1.install all required packeages
#apt-get install bison fakeroot flex g++ g++-multilib gperf libapache2-mod-php5 libasound2-dev libbz2-dev libcairo2-dev libdbus-glib-1-dev libgconf2-dev libgl1-mesa-dev libglu1-mesa-dev libglib2.0-dev libgtk2.0-dev libjpeg62-dev libnspr4-dev libnss3-dev libpam0g-dev libsqlite3-dev libxslt1-dev libxss-dev mesa-common-dev ttf-mscorefonts-installer patch perl pkg-config python python-dev rpm subversion libcups2-dev libgnome-keyring-dev libcurl4-gnutls-dev libelf-dev ttf-indic-fonts
2.mkdir dart folder to install depot_tools
#mkdir /dart
#cd /dart
#svn co http://src.chromium.org/svn/trunk/tools/depot_tools
#export PATH=$PATH:`pwd`/depot_tools
3.install lib_ssl package
#apt-get install libssl-dev
4.get all source,make a folder without root permission
#cd /home/tommy/
#gclient config http://dart.googlecode.com/svn/trunk/deps/all.deps
#gclient sync
5.change /home/tommy/dart/third_party/gsutil/20110627/
#gsutil config
and use browser to access the url to archieve the authentication code
than reinstall use step 4 procedure
2011年10月19日 星期三
2011年9月7日 星期三
frox ftp proxy setting
1.install frox package with squid on the server
#apt-get install frox
2.modify frox configuration
#vim /etc/frox.conf
Port 2121
BindToDevice eth0
User nobody
Group nogroup
WorkingDir /var/log/frox
DontChroot no
LogLevel 15
LogFile /var/log/frox/frox-log
XferLogging yes
PidFile /var/run/frox.pid
PAConv yes
BounceDefend yes
AllowNonASCII yes
CacheModule http
HTTPProxy 172.16.100.100:9119
MinCacheSize 65536
DoNTP yes
MaxForks 10
MaxForksPerHost 4
ACL Allow * - *
3.add new iptables rule
iptables -t nat -A PREROUTING -p tcp -s LOCALNET --dport 21 -j REDIRECT --to 2121
#apt-get install frox
2.modify frox configuration
#vim /etc/frox.conf
Port 2121
BindToDevice eth0
User nobody
Group nogroup
WorkingDir /var/log/frox
DontChroot no
LogLevel 15
LogFile /var/log/frox/frox-log
XferLogging yes
PidFile /var/run/frox.pid
PAConv yes
BounceDefend yes
AllowNonASCII yes
CacheModule http
HTTPProxy 172.16.100.100:9119
MinCacheSize 65536
DoNTP yes
MaxForks 10
MaxForksPerHost 4
ACL Allow * - *
3.add new iptables rule
iptables -t nat -A PREROUTING -p tcp -s LOCALNET --dport 21 -j REDIRECT --to 2121
2011年8月16日 星期二
rename eth1 to eth0
if you change motherboard and restart ubuntu system,
you may find all networks can't work with correct interfaces.
You can rename the interface to map the correct networks.
1.modify the /etc/udev/rules/70-persistent-net.rules
#vim /etc/udev/rules/70-persistent-net.rules
change eth? to correct number with mac address
2.remove all setting on /etc/network/interfaces except lo setting
vim /etc/network/interfaces
3.reboot server
4.add network setting on /etc/network/interfaces
vim /etc/network/interfaces
auto eth1
iface eth1 inet static
address 10.x.x.x
network 255.255.255.x
gateway 10.x.x.x.x
5.restart networks
#/etc/init.d/networking restart
you may find all networks can't work with correct interfaces.
You can rename the interface to map the correct networks.
1.modify the /etc/udev/rules/70-persistent-net.rules
#vim /etc/udev/rules/70-persistent-net.rules
change eth? to correct number with mac address
2.remove all setting on /etc/network/interfaces except lo setting
vim /etc/network/interfaces
3.reboot server
4.add network setting on /etc/network/interfaces
vim /etc/network/interfaces
auto eth1
iface eth1 inet static
address 10.x.x.x
network 255.255.255.x
gateway 10.x.x.x.x
5.restart networks
#/etc/init.d/networking restart
2011年7月5日 星期二
linux dhcp access windows dhcp multidomain
if you dns server is windows base and allow linux client to search multidomin,
please modify windows dhcp server and add option 119.
1.on dhcp global scope add predefined option
2.add a byte array
3.example:abc.com abc.com.tw
add order is ab.com.tw abc.com
0x00 0x77 0x74 0x02 0x6d 0x6f 0x63 0x03 0x63 0x62 0x61 0x03 --> abc.com.tw
0x00 0x6d 0x6f 0x63 0x03 0x63 0x62 0x61 0x03 -->abc.com
ox00 means null termination
0x02 tw two characters
0x03 com three characters
0x0c abc three characters
other setting method,please use optinos 15 to add other domain with space
abc.com abc.com.tw
please modify windows dhcp server and add option 119.
1.on dhcp global scope add predefined option
2.add a byte array
3.example:abc.com abc.com.tw
add order is ab.com.tw abc.com
0x00 0x77 0x74 0x02 0x6d 0x6f 0x63 0x03 0x63 0x62 0x61 0x03 --> abc.com.tw
0x00 0x6d 0x6f 0x63 0x03 0x63 0x62 0x61 0x03 -->abc.com
ox00 means null termination
0x02 tw two characters
0x03 com three characters
0x0c abc three characters
other setting method,please use optinos 15 to add other domain with space
abc.com abc.com.tw
2011年7月4日 星期一
search mulitdomain
#vim /etc/resolv.conf
domain abc.com.tw
search adc.com ad.adc.com abc.com.tw
nameserver 172.16.1.100
nameserver 172.16.1.110
options ndots:3
it will search multidomain on /etc/resolv.conf
domain abc.com.tw
search adc.com ad.adc.com abc.com.tw
nameserver 172.16.1.100
nameserver 172.16.1.110
options ndots:3
it will search multidomain on /etc/resolv.conf
2011年6月29日 星期三
enable apache x-forwarder-for
1.modify /etc/apache2/apache2.conf
add lines in it
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog "logs/access_log" combined env=!forwarded
CustomLog "logs/access_log" proxy env=forwarded
2.restart apache2 server
#/etc/init.d/apache2 restart
add lines in it
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog "logs/access_log" combined env=!forwarded
CustomLog "logs/access_log" proxy env=forwarded
2.restart apache2 server
#/etc/init.d/apache2 restart
2011年5月31日 星期二
add route in linux
1.add new route
#route add -net 172.16.0.0. netmask 255.255.0.0 gw 172.16.1.1
2.del route
#route del -net 172.16.0.0 netmask 255.255.0.0 gw 172.16.1.1
3.modify default route
#route add -net 0.0.0.0 netmask 0.0.0.0 gw 10.10.10.1
#route add -net 172.16.0.0. netmask 255.255.0.0 gw 172.16.1.1
2.del route
#route del -net 172.16.0.0 netmask 255.255.0.0 gw 172.16.1.1
3.modify default route
#route add -net 0.0.0.0 netmask 0.0.0.0 gw 10.10.10.1
2011年5月23日 星期一
bind chroot setting
1.stop bind9 service
#/etc/init.d/bind9 stop
2.modify /etc/default/bind9 and add -t agrument
#vim /etc/default/bind9
OPTIONS="-u bind -t /var/lib/named"
3.create necessary folder
#mkdir -p /var/lib/named/etc
#mkdir /var/lib/named/dev
#mkdir -p /var/lib/named/var/cache/bind
#mkdir -p /var/lib/named/var/run/bind/run
4.move /etc/bind to /var/lib/name/etc/
#mv /etc/bind /var/lib/named/etc
5.mkdir software link to /etc/bind
#ln -s /var/lib/named/etc/bind /etc/bind
6.mkdir two char device and grant some permission
#mknod /var/lib/named/dev/null c 1 3
#mknod /var/lib/named/dev/random c 1 8
#chmod 666 /var/lib/named/dev/null /var/lib/named/dev/random
#chown -R bind:bind /var/lib/named/var/*
#chown -R bind:bind /var/lib/named/etc/bind
7.create one file to log import message and add one line on it
#vim /etc/rsyslog.d/bind-chroot.conf
$AddUnixListenSocket /var/lib/named/dev/log
8.add some lines on /etc/apparmor.d/usr.sbin.named
#vim /etc/apparmor.d/usr.sbin.named
/var/lib/named/etc/bind/* rw,
/var/lib/named/var/run/bind/run/named.pid w,
/var/lib/named/var/run/bind/named.options r,
/var/lib/named/dev/null rw,
/var/lib/named/dev/random rw,
9.restart rsyslog and bind9 serivice
#/etc/init.d/rsyslog restart
#/etc/init.d/apparmor restart
#/etc/init.d/bind9 start
#/etc/init.d/bind9 stop
2.modify /etc/default/bind9 and add -t agrument
#vim /etc/default/bind9
OPTIONS="-u bind -t /var/lib/named"
3.create necessary folder
#mkdir -p /var/lib/named/etc
#mkdir /var/lib/named/dev
#mkdir -p /var/lib/named/var/cache/bind
#mkdir -p /var/lib/named/var/run/bind/run
4.move /etc/bind to /var/lib/name/etc/
#mv /etc/bind /var/lib/named/etc
5.mkdir software link to /etc/bind
#ln -s /var/lib/named/etc/bind /etc/bind
6.mkdir two char device and grant some permission
#mknod /var/lib/named/dev/null c 1 3
#mknod /var/lib/named/dev/random c 1 8
#chmod 666 /var/lib/named/dev/null /var/lib/named/dev/random
#chown -R bind:bind /var/lib/named/var/*
#chown -R bind:bind /var/lib/named/etc/bind
7.create one file to log import message and add one line on it
#vim /etc/rsyslog.d/bind-chroot.conf
$AddUnixListenSocket /var/lib/named/dev/log
8.add some lines on /etc/apparmor.d/usr.sbin.named
#vim /etc/apparmor.d/usr.sbin.named
/var/lib/named/etc/bind/* rw,
/var/lib/named/var/run/bind/run/named.pid w,
/var/lib/named/var/run/bind/named.options r,
/var/lib/named/dev/null rw,
/var/lib/named/dev/random rw,
9.restart rsyslog and bind9 serivice
#/etc/init.d/rsyslog restart
#/etc/init.d/apparmor restart
#/etc/init.d/bind9 start
2011年5月12日 星期四
bind9 enable logging for dns query everything
1.modify /etc/bind/named.conf.options
#vim /etc/bind/named.conf.options
logging{
channel dns_log {
file "/var/log/named/bind.log" versions 3 size 5m;
severity info;
print-time yes;
print-severity yes;
print-category yes;
};
category lame-servers{
null;
};
category default{
dns_log;
};
category xfer-out{
dns_log;
};
category queries{
dns_log;
};
};
2.make a folder name named in /var/log and give bind write permission
#cd /var/log
#mkdir named
#cd named
#touch bind.log
#cd ../..
#chown bind:bind -Rf named/
#chmod 775 -Rf named/
3.restart bind service
#/etc/init.d/bind9 restart
#vim /etc/bind/named.conf.options
logging{
channel dns_log {
file "/var/log/named/bind.log" versions 3 size 5m;
severity info;
print-time yes;
print-severity yes;
print-category yes;
};
category lame-servers{
null;
};
category default{
dns_log;
};
category xfer-out{
dns_log;
};
category queries{
dns_log;
};
};
2.make a folder name named in /var/log and give bind write permission
#cd /var/log
#mkdir named
#cd named
#touch bind.log
#cd ../..
#chown bind:bind -Rf named/
#chmod 775 -Rf named/
3.restart bind service
#/etc/init.d/bind9 restart
2011年5月11日 星期三
Bind9 dns system with master and slave
1.install bind9 system packages on master and slave server
#apt-get update
#apt-get upgrade
#apt-get install bind9 bind9-doc
2.modify /etc/hosts and add two server record like this
#vim /etc/hosts
127.0.0.1 localhost
192.168.11.111 master.csp.com.tw master
192.168.11.50 slave.csp.com.tw slave
3.modify /etc/resolv.conf and add nameserver setting about master and slave
#vim /etc/resolv.conf
nameserver 192.168.11.111
nameserver 192.168.11.50
4.modify /etc/bind/named.conf.local on master to add new zone to allow transfer
#vim /etc/bind/named.conf.local
zone "csp.com.tw" {
type master;
file "/etc/bind/db.csp.com.tw";
allow-transfer {
192.168.11.50;
};
notify yes;
};
zone "2.10.10.in-addr.arpa" {
type master;
file "/etc/bind/db.10.10.2";
allow-transfer {
192.168.11.50;
};
notify yes;
};
5.add new file name db.csp.com.tw and db.10.10.2 about setting zone csp.com.tw
#vim /etc/bind/db.csp.com.tw
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA csp.com.tw. admin. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS localhost.
@ IN A 127.0.0.1
@ IN AAAA ::1
@ IN MX 5 mail1.csp.com.tw.
@ IN MX 10 mail2.csp.com.tw.
www1 IN A 66.77.88.120
www2 IN A 66.77.88.120
dns IN A 10.10.2.171
ftp IN A 10.10.2.172
mail1 IN A 10.10.2.200
mail2 IN A 10.10.2.201
webapp1 IN CNAME www1.csp.com.tw.
webapp2 IN CNAME www2.csp.com.tw.
================db.10.10.2=======================
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA csp.com.tw. admin. (
2011052301 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS dns.csp.com.tw.
172 IN PTR ftp.csp.com.tw.
6.modify /etc/bind/named.conf.options
#vim /etc/bind/named.conf.options
acl "trusted" { 127.0.0.1; 192.168.11.0/24; };
options {
directory "/var/cache/bind";
allow-recursion { trusted; };
allow-transfer { none; };
notify no;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
7.restart bind service on master server
#/etc/init.d/bind9 restart
8.modify /etc/bind/named.conf.local on slave server
#vim /etc/bind/named.conf.local
zone "csp.com.tw" {
type slave;
file "db.csp.com.tw";
masters {
192.168.11.111;
};
};
zone "2.10.10.in-addr.arpa" {
type slave;
file "db.10.10.2";
masters {
192.168.11.111;
};
};
9.restart bind service on slave server
10.check /var/cache/bind to find new file named db.csp.com.tw transfered from master server
#apt-get update
#apt-get upgrade
#apt-get install bind9 bind9-doc
2.modify /etc/hosts and add two server record like this
#vim /etc/hosts
127.0.0.1 localhost
192.168.11.111 master.csp.com.tw master
192.168.11.50 slave.csp.com.tw slave
3.modify /etc/resolv.conf and add nameserver setting about master and slave
#vim /etc/resolv.conf
nameserver 192.168.11.111
nameserver 192.168.11.50
4.modify /etc/bind/named.conf.local on master to add new zone to allow transfer
#vim /etc/bind/named.conf.local
zone "csp.com.tw" {
type master;
file "/etc/bind/db.csp.com.tw";
allow-transfer {
192.168.11.50;
};
notify yes;
};
zone "2.10.10.in-addr.arpa" {
type master;
file "/etc/bind/db.10.10.2";
allow-transfer {
192.168.11.50;
};
notify yes;
};
5.add new file name db.csp.com.tw and db.10.10.2 about setting zone csp.com.tw
#vim /etc/bind/db.csp.com.tw
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA csp.com.tw. admin. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS localhost.
@ IN A 127.0.0.1
@ IN AAAA ::1
@ IN MX 5 mail1.csp.com.tw.
@ IN MX 10 mail2.csp.com.tw.
www1 IN A 66.77.88.120
www2 IN A 66.77.88.120
dns IN A 10.10.2.171
ftp IN A 10.10.2.172
mail1 IN A 10.10.2.200
mail2 IN A 10.10.2.201
webapp1 IN CNAME www1.csp.com.tw.
webapp2 IN CNAME www2.csp.com.tw.
================db.10.10.2=======================
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA csp.com.tw. admin. (
2011052301 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS dns.csp.com.tw.
172 IN PTR ftp.csp.com.tw.
6.modify /etc/bind/named.conf.options
#vim /etc/bind/named.conf.options
acl "trusted" { 127.0.0.1; 192.168.11.0/24; };
options {
directory "/var/cache/bind";
allow-recursion { trusted; };
allow-transfer { none; };
notify no;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
7.restart bind service on master server
#/etc/init.d/bind9 restart
8.modify /etc/bind/named.conf.local on slave server
#vim /etc/bind/named.conf.local
zone "csp.com.tw" {
type slave;
file "db.csp.com.tw";
masters {
192.168.11.111;
};
};
zone "2.10.10.in-addr.arpa" {
type slave;
file "db.10.10.2";
masters {
192.168.11.111;
};
};
9.restart bind service on slave server
10.check /var/cache/bind to find new file named db.csp.com.tw transfered from master server
how to find installed packages on ubuntu system
root@django:/etc/bind# dpkg --get-selections | grep bind
bind9 install
bind9-doc install
bind9-host install
bind9utils install
libbind9-60 install
it will list all packags about bind installed in your system
root@django:/etc/bind# dpkg -L bind9
/etc
/etc/ufw
/etc/ufw/applications.d
/etc/ufw/applications.d/bind9
/etc/apparmor.d
/etc/apparmor.d/force-complain
/etc/apparmor.d/usr.sbin.named
/etc/bind
/etc/bind/bind.keys
/etc/bind/db.0
/etc/bind/db.255
/etc/bind/db.empty
/etc/bind/zones.rfc1918
/etc/bind/db.127
/etc/bind/db.local
/etc/bind/db.root
it will show files within the packages you search
bind9 install
bind9-doc install
bind9-host install
bind9utils install
libbind9-60 install
it will list all packags about bind installed in your system
root@django:/etc/bind# dpkg -L bind9
/etc
/etc/ufw
/etc/ufw/applications.d
/etc/ufw/applications.d/bind9
/etc/apparmor.d
/etc/apparmor.d/force-complain
/etc/apparmor.d/usr.sbin.named
/etc/bind
/etc/bind/bind.keys
/etc/bind/db.0
/etc/bind/db.255
/etc/bind/db.empty
/etc/bind/zones.rfc1918
/etc/bind/db.127
/etc/bind/db.local
/etc/bind/db.root
it will show files within the packages you search
2011年4月27日 星期三
reactive eth0 if mac is binded
SIOCSIFADDR No such device eth0 error while getting interface flags
#vim /etc/udev/rules.d/70-persistent-net.rules
delete eth0 line
#sudo reboot
#vim /etc/udev/rules.d/70-persistent-net.rules
delete eth0 line
#sudo reboot
2011年3月2日 星期三
訂閱:
文章 (Atom)