Admins eHow SysAdmin Tips & Tricks

March 13, 2010

Shell script to show network speed

Filed under: CentOS,Debian,DreamBox,General — Tags: , , , , , , , , , — admin @ 11:37 am

The following shell script shows current download and upload speeds for the network interface you choose.

Copy the shell script in a file named, i.e: net_speed.sh

Then after setting execution permissions:

chmod a+x net_speed.sh

You can run the shell script passing as the first argument the network interface you want to monitor:

./net_speed.sh eth0

You will get a line like that:
eth0 DOWN:15 KB/s UP:880 B/s

This script works parsing /proc/net/dev file and calculating the difference between current transmitted or received bytes and their values one second ago.

#!/bin/bash

# This shell script shows the network speed, both received and transmitted.

# Usage: net_speed.sh interface
#   e.g: net_speed.sh eth0


# Global variables
interface=$1
received_bytes=""
old_received_bytes=""
transmitted_bytes=""
old_transmitted_bytes=""


# This function parses /proc/net/dev file searching for a line containing $interface data.
# Within that line, the first and ninth numbers after ':' are respectively the received and transmited bytes.
get_bytes()
{
    line=$(cat /proc/net/dev | grep $interface | cut -d ':' -f 2 | awk '{print "received_bytes="$1, "transmitted_bytes="$9}')
    eval $line
}


# Function which calculates the speed using actual and old byte number.
# Speed is shown in KByte per second when greater or equal than 1 KByte per second.
# This function should be called each second.
get_velocity()
{
    value=$1    
    old_value=$2

    let vel=$value-$old_value
    let velKB=$vel/1024
    if [ $velKB != 0 ];
    then
 echo -n "$velKB KB/s";
    else
 echo -n "$vel B/s";
    fi
}

# Gets initial values.
get_bytes
old_received_bytes=$received_bytes
old_transmitted_bytes=$transmitted_bytes

# Shows a message and waits for one second.
echo "Starting...";
sleep 1;
echo "";


# Main loop. It will repeat forever.
while true; 
do

    # Get new transmitted and received byte number values.
    get_bytes

    # Calculates speeds.
    vel_recv=$(get_velocity $received_bytes $old_received_bytes)
    vel_trans=$(get_velocity $transmitted_bytes $old_transmitted_bytes)

    # Shows results in the console.
    echo -en "$interface DOWN:$vel_recv\tUP:$vel_trans\r"

    # Update old values to perform new calculations.
    old_received_bytes=$received_bytes
    old_transmitted_bytes=$transmitted_bytes

    # Waits one second.
    sleep 1;

done

Source : Linux Clues

March 5, 2010

How to change timezone on Debian

Filed under: Debian,General — Tags: , , , — admin @ 8:40 am 
dpkg-reconfigure tzdata

March 3, 2010

How to authenticate Apache 2 with Radius on Debian

Filed under: Apache,Debian,Security — Tags: , , , — admin @ 11:37 am

Install Apache radius module :

apt-get install libapache2-mod-auth-radius

enable radius module for Apache :

a2enmod auth_radius

open /etc/apache2/apache2.conf and add the following lines to end of file :

AddRadiusAuth IP_OF_RADIUS_SERVER:PORT SECRET 5
AddRadiusCookieValid 60

go to /var/www folder or the folder which you want to protect and create a .htaccess file inside it containing following lines :

AuthType Basic
AuthName "AdminseHow Radius Authentication"
AuthBasicAuthoritative Off
AuthBasicProvider radius
AuthRadiusAuthoritative on
AuthRadiusActive On
Require valid-user

restart Apache :

/etc/init.d/apache2 restart

for more info regarding the configuration options , you can read the following link :
http://freeradius.org/mod_auth_radius/

September 10, 2009

Show Apache loaded modules from shell

Filed under: Apache,CentOS,Debian,General — Tags: , , , , — admin @ 4:25 pm

This command shows both static and shared loaded modules in Apache :

httpd -M

August 27, 2009

How to clear all iptables rules

Filed under: CentOS,Debian,General,Security — Tags: , , , — admin @ 2:08 pm

In order to flush all iptables rules , Run the following commands :

iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

August 14, 2009

How to Auth pptpd with radius on debian

Filed under: Debian,General — Tags: , , — admin @ 12:54 pm

install libradiusclient-ng2 :

apt-get install libradiusclient-ng2

rename the folder :

 mv /etc/radiusclient-ng/ /etc/radiusclient/

create dictionary.microsoft :

nano /etc/radiusclient/dictionary.microsoft

and copy and paste the following text into it :

#
#       Microsoft's VSA's, from RFC 2548
#
#       $Id: dictionary.microsoft,v 1.1 2002/03/06 13:23:09 dfs Exp $
#

VENDOR          Microsoft       311     Microsoft

ATTRIBUTE       MS-CHAP-Response        1       string  Microsoft
ATTRIBUTE       MS-CHAP-Error           2       string  Microsoft
ATTRIBUTE       MS-CHAP-CPW-1           3       string  Microsoft
ATTRIBUTE       MS-CHAP-CPW-2           4       string  Microsoft
ATTRIBUTE       MS-CHAP-LM-Enc-PW       5       string  Microsoft
ATTRIBUTE       MS-CHAP-NT-Enc-PW       6       string  Microsoft
ATTRIBUTE       MS-MPPE-Encryption-Policy 7     string  Microsoft
# This is referred to as both singular and plural in the RFC.
# Plural seems to make more sense.
ATTRIBUTE       MS-MPPE-Encryption-Type 8       string  Microsoft
ATTRIBUTE       MS-MPPE-Encryption-Types  8     string  Microsoft
ATTRIBUTE       MS-RAS-Vendor           9       integer Microsoft
ATTRIBUTE       MS-CHAP-Domain          10      string  Microsoft
ATTRIBUTE       MS-CHAP-Challenge       11      string  Microsoft
ATTRIBUTE       MS-CHAP-MPPE-Keys       12      string  Microsoft
ATTRIBUTE       MS-BAP-Usage            13      integer Microsoft
ATTRIBUTE       MS-Link-Utilization-Threshold 14 integer        Microsoft
ATTRIBUTE       MS-Link-Drop-Time-Limit 15      integer Microsoft
ATTRIBUTE       MS-MPPE-Send-Key        16      string  Microsoft
ATTRIBUTE       MS-MPPE-Recv-Key        17      string  Microsoft
ATTRIBUTE       MS-RAS-Version          18      string  Microsoft
ATTRIBUTE       MS-Old-ARAP-Password    19      string  Microsoft
ATTRIBUTE       MS-New-ARAP-Password    20      string  Microsoft
ATTRIBUTE       MS-ARAP-PW-Change-Reason 21     integer Microsoft

ATTRIBUTE       MS-Filter               22      string  Microsoft
ATTRIBUTE       MS-Acct-Auth-Type       23      integer Microsoft
ATTRIBUTE       MS-Acct-EAP-Type        24      integer Microsoft

ATTRIBUTE       MS-CHAP2-Response       25      string  Microsoft
ATTRIBUTE       MS-CHAP2-Success        26      string  Microsoft
ATTRIBUTE       MS-CHAP2-CPW            27      string  Microsoft

ATTRIBUTE       MS-Primary-DNS-Server   28      ipaddr  Microsoft
ATTRIBUTE       MS-Secondary-DNS-Server 29      ipaddr  Microsoft
ATTRIBUTE       MS-Primary-NBNS-Server  30      ipaddr  Microsoft
ATTRIBUTE       MS-Secondary-NBNS-Server 31     ipaddr  Microsoft

#ATTRIBUTE      MS-ARAP-Challenge       33      string  Microsoft

#
#       Integer Translations
#

#       MS-BAP-Usage Values

VALUE           MS-BAP-Usage            Not-Allowed     0
VALUE           MS-BAP-Usage            Allowed         1
VALUE           MS-BAP-Usage            Required        2

#       MS-ARAP-Password-Change-Reason Values

VALUE   MS-ARAP-PW-Change-Reason        Just-Change-Password            1
VALUE   MS-ARAP-PW-Change-Reason        Expired-Password                2
VALUE   MS-ARAP-PW-Change-Reason        Admin-Requires-Password-Change  3
VALUE   MS-ARAP-PW-Change-Reason        Password-Too-Short              4

#       MS-Acct-Auth-Type Values

VALUE           MS-Acct-Auth-Type       PAP             1
VALUE           MS-Acct-Auth-Type       CHAP            2
VALUE           MS-Acct-Auth-Type       MS-CHAP-1       3
VALUE           MS-Acct-Auth-Type       MS-CHAP-2       4
VALUE           MS-Acct-Auth-Type       EAP             5

#       MS-Acct-EAP-Type Values

VALUE           MS-Acct-EAP-Type        MD5             4
VALUE           MS-Acct-EAP-Type        OTP             5
VALUE           MS-Acct-EAP-Type        Generic-Token-Card      6
VALUE           MS-Acct-EAP-Type        TLS             13

create port-id-map in case it doesnt exists :

echo "" > /etc/radiusclient/port-id-map

edit /etc/radiusclient/dictionary :

nano /etc/radiusclient/dictionary

and add the following lines to the end of it :

INCLUDE /etc/radiusclient/dictionary.merit
INCLUDE /etc/radiusclient/dictionary.microsoft

edit /etc/radiusclient/radiusclient.conf :

nano /etc/radiusclient/radiusclient.conf

copy and paste the following text into it , dont forget to set your own authserver and acctserver:

auth_order      radius
login_tries     4
login_timeout   60
nologin         /etc/nologin
issue           /etc/radiusclient/issue
authserver      AUTH_Server_IP:PORT
acctserver      ACCT_Server_IP:PORT
servers         /etc/radiusclient/servers
dictionary      /etc/radiusclient/dictionary
login_radius    /usr/sbin/login.radius
seqfile         /var/run/radius.seq
mapfile         /etc/radiusclient/port-id-map
default_realm
radius_timeout  10
radius_retries  3
login_local     /bin/login

edit /etc/radiusclient/servers :

nano /etc/radiusclient/servers

and add the following text into it , change Radius_Server_IP and SecretKey to your own settings :

Radius_Server_IP SecretKey

edit /etc/pptpd.conf :

nano /etc/pptpd.conf

and copy and paste the following text into it , change Server_IP , Remote_IP_From and Remote_IP_TO to your own settings :

option /etc/ppp/pptpd-options
logwtmp
localip Server_IP
remoteip Remote_IP_From-Remote_IP_TO
connections 200

edit /etc/ppp/pptpd-options :

nano /etc/ppp/pptpd-options

and copy and paste the following text into it :

name pptpd
require-pap
ms-dns 8.8.8.8
ms-dns 8.8.4.4
proxyarp
nodefaultroute
lock
nobsdcomp
mtu 1200
mru 1200
plugin radius.so
plugin radattr.so
lcp-echo-failure 50

How to auth ssh users by radius in debian

Filed under: Debian,General — Tags: , , , — admin @ 11:57 am

install libpam-radius-auth

apt-get install libpam-radius-auth

open /etc/pam_radius_auth.conf

nano /etc/pam_radius_auth.conf

and add the following lines into it. Your_IP and PORT are the IP address and Port of Radius sever. SecretKey is the Secret of radius server. 3 is the timeout in seconds.

# server[:port] shared_secret      timeout (s)
YOUR_IP:PORT SecretKey 3

Change the permissions :

chown root /etc/pam_radius_auth.conf
chmod go-rwx /etc/pam_radius_auth.conf

open /etc/pam.d/common-auth :

nano /etc/pam.d/common-auth

and add the following lines :

auth sufficient pam_radius_auth.so

August 5, 2009

Install locate and updatedb on CentOS and Debian

Filed under: CentOS,Debian,General — Tags: , , , , — admin @ 3:55 pm

locate and updatedb commands are the best commands to search and find files in Linux. if you dont have them installed on your Linux , use the following commands :
Debian :

apt-get install locate

CentOS :

yum install mlocate

July 24, 2009

Delete Files Older Than x Days on Linux

Filed under: CentOS,Debian,General — Tags: , , , — admin @ 1:40 pm

The find utility on linux allows you to pass in a bunch of interesting arguments, including one to execute another command on each file. We’ll use this in order to figure out what files are older than a certain number of days, and then use the rm command to delete them.

Command Syntax

find /path/to/files* -mtime +5 -exec rm {} \;

Note that there are spaces between rm, {}, and \;

Explanation

  • The first argument is the path to the files. This can be a path, a directory, or a wildcard as in the example above. I would recommend using the full path, and make sure that you run the command without the exec rm to make sure you are getting the right results.
  • The second argument, -mtime, is used to specify the number of days old that the file is. If you enter +5, it will find files older than 5 days.
  • The third argument, -exec, allows you to pass in a command such as rm. The {} \; at the end is required to end the command.

or you can use the following command :

find /path/to/files* -mtime +5 | xargs rm -f

This should work on Ubuntu, Suse, Redhat, or pretty much any version of linux.

July 19, 2009

How to enable mod_rewrite on Apache2

Filed under: Apache,Debian,General — Tags: , — admin @ 12:51 pm 
a2enmod rewrite
/etc/init.d/apache2 restart
« Newer PostsOlder Posts »

Powered by WordPress