rsync freenas

It’s important when you do rsync server in FreeNAS to put auxiliary parameters

incoming chmod = ug=rwx,o=

Otherwise it’s not going to work. You will have permissions to the folder can create but you cant backup anything.

Cisco 79** xml conf

I lost 3 hours figuring out how to set up these new Cisco phones, because its use new config file, xml instead of cnf …. shit …
[code lang=”xml”]
<timeZone>Central European Time</timeZone>
<member priority="0">
<phoneLabel>Kerri’s Phone</phoneLabel>
<line button="1">
<line button="2">

Replacing Windows shell with rdp

If you want to make sort of Windows thin client or something and you want after turning PC on to go straight to the Terminal Server, you can follow those instructions .. Working priceless

1. Create folder .. somewhere .. in this examples my paths are set it up to “C:rdp”
2. In “C:rdp” create file “hidden.vbs” and past in it

CreateObject("Wscript.Shell").Run """" & WScript.Arguments(0) & """", 0, False

3. Create second file rdp.bat in same folder.
echo OFF
start /wait c:windowssystem32mstsc.exe c:rdprdp.rdp
goto start

4. Open your RDP and type the terminal server, set your desireble options as a sound redirection etc. and click “Save as”, and save it in same folder as a rdp.rdp

5. Alt + R, type regedit and go to HKLM – Software – Microsoft – WindowsNT – CurrentVersion – Winlogon and edit Shell variable. It shuld be setted up to explorer.exe, you need to change this to:

wscript.exe c:rdphidden.vbs c:rdprdp.bat

Now you have one way ticket to the blue.

Asterisk watch active calls && Fix database

watch -n 1 "asterisk -vvvvvrx 'core show channels' | grep call"

WARNING[25801] res_config_mysql.c: Realtime table general@queue_log: column ‘time’ cannot be type ‘int(10) unsigned’ (need char)

Sample queue_log table for MySQL:

Drop table in qstat & asterisk database – table queue_log, and add it again. Then edit extconfig.conf

CREATE TABLE `queue_log` (
`id` varchar(40) NOT NULL default auto_increment,
`time` char(10) unsigned default NULL,
`callid` varchar(32) NOT NULL default '',
`queuename` varchar(32) NOT NULL default '',
`agent` varchar(32) NOT NULL default '',
`event` varchar(32) NOT NULL default '',
`data` varchar(255) NOT NULL default '',

Malicous and Suspicious Files – Finding and removing eval(base64_decode)

I found this very very useful tutorial … I found it on the hard way, when everything is messed up! 🙂

Original Article Written by Rahul Bansai –

Command to list all infected files:

grep -lr --include=*.php "eval(base64_decode" /path/to/webroot

This is not necessary but its better to check some files manually to confirm if they have malicious code we are looking for. Also we can use this command after running cleanup command to crosscheck if cleanup is really successful.
Command to remove malicious code:

If above command gives you correct output, execute following command to perform actual cleaning:

grep -lr --include=*.php "eval(base64_decode" /path/to/webroot | xargs sed -i.bak 's/

Executing above will remove eval(*) codes. Above command will also generate a backup version of files it will modify. For example, if it removes code from index.php, you will find a new file index.php.bak in same directory with original content of index.php

Now after running above command, you still find some more infected files, then you need to adjust search and replace parameters in for “sed” part. You may also use following command for a “liberal” cleaning at the risk of breaking something. (in case you really break something, like I did, you can jump to “Troubleshooting” section below!)

grep -lr --include=*.php "eval(base64_decode" /path/to/webroot | xargs sed -i.bak '/eval(base64_decode*/d'
Trying to avoid re-appearance of this code injection

Its really though to cover every possible way to protect yourself from such attach in this post.

If you remember, WordPress community faced this kind of issue because of WP-PhpMyAdmin plugin sometime back. In our case, we found some old WordPress demo sites were having that plugin installed.

To remove WP-PhpMyAdmin plugin form all WordPress sites on your server, execute following command:

find /path/to/webroot -name "wp-phpmyadmin" -type d | xargs rm -rf

Above is all we did to get rid of eval(base64_decode(*)) codes from all files on our test server. If this happens again on our server, I will update this post with added info.

Just in case you end up in a mess, below are some useful commands.

Missing find /var/www/ -name "index.php" | grep "/htdocs/index.php" | xargs grep -L "

Don’t worry. If you already have a “find . -name '*.php' -exec sed -i -e :a -e '/^n*$/{$d;N;ba' -e '}' '{}' ;

Elastix 2.5 + heartbeat + drbd

As some of you knows I’ve got so much luck that even in my ne job they want new Telefon system 🙂 But massive one with failover and -20 sec downtime.

So what we’ve got:
Elastix 2.5 stable
Heartbeat for failover
Drbd – Network mirror raid, on which are all Elastix and asterig confs etc.

Our goals:
Stability, Reliability, High-availability

Let`s fucking do this shit!

I test it with 2 virtual elastix servers with attached 8 gig hdd on both, whitch I used for networ mirroring.
I followed THE TUTORIAL, the one tutorial for elastix HA+drbd.

/dev/sda1 - /
/dev/sda2 - swap
/dev/sdb1 - /replica

!!!Remember, these partition MUST be identical on both PCs, especially /dev/sdb1, where our Elasterix live.
(By identical i meant compleatly identical start block and finish block must be same on both)

1. When everything is installed, we need to create FS for /dev/sdb

[root@voipSERVER.drbd /]# fdisk /dev/sdb
t - 83

2. Format :

[root@voipSERVER.drbd /]# mke2fs -j /dev/sdb1

3. Just in case, we gonna formated with zeros:

[root@voipSERVER.drbd /]# dd if=/dev/zero bs=1M count=500 of=/dev/sdb1; sync

4. Installing drbd and heartbeat:

yum install heartbeat drbd83 kmod-drbd83

Note: If by any chance you experience problems with drbd83, use drbd82 version (64 bit

5. Now we need to edit /etc/hosts to be sure that the IP name resolution will be ok voipserver.drbd voipbackup.drbd

6. Edit /etc/drbd.conf on the Primary one:

global { usage-count no; }
resource r0 {
protocol C;
startup { wfc-timeout 10; degr-wfc-timeout 30; }
disk { on-io-error detach; }
net {
after-sb-0pri discard-least-changes;
after-sb-1pri discard-secondary;
after-sb-2pri call-pri-lost-after-sb;
cram-hmac-alg "sha1";
shared-secret "SECRET PASSWD";
syncer { rate 5M; }
on voipserver.drbd {
device /dev/drbd0;
disk /dev/sdb1;
meta-disk internal;
on voipbackup.drbd {
device /dev/drbd0;
disk /dev/sdb1;
meta-disk internal;

The following lines are used to help the servers resolve split brain recovery. Split brain is when two servers are in primary mode and need to know how to resolve who should assume primary/secondary role (discarding or accepting changes made in primaries).

  • 7. Replicate this config file to the second server

    [root@voipSERVER.drbd /]# scp /etc/drbd.conf root@voipbackup.drbd:/etc/

    8. Initialize the meta-data area on disk before starting drbd (! on both server!)

    drbdadm create-md r0

    * Start drbd on both nodes (service drbd start)

    service drbd start

    * Verify that both server are secondary

    cat /proc/drbd

    9. As you can see, both nodes are secondary, which is normal. we need to decide
    which node will act as a primary now (voipserver.drbd) : that will initiate the first ‘full
    sync’ between the two nodes:

    drbdadm -- --overwrite-data-of-peer primary r0

    10. Launch the command and wait until it’s finish synchronizing

    watch -n 1 cat /proc/drbd

    11. We can now format /dev/drbd0 and mount it on voipserver.drbd:

    [root@voipSERVER.drbd /]# mkfs.ext3 /dev/drbd0
    [root@voipSERVER.drbd /]# mkdir /replica

    [root@voipSERVER.drbd /]# mount /dev/drbd0 /replica

    12. We can determine the role of a server by executing the following;
    drbdadm role r0
    The primary server should return;


    13. Now we will copy all of the directories we want synchronized between the two
    servers to our new partition, remove the original directories and then create
    symbolic links to replace them on voipserver.drbd.
    Note: If you use 64bit version of Elastix this line: tar -zcvf usr-lib-asterisk.tgz /usr/lib/asterisk/ should looks like tar -zcvf usr-lib-asterisk.tgz /usr/lib64/asterisk/

    cd /replica

    amportal chown

    tar -zcvf etc-asterisk.tgz /etc/asterisk
    tar -zxvf etc-asterisk.tgz
    tar -zcvf var-lib-asterisk.tgz /var/lib/asterisk
    tar -zxvf var-lib-asterisk.tgz
    tar -zcvf usr-lib-asterisk.tgz /usr/lib/asterisk/
    tar -zxvf usr-lib-asterisk.tgz
    tar -zcvf var-spool-asterisk.tgz /var/spool/asterisk/
    tar -zxvf var-spool-asterisk.tgz
    tar -zcvf var-lib-mysql.tgz /var/lib/mysql/
    tar -zxvf var-lib-mysql.tgz
    tar -zcvf var-log-asterisk.tgz /var/log/asterisk/
    tar -zxvf var-log-asterisk.tgz
    tar -zcvf var-www.tgz /var/www/
    tar -zxvf var-www.tgz
    rm -rf /etc/asterisk
    rm -rf /var/lib/asterisk
    rm -rf /usr/lib/asterisk/
    rm -rf /var/spool/asterisk
    rm -rf /var/www

    rm -rf /var/lib/mysql/
    rm -rf /var/log/asterisk/
    ln -s /replica/etc/asterisk/ /etc/asterisk
    ln -s /replica/var/lib/asterisk/ /var/lib/asterisk
    ln -s /replica/usr/lib/asterisk/ /usr/lib/asterisk
    ln -s /replica/var/spool/asterisk/ /var/spool/asterisk
    ln -s /replica/var/lib/mysql/ /var/lib/mysql
    ln -s /replica/var/log/asterisk/ /var/log/asterisk
    ln -s /replica/var/www /var/www
    cd /

    Stop mysqld, asterisk and httpd services on voipserver.drbd

    service mysqld restart
    service mysqld stop
    service asterisk stop
    service httpd stop
    service elastix-updaterd stop
    service elastix-portknock stop

    14. Verify services are down and proceed to switch manually to the second server:

    [root@voipSERVER.drbd /]# umount /replica ; drbdadm secondary r0

    15. Now switch to the VOIPBACKUP server

    [root@voipBACKUP.drbd /]# mkdir /replica ; drbdadm primary r0 ; mount /dev/drbd0 /replica
    [root@voipBACKUP.drbd /]# ls /replica/

    Note: This is used to check if you are replicating information on both servers. You should
    see all data replicated in the secondary server just like data in the primary.
    * DO NOT perform this action with the physical terminal logged in. Use SSH. Otherwise, it will fail to
    unmount the /replica folder for some reason! Also make sure you are not IN the replica folder. Type “cd /” .

    16. Verify voipserver.drbd status (Primary/Secondary)

    drbdadm role r0

    Note: Executing this same command in voipbackup.drbd while in secondary mode should
    not display the /dev/drbd0 partition unless it’s assuming primary mode.

    17. Now we will remove and link on voipbackup.drbd

    cd /replica

    amportal chown

    tar -zcvf etc-asterisk.tgz /etc/asterisk
    tar -zxvf etc-asterisk.tgz
    tar -zcvf var-lib-asterisk.tgz /var/lib/asterisk
    tar -zxvf var-lib-asterisk.tgz
    tar -zcvf usr-lib-asterisk.tgz /usr/lib/asterisk/
    tar -zxvf usr-lib-asterisk.tgz
    tar -zcvf var-spool-asterisk.tgz /var/spool/asterisk/
    tar -zxvf var-spool-asterisk.tgz
    tar -zcvf var-lib-mysql.tgz /var/lib/mysql/
    tar -zxvf var-lib-mysql.tgz
    tar -zcvf var-log-asterisk.tgz /var/log/asterisk/
    tar -zxvf var-log-asterisk.tgz
    tar -zcvf var-www.tgz /var/www/
    tar -zxvf var-www.tgz
    rm -rf /etc/asterisk
    rm -rf /var/lib/asterisk
    rm -rf /usr/lib/asterisk/
    rm -rf /var/spool/asterisk
    rm -rf /var/www

    rm -rf /var/lib/mysql/
    rm -rf /var/log/asterisk/
    ln -s /replica/etc/asterisk/ /etc/asterisk
    ln -s /replica/var/lib/asterisk/ /var/lib/asterisk
    ln -s /replica/usr/lib/asterisk/ /usr/lib/asterisk
    ln -s /replica/var/spool/asterisk/ /var/spool/asterisk
    ln -s /replica/var/lib/mysql/ /var/lib/mysql
    ln -s /replica/var/log/asterisk/ /var/log/asterisk
    ln -s /replica/var/www /var/www
    cd /

    18. Stop mysqld, asterisk and httpd services on voipserver.drbd

    service mysqld restart
    service mysqld stop
    service asterisk stop
    service httpd stop
    service elastix-updaterd stop
    service elastix-portknock stop

    19. Now switch back to the first server:
    [root@voipBACKUP.drbd /]# umount /replica/ ; drbdadm secondary r0

    20. Now switch to the VOIPSERVER server

    [root@voipSERVER.drbd /]# drbdadm primary r0 ; mount /dev/drbd0 /replica

    Drbd is working … let’s be sure that it will always be started:
    chkconfig drbd on

    21. Remember to stop any boot up services on both servers that should be controlled by heartbeat. These services will be controlled by heartbeat on the server that is in control.

    chkconfig asterisk off
    chkconfig mysqld off
    chkconfig httpd off
    chkconfig elastix-updaterd off
    chkconfig elastix-portknock off
    service mysqld stop
    service asterisk stop
    service httpd stop
    service elastix-portknock stop
    service elastix-updaterd stop

    22. Let’s configure a simple /etc/ha.d/ file on voipserver.drbd :

    debugfile /var/log/ha-debug
    logfile /var/log/ha-log
    debugfile /var/log/ha-debug
    logfile /var/log/ha-log

    logfacility local0
    keepalive 2
    deadtime 30
    warntime 10
    initdead 120
    udpport 694
    bcast eth0
    auto_failback on
    node voipserver.drbd
    node voipbackup.drbd

    23. Create also the /etc/ha.d/authkeys on voipserver.drbd:

    auth 1
    1 sha1 MySecret

    24. Change permissions on the /etc/ha.d/authkeys file on voipserver.drbd:
    chmod 600 /etc/ha.d/authkeys

    25. Edit /etc/ha.d/haresources on voipserver.drbd: (It is two lines!!!!!!! Formating is
    important). Replace the email addresses with your own, on the second line.

    voipserver.drbd drbddisk::r0 Filesystem::/dev/drbd0::/replica::ext3 IPaddr:: mysqld asterisk httpd elastix-updaterd elastix-portknock fop_start
    voipserver.drbd IPaddr::

    Note: If you have second NIC, and you want to failover it, just add it here, like I did, the last line. Now this IP which you’ve set up will be floating between both servers.

    26. Start the heartbeat service on voipserver.drbd :
    service heartbeat start

    27. Replicate now the, authkeys and haresources to voipbackup.drbd and start heartbeat

    [root@voipserver.drbd ha.d]# scp /etc/ha.d/ /etc/ha.d/authkeys /etc/ha.d/haresources
    [root@svoipbackup.drbd ha.d]# service heartbeat start

    28. Configure heartbeat to initialize at boot on both server

    chkconfig --add heartbeat
    chkconfig heartbeat on

    29. Verify voipserver.drbd status (Primary/Secondary)

    drbdadm role r0

    30. Execute ‘df -h’ on the primary to confirm that our /dev/drbd0 partition is
    mounted and in use.

    Filesystem Size Used Avail Use% Mounted on
    /dev/sda1 5.7G 1.9G 3.5G 36% /
    tmpfs 249M 0 249M 0% /dev/shm
    /dev/drbd0 7.9G 394M 7.1G 6% /replica

    31. Test your work by creating a SIP extension or anything inside Elastix Web
    Interface, then shut down your primary server while making a continuous ping to (floating IP address) verifying it doesn’t lose connectivity. Make
    another change in the secondary server, turn your primary back on, and all
    changes should be kept intact.
    Special Note: Any changes made to asterisk files should be done via web Interface
    ONLY. Do not attempt to upgrade Elastix version once finished the cluster or else it will
    write its own files again discarding links to the /replica directory.

    tcpdump –i eth0:0 –s 1500 –w captura.pcap #capture traffic
    mv captura.pcap /var/www/html #move file to web for download HA Cluster.pdf

    Note: Here it is the original tutorial, there is few other think that you can do … as fop and tftpboot migrating Elastix HA cluster


    I was searching for best thin client for one client. I have tried this Thinstation, but everything is so confusing. So I asked myself, why should I use whole thinclient os. I start browsing about some solutions and I found the best one! It use Ubuntu any version, you can tweak it for your needs and have everything that you
    need. Lets start with Ubuntu 14.04.1 LTS.

    1st you need to install it, update if you want and then all that you need to do is:

    sudo apt-get install rdesktop
    sudo apt-get install lxde

    We gonna use lxde, because is lightweigt and simple. Once these packages are installed you can satart configuring them.

    Create executable mythinclient wherever you want, and there you need to pass some parameters to rdesktop. I use following configuration
    rdesktop -N -k en-gb -a 32 -z -f -5 -r disk:usb=/media/usb1

    If you want, you can serch for rdesktop parameters. This uses usb redirection host/remote, numlock export 32 bit collors and automatically fullscreen.

    Now we need to write autostart conf file to execute this script when user login.

    mkdir -p ~/.conf/autostart && vim ~/.conf/autostart/$USER.desktop

    [Desktop Entry]

    Now we are going to pass some parameters to lightdm. I have some problems with DHCP, it takes 5 sec to obtain address and by this time, when session start there is no internet and the session does not start … fail …
    I solve this with 6 sec bypass 🙂

    vim /etc/lightdm/lightdm.conf


    Now reboot and everything must be OK. :)If you want you can check for additional options of lightdm.conf file

    ubuntu boot/6sec login screen and then you are in the game!

    rEset mysql password

    Create a text file containing the following statements. Replace the password with the password that you want to use.

    UPDATE mysql.user SET Password=PASSWORD(‘MyNewPass’) WHERE User=’root’;

    Start the MySQL server with the special –init-file option:

    shell> mysqld_safe –init-file=/home/me/mysql-init &

    The server executes the contents of the file named by the –init-file option at startup, changing each root account password.

    Youtube Video downloader

    This is the most easy and useful way to get something from youtube.

    sudo curl -o /usr/local/bin/youtube-dl

    sudo chmod a+x /usr/local/bin/youtube-dl

    And then, everything is YOURS 🙂 If there is no binary, I’m sorry, find it on your own 🙂