To know Fedora release from Command line

Here is command to know which fedora version i m using

$ cat /etc/fedora-release


Apache and DNS Behind the NATED firewall

This is what i did to setup Apache and DNS behind the NATED Server/ Router

 

Linux Box as Router

Author: Varinder Singh [varin312@gmail.com] January 13, 2010

 

Hardware Modification

 

Installed one more Network card. (One is already onboard in the system)

 

Eth0- Internet (DSL Modem) (Network 192.168.2.0)

Eth1-> Internal Network (Network 172.16.0.0)

 

Software configuration

 

By default the NICs are controlled by NetworkManager service. NetworkManger service only effective while the user logged in through GUI. And for Linux router I wont prefer to login via GUI or even GUI installed. So we have to stop the NetworkManager service and start the “network” service. Below are the command to do that

 

#service NetworkManager stop

#chkconfig NetworkManager off

 

#service network start

#chkconfig network on

 

Editing the configuration files for NICs

 

Now we have to configure the NIC. I find two ways to do that

 

  1. Via GUI. System->
  2. Manually edit the files /etc/sysconfig/network-scripts/ifgcfg-ethx for NICs

 

I preferred the first option via GUI (I am thinking I will remove the GUI after everything is fine)

 

After editing the configuration files for NICs

 

#service network restart

 

Make IP forwarding ON

 

Open the file /etc/sysctl.conf and change the value of net.ip_forwarding peramteres to 1 from 0. It will looks like given below

 

Ip_forward = 1

 

Run the following command to make changes in kernel for IP farwarding

#sysctl –p

 

To do packet forwarding we have to activate NATing

 

#iptables –t nat –A POSTROUTING –o eth0 –j MASQUERADE


#iptables –append FORWARD –in-interface eth1 -j ACCEPT

 

#service iptables save

 

 

 

 

 

Client Side testing

 

ON THE CLIENT (internal Network Machine) I did the following

 

#service NetworkManager stop

#service network start

 

Configure the NIC on Client with IP 172.16.0.2

 

#ifconfig eth0 172.16.0.2/16

 

 

 

Configure the DHCP server on the router

 

#yum install dhcp

 

#vim /etc/dhcpd.conf

 

#

# DHCP Server Configuration file.

# see /usr/share/doc/dhcp*/dhcpd.conf.sample

# see ‘man 5 dhcpd.conf’

#

 

ddns-update-style interim;

ignore client-updates;

 

 

subnet 172.16.0.0 netmask 255.255.0.0 {

option routers 172.16.0.1;

option subnet-mask 255.255.0.0;

option domain-name “meapay.com”;

option broadcast-address 172.16.255.255;

option domain-name-servers 172.16.0.100, 192.168.2.1;

range dynamic-bootp 172.16.0.2 172.16.0.200;

default-lease-time 86400;

max-lease-time 172800;

}

subnet 192.168.2.0 netmask 255.255.255.0 {

}

 

host ns{

hardware ethernet 00:13:D3:FB:66:90;

fixed-address 172.16.0.100;

}

 

 

 

 

Home Wireless router settings

 

  1. Disable DHCP in the settings of your Router.
  2. Change IP of that as according to your Network.

     

 

 

 

DNS server setup

 

#vim /etc/named.conf

 

 

//

// named.conf

//

// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS

// server as a caching only nameserver (as a localhost DNS resolver only).

//

// See /usr/share/doc/bind*/sample/ for example named configuration files.

//

 

options {

listen-on port 53 { any; }; //changed from 127.0.0.1 to any

listen-on-v6 port 53 { ::1; };

directory “/var/named”;

dump-file “/var/named/data/cache_dump.db”;

statistics-file “/var/named/data/named_stats.txt”;

memstatistics-file “/var/named/data/named_mem_stats.txt”;

allow-query { any; }; //changed to any

recursion yes;

dnssec-enable yes;

dnssec-validation yes;

dnssec-lookaside . trust-anchor dlv.isc.org.;

};

 

logging {

channel default_debug {

file “data/named.run”;

severity dynamic;

};

};

 

zone “.” IN {

type hint;

file “named.ca”;

};

 

include “/etc/named.rfc1912.zones”;

 

zone “meapay.com” IN { //declaration of forward and reverse zone files

type master;

file “meapay.db”;

};

zone “0.16.172.in-addr.arpa” IN {

type master;

file “172.16.0.db”;

};

 

include “/etc/pki/dnssec-keys//named.dnssec.keys”;

include “/etc/pki/dnssec-keys//dlv/dlv.isc.org.conf”;

 

 

 

#vim /etc/named/meapay.db

 

$TTL 1D

@ IN SOA ns.meapay.com. root.ns.meapay.com. (

1 ;serial

1D ;refresh

1H ;retry

1W ;expire

3H ) ;minimum

 

NS ns.meapay.com.

ns.meapay.com. A 172.16.0.100

 

 

 

#vim /etc/named/172.16.0.db

 

$TTL 1D

@ IN SOA ns.meapay.com. root.meapay.com. (

0 ;serial

1D ;refresh

1H ;retry

1W ;expire

3H ) ;minimum

 

NS ns.meapay.com.

172.16.0.100 PTR ns.meapay.com.

;192.168.122.88 PTR station88.meapay.com.

;192.168.122.99 PTR station99.meapay.com.

;192.168.122.1 PTR station11.meapay.com.

 

 

#iptables -I INPUT -m state –state NEW -m tcp -p tcp –dport 53 -j ACCEPT

#iptables -I INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT
#service iptables save
 

Athour Varinder Singh, Harpinder Singh (Waked up)

Date March 27, 2010 (3:25 AM )

 

 

Port Forwarding on Linux Firewall (Router) for Apache

 

 

DNAT the Packets destined for port 80 at router to be forwarded to Apache at port 8080

 

iptables -t nat -A PREROUTING -p tcp -i eth0 -d xx.xx.xx.xx(Real IP of my Router by ISP) –dport 80 –sport 1024:65535 -j DNAT –to 172.16.0.100:8080

 

After DNAT Forwarded Packets to Apache must be allowed by the firewall

 

 

iptables -A FORWARD -p tcp -i eth0 -o eth1 -d 172.16.0.100 –dport 8080 –sport 1024:65535 -m state –state NEW -j ACCEPT

 

iptables -A FORWARD -t filter -o eth0 -m state –state NEW,ESTABLISHED,RELATED -j ACCEPT

 

iptables -A FORWARD -t filter -i eth0 -m state –state ESTABLISHED,RELATED -j ACCEPT

 

 

There is lot of room to improve it. Please comment if you find errors. I will try to correct

 

Reference: http://www.Linuxhomenetworking.com

                                                                                                                                                                                               

Understanding Load Average, ‘top’ Command

Load Average is caused by two things

1. Cpu it self is busy/overloaded  in processing things

2. Processes  (typically called Blocking process) in run queue, waiting for I/O

Andy Miller nicely  explained with screen shots to find what cause the high load average.

Here is Screen shot from ‘Top’ command

The third line from top need due concern i.e. Cpu(s)

If the first two figures %us and %sy are near to 90% then Cpu is overloaded and needs to be upgrade.

If the 5th figure in same line %wa is shows high numbers means there are some jobs in run queue waiting for I/O (may be trying to read data from mounting disk). Then look for that.

To diagnose which process causing this just run a command

ps faux

and look ‘D’ under 8th column STAT one. There may be lots of R and S as well.

D —> Waiting for either (CPU, Disk I/O, Network I/O)

R —-> Running

S —–> Sleeping

I use the command

ps axo stat,pid | grep D

to find the process with stat D

Here is link where i learned all that

http://www.andymillar.co.uk/blog/2006/12/24/linux-load-average-explained/

Thanks to Mr. Andy Millar.

No more fear of ‘top’ Command.Have fun!


Memory used as Cache [Ubuntu]

Its amazing article. Still my memory monitor shows 63% in use by programs , 34% in use as cache. I feel comfortable.

http://embraceubuntu.com/2005/10/07/memory-swap-management/

Clear understanding of Memory used as Cache


ਤੂੰ ਫੇਰ ਕਹੀਂ ਸੱਜਣਾ, ਜੇ ਤੇਰੀ ਮੋੜਾਂਗੇ

ਗਾਣਾ ਇਕੱਲੇ ਬਹਿਕੇ ਸੁਨਣਾ ਜਰਾ

ਦੱਸ  ਤੈਥੋਂ ਕੀ ਓਹਲਾ ਤੈਥੋਂ ਕਾਹਦਾ ਪਰਦਾ ਵੇ
ਤੈਨੂੰ ਪਤਾ ਏ ਬਿਨ ਤੇਰੇ ਸਾਡਾ ਪਲ ਨਹੀਂਓ ਸਰਦਾ ਵੇ

ਹੁਣ ਇਹਦੇ ਵਿਚ ਦੱਸ ਕੀ, ਭਲ਼ਾ ਹੇਰਾਫ਼ੇਰੀ ਏ

ਵਾਹ ਬਾਈ  ਗੁਰਬਖ਼ਸ  ਸਿੰਘ ਜੀ, ਇਸ ਤੋਂ ਪਰੇ ਸਭ ਖ਼ਤਮ ਹੋ ਜਾਂਦਾ 


ਅਸੀਂ ਕੁਝ ਨਹੀਂ ਕਹਿਣਾ ਵੇ, ਬਸ ਮਰਜੀ ਤੇਰੀ ਏ


Linux pipe and tee with who

Digging in to shell. What i find is may be useful for you guys.

1. Redirection (>) routes the output to the files while pipes ( | ) routes the outputs to other program. But tee command do the both

Problem what i was trying to solve.

Reference: Unix Shell Programming by Yashawant Kanetkar

Output of who Command should be sorted and displayed on the screen along with the total number of users. The same output except the total number of users should also be sorted in file file1

The Answer is :

who | sort | tee /dev/pts/0 file1 | wc -l

/dev/pts/0 is my current tty

May be helpful for you.

Have Fun!



How to move ‘Signature’ Block In Gmail

My signature block was shown at very bottom, when i  am replying an email message in Gmail Account. So i have to write my name/signature every time while replying back. And on the other hand my signatures show at the very bottom of all the replies and emails i have sent in past. It was annoying and looks unprofessional. I find the way. Here are the steps may be helpful for you.

1. Login to Gmail account

2. Click on “Settings”

3. Click  ‘Labs’ options

4. Choose ‘Enable’ Under the ‘Signature tweak’ option

5. Finally save Changes

Its done. Just try it . Its Awesome!

Have fun!