Hardware – Milan's blog

How to account for traffic in GCP

The following may be used as a custom metric to weight scale decisions.

SELECT TIMESTAMP_TRUNC(TIMESTAMP, MINUTE) AS ts,
sum(CAST (jsonPayload.bytes_sent AS INT64)) AS sent, jsonPayload.dest_instance.zone AS dst_zone, jsonPayload.dest_instance.vm_name
FROM delasport-prod.NetFlow.compute_googleapis_com_vpc_flows_*
WHERE _TABLE_SUFFIX IN (
FORMAT_DATE("%Y%m%d",CURRENT_DATE),
FORMAT_DATE("%Y%m%d", DATE_SUB(CURRENT_DATE, INTERVAL 1 DAY)))
AND TIMESTAMP_DIFF(TIMESTAMP_SUB(CURRENT_TIMESTAMP, INTERVAL 60 MINUTE),TIMESTAMP,MINUTE) < 60
AND jsonPayload.src_instance.zone IS NOT NULL
AND jsonPayload.dest_instance.zone IS NOT NULL
AND jsonPayload.src_instance.zone != jsonPayload.dest_instance.zone
AND jsonPayload.bytes_sent != "0" group by ts,jsonPayload.dest_instance.zone, jsonPayload.dest_instance.vm_name

SELECT
count(*) as cnt, _TABLE_SUFFIX as table_name
FROM
[$Project].[$dataset].*
Where _TABLE_SUFFIX like '%20201116%'
Group by table_name
Order by cnt DESC

Testing IO performance with variable block size on NTFS and REFS

Basic command:

diskspd.exe -b64K -d60 -h -L -o2 -t4 -r -w50 -c512M z:\io2.dat

1	diskspd.exe -b64K -d60 -h -L -o2 -t4 -r -w50 -c512M z:\io2.dat

raw data: Continue reading “Testing IO performance with variable block size on NTFS and REFS”

Control Webasto Parkin Heater with Meitrack GPS

Here is a schematic diagram of connecting Meitrack GPS to control Webasto parking heater.
You can turn it on/off with the following SMS:

0000,C01,20,22221

1	0000,C01,20,22221

0000,C01,20,22220

1	0000,C01,20,22220

Or use some web app…
Continue reading “Control Webasto Parkin Heater with Meitrack GPS”

Adaptive DDOS IDS firewall

We had a task to build a simple solution for DDOS protection on the learning phase of attack. Main goals were:

To build it fast: We chose Ubuntu … as everything needed is compiled and build in.
Minimum network intervention: We opted for L2/L3 bridge with iptables integration which we plugged between our autonomous system (AS) and internet.
Auto learning offenders: Using honeypot service to distinguish non-legitimate connections. Log source IP address and drop packet with iptables. Using suricata ids to additionally analyze client requests.
Auto block offenders: Using fail2ban to pars logs generated by iptables and suricata and temporary disable all connections from offending sources.
Have some connection limit capabilities: Again we used iptables with connlimit and conntrack modules activated.

Continue reading “Adaptive DDOS IDS firewall”

OpenWrt mass configure simple script

#!/bin/bash
cmd=". /etc/profile; $1; exit;"
echo $cmd

for i in 1 2 4 7 9 10 11
do
 ssh -i /root/.ssh/id_rsa 192.168.98.$i $cmd </dev/null

done

#!/bin/bash

cmd=". /etc/profile; $1; exit;"

echo $cmd

for i in 1 2 4 7 9 10 11

ssh -i /root/.ssh/id_rsa 192.168.98.$i $cmd </dev/null

done

sh remote_exec.sh  "uci set wireless.@wifi-device[0].isolate=1"
sh remote_exec.sh  "logread -l 1000|grep bc:cf:cc:74:d0:11"

1 2	sh remote_exec.sh "uci set wireless.@wifi-device[0].isolate=1" sh remote_exec.sh "logread -l 1000\|grep bc:cf:cc:74:d0:11"

Car diagnostic with ATmega328P Nano

I was in trouble reading my car’s live data. So I’ve wrote a little utility to read raw car sensors data i.e. i hook up before ECU and send it via serial port to PC using ATmega328P Nano and finally store it to file.

Where to get one:
http://www.banggood.com/ATmega328P-Nano-V3-Controller-Board-Compatible-Arduino-p-940937.html

How to install:
1. Flash AnalogReadSerial.hex to ATMega.
2. Extract and run carauto. .Net 4 is needed.
3. Choose com port from dropdown menu.

How to use:
Connect analog/digital input to intended sensor via 1KOmh resistor. Please note that all inputs are 5V only!
Shorting digital Input 12 to ground will produce human readable data and will decrease sample rate.

Reading data:
Data are stored in Output.csv file with approximately 1000 samples/second.

Dell DRAC 5 config via ssh

Changing http, https, remote console ports

$ racadm config -g cfgRacTuning -o cfgRacTuneHttpsPort 4436
Object value modified successfully
$ racadm config -g cfgRacTuning -o cfgRacTuneHttpPort 8888
Object value modified successfully
$ racadm getconfig -g cfgRacTuning
cfgRacTuneRemoteRacadmEnable=1
cfgRacTuneWebserverEnable=1
cfgRacTuneHttpPort=8888
cfgRacTuneHttpsPort=4436
cfgRacTuneTelnetPort=23
cfgRacTuneSshPort=22
cfgRacTuneConRedirEnable=1
cfgRacTuneConRedirPort=5900
cfgRacTuneConRedirVideoPort=5901
cfgRacTuneConRedirEncryptEnable=0
cfgRacTuneLocalServerVideo=1
cfgRacTuneIpRangeEnable=0
cfgRacTuneIpRangeAddr=192.168.1.1
cfgRacTuneIpRangeMask=255.255.255.0
cfgRacTuneIpBlkEnable=0
cfgRacTuneIpBlkFailCount=5
cfgRacTuneIpBlkFailWindow=60
cfgRacTuneIpBlkPenaltyTime=300
cfgRacTuneTimezoneOffset=0
cfgRacTuneDaylightOffset=0
cfgRacTuneAsrEnable=0
cfgRacTuneVirtualConsoleAuthorizeMultipleSessions=0
cfgRacTuneCtrlEConfigDisable=0
cfgRacTuneLocalConfigDisable=0
cfgRacTunePluginType=0

$ racadm config -g cfgRacTuning -o cfgRacTuneHttpsPort 4436

Object value modified successfully

$ racadm config -g cfgRacTuning -o cfgRacTuneHttpPort 8888

Object value modified successfully

$ racadm getconfig -g cfgRacTuning

cfgRacTuneRemoteRacadmEnable=1

cfgRacTuneWebserverEnable=1

cfgRacTuneHttpPort=8888

cfgRacTuneHttpsPort=4436

cfgRacTuneTelnetPort=23

cfgRacTuneSshPort=22

cfgRacTuneConRedirEnable=1

cfgRacTuneConRedirPort=5900

cfgRacTuneConRedirVideoPort=5901

cfgRacTuneConRedirEncryptEnable=0

cfgRacTuneLocalServerVideo=1

cfgRacTuneIpRangeEnable=0

cfgRacTuneIpRangeAddr=192.168.1.1

cfgRacTuneIpRangeMask=255.255.255.0

cfgRacTuneIpBlkEnable=0

cfgRacTuneIpBlkFailCount=5

cfgRacTuneIpBlkFailWindow=60

cfgRacTuneIpBlkPenaltyTime=300

cfgRacTuneTimezoneOffset=0

cfgRacTuneDaylightOffset=0

cfgRacTuneAsrEnable=0

cfgRacTuneVirtualConsoleAuthorizeMultipleSessions=0

cfgRacTuneCtrlEConfigDisable=0

cfgRacTuneLocalConfigDisable=0

cfgRacTunePluginType=0

clear some space

racadm clearasrscreen
racadm clrraclog
racadm clrsel
racadm coredumpdelete

racadm clearasrscreen

racadm clrraclog

racadm clrsel

racadm coredumpdelete

reload

racadm racreset soft

1	racadm racreset soft

Openvpn on OpenWRT does not start

with error:

Sat Mar 14 20:48:43 2015 TCP/UDP: Socket bind failed on local address [AF_INET]192.168.0.254:1194: Cannot assign requested address

1	Sat Mar 14 20:48:43 2015 TCP/UDP: Socket bind failed on local address [AF_INET]192.168.0.254:1194: Cannot assign requested address

try to add to /etc/rc.local:

sleep 10s
/etc/init.d/openvpn start

1 2	sleep 10s /etc/init.d/openvpn start

Charger: OEM vs. “chinese”

OEM has more parts in it, has bigger transformer, weights more, gives more amps and output voltage is stable. Chinese is cheeper. it is difficult or impossible to tell the difference without opening it (or measure weight).

	Current(A)	Voltage(V)	Weight(g)
OEM	1	5.00	37
Chinese	0.5	4.5	22

Upcoming pfSense 2.2 CARP under Hyper-V

It seems that CARP under Hyper-V does not work.
There is a tension between pfSense developers and Key4ce member who seems to got it working.
In short if you need CARP in VM go to pfSense fork VirtualPF.