#!/bin/bash
#Script to add firewall rules to a linux system to completely block
#all traffic to and from networks in the spamhaus drop list.
#Copyright 2009, William Stearns, wstearns@pobox.com
#Released under the GPL. This and other tools can be found at
#http://www.stearns.org/
#Sole (optional) command line parameter is the file location of the
#drop list, such as:
#cd /var/lib/
#wget http://www.spamhaus.org/drop/drop.lasso
# ./spamhaus-drop /var/lib/drop.lasso
#While the DROP file should be regularly updated, this should
#probably be about once per day or less frequently; do _not_
#download DROP more than once an hour.
if [ -n "$1" ]; then
DropList="$1"
else
DropList="./drop.lasso"
fi
if [ ! -s "$DropList" ]; then
echo "Unable to find drop list file $DropList . Perhaps do:" >&2
echo "wget http://www.spamhaus.org/drop/drop.lasso -O $DropList"
echo "exiting." >&2
exit 1
fi
if [ ! -x /sbin/iptables ]; then
echo "Missing iptables command line tool, exiting." >&2
exit 1
fi
cat "$DropList" \
| sed -e 's/;.*//' \
| grep -v '^ *$' \
| while read OneNetBlock ; do
/sbin/iptables -I INPUT -s "$OneNetBlock" -j DROP
/sbin/iptables -I OUTPUT -d "$OneNetBlock" -j DROP
/sbin/iptables -I FORWARD -s "$OneNetBlock" -j DROP
/sbin/iptables -I FORWARD -d "$OneNetBlock" -j DROP
done |
Fabio Laganà Debian, Linux, Shell, Uncategorized, bash, droplist, sed, spam, spamhaus
nome script: /usr/local/sbin/backup_dir.sh
descrizione: Con questo script viene fatto il backup delle directory importanti server
Inserendo una riga simile nel cron scheduliamo il backup tutte le notti
cat /etc/cron.d/backup
MAILTO="postmaster@yourdomain.com"
00 21 * * * root test -x /usr/local/sbin/backup_dir.sh && /usr/local/sbin/backup_dir.sh
#!/bin/bash
#
# backup_dir.sh
# Con questo script viene fatto il backup delle directory importanti server
#
hosts_internal=( your_host )
for host in ${hosts_internal[@]}
do
echo "Download of /etc/ /usr/local/sbin/ /root/ /home/ directory from "$host" "
echo -n "Starting ------>"
date
# bakup file for hosts
tar -zcvf /var/backups/backup_files_"$host"_`date +"%d%m%Y"`.tar.gz /etc/ /usr/local/sbin/ /root/ /home/ ;
mv /var/backups/backup_files_"$host"_`date +"%d%m%Y"`.tar.gz /backups/"$host"/;
rm -f /var/backups/backup_files_"$host"_`date +"%d%m%Y"`.tar.gz
echo -n "Stopping ------>"
date
echo ""
done |
Fabio Laganà Debian, Shell, backup, bash backup, bash, hosts, ip
Dominio .it non viene rinnovato
Maintainer da disdetta al Registro
Registro mette stato NO-PROVIDER-MNT x 60 giorni
Registro mette stato REDEMPTION-NO-PROVIDER x 30 giorni (no modifica intestatario)
Registro mette stato PENDING-DELETE dopo 5 giorni è libero
texilee Debian, Linux, Uncategorized
Unable to open the user access file /etc/hylafax/hosts.hfaxd: No such file or directory
$ls -la /etc/hylafax/hosts.hfaxd
-rw——- 1 uucp root 362 2009-04-03 11:01 /etc/hylafax/hosts.hfaxd
Hylafax Debian Etch search for
/var/spool/hylafax/etc/hylafax/hosts.hfaxd
NOT for /etc/hylafax/hosts.hfaxd
simply
- create dir /var/spool/hylafax/etc/hylafax/
- create soft link like
/var/spool/hylafax/etc/hylafax# ls -al
lrwxrwxrwx 1 root root 24 2009-04-03 11:03 hosts.hfaxd -> /etc/hylafax/hosts.hfaxd
texilee Debian, Linux, Uncategorized
DefaultRoot ~
RequireValidShell off
TimesGMT off
AllowRetrieveRestart on
AllowStoreRestart on
—————–
block external login selective
<IfUser user1>
<Limit LOGIN>
order allow,deny
allow from all
deny all
</Limit>
</IfUser>
<IfUser user2>
<Limit LOGIN>
order allow,deny
allow from all
deny all
</Limit>
</IfUser>
<IfUser AND !user1 !user2>
<Limit LOGIN>
order allow,deny
allow from192.168.26.0/24
deny all
</Limit>
</IfUser>
texilee Debian, Linux, Uncategorized
#sql instruction
CHANGE MASTER TO MASTER_HOST=’192.152.105.4′, MASTER_PORT=3306,MASTER_USER=slave’,
MASTER_PASSWORD=’pwextra’,MASTER_SSL=1,MASTER_SSL_CA=’/etc/ssl/certs/cacert.pem’,
MASTER_SSL_CAPATH =’/etc/ssl/certs’,MASTER_SSL_CERT = ‘/etc/ssl/certs/mysqlextraslave-cert.pem’,
MASTER_SSL_KEY = ‘/etc/mysql/mysqlextraslave-key.pem’;
Feb 18 12:20:15 extra mysqld_safe[24001]: 090218 12:20:15 [Warning] The syntax for replication startup options is deprecated and will be removed in MySQL 5.2. Please use ‘CHANGE MASTER’ instead.
Feb 18 12:20:15 extra mysqld_safe[24001]: 090218 12:20:15 [Warning] The syntax for replication startup options is deprecated and will be removed in MySQL 5.2. Please use ‘CHANGE MASTER’ instead.
texilee Debian, Linux, Uncategorized
# cat /usr/local/sbin/count_mail_per_domain.sh
#!/bin/bash
logfile=$2
domain=$3
case "$1" in
-t)
cat $logfile |grep "to remote" | awk '{print $14}'
| awk -F@ '{ field = $2 }; {print "domain: " field }'
| sort |uniq -c |sort -nr
| awk -v totale=0 '{totale=totale+$1; print ;} END {print "Totale giorno domini: "totale;}'
;;
-su)
cat $logfile |grep "to remote" |grep -i "$domain"
|awk ' { field = $14 }; {print "to remote: " field }'
| sort| uniq -c| sort -nr
| awk -v totale=0 '{totale=totale+$1; print ;} END {print "Totale giorno domini per utente: "totale;}'
;;
-s)
cat $logfile |grep "to remote" |grep -i "$domain" |awk '{print $14}'
| awk -F@ '{ field = $2 }; {print "to remote domain: " field }'
| sort| uniq -c| sort -nr
| awk -v totale=0 '{totale=totale+$1; print ;} END {print "Totale giorno domini: "totale;}'
;;
*)
echo $"Usage: $0 { -t /var/log/mail.log.0 } for print total mail for domain "
echo $"Usage: $0 { -su /var/log/mail.log.0 domain.com } for print total mail for single domain per user"
echo $"Usage: $0 { -s /var/log/mail.log.0 domain.com } for print total mail for single domain"
exit 1
esac |
for more tips visit qmail relay to smarthost
Fabio Laganà Debian, Mailserver, Qmail, Shell, Uncategorized, awk, bash awk, bash, Debian, mail.log, Mailserver, Qmail
To put a second IP address to the same interface, just enter on the commandline as root:
OpenBSD# ifconfig re0 inet alias 192.168.10.199 netmask 255.255.255.0
This sets an IP address 192.168.10.199 to vr0. Check again with ifconfig:
OpenBSD# ifconfig -A
lo0: flags=8049 mtu 33208
groups: lo
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
re0: flags=8843 mtu 1500
lladdr 00:40:45:28:89:37
groups: egress
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet 192.168.1.199 netmask 0xffffff00 broadcast 192.168.1.255
inet6 fe80::240:45ff:fe28:8937%vr0 prefixlen 64 scopeid 0x2
inet 192.168.10.199 netmask 0xffffff00 broadcast 192.168.100.255
Now we see two IP addresses on vr0. If you want to set an IP address within the same network you would have to set a fake netmask of 255.255.255.255.
If you use ifconfig to set an IP alias, the alias won’t be present after the next reboot. To make the setting permanent, add a line to /etc/hostname.<INTERFACE>:
OpenBSD# vi /etc/hostname.vr0
inet 192.168.1.199 255.255.255.0 NONE
inet alias 192.168.10.199 255.255.255.0
You can remove an IP alias with a comand like this:
OpenBSD# ifconfig re0 192.168.10.199 delete
This deletes the second IP address from the interface keeping the first.
Fabio Laganà OpenBSD, Shell add, alias, ip, OpenBSD, remove
enrico@tex:~$ clear && for i in `seq -10 0`; do tput cup 1 0 && printf ” $i ” ; sleep 1; done
texilee Debian, Linux, Uncategorized
#!/bin/sh
SERVER=ssl.mioserverweb.dominio
PRIVATE_KEY=$SERVER.private.key
CERTIFICATE_FILE=$SERVER.crt
VALID_DAYS=365
echo Delete old private key
rm $PRIVATE_KEY
echo Create new private/public-keys without passphrase for server
openssl genrsa -out $PRIVATE_KEY 2048
echo Create selfsigned certificate
rm $CERTIFICATE_FILE
# From man req:
# -x509
# this option outputs a self signed certificate instead
# of a certificate request. This is typically used to
# generate a test certificate or a self signed root CA.
# The extensions added to the certificate (if any) are
# specified in the configuration file.
openssl req -new
-days $VALID_DAYS
-key $PRIVATE_KEY
-x509
-out $CERTIFICATE_FILE
echo private-keyfile is $PRIVATE_KEY
echo server-certificate-file is $CERTIFICATE_FILE
ls -l $PRIVATE_KEY $CERTIFICATE_FILE |
Fabio Laganà Debian, Linux, SSL, bash certificates, Debian, Howto, SSL, webserver
