At times, we might want to change date and time of a file, for record purposes. For example, when you copying log file from remote machine, when it’s extract on local machine, the date and time will reflect to current date time.
To update the date and time of file, run;
touch -t ccyymmddhhMMSS filename
For more info, run;
man touch
Most of the time, we would prefer to read manual offline instead of browsing online, sometime we do not have internet access, and in the boredom, we can read the manual OFFLINE! Example below will show you how to grab the manual online to your machine.
If you have wget installed on your machine, you can do the command below to download a website for offline read.
shell> wget --no-parent --mirror -p --convert-links -P ~/Documents/local-browsing http://www.some-website.com/howto/
Above command will download the entire website into your machine in your home directory Document/local-browsing. Now you can read while you are offline!
If you have MySQL, PostgreSQL, Apache2 or other application installed from Macports, you might want the services auto start during machine start up. You can use launchctl to do it, it’s similar to start up script on FreeBSD on /usr/local/etc/rc.d or /etc/rc.d
The start up script is located at /Library/LaunchDaemons, this is what I have on my machine;
In order to add the services into launchctl, do it with below command;
Auto start MySQL
sudo launchctl load -w /Library/LaunchDaemons/org.macports.mysql5.plist
Auto start PostgreSQL
sudo launchctl load -w /Library/LaunchDaemons/org.macports.postgresql82-server.plist
Auto start Apache2 Web Server
sudo launchctl load -w /Library/LaunchDaemons/org.macports.apache2.plist
To disable the service auto start;
sudo launchctl unload -w /Library/LaunchDaemons/org.macports.apache2.plist
For more information, do man launchctl
We have OURMON running on one of network segment for quite some time, it is very helpful and resourceful when DDoS attack happened, especially to help our customer to find out which destination is targeted on the attack and from which sources. Below is the graph that we previously captured while running OURMON version 2.70.
OURMON Version 2.81
On the recent released of OURMON, the topn graphs didn’t show the traffic by Mbit/s instead of bit/s. The long no. is confusing when the NOC engineer is doing the monitoring(minimal 7 digits will show up). I have made some changes on omupdate.pl, one of OURMON script that generate html static page, to show extra value – Mbit/s. Our current OURMON graph looks something like below;
Below will show you how to add extra Mbit/s value on your OURMON Topn section;
edit omupdate.pl file
vi /usr/local/mrourmon/bin/omupdate.pl
On line 3137, add the code looks like below;
my $uappf = $items[$i+2]; # old hw app flags
my $uappl = $items[$i+3]; # app lower case
my $uapph = $items[$i+4]; # app upper case
my $bps = int(($items[$i+1] * 8)/30);
my $mbps = sprintf("%.2f", ($bps/1024)/1024); # convert bits to mbits
my $uaf = get_appflag($uappf, $uappl, $uapph);
this line of code my $mbps = sprintf(“%.2f”, ($bps/1024)/1024); is to declare the new variable $mbps and convert the bit/s value to Mbit/s by dividing 1024*1024.
Next is to display the value on the page, do something on line of code 3146;
"bits/sec: $bps, Mbits/sec: $mbps, "
Done, wait for a few second for the web page to refresh with extra Mbit/s value. Btw, you can remove bit/s if you want to, to save some extra space 
OURMON is popular known as open source Network Monitoring and Anomaly Detection System. It’s very useful for a web hosting provider or Internet Service Provider to study their network behavior and detection for any network attack such as DoS or DDoS.
Beside study your network behavior, it also can analyze your network protocols activities, tcp w0rm activity, p2p activity and etc.
Here is the step by step OURMON installation and configuration on FreeBSD with multi-threading support.
OUR source package can be downloaded on official sourceforget download page. I strongly suggest that do not install OURMON from port (due to the update on the package is quite slow), but before proceed on OURMON source install, there are several dependencies need to be installed;
PCRE
cd /usr/ports/devel/pcre && make install clean distclean
libpcap
cd /usr/ports/net/libpcap && make install clean distclean
RRDTool
cd /usr/ports/databases/rrdtool && make install clean distclean
Apache Web Server
cd /usr/ports/www/apache20 && make install clean distclean
OURMON Installation and Configuration
After above dependencies has been installed, now we proceed with OURMON installation and configuration;
untar yor ourmon package and your will see a folder name mrourmon. Copy the folder to /usr/local;
cp -rf mrourmon /usr/local/
In order to enable multi-threading support, there are some changes need to be made on your OURMON’s Makefile.
cd /usr/local/mrourmon/src/ourmon
vi Makefile.bsd
On line 27 and 30, uncomment the line which look like below;
CFLAGS=-O4 -DBSD -DTHREAD
LFLAGS=-O4 -static -DTHREAD
Also on line 18, change the BINDDIR to the directory that we are going to install ourmon;
BINDIR=/usr/local/mrourmon/bin
After that, save the file and we are ready to roll, go to OURMON root directory and run configure.pl for installation;
cd /usr/local/mrourmon
./configure
Follow the on screen guide to go through the installation, after ourmon is install, we are ready to fire it up… But there are minor changes need to be made in order to support multi-threading. Open up ourmon start up file and make the below changes;
vi /usr/local/etc/rc.d/ourmon.sh
On line 11, add extra argument (-T 2 ) into OURMON launch command and it will look like this;
/usr/local/mrourmon/bin/ourmon -T 2 -a 30 -s 256 -f /usr/local/mrourmon/etc/ourmon.conf -i bce1 -D /usr/local/mrourmon/tmp &
the argument -T 2 is to spawn 2 ourmon processes, if you have more processor on your server, you might want to add more; after that monitor on your server load, see whether it will crash your server or not
Run top command and monitor on your server load.
.
Apache Configuration
By default, OURMON web html files are located at /usr/local/www/data/ourmon, we suggest that you setup virtualhost to access to OURMON from your web browser;
NameVirtualHost *:80
ServerAdmin sysadm@systems.takizo.com
ServerName ourmon.systems.takizo.com
DocumentRoot /usr/local/mrourmon/web.pages
AllowOverride All
Order Deny,Allow
Deny from all
Allow from 202.188.1.5 # only allow authorized IP Address to access your OURMON.
ErrorLog /var/log/ourmon-error_log
CustomLog /var/log/ourmon-access_log common
You might also interest to change the viewing of OURMON site at your own convenience at /usr/local/www/data/ourmon/index.html, remember to make a copy before you make any changes.
Below are some graph that shown on our OURMON page;
updated : 19/10/2008
1. when start ourmon with “/usr/local/etc/rc.d/ourmon.sh start” return error :
sysctl: unknown oid ‘debug.bpf_bufsize’
sysctl: unknown oid ‘debug.bpf_maxbufsize’
change “sysctl -w debug.bpf_bufsize=8388608″ & “sysctl -w debug.bpf_maxbufsize=8388608″ in /usr/local/etc/rc.d/ourmon.sh to “sysctl -w net.bpf.bufsize=8388608″ & “sysctl -w net.bpf.maxbufsize=8388608″ to solve the error.
2. should the promicuous interface not picking up any traffic, bring it down (e.g. ifconfig rl0 down) and bring it up (ifconfig rl0 up) again should do the trick. Use tcpdump -i rl0 to see if it see any traffice.
