Posts from 2015-09

awk: show postfix mailq mail ID's for specific mail

posted on 2015-09-28 00:46:44

In short, replace <searchterm> with a regex for the adress you want:

mailq | awk 'BEGIN { RS = "" } /<searchterm>/ {print $1} '

bitrate overview

posted on 2015-09-26 18:54:37

SOURCE                   BANDWIDTH (HZ)  SAMPLE RATE (HZ)                    BITS PER SAMPLE  BITRATE

telephone                200-3400        8000 samples/s                      12               96 kbps
wideband speech          50-7000         16000                               14               224 kbps
wideband audio (2 chan)  20-20000        44100 samples/s                     16 per chan      1412 Mbps (per chan)
b/w documents            xxx             300 dpi                             1                90 kb/inch^2
color image              xxx             512x512 (px x px)                   24               6.3 Mb (complete image)
NTSC                     xxx             720x576x25 (DVD, px x px x colors)  24               248.8 Mbps
PAL                      xxx             720x576x25 (px x px x colors)       24               248.8 Mbps
SIF                      xxx             352x240x30 (VCD, px x px x colors)  12               30 Mbps
CIF                      xxx             352x288x30                          12               37 Mbps
QCIF                     xxx             176x144x7.5 (px x px colors)        12               2.3 Mbps
HD                       xxx             1920x1080x30 (px x px x colors)     24               1492 Mbps

guacamole: home folder location

posted on 2015-09-25 20:26:01

guacamole is a 'clientless rdp gateway' based on HTML5.

Sadly its pre-1.0 and has some hiccups.

One being the location of GUACAMOLE_HOME.

From its documentation:

GUACAMOLE_HOME

Guacamole reads files from its own configuration directory by default, resorting to the classpath only when this directory cannot be found. When locating this directory, Guacamole will try, in order:

The directory specified within the system property guacamole.home.

The directory specified within the environment variable GUACAMOLE_HOME.

The directory .guacamole, located within the home directory of the user running the servlet container.

For tomacat7 that should be /usr/share/tomcat7/.guacamole. If you place folder somewhere else, without specifying the GUACAMOLE_HOME environment variable properly, no configuration will be loaded.

I have not read that excerpt above properly, and had to track that fact down in the source, maybe this will help someone.

In the source it were to be found here in line 44:

     1  public class GuacamoleHome {                                                     
     2                                                                                   
     3      /**                                                                          
     4       * Logger for this class.                                                    
     5       */                                                                          
     6      private static final Logger logger = LoggerFactory.getLogger(GuacamoleHome.class);
     7                                                                                   
     8      static {                                                                     
     9          // Warn about deprecation                                                
    10          logger.warn("GuacamoleHome is deprecated. Please use Environment instead.");
    11      }                                                                            
    12                                                                                   
    13      /**                                                                          
    14       * GuacamoleHome is a utility class and cannot be instantiated.              
    15       */                                                                          
    16      private GuacamoleHome() {}                                                   
    17                                                                                   
    18      /**                                                                          
    19       * Returns the Guacamole home directory by checking, in order:               
    20       * the guacamole.home system property, the GUACAMOLE_HOME environment        
    21       * variable, and finally the .guacamole directory in the home directory of   
    22       * the user running the servlet container.                                   
    23       *                                                                           
    24       * @return The File representing the Guacamole home directory, which may     
    25       *         or may not exist, and may turn out to not be a directory.         
    26       */                                                                          
    27      public static File getDirectory() {                                          
    28                                                                                   
    29          // Attempt to find Guacamole home                                        
    30          File guacHome;                                                           
    31                                                                                   
    32          // Use system property by default                                        
    33          String desiredDir = System.getProperty("guacamole.home");                
    34                                                                                   
    35          // Failing that, try the GUACAMOLE_HOME environment variable             
    36          if (desiredDir == null) desiredDir = System.getenv("GUACAMOLE_HOME");    
    37                                                                                   
    38          // If successful, use explicitly specified directory                     
    39          if (desiredDir != null)                                                  
    40              guacHome = new File(desiredDir);                                     
    41                                                                                   
    42          // If not explicitly specified, use ~/.guacamole                         
    43          else                                                                     
    44              guacHome = new File(System.getProperty("user.home"), ".guacamole");  
    45                                                                                   
    46          // Return discovered directory                                           
    47          return guacHome;                                                         
    48                                                                                   
    49      }                                                                            
    50                                                                                   
    51  }  

fbsd: use usb-to-serial adapter

posted on 2015-09-21 22:12:00

To use a usb-to-serial adapter, make sure that the needed kernelmodule exists. Look it up with kldstat, and if it doesn't kldload ucom should help.

Afterwards use cu to connect, the device should pop up as /dev/cuaU0:

cu -l /dev/cuaU0 -s 9600

should do the trick.

RS232: Create a loopback device

posted on 2015-09-21 00:33:27

loopback layout

To create a loopback device out of a regular null modem cable, you have to bridge three pin groups:

  • 2 and 3 (RX and TX)
  • 1 and 4 and 6 (DCD and DTR and DSR)
  • 7 and 8 and 9 (RTS and CTS and RI)

pinouts

male:

1 2 3 4 5
 6 7 8 9

female:

5 4 3 2 1
 9 8 7 6

pin usage

The pins on an DB9 plug are, for the sake of completeness:

  • 1 DCD = data carrier detect
  • 2 RX = receive
  • 3 TX = transmit
  • 4 DTR = data terminal ready
  • 5 GND = ground
  • 6 DSR = data set ready
  • 7 RTS = request to send
  • 8 CTS = clear to send
  • 9 RI = ring indicator

1 and 9 can be blank, but it will still work. This is for rs232, for rs422 or rs485 bridging is different.

A lot more info can be found here.

cisco: factory reset for ASA 5510

posted on 2015-09-20 19:30:59

For factory resetting an 'Adaptive Security Appliance', some CLI work has to be done. In the following no prior configuration knowledge is assumed.

get a serial connection

Cisco switches are shipped with a blue female DB9-to-RJ45 adapter cable. (A null modem will not help here, as you need a RJ45 plug at the end which you connect to the ASA's CONSOLE port.)

Such a cable has to be connected to your ASA, and either your serial port of your comp. Since most desktops/laptops do not ship with an rs232 interface anymore, get yourself an male-male USB-to-DB9 adapter.

If you do not have the original cisco cable, use a comparable one: Juniper i.e. ships regular RJ45 ethernet cables plus an female-female RJ45-to-DB9 adapter which works just the same.

In the following a linux operating system is assumed; on windows this works, too. However you have to plug in the adapter, and find out which COM port is used via the device manager, you need this information later when using PuTTy.

On linux you can either go along with minicom, or just use screen. (I have the slight feeling I have written down all this somewhere else already on the blog...)

#as root
screen /dev/ttyUSB0 9600

... and you are connected. Cisco devices in general use 9600 baud, 8bit, 1 stop bit, no flow control. Once I read on official docs about 2 stop bits, but it worked with 1, so go figure it out from the manual if you have trouble with these settings.

step by step

  1. power cycle - turn it off and on again, so it freshly boots after you have connected the serial cable

  2. press ESC here during boot:

    Evaluating BIOS Options ... Launch BIOS Extension to setup ROMMON

    Cisco Systems ROMMON Version (1.0(10)0) #0: Fri Mar 25 23:02:10 PST 2005

    Platform ASA5510

    Use BREAK or ESC to interrupt boot. Use SPACE to begin boot immediately.

  3. confirm current configuration register, if promted if you wish to change anything, answer with 'no':

    rommon #0> confreg

    Current Configuration Register: 0x00000001 Configuration Summary: boot default image from Flash

    Do you wish to change this configuration? y/n [n]: n

    rommon #1>

  4. enter: confreg 0x41

  5. enter: boot

  6. after the appliance has rebooted, you should see this prompt: ciscoasa>

  7. enter privileged mode: enable

  8. erase startup config: write erase

  9. enter config mode: configure terminal

  10. config-register 0x01

  11. exit config mode: exit

  12. confirm via show version, see the end: Configuration register is 0x41 (will be 0x1 at next reload)

  13. save: write

  14. reboot: reload

Done. You now have a fresh ASA at your disposal.

cisco: factory reset a 2960G switch and initial configuration

posted on 2015-09-19 10:35:33

Factory resetting for a 2960G switch is rather easy:

Hold the button on the front panel, after like 3 seconds blinking, most lights should turn off. Keep the button pressed, after seven to ten more seconds, all lights will flash. Then switch is factory-resetted and will reboot.

Booting can take a while. Afterwards you are prompted for the initial installation.

This can either be done while being connected via a serial line (see next post here), or by using a pc connected via ethernet cable. Set the interface to DHCP and you should be able to access the switch in your browser via 10.0.0.1 through the web interface.

FreeBSD: poudriere

posted on 2015-09-06 10:54:22

disclaimer

To manage updates in FreeBSD (fbsd), you have three alternatives AFAIK:

  • pkg
  • ports
  • poudriere

pkg are generic binary packages, like you may be used to from like any linux distro. ports are basically building the source by hand.

poudriere in short is basically a (local?) dedicated build environment running in a jail for regularily building you desired ports configuration.

So at first you have to install your desired ports by hand, afterwards you can generate a list of your desired software which poudriere will use. Packages build via poudriere can be used via pkg afterwards.

(If something here is wrong, bear with me, I am still a BSD noob.)

install

Here, a fresh install is assumed. So:

# PREREQUISITES

# get most current portlist
portsnap fetch
portsnap extract
portsnap update

# build poudriere
whereis poudriere # hint: /usr/ports/ports-mgmt/poudriere
cd /usr/ports/ports-mgmt/poudriere
make install clean


# SETUP POUDRIERE

#edit config to your needs. dont fret, is heavily commented.
vi /usr/local/etc/poudriere.conf

#look up which system you run, as you want to build for that
uname -r
#create jail
poudriere jail -c -j fbsd -v 10.1-RELEASE  ## fbsd is the chosen jailname
#list jails
poudriere jail -l

#install ports tree
poudriere ports -c -p HEAD  ## HEAD is the chosen name for our portstree
#list ports tree
poudriere ports -l


# PORT CONFIGURATION PREPARATIONS

#first install all you need, do this for all your desired software
## do this for 'portmaster' as an example
whereis <software>
cd <location in ports>
make install clean

pkg autoremove # you want a clean portlist, and used packages prior

#to get an idea how the config file should look, an example here with portmaster
portmaster --list-origins | sort -d | tee /usr/local/etc/poudriere.d/fbsd-HEAD-workstation-portlist
#see contents
cat /usr/local/etc/poudriere.d/fbsd-HEAD-workstation-portlist

## now enter all the ports you want into this file, aftwards we will configure them


## ACTUAL PORT CONFIGURATION

Due to hardware issues, this will be continued in the future.

areca raid controller cli

posted on 2015-09-01 00:43:53

DISCLAIMER

This is just a quick and dirty post which will not cover this in depth, as most likely this will only be needed once. Also this is about the interactive usage, not for firing off single commands one by one.

Also this is not about creating raids with the controller, as I will just use it as a Host Bus Adaper.

This should be achieved through creating raid sets (see rsf) and then adding these to volume sets (see vsf).

setup

Set password and raidcontroller to use:

#usually <n>=1, when only one controller is built in
set curctrl=<n>

#enter pw so you can use commands
#0000 is default password, in case you need that.
set password=0000

#remove password
sys changepwd p=

controller

#show controller info
sys info

#show settings info
sys showcfg

#show advanced settings info
adsys info

#show events
events info

#change to RAID mode
sys mode p=0
#change to JBOD mode (act as HBA)
sys mode p=1

disks

#list disks
disk info

#S.M.A.R.T. gather data and then display it
disk sttest drv=<n> mode=short
disk smart drv=<n>

beeper

#mute
sys beeper p=0
#disable
sys beeper p=1
#enable
sys beeper p=2

This blog covers .csv, .htaccess, .pfx, .vmx, /etc/crypttab, /etc/network/interfaces, /etc/sudoers, /proc, 10.04, 14.04, AS, ASA, ControlPanel, DS1054Z, GPT, HWR, Hyper-V, IPSEC, KVM, LSI, LVM, LXC, MBR, MTU, MegaCli, PHP, PKI, R, RAID, S.M.A.R.T., SNMP, SSD, SSL, TLS, TRIM, VEEAM, VMware, VServer, VirtualBox, Virtuozzo, XenServer, acpi, adaptec, algorithm, ansible, apache, apachebench, apple, arcconf, arch, architecture, areca, arping, asa, asdm, autoconf, awk, backup, bandit, bar, bash, benchmarking, binding, bitrate, blackarmor, blockdev, blowfish, bochs, bond, bonding, booknotes, bootable, bsd, btrfs, buffer, c-states, cache, caching, ccl, centos, certificate, certtool, cgdisk, cheatsheet, chrome, chroot, cisco, clamav, cli, clp, clush, cluster, coleslaw, colorscheme, common lisp, console, container, containers, controller, cron, cryptsetup, csync2, cu, cups, cygwin, d-states, database, date, db2, dcfldd, dcim, dd, debian, debug, debugger, debugging, decimal, desktop, df, dhclient, dhcp, diff, dig, display manager, dm-crypt, dmesg, dmidecode, dns, docker, dos, drivers, dtrace, dtrace4linux, du, dynamictracing, e2fsck, eBPF, ebook, efi, egrep, emacs, encoding, env, error, ess, esx, esxcli, esxi, ethtool, evil, expect, exportfs, factory reset, factory_reset, factoryreset, fail2ban, fbsd, fdisk, fedora, file, filesystem, find, fio, firewall, firmware, fish, flashrom, forensics, free, freebsd, freedos, fritzbox, fsck, fstrim, ftp, ftps, g-states, gentoo, ghostscript, git, git-filter-branch, github, gitolite, global, gnutls, gradle, grep, grml, grub, grub2, guacamole, hardware, haskell, hdd, hdparm, hellowor, hex, hexdump, history, howto, htop, htpasswd, http, httpd, https, i3, icmp, ifenslave, iftop, iis, imagemagick, imap, imaps, init, innoDB, innodb, inodes, intel, ioncube, ios, iostat, ip, iperf, iphone, ipmi, ipmitool, iproute2, ipsec, iptables, ipv6, irc, irssi, iw, iwconfig, iwlist, iwlwifi, jailbreak, jails, java, javascript, javaws, js, juniper, junit, kali, kde, kemp, kernel, keyremap, kill, kpartx, krypton, lacp, lamp, languages, ldap, ldapsearch, less, leviathan, liero, lightning, links, linux, linuxin3months, lisp, list, livedisk, lmctfy, loadbalancing, locale, log, logrotate, looback, loopback, losetup, lsblk, lsi, lsof, lsusb, lsyncd, luks, lvextend, lvm, lvm2, lvreduce, lxc, lxde, macbook, macro, magento, mailclient, mailing, mailq, manpages, markdown, mbr, mdadm, megacli, micro sd, microsoft, minicom, mkfs, mktemp, mod_pagespeed, mod_proxy, modbus, modprobe, mount, mouse, movement, mpstat, multitasking, myISAM, mysql, mysql 5.7, mysql workbench, mysqlcheck, mysqldump, nagios, nas, nat, nc, netfilter, networking, nfs, nginx, nmap, nocaps, nodejs, numberingsystem, numbers, od, onyx, opcode-cache, openVZ, openlierox, openssl, openvpn, openvswitch, openwrt, oracle linux, org-mode, os, oscilloscope, overview, parallel, parameter expansion, parted, partitioning, passwd, patch, pdf, performance, pfsense, php, php7, phpmyadmin, pi, pidgin, pidstat, pins, pkill, plesk, plugin, posix, postfix, postfixadmin, postgres, postgresql, poudriere, powershell, preview, profiling, prompt, proxmox, ps, puppet, pv, pvecm, pvresize, python, qemu, qemu-img, qm, qmrestore, quicklisp, r, racktables, raid, raspberry pi, raspberrypi, raspbian, rbpi, rdp, redhat, redirect, registry, requirements, resize2fs, rewrite, rewrites, rhel, rigol, roccat, routing, rs0485, rs232, rsync, s-states, s_client, samba, sar, sata, sbcl, scite, scp, screen, scripting, seafile, seagate, security, sed, serial, serial port, setup, sftp, sg300, shell, shopware, shortcuts, showmount, signals, slattach, slip, slow-query-log, smbclient, snmpget, snmpwalk, software RAID, software raid, softwareraid, sophos, spacemacs, spam, specification, speedport, spi, sqlite, squid, ssd, ssh, ssh-add, sshd, ssl, stats, storage, strace, stronswan, su, submodules, subzone, sudo, sudoers, sup, swaks, swap, switch, switching, synaptics, synergy, sysfs, systemd, systemtap, tar, tcpdump, tcsh, tee, telnet, terminal, terminator, testdisk, testing, throughput, tmux, todo, tomcat, top, tput, trafficshaping, ttl, tuning, tunnel, tunneling, typo3, uboot, ubuntu, ubuntu 16.04, udev, uefi, ulimit, uname, unetbootin, unit testing, upstart, uptime, usb, usbstick, utf8, utm, utm 220, ux305, vcs, vgchange, vim, vimdiff, virtualbox, virtualization, visual studio code, vlan, vmstat, vmware, vnc, vncviewer, voltage, vpn, vsphere, vzdump, w, w701, wakeonlan, wargames, web, webdav, weechat, wget, whois, wicd, wifi, windowmanager, windows, wine, wireshark, wpa, wpa_passphrase, wpa_supplicant, x11vnc, x2x, xfce, xfreerdp, xmodem, xterm, xxd, yum, zones, zsh


Unless otherwise credited all material Creative Commons License by sjas