Iptables. open a port more than one IP

Sometimes you need to open a port on your server, you want it to be recheable only from specific IP address, you can use Iptables for this:

iptables -I INPUT -p tcp -s 10.1.1.2 --dport 22 -j ACCEPT

In that case, you are opening ssh port only to IP 10.1.1.2, if you need to open DNS for your internal network.

iptables -I INPUT -p udp -s 10.1.0.0/16 --dport 53 -j ACCEPT

Once you have them added and opened for those IPs, you need to close the door for the rest of IPs

iptables -I INPUT -p tcp -s 0.0.0.0/0 --dport 22 -j DROP iptables -I INPUT -p udp -s 0.0.0.0/0 --dport 53 -j DROP

---

Types Of Privileges In MySQL

Types of privileges in MySQL There are 4 types of privileges. i). Global privileges like *.* (all hosts connecting to Mysql db server) Ex: GRANT SELECT, INSERT ON *.* TO ‘someuser’@'somehost’; ii). Database privileges like .* Ex: GRANT SELECT, INSERT ON mydb.* TO ‘someuser’@'somehost’; iii). Table privileges like SELECT, INSERT, UPDATE, DELETE Ex: GRANT SELECT, INSERT ON mydb.mytbl TO ‘someuser’@'somehost’; iv). Column privileges like Ex: GRANT SELECT (col1), INSERT (col1,col2) ON mydb.mytbl TO ‘someuser’@'somehost’;

System MAC address

Each network interface on your computer is identified by a series of letters and numbers down as a MAC address. This string is useful for identifying a computer:

Windows system

Open the Windows Run dialog by holding down the Windows Key and pressing ‘r’.
Type cmd in the Run dialog box and press Enter.
Type getmac at the command prompt. Your MAC address will be displayed.

Linux system

Open a terminal window.
Type ifconfig at the command prompt. Your MAC address will be displayed beside the label HWaddr.

 Mac System

Open the Terminal application.
Type ifconfig at the command prompt. Your MAC address will be displayed beside the label ether.

Move oraInventory

I haved  moved  oracle Inventory by using below step  :
/home/oracle/oraInventory to /u01/app/oracle/oraInventory

#Backup
tar cf /home/oracle/oraInventory.tar oraInventory

#Verify it's using /home/oracle/oraInventory
find oraInventory -type f -exec grep oraInventory {} \; | head

#Replace old oraInventory strings in all files under oraInventory
find oraInventory -type f -exec perl -pi -e 's#/home/oracle/oraInventory#/u01/app/oracle/oraInventory#g' {} \;

#Verify it's using /u01/app/oracle/oraInventory
find oraInventory -type f -exec grep oraInventory {} \; | head

#Move the location
mv oraInventory /u01/app/oracle/

#Change inventory location in each $ORACLE_HOME (change the directory in each file)
vi /u01/app/oracle/product/10.2.0/db/oraInst.loc
vi /u01/app/oracle/product/10.2.0/asm/oraInst.loc
vi /u01/crs/oracle/product/10.2.0/crs/oraInst.loc
[include other $ORACLE_HOME/oraInst.loc here]

#Also change new location  to under /etc. Login as root
vi /etc/oraInst.loc (for Linux)
vi /var/opt/oracle/oraInst.loc (for Solaris)

Change ASM instance number in the cluster

We cannot change the asm instance number to a NOn-default value.
The reason for this restriction is :
If we have Non-default name to ASM instance then tools like GC and
Configuration assistants may fail in future in 11.2.
There is some code which checks for +ASM and determines this as ASM.
In 11.2 on-wards,the ASM Instance number will be assigned the order of root.sh ran.
For example :-

If we run the root.sh first on node B,then +ASM1 will be configured on node B ,next root.sh ran node C ,
then ASM2 will run node C .like respectively.

If we want to change the order,then we need to re-configure the cluster .
ie need to de-configure the CRS ,re-configure the CRS with re-creating the

Oracle home Name

We can check  ORACLE_HOME NAME using below method ..

 Method 1
 opatch lsinventory -all
 Method 2
Locate the oraInst.loc file and hence the location of central inventory

View the file <path to central inventory>/ContentsXML/inventory.xml
The ORACLE_HOME_NAME will be mentioned against the location of ORACLE_HOME

Method 3

Locate the oraInst.loc file and hence the location of central inventory

cd /<path to central inventory>/oraInventory/logs

check the installActions<timestamp>.log for the value of ORACLE_HOME_NAME

grep -i ORACLE_HOME_NAME installActions<timestamp>.log

sample output:

installActions2011-12-13_08-01-58PM.log:INFO: Setting the 'OracleHomeName ( ORACLE_HOME_NAME )' property to 'OraDb10g_home'. Received the value from the command line.

Changing the VIP IP address and Virtual Host Name

1) Find out the current VIP configurations from both nodes
a) on Node1
$ srvctl config nodeapps -n node1 -a
b) on Node 2
$ srvctl config nodeapps -n node2 -a
Note : This will give you the current VIP Hostname,VIP IP address,subnet mask, and
interface name used by the VIP.
2) Stopping resources of both nodes
Once you are ready to make the change, stop all resources that are dependent on the VIP on a given node.
a) Stop database
$ srvctl stop database -d cbnk
b) Stop the nodeapps
$ srvctl stop nodeapps -n node1
$ srvctl stop nodeapps -n node2
3) Verify the VIP is no longer running
$ ifconfig -a
note : If the interface still shows as online, this may be an indication that a resource which is
dependent on the VIP is still running.
The crs_stat command can help to show resources that are still online.
4) Make any changes to all nodes of /etc/hosts files to associate the new IP address with the old hostname.
5) make the actual modification to the nodeapps
This command should be run as root
Syntax : srvctl modify nodeapps -n [-o ] [-A ]
Options Description:
-n Node name.
-o Oracle home for the cluster database.
-A The node level VIP address (/netmask[/if1[|if2|...]]).
Example : # srvctl modify nodeapps -n node1 -A 192.168.2.110/255.255.255.0/eth0
Note : interface names are case senstive on all platforms. Be sure that the interface name specified
is the correct name as seen from the OS, be sure that the subnet mask used for the VIP matches the subnet mask used for the
actual public IP addresses, and that the VIP hostname is correctly registered in DNS and/or the hosts file.
6) After making the change, verify that it is correct
$ srvctl config nodeapps -n node1 -a
7) Start the nodeapps resources
$ srvctl start nodeapps -n node1
Note : Repeat the same steps ( Step 1 To Step 7) for all the nodes in the cluster
Note : If only the IP address is changed, it should not be necessary to make changes to the LISTENER.ORA and TNSNAMES.ORA, provided they are
using the vip hostnames for the 'HOST=' entries.
Refernce :
Note:220970.1 : RAC Frequently Asked Questions
Note:276434.1: Modifying the VIP or VIP Hostname of a 10g Oracle Clusterware Node
Note 283684.1: How to Change Interconnect/Public Interface IP Subnet in a 10g Cluster