Throttle The Disk I/O Rate: Limit disk I/O for rsync Tool

Q. I run a backup script called /root/backup.sh which runs rsync command. However, rsync makes a lots of disk I/O and network I/O. I'd like to reduce both disk I/O and network I/O. I've 10Mbps server connection and 160GiB SATA hard disk. How do reduce disk I/O so that the entire system doesn't die or become unresponsive?

A. This is well known issue. There are two methods to control or throttle the disk and network I/O rate under UNIX / Linux.

Method # 1: Limit I/O bandwidth

The --bwlimit option limit I/O bandwidth. You need to set bandwidth using KBytes per second. For example, limit I/O banwidth to 10000KB/s (9.7MB/s), enter:
# rsync --delete --numeric-ids --relative --delete-excluded --bwlimit=10000 /path/to/source /path/to/dest/

Method # 2: Take control of I/O bandwidth using ionice utility

ionice command provide more control as compare to nice command. This program sets the io scheduling class and priority for a program or script. You can totally control disk i/o.

How To Simulate Linux Package Upgrade Without Installing Anything ( Dry Run )

Q. How do I simulate the upgrade first to confirm that the actions that would be taken are reasonable under Debian / Ubuntu Linux package management?

A. Dry run is really good idea under for all production servers. You can print the actions that would normally be performed, but don't actually perform them. This does not require root privileges. It is recommended that you simulate the upgrade first to confirm that the actions that would be taken are reasonable. The upgrade may be simulated by issuing the command:
# aptitude -s -y dist-upgrade
OR
$ sudo aptitude -s -y dist-upgrade
Sample output:

 aptitude -s -y dist-upgrade
Reading package lists... Done
Building dependency tree... Done
Reading extended state information
Initializing package states... Done
Reading task descriptions... Done
Building tag database... Done
The following packages are unused and will be REMOVED:
  libgssapi2
The following packages will be upgraded:
  libpcre3
1 packages upgraded, 0 newly installed, 1 to remove and 0 not upgraded.
Need to get 0B/199kB of archives. After unpacking 119kB will be freed.
Would download/install/remove packages.

How To Reset Linux Firewall Automatically While Testing Configuration With Remote Server Over SSH Session

Q. I'd like to tell my Linux iptables firewall to flush out the current configuration every 5 minutes. This will help when I'm testing a new rules and configuration options. Some time I find myself locked out of my own remote server. How do I reset Linux firewall automatically without issuing hard reboot?

A. You can easily flush out current configuration using iptables command and shell script combo. There is no built in option for this kind of settings. So you need to write a small shell script and call it from crontab file.

Create a firewall reset shell script

Create a /root/reset.fw script:

#!/bin/bash
# reset.fw - Reset firewall
# set x to 0 - No reset
# set x to 1 - Reset firewall
# ---------------------------------------------------------------------------------------------------------------
# Added support for IPV6 Firewall
# ---------------------------------------------------------------------------------------------------------------
# Written by Vivek Gite <vivek@nixcraft.com>
# ---------------------------------------------------------------------------------------------------------------
# You can copy / paste / redistribute this script under GPL version 2.0 or above
# =============================================================
x=1
 
# set to true if it is CentOS / RHEL / Fedora box
RHEL=false
 
### no need to edit below  ###
IPT=/sbin/iptables
IPT6=/sbin/ip6tables
 
if [ "$x" == "1" ];
then
 if [ "$RHEL" == "true" ];
 then
       # reset firewall using redhat script
  /etc/init.d/iptables stop
  /etc/init.d/ip6tables stop
 else
  # for all other Linux distro use following rules to reset firewall
  ### reset ipv4 iptales ###
  $IPT -F
  $IPT -X
  $IPT -Z
  for table in $(</proc/net/ip_tables_names)
  do
   $IPT -t $table -F
   $IPT -t $table -X
   $IPT -t $table -Z
  done
  $IPT -P INPUT ACCEPT
  $IPT -P OUTPUT ACCEPT
  $IPT -P FORWARD ACCEPT
  ### reset ipv6 iptales ###
  $IPT6 -F
  $IPT6 -X
  $IPT6 -Z
  for table in $(</proc/net/ip6_tables_names)
  do
   $IPT6 -t $table -F
   $IPT6 -t $table -X
   $IPT6 -t $table -Z
  done
  $IPT6 -P INPUT ACCEPT
  $IPT6 -P OUTPUT ACCEPT
  $IPT6 -P FORWARD ACCEPT
 fi
else
        :
fi

Set permissions:
# chmod +x /root/reset.fw
Create cronjon to reset current configuration every 5 minutes, enter
# crontab -e
OR
# vi /etc/crontab
Append following settings:
*/5 * * * * root /root/reset.fw >/dev/null 2>&1
Please remember to set x to 0 once a working configuration has been created for your Linux system.

FreeBSD Install and Configure Webmin Web-based Interface ( Control Panel )

Q. How do I install webmin control panel for my FreeBSD server?

A. Webmin is a web-based interface for system administration for Unix including FreeBSD. Using any browser that supports tables and forms, you can setup user accounts, Apache, DNS, file sharing, firewall and so on. Webmin consists of a simple web server, and a number of CGI programs which directly update system files like /etc/inetd.conf and /etc/master.passwd.

Install webmin

To install webmin, update your ports, enter:
# portsnap fetch update
Install webmin from /usr/ports/sysutils/webmin, enter:
# cd /usr/ports/sysutils/webmin
# make install clean

Configure webmin

Now, webmin is installed. Start webmin on startup, enter:
# vi /etc/rc.conf
Append following line:
webmin_enable="YES"
Save and close the file. You need to run /usr/local/lib/webmin/setup.sh script in order to setup the various config files, enter:
# /usr/local/lib/webmin/setup.sh
Sample output:

***********************************************************************
*            Welcome to the Webmin setup script, version 1.420        *
***********************************************************************
Webmin is a web-based interface that allows Unix-like operating
systems and common Unix services to be easily administered.
Installing Webmin in /usr/local/lib/webmin ...
***********************************************************************
Webmin uses separate directories for configuration files and log files.
Unless you want to run multiple versions of Webmin at the same time
you can just accept the defaults.
Log file directory [/var/log/webmin]: [Press Enter]
***********************************************************************
Webmin is written entirely in Perl. Please enter the full path to the
Perl 5 interpreter on your system.
Full path to perl (default /usr/bin/perl):  [Press Enter]
Testing Perl ...
Perl seems to be installed ok
***********************************************************************
Operating system name:    FreeBSD
Operating system version: 7.0
***********************************************************************
Webmin uses its own password protected web server to provide access
to the administration programs. The setup script needs to know :
 - What port to run the web server on. There must not be another
   web server already using this port.
 - The login name required to access the web server.
 - The password required to access the web server.
 - If the webserver should use SSL (if your system supports it).
 - Whether to start webmin at boot time.
Web server port (default 10000):  [Press Enter]
Login name (default admin):  [Press Enter]
Login password: [type password]
Password again:
Use SSL (y/n): y
***********************************************************************
Creating web server config files..
..done
Creating access control file..
..done
Creating start and stop scripts..
..done
Copying config files..
..done
Changing ownership and permissions ..
..done
Running postinstall scripts ..
..done

How do I view webmin?

Fire a webbrowser and enter url:
https://your-domain.com:10000/
OR
https://your-server-ip:10000/
You should see login html form as follows:

(Fig. 01: - Webmin in action under FreeBSD)

tspc: Debian / Ubuntu Linux Configure IPv6 Tunnel

Q. How do I configure IPv6 Tunnel under Ubuntu Linux? I'd like to browse and use IPv6 utilities under Ubuntu but my ISP is not ready with IPv6 native transport. How do I browser IPv6 ready websites using IPv4?

A. You can easily set IPv6 tunnel under Debian or Ubuntu Linux using tspc (tunnel setup protocol client). tspc provides a mean to configure a tunnel obtained from a tunnel server which is compliant to the tunnel setup protocol (TSP). tspc will connect to a tunnel server and request a tunnel according to the specifications inside the configuration file. As a background process, it will then monitor the state of the tunnel. In the event of a timeout, tspc will reestablish a new tunnel. tspc allows you to connect and browse IPv6 network using IPv4.

Register Free at Freenet6

You can get free IPv6 access through Freenet6. Visit Freenet6 and register yourself to obtain username and password.

Install tspc client

Open terminal and type the following command:
$ sudo apt-get install tspc
OR
# apt-get install tspc

Configure tspc

The default configuration file is located at /etc/tsp/tspc.conf. Open file using a text editor, enter:
# vi /etc/tsp/tspc.conf
You need to provide username, password and hostname registered at Freenet6 (see your tunnel broker registration email). For example,

• userid - vivek
• passwd - myPassWord
• server - broker.freenet6.net

Search, userid, server, and passwd variable in file and set them as follows:
userid=your-name
server=broker.freenet6.net
passwd=your-password
Save and close the file. Restart tspc service, enter
$ sudo /etc/init.d/tspc restart
Run ifconfig command to see your tunnel IPv6 address, enter:
$ /sbin/ifconfig tun
Sample output:

tun       Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet6 addr: 2001:5c0:8fff:fffe::a68d/128 Scope:Global
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1280  Metric:1
          RX packets:9 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500
          RX bytes:656 (656.0 b)  TX bytes:240 (240.0 b)

Test IPv6 connectivity, enter:
$ ping6 ipv6.google.com
Sample output:

PING ipv6.google.com(2001:4860:0:2001::68) 56 data bytes
64 bytes from 2001:4860:0:2001::68: icmp_seq=1 ttl=55 time=501 ms
64 bytes from 2001:4860:0:2001::68: icmp_seq=2 ttl=55 time=453 ms
64 bytes from 2001:4860:0:2001::68: icmp_seq=3 ttl=55 time=437 ms
64 bytes from 2001:4860:0:2001::68: icmp_seq=4 ttl=55 time=473 ms
--- ipv6.google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2998ms
rtt min/avg/max/mdev = 437.077/466.544/501.926/24.149 ms

View Google.com IPv6 Address, enter:
$ host ipv6.google.com
Sample output:

ipv6.google.com is an alias for ipv6.l.google.com.
ipv6.l.google.com has IPv6 address 2001:4860:0:2001::68

Now you can browse any IPv6 configured website or use all IPv6 utilities such as ping6, tracerout6 without a problem.

How do I stop tunnel?

Open the terminal and type the command, enter:
$ sudo /etc/init.d/tspc stop
$ /sbin/ifconfig

How do I start tunnel?

Open the terminal and type the command, enter:
$ sudo /etc/init.d/tspc start
$ /sbin/ifconfig
$ ping6 ipv6.google.com

Vim Editing Multiple Files and Windowing Support Under Linux / UNIX

Q. How do I open and edit multiple files under VIM text editor running under Ubuntu Linux / UNIX operating systems to improve my productivity?

A. Vim offers multiple file editing with the help of windows. You can easily open multiple files and edit them using the concept of buffers.

Understanding vim buffer

A buffer is nothing but a file loaded into memory for editing. The original file remains unchanged until you write the buffer to the file using w (other file saving related) command.

Understanding window

A window is noting but a viewport onto a buffer. You can use multiple windows on one buffer, or several windows on different buffers. By default, Vim starts with one window, for example open /etc/passwd file, enter:
$ vim /etc/passwd

Open two windows

Start vim as follows to open two windows,split horizontally:
$ vim -o /etc/passwd /etc/hosts
OR
$ vim -o file1.txt resume.txt

(Fig.01: split horizontal windows under VIM)
The -O option allows you to open two windows, split vertically, enter:
$ vim -O /etc/passwd /etc/hosts

How do I switch or jump between windows?

This operation is also known as moving cursor to other windows:

1. Press CTRL + W + <Left arrow key> to activate left windows
2. Press CTRL + W + <Right arrow key> to activate right windows
3. Press CTRL + W + <Up arrow key> to activate to windows above current one
4. Press CTRL + W + <Down arrow key> to activate to windows down current one
5. Press CTRL-W + CTRL-W (hit CTRL+W twice) to move quickly between all open windows

How do I edit current buffer?

Use all your regular vim command such as i, w and so on for editing text.

How do I close windows?

Press CTRL+W CTRL-Q to close the current windows. You can also press [ESC]+:q to quit current window.

How do I open new empty window?

Press CTRL+W + n - Create a new window and start editing an empty file in it.

How do I split current window in two?

Press CTRL+W+ s - to split current window in two.

How do I open exiting file in a new windows?

Press [ESC]+:new /path/to/file. This will create a new window and start editing file /path/to/file in it. For example, open file called /etc/hosts.deny, enter:
:new /etc/hosts.deny

(Fig.02: Create a new window and start editing file /etc/hosts.deny in it.)

(Fig.03: Two files opened in a two windows)

How do I resize Window?

You can increase or decrease windows size by N number. For example, increase windows size by 5, press [ESC] + 5 + CTRL + W+ +.
To decrease windows size by 5, press [ESC]+ 5 + CTRL+ W + -.

Moving windows cheat sheet

Key combination	Action
CTRL-W h	move to the window on the left
CTRL-W j	move to the window below
CTRL-W k	move to the window above
CTRL-W l	move to the window on the right
CTRL-W t	move to the TOP window
CTRL-W b	move to the BOTTOM window

How do I quit all windows?

Type the following command (also known as quit all command):
:qall
Note: If any of the windows contain changes, Vim will not exit. The cursor will automatically be positioned in a window with changes.
You can then either use ":write" to save the changes:
:write
or ":quit!" to throw them away:
:quite!

How do save and quit all windows?

To save all changes in all windows and quite , use this command:
:wqall
This writes all modified files and quits Vim. Finally, there is a command that quits Vim and throws away all changes:
:qall!

FreeBSD Install Logwatch Tool For Log Analysis and Monitoring

Q. How do I watch, monitor system log under FreeBSD systems and generate summery of critical UNIX log files via email?

A. You can use log analysis tool called Logwatch which is a customizable, pluggable log-monitoring system. It will go through your logs stored at /var/log/ directory for a given period of time and make a report in the areas that you wish with the detail that you wish. Logwatch is very powerful system log analyzer and reporter for UNIX like systems.

Install Logwatch Tool

Type the following commands as root user:
# portsnap fetch update
# /usr/ports/sysutils/logwatch
# make install clean

Configure logwatch log analyzer

The default configuration file located at /usr/local/etc/logwatch/defaults/logwatch.conf. Open text editor to configure logwatch, enter:
# vi /usr/local/etc/logwatch/defaults/logwatch.conf
You need to setup MailTo variable to get reports summery via email, enter:
MailTo = vivek@nixcraft.in, admin@example.com
Set Print to No:
Print = No
If set to 'Yes', the report will be sent to screen instead of being mailed to above person(s). Save and close the file. Configure rest of the parameters as per your requirements.

Install cronjob

Install cronjob as follows, to run report, enter
# vi /etc/crontab
OR
# crontab -e
Append following code:

### Logwatch cron job ###
@daily /usr/local/sbin/logwatch.pl
 

Save and close the file. Now you should get daily emails. Sample logwatch report:

 ################### Logwatch 7.3.6 (05/19/07) ####################
        Processing Initiated: Tue Jul  8 06:25:03 2008
        Date Range Processed: yesterday
                              ( 2008-Jul-07 )
                              Period is day.
      Detail Level of Output: 5
              Type of Output: unformatted
           Logfiles for Host: freebsd.nixcraft.in
  ##################################################################
 --------------------- Cron Begin ------------------------
 Commands Run:
    User root:
          /usr/bin/rsnapshot daily: 1 Time(s)
          /usr/bin/rsnapshot hourly: 6 Time(s)
       if [ -x /usr/bin/vnstat ] && [ `ls /var/lib/vnstat/ | wc -l` -ge 1 ]; then /usr/bin/vnstat -u; fi: 288 Time(s)
 ---------------------- Cron End -------------------------
 --------------------- Named Begin ------------------------
 **Unmatched Entries**
    client 122.167.76.117 notify question section contains no SOA: 2 Time(s)
 ---------------------- Named End -------------------------
 --------------------- pam_unix Begin ------------------------
 cron:
    Sessions Opened:
       root: 2240 Time(s)
 sshd:
    Sessions Opened:
       payal: 545 Time(s)
       payal by payal: 8 Time(s)
 su:
    Sessions Opened:
       root -> nobody: 3 Time(s)
 ---------------------- pam_unix End -------------------------
 --------------------- postfix Begin ------------------------
 77502 bytes transferred
 14 messages sent
 14 messages removed from queue
 Top ten local senders:
    14 messages sent by:
       root (uid=0):
 ---------------------- postfix End -------------------------
 --------------------- SSHD Begin ------------------------
 Users logging in through sshd:
    payal:
       192.168.0.5 (laptop.nixcraft.in): 460 times
       192.168.0.7 (desktop.nixcraft.in): 93 times
 ---------------------- SSHD End -------------------------
 --------------------- Disk Space Begin ------------------------
 Filesystem  1K-blocks     Used     Avail Capacity  Mounted on
 /dev/ad4s1a    507630   384080     82940    82%    /
 devfs               1        1         0   100%    /dev
 /dev/ad6s1d 237397844 17597052 200808966     8%    /disk1
 /dev/ad4s1d    507630       14    467006     0%    /tmp
 /dev/ad4s1f 224192598  3170358 203086834     2%    /usr
 /dev/ad4s1e  10154158    93652   9248174     1%    /var
 procfs              4        4         0   100%    /proc
 devfs               1        1         0   100%    /var/named/dev
 devfs => 100% Used. Warning. Disk Filling up.
 procfs => 100% Used. Warning. Disk Filling up.
 devfs => 100% Used. Warning. Disk Filling up.
 ---------------------- Disk Space End -------------------------
 ###################### Logwatch End ######################### 

Find Out Which Commands Were Run on My Linux Server

Q. How do I know which commands were run by my users on my RHEL / Debian / CentOS / Suse / Fedora Linux server?

A. You need to install package called psacct, which contains several utilities for monitoring process
activities, including ac, lastcomm, accton and sa. The ac command displays statistics about how long users have been logged on. The lastcomm command displays information about previous executed
commands. The accton command turns process accounting on or off. The sa command summarizes information about previously executed commands.

How To Download a RPM Package Using yum Command Without Installing On Linux

I would like to only download the packages via yum and not install/update them. How do I download a RPM package using yum command under CentOS Enterprise Linux server 5.x or RHEL 5.x systems?

You need to install plugin called yum-downloadonly. This plugin adds a --downloadonly flag to yum so that yum will only download the packages and not install/update them. Following options supported by this plugin:
[a] --downloadonly : don't update, just download a rpm file
[b] --downloaddir=/path/to/dir : specifies an alternate directory to store packages such as /tmp
Please note following instructions are only tested on CentOS server but should work with RHN and RHEL without any problem.

How do I install yum-downloadonly plugin?

Type the following command to install plugin, enter:
# yum install yum-downloadonly
Sample output:

Loading "fastestmirror" plugin
Loading "security" plugin
Loading mirror speeds from cached hostfile
 * base: centos.mirrors.tds.net
 * updates: mirror.myriadnetwork.com
 * addons: mirrors.gigenet.com
 * extras: holmes.umflint.edu
Setting up Install Process
Parsing package install arguments
Resolving Dependencies
--> Running transaction check
---> Package yum-downloadonly.noarch 0:1.1.10-9.el5.centos set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
=============================================================================
 Package                 Arch       Version          Repository        Size
=============================================================================
Installing:
 yum-downloadonly        noarch     1.1.10-9.el5.centos  base              9.0 k
Transaction Summary
=============================================================================
Install      1 Package(s)
Update       0 Package(s)
Remove       0 Package(s)
Total download size: 9.0 k
Is this ok [y/N]: y
Downloading Packages:
(1/1): yum-downloadonly-1 100% |=========================| 9.0 kB    00:00
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing: yum-downloadonly             ######################### [1/1]
Installed: yum-downloadonly.noarch 0:1.1.10-9.el5.centos
Complete!

How do I download a RPM package only from RHN or CentOS mirror, without installing it?

Download httpd package but don't install/update, enter:
# yum update httpd -y --downloadonly
By default package will by downloaded and stored in /var/cache/yum/ directory. But, you can specifies an alternate directory to store packages such as /opt, enter:
# yum update httpd -y --downloadonly --downloaddir=/opt
Sample output:

yum install httpd -y --downloadonly
Loading "downloadonly" plugin
Loading "fastestmirror" plugin
Loading "security" plugin
Loading mirror speeds from cached hostfile
 * base: centos.mirrors.mypsh.com
 * updates: mirror.steadfast.net
 * addons: mirrors.gigenet.com
 * extras: holmes.umflint.edu
Setting up Install Process
Parsing package install arguments
Resolving Dependencies
--> Running transaction check
---> Package httpd.i386 0:2.2.3-11.el5_1.centos.3 set to be updated
filelists.xml.gz          100% |=========================| 2.8 MB    00:03
filelists.xml.gz          100% |=========================| 681 kB    00:11
filelists.xml.gz          100% |=========================| 122 kB    00:00
filelists.xml.gz          100% |=========================|  150 B    00:00
--> Finished Dependency Resolution
Dependencies Resolved
=============================================================================
 Package                 Arch       Version          Repository        Size
=============================================================================
Installing:
 httpd                   i386       2.2.3-11.el5_1.centos.3  base              1.1 M
Transaction Summary
=============================================================================
Install      1 Package(s)
Update       0 Package(s)
Remove       0 Package(s)
Total download size: 1.1 M
Downloading Packages:
(1/1): httpd-2.2.3-11.el5 100% |=========================| 1.1 MB    00:01
exiting because --downloadonly specified

To see downloaded file, enter:
# ls -l /opt/*.rpm
Sample output:

-rw-r--r-- 1 root root 1116426 Jan 17 03:36 /opt/httpd-2.2.3-11.el5_1.centos.3.i386.rpm
-rw-r--r-- 1 root root   83452 Oct  2  2007 /opt/lighttpd-fastcgi-1.4.18-1.el5.rf.i386.rpm
-rw-r--r-- 1 root root  635045 Oct 20  2007 /opt/psad-2.1-1.i386.rpm

Method # 2: yum-utils.noarch Package

yum-utils is a collection of utilities and examples for the yum package manager. It includes utilities by different authors that make yum easier and more powerful to use. These tools include: debuginfo-install, package-cleanup, repoclosure, repodiff, repo-graph, repomanage, repoquery, repo-rss, reposync, repotrack, verifytree, yum-builddep, yum-complete-transaction, yumdownloader, yum-debug-dump and yum-groups-manager.
# yum -y install yum-utils.noarch
Now use the yumdownloader command which is a program for downloading RPMs from Yum repositories. Type the following command to download httpd rpm file:
# yumdownloader httpd
Sample outputs:

Loaded plugins: rhnplugin
httpd-2.2.3-31.el5_4.2.x86_64.rpm                        | 1.2 MB     00:00

How Do I Extract Downloaded RPM File?

Type the command as follows:
# rpm2cpio httpd-2.2.3-31.el5_4.2.x86_64.rpm | cpio -idmv

Linux Disable Bluetooth [ Bluetooth Input Devices (hidd) ]

How do I disable bluethooth support (including bluethooth based devices) under Linux operating systems?

Bluetooth provides another metod to transfer information between various devices such as mobile phones, laptops, PDAs, PCs, printers, digital cameras, etc over a short-range wireless link.

Remove Bluetooth Hardware

Removal of bluetooth hardware module is the only way to ensure that the Bluetooth wireless remains disabled. See your systems's hardware manual which should contain information on its bluetooth capabilities. Avoid purchasing equipment that comes with bluetooth.

Disable Bluetooth Service

Type the following commands under RHEL / CentOS / Fedora / Red Hat Linux:
# /etc/init.d/bluetooth stop
# chkconfig bluetooth off
If you are using Debian / Ubuntu Linux use rcconf command to disable bluetooth service:
# update-rc.d bluetooth remove

Disable hidd Service

The hidd service used to provide support for Bluetooth input devices. If you don't use bluetooth based keyboard or mouse, disable it:
# /etc/init.d/hidd stop
# chkconfig hidd off

Disable Linux Kernel Bluetooth Modules / Driver

Type the following command to disable the driver:
The kernel’s module loading system can be configured to prevent loading of the Bluetooth module.
echo 'alias net-pf-31 off' >> /etc/modprobe.conf

FreeBSD / OpenBSD: PF Firewall Filter Large Number Of Subnets and IP Address

Q. How do I filter larger number of subnets and IPs using OpenBSD's pf firewall under FreeBSD 7.x server? How do I log all dropped packets from such ips? How do I block upto 10000 IPs or subnet without any performance penalty?

A. You can easily filter large number of IPs or subnets using pf firewall. PF provides tables to hold large number of IPv4 and IPv6 address. Lookups against a table are very fast and consume less memory and processor time. Tables are created in pf.conf file. Tables can also be populated from text files containing a list of IP addresses and networks.

How do I configure tables to drop large number of IPs?

Open pf.conf file, enter:
# vi /etc/pf.conf
Add following code:
table <blockedips> persist file "/etc/pf.blocked.ip.conf"
ext_if="em1" # interface connected to internet
Add following code to drop and log all ips / subnet listed in /etc/pf.blocked.ip.conf, file
block drop in log (all) quick on $ext_if from <blockedips> to any
Save and close the file. Now create file /etc/pf.blocked.ip.conf file using vi text editor, enter:
vi /etc/pf.blocked.ip.conf
Sample output:

192.168.1.0/24
202.54.1.5
# 202.54.4.5

The file /etc/pf.blocked.ip.conf should contain a list of IP addresses and/or CIDR network blocks, one per line. Any line beginning with # is treated as a comment and ignored by pf. To load new rules, simply type:
# pfctl -nf /etc/pf.conf
# pfctl -f /etc/pf.conf

How do I view all IP address listed in tables?

Type the following command
# pfctl -t blockedips -T show
Sample output:

   58.65.232.0/21
   58.83.12.0/22
   64.28.176.0/20
   64.255.128.0/19
   66.231.64.0/20
   67.213.128.0/20
   69.8.176.0/20

How do I add subnet called 91.196.232.0/22 on the fly?

Use pfctl command itself, to add CIDR or IP on fly, enter:
# pfctl -t blockedips -T add 202.54.11.11
# pfctl -t blockedips -T add 91.196.232.0/22

How do I delete subnet called 91.196.232.0/22 on the fly?

Type the command as follows:
# pfctl -t blockedips -T delete 91.196.232.0/22
Please note that all changes made using pfct are dynamic. You need to update your file on disk to save the changes.

How do I see statistics for each IP / CIDR?

The -v option can display statistics for each table entry (IP/CIDR), enter:
# pfctl -t blockedips -T show -v
Sample output:

   216.243.240.0/20
        Cleared:     Thu Jul 10 03:01:01 2008
        In/Block:    [ Packets: 0                  Bytes: 0                  ]
        In/Pass:     [ Packets: 0                  Bytes: 0                  ]
        Out/Block:   [ Packets: 0                  Bytes: 0                  ]
        Out/Pass:    [ Packets: 0                  Bytes: 0                  ]
   216.255.176.0/20
        Cleared:     Thu Jul 10 03:01:01 2008
        In/Block:    [ Packets: 0                  Bytes: 0                  ]
        In/Pass:     [ Packets: 0                  Bytes: 0                  ]
        Out/Block:   [ Packets: 0                  Bytes: 0                  ]
        Out/Pass:    [ Packets: 0                  Bytes: 0                  ]

How do I view log of dropped IP from default /var/log/pflog file?

Use tcpdump command to read a log file:
# tcpdump -n -e -ttt -r /var/log/pflog
# tcpdump -n -e -ttt -r /var/log/pflog port 80
# tcpdump -n -e -ttt -r /var/log/pflog and host 202.33.1.2
You can also view log in real time, enter:
# tcpdump -n -e -ttt -i pflog0
# tcpdump -n -e -ttt -i pflog0 port 80
# tcpdump -n -e -ttt -i pflog0 host 202.33.1.2

How To Specify and Browse Website Using IPv6 Address With Firefox, Opera Web Browser

Q. Now, I know how to configure IPv6 tunnel but how do I browse website using IPv6 IP address like 2001:4860:0:2001::68 under Firefox or Opera web browser?

A. For command line or for browser IPv6 addresses need to be specified by enclosing addresses in square brackets like [2001:4860:0:2001::68].
Fire a webbrowser and type the following url:
http://[2001:4860:0:2001::68]/

(Fig.01: Browsing Website Using IPv6 Address)
I strongly recommend using DNS for resolving all IPv6 host names.

How To Patch / Upgrade BIND 9.x Under FreeBSD Operating System

Q. BIND 9 is part of core FreeBSD 7.x. How do I apply BIND 9 security patch under FreeBSD 7.x? Do I need to fetch entire source (buildworld) to patch BIND 9? How do I patch up recent BIND 9 DNS cache poisoning bug?

A. No, you don't have to fetch entire source to patch up BIND 9 if you are running latest stable (6-STABLE or 7-STABLE). The BIND DNS implementation does not randomize the UDP source port when doing remote queries, and the query id alone does not provide adequate randomization.
To fix this issue under FreeBSD 6.3, download patch:
# cd /tmp
# fetch -o bind.patch http://security.FreeBSD.org/patches/SA-08:06/bind63.patch
If you are using FreeBSD 7.0, enter:
# cd /tmp
# fetch -o bind.patch http://security.FreeBSD.org/patches/SA-08:06/bind7.patch
Type the following commands to compile and install bind 9 patch:
# cd /usr/src
# patch < /tmp/bind.patch
# cd /usr/src/lib/bind
# make obj && make depend && make && make install
# cd /usr/src/usr.sbin/named
# make obj && make depend && make && make install

Restart bind 9:
# /etc/rc.d/named restart
# tail -f /var/log/messages

Debian / Ubuntu Linux Install ntop To See Network Usage / Network Status

Q. How do I track my network usage (network usage monitoring) and protocol wise distribution of traffic under Debian Linux? How do I get a complete picture of network activity?

A. ntop is the best tool to see network usage in a way similar to what top command does for processes i.e. it is network traffic monitoring software. You can see network status, protocol wise distribution of traffic for UDP, TCP, DNS, HTTP and other protocols.
ntop is a hybrid layer 2 / layer 3 network monitor, that is by default it uses the layer 2 Media Access Control (MAC) addresses AND the layer 3 tcp/ip addresses. ntop is capable of associating the two, so that ip and non-ip traffic (e.g. arp, rarp) are combined for a complete picture of network activity.
ntop is a network probe that showsIn interactive mode, it displays the network status on the user's terminal. In Web mode, it acts as a Web server, creating a HTML dump of the network status. It sports a NetFlow/sFlow emitter/collector, a HTTP-based client interface for creating ntop-centric monitoring applications, and RRD for persistently storing traffic statistics.Network Load Statistics

How do I install ntop under Debian / Ubuntu Linux?

Type the following commands, enter:
$ sudo apt-get update
$ sudo apt-get install ntop
Sample output:

Reading package lists... Done
Building dependency tree... Done
Suggested packages:
  graphviz
The following NEW packages will be installed:
  ntop
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 0B/2859kB of archives.
After unpacking 12.1MB of additional disk space will be used.
Preconfiguring packages ...
Selecting previously deselected package ntop.
(Reading database ... 27301 files and directories currently installed.)
Unpacking ntop (from .../ntop_3%3a3.2-8_amd64.deb) ...
Setting up ntop (3.2-8) ...
Starting network top daemon: Fri Jul 11 14:36:45 2008  NOTE: Interface merge enabled by default
Fri Jul 11 14:36:45 2008  Initializing gdbm databases
ntop

Set ntop admin user password

Type the following command to set password, enter:
# /usr/sbin/ntop -A
OR
$ sudo /usr/sbin/ntop -A
Sample output:

Fri Jul 11 14:36:52 2008  NOTE: Interface merge enabled by default
Fri Jul 11 14:36:52 2008  Initializing gdbm databases
ntop startup - waiting for user response!
Please enter the password for the admin user: [Type-yourPassord]
Please enter the password again:  [Type-yourPassord]
Fri Jul 11 14:36:59 2008  Admin user password has been set

Restart ntop service

Type the following command, enter:
# /etc/init.d/ntop restart
Verify ntop is working, enter:
# netstat -tulpn | grep :3000
ntop by default use 3000 port to display network usage via webbrowser.

How do I view network usage stats?

Type the url:
http://localhost:3000/
OR
http://server-ip:3000/

Sample ntop reports

(Fig.01: ntop Global TCP/UDP Protocol Distribution Graphs [click to enlarge])

(Fig.02: Network Load Statistics (click to enlarge])

Access Any Remote Server Port Without Modifying Firewall Settings

Q. I've couple of remote servers and I'd like to access few admin only application running on port 10000 and 3001. My firewall only allows port 80, 443, 25, 22 and 110 for public access. Do I need to open port 10000 and 3001 for everyone using firewall? How do I access my admin only apps without opening port 10000 and 3001?

A. SSH has feature called port forwarding (also known as tunneling). It allows the act of forwarding a network port from one network node to another. This technique can allow an external user to reach a port on a private IP address (inside a LAN) from the outside via a NAT-enabled router.
The following example tunnels port 3001 session from client machine 127.0.0.1 (localhost) to remote server called "server.nixcraft.in"
$ ssh -f -L {local-port}:localhost:{remote-server-port} user@remote.server.com
$ ssh -f -L 3001:localhost:3001 user@server.nixcraft.in
The connection is forwarded to port 3001 on the remote server. If 3001 is web based app, open a web browser and type the url http://localhost:3001/
Another example to forward to port 10000, enter:
$ ssh -N -f -L 10000:localhost:10000 vivek@server.nixcraft.com
Where,

• -f : Requests ssh to go to background just before command execution
• -L : Specifies that the given port on the local (client) host is to be forwarded to the given host and port on the remote side.
• -N : Do not execute a remote command. This is useful for just forwarding ports

You can also create a script as follows (open.3001):
$ vi ~/open.3001
Append following code:

#!/bin/bash
ME="$(basename $0)"
SSHUSER=vivek
SERVER=remote.example.com
[ $ME == "open.3001" ] && ssh -N -f -L 3001:localhost:3001  ${SSHUSER}@${SERVER} || :
[ $ME == "open.10000" ] && ssh -N -f -L 10000:localhost:10000  ${SSHUSER}@${SERVER} || :
[ $ME == "open.3000" ] && ssh -N -f -L 3000:localhost:3000  ${SSHUSER}@${SERVER} || :

Set permissions, enter:
$ chmod +x ~/open.3001
Create soft-link, enter:
$ ln -s ~/open.3001 ~/open.10000
$ ln -s ~/open.3001 ~/open.3000
Now you can simply type the following to forward port 10000, enter:
$ ~/open.10000
OR
$ ~/open.3000

Find Out If My DNS Server Free From DNS Cache Poisoning Bug Or Not

Q. How do I verify that my ISP or my own recursive resolvers are free from DNS cache poisoning bug that is promised full disclosure of the flaw by Dan on August 7 at the Black Hat conference? How do I test my dns server for DNS cache pollution or DNS Cache Poisoning bug?

A. DNS cache poisoning (also known as DNS cache pollution) is a maliciously created or unintended situation that provides data to a Domain Name Server that did not originate from authoritative DNS sources. It occur if DNS "spoofing attack" has been encountered. An attacker will send malicious data / non-secure data in response to a DNS query. For example dns query for www.cyberciti.biz can be redirected to www.example.com.

But how do I find out if my DNS server is open to such attack or not?

Visit Dan Kaminsky java script page to check your DNS

You can also use following command dig command, enter:
$ dig +short @{name-server-ip} porttest.dns-oarc.net txt
$ dig +short @ns1.example.com porttest.dns-oarc.net txt
$ dig +short @208.67.222.222 porttest.dns-oarc.net txt
Sample output:

z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net.
"208.67.222.222 is GOOD: 26 queries in 0.1 seconds from 26 ports with std dev 17746.18"

Another test,
$ dig +short @125.22.47.125 porttest.dns-oarc.net txt
Output:

z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net.
"125.22.47.139 is POOR: 42 queries in 8.4 seconds from 1 ports with std dev 0.00"

FreeBSD Install lsof To Displays Information About Files Open to Unix processes

Q. How do I install the free, open-source, Unix administrative tool called lsof (for LiSt Open Files) under FreeBSD operating system to displays information about files open to Unix processes?

A. lsof lists information about files opened by processes
for the varios UNIX dialects. An open file may be a regular file, a directory, a block special file, a character special file, an executing text reference, a library, a stream or a network file (Internet socket, NFS file or UNIX domain socket.) A specific file or all the files in a file system may be selected by path.

FreeBSD install lsof package

Type the following command to update current ports collection and install lsof from ports:
# portsnap fetch update
# cd /usr/ports/sysutils/lsof
# make install clean

Now you can use lsof commad, enter:
# lsof
# lsof -i -U
# lsof -i 4 -a -p 2053
# lsof -i 6
$ man lsof

Find Out Vmware Server Version Under Linux Server

Q. Under Windows it is pretty easy to find out VMware server version. How do I find out remote vmware server version using ssh client running under RHEL / CentOS Linux 5.x?

A. You need to use the vmware command, which starts an Intel X86-based virtual machine. Depending upon your hardware configuration, you can run a number of virtual machines simultaneously. The -v option display the program version then exit without starting a virtual machine. Type the following command at shell prompt (following command should work under any Linux distribution):
$ /usr/bin/vmware -v
OR
$ ssh user@remote.rhel-server.com /usr/bin/vmware -v
Sample output:

VMware Server 1.0.5 build-80187

For further information refer to man page:
$ man vmware

How To Setup Vanity DNS Name Server Using BIND 9

Q. I've nameserver like ns1.example.com and ns2.example.com. I'd like to provide Vanity DNS for each domain such as ns1.yourdomain.com and ns2.yourdomain.com. Basically, my users should able to call my dns server as their own servers. This will create the illusion that my user run their own name servers. How do I setup vanity DNS using BIND 9 under UNIX / Linux?

A. It is pretty easy to setup nameserver for each domain using BIND. For example, ns1.nixcraft.net and ns2.nixcraft.net can be used as vanity DNS for theos.in domain.

Our sample setup

Your real DNS server	Vanity DNS	IP address for both Real and Vanity servers
ns1.nixcraft.net	ns1.theos.in	202.54.1.20
ns2.nixcraft.net	ns2.theos.in	203.51.2.22

So instead of using ns1.nixcraft.net, you use ns1.theos.in for theos.in. Please replace domain name and IPs according to your requirements.

How do I setup Vanity DNS for theos.in domain?

You need to register ns1.theos.in and ns2.theos.in with your domain service provider or ISP with the following settings:

1. ns1.theos.in : 202.54.1.20
2. ns2.theos.in : 203.51.2.22

Next, you need to setup named.conf as follows on master bind 9 server, enter:
# vi named.conf
Append zone as follows, enter:

zone "theos.in" {
        type master;
        file "/etc/bind/zones/master.theos.in";
        allow-transfer { 203.51.2.22 };
};

Save and close the file. Run following command to check named.conf for error:
# named-checkconf
Now, create /etc/bind/zones/master.theos.in zone file:
# vi /etc/bind/zones/master.theos.in
Append zone as follows, enter:

$ORIGIN theos.in.
$TTL 3h
@        IN SOA ns1.theos.in. hostmaster.theos.in. (
                       2008071801        ; Serial yyyymmddnn
                       3h                ; Refresh After 3 hours
                       1h                ; Retry Retry after 1 hour
                       1w                ; Expire after 1 week
                       1h)             ; Minimum negative caching of 1 hour
; Vanity DNS
@                      86400    IN NS    ns1.theos.in.
@                      86400    IN NS    ns2.theos.in.
@                     86400     IN MX 10 smtp.theos.in.
; Vanity DNS must point to IP of ns1.nixcraft.net and ns2.nixcraft.net
ns1                    86400    IN A     202.54.1.20
ns2                    86400    IN A     203.51.2.22
; host stuff
@                      86400    IN A     22.33.11.44
www                    86400    IN A     22.33.11.44
ftp                    86400    IN A     22.33.11.44

Save and close the file. Run zone file validity checking for theos.in, enter:
# named-checkzone theos.in /etc/bind/zones/master.theos.in
Sample output:

zone theos.in/IN: loaded serial 2008071801
OK

Now just reload bind 9, enter:
# rndc reload

Slave server configuration

Open named.conf on slave server and append following code:

     zone "theos.in" {
                type slave;
                file "/etc/bind/zones/slave.theos.in";
                masters { 202.54.1.20; };
                allow-transfer { none; };
        };

Save and close the file. Run following command to check named.conf for error:
# named-checkconf
Reload named, enter:
# rndc reload
It may take anywhere from 24-48 hrs to propagate a domain across the internet. You can test your setup with the following command:
$ host -t ns theos.in
Sample output:

theos.in name server ns1.theos.in.
theos.in name server ns2.theos.in.

How To Find Hard Disk Revolutions Per Minute (RPM) Speed From A Shell Prompt

Q. How do I find out my SCSI hard disk RPM speed from a Linux shell prompt without opening my server case? How do I find out hard disk model and serial number from a shell prompt?

A. A typical desktop hard disk rotate at 7,200 revolutions per minute (RPM). A typical server hard disk spin at 10,000 or 15,000 rpm to achieve sequential media transfer speeds. You can use hard disk model number to obtain disk RPM. For example, a typical Seagat disk Model # ST373455SS can provide following information:

• ST - Brand identity
• 3 - Form Factor (3 = 3.5")
• 73 - Disk size / Capacity in GB i.e. 73GB
• 4 - Reserved for future use
• 5 - RPM ( 5 = 15k and 0 = 10K)
• 5 - Generation
• SS - Indicates interface i.e Serial Attached SCSI

How do I find out hard disk model and serial number?

Use any one of the following command from shell prompt to find out hard disk model number:
$ cat /proc/scsi/scsi
OR use scsi_id command to querys a SCSI device via the SCSI INQUIRY vital product data (VPD) page 0x80 or 0x83 and uses the resulting data to generate a value that is unique across all SCSI devices that properly support page 0x80 or page 0x83.
$ /sbin/scsi_id -g -p 0x80 -s /block/sdd
OR
$ sudo grep -i sdd /var/log/boot.log
OR use sginfo / scsiinfo command from sg3_utiles package, enter:
# sginfo -a /dev/sdd | more

scsiinfo or sg3_utils package

sg3_utils is a collection of Linux utilities for devices that use the SCSI command set. You can install by typing following command:
# yum install sg3_utils
If you are using Debian / Ubuntu Linux, enter:
$ sudo apt-get install sg3-utils

WARNING! Some of these tools access the internals of your hard disk system and the incorrect usage of them may render your system inoperable or loss of data possible.

Now you can use command sginfo with the -g switch to obtain information about hard disk cylinders, heads and RPM:
# sginfo -g /dev/sdd
Sample output:

Rigid Disk Geometry mode page (0x4)
-----------------------------------
Number of cylinders                74340
Number of heads                    2
Starting cyl. write precomp        0
Starting cyl. reduced current      0
Device step rate                   0
Landing Zone Cylinder              0
RPL                                0
Rotational Offset                  0
Rotational Rate                    15015

Finding out your hard disk RPM speed using manufactures website / product page

Once obtained hard disk model number, directly go to manufactures website and search for model to get detailed information.

Understanding CentOS Default -A RH-Firewall-1-INPUT -p 50 -j ACCEPT Firewall Rule

Q.Can you explain the meaning of following two firewall rules present in my /etc/sysconfig/iptables rules under CentOS Enterprise Linux version 5.2?
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT

A. This is related to Internet Protocol Security (IPsec) is a suite of protocols for securing Internet Protocol (IP) communications by authenticating and/or encrypting each IP packet in a data stream.
The -p option is used to specify protocol name such as tcp, udp, icmp or it can be a numeric value, representing one of these protocols or a different one. A protocol name from /etc/protocols is allowed. In short

• 50 is Encap Security Payload (esp / IPSEC-ESP ) protocol
• 51 is IPSEC-AH - Authentication Header protocol

Above two rules allowing IPsec communication i.e. IPSEC packets passed via your firewall. If you would like to block IPsec, change rules as follows:
-A RH-Firewall-1-INPUT -p 50 -j REJECT
-A RH-Firewall-1-INPUT -p 51 -j REJECT
Reload firewall, enter:
# service iptables restart
For further information refer to iptables man page and /etc/protocols:
man iptables

Sample /etc/protocols file

$ cat /etc/protocols
Output:

# Internet (IP) protocols
#
# Updated from http://www.iana.org/assignments/protocol-numbers and other
# sources.
# New protocols will be added on request if they have been officially
# assigned by IANA and are not historical.
# If you need a huge list of used numbers please install the nmap package.
ip      0       IP              # internet protocol, pseudo protocol number
#hopopt 0       HOPOPT          # IPv6 Hop-by-Hop Option [RFC1883]
icmp    1       ICMP            # internet control message protocol
igmp    2       IGMP            # Internet Group Management
ggp     3       GGP             # gateway-gateway protocol
ipencap 4       IP-ENCAP        # IP encapsulated in IP (officially ``IP'')
st      5       ST              # ST datagram mode
tcp     6       TCP             # transmission control protocol
egp     8       EGP             # exterior gateway protocol
igp     9       IGP             # any private interior gateway (Cisco)
pup     12      PUP             # PARC universal packet protocol
udp     17      UDP             # user datagram protocol
hmp     20      HMP             # host monitoring protocol
xns-idp 22      XNS-IDP         # Xerox NS IDP
rdp     27      RDP             # "reliable datagram" protocol
iso-tp4 29      ISO-TP4         # ISO Transport Protocol class 4 [RFC905]
xtp     36      XTP             # Xpress Transfer Protocol
ddp     37      DDP             # Datagram Delivery Protocol
idpr-cmtp 38    IDPR-CMTP       # IDPR Control Message Transport
ipv6    41      IPv6            # Internet Protocol, version 6
ipv6-route 43   IPv6-Route      # Routing Header for IPv6
ipv6-frag 44    IPv6-Frag       # Fragment Header for IPv6
idrp    45      IDRP            # Inter-Domain Routing Protocol
rsvp    46      RSVP            # Reservation Protocol
gre     47      GRE             # General Routing Encapsulation
esp     50      IPSEC-ESP       # Encap Security Payload [RFC2406]
ah      51      IPSEC-AH        # Authentication Header [RFC2402]
skip    57      SKIP            # SKIP
ipv6-icmp 58    IPv6-ICMP       # ICMP for IPv6
ipv6-nonxt 59   IPv6-NoNxt      # No Next Header for IPv6
ipv6-opts 60    IPv6-Opts       # Destination Options for IPv6
rspf    73      RSPF CPHB       # Radio Shortest Path First (officially CPHB)
vmtp    81      VMTP            # Versatile Message Transport
eigrp   88      EIGRP           # Enhanced Interior Routing Protocol (Cisco)
ospf    89      OSPFIGP         # Open Shortest Path First IGP
ax.25   93      AX.25           # AX.25 frames
ipip    94      IPIP            # IP-within-IP Encapsulation Protocol
etherip 97      ETHERIP         # Ethernet-within-IP Encapsulation [RFC3378]
encap   98      ENCAP           # Yet Another IP encapsulation [RFC1241]
#       99                      # any private encryption scheme
pim     103     PIM             # Protocol Independent Multicast
ipcomp  108     IPCOMP          # IP Payload Compression Protocol
vrrp    112     VRRP            # Virtual Router Redundancy Protocol
l2tp    115     L2TP            # Layer Two Tunneling Protocol [RFC2661]
isis    124     ISIS            # IS-IS over IPv4
sctp    132     SCTP            # Stream Control Transmission Protocol
fc      133     FC              # Fibre Channel

CentOS Linux Install Core Development Tools Automake, Gcc (C/C++), Perl, Python & Debuggers

Q. How do I install all developer tools such as GNU GCC C/C++ compilers, make and others, after installing CentOS from a shell prompt?

A. You need to install 'Development Tools' group. These tools include core development tools such as automake, gcc, perl, python, and debuggers:
=> flex
=> gcc
=> redhat-rpm-config
=> strace
=> rpm-build
=> make
=> pkgconfig
=> gettext
=> automake
=> strace64
=> gdb
=> bison
=> libtool
=> autoconf
=> gcc-c++
=> binutils and all dependencies.
Open termianl or login over ssh session and type the following command as root user:
# yum groupinstall 'Development Tools'
Sample output:

Loading "fastestmirror" plugin
Loading mirror speeds from cached hostfile
 * base: mirror.steadfast.net
 * updates: dist1.800hosting.com
 * addons: centos.mirrors.tds.net
 * extras: dist1.800hosting.com
Setting up Group Process
Loading mirror speeds from cached hostfile
 * base: mirror.steadfast.net
 * updates: dist1.800hosting.com
 * addons: centos.mirrors.tds.net
 * extras: dist1.800hosting.com
Package make - 1:3.81-3.el5.i386 already installed and latest version
Package gettext - 0.14.6-4.el5.i386 already installed and latest version
Package binutils - 2.17.50.0.6-6.el5.i386 already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package automake.noarch 0:1.9.6-2.1 set to be updated
---> Package frysk.i686 0:0.0.1.2008.03.19.rh1-1.el5 set to be updated
--> Processing Dependency: libgcj.so.7rh for package: frysk
--> Processing Dependency: glib-java >= 0.2.6 for package: frysk
---> Package autoconf.noarch 0:2.59-12 set to be updated
--> Processing Dependency: imake for package: autoconf
---> Package rcs.i386 0:5.7-30.1 set to be updated
---> Package strace.i386 0:4.5.16-1.el5.1 set to be updated
---> Package redhat-rpm-config.noarch 0:8.0.45-24.el5 set to be updated
---> Package elfutils.i386 0:0.125-3.el5 set to be updated
--> Processing Dependency: libdw.so.1 for package: elfutils
...........
....
..
Transaction Summary
=============================================================================
Install    105 Package(s)
Update       0 Package(s)
Remove       0 Package(s)
Total download size: 127 M
Is this ok [y/N]: y
Downloading Packages:
(1/105): python-numeric-2 100% |=========================| 751 kB    00:12
(2/105): xorg-x11-fonts-b 100% |=========================| 3.7 MB    01:03
(3/105): pfmon-3.2-0.0609 100% |=========================| 656 kB    00:10
(4/105): automake14-1.4p6 100% |=========================| 205 kB    00:03
(5/105): libtool-1.5.22-6 100% |=========================| 680 kB    00:11
(6/105): systemtap-0.6.2- 100% |=========================| 1.3 MB    00:22

Now you can compile and use any application on system.

Install RRDTool on Red Hat Enterprise Linux

Q. I've downloaded RRDTool package called rrdtool-1.3.1.tar.gz. But ./configure command giving out lots of error messages. How do I install RRDTool on Red Hat Enterprise Linux 5.x - 64 bit version?

A. RRD is the Acronym for Round Robin Database. RRD is a system to store and display time-series data (i.e. network bandwidth, machine-room temperature, server load average). It stores the data in a very compact way that will not expand over time, and it presents useful graphs by processing the data to enforce a certain data density. It can be used either via simple wrapper scripts (from shell or Perl) or via frontends that poll network devices and put a friendly user interface on it.

Installing RRDTool on RHEL

In order to install RRDTool on Red Hat Enterprise Linux / CentOS Linux 64 bit version you need to install few development tools and libraries.

Step # 1: Install required dependencies

Login as root and type the following command:
# yum install cairo-devel libxml2-devel pango-devel pango libpng-devel freetype freetype-devel libart_lgpl-devel
Sample output:

Loading "rhnplugin" plugin
Loading "security" plugin
rhel-x86_64-server-vt-5   100% |=========================| 1.4 kB    00:00
rhn-tools-rhel-x86_64-ser 100% |=========================| 1.2 kB    00:00
rhel-x86_64-server-5      100% |=========================| 1.4 kB    00:00
Setting up Install Process
Parsing package install arguments
Package libxml2-devel - 2.6.26-2.1.2.1.x86_64 is already installed.
Package libxml2-devel - 2.6.26-2.1.2.1.i386 is already installed.
Package pango - 1.14.9-3.el5.i386 is already installed.
Package pango - 1.14.9-3.el5.x86_64 is already installed.
Package freetype - 2.2.1-20.el5_2.i386 is already installed.
Package freetype - 2.2.1-20.el5_2.x86_64 is already installed.
Resolving Dependencies
--> Running transaction check
---> Package libart_lgpl-devel.x86_64 0:2.3.17-4 set to be updated
---> Package pango-devel.i386 0:1.14.9-3.el5 set to be updated
--> Processing Dependency: libXft-devel for package: pango-devel
--> Processing Dependency: libXrender-devel for package: pango-devel
--> Processing Dependency: libXext-devel for package: pango-devel
--> Processing Dependency: libX11-devel for package: pango-devel
--> Processing Dependency: fontconfig-devel >= 2.0 for package: pango-devel
---> Package pango-devel.x86_64 0:1.14.9-3.el5 set to be updated
---> Package freetype-devel.x86_64 0:2.2.1-20.el5_2 set to be updated
---> Package libpng-devel.i386 2:1.2.10-7.1.el5_0.1 set to be updated
---> Package cairo-devel.x86_64 0:1.2.4-5.el5 set to be updated
---> Package libpng-devel.x86_64 2:1.2.10-7.1.el5_0.1 set to be updated
---> Package cairo-devel.i386 0:1.2.4-5.el5 set to be updated
---> Package libart_lgpl-devel.i386 0:2.3.17-4 set to be updated
--> Processing Dependency: libart_lgpl_2.so.2 for package: libart_lgpl-devel
---> Package freetype-devel.i386 0:2.2.1-20.el5_2 set to be updated
--> Running transaction check
---> Package libXrender-devel.i386 0:0.9.1-3.1 set to be updated
--> Processing Dependency: xorg-x11-proto-devel for package: libXrender-devel
---> Package libXft-devel.i386 0:2.1.10-1.1 set to be updated
---> Package libX11-devel.i386 0:1.0.3-9.el5 set to be updated
--> Processing Dependency: libXdmcp-devel for package: libX11-devel
--> Processing Dependency: libXau-devel for package: libX11-devel
---> Package fontconfig-devel.i386 0:2.4.1-7.el5 set to be updated
---> Package libart_lgpl.i386 0:2.3.17-4 set to be updated
---> Package libXext-devel.i386 0:1.0.1-2.1 set to be updated
--> Running transaction check
---> Package xorg-x11-proto-devel.i386 0:7.1-9.fc6 set to be updated
--> Processing Dependency: mesa-libGL-devel for package: xorg-x11-proto-devel
---> Package libXdmcp-devel.i386 0:1.0.1-2.1 set to be updated
---> Package libXau-devel.i386 0:1.0.1-3.1 set to be updated
--> Running transaction check
---> Package mesa-libGL-devel.i386 0:6.5.1-7.5.el5 set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
=============================================================================
 Package                 Arch       Version          Repository        Size
=============================================================================
Installing:
 libart_lgpl-devel       x86_64     2.3.17-4         rhel-x86_64-server-5   21 k
 libart_lgpl-devel       i386       2.3.17-4         rhel-x86_64-server-5   21 k
 pango-devel             i386       1.14.9-3.el5     rhel-x86_64-server-5  280 k
 pango-devel             x86_64     1.14.9-3.el5     rhel-x86_64-server-5  281 k
Installing for dependencies:
 cairo-devel             x86_64     1.2.4-5.el5      rhel-x86_64-server-5  131 k
 cairo-devel             i386       1.2.4-5.el5      rhel-x86_64-server-5  130 k
 fontconfig-devel        i386       2.4.1-7.el5      rhel-x86_64-server-5  168 k
 freetype-devel          x86_64     2.2.1-20.el5_2   rhel-x86_64-server-5  151 k
 freetype-devel          i386       2.2.1-20.el5_2   rhel-x86_64-server-5  151 k
 libX11-devel            i386       1.0.3-9.el5      rhel-x86_64-server-5  665 k
 libXau-devel            i386       1.0.1-3.1        rhel-x86_64-server-5   11 k
 libXdmcp-devel          i386       1.0.1-2.1        rhel-x86_64-server-5  7.6 k
 libXext-devel           i386       1.0.1-2.1        rhel-x86_64-server-5   57 k
 libXft-devel            i386       2.1.10-1.1       rhel-x86_64-server-5   16 k
 libXrender-devel        i386       0.9.1-3.1        rhel-x86_64-server-5  8.9 k
 libart_lgpl             i386       2.3.17-4         rhel-x86_64-server-5   76 k
 libpng-devel            i386       2:1.2.10-7.1.el5_0.1  rhel-x86_64-server-5  182 k
 libpng-devel            x86_64     2:1.2.10-7.1.el5_0.1  rhel-x86_64-server-5  186 k
 mesa-libGL-devel        i386       6.5.1-7.5.el5    rhel-x86_64-server-5  465 k
 xorg-x11-proto-devel    i386       7.1-9.fc6        rhel-x86_64-server-5  247 k
Transaction Summary
=============================================================================
Install     20 Package(s)
Update       0 Package(s)
Remove       0 Package(s)
Total download size: 3.2 M
Is this ok [y/N]:
Downloading Packages:
(1/20): libXext-devel-1.0 100% |=========================|  57 kB    00:00
(2/20): freetype-devel-2. 100% |=========================| 151 kB    00:00
(3/20): libXau-devel-1.0. 100% |=========================|  11 kB    00:00
(4/20): libart_lgpl-devel 100% |=========================|  21 kB    00:00
(5/20): libart_lgpl-2.3.1 100% |=========================|  76 kB    00:00
(6/20): cairo-devel-1.2.4 100% |=========================| 130 kB    00:00
(7/20): libpng-devel-1.2. 100% |=========================| 186 kB    00:00
(8/20): cairo-devel-1.2.4 100% |=========================| 131 kB    00:00
(9/20): fontconfig-devel- 100% |=========================| 168 kB    00:00
(10/20): mesa-libGL-devel 100% |=========================| 465 kB    00:01
(11/20): libXdmcp-devel-1 100% |=========================| 7.6 kB    00:00
(12/20): libpng-devel-1.2 100% |=========================| 182 kB    00:00
(13/20): libX11-devel-1.0 100% |=========================| 665 kB    00:02
(14/20): freetype-devel-2 100% |=========================| 151 kB    00:00
(15/20): libXft-devel-2.1 100% |=========================|  16 kB    00:00
(16/20): pango-devel-1.14 100% |=========================| 281 kB    00:01
(17/20): pango-devel-1.14 100% |=========================| 280 kB    00:01
(18/20): libXrender-devel 100% |=========================| 8.9 kB    00:00
(19/20): libart_lgpl-deve 100% |=========================|  21 kB    00:00
(20/20): xorg-x11-proto-d 100% |=========================| 247 kB    00:01
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing: libart_lgpl                  ####################### [ 1/20]
  Installing: freetype-devel               ####################### [ 2/20]
  Installing: fontconfig-devel             ####################### [ 3/20]
  Installing: libpng-devel                 ####################### [ 4/20]
  Installing: libXau-devel                 ####################### [ 5/20]
  Installing: libart_lgpl-devel            ####################### [ 6/20]
  Installing: libart_lgpl-devel            ####################### [ 7/20]
  Installing: libpng-devel                 ####################### [ 8/20]
  Installing: freetype-devel               ####################### [ 9/20]
  Installing: xorg-x11-proto-devel         ####################### [10/20]
  Installing: libX11-devel                 ####################### [11/20]
  Installing: libXrender-devel             ####################### [12/20]
  Installing: libXft-devel                 ####################### [13/20]
  Installing: cairo-devel                  ####################### [14/20]
  Installing: libXext-devel                ####################### [15/20]
  Installing: pango-devel                  ####################### [16/20]
  Installing: pango-devel                  ####################### [17/20]
  Installing: libXdmcp-devel               ####################### [18/20]
  Installing: mesa-libGL-devel             ####################### [19/20]
  Installing: cairo-devel                  ####################### [20/20]
Installed: libart_lgpl-devel.x86_64 0:2.3.17-4 libart_lgpl-devel.i386 0:2.3.17-4 pango-devel.i386 0:1.14.9-3.el5 pango-devel.x86_64 0:1.14.9-3.el5
Dependency Installed: cairo-devel.x86_64 0:1.2.4-5.el5 cairo-devel.i386 0:1.2.4-5.el5 fontconfig-devel.i386 0:2.4.1-7.el5 freetype-devel.x86_64 0:2.2.1-20.el5_2 freetype-devel.i386 0:2.2.1-20.el5_2 libX11-devel.i386 0:1.0.3-9.el5 libXau-devel.i386 0:1.0.1-3.1 libXdmcp-devel.i386 0:1.0.1-2.1 libXext-devel.i386 0:1.0.1-2.1 libXft-devel.i386 0:2.1.10-1.1 libXrender-devel.i386 0:0.9.1-3.1 libart_lgpl.i386 0:2.3.17-4 libpng-devel.i386 2:1.2.10-7.1.el5_0.1 libpng-devel.x86_64 2:1.2.10-7.1.el5_0.1 mesa-libGL-devel.i386 0:6.5.1-7.5.el5 xorg-x11-proto-devel.i386 0:7.1-9.fc6
Complete!

Step # 2: Download latest rrdtool tar ball

Type the following commands:
# cd /opt/
# wget http://oss.oetiker.ch/rrdtool/pub/rrdtool-1.3.1.tar.gz
Untar tar ball, enter:
# tar -zxvf rrdtool-1.3.1.tar.gz

Step #3: Compile and install rrdtool

You need to set PKG_CONFIG_PATH, enter:
# export PKG_CONFIG_PATH=/usr/lib/pkgconfig/
Type the following commands:
# ./configure
Sample output:

config.status: executing default-1 commands
config.status: executing intltool commands
config.status: executing default commands
config.status: executing po/stamp-it commands
checking in... and out again
ordering CD from http://tobi.oetiker.ch/wish .... just kidding ;-)
----------------------------------------------------------------
Config is DONE!
          With MMAP IO: yes
       Static programs: no
          Perl Modules: perl_piped perl_shared
           Perl Binary: /usr/bin/perl
          Perl Version: 5.8.8
          Perl Options: PREFIX=/usr/local/rrdtool-1.3.1 LIB=/usr/local/rrdtool-1.3.1/lib/perl/5.8.8
          Ruby Modules:
           Ruby Binary: no
          Ruby Options: sitedir=$(DESTDIR)NONE/lib/ruby
    Build Tcl Bindings: no
 Build Python Bindings: yes
          Build rrdcgi: yes
       Build librrd MT: yes
     Link with libintl: yes
             Libraries: -lxml2 -lcairo -lcairo -lcairo -lm  -lcairo -lpng12   -lpangocairo-1.0 -lpango-1.0 -lcairo -lgobject-2.0 -lgmodule-2.0 -ldl -lglib-2.0
Type 'make' to compile the software and use 'make install' to
install everything to: /usr/local/rrdtool-1.3.1.
       ... that wishlist is NO JOKE. If you find RRDtool useful
make me happy. Go to http://tobi.oetiker.ch/wish and
place an order.
                               -- Tobi Oetiker 
----------------------------------------------------------------

Now compile and install RRDTool on RHEL:
# make
# make install
# cd /usr/local/
# ln -s rrdtool-1.3.1/ rrdtool/
# cd rrdtool
# ls -l

How do I verify my installation?

Now RRDtool is installed and ready to use. You can go to /usr/local/rrdtool/share/rrdtool/examples/ directory and run them to see if your installation has been successful or not:
# cd /usr/local/rrdtool/share/rrdtool/examples/
# ./stripes.pl
# ls -l
# cp stripes.png /var/www/html/

Fire a web browser and see a graph for yourself by typing the following url:
http://your-domain.com/stripes.png

(Fig.01: Sample RRDTool Graph)

Optional compile time settings

By default RRDTool will get installed at /usr/local/rrdtool-1.3.1/ directory. To change default installation directory use following command:
# ./configure --prefix=/usr/local/rrdtool
# make install
To see all compile configuration option enter:
# ./configure --help

Install ntop on Red Hat Enterprise Linux / CentOS Linux

Q. ntop is a network probe that shows network usage in a way similar to what top does for processes. How do I install latest version of ntop on RHEL 5.x systems?

A. ntop is a network and traffic analyzer that provides a wealth of information on various networking hosts and protocols. ntop is primarily accessed via a built-in web interface.
Following instructions are tested on 32/64 bit versions only:
a) RHEL Linux 5.x
b) CentOS Linux 5.x

Download latest ntop

Visit ntop project to grab latest version. You can use wget to grab the same, enter:
# cd /opt
# wget http://freshmeat.net/redir/ntop/7279/url_tgz/ntop-3.3.6.tar.gz
Untar tar ball, enter:
# tar -zxvf ntop-3.3.6.tar.gz

Configure and Compile ntop under RHEL

You must have RRDTool installed. You also need to install libpcap, enter:
# yum install libpcap-devel libpcap
Type the following commands to compile and install ntop:
# cd ntop
# ./autogen.sh
Just type make to compile ntop:
# make
Just type make install to install ntop:
# make install
# make install-data-as

Create ntop user

Type the following command to run ntop as ntop user, enter:
# useradd -M -s /sbin/nologin -r ntop

Setup directory permissions

Next, you need to setup directory permissions, enter:
# chown ntop:root /usr/local/var/ntop/
# chown ntop:ntop /usr/local/share/ntop/

Setup ntop user admin password

Type the following command to set ntop admin password, enter:
# ntop -A
Sample output:

Mon Jul 28 03:38:34 2008  NOTE: Interface merge enabled by default
Mon Jul 28 03:38:34 2008  Initializing gdbm databases
ntop startup - waiting for user response!
Please enter the password for the admin user:
Please enter the password again:
Mon Jul 28 03:38:42 2008  Admin user password has been set

Start ntop

Type the following command to start ntop:
# /usr/local/bin/ntop -d -L -u ntop -P /usr/local/var/ntop --skip-version-check --use-syslog=daemon
Sample output:

Mon Jul 28 03:42:19 2008  NOTE: Interface merge enabled by default
Mon Jul 28 03:42:19 2008  Initializing gdbm databases

If you have multiple interface (eth0, eth1 and so on), start ntop as follows:
# /usr/local/bin/ntop -i "eth0,eth1" -d -L -u ntop -P /usr/local/var/ntop --skip-version-check --use-syslog=daemon
Where,

• -i "eth0,eth1" : Specifies the network interface or interfaces to be used by ntop for network monitoring. Here you are monitoring eth0 and eth1.
• -d : Run ntop as a daemon.
• -L : Send all log messages to the system log (/var/log/messages) instead of screen.
• -u ntop : Start ntop as ntop user
• -P /usr/local/var/ntop : Specify where ntop stores database files. You may need to backup database as part of your disaster recovery program.
• --skip-version-check : By default, ntop accesses a remote file to periodically check if the most current version is running. This option disables that check.
• --use-syslog=daemon : Use syslog daemon.

How do I view ntop stats?

By default ntop listen on 3000 port. You can view ntop stats by visiting following url:
http://localhost:3000/
OR
http://server-ip:3000/

(Fig.01: ntop Global TCP/UDP Protocol Distribution Graphs [click to enlarge])

(Fig.02: Network Load Statistics (click to enlarge])

Open port 3000 using iptables

Open /etc/sysconfig/iptables file, enter:
# vi /etc/sysconfig/iptables
Append following code before final REJECT line:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 3000 -j ACCEPT
Save and close the file. Restart firewall:
# service iptables restart

How do I view ntop stats without opening port 3000?

Setup simple tunnel using ssh, enter the following on your local UNIX / Linux desktop system:
$ ssh -L 3000:localhost:3000 -N -f user@server.yourcorp.com
Now open browser and type the following command:
http://localhost:3000/

How do I start ntop on boot?

Open /etc/rc.local file, enter:
# vi /etc/rc.local
Append the following line:
/usr/local/bin/ntop -i "eth0,eth1" -d -L -u ntop -P /usr/local/var/ntop --skip-version-check --use-syslog=daemon
Save and close the file.

How do I stop ntop?

Use web interface to shutdown ntop, or use normal kill / killall command:
# killall ntop

Red Hat / CentOS Linux: Explain Use of Network Interface virbr0

Q. I've installed Red Hat Enterprise Linux 5.2 and I see virbr0 network interface along with my eth0 interface? What it is? How do I disable or remove virbr0?

A. virbr0 is xen interface used by Virtualization guest and host oses for network communication. Following are the packages under Red Hat / CentOS Linux:
Group: Virtualization
Description: Virtualization Support.
Mandatory Packages:
=> xen
=> kernel-xen
Default Packages:
=> virt-manager
=> Virtualization-en-US
=> gnome-applet-vm
=> libvirt
You can disable virbr0 if you don't need xen Virtualization support, enter:
# yum groupremove "Virtualization"
Sample output:

Loading "rhnplugin" plugin
Loading "security" plugin
Setting up Group Process
rhel-x86_64-server-vt-5   100% |=========================| 1.4 kB    00:00
rhn-tools-rhel-x86_64-ser 100% |=========================| 1.2 kB    00:00
rhel-x86_64-server-5      100% |=========================| 1.4 kB    00:00
No package matched to remove
No package matched to remove
No package matched to remove
No package matched to remove
No package matched to remove
Resolving Dependencies
--> Running transaction check
---> Package libvirt.x86_64 0:0.3.3-7.el5 set to be erased
--> Processing Dependency: libvirt.so.0()(64bit) for package: libvirt-python
--> Processing Dependency: libvirt = 0.3.3 for package: libvirt-python
--> Running transaction check
---> Package libvirt-python.x86_64 0:0.3.3-7.el5 set to be erased
--> Processing Dependency: libvirt-python for package: rhn-virtualization-host
--> Running transaction check
---> Package rhn-virtualization-host.noarch 0:1.0.1-55 set to be erased
--> Finished Dependency Resolution
Dependencies Resolved
=============================================================================
 Package                 Arch       Version          Repository        Size
=============================================================================
Removing:
 libvirt                 x86_64     0.3.3-7.el5      installed         3.4 M
Removing for dependencies:
 libvirt-python          x86_64     0.3.3-7.el5      installed         230 k
 rhn-virtualization-host  noarch     1.0.1-55         installed         155 k
Transaction Summary
=============================================================================
Install      0 Package(s)
Update       0 Package(s)
Remove       3 Package(s)
Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Erasing   : libvirt-python               ######################### [1/3]
  Erasing   : rhn-virtualization-host      ######################### [2/3]
Stopping crond: [  OK  ]
Starting crond: [  OK  ]
  Erasing   : libvirt                      ######################### [3/3]
Removed: libvirt.x86_64 0:0.3.3-7.el5
Dependency Removed: libvirt-python.x86_64 0:0.3.3-7.el5 rhn-virtualization-host.noarch 0:1.0.1-55
Complete!

PHP.INI settings: Disable exec, shell_exec, system, popen and Other Functions To Improve Security

Q. I run a small Apache based webserver for my personal use and it is shared with friends and family. However, most script kiddie try to exploit php application such as wordpress using exec() , passthru() , shell_exec() , system() etc functions. How do I disable these functions to improve my php script security?

A. PHP has a lot of functions which can be used to crack your server if not used properly. You can set list of functions in php.ini using disable_functions directive. This directive allows you to disable certain functions for security reasons. It takes on a comma-delimited list of function names. disable_functions is not affected by Safe Mode. This directive must be set in php.ini For example, you cannot set this in httpd.conf.
Open php.ini file:
# vi /etc/php.ini
Find disable_functions and set new list as follows:
disable_functions =exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source
Save and close the file. Restart httpd:
# service httpd restart

Linux Error: curses.h: No such file or directory Problem Solution

Q. I see following error when I run make command to install specific software:
curses.h: No such file or directory Problem Solution
How do I fix this error under Red Hat Enterprise Linux (RHEL) or CentOS / Fedora Linux?

A.. You need to install the curses library which include routines for a terminal-independent method of updating character screens with reasonable optimization. The ncurses (new curses) library is a freely distributable replacement for the
discontinued 4.4 BSD classic curses library.

Fix this error under RHEL / Fedora / CentOS Linux

Type the following command at a shell prompt as root user:
# yum install ncurses-devel ncurses
Sample output:

Loading "downloadonly" plugin
Loading "rhnplugin" plugin
Loading "security" plugin
rhel-x86_64-server-vt-5   100% |=========================| 1.2 kB    00:00
rhel-x86_64-server-5      100% |=========================| 1.2 kB    00:00
Setting up Install Process
Parsing package install arguments
Package ncurses - 5.5-24.20060715.x86_64 is already installed.
Package ncurses - 5.5-24.20060715.i386 is already installed.
Resolving Dependencies
--> Running transaction check
---> Package ncurses-devel.x86_64 0:5.5-24.20060715 set to be updated
---> Package ncurses-devel.i386 0:5.5-24.20060715 set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
=============================================================================
 Package                 Arch       Version          Repository        Size
=============================================================================
Installing:
 ncurses-devel           x86_64     5.5-24.20060715  rhel-x86_64-server-5  1.7 M
 ncurses-devel           i386       5.5-24.20060715  rhel-x86_64-server-5  1.6 M
Transaction Summary
=============================================================================
Install      2 Package(s)
Update       0 Package(s)
Remove       0 Package(s)
Total download size: 3.3 M
Is this ok [y/N]: y
Downloading Packages:
(1/2): ncurses-devel-5.5- 100% |=========================| 1.6 MB    00:01
(2/2): ncurses-devel-5.5- 100% |=========================| 1.7 MB    00:01
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing: ncurses-devel                ######################### [1/2]
  Installing: ncurses-devel                ######################### [2/2]
Installed: ncurses-devel.x86_64 0:5.5-24.20060715 ncurses-devel.i386 0:5.5-24.20060715
Complete!

Fix this error under Debian / Ubuntu Linux

Open terminal and type the following command to install ncurses:
$ sudo apt-get install libncurses5-dev libncursesw5-dev
Now you should able to compile any program under Linux.