Nagios User Password Expiry Check

I needed a plugin for Nagios that checked to see when a password for a user was nearly at it’s expiration date. I couldn’t find one so I decided to write a plugin.

This can be downloaded from the Nagios Exchange:

http://exchange.nagios.org/directory/Plugins/Operating-Systems/Linux/check_expiry-2Esh/details

IPv6 tunneling between Cisco 887va and CentOS

I was sitting around bored at work one day and began reading about IPv6 over IPv4 tunnels. I had used them briefly before for experimentation but had never stuck with them due to privacy concerns. There are numerous tunnel brokers out there like sixxs.net and he.net but I wanted to setup something more private and secure.

It just so happens I have a /56 from a server provider which gave me the idea of setting up my own tunnel utilising IPv6 addresses I had readily available. I thought I’d outline the basic configuration below to help anyone else who may embark on something similar:

Server-Side (this can be a dedicated server or VPS at your provider)

All you need to do is have an IPv6 address configured on this server alongside your IPv4 address then simply issue the commands below to get a tunnel up and running and routing your IP addresses (for convenience I put this in /etc/rc.local):

## Wait 60 seconds before configuring IPv6 tunnel

sleep 60

## Configure IPv6 tunnel

ip tunnel add tun6in4 mode sit local  remote any
ip link set tun6in4 up
ip addr add 2001:xxxx:xxxx:xx2::2/64 dev tun6in4
ip route del 2001:xxxx:xxxx:x2::/64 dev tun6in4
ip route add 2001:xxxx:xxxx:x2::/64 via :: dev tun6in4
ip route add 2001:xxxx:xxxx:xx3::/64 via :: dev tun6in4
ip route add 2001:xxxx:xxxx:xx4::/64 via :: dev tun6in4
ip route add 2001:xxxx:xxxx:xx5::/64 via :: dev tun6in4
ip route add 2001:xxxx:xxxx:xx6::/64 via :: dev tun6in4
ip route add 2001:xxxx:xxxx:xx7::/64 via :: dev tun6in4
sysctl -w net.ipv6.conf.all.forwarding=1
ip route add ::/0 via 2001:xxxx:xxxx:xxx::1 dev eth0

I’ve had to obfuscate the IP’s above for security purposes but I’ve left the last digit visible to give you an idea of how the subnets are routed.

I then moved on to the Cisco 887va I have at home to configure the tunnel endpoint (client side):

Current configuration : 204 bytes
!
interface Tunnel0
 description ** Tunnel to Provider **
 no ip address
 ipv6 address 2001:xxxx:xxxx:xx3::1/64
 tunnel source 
 tunnel mode ipv6ip
 tunnel destination 
end

Make sure you configure an IPv6 IP in your default vlan out of one of the the /64′s you’ve routed across.

Happy IPv6′ing!

I had some help from other blogs/questions on the internet:

http://blog.danmassey.net/?p=827

http://superuser.com/questions/304786/ipv6-tunnel-via-own-linux-ipv6-connected-server

Configuring BT Infinity Business on Cisco 887VA

Ever since getting BT Infinity Business I have been reviewing several different VDSL2 enterprise modem options. The Cisco 887VA quickly appeared to be an affordable viable alternative to the standard Huawei HG612 modem that had been provided to me during the install.

My initial concerns were that the router wouldn’t be capable of the 80mbps down and 20mbps up speeds that my connection provided as the throughput reported by Cisco for the 887VA was only defined as 25mbps. There were a few other people around the net who had this router configured for use with BT Infinity but a lot of them were only on the 35mbps package and didn’t mention any throughput issues.

Suffice to say I decided to take the plunge and managed to get a second hand version off eBay at an incredibly reasonable price and as I’d be using it purely as a router I wouldn’t be using any of the ‘throughput killer’ features such as NAT and extensive ACL’s.

My complete working configuration (minus identifiable information and passwords) can be found below. I have a /28 IPv4 subnet with my Infinity Business connection meaning I have 13 useable IP’s, one of which needed to be assigned to the Cisco to become the gateway.

hostname#sh run
Building configuration...

Current configuration : 2883 bytes ! version 15.3 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname ############# ! boot-start-marker boot system flash c880data-universalk9-mz.153-3.M.bin boot-end-marker ! ! enable secret 4 ######################## ! no aaa new-model memory-size iomem 10 ! ! no ip source-route ! ! no ip bootp server ip domain name ############ ip cef no ipv6 cef ! ! license udi pid CISCO887VA-K9 sn ######### ! ! username ###### privilege 15 secret 4 #################### ! ! controller VDSL 0 operating mode vdsl2 firmware filename flash:vdsl.bin-A2pv6C035d_d23j ! ip ssh version 2 ! ! interface Ethernet0 no ip address ip virtual-reassembly in no lldp transmit no lldp receive ! interface Ethernet0.101 encapsulation dot1Q 101 pppoe enable pppoe-client dial-pool-number 1 ! interface ATM0 no ip address shutdown no atm ilmi-keepalive ! interface FastEthernet0 description ###### no ip address spanning-tree portfast ! interface FastEthernet1 description ###### no ip address spanning-tree portfast ! interface FastEthernet2 description ###### no ip address spanning-tree portfast ! interface FastEthernet3 description ###### no ip address spanning-tree portfast ! interface Vlan1 ip address 217.x.x.x 255.255.255.240 ip virtual-reassembly in ip tcp adjust-mss 1452 ! interface Dialer0 mtu 1492 ip address negotiated no ip redirects no ip proxy-arp ip virtual-reassembly in encapsulation ppp dialer pool 1 dialer-group 1 ppp authentication chap callin ppp chap hostname xxxxx@xxxx.btclick.com ppp chap password 7 ########## ppp ipcp dns request ppp ipcp route default no cdp enable ! interface Dialer1 no ip address ! ip forward-protocol nd no ip http server no ip http secure-server ! ! no cdp run ! snmp-server community xxxxxxxxx RW 2 snmp-server location ##### snmp-server contact ###### snmp-server chassis-id Cisco887va-Router snmp-server enable traps snmp linkdown linkup coldstart warmstart snmp-server host x.x.x.x version 2c ####### access-list 1 permit x.x.x.x 0.0.0.15 access-list 2 permit x.x.x.x ! ! line con 0 password 7 ######### login no modem enable line aux 0 line vty 0 4 access-class 1 in exec-timeout 5 0 login local transport input ssh ! ntp server x.x.x.x ! end

Cleverhosting are now selling Virtual Private Servers

As some of you may know. I own my own company called, Cleverhosting.

We’ve just released our own VPS packages based on the Xen HVM platform. Trust me when I say that these VPS’ are extremely quick and very competitively priced. We have a limited time promotional offer to grab one with your first month free. Simply use coupon code FB1MTH to get any of our VPS packages for free for 1 month.

See our packages here: Cheap VPS.

A new job

It’s been a while since I posted some sort of meaningful or interesting post, so I thought I’d post about the latest changes going on in my life.

Yesterday was the last day at my job where I worked as a Support Engineer looking after Dedicated Servers for a popular web hosting company here in the UK. I worked there for just over a year, but made the difficult decision to move on after various let downs, a severe increase in work and lack of fulfilled promises. It wasn’t all bad though, it gave me a really rewarding insight into the web hosting industry and how it operates. This was definitely useful for my own venture, Cleverhosting. I learnt a lot more about Linux in a very short space of time due to the majority of the companies infrastructure along with the dedicated servers we sold having Linux or a variation of Unix on them. This ultimately gave me the knowledge that helped me to acquire the new job I’m going to. This new job is definitely a lot more up my street than the previous. It’s a Systems Administrator role working specifically with Linux (namely CentOS) which means that I get to participate more in projects that are going on, rather than constantly fixing issues and taking calls. I expect this to be a big new challenge, one which I’m quite nervous about in all honesty. I have no idea what to expect.

Leaving the company I previously worked for brought up some rather odd emotions. I found myself quite saddened by my departure despite it being my own choice to leave. I made a lot of good friends whilst working there and I became accustomed to the day-to-day activities that I did so fully knew what to expect.

Anyway, I will more than likely type out a new post in the near future after starting my new position.

Tapco Link Firewire 4×6 Drivers

I am one of the proud owners of a Tapco audio interface, but I hadn’t used it for quite a while. So the other day when I went to Tapco’s site to try and download the drivers, I couldn’t find them! It appears they had been removed, and Mackie didn’t have them either.

Luckily, there was a backup of the drivers stored on my server which I later found, so I’m putting them on here for all to get hold of should they need them. The driver package has both 32-bit and 64-bit drivers.

Tapco LINK.firewire 4×6 drivers

Farcel2Go – I mean Parcel2Go

What an incredibly disappointing experience I’ve had with Parcel2Go over the last few days.

I purchased a courier service through them to pick up a rather large expensive parcel, and deliver to Maidenhead. I chose TNT through them as the courier to deliver this parcel and they arrived on Friday evening just before 6pm to pick up the parcel, with an aim to deliver it the Next Day. So great so far!

Saturday morning rolls round, and I see that they’ve confirmed successful delivery at 11:48am. Naturally I check the tracking information to ensure it’s got to the correct destination and that everything is in order. Much to my surprise, I found that they had delivered it to somewhere in Kettering, Northamptonshire, 90 miles away from it’s intended destination in Maidenhead. Of course, as soon as I saw this error, I got on the ‘Live Chat’ function of P2G’s website and inquired about why the tracker was showing my parcel as being delivered to Kettering. They completely overlooked my question and all associated issues, stating that the parcel had been delivered successfully to Kettering. I tried to point out that this was in fact incorrect, and so began the problems. I then phoned up TNT who confirmed the delivery had been made and signed for in Kettering to which I pointed out this was completely incorrect and that I’d have to contact Parcel2Go as I’m not the contract holder.

So far, Parcel2Go have been extremely unhelpful, with their ‘Live Chat’ being incredibly unhelpful, to the point of thinking that maybe there isn’t even a human sat on the other side! After numerous chats, I’ve e-mailed the ‘Head of Customer Services’ who has used the line, ‘We will investigate this for you and get back to you shortly.’ which I’ve heard numerous times before. I can only hope that something gets resolved very soon otherwise I will be out of pocket by a lot of money.

Follow the saga on my profile at Twitter: http://twitter.com/#keithrogers88

Any comments or advice are welcome.

UPDATE: Parcel2Go contacted me very quickly by phone after my tweet yesterday afternoon and my parcel magically arrived at it’s intended destination this morning. I’d like to thank them for their swift action on getting this resolved!

Gym

I’ve gone and done what I’ve done on one occasion before and would potentially do on many future occasions. I quit the gym!

I just couldn’t find that something inside me to motivate myself to go to the gym for an hour after a long day at work and then rush for the train to get home at a reasonable hour. Not only that, but then I have to get something for tea by which time it’s 10pm and I’ve done nothing I’d usually do on an evening. Play games, chill, watch TV etc.

I did manage to do my own home gym thing for a little while, and I’m thinking about giving that another go. It’s free and I don’t feel as obligated. I’ve got a good workout to follow from a friend but if anyone has any ideas on how to spice it up a bit, please let me know.