make: don't know how to make libgzip.. Stop

Solution found at
http://www.tequilafish.com/2005/11/04/apache-mod_gzip-no-rule-to-make-target-libgzip/

It turns out that there’s an entry in mod_gzip’s Makefile.tmpl file that confuses my system. The very first line of src/modules/gzip/Makefile.tmpl uses a variable named LIBEXT that’s not defined on my system, so it fails. It’s an easy fix, open up src/modules/gzip/Makefile.tmpl for editing and find:

LIB=libgzip.$(LIBEXT)

And replace with:

LIB=libgzip.a

Save & Exit, run make clean; make; make install in the Apache src dir and you should be good to go

How to restart natd remotely

Be careful, when you want to make changes to natd.conf, and then restart from a remote console. If you just kill -9 natd, then you will get locked out immediately, without chance to start it again. Needless to say, this would lead to jumping in a car and rushing down to the office.

So, first, let's have a backup plan.

ipfw add 10 allow all from [myIpAddress] to me

Second, run

kill -9 [natd_pid] && /sbin/natd -f /etc/natd.conf -a [natd_external_address]

Of course, your natd flags may vary.

How to delete user configured options for a port in FreeBSD

Sometimes, you get a nice ncurses menu, when you run make install, make reinstall on a port. You make a mistake, port install crashes, you try to run make install one more time just to discover that the menu isn't there any more, and it just runs install one more time with your compiled options.

Q: How do I delete configured options for a port in FreeBSD?
A: A quick look at man ports reveals a comand 'make rmconfig'.

BIND zone forwarding problems

Since we will be implementing AD domain controller in our enterprise, I decided it was time to test out the water with a real installation. All said n'done, I ended up with a test box with brand new Windows 2008 Server installation. It looks nice, I like the interface. Mac OS X is better though. :)

Let's get to business.

I needed to have a FQDN on that box, since it was going to be the first DC in the forest and will be running DNS server. I chose one that is delegated, of course, to our FreeBSD/BIND nameservers, and instead of delegating a subdomain, I decided just to forward the whole domain name to that box.

I added the following configuration directives to /etc/namedb/named.conf.

zone "domain.com" {
type forward;
forward only;
forwarders {
99.99.99.99;
};
};


rndc reload, and one would think that's it. No. When dig'ing, it would work. On a plain resolve - no.

The solution was to add the nameserver itself in its /etc/resolv.conf, and everything started to work.

"libmysqlclient.so.14" not found, required by "php"

/libexec/ld-elf.so.1: Shared object "libmysqlclient.so.14" not found, required by "php"


Did you upgraded mysql recently? If so, be a man and recompile that php too. :)

IPs most accessing your Apache

Here's a command using which you can find out what IPs are accessing your http server Apache most from its log file.

cat log | grep "GET /" | awk '{print $1}' | sort | uniq -c | sort -rn | less


It is useful in a case of DDoS attack, when you want to know these IPs and ban them in your firewall.

nmbclusters

Today I had to compile a new FreeBSD kernel for a fresh installed machine. I looked up my trusty (and pretty old) kernel config file, and, being a real man I am, didn't looked at any NOTES, LINT and other girly stuff, and proceeded to config. So, much to my surprise, I received an error:

unknown option NMBCLUSTERS

Fast glance into FreeBSD manual revealed, that

"kern.ipc.nmbclusters loader tunable should be used to tune this at boot time. Only older versions of FreeBSD will require you to use the NMBCLUSTERS kernel config(8) option."

Oh well. :)

http://www.freebsd.org/doc/en/books/handbook/configtuning-kernel-limits.html

First FreeBSD 7.0 install

Today, I got my first 7.0 FreeBSD server to install. Everything went normal, only one quirk while installing linuxthreads, but managed to do without them.

Zend Optimizer 3.3.0a, though, greeted me with
/libexec/ld-elf.so.1: Shared object "libm.so.4" not found, required by "php"

So, the solution was to
cd /usr/ports/misc/compat6x
make install clean

mod_rewrite cheat sheet

Found this while searching for RewriteRule flags explanation. It's great.

http://www.ilovejackdaniels.com/cheat-sheets/mod_rewrite-cheat-sheet/


On a side note, I still couldn't disable the rewriting for one particular directory, and still haven't found, why. Oh well, just disabled it for .gif files and it's apparently working, so who cares.

Excluding directories from rsync backup

The thing is, some a**hole clients of hours don't mind keeping a lot of useless data on their servers. Basically I don't mind either, but this one time I had to discover, that because of this, the backup server ran out of space on one of its HDDs.

So I set to investigate the options, and the useful thing I discovered was how to exclude directories in rsyncd.conf.

Here's an example.

[hosts]
path = /home/hosts
comment = serv1
hosts allow = x.x.x.x
exclude = www.domain1.com/ www.domain2.com/


This will exclude directories named domain1.com and domain2.com. More on the syntax of the exclude command can be found at

http://www.ss64.com/bash/rsync.html

Dealing with ports

Recently I came across of a more "posh", if you will, way to deal with ports. Instead of trusty old cvsup I was recommended to try out portsnap, which cames in FreeBSD base system for a while already - specifically, since 6.0. Older than that, just use ports-mgmt/portsnap port.

It is very easy to use - in fact, I find it easier than cvsupdate.

First, you need to fetch a compressed snapshot of the ports tree.
# portsnap fetch

Next, a live copy of ports tree should be extracted in /usr/ports - the manual mentions you should do this regardless even if there is one created with cvsup.
# portsnap extract

That was for the first time. After that, it's just update
# portsnap fetch update


Next thing I found very handy was http://www.freshports.org/ports-mgmt/portupgrade/. Now unlike the vanilla cd /usr/ports/portdir && make install clean, it can actually update dependencies as well. Nice. Comes with a set of handy utilities - portinstall, pkg_deinstall etc.