#!/bin/bash
#Script to add firewall rules to a linux system to completely block
#all traffic to and from networks in the spamhaus drop list.
#Copyright 2009, William Stearns, wstearns@pobox.com
#Released under the GPL. This and other tools can be found at
#http://www.stearns.org/
#Sole (optional) command line parameter is the file location of the
#drop list, such as:
#cd /var/lib/
#wget http://www.spamhaus.org/drop/drop.lasso
# ./spamhaus-drop /var/lib/drop.lasso
#While the DROP file should be regularly updated, this should
#probably be about once per day or less frequently; do _not_
#download DROP more than once an hour.
if [ -n "$1" ]; then
DropList="$1"
else
DropList="./drop.lasso"
fi
if [ ! -s "$DropList" ]; then
echo "Unable to find drop list file $DropList . Perhaps do:" >&2
echo "wget http://www.spamhaus.org/drop/drop.lasso -O $DropList"
echo "exiting." >&2
exit 1
fi
if [ ! -x /sbin/iptables ]; then
echo "Missing iptables command line tool, exiting." >&2
exit 1
fi
cat "$DropList" \
| sed -e 's/;.*//' \
| grep -v '^ *$' \
| while read OneNetBlock ; do
/sbin/iptables -I INPUT -s "$OneNetBlock" -j DROP
/sbin/iptables -I OUTPUT -d "$OneNetBlock" -j DROP
/sbin/iptables -I FORWARD -s "$OneNetBlock" -j DROP
/sbin/iptables -I FORWARD -d "$OneNetBlock" -j DROP
done |
Fabio Laganà Debian, Linux, Shell, Uncategorized, bash, droplist, sed, spam, spamhaus
nome script: /usr/local/sbin/backup_dir.sh
descrizione: Con questo script viene fatto il backup delle directory importanti server
Inserendo una riga simile nel cron scheduliamo il backup tutte le notti
cat /etc/cron.d/backup
MAILTO="postmaster@yourdomain.com"
00 21 * * * root test -x /usr/local/sbin/backup_dir.sh && /usr/local/sbin/backup_dir.sh
#!/bin/bash
#
# backup_dir.sh
# Con questo script viene fatto il backup delle directory importanti server
#
hosts_internal=( your_host )
for host in ${hosts_internal[@]}
do
echo "Download of /etc/ /usr/local/sbin/ /root/ /home/ directory from "$host" "
echo -n "Starting ------>"
date
# bakup file for hosts
tar -zcvf /var/backups/backup_files_"$host"_`date +"%d%m%Y"`.tar.gz /etc/ /usr/local/sbin/ /root/ /home/ ;
mv /var/backups/backup_files_"$host"_`date +"%d%m%Y"`.tar.gz /backups/"$host"/;
rm -f /var/backups/backup_files_"$host"_`date +"%d%m%Y"`.tar.gz
echo -n "Stopping ------>"
date
echo ""
done |
Fabio Laganà Debian, Shell, backup, bash backup, bash, hosts, ip
Dominio .it non viene rinnovato
Maintainer da disdetta al Registro
Registro mette stato NO-PROVIDER-MNT x 60 giorni
Registro mette stato REDEMPTION-NO-PROVIDER x 30 giorni (no modifica intestatario)
Registro mette stato PENDING-DELETE dopo 5 giorni è libero
texilee Debian, Linux, Uncategorized
Unable to open the user access file /etc/hylafax/hosts.hfaxd: No such file or directory
$ls -la /etc/hylafax/hosts.hfaxd
-rw——- 1 uucp root 362 2009-04-03 11:01 /etc/hylafax/hosts.hfaxd
Hylafax Debian Etch search for
/var/spool/hylafax/etc/hylafax/hosts.hfaxd
NOT for /etc/hylafax/hosts.hfaxd
simply
- create dir /var/spool/hylafax/etc/hylafax/
- create soft link like
/var/spool/hylafax/etc/hylafax# ls -al
lrwxrwxrwx 1 root root 24 2009-04-03 11:03 hosts.hfaxd -> /etc/hylafax/hosts.hfaxd
texilee Debian, Linux, Uncategorized
DefaultRoot ~
RequireValidShell off
TimesGMT off
AllowRetrieveRestart on
AllowStoreRestart on
—————–
block external login selective
<IfUser user1>
<Limit LOGIN>
order allow,deny
allow from all
deny all
</Limit>
</IfUser>
<IfUser user2>
<Limit LOGIN>
order allow,deny
allow from all
deny all
</Limit>
</IfUser>
<IfUser AND !user1 !user2>
<Limit LOGIN>
order allow,deny
allow from192.168.26.0/24
deny all
</Limit>
</IfUser>
texilee Debian, Linux, Uncategorized
#sql instruction
CHANGE MASTER TO MASTER_HOST=’192.152.105.4′, MASTER_PORT=3306,MASTER_USER=slave’,
MASTER_PASSWORD=’pwextra’,MASTER_SSL=1,MASTER_SSL_CA=’/etc/ssl/certs/cacert.pem’,
MASTER_SSL_CAPATH =’/etc/ssl/certs’,MASTER_SSL_CERT = ‘/etc/ssl/certs/mysqlextraslave-cert.pem’,
MASTER_SSL_KEY = ‘/etc/mysql/mysqlextraslave-key.pem’;
Feb 18 12:20:15 extra mysqld_safe[24001]: 090218 12:20:15 [Warning] The syntax for replication startup options is deprecated and will be removed in MySQL 5.2. Please use ‘CHANGE MASTER’ instead.
Feb 18 12:20:15 extra mysqld_safe[24001]: 090218 12:20:15 [Warning] The syntax for replication startup options is deprecated and will be removed in MySQL 5.2. Please use ‘CHANGE MASTER’ instead.
texilee Debian, Linux, Uncategorized
# cat /usr/local/sbin/count_mail_per_domain.sh
#!/bin/bash
logfile=$2
domain=$3
case "$1" in
-t)
cat $logfile |grep "to remote" | awk '{print $14}'
| awk -F@ '{ field = $2 }; {print "domain: " field }'
| sort |uniq -c |sort -nr
| awk -v totale=0 '{totale=totale+$1; print ;} END {print "Totale giorno domini: "totale;}'
;;
-su)
cat $logfile |grep "to remote" |grep -i "$domain"
|awk ' { field = $14 }; {print "to remote: " field }'
| sort| uniq -c| sort -nr
| awk -v totale=0 '{totale=totale+$1; print ;} END {print "Totale giorno domini per utente: "totale;}'
;;
-s)
cat $logfile |grep "to remote" |grep -i "$domain" |awk '{print $14}'
| awk -F@ '{ field = $2 }; {print "to remote domain: " field }'
| sort| uniq -c| sort -nr
| awk -v totale=0 '{totale=totale+$1; print ;} END {print "Totale giorno domini: "totale;}'
;;
*)
echo $"Usage: $0 { -t /var/log/mail.log.0 } for print total mail for domain "
echo $"Usage: $0 { -su /var/log/mail.log.0 domain.com } for print total mail for single domain per user"
echo $"Usage: $0 { -s /var/log/mail.log.0 domain.com } for print total mail for single domain"
exit 1
esac |
for more tips visit qmail relay to smarthost
Fabio Laganà Debian, Mailserver, Qmail, Shell, Uncategorized, awk, bash awk, bash, Debian, mail.log, Mailserver, Qmail
enrico@tex:~$ clear && for i in `seq -10 0`; do tput cup 1 0 && printf ” $i ” ; sleep 1; done
texilee Debian, Linux, Uncategorized
#!/bin/sh
SERVER=ssl.mioserverweb.dominio
PRIVATE_KEY=$SERVER.private.key
CERTIFICATE_FILE=$SERVER.crt
VALID_DAYS=365
echo Delete old private key
rm $PRIVATE_KEY
echo Create new private/public-keys without passphrase for server
openssl genrsa -out $PRIVATE_KEY 2048
echo Create selfsigned certificate
rm $CERTIFICATE_FILE
# From man req:
# -x509
# this option outputs a self signed certificate instead
# of a certificate request. This is typically used to
# generate a test certificate or a self signed root CA.
# The extensions added to the certificate (if any) are
# specified in the configuration file.
openssl req -new
-days $VALID_DAYS
-key $PRIVATE_KEY
-x509
-out $CERTIFICATE_FILE
echo private-keyfile is $PRIVATE_KEY
echo server-certificate-file is $CERTIFICATE_FILE
ls -l $PRIVATE_KEY $CERTIFICATE_FILE |
Fabio Laganà Debian, Linux, SSL, bash certificates, Debian, Howto, SSL, webserver
Promemoria test su thunderbird https://bugzilla.mozilla.org/show_bug.cgi?id=398324
texilee Debian, Linux, Uncategorized
