SRE engineer Bookmarks

I’m Linux system engineer and I develop in Python, Bash and Perl. I’m really interested by SRE position for that, I’m applying for SRE Engineer in Google and production Engineer in facebook. and here I share my daily bookmarks :

sre

ICMPv6 Python client using pcs

Reading about IPv6 security, i get the need to write a simple IPv6 client using  python as first step, and libnet6 later.

Well on python there are a nice module named pcs, that permit to forge packet, here is a example of a icmpv6 client :


import pcs

from pcs.packets.ipv6 import *
from pcs.packets.icmpv6 import *
from pcs.packets.ethernet import *
from socket import *

# building ethernet header
e = ethernet()
e.src = ether_atob(’de:de:de:de:de:de’)
e.dst = ether_atob(’da:da:da:da:da:da’)
e.type = ETHERTYPE_IPV6

# building ipv6 header
ip6 = ipv6()
ip6.src = ip6.dst = inet_pton(AF_INET6, "dead::beef")
ip6.length = 8 # equal to payload length.
ip6.hop = 255
ip6.next_header = IPPROTO_ICMPV6

# building icmpv6 echo request
icmpv6 = icmpv6(ICMP6_ECHO_REQUEST)
icmpv6.code = 0
icmpv6.id = 0x01
icmpv6.checksum = icmpv6.cksum(ip6, "") & 0xffff

# we can now send our packet
pcap = pcs.PcapConnector(’ral0’)
pkt = pcs.Chain([e, ip6, icmpv6])
pcap.write(pkt.bytes, len(pkt.bytes))


In the fast, you may see a pretty ICMP reply using your favorite sniffer wireshark or may be tcpdump. But if your prefer to be more techos you can get it using pcap module as like as :


import dpkt, pcap
pc = pcap.pcap()
pc.setfilter('icmp6')
for timestamp, packet in pc:
    print dpkt.ethernet.Ethernet(pkt)

How to run source bash command between two lines and from file

When i ran my start ADSL connection script, i've been many times blocked by a lock somewhere.
It's no matter, so i realized a python script that can do what the bash command "source" does, even this few line of python can gives you possibility to run codes given between two lines.
Here is the code :

#!/usr/bin/env python
import sys, os

if len(sys.argv) != 4:
   print "Usage: source file startline endline"
   sys.exit(1)

file  = sys.argv[1]
start = int(sys.argv[2])
end   = int(sys.argv[3])

fd=open(file, 'r')
data=fd.readlines()
enter = '\n'

for item in data:
   if enter  in data:
      data.remove(enter)

for cmd in data[start-1:end]:
   # debug print "exec command:", cmd.strip()
   os.popen(cmd.strip())

Wopy wake on Lan/Wan

Wopy

Wopy is yet another Wake on LAN/WAN tool, that allow a computer to be turned on or woken up remotely
by a network message sent usually on another computer on the network.

What is WOL and WOW ?
Wake on LAN, or WOL, is the ability to send a signal over a local area network (LAN) to power up a PC.
Wake on WAN or WOW, is the ability to send that same signal over a wide area network (WAN), such as the Internet,
to trigger power-up of a PC on a private LAN.

The frame sent to the target PC carries a special datagram, called a “magic packet”.
The Magic Packet is a packet containing the hardware (or MAC) address of a specific network card repeated 16 times,
NICs that are WOL capable & active, upon receiving the Magic Packet, will send a power-on signal to the motherboard,
activating the power supply and booting the system.

How a Magic Packet Frame looks like:
_________________________________________
| 0xff | 0xff | 0xff | 0xff | 0xff | 0xff |
|MAC[0]|MAC[1]|MAC[2]|MAC[3]|MAC[4]|MAC[5]|
|MAC[0]|MAC[1]|MAC[2]|MAC[3]|MAC[4]|MAC[5]|
|MAC[0]|MAC[1]|MAC[2]|MAC[3]|MAC[4]|MAC[5]|
|MAC[0]|MAC[1]|MAC[2]|MAC[3]|MAC[4]|MAC[5]|
|MAC[0]|MAC[1]|MAC[2]|MAC[3]|MAC[4]|MAC[5]|
|MAC[0]|MAC[1]|MAC[2]|MAC[3]|MAC[4]|MAC[5]|
|MAC[0]|MAC[1]|MAC[2]|MAC[3]|MAC[4]|MAC[5]|
|MAC[0]|MAC[1]|MAC[2]|MAC[3]|MAC[4]|MAC[5]|
|MAC[0]|MAC[1]|MAC[2]|MAC[3]|MAC[4]|MAC[5]|
|MAC[0]|MAC[1]|MAC[2]|MAC[3]|MAC[4]|MAC[5]|
|MAC[0]|MAC[1]|MAC[2]|MAC[3]|MAC[4]|MAC[5]|
|MAC[0]|MAC[1]|MAC[2]|MAC[3]|MAC[4]|MAC[5]|
|MAC[0]|MAC[1]|MAC[2]|MAC[3]|MAC[4]|MAC[5]|
|MAC[0]|MAC[1]|MAC[2]|MAC[3]|MAC[4]|MAC[5]|
|MAC[0]|MAC[1]|MAC[2]|MAC[3]|MAC[4]|MAC[5]|
|MAC[0]|MAC[1]|MAC[2]|MAC[3]|MAC[4]|MAC[5]|
—————————————–
optional SecureON ™ password:
_________________________________________
|PASS0 |PASS1 |PASS2 |PASS3 |PASS4 |PASS5 |
—————————————–

The port 9 is used by default to send packet.
Check that your firewall routes broadcast messages sent on this port to your network to ensure successful execution.

Pymedia on debian lenny

Pymedia is a Python module for wav, mp3, ogg, avi, divx, dvd, cdda etc files manipulations.
It allows you to parse, demutiplex, multiplex, decode and encode all supported formats.
It can be compiled for Windows, Linux and cygwin.
we will focus on how to install pymedia 1.3.7.3 on a debian lenny

First install all the dependencies:
$ wget http://debian-multimedia.org/pool/main/l/lame/libmp3lame0_3.98.2-0.4_i386.deb
$ wget http://debian-multimedia.org/pool/main/l/lame/libmp3lame-dev_3.98.2-0.4_i386.deb
$ sudo apt-get install python-dev libogg-dev libvorbis-dev libfaad-dev libasound2-dev python-pygame
$ sudo dpkg -i libmp3lame0_3.98.2-0.4_i386.deb libmp3lame-dev_3.98.2-0.4_i386.deb

Extract a download of pymedia-1.3.7.3.tar.gz and open a terminal in the extracted folder,
Edit the audio/acodec/acodec.c file and on line 31 insert the following :

#define HAVE_LRINTF

So you should have:

#include <libavcodec/avcodec.h>
#define HAVE_LRINTF
#include “libavcodec/dsputil.h”
#include “version.h”

So we can build pymedia:
$ python setup.py build

This should display:
Using UNIX configuration…
OGG : found
VORBIS : found
FAAD : found
MP3LAME : found
VORBISENC : found
ALSA : found
Continue building pymedia ? [Y,n]:
If everything is found press Y

Finally install pymedia:

$ sudo python setup.py install

Openvpn nagios pluging

You can use Nagios to monitor all sorts of hardware and software. The opportunity to write your own plug-ins makes it possible to monitor everything that your Nagios server can communicate with. As you can use any computing language that manages command-line arguments and exit status.
Here you find a nagios pluging developed with python.
The pluging named check_openvpn, it connects to the management OpenVPN server checks for actives connection and return the amount connected OpenVPN clients. it’s forked from openvpn-status scripts.

First of all download the check_openvpn script into your pluging directory on debian it’s /usr/lib/nagios/plugins/.

To use the new plug-in, you have to register it first, create the file command called openvpn.cfg with contents as below:

$ sudo cat > /etc/nagios-plugins/config/openvpn.cfg

define command {
command_name check_openvpn
command_line /usr/lib/nagios/plugins/check_openvpn -t $ARG1$ -p $ARG2$ -n $ARG3$
}

Let’s create some hostgroups – say openvpn-server

$ sudo cat >> /etc/nagios3/conf.d/hostgroups_nagios2.cfg

define hostgroup {
hostgroup_name openvpn-server
alias openvpn servers
members myhost
}

replace vpn.example.com by your openvpn server address, and myhost by the openvpn server name.
Now let’s define those hosts:

$ sudo cat >> /etc/nagios3/conf.d/hosts.cfg

define host {
use generic-host;
host_name myhost;
address vpn.example.com;
}

Now we can define services that run in the new hostgroups

$ sudo cat >> /etc/nagios3/conf.d/services_nagios2.cfg

define service {
hostgroup_name opevpn
service_description OPENVPN
check_command check_openvpn!host!port!passwd
use generic-service
notification_interval 0
}

replace “host” by the address of your openvpn server, “port” by the openvpn management server port and “passwd” by the openvpn nanagement server password.

Don’t forget to check your configuration
$ sudo nagios3 -v /etc/nagios3/nagios.cfg

Then restart the daemon
$ sudo /etc/init.d/nagios3 restart

If all that went well, you should be able to go back to the Hostgroup Overview page on your Nagios install and see the new hostgroups and hosts.