Backtrack:  
Blog
 
showing posts tagged with 'network'
 
nano syntax highlight for Shorewall config files
by lunarg on August 24th 2010, at 16:31

This package provides files to enable syntax highlighting in nano when editing shorewall configuration files, making it easier to maintain these kinds of files.

 
Regenerating SSH host keys
by lunarg on August 19th 2010, at 16:19

If for some reason you lost your SSH server keys, sshd will fail to start with error:

Could not load host key: /etc/ssh/ssh_host_rsa_key
Could not load host key: /etc/ssh/ssh_host_dsa_key

You can recreate your host keys with these commands:

ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key

After recreating the keys, you will probably have to let your clients know as with the change of keys, they'll probably get warnings about it (Linux SSH will not even connect until you kick out the old keys).

 
IPSEC on multi-WAN linux firewall
by lunarg on June 23rd 2010, at 17:14
Working on implementing Multi-WAN at our office (more about that later), in which we use a rather special routing setup, we got this error message on our IPSEC tunnels:

Quote

ipsec_setup: Starting Openswan IPsec U2.4.12/K2.6.26-2-amd64...
ipsec_setup: no default route, %defaultroute cannot cope!!!

While the reason was obvious to me (there's indeed no default route in the main routing table, this is by design), fixing the problem was not.
I tried adding options like leftnexthop=ip-address but it did not really matter; the error persisted.

After searching around Google, I cam  ...
 
Fiddling with Shorewall
by lunarg on June 3rd 2010, at 20:03
Linux has always been a great player in internetworking, thanks to a very advanced networking stack. In addition, the filtering capabilities provided by Netfilter are only surpassed by a very select group of devices. It doesn't come as a surprise there are a lot of firewalls and internet gateways out there that are running this powerful combo.
Detailing the features of linux as a firewall/internet gateway would take up an entire article so I'm not going to elaborate on it. It suffices to say that whatever you can think up of setting up, the linux + netfilter combo can probably do it. Worst cas  ...
 
Netscreen SSG5: clearing sockets
by lunarg on April 14th 2010, at 20:16
With firmware 6.00 in a Netscreen SSG5, I encountered an odd bug where available sockets for the management web interface run out, because they're not being freed properly.
Rather than rebooting the thing every once in a while, there's a way to free used sockets through the console.

Your best bet is to attach a serial cable to a server or something and use HyperTerminal (or another terminal application) to access the console of the Netscreen.

Once logged in, use the following to get a list of sockets in use:

get socket

This shows a list of in-use sockets, along with their ID. Sockets with   ...
 
Incoming PPTP VPN passthrough on OpenWRT
by lunarg on February 1st 2010, at 16:46
To set up a Windows PPTP VPN server behind your OpenWRT enabled router, you need to forward the necessary ports and protocols, and install the proper modules.

Finding information about how to do this was a lengthy process. I never actually found the necessary info (although I noticed there are quite a few people which are rather clueless about networking; makes me wonder why they're bothering with OpenWRT in the first place, it's not the easiest firmware out there).
But I've managed to compile the bits and pieces of various sources into a coherent mass. It's not a guide in the literal sense,   ...
 
Obtain MAC address of the wireless access point connected to
by lunarg on January 27th 2010, at 11:28
In Windows, it is possible to obtain the MAC address of the wireless access point you're connected to. This is handy when you have multiple access points with the same ESSID (i.e. "roaming") and want to know which one you're connected to. This is done with the netsh CLI tool, available since Windows XP.

To do this, start a command prompt, and type in:

netsh wlan show interfaces

This shows all wireless interfaces on your system. When your wireless is active and connected to an AP, you get output similar to this:

Name : Wireless Network Connection   ...
 
WET54G-EU (v3.1) with WPA or WPA2 locks up
by lunarg on December 6th 2009, at 20:30
For all those who recently acquired a WET54G (rev 3.1), or are planning on acquiring one, should read the problem I had with it.
The problem only affects EU versions of the product, as the US version has a more recent firmware available which fixes the problem.

Update: there's still no new firmware. I've updated the links so they are correct again.
And here's a direct link is here.

Anyway, the main symptom is the lock up of the device as soon as a connection with a wireless network has been made, and that network uses WPA-PSK or WPA2-PSK. I've tested this out extensively  ...
 
Keep-alive issues when proxying IIS with Apache2
by lunarg on September 8th 2009, at 18:26
We had a bit of trouble with an Apache2 server, configured as a front-end proxy for a IIS running various different sites. The idea for this has grown because of the fact that our client had only one public IP address at the time, but had to run multiple sites. Rather than running the sites in IIS on different ports, we setup the Apache2 to proxy requests to the IIS back-end, so the sites were accessible by means of sub-urls.
E.g.:

http://myserver/mysubdomain1/ -> http://internal-ip:my-port/

For this, we used mod_proxy, and the ProxyPass and ProxyPassReverse.

Lately, our client complained o  ...
 
OpenVPN on Vista: issues
by lunarg on May 21st 2007, at 17:59
Running OpenVPN on Vista, works, but requires some workarounds.
Current list of issues:

connection gets established, but route addition fails with route addition failed usingCreateIpForwardEntryRead further for the solutions...

This problem always occurs on a Vista. What happens is that while the connection does get established, the routes are not being added properly, because of an API change in Vista.
To circumvent the issue, add this line to your OpenVPN config file:

route-method exe

This way, the route addition is called directly using the commandline utility.

  ...
 
Upgrading your OpenWRT to rc6
by lunarg on January 31st 2007, at 20:50
Did an upgrade of my Linksys WRT54GL to the latest OpenWRT firmware. These are roughly the steps I followed.

My old firmware was a OpenWRT rc5, default release. For my new firmware, I used the ImageBuilder to create a more customized firmware with a lot of packages (such as ntpclient, openvpn, nas, gpio, ...) preinstalled in the squashfs image. I left the new Webif^2 out on purpose, as it's updated at a fair regular base. The image (which has it's build list attached) is called cad, which is because I originally selected it for use with routers at work.

Anyway, updating my WRT54GL, was not a  ...
 
 
showing posts tagged with 'network'
 
 
« September 2010»
SunMonTueWedThuFriSat
   1234
567891011
12131415161718
19202122232425
2627282930  
 
Links
 
Quote
« If the world were to be drugs-free, people would find other ways to get high. »
one of Chris Rock's comedy shows