Category Archives: Linux

Quick DNS Server for Centos 5.10

dns settingI used to use Bind as dns server. The server itself is not for complex task such master or slave dns server. Only for authoritative and local dns cache (optional). As I love copy and paste I often post my experience here at least for my future reference in case I have problem.

Today, my copy and paste method in Centos server (running 5.10) not work anymore. Googling around don’t help either. So I choose other dns software that work for my case. Tinydns is my other choice but I think its time to try something new and I found marands.

Installation process is straightforward and working well, here’s the steps :

 

# yum install gcc

# gcc -v
Using built-in specs.
Target: x86_64-redhat-linux
Configured with: ../configure –prefix=/usr –mandir=/usr/share/man –infodir=/usr/share/info –enable-shared –enable-threads=posix –enable-checking=release –with-system-zlib –enable-__cxa_atexit –disable-libunwind-exceptions –enable-libgcj-multifile –enable-languages=c,c++,objc,obj-c++,java,fortran,ada –enable-java-awt=gtk –disable-dssi –disable-plugin –with-java-home=/usr/lib/jvm/java-1.4.2-gcj-1.4.2.0/jre –with-cpu=generic –host=x86_64-redhat-linux
Thread model: posix
gcc version 4.1.2 20080704 (Red Hat 4.1.2-54)

Downloaad latest marands (at the time of writing its 2.0.09)

# wget -c http://maradns.samiam.org/download/2.0/2.0.09/maradns-2.0.09.tar.bz2

# tar xvjf maradns-2.0.09.tar.bz2

# cd maradns-2.0.09
# make
# make install
VERSION=2.0.09 ./build/install.sh
Installing MaraDNS, placing programs in /usr/local//bin/ and /usr/local//sbin/,
man pages in /usr/local//share/man/man1, /usr/local//share/man/man5,
and /usr/local//share/man/man8, and documents in /usr/local//doc/maradns-2.0.09
Adding MaraDNS startup scripts
Starting up MaraDNS at runlevel 3
starting up MaraDNS at runlevel 5

# service maradns start

# chkconfig maradns on

Edit mararc to change bind address, I use 192.168.1.100 as lan address.

# nano /etc/mararc
looking for ipv4_bind_address line and change it into :

ipv4_bind_addresses = “192.168.1.100, 127.0.0.1”

save.

Edit content of zone (db.example.net)

# nano /etc/maradns/db.example.net

Use this lines :

test.example.net.      +14400    soa    ns1.example.net. dns@example.net. 2012010117 14400 3600 604800 14400 ~
example.net.      +14400    ns     ns1.example.net. ~
example.net.      +14400    ns     ns2.example.net. ~
ns1.example.net.  +14400    a      192.168.1.100 ~
ns2.example.net.  +14400    a      192.168.1.100 ~
example.net.      +14400    a      127.0.0.1 ~
www.example.net.  +14400    a      127.0.0.1 ~
example.net.      +14400    mx     10 mail.example.net. ~
test.example.net. +14400    a      192.168.1.100 ~

Save.

restart maradns service

# service maradns restart

dig test ::

Try query dns from other computer that exist on lan.

# dig @192.168.1.100 test.example.net

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.6 <<>> @192.168.1.100 test.example.net
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19886
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;test.example.net.        IN    A

;; ANSWER SECTION:
test.example.net.    14400    IN    A    192.168.1.100

;; Query time: 0 msec
;; SERVER: 192.168.1.100#53(192.168.1.100)
;; WHEN: Fri Sep 26 19:41:51 2014
;; MSG SIZE  rcvd: 53

ok.

The rest is change /etc/resolv.conf and add 192.168.1.100 as nameserver.

In case of blocked port 53 :

# iptables -I INPUT -p udp -m udp --dport 53 -j ACCEPT
# service iptables save
# service iptables restart

How to install FTP Server (pureftp) on CentOS 5.10

Due to backup provider that we use is closing their service I decide to build simple ftp server for this purpose. The problem are I forgot which version of CentOS I use on the server and which ftp server that work well (easy to install).

Solution for 1st problem is using cat.

# cat /etc/redhat-release

CentOS release 5.10 (Final)

Solution for 2nd problem is pureftp.

# yum install pure-ftpd

Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: ftp.availo.se
* extras: ftp.availo.se
* updates: ftp.availo.se
base                                                                                                                                             | 1.1 kB     00:00
extras                                                                                                                                           | 2.1 kB     00:00
updates                                                                                                                                          | 1.9 kB     00:00
utter-ramblings                                                                                                                                  | 2.3 kB     00:00
Setting up Install Process
No package pure-ftpd available.
Nothing to do

Continue reading

How to install Gammu on Lubuntu 14.04

linux insideMy friend bought Wavecom 1306B gsm modem for his campus last task. He use Windows XP and trying to use the modem without success. He try it on his friend laptop that run Windows 7 also not work and he ask me to try it. Just to test the modem. If its not work might then He will return it to the seller.

I use Lubuntu 14.04 but I think the instruction would be same for Ubuntu 14.04 variant :

Install Gammu

# apt-get install gammu
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following extra packages will be installed:
libgammu-i18n libgammu7
Suggested packages:
wammu gammu-doc
The following NEW packages will be installed:
gammu libgammu-i18n libgammu7
0 upgraded, 3 newly installed, 0 to remove and 128 not upgraded.
Need to get 1.051 kB of archives.
After this operation, 3.161 kB of additional disk space will be used.
Do you want to continue? [Y/n] y

………………………..
…………………………..
………………………………
Preparing to unpack …/libgammu7_1.33.0-3_i386.deb …
Unpacking libgammu7 (1.33.0-3) …
Selecting previously unselected package gammu.
Preparing to unpack …/gammu_1.33.0-3_i386.deb …
Unpacking gammu (1.33.0-3) …
Selecting previously unselected package libgammu-i18n.
Preparing to unpack …/libgammu-i18n_1.33.0-3_all.deb …
Unpacking libgammu-i18n (1.33.0-3) …
Processing triggers for man-db (2.6.7.1-1) …
Setting up libgammu7 (1.33.0-3) …
Setting up gammu (1.33.0-3) …
Setting up libgammu-i18n (1.33.0-3) …
Processing triggers for libc-bin (2.19-0ubuntu6) …
# Continue reading

How to connect to OpenVPN server from Ubuntu 13.04 Desktop

Yesterday my friend came to my house and ask about connect to openvpn server from linux desktop. I told him to install vpn client first then connect to vpn server but that instruction is not enough for him so I give him personal assistance and document the process here in case someone need it in the future. Lets get start :

Install OpenVPN client

$ sudo apt-get install openvpn
[sudo] password for alamsyah:
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following packages were automatically installed and are no longer required:
libjavascriptcoregtk-1.0-0 libwebkitgtk-1.0-0 libwebkitgtk-1.0-common
Use ‘apt-get autoremove’ to remove them.
The following extra packages will be installed:
libpkcs11-helper1
The following NEW packages will be installed:
libpkcs11-helper1 openvpn
0 upgraded, 2 newly installed, 0 to remove and 330 not upgraded.
Need to get 494 kB of archives.
After this operation, 1.247 kB of additional disk space will be used.
Do you want to continue [Y/n]? y
Get:1 http://id.archive.ubuntu.com/ubuntu/ raring/main libpkcs11-helper1 i386 1.09-1build1 [47,6 kB]
Get:2 http://id.archive.ubuntu.com/ubuntu/ raring/main openvpn i386 2.2.1-8ubuntu3 [447 kB]
Fetched 494 kB in 8s (61,7 kB/s)
Preconfiguring packages …
Selecting previously unselected package libpkcs11-helper1:i386.
(Reading database … 200544 files and directories currently installed.)
Unpacking libpkcs11-helper1:i386 (from …/libpkcs11-helper1_1.09-1build1_i386.deb) …
Selecting previously unselected package openvpn.
Unpacking openvpn (from …/openvpn_2.2.1-8ubuntu3_i386.deb) …
Processing triggers for man-db …
Processing triggers for ureadahead …
ureadahead will be reprofiled on next reboot
Setting up libpkcs11-helper1:i386 (1.09-1build1) …
Setting up openvpn (2.2.1-8ubuntu3) …
* Restarting virtual private network daemon(s)…                                                                                               *   No VPN is running.
Processing triggers for libc-bin …
ldconfig deferred processing now taking place
Processing triggers for ureadahead …
$

Download openvpn client configuration file

Connection setting for specific user can be found easily if you use openvn as, just access the address in the following format :

http://servername:943

openvpn_client_ubuntu

Click on “Yourself (user-located profile)”.

Connect to OpenVPN server

Pick downloaded client.ovpn

$ sudo openvpn --config Downloads/client.ovpn
Sat Jan 18 14:18:15 2014 OpenVPN 2.2.1 i686-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Feb 13 2013
Enter Auth Username:alam
Enter Auth Password:
…………….
………………….
……………………..

Sat Jan 18 14:18:27 2014 TUN/TAP device tun0 opened
Sat Jan 18 14:18:27 2014 TUN/TAP TX queue length set to 100
Sat Jan 18 14:18:27 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sat Jan 18 14:18:27 2014 /sbin/ifconfig tun0 172.27.232.5 netmask 255.255.248.0 mtu 1500 broadcast 172.27.239.255
Sat Jan 18 14:18:32 2014 /sbin/route add -net 192.241.146.134 netmask 255.255.255.255 gw 192.168.1.1
Sat Jan 18 14:18:32 2014 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 172.27.232.1
Sat Jan 18 14:18:32 2014 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 172.27.232.1
Sat Jan 18 14:18:32 2014 Initialization Sequence Completed

if you want to hide all those message use –daemon

$ sudo openvpn --daemon --config Downloads/client.ovpn
Enter Auth Username:alam
Enter Auth Password:
$

Ip address before connection made

$ ifconfig
eth0      Link encap:Ethernet  HWaddr 08:9e:01:1c:3a:f9
UP BROADCAST MULTICAST  MTU:1500  Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

eth1      Link encap:Ethernet  HWaddr 08:3e:8e:32:8f:62
inet addr:192.168.1.205  Bcast:192.168.1.255  Mask:255.255.255.0
inet6 addr: fe80::a3e:8eff:fe32:8f62/64 Scope:Link
UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
RX packets:348892 errors:23 dropped:0 overruns:0 frame:253441
TX packets:267410 errors:25 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:438515703 (438.5 MB)  TX bytes:29792681 (29.7 MB)
Interrupt:19

lo        Link encap:Local Loopback
inet addr:127.0.0.1  Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING  MTU:65536  Metric:1
RX packets:4789 errors:0 dropped:0 overruns:0 frame:0
TX packets:4789 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:481600 (481.6 KB)  TX bytes:481600 (481.6 KB)
$

Ip address after connected :

$ ifconfig
eth0      Link encap:Ethernet  HWaddr 08:9e:01:1c:3a:f9
UP BROADCAST MULTICAST  MTU:1500  Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

eth1      Link encap:Ethernet  HWaddr 08:3e:8e:32:8f:62
inet addr:192.168.1.205  Bcast:192.168.1.255  Mask:255.255.255.0
inet6 addr: fe80::a3e:8eff:fe32:8f62/64 Scope:Link
UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
RX packets:349509 errors:24 dropped:0 overruns:0 frame:261386
TX packets:268163 errors:25 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:438599978 (438.5 MB)  TX bytes:29983493 (29.9 MB)
Interrupt:19

lo        Link encap:Local Loopback
inet addr:127.0.0.1  Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING  MTU:65536  Metric:1
RX packets:4829 errors:0 dropped:0 overruns:0 frame:0
TX packets:4829 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:484929 (484.9 KB)  TX bytes:484929 (484.9 KB)

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:172.27.232.5  P-t-P:172.27.232.5  Mask:255.255.248.0
UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
RX packets:142 errors:0 dropped:0 overruns:0 frame:0
TX packets:240 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:13651 (13.6 KB)  TX bytes:53785 (53.7 KB)

Use service like whatismyip.com to check current ip address.

WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!

2013 will pass and I want to learn new operating system and use this blog as place of documentation of my learning. OpenBSD is my choose and perhaps NetBSD too. How to get it up and many more. Today I’ve install OpenBSD using VirtualBox under Ubuntu Linux 13.04. Error message came out when I try to ssh newly install OpenBSD box :

$ ssh alam@192.168.1.207

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
ba:4b:ee:4c:b1:6d:02:41:62:e0:19:1e:c5:11:e7:0b.
Please contact your system administrator.
Add correct host key in /home/alamsyah/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/alamsyah/.ssh/known_hosts:19
remove with: ssh-keygen -f “/home/alamsyah/.ssh/known_hosts” -R 192.168.1.207
ECDSA host key for 192.168.1.207 has changed and you have requested strict checking.
Host key verification failed.

Get rid of that message :

$ ssh-keygen -f "/home/alamsyah/.ssh/known_hosts" -R 192.168.1.207

/home/alamsyah/.ssh/known_hosts updated.
Original contents retained as /home/alamsyah/.ssh/known_hosts.old
alamsyah@alamsyah-Aspire-E1-471:~$ ssh alam@192.168.1.207
The authenticity of host ‘192.168.1.207 (192.168.1.207)’ can’t be established.
ECDSA key fingerprint is ba:4b:ee:4c:b1:6d:02:41:62:e0:19:1e:c5:11:e7:0b.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘192.168.1.207’ (ECDSA) to the list of known hosts.
alam@192.168.1.207’s password:
Last login: Fri Dec 20 20:43:20 2013
OpenBSD 5.4 (GENERIC) #37: Tue Jul 30 12:05:01 MDT 2013

Welcome to OpenBSD: The proactively secure Unix-like operating system.

Please use the sendbug(1) utility to report bugs in the system.
Before reporting a bug, please try to reproduce it with the latest
version of the code.  With bug reports, please try to ensure that
enough information to reproduce the problem is enclosed, and if a
known fix for it exists, include that as well.

$

Good call.

Lesson learned, I used to use same IP for experiment and this message came out. In future I’ll use different ip for different operating system.