To configure printer in Samba (For CUPS):
1. Install Printer in CUPS and test it.
2. Use following configuration in smb.conf:

In "global" section add following -->

printcap name = cups
lock directory = /var/lock/samba
printing = cups
print command = 
lpq command = %p
lprm command = 

[printers]
	comment = All Printers
	path = /var/spool/samba
	guest ok = Yes
	printable = Yes
	browseable = No

[hp_LaserJet_1320]               -------------> You can give any name to share
	comment = hp_LaserJet_1320
	path = /var/spool/samba
	read only = No
	guest ok = Yes
	printable = Yes
	printer name = hp_LaserJet_1320  ----> Use Printer name
	use client driver = Yes          ----> This is very IMP otherwise u can get
	oplocks = No			       Error of access denied in windows.
	share modes = No

Current Mood: cheerful

How to get Recycle bin in samba ?

Put following lines in smb.conf under shares.

=================
vfs objects = recycle
recycle:keeptree = yes
recycle:versions = yes
=================

and dont forget to restart samba whenever we make changes in smb.conf.

It will create .recycle directory under the main dir. In that you can find all deleted items.

Enjoy.....

Current Mood: cheerful

I found some parameters for tuning Samba. They are as follows:

===================
use sendfile = yes
strict locking = no
read raw = yes
write raw = yes
oplocks = yes
max xmit = 65535
deadtime = 15
getwd cache = yes
socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=16384 SO_RCVBUF=16384
===============

All these are global parameters.

Current Mood: cheerful

For Allowing 128 bit browsers access, while denying lower strength browsers (40 bit, 56 bit) from connecting to the Web server over SSL, we need to use SSLCipherSpec directives within the SSL VirtualHost stanza located in the httpd.conf file.

The Configuration will look like:

Listen 443

<VirtualHost 192.168.1.20:443>
ServerName neelesh.gurjar
SSLEnable
SSLCipherSpec 27
SSLCipherSpec 21
SSLCipherSpec 23
SSLCipherSpec 3A
SSLCipherSpec 34
SSLCipherSpec 35

SSLStashfile "../WebSphere/sslkey/xxyyy.sth"
SSLClientAuth None

ErrorLog /var/logs/httpd/error_ssl_http
CustomLog /var/logs/httpd/access_ssl_http common

<Directory "/apps/WebSphere/IBMIHS/htdocs/en_US">
Options Indexes
AllowOverride None
order allow,deny
allow from all
</Directory>

DocumentRoot "/WebSphere/IBMIHS/htdocs/en_US"
DirectoryIndex index2.html

</VirtualHost>

SSLDisable
KeyFile "C:/Program Files/IBM HTTP Server 2.0.42/key.kdb"
SSLV2Timeout 100
SSLV3Timeout 1000

===========

In this I have used some numbers "SSLCipherSpec". Here is the meaning of them:

    * 128 bit and 168 bit Ciphers

      SSLV2
      27 SSL_DES_192_EDE3_CBC_WITH_MD5 Triple-DES (168 bit)
      21 SSL_RC4_128_WITH_MD5 RC4 (128 bit)
      23 SSL_RC2_CBC_128_CBC_WITH_MD5 RC2 (128 bit)

      SSLV3
      3A SSL_RSA_WITH_3DES_EDE_CBC_SHA Triple-DES SHA (168 bit)
      34 SSL_RSA_WITH_RC4_128_MD5 RC4 MD5 (128 bit)
      35 SSL_RSA_WITH_RC4_128_SHA RC4 SHA (128 bit)

Please Note: -------->
Do not use this configuration if the Web site is enabled with a step-up certificate.

Scenario:
1 One Linux Box as a firewall having 2 Lan cards or 1 lan card and one internet modem connection.
2. eth0 --> Connected to Broadband. IP is 192.168.1.2  in case of dialup it can be "ppp0"
3. eth1 --> Connected to Local LAN IP is 192.168.2.1

You want to share Broadband accros the LAN and it should restrict traffice outside the LAN.

Step 1. In /etc/sysctl.conf put following line: net.ipv4.ip_forward=1
Step 2. Setup Masquerading
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
In case of Dialup please replace eth0 with ppp0.

Step 3. Firewalling:

iptables -A FORWARD -s 192.168.2.0/24 -j ACCEPT
iptables -A FORWARD -d 192.168.2.0/24 -j ACCEPT
iptables -A FORWARD -s ! 192.168.2.0/24 -j DROP

iptables-save

or you can put these lines from step 2 and step3 in /etc/rc.local or in rc script to start with boot.

And here is your router and Firewall ready.

Cheers

Telnet to port 25
# telnet <IP address> 25
HELO <IP/HOSTNAME>
MAIL FROM: name@hostname
RCPT TO: <receipient's email address>
DATA
QUIT

Enjoy... :)

groupadd dba          # group of users to be granted SYSDBA system privilege

groupadd oinstall     # group owner of Oracle files

useradd -c "Oracle software owner" -g oinstall -G dba oracle

passwd oracle

mkdir -p /u01/app/oracle

chown oracle.oinstall /u01/app/oracle

Login as oracle and edit ~oracle/.bash_profile

su - oracle

export ORACLE_BASE=/u01/app/oracle

export ORACLE_SID=orcl

Checking Kernel Parameters

To see all kernel parameters, execute:

su - root

sysctl -a

For Oracle10g, the following kernel parameters have to be set to values greater than or equal to the recommended values which can be changed in the proc filesystem:

shmmax  = 2147483648     (To verify, execute: cat /proc/sys/kernel/shmmax)

shmmni  = 4096           (To verify, execute: cat /proc/sys/kernel/shmmni)

shmall  = 2097152        (To verify, execute: cat /proc/sys/kernel/shmall)   (for 10g R1)

shmmin  = 1              (To verify, execute: ipcs -lm |grep "min seg size")

shmseg  = 10             (It's hardcoded in the kernel - the default is much higher)

semmsl  = 250            (To verify, execute: cat /proc/sys/kernel/sem | awk '{print $1}')

semmns  = 32000          (To verify, execute: cat /proc/sys/kernel/sem | awk '{print $2}')

semopm  = 100            (To verify, execute: cat /proc/sys/kernel/sem | awk '{print $3}')

semmni  = 128            (To verify, execute: cat /proc/sys/kernel/sem | awk '{print $4}')

file-max = 65536         (To verify, execute: cat /proc/sys/fs/file-max)

ip_local_port_range = 1024 65000 

                         (To verify, execute: cat /proc/sys/net/ipv4/ip_local_port_range)

NOTE: Do not change the value of any kernel parameter on a system where it is already higher than listed as minimum requirement.

On RHEL AS 4 x86, RHEL AS 3 U5 x86, RHEL AS 3 U5 x86_64, RHEL AS 2.1, RH9, FC1, FC3, and FC4 I had to increase the kernel parameters shmmax, semopm, and filemax to meet the minimum requirement. On RHEL AS 4 x86_64 I had to increase shmmax and semopm.

Oracle also recommends to set the local port range ip_local_port_range for outgoing messages to "1024 65000" which is needed for high-usage systems. This kernel parameter defines the local port range for TCP and UDP traffic to choose from.

I added the following lines to the /etc/sysctl.conf file which is used during the boot process:

kernel.shmmax=2147483648

kernel.sem=250 32000 100 128

fs.file-max=65536

net.ipv4.ip_local_port_range=1024 65000

Adding these lines to the /etc/sysctl.conf file will cause the system to change these kernel parameters after each boot using the /etc/rc.d/rc.sysinit script which is invoked by /etc/inittab. But in order that these new added lines or settings in /etc/sysctl.conf become effective immediately, execute the following command:

su - root

sysctl -p

After Installation update ~oracle/.bash_profile

export ORACLE_HOME=$ORACLE_BASE/product/10.1.0/db_1

export PATH=$PATH:$ORACLE_HOME/bin 

export LD_LIBRARY_PATH=$ORACLE_HOME/lib

Scenario:

We have 3 Nodes in Cluster and they are accessing SAN for Data Storage. Now we want to implement GFS so that it can be mount on all cluster @ same time and performance will be better than NFS. For accessing storage we have to use multipath service.

1. Check mulitpathing is done properly or not.
# /etc/init.d/multipathd status
# multipath -ll

2. Create LVM on storage. Acess storage in /dev/mpath/mpath1, 2, 3........
For example commands will be like this:    #  pvcreate /dev/mpath/mpath1

3. Create File System on LVM
 
# gfs_mkfs -p lock_dlm -t ClusterName:FSName -j NumberJournals BlockDevice

For eg. # gfs_mkfs -p lock_dlm -t alpha:gfs1 -j 8 /dev/vgname/lvname

4. Mount GFS partition

# mount -t gfs BlockDevice  MountPoint

you can give options with -o option.

If it shows issue of permision while mounting please restart GFS service.

 

I have created my First Perl Script:

#!/usr/local/bin/perl

use Net::SSH::Perl;


$HOST1 = "192.168.1.36";

$HOST2 = "192.168.1.49";

$HOST3 = "192.168.1.82";



$USER = "unix";
$PASS = "unix";
$CMD_1 = "pwdx `/usr/ucb/ps -auxww|grep minimal|grep -v grep | awk '{print \$2}'`";


####### HOST 1 #######

my $ssh = Net::SSH::Perl->new($HOST1);
$ssh->login($USRER, $PASS);
my ($stdout, $stderr, $exit) = $ssh->cmd($CMD_1);

print $stdout;
$line = "OSGI stopped on $HOST1 \n\n";
print ($line);


####### HOST 2 #######

my $ssh = Net::SSH::Perl->new($HOST2);
$ssh->login($USRER, $PASS);
my ($stdout, $stderr, $exit) = $ssh->cmd($CMD_1);

print $stdout;
$line = "OSGI stopped on $HOST2 \n\n";
print ($line);


####### HOST 3 #######


my $ssh = Net::SSH::Perl->new($HOST3);
$ssh->login($USRER, $PASS);
my ($stdout, $stderr, $exit) = $ssh->cmd($CMD_1);

print $stdout;
$line = "OSGI stopped on $HOST3 \n\n";
print ($line);

1. Install iscsi-initiator-utils-6.2.0.754-0.0.fc7.x86_64.rpm on Linux box
2. /etc/init.d/iscsid start
3. iscsiadm -m discovery -t sendtargets -p <iSCSI IP>
4.  iscsiadm -m node -T <targetname> -p <iSCSI IP> --login test
5. fdisk -l
6. mount /dev/sdb1 (Or that partition) on specific folder. (Here if its raw drive then we need to create Partition & Filesystem before mounting)
7. For removing drive firt Umount it
8. iscsiadm -m node -T <targetname> -p <iSCSI IP> --logout test

Current Mood: cheerful

To forward port with SSH:

Local port forwaing
ssh -f -N -g -L <local port>:<remote host>:<remote port> host

In this all traffic which will come to local port will be redirected to remote port on remote host.

Remote port forwarding

ssh -f -N -g -R

In this the traffic which will come to Remote port on remote host will be redirected to local port.


Enjoy

Current Mood: relaxed

Producer: The Server which you want to Monitor running net-snmp

Proxy: Accessible to Both to EM7 and to the Producer


Scenario:

I want to monitor my Personal System from EM7. I have setup Firewall to access my system. In that Only port 22 is open. You cannot access SNMP running on my personal system directly. So I have setup one Proxy Machine i.e. Nocblade9 which is accessible to EM7 and you can access my machine from Nocblade9  also.

Proxy Machine: Nocblade9  10.49.51.155


On Proxy Machine:

ssh -f -N root@76.175.20.216 -L 6004:localhost:6004


Start TCP to UDP socat on Producer:

socat -d -d -d  -lffoo.log TCP4-LISTEN:6004,fork UDP4:localhost:161


Start UDP to TCP socat on Proxy:

socat -d -d -d -lffoo.log UDP4-LISTEN:161,fork TCP:localhost:6004


Test by running snmpwalk on Proxy Machine:

snmpwalk -v1 -c public localhost

Current Mood: cheerful

Diwali is our biggest celebration...   we enjoy it every year..

Because of 24x7 support this time I cannot celebrate Diwali in home...

Today I celebrate Diwali with different aspects.

I celebrated it at my office infront of my desktop and deep deep deep in the work..


Its gr8 experience... 
Enjoy your work !!! just cool..........

Current Mood: cheerful

Need a Miracle.......................... :)


I spent 2 days to resolve one issue in one of the server........... and lots RnD did still its not comming up...

I need a Miracle to resolve one small issue.

hope I will get one....

Current Mood: calm