Simple:
ifconfig | grep –color -E ‘^|[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}’
nJoy ๐
Color highlight IPs in stream with grep
Posted on
Category: Howtos
Rate Limiting in iptables
Posted on
iptables -A INPUT -p tcp –syn –dport 80 -m connlimit –connlimit-above 15 –connlimit-mask 32 -j REJECT –reject-with tcp-reset
Allowing Apache to see client ip from Behind a trusted proxy.
Posted on
With high speed caching based on nginx, varnish or CDNs in general the client ip gets lost. All
IPs get reported as 127.0.0.1 since the proxy is making the socket request. Solution is two phased:
1) enable reporting the client IP to theย X-Forwarded-For header at the proxy or CDN.
This depends on the proxy will be covered in separate posts.
2) installing and configuring the mod_remoteip in Apache 2.
Project link L https://github.com/ttkzw/mod_remoteip-httpd22 mkdir /usr/local/src/mod_remoteip cd /usr/local/src/mod_remoteip wget https://raw.githubusercontent.com/ttkzw/mod_remoteip-httpd22/master/mod_remoteip.c wget https://raw.githubusercontent.com/ttkzw/mod_remoteip-httpd22/master/mod_remoteip.conf wget https://raw.githubusercontent.com/ttkzw/mod_remoteip-httpd22/master/Makefile yum install httpd-devel make make install
Configuration in the Apache config file:
in /etc/httpd/conf/httpd.conf
# Load and configure mod_remoteip for Google PageSpeed Service
LoadModule remoteip_module /usr/lib64/httpd/modules/mod_remoteip.so
RemoteIPHeader X-Forwarded-For
service apache reload
voila ๐
How to test varnish vcl file
Posted on
Unlike most other configuration systems varnish went with a compiled configuration so if there is a mistake all you get is :
Starting varnish HTTP accelerator: [FAILED]
To check what the problem is use the following :
varnishd -C -f default.vcl
varnishd -C -f default.vcl
Message from VCC-compiler:
Expected return action name.
(input Line 37 Pos 13)
return (hit_for_pass);
————############–
Running VCC-compiler failed, exit 1[root@MyHost1 varnish]# vim default.vcl
[root@MyHost1 varnish]# varnishd -C -f default.vcl
Message from VCC-compiler:
Invalid condition ‘&’ on numeric variable
only ‘==’, ‘!=’, ‘<‘, ‘>’, ‘<=’ and ‘>=’ are legal
(input Line 51 Pos 17)
if (obj.hits > 0) {
—————-#——–
Rightly so the error shouts back at you with a # under it.
Very clear and to the point, the vcl I had was HTML’ed and replaced > with >
That’s it..
nJoy ๐
How To Install WordPress on Centos 6
Posted on
About WordPress
WordPress is a free and open source website and blogging tool that uses php and MySQL. It was created in 2003 and has since then expanded to manage 22% of all the new websites created and has over 20,000 plugins to customize its functionality.
Gluster peer probe fails (repeated UUID)
Posted on
The UUID for a node is stored in /var/lib/glusterd/glusterd.info The uuidgen tool is used to create a new UUID. voila nJoy ;-)
Installing couchbase
Posted on
Tested in AWS and CENTOS6
sudo yum install wget -y mkdir binaries cd binaries http://packages.couchbase.com/releases/2.2.0/couchbase-server-community_2.2.0_x86_64_openssl098.rpm sudo yum install -y pkgconfig -y sudo yum install openssl098e -y sudo yum install couchbase-server*.rpm -y
nJoy ๐
To cleanup a brick previously used under glusterfs
Posted on
This must be done after you REALLY know this brick is going to be re-used elsewhere not in the same volume it was used before.
NOTE: Potential data loss
setfattr -x trusted.glusterfs.volume-id $brick_path setfattr -x trusted.gfid $brick_path rm -rf $brick_path/.glusterfs
Playing with Glusterfs
Posted on
More details in a later post but I finally realized the order of things ? Thought I’d share.
Reference sites:
http://www.gluster.org/community/documentation/index.php/Getting_started_configure
http://www.redhat.com/magazine/009jul05/features/gfs_practices/
mkdir ~/gluster cd ~/gluster wget -l 1 -nd -nc -r -A.rpm http://download.gluster.org/pub/gluster/glusterfs/LATEST/RHEL/epel-6/x86_64/ ย yum install glusterfs-libs-*.el6.x86_64.rpm -y yum install glusterfs-*.el6.x86_64.rpm -y yum install glusterfs-fuse-*.el6.x86_64.rpm -y yum install glusterfs-cli-*.el6.x86_64.rpm -y yum install glusterfs-server-*.el6.x86_64.rpm -y yum install glusterfs-geo-replication-*.el6.x86_64.rpm -y service glusterd start chkconfig glusterd on service glusterfsd start chkconfig glusterfsd on gluster peer probe <hostname of the other server in the cluster, or IP address if you donโt have DNS or /etc/hosts entries> dd if=/dev/zero of=~/test.bin count=10000k losetup /dev/loop0 test.bin fdisk /dev/loop0 ---> new partition all blocks fdisk --> n -> p -> 1 -> from 1 to 637 in this case yum install xfsprogs xfsdump -y mkfs.xfs -i size=512 /dev/loop0 -f --- Testing fs -------- mkdir /mnt/test mount /dev/loop0 /mnt/test --------fstab ----- /root/test.bin /mnt/test xfs loop 0 0 >>>>> test rebooting mkdir -p /mnt/test/brick gluster volume create gv0 replica 2 192.168.1.81:/mnt/test/brick 192.168.1.79:/mnt/test/brick gluster volume info Volume Name: gv0 Type: Replicate Volume ID: cb3110c8-82b0-45f5-9e38-98652a95b54b Status: Created Number of Bricks: 1 x 2 = 2 Transport-type: tcp Bricks: Brick1: 192.168.1.81:/mnt/test/brick Brick2: 192.168.1.79:/mnt/test/brick gluster volume start gv0
Just the client
yum install glusterfs-libs-3.5.0-2.el6.x86_64.rpm -y yum install glusterfs-3.5.0-2.el6.x86_64.rpm -y yum install glusterfs-fuse-3.5.0-2.el6.x86_64.rpm -y
nJoy ๐
Auto-blacklist iptables
Posted on
Gather a list of ips which fail logins and drop from firewall for the future
lastb | awk '{ FS == "[ \t]+" ; print $3; }' | egrep -o '([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3}'| grep -v "192.168." | sort | uniq | xargs -n 1 -I {} iptables -A INPUT -s {} -j DROP
if you want to make it permanent simply
[root@DellR510-3 ~]# /sbin/service iptables save
That’s it.
nJoy ๐