warning: Creating default object from empty value in /data/web/1/000/027/003/273448/htdocs/ on line 33.

Ubuntu: Instlal lldpd (Link Layer Discovery Protocol)

sudo apt install -y lldpd

# optional: enable Cisco CDP protocol
cat < /etc/default/lldpd
service lldpd restart

# get info

Identify switch port to which the server is connected

# Show LLDP neighbors
networkctl lldp


for NIC in $(find /sys/class/net -type l -not -lname "*virtual*" -printf "%f\n" | sort); do
echo "NIC: ${NIC}"
echo "NIC MAC: $(ethtool -P ${NIC})"
timeout 300 tcpdump -nn -v -i ${NIC} -s 1500 -c 1 "ether[20:2] == 0x2000"

nmcli - NetworkManager command line tool

# list all connections
nmcli con

# show connection details
nmcli con show 'MY_CONNECTION_1'

# start vpn from command line (ubuntu)
nmcli con up id VPN_NAME

nmcli dev wifi list

# modify configuration
SSID="FRITZ!Box 5960"

nmcli con add con-name "${SSID}" ifname wlan0 type wifi ssid "${SSID}"
nmcli con modify "${SSID}" wifi-sec.key-mgmt wpa-psk
nmcli con modify "${SSID}" wifi-sec.psk "${PASS}"

nmcli con up "${SSID}"

Autostart delayed VPN connection
# /home/foo/.config/autostart/vpn.desktop
[Desktop Entry]



# dig
dig txt @
dig | grep -v ";" | grep A
dig -x | grep IN

Create IPfire DomU (firewall)

Check for latest IPFire version

wget -O - | bash -



# download
wget -q ${URL} -O - | tar -C /tmp -xjf -
bash /tmp/ipfire/

# copy data to lvm
mkdir -p /tmp/ipfire/mnt/

# copy boot filesystem
lvcreate --name fw-boot --size 256M vg0
mkfs.ext2 /dev/vg0/fw-boot
#mount /tmp/ipfire/ipfire-boot.img /tmp/ipfire/mnt/ -o loop
mount ipfire-boot.img /tmp/ipfire/mnt/ -o loop
mount /dev/vg0/fw-boot /mnt/
cp -a  /tmp/ipfire/mnt/* /mnt/
umount /tmp/ipfire/mnt/
umount /mnt/

# copy root filesystem
lvcreate --name fw-root --size 2G vg0
mkfs.ext4 /dev/vg0/fw-root
#mount /tmp/ipfire/ipfire-root.img /tmp/ipfire/mnt/ -o loop
mount ipfire-root.img /tmp/ipfire/mnt/ -o loop
mount /dev/vg0/fw-root /mnt/
cp -a  /tmp/ipfire/mnt/* /mnt/
umount /tmp/ipfire/mnt/
umount /mnt/

# copy var filesystem
lvcreate --name fw-var --size 2G vg0
mkfs.ext4 /dev/vg0/fw-var
#mount /tmp/ipfire/ipfire-var.img /tmp/ipfire/mnt/ -o loop
mount ipfire-var.img /tmp/ipfire/mnt/ -o loop
mount /dev/vg0/fw-var /mnt/
cp -a  /tmp/ipfire/mnt/* /mnt/
umount /tmp/ipfire/mnt/
umount /mnt/

# create swap
lvcreate --name fw-swap --size 1G vg0
mkswap /dev/vg0/fw-swap

# clean up
rm -r /tmp/ipfire*

# create xen config file
cat <<EOF> /etc/xen/fw
bootloader = '/usr/lib/xen-4.1/bin/pygrub'
memory = 512
name = 'fw'
acpi = 1
apic = 1
vif = [ 'mac=00:17:4e:be:b1:ba' ]
disk = [
pci = ['00:0c.0']
extra = 'iommu=soft'

# OPTIONAL: autostart
ln -s /etc/xen/fw /etc/xen/auto/01_fw

# TODO (automate)
rmmod e100
rmmod xen-pciback
modprobe xen-pciback 'hide=(00:0c.0)'
xm pci-list-assignable-devices

# start domU
xm create -c fw

sed -i 's|phy:/dev/vg0/fw-|file:/root/ipfire-|g' /etc/xen/fw
sed -i 's|,xvda|.img,xvda|g' /etc/xen/fw

# configure ipfire in terminal

# webinterface

# Links

Compile iPXE

wget -qO - | bash -


# install requirements
sudo apt-get install -y build-essential liblzma-dev

# get source
git clone git:// /tmp/ipxe
# create boot script
cat <<EOF> /tmp/ipxe/src/boot.ipxe
dhcp && chain http://\${next-server}/\${mac} || chain\${mac}
# OPTIONAL: enable HTTPS support
sed -i -e '/DOWNLOAD_PROTO_HTTPS/ s/#undef/#define/' /tmp/ipxe/src/config/general.h
# OPTIONAL: change product name
sed -i 's|PRODUCT_NAME ""|PRODUCT_NAME ""|g' /tmp/ipxe/src/config/general.h
cd /tmp/ipxe/src
# build CD image (/tmp/ipxe/src/bin/ipxe.iso)
make bin/ipxe.iso EMBED=boot.ipxe
# build USB image (/tmp/ipxe/src/bin/ipxe.usb)
make bin/ipxe.usb EMBED=boot.ipxe
# build PXE image (/tmp/ipxe/src/bin/ipxe.pxe)
make bin/ipxe.pxe EMBED=boot.ipxe
# build GRUB image (/tmp/ipxe/src/bin/ipxe.lkrn)
make bin/ipxe.lkrn EMBED=boot.ipxe
# build undionly image (/tmp/ipxe/src/bin/undionly.kpxe)
make bin/undionly.kpxe EMBED=boot.ipxe

# ToDo: https boot


TestServer - fully automated test system

  • iPXE netboot
  • Provisioning
  • Inventory
  • Hardware test
  • Monitoring
  • Automated system installation

IpFire - SNMP Daemon for IpFire

Edit Cron jobs on IpFire
fcrontab -e
/etc/init.d/fcron restart

# force update dyndns every day
#9 2 * * 0 [ -f "/var/ipfire/red/active" ] && /usr/local/bin/ -f
0 19 * * * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/ -f

pakfire update
pakfire upgrade

Install Addons
pakfire install -y iftop

Update XEN VM
mount /dev/vg1/fw-boot /mnt/

# add XEN boot entry in GRUB configuration

Configure network bridge

# backup original network config
mv /etc/network/interfaces /etc/network/
# configure network bridge for xen
cat <<EOF> /etc/network/interfaces
auto lo
iface lo inet loopback
# eth0 (internal lan)
auto eth0 eth1 xenbr1
iface eth0 inet static
        #post-up ethtool -K eth0 tx off
# eth1 (DSL)
iface eth1 inet manual
        up ifconfig eth1 promisc up
# xenbr1 (bridge between second nic

PXE Net Boot - Boot anything, anywhere, anytime - iPXE Settings reference
Syndicate content