Tuesday 4 March 2014

Cisco ASA 8.4 on GNS3 in Linux

Best recommendation would be to test the qemu image before moving it into GNS3.

To find the location of the binaries:

user@pc:~ > which qemu-img
/usr/bin/qemu-img

then

user@pc:~/Cisco/ASA_842 > /usr/bin/qemu-system-i386 -name ASA1 -m 1024 -kernel ./asa842-vmlinuz -initrd ./asa842-initrd.gz -append "ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536 ide1=noprobe no-hlt" -netdev user,id=mynet0 -netdev user,id=mynet1 -netdev user,id=mynet2 -netdev user,id=mynet3 -netdev user,id=mynet4 -netdev user,id=mynet5 -device e1000,mac=00:00:ab:1a:f2:00,netdev=mynet0 -device e1000,mac=00:00:ab:df:12:01,netdev=mynet1 -device e1000,mac=00:00:ab:7e:73:02,netdev=mynet2 -device e1000,mac=00:00:ab:1c:9d:03,netdev=mynet3 -device e1000,mac=00:00:ab:db:25:04,netdev=mynet4 -device e1000,mac=00:00:ab:69:d8:05,netdev=mynet5 -serial telnet:127.0.0.1:4444,server,nowait -vnc none -vga none -icount auto -hdachs 980,16,32 -cpu coreduo -nographic

and then log into the ASA router virtual image with : telnet localhost 4444

if working as expected configure Qemu in GNS3:

and then the ASA:

Qemu options : -vnc none -vga none -icount auto -hdachs 980,16,32 -cpu coreduo -nographic
Kernel Cmd Line : ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536 ide1=noprobe no-hlt


If you want to run multiple ASA's configure the options accordingly e.g.
Qemu options : -vnc :2 none -vga none -icount auto -hdachs 980,16,32 -cpu coreduo -nographic

Posted by at No comments:
Labels: , ,

Cisco config highlighting with Kate


Syntax highlight Engine Kate can be used to install more plugins for syntax highlighting


http://search.cpan.org/dist/Syntax-Highlight-Engine-Kate/

sudo apt-get install libsyntax-highlight-engine-kate-perl




Posted by at No comments:
Labels: ,

Postgres 9 how to drop a database that is in-use





PostgreSQL's statistics collector is a subsystem that supports collection and reporting of information about server activity

Sample below to identify the procid for database cmdbuild:

postgres=# select * from pg_stat_activity where datname='cmdbuild';

datid datname procpid usesysid
44867 cmdbuild 2467 16384
44867 cmdbuild 2468 16384
(2 rows)

pg_cancel_backend and pg_terminate_backend send signals (SIGINT or SIGTERM respectively) to backend processes identified by process ID. 

postgres=# select pg_terminate_backend(procpid) from pg_stat_activity where datname='cmdbuild';
 pg_terminate_backend 
----------------------
 t
 t
(2 rows)

postgres=# DROP DATABASE cmdbuild;
DROP DATABASE




Posted by at No comments:
Labels: ,

Monday 3 March 2014

Add Loopbacks in Linux MInt for GNS3

This is a quick howto to connect a gns3 simulation to the physical pc to allow testing from the pc or configure access to the internet.


run gns3 as root "sudo gns3"
place a cloud onto your topology
configure the NIO TAP to use tap0

on linux:

first install the necessary tools

sudo apt-get install uml-utilities
sudo apt-get install bridge-utils
then

sudo tunctl -t tap0
sudo ifconfig tap0 10.200.200.1 netmask 255.255.255.252 up

then configure the router:
R1>enable
R1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#interface FastEthernet 0/0
R1(config-if)#ip address 10.200.200.2 255.255.255.252
R1(config-if)#no shutdown
Add a default route so that the router knows where to forward the internet traffic.
R1(config)#ip route 0.0.0.0 0.0.0.0 10.200.200.1

Try pinging the linux pc and the router from each other and you should get a reply.


to forward the traffic to the internet:


iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE

iptables -A FORWARD -i tap0 -j ACCEPT

echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward








Posted by at No comments:
Labels: , ,

TFTP Server on Linux Mint / Ubuntu


Steps to Install and Configure TFTP Server on Ubuntu

Step 1: 

Install TFTP Server Either you can install using command line or Go to Ubuntu Software center. In command line type"sudo apt-get install tftpd-hpa" Or Search for tftpd-hpa in Software Center and click install

Step 2: 

Configure Configuration file of tftpd-hpa is in /etc/default/tftpd-hpa. Edit this file to change the default root directory and other Options.
Default file contents will be similar to this:


# /etc/default/tftpdhpa
TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/var/lib/tftpboot"
TFTP_ADDRESS="[::]:69"
TFTP_OPTIONS="--secure" 
 
You can edit TFTP_DIRECTORY line to change the default root directory( Root directory is the directory which will store all the files you upload to the TFTP server or the directory from which the files will be downloaded from TFTP Server ). 
By default, there should be a file with same name as the file you are about to upload to TFTP server. This default feature may create problems during Get/Put to TFTP server. So better edit this TFTP_OPTIONS to allow the TFTP Server to create a new file when there is no file with the name found. So after editing tftpd-hpa looks like this:
TFTP_USERNAME="tftp" 
TFTP_DIRECTORY="/home/len/tftproot" 
TFTP_ADDRESS="0.0.0.0:69" 
TFTP_OPTIONS="--secure --create"

Step 3: Restart TFTP Server Restart TFTP Server service using "sudo service tftpd-hpa restart"

Further to this to ensure the TFTP server respond to  broadcast requests (This is used on devices liek Cisco Access points to update firmware) Change it to the following type configuration:

Change /etc/default/tftpd-hpa from:
# /etc/default/tftpd-hpa

TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/var/lib/tftpboot"
TFTP_ADDRESS="0.0.0.0:69"
TFTP_OPTIONS="--secure --timeout 30"
to:

# /etc/default/tftpd-hpa

TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/var/lib/tftpboot"
TFTP_ADDRESS="255.255.255.255:69"
TFTP_OPTIONS="--secure --timeout 30"

Key change being 0.0.0.0 to 255.255.255.255

For troubleshooting:
add the -vvvv option to the config
TFTP_OPTIONS="--secure --create -vvvv --timeout 30"

and tail the /var/log/syslog file


Posted by at 2 comments:
Labels: ,

Sunday 2 March 2014

Postgresql on Ubuntu server

Install
To install use the command line and type:


 sudo apt-get install postgresql postgresql-contrib
 
This will install the latest version available in your Ubuntu release and the commonly used add-ons for it.
We then need to change the password for the postgres database user; as postgres we execute the psql command

sudo -u postgres psql postgres
 
and give the user a password

\password postgres
 
type a password and quit psql with Ctrl+D or \quit
to set a *nix password for the user use the

sudo passwd postgres
 
and type the new *nix password for the user

User access
Then to give users access amend the 

/etc/postgresql/current/main/pg_hba.conf 
 
and add something like below (granting all users on subnet 10.0.0.0 255.255.255.0 access to all databases with username / password method)

typedatabaseuserip addressmethod
hostallall10.0.0.0/24md5


And make sure postgresql listen on the correct interface / ip address in

/etc/postgresql/current/main/postgresql.conf 
 
by configuring the listen_addresses. Default only listen on localhost.

This can then be tested with the following from a host on the 10.0.0.0/24 subnet:

psql -h 10.0.0.1 -U postgres -d postgres

Add a database and spesific user for it

To create a database with a user that have full rights on the database, use the following command: 
sudo -u postgres createuser -D -A -P myuser
sudo -u postgres createdb -O myuser mydb
 
Else install pgadmin to manage the database.













Posted by



at





No comments:
  


















Labels:
,
,

















        

      









Subscribe to:
Posts (Atom)