventional sense for LVS-DR)

#add ethernet device and routing for VIP 192.168.1.110
/sbin/ifconfig p5p1:110 192.168.1.110 broadcast 192.168.1.110 netmask 255.255.255.255
/sbin/route add -host 192.168.1.110 dev p5p1:110
#listing ifconfig info for VIP 192.168.1.110
/sbin/ifconfig p5p1:110

#check VIP 192.168.1.110 is reachable from self (director)
/bin/ping -c 1 192.168.1.110
#listing routing info for VIP 192.168.1.110
/bin/netstat -rn

#setup_ipvsadm_table
#clear ipvsadm table
/sbin/ipvsadm -C
#installing LVS services with ipvsadm
#add telnet to VIP with round robin scheduling
/sbin/ipvsadm -A -t 192.168.1.110:telnet -s rr
/sbin/ipvsadm -A -t 192.168.1.110:http -s rr
# persistent connection deactivated for it is difficult to debug
#/sbin/ipvsadm -A -t 192.168.1.110:http -s rr -p 600

#forward telnet and http to realserver using direct routing with weight 1
/sbin/ipvsadm -a -t 192.168.1.110:telnet -r 192.168.1.10 -g -w 1
/sbin/ipvsadm -a -t 192.168.1.110:http -r 192.168.1.10 -g -w 1
#check realserver reachable from director
ping -c 1 192.168.1.10

#forward telnet and http to the director itself using direct routing with weight 1
/sbin/ipvsadm -a -t 192.168.1.110:telnet -r 192.168.1.12 -g -w 1
/sbin/ipvsadm -a -t 192.168.1.110:http -r 192.168.1.12 -g -w 1
#check realserver reachable from director
ping -c 1 192.168.1.12

#displaying ipvsadm settings
/sbin/ipvsadm

In case you need persistent connections use the commented line in the script for that.

Preparations for node (3), the real servers:

Before running the configuration script you have also to modify the /etc/sysctl.conf at the real server. It has to contain the following lines. “p2p1″ has to be the name of the NIC (e.g. eth0).


net.ipv4.conf.p2p1.arp_ignore = 1
net.ipv4.conf.p2p1.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2

# Controls IP packet forwarding
net.ipv4.ip_forward = 0

run

sysctl -p

The standard gateway for the real servers can be any IP (eg. the client or a DSL router) in your network apart from that of the director. Change “p2p1″ to the name the NIC of your real server.

The configuration script:


#!/bin/bash
#----------mini-rc.lvs_dr-realserver------------------
#installing default gw 192.168.1.1 for vs-dr
/sbin/route add default gw 192.168.1.1
#showing routing table
/bin/netstat -rn
#checking if DEFAULT_GW 192.168.1.1 is reachable
ping -c 1 192.168.1.1

#looking for DIP 192.168.1.12
ping -c 1 192.168.1.12

#looking for VIP (will be on director)
ping -c 1 192.168.1.110

#install_realserver_vip
/sbin/ifconfig lo:110 192.168.1.110 broadcast 192.168.1.110 netmask 0xffffffff up
#ifconfig output
/sbin/ifconfig lo:110
#installing route for VIP 192.168.1.110 on device lo:110
/sbin/route add -host 192.168.1.110 dev lo:110
#listing routing info for VIP 192.168.1.110
/bin/netstat -rn

Thats it! You can try to connect to your LVS now from the client by typing

telnet 192.168.1.110

The requests should be processed by the director and by the real server rotatory. You can check this by typing

/sbin/ipvsadm 

at the director. In the output you should see “Active Connections” for both nodes. If that works you can try to connect via http e.g. by typing 192.168.1.110 in your web browser.

If you want to reach your LVS from the internet you can setup IP forwarding from the relevant ports in your DSL router. The ports have to be forwarded to the virtual IP 192.168.1.110. Deactivate all firewalls for testing!