Fixin’ issues one ticket at a time!
Clayton
This user hasn't shared any biographical information
Posts by Clayton
VPN via the TUN/TAP device
Aug 13th
I had a client contact me earlier this morning because one of their clients was receiving the following error on their VPS when trying to run OpenVPN.
Note: Cannot open TUN/TAP dev /dev/net/tun: Permission denied (errno=13) Note: Attempting fallback to kernel 2.2 TUN/TAP interface Cannot open TUN/TAP dev /dev/tun0: No such file or directory (errno=2)
I’ve never run into this issue before, but was able to find an awesome tutorial on the OpenVZ website.
First, make sure the tun module has been already loaded on the hardware node:
# lsmod | grep tun
If it is not there, use the following command to load tun module:
# modprobe tun
To make sure that tun module will be automatically loaded on every reboot you can also add it or into /etc/modules.conf (on RHEL see /etc/sysconfig/modules/ directory) or into /etc/sysconfig/vz-scripts/VEID.mount. (echo ‘modprobe tun’ >> /etc/sysconfig/vz-scripts/VEID.mount)
Allow your container to use the tun/tap device by running the following commands on the host node:
vzctl set VEID --devices c:10:200:rw --save vzctl set VEID --capability net_admin:on --save
And create the character device file inside the container (execute the following on the host node):
vzctl exec VEID mkdir -p /dev/net vzctl exec VEID mknod /dev/net/tun c 10 200 vzctl exec VEID chmod 600 /dev/net/tun
Enter cat /dev/net/tun to test whether the TUN/TAP device is available:
- If you receive the message cat: /dev/net/tun: File descriptor in bad state your TUN/TAP device is ready for use.
- If you receive the message cat: /dev/net/tun: No such device the TUN/TAP device was not successfully created.
Enable NAT module for VPS can’t initialize iptables table `nat’: Table does not exist
Aug 10th
I was getting the following error in a container on one of my nodes.
[root@server1 ~]# iptables -t nat -F
iptables v1.3.5: can’t initialize iptables table `nat’: Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.[root@server1 ~]# iptables -t nat -nvL
iptables v1.3.5: can’t initialize iptables table `nat’: Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
You can fix this by using the following commands.
[root@yoshi ~]# vzctl stop 150
[root@yoshi ~]# vzctl set 150 –iptables “iptable_nat iptable_filter iptable_mangle ip_conntrack ipt_conntrack ipt_REDIRECT ipt_REJECT ipt_multiport ipt_helper ipt_LOG ipt_state” –save
Saved parameters for VE 150
[root@yoshi ~]# vzctl restart 150
[root@yoshi ~]# vzctl enter 150
[root@server1 ~]# iptables -t nat -nvL
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destinationChain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destinationChain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
cPHulk Brute Force Detection
Jul 28th
Ever run into issues with typing in your root password, or forgot what you set it to, then got locked out of WHM? Well, here’s a quick and easy way to get your access back when receiving this error message.
This account is currently locked out because a brute force attempt was detected. Please wait 10 minutes and try again. Attempting to login again will only increase this delay. If you frequently experience this problem, we recommend having your username changed to something less generic.
Run the following as root in SSH.
mysql cphulkd mysql> delete from brutes; mysql> delete from logins;
A few OpenVZ commands
Feb 28th
Below are the commonly used OpenVZ commands, which are run from the main node.
vzlist -a
Shows list of all the VPS’s hosted on the Node.
vzctl start VEID
To start the VPS
vzctl stop VEID
To stop (Shut Down) the VPS
vzctl status VEID
To view the status of the particular VPS
vzctl stop VEID –fast
To stop the VPS quickly and forcefully
vzctl enter VEID
To enter in a particular VPS
vzctl set VEID –hostname vps.domain.com –save
To set the Hostname of a VPS
vzctl set VEID –ipadd 1.2.3.4 –save
To add a new IP to the hosting VPS
vzctl set VEID –ipdel 1.2.3.4 –save
To delete the IP from VPS
vzctl set VEID –userpasswd root:new_password –save
To reset root password of a VPS
vzctl set VEID –nameserver 1.2.3.4 –save
To add the nameserver IP’s to the VPS
vzctl exec VEID command
To run any command on a VPS from Node
vzyum VEID install package_name
To install any package/Software on a VPS from Node
**VEID refers to the ID of the Particular VPS**
cPanel 11.25.0 Stable released
Feb 18th
Taken from cPanel’s news bulletin.
As you know, 11.25 has added a host of new features and functionality to cPanel & WHM. Tonight, 11.25 makes it to our STABLE builds. We will have additional technical staff on hand for the next few days to ensure the transition goes as smoothly as possible.
As always, should you need anything, the entire cPanel staff is here to help!
There have been some enhancements to the methods that cPanel uses to process log files that may result in undesired behavior with some system configurations.
Graceful Restarts:
If you are experiencing a high volume of graceful restarts in Apache due to log file rotation you may want to enable the Piped Log feature as follows:
* You must have root access to enable this feature.
* You must be running Apache 2.0 or later to enable this feature (not supported for Apache 1.x)
* Only available on 11.25.0 and later.
1. Login to WHM
2. Click /Service Configuration/
3. Click /Apache Configuration/
4. Click /Piped Log Configuration/
5. Check the box labeled /Enable piped Apache logs/
6. Click the Save button
This will cause your Apache configuration file to be rebuilt and Apache to be restarted.
More complete information about Piped Log can be viewed here:
http://forums.cpanel.net/f5/cpanel-11-25-log-processing-145417.html
An additional requirement for our enhanced log file processing is a larger disk space requirement inside of the /var partition. Upon upgrading to 11.25.0 if cPanel detects that your /var partition is too small it will disable bandwidth stats processing until the space requirement is remedied. If there is inadequate space in /var, notification is set to the level 1 notification targets as specified in WHM’s Contact Manager.
To re-enable:
1. Symlink /var/cpanel/bandwidth to a partition with sufficient space
2. Remove the file /etc/rrdtooldisable
3. Re-run upcp
Customers who need assistance with the update may contact cPanel support for assistance via
https://tickets.cpanel.net/submit/index.cgi?step=2&reqtype=tickets&product=cpwhm
/var/log/omgitsanupdate
Feb 8th
No…that’s not really a log file…yes I did update the site. As you may notice there is now a /var/ link in the navigation, which lists files and folders in this directory along with some descriptions. More files and explanations will come with future updates 
Long hiatus…
Jan 26th
I apologize to all of my readers, as I’ve realized that I slacked off quite a bit on keeping this blog updated…well that’s going to change. As you can see the ugly dark design is gone, and has been replaced with a cleaner design. I’m also in the process of updating the ‘About’ and ‘cPanel Introduction’ pages, both of which need work especially the cPanel page, since it’s a complete mess and a pain to navigate. Be sure to check back for these changes in the next few days!
Backup/Restore a cPanel Account
Dec 29th
Previous Post: WHM Scripts
Now we’re going to start looking into some of those SSH commands. Today we’ll be going over the commands pkgacct and restorepkg.
Backing up and restoring cPanel account’s is, in my opinion, faster by using the command line as you don’t have to wait for a sometimes sluggish web interface to load.
Let’s get started then, shall we? More >
WHM Scripts
Dec 20th
Did you know that if you have cPanel/WHM on your server, you also have a bunch of serverside commands that you can use? These are good for advanced users, or the people who prefer to manage their servers in a hurry via the command line rather than waiting for a web interface to load.
Nearly everything that you can do in the WHM backend can be performed via command line. These scripts are located in your server’s /scripts/ directory. Only use scripts that have been verified by cPanel, or that you know yourself are safe as an unsafe script may damage your server.
Long list of scripts after the break… More >
Installing RKHunter
Dec 11th
Be honest, how much have you considered server security in the past? In this day and age, it’s not something that should be taken lightly. Today I’ll be teaching you how to install RKHunter. RKHunter (ie: Rootkit Hunter) is a nifty little script that runs via cron daily that checks your server for the most obvious rootkits that might have been placed there by somebody with some kind of malicious intent.