Skip to content

Tips & Tricks

Jump to bottom
wifiBlocker EUROPE edited this page Dec 27, 2024 · 52 revisions

Switch to modem version

In case user wants to switch from Router to Modem version, he should run below script followed by reboot:

/var/www/localhost/cgi-bin/modem/switch_to_modem.sh

Create a limited user

sudo adduser limiteduser --shell=/bin/false --no-create-home

Add below lines in /etc/ssh/sshd_config

Match user limiteduser
   ForceCommand /bin/false

Resize the partition

apk add --no-cache e2fsprogs-extra

resize2fs /dev/mmcblk0p2

The partition will be resized to maximum size

----------------------------//-----------------------------

iptables and ip6tables

List:

iptables -t nat -v -L -n --line-number

ip6tables -t nat -v -L -n --line-number

Delete rule:

 iptables -t nat -D POSTROUTING 2

 ip6tables -t nat -D POSTROUTING 2

Enable IPv6 traffic on a Linux host attached to iBlocker Access Point:

ifconfig wlan0 inet6 add fdda:8765:4321:fdda::199/64    - replace wlan0 with Linux host interface and :199 with your desired number
ping6 fdda:8765:4321:fdda::1      - iBlocker wlan0 IPv6
ip -6 route list
ip -6 route add default via fdda:8765:4321:fdda::1
ping6 google.com

----------------------------//-----------------------------

Alpine IMAGES

Backup the 2 partitions from SD card to .img files

 dd bs=4M if=/dev/sdb1 of=Alpine_sdb1.img

 dd bs=4M if=/dev/sdb2 of=Alpine_sdb2.img

Write the .img files to a new SD card, formatted with 2 partitions: sdb1=FAT32, 400 MB, and sdb2=ext4, the rest of the card

   dd if=Alpine_sdb1.img of=/dev/sdb1 bs=4M

   dd if=Alpine_sdb2.img of=/dev/sdb2 bs=4M

----------------------------//-----------------------------

Grep

grep -v '^#' hostapd.conf
  • print file without lines starting with #

----------------------------//-----------------------------

SSH

rm -rf /root/.ssh

rm -rf /home/iblocker/.ssh/

rm -rf /var/www/.ssh/

ssh-keygen -t rsa -q -f "/root/.ssh/id_rsa" -N ""

cp /root/.ssh/id_rsa.pub /root/.ssh/authorized_keys

ssh -o StrictHostKeyChecking=no root@localhost "exit"

cp /root/.ssh /var/www -R

cp /root/.ssh /home/iblocker -R

chown iblocker:iblocker /home/iblocker/.ssh -R

chmod 755  /var/www/.ssh/

chmod 755  /var/www/.ssh/*

chown apache:apache /var/www/.ssh -R

chown root:root /var/www/.ssh/*

chmod 755  /var/www/.ssh/*

ssh-keyscan -H localhost  >> /var/www/.ssh/known_hosts

Check: ssh root@localhost

----------------------------//-----------------------------

Enable Auth Log

apk add --no-cache syslog-ng

Add below lines at the end of /etc/syslog-ng/syslog-ng.conf

filter f_auth { facility(auth); };
log { source(src); filter(f_auth); destination(auth_log); };

Change permissions and restart the service:

chmod 640 /var/log/auth.log
rc-service syslog restart

Verify log: tail -f /var/log/auth.log

----------------------------//----------------------------

DNS ISSUE - "request is not signed"

Solution:

systemctl stop named.service

rm -r /var/cache/bind/*

systemctl start named.service

----------------------------//-----------------------------

SET TIME

date --set="2024-08-14 10:07:00"

Wed Aug 14 10:07:00 CEST 2024

hwclock --systz

In case time is de-synchronized, comment out the below line from /etc/conf.d/syslog:

SYSLOGD_OPTS="-t"

or configure chrony as below: vi /etc/chrony/chrony.conf and add below lines:

 pool pool.ntp.org iburst
    initstepslew 10 pool.ntp.org
    driftfile /var/lib/chrony/chrony.drift
    rtcsync

and restart service: rc-service chronyd restart

add command chattr +i /etc/chrony/chrony.conf

----------------------------//-----------------------------

Disable service

 rc-update del acpid

----------------------------//-----------------------------

Enable service

apk add dhcpcd  - for IPv6 on eth0 or usb0

rc-update add dhcpcd

rc-service  dhcpcd start

rc-status

----------------------------//----------------------------

SED

sed -E '/(^$|^#)/d' input.file > input1.file
  • delete lines containing # as first character and empty lines
sed '/^$/d' <input-file>
  • delete empty lines from file

----------------------------//----------------------------

Recreate Docker container

docker-compose down  encryptor
docker-compose down  messenger

docker-compose up -d  encryptor
docker-compose up -d  messenger

*enrcryptor and messenger are declared as services in docker-compose.yml ----------------------------//----------------------------

ffmpeg

Convert .avi to .mp4

 ffmpeg -i single-cam.avi -c:v libx264 -crf 18 -c:a aac -b:a 128k single-cam.mp4

----------------------------//----------------------------

Contact: office@2transfer.eu

Copyright © IBlocker.eu project. Proudly powered by Open Source software. Copyright Notice | Terms of Service | Privacy Policy

© Design: www.iblocker.eu

Clone this wiki locally