warning: Creating default object from empty value in /data/web/1/000/027/003/273448/htdocs/ on line 33.

nmcli - NetworkManager command line tool

# list all connections
nmcli con

# show connection details
nmcli con show 'MY_CONNECTION_1'

# start vpn from command line (ubuntu)
nmcli con up id VPN_NAME

nmcli dev wifi list

nmcli con add con-name MY-WIFI ifname wlan0 type wifi ssid MY-WIFI
nmcli con modify MY-WIFI wifi-sec.key-mgmt wpa-psk
nmcli con modify MY-WIFI wifi-sec.psk 'pass1234'




# dig
dig txt @
dig | grep -v ";" | grep A
dig -x | grep IN

Create IPfire DomU (firewall)

Check for latest IPFire version

wget -O - | bash -



# download
wget -q ${URL} -O - | tar -C /tmp -xjf -
bash /tmp/ipfire/

# copy data to lvm
mkdir -p /tmp/ipfire/mnt/

# copy boot filesystem
lvcreate --name fw-boot --size 256M vg0
mkfs.ext2 /dev/vg0/fw-boot
#mount /tmp/ipfire/ipfire-boot.img /tmp/ipfire/mnt/ -o loop
mount ipfire-boot.img /tmp/ipfire/mnt/ -o loop
mount /dev/vg0/fw-boot /mnt/
cp -a  /tmp/ipfire/mnt/* /mnt/
umount /tmp/ipfire/mnt/
umount /mnt/

# copy root filesystem
lvcreate --name fw-root --size 2G vg0
mkfs.ext4 /dev/vg0/fw-root
#mount /tmp/ipfire/ipfire-root.img /tmp/ipfire/mnt/ -o loop
mount ipfire-root.img /tmp/ipfire/mnt/ -o loop
mount /dev/vg0/fw-root /mnt/
cp -a  /tmp/ipfire/mnt/* /mnt/
umount /tmp/ipfire/mnt/
umount /mnt/

# copy var filesystem
lvcreate --name fw-var --size 2G vg0
mkfs.ext4 /dev/vg0/fw-var
#mount /tmp/ipfire/ipfire-var.img /tmp/ipfire/mnt/ -o loop
mount ipfire-var.img /tmp/ipfire/mnt/ -o loop
mount /dev/vg0/fw-var /mnt/
cp -a  /tmp/ipfire/mnt/* /mnt/
umount /tmp/ipfire/mnt/
umount /mnt/

# create swap
lvcreate --name fw-swap --size 1G vg0
mkswap /dev/vg0/fw-swap

# clean up
rm -r /tmp/ipfire*

# create xen config file
cat <<EOF> /etc/xen/fw
bootloader = '/usr/lib/xen-4.1/bin/pygrub'
memory = 512
name = 'fw'
acpi = 1
apic = 1
vif = [ 'mac=00:17:4e:be:b1:ba' ]
disk = [
pci = ['00:0c.0']
extra = 'iommu=soft'

# OPTIONAL: autostart
ln -s /etc/xen/fw /etc/xen/auto/01_fw

# TODO (automate)
rmmod e100
rmmod xen-pciback
modprobe xen-pciback 'hide=(00:0c.0)'
xm pci-list-assignable-devices

# start domU
xm create -c fw

sed -i 's|phy:/dev/vg0/fw-|file:/root/ipfire-|g' /etc/xen/fw
sed -i 's|,xvda|.img,xvda|g' /etc/xen/fw

# configure ipfire in terminal

# webinterface

# Links

Compile iPXE

wget -O - | bash -


# install requirements
sudo apt-get install -y build-essential liblzma-dev

# get source
git clone git:// /tmp/ipxe
# create boot script
cat <<EOF> /tmp/ipxe/src/boot.ipxe
dhcp && chain http://\${next-server}/\${mac} || chain\${mac}
# OPTIONAL: enable HTTPS support
sed -i -e '/DOWNLOAD_PROTO_HTTPS/ s/#undef/#define/' /tmp/ipxe/src/config/general.h
# OPTIONAL: change product name
sed -i 's|PRODUCT_NAME ""|PRODUCT_NAME ""|g' /tmp/ipxe/src/config/general.h
cd /tmp/ipxe/src
# build CD image (/tmp/ipxe/src/bin/ipxe.iso)
make bin/ipxe.iso EMBED=boot.ipxe
# build USB image (/tmp/ipxe/src/bin/ipxe.usb)
make bin/ipxe.usb EMBED=boot.ipxe
# build PXE image (/tmp/ipxe/src/bin/ipxe.pxe)
make bin/ipxe.pxe EMBED=boot.ipxe
# build GRUB image (/tmp/ipxe/src/bin/ipxe.lkrn)
make bin/ipxe.lkrn EMBED=boot.ipxe
# build undionly image (/tmp/ipxe/src/bin/undionly.kpxe)
make bin/undionly.kpxe EMBED=boot.ipxe

# ToDo: https boot


TestServer - fully automated test system

  • iPXE netboot
  • Provisioning
  • Inventory
  • Hardware test
  • Monitoring
  • Automated system installation

IpFire - SNMP Daemon for IpFire

Edit Cron jobs on IpFire
fcrontab -e
/etc/init.d/fcron restart

# force update dyndns every day
#9 2 * * 0 [ -f "/var/ipfire/red/active" ] && /usr/local/bin/ -f
0 19 * * * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/ -f

pakfire update
pakfire upgrade

Install Addons
pakfire install -y iftop

Update XEN VM
mount /dev/vg1/fw-boot /mnt/

# add XEN boot entry in GRUB configuration

Configure network bridge

# backup original network config
mv /etc/network/interfaces /etc/network/
# configure network bridge for xen
cat <<EOF> /etc/network/interfaces
auto lo
iface lo inet loopback
# eth0 (internal lan)
auto eth0 eth1 xenbr1
iface eth0 inet static
        #post-up ethtool -K eth0 tx off
# eth1 (DSL)
iface eth1 inet manual
        up ifconfig eth1 promisc up
# xenbr1 (bridge between second nic

PXE Net Boot - Boot anything, anywhere, anytime - iPXE Settings reference

OpenVPN connect to network with same ip range

# delete routing for whole network
sudo route del -net netmask dev tap0
# add route to hosts
for ip in {30..50}; do
	sudo route add 192.168.1.${ip} dev tap0


airmon-ng start wlan0 6
wesside-ng -i wlan0


export BSSID=00:1A:4F:9A:6F:9D
export CHANNEL=11

rmmod ipw2200
modprobe ipw2200 rtap_iface=1
iwconfig eth1 mode managed channel $CHANNEL key s:password ap $BSSID
#ifconfig eth1 hw ether 00:a1:b2:c3:d4:e5
ifconfig eth1 up
ifconfig rtap0 up

rmmod ipw2200
modprobe ipw2200 rtap_iface=1
iwconfig eth1 ap $BSSID
iwconfig eth1 key s:fakekey
iwconfig eth1 mode managed
ifconfig eth1 hw ether 00:19:3E:00:3E:36
iwconfig eth1 channel $CHANNEL
ifconfig eth1 up
ifconfig rtap0 up

Syndicate content