bash-4.3$ cat .xbindkeysrc
“qdbus org.kde.screensaver /ScreenSaver org.freedesktop.ScreenSaver.Lock”
b:9
“xte ‘keydown Escape’ ‘keyup Escape’”
b:8
bash-4.3$
Archive for the ‘Mẹo vặt của hiếu râu’ Category
17
Mar
mysql clustering
wget http://dev.mysql.com/get/Downloads/MySQL-Cluster-7.3/MySQL-Cluster-gpl-7.3.5-1.el6.x86_64.rpm-bundle.tar
tar -xvf MySQL-Cluster-gpl-7.3.5-1.el6.x86_64.rpm-bundle.tar
yum groupinstall 'Development Tools'
yum remove mysql-libs
yum install libaio-devel
rpm -Uhv MySQL-Cluster-server-gpl-7.3.5-1.el6.x86_64.rpm
vi config.ini
#####################################
[NDBD DEFAULT] NoOfReplicas=1 DataDir= /opt/mysql-cluster [MYSQLD DEFAULT] [NDB_MGMD DEFAULT] [TCP DEFAULT] # Section for the cluster management node [NDB_MGMD] # IP address of the management node (this system) HostName=10.10.255.175 # Section for the storage nodes [NDBD] # IP address of the first storage node HostName=10.10.255.176 [NDBD] # IP address of the second storage node HostName=10.10.255.177 # one [MYSQLD] per storage node [MYSQLD] HostName=10.10.255.176 [MYSQLD] HostName=10.10.255.177 ~
################################################
ndb_mgmd -f /opt/mysql-cluster/config.ini
ndb_mgm
>show
>shutdown
datanote
vi /etc/my.cnf
[mysqld]
ndbcluster
# IP address of the cluster management node
ndb-connectstring=10.10.255.175:1186
default-storage-engine=ndbcluster
[mysql_cluster]
# IP address of the cluster management node
ndb-connectstring=10.10.255.175:1186
/etc/init.d/mysql start
cat /root/.mysql_secret
ndbd –initial
http://skillachie.com/2014/06/30/mysql-cluster-getting-started-redhatcentos-6/
https://www.howtoforge.com/loadbalanced_mysql_cluster_debian
AuthType Basic AuthName "Auth Required" AuthUserFile /path/to/.htpasswd Require valid-user
Now adding the following below this will allow you to exclude directories and files
# Allow access to excluded diretories SetEnvIf Request_URI "path/to/excluded/directory/" allow SetEnvIf Request_URI "path/to/excluded/file" allow Order allow,deny Allow from env=allow Satisfy any
22
Nov
tcpdump
tcpdump -i eth0 -nnn -w pcap-%Y-%m-%d-%H-%M-%S.pcap -G 60
-C MB , -W num files, -G second
incomming TCP syn group by port
tcpdump -tttt -nn -r pcap-2016-11-22_10:42:32.pcap ‘tcp and dst 127.0.0.1 and tcp[13]=2′ | cut -f 6 -d ‘ ‘ | cut -f 5 -d ‘.’ | sort | uniq -c
incoming http syn group by source ip
tcpdump -tttt -nn -r pcap-2016-11-22_10:43:32.pcap ‘tcp and dst 127.0.0.1 and tcp[13]=2 and port 80′ | cut -f 4 -d ‘ ‘ | cut -f 1-4 -d ‘.’ | sort | uniq -c | sort -nr
Fin = 1
Syn = 2
Rst = 4
Psh = 8
Ack = 16
Ugent = 32
19
Oct
GSM modem linux
#dmesg
usb 2-2.1: new full speed USB device number 6 using uhci_hcd
usb 2-2.1: New USB device found, idVendor=067b, idProduct=2303
usb 2-2.1: New USB device strings: Mfr=1, Product=2, SerialNumber=0
usb 2-2.1: Product: USB-Serial Controller
usb 2-2.1: Manufacturer: Prolific Technology Inc.
usb 2-2.1: configuration #1 chosen from 1 choice
pl2303 2-2.1:1.0: pl2303 converter detected
usb 2-2.1: pl2303 converter now attached to ttyUSB0
#stty -F /dev/ttyUSB0
speed 115200 baud; line = 0;
min = 1; time = 5;
ignbrk -brkint -icrnl -imaxbel
-opost -onlcr
-isig -icanon -iexten -echo -echoe -echok -echoctl -echoke
# stty -F /dev/ttyUSB0 115200
# setserial -a /dev/ttyUSB0
18
Sep
freeradius - OTP
# vi /var/www/html/OTP/pam.php
<?php
echo “:-(”; // 
file_put_contents(’/tmp/pam.txt’,date(’Y-m-d D H:i:s ‘).json_encode($_GET).”\n”,FILE_APPEND);
?>
#yum install freeradius freeradius-utils freeradius-perl perl-libwww-perl
#perl -MCPAN -e shell
#perl -MCPAN -e shell
>install LWP
#radius -X
#radtest hieu 2234 127.0.0.1 123 testing123
- Create a new file ‘/etc/freeradius/sites-available/linotp’ with the following content:
authorize {
#normalizes maleformed client request before handed on to other modules (see '/etc/freeradius/modules/preprocess')
preprocess
# If you are using multiple kinds of realms, you probably
# want to set "ignore_null = yes" for all of them.
# Otherwise, when the first style of realm doesn't match,
# the other styles won't be checked.
#allows a list of realm (see '/etc/freeradius/modules/realm')
IPASS
#understands something like USER@REALM and can tell the components apart (see '/etc/freeradius/modules/realm')
suffix
#understands USER\REALM and can tell the components apart (see '/etc/freeradius/modules/realm')
ntdomain
# Read the 'users' file to learn about special configuration which should be applied for
# certain users (see '/etc/freeradius/modules/files')
files
# allows to let authentification to expire (see '/etc/freeradius/modules/expiration')
expiration
# allows to define valid service-times (see '/etc/freeradius/modules/logintime')
logintime
# We got no radius_shortname_map!
pap
}
#here the linotp perl module is called for further processing
authenticate {
perl
}
ln -s ../sites-available/linotp /etc/freeradius/sites-enabled'
#less example.pl
#
# If you are using DBI and do some queries to DB, please be sure to
# use the CLONE function to initialize the DBI connection to DB.
#
use strict;
use LWP;
# use …
# This is very important ! Without this script will not get the filled hashesh from main.
use vars qw(%RAD_REQUEST %RAD_REPLY %RAD_CHECK);
use Data::Dumper;
# This is hash wich hold original request from radius
#my %RAD_REQUEST;
# In this hash you add values that will be returned to NAS.
#my %RAD_REPLY;
#This is for check items
#my %RAD_CHECK;
sub authenticate {
# For debugging purposes only
# &log_request_attributes;
my $ua = LWP::UserAgent->new();
my $req = HTTP::Request->new( GET => “http://localhost/OTP/pam.php?user=” .
$RAD_REQUEST{’User-Name’} . “&pass=” . $RAD_REQUEST{’User-Password’} . “&client=” . $RAD_REQUEST{’NAS-IP-Address’} .
“&clientId=” . $RAD_REQUEST{’NAS-Identifier’} .
“&realm=” . $RAD_REQUEST{’Calling-Station-Id’} );
my $response = $ua->request( $req );
die “Error at OTP/pam.php\n “, $response->status_line, “\n Aborting”
unless $response->is_success;
if($response->content =~ m/:\-\)/i) {
return RLM_MODULE_OK;
} else {
$RAD_REPLY{’Reply-Message’} = “Wrong OTP - access denied !”;
return RLM_MODULE_REJECT;
}
}
#vi users
lameuser Auth-Type := Reject
Reply-Message = “Your account has been disabled.”
DEFAULT Auth-Type := perl
DB
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET NAMES utf8 */;
/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE=’NO_AUTO_VALUE_ON_ZERO’ */;
– Dumping database structure for OTP
CREATE DATABASE IF NOT EXISTS `OTP` /*!40100 DEFAULT CHARACTER SET utf8 */;
USE `OTP`;
– Dumping structure for table OTP.tbl_cache
CREATE TABLE IF NOT EXISTS `tbl_cache` (
`Username` varchar(50) DEFAULT NULL,
`Code` varchar(100) DEFAULT NULL,
`Dt` datetime DEFAULT NULL,
`LastUpdate` int(11) DEFAULT NULL,
`Server` varchar(50) DEFAULT NULL,
UNIQUE KEY `Index 1` (`Server`,`Username`),
KEY `Index 2` (`LastUpdate`,`Code`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
– Data exporting was unselected.
– Dumping structure for table OTP.tbl_users
CREATE TABLE IF NOT EXISTS `tbl_users` (
`id` int(10) NOT NULL AUTO_INCREMENT,
`Username` varchar(50) NOT NULL,
`Code` varchar(50) NOT NULL,
`Pin` varchar(50) NOT NULL,
`Phone` varchar(50) DEFAULT NULL,
PRIMARY KEY (`id`),
KEY `Index 2` (`Username`)
) ENGINE=InnoDB AUTO_INCREMENT=77 DEFAULT CHARSET=utf8;
– Data exporting was unselected.
/*!40101 SET SQL_MODE=IFNULL(@OLD_SQL_MODE, ”) */;
/*!40014 SET FOREIGN_KEY_CHECKS=IF(@OLD_FOREIGN_KEY_CHECKS IS NULL, 1, @OLD_FOREIGN_KEY_CHECKS) */;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
=========CENTOS 7==============
cp default otp
remove eap lines, remove eap module
replace sessions authorize/authenticate in sites-enabled/otp with following lines
authorize {
preprocess
files
expiration
logintime
}
authenticate {
perl
}
#users
#
lameuser Auth-Type := Reject
Reply-Message = “Your account has been disabled.”
DEFAULT Auth-Type := perl
#
#vi example.pl above
===============
https://github.com/multiOTP/radius-class-php
http://wiki.freeradius.org/modules/Rlm_perl
13
Aug
Xen WinPv Driver
gplpv_vista2008×32_signed_0110373
gplpv_vista2008×64_signed_0110373
http://wiki.univention.com/index.php?title=Installing-signed-GPLPV-drivers
/etc/tmux.conf
set-option -g prefix C-a
unbind-key C-b
bind-key C-a send-prefix
set-option -g status off
#set-option -g status-bg blue
set-option -g pane-border-fg black
set-option -g pane-active-border-fg black
set-option -g mouse-select-pane on
yum install spamassassin spamass-milter yum install perl-Mail-SPF perl-Mail-DKIM perl-Razor-Agent pyzor poppler-utils re2c chkconfig spamassassin on chkconfig spamass-milter on service spamassassin start service spamass-milter start vi sendmail.mc
INPUT_MAIL_FILTER(`spamassassin', `S=unix:/var/run/spamass-milter/spamass-milter.sock, F=, T=C:15m;S:4m;R:4m;E:10m')dnl
define(`confMILTER_MACROS_CONNECT',`t, b, j, _, {daemon_name}, {if_name}, {if_addr}')dnl
define(`confMILTER_MACROS_HELO',`s, {tls_version}, {cipher}, {cipher_bits}, {cert_subject}, {cert_issuer}')dnl
make /etc/init.d/sendmail restart spamassassin -D < /usr/share/doc/spamassassin-3.3.1/sample-spam.txt 2>&1|grep -i spf
$ diff -u spamd.org /usr/sbin/spamd
--- spamd.org 2011-04-21 23:35:10.000000000 +0000
+++ /usr/sbin/spamd 2011-04-22 00:11:17.000000000 +0000
@@ -1593,7 +1593,10 @@
my $scantime = sprintf( "%.1f", time - $start_time );
- info("spamd: $was_it_spam ($msg_score/$msg_threshold) for\
$current_user:$> in"
+ my @from_addrs = $mail->get_pristine_header("Received");
+ join("\n",@from_addrs) =~ m/(\[\d+\.\d+\.\d+\.\d+\])/;
+ my $from_addr = $1;
+ info("spamd: $was_it_spam ($msg_score/$msg_threshold) from\
$from_addr for $current_user:$> in"
. " $scantime seconds, $actual_length bytes." );
# add a summary "result:" line, based on mass-check format
# Fail2Ban filter for spamass-filter failures # [INCLUDES] before = common.conf [Definition] failregex = spamd: identified spam .* from \[<HOST>\] ignoreregex = # DEV Notes: # # Author:
cat /etc/sysconfig/spamass-milter
### Standard parameters for spamass-milter are: ### -f -P /var/run/spamass-milter.pid ### These run the milter as a daemon and have it write a PID file ### ### You may add another parameters here, see spamass-milter(1) EXTRA_FLAGS="-r 6"
# less /var/log/httpd/error_log
08:52:28 2016] [emerg] (28)No space left on device: Couldn’t create accept lock (/etc/httpd/logs/accept.lock.9206) (5)
# ipcs -s
# for i in `ipcs -s | awk ‘/apache/ {print $2}’`; do (ipcrm -s $i); done
# ipcs -s