kernel behavior on panic

By default, the kernel will not reboot after a panic, there is an option that you can set as a kernel parameter on grub.conf that will cause a kernel reboot after N seconds. For example following boot parameter will force to reboot Linux after 10 seconds :

kernel /vmlinuz-2.6.18-128.1.16.el5 ro root=/dev/VolGroup00/LogVol00 panic=10

Slackware – Apache 2 and PHP Installation

If you need to use php on apache , after installing slackware , there is dummy package that won’t install with default installation process .

# wget http://mirrors.usc.edu/pub/linux/distributions/slackware\ /slackware-13.0/slackware/l/t1lib-5.1.2-i486-1.txz # installpkg t1lib-5.1.2-i486-1.txz # echo "Include /etc/httpd/mod_php.conf" >> /etc/httpd/httpd.conf # apachectl restart

Slackware boot on CCISS Dev

Today , after Installing Slackware 13 on HP DL360 , i found out that lilo can not write the MBR and eventually the OS could not be loaded !
After a bit Googling, i solved my problem , here is the solution :

After Slackware installation finished , before rebooting to OS follow the below commands:

# mkdir /mnt/root # mount /dev/cciss/c0d0p1 /mnt/root (c0d0p1 is my / Partition) # mount -o bind /dev /mnt/root/dev # mount -t proc none /mnt/root/proc # chroot /mnt/root

After chrooting edit your lilo configuration file and change boot device:

boot = /dev/cciss/c0d0p4

and then :

# lilo -M /dev/cciss/c0d0 mbr # lilo

and then reboot to your new OS .

Slackware 13 -> Kernel 2.6.31, iptables-1.4.5 + l7-filter + TARPIT + ipp2p

————— Download and Extracting Packages:

# cd /usr/src
# wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.31.tar.bz2
# wget http://iptables.org/projects/iptables/files/iptables-1.4.5.tar.bz2
# wget http://enterprise.bih.harvard.edu/pub/tarpit-updates/iptables-1.4.2-tarpit.diff
# wget http://ufpr.dl.sourceforge.net/sourceforge/xtables-addons/xtables-addons-1.18.tar.bz2
# wget http://ufpr.dl.sourceforge.net/sourceforge/l7-filter/netfilter-layer7-v2.22.tar.gz
# wget http://ufpr.dl.sourceforge.net/sourceforge/l7-filter/l7-protocols-2009-05-28.tar.gz

# for archive in *.bz2; do tar -jxf $archive;done
# for archive in *.gz; do tar -zxf $archive;done

————— Creating symbolic links:

# ln -s linux-2.6.31 linux
# ln -s iptables-1.4.5 iptables
# ln -s xtables-addons-1.18 xtables-addons

————— Patching Kernel and Kernel Compile :

# cd /usr/src/linux
# patch -p1 < ../netfilter-layer7-v2.22/kernel-2.6.25-2.6.28-layer7-2.22.patch 
# make menuconfig
		Networking options  --->
		...
		...
		[*] Network packet filtering framework (Netfilter)  --->
	           Core Netfilter Configuration  --->
			 Netfilter connection tracking support
			...
			...
			 "layer7" match support

# make all && make modules_install
# cp arch/i386/boot/bzImage /boot/vmlinuz-2.6.31-l7
# cp System.map /boot/System.map-2.6.31-l7
# cp .config /boot/config-2.6.31-l7
# vi /etc/lilo.conf
      
default = Sl-2.6.31

image = /boot/vmlinuz-2.6.31-l7
  root = /dev/sda2
  label = Sl-2.6.31
  read-only
# lilo
# Reboot

————— Patching and installing iptables 1.4.5:

# cd /usr/src/iptables/extensions 
# cp ../../netfilter-layer7-v2.22/iptables-1.4.3forward-for-kernel-2.6.20forward/libxt_layer7.* .
# sed -i 's/exit_error(/xtables_error(/' libxt_layer7.c 
# cd ..
# patch -p1 -NE < ../iptables-1.4.2-tarpit.diff 
# cp /usr/src/linux/include/asm-generic/bitsperlong.h /usr/src/linux/include/asm/
# ./configure --with-ksource=/usr/src/linux \
--prefix=/usr --with-xtlibdir=/lib/xtables --libdir=/lib --enable-libipq --enable-devel 
# make && make install
# cd /usr/src/l7-protocols-2009-05-28/
# make install

————— Xtables-addons compile:

# cd /usr/src/xtables-addons 
# ./configure  --with-xtables=/lib  --prefix=/usr \
--mandir=/usr/share/man --infodir=/usr/share/info --libexecdir=/lib  \
--with-ksource=/usr/src/linux --includedir=/usr/include/ 
# make && make install

————— Testing the Installation:

# iptables -j TARPIT -h
# iptables -m ipp2p  -h
# iptables -m layer7 -h

Thanks to:
http://www.ecualug.org
http://www.altctrldel.com

Squid as a reverse proxy (Web Accelerator)

Web Server IP Address –> 192.168.0.1
Public IP address (The Address that Squid will listen on to handle web requests) –> 10.10.10.10
web Server FQDN name —> https://linax.wordpress.com

# cd /usr/local/src/
# wget http://www.squid-cache.org/Versions/v2/2.7/squid-2.7.STABLE6.tar.bz2
# tar -jxf squid-2.7.STABLE6.tar.bz2
# cd squid-2.7.STABLE6/
# ./configure  --prefix=/opt/squid2.7 --disable-internal-dns \
 --enable-forward-log  --enable-follow-x-forwarded-for  --enable-snmp \
--enable-linux-netfilter  --enable-http-violations  --enable-delay-pools \
--enable-storeio=diskd,aufs,ufs,coss  --with-coss-membuf-size=8388608  --with-large-files \
--enable-large-cache-files  --with-maxfd=8192  --enable-async-io=64  \
--enable-removal-policies=lru,heap --enable-useragent-log  --enable-referer-log  \
--enable-err-languages=English  --enable-default-err-language=English
# make && make install
# cd /opt/squid2.7/etc/
# cp squid.conf{,-bak}

here is my squid.conf :
—————————————————————
# cat squid.conf

acl all src all acl web-server dst 192.168.0.1/255.255.255.255 acl http_port port 80 acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow web-server http_port all http_access deny all deny_info https://linax.wordpress.com/ all icp_access deny all http_port 10.10.10.10:80 accel defaultsite=linax.wordpress.com cache_peer 192.168.0.1 parent 80 0 no-query originserver default icp_port 0 hierarchy_stoplist cgi-bin ? cache_mem 1024 MB maximum_object_size_in_memory 128 KB cache_dir aufs /opt/squid2.7/var/cache 4096 16 256 cache_replacement_policy heap LFUDA memory_replacement_policy heap GDSF maximum_object_size 104857 KB access_log /opt/squid2.7/var/logs/access.log squid logfile_rotate 1 refresh_pattern cgi-bin 1 40% 2 refresh_pattern \.asp$ 1 40% 2 refresh_pattern \.acgi$ 1 40% 2 refresh_pattern \.cgi$ 1 40% 2 refresh_pattern \.pl$ 1 40% 2 refresh_pattern \.shtml$ 1 40% 2 refresh_pattern \.php3$ 1 40% 2 refresh_pattern \? 1 40% 2 refresh_pattern \.gif$ 10080 90% 43200 reload-into-ims refresh_pattern \.jpg$ 10080 90% 43200 reload-into-ims refresh_pattern \.bom\.gov\.au 30 20% 120 reload-into-ims refresh_pattern \.html$ 480 50% 22160 reload-into-ims refresh_pattern \.htm$ 480 50% 22160 reload-into-ims refresh_pattern \.class$ 10080 90% 43200 reload-into-ims refresh_pattern \.zip$ 10080 90% 43200 reload-into-ims refresh_pattern \.jpeg$ 10080 90% 43200 reload-into-ims refresh_pattern \.mid$ 10080 90% 43200 reload-into-ims refresh_pattern \.shtml$ 480 50% 22160 reload-into-ims refresh_pattern \.exe$ 10080 90% 43200 reload-into-ims refresh_pattern \.thm$ 10080 90% 43200 reload-into-ims refresh_pattern \.wav$ 10080 90% 43200 reload-into-ims refresh_pattern \.txt$ 10080 90% 43200 reload-into-ims refresh_pattern \.cab$ 10080 90% 43200 reload-into-ims refresh_pattern \.au$ 10080 90% 43200 reload-into-ims refresh_pattern \.mov$ 10080 90% 43200 reload-into-ims refresh_pattern \.xbm$ 10080 90% 43200 reload-into-ims refresh_pattern \.ram$ 10080 90% 43200 reload-into-ims refresh_pattern \.avi$ 10080 90% 43200 reload-into-ims refresh_pattern \.chtml$ 480 50% 22160 reload-into-ims refresh_pattern \.thb$ 10080 90% 43200 reload-into-ims refresh_pattern \.dcr$ 10080 90% 43200 reload-into-ims refresh_pattern \.bmp$ 10080 90% 43200 reload-into-ims refresh_pattern \.phtml$ 480 50% 22160 reload-into-ims refresh_pattern \.mpg$ 10080 90% 43200 reload-into-ims refresh_pattern \.pdf$ 10080 90% 43200 reload-into-ims refresh_pattern \.art$ 10080 90% 43200 reload-into-ims refresh_pattern \.swf$ 10080 90% 43200 reload-into-ims refresh_pattern \.mp3$ 10080 90% 43200 reload-into-ims refresh_pattern \.ra$ 10080 90% 43200 reload-into-ims refresh_pattern \.spl$ 10080 90% 43200 reload-into-ims refresh_pattern \.viv$ 10080 90% 43200 reload-into-ims refresh_pattern \.doc$ 10080 90% 43200 reload-into-ims refresh_pattern \.gz$ 10080 90% 43200 reload-into-ims refresh_pattern \.Z$ 10080 90% 43200 reload-into-ims refresh_pattern \.tgz$ 10080 90% 43200 reload-into-ims refresh_pattern \.tar$ 10080 90% 43200 reload-into-ims refresh_pattern \.vrm$ 10080 90% 43200 reload-into-ims refresh_pattern \.vrml$ 10080 90% 43200 reload-into-ims refresh_pattern \.aif$ 10080 90% 43200 reload-into-ims refresh_pattern \.aifc$ 10080 90% 43200 reload-into-ims refresh_pattern \.aiff$ 10080 90% 43200 reload-into-ims refresh_pattern \.arj$ 10080 90% 43200 reload-into-ims refresh_pattern \.c$ 10080 90% 43200 reload-into-ims refresh_pattern \.cpt$ 10080 90% 43200 reload-into-ims refresh_pattern \.dir$ 10080 90% 43200 reload-into-ims refresh_pattern \.dxr$ 10080 90% 43200 reload-into-ims refresh_pattern \.hqx$ 10080 90% 43200 reload-into-ims refresh_pattern \.jpe$ 10080 90% 43200 reload-into-ims refresh_pattern \.lha$ 10080 90% 43200 reload-into-ims refresh_pattern \.lzh$ 10080 90% 43200 reload-into-ims refresh_pattern \.midi$ 10080 90% 43200 reload-into-ims refresh_pattern \.movie$ 10080 90% 43200 reload-into-ims refresh_pattern \.mp2$ 10080 90% 43200 reload-into-ims refresh_pattern \.mpe$ 10080 90% 43200 reload-into-ims refresh_pattern \.mpeg$ 10080 90% 43200 reload-into-ims refresh_pattern \.mpga$ 10080 90% 43200 reload-into-ims refresh_pattern \.pl$ 10080 90% 43200 reload-into-ims refresh_pattern \.ppt$ 10080 90% 43200 reload-into-ims refresh_pattern \.ps$ 10080 90% 43200 reload-into-ims refresh_pattern \.qt$ 10080 90% 43200 reload-into-ims refresh_pattern \.qtm$ 10080 90% 43200 reload-into-ims refresh_pattern \.ras$ 10080 90% 43200 reload-into-ims refresh_pattern \.sea$ 10080 90% 43200 reload-into-ims refresh_pattern \.sit$ 10080 90% 43200 reload-into-ims refresh_pattern \.tif$ 10080 90% 43200 reload-into-ims refresh_pattern \.tiff$ 10080 90% 43200 reload-into-ims refresh_pattern \.snd$ 10080 90% 43200 reload-into-ims refresh_pattern \.wrl$ 10080 90% 43200 reload-into-ims refresh_pattern ^ftp: 1440 60% 22160 refresh_pattern ^gopher: 1440 20% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 480 50% 22160 reload-into-ims quick_abort_min 32 KB quick_abort_max 32 KB quick_abort_pct 95 acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9] upgrade_http0.9 deny shoutcast acl apache rep_header Server ^Apache broken_vary_encoding allow apache coredump_dir /opt/squid2.7/var/cache cache_mgr nasser@linax.wordpress.com visible_hostname linax.wordpress.com dns_children 8 forwarded_for on emulate_httpd_log on redirect_rewrites_host_header off buffered_logs on

—————————————————————
First Start:

# mkdir /opt/squid2.7/var/cache
# chown -R nobody:nobody /opt/squid2.7/var/cache
# /opt/squid2.7/sbin/squid -z

# /opt/squid2.7/sbin/squid -D

Thanks to Pejman Moghadam