Guider – A System Wide Linux Performance Analyzer

Guider is a free and opens source, powerful system-wide performance analysis tool written mostly in Python for Linux operating systems.

It is designed to measure amount of system resource usage and to trace system behavior thus making it easy to analyze system performance issues effectively or allow for performance tunning.

It shows you a great wealth of information concerning CPU, memory, disk usage per thread, processes, system functions (user/kernel); therefore making it really simple to get to the bottom of an issue causing abnormal system performance or to improve overall system performance.

System Requirements

  • Linux kernel (>= 3.0)
  • Python (>= 2.7)
  • Kernel buffer size of 40960.

In this article, we will show you how to install guider from source and use it to analyze and improve overall Linux operating system performance.

How to Build and Install Guider – Linux Performance Analyzer

To install Guider on Linux, first clone the guider repository from github as shown.

$ git clone https://github.com/iipeace/guider.git
$ cd guider
$ guider.py  [Run without installing]

You can run guider.py without installing it. Alternatively, you can run the commands below to build and install it as shown.

$ make
$ sudo make install 

If you can use PIP in your system then install it using the following command.

$sudo pip install --pre guider

How to Use Guider to Analyze Linux System Performance

By default, guider is supposed to set buffer size for its operations. However, if it fails to do that and shows an error once you invoke it, you can check your buffer size, with this command.

$ sudo cat /sys/kernel/debug/tracing/buffer_size_kb

If the value is less than 40960, then set it to the required value as follows.

$ echo 40960 | sudo tee /sys/kernel/debug/tracing/buffer_size_kb

Set Linux Kernel Buffer Size

Set Linux Kernel Buffer Size

You can invoke guider in thread, function, top, file and system modes using the following syntax.

$ guider [ mode | file ] [options]

As is the case with most command line based Linux system performance analysis tools, you will need a wider screen to clearly view guider’s output.

Perform CPU Usage Analysis in Thread Mode

The following command will start accurate tracing in thread mode (press [Ctrl+c] terminate the tracing process). Once you terminate the process, it will save data and start the analysis process, and there after show you the analysis report.

$ sudo guider record	

CPU Tracing in Thread Mode

CPU Tracing in Thread Mode

The analysis report includes general system info, OS info, CPU info, memory info, disk info as well as thread info towards the end of the pager. Simply use the Up and Down arrows to scroll up and down the pager.

Linux System Information

Linux System Information

Perform Real Time Linux Monitoring in Top Mode

The following command will show resource usage of Linux processes in real-time.

$ sudo guider.py top 

Real Time Linux Processes Monitoring

Real Time Linux Processes Monitoring

You can set an interval for showing output using the -i switch as shown.

$ sudo guider top -i 2

To monitor all information concerning resource usage, use the -a flag.

$ sudo guider top -a

Analyze a Single Linux Process Using PID

First get the process ID using the pidof or ps command.

$ pidof apache2
OR
$ ps -e | grep apache2

Then analyze its resource usage using the following command, which outputs CPU cycle, instruction number, IPC, faults, cache miss, branch miss and so much more in real-time. The -g switch sets a filter which in this case is the process ID.

$ sudo guider top -eP -g 1913

Monitor Apache Process Usage

Monitor Apache Process Usage

Save Guider Output to a File

You can as well save trace data or any output in a file for later analysis. The following command saves the trace data in a file called guider.dat (by default) in the current directory, you can specify a different location as well.

$ sudo guider -s .

To save any other output in a file called guider.out (by default) in the current directory.

$ sudo guider top -o .

Then you can inspect these files through the cat command.

$ cat guider.dat
$ cat guider.out

We can not exhaust all the possible options here because the list of options is endless. You can see all options and more usage examples from the guider help page.

$ guider -h

Guider Github repository: https://github.com/iipeace/guider

Conclusion

Guider is a great system-wide performance analysis tool for the future. It is suitable for Linux experts. Try out most of its features and share your thoughts with us via the feedback form below. If you have come across any similar tools, let us know as well.

Source

How to Monitor MySQL/MariaDB Databases using Netdata on CentOS 7

Netdata is a free open source, simple and scalable, real-time system performance and health monitoring application for Unix-like systems such as Linux, FreeBSD and MacOS. It gathers various metrics and visualizes them, allowing you to watch operations on your system. It supports various plugins for monitoring current system status, running applications, and services such as MySQL/MariaDB database server, plus lots more.

  1. How to Monitor Apache Performance Using Netdata on CentOS 7
  2. How to Monitor Nginx Performance Using Netdata on CentOS 7

In this article, we will explain how to monitor MySQL/MariaDB database server performance using Netdata on CentOS 7 or RHEL 7 distribution.

At the end of this article, you will be able to watch visualizations of bandwidth, queries, handlers, locks, issues, temporaries, connections, binlog, threads metrics of your MySQL/MariaDB database server from a netdata monitoring web interface.

Requirements:

  1. CentOS 7 Server or RHEL 7 Server with Minimal Install.
  2. MySQL or MariaDB database server installation.

Step 1: Install MariaDB Database Server on CentOS 7

1. First start by adding MariaDB YUM software repository to your system.

# vim /etc/yum.repos.d/MariaDB.repo

Now add the following lines in this file.

[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.1/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1

2. Next, install the MariaDB package, as follows.

# yum install MariaDB-server MariaDB-client -y

3. Once you have installed MariaDB database, start the database server daemon for the time being, and enable it to start automatically at system boot, and confirm that it is up and running using following commands.

# systemctl start mariadb
# systemctl enable mariadb
# systemctl status mariadb

4. By default, the MySQL installation is unsecure and you need to secure it by running the security script which comes with the binary package. You will be asked to set a root password, set it and proceed.

# mysql_secure_installation

Once you have set the root password, enter yes/y to the rest of the questions to remove anonymous users, disallow root login remotely, remove test database and access to it, as well as reload privilege tables now.

5. To collect performance statistics from your MySQL/MariaDB database server, netdata needs to connect to the database server. So create a database user called “netdata” to give it the the ability to connect to the database server on localhost, without a password.

# mysql -u root -p
MariaDB [(none)]> CREATE USER 'netdata'@'localhost';
MariaDB [(none)]> GRANT USAGE on *.* to 'netdata'@'localhost';
MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> exit

Step 2: Install Netdata to Monitor MySQL Performance

6. Luckily, we already have a one-liner script provided by the developers of netdata, for painlessly installing it from the source tree on github repository.

The kickstarter script downloads another script for detecting your Linux distro; installs the required system packages for building netdata; then downloads the latest netdata source tree; builds and installs it on your system.

This command will help you launch the kickstarter script, the all option allows for installing required packages for all netdata plugins including the ones for MySQL/MariaDB.

# bash <(curl -Ss https://my-netdata.io/kickstart.sh) all

If your not managing your system as root, you will be prompted to enter your user password for sudo command, and you will also be asked to confirm a number of functions by simply pressing [Enter].

Install Netdata on CentOS 7

Install Netdata on CentOS 7

7. Once the script has completed building and installing netdata, it will automatically start the netdata service, and enables it to start at system boot.

Netdata Installation Summary

Netdata Installation Summary

8. Netdata listens on port 19999 by default, you will use this port to access the web UI. So, open the port on your system firewall.

# firewall-cmd --permanent --add-port=19999/tcp
# firewall-cmd --reload 

Step 2: Configure Netdata to Monitor MySQL/MariaDB

9. The netdata configuration for MySQL/MariaDB plugin is /etc/netdata/python.d/mysql.conf, which is written in YaML format.

# vim /etc/netdata/python.d/mysql.conf

The default configuration is just enough to get you started with monitoring your MySQL/MariaDB database server. In case you have read the documentation, and made any changes to the above file, you need to restart the netdata service to effect the changes.

# systemctl restart netdata

10. Next, open a web browser and use the any of the following URL to access the netdata web UI.

http://domain_name:19999
OR
http://SERVER_IP:19999

From the netdata dashboard, search for “MySQL local” on the right hand side list of plugins, and click on it to start monitoring your MySQL/MariaDB server. You will be able to watch visualizations of bandwidth, queries, handlers, locks, as well as galera, as shown in the following screenshot.

Monitor MySQL/MariaDB Database Using Netdata

Monitor MySQL/MariaDB Database Using Netdata

Netdata Github repositoryhttps://github.com/firehol/netdata

That’s all! In this article, we have explained how to monitor MySQL/MariaDB database server performance using Netdata on CentOS 7. Use the comment form below to ask questions or share additional thoughts with us.

Source

Install Glances, InfluxDB and Grafana to Monitor CentOS 7

Glances is a free open source, modern, cross-platform, real-time top and htop-like monitoring tool with advanced features. It can run in different modes: as a standalone, in client/server mode and in web server mode.

InfluxDB is an open source and scalable time series database for metrics, events, and real-time analytics.

Grafana is an open source, feature rich, powerful, elegant and highly-extensible, cross-platform tool for monitoring and metric analytics, with beautiful and customizable dashboards. It is a de facto software for data analytics.

In this article, we will explain how to install and configure GlancesInfluxDB and Grafana to monitor performance of a CentOS 7 server.

Step 1: Install Glances in CentOS 7

1. First start by installing latest stable version of glances (v2.11.1) using PIP. If you don’t have pip, install it as follows, including Python-headers required for installing psutil.

# yum install python-pip python-devel	

2. Once you have PIP and the Python-headers, run the following command to install the latest stable version of glances and verify the version.

# pip install glances
# glances -V

Glances v2.11.1 with psutil v5.4.7

Alternatively, if you already have glances installed, you can upgrade it to the latest version using following command.

# pip install --upgrade glances

3. Now you need to start glances via systemd so that it runs as a service. Create a new unit by creating a file called glances.service in /etc/systemd/system/.

# vim /etc/systemd/system/glances.service

Copy and paste the following configuration in the file glances.service. The --config specifies the config file, --export-influxdb option tells glances to export stats to an InfluxDB server and the --disable-ip option disables the IP module.

[Unit]
Description=Glances
After=network.target influxd.service

[Service]
ExecStart=/usr/bin/glances --config /home/admin/.config/glances/glances.conf --quiet --export-influxdb --disable-ip
Restart=on-failure
RestartSec=30s
TimeoutSec=30s

[Install]
WantedBy=multi-user.target

Save the file and close it.

4. Then reload systemd manager configuration, start the glances service, view its status, and enable it to auto-start at boot time.

# systemctl daemon-reload 
# systemctl start glances.service
# systemctl status glances.service
# systemctl enable glances.service

5. Next, you need to download the glances configuration file provided by the developer using wget command as shown.

# mkdir ~/.config/glances/
# wget https://raw.githubusercontent.com/nicolargo/glances/master/conf/glances.conf -P ~/.config/glances/ 

6. In order to export Glances stats to an InfluxDB database, you need the Python InfluxdDB lib, which you can install it using pip command.

# sudo pip install influxdb

Step 2: Install InfluxDB in CentOS 7

7. Next, you need to add the InfluxDB Yum repository to install latest vesrion of InfluxDB package as shown.

# cat <<EOF | sudo tee /etc/yum.repos.d/influxdb.repo
[influxdb]
name = InfluxDB Repository - RHEL $releasever
baseurl = https://repos.influxdata.com/rhel/$releasever/$basearch/stable
enabled = 1
gpgcheck = 1
gpgkey = https://repos.influxdata.com/influxdb.key
EOF

8. After adding the repository to the YUM configuration, install the InfluxDB package by running.

# yum install influxdb

9. Next, start the InfluxDB service via systemd, confirm that it is running by viewing its status and enable it to auto-start at system boot.

# systemctl start influxdb
# systemctl status influxdb
# systemctl enable influxdb

10. By default, InfluxDB uses TCP port 8086 for client-server communication over InfluxDB’s HTTP API, you need to open this port in your firewall using the firewall-cmd.

# firewall-cmd --add-port=8086/tcp --permanent
# firewall-cmd --reload

11. Next, you need to create a database in InfluxDB for storing data from glances. The influx command which is included in the InfluxDB packages is the simplest way to interact with the database. So execute influx to start the CLI and automatically connect to the local InfluxDB instance.

# influx

Run the following commands to create a database called glances and view available databases.

Connected to http://localhost:8086 version 1.6.2
InfluxDB shell version: 1.6.2
> CREATE DATABASE glances
> SHOW DATABASES
name: databases
name
----
_internal
glances
> 

To exit the InfluxQL shell, type exit and hit Enter.

Step 3: Install Grafana in CentOS 7

12. Now, install Grafana from its official YUM repository, start by adding the following configuration to /etc/yum.repos.d/grafana.repo repository file.

[grafana]
name=grafana
baseurl=https://packagecloud.io/grafana/stable/el/7/$basearch
repo_gpgcheck=1
enabled=1
gpgcheck=1
gpgkey=https://packagecloud.io/gpg.key https://grafanarel.s3.amazonaws.com/RPM-GPG-KEY-grafana
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt

13. After adding the repository to the YUM configuration, install the Grafana package by running.

# yum install grafana

14. Once you have installed Grafana, reload systemd manager configuration, start the grafana server, check if the service is up and running by viewing its status and enable it to auto-start at boot time.

# systemctl daemon-reload 
# systemctl start grafana-server 
# systemctl status grafana-server 
# systemctl enable grafana-server

15. Next, open port 3000 which Grafana server listens on, in your firewall using the firewall-cmd.

# firewall-cmd --add-port=3000/tcp --permanent
# firewall-cmd --reload

Step 4: Monitor CentOS 7 Server Metrics Via Grafana

16. At this point, you can use the following URL to access Grafana web interface, which will redirect to the login page, use the default credentials to login.

URL: http://SERVER_IP:3000
Username: admin 
Password: admin

You will be asked to create a new password, once you have done that, you will be redirected to the home dashboard, as shown in the screenshot below.

Grafana Admin Login

Grafana Admin Login

Grafana Set Admin Password

Grafana Set Admin Password

Grafana Dashboard

Grafana Dashboard

17. Next, click on Create your first data source, which should be an InfluxDB database. Under Settings, enter a suitable name e.g Glances Import, then use the following values for the other two important variables (HTTP URL and InfluxDB Database) as shown in the screenshot.

HTTP URL: http://localhost:8086
InfluxDB Details - Database: glances

Then click on Save & Test to connect to the data source. You should receive a feedback indicating “Data source is working”.

Create Data Source

Create Data Source

18. Now you need to import the Glances dashboard. Click on the plus (+) and go to Import as shown in the screenshot.

Import Glances

Import Glances

17. You will need either the Glances Dashboard URL or ID or upload its .JSON file which you can find from Grafana.com. In this case, we will use the Glances Dashboard created by the developer of Glances, its URL is https://grafana.com/dashboards/2387 or ID is 2387.

Import Glances Dashboard

Import Glances Dashboard

18. Once the Grafana dashboard has been loaded, under options, find glances and choose an InluxDB data source (Glances Import) which you created earlier on, then click on Import as shown in the following screenshot.

Import Glances Settings

Import Glances Settings

19. After successfully importing the Glances dashboard, you should be able to watch graphs showing metrics from your server as provided by glances via influxdb.

Monitor CentOS Using Grafana

Monitor CentOS Using Grafana

That’s all for now! In this article, we have explained how to monitor CentOS 7 server with Glances, InfluxDB and Grafana. If you have any queries, or information to share, use the comment form below to do so.

Source

Installing LAMP (Linux, Apache, MariaDB, PHP/PhpMyAdmin) in RHEL/CentOS 7.0

Skipping the LAMP introduction, as I’m sure that most of you know what is all about. This tutorial will concentrate on how to install and configure famous LAMP stack – Linux Apache, MariaDB, PHP, PhpMyAdmin – on the last release of Red Hat Enterprise Linux 7.0 and CentOS 7.0, with the mention that both distributions have upgraded httpd daemon to Apache HTTP 2.4.

Install LAMP in CentOS 7

Install LAMP in RHEL/CentOS 7.0

Requirements

Depending on the used distribution, RHEL or CentOS 7.0, use the following links to perform a minimal system installation, using a static IP Address for network configuration.

For RHEL 7.0
  1. RHEL 7.0 Installation Procedure
  2. Register and Enable Subscriptions/Repositories on RHEL 7.0
For CentOS 7.0
  1. CentOS 7.0 Installation Procedure

Step 1: Install Apache Server with Basic Configurations

1. After performing a minimal system installation and configure your server network interface with a Static IP Address on RHEL/CentOS 7.0, go ahead and install Apache 2.4 httpd service binary package provided form official repositories using the following command.

# yum install httpd

Install Apache in CentOS 7

Install Apache Web Server

2. After yum manager finish installation, use the following commands to manage Apache daemon, since RHEL and CentOS 7.0 both migrated their init scripts from SysV to systemd – you can also use SysV and Apache scripts the same time to manage the service.

# systemctl status|start|stop|restart|reload httpd

OR 

# service httpd status|start|stop|restart|reload

OR 

# apachectl configtest| graceful

Start Apache in CentOS 7

Start Apache Web Server

3. On the next step start Apache service using systemd init script and open RHEL/CentOS 7.0 Firewall rules using firewall-cmd, which is the default command to manage iptables through firewalld daemon.

# firewall-cmd --add-service=http

NOTE: Make notice that using this rule will lose its effect after a system reboot or firewalld service restart, because it opens on-fly rules, which are not applied permanently. To apply consistency iptables rules on firewall use –permanent option and restart firewalld service to take effect.

# firewall-cmd --permanent --add-service=http
# systemctl restart firewalld

Enable Firewall in CentOS 7

Enable Firewall in CentOS 7

Other important Firewalld options are presented below:

# firewall-cmd --state
# firewall-cmd --list-all
# firewall-cmd --list-interfaces
# firewall-cmd --get-service
# firewall-cmd --query-service service_name
# firewall-cmd --add-port=8080/tcp

4. To verify Apache functionality open a remote browser and type your server IP Address using HTTP protocol on URL (http://server_IP), and a default page should appear like in the screenshot below.

Apache Default Page

Apache Default Page

5. For now, Apache DocumentRoot path it’s set to /var/www/html system path, which by default doesn’t provide any index file. If you want to see a directory list of your DocumentRoot path open Apache welcome configuration file and set Indexes statement from  to + on <LocationMach> directive, using the below screenshot as an example.

# nano /etc/httpd/conf.d/welcome.conf

Apache Directory Listing

Apache Directory Listing

6. Close the file, restart Apache service to reflect changes and reload your browser page to see the final result.

# systemctl restart httpd

Apache Index File

Apache Index File

Step 2: Install PHP5 Support for Apache

7. Before installing PHP5 dynamic language support for Apache, get a full list of available PHP modules and extensions using the following command.

# yum search php

Install PHP in CentOS 7

Install PHP in CentOS 7

8. Depending on what type of applications you want to use, install the required PHP modules from the above list, but for a basic MariaDB support in PHP and PhpMyAdmin you need to install the following modules.

# yum install php php-mysql php-pdo php-gd php-mbstring

Install PHP Modules in CentOS 7

Install PHP Modules

Install PHP mbstring Module

Install PHP mbstring Module

9. To get a full information list on PHP from your browser, create a info.php file on Apache Document Root using the following command from root account, restart httpd service and direct your browser to the http://server_IP/info.php address.

# echo "<?php phpinfo(); ?>" > /var/www/html/info.php
# systemctl restart httpd

Check PHP Info in CentOS 7

Check PHP Info in CentOS 7

10. If you get an error on PHP Date and Timezone, open php.ini configuration file, search and uncomment date.timezone statement, append your physical location and restart Apache daemon.

# nano /etc/php.ini

Locate and change date.timezone line to look like this, using PHP Supported Timezones list.

date.timezone = Continent/City

Set Timezone in PHP

Set Timezone in PHP

Step 3: Install and Configure MariaDB Database

11. Red Hat Enterprise Linux/CentOS 7.0 switched from MySQL to MariaDB for its default database management system. To install MariaDB database use the following command.

# yum install mariadb-server mariadb

Install MariaDB in CentOS 7

Install MariaDB in CentOS 7

12. After MariaDB package is installed, start database daemon and use mysql_secure_installation script to secure database (set root password, disable remotely logon from root, remove test database and remove anonymous users).

# systemctl start mariadb
# mysql_secure_installation

Start MariaDB Database

Start MariaDB Database

Secure MySQL Installation

Secure MySQL Installation

13. To test database functionality login to MariaDB using its root account and exit using quit statement.

mysql -u root -p
MariaDB > SHOW VARIABLES;
MariaDB > quit

Connect MySQL Database in CentOS

Connect MySQL Database

Step 4: Install PhpMyAdmin

14. By default official RHEL 7.0 or CentOS 7.0 repositories doesn’t provide any binary package for PhpMyAdmin Web Interface. If you are uncomfortable using MySQL command line to manage your database you can install PhpMyAdmin package by enabling CentOS 7.0 rpmforge repositories using the following command.

# yum install http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm

After enabling rpmforge repository, next install PhpMyAdmin.

# yum install phpmyadmin

Enable RPMForge in CentOS 7

Enable RPMForge Repository

15. Next configure PhpMyAdmin to allow connections from remote hosts by editing phpmyadmin.conf file, located on Apache conf.d directory, commenting the following lines.

# nano /etc/httpd/conf.d/phpmyadmin.conf

Use a # and comment this lines.

# Order Deny,Allow
# Deny from all
# Allow from 127.0.0.1

Allow Remote PhpMyAdmin Access

Allow Remote PhpMyAdmin Access

16. To be able to login to PhpMyAdmin Web interface using cookie authentication method add a blowfish string to phpmyadmin config.inc.php file like in the screenshot below using the generate a secret string, restart Apache Web service and direct your browser to the URL address http://server_IP/phpmyadmin/.

# nano /etc/httpd/conf.d/phpmyadmin.conf
# systemctl restart  httpd

Add Blowfish in PhpMyAdmin

Add Blowfish in PhpMyAdmin

PhpMyAdmin Dashboard

PhpMyAdmin Dashboard

Step 5: Enable LAMP System-wide

17. If you need MariaDB and Apache services to be automatically started after reboot issue the following commands to enable them system-wide.

# systemctl enable mariadb
# systemctl enable httpd

Enable Services System Wide

Enable Services System Wide

That’s all it takes for a basic LAMP installation on Red Hat Enterprise 7.0 or CentOS 7.0. The next series of articles related to LAMP stack on CentOS/RHEL 7.0 will discuss how to create Virtual Hosts, generate SSL Certificates and Keys and add SSL transaction support for Apache HTTP Server.

Source

How to Install Nginx 1.15, MariaDB 10 and PHP 7 on CentOS 7

In this article we will explain how to install a LEMP stack (LinuxNginxMariaDBPHP) along with PHP-FPM on RHEL/CentOS 7/6 and Fedora 26-29 servers using yum and dnf package manager.

During the process we will install and enable EpelRemiNginx and MariaDB repositories in order to be able to install the latest versions of these packages.

Read Also: Install Apache, MySQL 8 or MariaDB 10 and PHP 7 on CentOS 7

Step 1: Installing EPEL and Remi Repository

EPEL (Extra Packages for Enterprise Linux) is a community based repository offers add-on software packages for RHEL-based Linux distributions.

Remi is a repository where you can find the latest versions of the PHP stack (full featured) for installation in the Fedora and Enterprise Linux distributions.

On RHEL/CentOS 7

# yum update && yum install epel-release
# rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-7.rpm

------ For RHEL 7 Only ------
# subscription-manager repos --enable=rhel-7-server-optional-rpms

On RHEL/CentOS 6

# yum update && yum install epel-release
# rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm

------ For RHEL 6 Only ------
# subscription-manager repos --enable=rhel-6-server-optional-rpms

On Fedora 24-29

# rpm -Uvh http://rpms.remirepo.net/fedora/remi-release-29.rpm  [On Fedora 29]
# rpm -Uvh http://rpms.remirepo.net/fedora/remi-release-28.rpm  [On Fedora 28]
# rpm -Uvh http://rpms.remirepo.net/fedora/remi-release-27.rpm  [On Fedora 27]
# rpm -Uvh http://rpms.remirepo.net/fedora/remi-release-26.rpm  [On Fedora 26]
# rpm -Uvh http://rpms.remirepo.net/fedora/remi-release-25.rpm  [On Fedora 25]
# rpm -Uvh http://rpms.remirepo.net/fedora/remi-release-24.rpm  [On Fedora 24]

Step 2: Installing Nginx and MariaDB Repositories

The Nginx repository is only needed in RHEL and CentOS distributions. Create a file called /etc/yum.repos.d/nginx.repo and add the following lines to it.

For RHEL 7/6:

[nginx] 
name=nginx repo 
baseurl=http://nginx.org/packages/rhel/$releasever/$basearch/ 
gpgcheck=0 
enabled=1 

For CentOS 7/6:

[nginx] 
name=nginx repo 
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ 
gpgcheck=0 
enabled=1 

To enable the MariaDB repository, create a file named /etc/yum.repos.d/mariadb.repo with the following contents:

[mariadb] 
name = MariaDB 
baseurl = http://yum.mariadb.org/10.1/centos7-amd64 
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB 
gpgcheck=1 

Step 4: Installing Ngnix and MariaDB

Nginx (Engine X) is open source, robust, lightweight and high performance Web server, reverse proxy sever and also mail proxy server for HTTP, SMTP, POP3 and IMAP protocols. For further details, visit http://wiki.nginx.org/Overview.

MariaDB is a fork of the well-known MySQL, one of the world’s most popular Relational Database Management System (RDBMS). It is entirely developed by the community and as such it is intended to remain FOSS and compatible with the GPL.

To install Ngnix and MariaDB, run the following commands.

----------- Installing on RHEL/CentOS 7/6 ----------- 
# yum --enablerepo=remi install nginx MariaDB-client MariaDB-server php php-common php-fpm 

----------- Installing on Fedora ----------- 
# dnf --enablerepo=remi install nginx MariaDB-client MariaDB-server php php-common php-fpm 

Step 3: Installing PHP Using Remi Repository

PHP (Hypertext Preprocessor) is a Free and Open Source server-side scripting language that is best suited for web development. It can be used to produce dynamic web pages for a website and is most frequently found in *nix servers. One of the advantages of PHP is that it is easily extensible through the use of a wide variety of modules.

To install PHP, first you need to enable Remi repository by installing yum-utils, a collection of useful programs for managing yum repositories and packages.

# yum install yum-utils

Once installed, you can use yum-config-manager provided by yum-utils to enable Remi repository as the default repository for installing different PHP versions as shown.

For example, to install PHP 7.x version, use the following command.

------------- On CentOS & RHEL ------------- 
# yum-config-manager --enable remi-php70 && yum install php       [Install PHP 7.0]
# yum-config-manager --enable remi-php71 && yum install php       [Install PHP 7.1]
# yum-config-manager --enable remi-php72 && yum install php       [Install PHP 7.2]
# yum-config-manager --enable remi-php73 && yum install php       [Install PHP 7.3]

------------- On Fedora ------------- 
# dnf --enablerepo=remi install php70      [Install PHP 7.0]
# dnf --enablerepo=remi install php71      [Install PHP 7.1]
# dnf --enablerepo=remi install php72      [Install PHP 7.2]
# dnf --enablerepo=remi install php73      [Install PHP 7.3]

Next, we are going to install all these following PHP modules.

------ On RHEL/CentOS 7/6 ------
# yum --enablerepo=remi install php-mysqlnd php-pgsql php-fpm php-pecl-mongo php-pdo php-pecl-memcache php-pecl-memcached php-gd php-xml php-mbstring php-mcrypt php-pecl-apcu php-cli php-pear

------ On Fedora ------
# dnf --enablerepo=remi install php-mysqlnd php-pgsql php-fpm php-pecl-mongo php-pdo php-pecl-memcache php-pecl-memcached php-gd php-xml php-mbstring php-mcrypt php-pecl-apcu php-cli php-pear

Step 6: Stopping and Disabling Apache Service

By default, Apache and Nginx listen in same port (TCP 80). For that reason, if Apache is installed in your server, you need to stop it and disable / mask it (a stronger version of disable that links the service to /dev/null) in order to use Nginx, or you can remove it if you’re not planning on using it anymore.

# systemctl stop httpd 
# systemctl disable httpd 
or 
# systemctl mask httpd 

Step 7: Starting/Stopping Nginx, MariaDB and PHP-FPM

----------- Enable Nginx, MariaDB and PHP-FPM on Boot ----------- 
# systemctl enable nginx 
# systemctl enable mariadb 
# systemctl enable php-fpm 
 
----------- Start Nginx, MariaDB and PHP-FPM ----------- 
# systemctl start nginx 
# systemctl start mariadb 
# systemctl start php-fpm 

Step 8: Configuring Nginx and PHP-FPM

Let us now create a directory structure for your website (a virtual host, or server block as it is called in Nginx) under /srv/www/. In this example we will use www.tecmint.com, but feel free to choose another domain and main directory if you want.

# mkdir -p /srv/www/tecmint/public_html 
# mkdir /srv/www/tecmint/logs 
# chown -R nginx:nginx /srv/www/tecmint  

Step 9: Configuring Nginx Virtual Host Directories

As you know, the ability of running several sites from the same machine is one of the distinguishing features of major web servers. Let us now proceed to create the directories to store our server blocks (known as virtual hosts in Apache) under /etc/nginx.

# mkdir /etc/nginx/sites-available 
# mkdir /etc/nginx/sites-enabled 

The following line of code, which must be inserted before closing the http block in /etc/nginx/nginx.conf, will ensure that configuration files inside the /etc/nginx/sites-enabled directory will be taken into account when Nginx is running:

## Load virtual host conf files. ## 
include /etc/nginx/sites-enabled/*; 

Configuring Nginx VirtualHost

Configuring Nginx VirtualHost

To create the server block for tecmint.com, add the following lines of code to /etc/nginx/sites-available/tecmint (this file will be created when you enter the full path to start your preferred text editor). This is a basic virtual host config file.

server { 
	listen 80 default; 
	server_name tecmint; 
	access_log /srv/www/tecmint/logs/access.log; 
	error_log /srv/www/tecmint/logs/error.log; 
	root /srv/www/tecmint/public_html; 
	location ~* \.php$ { 
	fastcgi_index   index.php; 
	fastcgi_pass    127.0.0.1:9000; 
	include         fastcgi_params; 
	fastcgi_param   SCRIPT_FILENAME    $document_root$fastcgi_script_name; 
	fastcgi_param   SCRIPT_NAME        $fastcgi_script_name; 
	} 
} 

The process of “activating” a virtual host consists of creating a symbolic link from the definition of the tecmint virtual host to /etc/nginx/sites-enabled.

# ln -s /etc/nginx/sites-available/tecmint /etc/nginx/sites-enabled/tecmint 

In order to actually apply the changes we have been doing, we now need to restart Nginx. It is sometimes useful to check the configuration files for syntax errors before doing so:

# nginx -t 
# systemctl restart nginx 
# systemctl status nginx 

Restart Nginx and Verify Status

Restart Nginx and Verify Status

To access your newly created virtual host, you need to add the following line to /etc/hosts as a basic method of domain name resolution.

192.168.0.18	www.tecmint.com tecmint.com 

Step 10: Testing Nginx, MySQL, PHP and PHP-FPM

Let’s stick with the classic way of testing PHP. Create a file called test.php under /srv/www/tecmint/public_html/ and add the following lines of code to it.

The phpinfo() function shows a great deal of information about the current PHP installation:

<?php 
	phpinfo(); 
?> 

Now point your web browser to http://tecmint/test.php and check the presence of the installed modules and additional software:

Congratulations! You now have a working installation of a LEMP stack. If something did not go as expected, feel free to contact us using the form below. Questions and suggestions are also welcome.

Source

PHPlist – Open Source Email Newsletter Manager (Mass Mailing) Application for Linux

phpList is one of the most popular open source mailing list manager that has a capability of sending newsletters, news, messages to a huge number of subscribers. It provides a user friendly interface where you can manage newsletter, subscriptions lists, newsletter reports, notification and much more. You can also call it as mass mailing software. It’s very easy to integrate with any website.

Install phpList in Centos

phpList Newsletter Manager for Linux

The phpList uses MySQL database for storing information and the script is written in PHP. It runs on any web server which helps the administrator to set up a system for newsletter subscription wherein the users can subscribe to the respective mailing list. You can manage your own mailing list and also attach files to the emails (deal announcement, business documents) etc.

The software was designed for GNU/Linux with Apache. It is also supports other Unix-like systems, such as FreeBSDOpenBSDMac OS X, and Windows.

phpList Demo’s
  1. Watch Frontend Demo of script – http://demo.phplist.com/lists/
  2. Watch Admin Demo of script – http://demo.phplist.com/lists/admin/

Features of phpList

  1. phpList is great for newsletters, notifications and many other uses. It is capable of managing large number of mailing list subscribers. It even works well with small list too.
  2. Phplist web interface allows you to write, send messages and manage the phplist over the internet. However it keeps on sending messages even though your system is turned off.
  3. The templates are fully customizable and can be integrated with several website.
  4. Keep a track of number of users opened your email message.
  5. With the help of FCKeditor and TinyMCE editors you can edit HTML messages. You can give a choice between text or html email message to your subscribers.
  6. It delivers the message in a queue so that each and every subscriber gets the message. It also ensures that they do not receive two copies even they’re subscribed to several list.
  7. Subscriber’s Attributes such as name, country etc. can be personalized, that means you can specify the important information that you need from the users at the time of subscription.
  8. User Management tools are good to maintain as well as manage huge databases of subscribers.
  9. Throttling can limit the load on your server so it doesn’t overload.
  10. Schedule sending allows you to schedule your message as on when the message is to be sent. RSS feeds can be automatically sent to a mailing list weekly, daily, or monthly.
  11. Phplist is presently available in English, French, Portuguese, German, Spanish, Dutch, Traditional Chinese, Vietname and Japanese. Work Translation for other languages in still in progress.

Requirement of phpList

In order to install PhPlist application we require:

  1. GNU/Linux operating system
  2. Apache web server<./li>
  3. PHP version 4.3 or higher
  4. PHP Imap Module
  5. MySQL server version 4.0 or higher
Testing Environment
  1. Operating System – CentOS 6.4 & Ubuntu 13.04
  2. Apache – 2.2.15
  3. PHP – 5.5.3
  4. MySQL – 5.1.71
  5. phpList – 3.0.5

Installation of phpList Newsletter Manager in Linux

As I mentioned earlier that phpList is developed in PHP for Linux with Apache. So, you must have a running Web server with PHP and MySQL installed on the system. Additionally, you also have to install IMAP module for bounce message processing. If not, install them using package manager tool called yum or apt-get according to your Linux distribution.

Step 1: Install Apache, PHP and MySQL

Install on Red Hat based systems using yum command.

# yum install httpd
# yum install php php-mysql php-imap
# yum install mysql mysql-server
# service httpd start
# service mysqld start

Install on Debian based systems using apt-get command.

# apt-get install apache2
# apt-get install php5 libapache2-mod-auth-mysql php5-mysql php5-imap
# apt-get install mysql-server mysql-client
# service apache2 start
# service mysql start

Step 2: Create phpList Database

Once you’ve installed all the required packages on the system, just login to your database (MySQL, here).

# mysql -u root -p

Enter mysql root password. Now create a database (say phplist).

mysql> create database phplist;
Query OK, 1 row affected (0.00 sec)

It is not a good practice to access database from root user directly, hence create a user called ‘tecmint’ and grant all the permission to user on the database ‘phplist‘ with a password to access it. Replace ‘my_password‘ with your own password, we need this password later while configuring phpList.

mysql> grant all on phplist.* to tecmint@localhost identified by 'my_password';
Query OK, 0 rows affected (0.00 sec)

Now reload privileges to reflect new changes on the database and quit the mysql shell.

mysql> flush privileges;
Query OK, 0 rows affected (0.08 sec)

mysql> quit;
Bye

Step 3: Download and Install phpList

Now go the official phpList site and download the latest source tarball (i.e version 3.0.5) using below link.

  1. http://www.phplist.com/download

Alternatively, you may also download the latest source package using the following wget command.

# wget http://garr.dl.sourceforge.net/project/phplist/phplist/3.0.5/phplist-3.0.5.tgz

After Downloading the phplist package, unpack the package files. It will create a directory called ‘phplist-3.0.5′in this directory, you will find a ‘public_html‘ which contains the directory lists.

# tar -xvf phplist-3.0.5.tgz
# cd phplist-3.0.5
# cd public_html/

Now Copy the “lists” directory into a Apache web root directory that can be accessed via the web.

# cp -r lists /var/www/html/        [For RedHat based Systems]

# cp -r lists /var/www/            [For Debian based Systems]

Step 4: Configuring phpList

Open phpList configuration file ‘config.php‘ from the ‘lists/config’ directory in your preferred text editor.

# vi config.php

Add the phpList database connection settings such hostnamedatabase namedatabase user and database password as shown below.

# what is your Mysql database server hostname
$database_host = "localhost";

# what is the name of the database we are using
$database_name = "phplist";

# what user has access to this database
$database_user = "tecmint";

# and what is the password to login to control the database
$database_password = 'my_password';

You need to edit one more setting, by default phpList in ‘testmode‘, so you need to change the value from ‘1‘ to ‘0‘ to disable testmode.

define ("TEST",0);

Once you’ve entered all the details details. Save and close the file.

Step 5: Access phpList Application

Finally, point to your browser at ‘lists/admin‘ directory of your phpList installation. A web-based installation wizard will walk you through the rest.

http://localhost/lists/admin

OR

http://ip-address/lists/admin

Note: If your website ‘example.com‘ is pointed to the directory ‘/var/www/html/‘, and you have placed your phpList files under ‘/var/www/html/lists‘, then you should point your browser to http://www.example.com/lists/admin/.

phpList Installation Wizard

phpList Installation Wizard

Now click on ‘Initialise database‘ and fill information about your organization and set ‘admin‘ password.

phpList Database Initialisation

phpList Database Initialisation

Once, database initialise completes, continue to phpList setup to complete your configuration as per your requirements.

phpList Database Initialisation Completes

phpList Database Initialisation Completes

Once, setup complete. Login into your phpList admin panel.

phpList Admin Login

phpList Admin Login

Start creating new campaigns, view campaigns, add/delete users, view statistics and many more features to explore from the Dashboard.

phpList Dashboard

phpList Dashboard

That’s it! Now, you can start customizing and branding of your newly installed phpList newsletter manager application.

Reference Links

phpList Homepage

I know most of the users, don’t know how to install and configure applications in Linux. If you’re looking for someone to host/setup a phpList on your hosting/personal server, contact us why because we provide a wide range of Linux services at fair minimum rates.

Do let me know if you’re using any other newsletter application which is more robust than the phpList and don’t forget to share this article.

Source

How to Install Java 9 in Debian and Ubuntu Systems

This tutorial will guide you on how to install Java 9 Standard Edition Development Kit (JDK) in Debian and Ubuntu based Linux distributions using PPA and from sources.

Installing Java 9 Using PPA

To install latest Java 9 version, first add following webupd8team/java PPA to your system and update the repository package database as shown.

$ sudo add-apt-repository ppa:webupd8team/java
$ sudo apt-get update

Once PPA has been added and updated, now search for the packages with name oracle-java9 as shown.

$ apt-cache search oracle-java9

Search Java Packages

Search Java Packages

The above output confirms that the Java 9 is available to install using the following command.

$ sudo apt-get install oracle-java9-installer

Install Java 9 in Ubuntu

Install Java 9 in Ubuntu

If you have more than one Java installed on your system, you can install oracle-java9-set-default package to set Java 9 as default as shown.

$ sudo apt-get install oracle-java9-set-default

Please note that the same webupd8team/java PPA also offers older versions of Java packages like Java 8 and Java 7.

Installing Java 9 from Sources

In order to install Java 9 SE SDK in your system, on a Desktop Linux machine, first open a browser and navigate to Java SE official download page.

Here, select Java SE Development Kit 9, hit on Downloads link and check Accept License Agreement in order to start the download process of the latest version of the tarball package.

Java offers no pre-compiled packages in the form of .deb packages for Debian based Linux distributions, so we need to use the gzipped tarball file to perform the installation.

If you install Java on a headless machine or in servers, download Java 9 SE JDK archive via wget command line utility, by issuing the below command.

$ wget --no-cookies --no-check-certificate --header "Cookie: oraclelicense=accept-securebackup-cookie" http://download.oracle.com/otn-pub/java/jdk/9.0.4+11/c2514751926b4512b076cc82f959763f/jdk-9.0.4_linux-x64_bin.tar.gz 

After the download completes, navigate to the directory where Java package has been downloaded and issue the below commands to start installing Java software.

The commands executed below will decompress Java tarball archive directly into /opt directory. Enter java extracted path from /opt directory and issue ls command to list the content of the directory. Java executable files are located in bin directory.

$ sudo tar xfz jdk-9.0.4_linux-x64_bin.tar.gz -C /opt/
$ cd /opt/jdk-9.0.4/
$ ls

Java Executable Files

Java Executable Files

Next, insert Java environment variables and the executable files path into your system $PATH variable, by issuing the below commands that will create a new file named java.sh into system profile.

This method ensures that Java environment variables and executables will be accessible system-wide.

$ sudo echo 'export JAVA_HOME=/opt/jdk-9.0.4/' | sudo tee /etc/profile.d/java.sh
$ sudo echo 'export PATH=$PATH:/opt/jdk-9.0.4/bin' | sudo tee -a /etc/profile.d/java.sh

Set Java Environment Variables

Set Java Environment Variables

Finally, log out and log in back again to apply the settings and issue the below command to verify Java installed version on your system.

$ java --version

Verify Java Version

Verify Java Version

Congratulations! The latest version of Java 9 SE SDK is now installed in your Debian based Linux machine.

Source

Tasksel – Easily and Quickly Install Group Softwares in Debian and Ubuntu

One of the several tasks that a Linux user is bound to handle is software installation. There are possibly two methods especially on Debian/Ubuntu Linux systems you can use for installing software. The first is installing individual packages using package management tools such as apt-getaptaptitude and synaptic.

The other is by using Tasksel, is a simple and easy-to-use tool developed for Debian/Ubuntu that provides users an interface to enable them to install a group of related packages such as LAMP ServerMail ServerDNS Server, etc. as a single pre-configured task. It works comparably to meta-packages, you will find nearly all tasks in tasksel present in meta-packages.

How To Install and Use Tasksel in Debian and Ubuntu

To install tasksel, simply run the command below:

$ sudo apt-get install tasksel

After installing Tasksel, it enables you to install one or more predefined group of packages. User need to run it from the command line with a few arguments, it provides a graphical user interface as well where one can select software to install.

The general syntax of running tasksel from the command line is:

$ sudo tasksel install task_name
$ sudo tasksel remove task_name
$ sudo tasksel command_line_options

To start the tasksel user interface, issue the command below:

$ sudo tasksel

Tasksel - List of Software Collection

Tasksel – List of Software Collection

Where you see an asterisk (*) without the red highlighter, it means that software is already installed.

To install one or more software, use the Up and Down arrows to move the red highlighter, press the Space bar to select the software and use the Tab key to move the to <ok>. Then hit Enter button to install the selected software as shown in the screencast below.

Tasksel - Install Software Group

Alternatively, you can list all tasks from the command line as well, by using the command below. Note that in the first column of the list, u (uninstalled) means software is not installed and i (installed) means software is installed.

$ sudo tasksel --list-tasks 
Sample Output
u manual	Manual package selection
u kubuntu-live	Kubuntu live CD
u lubuntu-live	Lubuntu live CD
u ubuntu-gnome-live	Ubuntu GNOME live CD
u ubuntu-live	Ubuntu live CD
u ubuntu-mate-live	Ubuntu MATE Live CD
u ubuntustudio-dvd-live	Ubuntu Studio live DVD
u ubuntustudio-live	Ubuntu Studio live CD
u xubuntu-live	Xubuntu live CD
u cloud-image	Ubuntu Cloud Image (instance)
u dns-server	DNS server
u edubuntu-desktop-gnome	Edubuntu desktop
u kubuntu-desktop	Kubuntu desktop
u kubuntu-full	Kubuntu full
u lamp-server	LAMP server
u lubuntu-core	Lubuntu minimal installation
u lubuntu-desktop	Lubuntu Desktop
u mail-server	Mail server
u mythbuntu-backend-master	Mythbuntu master backend
u mythbuntu-backend-slave	Mythbuntu slave backend
u mythbuntu-desktop	Mythbuntu additional roles
u mythbuntu-frontend	Mythbuntu frontend
u postgresql-server	PostgreSQL database
u samba-server	Samba file server
u tomcat-server	Tomcat Java server
i ubuntu-desktop	Ubuntu desktop
...

You can find a full description of all tasks in /usr/share/tasksel/*.desc and /usr/local/share/tasksel/*.desc files.

Let’s install some group of software packages such LAMPMail ServerDNS Server etc..

Install LAMP stack Using Tasksel

As an example, we shall cover the installation of LAMP (Linux, Apache, MySQL and PHP) stack in Ubuntu 16.04.

You can either use the user interface or the command line option, but here, we shall utilize the command line option as follows:

$ sudo tasksel install lamp-server

Install LAMP Server Using Tasksel in Ubuntu

While the Mysql package is being installed, you will be prompted to configure Mysql by setting a root password. Simply enter a strong and secure password, then hit the Enter key to proceed.

Wait for the installation to complete. After all is done, you can test the LAMP stack installation as follows.

$ sudo task --list-tasks | grep “lamp-server”

i lamp-server	LAM server

Similarly you can also install Mail Server or DNS Server as shown:

$ sudo tasksel install mail-server
$ sudo tasksel install dns-server

Look through the tasksel package man page for more usage options.

$ man tasksel

As a conclusion, tasksel is a simple and easy-to-use interface for users to install software on their Debian/Ubuntu Linux systems.

However, which method of software installation i.e using apt-get/apt/aptitude package management tools or tasksel, do you actually prefer and why? Let us know via the comment section below, as well as any suggestions or other vital feedback.

Source

Install Latest ‘Thunderbird’ Email Client in Linux Systems

Thunderbird is an open source free cross-platform web based email, news and chat client application that is designed to handle multiple email accounts and news feeds.

On December 28, 2016 Mozilla team announced the release of Thunderbird 45.6.0. This new version comes with these features and they are:

Thunderbird 45.6.0 Features

  1. The system integration dialog was shown every time when starting Thunderbird
  2. Various bug fixes and improvements in performance.
  3. Various security fixes.

Check out more about what’s new features and known issues for Thunderbird 45.6.0 version at Thunderbird Release Note.

This article will explain you how to install Thunderbird email client on Linux distributions such as FedoraUbuntuand its derivatives.

In many Linux distributions Thunderbird package included by default, and can be installed using the default package management system, because it will:

  1. Ensure that you have all the needed libraries
  2. Adds a Desktop shortcut to launch Thunderbird
  3. Make Thunderbird accessible to all system users on your computer
  4. It may not offer you the latest version of Thunderbird

Install Thunderbird Email Client in Linux

To install Thunderbird from the default system repositories issue:

$ sudo apt-get install thunderbird   [On Ubuntu based systems]
$ dnf install thunderbird            [On Fedora based systems]

As I said, installing from default repositories will give you older version of Thunderbird. If you want to install most recent version of Mozilla Thunderbird, you can use the PPA maintained by the Mozilla team.

Use CTRL + ALT + T from the desktop to open terminal and add the Thunderbird repository under Ubuntu and its derivatives.

$ sudo add-apt-repository ppa:ubuntu-mozilla-security/ppa

Next, update the system software packages using update command.

$ sudo apt-get update

Once you’ve updated the system, install it using the following command.

$ sudo apt-get install thunderbird

Thunderbird Preview

Install Thunderbird in Linux

Install Thunderbird in Linux

That’s it, you’ve successfully installed Thunderbird 45.6.0 under your Linux system. Thunderbird also available for other operating systems at Thunderbird download page.

Source

10 Useful Open Source Security Firewalls for Linux Systems

Being an Nix admin over 5+ years, I always be responsible for the security management of Linux servers. Firewalls plays an important role in securing Linux systems/networks. It acts like an security guard between internal and external network by controlling and managing incoming and outgoing network traffic based on set of rules. These set of firewall rules only allows legitimate connections and blocks those which are not defined.

Linux Firewalls

10 Open Source Linux Firewalls

There are dozens of open source firewall application available for download in the market. Here in this article, we’ve come up with 10 most popular open source firewalls that might be very useful in selecting one that suits your requirements.

1. Iptables

Iptables/Netfilter is the most popular command line based firewall. It is the first line of defence of a Linux server security. Many system administrators use it for fine-tuning of their servers. It filters the packets in the network stack within the kernel itself. You can find a more detailed overview of Iptables here.

Features of IPtables

  1. It lists the contents of the packet filter ruleset.
  2. It’s lightning fast because it inspects only the packet headers.
  3. You can Add/Remove/Modify rules according to your needs in the packet filter rulesets.
  4. Listing/zeroing per-rule counters of the packet filter rulesets.
  5. Supports Backup and restoration with files.

IPtables Homepage
Basic Guide to Linux IPTables Firewall

2. IPCop Firewall

IPCop is an Open Source Linux firewall distribution, IPCop team is continuously working to provide a stable, more secure, user friendly and highly configurable Firewall management system to their users. IPCop provides a well designed web interface to manage the firewall. It’s very useful and good for Small businesses and Local PCs.

You can configure an Old PC as a secure VPN to provide a secure environment over the internet. It’s also keeps some frequently used information to provide better web browsing experience to its users.

Features of IPCop Firewall

  1. Its Color coded Web Interface allows you to Monitor the performance Graphics for CPU, Memory and Disk as well as Network throughput.
  2. It views and auto rotate logs.
  3. Support Multiple language support.
  4. Provides very secure stable and easily implementable upgrade and add on patches.

IPCop Homepage

3. Shorewall

Shorewall or Shoreline Firewall is another very popular Open source firewall specialized for GNU/Linux. It is build upon the Netfilter system built into the Linux kernel that also supports IPV6.

Feature of Shorewall

  1. Uses Netfilter’s connection tracking facilities for stateful packet filtering.
  2. Supports a wide range of routers/firewall/gateway applications.
  3. Centralized firewall Administration.
  4. A GUI interface with Webmin control Panel.
  5. Multiple ISP support.
  6. Supports Masquerading and port forwarding.
  7. Supports VPN

Shorewall Homepage
Shorewall Installation

4. UFW – Uncomplicated Firewall

UFW is the default firewall tool for Ubuntu servers, it is basically designed to lesser the complexity of the iptables firewall and makes it more user friendly. A Graphical user interface of ufw, GUFW is also available for Ubuntu and Debian users.

Features of UFW

  1. Supports IPV6
  2. Extended Logging options with On/Off facility
  3. Status Monitoring
  4. Extensible Framework
  5. Can be Integrated with Applications
  6. Add/Remove/Modify Rules according to your needs.

UFW Homepage
GUFW Homepage
UFW Installation

5. Vuurmuur

Vuurmuur is another powerful Linux firewall manager built or manage iptables rules for your server or network. At the same time its very user friendly to administrate, no prior iptables working knowledge required to use Vuurmuur.

Features of Vuurmuur

  1. Support IPV6
  2. Traffic shaping
  3. More advanced Monitoring features
  4. Real time monitoring connection and bandwidth usage
  5. Can be easily configured with NAT.
  6. Have Anti-spoofing features.

Vuurmuur Homepage
Vuurmuur Flash Demos

6. pfSense

pfSense is another Open Source and a very reliable firewall for FreeBSD servers. Its based on the concept of Stateful Packet filtering. It offers wide ranges of feature which is normally available on expensive commercial firewalls only.

Features of pfsense

  1. Highly configurable and upgraded from its Web – based interface.
  2. Can be deployed as a perimeter firewall, router, DHCP & DNS server.
  3. Configured as wireless access point and a VPN endpoint.
  4. Traffic shaping and Real Time information about the server.
  5. Inbound and Outbound load balancing.

pfSense Homepage

7. IPFire

IPFire is another open source Linux based firewalls for Small Office , Home Office (SOHO) environments. Its designed with modularity and highly flexibility. IPfire community also took care of Security and developed it as a Stateful Packet Inspection(SPI) firewall.

Features of IPFire

  1. Can be deployed as a firewall, a proxy server or a VPN gateway.
  2. Content filtering
  3. Inbuilt Intrusion detection system
  4. Supports through Wiki, forums and Chats
  5. Support hypervisors like KVM, VmWare and Xen for Virtualization environment.

IPFire Homepage

8. SmoothWall & SmoothWall Express

SmoothWall is an Open Source Linux firewall with a highly configurable Web based interface. Its Web based interface is know as WAM (Web Access manager). A freely distributable version of SmoothWall is know as SmoothWall Express.

Features of SmoothWall

  1. Supports LAN, DMZ, and Wireless networks, plus External.
  2. Real Time content filtering
  3. HTTPS filtering
  4. Support proxies
  5. Log viewing and firewall activity monitor
  6. Traffic stats management on per IP, interface and visit basis
  7. Backup and restoration facility like.

SmoothWall Homepage

9. Endian

Endian firewall is another Stateful packet Inspection concept based firewall which can be deployed as routers, proxy and Gateway VPN with OpenVPN. Its originally developed from IPCop firewall which is also a fork of Smoothwall.

Features of Endian

  1. Bidirectional firewall
  2. Snort Intrusion prevention
  3. Can secure web server with HTTP &FTP proxies, antivirus and URL blacklist.
  4. Can secure Mail servers with SMTP and POP3 proxies, Spam Auto-learning, Greylisting.
  5. VPN with IPSec
  6. Real time Network traffic logging

Endian Homepage

10. ConfigServer Security Firewall

Last, But not the last Configserver security & firewall. It’s a cross platform and a very versatile Firewall, it’s also based on the concept of Stateful packet inspection (SPI) Firewall. It supports almost all Virtualization environments like Virtuozzo, OpenVZ, VMware, XEN, KVM and Virtualbox.

Features of CSF

  1. Its daemon process LFD( Login failure daemon) checks for login failures of sensitive servers like ssh, SMTP, Exim, Imap,Pure & ProFTP, vsftpd, Suhosin and mod_security failures.
  2. Can configure email alerts to notify if something goes unusual or detect any kind of intrusion on your server.
  3. Can be easily integrated popular web hosting control panels like cPanel, DirectAdmin and Webmin.
  4. Notifies excessive resource user and suspicious process via email alerts.
  5. Advanced Intrusion detection system.
  6. Can protect your linux box with the attacks like Syn flood and ping of death.
  7. Checks for exploits
  8. Easy to start/restart/stop & lots more

CSF Homepage
CSF Installation

Other than these Firewalls there are many other firewalls like Sphirewall, Checkpoint, ClearOS, Monowall available in the web to secure your Linux box. Please let the world know which is your favourite firewall for your Nix box and leave your valuable suggestions and queries below in the comment box.

Source

WP2Social Auto Publish Powered By : XYZScripts.com