-
Notifications
You must be signed in to change notification settings - Fork 0
Tips & Tricks
In case user wants to switch from Router to Modem version, he should run below script followed by reboot:
/var/www/localhost/cgi-bin/modem/switch_to_modem.sh
sudo adduser limiteduser --shell=/bin/false --no-create-home
Add below lines in /etc/ssh/sshd_config
Match user limiteduser
ForceCommand /bin/false
apk add --no-cache e2fsprogs-extra
resize2fs /dev/mmcblk0p2
The partition will be resized to maximum size
----------------------------//-----------------------------
List:
iptables -t nat -v -L -n --line-number
ip6tables -t nat -v -L -n --line-number
Delete rule:
iptables -t nat -D POSTROUTING 2
ip6tables -t nat -D POSTROUTING 2
Enable IPv6 traffic on a Linux host attached to iBlocker Access Point:
ifconfig wlan0 inet6 add fdda:8765:4321:fdda::199/64 - replace wlan0 with Linux host interface and :199 with your desired number
ping6 fdda:8765:4321:fdda::1 - iBlocker wlan0 IPv6
ip -6 route list
ip -6 route add default via fdda:8765:4321:fdda::1
ping6 google.com
----------------------------//-----------------------------
cat /sys/class/net/eth0/operstate
Check since eth0 is up (in seconds):
expr $(echo $(date +%s) - $(date -d "`grep 'eth0: leased' /var/log/messages | tail -1 | awk '{print $1, $2, $3}'`" +%s))
----------------------------//-----------------------------
Backup the 2 partitions from SD card to .img files
dd bs=4M if=/dev/sdb1 of=Alpine_sdb1.img
dd bs=4M if=/dev/sdb2 of=Alpine_sdb2.img
Write the .img files to a new SD card, formatted with 2 partitions: sdb1=FAT32, 400 MB, and sdb2=ext4, the rest of the card
dd if=Alpine_sdb1.img of=/dev/sdb1 bs=4M
dd if=Alpine_sdb2.img of=/dev/sdb2 bs=4M
----------------------------//-----------------------------
grep -v '^#' hostapd.conf - print file without lines starting with #
----------------------------//-----------------------------
rm -rf /root/.ssh
rm -rf /home/iblocker/.ssh/
rm -rf /var/www/.ssh/
ssh-keygen -t rsa -q -f "/root/.ssh/id_rsa" -N ""
cp /root/.ssh/id_rsa.pub /root/.ssh/authorized_keys
ssh -o StrictHostKeyChecking=no root@localhost "exit"
cp /root/.ssh /var/www -R
cp /root/.ssh /home/iblocker -R
chown iblocker:iblocker /home/iblocker/.ssh -R
chmod 755 /var/www/.ssh/
chmod 755 /var/www/.ssh/*
chown apache:apache /var/www/.ssh -R
chown root:root /var/www/.ssh/*
chmod 755 /var/www/.ssh/*
ssh-keyscan -H localhost >> /var/www/.ssh/known_hosts
Check: ssh root@localhost
----------------------------//-----------------------------
apk add --no-cache syslog-ng
Add below lines at the end of /etc/syslog-ng/syslog-ng.conf
filter f_auth { facility(auth); };
log { source(src); filter(f_auth); destination(auth_log); };
Change permissions and restart the service:
chmod 640 /var/log/auth.log
rc-service syslog restart
Verify log: tail -f /var/log/auth.log
----------------------------//----------------------------
Solution:
systemctl stop named.service
rm -r /var/cache/bind/*
systemctl start named.service
----------------------------//-----------------------------
date --set="2024-08-14 10:07:00"
Wed Aug 14 10:07:00 CEST 2024
hwclock --systz
In case time is de-synchronized, comment out the below line from /etc/conf.d/syslog:
SYSLOGD_OPTS="-t"
or configure chrony as below:
vi /etc/chrony/chrony.conf and add below lines:
pool pool.ntp.org iburst
initstepslew 10 pool.ntp.org
driftfile /var/lib/chrony/chrony.drift
rtcsync
and restart service: rc-service chronyd restart
add command chattr +i /etc/chrony/chrony.conf
----------------------------//-----------------------------
rc-update del acpid
----------------------------//-----------------------------
apk add dhcpcd - for IPv6 on eth0 or usb0
rc-update add dhcpcd
rc-service dhcpcd start
rc-status
----------------------------//----------------------------
sed -E '/(^$|^#)/d' input.file > input1.file - delete lines containing # as first character and empty lines
sed '/^$/d' <input-file> - delete empty lines from file
sed -i '/width/c\width 1920' /usr/local/etc/motion/motion.conf - replace line containing width... with line width 1920
sed -i '/EOF/d' /etc/network/interfaces - delete lines containing EOF
sed -i ‘/DAEMON_CONF/c\DAEMON_CONF=“/etc/hostapd/hostapd.conf”’ /etc/init.d/hostapd
sed -i ‘/#net.ipv4.ip_forward=1/c\net.ipv4.ip_forward=1’ /etc/sysctl.conf
----------------------------//----------------------------
Convert .avi to .mp4
ffmpeg -i single-cam.avi -c:v libx264 -crf 18 -c:a aac -b:a 128k single-cam.mp4
----------------------------//----------------------------
openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout server.key -out server.crt -subj '/C=XX/ST=XX/L=YYY/O=abcd.eu'
mv server.key server.crt /etc/apache2/conf.d/
Add below lines to http.conf:
<VirtualHost *:443>
DocumentRoot "/var/www/localhost/htdocs/"
ServerName dev
SSLEngine on
SSLCertificateFile "/etc/apache2/conf.d/server.crt"
SSLCertificateKeyFile "/etc/apache2/conf.d/server.key"
</VirtualHost>
Install apk add apache2-ssl
Restart Apache:
rc-service apache2 restart
Check expiration:
openssl x509 -in server.crt -text -noout -dates
View the contents of our certificate in plain text:
openssl x509 -text -noout -in server.crt
----------------------------//----------------------------
In order to restrict the access to an Apacher web page located for example in ..videos/folder, follow the below steps:
Install the apache2-utils: apk add apache2-utils
Add below lines in /etc/apache2/httpd.cnf:
<Directory "/var/www/localhost/htdocs/dpnet/videos/folder">
AuthType Basic
AuthName "restricted area"
AuthUserFile /var/www/localhost/htdocs/dpnet/videos/folder/.htpasswd
require valid-user
</Directory>
Launch below command:
htpasswd -c /var/www/localhost/htdocs/dpnet/videos/folder/.htpasswd iblocker
File .htpasswd would be created, then restart Apache server: rc-service apache2 restart
----------------------------//----------------------------
nmap -v -sn 192.168.100.0/24
Contact: office@2transfer.eu
Copyright © IBlocker.eu project. Proudly powered by Open Source software. Copyright Notice | Terms of Service | Privacy Policy
© Design: www.iblocker.eu