Adding new ZFS disk to FreeBSD

Posted on November 3, 2023 by jasiu

Useful links:
https://wiki.freebsd.org/RootOnZFS/GPTZFSBoot
https://vermaden.wordpress.com/2023/04/30/simple-freebsd-poudriere-harvester-guide

List physical disks:
# camcontrol devlist at scbus0 target 0 lun 0 (pass0,ada0) at scbus0 target 1 lun 0 (pass1,ada1) at scbus1 target 0 lun 0 (pass2,ada2)

Create partition table:
# gpart destroy ada0 # gpart create -s gpt ada2 ada2 created

Create zfs partition:
# gpart add -a 1m -t freebsd-zfs -l poudriere ada2 ada2p1 added

Create pool:
# gpart show -p ada2 => 40 125829040 ada2 GPT (60G) 40 2008 - free - (1.0M) 2048 125825024 ada2p1 freebsd-zfs (60G) 125827072 2008 - free - (1.0M)

# zpool create -o altroot=/usr/local/ poudriere ada2p1

https://www.unixtutorial.org/zfs-performance-basics-disable-atime/
Disabling atime for ZFS:
# zfs get all poudriere |grep time poudriere atime on default poudriere relatime off default

# zfs set atime=off poudriere # zfs get all poudriere | grep time poudriere atime off local poudriere relatime off default

If not enabled:
sysrc zfs_enable="YES" echo 'zfs_load="YES"' >> /boot/loader.conf

# zpool import poudriere # zfs create -o mountpoint=/usr/local/poudriere poudriere/poudriere

reboot and check if the mountpoints are live

FreeBSD version from source tree

Posted on December 12, 2021 by jasiu

grep '^TYPE\|^REVISION\|^BRANCH' /usr/src/sys/conf/newvers.sh

move /usr/ports to different location

Posted on December 23, 2020 by admin

define in /etc/portsnap.conf

# Default location of the ports tree (target for "update" and "extract").
# PORTSDIR=/usr/ports
PORTSDIR=/usr/jails/ports

set variable in /etc/login.conf

:setenv=MAIL=/var/mail/$,BLOCKSIZE=K,PORTSDIR=/usr/jails/ports:\

next rebuild db as root

# cap_mkdb /etc/login.conf

Rebuild a port on FreeBSD

Posted on January 3, 2020 by jasiu

To rebuild a port and ports which this port depends on:

portmaster -DRf origin/port
portupgrade -Rf origin/port

To rebuild a port and ports which depends on it:

portmaster -Drf origin/port
portupgrade -rf origin/port

To list packages with their dependencies

pkg query -g "%n:%dn" '*'

Then use script to rebuild required – example for openssl

sh
REBUILD=$(pkg query -g "%n:%dn" '*' | grep openssl | cut -d : -f 1 | sort -u)
portmaster -D $REBUILD

OCR z pliku PNG

Posted on October 25, 2019 by jasiu

Instalujemy Tesseract
https://github.com/UB-Mannheim/tesseract/wiki
Tworzymy plik tesseractocr.bat
"c:\Program Files\Tesseract-OCR\tesseract.exe" %1 %1 -l pol

ping: socket: Operation not permitted

Posted on September 27, 2019 by jasiu

$ ping 8.8.8.8 ping: socket: Operation not permitted # setcap cap_net_admin,cap_net_raw+p /bin/ping # getcap /bin/ping /bin/ping = cap_net_admin,cap_net_raw+p $ ping 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.

Problem after upgrading Zabbix Agent on Debian (from Stretch to Buster)

Posted on July 18, 2019 by jasiu

If You occured the problem in /var/log/zabbix-agent/zabbix_agentd.log
Message from <Zabbix Server IP> is missing header. Message ignored.
Downgrade Zabbix Agent from 4.x to your server version.

# apt-get remove zabbix-agent
Download appropriate version from http://repo.zabbix.com/zabbix/3.0/debian/pool/main/z/zabbix/
# wget http://repo.zabbix.com/zabbix/3.0/debian/pool/main/z/zabbix/zabbix-agent_3.0.28-1%2Bbuster_amd64.deb

install it
# dpkg -i zabbix-agent_3.0.28-1+buster_amd64.deb

lock if for future upgrades
# apt-mark hold zabbix-agent

unmask
# systemctl unmask zabbix-agent

enable and start
# systemctl enable zabbix-agent # systemctl start zabbix-agent

quick linux wifihotspot

Posted on May 2, 2019 by jasiu

To launch a basic wifi hotspot you need: iwconfig, iptables, dnsmasq, hostapd on your Linux box. Install it. Enable it (systemct enable).

To search what package a file belongs to, help youself an use:

apt-filesearch package

pacman -Fys package

Check if your system is compatibile with hostap, use iwconfig to list interfaces.


$ iwconfig
wlan0     IEEE 802.11  ESSID:off/any
          Mode:Managed  Access Point: Not-Associated   Tx-Power=20 dBm
          Retry short limit:7   RTS thr=2347 B   Fragment thr:off
          Power Management:on

eth0      no wireless extensions.

lo        no wireless extensions.

Edit or create desired files.

For dnsmasq use your internal adress space.

#
# /etc/dnsmasq/dnsmasq.conf
#
dhcp-range=192.168.1.64,192.168.1.128,12h

For Debian edit /etc/default/dnsmasq and add following:

DAEMON_CONF="/etc/hostapd/hostapd.conf"

For hostpad, change parameters for interface (interface), name of your wifi network (ssid), wifimode (hw_mode), channel (channel), password (wpa_passphrase), and use or not isolation (ap_isolate), hide your wifi or not (ignore_broadcast_ssid).

#
# /etc/hostapd/hostapd.conf
#
interface=wlan0
driver=nl80211
hw_mode=g
#ieee80211n=0
#ieee80211n=1
channel=4
ssid=private

auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
wpa_passphrase=12345678


#ap_isolate=1
ignore_broadcast_ssid=0

Create script to run hotsopt and internet sharing, define yours external and internal interfaces (EXTIF, INTIF) and make it executable.

#
# masq.sh
#
#!/bin/sh
EXTIF=eth0
INTIF=wlan0
echo killing processes if something is using wifi interface
airmon-ng check kill
ip a a dev $INTIF 192.168.1.254/24
ip l set dev $INTIF up
echo '(re)starting dnsmasq'
systemctl restart dnsmasq
echo '(re)starting hostpad'
systemctl restart hostapd
echo flushing...
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
echo setting ip_forward...
echo 1 > /proc/sys/net/ipv4/ip_forward
#echo loading modules...
#modprobe ipt_MASQUERADE
echo configuring NAT...
iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
iptables -A FORWARD -i $EXTIF -o $INTIF -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT

Troubleshooting:

hostapd -d /etc/hostapd/hostapd.conf

Of course you can do everything your own way. It is just an outline of how to run basic Acces Point.
I’m using it on my RaspberryPi.

Monitoring UDP datagrams

Posted on April 26, 2019 by jasiu

Run script udpstat.sh in console

#!/bin/sh
while true
do
HOUR=`date '+%H'`
echo $HOUR
sar -n UDP 1 -1 >/var/log/stats/udpstats$HOUR.txt
done

Add job to crontab

0 * * * * /usr/bin/kill $(/usr/bin/ps aux |/usr/bin/grep '[s]ar -n UDP 1 -1' |/usr/bin/awk '{print $2}')

Limit UDP packets

/sbin/iptables -A OUTPUT -p udp -m state --state NEW -j ACCEPT
/sbin/iptables -A OUTPUT -p udp -m limit --limit 10000/s -j ACCEPT
/sbin/iptables -A OUTPUT -p udp -j DROP

creating md5 sums on filesystem