Categories
Linux Virtualization

Proxmox IP bridge for single public IP

 

I just setup a test copy of proxmox 4.1 and realized I only had one IP attached to the box. So I had to set up a bridge and forward ports to the internal IPs. So the basic idea is, we are going to set up a new virtual interface bridge in your networking file. This requires a working proxmox machine up and running. I am using a standard install, no changes made to the network prior to this.

Proxmox Desired Network Layout

External IP ————————- proxmox server as NAT ————————— Internal IP

1.2.3.4 ————————- 1.2.3.4 NAT 10.0.0.10 ————————-10.0.0.10

 

Current network Layout

when we check /etc/network/interfaces we see the following :

# The loopback network interface
auto lo
iface lo inet loopback

# for Routing
auto vmbr1
iface vmbr1 inet manual
        post-up /etc/pve/kvm-networking.sh
        bridge_ports dummy0
        bridge_stp off
        bridge_fd 0


# vmbr0: Bridging. Make sure to use only MAC adresses that were assigned to you.
auto vmbr0
iface vmbr0 inet static
        address 1.2.3.4
        netmask 255.255.255.0
        network 1.2.3.0
        broadcast 1.2.3.255
        gateway 1.2.3.254
        bridge_ports eth0
        bridge_stp off
        bridge_fd 0

iface vmbr0 inet6 static
        address 1:2:3:4::5
        netmask 64
        post-up /sbin/ip -f inet6 route add 1:2:3:4:ff:ff:ff:ff dev vmbr0
        post-up /sbin/ip -f inet6 route add default via 1:2:3:4:ff:ff:ff:ff
        pre-down /sbin/ip -f inet6 route del default via 1:2:3:4:ff:ff:ff:ff
        pre-down /sbin/ip -f inet6 route del 1:2:3:4:ff:ff:ff:ff dev vmbr0

As you can see above we have a working interfaces file just with pseudo IPs instead of real ones. yours will of course have your own IP. Also, you may not have an inet6 section.

The actual Proxmox IP bridge part

I added a new bridge interface to it like so :

auto vmbr10
iface vmbr10 inet static
    address 10.0.0.254
    netmask 255.255.255.0
    bridge_ports none
    bridge_stp off
    bridge_fd 0
    post-up echo 1 > /proc/sys/net/ipv4/ip_forward
    post-up iptables -t nat -A POSTROUTING -s '10.0.0.0/24' -o vmbr0 -j MASQUERADE
    post-down iptables -t nat -D POSTROUTING -s '10.0.0.0/24' -o vmbr0 -j MASQUERADE
    post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 12022 -j DNAT --to 10.0.0.2:22
    post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 12022 -j DNAT --to 10.0.0.2:22
    post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 12080 -j DNAT --to 10.0.0.2:80
    post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 12080 -j DNAT --to 10.0.0.2:80

Ok so lets break it down, line by line :

automatically start vmbr10
interface vmbr10 is a network interface with static IP
the address for the proxmox main server on this interface is 10.0.0.254
netmast is 255.255.255.0
Dont bind any ports
disable the spanning tree protocol **
disable delayed forwarding or no delay on forwarding
Allow IP traffic forwarding once networking i up and running after a boot
Add IP masquerading on networking online ***
disable masquerading on networking offline
Enable routing all packets on port 12022 from public to port 22 on private subnet to machine 10.0.0.2 on networking up
Disable routing all packets on port 12022 from public to port 22 on private subnet to machine 10.0.0.2 on networking down
Enable routing all packets on port 12080 from public to port 80 on private subnet to machine 10.0.0.2 on networking up
Disable routing all packets on port 12080 from public to port 80 on private subnet to machine 10.0.0.2 on networking down

 

Now as you can see above you have a basic bridge and you are forwarding specific ports to internal ports on the VMs. you can forward more ports by copying the last two lines and changing the ports or to different VMs by changing the IPs. also vmbr10 is a random number and can be changed at will. after all is done simply reboot the machine and you are up and running. you can restart networking or ifup vmbr10 if you want but I prefer a clean boot to test the new networking. this should give you a working Proxmox IP bridge 🙂

 

let me know if I messed up anything or how you dealt with this situation.

 

** The Spanning Tree Protocol (STP) is an older network protocol that ensures a loop-free topology for any bridged Ethernet local area network. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them. more info here.

*** IP Masquerade is a networking function in Linux similar to the one-to-many (1:Many) NAT (Network Address Translation) servers found in many commercial firewalls and network routers. For example, if a Linux host is connected to the Internet via PPP, Ethernet, etc., the IP Masquerade feature allows other “internal” computers connected to this Linux box (via PPP, Ethernet, etc.) to also reach the Internet as well. Linux IP Masquerading allows for this functionality even though these internal machines don’t have an officially assigned IP address. more info here

 

Categories
Linux shell

linux shell argument list too long rsync or cp

I needed to copy files generated by doxygen from one directory into another for a large opensource C++ project. Sadly there were too many files in the directory, so bash started complaining 🙁 cp and rsync died out with the error of argument list too long. initially I figured I could generate it all from scratch in new location but it was quicker and easier to use a for loop to rsync the files over 🙂

some info:

  • all files start with alphabetic characters.
  • there are no spaces in the names
  • all files are in single directory

I realized bash expansion would work here.

Using for loop

for x in {a..b}
do
    echo $x*
done

Notice I only stepped between A and B because I didn’t want to sit there for an hour while it listed all the files. this worked well, it listed all files and I was sure it would suite my purposes. now the real deal!

for x in {a..z}
do
echo $x
rsync -az /backups/doxygen/$x* /home/user/current/directory/
done

sometimes you might still get the error even for each letter, for example I still had too many files starting with D and Q. so I just changed where I globbed :

for x in {a..z}
do
echo $x
rsync -az /backups/doxygen/d$x* /home/user/current/directory/
done

this allows me to further iterate a thru z but after starting the files with the letter d. Now what happens if you happen to have files starting with numbers? simply switch the letters for numbers.

for x in {0..9}
do
echo $x
rsync -az /backups/doxygen/$x* /home/user/current/directory/
done

You can use any other command you need in place of rsync. like mv cp mkdir or any custom commands.

for x in {a..z}
do
echo $x
mv /backups/doxygen/$x* /home/user/current/directory/
done

Globbing

Now if you don’t want to use for loops you can glob them in a one liner like so :

ls /backups/doxygen/[x-z]*

and the actual command using cp and globbing

cp -r /backups/doxygen/[a-z]* /home/user/current/directory/

and again going a level deeper

cp -r /backups/doxygen/d[a-z]* /home/user/current/directory/

Voila! argument list too long is now vanquished! do any of you have a better way of dealing with this? let me know!

More info about globbing.

Categories
Tips/ Tutorials

Android Root Pros and Cons

android root vs stock

We have all heard of rooting our android phones and how awesome it may be. Our own in house writer Anna has written an article about this previously. The procedure is simple enough, but is it worth doing? well I have some pros and cons of rooting listed below. The list is by no means complete, and will never be with all the new apps being released and procedures being found every day. so without further ado:

Android Root Pros

Customization
You can customize your phone from themes to default applications. You can change launchers, phone calling app, contacts app etc at a whim.

De-Bloat
Phone carriers love to include bloatware and crapware with their phones. Rooting allows you to freeze or uninstall these applications so your phone runs better, faster and has better battery life.

Backups
You can backup individual apps, or entire partitions once you’re rooted so you can experiment with your phone or if you change phones you have a full backup.

Custom 3rd party roms
You can install custom roms to enjoy lower overhead, no tracking apps like carrierIQ or plain and simple more updated versions of android.

Performance
Ever hear of overclocking? which is basically making your phone go faster by allowing more voltage to go to the CPU or setting the control algorithms called governor to a different one that processes applications differently. rooting allows you to overclock, undervolt etc at whim.

Apps
Many carriers block certain apps because .. well mostly because of bullshit rules. Rooting allows you to install and enjoy any such apps.

Kernels
You can install custom kernels which may allow wildly different capabilities than what comes stock with your android phone such as mounting different file systems via USB or sd card, or VPNs or

Android Root Cons

Warranty
Most companies will void your warranty if you root your phone. 🙁

Performance
Not all roms and apps you can install via rooting are good for your phone, you may lose battery life or performance because third party rom may be put together in a terrible way.

Bricking
Rooting is basically changing some of the basic infrastructure of your android rom, and inherently runs the risk of making your phone unbootable.

Updates
Unfortunately if you want to keep your root you have to disable or not accept any updates from your carrier/OEM.

??????

 


So, is rooting for you? well that’s a decision you have to make on your own. Do you like tinkering? do you like to try out the coolest newest things out there without waiting for them to be released by your OEM, if they ever get released? and can you put up with some possible instability or minor issues.

Are we missing some Pros or cons? let us know in the comments along with any stories you may have of your rooting woes or triumphs!

Categories
News Tips/ Tutorials

[How To’s] Android M Preview 2 for Nexus Devices

Google I/O 2015 has come and gone, and it brought many cool bits of news for us. One of the ones that caught my fancy was the Android M preview releases. I happen to have an Android Nexus 5 device handy and wanted to try M preview 2 which was recently released. If you don’t mind having your data wiped (possible to avoid at your own risk) you too can join the ranks of Android M users, who number in the many DOZENS!

Android M

 

 

!!! Warning, everything mentioned here is experimental; perform any steps here on your own conscience. Android Bakers, Google, XDA, and Abakers staff are not responsible for any issues you may run into or your phone dying/bricking/planking or your dog running off with your prized possessions. !!!

First and foremost here are the prereqs :

Installing the Android M Preview

  • connect your phone to your computer and make sure USB debugging is enabled from developer menu in settings.
    • hopefully you installed ADB and fastboot systemwide.
  • extract the archive you downloaded above for your device.
  • move to the extracted folder
  • open a terminal in the folder
    • Linux: open a terminal and cd to wherever you extracted the files.
    • Windows: make sure no icons are selected, hold down shift and right click in the window, click on open command prompt here
  • Boot your device into the boot loader by typing the following
    • adb reboot-bootloader
  • Run the batch / shell script
    • Windows: flash-all.bat
    • Linux: flash-all.sh
    • THIS WILL WIPE YOUR DATA, SO BACKUP FIRST IF YOU CHERISH ANY DATA ON THIS DEVICE.

If you want to save your data on this device and still try out Android M preview 2

  • open up the flash-all.bat or .sh (Windows or Linux respectively) find the line that looks like :
    • fastboot -w update image-hammerhead-MPZ79M.zip
  • edit it and remove the -w so it looks like
    • fastboot update image-hammerhead-MPZ79M.zip
  • This is completely untested by me, so good luck.

 

TroubleShooting

  • failed to allocate 1046840576 bytes
    error: update package missing system.img

    • extract the .zip file in the directory e.g. image-hammerhead-MPZ79M.zip
    • cd to directory ( cd image-hammerhead-MPZ79M )
    • run the following commands via cmd or terminal
      • fastboot flash system system.img
      • fastboot flash boot boot.img
      • fastboot flash recovery recovery.img
      • fastboot flash cache cache.img
    • if you want to wipe completely, also run
      • fastboot erase userdata
      • fastboot flash userdata userdata.img
Categories
Linux tuts

Debian package management speed ups

debian logo
Debian is a Linux distro that’s used by millions of machines all over the planet.

No one likes to sit around waiting for slow mirrors while updating multiple packages but its a fact of life usually. In debian it means typing apt-get update and sitting around for a while, then doing the actual install or upgrade and getting some coffee. what if you could speed the process along somewhat? well now just like we showed you how to speed up apt downloads for ubuntu you can speed up the apt speeds for Debian! This way you can focus more on clashing some clans or something…. whatever you do in your free time that is.

Httpredir

In comes httpredir, “It uses the geographic and network location of the user and the mirrors, the architecture of the requested files, IP address family, the availability and freshness of the mirrors, and a few other things” to find the closest and fastest mirror of data for you. This gives you the quickest way to get your files without resorting to new tools or alternate package managers. This is already there for Jessie ( debian 8 ) so no need to edit that, but for everyone else on older releases this will bring wonderful speedups.

setting up httpredir is simple :

edit your /etc/apt/soucres.list

deb http://ftp.us.debian.org/debian sid main
deb-src http://ftp.us.debian.org/debian sid main

replace with

deb http://httpredir.debian.org/debian sid main
deb-src http://httpredir.debian.org/debian sid main
Categories
Wordpress

WordPress file access denied on update or plugin install

5036291025_2ea3a4c5b6_b_file-permissions
Ever try to update wordpress or a plugin or install a theme or plugin and get this error :

“To perform the requested action, WordPress needs to access your web server. Please enter your FTP credentials to proceed. If you do not remember your credentials, you should contact your web host.”

It’s basically a file access denied type of error. Well I don’t want to put my ftp info in the config file, mainly because I was too smart for my own good and picked some 21 char long ftp pass that I can’t find right now. However my SSH access via my ssh key is still good to go 🙂 You can switch the filesystem method to direct instead of ftpsockets to make this easier for yourself. i.e. add the following to your wp-config.php :

define( 'FS_METHOD', 'direct' );

now retry the upgrade. voilĂ !

More info