======Supplemental linux information======
(work in progress)
====GNS3====
GNS3 is an open source software for network layout. A bit like cisco stuff. you have to be registered. Here is the link: [[https://www.gns3.com/software/download]]
==== Wireshark ====
Wireshark is a usefull packet capturing program that is like tcpdump, but has a graphical interface. It is very complex and has many uses. Here are some:
* Using Wireshark to see what the IP of a device is, though you do not know what it is
* When setting up somthing with a VLAN, you can look for this: Packet Type, ARP, "Whois [gateway], Tell [IP]
==== TR069 ====
https://en.wikipedia.org/wiki/TR-069
====== Network Advanced Concepts ======
==== OSI Model ====
* #;Layersname;Purpose;Protocol data units;Protocols;devices
* 1;Physical;Voltage;Bits;RJ45,802.3;LAN hubs
* 2;Data Link;Creation of Frmes;Frames;Ethernet, PPP, Frame-relay;swtiches;wireless AP
* 3;Network;Logical Addressing, routing;Packets;Internet Protocal (IP);router
* 4;tranport;connect between endpoings, establisment;segments;TCP, UDP;router
* 5;Session;Define how endpoints start and end conversations, sender and reciever;Data;NetBIOS;workstations and servers
* 6;presentation;data format, organiztion, encryption;Data;ASCII, JPEG (not really a seperate process, kinda a Salient layer;Workstation, Server
* 7;application;interface between network and appliation software;Data;Pop3, http;Applications
==== TCP/IP Model ====
Not as often used, important to understand OSI
* Network Access Layer;Specifies hot o use physical media for transmission
* Internet Layer logcical addressing, routers, packets, etc
* Transport Layer, connection
* Application layer
==== Encapsulation Process ====
* Taking info or protocal unit and enveloping it with the next layer down. Envelops within envelops
* Process:
* Sort of like a trailer
* Layer 7,6,5 Data, First unit
* Handed down to Transport Layer with a TCP header and Data]
* Network encapsilates with IP header
* Data link adds Frame Header, ethernet header, and adds FSC trailer at end "Frame Check Sequence" see: https://en.wikipedia.org/wiki/Frame_check_sequence
* Physuical, turned into bits,
* [frame header][ipheader][tcpheader][data][fsc]
* Then when going back, it does things in reverse
==== Componets of LAN ====
* Network Interface Card - NIC
* Switches and hubs
* Actual cables - UTP - Unshieleded twisted pair
==== Ehternet principles of operation ====
Local are network needs to support Shared network access. Components are:
* CSMA/CD - Carrier sense multiple access with collision avoidance
* Ethernet Standards - IEEE - mostly cat5, 10/100/1000
=== Ethernet Frame Types ===
Hardware Based, Mac Based, Layer 2 based addressing
* has changed over the years
* Old styele Ethernet Type 2 DIX:
* [preabmle][Dest addre (DA)-6 bytes, 3 hex][Source Add as MAC][type][data][FSC]
* 802.3 Format IEEE
* [preabmle][SFD][Dest addre (DA)-6 bytes, 3 hex][Source Add as MAC][length][data][FSC]
==== Ethernet Addressing ====
* Origanizational Unique Identifier, kinda like MAC addreass,
* https://regauth.standards.ieee.org/standards-ra-web/pub/view.html#registries
* Here you can lookup OUI to know manufacturer. Use MA-L
* **Unicast Addressing**: For taking source to destination, within L2 LAN
* only used for 2 computers, one destination
* **Broadcast address:**
* ONe host to everybody, Dest address, everybody listens
* DA: ffff.ffff.ffff
* **Multicast Addressing:**
* Source Host sends to group destinations based on Multicast address
* DA: 0100.5exx.xxxx
==== LAN Layer 1 standards ====
* Strait through - Pins all go to the same pin
* Crossover - Pins crossed over so pair goes from TX to RX
* Crossover are required computer to computer, or switch to switch (But mostly obsolete now with AUTO MDIX, will figure it out)
==== LACP ====
Bonding links can be done to increase throughput: https://en.wikipedia.org/wiki/Link_aggregation#Link_Aggregation_Control_Protocol
==== FreeRadius ====
Tuturial Found at:
https://wiki.freeradius.org/guide/Getting-Started
=== Install ===
Typical install:
* $apt install freeradius
* or
* $yum install freeradius
===Running===
After install you need to test run it and show debugging info
* $radiusd -X
* This will show you a long readout and at the end will say "ready to process requests"
* This is important when making config changes as you can modify a configuration and then test to see if their are
==== OpenFire XMPP ====
Openfire and Go Daddy:
* still waiting for information
Certificates are fun!
* [[https://community.igniterealtime.org/blogs/ignite/2007/12/01/your-certificate-survival-kit]]
Some Paremiters:
* Usuallay installed in: /opt/openfire
* Local Host default http://127.0.0.1:9090
* to run service:
* $etc/init.d/openfire start [restart, stop]
* Admin Consol port 9090
* Secure admin consol port 9091
Openfire initial successful configuration. NOTE: This setting is not very secure and is meant to allow pidgen and android Xabber to work
* From admin interface: Server>Server Settings>Security Settings>Client Connection Security
* Choose Custom
* Old SSL Method: Avaialable
* TLS method:Not available
== Pidgen ==
* Basic:
* User:user
* Domain:IP, address or local
* Password:password for user
* Advanced:
* Connection Security:Use connection if available
* Allow plain text Unchecked
* Connect port 5222 (usually default)
* All other blank
== Xabber ==
* Settings>XMPP accounts>Account
* Username:username
* Password
* Server:IP, address or local
* Custom Host:Unchecked
* Use SALS Authentication:Checked!
* TLS/SSL usage :use TLS when possible
== Security ==
The above method is very un secure so you may need to read more about generating SSL certs:
http://www.igniterealtime.org/builds/openfire/docs/latest/documentation/ssl-guide.html
==== Nagios ====
Nagios is a network monitor daemon and webpage server. It monitor radios and send notifications. Here is a basic install instructions: https://www.howtoforge.com/installing-nagios-on-debian-lenny-and-monitoring-a-debian-lenny-server
\\ If you really want to have fun, here is the Nagios Objects Definition page: https://assets.nagios.com/downloads/nagioscore/docs/nagioscore/4/en/objectdefinitions.html
=== Nagios Add and edit objects Radio ===
First login with ssh, or putty
* config files for radios are in /etc/nagios/objects
* This folder Contains various config files of the devices, and other needed config file
* For general adding you will only want to add to:
* radios.cfg is the most common used but you may need to edit switch.cfg, solar.cfgm, etc
* To edit things use vi
* sudo vi /etc/nagios/objects/radios.cfg
* Here is the template for each object:
# does comments and semicolins are for comments after a line
define host { ; general container
use [template]
host_name [host name]
alias [descriptive name]
address [ip address]
hostgroups [host group]
}
Notes about syntax for these parameters
* the format in the actual object file is different and easy to use and copy, but spaces or tabs must seperate
* use: his says for the host to use a template, in this case called "generic-radio"
* host_name: should be name of device, no spaces, preferable no upper case, preferable no special caes. ex: folendorf_ap2
* alias: This is the descriptive name, ex: Folendorf-AP2
* address: ip address that is static and not range
* hostgroups: These are usually defined below hosts in a parameter called "define hostgroup" Generally you will name this after the name of the config file such as:radios, swtiches, solar, or other. Please ALWAYS use a predefined host.
=== Host groups ===
* Can group hosts in hostgroups
Host service
* What things are done to host groups to check
* Does various things like Ping, SNMP uptime, SNMP Port status
* Ping: Just pings the radio from a remote location. Good for overall up and down
* SMTP uptime: This service just grabs uptime and use for the web interface
* Port status: Good monitoring for if a radio is active with POE, and active via wireless (wlan0) but not connected via eth0
===Verify ===
When done need restart, but you should verify that the configuration is proper with an internal nagios verify tool:
* sudo nagios -v /etc/nagios/nagios.cfg
===Restart===
Then to restart:
* sudo service nagios restart
=== Nagios Users ===
This link wil lbe very helpful:https://wiki.centos.org/HowTos/Nagios#head-82c2d0a041d294354a44a743b9fe150fd63c7bf6
\\ To add users:
* $htpasswd [options] [path to passwd file] [newusername]
It is important to understand what htpasswd does. So see above, or this link: some sources may say htpasswd2, so you will just have to figure out which one you are using (just run -h on each to see which is installed)
* you may need to know where the file actually is located, which can be fun. here are some options:
* /etc/nagios/htpasswd.users
* /usr/local/nagios/etc/htpasswd.users
* /usr/local/nagios/etc/htpasswd
* /etc/nagios/passwd - This is the case for some kinds of centos installations
* Example:
* $htpasswd -c /etc/nagios/passwd nagiosadmin
* This will prompt to give a pass, and confirm, then add that user, or change that pass
* You may need to restart apache, but in the example and its respective nagios config, you can just restart nagios
Remove users
* $htpasswd -D [passwd file] [user to remove]
===Change user permissions===
It is easy enough to add users but these users will have very limited permissison without adding them to the cgi file located at:
* /etc/nagios/cgi.cfg
In this file there are a list of options. here is what option means and which ones you may want to add:
* All below start with "authorized_for_"
* system_information - to view nagios system info and processes, and allow to edit nagios behavior, not recommended for non admins
* configuration - View config file, not recommended for non admins
* system_commands - issue commands for nagios system, not recommended for non admins
* all_services AND all_hosts - to view all services and hosts, history, etc, but NOT issue commands. Very good for basic users
* all_service_commands AND all_host_commands - To issue commands like ack, or stop notifying. Mid level authority
* read_only - Not recommended
==== Network UPS tools ====
AKA NUT. For UPS monitoring. Mostly universal for linux though not included as defualt
* Often you do not have to configure the UPS to send information. Just plug the Serial to USB in for some UPS models
* can see info with with dmesg
* port will be in /dev/xxxxx
Nut is installed as a package
* to configure NUT, /etc/ups and edit conf files
* Think of it this way: NUT > Driver in OS > Serial > UPS
* NUT is open source and you have to tell the conf file to say what driver to use
* UPSD.conf to set on the damaon to listen for connections
* hosts.conf tells what to monitor, by setting the devices to montior
* For Nagios Then, there is a plugin in nagios that grabs informatuion from upsd
* plugin in /usr/lib64/nagios/plugins/check_nut_plus
* Nagios will know to pull from upsd to get information. Just download plugin and put it in there
* also need to config
* /etc/nagios/objects/commands.cfg
* create nut section and edit based on a defined group such as check_nut_plus file
* may need to investigate more on how, but it is like other plugin entires
* Now you need to edit a config file such as power.cfg
====Dropbox====
Dropbox is a simple cross platform cloud storage program with free 2gb. on linux it works good, but soemtiems the tray icon does not work in certain versions. But you can still use the CLI to do a lot of things.
* $dropbox [options]
* status prints current status. Will say "up to date" if it is running. if you want to see more active status reports, use watch -n 1
* start/stop self explanatory
* $dropbox start -i
* This installs the daemon because though you can install the package, you may need to install the daemon.
==== Onedrive====
https://www.maketecheasier.com/sync-onedrive-linux/
==== Observium ====
Observe is a monitoring daemon for seeing network device information such as data, processor, etc.
===Adding a device===
You need to first have the local host (the server observe is running on) be appended to have the host name.
==== sendmail ====
Send mail is a package that lets you use an external SMTP server and send mail via command line. It is a simpme MTA (Mail Trasnfer Agent)
\\ Here are some good instructions, but missing a few things
\\ https://docs.oracle.com/cd/E52668_01/E54669/html/ol7-s7-emailsvc.html
\\ Missing:
\\ step 2: If your config does not have that line, go ahead and add it
Also some good info at: http://www.pettingers.org/code/sendmail-mods3.html
===Basics:===
Make a file for your auth server, and create a db for that server info, change permissions:
* $mkdir /etc/mail/auth
* $chmod 700 /etc/mail/auth
* Then use nano or echo to make a file
* $echo 'AuthInfo:[smtp.yourisp.com]: "U:[username]" "[P:password]"' > /etc/mail/auth/smtp-auth
* replace smtp, username, password
* Now use Makemap, which is part of sendmail
* $makemap hash /etc/mail/auth/smtp-auth < smtp-auth
* $chmod 600 smtp-auth smtp-auth.db
Edit or add to sendmail.mc line that reads:
define('SMART_host', '[smtp.isp.com]')dnl
you may have to change a similar line, here is the stock line you would change: dnl define('SMART_host', 'smtp.isp.com')dnl
\\ Likewise, you should modify or add these lines if you use ssl:
define('RELAY_MAILER_ARGS', 'TCP $h port')dnl
define('confAUTH_MECHANISMS', 'EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE('authinfo','hash /etc/mail/auth/smtp-auth.db')dnl
define(`confAUTH_OPTIONS', `A p y')dnl
Turn off Daemon:
* Edit /etc/sysconfig/sendmail.conf and set the value of DAEMON to no
DAEMON_MODE="none";
Save config. Run through process pressing yes. Then restart the service
* $sendmailconfig
* When done:
* $systemctl restart sendmail
====== Packages Media ======
Below are essential and good media packages. This is not really a tuturial, but more of a list.
* pdf-shuffler - For merging PDF's, seperating, rotating and other things. Akin to Acrobat Pro
* shotwell - For organizing and editing pictures. Akin to Lightroom. Missing Features: More comprehensive Export settings. This program deserves its own workflow writeup.
* FreeCAD - Computer Aided Drafting, Akin to AutoCAD. Very extensive and complicated to learn, but cool
* Freemind - Mindmaping diagram tool
* testdisk and photorec - Tools to recover deleted data and scan old partial deleted data to reconstruct images and other file types.
==== VLC ====
VLC is one of the best video viewing software and will view many different file formats
== VLC CLI interface ==
To start VLC command line do:
* $vlc --intf rc
==== Convert ====
Convert is a simple imaging conversion program that can be run from the command line. it is part of many main distributions. here is the page for it and how to use it:http://www.imagemagick.org/script/convert.php
* convert [options] original.file[pg#] [options] output.fileformat
* -density [#] before the input file, resolution of scan
* -quality [#] before output file, final dpi
* [pg#] is used for pdfs and page number. so you can do something like:
* convert -density 500 doc.pdf[0] quality 100 docpg1.png
* fileformat is the type of file you want to export. by appending this, convert will know what format to use.
==== tesseract-ocr ====
A very powerfull OCR application, run from command line. Use "convert" (read above) to convert pdfs to pngs for easy results.
* $tesseract input.png output_text
A tuturial on how to use convert and tesseract together is here. It is very easy to follow: http://www.joyofdata.de/blog/a-guide-on-ocr-with-tesseract-3-03/
====== Packages Web hosting ======
====Code Igniter====
Code igniter is a framework for websites. It does not have a typical Content Management system like wordpress. instead it is built using the Model View Controller [[https://en.wikipedia.org/wiki/Model%E2%80%93view%E2%80%93controller|(MVC Wiki page.)]] Here are some of the aspects of Code Igniter and some MVC functions.
* Controllers are like the directory. Examples, a webpage such as web.site/internet means that "internet" is the controller
* The Controller is a file (or folder?) that contains a set of instructions on how to generate the website
* A Function is the set of instructions on how to generate the website withing the viewer, or webbroswer application.
* This will render the webpage on demand rather then loading a typical page
* In Code Igniter, this is a simple way for the website to run with lower resources. It also is much more dynamic
Installing Code igniter is about downloading the package and putting it on the server. It uses and requires PHP
======Packages Server ======
==== Samba ====
(this section is incomplete)
\\ Samba is typically used for linux systems to have a server that can be read by windows easily
* first, install (apt-get install samba)
* then set up configuration file in
* $vi /etc/samba/smb.conf
* $smbpassword -a [user]
* Put in password (example: user p:xxxxxx)
==== mediatomb ====
* Once set up, server goes to local IP address and a preconfigured port.
* Defualt location is: :49152
* $mediatomb [--help]
=== Operations via command line ===
There a number of services that can be passed via command line. go to: http://mediatomb.cc/pages/documentation#id2855840 but here are some good ones:
* $mediatomb -a [/dir or file] (Maybe????)
== Config file ==
located in /etc/mediatomb/config.xml and can be edited with vi
\\ here are some options you may want to change:
* MediaTomb
== Config file - auto scan ==
There is a way to set autoscan in the config file. Here is an example, but not absolute.
\\ for details on what each mean, you can view the media tomb config page, here is the specific location:
\\ http://mediatomb.cc/pages/documentation#id2858022
Note: this NEEDS to be under master tag of %%%% but the first tag of import will have an option about importing hidden files (files start with a period, ex: .config) which is not reletive to overall import child settings. Also, there are other settings in import.
== service operations==
* $service mediatomb [start,stop, restart]
Also, if you want to remove it from auto start you can do:
* $update-rc.d mediatomb remove
* if that does not work do:
* $mv /etc/init.d/mediatomb /etc/init.d/mediatomb.backup
Once the service is removed, you may run MediaTomb using the following command in the terminal.
* $mediatomb
==== SSHFS ====
This tool is somewhat obsolete if you know how to use sftp, or scp (or pscp) (a previous Section from this page), which generally requires none or little additional software. Anywho, here is my write up on it.
\\
\\ This allows you to mount a remote location to a local mount point. sshfs uses sftp of ssh. The server/host only needs ssh(sshd) but the client needs sshfs. Though not default, many modern linux systems can be installed with
* $apt-get install sshfs.
SSHFS uses fuse, which is a kernal modual and uses libraries, often already installed. It is important to know that there is a fuse permission needed for a user to access it. So the first thing to do is:
* $usermod -a -G fuse [username]
* -a appends and -G says to what group will be appended
* (Note, not entirely sure if this is necessary, would need to check and remove user from fuse group and then try again)
Now here is how to use sshfs:
* $sudo sshfs [-p ] hostuser@hostdomain:[/remotedir] [/localmountpoint]
* Local mount point should be empty
* You may need to be as root to access the visual folder interface.
Sometimes it can be a bit slow to use so be patient.
* To remove mount point do:
* $sudo fusermount -u [/localmountpoint]
==== Ubiquiti Air Control ====
To install on linux you:
* https://www.ubnt.com/download/utilities
* Choose your distros version (.deb 64 bit is a common example)
* Download
* To run from terminal, navigate to dir and run:
* $sudo ./airControl[file name]
* Follow instructions for install
Once installed you can find the client main file at:
* /opt/Ubiquiti/AirControl2/airControl2Client
* You can either run this from command, or make a shortcut to the file.
==== Parted Magic ====
Lock screen password:partedmagic
==== android on linux ====
* http://www.cnx-software.com/2013/03/01/how-to-run-android-apps-in-linux-with-androvm/
* First install virtual box
* http://forum.xda-developers.com/showthread.php?t=1831454
==== MD5 Checksum ====
This is copied mostly from:https://help.ubuntu.com/community/HowToMD5SUM
* $md5sum <$dir/file>
* md5sum should then print out a single line after calculating the hash
* ex: 8044d756b7f00b695ab8dce07dce43e5 linuxdistro.iso
* Compare the hash.
* To compare you can do
* $md5sum -c .md5
* BUT, you must have the text file in the same directory and formatted a certain way.
* Note: like dd, this may take a while and require some other method for seeing the progress
==== Dual Boot ====
IF you are doing dual boot, there is a lot of info. here are some tips.
===Windows Time issue===
If you do windows and linux dual boot you might have a probelm with the Time NTP time. Here is the best solution:
http://askubuntu.com/questions/169376/clock-time-is-off-on-dual-boot
====== Distro - Debian ======
====Raspberian====
When installing various verison of raspberian you may want to install them like this:
* dd bs=4M if=various-raspbian.img of=/dev/s[drive letters]
==== Mint ====
Speed up Mint:
* https://community.linuxmint.com/tutorial/view/114 - good ones are 2,3
* https://sites.google.com/site/easylinuxtipsproject/ssd number 7
* http://www.yourownlinux.com/2013/05/speed-up-computers-running-ubuntulinux.html might try 9, and 1
==== System tweaks ====
Here are some system tweaks you can do to speed up your system:
https://opensource.com/article/17/8/customize-linux?utm_medium=Email&utm_campaign=weekly&sc_cid=701f20000019T6HAAU
====== Distro - EdgeOS/VyOS======
Notes for Edge OS
====Configure====
When in CLI/SSH you can type $configure to enter configure mode. This is like entering settings but not executing them. Some commands are:
* $set [args]
* set is the main command followed by many other commands. For More See below
* $edit [args]
* Brings you to those level of commands. For more See below
* $delete [arg]
* This will delete the argument. Sometimes you have to do the full arg, or just a certain level.
* $discard
* This will discard all changes
* $compare
* This shows you all the difference you have made with set
* $show [arg,arg]
* Shows current settings for argument. ex $show interfaces ethernet. Can do 1 or more levels for more or less detail
* $commit
* This commits all your set/edit commands to memory for saving
* $save
* This will take everything you have commited to memory and actually save it
* $exit
* After saving you can do this to get out of configure mode
* $exit discard
* If you want to discard all the settings and get out of configure mode, this is what you do
==set==
* $set [args]
* You can string a ton of different commands together
==edit==
In configure mode you can do set and the entire command, but if you are doing a lot of the same set commands in a specific place such as "set interfaces ethernet eth0 [args]" then you can use edit. Here is how:
* $edit [args]
* This will put you in edit mode at the level for args and you will see it above your prompt
* example:
* $edit interfaces ethernet eth0
* shows:
[edit interfaces ethernet eth0]
user@server$
* Then you could type something in that area, starting with "set" but followed by whatever you might type after eth0. You will stay in this mode until you type:
* $top
* This will bring you back to the base edit mode.
==show==
Here are some helpful shows:
* $show configuration
* This shows all the configuration file. which can also be found in /config/config.boot
* $show nat translation
* This is how to see what is being translated through the masq
==== Console and recovery ====
Here are the links on how to use the console port, and how to recover if resetting does not work:
* https://help.ubnt.com/hc/en-us/articles/205202630-EdgeMAX-Connect-to-serial-console-port-default-settings
* https://help.ubnt.com/hc/en-us/articles/204959514-EdgeMAX-Last-resort-recovery-of-failed-EdgeOS-device
* https://community.ubnt.com/t5/EdgeMAX/EdgeMax-rescue-kit-now-you-can-reinstall-EdgeOS-from-scratch/td-p/514857 (I think this link has the same info as listed in the directly above link)
==== Vyos command ====
Here are some basic commands that may not be regular or typical to other linux systems.
* $poweroff
* to shutdown the system
* $reboot
* reboot the system
====== Distro - Other ======
==== Cisco IOS ====
There is now a different page for cisco: [[hstarwiki:cisco]]
==== wraped shells====
For some network devices, when you ssh into them you are in a wrapped shell around the main distro shell (bash). A good example is the netwonix wisp swtiches. To get into main commaind line you can do another command such as:
* $cmdline
==== Knoppix Cheat codes ====
* smtp.knoppix.net/wiki/Cheat_Codes
* At start where it says boot:
* Can press enter to proced, or add items with spaces between each. Note, you need to type knoppix first for many of them, if said, then you can type all others.
* Knoppix no3d (dont use compiz)
==== Puppy startup ====
http://puppylinux.org/wikka/AddCommandsStartupShutdown
\\ Just put scripts in /root/Startup.