By:
On:
In: General, Networking
With: 0 Comments

My Strongswan : Local IP: 172.30.0.37 Elastic IP: 19.215.188.2 OS: Ubuntu My WAN: – Customer grade broadband Internet – Public IP:28.77.250.17 – connect to my fiber optics – Local gateway IP: 192.168.1.100 – we need to setup porftforwarding : UDP port 4500,500, to our router interface 192.16.1.108 My Cisco: – Cisco 1841 – fa0/1 : 192.168.1.108  – connect to My WAN router local interface – fa0/0: 172.16.8.254 – connect to my local switch / pc My Strongswan config: /etc/ipsec.conf config setup # strictcrlpolicy=yes # uniqueids = no conn %default ikelifetime=1440m keylife=60m rekeymargin=3m keyingtries=1 keyexchange=ikev1 authby=secret conn myremoteoffice left=172.30.0.37 #strongswan outside address leftsubnet=172.30.0.0/24,0.0.0.0/0 #network behind strongswanRead More →

By:
On:
In: General, Networking
With: 0 Comments

i have 2 sites vpn between Strongswan and Cisco 1841 , the vpn works well , but there is a problem , some of ssl website could not open , after some research it turned out that’s the mtu issue. this is how i fix: conf t int fa0/1 ip mtu 1500 int fa0/0 ip mtu 1500 In case of yahoo, i need to update this on strongswan server: $ iptables -t mangle -A FORWARD -o eth0 \ -p tcp -m tcp –tcp-flags SYN,RST SYN \ -m tcpmss –mss 1361:1536 \ -j TCPMSS –set-mss 1360 $ echo 1 >/proc/sys/net/ipv4/ip_no_pmtu_disc For your reference: MTU woes inRead More →

By:
On:
In: General, Programming
With: 0 Comments

#add this line in Type 3 – ^${VLAN}\s+${DESTINATION_ADDRESS}\s+${TYPE}\s+\S+\s+${DESTINATION_PORT} -> Record Value DESTINATION_ADDRESS (\w+.\w+.\w+) Value TYPE (\w+) Value VLAN (\w+) Value DESTINATION_PORT (\S+) Start ^Destination\s+Address\s+Address\s+Type\s+VLAN\s+Destination\s+Port -> TYPE1 ^\s+vlan\s+mac address\s+type\s+learn\s+age\s+ports -> TYPE2 ^\s+vlan\s+mac address\s+type\s+protocols\s+port -> TYPE3 ^Vlan\s+Mac Address\s+Type\s+Ports -> TYPE4 TYPE1 ^${DESTINATION_ADDRESS}\s+${TYPE}\s+${VLAN}\s+${DESTINATION_PORT} -> Record TYPE2 ^[\*|\s]\s+${VLAN}\s+${DESTINATION_ADDRESS}\s+${TYPE}\s+\S+\s+\S+\s+${DESTINATION_PORT} -> Record TYPE3 ^\s+${VLAN}\s+${DESTINATION_ADDRESS}\s+${TYPE}\s+\S+\s+${DESTINATION_PORT} -> Record ^${VLAN}\s+${DESTINATION_ADDRESS}\s+${TYPE}\s+\S+\s+${DESTINATION_PORT} -> Record TYPE4 ^\s+${VLAN}\s+${DESTINATION_ADDRESS}\s+${TYPE}\s+${DESTINATION_PORT} -> Record  Read More →

By:
On:
In: General, Linux
With: 0 Comments

When you tried to stop Nagios to monitor some services from web interfaces – you see the message below: Sorry, but Nagios is currently not checking for external commands, so your command will not be committed! This is because we haven’t enable this feature in our configuration, it’s easy to fix. Open your nagios config file , /etc/nagios3/nagios.cfg Look for this line: check_external_commands=0   change it to check_external_commands=1   and reload nagios /etc/init.d/nagios3 restart You might receive this error: Error: Could not stat() command file ‘/var/lib/nagios3/rw/nagios.cmd’!.  The fix is # /etc/init.d/nagios3 stop Stopping nagios3 monitoring daemon: nagios3Waiting for nagios3 daemon to die… . # dpkg-statoverride –updateRead More →

By:
On:
In: General, Linux
With: 0 Comments

I just found out that i could not access my wordpress today, i checked the server, everything looked good. i restarted the server, it’s still slow, there is no error. I decided to do a debug using the following command: cd /www/myswebsite.com/httpdocs/ strace php index.php I see my script stopped at sendmmsg(6, {{{msg_name(0)=NULL, msg_iov(1)=[{“-\265\1\0\0\1\0\0\0\0\0\0\24tech-banker-service”…, 42}], msg_controllen=0, msg_flags=MSG_DONTROUTE|MSG_DONTWAIT|MSG_FIN|MSG_SYN|MSG_ERRQUEUE|MSG_NOSIGNAL|MSG_FASTOPEN|0x6a80010}, 42}, {{msg_name(0)=NULL, msg_iov(1)=[{“\207E\1\0\0\1\0\0\0\0\0\0\24tech-banker-service”…, 42}], msg_controllen=0, msg_flags=MSG_OOB|MSG_DONTROUTE|MSG_CTRUNC|0x10}, 42}}, 2, MSG_NOSIGNAL) = 2 poll([{fd=6, events=POLLIN}], 1, 5000) = 1 ([{fd=6, revents=POLLIN}]) ioctl(6, FIONREAD, [58]) = 0 recvfrom(6, “-\265\201\200\0\1\0\1\0\0\0\0\24tech-banker-service”…, 2048, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr(“213.133.99.99”)}, [16]) = 58 poll([{fd=6, events=POLLIN}], 1, 4999) = 1 ([{fd=6, revents=POLLIN}]) ioctl(6, FIONREAD, [135]) = 0 recvfrom(6,Read More →

By:
On:
In: General, Linux
With: 0 Comments

The folder /etc/cron.d/ is used to store all cronjobs, the cronjob is saved on the file , the format is: minute hour day month dayofweek username command_to_run. There might some problems – the syntax is not correct , and the result is that the whole file will be ignore.  I don’t know how to check the syntax , but i can watch to the syslog to see if there is any error. After we edit the file in crontab , the system will reload the cronjob, if there is any error it will throw an error in syslog. So i setup this before editing theRead More →

By:
On:
In: General, Linux
With: 0 Comments

smartctl is a nice tool to check your hard disk health – it will let you know how many hours your disk have been running , the hard disk serial number, temperature … by default smartctl is not installed by default, it’s in smartmontools package. To make it ready to use, you must install smartmontools apt-get install smartmontools After you install smartmontools you can run this command to check your hard disk health: smartctl –xall /dev/sda Here is a sample: smartctl 6.5 2016-01-24 r4214 [x86_64-linux-4.4.0-28-generic] (local build) Copyright (C) 2002-16, Bruce Allen, Christian Franke, www.smartmontools.org === START OF INFORMATION SECTION === Model Family: Toshiba 3.5″Read More →