How to recover data from bad sector Hard Disks

Recovering files from a bad sector hard disk is not an easy job especially the files allocated in bad sectors are not readable and also recovering the corrupted files are time consuming. In this tutor, I use a freeware called Unstoppable copier which is simple and compact program that truly recovers every byte of information that is available for recovery. Directly recovering files from within Windows is not suggested using the above freeware since some file contents might not be readable. Instead using this freeware in a virtual OS or DOS mode gives full advantage over the hard disk.

1. Download Hiren's BootCD and extract the archive and Burn the image file to a CD.

2. Boot your PC with Hiren's BootCD by setting boot priority in BIOS menu.

3. Select and Enter the option "Mini Windows XP" from the menu.

4. Click Start > HBCD Menu.

5. Click Programs > Backup > Unstoppable Copier.

6. Navigate to Settings tab and move the slider to the extreme left corner for best data recovery.

(OR) Move the slider to the extreme right for the fastest data recovery and put a tick mark in Auto skip Damaged files for recovering only undamaged files.

7. After adjusting the desired settings navigate to Copy tab and select the Source (corrupted hard disk drives) and Target (external storage device/Physical drive2) and finally click Copy button.

8. Based on the settings and file contents the transfer speed may differ.

9. You can check the number of corrupt files and skipped files after the completion of process.

10. Once you have finished recovering all your partitions/drives, close this window and restart your PC and then eject the CD out.

Continue reading How to recover data from bad sector Hard Disks

IDM is not working in firefox - Solved

If you are using old version of Internet Download Manager plugin in New version of Firefox, IDM may or may not work properly. To fix this follow these simple steps.....

Solution:

1] Open your Firefox browser and download idmmzcc.xpi file.

2] Now open this file using your Firefox browser.

Note: If Firefox is not listed in open with box, click Browse button and go to C:\Program files\Mozilla firefox and select Firefox.exe file.

3] Now the Install Add-ons popup dialogue box appears within few seconds and click Ok to install the IDM CC Add-on plugin.

4] After the installation is complete, Restart the Firefox.

Continue reading IDM is not working in firefox - Solved

Most Frequently Used Linux IPTables Rules Examples

These examples will act as a basic templates for you to tweak these rules to suite your specific requirement.
For easy reference, all these 25 iptables rules are in shell script format: iptables-rules

1. Delete Existing Rules

Before you start building new set of rules, you might want to clean-up all the default rules, and existing rules. Use the iptables flush command as shown below to do this.

iptables -F                                                               
(or)                                                                      
iptables --flush                                                          

2. Set Default Chain Policies

The default chain policy is ACCEPT. Change this to DROP for all INPUT, FORWARD, and OUTPUT chains as shown below.

iptables -P INPUT DROP                                                    
iptables -P FORWARD DROP                                                  
iptables -P OUTPUT DROP                                                   

When you make both INPUT, and OUTPUT chain’s default policy as DROP, for every firewall rule requirement you have, you should define two rules. i.e one for incoming and one for outgoing.

In all our examples below, we have two rules for each scenario, as we’ve set DROP as default policy for both INPUT and OUTPUT chain.
If you trust your internal users, you can omit the last line above. i.e Do not DROP all outgoing packets by default. In that case, for every firewall rule requirement you have, you just have to define only one rule. i.e define rule only for incoming, as the outgoing is ACCEPT for all packets.
Note: If you don’t know what a chain means, you should first familiarize yourself with the IPTables fundamentals.

3. Block a Specific ip-address

Before we proceed further will other examples, if you want to block a specific ip-address, you should do that first as shown below. Change the “x.x.x.x” in the following example to the specific ip-address that you like to block.

BLOCK_THIS_IP="x.x.x.x"                                                     
iptables -A INPUT -s "$BLOCK_THIS_IP" -j DROP                               

This is helpful when you find some strange activities from a specific ip-address in your log files, and you want to temporarily block that ip-address while you do further research.
You can also use one of the following variations, which blocks only TCP traffic on eth0 connection for this ip-address.

iptables -A INPUT -i eth0 -s "$BLOCK_THIS_IP" -j DROP                       
iptables -A INPUT -i eth0 -p tcp -s "$BLOCK_THIS_IP" -j DROP                

4. Allow ALL Incoming SSH

The following rules allow ALL incoming ssh connections on eth0 interface.

iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT   

Note: If you like to understand exactly what each and every one of the arguments means, you should read How to Add IPTables Firewall Rules

5. Allow Incoming SSH only from a Sepcific Network

The following rules allow incoming ssh connections only from 192.168.100.X network.

iptables -A INPUT -i eth0 -p tcp -s 192.168.100.0/24 --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT                       

In the above example, instead of /24, you can also use the full subnet mask. i.e “192.168.100.0/255.255.255.0″.

6. Allow Incoming HTTP and HTTPS

The following rules allow all incoming web traffic. i.e HTTP traffic to port 80.

iptables -A INPUT -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT   

The following rules allow all incoming secure web traffic. i.e HTTPS traffic to port 443.

iptables -A INPUT -i eth0 -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT   

7. Combine Multiple Rules Together using MultiPorts

When you are allowing incoming connections from outside world to multiple ports, instead of writing individual rules for each and every port, you can combine them together using the multiport extension as shown below.
The following example allows all incoming SSH, HTTP and HTTPS traffic.

iptables -A INPUT -i eth0 -p tcp -m multiport --dports 22,80,443 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp -m multiport --sports 22,80,443 -m state --state ESTABLISHED -j ACCEPT   

8. Allow Outgoing SSH

The following rules allow outgoing ssh connection. i.e When you ssh from inside to an outside server.

iptables -A OUTPUT -o eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT     

Please note that this is slightly different than the incoming rule. i.e We allow both the NEW and ESTABLISHED state on the OUTPUT chain, and only ESTABLISHED state on the INPUT chain. For the incoming rule, it is vice versa.

9. Allow Outgoing SSH only to a Specific Network

The following rules allow outgoing ssh connection only to a specific network. i.e You an ssh only to 192.168.100.0/24 network from the inside.

iptables -A OUTPUT -o eth0 -p tcp -d 192.168.100.0/24 --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT                         

10. Allow Outgoing HTTPS

The following rules allow outgoing secure web traffic. This is helpful when you want to allow internet traffic for your users. On servers, these rules are also helpful when you want to use wget to download some files from outside.

iptables -A OUTPUT -o eth0 -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT     

Note: For outgoing HTTP web traffic, add two additional rules like the above, and change 443 to 80.

11. Load Balance Incoming Web Traffic

You can also load balance your incoming web traffic using iptables firewall rules.
This uses the iptables nth extension. The following example load balances the HTTPS traffic to three different ip-address. For every 3th packet, it is load balanced to the appropriate server (using the counter 0).

iptables -A PREROUTING -i eth0 -p tcp --dport 443 -m state --state NEW -m nth --counter 0 --every 3 --packet 0 -j DNAT --to-destination 192.168.1.101:443
iptables -A PREROUTING -i eth0 -p tcp --dport 443 -m state --state NEW -m nth --counter 0 --every 3 --packet 1 -j DNAT --to-destination 192.168.1.102:443
iptables -A PREROUTING -i eth0 -p tcp --dport 443 -m state --state NEW -m nth --counter 0 --every 3 --packet 2 -j DNAT --to-destination 192.168.1.103:443

12. Allow Ping from Outside to Inside

The following rules allow outside users to be able to ping your servers.

iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT                     
iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT                      

13. Allow Ping from Inside to Outside

The following rules allow you to ping from inside to any of the outside servers.

iptables -A OUTPUT -p icmp --icmp-type echo-request -j ACCEPT                    
iptables -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT                       

14. Allow Loopback Access

You should allow full loopback access on your servers. i.e access using 127.0.0.1

iptables -A INPUT -i lo -j ACCEPT                                                
iptables -A OUTPUT -o lo -j ACCEPT                                               

15. Allow Internal Network to External network.

On the firewall server where one ethernet card is connected to the external, and another ethernet card connected to the internal servers, use the following rules to allow internal network talk to external network.
In this example, eth1 is connected to external network (internet), and eth0 is connected to internal network (For example: 192.168.1.x).

iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT                                    

16. Allow outbound DNS

The following rules allow outgoing DNS connections.

iptables -A OUTPUT -p udp -o eth0 --dport 53 -j ACCEPT                           
iptables -A INPUT -p udp -i eth0 --sport 53 -j ACCEPT                            

17. Allow NIS Connections

If you are running NIS to manage your user accounts, you should allow the NIS connections. Even when the SSH connection is allowed, if you don’t allow the NIS related ypbind connections, users will not be able to login.
The NIS ports are dynamic. i.e When the ypbind starts it allocates the ports.
First do a rpcinfo -p as shown below and get the port numbers. In this example, it was using port 853 and 850.

rpcinfo -p | grep ypbind                                                         

Now allow incoming connection to the port 111, and the ports that were used by ypbind.

iptables -A INPUT -p tcp --dport 111 -j ACCEPT                                   
iptables -A INPUT -p udp --dport 111 -j ACCEPT                                   
iptables -A INPUT -p tcp --dport 853 -j ACCEPT                                   
iptables -A INPUT -p udp --dport 853 -j ACCEPT                                   
iptables -A INPUT -p tcp --dport 850 -j ACCEPT                                   
iptables -A INPUT -p udp --dport 850 -j ACCEPT                                   

The above will not work when you restart the ypbind, as it will have different port numbers that time.
There are two solutions to this: 1) Use static ip-address for your NIS, or 2) Use some clever shell scripting techniques to automatically grab the dynamic port number from the “rpcinfo -p” command output, and use those in the above iptables rules.

18. Allow Rsync From a Specific Network

The following rules allows rsync only from a specific network.

iptables -A INPUT -i eth0 -p tcp -s 192.168.101.0/24 --dport 873 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 873 -m state --state ESTABLISHED -j ACCEPT                       

19. Allow MySQL connection only from a specific network

If you are running MySQL, typically you don’t want to allow direct connection from outside. In most cases, you might have web server running on the same server where the MySQL database runs.
However DBA and developers might need to login directly to the MySQL from their laptop and desktop using MySQL client. In those case, you might want to allow your internal network to talk to the MySQL directly as shown below.

iptables -A INPUT -i eth0 -p tcp -s 192.168.100.0/24 --dport 3306 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 3306 -m state --state ESTABLISHED -j ACCEPT                       

20. Allow Sendmail or Postfix Traffic

The following rules allow mail traffic. It may be sendmail or postfix.

iptables -A INPUT -i eth0 -p tcp --dport 25 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 25 -m state --state ESTABLISHED -j ACCEPT   

21. Allow IMAP and IMAPS

The following rules allow IMAP/IMAP2 traffic.

iptables -A INPUT -i eth0 -p tcp --dport 143 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 143 -m state --state ESTABLISHED -j ACCEPT   

The following rules allow IMAPS traffic.

iptables -A INPUT -i eth0 -p tcp --dport 993 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 993 -m state --state ESTABLISHED -j ACCEPT   

22. Allow POP3 and POP3S

The following rules allow POP3 access.

iptables -A INPUT -i eth0 -p tcp --dport 110 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 110 -m state --state ESTABLISHED -j ACCEPT   

The following rules allow POP3S access.

iptables -A INPUT -i eth0 -p tcp --dport 995 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 995 -m state --state ESTABLISHED -j ACCEPT   

23. Prevent DoS Attack

The following iptables rule will help you prevent the Denial of Service (DoS) attack on your webserver.

iptables -A INPUT -p tcp --dport 80 -m limit --limit 25/minute --limit-burst 100 -j ACCEPT

In the above example:

• -m limit: This uses the limit iptables extension
• –limit 25/minute: This limits only maximum of 25 connection per minute. Change this value based on your specific requirement
• –limit-burst 100: This value indicates that the limit/minute will be enforced only after the total number of connection have reached the limit-burst level.

24. Port Forwarding

The following example routes all traffic that comes to the port 442 to 22. This means that the incoming ssh connection can come from both port 22 and 422.

iptables -t nat -A PREROUTING -p tcp -d 192.168.102.37 --dport 422 -j DNAT --to 192.168.102.37:22

If you do the above, you also need to explicitly allow incoming connection on the port 422.

iptables -A INPUT -i eth0 -p tcp --dport 422 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 422 -m state --state ESTABLISHED -j ACCEPT   

25. Log Dropped Packets

You might also want to log all the dropped packets. These rules should be at the bottom.
First, create a new chain called LOGGING.

iptables -N LOGGING                                                                    

Next, make sure all the remaining incoming connections jump to the LOGGING chain as shown below.

iptables -A INPUT -j LOGGING                                                           

Next, log these packets by specifying a custom “log-prefix”.

iptables -A LOGGING -m limit --limit 2/min -j LOG --log-prefix "IPTables Packet Dropped: " --log-level 7

Finally, drop these packets.

iptables -A LOGGING -j DROP                                                                             

Continue reading Most Frequently Used Linux IPTables Rules Examples

Use your Samsung Galaxy Y as Internet Access Point

One of the cool features of the Samsung Galaxy Y that is not to be found in other and older Galaxy smartphones in its class is the ability to share it's 3G internet connection to other Wi-Fi enabled devices like laptops, tablets and smartphones. This feature is commonly found on higher end Samsung Galaxy tabletss and smartphones but it is a nice treat from Samsung to have it included in this entry level Android phone.

I had a previous post of similar topic in this blog but that one deals with the Samsung Galaxy Tab. Since the naming of the feature in the menu is vastly different from that of Samsung Galaxy Tab, I took the liberty to post this one specifically for the Samsung Galaxy Y.

Having a personal Wi-Fi hotspot in your possession wherever you go offers lots of convenience to people who prefer using their laptop in browsing the internet and reading and sending email, in the absence of Wi-Fi access points in their location or even at home without regular internet  connection.

Once you activate the feature, other people can connect to your Samsung Galaxy Y and use its 3G internet connection to browse the Internet. The only downside of this feature is the maximum number of concurrent users which is set to 5 only.

To make sure that only people whom you authorize to connect will be able to use the service, you have the option to set WPA-PSK security in your device. meaning, you can set a passphrase or password which you can share with your users prior to connection just like in a dedicated Wi-Fi router/access point.

The procedure is very simple and outlined below:

1. Go to "Settings" and tap on "Wireless and Networks",

2. Tap on "Tethering and portable hotspot",

3. Tap to check the "Portable Wi-Fi Hostspot",

4. As soon as you see the "Portable Wi-Fi- hotspot AndroidAP7711 active" below the "Portable Wi-Fi hotpsot, you and your users can already connect to the Galaxy Y Access Point using your various devices but in this instance, the connection is "Open" and unsecured. What you have to do to enable security is  tap on the "Configure Portable Wi-Fi hotspot" after which you will have the option of setting your own Network SSID or leave the default "AndroidAP7711". Click on "security" below the Network SSID and choose WPA2 PSK in the dropdown list. Input your password or passphrase and you're good to go.

 By the way, before you do the above-mentioned things, make sure that your phone has enough load credits if you are on prepaid cellular service and that your network's APN is properly configured to browse over 3G. If you can browse the internet on your Galaxy Y prior to setting up the Access Point, then you will have no problem. If you cannot access the internet, check on your 'Mobile Networks Settings" and see if the "Use Packet Data" is checked or activated. This setting determines your phones capability to access the internet given enough  load credits and proper APN configuration.

In my case, prior to doing these things, I subscribe first to a day's unlimited internet with my Mobile Network or cellular provider to enjoy unhampered browsing with my pals and family members.

Continue reading Use your Samsung Galaxy Y as Internet Access Point

Snmpd filling up /var/log/messages

At work we have a central monitoring system for servers called Cacti, this uses standard snmp connections to servers to get their status, disk usage, CPU performance.

On my CentOS linux servers the standard snmpd daemon works well with Solarwinds but the monitoring server seems to make a lot of connections to the system and each one gets logged via the syslog daemon to /var/log/messages giving rise to lots of lines saying things like

snmpd[345435]: Connection from UDP: [10.225.46.136]:135                

last message repeated 8 times
last message repeated 13 times

These are only information messages saying a connection has been established. This is rather annoying when you are trying to read other things in /var/log/messages. The way to turn off these messages is to change the logging options of the snmpd daemons.
On Redhat ( and Ubuntu) the default logging ( the -L options ) show:–

-Ls d

Meaning log to syslog using the facility of daemon ( see syslogd and syslog.conf for more information on what that means in detail, for now suffice it to say it means all messages are written to /var/log/messages ).
The man pages for snmpcmd ( common to all net-snmp programmes ) explain you can set this to only log messages above a certain priority.
Using priorities 0-4 means warning messages, errors, alerts and critical etc messages are logged but notice info and debug level messages are ignored.
The manual pages are not that clear, to me at least at first, hence this blog.
So if we change the -Ls d to the following this will stop those messages but still allow important messages to get through:–

LS 0-4 d

The capital S is crucial to the syntax.
So where and how do we set these options? Well the snmpd daemon is started by a standard init script /etc/init.d/snmpd
In both RHEL5 and Ubuntu the scripts have some default options but also read in settings from a config file. In Ubuntu the relevant portion of the script is:-

SNMPDOPTS=’-Lsd -Lf /dev/null -p /var/run/snmpd.pid’
TRAPDRUN=no
TRAPDOPTS=’-Lsd -p /var/run/snmptrapd.pid’
#Reads config file (will override defaults above)
[ -r /etc/default/snmpd] && . /etc/default/snmpd

So this sets the variable SNMPDOPTS to the default value and then if the file /etc/default/snmpd is readable it “sources” the content of that file.
Thus if /etc/default/snmpd contains the line

SNMPDOPTS='-LS 0-4 d -Lf /dev/null -p /var/run/snmpd.pid'

Then stopping and starting the snmpd daemon will make it run with the new logging options we want.

sudo /etc/init.d/snmpd restart

In RHEL5 the equivalent file is /etc/snmp/snmpd.options and the equivalent variable is OPTIONS rather than SNMPDOPTS
Now there could be security implications to not recording the IP address of every SNMP request on your server in case some other system is connecting that shouldn’t be, but there are ways with community strings and other authentication options for SNMP to reduce the risk of that.
All in all the I think the risk of missing an important message in /var/log/messages outweighs the risks from not logging the snmpd messages.

Continue reading Snmpd filling up /var/log/messages

shell-init: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory

Hey Guys,

If you facing issue " shell-init: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory " for restarting service whaterver mysql,httpd,etc,

just do "cd or cd / " on console

it will resolved.

[root@domU-taging]# /etc/init.d/mysqld restart
shell-init: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory
Stopping MySQL: [ OK ]
Starting MySQL: [ OK ]

[root@domU-taging]# cd

[root@domU- ~]# /etc/init.d/mysqld restart
Stopping MySQL: [ OK ]
Starting MySQL: [ OK ]

cool.;)

Continue reading shell-init: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory

Using Mutt to send email

Mutt is a popular email client (MUA) which is common on Linux systems.

Given below are some how-tos on basic uses of mutt. For all UNIX utilities, the "man pages" are your best bet to learn them. I’ve just documented some popular uses of mutt. Refer the "man pages" for a more comprehensive understanding of mutt. The commands below have been tested on Red Hat Enterprise Linux 4.0 AS Update 7 with mutt v1.4.1i, unless otherwise stated.

HOW-TO 1: Send email with blank/empty body

mutt -s "Test email" testmail@abc.com < /dev/null
#
# where:
# -s => Subject
# testmail@abc.com => recipient's email address
#

HOW-TO 2: Send email with body read from a file

mutt -s "Test email" testmail@abc.com < email_body.txt
#
# where:
# -s => Subject
# testmail@abc.com => recipient's email address
# email_body.txt => file containing message body
#

HOW-TO 3: Send email with a customized sender name and email address

# The .muttrc file is Mutt's configuration file. It's default location is the $HOME directory.
# If you locate it elsewhere, specify its location with the '-F' flag.
# Add the following to the .muttrc file:
set realname="Joe Bloggs"
set from="noreply@jb.com"
set use_from=yes
#
# where:
# realname => Sender's name as it appears in the recipient's mail inbox.
# from => the "reply-to" address
# 

After configuring .muttrc, send emails as per how-tos 1 and 2.

HOW-TO 4: Send attachment(s)

mutt -s "Test email" -a file1 -a file2 testmail@abc.com < /dev/null
#
# where:
# -s => Subject
# testmail@abc.com => recipient's email address
# file1 => first attachment
# file2 => second attachment
#

HOW-TO 5: Send HTML email

I know that the technical purists out there abhor HTML emails due to potential issues with accessibility and security, but hey, there’s no denying the fact that HTML-formatted emails are far more interesting to look at than plain-text email and are better at drawing your attention to specific information (ask the marketing guys and senior executives!). HTML-formatted emails are supported by Mutt versions 1.5 and higher. Here’s how you may send an HTML-formatted email using mutt v1.5.21:

mutt -e "set content_type=text/html" -s "Test email" testmail@abc.com < welcome.html
#
# where:
# -s => Subject
# testmail@abc.com => recipient's email address
# -e => command to execute
# content_type => email body MIME type
#

The MIME type multipart/alternative ensures your emails are received properly by both plain-text and HTML clients, but it does not work well with mutt at present.

Continue reading Using Mutt to send email

MySQL Table is marked as crashed and last (automatic?) repair failed

If you have a table in mysql that has crashed and your attempts to repair it using mysqlcheck have failed, then you may have to resort to the lower level myisamchk command.

To use this, you will need to stop the server process (usually service mysqld stop or /etc/init.d/mysqld stop) and then find the data files (usually in /var/lib/mysql/databasename).

You can then run the following command against the table:

myisamchk -r -v -f --sort_buffer_size=128M --key_buffer_size=128M /var/lib/mysql/database/table.MYI

Obviously replacing database/table with the correct database and table.

Continue reading MySQL Table is marked as crashed and last (automatic?) repair failed

CentOS: Install Yum

1. Login to your container/VPS via ssh as the root user. 2. Determine which version of CentOS you are running. cat /etc/redhat-release The output will be either: CentOS release 6.2 (Final) or: CentOS release 5.7 (Final) or: CentOS release 5.6 (Final) or: CentOS release 5.5 (Final) 3. Paste the commands for your CentOS version to your command line. CentOS 6.2: rpm -Uvh --nodeps http://mirror.ihug.co.nz/centos/6/os/$(uname -i)/Packages/yum-metadata-parser-1.1.2-16.el6.$(uname -i).rpm http://mirror.ihug.co.nz/centos/6/os/$(uname -i)/Packages/yum-plugin-fastestmirror-1.1.30-10.el6.noarch.rpm rpm -Uvh http://mirror.ihug.co.nz/centos/6/os/$(uname -i)/Packages/gpgme-1.1.8-3.el6.$(uname -i).rpm http://mirror.ihug.co.nz/centos/6/os/$(uname -i)/Packages/pygpgme-0.1-18.20090824bzr68.el6.$(uname -i).rpm http://mirror.ihug.co.nz/centos/6/os/$(uname -i)/Packages/python-iniparse-0.3.1-2.1.el6.noarch.rpm http://mirror.ihug.co.nz/centos/6/os/$(uname -i)/Packages/python-urlgrabber-3.9.1-8.el6.noarch.rpm http://mirror.ihug.co.nz/centos/6/os/$(uname -i)/Packages/python-pycurl-7.19.0-8.el6.$(uname -i).rpm http://mirror.ihug.co.nz/centos/6/os/$(uname -i)/Packages/rpm-python-4.8.0-19.el6.$(uname -i).rpm http://mirror.ihug.co.nz/centos/6/os/$(uname -i)/Packages/yum-3.2.29-22.el6.centos.noarch.rpm CentOS 5.7: rpm -Uvh --nodeps http://vault.centos.org/5.7/os/$(uname -i)/CentOS/yum-fastestmirror-1.1.16-16.el5.centos.noarch.rpm http://vault.centos.org/5.7/os/$(uname -i)/CentOS/yum-metadata-parser-1.1.2-3.el5.centos.$(uname -i).rpm rpm -Uvh http://vault.centos.org/5.7/os/$(uname -i)/CentOS/libxml2-2.6.26-2.1.12.$(uname -i).rpm http://vault.centos.org/5.7/os/$(uname -i)/CentOS/m2crypto-0.16-8.el5.$(uname -i).rpm http://vault.centos.org/5.7/os/$(uname -i)/CentOS/python-elementtree-1.2.6-5.$(uname -i).rpm http://vault.centos.org/5.7/os/$(uname -i)/CentOS/python-iniparse-0.2.3-4.el5.noarch.rpm http://vault.centos.org/5.7/os/$(uname -i)/CentOS/python-sqlite-1.1.7-1.2.1.$(uname -i).rpm http://vault.centos.org/5.7/os/$(uname -i)/CentOS/python-urlgrabber-3.1.0-6.el5.noarch.rpm http://vault.centos.org/5.7/updates/$(uname -i)/RPMS/rpm-python-4.4.2.3-22.el5_7.2.$(uname -i).rpm http://vault.centos.org/5.7/os/$(uname -i)/CentOS/yum-3.2.22-37.el5.centos.noarch.rpm CentOS 5.6: rpm -Uvh --nodeps http://vault.centos.org/5.6/os/$(uname -i)/CentOS/yum-fastestmirror-1.1.16-14.el5.centos.1.noarch.rpm http://vault.centos.org/5.6/os/$(uname -i)/CentOS/yum-metadata-parser-1.1.2-3.el5.centos.$(uname -i).rpm rpm -Uvh http://vault.centos.org/5.6/os/$(uname -i)/CentOS/libxml2-2.6.26-2.1.2.8.el5_5.1.$(uname -i).rpm http://vault.centos.org/5.6/os/$(uname -i)/CentOS/python-elementtree-1.2.6-5.$(uname -i).rpm http://vault.centos.org/5.6/os/$(uname -i)/CentOS/python-iniparse-0.2.3-4.el5.noarch.rpm http://vault.centos.org/5.6/os/$(uname -i)/CentOS/python-sqlite-1.1.7-1.2.1.$(uname -i).rpm http://vault.centos.org/5.6/os/$(uname -i)/CentOS/rpm-python-4.4.2.3-22.el5.$(uname -i).rpm http://vault.centos.org/5.6/os/$(uname -i)/CentOS/m2crypto-0.16-6.el5.8.$(uname -i).rpm http://vault.centos.org/5.6/os/$(uname -i)/CentOS/python-urlgrabber-3.1.0-6.el5.noarch.rpm http://vault.centos.org/5.6/os/$(uname -i)/CentOS/yum-3.2.22-33.el5.centos.noarch.rpm CentOS 5.5: rpm -Uvh --nodeps http://vault.centos.org/5.5/os/$(uname -i)/CentOS/yum-fastestmirror-1.1.16-14.el5.centos.1.noarch.rpm http://vault.centos.org/5.5/os/$(uname -i)/CentOS/yum-metadata-parser-1.1.2-3.el5.centos.$(uname -i).rpm rpm -Uvh http://vault.centos.org/5.5/updates/$(uname -i)/RPMS/libxml2-2.6.26-2.1.2.8.el5_5.1.$(uname -i).rpm http://vault.centos.org/5.5/os/$(uname -i)/CentOS/m2crypto-0.16-6.el5.6.$(uname -i).rpm http://vault.centos.org/5.5/os/$(uname -i)/CentOS/python-elementtree-1.2.6-5.$(uname -i).rpm http://vault.centos.org/5.5/os/$(uname -i)/CentOS/python-iniparse-0.2.3-4.el5.noarch.rpm http://vault.centos.org/5.5/os/$(uname -i)/CentOS/python-sqlite-1.1.7-1.2.1.$(uname -i).rpm http://vault.centos.org/5.5/os/$(uname -i)/CentOS/python-urlgrabber-3.1.0-5.el5.noarch.rpm http://vault.centos.org/5.5/updates/$(uname -i)/RPMS/rpm-python-4.4.2.3-20.el5_5.1.$(uname -i).rpm http://vault.centos.org/5.5/os/$(uname -i)/CentOS/yum-3.2.22-26.el5.centos.noarch.rpm

Continue reading CentOS: Install Yum

VOS3000 Installation Manual

How to install VOS3000 soft switch.

1- Install CentOS 5.5 or latest.
2- Choose minimum installation
3- Choose Server mode only don’t install KDE or GNOME.
4- Run the following command
   #yum update       (to update the CentOS)

5- Better to install webmin to manage CentOS remotely.

     # cd  /var
  # wget http://prdownloads.sourceforge.net/webadmin/webmin-1.530-1.noarch.rpm
  # rpm  -ivh  webmin-1.530-1.noarch.rpm 

After the installation open your browser and try to login i to webmin
 http://youripaddress:10000

Login  with root .  and update the webmin and update the operating systems .

6-  Disable the SELINUX mode
    # vi  /etc/sysconfig/selinux
    ---------------------------------------------------------------------------------------------------
          # This file controls the state of SELinux on the system.
    # SELINUX= can take one of these three values:
    # enforcing - SELinux security policy is enforced.
    # permissive - SELinux prints warnings instead of enforcing.
    # disabled - SELinux is fully disabled.
    SELINUX=disabled    # SELINUXTYPE= type of policy in use. Possible values are:
    # targeted - Only targeted network daemons are protected.
    # strict - Full SELinux protection.
    SELINUXTYPE=targeted
    # SETLOCALDEFS= Check local definition changes
    SETLOCALDEFS=0
------------------------------------------------------------------------------------------------

Save the file and exit

7   Check the iptables status of IPv4 and IPv6 to install VOS 3000 successfully disables the firewall

 Follow the below command   
#   /etc/init.d/iptables status
     This command will show IPtables is running or stop

#   /etc/init.d/iptables save
     This command will save the iptables (firewall rules)

#  /etc/init.d/iptables stop
   This command will stop the IPtables 

#   chkconfig iptables off
    This Command will disable the iptables services  

#  /etc/init.d/ip6tables status
  This command willl show IPtables is running or stop

#  /etc/init.d/ip6tables save
This command will save the iptables (firewall rules)

#  /etc/init.d/ip6tables stop
  This command will stop the IPtables 

#  chkconfig ip6tables off
This Command will disable the iptables services 

#  ca /etc/issue
# cat /etc/issue

Reboot the server and check the IPtables is off.
#  reboot

8-Install the dependency software’s for VOS 3000

                # cd /usr

      # tar xvf apache-tomcat-5.5.15.tar.gz

      # rpm -ivh perl-DBI-1.40-5.i386.rpm

      # rpm -ivh MySQL-server-community-5.0.51a-0.rhel4.i386.rpm

      # rpm -ivh MySQL-client-community-5.0.51a-0.rhel4.i386.rpm

      # rpm -ivh jdk-1_5_0_08-linux-i586.rpm

      # rpm -ivh emp-2.1.1-5.noarch.rpm

# rpm -ivh mbx3000-2.1.1-5.i586.rpm

      # rpm -ivh vos3000-2.1.1-5.i586.rpm

      # rpm -ivh ivr-2.1.1-5.i586.rpm

           Restart the VOS3000d Services

#  /etc/init.d/vos3000d restart

      # /etc/init.d/vos3000dall restart

      Restart the MySQL services

#  service mysql restart

Reboot the Server

Now VOS3000 Installation has done  

Procedure of License Installation of VOS3000

VOS3000 License require the Server IP address and MAC address

To get the IP address and MAC Address follow below

      #  ifconfig

      Link encap:Ethernet  HWaddr 00:0C:29:27:03:FD

inet addr:10.31.7.13  Bcast:10.31.7.255  Mask:255.255.255.0

  

Create a directory for VOS3000 License

      # cd /usr/kunshi

      # mkdir license

      # cd license

Copy the License  file here and make it executable

      # chmod 755 license.dat

      Now restart the MySQL Services

      # /etc/init.d/mysql restart

            Restart the VOS3000 Services

      # /etc/init.d/vos3000d

      # /etc/init.d/vos3000d  restart

      # /etc/init.d/vos3000dall  restart

      # /etc/init.d/mbx3000d restart

Now change the MySQL root Password

      # usr/bin/mysqladmin -u root password vos3000

Continue reading VOS3000 Installation Manual