Senin, 28 Oktober 2019

How to check file that delete and still used by process

  Tidak ada komentar
run following command
pc-dev:~ # lsof +L1
lsof: WARNING: can't stat() fuse.gvfsd-fuse file system /run/user/1000/gvfs
      Output information may be incomplete.
COMMAND    PID    USER   FD   TYPE DEVICE SIZE/OFF NLINK     NODE NAME
nscd       835    nscd    9u   REG   0,18   217032     0    12018 /run/nscd/dbPubUiG (deleted)
nscd       835    nscd   10r   REG   0,18   217032     0    12018 /run/nscd/dbPubUiG (deleted)
gnome-she 1406 pcadmin   36r   REG    8,3       56     0 67174168 /home/pcadmin/.local/share/gvfs-metadata/root (deleted)
gnome-she 1406 pcadmin   38r   REG    8,3    32768     0 67174169 /home/pcadmin/.local/share/gvfs-metadata/root-621212d6.log (deleted)
pc-dev:~ #

How to delete snapshot suse

  Tidak ada komentar
Listing the snapshot
ps1-dev:~ # snapper ls
Type   | #  | Pre # | Date                     | User | Cleanup | Description     | Userdata
-------+----+-------+--------------------------+------+---------+-----------------+-------------
single | 0  |       |                          | root |         | current         |
pre    | 45 |       | Thu Sep 12 21:27:58 2019 | root | number  | yast ntp-client |
post   | 46 | 45    | Thu Sep 12 21:35:04 2019 | root | number  |                 |
pre    | 47 |       | Thu Sep 12 21:36:15 2019 | root | number  | yast timezone   |
post   | 48 | 47    | Thu Sep 12 21:36:21 2019 | root | number  |                 |
pre    | 55 |       | Thu Sep 12 22:05:56 2019 | root | number  | yast ntp-client |
pre    | 56 |       | Fri Oct 25 17:45:49 2019 | root | number  | zypp(zypper)    | important=no
post   | 57 | 56    | Fri Oct 25 17:45:52 2019 | root | number  |                 | important=no
ps1-dev:~ #
Delete snapshot, run following command
ps1-dev:~ # snapper delete  56
ps1-dev:~ # snapper delete  57
ps1-dev:~ #

Rabu, 23 Oktober 2019

How to install web gui on vmware EXSI 5.5

  Tidak ada komentar
To install vmware gui online, run following command
The ESXi Shell can be disabled by an administrative user. See the
vSphere Security documentation for more information.
~ #
~ # esxcli software vib install -v http://download3.vmware.com/software/vmw-tool
s/esxui/esxui_signed.vib
Installation Result
   Message: Operation finished successfully.
   Reboot Required: false
   VIBs Installed: VMware_bootbank_esx-ui_0.0.2-0.1.3357452
   VIBs Removed:
   VIBs Skipped:
~ # 
To install vmware gui offline, run following command
The ESXi Shell can be disabled by an administrative user. See the
vSphere Security documentation for more information.
~ #
~ # esxcli software vib install -v path_to_file/esxui_signed.vib

Rabu, 09 Oktober 2019

How to config test haproxy config is valid

  Tidak ada komentar
The config test command
# haproxy -c -V -f /etc/haproxy/haproxy.cfg
Example when there is a warning
[root@localhost haproxy]# haproxy -c -V -f /etc/haproxy/haproxy.cfg
[WARNING] 281/142814 (148799) : Setting tune.ssl.default-dh-param to 1024 by default, if your workload permits it you should set it to at least 2048. Please set a value >= 1024 to make this warning disappear.
Configuration file is valid
[root@localhost haproxy]#
Example when the haproxy configuration is valid
[root@localhost haproxy]# haproxy -c -V -f /etc/haproxy/haproxy.cfg
Configuration file is valid
[root@localhost haproxy]#

How to fix Setting tune.ssl.default-dh-param to 1024 by default on Haproxy

  Tidak ada komentar
How to fix Setting tune.ssl.default-dh-param to 1024 by default
[root@localhost haproxy]# haproxy -c -V -f /etc/haproxy/haproxy.cfg
[WARNING] 281/142814 (148799) : Setting tune.ssl.default-dh-param to 1024 by default, if your workload permits it you should set it to at least 2048. Please set a value >= 1024 to make this warning disappear.
Configuration file is valid
Add the following bold line text on global setting
global
    log 127.0.0.1 local0 notice
    maxconn 2000
    user haproxy
    group haproxy
    ssl-default-bind-options no-sslv3
    tune.ssl.default-dh-param 2048
Test the haproxy config again
[root@localhost haproxy]# haproxy -c -V -f /etc/haproxy/haproxy.cfg
Configuration file is valid
[root@localhost haproxy]#

Kamis, 03 Oktober 2019

Iptables Command Example Linux

  Tidak ada komentar
Show ip tables with line number
myuser@myvpn ~$ sudo iptables -L -n --line-numbers
[sudo] password for myuser:
Chain INPUT (policy DROP)
num  target     prot opt source               destination
1    ACCEPT     all  --  172.16.222.125       192.168.74.10        /* pritunl_dev */
2    DROP       all  --  172.16.222.125       0.0.0.0/0            /* pritunl_dev */
3    ACCEPT     all  --  0.0.0.0/0            192.168.75.10        /* pritunl_5d91e9754556d1020e10fd0e */
4    ACCEPT     all  --  0.0.0.0/0            192.168.220.0/24     /* pritunl_5d91e9754556d1020e10fd0e */
..
..
Ip Tables insert firewall rule on specific line, this command with insert rule on forward segment line 3 
myuser@myvpn ~$ sudo iptables -I FORWARD 3 -s 172.16.212.124 -m comment --comment pritunl_dev -j DROP



Rabu, 02 Oktober 2019

How to add iptables rule on Pritunl server to limit some IP Address

  Tidak ada komentar
Check the php version
sudo iptables -I INPUT 1 -s 172.15.212.124 -m comment --comment pritunl_kapaldev -j DROP
sudo iptables -I INPUT 1 -d 192.168.71.10 -s 172.16.212.124 -m comment --comment pritunl_kapaldev -j ACCEPT

sudo iptables -I FORWARD 1 -s 172.15.212.124 -m comment --comment pritunl_kapaldev -j DROP
sudo iptables -I FORWARD 1 -d 192.168.71.10 -s 172.16.212.124 -m comment --comment pritunl_kapaldev -j ACCEPT

sudo iptables -I OUTPUT 1 -s 172.15.212.124 -m comment --comment pritunl_dev -j DROP
sudo iptables -I OUTPUT 1 -d 192.168.71.10 -s 172.16.212.124 -m comment --comment pritunl_kapaldev -j ACCEPT