Thursday, December 24, 2009

Quick & Easy - Rsync

Rsync is a great tool especially for data migration/mirroring/backups.Rsync's advantage is that it transfers the data in a "smart way", for example if a big sized file transfer was corrupted it will not resend the whole file, instead it breaks the data into chunks and re-transfers only the unfinished data. One of the advantages of rsync is that it knows how to cooperate with ssh, creating a very powerful tool.

Let's see some basic usages of rsync.
1) Transfer remote folder into local one:

jenova:/mysql_db # rsync -avz -e ssh root@remote:/tmp/. /mysql_db/

This will transfer all the contents of /tmp on the remote server to my /mysql_db folder.

2) Transfer local folder into remote one:

jenova:/mysql_db #rsync -avz -e ssh /mysql_db/ root@prana:/tmp/.

Notice the -e flag which tells rsync to use ssh as the network transfer method.

Sunday, December 20, 2009

Howto forward port on Cisco Router

Hi, in this short article I will demonstrate a way to configure port forwarding on your Cisco router.

This is our network topology, let's assume we want to allow anyone from the WAN side to connect to our web server (192.168.0.8) running Apache on port 80, the web server is located at a seperate DMZ segment (192.168.0.0/24):

This is how the general configuration will look like:

router(conf)#ip nat inside source "protocol" "internal IP" "internal port" interface "interface type" "external port"

So in our case the configuration will look like this:

router(conf)#ip nat inside source tcp 192.168.0.8 80 interface serial 0 80

Don't forget to apply a proper access list so the connections from the WAN side will not be blocked, I suggest using an extended access list to limit the connections only to the specific host in the DMZ.

Thursday, December 10, 2009

Some 'tr' useful examples

This is just a brief totorial for a great Unix tool called 'tr', very useful in text editing let's review couple of examples to make you understand the basics:
Before you start reading on I strongly recommend reading about regular expressions, a cool table that summarizes of reg. ex. can be found here:http://www.addedbytes.com/cheat-sheets/regular-expressions-cheat-sheet/
OK, so let's start - we will take a look at one of my directories:
paul# ls
file01.txt file02.txt file03.txt file04.txt file05.txt
Let's make an output of upper cases names:

paul# ls | tr '[:lower:]' '[:upper:]'
FILE01.TXT
FILE02.TXT
FILE03.TXT
FILE04.TXT
FILE05.TXT


Another example, let's try to extract out only the numbers of the following string:

paul# echo -e"Abc1234d56E\n" | tr -cd '[:digit:]'
123456


We want to replace blank spaces with the " - " character:

paul# ls
bla bla.txt file01.txt file02.txt file03.txt file04.txt

paul# ls | tr '[:blank:]' '_'
bla_bla.txt
file01.txt
file02.txt
file03.txt
file04.txt
file05.txt


There are numerous of good example for usage of 'tr' , I will try to add more in the future.

Friday, December 4, 2009

Quick HOWTO:syslog-ng + cisco configuration

Hi all, in this short article I will demonstrate how to configure syslog-ng to caputre cisco log messages.

Let's start with the server side, I'm using Open SUSE11 VM in my case.

I will assume you have "syslog-ng" is already installed on your system.

So first, will need to edit /etc/sysconfig/syslog and change the following 2 lines:

SYSLOGD_PARAMS="-r"
SYSLOG_DAEMON="syslog-ng"


The 1st option (-r ) tells the Daemon to be in passive mode - act like a logging server.
The 2nd option tells syslog Daemon to use syslog-ng as the system default logging scheme.

Our main configuration file is /etc/syslog-ng/syslog-ng.conf
Open it with your favourite text editor and add:

options { sync (0);

time_reopen (10);
log_fifo_size (1000);
long_hostnames (off);
use_dns (yes);
use_fqdn (no);
create_dirs (no);
keep_hostname (yes);
};

source sys { unix-stream ("/dev/log"); internal(); };
source remote { udp(); };

destination std { file( "/var/log/syslog-ng/$HOST/$YEAR$MONTH/$FACILITY" create_dirs(yes)); };

log { source(sys); destination(std); };
log { source(remote); destination(std); };


Save the file, restart the service with /etc/init.d/syslog-restart
Verify syslog-ng is running on your run-level and listening on port 514:

chkconfig --list grep syslog
syslog 0:off 1:off 2:on 3:on 4:off 5:on 6:off


netstat -ntulp "pipe" grep ":514"

udp 0 0 0.0.0.0:514 0.0.0.0:* 32446/syslog-ng

All logs will be saved under: /var/log/syslog-ng/$HOSTNAME/$DATE/$LOG
(As we have stated to be in the syslog-ng config file), the server side is done, great.


Now let's login to our cisco router and access "configure terminal", from there execute theese commands:

service timestamps log datetime localtime
no logging console
no logging monitor
logging 192.168.0.180
Instead of the IP address, enter your logging server IP, save the configuration and exit the router.

Let's check if everything works, my router is called "cisco851" I've tried to enter privileged mode with wrong password, The result will be:

root@server01 # tail -f /var/log/syslog-ng/cisco851/200912/local4

Dec 4 14:15:58 cisco851 1895: Dec 4 12:15:59: %SYS-5-PRIV_AUTH_FAIL: Authentication to Privilage level 15 failed by paul on vty0 (192.168.0.180)

Dec 4 14:16:34 cisco851 1896: Dec 4 12:16:35: %SYS-5-PRIV_AUTH_FAIL: Authentication to Privilage level 15 failed by paul on vty0 (192.168.0.180)


We are done.