Archive for the 'linux' Category

Phone call as Nagios notification

Date: September 13, 2011. Categories: applications, howtos and linux. Comments

Some time ago I found it pretty useful to configure Nagios monitoring system to send me a phone call in case of some critical problem. If some mission critical application goes down at night most probably you’ll miss an e-mail or sms notifying about that but won’t miss a telephone call to your cell phone. Honestly a telephone call is much more notorious rather than IM message notification or, again, e-mail/sms. You’re welcome to see below how to configure your Nagios for that.

First of all you need to have account at some SIP voip service provider like www.voiptalk.org or similar (Skype is not an option so far). Once registered you will get SIP username/password and SIP gateway’s IP address which will be used to make outgoing calls by Nagios.

1. Download and install pjsua console caller from pjsip.

cd /usr/src/
wget http://www.pjsip.org/release/1.10/pjproject-1.10.tar.bz2
tar -xvjf pjproject-1.10.tar.bz2
cd /usr/src/pjproject-1.10
./configure --disable-sound
make
sudo cp pjsip-apps/bin/pjsua-i686-pc-linux-gnu /usr/bin/pjsua

2. Configure pjsua.

Create /etc/pjsuarc configuration file with the following contents (depends on details provided by SIP provider):

--null-audio
--registrar sip::5060
--realm=*
--id sip:<username>@<SIP gateway IP>:5060
--username <username>
--password <password>

From that point you can try calling yourself by command:

/usr/bin/pjsua --config-file=/etc/pjsuarc sip:<your phone number>@<SIP gateway IP>

3. Configure Nagios to notify you by sending you a telephone call:

Add the following block to Nagios’ commands.cfg:

define command{
        command_name  notify-host-by-sip
        command_line  (sleep 30 && echo q) | /usr/bin/pjsua --config-file=/etc/pjsuarc sip:$CONTACTEMAIL$
}

Add below contact to Nagios’ contact.cfg:

define contact{
        contact_name  user_sip
        alias  useralias
        service_notification_period  24x7
        host_notification_period  24x7
        service_notification_options  c
        host_notification_options  d
        service_notification_commands  notify-service-by-sip
        host_notification_commands  notify-host-by-sip
        email  <your phone number>@<SIP gateway IP>
}

That’s it, from this point Nagios will call you in case of critical problem and won’t bother you with warnings.

Linus Torvalds — The Facts You Didn’t Know

Date: July 15, 2011. Categories: linux and reviews. Comments

Linus TorvaldsSome of you may well be younger than Linux, some of you may have grown up with the OS, and some of you, more ancient ones, may well remember thinking that this stuff is going to ‘blow the bloody doors off’ as Michael Caine put it when you first encountered it. But how about Linus Torvald, the man who wrote the first kernel? Here we’re going to give you an insight into his life and personality.

He is Finnish but actually grew up speaking Swedish. This is because Linus is one of the “finlandssvensk” or “finlandssvenskar” community in Finland. These were Swedes who moved to Finland many hundreds of years ago when the country was part of the Swedish Empire and continue to speak Swedish.

It was on August 25th 1991 that Linus announced to the Usenet newsgroup “comp.os.minix.” that he was making a free OS, although he thought it wouldn’t be big or professional like Gnu. Well, who would have thought that Linux would turn the computing world on its head?

He hates phones, which he believes distracts him from more important things in life. This doesn’t mean he doesn’t own a phone, he just uses it for the GPS function when he’s driving.

Linus Torvald rarely gets to code any more. This is not because he’s spending all his time looking at his bill on www.o2.co.uk or crafting amazing images on photoshop, no, he’s replying to a huge email in-box and the few bits of code he does write are usually pasted in emails to questions explaining what to avoid.

I don’t know how much tea or coffee you drink, but Linus reckons he is a coffee addict and calculates that he and his wife have drunk an average of 4.7 double shots per day between 2002 and 2010 and that’s not including take-out coffees.

Despite this caffeine intake, he still manages to get a fairly serious nine hours sleep a night (he goes to bed at 10 and gets up at 7).

Perhaps this is because he likes drinking Guinness, that Irish stout from Dublin that contains a serious amount of iron and used to be taken as a health tonic in the British Isles before modern fads changed peoples’ opinions.

Prior to having laser surgery, Linus used to wear spectacles.

He is married and lives in Portland, Oregon with his wife Tove and their three daughters.

[ This is sponsored blog post. Feel free to contact me via artiomix at gmail dot com for more details about availability and prices for sponsored posts. ]

Install nfdump and nfsen netflow tools in Linux

Date: February 23, 2011. Categories: applications, cisco, debian, fedora, howtos, linux, ubuntu and unix. Comments

Using nfsen it is possible to view IP traffic statistics on Linux interfaces including the graphs showing data sent and received (see the screenshot to the right) as well as historical information about all data transfers. So after you’ve configured nfsen and nfdump to monitor traffic on certain Linux server or router you’ll be able to answer the following example questions: What IP was downloading data through 48161 last Wednesday? or How many bytes were sent to IP 8.8.8.8 via 53 port from Linux server? These are the only examples so nfdump and nfdump netflow tools gives you wide range of capabilities to monitor and analyze traffic on your Linux host.

Netflow is the protocol developed by Cisco to manage data about IP traffic. In a few words using Netflow you can collect data about all IP data send/received on multiple Cisco/Linux/BSD/Juniper hosts and send it to central Netflow collector that will show you the nice graphs and also will allow to have a complete picture of what data was sent/received on those hosts (including destination and source IP, port, bytes transfered, int/out interfaces etc). Nfdump is netflow collector. Nfsen is graphical tools for generating graphs and querying Nfdump for historical traffic reports. In this article you will see how to deploy all this staff in Linux.

Netflow probe is required to collect IP traffic data on Linux host. In general this piece of sofware will sit in background, store every network activity on certain network interface and then send collected data to Netflow collector nfdump. As Netflow probe I prefer fprobe that is totally simple application that just does its job. If you feel that fprobe is not what you need or there are some problems with installing it you can try softflowd that can do the same job.

Install fprobe from sources:

cd /usr/src/
sudo -s
wget http://sourceforge.net/projects/fprobe/files/fprobe/1.1/fprobe-1.1.tar.bz2/download
tar -xvjf fprobe-1.1.tar.bz2
cd fprobe-1.1
./configure --prefix=/
make
make install

Point fprobe to one of network interfaces of Linux host and make it to send data to Netflow collector:

fprobe -i eth0 11.22.33.44:23456

In above example fprobe stores all data trasnfers on eth0 network interface and sends collected data to 11.22.33.44 host via 23456 UDP port (you may want to change firewall rules to make Netflow working over 23456 UDP port).

Install nfdump Netflow collector from sources:

cd /usr/src/
sudo -s
wget http://sourceforge.net/projects/nfdump/files/stable/nfdump-1.6.2/nfdump-1.6.2.tar.gz/download
tar -xvzf nfdump-1.6.2.tar.gz
cd nfdump-1.6.2
./configure --prefix=/ --enable-nfprofile
make make
install

When finished Netflow collector becomes ready so you can start capturing traffic from Netflow probe. If you don’t need any graphical tools like nfsen described below you can just start collector and save Netflow data in /var/neflow/ directory (THIS STEP IS OPTIONAL):

/bin/nfcapd -w -D -p 23456 -B 200000 -S 1 -z -I Linux-Host-1-eth0 -l /var/netflow/

In order to install nfsen from sources you have to get all its prerequisites, run one of below lines depending on what Linux distro you’re using (1st line is for Fedora, Centos, Redhat while 2nd line is for Ubuntu, Debian, Mint and similar):

yum install rrdtool rrdtool-devel rrdutils perl-rrdtool -y

or

aptitude install rrdtool librrd2-dev librrd-dev librrd4 librrds-perl librrdp-perl

Compile nfsen from sources:

cd /usr/src/
sudo -s
wget http://sourceforge.net/projects/nfsen/files/stable/nfsen-1.3.5/nfsen-1.3.5.tar.gz/download
tar -xvzf nfsen-1.3.5.tar.gz
cd nfsen-1.3.5
cp etc/nfsen-dist.conf etc/nfsen.conf

In order to continue the installation you should edit file etc/nfsen.conf to specify where to install nfsen, web server’s username (yes, you have to install apache, lighttpd, nginx or any other web server first), its document root directory etc. The major section of that config file is ‘Netflow sources’ that must list all hosts you’ve started Netflow probes at. Here is an example section for monitoring above Linux host:

%sources = (
    'Linux-Host-eth0'    => { 'port' => '23456', 'col' => '#ff0000', 'type' => 'netflow' },
);

When finished it’s time to actually install nfsen using installation script:

./install.pl etc/nfsen.conf

In case of successful installation you will be notified with corresponding congratulations message so it would be proper time to start nfsen daemon:

/path/to/nfsen/bin/nfsen start

Now you can open http://localhost/nfsen/nfsen.php at Linux host where nfsen was installed to start using this Netflow tool and see some graphs. Notice that it takes about 5-10 minutes to see first bars at the graphs, if the graphs are still empty you will have to check at least the following:

1. If fprobe is able to communicate to Netwflow collector and can send Netflow data to it (use ‘ps ax | grep fprobe’ and Linux host being monitored and tcpdump tool at Netflow collector).
2. If Netflow collector is started and can receive data from Netflow probe. Use ‘ps ax | grep nfcapd’ and tcpdump at Netflow collector Linux host.

If you can add anything — feel free to drop a comment below.

Quick Tip: Increase port range available for applications

Date: February 15, 2011. Categories: linux, tips and ubuntu. Comments

By default an average Linux distribution allows applications to use the following TCP port range for outgoing connections: 32,786-65,536. That’s why your system can handle up to 28,232 TCP sessions at time. Notice, this is more than enough if your Linux system is installed on the laptop or desktop and you just use it for occasional visits to facebook.com, gmail.com and linuxscrew.com (yeah!). But if you run proxy/webcache like squid or some other services which open a lot of outgoing TCP connections you will likely hit ceiling of 28,232 soon.

First of all, let’s see current port range available for TCP sessions:

cat /proc/sys/net/ipv4/ip_local_port_range

Most likely the output will show something like this one “32786 65536″. In order to expand this range you can either echo modified range into above file in /proc filesystem (temporary solution) or add corresponding line into /etc/sysctl.conf (constant solution).

To temporarily expand port range from 28,232 to 40,000 do the following:

sudo -s
echo "25000 65000" > /proc/sys/net/ipv4/ip_local_port_range

To make sure new port range will be applied after reboot add the following line to /etc/sysctl.conf:

net.ipv4.ip_local_port_range="25000 65000"

or just execute this:

sudo sysctl -n net.ipv4.ip_local_port_range="25000 65000"

Sendmail for virtual users with procmail, spamassassin and dovecot

Date: February 7, 2011. Categories: applications, howtos, linux and tips. Comments

Today I’d like to describe setup of sendmail that allows to establish receiving of e-mails for certain domain and sort incoming messages between virtual users. Those users must be able to fetch received e-mails via POP3 or IMAP protocols with or without TLS encryption. The key aspect of this kind of setup is that we will make sendmail working with virtual users which aren’t present in /etc/passwd so once it’s necessary to create new mailbox it’s not required to add new Unix/Linux account into system. Also, unlike similar configurations based on postfix we will not run mysql or postgres databases to store list of users, their settings, mail routing etc. — everything is stored in text files.

Whole setup relies on the following components: sendmail – receives mails from MTAs around the Web and sorts incoming mails between users of mail system, procmail makes it possible to apply various custom configurations for selected users e.g. set up autoresponder, filter e-mails etc., spamassassin is well known spam filter, dovecot — POP3 and IMAP service daemon.

1. Sendmail installation procedure depends on your Linux distribution but in most cases it is enough to install corresponding binary package e.g. sudo yum install sendmail or sudo apt-get install sendmail. But it is also natural idea to compile sendmail from sources to get the most fresh version — this is perfectly covered at sendmail.org.

2. If you run one of major Linux distributions you should just execute something like below in command line to get all other required components installed:

sudo apt-get install procmail spamassassin dovecot
or
sudo yum install procmail spamassassin dovecot

The possibility to install all the components from sources is still open [for geeks only].

3. Sendmail’s configuration is stored in /etc/mail directory and by default it is configured not to receive mails for any domain. We should change by adding ‘example.com’ domain to /etc/mail/local-host-names file. Please notice that MX DNS entry for your domain e.g. “example.com” should point to server where you’re trying to set up sendmail.

4. There is another key configuration file /etc/mail/virtusertable that holds all mail routing information, e.g. below line tells sendmail that all incoming mails to test@example.com should go to user ‘user1.virtual’:

test@example.com user1.virtual

The following line routes rest incoming mails to user2.virtual:

@example.com user2.virtual

5. As it comes from their names user1.virtual and use2.virtual are virtual so they shouldn’t be present in /etc/passwd. In order to make sendmail to deliver mails to virtual users it is required to specify them in /etc/alias file. E.g. if we plan to route mails destined to test@example.com to user1.virtual we should add the following line to /etc/alias:

user1.virtual: |/etc/smrsh/user1.virtual

This line tells sendmail that it should execute script /etc/smrsh/user1.virtual to deliver mail to user1.virtual. Please notice that if you place the script to ther directory than /etc/smrsh setup wont’ work. Now let’s see the contents of /etc/smrsh/user1.virtual, it contains one line including the path to procmail binary and procmailrc script for user1.virtual user:

[root@server ~]# cat /etc/smrsh/user1.virtual
/usr/bin/procmail /etc/procmail.d/user1.virtual

/etc/procmail.d/user1.virtual file includes all custom settings for user1.virtual virtual user, e.g. below is an example that will receive mails to test@example.com, check them for spam and store into user1.virtual’s inbox:

[root@server ~]# cat /etc/procmail.d/user1.virtual
PATH=/bin:/usr/bin:/usr/contrib/bin:/usr/sbin:/usr/local/bin:/sbin
MONTHYEAR=^Date +%y%m
VHOME=/var/spool/virtual/example.com/mail/user1.virtual
LOGFILE=/var/spool/virtual/example.com/logs/user1.virtual/log
LOGABSTRACT=all
VERBOSE=on

# Spam filter
:0fw
| /usr/bin/spamc

:0:
* ^X-Spam-Status: Yes
$VHOME/spam

:0:
$VHOME/inbox

As you can see spam mails will be stored in inbox while spam e-mails will be forwarded to file named ’spam’. Later on you will be able to access inbox using POP3 and spam using IMAP service. In order to prepare user1.virtual’s inbox you should do the following:

mkdir -p /var/spool/virtual/example.com/mail/user1.virtual
mkdir -p /var/spool/virtual/example.com/logs/user1.virtual
chown mail.mail /var/spool/virtual/example.com/mail/user1.virtual -R
chown mail.mail /var/spool/virtual/example.com/logs/user1.virtual -R

As for spamassassin, it is comes configured by default so in order to start it you should start spamd daemon e.g. by command service spamd start or /etc/init.d/spamd start. You can get more information about how to configure it at SA’s website.

From this point you may try sending mails to test@example.com and see log entries in /var/spool/virtual/example.com/logs/user1.virtual/log and incoming mails in /var/spool/virtual/example.com/mail/user1.virtual/inbox. If something goes wrong it makes sense to look into /var/log/maillog sendmail’s main log file.

5. Default configuration of dovecot is rather useful and makes it possible to establish POP3 and IMAP services for virtual users in seconds. Let’s imagine you’re running dovecot 2.x version, here are some configuration keys you should add into dovecot’s config, e.g. /etc/dovecot/dovecot.conf:

protocols = pop3 imap

service pop3-login {
inet_listener pop3 {
port = 110
}
}

service imap-login {
inet_listener imap {
port = 143
}
}

ssl = yes
ssl_cert = </etc/dovecot/keys/server.crt #server's self signed certificate generated by openssl
ssl_key = </etc/dovecot/keys/server.key # server's private key generated by openssl

default_login_user = mail
default_internal_user = mail

first_valid_uid=8 #this is UID of mail user that you can see in /etc/passwd
auth_mechanisms = plain login cram-md5 digest-md5

mail_location = mbox:/var/spool/virtual/example.com/mail/%u/

userdb {
driver = passwd-file
args = username_format=%n /etc/dovecot/passwd
}
passdb {
driver = passwd-file
args = username_format=%n /etc/dovecot/passwd
}

log_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot-info.log
debug_log_path = /var/log/dovecot-debug.log

Once you make sure your dovecot’s configuration includes mentioned lines you’re welcome to try starting dovecot either by service dovecot start or by just ‘dovecot’. In case of success you will see 110 and 143 ports in output netstat -lnp or errors in dovecot’s log file /var/log/dovecot.log. Let’s imagine it started without problems ;)

Now it’s time to set up the password for user1.virtual user, according to dovecot’s configuration suggested above the passwords are stored in /etc/dovecot/passwd. This is a text file, here is example line from it:

user1.virtual:{PLAIN}pass123:8:12

In this example user1.virtual has password pass123 stored in plain text, 8 is UID of mail user in your /etc/passwd, 12 is GID of mail group (you can also check this in /etc/passwd).

Fin.

« Previous Entries
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 ...43 44 45 Next
Friendly Sites:Who is behind Linux Screw?
GeekyBits³ | Bash Cures Cancer | OMG! Ubuntu!
My SysAd Blog | Web Upd8
ZEPY | Linux config Wiki | Planet Sysadmin
a non-geek's linux notes | Linux Today
TuxArena: The arena of Tux | LinuxAlt.Com
 My name is Artem N. (artiomix AT gmail DOT com) and I'm Linux/Unix, Cisco systems engineer. The main idea of Linux Screw is to share relevant knowledge, skills and observations over The Web. Here you can find a lot of information related to different Linux distributions, FreeBSD, IOS as well as a other Open Source around staff. Read more ››