GNS3 couldn’t run /usr/bin/dumpcap in child process: Permission Denied.

Ubuntu 16.04 LTS GNS3:

Problem:

couldn’t run /usr/bin/dumpcap in child process: Permission Denied.

Solution:

1- Enable non-root user to capture network traffic by reconfiguring wireshark.

gns3a@gns3A:~$ sudo dpkg-reconfigure wireshark-common

2- Add wireshark group to the user that you want to start GNS3 program.

gns3a@gns3A:~$ sudo gpasswd -a $USER wireshark

3- Logout and Login again.

 

 

 

VMware Hot-Add RAM on Rhel 5

Last week, I  confronted a problem. Even though virtual guest which is rhel5.11(Tikanga) enabled for hot-add RAM, It did not update the new memory size,  after adding 4 GBs of RAM without power off the machine.

Solution:

Finally, I have found the solution. We need to apply some couple of commands to hit the kernel force rescan memory blocks.

First let’s see state of the memory blocks by applying command below. For my case I have no offline memory blocks. But, after adding a new memory most likely you will see some memory blocks as an offline.

root@gns3:~# grep line /sys/devices/system/memory/*/state
/sys/devices/system/memory/memory0/state:online
/sys/devices/system/memory/memory10/state:online
/sys/devices/system/memory/memory11/state:online
/sys/devices/system/memory/memory12/state:online
/sys/devices/system/memory/memory13/state:online
/sys/devices/system/memory/memory14/state:online
/sys/devices/system/memory/memory15/state:online
/sys/devices/system/memory/memory1/state:online
/sys/devices/system/memory/memory2/state:online
/sys/devices/system/memory/memory3/state:online
/sys/devices/system/memory/memory4/state:online
/sys/devices/system/memory/memory5/state:online
/sys/devices/system/memory/memory6/state:online
/sys/devices/system/memory/memory7/state:online
/sys/devices/system/memory/memory8/state:online
/sys/devices/system/memory/memory9/state:online

To make them online, we need to apply command below. After applying the command, you may get some weird errors. You can ignore them. You can check the state of the  memory by reissuing the first command.

for i in $(ls /sys/devices/system/memory/*/state); do echo online > $i; done
-su: echo: write error: Invalid argument
-su: echo: write error: Invalid argument
-su: echo: write error: Invalid argument
-su: echo: write error: Invalid argument
-su: echo: write error: Invalid argument
-su: echo: write error: Invalid argument
-su: echo: write error: Invalid argument
-su: echo: write error: Invalid argument
-su: echo: write error: Invalid argument
-su: echo: write error: Invalid argument
-su: echo: write error: Invalid argument
-su: echo: write error: Invalid argument
-su: echo: write error: Invalid argument
-su: echo: write error: Invalid argument
-su: echo: write error: Invalid argument
-su: echo: write error: Invalid argument

For more information please check the solution here.

 

 

 

SOCKS

SOCKS stands for Socket Secure. It exchanges data packets between client and server via proxy. It operates on the Session Layer of the OSI model.

It allows users to surf on the Internet anonymously. More than that It gives you accessibility of applications only one secure port connection.

In this post, I will implement fundamental usage of SOCKS. On the client side we just need open-ssh client and tsocks. open-ssh client exists all Linux distributions. So We only need tsocks. tsocks is a library to implement SOCKS.

Install tsocks(client)

gns3@gns3:~/Programs$ sudo apt-get install tsocks

Configure tsocks(client)

Open /etc/tsocks.conf and add lines below at the end of the line.

server = 127.0.0.1
server_port = 1080

Initiate Connection(client)

Initiate connection between client and SOCKS proxy. -D option is the most important argument for this purpose.

It tells that whenever connection is made port 1080, connection is forwarded to the host istanbul over ssh.

For more information. $ man ssh

gns3@gns3:~$ ssh -ND 1080 username@istanbul
-N Do not execute a remote command. This is useful for just forwarding ports.

-D [bind_address:]port
Specifies a local “dynamic” application-level port forwarding. This works by allocating a socket to listen to port on the
local side, optionally bound to the specified bind_address. Whenever a connection is made to this port, the connection is
forwarded over the secure channel, and the application protocol is then used to determine where to connect to from the
remote machine. Currently the SOCKS4 and SOCKS5 protocols are supported, and ssh will act as a SOCKS server. Only root
can forward privileged ports. Dynamic port forwardings can also be specified in the configuration file.

SOCKS server side

Only thing we need is on SOCKS server side is permission for the ssh connection and ssh server up and running.

Diagram:

It is depicted below diagram to leverage to SOCKS service.

 

 

 

 

 

 

Experiment:

Most excited part of this post. First scenario I will request connection to the https://whatismyip.com via firefox without leveraging tsocks. And Second Scenario I will request the same url with tsocks.

Scenario 1:

Without tsocks.

gns3@gns3:~$ firefox

 

 

 

 

 

 

Scenario 2:

With tsocks.

gns3@gns3:~$ tsocks firefox

 

 

 

 

 

 

Happy anonymity. 🙂

Sample Expect Script

Expect is a programming language for automating systems which expose interactive text terminal such as telnet, ssh, ftp, scp etc,. It is extension to Tcl language. It is created by Don Libes.

In this post I will share you sample expect script, which connects list of servers over ssh, executes command and prints it out on the screen.

Install Package

To use Expect language (It is actually a programming language–Extension of Tcl.), we need to install expect package.

#For CentOS and RedHat
[root@rhce ~]# yum install expect
#For Ubuntu, Debian and Mint
gns3@gns3:~/Programs$ sudo apt-get install expect

Create a server list.

Create a serverlist.txt file and put your server’ IP address or Domain names in this file line by line.  You can see below sample file contents.

gns3@gns3:~/Programs$ cat serverlist.txt 
192.168.59.133
192.168.59.134

Create Expect Script.

You can use below sample script and tweak it for your own purpose. For this script I have servers, username demo and password is demo

#!/usr/bin/expect -f
set fd "serverlist.txt"
set fp [open "$fd" r]
set data [read $fp]
 
# Read line by line
set timeout 15
 
foreach server $data {
puts "================ssh for $server============================"
 
 spawn ssh -l demo "$server"
 expect "password: "
 send "demo\r"
 expect "$ "
 send "uptime\r"
 expect "$ "
 send "ifconfig\r"
 expect "$ "
 send "exit\r"
}

Experiment

I actually have only one virtual machine (192.168.59.133) second machine (192.168.59.134) is an artificial. It is added for the sake of  for-loop demonstration.

gns3@gns3:~/Programs$ expect exp.exp 
================ssh for 192.168.59.133============================
spawn ssh -l demo 192.168.59.133
demo@192.168.59.133's password: 
Last login: Sat Jul 22 10:24:05 2017 from 192.168.59.10
[demo@rhce ~]$ uptime
10:26:20 up 19:46, 3 users, load average: 0.51, 0.14, 0.08
[demo@rhce ~]$ ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.59.133 netmask 255.255.255.0 broadcast 192.168.59.255
inet6 fe80::501e:8a2:2c44:a64 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:81:06:9a txqueuelen 1000 (Ethernet)
RX packets 162104 bytes 201013659 (191.7 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 70217 bytes 4834892 (4.6 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 8 bytes 440 (440.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8 bytes 440 (440.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether 52:54:00:08:7f:61 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

[demo@rhce ~]$ ================ssh for 192.168.59.134============================
spawn ssh -l demo 192.168.59.134
ssh: connect to host 192.168.59.134 port 22: No route to host
send: spawn id exp8 not open
while executing
"send "demo\r""
("foreach" body line 6)
invoked from within
"foreach server $data {
puts "================ssh for $server============================"

spawn ssh -l demo "$server"
expect "password: "
send "d..."
(file "exp.exp" line 9)

 

That is all for now. Happy expecting. 🙂

Screen & Rsync

Screen:

Default key binding

Ctrl+a d: Detach screen from this terminal.

Ctrl+a r: Reattach a session and if necessary detach it first.

screen -ls : Lists existing screen sessions. To reattach session you have to know session id.

gns3@gns3:~$ screen -ls
There is a screen on:
4485.pts-5.gns3 (07/16/2017 06:39:04 PM) (Attached)
1 Socket in /var/run/screen/S-gns3.

screen -r <session id>

gns3@gns3:~$screen -r 4485

Rsync:

To send a file with rsync over ssh protocol(ssh key); You can apply below command.

gns3@gns3:~$rsync -av --partial -e "ssh -p 10443 -i idraspberry.pem" gns3.7z.sec pi@203.222.21.10:/home/pi
-a, --archive archive mode.

-v, --verbose increase verbosity.

--partial keep partially transferred files.

-e, --rsh=COMMAND specify the remote shell to use.

--progress show progress during transfer.

 

 

Connect to Real World With GNS3

GNS3 is a GPL licenced cross-platform network simulation program. It enables us both virtual and physical networks operate together. It emulates Cisco IOS, doing so we have real Cisco device capability in a Virtual Machine. You can also analyze the packets with Wireshark. One exception that GNS3 has limited device capability as some Cisco devices impossible or  very difficult to simulate them. Also some devices need real hardware to operate. For supported Cisco devices and FAQ, Link.

My system runs on a Virtual Machine which is Ubuntu 16.04 LTS. Router model is 3745.

1- Creating Simple Network Topology.

It is depicted in the Figure-1 all in one picture.

all in one

Figure-1

2- Start the Emulation by Clicking Play button. Figure-2

 

 

 

 

 

Figure – 2

3- Open the router Console

Open up the console for router configuration. Figure-3

 

 

Figure-3

4- Router configuration

I also put the log which is generated by the router after some configurations. Only apply the command which starts by #.

In router configuration I configure Router Interface FA0/0 IP address(192.168.59.5), router’s default gw(192.168.59.2) and dns(8.8.8.8)

R1#enable 
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface FastEthernet 0/0
R1(config-if)#ip address 192.168.59.5 255.255.255.0
R1(config-if)#no shutdown 
*Mar 1 00:03:47.627: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Mar 1 00:03:48.627: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R1(config-if)#exit
R1(config)#ip route 0.0.0.0 0.0.0.0 192.168.59.2
R1(config)#ip domain-lookup 
R1(config)#ip name-server 8.8.8.8



5- Experiment

It is time to test whether or not I am able to connect real world. I ping the google.com. I successfully ping the google.com. Figure-4

 

 

 

Figure-4

Next post will be about backingup and restoring router configuration via tftp. And It will connect to the physical tftp server.