I'm running tcpdump on Mac OS and I've noticed it saves files in PCAP-NG format (the first 4 bytes are 0A 0D 0D 0A). Is there a way to force it to use the old PCAP instead?
Software version:
tcpdump version 4.3.0 -- Apple version 56
libpcap version 1.3.0 - Apple version 41
ps.
I'm not sure is that related to TCPDump or libpcap.
The tcpdump man page on Mavericks says:
-i Listen on interface.
If the -D flag is supported, an interface number as printed by
that flag can be used as the interface argument.
On Darwin systems version 13 or later, when the interface is
unspecified, tcpdump will use a pseudo interface to capture
packets on a set of interfaces determined by the kernel
(excludes by default loopback and tunnel interfaces).
Alternatively, to capture on more than one interface at a time,
one may use "pktap" as the interface parameter followed by an
optional list of comma separated interface names to include.
For example, to capture on the loopback and en0 interface:
tcpdump -i pktap,lo0,en0
An interface argument of "all" or "pktap,all" can be used to
capture packets from all interfaces, including loopback and tun-
nel interfaces.
A pktap pseudo interface provides for packet metadata using the
default PKTAP data link type and files are written in the Pcap-
ng file format. The RAW data link type must be used to force to
use the legacy pcap-savefile(5) file format with a ptkap pseudo
interface. Note that captures on a ptkap pseudo interface will
not be done in promiscuous mode.
An interface argument of "iptap" can be used to capture packets
from at the IP layer. This capture packets as they are passed
to the input and output routines of the IPv4 and IPv6 protocol
handlers of the networking stack. Note that captures will not
be done in promiscuous mode.
so you need to specify an interface on which to capture.
Note that versions of OS X dating back to Lion, newer versions of FreeBSD/NetBSD/DragonFly BSD, and newer versions of many Linux distributions include libpcap 1.1.1 or later, which means that programs using libpcap to read capture files can read many pcap-ng files. Wireshark has also been able to read them for several releases.
There is also an app, CocoaPacketAnalyzer, which reads pcap files, but not pcap-NG files. There is a web page, https://pcapng.com, that will convert a small pcap-NG file to the older format. However, if you are capturing password or web server interactions, or generally care about security, beware about posting packet captures on the internet!
Related
After properly building OVMF x64 with EDK2, the command:
qemu-system-x86_64 -s -pflash run-ovmf/bios.bin -net none
provides the following message
WARNING: Image format was not specified for 'run-ovmf/bios.bin' and probing guessed raw.
Automatically detecting the format is dangerous for raw images, write operations on block 0 will be restricted.
Specify the 'raw' format explicitly to remove the restrictions.
This makes no sense to me as using qemu's -help command states "-pflash file use 'file' as a parallel flash image" where there is no parameter for a file format.
My OS is Windows WSL Ubuntu 22.04.1 LTS (GNU/Linux 5.15.79.1-microsoft-standard-WSL2 x86_64)
Qemu does still run, however I would like to run the VM without any write restrictions.
The '-pflash' option is (like -hda and -cdrom) a legacy "convenience" option which only allows you to specify a filename and nothing else. In order to specify other sub-options like the image format type, you need to switch to use a "long-form" option, which is typically some combination of -drive and -device. In this specific case, I think you probably want:
-drive if=pflash,file=bios.bin,format=raw
I have the following question. I want to build a Centos 7 imagine using Packer. I want to run the template without a kickstart file .cfg due to some security issues. Is it possible to write all the commands from the kick start file to the template.json?
This is how it actually looks:
"boot_command": "<tab> inst.text inst.ks=https://raw.githubusercontent.com/xxx/xxx/xxx/centos-7.cfg <enter><wait>",
# Turning on text-mode installation (little quicker than GUI)
text
# Setting up authentication and keyboard
auth --enableshadow --passalgo=sha512
keyboard --vckeymap=us --xlayouts='us'
# Installation files source (CentOS-7.0-1406-x86_64-Minimal.iso)
cdrom
# Using only primary disk, ignoring others
ignoredisk --only-use=sda
# Setting up language to English
lang en-US.UTF-8
...
And I want something like:
text
auth --enableshadow --passalgo=sha512
keyboard --vckeymap=us --xlayouts='us'
cdrom
ignoredisk --only-use=sda
lang en-US.UTF-8"
...
Unfortunately, the virtual machine doesn't realize that I am sending these commands as kickstart commands and it starts in the GUI mode.
How is your source built?
You will need to create a boot command directive that simulates the keys so that it can start and make the ks file available for the installation (using floppy_dirs or similar)
How can I get ejabberd to run an external auth script on windows?
So far- I've modified the file
C:\Program
Files\ejabberd-15.06\lib\ejabberd-15.06\priv\cfg\ejabberd.yml
to comment out the existing auth_method directive and instead added this:
auth_method: external
extauth_program: "D:\\DROPBOX\\Dropbox (Personal)\\EJABBERD\\auth\\ejabberd-auth.exe"
However, when I try to connect to the server- I see nothing in the logs indicating an attempt to run the script. I've even tried changing it to a non-existant file to see if that will log an error of some sort, but nothing.
All I get are "Accepted connection" type of logs.
In case it matters- upon start I do get several "unknown option" errors, including "ejabberd_config:validate_opts:752 unknown option 'auth_method' will be likely ignored" - however it seems this is a known, cosmetic-only error (see: https://github.com/processone/ejabberd/issues/630)
I do not use Windows, but, you should try playing with Erlang open_port command:
open_port({spawn, "YOURCOMMAND"}, [{packet, 2}]).
Note that open_port Erlang documentation says:
For external programs, the PATH is searched (or an equivalent method is used to find programs, depending on operating system). This is done by invoking the shell on certain platforms. The first space separated token of the command will be considered as the name of the executable (or driver). This (among other things) makes this option unsuitable for running programs having spaces in file or directory names.
I see your path has spaces. That alone should indeed make it impossible to call your command.
That said, external_auth command has never been tested on Windows. You may need to patch ejabberd command to make that authentication through external process work. I would be surprised if it works as is.
This question already has answers here:
Best lightweight web server (only static content) for Windows [closed]
(8 answers)
Closed 8 years ago.
What is the simplest way to host an HTML page over LAN?
I literally just need to have like 5 lines of HTML, so I don't want to download and setup an Apache server. I just want to know the fastest/simplest way to do this on Windows, or I can also use one of my Linux virtual machines if it's faster.
Use netcat, or nc:
:top
nc -l -p 80 -q 1 < index.html
goto top
It's a simple binary without any installation. It doesn't do CGI or PHP or anything, but it can sure dish up 5 lines of HTML.
Actually, if you use the "k" (keep-alive) option you can remove the loop, and make it simpler:
nc -kl 80 < index.html
Since you need a web server for testing and no heavy concurrent use is expected, I'll just keep it simple.
Please note that both solutions are very simple but not very secure, use them for development purposes but don't rely on neither of them for anything barely similar to a stable (people would say "production") server.
Navigate to the directory where your HTML file is located using cmd.exe, then issue:
Using Python
python -m SimpleHTTPServer
A HTTP server will be started on port 8000. Should you need a different port, just specify it:
python -m SimpleHTTPServer 8080
SimpleHTTPServer is part of the "batteries included": you will not need to install any extra package, apart from the Python interpreter, of course.
Python comes already installed on most Linux distributions, so switching to Linux might be simpler than install Python on Windows, although that boils down to downloading and running an installer.
Using PHP 5.4 or above
php -S 0.0.0.0:8080
This will also process PHP scripts, but HTML resources will be served fine.
http://www.lighttpd.net/ is pretty light weight and easy to get running.
I recently used mongoose for a similar purpose. It supports Windows. From the homepage:
Mongoose executable does not depend on any external library or
configuration. If it is copied to any directory and executed, it
starts to serve that directory on port 8080. If some additional config
is required - for example, different listening port or IP-based access
control, then a mongoose.conf file with respective options (see
example) can be created in the same directory where executable lives.
This makes Mongoose perfect for all sorts of demos, quick tests, file
sharing, and Web programming.
Download the windows exe (no need to install) from here , save it on the folder where your html file is and execute it. Check the image below to know how to start the server:
After selecting Start Browser on Port 8080 your browser will open automatically displaying the contents of the folder.
I try to install qemu, but I should intall the kvm first, and I have checked my cpu supporting the visualization, so I don't know why. Here is the error, when I input kvm.
open /dev/kvm: No such file or directory
Could not initialize KVM, will disable KVM support
And a new window for qemu comes out, but there are
boot failed....could not read the boot disk, could not read from CDROM(code 0003)
What can I do. I searched the methods for a long time. Thanks!
when I use mobprobe, the problem is here, (I checked my CPU, it supports VMX.)
FATAL: Error inserting kvm_intel (/lib/modules/2.6.38-8-generic/kernel/arch/x86/kvm/kvm-intel.ko): Operation not supported
When I use:~$ kvm -cdrom img.iso -hda disk.img -boot d
open /dev/kvm: No such file or directory Could not initialize KVM, will disable KVM support kvm: -cdrom img.iso: could not open disk image img.iso: No such file or directory
I don't know why..... Thanks!
The "could not open disk image img.iso" problem is the easier of the two errors: that file does not exist. That argument means "mount the disk image in the file img.iso as the CD-ROM"; that file must exist (and should be a valid ISO). Try downloading a ISO of any Linux flavor, for example.
disk.img must also exist (that argument means "use the disk image contained in the file disk.img as the hard disk"). You can create it using dd, e.g.:
dd if=/dev/zero of=images/disk.img bs=512M count=20
That will create a 10GB disk image in a file called disk.img. Adjust the block size and # of blocks (bs and count) to increase or decrease the size; bs cannot be larger than available memory.
For the second problem, Could not initialize KVM, will disable KVM, there are a number of possible causes:
disabled in BIOS
you are not running as root (i.e. using sudo) and your user cannot access /dev/kvm
the machine you are on is already virtualized (e.g. you are using Amazon EC2). These CPUs may have the VMX flag (because they are paravirtualized) but cannot be virtualized (because the hypervisor won't allow it.)
Note that this is NOT a fatal error; qemu can run without KVM support, it just runs in emulation mode and is quite slow.
The first problem will probably produce some output, examine the output of dmesg (dmesg | grep kvm). It can be solved by enabling it in BIOS.
The second problem can be diagnosed easily by running the commands as root instead of as a user. If that works, you have identified the problem.
The third problem is more difficult to resolve. XEN-blanket may help.
Pasting the output of "sudo kvm-ok" might be allow someone to offer more insight.
The instructions given in here would be translatable to other platforms:
https://help.ubuntu.com/community/KVM/Installation
If you provide more information about the machines you are using and your desired goals, we can be more helpful.
Did you check your BIOS-Settings? Some BIOS let you choose wether you want to activate VT / VMX or not.
Furthermore, I've found following, pretty similiar thread:
http://ubuntuforums.org/archive/index.php/t-755122.html
Hope this helps
Your problem is your system does not have KVM modules inserted. Please check your BIOS setting regarding VT is enabled, and also your KVM module matches your specific Linux distribution. An unmatched version of KVM module and Linux cannot be inserted.
Check the VM xml CD-ROM is set as 'file' not 'block'.
try to load kvm-intel or kvm-amd kernel modules, then take a look at dmesg, if loaded successfully you should be good to go