≡ Menu

ip addresses

HowTo: Find Out DNS Server IP Address Used By My Router?

My router configured by ISP tech and it is set to get DNS server address automatically from upstream. Is there is a way to find out the IP address of the dns server used by my router which is located at 192.168.1.1? Is there Linux, Unix, Apple OS X, or MS-Windows command that I can use get the same information?
[click to continue…]

Linux / Unix: Look Up IP Addresses

How can I look up IP addresses under UNIX or Linux operating systems using command line options?
[click to continue…]

FreeBSD Apache Jail: Connection refused: connect to listener on 0.0.0.0:80 Error and Solution

Q. I'm running Apache 2 server under FreeBSD jail. However, I see lots of warning error messages in /var/log/httpd-error.log as follows:

[Sat Sep 20 20:47:09 2008] [warn] (61)Connection refused: connect to listener on 0.0.0.0:80
[Sat Sep 20 20:47:10 2008] [warn] (61)Connection refused: connect to listener on 0.0.0.0:80
[Sat Sep 20 20:47:11 2008] [warn] (61)Connection refused: connect to listener on 0.0.0.0:80

How do stop all these warning messages flooding my Apache log files?
[click to continue…]

DNS Name Resolution

Q. Can you explain DNS name resolution concept? Why I need to set DNS resolution for my Windows or Linux server? How do I setup DNS name resolution under Linux / UNIX server system?
[click to continue…]

Linux / FreeBSD: Multiple IP Addresses on One Interface

Q. Can one Linux / BSD system respond to multiple IP address on a single Ethernet interface? I need to run multiple web sites and mod_ssl with a single server. How do I configure my box for multiple IP address?
[click to continue…]

What Would Cause a Lot of ARP Broadcasts From One System / Machine

Q. I'm experiencing decreased network performance due to ARP broadcasts coming from one system. What would cause a lot of ARP broadcasts from one server / computer?
[click to continue…]

Configure Postfix for DNS Blackhole Lists such as dsbl.org / spamhaus.org database

Q. How do I configure my Postfix mail server to scan incoming mail for spam using DNS Blackhole List such as:
a) The Spamhaus
b) Open Relay Database etc

A. To discard spam or garbage email you can use 3rd party services such as Spamhaus. These are realtime database of IP addresses of verified spam sources and spam operations (including spammers, spam gangs and spam support services), maintained by the Spamhaus or other project team and supplied as a free service to help email administrators better manage incoming email streams.

Postfix MTA DNS Blackhole Lists Configuration

Under Postfix mail server you need to define DNSRBLs in main.cf file using the smtpd_recipient_restrictions configuration directive. Open main.cf file:
# vi /etc/postfix/main.cf
Locate smtpd_recipient_restrictions line and setup reject_rbl_client as follows:

smtpd_recipient_restrictions =
....
.....
   reject_rbl_client list.dsbl.org,
   reject_rbl_client sbl-xbl.spamhaus.org,
   reject_rbl_client cbl.abuseat.org,
   reject_rbl_client dul.dnsbl.sorbs.net,
....
   permit

Here is my complete configuration:

smtpd_recipient_restrictions =
   reject_invalid_hostname,
   reject_non_fqdn_hostname,
   reject_non_fqdn_sender,
   reject_non_fqdn_recipient,
   reject_unknown_sender_domain,
   reject_unknown_recipient_domain,
   reject_unauth_destination,
   permit_mynetworks,
   reject_rbl_client list.dsbl.org,
   reject_rbl_client sbl-xbl.spamhaus.org,
   reject_rbl_client cbl.abuseat.org,
   reject_rbl_client dul.dnsbl.sorbs.net,
   permit

Save and close the file. Restart / reload postfix mail server:
# /etc/init.d/postfix restart

Linux Firewall: Display Status and Rules of Iptables Firewall

Q. How do I display / list all rules in the selected chain? How do I find out which rules are active? What is blocked and opened with my firewall?

A. To List all rules in the selected chain use the -L option. If no chain is selected, all chains are listed. As every other iptables command, it applies to the specified table. The -n option help to print IP addresses and port numbers in numeric format.

To check the status of your firewall and all rules, enter:
# iptables -L -n
OR
$ sudo iptables -L -n
Output:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
droplist   all  --  0.0.0.0/0            0.0.0.0/0
droplist   all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  66.228.118.0/23      0.0.0.0/0
DROP       all  --  213.240.4.233        0.0.0.0/0
DROP       all  --  75.126.132.23        0.0.0.0/0
DROP       all  --  80.58.205.35         0.0.0.0/0
.....
...
.....
DROP       all  --  91.200.56.0/22       0.0.0.0/0
LOG        all  --  91.200.72.0/22       0.0.0.0/0           LOG flags 0 level 4 prefix `DROP List Block'
DROP       all  --  91.200.72.0/22       0.0.0.0/0

The --line-numbers option adds line numbers to the beginning of each rule, corresponding to that rule's position in the chain. The -v option makes the list command show the interface name, the rule options (if any), and the TOS masks. The packet and byte counters are also listed, with the suffix K, M or G for 1000, 1,000,000 and 1,000,000,000 multipliers respectively (but see the -x flag to change this).
# iptables -L -v -n --line-numbers

Linux Creating or Adding New Network Alias To a Network Card (NIC)

Q. I would like to create alias for my network card (NIC). How do I setup 2 IP address on One NIC? How do I add alias under Centos / Fedora / Debian / Ubuntu Linux?
[click to continue…]