ThanksInstall Ubuntu Server on a Raspberry Pi 2, 3 or 4 https://ubuntu.com/download/raspberry-pi Scan your LAN to find the IP then SSH ssh -p 22 [email protected] Password is ubuntu Set Time zone: dpkg-reconfigure tzdata Configure your advanced network: If using Netplan: https://netplan.io/examples If using NetworkManager: apt install network-manager nmtui If you get the error: Connection is not available on device eth0 because device is strictly unmanaged find related config files of interest: grep -r eth0 /etc/ Comment out everything, or delete file: vi /etc/netplan/50-cloud-init.yaml vi /etc/netplan/01-netcfg.yaml # This file describes the network interfaces available on your system # For more information, see netplan(5). # Set and change netplan renderer to NetworkManager GUI tool network: version: 2 renderer: NetworkManager reboot root@rpi4-ubuntu:~# grep -r eth0 /etc/ /etc/initramfs-tools/initramfs.conf:# Specify a specific network interface, like eth0 /etc/NetworkManager/system-connections/eth0 no VLAN.nmconnection:id=eth0 no VLAN /etc/NetworkManager/system-connections/eth0 no VLAN.nmconnection:interface-name=eth0 /etc/NetworkManager/system-connections/VLAN connection 1.nmconnection:interface-name=eth0.5 /etc/NetworkManager/system-connections/VLAN connection 1.nmconnection:parent=eth0 /etc/dhcp/dhclient.conf:# interface "eth0"; /etc/dhcp/dhclient.conf:# interface "eth0"; /etc/netplan/50-cloud-init.yaml:# eth0: root@rpi4-ubuntu:~#
Perfecting the art of rural communications using Linux, cloud, internet, wireless technologies since 1993
Showing posts sorted by date for query vlan. Sort by relevance Show all posts
Showing posts sorted by date for query vlan. Sort by relevance Show all posts
Ubuntu 20.04 LTS 64 on a Raspberry Pi 4
PCAP over IP to NetworkMiner
Most are familiar with WireShark and how to use dumpcap to remotely create a pcap file. Below, see a remote dumpcap session streaming via NetCat to NetworkMiner packet analyzer by netresec.com. NetworkMiner is a forensics tool that decodes the real time pcap stream and displays the images, videos, files, sessions, and DNS traffic that it contains.
On NetworkMiner:
File > Receive Pcap over IP > Start
On your router:
eth0 = The interface.vlan you want to capture. Leave the vlan off to capture all vlans and the vlan tags.
eth0.4 = Capture vlan 4 on the first physical ethernet interface.
90:b6:86:24:61:86 = The MAC address of the device you want
10.0.5.2 = The host running NetworkMiner (Do Not capture the traffic you are streaming. Loop)
57012 = the port NetworkMiner is listening on.
On NetworkMiner:
File > Receive Pcap over IP > Start
On your router:
Where:dumpcap -i eth0 -P -w - -f "ether host 90:b6:86:24:61:86" | nc 10.0.5.2 57012
eth0 = The interface.vlan you want to capture. Leave the vlan off to capture all vlans and the vlan tags.
eth0.4 = Capture vlan 4 on the first physical ethernet interface.
90:b6:86:24:61:86 = The MAC address of the device you want
10.0.5.2 = The host running NetworkMiner (Do Not capture the traffic you are streaming. Loop)
57012 = the port NetworkMiner is listening on.
Ubuntu 12.04 VLAN trunk to OpenWRT 10.03.1 router
sudo su apt-get install vlan vconfig add eth0 2 vconfig add eth0 3 vconfig add eth0 4 ifconfig eth0 0.0.0.0 ifconfig eth0 mtu 1504 dhclient eth0.2 ifconfig eth0.2 mtu 1500 dhclient eth0.3 ifconfig eth0.3 mtu 1500 dhclient eth0.4 ifconfig eth0.4 mtu 1500 echo "nameserver 8.8.8.8" > /etc/resolv.conf ping -M do -s 1472 -c 1 google.com ifconfig uname -a Linux ubuntu 3.2.0-23-generic #36-Ubuntu SMP Tue Apr 10 20:39:51 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux lspci 02:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168B PCI Express Gigabit Ethernet controller (rev 06) lspci -n 02:00.0 0200: 10ec:8168 (rev 06)
Virtual Interfaces, vlan tags, Ethernet bridging, spanning tree, and openvpn on linux.
This post is just a collection of rough code snips and URL's to jog my memory on a few concepts in the future. It is NOT a how to and will probably not be useful to anyone else but you never know. The /etc/network/interfaces snip below was part of a creative workaround for an unreliable and out dated wide area Ethernet network I had to deal with that had no money or desire for repair or upgrade. It has now been removed from service but at the time the main network would go down for extended periods in the winter when the rural Utah mountain tops were expensive to reach by helicopter or snow cat. Using free Linux tools I could create virtual interfaces, bridge them together with spanning tree and openvpn and route the low volume critical traffic over two low cost DSL connections to restore connectivity around the broken parts.
http://openvpn.net/index.php/open-source/documentation/install.html?start=1
http://library.linode.com/networking/openvpn/ubuntu-10.04-lucid
https://help.ubuntu.com/10.10/serverguide/C/openvpn.html
http://openvpn.net/index.php/open-source/documentation/howto.html#startup
On Windows run as admin or it service. Otherwise, it cannot apply forced route data.
http://openvpn.se/files/howto/openvpn-howto_run_openvpn_as_nonadmin.html
HKEY_LOCAL_MACHINE\SOFTWARE\OpenVPN-GUI\allow_service
Create new host key:
cd /etc/openvpn/easy-rsa
source vars
./pkitool new-host-name
Revoke old host key:
cd /etc/openvpn/easy-rsa
source vars
./revoke-full old-host-name
#/etc/network/interfaces #Note that MTU must be reduced to 1496 due to 4 byte VLAN tag. Some ethernet drivers do not handel this automatically. #http://www.linuxjournal.com/node/7268/print #As mentioned earlier, 802.1q works by tagging each frame with a 4-byte VLAN identifier. However, some Ethernet drivers assume the maximum frame size is 1,500 bytes. The addition of the 4-byte tag does not leave as much room for data. Thus, although small packets are sent and received correctly, large packets fail. The solution is either to drop the MTU of the VLAN device or to correct the assumptions of the driver. #Patches are available on the Linux VLAN Web site for a variety of cards (see Resources). Several drivers work correctly out of the box (or tar.gz, as the case may be), including the e100 driver for Intel-based cards. # #root@ubuntu:~# ping -M do -s 1472 -c 1 google.com #root@ubuntu:~# ping -M do -s 1473 -c 1 google.com #PING google.com (74.125.225.199) 1473(1501) bytes of data. #From yourhost.com (192.168.1.1) icmp_seq=1 Frag needed and DF set (mtu = 1500) auto ppp0 iface ppp0 inet ppp pre-up ifconfig eth0 0.0.0.0 pre-up ifconfig eth1 0.0.0.0 pre-up vconfig set_name_type DEV_PLUS_VID_NO_PAD pre-up vconfig add eth0 1 pre-up vconfig add eth0 3751 pre-up vconfig add eth0 3757 pre-up vconfig add eth1 1 pre-up vconfig add eth1 3751 pre-up vconfig add eth1 3757 pre-up ifconfig eth0.1 0.0.0.0 pre-up ifconfig eth1.1 0.0.0.0 pre-up ifconfig eth0.3751 0.0.0.0 pre-up ifconfig eth1.3751 0.0.0.0 pre-up ifconfig eth0.3757 0.0.0.0 pre-up ifconfig eth1.3757 0.0.0.0 pre-up brctl addbr br1 pre-up brctl addbr br3751 pre-up brctl addbr br3757 pre-up brctl stp br1 on pre-up brctl stp br3751 on pre-up brctl stp br3757 on pre-up brctl setbridgeprio br1 0 pre-up brctl setbridgeprio br3751 0 pre-up brctl setbridgeprio br3757 0 pre-up brctl addif br1 eth0.1 pre-up brctl addif br1 eth1.1 pre-up brctl addif br3751 eth0.3751 pre-up brctl addif br3751 eth1.3751 pre-up brctl addif br3757 eth0.3757 pre-up brctl addif br3757 eth1.3757 pre-up ifconfig br1 172.31.141.126 pre-up ifconfig br1 broadcast 172.31.141.127 netmask 255.255.255.240 pre-up ifconfig br1 mtu 1496 pre-up ifconfig br3751 192.168.141.126 pre-up ifconfig br3751 broadcast 192.168.143.255 netmask 255.255.252.0 pre-up ifconfig br3751 mtu 1496 pre-up ifconfig br3757 192.168.0.2 pre-up ifconfig br3757 broadcast 192.168.0.255 netmask 255.255.255.0 pre-up ifconfig br3757 mtu 1496 pre-up sleep 45s post-down ifconfig br3757 mtu 1500 post-down ifconfig br3757 0.0.0.0 post-down ifconfig br3757 down post-down ifconfig br3751 mtu 1500 post-down ifconfig br3751 0.0.0.0 post-down ifconfig br3751 down post-down ifconfig br1 mtu 1500 post-down ifconfig br1 0.0.0.0 post-down ifconfig br1 down post-down brctl delif br3757 eth1.3757 post-down brctl delif br3757 eth0.3757 post-down brctl delif br3751 eth1.3751 post-down brctl delif br3751 eth0.3751 post-down brctl delif br1 eth1.1 post-down brctl delif br1 eth0.1 post-down brctl setbridgeprio br3757 100 post-down brctl setbridgeprio br3751 100 post-down brctl setbridgeprio br1 100 post-down brctl stp br3757 off post-down brctl stp br3751 off post-down brctl stp br1 off post-down brctl delbr br3757 post-down brctl delbr br3751 post-down brctl delbr br1 post-down ifconfig eth1.3757 down post-down ifconfig eth0.3757 down post-down ifconfig eth1.3751 down post-down ifconfig eth0.3751 down post-down ifconfig eth1.1 down post-down ifconfig eth0.1 down post-down vconfig rem eth1.3757 post-down vconfig rem eth1.3751 post-down vconfig rem eth1.1 post-down vconfig rem eth0.3757 post-down vconfig rem eth0.3751 post-down vconfig rem eth0.1 post-down vconfig set_name_type VLAN_PLUS_VID_NO_PAD post-down ifconfig eth1 down post-down ifconfig eth0 down provider dsl-qwest
http://openvpn.net/index.php/open-source/documentation/install.html?start=1
http://library.linode.com/networking/openvpn/ubuntu-10.04-lucid
https://help.ubuntu.com/10.10/serverguide/C/openvpn.html
http://openvpn.net/index.php/open-source/documentation/howto.html#startup
On Windows run as admin or it service. Otherwise, it cannot apply forced route data.
http://openvpn.se/files/howto/openvpn-howto_run_openvpn_as_nonadmin.html
HKEY_LOCAL_MACHINE\SOFTWARE\OpenVPN-GUI\allow_service
Create new host key:
cd /etc/openvpn/easy-rsa
source vars
./pkitool new-host-name
Revoke old host key:
cd /etc/openvpn/easy-rsa
source vars
./revoke-full old-host-name
Subscribe to:
Posts (Atom)