REDhat-5

linux configure-1

Redhat -1

Suchipattro 

1. Primary DNS Server Configure        d                    Page: 2 

2. Secondary DNS Server Configure        d                Page: 5 

3. DHCP Server Configure                            Page: 7 

4. Mail Server Configure             d                Page: 8 

4(i). Web Mail Server and Web Mail password Configure        Page:  

5. Yum Server Configure            d                Page: 9 

6. FTP Server Configure             d                Page: 10 

7. RAID and LVM Configure            d            Page: 11, 16 

8. User Quota                    d                    Page: 17 

9. Web Server Configure             d            Page: 18 

10. Proxy Server Configure            d            Page: 19 

11. Virtual Domain Server Configure        d            Page: 20 

12. Virtual Web Server Configure         d            Page: 21 

13. Linux Router Configure                        Page: 22 

14. Linux Router RIP Configure                    Page: 23 

15. MRTG (Multi Routing Traffic Grapher) Configure        Page: 24, 25 

16. Linux Firewall Configure                        Page: 26, 27, 28 

17. NFS Server Configure            d            Page: 29 

18. SAMBA Server Configure         d            Page: 30 

19. NIS Domain Configure                        Page: 31 

20. SSH Configure                            Page: 32 

21. Telnet Configure 

22. Transparent Proxy Configure 

23. Linux Internet Sharing Configure 

Red Hat Enterprise Linux Essential 

The world's leading open source application platform 

On one certified platform, Red Hat Enterprise Linux offers your choice of:  

    Applications - Thousands of certified ISV (independent software vendor) applications  

    Deployment - Including standalone or virtual servers, cloud computing, or software appliances 

    Hardware - Wide range of platforms from the world's leading hardware vendors  

This gives IT department's unprecedented levels of operational flexibility. And it gives independent software vendor (ISV) s unprecedented market reaches when delivering applications. Certify once, deploy anywhere. All while providing world-class performance, security, and stability. And unbeatable value. An ISV (independent software vendor) makes and sells software products that run on one or more computer hardware 

Open Source 

Open source refers to a program or software in which the source code is available to the general public for use and/or modification from its original design free of charge. 

What is Linux? 

Linux is an operating system, a software program that controls your computer. Most vendors load an operating system onto the hard drive of a PC before delivering the PC, so, unless the hard drive of your PC has failed, you may not understand the function of an operating system. 

How Linux is Different 

Linux is distinguished from many popular operating systems in three important ways. 

    Linux is a cross-platform operating system that runs on many computer models. Only Unix, an ancestor of Linux, rivals Linux in this respect.  

    Linux is free, in two senses. First, you may pay nothing to obtain and use Linux. On the other hand, you may choose to purchase Linux from a vendor who bundles Linux with special documentation or applications, or who provides technical support. 

The origins of Linux 

Linux traces its ancestry back to a mainframe operating system known as Multics (Multiplexed Information and Computing Service). Begun in 1965, Multics was one of the first multi-user computer systems and remains in use today. Bell Telephone Labs participated in the development of Multics, along with the Massachusetts Institute of Technology and General Electric. 

The Linux kernel 

By the early 1990s, the FSF had obtained or written all the major components of the GNU operating system except for one: the kernel. About that time, Linus Torvalds, a Finnish computer science student, began work on a kernel for a Unix-like system. 

The X Window System 

Another important component of Linux is its graphical user interface, the X Window System. Unix was originally a mouseless, text-based system that used noisy teletype machines rather than modern CRT monitors. The Unix command interface is very sophisticated and, even today, some power users prefer it to a point-and-click graphical environment, using their CRT monitor as though it were a noiseless teletype. Consequently, some remain unaware that Unix long ago outgrew its text-based childhood, and now provides users a choice of graphical or command interfaces. 

The X Window System (or simply X) was developed as part of the Massachusetts Institute of Technology's (MIT) Project Athena, which it began in 1984.  

X is a unique graphical user interface in two major respects. First, X integrates with a computer network, letting users access local and remote applications. For example, X lets you open a window that represents an application running on a remote server: the remote server does the heavy-duty computing; all your computer need do is pass the server your input and display the server's output. 

Second, X lets you configure its look and feel to an amazing degree. 

Linux distributions 

Because Linux can be freely redistributed, you can obtain it in a variety of ways. Various individuals and organizations package Linux, often combining it with free or proprietary applications. Such a package that includes all the software you need to install and run Linux is called a Linux distribution. 

Table 1.3: Popular Linux Distributions and Their Web Home Pages  

Distribution    Home Page 

Caldera OpenLinux    http://www.caldera.com/ 

Debian Linux    http://www.debian.org/ 

Slackware Linux    http://www.cdrom.com/titles/os/slackwar.htm/ 

Red Hat Linux    http://www.redhat.com/ 

SuSE. Linux    http://www.suse.com/ 

Minimum Hardware Requirements 

Linux supports a wide range of PC hardware; but not even Linux supports every known device and system. Your PC must meet certain minimum requirements in order to run Linux. The following sections present these minimum requirements.  

Central Processing Unit (CPU) 

Linux does not support the Intel 286 and earlier processors. However, it fully supports the Intel 80386, 80486, Pentium, Pentium Pro, Pentium II, and Pentium III processors. Nevertheless, some users feel that their 80386 Linux systems respond sluggishly, particularly when running X. So, if you want optimum performance, you should install Linux on a PC having an 80486 processor or better.  

Linux also supports non-Intel processors such as the Cyrix 6x86 and the AMD K5 and K6. Most Linux users have systems that use Intel chips; if your system uses a non-Intel chip, you may find it more difficult to resolve possible problems. 

Motherboard 

Linux supports the standard ISA, EISA, PCI, and VESA (VLB) system buses used on most IBM-compatible PCs. Linux recently gained support for IBM's MCA bus, used in IBM's PS/2 series of computers. However, at the time of this writing, Debian GNU/Linux does not yet support the MCA bus. If you have an IBM PS/2, you may be unable to install Debian GNU/Linux (check the Debian Project web site for the latest available information on support for the MCA bus). 

Drives 

An anonymous wag once quipped that one can never be too thin, too rich, or have too much hard disk space. Fortunately, Linux is not too hungry for disk space. To install and use Linux, you should have at least 250 MB of free hard disk space. (The minimum is about 100 MB, but installing Linux on a system with so little disk space will compel you to omit many useful applications and will leave you with little room to work.) 

Table 2.1: Configuration Information Needed to Install Linux 

Device    Information needed 

Hard Drive(s)    The number, size, and type of each hard drive.Which hard drive is first, second, and so onWhich adapter type (IDE or SCSI) is used by each drive?For each IDE drive, whether or not the BIOS is set for LBA mode 

RAM memory    The amount of installed RAM 

CD-ROM Drive(s)    Which adapter type (IDE, SCSI, or other) is used by each driveFor each drive using a non-IDE, non-SCSI adapter, the make and model of the drive 

SCSI Adapter (if any)    The make and model of the card 

Network Adapter (if any)    The make and model of the card 

Mouse    The type (serial, PS/2, or bus)The protocol (Microsoft, Logitech, MouseMan, etc.)The number of buttonsFor a serial mouse, the serial port to which it's connected 

Video Adapter    The make and model of the cardThe amount of video RAM 

 Table 2.1: Hard Disk Information 

virtual consoles uses at Linux Install time 

Console    Keystroke    Contents 

1    ALT-F1    The installation dialog. 

2    ALT-F2    A shell prompt, which lets you enter commands to be processed by Linux. 

3    ALT-F3    The installation status log, containing termination messages of launched programs. 

4    ALT-F4    The installation log, containing messages from the install program. 

********************************************************************************************************************* 

Show Linux Version

[a] uname - Print kernel and system information.

$ uname -r

$ uname -mrs

$ uname -a

[b] lsb_release - Print distribution-specific information.

$ lsb_release -a

[c] /proc/version file - Print running kernel information

$ cat /proc/version

$ cat /etc/*release

OR

$ lsb_release -a

[root@ns1 ~]# vim /etc/bashrc 

# /etc/bashrc 

alias c='clear' 

alias p='poweroff -f' 

alias r='reboot' 

cal 

:x 

LAN IP SETTING 

[root@ns1 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0 

DEVICE=eth0 

ONBOOT=yes 

BOOTPROTO=static 

IPADDR=192.168.20.1 

NETMASK=255.255.255.0 

:x 

WAN IP SETTING 

[root@ns1 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth1  

DEVICE=eth1 

ONBOOT=yes 

BOOTPROTO=static 

IPADDR=203.190.33.206 

NETMASK=255.255.255.248 

GATEWAY=203.190.33.205 

:x 

 -----------------------CentOS/Redhat 6+ ------------------------------------

LAN

[root@mail network-scripts]# vi ifcfg-eth0

DEVICE=eth0

HWADDR=6c:3b:e5:32:59:90

TYPE=Ethernet

UUID=32c5553f-07e0-4784-988a-9404813380a4

ONBOOT=yes

NM_CONTROLLED=yes

BOOTPROTO=none

USERCTL=no

IPV6INIT=no

IPADDR=192.168.19.254

NETMASK=255.255.255.0

         -------

WAN

DEVICE=eth1

HWADDR=cc:b2:55:ba:c0:66

TYPE=Ethernet

UUID=cd57fc3a-9623-49d5-8778-2c0f6b42c893

ONBOOT=yes

NM_CONTROLLED=yes

BOOTPROTO=none

IPV6INIT=no

USERCTL=no

IPADDR=203.82.197.42

NETMASK=255.255.255.248

DNS2=202.22.200.44

GATEWAY=203.82.197.41

DNS1=202.22.192.9

 --------------------------------------------------------------------------------

 RPM INSTALL

# rpm -qa sendmail*

# rpm-qa netconfig

FOR vim

vim-common

vim-enhanced

vim-minimal

vim-X11

------------------------------

HOST NAME

#hostname ns1

crl+D

#vim /etc/sysconfig/network

network=yes

hostname=ns1.pcs.bd       

#setup

 Check and Configure the Network Card:

[root@ns1 ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0

#Broadcom Corporation Net link BCM57875 Gigabyte Ethernet PCI Express

DEVICE=eth0 

BOOTPROTO=static

HWADDR=00:0C:29: EB: B2: CA

ONBOOT=yes

TYPE=Ethernet

PEERDNS=no

USERCTL=no

IPV6INIT=no

IPADDR=192.168.20.1

NETMASK=255.255.255.0

NETWORK=192.168.20.0

BROADCAST=192.168.20.255

After changing you have to reload/restart the NIC(eth0) card by following command:

[root@ns1 ~]# ifdown eth0

[root@ns1 ~]# ifup eth0

[root@ns1 ~]# service network restart

After complete the NIC configure you have to change the host name by following this command:

[root@ns1 ~]# vi /etc/sysconfig/network

NETWORKING=yes

NETWORKING_IPV6=no

HOSTNAME=ns1

 Now Edit hosts file for host name resolution by following this command:

[root@ns1 ~]# vi /etc/hosts

# Do not remove the following line, or various programs

# that require network functionality will fail.

127.0.0.1       localhost.localdomain localhost

210.207.201.1   ns1.alphabd.net      ns1

 VIM-Text EDIT

set nu     [ Line number ]

15 shift g: 15th line

1 shift g: 1st line

   shift g: last line

Copy

yy = 1 Line copy

5yy = 5 line copied

p = past

u = undo

ctl+r = redo

Delete

dd = 1 line delete

3dd = 3 line delete

dw= 1 word delete

Search

/(key word)

/n = next 

/N = previous

Replace

%s/world.bd/pcs.bd/g

TAR/ZIP

VMwareTools-9.9.0.2304977.tar.gz 

$ cd ~/Desktop/ 

$ tar -xvf VMwareTools     [TAB] 

$ cd vmware-tools           [TAB] 

$ ls 

$ ./vmware-install.pl 

$ ls /mnt/hgfs 

$ share folder     [ show share folder] 

$ ln -s /mnt/hgfs/share folder/ ~/Desktop/share folder      [create Desktop shortcut] 

oracle.ZIP 

# unzip file name 

# ls 

# pwd      [present directory] 

# whoami [ show user] 

# exit 

$ cd /uo1/soft/database/ 

$ ./runinstaller 

RPM install 

# rpm -qa vsftpd 

# cd / 

# ls 

# cd media/RHEL_6.0[TAB]\i386\Disk\1/Packages/ 

# ls | less  [ page view]

# rpm -i vsftp          [TAB] 

# service vsftpd restart 

# rpm -qa vsftpd 

# rpm -qa | grep -i vsftpd    [You should then find the exact package name] 

# rpm - e vsftpd   [ RPM remove]

CD Copy

# cp -ivr /media/RHEL_6.0[TAB]\i386\Disk\1/* /var/ftp/pub/

Mail ProbleM

#mailq                    [show Q mail]

#postsuper -d All      [mail Q Delete]

#tail -f /var/log/maillog

#cat /var/log/maillog

Log

#tail -f /var/log/messages

Red hat Linux Essential Commands 

Login process as a root user: 

ns1 login: root 

Passwd: redhat 

[root@ns1~]# 

Or Login process as a normal user: 

ns1 login: u1 

Passwd: redlinux 

[u1@ns1~]$ 

[root@ns1~]# ls                    [Viewed file/folder] 

[root@ns1~]# ls -l 

[root@ns1~]# ls -la 

[root@ns1~]# ls -l /home  

[root@ns1~]# ls -ld /var/named/ 

[root@ns1~]# cd /var/named                [Directory will change]  

[root@ns1 named]#  

[root@ns1 named]# cd .. 

[root@ns1~]# cd / 

[root@ns1 /]# cd 

[root@ns1~]# cd -                     [To go previous working directory] 

User Create & delete command: 

[root@ns1 ~]# useradd u1 

Or [root@ns1 ~]# adduser u2 

[root@ns1 ~]# userdel -rf u1 

Password Change command: 

[root@ns1 ~]# passwd                [for root user password change] 

[root@ns1 ~]# passwd u1                [for normal user password change] 

Mail user

add user -s /bin/false u1     [u1 only mail use

 # system-configure-user

Linux Directory Structure 

The Linux Filesystem Hierarchy/            Root|---root        The home directory for the root user|---home        Contains the user's home directories|    |----ftp        Users include many services as listed here|    |----httpd|    |----samba|---bin            Commands needed during bootup that might be needed by normal users|---sbin        Like bin but commands are not intended for normal users.|---proc        This filesystem is not on a disk.  |---usr            Contains all commands, libraries, man pages, games and static files for normal |    |            operation.|    |----bin        Almost all user commands.  some commands are in /bin or /usr/local/bin.|    |----sbin        System admin commands not needed on the root filesystem. |    |            programs.|    |----include    Header files for the C programming language.  Should be below /user/lib for|    |            consistency.|    |----lib        Unchanging data files for programs and subsystems|    |----local        The place for locally installed software and other files.|    |----man        Manual pages|    |----info        Info documents|    |----doc        Documentation for various packages|    |----tmp|    |----X11R6        The X windows system files.  There is a directory similar to usr|    |            directory.|    |----X386        Like X11R6 but for X11 release 5|---boot        Files used by the bootstrap loader, LILO.  Kernel images are often kept here.|---lib            Shared libraries needed by the programs on the root filesystem|    |----modules     Loadable kernel modules, especially those needed to boot the system after|             disasters.|---dev            Device files for devices such as disk drives, serial ports, etc.|---etc            Configuration files specific to the machine.|    |----skel        When a home directory is created it is initialized with files from this directory|    |----sysconfig     Files that configure the linux system for networking, keyboard, time, and more.|---var            Contains files that change for mail, news, printers log files, man pages, temp files|    |----file|    |----lib        Files that change while the system is running normally|    |----local        Variable data for programs installed in /usr/local.|    |----lock        Lock files.  Used by a program to indicate it is using a particular device or file|    |----log        Log files from programs such as login and syslog which logs all logins,|    |            logouts, and other system messages.|    |----run        Files that contain information about the system that is valid until the system is|    |            next booted|    |----spool        Directories for mail, printer spools, news and other spooled work.|    |----tmp        Temporary files that are large or need to exist for longer than they should in|    |            /tmp.|    |----catman    A cache for man pages that are formatted on demand|---mnt            Mount points for temporary mounts by the system administrator.|---tmp            Temporary files.  Programs running after bootup should use /var/tmp.|----lost+found           Remove file will store in here.|----Opt                   

Normal Command used in Linux------------------------------------------------------------------- 

[root@ns1 ~]# date    [Showing date & time] 

[root@ns1 ~]# pwd    [Showing present working directory] 

[root@ns1 ~]# uname -r    [Showing Linux Kernel Version] 

[root@ns1 ~]# swichdesk kde    [Switching to KDE Desktop if stay install] 

Creating a Directory: 

[root@ns1 ~]# mkdir soft    [Create a directory into /root] 

[root@ns1 ~]# mkdir /data    [Create a directory into /] 

[root@ns1 ~]# mkdir -p /Server/software/Data    [Create a directory in between subdirectory] 

Creating a file: 

[root@ns1 ~]# touch f1    [Create a file into /root] 

[root@ns1 ~]# touch /data/f2    [Create a file into /data/] 

Remove file and directory: 

[root@ns1 ~]# rm -rf soft    [Remove file/folder] 

[root@ns1 ~]# rm -rf /data/f2 

Copy file and folder: 

[root@ns1 ~]# cp /data/f2 /root/soft    [Copy file/folder] 

[root@ns1 ~]# cp /data/f2 /root/soft/f3    [Copy and Rename file/folder] 

File/folder Moving and Renaming: 

[root@ns1 ~]# mv  f1 /data/f4    [Moving and Renaming] 

[root@ns1 ~]# mv -r f1 /data/f4 

User logout command: 

[root@ns1 ~]# logout 

[root@ns1 ~]# ctrl+d 

[root@ns1 ~]# exit 

Computer Shutdown Command: 

[root@ns1 ~]# shutdown -h now 

[root@ns1 ~]# init 0 

[root@ns1 ~]# p    [If staying alias] 

Computer Reboot Command: 

[root@ns1 ~]# reboot 

[root@ns1 ~]# init 6 

[root@ns1 ~]# r    [If staying alias] 

[root@ns1 ~]# ctrl+alt+del 

User, Group and Permission-------------------------------------------------------------- 

[root@ns1 ~]# useradd u2    [User Create] 

[root@ns1 ~]# passwd u2    [Password Change] 

[root@ns1 ~]# groupadd arkgroup    [Group Create] 

[root@ns1 ~]# useradd u3 -G arkgroup    [User Create and insert into a Group 

[root@ns1 ~]# gpasswd -M u1,u2 arkgroup    [Insert multi User into a Group] 

[root@ns1 ~]# cat /etc/passwd    [Showing User information] 

u1:x:500:500::/home/u1:/bin/bash 

                                  /bin/nologon [ Logon inactive]

[root@ns1 ~]# cat /etc/group    [Showing Group information] 

arkgroup:x:506:u1,u2,u3 

[root@ns1 ~]# ls -l  

-rw- -wx -w-         1   root    root     1468    25 Dec  3:42      soft 

Type of Files: 

d  [Means Directory] 

l   [Means Link file] 

b  [Means Block devices] 

c  [Means Character devices] 

-  [Means Regular file] 

Changing File/Directory Permission: 

[root@ns1 ~]# ls -l 

-rw------- 1     root     root       971     Jul  9 03:39     anaconda-ks.cfg 

drwxr-xr-x 3     root     root      4096     Sep 20 18:22     Desktop 

-rwxr-xr-x 1     root     root        51     Sep 19 08:40     f2.sh 

-rw-r--r-- 1     root     root        58     Sep 19 08:45     f3.sh 

-rw-r--r-- 1     u1       root         0     Jul 29 03:27    lintext 

drwx------ 2     root    root      4096     Oct  5 04:40     Mail 

lrwxrwxrwx 1    root     root        10     Oct 21 22:14     myfilelink.txt -> myfile.txt 

-rw-r--r-- 2     root     u1          10     Oct 21 22:11     myfile.txt 

-rw-r--r2          u1      u1          10     Oct 21 22:11     myhardlink.txt 

[root@ns1 ~]# ls -ld /data/ 

drwxr-xr-x 2     root     root     4096     Dec 30 19:42     /data/ 

[root@ns1 ~]# chmod 766 /data 

[root@ns1 ~]# ls -ld /data/ 

drwxrw-rw- 2     root     root     4096     Dec 30 19:50     /data/ 

[root@ns1 ~]# 

Permission Chart below:

Symbol    Meaning

0    No Permission    (rwx Deny)

1    x Permission      (rw Deny)

2    w Permission     (Usually not use)    (xr Deny)

3    rw Permission    (Usually not use)    (x Deny)

4    r Permission      (wx Deny)

5    rw Permission    (Use for folder)      (w Deny)

6    wr Permission    (x Deny) 

7    (All Permission)

user

[root@ns1 ~]# setfacl -m u:u1:rwx /var/test   [Folder all permisson]

                     setfacl -m u:u1:--- /var/test   [ No permisson]  

                     setfacl -m u:u1:r-- /var/test    [ Red permisson]

Group 

[root@ns1 ~]# setfacl -m g:g1:rwx /var/test   [Folder all permisson]

                                    ''     :--- /var/test   [ No permisson]  

[root@ns1 ~]# chmod 756 /data    [Change Permission for /data folder]     

[root@ns1 ~]# chmod 744 /data 

[root@ns1 ~]# chmod 777 /data 

[root@ns1 ~]# chown u1 /data    [Change Owner for /data folder] 

[root@ns1 ~]# chown root /data/f1 

[root@ns1 ~]# chgrp root /data 

[root@ns1 ~]# chgrp u1 /data    [Change Group for /data folder] 

[root@ns1 ~]# chgrp sysadmin /data/f1 

********************************************************************************************* 

How to Repair your Linux OS Grub------------------------------------------------------------ 

Steps: Insert CD        Restart PC       will come linux install mode        Write (linux rescue) & Press Enter      

OK        OK         (Message will show write it) Continue       OK         

[bash-3-0]# chroot /mnt/sysimage 

[bash-3-0]# vim /etc/grub.conf 

title Red Hat Enterprise Linux Server (2.6.18-8.el5) 

        root (hd0,6)             [See this line and note it and go out from file without save] 

        kernel /vmlinuz-2.6.18-8.el5 ro root=LABEL=/ dhaka rhgb quiet 

        initrd /initrd-2.6.18-8.el5.img 

title Other 

        rootnoverify (hd0,0) 

        chainloader +1 

:q! 

[bash-3-0]# grub 

grub> root (hd0,6) 

grub> setup (hd0) 

grub>quit 

[bash-3-0]# exit 

[bash-3-0]# exit    [PC will restart and you will see your grub] 

Mount temporary for Cd and############################################################### Pendrive---------------------------------------------------------------- 

[root@ns1 ~]# mount /dev/cdrom /mnt    [Mounting command] 

[root@ns1 ~]# ls -l /mnt/Server 

[root@ns1 ~]# umount /mnt    [Unmount] 

[root@ns1 ~]# eject    [Eject Cd tray] 

[root@ns1 ~]# eject -t    [Insert Cd tray] 

[root@ns1 ~]# mount /dev/sdb1 /mnt    [Pendrive mounting] 

[root@ns1 ~]# ls -l /mnt 

Auto Mounting for Cdrom and Pendrive 

[root@ns1 ~]# vim /etc/fstab 

/dev/sda6                   /mnt    auto     defaults    0 0 

/dev/sdb1                   /media    vfat    defaults    0 0 

:x 

dump_freq: Level 0 dump frequency: 1=daily, 2=every other day, 0= neverdump 

fsck_order: 0=ignore, 1=first (the root file system should have this value) 

[root@ns1 ~]# mount -a    [Refresh mount] 

[root@ns1 ~]# ls -l /mnt 

Setting UID, GUID and Sticky Bit 

[root@ns1 ~]# mkdir /data    [Create a directory] 

[root@ns1 ~]# stat /data    [Showing directory information] 

[root@ns1 ~]# groupadd pcsgroup    [Create pcsgroup] 

[root@ns1 ~]# useradd john -G pcsgroup    [Insert a user into group] 

[root@ns1 ~]# useradd jane -G pcsgroup 

[root@ns1 ~]# chgrp pcsgroup /data/    [Change group name] 

[root@ns1 ~]# chmod 2070 /data/    [Apply group ID that can't change any user] 

[root@ns1 ~]# su - u1    [User switch] 

[u1@ns1 ~]$ cd /data/ 

[u1@ns1 ~]$ ls -l 

[u1@ns1 ~]$ touch f1 

[u1@ns1 ~]$ stat f1 

Sticky Bit: 

[root@ns1 ~]# mkdir /data    [Create a directory] 

[root@ns1 ~]# stat /data    [Showing directory information] 

[root@ns1 ~]# groupadd pcsgroup    [Create pcsgroup] 

[root@ns1 ~]# useradd john -G pcsgroup    [Insert a user into group] 

[root@ns1 ~]# useradd jane -G pcsgroup 

[root@ns1 ~]# chgrp pcsgroup /data/    [Change group name] 

[root@ns1 ~]# chmod 3070 /data/    [Apply sticky bit that can't delete any user] 

[root@ns1 ~]# su - u1    [User switch] 

[u1@ns1 ~]$ cd /data/ 

[u1@ns1 ~]$ ls -l 

[u1@ns1 ~]$ touch f1 

[u1@ns1 ~]$ stat f1 

[u1@ns1 ~]$ rm -r f1    [file can't remove] 

Switching User (SU): 

[root@ns1 ~]# su - u1 

[u1@ns1 ~]$ touch f1 

[u1@ns1 ~]$ ls -ld f1 

[u1@ns1 ~]$exit or ctrl+d    [for logout user] 

Introducing to String Proces: 

head: Display first few lines (default: 10 lines) of the files 

[root@ns1 ~]# head /etc/passwd 

here we will see some files nearly 10 lines 

[root@ns1 ~]# head -n 20 /etc/passwd 

tail: Display last few lines (default: 10 lines) of the files 

[root@ns1 ~]# tail -f /var/log/message 

[root@ns1 ~]# tail -f -n /var/log/message 

here we will see some files nearly 10 lines 

sort: Sort is used to sort text data, this data can be in a file. Sort is often used with pipes as in the example below. 

[root@ns1 ~]# grep bash /etc/passwd | sort 

grep: grep (General Regular Expression Processor), display the lines in a file that match pattern. 

[root@ns1 ~]# ps -aux | grep 'init' 

[root@ns1 ~]# rpm -qa | grep bind 

diff: Compares two files for difference 

[root@ns1 ~]# diff /etc/passwd /etc/group 

> Indicates line in first file 

< Indicates line in second file 

http://oreilly.com/catalog/debian/chapter/book/ch02_03.html 

##################################################################################### 

SUDO 

#useradd info 

#passwd info 

#rpm -qa visudo 

#yum install visudo 

#visudo 

Last line you will write 

info ALL=/usr/sbin/useradd, /urs/bin/passwd, /sbin/shutdown 

:x 

#vim /home/info/.bash_profile 

PATH=.:/usr/local/bin:/usr/sbin:/urs/bin:/sbin 

:x 

 ########################################################################

RAID Configure---------------------------------------------------------------------------- 

Step:1 

#fdisk -l        [Show partition] 

#fdisk /dev/sda 

press m for help:m 

    :n 

    :enter 

    :+500M 

    :p        [show partition] 

    :l        [showing partition id] 

    :t        [t for system id type] 

Partition number(1-11):10 

    :fd        [for raid partition] 

    :t 

Partition number(1-11):10 

    :fd        [for raid partition] 

    :p        [show partition] 

    :w        [for save partition] 

#partprob /dev/sda        [for knowing to kernel] 

Step-2: 

#mdadm -C /dev/md0 -l 0 -n 2 /dev/hda{10, 11}    [doing raid] 

Configure Squirrelmail: Make your virtual host in httpd server. You need to host you webmail into your web server. 

#vim /etc/httpd/conf/httpd.conf 

In last line add this line 

#Virtual for Webmail 

<virtualhost webmail.world.net:80> 

ServerAdmin info@world.net 

DocumentRoot /var/www/html/webmail/ 

ServerName webmail.world.net 

#ErrorLog logs/webmail.pcs.net_log 

#TransferLog logs/webmail.pcs.net.access 

</virtualhost> 

:x

*-*

[root@ns1 ~]# setsebool httpd_can_network_connect=1

[root@ns1 ~]# getsebool httpd_can_network_connect

######################################################################################

Proxy Server for Enterprise Linux 5 

Step-1: 

#rpm -qa | grep squid* 

#rpm -ivh squid* 

#vim /etc/squid/squid.conf 

NB: Change the following line and commands 

Line no        Changes 

73            3128 

738            32 

993            100    16    256 

2395            acl    ourlan    src    192.168.20.0/24 

2396            acl    pc1    src    192.168.20.50 

2397            acl    pc2    src    192.168.20.52 

2398            acl     business_hours    time    S M T W T F    9:00-17:00 

2533        http_access    allow        ourlan 

2534        http_access    allow        business_hours 

2537        http_access    deny        pc1 

2538        http_access    deny        pc2 

2847        visible_host    proxy.world.net 

#service squid restart 

#mii-tool            [To see your network] 

#mii-diag 

#squid -z            [for making cache directory] 

#ls /var/spool/squid/ 

00    01    02    03    -  - -- - -- - FD 

#ls /var/spool/squid/00            [we can see cache sub directory has created or not] 

00    01    02    03    - - - -      256        [show if cache directory has created] 

#tail -f     /var/log/squid/access.log        [showing who is browsing which] 

Client Configure:  

Step-1: 

Right click on Internet Explorer>propertise>Connection>LanSetting>proxy server               port  

Ok>Ok 

www.world.com 

Ok 

Transparent proxy 

#vim /etc/squid/squid.conf--------------------------------------------------- 

Adding  lines in the last line  

http_accel_host                                virtual 

http_accel_port                                80 

http_accel_with_proxy                    on 

http_accel_uses_host_header          on  

:x 

#service squid reload 

#service squid restart 

#iptables -F 

#iptables t nat A PREROUTING i eth1 p tcp - -dport 80 j REDIRECT - -to-ports   8080 

#iptables A OUTPUT j ACCEPT m state - -state NEW o eth0 p tcp - -dport  80 

#service iptables save 

#service squid restart 

FINISH 

###########################################################################################

Web Server for Enterprise Linux 5 

Step-1: 

#rpm -qa | grep http* 

#rpm -qa | grep php*  

#rpm -ivh http* 

#rpm -ivh php* 

#vim /etc/httpd/conf/httpd.conf 

NB: Change the following line and commands and alias to www into forward zone (www IN CNAME     ns1) 

Line no        Changes 

250            ServerAdmin root@ world.net 

264             ServerName www. world.net 

390            index.php 

:x 

#service httpd restart 

#service named reatart 

Step-2: 

#cd /var/www/html 

#touch index.php 

#vim index.php 

<? 

phpinfo(); 

?> 

:x 

#service httpd retart 

#service named restart 

#chkconfig httpd on 

# elinks 

www.world.net 

or Browse www.world.net 

############################################################################################################

Virtual WEB Server 

Virtual Domain------------------------------------------------------------------ 

[root@ns1 ~]# vim /var/named/chroot/etc/named.conf 

zone "pcs1.com" IN {                                (copy dns first zone }

        type master; 

        file "f.zone"; 

        allow-update { none; }; 

}; 

:x 

#cp /var/named/chroot/var/named/f.zone /var/named/chroot/var/named/v.zone 

[root@ns1 ~]# vim /var/named/chroot/var/named/v.zone  

$TTL    86400 

@               IN SOA           ns1.pcs1.com.                    root.pcs1.com. ( 

                                        42              ; serial (d. adams) 

                                        3H              ; refresh 

                                        15M             ; retry 

                                        1W              ; expiry 

                                        1D )            ; minimum 

@               IN NS           ns1.pcs1.com. 

ns1             IN A            192.168.20.1 

mail            IN A            192.168.20.1 

@               IN MX 10        192.168.20.1 

pcs1.com.       IN MX 10        192.168.20.1 

www             IN CNAME        ns1 

ftp             IN CNAME        ns1 

:x 

[root@ns1 ~]# vim /etc/hosts  

127.0.0.1               ns1 localhost.localdomain localhost 

192.168.20.1            pcs.bd          ns1 

192.168.20.1            pcs1.com        ns1 

:x 

[root@ns1 ~]# vim /etc/resolv.conf 

search pcs.bd 

search pcs1.com 

nameserver 192.168.20.1 

:x 

#service network restart 

#service named restart 

#dig pcs.bd 

#dig pcs1.com 

Virtual Web Server---------------------------------------------------------------------------- 

[root@ns1 ~]# vim /etc/httpd/conf/httpd.conf 

NameVirtualHost 192.168.20.1:80                        line:998 change 

# 

<VirtualHost 192.168.20.1:80> 

    ServerAdmin webmaster@pcs.bd 

    DocumentRoot /var/www/html 

    ServerName www.pcs.bd 

#    ErrorLog logs/dummy-host.example.com-error_log 

#    CustomLog logs/dummy-host.example.com-access_log common 

</VirtualHost> 

<VirtualHost 192.168.20.1:80> 

    ServerAdmin webmaster@pcs1.com 

    DocumentRoot /var/www/html/virtual 

    ServerName www.pcs1.com 

#    ErrorLog logs/dummy-host.example.com-error_log 

#    CustomLog logs/dummy-host.example.com-access_log common 

</VirtualHost> 

[root@ns1 ~]# mkdir -p /var/www/html/virtual  

 Here create index.html file 

#############################################################################################3 

RAID Partition 

Before you can create a RAID device, you must first create RAID partitions, using the following step-by-step instructions:  

1.    On the Disk Partitioning Setup screen, select Manually partition with Disk Druid. 

2.    In Disk Druid, choose New to create a new partition. 

3.    You will not be able to enter a mount point (you will be able to do that once you have created your RAID device).  

4.    Choose software RAID from the File System Type pulldown menu as shown in Figure 10-1.  

Figure 10-1. Creating a New RAID Partition 

5.    For Allowable Drives, select the drive(s) on which RAID will be created. If you have multiple drives, all drives will be selected here and you must deselect those drives which will not have the RAID array on them.  

6.    Enter the size that you want the partition to be. 

7.    Select Fixed size to make the partition the specified size, select Fill all space up to (MB) and enter a size in MBs to give range for the partition size, or select Fill to maximum allowable size to make it grow to fill all available space on the hard disk. If you make more than one partition growable, they will share the available free space on the disk.  

8.    Select Force to be a primary partition if you want the partition to be a primary partition.  

9.    Select Check for bad blocks if you want the installation program to check for bad blocks on the hard drive before formatting it.  

10.    Click OK to return to the main screen. 

Repeat these steps to create as many partitions as needed for your RAID setup. Notice that all the partitions do not have to be RAID partitions. For example, you can configure only the /home partition as a software RAID device.  

Once you have all of your partitions created as software RAID partitions, follow these steps:  

1.    Select the RAID button on the Disk Druid main partitioning screen (see Figure 10-3).  

2.    Next, Figure 10-2 will appear, where you can make a RAID device.  

Figure 10-2. Making a RAID Device 

3.    Enter a mount point. 

4.    Choose the file system type for the partition. 

5.    Select a device name such as md0 for the RAID device. 

6.    Choose your RAID level. You can choose from RAID 0, RAID 1, and RAID 5.  

7.    The RAID partitions you just created appear in the RAID Members list. Select which partitions of these partitions should be used to create the RAID device.  

8.    If configuring RAID 1 or RAID 5, specify the number of spare partitions. If a software RAID partition fails, the spare will automatically be used as a replacement. For each spare you want to specify, you must create an additional software RAID partition (in addition to the partitions for the RAID device). In the previous step, select the partitions for the RAID device and the partition(s) for the spare(s).  

9.    After clicking OK, the RAID device will appear in the Drive Summary list as shown in Figure 10-3. At this point, you can continue with your installation process. Refer to the Red Hat Linux Installation Guide for further instructions 

LVM Configuration 

To create a logical volume group with logical volumes during the Red Hat Linux installation:  

1.    On the Disk Partitioning Setup screen, select Manually partition with Disk Druid. 

2.    Select New.  

3.    You will not be able to enter a mount point (you will be able to do that once you have created your volume group).  

4.    Select physical volume (LVM) from the Filesystem Type pulldown menu as shown in Figure 11-1.  

Figure 11-1. Creating a Physical Volume 

5.    A physical volume must be constrained to one drive. For Allowable Drives, select the drive on which the physical volume will be created. If you have multiple drives, all drives will be selected here, and you must deselect all but one drive.  

6.    Enter the size that you want the physical volume to be. 

7.    Select Fixed size to make the physical volume the specified size, select Fill all space up to (MB) and enter a size in MBs to give range for the physical volume size, or select Fill to maximum allowable size to make it grow to fill all available space on the hard disk. If you make more than one growable, they will share the available free space on the disk.  

8.    Select Force to be a primary partition if you want the partition to be a primary partition.  

9.    Select Check for bad blocks if you want the installation program to check for bad blocks on the hard drive before formatting it.  

10.    Click OK to return to the main screen. 

Repeat these step to create as many physical volumes as needed for your LVM setup. For example, if you want the volume group to span over more than one drive, create a physical volume on each of the drives.  

Once all the physical volumes are created, follow these steps:  

1.    Click the LVM button to collect the physical volumes into volume groups. A volume group is basically a collection of physical volumes. You can have multiple logical volume groups, but a physical volume can only be in one volume group.  

2.      

3.    Figure 11-2. Creating an LVM Device 

4.    Change the Volume Group Name if desired. 

5.    All logical volumes inside the volume group must be allocated in physical extent units. By default, the physical extent is set to 4 MB; thus, logical volume sizes must be divisible by 4 MBs. If you enter a size that is not a unit of 4 MBs, the installation program will automatically select the closest size in units of 4 MBs. It is not recommended that you change this setting. 

6.    Select which physical volumes to use for the volume group. 

7.    Create logical volumes with mount points such as /home. Remember that /boot can not be a logical volume. To add a logical volume, click the Add button in the Logical Volumes section. A dialog window as shown in Figure 11-3 will appear.  

Figure 11-3. Creating a Logical Volume 

Repeat these steps for each volume group you want to create.  

###########################################################################################

Linux Router Configure 

#rpm -qa |grep quagga 

#rpm -ivh /mnt/Server/quagga 

#cd /etc/quagga 

#ls 

#vim zebra.conf 

hostname        ns1            [Router hostname] 

password        nopassword        [Password] 

enable    password    nothing        [Password enable] 

:x 

#vim /etc/service 

zebra port 2601 

:x 

#netstat -na | less                [Use to show port number] 

#service zebra restart 

#telnet 127.0.0.1    2601 

Password: nopassword 

Router>enable 

Router#hostname pcs 

Pcs#?                        [For help] 

Pcs#who                    [Which terminal we use to see] 

Pcs#show history 

Pcs#show running-configure 

Pcs#show ? 

Pcs#show version 

Pcs#show ip route 

Pcs#disable 

>enter 

Pcs>enable 

Password nothing 

Pcs#configure terminal 

Conf#? 

Conf#banner motd file /etc/quagga/Welcome 

Conf#ctrl+z 

Pcs#write 

Pcs#configure terminal 

Conf#show running-configure 

Conf#interface eth0 

Conf#ip address 192.168.0.254/24                [Setting IP] 

Conf# interface eth1 

Conf#ip address 192.168.0.1/24 

Conf#ip route 192.168.0.1 255.255.255.0 203.190.32.15    [ip route] 

Conf#write 

Conf#no shutdown 

Conf#ip route 172.16.0.0/16 202.12.32.5            [ip route] 

Conf#no shutdown 

Conf#write 

Conf#no ip route 192.168.0.1/24 203.190.32.15        [route erase] 

#write 

Router RIP 

#cp /etc/quagga/ripd.conf.sample /etc/quagga/ripd.conf 

#vim /etc/quagga/ripd.conf 

#service ripd restart 

#netstat -na | less 

#telnet 127.0.01 ripd    or 2602 

Ripd>enable 

Ripd#configure terminal 

Ripd-conf#router rip 

Ripd-conf-router#varsion 

Ripd-conf-router#route 192.168.0.0/24 

Ripd-conf-router#write 

Ripd-conf-router#exit 

Ripd-conf#line vty            [Line configure mode] 

Ripd-conf-line#exec-timeout 1 

Ripd-conf-line#write 

Ripd-conf-line#ctrl+z 

End 

MRTG (Multi Routing Table Grapher) 

# rpm -qa | grep snmp 

# yum install net-snmp*  

# ps -aux | grep snmp                [determine snmp server running or not] 

root   5512  0.0  2.3  5872 3012 pts/0    S    22:04   0:00 /usr/sbin/snmpd 

or # lsof -i :199 

snmpd   5512 root    4u  IPv4  34432       TCP *:smux (LISTEN) 

or  netstat -natv | grep ':199' 

tcp        0      0 0.0.0.0:199             0.0.0.0:*               LISTEN 

# service snmpd start 

Make sure snmpd service starts automatically 

# chkconfig --add snmpd 

##############################################################################################

Configure SNMP 

#vim //etc/snmp/snmpd.conf 

Change/Modify line(s) as follows: 

Find following Line: 

com2sec notConfigUser  default       public 

Replace with (make sure you replace 192.168.0.0/24 replace with your network IPs) following lines:  

com2sec local     localhost         public 

com2sec mynetwork 192.168.0.0/24         public 

rocommunity pcs 

Find Lines: 

group   notConfigGroup v1             notConfigUser 

group   notConfigGroup v2c           notConfigUser 

Replace with: 

group MyRWGroup v1         local 

group MyRWGroup v2c        local 

group MyRWGroup usm        local 

group MyROGroup v1         mynetwork 

group MyROGroup v2c        mynetwork 

group MyROGroup usm        mynetwork 

Find line: 

view    systemview     included      system 

Replace with: 

view all    included  .1                               80 

:x 

#service snmp restart 

#netstat -na | less            [snmp port 161] 

# chkconfig snmpd on 

# service snmpd start 

# snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex    [Test your snmp server] 

Configure MRTG 

#rpm -qa | grep mrtg 

# yum install mrtg* 

# up2date -v -i mrtg        [If install do update] 

#mkdir -p /var/www/html/traffic 

#cfgmaker --output=/etc/mrtg/pcst.cfg --global workdir:/var/www/html/traffic --global options[_]:growright,bits pcs@192.168.0.1 

or 

#cfgmaker --global 'WorkDir: /home/httpd/        \ 

    --global 'Options[_]: bits,growright'    \ 

    --output /home/mrtg/cfg/mrtg.cfg      \ 

    community@abc.com 

#LANG=C 

#export LANG 

#cd /var/www/html 

#ls 

#cd /traffic 

#ls 

pcst.cfg                [has created or not will see here] 

#vim /etc/mrtg/pcst.cfg 

#mrtg /etc/mrtg/pcst.cfg        [Run this command 3 times] 

#mrtg /etc/mrtg/pcst.cfg 

#mrtg /etc/mrtg/pcst.cfg 

#ls /etc/mrtg 

pcst.ok                    [file will viewed] 

#cd /var/www/html/traffic 

#ls 

#indexmaker --output=/var/www/html/traffic/index/html /etc/mrtg/pcst.cfg     [First test run of mrtg] 

#cd /var/www/html/traffic 

#ls 

index.html                [file will create] 

Create crontab entry so that mrtg graph 

(a) Login as a root user or login as a mrtg user and type following command: 

# crontab -e 

0-59/5 * * * * /usr/bin/mrtg /etc/mrtg/mymrtg.cfg --logging /var/log/mrtg.log 

Go to the graphical mode 

Open mozilla http://192.168.0.1/traffic 

Or www.linuxcolor.net/192..168.0.1.html 

Block ports 161 & 162 at firewall 

SERVER="xxx.xxx.xxx.xxx" 

iptables -A OUTPUT -p udp -s $SERVER --sport 1024:65535 -d 0/0 --dport 161:162 -m state --state NEW,ESTABLISHED -j ACCEPT 

iptables -A INPUT -p udp -s 0/0 --sport 161:162 -d $SERVER --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT 

Firewal------------------------------------------------------------------------------------ 

Rules to write IPTABLE 

#iptables -t filter -A INPUT i eth0 -s 192.168.0.10 -d 192.168.0.1 -j DROP 

#iptables -A INPUT i lo -j ACCEPT 

Step 1: 

#rpm qa | grep iptables 

#service iptables start 

#ntsysv 

set iptables for automatically start during system boot 

Step 2: 

Make a file named  "testfirewall" in opt directory 

#cd /opt 

#touch firewalltest 

Step 3: 

Now it is high time to create a simple firewall script by using linux 

iptables service 

#vi /opt/testfirewall 

#!/bin/sh 

iptables -nL 

iptables -t nat -nL 

iptables -F 

iptables -X 

iptables -t nat -F 

iptables -t nat -X 

iptables -t mangle -F 

Step 4: 

Enable IP forwarding in your linux Box 

echo "1" > /proc/sys/net/ipv4/ip_forward 

Step 5: 

Basic application of iptables in "filter" table 

iptables -A INPUT -s 192.168.10.0/24 -j DROP 

or 

iptables -t filter -A INPUT -s 192.168.10.0/24 -j DROP 

iptables -A INPUT -i eth1 -s 192.168.10.0/24 -j DROP 

iptables -A INPUT -p tcp -m tcp -i eth1 -s 192.168.10.0/24 --dport 80 -j DROP 

iptables -A INPUT -p tcp -m tcp -i eth1 -s 192.168.10.9 --dport 80 -j DROP 

Step 6: 

SNAT application (private ip rapping by real ip), SNAT is applicable in "nat" table 

iptables -t nat -A POSTROUTING -o eth0  -j SNAT --to 203.190.32.3 

iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -o eth0  -j SNAT --to 203.190.32.3 

iptables -t nat -A POSTROUTING -s 192.168.10.10 -o eth0  -j SNAT --to 203.190.32.3 

MASQUERADE application (private ip rapping by real ip), MASQUERADE is applicable in "nat" table 

iptables -t nat -A POSTROUTING -o eth0  -j SNAT --to 203.190.32.3 

iptables -t nat -A POSTROUTING -s 192.168.10.10 -o eth0 -j MASQUERADE 

Note: Basically SNAT is used for statically received ip and MASQUERADE is user for dynamically received ip 

Note: Run in windows Machine >ipconfig /renew "Con; if problem occurred 

Step 7: 

DNAT application (port/ip redirecting), DNAT is applicable in "nat" table 

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to 190.168.10.1:8080 

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 8080 

Thanks with good luck 

############################################################################################# 

NFS Server Configure for Redhat Linux 5 

Server Pc 

#vim /etc/exports 

/Shared    *(rw,sync)        NB: * means all network will get this sheare 

/var/ftp/pub    192.168.20.1(ro,sync) 

:x 

#chkconfig nfs on 

#service nfs restart 

#showmount -e localhost        [will show all shared named] 

Client PC--------------------------------------------------------------------- 

#mkdir /home/Data 

# mount -t nfs     192.168.1.10:/mnt/storage     /home/Data 

Configure: /etc/hosts.allow and /etc/hosts.deny 

These two files specify which computers on the network can use services on your machine. Each line of the file contains a single entry listing a service and a set of machines. When the server gets a request from a machine, it does the following:  

It first checks hosts.allow to see if the machine matches a description listed in there. If it does, then the machine is allowed access. If the machine does not match an entry in hosts.allow, the server then checks hosts.deny to see if the client matches a listing in there. If it does then the machine is denied access. If the client matches no listings in either file, then it is allowed access. 

#/etc/hosts.deny 

portmap:ALL 

lockd:ALL 

mountd:ALL 

rquotad:ALL 

statd:ALL 

:x 

#/etc/hosts.allow 

portmap: 192.168.0.1 , 192.168.0.2 

lockd: 192.168.0.1 , 192.168.0.2 

rquotad: 192.168.0.1 , 192.168.0.2 

mountd: 192.168.0.1 , 192.168.0.2 

statd: 192.168.0.1 , 192.168.0.2 

:x 

#############################################################################################

Samba Server for Enterprise Linux 5 

#rpm -qa samba* 

#rpm -ivh samba* 

#vim /etc/samba/smb.conf 

Line no                changes 

 26 workgroup = ARKGROUP 

29  server string = Samba Server 

34  security = user 

41  hosts allow = 192.168.236.0/24 

45  load printers = yes 

Copy Last [myshare] and paste if below & change it 

[share] 

   comment = Mary's and Fred's stuff 

   path = /var/ftp/pub/Server 

   valid users = info john jane eric u1 

   public = no 

   writable = yes 

   printable = no 

   create mask = 0765 

:x 

#service smb restart 

For Samba Client --------------------------------------------------------- 

#smbpasswd -a kamal 

New SMB password:Open123 

Retype new SMB password:Open123 

For Samba Web administration use samba-swat 

#rpm -qa samba-swat* 

#rpm -ivh samba-swat* 

#vim /etc/xinetd.d/swat 

service swat 

{ 

        port            = 901 

        socket_type     = stream 

        wait            = no 

        only_from       = 192.168.10.0/24 

        user            = root 

        server          = /usr/sbin/swat 

        log_on_failure  += USERID 

        disable         = no 

#service xinetd restart 

#service httpd restart 

#service smb restart 

From Linux pc to window pc browse in your browser 

http://localhost:901 

From window pc to Linux pc browse in your browser 

http://192.168.10.1:901  

##############################################################################################

NIS SERVER 

Use like Domain Controller and Serve Service for Client PC. We need following package ypserv, yptools, ypbind and authconfig rpm 

#rpm -ivh ypserv* 

#rpm -ivh ypbind* 

#rpm -ivh yptools* 

#rpm -ivh authconfig* 

#vim /etc/sysconfig/network 

NETWORKING=yes 

HOSTNAME=ns1 

NISDOMAIN=linux.com 

:x 

#domainname linux.com 

#service network restart 

#vim /var/yp/Makefile 

all: passwd group        [line no 113] 

:x 

#service ypserv restart 

#service portmap restart 

#/usr/lib/yp/ypinit -m 

a quiry will come just press ctrl+d then press y 

#cd /var/yp 

#make 

[yp database will update for new user to give NIS facialities] 

NIS CLIENT 

#authconfig-tui 

Select [*] Use NIS then  

next 

Domain: linux.com 

Server: 192.168.10.1 

#service ypbind restart 

#ypcat passwd 

#ypmatch nisuser passwd 

OK End 

SSH-Secure Shell 

SSH used for remotly administration 

a) # chkconfig --list sshd 

sshd            0:on    1:on    2:on    3:on    4:on    5:on    6:on 

Or #chkconfig --level 0123456 sshd on/off 

#Service sshd restart 

#ssh 192.168.236.3            [Used to connect root user] 

root@192.168.236.3's password: 

# ssh -l info 192.168.236.3        [Used to connect normal user] 

info@192.168.236.3's password: 

Last login: Tue Jul 29 03:38:37 2008 

[info@ns1 ~]$ 

NB: ssh is more essensial remote administraton thats why we will chage defaults port number 

b) #netstat -an |grep 435 

No response allows us to proceed. 

#vim /etc/ssh/sshd_config 

   Port 345/22                [line 35 change 435 if you want] 

#   Protocol 2,1 

#   Cipher 3des 

:x 

#service sshd restart 

c) Check to ensure SSH is runing on new port 

#netstat pant |grep 435 

Using SSH to Login a Remote Machine 

#ssh 192.168.236.3            [Used to connect root user] 

# ssh -l info 192.168.236.3        [Used to connect normal user] 

########################################################################################### 

Internet Sharing 

Configure your LAN eth0 

#vim /etc/sysconfig/network-scripts/ifcfg-eth0 

DEVICE=eth0 

ONBOOT=yes 

BOOTPROTO=static 

IPADDR=203.190.33.206 

NETMASK=255.255.255.248 

GATEWAY=203.190.33.205 

:x 

Configure your LAN eth1 

#vim /etc/sysconfig/network-scripts/ifcfg-eth1 

DEVICE=eth1 

ONBOOT=yes 

BOOTPROTO=static 

IPADDR=192.168.20.1 

NETMASK=255.255.255.0 

:x 

#chkconfig network on 

#service network restart 

IP Forwarding------------------------------------------------------------------------------ 

#vim /etc/sysctl.conf 

# Controls IP packet forwarding 

net.ipv4.ip_forward = 1                line 7[Here you will erase=0 and will put=1 value] 

:x 

#sysctl -p        [Viewing the IP forwarding = 1] 

net.ipv4.ip_forward = 1 

net.ipv4.conf.default.rp_filter = 1 

#setup 

[*]    firewall enable 

OK 

#service iptables restart 

MASQUERADE----------------------------------------------------------------------------------- 

#iptables -t nat -A POSTROUTING -s 192.168.20.0/24 -j MASQUERADE 

#service iptables save 

#iptables -L                [Checking Masquerade] 

#iptables -t nat -L            [Showing MASQUERADE all --192.168.20.0 anywhere] 

Chain POSTROUTING (policy ACCEPT) 

target     prot opt source               destination          

MASQUERADE  all  --  192.168.20.0/24      anywhere    

#service network restart 

#service iptables restart 

Virtual LAN Create------------------------------------------------------------------------------ 

#cp /etc/sysconfig/network-scripts/ifcfg-eth0  /etc/sysconfig/network-scripts/ifcfg-eth0:1 

#/etc/sysconfig/network-scripts/ifcfg-eth0:1 

DEVICE=eth0:1 

ONBOOT=yes 

BOOTPROTO=static 

IPADDR=192.168.20.2 

NETMASK=255.255.255.0 

:x 

#service network restart 

###############################**************************#####################################

Proxy Server 

#yum install squid 

#vim /etc/squid/squid.conf 

# Squid normally listens to port 3128 

http_port 8080                line 70 

#Default: 

 cache_mem 8 MB            line 737 

#Default: 

 cache_dir ufs /var/spool/squid 100 16 256        line 993 

#  To log the request via syslog specify a filepath of "syslog" 

access_log /var/log/squid/access.log squid            line 1083 

#Default: 

 cache_log /var/log/squid/cache.log                line 1087 

#Default: 

 cache_store_log /var/log/squid/store.log            line 1099 

# be allowed 

acl our_networks src 192.168.1.0/24                line 2522 

http_access allow    our_networks                line 2527 

visible_hostname www.pcs.bd        (write this)        line 2837 

:X 

#squid -z 

#chkconfig squid on 

#service squid restart 

#mii-tools            to see network connectivity 

#mii-diag