Thursday, January 20, 2011

How to allow secure mail SMTP ports at the firewall?



Following iptables rules will allow server SMTPS incoming client request (open port 465) for server ip address "server_IP" :

#iptables -A INPUT -p tcp -s 0/0 --sport 1024:65535 -d server_IP --dport 465 -m state --state NEW,ESTABLISHED -j ACCEPT
#iptables -A OUTPUT -p tcp -s server_IP --sport 465 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT

Monday, January 17, 2011

How to check the network driver on the linux machine?

■ Requirement : How to check the network driver on the linux machine?
■ OS Environment : Linux[RHEL, Centos]
■ Implementation Steps : 

$ dmesg | grep eth0
$ modinfo driver_name


Sunday, January 16, 2011

How to increase the size of memory on linux?

■ Requirement : How to increase the size of virtual memory
■ OS Environment : Linux[RHEL, Centos]
■ Implementation Steps : 

When a Linux system is initially set up, a swap partition is created on the hard drive that will be used as virtual memory in Linux, along with other partitions used for data.

Here are the steps to create the swap file :

#dd if=/dev/zero of=/mnt/swapfile bs=1M count=1024
#mkswap /mnt/swapfile
#swapon /mnt/swapfile
#echo "/mnt/swapfile none swap defaults 0 0" >> /etc/fstab


Wednesday, January 12, 2011

How to use tcpdump command to capture the network packet?

■ Requirement : tcpdump example
■ OS Environment : Linux[RHEL, Centos]
■ Application:tcpdump
■ Resolution : 

  • Capture complete to tcp packets :

$tcpdump -nnvXSs 1514 -c2 tcp

  •  host : look for traffic based on IP address (also works with hostname if you're not using -n)

$ tcpdump host 1.2.3.4

  •  src, dst :  find traffic from only a source or destination (eliminates one side of a host conversation)

$ tcpdump src 2.3.4.5
$ tcpdump dst 3.4.5.6

  • net : capture an entire network using CIDR notation

$ tcpdump net 1.2.3.0/24

  •  proto : works for tcp, udp, and icmp. Note that you don't have to type proto

$ tcpdump icmp

  • port : see only traffic to or from a certain port

$tcpdump port 3389

  • src, dst port:  filter based on the source or destination port

$ tcpdump src port 1025
$ tcpdump dst port 389

  •  src/dst, port, protocol : combine all three

$ tcpdump src port 1025 and tcp
$ tcpdump udp and src port 53

  • Port Ranges:  see traffic to any port in a range

$tcpdump portrange 21-23

  • Packet Size Filter : only see packets below or above a certain size (in bytes)

$tcpdump less 32
$tcpdump greater 128
$tcpdump > 32
$tcpdump <= 128

  • Capture all Port 80 Traffic to a File:

$ tcpdump -s 1514 port 80 -w capture_file

Much important :

Then, at some point in the future, you can then read the traffic back in like so:

  • Read Captured Traffic back into tcpdump:

$ tcpdump -r capture_file

Logical expression :
1. AND
and or &&
2. OR
or or ||
3. EXCEPT
not or !

  • TCP traffic from 10.5.2.3 destined for port 3389:

$ tcpdump -nnvvS tcp and src 10.5.2.3 and dst port 3389

  • Traffic originating from the 192.168 network headed for the 10 or 172.16 networks:

$ tcpdump -nvX src net 192.168.0.0/16 and dst net 10.0.0.0/8 or 172.16.0.0/16

  • Non-ICMP traffic destined for 192.168.0.2 from the 172.16 network:

$ tcpdump -nvvXSs 1514 dst 192.168.0.2 and src net 172.16.0.0/16 and not icmp

  • Traffic originating from Mars or Pluto that isn't to the SSH port: requires name resolution

$ tcpdump -vv src mars or pluto and not dst port 22

First assembly programme on 64bit linux machine??

Platform : x64 bit intel arch
Processor : intel core i5 processor
OS : RHEL6 linux
Compiler name : NASM
Assembly compiler src : Download nasm-2.09.03.tar.gz from nasm.us. 

  • Example of asm programme :

cat hello.asm

section .data ;section declaration

msg db "Hello, world!",0xa ;our dear string
len equ $ - msg ;length of our dear string

section .text ;section declaration

;we must export the entry point to the ELF linker or
global _start ;loader. They conventionally recognize _start as their
;entry point. Use ld -e foo to override the default.

_start:

;write our string to stdout

mov edx,len ;third argument: message length
mov ecx,msg ;second argument: pointer to message to write
mov ebx,1 ;first argument: file handle (stdout)
mov eax,4 ;system call number (sys_write)
int 0x80 ;call kernel

;and exit

mov ebx,0 ;first syscall argument: exit code
mov eax,1 ;system call number (sys_exit)
int 0x80 ;call kernel

  • Compiling above program :

 $ nasm -f elf hello.asm

Linking(making one executable file using object files) :

$ ld -s -o hello hello.o

or

$ ld -m elf_i386 -s -o hello hello.o

  • Execution of binary :

$./hello
Hello, world!


NOTE : $ ld -m elf_i386 -s -o hello hello.o

 Here code has compatible on 32 bit machine. But to compile it on 64bit machine, I used emulator here for 32bit machine. It's "elf_i386". An emulator in computer sciences duplicates (provides an emulation of) the functions of one system using a different system, so that the second system behaves like (and appears to be) the first system.


How kernel invokes system call function on linux ?

Guys,

I have mentioned the steps here so that you'll get an idea about the invoking of the system call.

============
1. Executing any command or task. Process has been generated.
2. Process calls library function in user space.
3. Library is consisted of different types of object files and object files contain "system call" function(s). Library also pushes arguments on the stack.
4. Library will issue syscall (int 0x80 / sysenter / ...)
5. Execution will switch to syscall context in kernel mode.
6. kernel will look up systemcall table and dispatch to respective function syscall function in the kernel will handle the syscall. Then result will be returned to the user space.
7. If task is related to any device, kernel will call the device driver (module or subroutine ) and in the mean time it'll send one interrupt to that device so that its driver can access it and process the desired operation and return the result to the kernel. The result will be ok or error and this will be returned to userspace.

Note : Here is the URL for system call table

----
http://bluemaster.iu.hio.no/edu/dark/lin-asm/syscalls.html
----

============

That's it.

Example : I have executed some commands at the user level to give an idea.

command : ls

===========
[root@kmaiti /]# ls //executed command
bin cgroup etc lib lost+found misc mounted NotBackedUp proc root selinux srv tmp var
boot dev home lib64 media mnt net opt remotehome sbin share sys usr VirtualMachines
[root@kmaiti /]# which ls
alias ls='ls --color=auto'
/bin/ls
[root@kmaiti /]# ldd /bin/ls //Depended libraries of the ls binary file
linux-vdso.so.1 => (0x00007fff06dff000)
libselinux.so.1 => /lib64/libselinux.so.1 (0x0000003d45a00000)
librt.so.1 => /lib64/librt.so.1 (0x0000003d44e00000)
libcap.so.2 => /lib64/libcap.so.2 (0x0000003d4de00000)
libacl.so.1 => /lib64/libacl.so.1 (0x0000003929a00000)
libc.so.6 => /lib64/libc.so.6 (0x0000003d43e00000)
libdl.so.2 => /lib64/libdl.so.2 (0x0000003d44600000)
/lib64/ld-linux-x86-64.so.2 (0x0000003d43a00000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x0000003d44200000)
libattr.so.1 => /lib64/libattr.so.1 (0x0000003d54600000)

[root@kmaiti /]# strace ls //Tracing the system call functions
execve("/bin/ls", ["ls"], [/* 27 vars */]) = 0
brk(0) = 0x2618000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7c8998d000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=108955, ...}) = 0
mmap(NULL, 108955, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f7c89972000
close(3) = 0
open("/lib64/libselinux.so.1", O_RDONLY) = 3 //SEE HERE ONE LIBRARY HAS BEEN CALLED
. . . .. . . . .. . . . .. . . . . .. . ..

Here execve, mmap, open, access, fstat, close all are system call functions.

Example of 4th step using assembly language (I am showing how kernel has been called ):

Program : printing "Hello, world!"

--------
[root@kmaiti assembly_test]# cat hello.asm
section .data ;section declaration

msg db "Hello, world!",0xa ;our dear string
len equ $ - msg ;length of our dear string

section .text ;section declaration

;we must export the entry point to the ELF linker or
global _start ;loader. They conventionally recognize _start as their
;entry point. Use ld -e foo to override the default.

_start:

;write our string to stdout

mov edx,len ;third argument: message length
mov ecx,msg ;second argument: pointer to message to write
mov ebx,1 ;first argument: file handle (stdout)
mov eax,4 ;system call number (sys_write)
int 0x80 ;call kernel

;and exit

mov ebx,0 ;first syscall argument: exit code
mov eax,1 ;system call number (sys_exit)
int 0x80 ;call kernel

[root@kmaiti assembly_test]# ./hello
Hello, world!
[root@kmaiti assembly_test]#

--------

See kernel has been called at the last line.

===========


Check it out and let me know if you want to suggest anything here :) I appreciate you in advance.

Take care :)

Thursday, January 6, 2011

How to install mplayer on linux machine?

■ Requirement : Install mplayer
■ OS Environment : Linux[RHEL, Centos]
■ Application: mplayer
■  Prerequisites : svn, ffmpeg
■ Implementation Steps : 

       mplayer can be used to watch video files on linux machine. You can download the software using svn(subversion) tool. Just make sure that svn has installed on the machine(check like : which svn). If it's there then stop the firewall and follow to compile the mplayer package.

$cd /usr/local/src
$svn checkout svn://svn.mplayerhq.hu/mplayer/trunk mplayer
$cd mplayer
$ svn update
$./configure
$make
$ make install



configure: error: could not find library containing RSA_new

Guys,

It seems you have enabled the SSL option during configuring the package. Please either resolve that dependency or disable the SSL option.

Example (configuring neon, needed to install svn) :

With SSL :
--------
cd ../neon
./configure --enable-shared --prefix=$HOME \
--with-libs=$HOME --with-ssl
--------

Without SSL :

--------
cd ../neon
./configure --enable-shared --prefix=$HOME \
--with-libs=$HOME
--------

try :)

How to install subversion (svn) on linux ?

Guys,

I have referred the second procedure to install svn on my rhel6 mc.

Procedure 1 :
=========
cd /usr/local/src/

wget http://subversion.tigris.org/downloads/subversion-1.4.5.tar.gz
wget http://subversion.tigris.org/downloads/subversion-deps-1.4.5.tar.gz
wget http://www.sqlite.org/sqlite-3.5.2.tar.gz

tar xzf subversion-1.4.5.tar.gz
tar xzf subversion-deps-1.4.5.tar.gz
tar xzf sqlite-3.5.2.tar.gz

cd sqlite-3.5.2
./configure
make
make install

cd ../subversion-1.4.5
./configure
make
make install
================


Note : If above one doesn't work please refer the following steps :


Procedure 2 :


================
wget http://subversion.tigris.org/downloads/subversion-1.4.6.tar.gz
wget http://subversion.tigris.org/downloads/subversion-deps-1.4.6.tar.gz
tar -xzvf subversion-1.4.6.tar.gz
tar -xzvf subversion-deps-1.4.6.tar.gz
cd subversion-1.4.6

cd apr
./configure --enable-shared --prefix=$HOME
make && make install

cd ../apr-util
./configure --enable-shared --prefix=$HOME \
--with-expat=builtin --with-apr=$HOME \
--without-berkeley-db
make && make install

cd ../neon
./configure --enable-shared --prefix=$HOME \
--with-libs=$HOME
make && make install

./configure --prefix=$HOME --without-berkeley-db \
--with-editor=/usr/bin/vim --with-apr=$HOME \
--with-apr-util=$HOME --with-neon=$HOME \
--without-apxs --without-apache
make && make install

check :

which svn
svn --version
================

Try :)

Tuesday, January 4, 2011

How to configure tata photon on linux machine ?

■ Requirement : How to configure tata photon on linux machine
■ OS Environment : Linux[RHEL, Centos]
■ Application:wvdial
■ Implementation Steps : 

1. Execute below command :

$ wvdial

 I received following messages :

--> WvDial: Internet dialer version 1.60
--> Cannot get information for serial port.
--> Initializing modem.
--> Sending: ATZ
^RSSILVL: 60
--> Sending: ATQ0
ATQ0
OK
--> Re-Sending: ATZ
ATZ
OK
--> Cannot get information for serial port.
--> Initializing modem.
--> Sending: ATZ
ATZ
OK
--> Sending: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
OK
--> Modem initialized.
--> Sending: ATDT#777
--> Waiting for carrier.
ATDT#777
ERROR
--> Invalid dial command.

          I got the above error message during executing the "wvdial" command to configure the Tata Photon+ EC1261 USB modem with the RHEL6 linux machine. The error usually throws if your modem isn't activated. You need to first activate it. I spent 3-4 hrs to activate it on my linux machine but I was unable to do that since I needed to dial *228. But there was no such option on linux either at GUI or at command prompt. So, my basic concept is I have to activate it at the windows machine. That I did on my friend's machine. Then I just connect the modem to my laptop. Then executed "wvdial" command. It was automatically connected the modem and it had shown two DNS IP addresses. I added those IP in the /etc/resolve.cof file. Then I successfully browsed the google.com and other sites.

Execution of the wvdial command :

$ wvdial
--> WvDial: Internet dialer version 1.60
--> Cannot get information for serial port.
--> Initializing modem.
--> Sending: ATZ
OK
--> Sending: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
OK
--> Modem initialized.
--> Sending: ATDT#777
--> Waiting for carrier.
ATDT#777
CONNECT
--> Carrier detected. Starting PPP immediately.
--> Starting pppd at Tue Jan 4 14:03:23 2011
--> Pid of pppd: 9827
--> Using interface ppp0
--> pppd: =
--> pppd: =
--> pppd: =
--> pppd: =
--> local IP address 59.161.2.155
--> pppd: =
--> remote IP address 172.29.243.145
--> pppd: =
--> primary DNS address 121.242.190.180
--> pppd: =
--> secondary DNS address 121.242.190.210
--> pppd: =


^CCaught signal 2: Attempting to exit gracefully...
--> Terminating on signal 15
--> pppd: =
--> Connect time 16.2 minutes.
--> pppd: =
--> pppd: =
--> Disconnecting at Tue Jan 4 14:19:31 2011

2. Config file looks like below :

$ cat /etc/wvdial.conf

[Dialer Defaults]
Init1 = ATZ
Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
Modem Type = Analog Modem
; Phone =
ISDN = 0
; Username =

; Password =

;Phone = 934XXXXXXX
Phone = #777
Modem = /dev/ttyUSB2
Username = XXXX
Password = XXXX
Baud = 9600
Dial Command = ATDT
New PPPD = yes
stupid Mode = 1

ATDT#777 ERROR --> Invalid dial command

Guys,

==============
[root@kmaiti ~]# wvdial
--> WvDial: Internet dialer version 1.60
--> Cannot get information for serial port.
--> Initializing modem.
--> Sending: ATZ
^RSSILVL: 60
--> Sending: ATQ0
ATQ0
OK
--> Re-Sending: ATZ
ATZ
OK
--> Cannot get information for serial port.
--> Initializing modem.
--> Sending: ATZ
ATZ
OK
--> Sending: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
OK
--> Modem initialized.
--> Sending: ATDT#777
--> Waiting for carrier.
ATDT#777
ERROR
--> Invalid dial command.
==============

I got the above error message during executing the "wvdial" command to configure the Tata Photon+ EC1261 USB modem with the RHEL6 linux machine. The error usually throws if your modem isn't activated. You need to first activate it. I spent 3-4 hrs to activate it on my linux machine but I was unable to do that since I needed to dial *228. But there was no such option on linux either at GUI or at command prompt. So, my basic concept is I have to activate it at the windows machine. That I did on my friend's machine. Then I just connect the modem to my laptop. Then executed "wvdial" command. It was automatically connected the modem and it had shown two DNS IP addresses. I added those IP in the /etc/resolve.com file. Then I successfully browsed the google.com and other sites. So, /etc/resolve.conf file looks :

----------------
[root@kmaiti ~]# cat /etc/resolv.conf
#@VPNC_GENERATED@ -- this file is generated by vpnc
# and will be overwritten by vpnc
# as long as the above mark is intact
# Generated by NetworkManager
search csb redhat.com


# No nameservers found; try putting DNS servers into your
# ifcfg files in /etc/sysconfig/network-scripts like so:
#
# DNS1=xxx.xxx.xxx.xxx
# DNS2=xxx.xxx.xxx.xxx
# DOMAIN=lab.foo.com bar.foo.com
nameserver 10.11.255.156
nameserver 10.7.142.21
[root@kmaiti ~]#
----------------

Execution of the wvdial command :

===============
[root@kmaiti ~]# wvdial
--> WvDial: Internet dialer version 1.60
--> Cannot get information for serial port.
--> Initializing modem.
--> Sending: ATZ
OK
--> Sending: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
OK
--> Modem initialized.
--> Sending: ATDT#777
--> Waiting for carrier.
ATDT#777
CONNECT
--> Carrier detected. Starting PPP immediately.
--> Starting pppd at Tue Jan 4 14:03:23 2011
--> Pid of pppd: 9827
--> Using interface ppp0
--> pppd: =
--> pppd: =
--> pppd: =
--> pppd: =
--> local IP address 59.161.2.155
--> pppd: =
--> remote IP address 172.29.243.145
--> pppd: =
--> primary DNS address 121.242.190.180
--> pppd: =
--> secondary DNS address 121.242.190.210
--> pppd: =


^CCaught signal 2: Attempting to exit gracefully...
--> Terminating on signal 15
--> pppd: =
--> Connect time 16.2 minutes.
--> pppd: =
--> pppd: =
--> Disconnecting at Tue Jan 4 14:19:31 2011
[root@kmaiti ~]#
===============

So, first activate the modem with your service provider and then refer the following steps to configure the modem on your linux machine :

===============
1. Connect / Plug your photon+ to the system and wait till it gets ditected.
2. Open a terminal, run a command "dmesg" and check it is showing the modem name as HUAWEI.
3. Run another command "sudo wvdial" and it will create a config file in /etc/wvdial.conf, something like shown below.
(if u don't have wvdial, you can download it from open.alumnit.ca)

by running "cat /etc/wvdial.conf"
or you can edit it using the command "vi /etc/wvdial.conf"

#
[Dialer Defaults]
Modem = /dev/modem
Baud = 115200
Modem Type = Analog Modem
Init1 = ATZ
Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
[Dialer info]
Init9 = AT&V
[Dialer photon+]
Modem = /dev/modem
Baud = 115200
Modem Type = Analog Modem
Init1 = ATZ
Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
Phone =#777
Username = internet //You need to set this during activating the modem on windows m/c.
Password = internet //
Auto DNS = off
#

Note : Here is the exact content on my machine.

----------
[root@kmaiti ~]# cat /etc/wvdial.conf

[Dialer Defaults]
Init1 = ATZ
Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
Modem Type = Analog Modem
; Phone =
ISDN = 0
; Username =
; Password =
;Phone = 9345675190
Phone = #777
Modem = /dev/ttyUSB2
Username = lovely
Password = lovely
Baud = 9600
Dial Command = ATDT
New PPPD = yes
stupid Mode = 1
[root@kmaiti ~]#
----------

some of the field may be already filled.

4. In terminal, connect by "wvdial" and don't cancel it. Then add the dns IP at resolve.conf file and save them. Now browse the pages.
===============

Try :)