Download the soruce from
http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-1.rhel5.1.i386.rpm
yum install -y ppp
wget http://poptop.sourceforge.net/yum/st...el5.1.i386.rpm
rpm -ivh pptpd-1.3.4-1.rhel5.1.i386.rpm
vi /etc/ppp/options.pptpd
ms-dns 208.67.222.222
ms-dns 208.67.220.220
vi /etc/ppp/chap-secrets
myusername pptpd mypassword *
vi /etc/pptpd.conf
localip 192.168.9.1
remoteip 192.168.9.11-30
vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
/sbin/sysctl -p
/sbin/service pptpd start
chkconfig pptpd on
/sbin/service iptables start
/sbin/iptables -t nat -A POSTROUTING -o eth0 -s 192.168.9.0/24 -j MASQUERADE
service iptables save
Saturday, November 7, 2009
Sunday, October 25, 2009
TUN support in hypervm Xen VM
In hyperVM the xen vm not showing TUN
to fix this
run this on the hypervm Xen node
# /script/fixxenkernel
Then login to the vm from the console
#xm console VM.vm
# lsmod | grep tun
If you do not see anything.
Restart the VM
again run this inside the vm
#lsmod | grep tun
tun 80705 2
if you see tun it means it's working fine.
Thanks
to fix this
run this on the hypervm Xen node
# /script/fixxenkernel
Then login to the vm from the console
#xm console VM.vm
# lsmod | grep tun
If you do not see anything.
Restart the VM
again run this inside the vm
#lsmod | grep tun
tun 80705 2
if you see tun it means it's working fine.
Thanks
Thursday, October 15, 2009
How do I install APF firewall into the VE?
How do I install APF firewall into the VE?
The installation of APF requires some additional steps to be taken on the hardware node.
1. First of all, you should define which iptables modules are available for VEs.
Edit /etc/sysconfig/iptables-config file on a Virtuozzo hardware node:
Edit /etc/sysconfig/vz file on a Virtuozzo hardware node:
Please note - iptables modules list in IPTABLES and IPTABLES_MODULES parameters in /etc/sysconfig/vz and /etc/sysconfig/iptables-config files should be placed in one single line, no linebreaks is allowed in this parameter.
Restart Virtuozzo. All VEs will be restarted.
2. Increase 'numiptent' parameter for the VE you need to install APF into. This parameter limits the amount of iptables rules available for a VE. Default APF configuration requires ~400 rules. Lets set it to 400 in the example below for VE #101:
3. Install APF inside the VE. Edit /etc/apf/conf.apf inside VE, set the following parameters:
4. Start APF inside the VE:
1. First of all, you should define which iptables modules are available for VEs.
Edit /etc/sysconfig/iptables-config file on a Virtuozzo hardware node:
IPTABLES_MODULES="ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp"Edit /etc/sysconfig/vz file on a Virtuozzo hardware node:
IPTABLES="ipt_REJECT
ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp"Please note - iptables modules list in IPTABLES and IPTABLES_MODULES parameters in /etc/sysconfig/vz and /etc/sysconfig/iptables-config files should be placed in one single line, no linebreaks is allowed in this parameter.
Restart Virtuozzo. All VEs will be restarted.
# service vz restart2. Increase 'numiptent' parameter for the VE you need to install APF into. This parameter limits the amount of iptables rules available for a VE. Default APF configuration requires ~400 rules. Lets set it to 400 in the example below for VE #101:
# vzctl set 101 --numiptent 400 --save3. Install APF inside the VE. Edit /etc/apf/conf.apf inside VE, set the following parameters:
IFACE_IN="venet0"
IFACE_OUT="venet0"
SET_MONOKERN="1"4. Start APF inside the VE:
# /etc/init.d/apf
Monday, September 28, 2009
How to enable TUN/TAP on openvz for a container
Login to the main node
First you have to check mod tun
by
#lsmod | grep tun
if you do not see anything then run
#modprobe tun
now again run
#lsmod | grep tun
you will see something like
tun 47872 0
#vzctl set VPSID --devices c:10:200:rw --save
#vzctl set VPSID --capability net_admin:on --save
#vzctl exec VPSID mkdir -p /dev/net
#vzctl exec VPSID mknod /dev/net/tun c 10 200
#vzctl exec VPSID chmod 600 /dev/net/tun
That's it.
:)
First you have to check mod tun
by
#lsmod | grep tun
if you do not see anything then run
#modprobe tun
now again run
#lsmod | grep tun
you will see something like
tun 47872 0
#vzctl set VPSID --devices c:10:200:rw --save
#vzctl set VPSID --capability net_admin:on --save
#vzctl exec VPSID mkdir -p /dev/net
#vzctl exec VPSID mknod /dev/net/tun c 10 200
#vzctl exec VPSID chmod 600 /dev/net/tun
That's it.
:)
Thursday, September 10, 2009
Restore backups in windows virtuozzo from one node to another
Dump all the c:\vz\backups folders to new server in c:\vz\backups
Then run vzbackupsync.exe at the command prompt. It will rsync the backup database in the system. Now you can restore the vps.
Good luck.
how to run rsync command remotely
I wanted to rsync the data from one node to other but I was frustrated by the rsync error of cod 12 at io.c 463. It was like this
[root@192.168.1.100]# rsync -racv -e "ssh -l root" /vz/private/130 192.168.1.1:/vz/private
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: error in rsync protocol data stream (code 12) at io.c(463) [sender=2.6.8]
Connection from 192.168.1.100 were giving errors while connecting to the 192.168.1.1
But the connection from 192.168.1.1 to 192.168.1.100 were fine. So I modified the command to trigger the backup from 192.168.1.1 to 192.168.1.100. Command exectuted at 192.168.1.1
[root@192.168.1.1]# rsync -racv -e "ssh -l root" 192.168.1.100:/vz/private/130 /vz/private
Now the data from 192.168.1.100 is dumping to the 192.168.1.1
Took sometime to find the resolution for code 12 but no results on yahoo or google. Will still look the resolution but till that time I running dump... lol
[root@192.168.1.100]# rsync -racv -e "ssh -l root" /vz/private/130 192.168.1.1:/vz/private
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: error in rsync protocol data stream (code 12) at io.c(463) [sender=2.6.8]
Connection from 192.168.1.100 were giving errors while connecting to the 192.168.1.1
But the connection from 192.168.1.1 to 192.168.1.100 were fine. So I modified the command to trigger the backup from 192.168.1.1 to 192.168.1.100. Command exectuted at 192.168.1.1
[root@192.168.1.1]# rsync -racv -e "ssh -l root" 192.168.1.100:/vz/private/130 /vz/private
Now the data from 192.168.1.100 is dumping to the 192.168.1.1
Took sometime to find the resolution for code 12 but no results on yahoo or google. Will still look the resolution but till that time I running dump... lol
how to tar gunzip untar folder in linux
How to tar gunzip untar the folders in linux
SSH to linux or login as root
make a test folder
#mkdir test
Now tar gunzip this folder by the name whatever
# tar -czf whatever.tar.gz test
Now remove the test folder which you gunzip tar.
#rm -fdr test
Now untar the whatever.tar.gz
#tar -zxvf whatever.tar.gz
Now you see test folder is there.
Enjoy!!!
SSH to linux or login as root
make a test folder
#mkdir test
Now tar gunzip this folder by the name whatever
# tar -czf whatever.tar.gz test
Now remove the test folder which you gunzip tar.
#rm -fdr test
Now untar the whatever.tar.gz
#tar -zxvf whatever.tar.gz
Now you see test folder is there.
Enjoy!!!
Tuesday, September 8, 2009
APF firewall settings for openvz
1. First of all, you should define which iptables modules are available for VEs.
Edit /etc/sysconfig/iptables-config file on a Virtuozzo hardware node:
Edit /etc/sysconfig/vz file on a Virtuozzo hardware node:
Please note - iptables modules list in IPTABLES and IPTABLES_MODULES parameters in /etc/sysconfig/vz and /etc/sysconfig/iptables-config files should be placed in one single line, no linebreaks is allowed in this parameter.
Restart Virtuozzo. All VEs will be restarted.
2. Increase 'numiptent' parameter for the VE you need to install APF into. This parameter limits the amount of iptables rules available for a VE. Default APF configuration requires ~400 rules. Lets set it to 400 in the example below for VE #101:
3. Install APF inside the VE. Edit /etc/apf/conf.apf inside VE, set the following parameters:
4. Start APF inside the VE:
Edit /etc/sysconfig/iptables-config file on a Virtuozzo hardware node:
IPTABLES_MODULES="ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp"Edit /etc/sysconfig/vz file on a Virtuozzo hardware node:
IPTABLES="ipt_REJECT
ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp"Please note - iptables modules list in IPTABLES and IPTABLES_MODULES parameters in /etc/sysconfig/vz and /etc/sysconfig/iptables-config files should be placed in one single line, no linebreaks is allowed in this parameter.
Restart Virtuozzo. All VEs will be restarted.
# service vz restart2. Increase 'numiptent' parameter for the VE you need to install APF into. This parameter limits the amount of iptables rules available for a VE. Default APF configuration requires ~400 rules. Lets set it to 400 in the example below for VE #101:
# vzctl set 101 --numiptent 400 --save3. Install APF inside the VE. Edit /etc/apf/conf.apf inside VE, set the following parameters:
IFACE_IN="venet0"
IFACE_OUT="venet0"
SET_MONOKERN="1"4. Start APF inside the VE:
# /etc/init.d/apf startThursday, April 2, 2009
Disaster recovery of Virtuozzo windows / linux node
In case of disaster recovery of VPS's running on windows and linux node.
I just did it on the windows...............................
1. Formatted the machine with windows server 2003 ENT edition.
2. Installed the Service pack2
3. Download the latest version of virtuozzo to the machine. Ran the installer.
4. It asked for the Windows i386 cd the same cd used for the installation.
5. Copied the folder
c:\vz\private
c:\vz\conf (do not overwrite 0.con , node.conf or 1.conf) let these file be of new installation.
Start the containers...
BANG BANG BANG !!!!
You are all set.
I just did it on the windows...............................
1. Formatted the machine with windows server 2003 ENT edition.
2. Installed the Service pack2
3. Download the latest version of virtuozzo to the machine. Ran the installer.
4. It asked for the Windows i386 cd the same cd used for the installation.
5. Copied the folder
c:\vz\private
c:\vz\conf (do not overwrite 0.con , node.conf or 1.conf) let these file be of new installation.
Start the containers...
BANG BANG BANG !!!!
You are all set.
Monday, March 16, 2009
Enable VPN on Linux openvz. TUN/TAP
Granting container an access to TUN/TAP
Here 101 is your VPS container ID which you have to replace with your vps id.
Allow your container to use the tun/tap device:
vzctl set 101 --devices c:10:200:rw --save
vzctl set 101 --capability net_admin:on --save
And create the character device file inside the container:
vzctl exec 101 mkdir -p /dev/net
vzctl exec 101 mknod /dev/net/tun c 10 200
vzctl exec 101 chmod 600 /dev/net/tun
EnJoY VPN on OPENVZ.
Here 101 is your VPS container ID which you have to replace with your vps id.
Allow your container to use the tun/tap device:
vzctl set 101 --devices c:10:200:rw --save
vzctl set 101 --capability net_admin:on --save
And create the character device file inside the container:
vzctl exec 101 mkdir -p /dev/net
vzctl exec 101 mknod /dev/net/tun c 10 200
vzctl exec 101 chmod 600 /dev/net/tun
EnJoY VPN on OPENVZ.
Wednesday, March 4, 2009
Friday, February 20, 2009
How to sync or set date and time using ntpdate
First install ntp from yum
# yum install ntp
1. chkconfig ntpd on
This turns on ntpd for runlevel 2345
2. ntpdate us.pool.ntp.org
This initializes your clock to the US pool. Please use appropriate country pool, go to www.ntp.org as Mr C suggested.
3. service ntpd start
This starts the ntpd service
4. hwclock --systohc
This syncs the hardware clock to current time
The default settings in /etc/ntp.conf should work for most people. For more information, just man ntp.conf.
# yum install ntp
1. chkconfig ntpd on
This turns on ntpd for runlevel 2345
2. ntpdate us.pool.ntp.org
This initializes your clock to the US pool. Please use appropriate country pool, go to www.ntp.org as Mr C suggested.
3. service ntpd start
This starts the ntpd service
4. hwclock --systohc
This syncs the hardware clock to current time
The default settings in /etc/ntp.conf should work for most people. For more information, just man ntp.conf.
Sunday, February 8, 2009
How to backup and what to backup in hypervm + openvz node
Important things to backup is
/vz/private folder where all the vps data stored
/etc/sysconfig/vz-scripts folder where all the vps config file stored
/var/lib/mysql/hypervm1_0 where all the config of the hypervm stored
Simply make a bash file with the following commands and set in the cron job.
cp -ar /vz/private /backup/vz/
cp -ar /etc/sysconfig/vz-scripts/ /backup/vz/
cp -ar /var/lib/mysql/hypervm1_0 /backup/vz/
Happy backing up :))
/vz/private folder where all the vps data stored
/etc/sysconfig/vz-scripts folder where all the vps config file stored
/var/lib/mysql/hypervm1_0 where all the config of the hypervm stored
Simply make a bash file with the following commands and set in the cron job.
cp -ar /vz/private /backup/vz/
cp -ar /etc/sysconfig/vz-scripts/ /backup/vz/
cp -ar /var/lib/mysql/hypervm1_0 /backup/vz/
Happy backing up :))
Subscribe to:
Posts (Atom)