Wireshark – Filter by MAC Address

Posted on December 8, 2018 by admin

Open up your capture file in Wireshark.

And apply the following display filter. Shortcut key is Ctrl+/

eth.src == aa:bb:cc:dd:ee:ff

Change the above mac address to the one you want to filter by.

More filtering info can be found at the following link

Wireshark Filtering

Install LineageOS on Google Pixel (Sailfish)

Posted on December 8, 2018 by admin

Just some notes on trying to install LineageOS on Google Pixel.

Basic install steps

Unlock bootloader
Boot into TWRP
Wipe System and format
Push LineageOS zip via adb (or other methods)
Install LineageOS zip
(Optional) Reboot back into TWRP and install Gapps
Reboot (should boot into Lineage. If not, try changing a/b)

Lineage 15 Official

Install guide is here. Here are some extra notes.

Google Recovery Images (Helpful if you didn’t create a backup…) https://developers.google.com/android/images

LineageOS Download link
https://download.lineageos.org/sailfish

Lineage OS 16 Unofficial

Helpful Links

https://forum.xda-developers.com/pixel-xl/development/rom-lineage-16-0-pixels-sailfish-marlin-t3830083

https://forum.xda-developers.com/showpost.php?p=78350286&postcount=579

Other Notes

ADB and fastboot should be in the following directory. May need to install them if they are not.

cd %userprofile%\appdata\local\Android\Sdk\platform-tools

Boot TWRP image using fastboot. Run from the bootloader menu, should automatically load.

fastboot boot twrp.img

Seems like there can be some issues with the Pixel and it swapping A/B on boot. You can use TWRP to reboot into A or B, or set it with fastboot

fastboot --set-active=b

Apparently a/b devices will show up as no os installed in TWRP

TWRP says no OS installed, system boot loops
byu/jhsbane inLineageOS

Backup and restore

You can use adb to create a backup of your phone. Not sure what all it backs up. Once restored pictures, background, and other files seem to be there.

Backup with

adb backup -apk -shared -all -f \Path\to\folder\backup_name.ab

Restore backup with

adb restore \Path\to\folder\backup_name.ab

Add/Remove Linux User to sudoers

Posted on December 7, 2018 by admin

CentOS/Fedora/RedHat

Add sudo privileges

usermod -a -G wheel LinuxUsername

remove

sudo deluser username wheel

Ubuntu/Debian

Add sudo privileges

usermod -a -G sudo LinuxUsername

remove

sudo deluser username sudo

Allow Freeradius through Firewalld

Posted on December 7, 2018 by admin

Freeradius by default uses ports 1812 and 1813, udp traffic. To allow through firewalld run the following commands and restart the service.

sudo firewall-cmd --port-add=1812/udp --permanent
sudo firewall-cmd --port-add=1812/udp --permanent
sudo systemctl restart firewalld

Ubuntu apt-get install, error with org.freedesktop.systemd1.service

Posted on December 6, 2018 by admin

Had an issue trying to recover from a failed upgrade. Apt would complain about dependencies, suggested running apt-get install -f.

Running apt-get install -f would still fail. It showed a conflict with the systemd1.service, ended up renaming the file with the following command

sudo mv /usr/share/dbus-1/system-service/org.freedesktop.systemd1.service{,bak}

and reran

sudo apt-get install -f

after that I was able to rerun the upgrade and finish

sudo apt-get upgrade

Connect to WiFi network via command line

Posted on December 6, 2018 by admin

Easiest way is to use the Network Manager nmtui tool

nmtui

It gives you a “command line GUI” to search and select your preferred WiFi network.

Alternate way is to use the iw tools.

Scan for available WiFi networks

iwlist scan

Connect with iwconfig, replace WiFiName with your WiFi name. Note this only works with open networks.

iwconfig wlan0 essid WiFiName

You’ll need to get an address now, so run

dhclient

Check if your DNS is working. If not, as a “hack” manually add it to /etc/resolv.conf and restart the networking service.

sudo echo "nameserver 8.8.8.8" >> /etc/resolv.conf
sudo service networking restart

Your not supposed to manually put the nameservers in resolv.conf. But it works in a pinch.

Errors Renewing Lets Encrypt Certificate for UniFi-Video

Posted on November 27, 2018 by admin

Had an issue with the Lets Encrypt cert for a UniFi-Video server. When renewing the cert and reimporting it into the UniFi-Video keystore, the certification was showing out of date.

Issue ended up being something with certbot.

When certbot runs it generates a new cert.pem, chain.pem, fullchain.pem and privkey.pem and puts them in the “/etc/letsencrypt/live/unifi.domain.com/” directory.

The privkey.pem and cert.pem are used to create the keys.p12 file which gets imported into the UniFi-Video keystore.

Apparently the .pem files in “/etc/letsencrypt/live/unifi.domain.com/” are symbolic links to files in “/etc/letsencrypt/archive/unifi.domain.com/”

Upon inspection of the archive directory, multiple cert.pem and privkey.pem files were found with the names cert1.pem, cert2.pem, cert3.pem etc. Looking at the creation date of the file revealed the symbolic link was referring to an old “cert1.pem” file.

Work around was to stop the unifi-video service and reimport the cert using the latest .pem files in the archive directory.

echo ubiquiti | openssl pkcs12 -export -inkey /etc/letsencrypt/archive/unifi.yourdomain.com/privkey2.pem -in /etc/letsencrypt/archive/unifi.yourdomain.com/cert2.pem -name airvision -out /usr/lib/unifi-video/data/keys.p12 -password stdin
echo y | keytool -importkeystore -srckeystore /etc/letsencrypt/archive/unifi.yourdomain.com/keys.p12 -srcstoretype pkcs12 -destkeystore /usr/lib/unifi-video/data/keystore -storepass ubiquiti -srcstorepass ubiquiti

Remove the old ufv-truststore and start the service.

mv /usr/lib/unifi-video/data/ufv-truststore{,.old}
systemctl start unifi-video

Worked like a charm.

LibreNMS bulk delete

Posted on November 22, 2018 by admin

There is a php script in /opt/librenms/ that lets you delete a host from the command line.

sudo /opt/librenms/delhost.php 192.168.1.20

Replace 192.168.1.20 with the hostname/ip address of the host you want to delete.

Delete Multiple Hosts

First you’ll need to get a list of devices you want to remove. You can do this by viewing the devices in the LibreNMS MySQL database;

Example:

$ mysql -u librenms -p librenms
MariaDB [librenms]> select hostname from devices;
+----------------------------------------+
| hostname |
+----------------------------------------+
| 192.168.88.1 |
| 192.168.1.20 |
| 192.168.1.12 |
| 192.168.88.5 |
4 rows in set (0.00 sec)
MariaDB [librenms]> exit

Put all the IP addresses you want to remove into a file and run the following for loop. Replace “remove_ip.lst” with the name of your ip list file.

for i in `cat ~/remove_ip.lst`; do sudo /opt/librenms/delhost.php $i; done

Can’t restart auditd with systemctl

Posted on October 26, 2018 by admin

The following command

systemctl restart auditd

Returns the following error on CentOS

Failed to restart auditd.service: Operation refused, unit auditd.service may be requested by dependency only (it is configured to refuse manual start/stop).
See system logs and 'systemctl status auditd.service' for details.

Work around is to use service for the restart

service auditd restart

VMware esxtop, looking for CPU performance issues

Posted on October 15, 2018 by admin

http://www.yellow-bricks.com/esxtop/#esxtop-thresholds has some guidance on thresholds for different metrics.

Run esxtop, hit the “c” key to view CPU info and compare the usage with the thresholds.

Here are few from the above link.

Metric	Threshold
%RDY	10
%CSTP	3
%MLMTD	0

Note: if your in esxtop you can hit the “f” key and it’ll give you a menu to specify more fields to display.

Incredigeek

Author Archives: admin