ubuntu 18.04 netplan source routing

paranoids

Hi

Here a source routing example if you have multiple networks connected on your linux host and want every ip address reachable on the internet.

network:
   version: 2
   renderer: networkd
   ethernets:
     ens3:
       dhcp4: no
       dhcp6: no
       accept-ra: no
       addresses: [81.94.xx.xx/28, "2a01:xxx:xxxx:xx::xx/64"]
       gateway4: 81.94.xx.xx
       gateway6: 2a01:xxx:xxxx:xx::x
       nameservers:
         addresses: [1.0.0.1]
     ens6:
       dhcp4: no
       dhcp6: no
       accept-ra: no
       addresses: [195.16.xxx.111/25]
       routes:
         - to: 195.16.xxx.x/25
           via: 195.16.xxx.gw
           table: 102
         - to: 0.0.0.0/0
           via: 195.16.xxx.gw
           table: 102
       routing-policy:
         - from: 195.16.xxx.111
           table: 102
         - to: 195.16.xxx.111
           table: 102

Have fun!

freeradius 3.0 ubuntu 18.04 with daloradius mikrotik ikev2 eap-radius wireless

paranoids

Hi

First of all setup your favorite php sql webserver 

apt install php-db php-gd git freeradius freeradius-mysql
cd /var/www/web001/htdocs 
git clone https://github.com/lirantal/daloradius.git

We have to import the freeradius 3.0 mysql schema first. Daloradius does only have freeradius 2.0 compatible sql schemas.

cat /etc/freeradius/3.0/mods-config/sql/main/mysql/schema.sql | mysql -u radius -p radius

Now we import the daloradius sql schema without freeradius 2.0 sql schemas

cat /var/www/web001/htdocs/daloradius/contrib/db/mysql-daloradius.sql | mysql -u radius -p radius

here my freeradius mysql setup

cd /etc/freeradius/3.0/mods-enabled
ln -s ../mods-available/sql

vim sql

driver = "rlm_sql_mysql"
dialect = "mysql"
server = "localhost"
port = 3306
login = "radius"
password = "abcdefg"
radius_db = "radius"
read_clients = yes

here my changes to eap (eap for authenticating mikrotik wireless via wpa2 enterprise and mikrotik ikev2 eap radius)

vim /etc/freeradius/3.0/mods-enabled/eap

eap {
...
#ikev2 eap radius
default_eap_type = peap
...
}
tls-config tls-common {
private_key_file =  path_to_your_ssl_private_key
certificate_file = path_to_your_ssl_certificate
ca_file = path_to_your_ssl_cabundle
}

I use rapidssl server certificate.

https://support.microsoft.com/en-ph/help/814394/certificate-requirements-when-you-use-eap-tls-or-peap-with-eap-tls

here my changes to the “default” site

cd /etc/freeradius/3.0/sites-enabled
vim default

authorize {
...
auth_log
...
sql
}

accounting {
...
sql
...
}

session {
...
sql
...
}

post-auth {
...
reply_log
sql
...
}

session {
...
sql
...
}

here my bulk radius settings

cd /etc/freeradius/3.0

vim radiusd.conf

log {
...
auth = yes
...
auth_badpass = yes
...
}
https://wiki.freeradius.org/guide/SQL-HOWTO-for-freeradius-3.x-on-Debian-Ubuntu

you have to create a systemd override for the freeradius unit. otherwise freeradius won’t start correctly if mysql is not running.

systemctl edit freeradius

[Unit]
After=network.target mysql.service

setup daloradius config

vim /var/www/web001/htdocs/daloradius/library/daloradius.conf.php

CONFIG_DB_USER
CONFIG_DB_PASS
CONFIG_DB_NAME

Have fun!

debian update i-mscp 1.0 to 1.5

paranoids

Hi

Upgrade i-mscp 1.0 to 1.1 Debian to jessie

cd /usr/local/src
wget https://github.com/i-MSCP/imscp/archive/1.1.21.tar.gz
tar -xzf 1.1.21.tar.gz
cd imscp-1.1.21

#use build
perl imscp-autoinstall -c -a -d -f

rm -fR /var/www/imscp/{daemon,engine,gui}
cp -fR /tmp/imscp/* /
rm -fR /tmp/imscp

#i-mscp bug (error with external packages pma roundcube etc)
vim /var/www/imscp/engine/setup/imscp-setup-methods.pl
#[\&setupPreInstallAddons,           'Addons pre-installation'],
#[\&setupInstallAddons,              'Addons installation'],
#[\&setupPostInstallAddons,          'Addons post-installation'],

mkdir -p /var/www/imscp/gui/public/tools/filemanager/data
mkdir /var/www/imscp/gui/public/tools/pma
mkdir -p /var/www/imscp/gui/public/tools/webmail/logs

perl /var/www/imscp/engine/setup/imscp-setup -a -d

sed -i /etc/apt/sources.list -e s/wheezy/jessie/
apt-get update
apt-get dist-upgrade

Upgrade i-mscp 1.1 to 1.2 Upgrade Debian to stretch

cd /usr/local/src/
wget https://github.com/i-MSCP/imscp/archive/1.2.17.tar.gz
tar -xzf 1.2.17.tar.gz
cd imscp-1.2.17

#use build
perl imscp-autoinstall -d

rm -fR /var/www/imscp/{daemon,engine,gui}
cp -fR /tmp/imscp/* /
rm -fR /tmp/imscp

#i-mscp bug (error with external packages pma roundcube etc)
vim /var/www/imscp/engine/setup/imscp-setup-methods.pl
#[ \&setupPreInstallPackages,         'Packages pre-installation' ],
#[ \&setupInstallPackages,            'Packages installation' ],
#[ \&setupPostInstallPackages,        'Packages post-installation' ],

mkdir -p /var/www/imscp/gui/public/tools/ftp/data

perl /var/www/imscp/engine/setup/imscp-setup -d

sed -i /etc/apt/sources.list -e s/jessie/stretch/
apt update
apt dist-upgrade

Upgrade i-mscp 1.2 to 1.5

cd /usr/local/src
wget https://github.com/i-MSCP/imscp/archive/1.5.3-2018120800.tar.gz
tar -xzf 1.5.3-2018120800.tar.gz
cd imscp-1.5.3-2018120800

#use manual
perl imscp-autoinstall -d

rm -fR /var/www/imscp/{daemon,engine,gui}
cp -fR /tmp/imscp/* /
rm -fR /tmp/imscp

perl /var/www/imscp/engine/setup/imscp-reconfigure -d

Debian dist-upgrade changes mysql default charset to utf8

In this case we want latin1 as our default charset. Due to the fact that on this server runs very old software.

sed -i /etc/mysql/mariadb.conf.d/50-client.cnf -e s/utf8mb4/latin1/

sed -i /etc/mysql/mariadb.conf.d/50-mysql-clients.cnf -e s/utf8mb4/latin1/

sed -i /etc/mysql/mariadb.conf.d/50-server.cnf -e s/utf8mb4_general_ci/latin1_swedish_ci/

sed -i /etc/mysql/mariadb.conf.d/50-server.cnf -e s/utf8mb4/latin1/

Have fun!