Buffalo Linkstation: Add NFS function (support NFS v3)

So I just noticed that the previous method only support NFS v2. ESXi require NFS v3 at minimum. So here’s the guide for NFS v3 on Buffalo Linkstation.

Step 1:
Gain SSH and optware (check my previous post)

Step 2:
Check for unfs package

#ipkg update
#ipkg list | grep unfs
unfs3 - 0.9.22-1 - Version 3 NFS server (not recommended, use nfs-utils instead)

Step 3:

Install unfs
#ipkg install unfs3
#ipkg install portmap (optional)

Step 4:
Configure

#nano /opt/etc/exports
/mnt/array1/share (rw,no_root_squash)

(ctrl-x to quit and save)

Restart services

#/opt/etc/init.d/S55portmap restart
#/opt/etc/init.d/S56unfsd restart

You can try mount this NFS from ESXi or ubuntu server

#apt-get install rpcbind nfs-common
#mkdir -p /mnt/mynfsshare
#mount IP-of-your-NFS-Server:/mnt/array1/share /mnt/mynfsshare/
#df -kh

When configuring NFS shares to use as network sources for Kodi’s music/video libraries, use the following format: nfs://1.2.3.4/path/to/folder (where “1.2.3.4” should be replaced with the IP of your NFS server, and “/path/to/folder” should be replaced with the path to the folder you want to share; a double slash between the server and the path is wrong, you should not use nfs://1.2.3.4//path/to/folder)

Reference(s):
http://web.archive.org/web/20151207200629/http://forum.buffalo.nas-central.org/viewtopic.php?t=6531&start=15
https://serverfault.com/questions/554215/nfs-mount-with-nfs-3
https://help.ubuntu.com/community/SettingUpNFSHowTo#Installation

Buffalo Linkstation: Add NFS function (caveat – only support NFS v2)

SMB sucks when compared to NFS. Here’s how to enable NFS in our Linkstation.

Step 1
The first step is to gain ssh root access to this Linkstation. Refer here.

Step 2
Install NFS
# ipkg update
# ipkg install nfs-server

Step 3
To configure your exports you need to edit the configuration file /opt/etc/exports. My example is this:

/mnt/array1/backups 10.0.0.10(rw,sync)
/mnt/array1/films 10.0.0.10(rw,sync)
/mnt/array1/tv 10.0.0.10(rw,sync)

or just allow the whole subnets
/mnt/array1/backups 10.0.0.0/24(rw,sync)

Once that file has been updated you’ll need to restart NFS:
# /opt/etc/init.d/S56nfsd stop
# /opt/etc/init.d/S56nfsd start

If you receive this error when restarting NFS daemon:
Cannot register service: RPC: Unable to receive; errno = Connection refused

Try checking portmapper
#rpcinfo -p
rpcinfo: can't contact portmapper: RPC: Remote system error - Connection refused

Easy, just restart the portmapper daemon
#/opt/etc/init.d/S55portmap stop
#/opt/etc/init.d/S55portmap start

Then repeat above step to restart NFS.

Reference(s:
https://github.com/skx/Buffalo-220-NAS
https://maazanjum.com/2014/02/17/starting-nfs-quotas-cannot-register-service-rpc-unable-to-receive-errno-connection-refused/

Adding Realtek 8168/8111/8411/8118 based NICs to ESXi 6.5

Step 1: Install ESXi PowerShell Module
Run PowerShell with elevated privilege (run as administrator)

PS D:\> Install-Module -Name PowerShellGet -Force
PS D:\> Install-Module -Name VMware.PowerCLI

Step 2: Changing the Windows PowerShell Script Execution Policy

PS D:\Set-ExecutionPolicy Unrestricted

Step 3: Download ESXi-Customizer-PS
Go to https://www.v-front.de/p/esxi-customizer-ps.html and download ESXi-Customizer-PS-v2.5.1.ps1 and move the script to D:\ (to ease our job)

Step 4: Run PowerShell script

PS D:\> .\ESXi-Customizer-PS-v2.5.1.ps1 -vft -load net55-r8168

Notes:
net55-r8168 is the package name from https://vibsdepot.v-front.de/wiki/index.php/List_of_currently_available_ESXi_packages containing Realtek NICs driver.
PS D:>.\ESXi-Customizer-PS-v2.5.1.ps1 -help for more customization

Alternative way:
esxcli software acceptance set --level=CommunitySupported
esxcli network firewall ruleset set -e true -r httpClient
esxcli network firewall ruleset set -e true -r dns
esxcli software vib install -d https://vibsdepot.v-front.de -n net55-r8168


Incoming search terms:

  • realtek rtl8111e vib esxi 6 5 download
  • load additional vibs from online depots error cannot find vib named
  • 8111 for ESXi
  • vmware esxi6 5 realtek
  • ESXI 6 7 8168
  • advanxer
  • [error] cannot find vib named net-tulip !
  • esxi 6 7 realtek
  • install esxi with realtek 8111
  • realtek nic r8168 esxi 6 5
  • esxi 6 5 add driver
  • https://advanxer com/blog/2017/10/adding-realtek-8168811184118118-based-nics-to-esxi-6-5/
  • esxi 6 7 realtek 8168
  • https://vibsdepot v-front de/wiki/index php/Net55-r8168
  • esxi realtek driver

Allowing tracert in Cisco ASA firewall

I was under impression that allowing icmp in the service policy will enable tracert to work. I was wrong. After scouting around I found below tweaks that will enable tracert to run correctly.

1. Set decrement TTL
ASA# configure terminal
ASA(config)# policy-map global_policy
ASA(config-pmap)# class class-default
ASA(config-pmap-c)# set connection decrement-ttl
ASA(config-pmap-c)# exit

2. Permit icmp control messages
ASA(config)# access-list inbound permit icmp any any time-exceeded
ASA(config)# access-list inbound permit icmp any any unreachable

3. Permit icmp connection, which you should already have šŸ˜€
ASA(config)# access-list outbound permit icmp any any

References:
http://www.cisco.com/c/en/us/td/docs/ios/sec_data_plane/configuration/guide/12_4/sec_data_plane_12_4_book/sec_fwall_icmp_insp.html

http://www.petenetlive.com/KB/Article/0000753.htm

Incoming search terms:

  • asa tracertrt
  • cisco asa 5508 gui enable tracert
  • cisco asa 9 1 windows traceroute
  • tracert not working asa the address translation slot was deleted
  • enable traceroute on asa
  • enable tracert on cisco ASA
  • allow traceroute through asa
  • allow tracert asa
  • asa tracert
  • can i tracert from asa
  • can you trace route from a cisco asa
  • cisco allow trace route asa
  • Cisco ASA 5525X allowing trace route
  • how enable traceroute on asa
  • how to allow traceroute in asa firewall

Force apt-get to use IPv4 instead of IPv6

It seems that Ubuntu/Debian (or perhaps other distros as well) prefer IPv6 DNS records instead of IPv4 when applicable and some times this results in loss of connectivity or similar problems.
I ran into this issue today while trying to update an old VPS with apt-get/aptitude. Specifically, security.ubuntu.com was being resolved in an unreachable IPv6 address and I had to wait some minutes for timeout every time.
Fortunately, there is an easy fix for this; you just have to edit the file located at: /etc/gai.conf which is the configuration for getaddrinfo(). There you have to uncomment line ~54 which reads: ā€œprecedence ::ffff:0:0/96 100ā€³, and you are all set! (assuming that every other option is commented out by default as in my case).

gai

Reference: http://bruteforce.gr/make-apt-get-use-ipv4-instead-ipv6.html

Incoming search terms:

  • force apt-get ipv4
  • force ubuntu to use ipv4
  • force yum ipv4
  • ubuntu force ipv4

Microsoft VPN PPTP client through Cisco ASA Firewall

Scenario:

Using Microsoft Windows built in VPN Client to connect to remote PPTP VPN server through Cisco ASA firewall.

Symptom:

Error 619

Solution:

In ASA Firewall, enter below command.
ASA-active#conf t
ASA-active(config)#policy-map global_policy
ASA-active(config-pmap)# class inspection_default
ASA-active(config-pmap-c)#inspect pptp
ASA-active(config-pmap-c)#exit
ASA-active(config)#access-list $Inbound_Interface_ACL permit gre $source_ip/network any
ASA-active(config)#access-list $Inbound_Interface_ACL permit permit tcp $source_ip/network any eq pptp

Common Troubleshooting in Windows VPN Client

1. Open VPN Properties window, go to Security tab.
2. Change “Type of VPN” to PPTP

Incoming search terms:

  • cisco asa 5505 allow outbound pptp
  • https://yandex ru/clck/jsredir?from=yandex ru;search;web;;&text=&etext=1824 9gQOlAAQU8Ge1EAhKP2VZUIc2q-WZOPpgk2L5vc5h8a6hy9E0_6eGzzEaY1d0eFX 330323684685c4a6eaf848b4d4f0838c3e68e5c5&uuid=&state=_BLhILn4SxNIvvL0W45KSic66uCIg23qh8iRG98qeIXme

Graylog2: “Could not bind UDP syslog input to address /0.0.0.0:514”

Problem

Received error “Could not bind UDP syslog input to address /0.0.0.0:514, Failed to bind to: /0.0.0.0:514, Address already in use” when adding log input using UDP 514 (default syslog port).

Explanation

In UNIX/LINUX, assigned port 1024 and below require root privilege. Either you run graylog2 as root (not recommended) or follow below workaround.

Solution

1. Create new Syslog UDP inputs and listen to any port (ex: 5514).
2. Manipulate traffic using iptable:
iptables -t nat -A PREROUTING -i eth0 -p udp -m udp --dport 514 -j REDIRECT --to-ports 5514

Incoming search terms:

  • https://advanxer com/blog/2014/10/graylog2-could-not-bind-udp-syslog-input-to-address-0-0-0-0514-failed-to-bind-to-0-0-0-0514-address-already-in-use/
  • graylog failing to bind to external ip
  • graylog input not working
  • graylog not binding to 0 0 0 0
  • graylog syslog 514
  • graylog syslog input failed
  • graylog syslog input fails to start
  • graylog syslog udp failed
  • graylog syslog udp port 514
  • https://yandex ru/clck/jsredir?from=yandex ru;search;web;;&text=&etext=1825 CYnBY5_SCrDy8UwcjgCmujx7n7o8g_jDeKg_5BPc3ZSVWZUKGiCvvbOVZifC0Rwk 5ef2f6e1aacc0fe99f61a172d0dcbea3b9ac139b&uuid=&state=_BLhILn4SxNIvvL0W45KSic66uCIg23qh8iRG98qeIXme
  • https://yandex ru/clck/jsredir?from=yandex ru;search;web;;&text=&etext=1832 kzZXKHyT1W-ei0gyq8wNqi1VZrA4w-sZ63TwRuhDGHzv2fnM-PRsXQHwH_6GHsru 0a83139f8ac5c535160089439cbe41a5241831c2&uuid=&state=_BLhILn4SxNIvvL0W45KSic66uCIg23qh8iRG98qeIXme

Cisco Insight Reporter: Sybase DB issue

Problem: Upgraded Insight Reporter from v3.2.0 to 3.4.0, existing traffic database show disconnected

insight1

Workaround/Solution:
1) To get Sybase JDBC Connector
Download JConnect from this linkĀ http://www.sybase.com/products/allproductsa-z/softwaredeveloperkit/jconnect
Extract and Install it in Insight Server

./setup.bin -i console

Go toĀ /opt/sybase/jConnect-7_0/classes and copyĀ conn4.jar and Ā jTDS3.jar into Cisco Insight directory (/home/user/Insight/apache-tomcat-6.0.20/webapps/insight/WEB-INF/lib/)
Restart tomcat

/etc/init.d/tomcat-user stop
/etc/init.d/tomcat-user start

2) To determine SCE CM db schema info
Go to your SCE CM server and execute cm file located atĀ /home/user/cm/bin

./cm version
CM CD Version 3.7.5 Build 105

insight2

Both Jar files can be downloaded from here:
http://dl.advanxer.com/stuff/Software/CiscoInsight/SybaseJDBC/

[FIX] Adding magnet url to Buffalo Linkstation embedded Ī¼Torrent

Since The Pirate Bay usingĀ magnetĀ link to initiate torrent download, i’m having issue with my Ī¼TorrentĀ running in Linkstation. Below is theĀ symptom:

Magnet links can be added but don’t start, they sit at 0 seeders and peers and display the null error mentioned previously in the event log:

JS error: [778] Unable to get value of the property '262': object is null or undefined

 

FIX
Copy magnet link from TPB, and paste into Ī¼Torrent.
Right click on the torrent list and select Properties
Look at the tracker section, add this line as additional tracker:

http://tracker.ccc.de:80/announce

Wait for few seconds, you will see some seeders and leechers coming to you

Source:
http://forums.buffalotech.com/t5/Storage/Bittorent-not-Working-after-Firmware-update/m-p/103520/highlight/true#M49903

Incoming search terms:

  • buffalo torrent lang ist null
  • how to solve magnetic link undifined problem in torrent
  • linkstation buffallo torrent url
  • unable to add torrent buffalo