Category Archives: Uncategorized

Installing NetFlow Monitor on Ubuntu 11.10

Posted on by
Reply

Greetings all

I found myself looking for a free netflow monitor – the main condition was that it was web-based. The only ones I could find were commercial, but I eventually stumbled on Netflow Monitor. It’s PHP based with a service component that runs in the background collecting flows directed to it.

Once you register you’ll be given a link to the free version of the software and a plug for the new, commercial version. The instructions are out of date and the .deb version doesn’t work as it relies on php4 dependencies that are no longer in the repository. Installation from the .tar.gz version is simple and only a few steps.

  1. Install the LAMP server essentials – this provides Apache2, PHP 5 and MySQL. It is advised that you set a MySQL root password. 
    amason@akari:~$ sudo tasksel install lamp-server
  2. Create a symbolic link for the MySQL Client library that the Netflow Collector expects to find. 
    amason@akari:~$ sudo ln -s /usr/lib/libmysqlclient.so.1{6,0}
  3. Install the php5-snmp and php5-gd modules. 
    amason@akari:~$ sudo apt-get install php5-snmp php5-gd
  4. Restart the Apache server.
  5. Extract the contents of the tgz file. 
    amason@akari:~$ sudo tar -C / -xf netflow_2.0.3-6.tgz
  6. If you set your MySQL admin password, edit the /etc/netflow/netflow.conf and /etc/netflow/nfc.conf files and set the password.
  7. Create the database tables. 
    amason@akari:~$ mysqladmin -u root -p create nf
amason@akari:~$ nf_cfgcheck && nf_cfgcheck
  8. Go to the web interface and log in as admin, password nfadmin.
  9. Go to Options -> Units, then click Add to add a new unit. Enter the details of your router and click Create.
    Click here to view full size
  10. Click Collectors, then click Add. Enter details as below (or change the port if you wish) and click Create.
    Click here to view full size
  11. Start the Netflow Collector (nfc). 
    amason@akari:~$ sudo /etc/init.d/nfc start
  12. Go to the home page for the Netflow Monitor, and click Overview. Hit search to view the current flows.

That’s it. Note that this software relies on 32-bit Linux and will not work under 64-bit, even with the 32-bit libraries – a 32-bit MySQL library cannot be installed in that environment, so the only way would be to run the collector in a 32-bit chroot which is beyond the scope of this article. These instructions assume you are running in a 32-bit environment – if you wish to run this in a 64-bit environment you can set up a 32-bit chroot for the collector as it is the only 32-bit native element in this installation.

Work Smarter Not Harder – VLC Streams in Windows Media Center

Posted on by
Reply

I built an old PC to forward my Pay TV (provided by Austar at a cost of AU$66 per month for the basic package plus the fun and quest packages, which includes Discovery Science :D ) all around the house – the job was previously performed by a wireless transciever pair that also handled IR so you could use the same remote, which, due to the fact that it ran on the 2.4GHz ISM band, was suffering badly from interference and causing my mother-in-law a great deal of ire whenever she came around to iron our clothes while our bun cooks in the oven.

The computer is a Pentium D @ 2.8GHz with 1GB DDR2-RAM, 20GB IDE drive and an Asus MyTheater 7131 Hybrid card.  The card had a header onboard which could have an I/O block with composite, audio and S-video connectors plugged in for a video input.  Long story short, I was successful in setting up the stream, and now I wanted to get it into my Windows 7-powered HTPC running Windows Media Center.

Tools like Relaunch failed me – once VLC opened, it would simply fall back to the menu while the stream flowed in the background.  Thankfully the solution was much more elegant and simple – and it was a single file, no third-party trickery.

The file simply contained this:

<ASX version="3">
<Entry>
<ref href="mms://austar-pc:8081/" />
</Entry>
</ASX>

I’m not kidding folks.  Oh, and yes, MMSH is a must, WMP (and, by extension, WMC) won’t do anything but ASF-contained WMV since WMP 9, and WMP 8 won’t work with this at all.  If the situation has changed, could someone please let me know.

Anyway, I digress.  Simply place that ASX file into a WMC library and that’s it.  Select it and after about 10 seconds (yes, even on a LAN) you’ll have streamy goodness.

Mind you, there is a 4 second delay on response (I retained the wireless transmitters for IR transfers and will keep them until I manage IR over Ethernet, probably using a Ybot2 in an altoids tin – though if working systems exist, please let me know) but it works and it’s clear as day – not like the old wireless transmitter…

Let’s hope the delay isn’t going to be too painful… but it might prove a deterrent to using the damn Austar volume control – I don’t see why it needs its own.

Work smarter, not harder – Simple Windows ISO to USB transfer

Posted on by
Reply

Hi all

There are a plethora of tools for converting a Windows ISO/DVD to a USB disk for the purposes of installing without optical media.  The method, once you find a rhythm, is actually very simple.

1. Prepare your disk.  Be sure to back up all the things, you will lose data if you don’t.  Fire up diskpart as an Administrator and issue the following simple commands:

Microsoft DiskPart version 6.1.7600
Copyright (C) 1999-2008 Microsoft Corporation.
On computer: PBORLT01

DISKPART> lis dis

  Disk ###  Status         Size     Free     Dyn  Gpt
  --------  -------------  -------  -------  ---  ---
  Disk 0    Online          119 GB      0 B
  Disk 1    Online         7840 MB      0 B

DISKPART> sel dis 1

Disk 1 is now the selected disk.

DISKPART> clean

DiskPart succeeded in cleaning the disk.

DISKPART> create part prim

DiskPart succeeded in creating the specified partition.

DISKPART> format fs=ntfs quick

  100 percent completed

DiskPart successfully formatted the volume.

DISKPART> active

DiskPart marked the current partition as active.

DISKPART> exit

Leaving DiskPart...

2. Open 7zip and extract the ISOs contents onto the pen drive.

3. …

4. Profit! (Sorry, couldn’t resist.)

Now all you have to do is fire it up.  Done.

CARP and DHCP – how to make them be friends

Posted on by
Reply

Hi all

I was working on a redundant firewall for the LAN - the server running VMware that it was running on crashed at 1am and it took nearly 15 hours to get it back online – and one of the prerequisites was that it had to get the address from DHCP.  The LAN gets a linkback to the local university by means of a pair of Ubiquiti AirGrid antennae and the computer the stuff runs on has the IP address that DHCP gives out, NATting the address to the firewall VM (that runs pfSense).  All well and good… until the hard drive fails.

I felt this would be an excellent application for CARP and set out creating a couple of VMs to test my theories.  pfSense, being based on FreeBSD, has CARP support so theoretically you could enable it on both nodes and set it to get its address from DHCP.  Unfortunately, it seems that you can’t simply throw “dhcp” into the hostname.carp0 file and hope for the best – life, it seems, is not that kind, and you wind up with a CARP interface stuck in INIT phase.

So what you need to do is give CARP a temporary static IP, then run dhclient in rc.local to pick up the address.  Whatever you do, DO NOT USE 0.0.0.0 – it will result in a default route to 0.0.0.0 that will block any and all traffic.  I’m not kidding.  It doesn’t even need to be on the same network – I use 1.0.0.1 – as long as DHCP comes in after the fact and overrides it.

I now have a DHCP-enabled CARP interface that stays up when one router bites the dust.  Nice.

Here are the config files I used:

/etc/hostname.carp0:

inet 1.0.0.1 255.255.255.255 NONE vhid 1 pass floppagoppagoo carpdev em0 description "Uplink cluster"

/etc/hostname.carp1:

inet 10.10.10.1 255.255.255.0 10.10.10.255 vhid 2 pass floppagoppagay carpdev em1 description "LAN cluster"

/etc/hostname.em0:

up description "Uplink interface"

/etc/hostname.em1:

up description "LAN interface"

That easy.  Oh, and if you want to run DHCP, I recommend using another system.  DHCP tends to fail terribly when a failover situation occurs.  You could do a periodic refresh of the DHCP leases between them, but it’s better to just have a separate system for the purpose, especially if you intend to run a captive portal.

Work Smarter, Not Harder: Adding multiple rows to a table in Jet SQL

Posted on by
Reply

Hi all

I had a table for metadata that I had 25 rows to add to. Simple solution, right? Nope.

INSERT INTO metadata (metadata_group, metadata_text, metadata_desc) VALUES('risk', '5', 'red, Likely, Major');
INSERT INTO metadata (metadata_group, metadata_text, metadata_desc) VALUES('risk', '6', 'red, Almost Certain, Moderate');
INSERT INTO metadata (metadata_group, metadata_text, metadata_desc) VALUES('risk', '7', 'red, Unlikely, Catastrophic');
INSERT INTO metadata (metadata_group, metadata_text, metadata_desc) VALUES('risk', '8', 'yellow, Occasional, Major');
INSERT INTO metadata (metadata_group, metadata_text, metadata_desc) VALUES('risk', '9', 'yellow, Likely, Moderate');
INSERT INTO metadata (metadata_group, metadata_text, metadata_desc) VALUES('risk', '10', 'yellow, Almost Certain, Minor');
INSERT INTO metadata (metadata_group, metadata_text, metadata_desc) VALUES('risk', '11', 'yellow, Rare, Catastrophic');
INSERT INTO metadata (metadata_group, metadata_text, metadata_desc) VALUES('risk', '12', 'yellow, Unlikely, Major');
INSERT INTO metadata (metadata_group, metadata_text, metadata_desc) VALUES('risk', '13', 'yellow, Occasional, Moderate');
INSERT INTO metadata (metadata_group, metadata_text, metadata_desc) VALUES('risk', '14', 'yellow, Likely, Minor');
INSERT INTO metadata (metadata_group, metadata_text, metadata_desc) VALUES('risk', '15', 'yellow, Almost Certain, Negligible');
INSERT INTO metadata (metadata_group, metadata_text, metadata_desc) VALUES('risk', '16', 'yellow, Rare, Major');
INSERT INTO metadata (metadata_group, metadata_text, metadata_desc) VALUES('risk', '17', 'yellow, Unlikely, Moderate');
INSERT INTO metadata (metadata_group, metadata_text, metadata_desc) VALUES('risk', '18', 'yellow, Occasiona,l, Minor');
INSERT INTO metadata (metadata_group, metadata_text, metadata_desc) VALUES('risk', '19', 'yellow, Likely, Negligible');
INSERT INTO metadata (metadata_group, metadata_text, metadata_desc) VALUES('risk', '20', 'yellow, Rare, Moderate');
INSERT INTO metadata (metadata_group, metadata_text, metadata_desc) VALUES('risk', '21', 'green, Unlikely, Minor');
INSERT INTO metadata (metadata_group, metadata_text, metadata_desc) VALUES('risk', '22', 'green, Occasional, Negligible');
INSERT INTO metadata (metadata_group, metadata_text, metadata_desc) VALUES('risk', '23', 'green, Rare, Minor');
INSERT INTO metadata (metadata_group, metadata_text, metadata_desc) VALUES('risk', '24', 'cyan, Moderate, Negligible');
INSERT INTO metadata (metadata_group, metadata_text, metadata_desc) VALUES('risk', '25', 'cyan, Rare, Negligible');

That only greets me with “Extra characters after SQL”. Argh. Trying multiple value lines fails too:

INSERT INTO metadata (metadata_group, metadata_text, metadata_desc) VALUES('risk', '5', 'red, Likely, Major'),
('risk', '6', 'red, Almost Certain, Moderate');
('risk', '7', 'red, Unlikely, Catastrophic');
('risk', '8', 'yellow, Occasional, Major');
('risk', '9', 'yellow, Likely, Moderate');
('risk', '10', 'yellow, Almost Certain, Minor');
('risk', '11', 'yellow, Rare, Catastrophic');
('risk', '12', 'yellow, Unlikely, Major');
('risk', '13', 'yellow, Occasional, Moderate');
('risk', '14', 'yellow, Likely, Minor');
('risk', '15', 'yellow, Almost Certain, Negligible');
('risk', '16', 'yellow, Rare, Major');
('risk', '17', 'yellow, Unlikely, Moderate');
('risk', '18', 'yellow, Occasiona,l, Minor');
('risk', '19', 'yellow, Likely, Negligible');
('risk', '20', 'yellow, Rare, Moderate');
('risk', '21', 'green, Unlikely, Minor');
('risk', '22', 'green, Occasional, Negligible');
('risk', '23', 'green, Rare, Minor');
('risk', '24', 'cyan, Moderate, Negligible');
('risk', '25', 'cyan, Rare, Negligible');

“Expected ;” it says. Then after a bit of googling, I get the idea to use subqueries with unions instead! Yeah… uh, no.

INSERT INTO metadata (metadata_group, metadata_text, metadata_desc)
SELECT 'risk', '5', 'red, Likely, Major'
UNION SELECT 'risk', '6', 'red, Almost Certain, Moderate'
UNION SELECT 'risk', '7', 'red, Unlikely, Catastrophic'
UNION SELECT 'risk', '8', 'yellow, Occasional, Major'
UNION SELECT 'risk', '9', 'yellow, Likely, Moderate'
UNION SELECT 'risk', '10', 'yellow, Almost Certain, Minor'
UNION SELECT 'risk', '11', 'yellow, Rare, Catastrophic'
UNION SELECT 'risk', '12', 'yellow, Unlikely, Major'
UNION SELECT 'risk', '13', 'yellow, Occasional, Moderate'
UNION SELECT 'risk', '14', 'yellow, Likely, Minor'
UNION SELECT 'risk', '15', 'yellow, Almost Certain, Negligible'
UNION SELECT 'risk', '16', 'yellow, Rare, Major'
UNION SELECT 'risk', '17', 'yellow, Unlikely, Moderate'
UNION SELECT 'risk', '18', 'yellow, Occasiona,l, Minor'
UNION SELECT 'risk', '19', 'yellow, Likely, Negligible'
UNION SELECT 'risk', '20', 'yellow, Rare, Moderate'
UNION SELECT 'risk', '21', 'green, Unlikely, Minor'
UNION SELECT 'risk', '22', 'green, Occasional, Negligible'
UNION SELECT 'risk', '23', 'green, Rare, Minor'
UNION SELECT 'risk', '24', 'cyan, Moderate, Negligible'
UNION SELECT 'risk', '25', 'cyan, Rare, Negligible';

I get a nice and unhelpful “syntax error” pointing to the first subquery. Huh, guess you need a table to select from for unions. let’s give that a spin:

INSERT INTO metadata (metadata_group, metadata_text, metadata_desc)
SELECT 'risk', '5', 'red, Likely, Major' FROM dual
UNION SELECT 'risk', '6', 'red, Almost Certain, Moderate' FROM dual
UNION SELECT 'risk', '7', 'red, Unlikely, Catastrophic' FROM dual
UNION SELECT 'risk', '8', 'yellow, Occasional, Major' FROM dual
UNION SELECT 'risk', '9', 'yellow, Likely, Moderate' FROM dual
UNION SELECT 'risk', '10', 'yellow, Almost Certain, Minor' FROM dual
UNION SELECT 'risk', '11', 'yellow, Rare, Catastrophic' FROM dual
UNION SELECT 'risk', '12', 'yellow, Unlikely, Major' FROM dual
UNION SELECT 'risk', '13', 'yellow, Occasional, Moderate' FROM dual
UNION SELECT 'risk', '14', 'yellow, Likely, Minor' FROM dual
UNION SELECT 'risk', '15', 'yellow, Almost Certain, Negligible' FROM dual
UNION SELECT 'risk', '16', 'yellow, Rare, Major' FROM dual
UNION SELECT 'risk', '17', 'yellow, Unlikely, Moderate' FROM dual
UNION SELECT 'risk', '18', 'yellow, Occasiona,l, Minor' FROM dual
UNION SELECT 'risk', '19', 'yellow, Likely, Negligible' FROM dual
UNION SELECT 'risk', '20', 'yellow, Rare, Moderate' FROM dual
UNION SELECT 'risk', '21', 'green, Unlikely, Minor' FROM dual
UNION SELECT 'risk', '22', 'green, Occasional, Negligible' FROM dual
UNION SELECT 'risk', '23', 'green, Rare, Minor' FROM dual
UNION SELECT 'risk', '24', 'cyan, Moderate, Negligible' FROM dual
UNION SELECT 'risk', '25', 'cyan, Rare, Negligible' FROM dual

Nope. At this point it would’ve been quicker to just enter the damn data. So let’s try our unioned subquery within ANOTHER subquery, giving the fields from the first query names so we can refer to them:

INSERT INTO metadata (metadata_group, metadata_text, metadata_desc)
SELECT metadata_group, metadata_text, metadata_desc FROM (
 SELECT 'risk' AS metadata_group, '5' as metadata_text, 'red, Likely, Major' as metadata_desc FROM dual
 UNION SELECT 'risk', '6', 'red, Almost Certain, Moderate' FROM dual
 UNION SELECT 'risk', '7', 'red, Unlikely, Catastrophic' FROM dual
 UNION SELECT 'risk', '8', 'yellow, Occasional, Major' FROM dual
 UNION SELECT 'risk', '9', 'yellow, Likely, Moderate' FROM dual
 UNION SELECT 'risk', '10', 'yellow, Almost Certain, Minor' FROM dual
 UNION SELECT 'risk', '11', 'yellow, Rare, Catastrophic' FROM dual
 UNION SELECT 'risk', '12', 'yellow, Unlikely, Major' FROM dual
 UNION SELECT 'risk', '13', 'yellow, Occasional, Moderate' FROM dual
 UNION SELECT 'risk', '14', 'yellow, Likely, Minor' FROM dual
 UNION SELECT 'risk', '15', 'yellow, Almost Certain, Negligible' FROM dual
 UNION SELECT 'risk', '16', 'yellow, Rare, Major' FROM dual
 UNION SELECT 'risk', '17', 'yellow, Unlikely, Moderate' FROM dual
 UNION SELECT 'risk', '18', 'yellow, Occasiona,l, Minor' FROM dual
 UNION SELECT 'risk', '19', 'yellow, Likely, Negligible' FROM dual
 UNION SELECT 'risk', '20', 'yellow, Rare, Moderate' FROM dual
 UNION SELECT 'risk', '21', 'green, Unlikely, Minor' FROM dual
 UNION SELECT 'risk', '22', 'green, Occasional, Negligible' FROM dual
 UNION SELECT 'risk', '23', 'green, Rare, Minor' FROM dual
 UNION SELECT 'risk', '24', 'cyan, Moderate, Negligible' FROM dual
 UNION SELECT 'risk', '25', 'cyan, Rare, Negligible' FROM dual
);

Success!

So there you have it.  Oh, and to create those queries?  Just dump the data into Notepad++ and do a replace with regular expressions.

Work Smarter, Not Harder: Manually refreshing RemoteApp and Desktop Connections feeds

Posted on by
Reply

Greetings

At work we run Windows Server 2008 R2 servers, with a bunch running published applications through RemoteApp and Desktop Connections. Great guns, especially once we figured out that we could drop them into our Windows 7 computers’ Start Menu and drop shortcuts on the desktop. Now it really feels like you’re running it on your computer! Neat.

The best part of it is being able to regulate who sees what through AD groups – allowing us to restrict access to apps that we have limited licenses for. So, naturally, every so often we get a request to provide access to an application secured like this, and we’re usually more than happy to provide access depending on licensing levels. So we add them to the group and get them to log off, then back on again… except the newly-provided app doesn’t appear! So we’d log in and manually refresh the feed by digging through the Control Panel… not fun, especially since the icons like to not appear all at once so we go to click it and end up clicking on Programs and Features instead.

So ho hi, ho hi, off Googling goes I. I find this post from a fellow by the name of “JayJay19671967″ who found the solution after finding questions of this nature nearly a year old with no response. It was one line:

rundll32 tsworkspace,TaskUpdateWorkspaces

That’s it. Takes all of 5 seconds. It’s in our login script, in the same section where it sets the connection up in the first place.

Work Smarter, Not Harder: Adding a VPN connection to a computer you’ve deployed

Posted on by
Reply

Greetings, and welcome to the first of my “Work Smarter, Not Harder” posts.

A bane in our side whenever we deploy a laptop is forgetting to set up the VPN connection – or the RAS phonebook mysteriously disappearing when we image a particular machine. This usually means trying to catch the poor bugger at a (usually remote) site to set it up manually. I, being a systems admin and therefore inherently lazy, beg to differ.

As it turns out, the RAS phonebook is stored in C:\ProgramData\Microsoft\Network\Connections\Pbk and is called “rasphone.pbk” – to deploy this VPN connection, simply create the folder and copy the already set up file in.

I hope this has proved to be helpful for you.

New Toy

Posted on by
Reply

Long story short, I won a bet with my wife about whether our baby would be alive, which meant $20 no questions asked.  This was a little more than that, but there were no problems.

Oh my, that is an interesting device you have there…

Bazinga!

The Deploy CS-6.  Not a new dart gun, but it’s shiny and white!  Not only that, fast reload (with additional clip canisters), quite nice range, a “stealth” mode (let’s face it, it’s not going to fool anyone) and a flashlight for nighttime combat.

Nerf – because hey, we have to prepare for the zombie apocalypse somehow.