yum install ffmpeg ffmpeg-devel

If you get package not found, then you will need to add few lines in the yum repository for dag packages installation. Create a file named dag.repo in /etc/yum.repos.d with the following contents on it

[dag]
name=Dag RPM Repository for Red Hat Enterprise Linux
baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag
gpgcheck=1
enabled=1

then

yum install ffmpeg ffmpeg-devel

If everything is fine, then the installation should proceed smoothly. If not you will get something like warning GPG public key missing .

To fix rpmforge GPG key warning:

rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm

If you get missing dependency error like shown below, in the middle of ffmpeg installation

Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package ffmpeg
Error: Missing Dependency: libtheora.so.0(libtheora.so.1.0) is needed by package ffmpeg
Error: Missing Dependency: rtld(GNU_HASH) is needed by package ffmpeg
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package imlib2
Error: Missing Dependency: rtld(GNU_HASH) is needed by package a52dec
Error: Missing Dependency: rtld(GNU_HASH) is needed by package imlib2
Error: Missing Dependency: rtld(GNU_HASH) is needed by package gsm
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package x264
Error: Missing Dependency: rtld(GNU_HASH) is needed by package xvidcore
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package lame
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package a52dec
Error: Missing Dependency: rtld(GNU_HASH) is needed by package faad2
Error: Missing Dependency: rtld(GNU_HASH) is needed by package x264
Error: Missing Dependency: rtld(GNU_HASH) is needed by package lame
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package xvidcore
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package faac
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package faad2
Error: Missing Dependency: libgif.so.4 is needed by package imlib2
Error: Missing Dependency: rtld(GNU_HASH) is needed by package faac
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package gsm
Error: Missing Dependency: libpng12.so.0(PNG12_0) is needed by package imlib2
Error: Missing Dependency: rtld(GNU_HASH) is needed by package libmp4v2
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package libmp4v2

then most commonly you have GLIB 2.3 installed instead of GLIB 2.4 version. To check the current GLIB version installed on your server. just use

yum list glib*

To fix dependency error:

To fix this error, you might need to check your rpmforge packages compatible to the release of your existing CentOS version.
Check the file /etc/yum.repos.d/rpmforge.repo and it should look like for Centos 4.6(Final). If you have lines like http://apt.sw.be/redhat/el5/en/mirrors-rpmforge you might need to make changes to the rpmforge.repos like shown below

Note: Backup the original rpmforge.repo file before you edit its content.

[rpmforge]
name = Red Hat Enterprise $releasever – RPMforge.net – dag
#baseurl = http://apt.sw.be/redhat/el4/en/$basearch/dag
mirrorlist = http://apt.sw.be/redhat/el4/en/mirrors-rpmforge
#mirrorlist = file:///etc/yum.repos.d/mirrors-rpmforge
enabled = 1
protect = 0
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
gpgcheck = 1

To know what linux type and version you are running

cat /etc/redhat-release

Once this is done, do again yum install ffmpeg.

This trick resolved the problem in my linux box running Centos 4.6 and this is the only way i found to install ffmpeg using yum.
To check the FFmpeg working:

Finally, check the ffmpeg whether it is working or not.

> ffmpeg
> ffmpeg -formats
> ffmpeg –help
// This lists path of mpeg, its modules and other path information

ffmpeg -i Input.file Output.file
To check what audi/video formats are supported

ffmpeg -formats > ffmpeg-format.txt

Open the ffmpeg-formats.txt to see the ooutput

D means decode
E means encode
V means video
A means audio
T = Truncated
Install FFMPEG-PHP Extension

FFmpeg-php is a very good extension and wrapper for PHP which can pull useful information about video through API interface. Inorder to install it you will need to download the source file and then compile and install extension in your server. You can download the source tarball : http://ffmpeg-php.sourceforge.net/

wget /path/to/this/file/ffmpeg-php-0.5.2.1.tbz2

tar -xjf ffmpeg-0.5.2.1.tbz2

phpize

./configure
make
make install
Common Errors

1. If you get command not found error for phpize, then you will need to do yum install php-devel

2. If you get error like “ffmpeg headers not found” while configuring the source.

configure: error: ffmpeg headers not found. Make sure ffmpeg is
compiled as shared libraries using the –enable-shared option

then it means you have not installed ffmpeg-devel packages.

To Fix: Just install ffmpeg-devel using

yum install ffmpeg-devel

3. If you get an error like shared libraries not found problem and the program halts in the middle, then you must specify the ffmpeg installed path explicitly to the ./configure.

configure: error: ffmpeg shared libraries not found. Make sure ffmpeg is compiled as shared libraries using the –enable-shared option

To Fix:

1. First find out the ffmpeg path with ffmpeg –help command. The prefix default path should be like /usr/local/cpffmpeg
2. Configure the FFmpeg-php with –with-ffmpeg option

./configure –with-ffmpeg=/usr/local/cpffmpeg

That should resolve the problem!
Editing PHP.INI

Once you have done that without any problems then you will see the php extension file /usr/local/lib/php/extensions/no-debug-non-zts-20060613/ffmpeg.so and you will need mention that extension in php.ini file

nano /usr/local/lib/php.ini

Put the below two lines at the end of the php.ini file

[ffmpeg]
extension=ffmpeg.so

Then restart the server service httpd restart

To check whether ffmpeg enabled with php, point your browser to test.php file. It should show the confirmation of installed ffmpeg php extension

// #test.php

Installing Mplayer + Mencoder

Just issue the following yum commands to install the rest of the packages.

yum install mplayer mencoder
Installing FlvTool2

Flvtool2 is a flash video file manipulation tool. It can calculate metadata and can cut and edit cue points for flv files.

If you are on Centos 5 try yum install flvtool2 with dag repository and if you get package not found you will need to manually download and compile the flvtool2. You can download latest version of flvtool2 here: http://rubyforge.org/projects/flvtool2/

wget

ruby setup.rb config
ruby setup.rb setup
sudo ruby setup.rb install

If you get command not found error, it probably means that you dont have ruby installed.

yum install ruby

Thats it! Once ffmpeg works fine with php extension, download a sample video, convert to .flv format in the command line.

REFERENCE:
https://.mysql-apache-php.com/ffmpeg-install.htm

BFD(Brute Force Detection)

BFD is a modular shell script for parsing applicable logs and checking for authentication failures. There is not much complexity or detail to BFD yet and likewise it is very straight-forward in its installation, configuration and usage. The reason behind BFD is very simple; the fact there is little to no authentication and brute force auditing programs in the linux community that work in conjunction with a firewall or real-time facility to place bans. B

This guide will show you how to install and configure BFD to protect your system from brute force hack attempts.

Requirements:
– You MUST have APF Firewall Installed before installing BFD – it works with APF and requires some APF files to operate.
– Root SSH access to your server

Lets begin!
Login to your server through SSH and su to the root user.

1. cd /root/downloads or another temporary folder where you store your files.

2. wget https://.rfxnetworks.com/downloads/bfd-current.tar.gz

3. tar -xvzf bfd-current.tar.gz

4. cd bfd-*.*

5. Run the install file: ./install.sh
You will receive a message saying it has been installed

.: BFD installed
Install path: /usr/local/bfd
Config path: /usr/local/bfd/conf.bfd
Executable path: /usr/local/sbin/bfd

6. Lets edit the configuration file: pico /usr/local/bfd/conf.bfd

7. Enable brute force hack attempt alerts:
Find: ALERT_USR=”0″ CHANGE TO: ALERT_USR=”1″

Find: EMAIL_USR=”root” CHANGE TO: EMAIL_USR=”your@yourdomain.com”

Save the changes: Ctrl+X then Y

8. Prevent locking yourself out!
pico -w /usr/local/bfd/ignore.hosts and add your own trusted IPs
Eg: 192.168.1.1

Save the changes: Ctrl+X then Y

BFD uses APF’ cli insert feature
and as such will override any allow_hosts.rules entries users have in-place.
So be sure to add your trusted ip addresses to the ignore file to prevent
locking yourself out.

9. Run the program!
/usr/local/sbin/bfd -s

We can customize the rules used for any of the monitored services by editing the appropriate rule located in /usr/local/bfd/rules

DENYHOST

DenyHosts is a script intended to be run by Linux system administrators to help thwart ssh server attacks

If we look at the ssh log (/var/log/secure on Redhat, /var/log/auth.log on Mandrake, etc…) we may be alarmed to see how many hackers attempted to gain access to the server. Hopefully, none of them were successful (but then again, how would you know?). Wouldn’t it be better to automatically prevent that attacker from continuing to gain entry into the system/server?

DenyHosts attempts to address the above.
1 Installation

DenyHosts is written in Python, therefore we must install Python and also the Python development files first:

apt-get install python python2.3-dev python2.3

Then we download and install DenyHosts like this:

cd /tmp
wget http://mesh.dl.sourceforge.net/sourceforge/denyhosts/DenyHosts-2.0.tar.gz
tar xvfz DenyHosts-2.0.tar.gz
cd DenyHosts-2.0
python setup.py install

This installs DenyHosts to /usr/share/denyhosts.

2 Configuration

Now we have to create the DenyHosts configuration file /usr/share/denyhosts/denyhosts.cfg. We can use the sample configuration file /usr/share/denyhosts/denyhosts.cfg-dist for this:

cd /usr/share/denyhosts
cp denyhosts.cfg-dist denyhosts.cfg

Then we must edit denyhosts.cfg with our favourite editor such as vi, for example.It looks like this:

############ THESE SETTINGS ARE REQUIRED ############

########################################################################

#

# SECURE_LOG: the log file that contains sshd logging info

# if you are not sure, grep “sshd:” /var/log/*

#

# The file to process can be overridden with the –file command line

# argument

#

# Redhat or Fedora Core:

#SECURE_LOG = /var/log/secure

#

# Mandrake, FreeBSD or OpenBSD:

SECURE_LOG = /var/log/auth.log

#

# SuSE:

#SECURE_LOG = /var/log/messages

#

########################################################################

########################################################################

# HOSTS_DENY: the file which contains restricted host access information

#

# Most operating systems:

HOSTS_DENY = /etc/hosts.deny

#

# Some BSD (FreeBSD) Unixes:

#HOSTS_DENY = /etc/hosts.allow

#

# Another possibility (also see the next option):

#HOSTS_DENY = /etc/hosts.evil

#######################################################################

########################################################################

# PURGE_DENY: removed HOSTS_DENY entries that are older than this time

# when DenyHosts is invoked with the –purge flag

#

# format is: i[dhwmy]

# Where ‘i’ is an integer (eg. 7)

# ‘m’ = minutes

# ‘h’ = hours

# ‘d’ = days

# ‘w’ = weeks

# ‘y’ = years

#

# never purge:

PURGE_DENY =

#

# purge entries older than 1 week

#PURGE_DENY = 1w

#

# purge entries older than 5 days

#PURGE_DENY = 5d

#######################################################################

#######################################################################

# BLOCK_SERVICE: the service name that should be blocked in HOSTS_DENY

#

# man 5 hosts_access for details

#

# eg. sshd: 127.0.0.1 # will block sshd logins from 127.0.0.1

#

# To block all services for the offending host:

#BLOCK_SERVICE = ALL

# To block only sshd:

BLOCK_SERVICE = sshd

# To only record the offending host and nothing else (if using

# an auxilary file to list the hosts). Refer to:

# http://denyhosts.sourceforge.net/faq.html#aux

#BLOCK_SERVICE =

#

#######################################################################

#######################################################################

#

# DENY_THRESHOLD_INVALID: block each host after the number of failed login

# attempts has exceeded this value. This value applies to invalid

# user login attempts (eg. non-existent user accounts)

#

DENY_THRESHOLD_INVALID = 5

#

#######################################################################

#######################################################################

#

# DENY_THRESHOLD_VALID: block each host after the number of failed

# login attempts has exceeded this value. This value applies to valid

# user login attempts (eg. user accounts that exist in /etc/passwd) except

# for the “root” user

#

DENY_THRESHOLD_VALID = 10

#

#######################################################################

#######################################################################

#

# DENY_THRESHOLD_ROOT: block each host after the number of failed

# login attempts has exceeded this value. This value applies to

# “root” user login attempts only.

#

DENY_THRESHOLD_ROOT = 5

#

#######################################################################

#######################################################################

#

# WORK_DIR: the path that DenyHosts will use for writing data to

# (it will be created if it does not already exist).

#

# Note: it is recommended that you use an absolute pathname

# for this value (eg. /home/foo/denyhosts/data)

#

WORK_DIR = /usr/share/denyhosts/data

#

#######################################################################

#######################################################################

#

# SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS

#

# SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES|NO

# If set to YES, if a suspicious login attempt results from an allowed-host

# then it is considered suspicious. If this is NO, then suspicious logins

# from allowed-hosts will not be reported. All suspicious logins from

# ip addresses that are not in allowed-hosts will always be reported.

#

SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES

######################################################################

######################################################################

#

# HOSTNAME_LOOKUP

#

# HOSTNAME_LOOKUP=YES|NO

# If set to YES, for each IP address that is reported by Denyhosts,

# the corresponding hostname will be looked up and reported as well

# (if available).

#

HOSTNAME_LOOKUP=YES

#

######################################################################

######################################################################

#

# LOCK_FILE

#

# LOCK_FILE=/path/denyhosts

# If this file exists when DenyHosts is run, then DenyHosts will exit

# immediately. Otherwise, this file will be created upon invocation

# and deleted upon exit. This ensures that only one instance is

# running at a time.

#

# Redhat/Fedora:

#LOCK_FILE = /var/lock/subsys/denyhosts

#

# Debian

LOCK_FILE = /var/run/denyhosts.pid

#

# Misc

#LOCK_FILE = /tmp/denyhosts.lock

#

######################################################################

############ THESE SETTINGS ARE OPTIONAL ############

#######################################################################

#

# ADMIN_EMAIL: if you would like to receive emails regarding newly

# restricted hosts and suspicious logins, set this address to

# match your email address. If you do not want to receive these reports

# leave this field blank (or run with the –noemail option)

#

ADMIN_EMAIL =

#

#######################################################################

#######################################################################

#

SMTP_HOST = localhost

SMTP_PORT = 25

SMTP_FROM = DenyHosts

SMTP_SUBJECT = DenyHosts Report

#SMTP_USERNAME=foo

#SMTP_PASSWORD=bar

#

#######################################################################

######################################################################

#

# ALLOWED_HOSTS_HOSTNAME_LOOKUP

#

# ALLOWED_HOSTS_HOSTNAME_LOOKUP=YES|NO

# If set to YES, for each entry in the WORK_DIR/allowed-hosts file,

# the hostname will be looked up. If your versions of tcp_wrappers

# and sshd sometimes log hostnames in addition to ip addresses

# then you may wish to specify this option.

#

#ALLOWED_HOSTS_HOSTNAME_LOOKUP=NO

#

######################################################################

######################################################################

#

# AGE_RESET_VALID: Specifies the period of time between failed login

# attempts that, when exceeded will result in the failed count for

# this host to be reset to 0. This value applies to login attempts

# to all valid users (those within /etc/passwd) with the

# exception of root. If not defined, this count will never

# be reset.

#

# See the comments in the PURGE_DENY section (above)

# for details on specifying this value or for complete details

# refer to: http://denyhosts.sourceforge.net/faq.html#timespec

#

AGE_RESET_VALID=5d

#

######################################################################

######################################################################

#

# AGE_RESET_ROOT: Specifies the period of time between failed login

# attempts that, when exceeded will result in the failed count for

# this host to be reset to 0. This value applies to all login

# attempts to the “root” user account. If not defined,

# this count will never be reset.

#

# See the comments in the PURGE_DENY section (above)

# for details on specifying this value or for complete details

# refer to: http://denyhosts.sourceforge.net/faq.html#timespec

#

AGE_RESET_ROOT=25d

#

######################################################################

######################################################################

#

# AGE_RESET_INVALID: Specifies the period of time between failed login

# attempts that, when exceeded will result in the failed count for

# this host to be reset to 0. This value applies to login attempts

# made to any invalid username (those that do not appear

# in /etc/passwd). If not defined, count will never be reset.

#

# See the comments in the PURGE_DENY section (above)

# for details on specifying this value or for complete details

# refer to: http://denyhosts.sourceforge.net/faq.html#timespec

#

AGE_RESET_INVALID=10d

#

######################################################################

######################################################################

#

# PLUGIN_DENY: If set, this value should point to an executable

# program that will be invoked when a host is added to the

# HOSTS_DENY file. This executable will be passed the host

# that will be added as it’s only argument.

#

#PLUGIN_DENY=/usr/bin/true

#

######################################################################

######################################################################

#

# PLUGIN_PURGE: If set, this value should point to an executable

# program that will be invoked when a host is removed from the

# HOSTS_DENY file. This executable will be passed the host

# that is to be purged as it’s only argument.

#

#PLUGIN_PURGE=/usr/bin/true

#

######################################################################

######################################################################

#

# USERDEF_FAILED_ENTRY_REGEX: if set, this value should contain

# a regular expression that can be used to identify additional

# hackers for your particular ssh configuration. This functionality

# extends the built-in regular expressions that DenyHosts uses.

# This parameter can be specified multiple times.

# See this faq entry for more details:

# http://denyhosts.sf.net/faq.html#userdef_regex

#

#USERDEF_FAILED_ENTRY_REGEX=

#

#

######################################################################

######### THESE SETTINGS ARE SPECIFIC TO DAEMON MODE ##########

#######################################################################

#

# DAEMON_LOG: when DenyHosts is run in daemon mode (–daemon flag)

# this is the logfile that DenyHosts uses to report it’s status.

# To disable logging, leave blank. (default is: /var/log/denyhosts)

#

DAEMON_LOG = /var/log/denyhosts

#

# disable logging:

#DAEMON_LOG =

#

######################################################################

#######################################################################

#

# DAEMON_LOG_TIME_FORMAT: when DenyHosts is run in daemon mode

# (–daemon flag) this specifies the timestamp format of

# the DAEMON_LOG messages (default is the ISO8061 format:

# ie. 2005-07-22 10:38:01,745)

#

# for possible values for this parameter refer to: man strftime

#

# Jan 1 13:05:59

#DAEMON_LOG_TIME_FORMAT = %b %d %H:%M:%S

#

# Jan 1 01:05:59

#DAEMON_LOG_TIME_FORMAT = %b %d %I:%M:%S

#

######################################################################

#######################################################################

#

# DAEMON_LOG_MESSAGE_FORMAT: when DenyHosts is run in daemon mode

# (–daemon flag) this specifies the message format of each logged

# entry. By default the following format is used:

#

# %(asctime)s – %(name)-12s: %(levelname)-8s %(message)s

#

# Where the “%(asctime)s” portion is expanded to the format

# defined by DAEMON_LOG_TIME_FORMAT

#

# This string is passed to python’s logging.Formatter contstuctor.

# For details on the possible format types please refer to:

# http://docs.python.org/lib/node357.html

#

# This is the default:

#DAEMON_LOG_MESSAGE_FORMAT = %(asctime)s – %(name)-12s: %(levelname)-8s %(message)s

#

#

######################################################################

#######################################################################

#

# DAEMON_SLEEP: when DenyHosts is run in daemon mode (–daemon flag)

# this is the amount of time DenyHosts will sleep between polling

# the SECURE_LOG. See the comments in the PURGE_DENY section (above)

# for details on specifying this value or for complete details

# refer to: http://denyhosts.sourceforge.net/faq.html#timespec

#

#

DAEMON_SLEEP = 30s

#

#######################################################################

#######################################################################

#

# DAEMON_PURGE: How often should DenyHosts, when run in daemon mode,

# run the purge mechanism to expire old entries in HOSTS_DENY

# This has no effect if PURGE_DENY is blank.

#

DAEMON_PURGE = 1h

#

#######################################################################

######### THESE SETTINGS ARE SPECIFIC TO ##########

######### DAEMON SYNCHRONIZATION ##########

#######################################################################

#

# Synchronization mode allows the DenyHosts daemon the ability

# to periodically send and receive denied host data such that

# DenyHosts daemons worldwide can automatically inform one

# another regarding banned hosts. This mode is disabled by

# default, you must uncomment SYNC_SERVER to enable this mode.

#

# for more information, please refer to:

# http:/denyhosts.sourceforge.net/faq.html#sync

#

#######################################################################

#######################################################################

#

# SYNC_SERVER: The central server that communicates with DenyHost

# daemons. Currently, denyhosts.net is the only available server

# however, in the future, it may be possible for organizations to

# install their own server for internal network synchronization

#

# To disable synchronization (the default), do nothing.

#

# To enable synchronization, you must uncomment the following line:

#SYNC_SERVER = http://xmlrpc.denyhosts.net:9911

#

#######################################################################

#######################################################################

#

# SYNC_INTERVAL: the interval of time to perform synchronizations if

# SYNC_SERVER has been uncommented. The default is 1 hour.

#

#SYNC_INTERVAL = 1h

#

#######################################################################

#######################################################################

#

# SYNC_UPLOAD: allow your DenyHosts daemon to transmit hosts that have

# been denied? This option only applies if SYNC_SERVER has

# been uncommented.

#

#SYNC_UPLOAD = no

#

# the default:

#SYNC_UPLOAD = yes

#

#######################################################################

#######################################################################

#

# SYNC_DOWNLOAD: allow your DenyHosts daemon to receive hosts that have

# been denied by others? This option only applies if SYNC_SERVER has

# been uncommented.

#

#SYNC_DOWNLOAD = no

#

# the default:

#SYNC_DOWNLOAD = yes

#

#######################################################################

#######################################################################

#

# SYNC_DOWNLOAD_THRESHOLD: If SYNC_DOWNLOAD is enabled this paramter

# filters the returned hosts to those that have been blocked this many

# times by others. That is, if set to 1, then if a single DenyHosts

# server has denied an ip address then you will receive the denied host.

#

#SYNC_DOWNLOAD_THRESHOLD = 10

#

# the default:

#SYNC_DOWNLOAD_THRESHOLD = 3

#

#######################################################################

Make sure you set SECURE_LOG and LOCK_FILE to the correct values for your distribution! For Debian, these are:

SECURE_LOG = /var/log/auth.log
LOCK_FILE = /var/run/denyhosts.pid

As we want to run DenyHosts as a daemon, we need the daemon control script /usr/share/denyhosts/daemon-control. Again, we can use the sample script /usr/share/denyhosts/daemon-control-dist to create the needed file:

cp daemon-control-dist daemon-control

Edit /usr/share/denyhosts/daemon-control and make sure you set the correct values for DENYHOSTS_BIN, DENYHOSTS_LOCK, and DENYHOSTS_CFG. For Debian, these are:

DENYHOSTS_BIN = “/usr/bin/denyhosts.py”
DENYHOSTS_LOCK = “/var/run/denyhosts.pid”
DENYHOSTS_CFG = “/usr/share/denyhosts/denyhosts.cfg”

So my /usr/share/denyhosts/daemon-control file looks like this:

#!/usr/bin/env python

# denyhosts Bring up/down the DenyHosts daemon

#

# chkconfig: 2345 98 02

# description: Activates/Deactivates the

# DenyHosts daemon to block ssh attempts

#

###############################################

###############################################

#### Edit these to suit your configuration ####

###############################################

DENYHOSTS_BIN = “/usr/bin/denyhosts.py”

DENYHOSTS_LOCK = “/var/run/denyhosts.pid”

DENYHOSTS_CFG = “/usr/share/denyhosts/denyhosts.cfg”

###############################################

#### Do not edit below ####

###############################################

import os, sys, signal, time

STATE_NOT_RUNNING = -1

STATE_LOCK_EXISTS = -2

def usage():

print “Usage: %s {start [args…] | stop | restart [args…] | status | debug | condrestart [args…] }” % sys.argv[0]

print

print “For a list of valid ‘args’ refer to:”

print “$ denyhosts.py –help”

print

sys.exit(0)

def getpid():

try:

fp = open(DENYHOSTS_LOCK, “r”)

pid = int(fp.readline().rstrip())

fp.close()

except Exception, e:

return STATE_NOT_RUNNING

if os.access(os.path.join(“/proc”, str(pid)), os.F_OK):

return pid

else:

return STATE_LOCK_EXISTS

def start(*args):

cmd = “%s –daemon ” % DENYHOSTS_BIN

if args: cmd += ‘ ‘.join(args)

print “starting DenyHosts: “, cmd

os.system(cmd)

def stop():

pid = getpid()

if pid >= 0:

os.kill(pid, signal.SIGTERM)

print “sent DenyHosts SIGTERM”

else:

print “DenyHosts is not running”

def debug():

pid = getpid()

if pid >= 0:

os.kill(pid, signal.SIGUSR1)

print “sent DenyHosts SIGUSR1”

else:

print “DenyHosts is not running”

def status():

pid = getpid()

if pid == STATE_LOCK_EXISTS:

print “%s exists but DenyHosts is not running” % DENYHOSTS_LOCK

elif pid == STATE_NOT_RUNNING:

print “Denyhosts is not running”

else:

print “DenyHosts is running with pid = %d” % pid

def condrestart(*args):

pid = getpid()

if pid >= 0:

restart(*args)

def restart(*args):

stop()

time.sleep(1)

start(*args)

if __name__ == ‘__main__’:

cases = {‘start’: start,

‘stop’: stop,

‘debug’: debug,

‘status’: status,

‘condrestart’: condrestart,

‘restart’: restart}

try:

args = sys.argv[2:]

except:

args = []

try:

option = sys.argv[1]

if option in (‘start’, ‘restart’, ‘condrestart’):

if ‘–config’ not in args and ‘-c’ not in args:

args.append(“–config=%s” % DENYHOSTS_CFG)

cmd = cases[option]

apply(cmd, args)

except:

usage()

Next we have to make that file executable:

chown root daemon-control
chmod 700 daemon-control

Afterwards, we create the system bootup links for DenyHosts do that it is started automatically when the system is booted:

cd /etc/init.d
ln -s /usr/share/denyhosts/daemon-control denyhosts
update-rc.d denyhosts defaults

Finally, we start DenyHosts:

/etc/init.d/denyhosts start

DenyHosts logs to /var/log/denyhosts, if you are interested in the logs. The SSH daemon logs to /var/log/auth.log on Debian. You can watch both logs and try to log in with an invalid user or with a valid user and incorrect password, etc. via SSH and see what happens. After you have crossed the threshold of incorrect login attempts, the IP address from which you tried to connect should get listed in /etc/hosts.deny, like this:

# /etc/hosts.deny: list of hosts that are _not_ allowed to access the system.

# See the manual pages hosts_access(5), hosts_options(5)

# and /usr/doc/netbase/portmapper.txt.gz

#

# Example: ALL: some.host.name, .some.domain

# ALL EXCEPT in.fingerd: other.host.name, .other.domain

#

# If you’re going to protect the portmapper use the name “portmap” for the

# daemon name. Remember that you can only use the keyword “ALL” and IP

# addresses (NOT host or domain names) for the portmapper. See portmap(8)

# and /usr/doc/portmap/portmapper.txt.gz for further information.

#

# The PARANOID wildcard matches any host whose name does not match its

# address.

# You may wish to enable this to ensure any programs that don’t

# validate looked up hostnames still leave understandable logs. In past

# versions of Debian this has been the default.

# ALL: PARANOID

sshd: 192.168.0.203

This means that the system with the IP address 192.168.0.203 cannot connect anymore using SSH.

You can specify if/when IP addresses are removed again from /etc/hosts.deny – have a look at the PURGE_DENY variable in /usr/share/denyhosts/denyhosts.cfg. You must start DenyHosts with the –purge option to make the PURGE_DENY variable effective, like this:

/etc/init.d/denyhosts start –purge

However, you can also remove IP addresses manually from there, and as soon as they have got removed, these IP addresses can try to log in again via SSH.

cp /etc/yum.repos.d/CentOS-Base.repo.original /etc/yum.repos.d/CentOS-Base.repo

If you do not do this your going to get a blank page as we are swapping to the correct repos.

Installation
Requirements
SolusVM requires the following specification:

CentOS 5+ based linux operating system
At least one external IP address
Install
In SSH as root do the following:

wget http://soluslabs.com/installers/solusvm/install
chmod 755 install
./install

TroubleShooting
There seems to have been a slight problem with our database, please try again later
This usually occurs when the SolusVM MySQL installation has conflicted with an existing MySQL instance.

To fix this problem run the following on the node:

yum remove mysql mysql-client mysql-server

Now run the SolusVM installer again.

I keep getting connection error when adding a slave to the master.
Check the IP Address that is listed in /usr/local/solusvm/data/allow.dat on the slave matches the IP Addess of the master. This file can take more than one ip address but each ip must be on it’s own line.

To double check the IP of the master do the following:

curl -s http://checkip.dyndns.org/ | grep -o "[[:digit:].]\+"

The above code should output the correct IP. You can also check the main IP of the node by doing the following:

ifconfig

Make sure the correct IP is listed for eth0.

I get PHP modules errors after install.
SolusVM uses the standard CentOS PHP rpms for its installation so any other version usually breaks the system.

To check the version do the following in SSH:

php -v

You should get the output of 5.1.6 i.e:

PHP 5.1.6 (cli) (built: Apr  7 2009 08:00:04)
Copyright (c) 1997-2006 The PHP Group
Zend Engine v2.1.0, Copyright (c) 1998-2006 Zend Technologies
    with the ionCube PHP Loader v3.1.34, Copyright (c) 2002-2009, by ionCube Ltd.

If you get any other version it usually means you have extra repos installed in yum, like the

old lxlabs repo or rpmforge repo. There is no real need to have these extra repos installed on your node and they can be removed from the /etc/yum.repos.d folder.

Any module errors are usually caused by the modules directory being wrongly defined in /etc/php.ini.

For 32bit systems the module directory should be: /usr/lib/php/modules

For 64bit systems the module directory should be: /usr/lib64/php/modules

First thing you have to do is check whether tun/tap is active or not by typing
#cat /dev/net/tun

cat: /dev/net/tun: File descriptor in bad state

take a look at the status above, “File descriptor in bad state” means tun/tap is active, otherwise please ask your provider to activate it

Install required modules
#yum install gcc make rpm-build autoconf.noarch zlib-devel pam-devel openssl-devel

Download OPENVPN repo
#wget http://openvpn.net/release/lzo-1.08-4.rf.src.rpm

for 32bit
#wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.i386.rpm

for 64bit
#wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm

Build the rpm packages
#rpmbuild –rebuild lzo-1.08-4.rf.src.rpm
#rpm -Uvh /usr/src/redhat/RPMS/i386/lzo-*.rpm
#rpm -Uvh rpmforge-release-0.5.2-2.el5.rf.i386.rpm

*remember to change i386 to x86_64 if you’re using 64bit

Install OPENVPN
#yum install openvpn

Copy OPENVPN easy-rsa folder to /etc/openvpn/
#cp -R /usr/share/doc/openvpn-2.1.4/easy-rsa/ /etc/openvpn/

Now let’s create the certificate
#cd /etc/openvpn/easy-rsa/2.0
#chmod 755 *
#source ./vars
#./vars
#./clean-all

Build CA
#./build-ca

Country Name: may be filled or press enter
State or Province Name: may be filled or press enter
City: may be filled or press enter
Org Name: may be filled or press enter
Org Unit Name: may be filled or press enter
Common Name: your server hostname
Email Address: may be filled or press enter

Build key server
#./build-key-server server

Almost the same with ./build.ca but check the changes and additional
Common Name: server
A challenge password: leave
Optional company name: fill or enter
sign the certificate: y
1 out of 1 certificate requests: y

Build Diffie Hellman (wait a moment until the process finish)
#./build-dh

Now i’m gonna create UDP port 1194 configuration for OPENVPN, use any text editor you like
#nano /etc/openvpn/1194.conf

local 123.123.123.123 #- your_server_ip
port 1194 #- port
proto udp #- protocol
dev tun
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login
client-cert-not-required
username-as-common-name
server 1.2.3.0 255.255.255.0
push "redirect-gateway def1"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 4.2.2.1"
keepalive 5 30
comp-lzo
persist-key
persist-tun
status 1194.log
verb 3

before you save the configuration, make sure that the “plugin /usr/share/.. /pam.d/login” is one line

Start the OPENVPN with 1194.conf
#openvpn /etc/openvpn/1194.conf &

here’s the status if OPENVPN successfully started

Mon Feb 21 02:23:20 2011 UDPv4 link remote: [undef]
Mon Feb 21 02:23:20 2011 MULTI: multi_init called, r=256 v=256
Mon Feb 21 02:23:20 2011 IFCONFIG POOL: base=1.2.3.4 size=62
Mon Feb 21 02:23:20 2011 Initialization Sequence Completed

Make OPENVPN 1194.conf running in background
#bg

Enable ipv4 forward
#echo 1 > /proc/sys/net/ipv4/ip_forward

Route iptables
#iptables -t nat -A POSTROUTING -s 1.2.3.0/24 -j SNAT –to 123.123.123.123

*1.2.3.0 is allocated ip for OPENVPN client
*123.123.123.123 is your server ip

Now we create username and password for authorization
#useradd username -s /bin/false
#passwd username

Download ca.crt file in /etc/openvpn/easy-rsa/2.0/keys/ directory, you can use sftp client

Download and install OPENVPN client for windows, download the latest stable release OPENVPN version 2.1.4 from here

After you finished installing OPENVPN, move ca.crt (file that you previously downloaded from /etc/openvpn/easy-rsa/2.0/keys/) to OPENVPN config folder in your program files (\Program Files\OpenVPN\config\)

Also create client configuration file in OPENVPN config directory, here’s the example:

client
dev tun
proto udp #- protocol
remote 123.123.123.123 1194 #- SERVER IP and OPENVPN Port
resolv-retry infinite
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ca ca.crt
auth-user-pass
comp-lzo
verb 3

save with anyname.ovpn or 1194.ovpn

http://i56.tinypic.com/aktvet.jpg

Run OPENVPN Client on your Windows, connect with your username and password.

http://i55.tinypic.com/2vwz9di.jpg
http://i53.tinypic.com/2883y0y.jpg

Check your IP Address in browser and Voila!!! You’re IP is now changed to your server IP

note:
– Never fails make OPENVPN on CentOS with this tutorial
– Those configurations above are basic configuration, you can check OPENVPN website for another configuration
– If you’re using Win 7, before installing OPENVPN client, right click on the installer, properties, run as administrator and change compatibility to Windows XP SP3
– If you wanna add another port, maybe TCP so you can run OPENVPN over proxy, just create new configuration for server, adjust the following lines:

port: your preferred port
protocol: tcp or udp
client's ip: 1.2.4.0 or 1.2.5.0 ; 1.2.6.0 ; and so on

also new configuration for client

proto xxxx #- change xxxx to tcp or udp
remote 123.123.123.123 yyyy #- change yyyy to OPENVPN port

and then run the command
#iptables -t nat -A POSTROUTING -s 1.2.4.0/24 -j SNAT –to 123.123.123.123

SolusVM requires the following specification:

• CentOS 5+ based linux operating system
• At least one external IP address
• OpenVZ – Ensure you have the correct partition requirements –
• Xen – Ensure you have the correct partition requirements –

• OpenVZ – Ensure you are running an OpenVZ Kernel
• Xen – Ensure you are running a Xen Kernel

Installing a Master

In SSH as root do the following:

wget http://soluslabs.com/installers/solusvm/install
chmod 755 install
./install


Select option 1
You will now be presented with the next menu as illustrated below:



If you need to install a master that won't host any virtual servers, select option 2 (recommended)
If you need to install a master that will host virtual servers, select option 1

The install will now do it's work.

Remembering to disable SELinux as required.

Once installed go to http://myipaddress:5353/admincp/ and login using (uname) vpsadmin (pword) vpsadmin

 

For any issues while installing contact sunnytheservermaster@gmail.com

RED5 is a streaming application which can be used to stream live broadcasting.

I done it today for a client from srilankan to for a live streaming. The steps are given below which helps anyone to install it.

First Of all install java

yum -y install java-1.6.0-openjdk  java-1.6.0-openjdk-devel

Then Install ANT



cd /root/tmp
wget http://mirrors.kahuki.com/apache/ant/bin...in.tar.bz2
tar jxvf apache-ant-1.8.0-bin.tar.bz2
mv apache-ant-1.8.0 /usr/local/ant
Export the Variable For ANT as given below:
export ANT_HOME=/usr/local/ant
export JAVA_HOME=/usr/lib/jvm/java
export PATH=$PATH:/usr/local/ant/bin
export CLASSPATH=.:$JAVA_HOME/lib/classes.zip

echo 'export ANT_HOME=/usr/local/ant' >> /etc/bashrc
echo 'export JAVA_HOME=/usr/lib/jvm/java' >> /etc/bashrc
echo 'export PATH=$PATH:/usr/local/ant/bin' >> /etc/bashrc
echo 'export CLASSPATH=.:$JAVA_HOME/lib/classes.zip' >>  /etc/bashrc

If SVN is not installed then Install it:

yum install perl-URI

yum install subversion

Then Install RED5

svn co http://red5.googlecode.com/svn/java/server/tags/0_8_0/ red5
mv red5 /usr/local/
cd /usr/local/red5

ant prepare
ant dist
cp -r dist/conf .

Start RED5:

./red5.sh &

EDIT init script:
vi /etc/init.d/red5

download https://.sohailriaz.com/downloads/red5.txt and copy / paste code in it. The init script code also be viewed below.
#!/bin/sh

# For RedHat and cousins:

# chkconfig: 2345 85 85

# description: Red5 flash streaming server

# processname: red5
PROG=red5

RED5_HOME=/usr/local/red5

DAEMON=$RED5_HOME/$PROG.sh

PIDFILE=/var/run/$PROG.pid
# Source function library

. /etc/rc.d/init.d/functions
[ -r /etc/sysconfig/red5 ] && . /etc/sysconfig/red5
RETVAL=0
case “$1″ in

start)

echo -n $”Starting $PROG: ”

cd $RED5_HOME

$DAEMON >/dev/null 2>/dev/null &

RETVAL=$?

if [ $RETVAL -eq 0 ]; then

echo $! > $PIDFILE

touch /var/lock/subsys/$PROG
fi

[ $RETVAL -eq 0 ] && success $”$PROG startup” || failure $”$PROG startup”

echo

;;

stop)

echo -n $”Shutting down $PROG: ”

killproc -p $PIDFILE

RETVAL=$?

echo

[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$PROG

;;

restart)

$0 stop

$0 start

;;

status)

status $PROG -p $PIDFILE

RETVAL=$?

;;

*)

echo $”Usage: $0 {start|stop|restart|status}”

RETVAL=1

esac
exit $RETVAL
Now Start The Service:
/etc/init.d/red5 start
check status
/etc/init.d/red5 status

red5 (pid  XXXXX) is running…
6) Test
Now test the RED5 installation by opening following URL in browser
http://yourip:5080/
you will see red5 page like this:
and demos can be find here.
http://yourip:5080/demos/

The link http://gregoire.org/2008/10/01/red5-admin/ helps me to fix a major issue that I faced after the installation.

RED5 ADMIN

http://YOUR_SERVER_IP:5080/installer/ (install admin)

http://YOUR_SERVER_IP:5080/admin/register.html (add user/pass)
http://YOUR_SERVER_IP:5080/admin/
TROUBLESHOOTING
http://YOUR_SERVER_IP:5080/demos/port_tester.html
* when testing ports, use server IP not localhost

Make these ports accept connections: 1935,  1936, 5080, 8088
tomcat-dbcp.jar – only needed if the next error occurs:

javax.naming.NamingException: Could not create resource factory instance  [Root exception is java.lang.ClassNotFoundException:  org.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory]

*if the above error occurs, place the tomcat-dbcp.jar in [red5 root]/lib and restart red5
mysql-connector-java-5.1.12-bin.jar missing

if you are unable to connect to backend services, it means that the  MySQL driver is missing, download it and place it in your /lib folder
commons-dbcp-1.4.jar missing

if you are unable to start your Red5 application (or it doesn’t even  show up in admin), download commons-dbcp-1.4.jar and place it in your  /lib folder
Red5 Admin not found Red5 0.9

After installing Red5 0.9 and trying to access SERVER_IP:5080/admin/ you will (may) encounter the following error:
HTTP Status 404 – /admin

type Status report

message /admin

description The requested resource (/admin) is not available.

Apache Tomcat/6.0.26
no problem, the admin panel was moved here: SERVER_IP:5080/demos/adminPanel.html
When logging in, use the server IP for “Server Address” and the user “admin” with the password “admin”.
If that does not work, you must register an admin user, just follow the instructions below:[/b]

*assuming that your Red5 installation path is /usr/local/red5 if it is  different (ex. /opt/red5 or /opt/red5/dist/) just change those values in  the following commands
Get the plugins:
cd /root/tmp
mkdir /usr/local/red5/plugins
wget http://red5.googlecode.com/files/AdminPlugin-1.0.zip
unzip -d /usr/local/red5/plugins AdminPlugin-1.0.zip
Get the Red5 admin register page:
mkdir /usr/local/red5/webapps/admin
wget http://red5.googlecode.com/files/admin.jsp
mv admin.jsp /usr/local/red5/webapps/admin
*restart Red5 (/etc/init.d/red5 restart)
Access Register Admin page: YOUR_IP:5080/admin/admin.jsp and register your admin user and password.
For any issues or help regarding red5 send a mail to linuxmaster007@gmail.com.
 

The easy step is to compile apache with Free Type Support

/scripts/easyapache

Else do as given below:

You might need it if you work with GD library and if you want to add text on pictures

First Install delevel as given below by issuing the following command: yum install freetype-devel.

cd /usr/local/directadmin/customapache/php-4.4.8;

Let’s take a look at what we have in PHP configuration:

Now save current configuration and will append freetype to my configure string. For me it’s the following string:
./configure --with-apxs --with-curl --with-curl-dir=/usr/local/lib --with-gd --with-gd-dir=/usr/local --with-gettext --with-jpeg-dir=/usr/local/lib --with-kerberos --with-mcrypt --with-mhash --with-mysql=/usr --with-pear --with-png-dir=/usr/local/lib --with-xml --with-zlib --with-zlib-dir=/usr/local/lib --with-zip --with-openssl --enable-bcmath --enable-calendar --enable-ftp --enable-magic-quotes --enable-sockets --enable-track-vars --enable-mbstring --enable-memory-limit --with-iconv --enable-dba --with-db4 --with-freetype-dir=/usr/include/freetype2/ --with-freetype

Then do make clean, make, make install and service httpd restart.

Now you’re welcome to use freetype functions in PHP

Send a mail to linuxmaster007@gmail.com for any issues in it.