Archive for July, 2009

SBDavid
Jul 23rd, 2009

Change priority of swap files

Change priority of swap files

You can check the current priority of the swap file from /proc/swaps.

$ cat /proc/swaps

Inorder to change the priority of the swap partitions, you need to edit the “fstab” and append the new priority. If you have the fstab entry for your swap file /swap1 as:

/swap1 swap swap defaults 0 0

then append the following:

/swap1 swap swap pri=x,defaults 0 0

where x is the new priority you have set.

You can re-mount it by using ‘mount -a’ command.

SBDavid
Jul 22nd, 2009

Struture of IPv6

Struture of IPv6

The basic structure of IPv6

128 bits as the total
48 bits prefix to the site
16 bits for the subnets in the site
64 bits for host part

Also the stucture of IPv6 from left to right

3 bits: 001 (10% of the total address space reserved)
next 13 bits for the TLA ( Top Level Aggregator)
8 bits reserved
24 bits for the NLAs (Next level Aggregator)
16 bits for the site subnets = 65536 subnets
64 bits for the interface identifier
Total = 128 bits.

Address format of IPv6

Address Format is as follows. It is 128 bit ip address represented in Hexa decimal notation. An example is given below

2001:0000:1234:0000:0000:C1C0:ABCD:0876

this can be also represented as

2001:0000:1234:0:0:C1C0:ABCD:0876

When there are two consecutive zeros this can be represented also as

2001:0000:1234::C1C0:ABCD:0876

In browser you can access the site using ip. This can be done by putting square brackets as show below

http://[2001:0db8:85a3:08d3:1319:8a2e:0370:7344]/

Also if you want to access a particular port give like this

http://[2001:0db8:85a3:08d3:1319:8a2e:0370:7344]:8080
SBDavid
Jul 21st, 2009

Setting up the firewall for Passive FTP

Setting up the firewall for Passive FTP: (APF Firewall)

1.Open your APF configuration file with your favorite editor. This configuration file is usually located at: /etc/apf/conf.apf

vi /etc/apf/conf.apf

2. Select a port range to use for the passive FTP connection, and find the line that looks like this:

IG_TCP_CPORTS=”20, 21, 22, 25, 53, 80, 110, 143, 443, 465, 993, 995, 2082, 2083, 2086, 2087, 2095, 2096, 3306″

If this list of ports already includes a port range above 20000, then you can skip onto configuring your FTP Server, but remeber the range listed. (20000 to 30000 would be written as 20000_30000)

3. Add the port range to the end of the line and within the quotation marks(”). Remeber each port/port range is seperated by a comman(,), and a port range between 35000 to 36000 is written as 35000_36000 .

IG_TCP_CPORTS=”20, 21, 22, 25, 53, 80, 110, 143, 443, 465, 993, 995, 2082, 2083, 2086, 2087, 2095, 2096, 3306, 35000_36000″

3. Save and restart your firewall.

To restart your firewall:

/etc/init.d/apf restart
SBDavid
Jul 20th, 2009

Redirecting Standard Error

Redirecting Standard Error

Instead of redirecting the standard output to a file, you can redirect the error messages to a file. This can be done by placing a 2 directly in front of the redirection angle bracket. If you are not interested in the error messages, you simply can send them to /dev/null

$ find / -name foo 2> /dev/null

This shows you the location of file foo, if it exists, without those pesky permission denied error messages. I almost always invoke the find command in this way.

The number 2 represents the standard error output stream. Standard error is where most commands send their error messages. Normal (non-error) output is sent to standard output, which can be represented by the number 1. Because most redirected output is the standard output, output redirection works only on the standard output stream by default. This makes the following two commands equivalent:

find / -name foo > output.txt
$ find / -name foo 1> output.txt

$

piping the output to another command.

find -name test.sh 2>&1 | tee /tmp/output2.txt
SBDavid
Jul 19th, 2009

How to see the current configuration of interface

How to see the current configuration of interface

You may do it by using either ethtool or mii-tool.

1. Using mii-tool

To see the current configuration of interface.

[root@bash ~]# mii-tool -v eth0
eth0: negotiated 100baseTx-FD, link ok
product info: vendor 00:00:20, model 32 rev 1
basic mode: autonegotiation enabled
basic status: autonegotiation complete, link ok
capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
advertising: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
link partner: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control

You may see that the interface supports auto-negotiation (basic mode: autonegotiation enabled) and it is operating at 100 Mb/s in full duplex mode (100baseTx-FD). As you may see, the interface can operate in modes specified in the advertising line. In order to change it to 100 Mb/s, Half Duplex mode use the same command with the following options.

[root@bash ~]# mii-tool -F 100baseTx-HD eth0

You may verify the new configuration by using the same command with option -v as shown above.

2. Using ethtool

To see the current configuration,

[root@bash ~]# ethtool eth0
Settings for eth0:
Supported ports: [ TP MII ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
Supports auto-negotiation: Yes
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
Advertised auto-negotiation: No
Speed: 100Mb/s
Duplex: Half
Port: MII
PHYAD: 1
Transceiver: internal
Auto-negotiation: off
Supports Wake-on: pg
Wake-on: d
Current message level: 0×000000c5 (197)
Link detected: yes

You may change the other settings like speed, duplex and auto negotiations as follows.

[root@bash ~]# ethtool -s eth0 duplex full|half
[root@bash ~]# ethtool -s eth0 speed 10|100|1000
[root@bash ~]# ethtool -s eth0 autoneg on|off

You may specify all those options in a single command too.

« Prev - Next »