Posted infedora rpm xtables

Fedora Build xtables-addons1-1.24 RPM Package With Build Options

Continuing previous article about Building xtables-addons1-1.24 RPM Package, Now added feature which allow us to build the package with options
for example:

$ rpmbuild -ta xtables-addons-1.24.tar.bz2 --with ACCOUNT --with ipset --with geoip

With this command, only ACCOUNT,ipset,geoip modules would be built, other xtables-addons modules are not built(discarded)

Availble options:

--with ACCOUNT
--with CHAOS
--with DELUDE
--with DHCPMAC
--with ECHO
--with IPMARK
--with LOGMARK
--with RAWNAT
--with STEAL
--with SYSRQ
--with TARPIT
--with TEE
--with condition
--with fuzzy
--with geoip
--with iface
--with ipp2p
--with ipset
--with ipv4options
--with length2
--with lscan
--with pknock
--with psd
--with quota2
Tags: , , No Comments
Posted infedora rpm xtables

Fedora Build xtables-addons1-1.24 RPM Package

This tutorial was tested on fedora 12 system, it might be worked on onthers redhat base system, I’ve modified rpm spec file as generic as possible. it was shamelessly stolen 😀 from Jan Engelhardt xtables rpm source file.i slightly modified it a bit

Download xtables-addons 1.24 source

$ wget http://downloads.sourceforge.net/project/xtables-addons/Xtables-addons/1.24/xtables-addons-1.24.tar.bz2?use_mirror=nchc

prepare your .rpmmacros environment, rpmbuild directories, if not exist yet

$ mkdir rpmbuild
$ mkdir -p rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS,tmp}

Create .rpmmacros file

$ vi  .rpmmacros

%_topdir                %(echo $HOME)/rpmbuild
%_tmppath               %(echo $HOME)/rpmbuild/tmp

[p>Extract xtables-addons-1.24.tar.bz2, cd to xtables-addons-1.24 directory

$ tar xjf xtables-addons-1.24.tar.bz2
$ cd xtables-addons-1.24
Tags: , , No Comments
Posted infedora git

Hosting Your Own Git Repository on fedora 12

This tutorial will covering common feature in git repository

  • commiting via ssh
  • Enable gitweb for web access
  • cloning anonymously using the Git protocol

Install git, git-daemon

# yum -y install git git-daemon gitweb

Create a git user/group

# useradd -U -d /var/cache/git -s /usr/libexec/git-core/git-shell git

Make sure the permissions of the directory are correct

# cd /var/cache
# chown -R git:git git
# chmod 755 git

We’ll be using SSH keys for authenication, so collect the public keys of all the users who need commit access. Then, put the public keys into the right place

# cd /var/cache/git
# mkdir .ssh
# chmod 700 .ssh
# touch .ssh/authorized_keys
# chmod 600 .ssh/authorized_keys
(Put the public keys into authorized_keys, one per line)
# chown -R git:git .ssh/
Tags: , 6
Posted infedora postfix tls

Postfix TLS Support On Fedora 12

It’s time to make our SMTP transactions encrypted using TLS. TLS itself stands for Transport Layer Security. it encrypts the communication between two hosts.

As usual when building postfix RPM package, i recommended using tutorial on how to compile postfix rpm source at Simon J Mudd’s website

When you’ve done with compiling postyfix with TLS support, continue to these how to create self signed postfix tls certificates

  • Certificates part
    • # cd /etc/postfix
# mkdir ssl
# cd ssl
# mkdir certs crl newcerts private
# echo "01" > serial
# cp /dev/null index.txt
# cat /etc/pki/tls/openssl.cnf | sed -e 's/\/etc\/pki\/CA/\./' | sed -e 's/\.\/demoCA/\./' > openssl.cnf

# openssl req -new -x509 -keyout private/cakey.pem -out cacert.pem -days 3650 -config openssl.cnf
# openssl req -nodes -new -x509 -keyout newreq.pem -out newreq.pem -days 3650 -config openssl.cnf
# openssl x509 -x509toreq -in newreq.pem -signkey newreq.pem -out tmp.pem

# openssl ca -config openssl.cnf -policy policy_anything -out newcert.pem -infiles tmp.pem

# cp cacert.pem /etc/postfix
# grep -B 100 "END PRIVATE KEY" newreq.pem > /etc/postfix/key.pem
# chmod 400 /etc/postfix/key.pem
# cp newcert.pem /etc/postfix/cert.pem
Tags: , , 1
Posted infedora mysql pam

Postfix Smtp Auth using pam_mysql On Fedora 12

First of all, of course we need to compile postfix for supporting sasl.the easiest way is read tutorial how to compile postfix rpm source at Simon J Mudd’s website

Since i’m using mysql database for storing username/password, i’m gonna show you how to create smtp authentication/SASL.

Install pam_mysql:

# yum -y install pam_mysql

Edit /etc/pam.d/smtp file :

auth required pam_mysql.so user=postfix passwd=password host=localhost db=postfixdb table=mailbox usercolumn=username passwdcolumn=password crypt=1 md5=1 sqlLog=0
account sufficient pam_mysql.so user=postfix passwd=password host=localhost db=postfixdb table=mailbox usercolumn=username passwdcolumn=password crypt=1 md5=1 sqlLog=0
Tags: , , , No Comments
Posted infedora xtables

Install xtables-addons on fedora 12

i’m not gonna wasting time, here’s how to do it

Download xtables-addons

# wget http://downloads.sourceforge.net/project/xtables-addons/Xtables-addons/1.20/xtables-addons-1.20.tar.bz2?use_mirror=waix

install kernel-devel kernel-headers iptables-devel gcc

# yum -y install kernel-devel kernel-headers iptables-devel gcc

extract xtables-addons-1.20.tar.bz2

# tar xjf xtables-addons-1.20.tar.bz2

cd to xtables-addons-1.20 directory

# cd xtables-addons-1.20
Tags: , No Comments
Posted incentos fedora redhat

Howto create Loop Device on REDHAT, CENTOS or FEDORA

This mini howto explain how to create more loop device on your operating system.You need to create more loop device in some case like encrypted file system or HVM xen virtualization.  By default there are 7 devices available, named /dev/loop0 through to /dev/loop7 .

INFORMATIONS

You can find the loop device like that :

# ls -al /dev/loop*
brw-r----- 1 root disk 7, 0 Mar 19 09:34 /dev/loop0
brw-r----- 1 root disk 7, 1 Mar 19 09:34 /dev/loop1
brw-r----- 1 root disk 7, 2 Mar 19 09:34 /dev/loop2
brw-r----- 1 root disk 7, 3 Mar 19 09:34 /dev/loop3
brw-r----- 1 root disk 7, 4 Mar 19 09:34 /dev/loop4
brw-r----- 1 root disk 7, 5 Mar 19 09:34 /dev/loop5
brw-r----- 1 root disk 7, 6 Mar 19 09:34 /dev/loop6
brw-r----- 1 root disk 7, 7 Mar 19 09:34 /dev/loop7

The creation of the loop device is very simple but you have 2 options for this creation one is without reboot and the other one is with a reboot.

Tags: , , , , 2