≡ Menu

fedora linux

Configure Static Routes In Debian or Red Hat Enterprise Linux

Static routes improves overall performance of your network (especially bandwidth saving). They are also useful in stub networks (i.e. there is only one link to the network). For example, each LAN (located at different offices) is connected to HQ IDC (Internet data center) using single T1/LL/Wan links.

For example under Red Hat/Fedora Linux you can add static router for eth0 network interface by editing /etc/sysconfig/network-scripts/route-eth0 file. Under Debian Linux add static route by editing /etc/network/interface file.

[click to continue…]

RHEL: Linux Bond / Team Multiple Network Interfaces (NIC) Into a Single Interface

Finally, today I had implemented NIC bounding (bind both NIC so that it works as a single device). Bonding is nothing but Linux kernel feature that allows to aggregate multiple like interfaces (such as eth0, eth1) into a single virtual link such as bond0. The idea is pretty simple get higher data rates and as well as link failover. The following instructions were tested on:

  1. RHEL v4 / 5 / 6 amd64
  2. CentOS v5 / 6 amd64
  3. Fedora Linux 13 amd64 and up.
  4. 2 x PCI-e Gigabit Ethernet NICs with Jumbo Frames (MTU 9000)
  5. Hardware RAID-10 w/ SAS 15k enterprise grade hard disks.
  6. Gigabit switch with Jumbo Frame

[click to continue…]

HowTo: Recovering Linux Grub Boot Loader Password

If you have, a password protected grub boot loader and you forgot both root and grub password, then you can recover grub-boot loader password using the following method/procedure:

* Use Knoppix cd
* Remove the password from Grub configuration file
* Reboot the system
* Change the root password
* Setup new Grub password if required (optional)
[click to continue…]

Logging to a centralized loghost from Router or other hosts

It is really a good idea to have one central logging host for security and performance reason. For example monitoring log files will help you to detect:
* Security risks (you can see failed login attempt, port scan etc) analysis
* Troubleshoot user login problem
* Save disk space
* If hard disk crashed on other hosts old logs will be available from centralized loghost

Linux (and other UNIX like systems) use sysklogd (or syslogd) utility. It is system logging facility. It support of both internet and unix domain sockets enables this utility package to support both local and remote logging from DSL/ADSL router or other hosts in your network.

Prepare syslogd to accept remote logging message

Open file /etc/init.d/sysklogd under Debian Linux to configure syslogd to accept remote message.
# vi /etc/init.d/sysklogd
Locate line SYSLOGD and edit it as follows:
The option (-r) will enable the facility to receive message from the network using an internet domain socket with the syslog service. The default is to not receive any messages from the network.

Save file and exit to shell prompt. Restart the sysklogd:
# /etc/init.d/sysklogd restart

A note about RHEL / CentOS / Fedora Linux User

If you are using Red Hat or Fedora Linux, edit file /etc/sysconfig/syslog:
# vi /etc/sysconfig/syslog
Make changes:
Restart syslogd:
# service syslog restart

Open UDP port 514

If you are, using iptables based firewall, insert following rule to your iptables script to accept connection from your network:

iptables -A INPUT -p udp -s $MYNET --sport 1024:65535 -d $SLSERVER --dport 514 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p udp -s $SLSERVER --sport 514 -d $MYNET --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT is IP address of syslogd server. You need to restrict access to syslogd within your network ( only.

Configure the Router to logging message to a centralized loghost

You can open web configuration interface and type IP address of centralized loghost ( and port 514. Save configuration and reboot router.

Configure Linux or Unix host to logging message to a centralized loghost

You need to open syslog configuration file /etc/syslog.conf:
# vi /etc/syslog.conf
Setup syslogd to send all important message related to auth to loghost IP (or use FQDN if configured)

*.*;auth,authpriv.none          @


*.*;auth,authpriv.none          @loghost.mydomain.com.

Restart sysklogd (Debian Linux):
# /etc/init.d/sysklogd restart
Restart syslogd under Red Hat/Fedora / CentOS Linux
# service syslog restart
If required open outgoing UDP 514 port from other hosts:

# SYSLOG outgoing client request
iptables -A OUTPUT -p udp -s --sport 1024:65535 -d --dport 514 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p udp -s --sport 514 -d --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT

Windows NT/2000/XP/Vista Desktop system

You can force your Windows NT/2000/XP desktop to log all messages to a centralized loghost. However, Windows do not have in build system to log message to remote Unix syslogd server. You can use NTsyslog program, which runs as a service under Windows NT based operating systems. It formats all System, Security, and Application events into a single line and sends them to a syslogd host.

Verify that message are logged in to your /var/log/messages# tail -f /var/log/messages
Feb 16 02:08:01 router  kernel: klogd started: BusyBox v1.00 (2005.09.22-19:11+0000)
Feb 16 02:08:01 router  kernel: Linux version (root@localhost.localdomain) (gcc version 3.4.2) #1 Thu Sep 22 15:07:47 EDT 2005
Feb 16 02:08:01 router  kernel: Total Flash size: 2048K with 39 sectors
Feb 16 02:08:01 router  kernel: 96338L-2M-8M prom init
Feb 16 02:08:01 router  kernel: CPU revision is: 00029010
Feb 16 02:08:01 router  kernel: Determined physical RAM map:
Feb 16 02:08:01 router  kernel:  memory: 007a0000 @ 0000000
Feb 16 02:08:01 router  kernel: AdslCoreHwReset: AdslOemDataAddr = 0xA07E504C
Feb 16 02:08:01 router  kernel: ip_tables: (C) 2000-2002 Netfilter core team
Feb 16 02:08:01 router  kernel: ip_conntrack version 2.1 (61 buckets, 0 max) - 368 bytes
Feb 16 02:08:06 router  pppd[224]: pppd 2.4.1 started by admin, uid 0
Feb 16 02:08:07 router  pppd[224]: PPP: Start to connect ...
Feb 16 02:08:10 router  dnsprobe[272]: dnsprobe started!