simple lsyncd config.

20 February 2017, 2:30 pm

—-Node1—-
— User configuration file for lsyncd.
—
— Simple example for default rsync, but executing moves through on the target.
—
— For more examples, see /usr/share/doc/lsyncd*/examples/
—

settings = {
logfile = “/var/log/lsyncd.log”,
statusFile =”var/log/lsyncd.stat”,
statusInterval = 1,
insist = true,
}

sync {
default.rsync,
source=”/etc/asterisk”,
target=”asterisk2:/etc/asterisk”,
rsync = {
verbose = true,
acls = true,
rsh = “/usr/bin/ssh -p 22 -o StrictHostKeyChecking=no -l lsyncd -i /home/lsyncd/.ssh/id_rsa”
}
}
—
sync {
default.rsync,
source=”/etc/voip”,
target=”asterisk2:/etc/voip”,
rsync = {
verbose = true,
acls = true,
rsh = “/usr/bin/ssh -p 22 -o StrictHostKeyChecking=no -l lsyncd -i /home/lsyncd/.ssh/id_rsa”
}
}
—

Continue reading ‘simple lsyncd config.’ »

openvpn client/server conf + iptables forward

20 February 2017, 2:22 pm

// client //

client
dev tun
proto udp
remote IP 1194
nobind
persist-key
persist-tun
comp-lzo
log-append openvpn-log
verb 3
mute 10

// Server //

proto udp
dev tun
port 1194
server 10.100.200.0 255.255.255.0
push “route 192.168.3.0 255.255.255.0”
client-config-dir ccd
client-to-client
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log 20
log-append openvpn-log
verb 3
mute 1

// Iptables //

*filter
:INPUT ACCEPT [9976:1352302]
:FORWARD ACCEPT [7:364]
:OUTPUT ACCEPT [19184:1814693]
-A INPUT -m state –state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i tun0 -j ACCEPT
-A INPUT -s 10.100.200.0/24 -p tcp -m tcp –dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp –dport 8086 -j ACCEPT
-A INPUT -s xxx.xxx.xxx.xxx/32 -p tcp -m tcp –dport 3128 -j ACCEPT
-A INPUT -m state –state NEW -j LOG –log-prefix “INPUT: ”
-A FORWARD -i tun0 -j ACCEPT
-A FORWARD -s 10.100.200.0/24 -d 192.168.x.0/24 -i tun0 -j ACCEPT
-A FORWARD -i eth0 -o tun0 -m state –state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i tun0 -o eth0 -j ACCEPT
-A OUTPUT -p udp -m udp –dport 123 -j ACCEPT
-A OUTPUT -o tun+ -j ACCEPT
COMMIT
# Completed on Thu Dec 29 13:16:58 2016
# Generated by iptables-save v1.4.21 on Thu Dec 29 13:16:58 2016
*nat
:PREROUTING ACCEPT [7:588]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT

// sysctl.conf //

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv4.ip_forward=1

Simple Iptables

20 February 2017, 2:17 pm

*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT DROP [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -p icmp -m icmp –icmp-type any -j ACCEPT
-A INPUT -m state –state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -d 192.168.2.2/32 -p udp -m multiport –dports 88,750 -j ACCEPT
-A OUTPUT -d 192.168.2.2/32 -p tcp -m multiport –dports 88,749 -j ACCEPT
-A OUTPUT -m state –state NEW -j LOG –log-prefix “OUTPUT: ”
-A OUTPUT -j REJECT –reject-with icmp-host-prohibited
COMMIT

Things to do after installing ubuntu/xubuntu

3 March 2016, 6:04 pm

1. Update the system
$ sudo apt-get update $ sudo apt-get upgrade

2. Install Aptitude, Synaptic and Gdebi
sudo apt-get install aptitude synaptic gdebi-core

3.Install Office Suite
sudo apt-get install libreoffice

Continue reading ‘Things to do after installing ubuntu/xubuntu’ »

Centos 7 kickstart RAID1 2 discs

23 February 2016, 9:18 am