SSH into LibreNMS server
ssh user@librenms-server
cd into the LibreNMS directory
cd /opt/librenms
Rename host
sudo ./rename.sh old-hostname new-hostname
Example:
Note you can use IP addresses if the device is using that as the host name
sudo ./rename.sh 192.168.1.209 192.168.2
SSH into the UniFi. Note that the UniFi username and password get updated from the controller. Refer to here to find username and password.
ssh ubnt@192.168.1.20
run the syswrapper.sh script with the restore-default option
syswrapper.sh restore-default
Once the device is reset, log in over ssh and reconfigure.
Note that the username and password will now be ubnt/ubnt
Helpful commands. Maybe?
Looks like most of the configuration scripts are in /sbin
Web from the /etc_ro/web/admin/managment.php
<fieldset> <legend><script type="text/javascript">Capture(management.Web_Access)</script></legend> <table class="setting_block"> <tr> <td class="head" id="remoteWebLogin"><script>Capture(management.Remote_Web_Login)</script></td> <td> <select name="remote_web_login"> <option value="0" <% getCfgSelected("DBID_LAN_LOGIN_ONLY", "1"); %>><script>Capture(share.disable)</script></option> <option value="1" <% getCfgSelected("DBID_LAN_LOGIN_ONLY", "0"); %>><script>Capture(share.enable)</script></option> </select> </td> </tr> <tr id="WirelessHostLogin_tr"> <td class="head" id="WirelessHostLogin"><script>Capture(management.wireless_access_web)</script></td> <td> <select name="wireless_access_web"> <option value="0" <% getCfgSelected("wireless_access_web", "0"); %>><script>Capture(share.disable)</script></option> <option value="1" <% getCfgSelected("wireless_access_web", "1"); %>><script>Capture(share.enable)</script></option> </select> </td> </tr> <tr id="web_login_access"> <td class="head" id="WebLoginWay"><script>Capture(management.way_access_web)</script></td> <td> <select name="way_access_web"> <!-- <option value="https" selected = "selected" <% getCfgSelected("way_access_web", "https"); %>><script>Capture(management.https)</script></option> --> <option value="http" <% getCfgSelected("way_access_web", "http"); %>><script>Capture(management.http)</script></option> <option value="http&https" <% gethttphttpsSelected("way_access_web", "http&https"); %>><script>Capture(management.http_https)</script></option> </select> </td> </tr> <tr id="localport_tr"> <td class="head"><script>Capture(management.localWeb_Port)</script></td>
nvram_
nvram_get nvram_set
nvram_get
Usage:
nvram_get [] []
command:
rt2860_nvram_show - display rt2860 values in nvram
rtdev_nvram_show - display 2nd ralink device values in nvram
show - display values in nvram for
gen - generate config file from nvram for
renew - replace nvram values for with
clear - clear all entries in nvram for
platform:
2860 - rt2860
rtdev - 2nd ralink device
file:
- file name for renew command
nvram_get show
2860
nvram_get show 2860
Trying to read data
nvram_get gen file tmp.txt
Usage:
nvram_get 2860 lan_ipaddr
nvram_get 2860 lan_ipaddr
192.168.11.1
nvram_get 2860 http_wanport
nvram_get 2860 http
nvram_get 2860 httpd
nvram_get 2860 remote_mgt_https
nvram_get 2860 remote_mgt
nvram_get 2860 telnet
nvram_get 2860 remote_mgt
nvram_get 2860 remote_ip
nvram_get 2860 wan_ip
grep “nvram_get 2860” * | grep -i web
grep "nvram_get 2860" * | grep -i web check_goahead.sh:DBID_WEB_PORT=nvram_get 2860 DBID_WEB_PORTcommon_lib.sh: local webport=nvram_get 2860 DBID_WEB_PORTcommon_lib.sh: local webhttpsport=nvram_get 2860 DBID_WEB_SSL_PORTcommon_lib.sh: local web_remote_ip=nvram_get 2860 WebRemoteLegalIPcommon_lib.sh: wireless_access_web=nvram_get 2860 wireless_access_webcommon_lib.sh: wanwebport=nvram_get 2860 DBID_WEB_PORTcommon_lib.sh: local webhttpsport=nvram_get 2860 DBID_WEB_SSL_PORTcommon_lib.sh: lanwebport=nvram_get 2860 lan_webportcommon_lib.sh: local webport=nvram_get 2860 DBID_WEB_PORTcommon_lib.sh: local webhttpsport=nvram_get 2860 DBID_WEB_SSL_PORTcommon_lib.sh: local web_remote_ip=nvram_get 2860 WebRemoteLegalIPcommon_lib.sh: local teluserpwd=nvram_get 2860 DBID_SUPER_WEB_PASSWORDglobal.sh:webinit=nvram_get 2860 WebInitinternet.sh: pass=nvram_get 2860 DBID_SUPER_WEB_PASSWORDlan.sh:lan_gw=nvram_get 2860 lan_gateway#for debug, so remote host can access web route from another device in lan port nat.sh:webport=nvram_get 2860 DBID_WEB_PORTset_ping_rule.sh: local pinglegaip=nvram_get 2860 WebAclListstorage.sh: admPW=nvram_get 2860 DBID_SUPER_WEB_PASSWORDstorage.sh: admPW=nvram_get 2860 DBID_SUPER_WEB_PASSWORDstorage.sh: admPW=nvram_get 2860 DBID_NORMAL_WEB_PASSWORDstorage.sh: admPW=nvram_get 2860 DBID_SUPER_WEB_PASSWORDstorage.sh: admPW=nvram_get 2860 DBID_NORMAL_WEB_PASSWORDupdown_make.sh: url=nvram_get 2860 websURLFiltersupdown_make.sh: host=nvram_get 2860 websHostFilters
SSH
Not exactly sure if this does work, but seems like it should.
nvram_get SSH_SERVER_REMOTE_ENABLE
Default status
Enable
nvram_set SSH_SERVER_REMOTE_ENABLE 1
After running above command
Commit changes
nvram_get commit
Reboot
reboot
Seems like I am missing a step. Seems to change the password in the nvram, but does not actually change it permanently
Get current password
nvram_get 2860 Password admin
nvram_set Password newpassword
Commit Changes and reboot
nvram_set commit reboot
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=29181
Uses some of the commands (i.e. nvram_get 2860 HostName )
https://github.com/jameshilliard/hlk-rm04-squashfs-root-1.78/blob/master/sbin/lan.sh
Edit the “/tmp/system.cfg”
Change the line that contains “dhcpc.status=disabled” to
dhcpc.status=enabled
add the following lines
dhcpc.1.devname=br0 dhcpc.1.fallback=192.168.1.20 dhcpc.1.fallback_netmask=255.255.255.0 dhcpc.1.status=enabled
Save and exit and save changes
/usr/etc/rc.d/rc.softrestart save
Log into the GUI and verify everything looks correct. Under the network tab it was still showing that it had a static address, although it pulled a DHCP IP.
List current sessions with
loginctl list-sessionsUnlock with session number from above command.
loginctl unlock-session session-numberOr to unlock all sessions do
loginctl list-sessionsMore info:
https://askubuntu.com/questions/341014/unlock-login-screen-using-command-line
Gain access to radio via ssh
ssh ubnt@192.168.1.20
open up the /tmp/system.cfg
vi /tmp/system.cfg
Delete the following line. To move the cursor to the following line and type “dd” and vi will delete the whole line.
dhcpc.status=disabled
Add the following 5 lines. Hit “i” to enter vi insert mode.
br0 should be correct interface in most scenarios.
dhcpc.1.devname=br0
dhcpc.1.fallback=192.168.1.20
dhcpc.1.fallback_netmask=255.255.255.0
dhcpc.1.status=enabled
dhcpc.status=enabled
Save the file by hitting esc and then “:wq” followed by Return/Enter
Save the config changes and reboot the radio so it pulls an address.
/usr/etc/rc.d/rc.softrestart save && reboot
There is a php script in /opt/librenms/ that lets you delete a host from the command line.
sudo /opt/librenms/delhost.php 192.168.1.20
Replace 192.168.1.20 with the hostname/ip address of the host you want to delete.
Delete Multiple Hosts
First you’ll need to get a list of devices you want to remove. You can do this by viewing the devices in the LibreNMS MySQL database;
Example:
$ mysql -u librenms -p librenms MariaDB [librenms]> select hostname from devices; +----------------------------------------+ | hostname | +----------------------------------------+ | 192.168.88.1 | | 192.168.1.20 | | 192.168.1.12 | | 192.168.88.5 | 4 rows in set (0.00 sec) MariaDB [librenms]> exit
Put all the IP addresses you want to remove into a file and run the following for loop. Replace “remove_ip.lst” with the name of your ip list file.
for i in `cat ~/remove_ip.lst`; do sudo /opt/librenms/delhost.php $i; done
Add iptable rule
The following rule rejects access to port 22 on all devices except ones on the 192.168.1.0/24 network. Note the “!”. This command can be useful for a WHM/cPanel server to limit ssh access.
iptables -A INPUT ! -s 192.168.1.0/24 -p tcp --dport 22 -j REJECT
List iptable rules with line numbers
iptables -L --line-numbers
Example output
root@localhost [~]# iptables -L --line-numbers Chain INPUT (policy ACCEPT)Chain OUTPUT (policy ACCEPT) num target prot opt source destination 1 REJECT tcp -- !192.168.1.11 anywhere tcp dpt:ssh reject-with icmp-port-unreachable Chain FORWARD (policy ACCEPT) num target prot opt source destination Chain OUTPUT (policy ACCEPT) num target prot opt source destination 1 ACCEPT tcp -- anywhere anywhere multiport dports smtp,urd,submission owner GID match mailman 2 cpanel-dovecot-solr all -- anywhere anywhere Chain cpanel-dovecot-solr (1 references) num target prot opt source destination 1 ACCEPT tcp -- anywhere anywhere multiport sports 8984,7984 owner UID match cpanelsolr
Remove iptable rule
To delete a rule use the -D option with the Chain and the line number. So to delete the first rule in the example output above, we would specify the INPUT chain and the the line number 1
iptables -D INPUT 1
Upgrading the firmware via the command line is super easy. Basic steps are
ubntbox fwupdate.real -m fwupdate.bin
There are a couple of ways to get the firmware uploaded to the radio
ssh into the radio. Change username and ip address as needed.
ssh ubnt@192.168.1.20
cd to the /tmp directory
cd /tmp
Find the firmware file on Ubiquiti’s website, accept the terms, copy the link and paste the link in the terminal after wget. Replace the below link with the appropriate firmware link.
wget https://dl.ubnt.com/firmwares/XC-fw/v8.4.2/WA.v8.4.2.35930.171017.1722.bin
Rename firmware
mv *.bin fwupdate.bin
Start the upgrade
ubntbox fwupdate.real -m fwupdate.bin
The radio will now upgrade and reboot
Another way to upgrade a radios firmware from the command line is to use the UBNTMOD tool. More info on the UBNTMOD script is available here.
Make sure you have the firmware downloaded to your computer and run ubntmod.sh with the “-U” upgrade option.
Example,
bob@localhost:~$ ./ubntmod.sh -i 192.168.1.20 -U WA.v8.4.2.35930.171017.1722.bin
More info about imapsync here
Install imapsync
CentOS 7, Works on cPanel servers too
yum install epel-release && yum install imapsync
Once installed check and make sure it works.
imapsync --version
If it gives you the version number you should be good to go.
Move email account
imapsync --host1 mail.emaildomain.com --user1 username@emaildomain.com --password1 "password1" --host2 mail.exampledomain.com --user2 username@movetodomain.com --password2 "password2"
Example :
imapsync --host1 mail.myemail.com --user1 bob@myemail.com --password1 "password1" --host2 mail.incredigeek.com --user2 bob@incredigeek.com --password2 "password2"
Moving Multiple accounts
Best way to move multiple accounts is to use a script and and a list that contains all the usernames and passwords to the accounts you want to move.
example scripts can be found on the imapsync website here is a script example and here is the example file.txt
Example script.
#!/bin/sh
#
# $Id: sync_loop_unix.sh,v 1.6 2015/11/04 18:23:04 gilles Exp gilles $
# Example for imapsync massive migration on Unix systems.
# See also http://imapsync.lamiral.info/FAQ.d/FAQ.Massive.txt
#
# Data is supposed to be in file.txt in the following format:
# host001_1;user001_1;password001_1;host001_2;user001_2;password001_2;
# ...
# Separator is character semi-colon ";" it can be changed by any character changing IFS=';'
# in the while loop below.
# # Each line contains 6 columns, columns are parameter values for
# --host1 --user1 --password1 --host2 --user2 --password2
# and a trailing empty fake column to avaid CR LF part going
# in the 6th parameter password2. Don't forget the last semicolon.
#
# You can add extra options after the variable "$@"
# Use character backslash \ at the end of each suplementary line, except for the last one.
# You can also pass extra options via the parameters of this script since
# they will be in "$@"
# The credentials filename "file.txt" used for the loop can be renamed
# by changing "file.txt" below.
echo Looping on account credentials found in file.txt
echo
{ while IFS=';' read h1 u1 p1 h2 u2 p2 fake
do
{ echo "$h1" | egrep "^#" ; } > /dev/null && continue # this skip commented lines in file.txt
echo "==== Starting imapsync from host1 $h1 user1 $u1 to host2 $h2 user2 $u2 ===="
imapsync --host1 "$h1" --user1 "$u1" --password1 "$p1" \
--host2 "$h2" --user2 "$u2" --password2 "$p2" \
"$@"
echo "==== Ended imapsync from host1 $h1 user1 $u1 to host2 $h2 user2 $u2 ===="
echo
done
} < file.txt
Example list of accounts to
mail.maildomain.com;user1@incredigeek.com;password1;mail.incredigeek.com;user2@incredigeek.com;password2;
You can run these command from a Linux computer
wget www.incredigeek.com/home/downloads/imapsync/imapsync_loop.sh
chmod +x imapsync_loop.sh
This file will contain the mail server to transfer from, username, and password, and then the mail server to transfer to, username and password. Add one line per account.
Example:
mail.servertotransferfrom.com;Username1;Password1;mail.servertomoveto.com;Username2;Password2; mail.servertotransferfrom.com;testuser;123456;mail.servertomoveto.com;bob;123456;
./imapsync_loop.sh
In the username you may need to use the username@domainname.tld, so if the username is bob, and the mail domain is incredigeek.com, use bob@incredigeek.com for the username in the imapsync_list.txt.