Basic Rsync server setup

1. Install rsync

2. nano /etc/rsyncd.conf

-----------------------------------

  max connections = 2
log file = /var/log/rsync.log
timeout = 300

[pub]
comment = apa-apa aje
path = /path/ke/public/share
read only = yes
list = yes
uid = nobody
gid = nobody
auth users = pub
;hosts allow = 192.168.1.0/24
secrets file = /etc/rsyncd.secrets

----------------------------------

3. chmod a+r /path/tadi/laa

4. nano /etc/rsyncd.secrets dan masukkan

username:password
cth:
pub:pub

5. sebagai root chmod 600 /etc/rsyncd.secrets utk sekuriti

6. Setengah distro guna inetd dan setengah lagi guna xinetd..
pastikan mana satu daa

buat ni:-

1. Jika inetd : "/etc/inetd.conf":

   rsync stream tcp nowait root /path/ke/rsync rsync --daemon

2. Jika xinetd, ada kalanya file "/etc/xinetd.d/rsync" sudah ada jadi
   lakukan perubahan pada:

   
   disable = yes

   jadi:

     disable = no

   sekiranya file tadi tak ada.. buat file tu dan masukkan:

     service rsync
   {
   disable         = no
   socket_type     = stream
   wait            = no
   user            = root
   server          = /usr/bin/rsync
   server_args     = --daemon
   log_on_failure  += USERID
   }
   

7. kalau nak tukar port rsync ( default 873 )
boleh tukar di /etc/services


8. killall -HUP inetd atau killall -HUP xinetd
untuk restart inetd dan xinetd

Test??
rsync rsync://pub@server-ko-la/
rsync rsync://pub@server-ko-la/pub/

utk download

rsync -v --progress --partial rsync://pub@server-ko-la/pub/fail
rsync -aPv rsync://pub@server-ko-la/pub/folder

gunakan cron utk sync folder seperti berikut

15 1 * * *      rsync -vazL rsync://pub@server-ko/pub/ /var/www/

Squid - custom external IP

TIPS:

masuk dalam squid.conf

acl from_ip1 myip 192.168.1.0/255.255.255.0
acl from_ip2 myip 192.168.2.0/255.255.255.0
acl from_ip3 myip 192.168.3.1


tcp_outgoing_address 99.99.99.1 from_ip1
tcp_outgoing_address 99.99.99.2 from_ip2
tcp_outgoing_address 99.99.99.3 from_ip3
tcp_outgoing_address 99.99.99.4 # default

Web server di belakang Firewall ( iptables )?

iptables -t nat -A PREROUTING -i $WAN_DEV -p tcp -d $WAN_IP --dport 80 -j DNAT --to-destination $INT_SERVER
iptables -t nat -A POSTROUTING -s $INT_SERVER -p tcp --sport 80 -o $WAN_DEV -j SNAT --to-source $WAN_IP
iptables -t nat -A POSTROUTING -s $LAN/$LAN_NMASK -o $WAN_DEV -j SNAT --to-source $WAN_IP


selesai masalah

Openvpn config - Client

sambungan daa...

=========== client.conf =================

client

;dev tap
dev tun

;windows only
dev-node tapdev

;proto tcp
proto udp

remote server.aku.com 1194

;kalau banyak server... load balance sini
;remote-random

;resolve vpn server hostname
resolv-retry infinite

;tok se bind ko port
nobind

# non-Windows only
;user nobody
;group nobody

# Try to preserve some state across restarts.
persist-key
persist-tun

;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]

# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
mute-replay-warnings

# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca ca.crt
cert mynux.crt
key mynux.key

comp-lzo

# Set log file verbosity.
verb 3

# Silence repeating messages
mute 20

#Pull info dari server, viz. server-side LAN IP's for gateway and DNS
pull

#utk redirect semua traffic ke vpn server
#redirect-gateway

=========== tamat heee ==========================

Openvpn config - Server

Ni config yang aku dah guna kat server aku.. config client tu utk windows...
tak de beza sangat.. cuma perlu comment dev-node dan user/group je laaa
kalau utk linux

======== server.conf ===============

tls-server
port 1194
proto udp
dev tun
ca /ca.crt
cert /server.crt
key /server.key
dh /dh1024.pem
server 10.10.10.0 255.255.255.0
ifconfig-pool-persist /etc/openvpn/ipp.txt
;kalau nak route LAN di server ke VPN Client kene buat ni
;push "route 192.168.3.0 255.255.255.0"
;yang ni akan jadikan default gateway traffic vpn client ke server
push "redirect-gateway"
;ni utk client
push "dhcp-option DNS 202.188.0.133"
push "dhcp-option DNS 202.188.1.5"
push "dhcp-option WINS 10.10.10.1"
;semua vpn client blh nampak antara satu sama lain
client-to-client
;kongsi certificate/key
;duplicate-cn
;ping setiap 10 saat..timeout 120 ( akan dianggap client disconnected )
keepalive 10 120
comp-lzo
max-clients 10
user nobody
group nobody
persist-key
persist-tun
status /etc/openvpn/openvpn-status.log
log-append /etc/openvpn/openvpn.log
verb 3
mute 20
daemon



======== tamat server.conf ===========

Masalah Font

sejak dulu sampai sekarang aku pakai KDE ke GNOME ke slalu kena adjust dia punya font... zeng!! memang linux belum ready utk desktop... kebiasaanya aku pakai redhat punya font.. load kat debian atau slack..

download Liberation font di https://www.redhat.com/promo/fonts

extract dan install font
kalau manual.. masukkan dalam

~/.fonts/
/usr/local/share/fonts

dan lain2 yang ada dalam /etc/X11/xorg.conf

kemudian reboot atau #sudo fc-cache -fvs

logoff dari KDE kemudian relogin..

checking for X... configure: error: Can't find X libraries. Please check your in

adeh...

#sudo apt-get install kdelibs-dev

selesai masalah..

Bonding Dengan Debian

Setup bonding dengan kernel 2.4

Kena install ifenslave-2.4 dulu.. untuk kernel 2.6 gantikan ifenslave-2.4 dengan ifenslave-2.6

#apt-get update
#apt-get install ifenslave-2.4

Pastikan modules utk network card tu loaded automatically

edit /etc/network/interfaces jadi :-

iface bond0 inet static
address 10.20.1.5
netmask 255.255.255.0
network 10.20.1.0
gateway 10.20.1.1
up /sbin/ifenslave bond0 eth0
up /sbin/ifenslave bond0 eth1

kemudian tambah pada /etc/modutils/arch/i386

alias bond0 bonding
options bonding mode=1 miimon=100 downdelay=200 updelay=200

save dan exit

kemudian run:-

#update-modules