vim /etc/rsyslog.conf
uncomment the following line
cron.* /var/log/cron.log
restart rsyslog service
service rsyslog restart
enable crontab logging in debian wheezy
Reply
Category Archives: Debian
Syntax error on line 52 of /etc/modsecurity/activated_rules/modsecurity_crs_20_protocol_violations.conf: SOLVED
During the configuration of owasp modsecurity core rule set (CRS) the following error appeared
Syntax error on line 52 of /etc/modsecurity/activated_rules/modsecurity_crs_20_protocol_violations.conf:
The main reasons are the previously installed version of libapache2-modsecurity and OWASP CRS.
dpkg -s libapache2-modsecurity | grep Version
Version: 2.6.6-6+deb7u1
owasp-modsecurity-2.2.8-1
libapache2-modsecurity version 2.6.6-6 doesn’t work correctly with owasp csr 2.2.8-1
The earlier version of owasp core rule set is needed.
and here it is a basic configuration of apache modsecurity
aptitude install libapache2-modsecurity
cp /etc/modsecurity/modsecurity.conf-recommended /etc/apache2/conf.d/modsecurity.conf
vim /etc/apache2/conf.d/modsecurity.conf
customize settings
SecRuleEngine DetectionOnly
SecRequestBodyAccess On
SecDebugLog /var/log/apache2/modsecurity-debug.log
SecDebugLogLevel 3
a2enmod mod-security
a2enmod headers
apachectl configtest
/etc/init.d/apache2 reload
Now configure owasp mod-security
wget https://github.com/SpiderLabs/owasp-modsecurity-crs/tarball/v2.2.5
tar xvf v2.2.5
cp -r SpiderLabs-owasp-modsecurity-crs-5c28b52/* /etc/modsecurity/
mv /etc/modsecurity/modsecurity_crs_10_setup.conf.example /etc/modsecurity/modsecurity_crs_10_setup.conf
cd /etc/modsecurity/base_rules/
for f in * ; do ln -s /etc/modsecurity/base_rules/$f /etc/modsecurity/activated_rules/$f;done
cd /etc/modsecurity/optional_rules/
for f in * ; do ln -s /etc/modsecurity/optional_rules/$f /etc/modsecurity/activated_rules/$f; done
vim /etc/apache2/mods-available/mod-security.conf
add owasp config files
Include "/etc/modsecurity/activated_rules/*.conf"
apachectl configtest
/etc/init.d/apache2 reload
how to monitor Xerox Phaser 7400DN printer with icinga
With this useful plugin you can monitor easily your network printer.Download and move it to directory with the other plugins.In my case the directory is /usr/lib/nagios/plugins/.Make sure the snmp is configured on the printer side.Now, lets’ test the plugin root@icinga:/usr/lib/nagios/plugins# ./check_snmp_printer -H 192.168.0.75 -x "MODEL"
"Xerox Phaser 7400DN;PS4.2.0,Net25.72.10.07,Eng0.11.2,OS6.26", Serial # XXXXXXXXX
Now, we have to define host, check_command and services for our new object.
root@icinga:/usr/local/icinga/etc# vim objects/Default_collector/hosts.cfg
define host {
host_name Printer
address 192.168.0.75
max_check_attempts 1
check_interval 1
retry_interval 1
notification_interval 1
notification_options d,n
check_command check-host-alive
check_period 24x7
notification_period 24x7
contact_groups +admins
}
root@icinga:/usr/local/icinga/etc# vim objects/global/checkcommands.cfg
define command{
command_name check_consumables
command_line $USER1$/check_snmp_printer -H $ARG1$ -C public -x $ARG2$ -w 30 -c 15
}
define command{
command_name check_paper
command_line $USER1$/check_snmp_printer -H $ARG1$ -C public -x $ARG2$
}
root@icinga:/usr/local/icinga/etc# vim objects/Default_collector/services.cfg
define service{
use generic-service
host_name Printer
service_description Tray1 Paper Status
check_command check_paper!$HOSTADDRESS$!"TRAY 1"
check_period 24x7
notification_period 24x7
max_check_attempts 1
check_interval 1
retry_interval 1
notification_interval 1
event_handler_enabled 0
contact_groups +admins
}
define service{
use generic-service
host_name Printer
service_description Tray2 Paper Status
check_command check_paper!$HOSTADDRESS$!"TRAY 2"
check_period 24x7
notification_period 24x7
max_check_attempts 1
check_interval 1
retry_interval 1
notification_interval 1
event_handler_enabled 0
contact_groups +admins
}
define service{
use generic-service
host_name Printer
service_description Black Toner Status
check_command check_consumables!$HOSTADDRESS$!”CONSUM Black Toner”
check_period 24×7
notification_period 24×7
max_check_attempts 1
check_interval 1
retry_interval 1
notification_interval 1
event_handler_enabled 0
contact_groups +admins
}
define service{
use generic-service
host_name Printer
service_description Cyan Toner Status
check_command check_consumables!$HOSTADDRESS$!”CONSUM Cyan Toner”
check_period 24×7
notification_period 24×7
max_check_attempts 1
check_interval 1
retry_interval 1
notification_interval 1
event_handler_enabled 0
contact_groups +admins
}
define service{
use generic-service
host_name Printer
service_description Magenta Toner Status
check_command check_consumables!$HOSTADDRESS$!”CONSUM Magenta Toner”
check_period 24×7
notification_period 24×7
max_check_attempts 1
check_interval 1
retry_interval 1
notification_interval 1
event_handler_enabled 0
contact_groups +admins
}
define service{
use generic-service
host_name Printer
service_description Yellow Toner Status
check_command check_consumables!$HOSTADDRESS$!”CONSUM Yellow Toner”
check_period 24×7
notification_period 24×7
max_check_attempts 1
check_interval 1
retry_interval 1
notification_interval 1
event_handler_enabled 0
contact_groups +admins
}
define service{
use generic-service
host_name Printer
service_description Fuser Status
check_command check_consumables!$HOSTADDRESS$!”CONSUM Fuser”
check_period 24×7
notification_period 24×7
max_check_attempts 1
check_interval 1
retry_interval 1
notification_interval 1
event_handler_enabled 0
contact_groups +admins
}
define service{
use generic-service
host_name Printer
service_description Waste Status
check_command check_consumables!$HOSTADDRESS$!”CONSUM Waste”
check_period 24×7
notification_period 24×7
max_check_attempts 1
check_interval 1
retry_interval 1
notification_interval 1
event_handler_enabled 0
contact_groups +admins
}
define service{
use generic-service
host_name Printer
service_description Cyan Imaging
check_command check_consumables!$HOSTADDRESS$!”CONSUM Cyan Imaging”
check_period 24×7
notification_period 24×7
max_check_attempts 1
check_interval 1
retry_interval 1
notification_interval 1
event_handler_enabled 0
contact_groups +admins
}
define service{
use generic-service
host_name Printer
service_description Magenta Imaging
check_command check_consumables!$HOSTADDRESS$!”CONSUM Magenta Imaging”
check_period 24×7
notification_period 24×7
max_check_attempts 1
check_interval 1
retry_interval 1
notification_interval 1
event_handler_enabled 0
contact_groups +admins
}
define service{
use generic-service
host_name Printer
service_description Yellow Imaging
check_command check_consumables!$HOSTADDRESS$!”CONSUM Yellow Imaging”
check_period 24×7
notification_period 24×7
max_check_attempts 1
check_interval 1
retry_interval 1
notification_interval 1
event_handler_enabled 0
contact_groups +admins
}
define service{
use generic-service
host_name Printer
service_description Black Imaging
check_command check_consumables!$HOSTADDRESS$!”CONSUM Black Imaging”
check_period 24×7
notification_period 24×7
max_check_attempts 1
check_interval 1
retry_interval 1
notification_interval 1
event_handler_enabled 0
contact_groups +admins
}
define service{
use generic-service
host_name Printer
service_description Transfer Belt
check_command check_consumables!$HOSTADDRESS$!”CONSUM Transfer Belt”
check_period 24×7
notification_period 24×7
max_check_attempts 1
check_interval 1
retry_interval 1
notification_interval 1
event_handler_enabled 0
contact_groups +admins
}
root@icinga:/usr/lib/nagios/plugins# service icinga reload
Running configuration check...OK
Reloading icinga configuration...done
nagios plugins compile error
make[1]: Entering directory `/var/www/nagios-plugins-1.4.16/plugins'
gcc -DLOCALEDIR=\"/usr/local/icinga/share/locale\" -DHAVE_CONFIG_H -I. -I.. -I.. -I../lib -I../gl -I../intl -I/usr/include -DNP_VERSION='"1.4.16"' -g -O2 -MT check_http.o -MD -MP -MF .deps/check_http.Tpo -c -o check_http.o check_http.c
check_http.c: In function 'process_arguments':
check_http.c:312:9: error: 'ssl_version' undeclared (first use in this function)
check_http.c:312:9: note: each undeclared identifier is reported only once for each function it appears in
make[1]: *** [check_http.o] Error 1
make[1]: Leaving directory `/var/www/nagios-plugins-1.4.16/plugins'
make: *** [install-recursive] Error 1
To solve this make sure you have libssl-dev package installed.
apt-get install libssl-dev
./configure \
--prefix=/usr/local/icinga --with-cgiurl=/icinga/cgi-bin \
--with-nagios-user=icinga --with-nagios-group=icinga
make && make install
connect to your cisco device using ckermit tool
dmesg
[ 9476.461366] usb 4-5: Product: USB2.0-Ser!
[ 9476.461672] usb 4-5: configuration #1 chosen from 1 choice
[ 9476.579758] usbcore: registered new interface driver usbserial
[ 9476.579800] USB Serial support registered for generic
[ 9476.579856] usbcore: registered new interface driver usbserial_generic
[ 9476.579861] usbserial: USB Serial Driver core
[ 9476.582778] USB Serial support registered for ch341-uart
[ 9476.582797] ch341 4-5:1.0: ch341-uart converter detected
[ 9476.617800] usb 4-5: ch341-uart converter now attached to ttyUSB0
[ 9476.617838] usbcore: registered new interface driver ch341
aptitude install ckermit
vim ~/.kermrc
set line /dev/ttyUSB0
set speed 9600
set carrier-watch off
set handshake none
set flow-control none
robust
client-120:/home/bentoslack# kermit
C-Kermit 8.0.211, 10 Apr 2004, for Linux
Copyright (C) 1985, 2004,
Trustees of Columbia University in the City of New York.
Type ? or HELP for help.
(/home/ibekyarov/) C-Kermit>connect
Connecting to /dev/ttyUSB0, speed 9600
Escape character: Ctrl-\ (ASCII 28, FS): enabled
Type the escape character followed by C to get back,
or followed by ? to see other options.
----------------------------------------------------
Switch>
Switch>show version
Cisco Internetwork Operating System Software
IOS (tm) C3500XL Software (C3500XL-C3H2S-M), Version 12.0(5.3)WC(1), MAINTENANCE INTERIM SOFTWARE
Copyright (c) 1986-2001 by cisco Systems, Inc.
Compiled Mon 30-Apr-01 07:51 by devgoyal
Image text-base: 0x00003000, data-base: 0x003331F4
ROM: Bootstrap program is C3500XL boot loader
Switch uptime is 34 minutes
System returned to ROM by power-on
System image file is "flash:c3500XL-c3h2s-mz-120-5.3.WC.1.bin"
cisco WS-C3548-XL (PowerPC403) processor (revision 0x01) with 16384K/1024K bytes of memory.
Processor board ID FOC0548T066, with hardware revision 0x00
Last reset from power-on
how to reset root password on debian wheezy
During the pc boot up process, when grub boot loader appears press “e” to edit,
find the line which begin with linux and on the end add init=/bin/bash
example: linux /boot/vmliznu-3.2.0-4-686-pae root=UUID=8cbe7996-107b-4d22-9281-f0962e4917dd ro initrd=/install/initrd.gz quiet init=/bin/bash
press ctrl+x to boot, this will drop you on the command prompt
mount -o remount,rw /
passwd
reboot
RAID bus controller: Dell PowerEdge Expandable RAID controller 4/Di (rev 02)
This is short example how to view raid card and installed hard drives in dell poweredge 1750 server
root@dell:~# lspci -v | grep -i RAID
04:03.0 RAID bus controller: Dell PowerEdge Expandable RAID controller 4/Di (rev 02)
Kernel driver in use: megaraid
root@dell:~# megactl
a0 PERC 4/Di chan:2 ldrv:1 batt:good
a0d0 67GiB RAID 5 1x3 optimal
a0c0t0 33GiB a0d0 online
a0c0t1 33GiB a0d0 online
a0c0t2 33GiB a0d0 online
root@dell:~# megaraid-status
-- Arrays informations --
-- ID | Type | Size | Status
a0d0 | RAID 5 | 67GiB | optimal
-- Disks informations
-- ID | Model | Status | Warnings
a0c0t0 | MAXTOR ATLAS10K4_36SCA 33GiB | online
a0c0t1 | MAXTOR ATLAS10K4_36SCA 33GiB | online
a0c0t2 | MAXTOR ATLAS10K4_36SCA 33GiB | online
root@dell:~#
megacli monitor and configure LSI RAID controller
In this example i am using Debian 7 with raid controller LSI MEGA raid
It is necessary to add repository for the package:
Please add deb http://hwraid.le-vert.net/debian wheezy main to /etc/apt/sources.list
Then apt-get update && apt-get install megacli
megacli is a proprietary tool by LSI which can perform both reporting and management for MegaRAID SAS cards.
However it’s really hard to use because it’s use tones of command line parameters and there’s no documentation.
Gtestet all adapters status and config:
test:~# megacli -AdpAllInfo -aAll
Adapter #0
==============================================================================
Versions
================
Product Name : PERC 5/i Integrated
Serial No : 12345
FW Package Build: 5.2.1-0067
Mfg. Data
================
Mfg. Date : 00/00/00
Rework Date : 00/00/00
Revision No : @A
Battery FRU : N/A
Image Versions In Flash:
================
Boot Block Version : R.2.3.12
BIOS Version : MT28-8
MPT Version : MPTFW-00.10.61.00-IT
FW Version : 1.03.40-0316
WebBIOS Version : 1.03-04
Ctrl-R Version : 1.04-019A
[…]
Logical drive 0 on adapter 0 status and type:
test:~# megacli -LDInfo -L0 -a0
Adapter 0 — Virtual Drive Information:
Virtual Disk: 0 (Target Id: 0)
Name:raid1
RAID Level: Primary-1, Secondary-0, RAID Level Qualifier-0
Size:237824MB
State: Optimal
Stripe Size: 64kB
Number Of Drives:2
Span Depth:1
Default Cache Policy: WriteBack, ReadAheadNone, Direct, No Write Cache if Bad BBU
Current Cache Policy: WriteBack, ReadAheadNone, Direct, No Write Cache if Bad BBU
Access Policy: Read/Write
Disk Cache Policy: Disk’s Default
Exit Code: 0x00
Display, disable or enable automatic rebuild on adapter 0:
test:~# megacli -AdpAutoRbld -Dsply -a0
Adapter 0: AutoRebuild is Enabled.
Exit Code: 0x00
test:~# megacli -AdpAutoRbld -Dsbl -a0
Adapter 0: AutoRebuild is Disabled.
Exit Code: 0x00
test:~# megacli -AdpAutoRbld -Enbl -a0
Adapter 0: AutoRebuild is Enabled.
Exit Code: 0x00
Get and modify rebuild rate:
test:~# megacli -AdpGetProp RebuildRate -a0
Adapter 0: Rebuild Rate = 30%
Exit Code: 0x00
test:~# megacli -AdpSetProp RebuildRate 60 -a0
Adapter 0: Set rebuild rate to 60% success.
Exit Code: 0x00
Show physical disks from first controller:
test:~# megacli -PDList -a0
[…]
Enclosure Device ID: 32
Slot Number: 1
Device Id: 1
Sequence Number: 9
Media Error Count: 0
Other Error Count: 0
Predictive Failure Count: 0
Last Predictive Failure Event Seq Number: 0
PD Type: SAS
Raw Size: 140014MB [0x11177328 Sectors]
Non Coerced Size: 139502MB [0x11077328 Sectors]
Coerced Size: 139392MB [0x11040000 Sectors]
Firmware state: Rebuild
SAS Address(0): 0x5000c5000c8579d1
SAS Address(1): 0x0
Connected Port Number: 1(path0)
Inquiry Data: SEAGATE ST3146855SS S5283LN6CNGM
Foreign State: None
We can see that disk 32,1 (enclosure id = 32, slot = 1) is currently rebuilding (firmware state).
Let’s check this operation progress:
test:~# megacli -PDRbld -ShowProg -PhysDrv [32:1] -aALL
Rebuild Progress on Device at Enclosure 32, Slot 1 Completed 51% in 10 Minutes.
Auhtor:viliev
tw-cli monitor and configure 3ware Raid Controller
In this example i am using Debian 7 with raid controller 3ware 9500S-12 PCI SATA
It is necessary to add repository for the package:
Please add deb http://hwraid.le-vert.net/debian wheezy main to /etc/apt/sources.list
Then apt-get update && apt-get install tw-cli
tw_cli is a command line tool to manage and monitor Eskaled cards
Once the package is installed we can check how the raid works :
List available controllers:
server:~# tw-cli info
Ctl Model (V)Ports Drives Units NotOpt RRate VRate BBU
————————————————————————
c0 9500S-12 2 2 1 0 2 – –
All arrays and disks from controller “c0”:
server:~# tw-cli /c0 show
Unit UnitType Status %RCmpl %V/I/M Stripe Size(GB) Cache AVrfy
——————————————————————————
u0 RAID-1 OK – – – 153.385 OFF –
Port Status Unit Size Blocks Serial
—————————————————————
p0 OK u0 153.38 GB 321672960 VNRD3EC4C7J1SM
p1 OK u0 153.38 GB 321672960 VNRD3EC4C7HZZM
Enabling/Disabling Write Cache
//server> info c0
Unit UnitType Status %RCmpl %V/I/M Stripe Size(GB) Cache AVrfy
——————————————————————————
u0 RAID-1 OK – – – 232.885 OFF –
Write cache is OFF. Let’s turn it ON.
//server> set cache c0 u0 on
Setting Write Cache Policy on /c0/u0 to [on] … Done.
//server> info c0
Unit UnitType Status %RCmpl %V/I/M Stripe Size(GB) Cache AVrfy
——————————————————————————
u0 RAID-1 OK – – – 232.885 ON –
Author:viliev
create partitions using parted command line interface
parted /dev/sda
print
(parted) mklabel msdos
Warning: The existing disk label on /dev/sda will be destroyed and all data on this disk will be lost. Do you want to continue?
Yes/No? yes
(parted) unit GB
(parted) mkpart primary ext4 0gb 35gb
(parted) mkpart primary linux-swap 35gb 37gb
(parted) mkpart primary ext4 37gb 250gb
(parted) set 1 boot on
(parted) print
Model: ATA WDC WD2500AAKS-0 (scsi)
Disk /dev/sda: 250GB
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Number Start End Size Type File system Flags
1 0.00GB 35.0GB 35.0GB primary boot
2 35.0GB 37.0GB 2.00GB primary
3 37.0GB 250GB 213GB primary
(parted) quit
Information: You may need to update /etc/fstab.