Skip to content

By Administrator in All, Linux administration

Every Linux machine that has at least two networking interfaces can be configured to route network packets between these interfaces. Whether or not a Linux box will be capable of routing is determined by the value of the ip_forward kernel parameter. Most modern Linux systems would come with this value set to 0 which means that routing is disabled by default.

In order to enable routing, you can do the following:

Continued…

Tags: , ,

SSH Tunneling

January 12, 2012
By Administrator in All, Linux administration, SSH server

Forwarding ports over SSH or the so called SSH tunneling is a very convenient capability of the OpenSSH server. It allows you to establish a secure connection to a service that does not support secure connections provided that you have SSH access to the same machine and tunneling is permitted.

Let’s start with a short and straight-forward description of how SSH tunneling works. Let’s say that you have a remote MySQL server to connect to and it does not support SSL connections. The same server, however, also runs an OpenSSH daemon that you have access to. Using SSH tunneling to connect to the MySQL service securely, pretty much consists of the following:

Continued…

Tags: , , , ,

By Administrator in All, Linux administration

The command below can be very useful in identifying which folders on your system are containing the largest numbers of files (inodes). It frequently happens that a caching or logging component of a web application goes berserk and starts generating an enormous amount of files in a certain subfolder. Such an event might be trouble if the system imposes inode usage limitations as many web hosting providers do. If we are lucky, the folder would be called “cache” but in the less fortunate cases, the following sequence of commands can come in handy:

Continued…

Tags: , , ,

Command line download tools

December 13, 2011
By Administrator in All, Linux administration

This article is inspired by a blogpost (http://geekmondo.tumblr.com/) I recently ran into, about the axel program. It made me think that I had always been using the wget command to download files via the HTTP protocol while on the Linux command line and I had never looked for an alternative. Sure, wget is a great, proven, do-it-all tool but is it really the best option for simple HTTP file downloads? I decided to run a very basic test, comparing the download speed of several command line download tools – wget, axel, curl and aria2c.

Continued…

Tags: , , , , ,

Install LAMP on Ubuntu

December 7, 2011
By Administrator in All, Apache server, Linux administration, MySQL server

This is just a tiny article that I decided to write because I kept forgetting the single command that quickly creates a functional LAMP (Linux, Apache, MySQL, PHP) server. A system administrator or a web developer might frequently need to set up a basic LAMP environment for experimental purposes.

Continued…

Tags: , , , , , ,

OSPF discard route

December 3, 2011
By Administrator in All, Routing protocols

This article illustrates a practical usage of the OSPF discard route concept. In order to follow this article it might be useful to take a look at our previous post on the OSPF forwarding address. The diagram below shows the network topology used for the purposes of this article.

Continued…

Tags: , , , , ,

By Administrator in All, Linux administration

This article will illustrate the use of the “i” and “a” file attributes on a Linux operating system. Both of these attributes can come handy when the system administrator wants to apply additional access restrictions to specific files.

Attribute “i

Sometimes it might be very useful to render a file immutable – nobody (not even the root user) will be able to edit, rename, move or delete this file. The way to do that on a Linux file system is by using file attributes (also called flags) and more specifically the “i“-immutable file attribute.

Continued…

Tags: , , , ,

301 redirect

November 13, 2011
By Administrator in All, Apache server

Knowing how to implement a 301 redirect has become a necessity for most webmasters or web developers nowadays. This article will show an easy way to create server-side 301 redirects on an Apache web server.

Continued…

Tags: , , , ,

HTTPS redirect

November 12, 2011
By Administrator in All, Apache server

This short article will show how to easily redirect all requests to your website to go via the secure HTTPS protocol. Please, note that if you intend to do that, you need to make sure that your Apache web server is configured to accept secure connections and an SSL certificate is installed. Otherwise, you might render your website inaccessible.

The desired HTTPS redirect is as simple as putting the lines below into the .htaccess file in your website’s document root folder:

Continued…

Tags: , , , , , ,

OSPF forwarding address

November 11, 2011
By Administrator in All, Routing protocols

This article is about an exotic feature available in the OSPF routing protocol. Namely, using the OSPF concept of forwarding address. This same address helps to block hosts or subnets throughout the OSPF domain while configuring only a single router. The underlying assumption is that we can block only destination addresses. This limits the use of the feature, but still we gain two big advantages:

  • First, the traffic is not filtered by an ACL. Instead it is routed and every router does it much more efficiently because it is a router after all.
  • Second, the configuration management is concentrated on one router only and changes are propagated throughout the OSPF network. Think about it if your network numbers 50 routers and you will be writing and rewriting the same ACL 50 times.

Continued…

Tags: , , , , ,