January 14, 2016, 10:11 pm
I use PeerGuardian Linux to block IPs as extra layer of protection my servers. Because I block more than I need, I wanted a way to quickly add IPs to the allow.p2p file by their hostname. Below is the contents of my “Add_Allow_IPs” script.
nslookup $1 | sed -e '1,4 d' -e '$ d' -e 'N;s/\n/ /' -e 's/ Address: /:/g' -e 's/Name:\t//g' >> /etc/pgl/allow.p2p
sudo pglcmd reload
sudo pglcmd restart
So now if I run:
./Add_Allow_IPs google.com
It will take out all the google.com ipv4 addresses from nslookup output and make them line items in the allow.p2p file. It dose not work for IPV6 and CNAME results.
January 14, 2016, 10:01 pm
If you want ZFS’s snapshots to show up as previous versions in Windows File Shares you need to have ZFS backed, samba data set with 1 or more snapshots. My zfs data set is tank in my examples. A snapshot can be made manually or automatically. The easy way to manage automatic snapshots is to use ‘zfs-auto-snapshot’ that is bundled with zfsonlinux. Example for hourly snapshots of the tank.
zfs-auto-snapshot -l hourly tank
Or you can use cron to do hourly snapshots for you.
5 */1 * * * zfs snapshot tank@`date +%F-%H%M`
Also cron can clean up old snapshots. (Careful with this one. Verify zfs list -H -o name -t snapshot -r tank | head -n 24 output first)
30 0 * * * zfs list -H -o name -t snapshot -r tank | head -n 24 | xargs -n1 sudo zfs destroy
Lastly to have samba to use ZFS snapshots you’ll need shadow: format, vfs objects, shadow: sort, and shadow: snapdir added to your samba share. Here is example config with if using zfs-auto-snapshot hourly.
[tank]
shadow: format = zfs-auto-snap_hourly-%F-%H%M
vfs objects = shadow_copy2
shadow: sort = desc
path = /tank
comment = ZFS dataset with Previous Versions enabled
writeable = yes
public = yes
shadow: snapdir = .zfs/snapshot
January 19, 2015, 9:57 am
When I first put together my home ESXi box, I used a Intel Pro/1000 PT quad port NIC. All was great until I wanted to pass-through individual ports to specific virtual machines. So I purchased a newer Intel I350 quad port NIC that supported what I wanted to do. Then I gave my old Pro/1000 quad port to a friend that needed it for his home ESXi box. Months down the road, my friends ESXi box came to live next to mine. With both machines running, connecting to the vSphere management or SSH was terrible. Connection was unreliable but guest OS’s networking seemed to work fine. On my workstation I would ping each ESXi box and neither would respond at the same time. I launched wireshark and noticed there were constant ARP requests for each ESXi management IP. These ARP requests were getting the same MAC for each IP. Doh! Little research on google and found this VMware KB.To sum it up, once you create a ESXi management interface it uses the physical mac address. If you replace the physical hardware it will keep the old mac address. It required me to remove the management interface and re-create it. Now the management interface has the physical address of my newer I350 NIC. In VMwares’s KB they have this work around.
esxcfg-advcfg -s 1 /Net/FollowHardwareMac
Above command in ESXi Shell should update the Management interface mac to the physical mac address if the underlying hardware changes.
June 3, 2014, 4:18 pm
When I do full backups of a hard drive, mostly for recovery reasons, I almost always use GNU ddrescue. When I want to access a single file off that image I’ve been using a great windows application called ImDisk. Open it up, point to the raw image on my nas, it will ask me what partition to mount. For NTFS partitions it auto mounts to my windows system and I can grab what ever I need.
But I wanted to do this in linux. I knew about losetup and mapping a loop device. But this does not work for images with partition tables. After little googling I found kpartx. Simple 1 line solution.
kpartx -a -v /path/to/img.file
This will look at that image file’s partition table (I can only confirm MBR support) and map to a loop device. Then it will map each partition at /dev/mapper/loopXpX. If needed you can symlink /dev/mapper/loopXpX to /dev/loopXpX, so application like gparted can understand the partition layout.
** Now to do this in FreeBSD (Like Nas4free/FreeNas)
mdconfig -a -t vnode -u 0 -f /path/to/img.file
this makes a MD device. Now you can mount /dev/mdXpX, or run other file system tools.
January 20, 2014, 8:59 pm
I recently purchased a USB 3 drive dock (Orico 6619) because my current drive dock (MyGica… no model number) doesn’t support SMART info with smartctl command.
jason@j2c ~ $ sudo smartctl /dev/sdb -a
smartctl 6.2 2013-07-26 r3841 [x86_64-linux-3.11.0-12-generic] (local build)
Copyright (C) 2002-13, Bruce Allen, Christian Franke, www.smartmontools.org
Read Device Identity failed: scsi error unsupported scsi opcode
A mandatory SMART command failed: exiting. To continue, add one or more '-T permissive' options.
And then found out the vendor id:product id was in the smartmontools bad list. So when I got my new USB 3 enclosure (impulse buy, I did no research) I was sadden by this
jason@j2c ~ $ sudo smartctl /dev/sdb -a
smartctl 6.2 2013-07-26 r3841 [x86_64-linux-3.11.0-12-generic] (local build)
Copyright (C) 2002-13, Bruce Allen, Christian Franke, www.smartmontools.org
/dev/sdb: Unknown USB bridge [0x2537:0x1066 (0x100)]
Please specify device type with the -d option.
Use smartctl -h to get a usage summary
I was bummed. After reading smartmontools mailing list archive, most new USB3 devices worked with the -d sat option.
sudo smartctl /dev/sdb -a -d sat
smartctl 6.2 2013-07-26 r3841 [x86_64-linux-3.11.0-12-generic] (local build)
Copyright (C) 2002-13, Bruce Allen, Christian Franke, www.smartmontools.org
=== START OF INFORMATION SECTION ===
Model Family: Seagate Momentus 7200.4
Device Model: ST9320423AS
....
Sucsess! My new drive dock does work with SMART read outs! Back to saving peoples data off old hard drives.
September 7, 2013, 8:41 pm
I found a neat Linux command line helper. PV : Pipe Viewer. It allows me to view the data throughput (ex MB/s), ETA, and progress bar when moving data through a pipe. For example I just used it when restoring hard drive image to a new physical disk.
pv -petr /backup/image.img | dd of=/dev/sda
September 7, 2013, 3:14 pm
In the attempt to restore data off a failing hard drive I use ddrescue to make raw copy of a hard disk. But I wanted to attempt to boot the system in a virtual box for a more simple data recovery. Because the VirtualBox GUI does not have the ability to make raw device mapping you must do it by VBoxManage command. I just open up a terminal, cd into my VirtualBox storage folder and run:
VBoxManage internalcommands createrawvmdk -filename my_raw_mapping.vmdk -rawdisk /path/to/backup.img
Now map the newly created vdmk file to your VM and off you go.
July 2, 2013, 5:32 pm
We had an issue here at the office where if we received a plain text e-mail (mostly from outlook users), then reply as HTML it would place the the whole reply in the <pre> tag. This would cause the whole quoted message not to wrap and making it a pain to read and impossible to print.
Here is solution that seems to work so far
March 24, 2013, 10:13 am
This global section of the smb.conf, in my case, is the bare minimum to get started with simple guest/anonymous access to their Samba box to Windows 7 clients.
[global]
netbios name = [server name here]
workgroup = [workgroup name here]
socket options = TCP_NODELAY
guest account = nobody
map to guest = Bad User
smb passwd file = /var/etc/private/smbpasswd #Not needed. I bet default value of smb passwd file would work also
private dir = /var/etc/private #Same here. Default value should work.
passdb backend = tdbsam
idmap config * : backend = tdb
idmap config * : range = 10000-39999
February 6, 2013, 12:20 pm
When you need have raw drive to a VM in ESXi without passing the whole controller to the VM, you’ll need RDM (Raw Device Mapping).
Here is the jist, in a SSH session with ESXi server:
vmkfstools -z /vmfs/devices/disks/ /vmfs/volumes///.vmdk
More details
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1017530