Howto's and FAQ's

Establish a VPN connection between Sonicwall and Linux


Sonicwall provides client software to establish a VPN connection between their VPN routers and Windows. Unfortunately a Linux client is not available on their website. The IPSEC implementation for Linux, Openswan, is the solution. First configure your Sonicwall. (This example is based on a Sonicwall TZ170 and TZ190)


Apache URL Rewriting

Apache mod_rewrite is a functional, flexible module to rewrite URL's on the fly. You can use it to create fancy, SEO friendly URL's, create redirect pages and prevent hotlinking. Understanding of regular expressions is recommended as mod_rewrite makes use of them.

High available DNS with PowerDNS and MySQL

PowerDNS is an advanced high performance authoritative nameserver and can work with several backends. We will setup PowerDNS on two servers both will read the DNS records from a MySQL database replicated backend. As MySQL will do the replication, PowerDNS doesn't need zone transfers. To setup MySQL replication please read this article published in the MySQL section of this website. Make sure MySQL is setup to use the InnoDB storage engine. To install PowerDNS from the EPEL repository. If you haven't setup the EPEL repository follow the instructions explained on their website.

Block or redirect using mod_geoip


Installing mod_geoip allows you to block or redirect traffic based on the geografical location of the client using the IP-address of the client. mod_geoip for CentOS is available at the EPEL repository. If you haven't setup the EPEL repository follow the instructions explained on their website. I asume you allready installed Apache. Download and install mod_geoip, GeoIP and the related libraries:


Force strong passwords


On a Linux machine users normaly can change the password of their own account. A lot of users use weak passwords and their password might be cracked with a dictionary-, or brute-force attack. The PAM module will perform a number of checks on the new password. For example, the new password may not match the old password, the new password may not be the old password reversed neither the same password but in different case. Weak passwords are not allowed. (These check are also done by the module pam_unix if set to obscure.)




Some faced the fact that they accidentally deleted a file using the command rm. Standard rm doesn't ask for confirmation, for forcing confirmation must be called with the option -i to run interactive. You can use an alias for rm to by adding:

Page 6 of 9


You are here: Home Howtos and FAQs