xmobar example

If you are using xmonad as your desktop manager, with xmobar then you can try this example.

In you home directory edit ~.xmobarcc with you preferred editor.


vim .xmobarrc
Config { font = "-*-Fixed-Bold-R-Normal-*-13-*-*-*-*-*-*-*"
       , bgColor = "black"
       , fgColor = "grey"
       , position = TopW L 90
       , commands = [ Run Weather "LJLJ" ["-t"," C","-L","64","-H","77","--normal","green","--high","red","--low","lightblue"] 36000
                    , Run Cpu ["-L","3","-H","50","--normal","green","--high","red"] 10
                    , Run Network "wlan1" ["-L","0","-H","32","--normal","green","--high","red"] 10
                    , Run Memory ["-t","Mem: %"] 10
                    , Run Swap [] 10
                    , Run Date "%a %b %_d %l:%M" "date" 10
                    , Run Battery ["-t","Batt: % / ","-L","25","-H","75","-h","green","-n","yellow","-l","red","--","-c","energy_full"] 10
                    , Run StdinReader
                    , Run CommandReader "/usr/bin/ledmon" "LED"
                    ]
       , sepChar = "%"
       , alignSep = "}{"
       , template = "%StdinReader% }{ %LED% %cpu% | %battery% | %memory% * %swap% | %wlan1%   %date% | %LJLJ%"
       }

nm-applet connection error

ERROR:

While connecting with nm-applet on debian wheezy system to wireless network popups error;

Failed to add/activate connection: (32) Insufficient privileges.

SOLUTION:
1. Create a file…
# vim /etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla

+ add content
***********
[nm-applet]
Identity=unix-group:netdev
Action=org.freedesktop.NetworkManager.*
ResultAny=yes
ResultInactive=no
ResultActive=yes
******************************************
2. Restart system

# reboot 

Wireless now works (nm-applet). 🙂

PREREQUISITES:
User must be in netdev group.

URL: found on pastebin.com

Replace stack member

SCENARIO:
Two Cisco 3750 series switches in stack.
Master C3750G-48TS
Slave C3750-24TS

GOAL:
Replace slave switch (C3750-24TS) with another slave C3750G-48TS switch witch has the same version of IOS as master switch. In the end we have 2 equal switches in rack. More interfaces and faster speed on second switch.

HOW TO DO IT:
1. backup all configurations

# copy running-config tftp

2. prepare configuration for interfaces witch where on 24 port switch for 48 port giga switch (in config replace FastEthernet with GigaEthernet)
3. write down cable arrangement (from patch panel to switch)
4. shutdown slave switch (unplug electrical cable)
5. remove stack cable(s) from slave switch
6. remove utp cables from switch
6. remove slave switch from rack
7. add new slave switch to rack
8. reconnect stack cables to new switch
9. power on new switch
10.reconnect utp cables,…
11. repair configuration on stack for newly added interfaces
12. check if everything is working as it should with;

# sh stack ...
# sh int bri
# ping ... 

Cisco vtp updating problems

It could be as simple as forget to setup a password. 🙂

If you setup a vtp password on cisco server switch then you must setup a password on client switch to.

Check if password is configured for vtp:

# show vtp password

Setup vtp password on switch:

sw(config)# vtp password ...

Now vtp updating on cisco client switch is working perfectly well.

vtp – vlan trunk protocol

secure ftp server on centos

Prerequisites:
1. open external firewall (cisco, linksys,…) ports 20, 21, 990 and port range 49500:50000 to the local FTP server 192.168.xx.yy

* port range ports can be random ports higher than 49151 and lower than 65535

2. open firewall for port 20,21,990  and port range 49500:50000 on ftp server

# vim /etc/sysconfig/iptables 
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 20:21 -j ACCEPT 
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 20:21 -j ACCEPT 
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 990 -j ACCEPT 
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 49500:50000 -j ACCEPT 

3. in  /etc/sysconfig/iptables-config add ip_nat_ftp and ip_conntrack_ftp

IPTABLES_MODULES="ip_nat_ftp ip_conntrack_ftp"

Restart firewall

# /etc/sysconfig/iptables restart

4. configure selinux

# setsebool -P ftp_home_dir on

5. add ftp users

# useradd ftpuser ftpuser1 ftpuser2

Install VSFTPD
1. install vsftpd

# yum install vsftpd

2. install certificate

# openssl req -x509 -nodes -days 1825 -newkey rsa:1024 -keyout /etc/vsftpd/vsftpd.pem -out /etc/vsftpd/vsftpd.pem

3. Configure VSFTPD

add or change lines in /etc/vsftpd/vsftpd.conf

# vim /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
ftpd_banner=Welcome to blabla FTP service.
chroot_list_enable=NO
chroot_list_file=/etc/vsftpd/chroot_list
listen=YES
log_ftp_protocol=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES

pasv_enable=YES
pasv_address=85.10.xx.zz (your public IP)
pasv_max_port=49500
pasv_min_port=50000
ssl_enable=YES

allow_anon_ssl=NO
force_local_data_ssl=NO
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
rsa_cert_file=/etc/vsftpd/vsftpd.pem

4. Restart FTP server

# /etc/rc.d/init.d/vsftpd restart

Use ftp client wich support TLS AUTH to connect to the ftp server

I used mozilla plugin FireFTP or ftp-ssl (command line client)

URI:

http://wiki.vpslink.com/Configuring_vsftpd_for_secure_connections_%28TLS/SSL/SFTP%29
http://www.cyberciti.biz/tips/rhel-fedora-centos-vsftpd-installation.html

debian updating perl locale error

If you have errors like —>

PROBLEM (ERRORS):
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = (unset),
LC_ALL = (unset),
LC_CTYPE = “UTF-8”,
LANG = “en_US.UTF-8”
are supported and installed on your system.
perl: warning: Falling back to the standard locale (“C”).
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory

….while updating with aptitude update ; aptitude safe-upgrade then the solution to you problem is –>

SOLUTION:

# export LANGUAGE=en_US.UTF-8
# export LANG=en_US.UTF-8
# export LC_ALL=en_US.UTF-8
# locale-gen en_US.UTF-8

Cisco PIX …

hardware: Cisco PIX 515E with 6.3.x version of OS

Backup PIX configuration to tftp server

  1. login
  2. enable
  3. write net xxx.yyy.zzz.www:pix-conf-date.conf

xxx.yyy.zzz.www – tftp IP address

pix-conf-date.conf – configuration file name

 

Upgrade PIX OS from tftp

  1. login
  2. enable
  3. copy tftp flash <— upgrade OS
  4. reload <— restart PIX

 

Configure NTP server

  1. login
  2. enable
  3. conf t
  4. ntp authenticate
  5. ntp server xxx.yyy.zzz.w1w source outside <— external NTP server
  6. ntp server xxx.yyy.zzz.w2w source outside
  7. ntp server xxx.yyy.zzz.w3w source inside <— internal NTP server
  8. write mem <— save changes