Linux Tweaks: 2014

Thursday, December 25, 2014

How to add launchpad ubuntu repository and install php5-memcached 2.2.0

Add repository

# add-apt-repository ppa:ondrej/php5

Check available versions

# apt-get update

# apt-cache policy php5-memcached

Install memcashed
# apt-get install php5-memcached

Monday, December 1, 2014

VARNISH WEB INTERFACE FOR ADMIN AND CACHE INVALIDATION

1) Download and extract

wget https://github.com/varnish/vagent2/archive/master.zip
unzip master.zip

2)Install

cd vagent2-master/
./configure
make
make install

3)Protect the interface

nano /etc/varnish/agent_secret
Insert formatted

user:password
4)Start the agent


/usr/local/bin/varnish-agent

5)Varnish Web Interfase access (when promted for login , enter the user:password from /etc/varnish/agent_secret)

http://THE-SERVER-IP:6085/html/

6) The Varnish Web Interfase allow:
stop/start varnish
Cache invalidation
Set Parameters
View varnish performance

Sunday, November 30, 2014

mail server Black list removal forms

Black list removal forms:
Barracuda
http://www.barracudacentral.org/rbl/removal-request/
SpamCop
https://www.spamcop.net/w3m?action=checkblock&ip=SERVER_IP
Blocklist Removal Center
http://www.spamhaus.org/query/ip/SERVER_IP
lashback delist
http://blacklist.lashback.com/delist
ivmSIP
http://dnsbl.invaluement.com/lookup/
CBL
http://cbl.abuseat.org/lookup.cgi?ip=xx.xxx.xxx.

Wednesday, November 5, 2014

/usr/lib/ruby/1.9.1/rubygems/custom_require.rb:36:in `require': cannot load such file -- redis (LoadError)

/usr/lib/ruby/1.9.1/rubygems/custom_require.rb:36:in `require': cannot load such file -- redis (LoadError)
solution:
gem 'redis', '~> 3.1.0'

Friday, October 17, 2014

How to add custom sensor for PRTG monitor (Linux)

Let say You have some custom script on Linux You want to monitor in PRTG

Main, monitor Redis Keys.

nano /etc/snmp/snmpd.conf

Add the script as following to end of the file:

extend redis_keys /path/to/script.sh

Restart snmpd

/etc/init.d/snmpd restart

Now , we need to find the OID value for our script:

snmptranslate -On NET-SNMP-EXTEND-MIB::nsExtendOutputFull.\"scriptname\"

some times , you need to add mib library to get OID values:

apt-get install snmp-mibs-downloader

In my case , script name is “redis_keys” , so it look like:

snmptranslate -On NET-SNMP-EXTEND-MIB::nsExtendOutputFull.\"redis_keys\"

.1.3.6.1.4.1.8072.1.3.2.3.1.2.10.114.101.100.105.115.95.107.101.121.115

The output is our OID for PRTG:

.1.3.6.1.4.1.8072.1.3.2.3.1.2.10.114.101.100.105.115.95.107.101.121.115

Before deal with PRTG , I want to be sure , my script working and return value:

snmpwalk -v 2c -c [Community String] localhost .1.3.6.1.4.1.8072.1.3.2

iso.3.6.1.4.1.8072.1.3.2.4.1.2.10.114.101.100.105.115.95.107.101.121.115= STRING: "/ssd/home/adika/monitor/keys"

Where [Community String] is You PRTG Community String

Now In PRTG:

Choice CUSTOM

Add our OID

Thursday, October 16, 2014

Linux find files between dates

touch -t 201409070120.01 first (yyyymmdd-hour)

touch -t 201409080120.01 last (yyyymmdd-hour)

find perl files between date range:

find . -type f -name '*.pl' -newer /root/first ! -newer /root/last -exec ls -s {} \;

remove files with specific extension

find . \( -name "*.php" -o -name "*.html" -o -iname "*.htm" \) -exec ls -s {} \; -print -exec rm {} \;

remove files with specific extension and contains some expression:

find . \( -name "*.php" -o -name "*.html" -o -iname "*.htm" \) -exec grep -l "some expression" {} \; -print -exec rm {} \;

find files and directories between date range:

find . -type d \( -name cache -o -name logs -o -name stats -o -name webalizer \) -prune -o \( -name "*.php" -o -name "*.html" -o -iname "*.htm" \) -newer /root/first ! -newer /root/last -print

Wednesday, October 15, 2014

alternative telnet send mail test

Instead of send a test mail using Telnet , simple
echo -e "To: mail@domain.com\nSubject: Test\nTest\n" | sendmail -bm -t -v

Thursday, October 9, 2014

Blog - How to remove default 'back to scoll' and 'Our customer service is available 24/7. Call us at (555) 555-0123.' un the hellowired Magento theme.

Tuesday, October 7, 2014

Find and remove spam qmail

1. Who is spam?

/var/qmail/bin/qmail-qread

10 Sep 2014 22:17:38 GMT #7406528 1685 <info@hahaha.co.il> bouncing

done remote posluchova@7plus.ru

remote oriflame@7russia.ru

remote osanka@7russia.ru

remote sidaev@8-12.ru

remote nuser@92.14-157-90.telenet.ru

done remote rsnrkx99c@923.ru

remote pmz-keig@9zk.ru

done remote reklama@a24.spb.ru

done remote p9373c95@a7344l19.com

done remote sigor@aaa.ua

done remote samson_don@aaanet.ru

done remote ramuk@aaanet.ru

done remote rem_pb@aaanet.ru

done remote paschenko-dd@aaanet.ru

done remote razborka61@aaanet.ru

find /var/qmail/queue/mess/ -name 7406528

/var/qmail/queue/mess/22/7406528

Now we try to check in the e-mail from what url and ip is send:

less /var/qmail/queue/mess/22/7406528

Received: (qmail 27017 invoked by uid 399); 11 Sep 2014 01:17:35 +0300

Received: from unknown (HELO hahaha.co.il) (info@hahaha.co.il@201.164.182.100)

  by mail.oyo.co.il with ESMTPAM; 11 Sep 2014 01:17:35 +0300

X-Originating-IP: 201.164.182.100

Message-ID: <E8362BC0.8CF16E69@hahaha.co.il>

Date: Thu, 11 Sep 2014 00:17:29 +0200

Reply-To: "=?UTF-8?B?UG9zbHVjaG92YQ==?=" <info@hahaha.co.il>

From: "=?UTF-8?B?UG9zbHVjaG92YQ==?=" <info@hahaha.co.il>

User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.12) Gecko/20080227 Thunderbird/2.0.0.12

X-Accept-Language: en-us

MIME-Version: 1.0

To: <posluchova@7plus.ru>

Cc: <oriflame@7russia.ru>,

        <osanka@7russia.ru>,

        <sidaev@8-12.ru>,

        <nuser@92.14-157-90.telenet.ru>,

        <rsnrkx99c@923.ru>,

        <pmz-keig@9zk.ru>,

        <reklama@a24.spb.ru>,

        <p9373c95@a7344l19.com>,

        <sigor@aaa.ua>,

        <samson_don@aaanet.ru>,

        <ramuk@aaanet.ru>,

        <rem_pb@aaanet.ru>,

        <paschenko-dd@aaanet.ru>,

        <razborka61@aaanet.ru>

Subject: =?UTF-8?B?0J3QsNC00L7QtdC70L4g0LbQuNGC0Ywg0LrQsNC6INC90LjRidC10LHRgNC+0LTRgz8g0K8g0YDQsNGB0YHQutCw0LbRgywg0LrQsNC6INC30LDRgNCw0LHQsNGC0YvQstCw0YLRjCDQvtGCIDE2MCQg0LfQsCAzINC00L3RjyE=

?=

The sending IP is 201.164.182.100 , so I want to block it.

iptables -I INPUT -s 201.164.182.100  -j DROP

2. Install qmail-remove and remove mail’s from queue

wget http://www.linuxmagic.com/opensource/qmail/qmail-remove/qmail-remove-0.95.tar.gz

tar -zxpf qmail-remove-0.95.tar.gz

cd qmail-remove-0.95

make

gcc -O2 -W -Wall -o qmail-remove qmail-remove.c

make install

cp qmail-remove /var/qmail/bin/

mkdir /var/qmail/queue/yanked

/var/qmail/bin/qmail-remove -p info@hahaha.co.il -y /var/spool/yanked

……

moved mess/5/7405637 to yanked/7405637.mess

moved remote/5/7405637 to yanked/7405637.remote

moved info/5/7405637 to yanked/7405637.info

moved bounce/7405637 to yanked/7405637.bounce

7406005: no

7407799: no

7405729: no

120 file(s) match

Now the situation in the queue

/var/qmail/bin/qmail-qstat

messages in queue: 335

qmail-remove [options]

-e use extended POSIX regular expressions

-h, -? this help message

-i search case insensitively [default: case sensitive]

-n <bytes> limit our search to the first <bytes> bytes of each file

-p <pattern> specify the pattern to search for

-q <queuedir> specify the base qmail queue dir [default: /var/qmail/queue]

-d actually remove files not yank them, no -p will delete all the messages!

-r actually remove files, without this we'll only print them

-s <split> specify your conf-split value if non-standard [default: 23]

-v increase verbosity (can be used more than once)

-y <yankdir> directory to put files yanked from the queue [default: <queuedir>/yanked]

-X <secs> modify timestamp on matching files, to make qmail expire mail

<secs> is the number of seconds we want to move the file into the past.

specifying a value of 0 causes this to default to (604800)

-x <timespec> modify timestamp on matching files, to make qmail expire mail

<timespec> is a date/time string in the format of output of the "date" program.

see manpage for strptime(2) for details of this format