How to enable iptables modules on linux?

Guys,

I have referred following steps and enabled the iptables modules.

1. Required modules to be installed for any firewall like csf or apf :

======
ipt_MASQUERADE
ipt_helper
ipt_SAME
ipt_REDIRECT
ipt_state
ipt_TCPMSS
ipt_LOG
ipt_TOS
tun
iptable_nat
ipt_length
ipt_tcpmss
iptable_mangle
ipt_limit
ipt_tos
iptable_filter
ipt_helper
ipt_tos
ipt_ttl
ipt_REJECT
======

2. Check the loaded module like : lsmod |grep ip
3. touch enableiptablemod.sh
4. vi enableiptablemod.sh and add the following list in this file.

=====
#!/bin/bash
modprobe ipt_helper
modprobe ipt_SAME
modprobe ipt_REDIRECT
modprobe ipt_state
modprobe ipt_TCPMSS
modprobe ipt_LOG
modprobe ipt_TOS
modprobe tun
modprobe iptable_nat
modprobe ipt_length
modprobe ipt_tcpmss
modprobe iptable_mangle
modprobe ipt_limit
modprobe ipt_tos
modprobe iptable_filter
modprobe ipt_helper
modprobe ipt_tos
modprobe ipt_ttl
modprobe ipt_REJECT
=====

5. chmod +x enableiptablemod.sh
6. ./enableiptablemod.sh //execution of the script
=====

That's it.

You can execute following command to enable iptables modules on the VPS :

=====
vzctl set VEID --iptables ipt_REJECT --iptables ipt_tos --iptables ipt_TOS --iptables ipt_LOG --iptables ip_conntrack --iptables ipt_limit --iptables ipt_multiport --iptables iptable_filter --iptables iptable_mangle --iptables ipt_TCPMSS --iptables ipt_tcpmss --iptables ipt_ttl --iptables ipt_length --iptables ipt_state --iptables iptable_nat --iptables ip_nat_ftp --save
=====

Then restart csf or iptables on the VPS.

Try :)

Read More

iptables: Unknown error + Resolved

Guys,

You can get these error messages when some modules of iptables are missing on the server. I got these when I was restarting the CSF on the container(CT or VPS). I have enabled iptables modules on the hardware node and CT. Then I restarted the csf. Then it worked. Due to this firewall issue you may not login into the server via ssh etc. Here are the steps those I followed :

1. On the node :

===========
vi /etc/sysconfig/vz and add following modules at IPTABLES= line like

IPTABLES= ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp
===========

2.
==========
vi /etc/sysconfig/iptables-config and add following modules at IPTABLES_MODULES= line like

IPTABLES_MODULES= ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp
==========

Note : You may be skipped the step 2

3. Restart the services :

# service vz stop
# service iptables restart
# service vz start

That's it.

You can also make it effective for containers or VPS like (run following command on the node and replace CTID):

==========
vzctl set 101 --iptables ipt_REJECT --iptables ipt_tos --iptables ipt_TOS --iptables ipt_LOG --iptables ip_conntrack --iptables ipt_limit --iptables ipt_multiport --iptables iptable_filter --iptables iptable_mangle --iptables ipt_TCPMSS --iptables ipt_tcpmss --iptables ipt_ttl --iptables ipt_length --iptables ipt_state --iptables iptable_nat --iptables ip_nat_ftp --save
=========

Try :)

Read More

How to migrate VPS container to another virtuozoo node?

Guys,

I referred the following steps :

I executed following command from the old node :

====
[root@old_node ~]# vzmigrate IP_of_new_node 213:100
====

213 : CTID which will be moved to new node
100 : CTID which will be created on new node

It'll ask for the password of new node.

Here is the results :

======
[root@old_node~]# vzmigrate new_node_ip 213:100
root@new_node's password:
Connection to destination node (new_node) is successfully established
Moving/copying CT#213 -> CT#100, [], [] ...
Checking external bind mounts
Check cluster ID
Checking keep dir for private area copy
Checking SLM-only mode
Checking technologies
Checking disk usage space
Checking templates for CT
copy ez template area directories
copy /vz/template/centos/5/x86_64
Checking caches
Checking IP addresses on destination node
Check target CT name: clonedofvzold_node
Checking RATE parameters in config
Copy private area '/vz/private/213'
done
OfflineManagement CT#213 ...
done
vzctl : Running vzquota drop failed for Container 213 [11]
Successfully completed
======

Now assign new IP address for the CT 100 on new node by going at the network settings. Then restart the CT. You can now make multiple clone of this CT.

That's it. Try :)

Read More

umount: /tmp: device is busy + Resolved

Guys,

Just check who is accessing the device. Here are the commands to check who are using it.

=======
lsof |grep /tmp
=======

You'll get the process ID and kill the processes like kill -9 PID. Here is an example(Second column is PID) :

=======
root@server [~]# lsof |grep /tmp
mysqld 2579 mysql 4u REG 7,0 0 6098 /tmp/ibZGlGm2 (deleted)
mysqld 2579 mysql 5u REG 7,0 68 6100 /tmp/ibgWnlrp (deleted)
mysqld 2579 mysql 6u REG 7,0 0 6101 /tmp/ib7XB0vM (deleted)
mysqld 2579 mysql 7u REG 7,0 0 6102 /tmp/ibQx1jB9 (deleted)
mysqld 2579 mysql 11u REG 7,0 0 6103 /tmp/ibBSaB7w (deleted)
=======

Then retry to umount the device like : umount /tmp_device_name //You'll get device from /etc/fstab. This file contains the mounting file system table information after system reboot and /etc/mtab holds the current mounted table information.

=======
fuser -m /dev/sda3 //You can also get the PID from here also. But note that deleting all the PID related to this device may cause the problem on the system and you may need to restart the machine.
=======

That's it. Try :)

Read More

Cannot find config.m4 + phpize +Resolved

Guys,

I got the same error messages and sorted out it. Here is the error that I got.

=====
root@server [/home/cpeasyapache/src/php-5.2.9/ext]# phpize
Cannot find config.m4.
Make sure that you run '/usr/local/bin/phpize' in the top level source directory of the module

root@server [/home/cpeasyapache/src/php-5.2.9/ext]#
=====

My intention was to phpize of mssql. I entered inside the mssql directory and the error vanished. Here it is :

=====
root@server [/home/cpeasyapache/src/php-5.2.9/ext/mssql]# phpize
Configuring for:
PHP Api Version: 20041225
Zend Module Api No: 20060613
Zend Extension Api No: 220060519
root@server [/home/cpeasyapache/src/php-5.2.9/ext/mssql]#
=====

That's it try :)

Read More

How to install mssql php extension on linux or cpanel server?

Guys,

Following modules are need to be installed before enabling the MSSQL extension for PHP on server.

--------
a) unixODBC
b) freeTDS
c) PHP mssql.so
---------

Setup 1: Install unixODBC package :

----------------
# wget http://www.unixodbc.org/unixODBC-2.2.14-p2.tar.gz //You can download latest tar file
# tar -xvzf unixODBC-2.2.12.tar.gz
# cd unixODBC-2.2.12
# ./configure -prefix=/usr/local -enable-gui=no
# make
# make install
----------------

Step 2: Install freeTDS package :

---------------
#wget ftp://ftp.ibiblio.org/pub/Linux/ALPHA/freetds/stable/freetds-stable.tgz
# tar -xvzf freetds-stable.tgz
# cd freetds-0.82
# ./configure -with-tdsver=8.0 -with-unixODBC=/usr/local
# make
# make install
---------------

Step 3: Configuration freeTDS : -

---------------
#cd freetds-0.82
# vi freetds.conf file and add the entry for the MS SQL server.

Quote:
[MSHOSTNAME]
host = MSHOSTNAME //hostname or IP address of mssql server
port = 1433 //port of the mssql server, default 1433
tds version = 8.0
----------------

Step 4: Getting the mssql.so file :

-----------------
In Cpanel servers the extensions are located in

# cd /home/cpeasyapache/src/php-5.2.9/ext/mssql/
# phpize
# ./configure
# make
# make install
-----------------

This commands will automatically create a copy of mssql.so in the installed extension in the following folder.

-----------------
/usr/local/lib/php/extensions/no-debug-non-zts-20060613
-----------------

Now do the following :
php -i |grep php.ini //to find out global php.ini on the server.

# echo "extension=mssql.so" >> /usr/local/lib/php.ini

Step 6: Restarting Apache Server!

# /etc/init.d/httpd restart
-----------------

That's it. Try :)

Read More

configure: error: C preprocessor "/lib/cpp" fails sanity check + Resolved

Guys,

I got that error messages when I was going to configure any software on the linux server. I was unable to execute easyapache or ./configure since it was throwing following error messages.

=====
configure: error: in `/home/cpeasyapache/src/httpd-2.2.16/srclib/apr':
configure: error: C preprocessor "/lib/cpp" fails sanity check
See `config.log' for more details.
configure failed for srclib/apr
=====
configure: error: C preprocessor "/lib/cpp" fails sanity check
=====

I have investigated the issue and got clue from config.log. It has stated that timer.h is missing. This has actually happened due to recently uninstall of one kernel. I got following error message at config.log.

====
/usr/include/bits/local_lim.h:36:26: error: linux/limits.h: No such file or
directory
====
configure:8402: gcc -E -traditional-cpp -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE
conftest.c
In file included from /usr/include/features.h:330,
from /usr/include/assert.h:37,
from conftest.c:13:
/usr/include/sys/cdefs.h:32: error: #error "You need a ISO C conforming
compiler to use the glibc he
====

So, I have searched in Google and didn't get any satisfactory solution. Someone told to use following command to reinstall compilers.

=====
yum install gcc cpp gcc-c++
=====

It has fixed the issue for some others guys. I removed the packages and reinstalled them but I was still getting the error message.

From the config.log it's clear that header.h file missing or corrupted. So, I thought that few kernel header files has been removed during uninstall the kernel(another kernel).

I have reinstalled the kernel headers and it fixed the sanity error :)

Here is the command to install the kernel-headers :

=====
yum install kernel-headers-$(uname -r)
=====

You can install the kernel headers from rpm. Here are some sources.

====
http://rpm.pbone.net/index.php3/stat/4/idpl/14206063/dir/centos_5/com/kernel-headers-2.6.18-194.8.1.el5.x86_64.rpm.html
http://linux.web.psi.ch/dist/scientific/5/kernel/2.6.18-194.8.1.el5/
====

Please make it sure that you're installing kernel-headers for exact version of kernel which has installed on the system. (You can search in google like : download kernel-headers-mention_ver_here + 64 bit or 32 bit )

That's it. Try :)

Read More