http://www.xml-sitemaps.com/
http://www.dmoz.org/Computers/Internet/Searching/Search_Engines/Sitemaps/
svn undo last change
Suppose we want to undo the last ci (revision 100) back to 99 for the changes in current directory.
svn merge --revision 100:99 .or
svn merge -c -100
Apache2 mod_rewrite module
The environment variables and syntax are documented here.
$N are the regexp matches on RewriteRule and %N are the ones from RewriteCond.
Apache2 mod_cache
The setup instructions can be found here. However, I noticed my CacheRoot is always empty. After I turned on
Loglevel debug. I notice there was a permission problem "mod_cache.c: (13)Permission denied". Just have to make the permission corrent and it then worked...# chown apache.apache /tmp/cache/httpd/
# chcon -t httpd_sys_content_t /tmp/cache/httpd/
Apache2 Connection Timeout
Sometimes I can not connect to my server, I found out that it is related to
Here says it should be disabled http://kbase.redhat.com/faq/FAQ_80_6180.shtm
net.ipv4.tcp_tw_recycle=1. I do not understand why as this is recommended setting for server....Here says it should be disabled http://kbase.redhat.com/faq/FAQ_80_6180.shtm
Enable mod_dumpio on Apache2
Use the following configuration:
LoadModule dumpio_module modules/mod_dumpio.so
LogLevel debug
DumpIOInput On
DumpIOOutput On
#DumpIOLogLevel can be set optionally
#DumpIOLogLevel debug
tcpdump http traffic
tcpdump -s 0 -i eth0 dst or src host mydomain.com and port 80other commands
tcpdump -A -s 0 -i eth0 dst or src host mydomain.com and port 80
tcpdump src 192.168.11.200 tcpdump src 192.168.11.200 and port tftp tcpdump -n dst 192.168.11.1 and udp tcpdump -n dst 192.168.0.1 or dst 192.168.0.10 and udp # display ip tcpdump -nn dst 192.168.0.1 or dst 192.168.0.10 and udp # display both ip and port tcpdump -nn ip multicast and not broadcastsee also http://www.rationallyparanoid.com/articles/tcpdump.html
Slow ssh login
Originally, I thought it was the sshd DNS configuration (i.e.
UseDNS) which is already set to no. It turns out that the first domain server in /etc/resolv.conf on the server is slow. After switching the order of the servers, ssh become fast again... This is related to the entries I added to hosts.deny.
Add SSL Certificate from Startcom to Apache
Get free certificates(3 files) from Startssl.com and modify the following:
SSLCertificateFile /etc/pki/tls/certs/mydomain.com.crt #generated by startcom
SSLCertificateKeyFile /etc/pki/tls/private/mydomain.com.key #generated by startcom
SSLCACertificateFile /etc/pki/tls/certs/startcom.bundle.crt #downloaded from startcom
Assign Multiple IP's on Single NIC
Restart the network after creating the following file:
# cat /etc/sysconfig/network-scripts/ifcfg-eth0-range0
IPADDR_START=192.168.1.2
IPADDR_END=192.168.1.3
CLONENUM_START=0
tcpwrapper: hosts.allow / hosts.deny
hosts.allow will overide hosts.deny.Below is a configuration I use for my home computer that can not be connected directly from outside:
hosts.allow:
sshd: 192.168.0.0/255.255.255.224 except 192.168.0.1
hosts.deny:
sshd: ALL
The Below is a machine that can be connected from outside:
hosts.allow:
sshd: 192.168.0.0/255.255.255.224 except 192.168.0.1
hosts.deny:
sshd: PARANOID,UNKNOWN
sshd: *.com.mx,*.com.ar,*.it, *.ro
Redirect kern.warn iptables log
add the following lines to
/etc/syslog.confkern.warning /var/log/iptables.log
Configuring Postfix with SASL
See Postfix SASL Howto and www.mysql-apache-php.com/.
This is for CentOS 4 http://www.hughesjr.com/content/view/14/29/
Here is another one with TLS http://wiki.centos.org/HowTos/postfix_sasl
When using TLS for postfix, make sure master.cf has
This is for CentOS 4 http://www.hughesjr.com/content/view/14/29/
Here is another one with TLS http://wiki.centos.org/HowTos/postfix_sasl
When using TLS for postfix, make sure master.cf has
smtps inet n - n - - smtpd
-o smtpd_sasl_auth_enable=yes
-o smtpd_tls_wrappermode=yes
Configure Squirrelmail
Change
To use https on apache, add the following to
Finally, selinux settings:
domain in /etc/squirrelmail/config.php:$domain = 'mydomain.com';so the email received will have
user@mydomain.comTo use https on apache, add the following to
/etc/httpd/conf.d/squirrelmail.conf:<Location /webmail>RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{HTTP_HOST}:443%{REQUEST_URI} [QSA,R=permanent,L]
</Location>
Finally, selinux settings:
setsebool -P httpd_can_network_connect=1
Dovecot Imaps Server setup
You can do this for pop/pops/imap as well, here I only wanted to configure imaps. Make the following changes to
Also remember to open the port 993 for imaps in the iptable configuration.
/etc/dovecot.conf:protocols = imaps.
login_process_size = 64 # for x86_64
imap_client_workarounds = delay-newmail outlook-idle netscape-eoh
Also remember to open the port 993 for imaps in the iptable configuration.
Configure postfix
If this is a web server, make sure you changed MX record with dns provider to point to your server (or you will not be able to receive mail). I have modified the following is
Use http://pingability.com to check your DNS setup.
/etc/postfix/mail.cf:myhostname = mydomain.com
myorigin = $myhostname
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
Use http://pingability.com to check your DNS setup.
Free Unix Account
You can get a temporary unix account by
Though this you can not telnet out out the box. For that, you can try http://www.bshellz.net/register
telnet sdf.lonestar.org
Though this you can not telnet out out the box. For that, you can try http://www.bshellz.net/register
Tunnel VNC over ssh
This will be faster than using VNC over X over ssh (i.e., ssh -X). Let us say we want to tunnel vnc from remote to local and the vncserver on remote is started on port 2 (5092).
Then on remote start vncserver if it is not started
Now on start vncviewer on local to connect to remote vnc server:
local$ ssh -C -L 5902:127.0.0.1:5902 uid@remote
Then on remote start vncserver if it is not started
remote$ vncserver :2
Now on start vncviewer on local to connect to remote vnc server:
local$ vncviewer locathost:2
X over ssh
Use either
-X or -Y option with ssh.localhost$ ssh -X remotehost
remotehost$ xterm # this remotehost xterm will show on your local machine
svn ignore a file
The property is set on a directory. Below I created a file
Add with an editor:
abc.txt and set svn:ignore on it:$ touch abc.txt
$ svn propset svn:ignore abc.txt .
property 'svn:ignore' set on '.'
$ svn propget svn:ignore .
abc.txt
$ svn status --no-ignore
I abc.txt
M .
Add with an editor:
svn propedit svn:ignore .
Ssh Read from remote host remote.com: Connection reset by peer
My hosting company firewall seems to drop idle connections. When I do a
Also you can change this in the kernel:
And make changes to
who on the server, there are many ssh sessions that are already dropped on the client side. I add the following to the /etc/ssh/sshd_config, then restarted the sshd. Connection reset does not happen anymore. Had to adjust ClientAliveInterval a few times to half of the firewall's timeout value.TCPKeepAlive yes
ClientAliveInterval 240
Also you can change this in the kernel:
# cat /proc/sys/net/ipv4/tcp_keepalive_time
7200
# echo 240 > /proc/sys/net/ipv4/tcp_keepalive_time
And make changes to
/etc/sysctl.conf permanently.net.ipv4.tcp_keepalive_time = 180
svn 1.4 compression
SVN 1.4 has compression support (use ldd to see if it is linked with libz). If use svn+ssh, enable ssh compression actually slows down the svn in my tests.
ldd /usr/bin/svn
...
libz.so.1 => /lib64/libz.so.1 (0x0000000020802000)
...
groupadd and useradd
Add a group 'friend' with a specific gid 600:
groupadd --gid 600 friendCreate a user with a specific gid 'friend':
useradd -g friend -m usernameAdd a existing user 'username' to a group 'friend'
usermod -a -G friend usernameChange username's primary group to 'friend'
usermod -g friend username
Subscribe to:
Posts (Atom)