HOWTO

HOW TO : Modify iptables rules

Quick how to for my personal records. iptables is an open source firewall (and it does a lot more) included with most linux distributions.

Steps to add new rule to existing configuration

Check the list of rules and their corresponding sequence

[code]sudo iptables -vL –line-numbers [/code]

Add the new rule at the required location/sequence

[code] sudo iptables -I INPUT LINE_NUMBER RULE [/code]

Example :

[code]iptables -I INPUT 8 -s X.X.X.X/24 -p tcp -m state –state NEW -m tcp –dport 3128 -j ACCEPT[/code]

Save the configuration

[code] sudo serivce iptables save [/code]

Thx to Sijis for helping with the commands.

HOW TO : Fix Jboss startup script for CentOS

Quick note for myself on fixing the default startup script provided by Jboss to work on CentOS. Thx to Shankar to finding the solution.

The default startup script (/$JBOSS_HOME/bin/jboss_init_redhat.sh) that Jboss provides does not work properly in CentOS. The start option works fine, but when you try to stop Jboss, it gives you a “No JBossas is currently running” message and quits.

Here’s a quick way to fix it. Edit the jboss_init_redhat.sh file and replace

[code]JBOSSSCRIPT=$(echo $JBOSSSH | awk ‘{print $1}’ | sed ‘s/\//\\\//g’) [/code]

with

[code]JBOSSSCRIPT=$(echo $JBOSSSH | awk ‘{print $1}’)[/code]

November 28, 2011 by admin HOWTO Linux Technology Uncategorized 1

HOW TO : Move your life into the cloud

Nope… I am not too late to get on the “cloud” bandwagon :). I started writing this post in Dec 2009 and here’s a screenshot of my drafts to prove it

And I have finally decided that it is time to complete the post and publish it.

I change laptops every 6 months or so and a lot of my friends ask me how I manage to swap them so quickly and yet stay productive. I am sure a lot of you can relate to this. It usually take a month or so to get your workstation to a “state” that you feel comfortable with and are productive. Here are the tricks/tools I use to make the switching of a laptop/desktop to be a no-brainer activity. And I utilize the “cloud” heavily for this.

I adhere to a couple of simple rules to make sure I can be productive anywhere, even in situations, where I don’t have my workstation with me.

Everything I produce should be searchable
Everything I produce should be available on the web
Everything I produce should be easy to share

With these principles in mind, here are the services I use..

PHOTOS :

SERVICE : I use flickr to store all my pictures. I have taken ~40 thousand pictures since 2003 and everyone of them is online at http://www.flickr.com/photos/kudithipudi. I wish, flickr was around when I was a kid, so that I had a place to store all the pictures from my childhood instead of rotting away in some old cardboard box. I like Flickr for it’s simplicity and ease of use. There are other sites that offer a lot more features, but the features offered by Flickr are are more than enough for me.
COST : $24.95/year to upload/store unlimited number of pictures
OTHER CHOICES : There are plenty of photo storing/sharing sites. Some of the popular ones are picasa, photobucket, facebook

ON-LINE STORAGE :

SERVICE : I use dropbox to store any digital content I create. This overlaps a bit with the service I use to store documents I create. Dropbox is a service that allows you to synchronize files between different computers you have the agent installed on and at the same time stores them online for you. They offer 2GB of free space by default and you can earn more space by referring people to the service. (note : the links to dropbox are my referral links. If you sign up for the service, I get 250Mb of free space. If you don’t want to use the referral links, you can sign up for the service directly at www.dropbox.com).You would think 2GB is not a lot of space. But once you remove the music, movies and photos, you really don’t need a lot of space :). For example, I haven’t crossed 1.8 GB, even though I have an electronic record of all my important files all the way from 2006. All I do, when I switch to a new laptop is install the dropbox agent and voila all my files are downloaded and synced with the latest copies.
COST : free. If you need more space, dropbox offers it for a cost.
OTHER CHOICES : There’s plenty of competition for dropbox, but I don’t think anyone of them have come close to making the sharing/storage work as seamless as dropbox. Some of the popular ones are box.net, SugarSync,wuala, Amazon Cloud Drive

DOCUMENTS :

SERVICE : I use Google Docs to create and store documents, spreadsheets and presentations. Since it’s inception in 2006 as a simple online editor and spreadsheets service, Google Docs has come a long way. There are few things you cannot do in Google Docs, that you can do in a full fledged productivity suite like Microsoft Office. Plus it gives you the capability to collaborate with other people when creating documents.
COST : free.
OTHER CHOICES : The only other service that comes close to Google Docs is Zoho Suites. Microsoft has a competing product, Office Live, but I think they are confused on how to market it because it will eat into their most profitable franchise (Microsoft Office)

EMAIL :

SERVICE : I use Gmail for my email. Although there is a standalone version, I use it as part of the services provided by Google Apps for my domain (kudithipudi.org). It offers free spam protection, 7GB of space and super fast search. What else can one ask for? 🙂
COST : free
OTHER CHOICES : There are several free email hosting providers. Some of the popular ones are hotmail, yahoo, aol

ONLINE PRESENCE :

SERVICE : I strongly believe that all of us have to manage our online presence. And I don’t mean just for the folks that work in technology, but everyone that uses the Internet. And that is pretty much most of the people living on planet earth :). There are several ways to do this (and I think that is for a another blog post), but the simplest way is to ensure you have a place where you can broadcast your presence. I use this blog as a way to document my thoughts, share ideas and in general manage my on-line presence. I host this blog on a virtual server that I lease from Rackspace.
COST : $11/month
OTHER CHOICES : I would not recommend what I am doing for most people. There are several free platforms that you can host your blog on. I just do it this way, because I like to tinker with technology. Some of the popular blogging platforms are tumblr, blogspot, wordpress, squarespace.

November 13, 2011 by admin HOWTO Management Technology Uncategorized Web 7

HOW TO : Check web services using curl

Quick note for myself to check web services using curl ([L/U]nix utility to play with http(s) traffic)

[code] curl https://URL_TO_TEST –insecure –trace-ascii debug.txt [/code]

Comments on options :
–insecure is used if you are testing web services served over SSL using self signed certs
–trace-ascii dumps all traffic between the client (curl in this case) and the server in human readable format

October 31, 2011 by admin HOWTO Linux Networking security Uncategorized Web 0

HOW TO : Find the clients connecting to a NFS server

Quick tip to find out the clients connecting to a NFS server.

Check the ports that NFS uses

[code] grep -i nfs /etc/services [/code]

Check the clients connecting to the server using the port from above

[code] netstat -an | grep 2049 [/code]

September 1, 2011 by admin HOWTO Linux Technology Uncategorized 0

HOW TO : Search ownership of files in Linux

Say you have a directory with a bunch of sub directories and files and you want to see if all the files are owned by a particular user, you can use the following set of commands

[code]ls DIRECTORY_PATH -l -R | awk {‘print $3’} | grep -v USER_NAME[/code]

The set of commands do the following

ls -l -R shows the list of files and directories
awk prints the name of the owner of the file (it is the third column)
grep shows only the lines where the owner name doesn’t match

And yeah.. this works in most variants of Linux :).

September 1, 2011 by admin HOWTO Linux Technology Uncategorized 2

HOW TO : Apache and SELinux

Quick note for future reference..

If you ever run into errors like this

[code]
<pre>Starting httpd: Warning: DocumentRoot [/var/www/html/static] does not exist
Warning: DocumentRoot [/var/www/html/static] does not exist
Warning: DocumentRoot [/var/www/html/static] does not exist
Warning: DocumentRoot [/var/www/html/static] does not exist
(13)Permission denied: httpd: could not open error log file /etc/httpd/logs/error_log.
Unable to open logs
[FAILED]
[/code]
And you are scratching your head why Apache is throwing these errors, even when the said directory and files exist. And you have the right permissions!! Check if you have SELinux running and being enforced.
On RHEL, you can check if SELinux is running by
[code]cat /selinux/enforce [/code]
The two values are 0 and 1. 0 means, SELinux is not being enforced and 1 means it is.
You can quickly disable SELinux temporarily by
[code]echo 0 >/selinux/enforce [/code]
If you want to disable it permanently (i.e. survive reboots), you have to edit the file /etc/selinux/config and change the SELINUX line from enabled to disabled.

August 22, 2011 by admin HOWTO Linux Networking Technology Uncategorized Web 4

HOW TO : Playbook for creating an effective IT team

Tom Limoncelli put together a list of questions that are essentially a cheat-sheet to creating and running a very effective IT team. He called it the Limoncelli Test (as a tribute to the Joel Spolsky‘s Joel Test) and it can be found at http://everythingsysadmin.com/the-test.html.

The only additional thing I would add to the list is to have a roadmap for the function you provide and ensure it is updated quarterly. A lot of teams spend a lot of time on what they do now, but don’t focus on what they “can” do. This is similar to IT functions spending more than 70% – 80% of their budgets on maintenance rather than innovating.

August 22, 2011 by admin HOWTO Management Uncategorized 0

HOW TO : Use grep to search for credit card numbers

I was looking for a quick way to search for credit card numbers in a file and ran across this excellent post by Adrian Rollett. I tweaked his suggestion a bit to show some additional data.

Original suggestion

[code] grep ‘$^\|[^0-9]$\{1\}$[345]\{1\}[0-9]\{3\}\|6011$\{1\}[-]\?[0-9]\{4\}[-]\?\[0-9]\{2\}[-]\?[0-9]\{2\}-\?[0-9]\{1,4\}$$\|[^0-9]$\{1\}’ FILE_TO_SEARCH [/code]

My modification

[code] grep ‘$[345]\{1\}[0-9]\{3\}\|6011$\{1\}[ -]\?[0-9]\{4\}[ -]\?[0-9]\{2\}[-]\?[0-9]\{2\}[ -]\?[0-9]\{1,4\}’ –color -H -n FILE_TO_SEARCH [/code]

The modified command will show the name of the file the number was found and at which line. You can tweak it further using additional options for grep. A good reference guide can be found here.

August 17, 2011 by admin HOWTO Linux Technology Uncategorized 0

HOW TO : Export and import certificates using keytool

Keytool is a java utility to manage SSL key databases (stores). Here are a couple of options for using this tool

List the certificates in the keystore

[code]keytool -list -keystore NAME_OF_KEYSTORE_FILE [/code]

Export a particular certificate from the keystore

[code]keytool -export -alias ALIAS_NAME_OF_CERT -keystore NAME_OF_KEYSTORE_FILE [/code]

Import a certificate into the keystore

[code]keytool -import -alias ALIAS_NAME_YOU_WANT -keystore NAME_OF_KEYSTORE_FILE -file NAME_OF_CERT_FILE_TO_IMPORT [/code]

July 20, 2011 by admin HOWTO Networking Technology Uncategorized 1