Installing and setting up phpPgAdmin

In this blog, I'll discuss on how to setup phpPgAdmin. But before going any further where can phpPgAdmin be used? PhpPgAdmin is a counter part of phpMyAdmin. If phpMyAdmin is the web admin user interface managing MySQL server then phpPgAdmin is for PostgreSQL. PhpPgAdmin was created to ease the administration of PostgreSQL. Below are the requirements needed to build the admin.

Requirements:

- PHP installed
- PostgreSQL installed (for instruction on how to install postgreSQL server see http://www.designmagick.com/article/2/Starting-Out/Installing-PostgreSQL)

- if you are running CentOS distro or the like then you can just do yum to install all of these needed packages.

Note: by default the installation of Postgres creates user postgres with no password (postgres by default is the superuser for PostgreSQL).

Here are the steps to take to be able to make phpPgAdmin running:

1. Download phpPgAdmin

# cd /usr/src/
# wget http://downloads.sourceforge.net/project/phppgadmin/phpPgAdmin%20%5Bstable%5D/phpPgAdmin-4.2.2/phpPgAdmin-4.2.2.tar.gz?use_mirror=nchc

2. Extract the package

# tar xvzf phpPgAdmin-4.2.2.tar.gz

3. Rename the folder and move folder to the web server document root (assuming your document root is at /var/www/html)

# mv phpPgAdmin-4.2.2 /var/www/html/phpPgAdmin

4. You should be able to browse phpPgAdmin on browser

http://xxx.xxx.xxx.xxx/phpPgAdmin/

5. Notice that what ever you put you always get "Login Failed". To correct that edit config.inc.php (located at /var/www/html/phpPgAdmin/conf/config.inc.php), set $conf['extra_login_security'] to false for now.

from

$conf['extra_login_security'] = true;

to

$conf['extra_login_security'] = false;

6. Do also the changes as follow on config.inc.php

from

$conf['servers'][0]['host'] = '';

to

$conf['servers'][0]['host'] = 'localhost'; // this is to allow tcp login

7. Now login to phpPgAdmin using username postgres without password

8. Create a user with password. (Another admin since it is advisable to use other super user account to avoid hack).

9. Once a new admin user has been created. Logout from the phpPgAdmin.

10. Edit the postgreSQL configuration (pg_hba.conf) to set md5 authentication for all connecting client via tcp. (By default all created user are trusted even without authentication). Do the changes as follow.

# vi /var/lib/pgsql/data/pg_hba.conf

from

host all all 127.0.0.1 255.255.255.255 trust

to

host all postgres 127.0.0.1 255.255.255.255 trust
host all all 127.0.0.1 255.255.255.255 md5

save the file and restart postgresql

# service postgresql restart

11. Edit again the config.inc.php and do the changes as follow:

# vi /var/www/html/conf/config.inc.php

from

$conf['extra_login_security'] = false;

to

$conf['extra_login_security'] = true;

12. Now you should be able to login using the new admin account created with password. Postgres super user will always be denied to login on phpPgAdmin for security reason.

All should be working fine from this point. You now have a running phpPgAdmin. I hope this helps for those who are establishing their PostgreSQL web admin. Cheers, Take care and God Bless!!!!

Doing FTP in PHP

I had an issue during a development of one of my projects. One of the modules deals with FTP'ing files from one server to another. My script was able to login with no issues but I wondered why it was not able to write or ftp_put anything. I googled for few hours finding out how to overcome this issue that I have and came over with these links...

http://www.php.net/manual/en/function.ftp-pasv.php
http://us.php.net/manual/en/function.ftp-put.php#73168

Both of these links tell that you have to use ftp_pasv to set the ftp connection in passive mode. Meaning the ftp connection will be initiated from the client instead from the server. Also take note that ftp_pasv should be done immediately after calling the ftp_login.

Here is the comment I read there which gave or shed me the light for succesfully getting around with my problem.

"If you are having timeouts uploading a file, even very small files, you might have a look at ftp_pasv()

And don't forget to do it after your ftp_login();"

The sample code below shows how to do it.



$file = 'somefile.txt';
$remote_file = 'readme.txt';

// set up basic connection
$conn_id = ftp_connect($ftp_server);

// login with username and password
$login_result = ftp_login($conn_id, $ftp_user_name, $ftp_user_pass);

// turn passive mode on
ftp_pasv($conn_id, true);

// upload a file
if (ftp_put($conn_id, $remote_file, $file, FTP_ASCII)) {
echo "successfully uploaded $file\n";
} else {
echo "There was a problem while uploading $file\n";
}

// close the connection
ftp_close($conn_id);
?>

I hope this experience that I had and I shared with you will help you out fixing issues doing FTP in PHP. Thanks, Cheers and God Bless!!!!

Silky Heart

Every hour of the day
Whenever I think about you
This impatient feelings
Just overflow

It would be easier if I just tell you that I love you
But when you appear in front of me
my personality stands up and interferes

I can usually pull through with my assertiveness
That's just the way I am
But no matter how hard I try, I can't break the wall that's between us

I want you to realize my feelings
That's why I always gaze at you with the message of...
"I love you"
With all of my courage!

My heart made of silk feels like it's about to rip apart
After meeting you, I finally realized
That I'm really clumsy when it comes to love
My scars from love that I've almost forgotten
Have started to ache all of a sudden
someday, like how I normally would...
I must tell you that I love you, or
else I'll become even weaker

If I say ‘I love you’, then I can be at ease
The truth is, even though I know that
When I sound it out, you seem to leave me

I wonder, what do you think
Of me?
At our current distance we’re merely friends, right?

I just might be whitewashing it
But I don’t want to get hurt, it’s just that alone…
Or so I persuaded myself
And I just ran away

If my flimsy silky heart
Gets hurt this time, then I’m sure
I won’t be able to love anyone ever again
The splitting sound that echoes in my chest
Is at the bottom of my memories, I’m sure
The sewing kit that I forgot to put away
On that day should be around somewhere…

I’m going to meet you now

Within the people I simply brush by
I wanted to find more than anyone
The eyes welled up with tears, that voice
I only want to hold you
If I miss you and call out to you my dear
Wherever I may be, it is for you

I’m calling your name again
Because I’m like this
Because your are the one I love
I’m going to see you again
A love deeper than my tears

The lamp on the street where we
First spoke shines a light on my heart
Evething that catches my eyes,everything
Are memories that remind me of you
If I tell you that I’ve gotten too really like you
Will you feel unsettled? I wonder

I’m calling your name again
Because I’m like this
Because you are the one I love
I’m going to see you again
A love deeper than my tears

With only you
No matter how many things
Even if I’m reborn
Will you feel insettled? I wonder

I love you more than anyone
Inside my heart,
Because you live in my heart
I’m going to meet you now
Bringing along the promise of forever
I’m so happy to be loving you

Hikbi ng Pusong Umaasa

alam kong mahirap pero kailangang gawin
di ko alam kung matatagalan ko at mapaninindigan ang nais ko
ang lumayo sa kanya at limutin na ng tuluyan ang nararamdaman ko
marahil ito yung tamang paraan, marahil ito ang solusyon

marahil panahon na para limutin ang lahat
ang mga panahon na nangarap akong maging kami kahit minsan
dahil alam ko naman ang katotohanang di magkakatotoo ang panaginip ko
ang panaginip na minsan ay nagbigay ng kahit kunting ngiti sa puso ko

sadya sigurong ganito pero sa katagalan makakalimutan ko rin sya
kahit mahirap kakayanin dahil kailangan
kailangan na akong magising sa katotothan at harapin ang realidad ng buhay

Pero di pa rin titigil ang pusong ito na umasa kahit pasaglit saglit lang
Pero pagod na rin ang pusong ito, pagod na itong isipan ko sa mga ilusyon
Pagod na rin ako sa kakaasa .....

Kainis lang

Naiinis ako di ko alam kung ano ba dapat kong gawin
Masyado na ba akong naiinip sa pagdating nya
Masyado na ba akong matagal naghihintay
Di ko alam kung bulag ba ako manhid o kung anuman
baka naman nasa paligid lang sya pero ayokong tingnan
baka naman matagal na pala syang nasa paligid
Pero nagbubulag bulagan lang ako
Masyado lang ba akong takot na makita ko sya
O masyado lang akong nadala sa nangyari sa nakaraan
pero ayoko mawalan ng pag asa sa buhay
ayokong sayangin ung natitira kong pag asa na makita sya
ganito ba ako kabulag at di ko makita kung nasan sya
di ko alam nandito na ba sya sa paligid ko
O kailangan ko po syang hanapin
Wla akong clue na nakikita eh
O tanga lang ako na obvious ng nasa paligid
Pero nag mamaang ma angan lang ako
ewan ko ba ano ba dapat kong gawin
napaka gulo di ko maintindihan
palibhasa di ko pa nararanasan ung magmahal at mahalin ka
ewan ko ang gulo ano
kainis kasi napaka torpe ko
tapos parang wala pa kong ganon katatag na confidence sa sarili
baka kasi ung hinahanap ng mga babae sa paligid ko
ung mga alam mo na ung mga guwapo ung mga pang matinee idol baga
ayoko naman na tumandang binata
nakakatakot din, pero eto naman akong engot
wla namang magawang aksyon kung anong gagawin
kakainis lang ng konti pero minsan
ayoko ng paniwalaan pa ung nararamdaman ko
baka makuryente na nman ako
tapos haun uuwi na naman luhaan
kainis kung pwde lang sana lagi sure ball
pero hindi rin eh

Connecting Two Asterisk via IAX2 with VPN

On my previous blog I discussed how to install and set up OpenVPN. Now will take a look on how we could be able to use VPN to

connect Asterisk vi IAX2 servers.

1. Assuming this scenario

The OpenVPN server(Asterisk A) is at 10.8.0.1
The OpenVPN client(Asterisk B) is at 10.8.0.10

(At server B)

Add an entry on the iax.conf like this

[MdPhone2]
type=friend
auth=plaintext
username=MdPhil2
secret=md2004
context=incoming
canreinvite=yes
host=10.8.0.1
disallow=all
allow=ulaw
jitterbuffer=yes

(At server A)
[MdPhil2]
type=friend
auth=plaintext
username=MdPhone2
secret=md2004
context=MDI-Phones
canreinvite=no
host=10.8.0.10
host=dynamic
disallow=all
allow=ulaw
qualify=4000


2. Next add this on your dialplan route

(At server B)

exten => _1XX,1,Answer()
exten => _1XX,2,Dial(IAX2/MdPhil2@MdPhone2/${EXTEN}@MDI-Phones)
exten => _1XX,3,Hangup

(At server A)
exten => _1XX,1,Answer()
exten => _1XX,2,Dial(IAX2/MdPhone2@MdPhil2/${EXTEN}@incoming,90,t)
exten => _1XX,3,Hangup

3. Go to the asterisk console

/usr/sbin/asterisk -r

Issue command:

iax2 reload

dialplan reload

And you are done. You have now Asterisk with IAX2 connection via VPN.

Hope you find this useful. Thanks, Cheers and God Bless!!!

Securing Your VOIP Connections with VPN (Installation and SetUp of OpenVPN)

In this tutorial I'll be discussing on how to install and setup OpenVPN.

What is VPN anyway? VPN stands for Virtual Private Network. It is a network within a network. A VPN allows the creation of a virtual network that can use other networks (e.g. the public internet) for transport. VPNs often encrypt any data they send over the transport network. In other words data being transmitted of WAN is encrypted thus it is secured.

For the instruction on how to install Asterisk, kindly refer to my other tutorials on this blog (http://consciencespeaks.blogspot.com/2009/01/asterisk-installation.html).

Before getting any further we will first discuss a quick start on how to setup the OpenVPN. So here are the steps:

1. Install the OpenVPN package. You may have it via yum or you can have it from source.

yum install openvpn

2. Copy configuration files.

#cp -r /usr/share/doc/openvpn-2.0.9/easy-rsa/ /etc/openvpn/
#cp /usr/share/doc/openvpn-2.0.9/sample-config-files/server.conf /etc/openvpn/

3. Make all the files under directory easy-rsa executables

chmod -R 755 /etc/openvpn/easy-rsa

4. CA configuration

cd /etc/openvpn/easy-rsa/
vi vars

then scroll down to the bottom, edit as you like.

export KEY_COUNTRY=US
export KEY_PROVINCE=CA
export KEY_CITY=CALIFORNIA
export KEY_ORG=”LINUX”
export KEY_EMAIL=”rowell@mindragon.com”

#. ./vars (note a space between . . )
#./clean-all

5. Build CA

#./build-ca

Generating a 1024 bit RSA private key
………………………++++++
…………………….++++++
writing new private key to ‘ca.key’
—–
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [AU]:
State or Province Name (full name) [VIC]:
Locality Name (eg, city) [MELBOURNE]:
Organization Name (eg, company) [THROXVPN]:
Organizational Unit Name (eg, section) []:Throx
Common Name (eg, your name or your server’s hostname) []:throx.net
Email Address [name@mail.com]:

Some information above already entered in step 4, hust hit enter and go to next line.

6. Next we will build the server key and certificate

./build-key-server asteriskus

7. Building Diffie Hellman

#./build-dh

Generating DH parameters, 1024 bit long safe prime, generator 2
This is going to take a long time

(Wait until it finished)

8. Next edit the server.conf to point all the generated files to the proper path. Take note that the keys and certificate are located at /etc/openvpn/easy-rsa/keys

you should have something like this:

port 1194
proto udp
dev tun
ca easy-rsa/keys/ca.crt
cert easy-rsa/keys/asteriskus.crt
key easy-rsa/keys/asteriskus.key
dh easy-rsa/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
client-config-dir ccd ; note we will need this so as to have a fix IP address for each connecting vpn clients


Save the file

9. Next we will generate the key and certificate for our connecting clients.

./build-key asteriskph

Here you will be asked somewhat similat to what we had at step 5 but assigned a different "Common Name" for this / each client. Say for instance I assigned this as with common name asteriskph. (we will use this later on)

We will have the following files

asteriskph.crt, asteriskph.key, asteriskph.csr

10. Now create a directory ccd so as to have

/etc/openvpn/ccd

then under that directory create a file with filename equal to the Common Name of cert of the connectiong client (which we created at step 9.

so

vi /etc/openvpn/ccd/asteriskph

then add this entry

ifconfig-push 10.8.0.10 10.8.0.11 ; in this case the client will have an IP address of 10.8.0.10 everytime it connects to VPN

11. Now you can start the openvpn by issuing

/sbin/service openvpn start

12. Be sure to open up the port 1194 on the firewall to allow connections

Next will set up the VPN at the client side.

1. Download and install OpenVPN at the client side

2. Copy the client key, csr and crt and ca.crt from the OpenVPN server to the client server.

3. Copy the client configuration file

cp /usr/share/doc/openvpn-2.0.9/sample-config-files/client.conf /etc/openvpn/

4. create keys directory under openvpn folder so as to have /etc/openvpn/keys

copy or move all the client's key, crt and ca.crt to that folder

5. Edit the client.conf

You must have something like this:

client
dev tun
proto udp
remote XXX.XXX.XXX.XXX 1194 ; here the IP of the remote (OpenVPN server)


6. Then you may now start the openvpn client

/sbin/service openvpn start

7. In order to verify that your vpn client is running, issue

/sbin/ifconfig

and you should have something like:

tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.10 P-t-P:10.8.0.11 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:4774 errors:0 dropped:0 overruns:0 frame:0
TX packets:4759 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:876230 (855.6 KiB) TX bytes:884454 (863.7 KiB)

if you want to verify also of that of server you can issue the same command and something like above should show up.

Of course to verify further ping the other server using the VPN IP address assigned. (e.g. ping 10.8.0.1 it should have reply...)

[rowell@MDPHAsterisk openvpn]$ ping 10.8.0.1
PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data.
64 bytes from 10.8.0.1: icmp_seq=1 ttl=64 time=202 ms
64 bytes from 10.8.0.1: icmp_seq=2 ttl=64 time=203 ms
64 bytes from 10.8.0.1: icmp_seq=3 ttl=64 time=204 ms

Now you have a running OpenVPN. Hope you find this stuffs useful. Thanks, Cheers and God Bless!!!

The Return of the OpenSER (OpenSIPs)

It has been long while that I've been silent on doing stuffs about OpenSER, ahm I mean OpenSIPs. Ok since there were lot of changes and progress happened with this project and I was not able to keep an eye on this, well let us start from the very beginning. From the point of where we should suppose to start and yes it's about installation.

Alright to begin with,

1. Install all the Linux packages/dependencies needed (please refer to my old blog on this http://consciencespeaks.blogspot.com/2008/06/getting-started-with-openser.html).

2. Get the latest source package of OpenSIPs (currently it's 1.5.x series)

wget http://opensips.org/pub/opensips/1.5.0/src/opensips-1.5.0-tls_src.tar.gz

3. Unzip and extract the files

tar xvzf opensips-1.5.0-tls_src.tar.gz

4. cd to the source directory

cd opensips-1.5.0-tls

5. Do following for compilation and installation

make clean
make all
make install ; it seems to be simplified ah ;-) by default everything will be installed at /usr/local

6. Now edit first openserctlrc

vi /usr/local/etc/opensips/opensipsctlrc

uncomment the line that says

DBENGINE=MYSQL

7. Now we can create the database for the OpenSIPs

/usr/local/sbin/opensipsdbctl create

; this will prompt for mysql root password

*Note that upon execution of this command it will create 2 users for OpenSIPs

; by default the mysql database user created is:

username: opensips
password: opensipsrw

8. Now edit opensips.cfg

vi /usr/local/etc/opensips/opensips.cfg

uncomment all lines in configuration file opensips.cfg which are related to
authentication:
- loadmodule "/usr/lib/opensips/modules/db_mysql.so"
- loadmodule "/usr/lib/opensips/modules/auth.so"
- loadmodule "/usr/lib/opensips/modules/auth_db.so"
- modparam("usrloc", "db_mode", 2)
- modparam("auth", "calculate_ha1", yes)
- modparam("auth_db", "password_column", "password")
- if (!www_authorize("sip.org", "subscriber")) {
www_challenge("sip.org", "0");
break;

Make sure you change the two sip.org instances in the above config, to your
domain, or realm. In my case, I changed this to 192.168.2.235 which was the
IP address of this box.

Also, be sure to comment out the following line:

modparam("usrloc", "db_mode", 0)

9. Now let us copy the init script so as to start OpenSIPs as service ( such as starting it at boot). Copy the openser.init which can be found on the base directory of the OpenSIPs source. In my case it is at /usr/src

cp /usr/src/opensips-1.5.0-tls/packaging/rpm/opensips.init /etc/init.d/openser

chmod 755 /etc/init.d/opensips
/sbin/chkconfig --add opensips

also before you start the openser correct the path of its service execution

vi /etc/init.d/opensips

change the following line

osips=/usr/sbin/opensips

with this one since we installed the binaries on path /usr/local

osips=/usr/local/sbin/opensips

10. Now you can start OpenSIPs service

/sbin/service opensips start

To check if it is running issue

ps aux|grep opensips

you should see something like this

root 4210 0.3 0.6 43048 3548 ? S 21:21 0:00 /usr/local/sbin/opensips -P /var/run/opensips.pid
root 4214 0.0 0.2 43048 1216 ? S 21:21 0:00 /usr/local/sbin/opensips -P /var/run/opensips.pid
root 4217 0.0 0.2 43048 1140 ? S 21:21 0:00 /usr/local/sbin/opensips -P /var/run/opensips.pid

11. To test we will create user / SIP account to test our set up. We can do this by using the opensipsctl tool

/usr/local/sbin/opensipsctl add mytest 'abc123!@#'

*Note you might encounter problem once you issued the command above and complaining for the SIP_DOMAiN. To fix that,
issue the command as follows:

export SIP_DOMAIN=192.168.2.235

Now re issue the command for adding new user / SIP account

12. Test it by registering a softphone and filling up the phone's registration info's. You should be able to register already.

Here are some more helpful links:

http://opensips.svn.sourceforge.net/viewvc/opensips/trunk/INSTALL

Hope you find these stuffs useful. Thanks, Cheers and God Bless!!!!

Gumising sa katotohanan

I have to admit to myself na wla syang nararamdaman para sakin
It's all illusion that I am trying to portray
Everything is a false belief
Everything is just a dream and fantasy

Tama na ang ilusyon I have to face the truth
Kailangan na akong mabuhay sa katotohanang di sya para sakin
And there will be no chance para maging kami

Napakahibang ko at nagpapaloko ako sa sarili kong ilusyon
As if everything may come into reality
Pero hinde eh
Enough is enough for all these insanity
For making myself to believe in the story telling I have in mind

I am just hurting myself to realize that everything is just form of my imagination
Kahibangang kailangan ng tigilan
It is too much ... sobra na ang sakit...
Ayoko ng umasa sa isang istoryang wla rin namang katuturan

Ayoko ko ng mamuhay sa mundong puro pangarap na lng
Let's stop this craziness, it's all worthless and futile
Isara mo na ang telon ng pagkukunwari
Ilibing ang damdamin na wla rin namang kapupuntahan

Tma na ang ilusyon
Gumising ka......

Ngiti

Minamasdan kita
Nang hindi mo alam
Pinapangarap kong ikaw ay akin
Mapupulang labi
At matinkad mong ngiti
Umaabot hanggang sa langit

Huwag ka lang titingin sa akin
At baka matunaw ang puso kong sabik

Sa iyong ngiti ako'y nahuhumaling
At sa tuwing ikaw ay gagalaw
Ang mundo ko'y tumitigil
Para lang sayo
Ang awit ng aking puso
Sana'y mapansin mo rin
Ang lihim kong pagtingin

Minamahal kita ng di mo alam
Huwag ka sanang magagalit
Tinamaan yata talaga ang aking puso
Na dati akala ko'y manhid

Hindi pa rin makalapit
Inuunahan ng kaba sa aking dibdib

Sa iyong ngiti ako'y nahuhumaling
At sa tuwing ikaw ay lalapit
Ang mundo ko'y tumitigil
Ang pangalan mo sinisigaw ng puso
Sana'y madama mo rin
Ang lihim kong pagtingin

Sa iyong ngiti ako'y nahuhumaling
(Sa iyong ngiti)
Sa tuwing ikaw ay gagalaw
Ang mundo ko'y tumitigil
Para lang sa'yo...
(Para lang sa'yo ang awit ng aking puso)
Sana ay mapansin mo rin...
Ang lihim kong pagtingin
Sa iyong ngiti...

Lihim na Pagtingin

nahihiya akong aminin ang nararamdaman ko sayo
di ko alam kung dapat ko bang ipagtapat sa yo
O habang buhay ko na lng na itatago

May bahagi sa puso ko na gusto ng magsalita
Pero tikom ang bibig ko at halos wlang masabi
Pilit na kinukubli ang tunay na nararamdaman
Damdamin na matagal ng naghihintay ng pagkakataon
Damdamin na umaasang magmahal at mahalin din

Masaya akong araw araw kang pagmasdan
Pero Masakit din dahil hanggang tanaw lang ang kaya kong magawa
Umaasang darating ang araw na magkakalakas din ng loob
Umaasang Magkakaroon din ng tapang balang araw

Pero sa bawat pagkakataong ninais kong humakbang
Di man lng ako makakilos at makapagsalita
Para akong binuhasan ng yelo
Para akong inawitan ng adarna at naging bato
Wlang imik at tanging mga biro lng ang kayang sambitin

Hindi ko alam kung bakit at parang may takot na pumipigil
Takot na baka sa pagkakataong malaman mo
Doon na mag iiba ang lahat
Takot na sa pagkakataong masambit ng aking labi
Ang mga bagay na tunay na nilalaman nito
Iyon na ang magiging hudyat ng katapusan

Mga pangarap na bigla na lang maglalaho na parang bula
Mga panaginip na madalas kong himlayan ng mga pangarap
Mga pangarap na minsa'y nanaginip na maging tayo man lng

Enabling JSON on you PHP-Apache

Here are the steps to take to enable JSON on PHP. These instructions are specific for Linux OS.

1. Install Pear

yum install php-pear

2. Install PHP-devel

yum install php-devel ; for phpize

3. Install json extension

pecl install json ;or
pear install json

4. Edit php.ini and add on extension list

extension=json.so

5. Save this and restart Apache

And you're done. You now have json enabled on your LAMP server.

Hope you find these useful. Thanks, CHeers and God Bless!!!!

Setting up a scheduler in Linux (Cron Jobs: Crontab tutorial)

There are cases wherein we have to execute a command or a script say for daily basis for some maintenance purposes. In Linux there is a way that we could do it. It is through crontab (a cron job).

Assuming that we want to execute a command. Say we want to reset and resync our clock time with NTP server pool.

a.) Set up for scheduling command

The first thing to do is to locate the complete path of the command. So for our example let us locate where the complete path for ntpdate command is. Issue this command:

# whereis ntpdate

This will show you the different paths like this:

ntpdate: /usr/sbin/ntpdate /usr/share/man/man8/ntpdate.8.gz

Just take note of the bin or sbin path of the command. So in our case it is /usr/sbin/ntpdate.

b.) for scripts here's the set up

First create your script. If it is a shell script then on the first line of code you must have this. For other scripts like PHP just google out there and surely you will find many.

#!/bin/sh

Save your script. Set the file permission to 775 by issuing:

# chmod 775 (script)

Take note of the path where you saved the script we need this later on.

Next we'll open the crontab file by issuing this command.

# crontab -e

The flag 'e' signifies editing of the crontab file.

Once you're prompted on a file like this

~
~
~
~
"/tmp/crontab.XXXXtkRgpi" 7L, 546C

Press 'i' or insert key then you can start writing your schedules. When you are done. Just press escape key then press colon then 'w' and 'q' (:wq (a vi editor way of saving remember..)).


Before we proceed let me just discuss the format of the syntax that you will be enterring here.

* * * * * /complete/path/to/script/(command / filename of script to execute)

Example

*/1 * * * * /usr/sbin/ntpdate north-america.pool.ntp.org > /dev/null 2>&1

Let me explain...

the first * denotes minute (it can be from 0 - 59) minute
the second * denotes hour (military time 0 - 23) hour
the third is day of month (1 - 31)
4th is month (1 - 12)
5th the last one is day of week (0 - 6) 0 = Sunday

Say you want a schedule everyday at 12 midnight... here is an example

0 0 * * * /complete/path/to/script/(command / filename of script to execute)

If you want to execute per minute, here is how

*/1 * * * * /usr/sbin/ntpdate north-america.pool.ntp.org > /dev/null 2>&1

To list your current active cron jobs, issue:

# crontab -l

I hope you find these stuffs useful. Thanks, Cheers and God Bless!!!

Fixed PHP compile error: Note that the MySQL client library is not bundled anymore!

Just a note that is worth be reminded for all CentOS version 5 users. One of the issues being encountered on compiling PHP with MySQL is the error:

Note that the MySQL client library is not bundled anymore!

Now how are you going to fix this?? Here's how.

On your configure command just locate or point the mysql lib base dir in my case it is on /usr

so just do ./configure --with-mysql=/usr

That will resolve your problem.

Hope this helps. Thanks, Cheers and God Bless!!

Hardening PHP (Protecting your PHP from Flaws)

There are rumors going on out there that PHP has some pitfalls. This could lead up to some security risk most especially if you have a PHP application dealing with the outside world. To avoid this, some nice guys out there developed a 'guardian angel' for PHP. The guardian angel I am referring into is the suhosin. Yes suhosin is a korean word which mean 'guardian angel'. It is a PHP extension the secures PHP from its pitfalls or vulnerability.

I will discuss here on how to have this cool stuff on your PHP settings.

1. First download the suhosin signature key. Goto /usr/src then issue this command

# wget http://www.hardened-php.net/hardened-php-signature-key.asc

2. Import it into the GNU Privacy Guard

# gpg --import < hardened-php-signature-key.asc

3. Download the suhosin source

# wget http://download.suhosin.org/suhosin-0.9.27.tgz

4. Unpack the package

# tar xvzf suhosin-0.9.27.tgz

5. cd suhosin-0.9.27

6. After getting into the suhosin directory, issue the following

# phpize
# ./configure
# make
# make install

7. The library suhosin.so is most likely installed on /usr/src/suhosin-0.9.27/modules or it can be on /usr/local/lib/php/extensions/no-debug-non-zts-20060613/suhosin.so

8. copy the suhosin.so to /usr/local/lib/php/extensions that is if you have installed php from source. Check other resources if you did not.

# cp /usr/src/suhosin-0.9.27/modules/suhosin.so /usr/local/lib/php/extensions

9. Open the php.ini

# vi /usr/local/lib/php.ini

10. Set the following parameters on php.ini

extension_dir = "/usr/local/lib/php/extensions/"

extension=suhosin.so

11. save it then restart apache

12. You should now see the suhosin among the enabled extension on your PHP. Check on the phpinfo for this.

Hope you find these info useful. Cheers, Thanks and God Bless!!!!

Smart Host: Relaying Mails from Sendmail to Gmail

There are cases wherein the mails that are being sent from server does not arrive at the recipient's inbox. One possible cause is that the mail was considered a spam. One solution that can be done, dealing with this issue, is to relay the emails to a trusted SMTP host say like Gmail. How are we going to do it here is how.

First you need to have sendmail a native MTA for Linux. Here are the packages you need to have

- sendmail
- senmail-cf
- sendmail-devel

All of these packages can be installed via yum.

Next enable the smart host feature on sendmail. Open the sendmail configuration file.

vi /etc/mail/sendmail.mc

Change this:

dnl define(`SMART_HOST',`smtp.gmail.com')dnl

to:

define(`SMART_HOST',`smtp.gmail.com')dnl

Next add this entry before the entry of smart host.

FEATURE(`authinfo',`hash /etc/mail/auth/client-info')dnl

If you don't have an /etc/mail/auth directory, as root, create one like this:

# mkdir -p /etc/mail/auth
# chmod 700 /etc/mail/auth

You won't have the next client-info files so you'll have to create it (with you favorite Unix editor). Change the permissions on the client-info file like this:

# chmod 600 client-info

So using my user_id@gmail.com email ID and password I made the following entry in /etc/mail/auth/client-info:

# cat /etc/mail/auth/client-info
AuthInfo:smtp.gmail.com "U:smmsp" "I:user_id" "P:password" "M:PLAIN"
AuthInfo:smtp.gmail.com:587 "U:smmsp" "I:user_id" "P:password" "M:PLAIN"

Yes, password is plain text. It is possible to encode the password but I don't have those instructions here.

Remember to replace user_id with your Gmail email ID (your email addresse without the @gmail.com) and password with your email password. Also make sure that the client-info file has a

How to compile it into a db file:

# cd /etc/mail/auth
# makemap -r hash client-info.db <> sendmail.cf

And lastly restart sendmail:

# /sbin/service sendmail restart

Now you can test it....

Hope you find this useful. Thanks, Cheers and God Bless!!!!

Some Linux Network Configurations and Files

I just wanted to list some of the common files or configurations in Linux for networking.

NETWORK Stuff

1.) /etc/sysconfig/network
-this one contains the hostname configuration of the machine so if you want to change the machine hostname do it here
- Sometimes the GATEWAY is configured here

2.) /etc/sysconfig/network-scripts/ifcfg-eth#

Ex. ifcfg-eth0 means eth0 , ifcfg-eth1 means eth1 or ethernet 1 or NIC 1
- the Network / LAN configuration of the machine where its IP is configured
- ifcfg-eth0:0 when there is a colon it means it is a virtual ethernet

3.) /etc/hosts
-local base bind or name service to resolve hostname

4.) /etc/resolv.conf
- DNS settings of the local machine

Fixing Error "cannot open shared object file: No such file or directory"

There are instances during our installation that a shared object, commonly on .so files, cannot be openned or located. To fix this issue here are the steps to take.

1. locate the .so or object file that cannot be opened

locate (objectname).so

Ex. locate libmp4.so

-you will get the path

/usr/local/lib/libmp4.so.0

2. Take note of its path

3. Open ld.so.conf, usually it is on /etc/ld.so.conf

vi /etc/ld.so.conf

4. Add at the end the path of the shared object

include ld.so.conf.d/*.conf
/usr/local/lib/

5. Save it then issue this command

/sbin/ldconfig

-- You're done

Hope you find this helpful. Thanks and God Bless!!!

Setting up a LAMP Server

It is a common task for Linux System Administrators to set up and to establish a web server. On Linux Systems it is common to have Linux, Apache, MySQL and PHP for production. In this tutorial I'll show you on how to set up LAMP with the latest Httpd (Apache), MySQL, and PHP. Here I'll be using CentOS 4.7.

Actually you can have a LAMP running Apache 2.0, PHP 5.1 and MySQL 5.0 on CentOS 4/RH4 easily with yum. How?
Here it is:

To install apache 2.0
yum --enablerepo=centosplus install httpd
To install mysql 5.1
yum --enablerepo=centosplus install mysql mysql-server
To install PHP 5.1
yum --enablerepo=centosplus install php

Then you are done you have a CentOS 4.x running Apache 2.0 MySQL 5.1 and PHP 5.1. Hmmm quite nice isn't it.

But how about if you really insist to have the latest. Well then here is how.

Of course you have to remove all the old Apache, PHP and MySQL instances. Here's how to do it.

1. First check if they are currently installed
rpm -qa|grep httpd ;to check if Apache is installed
rpm -qa|grep mysql ; to check if mysql is installed
rpm -qa|grep php ; to check if php is installed

2. If they are installed then remove them
yum remove httpd
yum remove mysql
yum remove php

3. Remove the remaining traces or dependencies of it
rpm -qa|grep php

you will see here like

php-common
php-pdo

remove them via

rpm -e php-common php-pdo

do the same thing on httpd and mysql

rpm -qa|grep (packagename)

then remove remaining traces

rpm -e (packagename)

4. Once all is clean we can start downloading all the latest packages for our new LAMP

Installing Apache

1. Goto /usr/src

cd /usr/src

1. Get the latest apache server say 2.2.x

wget http://apache.mirrors.biblionix.com/httpd/httpd-2.2.11.tar.gz

2. Extract it

tar xvzf httpd-2.2.11.tar.gz

3. cd httpd-2.2.11

4. then under the httpd folder do the following

./configure
make
make install

By default the apache is installed at /usr/local/apache2 folder

5. Set the necessary configuration you want for your web server

vi /usr/local/apache2/conf/httpd.conf

in my case I set my document root on /var/www/html
to avoid directoy listing do this
On directory directive you will see this

Options Indexes FollowSymLinks

make it like this

Options -Indexes FollowSymLinks

well enough on httpd configurations we'll have more on our next discussions to follow

6. To make the httd start at boot, we'll put it on Linux services. How?

- copy first the apachectl script from the httpd folder

cp /usr/local/apache2/bin/apachectl /etc/init.d/httpd

- we put it on under init.d since all start up scripts are under this folder and being executed upon boot

- we're not done yet. Open httpd startup script.

vi /etc/init.d/httpd

- Add the following entries after the second line

# chkconfig: - 85 15
# description: Apache Web server

- let us add it on the Linux services

/sbin/chkconfig --add httpd

- then set it to start on running levels 345

/sbin/chkconfig --level 345 httpd on

- check if it is set well

/sbin/chkconfig --list|grep httpd

- you should see this

httpd 0:off 1:off 2:off 3:on 4:on 5:on 6:off

7. Now start the httpd service by

/sbin/service httpd start

8. to check if it is running

/sbin/service httpd status (only works for apache installed via rpm or yum)

or do

ps aux|grep httpd (works for all so just do this in our case)

- you should see either of the following

root 27093 0.0 0.1 4108 1808 ? Ss 14:31 0:00 /usr/local/apache2/bin/httpd -k start
apache 27114 0.0 0.1 4108 1640 ? S 14:32 0:00 /usr/local/apache2/bin/httpd -k start
apache 27115 0.0 0.1 4108 1300 ? S 14:32 0:00 /usr/local/apache2/bin/httpd -k start
apache 27116 0.0 0.1 4120 1648 ? S 14:32 0:00 /usr/local/apache2/bin/httpd -k start
apache 27117 0.0 0.1 4108 1648 ? S 14:32 0:00 /usr/local/apache2/bin/httpd -k start
apache 27118 0.0 0.1 4108 1300 ? S 14:32 0:00 /usr/local/apache2/bin/httpd -k start
apache 27119 0.0 0.1 4108 1300 ? S 14:32 0:00 /usr/local/apache2/bin/httpd -k start

-- now you have a running Apache server version 2.2

Installing MySQL

We'll do the RPM way of installing this one.

1. First you have to know what version of CentOS you have and what platform are you working in with.
- to know what platform are you working with issue the command

uname -i ; this will display or echo the platfrom in my case its i386

- to know what OS version are you running with open this file or just do cat

cat /etc/redhat-release ; this will display the OS version in my case it's CentOS release 4.7 (Final)

2. Since we're running i386 platform and version 4.x CentOS we'll download the necessary MySQL rpm packages suitable to this platfrom. In this case it is x86 or Red Hat Enterprise Linux 4 RPM (x86) downloads. Here are the things we need.

- MySQL-server-community-5.1.30-0.rhel4.i386.rpm
- MySQL-client-community-5.1.30-0.rhel4.i386.rpm
- MySQL-devel-community-5.1.30-0.rhel4.i386.rpm
- MySQL-shared-community-5.1.30-0.rhel4.i386.rpm

- so let's download them

wget http://(Mirror-linkname)/(rpmpackagename)

3. Once all neede packages are downloaded we can now install them. Issue the following command

- to install each of the packages issue this

rpm -ivh (packagename)

Ex. rpm -ivh MySQL-server-community-5.1.30-0.rhel4.i386.rpm

4. Then ensure that mysql service can start at boot.

/sbin/chkconfig --list|grep mysql

- you should see this

mysql 0:off 1:off 2:on 3:on 4:on 5:on 6:off

- if it is not then make sure it runs / start on run level 345

/sbin/chkconfig --level 345 mysql on

5. Start MySQL service

/sbin/service mysql start

6. By default MySQL root has no password so just set its password say by installing first phpMyAdmin then reset password there or just go using the mysqladmin or mysql console command to reset password.

-- Now you have a running MySQL server version 5.1.x

Installation of PHP

Before we proceed on installing PHP we need the following to be installed first. These packages are known and commonly used on web development such as XML, web service and others

- curl (compile from source or you can do yum)
- curl-devel (if you did yum on curl)
- zlib (compile from source or do yum)
- libxml2 (compile from source or do yum)
- libxml2-devel (if you did yum on libxml2)
- openssl (you can do yum on this one)
- libpng (do yum here)
- libpng-devel (do yum here)
- gd (do yum)
- gd-devel (do yum)

Once all of these package are installed we can proceed on php installation.

1. Get the latest PHP packages from php.net

2. Goto /usr/src

3. Extract it there

4. cd php-5.x/

5. then issue this

./configure --with-mysql --enable-soap --with-apxs2=/usr/local/apache2/bin/apxs --enable-ftp --with-curl --with-curlwrappers --with-zlib --with-gettext --with-gd

make

make install

6. You now have installed PHP 5.x

7. There are things to verify to make PHP5 really running. How? Create you phpinfo.

8. If phpinfo is not displaying any content at all then there must have any problem on the httpd configuration. Here are the things that you should ensure to have on you httpd.conf

LoadModule php5_module modules/libphp5.so ; by default this is placed by PHP installer

DirectoryIndex index.php index.html


AddType application/x-httpd-php .php

AddHandler php5-script .php

AddType text/html .shtml .php

9. Save your changes on the httpd.conf and restart apache.

10. Check again your phpinfo it should display the current PHP and apache settings.

11. By the way sometimes php.ini is not set up so just copy the php.ini to the configuration path check phpinfo for the right path

- on phpinfo you will see

Configuration File (php.ini) Path /usr/local/lib

- copy the recommended php.ini settings

cp /usr/src/php-5.X/php.ini-recommended /usr/local/lib/php.ini

-by the way you should always restart your Apache service after saving any changes you applied on php.ini.

=== Now you have the latest LAMP running.

Hope you find these useful. Thanks, Cheers and God Bless!!!

Local Channel in Asterisk

Local channel in asterisk is usually use to connect two or more call legs. It is usually done via Manager API, AGI or thru a call file dumped on /var/spool/asterisk/outgoing/

If you're going to call Local channel and want to monitor its call durations use the '/n' flag.

Here it is

Local/extension@context[/n]

Here is an example, a snippet of a script

fputs($socket, "Channel: Local/1$number@wakeout/n\r\n");
fputs($socket, "Context: wakeout\r\n");
fputs($socket, "Exten: waketest\r\n");
fputs($socket, "Priority: 1\r\n");

This is important most especially for billing purposes.

Hope you find this helpful. Thanks, CHeers and God Bless!!!

Resolve False Hangup Detection on TDM400 on Asterisk

One of the issue I have encountered on digium card specifically TDM is the hangup detection. Some indications that you have this problem are: 1.) Random hangups 2.) Incoming calls still get through even if the outside caller has already hangup. Here are the possible solutions that can be done with it.

Set the following entries on your chan_dahdi.conf (that is if it is dahdi if not it is zapata.conf)

; first is the polarity switching
; most of the countries supports polarity reversal whenever answer or hangup happens

hanguponpolarityswitch = yes
answeronpolarityswitch = yes

;detect busy
busydetect = yes
;count the busy tones
busycount = 6
;set call progess works in mine
callprogress = yes
; set progress zone
progzone=ph ; in my case it's Philippines

After that you have to restart Asterisk for the changes to take effect. Then test the result.

I do hope you find these helpful. Thanks, Cheers and God Bless!!!!

Basics Sometimes are forgotten (Fixing few Windows issue)

I was really upset when I found my workstation not booting up. I just learned that my workstation got a virus. It was infected when I plug my USB drive. The worst is I don't have any anti-virus on my workstation. By the way the workstation that I have at the office is Windows based. Then I don't have any idea what to do next since my workstation does not resume or load the login window. A co-worker of mine told me of this basics. He told me that I can load back or boot my windows workstation on the last working configuration. Hmmmm I didn't know that. So here was what he suggested me to do.

1. Reboot / reset the windows machine
2. Upon boot press repeatedly the F8 to go to the advance windows menu configuration
3. Select "Last Working Configuration"
4. Then you're done...

But if ever you have to repair the windows OS then you have to use an installation CD to fix your problem.

1. Reset your machine
2. Upon booting press repeatedly the delete button to goto the BIOS settings
3. Select to boot first on the CD-ROM
4. Then there you go ...

Hope you find this helpful. Cheers and God Bless!!!!

Protecting Your Linux Systems

ALthough Linux is said to be a very secured OS. It is still highly recommended to install applications that will enhance its security and integrity. There are many kinds of threats out there that could really trip up a system. To name few are virus, rootkits, brute force attack and etc.

Here are some softwares that you can install on your Linux system and few of them are must to have.

- Netfilter's IPTables (firewall) ; of course you should enable it and set your rules
- fail2ban ; need this if ever there are ports / services that will be openned to the public say ssh
- chkrootkit ; this one is like a check up of the Linux files integrity
- clamav (optional) - this one is an anti virus but actually Linux sometimes does not require it

Ok those are just few that I know you can have on your system.

Hope you find this brief discussion helpful. Cheers and God Bless!!!

Asterisk DTMF Issue Fixed

One of the issues that is known with Asterisk is the reliability on how it handles DTMF. By the way what is DTMF. DTMF in layman's term is touch tone. This are the digits being dialed. We usually encounter this when we call a customer service where we're asked to dial a certain option. Say "Press 1 for sales .....".

One problem that I encountered on this was how poorly the Asterisk server accepts DTMF or send DTMF. Actually this is not an Asterisk issue but the way how the Asterisk is configured.

Is there a resolution to it? Well, there is.

Here's are some notes and how.

There are 4 modes where asterisk can handle DTMF. We have rfc2833, info, inband and auto. Among these modes, based on majority suggestions out there, it is recommended to use RFC2833.RFC2833 is said to work perfectly with asterisk. By the way RFC2833 is an out-of-band DTMF mode.

To set Asterisk to use RFC2833 then set on the configuration files (sip.conf, iax.conf and chan_dahdi (I am not sure here...)) and look for this option.

dtmfmode=(mode)

Set it to:

dtmfmode = rfc2833
rfc2833compensate = yes
relaxdmtf = no ; should be no because setting it to yes cause talkoff

then reload the module say 'sip reload'

Another suggestion is to use:

dtmfmode=auto

Here Asterisk will use RFC2833 first as its default way of relaying DMTF. If the remote side does not suppor it, then it will switch to Inband mode. But a note on this. If you plan to use this mode, make sure that you are only using ulaw codec as the Inband mode is very problematic on non ulaw codec.

Personally I recommend just using the RFC2833 as your mode for DTMF handling because it is proven to work perfectly and reliably on Asterisk. It is your choice to use auto also.

Hope this discussion will be helpful. Cheers and God Bless!!!!

PHP Native Session Handling

#native php session handling


// initializes session handling in php
session_start();

// assign and set session variables
$_SESSION['varname'] = 'value';

// unset a certain variable
unset($_SESSION['varname']);

// free all session variables
session_unset();

// terminate or kill session handling
session_destroy();

Asterisk Installation

Asterisk is known to be the leading open source IP PBX. It has been the best choice alternative to expensive and proprietary

type of PBX server. What's nice about Asterisk is that it is open source and it is free!!! When we say open source this

software has been made by collaborating ideas of different developers around the globe. So expect the cool stuff that can be

done with it. The other nice thing about it, is that it is customizable, flexible and cross platform.

Asterisk can be obtained from various sources. You can have it in a installable CD (ISO) or you could have it from other

communities out there who have developed friendly UI where you could tweak the server easily. If I were to ask I would prefer

to have it from source. Why? Cause templated Asterisk though user friendly can't be extended the way you wish it.

So let us have the Asterisk (raw) and install it on Linux (preferably CentOS).

Before you can compile Asterisk you need the following stuffs on Linux.

Linux Requirements

GCC 3.x
ncurses-devel
libtermcap-devel
Kernel Development Headers
Kernel Development Headers (SMP)
GCC C++ 3.x
bison
OpenSSL (optional)
newt-devel (optional)
zlib-devel (optional)
libtool (optional; recommended)
GNU make (version 3.80 or higher)
libnewt

Here is how we can have them

Install command

yum install -y gcc
yum install -y ncurses-devel
yum install -y libtermcap-devel
yum install -y kernel-devel
yum install -y kernel-smp-devel
yum install -y gcc-c++
yum install -y bison
yum install -y openssl-devel
yum install -y newt-devel
yum install -y zlib-devel
yum install -y libtool
yum install -y make
yum install -y libnewt

Once done we can get the sources from asterisk.org using wget.

# wget http://downloads.digium.com/pub/libpri/releases/libpri(version)tar.gz
# wget http://downloads.digium.com/pub/libpri/releases/dahdi-linux(version)tar.gz
# wget http://downloads.digium.com/pub/libpri/releases/dahdi-tools(version)tar.gz
# wget http://downloads.digium.com/pub/libpri/releases/asterisk(version)tar.gz
# wget http://downloads.digium.com/pub/libpri/releases/asterisk-addons(version)tar.gz

then extract each of the packages

# tar xvzf (packagename)

then compile each packages

for libri and dahdi-linux

# make
# make install

for dahdi-tools

# ./configure
# make
# make install
# make config

for asterisk

# ./configure
# make menuselect ;this is optional but when run just save the default settings, in my case I used to issue it to check out the different options available
# make
# make install
# make samples
# make config

for asterisk-addons (this is important if you want to have some applications like DB, WakeUp Call, streaming audio/video)
# ./configure
# make
# make install
# make samples

To start asterisk the first time (for debugging purposes)

/usr/sbin/asterisk -vvvvgc

If you did not receive any errors stop asterisk and then start asterisk the normal way

/sbin/service asterisk start

to enter the asterisk console issue this command

for root

asterisk -r

for non-root

/usr/sbin/asterisk -r

Now you have a running Asterisk IP PBX

Note: If you want to recompile asterisk say you want to upgrade then recompile asterisk-addons after that as well because sometimes a recompiled asterisk will not load the asterisk-addons module.

BTW there are also other addons / extensions available out there that works with Asterisk like the app_conference (an alternative for MeetMe, capable for doing video conferencing), app_mp4 from sip.fontventa (for recording mp4 video)


Hope you find these helpful. Thanks, Cheers and God Bless!!!!