优海 – Page 26 – 人，技术，生活。

vim memo

June 14, 2023April 7, 2021 by euhat

# First,
apt install vim-gtk3
vim --version
# ensure clipboard feature added,
# then copy to system clipboard,
"+y
# Paste from system clipboard,
<Ctrl+R>+
# content of all registers
:reg
 
:marks
 
:version
:set nocindent
:set noexpandtab
:set paste
 
# record macro to register a, press q if end
qa
# replay macro from register a
@a
 
# open folder containing current file
:Ex
 
# Replace return, space and return chars in a series with one return char, entire file.
:%s/\n\ \n/\r/
 
# In insert mode,
# add char like above the cursor
<Ctrl+Y>
# add char like below the cursor
<Ctrl+E>
 
# till after "
T"
# till before "
t"
 
# exchange current window position with others
<Ctrl+W>r
# or
<Ctrl+W>x
:all
:vertical all
:only

Plugins,

SrcExpl
	https://www.vim.org/scripts/script.php?script_id=2179
	https://github.com/wenlongche/SrcExpl
taglist.vim
	https://www.vim.org/scripts/script.php?script_id=273
	https://github.com/yegappan/taglist

refer to:
https://www.imooc.com/wenda/detail/588162
https://www.cnblogs.com/bwangel23/p/4421957.html
https://blog.csdn.net/Coppa/article/details/108026080

国密备忘录

October 21, 2021April 7, 2021 by euhat

SM2用于替换RSA/Diffie-Hellman/ECDSA/ECDH等
SM3用于替代MD5/SHA-1/SHA-256等
SM4用于替代DES/AES等
SM9用于替代PKI/CA

gmssl编译指定路径

1	./config --prefix=`pwd`/installed no-shared

refer to:
http://gmssl.org
https://ai-science-ape.blog.csdn.net/article/details/113551179
https://www.jianshu.com/p/e41bc1eb1d81

gdb备忘录

October 27, 2021April 6, 2021 by euhat

save breakpoints file-name-to-save
source file-name-to-save
dprintf /dir/to/file.c:2368,"err is %d\n",err
x /8xw key
info files
info source
info variables
info locals
info args
set python print-stack full
dump binary memory ./file_path_to_save $from_addr $to_addr
cond 1 $rdi==0x0
thread apply all bt
set print elements 0
set follow-fork-mode [parent|child]
 
set logging file <file name>
set logging on
info functions
set logging off

refer to:
https://www.wenjiangs.com/doc/gdb-save-breakpoints
https://gist.github.com/nmcv/212250dc8eb865a5282e

possibly undefined macro: AC_DISABLE_STATIC

April 6, 2021 by euhat

1	sudo apt install automake libtool m4 autoconf

输出

The following additional packages will be installed:
  libltdl-dev
Suggested packages:
  libtool-doc gfortran | fortran95-compiler gcj-jdk
The following NEW packages will be installed:
  libltdl-dev libtool

refer to:
https://www.cnblogs.com/y4247464/p/14388334.html

数论备忘录

October 21, 2021April 2, 2021 by euhat

本原元=原根=生成元
quadratic extension: 二次扩域
quadratic residue: 平方剩余 
二次互反律
 
φ(n): 小于或等于n并与n互质的正整数个数
欧拉定理: 若a，n为正整数，且两者互素，则a^φ(n) mod n = 1

StrongSwan PSK RSA

August 17, 2021April 2, 2021 by euhat

四台虚拟机ABCD，三段Host Only虚拟网络vmnet2、vmnet3、vmnet4，DHCP都禁掉。

A
vmnet2: 10.1.0.10/24 gw 10.1.0.2
B
vmnet2: 10.1.0.2/24
vmnet3: 192.168.0.2/24
C
vmnet3: 192.168.0.3/24
vmnet4: 10.2.0.2/24
D
vmnet4: 10.2.0.10/24 gw 10.2.0.2

BC两台上下载编译安装strongswan 5.4.0，其版本信息可在config.h中辨认。

wget http://download.strongswan.org/strongswan-5.4.0.tar.bz2
apt-get install libgmp-dev
apt-get install libssl-dev
tar -jxvf strongswan-5.4.0.tar.bz2
./configure --sysconfdir=/etc --enable-openssl --enable-gmp --prefix=`pwd`/installed
make && make install

BC两虚拟机都指向同一个共享文件夹share。
在B中生成证书

mkdir cert && cd cert
ipsec pki --gen --outform pem > ca.pem
ipsec pki --self --in ca.pem --dn "C=CN, O=NetworkLab, CN=NetworkLab CA" --ca --outform pem > ca.cert.pem
 
ipsec pki --gen --outform pem > sun.server.pem
ipsec pki --pub --in sun.server.pem | ipsec pki --issue --cacert ca.cert.pem --cakey ca.pem --dn "C=CN, O=NetworkLab, CN=sun.com" --san="sun.com" --flag serverAuth --flag ikeIntermediate --outform pem > sun.server.cert.pem
ipsec pki --gen --outform pem > moon.server.pem
ipsec pki --pub --in moon.server.pem | ipsec pki --issue --cacert ca.cert.pem --cakey ca.pem --dn "C=CN, O=NetworkLab, CN=moon.com" --san="moon.com" --flag serverAuth --flag ikeIntermediate --outform pem > moon.server.cert.pem
 
ipsec pki --gen --outform pem > sun.client.pem
ipsec pki --pub --in sun.client.pem | ipsec pki --issue --cacert ca.cert.pem --cakey ca.pem --dn "C=CN, O=NetworkLab, CN=client" --outform pem > sun.client.cert.pem
ipsec pki --gen --outform pem > moon.client.pem
ipsec pki --pub --in moon.client.pem | ipsec pki --issue --cacert ca.cert.pem --cakey ca.pem --dn "C=CN, O=NetworkLab, CN=client" --outform pem > moon.client.cert.pem
mv cert /mnt/hgfs/share/

B中安装证书

cp -r /mnt/hgfs/share/cert/ca.cert.pem /etc/ipsec.d/cacerts/
cp -r /mnt/hgfs/share/cert/moon.server.cert.pem /etc/ipsec.d/certs/
cp -r /mnt/hgfs/share/cert/moon.server.pem /etc/ipsec.d/private/
cp -r /mnt/hgfs/share/cert/sun.client.cert.pem /etc/ipsec.d/certs/
cp -r /mnt/hgfs/share/cert/sun.client.pem /etc/ipsec.d/private/

C中安装证书

cp -r /mnt/hgfs/share/cert/ca.cert.pem /etc/ipsec.d/cacerts/
cp -r /mnt/hgfs/share/cert/sun.server.cert.pem /etc/ipsec.d/certs/
cp -r /mnt/hgfs/share/cert/sun.server.pem /etc/ipsec.d/private/
cp -r /mnt/hgfs/share/cert/moon.client.cert.pem /etc/ipsec.d/certs/
cp -r /mnt/hgfs/share/cert/moon.client.pem /etc/ipsec.d/private/

B中配置
/etc/ipsec.conf

config setup
	# strictcrlpolicy=yes
	# uniqueids = no
conn %default
	ikelifetime=60m
	keylife=20m
	rekeymargin=3m
	keyingtries=1
	keyexchange=ikev2
	mobike=no
conn net-net-rsa
	left=192.168.0.2
	leftcert=moon.server.cert.pem
	leftsubnet=10.1.0.0/24
	leftid=@moon.com
	leftfirewall=yes
	right=192.168.0.3
	rightsubnet=10.2.0.0/24
	rightid=@sun.com
	auto=add
conn net-net-psk
	keyexchange=ikev1
	authby=secret
	left=192.168.0.2
	leftsubnet=10.1.0.0/16
	leftid=@xxx.server.com
	leftfirewall=yes
	right=192.168.0.3
	rightsubnet=10.2.0.0/16
	rightid=@yyy.server.com
	ike=aes-sha1-modp1024
	esp=aes-sha1-modp1024
	auto=route
	type=tunnel

/etc/ipsec.secrets

1 2	@xxx.server.com @yyy.server.com : PSK hello : RSA moon.server.pem

/etc/strongswan.conf

charon {
	load_modular = yes
	plugins {
		include strongswan.d/charon/*.conf
	}
}
include strongswan.d/*.conf

C中配置
/etc/ipsec.conf

config setup
	# strictcrlpolicy=yes
	# uniqueids = no
conn %default
	ikelifetime=60m
	keylife=20m
	rekeymargin=3m
	keyingtries=1
	keyexchange=ikev2
	mobike=no
conn net-net-rsa
	left=192.168.0.3
	leftcert=sun.server.cert.pem
	leftsubnet=10.2.0.0/24
	leftid=@sun.com
	leftfirewall=yes
	right=192.168.0.2
	rightsubnet=10.1.0.0/24
	rightid=@moon.com
	auto=add
conn net-net-psk
	keyexchange=ikev1
	authby=secret
	left=192.168.0.3
	leftsubnet=10.2.0.0/16
	leftid=@yyy.server.com
	leftfirewall=yes
	right=192.168.0.2
	rightsubnet=10.1.0.0/16
	rightid=@xxx.server.com
	ike=aes-sha1-modp1024
	esp=aes-sha1-modp1024
	auto=route
	type=tunnel

/etc/ipsec.secrets

1 2	@xxx.server.com @yyy.server.com : PSK hello : RSA sun.server.pem

/etc/strongswan.conf

charon {
	load_modular = yes
	plugins {
		include strongswan.d/charon/*.conf
	}
}
include strongswan.d/*.conf

到此，BC两台机器中都运行

echo 1 > /proc/sys/net/ipv4/ip_forward
ipsec restart --nofork
#如果要以rsa方式
ipsec up net-net-rsa
#如果要以psk方式
ipsec up net-net-psk

最后在A中ping机器D。

refer to:
https://www.strongswan.org/
https://blog.csdn.net/puppylpg/article/details/64918562
http://www.hqyman.cn/post/543.html
https://www.cnblogs.com/hugetong/p/10150992.html

dpdk备忘录

October 21, 2021April 2, 2021 by euhat

nic: network interface card
kni: kernel nic interface
pmd: poll mode driver
eal: environment abstraction layer

refer to:
http://vinllen.com/tun-tap/

日语对汉语拼音

December 16, 2021March 31, 2021 by euhat

n ん
ng い
iu ゅう
ou ょう

refer to:
https://www.bilibili.com/video/BV1es41127PE?from=search&seid=11101436971240675305

cannot find -lcurses in ubuntu

March 31, 2021 by euhat

1	apt install libncurses-dev

gvim保存配色字体

September 15, 2021March 31, 2021 by euhat

1	vi /etc/vim/vimrc

加入

"colorscheme torte
colorscheme koehler
set guifont=Monospace\ 9
set guioptions=aegimLt
set cindent
set number
set hls
let g:SrcExpl_isUpdateTags = 0
if has("autocmd")
  au BufReadPost * if line("'\"") > 1 && line("'\"") <= line("$") | exe "normal! g'\"" | endif
endif

refer to:
https://blog.csdn.net/wu407797466/article/details/7939148?utm_source=blogxgwz0