Categories: Networking, Cisco

Routing email to another (internal) host via Postfix

16/07/12 | by admin [mail] | Categories: Networking, Mac OS X

This is the kind of thing that you'd assume that Postfix could do, after all Postfix is all about mail delivery. In essence, this is analogous to web proxying. The request comes in to the front end server, and it passes it onto a relevant back end server. The only question is how. Well, browse your /etc/postfix and there's a file called transport.

This is a brief except from the Transport file in /etc/postfix/ on Mac OS X 10.6

Code:

# TRANSPORT(5)                                                      TRANSPORT(5)
#
# NAME
#        transport - Postfix transport table format
#
# SYNOPSIS
#        postmap /etc/postfix/transport
#
#        postmap -q "string" /etc/postfix/transport
#
#        postmap -q - /etc/postfix/transport <inputfile
#
# DESCRIPTION
#        The  optional  transport(5) table specifies a mapping from
#        email addresses to message delivery transports  and  next-
#        hop  destinations.   Message  delivery  transports such as
#        local or smtp are defined in the master.cf file, and next-
#        hop  destinations are typically hosts or domain names. The
#        table is searched by the trivial-rewrite(8) daemon.
#
#        This  mapping  overrides  the  default   transport:nexthop
#        selection that is built into Postfix:

So, what do you do?

Use the /etc/postfix/transport
edit and add at bottom in format:

domain1.com smtp:exchange1.mydomain.local
domain2.com smtp:exchange2.mydomain.local

postmap /etc/postfix/transport

reload postfix

Bam!

The example is for routing mails for domain1.com to smtp service on exchange1.mydomain.local and correspondingly for domain2

SSH Port forwarding

16/10/11 | by admin [mail] | Categories: Networking

There is this article that attempts to explain the basics of SSH port forwarding. I find it a little hard to follow, I think because it lacks concrete examples. So, I'm putting a few here

There's two main flavours: forwarding and remote forwarding.

You can use forwarding to forwarding incoming requests to a local port (a port on your computer) to a port on a remote computer. So, you can do something like:

ssh user@remoteserver.example.org -T -L 5900:localhost:15900

This will allow you to connect to a local port (15900) to access port 5900 on the remote machine. This port is for VNC, so what it means is if you have SSH access to a remote machine, and perhaps only SSH access, you can connect to localhost:15900 to access the VNC service on that computer. Very useful when dealing with firewalled or natted remote computers.

Now, remote forwarding does the opposite. Imagine that you have console access on a remote box, and it is sitting behind a NAT or firewall. It can SSH out to another computer, but you can't SSH in. Not an uncommon situation for a typical client box. What this computer can do however is a remote forward, so that requests to port 15900 on the server are sent to port 5900 on the local box.

ssh user@myserver.example.org -T -R 15900:localhost:5900

You could package that up as a script, send it to a friend to run so that they connect to your server, and then access port 15900 on your server to in fact VNC into their computer. Very handy for providing remote support.

You can add these together, so that a server out there on the internet which both you and your friend have SSH access to can act as relay.

Alternatively, by specifying a public IP, or hostname, which works in all cases (locally and remotely) before the first port, and adding the -g flag, you should be able to access that port from outside. To use the -g flag, GatewayPorts Yes needs to be in your sshd_config
Eg

ssh user@myserver.example.org -T -R myserver.example.org:15900:localhost:5900 -g

The only other thing you might need to remember, is if you are running ssh on a nonstandard port, you will need to add the -p flag with the port at the beginning (before the user@host bit) eg:

ssh -p10022 user@myserver.example.org -T -R 15900:localhost:5900

And an example with a web service, where on a NATed box, we tunnel port 80 to a remote server.

ssh user@myserver.example.org -T -R myserver.example.org:80:localhost:80 -g

Of course, to do that you won't want to be running anything on port 80 on myserver.example.org. It's a cool way to quickly swap over to a test website from the internet. Killing Apache on myserver.example.org and then starting up your port forward, but probably of limited use.

NFS and Mac OS X 10.5+

24/09/11 | by admin [mail] | Categories: Networking, Mac OS X

NFS is part of Mac OS X since always. In 10.5 it went from being managed through NetInfo, to being obfuscated to an even more annoying level.

On Mac OS X 10.3+ Server it is an easy to manage service in Server Admin. However life is more difficult on the 'client' versions of Mac OS X.

Anyway, running along to the point of this story. nfsd is in the usual place, and config is where you'd hope it to be in /etc/export. But this being Mac OS X, there is also a nice launchd job, where you'd hope at: /System/Library/LaunchDaemons/com.apple.nfsd.plist

You start the usual way with:

Code:

launchctl load /System/Library/LaunchDaemons/com.apple.nfsd.plist

Or to make permanent, you can use the -w flag

Code:

launchctl load -w /System/Library/LaunchDaemons/com.apple.nfsd.plist

By default it will pick up the exports defined in /etc/export

Example entries in exports to share a whole directory tree, and allowing mounting of subfolders.

/Volumes/MyNFSShare -alldirs
/Users/myaccount

NFS works only on UIDs, so you need to be careful about setup. Ideally, you use a shared Directory Service to synchronise UIDs across multiple systems. You might choose to you the -mapall flag to map the UIDs in the export to another.

You can mount the exports on a client computer easily using the Connect to Server (-k) menu item in Finder, and entering the share URL as nfs://server/path/to/export which mount by default under /Volumes. From terminal, open will work this way, too. 10.6 at least has an option under Disk Utility File Menu to import an NFS export and define the mount point.

You can also mount at terminal using:

Code:

sudo mkdir /path/to/local/mountpoint
sudo mount -o rsize=32768,wsize=32768,intr,noatime -t nfs host:/full/path/to/export /path/to/local/mountpoint

Cisco time and logs

18/09/11 | by admin [mail] | Categories: Networking, Cisco

Show current time (useful for when time is not set correctly eg no nts available).

show version for uptime

More Cisco commands

System Administration

September 2017
Mon Tue Wed Thu Fri Sat Sun
 << <   > >>
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30  

Categories

XML Feeds

What is RSS?

powered by b2evolution free blog software