computer networks


Sometimes you need to perform a network installation (i.e. when no USB or DVD drive is allowed to boot, but you can boot PXE). In case of FreeBSD you can use DNSMASQ to serve the DHCP that will assign the initial client address and configuration along with PXE boot image served over tFTP. At this point you will have bootloader running, so you can serve filesystem over NFS to obtain working environment and/or the installer..

  • Create a directory that will hold the target filesystem over network. In my case that was
    /usr/local/tftp/FreeBSD
  • Put OS/Installer files inside above directory
    cd /usr/local/tftp/FreeBSD
    wget http://(..)/file.iso
    7z x file.iso
  • Edit /etc/exports to export the filesystem over NFS
    /usr/local/tftp/FreeBSD -ro -alldirs -network 192.168.0.0
  • Install the dnsmasq
    pkg install dnsmasq
  • Setup the /usr/local/etc/dnsmasq.conf
    enable-tftp
    tftp-root=/usr/local/tftp/FreeBSD
    
    dhcp-range=192.168.0.50,192.168.0.60,255.255.255.0,1h
    dhcp-boot=boot/pxeboot
    dhcp-option=option:router,
    dhcp-option=option:root-path,/usr/local/tftp/FreeBSD
    
  • Restart services
    service nfsd onerestart
    service dnsmasq onerestart
  • In case you get bootloader running but troubles with NFS make sure that mountd is running. Also you can see who is using the NFS shares with
    showmount -a

PXE Boot always use initial DHCP/tFTP to fetch configuration and bootloader, so the first stage is similar and should work with other Operating Systems and Bootloaders as well, the rest is up to bootloader itself..

I have recently started the OrangeADE project [1], that is Orange Autonomous Device Evaluation, an online platform to evaluate security level of network equipment and verify against known vulnerabilities. OrangeADE is released as Open-Source under the “new” 3-Clause BSD license. Enjoy the work in progress! 🙂

[1] https://github.com/CeDeROM/OrangeADE

My request for base DHCP Client options parsing was partially implemented.

I have just found and reported bug in credit card related form/script in popular Polish trading platform Allegro. This was just a minor compatibility issue.. 😉

In case you need to reset admin password for a Joomla install, you can do this by simply updating database record.

$ mysql5 -h <database_hostname> -u <database_username> -p <database_name>
Enter password: <database_password>
mysql> show tables;
(...)
mysql> UPDATE <database_prefix>_users SET password='d2064d358136996bd22421584a7cb33e:trd7TvKHx6dMeoMmBVxYmg0vuXEA4199' WHERE username='admin';

This will use mysql5 commadline client to connect to a given database. You will see if tables are in place. Then you will update password hash of user admin to secret which equals:

d2064d358136996bd22421584a7cb33e:trd7TvKHx6dMeoMmBVxYmg0vuXEA4199

You can also use any other database client of your choice, DBeaver is also nice utility with graphical user interface.

You can obtain necessary database access information from configuration.php file accessed by ssh/ftp on a web server.

public $dbtype = 'mysqli';
public $host = '<database_hostname>';
public $user = '<database_username>';
public $password = '<database_password>';
public $db = '<database_name>';
public $dbprefix = '<database_prefix>';

If you want to dump/backup a database into local file, use mysqldump5:

mysqldump5 -h <database_hostname> -u <database_username> -p <database_name> > dumpfile.sql

If you want to restore a database from a local file, use mysql5:

mysql5 -h <database_hostname> -u <database_username> -p <database_name> < dumpfile.sql

There are situations when you have a nice server out there, and you want/need someone to upload important files, but you only want to give them a minimal access to the system. You can use SSHD with sFTP and /sbin/nologin shell for that in chroot environment (dedicated limited userspace). Note that SCP in fact requires a working shell, so you need to use sFTP in this case..

Create a new user account with existing ftp group and /sbin/nologin shell:

# adduser

Alternatively you can modify an existing account to share:

# pw groupmod ftp -m username
# pw usermod username -s /sbin/nologin

You need to set correct permissions to the user home directory and public directory inside for upload:

# chown root:wheel /home/username
# mkdir /home/username/public
# chown username:ftp /home/username/public

Now modify the SSHD server configuration file /etc/ssh/sshd_config and append:

Match Group ftp
        ChrootDirectory         /home/%u
        ForceCommand            internal-sftp
        AllowTcpForwarding      no
        PermitTunnel            no
        X11Forwarding           no

Remember to restart the SSHD in order to apply new configuration:

# service sshd restart

Once the account is not necessary anymore remember to remove it:

# pw userdel username

If you want to use GSM/3G/LTE modem on your FreeBSD box you need to use PPP and following configuration:

default:
 set log Phase Chat LCP IPCP CCP tun command
 ident user-ppp VERSION 
 set device /dev/cuaU0
 set phone *99\#
 set redial 5 10
 set speed 115200
 set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \
           \"\" ATH OK ATZ OK AT OK-AT-OK ATE1Q0 OK \
           AT+CFUN=1 OK-AT-OK \
           AT+CPIN? READY-AT+CPIN=\"1234\"-OK \
           AT+CGDCONT=1,\"ip\",\"internet\" OK \
           \\dATDT\\T TIMEOUT 40 CONNECT"
 set timeout 10
 enable dns
 set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.255 0.0.0.0
 add default HISADDR

I have found very simple solution on how to access YouTube videos that require Flash using HTML5 player. Although front site may not support HTML5 video player, YouTube usually allows to embed videos to other sites, they also should use WebM codec developed by Google. If you have a video that does not work in HTML5 by default try to run it in embed player by URL modification – replace “/watch?v=” with “/embed/” and it should work! 🙂

Example: http://www.youtube.com/watch?v=M84Y6VXAIaU -> http://www.youtube.com/embed/M84Y6VXAIaU

I am happy to notice slow withdrawal of closed-source solutions such as Adobe Flash (and so available only on selected platforms) from the web. When I have working Open-Source and (mostly) BSD-based web browser (Chromium) with some commercial support (Google) at least to display H264 encoded multimedia content (using Open-Source x264 software implementation), and there is HTML5, I start to consider Vimeo a better option than Google’s YouTube, if we speak of quality.

Although Google develops Open and Free multimedia codec called WebM, at the same time they use annoying commercials that makes WebM-ready videos unavailable in most cases on HTML5 YouTube and push users towards Flash anyway, as opposed to Vimeo where all H264 videos works flawlessly in HTML5…

wwwjennifervaughncom

I was even more surprised to see for the first time a very colorful, scalable, interactive and full of multimedia content website of Jennifer Vaughn (created by Phil Giampi) that use NO closed-source Adobe Flash at all!! This website works flawlessly in Chromium browser on my FreeBSD Unix style desktop which use only Open-Source and Free-Software components and embeds Vimeo content. Thank you for supporting high quality open web (although its not totally free)! 🙂

What about WebM? Google at one hand creates Free and Open standard such as WebM, but on the other hand Google does not seem to support it at all – neither in its own projects (see advertising with Flash on YouTube that blocks HTML5) nor in external projects (see Mozilla/Firefox struggling alone to promote WebM, see Google Chrome that simply buys restricted H264 license and thus promotes the competitive standard). I think it might be cheaper for Google to make H264/X264 free to use (at least as renderer like Microsoft did) rather than investing into something that is not going to be used anyway… What is the internal organization of Google? Do people need to fight for their projects against each other inside? Why there is no global view for better coordination? This seems to be a great waste of energy, WebM seemed to be very promising Free and Open Standard 🙁

Tworząc nowe urządzenia czy systemy o dużym stopniu zaawansowania, musimy posiadać mechanizm weryfikacji wyników, którym może być MATLAB. Aby przesyłać dane do matlaba, można wykorzystać gotowe toolbox’y które obsługują jedynie standardowy sprzęt lub samemu napisać sterownik własnego urządzenia – co daje większe możliwości w dostosowaniu metody do potrzeb, nie wymaga też żadnych dodatkowych licencji.

Typ: Otwarty
Status: Zakończony

(more…)

Next Page »