L2TP over IPsec on Cisco IOS Router

Posted: 15th Сентябрь 2016 by shmyak in Пингвин

Configuration on Cisco IOS router:

version 12.4

!

hostname L2TP

!

!

aaa new-model

!

!

aaa authentication ppp VPDN_AUTH local

!

!

vpdn enable

!

vpdn-group L2TP

! Default L2TP VPDN group

accept-dialin

protocol l2tp

virtual-template 1

no l2tp tunnel authentication

!

!

!

username cisco privilege 15 password 0 cisco

!

!

crypto isakmp policy 1

encr 3des

hash sha

authentication pre-share

group 2

lifetime 86400

!

!

crypto isakmp key cisco123 address 0.0.0.0 0.0.0.0

!

!

crypto ipsec transform-set L2TP-Set2 esp-3des esp-sha-hmac

mode transport

!

crypto dynamic-map dyn-map 10

set nat demux

set transform-set L2TP-Set2 L2TP-Set

!

!

crypto map outside_map 65535 ipsec-isakmp dynamic dyn-map

!

!

!

interface Loopback0

ip address 192.168.47.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface Loopback1

description loopback for IPsec-pool

ip address 1.1.1.11 255.255.255.255

!

interface FastEthernet0/0

ip address 47.47.47.2 255.255.255.0

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

crypto map outside_map

!

!

interface Virtual-Template1

ip unnumbered Loopback1

peer default ip address pool l2tp-pool

ppp authentication ms-chap-v2 VPDN_AUTH

!

!

!

ip local pool l2tp-pool 1.1.1.1 1.1.1.10

ip route 0.0.0.0 0.0.0.0 47.47.47.1

!

ip nat inside source list NAT interface FastEthernet0/0 overload

!

ip access-list extended NAT

deny ip 192.168.47.0 0.0.0.255 1.1.1.0 0.0.0.255

permit ip 192.167.47.0 0.0.0.255 any

!

!

!

End

 

https://supportforums.cisco.com/document/9878401/l2tp-over-ipsec-cisco-ios-router-using-windows-8

mjpg-streamer. snapshot.

Posted: 26th Август 2016 by shmyak in Пингвин

script:

#!/bin/bash

filename=$(perl -e «print time»)
foldername=$(date —rfc-3339=date)

curl «http://127.0.0.1:8080/?action=snapshot» > $filename
timestamp=stat -c %y $filename

if ! [ -d/path/to/dir/$foldername ]; then
mkdir /path/to/dir/$foldername
fi

### timestamp
convert $filename -fill black -fill white -pointsize 15 -draw  «text 5,15 ‘${timestamp:0:19}'»/path/to/dir/$foldername/$filename.jpg
###

rm $filename

 

add to crontab:

*/1     *       *       *       *       /snapshot.sh >/dev/null 2>&1

 
Convert to videofile:

ffmpeg -framerate 10 -pattern_type glob -i «*.jpg» out.mkv

Raspberry Pi. mjpg-streamer

Posted: 25th Август 2016 by shmyak in Пингвин

mjpg-streamer.tar

(from http://lilnetwork.com/download/raspberrypi/mjpg-streamer.tar.gz)

sudo apt-get update
sudo apt-get install libv4l-dev libjpeg8-dev subversion imagemagick

sudo ln -s /usr/include/linux/videodev2.h /usr/include/linux/videodev.h

svn co https://svn.code.sf.net/p/mjpg-streamer/code/mjpg-streamer/ mjpg-streamer

cd mjpg-streamer/
make USE_LIBV4L2=true clean all
sudo make DESTDIR=/usr install

sudo cp mjpg_streamer /usr/local/bin
sudo cp -R www /usr/local/www

mjpg_streamer -i «/usr/lib/input_uvc.so -d /dev/video0 -y -r 1280×720 -q 95 -f 4 -l auto» -o «/usr/lib/output_http.so -p 8080 -w /usr/local/www -c user:id»
Не забываем про кривое отображение кавычек и «Х»

sudo mcedit /etc/init.d/mjpg_streamkick

#! /bin/sh
# /etc/init.d/mjpg_streamkick

# Carry out specific functions when asked to by the system
case «$1» in
start)
echo «Starting mjpg_streamkick script»
export LD_LIBRARY_PATH=/usr/local/bin
mjpg_streamer -i «/usr/lib/input_uvc.so -d /dev/video0 -y -r 1280×720 -q 95 -f 4 -l auto» -o «/usr/lib/output_http.so -p 8080 -w /usr/local/www -c user:id» &
;;
stop)
echo «Stopping webcam script»
killall mjpg_streamer
;;
*)
echo «Usage: /etc/init.d/mjpg_streamkick {start|stop}»
exit 1
;;
esac

exit 0
sudo chmod 755 /etc/init.d/mjpg_streamkick
sudo update-rc.d mjpg_streamkick defaults

 

 

mjpg_streamer -i /usr/lib/input_uvc.so -d /dev/video0 -y -r 716×537 -q 90 -f 24 -l auto -o /usr/lib/output_http.so -p 8080 -w /usr/local/www -c usr:pwd

by danjperron

https://www.raspberrypi.org/forums/viewtopic.php?t=48597

I have apache installed. If you don’t: sudo apt-get install apache2.

cd /usr/lib/cgi-bin

# Make a file and let everyone execute it
sudo touch test.sh && chmod a+x test.sh
Then put the some code in the file. For example:

#!/bin/bash
# get today’s date
OUTPUT=»$(date)»
# You must add following two lines before
# outputting data to the web browser from shell
# script
echo «Content-type: text/html»
echo «»
echo «<html><head><title>Demo</title></head><body>»
echo «Today is $OUTPUT <br>»
echo «Current directory is $(pwd) <br>»
echo «Shell Script name is $0»
echo «</body></html>»

We also have to enable mod_cgi a2enmod cgi if not already enabled

 

cat /etc/rc.local

echo «4» > /sys/class/gpio/export
echo «out» > /sys/class/gpio/gpio4/direction
echo «1» > /sys/class/gpio/gpio4/value

exit 0

 

cat /usr/lib/cgi-bin/on.sh
#!/bin/bash
# get today’s date
OUTPUT=»$(date)»
# You must add following two lines before
# outputting data to the web browser from shell
# script
echo «0» > /sys/class/gpio/gpio4/value
echo «Content-type: text/html»
echo «»
 

Reverse SSH Tunneling

Posted: 25th Май 2016 by shmyak in Пингвин

#apt-get install autossh

#ssh-keygen…

# cat /etc/rc.local

/usr/bin/autossh -M {monitoring port} -N -f -o «PubkeyAuthentication=yes» -o «PasswordAuthentication=no» -o «ServerAliveInterval 30» -o «ServerAliveCountMax 3» -i /path/to/ssh_key -R 12345:localhost:{ssh port} {user}@{remote server} -p {remote ssh port}

exit 0

# lsusb
Bus 001 Device 005: ID 12d1:14dc Huawei Technologies Co., Ltd.

# cat /etc/udev/rules.d/40-E303Switch.rules  
# Huawei E303 Fallback-Mode Modeswitch

ATTRS{idVendor}==»12d1″, ATTRS{idProduct}==»1f01″, RUN+=»/bin/E303Modeswitch.sh»

# cat /bin/E303Modeswitch.sh
#!/bin/sh

sudo usb_modeswitch -v 0x12d1 -p 0x1f01 -V 0x12d1 -P 0x14db -M «55534243123456780000000000000a11062000000000000100000000000000»

# chmod a+x /bin/E303Modeswitch.sh

После копипаста необходимо поправить кавычки!

Raspberry Pi static IP

Posted: 22nd Март 2016 by shmyak in Пингвин

cat /etc/network/interfaces

auto eth0
allow-hotplug eth0
iface eth0 inet manual

 

cat /etc/dhcpcd.conf

interface eth0
static ip_address=192.168.1.10/24
static routers=192.168.1.1
static domain_name_servers=192.168.1.1 8.8.8.8

eltex mes-2124 QinQ

Posted: 2nd Декабрь 2015 by shmyak in Пингвин

gigabitethernet 1/0/2 — gigabitethernet 1/0/3 Jumper

 

console#sh running-config
no spanning-tree
!
vlan database
vlan 555,969
exit
!
interface gigabitethernet 1/0/1
switchport mode trunk
switchport trunk allowed vlan add 969
description uplink
switchport forbidden default-vlan
exit
!
interface gigabitethernet 1/0/2
switchport mode customer
switchport customer vlan 969
switchport forbidden default-vlan
exit
!
interface gigabitethernet 1/0/3
switchport mode trunk
switchport trunk allowed vlan add 555
switchport forbidden default-vlan
exit
!
interface gigabitethernet 1/0/4
switchport access vlan 555
description downlink
switchport forbidden default-vlan
exit
!
interface vlan 555
name test
exit
!
interface vlan 969
name qinq
exit
!

Android MTP for Fedora Linux

Posted: 5th Ноябрь 2015 by shmyak in Пингвин

All that is required for Thunar to see the phone’s internal storage is :

dnf install gvfs-mtp

and reboot — this step seemed mandatory (probably just re-logging into X would work, but the machine wanted an update anyway).

Posted: 29th Октябрь 2015 by shmyak in Юмор

f5a6c22a-31fb-4e8c-8d60-3f55fec8a431-medium