Basic
77.88.8.8
77.88.8.1
Quick and reliable DNS
Safe
77.88.8.88
77.88.8.2
Protection from virus and fraudulent content
Family
77.88.8.7
77.88.8.3
Without adult content
Yazar: shukko
sHuKKo Kazandibi benim sanal kişiliğim. Gerçek bir adım, gerçek bir işim, gerçek bir yaşantımda var.. Ama "sanal alem" de ben buyum.. 1997 den beri önce okuyup, sorup, öğrenip, araştırıp sonra yazar çizerim. shukko.com benim kişisel sitem. Hiç kimse için hazırlanmamış sadece kendimin okuyup anlayacağı ama "bazı" kısımları herkesçe okunabilen kişisel karalama defterim, "Blog" tabiri çıkmadan çok çok önce düz .txt .html dosyaları ile yaptıklarımı tarih içinde pek çok kez kaybetmiş olmamın tanığı :D.
ssh ile kolay socks proxy -ek-
daha once bir yazim var bu konu hakkinda
ama yeni birseyler ogrendim
eklemek gerekir
ssh ile kolay socks proxy yapalim
ssh -fCND 127.0.0.1:15428 user@sunucu.com
-D binds SSH to the IP and port specified
-f tells it to become a background daemon process
-N tells it that no commands are going to be run
-C enables compression so web browsing will be slightly faster
son olarak browserimize proxy olarak eklemek icin
socks5 proxy seciyoruz
portumuz 15428
baglantimiz 127.0.0.1
gule gule kullaniniz.
socks 4/5 proxy using erlang? Erlang ne ulan?
socks 4/5 proxy using erlang? Erlang ne ulan?
What is Erlang?
Erlang is a programming language used to build massively scalable soft real-time systems with requirements on high availability. Some of its uses are in telecoms, banking, e-commerce, computer telephony and instant messaging. Erlang’s runtime system has built-in support for concurrency, distribution and fault tolerance.
apt-get install erlang-base
wget https://www.shukko.com/x3/wp-content/uploads/Socks2.tar.gz
tar zxvf Socks2.tar.gz; rm -f Socks2.tar.gz; cd Socks2
# edit socks.erl -> 'start() -> start(4, 8899).' -> 4 - thread, 8899 - port
./run.sh
kodu inceledim okudum anladigim kadariyla pek guzel kod, zararsiz isini yapiyor.
ama daha fazla detaya ihtiyacim var..
auth mekanizmasi yokmu bunun yahu?
8 disk ile veya 4 disk ile ile veya canin nasil isterse Proxmox Uzerinde Software Raid 10 Kurulumu
kurulum icin elimizde uygun bir makinamiz var.
bu makinamizda 4 adet 2tb data diskimiz mevcut,
biz bu disklerimizi software raid 10 olarak proxmox altinda calistirmak istiyoruz
daha onceki bir yazimda once debian wheezy kurmus daha sonra onun uzerine lvm raid yapip isi hallettmistim
fakat bu bana cazip gelmiyor, bu tur raid kurulumu guncellemelerde sorun cikartiyor.
O yuzden bu kez yapmak istedigim oncelikle 4 diskimizin 1.cisine normal sekilde proxmox kurduktan sonra sistemi proxmox calisirken raid 10 haline getirmek
adimlar su sekildedir:
1- guncel proxmox isosu download edilir
2- /dev/sda uzerine normal proxmox kurulumu yapilir
3- hersey calisir hale geldikden sonra ssh ile sisteme baglanilir
4- proxmox icin gerekli repo ayarlari yapilir ve sistem guncellenir son olarak mdadm paketleri sisteme yuklenir
nano /etc/apt/sources.list
------------
deb http://ftp.de.debian.org/debian wheezy main contrib
# security updates
deb http://security.debian.org/ wheezy/updates main contrib
# PVE pve-no-subscription repository provided by proxmox.com, NOT recommended for production use
deb http://download.proxmox.com/debian wheezy pve-no-subscription
-------------
apt-get update
apt-get dist-upgrade
apt-get install mdadm
5-bu asamada partition tablolarimizi disk1 den disk2,3,ve 4 e kopyalayacagiz
ancak bundan once eger sistemde olurda daha onceden bir mdadm yapilandirmasi varsa eski disklerde bunu halletmek icin diskleri sifirlayalim, bu komut disklerde eski partitionlari ve mbr yi silecek
# dd if=/dev/zero of=/dev/sdx bs=512 count=1
bundan sonra partition tablolarimizi kopyalayalim 4disk icin su sekilde
sfdisk -d /dev/sda | sfdisk -f /dev/sdb
sfdisk -d /dev/sda | sfdisk -f /dev/sdc
sfdisk -d /dev/sda | sfdisk -f /dev/sdd
NOT NOT NOT // GUNCELLEME GUNCELLEME
EGER PARTITIONLARIMIZ OLDUDA GPT OLDU ISE
gdisk kur
Copy the partition scheme from /dev/sda to /dev/sdb:
sgdisk -R=/dev/sdb /dev/sda
buda zorunlu Now randomizes the GUID:
gdisk -G /dev/sdb
6- 3 diskimizdeki partition formatini RAID olarak belirleyelim
sfdisk -c /dev/sdb 1 fd
sfdisk -c /dev/sdb 2 fd
sfdisk -c /dev/sdc 1 fd
sfdisk -c /dev/sdc 2 fd
sfdisk -c /dev/sdd 1 fd
sfdisk -c /dev/sdd 2 fd
NOT NOT NOT // GUNCELLEME GUNCELLEME
GPT icin soyle yaptim
Belki baska kolay yolu vardir , bulamadim noobum.
gdisk /dev/sdb
t ye bas
partition sec 1 > FD00 yap
tum disklerdeki tum partititonlara yapinca w kaydet q cik
7- Raid yapilandirmamizi INITIALIZE edelim
ONEMLI NOT: eger daha onceden disk yapilandirmamizda raid kullanmis isek
mdadm yi sisteme entegre ettigimizde bunlar mdadm.conf dosyamiz icine otomatik olarak yazilmis olabilir, o yuzden raid yapimizi initialize ettikten sonra /etc/mdadm/mdadm.conf dosyamizi incelememiz gerek
eger gereksiz eski raid array uuid bilgisi var ise bunlari silmeli ve yeni yapiyi icine olusturmaliyiz.
mdadm --create /dev/md0 --level=1 --raid-disks=4 missing /dev/sdb1 /dev/sdc1 /dev/sdd1
mdadm --create /dev/md1 --level=10 --raid-disks=4 missing /dev/sdb2 /dev/sdc2 /dev/sdd2
conf dosyamiza goz atalim eski yapilar varsa silelim, yeni yapimizi kayit etmek icin
mdadm --examine --scan >> /etc/mdadm/mdadm.conf
islem tamamdir
8- /boot dizinimizi /dev/md0 uzerine tasiyalim ve fstab dosyamizi /dev/md0 dan boot edecek hale getirelim
mkfs.ext3 /dev/md0
mkdir /mnt/md0
mount /dev/md0 /mnt/md0
cp -ax /boot/* /mnt/md0
sonra
nano /etc/fstab su sekilde olmasi gerek, basitce UUID satirimizi devre disi birakiyoruz
-----------------
# /dev/pve/root / ext3 errors=remount-ro 0 1
/dev/pve/data /var/lib/vz ext3 defaults 0 1
#UUID=cc425576-edf6-4895-9aed-ccfd89aeb0fb /boot ext3 defaults 0 1
/dev/md0 /boot ext3 defaults 0 1
/dev/pve/swap none swap sw 0 0
proc /proc proc defaults 0 0
-------------------
9- sistemi reboot ediyoruz.
eger hersey yolunda giderse sistemimiz /dev/md0 uzerinden boot edecek demektir.
bravo ciddi bir asamayi hallettik |:)
sistem acildikdan sonra gerekli kontrolleri yapalim
mount | grep boot
dedigimizde asagidaki gibi bir satir cikmasi gerek
/dev/md0 on /boot type ext3 (rw,relatime,errors=continue,user_xattr,acl,barrier=0,data=ordered)
bunu gorduysek islem tamam demektir.
10- simdi gruba /dev/md0 dan boot etmek istedigimizi soyleyelim kisaca asagidaki komutlari girelim
echo '# customizations' >> /etc/default/grub
echo 'GRUB_DISABLE_LINUX_UUID=true' >> /etc/default/grub
echo 'GRUB_PRELOAD_MODULES="raid dmraid"' >> /etc/default/grub
echo raid1 >> /etc/modules
echo raid10 >> /etc/modules
echo raid1 >> /etc/initramfs-tools/modules
echo raid10 >> /etc/initramfs-tools/modules
grub-install /dev/sda
grub-install /dev/sdb
grub-install /dev/sdc
grub-install /dev/sdd
update-grub
update-initramfs -u
islem tamam
11- simdi /dev/sda1 i raid arrayimiz icine katmaliyiz
sfdisk -c /dev/sda 1 fd
mdadm –add /dev/md0 /dev/sda1
12- simdiki adimdan once burada cok uzun vakit alacak bir lvm tasima islemi yapacagimizdan
screen
kurup calistirip bunun altinda islemleri yapmakta fayda var.
LVM yi /dev/md1 uzerine tasiyacagiz
pvcreate /dev/md1
vgextend pve /dev/md1
pvmove /dev/sda2 /dev/md1
pvmove cok uzun surecek. bu arada yatip uyumak en iyisi, ya da disari cikip hava alin. 2tb disk ve guncel bir islemci ile en az 2-3 saat surecektir 🙂
islem bittikten sonra sda2 uzerindeki pveyi reduce edip remove edecegiz
vgreduce pve /dev/sda2
pvremove /dev/sda2
13- en son asamada /dev/sda2 yide raid yapimiz icine katacagiz
sfdisk --change-id /dev/sda 2 fd
mdadm --add /dev/md1 /dev/sda2
14- bundan sonra raidimizin rebuild edisini guzel guzel izleyebiliriz 🙂
watch -n 5 cat /proc/mdstat
hatta dilersek bunu biraz hizlandirabiliriz
echo 800000 > /proc/sys/dev/raid/speed_limit_min
echo 1600000 > /proc/sys/dev/raid/speed_limit_max
gule gule kullaniniz.
PROXMOX SOFTWARE RAID 10 KURULUMUNUZ KULLANIMA HAZIRDIR
EK:
15– bu islemleri yaptiktan sonra df -h komutumuza makinamiz su sekilde yanit veriyor
Filesystem Size Used Avail Use% Mounted on
udev 10M 0 10M 0% /dev
tmpfs 3.2G 416K 3.2G 1% /run
/dev/mapper/pve-root 20G 1.2G 18G 7% /
tmpfs 5.0M 0 5.0M 0% /run/lock
tmpfs 6.3G 3.1M 6.3G 1% /run/shm
/dev/mapper/pve-data 1.8T 196M 1.8T 1% /var/lib/vz
/dev/md0 495M 58M 412M 13% /boot
/dev/fuse 30M 12K 30M 1% /etc/pve
/var/lib/vz/ 2TB mi? bir yerde yanlislik var 4 TB olmali idi 🙂
Eh normal, Kalan raid 10 diskimiz bos vg alani olarak duruyor. BKNZ:
vgdisplay
--- Volume group ---
VG Name pve
System ID
Format lvm2
Metadata Areas 1
Metadata Sequence No 11
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 3
Open LV 3
Max PV 0
Cur PV 1
Act PV 1
VG Size 3.64 TiB
PE Size 4.00 MiB
Total PE 953544
Alloc PE / Size 472709 / 1.80 TiB
Free PE / Size 480835 / 1.83 TiB
VG UUID 16k1ou-8jQ7-OB63-Jesb-s7p4-SOPW-deKGGc
Pek Guzel, ne yapmamiz lazim? Bu bos alanimizi mevcut LVM alanimiza dahil edip /var/lib/vz/ altinda kullanilabilir hale getirmeliyiz.
Bu asamada linux LVM engin tecrubelerimizden faydalanacagiz.
once standart komutlar ile duruma bakalim:
lvdisplay
pvdisplay
vgdisplay
root@pmd04:~# vgs
VG #PV #LV #SN Attr VSize VFree
pve 1 3 0 wz--n- 3.64t 1.83t
root@pmd04:~# pvs
PV VG Fmt Attr PSize PFree
/dev/md1 pve lvm2 a-- 3.64t 1.83t
root@pmd04:~# lvs
LV VG Attr LSize Pool Origin Data% Move Log Copy% Convert
data pve -wi-ao--- 1.78t
root pve -wi-ao--- 20.00g
swap pve -wi-ao--- 8.00g
sonra
VG bos alanimizi extend edelim ve daha sonra LV mize dahil edelim
root@pmd04:~# lvextend -l +100%FREE /dev/pve/data
Extending logical volume data to 3.61 TiB
Logical volume data successfully resized
root@pmd04:~# resize2fs /dev/pve/data
resize2fs 1.42.5 (29-Jul-2012)
Filesystem at /dev/pve/data is mounted on /var/lib/vz; on-line resizing required
old_desc_blocks = 118, new_desc_blocks = 232
Performing an on-line resize of /dev/pve/data to 969089024 (4k) blocks.
The filesystem on /dev/pve/data is now 969089024 blocks long.
root@pmd04:~# df -h
Filesystem Size Used Avail Use% Mounted on
udev 10M 0 10M 0% /dev
tmpfs 3.2G 416K 3.2G 1% /run
/dev/mapper/pve-root 20G 1.2G 18G 7% /
tmpfs 5.0M 0 5.0M 0% /run/lock
tmpfs 6.3G 3.1M 6.3G 1% /run/shm
/dev/mapper/pve-data 3.6T 197M 3.6T 1% /var/lib/vz
/dev/md0 495M 58M 412M 13% /boot
/dev/fuse 30M 12K 30M 1% /etc/pve
root@pmd04:~#
cok guzel mi oldu ne oldu ?
evet oldu
tamam o zaman |:)
————————————-
EK – GPT alamanca
————————————-
Proxmox 3.1 auf Softraid mit GPT
Proxmox unterstützt offiziell kein Softraid, man kann es aber nach der Installation in ein Softraid verwandeln:
http://boffblog.wordpress.com/2013/08/22/how-to-install-proxmox-ve-3-0-on-software-raid/
Bei großen Festplatten verwendet proxmox aber GPT zur Partitionierung. Daher erhält man schon beim kopieren der Partitionstabelle eine Fehlermeldung:
“WARNING: GPT (GUID Partition Table) detected on ‘/dev/sda’! The util sfdisk doesn’t support GPT. Use GNU Parted.”
Abhilfe schafft die Verwendung von gdisk. Für was genau die 1. Partition belegt ist weiss ich nicht. Boot lag bei mir auf /dev/sda2 und die lvm-Volumes lagen auf /dev/sda3
Somit habe ich folgende Befehle verwendet:
apt-get update!!!ACHTUNG Reihenfolge beachten, wird in dem Fall von recht nach links kopiert
apt-get dist-upgrade
apt-get install mdadm gdisk
sgdisk -R /dev/sdb /dev/sda
sgdisk -G /dev/sdb
dd if=/dev/sda1 of=/dev/sdb1
sgdisk -t 2:fd00 /dev/sdb
sgdisk -t 3:fd00 /dev/sdb
Reboot notwendig?
mdadm --create /dev/md0 --level=1 --raid-disks=2 missing /dev/sdb2
mdadm --create /dev/md1 --level=1 --raid-disks=2 missing /dev/sdb3
mkfs.ext3 /dev/md0
mkdir /mnt/md0
mount /dev/md0 /mnt/md0
cp -ax /boot/* /mnt/md0
/etc/fstab editieren und die UUID vor /boot durch /dev/md0 ersetzen
und nochmal booten!
echo ‘GRUB_DISABLE_LINUX_UUID=true’ >> /etc/default/grub
echo ‘GRUB_PRELOAD_MODULES="raid dmraid"‘ >> /etc/default/grub
echo raid1 >> /etc/modules
echo raid1 >> /etc/initramfs-tools/modules
grub-install /dev/sda
grub-install /dev/sdb
update-grub
update-initramfs -u
mdadm --add /dev/md0 /dev/sda2
pvcreate /dev/md1
vgextend pve /dev/md1
pvmove /dev/sda3 /dev/md1
vgreduce pve /dev/sda3
pvremove /dev/sda3
sgdisk -t 3:fd00 /dev/sda
mdadm --add /dev/md1 /dev/sda3
cat /proc/mdstat
GUNCELLEME 23 MAYIS 2014
Bu is cok Kabak Tadi verdi
Ama ne kadar ugrastigimi ben biliyorum 🙂
Bildigim seyi o yuzden yeni yine yeniden bir daha yazayim
bu kez gene 8 disk ile .bash_history dosyam uzerinden gidecegim
Yukaridaki hersey burada var kisa minik aciklamalar ile
Bir iki puf noktasida var
Bunu goz onune almak son olarak ve ileride uygulamak yerinde bir karar olacaktir.
Yazmamaya karar verdim.
Cok daraltti cunku beni
bir daha ugrasip bir daha yaparim sonra…
Howto build php 5.3.x (cgi) 5.2.x (cli)
Howto build php 5.3.x (cgi) 5.2.x (cli)
This is the config I ended up with (cloudlinux option is optional by the way):
installation
Code:cd /usr/local/directadmin/custombuild ./build set custombuild 1.2 ./build update ./build set autover no cp -Rp configure custom cp -pf configure/suphp/configure.php5 custom/suphp/configure.php6 perl -pi -e 's/php5:/phprep:/' versions.txt perl -pi -e 's/php6/php5/' versions.txt perl -pi -e 's/phprep/php6/' versions.txt ./build set cloudlinux yes ./build set php5_ver 5.3 ./build set php6_cgi no ./build set php6_cli yes ./build set php5_cgi yes ./build set php5_cli no ./build php nAfter the build script finishes, it tries to restart apache, but can’t because libphp6.so cannot be found, this is likely because the build script has libphp6.so hardcoded somewhere and because we’re using that to cheat our way through this procedure, we can use sed to fix it;
Code:sed -i 's/php6/php5/g' /etc/httpd/conf/extra/httpd-phpmodules.conf service httpd restartswitching using a .htaccess
Switching from the default can now be done with a .htaccess in a users’ public_html dir.Code:<FilesMatch "\.(inc|php|php3|php4|php5|php6|phtml|phps)$"> SetHandler application/x-httpd-php </FilesMatch>ioncube loader
If you also want to add ioncube support to the 5.2 module, you need a workaround in order to be able to build ioncube as well.Code:./build set php6_cli no && ./build ioncube && ./build php6_cli yes ionCube loader has been installed. cp /usr/local/directadmin/custombuild/ioncube/ioncube_loader_lin_5.2.so /usr/local/lib/ echo "zend_extension=/usr/local/lib/ioncube_loader_lin_5.2.so" >> /usr/local/lib/php.iniusing pecl
Setting up pecl is easy too, just need to point it to the right config file:Code:/usr/local/bin/pecl config-set php_ini /usr/local/lib/php.ini /usr/local/bin/pear config-set php_ini /usr/local/lib/php.ini /usr/local/php5/bin/pear config-set php_ini /usr/local/etc/php5/cgi/php.ini /usr/local/php5/bin/pecl config-set php_ini /usr/local/etc/php5/cgi/php.iniThen you can use either pecl to install modules like apc, imagemagick, etc.
final result
Code:/usr/local/bin/php -v PHP 5.2.17 (cli) (built: Sep 4 2012 16:43:01) Copyright (c) 1997-2010 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2010 Zend Technologies with the ionCube PHP Loader v4.2.2, Copyright (c) 2002-2012, by ionCube Ltd. /usr/local/php5/bin/php -v PHP 5.3.16 (cli) (built: Sep 4 2012 16:46:05) Copyright (c) 1997-2012 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2012 Zend Technologies with the ionCube PHP Loader v4.2.2, Copyright (c) 2002-2012, by ionCube Ltd.
admin backup kullanmadan directadmin migrasyonu
directadmin ic backup mekanizmalarini kullanmadan rsync ile directadmin sunucu migrasyonu nasil nail yapilir.
orjinal link: http://www.techtrunch.com/linux/migrate-directadmin-server-directadmin-server
rsync kodumuz
rsync -avz --stats --progress --delete -e ssh /var/lib/mysql/ XX.XXX.XX.XXX:/var/lib/mysql
rsync -avz --stats --progress --delete -e ssh /home/ XX.XXX.XX.XXX:/home
rsync -avz --stats --progress -e ssh /etc/passwd XX.XXX.XX.XXX:/etc
rsync -avz --stats --progress -e ssh /etc/shadow XX.XXX.XX.XXX:/etc
rsync -avz --stats --progress -e ssh /etc/group XX.XXX.XX.XXX:/etc
rsync -avz --stats --progress -e ssh /etc/exim.conf XX.XXX.XX.XXX:/etc
rsync -avz --stats --progress -e ssh /etc/exim.pl XX.XXX.XX.XXX:/etc
rsync -avz --stats --progress -e ssh /etc/system_filter.exim XX.XXX.XX.XXX:/etc
rsync -avz --stats --progress -e ssh /etc/exim.crt XX.XXX.XX.XXX:/etc
rsync -avz --stats --progress -e ssh /etc/exim.key XX.XXX.XX.XXX:/etc
rsync -avz --stats --progress -e ssh /etc/proftpd.conf XX.XXX.XX.XXX:/etc
rsync -avz --stats --progress -e ssh /etc/proftpd.vhosts.conf XX.XXX.XX.XXX:/etc
rsync -avz --stats --progress -e ssh /etc/proftpd.passwd XX.XXX.XX.XXX:/etc
rsync -avz --stats --progress -e ssh /etc/named.conf XX.XXX.XX.XXX:/etc
rsync -avz --stats --progress -e ssh /root/.my.cnf XX.XXX.XX.XXX:/root
rsync -avz --stats --progress --delete -e ssh /etc/virtual/ XX.XXX.XX.XXX:/etc/virtual
rsync -avz --stats --progress --delete -e ssh /etc/httpd/conf/ XX.XXX.XX.XXX:/etc/httpd/conf
rsync -avz --stats --progress --delete -e ssh /var/named/ XX.XXX.XX.XXX:/var/named
rsync -avz --stats --progress --delete -e ssh /var/spool/virtual/ XX.XXX.XX.XXX:/var/spool/virtual
rsync -avz --stats --progress --delete -e ssh /var/spool/mail/ XX.XXX.XX.XXX:/var/spool/mail
rsync -avz --stats --progress --delete -e ssh /var/spool/cron/ XX.XXX.XX.XXX:/var/spool/cron
rsync -avz --stats --progress --delete -e ssh /var/www/ XX.XXX.XX.XXX:/var/www
rsync -avz --stats --progress --delete -e ssh /var/log/ XX.XXX.XX.XXX:/var/log
rsync -avz --stats --exclude 'custombuild* --progress --delete -e ssh /usr/local/directadmin/ XX.XXX.XX.XXX:/usr/local/directadmin
directadmin ek dosya pathleri icin buraya bakabilirsin http://directadmin.com/paths.html
konfigurasyon dosyalari
elle tasimak faydali olabilir
gerci yukaridaki rsync icinde bunlarda gidiyor
/etc/httpd/conf/httpd.conf
/etc/httpd/conf/extra/httpd-vhosts.conf
/etc/httpd/conf/ips.conf
/etc/proftpd.conf
/etc/proftpd.vhosts.conf
/usr/local/directadmin/scripts/setup.txt
/usr/local/directadmin/data/admin/ip.list
/usr/local/directadmin/data/admin/show_all_users.cache
/usr/local/directadmin/data/users/*/user.conf
/usr/local/directadmin/data/users/*/httpd.conf
/usr/local/directadmin/data/users/*/user_ip.list
/usr/local/directadmin/data/users/*/domains/*.conf
/usr/local/directadmin/data/users/*/domains/*.ftp
/usr/local/directadmin/data/users/*/domains/*.ip_list
/var/named/*.db
new proxmox node ~~~ some tests
Opteron 8 core cpu
adaptec 6805e 256MB
8xseagate 7200 RPM disks RAID 10
No BBU but write/read caches active
256K stripe size.
64GB ram
pveperf
CPU BOGOMIPS: 32002.08
REGEX/SECOND: 856289
HD SIZE: 19.69 GB (/dev/mapper/pve-root)
BUFFERED READS: 552.91 MB/sec
AVERAGE SEEK TIME: 6.43 ms
FSYNCS/SECOND: 2412.62
server is completely idle at the moment
some other tests:
dd if=/dev/zero of=test bs=64k count=16k conv=fdatasync; unlink test
16384+0 records in
16384+0 records out
1073741824 bytes (1.1 GB) copied, 3.79119 s, 283 MB/s
dd if=/dev/zero of=test bs=1024k count=16k conv=fdatasync; unlink test
16384+0 records in
16384+0 records out
17179869184 bytes (17 GB) copied, 42.5562 s, 404 MB/s
ioping -c10 .
4096 bytes from . (ext3 /dev/mapper/pve-root): request=1 time=0.1 ms
4096 bytes from . (ext3 /dev/mapper/pve-root): request=2 time=0.2 ms
4096 bytes from . (ext3 /dev/mapper/pve-root): request=3 time=0.2 ms
4096 bytes from . (ext3 /dev/mapper/pve-root): request=4 time=0.2 ms
4096 bytes from . (ext3 /dev/mapper/pve-root): request=5 time=0.2 ms
4096 bytes from . (ext3 /dev/mapper/pve-root): request=6 time=0.2 ms
4096 bytes from . (ext3 /dev/mapper/pve-root): request=7 time=0.2 ms
4096 bytes from . (ext3 /dev/mapper/pve-root): request=8 time=0.2 ms
4096 bytes from . (ext3 /dev/mapper/pve-root): request=9 time=0.2 ms
4096 bytes from . (ext3 /dev/mapper/pve-root): request=10 time=0.2 ms
— . (ext3 /dev/mapper/pve-root) ioping statistics —
10 requests completed in 9002.8 ms, 5470 iops, 21.4 mb/s
min/avg/max/mdev = 0.1/0.2/0.2/0.0 ms
ioping -RD .
— . (ext3 /dev/mapper/pve-root) ioping statistics —
13897 requests completed in 3000.1 ms, 6205 iops, 24.2 mb/s
min/avg/max/mdev = 0.1/0.2/24.7/0.5 ms
ioping -R .
— . (ext3 /dev/mapper/pve-root) ioping statistics —
9679 requests completed in 3030.0 ms, 3897 iops, 15.2 mb/s
min/avg/max/mdev = 0.0/0.3/390.7/4.6 ms
8 adimda centos / ubuntu uzerinde hizli PPTP
1- kur
centos:
rpm -i http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpm
yum -y install pptpd
ubuntu:
apt-get install pptpd
2- ip tanimla
nano /etc/pptpd.conf
en alta ekle
localip 10.0.0.1
remoteip 10.0.0.100-200
3- kullanici adi sifre tanimla
nano /etc/ppp/chap-secrets
user1 pptpd password *
4- dns sunucu tanimla
nano /etc/ppp/pptpd-options
ms-dns 8.8.8.8
ms-dns 8.8.4.4
5- servisi baslat
service pptpd restart
6- ipv4 forwardingi ac
nano /etc/sysctl.conf
net.ipv4.ip_forward = 1
7- degisiklikleri uygula
sysctl -p
8- iptables ile NAT kurali tanimla
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE && iptables-save
PPTP clientlerin birbirleri ile konusabilmesi icin bunlarida ekleyebilirsin
iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE
iptables -I INPUT -s 10.0.0.0/8 -i ppp0 -j ACCEPT
iptables --append FORWARD --in-interface eth0 -j ACCEPT
Bitti - Gule Gule Kullan
EK1- windows icin client yapilandirmasi
http://www.hideipvpn.com/2009/09/howto-windows-7-pptp-vpn-setup-tutorial/
basitce indirdigimiz isolardan bootable usb flash drive uretelim.
Linux
WARNING, the following instructions will destroy any existing data on your USB stick.
Determine what device your USB is. With your USB plugged in run:
sudo ls -l /dev/disk/by-id/*usb*This should produce output along the lines of:
lrwxrwxrwx 1 root root 9 2010-03-15 22:54 /dev/disk/by-id/usb-_USB_DISK_2.0_077508380189-0:0 -> ../../sdb
lrwxrwxrwx 1 root root 10 2010-03-15 22:54 /dev/disk/by-id/usb-_USB_DISK_2.0_077508380189-0:0-part1 -> ../../sdb1In this example output, the USB device is sdb
Now cd to where your *.iso is
cd ~/downloadsExample
sudo dd if=filename.iso of=/dev/usbdevice bs=4M; synclets say the iso is named mini.iso and your USB device is sdb
Example
sudo dd if=mini.iso of=/dev/sdb bs=4M; syncNOTE – Be sure to understand that there is never a trailing number on the end of your /dev/sdx USB device
Linux: Block Port With IPtables
http://www.cyberciti.biz/faq/iptables-block-port/
Block Incoming Request From IP 1.2.3.4
The following command will drop any packet coming from the IP address 1.2.3.4:
/sbin/iptables -I INPUT -s {IP-HERE} -j DROP
/sbin/iptables -I INPUT -s 1.2.3.4 -j DROP
You can also specify an interface such as eth1 via which a packet was received:
/sbin/iptables -I INPUT -i {INTERFACE-NAME-HERE} -s {IP-HERE} -j DROP
/sbin/iptables -I INPUT -i eth1 -s 1.2.3.4 -j DROP
Please note that when the “!” argument is used before the interface name, the sense is inverted:
/sbin/iptables -I INPUT ! -i {INTERFACE-NAME-HERE} -s {IP-HERE} -j DROP
/sbin/iptables -I INPUT ! -i eth1 -s 1.2.3.4 -j DROP
If the interface name ends in a “+”, then any interface which begins with this name will match. If this option is omitted, any interface name will match:
/sbin/iptables -I INPUT -i {INTERFACE-NAME-HERE}+ -s {IP-HERE} -j DROP
/sbin/iptables -I INPUT -i br+ -s 1.2.3.4 -j DROP
You can replace -I INPUT (insert) with -A INPUT (append) rule as follows:
/sbin/iptables -A INPUT -s 1.2.3.4 -j DROP /sbin/iptables -i eth1 -A INPUT -s 1.2.3.4 -j DROP
How Do I Block Subnet (xx.yy.zz.ww/ss)?
Use the following syntax to block 10.0.0.0/8 on eth1 public interface:
# /sbin/iptables -i eth1 -A INPUT -s 10.0.0.0/8 -j DROP
How Do I Block and Log Dropped IP Address Information?
You can turn on kernel logging of matching packets with LOG target as follows:
# /sbin/iptables -i eth1 -A INPUT -s 10.0.0.0/8 -j LOG --log-prefix "IP DROP SPOOF A:"
The next rule will actually drop the ip / subnet:
# /sbin/iptables -i eth1 -A INPUT -s 10.0.0.0/8 -j DROP
How Do I View Blocked IP Address?
Simply use the following command:
# /sbin/iptables -L -v
OR
# /sbin/iptables -L INPUT -v
OR
# /sbin/iptables -L INPUT -v -n
Sample outputs:
Chain INPUT (policy ACCEPT 3107K packets, 1847M bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all -- br+ any 1.2.3.4 anywhere
0 0 DROP all -- !eth1 any 1.2.3.4 anywhere
0 0 DROP all -- !eth1 any 1.2.3.4 anywhere
How Do I Search For Blocked IP Address?
Use the grep command as follows:
# /sbin/iptables -L INPUT -v -n | grep 1.2.3.4
How Do I Delete Blocked IP Address?
First, you need to display blocked IP address along with line number and other information, enter:
# iptables -L INPUT -n --line-numbers
# iptables -L INPUT -n --line-numbers | grep 1.2.3.4
Sample outputs:
num pkts bytes target prot opt in out source destination 1 0 0 DROP 0 -- * * 116.199.128.1 0.0.0.0/0 2 0 0 DROP 0 -- * * 116.199.128.10 0.0.0.0/0 3 0 0 DROP 0 -- * * 123.199.2.255 0.0.0.0/0
To delete line number 3 (123.199.2.255), enter:
# iptables -D INPUT 3
Verify the same, enter:
# iptables -L INPUT -v -n
You can also use the following syntax:
# iptables -D INPUT -s 1.2.3.4 -j DROP
How Do I Save Blocked IP Address?
If you are using Redhat / RHEL / CentOS / Fedora Linux, type the following command:
# iptables -D INPUT -s 1.2.3.4 -j DROP
##########################
#////// command to save iptables ///////#
##########################
# /sbin/service iptables save
# less /etc/sysconfig/iptables
# grep '1.2.3.4' /etc/sysconfig/iptables
For all other Linux distributions use the iptables-save command to dump the contents of an IP Table to a file:
# iptables-save > /root/myfirewall.conf
Please not that you need to run the ‘iptables-save’ or ‘service iptables save’ as soon as you add or delete the ip address.
A Note About Restoring Firewall
To restore your firewall use the iptables-restore command to restore IP Tables from a file called /root/myfirewall.conf, enter:
# iptables-restore < /root/myfirewall.conf
How Do I Block Large Number Of IP Address or Subnets?
You need to write a shell script as follows:
#!/bin/bash _input="/root/blocked.ip.db" IPT=/sbin/iptables $IPT -N droplist egrep -v "^#|^$" x | while IFS= read -r ip do $IPT -A droplist -i eth1 -s $ip -j LOG --log-prefix "IP BlockList " $IPT -A droplist -i eth1 -s $ip -j DROP done < "$_input" # Drop it $IPT -I INPUT -j droplist $IPT -I OUTPUT -j droplist $IPT -I FORWARD -j droplist
See also: iptables: Read a List of IP Address From File And Block
Block Outgoing Request From LAN IP 192.168.1.200?
Use the following syntax:
# /sbin/iptables -A OUTPUT -s 192.168.1.200 -j DROP
# /sbin/service iptables save
You can also use FORWARD default chainswhen packets send through another interface. Usually FORWARD used when you setup Linux as a router:
# /sbin/iptables -A FORWARD -s 192.168.1.200 -j DROP
# /sbin/service iptables save