Tag: ubuntu

Install Apache Tomcat 8 on Ubuntu 16.04

Install Java

Create Tomcat User

sudo groupadd tomcat
sudo useradd -s /bin/false -g tomcat -d /opt/tomcat tomcat

Install Tomcat

sudo mkdir /opt/tomcat
wget http://apache.mirrors.ionfish.org/tomcat/tomcat-8/v8.5.5/bin/apache-tomcat-8.5.5.tar.gz

Update Permissions

cd /opt/tomcat
sudo chgrp -R tomcat /opt/tomcat
sudo chmod -R g+r conf
sudo chmod g+x conf
sudo chown -R tomcat webapps/ work/ temp/ logs/

Create a systemd Service File

sudo update-java-alternatives -l
Output
java-1.8.0-openjdk-amd64       1081       /usr/lib/jvm/java-1.8.0-openjdk-amd64
sudo nano /etc/systemd/system/tomcat.service
[Unit]
Description=Apache Tomcat Web Application Container
After=network.target

[Service]
Type=forking

Environment=JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-amd64/jre
Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid
Environment=CATALINA_HOME=/opt/tomcat
Environment=CATALINA_BASE=/opt/tomcat
Environment='CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC'
Environment='JAVA_OPTS=-Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom'

ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh

User=tomcat
Group=tomcat
UMask=0007
RestartSec=10
Restart=always

[Install]
WantedBy=multi-user.target
sudo systemctl daemon-reload
sudo systemctl start tomcat
sudo systemctl status tomcat

Configure Tomcat Web Management Interface

sudo nano /opt/tomcat/conf/tomcat-users.xml
<tomcat-users . . .>
    <user username="admin" password="password" roles="manager-gui,admin-gui"/>
</tomcat-users>

For the Manager app, type:

sudo nano /opt/tomcat/webapps/manager/META-INF/context.xml

For the Host Manager app, type:

sudo nano /opt/tomcat/webapps/host-manager/META-INF/context.xml
<Context antiResourceLocking="false" privileged="true" >
  <!--<Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />-->
</Context>
sudo systemctl restart tomcat

Access the Web Interface

http://server_domain_or_IP:8080

References
https://www.digitalocean.com/community/tutorials/how-to-install-apache-tomcat-8-on-ubuntu-16-04

Install RabbitMQ on Ubuntu 16.04

Adding repository entry

wget https://packages.erlang-solutions.com/erlang-solutions_1.0_all.deb
sudo dpkg -i erlang-solutions_1.0_all.deb

Installing Erlang

sudo apt-get update
sudo apt-get install erlang

Install RabbitMQ

echo "deb https://dl.bintray.com/rabbitmq/debian xenial main" | sudo tee /etc/apt/sources.list.d/bintray.rabbitmq.list
wget -O- https://dl.bintray.com/rabbitmq/Keys/rabbitmq-release-signing-key.asc |
     sudo apt-key add -
wget -O- https://www.rabbitmq.com/rabbitmq-release-signing-key.asc | sudo apt-key add -
sudo apt-get update
sudo apt-get install rabbitmq-server

References
https://packages.erlang-solutions.com/erlang/#tabs-debian
https://www.rabbitmq.com/install-debian.html

Setup PPTP Server on Ubuntu 16.04

apt-get install pptpd
nano /etc/pptpd.conf
localip 10.0.0.1
remoteip 10.0.0.100-200

Setup authentication
adding users and passwords. Simply add them to /etc/ppp/chap-secrets

nano /etc/ppp/chap-secrets

Add DNS Servers

nano /etc/ppp/pptpd-options
ms-dns 8.8.8.8
ms-dns 8.8.4.4
service pptpd restart

Setup Forwarding

nano /etc/sysctl.conf
net.ipv4.ip_forward = 1
sysctl -p

Create a NAT rule for iptables

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Preserving Iptables Rules
https://pupli.net/2017/12/22/set-up-openconnect-vpn-server-ocserv-on-ubuntu-16-04-17-10-with-lets-encrypt

References
https://www.digitalocean.com/community/tutorials/how-to-setup-your-own-vpn-with-pptp

How to setup a Socks5 Proxy server on Ubuntu 16.04 with Dante

nano /etc/danted.conf
# /etc/danted.conf

logoutput: syslog
user.privileged: root
user.unprivileged: nobody

# The listening network interface or address.
internal: 0.0.0.0 port=1080

# The proxying network interface or address.
external: eth0

# socks-rules determine what is proxied through the external interface.
# The default of "none" permits anonymous access.
socksmethod: username

# client-rules determine who can connect to the internal interface.
# The default of "none" permits anonymous access.
clientmethod: none

client pass {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        log: connect disconnect error
}

socks pass {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        log: connect disconnect error
}

References
http://www.binarytides.com/setup-dante-socks5-server-on-ubuntu/

Hide OpenVPN traffic using Obfsproxy on Ubuntu16.04

sudo pip install obfsproxy
obfsproxy --log-min-severity=info obfs2 --dest=127.0.0.1:1194 --shared-secret=<some-random-key> server 0.0.0.0:8080

References
https://www.comparitech.com/blog/vpn-privacy/hide-openvpn-traffic-obfsproxy-on-windows-and-linux-ec2/
https://community.openvpn.net/openvpn/wiki/TrafficObfuscation
https://sourceforge.net/p/openvpn/mailman/message/28851866/
https://dlshad.net/bypassing-censorship-by-using-obfsproxy-and-openvpn-ssh-tunnel/

How To List and Delete Iptables Firewall Rules on Ubuntu 16.04

List Rules by Specification

sudo iptables -S

List Rules as Tables

sudo iptables -L

Delete Rule by Specification

sudo iptables -D INPUT -m conntrack --ctstate INVALID -j DROP

Delete Rule by Chain and Number

sudo iptables -L --line-numbers
sudo iptables -D INPUT 3

Flush All Rules, Delete All Chains, and Accept All
Note: This will effectively disable your firewall. You should only follow this section if you want to start over the configuration of your firewall.

sudo iptables -P INPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -P OUTPUT ACCEPT
sudo iptables -t nat -F
sudo iptables -t mangle -F
sudo iptables -F
sudo iptables -X

References
https://www.digitalocean.com/community/tutorials/how-to-list-and-delete-iptables-firewall-rules