Want to sort file contents by each line’s lenght? No problems:
artemn@artemn-laptop:~$ cat /etc/passwd | awk '{print length, $0}' | sort -n | awk '{$1=""; print $0 }'
Archive for the 'faq' Category
Q: How to disable auto-negotiation option of my network interface card and set up half/full duplex mode manually from Linux command line (CLI)? By the way, how to see current settings?
A: There are several Linux utilities coming with almost any distribution including Debian, Ubuntu, Fedora, RedHat, Mandriva, Centos whatever. See details below.
This is rather powerful utility can display and change settings of ethernet network interface card. You can easily disable/enable autonegotiation option for your NIC, also it’s possible to manually set up duplex mode, configure wake-on-lan options, set speed settings. Just look through full manual page for ethtool. Here are several ethtool usage examples:
ethtool eth0 – shows current NIC settings
Settings for eth0: Supported ports: [ TP MII ] Supported link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full Supports auto-negotiation: Yes Advertised link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full Advertised auto-negotiation: No Speed: 10Mb/s Duplex: Half Port: MII PHYAD: 32 Transceiver: internal Auto-negotiation: off Supports Wake-on: pumbg Wake-on: d Current message level: 0x00000007 (7) Link detected: yes
ethtool -s eth0 duplex half autoneg off – disables auto-negotiation, enables Half Duplex.
ethtool -s eth1 duplex full speed 1000 autoneg off – disables auto-negotiation, enables Falf Duplex and sets up Speed to 1000 Mb/s.
According to manual it allows to manipulate and see media-independent interface status. Let’s see examples:
bash-3.1# mii-tool eth0 – shows 100 Mbps speed, Full Duplex, Auto-negotiation is on.
eth0: negotiated 100baseTx-FD, link ok
bash-3.1# mii-tool eth0 -F 10baseT-HD – enables 10 Mb/s Half Duplex connection.
Q: I was compiling kernel using GNU Screen utility but something happened during the compilation and I want to see full error’s output but I can’t just scrollback using Ctrl+PageUp. How to scrollback in GNU Screen?
A: In GNU Screen press Ctrl + a + [ to enter Copy Mode, then scroll up/down using keys j or k. Below are some other navigation keys:
h - Move the cursor left by one character
j - Move the cursor down by one line
k - Move the cursor up by one line
l - Move the cursor right by one character
0 - Move to the beginning of the current line
$ - Move to the end of the current line.
G - Moves to the specified line
(defaults to the end of the buffer).
C-u - Scrolls a half page up.
C-b - Scrolls a full page up.
C-d - Scrolls a half page down.
C-f - Scrolls the full page down.
By the way, in order to define scrollback buffer size start screen with the following key (5000 lines in this example):
screen -h 5000
Quick info about GNU Screen utility: it is Unix tool that allows to run multiple applications in several “virtual” windows. It is very useful when you need, let’s say, to see hardware resources consumption caused by started application in different console etc. GNU screen is also good option to run applications remotely via ssh: just run application in screen and log off until it’s finished, then just “pick up” screen session and see how the application’s output.
Update: You can use activate copy mode of GNU Screen also by Ctrl + Esc that might be more useful than Ctrl + a + [ shortcut (thanks to Yu-Jie Lin for this tip).
Question: Can you give me more information on how to set up MySQL cluster?
Answer: Sure, below are the links to extremely informative Internet resources providing detailed guides on why and how to deploy MySQL cluster.
By the way a cluster in IT field is a group of linked computers, working together so they form a single computing system. The components of a cluster are usually connected to each other via fast local area networks. Clusters are usually deployed to improve performance and/or availability over that provided by a single computer, while typically being much more cost-effective than single computers of comparable speed or availability.
1. http://dev.mysql.com/doc/refman/5.0/en/mysql-cluster.html
MySQL Cluster is a high-availability, high-redundancy version of MySQL adapted for the distributed computing environment. It uses the NDBCLUSTER storage engine to enable running several MySQL servers in a cluster. This storage engine is available in MySQL 5.0 binary releases and in RPMs compatible with most modern Linux distributions.
2. Mysql Cluster: The definitive HOWTO
3. How To Set Up A Load-Balanced MySQL Cluster
This tutorial shows how to configure a MySQL 5 cluster with three nodes: two storage nodes and one management node. This cluster is load-balanced by a high-availability load balancer that in fact has two nodes that use the Ultra Monkey package which provides heartbeat (for checking if the other node is still alive) and ldirectord (to split up the requests to the nodes of the MySQL cluster).
MySQL Cluser Server is a fault-tolerant, redundant, scalable database architecture built on the open-source MySQL application, and capable of delivering 99.999% reliability. In this paper we describe the process we used to setup, configure, and test a three-node mySQL cluster server in a test environment.
Question: How can I block traffic coming from specific operating system in Linux? In other words, how can I block traffic from Windows users on my firewall and allows other people?
Answer: There is an iptables module named OSF (passive OS Fingerprinting) that was written by Evgeniy Polyakov. This module allows passively detect OS packet was sent from and perform various netfilter actions based on this match. Packets with SYN bit set are analyzed.
In order to install OSF module, do the following:
1. Download latest release from here, for example as follows:
wget http://tservice.net.ru/~s0mbre/archive/osf/osf-2008_06_14.tar.gz
2. Edit Makefile from unpacked archive in order to set proper path to iptables headers (iptables.h and libiptc/ dir).
3. If your kernel sources can not be accessed via /lib/modules/$(shell uname -r)/build, you have to replace KDIR variable with the correct path to kernel sources.
4. Run make that should build ipt_osf.ko kernel module.
5. Run make lib that will build libipt_osf.so shared library (copy it to where all other iptables shared libs are placed in your distro e.g. /lib/iptables or /lib64/iptables in Fedora).
6. Run make bin that will build userspace applications which allows to load fingerprints and obtain information about matched packets (load, osfd, ucon_osf).
7. Download signatures list:
wget http://www.openbsd.org/cgi-bin/cvsweb/src/etc/pf.os
8. Install kernel module:
insmod ./ipt_osf.ko
9. Load signatures:
./load ./pf.os /proc/sys/net/ipv4/osf
10. Set up iptables rules allowing/disallowing packets generated by certain OS:
iptables -I INPUT -j ACCEPT -p tcp -m osf --genre Linux --log 0 --ttl 2
This example allows traffic from Linux systems and logs packets from other ones:
ipt_osf: Windows [2000:SP3:Windows XP Pro SP1, 2000 SP3]: 11.22.33.55:4024 -> 11.22.33.44:139
BTW, OSF has following options:
- –log
If present, OSF will log determined genres even if they don’t match desired one.
0 – log all matched and unknown entries.
1 – only first one.
2 – log all matched entries. - –ttl
0 – true ip and fingerprint TTL comparison. Works for LAN.
1 – check if ip TTL is less than fingerprint one. Works for global addresses.
2 – do not compare TTL at all. Allows to detect NMAP, but can produce false results. - –connector
If present, OSF will log all events also through netlink connector(1.0 id).
More about connector can be found inDocumentation/connectorin kernel source tree.
Recent Ideas