There are so many tools to monitor network such as MRTG, now I am going to explain such tool which monitors bandwidth for a system, ie vnstat(view network statistics). Its very much easy to install and configure.
This tool can give you full details about how much bandwidth used on the basics of,
Per month.
Per week.
Per day.
Per hour.
Per second.
Even we can see live traffic. This is awesome tool .
So all the tools will not only have advantages but also disadvantages, here are they:
1)Can not monitor multiple interfaces at a time.
2)Can not monitor remote host.
3)Can not monitor per host statistics(which is verymuch useful to find the network hogger, if you want per host bandwidth analyser then use iptables counters for it).
Before configuring vnstat, one thing we have to keep in mind that vnstat is a aggregating tool which is required to run at regular intervals to monitor network bandwidth. So by default when we install vnstat a cron job is created at /etc/cron.d folder.
Step1 : installing vnstat
#rpm –ivh vnstat-1.6-2.fc9.i386.rpm
Step2 : Configuring vnstat.
As I mention earlier that vnstat is an aggregate tool so it should run background by using crontab, So first edit the cron job
Vi /etc/cron.d/vnstat
*/5 * * * * vnstat /usr/sbin/vnstat.cron
Add the above line to the file, then save it and exit.
Step3 : Specifying which interface to monitor
#vnstat –I interfacename
Example :
[root@test ~]# vnstat -i eth0
Error :
Unable to read database "/var/lib/vnstat/eth0".
eth0: Not enough data available yet.
Don’t worry about error intitially it will show error because it’s the first time you are executing that command, so it has to create DB.
Step4 : Monitoring bandwidth with different intervals
Type1 : For live traffic
#vmstat –l
-l is nothing but live
Example:
[root@test ~]# vnstat -l
Monitoring eth0... (press CTRL-C to stop)
rx: 8.32 kB/s 30 p/s tx: 0.19 kB/s 0 p/s
eth0 / traffic statistics
rx tx
--------------------------------------+----------------------------------------
bytes 206 kB 4 kB
--------------------------------------+----------------------------------------
max 11.19 kB/s 0.24 kB/s
average 7.96 kB/s 0.19 kB/s
min 6.35 kB/s 0.11 kB/s
--------------------------------------+----------------------------------------
packets 695 16
--------------------------------------+----------------------------------------
max 61 p/s 2 p/s
average 26 p/s 0 p/s
min 9 p/s 0 p/s
--------------------------------------+----------------------------------------
time 26 seconds
Type2 :For monitoring traffic per second
#vmstat –tr 5
This command will monitor bandwidth for 5 seconds and give you the output.
Type3 : For hourly
#vmstat –h
Example :
[root@test ~]# vnstat -h
eth0 21:00
^ r
r
r
r
r
r
r
r
r
r
-+--------------------------------------------------------------------------->
22 23 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21
h rx (kB) tx (kB) h rx (kB) tx (kB) h rx (kB) tx (kB)
22 0 0 06 0 0 14 0 0
23 0 0 07 0 0 15 0 0
00 0 0 08 0 0 16 0 0
01 0 0 09 0 0 17 0 0
02 0 0 10 0 0 18 0 0
03 0 0 11 0 0 19 0 0
04 0 0 12 0 0 20 12,614 41
05 0 0 13 0 0 21 0 0
Type4:For dialy
#vmstat –d
Example :
[root@test ~]# vnstat -d
eth0 / daily
day rx tx total
------------------------+-------------+----------------------------------------
09.09. 12.32 MB 41 kB 12.36 MB %%%%%%%%%%%%%%%%%%%%%%%%%
------------------------+-------------+----------------------------------------
estimated -- -- --
Type5 : For weekly
#vmstat –w
Example :
[root@test ~]# vnstat -w
eth0 / weekly
rx tx total
----------------------------+---------------+--------------
last 7 days 12.32 MB 41 kB 12.36 MB
current week 12.32 MB 41 kB 12.36 MB
----------------------------+---------------+--------------
estimated -- -- --
Type6 : For monthly
#vmstat –m
Example :
[root@test ~]# vnstat -m
eth0 / monthly
month rx tx total
-------------------------+--------------+--------------------------------------
Sep '09 12.32 MB 41 kB 12.36 MB %%%%%%%%%%%%%%%%%%%%%%
-------------------------+--------------+--------------------------------------
How To : FTPS Server Configuration
vsftpd which abrivated to Very Secure File Transfer Demon(vsftpd). But when we see the security prospective of this package there is no much security included with this package. I mean when you login to server the credentials are transfered in plain text. So by defalut root user is not allowed to login to ftp server.
To eliminate transfering data in plain text and to encrypt the entire transmission we can take help from open ssl to generate a certificate and use SSL certificate when communicating with FTP server. This is nothing but a FTPS server.
Some file transfers you should know are.
1. TFTP(Trivial File Transfer Protocol which uses UDP for transmission) –high data rates/not secure
2. (This protocol uses SSH in backend, so you no need to run an FTP server) –secure
3. FTP(This is normal ftp transfer which uses TCP) –not secure
4. FTPS(FTP+SSL certificate to encrypt data transmission)
5. Over SSH(this is a kind of ftp tunnel on SSH protocol)
In this post we will see how you can configure SSL certificate for VSFTPD.
Step1 : Check the following packages on the server and if they are not install please install them.
#yum install openssl
#yum install vsftpd
Step2 : Generate rsa key in /etc/vsftpd folder as below.
#cd /etc/vsftpd
#/usr/bin/openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout vsftpd.pem -out vsftpd.pem
The clipped output for your reference
[root@v-itig42 vsftpd]# /usr/bin/openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout vsftpd.pem -out vsftpd.pem
Generating a 1024 bit RSA private key
....................................................++++++
..........................................++++++
writing new private key to 'vsftpd.pem'
-----
You are about to be asked to enter information that will be incorporated.
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank.
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:IN
State or Province Name (full name) [Berkshire]:Andhra Pradesh
Locality Name (eg, city) [Newbury]:Vijaywada
Organization Name (eg, company) [My Company Ltd]:Linuxnix Systems Limited
Organizational Unit Name (eg, section) []: IT admin Group
Common Name (eg, your name or your server's hostname) []:ftp2.linuxnix.co.in
Email Address []:surendra@linuxnix.co.in
Step3 : Once the Certificate is generated, certificate is kept in /etc/vsftpd folder. We have to provide this entry in vsftpd.conf along some ssl configurations.
Step4 : Edit vsftpd.conf and give enteris at the last of the file.
#vi /etc/vsftpd/vsftpd.conf
#For SSL on specify yes to below option.
ssl_enable=YES
# To allow anonysonomous users to use SSL
allow_anon_ssl=YES
# if you want local users to use both ssl as well unsecure way of transmission of data plz specify no to below option.
force_local_data_ssl=NO
#If you want to allow all the login credentials which are transmitted should be sent with encryption #pleas use below option to force them to use only ssl connection at the time of login.
force_local_logins_ssl=YES
# Permit TLS v1 protocol connections. TLS v1 connections are preferred
ssl_tlsv1=YES
# Permit SSL v2 protocol connections. TLS v1 connections are preferred
ssl_sslv2=NO
# permit SSL v3 protocol connections. TLS v1 connections are preferred
ssl_sslv3=NO
#Please pecifies the location of the RSA certificate to use for SSL encrypted connections
, which we #created some time back.
rsa_cert_file=/etc/vsftpd/vsftpd.pem
Now save and exit the vsftpd file
Step5 : Restart the vsftpd service.
# service vsftpd restart
Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]
Start accessing the ftp server with user name credentials with filezila or some other FTP clients which will support SSL/TSL. If you want to access ftps sites through browsers its not possible. We have to have addon called fireftp. Then only we can access ftps:// site
To eliminate transfering data in plain text and to encrypt the entire transmission we can take help from open ssl to generate a certificate and use SSL certificate when communicating with FTP server. This is nothing but a FTPS server.
Some file transfers you should know are.
1. TFTP(Trivial File Transfer Protocol which uses UDP for transmission) –high data rates/not secure
2. (This protocol uses SSH in backend, so you no need to run an FTP server) –secure
3. FTP(This is normal ftp transfer which uses TCP) –not secure
4. FTPS(FTP+SSL certificate to encrypt data transmission)
5. Over SSH(this is a kind of ftp tunnel on SSH protocol)
In this post we will see how you can configure SSL certificate for VSFTPD.
Step1 : Check the following packages on the server and if they are not install please install them.
#yum install openssl
#yum install vsftpd
Step2 : Generate rsa key in /etc/vsftpd folder as below.
#cd /etc/vsftpd
#/usr/bin/openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout vsftpd.pem -out vsftpd.pem
The clipped output for your reference
[root@v-itig42 vsftpd]# /usr/bin/openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout vsftpd.pem -out vsftpd.pem
Generating a 1024 bit RSA private key
....................................................++++++
..........................................++++++
writing new private key to 'vsftpd.pem'
-----
You are about to be asked to enter information that will be incorporated.
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank.
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:IN
State or Province Name (full name) [Berkshire]:Andhra Pradesh
Locality Name (eg, city) [Newbury]:Vijaywada
Organization Name (eg, company) [My Company Ltd]:Linuxnix Systems Limited
Organizational Unit Name (eg, section) []: IT admin Group
Common Name (eg, your name or your server's hostname) []:ftp2.linuxnix.co.in
Email Address []:surendra@linuxnix.co.in
Step3 : Once the Certificate is generated, certificate is kept in /etc/vsftpd folder. We have to provide this entry in vsftpd.conf along some ssl configurations.
Step4 : Edit vsftpd.conf and give enteris at the last of the file.
#vi /etc/vsftpd/vsftpd.conf
#For SSL on specify yes to below option.
ssl_enable=YES
# To allow anonysonomous users to use SSL
allow_anon_ssl=YES
# if you want local users to use both ssl as well unsecure way of transmission of data plz specify no to below option.
force_local_data_ssl=NO
#If you want to allow all the login credentials which are transmitted should be sent with encryption #pleas use below option to force them to use only ssl connection at the time of login.
force_local_logins_ssl=YES
# Permit TLS v1 protocol connections. TLS v1 connections are preferred
ssl_tlsv1=YES
# Permit SSL v2 protocol connections. TLS v1 connections are preferred
ssl_sslv2=NO
# permit SSL v3 protocol connections. TLS v1 connections are preferred
ssl_sslv3=NO
#Please pecifies the location of the RSA certificate to use for SSL encrypted connections
, which we #created some time back.
rsa_cert_file=/etc/vsftpd/vsftpd.pem
Now save and exit the vsftpd file
Step5 : Restart the vsftpd service.
# service vsftpd restart
Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]
Start accessing the ftp server with user name credentials with filezila or some other FTP clients which will support SSL/TSL. If you want to access ftps sites through browsers its not possible. We have to have addon called fireftp. Then only we can access ftps:// site
Hardening SSH Server In The DMZ(De Militarised Zone)
Its good to harden your box which is in DMZ.
What is DMZ?
Ans : DMZ is a De Militarised Zone where we will be keeping our servers, so that they can be access by out side people. Let me explain more about this DMZ. Who are not familiarise(And this activity is most of the time a Network admin work).
1. DMZ is a place where we will be isolate machines from companies local LAN.
2. These DMZ machines will have different IP address range and subnet.
3. The communication between two machines in DMZ is blocked for security reasons.
4. We cannot login to Local LAN machine from a DMZ machine, but we can login to DMZ machine from local LAN(only one way communication from LAN).
5. Ping to these machines will be disabled(most of the companies will do this for security reasons).
6. The way these machines communicate totally depends on network team what type of rule they set on their routers.
7. The security of DMZ machines are more when compared to local LAN machines(in other ways every thing is restricted to DMZ machines).
8. Only required ports are opened on DMZ machines and remaining ports are in closed or reject state(This should be done on system by Linux admin and on network level done by companies network engineer).
Once you keep your Linux machine in DMZ first and far-most thing to do is to secure SSH logins to the server.
In this post we will see some security measures for SSH to be taken when system is kept in DMZ. Most of the SSH settings are located in /etc/ssh/sshd_config (Red hat/Debian based systems).
1. Set Maximum failed login attempts, so after that many login attempts connection to the server is reseted and once again we have to connect to server.
MaxAuthTries 3
Here I have set failed login attempts to 3.
2. Disable root to login through SSH. This is a good option to force the user not to use root user to login to the server
PermitRootLogin no
Here we set it to no which indicates root can not login.
3. We should disable logging of users who donot have passwords.
PermitEmptyPasswords no
4. Allow only users who have passwords.
PasswordAuthentication yes
5. Specify who should access this server. I can say this one is more secure because SSH will allow only the users who are specified here.
AllowUsers test1 test2
Here I have allowed only two users i.e. test1 and test2.
6. Set-up a login banner to give warnings to the users how are logging in to that server
Banner /etc/ssh-banner
Please specify the warning message in /etc/ssh-banner.
Once done the above changes in /etc/ssh/sshd_config file just reload the ssh server.
Note : Don't restart SSH service on production servers. Its not advisable to do it. so in-order to update your changes always use reload option. Most of the services will support reload option with service command.
#service sshd reload
What is DMZ?
Ans : DMZ is a De Militarised Zone where we will be keeping our servers, so that they can be access by out side people. Let me explain more about this DMZ. Who are not familiarise(And this activity is most of the time a Network admin work).
1. DMZ is a place where we will be isolate machines from companies local LAN.
2. These DMZ machines will have different IP address range and subnet.
3. The communication between two machines in DMZ is blocked for security reasons.
4. We cannot login to Local LAN machine from a DMZ machine, but we can login to DMZ machine from local LAN(only one way communication from LAN).
5. Ping to these machines will be disabled(most of the companies will do this for security reasons).
6. The way these machines communicate totally depends on network team what type of rule they set on their routers.
7. The security of DMZ machines are more when compared to local LAN machines(in other ways every thing is restricted to DMZ machines).
8. Only required ports are opened on DMZ machines and remaining ports are in closed or reject state(This should be done on system by Linux admin and on network level done by companies network engineer).
Once you keep your Linux machine in DMZ first and far-most thing to do is to secure SSH logins to the server.
In this post we will see some security measures for SSH to be taken when system is kept in DMZ. Most of the SSH settings are located in /etc/ssh/sshd_config (Red hat/Debian based systems).
1. Set Maximum failed login attempts, so after that many login attempts connection to the server is reseted and once again we have to connect to server.
MaxAuthTries 3
Here I have set failed login attempts to 3.
2. Disable root to login through SSH. This is a good option to force the user not to use root user to login to the server
PermitRootLogin no
Here we set it to no which indicates root can not login.
3. We should disable logging of users who donot have passwords.
PermitEmptyPasswords no
4. Allow only users who have passwords.
PasswordAuthentication yes
5. Specify who should access this server. I can say this one is more secure because SSH will allow only the users who are specified here.
AllowUsers test1 test2
Here I have allowed only two users i.e. test1 and test2.
6. Set-up a login banner to give warnings to the users how are logging in to that server
Banner /etc/ssh-banner
Please specify the warning message in /etc/ssh-banner.
Once done the above changes in /etc/ssh/sshd_config file just reload the ssh server.
Note : Don't restart SSH service on production servers. Its not advisable to do it. so in-order to update your changes always use reload option. Most of the services will support reload option with service command.
#service sshd reload
File Types In Linux
"How many types of files are there and what are they?" This is a common question to every person who started learing Linux.
Why is this so much important to know file types?
Ans : This is because Linux will consider every thing as files. The Answer to this question is little bit confusing with different answers.
Let me put it in this way to clarify. By default Unix have only 3 types of files..
They are.
1. Regular files
2. Directory files
3. Special files(This is the file type who is the culprit for different answers. This catagory is having 5 sub types.)
So Total file types in Linux are 7. Remeber I am saying in linux there are only 7 types of files but if it comes to unix it is 8 types.
Here are those files. And you can see the file type indication at leftmost part of “ls -l” command
1. Regular file(-)
2. Directory files(d)
Special files
3. Block file(b)
4. Character device file(c)
5. Named pipe file or just a pipe file(p)
6. Symbolic link file(l)
7. Socket file(s)
For your information there is one more file called door files(D) which is present in Sun Solaris. A door is a special file for inter-process communication between a client and server(so total 8 types in Unix machines.).
Regular files : These are the files are indicated with "-" in ls -l output. And these files are.1. Readable files or
2. A binary files or
3. Image files or
4. Compressed files etc.
How to create them?
Ans : Use touch command.
Example listing of regular files :-rw-r--r-- 1 krishna krishna 20986522 2010-01-31 13:48 test.wmv
-rw-r--r-- 1 krishna krishna 173448 2010-01-30 21:20 Transformers-Teaser-Wallpaper-310.jpg
-r-xr-xr-x 1 root root 135168 2009-12-12 19:14 VIDEO_TS.VOB
-rw-r--r-- 1 krishna krishna 2113536 2009-12-01 13:32 Aditya 365 – Janavule.mp3
-rwxrwxrwx 1 root root 168 2010-02-14 14:12 xyz.sh
Directory files : These contains the name and location of files/folders/special files stored on a physical device. And this type of files will be in blue in color.
How to create them?
Ans : Use mkdir command
Example listing of directories.drwxr-xr-x 2 surendra surendra 4096 2010-01-19 18:37 bin
drwxr-xr-x 5 surendra surendra 4096 2010-02-15 18:46 Desktop
drwxr-xr-x 2 surendra surendra 4096 2010-01-18 14:36 Documents
drwxr-xr-x 2 surendra surendra 4096 2010-02-13 17:45 Downloads
Block files : These files are hardware files most are present in /dev
How to create them?
Ans : Use fdisk command or create virtual partition.
Example listing of Block files(for you to see these file, they are located in /dev).
brw-rw---- 1 root disk 8, 1 2010-02-15 09:35 sda1
brw-rw---- 1 root disk 8, 2 2010-02-15 09:35 sda2
brw-rw---- 1 root disk 8, 5 2010-02-15 09:35 sda5
Character devices files : Provide only a serial stream of input or output.
Example listing of character files(located in /dev)
crw-rw-rw- 1 root tty 5, 0 2010-02-15 16:52 tty
crw--w---- 1 root root 4, 0 2010-02-15 09:35 tty0
crw------- 1 root root 4, 1 2010-02-15 09:35 tty1
Pipe files : The other sort of pipe is a “named” pipe, which is sometimes called a FIFO. FIFO stands for “First In, First Out” and refers to the property that the order of bytes going in is the same coming out. The “name” of a named pipe is actually a file name within the file system. --www.linux.com
How to create them?Ans : Use mkfifo command.
Example listing of pipe files
prw-r----- 1 root root 0 2010-02-15 09:35 /dev/.initramfs/usplash_outfifo
prw-r----- 1 root root 0 2010-02-15 09:35 /dev/.initramfs/usplash_fifo
prw------- 1 syslog syslog 0 2010-02-15 15:38 /var/run/rsyslog/kmsg
Sybolic link files : These are linked files to other files.
How to create them?
Ans : use ln command
Example listing of linked files
lrwxrwxrwx 1 root root 24 2010-02-15 09:35 sndstat -> /proc/asound/oss/sndstat
lrwxrwxrwx 1 root root 15 2010-02-15 09:35 stderr -> /proc/self/fd/2
lrwxrwxrwx 1 root root 15 2010-02-15 09:35 stdin -> /proc/self/fd/0
lrwxrwxrwx 1 root root 15 2010-02-15 09:35 stdout -> /proc/self/fd/1
Socket files : A socket file is used to pass information between applications for communication purpose
How to create them?
Ans : You can create a socket file using socket() system call avialable under
Example
int sockfd = socket(AF_INET, SOCK_STREAM, 0);
You can refer to this socket file using the sockfd. This is same as the file descriptor, and you can use read(), write() system calls to read and write from the socket.
Example listing of socket files.
srw-rw-rw- 1 root root 0 2010-02-15 09:35 /dev/log
srwxrwxrwx 1 root root 0 2010-02-15 10:07 /var/run/cups/cups.sock
srwxrwxrwx 1 root root 0 2010-02-15 09:35 /var/run/samba/winbindd_privileged/pipe
srwxrwxrwx 1 mysql mysql 0 2010-02-15 09:35 /var/run/mysqld/mysqld.sock
A tip for you guys.
How to find your desired type of a file ?Ans : Use find command with -type option.
For example if you want to find socket file, just use below command.find / -type sIf you want to find linked file then how?Find / -type l
Why is this so much important to know file types?
Ans : This is because Linux will consider every thing as files. The Answer to this question is little bit confusing with different answers.
Let me put it in this way to clarify. By default Unix have only 3 types of files..
They are.
1. Regular files
2. Directory files
3. Special files(This is the file type who is the culprit for different answers. This catagory is having 5 sub types.)
So Total file types in Linux are 7. Remeber I am saying in linux there are only 7 types of files but if it comes to unix it is 8 types.
Here are those files. And you can see the file type indication at leftmost part of “ls -l” command
1. Regular file(-)
2. Directory files(d)
Special files
3. Block file(b)
4. Character device file(c)
5. Named pipe file or just a pipe file(p)
6. Symbolic link file(l)
7. Socket file(s)
For your information there is one more file called door files(D) which is present in Sun Solaris. A door is a special file for inter-process communication between a client and server(so total 8 types in Unix machines.).
Regular files : These are the files are indicated with "-" in ls -l output. And these files are.1. Readable files or
2. A binary files or
3. Image files or
4. Compressed files etc.
How to create them?
Ans : Use touch command.
Example listing of regular files :-rw-r--r-- 1 krishna krishna 20986522 2010-01-31 13:48 test.wmv
-rw-r--r-- 1 krishna krishna 173448 2010-01-30 21:20 Transformers-Teaser-Wallpaper-310.jpg
-r-xr-xr-x 1 root root 135168 2009-12-12 19:14 VIDEO_TS.VOB
-rw-r--r-- 1 krishna krishna 2113536 2009-12-01 13:32 Aditya 365 – Janavule.mp3
-rwxrwxrwx 1 root root 168 2010-02-14 14:12 xyz.sh
Directory files : These contains the name and location of files/folders/special files stored on a physical device. And this type of files will be in blue in color.
How to create them?
Ans : Use mkdir command
Example listing of directories.drwxr-xr-x 2 surendra surendra 4096 2010-01-19 18:37 bin
drwxr-xr-x 5 surendra surendra 4096 2010-02-15 18:46 Desktop
drwxr-xr-x 2 surendra surendra 4096 2010-01-18 14:36 Documents
drwxr-xr-x 2 surendra surendra 4096 2010-02-13 17:45 Downloads
Block files : These files are hardware files most are present in /dev
How to create them?
Ans : Use fdisk command or create virtual partition.
Example listing of Block files(for you to see these file, they are located in /dev).
brw-rw---- 1 root disk 8, 1 2010-02-15 09:35 sda1
brw-rw---- 1 root disk 8, 2 2010-02-15 09:35 sda2
brw-rw---- 1 root disk 8, 5 2010-02-15 09:35 sda5
Character devices files : Provide only a serial stream of input or output.
Example listing of character files(located in /dev)
crw-rw-rw- 1 root tty 5, 0 2010-02-15 16:52 tty
crw--w---- 1 root root 4, 0 2010-02-15 09:35 tty0
crw------- 1 root root 4, 1 2010-02-15 09:35 tty1
Pipe files : The other sort of pipe is a “named” pipe, which is sometimes called a FIFO. FIFO stands for “First In, First Out” and refers to the property that the order of bytes going in is the same coming out. The “name” of a named pipe is actually a file name within the file system. --www.linux.com
How to create them?Ans : Use mkfifo command.
Example listing of pipe files
prw-r----- 1 root root 0 2010-02-15 09:35 /dev/.initramfs/usplash_outfifo
prw-r----- 1 root root 0 2010-02-15 09:35 /dev/.initramfs/usplash_fifo
prw------- 1 syslog syslog 0 2010-02-15 15:38 /var/run/rsyslog/kmsg
Sybolic link files : These are linked files to other files.
How to create them?
Ans : use ln command
Example listing of linked files
lrwxrwxrwx 1 root root 24 2010-02-15 09:35 sndstat -> /proc/asound/oss/sndstat
lrwxrwxrwx 1 root root 15 2010-02-15 09:35 stderr -> /proc/self/fd/2
lrwxrwxrwx 1 root root 15 2010-02-15 09:35 stdin -> /proc/self/fd/0
lrwxrwxrwx 1 root root 15 2010-02-15 09:35 stdout -> /proc/self/fd/1
Socket files : A socket file is used to pass information between applications for communication purpose
How to create them?
Ans : You can create a socket file using socket() system call avialable under
Example
int sockfd = socket(AF_INET, SOCK_STREAM, 0);
You can refer to this socket file using the sockfd. This is same as the file descriptor, and you can use read(), write() system calls to read and write from the socket.
Example listing of socket files.
srw-rw-rw- 1 root root 0 2010-02-15 09:35 /dev/log
srwxrwxrwx 1 root root 0 2010-02-15 10:07 /var/run/cups/cups.sock
srwxrwxrwx 1 root root 0 2010-02-15 09:35 /var/run/samba/winbindd_privileged/pipe
srwxrwxrwx 1 mysql mysql 0 2010-02-15 09:35 /var/run/mysqld/mysqld.sock
A tip for you guys.
How to find your desired type of a file ?Ans : Use find command with -type option.
For example if you want to find socket file, just use below command.find / -type sIf you want to find linked file then how?Find / -type l
RSYNC --The tool to copy
Recently I came accross rsync utility... Its an awesome command it is a sub service under xinetd along with some other services such as tftp, rcp, rsh, rlogin, telnet etc..
Let us list advantages of this command then we will know how to configure it.
Advantages of rsync :
1. This tool will keep both the destination and source folder synced.
2. rsync is fast, because it will not copy entire data every time it got synced, it just copes the date which got changed from previous copy.
3. For security reasons, rsync will support ssh to transfer data between two machines.
4. rsync is used to download RPM updated repository to local machine.
And lot more advantages are there.. please share your valuable experiences here.
Configuration : rsync
Some points to be remembered when dealing with rsync
* This utility is the part of xinetd so there is no special package for this.
* When we are doing rsync between two systems, both the systems should be configured to allow rsync connections.
* rsync uses 873.
Step1 : Install xinetd package, if you want to configure yum server click here.
#yum install xinetd
Step2 : Configure rsync to allow connections, the configuration file for rsync is located in /etc/xinetd.d
#cd /etc/xinetd.d
#vi rsync
# default : off
# description: The rsync server is a good addition to an ftp server, as it \
# allows crc checksumming etc.
service rsync
{
disable = yes
socket_type = stream
wait = no
user = root
server = /usr/bin/rsync
server_args = --daemon
log_on_failure += USERID
}
In this configuration file just change disable = yes to no, then save the file and exit. Here is the updated configured file.
# description: The rsync server is a good addition to an ftp server, as it \
# allows crc checksumming etc.
service rsync
{
disable = no
socket_type = stream
wait = no
user = root
server = /usr/bin/rsync
server_args = --daemon
log_on_failure += USERID
}
Step3 : Start the rsync service, so how to do it? As i mention earlier that rsync is a part of xinetd service so just restart the xinetd service.
#service xinetd restart
Step4 : Permanently on the service
#chkconfig rsync --levels 345 on
Let us list advantages of this command then we will know how to configure it.
Advantages of rsync :
1. This tool will keep both the destination and source folder synced.
2. rsync is fast, because it will not copy entire data every time it got synced, it just copes the date which got changed from previous copy.
3. For security reasons, rsync will support ssh to transfer data between two machines.
4. rsync is used to download RPM updated repository to local machine.
And lot more advantages are there.. please share your valuable experiences here.
Configuration : rsync
Some points to be remembered when dealing with rsync
* This utility is the part of xinetd so there is no special package for this.
* When we are doing rsync between two systems, both the systems should be configured to allow rsync connections.
* rsync uses 873.
Step1 : Install xinetd package, if you want to configure yum server click here.
#yum install xinetd
Step2 : Configure rsync to allow connections, the configuration file for rsync is located in /etc/xinetd.d
#cd /etc/xinetd.d
#vi rsync
# default : off
# description: The rsync server is a good addition to an ftp server, as it \
# allows crc checksumming etc.
service rsync
{
disable = yes
socket_type = stream
wait = no
user = root
server = /usr/bin/rsync
server_args = --daemon
log_on_failure += USERID
}
In this configuration file just change disable = yes to no, then save the file and exit. Here is the updated configured file.
# description: The rsync server is a good addition to an ftp server, as it \
# allows crc checksumming etc.
service rsync
{
disable = no
socket_type = stream
wait = no
user = root
server = /usr/bin/rsync
server_args = --daemon
log_on_failure += USERID
}
Step3 : Start the rsync service, so how to do it? As i mention earlier that rsync is a part of xinetd service so just restart the xinetd service.
#service xinetd restart
Step4 : Permanently on the service
#chkconfig rsync --levels 345 on
Subscribe to:
Posts (Atom)
