I was wondering if there is the equivalent of the following in Solaris for checking if IPV6_V6ONLY is enabled by default:
On a Linux system I can check if IPv6 only is enabled by checking the following file:
/proc/sys/net/ipv6/bindv6only
If bindv6only contains 0 (IPv4-in-IPv6 & IPv6 are both enabled).
If bindv6only contains 1 (Only IPv6 is enabled).
How can I check that IPV6_V6ONLY by default is enabled on Solaris 10 ? Is there one configuration parameter that can provide this info or do I need to iterate through interfaces via ifconfig -a6 or /etc/hostname6.xxx
Thanks.
Solaris provides socket option defaults with the ndd command, e.g.
sudo /usr/sbin/ndd /dev/ip \?
In this instance Solaris does not provide an option to allow the administrator to enable IPV6_V6ONLY by default.
You might enjoy this:
http://blog.caurea.org/2010/01/31/the-abomination-known-as-ipv6-v6only.html
Related
I have a virtual machine that is supposed to be the host, which can receive and send data. The first picture is the error that I'm getting on my main machine (from which I'm trying to send data from). The second picture is the mosquitto log on my virtual machine. Also I'm using the default config, which as far as I know can't cause these problems, at least from what I have seen from other examples. I have very little understanding on how all of this works, so any help is appreciated.
What I have tried on the host machine:
Disabling Windows defender
Adding firewall rules for "mosquitto.exe"
Installing mosquitto on a linux machine
Starting with the release of Mosquitto version 2.0.0 (you are running v2.0.2) the default config will only bind to localhost as a move to a more secure default posture.
If you want to be able to access the broker from other machines you will need to explicitly edit the config files to either add a new listener that binds to the external IP address (or 0.0.0.0) or add a bind entry for the default listener.
By default it will also only allow anonymous connections (without username/password) from localhost, to allow anonymous from remote add:
allow_anonymous true
More details can be found in the 2.0 release notes here
You have to run with
mosquitto -c mosquitto.conf
mosquitto.conf, which exists in the folder same with execution file exists (C:\Program Files\mosquitto etc.), have to include following line.
listener 1883 ip_address_of_the_machine(192.168.1.1 etc.)
By default, the Mosquitto broker will only accept connections from clients on the local machine (the server hosting the broker).
Therefore, a custom configuration needs to be used with your instance of Mosquitto in order to accept connections from remote clients.
On your Windows machine, run a text editor as administrator and paste the following text:
listener 1883
allow_anonymous true
This creates a listener on port 1883 and allows anonymous connections. By default the number of connections is infinite. Save the file to "C:\Program Files\Mosquitto" using a file name with the ".conf" extension such as "your_conf_file.conf".
Open a terminal window and navigate to the mosquitto directory. Run the following command:
mosquitto -v -c your_conf_file.conf
where
-c : specify the broker config file.
-v : verbose mode - enable all logging types. This overrides
any logging options given in the config file.
I found I had to add, not only bind_address ip_address but also had to set allow_anonymous true before devices could connect successfully to MQTT. Of course I understand that a better option would be to set user and password on each device. But that's a next step after everything actually works in the minimum configuration.
For those who use mosquitto with homebrew on Mac.
Adding these two lines to /opt/homebrew/Cellar/mosquitto/2.0.15/etc/mosquitto/mosquitto.conf fixed my issue.
allow_anonymous true
listener 1883
you can run it with the included 'no-auth' config file like so:
mosquitto -c /mosquitto-no-auth.conf
I had the same problem while running it inside docker container (generated with docker-compose).
In docker-compose.yml file this is done with:
command: mosquitto -c /mosquitto-no-auth.conf
I know we can ping an address using command below(official doc):
salt '*' network.ping archlinux.org
but how to specify the interface?
I know it should be possible because we can do it in terminal or command prompt:
windows:
ping -4 192.168.0.1 -s 1
Ubuntu:
ping -I wlan0 8.8.8.8
so we can use salt '*' cmd.run "<command to execute>" but is there a better way?
thanks in advance
A quick check of the code reveals that this feature hasn't yet been added to the network.ping function. It doesn't look like it would be hard to add.
Here's the function definition: https://github.com/saltstack/salt/blob/d7f242b9ca77dee0e80abb38d45493f1db609a65/salt/modules/network.py#L63
Feel free to open an issue here: https://github.com/saltstack/salt/issues/new
Or open a pull request if you'd like to add that functionality yourself.
I'm trying to set up a pair of serial ports between my QEMU host (Debian Jessie x86_64) and guest (also Debian Jessie, but on ARM). Everything except the serial port part works.
I'm really new to QEMU so there might be a better way but I've tested the following flags when running QEMU:
-chardev tty,id=mytty,path=/dev/pts/2 (/dev/pts/2 & 3 are up with socat)
-chardev pty,id=mypty QEMU opens a PTY but when I try to read or write from host get permission denied.
In either case I can't find the ports in my guest. /dev/pts is empty and in /dev there are only tty and ttyAMA3. So, my problem is setting up communication in general and I'm especially curious on where the ports are on my guest.
I found a solution to my own question. First the device tree was incomplete so I needed to add 3 additional uart ports. That's the reason I could not find my ports in the guest.
Second, I needed to tell QEMU to use on of the ports as stdio: -append ... console=ttyAMA3 and -serial mon:stdio. Then I'm able to, with -serial pty, link QEMUs ttyAMA* to pts/* on the host.
I've just come across this line of code in a .bat file:
psftp -2 -l XXXXX 195.2.37.69 -pw XXXXX -P 10022 -b c:\sftp\sendfile.bat -v -bc -be
The help tells me what all the parameters do except for the -2.
Can anybody tell me what the -2 does?
-2 or -1 forces the use of a the corresponding SSH protocol version, so in your example it enforces the use of SSH2. You can also specify -4 or -6 which forces the use of respectively IPv4 or IPv6.
Quoting the psftp documentation:
3.8.3.16 -1 and -2: specify an SSH protocol version
The -1 and -2 options force PuTTY to use version 1 or version 2 of the
SSH protocol. These options are only meaningful if you are using SSH.
These options are equivalent to selecting your preferred SSH protocol
version as ‘1 only’ or ‘2 only’ in the SSH panel of the PuTTY
configuration box (see section 4.18.4).
So the -2 forces SSH version 2.
In older versions, the psftp tried the SSH version 2 and fell back to the SSH version 1, if the server did not support the version 2. With -2, the fallback to an insecure version 1 did not happen and connection is abandoned. The latest versions do not fall back by default anymore. Nowadays, no serious SSH/SFTP server even supports the version 1 anyway.
I have a Fuse ESB standalone server running in a RHEL box. I want to connect to the Karaf console remotely to manage the bundles.
If I close my current session, How I go back to my karaf console again ?
I have my Fuse ESB configured to 8101 port for SSH. Will I be able to connect it directly through my SSH client(Putty)
Or Do I need another fuse esb instance locally to access the remote Fuse instance ?
Either ways I am not able to connect, It says access denied. Is there any other easier way to connect to remote fuse/karaf instance ?
Even I tried using Client.sh from bin directory, it says authentication failure. But I have created a JAAS user with Admin role.
By the way, Is just a user is enough to do this ? Or does it need Public/Private key configuration also ?
What is the usual approach for managing the remote Fuse/Karaf instance ?
You can find many details in the JBoss Fuse documentation (eg successor to Fuse ESB) at
https://access.redhat.com/site/documentation/en-US/JBoss_Fuse/
And there is a chapter on remote connecting to containers here
https://access.redhat.com/site/documentation/en-US/JBoss_Fuse/6.0/html-single/Configuring_and_Running_JBoss_Fuse/index.html#ESBRuntimeRemote
You need to pass in credentials for a user on the container that is valid and is in the admin role.
The karaf shell also has a jaas command, which allows you to list the users and their roles etc. And as well add new users, etc. You can also do some user management form the FMC web console that is part of Fuse ESB.
You might also want to check your IPtables
http://ask.xmodulo.com/open-port-firewall-centos-rhel.html.
- $ sudo iptables -I INPUT -p tcp -m tcp --dport 8101 -j ACCEPT
- $ sudo service iptables save
- $ service iptables restart
From another karaf instance you can run this command
JBossFuse:karaf#root> ssh -l username -P password -p port hostname
e.g
- JBossFuse:karaf#root> ssh -l smx-P smx -p 8101 10.234.12.12
You have to make sure that the ssh role name that is defined in etc/org.apache.karaf.shell.cfg
# shRole defines the role required to access the console through ssh
#
sshRole = ssh
matches the one in etc/user.properties
#
# This file contains the users, groups, and roles.
# Each line has to be of the format:
#
# USER=PASSWORD,ROLE1,ROLE2,...
# USER=PASSWORD,_g_:GROUP,...
# _g_\:GROUP=ROLE1,ROLE2,...
#
# All users, grousp, and roles entered in this file are available after Karaf startup
# and modifiable via the JAAS command group. These users reside in a JAAS domain
# with the name "karaf".
#
karaf = karaf,_g_:admingroup
_g_\:admingroup = group,admin,manager,viewer,ssh