pfSense Transparent Bridge Firewall + VMware ESXi

You have setup pfSense as a VM via the OVA. Your VM that you want to filter its traffic is on a portgroup on a vSwitch with no uplink. pfSense has 2 NICs – 1. WAN – Using a portgroup that has internet access 2. LAN – Using the same portgroup/vswitch as your VM that ...

Disable VR (vSphere Replication) on VM

You have long removed SRM/vSphere replication. You discovered a VM still had vSphere Replication enabled. system has paused replication disk added to vm Manually remove vSphere replication from vCenter 1. In a webbrowser go to: http://YOUR-vCenter Server/mob 2. Remove this extensions: “com.vmware.vcHms” More information about MOB, and removing plugins from vCenter, here: http://www.viktorious.nl/2012/05/06/vcenter-howto-remove-a-plugin-from-the-plugin-manager/ Remove vSphere ...

VMware Tools For FreeBSD

cd /usr/ports/emulators/open-vm-tools-nox11/ make all install vi /etc/rc.conf vmware_guest_vmblock_enable=”YES” vmware_guest_vmhgfs_enable=”YES” vmware_guest_vmmemctl_enable=”YES” vmware_guest_vmxnet_enable=”YES” vmware_guestd_enable=”YES” vi /etc/ntp.conf First line: tinker panic 0 vi /boot/loader.conf kern.hz=100 vi /etc/sysctl.conf kern.cam.da.retry_count=100 vmware-toolbox-cmd timesync disable

CentOS / RHEL horrible disk performance with SSD

noop, is essentially a first-in first-out (FIFO) queue with no extra logic. Each virtual machine can stop worrying about the disk, instead passing I/O requests along to the hypervisor to make a better decision about overall performance. Add “elevator=noop” to the kernel parameters in your boot loader’s configuration in /etc/grub.conf `echo noop > /sys/block/${DEVICE}/queue/scheduler`. Set ...

Shrink Postgres Tables / Databases

psql With psql cli: vacuum full; also do: reindex ;

IPTABLES Tidbits

List off all the rules in order. This helps to see if an allow is overriding one of your denies: iptables -nvL –line-numbers Reject or Drop? Drop means to drop everything at the interface and give no response. Best for port probes and the like. Reject responds to the source. Best practices for TCP/IP

Malware Protection Designed To Protect

This is scumbag malware designed to take your machine hostage until you pay. Here is the -quickest- way to eliminate this tediosity: 1. Register the scumware using this serial number: SL55J-T54YHJ61-YHG88 Once this is done it will allow you to now use your computer. 2. Open explorer and delete: C:Documents and SettingsAll UsersApplication Datadefender.exe If ...

FreeBSD ZFS Settings On i386 Hardware

AMD64 Kernel FreeBSD machines are good about autotuning. i386, on the other hand, needs to be adjusted manually. 1. Rebuild your kernel a. Disable/wipe all drivers you are not using or at least those you are highly unlikely to ever use. b. Add: options KVA_PAGES=512 c. Recompile/Install new kernel 2. Add these parameters to /boot/loader.conf ...

FreeBSD LAGG rc.conf

This is what your rc.conf should contain to configure LAGG with FreeBSD: ### LAGG NFS Interface ### ifconfig_bce3=”mtu 9000 up” ifconfig_bce0=”mtu 9000 up” cloned_interfaces=”lagg0″ ifconfig_lagg0=”laggproto roundrobin laggport bce3 laggport bce0″ ipv4_addrs_lagg0=”10.10.40.10/24″ Change the bce* interfaces to whatever your server is using for the network interfaces. The “mtu 9000 up” is correct!

ZFS Replication on FreeBSD

This script will replicate a ZFS pool to another FreeBSD machine. The sync process is quick, after the initial copy, and depending upon how much data changed. Download this shell script: http://www.tediosity.com/zfsrep.sh This script was written by another author for Solaris and I have fixed it to work on FreeBSD. I chose to use: /root/zfsrep ...