Saturday, January 29, 2011

IPTABLES Tutorials

Learn How to use IPtables:-

=>Check whether the Kernel is supported for the the IPTABLES

# less /boo/config* | grep -i config_netfilter
it should set to 'y'.

=> There are three default tables :-
1. Mangle to alter the packet (TCP n UDP)
2. NAT to translate the IP Address
3. Filter to filter the packet in three chains (INPUT, FORWARD, OUTPUT)

=>These tables contains chains within it and within chains rules are written.
=> Syntax goes like this
# iptables

chain action => Append/Insert/Replace
Name of tables => by default filter/ mangle/nat/user-defined
ip address => -s --source -src / -d --destination -dst
Protocol:port => -p : --sport/--dport
actions => -J ACCEPT/DENY/DROP/REJECT/LOG/user-defined chain

=> to block source IP <192.168.100.100> from communication with our system, Pls Append this in INPUT chains
# iptables -A INPUT -s 192.168.100.100 -j DROP
=> to block SSH and place the rule at 1 position
# iptables -I INPUT 1 -p tcp --dport 22 -j DROP
=> to save these rules in kernel
# iptables -save
=> to list this rule
# iptables -L -t filter -n -v --line-numbers
=> To delete the rule number two or SSH rule
# iptables -D INPUT 2
or
# iptables -D INPUT -p tcp --dport 22 -j DROP
=> To replace the rule number (change the source address)
# iptables -R INPUT 1 -s 192.168.100.200 -j DENY
=> To backup the iptables
# iptables -save > filename
=>To restore the iptables
# iptable -restore < filename USER-Defined Chain is used to process the packet => To create new chain
# iptables -N INCOMING
=> To replace the rule to process the packet in INCOMING chain and Deny SSH access & permit FTP access for this host.
# iptables -R INPUT 1 -s 192.168.100.200 -j INCOMING
# iptables -A INCOMING -p tcp --dport ssh -j DROP
# iptables -A INCOMING -p tcp --dport 21 -J ACCEPT
# iptables -save

=> To change the name of 'INCOMING' chain to 'INTERNAL'
# iptbales -E INCOMING INTERNAL

All default policy for chains are set to ACCEPT that can be changed to DROP using this command
#iptables -P INPUT DROP

to be continued.........
Posted by at

Friday, January 28, 2011

Ports

The ports referred to here are not physical cable receptacles, such as the console port on a router. A port, in a discussion of TCP segments, is a number in the TCP header that is used to identify the ends of logical connections that carry long-term conversations. These port numbers are used as source and destination addresses in the TCP segment.
 
Port numbers are divided into three ranges:
• Numbers from 0 through 1023 are the Well Known Ports.
• Numbers from 1024 through 49151 are the Registered Ports.
• Numbers from 49152 through 65535 are the Dynamic and/or Private Ports. 

The Well Known Ports are assigned by the Internet Assigned Numbers Authority (IANA). For example, any conversation bound for the File Transfer Protocol (FTP) application uses the well-known port 21. Conversations that do not involve an application with a well-known port number are assigned port numbers randomly chosen from the Dynamic and/or Private Ports.
Posted by at

Thursday, January 20, 2011

How to restore a table from backup in mysql

>DROP TABLE IF EXISTS `db.users`;
>CREATE TABLE `db.users` SELECT * FROM `db2.users`;


To do this you have to use:

>CREATE TABLE db.users LIKE db2.users;

then you populate it with the data from the old table with:

>INSERT INTO db.users SELECT * FROM db2.users;

If the copied old table has many keys then it may help to speed the INSERT if you turn off the keys using the following before the INSERT:

>ALTER TABLE db.users DISABLE KEYS;

And then after the INSERT:

>ALTER TABLE db.users ENABLE KEYS;
Posted by at

Cacti Installation in steps

Cacti Network Graphing Tool

Cacti is an open-source tool for network monitoring. Install & configure in a few steps

Step1:- Add this repository
#vim /etc/yum.repos.d/dag.repo

[dag]
name=Dag RPM Repository for Red Hat Enterprise Linux
baseurl=http://apt.sw.be/redhat/el5/en/i386/dag
gpgcheck=1
gpgkey=http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
enabled=1

Step2: Install the required packages
# yum install php httpd mysql mysql-server php-mysql vim-enhanced net-snmp net-snmp-utils php-snmp initscripts perl-rrdtool rrdtool initscripts

Step3: Download Cacti
# cd /var/www/html/
# wget http://www.cacti.net/downloads/cacti-0.8.7g.tar.gz
# tar xzvf cacti-0.8.7g.tar.gz
# mv cacti-0.8.7e cacti

Step4: Create User & Group
# groupadd cacti
# useradd -g cacti cactiuser
# passwd cactiuser

Step5:Change the ownership of the /var/www/html/cacti/rra/ and /var/www/html/cacti/log/ directories to the cactiuser we just created

# cd /var/www/html/cacti
# chown -R cactiuser rra/ log/

Step6: Change directories to the cacti directory, and use the cacti.sql file to create tables for your database:

# cd /var/www/html/cacti
# mysql -u root -ppassword

mysql> create database cacti;
mysql> GRANT ALL ON cacti.* TO cactiuser@localhost IDENTIFIED BY 'cacti';
mysql> flush privileges;
mysql> exit

# mysqladmin -u root -ppassword cacti < cacti.sql 
#vim /var/www/html/cacti/include/config.php 
$database_type = "mysql"; 
$database_default = "cacti"; 
$database_hostname = "localhost"; 
$database_username = "cactiuser"; 
$database_password = "password"; 
$database_port = "3306";

Step7:Create a cron job that polls for information for Cacti 
(I'm choosing to use /etc/crontab here):
#vim /etc/crontab 
 Add this line to your crontab: 
*/5 * * * * cactiuser /usr/bin/php /var/www/html/cacti/poller.php > /dev/null 2>&1

You should now be able to access cacti at http://localhost/cacti from the local computer.

There should be a Cacti Installation Guide window that shows up, giving licensing info and the like. Click "Next".

Select "New Installation", since this is a new installation.

That it !!! :)
Posted by at

Tuesday, January 18, 2011

A2billing installation on centOS

Pls do the following steps:-


Step:-1 install dependencies
yum -y install gcc gcc-c++ kernel-devel bison openssl openssl-devel perl perl-Net-SSLeay perl-Crypt-SSLeay libtermcap-devel ncurses-devel doxygen curl-devel newt-devel mlocate lynx tar wget nmap bzip2 mod_ssl crontabs vixie-cron speex speex-devel unixODBC unixODBC-devel libtool-ltdl libtool-ltdl-devel mysql-connector-odbc mysql mysql-devel mysql-server php-mysql php-mbstring php-mcrypt flex screen
libtiff-devel perl-DBD-Pg subversion python-setuptools.noarch MySQL-python php-gd

#easy_install sqlalchemy

# A2billing installation

#mkdir /usr/local/src/a2billing
#cd /usr/local/src/a2billing

Step:-2 download A2billing using SVN & change the Owner & Group of a2billing folder
#svn co --username guest --password guest http://svn.a2billing.net/svn/asterisk2billing/trunk/ /usr/local/src/a2billing
#chown -R asterisk.asterisk a2billing
#chown -R asterisk.apache admin/ customer/ agent/


Step:-3 Create Sybolick link of a2billing.conf & give permissions
#ln -s /usr/local/src/a2billing/a2billing.conf /etc/a2billing.conf
#chown -Rf asterisk.asterisk /etc/a2billing.conf
#ln -s /usr/local/src/a2billing/a2billing.conf /etc/asterisk/a2billing.conf

Step:-4  Change a2billing.conf
#sed -i "s/\(port *= *\)\(.*\)/\13306/" /etc/a2billing.conf
#sed -i "s/\(user *= *\)\(.*\)/\1a2billinguser/" /etc/a2billing.conf
#sed -i "s/\(password *= *\)\(.*\)/\1a2billing/" /etc/a2billing.conf
#sed -i "s/\(dbname *= *\)\(.*\)/\1mya2billing/" /etc/a2billing.conf

Step:-5 create a MySQL database (mya2billing) for the billing software.
#cd /usr/local/src/a2billing/DataBase/mysql-5.x
#mysql -u root -p <>
#./install-db.sh

Step:-6 Create the additional files and setup the correct owner:
#touch /etc/asterisk/additional_a2billing_iax.conf
#touch /etc/asterisk/additional_a2billing_sip.conf
#echo \#include additional_a2billing_sip.conf >> /etc/asterisk/sip.conf
#echo \#include additional_a2billing_iax.conf >> /etc/asterisk/iax.conf
#chown -Rf asterisk:asterisk /etc/asterisk/additional_a2billing_iax.conf
#chown -Rf asterisk:asterisk /etc/asterisk/additional_a2billing_sip.conf

Step:-7 Install the sound files
#/usr/local/src/a2billing/addons/sounds/install_a2b_sounds.sh

Step:-8 Copy the entire content of the AGI directory into asterisk agi-bin directory.
#ln -s /usr/local/src/a2billing/AGI/a2billing.php /var/lib/asterisk/agi-bin/
#cp -Rf /usr/local/src/a2billing/common/lib /var/lib/asterisk/agi-bin/
#chown -Rf asterisk.asterisk /var/lib/asterisk/agi-bin/
#chmod +x /var/lib/asterisk/agi-bin/a2billing.php
#chmod +x /usr/local/src/a2billing/AGI/a2billing.php


Step:-9 Installing the GUI interface
#mkdir -p /var/www/html/a2billing
#ln -s /usr/local/src/a2billing/common /var/www/html/a2billing/common
#ln -s /usr/local/src/a2billing/admin /var/www/html/a2billing/admin
#ln -s /usr/local/src/a2billing/agent /var/www/html/a2billing/agent
#ln -s /usr/local/src/a2billing/customer /var/www/html/a2billing/customer

Step:-10 set permissions
#chown -Rf asterisk:asterisk /var/www/html/a2billing/
#chmod 755 /usr/local/src/a2billing/admin/templates_c
#chmod 755 /usr/local/src/a2billing/customer/templates_c
#chmod 755 /usr/local/src/a2billing/agent/templates_c

Step:-11 Now edit /etc/asterisk/manager.conf
[myasterisk]
secret = mycode
deny=0.0.0.0/0.0.0.0
permit=127.0.0.1/255.255.255.0
read = system,call,log,verbose,command,agent,user
write = system,call,log,verbose,command,agent,user

Step:-12  setup Cronjobs
# echo "# Automatically added for A2Billing
0 * * * * php /usr/src/a2billing/Cronjobs/a2billing_alarm.php
0 12 * * * php /usr/src/a2billing/Cronjobs/a2billing_archive_data_cront.php
0 10 21 * * php /usr/src/a2billing/Cronjobs/a2billing_autorefill.php
#Batch process at 00:20 each day
20 0 * * * php /usr/src/a2billing/Cronjobs/a2billing_batch_process.php
#Bill DID usage at 00:00 each day
0 0 * * * php /usr/src/a2billing/Cronjobs/a2billing_bill_diduse.php
#Remind users of low balance every day at 06:00
0 6 * * * php /usr/src/a2billing/Cronjobs/a2billing_check_account.php
#Generate Invoices at 7am everyday
#0 7 * * * php /usr/src/a2billing/Cronjobs/a2billing_invoice2_cront.php
#0 7 * * * php /usr/src/a2billing/Cronjobs/a2billing_invoice_cront.php
#Check if balance below preset value, and email user if so.
1 * * * * php /usr/src/a2billing/Cronjobs/a2billing_notify_account.php
#Charge subscriptions at 06:05 on the 1st of each month
0 6 1 * * php /usr/src/a2billing/Cronjobs/a2billing_subscription_fee.php
#Update currencies at 01:00 each day
0 1 * * * php /usr/src/a2billing/Cronjobs/currencies_update_yahoo.php
" >> /var/spool/cron/asterisk

Step:-12 Add directory for monitoring Script
#mkdir -p /var/lib/a2billing/script
#mkdir -p /var/run/a2billing


Step:-13 Create Log Files and Permissions
#mkdir -p /var/log/a2billing
#touch /var/log/asterisk/a2billing-daemon-callback.log
#touch /var/log/a2billing/a2billing-daemon-callback.log
#touch /var/log/a2billing/cront_a2b_alarm.log
#touch /var/log/a2billing/cront_a2b_autorefill.log
#touch /var/log/a2billing/cront_a2b_batch_process.log
#touch /var/log/a2billing/cront_a2b_bill_diduse.log
#touch /var/log/a2billing/cront_a2b_subscription_fee.log
#touch /var/log/a2billing/cront_a2b_currency_update.log
#touch /var/log/a2billing/cront_a2b_invoice.log
#touch /var/log/a2billing/cront_a2b_check_account.log
#touch /var/log/a2billing/a2billing_paypal.log
#touch /var/log/a2billing/a2billing_epayment.log
#touch /var/log/a2billing/api_ecommerce_request.log
#touch /var/log/a2billing/api_callback_request.log
#touch /var/log/a2billing/a2billing_agi.log
#chown -R asterisk:asterisk /var/log/a2billing

Step:-14 Goto target directory
#cd /usr/local/src/a2billing/CallBack/callback-daemon-py/dist/

Step:-15 untar the r1528 file to create callback_daemon-1.0.prod-r1528 directory
#tar -xvf callback_daemon-1.0.prod-r1528.tar.gz

#Go down into the newly untared directory
cd callback_daemon-1.0.prod-r1528

#excute the following python commands as per a2billing doc site
python setup.py build
python setup.py bdist_egg

#additional steps to correct the path for the a2billing.conf file
vi callback_daemon/a2b_callback_daemon.py

replace the path to which your a2billing.conf resides in your system, the line should be --> CONFIG_FILE =

#execute the installation
easy_install dist/callback_daemon-1.0.prod_r1528-py2.4.egg

#install the init script and daemon service (still at your current directory level)
cd callback_daemon;cp a2b-callback-daemon.rc /etc/init.d/a2-callback-daemon
chmod +x /etc/init.d/a2b-callback-daemon
chkconfig --add a2b-callback-daemon
chkconfig a2b-callback-daemon on

# finally start the service u can either use the init script or service command
service a2b-callback-daemon start
/etc/init.d/a2b-callback-daemon start

Done!!!!!!!!!!!

It is tested & will work...


















Posted by at

SVN installation

Install SVN using yum or apt-get utility and follows these steps:-
1. Create a Repository
# svnadmin create /svnrepos

2. Create a SVN User
#vi /svnrepos/conf/svnserve.conf
In that file add these three lines:
anon-access = none
auth-access = write
password-db = passed

3.Create a password file:
#vi /svnrepos/conf/passwd
In that file add a line for your user:
# add users in the format : user = password
chander = password

4. Import Your Project
(assuming you’ve put your project files in /projects/myproject)
#svn import /projects/myproject file:///svnrepos/myproject
export SVN_EDITOR=vim

4. Start the SVN Server as Daemon
#svnserve -d

Done!

You should now have a svn server running with one project named myproject.
Try checking it out of the repository:
#svn co svn://X.X.X.X/svnrepos/myproject

Since we set anon-access to none you should be prompted for username and password which you created in the file /svnrepos/conf/passwd.
Posted by at

Asterisk realtime intallation

Step:- 1To verify if those modules are available to configure asterisk in realtime mode:-
# asterisk -r
*CLI> module show like realtime


Module Description Use Count
pbx_realtime.so Realtime Switch 0
func_realtime.so Read/Write values from a RealTime reposi 0
app_realtime.so Realtime Data Lookup/Rewrite 0
3 modules loaded

asterisk16-addons
*CLI> module show like mysql


Module Description Use Count
cdr_addon_mysql.so MySQL CDR Backend 0
app_addon_sql_mysql.so Simple Mysql Interface 0
res_config_mysql.so MySQL RealTime Configuration Driver 0

===================================================================

Step:- 2 Build the table in mysql database to store sip peers/users information with the following table structure:


>create database asterisk;
>grant all privileges on asterisk.* to asterisk@'localhost' identified by 'asterisk' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;

>FLUSH PRIVILEGES;


>use asterisk;

>CREATE TABLE IF NOT EXISTS `sipusers` (
`id` int(11) NOT NULL auto_increment,
`name` varchar(80) NOT NULL default '',
`accountcode` varchar(20) default NULL,
`amaflags` varchar(7) default NULL,
`callgroup` varchar(10) default NULL,
`callerid` varchar(80) default NULL,
`canreinvite` char(3) default 'yes',
`context` varchar(80) default NULL,
`defaultip` varchar(15) default NULL,
`dtmfmode` varchar(7) default NULL,
`fromuser` varchar(80) default NULL,
`fromdomain` varchar(80) default NULL,
`fullcontact` varchar(80) default NULL,
`host` varchar(31) NOT NULL default '',
`insecure` varchar(4) default NULL,
`language` char(2) default NULL,
`mailbox` varchar(50) default NULL,
`md5secret` varchar(80) default NULL,
`nat` varchar(5) NOT NULL default 'no',
`deny` varchar(95) default NULL,
`permit` varchar(95) default NULL,
`mask` varchar(95) default NULL,
`pickupgroup` varchar(10) default NULL,
`port` varchar(5) NOT NULL default '',
`qualify` char(3) default NULL,
`restrictcid` char(1) default NULL,
`rtptimeout` char(3) default NULL,
`rtpholdtimeout` char(3) default NULL,
`secret` varchar(80) default NULL,
`type` varchar(6) NOT NULL default 'friend',
`username` varchar(80) NOT NULL default '',
`disallow` varchar(100) default 'all',
`allow` varchar(100) default 'g729;ilbc;gsm;ulaw;alaw',
`musiconhold` varchar(100) default NULL,
`regseconds` int(11) NOT NULL default '0',
`ipaddr` varchar(15) NOT NULL default '',
`regexten` varchar(80) NOT NULL default '',
`cancallforward` char(3) default 'yes',
PRIMARY KEY (`id`),
UNIQUE KEY `name` (`name`),
KEY `name_2` (`name`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1;

>CREATE TABLE IF NOT EXISTS `extensions` (
`id` int(11) NOT NULL auto_increment,
`context` varchar(20) NOT NULL default '',
`exten` varchar(20) NOT NULL default '',
`priority` tinyint(4) NOT NULL default '0',
`app` varchar(20) NOT NULL default '',
`appdata` varchar(128) NOT NULL default '',
PRIMARY KEY (`context`,`exten`,`priority`),
KEY `id` (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1;

>CREATE TABLE IF NOT EXISTS `cdr` (
`calldate` datetime NOT NULL default '0000-00-00 00:00:00',
`clid` varchar(80) NOT NULL default '',
`src` varchar(80) NOT NULL default '',
`dst` varchar(80) NOT NULL default '',
`dcontext` varchar(80) NOT NULL default '',
`channel` varchar(80) NOT NULL default '',
`dstchannel` varchar(80) NOT NULL default '',
`lastapp` varchar(80) NOT NULL default '',
`lastdata` varchar(80) NOT NULL default '',
`duration` int(11) NOT NULL default '0',
`billsec` int(11) NOT NULL default '0',
`disposition` varchar(45) NOT NULL default '',
`amaflags` int(11) NOT NULL default '0',
`accountcode` varchar(20) NOT NULL default '',
`userfield` varchar(255) NOT NULL default '',
KEY `calldate` (`calldate`),
KEY `dst` (`dst`),
KEY `calldate_2` (`calldate`),
KEY `dst_2` (`dst`),
KEY `accountcode` (`accountcode`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;

>CREATE TABLE IF NOT EXISTS `voicemail_users` (
`uniqueid` int(11) NOT NULL auto_increment,
`customer_id` varchar(11) NOT NULL default '0',
`context` varchar(50) NOT NULL default '',
`mailbox` varchar(11) NOT NULL default '0',
`password` varchar(5) NOT NULL default '0',
`fullname` varchar(150) NOT NULL default '',
`email` varchar(50) NOT NULL default '',
`pager` varchar(50) NOT NULL default '',
`tz` varchar(10) NOT NULL default 'central',
`attach` varchar(4) NOT NULL default 'yes',
`saycid` varchar(4) NOT NULL default 'yes',
`dialout` varchar(10) NOT NULL default '',
`callback` varchar(10) NOT NULL default '',
`review` varchar(4) NOT NULL default 'no',
`operator` varchar(4) NOT NULL default 'no',
`envelope` varchar(4) NOT NULL default 'no',
`sayduration` varchar(4) NOT NULL default 'no',
`saydurationm` tinyint(4) NOT NULL default '1',
`sendvoicemail` varchar(4) NOT NULL default 'no',
`delete` varchar(4) NOT NULL default 'no',
`nextaftercmd` varchar(4) NOT NULL default 'yes',
`forcename` varchar(4) NOT NULL default 'no',
`forcegreetings` varchar(4) NOT NULL default 'no',
`hidefromdir` varchar(4) NOT NULL default 'yes',
`stamp` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
PRIMARY KEY (`uniqueid`),
KEY `mailbox_context` (`mailbox`,`context`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1;

===========================================================================

Step:- 3 Edit configuration file /etc/asterisk/res_mysql.conf for database connectivity


[general]
dbhost = localhost
dbname = asterisk
dbuser = asterisk
dbpass = asterisk
dbport = 3306
dbsock = /var/lib/mysql/mysql.sock


Step:- 4 Edit configuration file /etc/asterisk/extconfig.conf


under [settings],add the following lines:


sippeers => mysql,asterisk,sipusers
sipusers => mysql,asterisk,sipusers
voicemail =>mysql,asterisk,voicemail_users
extensions =>mysql,asterisk,extensions


Step:- 5 Edit configuration file /etc/asterisk/sip.conf


under [general], add the following lines:


rtcachefriends=yes


Step:- 6 Add your own sip peers information into the table sip_buddies


+------+--------+----------+----------+---------+--------+----------+----------------+-----+---------+
| name | type | username | fromuser | host | secret | disallow | allow | nat | context |
+------+--------+----------+----------+---------+--------+----------+----------------+-----+---------+
| 1000 | friend | 1000 | 1000 | dynamic | 1234 | all | g729,alaw,ulaw | yes | test |
+------+--------+----------+----------+---------+--------+----------+----------------+-----+---------+


This is exactly the same as the following setting in sip.conf


[1000]
type=friend
username=1000
fromuser=1000
host=dynamic
secret=1234
disallow=all
allow=g729,alaw,ulaw
nat=yes
context=test


In asterisk CLI, you would see something like:


# asterisk -r


*CLI> sip show peers


Name/username Host Dyn Nat ACL Port Status Realtime
1000/1000 <x.x.x.x>     D N 2548 Unmonitored Cached RT


Enjoy!!!

Posted by at
Subscribe to: Posts (Atom)