Monday, December 24, 2012

Cisco Switches Commands (Daily)

SW3#show vlan brief
SW3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW3(config)#int fa0/2
SW3(config-if)#switchport access vlan 10
SW3(config-if)#spanning-tree portfast
SW3(config-if)#spanning-tree bpduguard enable
SW3(config-if)#do show vlan brief

show interfaces status err-disabled
show errdisable flap-values

2ndFl_ONM_SW(config)# errdisable recovery cause ?
2ndFl_ONM_SW(config)# errdisable recovery cause link-flap
show errdisable recovery
show interfaces gigabitethernet 0/7 status
show etherchannel summary
no errdisable detect cause inline-power 

hxxp://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00806cd87b.shtml

-------------------------------------------------------------------------------------------------------
#host -t a www.msn.com
#whois x.x.x.x | grep CIDR
-------------------------------------------------------------------------------------------------------
iptables -L -n
iptables -L -v -n --line-numbers
-------------------------------------------------------------------------------------------------------
Command to enable proxy usage:
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" ^
    /v ProxyEnable /t REG_DWORD /d 1 /f
 
Command to disable proxy usage:
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" ^
    /v ProxyEnable /t REG_DWORD /d 0 /f
 
Command to change the proxy address:
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" ^
    /v ProxyServer /t REG_SZ /d 192.168.100.1:8080 /f
 
----------------------------------------------------------------------------
sh mac address-table
sh mac address-table dynamic 
sh mac address-table dynamic interface gigabitEthernet 0/34
clear mac address-table dynamic interface gigabitEthernet 0/34
clear mac address-table dynamic ?
clear mac address-table dynamic vlan 7
 

Sunday, December 23, 2012

WCCP 2, Squid, ASA 5510

TCP_Miss: Direct = not in cache and going direct with out through parent cache
TCP_MEM_HIT:NONE = object is stored in the memory
TCP_CLIENT_REFRESH_MISS:DIRECT = browser hit refresh 
----------------------------------------------------------------------------------------------------
vi    /etc/rc.local
modprobe ip_gre
ip tunnel add wccp0 mode gre remote (ASA Inside IP) local (Squidbox IP) dev eth0
ifconfig wccp0 (Squidbox IP) netmask 255.255.255.255 up
echo 0 >/proc/sys/net/ipv4/conf/wccp0/rp_filter
echo 0 >/proc/sys/net/ipv4/conf/eth0/rp_filter
echo 1 > /proc/sys/net/ipv4/ip_forward
--------------------------------------------------------------------------------------------------------
 vi    /etc/sysconfig/iptables
iptables -t nat -A PREROUTING -i wccp0 -p tcp --dport 80 -j REDIRECT --to-port 8080
iptables -t nat -A POSTROUTING -j MASQUERADE
----------------------------------------------------------------------------------------------------------
vi   /etc/squid/squid.conf
http_port 8080 transparent
wccp2_router (ASA Inside IP)
wccp2_forwarding_method 1
wccp2_return_method 1
wccp2_service standard 0 password=foo
----------------------------------------------------------------------------------------------------------
ASA 5510 Config
(Allow specific subnet)
access-list wccp_redirect extended deny ip host 192.168.10.15 any
access-list wccp_redirect extended permit tcp workstations 255.255.255.0 any eq www


(Allow everyone)
wccp web-cache
OR

wccp web-cache redirect-list wccp_redirect password foo <- br="br" password="password" with="with">
wccp interface inside web-cache redirect in

Wednesday, December 5, 2012

Realy Host Postfix MTA

main.cf
#relayhost = [ny-cas-2k8.mmx.com]:25
transport_maps = hash:/etc/postfix/transport
-----------------------------------------------------------------
vi  /etc/postfix/transport

*    smtp:[192.168.10.36]:25

postmap /etc/postfix/transport
Quote of the Day