Firewall Builder: Generate The Web Server Firewall Cluster Running Linux or OpenBSD

Posted on in Categories Iptables, Linux, OpenBSD, Security last updated April 11, 2010
Firewall Builder Logo

This article continues mini-series started with the post Introduction to Firewall Builder 4.0. This article is also available as a section in the “Firewall Builder Cookbook” chapter of Firewall Builder Users Guide 4.0.

Firewall Builder 4.0 is currently in beta testing phase. If you find it interesting after reading this post, please download and try it out. Source code archives, binary deb and rpm packages for popular Linux distributions and commercially distributed Windows and Mac OS X packages are available for download here.

In this post I demonstrate how Firewall Builder can be used to generate firewall configuration for a clustered web server with multiple virtual IP addresses. The firewall is running on each web server in the cluster. This example assumes the cluster is built with heartbeat using “old” style configuration files, but which high availability software is used to build the cluster is not really essential. I start with the setup that consists of two identical servers running Linux but in the end of the article I am going to demonstrate how this configuration can be converted to OpenBSD with CARP.

This entry is part 1 of 4 in the series Linux Firewall Cluster Configuration with Firewall Builder v4.:

Linux Lighttpd Configure ASP.NET Applications as FastCGI Mono Server

Posted on in Categories lighttpd, Links, Linux, RedHat/Fedora Linux, Ubuntu Linux, UNIX, Windows last updated February 3, 2008

Mono project offers .NET compatible set of tools, including among others a C# compiler and a Common Language Runtime. It runs on Linux, *BSD, Windows and other operating systems. From the article:

The FastCGI Mono Server was developed as part of the 2007 Google Summer of Code (http://code.google.com/soc/2007/) with the goal of increasing the availablity of ASP.NET and simplifying configuration. Requiring as little as zero command line options and supporting a large number of servers, the FastCGI Mono Server makes it simple to include ASP.NET on your server.

This documentation contains configuration instructions for serveral web servers on Linux, with plans to expand support to Windows and Macintosh in the future. Please take the time to read all the information below before configuring your server.

ASP.NET Mono - How Does It Work?
(Fig. 01: How does FastCGI mono server works?)

=> The FastCGI Mono Server Configuration

FreeBSD Install Lighttpd Web Server

Posted on in Categories FreeBSD, Howto, lighttpd, php last updated June 30, 2007

I’ve received couple of request about running Lighttpd web server under FreeBSD:

How do I install Lighttpd web server under FreeBSD along with MySQL 5 and PHP5?

lighttpd a secure, fast, compliant and very flexible web-server which has been optimized for high-performance environments. It has a very low memory footprint compared to other webservers and takes care of cpu-load. Its advanced feature-set (FastCGI, CGI, Auth, Output-Compression, URL-Rewriting and many more) make lighttpd the perfect webserver-software for every server that is suffering load problems. Installing lighttpd is quite simple under FreeBSD operating system using ports.

Lighttpd on FreeBSD

First update your port tree by typing following commands:
# portsnap fetch
# portsnap update

Install lighttpd web server under FreeBSD

Lighttpd port is located under /usr/ports/www/lighttpd:
# cd /usr/ports/www/lighttpd
Install lighttpd:
# make
# make install
# make clean

Install MySQL server

Install MySQL server:
# cd /usr/ports/databases/mysql50-server/
# make
# make install
# make clean

Also install mysql client support
# /usr/ports/databases/mysql50-client
# make
# make install
# make clean

Finally install mysql scripts:
# cd /usr/ports/databases/mysql50-scripts
# make
# make install
# make clean

Install php5 for lighttpd

Install PHP5 scripting:
# cd /usr/ports/lang/php5
# make
# make install
# make clean

Next you must install PHP5 extensions such as GB, mysql support and so on. At least select following extensions from menu:

  • ctype: The ctype shared extension for php
  • curl: The curl shared extension for php
  • dom: The dom shared extension for php
  • gd: The gd shared extension for php
  • imap: The imap shared extension for php
  • mbstring: The mbstring shared extension for php
  • mcrypt: The mcrypt shared extension for php
  • mysql: The mysql shared extension for php
  • mysqli: The mysqli shared extension for php
  • pcre: The pcre shared extension for php
  • posix: The posix shared extension for php
  • session: The session shared extension for php
  • simplexml: The simplexml shared extension for php
  • xml: The xml shared extension for php
  • xmlreader: The xmlreader shared extension for php
  • xmlwriter: The xmlwriter shared extension for php
  • zlib: The zlib shared extension for php

Type the following command:
# cd /usr/ports/lang/php5-extensions
# make
# make install
# make clean

Auto start lighttpd and mysql service

You need to enable both services. Open /etc/rc.conf:
# vi /etc/rc.conf
Append following two lines:
mysql_enable="YES"
lighttpd_enable="YES"

Start Mysql Server Under FreeBSD

To start MySQL server, enter:
# /usr/local/etc/rc.d/mysql-server start

Start Lighttpd Server Under FreeBSD

To start Lighttpd server, enter:
# /usr/local/etc/rc.d/lighttpd start

Verify that lighttpd is running:
# netstat -nat

FreeBSD Lighttpd configuration file location

  • Config file location: /usr/local/etc/lighttpd.conf
  • Default documentation root location : /usr/local/www/data/
  • Default username and groupname : www

See also:

Monitor and restart Apache or lighttpd webserver when daemon is killed

Posted on in Categories Apache, CentOS, Debian Linux, FreeBSD, GNU/Open source, Howto, lighttpd, Linux, Monitoring, MySQL, Networking, Postfix, RedHat/Fedora Linux, Security, Shell scripting, Suse Linux, Sys admin, UNIX last updated January 1, 2009

When you cannot monitor your server for service availability, it is better to take help of automated monitor and restart utility. Last 4 days I was away from my server as I was enjoying my vacation. During this time due to load my lighttpd webserver died but it was restarted automatically within 2 minutes. I had utility configured for monitoring services on a Linux system called monit. It offers all features you ever needed for system monitoring and perform error recovery for UNIX like system.