All posts by nobby

IPIP6 Tunnel

by nobby Linux
Access from '216.73.216.198'
It is 08:48 UTC now.

Step A: Configure the Local Host

  • Local outer IPv6 address: 2001:db8:a::1
  • Remote outer IPv6 address: 2001:db8:b::2
  • Inside/Tunnel IPv4 subnet: 10.0.0.0/24
  • Local tunnel IPv4 address: 10.0.0.1
 # 1. Create the ipip6 tunnel interface
ip tunnel add tun1 mode ipip6 remote 2001:db8:b::2 local 2001:db8:a::1

# 2. Assign an IPv4 address to the tunnel
ip addr add 10.0.0.1/24 dev tun1

# 3. Bring the tunnel interface up
ip link set dev tun1 up

# 4. Optional: Route remote network traffic through the tunnel
ip route add 10.0.1.0/24 dev tun1

Step B: Configure the Remote Endpoint

On the remote side (e.g., the VPS), reverse the local and remote endpoints.
# 1. Create the ipip6 tunnel interface with swapped IPs
ip tunnel add tun1 mode ipip6 remote 2001:db8:a::1 local 2001:db8:b::2

# 2. Assign an IPv4 address to the tunnel
ip addr add 10.0.0.2/24 dev tun1

# 3. Bring the tunnel up
ip link set dev tun1 up

# 4. Optional: Route local network traffic through the tunnel
ip route add 10.0.0.0/24 dev tun1

Step C: MTU Considerations

Because IPv6 headers take up more space (40Byte) than standard IPv4 headers, standard 1500 MTU packets may cause fragmentation or silent drops if not adjusted. It is highly recommended to explicitly set a smaller MTU on the tunnel.
However you chose Netplan, Do not need mtu adjustment.
ip link set dev tun1 mtu 1440

Step D: 2nd or more 3….. Remote 

# connect more other remote IPv6 address.
ip addr add 2001:db8:a::2 dev tun1

Generate QR Code for WiFi

by nobby Linux, Network, Ubuntu
  1.  install ‘qrencode’ command.
    $ sudo apt install qrencode
  2. generate QR code png
    $ qrencode -o image.png 'WIFI:T:WPA;S:SSID;P:PASSWORD;;'
Parameter Example Description
T WPA Authentication type; can be WEP or WPA, or leave empty for no password.
S SSID Network SSID. Required.
P pasXXXX Password, ignored if T is left blank.
H true Optional. True if the network SSID is hidden.

Install Nextcloud on Ubuntu 20.04

by nobby 未分類

Snaps are discoverable and installable from the Snap Store, an app store with an audience of millions.

  1. install nextcloud from snap package.
    $ sudo snap install nextcloud
  2. Check nextcloud information.
    $ snap info nextcloud
  3. Get connections list
    $ snap connections nextcloud
  4. Setup Next Cloud by new admin. user.
    $ sudo nextcloud.manual-install 'admin user' 'admin password'
  5. Setup fqdn hostname.
    $ sudo nextcloud.occ config:system:set trusted_domains 1 --value=example.com
  6. Conform domains. 
    $ sudo nextcloud.occ config:system:get trusted_domains
  7. ufw & SSL (TLS) cert. setup.
    $ ufw allow 80
$ ufw allow 443
    and then
    $ sudo nextcloud.enable-https lets-encrypt
  8. Finally check NextCloud functional.
    access Next Cloud !

Change ssh port , CentOS 8

by nobby CentOS, Linux

Cent OS support firewall-cmd & SeLinux, Its environment understood not easily. 
ssh port changing is very easy !
Edit /etc/ssh/sshd_config. Find “# Port 22″ and change to Port xxxx” (xxxx is your specified).

# If you want to change the port on a SELinux system, you have to tell
# SELinux about this change.
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
Port xxxx <--- Change your specified port number.
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

if execute “sudo systemctl restart sshd.service”, you can find error messages. And execute “sudo systemctl status sshd.service”

 sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset:
 enabled)
   Active: activating (auto-restart) (Result: exit-code) since Sat 2019-12-07 20
:37:23 EST; 33s ago
     Docs: man:sshd(8)
           man:sshd_config(5)
  Process: 3016 ExecStart=/usr/sbin/sshd -D $OPTIONS $CRYPTO_POLICY (code=exited
, status=255)
 Main PID: 3016 (code=exited, status=255)

Dec 07 20:37:23 red systemd[1]: sshd.service: Failed with result 'exit-code'.
Dec 07 20:37:23 red systemd[1]: Failed to start OpenSSH server daemon.

You have to do 2 things.

  1. ssh service redefine.
  2. selinux setting.

 

Step1: Edit /usr/lib/firewalld/services/ssh.xml

<service>
  <short>SSH</short>
  <description>Secure Shell (SSH) is a protocol for logging into and executing commands on remote machines. It provides secure encrypted communications. If you plan on accessing your machine remotely via SSH over a firewalled interface, enable this option. You need the openssh-server package installed for this option to be useful.</description>
  <port protocol="tcp" port="22"/>  <--- Change your specified port number.
</service>

Step 2: Execute following commands.

# semanage port -a -t ssh_port_t -p tcp xxxx <--- Change your specified port number.

 

Check & Restart openssh-server !

Ubuntu 18.04 phpmyadmin error

by nobby 未分類

Browse data issues

Edit /usr/share/phpmyadmin/libraries/sql.lib.php
Line 613

        && ((empty($analyzed_sql_results['select_expr']))
            || (count($analyzed_sql_results['select_expr'] == 1)
                && ($analyzed_sql_results['select_expr'][0] == '*')))
        && count($analyzed_sql_results['select_tables']) == 1;

Change Red to Blue

        && ((empty($analyzed_sql_results['select_expr']))
            || ((count($analyzed_sql_results['select_expr']) == 1)
                && ($analyzed_sql_results['select_expr'][0] == '*')))
        && count($analyzed_sql_results['select_tables']) == 1;

Import/Export issues

Edit /usr/share/phpmyadmin/libraries/plugin_interface.lib.php
Line 551


      $no_options = true;
      if ($options != null && count($options) > 0) {
            foreach ($options->getProperties()

Change Red to Blue

      $no_options = true;
      if (! is_null($options) && count((array)$options) > 0) {
            foreach ($options->getProperties()

Setup OneDrive in Ubuntu 18.04

by nobby Linux, Ubuntu

Install OneDrive deb package.

$ sudo apt install onedrive

Sync OneDrive on user directory.

$ onedrive
Authorize this app visiting:

https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=xxxxxxxxxxxxxxxxxxxxxxxx&scope=files.readwrite%20files.readwrite.all%20offline_access&response_type=code&redirect_uri=https://login.microsoftonline.com/common/oauth2/nativeclient

Login to Your OneDrive Account then copy displayed URL of white page.
Paste to excution terminal.

enable user systemctl (daemonic).

After syncing, execute following daemon

$ systemctl --user enable onedrive
$ systemctl --user start onedrive

Reset Account or Change password or Login ID

$ systemctl --user stop onedrive

If do not need backup

$ rm -r .config/onedrive

else

$ mv .config/onedrive 'backup directory/'

reexcute ‘onedrive’ after these step.

Ubuntu LTS update

by nobby Linux, Ubuntu

Release upgrade

ex. 18.04.x -> 20.04

$ sudo do-release-upgrade -d

Minor upgrade 16.04.x -> 16.04.3

ex. 16.04.2 -> 16.04.3
20.04, Not available now.(June 10)

DeskTop:

$ sudo apt install --install-recommends linux-generic-hwe-16.04 xserver-xorg-hwe-16.04

Server:

$ sudo apt install --install-recommends linux-generic-hwe-16.04

Ubuntu 18.04 network setting

by nobby Linux, Ubuntu

Use Netplan

Put under directory ‘/etc/netplan/’.
example; 50-cloud-init.yaml
After Edit, command “netplan”  for checking option “netplan try” and for actual seting “netplan apply”.

To let the interface named ‘enp2s0’ get an address via DHCP:

network
  version: 2
  renderer: networkd
  ethernets:
    enp3s0:
      dhcp4: true

To instead set a static IP address, use the addresses key, which takes a list of (IPv4 or IPv6), addresses along with the subnet prefix length (e.g. /24). Gateway and DNS information can be provided as well:

network:
    ethernets:
        enp2s0:
            dhcp4: no
            dhcp6: no
            addresses: [192.168.1.20/24]
            gateway4: 192.168.1.1
            nameservers:
                    addresses: [192.168.1.1]
#if use static route
            routes:
            - to: 192.168.11.0/24
                via: 192.168.1.254
    version: 2

Connecting to an open wireless network

Netplan easily supports connecting to an open wireless network (one that is not secured by a password), only requiring that the access point is defined:

network:
  version: 2
  wifis:
    wlp1s0:
      access-points:
        opennetwork: {}
      dhcp4: yes

Connecting to a WPA Personal wireless network

Wireless devices use the ‘wifis’ key and share the same configuration options with wired ethernet devices. The wireless access point name and password should also be specified:

network:
  version: 2
  renderer: networkd
  wifis:
    wlp2s0:
      dhcp4: no
      dhcp6: no
      addresses: [192.168.0.21/24]
      gateway4: 192.168.0.1
      nameservers:
        addresses: [192.168.0.1, 8.8.8.8]
      access-points:
        "network_ssid_name":
          password: "**********"

Connecting to WPA Enterprise wireless networks

It is also common to find wireless networks secured using WPA or WPA2 Enterprise, which requires additional authentication parameters.

For example, if the network is secured using WPA-EAP and TTLS:

network:
  version: 2
  wifis:
    wlp2s0:
      access-points:
        workplace:
          auth:
            key-management: eap
            method: ttls
            anonymous-identity: "@internal.ntools.net"
            identity: "man@internal.example.com"
            password: "sOPsw1Yas"
      dhcp4: yes

Using multiple addresses on a interface

The addresses key can take a list of addresses to assign to an interface:

network:
  version: 2
  renderer: networkd
  ethernets:
    enp3s0:
     addresses:
       - 10.100.1.38/24
       - 10.100.1.39/24
     gateway4: 10.100.1.1

Interface aliases (e.g. eth0:0) are not supported.

Using multiple addresses with multiple gateways

Similar to the example above, interfaces with multiple addresses can be configured with multiple gateways.

network:
  version: 2
  renderer: networkd
  ethernets:
    enp3s0:
     addresses:
       - 9.0.0.9/24
       - 10.0.0.10/24
       - 11.0.0.11/24
     #gateway4:    # unset, since we configure routes below
     routes:
       - to: 0.0.0.0/0
         via: 9.0.0.1
         metric: 100
       - to: 0.0.0.0/0
         via: 10.0.0.1
         metric: 100
       - to: 0.0.0.0/0
         via: 11.0.0.1
         metric: 100

Configuring interface bonding

Bonding is configured by declaring a bond interface with a list of physical interfaces and a bonding mode. Below is an example of an active-backup bond that uses DHCP to obtain an address:

network:
    bonds:
        bond0:
            addresses:
            - 192.168.1.5/24
            gateway4: 192.168.1.1
            interfaces:
            - enp1s0
            - enp2s0
            nameservers:
                addresses:
                - 192.168.1.1
                search:
                - ntools.net
            parameters:
                mode: balance-rr
                primary: enp1s0
    ethernets:
        enp1s0: {}
        enp2s0: {}
    version: 2

Below is an example of a system acting as a router with various bonded interfaces and different types. Note the ‘optional: true’ key declarations that allow booting to occur without waiting for those interfaces to activate fully.

network:
  version: 2
  renderer: networkd
  ethernets:
    enp1s0:
      dhcp4: no
    enp2s0:
      dhcp4: no
    enp3s0:
      dhcp4: no
      optional: true
    enp4s0:
      dhcp4: no
      optional: true
    enp5s0:
      dhcp4: no
      optional: true
    enp6s0:
      dhcp4: no
      optional: true
  bonds:
    bond-lan:
      interfaces: [enp2s0, enp3s0]
      addresses: [192.168.93.2/24]
      parameters:
        mode: 802.3ad
        mii-monitor-interval: 1
    bond-wan:
      interfaces: [enp1s0, enp4s0]
      addresses: [192.168.1.252/24]
      gateway4: 192.168.1.1
      nameservers:
        search: [ntools.net]
        addresses: [8.8.8.8, 8.8.4.4]
      parameters:
        mode: active-backup
        mii-monitor-interval: 1
        gratuitious-arp: 5
    bond-conntrack:
      interfaces: [enp5s0, enp6s0]
      addresses: [192.168.254.2/24]
      parameters:
        mode: balance-rr
        mii-monitor-interval: 1

Configuring network bridges

To create a very simple bridge consisting of a single device that uses DHCP, write:

network:
  version: 2
  renderer: networkd
  ethernets:
    enp3s0:
      dhcp4: no
  bridges:
    br0:
      dhcp4: yes
      interfaces:
        - enp3s0

A more complex example, to get libvirtd to use a specific bridge with a tagged vlan, while continuing to provide an untagged interface as well would involve:

network:
  version: 2
  renderer: networkd
  ethernets:
    enp0s25:
      dhcp4: true
  bridges:
    br0:
      addresses: [ 10.3.99.25/24 ]
      interfaces: [ vlan15 ]
  vlans:
    vlan15:
      accept-ra: no
      id: 15
      link: enp0s25

 

Proxy used

edit /etc/environment

example; LAN

http_proxy="http://192.168.1.1:8080/"
https_proxy="http://192.168.1.1:8080/"
no_proxy=localhost,127.0.0.1,192.168.0.0/16

 

example; external proxy

http_proxy="http://[user:password@]host.xxxx.net:8080/"
https_proxy="http://[user:password@]host.xxxx.net:8080/"
no_proxy=localhost,127.0.0.1,192.168.0.0/16

 

 

EZpad 6 Pro + SDD

by nobby Hardware

Do you think 64GB storage, is it enough ?

If it is for only “Office 2016” , I think it is enough storage capacity. However when go on business trip, I wanna sea my favorite movies and listen music. And if have to make software ….

I found EZpad 6s Pro model !  What’s different ?? It is only one, EZpad 6s Pro has SATA SSD.

I thought ‘6 pro’ has SATA socket. Actually , exists M.2 SATA (NGFF) for 2245 or 2260 SSD. Resultly my EZpad 6 Pro became high specification EZpad 6s Pro, 256GB SSD + 64GB eMMC.

However it is not easy, opening EZpad 6 Pro tablet PC. A reference video is https://www.youtube.com/watch?v=GjlcoRpHdCI.