Posted incentos iptables layer7

Shaping Layer 7 Application on centos 4.7 (iptables + l7 + IMQ + tc/HTB)

Pertama download kernel source kernel 2.6.26.

# wget -t0 -c http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.26.tar.bz2

Download iptables 1.4.1 source.

# wget -t0 -c http://www.netfilter.org/projects/iptables/files/iptables-1.4.1.tar.bz2

Download patch l7 + IMQ (untuk kernel dan iptables) yg sudah saya modifikasi jadi satu bundle.
[download#3]
[download#4]

Extract, patch dan compile kernel source(to RPM)

# tar xjf linux-2.6.26.tar.bz2
# cd linux-2.6.26
# patch -p1 < ../linux-2.6.26-layer7-imq.patch
patching file drivers/net/imq.c
patching file drivers/net/Kconfig
patching file drivers/net/Makefile
patching file include/linux/imq.h
patching file include/linux/netfilter/xt_IMQ.h
patching file include/linux/netfilter/xt_layer7.h
patching file include/linux/netfilter_ipv4/ipt_IMQ.h
patching file include/linux/netfilter_ipv6/ip6t_IMQ.h
patching file include/linux/skbuff.h
patching file include/net/netfilter/nf_conntrack.h
patching file include/net/netfilter/nf_queue.h
patching file net/core/dev.c
patching file net/core/skbuff.c
patching file net/netfilter/Kconfig
patching file net/netfilter/Makefile
patching file net/netfilter/nf_conntrack_core.c
patching file net/netfilter/nf_conntrack_standalone.c
patching file net/netfilter/nf_queue.c
patching file net/netfilter/regexp/regexp.c
patching file net/netfilter/regexp/regexp.h
patching file net/netfilter/regexp/regmagic.h
patching file net/netfilter/regexp/regsub.c
patching file net/netfilter/xt_IMQ.c
patching file net/netfilter/xt_layer7.c

# cp /boot/config-`uname -r` .config
# make clean
# make menuconfig
Tags: , , , , 8
Posted incentos vlan

802.1q Non Native VLAN Tagging di CENTOS 4

Pertama, install packet vconfig, dan kernel harus support vlan (8021q) module. Copy konfigurasi eth yg sudah ada [bash] # cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth0.9 [/bash] edit ifcfg-eth0 menjadi seperti ini [text] DEVICE=eth0 ONBOOT=yes BOOTPROTO=none [/text] edit ifcfg-eth0.9 menjadi seperti ini (sesuaikan dengan ip/network/netmask milik anda) [text] DEVICE=eth0.9 BOOTPROTO=static BROADCAST=192.168.200.255 HWADDR=00:0C:29:21:E0:2E IPADDR=192.168.200.101 NETMASK=255.255.255.0…
Tags: , , 3
Posted incentos geoip iptables

Compiling iptables geoip module di centos 5

Di compile pada system centos 5, kernel 2.6.18 dan iptables 1.3.5

1. Persiapan

Download kernel source yg sekarang dipakai di centos 5 kita

# mkdir ~/geoip
# cd ~/geoip/
# uname -a
Linux host.domain.com 2.6.18-53.1.13.el5 #1 SMP Tue Feb 12 13:02:30 EST 2008 x86_64 x86_64 x86_64 GNU/Linux

# wget ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-53.1.13.el5.src.rpm

kita cuma mau mengambil linux-2.6.18.tar.bz2 nya saja(patch2 yg lain tidak kita perlukan).

# rpm2cpio kernel-2.6.18-53.1.13.el5.src.rpm | cpio -idv linux-2.6.18.tar.bz2
linux-2.6.18.tar.bz2
172734 blocks
# tar xjf linux-2.6.18.tar.bz2
Tags: , , 2
Posted incentos pptp vpn

centos 5 point to point tunneling PPTP VPN

Pernah terpikir buat ngeremote pc di kantor(dengan private ip) dari rumah dengan koneksi isp yg kita pakai?   salah satunya dengapn cara tunneling/vpn. kali yg jadi korban kita distro centos 5 dengan kernel 2.6.18-92.1.13.el5. gimana cara installnya?

pertama install yum repository nya

# rpm -Uvh http://pptpclient.sourceforge.net/yum/stable/fc6/pptp-release-current.noarch.rpm

lanjut dengan install pptpnya

# yum --enablerepo=pptp-stable install pptp
Tags: , , , 4
Posted incentos fedora redhat

Howto create Loop Device on REDHAT, CENTOS or FEDORA

This mini howto explain how to create more loop device on your operating system.You need to create more loop device in some case like encrypted file system or HVM xen virtualization.  By default there are 7 devices available, named /dev/loop0 through to /dev/loop7 .

INFORMATIONS

You can find the loop device like that :

# ls -al /dev/loop*
brw-r----- 1 root disk 7, 0 Mar 19 09:34 /dev/loop0
brw-r----- 1 root disk 7, 1 Mar 19 09:34 /dev/loop1
brw-r----- 1 root disk 7, 2 Mar 19 09:34 /dev/loop2
brw-r----- 1 root disk 7, 3 Mar 19 09:34 /dev/loop3
brw-r----- 1 root disk 7, 4 Mar 19 09:34 /dev/loop4
brw-r----- 1 root disk 7, 5 Mar 19 09:34 /dev/loop5
brw-r----- 1 root disk 7, 6 Mar 19 09:34 /dev/loop6
brw-r----- 1 root disk 7, 7 Mar 19 09:34 /dev/loop7

The creation of the loop device is very simple but you have 2 options for this creation one is without reboot and the other one is with a reboot.

Tags: , , , , 2
Posted incentos kernel

How To get A centos Kernel source

1. Maybe you do not need the full kernel source

If you need to compile a kernel driver module, the chances are you do not really need the full kernel source tree. You might just need the kernel-devel package. (If, however, you are certain that the full source tree is required, please follow the instructions in Section 2.)

In CentOS-5, there are three kernel-devel packages available:

  • kernel-devel (both 32- & 64-bit architectures)
  • kernel-xen-devel (both 32- & 64-bit architectures)
  • kernel-PAE-devel (32-bit architecture only)

In CentOS-4, there are four kernel-devel packages available:

  • kernel-devel (both 32- & 64-bit architectures)
  • kernel-smp-devel (both 32- & 64-bit architectures)
  • kernel-xenU-devel (both 32- & 64-bit architectures)
  • kernel-hugemem-devel (32-bit architecture only)
  • kernel-largesmp-devel (64-bit architecture only)

If you are running the standard kernel (for example), you can install the kernel-devel package by:

Tags: , No Comments