Author Archives: jonas - Page 12

How to view in what openvz vps a process is running

1. Login on openvz node and use ps command to find the PID
[codesyntax lang="bash"]

ssh root@openvz-node
ps auxwwwf

[/codesyntax]

2. After finding PID execute following commands
[codesyntax lang="bash"]

PID=12345
for i in `vzlist -a | grep running | awk '{print $1}'`; do echo $i; ps $* -p $(grep -l "^envID:[[:space:]]*$i\$" /proc/[0-9]*/status | sed -e 's=/proc/\([0-9]*\)/.*=\1=') | grep $PID; done

[/codesyntax]

How to install openvz on CentOS 6.2

1. Add openvz repo
[codesyntax lang="bash"]

cd /etc/yum.repos.d
wget http://download.openvz.org/openvz.repo
rpm --import http://download.openvz.org/RPM-GPG-Key-OpenVZ

[/codesyntax]

2. Install openvz
[codesyntax lang="bash"]

yum install openvz-kernel-rhel6 vzctl vzquota bridge-utils

[/codesyntax]

3. Modify relevant kernel settings (sysctl.conf)
[codesyntax lang="bash"]

vim /etc/sysctl.conf

[/codesyntax]

net.ipv4.ip_forward=1
kernel.sysrq = 1

net.ipv4.conf.all.rp_filter=1
net.ipv4.icmp_echo_ignore_broadcasts=1

net.ipv4.conf.default.forwarding=1
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.eth0.proxy_arp=1

[codesyntax lang="bash"]

sysctl -p

[/codesyntax]

4. Reboot the server
[codesyntax lang="bash"]

reboot

[/codesyntax]

5. Disable se linux
[codesyntax lang="bash"]

vim /etc/sysconfig/selinux

[/codesyntax]

SELINUX=disabled

6. Install strace (I do not remember why I initially wanted this installed, but still it has nothing to spoil)

[codesyntax lang="bash"]

yum install strace

[/codesyntax]

Redmine - Upgrade to 1.4.4 on a debian squeeze

This document describes how to upgrade Redmine. The procedure was tested for upgrade from version 1.0.1 to 1.4.4, but it might works on other Redmine versions.
In this procedure I used a basic install of a debian squeeze (the only service installed was openssh-server). I am assuming the server has network connectivity and its IP is 10.34.133.220.

Please note:
- please announce all people BEFORE starting this procedure
- the Apache server on production environment MUST be stopped so after the upgrade the database be in sync.
- this version of Redmine needs ruby version 1.8.7 or 1.9.3 (I am going to use the debian squeeze default ruby package which has version 1.8.7)
- all rsync-ed files in this procedure are attached

1. Login to the remote machine
[codesyntax lang="bash"]

ssh root@10.34.133.220

[/codesyntax]

2. Configure hostname
[codesyntax lang="bash"]

echo "workflow-vm" > /etc/hostname

[/codesyntax]

3. Install all required packages for Redmine installation
[codesyntax lang="bash"]

aptitude install apache2 mysql-server ruby libmysqlclient-dev libmagickcore-dev libmagickwand-dev imagemagick locate less rubygems sudo postfix mercurial cvs subversion darcs git libapache2-mod-passenger libxslt1-dev vim less

[/codesyntax]

4. Configure and test postfix
[codesyntax lang="bash"]

scp root@workflow-sandbox-vm.test.org:/etc/mailname /etc/
scp root@workflow-sandbox-vm.test.org:/etc/postfix/main.cf /etc/postfix/

echo "root: user@test.org" >> /etc/aliases

vim /etc/mailname
:%s/workflow-sandbox-vm.test.org/workflow-vm.test.org
:wq

vim /etc/postfix/main.cf
:%s/workflow-sandbox-vm.test.org/workflow-vm.test.org
:wq

newaliases
/etc/init.d/postfix restart

echo "test from new redmine server" | mail -s "test from new redmine server" "user@test.org"

[/codesyntax]

5. Configuring mysql database
[codesyntax lang="bash"]

mysql -Bsu root -pmysql123 -e "drop database redmine;"
mysql -Bsu root -pmysql123 -e "drop user redmine@localhost;"
mysql -Bsu root -pmysql123 -e "create database redmine character set utf8;"
mysql -Bsu root -pmysql123 -e "create user 'redmine'@'localhost' identified by 'redmine';"
mysql -Bsu root -pmysql123 -e "grant all privileges on redmine.* to 'redmine'@'localhost';"
mysql -Bsu root -pmysql123 -e "flush privileges;"
# dump mysql database from production environment and importing it to our machine
# maybe it is a good idea to use dbredmine as mysql server
# anyway for now we are going to use localhost as mysql server
mysqldump -hdbredmine redmine_default > ~/redmine_production.sql
mysql -u redmine -predmine redmine < ~/redmine_production.sql

[/codesyntax]

6. Configure gems
[codesyntax lang="bash"]

echo "gem: --no-rdoc --no-ri" > ~/.gemrc

[/codesyntax]

7. Downloading and installing Redmine
[codesyntax lang="bash"]

wget -c http://rubyforge.org/frs/download.php/76255/redmine-1.4.4.tar.gz
tar xfz redmine-1.4.4.tar.gz
mv redmine-1.4.4 /usr/share/redmine
cd /usr/share/
chown -R root:root /usr/share/redmine
chown www-data /usr/share/redmine/config/environment.rb
ln -s /usr/share/redmine/public /var/www/redmine

[/codesyntax]

8. Configuring Redmine
[codesyntax lang="bash"]

cp redmine/config/database.yml.example redmine/config/database.yml
vim redmine/config/database.yml
production:
adapter: mysql
database: redmine
host: localhost
username: redmine
password: redmine
encoding: utf8
:wq
scp root@workflow-sandbox-vm.test.org:/usr/share/redmine/config/configuration.yml redmine/config/configuration.yml

[/codesyntax]

9. Installing required gems for Redmine
[codesyntax lang="bash"]

gem install bundler
cd redmine
/var/lib/gems/1.8/bin/bundle install --without development test postgresql sqlite
ln -s /var/lib/gems/1.8/bin/rake /usr/bin/

[/codesyntax]

10. Attachments
[codesyntax lang="bash"]

rm -fr /usr/share/redmine/files
mkdir -p /var/lib/redmine/default/files
ln -s /var/lib/redmine/default/files /usr/share/redmine/files
# copying attachments from production environment
rsync -avz --stats --progress root@10.99.0.241:/var/lib/redmine/default/files/*  /usr/share/redmine/files

[/codesyntax]

11. Fixing permissions
[codesyntax lang="bash"]

mkdir public/plugin_assets
chown -R www-data:www-data files log tmp public/plugin_assets
chmod -R 755 files log tmp public/plugin_assets

[/codesyntax]

12. Configuring Apache web server

[codesyntax lang="bash"]

vim /etc/apache2/sites-available/redmine
<VirtualHost *:443>
        ServerName workflow-vm.test.org
        ServerAlias workflow.test.org workflow
        DocumentRoot /var/www

        SSLEngine on
        SSLCertificateFile /etc/apache2/ssl/wildcard-internal-ca-test.org.crt
        SSLCertificateKeyFile /etc/apache2/ssl/wildcard-internal-ca-test.org.key

ServerAdmin ionut@vendio.ro
LogLevel warn
ErrorLog /var/log/apache2/redmine_error
CustomLog /var/log/apache2/redmine_access combined
<Directory /var/www/redmine>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
RailsBaseURI /redmine
PassengerResolveSymlinksInDocumentRoot on
</Directory>
</VirtualHost>
:wq

[/codesyntax]

[codesyntax lang="bash"]

vim /etc/apache2/ports.conf
:%s/NameVirtualHost \*:80/NameVirtualHost \*:443
:%s/Listen 80/#Listen 80
:wq

[/codesyntax]

[codesyntax lang="bash"]

rsync -avz --stats --progress root@workflow-sandbox-vm.test.org:/etc/apache2/ssl /etc/apache2

mv /etc/apache2/sites-enabled/000-default /tmp

a2ensite redmine
a2enmod passenger
a2enmod ssl

[/codesyntax]

13. Installing and migrating Redmine plugins
[codesyntax lang="bash"]

 cd vendor/plugins

[/codesyntax]

13.1. Question plugin
[codesyntax lang="bash"]

rsync -avz --stats --progress root@10.99.0.241:/usr/share/redmine/vendor/plugins/question_plugin /usr/share/redmine/vendor/plugins/
rsync -avz --stats --progress root@10.99.0.241:/usr/share/redmine/app/views/mailer/_issue_text* /usr/share/redmine/app/views/mailer/
mv /usr/share/redmine/app/views/mailer/_issue_text_html.rhtml /usr/share/redmine/app/views/mailer/_issue_text_html.erb
mv /usr/share/redmine/app/views/mailer/_issue_text_plain.rhtml /usr/share/redmine/app/views/mailer/_issue_text_plain.erb

[/codesyntax]

13.2. Redmine Status plugin
[codesyntax lang="bash"]

 rsync -avz --stats --progress root@workflow-sandbox-vm.test.org:/usr/share/redmine/vendor/plugins/redmine_status /usr/share/redmine/vendor/plugins/

[/codesyntax]

13.3. Redmine Stuff to do plugin
[codesyntax lang="bash"]

rsync -avz --stats --progress root@workflow-sandbox-vm.test.org:/usr/share/redmine/vendor/plugins/stuff_to_do_plugin /usr/share/redmine/vendor/plugins/
rsync -avz --stats --progress root@workflow-sandbox-vm.test.org:/usr/share/redmine/lib/ar_condition.rb /usr/share/redmine/lib/

[/codesyntax]

14. Fixing permissions for log file
[codesyntax lang="bash"]

cd /usr/share/redmine
chown www-data:www-data log/production.log

[/codesyntax]

15. Final steps to get Redmine working
[codesyntax lang="bash"]

rake generate_session_store
rake db:migrate RAILS_ENV=production
rake db:migrate_plugins RAILS_ENV=production
rake tmp:cache:clear
rake tmp:sessions:clear

[/codesyntax]

16. Restart Apache web server
[codesyntax lang="bash"]

 /etc/init.d/apache2 restart

[/codesyntax]

Files:
question plugin: question_plugin.tar.gz
redmine status plugin: redmine_status.tar.gz
stuff to do plugin: stuff_to_do_plugin.tar.gz

How to grep by date range

Have you ever wonder how to grep a file within a date range?

[codesyntax lang="bash"]

cat file.log | sed -n '/2012-01-05 16:55/,/2012-01-05 18:30/p' > file.log.date_range

[/codesyntax]

Useless, but still: View in what OpenVZ Container are you in

1. Logon on the machine and execute the following command:

[codesyntax lang="bash"]

cat /proc/vz/veinfo | awk '{print "ID: "$1 " - IP: "$4}'

[/codesyntax]

How to use auto config Proxy PAC file for specific domain/url

Why would you need such a thing? I would like to use the squid proxy server only for one domain and connect to everything else directly. A PAC file is nothing but proxy auto-configuration file. This is a specialized JavaScript function definition that a browser calls to determine how requests are handled. So how a PAC looks like?

[codesyntax lang="javascript"]

function FindProxyForURL(url, host)
{
	     return "PROXY proxy-host:3128; DIRECT";
}

[/codesyntax]

If you want to connect to a specific domain via proxy, and directly connect to all other site:

[codesyntax lang="javascript"]

function FindProxyForURL (url, host)
{
	if (localHostOrDomainIs (host, "www.whatismyip.com"))
	{
		return "PROXY proxy-host:3128";
	}
	else
	{
		return "DIRECT";
	}
}

[/codesyntax]

What if you will attempt to match one or more URLs to a specified shell expression?

[codesyntax lang="javascript"]

function FindProxyForURL(url, host)
{
	var proxyserver = 'proxy-host:3128';

	var proxylist = new Array(
		'*.whatismyip.com/*',
		'whatismyipaddress.com/*'
	);

	for (var i = 0; i < proxylist.length; i++)
	{
		var value = proxylist[i];
		if (shExpMatch(url, value))
		{
			return "PROXY "+proxyserver;
		}
	}

	return "DIRECT";
}

[/codesyntax]

Public writable Share in samba

This document describes how to make public writable shares in samba. Samba is an open source Linux software that is used to create shared folder that can be accessed from Windows machines. This procedure was carried out on Debian/Ubuntu Linux, but with minor changes can be used on other Linux distributions too.

1. Install samba
[codesyntax lang="bash"]

sudo su -
apt-get install samba smbclient

[/codesyntax]

2. Make a backup copy of the original configuration files
[codesyntax lang="bash"]

cp -av /etc/samba /etc/samba.orig

[/codesyntax]

3. Create directory to be shared
[codesyntax lang="bash"]

mkdir -p /share
chmod -R a+rwx /share

[/codesyntax]

4. Configure samba to allow public writable shares
[codesyntax lang="bash"]

echo "" > /etc/samba/smb.conf
vim /etc/samba/smb.conf

[/codesyntax]

[global]
                workgroup = WORKGROUP
                server string = %h server (Samba)
                dns proxy = no
                log file = /var/log/samba/log.%m
                max log size = 1000
                syslog = 0
                panic action = /usr/share/samba/panic-action %d
                security = share
                encrypt passwords = true
                passdb backend = tdbsam
                obey pam restrictions = yes
                unix password sync = yes
                passwd program = /usr/bin/passwd %u
                passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
                pam password change = yes
                map to guest = bad user
                guest account = nobody
                load printers = yes
                printing = cups
                printcap name = cups
                usershare allow guests = yes
 

[print$]
                comment = Printer Drivers
                path = /var/lib/samba/printers
                browseable = yes
                read only = yes
                guest ok = yes
 

[printers]
                comment = Printer in Linux
                path = /var/spool/samba
                guest ok = Yes
                printable = Yes
                use client driver = Yes
                browseable = No
 

[myshare]
                path = /share
                browsable = yes
                writable = yes
                read only = no
                guest only = yes
                create mask = 0644
                directory mask = 0755

Xen 6.0.2 software Raid - installation procedure

This document describes how to install XenServer 6.0.2 on a node without hardware raid.

Install Software

Install XenServer 6.0.2 on /dev/sda and do NOT configure any local storage (it is easier to do that afterwards). /dev/sda should containt three partitions, please verify with the following command:

[codesyntax lang="bash"]

sgdisk -p /dev/sda

[/codesyntax]

The first partition is used for XenServer installation, the second one is used for backups during XenServer upgrades.

1. Now we are going to use /dev/sdb as the mirror disk. Clear the partition table.
[codesyntax lang="bash"]

sgdisk --zap-all /dev/sdb

[/codesyntax]

2. Install a GPT table on /dev/sdb
[codesyntax lang="bash"]

sgdisk --mbrtogpt --clear /dev/sdb

[/codesyntax]

3. Create partitions on /dev/sdb. Please note that the following commands are dependent on your installation. Copy the start and the last sectors from the /dev/sda (output of sgdisk -p /dev/sda)
[codesyntax lang="bash"]

sgdisk --new=1:34:8388641 /dev/sdb
sgdisk --typecode=1:fd00 /dev/sdb
sgdisk --attributes=1:set:2 /dev/sdb
sgdisk --new=2:8388642:16777249 /dev/sdb
sgdisk --typecode=2:fd00 /dev/sdb
sgdisk --new=3:16777250:3907029134 /dev/sdb
sgdisk --typecode=3:fd00 /dev/sdb

[/codesyntax]

4. Create RAID devices
[codesyntax lang="bash"]

mknod /dev/md0 b 9 0
mknod /dev/md1 b 9 1
mknod /dev/md2 b 9 2
mdadm --create /dev/md0 --level=1 --raid-devices=2 missing /dev/sdb1
mdadm --create /dev/md1 --level=1 --raid-devices=2 missing /dev/sdb2
mdadm --create /dev/md2 --level=1 --raid-devices=2 missing /dev/sdb3

[/codesyntax]

5. Create bitmaps for each RAID device. Bitmaps slightly impact throughput but significantly reduce the rebuilt time when the array fails.
[codesyntax lang="bash"]

mdadm --grow /dev/md0 -b internal
mdadm --grow /dev/md1 -b internal
mdadm --grow /dev/md2 -b internal

[/codesyntax]

6. Format the root disk and mount it at /mnt
[codesyntax lang="bash"]

mkfs.ext3 /dev/md0
mount /dev/md0 /mnt

[/codesyntax]

7. Copy the root filesystem to the RAID array (please be patient this step may take a while).
[codesyntax lang="bash"]

cp -vxpR / /mnt

[/codesyntax]

8. Change the root filesystem in /mnt/etc/fstab to /dev/md0.
[codesyntax lang="bash"]

sed -r -i 's,LABEL=root-\w+ ,/dev/md0 ,g' /mnt/etc/fstab

[/codesyntax]

9. Install the bootloader on the second hard disk.
[codesyntax lang="bash"]

mount --bind /dev /mnt/dev
mount -t sysfs none /mnt/sys
mount -t proc none /mnt/proc
chroot /mnt /sbin/extlinux --install /boot
dd if=/mnt/usr/share/syslinux/gptmbr.bin of=/dev/sdb

[/codesyntax]

10. Make a new initrd image which contains a driver for the new root filesystem on the software RAID array.
[codesyntax lang="bash"]

chroot /mnt
mkinitrd -v -f --theme=/usr/share/splash --without-multipath /boot/initrd-`uname -r`.img `uname -r`
exit

[/codesyntax]

11. edit /mnt/boot/extlinux.conf and replace every mention of the old root filesystem (root=LABEL=xxx) with root=/dev/md0.
[codesyntax lang="bash"]

sed -r -i 's,root=LABEL=root-\w+ ,root=/dev/md0 ,g' /mnt/boot/extlinux.conf
sed -r -i 's,root=LABEL=root-\w+ ,root=/dev/md0 ,g' /boot/extlinux.conf

[/codesyntax]

12. Unmount the new root and reboot. Important: Remember to use the boot menu of your BIOS to boot from the second hard disk this time!
[codesyntax lang="bash"]

umount /mnt/proc
umount /mnt/sys
umount /mnt/dev
umount /mnt
reboot

[/codesyntax]

13. XenServer is up again, include /dev/sda in the array
[codesyntax lang="bash"]

sgdisk --typecode=1:fd00 /dev/sda
sgdisk --typecode=2:fd00 /dev/sda
sgdisk --typecode=3:fd00 /dev/sda
mdadm -a /dev/md0 /dev/sda1
mdadm -a /dev/md1 /dev/sda2
mdadm -a /dev/md2 /dev/sda3

[/codesyntax]

14. The array needs to complete its initial build/synchronisation. That will take a while.
[codesyntax lang="bash"]

watch --interval=1 cat /proc/mdstat

[/codesyntax]

15. Add /dev/md2 as a local SR to XenServer.
[codesyntax lang="bash"]

xe sr-create content-type=user device-config:device=/dev/md2 name-label="Local Storage" shared=false type=lvm

[/codesyntax]

type=ext is required if you turned on thin provisioning in the installer. Otherwise use type=lvm

Final notes:

* The second partition is used by XenServer for backups, which is why its the same size as the first partition. If you put the install CD in and boot it, an option shows up for "restore XenServer 6.0 from backup partition"

* I have created bitmaps for each raid as well. In the event of the host going down dirty, the raids can require a synch. Simply doing this is enough to add a bitmap for changed pages.

doing cat /proc/mdstat will now say something like

cat /proc/mdstat
Personalities : [raid1]
md0 : active raid1 sda1[1] sdb1[0]
4193216 blocks [2/2] [UU]
bitmap: 128/128 pages [512KB], 16KB chunk

md1 : active raid1 sda2[1] sdb2[0]
4193216 blocks [2/2] [UU]
bitmap: 0/128 pages [0KB], 16KB chunk

md2 : active raid1 sda3[1] sdb3[0]
968372864 blocks [2/2] [UU]
bitmap: 0/231 pages [0KB], 2048KB chunk

* If you are installing on server which can not boot from the second disk, you must physically swap the two drives to make the machine boot off sdb and use /dev/md0 as root

* If you are going to setup a Xen 6 installation over network (via PXE) and the installation process hangs right after "Freeing unused kernel memory: 280k freed", you pass to the kernel (/tftpboot/pxelinux.cfg/main.menu) the following parameter xencons as follows:

append xenserver6/xen.gz dom0_mem=752M com1=9600,8n1 console=com1,tty --- xenserver6/vmlinuz console=tty0 console=ttyS0,9600n8 xencons=ttyS0,9600n8 answerfile=http://netboot.vendio.com/xenserver6/answers.xml install --- xenserver6/install.img

* To speed up the raid build process the following command can be used (default value is 1000):
[codesyntax lang="bash"]

echo 100000 > /proc/sys/dev/raid/speed_limit_min

[/codesyntax]

* TIP: You can use the attached script to automate the steps 1 to 9.

Good luck

The script: xen6.sh.zip

Source: http://blog.codeaddict.org/?p=5

OpenVPN with pam-mysql username/password authentication

This document describes how to install openvpn with pam-mysql username/password authentication. This procedure was carried out on Debian/Ubuntu Linux, but with minor changes can be used on other Linux distributions too.

1. Install openvpn, mysql and pam-mysql
[codesyntax lang="bash"]

sudo su -
mkdir -p /root/work/openvpn
cd /etc/openvpn
apt-get install libpam-mysql openvpn mysql-server

[/codesyntax]

Note: please keep mysql-server password in mind because we are going to use it later (I will refer to this password as 'mysqlpasswd').

2. Create a new openvpn configuration
[codesyntax lang="bash"]

vim /etc/openvpn/server.conf

[/codesyntax]

port 1194
proto udp
dev tun

ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key
dh /etc/openvpn/easy-rsa/keys/dh1024.pem

server 10.128.127.0 255.255.255.0
ifconfig-pool-persist ipp.txt

keepalive 10 120

comp-lzo

max-clients 50

persist-key
persist-tun

status openvpn-status.log
log-append /var/log/openvpn.log
verb 3
mute 20

client-cert-not-required
username-as-common-name

plugin /usr/lib/openvpn/openvpn-auth-pam.so openvpn

3. Follow the commands below to setup OpenVPN server

[codesyntax lang="bash"]

cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/ easy-rsa
cd easy-rsa
vim vars # Edit KEY_* vars appropriately

[/codesyntax]

export KEY_COUNTRY="RO"
export KEY_PROVINCE="B"
export KEY_CITY="City"
export KEY_ORG="VPN"
export KEY_EMAIL="user@test.org"
export KEY_COMMONNAME="VPN"

[codesyntax lang="bash"]

source ./vars
./clean-all
./build-dh
./pkitool --initca
./pkitool --server server

[/codesyntax]

4. Allow traffic to be routed from clients to server
[codesyntax lang="bash"]

echo 1 > /proc/sys/net/ipv4/ip_forward
sed -i -e 's/#net.ipv4.ip_forward/net.ipv4.ip_forward/g' /etc/sysctl.conf
sysctl -p
iptables -t nat -A POSTROUTING -s 10.128.127.0/24 -o eth0 -j MASQUERADE
iptables-save > /root/work/openvpn/iptables_rules

[/codesyntax]

5. Configure PAM. Create a file named openvpn in /etc/pam.d directory
[codesyntax lang="bash"]

vim /etc/pam.d/openvpn

[/codesyntax]

auth optional /lib/security/pam_mysql.so user=root passwd=mysqlpasswd host=localhost db=vpn_db table=tbl_user usercolumn=username passwdcolumn=password where=active=1 sqllog=no crypt=1 verbose=0
account required /lib/security/pam_mysql.so user=root passwd=mysqlpasswd host=localhost db=vpn_db table=tbl_user usercolumn=userid passwdcolumn=password where=active=1 sqllog=no crypt=1 verbose=0

6. Create the mysql database, the table where we will keep users and insert some test user.

[codesyntax lang="bash"]

mysql -u root -pmysqlpasswd

[/codesyntax]

create database vpn_db;
use vpn_db;
CREATE TABLE `tbl_user` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `username` varchar(25) DEFAULT NULL,
  `password` varchar(25) DEFAULT NULL,
  `active` int(11) DEFAULT NULL,
  `sqllog` enum('yes','no') DEFAULT NULL,
  `crypt` int(11) DEFAULT NULL,
  `verbose` int(11) DEFAULT NULL,
  PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;

INSERT INTO tbl_user
SET username = "user",
    PASSWORD = Encrypt("test"),
    active = "1"; 
\q

7. Client side operations
7.1. Download and install the latest stable version of openvpn-gui from http://openvpn.se/download.html
7.2. Create a configuration file named server.conf in C:\Program Files\OpenVPN\config (for Windows 32bit version) or C:\Program Files (x86)\OpenVPN\config (for Windows 64bit version). The content of the file should look like:
client
dev tun
proto udp
remote VPN-SERVER 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
auth-user-pass
cipher BF-CBC
comp-lzo
verb 4
mute 20

Note:

  • VPN-SERVER must be the IP or hostname of  the server we just configured
  • ca.crt was generated on step 3. This file must be copied from the server and given to the client