Monday, February 09, 2015

Use Linux be an IPv6 Router

簡單筆記一下如何使用Linux當IPv6的Router,以利將來備查。順便此次的實作是使用CentOS7.0,所以啟動daemon的方式跟以往SysV的方式不太一樣。

Step1. Enable IPv6 forwarding for Kernel via /etc/sysctl.conf:
net.ipv6.conf.all.forwarding = 1
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.br0.forwarding = 1
net.ipv6.conf.br1.forwarding = 1
net.ipv6.conf.br2.forwarding = 1

Step2. Use radvd be a DHCPv6 Server:
Step2.1 Open then edit /etc/radvd.conf:interface br0
{
AdvSendAdvert on;
MinRtrAdvInterval 30;
MaxRtrAdvInterval 100;
prefix 3001:688::/64
{
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr on;
};
};
interface br1
{
AdvSendAdvert on;
MinRtrAdvInterval 30;
MaxRtrAdvInterval 100;
prefix 3001:588::/64
{
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr on;
};
};
interface br2
{
AdvSendAdvert on;
MinRtrAdvInterval 30;
MaxRtrAdvInterval 100;
prefix 3001:288::/64
{
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr on;
};
};

Step2.2: Launch radvd immediately as well as start running it when system boots up:[root@rhel7 network-scripts]# systemctl start radvd
[root@rhel7 network-scripts]# systemctl enable radvd
[root@rhel7 network-scripts]# systemctl status radvd
radvd.service - Router advertisement daemon for IPv6
   Loaded: loaded (/usr/lib/systemd/system/radvd.service; enabled)
   Active: active (running) since 五 2015-02-06 16:22:51 CST; 1h 41min ago
 Main PID: 9884 (radvd)
   CGroup: /system.slice/radvd.service
           ├─9882 /usr/sbin/radvd -u radvd
           └─9884 /usr/sbin/radvd -u radvd
 2月 06 16:49:43 rhel7 radvd[9884]: resuming normal operation
 2月 06 16:49:44 rhel7 radvd[9884]: attempting to reread config file
 2月 06 16:49:44 rhel7 radvd[9884]: resuming normal operation
 2月 06 16:49:51 rhel7 radvd[9884]: attempting to reread config file
 2月 06 16:49:51 rhel7 radvd[9884]: resuming normal operation
 2月 06 16:49:53 rhel7 radvd[9884]: attempting to reread config file
 2月 06 16:49:53 rhel7 radvd[9884]: resuming normal operation
 2月 06 16:49:53 rhel7 radvd[9884]: attempting to reread config file
 2月 06 16:49:53 rhel7 radvd[9884]: resuming normal operation
 2月 06 18:03:32 rhel7 systemd[1]: Started Router advertisement daemon for IPv6.
Verify:
HostA(300:288::253):

eth1      Link encap:Ethernet  HWaddr 08:00:27:45:E9:40
          inet addr:10.10.2.253  Bcast:10.10.2.255  Mask:255.255.255.0
          inet6 addr: 3001:288::253/64 Scope:Global
          inet6 addr: fe80::a00:27ff:fe45:e940/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6439011 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6261045 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:2632403693 (2.4 GiB)  TX bytes:244180721 (232.8 MiB)
[root@server1 ~]# ip -6 route show
3001:588::/64 via 3001:288::1 dev eth1  metric 1024  expires 4293343sec mtu 1500 advmss 1440 hoplimit 4294967295
3001:688::/64 via 3001:288::1 dev eth1  metric 1024  expires 4293666sec mtu 1500 advmss 1440 hoplimit 4294967295

[root@server1 ~]# ping6 3001:588::100 -c 3
PING 3001:588::100(3001:588::100) 56 data bytes
64 bytes from 3001:588::100: icmp_seq=0 ttl=63 time=31.9 ms
64 bytes from 3001:588::100: icmp_seq=1 ttl=63 time=24.3 ms
64 bytes from 3001:588::100: icmp_seq=2 ttl=63 time=5.61 ms
--- 3001:588::100 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2015ms
rtt min/avg/max/mdev = 5.615/20.607/31.904/11.046 ms, pipe 2

HostB(3001:588::100):

Wireless LAN adapter Wireless Network Connection:
   Connection-specific DNS Suffix  . : example.com   IPv6 Address. . . . . . . . . . . : 3001:588::100
   IPv6 Address. . . . . . . . . . . : 3001:588::2677:3ff:fe77:f29c
   Link-local IPv6 Address . . . . . : fe80::2677:3ff:fe77:f29c%31
   IPv4 Address. . . . . . . . . . . : 10.10.5.188
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : fe80::6a05:caff:fe22:2b8b%31
                                       3001:588::1
                                       10.10.5.254

D:\Tools\wbox-3>ping -6 3001:288::253
Pinging 3001:288::253 with 32 bytes of data:
Reply from 3001:288::253: time=29ms
Reply from 3001:288::253: time=64ms
Reply from 3001:288::253: time=158ms
Reply from 3001:288::253: time=24ms
Ping statistics for 3001:288::253:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 24ms, Maximum = 158ms, Average = 68ms

Friday, August 22, 2014

如何避免remote syslog寫入到本機的/var/log/messages?

如題,假設今天log receive server將收集幾十台甚至幾百台裝置的log,預設上rsyslog會將這些裝置的log也同時寫入到本機的/var/log/messages。這是個非常令人感到困擾的一件事,因為本機的log將會被洗版.... 還好這是有方法可以解決的,以下用rsyslog舉個例子:

:fromhost-ip,isequal,"192.168.1.1"                        /var/log/remote.log
:fromhost-ip,isequal,"192.168.1.2"                        /var/log/remote.log
:fromhost-ip,isequal,"192.168.1.3"                        /var/log/remote.log
........
*.info;mail.none;authpriv.none;cron.none               /var/log/messages


192.168.1.1~3的log會寫入到/var/log/remote.log,但同時也會寫入
到/var/log/messages!


解決方法:

:fromhost-ip,isequal,"192.168.1.1"                        /var/log/remote.log
           & ~
:fromhost-ip,isequal,"192.168.1.2"                        /var/log/remote.log
           & ~
:fromhost-ip,isequal,"192.168.1.3"                        /var/log/remote.log
          & ~
........
*.info;mail.none;authpriv.none;cron.none               /var/log/messages

"& ~"能通知rsyslog,當把remote device log寫入到/var/log/remote.log後,就停止接下來的動作,那麼當然remote device log就不會寫入到/var/log/messages囉!

Wednesday, July 30, 2014

My PS1 in ~/.bashrc

export PS1="\[\e[00;30m\]\u@\h:\w\\$ \[\e[0m\]"

user@hostname:directory $or#

->

root@rhel7:/lib/systemd/system# 

[lawrence@rhel7 tmp]$ 




Friday, July 25, 2014

How to enable vncserver on CentOS7/RHEL7

CentOS7/RHEL7 改用了systemd取代了SysVinit,因此我必須把這幾年已經還給天地的Linux重新拿出來研究一番,否則真的跟不上時代了!那就先從學習systemd開始吧!


Case: How can I enable vncserver at boot?

Steps:
1. Install vnc:
#yum install tigervnc*

2. 建立vnc user:
以某個user來執行vncserver之後,在user家目錄中有這個/.vnc/xstartup檔案就可以了,當然passwd也是會一起產生的。
以上與CentOS6/RHEL6無異。


3. 修改vnc config:
開啟/lib/systemd/system/vncserver@.service
修改[service]這個field如下:
[Service]
Type=forking
# Clean any existing files in /tmp/.X11-unix environment
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill > /dev/null 2>&1 || :'
ExecStart=/sbin/runuser -l root -c "/usr/bin/vncserver"
ExecStop=/bin/sh -c '/usr/bin/vncserver -kill > /dev/null 2>&1 || :'
用root啟動vncserver不是一個好習慣.....


4. daemon-reload:
修改unit(service)的configuration後,必需讓systemd知道,所以我要執行 systemctl daemon-reload昭告天下。

5. 手動啟動vncserver:
systemctl start vncserver@multi-user
6. 開機啟動vncserver:
systemctl enable vncserver@multi-user

Monday, January 06, 2014

解決facility與severity在LogAnalyzer是空白的問題

最近實作中也碰到了這個問題,解決的方法如下:
http://wiki.rsyslog.com/index.php/Fix_blank_Facility_and_Severity_columns_in_loganalyzer

補充:
如何改變syslog到Rsyslog format23? 原文並沒有提到唷!這邊幫忙補充一下。

只需要一個步驟,那就是修改LogAnalyzer的config.php,把LogLineType從syslog改成syslog23如下:
$CFG['Sources']['Source2']['LogLineType'] = 'syslog23';

Wednesday, December 18, 2013

How to turn on wireless monitor mode to sniffer 802.11 wireless frame on OSX 10.9?

Install:
Step1. Install XQartz(X11) for OSX 10.6 or later (http://xquartz.macosforge.org/landing/)
Step2. Logout and login OSX by Admin account.
Step3. Install Wireshark for OSX 10.6 and later Intel 64 bit (http://www.wireshark.org/download.html)
Step4. Launch Wireshark and chose XQartz as X11 environment.
Step5. Turn on monitor mode -> http://ask.wireshark.org/questions/26270/how-to-turn-on-monitor-mode-on-mac-osx-1075

Specify channel for 2.4G or 5G radio:
Step1. sudo ln -s /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport /usr/sbin/airport
Step2. sudo airport -z #disassociates you card from the current network
Step3. sudo airport --channel= ["channel you want to switch to"] #sets the channel the card monitors on

Tuesday, December 03, 2013

為何tail -f | grep "" >> 檔案 然後發現資料不完全? missing line?

昨天被同事問到這個問題,由於小弟智力有限一時間竟無法理解,然而今天找到答案了,原來是libc對於這種 pipe的結構不會自動去清除buffer,所以一旦buffer滿了(4KB by default)那接下來的資料就無法繼續傳給pipe之後來處理,所以就會missing line囉,解決的方法就是手動自行清除buffer如下以避免爆炸。

tail -f | grep "pattern" --line-buffered >> /tmp/log &