30 Nov 2007 Create virtual / alias IP address
This is the code to make an alias IP address on network interface ethX where X is a number to indicate the device we are attaching the IP.
ifconfig eth0:1 192.168.0.30 netmask 255.255.255.0 up
Your machine will now answer on ping requests 192.168.0.30.
You can see the result by running the command
ifconfig eth0:1
Result
eth0:1 Link encap:Ethernet HWaddr xx:xx:xx:xx:xx:xx
inet addr:192.168.0.30 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:17 Base address:0x1080
To take down this alias use
ifup eth0:1 down
You might experience that the new device/address won’t answer network requests to the IP address after moving it. This happens because the arp cache on the router most likely haven’t discovered that the IP address is on a new MAC address. A solution to this problem is to clear the arp info on the router using the arprelease command
arprelease eth0:1 192.168.0.30
This command can be downloaded from http://sourceforge.net/projects/arprelease/ if it isn’t available on your linux distribution.
Tags: arprelease, ifconfig, ifup, ping
Posted by Hans-Henry Jakobsen
04 Jun 2007 Shell script to restart MySQL server if it is killed or not working
Shell script to restart MySQL server if it is killed or not working
monitor_mysql.bash
#!/bin/bash # Shell script to restart MySQL server if it is killed or not working # due to ANY causes. # When script detects mysql is not running (it basically sends ping request # to MySQL) it try to start using /etc/init.d/mysql script; and it sends an # email to user indicating the status. # This script must be run from Cron Job so that it can monitor mysql server. # For more info visit following url: # http://www.cyberciti.biz/nixcraft/vivek/blogger/2005/08/linux-mysql-server-monitoring.html # -------------------------------------------------------------------------- # Copyright (C) 2005 nixCraft project# This script is licensed under GNU GPL version 2.0 or above # ------------------------------------------------------------------------- # This script is part of nixCraft shell script collection (NSSC) # Visit http://bash.cyberciti.biz/ for more information. # ------------------------------------------------------------------------- # mysql root/admin username MUSER="root" # mysql admin/root password MPASS="SET-ROOT-PASSWORD" # mysql server hostname MHOST="localhost" #Shell script to start MySQL server i.e. path to MySQL daemon start/stop script. # Debain uses following script, need to setup this according to your UNIX/Linux/BSD OS. MSTART="/etc/init.d/mysql start" # Email ID to send notification EMAILID="notification@somewhere-corp.com" # path to mail program MAILCMD="$(which mail)" # path mysqladmin MADMIN="$(which mysqladmin)" #### DO NOT CHANGE anything BELOW #### MAILMESSAGE="/tmp/mysql.fail.$$" # see if MySQL server is alive or not # 2&1 could be better but i would like to keep it simple and easy to # understand stuff :) $MADMIN -h $MHOST -u $MUSER -p${MPASS} ping 2>/dev/null 1>/dev/null if [ $? -ne 0 ]; then echo "" >$MAILMESSAGE echo "Error: MySQL Server is not running/responding ping request">>$MAILMESSAGE echo "Hostname: $(hostname)" >>$MAILMESSAGE echo "Date & Time: $(date)" >>$MAILMESSAGE # try to start mysql $MSTART>/dev/null # see if it is started or not o=$(ps cax | grep -c ' mysqld$') if [ $o -eq 1 ]; then sMess="MySQL Server MySQL server successfully restarted" else sMess="MySQL server FAILED to restart" fi # Email status too echo "Current Status: $sMess" >>$MAILMESSAGE echo "" >>$MAILMESSAGE echo "*** This email generated by $(basename $0) shell script ***" >>$MAILMESSAGE echo "*** Please don't reply this email, this is just notification email ***" >>$MAILMESSAGE # send email $MAILCMD -s "MySQL server" $EMAILID < $MAILMESSAGE else # MySQL is running :) and do nothing : fi # remove file rm -f $MAILMESSAGE
Source: http://www.cyberciti.biz/tips/linux-mysql-server-monitoring.html
Tags: bash, Database, grep, mail, MySQL, mysqladmin, ping
Posted by Hans-Henry Jakobsen
19 May 2007 Linux routing magic
Suppose you’re setting up a test environment, and you want a server to be able to handle some improbably large number of IP addresses, like a /16 or even larger. You could just write a script to add them all one at a time, or you could use this little shortcut and add the entire netblock at once:
(more…)
Posted by Hans-Henry Jakobsen
30 Apr 2007 Detecting changes to your network services/damons
This is a tutorial to detect changes in port from hosts on your network.
The basic approach is to ping every available address upon your subnet and see which ones are up by detecting replies.
If you install the package libperl-net-ping you can use the following script to see which hosts upon your LAN are alive:
#!/usr/bin/perl -w
use strict;
use Net::Ping;
my $LAN = "192.168.1.";
foreach my $octet (1 .. 255)
{
my $pinger = Net::Ping->new();
if ( $pinger->ping( $LAN . $octet ) )
{
print $LAN . $octet . "\n";
}
$pinger->close();
}
Save the script as /usr/local/bin/scan-lan and make sure it’s executable by running chmod 755 /usr/local/bin/scan-lan.
This would give you a list of IP addresses which might look like the following:
192.168.1.1 192.168.1.2 192.168.1.10 192.168.1.50 192.168.1.90
With a list like that saved to text file you can now start scanning your network for services.
In order to detect changes to our network we wish to record all the services on the machines in our LAN then later rescan to detect anything different.
Using the scan-lan and nmap we can create a file for each machine that’s up containing its services.
Save this script as /usr/local/bin/make-baseline, and make it executable with “chmod 755 /usr/local/bin/make-baseline”:
#!/bin/sh
mkdir -p /var/log/scans
for i in `/usr/local/bin/scan-lan` ; do
nmap -sV $i | grep ' open ' > /var/log/scans/$i.base
done
This is our baseline scan. With this in hand we have a list of all the hosts upon a lan which are currently up, and the services they are running.
Now we just to write another script to compare the current state to that we recorded in our baseline, this will notify us of changes.
The following script can do that job for us, save it as /usr/local/bin/scan-services:
#!/bin/sh
if [ ! -d /var/log/scans ]; then
echo "Baseline directory isn't present"
exit
fi
#
# Scan all the machines
#
for i in `/usr/local/bin/scan-lan` ; do
nmap -sV $i | grep ' open ' > /var/log/scans/$i.log
done
#
# Cleanup
#
rm /var/log/scans/*-added.txt
rm /var/log/scans/*-removed.txt
cd /var/log/scans/
#
# Find new and removed
#
for i in /var/log/scans/*.log; do
diff --context $i ${i/.log/}.base | grep '^+ ' > `basename $i .log`-added.txt
diff --context $i ${i/.log/}.base | grep '^- ' > `basename $i .log`-removed.txt
done
#
# Now show the results
#
for i in /var/log/scans/*-added.txt; do
if [ -s $i ]; then
echo " "
echo "The machine `basename $i -added.txt` has had the following services added:"
cat $i
echo " "
fi
done
for i in /var/log/scans/*-removed.txt; do
if [ -s $i ]; then
echo " "
echo "The machine `basename $i -removed.txt` has had the following services removed:"
cat $i
echo " "
fi
done
If you make this executable and run it you should see no output, as your current network hasn’t changed in the past few minutes.
Delete a line or two from one or more of the .base files in the /var/log/scans directory and run it again.
This time you should see output like this:
The machine 192.168.1.1 has had the following services added: + 8889/tcp open http GNUMP3d streaming server 2.9 The machine 127.0.0.1 has had the following services removed: - 19/tcp open discard?
Tags: basename, bash, diff, grep, nmap, perl, ping
Posted by Hans-Henry Jakobsen
