some vbscript for Nagios checks

Detect if media is connected to a interface:



aStatusStr = Split("Disconnected,Connecting,Connected,Disconnecting," _
& "Hardware not present,Hardware disabled,Hardware malfunction," _
& "Media disconnected,Authenticating,Authentication succeeded," _
& "Authentication failed,Invalid address,Credentials required", ",")

strComputer = "."
Set oWMI = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer _
& "\root\cimv2")

Set cItems = oWMI.ExecQuery("Select * from Win32_NetworkAdapter"_
& " where AdapterTypeID = 0") ' 0 = Ethernet 802.3

For Each oItem in cItems
''if Instr(oItem.NetConnectionID, "LAN") > 0 then

if oItem.NetConnectionID <> "" then

output = output & oItem.NetConnectionID & ": "_
& aStatusStr(oItem.NetConnectionStatus) & " * "

End if
''End if
Next

Wsh.echo output
WScript.Quit(0)
''' Source: http://msdn.microsoft.com/en-us/library/aa394216%28VS.85%29.aspx




Detect which node is the Active and Passive in a Windows Cluster environment:



set WshShell = CreateObject( "WScript.Shell" )

Set objNet = CreateObject("WScript.NetWork")

Dim strComputerName
strComputerName = objNet.ComputerName


sExe = "cluster resource ""cluster ip address"""
with CreateObject("WScript.Shell")
with .Exec(sExe)
with .StdOut
do until .AtEndofStream
s = s & Replace(.ReadLine, vbcr, "") _
& vbNewLine
Loop
end with ' StdOut
end with ' Exec
end with ' Shell

'wsh.echo s
Result = InStr(1, s, strComputerName, VBTEXTCOMPARE)


if Result <> 0 then
WScript.echo strComputerName & " is the ACTIVE"
Else
WScript.echo strComputerName & " is the PASSIVE"
end if

WScript.Quit(0)


Resizing physical disk and logical volumes

This is a VM which had the HD resized. Now it's time to resize the LVM partition, actually you don't do that, you will resize the PV.

sles11_php:~ # fdisk -l /dev/sda

Disk /dev/sda: 16.1 GB, 16106127360 bytes
255 heads, 63 sectors/track, 1958 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x0005035d

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           2           9       64260   83  Linux
/dev/sda2              10          74      522112+  82  Linux swap / Solaris
/dev/sda3              75        1958    15133230   8e  Linux LVM

Here you can see sda3 now with 15Gb

Now it's time to resize the PV

sles11_php:~ # pvdisplay
  --- Physical volume ---
  PV Name               /dev/sda3
  VG Name               VGroot
  PV Size               9.43 GB / not usable 263.50 KB
  Allocatable           yes
  PE Size (KByte)       4096
  Total PE              2414
  Free PE               238
  Allocated PE          2176
  PV UUID               LGgBQf-sw8J-fbnu-1EHL-0z1G-J31k-eAJoXc

sles11_php:~ # pvscan
  PV /dev/sda3   VG VGroot   lvm2 [9.43 GB / 952.00 MB free]
  Total: 1 [9.43 GB] / in use: 1 [9.43 GB] / in no VG: 0 [0   ]

sles11_php:~ # pvresize /dev/sda3
  Physical volume "/dev/sda3" changed
  1 physical volume(s) resized / 0 physical volume(s) not resized

sles11_php:~ # pvdisplay
  --- Physical volume ---
  PV Name               /dev/sda3
  VG Name               VGroot
  PV Size               14.43 GB / not usable 2.36 MB
  Allocatable           yes
  PE Size (KByte)       4096
  Total PE              3694
  Free PE               1518
  Allocated PE          2176
  PV UUID               LGgBQf-sw8J-fbnu-1EHL-0z1G-J31k-eAJoXc

sles11_php:~ #


sles11_php:~ # vgdisplay
  --- Volume group ---
  VG Name               VGroot
  System ID
  Format                lvm2
  Metadata Areas        1
  Metadata Sequence No  8
  VG Access             read/write
  VG Status             resizable
  MAX LV                0
  Cur LV                6
  Open LV               6
  Max PV                0
  Cur PV                1
  Act PV                1
  VG Size               14.43 GB
  PE Size               4.00 MB
  Total PE              3694
  Alloc PE / Size       2176 / 8.50 GB
  Free  PE / Size       1518 / 5.93 GB
  VG UUID               CexmBK-uOq6-fnjo-qxFV-SIWW-04ZM-LENpdq

The VG didn't need any changes.

sles11_php:~ # lvresize -l +50%FREE /dev/VGroot/LVusr
  Extending logical volume LVusr to 5.46 GB
  Logical volume LVusr successfully resized



sles11_php:~ # df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/VGroot-LVroot
                     1014M  357M  658M  36% /
udev                  248M  104K  247M   1% /dev
/dev/sda1              61M   16M   42M  28% /boot
/dev/mapper/VGroot-LVhome
                     1014M  4.3M 1010M   1% /home
/dev/mapper/VGroot-LVopt
                     1014M   60M  955M   6% /opt
/dev/mapper/VGroot-LVtmp
                     1014M  5.5M 1009M   1% /tmp
/dev/mapper/VGroot-LVusr
                      2.5G  2.4G  140M  95% /usr
/dev/mapper/VGroot-LVvar
                      2.0G  235M  1.8G  12% /var


sles11_php:~ # xfs_growfs  /usr/
meta-data=/dev/mapper/VGroot-LVusr isize=256    agcount=4, agsize=163840 blks
         =                       sectsz=512   attr=2
data     =                       bsize=4096   blocks=655360, imaxpct=25
         =                       sunit=0      swidth=0 blks
naming   =version 2              bsize=4096   ascii-ci=0
log      =internal               bsize=4096   blocks=2560, version=2
         =                       sectsz=512   sunit=0 blks, lazy-count=0
realtime =none                   extsz=4096   blocks=0, rtextents=0
data blocks changed from 655360 to 1432576



sles11_php:~ # df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/VGroot-LVroot
                     1014M  357M  658M  36% /
udev                  248M  104K  247M   1% /dev
/dev/sda1              61M   16M   42M  28% /boot
/dev/mapper/VGroot-LVhome
                     1014M  4.3M 1010M   1% /home
/dev/mapper/VGroot-LVopt
                     1014M   60M  955M   6% /opt
/dev/mapper/VGroot-LVtmp
                     1014M  5.5M 1009M   1% /tmp
/dev/mapper/VGroot-LVusr
                      5.5G  2.4G  3.2G  44% /usr
/dev/mapper/VGroot-LVvar
                      2.0G  235M  1.8G  12% /var

Here is a list of tools you need to extend each partition's type:

http://tldp.org/HOWTO/LVM-HOWTO/extendlv.html


An excellent howto in LVM:
http://www.ibiblio.org/pub/Linux/docs/HOWTO/other-formats/html_single/LVM-HOWTO.html

samba binding only a specifig interface

Tip: If your box has multiple NICs, you may not want Samba to broadcast its presence on both interfaces. To make it only use one IP add the following, in [global]:

interfaces = [interface_ip]/32 127.0.0.1/8
bind only interfaces = yes

Managing cached connections

I'm developing a script to failover different links when one of them fails. After some tests I could see some strange behavior. After changing the routing table, flushing the route cache, removing the NAT rule and creating a new one to satisfy the new link, the packets were going out through the new interface(specified in the new route) but using the translated IP address of the old NAT rule.

After some research I found out that linux kernel keeps a kind of cache for all connections, maybe just the NATed ones?!

The nice thing is you can see this table:

cat /proc/net/ip_conntrack

The netfilter team also developed a tool to manage this table, flush, list, delete, add entries, etc.
It's called conntrack-tools. It's a replacement for the /proc interface. What you will need is to compile and install the following:


libnfnetlink
libnetfilter_conntrack
conntrack-tools

You can download all the sources from:
http://conntrack-tools.netfilter.org/downloads.html

After installed you can call the conntrack binary.
I.e.:

conntrack -L -d x.x.x.x

The above command list all entries with x.x.x.x destination IP.

conntrack -F

The above command flushes the whole table. That's exactly what I have to do in order in my fail-over scripts.

conntrack -L -m 11

If you're using the MARK target in any iptables rule you can check out if the packets are being marked correctly with the above command. This command list all the connections with mark=11(-j MARK --set-mark 11)

References:

http://linux.derkeiler.com/Mailing-Lists/Debian/2005-08/3411.html
http://lists.netfilter.org/pipermail/netfilter-devel/2002-October/009530.html
http://mailman.ds9a.nl/pipermail/lartc/2003q1/007249.html
http://linux.die.net/man/8/conntrack
http://www.mail-archive.com/netfilter-devel@lists.samba.org/msg01394.html
http://conntrack-tools.netfilter.org/downloads.html

customizing ls time output

ls -l --time-style="+%d-%m-%Y %H:%M:%S" /var/log/xxxxxxx

It's the same syntax used by date command

Compilation stuff

./configure
....
checking lex library... -lfl
checking whether yytext is a pointer... yes
checking for bison... bison -y
checking for pkg-config... yes
checking for pkg-config... /usr/bin/pkg-config
checking pkg-config is at least version 0.9.0... yes
checking for LIBNFNETLINK... no
configure: error: Cannot find libnfnetlink >= 1.0.0

However libnfnetlink was installed.

# ls /usr/local/lib/pkgconfig/
libnetfilter_conntrack.pc libnfnetlink.pc

# pkg-config --libs libnfnetlink
Package libnfnetlink was not found in the pkg-config search path.
Perhaps you should add the directory containing `libnfnetlink.pc'
to the PKG_CONFIG_PATH environment variable
No package 'libnfnetlink' found


# PKG_CONFIG_PATH=/usr/local/lib/pkgconfig/ pkg-config --libs libnfnetlink
-L/usr/local/lib -lnfnetlink


Solution:
PKG_CONFIG_PATH=/usr/local/lib/pkgconfig/ ./configure

Download RPM's from yum repos

Use:

yumdownloader packagename

yumdownloader is included in yum-utils package

Playing with ip command

ip -o -s -s route show table cache

Existe um tabela chamada "cache" que nem preciso dizer que ela contém o cache :)

com a opção -s é exibido a idade(age), em segundos, daquela entrada, quantas vezes aquela regra foi usada(used), etc.

A opção -o é só pra mostra tudo em uma linha só. Fica mais fácil de fazer grep ou wc -l

A idade é zerada toda vez que aquela regra é usada e a o valor used é incrementado.

Não consegui determinar de quanto em quanto tempo essa tabela é esvaziada. Apenas determinei que de tempos em tempos ela é completamente zerada e reiniciada. Uma vez que eu acompanhei demorou algo em torno de 8 minutos, de uma outra vez 3:30min, depois 4 min cravados. Então o mais certo é: vai saber né?

o importante é lembrar que quando se alterar rotas ou rules é importante limpar essa tabela de cache com o comando:

ip route flush cache

ou

ip r f c

Do contrário você vai morrer tentando e não vai entender o comportamento do seu linux roteando.


Vou só incluir alguns comando aqui de exemplo que serão úteis logo logo:

ip rule show

ip rule add from 192.168.0.0/24 table 10
ou
ip rule add from 192.168.0.0/24 table dez
ou
ip rule add from 192.168.0.0/24 lookup 10
ou
ip rule add from 192.168.0.0/24 table dez

Observações:
lookup ou table podem ser usado interchangeable.

o Nome ou número da tabela no arquivo /etc/iproute2/rt_tables também podem ser usados interchangeable.

ip rule from 10.1.1.0/22 lookup WAN
ip rule to 200.0.0.1/24 lookup ADSL


Usando marcas(lembrando que o pacote não é alterado de forma alguma, essa marcação quem toma conta é o kernel, como se fosse NAT, pois existem uma tabela, porém no NAT o pacote ainda é alterado, nesse caso não):

iptables -t mangle -A PREROUTING -s 192.168.0.0/24 -j MARK --set-mark 10
ip rule add fwmark 10 table GVT

Se você realmente deseja alterar o pacote deve usar o alvo TOS do iptables(não testei):


iptables -t mangle -A PREROUTING -s 192.168.0.0/24 -j TOS --set-tos 0x10

tente: iptables -j TOs -h para descobrir as opções do --set-tos

ip rule add tos 0x10 lookup 10


Quando você for listar as rules você verá que surge na tela 'lowdelay' ao invés do valor 0x10. Isso porque o ip traduz e/ou mapeia isso de acordo com o arquivo /etc/iproute2/rt_dsfield

ip route get 192.168.1.55

Will pretend sending a packet to this destination resolve and get back the route that will be used to reach the destination. It actually creates an entry into the cache table. Check it out with ip route show cache

As the manual says it's equivalent to send a ping and running ip route show cache.