Stop iptables service:
/etc/init.d/iptables stop
Disable iptables service:
chkconfig iptables off
Copy this code to /etc/init.d/firewall (Reminder: Disable "word wrap" in your text editor. Ex.: nano -w /etc/init.d/firewall)
#!/bin/sh
# firewall
# chkconfig: 3 21 91
# description: Starts, stops iptables firewall
case "$1" in
start)
# Clear rules
iptables -t filter -F
iptables -t filter -X
echo - Clear rules : [OK]
# SSH In
iptables -t filter -A INPUT -p tcp --dport 22 -j ACCEPT
echo - SSH : [OK]
# Don't break established connections
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
echo - established connections : [OK]
# Block all connections by default
iptables -t filter -P INPUT DROP
iptables -t filter -P FORWARD DROP
iptables -t filter -P OUTPUT DROP
echo - Block all connections : [OK]
# Loopback
iptables -t filter -A INPUT -i lo -j ACCEPT
iptables -t filter -A OUTPUT -o lo -j ACCEPT
echo - Loopback : [OK]
# ICMP (Ping)
iptables -t filter -A INPUT -p icmp -j ACCEPT
iptables -t filter -A OUTPUT -p icmp -j ACCEPT
echo - PING : [OK]
# DNS In/Out
iptables -t filter -A OUTPUT -p tcp --dport 53 -j ACCEPT
iptables -t filter -A OUTPUT -p udp --dport 53 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 53 -j ACCEPT
iptables -t filter -A INPUT -p udp --dport 53 -j ACCEPT
echo - DNS : [OK]
# NTP Out
iptables -t filter -A OUTPUT -p udp --dport 123 -j ACCEPT
echo - NTP : [OK]
# FTP Out
iptables -t filter -A OUTPUT -p tcp --dport 20:21 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 30000:50000 -j ACCEPT
# FTP In
iptables -t filter -A INPUT -p tcp --dport 20:21 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 30000:50000 -j ACCEPT
iptables -t filter -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
echo - FTP : [OK]
# HTTP + HTTPS Out
iptables -t filter -A OUTPUT -p tcp --dport 80 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 443 -j ACCEPT
# HTTP + HTTPS In
iptables -t filter -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 443 -j ACCEPT
echo - HTTP/HTTPS : [OK]
# Mail SMTP:25
iptables -t filter -A INPUT -p tcp --dport 25 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 25 -j ACCEPT
echo - SMTP : [OK]
# Mail POP3:110
iptables -t filter -A INPUT -p tcp --dport 110 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 110 -j ACCEPT
echo - POP : [OK]
# Mail IMAP:143
iptables -t filter -A INPUT -p tcp --dport 143 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 143 -j ACCEPT
echo - IMAP : [OK]
# Kloxo
iptables -t filter -A INPUT -p tcp --dport 7777:7778 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 7777:7778 -j ACCEPT
echo - Kloxo : [OK]
echo - Firewall [OK]
exit 0
;;
stop)
echo "Stopping Firewall: "
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -t filter -F
exit 0
;;
*)
echo "Usage: /etc/init.d/firewall {start|stop}"
exit 1
;;
esac
Enable/Start Firewall Service
chmod 700 /etc/init.d/firewall
add firewall service:
chkconfig -–add firewall
auto start firewall:
chkconfig -–level 2345 firewall on
start firewall:
/etc/init.d/firewall start
If you have slave server, add this on the master
iptables -t filter -A INPUT -p tcp -s SLAVE_IP --dport 7779 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp -d SLAVE_IP --dport 7779 -j ACCEPT
Note: replace SLAVE_IP with your Slave server IP.
Add this on slave server
iptables -t filter -A INPUT -p tcp -s MASTER_IP --dport 7779 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp -d MASTER_IP --dport 7779 -j ACCEPT
Note: replace MASTER_IP with your Master server IP.
After all always a good idea
/sbin/service httpd restart
Thursday, April 7, 2011
Installing Kloxo on Centos 64
Take a fresh installation of centos 5.5
Don't yum update now.
Install Mysql
su root
setenforce 0
wget http://download.lxcenter.org/download/kloxo/production/kloxo-install-master.sh
Take the install option with existing mysql database (PASSWORD = your root password SQL)
sh ./kloxo-install-master.sh --db-rootpassword=PASSWORD
go through the installation process. Answer all questions wit yes and take a break for 15 minutes.
Don't yum update now.
Install Mysql
su root
setenforce 0
wget http://download.lxcenter.org/download/kloxo/production/kloxo-install-master.sh
Take the install option with existing mysql database (PASSWORD = your root password SQL)
sh ./kloxo-install-master.sh --db-rootpassword=PASSWORD
go through the installation process. Answer all questions wit yes and take a break for 15 minutes.
Install MySql on Centos 5.5
Install:
yum install mysql-server
Start:
service mysqld start OR /etc/init.d/mysqld start
Secure it:
/usr/bin/mysql_secure_installation
It is going to ask you handful of questions:
Current Root Password
You will be asked for your current root password. Because this is a new installation it is set to none. Press enter.
Set Root Password
If the above step worked correctly you should be prompted with a question asking you if you would like to set your root password. Please press Y and press Enter.
You will be asked for your root password twice. If it works you will see Success!
Removing Anonymous Users
You will be prompted to remove the MySQL anonymous users. For security reasons we want to do this. The text above the question explains this topic in more detail. Press Y and then Enter.
Disallow Root Login
You will be asked if you would like to disallow remote login for the root user and only allow connections from the server itself. To keep our server secure you want to say Y and press Enter.
Delete test Database
MySQL ships with a default database called test. This is not needed and can be deleted. Press Y and then Enter to delete the test database and it’s associated users.
Reload Privilege Tables
This step will reload the user settings (called privilege tables) so all user changes will take effect. Press Y and then Enter to continue.
yum install mysql-server
Start:
service mysqld start OR /etc/init.d/mysqld start
Secure it:
/usr/bin/mysql_secure_installation
It is going to ask you handful of questions:
Current Root Password
You will be asked for your current root password. Because this is a new installation it is set to none. Press enter.
Set Root Password
If the above step worked correctly you should be prompted with a question asking you if you would like to set your root password. Please press Y and press Enter.
You will be asked for your root password twice. If it works you will see Success!
Removing Anonymous Users
You will be prompted to remove the MySQL anonymous users. For security reasons we want to do this. The text above the question explains this topic in more detail. Press Y and then Enter.
Disallow Root Login
You will be asked if you would like to disallow remote login for the root user and only allow connections from the server itself. To keep our server secure you want to say Y and press Enter.
Delete test Database
MySQL ships with a default database called test. This is not needed and can be deleted. Press Y and then Enter to delete the test database and it’s associated users.
Reload Privilege Tables
This step will reload the user settings (called privilege tables) so all user changes will take effect. Press Y and then Enter to continue.
Tuesday, April 5, 2011
httpd restart - start - stop
to restart:
/sbin/service httpd restart
to start:
/sbin/service httpd start
to stop:
/sbin/service httpd stop
/sbin/service httpd restart
to start:
/sbin/service httpd start
to stop:
/sbin/service httpd stop
Friday, April 1, 2011
cpanel Alternativen
Ja es gibt Alternativen zu cpanel:
1. Gnu Panel: Hosting Control Panel für Debian
2. ispCP für Debian, Centos Fedora, Gentoo Linux, openSUSE, Red Hat Linux und Ubuntu als ein Multi-Server-Verwaltungs- sowie Administrationstoo
3. Webmin: Per Webbrowser können die verschiedenen Server-Prozesse oder Daemonen administriert werden, die auf einem Unix-Rechner laufen - häufig in Verbindung mit
4- Virtualmin: Für die einfache Konfiguration verschiedener Serverdienste wie beispielsweise Mailserver, Domains und MySQL.
Ein Vergleich von gängigen Programmen hier: http://isp-control.net/documentation/about/comparsion
1. Gnu Panel: Hosting Control Panel für Debian
2. ispCP für Debian, Centos Fedora, Gentoo Linux, openSUSE, Red Hat Linux und Ubuntu als ein Multi-Server-Verwaltungs- sowie Administrationstoo
3. Webmin: Per Webbrowser können die verschiedenen Server-Prozesse oder Daemonen administriert werden, die auf einem Unix-Rechner laufen - häufig in Verbindung mit
4- Virtualmin: Für die einfache Konfiguration verschiedener Serverdienste wie beispielsweise Mailserver, Domains und MySQL.
Ein Vergleich von gängigen Programmen hier: http://isp-control.net/documentation/about/comparsion
Thursday, March 10, 2011
Fastenkur für CSS-Code - 30 % sind drin.
CSSTidy ist ein Tool um CSS-Code zu optimiern. Farbcode wird in Kurzform gebracht, Shorthands werden optimiert und überflüssige Zeichen entfernt. Die Option "CSS erhalten" empfieht sich z.B., wenn Kommentarte beigehalten werden sollen. Auf ungültige Eigenschaften wird hingewiesen, auf Wunsch werden diese auch entfernt. CSSTidy ist aber kein Validator und erkennt nur teilweise Fehlercode. In der höchsten Komprimierungsstufe wird der Code komplett in eine Zeile gepackt und daher extrem unübersichtlich. Hier empfiehlt es sich die Originalversion zusätzlich zu sichern.
Zu CSS-Tidy auf leerraum.org
Zu CSS-Tidy auf leerraum.org
Tuesday, March 1, 2011
Google Docs mit OCR
Google Docs hat jetz ein OCR Toll eingebaut. OCR für 34 Sprachen wird angeboten. Ein sehr praktischer Weg um aus dem PDF File, Textdateien zu erhalten. Verwendet wird nach Angabe von Google, die gleiche Technologie welche bei Google Books angewendet wird.
mehr auf googledocs.blogsport.com
mehr auf googledocs.blogsport.com
Subscribe to:
Comments (Atom)