When my terminal is in gui mode using such as ncurses library, if exception occurs, my console may be soiled. Just blindly type command below to recover it.
1 2 | #reset stty sane <press enter key> |
人,技术,生活。
When my terminal is in gui mode using such as ncurses library, if exception occurs, my console may be soiled. Just blindly type command below to recover it.
1 2 | #reset stty sane <press enter key> |
Need recompile Linux kernel with squashfs support.
1 2 3 4 | CONFIG_SQUASHFS Location: -> File systems -> Miscellaneous filesystems (MISC_FILESYSTEMS [=y]) |
Or use user space cmd
1 | squashfuse ./sysrcd.dat sysrcd_dir |
连接linux主机A失败,返回
i Available Remote Kex Methods = curve25519-sha256,curve25519-sha256@libssh.org,... i Selected Kex Method = |
连接linux主机B成功,返回
i Available Remote Kex Methods = curve25519-sha256@libssh.org,ecdh-sha2-nistp256,... i Selected Kex Method = diffie-hellman-group14-sha1 |
原因是主机A中的OpenSSH升级了,可用以下命令确认
1 | ssh -V |
解决办法为,在/etc/ssh/sshd_config文件尾部加入
1 2 3 | #Ciphers aes128-cbc #MACs hmac-md5,hmac-sha1 KexAlgorithms diffie-hellman-group14-sha1 |
重启sshd
1 | service sshd restart |
refer to:
https://blog.csdn.net/lk_db/article/details/50964912
linux内核xfrm参数replay-window用于设定抗重放攻击效果。
replay-window为0表示不启用抗重放攻击,大于0时表示当前esp/ah包活动序列窗口大小,序号太旧的包因赶不上活动窗口而被丢弃或回复失败包。
在基于
StrongSwan PSK RSA
连通的环境下。
在C机器中编辑/etc/strongswan.d/charon.conf,更改replay-window值。
重启strongswan并启动连接后,可能通过命令
1 | ip xfrm state |
查看strongswan有没有将参数值设定到内核中。
在B机器中
1 | apt install tcpreplay |
在B机器中启动两个wireshark进程,分别抓包vmnet2和vmnet3。
当B和C中的strongswan都启动并连通后,在A中ping D的ip。
此时在B中抓vmnet3上的esp包,抓了几个后,点击对应wireshark窗口菜单
1 | File/Export Specified Packet |
将这些esp包保存为文件
1 | /tmp/esp-b2c.pcapng |
在A中停止ping D的ip。
在B的bash中执行
1 | tcpreplay -i enp2s6 /tmp/esp-b2c.pcapng |
其中enp2s6是网卡vmnet3对应的识别名。
可以看到,
当C中的replay-window参数设为0时,B中的vmnet2上会抓到模拟重放的icmp ping包,并且方向是10.2.0.10至10.1.0.10。
当C中的replay-window参数不为0时,B中的vmnet2上抓不到模拟重放的icmp ping包。
一旦重启B或C中的strongswan,使用旧的esp-b2c.pcapng文件重放时,不管C中的replay-window取何值,B中的vmnet2上都不会出现模拟重放包。
在基于
StrongSwan PSK RSA
连通的环境下。
四台虚拟机ABCD,三段Host Only虚拟网络vmnet2、vmnet3、vmnet4,DHCP都禁掉。
1 2 3 4 5 6 7 8 9 10 | A vmnet2: 10.1.0.10/24 gw 10.1.0.2 B vmnet2: 10.1.0.2/24 vmnet3: 192.168.0.12/24 <--这里变了 C vmnet3: 192.168.0.3/24 vmnet4: 10.2.0.2/24 D vmnet4: 10.2.0.10/24 gw 10.2.0.2 |
在B的bash中执行
1 2 | iptables -t nat -A POSTROUTING -s 192.168.0.12 -j SNAT --to-source 192.168.0.2 iptables -t nat -A PREROUTING -d 192.168.0.2 -j DNAT --to-destination 192.168.0.12 |
在B中用ifconfig命令查看vmnet3的hwaddr,比如为00:0c:29:5a:fc:8e。
在C的bash中执行
1 | arp -s 192.168.0.2 00:0c:29:5a:fc:8e |
修改B的ipsec.conf中指定conn下的left为192.168.0.12。
而仍将C的ipsec.conf中指定conn下的right设为192.168.0.2。
之后再重启BC中的strongswan并连接会看到第5条ISAKMP消息开始端口都走4500了。
以pcre2调试为例
1 2 3 4 5 6 7 8 9 | #!/bin/sh cd `pwd`/installed/bin mkfifo /tmp/pcre echo "<h1>hello</h1>" > /tmp/pcre & gdb ./pcre2grep -ex 'b main' -ex 'r -o "<.*>" < /tmp/pcre' rm /tmp/pcre |
/etc/apt/sources.list
1 2 3 4 | deb http://http.us.debian.org/debian/ testing non-free contrib main #deb http://http.us.debian.org/debian/ stable non-free contrib main #deb http://http.us.debian.org/debian/ unstable non-free contrib main #deb http://http.us.debian.org/debian/ wheezy non-free contrib main |
1 2 | #apt edit-sources
apt update |
NO_PUBKEY 04EE7237B7D453EC NO_PUBKEY 648ACFD622F3D138
1 2 | apt-key adv --keyserver keyserver.ubuntu.com --recv 04EE7237B7D453EC apt-key adv --keyserver keyserver.ubuntu.com --recv 648ACFD622F3D138 |
ubuntu repo names
1 2 3 | wheezy: debian 7.0 xenial: Ubuntu 16.04 focal: Ubuntu 20.04 |
refer to:
https://serverfault.com/questions/550855/how-to-add-debian-testing-repository-to-apt-get
https://yunwei365.blog.csdn.net/article/details/114930145
Use cgdb instead.
Let GDBW denote the command window,
let SRCW denote the source window
let TTYW denote the input window.
Cgdb basic usage
1 2 3 4 5 6 | ESC key in GDBW: switch to SRCW i key in SRCW: switch to GDBW T key in SRCW: switch on/off TTYW PgUp/PgDn key in GDBW: scroll GDBW PgUp/PgDn key in SRCW: scroll SRCW -/= in SRCW: decrease/increase SRCW size |
Patch: GDBW output is truncated.
cgdb/scroller.cpp:146
https://github.com/cgdb/cgdb/pull/269
refer to:
https://github.com/cgdb/cgdb/blob/master/doc/cgdb.texi
名词
1 2 3 4 5 6 7 | I帧: Intra-coded picture P帧: Predictive-coded Picture B帧: Bidirectionally predicted picture GOP: Group of Pictures IDR: Instantaneous Decoding Refresh DTS: Decoding Time Stamp PTS: Presentation Time Stamp |
WebRTC 之视频捕获
https://hyjk2000.github.io/2015/04/21/webrtc-video-capture/
https://github.com/uxctx/DesktopLiveStreaming