25 października 2012

'iptables' i szybkie usuwanie wszystkich reguł...

Poniżej szybkie usuwanie wszystkich reguł z iptables. Zarówno z wbudowanych łańcuchów jak i z łańcuchów użytkownika.

#!/bin/bash

echo "*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
" | iptables-restore

22 października 2012

Ubiquiti, SSH i zmiana hasła

Zmianę hasła w Ubiquiti, można przeprowadzić w poniższych krokach:

  1. Najpierw znajdujemy zmieniane hasło dla danego użytkownika.

    # konsola Ubiquiti
    
    cat /tmp/system.cfg | grep users.1.password | cut -d= -f2
    
  2. Teraz ze starego hasła odzyskujemy salt, czyli w Ubiquiti dwa pierwsze znaki hasła.

    # Perl
    
    my $salt;
    ($salt) = $old_password =~ m/^(..)/; 
    # BASH
    
    SALT=`echo ${OLD_PASSWORD} | cut -c1,2`

  3. Generujemy nowe hasło.
    # Perl
    
    my $new_password_crypted = crypt($new_password,$salt);
  4. Mając wszystkie potrzebne dane, podmieniamy hasło.

    # konsola Ubiquiti
    
    sed -e 's/$old_password/$new_password_crypted/' /tmp/system.cfg
    
    # zapisujemy zmiany
    
    cfgmtd -w
    
  5. Gotowe

Powyższa procedura działa, jak na razie, na wszystkich dostępnych mi urządzeniach Ubiquiti.

Gotowy skrypt w Perlu: chpasswd-ubiquiti.pl

18 października 2012

Ubiquiti i zmiana MAC adresu

Aby zmienić adres MAC interfejsu radiowego w Ubiquiti, możemy go po prostu zmienić za pomocą polecenia ifconfig.

Jednak zmiany te, nie zachowują się po restarcie urządzenia. Należy więc zmieniać adres MAC po każdym starcie systemu, a prosty skrypt ustawiający nowy adres zapisać w pamięci nieulotnej.

Poniżej procedura zmiany adresu MAC:

  1. Edytujemy plik /etc/persistent/rc.poststart. Jeśli pliku brak, tworzymy go.
  2. Edytujemy zawartość pliku tak, aby zawierał poniższy kod:
    ifconfig ath0 down
    ifconfig ath0 hw ether XX:XX:XX:XX:XX:XX
    ifconfig ath0 up
    Wartość XX:XX:XX:XX:XX:XX należy zastąpić nowym adresem MAC
  3. Zapisujemy dane do pamięci nieulotnej, uwzględniając pliki w /etc, wykonując polecenie cfgmtd -w -p /etc/
  4. Gotowe

Po zrestartowaniu urządzenia, adres MAC będzie ustawiany na nową wartość

Ubiquiti airFiber 24G i SSH

W airFiber dane od interfejsach (liczniki) uzyskiwane przy pomocy ifconfig albo cat /proc/net/dev nie są adekwatne do oczekiwanych wartości.
Po krótkich poszukiwaniach okazało się, że wszystkie te dane można wyciągnąć przy pomocy komendy af

Pobieranie informacji odbywa się za pomocą komendy af get parametr

Poniżej pełna lista parametrów, wynik wywołania aflist. Zwracam uwagę na pogrubione nazwy parametrów:

-------------------
AirFiber State Dump
-------------------
  frequency.................24.2GHz
                   choices  {24.1GHz,24.2GHz}
  rxfrequency...............24.1GHz
                   choices  {24.1GHz,24.2GHz}
  txfrequency...............24.2GHz
                   choices  {24.1GHz,24.2GHz}
  rxgain....................high
                   choices  {low,high}
  txmodrate.................6x
  duplex....................full
                   choices  {half,full}
  dpstat....................1000Mbps-Full
  dpcntl....................auto
                   choices  {auto,10Mbps-Half,100Mbps-Half,10Mbps-Full,100Mbps-Full}
  gpspulse..................detected
                   choices  {none,detected}
  gpsfix....................3D fix
  gpslat....................5333.98849N
  gpslong...................02100.71451E
  gpsalt....................171.6
  gpsviewcnt................10
  gpsusedcnt................10
  gpshdop...................1.00
  rssi......................51
  rssi0.....................51
  rssi1.....................51
  rxpower...................-57
  rxpower0..................-57
  rxpower1..................-57
  led.......................power
                   choices  {rssi,power}
  temp0.....................34
  temp1.....................34
  getlist...................frequency,rxfrequency,txfrequency,rxgain,txmodrate,duplex,dpstat,dpcntl,gpspulse,gpsfix,gpslat,gpslong,gpsalt,gpsviewcnt,gpsusedcnt,gpshdop,rssi,rssi0,rssi1,rxpower,rxpower0,rxpower1,led,temp0,temp1,getlist,setlist,countrycode,countrydom,speed,modcontrol,gps,powerout,mode,state,status,mastertxstart,mastertxlength,masterrxstart,masterrxlength,slavetxstart,slavetxlength,slaverxstart,slaverxlength,tdelay,feet,miles,meters,kilometers,linkname,key,capacity,rxcapacity,txcapacity,rrxpower0,rrxpower1,rtxmodrate,rpowerout,linktest,caldcoff,caltcxo,caltxiq,calrxiq,caltxtc,calrxtc,caltxpower,calrxpower,calpodc,mac_0,mac_1,TxFramesOK,RxFramesOK,RxFrameCrcErr,RxAlignErr,TxOctetsOK,RxOctetsOK,TxPauseFrames,RxPauseFrames,RxErroredFrames,TxErroredFrames,RxValidUnicastFrames,RxValidMulticastFrames,RxValidBroadcastFrames,TxValidUnicastFrames,TxValidMulticastFrames,TxValidBroadcastFrames,RxDroppedMacErrFrames,RxTotalOctets,RxTotalFrames,RxLess64ByteFrames,RxOverLengthFrames,Rx64BytePackets,Rx65_127BytePackets,Rx128_255BytePackets,Rx256_511BytePackets,Rx512_1023BytePackets,Rx1024_1518BytesPackets,Rx1519PlusBytePackets,RxTooLongFrameCrcErr,RxTooShortFrameCrcErr,phy00,phy01,phy02,phy03,phy04,phy05,phy06,phy07,phy08,phy09,phy0a,phy0b,phy0c,phy0d,phy0e,phy0f,phy10,phy11,phy12,phy13,phy14,phy15,phy16,phy17,phy18,phy19,phy1a,phy1b,phy1c,phy1d,phy1e,phy1f,txqosoct0,txqosoct1,txqosoct2,txqosoct3,txqosoct4,txqosoct5,txqosoct6,txqosoct7,txqosoct8,txqosoct9,txqosocta,txqosoctb,txqosoctc,txqosoctd,txqosocte,txqosoctf,txqospkt0,txqospkt1,txqospkt2,txqospkt3,txqospkt4,txqospkt5,txqospkt6,txqospkt7,txqospkt8,txqospkt9,txqospkta,txqospktb,txqospktc,txqospktd,txqospkte,txqospktf,rxqosoct0,rxqosoct1,rxqosoct2,rxqosoct3,rxqosoct4,rxqosoct5,rxqosoct6,rxqosoct7,rxqosoct8,rxqosoct9,rxqosocta,rxqosoctb,rxqosoctc,rxqosoctd,rxqosocte,rxqosoctf,rxqospkt0,rxqospkt1,rxqospkt2,rxqospkt3,rxqospkt4,rxqospkt5,rxqospkt6,rxqospkt7,rxqospkt8,rxqospkt9,rxqospkta,rxqospktb,rxqospktc,rxqospktd,rxqospkte
  setlist...................frequency,rxfrequency,txfrequency,rxgain,duplex,dpcntl,led,countrycode,countrydom,speed,modcontrol,gps,powerout,mode,linkname,key,linktest,caldcoff,caltcxo,caltxiq,calrxiq,caltxtc,calrxtc,caltxpower,calrxpower,calpodc,phy00,phy04,phy07,phy09,phy10,phy12,phy14,phy18,phy19,phy1d,phy1e
  countrycode...............840
  countrydom................fcc
                   choices  {none,fcc,etsi}
  speed.....................6x
                   choices  {1x,2x,4x,6x,8x}
  modcontrol................automatic
                   choices  {manual,automatic}
  gps.......................on
                   choices  {off,on}
  powerout..................20
                     range  {0..33}
  mode......................slave
                   choices  {master,slave,reset}
  state.....................operational
  status....................slave-operational
  mastertxstart.............0
  mastertxlength............1895544
  masterrxstart.............1907506
  masterrxlength............1895544
  slavetxstart..............1901794
  slavetxlength.............1895544
  slaverxstart..............0
  slaverxlength.............1895544
  tdelay....................2856
  feet......................2809
  miles.....................0.532
  meters....................856
  kilometers................0.856
  linkname..................spy-nid.........................
  key.......................0000:0000:0000:0000:0000:0000:0000:0000
                     range  {0000:0000:0000:0000:0000:0000:0000:0000..ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff}
  capacity..................743339520
  rxcapacity................743339520
  txcapacity................743626240
  rrxpower0.................-59
  rrxpower1.................-60
  rtxmodrate................6x
  rpowerout.................20
  linktest..................rx,0,tx,0,No Data
                     range  {1..60}
  caldcoff..................TX0DCI=0x091F,TX0DCQ=0x0154,TX1DCI=0x0CD5,TX1DCQ=0xFDB0
  caltcxo...................TCXOcount=124999994
  caltxiq...................TX0AI=0x0F6F,TX0AQ=0x0409,TX1AI=0x0F67,TX1AQ=0x0403
  calrxiq...................RX0AI=0x0FFD,RX0AQ=0x0403,RX1AI=0x0FFE,RX1AQ=0x0409
  caltxtc...................TCTX0gm40=-2.12,TCTX0gm15=-1.76,TCTX0gp10=-0.98,TCTX0gp35=0.00,TCTX0gp60=1.64,TCTX0gp85=3.41,TCTX1gm40=-2.12,TCTX1gm15=-1.76,TCTX1gp10=-0.98,TCTX1gp35=0.00,TCTX1gp60=1.64,TCTX1gp85=3.41
  calrxtc...................TCRX0gm40=-5.20,TCRX0gm15=-2.93,TCRX0gp10=-1.58,TCRX0gp35=0.00,TCRX0gp60=1.92,TCRX0gp85=3.91,TCRX1gm40=-5.20,TCRX1gm15=-2.93,TCRX1gp10=-1.58,TCRX1gp35=0.00,TCRX1gp60=1.92,TCRX1gp85=3.91
  caltxpower................TX0P=0x1D,TX0PdBm=6.92,TX0PTEMP=48,TX1P=0x1D,TX1PdBm=7.41,TX1PTEMP=48
  calrxpower................RX0P=0x39,RX0PdBm=-50.00,RX0PTEMP=47,RX1P=0x39,RX1PdBm=-50.00,RX1PTEMP=48
  calpodc...................P0short=0.00,P0half=0.00,P0full=-2.00,P1short=0.00,P1half=0.00,P1full=-2.00
  mac_0.....................0
  mac_1.....................0
  TxFramesOK................2713099372
  RxFramesOK................1103621960
  RxFrameCrcErr.............0
  RxAlignErr................0
  TxOctetsOK................3728254389
  RxOctetsOK................1000856066
  TxPauseFrames.............0
  RxPauseFrames.............0
  RxErroredFrames...........1
  TxErroredFrames...........63692
  RxValidUnicastFrames......1099572717
  RxValidMulticastFrames....601489
  RxValidBroadcastFrames....3451960
  TxValidUnicastFrames......2691192694
  TxValidMulticastFrames....1670070
  TxValidBroadcastFrames....20308518
  RxDroppedMacErrFrames.....0
  RxTotalOctets.............3687124683
  RxTotalFrames.............1103629815
  RxLess64ByteFrames........0
  RxOverLengthFrames........0
  Rx64BytePackets...........2153589453
  Rx65_127BytePackets.......2333775463
  Rx128_255BytePackets......268202900
  Rx256_511BytePackets......145549651
  Rx512_1023BytePackets.....136029207
  Rx1024_1518BytesPackets...361452237
  Rx1519PlusBytePackets.....0
  RxTooLongFrameCrcErr......0
  RxTooShortFrameCrcErr.....0
  phy00.....................0x1000
  phy01.....................0x796d
  phy02.....................0x004d
  phy03.....................0xd072
  phy04.....................0x1de1
  phy05.....................0xc5e1
  phy06.....................0x000f
  phy07.....................0x2801
  phy08.....................0x0000
  phy09.....................0x0200
  phy0a.....................0x3800
  phy0b.....................0x0000
  phy0c.....................0x0000
  phy0d.....................0x0000
  phy0e.....................0x0000
  phy0f.....................0xa000
  phy10.....................0x0862
  phy11.....................0xbc5c
  phy12.....................0x0000
  phy13.....................0x7401
  phy14.....................0x082c
  phy15.....................0x0000
  phy16.....................0x04e8
  phy17.....................0x0000
  phy18.....................0x3200
  phy19.....................0x3000
  phy1a.....................0x0000
  phy1b.....................0x063e
  phy1c.....................0x0000
  phy1d.....................0x000b
  phy1e.....................0x2c20
  phy1f.....................0x8100
  txqosoct0.................0x0000000000000000
  txqosoct1.................0x0000000000000000
  txqosoct2.................0x0000000000000000
  txqosoct3.................0x000000ed33db2544
  txqosoct4.................0x0000000000000000
  txqosoct5.................0x0000000000000000
  txqosoct6.................0x0000000000000000
  txqosoct7.................0x0000000000000000
  txqosoct8.................0x0000000000000000
  txqosoct9.................0x0000000000000000
  txqosocta.................0x0000000000000000
  txqosoctb.................0x0000000000000000
  txqosoctc.................0x0000000000000ea7
  txqosoctd.................0x0000000000000000
  txqosocte.................0x0000000000000000
  txqosoctf.................0x0000000000000000
  txqospkt0.................0x0000000000000000
  txqospkt1.................0x0000000000000000
  txqospkt2.................0x0000000000000000
  txqospkt3.................0x0000000141c446c5
  txqospkt4.................0x0000000000000000
  txqospkt5.................0x0000000000000000
  txqospkt6.................0x0000000000000000
  txqospkt7.................0x0000000000000000
  txqospkt8.................0x0000000000000000
  txqospkt9.................0x0000000000000000
  txqospkta.................0x0000000000000000
  txqospktb.................0x0000000000000000
  txqospktc.................0x0000000000000017
  txqospktd.................0x0000000000000000
  txqospkte.................0x0000000000000000
  txqospktf.................0x0000000000000000
  rxqosoct0.................0x0000000000000000
  rxqosoct1.................0x0000000004a95cdf
  rxqosoct2.................0x0000000000000000
  rxqosoct3.................0x000006da147ca526
  rxqosoct4.................0x0000000000000000
  rxqosoct5.................0x0000000000000000
  rxqosoct6.................0x0000000000000000
  rxqosoct7.................0x0000000000000000
  rxqosoct8.................0x0000000000000000
  rxqosoct9.................0x0000000000000000
  rxqosocta.................0x0000000012b24e9c
  rxqosoctb.................0x0000000000000000
  rxqosoctc.................0x000000001159c6c1
  rxqosoctd.................0x0000000000000000
  rxqosocte.................0x0000000000000000
  rxqosoctf.................0x0000000000000000
  rxqospkt0.................0x0000000000000000
  rxqospkt1.................0x000000000003b870
  rxqospkt2.................0x0000000000000000
  rxqospkt3.................0x00000001a1741f99
  rxqospkt4.................0x0000000000000000
  rxqospkt5.................0x0000000000000000
  rxqospkt6.................0x0000000000000000
  rxqospkt7.................0x0000000000000000
  rxqospkt8.................0x0000000000000000
  rxqospkt9.................0x0000000000000000
  rxqospkta.................0x00000000001f35e9
  rxqospktb.................0x0000000000000000
  rxqospktc.................0x0000000000209e5a
  rxqospktd.................0x0000000000000000
  rxqospkte.................0x0000000000000000

Więc aby wyciągnąć dane z liczników i wykorzystać je na przykład w rrdtool, wystarczy odczytać wyniki dwóch komend:

af get TxOctetsOK
af get RxOctetsOK

5 października 2012

Skaner Ubiquiti

Skaner do urządzeń Ubiquiti dla konsoli linuksowej, napisany w Perlu.

Historia zmian:

  • 2013-06-07
    dodano nowy kod hardware'u: 'WM5'
  • 2012-12-17
    dodano nowy kod hardware'u: 'NB2'
  • 2012-10-05
    dodano nowy kod hardware'u: 'AF24'
    dodano możliwość wybrania interfejsu do skanowania, podawany jako parametr wywołania skryptu
  • 2012-08-24
    dodano rozpoznawanie kodow hardware'u: 'NS3','B2N','BS2'
  • 2012-08-22
    poprawiono parsowanie odbieranego pakietu
    poprawiono parsowanie wersji software
  • 2011-06-11
    przepisano engine na klasyczne sockety
  • 2011-03-20
    pierwsza wersja

Najbardziej aktualna wersja skanera: scan-ubiquiti.pl

Opisy: