Computer Stuff
Making an OpenBSD bootable RAMDISK_CD
by Brian on Oct.14, 2005, under OpenBSD
This is a work in progress, do not follow these directions without having the capability of continuing on your own.
Steps:
- You need a working openbsd machine on which to compile and build ISO images.
- Make a directory in which to keep the cd’s contents, such as /home/livecd or
similar. If you can make this a separate partition, so you can boot it for testing, all the better. - Untar base37.tgz and etc37.tgz in this directory.
- Make sure the kernel sources (/usr/src/sys) are installed on the machine.
- cd into /usr/src/sys/arch/i386/conf and copy the kernel config file GENERIC to CDBOOT or similar.
- edit the file CDBOOT. Replace the include of ../../conf/GENERIC with the contents of that file.
- make the following changes to CDBOOT:
- add the options RAMDISK_HOOKS and MINIROOTSIZE=3560 to support ramdisks
- comment out the line config bsd swap generic, as there will be no disk to swap to
- add the line config bsd root on cd0c to allow for / on the cd
- run the command “config CDBOOT”
- cd into ../compile/CDBOOT and run make depend and then make
- copy this kernel into /home/livecd
- edit the file /usr/src/distrib/i386/common/Makefile.inc, replacing the lines
strip ${.OBJDIR}/boot strip -R .comment ${.OBJDIR}/boot
with the line
strip --strip-all -R .comment -K cngetc bsd.strip
- cd into /usr/src/distrib/i386/floppies
- create the directory CDBOOT as a copy of ramdisk_cd
- edit the makefile in CDBOOT, changing the line RAMDISK=RAMDISK_CD to RAMDISK=CDBOOT
- do a make in /usr/src/distrib/crunch and then /usr/src/distrib, to setup some prerequisites, then do a make in /usr/src/distrib/i386/CDBOOT. copy cdrom35.fs to /home/livecd/boot.img, this is the image you need to make the cd properly bootable.
- change /etcs to make booting work right
- Edit the CD version of /etc/rc to mount the floppy on /etc, then run
/etc/rc off the floppy or run the installer if it doesn’t exist. - edit the floppy version of /etc/rc to mount the appropriate filesystems.
- edit the CD version of /etc/fstab to include the cd and the floppy
- edit the floppy version of /etc/fstab to include the cd and floppy, and
all ramdisk filesystems
- Edit the CD version of /etc/rc to mount the floppy on /etc, then run
- Create an etc floppy, or include the installer script and related files.
- Create the ISO image using the command: mkisofs -b cdrom37.fs -c boot.catalog -R -v -o OBSDCD.iso /home/livecd
Installing OpenBSD onto a 256mb CompactFlash Card via serial cable is fun.
by Brian on Oct.14, 2005, under OpenBSD
So I’ve gotten this really *sweet* OEM firewall appliance on demo….
And I thought I’d put OpenBSD-3.7-STABLE onto it.
No hard drive or VGA port, just a com0, 256mb CompactFlash and 512mb of RAM…
Hmmm….
Serial console time….
yup. i guess i got the cable. ;P
So… I have my serial cable, plugged into the DB9 on the demo unit, and also to com0 on my laptop.
no dice. (or console redirection….) #$$%#@^@!!@#%$#!@
## Screw-driver time ##
Ok. I’ve gotten the cover off of this thing, and installed the not-supplied-but-overnight-shipped VGA cable.
(what are they, like $.59 in bulk? )
Monitor plugged in, CDROM drive perched precariously over the open system, USB keyboard plugged in, READY.
Into the BIOS, re-direct the console to com0, save and exit.
## End Screw-driver time ## (for now)
So, just to get an idea of what we’re working with, I installed a simple 3.7-STABLE system.
The 256mb compact flash was recognized as wd0, and so I installed to it as if it were a hard disk.
{swap} 32m
/ {remainder} ~209mb
I installed the following packages:
bsd
base37.tgz
etc37.tgz
misc37.tgz
comp37.tgz (just ’cause I wanted to see if it would fit)
It all fit with ~9mb left over. {cool} Obviously not very useful, as a noisy log would fill the disk rather quickly.
So, let’s build a bootable RAMDISK_CD and boot it from the flash.
We need a similar 3.7-STABLE x86-based build host, preferrably with plenty of drive space, for making the bootable RAMDISK_CD.
Think I’ll go set that up… (more later)
The OpenBSD Anti-Spam mailserver How-To
by Brian on Sep.24, 2005, under OpenBSD
Piles of valuable information, a must read for any mail server admin.
http://www.flakshack.com/anti-spam
This *flat-out* cracked me up… :)
by Brian on Sep.24, 2005, under Amusement, OpenBSD
Taken directly from the OpenBSD FAQ
The standard OpenBSD kernel configuration (GENERIC) is designed to be suitable for most people. More people have broken their system by trying to tweak their kernel than have improved system operation. There are some people that believe that you must customize your kernel and system for optimum performance, but this is not true for OpenBSD. Only the most advanced and knowledgeable users with the most demanding applications need to worry about a customized kernel or system.
Some reasons you might want or need to build a custom kernel:
Some reasons why you should not build a custom kernel:
You do not need to, normally.
You will not get a faster system.
You are likely to make a less reliable machine.
You will not get any support from developers.
You will be expected to reproduce any problem with a GENERIC kernel before developers take any problem report seriously.
Users and developers will laugh at you when you break your system.
Custom compiler options usually do a better job of exposing compiler problems than improving system performance
Nice bit of writing, guys. Keep up the good work! (and thanks for the help)
It made me chuckle…
by Brian on Sep.24, 2005, under Amusement, OpenBSD
5.11.3 – My IPv6-less system doesn’t work!
Yes.
Please do not make modifications to the base system that you don’t
understand the implications of.
One “little” change in the kernel can have very large impact to the
entire rest of the system.
Please re-read this.
Creating a self-signed SSL certificate for Apache
by Brian on Aug.06, 2005, under Mac OSX, OpenBSD
To support https transactions in Apache, you will need to generate an RSA certificate.
# openssl genrsa -out /etc/ssl/private/server.key 1024
Or, if you wish the key to be encrypted with a passphrase that you will have to type in when starting servers
# openssl genrsa -des3 -out /etc/ssl/private/server.key 1024
The next step is to generate a Certificate Signing Request which is used
to get a Certifying Authority (CA) to sign your certificate. To do this
use the command:
# openssl req -new -key /etc/ssl/private/server.key -out /etc/ssl/private/server.csr
This server.csr file can then be given to Certifying Authority who will sign the key.
You can also sign the key yourself, using the command:
# openssl x509 -req -days 365 -in /etc/ssl/private/server.csr -signkey /etc/ssl/private/server.key -out /etc/ssl/server.crt
Simple ethernet tracker script
by Brian on Aug.05, 2005, under Mac OSX, OpenBSD
Need to find an ethernet port on a very populated switch?
Run this on your powerbook, plug into the jack, and Voila!
The port on the switch will flash, allowing you to find it without
replacing the dead batteries in your toner and tracker.
#!/bin/sh
while true; do
sudo ifconfig en0 down
sleep 1
sudo ifconfig en0 up
sleep 1
done
Clearing the EXEC password from a Cisco 675/678 DSL Router
by Brian on Jul.27, 2005, under Networking
To clear Exec Password if it isnt remembered… (Don’t ask…)
[Warning: This will erase your current configuration!]
At password prompt unplug powercord for 3 seconds plug in again.
Just after the alarm light comes on press (CTRL + C) and the router
should go to a special prompt.
Type (es 6) and press enter. The router will indicate that it is erasing
sector 00000006.
When done simply unplug the power and start from beginning.
(Your config is now gone!)
Hope you have a backup…
Freeware CD and DVD burning!
by Brian on Jul.14, 2005, under Windows Info
DeepBurner is a kick-ass free CD and DVD burning utility.
get it here: www.deepburner.com
How to setup a Cisco 7960G with SIP
by Brian on Jul.04, 2005, under Networking
I went to the Cisco 7960G Software Download Site and downloaded the P0S3-7-4-00.zip file which contained the 7.4 SIP Flash Image for 7940/7960 IP Phone’s.
Power on your phone and connect it to your network. You will need to change the IP address of your phone to a free one on your network or set it up to use DHCP, which is the way mine was configured by default.
There are apprently a couple of ways to unlock your phone depending on which verison of firmware that you have installed. For older phones you will need to press **# or on newer firmware select unlock config from the config menu and then type in the password (default is ‘cisco’).
My phone was using older firmware (3.1 MF.G2) so I hit the settings hard key on the phone, moved the “cursor†to option 3, but don’t select it just yet. Press **#, then press the select soft key on the 7960’s screen. You should see the padlock icon with an unlocked appearance. Press 32 and see if you have a YES option (alternate TFTP). If so press yes, then go to option 8 and edit the IP address.
From the CLI of your Asterisk box type: setup-cisco. This command will setup a basic SIPDefault.cnf in the /tftpboot directory of your Asterisk box.
Upload the P0S3-7-4-00.zip file to your servers TFTP root directory wihch in my case was /tftpboot on the A@H server. Don’t unzip it on your workstation and upload it. For some reason it doesn’t work.
From within your /tftbboot directory on your Asterisk box type uzip P0S3-7-4-00.zip.
From the command line type cp /tftpboot/cisco_util/* /tftpboot.
From the command line type chmod 777 /tftpboot/*.
Reboot your 7960 by disconnecting the power cable. Your phone should be able to aquire its IP from the DHCP server (if that is how you have it configured), connect to the TFTP server and start the upgrading your phone to the 7.4 release of the SIP firmware.
Once your phone has completed the upgrade, you will need to type rm /tftpboot/xmlDefault.CNF.XML and rm /tftpboot/XMLDefault.cnf.xml from the command line on your Asterisk box.