Ubuntu Server 18.04 – Postfix 3.3.0 Issues

After doing a release upgrade to Ubuntu Server 18.04, Postfix stopped working with the following messages in the syslog:

Mar 11 09:56:02 servername postfix/master[1046]: warning: process /usr/lib/postfix/sbin/smtpd pid 12628 exit status 1
Mar 11 09:56:02 servername postfix/master[1046]: warning: /usr/lib/postfix/sbin/smtpd: bad command startup -- throttling
Mar 11 09:57:02 servername postfix/smtpd[12650]: fatal: in parameter smtpd_relay_restrictions or smtpd_recipient_restrictions, specify at least one working instance of: reject_unauth_destination, defer_unauth_destination, reject, defer, defer_if_permit or check_relay_domains

The fix:

postconf -e 'compatibility_level=2'
systemctl restart postfix.service

Bash Script – Move Files into Subdirectories Based on Modified Date – OR – Moving Ntop Netflow Dumps into Subdirectories by Date

In a busy network environment, it is critical to have some form of network monitoring on all your servers and equipment. Network monitoring comes in many different forms and flavors, whether it be to monitor critical system services and applications via SNMP, WMI, or some proprietary third party software, or just generically pinging some devices to make sure they are up.

Nowadays, it is getting more and more necessary to dig deeper to be able to track what end users are doing and what websites they are visiting and this is where the Cisco Netflow comes in handy. Essentially, netflow allows us to peer down into the network traffic streams and give us vital source, destination, and protocol information coming to and from our network hosts but isn’t quite as storage intensive as doing a full fledged pcap dump, which makes historical accounting of this data a whole lot nicer.
Continue reading “Bash Script – Move Files into Subdirectories Based on Modified Date – OR – Moving Ntop Netflow Dumps into Subdirectories by Date”

Ubuntu – Icecast2 Startup Script with Ices2 Support

Recently I set up an Icecast server to be able to stream music on hold to my Asterisk servers at work. Here is an updated init script for Icecast2 that adds support to start the Ices2 source client at the same time. For streaming audio from a playlist with Ogg support, Ices2 is a good candidate. For streaming audio from an mp3 based playlist, have a look at Ices0 that can be downloaded on the same site. There is also an array of different Icecast source clients to choose from here. This just happened to be the first one that I tried out. I ended up bastardizing the code somewhat to make it conform to my own personal preferences by using functions and what not to make it all pretty like. I also chose to run Ices2 as the same user as the icecast user, so you would have to update any permissions on the Ices2 directories and config files as needed.
Continue reading “Ubuntu – Icecast2 Startup Script with Ices2 Support”

OpenMCU-ru – DSCP Based QoS Packet Tagging Rules for Linux IP Tables

In Ubuntu, the best way to ensure that the firewall is up and running and that your packet filtering or mangling rules are in place any time the network connection comes up, you should create a rule in the /etc/network/if-up.d folder. An alternative approach to that would be to put a “post-up” rule on whatever interface in you /etc/network/interfaces file. From my experience, so that your firewall rules can be easily maintained as well having the ability to make comments for each rule, it’s ideal to take advantage of the iptables-save and iptables-restore functionality.

In order to follow this procedure, the first time you set up the firewall, you will have to manually add all the firewall rules and then issue the iptables-save command. For sake of saving time, I will just provide you with the contents of my config file that can be restored with the iptables-restore < config_file command. Continue reading “OpenMCU-ru – DSCP Based QoS Packet Tagging Rules for Linux IP Tables”

BackupExec 2012 – How to Limit CPU Usage and Disk I/O on RALUS with Cron Jobs

Backup Exec on Linux, otherwise known as RALUS, is great but it has no provisions for limiting it’s disk I/O or CPU usage during different periods of the day. Unfortunately, BE for Windows doesn’t have that option either, so get on it Symantec, nudge, nudge.

If you’re like me, you might have backup jobs on File Servers that span several terabytes worth of data that can essentially run for a day or two on their own. The problem is that people get really bitchy when things don’t run at the normal speed that they are used to and the inconsiderate assholes don’t give a shit when you explain why.

Well here are a few cron job tasks that I came up with to help relieve some of that pressure on your file server. Continue reading “BackupExec 2012 – How to Limit CPU Usage and Disk I/O on RALUS with Cron Jobs”

Firefox – Version 33 Update Causes Certificate Error in Webmin

Copied this highly useful info straight from this website. Very strange that I didn’t have this problem until I hit Firefox version 39 but it is possible that I just hadn’t administered that particular server for a long time in Webmin.

Recent browser versions (e.g. Firefox 33) refuse to work with older Webmin installs.

They give a sec_error_invalid_key error, offer a ‘Try again’ button, but do not offer an option to add an exception.

Firefox 33 no longer supports certificates with private keys smaller than 1024 bits.

You can replace your webmin certificate with a new one by running this command: Continue reading “Firefox – Version 33 Update Causes Certificate Error in Webmin”

Linux – Force Remote Reboot of System

I ran into a problem yesterday where I could SSH into a remote machine but a majority of the bash commands weren’t working and were giving an “Input/ouput error”, including the shutdown command. Upon further inspection, this particular machine, which was a thin client with 128 MB of flash storage, had run out of drive space. The suggestion on this stack exchange article worked perfectly so I just wanted to document it here for my own future reference.

As long as you have root access, you can run the following command to force a system reboot: Continue reading “Linux – Force Remote Reboot of System”

MySQL Script – Alter/Convert All Tables in a Database from MyISAM to InnoDB

Pieced together from various tutorials on the web with a lot of my own additions, here is a snippet of SQL that will alter or convert all tables in a database from “MyISAM” to “InnoDB”. As long as your MySQL user account has privileges to create stored procedures, all you have to do is simply edit the @DATABASE_NAME variable at the top of the script and run it in PhpMyAdmin if you’ve got it. Enjoy! Continue reading “MySQL Script – Alter/Convert All Tables in a Database from MyISAM to InnoDB”