cheatsheet.zwischenspeicher.info

Some tech documentation and snippets, finally organized.

• Home
• Kontakt
• Links

• Tags:
• alsa (2)
• android (1)
• apt (3)
• audio (3)
• blockdevice (1)
• boot (1)
• build (1)
• chrome (1)
• chromium (1)
• cross-platform (1)
• css (1)
• dd (1)
• debian (9)
• devuan (9)
• dns (1)
• dnssec (1)
• dpkg (1)
• e-mail (2)
• filesystem (2)
• firefox (1)
• firmware (1)
• iptables (1)
• ipv4 (3)
• libvirt (1)
• linux (16)
• logrotate (1)
• mobile (1)
• multimedia (3)
• network (7)
• patch (1)
• pinning (1)
• qemu (1)
• raspberry pi (2)
• router (2)
• screencast (1)
• script (3)
• shell (10)
• tcpdump (1)
• video (1)
• wifi (1)
• x11 (1)

Wireshark-readable tcpdump to remote disk

This line captures all packets on the network interface eth0 with source or destination TARGET_IP. To obtain a format readable by wireshark, tcpdump must be configured to not truncate packets. This is achieved by setting the -s flag to 0 or 65535 (maximum packet length in bytes).

The output is piped through ssh to OUTFILE on a remote host.

$ tcpdump -i eth0 -w - -s 0 host TARGET_IP |\
    ssh USER@HOST "cat > dump.pcap"

[Ctrl]+[c] to stop the capture...

To avoid packet dropping at high traffic volume, it may be reasonable to put the capturing computer as transparent bridge into the IP stream and use a logging host on an independent network, connected to an additional (third) network interface ethZ.

In one go:

#!/bin/sh

NIC1=ethX
NIC2=ethY
BRIDGE_IP=BRIDGE_IP
MASK=SUBNETMASK

TARGET_IP=TARGET_IP
SSHD=USER@LOGGINGHOST

#iptables-restore < /etc/iptables/bridge.v4

ifdown "$NIC1"
ifdown "$NIC2"
brctl addbr br0
brctl addif br0 "$NIC1"
brctl addif br0 "$NIC2"
ifconfig "$NIC1" 0.0.0.0
ifconfig "$NIC2" 0.0.0.0
ifconfig br0 "$BRIDGE_IP" netmask "$MASK" up

tcpdump -i "$NIC1" -w - -s 65535 host "$TARGET_IP" |\
    ssh "$SSHD" "cat > dump_`date +%H.%M.%S`.pcap"

Note: When running this script on a headless/remote machine (e.g. an OpenWRT router), double check its iptables rules and possible sshd restrictions to not lock you out or even brick the box.

APT: Prevent upgrading of particular packages

There are cases in which it is desirable to keep a certain package version, be it a forced downgrade or a custom build. Here I show several ways to achieve this.

The most simple possibility is to mark the package hold in the dpkg status file /var/lib/dpkg/status:

$ echo "PACKAGE_NAME hold" | dpkg set-selections

or, using apt-mark as wrapper:

$ apt-mark hold PACKAGE_NAME

To undo this and return the selected package to apt's default workflow, run

$ echo "PACKAGE_NAME installed" | dpkg set-selections

or, respectively:

$ apt-mark unhold PACKAGE_NAME

This is a very static solution and apt provides a much more flexible way of package handling, called pinning. It is configured in the file /etc/apt/preferences resp. in an arbitrary file in the /etc/apt/preferences.d/ directory.

Pinnig allows prioritization of package versions depending on factors like version number, repository or release name - wildcards and regular expressions are allowed. The most simple configuration for a single package, analog to the dpkg way described above, would look like this:

### File: /etc/apt/preferences 
###       OR
###       /etc/apt/preferences.d/SOMEFILE

Package:        PACKAGE_NAME
Pin:            version PACKAGE_VERSION
Pin-Priority:   1001

See the manpage apt_preferences(5) for a detailed description of all pinning possibilities.

Finally, for local builds it is possible to assign them a local version number, as I have described in this post, and pin, if necessary, based on that.

Dynamic IP workaround

When running on a NATed computer (e.g. a NAS), this shell script checks an external service for the router's WAN IP in an configurable interval. Whenever it detects a change, an e-mail with the new IP address will be sent via msmtp. As long as the $APIURL is valid, only the $MAILTO definition needs to be adapted.

#!/bin/sh

MAILTO="YOUR_E-MAIL_ADDRESS"
MSG="Subject: Home IP\n\nCurrent IP: "
APIURL="http://api.ipify.org/"
INTERVAL="1800"
GETIP="/usr/bin/curl -s "$APIURL""
SENDCMD="/usr/bin/msmtp"

IP=`$GETIP`
printf "$MSG""$IP" | "$SENDCMD" "$MAILTO"
sleep "$INTERVAL"

while : ; do
    IPNEW=`$GETIP`
    if [ "$IPNEW" = "$IP" ] ; then
        sleep "$INTERVAL"
        IPNEW=`$GETIP`
    else
        IP="$IPNEW"
        echo "$MSG""$IP" | "$SENDCMD" "$MAILTO"
    fi
done

And here a simple msmtp configuration with TLS enabled – be aware that the mail password is stored on the host computer in plaintext.

### File: ~/.msmtprc or /etc/msmtprc

defaults
auth            on
tls             on
tls_starttls    off
tls_trust_file  /etc/ssl/certs/ca-certificates.crt
logfile         ~/.msmtp.log

account         ACCOUNT_1
host            SMTP_SERVER
user            USER_NAME
password        PASSWORD
from            FROM_ADDRESS

account default : ACCOUNT_1

X11 screencast (with audio)

Screenrecording of a 1024x768 pixel area, with an x/y-offset of 80/120px. Sound is recorded at a bitrate of 128kb/s from the analog input of the default ALSA sound card, the outline of the captured region is displayed on screen:

avconv -f x11grab -show_region 1 \
       -s 1024x768 -i :0.0+80,120 \
       -f alsa -i hw:0 \
       -b:v 1200k -b:a 128k \
       -y ~/screencast.mpg

Don't forget to check the mixer settings!

---

Recording sound from another application instead of an external source requires to modprobe the snd_aloop kernel module and a line of ALSA configuration:

### File: ~/.asoundrc

pcm.!default { type plug slave.pcm "hw:Loopback,0,0" }

Additionally, the avconv audio input parameters need to be changed to

-f alsa -i hw:Loopback,1,0

---

The configuration of an optional output channel for audio monitoring is described here at ffmpeg.org.

All content under CC BY-NC-SA 4.0
Created by Florian Zieboll with BlazeBlogger