Managing your Linux/Unix log files using logrotate

This How-To details the steps required to manage and rotate your server’s log files. A simple truth about Linux/Unix logs are that they are everywhere. Your kernel, program daemons, firewalls, etc, generate their respective log files. In fact, there are so many log files of various levels that sometimes, it can be a nightmare to maintain them. Hence, this guide is a simple step towards maintaining those log files to keep your system in check and in good health.

Log files are one of the most important files where almost all precious and sometimes unnecessary information are stored in regard to your server’s running state. For example, if your system’s security has been breached or compromised, it’s these log files which will come to your rescue to help you identity where or what went wrong.

In case if you don’t know, your Linux/Unix server is currently logging kernel and security logs in the file called /var/log/messages. Just do a simple ” tail -f /var/log/messages ” to get feel and see the actual current logs generated by various daemons running on your system.

Now if your server also has a Apache Web server or a Squid Proxy server running and you want to manage their respective logs in your own fashion, then the following information might help you out.

Continue reading

Running A Transparent Linux Squid Bridge / Turn your Linux box into a Cisco like Catalyst switch

This How-To guides you to run your Linux box with Squid in a transparent bridge mode.

Let us face some facts. Not everybody, especially a small office network or a small home network can afford a Cisco catalyst switch. To replicate the features of a sophisticated switch like a Cisco catalyst switch, we can setup a Linux box with more than 2 network interfaces to run in bridging mode. Or more simply, a Linux bridged box having switching capabilities.

A bridge is a way to connect two Ethernet segments together in a protocol independent way. Packets are forwarded based on Ethernet address, rather than IP address (like a router). Since forwarding is done at Layer 2, all protocols can go transparently through a bridge. Continue reading

Configuring WCCP2 on a Cisco 3620/7206 router with Squid-2.6.18 running on FreeBSD-6.x

This How-To details the steps required to configure WCCP version 2 with a Cisco 3620 or 7206 router together with Squid-2.6.STABLE18 running on FreeBSD-6.2.

Cisco’s WCCP (Web Cache Control Protocol) version 2 is used for sending web requests from clients to 1 or more Squid proxy servers. WCCP feature allows us to redirect Web traffic to our proxy servers which in turn provides Web caching, filtering, or other services, thus reducing transmission costs and downloading time.

With WCCP, we can build a “cache cluster” for load balancing, scaling, and fault tolerance.

For example, in the case of 2 proxy severs, if 1 proxy server goes down, WCCP redirects clients requests to the 2nd working proxy server.

In the rare circumstance where both or all of your proxy servers should go down, WCCP will determine the dead proxy servers and will route clients web requests directly from your cisco router.

Note: Only Cisco IOS Release 12.1 and later releases allow the use of either Version 1 (WCCPv1) or Version 2 (WCCPv2) of the WCCP.

Continue reading

Configuring Apache-2.2.8 with PHP-5.2.5 and Mysql-5.0.45

This How-To guides you through the steps to install and configure the most popular and powerful Apache-2.2.8 web server with PHP-5.2.5 and Mysql-5.0.45.

This How-To can be used either on Linux with Kernel version 2.4 and higher or on FreeBSD-6.x systems.

From wikipedia, the definition of a web server is as follows:

A computer program that is responsible for accepting HTTP requests from clients, which are known as web browsers (e.g. Firefox, Internet Explorer), and serving them HTTP responses along with optional data contents, which usually are web pages such as HTML documents and linked objects (images, etc.).

Without Web servers, the Internet would just be as dull as sending and receiving emails.

It is the web server which provides the content and information that we are used to seeing these days. It’s the web server’s job to deliver both static and dynamic contents to end-users via browsers such as Mozilla Firefox and Internet Explorer.

Apache is to web servers what Bind is to DNS servers. Apache is a high performance and scalable web server notable for playing a key role in the initial growth of the World Wide Web. According to the data provided by news.netcraft.com, 50% of all web sites are running on Apache web servers.

In this guide, we will install and configure a simple Apache-2.2.8 web server with PHP-5.2.4 and Mysql-5.0.45.

Continue reading

Securing your Linux gateway box with IPTABLES

This How-To provides the details for securing a Linux gateway box with the IPTABLES firewall. This guide can be used for Kernels ranging from 2.4-2.6. Special rules for running Squid in transparent mode and providing Network Address Translation (NAT) are also covered in this guide.

The tool IPTABLES talks to the kernel and tells it what packets to filter.

The IPTABLES application operates at a high level by filtering TCP and UDP protocols before the data is passed onto the user applications that can be corrupted.

The IPTABLES tool inserts and deletes rules from the kernel’s packet filtering table.

What this means is that the rules you create in your Linux machine using IPTABLES are lost upon reboot.

The best way to use IPTABLES rules are to store them up in a simple shell script and use your Linux OS to load that script on boot up.

Continue reading

Enterprise Bind 9.4.2 Caching nameserver

Bind is the de-facto DNS server used in almost all kinds of environment all over the world.
This article is a How-To for creating a local caching name server for your network to resolve DNS hostnames faster and also to conserve your precious bandwidth.

The Domain Name System (DNS) is the crucial glue that keeps computer networks in harmony by converting human-friendly hostnames to the numerical IP addresses computers require to communicate with each other. DNS is one of the largest and most important distributed databases the world depends on by serving billions of DNS requests daily for public IP addresses. Most public DNS servers today are run by larger ISPs and commercial companies but private DNS servers can also be useful for private home networks.

Without DNS, most of the Internet comprising WWW, Email, etc will simply fail to work!
This How-To can to be used for running bind as a fast caching name server from a small network to a large corporate environment.

A caching only name server will find the answer to name queries and remember the answer the next time you need it. You can configure a caching name server to query the ROOT servers directly or use it to forward to your ISP name servers to build a very big and effective cache.

This will shorten the waiting time the next time significantly, especially if you’re on a slow connection.

Having said that, this guide can be used for both Linux based and BSD based operating systems.

Continue reading

Enterprise FreeBSD/Linux Squid Proxy Server

Squid is the most popular high end web proxy used by both by small or big organizations and ISPs around the world. It improves web browsing performance and conserves bandwidth. It also has a very rich Access Control Lists (ACLs) which can be configured to act as superb filter and can also act as a firewall.

The Squid project, currently, is now being run entirely by volunteers. It has a small but very talented and professional group of developers. I request everybody using Squid to help this great project in their own respective ways. You can either participate directly in it’s development, or be a tester of it’s latest releases or you can simply submit articles.

Or best of all, if you have the resources, please donate to this great and wonderful project. Whatever you donate, no matter how much, will go towards it’s development and R&D which will benefit everybody and the internet community at large.

Please check the following URL for more details:

http://www.squid-cache.org/Intro/helping.dyn

This installation manual is for Squid-2.6.STABLE18 which is the latest as of today (23-Jan-2008). This How-To can be used either on Linux based Operating systems such as Debian and BSD based operating systems such as FreeBSD. For Solaris users, replace “make” with “gmake” and make sure that “/usr/sfw/bin” is in your PATH.

This guide below details the steps for creating a powerful Squid proxy server capable of serving thousands of users per second. Please refer to the graphs towards the end of this article for actual details.

Continue reading