Net-SNMP IFTABLE_CACHE_TIMEOUT

user-pic
Vote 0 Votes

IFTABLE_CACHE_TIMEOUT control how frequent update ifTable counter.
Net-SNMP v5.4,v5.5 IFTABLE_CACHE_TIMEOUT 15
Net-SNMP v5.6,v5.7 IFTABLE_CACHE_TIMEOUT 3
Newer version have shorter cache timeout, but if you want to monitor real-time traffic by second, 3 seconds still useless.

To change this value

Method 1:
snmpset -v2c -cpublic localhost .1.3.6.1.4.1.8072.1.5.3.1.2.1.3.6.1.2.1.2.2 i 1 # after snmpd start
Note: use override to set the value does NOT work.
ref. How to set the agent update or counter refresh interval on net-snmp

Method 2:
Get Net-SNMP source tar ball, change the value in agent/mibgroup/if-mib/ifTable/ifTable_data_access.h
./configure && make && make install

Enable Keepalived SNMP subsystem

user-pic
Vote 0 Votes

echo KEEPALIVED_OPTIONS=\"-D -x\" > /etc/sysconfig/keepalived
echo master agentx >> /etc/snmp/snmpd.conf
echo mibs +KEEPALIVED-MIB >> /etc/snmp/snmp.conf # load KEEPALIVED-MIB, the file must in /usr/share/snmp/mibs
service snmpd restart
service keepalived restart # must after restart snmpd

snmpwalk -v2c -cpuclic localhost KEEPALIVED-MIB:vrrp

Compile PHP with couchdb

user-pic
Vote 0 Votes

cd php-5.6.23
git clone https://github.com/akissa/php-couchdb
mv php-couchdb ext/couchdb
rm configure
./buildconf --force
./configure --enable-couchdb

Compile PHP with mongodb

user-pic
Vote 0 Votes

cd php-5.6.23
wget -qO- https://pecl.php.net/get/mongo-1.6.14.tgz | tar zxv
mv mongo-1.6.14 ext/mongo
rm configure
./buildconf --force
./configure --enable-mongo

mongo extension 已經被 mongodb 取代, 不過仍有維護及安全性更新

因為 PuTTY 的 Private Key 格式, 跟 OpenSSH 的不太一樣, 若兩邊要共用同一把 Key,
Key 要從 OpenSSH 那邊產生, 再用 puttygen.exe 匯入 Key, 用 Load an existing private key file

再 Save public key, Save private key

SSH 的認證方式, 其實有很多種, 用 ssh -oPreferredAuthentications=none host 可以取得 Server 端所支援的認證方式,
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password,hostbased).
輸出類似這樣, 看到 Permission denied 是正常的
比較常見的是 password、publickey, 而 hostbased 比較少用的原因可能是需求變少了, 且 sshd_config 中預設也沒開
hostbased 認證使用時機是當 Host C 中的很多用戶, 都要用免密碼連到 Host S, 管理者只要設定好,
Host C 用戶就能直接 ssh 到 Host S (同帳號)
環境 Host C's hostname is host-c, Host S's hostname is host-s

Client /etc/ssh/ssh_config
HostbasedAuthentication yes
EnableSSHKeysign yes
Client /etc/hosts
192.168.0.6 host-c
加入自已的 IP Hostname 對應, 若沒有會出現 get_socket_address: getnameinfo 8 failed: Name or service not known

Server sshd_config
HostbasedAuthentication yes
HostbasedUsesNameFromPacketOnly yes
IgnoreRhosts no # 若要讓 root 也能連入
Server /etc/ssh/ssh_known_hosts 這個檔要有 Client 端的 /etc/ssh/ssh_host_rsa_key.pub
ssh-keyscan host-c >> /etc/ssh/ssh_known_hosts
編輯 /etc/ssh/ssh_known_hosts
在 Host C IP 前加入 host-c, 重要, 因為 hostbased 是認 Hostname, 若沒加會找不到 Key
host-c,192.0.2.102 ssh-rsa AAAAB3NzaC1yc2EAAAABIw ... qqU24CcgzmM=
Server /etc/ssh/shosts.equiv
加入 host-c
若要讓 root 也能連入, /root/.shosts 要加入 host-c

PowerShell OpenSSH

user-pic
Vote 0 Votes

PowerShell OpenSSH 是微軟 PowerShell Team 所 build 的 OpenSSH,
其針對 Windows 環境有些調整, 例如 ssh-keygen 會產在 Key 在 %USERPROFILE\.ssh
比起其他的版本, 更適合在 Windows 使用, 目前仍是 Pre-release

ref. Windows PowerShell Blog - OpenSSH for Windows Update

LINE BOT API

user-pic
Vote 0 Votes

LINE 於四月初開始提供 BOT API 試用, 可登入 LINE Business Center 申請
API Reference
需準備一台有 HTTPS 服務的 Web Server, 用來接收 Callback,
不能用自簽的 SSL, 否則 VERIFY 會出現 Could not connect using SSL. 可去申請 Let's Encrypt - Free SSL/TLS Certificates
當有人送訊息到 BOT 帳號, 系統會送 POST message 到指定的 Callback URL (由後台設定),
觀察 Source IP 都來自 203.104.146.0/24, 所以 Server 要 Allow 這一段
訊息是 JSON 格式, 大概像這樣(有經過 formating)

PHP 的回話範例, 將前三行換成自己的即可
Channel ID、Channel Secret、MID 可以在 LINE Developers 後台找到

基本貼圖「饅頭人&詹姆士」 STKPKGID:1, STKVER:100 的 API 參數編號 STKID 依序如下

第1列 STKID 4,13,2,10,17,401,402,5,15,1
第2列 STKID 3,16,403,404,405,406,11,7,21,14
第3列 STKID 8,9,12,6,100,101,102,103,104,105
第4列 STKID 106,107,108,109,110,111,112,113,114,115
第5列 STKID 116,117,118,407,408,409,410,411,412,413
第6列 STKID 414,415,416,417,418,419,420,421,422,423
第7列 STKID 424,425,426,427,428,429,430,119,120,121
第8列 STKID 122,123,124,125,126,127,128,129,130,131
第9列 STKID 132,133,134,135,136,137,138,139

基本貼圖「熊大&兔兔」 STKPKGID:2,STKVER:100 的 API 參數編號 STKID 依序如下

第1列 STKID 140,141,142,143,501,502,503,144,145,146
第2列 STKID 147,504,505,506,507,148,149,150,151,152
第3列 STKID 153,154,155,19,508,509,510,511,512,513
第4列 STKID 18,38,514,515,516,156,158,157,517,518
第5列 STKID 519,520,159,521,522,523,524,525,22,34
第6列 STKID 32,23,526,527,39,33,24,25,27,29
第7列 STKID 30,31,26,160,161,162,163,164,165,166
第8列 STKID 167,168,169,170,171,172,173,174,175,176
第9列 STKID 177,178,179,37,36,46,35,28,20,42
第10列 STKID 41,47,43,45,40,44

基本貼圖「櫻桃可可」 STKPKGID:3,STKVER:100 的 API 參數編號 STKID 依序如下

第1列 STKID 180,181,182,183,184,185,186,187,188,189
第2列 STKID 190,191,192,193,194,195,196,197,198,199
第3列 STKID 200,201,202,203,204,205,206,207,208,209
第4列 STKID 210,211,212,213,214,215,216,217,218,219
第5列 STKID 220,221,222,223,224,225,226,227,228,229
第6列 STKID 230,231,232,233,234,235,236,237,238,239
第7列 STKID 240,241,242,243,244,245,246,247,248,249
第8列 STKID 250,251,252,253,254,255,256,257,258,259

基本貼圖「表情圖片」 STKPKGID:4,STKVER:100 的 API 參數編號 STKID 依序如下

第1列 STKID 263,264,265,266,267,268,601,602,603,604
第2列 STKID 605,606,260,261,262,607,269,270,271,272
第3列 STKID 273,608,274,275,276,277,278,609,610,282
第4列 STKID 283,291,279,280,281,284,285,611,286,612
第5列 STKID 288,289,613,614,615,290,616,617,292,293
第6列 STKID 294,295,296,618,619,287,297,298,299,300
第7列 STKID 301,302,620,303,304,305,306,307,621,622
第8列 STKID 623,624,625,629,627,628,626,630,631,632

XML formating

user-pic
Vote 0 Votes

| xmllint --format - # need libxml2 package
| xmlstarlet fo # need xmlstarlet
Make it more readable.

JSON formating

user-pic
Vote 0 Votes

| python -m json.tool # need python package
| jq . # need jq package
Make it more readable.

Monthly Archives