Thursday, January 28, 2010

How to know client ipaddress in Oracle.

You can use this query to get Client IPAddress in Oracle.

Command:
select sys_context('userenv','ip_address') from dual;

Result:
192.168.1.1



Ref: http://forums.oracle.com/forums/thread.jspa?messageID=1562503

==TaTsHuYa==

Snmpd does not responding.

Today I found that when I use snmpwalk get information on some hosts but they didn't responding the result. It just show the error log 'No response from remote host "xxx.xxx.xxx.xxx"'
First - I checked the iptables ( it's already has the rule )
ACCEPT all -- xxx.xxx.xxx.xxx anywhere
Second - I try to dump the package by tcpdump to known that have the package received.
17:55:43.657982 IP xxx.xxx.xxx.xxx.51061 > yyy.yyy.yyy.yyy.snmp: C=MBpublic GetBulk(29) N=0 M=25 interfaces.ifTable.ifEntry.ifDescr
17:55:48.659170 IP xxx.xxx.xxx.xxx.51061 > yyy.yyy.yyy.yyy.snmp: C=MBpublic GetBulk(29) N=0 M=25 interfaces.ifTable.ifEntry.ifDescr


I found there are packages reach to the server but there is any response back to the remote

Third - I checked the process of snmpd by command 'ps -ef |grep snmpd'
root 768 26634 0 17:59 pts/1 00:00:00 grep snmpd
root 32365 1 0 17:54 ? 00:00:00 /usr/sbin/snmpd -Lsd -Lf /dev/null -p /var/run/snmpd -a


Lastly : I decided to check the status of SELinux by command 'sestatus'
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing


So I change it so Permissive mode by command 'setenforce permissive' and try snmpwalk again, now It worked!!!!


Another reason that I found for snmpd doesn't responding is 'IPTABLES', if you add rule by use destination port and host by use protocol TCP on port 161 ( snmp ), it will not work because snmpd use UDP on port 161 for query the information.

== TatsHuYa ==

How to know status of SELinux

You can use the command 'sestatus' to find out the current status of SElinux.
There is 3 types of status
* enforcing - SELinux security policy is enforced.
* permissive - SELinux prints warnings instead of enforcing.
* disabled - SELinux is fully disabled.

tatshuya$> sestatus

== Result ==
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: permissive
Mode from config file: permissive
Policy version: 18
Policy from config file:targeted

Policy booleans:

allow_syslog_to_console inactive
allow_ypbind inactive
dhcpd_disable_trans inactive
httpd_builtin_scripting active
httpd_disable_trans inactive
httpd_enable_cgi active
httpd_enable_homedirs active
httpd_ssi_exec active
httpd_tty_comm inactive
httpd_unified active
mysqld_disable_trans inactive
named_disable_trans inactive
named_write_master_zonesinactive
nscd_disable_trans inactive
ntpd_disable_trans inactive
pegasus_disable_trans inactive
portmap_disable_trans inactive
postgresql_disable_transinactive
snmpd_disable_trans inactive
squid_disable_trans inactive
syslogd_disable_trans inactive
use_nfs_home_dirs inactive
use_samba_home_dirs inactive
use_syslogng inactive
winbind_disable_trans inactive
ypbind_disable_trans inactive

== TaTsHuYa ==

Using IPTABLES allow multiport.

Today, I'm just learning that 'IPTABLES' can allow multiple port in single command like this '-m multiport --dports '

Example:
iptables -A RH-Firewall-1-INPUT -s 192.168.1.1 -m multiport --dport 80,443 -j ACCEPT

==TaTsHuYa==

Tuesday, January 26, 2010

Compile error: '/usr/bin/ld: cannot find -lelf'

When I try to compile application 'nagios-plugins-snmp', I found the error ' '/usr/bin/ld: cannot find -lelf'
The first thing I do, I search on the google and found that

-elf     elfutils-devel      (later renamed to elfutils-libelf-devel)


Then I search rpm in my redhat and not found, so I try to download this rpm at http://rpm.pbone.net in the internet and rerun again.

== TaTsHuYa ==