Thursday, August 27, 2015

TIPS for Expect Script

在此筆記一些Expect Script的使用技巧。

1. 記錄Expect Script執行的過程:
 log_file -noappend ./$0.log
.......
.......
.......
log_file
2. 與遠端主機斷線:
expect eof
3.  For loop於Expect Script的用法:
expect -c "
for {set i 1} {\$i <= 10} {incr i 1} {

}
"
4. If於Expect Script的用法:
expect -c "
  if { \$i == 1 } {

 }
5. 於Expect Script跳脫"符號的方法:
expect -c
send \"test \\\"test\\ test\\ test\\\"\r\"
"

Tuesday, August 25, 2015

如何讓rsyslog 也支援TCP?

預設rsyslog只支援UDP with port 514,如果要支援TCP,可以載入TCP的模組即可使用。

$ModLoad imudp.so
$UDPServerRun 514

$ModLoad imtcp.so
$InputTCPServerRun 514

記得修改完畢後restart rsyslog。

Monday, February 09, 2015

Use Linux be an IPv6 Router

簡單筆記一下如何使用Linux當IPv6的Router,以利將來備查。順便此次的實作是使用CentOS7.0,所以啟動daemon的方式跟以往SysV的方式不太一樣。

Step1. Enable IPv6 forwarding for Kernel via /etc/sysctl.conf:
net.ipv6.conf.all.forwarding = 1
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.br0.forwarding = 1
net.ipv6.conf.br1.forwarding = 1
net.ipv6.conf.br2.forwarding = 1

Step2. Use radvd be a DHCPv6 Server:
Step2.1 Open then edit /etc/radvd.conf:interface br0
{
AdvSendAdvert on;
MinRtrAdvInterval 30;
MaxRtrAdvInterval 100;
prefix 3001:688::/64
{
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr on;
};
};
interface br1
{
AdvSendAdvert on;
MinRtrAdvInterval 30;
MaxRtrAdvInterval 100;
prefix 3001:588::/64
{
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr on;
};
};
interface br2
{
AdvSendAdvert on;
MinRtrAdvInterval 30;
MaxRtrAdvInterval 100;
prefix 3001:288::/64
{
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr on;
};
};

Step2.2: Launch radvd immediately as well as start running it when system boots up:[root@rhel7 network-scripts]# systemctl start radvd
[root@rhel7 network-scripts]# systemctl enable radvd
[root@rhel7 network-scripts]# systemctl status radvd
radvd.service - Router advertisement daemon for IPv6
   Loaded: loaded (/usr/lib/systemd/system/radvd.service; enabled)
   Active: active (running) since 五 2015-02-06 16:22:51 CST; 1h 41min ago
 Main PID: 9884 (radvd)
   CGroup: /system.slice/radvd.service
           ├─9882 /usr/sbin/radvd -u radvd
           └─9884 /usr/sbin/radvd -u radvd
 2月 06 16:49:43 rhel7 radvd[9884]: resuming normal operation
 2月 06 16:49:44 rhel7 radvd[9884]: attempting to reread config file
 2月 06 16:49:44 rhel7 radvd[9884]: resuming normal operation
 2月 06 16:49:51 rhel7 radvd[9884]: attempting to reread config file
 2月 06 16:49:51 rhel7 radvd[9884]: resuming normal operation
 2月 06 16:49:53 rhel7 radvd[9884]: attempting to reread config file
 2月 06 16:49:53 rhel7 radvd[9884]: resuming normal operation
 2月 06 16:49:53 rhel7 radvd[9884]: attempting to reread config file
 2月 06 16:49:53 rhel7 radvd[9884]: resuming normal operation
 2月 06 18:03:32 rhel7 systemd[1]: Started Router advertisement daemon for IPv6.
Verify:
HostA(300:288::253):

eth1      Link encap:Ethernet  HWaddr 08:00:27:45:E9:40
          inet addr:10.10.2.253  Bcast:10.10.2.255  Mask:255.255.255.0
          inet6 addr: 3001:288::253/64 Scope:Global
          inet6 addr: fe80::a00:27ff:fe45:e940/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6439011 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6261045 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:2632403693 (2.4 GiB)  TX bytes:244180721 (232.8 MiB)
[root@server1 ~]# ip -6 route show
3001:588::/64 via 3001:288::1 dev eth1  metric 1024  expires 4293343sec mtu 1500 advmss 1440 hoplimit 4294967295
3001:688::/64 via 3001:288::1 dev eth1  metric 1024  expires 4293666sec mtu 1500 advmss 1440 hoplimit 4294967295

[root@server1 ~]# ping6 3001:588::100 -c 3
PING 3001:588::100(3001:588::100) 56 data bytes
64 bytes from 3001:588::100: icmp_seq=0 ttl=63 time=31.9 ms
64 bytes from 3001:588::100: icmp_seq=1 ttl=63 time=24.3 ms
64 bytes from 3001:588::100: icmp_seq=2 ttl=63 time=5.61 ms
--- 3001:588::100 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2015ms
rtt min/avg/max/mdev = 5.615/20.607/31.904/11.046 ms, pipe 2

HostB(3001:588::100):

Wireless LAN adapter Wireless Network Connection:
   Connection-specific DNS Suffix  . : example.com   IPv6 Address. . . . . . . . . . . : 3001:588::100
   IPv6 Address. . . . . . . . . . . : 3001:588::2677:3ff:fe77:f29c
   Link-local IPv6 Address . . . . . : fe80::2677:3ff:fe77:f29c%31
   IPv4 Address. . . . . . . . . . . : 10.10.5.188
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : fe80::6a05:caff:fe22:2b8b%31
                                       3001:588::1
                                       10.10.5.254

D:\Tools\wbox-3>ping -6 3001:288::253
Pinging 3001:288::253 with 32 bytes of data:
Reply from 3001:288::253: time=29ms
Reply from 3001:288::253: time=64ms
Reply from 3001:288::253: time=158ms
Reply from 3001:288::253: time=24ms
Ping statistics for 3001:288::253:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 24ms, Maximum = 158ms, Average = 68ms

Friday, August 22, 2014

如何避免remote syslog寫入到本機的/var/log/messages?

如題,假設今天log receive server將收集幾十台甚至幾百台裝置的log,預設上rsyslog會將這些裝置的log也同時寫入到本機的/var/log/messages。這是個非常令人感到困擾的一件事,因為本機的log將會被洗版.... 還好這是有方法可以解決的,以下用rsyslog舉個例子:

:fromhost-ip,isequal,"192.168.1.1"                        /var/log/remote.log
:fromhost-ip,isequal,"192.168.1.2"                        /var/log/remote.log
:fromhost-ip,isequal,"192.168.1.3"                        /var/log/remote.log
........
*.info;mail.none;authpriv.none;cron.none               /var/log/messages


192.168.1.1~3的log會寫入到/var/log/remote.log,但同時也會寫入
到/var/log/messages!


解決方法:

:fromhost-ip,isequal,"192.168.1.1"                        /var/log/remote.log
           & ~
:fromhost-ip,isequal,"192.168.1.2"                        /var/log/remote.log
           & ~
:fromhost-ip,isequal,"192.168.1.3"                        /var/log/remote.log
          & ~
........
*.info;mail.none;authpriv.none;cron.none               /var/log/messages

"& ~"能通知rsyslog,當把remote device log寫入到/var/log/remote.log後,就停止接下來的動作,那麼當然remote device log就不會寫入到/var/log/messages囉!

Wednesday, July 30, 2014

My PS1 in ~/.bashrc

export PS1="\[\e[00;30m\]\u@\h:\w\\$ \[\e[0m\]"

user@hostname:directory $or#

->

root@rhel7:/lib/systemd/system# 

[lawrence@rhel7 tmp]$ 




Friday, July 25, 2014

How to enable vncserver on CentOS7/RHEL7

CentOS7/RHEL7 改用了systemd取代了SysVinit,因此我必須把這幾年已經還給天地的Linux重新拿出來研究一番,否則真的跟不上時代了!那就先從學習systemd開始吧!


Case: How can I enable vncserver at boot?

Steps:
1. Install vnc:
#yum install tigervnc*

2. 建立vnc user:
以某個user來執行vncserver之後,在user家目錄中有這個/.vnc/xstartup檔案就可以了,當然passwd也是會一起產生的。
以上與CentOS6/RHEL6無異。


3. 修改vnc config:
開啟/lib/systemd/system/vncserver@.service
修改[service]這個field如下:
[Service]
Type=forking
# Clean any existing files in /tmp/.X11-unix environment
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill > /dev/null 2>&1 || :'
ExecStart=/sbin/runuser -l root -c "/usr/bin/vncserver"
ExecStop=/bin/sh -c '/usr/bin/vncserver -kill > /dev/null 2>&1 || :'
用root啟動vncserver不是一個好習慣.....


4. daemon-reload:
修改unit(service)的configuration後,必需讓systemd知道,所以我要執行 systemctl daemon-reload昭告天下。

5. 手動啟動vncserver:
systemctl start vncserver@multi-user
6. 開機啟動vncserver:
systemctl enable vncserver@multi-user

Monday, January 06, 2014

解決facility與severity在LogAnalyzer是空白的問題

最近實作中也碰到了這個問題,解決的方法如下:
http://wiki.rsyslog.com/index.php/Fix_blank_Facility_and_Severity_columns_in_loganalyzer

補充:
如何改變syslog到Rsyslog format23? 原文並沒有提到唷!這邊幫忙補充一下。

只需要一個步驟,那就是修改LogAnalyzer的config.php,把LogLineType從syslog改成syslog23如下:
$CFG['Sources']['Source2']['LogLineType'] = 'syslog23';