Why?


Search This Blog

Tuesday, April 26, 2016

CentOS 7 ftp server install and setup with vsftpd

CentOS 7 ftp server install and setup with vsftpd

# yum -y install vsftpd ftp


# vi /etc/vsftpd/vsftpd.conf


Disallow anonymous, unidentified users to access files via FTP; change the 

anonymous_enable setting to NO:
anonymous_enable=NO

Allow local uses to login by changing the local_enable setting to YES:
local_enable=YES

If you want local user to be able to write to a directory, then change the write_enable setting to YES:
write_enable=YES

Local users will be ‘chroot jailed’ and they will be denied access to any other part of the server; change the chroot_local_user setting to YES:
chroot_local_user=YES

# systemctl enable vsftpd 
# systemctl restart vsftpd

# firewall-cmd --permanent --add-port=21/tcp
# firewall-cmd --reload 


 

Sunday, April 17, 2016

CentOS 7 network interfaces come up out of order

CentOS 7 network interfaces come up out of order

# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.10.100  netmask 255.255.255.0  broadcast 192.168.10.255
        inet6 2600:8800:2580:eda:225:90ff:fe5d:a401  prefixlen 64  scopeid 0x0<global>
        inet6 fe80::225:90ff:fe5d:a401  prefixlen 64  scopeid 0x20<link>
        ether 00:25:90:5d:a4:01  txqueuelen 1000  (Ethernet)
        RX packets 5356  bytes 1745688 (1.6 MiB)
        RX errors 0  dropped 4  overruns 0  frame 0
        TX packets 2480  bytes 396936 (387.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device memory 0xdf700000-df77ffff

eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 9000
        inet 192.168.80.100  netmask 255.255.255.0  broadcast 192.168.80.255
        inet6 fe80::21b:21ff:febb:7ad0  prefixlen 64  scopeid 0x20<link>
        ether 00:1b:21:bb:7a:d0  txqueuelen 1000  (Ethernet)
        RX packets 1047  bytes 122429 (119.5 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1724  bytes 1041752 (1017.3 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 3296  bytes 1705774 (1.6 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 3296  bytes 1705774 (1.6 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0



I am missing eth2 and eth3 from the ifconfig command above

----came up wrong
# ls -lsa /sys/class/net/
total 0
0 drwxr-xr-x  2 root root 0 Apr 17 08:45 .
0 drwxr-xr-x 52 root root 0 Apr 17 08:45 ..
0 lrwxrwxrwx  1 root root 0 Apr 17 08:46 eth0 -> ../../devices/pci0000:00/0000:00:1b.0/0000:06:00.0/net/eth0
0 lrwxrwxrwx  1 root root 0 Apr 17 08:46 eth1 -> ../../devices/pci0000:00/0000:00:01.0/0000:01:00.0/0000:02:09.0/0000:04:00.0/net/eth1
0 lrwxrwxrwx  1 root root 0 Apr 17 08:46 eth2 -> ../../devices/pci0000:00/0000:00:1f.6/net/eth2
0 lrwxrwxrwx  1 root root 0 Apr 17 08:46 eth3 -> ../../devices/pci0000:00/0000:00:01.0/0000:01:00.0/0000:02:09.0/0000:04:00.1/net/eth3
0 lrwxrwxrwx  1 root root 0 Apr 17 08:45 lo -> ../../devices/virtual/net/lo

----end came up wrong

----came up right
# ls -lsa /sys/class/net/
total 0
0 drwxr-xr-x  2 root root 0 Apr 17 09:51 .
0 drwxr-xr-x 52 root root 0 Apr 17 09:51 ..
0 lrwxrwxrwx  1 root root 0 Apr 17 09:51 eth0 -> ../../devices/pci0000:00/0000:00:1b.0/0000:06:00.0/net/eth0
0 lrwxrwxrwx  1 root root 0 Apr 17 09:51 eth1 -> ../../devices/pci0000:00/0000:00:01.0/0000:01:00.0/0000:02:09.0/0000:04:00.0/net/eth1
0 lrwxrwxrwx  1 root root 0 Apr 17 09:51 eth2 -> ../../devices/pci0000:00/0000:00:01.0/0000:01:00.0/0000:02:09.0/0000:04:00.1/net/eth2
0 lrwxrwxrwx  1 root root 0 Apr 17 09:51 eth3 -> ../../devices/pci0000:00/0000:00:1f.6/net/eth3
0 lrwxrwxrwx  1 root root 0 Apr 17 09:51 lo -> ../../devices/virtual/net/lo

----end came up right

As you can see they are in the /sys/class/net/ with my issue being eth2 and eth3 getting swapped sometimes during a reboot.

The solution is to get udev to ignore these and allow ifup to bring things up  in order

# vi /etc/udev/rules.d/10-local.rules
SUBSYSTEM=="pci", SYSFS{class}=="0x020000", OPTIONS="ignore_device"


Make sure you have the HWADDR= in your ifcfg-ethx files to assign hardware address
Example:
HWADDR=00:25:90:5d:a4:00


Now get that hardware address and additional information on your interfaces

# lspci | grep -i ethernet
00:1f.6 Ethernet controller: Intel Corporation Ethernet Connection (2) I219-V (rev 31)
04:00.0 Ethernet controller: Intel Corporation 82599ES 10-Gigabit SFI/SFP+ Network Connection (rev 01)
04:00.1 Ethernet controller: Intel Corporation 82599ES 10-Gigabit SFI/SFP+ Network Connection (rev 01)
06:00.0 Ethernet controller: Intel Corporation I210 Gigabit Network Connection (rev 03)


Match the PCI address from lspci | grep -i ethernet to the PCI address from ls -lsa /sys/class/net/
Example:
Lets look at 00:1f.6 from the lspci | grep -i ethernet command
We can see this in the ls -lsa /sys/class/net/ command mapped as eth3
Now get some more info on eth3

# ethtool -i eth3
driver: e1000e
version: 3.2.5-k
firmware-version: 0.8-4
bus-info: 0000:00:1f.6
supports-statistics: yes
supports-test: yes
supports-eeprom-access: yes
supports-register-dump: yes
supports-priv-flags: no


And get the physical hardware address we need for the ifcfg-eth3 file

# ethtool -P eth3
Permanent address: 00:25:90:5d:a4:00



Now i can reboot, power reset, etc., and all my interfaces come up correctly now.

# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.10.100  netmask 255.255.255.0  broadcast 192.168.10.255
        inet6 2600:8800:2580:eda:225:90ff:fe5d:a401  prefixlen 64  scopeid 0x0<global>
        inet6 fe80::225:90ff:fe5d:a401  prefixlen 64  scopeid 0x20<link>
        ether 00:25:90:5d:a4:01  txqueuelen 1000  (Ethernet)
        RX packets 3303  bytes 1144712 (1.0 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1660  bytes 186249 (181.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device memory 0xdf700000-df77ffff

eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 9000
        inet 192.168.80.100  netmask 255.255.255.0  broadcast 192.168.80.255
        inet6 fe80::21b:21ff:febb:7ad0  prefixlen 64  scopeid 0x20<link>
        ether 00:1b:21:bb:7a:d0  txqueuelen 1000  (Ethernet)
        RX packets 491  bytes 54845 (53.5 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 997  bytes 599121 (585.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 9000
        inet 192.168.90.100  netmask 255.255.255.0  broadcast 192.168.90.255
        inet6 fe80::21b:21ff:febb:7ad2  prefixlen 64  scopeid 0x20<link>
        ether 00:1b:21:bb:7a:d2  txqueuelen 1000  (Ethernet)
        RX packets 4152  bytes 729960 (712.8 KiB)
        RX errors 0  dropped 10  overruns 0  frame 0
        TX packets 4663  bytes 1325114 (1.2 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth3: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 10.10.10.100  netmask 255.255.255.0  broadcast 10.10.10.255
        ether 00:25:90:5d:a4:00  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 16  memory 0xdf800000-df820000

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 3138  bytes 1365194 (1.3 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 3138  bytes 1365194 (1.3 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0



Enjoy!

Wednesday, April 13, 2016

Asterisk setup for Flowroute SIP trunk

Asterisk setup for Flowroute SIP trunk

At bottom of /etc/asterisk/sip.conf

[100]
type=friend
callerid="Asterisk 100" 100
secret=my_password_here
context=internal
host=dynamic
allow=all
dtmfmode=rfc2833
;
;
;
[flowroute] ;keep this lowercase, do not change format
type=friend
secret=my_secret_here

username=my_username_here
host=sip.flowroute.com
dtmfmode=rfc2833
context=inbound ;change to 'ext-did' or 'from-trunk' for asterisk@home
canreinvite=no
allow=ulaw
;allow=g729 ;uncomment this line if you have G.729 licenses installed.
insecure=port,invite
fromdomain=sip.flowroute.com


At bottom of /etc/asterisk/extensions.conf

[internal]
exten => _1NXXXXXXXXX,1,Dial(SIP/${EXTEN}@flowroute)
;Send NANPA (USA) as 11 digit
exten => _011.,1,Dial(SIP/${EXTEN:3}@flowroute)
;dialing format - SIP/{countrycode}{number}@flowroute


;used to pass extension dialed, 100, to registered phone of 100
exten => 100,1,Dial(SIP/100,20)
exten => 100,n,Playback(vm-goodbye)
exten => 100,n,Hangup


Now from asterisk console (asterisk -r) do:

core reload
sip reload
dialplan reload

sip show peers
sip show registry
sip show channels

Make calls.

enjoy!