How to install VPN Client on Ubuntu 10.04

I was trying to install Cisco VPN client to enable my laptop -which is runing on Ubuntu 10.04- to allow this machine connect to my office via VPN.

I got several error messages when I tried to compile this application.

Fortunately, I found the page below.

Thanks to L.A.M.N.K for documenting the step-by-step so that I'm now able to use Cisco VPN client on

my Ubuntu.

First, download the source from the tuxx website.

Then, follow the steps that I copied and pasted from the L.A.M.N.K below

Cisco module again doesn’t let us compile against the new kernel in Ubuntu 9.04 and 9.10 beta:

/home/lamnk/vpnclient/interceptor.c: In function ‘interceptor_init’:
/home/lamnk/vpnclient/interceptor.c:132: error: ‘struct net_device’ has no member named ‘hard_start_xmit’
/home/lamnk/vpnclient/interceptor.c:133: error: ‘struct net_device’ has no member named ‘get_stats’
/home/lamnk/vpnclient/interceptor.c:134: error: ‘struct net_device’ has no member named ‘do_ioctl’
/home/lamnk/vpnclient/interceptor.c: In function ‘add_netdev’:
/home/lamnk/vpnclient/interceptor.c:271: error: ‘struct net_device’ has no member named ‘hard_start_xmit’
/home/lamnk/vpnclient/interceptor.c:272: error: ‘struct net_device’ has no member named ‘hard_start_xmit’
/home/lamnk/vpnclient/interceptor.c: In function ‘remove_netdev’:
/home/lamnk/vpnclient/interceptor.c:294: error: ‘struct net_device’ has no member named ‘hard_start_xmit’
make[2]: *** [/home/lamnk/vpnclient/interceptor.o] Error 1
make[1]: *** [_module_/home/lamnk/vpnclient] Error 2
make[1]: Leaving directory `/usr/src/linux-headers-2.6.31-1-generic'
make: *** [default] Error 2
Failed to make module "cisco_ipsec.ko".

Before installtion I assume that you have the latest version 4.8.02.0030 and the required packages for compiling ie gcc, libstdc++6 … The kernel version should be from 2.6.30 to 2.6.32

• Download the client and extract it
• Go to vpnclient folder:
  

  cd vpnclient

• Download patch file for 64 bit and apply it (users on 32bit systems can skip this step):
  

  wget http://lamnk.com/download/vpnclient-linux-4.8.02-64bit.patch

  patch < ./vpnclient-linux-4.8.02-64bit.patch

  sed -i 's/^CFLAGS/EXTRA_CFLAGS' Makefile

• Download patch file for newer kernel (2.6.30+) and apply it:
  

  wget http://lamnk.com/download/vpnclient-linux-2.6.31-final.diff

  patch < ./vpnclient-linux-2.6.31-final.diff

• Next we must edit a kernel source file
  

  sudo sed -i 's/const\ struct\ net_device_ops\ \*netdev_ops;/struct\ net_device_ops\ \*netdev_ops;/' `find /usr/src -name netdevice.h`

  Yes, it is a one liner, you should copy & paste that command instead of typing The command's translation into English: find the string const struct net_device_ops *netdev_ops; and change it to struct net_device_ops *netdev_ops; in the file locates at
  

  find /usr/src -name netdevice.h

• And finally, install Cisco VPN Client:
  

  sudo ./vpn_install

The patch files are not from me. All credit goes to the people at tuxx-home.at forum

SSH with PHP

I want to create an application that will be able to connect to an SSH server via PHP. I was thinking of using TCL expect and then integrate PHP and the expect script somehow. Fortunately, before I tried that, I did some searching on google and found that there is an SSH wrapper already that can suit my need.

To install the wrapper on Ubuntu, please find the steps below:

1. Install apache and PHP first

sudo apt-get install apache2 php5 libapache2-mod-php5

sudo /etc/init.d/apache2 restart

2. Make sure that the server/computer have a fully qualified domain name (FQDN). Otherwise, apache2 may not be able to start.

sudo vi /etc/hosts

sudo vi /etc/hostname

3. Install the library for ssh wrapper

sudo apt-get install libssh2-1-dev libssh2-php

4. Confirm that ssh has been installed correctly

php -m | grep ssh2

You are expecting to see "ssh2"

5. Finish

Now you can start to write PHP script to connect to an SSH server

Linux system monitoring command

I was trying to remember what commands I will have to remember when monitoring performance of a Linux server. Luckily, I found this blog and it has the list of the commands.

The explanation and example on the blog is very good. However, it is too long for me as I will only need to recall the command in the future and don't need to many explanation. Therefore, I think it will be good for me if I summarize the command here for my reference in the future.

Here are the tools:

#1: top - Process Activity Command

#2: vmstat - System Activity, Hardware and System Information

#3: w - Find Out Who Is Logged on And What They Are Doing

#4: uptime - Tell How Long The System Has Been Running

#5: ps - Displays The Processes

#6: free - Memory Usage

#7: iostat - Average CPU Load, Disk Activity

#8: sar - Collect and Report System Activity

#9: mpstat - Multiprocessor Usage

#10: pmap - Process Memory Usage

#11 and #12: netstat and ss - Network Statistics

#13: iptraf - Real-time Network Statistics

#14: tcpdump - Detailed Network Traffic Analysis

#15: strace - System Calls

#16: /proc file system - Various Kernel Statistics

Reference : here

Removing Ubuntu from dual-boot with Vista

My computer is now running dual-boot Ubuntu and Vista. I've been using Ubuntu on my day-to-day working and almost never coming back to Vista for a while.

However, I will give this machine to someone else, and therefore I need to remove Ubuntu from the machine and switch it back to Vista.

Before completely removing Ubuntu, I did a research of how to recover back the MBR. Luckily, I found this website, and here are the steps to restore the MBR for Vista:

1. Put the Windows Vista installation disc in the disc drive, and then start the computer.

2. Press a key when you are prompted.

3. Select a language, a time, a currency, a keyboard or an input method, and then click Next.

4. Click Repair your computer.

5. Click the operating system that you want to repair, and then click Next.

6. In the System Recovery Options dialog box, click Command Prompt.

7. Type Bootrec.exe /FixMbr, and then press ENTER.

I haven't tried that yet, I will try it when I'm ready to hand-over this machine. Hope it will works as expected.

Remote Desktop on Linux

As previously mentioned on the previous post, I'm now trying to use my Ubuntu and leave Vista.

There were several small problems I experienced when I had to remove some servers which are running Windows 2003. The small problem is that I'm unable to copy some text on my destop and paste it into the remote server.

I've just discovered that this can be solved by using RDPv5.

Linux to Cisco console via USB

I've been moving to Ubuntu linux for a while on my daily work. Therefore I have to find a way of using my Ubuntu to do whatever I used to do with Vista.

Today I've just managed to connect my Ubuntu to Cisco console via USB. (note: I'm using USB-to-serial converter).

Here are the steps of make it works:

1. check what is the name of the USB tty

$ dmesg | grep ttyUSB

[ 4272.667300] usb 2-1: pl2303 converter now attached to ttyUSB0

2. Configure the mincom to connect to the port

$ minicom -s

3. Configure the setting below

speed = 9600

parity = none

stop bit = 1

serial = ttyUSB0

4. save setup as dfl

5. exit from mincom

5. start minicom

$ minicom

you should be able to see the Cisco console right now.

Cisco Regular Expression

Below is the important table need to be noted for regular expression in Cisco.

Use \ (backslash) to match the character as is.

source: here

Character		Special Meaning
period	.	Matches any single character, including white space.
asterisk	*	Matches 0 or more sequences of the pattern.
plus sign	+	Matches 1 or more sequences of the pattern.
question mark	?	Matches 0 or 1 occurrences of the pattern.
caret	^	Matches the beginning of the input string.
dollar sign	$	Matches the end of the input string.
underscore	_	Matches a comma (,), left brace ({), right brace (}), left parenthesis, right parenthesis, the beginning of the input string, the end of the input string, or a space.
brackets	[]	Designates a range of single-character patterns.
hyphen	-	Separates the end points of a range.

Redistribution problem

1. Examine if there is a filter applied to the interface that could prevent the distribution

2. The route may be non installed because of there is another route wit better metric

Debug: Authentication Error

*Mar 1 01:20:49.775: %TCP-6-BADAUTH: No MD5 digest from 192.10.1.254(179) to 192.10.1.10(21793) (RST)

The message above is generated on TCP port 179.

From there, we can guess of who generated this message.

OSPF interception

To avoid interception on a segment between two OSPF nodes, do the following:

- configure the ospf intrface as nonbroadcast

- configure the nodes to be neighbor each other

To verify the settings:

# show ip ospf interface interface

# debug ip ospf hello

OSPF priorty 0

An OSPF router with 0 priority will never be a BDR or DR.

Furthermore, giving 0 priority to an OSPF router will remove the DR/BDR status from it immediately and will trigger a new election.

CCIE written passed

After several times postponing to take the exam, I finally decided to take the exam on 11 Jan 2009 and passed it.

I know that passing the written exam doesn't mean anything except that now I can register for the lab exam. However, considering my hard work to prepare this exam, I should celebrate this achievement :D

Now it's the time to read the blueprint for the lab and learn harder on the lab exam preparation.