25
May

tmux - terminal multiplex

   Posted by: admin   in Mẹo vặt của hiếu râu

/etc/tmux.conf

set-option -g prefix C-a

unbind-key C-b

bind-key C-a send-prefix

set-option -g status off

#set-option -g status-bg blue

set-option -g pane-border-fg black

set-option -g pane-active-border-fg black

set-option -g mouse-select-pane on

Comments Off
5
May

spamassassin + fail2ban

   Posted by: admin   in Mẹo vặt của hiếu râu

yum install spamassassin spamass-milter
yum install perl-Mail-SPF perl-Mail-DKIM perl-Razor-Agent pyzor poppler-utils re2c
chkconfig spamassassin on
chkconfig spamass-milter on
service spamassassin start
service spamass-milter start
vi sendmail.mc
INPUT_MAIL_FILTER(`spamassassin', `S=unix:/var/run/spamass-milter/spamass-milter.sock, F=, T=C:15m;S:4m;R:4m;E:10m')dnl
define(`confMILTER_MACROS_CONNECT',`t, b, j, _, {daemon_name}, {if_name}, {if_addr}')dnl
define(`confMILTER_MACROS_HELO',`s, {tls_version}, {cipher}, {cipher_bits}, {cert_subject}, {cert_issuer}')dnl
make
/etc/init.d/sendmail restart
spamassassin -D < /usr/share/doc/spamassassin-3.3.1/sample-spam.txt 2>&1|grep -i spf
$ diff -u spamd.org /usr/sbin/spamd
--- spamd.org	2011-04-21 23:35:10.000000000 +0000
+++ /usr/sbin/spamd	2011-04-22 00:11:17.000000000 +0000
@@ -1593,7 +1593,10 @@

   my $scantime = sprintf( "%.1f", time - $start_time );

-  info("spamd: $was_it_spam ($msg_score/$msg_threshold) for\
  $current_user:$> in"
+  my @from_addrs = $mail->get_pristine_header("Received");
+  join("\n",@from_addrs) =~ m/(\[\d+\.\d+\.\d+\.\d+\])/;
+  my $from_addr = $1;
+  info("spamd: $was_it_spam ($msg_score/$msg_threshold) from\
  $from_addr for $current_user:$> in"
        . " $scantime seconds, $actual_length bytes." );

   # add a summary "result:" line, based on mass-check format
# Fail2Ban filter for spamass-filter failures
#

[INCLUDES]

before = common.conf

[Definition]

failregex = spamd: identified spam .* from \[<HOST>\]

ignoreregex =

# DEV Notes:
#
# Author:
cat /etc/sysconfig/spamass-milter
### Standard parameters for spamass-milter are:
### -f -P /var/run/spamass-milter.pid
### These run the milter as a daemon and have it write a PID file
###
### You may add another parameters here, see spamass-milter(1)
EXTRA_FLAGS="-r 6"
Comments Off
26
Apr

apache error : No space left on device

   Posted by: admin   in Mẹo vặt của hiếu râu

# less /var/log/httpd/error_log

08:52:28 2016] [emerg] (28)No space left on device: Couldn’t create accept lock (/etc/httpd/logs/accept.lock.9206) (5)

# ipcs -s

# for i in `ipcs -s | awk ‘/apache/ {print $2}’`; do (ipcrm -s $i); done

# ipcs -s

Comments Off
18
Mar

Devtools2 for CentOS

   Posted by: admin   in Mẹo vặt của hiếu râu

source link https://braaten-family.org/ed/blog/2014-05-28-devtools-for-centos/

Posted on 2014-05-28 by Ed Braaten

I needed to compile some source that required a newer version of the GNU GCC compiler than the ancient 4.4.7 20120313 that comes with my fully-up-to-date CentOS 6.5 Linux system. Following the steps below, I was able to install and use devtools-2 which contains a fully functioning 4.8.2 20140120 version of the GNU GCC compiler environment.

  1. Go to the /etc/yum.repos.d/ directory on your system and download the devtools-2.repo file from http://people.centos.org/tru/devtools-2/:


    2. cd /etc/yum.repos.d
    wget http://people.centos.org/tru/devtools-2/devtools-2.repo

  2. Install the gcc, binutils, fortran, and C++ packages with:


    3. yum install devtoolset-2-gcc
    yum install devtoolset-2-binutils
    yum install devtoolset-2-gcc-gfortran
    yum install devtoolset-2-gcc-c++

  3. Use the “scl” command to open a shell which is running in the devtools environment:


    4. scl enable devtoolset-2 bash

No mess, no fuss! The devtools-2 environment is fully self-contained and doesn’t impact your distro’s base compiler environment.

=========== UPDATE =============

# 1. Install a package with repository for your system:
# On CentOS, install package centos-release-scl available in CentOS repository:
$ sudo yum install centos-release-scl

# On RHEL, enable RHSCL repository for you system:
$ sudo yum-config-manager --enable rhel-server-rhscl-7-rpms

# 2. Install the collection:
$ sudo yum install devtoolset-6

# 3. Start using software collections:
$ scl enable devtoolset-6 bash
Comments Off
13
Mar

apache mod_qos

   Posted by: admin   in Mẹo vặt của hiếu râu

$ wget http://sourceforge.net/projects/mod-qos/files/latest/download

cd tools

./configure make make install

(replace automake-1.14 with -1.11)

$ cd mod_qos-10.15/apache2/
$ apxs2 -i -c mod_qos.c

[root@us conf.d]# cat qos.conf

LoadModule qos_module modules/mod_qos.so

# minimum request rate (bytes/sec at request reading):

QS_SrvRequestRate                                 120

# limits the connections for this virtual host:

QS_SrvMaxConn                                     100

# allows keep-alive support till the server reaches 600 connections:

QS_SrvMaxConnClose                                60

# allows max 50 connections from a single ip address:

QS_SrvMaxConnPerIP                                 25

# disables connection restrictions for certain clients:

#QS_SrvMaxConnExcludeIP                    172.18.3.32

#QS_SrvMaxConnExcludeIP                    192.168.10.

# allows not more than 20 events/penalty points per 10 minutes:

QS_ClientEventBlockCount                          20

# don’t allow a client to access /app/start.html more than

# 20 times within 10 minutes:

#SetEnvIf     Request_URI /app/start.html          QS_Block=1

# don’t allow more than 4 “403″ status code responses

# (forbidden) for a client within 10 minutes:

QS_SetEnvIfStatus        403                      QS_Block=5

QS_SetEnvIfStatus        301                      QS_Block=2

[root@us conf.d]#

Comments Off
2
Mar

linux performance monitor

   Posted by: admin   in Mẹo vặt của hiếu râu

#vmstat 2

#top

#glances

#sar -r

#to be continued …

Comments Off
5
Feb

freeRadius + PAM

   Posted by: admin   in Mẹo vặt của hiếu râu

# yum install freeradius

#yum install freeradius-utils

#cd /etc/raddb/sites-enabled
#rm inner-tunnel
#vi default
uncomment pam (Pluggable Authentication Modules)
#vi ../users
uncomment lameuser
add : DEFAULT AUTH-Type := PAM
#vi /etc/pam.d/radiusd
#%PAM-1.0
auth       required     pam_linotp.so nosslhostnameverify nosslcertverify url=https://localhost/OTP/pam.php
account    required     pam_permit.so
#auth       include     password-auth
#account    required    pam_nologin.so
#account    include     password-auth
#password   include     password-auth
#session    include     password-auth
#radtest my_username my_password localhost 18230 testing123
Sending Access-Request of id 228 to 127.0.0.1 port 1812
User-Name = “my_username”
User-Password = “my_password”
NAS-IP-Address = 127.0.0.1
NAS-Port = 18230
Message-Authenticator = 0×00000000000000000000000000000000
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=228, length=20
http://freeradius.org/pam_radius_auth/
Comments Off
22
Nov

php pthreads

   Posted by: admin   in Mẹo vặt của hiếu râu

error_reporting(E_ALL);
class AsyncWebRequest extends Thread {
    public $url;
    public $data;

    public function __construct($url) {
        $this->url = $url;
    }

    public function run() {
        if (($url = $this->url)) {
            /*
             * If a large amount of data is being requested, you might want to
             * fsockopen and read using usleep in between reads
             */
            $this->data = file_get_contents($url);
        } else
            printf("Thread #%lu was not provided a URL\n", $this->getThreadId());
    }
}

$t = microtime(true);
$g = new AsyncWebRequest(sprintf("http://www.google.com/?q=%s", rand() * 10));
/* starting synchronized */
if ($g->start()) {
    printf("Request took %f seconds to start ", microtime(true) - $t);
    while ( $g->isRunning() ) {
        echo ".";
        usleep(100);
    }
    if ($g->join()) {
        printf(" and %f seconds to finish receiving %d bytes\n", microtime(true) - $t, strlen($g->data));
    } else
        printf(" and %f seconds to finish, request failed\n", microtime(true) - $t);
}
Comments Off
17
Nov

mysql multi instance

   Posted by: admin   in Mẹo vặt của hiếu râu

mkdir -p /var/lib/mysql2
chown mysql:mysql mysql2


cp -p /etc/my.cnf /etc/my2.cnf


vi my2.cnf




[mysqld]
datadir=/var/lib/mysql2
socket=/var/lib/mysql/mysql2.sock
port=3337

[mysqld_safe]
log-error=/var/log/mysqld2.log
pid-file=/var/run/mysqld/mysqld2.pid








mysql_install_db --user=mysql --datadir=/var/lib/mysql2




mysqld_safe --defaults-file=/etc/my2.cnf &


netstat -antp | grep 3337




mysqladmin -S /var/lib/mysql/mysql2.sock shutdown -p


mysql -S /var/lib/mysql/mysql2.sock -u root -p
Comments Off
13
Nov

procmail - sendmail subject filter

   Posted by: admin   in Mẹo vặt của hiếu râu

[root@ns6 abc.cadena-it.com]# cat .procmailrc

VERBOSE=off

MAILDIR=$HOME/mail # elm users might use $HOME/Mail instead

DEFAULT=/var/spool/mail/abc.macatung.com

LOGFILE=$HOME/log

CLAMDSCAN=/usr/bin/clamdscan

:0

* ^Subject.*( naked | XXX | sex| Van Tai | Hang Khong | Visa )

/dev/null

:0

* ^From.*(MAILER-DAEMON)

/dev/null

:0

{

RESULT=`$CLAMDSCAN –stdout –no-summary -`

:0 Di

* RESULT ?? FOUND

/dev/null

}

[root@ns6 abc.cadena-it.com]#

general.rc


:0
* ^Cc.*joe@somewhere.org
* ^Cc.*me
{
	:0 c
	$DEFAULT

	:0
	SOME_FOLDER
}

:0
* ^Subject.*something-or-other
! another@address.com

lists.rc

:0
* ^From.*redhat.*list.*list.*@
redhat-lists

:0
* ^From.*owner@independence
independence-list

spam.rc

	  
:0
* ^From.*my-buddy
* ^Subject.*(Fwd|Forward|joke)
/dev/null

:0
* !(To|Cc).*my_address		# this is my account here
* !(To|Cc).*my_address_2	# I get mail forwarded from here
* !From.*my\.domain\.edu	# I trust the locals not to spam
* !From.*list.*@			# don't trash anything from mail lists
* !From.*good-buddy		# sometimes Bcc's me person mail to his sig-other
spam

:0
* ^From.*big-jerk
/dev/null

guestbook.rc

Subject:.*Form Posted
| cat&>$HOME/guestmail && \
$HOME/bin/guestscript $HOME/guestmail

Appendix: egrep regular expressions

Back to top

^ matches the beginning of the line
$ matches the end of the line
. Matches any single character
(character)* match arbitrarily many occurences of (character)
(character)? Match 0 or 1 instance of (character)
[abcdef] Match any character enclosed in [] (in this instance, a b c d e or f) ranges of characters such as [a-z] are permitted. The behaviour of this deserves more description. See the page ongrep for more details about the syntax of lists.
[^abcdef] Match any character NOT enclosed in [ ] (in this instance, any character other than a b c d e or f)
(expression) Group operator. Contents of parentheses treated as one character with respect to * , + , ? and | concatenation operators
\n Backreference - matches the contents of the nth set of parentheses
expression1|expression2 Matches expression1 or expression 2.
Comments Off
Back to top
Previous EntriesNext Entries