General Informations Online Notebook

# Generated by iptables-save v1.4.12 on Wed Dec  7 20:10:49 2011 *filter :INPUT DROP [45:2307] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1571:4260654] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m tcp -s 1xx.xx.xx.xx --dport 22 -j ACCEPT COMMIT # Completed on Wed Dec  7 20:10:49 2011

after installing cacti on a virtual host you need to add cronjab to run the poller */5 * * * * cacti2 /usr/bin/php /home/cacti2/public_html/poller.php > /dev/null 2>&1

nano /etc/mailman/mm_cfg.py #------------------------------------------------------------- # Default domain for email addresses of newly created MLs DEFAULT_EMAIL_HOST = 'venus.domain.com' #------------------------------------------------------------- # Default host for web interface of newly created MLs DEFAULT_URL_HOST   = 'venus.domain.com' #------------------------------------------------------------- newlist mailman

[root@db ~]# service mysqld start Another MySQL daemon already running with the same unix socket. Starting mysqld:                                           [FAILED] [root@db ~]# mv /var/lib/mysql/mysql.sock /var/lib/mysql/mysql.sock.bak [root@db ~]# service mysqld start Starting mysqld:                                           [  OK  ] [root@db ~]#

Ip Addresses https://drive.google.com/file/d/0B0IzjeEFe2_bSVM1SXZ6X0F6QmM/edit?usp=sharing

slow response on linux centos dual home nic on a load balancer down stream smtp solution is echo 2 > /proc/sys/net/ipv4/conf/eth0/rp_filter echo 2 > /proc/sys/net/ipv4/conf/eth1/rp_filter echo 2 > /proc/sys/net/ipv4/conf/eth2/rp_filter also modify /etc/sysctl.conf # Controls source route verification (previously 1) net.ipv4.conf.default.rp_filter = 2  source: https://www.centos.org/forums/viewtopic.php?t=7775

http://serverfault.com/questions/583372/postfix-transport-relay-access-denied/583438?noredirect=1#583438 virtual_mailbox_maps=/etc/postfix/virtual_mailbox_maps.txt ------------------------------------------------------- for clamd and amavis as scanner, if there is a clamav permission error add both clamd to amavis group or vice verse also check permission try 755

Task : to email old users that they have exceeded 100m disk space The problem is that the folder where the user is deep inside 2 folders so "du" is used. tr is used to remove characters cut to get the coloumn http://stackoverflow.com/questions/11049748/how-to-cut-multiple-columns-from-several-files-and-print-the-ouput-to-different   cd /backup/home/virtual du -m --max-depth=2  | tr './' ' ' | cut -d' '  -f 1,4 | while read space user do    if [ $space -gt 100 ]                     then         mail -s "Your account is using over 100MB Disk Space" $user <<MAIL  $user: You are now using $space MB in your home directory. The only total amount of diskspace allowed is 100 MB. MAIL  fi done

Varnish web application accelerator homepage: https://www.varnish-cache.org Install the Varnish YUM Repository # rpm -Uvh http://repo.varnish-cache.org/redhat/varnish-3.0/el5/noarch/varnish-release-3.0-1.noarch.rpm Install Varnish web accelerator # yum install varnish Enable Varnish web accelerator at startup # chkconfig varnish on Basic default.vcl # vi /etc/varnish/default.vcl 1 2 3 4 5 6 7 8 9 10 # This is a basic VCL configuration file for varnish. See the vcl(7) # man page for details on VCL syntax and semantics. # # Default backend definition. Set this to point to your content # server. # backend default { .host = "127.0.0.1"; .port = "80"; } Start Varnish web accelerator # service varnish start You will now have a basic Varnish web accelerator running on port 8080 Top 5 Varnish commands varnishstat Provides all the info you need to spot cache misses and errors. varnishhist Provides a histogram view of cache hits/m

 Centos 4 and dovecot 1 fail2ban from: http://www.webstershome.co.uk/content/fail2ban-block-unwanted-attacks Create the filter file "/etc/fail2ban/filter.d/dovecot-pop3imap.conf" and add [Definition] failregex = (?: dovecot: pop3-login|imap-login): (?:Authentication failure|Aborted login \(auth failed|Aborted login).*rip=(<HOST>),.* ignoreregex = note: the failregex may need changing to suit your system. now add the following to "/etc/fail2ban/jail.conf" [dovecot-pop3imap] enabled = true filter = dovecot-pop3imap action = iptables-multiport[name=dovecot-pop3imap, port="110,143,995,993,25,465,587"] sendmail-whois[name=dovecot-pop3imap, dest=root, sender=fail2ban@server.com] logpath = /var/log/maillog maxretry = 5 findtime = 600 bantime = 3600