Wednesday, July 24, 2019

Simple Backup Rotate Script

Simple script to delete backup file which is 7 days older than today within the same Month and Year

#!/bin/bash
# Backup Filename : Backup_$(date +"%d-%m-%Y_%H%M%S").tar.bz2
set $(date +"%m %Y");
# Exec
/usr/bin/find /var/backup -type f -name 'Backup_*-'$1'-'$2'_*.tar.bz2' -mtime +7 -exec rm {} \;
# Logging
echo "Rotating Backup at : $( date +"%d-%m-%Y %H:%M:%S" )" | tee -a /var/log/messages

Saturday, July 20, 2019

Replace supervisord with pm2 to run node or apps

    

This is just short information howto replace supervisord with pm2 to run node or apps.

Install pm2 :

# npm install pm2 -g

# su appadm


Previous supervisord config :

$ cat /etc/supervisor/conf.d/apps-fe.conf

[program:apps-fe]

directory=/home/appadm/apps/apps-frontend/

command=npm run start

autostart=true

autorestart=true

startretries=30

user=appadm

stderr_logfile=/var/log/apps-fe.log


$ cat /etc/supervisor/conf.d/apps-be.conf

[program:apps-be]

directory=/home/appadm/apps/apps-backend/

command=npm run start

autostart=true

autorestart=true

startretries=30

user=appadm

stderr_logfile=/var/log/apps-be.log


Run with least privilege :

# su appadm

$ whoami

appadm

$ cd /home/appadm/apps/apps-frontend/

$ pm2 start --name=apps-fe npm -- start

[PM2] Starting /usr/local/bin/npm in fork_mode (1 instance)

[PM2] Done.

┌─────┬───────────┬─────────────┬─────────┬─────────┬──────────┬────────┬──────┬───────────┬──────────┬──────────┬──────────┬──────────┐

│ id  │ name      │ namespace   │ version │ mode    │ pid      │ uptime │ ↺    │ status    │ cpu      │ mem      │ user     │ watching │

├─────┼───────────┼─────────────┼─────────┼─────────┼──────────┼────────┼──────┼───────────┼──────────┼──────────┼──────────┼──────────┤

│ 0   │ apps-fe   │ default     │ N/A     │ fork    │ 3057481  │ 0s     │ 0    │ online    │ 0%       │ 27.0mb   │ apps… │ disabled │

└─────┴───────────┴─────────────┴─────────┴─────────┴──────────┴────────┴──────┴───────────┴──────────┴──────────┴──────────┴──────────┘

[PM2][WARN] Current process list is not synchronized with saved list. App apps-be differs. Type 'pm2 save' to synchronize.


$ cd /home/appadm/apps/apps-backend/

$ pm2 start --name=apps-be npm -- start

[PM2] Starting /usr/local/bin/npm in fork_mode (1 instance)

[PM2] Done.

┌─────┬───────────┬─────────────┬─────────┬─────────┬──────────┬────────┬──────┬───────────┬──────────┬──────────┬──────────┬──────────┐

│ id  │ name      │ namespace   │ version │ mode    │ pid      │ uptime │ ↺    │ status    │ cpu      │ mem      │ user     │ watching │

├─────┼───────────┼─────────────┼─────────┼─────────┼──────────┼────────┼──────┼───────────┼──────────┼──────────┼──────────┼──────────┤

│ 1   │ apps-be   │ default     │ N/A     │ fork    │ 3057534  │ 0s     │ 0    │ online    │ 0%       │ 20.0mb   │ apps… │ disabled │

│ 0   │ apps-fe   │ default     │ N/A     │ fork    │ 3057481  │ 16s    │ 0    │ online    │ 0%       │ 57.0mb   │ apps… │ disabled │

└─────┴───────────┴─────────────┴─────────┴─────────┴──────────┴────────┴──────┴───────────┴──────────┴──────────┴──────────┴──────────┘

$ pm2 save

[PM2] Saving current process list...

[PM2] Successfully saved in /home/appadm/.pm2/dump.pm2


$ pm2 status

┌─────┬───────────┬─────────────┬─────────┬─────────┬──────────┬────────┬──────┬───────────┬──────────┬──────────┬──────────┬──────────┐

│ id  │ name      │ namespace   │ version │ mode    │ pid      │ uptime │ ↺    │ status    │ cpu      │ mem      │ user     │ watching │

├─────┼───────────┼─────────────┼─────────┼─────────┼──────────┼────────┼──────┼───────────┼──────────┼──────────┼──────────┼──────────┤

│ 1   │ apps-be   │ default     │ N/A     │ fork    │ 3057534  │ 5m     │ 0    │ online    │ 0%       │ 59.9mb   │ apps… │ disabled │

│ 0   │ apps-fe   │ default     │ N/A     │ fork    │ 3057481  │ 6m     │ 0    │ online    │ 0%       │ 58.0mb   │ apps… │ disabled │

└─────┴───────────┴─────────────┴─────────┴─────────┴──────────┴────────┴──────┴───────────┴──────────┴──────────┴──────────┴──────────┘

To restart :

$ pm2 restart 'id'

for example to restart apps-fe :

$ pm2 restart 0


That's it hope it useful.




Tuesday, July 2, 2019

Can not find tid 40006, utid 0 in threat database (Palo Alto Networks)

Today i found warning message during commit at my PAN Next Generation Firewall device, the warning message is :

can not find tid 40006, utid 0 in threat database

This warning message is bothering me, when i try to gather more information, it's find out that the Threat ID 40006 has been removed/disabled officially in PAN OS 9.0.2, while this threat-exception 40006 still being use in my profiles vulnerability, and we can't disable this threat-exception 40006 from web interface.

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClmpCAC

The solution :

Access to PAN device either from telnet or ssh and perform CLI configuration :
1. Edit profiles vulnerability which is using the threat-exception.
2. Delete parameter related to threat-exception 40006.

 This is what i do ( SP8-IN is my profiles vulnerability, adjust this parameter to meet your configuration ) :

rizkymd@PAN3050> configure
Entering configuration mode
[edit]       

rizkymd@PAN3050# edit profiles vulnerability SP8-IN threat-exception 40006
[edit profiles vulnerability SP8-IN threat-exception 40006]       

rizkymd@PAN3050# show
set profiles vulnerability SP8-IN threat-exception 40006 action block-ip
set profiles vulnerability SP8-IN threat-exception 40006 time-attribute interval 30
set profiles vulnerability SP8-IN threat-exception 40006 time-attribute threshold 5
set profiles vulnerability SP8-IN threat-exception 40006 time-attribute track-by source-and-destination

rizkymd@PAN3050# delete action
[edit profiles vulnerability SP8-IN threat-exception 40006]               

rizkymd@PAN3050# delete time-attribute 
[edit profiles vulnerability SP8-IN threat-exception 40006]

rizkymd@PAN3050# show
set profiles vulnerability SP8-IN threat-exception 40006
[edit profiles vulnerability SP8-IN threat-exception 40006] 

rizkymd@PAN3050# commit

Commit job 3365 is in progress. Use Ctrl+C to return to command prompt
...........55%..70%.98%.........100%
Configuration committed successfully




#PALOALTO #NEXTGENERATIONFIREWALL #PANOS #INDONESIA #rizkymd





40 Hadist Seputar Keluarga Samawa (Bagian 3)

 ﷽ Ustadz Yusuf Abu Ubaidah As-Sidawi hafizahullohuta'ala Masjid Al-Aziz  Jl. Soekarno Hatta No. 662 Bandung Hadist 11 : Doa Orangtua Bu...