Love-Linux

Friday, February 24, 2012

CentOS: Install Packages Via yum Command Using DVD / CD / ISO as Repo

How to install packages from CD/DVD/ISO using yum command under CentOs5/RHEL5

Step 1# create directory mount cd

we can mount iso using following command
# mount -t iso9660 centos.iso /media/cdrom

Step 2# edit "/etc/yum.repos.d/CentOS-Media.repo" file and make following changes

Step 3# move Base repo to other location
# mv /etc/yum.repos.d/CentOS-Base.repo /root/

Step 4# now we can install from yum
# yum install screen -y

Friday, January 20, 2012

Send email from bash script

# script to send simple email
# email subject
SUBJECT="Testing"
# Email To ?
TO=(loginrahul90@gmail.com usafesquid@gmail.com unnieez@gmail.com dattatrayjagadale@gmail.com)
# Dear ?(NAME)
NAME=(Rahul Unni unni Datta)

# Email text/message
# send an email using /bin/mail

tolength=${#TO[@]}
for ((i=0; i < $tolength ; i++))
do

tolength1=${#NAME[@]}
for ((i=0; i < $tolength1 ; i++))

do
mail -s "$SUBJECT" "${TO[i]}" <<_EOF

`echo Dear "${NAME[i]}",`

Massage here bla bla bla

Thanks & Regards,
XYZ

_EOF

done
done
exit 0

Tuesday, January 10, 2012

Transparent proxy on Windows

Requirement

* Internal DNS server [ we can use router IP (192.168.1.1) ]
* Bandwidth Manager
* Enabling TCP/IP Forwarding (Restart machine after enabling routing )

Step 1# Install Softperfect Bandwidth Manager

Step 2# Create a Port Map, here you should define the SafeSquid’s port on your server. Go to “Tools > Port Mapping”

Step 3# Click on New button to create a new mapping, fill like the example below

Step 4# After you create a port map, you need to create a new rule to redirect all HTTP request to remote server port 80 to port 8080. Click on “Rules > Add Rule”. On General tab fill the fields with these values:
Direction: Both
Transfer Rate Limit: Unlimited
Protocol: TCP
Apply Rule on Interface: LAN

Important! You must select the interface (Network Card) that is connected to your Local Network (the one that connect the server to other client computers, and NOT the one connected to the modem, etc.)
* IP Address of the server should not be within the range of these

Step 5# On Source tab set the values to these:
Source Address: Whole IP Address, and insert the IP ranges of your clients PC
Source Port: Any

Step 6# On Destination tab set the values to these:
Destination Address: Any IP Address
Destination Port: Port List and then Add these ports: 80 (HTTP)
You cannot redirect port 443

"Long answer: SSL is specifically designed to prevent "man in the middle" attacks,
and setting up safesquid in such a way would be the same as such a "man in the middle" attack.
You might be able to successfully achive this, but not without breaking the encryption and certification that is the point behind SSL".

Step 7# On Advanced tab look for “Additional Processing”, give check on “Process through the following mapping” and select the port mapping you created before and click OK.

Done, now all requests to port 80 will be redirected to SafeSquid. To check whether the transparent proxy works or not you can visit http://whatismyipaddress.com/ and it should say “Proxy Server Detected!”
OR
we can check also proxy logs

Client side settings/troubleshooting

* First check nslookup for any domain
* In client machine the Gateway ip should be Proxy Server IP

Sunday, January 8, 2012

Caching Name Server

Installing and configuring caching nameserver (named) on Linux (Centos5)

Advantage: Reduces the delay in domain name resolution drastically as the requests for frequently accessed websites are served from cache. Google for cache nameserver to learn more.

Installing caching-nameserver:

# yum install bind bind-utils caching-nameserver -y

Configuring caching-nameserver:

The main configuration file reside in /etc/named.conf

You can find configuration file by using the command

# rpm -qc bind

Not much need to be changed in this file, however if you want to cascade your ISP DNS servers as forwarder, then edit the named.conf and add forwarder directive under the 'options' section.

options {
        listen-on port 53 { 127.0.0.1; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { localhost; };
        recursion yes; // This option for enable caching
        max-cache-size 10m; //cache size of 10MB for dns
        cleaning-interval 15; // clean the cache every 15 min
    // Replace the IPs with the DNS of your ISP
   forwarders {
    192.168.0.240;
    8.8.8.8;};
};

Starting caching-nameserver:

# service named start

Or

# /etc/init.d/named start

To make named start every time you reboot your machine

# chkconfig --level 35 named on

Or

# setup

Go to "System services" and check named

Using caching-nameserver:

To use your caching-nameserver, add the following line to /etc/resolv.conf

nameserver 127.0.0.1

Now your system will use your own nameserver (in caching mode) for resolving all domain names

$ dig safesquid.com
Query time: 8 msec

First time the response time will be little high, next time the DNS query response will be served from local cache and will takes very little time

$ dig safesquid.com
$ Query time: 0 msec

Saturday, January 7, 2012

Mount windows share in Linux

Both the K desktop environment (KDE), and the GNOME desktop allow you to explore remote Samba shares, or Microsoft windows shares. However there are times when you cannot use these - for example if you wished to backup a remote machine from a shell script.
For these jobs the Samba File System kernel module, and tools, are a much better fit.
To mount a remote system directly upon your current system you'll need:

The cifs kernel module
The smba-client package
A mountpoint - this is just an empty directory.
The Name/IP address of the host to connect to.
Login credentials to the remote share - both username and password.
Local root privileges to do the mount, and load the kernel module.

First check samba-client is install or not

Install modules through following commands

Create mount point and mount

Auto-mount through /etc/fstab

create credentials file

specifies a file that contains a username and/or password. The format of the file is:
username=value
password=value

fstab entry:

//192.168.0.13/test-logs /win-share cifs credentials=/root/passwdfile 0 0

Thursday, January 5, 2012

Create bunch of users from text file

This tutorial is about a bash script to add users from text file
Scenario. one of my client provide me list of proxy users with password . its around 600 users. i was exited with this new challenge. I tried to create users from text file.while struggling with that i found "newusers" command to add users from text file.
example.
# echo "user1:password:1001:513:Student Account:/home/user1:/bin/false" > users.txt ; newusers users.txt

for 600 users it would be a difficult task to create like this.

then i got an idea from this command . i have prepare a bash script which takes users,passwords and gcos(comments) from text file and create users.

1. Log in to the Linux box as root and create  usersadd.sh and paste following lines from "Start-Of-Script" to "END-OF-SCRIPT"

########Start-Of-Script##########

#!/bin/bash
# Build on Mon Jan  2 20:21:50 IST 2012
# Purpose add users/passwd from text file
# Author Rahul Patil


# To set variable from arguments 

THE_SCRIPT=`readlink -f $0`
THE_USER=`readlink -f $2 2>/dev/null`
THE_PASS=`readlink -f $4 2>/dev/null`
THE_GC=`readlink -f $6 2>/dev/null`
NEWUSER=`which newusers`
MV=`which mv`


SHOW_HELP () 
{
cat <<_EOF
This Script help you to add users from text file
Usage:  
        $THE_SCRIPT -u users.txt -l passwd.txt -g gcos.txt # gcos means users comments
_EOF
}

ADD_U ()
{
cat $THE_PASS | paste -d":"  $THE_USER  - | sed -e 's/$/::/' - | paste -d":" - $THE_GC | sed -e 's/$/::\/bin\/false/'  >> /tmp/adduser.txt

$NEWUSER /tmp/adduser.txt
$MV /tmp/adduser.txt /tmp/adduser-`date +%F`.txt

}


MAIN ()
{
case $1 in 

    -u)
      ADD_U
    ;;
    -l) 
      SHOW_HELP
    ;;
        --help|-h)
      SHOW_HELP
    ;;
    *)
    SHOW_HELP
    ;;
esac
}
MAIN $* 2>/dev/null

##################END-OF-SCRIPT############

2. set execute permission to script "chmod +x usersadd.sh"

3. create users.txt, passwd.txt and gcos.txt

example of above file.

[root@localhost ~]# cat users.txt
user1
user2
user3
user4


[root@localhost ~]# cat passwd.txt
passwd123
passwd123
passwd123
passwd123

[root@localhost ~]# cat gcos.txt
Xyz user from sales
abc admin user
user3 test user
user4 test user


let me show you 1st user is exist or not


[root@localhost ~]# id user1
id: user1: No such user

now lets run the script
[root@localhost ~]# ./usersadd.sh -u users.txt -l passwd.txt -g gcos.txt

[root@localhost ~]# id user1
uid=528(user1) gid=527() groups=527()


[root@localhost ~]# finger user4
Login: user4                            Name: user4 test user
Directory:                              Shell: /bin/false
Never logged in.
No mail.
No Plan.



Note: above example only use for proxy users for authentication.