I din’t found a Webinject package for Fedora 17, so I decided download the source.
For get webinject working You’ll need install these packages
yum install perl-Crypt-SSLeay
yum install perl-XML-Simple
yum install perl-Tk-ProgressBar-Mac
yum install perl-Tk-Stderr
yum install perl-Tk
I needed to add a new user into sudoers file into several debian machines, i didn’t want open a terminal in each machine and add the line manually, the other option was append a new line into the file like echo “new line”>> /etc/sudoers .But I don’t like edit sudoers file without using visudo, I don’t feel safe.
Reading the debian documentation I found a magical directive for append external files #includedir /etc/sudoers.d, that’s mean if I add a new file with 0440 permisions and the permissions are important will be appended into our sudo config.
Removing the hash character is a inherited custom ok don’t remove the hash character is not a comment indicador withouth the hash character, includedir /etc/sudoers.d is a bad line and visudo show an error.
After install fedora 17 into my friend computer, My desktop gets your turn.
I follow my classic fedora installation method.
Download install DVD x86_64 version iso image.
Burn a blank DVD
Boot my computer from the DVD
these are my normal steps but my boot DVD shoa lot of errors like:
SQUASHFS error: Unable to read page, block xxxxxxxF, size xxxF
I read some info from forums and they say that the problem was with the dvd, Because after install fedora in my desktop I was installed Hasefroch 7 and burned Fedora ISO in the same computer.
After Downloaded Sha256 for windows and check that I have the correct image, i go to bed and leave the computer checking a new recorder DVD.
When I get up I observer tat new DVD has errors too, so i decided to download a live cd iso and try with live CD, this method works and i could install fedora but i saw a small number of errors but it was thinking the live cd too small for support everything. so i decide install my system from the live cd hopping that errors disappears at first boot.
After install a bad behavior appear in the screen and system appears to frozen in moments with unexpected X restarts. I decide to check running process using top et voila. My Phenom computer only has one processor working 🙁 . After that I remember that when change the hard disk some wires from the pow source stopped the CPU fan for a moment, 20 secs approx, a disaster has coming i burn my cpu and need to buy a new processor, but when i reboot on haseforch saw four cores working, that not was a CPU problem so I check the dmesg output.
I try changing kernel boot parameters without acpi with NOACPI and a lot of things and every time that my computer reboot my Linux only show one core.
Finally i found the guilty element it doesn’t was the CPU it was the motherboard
I update the bios using the last version but it doesn’t work, finally I download a BIOS beta version , mb_bios_ga-ma785gm-us2h_f12a, from gigabyte web page and it works.
recently a friend lend me your desktop pc for reinstall the OS, I decided install Fedora 17 as a backup OS, if something happens with Windows XP linux will save his life.
After install and configure Windows XP, Fedora take his turn, but when the install process ended an out of range message appears into my screen. Fortunately network was working and ssh was runing :-P.
First I take my laptop and discover the nvidia computer ip, you can check your router ip or use nmap.
ssh <nvidia_ip> -l root
vim /etc/default/grub
and append in your GRUB_CMDLINE_LINUX this text “rhgb quiet rdblacklist=nouveau nouveau.modeset=0″
Sometimes pocket money isn’t enought for buy new network devices or we want to save some money changuing no existant money for personal time. In my case I needed to create a wireless bridge in my personal network, pass a ethernet wire between two builds wasn’t an option. Searching in my forgoten stuff boxes i found two foneras model 2100. Fon’s firmware isn’t powerfull enought to get wds and when these things happens Free Software is our solution. I’m a lucky man and I also found a usb to 3,3V serial adapter, one of my superpower is that i can brick everything. First of all we need to plug our serial adapter into fonera’s port, check the attached image for see jtag pinouts
when we have our jtag port connected we need a software for send data over jtag in my case i use GtkTerm.
in debian is simply I open a root terminal and I write
apt-get install GtkTerm
in the same term i write
gtkterm
I use a root terminal because I don’t want waste time configuring /dev/ttSy* permissions
next step is configure port speed 9600,8N1
in GtkTerm menu select configuration/port and fill data boxes, in my case port is /dev/ttyUSB0 if you don’t know your port a dmesg output can be helpul.
now is time to plug powersounce on our fonera and see output.
must be something like this in our gtkterm
we need get access to redboot console you only need un plug and plug powersource to fonera and press continously ctrl+c until you see
step 15 Setting up permissions
mkdir tmp public/plugin_assets #in case of the dirs doesn’t exists
sudo chown -R redmine:redmine files log tmp public/plugin_assets # change redmine:redmine if you create a diferent user
sudo chmod -R 755 files log tmp public/plugin_assets
step 16 check redmine installation
ruby script/server webrick -e production
open in your browser :3000
login is admin pass is admin too
step 17 enable mod_cgi in apache
check in /etc/httpd/conf/httpd.conf if exist the line
LoadModule cgi_module modules/mod_cgi.so
step 18 create public/dispatch.cgi file
mv public/dispatch.cgi.example public/dispatch.cgi
edit the first line
from
#!/usr/bin/env ruby
to
#!/usr/bin/ruby
step 19 grant execution rights
chmod 755 public/dispatch.cgi
step 21 set production state in file config/environment.rb
uncoment the line ENV[‘RAILS_ENV’] ||= ‘production’
step 22 configure passenger
passenger-install-apache2-module and follow instructions
if you get an error check this http://stackoverflow.com/questions/5585583/problem-in-installing-passenger
In fact, just need to edit the ” /usr/lib/ruby/gems/1.8/gems/passenger-3.0.6/lib/phusion_passenger/platform_info/apache.rb” file, and replace “test_exe_outdir” with “tmpexedir”.
step 23 Enable cgi in SeLinux
setsebool -P httpd_enable_cgi 1
step 24 add virtual host in apache config file
ServerName redmine..com
ServerAdmin webmaster@.com
DocumentRoot /live/redmine/public/
ErrorLog logs/redmine_error_log
Options Indexes ExecCGI FollowSymLinks
Order allow,deny
Allow from all
AllowOverride all
Step 25: close 3000 port editing /etc/sysconfig/iptables file
-A INPUT -m state –state NEW -m tcp -p tcp –dport 3000 -j ACCEPT
¿ Qué comandos serían necesarios ejecutar para que un sistema Linux pudiese sustituir el encaminador R2 mostrado en el diagrama ? Asume todos aquellos datos que necesites para realizar el ejercicio (nombre de interfaces, gateway, etc)
Previous Steps
Enable IP Forwarding
Temporal:
echo 1 > /proc/sys/net/ipv4/ip_forward
Permanent:
vim /etc/sysctl.conf
changue the value of net.ipv4.ip_forward = 1
sysctl -p /etc/sysctl.conf # enable changues
Configuring network intefaces
Temporal:
ifconfig eth0 down
ifconfig eth0 10.10.0.2 netmask 255.255.255.0 up
ifconfig eth1 down
ifconfig eth1 200.3.107.1 netmask 255.255.255.0 up
if you want to add more routes increment the numbers next to GATEWAY, for example: GATEWAY1=10.0.0.2 NETMASK1= 255.255.255.0 ADDRESS1=192.168.30.0
Pros
No extra processing and added resources as in the case of dynamic routing protocols
No extra bandwidth requirement caused by the transmission of excessive packets for the routing table update process
Extra security by manually admitting or rejecting routing to certain networks
Cons
Network Administrators need to know the complete network topology very well in order to configure routes correctly
Topology changes need manual adjustment to all routers something which is very time consuming
Option 2: Using NAT
Basically NAT works like static routing but changes the output ip maintaining a internal
temporal:
# delete old configuration, if any
#Flush all the rules in filter and nat tables
iptables –flush
iptables –table nat –flush
# delete all chains that are not in default filter and nat table, if any
iptables –delete-chain
iptables –table nat –delete-chain
# Set up IP FORWARDing and Masquerading (NAT)
iptables –table nat –append POSTROUTING –out-interface eth0 -j MASQUERADE
iptables –append FORWARD –in-interface eth1 -j ACCEPT
permanent:
store the rules into the ip tables into a rules set
Pros
same that static plus
It also benefits in a security sense as attackants can’t target a computer directly, they have to first get past the router.
Cons
Network Address Translation does not allow a true end-to-end connectivity that is required by some real time applications. A number of real-time applications require the creation of a logical tunnel to exchange the data packets quickly in real-time. It requires a fast and seamless connectivity devoid of any intermediaries such as a proxy server that tends to complicate and slow down the communications process.
NAT creates complications in the functioning of Tunneling protocols. Any communication that is routed through a Proxy server tends to be comparatively slow and prone to disruptions. Certain critical applications offer no room for such inadequacies. Examples include telemedicine and teleconferencing. Such applications find the process of network address translation as a bottleneck in the communication network creating avoidable distortions in the end-to-end connectivity.
NAT acts as a redundant channel in the online communication over the Internet. The twin reasons for the widespread popularity and subsequent adoption of the network address translation process were a shortage of IPv4 address space and the security concerns. Both these issues have been fully addressed in the IPv6 protocol. As the IPv6 slowly replaces the IPv4 protocol, the network address translation process will become redundant and useless while consuming the scarce network resources for providing services that will be no longer required over the IPv6 networks.
Option 3: Using RIP
Rip is a distance routing protocol, is more flexible that using static routers and necessary if the number of subnets grows. Do you want to fight against hundred of rules? or assume the risk of downtime’s created by a router malfunction?
Routing updates can require significant bandwidth because the entire routing table is sent
Prone to routing loops
Option 4: Using OSPF (Open Shortest Path First)
OSPF is a routing protocol that uses the Dijkstra algorithm for get the quickest way. into a set of subnets where the routers are connected at different speeds could work better than R.I.P.
ospfd(config-router)# network 200.3.107.0/24 area 0
ospfd(config-router)# passive-interface eth1
ospfd(config-router)# end
ospfd# write file
Configuration saved to /etc/zebra/ospfd.conf
pros
Scalability – OSPF is specifically designed to operate with larger networks.
Full subnetting support – OSPF can fully support subnetting
Hello packets – OSPF uses small hello packets to verify link operation with out transferring large tables
TOS routing – OSPF can route packets by different criterion based on their type of service field
Tagged routes – Routes can be tagged with arbitrary values, easing interoperation.
cons
very intensive processor
maintaining multiple copies of routing information, increasing the amount of memory needed
OSPF can be logically segmented by using areasnot as easy to learn as some other protocols
if an entire network is running OSPF, and one link within it is “bouncing” every few seconds, then OSPF updates would dominate the network by informing every other router every time the link changed state.
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.AcceptRejectRead More
Privacy & Cookies Policy
Privacy Overview
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.