The Squid is a good proxy server. Its configuration is very simple. Please use the following procedures.
1) Most of the standard distributions have squid packages in its repository. If you are using fedora, RHEL or centos please do the following procedurea
# yum install squid -y
If your in debian or Ubundu please use the following,
# apt-get install squid
2) Now open the squid configuration file “squid.conf” . In general it will be in /etc/squid/squid.conf . Now modify/ add the following lines.
visible_hostname machine-name
http_port 3128
cache_dir ufs /var/spool/squid 1000 16 256
access_log /var/log/squid/access.log squid
3) Now add the following in the acl section.
acl our_networks src xxx.xxx.xxx.xxx/xx
http_access allow our_networks
Here the xxx.xxx.xxx.xxx/xx is your local IP /netmask
4) Now start the squid server
# /etc/rc.d/init.d/squid start
5) Now configure your web browser as follows. ( It is my firefox configuration )
Go to Preferences -> connection settings -> manual Proxy configurations
Now configure your proxy server IP and port ( 3128)
Now click Ok.
This is the most simplest proxy server configurations over network.
Sunday, January 31, 2010
Saturday, January 30, 2010
What is the difference between "su -" and "su" ?
The main difference between su - and su is that the former makes the shell a login shell. This is very important especially if the user is going to su from a regular user account to a root (superuser) account. Normal users do not usually have /sbin/ and /usr/sbin/ in their search path. Therefore if a normal user wants to execute the command ifconfig, for example, after doing su, he usually gets the error message:
bash: ifconfig: command not found
With su -, on the other hand, root's .bashrc and .bash_profile and other special environment settings get sourced and this puts the sbin directories into the search path. Below is a sample session:
[testuser@localhost ~]$ su
Password:
[root@localhost testuser]# echo $PATH
/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin:/home/testuser/bin
[root@localhost testuser]# ifconfig
bash: ifconfig: command not found
[root@localhost testuser]# exit
exit
[testuser@localhost ~]$ su -
Password:
[root@localhost ~]# echo $PATH
/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin
[root@localhost ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:A0:CC:39:75:41
inet addr:192.168.44.146 Bcast:172.16.45.255 Mask:255.255.254.0
inet6 addr: fe80::2a0:ccff:fe39:7541/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:21619559 errors:1 dropped:0 overruns:0 frame:87
TX packets:21190195 errors:4 dropped:0 overruns:4 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1509569968 (1.4 GiB) TX bytes:2280347397 (2.1 GiB)
Interrupt:177 Base address:0x6800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:6159 errors:0 dropped:0 overruns:0 frame:0
TX packets:6159 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3784618 (3.6 MiB) TX bytes:3784618 (3.6 MiB)
bash: ifconfig: command not found
With su -, on the other hand, root's .bashrc and .bash_profile and other special environment settings get sourced and this puts the sbin directories into the search path. Below is a sample session:
[testuser@localhost ~]$ su
Password:
[root@localhost testuser]# echo $PATH
/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin:/home/testuser/bin
[root@localhost testuser]# ifconfig
bash: ifconfig: command not found
[root@localhost testuser]# exit
exit
[testuser@localhost ~]$ su -
Password:
[root@localhost ~]# echo $PATH
/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin
[root@localhost ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:A0:CC:39:75:41
inet addr:192.168.44.146 Bcast:172.16.45.255 Mask:255.255.254.0
inet6 addr: fe80::2a0:ccff:fe39:7541/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:21619559 errors:1 dropped:0 overruns:0 frame:87
TX packets:21190195 errors:4 dropped:0 overruns:4 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1509569968 (1.4 GiB) TX bytes:2280347397 (2.1 GiB)
Interrupt:177 Base address:0x6800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:6159 errors:0 dropped:0 overruns:0 frame:0
TX packets:6159 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3784618 (3.6 MiB) TX bytes:3784618 (3.6 MiB)
Change hostname in Linux without rebooting server
Change hostname in Linux without rebooting server
First you need to find out your hostname, you can do this with
$ hostname
localhost.localdomain
$
Edit /etc/hosts
You need to edit /etc/hosts and add a line for your host name
$ cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
$
My new server IP is 192.168.1.1, i need to assign it hostname fedora.redhat.com, to do this, i have edited /etc/hosts as follows.
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
192.168.1.1 fedora.redhat.com fedora
Edit /etc/sysconfig/network
First lets see what is in the file
$ cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=localhost.localdomain
$
To change servers hostname to fedora.redhat.com, change the file as follows.
$ cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=fedora.redhat.com
$
$/bin/hostname fedora.redhat.com
$service syslog restart
after you can logout and login back
First you need to find out your hostname, you can do this with
$ hostname
localhost.localdomain
$
Edit /etc/hosts
You need to edit /etc/hosts and add a line for your host name
$ cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
$
My new server IP is 192.168.1.1, i need to assign it hostname fedora.redhat.com, to do this, i have edited /etc/hosts as follows.
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
192.168.1.1 fedora.redhat.com fedora
Edit /etc/sysconfig/network
First lets see what is in the file
$ cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=localhost.localdomain
$
To change servers hostname to fedora.redhat.com, change the file as follows.
$ cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=fedora.redhat.com
$
$/bin/hostname fedora.redhat.com
$service syslog restart
after you can logout and login back
Saturday, January 23, 2010
RedHat/CentOS Cluster HP ilo
1. root#mkqdisk -c /dev/sda1 -l qdisk_rac
2. root#chkconfig --level 345 qdiskd on
3. root#service qdiskd start
4. root#system-config-cluster
5. Cluster Name : apache-cluster and selected quorum disk with following options
Interval = 1
TKO = 10
votes =1
Minimum score = 3
Device = /dev/sda1
Label = qdisk_rac
6. Quorum Disk Heuristic
Program = ping -c 2 10.10.10.1
Score =1
Interval = 2
7. Add new node to cluster
Node Name = node1.example.com
Quorum votes = 1
Node Name = node2.example.com
Quorum votes = 1
8. New Fence Device
HP ILO Device
Name = ILOGB89xxxxxx
user = manage
password = manage
Hostname = 10.10.10.100
HP ILO Device
Name = ILOGB88xxxxxx
user = manage
password = manage
Hostname = 10.10.10.101
9. selected Node1 and "Manage fencing for this node"
Add New Fencing level -> Add Fencing to this Level. selected ILOGB89xxxxxx
10. selected Node2 and "Manage fencing for this node"
Add New Fencing level -> Add Fencing to this Level. selected ILOGB88xxxxxx
11. Created failover domains "failover-cluster" and selected
"node1.example.com and node2.example.com" from menu, and selected
"
"Restrict to this Failover Domain"
12. Create Resource
New Resource = Apache Server
Name = Apache HTTP Server service
Server Root = /etc/httpd
Config File = /etc/httpd/conf/httpd.conf
httpd options = /etc/rc.d/init.d/httpd
13. Create a new Resource "File system"
Name = httpd-content
File System type = ext3
Mount point = /var/www/html
device = /dev/sdb1
14. Create a new Resource "IP "
10.10.10.200
15. Create a New Service "Web-Service"
Failover Domain = failover-cluster
And selected "Add shared resource to this service"
A. Apache HTTP Server Service
B. Httpd-Content
C. IP Address (10.10.10.200)
16
#[node1@node1]scp /etc/cluster/cluster.conf node2:/etc/cluster/cluster.conf
17
#md5sum /etc/clsuter/cluster.conf
541b1dc67392b18aad7e1df3612a6afe cluster.conf (both node )
on both node
18
#service cman start
#service rgmanager start
19
#chkconfig cman on
#chkconfig rgmanager on
20
# fence_ilo -a 10.163.16.31 -l Administrator -p password -o status -v
# fence_ilo -a 10.163.16.31 -l Administrator -p password -o reboot -v
Tuesday, January 5, 2010
FTP server
[1] Build FTP server to transfer files. Install and configure vsftpd for it.
[rajat@rajat ~]#
yum -y install vsftpd
Loading mirror speeds from cached hostfile
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for vsftpd to pack into transaction set.
vsftpd-2.0.5-10.el5.i386. 100% |========================| 16 kB 00:00
---> Package vsftpd.i386 0:2.0.5-10.el5 set to be updated
--> Running transaction check
Dependencies Resolved
===========================================================
Package
Arch
Version
Repository
Size
===========================================================
Installing:
vsftpd
i386
2.0.5-10.el5
base
137 k
Transaction Summary
===========================================================
Install
1 Package(s)
Update
0 Package(s)
Remove
0 Package(s)
Total download size: 137 k
Downloading Packages:
(1/1): vsftpd-2.0.5-10.el
100% |====================| 137 k 00:00
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: vsftpd
#################################### [1/1]
Installed: vsftpd.i386 0:2.0.5-10.el5
Complete!
[rajat@rajat ~]#
vi /etc/vsftpd/vsftpd.conf
anonymous_enable=
NO
// line 12: no anonymous
ascii_upload_enable=YES
// line 79: make valid
ascii_download_enable=YES
(permit ascii mode transfer)
chroot_list_enable=YES
// line 94: make valid
(enable chroot list)
chroot_list_file=/etc/vsftpd/chroot_list
// line 96: make valid
(chroot list file)
ls_recurse_enable=YES
// line 102: make valid
chroot_local_user=YES
// bottom: enable chroot
local_root=public_html
// root directory
use_localtime=YES
// use local time
[root@www ~]#
vi /etc/vsftpd/chroot_list
fedora
// write users you permit
[root@www ~]#
/etc/rc.d/init.d/vsftpd start
Starting vsftpd for vsftpd:
[ OK ]
[rajat@rajat ~]#
yum -y install vsftpd
Loading mirror speeds from cached hostfile
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for vsftpd to pack into transaction set.
vsftpd-2.0.5-10.el5.i386. 100% |========================| 16 kB 00:00
---> Package vsftpd.i386 0:2.0.5-10.el5 set to be updated
--> Running transaction check
Dependencies Resolved
===========================================================
Package
Arch
Version
Repository
Size
===========================================================
Installing:
vsftpd
i386
2.0.5-10.el5
base
137 k
Transaction Summary
===========================================================
Install
1 Package(s)
Update
0 Package(s)
Remove
0 Package(s)
Total download size: 137 k
Downloading Packages:
(1/1): vsftpd-2.0.5-10.el
100% |====================| 137 k 00:00
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: vsftpd
#################################### [1/1]
Installed: vsftpd.i386 0:2.0.5-10.el5
Complete!
[rajat@rajat ~]#
vi /etc/vsftpd/vsftpd.conf
anonymous_enable=
NO
// line 12: no anonymous
ascii_upload_enable=YES
// line 79: make valid
ascii_download_enable=YES
(permit ascii mode transfer)
chroot_list_enable=YES
// line 94: make valid
(enable chroot list)
chroot_list_file=/etc/vsftpd/chroot_list
// line 96: make valid
(chroot list file)
ls_recurse_enable=YES
// line 102: make valid
chroot_local_user=YES
// bottom: enable chroot
local_root=public_html
// root directory
use_localtime=YES
// use local time
[root@www ~]#
vi /etc/vsftpd/chroot_list
fedora
// write users you permit
[root@www ~]#
/etc/rc.d/init.d/vsftpd start
Starting vsftpd for vsftpd:
[ OK ]
Subscribe to:
Posts (Atom)