I want to do something like this using the OpenVPN client on my Ubuntu machine to connect to an OpenVPN server:
Pseudo-command:
openvpn --config myconfig.ovpn --session-duration=15m
What are the command-line arguments for something like "session-duration"?
I did it the brute force way.
Start OpenVPN
sudo openvpn --config myconfig.ovpn --daemon
Kill OpenVPN
sudo kill -9 $(ps aux | grep openvpn | grep ^root | awk '{print $2}')
Related
I'm really new to Docker. I'm trying to run Wordpress, and I've run into an error.
$ docker-compose up -d
testpublichtml_mariadb_1 is up-to-date
Starting 00b4dc8e3264_testpublichtml_wordpress_1
ERROR: for wordpress Cannot start service wordpress: driver failed programming external connectivity on endpoint
00b4dc8e3264_testpublichtml_wordpress_1 (63165c221c0b2b11d513e97d35afa39146790086115029b9bb229212d0c8c06a): Error starting userland proxy: Bind for 0.0.0.0:80: unexpected error (Failure EADDRINUSE)
ERROR: Encountered errors while bringing up the project.
$
My guess is to try and check if something is on port 80, though I'm not sure how to check that.
When I enter netstat -tulnp | grep ':80', I get:
$ netstat -tulnp | grep ':80'
netstat: option requires an argument -- p
Usage: netstat [-AaLlnW] [-f address_family | -p protocol]
netstat [-gilns] [-f address_family]
netstat -i | -I interface [-w wait] [-abdgRtS]
netstat -s [-s] [-f address_family | -p protocol] [-w wait]
netstat -i | -I interface -s [-f address_family | -p protocol]
netstat -m [-m]
netstat -r [-Aaln] [-f address_family]
netstat -rs [-s]
Probably you have some service running on port 80. To check this, execute the following command.
netstat -tulnp | grep ':80'
The last column is PID/Program name of your process. If you want to kill it, use the following command.
kill PID
After that, you should be able to start your container.
I setup this.
http://www.zell-weekeat.com/grunt-sass-with-susy/
It works fine for one run then, if I exit out of the sass watch I can't free up the port.
Fatal error: Port 35729 is already in use by another process.
Then
sudo lsof -i :35729
gives
\COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
grunt 26305 author 12u IPv6 7064373 0t0 TCP *:35729 (LISTEN)
How do I get this port to free up
Just for organization sake, as mentioned in comments:
You should stop a process with Ctrl+C in the terminal.
Ctrl+Z will keep it running.
If you need to kill it, find the PID with sudo lsof -i :35729 and then kill -9 PID.
Just sudo netstat -tulpn | grep -i : <port>. kill it with kill -9 PID
I would like to establish bidirectional encrypted communication between two machines using spiped (http://www.tarsnap.com/spiped.html) but I suspect that this is really a question about port forwarding... here's what I have working thus far (where my local machine is OS X Mavericks, and the remote is a Ubuntu 12.04 Virtualbox VM):
Remotely (listen on 8025 for external requests and redirect to 8000,
where nc displays on stdout):
remote % killall spiped
remote % spiped -d -s '[0.0.0.0]:8025' -t '[127.0.0.1]:8000' -k keyfile
remote % while true; do nc -l 8000; done
Then, locally (listen on 8001 locally and redirect to 8025, where it is sent to the remote machine):
local % killall spiped
local % spiped -e -s '[127.0.0.1]:8001' -t '[192.168.56.10]:8025' -k keyfile
Now when I do the following, "hello" is printed to stdout remotely:
local % echo hello | nc 127.0.0.1 8001
All of this is great. But what about sending data from the remote machine and receiving it locally? I naively assume I can do this remotely:
remote % echo hello | nc 127.0.0.1 8000
And read the data locally with
local % nc -l 8001
But nc does not receive any data locally. I assume I am fundamentally misunderstanding something. In the absence of specific answers, can anyone suggest resources to read up on relevant topics? I'm not looking for a solution using an ssh tunnel - I know how to do that.
In order to provide bi-directional communications with spiped you will need to setup the following on both machines:
A server daemon using the pre-shared key which forwards to the requested local service
A client which sends traffic using the same pre-shared key to the desired spiped port
One listens & one receives on both systems. For more information take a look a the source code for the client & for the server.
You can run the spiped service on both systems but each will require manual (or scripted) connections using the spipe client.
For example using the server (on both machines you would run the following):
spiped {-e | -d} -s <source socket> -t <target socket> -k <key file>
[-DfFj] [-n <max # connections>] [-o <connection timeout>] [-p <pidfile>]
[{-r <rtime> | -R}]
And on the clients wishing to communicate (bi-directionally) with each other you would have to manually invoke the client:
spipe -t <target socket> -k <key file> [-fj] [-o <connection timeout>]
Or as a real world example using your setup (two services bound to 8025 forwarding to nc on 8000).
remote % spiped -d -s '[0.0.0.0]:8025' -t '[127.0.0.1]:8000' -k keyfile
remote % while true; do nc -l 8000; done
local % spiped -d -s '[0.0.0.0]:8025' -t '[127.0.0.1]:8000' -k keyfile
local % while true; do nc -l 8000; done
Each (remote & local) run the following (nc bound locally to 8001 and sending to the server at 8025):
remote % spiped -e -s '[127.0.0.1]:8001' -t '[192.168.56.10]:8025' -k keyfile
local % spiped -e -s '[127.0.0.1]:8001' -t '[192.168.56.11]:8025' -k keyfile
Sending data to 8001 on both remote & local forwarding to local & remote
remote % echo "hello client" | nc 127.0.0.1 8001
local % echo "hello server" | nc 127.0.0.1 8001
Listening to each
remote % nc -l 8001
local % nc -l 8001
Seeing as how the software was designed to protect the transport layer of the tarsnap backup software which only requires the payloads to be encrypted TO the service.
Their example within the documentation for protecting the SSH daemon further illustrates this by making use of the 'ProxyCommand' option for SSH. Eg:
You can also use spiped to protect SSH servers from attackers: Since
data is authenticated before being forwarded to the target, this can
allow you to SSH to a host while protecting you in the event that
someone finds an exploitable bug in the SSH daemon -- this serves the
same purpose as port knocking or a firewall which restricts source IP
addresses which can connect to SSH. On the SSH server, run
dd if=/dev/urandom bs=32 count=1 of=/etc/ssh/spiped.key
spiped -d -s '[0.0.0.0]:8022' -t '[127.0.0.1]:22' -k /etc/ssh/spiped.key
then copy the server's /etc/ssh/spiped.key to
~/.ssh/spiped_HOSTNAME_key on your local system and add the lines
Host HOSTNAME ProxyCommand spipe -t %h:8022 -k ~/.ssh/spiped_%h_key
to the ~/.ssh/config file. This will cause "ssh HOSTNAME" to
automatically connect using the spipe client via the spiped daemon;
you can then firewall off all incoming traffic on port tcp/22.
For a detailed list of the command-line options to spiped and spipe,
see the README files in the respective subdirectories.
I want to root my serial COM10 to LAN --> LAN to COM12
I therefor need the equivalent command for windows version of socat:
socat -d -d -d TCP4-LISTEN:23000,reuseaddr,fork /dev/ttyS0
What do I have to enter under Windows instead of /dev/ttyS0 if I want to access my COM10?
Sender : socat -d -d -d TCP4:loalhost:23000 /dev/ttyS1
Receiver: socat -d -d -d TCP4-LISTEN:23000 /dev/ttyS2
Thank in advance!
Use standard Linux name convention:
/dev/ttyS0 is equivalent to COM1
/dev/ttyS1 ~ COM2
... so COM10 should be /dev/ttyS9.
http://cygwin.com/cygwin-ug-net/using-specialnames.html#pathnames-posixdevices
As the title says, I'm running multiple game servers, and every of them has the same name but different PID and the port number. I would like to match the PID of the server which is listening on certain port, and then I would like to kill this process. I need that in order to complete my bash script.
Is that even possible? Because it didn't find yet any solutions on the web.
Short version which you can pass to kill command:
lsof -i:80 -t
The -p flag of netstat gives you PID of the process:
netstat -l -p
*use sudo if showing - instead of PID
Edit: The command that is needed to get PIDs of socket users in FreeBSD is sockstat.
As we worked out during the discussion with #Cyclone, the line that does the job is:
sockstat -4 -l | grep :80 | awk '{print $3}' | head -1
netstat -p -l | grep $PORT and lsof -i :$PORT solutions are good but I prefer fuser $PORT/tcp extension syntax to POSIX (which work for coreutils) as with pipe:
pid=`fuser $PORT/tcp`
it prints pure pid so you can drop sed magic out.
One thing that makes fuser my lover tools is ability to send signal to that process directly (this syntax is also extension to POSIX):
$ fuser -k $port/tcp # with SIGKILL
$ fuser -k -15 $port/tcp # with SIGTERM
$ fuser -k -TERM $port/tcp # with SIGTERM
Also -k is supported by FreeBSD: http://www.freebsd.org/cgi/man.cgi?query=fuser
netstat -nlp should tell you the PID of what's listening on which port.
Syntax:
kill -9 $(lsof -t -i:portnumber)
Example:
To kill the process running at port 4200, run following command
kill -9 $(lsof -t -i:4200)
Tested in Ubuntu.
Since sockstat wasn't natively installed on my machine I hacked up stanwise's answer to use netstat instead..
netstat -nlp | grep -E "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\:2000" | awk '{print $7}' | sed -e "s/\/.*//g""
I wanted to programmatically -- using only Bash -- kill the process listening on a given port.
Let's say the port is 8089, then here is how I did it:
badPid=$(netstat --listening --program --numeric --tcp | grep "::8089" | awk '{print $7}' | awk -F/ '{print $1}' | head -1)
kill -9 $badPid
I hope this helps someone else! I know it is going to help my team.
on windows, the netstat option to get the pid's is -o and -p selects a protocol filter, ex.:
netstat -a -p tcp -o