Speed limit on network interface using TC

I will give an example of a speed limit of up to 3.3 Gb/s on a network interface on Ubuntu Server 16.04:

/sbin/tc qdisc del dev ens2f0 parent ffff:
/sbin/tc qdisc add dev ens2f0 handle ffff: ingress
/sbin/tc filter add dev ens2f0 parent ffff: protocol ip prio 50 u32 match ip dst 0.0.0.0/0 police rate 3300mbit burst 330k mtu 30000 drop flowid 1:0

Continue reading Speed limit on network interface using TC

BGP. Channel Balancing on Quagga

I will give an example of balancing only incoming traffic with two channels using Quagga.

On the test, I will use Ubuntu 16.04.4 LTS and Quagga 0.99.24.1, the network interface ens1f0 for the second provider with one neighbors and ens2f0 for the first provider with two neighbors, the local network will be connected to ens2f1. Both providers announce “default”.
3.3.3.0/23 this will be my network with white IP addresses.
Continue reading BGP. Channel Balancing on Quagga

View and configure sharing of files and folders Windows from the command line

I will give an example of some commands for setting up sharing of resources.

View shared resources:

net share

Deleting a shared resource:

net share <sharename> /delete

Sharing a folder:

net share sharename=C:\dir

Example of disconnecting users from the share:

net session \\pc1 /delete

To close an open network file, use the command:

net file file_id /close

An example of granting user rights to a file (N – not set, W – write, C – change, F – full access):

cacls file.txt /G User:w

To cancel user access to a share:

cacls /R User

We allow up to 5 users to simultaneously connect to a shared resource:

net share sharename /users:5

Example of caching settings from a share (manual/BranchCache/documents/programs/none):

net share myshare /cache:manual

I want to note that when opening a share to a resource in the firewall, the following ports should be opened: TCP 139, TCP 445, UDP 137, UDP 138.

See also my articles:
Installing and using the nbtscan network scanner
Some information about the virus encryptor Trojan.Encoder.12544 attacked 06/27/2017

Installing and using the nbtscan network scanner

Install command in Linux Ubuntu/Debian:

sudo apt-get install nbtscan

The Windows version can be downloaded from http://www.unixwiz.net/tools/nbtscan.html

Network scan example:

nbtscan 192.168.1.0/24

I will describe the possible startup keys:
-O FILENAME (output information to file)
-v (more detailed information output)
-p (port indication)
-H (generate HTTP header)
-m (MAC address indication)
-n (do not convert names to DNS, display only IP)
-t NUMBER (response time in seconds, default 1)
-v (display version nbtscan)

Dnstop – monitoring of requests to the DNS server

The utility is installed in Ubuntu/Debian by the command:

sudo apt-get install dnstop

Start-up example:

dnstop -n google.com eth0

I’ll describe the list of possible startup keys:
-4 (number of IPv4 packets)
-6 (number of IPv6 packets)
-Q (number of requests)
-R (number of answers)
-a (anonymous IP addresses)
-i ADDRESS (ignoring the specified IP address)
-n NAME (number of requests for the specified address only)
-l NUMBER (monitoring up to the specified number of requests)
-f (filter name)

Configuring DHCP+TFTP for DOCSIS

Recently, it was necessary to configure the issuance of IP addresses to several old DOCSIS modems and the host located after the modem.
At hand was the Arris Cadant C3 and Thomson TCM-420 modems.

First of all, let’s start a DHCP server that will issue IP addresses to modems, for example, as I described in this article – Installing and configuring isc-dhcp-server.
And also we will launch a TFTP server on which there will be files for modems, for example, as I described in the article – Installing and Configuring a TFTP Server

Continue reading Configuring DHCP+TFTP for DOCSIS

How to convert a list of IP addresses to DNS names

In Linux, you can convert a list of IP addresses into DNS names, for example, by a simple script.

To do this, create an empty file with the extension .sh, make it executable and add the content to it:

#!/bin/sh
while read ip traf ; do
    name=`host $ip|awk '{print $NF}'`
    echo -e "$name\t$ip\t$traf"
done >name_ip_traf.lst <ip_traf.lst

Where ip_traf.lst is a file with a list of IP addresses that need to be converted to DNS names.

You can make it executable by the command:

chmod +rwx file.sh

Run the script in the directory where it is located by the command:

./file.sh

Or run by specifying the full path:

/dir/file.sh

After the startup, you must wait for a while or interrupt the execution by pressing CTRL+C.