What is an equivalent SWS call for the following host command:
PI/TRAVELER/823144910-1.1
I am trying to associate a guest profile with a guest on a PNR.
You also have the option to use SabreCommandLLSRQ to send the native PI/TRAVELER/823144910-1.1 command.
<SabreCommandLLSRQ xmlns="http://webservices.sabre.com/sabreXML/2003/07" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" EchoToken="String" TimeStamp="2001-12-17T09:30:47-05:00" Target="Production" Version="2003A.TsabreXML1.6.1" SequenceNmbr="1" PrimaryLangID="en-us" AltLangID="en-us">
<Request Output="SCREEN" CDATA="true">
<HostCommand>PI/TRAVELER/823144910-1.1</HostCommand>
</Request>
The only way to add a Profile Index (PI) to a PNR is to use the ProfileToPNR service that moves the profile into the PNR.
Related
I'm trying to connect to my scylladb 1.7.4 instance using the connection string provided for me in the compose overview section of the management UI:
$ cqlsh --ssl portal-xxxx.ibm-343.composedb.com 19228 -u scylla -p XXXX --cqlversion=3.3.1
However, the response is:
Validation is enabled; SSL transport factory requires a valid certfile to be specified. Please provide path to the certfile in [ssl] section as 'certfile' option in /Users/snowch/.cassandra/cqlshrc (or use [certfiles] section) or set SSL_CERTFILE environment variable
Where can I get access to the Compose SSL certificate so that I can connect with:
$ SSL_CERTFILE=/path/to/scylla_certfile cqlsh --ssl portal-xxxx-0.csnow-scylla-45.ibm-343.composedb.com 19228 -u scylla -p XXXX --cqlversion=3.3.1
I have seen the option SSL_VALIDATE=false in the documentation however, I don't want to disable SSL validation.
The information is further down in the documentation in the section https://help.compose.com/docs/scylla-and-certificates.
My confusion was because I was drawn to the information on ssl (#2) because of the issue I had encountered and as such I jumped over the section on full configuration for cqlsh (#1):
Cqlsh Command Line
The Cqlsh Command Line panel contains three cqlsh commands, each of which connect to the three Compose portals. Full details on obtaining cqlsh and configuring it are available in Scylla and cqlsh. (#1)
The displayed command include required flags (--ssl and --cqlversion). If the command is preceded by setting the environment variable SSL_VALIDATE=false, then no further configuration is needed. (#2)
I think this section would be a bit clearer if it was re-ordered:
Cqlsh Command Line
The Cqlsh Command Line panel contains three cqlsh commands, each of which connect to the three Compose portals.
The displayed command include required flags (--ssl and --cqlversion). If the command is preceded by setting the environment variable SSL_VALIDATE=false, then no further configuration is needed.
Full details on obtaining cqlsh and configuring it are available in Scylla and cqlsh. This section includes information on configuring cqlsh to use ssl.
I was needing to view the backend https requests made by my androidTV's application, but, as the calls are "https" calls I am needing to install a charles certificate (on my androidTV) to allow charles to decrypt them.
If anyone knows how to install a certificate on androidTV please tell me.
Thanks a lot!
I wrote an article on this: https://zahidrasheed.medium.com/charles-proxy-with-androidtv-fedc863e7039
TLDR;
1- Export root certificate from charles app and put it under res/raw by:
Help > SSL Proxying > Save Charles Root Certificate… and save it as charles_ssl_cert.pem file.
2- Embed the certificate in the app through network-security-config.xml
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<debug-overrides>
<trust-anchors>
<certificates src="system" />
<certificates src="#raw/charles_ssl_cert" />
<certificates src="user" />
</trust-anchors>
</debug-overrides>
</network-security-config>
3- Export the root certificate again by:
Help > SSL Proxying > Export Charles Certificate and Private Key
Now share the .p12 file with users who would like to test the app. The need to:
Proxy > SSL Proxying Settings > Root Certificate > Import P12 (Enter the password you used above).
You can install SSL certs in the Android Emulator through ADB, given that you use an emulator image without Google Play Services. This will allow you to root your emulator and push the certificate to the cacerts directory in /system. This means you can install SSL certificates on AndroidTV even though there is no UI for this available in settings.
To install your certificate in the emulator, follow these steps:
Get an Android (TV) emulator without Play Services and give it a convenient name
Go to $ANDROID_HOME/emulator and run ./emulator #<emulatorname> -writable-system. If you run the emulator through Android Studio, you won't be able to mount the system partition as writable.
adb root
adb remount
openssl x509 -inform PEM -subject_hash_old -in <your certificate>.pem | head -n 1 , this will give you a hash you'll need in the following steps
Rename <your certificate>.pem to <hash>.0 (e.g. 711d79cc.0)
adb push <hash>.0 /system/etc/security/cacerts/<hash>.0
adb shell chmod 644 /system/etc/security/cacerts/<hash>.0
You can do it programmatically. See here for more details. I haven't found an option to do it from the Android TV UI unfortunately.
EDIT: Even that fails with
android.content.ActivityNotFoundException: Unable to find explicit activity class {com.android.settings/com.android.settings.CredentialStorage}; have you declared this activity in your AndroidManifest.xml?
So I don't know how to do this...
When using netfilter/iptables you could set nf_conntrack to read your SIP signalling messages on port 5060 and it would automatically open up the required RTP ports for audio to pass for that call.
Can anyone please explain or help me find the equivalent for doing this with firewalld on CentOS 7?
I know I can open up an entire range but I like only having necessary ports open.
EDIT 1 - This suggests that nf_conntrack is scheduled for a later release, but that info is at least 8 months old (as it's referred to here, dated 16th April). Is there another way?
In /etc/firewalld/services, create a service definition, i.e. sip.xml with the following contents:
<?xml version="1.0" encoding="utf-8"?>
<service>
<short>SIP</short>
<description>SIP over UDP on port 5060</description>
<port protocol="udp" port="5060"/>
<module name="nf_conntrack_sip"/>
</service>
To permanently add that to your default zone:
# firewall-cmd --add-service=sip --permanent
And to apply that:
# firewall-cmd --reload
At this point, if you look at lsmod, you should see that the nf_conntrack_sip module is loaded, e.g.
# lsmod |grep sip
nf_conntrack_sip 33860 0
nf_conntrack 105702 7 nf_nat,nf_nat_ipv4,nf_nat_ipv6,xt_conntrack,nf_conntrack_sip,nf_conntrack_ipv4,nf_conntrack_ipv6
I need to use nmap to check if port 443 is open for a list websites. So, I saved them into a file. I need the output to tell me if the port is open or not. I used the command:
nmap -PN -p443 gnmap -oG logs/output.gnmap -iL myfolder/input.txt
The problem: the output file is giving me a different domain names. Nmap made rDNS and I found that the IP points to adifferent domain name. Please, explain. Does this means both domains are hosted in the same server ? However, I checked their certificates and found each domain has different certificate. I am concerned about port 433 in my list to check their certificates later. So, I don't want to check another domain's certificate's other than the one I entered in the file.
To solve the issue, I used the -n option. But the problem is that the output file contains IPs only. How can I produce output file that contains the result of my domains without rDNS ??
The "Grepable" output format (-oG) is deprecated because it cannot show the full output of an Nmap scan. There is no way to get the output you want with the -oG option unless you modify Nmap and recompile it.
Luckily, the XML output format (-oX) contains the information you want and more:
<hostnames>
<hostname name="bonsaiviking.com" type="user"/>
<hostname name="li34-105.members.linode.com" type="PTR"/>
</hostnames>
In this example, from scanning my domain, the hostname provided on the command line has the attribute type="user", and the hostname that was a result of the reverse lookup has type="PTR".
I'm requesting a HTML report from an OpenVAS server the following way:
<?xml version="1.0" encoding="utf-8"?>
<commands><authenticate><credentials><username>***</username><password>***</password></credentials></authenticate><get_reports report_id="454a3397-b8a4-408e-9f55-f08972765d30" format_id="b993b6f5-f9fb-4e6e-9c94-dd46c00e058d"/></commands>
However when I read the response I receive only 8192 bytes, which happens not to hold all the HTML code. Is this is a hardcoded limit? How do I get around it?
I have found a similar issue. The cause was related to running
openvas-mkcert-client -n admin -i
Note the trailing -i, this is what causes the break. I have found no solution.