There are 2 ways to upgrading Gentoo’s profile, which is whether by using the program eselect, or by manual linking.
Firstly the portage tree need to be updated to get the latest profile list by running he following command;
# emerge --sync
The following example is to update using eselect;
# eselect profile list
# eselect profile set <number>
where number is the number of favored profile from the list.
To manually update the profile, simply delete the softlink and create a new link to the intended profile as the following (be sure not to add / at the end of /etc/make.profile)
# rm /etc/make.profile
# ln -s /usr/portage/profiles/<profile of choice> /etc/make.profile
Optionally, in the end you might want to upgrade the system using the new profile;
# emerge --sync
# emerge --update --newuse --deep world
Monday, December 21, 2009
Thursday, November 12, 2009
Jabber - an open source instant messaging
Jabber is an open instant messaging technology that anyone can use.
Jabber Server Setup on CentOS 5
Configuring and Installing jabber server
Install rpmforge repo
rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
Install necessary packages
yum -y install gcc-c++ vim-enhanced mysql-server mysql gcc mysql-devel libidn-devel make automake libtool tcpdump rsync crontabs vixie-cron php-mysql cyrus-sasl-devel expat-devel udns-devel
Install gsasl
cd /usr/src/
wget ftp://alpha.gnu.org/pub/gnu/gsasl/libgsasl-0.2.29.tar.gz
tar xvfz libgsasl-0.2.26.tar.gz
./configure
make
sudo make install
Add gsasl library ‘/usr/local/lib’ to ld.so.conf
echo "/usr/local/lib" >> /etc/ld.so.conf.d/usr-local-lib.conf
ldconfig
Create Jabber User and Group
su
useradd jabber
passwd jabber
Getting Jabber Server
wget http://ftp.xiaoka.com/jabberd2/releases/jabberd-2.2.0.tar.bz2
Uncompress sources
tar xvfj jabberd-2.2.0.tar.bz2
Configure
cd jabberd-2.2.0
./configure --prefix=/opt/jabber --enable-mysql --enable-ssl --enable-ldap --with-sasl=gsasl --enable-debug
make
sudo make install
mysql -u root -p < tools/db-setup.mysql
mysql -u root -p
GRANT select,insert,delete,update ON jabberd2.* to jabberd2 at localhost IDENTIFIED by 'jtest';
Add Jabberd2 library to ld.so.conf
echo "/opt/jabber/lib/jabberd" >> /etc/ld.so.conf.d/jabberd2.conf
ldconfig
Customizing the jabberd server install
To customize the server, we first need to change to the jabberd directory by running the following command: cd /opt/jabber/etc/. Then we want to edit the sm.xml file so we follow the following steps as root:
• Open sm.xml in your favorite text editor
• Change the ID on the network from localhost to jabber.chatur.test (Make sure that jabber.chatur.test resolves)
• Change the MYSQL database passwaed from<pass>secret</pass> to <pass>jtest</pass>
• Scroll down to the User Options and uncomment the <auto-create/> tag. This allows users that are not registered on the server to register themselves.
• If you want to have a predefined userlist to populate all new users, scroll to the the end of the file and uncomment <roster>/opt/jabber/etc/templates/roster.xml</roster>. We will cover the contents of the roster.xml in a few minutes.
Once we are done editing, save sm.xml and exit the editor. Now we need to customize c2s.xml, so follow these steps as root:
• Open c2s.xml in your favorite text editor
• Scroll to the 'Local network configuration' section and change the <id> from localhost to jabber.chatur.test
• In order to able to login though Mac OS X iChat client, change the authentication mechanism under ‘sasl’ first comment out ‘digest-md5’ from <digest-md5 /> to <-- <digest-md5 /> --> and add ‘cram-md5’ instead <cram-md5 />
• Change the MYSQL database passwaed from<pass>secret</pass> to <pass>jtest</pass>
• Save and exit
This completes the configuration of the jabberd server. This gives us a basic jabber server that allows users to register themselves and chat with each other. However, if we want to have the ability to create chat rooms, we need to install some additional software called mu-conference. We will cover the installation of mu-conference momentarily.
Creating a default buddy list for new users
jabberd gives us the ability to create a template buddy list so that each new user has a default buddy list. This is very useful in environments where the administrator wants to make sure each user has all the important people in their buddy list without spending a lot of time adding each user manually.
The template file is located in the templates subdirectory and is called roster.xml. The file has the following format:
<query xmlns=’jabber:iq:roster’>
<!--
<item name=’Buddy Name’ jid=’JID@Host.domain’ subscription=’both’>
<group>BuddyGroup</group>
</item>
-->
</query>
To add new users we need to uncomment the <item name> tag and add a new line for each user. For example if you wanted to add me to the default roster and my JID (Jabber ID) was chatur@jabber.chatur.test the entry for my name would look like this:
<item name='chatur' jid='chatur@jabber.chatur.test' subscription='both'>
<group>Support</group>
</item>
The group field tells the client the group under which the entry is supposed to be stored. In this case chatur is being stored under the Support group. All entries need to be enclosed within the <query> </query> tag, so the complete file with one user would look something like:
<query xmlns=’jabber:iq:roster’>
<item name=’chatur’ jid=’chatur@jabber.chatur.test’ subscription=’both’>
<group>Support</group>
</item>
</query>
Generating a Self-Signed SSL Certificate
Important: Key Is Self-Signed The key generated by the instructions below is self-signed. Such a key is not part of a trust hierarchy. When used to secure communications with Jabber clients, a self-signed key will usually cause warnings to appear because its authenticity cannot be verified against a trusted key.
Generate Key Pair
From a working directory, enter the command below to begin an interactive key generation process:
openssl req -new -x509 -newkey rsa:1024 -days 3650 -keyout privkey.pem -out server.pem
You will be prompted for a passphrase for the private key. After entering and confirming your passphrase, you will be prompted for public information about your key.
Note: Common Name Note that you should enter your domain name as the Common Name for your certificate.
Note: Key Lifetime Note that the command above creates a key with a 3650 day (10 year lifetime). To change the key lifetime, use a different number of days for the -days parameter.
Remove Passphrase
Enter this command to remove the passphrase from your private key:
openssl rsa -in privkey.pem -out privkey.pem
Combine the Private and Public Key
Enter this command to combine the private and public keys into a single file:
cat privkey.pem >> server.pem
Delete Private Key
You should now delete your private key:
rm privkey.pem
Move Key and Set Permissions
You can now move your key to its permanent location. For example, to move the key to the default Jabberd pemfile location, you would enter this command (as superuser):
mv server.pem /opt/jabber/etc/server.pem
Then, you should set permissions on this file so that it is owned by superuser and is readonly (as superuser):
chown root:jabber /opt/jabber/etc/server.pem
chmod 640 /opt/jabber/etc/server.pem
Your certificate is now ready for use by Jabberd. You should make a backup (such as to a floppy) of your certificate.
Jabber Server Setup on CentOS 5
Configuring and Installing jabber server
Install rpmforge repo
rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
Install necessary packages
yum -y install gcc-c++ vim-enhanced mysql-server mysql gcc mysql-devel libidn-devel make automake libtool tcpdump rsync crontabs vixie-cron php-mysql cyrus-sasl-devel expat-devel udns-devel
Install gsasl
cd /usr/src/
wget ftp://alpha.gnu.org/pub/gnu/gsasl/libgsasl-0.2.29.tar.gz
tar xvfz libgsasl-0.2.26.tar.gz
./configure
make
sudo make install
Add gsasl library ‘/usr/local/lib’ to ld.so.conf
echo "/usr/local/lib" >> /etc/ld.so.conf.d/usr-local-lib.conf
ldconfig
Create Jabber User and Group
su
useradd jabber
passwd jabber
Getting Jabber Server
wget http://ftp.xiaoka.com/jabberd2/releases/jabberd-2.2.0.tar.bz2
Uncompress sources
tar xvfj jabberd-2.2.0.tar.bz2
Configure
cd jabberd-2.2.0
./configure --prefix=/opt/jabber --enable-mysql --enable-ssl --enable-ldap --with-sasl=gsasl --enable-debug
make
sudo make install
mysql -u root -p < tools/db-setup.mysql
mysql -u root -p
GRANT select,insert,delete,update ON jabberd2.* to jabberd2 at localhost IDENTIFIED by 'jtest';
Add Jabberd2 library to ld.so.conf
echo "/opt/jabber/lib/jabberd" >> /etc/ld.so.conf.d/jabberd2.conf
ldconfig
Customizing the jabberd server install
To customize the server, we first need to change to the jabberd directory by running the following command: cd /opt/jabber/etc/. Then we want to edit the sm.xml file so we follow the following steps as root:
• Open sm.xml in your favorite text editor
• Change the ID on the network from localhost to jabber.chatur.test (Make sure that jabber.chatur.test resolves)
• Change the MYSQL database passwaed from<pass>secret</pass> to <pass>jtest</pass>
• Scroll down to the User Options and uncomment the <auto-create/> tag. This allows users that are not registered on the server to register themselves.
• If you want to have a predefined userlist to populate all new users, scroll to the the end of the file and uncomment <roster>/opt/jabber/etc/templates/roster.xml</roster>. We will cover the contents of the roster.xml in a few minutes.
Once we are done editing, save sm.xml and exit the editor. Now we need to customize c2s.xml, so follow these steps as root:
• Open c2s.xml in your favorite text editor
• Scroll to the 'Local network configuration' section and change the <id> from localhost to jabber.chatur.test
• In order to able to login though Mac OS X iChat client, change the authentication mechanism under ‘sasl’ first comment out ‘digest-md5’ from <digest-md5 /> to <-- <digest-md5 /> --> and add ‘cram-md5’ instead <cram-md5 />
• Change the MYSQL database passwaed from<pass>secret</pass> to <pass>jtest</pass>
• Save and exit
This completes the configuration of the jabberd server. This gives us a basic jabber server that allows users to register themselves and chat with each other. However, if we want to have the ability to create chat rooms, we need to install some additional software called mu-conference. We will cover the installation of mu-conference momentarily.
Creating a default buddy list for new users
jabberd gives us the ability to create a template buddy list so that each new user has a default buddy list. This is very useful in environments where the administrator wants to make sure each user has all the important people in their buddy list without spending a lot of time adding each user manually.
The template file is located in the templates subdirectory and is called roster.xml. The file has the following format:
<query xmlns=’jabber:iq:roster’>
<!--
<item name=’Buddy Name’ jid=’JID@Host.domain’ subscription=’both’>
<group>BuddyGroup</group>
</item>
-->
</query>
To add new users we need to uncomment the <item name> tag and add a new line for each user. For example if you wanted to add me to the default roster and my JID (Jabber ID) was chatur@jabber.chatur.test the entry for my name would look like this:
<item name='chatur' jid='chatur@jabber.chatur.test' subscription='both'>
<group>Support</group>
</item>
The group field tells the client the group under which the entry is supposed to be stored. In this case chatur is being stored under the Support group. All entries need to be enclosed within the <query> </query> tag, so the complete file with one user would look something like:
<query xmlns=’jabber:iq:roster’>
<item name=’chatur’ jid=’chatur@jabber.chatur.test’ subscription=’both’>
<group>Support</group>
</item>
</query>
Generating a Self-Signed SSL Certificate
Important: Key Is Self-Signed The key generated by the instructions below is self-signed. Such a key is not part of a trust hierarchy. When used to secure communications with Jabber clients, a self-signed key will usually cause warnings to appear because its authenticity cannot be verified against a trusted key.
Generate Key Pair
From a working directory, enter the command below to begin an interactive key generation process:
openssl req -new -x509 -newkey rsa:1024 -days 3650 -keyout privkey.pem -out server.pem
You will be prompted for a passphrase for the private key. After entering and confirming your passphrase, you will be prompted for public information about your key.
Note: Common Name Note that you should enter your domain name as the Common Name for your certificate.
Note: Key Lifetime Note that the command above creates a key with a 3650 day (10 year lifetime). To change the key lifetime, use a different number of days for the -days parameter.
Remove Passphrase
Enter this command to remove the passphrase from your private key:
openssl rsa -in privkey.pem -out privkey.pem
Combine the Private and Public Key
Enter this command to combine the private and public keys into a single file:
cat privkey.pem >> server.pem
Delete Private Key
You should now delete your private key:
rm privkey.pem
Move Key and Set Permissions
You can now move your key to its permanent location. For example, to move the key to the default Jabberd pemfile location, you would enter this command (as superuser):
mv server.pem /opt/jabber/etc/server.pem
Then, you should set permissions on this file so that it is owned by superuser and is readonly (as superuser):
chown root:jabber /opt/jabber/etc/server.pem
chmod 640 /opt/jabber/etc/server.pem
Your certificate is now ready for use by Jabberd. You should make a backup (such as to a floppy) of your certificate.
Monday, October 5, 2009
Ethernet Bridge on FreeBSD
The basic operation of a bridge is to join two or more network segments together. There are many reasons to use a host based bridge over plain networking equipment such as cabling constraints, firewalling or connecting pseudo networks such as a Virtual Machine interface. A bridge can also connect a wireless interface to a wired network and act as an access point.
Requirements:
Two Physical (Real) Network Card (NIC) (minimum)
Enabling the Bridge:
The bridge is created using interface cloning.
To create a bridge use ifconfig
# ifconfig bridge create
bridge0
# ifconfig bridge0
bridge0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 96:3d:4b:f1:79:7a
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200
root id 00:00:00:00:00:00 priority 0 ifcost 0 port 0
Add the member network interfaces to the bridge.
# ifconfig bridge0 addm re0 addm re1 up
# ifconfig re0 up
# ifconfig re1 up
To remove a BRIDGE interface, enter:
# ifconfig bridge0 destroy
To make configuration persistence, open /etc/rc.conf, Append / modify as follows:
# vi /etc/rc.conf
cloned_interfaces="bridge0"
ifconfig_bridge0="addm re0 addm re1 up"
ifconfig_re0="up"
ifconfig_re1="up"
bridge interface can be configured to take part in network.
# ifconfig bridge0 inet 192.168.200.1/24
Requirements:
Two Physical (Real) Network Card (NIC) (minimum)
Enabling the Bridge:
The bridge is created using interface cloning.
To create a bridge use ifconfig
# ifconfig bridge create
bridge0
# ifconfig bridge0
bridge0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 96:3d:4b:f1:79:7a
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200
root id 00:00:00:00:00:00 priority 0 ifcost 0 port 0
Add the member network interfaces to the bridge.
# ifconfig bridge0 addm re0 addm re1 up
# ifconfig re0 up
# ifconfig re1 up
To remove a BRIDGE interface, enter:
# ifconfig bridge0 destroy
To make configuration persistence, open /etc/rc.conf, Append / modify as follows:
# vi /etc/rc.conf
cloned_interfaces="bridge0"
ifconfig_bridge0="addm re0 addm re1 up"
ifconfig_re0="up"
ifconfig_re1="up"
bridge interface can be configured to take part in network.
# ifconfig bridge0 inet 192.168.200.1/24
Sunday, October 4, 2009
Linux Ethernet Bridge
The Linux ethernet bridge can be used for connecting multiple ethernet devices together. The connection is fully transparent: hosts connected to one ethernet device see hosts connected to the other ethernet devices directly.
Requirements:
1. Zero IP the interfaces.
# ifconfig eth0 0.0.0.0
# ifconfig eth1 0.0.0.0
OR
# ifconfig eth0 up promisc
# ifconfig eth1 up promisc
2. Create the bridge interface.
# brctl addbr br0
3. Add interfaces to the bridge.
# brctl addif br0 eth0
# brctl addif br0 eth1
OR
# brctl addif br0 eth0 eth1
4. Put up the bridge.
# ifconfig mybridge up
5. The virtual interface br0 can also be configured to take part in network. It behaves like real interface (like a normal network card).
# ifconfig br0 192.168.200.100 netmask 255.255.255.0
Requirements:
- Two Physical (Real) Network Card (NIC) (minimum)
- bridge-utils - This package contains utilities for configuring the Linux ethernet bridge.
1. Zero IP the interfaces.
# ifconfig eth0 0.0.0.0
# ifconfig eth1 0.0.0.0
OR
# ifconfig eth0 up promisc
# ifconfig eth1 up promisc
2. Create the bridge interface.
# brctl addbr br0
3. Add interfaces to the bridge.
# brctl addif br0 eth0
# brctl addif br0 eth1
OR
# brctl addif br0 eth0 eth1
4. Put up the bridge.
# ifconfig mybridge up
5. The virtual interface br0 can also be configured to take part in network. It behaves like real interface (like a normal network card).
# ifconfig br0 192.168.200.100 netmask 255.255.255.0
Saturday, October 3, 2009
kill process based on username and logout users
To kill all process of logged in user and logout
pkill -KILL -u username
pkill -KILL -u username
Ethernet Loopback connector
Occasionally I need for a network card to operate as a live network connection, without it actually being connected to a network. Typically for testing purposes, I need a quick and easy way to make a loopback connector. Small enough to keep in my Pocket. The following is a quick "how to" for making an Ethernet loopback connector.
To create a loopback plug, cross pin 1 (TX+) and pin 3 (RX+) together, and cross pin 2 (TX-) and pin 6 (RX-) together. You need the following equipment to create the loopback:
When you create and then test a physical loopback, you are testing the RJ-45 interface of the NIC.
To create a loopback plug, cross pin 1 (TX+) and pin 3 (RX+) together, and cross pin 2 (TX-) and pin 6 (RX-) together. You need the following equipment to create the loopback:
- A 6-inch long CAT5 cable
- An RJ-45 connector
- A crimping tool
When you create and then test a physical loopback, you are testing the RJ-45 interface of the NIC.
Know Number of Logged in User in FreeRadius from Shell
This is a very useful perl script that i created to know how many user are logged in on FreeRadius from the UNIX/Linux shell or command line.
It’s for FreeRadius with MySQL and I think it is usefull for other radiuses as well.
Below is the full code.
#!/usr/bin/perl -w
use DBI;
my $db = 'radius';
my $db_host = 'localhost';
my $db_username = 'username';
my $db_password = 'password';
my $dbh = DBI->connect("dbi:mysql:database=$db;host=$db_host:port number;user=$db_username;password=$db_password") or die "Couldn't connect to database: $DBI::errstr\n";
my $sql = qq{SELECT DISTINCT UserName,AcctStartTime,FramedIPAddress,CallingStationId FROM radacct WHERE AcctStopTime = '0000-00-00 00:00:00' AND NASIPAddress = '192.168.254.2' GROUP BY UserName};
$sth = $dbh->prepare($sql) or die "Couldn't prepare query '$sql': $DBI::errstr\n";
$sth->execute() or die "Couldn't execute query '$sql': $DBI::errstr\n";
print $sth->rows();
$sth->finish();
$dbh->disconnect();
exit;
Note:
change the username and password to actual username and password of a MySQL database, and NASIPAddress.
It’s for FreeRadius with MySQL and I think it is usefull for other radiuses as well.
Below is the full code.
#!/usr/bin/perl -w
use DBI;
my $db = 'radius';
my $db_host = 'localhost';
my $db_username = 'username';
my $db_password = 'password';
my $dbh = DBI->connect("dbi:mysql:database=$db;host=$db_host:port number;user=$db_username;password=$db_password") or die "Couldn't connect to database: $DBI::errstr\n";
my $sql = qq{SELECT DISTINCT UserName,AcctStartTime,FramedIPAddress,CallingStationId FROM radacct WHERE AcctStopTime = '0000-00-00 00:00:00' AND NASIPAddress = '192.168.254.2' GROUP BY UserName};
$sth = $dbh->prepare($sql) or die "Couldn't prepare query '$sql': $DBI::errstr\n";
$sth->execute() or die "Couldn't execute query '$sql': $DBI::errstr\n";
print $sth->rows();
$sth->finish();
$dbh->disconnect();
exit;
Note:
change the username and password to actual username and password of a MySQL database, and NASIPAddress.
MacJournal to WordPress
You can publish your MacJournal to WordPress.
(For custom configuration.)
(For custom configuration.)
Here’s the step-by-step guide:
1. Select your desired journal entry.
2. From the menu Entry, click Send to Blog.
3. Click Manual Setup
4. Type in Name : (your blog name)
5. In pull down menu,Type: select Movable Type
6. Type in URL: http://yourname.wordpress.com/
7. Type in Post URL: http://yourname.wordpress.com/xmlrpc.php
8. Type in Username : (your account name)
9. Type in Blog ID : 1
10. Press button Ok.
Monday, April 20, 2009
FreeBSD VLANs Configuration using ifconfig command
To create a new VLAN interface, enter:
# ifconfig {vlan-name} create
To associate the VLAN interface with a physical interface and assign a VLAN ID, IP address, and netmask:
# ifconfig {vlan-name} {ip-address} netmask {subnet-mask} vlan {vlan-id} vlandev {physical-interface}
The following examples, all packets will be marked on egress with 802.1Q VLAN tags, specifying a VLAN ID of 500:
# ifconfig vlan500 10.0.0.1 netmask 255.255.255.0 vlan500 vlandev em0
To remove a VLAN interface, enter:
# ifconfig {vlan-name} destroy
To make configuration persistence, open /etc/rc.conf:
# vi /etc/rc.conf
Append / modify as follows:
cloned_interfaces=“vlan500 vlan600”
ifconfig_vlan500="inet x.x.x.x netmask y.y.y.y vlan 500 vlandev em0"
ifconfig_vlan600="inet x.x.x.x netmask y.y.y.y vlan 600 vlandev em0"
# ifconfig {vlan-name} create
To associate the VLAN interface with a physical interface and assign a VLAN ID, IP address, and netmask:
# ifconfig {vlan-name} {ip-address} netmask {subnet-mask} vlan {vlan-id} vlandev {physical-interface}
The following examples, all packets will be marked on egress with 802.1Q VLAN tags, specifying a VLAN ID of 500:
# ifconfig vlan500 10.0.0.1 netmask 255.255.255.0 vlan500 vlandev em0
To remove a VLAN interface, enter:
# ifconfig {vlan-name} destroy
To make configuration persistence, open /etc/rc.conf:
# vi /etc/rc.conf
Append / modify as follows:
cloned_interfaces=“vlan500 vlan600”
ifconfig_vlan500="inet x.x.x.x netmask y.y.y.y vlan 500 vlandev em0"
ifconfig_vlan600="inet x.x.x.x netmask y.y.y.y vlan 600 vlandev em0"
Saturday, January 3, 2009
Static ARP entry
arp -s ip_address ethernert_address
example:
arp -s 192.168.69.126 00:1f:f3:52:20:ed
arp -S ip_address ethernert_address
- Is just like -s except any existing ARP entry for this host will be deleted first.
example:
arp -S 192.168.69.126 00:1f:f3:52:20:ed
example:
arp -s 192.168.69.126 00:1f:f3:52:20:ed
arp -S ip_address ethernert_address
- Is just like -s except any existing ARP entry for this host will be deleted first.
example:
arp -S 192.168.69.126 00:1f:f3:52:20:ed
Subscribe to:
Posts (Atom)
