network

unbound

/etc/unbound/unbound.conf.d/forward.conf
# unbound forward-zone output
for IP in $(consul catalog nodes | grep ctl | cut -d " " -f6); do
echo " forward-addr: ${IP}@53"
done
systemctl restart unbound

consul

echo '["abcdef123458"]' /var/consul/serf/local.keyring
service consul restart

# config
cat /etc/consul/config.json

# log
/var/log/syslog

CLI
consul catalog datacenters
consul catalog nodes
consul catalog services

consul monitor
consul validate /etc/consul/config.json
consul operator raft list-peers

Redirect UI to localhost
ssh -L 8500:localhost:8500 root@node1.example.com -N

UI listen on external
https://stackoverflow.com/questions/35132687/how-to-access-externally-to-consul-ui

# cat /etc/consul/config.json

Enable UEFI / PXE boot on Mellanox ConnectX NIC

Boot GRML iso
https://grml.org/download/

Enable SSH daemon
service ssh start
passwd
ip a

# ssh root@GRML_IP

Install Mellanox CLI tools (MFT)
http://www.mellanox.com/page/management_tools
apt update
apt install -y gcc make dkms linux-headers-$(uname -r)

URL=http://www.mellanox.com/downloads/MFT/mft-4.12.0-105-x86_64-deb.tgz
wget -O- ${URL} | tar xvz -C /tmp
/tmp/mft-*-deb/install.sh
mst start

Show device state
mst status
flint -d /dev/mst/mt4119_pciconf0 q

nmcli - NetworkManager command line tool

# list all connections
nmcli con

# show connection details
nmcli con show 'MY_CONNECTION_1'

# start vpn from command line (ubuntu)
nmcli con up id VPN_NAME

nmcli dev wifi list

# modify configuration
SSID="FRITZ!Box 5960"
PASS=00011090700208423311

nmcli con add con-name "${SSID}" ifname wlan0 type wifi ssid "${SSID}"
nmcli con modify "${SSID}" wifi-sec.key-mgmt wpa-psk
nmcli con modify "${SSID}" wifi-sec.psk "${PASS}"

nmcli con up "${SSID}"

Autostart delayed VPN connection
# /home/foo/.config/autostart/vpn.desktop
[Desktop Entry]

Create IPfire DomU (firewall)

Check for latest IPFire version
http://downloads.ipfire.org/

<?php
$URL="https://raw.githubusercontent.com/panticz/xen/master/domains/ipfire.sh";
echo "wget $URL -O - | bash -";
echo "

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

# OPTIONAL
sed -i 's|phy:/dev/vg0/fw-|file:/root/ipfire-|g' /etc/xen/fw
sed -i 's|,xvda|.img,xvda|g' /etc/xen/fw

# configure ipfire in terminal

# webinterface
https://YOUR_DOMU_IP:444

# Links
http://wiki.ipfire.org/de/addons/virtualisation/howto/debian_wheezy_xen_4.1?&#debian_wheezy_mit_xen_41_als_dom0
http://wiki.ipfire.org/de/addons/virtualisation/howto/debian_als_dom0_xen#xen_und_kernel_installieren
http://wiki.ipfire.org/de/addons/virtualisation/howto/debian_xen_4.x

IpFire

http://wiki.ipfire.org/de/addons/net-snmp/start - SNMP Daemon for IpFire

Edit Cron jobs on IpFire
fcrontab -e
/etc/init.d/fcron restart

# force update dyndns every day
#9 2 * * 0 [ -f "/var/ipfire/red/active" ] && /usr/local/bin/setddns.pl -f
0 19 * * * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/setddns.pl -f

Upgrade
pakfire update
pakfire upgrade

Install Addons
pakfire install -y iftop

Update XEN VM
mount /dev/vg1/fw-boot /mnt/

# add XEN boot entry in GRUB configuration

wep

airmon-ng start wlan0 6
wesside-ng -i wlan0

#!/bin/sh

export BSSID=00:1A:4F:9A:6F:9D
export CHANNEL=11

rmmod ipw2200
modprobe ipw2200 rtap_iface=1
iwconfig eth1 mode managed channel $CHANNEL key s:password ap $BSSID
#ifconfig eth1 hw ether 00:a1:b2:c3:d4:e5
ifconfig eth1 up
ifconfig rtap0 up

#########
rmmod ipw2200
modprobe ipw2200 rtap_iface=1
iwconfig eth1 ap $BSSID
iwconfig eth1 key s:fakekey
iwconfig eth1 mode managed
ifconfig eth1 hw ether 00:19:3E:00:3E:36
iwconfig eth1 channel $CHANNEL
ifconfig eth1 up
ifconfig rtap0 up
#########