Jun 152016
 

Add some useful external repositories to install useful third party software packages.

  • install a plugin to add priorities to each installed repositories.
# yum -y install yum-plugin-priorities

set priority=1 to official repository

# sed -i -e "s/\]$/\]\npriority=1/g" /etc/yum.repos.d/CentOS-Base.repo
  • Add EPEL Repository which is provided from Fedora project.
# yum -y install epel-release

set priority=5

# sed -i -e "s/\]$/\]\npriority=5/g" /etc/yum.repos.d/epel.repo

change to enabled=0 and use it only when needed

# sed -i -e "s/enabled=1/enabled=0/g" /etc/yum.repos.d/epel.repo

if enabled=0, input a command to use the repository

# yum --enablerepo=epel install [Package]
  • Add RPMforge Repository which provides many useful packages.
# yum -y install http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm

Download and install DAG’s GPG key for your system.

# wget http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
# rpm --import RPM-GPG-KEY.dag.txt

set priority=10

# sed -i -e "s/\]$/\]\npriority=10/g" /etc/yum.repos.d/rpmforge.repo

change to enabled=0 and use it only when needed

# sed -i -e "s/enabled = 1/enabled = 0/g" /etc/yum.repos.d/rpmforge.repo

if enabled=0, input a command to use the repository

# yum --enablerepo=rpmforge install [Package]
Jun 082016
 

Here is how you can compile and install xtables-addons on CentOS 7.
first, Install Dependencies:

# yum install gcc gcc-c++ make automake unzip zip xz kernel-devel-`uname -r` wget unzip iptables-devel perl-Text-CSV_XS

download xtables-addons

# wget http://ufpr.dl.sourceforge.net/project/xtables-addons/Xtables-addons/xtables-addons-2.10.tar.xz

extract, compile and install

# tar -xJf xtables-addons-2.10.tar.xz
# cd xtables-addons-2.10
# configure
# make && make install

done!

and now for example we want to use geoip module, first of all install geoip database for xtables-addons.
still from xtables-addons-2.10 directory.

# cd geoip
# ./xt_geoip_dl
# ./xt_geoip_build GeoIPCountryWhois.csv
# mkdir -p /usr/share/xt_geoip
# cp -r {BE,LE} /usr/share/xt_geoip
# modprobe xt_geoip

if you want only allow ssh connection from certain country(ie. ID) and drop the rest here’s how to do it.

# iptables -I INPUT -p tcp --dport 22 -m geoip ! --src-cc ID -j DROP