Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
howto:useful_commands [2019/10/06 05:33]
Stephane de Labrusse [RPM's]
howto:useful_commands [2020/05/26 09:55] (current)
Stephane de Labrusse [check bayes in redis]
Line 210: Line 210:
 kill -USR2 `cat /​var/​run/​clamd@rspamd/​clamav.pid` kill -USR2 `cat /​var/​run/​clamd@rspamd/​clamav.pid`
 </​file>​ </​file>​
 +
 +or to make a long freeze
 +
 +<​file>​
 +kill -STOP `cat /​var/​run/​clamd@rspamd/​clamav.pid`
 +</​file>​
 +
 +and to unfreeze ​
 +
 +<​file>​
 +kill -CONT `cat /​var/​run/​clamd@rspamd/​clamav.pid`
 +</​file> ​
 +
 +
 =====DOCKER===== =====DOCKER=====
  
Line 247: Line 261:
 </​file>​ </​file>​
  
 +* ping a host from a container
 +
 +<​file>​
 +docker run busybox ping -c 1 8.8.4.4
 +PING 8.8.4.4 (8.8.4.4): 56 data bytes
 +64 bytes from 8.8.4.4: seq=0 ttl=61 time=19.222 ms
 +
 +--- 8.8.4.4 ping statistics ---
 +1 packets transmitted,​ 1 packets received, 0% packet loss
 +round-trip min/avg/max = 19.222/​19.222/​19.222 ms
 +</​file>​
 +
 +* query dns from a container
 +
 +<​file>​
 +docker run busybox nslookup google.com
 +Server:​ 127.0.0.11
 +Address:​ 127.0.0.11:​53
 +
 +Non-authoritative answer:
 +Name:​ google.com
 +Address: 2a00:​1450:​4007:​805::​200e
 +
 +*** Can't find google.com: No answer
 +</​file>​
 +
 +* fix docker dns 
 +
 +https://​development.robinwinslow.uk/​2016/​06/​23/​fix-docker-networking-dns/​
 +
 +<​file>​
 +vim /​etc/​docker/​daemon.json
 +{
 +    "​dns":​ ["​10.0.0.2",​ "​8.8.8.8"​]
 +}
 +Then restart the docker service:
 +
 +sudo service docker restart
 +</​file>​
 +
 +or 
 +
 +Discover the address of your DNS server
 +You can find out what network’s DNS server from within Ubuntu as follows:
 +
 +<​file>​
 +$ nmcli dev show | grep '​IP4.DNS'​
 +IP4.DNS[1]: ​                            ​10.0.0.2
 +</​file>​
 +
 +Run Docker with the new DNS server
 +To run a docker container with this DNS server, provide the --dns flag to the run command. For example, let’s run the command we used to check if DNS is working:
 +
 +<​file>​
 +$ docker run --dns 10.0.0.2 busybox nslookup google.com
 +Server: ​   10.0.0.2
 +Address 1: 10.0.0.2
 +Name:      google.com
 +Address 1: 2a00:​1450:​4009:​811::​200e lhr26s02-in-x200e.1e100.net
 +Address 2: 216.58.198.174 lhr25s10-in-f14.1e100.net
 +And that’s what success looks like.
 +</​file>​
 =====DNS===== =====DNS=====
 ====DNSMASQ==== ====DNSMASQ====
Line 356: Line 432:
 ==== Get MAC address without ifconfig ==== ==== Get MAC address without ifconfig ====
   cat /​sys/​class/​net/​host0/​address   cat /​sys/​class/​net/​host0/​address
 +
 +=====PODMAN=====
 +
 +* remove **all** podman containers, if you use podman containers just for makerpms
 +
 +<​file>​
 +sudo rm -rf $HOME/​.local/​share/​containers/ ​
 +</​file>​
  
 =====RSPAMD===== =====RSPAMD=====
Line 370: Line 454:
 </​file>​ </​file>​
  
 +
 +<​file>​
 +rspamadm configdump | grep -E '​(WHITE|BLACK)LIST \{'
 +</​file>​
 +====Test manually to check an email====
 +
 +<​file>​
 + ​rspamc email.eml
 +</​file>​
 +
 +<​file>​
 +curl smtp://​127.0.0.1:​25 -v --anyauth --mail-from no-reply@neth.net --mail-rcpt filippo@neth.net --upload-file ./2019.eml
 +</​file>​
 +
 +- test the fom IP
 +
 +<​file>​
 +[root@ns7loc14 ~]# host $(hostname)
 +[root@ns7loc14 ~]# config setprop postfix AccessBypassList 192.168.56.15
 +
 +((++I)) ; curl smtp://​$(hostname):​25/​$(hostname) -v --mail-from davidep2@email.celio.com --mail-rcpt postmaster@dpnet.nethesis.it <<EOF
 +Subject: Test ${I}
 +Date: $(date -R)
 +Message-ID: <​${I}.$(date +%s)@$(hostname -d)>
 +From: davidep2@nethserver.org
 +To: postmaster@dpnet.nethesis.it
 +Mime-Version:​ 1.0
 +
 +Test $I
 +
 +Configuration settings for bayes expiry module should be 
 +added to the corresponding classifier section (for instance ​
 +in the local.d/​classifier-bayes.conf).
 +Bayes expiry module provides intelligent expiration of 
 +statistical tokens for the new schema of Redis statistics ​
 +storage.
 +
 +EOF
 +
 +</​file>​
 +
 +- test from email/​domain
 +
 +<​file>​
 +((++I)) ; curl smtp://​$(hostname):​25/​$(hostname) -v --mail-from davidep2@email.celio.com --mail-rcpt postmaster@dpnet.nethesis.it <<EOF
 +Subject: Test ${I}
 +Date: $(date -R)
 +Message-ID: <​${I}.$(date +%s)@$(hostname -d)>
 +From: davidep2@nethserver.org
 +To: postmaster@dpnet.nethesis.it
 +Mime-Version:​ 1.0
 +
 +Test $I
 +
 +Configuration settings for bayes expiry module should be 
 +added to the corresponding classifier section (for instance ​
 +in the local.d/​classifier-bayes.conf).
 +Bayes expiry module provides intelligent expiration of 
 +statistical tokens for the new schema of Redis statistics ​
 +storage.
 +
 +EOF
 +
 +</​file>​
 +
 +- test with getMail and a eicar 
 +
 +
 +<​file>​
 +
 +[root@vm5 ~]# /​usr/​bin/​rspamc-getmail "​-i"​ "​127.0.0.1"​ "​--mime"​ "​-t"​ "​120"​ "​-h"​ "​localhost:​11334"​ <<'​EOF' ​
 +Return-Path:​ <​root@nethservice.nethesis.it>​
 +Delivered-To:​ davidep2@nethesis.it
 +Received: from nethservice.nethesis.it
 +by nethservice.nethesis.it with LMTP id 2MyWCgn7O14ucwAAJc5BcA
 +for <​davidep2@nethesis.it>;​ Thu, 06 Feb 2020 12:39:53 +0100
 +Received: by nethservice.nethesis.it (Postfix, from userid 0)
 +id 2A0133054108E;​ Thu,  6 Feb 2020 12:39:53 +0100 (CET)
 +From: virus-tester@nethservice.nethesis.it
 +To: undisclosed-recipients:;​
 +Subject: amavisd test - simple - virus scanner test pattern
 +Message-Id: <​20200206113953.2A0133054108E@nethservice.nethesis.it>​
 +Date: Thu,  6 Feb 2020 12:39:53 +0100 (CET)
 +
 +X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
 +EOF
 +</​file>​
 +====check the content of all maps ====
 +
 +<​file>​
 +grep -r -F .  /​etc/​rspamd/​{white,​black}list* | grep -v -F '#'​ | sort
 +</​file>​
 ==== Statistics==== ==== Statistics====
 - Display statistics - Display statistics
Line 396: Line 572:
 </​file>​ </​file>​
  
-====+==== Flush cache data in redis ====
  
 +<​file>​
 +redis-cli -s /​var/​run/​redis-rspamd/​rspamd FLUSHALL
 +</​file>​
 +
 +==== check bayes in redis ====
 +
 +<​file>​
 +[root@prometheus ~]# redis-cli -s /​var/​run/​redis-rspamd/​rspamd
 +redis /​var/​run/​redis-rspamd/​rspamd>​ HGET BAYES_HAM learns ​
 +redis /​var/​run/​redis-rspamd/​rspamd>​ HGET BAYES_SPAM learns
 +</​file>​
 +
 +
 +=== check keys/values in redis ===
 +
 +<​file>​
 +#!/bin/bash
 +
 +for key in $(redis-cli -s /​var/​run/​redis-rspamd/​rspamd keys \*);
 +  do
 +     #if [[ $key =~ '​BAYES'​ ]]; then
 +       echo "Key : '​$key'" ​
 +       ​redis-cli -s /​var/​run/​redis-rspamd/​rspamd type $key;
 +       ​redis-cli -s /​var/​run/​redis-rspamd/​rspamd GET $key;
 +     #fi
 +done
 +</​file>​
 +
 +
 +=== redis monitor === 
 +
 +<​file>​
 +redis-cli -s /​var/​run/​redis-rspamd/​rspamd monitor
 +</​file>​
 ====Test rspamd by the command line==== ====Test rspamd by the command line====
  
 https://​github.com/​NethServer/​dev/​issues/​5755#​issuecomment-492547473 https://​github.com/​NethServer/​dev/​issues/​5755#​issuecomment-492547473
 +
 +==== RESET bayes data====
 +
 +https://​mailcow.github.io/​mailcow-dockerized-docs/​u_e-rspamd/#​reset-learned-data
 +
 +You need to delete keys in Redis to reset learned mail, so create a copy of your Redis database now:
 +
 +Backup database
 +
 +
 +<​file>​
 +# It is better to stop Redis before you copy the file.
 +cp /​var/​lib/​redis/​rspamd/​dump.rdb /root/Reset Bayes data
 +</​file>​
 +
 +
 +<​file>​
 + ​redis-cli -s /​var/​run/​redis-rspamd/​rspamd --scan --pattern BAYES_* | xargs redis-cli del
 + ​redis-cli -s /​var/​run/​redis-rspamd/​rspamd --scan --pattern RS* | xargs redis-cli del
 +</​file>​
 +
 +If it complains about...
 +
 +
 +(error) ERR wrong number of arguments for '​del'​ command
 +...the key pattern was not found and thus no data is available to delete.
 +
 +===== Shorewall =====
 +
 +==== Clear dynamic ====
 +<​file>​
 +iptables -F dynamic
 +shorewall save
 +</​file>​
 +
 +==== Disable shorewall ====
 +
 +<​file>​
 +shorewall clear
 +</​file>​
 +
 +to restart ​
 +
 +<​file>​
 +shorewall start
 +</​file>​
 ====== Specific To Nethserver ====== ====== Specific To Nethserver ======
  
Line 497: Line 753:
 =====LOG===== =====LOG=====
  
-Log retention policy on nethserver+===Log retention policy on nethserver===
  
 By default set to 4 weeks, if you want to increase to one year By default set to 4 weeks, if you want to increase to one year
Line 516: Line 772:
 </​file>​ </​file>​
  
 +===Force log rotation=== ​
 +
 +<​file>​
 +logrotate -vf /​etc/​logrotate.conf
 +
 +</​file>​
 =====SAMBA4===== =====SAMBA4=====
 ====have a shell inside the nsdc container==== ====have a shell inside the nsdc container====
Line 554: Line 816:
  
 ====list all entries with the administrator bind==== ====list all entries with the administrator bind====
 +<​file>​
   ldapsearch -Z -x -D CN=Administrator,​CN=Users,​DC=neth,​DC=eu -w Nethesis,​1234 -b CN=Users,​DC=neth,​DC=eu -h 192.168.5.44   ldapsearch -Z -x -D CN=Administrator,​CN=Users,​DC=neth,​DC=eu -w Nethesis,​1234 -b CN=Users,​DC=neth,​DC=eu -h 192.168.5.44
 +  ldapsearch -Z -x -D  CN=stephane,​CN=Users,​DC=ad,​DC=nethservertest,​DC=org -w '​azerty'​ -b CN=Users,​DC=ad,​DC=nethservertest,​DC=org -h 192.168.56.101 
 +</​file>​ 
 + 
   * the ip must be relevant to the one of your container.   * the ip must be relevant to the one of your container.
   * the default password (Nethesis,​1234) must be changed to the right one.   * the default password (Nethesis,​1234) must be changed to the right one.
Line 750: Line 1015:
  
 {{tag>​userguide ht_tips}} {{tag>​userguide ht_tips}}
 +
 +
 +=====NethServer repository Tests =====
 +
 +- Test changes in comps file
 +
 +https://​github.com/​NethServer/​dev/​issues/​6117#​issuecomment-618316043
 +