You can use this query to get Client IPAddress in Oracle.
Command:
select sys_context('userenv','ip_address') from dual;
Result:
192.168.1.1
Ref: http://forums.oracle.com/forums/thread.jspa?messageID=1562503
==TaTsHuYa==
Thursday, January 28, 2010
Snmpd does not responding.
Today I found that when I use snmpwalk get information on some hosts but they didn't responding the result. It just show the error log 'No response from remote host "xxx.xxx.xxx.xxx"'
First - I checked the iptables ( it's already has the rule )
ACCEPT all -- xxx.xxx.xxx.xxx anywhere
Second - I try to dump the package by tcpdump to known that have the package received.
17:55:43.657982 IP xxx.xxx.xxx.xxx.51061 > yyy.yyy.yyy.yyy.snmp: C=MBpublic GetBulk(29) N=0 M=25 interfaces.ifTable.ifEntry.ifDescr
17:55:48.659170 IP xxx.xxx.xxx.xxx.51061 > yyy.yyy.yyy.yyy.snmp: C=MBpublic GetBulk(29) N=0 M=25 interfaces.ifTable.ifEntry.ifDescr
I found there are packages reach to the server but there is any response back to the remote
Third - I checked the process of snmpd by command 'ps -ef |grep snmpd'
root 768 26634 0 17:59 pts/1 00:00:00 grep snmpd
root 32365 1 0 17:54 ? 00:00:00 /usr/sbin/snmpd -Lsd -Lf /dev/null -p /var/run/snmpd -a
Lastly : I decided to check the status of SELinux by command 'sestatus'
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing
So I change it so Permissive mode by command 'setenforce permissive' and try snmpwalk again, now It worked!!!!
Another reason that I found for snmpd doesn't responding is 'IPTABLES', if you add rule by use destination port and host by use protocol TCP on port 161 ( snmp ), it will not work because snmpd use UDP on port 161 for query the information.
== TatsHuYa ==
First - I checked the iptables ( it's already has the rule )
ACCEPT all -- xxx.xxx.xxx.xxx anywhere
Second - I try to dump the package by tcpdump to known that have the package received.
17:55:43.657982 IP xxx.xxx.xxx.xxx.51061 > yyy.yyy.yyy.yyy.snmp: C=MBpublic GetBulk(29) N=0 M=25 interfaces.ifTable.ifEntry.ifDescr
17:55:48.659170 IP xxx.xxx.xxx.xxx.51061 > yyy.yyy.yyy.yyy.snmp: C=MBpublic GetBulk(29) N=0 M=25 interfaces.ifTable.ifEntry.ifDescr
I found there are packages reach to the server but there is any response back to the remote
Third - I checked the process of snmpd by command 'ps -ef |grep snmpd'
root 768 26634 0 17:59 pts/1 00:00:00 grep snmpd
root 32365 1 0 17:54 ? 00:00:00 /usr/sbin/snmpd -Lsd -Lf /dev/null -p /var/run/snmpd -a
Lastly : I decided to check the status of SELinux by command 'sestatus'
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing
So I change it so Permissive mode by command 'setenforce permissive' and try snmpwalk again, now It worked!!!!
Another reason that I found for snmpd doesn't responding is 'IPTABLES', if you add rule by use destination port and host by use protocol TCP on port 161 ( snmp ), it will not work because snmpd use UDP on port 161 for query the information.
== TatsHuYa ==
How to know status of SELinux
You can use the command 'sestatus' to find out the current status of SElinux.
There is 3 types of status
* enforcing - SELinux security policy is enforced.
* permissive - SELinux prints warnings instead of enforcing.
* disabled - SELinux is fully disabled.
tatshuya$> sestatus
== Result ==
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: permissive
Mode from config file: permissive
Policy version: 18
Policy from config file:targeted
Policy booleans:
allow_syslog_to_console inactive
allow_ypbind inactive
dhcpd_disable_trans inactive
httpd_builtin_scripting active
httpd_disable_trans inactive
httpd_enable_cgi active
httpd_enable_homedirs active
httpd_ssi_exec active
httpd_tty_comm inactive
httpd_unified active
mysqld_disable_trans inactive
named_disable_trans inactive
named_write_master_zonesinactive
nscd_disable_trans inactive
ntpd_disable_trans inactive
pegasus_disable_trans inactive
portmap_disable_trans inactive
postgresql_disable_transinactive
snmpd_disable_trans inactive
squid_disable_trans inactive
syslogd_disable_trans inactive
use_nfs_home_dirs inactive
use_samba_home_dirs inactive
use_syslogng inactive
winbind_disable_trans inactive
ypbind_disable_trans inactive
== TaTsHuYa ==
There is 3 types of status
* enforcing - SELinux security policy is enforced.
* permissive - SELinux prints warnings instead of enforcing.
* disabled - SELinux is fully disabled.
tatshuya$> sestatus
== Result ==
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: permissive
Mode from config file: permissive
Policy version: 18
Policy from config file:targeted
Policy booleans:
allow_syslog_to_console inactive
allow_ypbind inactive
dhcpd_disable_trans inactive
httpd_builtin_scripting active
httpd_disable_trans inactive
httpd_enable_cgi active
httpd_enable_homedirs active
httpd_ssi_exec active
httpd_tty_comm inactive
httpd_unified active
mysqld_disable_trans inactive
named_disable_trans inactive
named_write_master_zonesinactive
nscd_disable_trans inactive
ntpd_disable_trans inactive
pegasus_disable_trans inactive
portmap_disable_trans inactive
postgresql_disable_transinactive
snmpd_disable_trans inactive
squid_disable_trans inactive
syslogd_disable_trans inactive
use_nfs_home_dirs inactive
use_samba_home_dirs inactive
use_syslogng inactive
winbind_disable_trans inactive
ypbind_disable_trans inactive
== TaTsHuYa ==
Using IPTABLES allow multiport.
Today, I'm just learning that 'IPTABLES' can allow multiple port in single command like this '
Example:
iptables -A RH-Firewall-1-INPUT -s 192.168.1.1 -m multiport --dport 80,443 -j ACCEPT
==TaTsHuYa==
-m multiport --dports '
Example:
iptables -A RH-Firewall-1-INPUT -s 192.168.1.1 -m multiport --dport 80,443 -j ACCEPT
==TaTsHuYa==
Tuesday, January 26, 2010
Compile error: '/usr/bin/ld: cannot find -lelf'
When I try to compile application 'nagios-plugins-snmp', I found the error ' '/usr/bin/ld: cannot find -lelf'
The first thing I do, I search on the google and found that
Then I search rpm in my redhat and not found, so I try to download this rpm at http://rpm.pbone.net in the internet and rerun again.
== TaTsHuYa ==
The first thing I do, I search on the google and found that
-elf elfutils-devel (later renamed to elfutils-libelf-devel)
Then I search rpm in my redhat and not found, so I try to download this rpm at http://rpm.pbone.net in the internet and rerun again.
== TaTsHuYa ==
Subscribe to:
Posts (Atom)