Monday, December 28, 2009

Installing PHP 5.2.x on Centos

Recently I have got into issue where the PHP framework requires php 5.2.x while the installed system of centos 5.4 have php 5.1.x.

The Testing repo of centos have php 5.2.x, I followed the following steps to install the php 5.2.x from centos dev repository.

Method 1:  Which will install all the new packages from Centos Testing repo.

sudo vi /etc/yum.repos.d/Centos-Test.repo

name=CentOS-5 Testing

# CentOS-Testing:
# !!!! CAUTION !!!!
# This repository is a proving grounds for packages on their way to CentOSPlus and CentOS Extras.
# They may or may not replace core CentOS packages, and are not guaranteed to function properly.
# These packages build and install, but are waiting for feedback from testers as to
# functionality and stability. Packages in this repository will come and go during the
# development period, so it should not be left enabled or used on production systems without due
# consideration.

If you are using "yum-priorities" like me then you also have to add the following to the above


Now install the updates

sudo yum --enablerepo=c5-testing update <--- this will install php 5.2.x along with other latest packages from Centos dev repo.

I am not sure how safe its to enable testing repository on production server in my case its a testing server so I can play with it.

Method 2: Only install php 5.2.x and related packages from Centos Testing Repo

sudo yum --enablerepo=c5-testing update php-*

 Package                               Arch                          Version                                       Repository                           Size
 php                                   i386                          5.2.9-2.el5.centos                            c5-testing                          1.2 M
 php-cli                               i386                          5.2.9-2.el5.centos                            c5-testing                          2.4 M
 php-common                            i386                          5.2.9-2.el5.centos                            c5-testing                          237 k
 php-mbstring                          i386                          5.2.9-2.el5.centos                            c5-testing                          1.1 M
 php-mysql                             i386                          5.2.9-2.el5.centos                            c5-testing                           80 k
 php-pdo                               i386                          5.2.9-2.el5.centos                            c5-testing                           62 k

Transaction Summary

This will install the php packages

For more information click Centos Repositories.

Saturday, December 19, 2009

Fedora 12 Yum New Feature 'history'

With Fedora 12 which was recently released and with F12 new version of Yum package manager also released. One of the new feature that new version of Yum bring is history.

The history command allows the user to view what has happened in past transactions. You can use info/list/summary to view what happened, undo/redo to act on that information and new to start a new his-tory file.

The info/list/summary commands take either a transactions id or a package (with wildcards, as in Specifying package names), all three  can also be passed no arguments. list can be passed the keyword "all" to list all the transactions.  undo/redo just take a transaction id.

Here are few examples:

$ sudo yum history
Loaded plugins: dellsysidplugin2, fastestmirror, refresh-packagekit
ID     | Login user             | Date and time    | Action(s)      | Altered
    23 | Askar Ali Khan | 2009-12-19 20:29 | Update         |   35
    22 | Askar Ali Khan | 2009-12-19 20:22 | Install        |    1
    21 | Askar Ali Khan | 2009-12-19 19:57 | Erase          |    1
    20 | System          | 2009-12-16 20:16 | Update         |   20
    19 | System          | 2009-12-13 10:03 | E, I, U        |   51
    18 | System          | 2009-12-09 19:19 | Install        |    1
    17 | System          | 2009-12-09 19:12 | Update         |   14
    16 | System          | 2009-12-07 20:51 | I, U           |   33
    15 | System          | 2009-12-03 17:20 | Update         |   10
    14 | Askar Ali Khan | 2009-12-02 17:57 | I, O, U        |   56
    13 | System          | 2009-11-30 20:37 | Update         |   46
    12 | Askar Ali Khan | 2009-11-30 20:29 | Install        |    1
    11 | Askar Ali Khan | 2009-11-25 20:53 | Update         |   19  <
    10 | Askar Ali Khan | 2009-11-22 09:55 | Erase          |    1 >
     9 | Askar Ali Khan | 2009-11-22 09:55 | Erase          |    3
     8 | Askar Ali Khan | 2009-11-22 09:54 | Install        |    1
     7 | Askar Ali Khan | 2009-11-22 09:53 | Install        |    1
     6 | Askar Ali Khan | 2009-11-22 09:52 | Erase          |    1
     5 | Askar Ali Khan | 2009-11-22 09:50 | Erase          |    3
     4 | System          | 2009-11-20 19:12 | I, U           |   38

To list packages of a transaction, use option 'info' followed by transactions id

$sudo yum history info 15
Loaded plugins: dellsysidplugin2, fastestmirror, refresh-packagekit
Transaction ID : 15
Begin time     : Thu Dec  3 17:20:15 2009
Begin rpmdb    : 1328:10c8f90e66eb2c26aa380265fb4b5b11e56aae7a
End time       :            17:20:53 2009 (38 seconds)
End rpmdb      : 1328:465b91d25241fa9452547719e554f9fb8ec9ac73
User           : System
Return-Code    : Success
Transaction performed with:
    Installed    rpm-4.7.1-6.fc12.i686
    Installed    yum-3.2.25-1.fc12.noarch
    Installed    yum-metadata-parser-1.1.2-14.fc12.i686
    Installed    yum-plugin-fastestmirror-1.1.24-2.fc12.noarch
Packages Altered:
    Updated      fontpackages-filesystem-1.35-1.fc12.noarch
    Update                               1.41-1.fc12.noarch
    Updated      gnome-python2-applet-2.28.0-1.fc12.i686
    Update                            2.28.0-2.fc12.i686
    Updated      gnome-python2-desktop-2.28.0-1.fc12.i686
    Update                             2.28.0-2.fc12.i686
    Updated      gnome-python2-gnomekeyring-2.28.0-1.fc12.i686
    Update                                  2.28.0-2.fc12.i686
    Updated      gnome-python2-libwnck-2.28.0-1.fc12.i686
    Update                             2.28.0-2.fc12.i686
    Updated      libsndfile-1.0.20-2.fc12.i686
    Update                  1.0.20-3.fc12.i686
    Updated      liveusb-creator-3.8.6-1.fc12.noarch
    Update                       3.8.7-1.fc12.noarch
    Updated      mdadm-3.0.3-1.fc12.i686
    Update             3.0.3-2.fc12.i686
    Updated      wget-1.11.4-5.fc12.i686
    Update            1.12-2.fc12.i686
    Updated      xorg-x11-drv-dummy-0.3.2-3.fc12.i686
    Update                          0.3.3-1.fc12.i686
history info

Now to undo a transaction, use option 'undo' with the transaction id:

$ sudo yum history undo 22
Loaded plugins: dellsysidplugin2, fastestmirror, refresh-packagekit
Loading mirror speeds from cached hostfile
updates/metalink                                                                                                                      | 7.7 kB     00:00    
 * fedora:
 Undoing transaction 22, from Sat Dec 19 20:22:12 2009
    Install      gnokii-0.6.28-1.fc12.i686
Resolving Dependencies
--> Running transaction check
---> Package gnokii.i686 0:0.6.28-1.fc12 set to be erased
--> Finished Dependency Resolution

Dependencies Resolved

 Package                            Arch                             Version                                     Repository                             Size
 gnokii                             i686                             0.6.28-1.fc12                               installed                             1.9 M

Transaction Summary
Remove        1 Package(s)
Reinstall     0 Package(s)
Downgrade     0 Package(s)

Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Erasing        : gnokii-0.6.28-1.fc12.i686                                                                                                             1/1
warning: /etc/gnokiirc saved as /etc/gnokiirc.rpmsave

  gnokii.i686 0:0.6.28-1.fc12                                                                                                                               


Undoing transaction 22 creates a transaction 24. If you want to reinstall what was installed in transaction 22, do the following:

 $ sudo yum history redo 22
Loaded plugins: dellsysidplugin2, fastestmirror, refresh-packagekit
Loading mirror speeds from cached hostfile
 * fedora:
 * rpmfusion-free:
 * rpmfusion-free-updates:
 * rpmfusion-nonfree:
 * rpmfusion-nonfree-updates:
 * updates:
Repeating transaction 22, from Sat Dec 19 20:22:12 2009
    Install      gnokii-0.6.28-1.fc12.i686
Resolving Dependencies
--> Running transaction check
---> Package gnokii.i686 0:0.6.28-1.fc12 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

 Package                             Arch                              Version                                     Repository                           Size
 gnokii                              i686                              0.6.28-1.fc12                               fedora                              539 k

Transaction Summary
Install       1 Package(s)
Upgrade       0 Package(s)

Total download size: 539 k
Is this ok [y/N]: y
Downloading Packages:
gnokii-0.6.28-1.fc12.i686.rpm                                                                                                         | 539 kB     00:03   
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing     : gnokii-0.6.28-1.fc12.i686                                                                                                             1/1

  gnokii.i686 0:0.6.28-1.fc12                                                                                                                              


Option 'summary' associated with a package name gives the list of transaction where that package is involved.

$ sudo yum history summary gnokii
Loaded plugins: dellsysidplugin2, fastestmirror, refresh-packagekit
Login user                 | Time                | Action(s)        | Altered
Askar Ali Khan      | Last day            | E, I             |        4
System              | Last 3 months       | I, O, U          |     3909
history summary

And finally here is the option 'list'

$ sudo yum history list gnokii
Loaded plugins: dellsysidplugin2, fastestmirror, refresh-packagekit
ID     | Login user             | Date and time    | Action(s)      | Altered
    25 | Askar Ali Khan | 2009-12-20 12:50 | Install        |    1
    24 | Askar Ali Khan | 2009-12-20 12:46 | Erase          |    1
    22 | Askar Ali Khan | 2009-12-19 20:22 | Install        |    1
    21 | Askar Ali Khan | 2009-12-19 19:57 | Erase          |    1
     3 | System          | 2009-11-20 01:11 | I, O, U        | 1303
     2 | System          | 2009-11-20 00:21 | I, O, U        | 1303
     1 | System          | 2009-11-19 05:40 | I, O, U        | 1303
history list

Wednesday, December 16, 2009

Nagios and SNMP Traps

Recently I have worked on sending and receiving SNMP Traps to and from Nagios, its was really a great experience to extend Nagios alerts to other Managers for example HP NNM. Soon I'll document all the process.

Monday, December 14, 2009

Google Launches Public DNS Resolver

Recently Google launches their free DNS resolution service, called Google Public DNS.
According to their blog post, Google Public DNS uses continuous record prefetching to avoid cache misses — hopefully making the service faster — and implements a variety of techniques to block spoofing attempts. They also say that (unlike an increasing number of ISPs), Google Public DNS behaves exactly according to the DNS standard, and will not redirect you to advertising in the event of a failed lookup.

Google DNS Server IP Addresses

The Google Public DNS IP addresses are as follows:

Add Google DNS Server IP Address Under Linux

Edit the /etc/resolv.conf file and add above two ip address:


Mount an ISO image under Linux

Mounting ISO images under Linux using loop device.

Assuming /mnt/disk directory is already exists, if not then create it before running the below command.


# mount -o loop PathTo/images.iso /mnt/disk

That's it, images.iso has been mounted under /mnt/disk and now you can browse the files.


# umount /mnt/disk

What is loop device, click to read more about loop device. More about loop device.

Sunday, December 13, 2009

Too fast to report a problem!

Today when i tries to send SMS using gnokii from laptop with 'gnokii --sendsms' command it gives a long core dump, my bad that I didn't tries anything at my end and reported a problem on gnokii mailing list.
After a while when I tries with plug/unplug the USB cable which attached with my laptop and phone wow after this simple troubleshooting the 'gnokii --sendsms' start working.

Conclusion: Never report a problem on mailing lists but first exhausting every option at your end.

Make Your Own Holiday Cards with GIMP

Make Your Own Holiday Cards with GIMP: "It's the holiday season! And regardless of which holidays you celebrate, it's a good time to connect with relatives and absent friends.

Maybe you can send them some cards! But those packaged cards... so drab, so dull. Wouldn't it be more fun to make your own? GIMP is a great tool for that..."

Slashdot Linux Story | GNOME Developer Suggests Split From GNU Project

Slashdot Linux Story | GNOME Developer Suggests Split From GNU Project: "'In a recent posting from Philip Van Hoof, he suggests that GNOME split off from the GNU Project and has proposed a vote. He was informed he will need 10% of members to agree for a vote to be put forth. At the same time, David Schlesinger (on the GNOME Advisory Board) has agreed on a vote. Stormy Peters said she doesn't agree with this, but then gave everyone instructions on how to proceed with a vote. She mentioned that roughly 20 members are needed to agree.'"

Friday, December 11, 2009

Inserting character at some location using sed

Inserting Colon ":" after every 2nd digit

Before insertion: 0022938bdea4
After insertion: 00:22:93:8b:de:a4

Method 1: This will also insert Colon in the end
sed 's/\(..\)/\1:/g' <<<0022938bdea4


Method 2: This will work fine without doing the ending colon.
sed -e 's/\(..\)/\1:/g' -e 's/.$//' <<<0022938bdea4

Method 3: Same as Method 2
a=$(sed 's/\(..\)/\1:/g' <<<0022938bdea4); echo "${a:0:${#a}-1}"

Doing it on a file containing the data

while read file; do sed -e 's/\(..\)/\1:/g' -e 's/.$//' <<<"$file";done < mac_addresses.txt

Creating tar archive of the directories

Below is the script for creating .tar archives of the directories containing files, I have coded this script to create .tar archive of the RADIUS bill files.

This script simple create .tar (without compressing it) and later gzip filename could be used to compress the .tar files.

Script require one argument in the form of YYYYMM to create tar archive of all the directories for the specific month of the year.

For example to run, in the current directory

./billfiles 200912 <---will create .tar archives of all the directories in the current directory which have name like 200912*

The script

# Author: Askar Ali Khan
# Date: 2009-02-10
# Purpose: To create tar of bill files
# billfiles


if [ ! "$1" ]
echo "Must provide correct month"
echo "Format: YYYYMM Eg, 200901"
exit 0

if [ ! -d "$SOURCEDIR"/"$1" ]
echo "Directory does not exists,creating ...."
mkdir "$SOURCEDIR"/"$1"
echo "Directory already exists"
exit 0

# Creating tar
for f in "$1"*
echo "Making $f.tar, please wait..."
tar cvf "$SOURCEDIR"/"$1"/"$f".tar "$f"


Wednesday, December 9, 2009

New day!

I am feeling sleeping coz last night my daughter Ayesha was not feeling well and keep awaking all night. Well this is what usually kids do in this age, when its time to sleep they wake up :)
And this is what fun part of life, to sacrifice your sleep for your beloved ones.
Lot of work to do at work, today we have to finalize the shifting of Broadband users to new AAA which were previously made available by moving all the Narrowband users to another AAA.
I have already created all the required charge policies and services so that during time we do not have to waste time on making them.

I have still do modify the manual provisioning scripts to work with Oracle, as the old BB AAA have IBM IDS backend while this one having Oracle 9i.

I wouldn't be difficult to as I have already modified the "Close Account" script to use Oracle and only left the "Create Account" script.

My daughter Ayesha growing

My beloved daughter Ayesha is now almost one year and 2 months old and she is learn fast, walking by her own :)
Its really a fun watching her learn a little thing and walk, smile. Its all about her after I get back to home after work.

Tuesday, December 8, 2009

Google Dictionary

Recently Google launches free online dictionary Google Dictionary. So google is going to give a tough time to work/meaning providers :)
I think that the really interesting thing is how they've integrated Google Translate into the drop down language list. Absolutely beautiful. Very useful. Nice work.

Google Chrome Browser for Linux

Finally google release BETA version of chrome browser for Linux and OSX plateform, I have just install it on my laptop running Fedora 12. Installation was straight forward and as usual google chrome is fast and kick ass browser like all other google applications (GMAIL, gtalk, maps, google search) name the few :)

Google Chrome Extensions Are Now Available is now open for Windows and Linux users — but not yet for Mac — and contains around 300 extensions.

Friday, November 20, 2009

Upgrade to Fedora 12 using preupgrade

Today I have upgraded my work laptop from Fedora 10 to Fedora 12 using 'preupgrade' and guess what everything went smooth and here I am currently blogging from Fedora 12 :)

Perhaps I have upgraded to Fedora 12 on both of my work and home laptops.

Here are the steps which I followed to upgrade to Fedora 12.

1. Fedora 12 upgrade requires quit some extra space on /boot partition (which is default 200MB with fedora install), before doing the upgrade first move all the extra kernels and leave only the last working one.

2. Adjust the number of reserved filesystem blocks on /boot partition using the command tune2fs. first need to identify the block device for your /boot file system. In the example below, /dev/sda1 is the block device for the /boot filesystem.

# mount | grep "/boot"
/dev/sda3 on /boot type ext4 (rw)

Now, adjust the number of reserved blocks for the /boot filesystem using the command tune2fs

# tune2fs -r 0 /dev/sda3

3. Finally run the preupgrade command to start fetching the packages while you continue to do your work, remember the downloading will takes times depending on your Internet pipe :)

# preupgrade


sudo preupgrade

4. After download finish it will ask to reboot the system and then the installation process will begin which will again takes sometime. And then only one last reboot and here is the shiny Fedora 12 Constantine Desktop :)

5. Some packages may no longer be supported by the new release. You may wish to remove these packages because they will no longer get security updates, and they may cause later conflicts with supported packages. These can be identified with the following command:

package-cleanup --orphans

Saturday, November 14, 2009

Securing Solaris 10 Host using ipfilter

Although the “svc:/network/pfil:default” is enabled and online on a default Solaris 10 installation, no device driver has been configured for it. So that to enable IPFilter, you’ll need to configure “pfil” so that it gets autopushed for the network drivers for which you want to enable your firewall. And then the network interfaces will need to be plumbed or replumbed.

The point to note here is that IPFilter is enabled per network device driver (hme, ge, qfe,… ).

# vi /etc/ipf/pfil.ap

and uncomment there the specific drivers you are interested in, man ipf(1M) for more.

You now have 2 choices. One : reboot. At boot time, when the “pfil” service is started, the startup script /lib/svc/method/pfil will run the autopush command on the /etc/ipf/pfil.ap file before the network interfaces are confgured so that everything will work as expected. Note that the same script will also start IPFilter with a very restrictive set of rules to cover the window of vulnerability during the time network is initialized and the “ipfilter” service is started.


svcadm enable ipfilter

autopush -f /etc/ipf/pfil.ap
ifconfig bge0 unplumb
ifconfig bge0 plumb netmask up

Now you are reading to write your firewall rules.

You will find some examples of the ipf.conf configuration file in /usr/share/ipfilter/examples. Just copy one of them over /etc/ipf/ipf.conf to start playing around.

Sample firewall rules.

# ipf.conf
# IP Filter rules to be loaded during startup
# See ipf(4) manpage for more information on
# IP Filter rules syntax.
# block all inbound packets.
block in from any to any
# pass through packets to and from localhost.
pass in from to
# allow a variety of individual hosts to send any type of IP packet to any
# other host.
pass in from to any
pass in from to any
# Allow all ICMP
pass in proto icmp from any to any

# Allow all Radius (the localhost running Radius software for authentication)
pass in proto udp from any to any port = 1812
pass in proto udp from any to any port = 1813
pass in proto tcp from any to any port = 1812
pass in proto tcp from any to any port = 1813

# Allow all from internal LAN
pass in from to any

Enabling/Disabling ipf

ipf -D disable
ipf -E enable

ipf -Fa -f /etc/ipf/ipf.conf read the ipf.conf

man ipf(1M) for more on ipf

Thursday, October 15, 2009

Removing ^M (Ctrl +M) characters

Time to time we have to delete ^M charaters in *nix from a files, here is a simple script which will do it fast.

# To remove ctrl+M character from txt file in solaris
# Date: 2009-02-06

if [ -f $1 ]
tr -d '\15' < $1 >newname
mv newname $1

Script first remove the ^M characters and then move the file to same filename.

Wednesday, October 14, 2009

Nagios Read Only Access

Today I got a task to provided Nagios Read Only Web access to Contact Centres, and Google for a 2 minutes tells that a nice guy Derrick have written a readonly cgi patch for Nagios.

When I tries to patch the Nagios source it give error...

Reversed (or previously applied) patch detected! Assume -R? [n]

Which mean I did have missed something "ChangeLog" between Nagios version 3.0.x to 3.2.x, hey no more manual patching is required if you are running latest version of Nagios, as the Nagios Team have included the patch into the Nagios Core :)

So all one have to do is to add all the users to Nagios cgi.cfg file directive...


That's all, thumb up for Derrick for the nice patch and thanks to Nagios team for including it in the Core.

Tuesday, October 13, 2009

Installing configuring Gnokii on Linux

Gnokii provides tools and a user space driver for use with mobile phones under various operating systems (most testing is done under Linux but also Solaris, *BSD family and MS Windows families are known to work. Using Gnokii one can send/receive SMS, phonebook, call management and others.

Installation from rpm manager (yum)

Gnokii package is available via most of Linux distro repository, on Fedora 10 the below will install the gnokii package if not then do the installation from source.

yum install gnokii

Installing from Source:

1. Download the gnokii source download.
2. Untar the source and change (cd) to gnokii source directory


./configure (to configure)
make (to compile)
make install (to install the binaries)

Copy the example config file for gnokii from the Docs/sample/ directory to your home directory:

$ cp Docs/sample/gnokiirc ~/.gnokiirc

If you copied the .gnokiirc file to your home directory (not root) then do not forget to add your shell user account to uucp otherwise you wouldn't able to use gnokii due to permission problem on serial device you setup in .gnokiirc file.

$ groups
askar wheel uucp

I have tested Gnokii with my Motorola L6/L7 cell phones check whether your phone is supported or not. (Tip.


Gnokii uses gnokiirc file for all this configuration, if gnokii has been installed via package manager then most probably it may have installed a /etc/gnokiirc file, the settings in this file will be used in the absence of a .gnokiirc file in your home directory.

Below is the minimum setting we need.

Note: usually you only need to edit the port and model part only

port = /dev/ttyACM0 # Set to port on which your phone is connect Tip: check /var/log/messages ]
model = AT
initlength = default
connection = serial
use_locking = no
serial_baudrate = 19200
smsc_timeout = 10
allow_breakage = 0
bindir = /usr/sbin/
#TELEPHONE = 12345678
debug = off # Turn it on for debugging
rlpdebug = off
xdebug = off

While phone is connected and /etc/gnokiirc or .gnokiirc has been setup properly.

2. Check if you phone has been recognize by gnokii.

gnokii --identify

GNOKII Version 0.6.27
IMEI : IMEI359411000810925
Manufacturer : Motorola CE, Copyright 2000
Model : GSM900","GSM1800","GSM1900","GS
Product name : GSM900","GSM1800","GSM1900","GS
Revision : R4513_G_08.B7.DCR_R

This is what I get for my Motorola L7 connected with via USB cable with my laptop running Fedora 10.

Note: you should see gnokii identified your cellphone/gsm modem, if you don't see it, update your ~/.gnokiirc or /etc/gnokiirc to suit your need

Note: During testing use 'root' account or you will need read/write permissions on whatever serial port you specify in /etc/gnokiirc or .gnokiirc file.

Using Gnokii

All the below information and more can be found here.

Backup & Restoration of phonebook on phone SM card using gnokii


gnokii --getphonebook SM 1 end --vcard > myphonebook.vcf


gnokii --writephonebook --vcard \< myphonebook.vcf

Handling calls

To dial a voice call:

gnokii --dialvoice 12345678

SMS Sending and Receiving

Use smsd if you need both to send and to receive SMS. You can use it with a file or a database backend.

If you only need to send, you can also use gnokii --sendsms, which reads message body from stdin.


echo "This is a test message" | gnokii --sendsms +12345678


gnokii --sendsms +12345678
type your text and press

Ctrl+d to exit.

You can also use the utils/sendsms bash script that uses a text based interface using dialog as a more friendly frontend to gnokii --sendsms, allowing you to pick recipient numbers from your phonebooks instead of typing them on the command line.

In my next article you can learn how to use Gnokii + Nagios for sending SMS Notifications from Nagios whenever there is problem with any of the monitored host/service

Sunday, October 11, 2009

SUSE Studio

SUSE Studio is a ...

  • SUSE Studio is a simple and fast appliance builder.
  • It provides an easy to use, web-based user interface and will run in your browser without other needed software.
  • One great feature is the SUSE Studio Testdrive. You can boot, configure and test your appliance in a browser window without download.
I have used to to create customize Suse (Gnome Desktop) and Minimal X Vmware images which later I have booted with Virtualbox. One can easily convert images created for vmware to virtualbox.

I like Suse Studio and its kinda revolution in the field of OS.

Monday, October 5, 2009

Checking invalid SSH attempts

Running the following will gives the unique count of invalid SSH attempts on Linux server.

sudo awk 'gsub(".*sshd.*Failed password for (invalid user )?", "") {print $1}' /var/log/secure | sort | uniq -c | sort -rn | head -10

Or all of the /var/log/secure* files

sudo awk 'gsub(".*sshd.*Failed password for (invalid user )?", "") {print $1}' /var/log/secure* | sort | uniq -c | sort -rn | head -10

Monday, September 28, 2009

Domain name resolutions using 'host' command in Linux

host - DNS lookup utility

host is a simple utility for performing DNS lookups. It is normally used to convert names to IP addresses and vice versa.

1. In this example we are asking host to give us the IP of

host has address

2. For more detailed output use -v or -d switch

host -v
Trying ""
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58441 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ; IN A ;; ANSWER SECTION: 600 IN A ;; AUTHORITY SECTION: 600 IN NS 600 IN NS ;; ADDITIONAL SECTION: 85792 IN A 85792 IN A Received 130 bytes from in 174 ms Trying "" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5014 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ; IN AAAA ;; AUTHORITY SECTION: 600 IN SOA 200803202 28800 7200 2419200 86400 Received 95 bytes from in 19 ms Trying "" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9732
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3




;; ADDITIONAL SECTION: 600 IN A 85792 IN A 85792 IN A

Received 151 bytes from in 12 ms

3. For particular type of DNS record for example NS, MX, SOA, CNAME use the -t option. In the following example will search for name server (NS), mail exchanger (MX) and Start of Authority (SOA) for

host -t NS name server name server

host -t MX mail is handled by 10

host -t SOA has SOA record 200803202 28800 7200 2419200 86400

For more information on host read the RTFM (man host)

Sunday, September 27, 2009

Installing NRPE in Solaris 10

1. Install NRPE and dependencies using blastwave repository, if new to blastwave then follow the howto use the repostory for installing third party and GNU tools in Solaris.

/opt/csw/bin/pkgutil -i nrpe

2. Download manifest files
wget -P /tmp/

# cd /tmp
# unzip
# mv nrpe/manifest/nagios-nrpe.xml /var/svc/manifest/network
# mv nrpe/method/nagios-nrpe /lib/svc/method/nagios-nrpe
# svccfg import /var/svc/manifest/network/nagios-nrpe.xml

3. Create nrpe.cfg file
mv /opt/csw/etc/nrpe.cfg-sample /opt/csw/etc/nrpe.cfg

4. Fixing permissions
chown nagios:nagios /opt/csw/etc/nrpe.cfg
chmod ug+x /lib/svc/method/nagios-nrpe

5. Starting NRPE daemon
# svcadm disable nrpe
# svcadm enable nrpe

That's all confirm that nrpe is running and listening on port 5666

# svcs | grep nrpe
online May_29 svc:/network/nagios/nrpe:default

# netstat -a | grep 5666
*.5666 *.* 0 0 49152 0 LISTEN
Booting Linux Over HTTP

Wow one now can boot Linux over HTTP with BKO, sound very interesting project soon I'll give a try to it.
All one need a machine and have to dowload a small bootable 56K program (pgxe) which take care of network connectivity. After downloading the pgxe have burn it to CD, or copy to USB stick.

Linux Distributions supported or available to boot over HTTP..
1. Debian : Debian live
2. Ubuntu : 9.04
3. Damm Small Linux : Lightweight linux distribution with GUI.
4. Knoppix : Knoppix 5.0.1 English.
5. Fedora 11 Live CD : Currently only single user mode is working. (Working on complete live CD)

Squid configurations examples

Here are the collection of Squid Configurations contributed by me on wiki-squid intended to demonstrate the flexibility of Squid.

In this example a squid installation will use LDAP to authenticate users before allowing them to surf the web. For security reasons users need to enter their username and password before they are allowed to surf the internet.

In this example a squid installation will use Mysql to authenticate users before allowing them to surf the web. For security reasons users need to enter their username and password before they are allowed to surf the internet.

In this example a squid installation will use RADIUS "squid_radius_auth" Squid RADIUS authentication helper to authenticate users before allowing them to surf the web. For security reasons users need to enter their username and password before they are allowed to surf the internet.
Installing Postfix in Solaris 10

Solaris 10 like all other Unix/Linux comes with sendmail by default, however managing sendmail is difficult that's where Postfix come into picture.
Postfix is easier to install and configure in Solaris 10 this is how I did it a while back.
Hope this will also help other fulks looking for installing Postfix in Solaris 10.

Wednesday, September 16, 2009

Securing the BIND using "Views"

BIND server is not without centain vulnerabilities, a bad guys can turn misconfigured bind into launching platform for DDOS attacks. Vandals can also take advantage of an insecure BIND configuration and poison the cache, thus permitting host impersonation and redirecting legitimate traffic to black holes or malicious hosts.

Here you will learn how to secure BIND using views, the sample config is for cache only named server and can easily be modified and used for your primary DNS server which could be authorized for your company domain.


acl "trusted" {
// Place our internal and DMZ subnets in here so that
// intranet and DMZ clients may send DNS queries. This
// also prevents outside hosts from using our name server
// as a resolver for other domains. // Replace it with your network

logging {
category lame-servers {null; };

options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
// query-source address * port 53;
// Prevent DoS attacks by generating bogus zone transfer
// requests. This will result in slower updates to the
// slave servers (e.g. they will await the poll interval
// before checking for updates).
notify no;

// Generate more efficient zone transfers. This will place
// multiple DNS records in a DNS message, instead of one per
// DNS message.
transfer-format many-answers;

// Set the maximum zone transfer time to something more
// reasonable. In this case, we state that any zone transfer
// that takes longer than 60 minutes is unlikely to ever
// complete. WARNING: If you have very large zone files,
// adjust this to fit your requirements.
max-transfer-time-in 60;

// We have no dynamic interfaces, so BIND shouldn't need to
// poll for interface state {UP|DOWN}.
interface-interval 0;

// a caching only nameserver config
controls {
inet allow { localhost; } keys { rndckey; };

view "trusted" IN {
// Our internal (trusted) view. We permit the internal networks
// to freely access this view. We perform recursion for our
// internal hosts, and retrieve data from the cache for them.
match-clients { trusted; };
recursion yes;
additional-from-auth yes;
additional-from-cache yes;
// Link in our zones
zone "." IN {
type hint;
file "";

zone "localdomain" IN {
type master;
file "";
allow-update { none; };

zone "localhost" IN {
type master;
file "";
allow-update { none; };

zone "" IN {
type master;
file "named.local";
allow-update { none; };

zone "" IN {
type master;
file "named.ip6.local";
allow-update { none; };

zone "" IN {
type master;
file "named.broadcast";
allow-update { none; };

zone "" IN {
type master;
file "";
allow-update { none; };
view "badguys" IN {
// Our external (untrusted) view. We permit any client to access
// portions of this view. We do not perform recursion or cache
// access for hosts using this view.
match-clients {"any"; }; // all others hosts
recursion no;
additional-from-auth no;
additional-from-cache no;

// Link in our zones
zone "." IN {
type hint;
file "";

zone "localdomain" IN {
type master;
file "";
allow-update { none; };

zone "localhost" IN {
type master;
file "";
allow-update { none; };

zone "" IN {
type master;
file "named.local";
allow-update { none; };

zone "" IN {
type master;
file "named.ip6.local";
allow-update { none; };

zone "" IN {
type master;
file "named.broadcast";
allow-update { none; };

zone "" IN {
type master;
file "";
allow-update { none; };
// Create a view for all clients perusing the CHAOS class.
// We allow internal hosts to query our version number.
// This is a good idea from a support point of view.
view "external-chaos" chaos {
match-clients { any; };
recursion no;

zone "." {
type hint;
file "/dev/null";

zone "bind" {
type master;
file "db.bind";

allow-query {
allow-transfer {

include "/etc/rndc.key";

The db.bind zone file

The db.bind zone file is used to track miscreants who attempt to query the CHAOS TXT records version.bind and authors.bind. You can also use this zone file to change the strings returned by such queries. Using the "version" directive in the options stanza will block the version.bind query, but it will not log such attempts.

; @(#)db.bind v1.2 25 JAN 2001 Rob Thomas
$ORIGIN bind.
@ 1D CHAOS SOA localhost. root.localhost. (
2001013101 ; serial
3H ; refresh
1H ; retry
1W ; expiry
1D ) ; minimum
CHAOS NS localhost.

version.bind. CHAOS TXT "BIND 9.1.3+robhacks"
authors.bind. CHAOS TXT "are better coders than I. :)"

Tuesday, September 15, 2009

Converting VMware image to VirtualBox

VirtualBox can run VMs created by VMware Workstation or Server for this you need to import vmdk files using the following procedure

* Start Virtual Box

* Goto File > Virtual Disk Manager

* Click Add. Locate and select the copied .vmdk file. Click OK.

* Create a New VM as usual using the added vmdk file

* Boot the VM

Monday, September 14, 2009

OpenSolaris vs. Linux, For Linux Users

With Sun busy being swallowed up by Oracle, should Linux geeks pay any interest to OpenSolaris? TuxRadar put together a guide to OpenSolaris's most interesting features from a Linux user's perspective, covering how to get started with ZFS and virtualisation alongside more consumer-friendly topics such as hardware and Flash support.

Linux Tip/Tricks continue...

Command to search packages with duplicats sort them

rpm -qa --qf "%{name} %{epoch}:%{version} - %{arch}\n" | sort

Creating thumbnails on the fly using ImageMagick

for img in *.jpg; do convert -resize 200 "$img" thumb_"$img";done

Renaming all files in current directory to filename.orig - you should use quotes around $file if your filenames contain spaces

for file in *; do mv $file $file.orig; done

Chop value to two decimal places using 'bc'

printf "%.2f\n" $(echo $'scale=2\n'"1.006"'+.005' | bc)

Finds all files over 20,000KB (roughly 20MB) in size and presents their names and size in a human readable

find / -type f -size +20000k -exec ls -lh {} \; | awk '{ print $9 ": " $5 }'


find / -type f -size +20M -exec ls -lh {} \;

Find some text in lot of files and then delete those files

grep -rls "PATTERN" . | tr '\n' '\0' | xargs -0 rm

Saturday, September 12, 2009

Linux Tip/Tricks continue...

To print unique IPs from squid access.log and sort them
awk '{print $3}' /var/log/squid/access.log.0 | sort -ut . -n -k 1,1 -k 2,2 -k 3,3 -k 4,4 | nl

This one doesn't sort but gives uniq ips with line number.
awk '{print $3}' /var/log/squid/access.log.0 | sort -u | nl

To put some text on every blank line
sed 's/^/some text/' urls > newfile

To kill the process
ps -ef | grep xterm | awk '{print $2}' | xargs kill -9

Check if the machine is live, useful for use in scripts.
if ping -c 1 >/dev/null 2>&1; then echo "live";else echo "dead";fi

Friday, September 11, 2009

Linux Tip and Tricks continue...

Continuation with the day to day commands that I have compiled over the time.

Removing commented lines (starting with #) from a file
grep -v '^#' squid.conf >

To remove empty lines from a text file. I've been using sed with
sed '/^ *$/d' > squid.conf.nospace

Do the same thing with sed in one line
$ sed '/^#/d' squid.conf.default | sed /^$/d >

To remove all commented lines (starting with #) and blank lines from a file
sed -e '/^\(#\|$\)/ d' squid.conf.default >

Same thing using egrep
egrep -v '^(#|$)' squid.conf.default >

grep '^[^#]' squid.conf >

Thursday, September 10, 2009

Hammad got admission in BCS

Hammad got admission in Mardan Univeristy BCS, he is now university going boy :)
It was another cool day of Ramadan, nothing much at work (in this holy month working get bit slow).
In the morning did a tape backup of AAA data, backup taking is already automated including backing up to external machine and restoring.
Tomorrow there is a meeting call on the proposed expansion BRAS project in the CDDT building H9, Mr. Imtiaz (GM IP OPs MMBB Core) will chair the meeting.

Wednesday, September 9, 2009


Today after a long time I have contact one of my childhood friend Shamsul Qamar. We lived and grow up in Mirpurkhas Sugar Mills colony where both of our fathers were working.Its was very nice to talk to one childhood friend, it reminds the great and ever lasting memories of childhood.He is working in sugar industry like his father and lives with his family in Torro (Mardan), Shams promise to visit me during coming Eid and I am looking forward :)

Monday, September 7, 2009

Linux commands

Here are the series of commands bash tip/tricks which I have learn time to time while working.

# To report oldest file in a directory
ls -1rt | head -n1

# To rename lot of files to different name
for i in `find -type d`; do mv $i `basename $i (ska)`; done

# Very handy while copying ssh public key to remote server, where one have to create .ssh directory, authorized file, keeping the permissions straight.
mkdir .ssh --mode 700 ; touch .ssh/authorized_keys ; chmod 644 .ssh/authorized_keys
# Whats the quick way to remove from ?


# Finding files and then deleting them

find /software/ftp/ -name '*.exe' -print0 | xargs -0 rm -f

Or much better to use the -exec action:

find /software/ftp/ -name '*.exe' -exec rm {} \;

# Extract url for path to Full version of last kernel for each branch

wget -O /dev/stdout 2>/dev/null | grep ">F<"|head |awk -F "\"" '{ print $2 }' # This version will download the kernels wget -O /dev/stdout 2>/dev/null | grep ">F<"|head |awk -F "\"" '{ print $2 }'|while read line;do if [ -n "$line" ]; then wget -c "$line";fi;done#

#Find files that has been access +n days ago and then remove it.

find . -mtime +180 -exec ls -lh {} \;
find . -mtime +180 -exec rm -f {} \;

Updating Nagios package

Today at last I have updated the Nagios package which was delayed from quit sometime.

Updating was quite transparent, only the index.php page has been replaced. Actually instead of displaying the default Nagios index page I have changed it to display the "Host Group Summary" page to all using Nagios web UI.

So all I have to do to change

/usr/share/nagios/index.php (path might be different if installed from source)

frame src="main.php" name="main" frameborder="0"


frame src="/nagios/cgi-bin/status.cgi?hostgroup=all&style=summary" name="main" frameborder="0"

Sunday, September 6, 2009

Sunday is family day

Its Sunday so like every Sunday its family day. On Sunday night i usually watch movie but due to ramadan karim I am not watching movies.
Yesterday i was watching news and then while checking email found an email from Pat (founder of Slackware, a oldest serviving Linux distro). Wow Pat and team released Slackware 13.0 in 2009-08-27.
Its always nice to see Pat working hard and releasing the stable versions of slackware.
Slackware is my favourite Linux distro, and i used it exclusively as my home and work desktop OS for almost 3 years.
However due to work nature (need to work more) got switched to Fedora. Switching off from Slackware doesn't mean that I do not like it. I learn Linux with slackware, and I am still a proud slacker :)
Well Fedora is bit easier to maitain and installing packages is also easy using YUM.

Thursday, September 3, 2009

Ayesha wake up in Peshmani

Today at the time of Peshmanay my daughter Ayesha wake up, normally she sleeping at that time while me and my wife talk our food. Well long story short then she wants us to play and listen to her :)
It took another hour and half when she again went sleep.

Ayesah is almost 11 month old now and she is getting very naughty and its very hard for both of us to keep and eye on her not just an eye but these age babies require a very close watch and i am thinking to monitor her via Nagios :)

Love Open Source

I love open source, not because this community provide free and the best software but bcoz they way this community works. I wish one day all the evil IT empires will open source there fat ass softwares.


You either fight fires all day, or build a flame resistant structure. Monitoring is the smoke detector. Notification is the alarm system. Fireman, or Fire Marshall - take your pick...

If you are not monitoring, then you are not managing.

Wednesday, September 2, 2009

I almost forget to talk about my daughter, whom is the centre of gravity these days.
I wonders how smart she is getting day by day, while we (me and my wife) sit during the iftar she is the one to handle :)
She tries to get her hands to each pot she see and if Ayesha got spoon in her hands then its drums all around.
Ayesha mother wait till I come back from work so that she could start working in the kitchen and i could look after Ayesha.
We father and daughter went out after the prayers of Asar. Ayesha loves going out (probably she got bored staying at home all day).
Its the Holy month of Ramadan and during this month we fast. Tell you what I got too lazy coz of level of energy :)
As Allah says this month is for me so we fast with devotion to get all out of the this holy month in term of recetation of Quran, praying 5 times (this we do the whole year), the prayers of travis.
After the whole day of fasting its really a blessing when one Iftar, this is the real time to thanks Allah for all his givings.
During the month of Ramadan one could realize for can imagine a bit the feelings of one who's hungry.
This month is the month of brotherhood, love, devotion.

Wednesday, July 22, 2009

Today nagios has been successfully integrated with gnokii SMS gateway. Now each work group will receive SMS notification in case of problem with any host/service in our infra.
There is still plenty of work to do, for example need to add lot of devices/hosts monitoring.

Monday, July 20, 2009

After two hot summar days today weather is kinda pleasant and clouds are hanging on the sky hopes there will be some rain fall to turn the weather more pleasant.
Today my two nephews Hammad & Ahrar Khan's F.Sc result were announced and with the grace of Almighty Allah both passed the exams with bright colors.
Ahrar have got 359 out of 550 in F.Sc Part 1 so he will sit in F.Sc Part II very soon.
Hammad Khan have got 621 out of 1050 in F.Sc part II.
Whole the family down in Mardan are very happy with the success of our kids :)
Hammad Khan is interested to get admission in the BCS computer, hope he will got admission in some decent university.

Saturday, July 18, 2009

Ayesha is sleeping so I have time to check my emails and slashdot. On Off day like sunday its all about Ayesha, me and my wife. We spend all time together sometime go outing/shopping.
However as its too hot in here these days we prefer to spend time inside.
Ayesha love to go out, (all the kids love to go outside :))

Monday, July 13, 2009

Its working, my fault I was too quick to check my web blogs.
Yesterday I have added few more hosts in nagios, most of them where Linux hosts.
For SMS notifications from nagios I have to work on integrating nagios with our company SMS system.
I don't know but my last post from Drivel not appear in my blog.
My baby girl Ayesha will turn 9 month old on July 25th. She is now crawling and laughing, after work all my time spend with here. When my wife work in the kitchen I look after my baby girl, which is not easy task :).
Ayesha is very cute (he got the father face ;) )

Thursday, July 9, 2009

Finally nagios machine has been installed in the NOC and its back up. Now need to extend the monitoring by adding other hosts. For adding other hosts I'll require help of other sysadmins as I do not have the access for servers installed in there domains.

Tuesday, July 7, 2009

Yesterday I tried to install Drivel blog editor on my home laptop running Fedora 11, for my surprise Fedora 11 no longer have Drivel in the repository.
Before I have installed Drivel on my work laptop which running Fedora 10 and Drivel exists in Fedora 10 repository.
I tried to google but didn't find anything why fedora folks drops nice blog editor like Drivel from there repository.
I thinks author of Drivel is no more actively working on the code and this is why Fedora folks drop it from there latest release. As its hard to support unmaintained code in the distribution.
Anyhow for Fedora 11 I have to look some other desktop blogging editor.
The nagios machine which I shifted from Rawalpindi Old paknet Noc to H-9 ISP-NOC and its mounting is till pending. We need the NOC guy help to mount it in the rack, to get network connectivity and power etc. The NOC guy promise to do it first thing tomorrow, lets see... BTW here in my organization we do not have any decent monitoring system for our Linux/Unix servers...guess our company is living without one "pity". Recently I have initiated to have nagios for monitoring our infra servers and management agreed to try nagios. More on nagios later.
Wow its working :D.
Drivel look promising, no need to login to web for posting blogs, now I can blog using Drivel from my Linux desktop.

To install Drivel on Fedora all one have to do

sudo yum install drivel

yum will take care of all the dependencies. Once install launch the drivel from Application-Internet menu.

And then login to or any other blogging site by entering your credentials.

And then start blogging right from your Linux desktop :)
Ok, now I am using Drivel for blogging from my Linux desktop.

First day at blogger

While today reading article on found a software for blogging right from Linux desktop using "Drivel", in the mean time i wonders i have to try Drivel then i need a blogging account so here I am :)
This is my first blog and I am using the web, but soon I'll install Drivel on my Linux desktop (Fedora 10) and will do the blogging using it.