Welcome to Server Circle. It's a friendly site and all levels of experience are welcome. Be aware that we use cookies for your login.
Server Circle - Ask questions about Servers and get answers from experts.
Beta (0.08 sec)
Mayhew's profile (982 points)

About: The UK, United Kingdom or Great Britain. I'm in all three.
Best way to backup a large VMWare Server image
Asked in: Virtual Machines with 1 answers
Discover what is actually using the swap space in a Linux server
Asked in: Debian Linux with 2 answers
Minicom types everything twice
Asked in: Linux Servers with 2 answers
REWARD: Script to email when my web server fails to return a string over HTTP
Asked in: Debian Linux with 3 answers
Sed help please for IP address swap over regex
Asked in: Shell Scripting with 2 answers
Debian Lenny to Squeeze upgrade disasters
Asked in: Debian Linux with 1 answers
Migrating djbdns data file into BIND
Asked in: DNS Servers with 1 answers
Snort Rules
Asked in: Gentoo Linux with 1 answers
ARP changes monitoring
Asked in: Networking with 2 answers
Block package update on Debian
Asked in: Debian Linux with 1 answers
Best traceroute sites
Asked in: Networking with 3 answers
Webalizer ignore IP not hostname
Asked in: RedHat Linux with 2 answers
REWARD: Counting broadcast and multicast packets in a script
Asked in: Networking with 6 answers
VMWare Server no longer supported ?
Asked in: Virtual Machines with 4 answers
Running Debian off a read only USB stick
Asked in: Linux Servers with 1 answers
Using php-apc on Ubuntu
Asked in: Ubuntu Linux with 1 answers
Postfix rate limiting
Asked in: Email Servers with 2 answers
Debian Lenny to Squeeze upgrade keeps failing
Asked in: Linux Servers with 2 answers
Apache failing to start on Ubuntu Server with PHP 5.3.2-1ubuntu4.7
Asked in: Ubuntu Linux with 1 answers
NIC Speed and Duplex Problems
Asked in: Networking with 2 answers
Could someone please help me with a tiny script ? I need to be e-mailed when my web server doesn't return "country" from its index.html page over HTTP. A hundred of my points and fifty of the best answer points to the one that helps the most. Thanks in advance.
Asked in: Debian-Linux-Servers  (3 answers)
Mayhew's response: Thanks for the answers, they were both excellent.
I need to be able to swap an IP address in a script - I'm trying to use sed as follows: sed 's/green/blue/' < old > new How would I do that with 123.123.123.123 and 456.456.456.456 ? It doesn't work when I try it. Thank you for your help.
Asked in: ShellScripts  (2 answers)
Mayhew's response: I was getting lost with escaping dots and slashes - thanks !
Any recommended aside from Arpwatch ? Thanks.
Asked in: Server-Networking  (2 answers)
Mayhew's response: Automatic blocking would be nice.
I need to view a remote device config pages through HTTP and have an SSH Server inside the remote LAN on which it resides. How can I make it really lightweight and fast on Ubuntu Server - Lucid ? Thanks.
Asked in: Linux-Servers  (3 answers)
Mayhew's response: Use -c blowfish for the fastest compression, it makes a big difference.
I'm getting confused with when to use exit and when to use exit 0 in scripts. Any pointers please ?
Asked in: ShellScripts  (6 answers)
Mayhew's response: That's a good link.
There's a feature called IgnoreSite which ignores hostnames in Apache logs mostly by the looks of it but I'm not logging DNS entries just IPs, for performance. Since I've only just added the option now to ignore my IP will it work from now on ? It doesn't seem to work retroactively because my IP's stats are still in the stats. Any other very easy GUI loggers for web logs out there ? I'm looking for a clunk-click solution really (that will ignore my IP!), I've got enough to do. Cheers.
Asked in: RedHat-Linux-Servers  (2 answers)
Mayhew's response: Thanks, exactly what i needed.
There's something that just baffles me right now and I'm out of ideas. Would anybody have some idea? Basically, I have a Dell PowerEdge R415 rack server. Running xen 4.1 with a debian squeeze dom0. On two occasions (and now is the second one), I see weird behaviours as follows: I've got a ssh connection open from my workstation to the server and it works. However, I cannot ping it nor establish new TCP connections. I can see the packets go out of the workstation interface, the switch claims it forwards it to the server, but I cannot see them on the server with tcpdump, nor do the interface statistics increase. I can see the same from other workstations while others are OK. What really baffles me is that there is an established and working ssh connection. Initially, I was seeing the "dropped" statistics increase, and ethtool -S eth0 on the server showed some rx_fw_discard, but after increasing the rx ring buffer that went away, but still same problem. There's a bridge br0 with eth0 and the virtual interfaces for the Xen domUs, everything looks fine there. That server has a BMC with a net interface with a different MAC address. I can ping the bmc from my workstation, but not from the server. That BMC shares the same physical network connection (I'm not sure how that works, if there's an internal bridge in the server, could it be where the problem lies?) That's a Broadcom Corporation NetXtreme II BCM5716 Gigabit Ethernet # ethtool -i eth0 driver: bnx2 version: 2.0.2 firmware-version: 5.2.3 NCSI 2.0.11 bus-info: 0000:02:00.0 From dmesg, the link went down a few times. I think the problem started to occur when a message like: NETDEV WATCHDOG: eth0 (bnx2): transmit queue 7 timed out appeared in dmesg. Any idea? Update (2011-05-11) - same problem with opensuse with Xen 4.1 and 2.6.37-xen dom0 kernel. - upgrading to bnx2 2.0.23b from Broadcom's site improves matters (at least if I boot with this one, not if I unload the old one and load this one) especially if I increase the size of the receive ring buffer. I'm under the impression that those ethernet adapters do things at level 3 and 4 which worries me a bit
Asked in: Server-Networking  (8 answers)
Mayhew's response: Another thought, have you checked for Xen networking bugs ?
There's something that just baffles me right now and I'm out of ideas. Would anybody have some idea? Basically, I have a Dell PowerEdge R415 rack server. Running xen 4.1 with a debian squeeze dom0. On two occasions (and now is the second one), I see weird behaviours as follows: I've got a ssh connection open from my workstation to the server and it works. However, I cannot ping it nor establish new TCP connections. I can see the packets go out of the workstation interface, the switch claims it forwards it to the server, but I cannot see them on the server with tcpdump, nor do the interface statistics increase. I can see the same from other workstations while others are OK. What really baffles me is that there is an established and working ssh connection. Initially, I was seeing the "dropped" statistics increase, and ethtool -S eth0 on the server showed some rx_fw_discard, but after increasing the rx ring buffer that went away, but still same problem. There's a bridge br0 with eth0 and the virtual interfaces for the Xen domUs, everything looks fine there. That server has a BMC with a net interface with a different MAC address. I can ping the bmc from my workstation, but not from the server. That BMC shares the same physical network connection (I'm not sure how that works, if there's an internal bridge in the server, could it be where the problem lies?) That's a Broadcom Corporation NetXtreme II BCM5716 Gigabit Ethernet # ethtool -i eth0 driver: bnx2 version: 2.0.2 firmware-version: 5.2.3 NCSI 2.0.11 bus-info: 0000:02:00.0 From dmesg, the link went down a few times. I think the problem started to occur when a message like: NETDEV WATCHDOG: eth0 (bnx2): transmit queue 7 timed out appeared in dmesg. Any idea? Update (2011-05-11) - same problem with opensuse with Xen 4.1 and 2.6.37-xen dom0 kernel. - upgrading to bnx2 2.0.23b from Broadcom's site improves matters (at least if I boot with this one, not if I unload the old one and load this one) especially if I increase the size of the receive ring buffer. I'm under the impression that those ethernet adapters do things at level 3 and 4 which worries me a bit
Asked in: Server-Networking  (8 answers)
Mayhew's response: Some questions for food for thought: When you ping are you pinging the IP directly from the same segment ? Are you sure nothing like rp_filter is getting in the way ? How are you attempting to start up new TCP connection ? You're not using Telnet to SMTP to try and start up new sessions are you ? How is your SSH session started ?
When I use tail -f I see all the output from a log as it it written to the end of the log but when I do: tail -f | grep -v donotincludethistext it doesn't update any more. I've tried using cat and less to output the log through tail -f but nothing works. How can I ignore some entries in the log and still tail it ?
Asked in: ShellScripts  (3 answers)
Mayhew's response: I use a couple of things to keep things fast and get round this using an exclude file where single words (each on a new line) are excluded. In that file don't leave any blank lines or all text will be excluded: tail -c 100 -f /var/log/apache2/access.log | grep -v --line-buffered -f /home/user/exclude-file exclude-file: something nothing everything
I need to know if there's too much noise on a subnet so I'd like to automate a way of telling me how many broadcast and multicast pps (packets per second) are on a subnet. I can't figure out a good way of doing it though. I'm keen to keep my hard earned points so I'll happily give a £10 Amazon Voucher to the Best Answer (the voucher can be towards your preferred Amazon site: .com, .fr, .de or .co.uk etc).
Asked in: Server-Networking  (6 answers)
Mayhew's response: User "s" please let me know which Amazon site you want your voucher from and Server Circle will send it.
I need to know if there's too much noise on a subnet so I'd like to automate a way of telling me how many broadcast and multicast pps (packets per second) are on a subnet. I can't figure out a good way of doing it though. I'm keen to keep my hard earned points so I'll happily give a £10 Amazon Voucher to the Best Answer (the voucher can be towards your preferred Amazon site: .com, .fr, .de or .co.uk etc).
Asked in: Server-Networking  (6 answers)
Mayhew's response: Thank you, @s ! I will avoid the scripting method and install ntop and set up SNMP from the switches. netstat -s is also very useful for my needs. I contacted Server Circle to pass on my £10 Amazon voucher.
I need to know if there's too much noise on a subnet so I'd like to automate a way of telling me how many broadcast and multicast pps (packets per second) are on a subnet. I can't figure out a good way of doing it though. I'm keen to keep my hard earned points so I'll happily give a £10 Amazon Voucher to the Best Answer (the voucher can be towards your preferred Amazon site: .com, .fr, .de or .co.uk etc).
Asked in: Server-Networking  (6 answers)
Mayhew's response: Thank you very much, @s. I didn't know about pv before. That command line is very,very close to what I need. That's perfect for a realtime look and I've put and not arp after multicast to ignore ARP traffic. I'm really looking for a script to grab, say, five values at three times a day and then mail me the results from cron.daily so I can look for trends over the last day to see if noise on the subnet has increased.
I need to know if there's too much noise on a subnet so I'd like to automate a way of telling me how many broadcast and multicast pps (packets per second) are on a subnet. I can't figure out a good way of doing it though. I'm keen to keep my hard earned points so I'll happily give a £10 Amazon Voucher to the Best Answer (the voucher can be towards your preferred Amazon site: .com, .fr, .de or .co.uk etc).
Asked in: Server-Networking  (6 answers)
Mayhew's response: Sorry, it's Debian.
iptables -A OUTPUT -m limit --limit 15/minute -j LOG --log-level 7 --log-prefix Packet was dropped by firewall: " This seems to break and I can't figure out why. I've been scratching my head over this one.
Asked in: Server-Firewalls  (2 answers)
Mayhew's response: Ahem, you missed an inverted comma off just before "Packet" :-) So it would read: iptables -A OUTPUT -m limit --limit 15/minute -j LOG --log-level 7 --log-prefix "Packet was dropped by firewall: " How's that ?
Does anyone have a list of what /proc/user_beancounter errors mean please ? I'm getting lots of failcounts.
Asked in: Linux-Servers  (1 answers)
Mayhew's response: This is probably what you're after: http://wiki.vpslink.com/Meaning_of_the_/proc/user_beancounters_Values
It's not my favourite thing, IPtables. I'm trying to punch a hole through the firewall so that my Server can do WHOIS lookups. Can anyone please help ?
Asked in: Server-Firewalls  (1 answers)
Mayhew's response: There are better ways of doing this but the following method opens up the WHOIS port entirely: iptables -A OUTPUT -p tcp --dport 43 -j ACCEPT iptables -A INPUT -p tcp --sport 43 -j ACCEPT iptables -A OUTPUT -p tcp --sport 43 -j ACCEPT iptables -A INPUT -p tcp --dport 43 -j ACCEPT That should do it.
I know this is a silly question but how can I stop eselect from offering news snippets after emerging updates ?
Asked in: Linux-Servers  (1 answers)
Mayhew's response: I'd keep an eye on important updates if I were you but you can edit PORTAGE_RSYNC_OPTS in make.conf to redefine emerge rsync options to exclude the ${PORTDIR}/metadata/news.
Can someone please help understand this traceroute ? 6 66.249.94.197 (66.249.94.197) 1.235 ms 66.249.94.199 (66.249.94.199) 17.649 ms 66.249.94.195 (66.249.94.195) 0.829 ms 7 216.239.46.204 (216.239.46.204) 7.817 ms 216.239.46.208 (216.239.46.208) 7.784 ms 216.239.46.204 (216.239.46.204) 10.332 ms 8 72.14.239.156 (72.14.239.156) 10.739 ms 8.089 ms 7.849 ms 9 64.233.174.127 (64.233.174.127) 7.674 ms 64.233.174.101 (64.233.174.101) 7.746 ms 64.233.174.99 (64.233.174.99) 7.698 ms 10 209.85.253.10 (209.85.253.10) 8.401 ms 8.570 ms 209.85.253.14 (209.85.253.14) 17.369 ms 11 pv-in-f99.1e100.net (72.14.213.99) * * * I can connect to Google but it always times out at the end. Why ?
Asked in: Server-Networking  (1 answers)
Mayhew's response: This is to do with ICMP being blocked by the destination Server. It can be for security (firewalling) or other reasons, like the type of hardware used. It's usually nothing to worry about but makes diagnosis tricky sometimes.
I'm struggling with redirecting this: www.domain.com to domain.com Any good tutorials out there ? Or a simple example ? The ones I've found aren't helping :-(
Asked in: Linux-Servers  (2 answers)
Mayhew's response: Looks like this site was written for you: http://www.easymodrewrite.com http://www.easymodrewrite.com/guide-syntax
I've played around with a few settings but is there any way in main.cf to copy all outbound mail from a Postfix Server to a single mailbox ? Thanks in advance.
Asked in: Email-Servers  (2 answers)
Mayhew's response: What about using /etc/aliases ?
I am having headaches with Fail2ban ignoreregex, I am trying to get it to ignore subdirectories ? ignoreregex = .*"GET /(town|city|street.* This works fine but I would also like to explicitly ignore splash.html too and not just the sub-directory.
Asked in: ShellScripts  (2 answers)
Mayhew's response: Yes, that works for me on the latest Ubuntu Apache version.
I'm using an ISP's control panel to set up DNS but I can't see the subdomain, how can I test it it ? The A record for www.something.com works but sub.something.com doesn't work unfortunately.
Asked in: DNS-Servers  (4 answers)
Mayhew's response: If you're on a Linux system: host sub.something.com will tell you if there's a DNS entry visible to your default Name Server (on your desktop). host sub.something.com 8.8.8.8 will tell if Google's Name Server can see the entry.
I messed arround with armagetronad, then I wanted to remove it and I got this error: # sudo apt-get remove armagetronad Reading package lists... Done Building dependency tree... Done E: The package armagetronad needs to be reinstalled, but I can't find an archive for it. Now every time I want to use apt-get for anything I can't: # sudo apt-get install supertux Reading package lists... Done Building dependency tree... Done E: The package armagetronad needs to be reinstalled, but I can't find an archive for it. Can anyone help me workaround this problem, its driving me nuts?
Asked in: Linux-Servers  (4 answers)
Mayhew's response: Try this: apt-get -f install to fix broken packages.
I need to run some iPerf tests across various network nodes, testing for throughput problems. I need time saving script that will test bi-directionally and output results for different TCP window sizes, as I suspect latency is not the cause of the observed throughput problems, but RWIN may be be at fault.
Asked in: Linux-Servers  (1 answers)
Mayhew's response: Ensure that both tcpdump and iPerf are on the path at both network nodes. Create a directory and place the following two scripts in them, perf-wrapper.sh and perf.sh. Invoke the testing against the two IP nodes as follows; # perf-wrapper.sh xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy Results are stored in same directory for further analysis. perf-wrapper.sh #!/bin/sh a=$1 b=$2 timestamp=$(date +%Y%m%d%H%M%S) ./perf.sh UDP $a $b "iperf -s -u" "iperf -c _SERVER_ -u -b 100m -i5 -t60" $timestamp ./perf.sh TCPDefault $a $b "iperf -s" "iperf -c _SERVER_ -i5 -t60" $timestamp ./perf.sh TCP8KB $a $b "iperf -s -w 4096" "iperf -c _SERVER_ -i5 -t60 -w 4096" $timestamp ./perf.sh TCP16KB $a $b "iperf -s -w 8192" "iperf -c _SERVER_ -i5 -t60 -w 8192" $timestamp ./perf.sh TCP32KB $a $b "iperf -s -w 16384" "iperf -c _SERVER_ -i5 -t60 -w 16384" $timestamp ./perf.sh TCP64KB $a $b "iperf -s -w 32768" "iperf -c _SERVER_ -i5 -t60 -w 32768" $timestamp ./perf.sh TCP128KB $a $b "iperf -s -w 65536" "iperf -c _SERVER_ -i5 -t60 -w 65536" $timestamp ./perf.sh TCP256KB $a $b "iperf -s -w 131072" "iperf -c _SERVER_ -i5 -t60 -w 131072" $timestamp a=$2 b=$1 ./perf.sh UDP $a $b "iperf -s -u" "iperf -c _SERVER_ -u -b 100m -i5 -t60" $timestamp ./perf.sh TCPDefault $a $b "iperf -s" "iperf -c _SERVER_ -i5 -t60" $timestamp ./perf.sh TCP8KB $a $b "iperf -s -w 4096" "iperf -c _SERVER_ -i5 -t60 -w 4096" $timestamp ./perf.sh TCP16KB $a $b "iperf -s -w 8192" "iperf -c _SERVER_ -i5 -t60 -w 8192" $timestamp ./perf.sh TCP32KB $a $b "iperf -s -w 16384" "iperf -c _SERVER_ -i5 -t60 -w 16384" $timestamp ./perf.sh TCP64KB $a $b "iperf -s -w 32768" "iperf -c _SERVER_ -i5 -t60 -w 32768" $timestamp ./perf.sh TCP128KB $a $b "iperf -s -w 65536" "iperf -c _SERVER_ -i5 -t60 -w 65536" $timestamp ./perf.sh TCP256KB $a $b "iperf -s -w 131072" "iperf -c _SERVER_ -i5 -t60 -w 131072" $timestamp perf.sh #!/bin/sh test=$1 client=$2 server=$3 server_iperf="$4" client_iperf=$(echo $5 | sed "s/_SERVER_/$server/g") timestamp=$6 logdir="/data/perf-testing" ssh="ssh -n" scp="scp" echo echo "Test $test, Client $client, Server $server" echo echo "Starting server" $ssh root@$server "killall tcpdump; (tcpdump -s 0 -w $logdir/$timestamp-$client-$server-$test-server.pcap >/dev/null 2>/dev/null $logdir/$timestamp-$client-$server-$test-server.iperf.log 2>&1 &1 | tee $logdir/$timestamp-$client-$server-$test-client.iperf.log); killall tcpdump" echo "Stopping server" $ssh root@$server "killall tcpdump iperf" echo "Downloading logs" $scp root@$server:$logdir/$timestamp-$client-$server-$test-server.iperf.log . $scp root@$client:$logdir/$timestamp-$client-$server-$test-client.iperf.log .
What am I missing with Logwatch ? A recent restore from backup means mails no longer get sent by cron. In /etc/cron.daily/00logwatch I have: #execute /usr/sbin/logwatch --mailto me@me.com Any ideas if I can just edit root inside the script itself to something like me@me.com under the e-mail setting ?
Asked in: Linux-Servers  (2 answers)
Mayhew's response: Try editing the /usr/sbin/logwatch script directly and change root to something else.
About Us : Contact Us : Etiquette : Terms : CDN Failover : ShorterURL : CDN Fallback : © 2013 Server Circle