Grep a log file and send output to mail
This is a small script that looks for a string in a log file and then the string is found, sents by mail the output
-This example is for Smoothwall, in which i run Guardian Active response and i wanted to know who is blocked
-Place it in your rc.local, reboot and check your mailbox
#!/bin/bash
EMAILADDRESS="[email protected]"
EMAILSUBJECT="Guardian On Firewall "
MESSAGEBODY="/tmp/alert.txt"
##Select you log file
#tail -f /var/log/messages | while read LINE
tail -f /var/log/guardian/guardian.log | while read LINE
do
#Select the string
if [ `echo $LINE | grep -c "blocked"` -gt 0 ]
# if [ `echo $LINE | grep -c "eth"` -gt 0 ]
then
echo "Guardian actions:" > $MESSAGEBODY
#Insert some text before the output
echo $LINE >> $MESSAGEBODY
# echo "Guardian done it again !" >> $MESSAGEBODY
#Here i use sendEmail from Smoothwall, you can use you own sendmail/mail commands
sendEmail -f -u "$EMAILSUBJECT" -t -s smtp.gmail.com:587 -xu [email protected] -xp password < $MESSAGEBODY
# fi
done
Fail2Ban and Zimbra
After following several guides i faced an issue with the mail reporting.
Since sendmail provided by zimbra doesn’t work with the same parameters like the default sendmail i modified the mail function of Fail2Ban.
– I have enabled only notifications for Webmail/Webadmin login attemps
For Red Hat /CentOS you will need EPEL Repo
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
OpenVPN Site-to-Site
This is a small how-to for OpenWRTs running OpenVPN and connecting them by creating a site-to-site VPN tunnel.
-We assign 2 IPs, one for each tun0 interface on each router
-This guide assumes that you have already install openvpn packages on both devices
-In this guide A router has 192.168.10.x network and 192.168.251.1 IP in tun0 interface, and router B has 192.168.22.x network with 192.168.251.2 IP in tun0 interface.
-You will need the file /etc/openvpn/static.key or generate a new one in one router and copy it to the other.
-Port 1195-1194 can be changed
-You can have multiple blocks of configuration in OpenVPN, one for Road Warriors (see here) and the one documented here.
-Follow the guide here for installing Open VPN and configuring the interfaces tun0/tun1 etc
Router A
config 'openvpn' 'site-to-site'
option 'enable' '1'
option 'port' '1195'
option 'proto' 'udp'
option 'dev' 'tun'
option 'secret' '/etc/openvpn/static.key'
option 'ifconfig' '192.168.251.1 192.168.251.2' #this device tun0 / remote device tun0
option 'keepalive' '10 120'
option 'comp_lzo' '1'
option 'verb' '10'
option 'float' '1'
option 'local' '192.168.10.1 1195'
option 'remote' 'remote.host.name 1194'
Add to /etc/firewall.user
iptables -t nat -A prerouting_wan -p udp --dport 1195 -j ACCEPT
iptables -A input_wan -p udp --dport 1195 -j ACCEPT
iptables -I INPUT -i tun+ -j ACCEPT
iptables -I FORWARD -i tun+ -j ACCEPT
iptables -I OUTPUT -o tun+ -j ACCEPT
iptables -I FORWARD -o tun+ -j ACCEPT
Add a static route between the 2 LANs
route add -net netmask 255.255.255.0 gw 192.168.251.2
Router B
config 'openvpn' 'Site-to-site2'
option 'enabled' '1'
option 'dev' 'tun'
option 'ifconfig' '192.168.251.2 192.168.251.1'#this device tun0 / remote device tun0
option 'secret' '/etc/openvpn/remote.key'
option 'keepalive' '10 120'
option 'comp_lzo' '1'
option 'persist_key' '1'
option 'persist_tun' '1'
option 'verb' '3'
Add to /etc/firewall.user
iptables -t nat -A prerouting_wan -p udp --dport 1194 -j ACCEPT
iptables -A input_wan -p udp --dport 1194 -j ACCEPT
iptables -I INPUT -i tun+ -j ACCEPT
iptables -I FORWARD -i tun+ -j ACCEPT
iptables -I OUTPUT -o tun+ -j ACCEPT
iptables -I FORWARD -o tun+ -j ACCEPT
Add a static route between the 2 LANs
route add -net netmask 255.255.255.0 gw 192.168.251.1
Zero config VPN setup for OpenWRT
Solaris LDOMs
How to replace boot disk on Solaris T2000
On OK prompt:
<ok> select /[email protected]/[email protected]/[email protected]/[email protected] scsi-pci1000,56 LSI,1064E scsi-pci1000,56 ?
|—————-controller———| |—alias1——–| |–alias2–| |—alias3——–| ?
<ok> show-volumes
(Here we should have the list of RAID Volumes)
<ok> 0 activate-volume
(activates the selected volume)
<ok> boot
OpenVPN Road Warriors on OpenWRT (12.09 – 18.06.1)
Update and install OpenVPN and EasyRSA
opkg update
opkg install openvpn openvpn-easy-rsa
Edit /etc/easy-rsa/vars and at the end of the file fill the variables
Generate the keys/certificates for OpenVPN
build-ca
build-dh
build-key-server server
Generate the keys/certificates for OpenVPN (18.06.1)
cd /etc/easy-rsa/
easy-rsa init.pki
easy-rsa build-ca
easy-rsa build-dh
TP-Link TL-WR1043ND Multiwan (3 WAN interfaces)
TP-Link WR1043ND v2 VLAN/ Switch Config on Open WRT
After a lot of research and some help from here i configured and split the hardware switch
Extra notes:
Note 1: I not 100% sure, but if you change the WAN from VLAN 2 things are not working…
Note 2: The eth1.X should match the VLAN ID ( i didn’t know that, so it might help someone )
Note 3: Running BARRIER BREAKER (Bleeding Edge, r39319)
Note 4: If you keep the reset button (WPS/Reset) for more that 15″ the device resets to defaults (IP 192.168.1.1, telnet enabled )
Continue reading