My .screenrc

Posted on May 1, 2012 by Rich Kreider

I’m bored, so here’s what my current .screenrc is (screenshot included).

backtick 1 60 60 /usr/local/bin/checkmail.pl
hardstatus alwayslastline
hardstatus string '%{= kW}%-Lw%{= KW}%50>%n%f* %t%{= kW}%+Lw%< %{= kG}%-=[Mail: %1`] %D %d %M %Y %c:%s%{-}'
vbell off
startup_message off

.screenrc screenshot

This is my .fetchmailrc

poll mail.techish.net with proto IMAP
user "rjk@techish.net" there with password "xxxxxxxxx"
folder 'INBOX'

This is /usr/local/bin/checkmail.pl

#!/usr/bin/perl

open FETCHMAIL, "/usr/bin/fetchmail -t 10 -c -f ~/.fetchmailrc  2>/dev/null |"
 or die "Can't run fetchmail: $!\n";

while(<FETCHMAIL>){
   if(/^(\d+) messages \((\d+) seen.*?folder (.*?)\)/){
      $m+=$1; $s+=$2; $f=$3;
# you might have to change this regex depending on
# how your IMAP server displays subfolders
      $f =~ s/INBOX\.//;
   }
   if($1 > $2){
      $fs{$f} = $1 - $2;
   }
}
close FETCHMAIL;
$t = $m - $s;

if($t > 0){
   foreach $folder (sort { $fs{$a}<=>$fs{$b} } keys %fs){
      push @folders, "$folder:$fs{$folder}";
   }
}
print join " ", @folders;

Debian Wheezy Bind9 Failing to Start

Posted on April 30, 2012 by Rich Kreider

After installing Bind9 chrooted to /var/lib/named in accordance to this guide (link), Bind9 is failing to start due to the following error noted in /var/log/daemon.log

To resolve this, I found some search results hinting around the fact that OpenSSL libraries for 1.0.0 were the cause since chroot didn’t have access to them. So to correct this, on my system, I used the following commands.

mkdir -p /var/lib/named/usr/lib/x86_64-linux-gnu
cd /var/lib/named/usr/lib/x86_64-linux-gnu
cp -R /usr/lib/x86_64-linux-gnu/openssl-1.0.0 .

After making those modifications, I then start Bind9.

/etc/init.d/bind9 start

Everything is working now.

iptables facepalm

Posted on April 20, 2012 by Rich Kreider

Facepalm Friday I think!

I recently reconfigured my iptables based firewall and stupidly forgot to allow access out to Akismet for spam filtering on WordPress. No wonder I was getting hammered with spam content.

Time to go home. #*)@$%#$

Basic IPtables Firewall

Posted on April 19, 2012 by Rich Kreider

This is a very simple iptables firewall scripts to get you started. I use this all the time as a basis. It allows for access to your system via SSH (you can define a different port if you run SSH on a different port; you do, right? ;)), outbound DNS requests.

I use this as a boilerplate for all containers in the virtual world.

#!/bin/bash

IPT="/sbin/iptables"

# Flush old rules, old custom tables
$IPT --flush
$IPT --delete-chain

# Set default policies for all three default chains
$IPT -P INPUT DROP
$IPT -P FORWARD DROP
$IPT -P OUTPUT DROP

# Enable free use of loopback interfaces
$IPT -A INPUT -i lo -j ACCEPT
$IPT -A OUTPUT -o lo -j ACCEPT

# All TCP sessions should begin with SYN
$IPT -A INPUT -p tcp ! --syn -m state --state NEW -s 0.0.0.0/0 -j DROP

# Accept inbound TCP packets
$IPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPT -A INPUT -p tcp --dport 22 -m state --state NEW -s 0.0.0.0/0 -j ACCEPT

# Accept inbound ICMP messages
$IPT -A INPUT -p ICMP --icmp-type 8 -s 0.0.0.0/0 -j ACCEPT

# Accept outbound packets
$IPT -I OUTPUT 1 -m state --state RELATED,ESTABLISHED -j ACCEPT
$IPT -A OUTPUT -p udp --dport 53 -m state --state NEW -j ACCEPT

CentOS Install Types and Descriptions

Posted on April 17, 2012 by Rich Kreider

Desktop: base, basic-desktop, core, debugging, desktop-debugging, desktop-platform, directory-client, fonts, general-desktop, graphical-admin-tools, input-methods, internet-applications, internet-browser, java-platform, legacy-x, network-file-system-client, office-suite, print-client, remote-desktop-clients, server-platform, x11

Minimal Desktop: base, basic-desktop, core, debugging, desktop-debugging, desktop-platform, directory-client, fonts, input-methods, internet-browser, java-platform, legacy-x, network-file-system-client, print-client, remote-desktop-clients, server-platform, x11

Minimal: core

Basic Server: base, console-internet, core, debugging, directory-client, hardware-monitoring, java-platform, large-systems, network-file-system-client, performance, perl-runtime, server-platform

Database Server: base, console-internet, core, debugging, directory-client, hardware-monitoring, java-platform, large-systems, network-file-system-client, performance, perl-runtime, server-platform, mysql-client, mysql, postgresql-client, postgresql, system-admin-tools

Web Server: base, console-internet, core, debugging, directory-client, java-platform, mysql-client, network-file-system-client, performance, perl-runtime, php, postgresql-client, server-platform, turbogears, web-server, web-servlet

Virtual Host: base, console-internet, core, debugging, directory-client, hardware-monitoring, java-platform, large-systems, network-file-system-client, performance, perl-runtime, server-platform, virtualization, virtualization-client, virtualization-platform

Software Development Workstation: additional-devel, base, basic-desktop, core, debugging, desktop-debugging, desktop-platform, desktop-platform-devel, development, directory-client, eclipse, emacs, fonts, general-desktop, graphical-admin-tools, graphics, input-methods, internet-browser, java-platform, legacy-x, network-file-system-client, performance, perl-runtime, print-client, remote-desktop-clients, server-platform, server-platform-devel, technical-writing, tex, virtualization, virtualization-client, virtualization-platform, x11

Techish.net

Rich Kreider's Tech Blog

Category Archives: Linux

My .screenrc

Debian Wheezy Bind9 Failing to Start

iptables facepalm

Basic IPtables Firewall

CentOS Install Types and Descriptions