Today, I wrote a small python script to discover Ubiquiti Nanostation devices on the network using pacpy and dpkt. Since it is listening CDP packets, I guess it can also discover other kinds of devices, though not tested.
Jul 12, 2013
Jul 11, 2013
Limiting the active users/sessions in freeRADIUS
Here is how to limit the number of concurrent users/sessions in freeRADIUS. Let's say, you want to reject auth requests if there are already more than 50 active accounting sessions.
- Add the following policy in your policy.conf
- Add check_active_users policy in your sites-enabled/default auth section.
- Test it using radclient.
maximum_active_users = 50
check_active_users {
if ("%{sql: SELECT COUNT (*) FROM radacct WHERE acctstoptime IS NULL}" >= "%{config:policy.maximum_active_users}") {
update reply {
Reply-Message := "Too many users logged into the system. Please try again later."
}
reject
}
}
root @ ~ $ echo "User-Name=t1,User-Password=1234" | radclient -x -d /etc/freeradius/ 192.168.100.108 auth testing123
Sending Access-Request of id 124 to 192.168.100.108 port 1812
User-Name = "t1"
User-Password = "1234"
rad_recv: Access-Reject packet from host 192.168.100.108 port 1812, id=124, length=84
Reply-Message = "Too many users logged into the system. Please try again later."
Jun 20, 2013
Simple Data Compression Algorithms in Common Lisp
Common Lisp implementation of some data compression algorithms — Run-Length, Huffman, and Shannon–Fano Encodings — that I have written during my graduate course "Data Compression".
Internet connection sharing using iptables
Scenario ― I have several virtualbox GUEST machines, using an internal network on my PC. Now, I wanted to share host machine's internet connection to guest machines. I searched on the web how to do it using iptables. Most of the solutions seem too complex. Here is a working simple solution (found on centos documentation)
On Host Machine — type these commands in Terminal.
That's it. Now you can access the external network of host machine from guest machines. To access Internet, you may need to edit /etc/resolve.conf in your guest machine.
On Host Machine — type these commands in Terminal.
thura @ ~ $ sudo iptables -A FORWARD -i vboxnet0 -j ACCEPT thura @ ~ $ sudo iptables -A FORWARD -o eth1 -j ACCEPT thura @ ~ $ sudo iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
That's it. Now you can access the external network of host machine from guest machines. To access Internet, you may need to edit /etc/resolve.conf in your guest machine.
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 8.8.8.8
Jun 19, 2013
if_nametoindex, if_indextoname functions for python using ctypes
I needed to use if_nametoindex, if_indextoname functions for one of my packet capturing programs. So, here is my python wrapper for those functions using ctypes.
PS: You will need this only for python2.x. Those functions are available in socket module starting since python 3.3.
Jun 13, 2013
Using Prolink Wireless Nano USB Adapter on Ubuntu
Recently, I purchased a prolink nano usb wireless adapter WN2001. However, when I tried to plug it into my ubuntu box, I am getting "hardware disabled errors".
This can be fixed by reloading the wireless module with swenc option.
trhura @ ~ $ sudo rfkill list
0: phy0: Wireless LAN
Soft blocked: no
Hard blocked: yesThis can be fixed by reloading the wireless module with swenc option.
trhura @ ~ $ sudo rmmod -f rtl8192cu; sudo modprobe rtl8192cu swenc=1 debug=5
Subscribe to:
Posts (Atom)