Configure iptables for PPTPD on CentOS 6

Rules in bold are essential. #!/bin/bash # Set defaults. Be careful with -F and -X they will reset your iptable rules. # iptables -F # iptables -X iptables -A OUTPUT -j ACCEPT iptables -A FORWARD -j ACCEPT iptables -A INPUT -j DROP iptables -A INPUT -i lo -j ACCEPT # Accept established sessions iptables -A INPUT -m state –state RELATED,ESTABLISHED -j ACCEPT # Allow Pings. # iptables -A INPUT -p icmp -j ACCEPT # Allow SSH # iptables -A INPUT -p tcp –dport 22 -j ACCEPT # Allow PPTP Control connection iptables -A INPUT -p tcp –dport 1723 -j ACCEPT # Allow GRE iptables -A INPUT -p gre -j ACCEPT # NAT for PPTP clients connectivity iptables -t nat -A POSTROUTING -j SNAT Read More

PPTPD VPN server installation and configuration

This howto describes the steps in how to setup a PPTP VPN on Centos, Fedora, Debian, and Ubuntu with basic RSA authentication. Before the installation make sure to have your Yum repos updated with the Epel repos. CentOS and Red Hat Enterprise Linux 5.x  wget http://dl.fedoraproject.org/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm && sudo rpm -Uvh epel-release-5*.rpm CentOS and Red Hat Enterprise Linux 6.x [crayon-574b72f35548e285779878/] CentOS and Red Hat Enterprise Linux 7.x  wget http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm && sudo rpm -Uvh epel-release-7*.rpm Step 1. Install PPTPD CentOS/RedHat 5: yum install pptpd.x86_64 Read More

SSH tunnelling – TCP port forward from local dev to public facing ssh server

A little bg story: I’m writing a rails app, which is hosted inside the corporate network, and no incoming traffic is permitted. I need to expose the internal port 3000 to the public. Short answer: SSH forwarding. [crayon-574b72f355c7f424616808/] For some reason, the forwarding only works when I set both the local and remote port as 3000. There is one more thing you need to do to enable this. SSH doesn’t by default allow remote hosts to forwarded ports. To enable this open /etc/ssh/sshd_config and add the following line somewhere in that config file. [crayon-574b72f355c88554228587/] Make sure you add it only once! [crayon-574b72f355c8d909942385/] And restart Read More

Enable apt-X on OSX Yosomite for bluetooth headphones

So I noticed that my Sony MDR-1RBT is not working on aptX codec, did some searches and here are the steps to get aptX codec capability. 1. Download the io tool: https://developer.apple.com/downloads/index.action?name=bluetooth%20explorer 2. Bluetooth Explorer -> Tool -> Audio Options: Force use of aptX 3. Reconnect your bluetooth headphone To enable aptX on the headphone, press volume + and power for two seconds when powering on. The blue indicator will blink 3 times when on aptX mode. Read More

PHP can not connect RDS MySQL on an Amazon EC2 RHEL box

So I decided to use Amazon RDS for my blog. It’s fairly simple to set up RDS, but somehow I couldn’t get PHP to connect to RDS. Wordpress kept throwing this error: “Error establishing a database connection”. So I thought maybe my RDS security group settings are not correct? I opened the RDS instance to 0.0.0.0/0 and I was able to connect using mysql cli anywhere, including the RHEL box, but WP still gave me the same error. I then tried php mysql connection to RDS on another linux box and it worked! OK, so that means somehow php mysql connection is not working on the RHEL box, what can be causing the problem? After a few Google searches, one post drew my attention, Read More

Git – How to avoid typing your password repeatedly

There are at least three ways to avoid typing your password repeatedly when using git. First solution requires to use KDE wallet, second solution doesn’t require additional tools and third is not the safest one. First way – use KDE wallet To store passwords in the KDE wallet you need to install ksshaskpass package: $ sudo apt-get install ksshaskpass Then configure git to use it: $ git config –global core.askpass /usr/bin/ksshaskpass Alternatively you can use GIT_ASKPASS environmental variable: $ export GIT_ASKPASS=`which ksshaskpass` Use secure protocol: $ git clone –verbose https:[email protected]/git/personal_repo.git Second way – Read More

Set up SSH keys – avoid typing password every time

On the local machine, type the BOLD part. The non-bold part is what you might see as output or prompt. Step 1: % ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (~/.ssh/id_dsa): (just type return) Enter passphrase (empty for no passphrase): (just type return) Enter same passphrase again: (just type return) Your identification has been saved in ~/.ssh/id_dsa Your public key has been saved in ~/.ssh/id_dsa.pub The key fingerprint is: Some really long string % Step 2: Then, paste the content of the local ~/.ssh/id_dsa.pub file into the file ~/.ssh/authorized_keys on the remote host. RSA instead of DSA If you want something strong, you could Read More

解决rTorrent下载中文资源文件名乱码的问题

解决办法: 1. 修改rTorrent配置文件,我的配置文件位置是在 /opt/etc/rtorrent.conf ,在最后一行加上一句: encoding_list = zh_CN.UTF-8 这个并没有解决我的问题,文件名依然乱码,后来查资料才发现需要改挂载参数。 2. 因为我是SAMBA挂载的NAS,在挂载的时候需要加一个参数iocharset=utf8: mount -t cifs //192.168.1.2/ShawnHDD /tmp/ -o rw,iocharset=utf8,username=shawn,passwo rd=password 参考资料:http://ubuntuforums.org/showthread.php?t=288534 Read More

PPTPD源码安装 Install PPTPD from source code

今天花了一晚上倒腾VPN服务器,因为是用的CENTOS,没法直接apt-get install pptpd,虽然网上有RPM包,但最后还是选择了源码安装,过程中碰到很多问题,在此总结一下: 1. make install后默认没有安装服务,需要自行创建/etc/rc.d/init.d/pptpd,写入代码如下: [crayon-574b72f3565b0380217622/] 2. 将pptpd安装为服务并随机启动: [crayon-574b72f3565bb182868853/] 3. 客户端链接的时候很可能提示错误,这是因为通过yum install ppp安装的组件版本与pptpd所支持的版本不一致,解决办法,修改/etc/pptpd.options,注释掉logwtmp即可。这个问题折磨我好久!=-=! 4. Read More