Linux Questions

Some seemingly simple ones:

  1. How do I set up an office LAN thru a Fedora box for a gateway? eth0 is the WAN, eth1 is the LAN. Don’t even want DHCP. Should be a way thru Gnome.

2)How do you start PHP? Calling index.php shows code instead of redirecting.

3)apache2: virtual host directory is set to /var/www/web10/web/ but when you call the vhost from a browser you get the default at /var/www/ . WTF is with that?

  1. If you want to edit shit off a terminal shouldn’t you use postfix -e or iptables -e to actually make changes to the files? Leaving out the -e just edits what’s in memory doesn’t it?

  2. How do I allow SCP, logon as root on an old RH machine?

2)How do you start PHP? Calling index.php shows code instead of redirecting.

Isnt that supposed to be done through Apache via modules? Ive always added the mod_php4 or mod_php5 directives in apache to make php work.

3)apache2: virtual host directory is set to /var/www/web10/web/ but when you call the vhost from a browser you get the default at /var/www/ .

Lets see your virtual host setup from httpd.conf

  1. If you want to edit shit off a terminal shouldn’t you use postfix -e or iptables -e to actually make changes to the files? Leaving out the -e just edits what’s in memory doesn’t it?

Dont know about iptables, but with postfix if its a database (btree for example) you have to rebuild the db with postmap and Postfix will automatically re-read the file. Others like the main config file you have to restart postfix for changes to take affect.

What files in postfix do you want to edit?

  1. How do I allow SCP, logon as root on an old RH machine?

Ive done this in a pinch but shut it down again when its not needed and it does go  against BCP, allowing root logins via ssh or scp. But if you need allow root logins, edit sshd.conf and change:

#PermitRootLogin no

uncomment that and put in yes and restart sshd.

The office LAN stuff, just setup the box as a router. How to do it through Gnome, I dont know…

  1. howtoforge.com/nat_iptables

  2. DocumentIndex add index.php
    3)  The first virtualhost entry is the default. So if you enter a domain/subdomain not in a virtual host entry you get the default.  For example if your virtualhost entry in apache is setup for foobar.com and you go to  www.foobar.com  (which points to the same ip as foobar.com) you will not get the virtualhost directory.

You should be able to edit any configuration files with a text editor in gnome.  I kind of like nano.

#nano /path/to/your/file

to save= Ctrl+o
to exit= Crtl+x

Buy a Apple G4 plug in another PCI ethernet card, turn on web sharing and poof there ya go :smile:

This is a tutorial I followed that led to the -e question. None of the steps actually edit the /etc/sysconfig/iptables file, so I concluded they worked on /sbin/iptables while in memory only. If you go back and look afterwards in the sysctl file, the echo>1 to ip_forward didn’t do shit, it’s still set to 0.
Howtoforge also forgot to mention how MASQUERADE isn’t really the function to call if eth0 is a static IP, from further research it appears you should use SNAT --to source xxx.xxx.xxx.xxx
From Gnome, you should be able to SYSTEM-ADMINISTRATION-NETWORK, set up eth1 and ROUTE it to eth0, but that doesn’t work either.
Maybe I can write an iptables.sh and have it run each time it boots?

[quote]
5) How do I allow SCP, logon as root on an old RH machine?[/quote]

The allow root logon line was deleted in sshd_config. I only wanted to SCP as root to work on a file that required MASSIVE find/replace editing and the old thing only has vi and pico for editing. So I did it another way.

–ALL my new servers have X2 processors, shitloads of RAM, gnome and VNC. Steal from Apple that GUIs are the way to go since 1985, from M$oft that you can bloat the OS just by RAMing it up…

Yes you can create a shell script and have that start in rc.local  or you can do it the “proper” way and  run service iptables save which will save your current running iptables ruleset to /etc/sysconfig/iptables.

You can enable ip_forward in /etc/sysctl.conf  fairly easily in fact I think its in there but commented out by default.

I got it 99% working. The howtoforge FORGOT to tell you “iptables save”.
Found that in another online Fedora tutorial where the guy forgot you also have to ACCEPT from the incoming, and kept telling you to “apt-get install” things instead of “yum install” them…
anybody actually try out their tutorials before they publish?

Now it works pretty good, if you’re DHCP everything works fine. If you assign your box an IP within the range, you have to set your DNS.
Now to figure out how you can set the eth1 (LAN IP) to be the DNS. I’ve picked thru the old RH box and can’t figure out how it does that yet. It has 255 lines of LAN IPs, you uncomment the ones you want to work, and also has code to set and outside WAN IP to an inside LAN.

httpd.conf

[quote]# This is here for backwards compatability reasons and to support
#  installing 3rd party modules directly via apxs2, rather than
#  through the /etc/apache2/mods-{available,enabled} mechanism.

#LoadModule mod_placeholder /usr/lib/apache2/modules/mod_placeholder.so[/quote]

I’m adding the virtual hosts with webmin.
apache2 adds them into /etc/apache2/sites-available as separate sitename.conf files then adds a link in /etc/apache2/sites-enabled that points to those .conf files.
Yes, only the first one shows for all.
edit:
So you set the initial virtualhost to *:80 and don’t use an IP address

So here’s the next question, I didn’t really ask it.

Got users all over with static IP on a huge LAN. Some are out, the offices locked. Some are network copier/printers, admin codes long lost.
All were configured

[quote]IP: 172.16.1.xxx
SM 255.255.255.0
GW 172.16.1.254

DNS 172.16.1.254[/quote]

I need to figure out this thing where the existing settings stay (there’s records of who everyone is), and 172.16.1.254 works as the DNS, with the gateway box. I know if I enter the real DNS at the workstation that works. If I set a new workstation with DHCP, that works too.
Can you actually add DNS numbers to ifcfg-eth1?
Anyone tried this?

And am I correct that this gateway box is properly called a BRIDGE and not a router if it doesn’t need to do DHCP?

So know how I fixed all this? $110 Dlink dual gateway router with a TELUS 10Mb on one and a Navigata 10Mb on the other WAN. Set the LAN to the 176 IP, set the DHCP range to two, and plugged it in. No calls. No one noticed they have triple the download and 20 times the upload on that pipe.
Unplugged the Fedora box and put it away for a rainy day…

How does this dlink work? If you have two separate WANS gives you two upstreams , does the dlink load balance between the two?

Yeah, you can assign a percentage. 50-50 or whatever. I undid that and set it 90% to 10MB and 10% to a 4.5 DSL . The nitpickers from Navigata dinged me $180 bandwidth overage last month so their pipe’s getting phased out. Fast.

We’ve been using a Linksys router that does the same thing.  We’ve been load-balancing PLnet and Citywest.  But lately we’ve been using more Citywest and less PLnet.  Just 'cause our PLnet connection blows and Citywest is so fast for us.  You can actually tell it how much you want to run on one connection and how much on another…  And you can get funky with the routing – send all traffic to a certain IP range through one connection, for example.

Sort of like IOS for dummies, with a shiny web-based config.

the 042? We are using the same one, although I dont find its load balancing very good at all, for redundancy its fine but for load balancing it sucks, I was gonna switch to trying out 2003 server’s network load balancing see how it does. I see intel released what they are calling “connection teaming” in their latest drivers for their network cards, I found it works on even their older cards it is all done in the driver, nothing new in the hardware needed so ya just install two intell network cards and enable connection teaming on them both and away you go, I think thats gotta be the cheapest way to do it, our linksys router for this was over two hundred dollars, they are way more expensive that a regular router.

Nah, it’s not a 042… we tried that for a bit, but it sucked.  I’m not sure, it may be a 082?

I used a Dlink 604. I wasn’t overly impressed (seemed to cut the bandwidth to the user with only 1 user attached) and do disgusting things to ping times. But I plugged it in last week and 0 complaints. So I loaded it up yesterday and no complaints today. There were 59 IPs on the damn thing, and I plugged in and did a speedtest. Same bw as it was with only one computer, and same disgusting ping.
I’ll take it out when I figure the static IP with eth1 as the gateway thing on the Fedora box. Or when people scream that it goes “duh - what - oh” before it downloads the pages 10x as fast as the old setup did.