Display Information and Parameters of Hard Disk Drives on CentOS

# smartmontools
# -a, -all: Prints all SMART information about the disk
/usr/sbin/smartctl -a /dev/<device>

# hdparm - get/set hard disk parameters
/sbin/hdparm /dev/<device>

pppoe[pid]: Bad TCP checksum someValue on CentOS

From /var/log/messages
The reason it happens is because you have short circuted the modem to the hub and the pppoe protocol or software have trouble keeping things in sync because of timeouts that were generated by the network collisions. The solution is to seperate the modem network from the home network so no collisions will happen. However, the CLAMPMSS=no could also help since it can reduce overheads and thus lower timeouts (if any)though i didn't check that. other things can help like increasing timeouts, hanging synchronization options but it would be cheaper by time/money to just buy another ethernet card and be done with it.

1. vi /etc/sysconfig/network-scripts/ifcfg-ppp0

..
CLAMPMSS=no
..

2. /sbin/iptables -t mangle -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu

Setup NAT server on Linux

1. change the value of ip_forward from 0 to 1

CentOS

echo "1" > /proc/sys/net/ipv4/ip_forward


Ubuntu

sudo vi /etc/sysctl.conf
--
..
net.ipv4.ip_forward=1
..

sudo sysctl -p # load sysctl settings

2. load related modules

/sbin/modprobe ip_nat_ftp
/sbin/modprobe ip_conntrack
/sbin/modprobe ip_conntrack_ftp
/sbin/modprobe ip_conntrack_irc

3. 192.168.1.1 ~ 192.168.1.254 route through ppp0

/sbin/iptables -t nat -A POSTROUTING -o ppp0 -s 192.168.1.0/24 -j MASQUERADE

4. if you want the above things done every time you boot the machine, you can add these into /etc/rc.local

Setup aMule's Webserver on CentOS

Although there is a RPM of aMule for RHEL5 and CentOS, it has only aMule main program. If you would like to remote control your aMule server, you must have aMuleWeb installed. For CentOS users, you have to compile the sourcecode of aMule by yourself because aMuleWeb is compiled at the same time you compile aMule by using the --enable-amuleweb flag when you run configure.

1. Download sourcecode from http://www.amule.org/files/files.php?cat=34 and extract it
2. Install below packages for compiling environment
zlib-devel, wxGTK-devel, gettext-devel, gcc-c++
3. Check http://www.amule.org/wiki/index.php/Configure for all available parameters
./configure --prefix=/usr --enable-webserver --enable-amulecmd --enable-amule-daemon --enable-cas --enable-wxcas --enable-alc --enable-alcc
4.

make # It takes much long time
make install

5. Run aMule from desktop or shell
6. Go to "Preferences"
Enable "Accept External Connections"
Enter a password for External Connections. This is for external programs like amulecmd and amulegui
Enable "Run amuleweb on startup"
Type a password into "Full right" field. This is the password that you want to type when you login
7. Restart aMule in order to make the changes to take effect.
8. Remember to open 4711 port of the firewall so that you can open aMuleWeb in a browser by entering the URL, http://ip:4711

To handle RAR files on CentOS


yum install rar unrar

After installing the two packages, your default archive manager will support RAR format

Set an alarm at a specified time on CentOS


at 23:00 2005-09-15
at> /usr/local/bin/alarm
at> ..
at> # multiple commands can be executed at same time
at> ..
at> <EOT> # pressing CTRL + D means save and exit


atq #lists the user's pending jobs


ERROR 400: Bad Request while MoBlock try to wget level1.gz list

This is caused by the server for that list not working with wget's time-stamping option ( parameter -n )
A workaround is to update the list manually without time-stamping:

cd /var/spool/moblock/cache/dl/
wget http://www.bluetack.co.uk/config/level1.gz

then run the guardian.p2p rebuild process

Rebuild the blocklist of MoBlock on CentOS


# stop service first
/sbin/service moblock stop
#after updating /etc/moblock/lists or whitelist
/etc/cron.daily/moblock reload
#start MoBlock
/sbin/service moblock start


Add an ip or a range to the whitelist of MoBlock on CentOS

1. if there's an IP address you need to whitelist, find the entry in /etc/moblock/guarding.p2p, for example:

FooBar, inc:192.0.34.164-192.0.34.168

2. you need to make a basic regular expression for grep from this line and put it in /etc/moblock/whitelist. To match the exact line, you need to put a backslash (\) before every metacharacter (\, ., ^, $, [) and put a caret ^ at the beginning and a dollar sign $ at the end. In this example, a valid expression is:

^FooBar, inc:192\.0\.34\.164-192\.0\.34\.168$

see the manpages for grep for more information.

Install PeerGuardian Linux on CentOS

1. yum install libnfnetlink-devel
2. download latest libnetfilter_queue from http://www.netfilter.org/projects/libnetfilter_queue/downloads.html
3. tar -jxvf libnetfilter_queue-0.0.13.tar.bz2
4. change to the directory where you extracted the file then execute

./configure
make
make install

5. mv /usr/local/lib/libnetfilter_queue* /usr/lib
6. download MoBlock from http://moblock.berlios.de/
7. tar -jxvf MoBlock-0.8-i586.tar.bz2
8. in the directory where you extracted the files, build MoBlock with:

make
make install

9. mkdir /etc/moblock
10. vi /etc/moblock/lists

# find various blocklist from
# http://www.bluetack.co.uk/forums/index.php?act=dscriptca&CODE=viewcat&cat_id=4
http://www.bluetack.co.uk/config/level1.gz

11. touch /etc/moblock/whitelist
12. vi /etc/init.d/moblock ( edit the WHITE_... variables to whitelist certain ports. )

#!/bin/sh
#
# moblock This shellscript takes care of starting and stopping moblock.
#
# chkconfig: 345 30 70
# description: MoBlock is a application that enables you to block internet \
# traffic based on large lists of ip address ranges in order to \
# protect your privacy.
# processname: moblock
#

ACTIVATE_CHAINS=1
MODE="nfq"
WHITE_TCP_IN=""
WHITE_UDP_IN=""
WHITE_TCP_OUT="21 22 80 110 443"
WHITE_UDP_OUT="123"
WHITE_TCP_FORWARD=""
WHITE_UDP_FORWARD=""

PIDF="/var/run/moblock.pid"
LIST="/etc/moblock/guarding.p2p"
PRG="moblock"
LOG="/var/log/$PRG"
BIN="/usr/bin/$PRG"
CMD="$BIN -p $LIST $LOG >/dev/null &"


# Source function library.
. /etc/rc.d/init.d/functions


fail () {
failure "$2"
echo
[ -n "$1" ] && echo "$1"
}

iptables_init () {
if [ $MODE == "ipq" ]; then
modprobe ip_queue
TARGET="QUEUE"
elif [ $MODE == "nfq" ]; then
modprobe ipt_NFQUEUE
TARGET="NFQUEUE"
fi;
modprobe ipt_state
iptables -N MOBLOCK_IN
iptables -N MOBLOCK_OUT
iptables -N MOBLOCK_FW
if [ $ACTIVATE_CHAINS -eq 1 ]; then
iptables -I INPUT -p all -m state --state NEW -j MOBLOCK_IN
iptables -I OUTPUT -p all -m state --state NEW -j MOBLOCK_OUT
iptables -I FORWARD -p all -m state --state NEW -j MOBLOCK_FW
fi;
iptables -I MOBLOCK_IN -p all -j $TARGET
iptables -I MOBLOCK_OUT -p all -j $TARGET
iptables -I MOBLOCK_FW -p all -j $TARGET

for PORT in $WHITE_TCP_OUT; do
iptables -I MOBLOCK_OUT -p tcp --dport $PORT -j ACCEPT
done
for PORT in $WHITE_UDP_OUT; do
iptables -I MOBLOCK_OUT -p udp --dport $PORT -j ACCEPT
done

for PORT in $WHITE_TCP_IN; do
iptables -I MOBLOCK_IN -p tcp --dport $PORT -j ACCEPT
done
for PORT in $WHITE_UDP_IN; do
iptables -I MOBLOCK_IN -p udp --dport $PORT -j ACCEPT
done

for PORT in $WHITE_TCP_FORWARD; do
iptables -I MOBLOCK_FW -p tcp --dport $PORT -j ACCEPT
done
for PORT in $WHITE_UDP_FORWARD; do
iptables -I MOBLOCK_FW -p udp --dport $PORT -j ACCEPT
done

# Loopback traffic fix
iptables -I INPUT -p all -i lo -j ACCEPT
iptables -I OUTPUT -p all -o lo -j ACCEPT
}

iptables_reset () {
if [ $ACTIVATE_CHAINS -eq 1 ]; then
iptables -D INPUT -p all -m state --state NEW -j MOBLOCK_IN
iptables -D OUTPUT -p all -m state --state NEW -j MOBLOCK_OUT
iptables -D FORWARD -p all -m state --state NEW -j MOBLOCK_FW
fi;
iptables -D INPUT -p all -i lo -j ACCEPT
iptables -D OUTPUT -p all -o lo -j ACCEPT
iptables -F MOBLOCK_IN
iptables -X MOBLOCK_IN
iptables -F MOBLOCK_OUT
iptables -X MOBLOCK_OUT
iptables -F MOBLOCK_FW
iptables -X MOBLOCK_FW
}

start () {
echo -n $"Starting MoBlock: "
if ! [ -x $BIN ]; then
fail "Can't execute $BIN" "$PRG startup"
return 1
fi;
if ! [ -f $LIST ]; then
fail "Can't find $LIST" "$PRG startup"
return 1
fi;
if [ -f $PIDF ]; then
PID=`cat $PIDF`
if ps -p $PID >/dev/null; then
fail "$PIDF exists and $PRG is running." "$PRG startup"
return 1
fi;
fi;
iptables_init
daemon "$CMD"
RETVAL=$?
echo
return $RETVAL
}

stop () {
echo -n $"Stopping MoBlock: "
killproc -p "$PIDF" "$PRG"
RETVAL=$?
echo
if ! pidof "$PRG"; then
iptables_reset 2>/dev/null 1>&2
fi;
return $RETVAL
}

case "$1" in
start)
start
;;
stop)
stop
;;
reload)
if [ -f $PIDF ]; then
kill -HUP `cat $PIDF`
RETVAL=$?
fi
;;
restart)
stop
start
RETVAL=$?
;;
condrestart)
# restart only if already running
if [ -f $PIDF ]; then
stop
start
RETVAL=$?
fi
;;
status)
status $PRG
RETVAL=$?
;;
top)
if [ -f $PIDF ]; then
a=""
for i in `pidof $PRG`; do
a="$a -p $i"
done
top $a
fi
;;
*)
echo $"Usage: $0 {start|stop|reload|restart|condrestart|status|top}"
exit 1
esac

exit $RETVAL

13. chmod +x /etc/init.d/moblock
14. vi /etc/cron.daily/moblock

#!/bin/bash

LURLS="/etc/moblock/lists"
WLIST="/etc/moblock/whitelist"
LIST="/etc/moblock/guarding.p2p"

CACHE="/var/spool/moblock/cache"
FMD5=".md5sum"
DLDIR="dl"

RELOADCMD="/sbin/service moblock reload"

acat () {
while read -r -d $'\0' fn; do
if [ "$(head -c 2 "$fn")" = $'\x1f\x8b' ]; then
gunzip -c "$fn"
elif [ "$(head -c 4 "$fn")" = $'\x50\x4b\x03\x04' ]; then
unzip -p "$fn"
else
cat "$fn"
fi
done
}

download () {
MD5SUM=`md5sum "$LURLS" | cut -c -32`
if [ -f "./$FMD5" ]; then
if [ `cat "$FMD5"` != $MD5SUM ]; then
# The list source file has changed.
# Clean the dl directory.
rm "./$DLDIR"/*
fi;
elif [ `ls -A . | wc -l` -gt 0 ]; then
# There's no md5 file, but the directory is not empty.
# Something's wrong, bail out.
echo "$(pwd) is not empty." >/dev/stderr
exit 1
fi;
echo $MD5SUM >"./$FMD5"
wget -nv -N -t 3 -w 1 -T 120 -P "./$DLDIR" -i "$LURLS"
}

reload () {
find "./$DLDIR" -type f -print0 | acat | dos2unix | nice uniq | \
(nice grep -a -v -f "$WLIST" 2>/dev/null || cat) >"$LIST"
$RELOADCMD
}

if ! [ -f "$LURLS" ]; then
echo "Can't find $LURLS" >/dev/stderr
exit 1
fi;
mkdir -p "$CACHE"
pushd "$CACHE" >/dev/null || exit 1
case "$1" in
reload | nodownload)
reload
;;
'' | download)
download
reload
;;
*)
echo $"Usage: $0 [reload]"
exit 1
esac
popd >/dev/null

15. chmod +x /etc/cron.daily/moblock
16. before you can start the MoBlock service, you need to download the lists first

/etc/cron.daily/moblock

17. make MoBlock to start on boot

/sbin/chkconfig --add moblock

18. to control the MoBlock service, use service moblock command, where command is one of the following:
* start – start MoBlock.
* stop – stop MoBlock.
* reload – reload the blocklist, reset the stats and reopen the log file.
* restart – restart MoBlock. Note that this will start MoBlock even if it was not already running.
* condrestart – restart MoBlock if it is already running.
* status – show whether MoBlock is running or not.
* top – show MoBlock's CPU usage, memory usage, etc.

Add firewall rules for aMule in order to get a HighID on CentOS

1. Insert iptables rules:

/sbin/iptables -I RH-Firewall-1-INPUT -p tcp --dport 4662 -j ACCEPT
/sbin/iptables -I RH-Firewall-1-INPUT -p udp --dport 4665 -j ACCEPT
/sbin/iptables -I RH-Firewall-1-INPUT -p udp --dport 4672 -j ACCEPT

2. Get the rules saved to /etc/sysconfig/iptables using iptables-save

/sbin/service iptables save

3. Restart iptables

/etc/init.d/iptables restart


Use ddclient to update dyndns automatically on CentOS

vi /etc/ddclient/ddclient.conf
some parameters have to be uncommented and set


use=web # via web
login= # default login
password= # default password

##
## dyndns.org dynamic addresses
##
## (supports variables: wildcard,mx,backupmx)
##
server=members.dyndns.org, \
protocol=dyndns2 \
yours.dyndns.org

/etc/rc.d/init.d/ddclient {start|stop|restart|status}

Set up an mp3 alarm on CentOS

1. Make sure the user who will run the alarm is not in /etc/cron.deny
2. Log in as the user then type crontab -e for editing his cron entry
# dom = Day of Month
# dow = Day of Week
# m h dom mon dow command
42 07 * * 1-5 /usr/local/bin/alarm
3. vi /usr/local/bin/alarm

# run xterm to execute mplayer in another window
# with the parameter, display 0 you can quit playing easily,
# the parameter -loop 0 means repeat forever.
/usr/bin/xterm -display :0 -bg black -fg white \
-e /usr/local/mplayer -loop 0 filename.mp3


/usr/bin/mplayer -loop 0 filename.mp3

4. Remember to give permission of execution to alarm
chmod 7xx alarm

5. An easy way to stop playing, use the command pkill

pkill mplayer


Fonts of wine disappear on CentOS

Install Microsoft's TrueType core fonts

1. Make sure you have the following rpm-packages installed
# rpm-build
# wget
# ttmkfdir
# cabextract

2. Set up an rpm build environment in your home directory by adding the line %_topdir %(echo $HOME)/rpmbuild to your $HOME/.rpmmacros and create the directories $HOME/rpmbuild/BUILD and $HOME/rpmbuild/RPMS/noarch

3.
# Build the binary rpm
rpmbuild -bb msttcorefonts-2.0-1.spec
# Install the newly built rpm (you will need to be root):
rpm -ivh $HOME/rpmbuild/RPMS/noarch/msttcorefonts-2.0-1.noarch.rpm
# Reload the X font server
/sbin/service xfs reload

Set vncserver on CentOS

1. vi /etc/sysconfig/vncservers
uncomment # VNCSERVERS="2:myusername"
2. locally log in the user you want to connect via vnc then type vncpasswd
3. vi /home/$user/.vnc/xstartup
replace "twm &" with "exec gnome-session &"
4. allow the vnc tcp port of firewall, display 2 is equal to port 5902

change default boot mode on CentOS

vi /etc/inittab

id:X:initdefault:

( fc-cache ) failed to write cache

/usr/share/fonts: failed to write cache
/usr/share/fonts/encodings/large: failed to write cache
/usr/X11/share/fonts: failed to write cache
/usr/X11/share/fonts/encodings/large: failed to write

"touch" each folder to solve it