Run Level Ubuntu

Run Level Ubuntu
This tutorial will be as short and sweet (hopefully) as the one on Changing Graphical Login to Text Based. Those who are using Linux regularly would have definitely come across the system runlevels and all the cryptic looking boot-up messages associated with different runlevel. Here's a short description of RunLevels from Linux Man Pages.


      A  runlevel is a software configuration of the system which allows only
      a selected group of processes to exist.  The processes spawned by  init
      for each of these runlevels are defined in the /etc/inittab file.  Init
      can be in one of eight runlevels: 0-6 and S  or  s.  The  runlevel  is
      changed  by having a privileged user run telinit, which sends appropri-
      ate signals to init, telling it which runlevel to change to.

      Runlevels 0, 1, and 6 are reserved. Runlevel 0 is used to halt the sys-
      tem, runlevel 6 is used to reboot the system, and runlevel 1 is used to
      get the system down into single user mode. Runlevel  S  is  not  really
      meant  to  be used directly, but more for the scripts that are executed
      when entering runlevel 1. For more information on this,  see  the  man-
      pages for shutdown(8) and inittab(5).

      Runlevels  7-9  are  also  valid, though not really documented. This is
      because "traditional" Unix variants don't use  them.  In  case  you're
      curious,  runlevels  S and s are in fact the same.  Internally they are
      aliases for the same runlevel.

RunLevels, thus, are a method of grouping up certain system processes so that they are able to run and peacefully coexist together (probably chipping in for a common goal). So how do you go about finding WHICH process is running in WHAT runlevel ? Of course, you can go for one of the new runlevel/process viewing utilities found in the System Tools folder under the X-Windows Start Menu. But that again, is a slow and cumbersome process - as the real power of using linux can be achieved only through the command line console. So we're going to do it the poweruser way, and believe me, it's NOT at all as scary as it sounds. In fact, this time I found out - it's not scary AT ALL and far more simpler than any of the other system configuration tasks of linux. So without further delay, lets get down and do it Hands-On :P

We are going to use this utility named chkconfig - as you can guess, it expands to Check Configuration. But it doesn't just checks your system configuration - but is able to modify it to a certain extent too. The linux man pages describe it as:


      chkconfig  -  updates  and queries runlevel information for system ser-

      chkconfig --list [name]
      chkconfig --add name
      chkconfig --del name
      chkconfig name
      chkconfig name

Chkconfig - in contrast to the other linux commands doesn't boast a huge list of options and parameters to work with. We'll start of with it's simplest form, using it to get a list of the processes that the system starts during bootup and the runlevels associated with them. In the console, just go ahead and type:
shell> chkconfig --list

The output you get is somewhat in the following format:


radvd          0:off  1:off  2:off  3:off  4:off  5:off  6:off
irqbalance    0:off  1:off  2:off  3:on    4:on    5:on    6:off
mysql          0:off  1:off  2:off  3:on    4:on    5:on    6:off
syslog          0:off  1:off  2:on    3:on    4:on    5:on    6:off
httpd            0:off  1:off  2:off  3:on    4:on    5:on    6:off
network        0:off  1:off  2:on    3:on    4:on    5:on    6:off
sendmail      0:off  1:off  2:off  3:off  4:off  5:off  6:off
psacct          0:off  1:off  2:off  3:on    4:off  5:off  6:off
irda              0:off  1:off  2:off  3:off  4:off  5:off  6:off
pcmcia        0:off  1:off  2:off  3:off  4:off  5:off  6:off
isdn              0:off  1:off  2:off  3:off  4:off  5:off  6:off
dhcpd          0:off  1:off  2:off  3:off  4:off  5:off  6:off
vsftpd          0:off  1:off  2:off  3:on    4:on    5:on    6:off
mailman        0:off  1:off  2:off  3:off  4:off  5:off  6:off

See you if can spot a couple of the more common processes like the Apache Server (httpd), FTP Server (vsftpd), Dynamic Host Configuration Protocol Server (dhcpd) etc... You'll notice most of them have 0 through 6, i.e. Seven runlevels associated with them - and most of these processes except syslog - the System Log Generator, doesn't start running before runlevel 3. In fact runlevel 0, 1 & 2 take place right at the beginning of the system booting stage - and very few processes are needed to operate here except for the Core System/Kernel Processes. Those are the ones that load first and then allow you to run services of your choice.

So how do we set a process to run at specific runlevels ? Once again, we take a little help of our friend "chkconfig". But first, lets pick a process from the above list. Notice the THIRD process from top in the list - it's mysql - the MySQL Server Process. It's set to run at runlevels 3, 4 & 5 - as shown by the 3:on 4:on 5:on statement. Just for the heck of it, I'm going to disable it altogether and stop it from running at any of the levels. Here's what you do:
shell> chkconfig --level 345 mysql off

I don't think I need to explain much. The "--level 345 mysql off" tells chkconfig to modify the entries for MySQL on those specific runlevels (3, 4 & 5) and set all of them to OFF. As you can see, the affected runlevels are put side-by-side together to form a number and passed to chkconfig. Similarly, if you wanted it to run only on Level 2 & 4 and be OFF on all the rest, you'd execute the command above first and then follow it up by:
shell> chkconfig --level 24 mysql on

Feel free to try your own combination of runlevels to suit your needs. Right, lets use chkconfig once more and cross-check the results.. So we run, chkconfig --list once again, and this time the result should be somewhat like:


mysql          0:off  1:off  2:on    3:off    4:on    5:off    6:off

We're done for today.. But we missed out on one very important fact - What is the necessity of changing the runlevels for different system processes ? Well, that is a topic that cannot be covered in the span of one tutorial - so we'll come back to it pretty soon, maybe in a series of short tutorials.

All the best :P

Block Facebook diLayer7 & schedule

Block Facebook diLayer7 & schedule

Artikel berikut berisi informasi bagaimana memblok akses Facebook dengan layer7 Winbox. Mengapa layer7? Admin jaringan kami sebelumnya pernah menerapkan blok akses Facebook dengan cara drop by content pada Firewall. Hasilnya memang berhasil diblok, namun beberapa website (seperti forum cpanel dan website lain yang mengandung konten Facebook) ikut terblok. Setelah dicoba menerapkan rule blok akses Facebook dengan layer7, hasilnya sesuai dengan harapan. Akses ke Facebook berhasil terblok, namun tidak ikut berimbas website lain.

Pertama buat Buat rgxp di layer 7, yaitu sebagai berikut : (facebook)
contoh yang lain (twitter) (youtube)
^.+(youtube|tube|mivo).*$ (streaming)
^.*get.+\.(asf|mov|wmv|mpg|mpeg|mkv|avi|flv|wav|rm|mp3|mp4|ram |rmvb|dat|daa|iso|nrg|bin|vcd|mp2|3gp|mpe|qt|raw|wma|0[0-9][0-9]).*$ (content)
^.+(game|poker|viwawa).*$ (game)
^.+(*$ (
^.+(porn|xxx|sex).*$ (porn)
^.+(facebook|twitter).*$ (social)
add name=facebook
Kedua, membuat rule di firewall filter. Dalam hal ini saya ingin memblokir situs Facebook yang menggunakan port HTTP (80), sehingga selain port tersebut masih diijinkan. Tujuannya agar pengguna masih dapat menerima update status facebook melalui email. Untuk mensettingnya ketikkan perintah berikut:
add chain=forward  layer7-protocol=Facebook dst-address-list=staff action=drop comment=”Blockir Akses Facebook”
Cara dibawah digunakan jika langsung block dari filter rule tapi kelemahannya jika ada content facebok akan langsung di blok. Perbedaannya jika menggunakan layer 7 karena layer 7 berada pada layer yang paling atas jadi semua alamat dari facebook akan terblock.
/add chain=forward action=drop protocol=tcp src-address= dst-port=80 content=”facebook” comment=”Blockir Akses Facebook”
Ketiga, supaya waktu yang berjalan di router sesuai dengan waktu lokasi setempat, maka kita perlu mengatur agar clock di MikroTik mengacu pada NTP Server. Jika kita memiliki NTP Server sendiri, maka kita tinggal mengarahkan MikroTik ke NTP Server tersebut, namun jika kita tidak memiliki NTP Server, maka tidak perlu khawatir karena banyak NTP Server di luar yang bisa kita gunakan sebagai acuan. Beberapa diantaranya adalah NTP Server milik LIPI (Lembaga Ilmu Pengetahuan Indonesia) dengan URL: ( dan NTP Pool Project dengan salah satu URLnya: ( Untuk mensettingnya di MikroTik, ketikkan perintah berikut :
/system ntp client set primary-ntp= secondary-ntp= \ mode=unicast enabled=yes;
Keempat, membuat script untuk mengaktifkan firewall tersebut selama jam kerja dan mematikannya pada jam istirahat dan diluar jam kerja. Disini saya membuat 3 script, yaitu script untuk mengaktifkan  (enable) firewall, script untuk mematikan (disable) firewall serta script untuk dieksekusi pada hari libur (Sabtu-Minggu) dan hari kerja. Berikut ini scriptnya :
Script untuk mematikan (disable) firewall
/system script add name=”fb-allow” policy=read,write,policy,test,sniff source={/ip firewall filter set [/ip firewall filter find content="facebook"] disabled=yes}
Script untuk mengaktifkan (enable) firewall :
/system script add name=”fb-deny” policy=read,write,policy,test,sniff source={/ip firewall filter set [/ip firewall filter find content="facebook"] disabled=no}
Script untuk disable firewall di hari libur dan enable di hari kerja :
/system script add name=”fb-holiday” policy=write,read,policy,test,sniff source={:if ([/system scheduler get [/system scheduler find on-event="fb-deny"] disabled] = true) do [/system scheduler set [/system scheduler find on-event="fb-deny"] disabled=no] else [/system scheduler set [/system scheduler find on-event="fb-deny"] disabled=yes]}
Kelima, membuat schedule untuk menentukan kapan firewall tersebut akan diaktifkan atau dinon-aktifkan. Disini saya membuat 6 scheduler berdasarkan jam kerja dan hari kerja, yaitu jam 08:00, jam 12:00, jam 13:00, jam 17:00, hari sabtu-minggu, dan hari senin. Berikut ini scriptnya :
Schedule untuk mengaktifkan (enable) firewall pada jam kerja (08:00) :
/system scheduler add name=”fb-08:00″ start-date=jan/01/1970 start-time=08:00:00 interval=1d on-event=”fb-deny”
Schedule untuk mematikan (disable) firewall pada jam istirahat (12:00) :
/system scheduler add name=”fb-12:00″ start-date=jan/01/1970 start-time=12:00:00 interval=1d on-event=”fb-allow”
Schedule untuk mengaktifkan kembali (enable) firewall pada jam kerja (13:00) :
/system scheduler add name=”fb-13:00″ start-date=jan/01/1970 start-time=13:00:00 interval=1d on-event=”fb-deny”
Schedule untuk mematikan (disable) firewall di luar jam kerja ke atas ( > 17:00) :
/system scheduler add name=”fb-17:00″ start-date=jan/01/1970 start-time=17:00:00 interval=1d on-event=”fb-allow”
Schedule untuk mematikan (disable) firewall di hari libur (Sabtu-Minggu) :
/system scheduler add name=”fb-sabtu-minggu” start-date=aug/01/2009 start-time=00:00:00 interval=7d on-event=”fb-holiday”
Schedule untuk mengaktifkan kembali (enable) firewall di hari kerja (Senin) :
/system scheduler add name=”fb-senin” start-date=aug/03/2009 start-time=00:00:00 interval=7d on-event=”fb-holiday”
selamat mencoba