tag:blogger.com,1999:blog-44140172900573904182024-02-21T05:53:28.479-06:00binarypowerUnknownnoreply@blogger.comBlogger28125tag:blogger.com,1999:blog-4414017290057390418.post-58308752694881594652023-02-11T17:27:00.000-06:002023-02-11T17:27:14.048-06:00Java based Dell iDAC tool to connect to multiple hosts<p> </p><p>If you have problems connecting to older Dell idracs that require an outdated java, you can use this app. It's a simple batch file on top of a standalone java bin with the security settings preconfigured to work. </p><p><a href="https://mega.nz/file/a6Z0wSZQ#_n5El6kOX6N57wMw6GNmCJeeMI-Kp-gSKSK_TOnjdr4">https://mega.nz/file/a6Z0wSZQ#_n5El6kOX6N57wMw6GNmCJeeMI-Kp-gSKSK_TOnjdr4</a></p><p>Just run the batch called <b>idrac.bat</b> and the script will ask for the server url (for the idrac and not the main server) and login details. Then it will launch the internal java and connect you to the console with the full ability to mount ISOs.</p><p>No need to authenticate on the idrac website for it to work beforehand. It's pretty quick too.</p><p><br /></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEjM5_Pz17QQ2EMeDIk2lC7jhL1GGJevAKj8hGh1S3W421wx9NXEtCSh_dDishFV7Zpqu71hEpRwSDc7fy1ayUmrI2pcgzLi3AQhmGc83PKX7kxteJ0AosaH_YqYt1LnbryG7aleASAoihYqquXOlYRoXmGKYW6x819WuUWe63ddrpaW3mFbKC2U6-LG" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="1113" data-original-width="1955" height="182" src="https://blogger.googleusercontent.com/img/a/AVvXsEjM5_Pz17QQ2EMeDIk2lC7jhL1GGJevAKj8hGh1S3W421wx9NXEtCSh_dDishFV7Zpqu71hEpRwSDc7fy1ayUmrI2pcgzLi3AQhmGc83PKX7kxteJ0AosaH_YqYt1LnbryG7aleASAoihYqquXOlYRoXmGKYW6x819WuUWe63ddrpaW3mFbKC2U6-LG" width="320" /></a></div><br />Virustotal <span style="background-color: white; color: #20242c; font-family: "Google Sans", Roboto, RobotoDraft, Helvetica, Arial, sans-serif; font-size: 13px;"><a href="https://www.virustotal.com/gui/file/248a0fa3f2f4c673366a56db4528aabf6a02e84f9c63324ab5538f6220a6a800/details" target="_blank">248a0fa3f2f4c673366a56db4528aabf6a02e84f9c63324ab5538f6220a6a800</a></span><p></p><div class="row" style="color: #20242c; display: table-row; font-family: "Google Sans", Roboto, RobotoDraft, Helvetica, Arial, sans-serif; font-size: 13px; line-height: 1.7;"><a class="label " style="color: var(--vt-ui-key-val-table-property-list-label-color, #333); display: table-cell; overflow: hidden; padding-right: 20px; text-overflow: ellipsis; vertical-align: top;" title="">MD5</a><div class="value" style="color: var(--vt-ui-key-val-table-property-list-value-color, #333); display: table-cell; overflow-wrap: break-word; overflow: hidden; vertical-align: middle;"><a class="">60890fb832764ec4173767f3f34dafb7</a></div></div><div class="row" style="color: #20242c; display: table-row; font-family: "Google Sans", Roboto, RobotoDraft, Helvetica, Arial, sans-serif; font-size: 13px; line-height: 1.7;"><a class="label " style="color: var(--vt-ui-key-val-table-property-list-label-color, #333); display: table-cell; overflow: hidden; padding-right: 20px; text-overflow: ellipsis; vertical-align: top;" title="">SHA-1</a><div class="value" style="color: var(--vt-ui-key-val-table-property-list-value-color, #333); display: table-cell; overflow-wrap: break-word; overflow: hidden; vertical-align: middle;"><a class="">5a09b5feaed6ae075935f8467dee01db2c880b57</a></div></div><div class="row" style="color: #20242c; display: table-row; font-family: "Google Sans", Roboto, RobotoDraft, Helvetica, Arial, sans-serif; font-size: 13px; line-height: 1.7;"><a class="label " style="color: var(--vt-ui-key-val-table-property-list-label-color, #333); display: table-cell; overflow: hidden; padding-right: 20px; text-overflow: ellipsis; vertical-align: top;" title="">SHA-256</a><div class="value" style="color: var(--vt-ui-key-val-table-property-list-value-color, #333); display: table-cell; overflow-wrap: break-word; overflow: hidden; vertical-align: middle;"><a class="">248a0fa3f2f4c673366a56db4528aabf6a02e84f9c63324ab5538f6220a6a800</a></div></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-4414017290057390418.post-43904273951702952752020-06-19T17:37:00.000-05:002020-06-19T17:43:55.159-05:00Simple guide to create a self hosted SWG server on Ubuntu 18 using SWGEmu (update 2020)<div dir="ltr" style="text-align: left;" trbidi="on">
If you want to set up your own Star Wars Galaxies dev environment on SWGEmu, it's pretty straightforward. There's a lot of info out there, and this doesn't cover all of it, but it's a simple how-to that allows you to log in and play around.<br />
<br />
<br />
We're going to use Virtualbox and Ubuntu 18 Server. You will need to install <a href="https://www.swgemu.com/forums/content.php?r=179-Install-SWGEmu" target="_blank">SWGEmu</a> beforehand. We will also create a shared folder with the host in order to copy needed game world, so Virtualbox Guest Additions is required<br />
<br />
Install Ubuntu 18 Server with a static IP and at least 4 CPU cores and 4GB RAM (<b>the more, the better</b>).<br />
<br />
<br />
Find the SWGEmu Folder location by going to SWGEmu Launchpad > Settings > Options and note the location.<br />
<br />
<div style="text-align: center;">
<img alt="" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAV8AAAEPCAYAAADlO8d2AAAev0lEQVR4nO2dT4gj152A67LsHnOdQ8C72c2yu5kQIpC9WucP/hOb8bJrY3tnpzfeyJu2Zmcm49ZhSJrJQSGBdMhBbgw5u6lACIgh+FIMODD0IQeRpgMBs5BWYmYuOVo52Am5/PagqtKrp/fqn6rqlaTvBx/dXdKr9+rp1aenV9X6ecPhUAAAoFm84XAoBEEQRHOBfAmCIBwE8iUIgnAQyJcgCMJBIF+CIAgHgXwJgiAcxHA4FG9/f991OwiCIHYq9vf3mfkSBEE0HbmXHR4+fCjf+ta35JVXXpFvfOMbcnp62kDzCIIgtjNyy/fmzZvygx/8QKbTqbz33nsyGo3ke9/7nnz00UcNNJMgiE2MDz74QB577DHxPE88z5Mvf/nL8uGHH7puljE8z5OzszPr42dnZ+J5XmX15ZbvN7/5zZVt77//voxGI/nDH/6wXiuCQfzieJ4nveOLcvu5OJae15OyxQmCqDYePHggo9FIPvzwQ/nZz34mnufJW2+95bpZxjg7O5O/+Mu/Mgo47bGykVu+v/jFL4zbf//738t3vvMd+dOf/lSuBcFAvIQwL+S4l1fAgQyQLUFsTHzuc5+T0WjkuhnWMEm2DvGKFJDvn//8Z+tjv/71r+VHP/pRieoXoh0E+uZj6XkD0TevBvIliE2Jt956SzzPk1/96leum5IaqmzrEq9Ihff5vv322/Kb3/ymWCGrZC/kuBdJNRRscCy9xLJEIANlqcIbBLIi44tlGc9TJR8+73hgWOpYvCGsliEIomy888474nmevPPOO66bkisi6dYlXpE15fvb3/5Wbty4ITdu3JDr16/L1atX5ezsTO7cuSMHBwfywx/+UH73u9/JjRs3zDu4OJZe71hWJ67qjDiUbPS8xLquPvNV/16Ui+W5Ui4StoRLH+GbQDBYbicIopL4xCc+0dq1XlO0Xr7vv/++PPPMM3L37l355S9/KS+//LI8++yz8txzz8kLL7wgt2/fjp9jjCIzX8XQwUAVs0W+hn3nL7fGRT+CIFbC8zx58OCB62bkio1Ydnj06JF897vfjbl69ar89Kc/Fd/35cc//rF8//vfl9FoJD/5yU8se8iz5quLUp8VVyzfuAk9lh0IoqJ48OCBfPDBB66bkRmtvOCWJ65duyYPHz4sVkj9yL/YIIPEzFP7O1XMWcsOecot4+K4xwyYICqI0WjU+plva281y4p3331XXnjhBfnjH/9YvLB2n29ytrkQ42DQMz4eDPJecEuTrfJ3oi157rggCCIrPM+Tfr/vuhmp0dp/sjDFRx99JPfv35eDgwN57bXX5Oc//3llDVsGt5MRBLF9sQFfKYl8CYLYvkC+BEEQDmID5EsQBLF9gXwJgiAcBPIlCIJwEMiXIAjCQSBfgiAIB4F8CYIgHATyJQiCcBDIlyAIwkHE8p3P5wAA0BDIFwDAAcgXAMAByBcAwAHIFwDAAcgXAMAByBcAwAHIFwDAAcgXAMAByBcAwAHIFwDAAcgXAMAByBcAwAGl5NvpdArj+kBhN2BswqZQWr5FggEOTcHYhE3h6aefbqF8z4+k2z2S86Y7ZNIXz/PE8zzpTyret6tj2jGQbwaMw9bgfuarCM/zPPH6E0cDZCJ9rytH5+HfVbRB3ce2DPqyx9HQ8ecZm48ePZLnn39e7t+/X3xsNtlnefarti/PpKEt43DddrTlONbAqXzPj7rieX2ZKNsm/b5MXHTs+ZF01bYg3+xjaqJcQbLGZiTeW7duyccff1x8bDbZZ0X3G8o4VcBtGYfI16V8z+Woq8w0bR2beHdfDv7FyRFuNz7XvO9Eufg5E+mrM4juHbnTXf7dPTo37zts51HfWzlRF8en7OPOHeW52iwlR7tXZjnhMRuP5/xIut2+9LtRPcu2FKlztY+1Yzo6T6lf7ZeMchWeRGljUxdvqbGZs8+XfW0eBwlhdo/k3DSWsl4jk4Cs546tncnXbKVdKWPPPj6V9hv3aeoTQ9/lLX907lykmyVffaZpHEALKUbCOD/qLpcllLKLGclE+kVnrpP+8qNk2uCz7TtrpmEYwPFzJ/1wEOdpd7IfrMcWHc/5kXSjk2rSX55gReo09nFGvybq1/plpS8M+66ATqcj9+/fl+eff14ePXqUKt5SYzNPn0fbTRKyjbOVPsv5GhnHSsr5oLXz/Ki7GBPW8Z9n7KWcp2lCT4wHQ9/lLb+huJWvrfO02UDyY1U0sLTZpmH9a3U2anhe1kmRtu+sAVDgpEttd9FZSdogz1unqY9tbUmr31jOsu8K6HQ68vHHH8utW7diAdvEW2ps5j5m5RpC3nGQ1q95Xou43nBs5hmz0TlVpF1ZbwJZ+8w6N6K+exf5Ggf42vLVL3CZXkyrfNV95BRhXN5yUa3Mu2xV8s0zQ7eK23A8eeSbe+BqokybsaTtP2XGVKWEo7GpCtgm3tJjM9cxVyDfPOPZ1s95x2yWKG1jb519Zp5fyDdzgK8n3zwX3OwfZ/rxOk+0Pqd9PMoxWOOPXGkDKB4Mhn3nmiFlrX/laLftTgzb8WQO8nx9tdrH6cdk/Qhr6AvjvisY0OrYjARsE+96YzPjmFVp6X2mX7uwyrvoxTO1TL4xa1vKW54bee4Cyrc8uHK+2c6NqO/ylt9QnN9qlrx44a2uFSU+PiVluLLgbvo4qNU3US54dfv91HfS6LmrF9xSPl5b6rNeaMnZ7pXbnsLnGI8nzwwjs05LH2v9klm/sT/ftu57XWofm2l9nrJEoPaZut/UPst6jVbq1N7EbGPWsk9ju1LG3tzaFvOF8cQ+9XPD0ne5ynPBrdwAhxKoFwohgbOxuQUfg3NRx9jblb7T4LsdNgR1tlXHhaptwdnY3GKB1D72trjv0uBbzQAAHIB8AQAcgHwBAByAfAEAHIB8AQAcgHwBAByAfAEAHIB8AQAcgHwBAByAfAEAHMC/FwMUhPEPVcAX6wAUhPEPVbBZ8t3mL+Agbf3G4FS+676WTY2FovWkPT/r3CiVJMA9tck3Mz13Fd/CX8dAc/ICkra+1tem4uOvbPwr3xEcMelbvi8363VNO0YXY6GyczUlq4hedsPGeS3yzZWeO3eqmTpe0IrLrIv+rfzIt9rXpmH55h//fel39TfdbvnUVG0aC1Wdq3kyViBf88ATKZCk0NSJtm/eT2w3vTMa0ktbvm3fWiaR7n3xfHPq+UW5ZObZ1TaRtj5/nW1OW1/l+J8cdeNMDJO+J/0ji0hWzo2MlPRFx4JpPFleJ/M4LnGuFsym4n32X+WzaX1ika/59U7uuz9JG8+Wc8eVfKtJz61+SbOW6sSUayyxPcdMMbHdkmcqrUzYRmtnq9/qb/vdBmnr7fvTZjttS1tf2fhX+yNLJLaJSZllB9NYWOm3nOdYPI6Lnqs5x1XaMeaRr/H11idLBcaTnlB0DUrLt5b03EUG4Iq4LWni0164omWUwWt+J13sb9JPuTBgmxnY5Gs71iJLNOv0Y5G25ZFDrteu3Wnrqx7/UaYIdQa6jnwTec+iT055BWbrW7XP8vR71uudOuEoMY6tM1/D651WV97jKjl2KpGvyJrpudeV77prXWXkq87qDI8vpKu90+cpmyW4zFl9iWPP24+kra9//KtjsYmZb175WgWVo9+zXu/G5Gt4va2TqgLHVXDMVC5fdQAWTs+dR77a2mkynXWOtZeEYAssO2Sme9fbo5a1ZFNNK5v6xkDa+ralra9t/Ov9m5ViPu01LjoWVsoXSD1f6ly1PT+lvqw+sbz2q6+3Ydkh73hqk3zzxFoX3JR7/FZSvacu1i+wp3+3z3is6d7nKannc5zMpK3PW2e709bXNv617XlSzKeN1UJjwfqmlfN1L3Ou2p6f0k+pfZL6CUd7vbU29Sc5xnPa61aCzfoni7ZT4WJ8ayFtPeMfKoHvdqgQ64W2DYe09UkY/1AFly5d4lvNAACahq+UBABwAPIFAHAA8gUAcADyBQBwwHA4FO/g4MB5QwAAdonhcCje7du3nTcEAGCXuHTpkng3b9503hAAgF1iOByKt7+/77whAAC7xHA4FO+rX/2q84bsInfv3gVoDWlj9d69e5BBKfm++OKLzkW0i9y9e7fQdwQQRF2RR74PHz4EC6Xl+6UvPOFcRLsI8iXaEsjXkXyf+PxjzkW0iyBfoi2BfB3J92uv/ZtzEe0iyJdoSyDf5uV7ZX8o3nD4Feci2kWQL9GWQL7Ny/fylX3xhsMvORdR6yibO61p+V4cS693LBfr76kdse7xbFt/NBQbId/TkXQ6Izl13Y6K5PvkpSfFGw6/UFxMemoOYx4yNaVOMrGkmg7Emi7H85apx6uQqS0ba5vkGwySbRwEqSfNxXFPet/+tvQSxzWQ9FIO4+JYa2vY3kiaa8rz4rgnveOLlXribeq+L46l5/XkON4QyEDpu4vjXqKdpv0uUPexmeFMvqcj6Sh92RmdVi/fBqRdRr5Xn7wk3nD4ZKFCfV2q/YlRrt1ud5nZQc9Npec+6xfNbFtCvkX27UC+i5M9Kc5gkC7SYNCT4/c0qQQD8do6+8uS65ryDQY9Ob4IZKBLdRCISa69Xk8Gyw1x3RfHPa0PL+R4sP6bQ1vDjXxPZM/ryOhU+XvvZGfkO9y/It5w+C8F5WueMU76SylP+n2ZTPrLhHXx71o23NzC60u/GyW7W2QfjRLf5UpDnZndVZsN50n4mNiuZNjtHslRPzvlTlK+F3LcS5lBrczSRGKZrAghuf14oMyGEzM3Rez6jE6Zharlk7PBsD0Xx9LrDWTQW2wfBBdyHP9uOA6TvEwz30SblseeaIPpuDXJJnpssNxPMBhIEAwWM9rFhvB3Xd5525/SB6ZZd4sk7k6+e3JiE2b82oeCViVqejze53Ic752cyqiTc2bdtHwXXylZbM03zumlJVI8P+qGgg1nsvOJ9JWMp0ZRWiWoZeqN5DbpL0UXJazMK1/jsoMlpbwt1XliuyLXRMrvfLncEvK9OJZe2nKBSb7BYLEsoZ3I8awtlNdSgIEMlL8vjnvhskZye0KEJoGa6o/aFgyWojTNwHMvO2gCTbRpuT3xySBqj4gEA/OyTbwsEc1kJZBB2MZgYBFlVvvjdqX0AfI1crIX9mFixqtJOZJuLF/L4w8Xot072ZCZ73Ao3mC/5N0OUernSMLnR9KNxNWfLCTc7csk/qmLcTmDTU2HnpWOfJ2Zr3Gtui+TrH3bZF5gWWJFvgVPxoQsdBmY9mlc8zTMnNPWX1NmyCt12srnmfnaJB2+UZjWteP+SG5MSvjiWHrRG8ai8+S4N5Ag/qm3cTmDNUrUdFym35FvOid7Swlr68AL9uRElXDa46ZZdFvl+8UnPl1OvvO5JNd6w98nfWUm2Zej8+UM2LjsYBNd2+W75ppwctkh5aOuMZRlijxCsP3tLT56e3nkq8++bUsFVck3VU66hNOWbdRZdPh7MFA+AQwW68RxfYbXIqtdyLcCwhltlkSLSrbN8u12/qlQoa663KDJZtJfXGiL5TrpS7fbXa79zg0X3KqQr34nRe413zzLDsvjWe5bW45YW74ZF9xs4tN/T+7QsBZsW3bIkKphf4nljarlqy+FKM8bLBtqfgOKZ7XmOoPB4kLb8XKD9Hq95dqvemzW9qX0tU2++p0Uuy7f05F01OWGxLJC2vKB5fG0ZQfb2rJr+T7zzDOFCsVLBYZbwYxiNUiq0K1m72bIV9tft9+v9oJbtLyi79t0IW4N+Yqs3t6U+LisXXTqLf/IKd9oP4YLbvotbhbRxGupnie9waC+me9KW6PllGjG6y1v/9L7Q10q0C7WxX28MqNfFX2hW83ey+4DdX9x3+n94CjczHyTF8MSF870pQV9xmt63LA9EnG0tty6C24vvfRS4YKwPuv8k4VxfbOqUC5cbUrU2h87EO1YdthcSsuX7/PdNPnab6UqG+qMttX/pGGM6vtj1wL5Ni/fy5eviPfGG284F9Euwnc7EG0J5Nu8fIfDITnckC+x64F8m5fv5ctXxHvzzTedi2gXcZ02BkAF+TqQ78HBgXMRAUB7cZ0fbRMo2qeXL18RbzgcOn9xAQB2CeQLAOAA5AsA4ADkCwDggPArJYfOGwIAsEsgXwAAByBfAAAHIF8AAAcgXwAAB4QJNIfOG1KIOrMcAwA0QD3yLZo9OM/jCudHXeneuVO8DgCAlnDl8qWWyLcAk76W3QIAYMNofuYb/jzqL7+8O5lSfpEbLc75pqaNn88lTtK5Vh16O7PqBACollLync1mqWTKV83pNumv5j6LE2Key1FXk+CkryW4LFmH+vysOnMcMwBAI/JNfU6OWWlW5uIoIaaa9Xg+n8ukb5nFlqhD34etTgCALLZGvlHG4KQIlVlpDfI11wkAkE1h+Za5zze7kon0TSnlTcsFRjGG67r6fixp4+ep+9K2R6nh53qae0udAAA5aIl85+EaqpIR1ybNFWEuLn4l1mtDYZ4fdbWLYmrGXeUiXMoMN1pa8DxPuv1+Zp2uX1AA2AzaI98aiNd7W9DRAAAqWyzfaFnAfScDAOhssXwBANoL8gUAcADyBQBwAPIFAHAA8gUAcADyBQBwAPIFAHAA8gUAcADyBQBwAPIFAHBAKfkeHBzUWgkAwLZTSr63bt2qtRIAgG2nlHy//vWv11rJLnJ2dgYAW0Jt8r169SryrUG+BEFsftQq32ee/iLyrUm+rtsBAOWpXb5Pf/FThQoh32yQL8DmU7t833zzHwsVQr7ZIF+Azad2+Q5v/32hQsg3G+QLsPnUL99b/1CoUOvkOwtkPA5k5rodCsgXYPOpX743LxcqlLeShBBngYwPxxLMosen4h/6Mq1CnLZ9OJRyIfm28M0DABqR7+cLFcpbiX/oyzQqE4xlPB6LPw0fr1I4LZQXM1+Azad++d54vFChvJVM/eVMd+r7Mp36Mg7CstHvkTjDn4F/KIeHCxKiPoy2q7Nn5fGxL/5Ye06Ofc+CcbxNL7d4vi/T+UyCsdKe+VR8UzsUEvJV3xxmgYzjN6WZBGNl9r9OHwBA5TQg3ycLFcpbySwYh7KdSeAHMptPxQ8lNPVDsajiUWUz9eVwHJZRZtDGWa62pDELxouymfvW2jz15dCfxqJbylZ5TP/dQnLmuzyGWTAW3/fDfYf9UUUfAEDlNLDs8FShQrkrmQUyjmTmTyWe6cU/5yuz08QasSKkwwSKiNTnqn8frs4oV/YdP1fZt+n587moAo3fOFKOXV92iD4FTP2wXWq/VNEHAFA5Dcj32UKF8lcSCmvqKx/zfQlmyxlwLvFkzfLKyle/CJhR50K62izUgi7fWTBelB0HMovefKJ+qaIPAKByGpDvE4UKFalk6i8utMWCm/oyHo+Xa7+Zs9Op+PoSgI5WdhaMl8sHBaS2slxhqufwcNn2FFYuuM0C8ZXjngW++L5vXJsu1QcAUDkN3Odb3z9ZxEKLtunrmmWXBtR6bI/n2PdUubg19v2MmeZMgnG+i12rdztoF+nUdecq+gAAKqeBme+nCxVq3T9ZNIXtQp0BbjUD2Hzql+915JuHPBfaIpAvwOZTv3z/5+8KFdpV+RYB+QJsPvXL92vIt2r4MnWC2I6oV77//bfItwb5AsB2UJt8D15DvgAA64B8AQAcUHLNF/kCAKxDOfm+zgU3AIB14FYzAAAHlJNvH/kCAKxDuezF/8WaLwDAOpSS783//FStlQAAbDul5Pu/V5HvJuD6RnOAXaU2+V5HvhvB2Rn/skwQTUet8h38B/LdBCL5um4HwK6AfEHmc+QL0DS1y/eNV5HvJoB8AZqldvnuv4J8NwHkC9Astcv3OssOGwHyBWiW+uU7qCeN0Go6dzX5ZJiCfdfSoq9xvMgXoFlql2/n8icLFcpbiX/oyzQqEyxSyK9kLW5BBzcK8gXYGGqX72c+85lChfJWMvWXM92p78t06ss4CMtGv2tp0wMllXtC1HHadHPq9lkwXqZVj56T2Gf4RmBKwW5L2T4LZDz2xR9H7ZlJMM7RNuuxLMsfHh7KOJgl250hZeQL0Cy1y/fxxx8vVChvJbNgHMp2JoEfyGw+FT8UTJwJWBWdKrU4Tfs0MYPONXOc+nLoT2MxLjMOT8XXxZkl30ioU38p16y2WY9Fa/8skLFSfuor+zKAfAGapXb5Pvvss4UK5a5kFsg4kqA/lcXMz5dp/HOeU4DKTPVQmcXqdeWd0ZrqyNpu+t3WtrR6E48t3gyMx2MA+QI0S+3yffXVVwsVyl9JODOc+vEscBb4EsyWM+BCArShX8yzlVVnoEXrtsnX1Lbc8lX7KVvCyBegWWqX7+uvv16oUJFKpv7iQlssxqkv4/F4ufabJUB9qcCEVnYWjM0z3/lUfJuktYuDK+WNv1valiVfZf3Zj/phPpNgbF7PjkC+AM1Su3xv3LhRqFCRSmKRRdv09dBM+c7NSwpaPVPl4tbY9+0z06mfXCYIH1cvfBnLp/1ecLkjaus4+Hk4411egEvrS+QL0Cx1yvfK/lC8N998s1Chrfkni+jCnOt25AT5AjRLnfK9fGVfvOFwWKjQJstXnSHnvdDVFpAvQLPUKd8nLz25W/LdZJAvQLPUKd+rT15CvpsCX6ZOEM1HbRfc9q8g303BdSoVgF2lFvkOh8gXAGBdkC8AgAOQLwCAA5AvAIADkC8AgAOQLwCAA5AvAIADkC8AgAOQ74bj+mZyAFilHvnu2BfrtJ2zM/6FmCDaFHXJ9yoz33YRydd1OwCgge/zRb7tAfkCtAfku0MgX4D2UKd891l2aBfIF6A91Clf7nZoGcgXoD1srHxXkkiqmYOjtPJ5UsNnoSexPDyUw8P0TMCF959oY3am4bIgX4D2sLHy9bV07OPxeDVrcRWdVOW+jGiyrbE+5AvQHjZWvlN/Kayp78t06i/To0e/a6njAyXBZULUaTNamwxt+5wFMk4kz5wm3iiMxxyMV9quppuP25Woc7HPxPMypI18AdrDxsp3KayZBH4gs/lU/FA+U18RYSRfVbhTPxSVJkaTaE3LDqn7VOqPtmelkFeekyirP67XqYl+6qdLHvkCtIeNle98Fsg4EpI/lcXHd1+m8c/5ysw3sUasCDS5nqsJLGPmu7LP+VyTaZ712+hNQGu7SfiJtkzFL5CmHvkCtIda5VtvAs1QWFM/ngnOAl+C2XIGnEu+WeurZeQbS1RpSwZTfyzBVHlDOTSsA1vbm0/CyBegPWywfBfCGqsXq6a+jMfK+mmWfENprXzMVykl38WyiO/7ybakyXHqJ9eNtX0ZZ76zQPxo/znukkC+AO2h1v9wu3xJvIODg0KFilQSSynaZloTTZXv3PzxXq3HdqvZWbp8V2SbJV9t/XmqXMgb+75l5hvNeMPnBel9h3wB2kPtM9+bN28WKsQ/WdQH8gVoD7XL9/XXXy9UCPnWB/IFaA+1y/eVV14pVAj51gfyBWgPtcv3y198vFAh5FsffJk6QbQrar3P98pX/hr5tgTX6VIAYJXa5Pvav/8N8gUAWINS8n3p2cdqrQQAYNspJd+Xn2PZAQBgHUrJ941XP1VrJQAA204p+f5z55O1VgIAsO2Uku/jj3drrQQAYNspJd+nnnqq1koAALadUvJ98cUXa60EAGDbKXef72uv1VoJAMC2U0q+169fr7USAIBtp5R8b9++XbgSAABIUli+RTNZAADAeiBfAAAHIF8AAAcgXwAAByBfAAAHIF8AAAcgXwAAByBfAAAHPP3008gXthvv8P8gg6w+vHfvHmRQdFwy84Wtx7XYNoGsPrx37548fPgQLCBfAAORYFyfoG0E+VYD8gUwgHztIN9qQL4ABpCvHeRbDcgXwADytYN8qwH5AhhAvnZ2Sr6nI+l0RnJaw76RL4ABV/I9HXXE87yYzujULIGTPfE8T/ZOdky+4XHH7J0gX4BtwoV8T0cd8RIn+onsRQJWJXA6ko7XkdFp8+J1Kd/FG9OenCjbTvaSfyNfgA2nefmeyJ5JqNHJr/50KF538j2VUcd+3MlPDOHzwj4b7S1nystPCos3tsT205F0LPtAvgAN0bh8rSf5iex5e3JyOpJOp+NcvM7kezqSjpdzlnuyt1iOCGUaC/dkL/xkcSqjjr5kE/az/nogX4BmaaV8vY6MRnva0sQOyTftuBOzVm/RR3qZNKHq5T1vscSBfAGapbXLDg/Dj9h1X2hqm3xt/ROLU3nMJtks+Zoki3wBmqXVF9zCj83xnRA7Id+UC26aION+tMnXuuxguHsE+QI0S1tuNYtlsCIBRcw7Il9T/0SfAE6Ui2qdvb30mW/0e+oFN8vSBfIFqBf+yaKd8t0mkC+AAeRrB/lWA/IFMIB87SDfakC+AAaQrx3kWw3IF8CA6ywRm0BWHyJf5AtQGNdi2wSy+tB1frRNoOi4RL4AAA5AvgAADkC+AAAOQL4AAA4YDofiXbt2zXlDAAB2iWvXrol3/fp15w0BANglrl+/jnwBAJoG+QIAOAD5AgA4APkCADgA+QIAOAD5AgA4IJYvAAA0y/8DaWAPQQ70qesAAAAASUVORK5CYII=" /></div>
<br />
<div style="text-align: center;">
<i> For this install, the location is <b>C:/Program Files/SWGEmu</b></i></div>
<br />
Create a shared folder in Virtualbox with that location.<br />
<br />
<div style="text-align: center;">
<img alt="" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAocAAAIRCAYAAAA4Kxe8AAAgAElEQVR4nOydeZgcVaG+C2IAZRVECVyWqwIaSYAEB62Lyl28Ily8GpDID3LTSlIh60ySmUwySYhEYABFStQLGgWUXJZMMKDQhEU6C4QAYcjUzGSxE7IQyJ5Mdsgy3++P7q6uqj61dHd1dXXX9z7P90x3ddWp6tNd1e+cU6dKqqurA8MwzhkzZoyewYMH69O//Z2ry75tDMMwjH2GDRtW9m2otEh1dXUghBBCCCGEckgIIYQQQnQoh4QQQgghRIdySAghhBBCdCiHhBBCCCFEh3JICCGEEEJ0CpLDwx+sBLqPYP8rf8S2UV/EttHnY9vo87H/5T8A3UdSrxNCCCGEkIojbznc+8x92HLL2dhaezG2DD0P3RunAVunA1unY/OQc7FlTF9sueVs7Gy5u3RbTQghhBBCSkJecrhnzi+wdeyFONg6Cjt/+Q1s+vFZuhhi63RsHnoOutRv4uA7I7Gl9gJseHhyiTefEEIIIYT4iWc5PLi+Ex8O7oWP3xoObLndNR8vUvDh4F5Ys+ilAN4GIYQQQoh31qxZg/POOw+SJEGSJFx55ZXYuXNnuTdLiCRJWLJkie3rS5YsgSRJvq3Pe8vhkcP44NYLsP2ey4GNU1yz7c7LsP6WL2Deq3/Hnj177MuNK/oHI0kK4gDiigQlbpoJiiRDTVqWM86UVCHr5UiQZBVJ47zp6bKpkMxrqfUWhGD7CyapQra+T0IIIYT4TiKRwLRp07Bz507MmTMHkiTh/vvvL/dmCVmyZAl6HnucUBCdXisUz3K461kV6wedgfU3nY7u98YD6xr0dK8aa3p+5B91WH/T6Vh38+fQ/suR6O7uFheaVCEbhSqpQk3ZoVD8jGKXVOXsc4FUxZVMuXEokvFxZr4kVFmCpCiG1/PEbvttsUquQHoJIYQQEjiXXHIJpk2bVu7NsEUkgaUQQwDo1auXNzlce+NpQHJUTrbccQnW3ngatt37VdP0I5qCI21DsfbG0/Dee++JC40r5ha+DEkVsmF6UpWhqCpkXRiTUGWz5Cl2UmYRTZNUpmYoXA7ttt9+AcohIYQQEjLuv/9+SJKEd999t9yb4ohRBkslhgAw0GvL4eobTgE6bzGluy2G1Tecgjdn3IHVN5yC7rZYzjyrbzgFiUTCptQ4FFFXb478yVCT1hbA9GNr6521JKsMWlsli5FD2+2HpZtbQTw9r94FrSiW53GYZTH9WLXpEjeUL6tqboto+jVbaSaEEEIIHnnkEUiShEceeaTcm+KJjBSWSgyBPLqVk9efBLTemJNNt/dG8vqTsOXOi4SvJ68/yUEOAaPMGEUme95hHEq6dS6upAXIKHiCVsaUGKXmLa0c2m2/pUUwrqS3wa3l0CqHUnZbTedGpl7LVoGsv9/c90cIIYQQO0455ZTQnmsoIlRyuG32z7F8wAlY8YPj0f3a94BF/63H+hyL/hsrBpyA5QNOwNv33Ooih2nSLWG612QkxyA7GdHLPd/QKndZySpKDnNa/zxuv3VwjLBlEC7PHV6zCHHOa3atmYQQQggxIUmSN08JAUF1K9fV1UEaPHiw+5xHDmP5jWdgQ8PZQOLbrtkw4Rx03PBZzE+8irVr13ramKQq57QIxlU5K4xJFbKiGrqcAfF5e4ZppTzn0G77bbu6A5BD47awW5kQQghxJJFIYM2aNeXeDFeCHJDiueXwwOp30XHtsdj36CXAi1cAL16Bw3/9mv449fzr+uO9f+yLjmuPxRtPP2o/WjmuGoQm1T2bFbdMd61VkHJb8VIiZJxmbUkTjVY2zlvogBS77bc7F9EnOXTqVjaQK8KEEEIIMTJt2rTQtxyG9lI2ALDuoXFYfsOnsPf3X8aaEadBu6Yn8LfL9LRfewzWDD8Ve3/3JSy7/pN46/abkEgkHK5zaB2kYVa0pCrnjAaOK7nzpV8wdePmdCXbDtAofkCKcPutXcvp1+KK03Ovcmh+T6YBKX5ed5EQQgipciRJQiwWK/dmOBL0RbA9j1bOsOy+YVj63R5ove4zePfqnsBf+uh59+qeaL3uM1j63R5YPO1HSCQSWLVqlW8bS2xwGbFNCCGEEOIVz9c5NLLy1WcwL/Eq3vzFKLR+5yg9i345FvMSr+KN2Q9TDAMkrkh5Xm+REEIIIURMXt3KRnbv3o3u7m6sX78eiURCz4YNG9Dd3Y3du3eXYHNJCvO1DNl9TAghhBC/KFgOCSGEEEJI9UE5JIQQQgghOpRDQgghhBCiE4vFKIeEEEIIISQF5ZAQQgghhOhQDgkhhBBCiA7lkBBCCCGE6FAOCSGEEEKIji6HXV1dDMMwDMMwTMRDOWQYhmEYhmH0UA4ZhmEYhmEYPZRDhmEYhmEYRg/lkGEYhmEYhtFDOWQYhmEYhmH0UA4ZhmEYhmEYPZRDhmEYhmEYRg/lkGEYhmEYhtGTlxxOb1aZKo/dZ//oo48yDMMwDFPBAVAaOSTVi5scEkIIIaQyoRySgqAcEkIIIdUJ5ZAUBOWQEEIIqU7ykcO6ujrKIUlBOSSEEEKqE8ohKQjKISGEEFKdBCqHEydOLElI8FAOCSGEkOokcDn0m4kTJyKRSPheLnGGckgIIYRUJ4HKYWNjIwDg7CfX+5JMmZTD4KEcEkIIIdVJWeTwrP9735dkyqQcBg/lkBBCCKlO8pbDXr16FS2Hvf78gS/JlEk5DB7KISGEEFKdBNpyOGHCBADAZx/+0JdkyqQcBg/lkBBCCKlOyiKHp/1+ky/JlEk5DJ6Sy2FShSxJkCQF8eJLK4I4FEmCJMlQk34Wq0CyfX8lWichhBDigUDlsKGhAQBwyv9u8SWZMvOWQ1080pFVlO83OA6lAiXAHznMSJAxaVmqEDlMqrJl+z1+nyiHhBBCQkpZ5PCkX23zJZky85LDpArZ8qMbV8opIBGVQ13+DO89PU1WkxUoh3luJ+WQEEJISAl0QEp9fT0A4Pj7dviSTJne5TAJVZaglNc2LERTDnWpsrayJVUoFjlUlGyrnKxXlKjV0ViP2deVOBBXjCKWu6zpO6GLm13ZgvchkjxrC7WxDKscuq7TaZsd3qugXLnSvmyEEEICJdCWw4wcHndPly/JlOlZDpMqZLcWHtMPulEmZKiqIv6BdVhGUWR9WtwgOZL+yx5xObTrijXUqRKHoKUxDsW4TE5LXFaYZNkocJnpmflS/zDkrsdaTp5y6FaOcXtd1+myzXbvNbMOQz0lVZlySAghxJFA5XD8+PEAgJ537vIlmTLzkkPLD6WU8yNsbt1J/ZCmf3wzQhdXcsXRZhnxD7FxmWjKoVFwhK1leUqavVCZPwP9Mzc0FRqn6QJvkvf8zjmU1aSgnOw/B7KaNMnh7S7rdNtm1/dqbRklhBBCHAhUDseNGwcA6DF9jy/JlFlcy6FBznK6AY0/vtYuvnyXgaWLL+pyaMDa9anEHeTQIDqOXbGC+WFpvRV8biaBM603v5ZDJzmUUn2/OXJot063bbZ7r+Kud4oiIYQQZ8oih0dN2+tLMmV6P+dQJGJW0bMbIOAkhx6WMc2XhCpHWw5Fg4B0CZJVJF3kMPecRfuWQ6MMiVrhRNtQrByK1uPWcmi3TrdttpdD0wZl/4mhHRJCCHEgUDkcO3as729g7NixeY1WTv3QGn/IrV28oq5gBzn0ukxcyYqMacR0VOXQKlwWwXGRw5yWOdE5iSJhEo2STm2QWdpMn1WJzzl0W6fbNjuIsPF7mSu+hBBCSC6By6E1+SIqI+/rHFq6I+0Hl3joVva8jOEcO1mBEvGWQ9fRxq7dypblZdmbHKYKF57vmPkemLpxc8q1lOTTaGX3dTpts0srqd13nRBCCBEQqBzW1dU5PveCqAzeISV4ePs8QgghpDopuxwWEmsZlMPgoRwSQggh1UmgclhbW+v7G6itraUclgHKISGEEFKdUA5JQVAOCSGEkOqEckgKgnJICCGEVCeByuGYMWNKEsph8FAOCSGEkOokUDkEgEQiUZKQYKEcEkIIIdVJ4HJIqgPKISGEEFKdUA5JQVAOCSGEkOqEckgKgnJICCGEVCeUQ1IQbnLIMAzDMEzlBqAckjxxkkNCCCGEVD6e5XDw4MGUQ+IohwzDMAzDRCNsOSQ6lEOGYRiGYSiHRIdyyDAMwzAM5ZDoUA4ZhmEYhilaDi+dqJUkJHgohwzDMAzDFC2HFzdqmNUFX3Nxo8bb55UByiHDMAzDMEXLYd8J/sth3wmUw3JAOWQYhmEYpmg5vKjBfzm8qIFyWA4ohwzDMAzDFC2HvRs0PNUFX9ObclgW8pbD1mbU1DSjtdRfVD/WY1dGUO+BYRiGYSokRcvhhfUaHt8JX3NhPeWwHDjKYWszaiQJUjo1za3llUPL9qQSQ0s+ZThNZxiGYZiIpmg5PH+8hj9thylGLr/iP4UxYl3+/PGUw3LgJIcxqQbNrZnnLYjFWsovh/msm3LIMAzDMJ5StBx+fpyGP2yFKaNnr9RjJ4fGeazLf35cnnIYVwytRwri/vlSpHCWQ0GrXFqsmmPZ1rtYS+q11uYaw2eSFkvT/OnyTC2ABgG1tgzmI4emZQ3rycxvV7ZoWwTbbHpvLmJZ7pusMwzDMIwxgcjheWM1PLgFphjx0nJoXf68sXnIYVKFbBTCpAo1bzuMQ5FkqMl8l6sunOSwJSOAsZYcCcsIYVdLTCxLLbHUctb5u1rM0qkLXAtixvny6lY2L9vaXJNdt2PZNtti3ebWZtQY5muJOXRld3WV+yMlhBBCTAQih2fXaVA3wpShs1bqsZND4zzW5c+uy0MO4wokWUVxXkc5BDwOSGmJZSXRKm1urXOi+UWC51SuW8uhcB2GMu3K9rotabl0PL+RYRiGYSo4RcvhmbUa7v0Aphjx0nJoXf7M2ny6leNQJAmyyeySUGUJirEFUZfI1GsZAVDiqeV1IcgslFQh53RVpyUynn1NiQNJVdaXlyvYML2PVk63sjmKlqWL2EnMrOWXSw7zOieRksgwDMNUZ4qWwzNGa/jZ+zDl5idW6rGTQ+M81uXPGJ3vgJSs8OlCGFeyogcgrqRfs0xPv2ppObQ8jytp6UuLZKalMn2uoy6EcaWiz3l0ksMaa3dyHqLV2lwjbjm0dvGapmflUl/eOI+LtDl3K4vKttkWwXuMNbemX29Fc41xoA7DMAzDVH6KlsPTR2mYsg6mGPHScmhd/vRRBY5WTrf2pdwvDsXY4pcRuvQ85hY+iwyaWg2NLYouElnh3dNOcthcY6wP82ANUQuffo6iJKEmFrNvnbMbHJLpvjYub12u0AEpdmV76QrXWwwNl/QJwY7MMAzDMH6laDk8daSGhvdgynUzV+qxk0PjPNblTx1Z+KVskqqstwwmVRmymtT/5sxnEkmrHIpaAKMrhwzDMAzDRCNFy+EpIzSMWQVTjHhpObQuf8qIfAakqAYZS3Uv6yKYVCHLChRZLGxZaRRJnuj8QcphmCJZW3fTKfd2MQzDMEwlp2g5PHG4hlv/AVOu+dNKPXZyaJzHuvyJw/MfkJIzoCTzqmKZZnNNxLjiNCCF3coMwzAMw0QjRcvh8bdq+MkK+Jrjb/XvDin6QBTiCuWQYRiGYZii5fC4YRpuXgZfc9wwn+QwqUIu+hqI0YFyyDAMwzBM0XJ4zDANAzvga44pWg4zl7ap3C7eckA5ZBiGYRimaDn8hKLhunb4mk8o/nUrE+9QDhmGYRiGKVoOewzV8H0NvqbHUMphOaAcMgzDMAxTtBweNUQrSSiHweMkh9ObVYZhGIZhSpRyC6GvcggAiUSiJCHB4vTltPvsSfn44IMP3GcixEf4nUvBevAO68qdDz74oDrlkFQHlMPKggddEjT8zqVgPXiHdeUO5ZCEGsphZcGDLgkafudSsB68w7pypxA5fGHJRlw+uR39Jmq2eejF9ZRDUjyUw8qCB10SNPzOpWA9eId15U6+chhfshFfbWrHJY2aazo6OiiHpDgoh5UFD7okaPidS8F68A7ryh03OewzQSs4zz33HOWQFAflsLLgQZcEDb9zKVgP3mFdueMmh70bNMzqQt7p3UA5JD5AOawseNAlQcPvXArWg3dYV+64yeGF9YXJ4YX1Rcphr169KIekADmMQ5EkSEpcMJ23Liw14oNu+jPRU8jnwM+PiHH7oY8rouNB9RGeerA7BqdIqnLZbyMbnroKL25y+IVxGp7YCdtc+ZujcvLETuAL49hySHygMDmUIcsSzPs25SII7OUwW/dJVYYkq3D+KKyfFz8/Isbxhz6pQpYVKHL1f3f8r4dC97nMMVi0bOYfxVJ+Hu7bXVhdResY5CaH59ZpeHgbbPPNB47CHAzX880HjsLD24Bz6yiHxAcKlUM1rkI2CUi0duxy4UUOvX0WlEPiDacf+qQqQ1aT+t9qxv96KE4OFUWwrrgCSVFKvC8XJ4f2dRWtY5CbHJ5Vq+HXm2CbK+4/2iSHV9x/NH69CTirlnJIfKBgOUymugayO7d5x44rhm5OvYnRIJbp15R4phsk9dx0sEhm55MkBdHuhEhRiBzmfhaWbmh9mvmzqfYfe+IN+x/6JNRM60/S+s9i5vXs9yzb02AzXbi/i+a1K7e0FFYPdvumaB+EpQ7s3puxDONxMbMdlnXalul03Eg/VhXLsdlmu4uuK2/lVhNucvi50Rru2gBT5F/0MOUv3cP0WF8rixxOnDixJCHBU4wc2j92ml/KdnnGFbOExBXDj4KlvLhCWUGx3cpOn5fos6GQE4cfetOPu+FHX38u+gfDbrrN/h5XckVBNC0ACqsHDwJm2QfNsux8TI0rlvllFUnBMVdcptu2GSTN6dhcsrqqbtzk8LRRGiathSmX3/0JPHHwZtdcfvcnCpfDYgakNDY2+l5RjY2NvLdyGShODmE4UAum5wyQcOvKNDy3/Lcblf8m3fA2IMUidcV+FiTS2P3QW7sFk6psaQET/HPhOF2wv6eni3oUgv5nsaB6yEcOBXVjkj8IyjDIVnZe63HUrsx8xdWtIcDvuqpu3OTw5BEaRq+CKZfd0RMP773WNZfd0bM8LYcZOTxn1jpfkimTchg8RcthuiVAidsdkIz/HeYrh2y5suKtW9mAH58FiTTe/iGx/GNSkBza7++ZU0+MoiSaVkoKqodSy2Fmn45bu2jDKIf51lV14yaHx9+q4ccrYEq/24/Br3dc4Zp+tx9THjmcMGECAODsJ9f7kkyZlMPgKV4OYfivPz09rmS7Jz13Y1ifpw4k7Eo2k7cc+vJZkCgj/M4Zv1c6mX8Us4/z61Z23t9Fgz2CHAhTTD1kG8cUl9Z7axewSJjFvTTi87+dysx324qUQ9e6itYxx00OjxumYWAHTLl46rGm3L2xtx7ra2WVw7Mef9+XZMqkHAaPL3II67W1DCeMmy5ZkKeQWLua2K2cvxzafhaGgSqi0wIidqAm9oi+c+bBaFlyuwntBkK4DUhJfy9Np0SkpUY0LQAKrgfj9lpGEpv3QVjqwG7/E/XeGOvB6ThqKdN22zwOcstjQIqXunIrt5pwk8OeioZr3j5smz5Nx2Hq2jP09Gk6Dte8fRg9lTKOVm5oaAAA9Hpsgy/JlEk5DB7eIaWy4J0HSNDwO5eC9eAd1pU7bnJ49FDNMV9p/CTqk5/S85XGT+qvlV0OP/fIh74kU6Z3Ocw9dyH3hOVCWz2i1WJCOawseNAlQcPvXArWg3dYV+64yWFXVxeee+4523y54ZM5Mb5eFjmsr68HAHxmxkZfkikzPzkUXIbDl6ZoyiHlMLzwoEuCht+5FKwH77Cu3PEih0HHNzk89aHNviRTZuFyCB9Ht1IOKYfhhQddEjT8zqVgPXiHdeVOVcrh+PHjAQAn/2arL8mUWZQc2o56El1N3+luEG53l7CM8ErN5OFetuGEclhZ8KBLgobfuRSsB++wrtypSjkcN24cAOCE+7f7kkyZJZFD4dX0LXeDcLzEh2CdljLF16KqDCiHlQUPuiRo+J1LwXrwDuvKnaqWw0/9YqcvyZRZvBwKBE94Nf3c5W0vDGp7dwnDhTsrtNUQoBxWGjzokqDhdy4F68E7rCt3qlIOx44dCwA49u4uX5Ip079zDnNfN19N3+4uH5bXbO8ukb34apAXYS0FlENCCCEkeKpWDnvesduXZMosdrSy+SKr4gs1p0TOcjV+O7G0vbtE+rnlosKVCOWQEEIICZ585fCFJRtx+eR29Juo2eahF9eXTw7r6uoAAD1u3+NLMmUWfp1Dq6BZBM/mHo6KIttcvd/tTh/pOZXKv5I75ZAQQggJnnzkML5kI77a1I5LGjXXdHR0lFcOj5q215dkygzuDin+XK6mkgeiZKAcEkIIIcHj9PvbZ4JWcMp2Eeza2lrfK6m2tray5DCpQq7ggSgZCpXD7u7uvKa743whc/O9mwsp22bZou6mI1qPw5178t22iF1zkxBCooTT72/vBg2zupB3ejeUWQ6NKRRrOZUhh5mu5ur40S5EDh955BE0Njbi0KFDpumHDh1CY2MjHn300QK2JPWZyMJzODPSFfZbIhayHsohIYREEaff3wvrC5PDC+vLKIcAkEgkkEgkMGbMmIIrZsyYMXo5mZBgyVcODx8+jMbGRlx55ZUmQcyIYWb64cOH89yS7HmgOa1tcQWSohQhSpRDQggh4cLp9/cL4zQ8sRN55wvjyiyHGcaMGVNUKITlpZCWw4MHD5pEcP/+/UJhzI+MCBmvIQlkLyHkduca4/yF3hEn/VhVxN3CyezykvBWjW7d19btEiyTNG6javuaeHCVgrjw/RNCCAkbTr+/59ZpeHgbhHlsw278/fmZeOd3E7B1yDnYOuQcvPO7Cfh7/P/wldo3ipPDwYMH+yKHAHJa//INKR+FnnNobCn8r//6ryLFEDBKkmmgj35up4c716TFKPc8P8sdceJKjlxl5dAgm7bzpV6zXU+OBFoutWR7Rx7zfObzLO3Wb7ksk/COQIQQQsKG0+/vWbUafr0JOXlo7W4sm/Y9bJ9yCTYPPQfYOh3YOh2bh5yN7ZMvxstDv40X5rQULoeKovgmh6RyKWa0srUruXAxBHIuPp4WubzuXGO6XqVN2TnP7R4LtskifuLbMgoEVrBdwveVM8jJy/rFLY+VfGF2QgiJAk6/v58breGuDcjJnNkPY+uki4CNt+FQRy2weRqweRoOddSi+8Op2Dz2ArypjqcckuIo9lI2hw4dwp/+9CccPHiwyC2xtgCmu4F1WfJw55qSy6GobKf1pPFNDr13ZZvvCEQIISRsOP3+njZKw6S1yMkr943G+4M+i4Nv3QKsHW/Kx68Nxvs3fxba5Gsph6Q4wnOdQ3HLoPDcQNs71zh1Kxcph9buWy/vwTTd2q1s361t363s5b1lqfRbOxJCSDXj9Pt78ggNo1chJ2tvPA3ovEXPxvovYmP9F03T1t54GuWQFEdo5RBJqLKxpczrnWvM5/2J76VdiBwit2vXa7dyzrIO64gbB8M4DUix6VYW3hGIEEJI2HD6/T3+Vg0/XoGcrPrhycDiAXo2jDkbG8acbZq26ocnFy6HQ4cOpRySEMkhIYQQEh2cfn+PG6ZhYAdy8sT0YVgx4AR8PPvrwCv/aspHs76GFT84Hm9P+C7lkBQH5ZAQQggJHqff356KhmvePpyTOx58EKtjp6B7zqXY9/svAc/2A57th/0zvowjT1+Cf9x0IhbcO4pySIqDckgIIYQEj9Pv79FDNWFOvuV1PPn9vljxo09Bu6YnDs+8AIdnXgDtmp5Y8aNP4cnv98XzTz9JOSTFQTkkhBBCgsfp97erqwvPPfecMM/PfhLzmofj9fFX4d2rjsa7Vx2N18Z/F/Oah+P52U8WdxHsIUOGUA5JxcvhO5sANH+Jf/mXf/mXf/m3ov66yWHQ8UUOH1uwFV+f2oF+E7WiIk/twFOLtgnXQUpPpcthZkdjGIZhmEpKVcrh16Z0YMIr2/Dkjm7M6kJBeXJHNxr/vg1fn6Jhw4YNAVsFASpfDsu9czMMwzBMvqnalsOLGzU8sT1XDNVl+xB7fAO+dddy9JvUjn6T2nFl8wr8+IkN+NXy/UJBvLhRw8KFC4O1CgKg8uWQLYcMwzBMJaYq5bDPBM0kef+39Qj+35/X47vNyzF/2S7sPnAY3d1Adzew+8BhzFu2G1c1r8Cgme/j8W1HTMv2maAhkUgEKxUEQOXLYc4O97j5ItAPbAIeGCRhwOPG+eIYIMkYv9iy3KB49vliFX2NF5y+TMUz+rLmexybyy5Xkhh/mWh7je85VR/v5Ew3vh9LvVREcj+TvtOT6c8w834En7mnckV1FuXvWam3rZDPqTzlPjAo/T2zfi+Mny+Tm1LUUQXWe2hbDm+55Zai5PArDVk5fGzzYXz7viR+/eImHOnutv0hP3KkG+oLG3GVugqPbc4K4lcaKIflotLl0NRyuFhFX+OP+WIV4x8XHDjSP8jGA/sz0+Xsc5NUpPLAoEy5pfrxKiLp92P6gc68d8N8ufKS+36emS4LxDLs8fKZFPa5Cessqt8zu7p8XNEFOZjPMiTlWr8Hm5IYf1lYP7OwpBR1VOp6L92+WJVy+OV6DU/sBJ7YCVz/8Hr86oVNnn/P73t+I3705/f15b9cTzksF5Uuh6ad7XFFLDaLVfQ1TH9muowB01X01X/IjQeXVAucfUtI2H603bbXUg85/11b30/Y3p9fB+8C35eoziL5PQvqO1NBcrjJ0npYga1XgUd4DAphmaaU5rtTSMvhC0s24vLJ7Y6DfB96cX155fDC8Rpm7gDubt+Hf71jOQ4fsW8xtHL4SDf+464V+HnnfszckSqLclgeKl0Ozeccprq7crp6cn6UZYxfbOwyNDzOaQ3weqBIT38820044PF0S5yxq1NYRhEHH7ftNYmM6D9sp21JPR4wSM62DFm6Qa2tlX3196o6lvPAIEO3pH5gz6cO8/hMFgvmMb2PTP2Zu+ZT782uzl7k/t8AACAASURBVCL2PXPaNqssC+vW7jN3+t44fedF38H0dk1XHOpCIOV2su91/7tMxTNW2ff8/YpWnpkuG/Yr+8/B6fhgOh6ZyhTXsbn1X3AcyJQv/B5aTqEYFBdvh8133i35yGF8yUZ8takdlzRqruno6CifHH5xnIZHtgEDHn0ff+/clfdv+iuduzHg0ffxyLZUWZTD8lDpcpi7w2UPDsYDT/YAEccA/QCUPkgY/+MXtP6Yz8Wznm9l/OE3nDOWPifN1Kog2XUZFimHTj9s1h++xxWL1Dh1K1slKPXc/ANorpfMa6l6M7/mLnb51KG1DNE5cHZymCs3facn7Vt+cuosgt8zp/o21ZlN3bp85uLvjf26nb6D+vbY1YXlcxafbuE9DwySUi3Epv0mj+9XZGI5h9fT55D7Xck9ftmXmTPtcQV9L8ue2pE9zcPt+GXdjxz+CRN+53Pj1nLYZ4JWcIq6CPZPfvKTouTwn8dqmLEVuOi25di573DO63O1Xbh0yjJcMnkZnl/alfP6zn2HcfHtKzBja6qsvOUwbj4hPJ7f0iRNpcuh7Whl63l4mQOE4UCROTDkngdmFRAHsRDO4/Y8wJZD0QHaJJN2EiLYLsG69AN6jqS61JlpQIfXevFa9y7bYB0EkhEKwTmC4jqL4PfMbhsE518K69buM3f63ohaY5y+g57rwtKaW+w5tun3JW419PL9ikiE/5jafA6ejg+CMkV1bPiOPTAo3equt/Z6+B667UdO33mXOP3+9m7QCrpEYO+GMsvhuXUafrOpG/9U1y7sUv7KpE6cVavhrFoNvSd1wjpO5cgR4Jxx7fjt5lRZeclhUoVsFMKkCjUOAHEokgw16b2oqFPpcui04z0zXc5pqXnA2AWxWEXfQaql21D0AxrmH+08zjlMx7Gbxek9+SWHpnKMXbFByqG9UGda8cQtglH9ntlvg7v0Onzmjt8bQXyRQxth96k+Cvl+VX/Eg0bc/3FyOj7YD0Qx17HhFA9dChU8YPzuFS2H+Q/Icms5vLC+MDm8sL7McvhPtRru/7AbvWrFcnhBYyc+N1rD50ZruKCxE9ZZDh/pxhljNKgbU2XlJYdxBZKsItcBKYf5UulyaGo5fFy1HDiM/0FmugFzuwesXZWpA4tdC5ofP9oWoXtcKe4SMtaWi/QBSx9Ba20ZMZ3AnYccCrv0zN2dnrpljNvkeLmZEsmhYze3+UdLWGdR/Z552gabunX8zIvtVvbSjS74Qb9MwQBfRrm6dTt6+H5Ve+wGjeifg6Vr2MvxwWUgirGOn5ku53QnDxikWLqG8+lWzu/ztovT7+8XxmUH/Vrz0vNzsO5fT8aLL8XxxE7gxbl/Sz2f+zd8YVyZ5bDXGA33fgB8fvJy7Nib26383NJduGDiMnxxQida3tyJtnX7TK2H2/cewhenrMC9H6TKyq9bOQ5FkiCbLDA1TW/WVdLtikkVsmG6EjfOL0NRZL1bOq4IlreUIauqWUBN5Vde93aly6Hoh8OuaV90mZYHBtl0AZi6NXLPu8t9LU+xMZY/SCm+RcfuennCk+2d/hu31qflNdN67LuKRQNSrEKV2k7jD3RQciior0xXsO1J5dY6i+j3zKa+Te9ZVLe2n7nT98bLd73QVlSHz8SH+sj/+1XdMQ8aMSb9vTB9Dt6OD8Iy7erYetkowWWknL6H+gAZw4AU18/bpU7cWg7PrdPw8Dbk5Lm/zcGaK0/C3t+OxporT0Lif+9KPf/fMVhz5UkYFHugvHL42dEafvY+8I3fbcBzS8UDUrq7gb937MJ/3LkcFzdqeOe9vfprf1u6C9/43Qb87P1UWfkPSElClcXCl3XGlDDqrydVyPrrIsEUlWMuI6mm/qPIvmZYX1yxKS+8VLoc8g4pBcbjSdMFp8CullCn1HXGBJpiB6IwXuPDeZ2BlGlIQMcvp9/fs2o1/HoTTGmZ8xes+uaJ+Hj2XcDCR/Hx082p57PuND2ff9/UwuXwxz/+cVFyeNooDVPXAUMX78OFk5bjkKXfeOvuQ6j78zr0btDQu0HDv9+5HHs/OgIAOHSkGxdNWYFb3zqAqetSZRU8WjndcqeIzjm0npuIVOugcN7Ui6aTYNVkugxTF7ZhOUurZE6LYwVQ6XJY/gMfI8oDg6QKvJg2E5m4jfJnIp0gjl9uLYefG63hrg0wZeUVJ2C3Ohx4dUY2f/+96fnuB0Zi5RUnlE8OPz1SQ+MaoHEN0O8372PynI3oRqq1cPZbO3DZlE6cP17D+eM1fKmhHUsMrYaTnt6Irz64QV/+0yOLu5RNUpXTUlaEHJrmTUKVvcph5XUlG6l0OWTLYVhiuX1ftbUaMlUS0TmhDFOe45fT7+9pozRMWgtTfjMnjk75Uzjwu/HAnJ/n5MDvxqNT/hT+/tt7yieHJ43QMHY1MHY1MHrFEZwzfRVGPPY+bvztezi3TjNFnbsZAHDwcDcaWj7EuT9bjTH/6NaXP2lEvgNSVEOLX6p7OdWd66VbOSNzuV3C+iAXQfezfbeyXdd0ZVDpcvjOJuiCyL/8y7/8y7/8Wyl/nX5/Tx6hYfQq5OTRu29H29eOQ/fvG4AZE7L5fQPavnYcRg4YV9w5h8XK4fHDNYxMAiOTwIh/dOM/ntyCM2vb0WuMZsqAB1ZjU9chzHq7C2c3LMdFv34fty7v1pcdmUyVVciAFFFXrj6oRDggxSqOco5kSpIESVagyBZx9DQghd3KhBBCCHHH6ff3+Fs1/HgFTLn9yThaa47F/gnfA+4cnJMDk36A1ppj8crPpxQuh7FYrCg5/OStGoauBG5achBf/FkSp43ScnLqKA2fUDScXL8CX3rgfXx//n4MXYmcfPLWCrpDShV0JRuhHBJCCCHB4/T7e9wwDQM7YMpbl/XE1h/1BWqvMuQ7pudbb7wYb13Ws3xyeOwwDbHlwBkTV+DE4Zow34nvQmw5XHPssMqRw7gi2VxjsTKhHBJCCCHB4/T721PRcM3bh02pf+gpLOrXA3uv/wow6KvY+8OvYFG/Hth/Qx9g0Fex5/reWNSvB166Z1L55LCnouGmZcAnh7fjuGFaTvo89CFuWgZP6amEWQ4N3c0Vei1DJyiHhBBCSPA4/f4ePVQT5t+uuw8LLzkam//jTCy85GgMuXq46fm/XXdfceccFiuHPYZq+GFbNz7/y/fxCaUdPYZq6DFUQ89b2/Gl//0QP9S6c5pERfmh1o0eQ8Msh9VNWOTQdAFyQ0o22Mc06MhvLOfEenofTnf34Z1/CCGk2nD6/e3q6sJzzz0nzNzmSZjX9yi8cE9T6vk9TZjX9yjMbZ6kz1M2OTxpdAcumbkNP2jrxnXtKCgDNKDfE9tx4og2ymGZCIscZqkUEfJb5iiHhBASJdzkMOjU1dVBuvHGG4uSw4fmbccJw9sgDdGKyokjlqJ+xiIsXLgw4I+FAJTDwqEcEkIIKZxQymFdXV1RcggAH3zwARYuXIhEIlFUXnvtNXz44YcBfiQkQ/jl0Os9sNPLqYqgK9d83qj9RdCt55XalWl/KSXxezDgcq9v0fZ4u5+3tZ5E75kQQkhYqFo5JJVPZcih93tg66IWV7LiFFdcBM7uHtkOZbq29JnPOcwKqdO9vou5n7elnoTvmRBCSFigHJLQUhly6OEe2E7LpVvazILp5R7ZTttSQDew19s5FnQ/b3HLYyXfvYcQQqoZyiEJLRUnh3b3wPYglakWOBsZE16iKKxy6GVbRe+ZEEJIWKAcktBScXLoeA9slxZHpGQp9z7cdl3XPsuh53t9F3I/b/vtyb5nQgghYYFySEJLxcmh7T2wHZYzdUPbnDMovEe287bk3Mfb9j0Y8Hqv77zv522/fLVduJ0QQqoByiEJLeGTQ0IIIaT6oRyS0EI5JIQQQoKHckhCC+WQEEIICZ6ql8MJ/7cO/Sdp6DdRw3/dswId7+8PoFqJH1AOCSGEkOCpejnsN0nDjHUfY1YXMHbuFshTNSxevjWAqiXFQjkkhBBCgqfq5fDiRg2zuqCn7oUtuHyKhtc6tgRQvaQYKIeEEEJI8FS9HPadYJbDjCB+tUnDgvbNAVQxKRTKISGEEBI8VSuHHx08AgC4qEHDkzuRk9oXtqDfxDbMpyCGFsohIYQQEjyhlMNevXoVJYdvr96Lf7tjOQCgd4OGmTsgzKj4Flw6sQ2vvLsxyDonHqEcEkIIIcFTdXLYtm4f+k/uwOOLtgEALqzX8KftsM3w57egb2Mbfv7sOuzYeyjo+icOUA4JIYSQ4KkqOdz70RF8Y/py/HnhNn3a+eM1/GErHKM8txXnj9dycunkDjz22jZrnZGAoBwSQgghwVNVcvjHeVtx3a9Wobs7O+3z4zQ8uAWu+fKkzpxp9609hC83tGHDhg0FVW5cEd3bNq8SsvekTaqQ7e6JW6VQDgkhhJDgqSo5vO5Xq/DsOzsBAAtW7MG37lyB88ZqeGATXHPhxE7h9PPGaliwYEH+NZtUIcsKFLkYoTPIYQShHBJCCCHBU1Vy2HdyJzbsOAgAuGzacvziQ+DsOg2/+BCu+WJjp3D62XUaEolE3hWbVGXIalL/WxiUQ8ohIYQQEixVJYdn1mrY9/ER/fFdG7J/3XLehE7h9DNrC5HDJFTZ0B0sq8j6nVX4LM+TKmRJgiRJkFXV8Jr9fJIkoaje65BCOSSEEEKCp6rk8MsTO/FBuuWw323Lcft64IzRGm5fD9ecU98pnH7G6ALk0CSEBlEE4CyHcSgG0UuqMiShHJrnq9bzEaMuh3V1dairG4grevXB1UPqUFc3BFf36YU+Vw9Jv1ZnmKcXevW5GkPq6lA38Ar06nUFBuYsn57vioGp5WznS71mux5DrhiYnZ56XIe6IVejj2md5vVn5htydR/0Es5nXH9qGX1bBl6R3X6GYQIPiQZVJYf/df9qzH47dc7hK5278eXGpTh9lIbJa+Gas8Z3CqefPip/ObR2JSdV2TAwxUEOHVsZrYNTFBgbC+NK9bUeRl0Oe/XqVe5NIIQQHcphdAilHNbV1RUkhzPmbcN371ulP9++fTtOHamh4T245oxxnTnTRrQdLKBbOdWqJ+UkI3OUQ69EXQ4H8kBMCAkRlMPoUFVyeOBgN/pOXYE/vb5dn3bKCA21q+CYf3t8C04ZoeXkjDEaJv7hjfxGK8cVSCbBA1Jdyxl5Mz5Oz+9Lt7JZFquBqMvhEB6ICSEhgnIYHapKDgFgyZp96DW2A7+bl7p49YnDNQz/B2zzjZlb8NnRbRj14GL89cX5SCQSpixYsAAffPCB5wqNK5JwdLKpazmuZFsUFcXckmh4zfuAlOo73xCgHLJbmRASJiiH0aHq5BAAWtftx5cnrwAAHH+rhiErIczXH9uMz45uw4Mtr2HhwoVYt24dDh48GGT9EweiLoc8EBNCwgSPSdGhKuUQAD4+lLpNynHDNAxejpx89U+bcdqoNjw4eyEWLlyIrq6uoOqceIRyyAMxISQ88JgUHapWDjMcM0zD/+uEKZc+uhmfHtWG/02L4a5duwKoapIvlMP8DsSHP1gJdB/B/lf+iG2jvohto8/HttHnY//LfwC6j6ReJ4SQAqEcRoeql8NPKBpu6ICePg9vxskj2/DQ0xTDsEM59H4g3vvMfdhyy9nYWnsxtgw9D90bpwFbpwNbp2PzkHOxZUxfbLnlbOxsubt0G0wIqWooh9Gh6uWwp6LhOws/wnXtwFf+sBknjWjD7yiGFQHl0NuBeM+cX2Dr2AtxsHUUdv7yG9j047N0McTW6dg89Bx0qd/EwXdGYkvtBdjw8OQSbzkhpBq55ZZbyr0JJCCqXg4H//F99BjahqOGaPjcmHd1Mdy9e3cA1UuKgXLoLocH13fiw8G98PFbw4Ett7vm40UKPhzcC2sWvRTAOyCk8lizZg3OO+88/aoRV155JXbu3FnuzRIiSRKWLFli+/qSJUsgSZJv66McRodQymGhd0ixY/ny5Zg3bx4SiQTeeOMNimGFQDn00HJ45DA+uPUCbL/ncmDjFNdsu/MyrL/lC5j36t+xZ88em0JzL+QuvsC69cLsHi+pZLyUk+3F4QkpD4lEAtOmTcPOnTsxZ84cSJKE+++/v9ybJWTJkiXoeexxQkF0eq1QKIfRIZRy6GfLIalcKIfucrjrWRXrB52B9Tedju73xgPrGvR0rxpren7kH3VYf9PpWHfz59D+y5Ho7u62KdWrqNnN57C89YLtSRVqPJ91EhIsl1xyCaZNm1buzbBFJIGlEEOAchglKIcktFAO3eVw7Y2nAclROdlyxyVYe+Np2HbvV03Tj2gKjrQNxdobT8N7771nU2oJ5VB4B6F81klIcNx///2QJAnvvvtuuTfFEaMMlkoMAeCW713ue5kknFAOSWihHLrL4eobTgE6bzGluy2G1Tecgjdn3IHVN5yC7rZYzjyrbzjF4Z7hbi1/TnfwsXRJ5/RHp17PvYtQevm4sXzDXcYVUZmpZRRFznZPm+4cVH23lCTB8cgjj0CSJDzyyCPl3hRPZKSwVGIIAP/eu3dJyiXhg3JIQgvl0F0Ok9efBLTemJNNt/dG8vqTsOXOi4SvJ68/yUUOJZvzAr3e+9upFTB1f3HzuYzpdWZaFeOKjdzl3mM8K5HxnFtRim5lSYgXTjnllNCeaygiCDnsdfn3SlIuCR+hlEO/B6SQyoRy6C6H22b/HMsHnIAVPzge3a99D1j033qsz7Hov7FiwAlYPuAEvH3Prfm3HCZVyKYuYTsh9NhFnG7lU4TnHOaKXlZWvdxv3K7lkhBvSJLksI+Ei6C6lS//Hs85jAqhlEO2HBKAcuh1tPLyG8/AhoazgcS3XbNhwjnouOGzmJ94FWvXrrUpNCA5RLr1UYkLlrGOhM60Iiahyk5yyK5k4g+JRAJr1qwp92a4EuSAlB9xQEpkoByS0EI5dJfDA6vfRce1x2Lfo5cAL14BvHgFDv/1a/rj1POv64/3/rEvOq49Fm88/WgBo5V96FaOq4bpqe7lVNevgxwaB7GYLpkjWkZ0PiMh+TNt2rTQtxzyUjakVFAOSWihHHq7Q8q6h8Zh+Q2fwt7ffxlrRpwG7ZqewN8u09N+7TFYM/xU7P3dl7Ds+k/irdtvQiKRyOs6h7pwGbp3xQNSMrM5D0ixG1wi7lbOnqMoyQoUu5ZDILdrmd3KpEAkSUIsFiv3ZjjCi2CTUkE5JKGFcuj9PqbL7huGpd/tgdbrPoN3r+4J/KWPnnev7onW6z6Dpd/tgcXTfoREIoFVq1aVcMsJIdUI5TA6VL0cTpw40ZeQ4KEc5neT+5WvPoN5iVfx5i9GofU7R+lZ9MuxmJd4FW/MfphiSAgpGMphdKh6OWxsbCy6khobG0N/7kk1QjnMTw4BYPfu3eju7sb69euRSCT0bNiwAd3d3bx1JCGkYCiH0aHq5XDChAkAgHNmrSsomTIoh8FDOcxfDgkhpFRQDqNDZOTwn55YX1AyZVAOg4dySDkkhIQHymF0qHo5bGhoAAD0+vOGgpIpg3IYPJRDyiEhJDxQDqND1cthfX09AOD0P24sKJkyKIfBQzmkHBJCwgOPSdGh6uVw/PjxAIBPP7iloGTKoBwGD+WQB2JCSHjgMSk6VJUc+nXZmhPVbXqAfOUwfZFf4cV/vd1SrHSEYRu8QznkgZgQEh54TIoOVSWHfl225thhf8Mn792JT967EwAwbty4POVQhixnbzNmnO4sZqWWN8phJcEDMSEkTPCYFB2qSg79umzNJ4Y8j5537kbPO1PXhBs7dmzecqjGVciZ+8Eap1MOPUM55IGYEBIeeEyKDlUph8Vetuao2As4+qd7cfRP9wJI7RB5y2EydX9Z/Z60VjEz3QNWQVxwz9m4Ymx9FCyfedFyP1nrMooiG9ZhvC9tuO89Szn0th8wDMMEEcphdKgqOSzVZWsKlUNvjwHElbRE5k7X5S2uQJZlXTaTqmxYxiCESRWyRQBzBTUJNafbO3xQDr3tBwzDMEGEchgdqkoO/bxsTW1trSmFySEMgmeYbmnpk/QWPEHrYLprOq4Yu6qTUGVjWQqMnpdtcbR2I2fPh5QroG856nLYq1evsu+QDMMwmVAOo0NVyaGfl60ZM2aM6d60BcshMq10Vjk0C539sjLUZByKLoUK4gZpzF8OJciyHOru5AxRl8O6uoFl3yEZhmEyoRxGh1DK4eDBgz3NbCeHxkvR5JNMGQMGDNDlMH8Egz70lkK77l77ZZOqnNOdrCiKpavY2q2ckUVxy2Hu+ZDhJOpyyJZDhmHCFMphdAilHBbacjhu3DgA0C9Dk28yZdx///15thYaEY8ITqqyQQ6R27Wctru4Yn5uPodQ8DynLLEM5j5PtWhKphHV4SLqclhXN6TsOyTDMEwmlMPoUFVyOHbsWADQL0OTbzJl8G4o4SDycjjk6rLvkAzDMJlQDqNDVclh5oubuQxNvsmUQTkMB1GXw159rij7DskwDJMJ5TA6VKUcFgPlMDxEXQ55KRuGYcIUymF0qCo5tF5+xiuFX7aGlBLKobf9gGEYJohQDqNDVckhAH0gyZgxYzxXQuGXrSGlhHLobT9gGIYJIpTD6FB1cphhzJgxeYVCGD4oh972A8Y5TU1NDMPYJN8faBINqlYOAeS0BrqFhAvKobf9gHFOU1NTuT9KQkIJ5ZDYUdVySCobyqG3/YBxDuWQEDGUQ2IH5ZCEFsqht/2AcQ7lkBAxlENiB+WQhBbKobf9gHEO5ZAQMZRDYgflkIQWyqG3/YBxDuWQZJAkqdybECooh8QOyiEJLZRDb/sB4xzKIclAOTRDOSR2UA5JaKEcetsPfEtrM2pqmtHqdXo5tymPFCuHSVWGrCZ9+lRDRFKFLKvI951Vcn1QDs1QDokdlEMSWiiH3vYDR7GSJEimxNCSr4gVI2g52+CwftH6SimHccVcN0rcfr7Ma0kVsun9KLBZqvzkbGt6ezNSWKAcmupDsB5ZTeaKZ1KFLMnIOmUciqHukqps2k69jJztN5aRP5RDM5RDYkco5bBXr16UQ0I59EMO8xGrUsmhcdmWGCS3sgKQw5SMmMUurtiJnkFkrNITVyAVIlhB4CZ/hcqhSeziUKzSp8Qhkj9ZlqFkJ+jrTqqypQ6TUJUi5NWBapfDN998M6/XKIfEjlDKYV3dEF/l8ODhbox/bC36TdTw2ordAID29nbcdtttmDp1KjRNK2UdkwKhHJZQDk0teunWPKuUGVtshNNr0NyaXa45JmgZzNmGFsTS87Q21xhahNJldbWiuSa73pr6ekPZqcRajO8hs1w+cpiEKju0QOW0cgFxRUqJTY6wpCUoPV1VDK2JppYvg3haW8QMrXjG5c2taentSaqQZQWKnJquxJNQ9ceC9yGSK1HLoWmbsu/dtA2GsvT6sEigkbiSLSeuKIjHlWx3tP7YKpdet9+hDkStlunn1SyHu3btws0334ynn34657Wnn34aN998M3bt2mWaTjkkdoRUDr39KHoVhPqZ63DpRA11L2zGpRM1PPj0G5g6dSqWLVuG5cuXY+rUqXj99ddLXNUkXyiHPsihsFu5BTGDZLU210CKtRhEzvy6ebpB/jLT0+vR53eQw9bmGnHLYUsstQ02kqqXbWx5LFQOkypkp+5ggRzq59lZxENv9UrLVVbQ4lAMz5OqnO6KNU83iZpI8PTi0l25xm2LK1mRE7Vgeu5WtgieaZuy040tq8bzDuOKuFs+O0+6JRBxKOlttJdtl+3Xt8uhDiIqh4BYEO3EEKAcEnvCKYdDrvZVDi9u1HBv2x7M6gJ+2bEPFzdqmPHsEv31zs5OTJkyBa+99lqp6pkUAOXQBzn00k3c2owaKYYWo+xZXzdIYI5sem6hlMxi6NQ6adetXEA3s1AO8+2utEhcTmuag5Doz41iJirXTe5ErX1263d6n9Z12klkWmSF51WKys6cw2k8PzMjtCkThCoriOt/reVkWwCFkidat+hxhOUQMAuikxgClENiTyjlsI+P5xwu+sce9J2gof6lrZjVBczqAu7r2Ie+EzT8bfEGfb6Ojg5MnjyZghgiKIchlMN8z0l0WsbY6mcnhKWQQ6euTFvSXdEvexAWu+dSqmtV8iKH1tZLu65gv+TQUZZFkmjXNW89HzH1nrO+qEBNZlsQhZ+F23ZRDl3JCKKTGAKUQ2JPKOXQrwEpb67ai4saNAx/dhMuatAw7kWzIF7UoOFZgyC2t7dTEEME5bBEcuipWzkrbtmuYEt3c7FyaNfdnJFVNzks+JxDlwEpgm7l1OsSlD94lEPHbmUX6ROUZ+q+9lsOrV3dhvmU7IbmyKBeH9aRy6ZzE1MDUdTsBMiy+VI4OQNS/JBD60joiMkhkBJEJzEEKIfEnnDKYZ/iu5XfWr0XvRs0TFu8C0/sBMa/sg29GzTUzt2KJ3YCT+wEft6+D70bNMxZ9L6+XHt7O5qamrBw4cIg6p84QDkslRx2Wbp0BSLWEssOConFnAeqFCKHXV1oMQwyMa3D8FpmQIrfcgjkXj7FfLkaQatYXIH0I8WjHGbKEQxIsV5Cx0aE9HP5JAmyopSu5TBnWzPd5ZkWQ8PlZaz1ofwh2xUsuNSMUPwEIprXpWxedq8DY3l63SFacugFyiGxI5xyWGTL4dvv7cWF9RqmvLELM3cA9604gAvrNfzPrA9xYb2GUS9sxcwdwMwdwN3aPlxYr+EvBkHUNA2TJk1iC2KZoRwWKYcMurr8vEOK/cjcwotU7K+vGHpKUB8lhnJohnJI7AilHBYzWvmdNftw/ngNExftwiPbgHuWHcD54zUMj281Pb/1+dTzR7YBP1uaWmb261lBbGtrw8SJE9mCWEYoh972A8Y5ft4+z3h5lsLLqJCLaHvAj/oIEsqhGcohsaOq5PCdNfvw+XEaPj9Ow5hXd+DOzgP4/DgNQ57bihlboUc0/adLU8u2WARxwoQJ+Quiqdsoz4O/XZeWlILioQAAIABJREFUeQU2J9Sbu4GKvZtAuaEcetsPGOfw3sqEiKEcEjuqSg7PG6vlZPBft+C3m5GTn7YfwHljNcT+ulWfNvndfThvrIZZr2UFcenSpZgwYQK2bNnirUat11BLqlB9bxpwkkPLBWwLvgNC+cWScuhtP2CcQzkkRAzlkNhRVXJ480NrcHadpudHT2+GuhG2mawdwNl1Gm56Zos+rfGdfTi7TsMTC9YDSF3ipr6+HvPnz/dWo4HcTsubHBYueZTDMEA59CeUQ0LEUA6JHVUlhx8f6sb3f6HhzFoNl927Cvd+ANdMWHoAZ9ZqGDhniz5t3JJ9OLNWw88ffwP19fWYOXMm5s2b57FKU127OSP7AJvRiykRU5TMpTXMYmY6P0k/cb1AObSM/jPfzSGzDd/Fd3NGcCZNIxKDOn+ecuhtP2Cc09TUxDCMTfL9gSbRoKrkEACOHDmCM0ZrGPxyF372PjylrvUAzhit4Qezt+jTRr21D2eM1jD6nlmYN2+e925lAEaZsgqY6Xpf+r1FjTLpRfwK6VYW3LbLVJ7DNpRpRCXl0Nt+wDAME0Qoh9Gh6uQQAE4fpWH8skOYug6eM2LJAZw+SsO1LVv0acMW78PpozQ8+FxnYbVrvKaX6JpdooviisQsZ4CJ1wEplvul5lz0NyOL3locha2hJYRy6G0/YBiGCSKUw+hQlXJ46kgN41YeQeMa5JV/f2wTTh2p4aqntujTrpm9FaeO1PJsOcyi3xlBIGcpHMTMtIzxDgVeu5VNG1K4HBrfC7uVA4NyyDBMmEI5jA5VKYdn1nXgfxbtx9jV8JxrntmBU0ZouGr2NpwyQsO/P7EFA1/dk3o8/R3v5xzGVYNUpbqXxd3H+gL2YmYc3JLTDZynHAq7lc3nPXoZyJJU5cBaECmH3vYDhmGYIEI5jA6hlMNi75DynftWQ350E0Ym4SnfmbMDJw7XcOOiAxiZBL45czNOHK7hxOEarpz+Dl76+zy0tbV5rFJL1671vqN5dSsbBoLICpRiWg5z1u8sg/pAGCVe3HUbi4ByWFf2HZJhGCYTymF0CKUcFttyOOKx93H8rRp++PoBDF0Jx/z7X3bg+Fs1XP9aat5rX96D42/V8LM/L8K8efOQSCTQ1taGI0eOBPzREMqht/2AYRgmiFAOo0PVyeEv5m7BccM0XDFrO44bpmHA6x8hthzC/MuT23DcMA3/veAAYsuBq17cg+OGaZj+59cxb948bN68uQwfCclAOfS2HzDOKfelQhgmzMn3B5pEg6qSw/te3IJjhmn43usf4aZlwNdnbccxwzT0//MWfH/xx7hpGXDdkkP41+d24Zy71uCYYRqOGabhiqd34D/m7sExwzTc8djrBVy6hpQCyqG3/YBxTlMTL4JNiAjKIbGjquTwE4qGK5/fjYEdwLVvHMQnFA3fu/ct9J/yDk4a0YZPKJpj7pz5OubPn4+tW7eW6eMgRiiH3vYDxjmUQ0LEUA6JHaGUw0IHpNz1/Gb0GKrhW3P3osdQDcpvFyORSGDFihV49913sXDhQiQSCcyfPx//Mn0pegzV9Nz9fxTDsEE5rCv7DlkNoRwSIoZySOwIpRwWc87huMdW4qghGpTfpMRw3bp1wjf+0aFufOsODUcN0XD3zNcwf/58bNu2rdT1TfKAcuhtP2CcQzkkRAzlkNhRdXIIAGvWrHEUwwxHjhyBpmmYP38+tm/fXor6JUVAOfS2HzDOoRwSIoZySOyoSjkk1QHl0Nt+UFBam1FT04xWr9MrOJRDQsRQDokdlEMSWiiH3vaDTGqs9+6WYmixm78UctjajBpJQk1zqz/llUIOLReil9VkalrmTkT6PNaLxGcv/p65jWROGTn173BBekJCAOWQ2EE5JKGFcpinHOYjYaWSw5oYYjU1aG71oTyfkpVDwd2I9LsUmeVPlmXzrSbT8phU5ewtLVMvQlVUJK2CSUgFQDkkdlAOSWihHHrbD1zlMN2iZ2pNNEqb6XUJknB6WvjSyzXHBC2TmTJbYpBiLTly2NpcY2hVM5YXQ6wmNT3W0opm/bFo+y3iaXzuSQ7Ft3+MK1lpjCsK4nElew9x/bHD7Snt5DCpQpYVKOnbYCrx7C0xlbhgOUomCRDKIbGDckhCC+UwTzkUdiu3IGYQrdbmmpS46dJmft083SB/melpUdPnF8lhVxdaYul57FoOMwJpFLyWWFb+WmJpSbXZjoLk0HLPcANJVU4LYLolEHEoaUmLKzYiZy4gt1tZTrcoZoQyrmS7muNK9nXKISkTlENiB+WQhBbKYZ5y6KWbuLUZNVIMLUbZs75ukMAc2XTqJraKm7V8UQulaBkv25FHvQgHpMQVsyQmVchKPPsXSaiygrj+FxZxy7YACiUvg3G66DHlkJQRyiGxg3JIQgvlsMxymO85iZbXWptrEGs2Sp7gXEQvcljkOYv2o5WN3czpx3EFWV9UoCazLYjCbmU7ybO+bveYckjKCOWQ2EE5JKGFcuiDHHrqVs5KW2tzjaE7V9B9nIccZtad00JoXI+bHNpthy66eXQr662CyD43iFhcSQ1EUbMTIMty9txDCAak+CGH1pHQlEMSEJRDYgflMM2aNWswffp03HbbbVi2bJlv5ZLCoRz6IYddlu5cwYCUlpjeZVsTi3nvBnaVwy7DuYOp8xBz1uMqhzbbUYgcGruCBZeaEYpfZuAILPN5vZTNyy5yaClPVhS2HJLAoBwSOyiHAFavXo2f/vSn6OzsxLJlyzB16lQsXrzYl7JJ4VAO85NDRhxeBJsQMZRDYkfk5TCZTGLatGno7OzUp3V2dmLq1Kl48803iy6fFA7l0Nt+wDiHckiIGMohsSPScrhy5Urcdttt6OjoAAAsXLhQf629vR1TpkyhIJYRyqG3/YBxDuWQEDGUQ2JHZOVw+fLlmDJlii6GCxYsQL9+/fDyyy/r82iahqamJgpimaAcetsPGOdQDgkRQzkkdkRKDl94dycua2pHTZOGn0x6EO3t7abXX3nlFXR3d5taEJcuXYpJkyZh27ZtvlQ48Q7l0Nt+wDinqamJYRib5PsDTaJBZOTwb+/sQM3UDty1ZDfueHsXvjpZw9Ovrc+Zb+HChaYWxLa2NkyaNAnz58/3rdKJNyiH3vYDhmGYIEI5jA6RkMO/vLUD/ad04K53dmNWFzCrC7hryW70n9yO2RZB7O7u1lsQ29raMHHiRMyePRsLFiwoRf0TByiH3vYDhmGYIEI5jA6hlMPBgwd7mtmLIMx+czsubmrH9Ld26WKoC+I7u3FJUztmLcxtQVy6dCkaGxvR0tKCBQsWYMeOHR6rVHAXBeu0zK27JAmS6Q4N5uukWa+vFjUoh3Vl3yEZhmEyoRxGh1DKoV8thwtX7sZXGtsxceFOzNwBYW5/ezf6TGrHkwuygrh06VJMmDABTz31VJ5iCLjKoeWOCEiqUOOC5azzRRDKobf9gGEYJohQDqND1crhlt2H0G9qJ37y18344zY4ZvJbu9F7UjtmzluHpUuXoqGhoUAxBFzlMK7Y3B7LupyonGhBOfS2HzAMwwQRymF0qFo5nDhrA664fzV+swn47Wb3NCzejQsaNfxgtFqEGALu3cqp7mM5x/oEXc8R71emHHrbDxiGYYII5TA6VKUcfth1EP9c344JS/fj5x/Cc25dsAvnjGvDM888g+3btxdYpR7OOTTc4zXrf9ZzDqPdpQxQDimHDMOEKZTD6FCVcnjfi5tRo67B7euRV2Kv7sKZ49rw17/+tYgq9SKHaZIqZF0QReccsls538++mqAcMgwTplAOo0NVyuHV6ioMeH4HGtfAcwbN34Mz69sx7U+LMG/evCKqNAlVtkidw+CSpCqnu4/FrYtR7lmmHHrbDxjn9O/fP++Ue5sZJoyhHEaHqpTDXuM7MPjtjzB6FTxl4Py9+Nz4rBhu3LixqEqNK5Jp0ElckbLnD8bVHAFMnX/IlkMrlENv+wHjnP79++dV75RDhhGHchgdqk4Oj3QDJ43WMKjtEIashGu+P28vPlPfjtv//DrmzZuHTZs2+VCt2XMKJUmyjE62nFuoNw1azzmMthgClEPKoT8JvRy2NqOmphmtYSmHYWxCOYwOVSeHAHDimHb84I2PcfMyOOZbz+zEp8e242ePpVoMN2/eHHD1Eycoh972A8Y5XuRw/fr1uOqqqzB37lyxHLY2o8b0z1sNmlt92kbKIVMhoRxGh6qUw7MaO/H1v+zEDzsgzDWLPsa5P1+Lz4xdil88+TrFMKRQDr3tB4xz3OQwI4YjR47E/v377eXQKF6tzaiRYmjxYxsph0yFhHIYHapODqc+8yE+M64Dx49fhq89uwtXvXEQ17x9GP/52se4/JkunHXPWhw7SsN/3v02Zr8wH6+99loRl60hpYRy6G0/YJzjJIdWMQRsupVzxKsFMaMcmloWs62Krc014tZGa0ukndSZ5kuvL70tzbHs8rEW4za2orkmPU3fVh9bOpnIhnIYHapKDpvmfIgzJ3RicmIbThj+Bk4csRg9Rrbh6BEaPjm6DX2mvoOf/HYxnnp+AebNm4dly5bho48+KlPVEzcoh972A8Y5/fv3x9y5c3HVVVdh/frsbTJFYgh4lMOWmEHoBKIokr2WGKRYS3p+g7zZtviZ52ttrkktnxZGffnMthjL0ddlecwwRYRyGB2qSg6PG6lh1PObcFp9J2761Zt46qmn8PTTT+OVV+chkUhgwYIFaG1txZo1a3DgwIEyVTnxCuXQ237AOKd///7Yv38/Ro4cqQuinRgCDnJo19KXcz6ipZXPupyoizr93NjSWFNfL+7KtlveND0rrC0xYysiwxQeymF0qCo5HD1zNXqM0DBQfROJRAKrVq3SX+vu7g66bkmRUA697QeMczLdykZBtBNDwEPLofV8Q7uWv9Zm1Fi7kl3k0HadxvV6ksOMFFpaNRmmiFAOo0NVySEA/P7FlTliSCoTyqG3/YBxjvGcw4wg2okhkEe3si5dlm5im2Vam2vSLY7mcwCz063b7tCt7EEOM62WNc2tZf8MmOoI5TA6VJ0ckuqBcuhtP2Cc48t1DgWte6ku4LTk2XQ7txgGjdTEYuZzAkXTReu1GZDiKoddrWiu4UAUxr9QDqMD5ZCEFsqht/2AcU7oL4JdqpgGzTBM8aEcRgfKIQktlENv+wHjHL/urSzlDDrJptzvURQORGH8DuUwOlAOSWihHHrbDxiGYYII5TA6VLwcrly5kqnSUA697QcMwzBBhHIYHSiHTGhDOfS2HzAMwwQRymF0oBwyoQ3l0Nt+wDAME0Qoh9GBcsiENpRDb/sBwzBMEKEcRgfKIRPaUA697QcMwzBBhHIYHSInh/PfWYGLpnTgCxO95YuTOvD8ouVlF6UohnLobT9gGIYJIpTD6BApOVy+YiW+r3bi840deeXbd76N1qVtZZelqIVy6G0/YBiGCSKUw+gQKTm8Z85y/HNjR0F5du7fyy5LUQvl0Nt+wDAME0Qoh9GhquTw3AkdJctjs/9WdlmKWiiH3vYDhmGYIEI5jA5VJYfnTOhA45I9vuccyiHlsAxQDv2JX7fPY5ioh3IYHapKDv+poTRy+E8NlEPKYfBQDv1J//7986p3yiHDiEM5jA5VJYdn1ZdGDs+qpxxSDoOHcuhPKIcM408oh9GhquTwjPoONLy9x/ecka8czhgISZLSGYgZK1di5coZGChdiqaXghAru3XNwEB9u1K5tOmlAssq/XuiHHrbDxjneJHD9evX46qrrsLcuXNd5LAVzTUSpJpmtHpZf2szarzOW46EffuYUIVyGB1CKYe9evXyNLNVDj87vgPj3trjez47Pg85fKkJl+pCmHreNCNMcpjvNlAOywXl0J+4yWFGDEeOHIn9+/c7y2FrM2pqYojV1KC51cP6wy5fYd8+JlShHEaHUMphoS2HnxnXgTFv7vE9nxmXhxzOGAjp0ia8FLBIUQ6rD8qhP3GSQ6sYAs7dyq3NNahpbkVLTEJNc2tqulWw9OfpVsZ0K31Nc2vqNb3lPoYW0Xp0AU3NF2vJlhNrMcxjLcduO9J/m2PZbUmVI9i+EHxeTHhDOYwOVSWHp47twPA39vieU8fm062c6rrN7a5Ni9SMJlwq6NKdMdDQ3TtwhmmZgQMvzXZPv5RdXrK0UGbLbcpfDk3lShg4w2YZp/UIt836Hl5C06Wi9VAOrVAO/Un//v0xd+5cXHXVVVi/fr1evyIxBJzksBXNmRbDlli2a9lWDq2vtSBmELzW5hpIsZbc9bQ2o0YyrEeyrtOmHCc5NIql07YzjEMoh9GhquTw03UduOX1Pb7n03X5DkjJCpBZsqRsq+KMgWa5EwqcVTQtojZjYPq11HyZdb3UdCkkj+ccDpyxMmf5lOQZt8G8PeL1OG+b/h5mDDTIL1sOnaAc+pP+/ftj//79GDlypC6IdmIIOMhhjuilpc2rHIrmS7f6tTbXZFvw6uudl7crx6Xl0F1eGcY5lMPoUFVyeHJtB/5n4R7fc3JtgaOV0y1pA4XnHObKVFbabITL0rqntzK+1IRLTV3ZeXYrW8+TTLdk5my303rsts3mPbgPhKEcUg79SaZb2SiIdmII2MuhUeByuoqLlEPTutyWpxwyZQrlMDqEUg4LHZByYm0HfjR/j+85sVA5zLSuiSQpR6wycvYSmi51kkNBa2No5NCtJdRSL+xWdoRy6E+M5xxmBNFODAE7OUydn6d3zXZ1ZbtnLZLX2lxj7rbVX8ujW9lRLh26lUXb4SaHduc+MowllMPoEEo5LLTl8FNjOjBg3h7f86kx+QxIaTKIUKp7Odu9aiOHxkEstl26med25zN67Va27242dyuLLsHj1q3scK6l4DzHl5oudWxBpBx62w8Y5/hynUNhC1u2a9nULRyLmeZtiRUyIMWl5dGmHOF2OMmhdftC8Hkx4Q3lMDpUlRweN7oD1766x/ccNzr/ASl2g0vE3cqGQRqXDsRAu5ZDQ7dsTvmGbuniB6R46/52HpBi060svAYk5VAE5dCf8CLYDONPKIfRoark8NjRHfjOy3t8z7F5ySHjVyiH3vYDxjl+3VvZer6hMeV+jwwTRCiH0aGq5LDnqA7820t7fE/PUZRDymHwUA4ZhglTKIfRoarksMfIDnzzxT2+p8dIyiHlMHgohwzDhCmUw+hQVXJ49MgO/MsLe3zP0ZRDymEZoBwyDBOmUA6jQ1XJ4VEjO0oWyiHlMGgohwzDhCmUw+hQVXK4cuVKPDb7byVLuWUpaqEcetsPGIZhggjlMDpUnRwy1RPKobf9gGEYJohQDqMD5ZAJbSiH3vYDhmGYIEI5jA6UQya0oRx62w8YhmGCCOUwOlAOmdCGcuhtP2Cc09TUxDCMTfL9gSbRgHLIhDaUQ2/7AeOcpqamcn+UhIQSyiGxo+LlkFQvlENv+wHjHMohIWIoh8QOyiEJLZRDb/sB4xzKISFiKIfEDsohCS2UQ2/7AeMcyiEhYiiHxA7KIQktlENv+wHjHMohIWIoh8QOyiEJLZRDb/sB4xyhHCZVyLKKpF8flt/lERIAlENiRyjlcPDgwZ5mtgpCv4layUKCh3JYV9iO1NqMGkmCFGsxTW+JSZBqmtHq507b2owaP8r0Uk6B6xLJYVKVIav+qZzf5aULpXCSkkI5JHaEUg4LbTm8tFHDrC74nksbNSQSifJ8QhGGcuhtPxBLVAyxmho0txqn1fgjcj4IW5DrEslhXJHhp8v5XR4AyiEpOZRDYkdVyeHFJZLDiymHZYFy6G0/sJOoluYa1DS3oqsr1WoYazbIVaZ1UZIgSTG0iOQr8zz9tzmWmV9CrKULXV2taK7JTsusK7tsDLEa6zIu685nXa3NqJEMAuxZDuNQJAXxpApZUhC3TkeqJVDStzEtfmlZUxUJkpflZBVJo+CZ1peEKqcfJ1XIkmReDkmocnaaPHly7rpNy5VATknVQzkkdlSVHPaZkJLDSxo13zKrK1Uu5TB4KIfFyWFrVwtiUgwtFvFKTc/KWmtzTaoL2kkOjXLXEst2T9u15lnFrSWWFkGXdeezrkLlMK5AUuLphxKUeO504fxpGcuZxfR6VhrjioK4RRwVRUkvH4ciq0giDsVYplUmTWJpXHe23JzlCPEI5ZDYUVVy+JUGDU+lZc6vPNWVKpdyGDyUw2LlMH2eYUa2ciTRKFkGiRTJoWi6mxyaprcgJtWg+VmXdReyLpdY5dBOCE1dw6LWPBsBy5aXEj1zq2K23LiSbq3MiGTmr7FMJzm0zmfcPsF6CXGDckjsqCo5/FK9hsd3Ar0bNN/y+M5UuZTD4KEcFi+Huny5yV5k5DAJVTZ2wWa6dzMteUiLl0UUbeXQWh5glcSkKkOJZ8pPry+ebkGMK+luZMu6nB6LnhNSAJRDYkdVyeEF4zX8aTvQ3d3tW/60PVUu5TB4KIc+yKFwukPXbkYkM9O9CJthGdtt0LuHPXQre11XId3KAqnKdPfqo40t8yRV2b7l0CJwStYos9KYVKHI2dHMSVWBoihpoYxDEYlo5rHx/ELTui3d0YQUAOWQ2FFVcviFcRr+sDUlh58fp5liFL6OA/CU7u7/3979u0iS3gcYL1sIGyMwGAReg8D/Q8EElxuvnDoQ1wh27seOTl553Q4E4hB0oGBA0WVKHHTsZXDkY8HB0Y4cTTAWkhBCsCuEkITxGOMN+3XQXT3VPV3V7+z2vPVOvZ8HHm63t7uqp3a/Nw9vddUswz/9frXd+Djc+Z9952Pvys5nju6Dz89aH5BPjzi8rzhswmrnopAm1pqLPk5PDwfb9c2p61sXpGyd8tyNuv4LUqL29RZxuPeWM7cuTFmdKt5cDHJ21rlyuL29ZsVw/bqtx1vzv7ta2MzZ1gUp2++juSDlVph2vA6IQRyii1HF4V/+41X40e9WUfe16dWWbxuHP/rdarsPNw7fdt/Dr0yIw7eMwxxMeYubA7bjcOvzhkfg2NvrvCgGuAfEIboYVRx+bXoVPvvNKuoePb/ash2HV29ClMvlMnz2m9V2y4zDYW+PIQ7j5iBLs4zDY6+2H2d77VVKF5UgJeIQXYwqDv/iH67CD3+9irqvfudqy3YcXv5fiHK5XIYf/nq13ePF4fb9y7ZuYXHrG8TqdWdn7+35ptH+xrTe/mdnO6e0tk9zbVYkDu7r6+Hre06PbX0T21rduMvXFI84jJsD9utnKwP7EYfoYlRx+Od/fxV+8KvDF6T8x/+GKJfLZfjBr1bbPVoc7j1tdPszSe242/9juXbjsBVsn5/dir6bTcTuq2/l8Hbs3n6PXfuJRxzGzQH7FYfAfsQhuhhVHH71O1fh+69WUfeVb19t2Y7Df/+fEOVyuQzff7Xa7tHicL2athVK++5ZtrrPxYFAiwnAPVdDRu1rz763Pjjf/nr2rAp27icecRg3B+z3008/JdnhXb9BowxGFYd/9uwqfPeXq6j7429dbdmOw3/77xDlcrkM3/3larvxcbjnvmd7Aqr5MVtnn+//8xX3FYcx++p73fZtOrrj8N0+PyUO4+aAJFMoDsthVHH4p393FZ7/YhV1Xz672rIdh//6XyHK5XIZnv9itd273Ofw87M9t6PYs2p2cxuMrtPH9xCH0fvquf3G1k2C+04rd50Sj0Mcxs0BSaZQHJbDqOLwK9++Cp/8fBV1f/j0ast2HP7L70OUy+UyfPLz1XbvdhPs7Qs0uu9ptvOzUe/ltHLrQpK9F6TEnlZufU3vnYWz924HZ/8FKU4r3xVxSDInxWE5jCoO/+STq/Dhzw5fkPLPvw1RLpfL8OHPVtv1E1LSIw7j5oAkUygOy2FUcfhH37oK3/zJ4Ti8+G2Icrlchm/+ZLVdcZgecRg3BySZQnFYDqOKwy+fXYVv/Pi4P1v5Gz9ebVccpkccxs0BSaZQHJbDqOLwS0+vwt/+Zzi6X3oqDodAHMbNAUmmUByWw6ji8A+eXt2b4jA94jBuDkgyheKwHEYVhyGE8MUXX9ybSIs4jJsD9lvX9Z0d+j2TOSoOy2F0cYjxIA7j5oD91nV9p+MuDsn9isNyEIfIFnEYNwfsd9A4vDwPJyfn4TKD40C+q+KwHMQhskUcxs0B+42Jw9evX4fHjx+Hly9f7o/Dy/NwUlWhOn2x9fiL0ypUffH3tnHY7G/jaXiRwbG889cgjEelOCwHcYhsEYdxc8B+D8VhE4bPnj0Lb9686Y7Dk9NwenISzi/bj530B9C7xGH7dS9O+yM0R8Xh6BSH5SAOkS3iMG4O2G9fHO6GYQgdp5XXofPi/CScnF+G6+vVquHp+U0AXZ6ftFb61hHZDqQXp9uP7z53z/5uwupFOG1WD/e9dv3889P1KuMmZlfPO31xGc43v15ts+/9rraz/fzD+20//2Z/VVVtjhkftuKwHMQhskUcxs0B+63rOrx8+TI8fvw4vH79enN894VhCP1xeNlEWvP7rtWxF6erU9Dt521ODbdCb2vb+/a3+v3l+cl65bDjtetw2w65dcC1o7RrBbL9ftvb2Tw/cr/t7Vs5HJ3isBzEIbJFHMbNAfut6zq8efMmPHv2bBOIXWEYwqE4XH/OsAmidgDtfk6wFU/VblhtfZ5wz2cK922r77W7Ibb7vrp+ve/97tvOu+6Xo1AcloM4RLaIw7g5YL/NaeV2IHaFYQiH4/C6vQq4FU+7n0e8ia0X5yc3F7PERFPXc2IfPxSHB97v3jh8l/1yFIrDchCHyBZxGDcH7Lf9mcMmELvCMISIONz3eNdp4J0Vx9Vn716E0/ap2H12hlXHa98mDg+83+3tvOV+H+JV1uxUHJaDOES2iMO4OWC/R7nPYcTKWXO6uaqqcHJ6uifCVoF1cn7Zfdr40P6aP4s9Hdzz68Pvd89r77Lf1j5ckDIOxWE5iENkiziMmwP26yekkMdRHJZDlnH46NGjqCeXEAglIw6ngw/kGDyKZsdzAAAKuUlEQVTWz1aubl2Qse3QXyd534rDcsgyDq0cIgRxKA5J5qQ4LAdxiGwRh3FzQJIpFIflIA6RLeIwbg5IMoXisBzEIbJFHMbNAUmmUByWQ5Zx6IIUhCAOxSHJnBSH5ZBlHFo5RAjiUBySzElxWA7iENkiDuPmgCRTKA7LQRwiW8Rh3ByQZArFYTmIQ2SLOIybA5JMoTgsB3GIbBGHcXNAkikUh+UgDpEt4jBuDkgyheKwHMQhskUcxs0BSaZQHJaDOES2iMO4OSDJFIrDchCHyBZxGDcHJJlCcVgO4hDZIg7j5oAkUygOy0EcIlvEYdwckGQKxWE5iENkiziMmwOSTKE4LAdxiGwRh3FzQJIpFIflIA6RLeIwbg5IMoXisBzEIbJFHMbNAUmmUByWgzhEtojDuDkgyRSKw3IQh8gWcRg3BySZQnFYDuIQ2SIO4+aAJFMoDsshyzh88uRJ1JNLCISSEYfTwQeSJBvFYTlkGYdnZ2dRTy4hEEpGHE4HH0iSbBSH5SAOkS3icDr4QJJkozgsB3GIbBGH08EHkiQbxWE5iENkizicDj6QJNkoDsshyzh8+vRp1JNLCISSEYfTwQeSJBvFYTmIQ2SLOJwOPpAk2SgOy0EcIlvE4XTwgSTJRnFYDuIQ2SIOp4MPJEk2isNyyDIOP/7446gnlxAIJSMOp4MPJEk2isNyEIfIFnE4HXwgSbJRHJaDOES2iMPp4ANJko3isBzEIbJFHE4HH0iSbBSH5SAOkS3icDr4QJJkozgshyzj8KOPPop6cgmBUDLicDr4QJJkozgsB3GIbBGH08EHkiQbxWE5iENkizicDj6QJNkoDstBHCJbxOF08IEkyUZxWA5ZxuGHH34Y9eQSAqFkxOF08IEkyUZxWA7iENkiDqeDDyRJNorDchCHyBZxOB18IEmyURyWgzhEtojD6eADSZKN4rAcxCGyRRxOBx9IkmwUh+WQZRx+8MEHUU8uIRBKRhxOBx9IkmwUh+UgDpEt4nA6+ECSZKM4LAdxiGwRh9PBB5IkG8VhOYhDZIs4nA4+kBzG6ns/5QEPHcOLiwse8K7/LsVhOWQZh6enp1FPLiEQSkYcTgcfSA7j0OH1EDx0DC8uLsKrV6/YoThEH+IQ2SIOp4MPJIexCaChAyJHxeFxFIfoQxwiW8ThdPCB5DCKw27F4XEUh+hDHCJbxOF08IHkMIrDbsXhcRSH6EMcIlvE4XTwgeQwisNuxeFxFIfoI8s4fP/996OeXEIglIw4nA4+kBxGcdhtUXG4mIW6noXFPWxbHKKPLOMw9ptiCYFQMuIwbg44PoeKw8WsDlVVbaxni/2RMp+EqqrCZF5YHK6/7o2TuTjEKBGHyBZxGDcHHJ9DxOFiVodqK0TmYdIEYjtSFrNQV3WYLdKH4ZBxuArnSZi3HptPtn8vDjEWxCGyRRzGzQHHZ/o4nIfJvuBr4qT93wHDcLg4XIRZ3f11b6+4rp+3Pmazyc1K481K6yq8tx5fzELdsQ1xiNSIQ2SLOIybA47P5HHYGSHzMKkmYb6YhbquBw/DweJwMQt1FblKOJ+sTjevY28ThPPJemV2EWb17in59XHe/fsQhxgIcYhsEYdxc8DxmWUcVnWYzSY7p54LisO+r3tr1a9aHaPd1/QF3+7rq2p1ClscYiDEIbJFHMbNAcdntqeVX61Pod73hRi5xWHX8dmEXevPuiLwUBzui0BxiIEQh8gWcRg3BxyfWV+Qsj4turmSuYg47LkgZSfgNsexKw47TyvvufpbHGIgxCGyRRzGzQHHZy63stnEyq1IaYVjIXG47/g0K6jz1kUn9WTSv3LY/Lr3gpSOU9PiEIkQh8gWcRg3BxyfboKdZxyOSXGIPsQhskUcxs0Bx6c47FYcHkdxiD7EIbJFHMbNAcenOOxWHB5HcYg+xCGyRRzGzQHHpzjsVhweR3GIPsQhskUcxs0Bx2cTQOz20DEUh+IQb484RLaIw7g54PgcOrwegoeO4cXFBQ9413+X4rAcxCGyRRzGzQFJplAcloM4RLaIw7g5IMkUisNyEIfIFnEYNwckmUJxWA7iENkiDuPmgCRTKA7LQRwiW8Rh3ByQZArFYTmIQ2SLOIybA5JMoTgsB3GIbBGHcXNAkikUh+UgDpEt4jBuDkgyheKwHMQhskUcxs0BSaZQHJaDOES2iMO4OSDJFIrDchCHyBZxGDcHJJlCcVgO4hDZIg7j5oAkUygOy0EcIlvE4ZQksxJlIA6RLaXHIQAAQyAOkS3iEACA9IhDZIs4BAAgPeIQ2SIOAQBIjzhEtohDAADSk2UcPnr0SBxCHAIAMABZxqGVQ4QgDgEAGAJxiGwRhwAApEccIlvEIQAA6RGHyBZxCABAerKMQxekIARxCADAEGQZh1YOEYI4BABgCMQhskUcAgCQHnGIbBGHAACkRxwiW8QhAADpEYfIFnEIAEB6xCGyRRwCAJAecYhsEYcAAKRHHCJbxCEAAOkRh8gWcQgAQHrEIbJFHAIAkB5xiGwRhwAApEccIlvEIQAA6RGHyBZxCABAesQhskUcAgCQHnGIbBGHAACkRxwiW8QhAADpEYfIFnEIAEB6xCGyRRwCAJCeLOPwyZMn4hDiEACAAcgyDq0cIgRxCADAEIhDZIs4BAAgPeIQ2SIOAQBIjzhEtohDAADSIw6RLeIQAID0iENkizgEACA94hDZIg4BAEiPOES2iEMAANLz4OOQ49bfPUmS6R06CN86DkmSJDluxSFJkiQ3ikOSJEluFIckSZLcKA5JkiS5URySJElyozgkSZLkRnFIkuTAVt/7KQ946BheXFzwgLH/HsUhSZIDO3R4PQQPHcOLi4vw6tUrdigOSZJ8QDYBNHRA5Kg4PI7ikCTJB6Q47FYcHkdxSJLkA1IcdisOj6M4JEnyASkOuxWHx1EckiT5gBSH3RYVh4tZqOtZWNzDtsUhSZIPyKHicDGrQ1VVG+vZYn+kzCehqqowmRcWh+uve+NkLg5JkuT9O0QcLmZ1qLZCZB4mTSC2I2UxC3VVh9kifRgOGYercJ6Eeeux+WT79+KQJEnei+njcB4m+4KviZP2fwcMw+HicBFmdffXvb3iun7e+pjNJjcrjTcrravw3np8MQt1xzbEIUmShZs8DjsjZB4m1STMF7NQ1/XgYThYHC5moa4iVwnnk9Xp5nXsbYJwPlmvzC7CrN49Jb8+zrt/H+KQJEleX2cah1UdZrPJzqnnguKw7+veWvWrVsdo9zV9wbf7+qpancIWhyRJ8vo649PKr9anUO/7Qozc4rDr+GzCrvVnXRF4KA73RaA4JEmS19eZX5CyPi26uZK5iDjsuSBlJ+A2x7ErDjtPK++5+lsckiTJ6+t8bmWziZVbkdIKx0LicN/xaVZQ562LTurJpH/lsPl17wUpHaemxSFJkmXqJth5xuGYvHMcPnr0aPDBIEmyVMVht+LwOFo5JEnyASkOuxWHx1EckiT5gBSH3YrD4ygOSZJ8QDYBxG4PHUNxKA5JkhyNQ4fXQ/DQMby4uOABY/89uiCFJEmSG60ckiRJcqM4JEmS5EZxSJIkyY3ikCRJkhvFIUmSJDeKQ5IkSW4UhyRJktwoDkmSJLlRHJIkSXLjJg5J9vv8+fONT5482Tz+V3/9N4O/N5Ikj+n/A5lc8KmzDwY2AAAAAElFTkSuQmCC" /></div>
<br />
Check "Read-Only" "Auto-Mount" "Make Permanent" and set the mount point to /var/swgtre<br />
This is where we will set the map world location. (alternatively you can just copy the TRE files to the server)<br />
<br />
Now we're ready to power on the VM and set up the server.<br />
<br />
<h3 style="text-align: left;">
Install Virtualbox Guest Additions </h3>
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">sudo apt install -y build-essential dkms linux-headers-$(uname -r)
sudo mkdir -p /mnt/cdrom && sudo mount /dev/cdrom /mnt/cdrom 2> /dev/null
cd /mnt/cdrom && sudo sh ./VBoxLinuxAdditions.run --nox11
sudo usermod -G vboxsf -a $USER
sudo reboot</pre>
<br />
Verify you have access to the share<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">ls /var/swgtre</pre>
<h3 style="text-align: left;">
Install dependencies</h3>
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">sudo apt-get update && sudo apt install -y build-essential libmysqlclient-dev liblua5.3-dev libdb5.3-dev libssl-dev cmake git default-jre mariadb-server-10.1 mariadb-server-core-10.1</pre>
<br />
<h3 style="text-align: left;">
Create the working environment</h3>
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">mkdir ~/swg && cd ~/swg
git clone http://review.swgemu.com/Core3
cd ~/swg/Core3/MMOCoreORB
GETC=$(cat /proc/cpuinfo | grep processor | wc -l) && make -j$GETC</pre>
<i><span style="color: red;">(This will take a long time to finish)</span></i>
<br />
<h3 style="text-align: left;">
</h3>
<h3 style="text-align: left;">
Point the world maps to the share</h3>
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">sed -i 's/TrePath \= \"\/home\/swgemu\/Desktop\/SWGEmu\"\,/TrePath \= \"\/var\/swgtre\"\,/g' $HOME/swg/Core3/MMOCoreORB/bin/conf/config.lua</pre>
<h3 style="text-align: left;">
</h3>
<h3 style="text-align: left;">
Set up the database</h3>
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">cd ~/swg && sudo mysql_secure_installation</pre>
Existing password blank, enter <b>123456</b> for the new password.<br />
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">echo 'CREATE DATABASE swgemu;' | sudo mysql -uroot -p123456
echo 'GRANT ALL ON *.* TO 'swgemu'@'localhost' IDENTIFIED BY "123456";' | sudo mysql -uroot -p123456
sudo mysql -p123456 -e source -e ~/swg/Core3/MMOCoreORB/sql/swgemu.sql;
sudo mysql -p123456 swgemu -e source -e ~/swg/Core3/MMOCoreORB/sql/datatables.sql;
sudo mysql -p123456 swgemu -e source -e ~/swg/Core3/MMOCoreORB/sql/mantis.sql;
ips=$(ip -o addr show up primary scope global | while read -r num dev fam addr rest; do echo ${addr%/*}; done) && echo $ips
sudo mysql -p123456 swgemu -v -e "update galaxy set address='$ips'"</pre>
<br />
<h3 style="text-align: left;">
Run the server </h3>
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">cd ~/swg/Core3/MMOCoreORB/bin
./core3</pre>
<h3 style="text-align: left;">
Create a SWGEmu Launchpad </h3>
<h3 style="text-align: center;">
<img alt="" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAXMAAAGRCAYAAACXNlMbAAAgAElEQVR4nO2dX4gbV56oz8uy+5hXc7lLZufu7OzseG5m5VV2Nd6Qu4nJHXseJhNn+1q0FwX3Vd9222nBhsRkHyp2IAp5iEUgzxaOMQFNyOZFBBJo9GBYkx4FAmYgcmI6MM6QP+POg0nIy+8+SFUqlarUOnKdqlNH3wcf7i6ppGpV1denj6rdqtFoCCIiFlvVaDQEAACKCzEHAHAAYg4A4ADEHADAAYg5AIADEHMAAAcg5gAADkDMAQAcYO6Y7+7uynPPPSfHjx+XM2fOSK/Xy2DzAABgHuaO+enTp+Xll1+W69evy3vvvSee58mLL74od+/ezWAzAQBEbt26Jffff78opUQpJQ8//LDcuXMn782KRSklOzs7ibfv7OyIUiq152s0GqLW1tb2veOzzz47tezGjRvieZ588803Cz59V+qqIq3BgqtHGbSkssjjdevBwaFUXbopbQ4ApMv29rZ4nid37tyRt99+W5RScvHixbw3K5adnR35sz//i9igz7ptUdbW1uYbmV+7di12+eeffy4vvPCCfPfddws8fcoxX4RBSyrhgA9a0qLmAIXggQceEM/z8t6MROKibSLkIhrTLN9//33ibR999JG8/vrrCzy9BTHv1kVVWpLnJgCAPhcvXhSllHz44Yd5b8pMwvE2FXKRFK9mee211+Tjjz/WXGtGzActqQRTH0rq3fjbKq1W6DG60x+3xlMoldgn6ko96baJbfBH78PHrdcrolRFKpXItoW/Oey7fl26MpBWJeHrBIBYLl26JEopuXTpUt6bMhd+xE2FXOQeY/7JJ5/IxsaGbGxsyPr6uqysrMjOzo4888wzsrW1Ja+88op8+umnsrGxkfAISTEfBjYI28Rc+ORtg9YwqvExV6L8O3brM+bDx0EdxzSybd36KPiR+Hfr4+cQkW7df4zF1geA/bnvvvusnSuPw/qY37hxQx599FF5/vnn5YMPPpAnnnhCjhw5Io899pgcO3ZMzp49G9wnnoSYR+exJRTJQUsqE9MiMaPxqY9nPNfU84aeJ/STgQq+McQ9bmjUHTsqn7H+6H7xPzUAQBxKKdne3s57M+aiENMsn332mVy4cCFwZWVF3nzzTbl8+bK88cYb8tJLL4nneXL16tWER7As5jIa6de7sduQ9DiDVkUqrUHwb9LXMGs7hj9hMM0CMA/b29ty69atvDdjX6x8A3QeTpw4Ibu7uxpr6EyzhOec551mmSPm3VZo2XC6JXY6ZNY2D1pSqdSlXgnHW2P94GEqjNAB5sDzPOtH5llfmphazN955x05duyYfPvttxprjea1Q06ObP3lkfh1w29q7vMG6L4j88g2hIfG0amS2GkWkWDOPTqsnmd9rnEH0EYpJbVaLe/NmEkuvzS0aMzv3r0r7777rmxtbcnJkyfl/fffT23D5iZxOgMAYHko/H+01a0rrhMHgKWngDGfvC6bqQkAgELGHAAAohBzAAAHIOYAAA5AzAEAHICYAwA4ADEHAHAAYg4A4ADEHADAAYKY7+3tISJiQSXmiIgOSMwRER2QmCMiOiAxR0R0QGKOiOiAxBwR0QGJOSKiAxJzREQHJOaIiA5IzBERHZCYIyI6IDFHRHRAYo6I6IDmYt5vSlkpUSPLzX7uXywioqsainlHaqoszX7o81on9y8WEdFVDca8Jp242yZG7KPg95tSLjelWVOiVE06/aaUJ9YPPd486+/tSb9ZDn4qUOWm9C14sRERTblQzG/evDnTvb096dRGIZ0YkUciP4pwfxToWmf8HJ1a6PNObfQ4c64f+WbQqU1+Y9lv+xERbTCTmM99/05tHPXIPPrQ0Ug8OnoOAr4nnVpoBD7X+h2pqfEoPe/vmIiIuurG/JFHHjEc8709CUbUcdHe2xuPsCeW96VZrklnryM1/zat9f3nJeqIWDztGJn3m1IOT68EsR3GNTydMnn75PJ+syy1Wi10Jcyc6/ebUgvW6UuzHH4zFhHRfu2I+V5fmuXwVEgoptGpEn/OO2nEHR1Vz7W+PyLnskhELKaWxBwREe9FYo6I6IDEHBHRAYk5IqIDEnNERAck5oiIDkjMEREdkJgjIjogMUdEdEBijojogMQcEdEBiTkiogNaFfMLzRYiIkYsZMwBAGBMoWN++/ZtRMSll5gjIjogMUdEdEBijojogMQcEdEBiTkiogMSc0REB3Qs5tfk/CElSg1dvXJbrqwO/x3efkVW1SE5f230+bXzcmj1yvjj0XqHzp+fvp/yH3dVroQf68r4ttUrt+Xa+UPB8x86fy3+eac+n/01TG9DzNc013Ygoqu6FfMrq6L8OMctu7Iqhw4dCuJ27bz/8RVZDQVyGEI/tpHwXlmdWEcdOi/X/OcJh/PK6nT49435MOTT8Z3cvmHYw9s373Ygoqu6FfPR6HUihtfOy6FR6K6sjkawh87LtdvX5PyhURBD9xmuF4ptZESslBp9c9gv0OHP54z5tfNyKC68McvHP3HobAciuqpbMR/pTzEMY+dH+4qsBhFflSvhgO8b87iRLTFHRHt0Mua3b4enUEYfR6ZXVldXI3Pas6ZZkqY+5o3ocPokmCa5spowjaMzzTLvFA4xR1wG3Yr5aL548o3K25E55pjPI+vOfgN0kWmWyLatru4zat/vDVCdeBNzxGXQrZinZeLUCiKinRLzGK+shq4OQUQsgMT89m2JXtvNpXyIWDSJOSKiAxY+5r/7IyIiEnNERAc0GfOjhw8Qc0TELDQZ88MrjMwRETPRZMzXmGZBRMxGx2Leld+oivz7fy3yYtzLuoiI+UrMU1kXETFfHYp5V34T/v9TTnaHy/+rJT8LltfltT+K/O6PA/n30C8J/eZqwrqIiAXRsUsTo6PryOdX6/KzCwP53dV6TLAZmSNicXU75hOj8tCoe7T8ZxcGyesiIhZI4zHf2trKOeb+1Mq0/3mhMppmiVkXEbFAGo/52bNnc55miY7AJ/3PC5XR7cQcEYur8ZifPn06w5iLvHZy1hugo+VX66Gpl/HIfWpdRMSCaDzma2trmcYcEXEZNR7z1dVVYo6IaFij/9HWWkPU448/TswREQ1rMuYHDq+I+pf/9RAxR0Q0rNGYHzwqqvz3f2M05gAAMMRUzA8ePCrqiccfIeYAABlgdGTeaDxKzAEAMsDoyLzR+AUxBwDIAMP/N8s/EXMAgAwwHPN/JOYAABlgOOYPEnMAgAxgmgUAwAGMxvzppx8m5gAAGWDs0sQDB0Qde+wQMQcAyACjI/NDP/9rYg4AkAFGY/7QQ/9MzAEAMsBozH/1q18RcwCADDAX8xVRKysrxBwAIANMxfzwgYOinnrqKWIOAJABRv84xfr6OjEHAMgAo5cmnjlzhpgDAGSA4V8aepqYAwBkgNGYb21tEXMNGo0GolNCdhj+v1kaxFwDDn5wCY7nbCHmFsHBDy7B8ZwtxNwiOPjBJTies4WYWwQHP7gEx3O2EHOL4OAHl+B4zhZTMV87epCY68LBDy7B8ZwtjMwtgoMfXILjOVuMxXztKDHXhYMfXILjOVtMxfzgAaZZtJnn4N/d3ZXnnntOjh8/LmfOnJFer5fBlgHoQ8yzxVjMDzIy12aeg//06dPy8ssvy/Xr1+W9994Tz/PkxRdflLt372awhRDl1q1bcv/994tSSpRS8vDDD8udO3fy3qxYlFKys7OTePvOzo4opVJ7PmKeLaZivnL4ADHXZZ6D/9lnn51aduPGDfE8T7755psFn7krdaVE1bsxyyvSGiz4sInPdY+POWhJJfXtWozt7W3xPE/u3Lkjb7/9tiil5OLFi3lvViw7OzvyZ3/+F7FBn3XbohDzbOENUIuY5+C/du1a7PLPP/9cXnjhBfnuu+8WeOZhYCsVJZM9tzTmFvPAAw+I53l5b0YicdE2EXIRYp41xNwi5jn4v//++8TbPvroI3n99dcXeOZRYLstqVRaMoguJ+ZzcfHiRVFKyYcffpj3pswkHG9TIRch5llDzC0ijYP/tddek48//lhzrXFgu3UllaC0kfAOWlIZzQ0rVZeuDO8/Hs3H3H+/qZuJx4z8ZBC6rdJqhdaz7xvCpUuXRCklly5dyntT5sKPuKmQixDzrCHmFrHowf/JJ5/IxsaGbGxsyPr6uqysrMjOzo4888wzsrW1Ja+88op8+umnsrGxkfAI3YRQJn0sIt36MPrd+niuvVuXSqUSfDMYtCqhbwxJzxUK+MRc+ORtg1ZFlMUxv++++6ydK4+DmLsHMbeIRQ/+GzduyKOPPirPP/+8fPDBB/LEE0/IkSNH5LHHHpNjx47J2bNng/vEMx3qYaBDyyMjaOW/YToYT8106+GpmoG0KnHBjT7mcIQf3OqP9Aezpnzsi7lSSra3t/PejLlgmsVNiLlFLHrwf/bZZ3LhwoXAlZUVefPNN+Xy5cvyxhtvyEsvvSSe58nVq1cTHiEax4G0Kkrq3dnhHd+3Iq1BV+pBxOvSnYpxzHM5FPPt7W25detW3puxL7wB6i7E3CLSOvhPnDghu7u7GmvExDEYiU9Oe0xPm4ymUyLTK/V6Pfa++0+z+HGfd5plzmkhw3ieZ/3InEsT3YaYW0QaB/8777wjx44dk2+//VZjrfjwTQZUpqdaxqWdvO575nXgs94AjazTrQfPlfwGqB0xV0pJrVbL5skWhF8achtibhGLHvx3796Vd999V7a2tuTkyZPy/vvvp7xlFpA4zQO2QsyzhZhbBAd/Mt26EhU7Bw+2wvGcLcTcIjj4wwzfhFWR69qhOHA8ZwsxtwgOfnAJjudsIeYWwcEPLsHxnC1GY761tUXMNeDgB5fgeM4WozHf3Nwk5hpw8INLcDxni9GYnzp1iphrwMEPLsHxnC1GY76yskLMNeDgB5fgeM4WozF/9JGHiLkGHPzgEhzP2WI05o889ENirgEHP7gEx3O2GI3500//hJhroHspJ6LNEvNsMXud+dm/0VqJmDdyPwER05KYZ4vZmG/+rdZKxLyR+wmImJbEPFvMxvz0Qa2ViHkj9xMQMS2JebYYjvnfa61EzBu5n4CIaUnMs8VszDce1FqJmDdyPwER05KYZ4vhmB/WWomYN3I/ARHTkphni+Fpln/RWomYN3I/ARHTkphni+H/AvfnWisR80buJyBiWhLzbDEa82P/+0daKxHzRu4nIGJaEvNsMRrzH//oL7VWIuaN3E9AxLQk5tliNOZ/9Vf3a61EzBu5n4CIaUnMs8VozCv/wMhcB2KOLknMs8XsXxo6za/z60DM0SWJebaYvZrlqb/WWomYN3I/ARHTkphni9mY/9v/0FqJmDdyPwER05KYZ4vRmG+dJOY6EHN0SWKeLWZH5qeYZtGhiDHf2dnBJZKY24vRmJ9c/TEx16CoMYflgJjbjdGY/+zv/jsx16DIMc97O9CsIsTcdozG/Ac/+IHWSsS8kftJqysxXw5FiLntGI35//w7fmlIB2KOtipCzG3H8Jw5f9BZB2KOtipCzG2H68wtgpijrYoQc9sxGvP/t/JDrZWIeUPr9SorJeVmf7ys35RyuSn9DE/yqZjf7Mqrr3bl5iKPdy/rolFFiLntGI35OjHXQjvm5ZrUymVp9kfLiDkaUoSY247RmNf/lZjroB/zpvQ7NVG1znBZKOb9ZlmUUiNHwe83R98Ahstrnb40g4/3xo8RXW/GNkzG/KZ0Xz0n584NfbV7cxjoc/6yV6V7c7Svu68G9zv3alduxq1rQcRwqAgxtx1TMT944AAx12WhmO/tSac2inHSyNwPfr8pZT/Qndo41p2aqHJT+nsdqamadPz15hjpzx6ZX5fL5y7L9ehtN7vyamj59cujjxmZW6sIMbcdUzFfaTRE/d8nibkOi8Y8iG44vhMjbDWMdfT2uPXD6yglKhz3GGfGfGJU7ntZru9dl8vBx3vx66JVihBz2zEV8wMHDohaO07MdVg45nvDaZVaMxzlmLn0eWKuOee+b8xnxjkSdWJurSLE3HZMxXyt0RC1zjSLFvcS8729jtTiRuB7o/nzeWI+eoxg/nwOY2MejLiHsb58PbLeza5cDubEb0r31dFcemT6Be1RhJjbjqmYH15piFqv/0hrJWLe0Hq9pkbRwdz3cB7dnyop12rzjcz9j6PTMzO2Ie468+uXk94A9d/s9Efk0292TqxrQcRwqAgxtx2jb4CWDvIfbenALw2hrYoQc9sxemniT3/6U62ViHkj95NWV2K+HIoQc9sxGvMHH3xQayVi3sj9pNWVmC+HIsTcdozG/MiRI1orEfNG7ietrvxxiuWBmNuN0Zg/+eSTxFyDosYcl0dibi9GY/7UU08Rcw2KGHPEJIl5thiN+cbGhtZKxLyR+wmImJbEPFuMxvzpp5/WWomYN3I/ARHTkphni6mYH11riNKNEzHXe70QbZaYZ4ux/5vl8Aox14WYo0sS82wxFvODR4m5LsQcXZKYZ4uxX+cn5voQc3RJYp4tjMwtgpijSxLzbGFkbhHEHF2SmGeL0UsTibkexBxdkphnCzG3CGKOLknMs4WYWwQxR5ck5tlCzC2iiDFX536PSyQxtxdibhFFjTksB8Tcboi5RRBzsBlibjfE3CKIOdgMMbcbYm4RxNx9lFJ5b8LCEHO7IeYWQczdh5iDKYi5RRBz9yHmYApibhG6r1e53JR+eFm/Ob1sHhddb2bMu1KvtGQQ/lwpUUqJUnXp+osHLakEy5VUWoPYR0t+XBHp1qfXn3jciiQ/bMJ2zfv8idsfftzxNhBzMAUxtwhXYj5oVYYBC6I3kFZFSd0vZbc+vq1bHy+XrtRnhHf6cUePNRXhgbQqoccJP1+Ebn28XYNWRVQ9OedJzx+//V2px3xzIOZgCmJuEanGvN+UcjAqrElndJ9+szweLZab0t/rS7M8HkGWm/17jrmIDEesQfSiYYsP3VSE931ckW497v6Rx4msMyayHYn3S37+5Ocl5sQ8W4i5RWjHfOLH+HCgO1JTSmqdUMBrnVHgx2Hv1EYfm5hmmYp5OLoJ0daOaXQqQ0VGyftNs8z7TWbObZyxbf70CzEHUxBzi0htZB6NcxDxYeTDI/WJ9YzFXKbmlqenRmZPscQ/bszIevT5ePpkOMUTP32SZsxnbf/4NmIOpiDmFmE+5v59I1HPIuYzb5sz5FPrRuM7GvG/F338pOmbtKZZ9tv+8fMTczAFMbeI9ObMk6dZasGceF+a5bI0+3GxNxnz4Uh58qqThCmXuFHy1Jx59LHq0h1NcQSD8fBjRR438Q3QOZ8/cfvDb4yGHouYgymIuUWYfwPUH5FPv9nZqaX3Bmhw1Ud4Hjvu8sGY+wa3x8Q09nH9aZTo3HjSpYlTjzvrksn9n3/29k/P5RNzMAUxtwh+ach9iDmYgphbBDF3H2IOpjAV87WjB0WdPXuWmGtAzMFmiLndGB2Zr6+vE3MNiDnYDDG3G2MxXzsq6uTJk8Rcg6LGHJdHYm4vpmJ+8MBBUb/+9a+JuQZFjDliksQ8W4zF/OBRUf/4Dz/WWomYN3I/ARHTkphni6mYrxw+IGr1//xQayVi3sj9BERMS2KeLUbfAP3XX/5AayVi3sj9BERMS2KeLUZj/viR+7VWIuaN3E9AxLQk5tliNOa/JuZaEHN0SWKeLYZH5kyz6EDM0SWJebYYjfmpJ3gDVAdiji5JzLPFaMwf+qe/1FqJmDdyPwER05KYZ4vRmP/8gYNaKxHzRu4nIGJaEvNsMRrzX/ziF1orEfNG7icgYloS82wxGvNf/vKXWisR80buJyBiWhLzbDEa8xMnTmitRMwbuZ+Auj7//PO4RBJzezEa87W1NWKuQVFjDsUgjX1NzO2FvzRkEcQcTLK3tye//e1vF5KY2w8xtwhiDibxY37nzh0tiXkxIOYWQczBJH7M//SnP2lJzIsBMbcIYg4m8WP+9ddfT6mUil3+9ddfE/OCQMwtgpiDSfyYf/nllxMqpQKjt3355ZfEvCAQc4vQfb3KoZNQqZp0dGPcb0q53JS+oZh360pUpSWDhZZ3pT7x9VWkNYhZXu+muQucxo/5F198EagmXuOh4du/+OILYl4QiLlFaMc8HOJOTZRumA3GvFtXUqnXpRKJ9vzLu1JXdZlKdbcu434PpFXxIw/74cf89u3bWhLzYkDMLeKeYr7XkZo/Ou83Q6P20LJyU5o1f1lfmuXxaKzc7KcW80GrIpXWQGTQmoi23vKEmE8wz33Ax4/5H/7wBy2JeTEwFfNHHnmEmOtyLzHvN8ujkXlHakpJrRNaXusEgfeX74UCn+bIPAjz8JMgzrrLo9MplYnh90BaFSWKkGvhx5zrzN2EkblF3NOcuR/laKD7TSmrmnTiwp16zP3IRqz8h/yH1vLofHpX6ipuOiVpOcThx1x3HxPzYkDMLeLeplkSAp1pzCNEplMWXj5jbrxbV8J7oPPhhzl8DXncG6BcZ15MiLlFpBLzWdMscTFf5CqYLGIefqNz0JLKaEpl0KqHos7IXAc/5nHXmPtynXlxIeYWkU7M92a+ARq9f6eW/hugAfcS80FLKqHIBGHv1ifiw6h8fvyYf/XVV1MqpWKXf/XVV8S8IBBzi+CXhsAkfsyj15HvJzEvBsTcIog5mMSPOZcmugkxtwhiDibxY86liW5CzC2CmINJ0tjXxNxeiLlFFDXmuDwSc3sh5hZRxJgjJknMs4WYWwQxR5ck5tlCzC2CmKNLEvNsIeYWQczRJYl5thBziyDm6JLEPFuIuUUQc3RJYp4txNwiiDm6JDHPFmJuEcQcXZKYZwsxtwhiji5JzLOFmFsEMUeXJObZQswtgpijSxLzbCHmFkHM0SWJebYQc4sg5uiSxDxbiLlFLBpzde73uI/7vYZvvfUW7iMxtxtibhHEPN+Y7+7uYoLE3H6MxvzEiRPEXIN7jXneJ7yNEvN0JOb2YyrmJ06cELW+vk7MNSDm6UvM05GY24+pmK+vrxNzXYh5+hLzdCTm9kPMLeLIY0eJecoS83RcJOZHHjua9ym1VBBzi9jc3CTmKbtUMe95Uip50jPw2IvEfHNzM+9Taqkg5hZRtJj3vJIopQJLXi8+Ku2qKKWk2l6ymI++7sBqm5iDMYi5RRQp5j2vJGoiHG2p+kEPR6XnSUmVxOtlH/I8Yz78RleVdmhZuzr5OTGHNCHmFlGcmLelGhdoPybhf3MMeX4x74lXSv66J3+iGd1v9Jp51fFIfvyTzPAb5cTynielhMcg5ssJMbeIwsQ8MRptqaqqtHuelEql3EOeW8x7npTUnKPwdnU4/TKKcxDwdnX0k09PvFJ0imr0Okf3BzFfaoi5RTgVc1USz6tGpmKWKOazvu6JUbUavkbRdWYFOrq+UsMpHWK+1BBziyhMzOedZtkdTSmYfuPPtpgnvT5BiEO3JUV7v5jHRZuYLzXE3CKOHz9ekJhrvAE6miYIrnRZipjPeAM0EtzgdUyKeeI0S8zVQZbF/Pjx43mfUksFMbeIer1emJiPgxXzht1UVEKhX5KYx70+/k8o7dCbnKVqdfbI3P945hugCVM1Oce8Xq/nfUotFcTcIooW8yK4VL80ZFBibj/E3CKIefoS83Qk5vZDzC2CmKcvMU9HYm4/xNwiiHn6EvN0JOb2Q8wt4l5jjvylIWK+vBBziyDm+cYc0/0boAcO/CTvU2qpIOYWsWjMEW2UkXm2GI05fwNUD2KOLknMs8Xo3wDV/TNoxJyYozse+MmjeZ9SS4WpmDcaDWKuCzFHl2Rkni3E3CKIObokMc8WYm4RxBxdkphnCzG3CGKOLsmlidlCzC2CmKNLMjLPFmJuEcQcXZKYZ4vRmHOduR7EHF2SmGeL0Zj/tyd/pLUSMSfm6I7EPFuIuUUQc3RJYp4txNwiFv0boIg2yt8AzRZibhGbm5u5n4CIabm5uZn3KbVUEHOLIOboksQ8W4i5RRBzdElini3E3CKIObokMc8WYm4RxBxdkphnCzG3iM3NTUSnhOwg5gAADkDMAQAcgJgDADgAMQcAcABiDgDgAMQcAMABiDkAgAMQcwAAByDmAAAOQMwBAByAvwEKAOAARmPeaDSIOQBABhBzAAAHIOYAAA5AzAEAHICYAwA4QGFjjoiIkxYu5oiIuJjEHBHRAYk5IqIDWvUboIiIuJhW/d8siIi4mMQcEdEBiTkiogNaF/O33noLLZV9V1zZd8W10DHf3d1Fy5w3CHlvJ7LvXJKYYy4HFfvOTtl3xZWYYy4HFfvOTtl3xZWYYy4HFfvOTtl3xZWYYy4HFfvOTtl3xZWY22TPk1LJk968yy2VIBTXpdt3BTu37nXfEfNU7IlXUqJmHTjEPBt7npSUEhVYEq+X/+tmg9bvu4X3ccJ+9s+t8DlWsPNNZ98R87QOrlJVqqUZ4SDmGe6L0OvZ86SkqtK24LXLW+v33aL7WOd+BTvfdPYdMU/BnleSkteTdlVJyetNHjjh0UN4dBC3vABaH4Spk7Ut1XDMJ1770Tff4JvxcHm1PfpJSymptuPWGz3e1DeK0HPFPQ/7ztA+jtwWPbeC+4/3q1KRc9VyiXkm9sTzR+TtaijMbalGY1DypJe4PO+vI72DyqqYT+2TSNj9k12F9qGK7s/JfdbzSqKqbdnd3ZV2NbQv29XR8oTnYd+lt4+j0yyzzi2mWYj53AfWRCzCo73Ij/vRA6uAB5f1QZj1U0/sXGtV2kkn+6x95sc6CPiutKuhfR/3POy79PbxPFOWxJyY69jzSpGTdvTjGzHPx+iJO88I+V5ivtsTr1SV9m5bqpYHw/p9t8g+nrWcmBPz+R3OwQU/1u3uRn40H8+V9rzSPsvz/lrSO6isibm/P4LwRn4Mj1sn9uPkaRb/82q1GpqDTXge9p2ZfRyYcG7N+gZfEIl5LgdV6IBqV8ej9Wp1fN+k5QXQ+iDE7JPhT08JUyCzRm5TEUiYMokLhIVvclu/73T2cdKliXHnVgqOk1UAAAMhSURBVOSYaFd5A5SYoztBWELZd8XVeMxN/g1QDio7JQjFlX1XXI3HvNFoEPMlkyAUV/ZdcSXmmMtBxb6zU/ZdcSXmmMtBxb6zU/ZdcS18zNFO2XfFlX1XXAsbc0RE1JeYIyI6IDFHRHRAYo6I6IDEHBHRAYk5IqIDEnNERAck5oiIDrhQzNfW1ow+CSIi6qnb2bW1tcVG5oiIaFadLi80zYKIiHZJzBERHZCYIyI6IDFHRHRAYo6I6IDEHBHRAYk5IqIDEnNERAck5oiaqnO/x33c7zXM+0+3FUHd45KYI2qadyiL4H6v4Vtv8Qen0/rDz77EHFFTP1h5n/A2SszTkZgjZiAxT5aYpyMxR8xAYp4sMU/HhWN+6tSp3E8QxKJIzJMl5um4SMxPnTolanNzM/cTBLEoEvNklyrmPU9KJU96Bh57kZhvbm4Sc0Qd84p5zyuJUiqw5PXio9KuilJKqu0li/no6w6stok5IiabR8x7XknURDjaUvWDHo5Kz5OSKonXyz7kecZ8+I2uKu3QsnZ18nNijogTZh/ztlTjAu3HJPxvjiHPL+Y98UrJX/fkTzSj+41eM686HsmPf5IZfqOcWN7zpJTwGMQcsaBmHvPEaLSlqqrS7nlSKpVyD3luMe95UlJzjsLb1eH0yyjOQcDb1dFPPj3xStEpqtHrHN0fxByx2FoZc1USz6tGpmKWKOazvu6JUbUavkbRdWYFOrq+UsMpHWKOWGytnWbZHU0pmH7jz7aYJ70+QYhDtyVFe7+Yx0WbmCMWW6vfAB1NEwRXuixFzGe8ARoJbvA6JsU8cZol5uogYo5YbG25NDGIy1RUQqFfkpjHvT7+Tyjt0JucpWp19sjc/3jmG6AJUzXEHLFY8ktDdsbcJYk5YgYS82SJeToSc8QMJObJEvN0JOaIGUjMkyXm6UjMETMw77/iUwT3ew2JOTFHzN28Q1kE93sN8/77mkVQ97gk5oiIDkjMEREdkJgjIjogMUdEdEBijojogMQcEdEBiTkiogMSc0REByTmiIgOSMwRER2QmCMiOiAxR0R0wCDmiIhYbP8/qzHXm2CojxsAAAAASUVORK5CYII=" /></h3>
<b>Add the IP to your server</b><br />
<h3 style="text-align: left;">
Log into the server as an admin </h3>
Use the username:<b><br /></b><br />
<b>swgadmin/testing</b><br />
<br />
Create a player, then disconnect, log out and close the game. Also, kill the process for the server in the terminal with <b>ctrl-c</b>.<b> </b><br />
<h3 style="text-align: left;">
Update the admin user</h3>
<br />
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">sudo mysql -p123456 swgemu -v -e "UPDATE swgemu.accounts SET admin_level='15' WHERE username='swgadmin'"</pre>
<br />
<h3 style="text-align: left;">
Run the server again</h3>
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">cd ~/swg/Core3/MMOCoreORB/bin
./core3</pre>
<br />
<br />
<br />
That's it. You should have a test environment to play around in. This guide is nowhere near ready for you to host this outside of your network but should be fine for testing. Further information can be found at the official <a href="https://www.swgemu.com/" target="_blank">SWGEmu</a> site.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBPbQcR8Zy3E5ul4Moiqf0IDERuLeKptf9TRLhpcpbjKgmZyCQiGZF5txjcU3GjQHm5CwuVdeHnI4TbDmXwUYU39qFla6akXQVhSSKPhlGT3l6ce1u9UNfIhuxOM7JMZECpqS3KJu0OwY/s1600/swgadmin.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="922" data-original-width="1600" height="184" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBPbQcR8Zy3E5ul4Moiqf0IDERuLeKptf9TRLhpcpbjKgmZyCQiGZF5txjcU3GjQHm5CwuVdeHnI4TbDmXwUYU39qFla6akXQVhSSKPhlGT3l6ce1u9UNfIhuxOM7JMZECpqS3KJu0OwY/s320/swgadmin.jpg" width="320" /></a></div>
</div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-4414017290057390418.post-51324861172781576222019-12-19T15:35:00.002-06:002019-12-19T16:12:42.468-06:00Stream a looping video to Twitch using FFmpeg for testing<div dir="ltr" style="text-align: left;" trbidi="on">
If you want to stream from Linux or a Raspberry Pi for testing quality, you can use FFmpeg to stream to Twitch.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9EeGUaAAB0sK2E6UmhyphenhyphenI8H2gZe-c6W5iapgjPJOSGMZITcOVAT_Y3NkzWpVSlILAIHjtiUPxjfrUUTHfYustocKfLx35m1u2rk6ds0w0Qthtgw4bnaXYKS0eCTdgMUrbOCFJT8Bi6sU8/s1600/ffmpeg+twitch.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="858" data-original-width="1207" height="227" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9EeGUaAAB0sK2E6UmhyphenhyphenI8H2gZe-c6W5iapgjPJOSGMZITcOVAT_Y3NkzWpVSlILAIHjtiUPxjfrUUTHfYustocKfLx35m1u2rk6ds0w0Qthtgw4bnaXYKS0eCTdgMUrbOCFJT8Bi6sU8/s320/ffmpeg+twitch.png" width="320" /></a></div>
<br />
<br />
It works on Windows with VMs, like Virtualbox, where OBS and Streamlabs doesn't work.<br />
<br />
You will need your stream key, ffmpeg and a local rtmp twitch url:<br />
<br />
<ul style="text-align: left;">
<li>Install FFmpeg <a href="https://www.ffmpeg.org/">https://www.ffmpeg.org/</a></li>
<li>Find your nearest Twitch ingest point for RTMP <a href="https://stream.twitch.tv/ingests/">https://stream.twitch.tv/ingests/</a></li>
<li>Copy your stream key <a href="https://dashboard.twitch.tv/u/binarypower/settings/channel">https://dashboard.twitch.tv/u/<b>YOUR_USERNAME</b>/settings/channel</a></li>
</ul>
<br />
Find an MP4 video around 720p in size if you're going to use a raspberry pi. Anything larger will get dropped frames. In Windows/Linux it shouldn't matter.<br />
<br />
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">ffmpeg -stream_loop -1 -i VIDEO.mp4 -c:v libx264 -s 852x480 -r 30 -f flv "rtmp://YOUR_URL/STREAM_KEY?bandwidthtest=true"</pre>
<br />
The command basically takes a video and loops it over and over so you can do long term testing. It is also a low resource task (compared to X11 streaming).<br />
<br />
The last bit, the "bandwidthtest=true", is for Twitch Inspector. You can see how the stream is without actually going live.<br />
<br />
<a href="https://inspector.twitch.tv/">https://inspector.twitch.tv/</a><br />
<br />
Twitch inspector will let you know how well your stream is doing, and it's more accurate than your live dashboard.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj8qVp-SQBTKD_0WlL9-PUbRnGwRCUyfjaEskl9EqTf0TzhbSVzK8M_2gSaLpr5noFDudDqJnIu-C8bDWrqJldJ0WYd5CAmQijMB8rbFo-bsVCn5FRNJZ2x_aiaKAPXiqRIIbZw1nTLrAs/s1600/inspector+results.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="547" data-original-width="981" height="178" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj8qVp-SQBTKD_0WlL9-PUbRnGwRCUyfjaEskl9EqTf0TzhbSVzK8M_2gSaLpr5noFDudDqJnIu-C8bDWrqJldJ0WYd5CAmQijMB8rbFo-bsVCn5FRNJZ2x_aiaKAPXiqRIIbZw1nTLrAs/s320/inspector+results.png" width="320" /></a></div>
<br />
If you actually want to go live with and see the results firsthand, remove: "<span style="background-color: #f9f9f9; font-family: monospace , "courier"; font-size: 14px;">?bandwidthtest=true"</span><br />
<br />
There are probably better flags for ffmpeg to manage keyframes and other parameters, but for testing this is stable enough.<br />
<br />
With different platform ingest points, you can stream to Mixer/Youtube/Facebook Live and others. You should be able to stream multiple services, at the same time, if you have enough resources.</div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-4414017290057390418.post-85522329576494285052019-05-24T19:08:00.002-05:002019-05-24T19:08:24.447-05:00Use TorGuard OpenVPN servers in OPNsense firewall<div dir="ltr" style="text-align: left;" trbidi="on">
<h3 style="text-align: left;">
<span style="font-weight: normal;">This is how to use multiple Torguard OpenVPN servers in an OPNsense server. Adapted from pfSense instructions <a href="https://torguard.net/knowledgebase.php?action=displayarticle&id=208" target="_blank">here</a>.</span></h3>
<h3 style="text-align: left;">
DNS</h3>
System > General > DNS Servers<br />
Add the following:<br />
104.223.91.194<br />
104.223.91.210<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRb3GIv38m2XNyrlCxOq3DvDHSHjL1hwN-G0QRUi5jQy5exuRFIK3cZio460O_8JkdlZv3z5Jc2jrSY406SnfCQDq3xosy7lBvT6rubKwwB2kVT3ETd-ZWGwpwpNa_lXdt2jElawzYBJg/s1600/01-dns.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1299" data-original-width="1279" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRb3GIv38m2XNyrlCxOq3DvDHSHjL1hwN-G0QRUi5jQy5exuRFIK3cZio460O_8JkdlZv3z5Jc2jrSY406SnfCQDq3xosy7lBvT6rubKwwB2kVT3ETd-ZWGwpwpNa_lXdt2jElawzYBJg/s320/01-dns.png" width="315" /></a></div>
<br />
<h3 style="text-align: left;">
Create trust certificate</h3>
System > Trust > Certificates > Add<br />
Select "Import an existing Certificate Authority"<br />
Descriptive name: <b>TG-CA</b><br />
Certificate data: (<a href="https://torguard.net/downloads/ca.txt" target="_blank">get the latest key from here, copy the entire file</a>)<br />
Private key data: <leave blank><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxDC_0nxKN5dfG9EAurUvZIhGCw8pjXUo6N5vt_iHw3OIOZCeaqlTxSXwZqFepxeNr8XIIFnClNl3DF8_AKg9dtIRZzRHCyLNccHdx3Zhf2IQ622XZEd4N8R0psUozjZzT6qZVEzulZbQ/s1600/02-trust-certificates.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1320" data-original-width="1282" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxDC_0nxKN5dfG9EAurUvZIhGCw8pjXUo6N5vt_iHw3OIOZCeaqlTxSXwZqFepxeNr8XIIFnClNl3DF8_AKg9dtIRZzRHCyLNccHdx3Zhf2IQ622XZEd4N8R0psUozjZzT6qZVEzulZbQ/s320/02-trust-certificates.png" width="310" /></a></div>
<br />
<h3 style="text-align: left;">
Certificate authority</h3>
System > Trust > Authorities > Add<br />
Descriptive Name: <b>TG-internal-CA</b><br />
Method: Create an internal Certificate Authority<br />
Key length: 2048<br />
Digest Algorithm: SHA1<br />
Lifetime: 3650<br />
Country Code: <put anything><br />
State or Province: <put anything><br />
City: <put anything><br />
Organization: <put anything><br />
Email Address: <put anything><br />
Common Name: <b>internal-ca</b><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgXjvhepaAwiGWlApMDZnA_P_KyMnRCYJLZleubbQqDw3H6VWxSny2CV3mA4qx2eyF0HFiVZUfaW8ttzENBQjGvmlf4ayXcCc6rKyoO1FGKvvd4ZkUpllrCM_WGoEQo1SaDHxl9NrlljT4/s1600/03-trust-authorities.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1019" data-original-width="1284" height="253" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgXjvhepaAwiGWlApMDZnA_P_KyMnRCYJLZleubbQqDw3H6VWxSny2CV3mA4qx2eyF0HFiVZUfaW8ttzENBQjGvmlf4ayXcCc6rKyoO1FGKvvd4ZkUpllrCM_WGoEQo1SaDHxl9NrlljT4/s320/03-trust-authorities.png" width="320" /></a></div>
<br />
<h3>
Certificate manager</h3>
System > Trust > Certificates > Add<br />
Descriptive Name: <b>TG-Certificate</b><br />
Method: Create an internal Certificate Authority<br />
Key length: 2048<br />
Digest Algorithm: SHA1<br />
Lifetime: 3650<br />
Country Code: <put anything><br />
State or Province: <put anything><br />
City: <put anything><br />
Organization: <put anything><br />
Email Address: <put anything><br />
Common Name: <b>TG-Certificate</b><br />
<br />
<h3 style="text-align: left;">
OpenVPN Client settings</h3>
VPN > OpenVPN > Clients > Add<br />
<br />
Description: <b>TG OpenVPN</b><br />
Server Mode: Peer To Peer (SSL/TLS)<br />
Protocol: UDP<br />
Device Mode: tun<br />
Interface: WAN<br />
Local Port: <leave blank><br />
<br />
Remote server(s):<br />
<b>atl.east.usa.torguardvpnaccess.com</b><br />
<b>chi.central.usa.torguardvpnaccess.com</b><br />
<b>dal.central.usa.torguardvpnaccess.com</b><br />
<b>fl.east.usa.torguardvpnaccess.com</b><br />
<b>la.west.usa.torguardvpnaccess.com</b><br />
<b>lv.west.usa.torguardvpnaccess.com</b><br />
<b>nj.east.usa.torguardvpnaccess.com</b><br />
<b>ny.east.usa.torguardvpnaccess.com</b><br />
<b>sa.west.usa.torguardvpnaccess.com</b><br />
<b>sf.west.usa.torguardvpnaccess.com</b><br />
<br />
Server Port(s): <b>443</b><br />
<br />
Select server at random: <b>Checked</b><br />
Infinitely resolve server: <b>Checked</b><br />
<br />
Username: <b>YOURTGUSERNAME</b><br />
Password: <b>YOURTGPASSWORD</b><br />
<br />
Peer Certificate Authority: <b>TG-CA</b><br />
Client Certificate: Web GUI SSL certificate<br />
Encryption algorithm: BF-CBC (128-bit, 64 bit block)<br />
Auth Digest Algorithm: SHA1 (160-bit)<br />
Hardware Crypto: No Hardware Crypto Acceleration<br />
Compression: Enabled with Adaptive Compression<br />
Disable IPv6: Check<br />
Verbosity level: 1 default<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihqdK76zBvqyT6TATJMxhxhUQ-7K700-V84cih076IduUYELiiQkbzzdqToAemkw8nDJ3IdEcS9NRjVt0RucACXJQap9TjHewTp7ZGd_CWkCUbhcCIAdYULWPLUizSM77BFQJc94_1_b4/s1600/04-openvpn1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1321" data-original-width="1288" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihqdK76zBvqyT6TATJMxhxhUQ-7K700-V84cih076IduUYELiiQkbzzdqToAemkw8nDJ3IdEcS9NRjVt0RucACXJQap9TjHewTp7ZGd_CWkCUbhcCIAdYULWPLUizSM77BFQJc94_1_b4/s320/04-openvpn1.png" width="311" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj32QFQEv7AOyNTKMi8M2_G_siBCPfRqXBigD0sjogvARsXnG9yvlVbBuzWVAqI83aSVWBrmheZpPTK7CQyXfCw0rxJ3qNZXCai9zJ7XRIcC_qtyT6kR6P4l1PP8oWuTxoNR6-lweGKj7o/s1600/04-openvpn2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1319" data-original-width="1281" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj32QFQEv7AOyNTKMi8M2_G_siBCPfRqXBigD0sjogvARsXnG9yvlVbBuzWVAqI83aSVWBrmheZpPTK7CQyXfCw0rxJ3qNZXCai9zJ7XRIcC_qtyT6kR6P4l1PP8oWuTxoNR6-lweGKj7o/s320/04-openvpn2.png" width="311" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggs5V8cSnO63bdikSYJ54udT0QjN8W3yQA1mc6tJGfrLuH5EPZJV6JKXwej1As_Xv5jBGda_s6bq7W-k7E3PbJ_A4b-wHSYA3T9opmIc6ivRlGffgdupZayuzlgyR5hhxm-WB7Ub-wC7w/s1600/04-openvpn3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1313" data-original-width="1286" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggs5V8cSnO63bdikSYJ54udT0QjN8W3yQA1mc6tJGfrLuH5EPZJV6JKXwej1As_Xv5jBGda_s6bq7W-k7E3PbJ_A4b-wHSYA3T9opmIc6ivRlGffgdupZayuzlgyR5hhxm-WB7Ub-wC7w/s320/04-openvpn3.png" width="313" /></a></div>
<br />
<h3 style="text-align: left;">
Create OpenVPN interface</h3>
Interfaces > Assignments > Click add to the right of <b>TG OpenVPN</b><br />
You should now see <b>OPT1 </b>on the left. Click <b>OPT1</b>.<br />
<br />
Enable interface<br />
Description: <b>TGInterface</b><br />
<br />
(leave everything else blank)<br />
<br />
You should have a new interface called <b>TGInterface</b><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEibZC_5E0d5-y4CZeLZ-Eh3DuXyJosRA_XWRSOo2HArrnC_PDBPgIo86Y7bxREdnV_Yv8NyH_zdTWCh_3Ia-iJ6ivLEPhn197TEYfbKT8U746ak7jLPtAlBzwjvyZRhJ6BMjfCkT2PnUII/s1600/05-openvpn-interface.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="891" data-original-width="1285" height="221" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEibZC_5E0d5-y4CZeLZ-Eh3DuXyJosRA_XWRSOo2HArrnC_PDBPgIo86Y7bxREdnV_Yv8NyH_zdTWCh_3Ia-iJ6ivLEPhn197TEYfbKT8U746ak7jLPtAlBzwjvyZRhJ6BMjfCkT2PnUII/s320/05-openvpn-interface.png" width="320" /></a></div>
<br />
<h3 style="text-align: left;">
Firewall / NAT settings</h3>
Firewall > NAT > Outbound<br />
<br />
Select: Manual outbound NAT rule generation (no automatic rules are being generated)<br />
Click Save<br />
<br />
Change every rule (if you have more than one) to the interface <b>TGInterface</b>. No other settings should change in each rule.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyANq7KGv4e2gYskSm1Tw9EyivZWPjmF7Xia9j1K38cPhS_zLgElEO9r8y2mhbqkVTk3Yy6Aaxu3SfLhsg0871KNvwmODvG5FgZ17n5WyBc-J4AB8Gl_mo-biIMcFf0LZftyN2-p3VeyY/s1600/06-interfaces.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="726" data-original-width="1283" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyANq7KGv4e2gYskSm1Tw9EyivZWPjmF7Xia9j1K38cPhS_zLgElEO9r8y2mhbqkVTk3Yy6Aaxu3SfLhsg0871KNvwmODvG5FgZ17n5WyBc-J4AB8Gl_mo-biIMcFf0LZftyN2-p3VeyY/s320/06-interfaces.png" width="320" /></a></div>
<br />
<h3 style="text-align: left;">
Check VPN status</h3>
VPN > OpenVPN > Connection Status<br />
<br />
The status should say up<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg38nEvCMGmXDHFWDf0hB2m3S_jZ5DnAVJa5lXz8IMkz_N1iWXF3ds81VbvxLys6lwViVB_nPNeWcONdJ_4Ioji2Vg3GKbzjpOsh6HLJjQCL6a6nwpCLAKEqKEu2lgjkyJ-jil4XtfQI84/s1600/08-VPN-Status.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="692" data-original-width="1283" height="172" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg38nEvCMGmXDHFWDf0hB2m3S_jZ5DnAVJa5lXz8IMkz_N1iWXF3ds81VbvxLys6lwViVB_nPNeWcONdJ_4Ioji2Vg3GKbzjpOsh6HLJjQCL6a6nwpCLAKEqKEu2lgjkyJ-jil4XtfQI84/s320/08-VPN-Status.png" width="320" /></a></div>
<br />
Visit <a href="https://ipleak.net/" target="_blank">https://ipleak.net/ </a><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgg20bitiDeddSjslyPoTdN0fvZ-rsCj9zyKbqjPS7dqjnmSuhAKVev6yQL2KMltYRq3YIBaxDB4sc8O-rFjyA3qK7BO5RLAogkpy8LtAM8p8a4YcP-twRf65Y6X1a-lkKdt_ymH-_YYu0/s1600/09-DNS-Test.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1315" data-original-width="1287" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgg20bitiDeddSjslyPoTdN0fvZ-rsCj9zyKbqjPS7dqjnmSuhAKVev6yQL2KMltYRq3YIBaxDB4sc8O-rFjyA3qK7BO5RLAogkpy8LtAM8p8a4YcP-twRf65Y6X1a-lkKdt_ymH-_YYu0/s320/09-DNS-Test.png" width="312" /></a></div>
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-4414017290057390418.post-27482624999338473532019-05-24T16:24:00.004-05:002019-05-24T16:42:28.590-05:00Install BlackArch from scratch on fresh Arch with Gnome GUI<div dir="ltr" style="text-align: left;" trbidi="on">
(Using release: 2019.05.02 on Virtualbox 6.0)<br />
<br />
<a href="http://mirror.dal10.us.leaseweb.net/archlinux/iso/2019.05.02/archlinux-2019.05.02-x86_64.iso" target="_blank">Download Arch</a> (or use a <a href="https://www.archlinux.org/download/" target="_blank">mirror</a>)<br />
<br />
BlackArch is a great pentest tool, comparable to Kali Linux, but with a steeper learning curve. The biggest issue for most new users is the lack of out-of-the-box gnome support.<br />
<br />
I put together a combo of guides to get this working to make a comparable look and feel to Kali, but with Arch.<br />
<br />
<h3 style="text-align: left;">
Specs</h3>
8GB RAM<br />
128MB VGA<br />
100GB thin provisioned HD<br />
Network: bridged<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2k6uW6pYih6qJg96EEn_niezAPXTWuJWDqVdwWKl9Owfa2CcKLoJdxoVh5GHsR8EpQItJuIFXV1galeB084pVpVBQQNXj1iZN1hCT_6ltbOUCAYAtT83LmwdhNw7jG1Ye3ezaK3PtMLI/s1600/vbox+settings.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="526" data-original-width="574" height="292" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2k6uW6pYih6qJg96EEn_niezAPXTWuJWDqVdwWKl9Owfa2CcKLoJdxoVh5GHsR8EpQItJuIFXV1galeB084pVpVBQQNXj1iZN1hCT_6ltbOUCAYAtT83LmwdhNw7jG1Ye3ezaK3PtMLI/s320/vbox+settings.png" width="320" /></a></div>
<br />
Load the ISO and boot the machine. Once it comes up, verify network connectivity.<br />
<h3 style="text-align: left;">
Disk creation</h3>
Type <b>fdisk -l</b> and you should see the 100GB drive.<br />
<br />
The first partition we will create is the boot partition.<br />
<b><br /></b>
<b>fdisk /dev/sda</b><br />
<div>
<br /></div>
<div>
<b>p</b> for the primary partition.</div>
<div>
<br /></div>
<div>
<b>n</b> for new </div>
<div>
<br /></div>
<div>
<b>1</b> for the first partition (sda1)</div>
<div>
<br /></div>
<div>
<b>2048 </b>(or enter for the default)</div>
<div>
<br /></div>
<div>
<b>+500M</b> for the space</div>
<div>
<br /></div>
<div>
<br /></div>
<div>
Now we will create a swap partition.</div>
<div>
<br /></div>
<div>
<b>n</b> for create a new partition</div>
<div>
<br /></div>
<div>
<b>p</b> for primary</div>
<div>
<br /></div>
<div>
<b>2</b> for the 2nd partition (sda2)</div>
<div>
<br /></div>
<div>
<b>enter</b> for the default sector</div>
<div>
<br /></div>
<div>
<b>+8G</b> for the swap file size</div>
<div>
<br /></div>
<div>
<b>t</b> to select the type</div>
<div>
<br /></div>
<div>
<b>2 </b>for the second, swap, partition</div>
<div>
<br /></div>
<div>
<b>82 </b>to make it a swap partition</div>
<div>
<br /></div>
<div>
<br /></div>
<div>
Creating the 3rd partition</div>
<div>
<br /></div>
<div>
<b>n </b>to create the final partition using the rest of the space</div>
<div>
<br /></div>
<div>
<b>p</b> for primary</div>
<div>
<br /></div>
<div>
<b>3 </b>for the 3rd partition</div>
<div>
<br /></div>
<div>
<b>enter</b> to select the default drive sector start position</div>
<div>
<br /></div>
<div>
<b>enter </b>to select the last sector</div>
<div>
<br /></div>
<div>
<b>w </b>to write the changes</div>
<div>
<br /></div>
<h3 style="text-align: left;">
Finalize the filesystem</h3>
<div>
<div>
<b>mkfs.ext2 /dev/sda1</b></div>
<div>
<b>mkswap /dev/sda2</b></div>
<div>
<b>mkfs.ext4 /dev/sda3</b></div>
<div>
<br /></div>
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiFhnNFMCipcSTRE91HZlBcp-9_OzBcbl1L_KI-9F1Db4IDnMSCVwH5v9Kas-Q0hVKAXWera2x-Dl8aHCvbwhCDAlkH3d3crbKDm_ogc3yTjvdnOkljTY2LvpszjcLwWeHIglqX64RiZqs/s1600/disk+partition.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="213" data-original-width="608" height="112" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiFhnNFMCipcSTRE91HZlBcp-9_OzBcbl1L_KI-9F1Db4IDnMSCVwH5v9Kas-Q0hVKAXWera2x-Dl8aHCvbwhCDAlkH3d3crbKDm_ogc3yTjvdnOkljTY2LvpszjcLwWeHIglqX64RiZqs/s320/disk+partition.jpg" width="320" /></a></div>
<div>
<br /></div>
<h3 style="text-align: left;">
Mount the filesystem</h3>
<div>
<div>
<b>mount /dev/sda3 /mnt</b></div>
<div>
<b>swapon /dev/sda2</b></div>
</div>
<div>
<br /></div>
<h3>
Install the Base and Base-Devel repositories</h3>
<div>
<b>pacstrap /mnt/ base base-devel</b></div>
<div>
<br /></div>
<div>
<h3 style="text-align: left;">
Generate the fstab and mount it to the temporary filesystem</h3>
<div>
<b>genfstab /mnt >> /mnt/etc/fstab</b></div>
<div>
<br /></div>
<h3 style="text-align: left;">
Remount root to the mount</h3>
<div>
<b>arch-chroot /mnt</b></div>
<div>
<br /></div>
<h2 style="text-align: left;">
Set System Language</h2>
<div>
<b>echo "LANG=en_US.UTF-8" > /etc/locale.conf</b></div>
<div>
<b>sed -i 's/#en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/g' /etc/locale.gen</b></div>
<div>
<br /></div>
<div>
<i><b>Or</b></i> use text editor of choice and <b>remove the comment</b> from your language of choice.</div>
<div>
<br /></div>
<div>
<b>vi /etc/locale.gen</b></div>
<div>
<i>en_US.UTF-8 UTF-8</i></div>
</div>
<div>
<i><br /></i></div>
<div>
then run</div>
<div>
<b>locale-gen</b></div>
<div>
<br /></div>
<h3 style="text-align: left;">
Set the timezone</h3>
<div>
<b>ln -sf /usr/share/zoneinfo/US/Central /etc/localtime</b></div>
<div>
<div>
<b>hwclock --systohc --utc</b></div>
<div>
<br /></div>
<h3 style="text-align: left;">
Create unique hostname</h3>
<div>
<b>echo "systemname.host.local" > /etc/hostname</b></div>
<div>
<br /></div>
<h3 style="text-align: left;">
Change Root Password</h3>
<div>
<b>passwd</b></div>
<div>
<br /></div>
<h3 style="text-align: left;">
Set up GRUB Bootloader</h3>
<div>
<b>pacman -S grub</b></div>
<div>
<b>grub-install /dev/sda</b></div>
<div>
<b>grub-mkconfig -o /boot/grub/grub.cfg</b></div>
<div>
<br /></div>
<h3 style="text-align: left;">
Update repositories</h3>
<div>
<b>pacman -Syu</b></div>
<div>
<br /></div>
<h3 style="text-align: left;">
Enable dhcpcd service</h3>
<div>
<b>systemctl enable dhcpcd</b></div>
<div>
<br /></div>
<h3 style="text-align: left;">
Create superuser account</h3>
<div>
<b>useradd -m -G wheel yourname</b></div>
<div>
<b>passwd yourname</b></div>
<div>
<br /></div>
<h3 style="text-align: left;">
Enable sudo for the “wheel” group</h3>
<div>
<b>sed -i 's/# %wheel ALL=(ALL) ALL/%wheel ALL=(ALL) ALL/g' /etc/sudoers</b></div>
<div>
<br /></div>
<div>
Or edit the file manually</div>
<div>
<b>vi /etc/sudoers</b></div>
<div>
uncomment out the following line</div>
<div>
<i>%wheel ALL=(ALL) ALL</i></div>
<div>
<br /></div>
<div>
Eject the ISO and reboot</div>
</div>
<div>
<br /></div>
<div>
Once the system comes back up, now would be a good time to shut down the system and create a snapshot.</div>
<div>
<br /></div>
<h3 style="text-align: left;">
Adding Gnome and lxdm</h3>
<div>
Using your superuser account,</div>
<div>
<br /></div>
<div>
update the system</div>
<div>
<b>sudo pacman -Syu</b></div>
<div>
<br /></div>
<div>
Install the pre-requisites</div>
<div>
<b>sudo pacman -S xorg</b></div>
<div>
<b><br /></b></div>
<div>
Install Gnome and extras</div>
<div>
<b>sudo pacman -S gnome gnome-extra</b></div>
<div>
<br /></div>
<div>
Once that's complete, you need to install a display manager.</div>
<div>
<b>pacman -S lxdm</b></div>
<div>
<br /></div>
<div>
Enable the service to start on boot</div>
<div>
<b>systemctl enable lxdm.service</b></div>
<div>
<br /></div>
<div>
Once you restart, lxdm will allow you to choose to log in with Gnome.</div>
<div>
<br /></div>
<div>
Once you've verified everything works, turn the system off, remove the snapshot and create a new one.</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjC8AdJSxFTEhci-b0Cf0G3_YImko-vdcyqbZyEmQEdV-eQP275JCy17SoQcJrZ1frYExlKbxDjjEmXfDP5c-j5iuOCjZ6nzJ2c6sBbTkvDi-NBL7j10UoeYZMIh8v75-DaPUe8QGQ-Hak/s1600/gnome+arch.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="672" data-original-width="800" height="267" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjC8AdJSxFTEhci-b0Cf0G3_YImko-vdcyqbZyEmQEdV-eQP275JCy17SoQcJrZ1frYExlKbxDjjEmXfDP5c-j5iuOCjZ6nzJ2c6sBbTkvDi-NBL7j10UoeYZMIh8v75-DaPUe8QGQ-Hak/s320/gnome+arch.png" width="320" /></a></div>
<div>
<br /></div>
<div>
<br /></div>
<h3 style="text-align: left;">
Adding <a href="https://blackarch.org/" target="_blank">BlackArch</a> software</h3>
<div>
<div>
<b>curl -O https://blackarch.org/strap.sh</b></div>
<div>
<b>chmod +x strap.sh</b></div>
<div>
<b>sudo ./strap.sh</b></div>
</div>
<div>
<br /></div>
<div>
Download the master package list and synchronize</div>
<div>
<b>sudo pacman -Syyu</b></div>
<div>
<br /></div>
<div>
<div>
To install all of the tools (very large download), run</div>
<div>
<b>pacman -S blackarch</b></div>
<div>
<br /></div>
<div>
To see the blackarch categories, run</div>
<div>
<b>pacman -Sg | grep blackarch</b></div>
</div>
<div>
<br /></div>
<div>
You should now have Black Arch Linux apps installed on a fresh install of Arch using Gnome.</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOadSB-gEwO_MFDUyMKL3FSNpR4P1EhdtVcuY9DoP0ImuzvT7_Z16ENJkp6JoWOt1yzMV8InRewE8YRVt-Mm3J0IaGS1zSkR-fUK2BPsLvYX7p4zzswE9vsZTZtAhKqkkr1g-Fvjvpxpk/s1600/VirtualBox_Arch+Linux_24_05_2019_16_22_31.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1000" data-original-width="1600" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOadSB-gEwO_MFDUyMKL3FSNpR4P1EhdtVcuY9DoP0ImuzvT7_Z16ENJkp6JoWOt1yzMV8InRewE8YRVt-Mm3J0IaGS1zSkR-fUK2BPsLvYX7p4zzswE9vsZTZtAhKqkkr1g-Fvjvpxpk/s320/VirtualBox_Arch+Linux_24_05_2019_16_22_31.png" width="320" /></a></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
Sources:</div>
<div>
<a href="https://blackarch.org/blackarch-guide-en.pdf">https://blackarch.org/blackarch-guide-en.pdf</a></div>
<div>
<a href="https://itsfoss.com/things-to-do-after-installing-arch-linux/">https://itsfoss.com/things-to-do-after-installing-arch-linux/</a></div>
<div>
<a href="https://medium.com/@gevorggalstyan/how-to-install-arch-linux-on-virtualbox-93bc83ded692">https://medium.com/@gevorggalstyan/how-to-install-arch-linux-on-virtualbox-93bc83ded692</a></div>
<div>
<a href="https://wiki.archlinux.org/index.php/installation_guide#Chroot">https://wiki.archlinux.org/index.php/installation_guide#Chroot</a></div>
<div>
<a href="https://blackarch.org/guide.html">https://blackarch.org/guide.html</a><br />
<br />
<br /></div>
</div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-4414017290057390418.post-36560906409333057262018-06-28T07:10:00.000-05:002018-06-28T07:10:25.369-05:00Fix malformed SQLite DB in Tautuli (PlexPy) server in Windows<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
For those running Tautuli to monitor their Plex servers, sometimes DB issues happen. After upgrading from PlexPy to Tautuli I never had a solid footing on strange issues until I found a DB error and fixed it.<br />
<br />
I kept seeing the following error in the logs:<br />
<br />
<b>Can't connect to the database: database disk image is malformed</b><br />
<br />
To fix this, it's pretty simple. First you will need <a href="https://sqlitebrowser.org/" target="_blank">DB Browser for SQLite</a>. The portable app works just fine if you don't want to install anything.<br />
<br />
<i>(if you need a more graphical guide, look at <a href="http://wordpress.semnaitik.com/repair-sqlite-database/">http://wordpress.semnaitik.com/repair-sqlite-database/</a> where I got most this info from)</i><br />
<br />
Copy the <b>tautuli.db</b> file out of your plexpy/tautuli directory to work on.<br />
<br />
In DB Browser for SQLite, click <b>Open Database</b>.<br />
<br />
<b>Execute SQL</b> (tab)<br />
<br />
Run the following: <b>PRAGMA integrity_check</b><br />
<br />
Then click the <b>Play</b> button.<br />
<br />
You will see errors if there are DB issues (if the integrity check passes, it's not DB related).<br />
<br />
Export the DB to SQL format and leave all the default options checked.<br />
<br />
Once the database export is complete, import the database. This will essentially "clean" it. It will take some time to import<br />
<br />
Import the database and select a new file name/location to store it. Replace this database with your main Tautuli database and relaunch the app.<br />
<br />
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-4414017290057390418.post-88687275584183462142018-05-19T03:05:00.003-05:002018-05-19T03:05:49.136-05:00Installing OpenIPC on WyzeCam v2 and adding to BlueIris<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhkccGKOVkO2j1I6O8glZbm5N1LQL_Kfx9J-qV5t4W27z47MhIpaDYpUT5chl4kH3hCWQVdxXrZiGNEsE_7stT6ILK5DlZK33SkMDcqM-nhKVlNZfYKvnClMfDQAZB8redqN_UETm2xOzk/s1600/wyze1as.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="800" data-original-width="1200" height="213" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhkccGKOVkO2j1I6O8glZbm5N1LQL_Kfx9J-qV5t4W27z47MhIpaDYpUT5chl4kH3hCWQVdxXrZiGNEsE_7stT6ILK5DlZK33SkMDcqM-nhKVlNZfYKvnClMfDQAZB8redqN_UETm2xOzk/s320/wyze1as.jpg" width="320" /></a></div>
<br />
Wyze Cam is a fully functional $20 security camera. Out of the box, it works great.<br />
<br />
The only problem is that there, <a href="https://www.wyzecam.com/forums/topic/wyzecam-website-for-viewing-videos/" style="font-style: italic;" target="_blank">currently</a>, isn't a website you can go to to manage the camera or view footage. It's only available via a smartphone app.<br />
<br />
While the app works great pushing files to the cloud and local storage, the camera doesn't utilize open standards like RTSP, so it's not compatible with Blue Iris.<br />
<br />
That's where <a href="https://github.com/openipcamera/openipc-firmware" target="_blank">OpenIPC</a> steps in. <b><span style="color: red;">This is very new firmware so expect these steps to change quite a bit. I'll try to keep it updated. There is a <a href="https://www.reddit.com/r/openipc/" target="_blank">subreddit</a> dedicated to OpenIPC as well.</span></b><br />
<br />
This firmware will not erase or modify the built-in firmware, so no worries about bricking your device. If you remove the sd card and reboot the device, it will go back to the standard config.<br />
<br />
While this can be annoying to some, the firmware is only in Alpha with non-open source code. <b>There could be serious security risks, so this should only be used for testing and not production!</b><br />
<br />
<h3 style="text-align: left;">
To install</h3>
Download <a href="https://sourceforge.net/projects/win32diskimager/" target="_blank">Win32DiskImager</a><br />
<br />
Try to use a 4GB or smaller MicroSD card for the install, if possible.<br />
<br />
Download the latest IMG release file from <a href="https://github.com/openipcamera/openipc-firmware/releases" target="_blank">here</a>. (For instance <a href="https://github.com/openipcamera/openipc-firmware/releases/download/0.2.5/openipc_v2-0.2.5.img">openipc_v2-0.2.5.img</a> or whichever release is newer). This will only work with the WyzeCamV2 not the V1<br />
<br />
Open Win32DiskImager and select the IMG file and the target MicroSD drive.<br />
<br />
To set the Wifi password, edit the file <drive letter>:\config\wpa_supplicant.conf and change<br />
<br />
<span style="background-color: white; color: #24292e; font-family: , "consolas" , "liberation mono" , "menlo" , "courier" , monospace; font-size: 12px; white-space: pre;"><b>ssid="SSID"</b></span><br />
to whatever your network name is. Also, change the password field.<br />
<span style="background-color: white; color: #24292e; font-family: , "consolas" , "liberation mono" , "menlo" , "courier" , monospace; font-size: 12px; white-space: pre;"><b>psk="PW"</b></span><br />
<div>
<br /></div>
Save the file and remove the card. Unplug the Wyze Camera and insert the MicroSD card.<br />
<br />
To write the firmware, press and hold the bottom setup button while plugging the camera back in.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<span id="goog_1019219871"></span><span id="goog_1019219872"></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBzfJNo01ym1-4uXjzjrDfj1Ebxk4LG5oM8SMxSEivvYOTssPxp9ZVP9DsKLhW5m7blsy16jQ4gP6zBhCwBpmfAVZKw3Zzj7lW3TcEA_sNAJ2GNMy7MuToW-59wLOtcWQI5kSL5EIk_vY/s1600/wyzecam-setup-button.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="296" data-original-width="339" height="279" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBzfJNo01ym1-4uXjzjrDfj1Ebxk4LG5oM8SMxSEivvYOTssPxp9ZVP9DsKLhW5m7blsy16jQ4gP6zBhCwBpmfAVZKw3Zzj7lW3TcEA_sNAJ2GNMy7MuToW-59wLOtcWQI5kSL5EIk_vY/s320/wyzecam-setup-button.png" width="320" /></a></div>
In about 6 seconds, when the light turns blue, release the button. Wait a few minutes to see it on your network.<br />
<br />
You can scan your network with a smartphone app like <a href="https://www.fing.io/">Fing</a> or a Windows app like <a href="http://angryip.org/">Angry IP Scanner</a> to locate the camera. It will register ports:<br />
<br />
21 ftp<br />
22 ssh<br />
23 telnet<br />
80 http<br />
<br />
If you browse to the ip from a browser, the login prompt will ask for a password. The default being:<br />
<b>dafang</b><br />
<b>ismart12</b><br />
<div>
<br /></div>
<h3 style="text-align: left;">
Blue Iris Setup</h3>
<div>
Adding the Wyze cam to Blue Iris is pretty straightforward. When you go to the config page it will provide you with the RTSP url. Just import this and that's it.</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfkKWnzfNstNvgw8M50urkPitE_YG9NNLbLoW_lelN0kvObxigd3kBY3NbnIVVChGketXw8ALgpGMGbEkM5aWL2iT2hWVrzACkEyKECHMLbcZJOzvT_-w0EBT6ke4cA2gnnyN-dJb9Zls/s1600/wyzebi.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="557" data-original-width="872" height="204" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfkKWnzfNstNvgw8M50urkPitE_YG9NNLbLoW_lelN0kvObxigd3kBY3NbnIVVChGketXw8ALgpGMGbEkM5aWL2iT2hWVrzACkEyKECHMLbcZJOzvT_-w0EBT6ke4cA2gnnyN-dJb9Zls/s320/wyzebi.jpg" width="320" /></a></div>
<div>
<br /></div>
<div>
Just, bear in mind... this should not be used for anything other than testing. You cannot change the password (easily) and even then, the firmware changes are not permanent. </div>
<div>
<br /></div>
<div>
An ideal solution would be to wait for the firmware to have a release candidate that allows you to add extra storage space that is instead being used for the OS.</div>
</div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-4414017290057390418.post-57138470512584211132017-06-14T00:07:00.001-05:002017-06-14T00:12:24.034-05:00Best IP POE camera compatible with Blue Iris<div dir="ltr" style="text-align: left;" trbidi="on">
I recently purchased, and ultimately returned, a <a href="https://www.amazon.com/gp/product/B00VN7UG9O" target="_blank">LaView 4 1080P NVR/POE IP Cam combo</a> from Amazon for <b>$600</b> (It's listed cheaper now).<br />
<br />
<br />
They claimed to be ONVIF compliant, but for the life of me I was not able to set up <a href="http://blueirissoftware.com/" target="_blank">Blue Iris</a> to connect to the cameras. I noticed that the IPs in the NVR chose a subnet at random and I could not connect to the individual cameras directly without passing through the NVR.<br />
<br />
When I gave the individual cameras a manual IP it was unreachable. If I bypassed the NVR and went straight to the network with POE, it wouldn't get a DHCP IP.<br />
<br />
My old setup was a Night Owl (forget the model number). Since it was the old analog BNC type camera setup, I had no choice but to go through the DVR. Although, I could connect through the streams RTSP directly by addressing the CAMNO (1-4). This was a breeze to add to Blue Iris.<br />
<br />
The LaView was a hassle. I thought, with the price, it would beat cheaper NVR alternatives but I found the UI to be clunky, slow and unintuitive.<br />
<br />
I have indoor Amcrest wifi cameras and saw they now sell POE outdoor cameras. I've never had an issue with my Amcrest so I decided to get rid of the NVR model and feed from the source.<br />
<br />
While I have a POE switch, it does not provide the adequate wattage to power all my cameras so I purchased a standalone <a href="https://www.amazon.com/gp/product/B0086SQDMM/" target="_blank">8 port POE injector</a> for $40.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi-dOsWYd1Zw-O8GRlFSIW4LTkZe4a_8g4O4e0afqTK0d1ls9ZG1xRtxiXQZEyjdLauMtzNs5KFjkCHNLMhnu0H7qoMomK8VijXj3Dub9JoB14ewgBd3at7bfUH0jUOM-EhSf-IrLwf4i4/s1600/POE+Injector.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1035" data-original-width="1500" height="220" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi-dOsWYd1Zw-O8GRlFSIW4LTkZe4a_8g4O4e0afqTK0d1ls9ZG1xRtxiXQZEyjdLauMtzNs5KFjkCHNLMhnu0H7qoMomK8VijXj3Dub9JoB14ewgBd3at7bfUH0jUOM-EhSf-IrLwf4i4/s320/POE+Injector.jpg" width="320" /></a></div>
<br />
I purchased 2 of each of the Amcrest outdoor POE styles <a href="https://www.amazon.com/gp/product/B01E7QI91E/" target="_blank">Amcrest IP2M-844E</a> and <a href="https://www.amazon.com/gp/product/B01BN1FDUG/" target="_blank">Amcrest IP2M-842E</a>.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjpIcFXKO3H-S6bxf0QASy87fuNXXUswrM81sWfGshNAbjYDkjVEQq4ncpQm5DXao9CThgVrPhlFjwHU5qxTw8NpuKZ544pLyJ8WcpB2aqKBEY2blVFZX1rYrCGLWgpwIaFl7Y3xFMXDSg/s1600/IP2M-844E.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1000" data-original-width="1000" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjpIcFXKO3H-S6bxf0QASy87fuNXXUswrM81sWfGshNAbjYDkjVEQq4ncpQm5DXao9CThgVrPhlFjwHU5qxTw8NpuKZ544pLyJ8WcpB2aqKBEY2blVFZX1rYrCGLWgpwIaFl7Y3xFMXDSg/s320/IP2M-844E.jpg" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh09W3MerlCW3Q6Vz1YYpLrOlennOoszaO_WHIkdW-fsoCafQgvPoqD00Ph_yNFU38QCo6AHjxvXrx5sUDhVzB8k2xIvwnYaf4aBSuEYAcSqSpQ1U62Ic9mj8yEMb9ePm7aWPdtYqN5gxM/s1600/IP2M-842E.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1000" data-original-width="1000" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh09W3MerlCW3Q6Vz1YYpLrOlennOoszaO_WHIkdW-fsoCafQgvPoqD00Ph_yNFU38QCo6AHjxvXrx5sUDhVzB8k2xIvwnYaf4aBSuEYAcSqSpQ1U62Ic9mj8yEMb9ePm7aWPdtYqN5gxM/s320/IP2M-842E.jpg" width="320" /></a></div>
Which match or exceed the specs of the LaView option. They cost $75 each (both models).<br />
<br />
The total for the Amcrest setup was <b>$340</b>... almost half the price of the LaView and very easy to set up in Blue Iris.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilxahwrg904-x-ZAQzxYZr-MtsM0ce-E0qWx4wNNhirI2wd_w9UswE1Imi-2OL1E4GEtCbWuBWtQn41UxghRkNqvwApJxKfeDrEeFg7A7P502_Xp9Atazkbom0NVsYrerdpkVOXkvpAjc/s1600/amcrest.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="559" data-original-width="874" height="204" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilxahwrg904-x-ZAQzxYZr-MtsM0ce-E0qWx4wNNhirI2wd_w9UswE1Imi-2OL1E4GEtCbWuBWtQn41UxghRkNqvwApJxKfeDrEeFg7A7P502_Xp9Atazkbom0NVsYrerdpkVOXkvpAjc/s320/amcrest.png" width="320" /></a></div>
<br />
I also have another 4 ports on my POE injector to add more cameras if I choose.<br />
<br />
Long story short, skip the NVR, go directly to your own recording device. If you don't want to pay the proprietary software license for Blue Iris and/or Windows; there are alternatives.<br />
<br />
You could set up a Linux box and use <a href="http://www.lavrsen.dk/foswiki/bin/view/Motion" target="_blank">Motion by Foswiki</a> to create your own NVR with a lot of flexibility.<br />
<br />
Blue Iris costs money, but it does a lot. It's also a GUI app, which I like when dealing with videos due to the instant gratification of knowing if it's working.<br />
<br />
Motion works great, but you can get bogged down in options and the Linux+CLI nature is off-putting to most.<br />
<br />
One of the downsides to most DVRs, NVRs and standalone IP Cameras has to be the requirement for IE with an addon. I usually just spin up a test VM with Windows and install/config it there... then deleting the VM. I noticed with the LaView this did not work. I could modify the settings, but could not view the live stream. It did not like the virtual VGA adaptor.<br />
<br />
The Amcrest worked, but still required IE to set up. At least I was able to verify I had a stream before I added it to Blue Iris. I hope one day IP Cameras just work in Chrome over HTML5 without any plugins or software required.</div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-4414017290057390418.post-84142692740838124062017-02-11T01:48:00.001-06:002018-05-19T00:23:15.500-05:00Record Google Nest Cam from Blue Iris<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="color: red;"><b>(Updated May 2018)</b></span><br />
<span style="color: red;"><b><br /></b></span>
Since Nest is pushing their expensive ($10 to $30 per month) cloud recording feature, the Nest Cam is pretty locked down to prevent recording video locally to your own network. There are APIs you can use to scrape some information, but nothing to record video and audio to a local file share/FTP/NAS out of the box.<br />
<br />
I use Blue Iris to record my other network cameras and found a hack to do the same on Nest.<br />
<br />
There are some privacy concerns using this method, but the tradeoff is you can have both cloud and local storage of video events. Also, more flexibility of live video and video playback.<br />
<br />
<b>Requirements</b>: An apache server with PHP installed. Also, obviously, a Nest cam and Blue Iris.<br />
<br />
The first step is to allow sharing of the video. No one will be able to access this feed without the url, and if found, they cannot view archived video or manipulate settings.<br />
<br />
<h3 style="text-align: left;">
Nest UUID</h3>
Open the Nest camera properties and select "<b>Camera sharing</b>".<br />
<br />
<b><span style="color: red;">Make sure the "Preferred video player" camera settings are set to Flash instead of HTML5.</span></b><br />
<br />
Select "<b>Share publicly</b>" and click "<b>Agree & Share</b>"<br />
<br />
You will get a URL like this:<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">https://video.nest.com/live/xxxxxxxxxx</pre>
Open that link in a new tab. View the page source and search for <b>UUID</b>. You will have a result like this:<br />
<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">https://nexusapi.dropcam.com/get_image?uuid=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx&width=560</pre>
(obviously <b>xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</b> is your uuid)<br />
<br />
<h3 style="text-align: left;">
Apache script</h3>
On your Apache server, create a directory called "nest"<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">mkdir /var/www/html/nest && cd /var/www/html/nest</pre>
Create a php file called nest.php<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">vi nest.php</pre>
Add this code. (Don't forget to change <b>xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</b> to <i>your</i> unique uuid)<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;"><?php
{
file_put_contents('image.jpg',fopen("https://nexusapi.camera.home.nest.com/get_image?uuid=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx&cachebuster=".rand(10,1000000)."&height=512", 'r'));
}
?>
</pre>
Verify you can run it with PHP<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">php nest.php</pre>
If you get a file called "<b>image.jpg</b>" in "<b>/var/www/html/nest/</b>" and can browse to <b>http://<yourserverip>/nest/image.jpg</b> you should be ready to add it to blueiris.<br />
<br />
<div style="text-align: left;">
Run a watch command to generate that file every 0.1 seconds (<i>or 10 frames a second</i>). Watch does not allow more than this speed.</div>
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">watch -n 0.1 php nest.php</pre>
<i>(There are many ways of doing this that are much better. It can be added to cron and many other things to improve reliability and performance. This is just a simple test and needs a lot of improvement.)</i><br />
<i><br /></i>
<br />
<h3>
Blue Iris configuration</h3>
Once you have your url<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">http://<yourip>/nest/image.jpg</pre>
<br />
In Blue Iris, add a camera, go into the <b>video </b>tab and click <b>configure</b>.<br />
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNMB40YpQJJCrnmCjeps-0P-QG9X2ToPVrYjH0fBTFXeW_Q2uN4V2g0Mzw2j1qeADYRQv0L6BmA1f3DLb4uPPbkr1l-DdClRq8kdIkvWt6eTv_RST2uTuRPTDPUxLv0oHB06rZmDGUK4I/s1600/blueiris01.jpg" imageanchor="1"><img border="0" height="204" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNMB40YpQJJCrnmCjeps-0P-QG9X2ToPVrYjH0fBTFXeW_Q2uN4V2g0Mzw2j1qeADYRQv0L6BmA1f3DLb4uPPbkr1l-DdClRq8kdIkvWt6eTv_RST2uTuRPTDPUxLv0oHB06rZmDGUK4I/s320/blueiris01.jpg" width="320" /></a><br />
<br />
Address<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;"><your apache server ip></pre>
Path<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">/nest/image.jpg</pre>
Click OK<br />
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgbg0etYxnmmvyxLZsLMzl7_AFckSXPEeZY488rrCzn7lgjRgavM8Shz3PzTYZRhSDPeDk9sebgWOC5uU01ZbrYJS0MA3X8XAG4kU8U41nlrUKugnK9nPjKusfeCLQebVyks_wpU_VWopo/s1600/blueiris02.jpg" imageanchor="1"><img border="0" height="304" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgbg0etYxnmmvyxLZsLMzl7_AFckSXPEeZY488rrCzn7lgjRgavM8Shz3PzTYZRhSDPeDk9sebgWOC5uU01ZbrYJS0MA3X8XAG4kU8U41nlrUKugnK9nPjKusfeCLQebVyks_wpU_VWopo/s320/blueiris02.jpg" width="320" /></a><br />
<br />
Check "<b>Anamorphic (force size)</b>" then change "<b>Image format</b>" to <b>904 x 512</b><br />
<br />
You can play with the sizes but I've noticed a performance hit when trying to run anything greater than 720p.<br />
<br />
<h3 style="text-align: left;">
Rant...</h3>
Until Google updates the firmware to allow local file storage from the Nest camera, this is the only solid way I've found to import the feed and save it locally. I don't want to pay for their cloud service when I can just upload my own clips to dropbox or any other free file service.<br />
<br />
Google's integration with Dropcam/Nest doesn't seem well implemented. You would think that Nest would allow you to save your video clips to Google Drive. A perk to paying for the premium Google Drive service should be that you can record your Nest clips there for free. Instead, you are essentially billed twice for storage.<br />
<br />
I'd go so far as to say <b>do not purchase this device</b> if you want more options such as using Blue Iris. Amcrest/D-Link/Netgear and dozens of vendors all do the same and are ONVIF compliant... and I can link those to my Google Drive/Dropbox storage for cloud backups.<br />
<br />
Nest is not ONVIF compliant and their app sucks. It's the same app as the (awesome) Nest thermostat... but there should be a separate, dedicated app for the Nest cameras. It's too cluttered and not intuitive.<br />
<br />
For the same price of a Nest cam, you can get two wifi PTZ cameras with the same quality video (if not better) and many more features such as the ability to save to a MicroSD card.<br />
<br />
If your internet goes out with the Nest, your camera stops recording.</div>
Unknownnoreply@blogger.com1tag:blogger.com,1999:blog-4414017290057390418.post-76912805669179740932015-12-11T21:43:00.003-06:002015-12-11T21:43:55.666-06:00Block Comcast Xfinity data cap popup<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
If you have recently been converted to the <a href="http://bgr.com/2015/11/19/comcast-data-cap-2015-bad-for-us-all/" target="_blank">Comcast data cap market</a> you will have 2 months to continue getting unlimited data before being charged any overages.<br />
<br />
The problem is that you will see html injection popups on <i>any</i> site that is not https:// encrypted.<br />
<br />
These cannot be blocked via a hosts file/dns/bind filter. It's generated from <a href="http://servicealerts.comcast.net:8080/">http://servicealerts.comcast.net:8080/</a><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWNGKyy1yMqEPM4iIwZb9j1FoaSCx-aVtMeJIMH1yXGXEbCmEE7dQPfZ98oQffu8gqF1GsVlzUVWzy8OhojqANsezwMpNyaq09LZJYD1tJT_Aig-n8JEQCSU14CynZl61mUknmgKA7k9w/s1600/xfinity.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="177" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWNGKyy1yMqEPM4iIwZb9j1FoaSCx-aVtMeJIMH1yXGXEbCmEE7dQPfZ98oQffu8gqF1GsVlzUVWzy8OhojqANsezwMpNyaq09LZJYD1tJT_Aig-n8JEQCSU14CynZl61mUknmgKA7k9w/s320/xfinity.png" width="320" /></a></div>
<br />
While, it's nice they are giving us a couple of months before actually charging, you have to suffer through popups for every 90%, 100%, 110%, 125% usage threshold and up.<br />
<br />
To block these, in Adblock, manually edit your filters to include:<br />
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">##*#comcast_content</pre>
<br />
If you are curious, the code looks like this:</div>
<script src="http://pastebin.com/embed_js.php?i=wd13vSqS"></script>
</div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-4414017290057390418.post-7416155160714190712015-11-13T22:49:00.000-06:002015-11-13T22:49:45.096-06:00How to install Guacamole 0.9.8 for Ubuntu 14.04 and secure with Nginx ssl<div dir="ltr" style="text-align: left;" trbidi="on">
<a href="http://guac-dev.org/" target="_blank">Guacamole</a> is a pretty straightforward RDP/VNC/SFTP utility that requires no plugins on client systems. It utilizes HTML5 to serve up the connections directly over a browser.<br />
<br />
This is a pretty standard install to connect to a windows RDP host. We will be securing the server with UFW, fail2ban and SSL using NGINX as a reverse proxy.<br />
<br />
First, enable the firewall and allow the following ports:<br />
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">sed -i 's/ENABLED=no/ENABLED=yes/g' /etc/ufw/ufw.conf</pre>
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">ufw allow 22 && <span style="line-height: 1.3em;">ufw allow 8080</span></pre>
<br />
Install the prerequisite software<br />
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">apt-get update && apt-get install -y fail2ban build-essential htop libcairo2-dev libjpeg62-dev libpng12-dev libossp-uuid-dev tomcat7</pre>
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">apt-get install -y libfreerdp-dev libpango1.0-dev libssh2-1-dev libtelnet-dev libvncserver-dev libpulse-dev libssl-dev libvorbis-dev</pre>
<br />
Download and extract the guacamole server files<br />
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">cd ~</pre>
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">wget http://sourceforge.net/projects/guacamole/files/current/source/guacamole-server-0.9.8.tar.gz</pre>
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">tar -xzf guacamole-server-0.9.8.tar.gz && cd guacamole-server-0.9.8/</pre>
<br />
Compile and make the program (<i>this may take some time depending on your hardware</i>).<br />
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">./configure --with-init-dir=/etc/init.d && make && make install</pre>
<br />
Now we want to update the library cache and update the init scripts so it will start on bootup<br />
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">ldconfig && update-rc.d guacd defaults</pre>
<br />
Create the main Guacamole configuration folder and file<br />
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">cd ~ && mkdir /etc/guacamole</pre>
<br />
Vi (or, you can use Nano/your file editor of choice) the main configuration which provides the location of the user-mapping.xml file.<br />
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">vi /etc/guacamole/guacamole.properties</pre>
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;"><pre style="border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; line-height: 1.3em; padding: 1em;"># Hostname and port of guacamole proxy
guacd-hostname: localhost
guacd-port: 4822
# Location to read extra .jar's from
lib-directory: /var/lib/tomcat7/webapps/guacamole/WEB-INF/classes
# Authentication provider class
auth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider
# Properties used by BasicFileAuthenticationProvider
basic-user-mapping: /etc/guacamole/user-mapping.xml</pre>
</pre>
<br />
For the Guacamole client, we are going to add a simple RDP connection. This is highly configurable, so <a href="http://guac-dev.org/doc/gug/configuring-guacamole.html#connection-configuration" target="_blank">be sure to read up on their site to see all the variables</a>.<br />
<br />
The Guacamole website will have a username of <b>guacadmin </b>and a password of <b>guacpass</b>.<br />
<br />
For our purposes we are going to connect to a windows box, <b>192.168.0.25</b> with the username: <b>winuser </b>and the password <b>winpassword </b>on the standard port 3389. <span style="color: red;"><b>Change these fields to the Windows box you want to connect to.</b></span><br />
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">vi /etc/guacamole/user-mapping.xml</pre>
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;"><pre style="border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; line-height: 1.3em; padding: 1em;"><user-mapping>
<authorize username="guacadmin" password="guacpass">
<protocol>rdp</protocol>
<param name="hostname"><b>192.168.0.25</b></param>
<param name="port">3389</param>
<param name="username"><b>winuser</b></param>
<param name="password"><b>winpass</b></param>
</authorize>
</user-mapping></pre>
</pre>
<br />
You may need to adjust your remote desktop settings to allow connections from non-NLA authenticated servers, such as this.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkZ5qiW-dqJ3WzxQDv9HjPGFURtdo2bM-EVcJVWKG6iI2lr_V9ACqMBc-c2HAjz8-92eHGCGPOWQsIXvyK58WjRsf91Z5KYvwBQ7e0oPnAullUMSJD9DJkvKmGMbtyqJ7l_iSEvThO-F8/s1600/w1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkZ5qiW-dqJ3WzxQDv9HjPGFURtdo2bM-EVcJVWKG6iI2lr_V9ACqMBc-c2HAjz8-92eHGCGPOWQsIXvyK58WjRsf91Z5KYvwBQ7e0oPnAullUMSJD9DJkvKmGMbtyqJ7l_iSEvThO-F8/s320/w1.png" width="288" /></a></div>
<br />
Update tomcat to point to the user authentication files.<br />
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">mkdir /usr/share/tomcat7/.guacamole</pre>
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat7/.guacamole</pre>
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">wget http://sourceforge.net/projects/guacamole/files/current/binary/guacamole-0.9.8.war</pre>
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;"><span style="line-height: 1.3em;">cp guacamole-0.9.8.war /var/lib/tomcat7/webapps/guacamole.war</span>
</pre>
<br />
Restart the tomcat and guacamole services<br />
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">service guacd start && service tomcat7 restart</pre>
<br />
You should now be able to access your server via port 8080. For instance, my server which is 192.168.0.24<br />
<br />
http://192.168.0.24:8080/guacamole/<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYOOzn9HHUpp7ZFFGVpRiL2SoXRg0cLsJjhNJGb6-GXIPnx05IOan2IMSaWOpZh5Gc3YhX788t1AChrFH3zEZNi_ecujv-t5qQOoltNi8WzFfZzr7V8GlbDLa4kj5D0FoZB2ChmU2ouxQ/s1600/g1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="242" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYOOzn9HHUpp7ZFFGVpRiL2SoXRg0cLsJjhNJGb6-GXIPnx05IOan2IMSaWOpZh5Gc3YhX788t1AChrFH3zEZNi_ecujv-t5qQOoltNi8WzFfZzr7V8GlbDLa4kj5D0FoZB2ChmU2ouxQ/s320/g1.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
Log in with the guacadmin/guacpass credentials and it will automatically log you into windows using the credentials you supplied in the user-mapping.xml file.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi1DppHzesHK-wOuCl7dN-59lgCaeFCxmmntpR3TGZtmr8qUKaVGtcRzAj05oXuN4SXdLnZk_mzSTuzZBO3a-xPDyFpi9BMskUpU0TcfZxBPh2qaSs5qCe7d0LjwDzJDat0QXJC59qs4MU/s1600/g2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="242" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi1DppHzesHK-wOuCl7dN-59lgCaeFCxmmntpR3TGZtmr8qUKaVGtcRzAj05oXuN4SXdLnZk_mzSTuzZBO3a-xPDyFpi9BMskUpU0TcfZxBPh2qaSs5qCe7d0LjwDzJDat0QXJC59qs4MU/s320/g2.png" width="320" /></a></div>
<br />
<br />
If you do not want it running in the /guacamole subfolder and want to place it in the server root<br />
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">service tomcat7 stop</pre>
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">mv /var/lib/tomcat7/webapps/ROOT /var/lib/tomcat7/webapps/ROOT.bkp</pre>
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">mv /var/lib/tomcat7/webapps/guacamole /var/lib/tomcat7/webapps/ROOT</pre>
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">service tomcat7 start</pre>
<br />
You should now be able to access it via the ip and port: http://192.168.0.24:8080<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjbBfvNTZm8egblg7qoLZCurpsAPOXIOa4nEl9CklGQQuIJzAKQxZepacHYLQRYXfltxa9HVPQeTUaSE5EhLG82neqZPfF2dkDWAh6OAFdWWLPd2lTF8nqbCHY7tP43A0H4cB980GmjUVg/s1600/g3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="242" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjbBfvNTZm8egblg7qoLZCurpsAPOXIOa4nEl9CklGQQuIJzAKQxZepacHYLQRYXfltxa9HVPQeTUaSE5EhLG82neqZPfF2dkDWAh6OAFdWWLPd2lTF8nqbCHY7tP43A0H4cB980GmjUVg/s320/g3.png" width="320" /></a></div>
<br />
To further strengthen the server and allow https over a standard port, nginx can be installed side-by-side with tomcat to provide a reverse proxy and allow encryption.<br />
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">apt-get install -y nginx</pre>
<br />
Don't forget to update the firewall to allow port 443 and remove port 8080<br />
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">ufw allow 443 && ufw delete allow 8080</pre>
<br />
Generate the SSL keys<br />
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">mkdir /etc/nginx/ssl && openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/guacamole.key -out /etc/nginx/ssl/guacamole.crt</pre>
<br />
If you are using a DNS name to access the server, or anything other than an IP address, make sure you include the FQDN.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwRwYsEPBb8csSwyk7Jt4775fjmvJ2m9BLnuOK9VPNScrSzC6E5vIbB6hvxpFnX4pUxOxj5-2LO62QmCZS_Yap1D6a9m5o_gQAaEihJhSEXCdfHy_NiawI9lcVtZfYQh2wTLk5oVzbyBY/s1600/g4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="149" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwRwYsEPBb8csSwyk7Jt4775fjmvJ2m9BLnuOK9VPNScrSzC6E5vIbB6hvxpFnX4pUxOxj5-2LO62QmCZS_Yap1D6a9m5o_gQAaEihJhSEXCdfHy_NiawI9lcVtZfYQh2wTLk5oVzbyBY/s320/g4.png" width="320" /></a></div>
<br />
<br />
We want to clear out the default nginx configuration and add our own<br />
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">mv /etc/nginx/sites-available/default /etc/nginx/sites-available/default.bkp</pre>
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">rm /etc/nginx/sites-enabled/default</pre>
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">vi /etc/nginx/sites-available/guacamole</pre>
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;"><pre style="border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; line-height: 1.3em; padding: 1em;">server {
listen 443 ssl;
server_name 192.168.0.24;
access_log /var/log/nginx/guacamole.access.log ;
error_log /var/log/nginx/guacamole.error.log info ;
ssl_certificate /etc/nginx/ssl/guacamole.crt;
ssl_certificate_key /etc/nginx/ssl/guacamole.key;
location / {
proxy_buffering off;
proxy_pass http://127.0.0.1:8080;
}
}</pre>
</pre>
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">ln -s /etc/nginx/sites-available/guacamole /etc/nginx/sites-enabled/guacamole</pre>
<br />
Restart nginx<br />
<br />
<pre style="background-color: #f9f9f9; border: 1px solid rgb(221, 221, 221); font-family: monospace, Courier; font-size: 14px; line-height: 1.3em; padding: 1em;">service nginx restart</pre>
<br />
You should now be able to access the server via the standard https port<br />
<br />
https://192.168.0.24<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikzyLhOVtPbWL5ybeqn_rvyyseMWkp82L3RMNd_CQLvrOL__UxMTDc6YWLkHxdfJWBV-6owUy7GA8d-ur4UB29sfmKyekuFwiAmxdg8VlZobjiOc_RjO9shIx2ZgS2xzAzFVcDmd2WKPE/s1600/g5.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="242" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikzyLhOVtPbWL5ybeqn_rvyyseMWkp82L3RMNd_CQLvrOL__UxMTDc6YWLkHxdfJWBV-6owUy7GA8d-ur4UB29sfmKyekuFwiAmxdg8VlZobjiOc_RjO9shIx2ZgS2xzAzFVcDmd2WKPE/s320/g5.png" width="320" /></a></div>
<br /></div>
Unknownnoreply@blogger.com1tag:blogger.com,1999:blog-4414017290057390418.post-64977364272448067392015-09-05T12:03:00.005-05:002015-09-05T12:05:06.321-05:00Export Oracle Virtualbox signed hardware cert and slipstream it into a Windows install<div dir="ltr" style="text-align: left;" trbidi="on">
If you deploy a lot of Windows 7 boxes using Virtualbox and resort to slipstreaming prerequisite files using nlite and/or answer files, you know the fully automated Virtualbox Guest Additions stops and prompts for input due to an unsigned driver from Oracle:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTgL88a3HiUzUuGlpMqtstOgMWBkmMKTNSupgWtRiHBxVKCf261xeEiXI5qmu9MriMNWNfBtdjBe3plCJnAfsUMOU0le-lrd9FSLkKF1T5Z_JRHoALgd5hQCaemfnW-lYk2nl-yPMXoKY/s1600/Oracle+cert.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="148" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTgL88a3HiUzUuGlpMqtstOgMWBkmMKTNSupgWtRiHBxVKCf261xeEiXI5qmu9MriMNWNfBtdjBe3plCJnAfsUMOU0le-lrd9FSLkKF1T5Z_JRHoALgd5hQCaemfnW-lYk2nl-yPMXoKY/s320/Oracle+cert.png" width="320" /></a></div>
<br />
<br />
Thus, the install is not fully automated. To get around this, you can export the cert from another Windows guest that has Virtualbox installed using Powershell.<br />
<br />
Run powershell with elevated privileges and execute these commands:<br />
<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">cd cert:\LocalMachine\TrustedPublisher</pre>
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">$cert = dir | where { $_.Subject -like "*Oracle*" }</pre>
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">$type = [System.Security.Cryptography.X509Certificates.X509ContentType]::Cert</pre>
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">$bytes = $cert.Export($type)</pre>
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">[System.IO.File]::WriteAllBytes("C:\oracle.cer", $bytes)</pre>
<br />
You should have an Oracle hex encoded cert in the root of your C: drive named oracle.cert.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEifKUCZ_2QupMrNn553AxqBBOByNh2Ix0XPyesybBnC3VijYfIMoRhyphenhyphenqf6qlH_ZHt1mZ3TBQhTq3BrqrPodRdW_c-HgXdhw7_GRugaxPA6j-oFG99y4VApKJ2qAz6BwTvzSb0jx32QmkLk/s1600/PS.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="78" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEifKUCZ_2QupMrNn553AxqBBOByNh2Ix0XPyesybBnC3VijYfIMoRhyphenhyphenqf6qlH_ZHt1mZ3TBQhTq3BrqrPodRdW_c-HgXdhw7_GRugaxPA6j-oFG99y4VApKJ2qAz6BwTvzSb0jx32QmkLk/s320/PS.png" width="320" /></a></div>
<br />
<br />
To make this easier to install during the slipstream process, encode the cert in a 7zip SFX executable file. (sounds more complicated than it is if you've never used it. It simply creates an executable zip file),<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgcw_150-S_qP_2bM-cSnYTqvtKjSC4ekbOgNkV1OKzMag_4AeAl0TUEzCjOnGHOrD3xqhrTEJKyhTpbj6qWaOL_wmflHE-w3HUIoCIg3fYfAxRZA9DseXgmuS-EIqhj5xYu-3zM1ceUBo/s1600/SFX.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="319" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgcw_150-S_qP_2bM-cSnYTqvtKjSC4ekbOgNkV1OKzMag_4AeAl0TUEzCjOnGHOrD3xqhrTEJKyhTpbj6qWaOL_wmflHE-w3HUIoCIg3fYfAxRZA9DseXgmuS-EIqhj5xYu-3zM1ceUBo/s320/SFX.png" width="320" /></a></div>
<br />
Now, using NTLite, or whatever app of choice, for your post process scripts, we need to extract the cert to the C: drive and import it into the host using certutil.<br />
<br />
<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">oracle.exe -oc:\ -y</pre>
<br />
(There is <b>no space</b> between the <b>o</b> and <b>c</b> in the script above)<br />
<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">certutil -addstore -f "TrustedPublisher" c:\oracle.cer</pre>
<br />
You should have something like this:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9p9SlBSkdY5sdrasiwYR7o9e8XTUd7euSG0Jd1SGalTsbwmTbns847YsbXzF3PrnleyTQbz5hsaUj9zXOXCS6VKrWlAX_GeuX1l_B0EquxX8el2Y1EASeEpTjXSoqdUNvhh9t2BoztbQ/s1600/NTLite.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="113" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9p9SlBSkdY5sdrasiwYR7o9e8XTUd7euSG0Jd1SGalTsbwmTbns847YsbXzF3PrnleyTQbz5hsaUj9zXOXCS6VKrWlAX_GeuX1l_B0EquxX8el2Y1EASeEpTjXSoqdUNvhh9t2BoztbQ/s320/NTLite.png" width="320" /></a></div>
<br />
After you compile the ISO, your fully automated installs shouldn't prompt to trust that cert in the middle of your post processing.</div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-4414017290057390418.post-81155900053417419522015-08-15T00:13:00.003-05:002015-10-03T09:36:53.393-05:00Build a Yahoo Pipes replacement with Tiny Tiny RSS on Ubuntu 14.04<div dir="ltr" style="text-align: left;" trbidi="on">
<a href="https://tt-rss.org/" target="_blank">TT-RSS</a> is an open source Yahoo Pipes (and to a large part, Google Reader) replacement. You can filter feeds, import OPML files and access via APIs and Android. It also has plugin support.<br />
<br />
I'm going to list the steps to install Tiny Tiny RSS on a clean install of Ubuntu 14.04 using Apache, PostgreSQL, GIT and PHP5.<br />
<br />
<span style="color: red;"><b>For demonstration purposes I'm not including the best security practices (SSL, firewall, fail2ban, user permission best practices, etc). Please refer to <a href="https://www.digitalocean.com/community/tutorials/additional-recommended-steps-for-new-ubuntu-14-04-servers" target="_blank">this</a> great guide to secure your installation.</b></span><br />
<br />
From a clean Ubuntu 14.04LTS install the following packages:<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">apt-get update && apt-get install -y apache2 git ntp postgresql-contrib php5 php5-curl php5-cli php5-pgsql</pre>
<br />
Make sure your hostname is set and update the Apache config to prevent FQDN error messages.<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">echo "ServerName $HOSTNAME" >> /etc/apache2/apache2.conf</pre>
<br />
Also, since timing is important with RSS feeds, we installed the NTP service.<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">service ntp reload</pre>
<br />
We are going to recycle the standard html output rather than create a virtualhost for demonstration purposes so we will git clone into the generic Apache directory.<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">git clone https://tt-rss.org/git/tt-rss.git /var/www/tt-rss</pre>
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">mv /var/www/html /var/www/html2 && mv /var/www/tt-rss /var/www/html</pre>
<br />
Now we are going to create a PostgresSQL user and database. Make sure you enter your own, <i>unique </i>username and password (<b>and document it</b>).<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">su - postgres</pre>
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">createuser -P -s -e ttpguser</pre>
<br />
It will prompt you to create a password for the ttpguser (or whichever username you chose).<br />
Now we will create the database<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">createdb ttrssdb</pre>
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">exit</pre>
<br />
After you exit, you should be back as root. We need to modify the PostgreSQL client authentication conf file:<b> /etc/postgresql/9.3/main/pg_hba.conf</b> (Use nano if you are more comfortable with it.) and add the user we created in the database.<br />
<br />
After this line:<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">local all postgres peer</pre>
Add this entry (make sure that it's the same username you created earlier):<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">local all ttpguser md5</pre>
<br />
Update permissions for the cache and various other elements<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">chmod -R 777 /var/www/html/cache/images
chmod -R 777 /var/www/html/cache/upload
chmod -R 777 /var/www/html/cache/export
chmod -R 777 /var/www/html/cache/js
chmod -R 777 /var/www/html/feed-icons
chmod -R 777 /var/www/html/lock</pre>
<br />
Restart the services<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">service postgresql restart && service apache2 restart</pre>
<br />
Browse to the IP address of the server you created and you will be directed to http://<yourIP>/install if everything went alright.<br />
Enter the following parameters<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">Username ttpguser
DB name ttrssdb
Hostname (leave blank)
Port 5432</pre>
<br />
Once that's done, initialize the database. You will get some code you will need to copy and import into your root www directory.<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">vi /var/www/html/config.php</pre>
<br />
Paste the code in and save the file. Go back to the root site, http://<yourip> and you should be welcomed with a login screen. The default username and password are <b>admin </b>and <b>password</b>.<br />
<br />
To change this, go to Actions -> Preferences -> Users -> Admin -> Change password -> Fill out email (for some reason, cant change password for admin without entering an email address) -> Save -> (Refresh the browser)<br />
Log back in as the admin and the new password. Head back to the user section. Add a new user and create a username you wish to use. Click on it again and enter the password.<br />
<br />
You should be able to log in with the non-admin user.<br />
<br />
To add a feed, go to Actions -> Subscribe to feed. You will notice the feed does not update. There are multiple ways to update, check the main site for more information on setting cron jobs, etc. For testing, we can simple type<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">su -c "php /var/www/html/update_daemon2.php" -s /bin/sh www-data&</pre>
<br />
This will start scrolling text, and will continue to run in the background. If you end the process, the updates will stop. Read the <a href="https://tt-rss.org/gitlab/fox/tt-rss/wikis/UpdatingFeeds" target="_blank">main tt-rss page</a> on updating for more information.<br />
<br />
You should see feeds start to appear. You can also import your OPML file now.</div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-4414017290057390418.post-8690514729582898322015-02-23T15:42:00.000-06:002015-02-23T15:51:14.221-06:00Dropbear SSH vulnerabilities in stock Arduino Yun. How to update to OpenSSH remotely.<div dir="ltr" style="text-align: left;" trbidi="on">
The Arduino Yún ships with Dropbear version 2011.54-2. There are multiple vulnerabilities with it and is not advised to be used. If your arduino is in a remote location and you want to update to OpenSSH, without losing remote access to the device, follow these steps.<br />
<br />
<div class="level1" style="margin: 0px; padding: 0px;">
<ul style="color: #333333; font-family: Arial, sans-serif; font-size: 14px; line-height: 12.25px; list-style: square outside; margin: 0px 0px 1.4em; padding: 0px 0px 0px 1.5em;">
<li class="level1" style="color: #999999; margin: 0px 0px 0px 1.5em; padding: 0px;"><div class="li" style="color: #333333; margin: 0px; padding: 0px;">
Change the Dropbear port to an unused/free one on your box and restart Dropbear<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">uci set dropbear.@dropbear[0].Port=2222
uci commit dropbear
/etc/init.d/dropbear restart</pre>
</div>
</li>
</ul>
<ul style="color: #333333; font-family: Arial, sans-serif; font-size: 14px; line-height: 12.25px; list-style: square outside; margin: 0px 0px 1.4em; padding: 0px 0px 0px 1.5em;">
<li class="level1" style="color: #999999; margin: 0px 0px 0px 1.5em; padding: 0px;"><div class="li" style="color: #333333; margin: 0px; padding: 0px;">
Reconnect to your Yun via SSH on the configured port above</div>
</li>
</ul>
<ul style="color: #333333; font-family: Arial, sans-serif; font-size: 14px; line-height: 12.25px; list-style: square outside; margin: 0px 0px 1.4em; padding: 0px 0px 0px 1.5em;">
<li class="level1" style="color: #999999; margin: 0px 0px 0px 1.5em; padding: 0px;"><div class="li" style="color: #333333; margin: 0px; padding: 0px;">
Install the openssh-server<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">opkg update
opkg install openssh-server</pre>
</div>
</li>
</ul>
<ul style="color: #333333; font-family: Arial, sans-serif; font-size: 14px; line-height: 12.25px; list-style: square outside; margin: 0px 0px 1.4em; padding: 0px 0px 0px 1.5em;">
<li class="level1" style="color: #999999; margin: 0px 0px 0px 1.5em; padding: 0px;"><div class="li" style="color: #333333; margin: 0px; padding: 0px;">
Enable and start OpenSSH server. OpenSSH will listen now on port 22<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">/etc/init.d/sshd enable
/etc/init.d/sshd start</pre>
</div>
</li>
</ul>
<ul style="color: #333333; font-family: Arial, sans-serif; font-size: 14px; line-height: 12.25px; list-style: square outside; margin: 0px 0px 1.4em; padding: 0px 0px 0px 1.5em;">
<li class="level1" style="color: #999999; margin: 0px 0px 0px 1.5em; padding: 0px;"><div class="li" style="color: #333333; margin: 0px; padding: 0px;">
Reconnect to your yun via SSH on port 22</div>
</li>
</ul>
<ul style="color: #333333; font-family: Arial, sans-serif; font-size: 14px; line-height: 12.25px; list-style: square outside; margin: 0px 0px 1.4em; padding: 0px 0px 0px 1.5em;">
<li class="level1" style="color: #999999; margin: 0px 0px 0px 1.5em; padding: 0px;"><div class="li" style="color: #333333; margin: 0px; padding: 0px;">
Now you can disable Dropbear<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">/etc/init.d/dropbear disable
/etc/init.d/dropbear stop</pre>
</div>
</li>
</ul>
<ul style="list-style: square outside; margin: 0px 0px 1.4em; padding: 0px 0px 0px 1.5em;">
<li class="level1" style="color: #999999; font-family: Arial, sans-serif; font-size: 14px; line-height: 12.25px; margin: 0px 0px 0px 1.5em; padding: 0px;"><div class="li" style="color: #333333; margin: 0px; padding: 0px;">
Install the <code style="border-radius: 2px; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; white-space: pre;">openssh-sftp-server</code> package to install support for the SFTP protocol which SSHFS uses<br />
<pre class="code" style="background: rgba(255, 255, 255, 0.901961); border-radius: 2px; border: 1px solid rgb(204, 204, 204); box-shadow: rgb(204, 204, 204) 0px 0px 0.5em inset; direction: ltr; font-family: Consolas, 'Andale Mono WT', 'Andale Mono', 'Bitstream Vera Sans Mono', 'Nimbus Mono L', Monaco, 'Courier New', monospace; font-size: 1em; margin-bottom: 1.4em; overflow: auto; padding: 0.7em 1em; word-wrap: normal;">opkg update
opkg install openssh-sftp-server</pre>
</div>
</li>
</ul>
<div>
Log into the Yun from the web address. Go to Configure > Advanced Configuration > System > Software and under Installed Packages and remove Dropbear.</div>
<div style="font-size: 14px; line-height: 12.25px;">
<span style="color: #999999; font-family: monospace;"><span style="white-space: pre;"><br /></span></span></div>
</div>
<br />
<div style="background: #cb1d17; border-bottom: 0px; border: 1px solid #CCCCCC; color: white; margin-bottom: 0px; margin: 3px; padding: 4px;">
<div style="float: right; text-align: right;">
22/tcp</div>
<b>High</b>
(CVSS: 7.1)
<br />
<div style="width: 100%;">
NVT:
Dropbear SSH Server Use-after-free Vulnerability
(OID: 1.3.6.1.4.1.25623.1.0.105113)
</div>
</div>
<div style="border-top: 0px; border: 1px solid #CCCCCC; margin-bottom: 0px; margin-top: 0px; margin: 3px; padding: 4px;">
<b>Summary</b><br />
This host is installed with Dropbear SSH Server and
is prone to a use-after-free vulnerability.</div>
<div style="border-top: 0px; border: 1px solid #CCCCCC; margin-bottom: 0px; margin-top: 0px; margin: 3px; padding: 4px;">
<b>Vulnerability Detection Result</b><br />
Vulnerability was detected according to the Vulnerability Detection Method.
</div>
<div style="border-top: 0px; border: 1px solid #CCCCCC; margin-bottom: 0px; margin-top: 0px; margin: 3px; padding: 4px;">
<b>Impact</b><br />
This flaw allows remote authenticated users
to execute arbitrary code and bypass command restrictions via multiple crafted
command requests, related to channels concurrency.</div>
<div style="border-top: 0px; border: 1px solid #CCCCCC; margin-bottom: 0px; margin-top: 0px; margin: 3px; padding: 4px;">
<b>Solution</b><br />
Updates are available.</div>
<div style="border-top: 0px; border: 1px solid #CCCCCC; margin-bottom: 0px; margin-top: 0px; margin: 3px; padding: 4px;">
<b>Affected Software/OS</b><br />
Versions of Dropbear SSH Server 0.52 through
2011.54 are vulnerable.</div>
<div style="border-top: 0px; border: 1px solid #CCCCCC; margin-bottom: 0px; margin-top: 0px; margin: 3px; padding: 4px;">
<b>Vulnerability Insight</b><br />
A use-after-free vulnerability exists in Dropbear SSH
Server 0.52 through 2011.54 when command restriction and public key authentication are enabled.</div>
<div style="border-top: 0px; border: 1px solid #CCCCCC; margin-bottom: 0px; margin-top: 0px; margin: 3px; padding: 4px;">
<b>Vulnerability Detection Method</b><br />
Check the version.<br />
Details:
Dropbear SSH Server Use-after-free Vulnerability
(OID: 1.3.6.1.4.1.25623.1.0.105113)
<br />
Version used: $Revision: 809 $</div>
<div style="border-top: 0px; border: 1px solid #CCCCCC; margin-bottom: 0px; margin-top: 0px; margin: 3px; padding: 4px;">
<b>References</b><br />
<table>
<tbody>
<tr valign="top">
<td>CVE:</td>
<td>CVE-2012-0920</td>
</tr>
<tr valign="top">
<td>BID:</td>
<td>52159</td>
</tr>
<tr valign="top">
<td>Other:</td>
<td>http://www.securityfocus.com/bid/52159</td>
</tr>
<tr valign="top">
<td></td>
<td>https://matt.ucc.asn.au/dropbear/dropbear.html</td>
</tr>
</tbody></table>
</div>
<div style="background: #f99f31; border-bottom: 0px; border: 1px solid #CCCCCC; color: white; margin-bottom: 0px; margin: 3px; padding: 4px;">
<div style="float: right; text-align: right;">
22/tcp</div>
<b>Medium</b>
(CVSS: 5.0)
<br />
<div style="width: 100%;">
NVT:
Dropbear SSH Server Multiple Security Vulnerabilities
(OID: 1.3.6.1.4.1.25623.1.0.105114)
</div>
</div>
<div style="border-top: 0px; border: 1px solid #CCCCCC; margin-bottom: 0px; margin-top: 0px; margin: 3px; padding: 4px;">
<b>Summary</b><br />
This host is installed with Dropbear SSH Server and
is prone to multiple vulnerabilities.</div>
<div style="border-top: 0px; border: 1px solid #CCCCCC; margin-bottom: 0px; margin-top: 0px; margin: 3px; padding: 4px;">
<b>Vulnerability Detection Result</b><br />
Vulnerability was detected according to the Vulnerability Detection Method.
</div>
<div style="border-top: 0px; border: 1px solid #CCCCCC; margin-bottom: 0px; margin-top: 0px; margin: 3px; padding: 4px;">
<b>Impact</b><br />
The flaws allows remote attackers to cause a denial of service
or to discover valid usernames.</div>
<div style="border-top: 0px; border: 1px solid #CCCCCC; margin-bottom: 0px; margin-top: 0px; margin: 3px; padding: 4px;">
<b>Solution</b><br />
Updates are available.</div>
<div style="border-top: 0px; border: 1px solid #CCCCCC; margin-bottom: 0px; margin-top: 0px; margin: 3px; padding: 4px;">
<b>Affected Software/OS</b><br />
Versions prior to Dropbear SSH Server 2013.59 are vulnerable.</div>
<div style="border-top: 0px; border: 1px solid #CCCCCC; margin-bottom: 0px; margin-top: 0px; margin: 3px; padding: 4px;">
<b>Vulnerability Insight</b><br />
Multiple flaws are due to,
- The buf_decompress function in packet.c in Dropbear SSH Server before 2013.59
allows remote attackers to cause a denial of service (memory consumption)
via a compressed packet that has a large size when it is decompressed.
- Dropbear SSH Server before 2013.59 generates error messages for a failed
logon attempt with different time delays depending on whether the user account
exists.</div>
<div style="border-top: 0px; border: 1px solid #CCCCCC; margin-bottom: 0px; margin-top: 0px; margin: 3px; padding: 4px;">
<b>Vulnerability Detection Method</b><br />
Check the version.<br />
Details:
Dropbear SSH Server Multiple Security Vulnerabilities
(OID: 1.3.6.1.4.1.25623.1.0.105114)
<br />
Version used: $Revision: 809 $</div>
<div style="border-top: 0px; border: 1px solid #CCCCCC; margin-bottom: 0px; margin-top: 0px; margin: 3px; padding: 4px;">
<b>References</b><br />
<table>
<tbody>
<tr valign="top">
<td>CVE:</td>
<td>CVE-2013-4421, CVE-2013-4434</td>
</tr>
<tr valign="top">
<td>BID:</td>
<td>62958, 62993</td>
</tr>
<tr valign="top">
<td>CERT:</td>
<td>DFN-CERT-2013-1865
, DFN-CERT-2013-1772
</td>
</tr>
<tr valign="top">
<td>Other:</td>
<td>http://www.securityfocus.com/bid/62958</td>
</tr>
<tr valign="top">
<td></td>
<td>http://www.securityfocus.com/bid/62993</td>
</tr>
<tr valign="top">
<td></td>
<td>https://matt.ucc.asn.au/dropbear/dropbear.html</td>
</tr>
</tbody></table>
</div>
<a href="http://wiki.openwrt.org/inbox/replacingdropbearbyopensshserver" target="_blank"><i>Source</i></a></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-4414017290057390418.post-36819501000832882282015-02-14T17:54:00.000-06:002015-02-14T18:07:57.605-06:00Graph Elertus and Google Nest in Nagios/check_mk<div dir="ltr" style="text-align: left;" trbidi="on">
I recently got turned onto <a href="http://omdistro.org/download" target="_blank">OMD/check_mk</a>, which is probably the most user friendly tool for Nagios. It has a nearly complete Nagios stack, and more:<br />
<br />
<ul style="text-align: left;">
<li>Nagios</li>
<li>Monitoring Plugins</li>
<li>check_nrpe</li>
<li>mrpe (a check_mk clone of nrpe)</li>
<li>Icinga</li>
<li>Shinken</li>
<li>NagVis</li>
<li>pnp4nagios</li>
<li>rrdtool/rrdcached</li>
<li>Check_MK</li>
<li>MK Livestatus</li>
<li>Multisite</li>
<li>Dokuwiki</li>
<li>Thruk</li>
<li>Mod-Gearman</li>
<li>check_logfiles</li>
<li>check_oracle_health</li>
<li>check_mysql_health</li>
<li>jmx4perl</li>
<li>check_webinject</li>
<li>check_multi</li>
</ul>
<br />
<br />
It has a very simple install and works with Debian/Ubuntu/Red Hat/SUSE. I recently deleted my Icinga build and went all in with this.<br />
<br />
As well as regular servers, vmware and other things, I'm able to graph Google Nest's temperature, humidity and "leaf" status. You can set up alerts if it crosses a certain threshold and graph for as many years and you wish.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhK2-7fRJWNdFmDpdXJRSNw9tyqTcuGzI9DxQGxiQFa9Qfn4STp8cMFDEL0kdicinS_8tbugviCQVL0GIJGTvxDHXr2aDOt0dhsxWgQPwFP8BLqEJcARDnzdQbmk77rIvRFIV6yukAxD8k/s1600/nestl.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhK2-7fRJWNdFmDpdXJRSNw9tyqTcuGzI9DxQGxiQFa9Qfn4STp8cMFDEL0kdicinS_8tbugviCQVL0GIJGTvxDHXr2aDOt0dhsxWgQPwFP8BLqEJcARDnzdQbmk77rIvRFIV6yukAxD8k/s1600/nestl.png" height="320" width="276" /></a></div>
<div style="text-align: center;">
Check_MK with Google Nest</div>
<br />
This is something that is sorely lacking in Google's current site since the graphing information is only stored for 10 days, and doesn't provide the granular level of detail I want.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgT8GJ9Zx0qpQRUzri0MvbsZ_Shbu3f3NDsrUE1un5nxZy-Hi1jGwO5tQcDsAETa0VfiQKVe2l5bu6Lg_ydm2mjEW0uNkEW8-QRgURLj90t8P601k648awu3DdpgsVp4niaQ0GTXHBaHvI/s1600/nestg.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgT8GJ9Zx0qpQRUzri0MvbsZ_Shbu3f3NDsrUE1un5nxZy-Hi1jGwO5tQcDsAETa0VfiQKVe2l5bu6Lg_ydm2mjEW0uNkEW8-QRgURLj90t8P601k648awu3DdpgsVp4niaQ0GTXHBaHvI/s1600/nestg.png" height="210" width="320" /></a></div>
<div style="text-align: center;">
Google Nest's graphs.</div>
<br />
While I won't go into much detail on the install of OMD (it's pretty straightforward) and I won't go into much detail about the Nest integration (<a href="http://blog.gavinadams.org/2014/12/27/nest-home-automation-checks-for-check_mk/" target="_blank">Great writeup on how to do that here</a>) I will be showing a way to get another product, the Elertus, monitored with check_mk as an example of what you can do with it.<br />
<br />
The Elertus, is a wifi temperature, sound, light and water detector that runs on batteries. <a href="http://www.binarypower.com/2014/06/debugging-elertus-and-general-review.html" target="_blank">I wrote up an article about it on this blog before</a>. It's a little trickier to monitor than the Nest due to the fact that there is no API, no way to scrape information off of the device since it only makes outbound connections.<br />
<br />
Since my last post, last year, nothing has changed with it, nor has my opinion. It's still sluggish, no graphing, no "all clear" alerts... and a painfully slow (and useless) app to compliment. The plus side is that it's been almost a year and the batteries still work (AA batteries). I have had no connection issues from it as far as I can tell.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhT7UWUzUrtuLMNE5WHTx6v4nUStpZvX-4SM0TKr_P2iPmizkxcfOOW44179IaUkYmUlY14yzC4OnFOzr39honcIlCsZigQ1jWamHkHXnOxKeWN2aaaPr7mNX_0rCJVNdJQULNy4DW-irs/s1600/elertus.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhT7UWUzUrtuLMNE5WHTx6v4nUStpZvX-4SM0TKr_P2iPmizkxcfOOW44179IaUkYmUlY14yzC4OnFOzr39honcIlCsZigQ1jWamHkHXnOxKeWN2aaaPr7mNX_0rCJVNdJQULNy4DW-irs/s1600/elertus.png" height="92" width="640" /></a></div>
Other than an alerts tab, there's not much more to the Elertus website<br />
<br />
<br />
When I had my Icinga server, I stood up another box that basically sniffed the traffic as it was in delivery to their servers.(<i>which is still sent cleartext, btw). </i>I cut out the bits and pieces I needed to get a basic graph up. Since I started this server, I decided to try a new method.<br />
<br />
Using pfSense, I created a static DCHP connection for the device and an internal NAT rule to relay the traffic from the Elertus to my own web server running Apache with <b>mod_dumpio</b> turned on.<br />
<br />
While this basically kills any communication with the Elertus servers, they won't be missed. With, my prior setup I was able to enjoy both my internally generated alerts, and their alerts, but I found my own to be a lot more useful.<br />
<br />
The Elertus sends out a POST to their servers as a check in.<br />
<br />
<pre style="background-color: #eeeeee; border: 1px dashed #999999; color: black; font-family: Andale Mono, Lucida Console, Monaco, fixed, monospace; font-size: 12px; line-height: 14px; overflow: auto; padding: 5px; width: 100%;"><code style="color: black; word-wrap: normal;">device_type=1&posix_time=1423925134&email_id=myemail@gmail.com&mac_address=000680000000&alert_flags=&light=14&temp=298&humidity=30&battery=70&motion=0&int_contact=1&ext_contact=1&ext_temp=-1&fw_ver=4.0.1_EL_v7&debug=rssi:46, ant:I, af:, pkt:l14_t298_h30_b70_m0_i1_e1_x-1_p1423925134, wdog:1, crtry:4, queue:3, ctime:w2285_d410_n130_s205_t3040, &</code></pre>
<br />
<br />
Apache has a virtualhost set up to receive those incoming PHP POST requests with dumpio enabled and the trace level set to 7.<br />
<br />
<br />
<pre style="background-color: #eeeeee; border: 1px dashed rgb(153, 153, 153); font-family: 'Andale Mono', 'Lucida Console', Monaco, fixed, monospace; font-size: 12px; line-height: 14px; overflow: auto; padding: 5px; width: 653px;"><code style="word-wrap: normal;"><IfModule dumpio_module>
DumpIOInput On
DumpIOOutput On
LogLevel dumpio:trace7
</IfModule</code></pre>
<div>
<code style="word-wrap: normal;"><br /></code></div>
I also made sure to set custom logs, for just this module, as they will be filling up quick.<br />
<br />
<pre style="background-color: #eeeeee; border: 1px dashed rgb(153, 153, 153); font-family: 'Andale Mono', 'Lucida Console', Monaco, fixed, monospace; font-size: 12px; line-height: 14px; overflow: auto; padding: 5px; width: 653px;"><code style="word-wrap: normal;">ErrorLog ${APACHE_LOG_DIR}/dumpio_module_error.log
CustomLog ${APACHE_LOG_DIR}/dumpio_module_access.log combined</code></pre>
<br />
The requests come in 2 at a time, sometimes more if there is any movement/light. So, to remedy the lack of a consistent time period to check the logs, I set up a cron job to pull the newest line in the log with POST data. This runs every 5 minutes.<br />
<br />
<pre style="background-color: #eeeeee; border: 1px dashed rgb(153, 153, 153); font-family: 'Andale Mono', 'Lucida Console', Monaco, fixed, monospace; font-size: 12px; line-height: 14px; overflow: auto; padding: 5px; width: 653px;"><code style="word-wrap: normal;">#!/bin/bash
tac /var/log/apache2/dumpio_module_error.log | grep -m1 "email" > /tmp/tempout.txt
~/scripts/temp.sh
~/scripts/humidity.sh
~/scripts/battery.sh</code></pre>
<br />
The scripts within it, in turn, pull information out of the latest POST and updates the raw values to separate files. I've kept it modular so I can add more checks as I need them. I'm not too concerned about the water, movement and light alerts just yet.<br />
<br />
The temperature is in Kelvin, so I converted it to Fahrenheit.<br />
<br />
<pre style="background-color: #eeeeee; border: 1px dashed rgb(153, 153, 153); font-family: 'Andale Mono', 'Lucida Console', Monaco, fixed, monospace; font-size: 12px; line-height: 14px; overflow: auto; padding: 5px; width: 653px;"><code style="word-wrap: normal;">#!/bin/bash
tempk=$(cat /tmp/tempout.txt | awk -F "=" '/light/ {print $8}' | sed 's/&.*//')
tempb=$(awk "BEGIN {print "$tempk" - 273.15}")
temp=$(echo ""$tempb"*1.8+32" | bc)
echo "$temp" > ~/perfdata/temp</code></pre>
<div style="text-align: center;">
(<i>I know, this can be cleaned up a lot</i>)</div>
<br />
The battery and humidity, are pretty much the same thing, with different names. It just requires another <span style="background-color: #eeeeee; font-family: 'Andale Mono', 'Lucida Console', Monaco, fixed, monospace; font-size: 12px; line-height: 14px;">{print $<b>X</b>}</span> position. The light, movement and water sensor can be added just as easily since they are only values of 0 or 1.<br />
<br />
Now, unlike Nagios, getting devices to check_mk is a breeze. Making custom checks, with RRD graphing is just as easy. You add the custom checks to the host itself, not the monitoring server.<br />
<br />
This web server is Ubuntu and it has <a href="https://mathias-kettner.de/checkmk_linuxagent.html" target="_blank">check_mk</a> installed. There is a folder that allows you to put custom scripts to make local checks, above what it already monitors.<br />
<br />
<pre style="background-color: #eeeeee; border: 1px dashed rgb(153, 153, 153); font-family: 'Andale Mono', 'Lucida Console', Monaco, fixed, monospace; font-size: 12px; line-height: 14px; overflow: auto; padding: 5px; width: 653px;"><code style="word-wrap: normal;">/usr/lib/check_mk_agent/local/</code></pre>
<br />
The setup is pretty straightforward if you want monitoring with performance graphs.<br />
<br />
<pre style="background-color: #eeeeee; border: 1px dashed rgb(153, 153, 153); font-family: 'Andale Mono', 'Lucida Console', Monaco, fixed, monospace; font-size: 12px; line-height: 14px; overflow: auto; padding: 5px; width: 653px;"><code style="word-wrap: normal;">#!/bin/bash
TEMP1=$(cat ~/perfdata/temp)
echo '<<<local>>>'
echo "P Temperature temp="$TEMP1";35:89;32:91;0;110"</code></pre>
<br />
Any script that is in this folder runs when check_mk runs and grabs the other server global readings.<br />
<br />
The output appends itself to the bottom of the generated file, as a local check like this:<br />
<br />
<pre style="background-color: #eeeeee; border: 1px dashed rgb(153, 153, 153); overflow: auto; padding: 5px; width: 653px;"><span style="font-size: 12px; line-height: 14px;"><<<local>>>
P Temperature temp=73.13;35:89;32:91;0;110</span></pre>
<br />
It tells check_mk that it's available to be added as a service, with graphing<br />
<br />
<ul style="text-align: left;">
<li>P</li>
</ul>
<br />
The name of the service<br />
<br />
<ul style="text-align: left;">
<li>Temperature</li>
</ul>
<br />
The variable name<br />
<br />
<ul style="text-align: left;">
<li>temp=</li>
</ul>
<br />
The output from <span style="background-color: #eeeeee; font-family: 'Andale Mono', 'Lucida Console', Monaco, fixed, monospace; font-size: 12px; line-height: 14px;">$TEMP1</span>, the WARN <b>min:max</b>, the CRIT <b>min:max</b> and UNKNOWN <b>lower;upper</b> (for graphing reasons and not required). Notice that the colons and semicolons are there for a reason.<br />
<br />
When you scan the host in WATO on the main check_mk site, the host should have basic performance graphs and automatically added to the notification ruleset the host was part of.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVo6F6OyMiTLgl1YRVGNwYE9orkS-zLsO4svq11sYhuSXNd_4J6fOOucvSQpg-sWKjI6pcR7DB4jD_yFCUD_grONttLui_t2seaos0SeLjRtqvWAQBAxuus7gzbSN9lvqnM1fe3fFux7M/s1600/elertus2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVo6F6OyMiTLgl1YRVGNwYE9orkS-zLsO4svq11sYhuSXNd_4J6fOOucvSQpg-sWKjI6pcR7DB4jD_yFCUD_grONttLui_t2seaos0SeLjRtqvWAQBAxuus7gzbSN9lvqnM1fe3fFux7M/s1600/elertus2.png" height="320" width="233" /></a></div>
<br />
<br />
While it's not an ideal solution, it gets the job done. I wish Elertus would open their API up to developers, the would probably sell a lot more units if they did.<br />
<br />
I recommend anyone who's given up with Nagios/Icinga to give OMD a try. It's pretty good. The documentation is a little poor (and mostly in German), but with Google Translate and some coffee, you can get through it if you've ever set up any other monitoring before.</div>
Unknownnoreply@blogger.com1tag:blogger.com,1999:blog-4414017290057390418.post-72471161076631496102015-02-13T20:43:00.001-06:002015-02-13T20:43:53.450-06:00How to enable check_mk for pfSense 2.2<div dir="ltr" style="text-align: left;" trbidi="on">
The official check_mk plugin (v0.1.1) for pfSense 2.2 does not work. Here are the steps to configure it manually.<br />
<br />
Edit the rc.conf (notice, this location is different from the official FreeBSD)<br />
<br />
<pre style="background-color: #eeeeee; border: 1px dashed #999999; color: black; font-family: Andale Mono, Lucida Console, Monaco, fixed, monospace; font-size: 12px; line-height: 14px; overflow: auto; padding: 5px; width: 100%;"><code style="color: black; word-wrap: normal;">vi /etc/rc.conf.local</code></pre>
<pre style="background-color: #eeeeee; border: 1px dashed #999999; color: black; font-family: Andale Mono, Lucida Console, Monaco, fixed, monospace; font-size: 12px; line-height: 14px; overflow: auto; padding: 5px; width: 100%;"><code style="color: black; word-wrap: normal;"> inetd_enable="YES"
inetd_flags="-wW"</code></pre>
<br />
At the bottom of /etc/services, add the check_mk port definition.<br />
<pre style="background-color: #eeeeee; border: 1px dashed #999999; color: black; font-family: Andale Mono, Lucida Console, Monaco, fixed, monospace; font-size: 12px; line-height: 14px; overflow: auto; padding: 5px; width: 100%;"><code style="color: black; word-wrap: normal;">vi /etc/services</code></pre>
<pre style="background-color: #eeeeee; border: 1px dashed #999999; color: black; font-family: Andale Mono, Lucida Console, Monaco, fixed, monospace; font-size: 12px; line-height: 14px; overflow: auto; padding: 5px; width: 100%;"><code style="color: black; word-wrap: normal;"> check_mk 6556/tcp #check_mk agent</code></pre>
<br />
<br />
Add the tcp wrappers for check_mk<br />
<pre style="background-color: #eeeeee; border: 1px dashed #999999; color: black; font-family: Andale Mono, Lucida Console, Monaco, fixed, monospace; font-size: 12px; line-height: 14px; overflow: auto; padding: 5px; width: 100%;"><code style="color: black; word-wrap: normal;">vi /etc/inetd.conf</code></pre>
<pre style="background-color: #eeeeee; border: 1px dashed #999999; color: black; font-family: Andale Mono, Lucida Console, Monaco, fixed, monospace; font-size: 12px; line-height: 14px; overflow: auto; padding: 5px; width: 100%;"><code style="color: black; word-wrap: normal;"> check_mk stream tcp nowait root /usr/local/bin/check_mk_agent check_mk</code></pre>
<br />
<br />
Add the following and <b><span style="color: red;">replace x.x.x.x with your ip</span></b><br />
<pre style="background-color: #eeeeee; border: 1px dashed #999999; color: black; font-family: Andale Mono, Lucida Console, Monaco, fixed, monospace; font-size: 12px; line-height: 14px; overflow: auto; padding: 5px; width: 100%;"><code style="color: black; word-wrap: normal;">vi /etc/hosts.allow</code></pre>
<pre style="background-color: #eeeeee; border: 1px dashed #999999; color: black; font-family: Andale Mono, Lucida Console, Monaco, fixed, monospace; font-size: 12px; line-height: 14px; overflow: auto; padding: 5px; width: 100%;"><code style="color: black; word-wrap: normal;"> # Allow nagios server to access us
check_mk_agent : x.x.x.x : allow
check_mk_agent : ALL : deny</code></pre>
<br />
<br />
Adding custom inetd scripts to allow service control<br />
<pre style="background-color: #eeeeee; border: 1px dashed #999999; color: black; font-family: Andale Mono, Lucida Console, Monaco, fixed, monospace; font-size: 12px; line-height: 14px; overflow: auto; padding: 5px; width: 100%;"><code style="color: black; word-wrap: normal;">vi /etc/rc.d/inetd</code></pre>
<pre style="background-color: #eeeeee; border: 1px dashed #999999; color: black; font-family: Andale Mono, Lucida Console, Monaco, fixed, monospace; font-size: 12px; line-height: 14px; overflow: auto; padding: 5px; width: 100%;"><code style="color: black; word-wrap: normal;"> #!/bin/sh
#
# $FreeBSD$
#
# PROVIDE: inetd
# REQUIRE: DAEMON LOGIN cleanvar
# KEYWORD: shutdown
. /etc/rc.subr
name="inetd"
rcvar="inetd_enable"
command="/usr/sbin/${name}"
pidfile="/var/run/${name}.pid"
required_files="/etc/${name}.conf"
extra_commands="reload"
load_rc_config $name
run_rc_command "$1"</code></pre>
<br />
Make it executable<br />
<pre style="background-color: #eeeeee; border: 1px dashed #999999; color: black; font-family: Andale Mono, Lucida Console, Monaco, fixed, monospace; font-size: 12px; line-height: 14px; overflow: auto; padding: 5px; width: 100%;"><code style="color: black; word-wrap: normal;">chmod +x /etc/rc.d/inetd</code></pre>
<br />
<br />
This is the only check_mk agent I could find that would work with pfSense 2.2. Replace all the text, or create a new file (if creating a new file, make sure to <b>chmod +x</b> it)<br />
<pre style="background-color: #eeeeee; border: 1px dashed #999999; color: black; font-family: Andale Mono, Lucida Console, Monaco, fixed, monospace; font-size: 12px; line-height: 14px; overflow: auto; padding: 5px; width: 100%;"><code style="color: black; word-wrap: normal;">vi /usr/local/bin/check_mk_agent</code></pre>
<pre style="background-color: #eeeeee; border: 1px dashed #999999; color: black; font-family: Andale Mono, Lucida Console, Monaco, fixed, monospace; font-size: 12px; line-height: 14px; overflow: auto; padding: 5px; width: 100%;"><code style="color: black; word-wrap: normal;">#!/bin/sh
# +------------------------------------------------------------------+
# | ____ _ _ __ __ _ __ |
# | / ___| |__ ___ ___| | __ | \/ | |/ / |
# | | | | '_ \ / _ \/ __| |/ / | |\/| | ' / |
# | | |___| | | | __/ (__| < | | | | . \ |
# | \____|_| |_|\___|\___|_|\_\___|_| |_|_|\_\ |
# | |
# | Copyright Mathias Kettner 2014 mk@mathias-kettner.de |
# +------------------------------------------------------------------+
#
# This file is part of Check_MK.
# The official homepage is at http://mathias-kettner.de/check_mk.
#
# check_mk is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
# the Free Software Foundation in version 2. check_mk is distributed
# in the hope that it will be useful, but WITHOUT ANY WARRANTY; with-
# out even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU General Public License for more de-
# ails. You should have received a copy of the GNU General Public
# License along with GNU Make; see the file COPYING. If not, write
# to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor,
# Boston, MA 02110-1301 USA.
# Author: Lars Michelsen <lm@mathias-kettner.de>
# Florian Heigl <florian.heigl@gmail.com>
# (Added sections: df mount mem netctr ipmitool)
# NOTE: This agent has beed adapted from the Check_MK linux agent.
# The most sections are commented out at the moment because
# they have not been ported yet. We will try to adapt most
# sections to print out the same output as the linux agent so
# that the current checks can be used.
# This might be a good source as description of sysctl output:
# http://people.freebsd.org/~hmp/utilities/satbl/_sysctl.html
# Remove locale settings to eliminate localized outputs where possible
export LC_ALL=C
unset LANG
export MK_LIBDIR="/usr/lib/check_mk_agent"
export MK_CONFDIR="/etc/check_mk"
export MK_TMPDIR="/var/run/check_mk"
# Make sure, locally installed binaries are found
PATH=$PATH:/usr/local/bin
# All executables in PLUGINSDIR will simply be executed and their
# ouput appended to the output of the agent. Plugins define their own
# sections and must output headers with '<<<' and '>>>'
PLUGINSDIR=$MK_LIBDIR/plugins
# All executables in LOCALDIR will by executabled and their
# output inserted into the section <<<local>>>. Please refer
# to online documentation for details.
LOCALDIR=$MK_LIBDIR/local
# close standard input (for security reasons) and stderr
#if [ "$1" = -d ]
#then
# set -xv
#else
# exec </dev/null 2>/dev/null
#fi
# Runs a command asynchronous by use of a cache file
echo '<<<check_mk>>>'
echo Version: 1.2.7i1
echo AgentOS: freebsd
osver="$(uname -r)"
is_jailed="$(sysctl -n security.jail.jailed)"
# Partitionen (-P verhindert Zeilenumbruch bei langen Mountpunkten)
# Achtung: NFS-Mounts werden grundsaetzlich ausgeblendet, um
# Haenger zu vermeiden. Diese sollten ohnehin besser auf dem
# Server, als auf dem Client ueberwacht werden.
echo '<<<df>>>'
# no special zfs handling so far, the ZFS.pools plugin has been tested to
# work on FreeBSD
if df -T > /dev/null ; then
df -kTP -t ufs | egrep -v '(Filesystem|devfs|procfs|fdescfs|basejail)'
else
df -kP -t ufs | egrep -v '(Filesystem|devfs|procfs|fdescfs|basejail)' | awk '{ print $1,"ufs",$2,$3,$4,$5,$6 }'
fi
# Check NFS mounts by accessing them with stat -f (System
# call statfs()). If this lasts more then 2 seconds we
# consider it as hanging. We need waitmax.
#if type waitmax >/dev/null
#then
# STAT_VERSION=$(stat --version | head -1 | cut -d" " -f4)
# STAT_BROKE="5.3.0"
#
# echo '<<<nfsmounts>>>'
# sed -n '/ nfs /s/[^ ]* \([^ ]*\) .*/\1/p' < /proc/mounts |
# while read MP
# do
# if [ $STAT_VERSION != $STAT_BROKE ]; then
# waitmax -s 9 2 stat -f -c "$MP ok %b %f %a %s" "$MP" || \
# echo "$MP hanging 0 0 0 0"
# else
# waitmax -s 9 2 stat -f -c "$MP ok %b %f %a %s" "$MP" && \
# printf '\n'|| echo "$MP hanging 0 0 0 0"
# fi
# done
#fi
# Check mount options.
# FreeBSD doesn't do remount-ro on errors, but the users might consider
# security related mount options more important.
echo '<<<mounts>>>'
mount -p -t ufs
# processes including username, without kernel processes
echo '<<<ps>>>'
COLUMNS=10000
if [ is_jailed = 0 ]; then
ps ax -o state,user,vsz,rss,pcpu,command | sed -e 1d -e '/\([^ ]*J\) */d' -e 's/*\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\2,\3,\4,\5) /'
else
ps ax -o user,vsz,rss,pcpu,command | sed -e 1d -e 's/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) /'
fi
# Produce compatible load/cpu output to linux agent. Not so easy here.
echo '<<<cpu>>>'
echo `sysctl -n vm.loadavg | tr -d '{}'` `top -b -n 1 | grep -E '^[0-9]+ processes' | awk '{print $3"/"$1}'` `sysctl -n kern.lastpid` `sysctl -n hw.ncpu`
# Calculate the uptime in seconds since epoch compatible to /proc/uptime in linux
echo '<<<uptime>>>'
up_seconds=$(( `date +%s` - `sysctl -n kern.boottime | cut -f1 -d\, | awk '{print $4}'`))
idle_seconds=$(ps axw | grep idle | grep -v grep | awk '{print $4}' | cut -f1 -d\: )
# second value can be grabbed from "idle" process cpu time / num_cores
echo "$idle_seconds $up_seconds"
# Platten- und RAID-Status von LSI-Controlleren, falls vorhanden
#if which cfggen > /dev/null ; then
# echo '<<<lsi>>>'
# cfggen 0 DISPLAY | egrep '(Target ID|State|Volume ID|Status of volume)[[:space:]]*:' | sed -e 's/ *//g' -e 's/:/ /'
#fi
# Multipathing is supported in FreeBSD by now
# http://www.mywushublog.com/2010/06/freebsd-and-multipath/
if kldstat -v | grep g_multipath > /dev/null ; then
echo '<<<freebsd_multipath>>>'
gmultipath status | grep -v ^Name
fi
# Soft-RAID
echo '<<<freebsd_geom_mirrors>>>'
gmirror status | grep -v ^Name
# Performancecounter Kernel
echo "<<<kernel>>>"
date +%s
forks=`sysctl -n vm.stats.vm.v_forks`
vforks=`sysctl -n vm.stats.vm.v_vforks`
rforks=`sysctl -n vm.stats.vm.v_rforks`
kthreads=`sysctl -n vm.stats.vm.v_kthreads`
echo "cpu" `sysctl -n kern.cp_time | awk ' { print $1" "$2" "$3" "$5" "$4 } '`
echo "ctxt" `sysctl -n vm.stats.sys.v_swtch`
echo "processes" `expr $forks + $vforks + $rforks + $kthreads`
# Network device statistics (Packets, Collisions, etc)
# only the "Link/Num" interface has all counters.
echo '<<<lnx_if:sep(58)>>>'
date +%s
if [ "$(echo $osver | cut -f1 -d\. )" -gt "8" ]; then
netstat -inb | egrep -v '(^Name|plip|enc|pfsync|pflog|ovpns)' | grep Link | awk '{print"\t"$1":\t"$8"\t"$5"\t"$6"\t"$7"\t0\t0\t0\t0\t"$11"\t"$9"\t"$10"\t0\t0\t0\t0\t0"}'
else
# pad output for freebsd 7 and before
netstat -inb | egrep -v '(^Name|lo|plip)' | grep Link | awk '{print $1" "$7" "$5" "$6" 0 0 0 0 0 "$10" "$8" "$9" 0 0 "$11" 0 0"}'
fi
# State of LSI MegaRAID controller via MegaCli.
# To install: pkg install megacli
if which MegaCli >/dev/null ; then
echo '<<<megaraid_pdisks>>>'
MegaCli -PDList -aALL -NoLog < /dev/null | egrep 'Enclosure|Raw Size|Slot Number|Device Id|Firmware state|Inquiry'
echo '<<<megaraid_ldisks>>>'
MegaCli -LDInfo -Lall -aALL -NoLog < /dev/null | egrep 'Size|State|Number|Adapter|Virtual'
echo '<<<megaraid_bbu>>>'
MegaCli -AdpBbuCmd -GetBbuStatus -aALL -NoLog < /dev/null | grep -v Exit
fi
# OpenVPN Clients.
# Correct log location unknown, sed call might also be broken
if [ -e /var/log/openvpn/openvpn-status.log ] ; then
echo '<<<openvpn_clients:sep(44)>>>'
sed -n -e '/CLIENT LIST/,/ROUTING TABLE/p' < /var/log/openvpn/openvpn-status.log | sed -e 1,3d -e '$d'
fi
if which ntpq > /dev/null 2>&1 ; then
echo '<<<ntp>>>'
# remote heading, make first column space separated
ntpq -np | sed -e 1,2d -e 's/^\(.\)/\1 /' -e 's/^ /%/'
fi
# Checks for cups monitoring
#if which lpstat > /dev/null 2>&1; then
# echo '<<<cups_queues>>>'
# lpstat -p
# echo '---'
# for i in $(lpstat -p | grep -E "^(printer|Drucker)" | awk '{print $2}' | grep -v "@"); do
# lpstat -o "$i"
# done
#fi
# Heartbeat monitoring
#if which cl_status > /dev/null 2>&1; then
# # Different handling for heartbeat clusters with and without CRM
# # for the resource state
# if [ -S /var/run/heartbeat/crm/cib_ro ]; then
# echo '<<<heartbeat_crm>>>'
# crm_mon -1 -r | grep -v ^$ | sed 's/^\s/_/g'
# else
# echo '<<<heartbeat_rscstatus>>>'
# cl_status rscstatus
# fi
#
# echo '<<<heartbeat_nodes>>>'
# for NODE in $(cl_status listnodes); do
# if [ $NODE != $HOSTNAME ]; then
# STATUS=$(cl_status nodestatus $NODE)
# echo -n "$NODE $STATUS"
# for LINK in $(cl_status listhblinks $NODE 2>/dev/null); do
# echo -n " $LINK $(cl_status hblinkstatus $NODE $LINK)"
# done
# echo
# fi
# done
#fi
# Number of TCP connections in the various states
echo '<<<tcp_conn_stats>>>'
netstat -na | awk ' /^tcp/ { c[$6]++; } END { for (x in c) { print x, c[x]; } }'
# Postfix mailqueue monitoring
#
# Only handle mailq when postfix user is present. The mailq command is also
# available when postfix is not installed. But it produces different outputs
# which are not handled by the check at the moment. So try to filter out the
# systems not using postfix by searching for the postfix user.
#
# Cannot take the whole outout. This could produce several MB of agent output
# on blocking queues.
# Only handle the last 6 lines (includes the summary line at the bottom and
# the last message in the queue. The last message is not used at the moment
# but it could be used to get the timestamp of the last message.
#if which mailq >/dev/null 2>&1 && getent passwd postfix >/dev/null 2>&1; then
# echo '<<<postfix_mailq>>>'
# mailq | tail -n 6
#fi
#Check status of qmail mailqueue
#if type qmail-qstat >/dev/null
#then
# echo "<<<qmail_stats>>>"
# qmail-qstat
#fi
# check zpool status
#if [ -x /sbin/zpool ]; then
# echo "<<<zpool_status>>>"
# /sbin/zpool status -x | grep -v "errors: No known data errors"
#fi
# Memory Usage
# currently we'll need sysutils/muse for this.
if [ -x /usr/local/bin/muse ]
then
echo '<<<mem>>>'
# yes, i don't know sed well.
muse -k 2>/dev/null | sed 's/Total/MemTotal/' | sed 's/Free/MemFree/'
swapinfo -k 1K | tail -n 1 | awk '{ print "SwapTotal: "$2" kB\nSwapFree: "$4" kB" }'
fi
# Fileinfo-Check: put patterns for files into /etc/check_mk/fileinfo.cfg
if [ -r "$MK_CONFDIR/fileinfo.cfg" ] ; then
echo '<<<fileinfo:sep(124)>>>'
date +%s
stat -f "%N|%z|%m" $(cat "$MK_CONFDIR/fileinfo.cfg")
fi</code></pre>
<br />
Restart inetd<br />
<pre style="background-color: #eeeeee; border: 1px dashed #999999; color: black; font-family: Andale Mono, Lucida Console, Monaco, fixed, monospace; font-size: 12px; line-height: 14px; overflow: auto; padding: 5px; width: 100%;"><code style="color: black; word-wrap: normal;">service inetd restart</code></pre>
<br />
You should be able to telnet into it it from the IP you specified in <span style="background-color: #eeeeee; font-family: 'Andale Mono', 'Lucida Console', Monaco, fixed, monospace; font-size: 12px; line-height: 14px;">/etc/hosts.allow</span><br />
<pre style="background-color: #eeeeee; border: 1px dashed #999999; color: black; font-family: Andale Mono, Lucida Console, Monaco, fixed, monospace; font-size: 12px; line-height: 14px; overflow: auto; padding: 5px; width: 100%;"><code style="color: black; word-wrap: normal;">telnet x.x.x.x 6556</code></pre>
<br />
If you cannot reach that port, allow the port in the firewall rules.<br />
<br />
Go to Firewall > Rules<br />
<br />
Click the LAN tab.<br />
<br />
Create new rule.<br />
<br />
Set the rule to pass traffic, on interface LAN, with the source IP of your check_mk server and to port 6556.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqPXJPoJg4iIKBZQUIx1wZ-pEf77rSmNLjtJjSV7BtgkpJL_Y-RBBKXhoJrIrDjh3A-wBAjQw3FRATLk5Lz9E0JbMzZ1Q4ENWUzGh1fGaigd1CIW3D95cG2cUIi1NOe4BEQ4wz0qYNosA/s1600/pfchkmk.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqPXJPoJg4iIKBZQUIx1wZ-pEf77rSmNLjtJjSV7BtgkpJL_Y-RBBKXhoJrIrDjh3A-wBAjQw3FRATLk5Lz9E0JbMzZ1Q4ENWUzGh1fGaigd1CIW3D95cG2cUIi1NOe4BEQ4wz0qYNosA/s1600/pfchkmk.png" height="320" width="312" /></a></div>
<br />
Give it a description, then save.<br />
<br />
You should be able to pick up checks from OMD/check_mk.</div>
Unknownnoreply@blogger.com1tag:blogger.com,1999:blog-4414017290057390418.post-24710966708436402612014-11-27T09:56:00.002-06:002014-11-27T10:54:40.743-06:00Hot to set up pfSense software raid in 2.1.5-RELEASE (amd64) <div dir="ltr" style="text-align: left;" trbidi="on">
Here is an example of how to create a software RAID1 in pfSense 2.1.5.<br />
<br />
I created a lab in Virtualbox with two 8GB thin provisioned disks and installed pfSense.<b> "pfsense.vdi "</b>and "<b>pfsense2.vdi"</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgj978IxSPJUjMEA07-qVbRKwcHusP3tZ06wajJRnlhw_HVP3ctOFsjrTPtU233wmC3hR4LZbsdZxApQJoHqolDG3FJJjh14MhSJwXbUEfiUylYrGsq73pofVUQ6dMpEqM5UVMBXrd5wWk/s1600/pfsense.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgj978IxSPJUjMEA07-qVbRKwcHusP3tZ06wajJRnlhw_HVP3ctOFsjrTPtU233wmC3hR4LZbsdZxApQJoHqolDG3FJJjh14MhSJwXbUEfiUylYrGsq73pofVUQ6dMpEqM5UVMBXrd5wWk/s1600/pfsense.png" height="202" width="320" /></a></div>
<br />
<br />
<iframe allowfullscreen="" frameborder="0" height="315" src="//www.youtube.com/embed/rCHkKqnxDd0" width="420"></iframe>
<br />
<br />
During the install, I chose <b>"1,"</b> to boot with the default settings.<br />
The initialization screen defaults to the LiveCD installer. Skip that and press <b>"I"</b> to install directly.<br />
<b>Accept</b> the default settings for the Video and Keymap<br />
Then we want to choose <b>"Setup GEOM Mirror"</b><br />
Confirm the selection<br />
Now we choose the <b>Primary </b>disk and press enter<br />
Choose the <b>Mirror </b>disk and press enter.<br />
Verify no errors exist. Press Enter.<br />
Choose the <b>Custom Install</b><br />
Then we choose the <b>mirror/pfSenseMirror</b> we just created.<br />
<b>Format</b> the disk<br />
Use the <b>default </b>disk geometry (just tab to "<b>Use this Geometry</b>")<br />
Format the <b>mirror/pfSenseMirror</b><br />
Choose <b>Partition Disk</b><br />
<b>Accept and Create</b> the default settings<br />
Choose <b>"Yes, partition mirror/pfSenseMirror"</b><br />
Press "OK"<br />
Now, we want to <i>uncheck </i><b>"Install Bootblock"</b> and make sure <b>"Packet mode"</b> is <i>unchecked </i>as well.<br />
<b>Accept and install</b><br />
Press "OK"<br />
Choose the <b>default </b>partition slice.<br />
Confirm "OK", then "OK" again<br />
Choose the <b>defaults </b>for the subpartitions (tab to <b>"Accept and Create"</b>)<br />
Once the install writes to the mirror, choose "<b>Symmetric multiprocessing kernel</b>", unless you are creating a headless RS232 serial-only interface.<br />
Eject the virtual CD and <b>Reboot</b>.<br />
Once the system reboots, configure pfSense like normal.<br />
<br />
<br />
We now have a RAID1 mirror of the disks. We can now test booting by removing either of the virtual disks and booting pfSense. In the lab, I've removed the primary disk "<b>pfsense.vdi</b>" and it's booting off the mirror "<b>pfsense2.vdi</b>"<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidAxZyt395PxO1NYxCJKKfcn20R7kuA5Rj5KMUKHZ3X1Tun_JPjZOuCMASYH4tWYb9z0irSiAvauExy5is6ASKvneOQjb9aKIFQo15-nu5GYrMZaxamYkvTQ6TfaLyeSwmLlUXbPxza_M/s1600/pfsense2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidAxZyt395PxO1NYxCJKKfcn20R7kuA5Rj5KMUKHZ3X1Tun_JPjZOuCMASYH4tWYb9z0irSiAvauExy5is6ASKvneOQjb9aKIFQo15-nu5GYrMZaxamYkvTQ6TfaLyeSwmLlUXbPxza_M/s1600/pfsense2.png" height="202" width="320" /></a></div>
<br />
<br />
<iframe allowfullscreen="" frameborder="0" height="315" src="//www.youtube.com/embed/WJr1tqZG7CA" width="420"></iframe>
<br />
<br />
pfSense lacks notification (by default) on a degraded RAID mirror. You can manually check the status of the disk health by going into the console and typing "gmirror status". You can also see the status of the mirror when I shut down the VM (at about the 58 second mark):<br />
<div style="text-align: center;">
<b>GEOM_MIRROR: Device pfSenseMirror destroyed.</b></div>
<br />
<br />
To mimic rebuilding a disk, in my lab I created a new volume called <b>"pfsense3.vdi"</b> and made it a blank 8GB, thin provisioned disk to match what I was replacing.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgz1fO2V-IKHwBNSZ6xXPqb0YYDJKRYGGaZ0NAYUC3BuF_TD44Zt9ox-AXBTc0cWtAnflD5fi-J9mUuiWtXm1pyaIPEhxR-1kvt03zBTDLoAeN_CYPKTipwoWcq0hCugFh7kEz4QajSfLs/s1600/pfsense3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgz1fO2V-IKHwBNSZ6xXPqb0YYDJKRYGGaZ0NAYUC3BuF_TD44Zt9ox-AXBTc0cWtAnflD5fi-J9mUuiWtXm1pyaIPEhxR-1kvt03zBTDLoAeN_CYPKTipwoWcq0hCugFh7kEz4QajSfLs/s1600/pfsense3.png" height="202" width="320" /></a></div>
<br />
<br />
<iframe allowfullscreen="" frameborder="0" height="315" src="//www.youtube.com/embed/Uw4W53fsDBM" width="420"></iframe>
<br />
<br />
To rebuild the disk, I first checked the status of the disks, <b>"gmirror status"</b><br />
I destroyed the mirror <b>"gmirror forget pfSenseMirror"</b><br />
Now, <b>"gmirror status"</b> shows COMPLETE (with just one disk, ad0)<br />
I looked at which disks were present, <b>"atacontrol list" </b>and saw ad1 available and not part of the mirror. This is the new blank disk we want to become part of the mirror.<br />
Inserted it into the mirror with <b>"gmirror insert pfSenseMirror /dev/ad1"</b><br />
It will start rebuilding. We can check the sync status with <b>"gmirror status" </b>again.<br />
Once complete, you will get the message:<br />
<div style="text-align: center;">
<b>GEOM_MIRROR: Device pfSenseMirror: rebuilding provider ad1 finished.</b></div>
This will take some time in a normal install. This VM was installed over a SSD on a blank install. Expect some time for it to synchronize.<br />
<b>"gmirror status"</b> should now show us both <b>ado</b> and <b>ad1</b> as <b>ACTIVE</b></div>
Unknownnoreply@blogger.com1tag:blogger.com,1999:blog-4414017290057390418.post-86927642820916629692014-10-31T22:22:00.004-05:002014-11-22T00:31:04.272-06:00Gap for Gimp (gif creator) Windows Installer mirror<div dir="ltr" style="text-align: left;" trbidi="on">
Mirror for Gap for Gimp version 2 (Gimp-GAP-2.6.0-Setup2).<br />
<br />
<div class="enum" style="background-color: white; border-bottom-color: rgb(221, 221, 221); border-bottom-style: dotted; border-bottom-width: 1px; color: #333333; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 13px; line-height: 20px; padding: 3px; word-wrap: break-word;">
<span class="field-key" style="display: inline-block; font-weight: bold; width: 175px;">MD5</span> 938d9da31c2e9c34de1612e80d5b9a0c</div>
<div class="enum" style="background-color: white; border-bottom-color: rgb(221, 221, 221); border-bottom-style: dotted; border-bottom-width: 1px; color: #333333; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 13px; line-height: 20px; padding: 3px; word-wrap: break-word;">
<span class="field-key" style="display: inline-block; font-weight: bold; width: 175px;">SHA1</span> 4422fb72a27ff73261e3b7ec1ec5c199cd1913ac</div>
<div class="enum" style="background-color: white; border-bottom-color: rgb(221, 221, 221); border-bottom-style: dotted; border-bottom-width: 1px; color: #333333; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 13px; line-height: 20px; padding: 3px; word-wrap: break-word;">
<span class="field-key" style="display: inline-block; font-weight: bold; width: 175px;">SHA256</span> 6c7287cef151dfed96cd8a86a5d097fa40f691c28dcb071b127ee384620ea3fe</div>
<br />
<div style="text-align: center;">
<br />
<br />
<b><a href="https://drive.google.com/file/d/0B_Kat9gPjQAVenRJTGJ1cGxyeGs/view?usp=sharing" target="_blank">Download link</a> (<span style="color: red;">Current as of 10/31/2014</span>)</b></div>
<br />
<br />
<br />
<br />
Source: <a href="http://photocomix-resources.deviantart.com/art/GAP-2-6-for-Gimp-2-6-Windows-135464357">http://photocomix-resources.deviantart.com/art/GAP-2-6-for-Gimp-2-6-Windows-135464357</a></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-4414017290057390418.post-74591022990513359142014-10-11T22:48:00.001-05:002015-02-08T08:34:03.767-06:00Re-enable non Chrome Store extensions in Stable/Beta builds - Chrome version 38.0.2125.101 m<div dir="ltr" style="text-align: left;" trbidi="on">
I wrote an extension a while back for Chrome to help me export bulk DNS requests in xml format so I could import them into my firewall easier.<br />
<br />
Since Google blocked apps/extensions from being installed from outside the Chrome store, I wasn't able to run the app I wrote without becoming an official developer... So I didn't bother.<br />
<br />
I finally found a (sane) solution to the problem. This was posted on the Google Product Forums. Thought I'd share the steps with a bit more detail:<br />
<br />
<ol style="text-align: left;">
<li>Download the Chrome group policy templates: <a href="http://dl.google.com/dl/edgedl/chrome/policy/policy_templates.zip">http://dl.google.com/dl/edgedl/chrome/policy/policy_templates.zip</a> (Mirror located here: <a href="https://drive.google.com/file/d/0B_Kat9gPjQAVdXV2Q3BEOVpja28">https://drive.google.com/file/d/0B_Kat9gPjQAVdXV2Q3BEOVpja28</a> <b>MD5 Hash</b>: <u>7eac305720bb2f70e9e3940205b45796</u>)</li>
<li>Extract the files. Copy <b>(zip)\policy_templates\windows\admx\chrome.<span style="background-color: yellow;">adm<u>x</u></span></b><span style="background-color: yellow;"> </span>to <b>C:\Windows\PolicyDefinitions\</b></li>
<li>Copy <b>(zip)\policy_templates\windows\admx\en-US\</b><b>chrome.<span style="background-color: yellow;">adm<u>l</u></span></b> (or your language/region) to <b>C:\Windows\PolicyDefinitions\en-US</b></li>
<li>Open Chrome and go to <b>Options</b> > <b>Tools</b> > <b>Extensions</b> (Or simply <a href="chrome://extensions/">chrome://extensions/</a>) and at the top, check <b>Developer mode</b> (if not already checked)<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigEykrV5XJFlbgYBx2TfQbnZmMoNYFXIBHdokL2KSCe3xKQXhcya6znFEZu6B3ETDWIptBVNlRmpe59H25IyFv0BZ7A7PkQfZtznrCT3fh4-_UKb6Jan6Bsi0gvTG67rBrcuoaBNjE5fY/s1600/developer+mode.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigEykrV5XJFlbgYBx2TfQbnZmMoNYFXIBHdokL2KSCe3xKQXhcya6znFEZu6B3ETDWIptBVNlRmpe59H25IyFv0BZ7A7PkQfZtznrCT3fh4-_UKb6Jan6Bsi0gvTG67rBrcuoaBNjE5fY/s1600/developer+mode.png" height="65" width="320" /></a></div>
</li>
<li>Scroll for the extension you wish to re-enable. You should be able to double click on the ID to select it, then copy. </li>
<li>If you've already uninstalled the extension, you can drag the .crx files back into this extension page to reinstall. You will not be able to enable it, yet, but this will give us the ID to allow it to enable it.<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjO7ecYK8NQ0pETfrgJaYCaP2yy_fsMZFFj6rfMtn70QX3ukmdpJ7OjFOFGuUKftb8N9fWJ1Sy61U1464yZd3cg5jp5PTQ6sXg8DiL7NBOS9UrIzhydTRZoRGDrxHBocG9mW833S8hJ7kk/s1600/ID.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjO7ecYK8NQ0pETfrgJaYCaP2yy_fsMZFFj6rfMtn70QX3ukmdpJ7OjFOFGuUKftb8N9fWJ1Sy61U1464yZd3cg5jp5PTQ6sXg8DiL7NBOS9UrIzhydTRZoRGDrxHBocG9mW833S8hJ7kk/s1600/ID.png" height="140" width="320" /></a></div>
</li>
<li>Run <b>gpedit.msc</b> from the start menu or command line (O<i>r, if running a Home Edition version of Windows, <b>MMC</b> and add the <b>Group Policy Editor snap-in</b></i>)</li>
<li>Expand <b>User Configuration</b> > <b>Administrative Templates</b> > <b>Google</b> > <b>Google Chrome</b> (<b><i><span style="color: red;"><u>not</u> the Google Chrome with "Default Settings" in the name</span></i></b>) > <b>Extensions</b>. <div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKXb8_bZuNj16-aVTvfVXYcvLE-pu1bZf_RyhK_oahdEwl2kCRurSlGFkFcP9TkSe6bj5GfMB4tkfPc86LgPeSPUbwTRgmtMJAysFxo5c8RaW9RqMivMcg4o-Ie61J66NdXqlD341IOV0/s1600/gpe.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKXb8_bZuNj16-aVTvfVXYcvLE-pu1bZf_RyhK_oahdEwl2kCRurSlGFkFcP9TkSe6bj5GfMB4tkfPc86LgPeSPUbwTRgmtMJAysFxo5c8RaW9RqMivMcg4o-Ie61J66NdXqlD341IOV0/s1600/gpe.png" height="219" width="320" /></a></div>
</li>
<li>Edit the <b>Configure extension installation whitelist</b> on the right pane.</li>
<li>Change the options from <b>Not Configured</b> to <b>Enabled</b>.</li>
<li>Under the <b>Options</b>, click the <b>Show</b> button and paste in the Extension ID(s) you want to re-enable. <div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTtlrsRbDhjIsJjAV-ycgyoqXcwDTRb-XD5nR9Ye0Q-i2voPKyi9ektM7DPq-0fnD8Oh6yMVEAEJJbkUb-O3iNGDafPrsxQ_TSRRE61LyZStFiWjDy2U4rdAXbxQdefhjoBJwVwmsf9xw/s1600/whitelist.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTtlrsRbDhjIsJjAV-ycgyoqXcwDTRb-XD5nR9Ye0Q-i2voPKyi9ektM7DPq-0fnD8Oh6yMVEAEJJbkUb-O3iNGDafPrsxQ_TSRRE61LyZStFiWjDy2U4rdAXbxQdefhjoBJwVwmsf9xw/s1600/whitelist.png" height="292" width="320" /></a></div>
</li>
<li>Ok and close out of the group policy editor. Close out of Chrome completely (check the task manager to be sure).</li>
<li>Once you launch Chrome, navigate back to your extensions. You will not have the ability to re-enable your app/extension. </li>
</ol>
<div style="margin-left: 1em; margin-right: 1em; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjYGkddwlKofY1vxNmVTcF6_O85CvYVL7eIhZOWKsuGfhbQ9EwkSHe0kJ3hf1qBUITo6t_QtgZ8bCCSemASRjrHoK8sVPmhMDx6g8nr_gWicagRvmVmaipMAFvF0l0X1PYxy33gwBmLk1s/s1600/enabled.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjYGkddwlKofY1vxNmVTcF6_O85CvYVL7eIhZOWKsuGfhbQ9EwkSHe0kJ3hf1qBUITo6t_QtgZ8bCCSemASRjrHoK8sVPmhMDx6g8nr_gWicagRvmVmaipMAFvF0l0X1PYxy33gwBmLk1s/s1600/enabled.png" /></a></div>
<div style="text-align: center;">
<br /></div>
<div>
<b>Source</b>: <a href="https://productforums.google.com/forum/#!msg/chrome/9NlMAr6uEVc/ambkrcKpi1cJ">https://productforums.google.com/forum/#!msg/chrome/9NlMAr6uEVc/ambkrcKpi1cJ</a></div>
</div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-4414017290057390418.post-49157326038956505982014-09-30T17:00:00.005-05:002014-09-30T17:23:23.963-05:00How to get Ubuntu 14.04 security update notifications sent to your inbox using Gmail.<div dir="ltr" style="text-align: left;" trbidi="on">
We can set up a cron job to email security updates using Gmail over SSMTP (yes, the same app we used before to send email notifications for someone pressing the doorbell in a previous project). SSMTP, <u><i>not to be confused with <b>SMTP</b></i></u>, is easy enough to use and set up, but it's not the most secure as your password is in plain text. I recommend signing up for and using a throwaway/junk Gmail account for this.<br />
<br />
<b>Prerequisites</b>:<br />
<br />
<ul style="text-align: left;">
<li>Ubuntu 14.04 LTS Server</li>
<li>A spare gmail account that you don't care about</li>
</ul>
<br />
<hr color="#eeeeee" size="4" width="95%" />
<br />
SU into root and install ssmtp:<br />
<br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">sudo su - </span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">apt-get install ssmtp</span></b><br />
<br />
Move the default config to a backup:<br />
<br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">mv /etc/ssmtp/ssmtp.conf /etc/ssmtp/ssmtp.bkp</span></b><br />
<br />
We are going to create a new conf file in its place:<br />
<br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">vi /etc/ssmtp/ssmtp.conf</span></b><br />
<br />
(for new vi users press "i" here to enter insert mode... or just use nano or whatever you prefer)<br />
<br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;"># The user that gets all the mails (UID < 1000, usually the admin)</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">root=youremail@gmail.com</span></b><br />
<span class="Apple-tab-span" style="white-space: pre;"><b> </b></span><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;"># The mail server (where the mail is sent to), both port 465 or 587 should be acceptable</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;"># See also http://mail.google.com/support/bin/answer.py?answer=78799</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">mailhub=smtp.gmail.com:587</span></b><br />
<span class="Apple-tab-span" style="white-space: pre;"><b> </b></span><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;"># The address where the mail appears to come from for user authentication.</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">rewriteDomain=gmail.com</span></b><br />
<span class="Apple-tab-span" style="white-space: pre;"><b> </b></span><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;"># The full hostname</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">hostname=yourhostname</span></b><br />
<span class="Apple-tab-span" style="white-space: pre;"><b> </b></span><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;"># Use SSL/TLS before starting negotiation</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">UseTLS=Yes</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">UseSTARTTLS=Yes</span></b><br />
<span class="Apple-tab-span" style="white-space: pre;"><b> </b></span><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;"># Username/Password</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">AuthUser=youremail@gmail.com</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">AuthPass=yourpassword</span></b><br />
<span class="Apple-tab-span" style="white-space: pre;"><b> </b></span><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;"># Email 'From header's can override the default domain?</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">FromLineOverride=yes</span></b><br />
<br />
(again, for new vi users save the file by pressing <b>Escape </b>and typing <b>:wq</b>)<br />
<br />
<span style="color: red;"><b>Update the security for your conf file since your password is in plain text:</b></span><br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;"><b>chmod 640 /etc/ssmtp/ssmtp.conf</b></span><br />
<br />
cd back to root:<br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;"><b>cd /root</b></span><br />
<span class="Apple-tab-span" style="white-space: pre;"> </span>(or just simply type <b>cd </b>to get home)<br />
<br />
Verify your SSMTP is working and has proper permissions:<br />
<br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">echo "Hello world" > test.txt</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">cat test.txt | ssmtp myemail@gmail.com</span></b><br />
<br />
<hr color="#eeeeee" size="4" width="95%" />
<br />
Once you receive an email (make sure to check the sent folder on the sending side and the spam folder on the receiving end) now we can check for security updates using my previous post:<br />
<br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;"><b>/usr/lib/update-notifier/apt-check --human-readable</b></span><br />
<br />
To break this down, look at what it's doing. <u><b>/usr/lib/update-notifier/apt-check</b></u> by itself returns a very unhelpful <b><u>0;0</u></b>. The <b>--human-readable</b> directive adds some verbosity:<br />
<br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: lime;"><b>0 packages can be updated.</b></span><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: lime;">0 updates are security updates.</span></b><br />
<br />
...but we don't want an email for every chrome/firefox/general bug update. We want to focus in on the security patches. To do this, we can use grep to give us just the security update totals. The script so far is, check for updates, make it easy to read, pipe it to "<b>grep</b>" with a "<b>-i</b>" (<i>case insensitive</i>) with the term "<b>security</b>".<br />
<br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">/usr/lib/update-notifier/apt-check --human-readable | grep -i security</span></b><br />
<br />
and the output<br />
<br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: lime;">0 updates are security updates.</span></b><br />
<br />
While the output is better, now we see 0 updates are security updates, we can distill it even further with awk.<br />
<br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">/usr/lib/update-notifier/apt-check --human-readable | grep -i security | awk '{ print $1 }'</span><br />
<br />
So, that line is reduced to the first set of numbers. Literally the number itself<br />
<br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: lime;"><b>0</b></span><br />
<br />
We are passing the argument to awk, $1, which means the first set of numbers in that row. We can now put together a very simple and crude cron job (there are many ways to skin a cat, this is for demonstrative purposes... also because I'm not the worlds best scripter)<br />
<br />
<hr color="#eeeeee" size="4" width="95%" />
<br />
<br />
Let's start off by creating the script.<br />
<br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;"><b>vi patch_notify.sh</b></span><br />
<br />
Now, we can paste in the following:<br />
<br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">#!/bin/bash</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">CURDATE=`date`</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">TTIME=`date +"%r"`</span></b><br />
<span class="Apple-tab-span" style="white-space: pre;"><b> </b></span><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">SECUPD=$( /usr/lib/update-notifier/apt-check --human-readable | grep -i security | awk '{ print $1 }' )</span></b><br />
<span class="Apple-tab-span" style="white-space: pre;"><b> </b></span><br />
<span class="Apple-tab-span" style="white-space: pre;"><b> </b></span><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">if [ $SECUPD -eq "0" ]</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">then</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span> <span style="background-color: yellow;">echo "There are $SECUPD updates."</span></b><br />
<span class="Apple-tab-span" style="white-space: pre;"><b> </b></span><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">else</span></b><br />
<span class="Apple-tab-span" style="white-space: pre;"><b> </b></span><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span> <span style="background-color: yellow;"> if [ $SECUPD -eq "1" ]</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span> <span style="background-color: yellow;">then</span></b><br />
<span class="Apple-tab-span" style="white-space: pre;"><b> </b></span><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span> <span style="background-color: white;"> </span><span style="background-color: yellow;">ssmtp your-send-to-email@gmail.com <<-EOF</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span> <span style="background-color: yellow;">From: username <youremail@gmail.com></span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span> <span style="background-color: yellow;">To: your-send-to-email@gmail.com</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span> <span style="background-color: white;"> </span><span style="background-color: yellow;">Subject: Weekly security updates - $CURDATE</span></b><br />
<span class="Apple-tab-span" style="white-space: pre;"><b> </b></span><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span> <span style="background-color: yellow;">$SECUPD security update is waiting for your installation as of $TTIME.</span></b><br />
<span class="Apple-tab-span" style="white-space: pre;"><b> </b></span><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span> <span style="background-color: yellow;">EOF</span></b><br />
<span class="Apple-tab-span" style="white-space: pre;"><b> </b></span><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span> <span style="background-color: yellow;">else</span></b><br />
<span class="Apple-tab-span" style="white-space: pre;"><b> </b></span><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span> <span style="background-color: yellow;">if [ $SECUPD -gt "1" ]</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span> <span style="background-color: yellow;">then</span></b><br />
<span class="Apple-tab-span" style="white-space: pre;"><b> </b></span><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span> <span style="background-color: yellow;">ssmtp your-send-to-email@gmail.com <<-EOF</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span> <span style="background-color: yellow;">From: username <youremail@gmail.com></span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span> <span style="background-color: yellow;">To: your-send-to-email@gmail.com</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span> <span style="background-color: yellow;">Subject: Weekly security updates - $CURDATE</span></b><br />
<span class="Apple-tab-span" style="white-space: pre;"><b> </b></span><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span> <span style="background-color: yellow;">$SECUPD security updates are waiting for your installation as of $TTIME.</span></b><br />
<span class="Apple-tab-span" style="white-space: pre;"><b> </b></span><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span> <span style="background-color: yellow;">EOF</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span> <span style="background-color: yellow;">fi</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span> <span style="background-color: yellow;">fi</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">fi</span></b><br />
<br />
<br />
To break this script down, ultimately it's in 3 parts. Is the patch total <b>0</b>? <u>No emails</u>. Is the patch level <b>1</b>, <u>yes, email</u> (but with proper syntax; singular vs plural, because I'm anal like that). Is there more than one patch? <u>Yes, send an email</u>.<br />
<br />
To get into the guts of it<br />
<br />
We are telling it to use (the recently very infamous) bash shell.<br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: lime;"><b>#!/bin/bash</b></span><br />
Now we are setting the variables for the date and time<br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: lime;"><b>CURDATE=`date`</b></span><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: lime;">TTIME=`date +"%r"`</span></b><br />
You can run <span style="background-color: cyan;">date</span> in the command line and see what's copied into the variable, now <b>CURDATE</b>. Also <b style="background-color: cyan;">date +"%r"</b> which shows just time time <b>06:58:46 PM</b>, that is copied as <b>TTIME</b>.<br />
<br />
We are also setting the <b>SECUPD </b>variable. This takes the output from awk output and associates itself with <b>SECUPD</b>. <br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: lime;"><b>SECUPD=$( /usr/lib/update-notifier/apt-check --human-readable | grep -i security | awk '{ print $1 }' ) </b></span>The only difference is the formatting around the command.<br />
<br />
The <b>-eq</b> command operator is "equal". So we are saying if the value of $SECUPD is exactly 0,<br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: lime;">if [ $SECUPD -eq "0" ]</span></b><br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: lime;">echo "There are $SECUPD updates."</span></b><br />
<br />
We display "<u>There are 0 updates</u>." and an email is <i>not </i>generated.<br />
<br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><br />
If there is 1 security update for us:<br />
<br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><b style="background-color: lime;">if [ $SECUPD -eq "1" ]</b><br />
<br />
We send an email to our main email address. The subject will show "Weekly security updates" and the current date. The body will show<br />
<br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><b style="background-color: lime;">$SECUPD security update is waiting for your installation as of $TTIME.</b><br />
<span class="Apple-tab-span" style="white-space: pre;"> </span>or<br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><b style="background-color: lime;">1 security update is waiting for your installation as of 07:01:32 PM.</b><br />
<br />
The <b>EOF</b>'s encapsulate what will be sent to SSMTP<br />
<br />
<br />
If there is <u>more than one</u> update available:<br />
<br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><b style="background-color: lime;">if [ $SECUPD -gt "1" ]</b><br />
If the updates are <u><b>greater than</b></u> one, (not greater or equal, but literally 2+) then we send this:<br />
<br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><b style="background-color: lime;">$SECUPD security updates are waiting for your installation as of $TTIME.</b><br />
<span class="Apple-tab-span" style="white-space: pre;"> </span>or<br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><b style="background-color: lime;">12 security updates are waiting for your installation as of 07:03:13 PM.</b><br />
<br />
We now need to make our script executable<br />
<br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;"><b>chmod +x patch_notify.sh</b></span><br />
<br />
You should just be able to run<br />
<br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><b style="background-color: yellow;">./patch_notify.sh</b><br />
<br />
If you have no critical patches, you should see:<br />
<br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><b style="background-color: lime;">There are 0 updates.</b><br />
<br />
<hr color="#eeeeee" size="4" width="95%" />
<br />
This script is butchered pretty bad, but it's a good beginner script. You can change the context, remove the dates, the layout, the wording. You can also simplify it to send you an email only if it's above a dozen updates. Or even send you an email, regardless of how many security patches, even 0, at a set interval with cron.<br />
<br />
So, now to automate the script (this was written for Debian based systems, specifically Ubuntu 14.04 LTS Server... but should be pretty close to the same across all platforms)<br />
<br />
We are going to do a weekly scan, on a Saturday at noon.<br />
<br />
Edit the crontab:<br />
<br />
<b><span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;">crontab -e</span></b><br />
<br />
To edit the cron job (also crontab -l to list jobs you already have)<br />
<br />
<span class="Apple-tab-span" style="white-space: pre;"> </span><span style="background-color: yellow;"><b>0 12 * * 6 /root/patch_notify.sh</b></span><br />
<br />
This tells the cron daemon to run your script in its relative path <b>/root/</b> every Saturday at noon.<br />
<br />
Feel free to bug me and ask questions (or correct me... I know I probably screwed up somewhere... but it's working for me so far)</div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-4414017290057390418.post-57493527780610984452014-09-30T11:25:00.000-05:002014-10-09T09:36:40.030-05:00Check how many security updates are available on Ubuntu 14.04 LTS<div style="background: #ffffff; overflow:auto;width:auto;border:solid gray;border-width:.1em .1em .1em .8em;padding:.2em .6em;"><pre style="margin: 0; line-height: 125%">/usr/lib/update-notifier/apt-check --human-readable | grep -i security
</pre></div>
<br />
<br />
This can be added to a cron job or via your favorite notification method. It's part of the MOTD when you first log in, but if you are like me, you do not log out that often, so it comes in handy.<br />
<br />Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-4414017290057390418.post-31698855959650925312014-07-19T21:54:00.002-05:002014-07-20T03:38:03.273-05:00Use Arduino Yun to send emails (simple instructions for new users)<div dir="ltr" style="text-align: left;" trbidi="on">
To send emails for your projects in Arduino Yun, you can install SSMTP. SSMTP allows you to send emails directly from the yun and is a package you can install from the browser or over ssh.<br />
<br />
I'll create a simple project to demonstrate pushing a button to sending an email. First, we need to set up the Yun. Make sure it's connected to wifi and you can connect to it over SSH.<br />
<div>
<br /></div>
<div>
Using putty (or your favorite terminal) log into the Yun as root and update your packages:</div>
<div>
<blockquote class="tr_bq">
<b style="background-color: #cccccc;"><span style="font-family: Courier New, Courier, monospace;">opkg update</span></b></blockquote>
</div>
<div>
<br />
Install SSMTP </div>
<div>
<blockquote class="tr_bq">
<b style="background-color: #cccccc;"><span style="font-family: Courier New, Courier, monospace;">opkg install ssmtp</span></b></blockquote>
</div>
<div>
<br />
Once installed, make a backup of the current ssmtp conf file</div>
<div>
<blockquote class="tr_bq">
<b style="background-color: #cccccc;"><span style="font-family: Courier New, Courier, monospace;">mv /etc/ssmtp/ssmtp.conf /etc/ssmtp/ssmtp.bkp</span></b></blockquote>
</div>
<div>
<br /></div>
<div>
Create a new conf file</div>
<div>
<blockquote class="tr_bq">
<b style="background-color: #cccccc;"><span style="font-family: Courier New, Courier, monospace;">vi /etc/ssmtp/ssmtp.conf</span></b></blockquote>
</div>
<div>
<br /></div>
<div>
(for new vi users press "I" here to enter insert mode)</div>
<div>
<br /></div>
<div>
Paste this in and update your email, password and username (works with Google Hosted email accounts as well)</div>
<div>
<blockquote class="tr_bq">
<span style="font-family: Courier New, Courier, monospace;"><b style="background-color: #cccccc;"># The user that gets all the mails (UID < 1000, usually the admin)</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b style="background-color: #cccccc;">root=my@email.com</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b style="background-color: #cccccc;"><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b style="background-color: #cccccc;"># The mail server (where the mail is sent to), both port 465 or 587 should be acceptable</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b style="background-color: #cccccc;"># See also http://mail.google.com/support/bin/answer.py?answer=78799</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b style="background-color: #cccccc;">mailhub=smtp.gmail.com:587</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b style="background-color: #cccccc;"><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b style="background-color: #cccccc;"># The address where the mail appears to come from for user authentication.</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b style="background-color: #cccccc;">rewriteDomain=gmail.com</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b style="background-color: #cccccc;"><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b style="background-color: #cccccc;"># The full hostname</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b style="background-color: #cccccc;">hostname=YUN</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b style="background-color: #cccccc;"><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b style="background-color: #cccccc;"># Use SSL/TLS before starting negotiation</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b style="background-color: #cccccc;">UseTLS=Yes</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b style="background-color: #cccccc;">UseSTARTTLS=Yes</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b style="background-color: #cccccc;"><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b style="background-color: #cccccc;"># Username/Password</b></span><br />
<span style="background-color: #cccccc;"><span style="font-family: Courier New, Courier, monospace;"><b>AuthUser=</b></span><b style="font-family: 'Courier New', Courier, monospace;">my@email.com</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b style="background-color: #cccccc;">AuthPass=password</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b style="background-color: #cccccc;"><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b style="background-color: #cccccc;"># Email 'From header's can override the default domain?</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b style="background-color: #cccccc;">FromLineOverride=yes</b></span><br />
<div>
<br /></div>
</blockquote>
</div>
<div>
<br /></div>
<div>
(again, for new vi users save the file by pressing <b>Escape </b>and typing <b style="background-color: #cccccc;">:wq</b><span style="background-color: white;">)</span></div>
<div>
<span style="background-color: white;"><br /></span></div>
<div>
<span style="background-color: white;">Update the security for your conf file since your password is in plain text</span></div>
<div>
<blockquote class="tr_bq">
<b style="background-color: #cccccc;">chmod 640 /etc/ssmtp/ssmtp.conf</b></blockquote>
</div>
<div>
<span style="background-color: white;"><br /></span></div>
<div>
<span style="background-color: white;">Go back to /root</span></div>
<div>
<blockquote class="tr_bq">
<b style="background-color: #cccccc;">cd /root</b></blockquote>
</div>
<div>
<span style="background-color: white;"><br /></span></div>
<div>
<span style="background-color: white;">Create a new test file called test.txt with "Hello world"</span></div>
<div>
<blockquote class="tr_bq">
<b style="background-color: #cccccc;">echo "Hello world" > test.txt</b></blockquote>
</div>
<div>
<span style="background-color: white;"><br /></span></div>
<div>
<span style="background-color: white;">Now we can test this out by sending it to an email</span></div>
<div>
<blockquote class="tr_bq">
<b style="background-color: #cccccc;">cat test.txt | ssmtp myemail@gmail.com</b></blockquote>
</div>
<div>
<span style="background-color: white;"><br /></span></div>
<div>
<span style="background-color: white;">If it works you should get an email from "root" with no subject and "Hello world" in the body</span></div>
<div>
<span style="background-color: white;"><br /></span></div>
<div>
<hr color="#eeeeee" size="4" width="95%" />
<div>
<span style="background-color: white;"><br /></span></div>
<div>
<span style="background-color: white;">Once this works, we can create a simple push button project to send that email whenever a button is pressed.</span></div>
<div>
<span style="background-color: white;"><br /></span></div>
<div>
<span style="background-color: white;">Make sure your Arduino app is installed and you have selected the board Arduino Yun and the port is set to the correct IP. </span></div>
<div>
<ul style="text-align: left;">
<li><span style="background-color: white;">Tools > Board > Arduino Yun</span></li>
<li><span style="background-color: white;">Tools > Port > YUN at 192.168.x.x (Arduino Yún</span><span style="background-color: white;">)</span></li>
</ul>
</div>
<div>
<span style="background-color: white;">Clear out the blank sketch and paste this</span><br />
<span style="background-color: white;"><br /></span>
<br />
<blockquote>
<b>#include <FileIO.h><br />#include <Process.h><br /><br />int pushButton = 2;<br /><br />void setup() {<br />Bridge.begin();<span class="Apple-tab-span" style="white-space: pre;"> </span> </b></blockquote>
<blockquote>
<b>Serial.begin(9600);</b></blockquote>
<blockquote>
<b>FileSystem.begin();<br />}<br /><br />void loop() {<br /><br /> // read the pin number 2<br /> int buttonState = digitalRead(pushButton);<br /><br />Process p;<br />if (buttonState > 0)<br /> p.runShellCommand("cat /root/test.txt | ssmtp myemail@gmail.com");<br /> delay(5); // wait 5 milliseconds before you do it again<br />}</b></blockquote>
<span style="background-color: white;"></span><br />
<span style="background-color: white;">Unplug the Yun and wire it up like this. I'm using a 10K ohm resistor.</span><br />
<span style="background-color: white;"><br /></span>
<span style="background-color: white;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUmSUVOsyBCbJdqbJVIkF4HuPXcD7s7gSkLMhR5wqhg5DlU1QTS_dHrpbUdjNfZCda6eakNgDwc7phF37KBTBabUGDIP9AURjFtJJILftRpJH6y3A_xVfEFbR5c841bElf65ubmlvR6hM/s1600/yun+wiring.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUmSUVOsyBCbJdqbJVIkF4HuPXcD7s7gSkLMhR5wqhg5DlU1QTS_dHrpbUdjNfZCda6eakNgDwc7phF37KBTBabUGDIP9AURjFtJJILftRpJH6y3A_xVfEFbR5c841bElf65ubmlvR6hM/s1600/yun+wiring.png" height="172" width="320" /></a></div>
<span style="background-color: white;"><br /></span>
<span style="background-color: white;">Power it up and wait for it to connect to wifi. Now you should be able to press the button and get an email.</span><br />
<span style="background-color: white;"><br /></span>
<br />
<hr color="#eeeeee" size="4" width="95%" />
<span style="background-color: white;"><br /></span>
<span style="background-color: white;">Some notes on this setup.</span><br />
<span style="background-color: white;"><br /></span>
The code is very small so it has some shortcomings. The delay is set to 5 milliseconds, which should be good for a quick press... but if you hold it down too long you will get multiple emails. There are ways around this using (millis) and other tricks, but the purpose of this example is for a simple code to use so you can build on.<br />
<br />
Also, you can modify the <b>test.txt</b> file to include a subject, or even insert values. <b>vi</b> the file again and use this template instead:<br />
<br />
<blockquote class="tr_bq">
<b style="background-color: #cccccc;">From:arduino yun<br />Subject: put subject here<br />put message body here</b></blockquote>
</div>
</div>
<div>
<br /></div>
</div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-4414017290057390418.post-57845018113020946452014-06-14T19:23:00.004-05:002014-06-14T19:23:57.882-05:00Debugging Elertus (and a general review)<div dir="ltr" style="text-align: left;" trbidi="on">
Since no information on the hacking of the <a href="http://www.elertus.com/products/">Elertus</a> door/water sensor is available, I thought I'd share some basic information about the device.<br />
<br />
The Elertus is a simple, but powerful, wifi alert sensor. It captures temperature, humidity, light, movement and optionally a door sensor or water sensor. It then sends an email/sms/push notification to your Android.<br />
<br />
There's not much in the way of a custom Android app for this to tie in with IFTTT and the app itself is pretty basic. The device connects to Elertus every hour (or more frequent if movement is detected). The app connects to the Elertus server. The app never connects directly to the device, except during initial setup.<br />
<br />
Using Wireshark to capture the packets, it looks to be a very basic POST to <b>108.166.81.152</b> with the following information:<br />
<br />
<br />
<b>device_type=1</b><br />
<b>posix_time=1402786108</b><br />
<b>email_id=test@test.com</b><br />
<b>mac_address=000680000000</b><br />
<b>alert_flags=</b><br />
<b>light=5</b><br />
<b>temp=301</b><br />
<b>humidity=50</b><br />
<b>battery=100</b><br />
<b>motion=1</b><br />
<b>int_contact=1</b><br />
<b>ext_contact=1</b><br />
<b>ext_temp=-1</b><br />
<b>fw_ver=4.0.1_EL_v7</b><br />
<b>debug=rssi:49</b><br />
<b><br /></b>
<br />
The device itself seems to be a very basic. The CPU is a Freescale Kinetis K (<u>K10 48pin series</u>) with the following specs:<br />
<br />
<div>
<br /></div>
<br />
<div>
<b>Silicon - Rev 2.0</b></div>
<div>
<div>
<b>MC Partnumber - MK10DN512VLK10(R)</b></div>
<div>
<b>Superset - PK10DN512ZVLK10</b></div>
<div>
<b>CPU Frequency - 100MHz</b></div>
<div>
<b>Package - 80LQFP</b></div>
<div>
<b>Total Flash Memory - 512KB</b></div>
<div>
<b>Flash - 512KB</b></div>
<div>
<b>SRAM - 128KB</b></div>
</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhuJRKfa1XkcloB_8_pwKFigcMoKk6gfSe0xSS6p5J_5ehf3PzCwzuM4dxZGMbSbAOY8ZllOKXEKOw4pWmkzmoyqj7_7mbwlffWk02Nd2ijpIuELu1WULFH4wrrckKX3gD23XWO9BPSFhc/s1600/front.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhuJRKfa1XkcloB_8_pwKFigcMoKk6gfSe0xSS6p5J_5ehf3PzCwzuM4dxZGMbSbAOY8ZllOKXEKOw4pWmkzmoyqj7_7mbwlffWk02Nd2ijpIuELu1WULFH4wrrckKX3gD23XWO9BPSFhc/s1600/front.jpg" height="320" width="240" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi70Zwzx7InAZwtGQgjQWi8vD1QGiEXQqZ4C9Mrd5evH9jnr8F6uxesl_5ZZs88jASaDZPzxbUWmJ_cr_gVvgQ2aq6TBiK327c_Glvx7VYHLhk_O-uXGye9CJunJq_yXveF6uUk4iDawIg/s1600/back.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi70Zwzx7InAZwtGQgjQWi8vD1QGiEXQqZ4C9Mrd5evH9jnr8F6uxesl_5ZZs88jASaDZPzxbUWmJ_cr_gVvgQ2aq6TBiK327c_Glvx7VYHLhk_O-uXGye9CJunJq_yXveF6uUk4iDawIg/s1600/back.jpg" height="240" width="320" /></a></div>
<div>
<br /></div>
<div>
<br />
The Elertus device lacks in some basic areas:<br />
<br />
<ul>
<li>No graphing</li>
<li>No "all clear" when the threshold for alert situation subsides</li>
<li>No IFTTT integration</li>
<li>Fixed hourly check-ins with no option to adjust</li>
<li>Battery powered only</li>
<li>Fixed external IP with information sent cleartext, unencrypted</li>
<li>No Android integrated features (widgets, nested api, deep links)</li>
<li>The alerts advise you of an alert, but not what the alert is. You have to open the app.</li>
<li>No way of updating the firmware, from what I've seen...<i> but I could be wrong...</i></li>
</ul>
<div>
I've tackled the graphing issue by setting up a small VM with wireshark to continually monitor any traffic from the mac address to the external IP with a filter for the POST traffic. This in turn updates a very basic sql server with the temperature and humidity levels and displays this information on an internal webserver. While not ideal, this is the only way I can find to hack the Elertus to enable historical view. </div>
<div>
<br /></div>
<div>
While I hope changes are made, I still think this was a good purchase. It does what I need, but can do more. Hopefully an update is in order.</div>
</div>
</div>
Unknownnoreply@blogger.com1tag:blogger.com,1999:blog-4414017290057390418.post-35019590422653219202014-05-26T13:47:00.001-05:002014-05-26T13:51:20.650-05:00Convert Scribd offline documents to PDF using Android<div dir="ltr" style="text-align: left;" trbidi="on">
(Current info as of <b><u>2014-05-26</u></b> using Android 4.4.2 and Scribd version 3.5.1)<br />
<br />
Documents saved offline using the Scribd Android app are stored in<br />
<br />
<b><span style="color: red;"> /data/media/0/document_cache/<DOC ID></span></b><br />
<br />
For instance, if the file you are trying to access is:<br />
<br />
<a href="http://www.scribd.com/doc/20628549/Linux-Commands">http://www.scribd.com/doc/20628549/Linux-Commands</a><br />
<br />
The location would be:<br />
<br />
<b><span style="color: red;"> /data/media/0/document_cache/20628549/</span></b><br />
<b><span style="color: red;"><br /></span></b>
The actual file would be:<br />
<br />
<b><span style="color: red;"> /data/media/0/document_cache/20628549/content</span></b><br />
<br />
This file has no extension, but if you copy it and rename it to a .pdf file you can access it from other PDF viewers or export it to Google Drive/Dropbox</div>
Unknownnoreply@blogger.com33tag:blogger.com,1999:blog-4414017290057390418.post-26205529322702622532014-03-25T19:38:00.002-05:002014-08-10T17:52:36.727-05:00Create a DNS ad blocklist in pfSense<div dir="ltr" style="text-align: left;" trbidi="on">
The steps are 100% identical to the post about configuring the dns in IPCop (<a href="http://www.binarypower.com/2013/06/create-dns-ad-blocklist-in-ipcop.html">see this</a>) with one extra step<br />
<br />
Instead of:<br />
<br />
<b style="background-color: white; color: #666666; font-family: 'Trebuchet MS', Trebuchet, Verdana, sans-serif; font-size: 13px; line-height: 18.479999542236328px;"><span style="background-color: lime; font-family: 'Courier New', Courier, monospace;">vi /var/ipcop/dhcp/dnsmasq.local</span></b><br />
<br />
Do this<br />
<br />
<b style="background-color: white; color: #666666; font-family: 'Trebuchet MS', Trebuchet, Verdana, sans-serif; font-size: 13px; line-height: 18.479999542236328px;"><span style="background-color: lime; font-family: 'Courier New', Courier, monospace;">vi /usr/local/etc/dnsmasq.conf</span></b><br />
<br />
You will notice that this will create a new file if it's your first time. All other steps are identical (<a href="http://www.binarypower.com/2013/06/create-dns-ad-blocklist-in-ipcop.html">here</a>).<br />
<br />
Verified working on pfSense <strong style="font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif; font-size: 11px;">2.1-RELEASE </strong><span style="background-color: white; font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif; font-size: 11px;">(amd64) </span></div>
Unknownnoreply@blogger.com0