From my mail bag:
How do I accept CIPE connection requests coming from the outside?
CIPE stands for Crypto IP Encapsulation (see howto Establishing a CIPE Connection) . It is used to configure an IP tunneling device. For example, CIPE can be used to grant access from the outside world into a Virtual Private Network (VPN). All you need to find out CIPE number, once you got the number (device name) append following two IPTABLE rules (add rule to your iptables script) to script:
Add the following rules to your iptables script or configuration file:
iptables -A INPUT -p udp -i cipcb0 -j ACCEPT
iptables -A OUTPUT -p udp -o cipcb0 -j ACCEPT
CIPE use its own virtual device. It is use to transmit UDP packets so the above rule allows the cipcb0 interface to incoming request (no need to use eth0).
Replace cipcb0 with your actual device name.
Q. My sendmail service is running under Linux and whenever I try to telnet it from other LAN IP, it gives connection refuse error. If I connect it from localhost it accept connection. I can only send mail from my server only. How do I force sendmail to accept mail from other hosts/LAN ips?
A. For security reason sendmail is by default configured to accept connection from local system (127.0.0.1). This should avoid open mail relay problem.
To allow connections from ALL hosts/LAN IPs open sendmail.mc file (login as the root):
# vi /etc/mail/sendmail.mc
Look for line that read as follows:
Comment or remove above line and insert new line that read as follows:
Above line will force to accept connection from any host. Save the file. Regenerate sendmail configuration file using m4:
# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
Restart sendmail service :
# /etc/init.d/sendmail restart
Caution: You should configure firewall and other Sendmail Anti-Spam configuration control to avoid problems.
xorgconfig is an interactive command for generating an xorg.conf file for use with Xorg X servers.
Finally, today I had implemented NIC bounding (bind both NIC so that it works as a single device). Bonding is nothing but Linux kernel feature that allows to aggregate multiple like interfaces (such as eth0, eth1) into a single virtual link such as bond0. The idea is pretty simple get higher data rates and as well as link failover. The following instructions were tested on:
- RHEL v4 / 5 / 6 amd64
- CentOS v5 / 6 amd64
- Fedora Linux 13 amd64 and up.
- 2 x PCI-e Gigabit Ethernet NICs with Jumbo Frames (MTU 9000)
- Hardware RAID-10 w/ SAS 15k enterprise grade hard disks.
- Gigabit switch with Jumbo Frame
Describes how to boot dual boot FreeBSD and Linux operating system using GNU boot loader called Grub (GRand Unified Bootloader)
You may use many macros under office packages. However, your ftp client also supports macros. You can use ~/.netrc – user configuration file. The .netrc file contains login and initialization information used by the auto-login process and stores macros information. It resides in the user’s home directory.
Turn on FTP client auto login
You need to add username and password to file ~/.netrc. Open config file using a text editor such as vi:
$ vi ~/.netrc
Append or add following lines to it:
machine ftp.myserver.com login USERNAME password PASSWORD
Save file and exit to shell prompt. Make sure, only owner can read the file:
$ chmod 0600 ~/.netrc
To connect type command:
$ ftp ftp.myserver.com
Now let us say every time you connected to ftp server you would like to switch to binary mode and turn off prompt as well as go to directory /pub/data/backup/rdbms/dump/. You can create a macro to automate all these three steps:
i) Open ~/.netrc ftp configuration file:
$ vi ~/.netrc
ii) Define a macro
You need to use the following syntax:
Please note that each macro definition ends with a null line (consecutive new line characters in a file or carriage returns from the terminal). There is a limit of 16 macros and 4096 total characters in all defined macros. Macros remain defined until a close command is executed.
Append following text to .netrc file:
Save and close the file. Now connect to ftp server:
$ ftp ftp.myserver.com
Connected to ftp.myserver.com
220 ftp.myserver.com NcFTPd Server (licensed copy) ready.
Remote system type is UNIX.
Using binary mode to transfer files.
To execute a macro FOO type the command:
ftp> $ FOO
200 Type okay.
Interactive mode off.
250 "/pub/data/backup/rdbms/dump/" is new cwd.
=> ftp command man page
I use ADSL at home via ISP modem. As soon as my eth0 comes up I would like to have my firewall script get executed and setup the iptables firewall rules for me.
The superuser is a privileged user with unrestricted access to all files and commands. The superuser has the special UID (user ID) 0. You need to become super user (root) only when tasks need root permissions. Here is how to become a super user:
Continue reading “FreeBSD: Becoming Super User (su) or Enabling su Access For User Account”