import own ca cert to android 4.0+

Marzec 4th, 2015

If your certificate is saved in PEM format (in this exaple cert is located CAcert.pem) you need to convert it to DER by:
openssl x509 -inform PEM -outform DER -in CAcert.pem -out CAcert.crt

After that you should save it on sdcard an then import
go to Settings -> Security -> Credential Storage and selecting “Install from storage”
If it is not working and you get error „no certificate file found in the SD card” you can try copy certificate to internal memory e.g. „0”.

Voila!

create ssl certificate for nginx

Wrzesień 29th, 2014

If you want to create ssl certifiacte for nginx you can use this oneliner:

openssl req -x509 -newkey rsa:2048 -keyout server.key -out server.pem -days 3650 -nodes

It will create certificate (server.pem) and key (server.key) without password and will be vaild for 3650 days.

Example ssl nginx server section:


server {
listen 443;
server_name localhost;
ssl on;
ssl_certificate /etc/nginx/ssl/server.pem;
ssl_certificate_key /etc/nginx/ssl/server.key;
location / {
proxy_pass http://localhost:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}

easy way to backup config of Cisco Small Business SG300

Maj 7th, 2014

clone repository with scripts

$ git clone https://github.com/jakubek/rancid-cisco-sb
$ cd src
$ chmod +x csblogin

edit config file with credentials for switch ~/.cloginrc and insert:

add user switchname {admin}
add password switchname {password}
add autoenable switchname 1
add method switchname ssh
add userprompt switchname {"User Name:"}

after that you can test if it works or not
./csblogin -c "show run" swtichname >> switchname.dump

voila in switchname.dump file dump of configuration should wait for you

deliver mbox/mailfile,

Kwiecień 15th, 2013

After problems with processing e-mail by procmail I had to inject mails from file (mbox format) using exim.

Solution is very easy:

cat MAILBOXFILE | formail -s sendmail -t

All collected e-mails in MAILBOXFILE file shall be redelivered to recipients.

ipv4 visual subnet calculator

Styczeń 9th, 2013

If you are looking for nice ipv4 subnet calculator this one is very handy: http://www.davidc.net/sites/default/subnets/subnets.html

tcpdump over netcat to wireshark

Styczeń 1st, 2013

Dumping packets where dst or src is 192.168.13.10 and we send them over netcat to ip 192.168.13.14 port 3000:

tcpdump -i br0 -s0 -w - src 192.168.13.10 or dst 192.168.13.10 | nc 192.168.13.14 3000

Packets from interface br0 (-i br0), without size limit (-s0) are printed on standart output (-w -) then netcated to machine with wireshark installed.

Let’s read them on machine with ip 192.168.13.14:

nc -l 0.0.0.0 3000 | sudo wireshark -k -i -

I used this on my router with tomato firmware to sniff packets from my mobile phone.

ruby on rails migration from sqlite to mysql

Listopad 17th, 2012

Migrate data from sqlite to mysql is very easy. You need only mysql server with user account.

Firstly install this gems (this is mysql driver and tool to backup and restore data):
sudo gem install yaml_db
sudo gem install mysql

Add them to your Gemfile:

gem 'yaml_db'
gem 'mysql'

then run

bundle

Now u can backup your database:

rake db:dump

Whole dump is available in db directory, default file is data.yml.

Change database.yml config file, if you use development environment probably new config will look like this:


development:
adapter: mysql
encoding: utf8
reconnect: false
database: your_database
host: your_database_server
pool: 5
username: your_database_username
password: your_database_password

After this operation you need to run:

rake db:create
rake db:schema:load

It will create your database on server described in database.yml file.

Last thing is restore your database from data.yml to newly created database by:

rake db:load

Now your application runs on mysql database.

debian openvpn + ldap segfault

Październik 9th, 2012

if „/etc/init.d/openvpn start” generates this kind of error:

Oct 9 16:25:07 openvpn kernel: [ 377.715347] openvpn[2850]: segfault at 0 ip 00007feecf9e89b3 sp 00007fffc2e19900 error 4 in libobjc.so.4.0.0[7feecf9da000+17000]

check your openvpn-auth-ldap version


root@openvpn:~# dpkg -l | grep openvpn
ii openvpn 2.2.1-8 amd64 virtual private network daemon
ii openvpn-auth-ldap 2.0.3-3 amd64 OpenVPN LDAP authentication module

then


cd /var/cache/apt/archives
ls -ls *ldap*
48 -rw-r--r-- 1 root root 46218 Aug 28 2011 openvpn-auth-ldap_2.0.3-1.1_amd64.deb
48 -rw-r--r-- 1 root root 45784 Aug 15 2009 openvpn-auth-ldap_2.0.3-1_amd64.deb
48 -rw-r--r-- 1 root root 46522 Feb 21 2012 openvpn-auth-ldap_2.0.3-2_amd64.deb
48 -rw-r--r-- 1 root root 46708 Jun 5 17:33 openvpn-auth-ldap_2.0.3-3_amd64.deb

and try to downgrade ldap auth package by:


dpkg -i openvpn-auth-ldap_2.0.3-2_amd64.deb

and voila


root@openvpn:/var/cache/apt/archives# /etc/init.d/openvpn restart
[ ok ] Stopping virtual private network daemon:.
[ ok ] Starting virtual private network daemon: udp.

fi!

disk usage (du) files/dirs with dot

Październik 4th, 2012

du -hs .[^.]*

install ibm java sdk on debian

Wrzesień 27th, 2012


localhost:/opt# ./ibm-java-sdk-7.0-2.0-x86_64-archive.bin -i console
Preparing to install...
Extracting the JRE from the installer archive...
Unpacking the JRE...
Extracting the installation resources from the installer archive...
Configuring the installer for this system's environment...

Launching installer...

An internal LaunchAnywhere application error has occured and this application cannot proceed. (LAX)

Stack Trace:
java.lang.IllegalArgumentException: Invalid Unicode sequences: illegal character
at java.util.Properties.loadImpl(Properties.java:361)
at java.util.Properties.load(Properties.java:293)
at com.zerog.common.java.util.PropertiesUtil.loadProperties(DashoA10*..)
at com.zerog.lax.LAX.(DashoA10*..)
at com.zerog.lax.LAX.main(DashoA10*..)

To resolve this problem change your shell prompt:
export PS1=$

If this not help you can try debug installation by setting:
export LAX DEBUG=1