Posts filed under Linux

Add Routes To Ubuntu Server

Routes (non-default ones) can be added to the platform by using the interfaces configurations file.

Just add the following to the interface configuration:

up route add -net <destination_network> netmask <netmask> gw <gateway_address>

Example:

$ cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto ens160
iface ens160 inet static
        address 192.168.168.1
        netmask 255.255.255.0
        network 192.168.168.0
        broadcast 192.168.168.255
        gateway 192.168.168.254
        # dns-* options are implemented by the resolvconf package, if installed
        dns-nameservers 192.168.0.1
        dns-search mydomain.com
        up route add -net 172.16.16.0 netmask 255.255.255.0 gw 192.168.168.30
Posted on September 15, 2017 and filed under Linux, Tips'n Tricks.

Capture Network Traffic With Wireshark Under Ubuntu

When you install Wireshark on Ubuntu Linux you need to be root to be able to capture traffic. The standard user doesn't have enough privileges to do this. 

A workaround for this is to add the user to a wireshark group and give the group special permissions. Afterwards, you're able to cpature traffic in Ubuntu with Wireshark, without needing root access. 

The complete list of commands: 

sudo groupadd wireshark

sudo usermod -a -G wireshark <YOUR-USER-NAME>

sudo chgrp wireshark /usr/bin/dumpcap

sudo chmod 750 /usr/bin/dumpcap

sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap

sudo getcap /usr/bin/dumpcap

Just reboot, or log out and back in, and you're finished. 

HAPPY CAPTURING

Posted on August 14, 2013 and filed under Linux, Tips'n Tricks.

Courier IMAPd and Mail.app warnings

After installing an ISPConfig deployment, everything seemed to work properly, but every now-and-then I got this weird error that there was something wrong with the mail server configuration. The Apple Mail.app showed a exclamation mark with the following message:

The server returned the error: The attempt to read data from the server server.domain.ext failed.

Some research showed that the Apple mail clients tend to open several connections for IMAP, and the default setting of the Courier IMAPd server is to allow (only) 4 connections from the same IP address.

Modifying the Courier config file (/usr/lib/courier-imap/etc/imapd) and allowing e.g. 20 connections from 1 IP address solved this problem.

<ORIGINAL CONFIG>
##NAME: MAXPERIP:0
#
#  Maximum number of connections to accept from the same IP address

MAXPERIP=4

<MODIFIED CONFIG>
##NAME: MAXPERIP:0
#
#  Maximum number of connections to accept from the same IP address

MAXPERIP=20

 If your company / household holds several imap mail clients you may need to increase the counter even more (65536 is the maximum amount of connections for ANY IP address).

If you have SSL enabled on the Courier IMAPd server you also need to add the MAXPERIP variable to the imap-ssl config file (/usr/lib/courier-imap/etc/imapd-ssl).

Finally, you need to restart the Courier IMAPd services (/etc/init.d/courier-imap restart)

Posted on January 23, 2012 and filed under Apple, Linux, Tips'n Tricks.

Changing SSL Certificates in a ISPConfig v3 Configuration

When you install a Perfect Server based on Centos and ISPConfig v3.x, the system / 'installer' creates for the components self-signed certificates. All these certificates will generate different warnings in your browser, mail clients etc. So time to eliminate those warnings.

First I needed to find out where all those certificates are located, and what there formats are. In my case, there are three services that use SSL/TLS in some form;

  1. Postfix SMTP service
  2. Courier IMAP service
  3. http / Apache2 webservice

Checking the configuration files will reveal their locations.

Posted on January 7, 2012 and filed under Linux, Operating Systems, Security, Software, Tips'n Tricks.

Getting ISPConfig to Work on Centos

This is not a manual describing the installation (pre-requisites) of ISPConfig software on a Centos platform. An excellent manual can be found online. It's just that I ran into a problem when I tried to connect an e-mail client to the (IMAP) mailserver (controled by ISPConfig). All the appropriate ports / listeners were up and running, so it had to be a configuration issue.

Googling around didn't solve my problem. My collegue, Xander (@xmoments / xmoments.nl), cam eto the rescue with the solution;

yum install cyrus-sasl-plain-2.1.23-13.el6.x86_64

Software that handles cleartext passwords between mail processes. After the installation, the mail went flying across the Interwebs.

Posted on January 5, 2012 and filed under Linux, Software, Tips'n Tricks.

Configuring Syslog-ng on Ubuntu

Syslog-ng is a replacement for the default syslog daemons you get with most Linux distributions. The advantage of syslog-ng is that the configuration is easier to understand, and it gives the sys-admin numerous advantages. Especially in complex environments.

Let's say we have a RADIUS environment which is able to send authentication and accounting information through syslog to external devices. And let's assume that a relevant part of this syslog information is needed by a department within a large cooperation.

Installing syslog-ng (on Ubuntu) is done by the following command:

# sudo apt-get install syslog-ng

Through the use of syslog-ng we can store, and/or forward syslog information based on the following (but not limited to):

  • source IP address
  • destination IP address
  • syslog level
  • content in the original syslog message by using regular expressions.

All this can be configured in the /etc/syslog-ng/syslog-ng.conf file.

Posted on August 26, 2011 and filed under Linux, Tips'n Tricks.

Wireshark on Ubuntu 10.10

Last week, I acquired a small netbook @ work for testing purposes (HP Mini 5103). You don't want to know how handy a second laptop is when you're testing authentication environments.

For flexibility purposes I installed a dual-boot with Microsoft Windows 7 Enterprise and Ubuntu Linux v10.10 from a USB Flashdrive (1, 2), erasing all the preinstalled HP/McAfee crap. This all worked like a charm, up to the installtion of Wireshark in Ubuntu. Starting the sniffer application resulted in an empty list of network adapters. No network adapters mean no capturing capabilities.

This was probably related to the lack of rights while starting the application. Running it from the terminal with sudo resulted in some weird error regarding a display-thingy (which is still the main reason why Linux isn't penetrating the desktop market).

While searching the Interwebs, I found the following solution. Which, after some alterations to the commands, the following worked for me;

In a terminal session, execute these commands:

sudo addgroup –quiet –system wireshark (this command simply didn't work in my case)
sudo chown root:wireshark /usr/bin/dumpcap
sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap

usermod -a -G wireshark <my user name>

Reconfigure the Wireshark Common package and answer ‘Yes’ to the question ‘Should non-superusers be able to capture packets?

sudo dpkg-reconfigure wireshark-common (I needed to add the sudo part on this command)

After rebooting the laptop, Wireshark started normally with all the network interfaces available for capturing traffic.

UPDATE: I did a reinstall of the OS, and this time Wireshark started 'properly' from the Terminal application by typing (without the quotes) 'sudo wireshark'.

Posted on March 6, 2011 and filed under Linux, Software, Tips'n Tricks.

Vanishing HD Space on Popcorn Hour

Sometimes you think you're mind is playing tricks on you. I have that sometimes. E.g. I have a Popcorn Hour  (Networked Media Tank) which holds movies and series I watch. Bits and Bytes come and go on that machine. Thing you've seen are deleted, and replaced by new content. But over the 'years' it seemed to hold less and less content. Oke, movies have increased in size (10-20GB per movie is nothing nowadays). So I didn't really think much of it....

Until I started transporting the content with Transmit instead of FileZilla. Transmit was configured to show even the hidden files, and hidden files it showed. I found 4 hidden temporary pureftp-upload files of almost 32GB each. The timestamps on those files differed from late last year to a couple of months back

.pureftpd-upload-<some random string>

The problem was that I couldn't remove them from the Popcorn, but I really wanted my 120GD of free space back. Turned out that the FTP daemon on the Popcorn was locking these files. Reboot of the popcorn didn't help.

The way to remove them was to stop the FTP daemon on the Popcorn in the menu, and access the device through SMB (or another protocol you can use), and make sure that you can see hidden files.
Select the files and press delete, and they should be gone. After that you can re-enable the FTP service if you like.

Posted on July 15, 2010 and filed under Linux, Software, Tips'n Tricks, Video.