Articles for Linux

How to update Centos 5 .X and cannot find a valid baseurl for repo

How to update Centos 5 .X and cannot find a valid baseurl for repo

If you are using CentOS 5.x and want to install any software and update CentOS 5.x  . you are getting following error .

root@server1 [~]# yum update -y
Loaded plugins: fastestmirror
Determining fastest mirrors
YumRepo Error: All mirror URLs are not using ftp, http[s] or file.
 Eg. Invalid release/
removing mirrorlist with no valid mirrors: /var/cache/yum/base/mirrorlist.txt
Error: Cannot find a valid baseurl for repo: base

This is because update repositories were moved to the CentOS vault when the operating reached it's end-of-life.

Edit the following file

Continue reading How to update Centos 5 .X and cannot find a valid baseurl for repo

OpenVPN CRL has expired

OpenVPN CRL has expired

VERIFY ERROR: depth=0, error=CRL has expired: CN=servername

In order to fix the issue, we just need to recreate the crl.pem file.

we need  to backup the current crl.pem file before creating a new one.

The location of the  crl.pem file  at /etc/openvpn/

#mv  crl.pem  crl.pem.back

Now go to  easy-rsa  folder

# cd  easy-rsa

now generate crl.pem

./easyrsa gencrl

Now copy the new crl.pem to openvpn folder

# cp pr /etc/openvpn/easyrsa/pki/crl.pem

Now restart openvpn service

 

source link :- https://www.jobishmathew.me/openvpn-crl-has-expired/

OPENVPN Logs

OPENVPN Logs
To troubleshoot connection issues check below logs

grep the client name  in /var/log/messages
# grep VPN    /var/log/messages

Check the connection time

#cat /etc/openvpn/openvpn-status.log

Check the connection negotiation activity

# tail -f /var/log/messages

 

iptables port forwarding

iptables port forwarding

I am port forwarding  public ip x.x.x.x  to private ip 192.168.200.200  .

iptables -A INPUT -i eth0 -p tcp –dport 5001 -m state –state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp –sport 5001 -m state –state ESTABLISHED -j ACCEPT
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp –dport 5001 -j DNAT –to-destination 192.168.200.200:5001

Continue reading iptables port forwarding

How to Show All NAT Tables Rules IPTABLES

How to Show All NAT Tables Rules IPTABLES

iptables -t nat -L
iptables -t nat -L -n -v | grep 'something'
iptables -t nat -L -n -v

The netstat-nat command display the natted connections on a Linux iptable firewall

yum install netstat-nat

# netstat-nat -n
To display SNAT connections, run:
# netstat-nat -S
To display DNAT connections, type:
# netstat-nat -D

List NAT 

iptables -t nat –line-numbers -L

Delete rule no 6 

iptables -t nat -D PREROUTING 6