Tag Archives: Linux

MariaDB: Enable remote connections

Posted on by
Reply

To enable remote connections to a MariaDB server, you typically need to follow these steps:

  1. Configure MariaDB to Listen on All Interfaces: By default, MariaDB might be configured to listen only on the localhost (127.0.0.1), which means it will not accept connections from remote machines. To change this, you need to edit the MariaDB configuration file.Locate the MariaDB configuration file, which is usually named my.cnf or my.ini depending on your operating system and MariaDB version.Add or modify the bind-address parameter in the [mysqld] section of the configuration file to listen on all interfaces:[mysqld] bind-address = 0.0.0.0
  2. Grant Remote Access Privileges: After configuring MariaDB to listen on all interfaces, you need to grant remote access privileges to the user account you want to use for remote connections. By default, remote access is not granted for security reasons.Connect to your MariaDB server using a MySQL client such as mysql or phpMyAdmin:bashCopy codemysql -u username -p Replace username with your MySQL username.Then, run the following SQL command to grant remote access to the user. Replace remote_user with the actual username and remote_host with the IP address or hostname of the remote machine:GRANT ALL PRIVILEGES ON *.* TO 'remote_user'@'remote_host' IDENTIFIED BY 'password' WITH GRANT OPTION; Replace 'password' with the password for the user account.Note: Using ALL PRIVILEGES is quite permissive. You may want to limit the privileges to the specific databases or tables the user needs access to.
  3. Firewall Configuration: Ensure that your firewall allows incoming connections on the MariaDB port (usually 3306). You might need to open this port if it’s blocked.
  4. Restart MariaDB: After making changes to the configuration file, restart the MariaDB service to apply the changes.sudo systemctl restart mariadb Use the appropriate command for your operating system if you’re not using systemd.

After following these steps, your MariaDB server should be configured to accept remote connections from the specified user account. Make sure to consider security implications and follow best practices when enabling remote access.

GitHub: Clone the Remote Repository and Create a New Branch

Posted on by
Reply

Below are the step-by-step instructions:

  1. Clone the Remote Repository and Create a New Branch: Clone the remote GitHub repository and create a new branch simultaneously by specifying the branch name with the -b flag.git clone -b <branch_name> <repository_URL> Replace <branch_name> with the name you want for your new branch and <repository_URL> with the URL of the GitHub repository.
  2. Navigate to the Cloned Repository: Change your current directory to the cloned repository.cd <repository_name> Replace <repository_name> with the name of the repository you cloned.
  3. Define GitHub Credentials: Set up your GitHub credentials for the repository:git config user.email "your_email@example.com" git config user.name "Your Name" Replace "your_email@example.com" with your GitHub email and "Your Name" with your GitHub username.
  4. Make Changes, Add, and Commit: Make changes to the files in the repository, then add and commit those changes.# Make changes to the files git add . git commit -m "Your commit message here" Replace "Your commit message here" with a brief description of the changes you made.
  5. Push Changes to GitHub: Push your changes to GitHub, specifying the new branch name.git push origin <new_branch_name> Replace <new_branch_name> with the name of the new branch you created.
  6. Enter GitHub Credentials (if prompted): If this is your first time pushing to the repository or if you’re pushing to a private repository, GitHub may prompt you to enter your GitHub username and password or personal access token.

After completing these steps, your changes should be pushed to the new branch on the GitHub repository successfully. You can verify this by visiting the GitHub repository in your web browser and checking if the changes are reflected there.

Network: DNS records

Posted on by
Reply

DNS (Domain Name System) records are used to map domain names to specific IP addresses and provide various other information about domain names. Here are some common types of DNS records:

  1. A (Address) Record:
    • Maps a domain name to an IPv4 address. Example: example.com. IN A 192.0.2.1
  2. AAAA (IPv6 Address) Record:
    • Maps a domain name to an IPv6 address. Example: example.com. IN AAAA 2001:0db8:85a3:0000:0000:8a2e:0370:7334
  3. CNAME (Canonical Name) Record:
    • Maps an alias (subdomain) to the canonical (primary) domain name. Example: www.example.com. IN CNAME example.com.
  4. MX (Mail Exchange) Record:
    • Specifies mail servers responsible for receiving email messages on behalf of a domain. Example: example.com. IN MX 10 mail.example.com.
  5. TXT (Text) Record:
    • Stores arbitrary text data associated with a domain name, often used for verification, authentication, or documentation purposes. Example: example.com. IN TXT "v=spf1 mx -all"
  6. PTR (Pointer) Record:
    • Maps an IP address to a domain name (reverse DNS lookup). Example: 1.2.3.4.in-addr.arpa. IN PTR example.com.
  7. NS (Name Server) Record:
    • Specifies authoritative name servers for a domain, delegating control of the domain’s DNS records to these servers. Example: example.com. IN NS ns1.example.com.
  8. SOA (Start of Authority) Record:
    • Contains authoritative information about a DNS zone, including the primary name server, email address of the responsible person, and various timing parameters. Example: example.com. IN SOA ns1.example.com. hostmaster.example.com. 2022032801 3600 900 604800 86400
  9. SRV (Service) Record:
    • Specifies the location of services (e.g., SIP, LDAP) within a domain. Example: _sip._tcp.example.com. IN SRV 10 60 5060 sipserver.example.com.
  10. CAA (Certification Authority Authorization) Record:
    • Specifies which certificate authorities (CAs) are authorized to issue SSL/TLS certificates for a domain. Example: example.com. IN CAA 0 issue "letsencrypt.org"

These are some of the most commonly used DNS record types, but there are others as well, each serving specific purposes within the DNS system.

Network: What is the diference between NAT and PAT?

Posted on by
Reply

NAT (Network Address Translation) and PAT (Port Address Translation) are both techniques used in networking to allow multiple devices on a private network to share a single public IP address for internet communication. However, they differ in how they achieve this and the level of granularity they provide in mapping private IP addresses to public IP addresses.

  1. NAT (Network Address Translation):
    • NAT translates private IP addresses to a single public IP address. It operates at the IP address level.
    • In traditional NAT, each private IP address is mapped to a unique public IP address.
    • NAT maintains a one-to-one mapping between private IP addresses and public IP addresses.
    • NAT does not modify port numbers in the TCP/UDP headers.
    • NAT is commonly used in scenarios where a limited pool of public IP addresses is available, such as in small to medium-sized networks.
  2. PAT (Port Address Translation), also known as NAT Overload:
    • PAT translates private IP addresses to a single public IP address but uses unique port numbers to distinguish between different connections. It operates at both the IP address and port number level.
    • In PAT, multiple private IP addresses are mapped to a single public IP address, but each connection is distinguished by unique port numbers.
    • PAT maintains a many-to-one mapping between private IP addresses and public IP addresses, using different port numbers to differentiate between connections.
    • PAT modifies both the IP addresses and port numbers in the TCP/UDP headers.
    • PAT allows a much larger number of devices to share a single public IP address compared to traditional NAT, as it can multiplex connections based on port numbers.
    • PAT is commonly used in scenarios where a large number of devices need to access the internet through a single public IP address, such as in home networks, small offices, or large enterprises.

In summary, while both NAT and PAT serve the purpose of allowing multiple devices to share a single public IP address for internet communication, PAT provides a higher level of scalability and efficiency by using unique port numbers to differentiate between connections, allowing a larger number of devices to share a single public IP address.

How to capture network traffic using tcpdump on a Linux machine

Posted on by
Reply

To capture network traffic using tcpdump on a Linux machine and analyze it in Wireshark, follow these steps:

  1. Install Wireshark: If Wireshark is not already installed on your Linux machine, you can install it using your package manager. For example, on Debian-based systems (like Ubuntu), you can use:sudo apt-get update sudo apt-get install wireshark Make sure you have appropriate permissions to run Wireshark or use it with sudo.
  2. Capture network traffic with tcpdump: Run tcpdump to capture the network traffic. For example, to capture all traffic on interface eth0 and save it to a file named capture.pcap:sudo tcpdump -i eth0 -w capture.pcap Replace eth0 with the name of your network interface, which you can find using the ifconfig command.
  3. Stop tcpdump: Once you’ve captured enough traffic, stop tcpdump by pressing Ctrl+C.
  4. Transfer the capture file to your local machine (optional): If you’re running Wireshark on a different machine, you’ll need to transfer the capture file (capture.pcap) from the Linux machine to your local machine. You can use utilities like scp (secure copy) or rsync for this purpose.
  5. Open the capture file in Wireshark: Launch Wireshark on your local machine and open the capture file (capture.pcap) that you created using tcpdump.wireshark capture.pcap Alternatively, you can open Wireshark first and then use the GUI to open the capture file.
  6. Analyze the captured traffic: In Wireshark, you can analyze the captured packets, apply filters, view packet details, and perform various other network analysis tasks.

By following these steps, you can capture network traffic using tcpdump on a Linux machine and analyze it in Wireshark for troubleshooting, security analysis, or network debugging purposes. Remember to use tcpdump with appropriate permissions (e.g., sudo) to capture traffic on privileged ports or interfaces.

Linux: traceroute command

Posted on by
Reply

The traceroute command in Linux is a network diagnostic tool used to trace the path that an Internet Protocol (IP) packet takes from the local machine to a specified destination host. It does this by sending a series of packets with increasing Time-To-Live (TTL) values, starting from 1.

Here’s how the traceroute command works and what information it provides:

  1. Sending packets with TTL: The traceroute command sends UDP packets (by default) or ICMP Echo Request packets towards the destination IP address with TTL set to 1. When a router receives a packet with TTL of 1, it decrements the TTL by 1 and if it reaches zero, it sends back an ICMP “Time Exceeded” message to the sender. This message indicates that the packet has expired.
  2. Analyzing ICMP Time Exceeded messages: traceroute captures these ICMP Time Exceeded messages and uses them to determine the route the packet took to reach the destination. Each router along the path responds with an ICMP Time Exceeded message, indicating its presence.
  3. Incrementing TTL: traceroute then sends another set of packets with TTL set to 2, and so on, until the packets finally reach the destination. Each time, it records the IP address and round-trip time (RTT) of the intermediate routers.
  4. Displaying the route: Once traceroute receives a response from the destination or reaches its maximum number of hops, it displays the route taken by the packets along with the round-trip time for each hop.
  5. Identifying delays: By analyzing the round-trip times, traceroute can identify network delays at each hop, helping to diagnose network performance issues.
  6. Options: The traceroute command supports various options to customize its behavior. For example, you can specify the maximum number of hops (-m option), the type of packets to send (-I for ICMP or -U for UDP), and the interval between packets (-i option).

Example usage:

traceroute google.com

This command would trace the route to google.com, showing the IP addresses of each hop along the way and the round-trip time for each hop.

traceroute is a valuable tool for network troubleshooting, allowing administrators to identify network routing issues, locate bottlenecks, and analyze network performance between two hosts.

Linux: ifconfig command

Posted on by
Reply

The ifconfig command in Linux (and other Unix-like operating systems) is used to display and configure network interfaces. When you execute the ifconfig command without any arguments, it typically shows information about all active network interfaces on your system. Here’s a breakdown of the data you typically see:

  1. Interface Name (eth0, wlan0, etc.): This is the name of the network interface. It could be a physical interface like Ethernet (eth0, eth1, etc.) or a wireless interface (wlan0, wlan1, etc.).
  2. Link encap: This indicates the type of encapsulation method used on the interface, such as Ethernet, Loopback, or Point-to-Point.
  3. HWaddr (Hardware Address): This is the MAC (Media Access Control) address of the network interface, which uniquely identifies it on the network.
  4. inet: This shows the IPv4 address assigned to the interface. If the interface is configured with an IPv4 address, you’ll see it listed here.
  5. inet6: If IPv6 is enabled on the interface, this field will display the IPv6 address assigned to the interface.
  6. Netmask: This indicates the subnet mask associated with the IPv4 address. It determines the size of the network segment the device is on.
  7. broadcast: This displays the broadcast address for the network segment the interface is connected to. It’s used for broadcasting messages to all devices on the same network.
  8. inet6 addr: Similar to the inet field, but for IPv6 addresses.
  9. Scope: This indicates the scope of the IP address, whether it’s global, link-local, site-local, etc.
  10. RX packets/TX packets: These show the number of packets received (RX) and transmitted (TX) by the interface since it was activated or the statistics were last cleared.
  11. RX bytes/TX bytes: These display the number of bytes received (RX) and transmitted (TX) by the interface.
  12. MTU: This stands for Maximum Transmission Unit, which is the largest packet size allowed on the interface without fragmentation.
  13. RX errors/TX errors: These indicate the number of errors encountered while receiving (RX) or transmitting (TX) packets.
  14. Collisions: This shows the number of collisions detected on the interface. Collisions occur when two devices attempt to transmit data simultaneously on a shared network segment.

The output of ifconfig may vary slightly depending on the version of the tool and the Linux distribution you’re using. Some distributions are moving towards using the ip command instead of ifconfig, as it provides more features and is more powerful.

AIX: How to replace a hot-swappable Host Bus Adapter (HBA) on an AIX system

Posted on by
Reply

Replacing a hot-swappable Host Bus Adapter (HBA) on an AIX system involves several steps to ensure a smooth transition without causing disruptions to the system’s connectivity to storage devices. Here’s a general procedure to replace a hot-swappable HBA on AIX:

  1. Prepare for Downtime:Plan for a maintenance window during which you can safely perform the HBA replacement without impacting critical operations. Ensure you have a proper backup of important data and configurations before proceeding.
  2. Identify the Failed HBA:Use the AIX lsdev command to identify the failed HBA. Look for the appropriate device name associated with the HBA you intend to replace.lsdev -Cc adapter | grep <HBA_name>
  3. Identify Available Slots:If the system has multiple slots for HBAs, identify an available slot where you will insert the replacement HBA.
  4. Remove the Failed HBA:Use the rmdev command to remove the failed HBA from the system. This step ensures that AIX stops using the failed HBA.rmdev -l <failed_HBA_device_name>
  5. Insert the Replacement HBA:Insert the replacement HBA into the identified slot. Ensure that it is properly seated and securely fastened.
  6. Scan for New Devices:Use the cfgmgr command to scan for new devices and configure the replacement HBA.cfgmgr This command will automatically detect and configure the replacement HBA and any attached devices.
  7. Verify Connectivity:Test the connectivity to storage devices connected to the replacement HBA to ensure that the system can access them properly.
  8. Monitor for Errors:Monitor system logs and performance after the replacement to ensure there are no errors or issues related to the replacement HBA.
  9. Update Documentation:Update system documentation to reflect the replacement of the HBA for future reference.
  10. Perform Post-Maintenance Checks:Perform any necessary post-maintenance checks and tests to ensure that the system is functioning correctly and that there are no lingering issues.

By following this procedure, you can safely replace a hot-swappable Host Bus Adapter (HBA) on an AIX system without causing disruptions to the system’s connectivity to storage devices. Always ensure to follow manufacturer’s guidelines and best practices specific to your hardware and software environment.

Linux: display World Wide Port Names (WWPNs)

Posted on by
Reply

To display World Wide Port Names (WWPNs) and other information about Fibre Channel (FC) adapters on a Linux system, you can use various commands depending on the tools available on your system. Here are a few common methods:

  1. Using lsscsi and sg_map commands:This method requires the lsscsi and sg_map utilities, which are commonly available on many Linux distributions.sudo lsscsi -g This command lists SCSI devices, including Fibre Channel adapters. Note down the device corresponding to your Fibre Channel adapter.Then, use sg_map to map SCSI generic (sg) device names to WWPNs:sudo sg_map -i This command will show the mapping of SCSI generic devices to WWPNs and other information.
  2. Using systool:On systems with sysfs support, you can use the systool command to display information about Fibre Channel adapters:sudo systool -c fc_host -v This command lists information about Fibre Channel host adapters, including WWPNs and other details.
  3. Using fcinfo (For systems with Emulex HBAs):If you’re using Emulex HBAs, you can use the fcinfo command:sudo fcinfo <adapter_name> Replace <adapter_name> with the name of your Fibre Channel adapter (e.g., lpfc0). This command will display detailed information about the adapter, including WWPNs.
  4. Using scli (For systems with QLogic HBAs):If you’re using QLogic HBAs, you can use the scli command:sudo scli -p <port_number> -g Replace <port_number> with the port number of your Fibre Channel adapter (e.g., 0). This command will display detailed information about the HBA, including WWPNs.

Choose the method that best fits your system configuration and the tools available. These commands should provide you with the necessary information about WWPNs and other details of your Fibre Channel adapters on Linux.

Linux: Using lsblk and smartctl to display hard disk overall-health self-assessment

Posted on by
Reply

root@debian01:~# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
nvme0n1 259:0 0 476.9G 0 disk
├─nvme0n1p1 259:1 0 512M 0 part /boot/efi
├─nvme0n1p2 259:2 0 488M 0 part /boot
└─nvme0n1p3 259:3 0 476G 0 part
└─nvme0n1p3_crypt 254:0 0 475.9G 0 crypt
├─debian01–vg-root 254:1 0 23.3G 0 lvm /
├─debian01–vg-var 254:2 0 9.3G 0 lvm /var
├─debian01–vg-swap_1 254:3 0 976M 0 lvm
├─debian01–vg-tmp 254:4 0 1.9G 0 lvm /tmp
└─debian01–vg-home 254:5 0 440.5G 0 lvm /home

root@debian01:~# smartctl -a –test=long /dev/nvme0n1
smartctl 7.3 2022-02-28 r5338 [x86_64-linux-6.1.0-18-amd64] (local build)
Copyright (C) 2002-22, Bruce Allen, Christian Franke, http://www.smartmontools.org

=== START OF INFORMATION SECTION ===
Model Number: SAMSUNG MZ9LQ512HBLU-00B00
Serial Number: S7DANXMW102944
Firmware Version: FXM7601Q
PCI Vendor/Subsystem ID: 0x144d
IEEE OUI Identifier: 0x002538
Total NVM Capacity: 512,110,190,592 [512 GB]
Unallocated NVM Capacity: 0
Controller ID: 5
NVMe Version: 1.4
Number of Namespaces: 1
Namespace 1 Size/Capacity: 512,110,190,592 [512 GB]
Namespace 1 Utilization: 61,558,759,424 [61.5 GB]
Namespace 1 Formatted LBA Size: 512
Namespace 1 IEEE EUI-64: 002538 d130ba314d
Local Time is: Mon Mar 18 11:42:24 2024 CST
Firmware Updates (0x16): 3 Slots, no Reset required
Optional Admin Commands (0x0017): Security Format Frmw_DL Self_Test
Optional NVM Commands (0x005f): Comp Wr_Unc DS_Mngmt Wr_Zero Sav/Sel_Feat Timestmp
Log Page Attributes (0x1e): Cmd_Eff_Lg Ext_Get_Lg Telmtry_Lg Pers_Ev_Lg
Maximum Data Transfer Size: 512 Pages
Warning Comp. Temp. Threshold: 83 Celsius
Critical Comp. Temp. Threshold: 85 Celsius
Namespace 1 Features (0x10): NP_Fields

Supported Power States
St Op Max Active Idle RL RT WL WT Ent_Lat Ex_Lat
0 + 5.12W – – 0 0 0 0 0 0
1 + 3.59W – – 1 1 1 1 0 0
2 + 2.92W – – 2 2 2 2 0 500
3 – 0.0500W – – 3 3 3 3 210 1200
4 – 0.0050W – – 4 4 4 4 1000 9000

Supported LBA Sizes (NSID 0x1)
Id Fmt Data Metadt Rel_Perf
0 + 512 0 0

=== START OF SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED

SMART/Health Information (NVMe Log 0x02)
Critical Warning: 0x00
Temperature: 51 Celsius
Available Spare: 100%
Available Spare Threshold: 50%
Percentage Used: 0%
Data Units Read: 181,599 [92.9 GB]
Data Units Written: 1,857,619 [951 GB]
Host Read Commands: 1,898,681
Host Write Commands: 48,222,637
Controller Busy Time: 238
Power Cycles: 75
Power On Hours: 52
Unsafe Shutdowns: 61
Media and Data Integrity Errors: 0
Error Information Log Entries: 0
Warning Comp. Temperature Time: 153
Critical Comp. Temperature Time: 3
Temperature Sensor 1: 51 Celsius
Thermal Temp. 1 Transition Count: 1236
Thermal Temp. 2 Transition Count: 1014
Thermal Temp. 1 Total Time: 2672
Thermal Temp. 2 Total Time: 12386

Error Information (NVMe Log 0x01, 16 of 64 entries)
No Errors Logged

root@debian01:~#