:::: MENU ::::

Home

  • Jun 02 / 2016
  • 0
Linux

Configure VLan interface (with alias)

If you want to isolate multiple networks, you can use VLAN (Virtual LAN). On most of the switches, you can configure VLAN to handle tagged packets and be able to send them to a specific port by isolating it. A VLAN is assigned a specific id that can be any number between 1 and 4096.

Most of the Linux distributions can handle tagged packets and VLAN usage, but this feature is not mandatory enabled by default. For the example, I’ll present here how you can enable and configure VLAN on Ubuntu Server 14.04.

First, you need to install the vlan package:

apt-get install vlan

Temporary configuration

Then, you should load the 8021q module into the kernel (guessing you’re using a recent and not customized kernel):

modprobe 8021q

As it’s not possible to create a VLAN on virtual interface, you will have to use physical interface and alias to make it work. You can create additional interface with:

vconfig add eth0 100

Then, you can assign an address to this interface:

ip addr add 172.30.0.1/24 dev eth0.100

And finally make the interface up:

ip link set up eth0.100

Permanent configuration

You have to load the module automatically and permanently:

echo "8021q" >> /etc/modules

Finally, set the configuration in /etc/network/interfaces in order to make it loaded on startup:

auto eth0.100
iface eth0.100 inet static
        address 172.30.0.1
        netmask 255.255.255.0
        network 172.30.0.0
        broadcast 172.30.0.255
        vlan-raw-device eth0

  • May 09 / 2016
  • 0
Linux

Perform git commands with a specific ssh key

It’s sometimes necessary to execute one git command with a special SSH key rather that the one you’re running with (for example on a remote console).

This can be easily done by using such command:

ssh-agent bash -c 'ssh-add /home/myuser/.ssh/github.key; git pull [email protected]:MYPROJECT/myproject.git'

  • Apr 22 / 2016
  • 0
Linux

Aggregate results from command line on a specific field (e.g. netstat per IP)

To aggregate results from a command line and count number of results for each field, you can combine multiple tools like awk, cut, uniq and sort to obtain the expected results.

For example, if you want to retrieve count of connections opened per IP onto your server, just run:

netstat -ntu | tail -n +3 | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

You will get a results like:

      1 127.0.0.1
      1 10.1.2.3
     65 10.1.2.8
     77 10.10.15.12
    114 10.1.3.8
    132 10.10.16.254
    310 192.168.10.1
   3970 10.0.0.254

If you want to aggregate only results on a particular keyword (a port for example), you can also integrate a grep option to filter your results:

netstat -ntu | grep "27017" | tail -n +3 | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

  • Mar 30 / 2016
  • 0
Linux, Python

Generate SHA-512 hash on command-line with Python

Need to generate the hash for a password? No need to use an online generator, totally insecure for your passwords …
This simple command will ask you which string you want to hash and will return you the result after pressing “Enter” key!

python -c "import crypt, getpass, pwd; print crypt.crypt(raw_input(), '\$6\

Besoin de générer un hash pour un mot de passe ? Pas besoin d’utiliser un générateur en ligne, totalement insécurisé pour vos mots de passe …
Cette simple commande vous demandera pour quelle chaine vous souhaitez effectuer un hash et vous retournera le résultat dès que vous presserez “Entrée” !

python -c "import crypt, getpass, pwd; print crypt.crypt(raw_input(), '\$6\

 + raw_input() + '\

  • Mar 09 / 2016
  • 0
Linux

Define the MTU size for current network

To limit the fragmentation of packets and optimize your network, it can be necessary to find the best MTU size to set up on your interface. In order to find this best value, you can use a simple ping command.

We’re first trying with a MTU size of 1500 bytes:

$ ping -M do -s 1500 mysite.com
PING mysite.com (1.2.3.4) 1500(1528) bytes of data.
ping: local error: Message too long, mtu=1500
ping: local error: Message too long, mtu=1500
ping: local error: Message too long, mtu=1500

We can clearly see that with the overhead, it’s sending 1528 bytes, too long for the MTU size allowed on the network (1500). Message will be fragmented.

We’re changing the value to 1472 bytes:

$ ping -M do -s 1472 mysite.com
PING mysite.com (1.2.3.4) 1472(1500) bytes of data.
1480 bytes from 1.2.3.4: icmp_seq=1 ttl=58 time=0.94 ms
1480 bytes from 1.2.3.4: icmp_seq=2 ttl=58 time=0.62 ms
1480 bytes from 1.2.3.4: icmp_seq=3 ttl=58 time=0.53 ms

Right now, we can see that packets are not fragmented anymore, exactly what we were expected!

On most of Linux distributions, MTU size can be set with this command:

ifconfig eth0 mtu 1472 up

You can check the results with the ip addr show command:

$ ip addr show
[...]
2: eth0: <no-carrier,broadcast,multicast,up> mtu 1492 qdisc fq_codel state DOWN group default qlen 1000
    link/ether 12:34:56:78:90:12 brd ff:ff:ff:ff:ff:ff
[...]
</no-carrier,broadcast,multicast,up>

  • Feb 05 / 2016
  • 0
Linux

Set up RamFS or TmpFS on Linux

In the most modern Linux systems, you will find memory-based file systems to make access to disk storage much faster by allocating some RAM space on a disk mount point. But this means that this disk area will be ephemeral and won’t exist anymore after a system reboot. You should never use it for storing persistent data, but rather using it as cache mechanism that needs speed.

As of today, the two main memory-based file systems are tmpfs and ramfs. Both have their pros and cons, depending on your needs.
Right now, tmpfs is more and more used in replacement of ramfs.

Main differences between ramfs and tmpfs are:

RamFS(older)

+ Can be monitored as cached in memory with free
+ Is not using swap
– Can’t be limited in size

TmpFS (newer)

+ Can be monitored with df
+ Can be limited in size
– Can use swap

Setup tmpfs

First create the directory you will use

# mkdir -p /mnt/tmpfs

Then mount it as tmpfs (I’m using here 16M)

# mount -t tmpfs -o size=16m tmpfs /mnt/tmpfs

You can check that it’s mounted correctly (here I’m already using 21% of the tmpfs)

# df -k
Filesystem     1K-blocks      Used Available Use% Mounted on
tmpfs              16384      3384     13000  21% /mnt/tmpfs

You can also make it automatically mounted by adding this line in your fstab configuration file:

tmpfs /mnt/tmpfs  tmpfs   nodev,nosuid,noexec,nodiratime,uid=50,gid=50,size=16M   0 0

Setup ramfs

First create the directory you will use

# mkdir -p /mnt/ramfs

Then mount it as ramfs (I’m using here 16M)

# mount -t ramfs -o size=16m ramfs /mnt/ramfs

You can check that it’s mounted correctly

# mount
ramfs on /mnt/ramfs type ramfs (rw,size=16m)

You can also make it automatically mounted by adding this line in your fstab configuration file:

ramfs /mnt/ramfs  ramfs   nodev,nosuid,noexec,nodiratime,uid=50,gid=50,size=16M   0 0

Pages:1...6789101112...18
Question ? Contact