Category Archives: Uncategorized

varnish 6.4 ubuntu

vim /etc/apache2/ports.conf
Listen 127.0.0.1:8080
vim /etc/apache2/sites-available/000-default.conf

systemctl restart apache2.service

apt-get install make automake autotools-dev libedit-dev libjemalloc-dev libncurses-dev libpcre3-dev libtool pkg-config python-docutils python-sphinx graphviz autoconf-archive curl git
git clone https://github.com/varnishcache/varnish-cache
sh autogen.sh && sh configure && make
ldconfig

varnishd -a :80 -T localhost:6082 -b localhost:8080

curl -I http://127.0.0.1
HTTP/1.1 200 OK
Date: Tue, 28 Jul 2020 16:52:48 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 27 Nov 2016 03:03:10 GMT
Vary: Accept-Encoding
Content-Type: text/html
X-Varnish: 32801
Age: 0
Via: 1.1 varnish (Varnish/6.4)
ETag: W/"2c39-5423f985a9780-gzip"
Accept-Ranges: bytes
Connection: keep-alive

check port on some random server


printf "%d.%d.%d.%d\n" "$((RANDOM % 256))" "$((RANDOM % 256))" "$((RANDOM % 256))" "$((RANDOM % 256))"
for i in {1..3}; do !!; done > sm_rnd_ip

while read HOST ; do nc -zvw3 $HOST 80 &> /dev/null; [[ $? -eq 0 ]] &&
printf "Port 80 is UP on %s\n" $HOST || printf 'Port 80 is DOWN on %s\n' $HOST ; done < sm_rnd_ip

Port 80 is DOWN on 118.49.236.50
Port 80 is DOWN on 57.101.35.142
Port 80 is DOWN on 8.144.249.142

check http2 support

if you are not sure if http2 is working:

echo | openssl s_client -alpn h2 -connect somedomain.lt:443 | grep -a ALPN
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = somedomain.lt
verify return:1
DONE
ALPN protocol: h2

h2 means http/2 is enabled

create tuntap

sudo ip tuntap add dev tap0 mode tap
sudo ip addr add 192.168.200.1/24 dev tap0

sudo ip route | grep tap0
192.168.200.0/24 dev tap0 proto kernel scope link src 192.168.200.1 linkdown

Useful:
sudo ip link set tap0 up
sudo ip route add 192.168.200.0/24 dev tap0 src 192.168.200.1

Firmware state: Copyback

while $(true); do /root/bin/MegaCli64 adpeventlog getlatest 200 -f ~/adpeventlog.txt a0; awk '/^Time/{TIME=$0};/Seconds/{SECS=$5}/^Event Desc/{printf("%25.25s %5.5s %s\n",TIME,SECS,$0);TIME=" ";SECS=""}' ~/adpeventlog.txt|grep -v fan|tac; sleep 5; done

Status:

Time: Tue Aug 20 16:11:43 Event Description: CopyBack progress on PD 10(e0x04/s12) is 82.04%(24461s)
Time: Tue Aug 20 17:30:05 Event Description: CopyBack progress on PD 10(e0x04/s12) is 83.04%(29163s)
Time: Tue Aug 20 18:21:06 Event Description: CopyBack progress on PD 10(e0x04/s12) is 84.04%(32224s

linux protect directory with password

yum install fuse-encfs
encfs /root/encryptdir /root/decryptdir

he directory “/root/encryptdir/” does not exist. Should it be created? (y,N) y
The directory “/root/decryptdir/” does not exist. Should it be created? (y,N) y
Creating new encrypted volume.
Please choose from one of the following options:
enter “x” for expert configuration mode,
enter “p” for pre-configured paranoia mode,
anything else, or an empty line will select standard mode.
?> p

Paranoia configuration selected.

Configuration finished. The filesystem to be created has
the following properties:
Filesystem cipher: “ssl/aes”, version 3:0:2
Filename encoding: “nameio/block”, version 4:0:2
Key Size: 256 bits
Block Size: 1024 bytes, including 8 byte MAC header
Each file contains 8 byte header with unique IV data.
Filenames encoded using IV chaining mode.
File data IV is chained to filename IV.
File holes passed through to ciphertext.

————————– WARNING ————————–
The external initialization-vector chaining option has been
enabled. This option disables the use of hard links on the
filesystem. Without hard links, some programs may not work.
The programs ‘mutt’ and ‘procmail’ are known to fail. For
more information, please see the encfs mailing list.
If you would like to choose another configuration setting,
please press CTRL-C now to abort and start over.

Now you will need to enter a password for your filesystem.
You will need to remember this password, as there is absolutely
no recovery mechanism. However, the password can be changed
later using encfsctl.

New Encfs Password:
Verify Encfs Password:

mount
encfs on /root/decryptdir type fuse.encfs (rw,nosuid,nodev,relatime,user_id=0,group_id=0,default_permissions)

mv -v /root/secret.tar.gz /root/decryptdir
fusermount -u /root/decryptdir

To access data:
encfs ~/encryptdir/ ~/decryptdir/
EncFS Password: