Month: June 2015

Motion and reverse proxy mode.

Apache HTTP Server can be configured in both a forward and reverse proxy (also known as gateway) mode. An ordinary forward proxy is an intermediate server that sits between the client and the origin server. In order to get content from the origin server, the client sends a request to the proxy naming the origin server as the target and the proxy then requests the content from the origin server and returns it to the client. The client must be specially configured to use the forward proxy to access other sites. Reverse Proxy example:

ProxyPass "/foo" "http://foo.example.com/bar"
ProxyPassReverse "/foo" "http://foo.example.com/bar"

ProxyPass /camera http://127.0.0.1:10000
ProxyPassReverse /camera http://127.0.0.1:10000

Continue reading “Motion and reverse proxy mode.”

Retrieve mail and save attachment with fetchmail, procmail and uudeview.

Retrieve mail from user called user01 of smtp.some.server.ie server:

root:~> cat .fetchmailrc
poll "smtp.some.server.ie" proto IMAP user "user01" password "password" is user01 keep sslproto ''
mda '/usr/bin/procmail -d %T'
set logfile /home/user01/fetchmail.log

To save an attachment from an e- mail use procmail andUUDeview is a program that helps you transmit and receive binary files over the Internet, using electronic mail or newsgroups The UUDeview package includes both an encoder and a decoder. The decoder automatically detects the type of encoding used, offering MIME’s Base64 and BinHex as well as the popular uuencoding and the less frequently used xxencoding methods.

root:~> cat .procmailrc
:0
*^content-Type:
{
:0c:
/var/spool/mail/user01

# Now the actual unpacking part
# forward to uudeview and unpack
:0fw
| uudeview -i +a +o -p /share/Shared/attachment/ -
}
root:~>

And then run fetchmail command 😉

XRDP on SUSE12 issue – solved

I have installed XRDP on SLES12 but the systemd does not start this service as xrdp.service service file is missing. I know that it could be started by typing: /etc/xrdp/xrdp.sh start but I want it to be started after the reboot.

Create a systemd service file:

sles15:~ # vim /usr/lib/systemd/system/xrdp.service

[Unit]
Description=xrdp daemon
After=syslog.target network.target

[Service]
Type=forking
ExecStart=/etc/xrdp/xrdp.sh start
ExecStop=/etc/xrdp/xrdp.sh stop

[Install]
WantedBy=multi-user.target

and then a symlink:

sles15:~ # ln -s /usr/lib/systemd/system/xrdp.service /etc/systemd/system/xrdp.service

now turn the XRDP service on, for start at next boot.

sles15:~ # systemctl enable xrdp
sles15:~ # systemctl is-enabled xrdp

So, the XRDP will be started after the reboot 😉 And now another problem occurred, we connected to XRDP on SUSE12 and got a black screen 😛
To fix this issue you need to switch to icewm and at lest get a screen 😉 Just edit /etc/xrdp/startwm.sh and pretend the list of Session with “icewm”.

sles15:~ # vim /etc/xrdp/startwm.sh
--cut
#SESSIONS="gnome-session blackbox fluxbox startxfce4 startkde xterm"
SESSIONS="icewm"
--cut

I am a bit surprised that a package like XRDP made it into SLES in such a broken state. Well, have to wait for SP1.

Address masquerading in Postfix.

Address masquerading refers to the idea that you can hide the names of internal hosts, and make all addresses appear as if they originated from the gateway system itself. You may have internal systems that use your Postfix server as a gateway. When mail is sent from these systems and the sender addresses include the fully qualified hostname, you may want addresses to appear with the domain name only. The masquerade_domains parameter strips hostnames down to their simpler domain names.

The parameter takes a list of domains. Any address whose fully qualified hostname matches the domain portion is stripped down to just the domain name:

root# vim /etc/postfix/main.cf

masquerade_domains = domain.com

Addresses that look like user1@srv1.domain.com and user2@srv2.domain.com are converted to user1@domain.com and user2@example.com.

You can list multiple domains and subdomains. Postfix processes addresses against masquerade domain names in the order you list them. Consider a network that includes the two subdomains, acct.example.com and hr.example.com. You want addresses from these domains to show the subdomain, but you want addresses from any other domain or host in the network to show the parent domain. Set masquerade_domains as follows:

masquerade_domains = srv.domain.com srv1.domain.com domian.com

With this setting, the address user1@hades.srv.domain.com matches srv.domain.com, so that it becomes user1@srv.domain.com.
The address user2@prod.srv1.domain.com matches srv1.domain.com, and becomes user2@srv1.domain.com. Finally, user3@srv1.domain.com matches the last value, domain.com, to become user3@domain.com.

If you want to preserve a domain name that would otherwise be stripped down, you can preface the domain with an exclamation point:

masquerade_domains = !srv2.domain.com, domain.com

In this case, the domain srv2.domain.com will not be rewritten, so the address user10@srv2.domain.com stays as it is.

You can exclude specific account names from masquerading. For example, if you want an address like root@srv10_prod.example.com to stay intact, add the account to the masquerade_exceptions parameter:

masquerade_exceptions = admin, root

And then:

root# /etc/init.d/./postfix restart

Rewriting Addresses – Postfix canonical maps.

Postfix canonical maps can be defined in 3 ways.

1. canonical_maps – rewrites the sender and recipient address
2. sender_canonical_maps – rewrites the sender address
3. recipient_canonical_maps – rewrites the recipient address

In main.cf, point the canonical_maps parameter to the canonical file and then add addresses that you would like to rewrite.
For Example:

root# vim /etc/postfix/main.cf
# Add the following to your configuration file.
canonical_maps = hash:/etc/postfix/canonical

root# vim /etc/postfix/canonical
# address that would like to rewrite new address
user1 greg
user2@domain.com greg@otherdomian.com

root# postmap canonical && postfix reload