General

Cisco Tricks

Feb 6th

Posted by admin in General

No comments

Have an unsupported gbic module ?

enable
show interfaces status err-disabled

conf t
no errdisable detect cause gbic-invalid
service unsupported-transceiver
wr

 

,

Postfix smart hot with gmail

Jan 2nd

Posted by admin in General

No comments

Installation de Postfix

apt-get install postfix

 

configurationType of mail server : Satellite System
    • Mail Name : example.org (the name you want on your outbound mail)
    • SMTP relay host : smtp.gmail.com
    • Postmaster : I left this blank
    • Other destinations : I left this blank
    • Synchronous Queues : your choice, won’t impact the relaying
    • Network blocks to allow relay : default (unless you know what your doing)
    • Mailbox size : your choice, won’t impact relaying
    • Local address : i left this as ‘+’
    • Listen Address : all, your choice
Editer le fichier de config
vi /etc/postfix/main.cf

smtp_use_tls=yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous

 

Création du fichier de sasl_passwd
vi /etc/postfix/sasl_passwd

smtp.gmail.com some.user@gmail.com:PASSWORD
Rebuild Hash
postmap /etc/postfix/sasl_passwd

 

Restart postfix
/etc/init.d/postfix restart

 

On sécurise un peu
chmod 640 /etc/postfix/sasl_passwd*
chown postfix.postfix /etc/postfix/sasl_passwd*

 

 

,

Plesk – Migrate DB

Oct 26th

Posted by admin in General

No comments

On source server backup the database. You may use the following command:

source ~# mysqldump -uadmin -p`cat /etc/psa/.psa.shadow` DATADASE_NAME > DATADASE_NAME.dump

On destination server create database DATADASE_NAME on domain DOMAIN.NAME with Plesk CLI /usr/local/psa/bin/database. Assign the same user and password:

destination ~# /usr/local/psa/bin/database --create DATADASE_NAME -domain DOMAIN.NAME -type mysql -passwd DB_USER_PASSWD  -passwd_type plain -add_user DB_USER_NAME -server localhost

Database creation through Plesk CLI /usr/local/psa/bin/database will update Plesk database with appropriate user and password correctly. Run the utility wit “–help” to get list of all available options. After creation it is possible to login to the database through DB WebAdmin in Parallels Plesk Panel on destination server: Domains -> DOMAIN.NAME -> Databases -> DATADASE_NAME -> DB WebAdmin

On destination server restore content of the database from the dump created on source server:

destination ~# mysql -uadmin -p`cat /etc/psa/.psa.shadow` DATADASE_NAME < DATADASE_NAME.dump

 

 

, ,
wireshark

Wireshark Filters

Oct 13th

Posted by admin in General

No comments

 

he filtering capabilities of Wireshark are very comprehensive. You can filter on just about any field of any protocol, even down to the HEX values in a data stream. Sometimes though, the hardest part about setting a filter in Wireshark is remembering the syntax! So below are the top 10 display filters that I use in Wireshark.

 

  1. ip.addr == 10.0.0.1 [Sets a filter for any packet with 10.0.0.1, as either the source or dest]
  2. ip.addr==10.0.0.1  && ip.addr==10.0.0.2 [sets a conversation filter between the two defined IP addresses]
  3. http or dns [sets a filter to display all http and dns]
  4. tcp.port==4000 [sets a filter for any TCP packet with 4000 as a source or dest port]
  5. tcp.flags.reset==1 [displays all TCP resets]
  6. http.request [displays all HTTP GET requests]
  7. tcp contains traffic [displays all TCP packets that contain the word ‘traffic’. Excellent when searching on a specific string or user ID]
  8. !(arp or icmp or dns) [masks out arp, icmp, dns, or whatever other protocols may be background noise. Allowing you to focus on the traffic of interest]
  9. udp contains 33:27:58 [sets a filter for the HEX values of 0x33 0x27 0x58 at any offset]
  10. tcp.analysis.retransmission [displays all retransmissions in the trace. Helps when tracking down slow application performance and packet loss]
,

Hot adding or removing a Cisco 3750 from a stack

Sep 19th

Posted by admin in General

No comments

When using a Cisco 3750 stack connected through stackwise technology you can add or remove a Cisco switch while the stack stays on. If you are adding or removing a switch from the stack, it is very important that the switch is turned OFF. The rest of the stack can keep doing its business.

For adding a switch to the stack follow these steps:

Step 1) On the new switch give the global command: switch stack-member-number provision type

Type is the type of switch you are adding to the stack.

When adding for example a third Cisco switch to the Cisco stack, use the following command:

switch 3 provision ws3750g-24t

Step 2) Power off the new stack member

Step 3) Connect the new member to the Cisco stack using the stacking cables, 1 loop at a time.

Step 4) Power on the new stack member. The switch will come alive and will receive the Cisco IOS version from the master, when that is completed it will be ready to service network requests.

For removing a member switch from the stack use the following steps:

Step 1) Power off the stack member to be removed.

Step 2) Remove the stackwise cable from the switch.

Step 3) Issue the following command on the stack master: no switch stack-member-number provisiontype

,
Cisco_logo

Cisco – Port mirroring

Sep 13th

Posted by admin in General

No comments

Voilà comment faire pour mirrorer un port:

 

conf t
monitor session 1 source interface fastethernet 0/23
monitor session 1 destination interface fastethernet 0/24

Il est également possible de mirrorer un VLAN

 

,

Multiple Virtual FTP Accounts with Plesk

Aug 8th

Posted by admin in General

No comments

ProFTPD is the FTP software that current versions of Plesk ship with, and thankfully found what I was looking for.

ProFTPD allows you to create multiple virtual users by using an AuthUserFile directive. The AuthUserFile directive sets the path of a textual file containing a list of users and passwords for authentication.

 

Create a user file

$ touch /etc/proftpd.authuserfile

Edit the ProFTPD configuration file. (NOT etc/proftpd.include as Plesk overwrites that file regularly.):

$ vi /etc/proftpd.conf

 

Add this line:

AuthUserFile /etc/proftpd.authuserfile

 

Creat a crypted password

$ openssl passwd -crypt passwordhere

 

Edit the user file like this:

username:password_encrypt:uid:gid:gecos:home:shell

 

Example

toto:aASDFajksASa:10022:2221::/var/www/vhosts/toto.com/httpdocs/data/web:/bin/false

 

And finaly, reload proftpd

,
disk-clone-2

Disk Cloning With HDD Raw Copy Tool

Aug 5th

Posted by admin in General

No comments

HDD Raw Copy Tool est un outils très pratique pour cloner votre disque dur sur un ouveau disque.

Download HDD Raw Copy Tool

Nortel

Nortel CLI command guide troubleshooting

Jul 28th

Posted by admin in General

No comments

Here are the CLI commands for troubleshooting the ERS 8600 switch:

 

Config timezone

config bootconfig tz dst-name "EDT"
config bootconfig tz name "EST"
config bootconfig tz offset-from-utc 300
config bootconfig tz dst-end M11.1.0/0200
config bootconfig tz dst-start M3.2.0/0200

Config NTP server

config ntp server create a.b.c.d
config ntp server create a.b.c.d
config ntp server create a.b.c.d
config ntp enable true

Show log file

8600:5# dir
size          date       time       name
--------       ------     ------    --------
8697210    MAY-16-2007  02:19:14   /flash/p80a4100.img
1266336    MAY-16-2007  02:19:20   /flash/p80j4100.dld
8796621    MAY-16-2007  02:20:10   /flash/p80m4100.img
701771    MAY-16-2007  02:20:14   /flash/p80p4100.dld
906024    MAY-16-2007  02:20:18   /flash/p80t4100.dld
62954    JUL-08-2011  15:02:54   /flash/config.cfg
1080823    MAY-16-2007  02:20:24   /flash/p80b4100.img
204    OCT-31-2007  01:52:26   /flash/boot.cfg
11    OCT-18-2010  21:04:38   /flash/engboot
2048    OCT-31-2007  01:57:42   /flash/.ssh              <DIR>
588    OCT-31-2007  01:57:42   /flash/.ssh/dsa_pub.key
55928    OCT-31-2007  02:01:20   /flash/p80c4100.img
26112    OCT-31-2007  02:01:40   /flash/p80c4100.aes
total: 64286720 used: 22280192 free: 42006528 bytes
size          date       time       name
--------       ------     ------    --------
1897269    APR-07-2005  22:20:06   /pcmcia/syslog.txt
162    JAN-20-2003  11:07:58   /pcmcia/boot.cfg
27133    APR-20-2006  07:43:12   /pcmcia/config.sav
31193    OCT-30-2007  21:11:36   /pcmcia/config.cfg
99574    MAY-29-2006  11:27:52   /pcmcia/29050006.txt
49996    MAY-29-2007  14:47:02   /pcmcia/p80c3760.img
8    OCT-18-2010  21:04:38   /pcmcia/11e00005.num
21231    APR-07-2005  07:26:56   /pcmcia/configs.cfg
162    APR-07-2005  07:27:10   /pcmcia/boots.cfg
269    JAN-11-2005  14:53:50   /pcmcia/sysHwlog.txt
1082873    OCT-18-2010  21:05:22   /pcmcia/11e00005.000
28669    SEP-23-2007  20:40:44   /pcmcia/conf_20070923.cfg
28733    SEP-24-2007  13:25:00   /pcmcia/conf_20070924.cfg
29446    OCT-30-2007  19:33:54   /pcmcia/config_2007_10_29.cfg
77425    OCT-30-2007  20:19:18   /pcmcia/11e00006.000
8    OCT-30-2007  20:17:02   /pcmcia/11e00006.num
31150    NOV-08-2007  14:53:46   /pcmcia/conf_20071108.cfg
total: 8011776 used: 3469312 free: 4542464 bytes
8600:5# show log file tail
CPU5 [07/28/11 10:51:47] SW INFO user rcju connected from 10.28.13.194 via telnet
CPU5 [07/28/11 10:46:34] SNMP INFO Spanning Tree Topology Change(StgId=1, PortNum=2/25, MacAddr=00:01:81:11:e0:01)
CPU5 [07/28/11 10:46:34] SNMP INFO Spanning Tree Topology Change(StgId=1, PortNum=2/24, MacAddr=00:01:81:11:e0:01)
CPU5 [07/28/11 10:46:04] SNMP INFO Link Up(2/25)
CPU5 [07/28/11 10:46:04] SNMP INFO Link Up(2/24)
CPU5 [07/28/11 10:46:03] SNMP INFO Port 2/25 is an access port
CPU5 [07/28/11 10:46:03] SNMP INFO Link Down(2/25)
CPU5 [07/28/11 10:46:03] SNMP INFO Port 2/24 is an access port
CPU5 [07/28/11 10:46:03] SNMP INFO Link Down(2/24)
CPU5 [07/28/11 10:45:04] SNMP INFO Spanning Tree Topology Change(StgId=1, PortNum=2/25, MacAddr=00:01:81:11:e0:01)
CPU5 [07/28/11 10:45:04] SNMP INFO Spanning Tree Topology Change(StgId=1, PortNum=2/24, MacAddr=00:01:81:11:e0:01)
CPU5 [07/28/11 10:44:34] SNMP INFO Link Up(2/25)
CPU5 [07/28/11 10:44:34] SNMP INFO Link Up(2/24)
CPU5 [07/28/11 10:44:32] SNMP INFO Port 2/25 is an access port
CPU5 [07/28/11 10:44:32] SNMP INFO Link Down(2/25)
CPU5 [07/28/11 10:44:32] SNMP INFO Port 2/24 is an access port
CPU5 [07/28/11 10:44:32] SNMP INFO Link Down(2/24)
CPU5 [07/28/11 10:44:15] SNMP INFO Link Up(2/25)
CPU5 [07/28/11 10:44:15] SNMP INFO Link Up(2/24)
CPU5 [07/28/11 10:44:13] SNMP INFO Port 2/25 is an access port
CPU5 [07/28/11 10:44:13] SNMP INFO Link Down(2/25)
CPU5 [07/28/11 10:44:13] SNMP INFO Port 2/24 is an access port
CPU5 [07/28/11 10:44:13] SNMP INFO Link Down(2/24)
show ports info state
show ports info vlans
show ports info vlacp
show ports info slpp
show vlan info ospf
show ip ospf neighbors
show ip rsmlt info
show mlt ist info
show smlt
show ip route info
show vlan interface info 47-48
show vlan interface vids

 

 

 

,

Adresses multicast

Jul 7th

Posted by admin in General

No comments

Il est toujours utile de savoir à quoi correspondent les adresses multicast

 

  • 224.0.0.1 all hosts on a subnet
  • 224.0.0.2 all routers on a subnet
  • 224.0.0.4 Distance Vector Multicast Routing Protocols (DVMRP)
  • 224.0.0.5 OSPF routers
  • 224.0.0.6 OSPF designated routers
  • 224.0.0.9 RIP Version 2 routers
  • 224.0.0.10 EIGRP routers
  • 224.0.0.13 Protocol independent Multicast (PIM) routers
1234»