I’ve got two networks on my Apache machine, an internal and an external. The internal network is used to communicate to the MySQL machine housing databases for use by the sites on my Apache machine. The MySQL machine only has an internal network, with no gateway to the world. I need to be able to temporarily add a route to the internet so I can update the MySQL machine. For the explicit purpose of giving internet access for updates to my MySQL machine, I will use my Apache machine as the gateway.
Apache Internal = eth0 (192.168.1.32)
Apache External = eth1 (unimportant)
MySQL Internal = eth0 (192.168.1.31)
Step 1 (Apache machine)
iptables --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE
iptables --append FORWARD --in-interface eth0 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
Step 2 (MySQL machine)
route add default gw 192.168.1.32
Test your new gateway by pinging an external IP address (like google.com). We didn’t save the firewall rules, or the gateway configuration to any permanent settings so a reboot will clear the configuration.
I’m adding a new hard disk to an Ubuntu 12.04.3 LTS system that is using LVM2. I had to pull my sources from a few different sites, so I figured I’d post my steps for easier reading later. The short 6-step process boils down to this:
- Add and Scan for the new Physical Volume
echo "- - -" > /sys/class/scsi_host/host#/scan
- Partition the new physical volume for use by LVM (type = 8e)
- Enable the Partition as a Physical Volume in LVM
- Add the new LVM Physical Volume to the Volume Group
vgextend [VGNAME] [PARTITION]
- Extend the Logical Volume to include the new Physical Volume
lvextend -l +100%FREE [LVNAME]
- Extend the Filesystem of the Logical Volume
fsadm resize [LVNAME]
For a deeper explanation, read on! Read the rest of this entry »
For the longest time I didn’t realize how easy it was to use an SSH connection as a path to the services only available on the Local Area Network of an SSH-enabled machine. Now that I am “thinking with tunnels”, almost everything I use behind a firewall is through an SSH tunnel. Like a tunnel used for pedestrian or vehicle traffic, an SSH tunnel has two endpoints. One end, the machine I am connecting from, is where the traffic goes in. The other end, the machine I connect to, is where the traffic comes out. One consideration that needs to be made of tunnels is that traffic that exits the tunnel appear to come from the exiting node, not the originating node. In most cases this will make things easier, but depending on what you’re using the tunnel for it’s best to know going in that the origin of the data is not the origin the destination thinks it is.
In my example, I’ve set up a Plex server on a public IP address but part of the setup requires that I point the browser to the localhost address (and the traffic must come from the server itself). Being that the server is a “headless” virtual machine, I don’t have a GUI or a graphical web browser — just a terminal window via an SSH connection. With SSH Tunneling, I can set up the proper forwarding and browse using the graphical web browser on my local machine, connecting through the tunnel, and using the remote machine’s accessibility. It should be noted that on Windows, I use KiTTY as my SSH/Telnet/Serial client; so my examples will be the configuration windows for KiTTY though they are very familiar for PuTTY users. KiTTY is a drop-in replacement for PuTTY with some add-ons and upgraded features. To get KiTTY, or learn more about it, visit the project page.
First, connect to your SSH machine. It doesn’t need to be the target of the tunnel, just the end of the tunnel that has access to the resource you want to utilize.
AS OF NOW THIS PROJECT IS A NO-GO FOR THE RASPBERRY PI, as the Pi doesn’t support OpenGL adequately. However, the steps below will work on other architectures. This post will be updated if the project ever does become viable on the Raspberry Pi.
Logstalgia is an open-source project that aims to display your web server’s log files as a pong-like visualization. It can be pretty mesmerizing during high-traffic times or even DDOS-attacks (as seen below). I am experimenting with it as a Network Operations Center display piece, and thought I’d parse out the steps I took to install it on a Raspberry Pi or any other device running a Debian based linux operating system.
The first installation I had running was on a laptop to see how easy it was going to be to install it on a known working platform. I had it running on a Linux Mint 14 (MATE) install in 15 minutes, and that included all the reading I did to figure out what packages I needed to install.
Today I’m running a ESXi, 4.1.0, 800380 on a baremetal server and want to keep it current. Here are the steps I took to successfully update my VMWare ESXi host.
Enable SSH on the host.
You can do this one of two ways, either via the vSphere Client on the host configuration tab or via the physical console. If you use the physical console, you’ll log in and change the Troubleshooting Mode Options to enable “remote tech support”. If you are remote, you can edit the Security Profile and enable Remote Tech Support in the Host’s Configuration tab.
Download the patches.
Make sure you’re downloading the patches for the ESXi Product, and not ESX. Here’s the VMWare portal for patches.