IT notes

Enable Paste

To enable paste in chrome, open the console and enter: var allowPaste = function(e){ e.stopImmediatePropagation(); return true; }; document.addEventListener('paste', allowPaste, true);

kld_list

To load kernel modules after local disks are mounted add this to /etc/rc.conf: kld_list="fuse" in this case module fuse will be loaded

hw.(machine|model|ncpu)

To get an overview of the system: # sysctl -a | egrep -i 'hw.machine|hw.model|hw.ncpu' hw.machine: amd64 hw.model: Intel(R) Xeon(R) Silver 4110 CPU @ 2.10GHz hw.ncpu: 16 hw.machine_arch: amd64

moosefs

Create a small distributed file system using 2 servers one acting as a mater/chunkserver and other only as a chunkserver. Install the required packages: pkg install moosefs3-cgi moosefs3-cgiserv moosefs3-chunkserver moosefs3-client For the master just add: pkg install moosefs3-master In all the servers add to your /etc/hosts and entry for the mfsmaster: X.X.X.X mfsmaster Before starting the master, crate the file /var/mfs/metadata.mfs with: MFSM NEW Create a pool to share:

MANIFEST No Such File or Directory

If when trying to install FreeBSD using bsdinstall you get: "Error while fetching file:///usr/freebsd-dist/MANIFEST" - no such file or directory Try to: [email protected]:~ # mkdir -p /usr/freebsd-dist/ [email protected]:~ # touch /usr/freebsd-dist/MANIFEST And then start again

ctrl-backslash

To send a quit signal to the process: ctrl-\ # (backslash) This will send a SIGQUIT

python site packages

To find the python site-packages paths: $ python -m site

DNS TCP

Unbound using DNS over TCP: server: private-domain: "plex.direct" forward-zone: name: "." forward-ssl-upstream: yes forward-addr: [email protected] forward-addr: [email protected] forward-addr: [email protected] forward-addr: [email protected] forward-addr: 2606:4700:4700::[email protected] forward-addr: 2606:4700:4700::[email protected] forward-addr: 2620:fe::[email protected]; forward-addr: 2620:fe::[email protected]; To test do: # unbound-control -c /var/unbound/unbound.conf lookup . It should return something like: The following name servers are used for lookup of . forwarding request: Delegation with 0 names, of which 0 can be examined to query further addresses.

ssh CanonicalDomains

SSH Canonicalization CanonicalDomains example.com example.net example.org # CanonicalizeFallbackLocal no CanonicalizeHostname yes Host *.example.com IdentityFile ~/.ssh/exampleCOM User foo Host *.example.net IdentityFile ~/.ssh/exampleNET User foo Host *.example.org User foo IdentityFile ~/.ssh/exampleORG more info: https://dotfiles.tnetconsulting.net/articles/2016/0109/ssh-canonicalization.html

pfsense

How to connect using serial (usb/com RJ45) port on macOS: $ sudo cu -s 115200 -l /dev/tty.usbserial-DN04FSAL To bail out when you’re done, type ~. as you would with SSH. Boot example: After installing (zfs on root): The toy:

packagecloud

To upload all packages to packagecloud: package_cloud push immortal/immortal/el/7 immortal_0.19.0_*.rpm --skip-errors for .deb 386 needs to be i386

gzip

Gzip all files within a directory: gzip -r ./ or find . -type f ! -name '*.gz' -exec gzip "{}" \;

odroid C2

Disabling blinking blue led: echo none > /sys/class/leds/blue:heartbeat/trigger To make the change permanent add the line to /etc/rc.local

exec

exec is a functionality of an operating system that runs an executable file in the context of an already existing process, replacing the previous executable. https://en.wikipedia.org/wiki/Exec_(system_call) exec replaces the current program in the current process, without forking a new process. Examples to use: exec csh This will just replace the existing shell with csh and only need to type exit once Within a script to startup python scripts, for example:

sockstat

The sockstat command list open Internet or UNIX domain sockets. List open tcp in ipv4: # sockstat -4l Show connectd sockets in port 443 and tcp: # sockstat -P tcp -p 443 -c List unix sockets: # sockstat -u

Ansible ad-hoc

To send a command to all the servers within a playbook: $ ansible all -a "service chronyd restart" -u devops --become What’s an ad-hoc command? An ad-hoc command is something that you might type in to do something really quick, but don’t want to save for later. http://docs.ansible.com/ansible/latest/user_guide/intro_adhoc.html

freebsd-update

Update Freebsd using freebsd-update: Set in /etc/rc.conf: kern_securelevel_enable="NO" kern_securelevel="0" reboot and then: # freebsd-update upgrade -r 10.4-RELEASE # freebsd-update install # reboot # freebsd-update install Repeate then to upgrade to 11.1 freebsd-update upgrade -r 11.1-RELEASE Only security patches: # freebsd-update fetch # freebsd-update install To update the packages: # pkg-static upgrade -f # freebsd-update install A forced upgrade of all installed packages will replace the packages with fresh versions from the repository even if the version number has not increased.

Influxdb

Basic influxdb queries, setup. You can use influx (the influxdb shell) or use the http API on port :8086 Create and apply retention policy to a database: warning this may remove/purge existing data CREATE RETENTION POLICY "30_days" ON collectd DURATION 30d REPLICATION 1 default notice the ending default that means to apply the created policy Show retention policies: > show retention policies name duration shardGroupDuration replicaN default ---- -------- ------------------ -------- ------- autogen 0s 168h0m0s 1 false 30_days 720h0m0s 24h0m0s 1 true Show databases contents (measurements):

womp

To enable WoL (Wake-on-LAN) on macOS: $ sudo pmset womp 1 Then check the settings: $ pmset -g System-wide power settings: Currently in use: standbydelay 10800 standby 1 womp 1 halfdim 1 hibernatefile /var/vm/sleepimage powernap 1 gpuswitch 2 networkoversleep 0 disksleep 10 sleep 1 (sleep prevented by coreaudiod, coreaudiod, iTunes) autopoweroffdelay 28800 hibernatemode 3 autopoweroff 1 ttyskeepawake 1 displaysleep 10 tcpkeepalive 1 acwake 0 lidwake 1

Domain Fronting

If your domain becomes blocked you “could use” another one to bypass the block: curl -s -H "Host: your-blocked-domain" -H "Connection: close" "https://new-tld/your/path" Both domains must be hosted within the same CDN, example: curl -s -H "Host: images-na.ssl-images-amazon.com" -H "Connection: close" "https://cdn.atlassian.com/images/I/01rgQ3jqo7L.css" More info: https://www.optiv.com/blog/escape-and-evasion-egressing-restricted-networks https://www.peew.pw/blog/2018/2/22/how-i-identified-93k-domain-frontable-cloudfront-domains