Admins eHow SysAdmin Tips & Tricks

February 18, 2015

snmpd: error on subcontainer ‘ia_addr’ insert (-1)

Filed under: Debian — Tags: , , , — admin @ 11:07 am

If you get many errors like the following in syslog:

snmpd[xxxx]: error on subcontainer 'ia_addr' insert (-1)

It’s because of a bug in Debian, Run the following commands to resolve the issue:

sed -i 's/Lsd/LS6d/g' /etc/default/snmpd
service snmpd restart

September 3, 2012

Install SNMP on Debian

Filed under: Debian — Tags: , , , — admin @ 10:15 am

The following easy steps will install snmp daemon on your Debian server :

apt-get install snmpd snmp

now snmpd simple configuration ( change SECRET_NAME to a complex string ) :

echo rocommunity SECRET_NAME > /etc/snmp/snmpd.conf

restart snmpd :

/etc/init.d/snmpd restart

last step to check snmpd is working ( change SECRET_NAME to the string you have chose before ) :

snmpwalk -v 1 -c SECRET_NAME -O e 127.0.0.1

you should get an output like below :

iso.3.6.1.2.1.1.1.0 = STRING: "Linux debian 2.6.32-5-686 #1 SMP Sun May 6 04:01:19 UTC 2012 i686"
iso.3.6.1.2.1.1.2.0 = OID: iso.3.6.1.4.1.8072.3.2.10
iso.3.6.1.2.1.1.3.0 = Timeticks: (7026) 0:01:10.26
iso.3.6.1.2.1.1.4.0 = STRING: "root"
iso.3.6.1.2.1.1.5.0 = STRING: "debian"
iso.3.6.1.2.1.1.6.0 = STRING: "Unknown"
iso.3.6.1.2.1.1.8.0 = Timeticks: (0) 0:00:00.00
iso.3.6.1.2.1.1.9.1.2.1 = OID: iso.3.6.1.6.3.10.3.1.1
iso.3.6.1.2.1.1.9.1.2.2 = OID: iso.3.6.1.6.3.11.3.1.1
iso.3.6.1.2.1.1.9.1.2.3 = OID: iso.3.6.1.6.3.15.2.1.1
iso.3.6.1.2.1.1.9.1.2.4 = OID: iso.3.6.1.6.3.1
iso.3.6.1.2.1.1.9.1.2.5 = OID: iso.3.6.1.2.1.49
iso.3.6.1.2.1.1.9.1.2.6 = OID: iso.3.6.1.2.1.4
iso.3.6.1.2.1.1.9.1.2.7 = OID: iso.3.6.1.2.1.50
iso.3.6.1.2.1.1.9.1.2.8 = OID: iso.3.6.1.6.3.16.2.2.1
iso.3.6.1.2.1.1.9.1.3.1 = STRING: "The SNMP Management Architecture MIB."
iso.3.6.1.2.1.1.9.1.3.2 = STRING: "The MIB for Message Processing and Dispatching."
iso.3.6.1.2.1.1.9.1.3.3 = STRING: "The management information definitions for the SNMP User-based Security Model."
iso.3.6.1.2.1.1.9.1.3.4 = STRING: "The MIB module for SNMPv2 entities"
iso.3.6.1.2.1.1.9.1.3.5 = STRING: "The MIB module for managing TCP implementations"
iso.3.6.1.2.1.1.9.1.3.6 = STRING: "The MIB module for managing IP and ICMP implementations"
iso.3.6.1.2.1.1.9.1.3.7 = STRING: "The MIB module for managing UDP implementations"
iso.3.6.1.2.1.1.9.1.3.8 = STRING: "View-based Access Control Model for SNMP."

July 16, 2012

How to auth Squid by Radius through PAM in Debian

Filed under: Debian — Tags: , , , , , — admin @ 9:20 am

install libpam-radius-auth

apt-get install libpam-radius-auth

open /etc/pam_radius_auth.conf

nano /etc/pam_radius_auth.conf

and add the following lines into it. Your_IP and PORT are the IP address and Port of Radius sever. SecretKey is the Secret of radius server. 3 is the timeout in seconds.

# server[:port] shared_secret      timeout (s)
YOUR_IP:PORT SecretKey 3

Change the permissions :

chown root /etc/pam_radius_auth.conf
chmod +r /etc/pam_radius_auth.conf

create /etc/pam.d/squid :

nano /etc/pam.d/squid

and add the following lines :

auth sufficient pam_radius_auth.so
account sufficient pam_radius_auth.so

Now install Squid if you have not installed it yet :

apt-get install squid

Lets try and see if Squid PAM works successfully through Radius auth, run the following command and enter username and password with a space between them :

/usr/lib/squid/pam_auth
username password
OK

OK means radius server has accepted the authentication details. ERR means there is a problem.
Now configure Squid to use pam_ath, open /etc/squid/squid.conf :

nano /etc/squid/squid.conf

Add the following lines to the begging of the file :

auth_param basic program /usr/lib/squid/pam_auth
auth_param basic children 5
auth_param basic realm REALM
auth_param basic credentialsttl 2 hours

Add following line in acl section :

acl password proxy_auth REQUIRED

Add following line before http_access deny all :

http_access allow password

September 9, 2011

Install Apache2 + PHP5 on Debian

Filed under: Apache,Debian,PHP — Tags: , , , , — admin @ 8:16 am

Very Simple…

apt-get install libapache2-mod-php5
/etc/init.d/apache2 restart

Xen – PyGrub – warning: grub-probe can’t find drive for /dev/xvda1

Filed under: Debian — Tags: , , , , , , , — admin @ 8:05 am

If you get following while doing “apt-get upgrade” on Debian Squeeze :

Setting up linux-image-2.6.32-5-amd64 (2.6.32-35squeeze1) ...
Running depmod.
Running update-initramfs.
update-initramfs: Generating /boot/initrd.img-2.6.32-5-amd64
Examining /etc/kernel/postinst.d.
run-parts: executing /etc/kernel/postinst.d/initramfs-tools 2.6.32-5-amd64 /boot/vmlinuz-2.6.32-5-amd64
run-parts: executing /etc/kernel/postinst.d/zz-update-grub 2.6.32-5-amd64 /boot/vmlinuz-2.6.32-5-amd64
Searching for GRUB installation directory ... found: /boot/grub
warning: grub-probe can't find drive for /dev/xvda1.
grub-probe: error: cannot find a GRUB drive for /dev/xvda1. Check your device.map.
run-parts: /etc/kernel/postinst.d/zz-update-grub exited with return code 1
Failed to process /etc/kernel/postinst.d at /var/lib/dpkg/info/linux-image-2.6.32-5-amd64.postinst line 799, line 2.
dpkg: error processing linux-image-2.6.32-5-amd64 (--configure):
subprocess installed post-installation script returned error exit status 2

The solution is :

Run…

echo '(hd0) /dev/xvda' > /boot/grub/device.map
mknod /dev/xvda b 202 0

Edit /usr/sbin/update-grub :
Change…

find_device ()
{
if ! test -e ${device_map} ; then
echo quit | grub --batch --no-floppy --device-map=${device_map} > /dev/null
fi
grub-probe --device-map=${device_map} -t device $1 2> /dev/null
}

to…

find_device ()
{
if ! test -e ${device_map} ; then
echo quit | grub --batch --no-floppy --device-map=${device_map} > /dev/null
fi
#grub-probe --device-map=${device_map} -t device $1 2> /dev/null
echo /dev/xvda
}

Run…

update-grub 0
sed -i "s/xvda/xvda1/g" /boot/grub/menu.lst

Everything should be fixed now.

References :
http://www.sysadmintalk.net/forums/Thread-PyGrub-grub-probe-can-t-find-drive-for-dev-xvda1-error-Debian-Squeeze
http://lists.bitfolk.com/lurker/message/20080529.142153.954fedf4.el.html

April 27, 2011

Block BitTorrent traffic on your Linux firewall using iptables

Filed under: Debian,linux,Security — Tags: , , , , , — admin @ 7:25 pm

The following script will block and log un-encrypted BitTorrent & DHT traffic on your Linux firewall.
I have personally tested it on debian 5 lenny , but I am almost sure it should work pretty well on any new Linux distros.

iptables -N LOGDROP > /dev/null 2> /dev/null 
iptables -F LOGDROP 
iptables -A LOGDROP -j LOG --log-prefix "LOGDROP " 
iptables -A LOGDROP -j DROP

#Torrent
iptables -A FORWARD -m string --algo bm --string "BitTorrent" -j LOGDROP 
iptables -A FORWARD -m string --algo bm --string "BitTorrent protocol" -j LOGDROP
iptables -A FORWARD -m string --algo bm --string "peer_id=" -j LOGDROP
iptables -A FORWARD -m string --algo bm --string ".torrent" -j LOGDROP
iptables -A FORWARD -m string --algo bm --string "announce.php?passkey=" -j LOGDROP 
iptables -A FORWARD -m string --algo bm --string "torrent" -j LOGDROP
iptables -A FORWARD -m string --algo bm --string "announce" -j LOGDROP
iptables -A FORWARD -m string --algo bm --string "info_hash" -j LOGDROP 

# DHT keyword
iptables -A FORWARD -m string --string "get_peers" --algo bm -j LOGDROP
iptables -A FORWARD -m string --string "announce_peer" --algo bm -j LOGDROP
iptables -A FORWARD -m string --string "find_node" --algo bm -j LOGDROP

July 29, 2010

GET: command not found

Filed under: Debian — Tags: , , , — admin @ 4:41 pm

if you get the following error on debian :

-bash: GET: command not found

install the following package :

apt-get install libwww-perl

July 16, 2010

Find the fastest apt mirrors (repos) for debian lenny

Filed under: Debian — Tags: , , , , , , , — admin @ 3:21 pm
apt-get install netselect-apt
netselect-apt -n -s lenny

How to install Byte UnixBench on debian lenny

Filed under: Debian,General — Tags: , , , , , , — admin @ 2:28 pm

From UnixBench website :

UnixBench is the original BYTE UNIX benchmark suite, updated and revised by many people over the years.

The purpose of UnixBench is to provide a basic indicator of the performance of a Unix-like system; hence, multiple tests are used to test various aspects of the system’s performance. These test results are then compared to the scores from a baseline system to produce an index value, which is generally easier to handle than the raw scores. The entire set of index values is then combined to make an overall index for the system.

Some very simple graphics tests are included to measure the 2D and 3D graphics performance of the system.

Multi-CPU systems are handled. If your system has multiple CPUs, the default behaviour is to run the selected tests twice — once with one copy of each test program running at a time, and once with N copies, where N is the number of CPUs. This is designed to allow you to assess:

  • the performance of your system when running a single task
  • the performance of your system when running multiple tasks
  • the gain from your system’s implementation of parallel processing

Do be aware that this is a system benchmark, not a CPU, RAM or disk benchmark. The results will depend not only on your hardware, but on your operating system, libraries, and even compiler.

First install required libraries for compilation :

apt-get install libx11-dev libgl1-mesa-dev libxext-dev perl  perl-modules make

Then get the unixbench and run it :

wget http://byte-unixbench.googlecode.com/files/unixbench-5.1.2.tar.gz
tar zxvf unixbench-5.1.2.tar.gz
cd unixbench-5.1.2
./Run

March 5, 2010

How to change timezone on Debian

Filed under: Debian,General — Tags: , , , — admin @ 8:40 am
dpkg-reconfigure tzdata
Older Posts »

Powered by WordPress