Home

rman

Introduction
The standard procedure to restore the database, when using the same db name on the same server,
rman target sys/PASSWORD@dbname catalog cat/PASSWORD@rcat
startup mount;
restore database;
recover database;
alter database open;
exit
but here we're proceeding from scratch. The procedure below can also be applied on another server. Of course we're assuming your backup strategy includes everything : datafiles, controlfile, spfile and archivelogs. Check with,
list backup summary;
list backup of database;
list backup of controlfile;
list backup of archivelog all;
 
 
Restore everything from scratch
Prepare the dirs,
export ORACLE_SID=dbname
cd $ORACLE_BASE/admin
mkdir $ORACLE_SID
cd $ORACLE_SID
mkdir adump bdump cdump dpdump pfile scripts udump
cd /u02/oradata
mkdir $ORACLE_SID
chmod 750 $ORACLE_SID
cd /usr/local/oracle
mkdir $ORACLE_SID
chmod 750 $ORACLE_SID
 
Add dbname to oratab,
vi /etc/oratab
 
Spfile
Restore the spfile first and restart nomount with it,
. oraenv
rman target / catalog cat/PASSWORD@rcat
startup nomount
note. expecting a ORA-01078 at first startup try but rman starts the instance anyway
restore spfile;
shutdown immediate
startup nomount
 
Database
restore database;
Note. other possible syntaxes,
#restore archivelog from tag=TAG20100205T162010;
#restore archivelog scn between 214483 and 214488;
 
Control file
Then the control file,
restore controlfile;
alter database mount;
Note. other possible syntaxes,
#restore controlfile from '/u03/backup/ctl_CHECK1_709394097_6_1';
 
Archivelogs
Eventually copy the latest archivelogs, namely those written since the backup, to the recovery area.
list backup of archivelog all;
restore archivelog sequence 27;
restore archivelog sequence 28;
restore archivelog sequence 29;
#restore archivelog from logseq=568 until logseq=582;
#restore archivelog all;
 
Recover
Now the critical step. Check your incarnation,
list incarnation of database;
check what last SCN and TAG you can get from the backups,
list backup;
 
Method 1/ recover from last tag,
recover database from tag="..." validate;
recover database from tag="...";
alter database open XXXXXX
list incarnation of database;
 
Method 2/ quit rman and proceed with sqlplus,
. oraenv
sqlplus / as sysdba
recover database until cancel using backup controlfile;
CANCEL
alter database open;
exit
rman target / catalog cat/PASSWORD@rcat
list incarnation of database;
 
Method 3/ skip the archive logs,
recover database noredo;
alter database open resetlogs;
list incarnation of database;
 
Note. other possible syntaxes,
#list incarnation of database dbname;
Note. to revert to a previous incarnation,
#reset database to incarnation 1;
 
Add dbname to the listener and tnsnames,
vi $ORACLE_HOME/network/admin/listener.ora
vi $ORACLE_HOME/network/admin/tnsnames.ora
 
 
Renaming the database in the process
Pfile
Changing the dbname and path,
sqlplus / as sysdba
create pfile from spfile;
exit
cd $ORACLE_HOME/dbs
rm -f spfiledbname3.ora
vi initdbname3.ora
then,
remove the first lines
:%s/dbname/dbname3/g
 
Database
Look for datafile IDs,
list backup of database;
add the rman statements to relocate the datafiles,
run {
set newname for datafile 1 to '/u02/oradata/dbname3/system01.dbf';
set newname for datafile 2 to '/u02/oradata/dbname3/undotbs01.dbf';
set newname for datafile 3 to '/u02/oradata/dbname3/sysaux01.dbf';
set newname for datafile 4 to '/u02/oradata/dbname3/users01.dbf';
set newname for datafile 5 to '/u02/oradata/dbname3/tsname.dbf';
restore database;
}
 
Control file
On srv1,
sqlplus / as sysdba
alter database backup controlfile to trace;
exit
cd $ORACLE_BASE/admin/dbname/udump
ls -ltr
scp dbname_ora_12161.trc srv2:~/
note. controlfile needs to be mounted to operate a backup to trace
 
On srv2,
cp dbname_ora_12161.trc dbname_ora_12161.trc.dist
vi dbname_ora_12161.trc
set#2
sed '
s/DBNAME/DBNAME3/g;
s/dbname/dbname3/g;
s/REUSE DATABASE/set database/g;
' dbname_ora_12161.trc > trace.sql
 
Recover
Now that the datafiles are there, copy/paste from the tracefile,
cd ~/
less trace.sql
and on some other windows,
sqlplus / as sysdba
create ...;
note. mounts the db
recover database using backup controlfile until cancel;
alter database enable block change tracking
using file '/u02/oradata/tracking/dbname3.track';
note. no "reuse"
alter database open resetlogs;
alter tablespace temp add tempfile...;
alter tablespace tsnametmp add tempfile...;

12.12.2016. 11:08

iptables

# CZYSZCZENIE STARYCH REGUŁ
iptables -F
iptables -X
iptables -F -t nat
iptables -X -t nat
iptables -F -t filter
iptables -X -t filter

# USTAWIENIE POLITYKI DZIAŁANIA
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
iptables -A INPUT -i lo -j ACCEPT
######
#iptables -A INPUT -i eth1 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
######
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p icmp --icmp-type echo-request -j REJECT --reject-with icmp-host-unreachable

# OCHRONA PRZED SKANOWANIEM ACK SCAN
iptables -A INPUT -m conntrack --ctstate NEW -p tcp --tcp-flags SYN,RST,ACK,FIN,URG,PSH ACK -j LOG --log-prefix "ACK scan: "
iptables -A INPUT -m conntrack --ctstate NEW -p tcp --tcp-flags SYN,RST,ACK,FIN,URG,PSH ACK -j DROP # Metoda ACK (nmap -sA)

#OCHRONA PRZED SKANOWANIEM FIN SCAN
iptables -A INPUT -m conntrack --ctstate NEW -p tcp --tcp-flags SYN,RST,ACK,FIN,URG,PSH FIN -j LOG --log-prefix "FIN scan: "
iptables -A INPUT -m conntrack --ctstate NEW -p tcp --tcp-flags SYN,RST,ACK,FIN,URG,PSH FIN -j DROP # Skanowanie FIN (nmap -sF)

#OCHRONA PRZED SKANOWANIEM XMAS TREE SCAN
iptables -A INPUT -m conntrack --ctstate NEW -p tcp --tcp-flags SYN,RST,ACK,FIN,URG,PSH PSH -j LOG --log-prefix "Xmas scan: "
iptables -A INPUT -m conntrack --ctstate NEW -p tcp --tcp-flags SYN,RST,ACK,FIN,URG,PSH FIN,URG,PSH -j DROP # Metoda Xmas Tree (nmap -sX)

#OCHRONA PRZED SKANOWANIEM NULL SCAN
iptables -A INPUT -m conntrack --ctstate INVALID -p tcp ! --tcp-flags SYN,RST,ACK,FIN,PSH,URG SYN,RST,ACK,FIN,PSH,URG -j LOG --log-prefix "Null scan: "

#OCHRONA PRZED ATAKIEM Dos
iptables -A INPUT -m conntrack --ctstate INVALID -p tcp ! --tcp-flags SYN,RST,ACK,FIN,PSH,URG SYN,RST
iptables -N syn-flood
iptables -A INPUT -p tcp --syn -j syn-flood
iptables -A syn-flood -m limit --limit 1/s --limit-burst 4 -j RETURN
iptables -A syn-flood -m limit --limit 1/s --limit-burst 4 -j LOG --log-prefix "SYN-flood: "
iptables -A syn-flood -j DROP

# OCHRONA PRZED ATAKIEM PING OF DEATH
iptables -A INPUT -p icmp --icmp-type echo-request -m limit --limit 1/s -j LOG --log-prefix "Ping: "
iptables -A INPUT -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT # Ping of death

# ZABLOKOWANIE PINGOWANIA
iptables -A INPUT -p icmp --icmp-type echo-request -j REJECT --reject-with icmp-host-unreachable

# ODBLOKOWANIE SSH
iptables -A OUTPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT

#ZAPIS DO LOGA ODRZUCONYCH PAKIETÓW PRZYCHODZĄCYCH W KATALOGU var/log/messages
iptables -N LOGGING
iptables -A INPUT -j LOGGING
iptables -A LOGGING -m limit --limit 2/min -j LOG --log-prefix "IPTables-Dropped: " --log-level 4
iptables -A LOGGING -j DROP





04.04.2016. 16:08

quadro copter





25.11.2015. 13:47

Firefox SSL cert


Re-enabling SSL 3.0 support

W starym firefox:
security.ssl3.rsa_camellia_256_sha;true
security.tls.version.min;0
security.tls.version.fallback-limit;0

Nowy:
security.tls.insecure_fallback_hosts < podajemy ip
services.sync.prefs.sync.security.tls.version.min = FALSE
security.tls.version.min;0

31.03.2015. 15:07

Huawei E398 & Debian

Huawei E398 & Debian

Dopisujemy na końcu do /lib/udev/rules.d/40-usb_modeswitch.rules

# Huawei E398
ATTRS{idVendor}=="12d1", ATTRS{idProduct}=="1505", RUN+="usb_modeswitch '%b/%k'"

Tworzymy plik /etc/usb_modeswitch.d/12d1:1505 z zawartością

########################################################

# Huawei E398

DefaultVendor= 0x12d1
DefaultProduct=0x1505

TargetVendor=  0x12d1
TargetProduct= 0x1506

CheckSuccess=20

# Standard profile
;MessageEndpoint= 0x0f

MessageContent="55534243123456780000000000000011062000000100000000000000000000"

Restart usługi udev

# service udev restart

Plik w /etc/wvdial.conf

[Dialer Defaults]
Phone = *99#
New PPPD = yes
Modem = /dev/ttyUSB0
Stupid Mode = 1
Dial Command = ATDT

[Dialer LTE]
Init1=AT^SYSCFGEX="03",3FFFFFFF,1,2,7FFFFFFFFFFFFFFF,,

[Dialer pin]
Init1 = AT+CPIN=1111

[Dialer iplus]
Baud=460800
Init2=ATZ
Init3=ATE0V1&D2&C1S0=0+IFC=2,2
Init5=AT+CGDCONT=1,"IP","internet";
ISDN=0
Modem Type = Analog Modem
Username = internet
Password = internet


wvdial pin
screen -S iplus wvdial iplus

26.02.2015. 22:18

ssl_error_illegal_parameter_alert - security.tls

Warning! This will disable some Firefox protection features! This might be risky. In the URL bar, type about:config, accept the warning. Search for "security.tls.version" Change "security.tls.version.min" from 1 to 0 Change "security.tls.version.fallback-limit" from 1 to 0

28.01.2015. 09:12

<< First < Previous[1 9] Next > Last >>