takizo, not takezo

If you have more than 100 servers in your network; behind a firewall; lazy to access to documentation. Here is the alternative option to find out your machine’s public IP Address via command line

$ wget -q -O - http://ipchicken.com |  grep -o -E '(^|[[:space:]])[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*([[:space:]]|$)'
# By default, FreeBSD doesn't have wget, you can use fetch instead
$ fetch -q -o - http://www.ipchicken.com | grep -o -E '(^|[[:space:]])[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*([[:space:]]|$)'

You need port 80 external/WAN access to perform the task.

Reverse DNS, in simple explanation it means that resolve your IP address into hostname. Nowaday it became a must have requirement for mail server’s IP address. It is also one of the method to determine your mail server IP is glue to the hostname.

Here is how to find out the reverse DNS IP address is pointed to which DNS server for zone delegation.

dig -x 175.136.188.90

; <<>> DiG 9.6.0-APPLE-P2 <<>> -x 175.136.188.90
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21938
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;90.188.136.175.in-addr.arpa.   IN      PTR

;; AUTHORITY SECTION:
136.175.in-addr.arpa.   10800   IN      SOA     ns1.tm.net.my. dnsadm.tmnet.com.my. 2011012113 10800 3600 604800 86400

;; Query time: 37 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Sat Jan 22 19:39:12 2011
;; MSG SIZE  rcvd: 111

The result above shown

• The SOA record shown the IP Address is pointed to ns1.tm.net.my for reverse DNS delegation.
• The zone 136.175.in-addr.arpa is delegating the IP 175.136.188.90

This command is pretty useful when you want to find out is the reverse DNS delegation works correctly.

On latest release of Cacti Spine 0.8.7g, it has new Multi threaded host polling feature. After upgrade Cacti Spine from version 0.8.7e to 0.8.7g, the graphing stopped working on FreeBSD 8.1 box. When we check the process with “top” command, it seems like spine process is hang and it utilizes 100% of CPU usage.

While doing verbose logging on spine, we saw the message “Spine Timed Out While Processing Hosts Internal” freezing until it reaches the script time out at 40 seconds. The logs didn’t provide much info and the actual fixes are available at Cacti Official Spine Patches website. After apply the patches, Spine 0.8.7g is working on the FreeBSD’s box. Most of our packages installation are through FreeBSD ports, I guess that we have to check on Cacti’s Official website to look for patches. Or the maintainer should grab the latest patches and update from FreeBSD ports

If Spine installation is from FreeBSD ports. Here is the step by step to fixed Spine 0.8.7g problem.

• Go to /usr/ports/net-mgmt/cacti-spine/
• Perform make clean to wipe off previous compiled files
• Do make extract to extract the source files
• On current directory, go to work/cacti-spine-0.8.7g/
• Download the latest patch from Cacti’s website and apply the patches
• Make to build the app from patches
• Make deinstall to uninstall current cacti
• and finally make install to install patched spine into binary folder.

shell> cd /usr/ports/net-mgmt/cacti-spine/
shell> make clean
shell> make extract
shell> cd work/cacti-spine-0.8.7g/
shell> wget http://www.cacti.net/downloads/spine/patches/0.8.7g/unified_issues.patch
shell> patch -p1 -N < unified_issues.patch
shell> make
shell> make deinstall
shell> make install

It’s good that to route all your outgoing email to a relay server for centralize management. Compiling Sendmail’s Smart Relay options in FreeBSD is slightly different from Linux machine. But it’s fairly easy to do so. Just follow the steps below, and I assume you already have your own email relay server to relay to.

Go to /etc/mail
run “make” command for the first time to generate “yourdomain”.cf and “yourdomain”.submit.cf / “yourdomain”.mc and “yourdomain”.submit.mc file

shell> cd /etc/mail
shell> make
shell> cp freebsd.mc "yourhostname".mc
/usr/bin/m4 -D_CF_DIR_=/usr/share/sendmail/cf/   /usr/share/sendmail/cf/m4/cf.m4 "yourhostname".mc > "yourhostname".cf
cp freebsd.submit.mc "yourhostname".submit.mc
/usr/bin/m4 -D_CF_DIR_=/usr/share/sendmail/cf/   /usr/share/sendmail/cf/m4/cf.m4 "yourhostname".submit.mc > "yourhostname"submit.cf

After mc and mf files have generated. Edit .mc file, look for line below. Change the SMART HOST to your email server’s hostname. It must be hostname and you CAN’T configure IP Address for SMART HOST.

shell> vi "yourdomain".mc

dnl define(`SMART_HOST', `your.isp.mail.server')
define(`SMART_HOST', `relay.server.hostname')

Next copy “define(`SMART_HOST’, `relay.server.hostname’)” and paste it in “yourhostname”.submit.mc. It must be placed before the line of “msp” feature.

define(`SMART_HOST', `relay.server.hostname')
FEATURE(`msp', `[127.0.0.1]')dnl

After configuration has been made, now run "make install" to generate the cf file and replace sendmail.cf and submit.cf

shell> make install
shell> /usr/bin/m4 -D_CF_DIR_=/usr/share/sendmail/cf/   /usr/share/sendmail/cf/m4/cf.m4 "yourhostname".mc >  "yourhostname".cf
install -m 444  "yourhostname".cf /etc/mail/sendmail.cf
/usr/bin/m4 -D_CF_DIR_=/usr/share/sendmail/cf/   /usr/share/sendmail/cf/m4/cf.m4  "yourhostname".submit.mc >  "yourhostname".submit.cf
install -m 444 iyot.time.com.my.submit.cf /etc/mail/submit.cf

You are basically done, now. Just restart sendmail services.

shell> /etc/rc.d/sendmail restart
shell> Cannot 'restart' sendmail. Set sendmail_enable to YES in /etc/rc.conf or use 'onerestart' instead of 'restart'.
Stopping sendmail_submit.
Waiting for PIDS: 64903.

Ignore the line to change sendmail_enable to YES if your server just do email submit and it doesn't act as incoming email.

You can invoke “adduser” command in FreeBSD in order to create new user. Adduser will prompt you for user info like name, uid, gid, shell environment and etc. But sometime we would like to create user access through Bash script. “useradd” command is the good way to do it.

In Linux, using “useradd” is pretty common for creating new user access. You can also use “useradd” in FreeBSD, but not directly invoke “useradd” command. Below is the sample of creating new user in FreeBSD with “useradd”.

shell> pw useradd cheryl -c 'Cheryl Windows Admin' -d /home/cheryl -s /usr/local/bin/bash

New user account is created, but don’t forgot to set password for the account

shell> passwd cheryl

You can run other command like “userdel”, “usermod”, “usershow”, “groupadd”, “groupdel”, “groupmod”, “lock”, “unlock” on FreeBSD by using the “pw” command.