oHbEt.. configuration backup, how to, sample config and reminder..: October 2008

Friday, October 31, 2008

X11VNC at Fedora 8

I have a machine that needs to be access via VNC on the existing X session, x11vnc is not on the default repo of F8, but it can be found at dries repos. So I manually installed it.

here's my config.

1. First, I created a password for authentication.


x11vnc -storepasswd /home/user/.vnc/passwd

2. Now ready to run x11vnc


x11vnc -rfbauth /home/user/.vnc/passwd -display :0 -forever -bg

that's it. I am now able to access via vnc. Of course, make sure iptables allowed you to access it.

Tuesday, October 21, 2008

Nagios NDO Module - Remote mysqld

I'm installing ndo2db module on my nagios server, and I have to separate the mysql server due to heavy load on the server itself. Below are the config.

Portion of nagios.cfg


#nagios.cfg
#portion for ndo broker module config
# Controls what (if any) data gets sent to the event broker.
event_broker_options=-1
#event_broker_options=0
# This directive is used to specify an event broker module that should
#broker_module=/somewhere/module1.o
#broker_module=/somewhere/module2.o arg1 arg2=3 debug=0
broker_module=/usr/bin/ndomod.o config_file=/etc/nagios/ndomod.cfg

ndo2db.cfg


#ndo2db.cfg
ndo2db_user=nagios
ndo2db_group=nagios
socket_type=tcp
socket_name=/var/log/nagios/ndo.sock
tcp_port=5668
db_servertype=mysql
db_host=10.254.1.47
db_port=3306
db_name=nagios
db_prefix=nagios_
db_user=nagiosuser
db_pass=nagiospass
max_timedevents_age=1440
max_systemcommands_age=10080
max_servicechecks_age=10080
max_hostchecks_age=10080
max_eventhandlers_age=44640
debug_level=2
debug_verbosity=2
debug_file=/var/log/nagios/ndo2db.debug
max_debug_file_size=1000000

and ndomod.cfg


instance_name=default
output_type=tcpsocket
output=127.0.0.1
tcp_port=5668
output_buffer_items=5000
buffer_file=/var/log/nagios/ndomod.tmp
file_rotation_interval=14400
file_rotation_timeout=60
reconnect_interval=15
reconnect_warning_interval=15
data_processing_options=-1
config_output_options=2

Other details:

Note: need to run the installdb script inside db folder of the extracted ndo2db source.
db = nagios
db_user=nagiosuser
db_pass=nagiospass
db host=10.254.1.47
#

Then login to mysql as privilege user


mysql -u root -p


create database nagios;

--------- creating nagios db at 10.10.1.47
grant all privileges on nagios.* to 'nagiosuser'@'10.254.1.15' identified by 'nagiospass'; -- this gives access to database
#


 ./installdb -u nagios -p nagiospass -h 10.254.1.47 -d nagios  -- install tables at nagiosdb

Installing now tables entries at db from 10.254.1.15 to 10.254.1.47

Monday, October 20, 2008

GNS3 LAB - AAA Tacacs on Linux

Still very basic config, setup Tacacs server on my desktop, connected to cloud the to the inside IF of the PIX firewall on the LAB.

PIX Running config

pixfirewall# sh run



: Saved
:
PIX Version 8.0(2)
!
hostname pixfirewall
enable password 2KFQnbNIdI.2KYOU encrypted
names
!
interface Ethernet0
 nameif inside
 security-level 100
 ip address 192.168.254.254 255.255.255.0
!
interface Ethernet1
 nameif outside
 security-level 0
 ip address 200.200.200.1 255.255.255.0
!
interface Ethernet2
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Ethernet3
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Ethernet4
 shutdown
 no nameif
 no security-level
 no ip address
!
passwd 2KFQnbNIdI.2KYOU encrypted
ftp mode passive
pager lines 24
logging enable
logging buffered informational
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
static (outside,inside) 192.168.254.1 200.200.200.10 netmask 255.255.255.255
static (inside,outside) 200.200.200.10 192.168.254.1 netmask 255.255.255.255
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
aaa-server tacacs-linux protocol tacacs+
 max-failed-attempts 4
aaa-server tacacs-linux host 192.168.254.1
 key cisco
aaa authentication telnet console tacacs-linux
aaa accounting enable console tacacs-linux
aaa accounting command tacacs-linux
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
no crypto isakmp nat-traversal
telnet 192.168.254.1 255.255.255.255 inside
telnet timeout 5
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
!
!
prompt hostname context
Cryptochecksum:21ca8ebca2ec428118bb83aa6c57a4ba
: end

Config for Tacac_plus on my Mandriva Box /etc/tac_plus.conf


#/etc/tac_plus.conf
key = cisco

# Use /etc/shadow file to do authentication

default authentication = file /etc/passwd

#Access logs

#access log = /var/log/tac_plus/%Y/%m/%d.access


# Where is the accounting records to go

accounting file = /var/log/tac_acc.log
logging = local6
#accounting file = "|exec /usr/bin/logger"
#All services are alowed..

user = DEFAULT {
    default service = permit
}



# Profiles for user accounts

user = ohbet {
    default service = permit
    login = file /etc/shadow
}

So all users on the /etc/passwd can login and after entering the enable passwd, it has a priv 15 capability.

Some log capture during some configuration changes.


tail -f /var/log/tac_acc.log


Tue Oct  7 14:35:32 2008        192.168.254.254 enable_15       0       0.0.0.0 stop    task_id=1       cmd=aaa accounting command TACACS    service=shell    elapsed_time=0
Tue Oct  7 14:37:08 2008        192.168.254.254 enable_15       23      192.168.254.1   stop    task_id=2       cmd=configure terminal  service=shell elapsed_time=0
Tue Oct  7 14:37:36 2008        192.168.254.254 enable_15       23      192.168.254.1   stop    task_id=3       cmd=access-list in_nameif_outside rem "ACL from outside"      service=shell   elapsed_time=0
Tue Oct 21 09:12:57 2008        192.168.254.254 enable_15       23      192.168.254.1   stop    task_id=1       cmd=aaa accounting command tacacs-linux       service=shell   elapsed_time=0
Tue Oct 21 09:13:07 2008        192.168.254.254 enable_15       23      192.168.254.1   stop    task_id=2       cmd=write memory        service=shell elapsed_time=0
Tue Oct 21 09:14:08 2008        192.168.254.254 enable_15       23      192.168.254.1   stop    task_id=3       cmd=configure terminal  service=shell elapsed_time=0
Tue Oct 21 09:14:40 2008        192.168.254.254 enable_15       23      192.168.254.1   stop    task_id=4       cmd=static (outside,inside) 192.168.254.1 200.200.200.10 netmask 255.255.255.255      service=shell   elapsed_time=0
Tue Oct 21 09:15:07 2008        192.168.254.254 enable_15       23      192.168.254.1   stop    task_id=5       cmd=static (inside,outside) 200.200.200.10 192.168.254.1 netmask 255.255.255.255      service=shell   elapsed_time=0
Tue Oct 21 09:15:12 2008        192.168.254.254 enable_15       23      192.168.254.1   stop    task_id=6       cmd=write memory        service=shell elapsed_time=0

Tuesday, October 14, 2008

OSPF 1 LAB

Main Objective: To utilize the connection from R5 to R8 and use R6 and R7 as redundant link. Configured OSPF at R6, R7, R8 and R5.

When link going to R6 went down, link to R7 will become active.

R5 Config


Building configuration...

Current configuration : 633 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 10
ip cef
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 192.168.1.0 0.0.0.255 area 0
!
ip forward-protocol nd
!
ip http server
no ip http secure-server
!
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
login
!
!
end

R6 Config


Current configuration : 976 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname r6
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.1.254 255.255.255.0
duplex auto
speed auto
!
interface Serial1/0
ip address 192.168.254.13 255.255.255.252
shutdown
serial restart-delay 0
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
router ospf 1
log-adjacency-changes
network 192.168.1.0 0.0.0.255 area 0
network 192.168.254.12 0.0.0.3 area 0
!
ip http server
ip forward-protocol nd

!
!
!
!
!
control-plane
!
!
line con 0
session-timeout 35791
absolute-timeout 10000
line aux 0
line vty 0 4
login
!
end

R7 Config


Current configuration : 964 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname r7
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.1.253 255.255.255.0
duplex auto
speed auto
!
interface Serial1/0
ip address 192.168.254.9 255.255.255.252
serial restart-delay 0
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
router ospf 1
log-adjacency-changes
network 192.168.1.0 0.0.0.255 area 0
network 192.168.254.8 0.0.0.3 area 0
!
ip http server
ip forward-protocol nd

!
!
!
!
!
control-plane
!
!
line con 0
session-timeout 35000
absolute-timeout 10000
line aux 0
line vty 0 4
login
!
end

R8 Config


Current configuration : 939 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname r8
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
!
!
!
!
!
!
!
interface Loopback0
ip address 192.254.254.1 255.255.255.255
!
interface Serial0/0
ip address 192.168.254.14 255.255.255.252
serial restart-delay 0
!
interface Serial0/1
ip address 192.168.254.10 255.255.255.252
serial restart-delay 0
!
interface Serial0/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial0/3
no ip address
shutdown
serial restart-delay 0
!
router ospf 1
log-adjacency-changes
network 192.168.254.8 0.0.0.3 area 0
network 192.168.254.12 0.0.0.3 area 0
network 192.254.254.1 0.0.0.0 area 0
!
ip http server
ip forward-protocol nd
!
!
!
!
!
control-plane
!
!
line con 0
session-timeout 35000
absolute-timeout 10000
line aux 0
line vty 0 4
login
!
end

Showing ospf neig at R5


Neighbor ID     Pri   State           Dead Time   Address         Interface
192.168.1.253     1   FULL/DROTHER    00:00:36    192.168.1.253   FastEthernet0/0
192.168.1.254     1   FULL/BDR        00:00:35    192.168.1.254   FastEthernet0/0