timburgess.net

Recently i've been developing apps and hacks for ClearOS

You can find a summary of these below:-

Webconfig eAccelerator

Zarafa Webmail & Groupware

Bandwidth Rule Monitor App

I have rebuilt Zarafa so that it runs on ClearOS using the updated version of ldap. The RPM's are now rebuilt using the maintained SRPM's from Fedora (courtesy of Robert Scheck).

The following will install and configure the webmail so that it authenticates against ClearOS users defined in the webconfig. It will configure Postfix so that all mail is delivered to the Zarafa inbox. The contacts list and calendars will function

Instructions below to upgrade PHP to 5.3.6

Please note these are not the official packages, and have been put together by http://rpms.famillecollet.com/ for RHEL5 distributions (thank you!). I have rebuilt these so they install for ClearOS with the addition of two RPM's (libedit and sqlite2).

Thefore please consider these as beta / testing quality

1. SETUP THE REPO

You can now also get PHP5.2.17 for ClearOS5.2.

You can now get the PHP rpm's from ftp://www.timburgess.net/repo/clearos/5.2/os/

Note these are compiled from the REMI repo (http://blog.famillecollet.com/), and are pretty much untested however they do work on my VM, so use at your own risk.

To install from the command line

HOWTO - Add yum priorities plugin to ClearOS5.1 / ClarkConnect 5.0 so that additional repositories and additional packages can be added without fear of breaking your existing install
INSTALL

Cribbed from this page
http://wiki.centos.org/AdditionalResources/Repositories?action=show&redi...

Grab the yum-priorities package from
http://mirror.centos.org/centos-5/5.5/extras/i386/RPMS/yum-priorities-1....

UPDATE!: You can now get hold of these drivers via RPM if you wish, they are recompiled from the elrepo sources.
ftp://starlane.gotdns.org/elrepo-kmod/

Below are the latest Realtek drivers compiled for ClarkConnect5.0 - and all the chipsets outlined for each driver. See README files for instruction on installation

I've been experimenting with UPNP media players, and particularly TwonkyMedia server and also Mediatomb. Whilst doing so i've found that not all MP3's will stream correctly to my PS3, and you will end up with "Unsupported data". After doing some further testing I ruled out either of the media servers as they both gave the same symptoms. So after some sifting through my collection and endless googling later - I think I have at least narrowed down the problem to the following....the PS3 does not like some forms of MP3 encoding. To help those who wonder (like myself) which ones DOES it play?

The grub bootloader is particularly useful, especially when upgrading and testing new kernels. I recently found a way to modifiy the default boot config to make it useful when you wish to remotely upgrade a kernel and boot into it once only without being at the console to change the default back.

My current grub config:-

Newer RHEL4 and CentOS kernels above 2.6.9-67 appear to have a bug which means that they will not boot with old AMD K6 processors, This also applies to Clarkconnect which is based on the above (I found from release 4.2 onwards).  it is to do with CPU checks carried out that the K6 processors don't actually support causing a kernel panic. This is very frustrating if you are trying to upgrade a kernel remotely ;-)

Here is my guide on how to configure and setup my Belkin 802.11b/g PCI card (based on the Ralink RT61 chipset) on Clarkconnect 4.3 CE

Sometimes, there comes a time when a high bandwidth host is taking up valuable precious resources on your server, and snort is struggling to keep up with the demand. This is a simple way to block snort from seeing / processing that traffic and save the resources for catching bad traffic from other hosts.

This also helps if you happen to have your IDS behind a firewall and your LAN traffic passes through that same interface

To do this simply create a file, named whatever you like (mine is /etc/snort/bpf.conf)

add: (changin the IP for the host you wish to ignore)

Some examples of the power of iptables..the ip is defined as 123.123.123.123, substitute with your own. You can find out more by looking at the iptables manpage. Depending on your firewall configuration, not all setups have an explicit 'drop' at the end of the chain, therefore you maybe able to append the rules rather than insert using -A

Block single external host (change ethX for your WAN interface)

iptables -I INPUT -s 123.123.123.123 -i ethX -j DROP

So we have oinkmaster - a script that will update all your snort rules for you very conveniently. We also have snortsam blocking IP's on custom rules which have fwsam:src 1day;) added to the end...the thing is the new rules don't so how do we update the new rules with the following text so that all our intrusion protection system stays up to date?

Ok well, in my (many) google searches for bash scripting I stumbled across a site over here, that hosts several samples of text manipulation scripts amongst others. The reason for posting this up is the excellent templates the author uses for setting up a script, which includes simple help description, author, and usage information.

I've pasted a sample below for info: Credit of which is due to Dawid Michalczyk

NOTE: This was written for use on the Smoothwall firewall, however it will work well on any other distro - just ignore the sections about amendements to the webconfig interface. (Step H)

Ok - needed somewhere to write down a few of the more useful bash commands i've discovered before I forget them!

So my excursion into bash scripting continues, the following line will extract fields from text(whilst a little specific to its task maybe useful for others)

I can only recommend a good read up of how to use sed, which is a powerful (and seemingly quite complicated) text editor that will remove / add / replace text on the fly. The notation is probably the biggest hurdle but its worth the effort!

A lot of config files for linux are usefully commented to describe each function, particularly apache, squid etc...Hoever sometimes this can cloud the actual configuration being used. The following line will strip all lines beginning with #, (i.e. commented) and all blank lines to leave you with a stripped out config file!

grep -v "^#" /etc/squid/squid.conf | grep -v "^$"

This following small script will automatically read the lines in Country IP range files from http://www.ipdeny.com and add them to your firewall

Create a file called zoneblock using the following text, then 'chmod +x zoneblock' to make it executable

Just download the zone file you want for the country you want (you can do this using wget), then run Code: