FernandoMarcelo.com

Again, a long time without updating my blog, but i am back with a new script.

Last week, i was helping a friend with his server. As his main focus is web design, he asked me to help with some admin tasks, more exactly, with CPBackup and remote backups.

The issue was that CPBackup was taking 14 hours to complete so, as he run it daily, his server was more than 50% of the time doing backups

I created a simple script, now called CRB - Cpanel Rsync Backup. This scripts does remote backups of your Cpanel server using rsync.

This means that the first time will take some hours to finish, but the next backups will be much faster as it only copies the changed files since last run. Considering that you run it daily, you will probably have very few files to copy.

This way you can save time, bandwidth, CPU and even money always having a full backup of your files on a safety place.

Installation

Please note, this script is still beta. Use at your own risk!

Installation is pretty simple. Just download the install script and run it:

wget http://fernandomarcelo.com/crb/install.sh

sh install.sh

It is installed at /usr/local/crb. The first step is to edit file /usr/local/crb/crb.conf with your conf. The file has some comments which should make it simple, but in case you have questions, feel free to ask on comments.

After that, you can run the script with:

sh /usr/local/crb/crb.sh

Or, if you prefer to run it daily, add to cron.

Note: you must set password less login in order to have it running properly via cron.

Uninstall

Just remove folder /usr/local/crb from your server and, if necessary, remove cron job too.

Development

I still want to add more features for this script, making it more flexible and reducing cpu usage . You can follow up the development at the repository page: http://jira.consultorpc.com:766/browse/GPL/crb/trunk

Thanks for Daniel from ConsultorPC for allowing me to use the SVN repository.

How It Works?

No time to write this at the moment, but i will try to write soon

I really like DDos-Deflate and have it installed on almost all servers that i run. The issue, is that sometimes it bans your clients, even when they don’t have a high number of connections or are not doing something wrong.

So, i am going to show how i install and do a simple modification to avoid this problem.

1. Download and install:

wget http://www.inetbase.com/scripts/ddos/install.sh

chmod 0700 install.sh

/install.sh

2. Configuring

Change your settings by editing file /usr/local/ddos/ddos.conf. I usually only change my email and the number of connections.

Because of the changes that we are going to make on step 3, a good number of connections is between 40 and 50, and not 150.

3. Changing a few things

Now, edit file /usr/local/ddos/ddos.sh and find this line:

netstat -ntu | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -nr > $BAD_IP_LIST

Change it to:

netstat -ntu | grep ESTAB | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -nr > $BAD_IP_LIST

And save the file.

4. Conclusion

The issue with ddos deflate banning your client’s IP is because it gets all connections on netstat and sometimes, if your client is accessing different services like web, mail and ftp server within a short period of time, it will ban his IP because of TIME_WAIT connections.

By applying the change that i mentioned, you are only checking for established connections.

From my experience, a user will rarely have more than 10 established connections to the server. So if an IP is getting more than 40 connections, he is probably doing something wrong

FATAL: Could not load /lib/modules/2.6.26-2-openvz-amd64/modules.dep: No such file or directory
I had this problem when running Debian on a OpenVZ VE, more exactly when trying to start APF. This problem also happens with other firewalls that use iptables.

The fix is pretty simple. On your HN, edit file /etc/vz/conf/{$VEID}.conf ( or /etc/vz/vz.conf if you want for all VE ) and add the following line:

IPTABLES=”ip_tables iptable_filter iptable_mangle ip_conntrack ip_conntrack_irc ip_conntrack_ftp ipt_state ipt_multiport ipt_limit  ipt_LOG ipt_REJECT ipt_length ipt_multiport ipt_owner ipt_state ipt_ttl ipt_TOS ipt_TCPMSS”

This should be on one line, you shouldn’t have line breaks on it. Save the file and restart the VE.

Now, enter on the VE and run:

depmod -a

If you get problems about directory /lib/modules/2.6.26-2-openvz-amd64/ missing, just create it with:

mkdir /lib/modules/2.6.26-2-openvz-amd64/

And run depmod -a again.

Done, you should not get more iptables problems.

That’s it! I have been working for quite a while as a freelance programmer and thought it was time to set up a website where i can show my work  ( and hopefully get more ).

I own fernandomarcelo.com for 2 years but never had a website on it, just using for email. I will try to keep this updated as much as i can.