Welcome to TiddlyWiki created by Jeremy Ruston, Copyright © 2007 UnaMesa Association
{{{
Here is the format.
# add password <router name glob> <vty passwd> <enable passwd>
#
# add user <router name glob> <username>
# The default user is $USER (i.e.: the user running clogin).
#
# add userprompt <router name glob> <username prompt>
# What the router prints to prompt for the username.
# Default: {"(Username|login|user name):"}
#
# add userpassword <router name glob> <user password>
# The password for user if different than the password set
# using 'add password'.
#
# add passprompt <router name glob> <password prompt>
# What the router prints to prompt for the password.
# Default: {"(\[Pp]assword|passwd):"}
#
# add method <router name glob> {ssh} [...]
# Defines, in order, which connection method(s) to use for a device
# from the set {ssh,telnet,rsh}. e.g.: add method * {ssh} {telnet} {rsh}
# will attempt ssh connection first. if ssh fails with connection
# refused (i.e.: not due to authentication failure), then try telnet,
# then rsh.
# Default: {telnet} {ssh}
#
# add noenable <router name glob>
# equivalent of -noenable on the cmd line to not enable at login.
#
# add enableprompt <router name glob> <enable prompt>
# What the router prints to prompt for the enable password.
# Default: {"\[Pp]assword:"}
#
# add enauser <router name glob> <username>
# This is only needed if enable asks for a username and this
# username is different from what user is set to.
#
# add autoenable <router name glob> <1/0>
# This is used if you are automatically enabled by the login process.
#
# add cyphertype <router name glob> <ssh encryption type>
# Default is 3des.
#
# add identity <router name glob> <path to ssh identity file>
# Default is your default ssh identity.
}}}
If you have a comment or question send me an email: jeff.wardlaw@gmail.com
from: http://blogs.techrepublic.com.com/networking/?p=470
by: David Davis
Recently, Cisco Subnet blogger Brad Reese wrote the article, “Expert warns of scam to blackmail companies for cash to get back access to their Cisco routers.” In that post, he wrote about hackers who manage to hijack a company’s routers and then extort money from them by threatening to take down the network. The hackers were able to obtain control of the network because of poorly written Cisco IOS ACLs, easily guessed passwords, and unencrypted SNMP community strings (or easily guessed community strings).
Don’t let this happen to you and your network. Here are my top five best practices to secure your routers, your network, and your company from malicious attacks.
1. Understand the basics of router security
You must understand the basics of router security. Here are the essentials:
Physically secure the routers
If your routers are not physically secured, anyone can walk up, perform a password reset, and gain full access to that router’s configuration. Even if this isn’t a core router, they could take down your network by poisoning the routing tables on all routers. For this reason, routers should be in a locked room and preferably have video surveillance. Additionally, reliable electrical power and cooling must be provided.
Lock down the router with passwords
Routers must be secured with passwords at both the login mode (to prevent initial access) and the privileged mode (to prevent configuration changes). For more information on these different levels in the Cisco IOS, please see my article, “Understand the levels of privilege in the Cisco IOS.”
Apply login mode passwords on Console, AUX, and VTY (telnet/ssh) interfaces
Password controlled access needs not only to be on the VTY lines to prevent network access, but also on the Console and AUX ports. If the Console port is locked but the AUX port doesn’t have a password, then locking the Console wasn’t of much use, was it?
Set the correct time and date
To ensure that logs are correct and have not been tampered with, you must ensure that the router has the correct time and date. For more information, please see “Synchronize a Cisco router’s clock with Network Time Protocol (NTP).”
Enable proper logging
Logging should be enabled, preferably, back to a central source like a syslog server. At minimum, you need to configure a buffered log on the router. However, if the power is lost to that router, that local buffered log is lost. For this reason, to really be secure, you need to configure a syslog server (see the article, “SolutionBase: Monitor your network with Kiwi Syslog“), and send all router logs to that server. You could also put in the open source or commercial version of Tripwire. Preferably, you should increase the level of logging and even log configuration changes to the router. For example, you can use the following command to enable SNMP traps for configuration changes:
snmp-server enable traps config
For more information on Cisco router logging, please see, “Get to know your logging options in the Cisco IOS.”
Back up router configurations to a central source
Let’s say that someone does take control of your router or wipes out your router configurations. To replace that router quickly or replace the configuration, you need to have a backup of that configuration. To do this, ensure that your routers are backed up whenever configuration changes are made or each week or day. I have enjoyed using Kiwi CatTools to do this. For more information, see “Automate changes to your Cisco router with Kiwi CatTools.”
Secure other network devices such as switches and wireless access
Most of the items listed here also apply to Cisco switches and wireless access points. Here are a couple of articles on those topics that you should check out:
* 10 things you should know about securing wireless connections
* Lock Down Switch Port Security
Two more areas that I consider to be at the basic level of router security are locking down network access to the router with a stateful firewall or ACL and encrypting sensitive network traffic, but I will cover these points in more detail below (sections three and five, respectively).
2. Know your network: Diagram, audit, and document
If you are responsible for the security of a network you should know that network like you know the vulnerable doors and windows (think entry points) of your house.
You should diagram your network so that you have a map to help you and others visualize the entire network.
You should have the router configurations backed up (see Kiwi CatTools above). Finally, you should periodically audit your network security, both internally and externally (via a third party). There are tons of network scanning and auditing tools available. Here is a recent article of mine that covered one of them: “Audit your Cisco router’s security with Nipper.”
3. Protect your router with a firewall and ACLs
In Reese’s post about the hackers, he mentioned the fact that the company had poor access control lists (ACLs) in place on their routers. ACLs are typically what protect routers from attack. However, due to their complexity, many of them end up being misconfigured or ineffective. Make sure that your ACLs allow only traffic to the router and through the router that should be there. For internal routers this will only be internal traffic.
Make sure you understand that whatever isn’t permitted will be denied (the implicit deny), that ACLs are processed from the top down, that there should never be a permit any in the ACL, and that the ACL must be applied to an interface in the proper direction to be enabled. For more information on ACLs, please see some of my articles and video on this topic:
* Secure your router with Cisco’s SDM Firewall Policy Wizard
* Cisco IOS access lists: 10 things you should know
* Use advanced parameters on your Cisco IOS ACLs
* VIDEO: Harden your Cisco Router with IOS ACLs
Keep in mind that ACLs aren’t just used to prevent traffic from going through the router. They are also used to control SSH traffic, routing update, and to throttle traffic. For more information, see:
* Learn additional uses for Cisco IOS access control lists
* Control unwanted traffic on your Cisco router with CAR
Besides ACLs, the Cisco IOS offers a real stateful firewall if you use the Security/Firewall version of the IOS. A stateful firewall will be much better than just using ACLs. I recommend checking out my article, “Protect your network with the Cisco IOS Firewall,” and consider implementing one on your routers.
4. Change your passwords and make them complex
Another method that hackers use to take control of networks is password guessing or password sniffing. To prevent this, you should CHANGE YOUR PASSWORDS TO COMPLEX PASSWORDS TODAY. Don’t wait another day! An example of a complex password is MySuper!S3cr3tPa$$.
Make sure you always use type 5 password encryption on your routers (see “Be aware of how easily someone can crack a Cisco IOS password“). Make sure this command is on your router to encrypt most (but not all) passwords with type 5 encryption:
service password-encryption
Also, keep in mind that we aren’t just talking about login passwords. This includes all SNMP community strings and routing protocol update passwords. All of those should be complex and changed periodically.
For more information on this topic, please see, “How to Configure Passwords to Secure your Cisco Router.”
5. Always encrypt sensitive network traffic
Finally, hackers can obtain passwords to your routers by sniffing network traffic when you log in to your router with telnet, perform a “show run” via telnet, or use unencrypted SNMP strings.
You should always encrypt sensitive network traffic by using SSH and SNMP encryption. Start by enabling SSH and disable telnet to all network devices that support it (see “Configure SSH on your Cisco Router“).
If you are using SNMP, enable SNMP v3 with encryption and use it exclusively (for more information, see AES and 3-DES Encryption Support for SNMP Version 3).
Be careful
The point of this article is to (1) encourage you to take action to secure your network before malicious attackers take control of it and (2) to show you exactly which actions you need to take. You shouldn’t assume that your network isn’t a target because your company isn’t high profile or your data wouldn’t be valuable to an attacker. Take every reasonable step to protect your network; as you can see from this post, these steps aren’t necessarily difficult or costly.
{{{
configure factory-default
}}}
Version: 5.0
Updated 20090303
{{{
<username>
<Name>
<password>
<Nat0ACL>
<localnet>
<localmask>
<poolnet>
<poolmask>
<presharedkey>
}}}
{{{
username <username> password <password> priv 0
ip local pool <Name>Pool a.b.c.d-a.b.c.e mask w.x.y.z
!
access-list <Nat0ACL> remark >>>> Begin <Name> VPN Client Nat0
access-list <Nat0ACL> extended permit ip <localnet> <localmask> <poolnet> <poolmask>
access-list <Nat0ACL> remark >>>> End <Name> VPN Client Nat0
!
access-list <Name>SplitTunnelACL extended permit ip <localnet> <localmask> <poolnet> <poolmask>
!
!uncomment following if you don't have a nat0 line
!nat (inside) 0 access-list <Nat0ACL>
!
group-policy <Name>VPNPolicy internal
group-policy <Name>VPNPolicy attributes
vpn-tunnel-protocol IPSec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value <Name>SplitTunnelACL
!
tunnel-group <Name>VPNTunnelGroup type ipsec-ra
tunnel-group <Name>VPNTunnelGroup general-attributes
address-pool <Name>Pool
default-group-policy <Name>VPNPolicy
tunnel-group <Name>VPNTunnelGroup ipsec-attributes
pre-shared-key <presharedkey>
! uncomment following if you don't want to use usernames & passwords
! isakmp ikev1-user-authentication none
}}}
replace these:
{{{
<Name>
<Nat0ACL>
<localnet>
<localmask>
<remotenet>
<remotemask>
<MapName>
<SeqNumber>
<PeerIP>
<InterfaceName>
<presharedkey>
}}}
{{{
access-list <Nat0ACL> remark >>>> Begin <Name> VPN Tunnel Nat0
access-list <Nat0ACL> extended permit ip <localnet> <localmask> <remotenet> <remotemask>
!repeat as necessary
! .
access-list <Nat0ACL> remark >>>> End <Name> VPN Tunnel Nat0
!
!cryptomap acl
access-list <MapName>-<SeqNumber> remark >>>> Begin <Name> VPN Tunnel CryptoMap ACL
access-list <MapName>-<SeqNumber> extended permit ip <localnet> <localmask> <remotenet> <remotemask>
!repeat as necessary
! .
access-list <MapName>-<SeqNumber> remark >>>> End <Name> VPN Tunnel CryptoMap ACL
!
!nat 0
!nat (inside) 0 access-list <Nat0ACL>
!
!
!Phase2
!crypto ipsec transform-set 3DES-SHA esp-3des esp-sha-hmac
crypto map <MapName> <SeqNumber> match address <MapName>-<SeqNumber>
crypto map <MapName> <SeqNumber> set peer <PeerIP>
crypto map <MapName> <SeqNumber> set transform-set 3DES-SHA
!crypto map <MapName> interface <InterfaceName>
!Phase 1
!crypto isakmp identity address
!crypto isakmp enable <InterfaceName>
!crypto isakmp policy <PolicySeqNumber>
! authentication pre-share
! encryption 3des
! hash sha
! group 2
! lifetime 86400
!
tunnel-group <PeerIP> type ipsec-l2l
tunnel-group <PeerIP> ipsec-attributes
! pre-shared-key <presharedkey>
}}}
{{{for /r F:\Test_Set_1 %%a in (*) do echo %%~sfa}}}
If your pair of ASAs has failed over, and you want to fail back:
*log into the primary-standby member
*{{{failover active}}}
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008045a2d2.shtml#cis
{{{
Performing Password Recovery for the ASA 5500 Series Adaptive Security Appliance
To recover from the loss of passwords, perform the following steps:
Step 1 Connect to the security appliance console port according to the "Accessing the Command-Line Interface" section on page 2-1.
Step 2 Power off the security appliance, and then power it on.
Step 3 During the startup messages, press the Escape key when prompted to enter ROMMON.
Step 4 To set the security appliance to ignore the startup configuration at reload, enter the following command:
rommon #1> confreg
The security appliance displays the current configuration register value, and asks if you want to change the value:
Current Configuration Register: 0x00000011
Configuration Summary:
boot TFTP image, boot default image from Flash on netboot failure
Do you wish to change this configuration? y/n [n]:
Step 5 Record your current configuration register value, so you can restore it later.
Step 6 At the prompt, enter Y to change the value.
The security appliance prompts you for new values.
Step 7 Accept the default values for all settings, except for the "disable system configuration?" value; at that prompt, enter Y.
Step 8 Reload the security appliance by entering the following command:
rommon #2> boot
The security appliance loads a default configuration instead of the startup configuration.
Step 9 Enter privileged EXEC mode by entering the following command:
hostname> enable
Step 10 When prompted for the password, press Return.
The password is blank.
Step 11 Load the startup configuration by entering the following command:
hostname# copy startup-config running-config
Step 12 Enter global configuration mode by entering the following command:
hostname# configure terminal
Step 13 Change the passwords in the configuration by entering the following commands, as necessary:
hostname(config)# password password
hostname(config)# enable password password
hostname(config)# username name password password
Step 14 Change the configuration register to load the startup configuration at the next reload by entering the following command:
hostname(config)# config-register value
Where value is the configuration register value you noted in Step 5. 0x1 is the default configuration register. For more information about the configuration register, see the Cisco Security Appliance Command Reference.
Step 15 Save the new passwords to the startup configuration by entering the following command:
hostname(config)# copy running-config startup-config
}}}
http://asn.cymru.com/cgi-bin/whois.cgi
On an NTFS file-system, cannot have more than 1820 Access Control Entries (ACEs) per file.
*Determine Array
*Determine Prod LUN
*Determine Clone LUN
*Determine RG for Prod LUN additional space
*Create LUN for Prod LUN expansion
*Determien RG for Clone LUN additional space
*Create LUN for Clone LUN expansion
*Remove Clone LUN from clone group
*Delete clone group
*Expand Prod LUN
*Expand windows volume
*Expand Clone LUN
*Create clone group
*Add Clone LUN to clone group
#Add Alias to WWN
#Create zone for each HBA>SP
#Add zone to zone config
#save config
#apply config
useradd and groupadd are the posix or SUS-standardized tools to create
users and groups. You can expect them to work (almost) identically on all Linux
distributions as well as on HP-UX, Solaris, AIX, ...
adduser and groupadd are distribution specific wrappers which make it
simpler to create users which conform to some (distribution-specific or
local) policy. The options vary wildly between different distributions
and other UNIXes may not have these commands at all.
from
http://lists.debian.org/debian-powerpc/2004/09/msg00215.html
{{{
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
}}}
hidden system folder
1 Open Global settings in Exchange system manager.
2 Internet Message Formats.
3 Right click "default" (on the right hand panel).
4 Select Properties > Advanced.
5 the "allow out of office responses" box. Click apply/ok.
add
{{{
RedirectMatch ^/$ http://servername/cacti
}}}
http://www.petenetlive.com/KB/Article/0000273.htm
[[Border Gateway Protocol (BGP) Introduction|http://www.cisco.com/en/US/tech/tk365/tk80/tsd_technology_support_sub-protocol_home.html]]
{{{
Q. What is the order of preference of attributes when some or all are applied to one neighbor in BGP?
A. The order of preference varies based on
whether the attributes are applied for inbound updates or outbound updates.
For inbound updates the order of preference is:
1. route-map
2. filter-list
3. prefix-list, distribute-list
For outbound updates the order of preference is:
1. prefix-list, distribute-list
2. filter-list
3. route-map
Note: The attributes prefix-list and distribute-list are mutually exclusive,
and only one command (neighbor prefix-list or neighbor distribute-list)
can be applied to each inbound or outbound direction for a particular neighbor.
}}}
run ioscan, compare scsi id's to htrmserv.ini
{{{
C:\Htape\RM\bin>ioscan tape
IoScan version 1.2 - BridgeHead Software I/O devices scan
Device Name Serial number
SCSI:5:1:0:1 tape0 MXP1115TBE
SCSI:5:1:0:2 tape1 HU11032VU1
SCSI:5:1:1:0 tape2 HU10530JHT
SCSI:5:1:1:1 tape3 HU10640NJH
SCSI:5:1:2:0 tape4 HU10804F51
SCSI:5:1:2:1 tape5 HU108041T2
C:\Htape\RM\bin>ioscan changer
IoScan version 1.2 - BridgeHead Software I/O devices scan
Device Name Serial number
SCSI:5:1:0:0 changer0 USX602Z02F
C:\Htape\RM\bin>cd\
}}}
{{{
c:\htape\rm\bin>ioscan.exe
IoScan version 1.2 - BridgeHead Software I/O devices scan
Device Device type Bus type Vendor Product Rev Claimed
SCSI:0:0:0:0 CDROM Drive ATA TEAC CD-224E 9.9A Yes
SCSI:2:0:0:0 Unknown device SCSI COMPAQ SCSI COMMUNICATE CISS No
SCSI:2:0:4:0 Disk SCSI COMPAQ LOGICAL VOLUME 2.62 Yes
SCSI:3:1:0:0 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:3:1:0:2 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:3:1:0:3 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:3:1:0:4 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:3:1:0:5 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:3:1:0:7 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:3:1:0:8 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:3:1:0:10 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:3:1:0:11 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:3:1:0:12 Disk FIBRE DGC RAID 1 0219 Yes
SCSI:3:1:0:13 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:3:1:1:0 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:3:1:1:2 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:3:1:1:3 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:3:1:1:4 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:3:1:1:5 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:3:1:1:7 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:3:1:1:8 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:3:1:1:10 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:3:1:1:11 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:3:1:1:12 Disk FIBRE DGC RAID 1 0219 Yes
SCSI:3:1:1:13 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:3:1:2:0 Disk FIBRE DGC LUNZ 0429 No
SCSI:3:1:2:1 Disk FIBRE DGC RAID 10 0429 Yes
SCSI:3:1:2:2 Disk FIBRE DGC RAID 10 0429 Yes
SCSI:3:1:2:3 Disk FIBRE DGC RAID 10 0429 Yes
SCSI:3:1:3:0 Disk FIBRE DGC LUNZ 0429 No
SCSI:3:1:3:1 Disk FIBRE DGC RAID 10 0429 Yes
SCSI:3:1:3:2 Disk FIBRE DGC RAID 10 0429 Yes
SCSI:3:1:3:3 Disk FIBRE DGC RAID 10 0429 Yes
SCSI:4:1:0:0 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:4:1:0:2 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:4:1:0:3 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:4:1:0:4 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:4:1:0:5 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:4:1:0:7 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:4:1:0:8 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:4:1:0:10 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:4:1:0:11 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:4:1:0:12 Disk FIBRE DGC RAID 1 0219 Yes
SCSI:4:1:0:13 Disk FIBRE DGC RAID 10 0219 Yes
SCSI:4:1:1:0 Disk FIBRE DGC LUNZ 0429 No
SCSI:4:1:1:1 Disk FIBRE DGC RAID 10 0429 Yes
SCSI:4:1:1:2 Disk FIBRE DGC RAID 10 0429 Yes
SCSI:4:1:1:3 Disk FIBRE DGC RAID 10 0429 Yes
SCSI:4:1:2:0 Disk FIBRE DGC LUNZ 0429 No
SCSI:4:1:2:1 Disk FIBRE DGC RAID 10 0429 Yes
SCSI:4:1:2:2 Disk FIBRE DGC RAID 10 0429 Yes
SCSI:4:1:2:3 Disk FIBRE DGC RAID 10 0429 Yes
SCSI:5:1:0:0 Media changer FIBRE HP MSL6000 Series 0520 Yes
SCSI:5:1:0:1 Tape FIBRE HP Ultrium 3-SCSI G65W Yes
SCSI:5:1:0:2 Tape FIBRE HP Ultrium 3-SCSI G65W Yes
SCSI:5:1:0:3 Array Device FIBRE HP NS E1200-160 5963 No
SCSI:5:1:1:0 Tape FIBRE HP Ultrium 3-SCSI G65W Yes
SCSI:5:1:1:1 Tape FIBRE HP Ultrium 3-SCSI G65W Yes
SCSI:5:1:1:2 Array Device FIBRE HP NS E1200-160 5963 No
SCSI:5:1:2:0 Tape FIBRE HP Ultrium 3-SCSI G65W Yes
SCSI:5:1:2:1 Tape FIBRE HP Ultrium 3-SCSI G65W Yes
SCSI:5:1:2:2 Array Device FIBRE HP NS E1200-320 5963 No
}}}
Blat is a command line smtp mailer for windows. I use it for a lot of my windows scripts: [[robocopy]].
Here's a my installer script:
{{{
@echo off
::installblat.cmd
c:\bin\blat.exe -install <mailhost> %computername%@<domain>.<tld>
}}}
Here's where I use it:
{{{
@echo off
SETLOCAL ENABLEDELAYEDEXPANSION
.
.
.
do stuff
.
.
.
log it to %_logfile%
SET _BLAT=c:\bin\blat.exe
%_BLAT% %_logfile% -t <recipient>@<domain>.<tld> -s "%0 done"
}}}
!!!!Gotcha/Hint
use {{{SETLOCAL ENABLEDELAYEDEXPANSION}}} to expand %0 in the -s "%0 done"
{{{
Blat v2.6.2 w/GSS encryption (build : Feb 25 2007 12:06:19)
Win32 console utility to send mail via SMTP or post to usenet via NNTP
by P.Mendes,M.Neal,G.Vollant,T.Charron,T.Musson,H.Pesonen,A.Donchey,C.Hyde
http://www.blat.net
syntax:
Blat <filename> -to <recipient> [optional switches (see below)]
Blat -SaveSettings -f <sender email addy> -server <server addr>
[-port <port>] [-try <try>] [-profile <profile>]
[-u <login id>] [-pwd <password>]
or
Blat -install <server addr> <sender's addr> [<try>[<port>[<profile>]]] [-q]
Blat -profile [-delete | "<default>"] [profile1] [profileN] [-q]
Blat -h
-------------------------------- Installation ---------------------------------
-SaveSettings : store common settings to the Windows Registry. Takes the
same parameters as -install, and is only for SMTP settings.
-install[SMTP|NNTP|POP3|IMAP] <server addr> <sender email addr> [<try n times>
[<port> [<profile> [<username> [<password>]]]]]
: set server, sender, number of tries and port for profile
(<try n times> and <port> may be replaced by '-')
port defaults are SMTP=25, NNTP=119, POP3=110, IMAP=143
default profile can be specified with a '-'
username and/or password may be stored to the registry
order of options is specific
use -installNNTP for storing NNTP information
use -installPOP3 for storing POP3 information
(sender and try are ignored, use '-' in place of these)
use -installIMAP for storing IMAP information
(sender and try are ignored, use '-' in place of these)
--------------------------------- The Basics ----------------------------------
<filename> : file with the message body to be sent
if your message body is on the command line, use a hyphen (-)
as your first argument, and -body followed by your message
if your message will come from the console/keyboard, use the
hyphen as your first argument, but do not use -body option.
-of <file> : text file containing more options (also -optionfile)
-to <recipient> : recipient list (also -t) (comma separated)
-tf <file> : recipient list filename
-cc <recipient> : carbon copy recipient list (also -c) (comma separated)
-cf <file> : cc recipient list filename
-bcc <recipient>: blind carbon copy recipient list (also -b)
(comma separated)
-bf <file> : bcc recipient list filename
-maxNames <x> : send to groups of <x> number of recipients
-ur : set To: header to Undisclosed Recipients if not using the
-to and -cc options
-subject <subj> : subject line, surround with quotes to include spaces(also -s)
-ss : suppress subject line if not defined
-sf <file> : file containing subject line
-bodyF <file> : file containing the message body
-body <text> : message body, surround with quotes (") to include spaces
-sig <file> : text file containing your email signature
-tag <file> : text file containing taglines, to be randomly chosen
-ps <file> : final message text, possibly for unsubscribe instructions
----------------------------- Registry overrides ------------------------------
-p <profile> : send with server, user, and port defined in <profile>
: use username and password if defined in <profile>
-profile : list all profiles in the Registry
-server <addr> : specify SMTP server to be used (optionally, addr:port)
-serverSMTP <addr>
: same as -server
-serverNNTP <addr>
: specify NNTP server to be used (optionally, addr:port)
-serverPOP3 <addr>
: specify POP3 server to be used (optionally, addr:port)
when POP3 access is required before sending email
-serverIMAP <addr>
: specify IMAP server to be used (optionally, addr:port)
when IMAP access is required before sending email
-f <sender> : override the default sender address (must be known to server)
-i <addr> : a 'From:' address, not necessarily known to the server
-port <port> : port to be used on the SMTP server, defaults to SMTP (25)
-portSMTP <port>: same as -port
-portNNTP <port>: port to be used on the NNTP server, defaults to NNTP (119)
-portPOP3 <port>: port to be used on the POP3 server, defaults to POP3 (110)
-portIMAP <port>: port to be used on the IMAP server, defaults to IMAP (110)
-u <username> : username for AUTH LOGIN (use with -pw)
-pw <password> : password for AUTH LOGIN (use with -u)
-pu <username> : username for POP3 LOGIN (use with -ppw)
-ppw <password> : password for POP3 LOGIN (use with -pu)
-iu <username> : username for IMAP LOGIN (use with -ppw)
-ipw <password> : password for IMAP LOGIN (use with -pu)
---------------------- Miscellaneous RFC header switches ----------------------
-organization <organization>
: Organization field (also -o and -org)
-ua : include User-Agent header line instead of X-Mailer
-x <X-Header: detail>
: custom 'X-' header. eg: -x "X-INFO: Blat is Great!"
-noh : prevent X-Mailer/User-Agent header from showing Blat homepage
-noh2 : prevent X-Mailer header entirely
-d : request disposition notification
-r : request return receipt
-charset <cs> : user defined charset. The default is ISO-8859-1
-a1 <header> : add custom header line at the end of the regular headers
-a2 <header> : same as -a1, for a second custom header line
-dsn <nsfd> : use Delivery Status Notifications (RFC 3461)
n = never, s = successful, f = failure, d = delayed
can be used together, however N takes precedence
-hdrencb : use base64 for encoding headers, if necessary
-hdrencq : use quoted-printable for encoding headers, if necessary
-priority <pr> : set message priority 0 for low, 1 for high
-sensitivity <s> : set message sensitity 0 for personal, 1 for private,
2 for company-confidential
----------------------- Attachment and encoding options -----------------------
-attach <file> : attach binary file(s) to message (filenames comma separated)
-attacht <file> : attach text file(s) to message (filenames comma separated)
-attachi <file> : attach text file(s) as INLINE (filenames comma separated)
-embed <file> : embed file(s) in HTML. Object tag in HTML must specify
content-id using cid: tag. eg: <img src="cid:image.jpg">
-af <file> : file containing list of binary file(s) to attach (comma
separated)
-atf <file> : file containing list of text file(s) to attach (comma
separated)
-aef <file> : file containing list of embed file(s) to attach (comma
separated)
-base64 : send binary files using base64 (binary MIME)
-uuencode : send binary files UUEncoded
-enriched : send an enriched text message (Content-Type=text/enriched)
-unicode : message body is in 16- or 32-bit Unicode format
-html : send an HTML message (Content-Type=text/html)
-alttext <text> : plain text for use as alternate text
-alttextf <file>: plain text file for use as alternate text
-mime : MIME Quoted-Printable Content-Transfer-Encoding
-8bitmime : ask for 8bit data support when sending MIME
-multipart <size>
: send multipart messages, breaking attachments on <size>
KB boundaries, where <size> is per 1000 bytes
-nomps : do not allow multipart messages
---------------------------- NNTP specific options ----------------------------
-groups <usenet groups>
: list of newsgroups (comma separated)
-------------------------------- Other options --------------------------------
-xtndxmit : Attempt to use POP3 to transmit when accessing POP3 first
-h : displays this help (also -?, /?, -help or /help)
-q : suppresses all output to the screen
-debug : echoes server communications to a log file or screen
(overrides -q if echoes to the screen)
-log <file> : log everything but usage to <file>
-timestamp : when -log is used, a timestamp is added to each log line
-overwritelog : when -log is used, overwrite the log file
-ti <n> : set timeout to 'n' seconds. Blat will wait 'n' seconds for
server responses
-try <n times> : how many times blat should try to send (1 to 'INFINITE')
-binary : do not convert ASCII | (pipe, 0x7c) to CrLf in the message
body
-hostname <hst> : select the hostname used to send the message via SMTP
this is typically your local machine name
-raw : do not add CR/LF after headers
-delay <x> : wait x seconds between messages being sent when used with
-maxnames or -multipart
-comment <char> : use this character to mark the start of commments in
options files and recipient list files. The default is ;
-superdebug : hex/ascii dump the data between Blat and the server
-superdebugT : ascii dump the data between Blat and the server
-------------------------------------------------------------------------------
Note that if the '-i' option is used, <sender> is included in 'Reply-to:'
and 'Sender:' fields in the header of the message.
Optionally, the following options can be used instead of the -f and -i
options:
-mailfrom <addr> The RFC 821 MAIL From: statement
-from <addr> The RFC 822 From: statement
-replyto <addr> The RFC 822 Reply-To: statement
-returnpath <addr> The RFC 822 Return-Path: statement
-sender <addr> The RFC 822 Sender: statement
For backward consistency, the -f and -i options have precedence over these
RFC 822 defined options. If both -f and -i options are omitted then the
RFC 821 MAIL FROM statement will be defaulted to use the installation-defined
default sender address.
}}}
cuzimlazier [[Robocopy Help]]
http://www.microsoft.com/technet/sysinternals/information/bootini.mspx
Boot INI Options Reference
Published: November 1, 2006
Introduction
There are number of BOOT.INI switches that are useful for driver developers that wish to test their drivers under a variety of different system configurations without having to have a separate machine for every one. For example, limiting the amount of memory NT sees can be useful for stressing memory loads, and limiting the number of processors for testing scalability. I've compiled a complete list of the options that BOOT.INI currently supports. This list is reproduced in the Startup, Shutdown and Crashes chapter of Windows Internals, where you'll find more information about the boot process. Entries in red were introduced in Windows 2000 and those in blue introduced in Windows XP or Windows Server 2003.
Note: to see what options a system has booted with examine HKLM\System\CurrentControlSet\Control\SystemStartOptions.
•
/3GB
•
Increases the size of the user process address space from 2 GB to 3 GB (and therefore reduces the size of system space from 2 GB to 1 GB). Giving virtual-memory- intensive applications such as database servers a larger address space can improve their performance. For an application to take advantage of this feature, however, two additional conditions must be met: the system must be running Windows XP, Windows Server 2003, Windows NT 4 Enterprise Edition, Windows 2000 Advanced Server or Datacenter Server and the application .exe must be flagged as a 3-GB-aware application. Applies to 32-bit systems only.
•
/BASEVIDEO
•
Causes Windows to use the standard VGA display driver for GUI-mode operations.
•
/BAUDRATE=
•
Enables kernel-mode debugging and specifies an override for the default baud rate (19200) at which a remote kernel debugger host will connect. Example: /BAUDRATE=115200.
•
/BOOTLOG
•
Causes Windows to write a log of the boot to the file %SystemRoot%\Ntbtlog.txt.
•
/BOOTLOGO
•
Use this switch to have Windows XP or Windows Server 2003 display an installable splash screen instead of the standard splash screen. First, create a 16-color (any 16 colors) 640x480 bitmap and save it in the Windows directory with the name Boot.bmp. Then add "/bootlogo /noguiboot" to the boot.ini selection.
•
/BREAK
•
Causes the hardware abstraction layer (HAL) to stop at a breakpoint at HAL initialization. The first thing the Windows kernel does when it initializes is to initialize the HAL, so this breakpoint is the earliest one possible. The HAL will wait indefinitely at the breakpoint until a kernel-debugger connection is made. If the switch is used without the /DEBUG switch, the system will Blue Screen with a STOP code of 0x00000078 (PHASE0_ EXCEPTION).
•
/BURNMEMORY=
•
Specifies an amount of memory Windows can't use (similar to the /MAXMEM switch). The value is specified in megabytes. Example: /BURNMEMORY=128 would indicate that Windows can't use 128 MB of the total physical memory on the machine.
•
/CHANNEL=
•
Used on conjunction with /DEBUGPORT=1394 to specify the IEEE 1394 channel through which kernel debugging communications will flow. This can be any number between 0 and 62 and defaults to 0 if not set.
•
/CLKLVL
•
Causes the standard x86 multiprocessor HAL (Halmps.dll) to configure itself for a level-sensitive system clock rather then an edge-triggered clock. Level-sensitive and edge-triggered are terms used to describe hardware interrupt types.
•
/CMDCONS
•
Passed when booting with into the Recovery Console (described later in this chapter).
•
/CRASHDEBUG
•
Causes the kernel debugger to be loaded when the system boots, but to remain inactive unless a crash occurs. This allows the serial port that the kernel debugger would use to be available for use by the system until the system crashes (vs. /DEBUG, which causes the kernel debugger to use the serial port for the life of the system session).
•
/DEBUG
•
Enables kernel-mode debugging.
•
/DEBUGPORT=
•
Enables kernel-mode debugging and specifies an override for the default serial (usually COM2 on systems with at least two serial ports) to which a remote kernel-debugger host is connected. Windows XP and Windows Server 2003 also support debugging through accept IEEE 1394 ports. Examples: /DEBUGPORT=COM2, /DEBUGPORT=1394.
•
/EXECUTE
•
This option disables no-execute protection. See the /NOEXECUTE switch for more information.
•
/FASTDETECT
•
Default boot option for Windows. Replaces the Windows NT 4 switch /NOSERIALMICE. The reason the qualifier exists (vs. just having NTDETECT perform this operation by default) is so that NTDETECT can support booting Windows NT 4. Windows Plug and Play device drivers perform detection of parallel and serial devices, but Windows NT 4 expects NTDETECT to perform the detection. Thus, specifying /FASTDETECT causes NTDETECT to skip parallel and serial device enumeration (actions that are not required when booting Windows), whereas omitting the switch causes NTDETECT to perform this enumeration (which is required for booting Windows NT 4).
•
/INTAFFINITY
•
Directs the standard x86 multiprocessor HAL (Halmps.dll) to set interrupt affinities such that only the highest numbered processor will receive interrupts. Without the switch, the HAL defaults to its normal behavior of letting all processors receive interrupts.
•
/KERNEL=/HAL=
•
Enable you to override Ntldr's default filename for the kernel image (Ntoskrnl.exe) and/or the HAL (Hal.dll). These options are useful for alternating between a checked kernel environment and a free (retail) kernel environment or even to manually select a different HAL. If you want to boot a checked environment that consists solely of the checked kernel and HAL, which is typically all that is needed to test drivers, follow these steps on a system installed with the free build:
•
Copy the checked versions of the kernel images from the checked build CD to your \Windows\System32 directory, giving the images different names than the default. For example, if you're on a uniprocessor, copy Ntoskrnl.exe to Ntoschk.exe and Ntkrnlpa.exe to Ntoschkpa.exe. If you're on a multiprocessor, copy Ntkrnlmp.exe to Ntoschk.exe and Ntkrpamp.exe to Ntoschkpa.exe. The kernel filename must be an 8.3-style short name.
•
Copy the checked version of the appropriate HAL needed for your system from \I386\Driver.cab on the checked build CD to your \Windows\System32 directory, naming it Halchk.dll. To determine which HAL to copy, open \Windows\Repair\Setup.log and search for Hal.dll; you'll find a line like \WINDOWS\system32\ hal.dll="halacpi.dll","1d8a1". The name immediately to the right of the equals sign is the name of the HAL you should copy. The HAL filename must be an 8.3-style short name.
•
Make a copy of the default line in the system's Boot.ini file.
•
In the string description of the boot selection, add something that indicates that the new selection will be for a checked build environment (for example, "Windows XP Professional Checked").
•
Add the following to the end of the new selection's line: /KERNEL=NTOSCHK.EXE /HAL= HALCHK.DLL
Now when the selection menu appears during the boot process you can select the new entry to boot a checked environment or select the entry you were using to boot the free build.
•
/LASTKNOWNGOOD
•
Causes the system to boot as if the LastKnownGood boot option was selected.
•
/MAXMEM=
•
Limits Windows to ignore (not use) physical memory beyond the amount indicated. The number is interpreted in megabytes. Example: /MAXMEM=32 would limit the system to using the first 32 MB of physical memory even if more were present.
•
/MAXPROCSPERCLUSTER=
•
For the standard x86 multiprocessor HAL (Halmps.dll), forces cluster-mode Advanced Programmable Interrupt Controller (APIC) addressing (not supported on systems with an 82489DX external APIC interrupt controller).
•
/MININT
•
This option is used by Windows PE (Preinstallation Environment) and causes the Configuration Manager to load the Registry SYSTEM hive as a volatile hive such that changes made to it in memory are not saved back to the hive image.
•
/NODEBUG
•
Prevents kernel-mode debugging from being initialized. Overrides the specification of any of the three debug-related switches, /DEBUG, /DEBUGPORT, and /BAUDRATE.
•
/NOEXECUTE
•
This option is only available on 32-bit versions of Windows when running on processors supporting no-execute protection. It enables no-execute protection (also known as Data Execution Protection - DEP), which results in the Memory Manager marking pages containing data as no-execute so that they cannot be executed as code. This can be useful for preventing malicious code from exploiting buffer overflow bugs with unexpected program input in order to execute arbitrary code. No-execute protection is always enabled on 64-bit versions of Windows on processors that support no-execute protection. There are several options you can specify with this switch:
•
/NOEXECUTE=OPTIN Enables DEP for core system images and those specified in the DEP configuration dialog.
•
/NOEXECUTE=OPTOUT Enables DEP for all images except those specified in the DEP configuration dialog.
•
/NOEXECUTE=ALWAYSON Enables DEP on all images.
•
/NOEXECUTE=ALWAYSOFF Disables DEP.
•
/NOGUIBOOT
•
Instructs Windows not to initialize the VGA video driver responsible for presenting bitmapped graphics during the boot process. The driver is used to display boot progress information, so disabling it will disable the ability of Windows to show this information.
•
/NOLOWMEM
•
Requires that the /PAE switch be present and that the system have more than 4 GB of physical memory. If these conditions are met, the PAE-enabled version of the Windows kernel, Ntkrnlpa.exe, won't use the first 4 GB of physical memory. Instead, it will load all applications and device drivers, and allocate all memory pools, from above that boundary. This switch is useful only to test device driver compatibility with large memory systems.
•
/NOPAE
•
Forces Ntldr to load the non-Physical Address Extension (PAE) version of the Windows kernel, even if the system is detected as supporting x86 PAEs and has more than 4 GB of physical memory.
•
/NOSERIALMICE=[COMx | COMx,y,z...]
•
Obsolete Windows NT 4 qualifier-replaced by the absence of the /FASTDETECT switch. Disables serial mouse detection of the specified COM ports. This switch was used if you had a device other than a mouse attached to a serial port during the startup sequence. Using /NOSERIALMICE without specifying a COM port disables serial mouse detection on all COM ports. See Microsoft Knowledge Base article Q131976 for more information.
•
/NUMPROC=
•
Specifies the number of CPUs that can be used on a multiprocessor system. Example: /NUMPROC=2 on a four-way system will prevent Windows from using two of the four processors.
•
/ONECPU
•
Causes Windows to use only one CPU on a multiprocessor system.
•
/PAE
•
Causes Ntldr to load Ntkrnlpa.exe, which is the version of the x86 kernel that is able to take advantage of x86 PAEs. The PAE version of the kernel presents 64-bit physical addresses to device drivers, so this switch is helpful for testing device driver support for large memory systems.
•
/PCILOCK
•
Stops Windows from dynamically assigning IO/IRQ resources to PCI devices and leaves the devices configured by the BIOS. See Microsoft Knowledge Base article Q148501 for more information.
•
/RDPATH=
•
Specifies the path to a System Disk Image (SDI) file, which can be on the network, that the system will use to boot from. Often used in conjunction with the /RDIMAGEOFFSET= flag to indicate to NTLDR where in the file the system image starts.
•
/REDIRECT
•
Introduced with Windows XP. Used to cause Windows to enable Emergency Management Services (EMS) that reports boot information and accepts system management commands through a serial port. Specify serial port and baudrate used in conjunction with EMS with redirect= and redirectbaudrate= lines in the [boot loader] section of the Boot.ini file.
•
/SAFEBOOT:
•
Specifies options for a safe boot. You should never have to specify this option manually, since Ntldr specifies it for you when you use the F8 menu to perform a safe boot. (A safe boot is a boot in which Windows only loads drivers and services that are specified by name or group under the Minimal or Network registry keys under HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot.) Following the colon in the option you must specify one of three additional switches: MINIMAL, NETWORK, or DSREPAIR. The MINIMAL and NETWORK flags correspond to safe boot with no network and safe boot with network support, respectively. The DSREPAIR (Directory Services Repair) switch causes Windows to boot into a mode in which it restores the Active Directory directory service from a backup medium you present. An additional option you can append is (ALTERNATESHELL), which tells Windows to use the program specified by the HKLM\SYSTEM\CurrentControlSet\ SafeBoot\AlternateShell value as the graphical shell rather than to use the default, which is Windows Explorer.
•
/SCSIORDINAL:
•
Directs Windows to the SCSI ID of the controller. (Adding a new SCSI device to a system with an on-board SCSI controller can cause the controller's SCSI ID to change.) See Microsoft Knowledge Base article Q103625 for more information.
•
/SDIBOOT=
•
Used in Windows XP Embedded systems to have Windows boot from a RAM disk image stored in the specified System Disk Image (SDI) file.
•
/SOS
•
Causes Windows to list the device drivers marked to load at boot time and then to display the system version number (including the build number), amount of physical memory, and number of processors.
•
/TIMERES=
•
Sets the resolution of the system timer on the standard x86 multiprocessor HAL (Halmps.dll). The argument is a number interpreted in hundreds of nanoseconds, but the rate is set to the closest resolution the HAL supports that isn't larger than the one requested. The HAL supports the following resolutions: Hundreds of nanoseconds Milliseconds (ms) 9766 0.98 19532 2.00 39063 3.90 78125 7.80 The default resolution is 7.8 ms. The system timer resolution affects the resolution of waitable timers. Example: /TIMERES=21000 would set the timer to a resolution of 2.0 ms.
•
/USERVA=
•
This switch is only supported on Windows XP and Windows Server 2003. Like the /3GB switch, this switch gives applications a larger address space. Specify the amount in MB between 2048 and 3072. This switch has the same application requirements as the /3GB switch and requires that the /3GB switch be present. Applies to 32-bit systems only.
•
/WIN95
•
Directs Ntldr to boot the Consumer Windows boot sector stored in Bootsect.w40. This switch is pertinent only on a triple-boot system that has MS-DOS, Consumer Windows, and Windows installed. See Microsoft Knowledge Base article Q157992 for more information.
•
/WIN95DOS
•
Directs Ntldr to boot the MS-DOS boot sector stored in Bootsect.dos. This switch is pertinent only on a triple-boot system that has MS-DOS, Consumer Windows, and Windows installed. See Microsoft Knowledge Base article Q157992 for more information.
•
/YEAR=
•
Instructs the Windows core time function to ignore the year that the computer's real-time clock reports and instead use the one indicated. Thus, the year used in the switch affects every piece of software on the system, including the Windows kernel. Example: /YEAR=2001. (This switch was created to assist in Y2K testing.)
Thanks to Jonas Fischer for pointing out the PCILOCK and NOSERIALMICE switches. Thanks to Rob Green for information on the FASTDETECT switch.
Top of pageTop of page
bootcfg.exe
{{{
D:\>bootcfg.exe /?
BOOTCFG /parameter [arguments]
Description:
This command line tool can be used to configure, query, change or
delete the boot entry settings in the BOOT.INI file.
Parameter List:
/Copy Makes a copy of an existing boot entry [operating
systems] section for which you can add OS options to.
/Delete Deletes an existing boot entry in the [operating
systems] section of the BOOT.INI file. You must specify
the entry# to delete.
/Query Displays the current boot entries and their settings.
/Raw Allows the user to specify any switch options to be
added for a specified boot entry.
/Timeout Allows the user to change the Timeout value.
/Default Allows the user to change the Default boot entry.
/EMS Allows the user to configure the /redirect switch
for headless support for a boot entry.
/Debug Allows the user to specify the port and baudrate for
remote debugging for a specified boot entry.
/Addsw Allows the user to add predefined switches for
a specific boot entry.
/Rmsw Allows the user to remove predefined switches for a
specific boot entry.
/Dbg1394 Allows the user to configure 1394 port debugging
for a specified boot entry.
/? Displays this help/usage.
Examples:
BOOTCFG /Copy /?
BOOTCFG /Delete /?
BOOTCFG /Query /?
BOOTCFG /Raw /?
BOOTCFG /Timeout /?
BOOTCFG /EMS /?
BOOTCFG /Debug /?
BOOTCFG /Addsw /?
BOOTCFG /Rmsw /?
BOOTCFG /Dbg1394 /?
BOOTCFG /Default /?
BOOTCFG /?
D:\>
}}}
clear crypto ipsec sa
sh ipsec sa
main: http://www.boxbackup.org/
wiki: http://www.boxbackup.org/trac/wiki
server configuration: http://www.boxbackup.org/trac/wiki/ConfiguringAServer
!!!Installation
# Procure an nslu2
# Install [[debian]] on the nslu2
## [[Change the hostname|Change Hostname Debian]]
# Install boxbackup-server on the nslu2
## Add this line {{{deb http://www.backports.org/debian etch-backports main contrib non-free}}} to your /etc/apt/sources.list.
## Run {{{apt-get update}}}
## Install backports keyring {{{apt-get install debian-backports-keyring}}}
## All backports are deactivated by default. If you want to install something from backports run: {{{apt-get -t etch-backports install “package”}}}
## run {{{aptitude -t etch-backuports install boxbackup-server}}}
### [[Example install output|install-output]]
!!!Server Configuration
# Debian automatically creates the user {{{bbstored}}}
# Create initial keys and configuration
## Run {{{/usr/sbin/bbstored-config}}}
## e.g. {{{/usr/sbin/bbstored-config /etc/boxbackup hostb.ath.cx bbstored}}}
## See [[bbstored-config output]]
# Initialize keys: {{{bbstored-certs}}}
### See [[bbstored-certs output]]
## [[Contents of /etc/boxbackup/ca|etc-boxbackup-ca]]
# Sign keys
## {{{bbstored-certs ca sign-server ./bbstored/boxbackup-server-cert-req.pem}}}
# Copy keys to /etc/boxbackup/bbstored/
## {{{hostb:/etc/boxbackup# cp ca/roots/clientCA.pem ./bbstored/}}}
## {{{hostb:/etc/boxbackup# cp ca/servers/hostb-cert.pem ./bbstored/}}}
# Create backup locations
## Edit /etc/boxbackup/raidfile.conf
### [[default raidfile.conf|default-raidfile-conf]]
### [[example raidfile.conf|example-raidfile-conf]]
!!!Install client on client computer
!!!Links
backports from http://backports.org/dokuwiki/doku.php?id=instructions
target directory should be disk number as it shws in disk mgmt
*Control Node Object Manager > Tools > Options
*Screenshot: http://screencast.com/t/z75H1P3s
!!!Confirm current alias entries
;alishow ["pattern"][,mode]
:{{{ alishow "*xp*"}}}
{{{
fcs11:FID128:admin> alishow "*xp*"
alias: xp_cl1a 50:06:0e:80:05:71:2a:00
alias: xp_cl1b 50:06:0e:80:05:71:2a:01
alias: xp_cl1e 50:06:0e:80:05:71:2a:04
alias: xp_cl1f 50:06:0e:80:05:71:2a:05
alias: xp_cl3a 50:06:0e:80:05:71:2a:20
alias: xp_cl3b 50:06:0e:80:05:71:2a:21
alias: xp_cl3e 50:06:0e:80:05:71:2a:24
alias: xp_cl3f 50:06:0e:80:05:71:2a:25
fcs11:FID128:admin>
}}}
!!!Create new alias
;alicreate "aliName", "member[; member...]"
:{{{alicreate "toc_bh2_hba2_port1", "10:00:00:00:c9:98:73:5f"}}}
!!!Create zone
;zonecreate "zonename", "member[; member...]"
:{{{zonecreate "toc_bh2_hba2_port1_xp_cl3e", "toc_bh2_port1; xp_cl3e"}}}
!!!Add zone to config
;cfgadd "cfgName", "member[; member]"
:{{{cfgadd "Test_cfg", "greenzone; bluezone"
}}}
!!!Save config
{{{
cfgsave
}}}
!!!Enable config
{{{
cfgEnable "USA_cfg"
}}}
{{{
chassisshow
}}}
{{{
configupload
configdownload
}}}
;zoneremove "zonename", "zoneMemberList"
:{{{zoneRemove "Blue_zone", "array2"}}}
; cfgremove "cfgName, "member[; member...]"
:{{{ cfgRemove "Test_cfg", "bluezone"}}}
show tech: {{{supportshow}}}
shutdown: {{{sysshutdown}}}
full reboot with POST: {{{reboot}}}
reboot without POST: {{{fastboot}}}
when zoning, use device port wwn, not device node wwn.
device node wwn is like a parent of device port, if you zone to the device node, then all of the device ports are in that zone, lose control of the zoning.
{{{
nszonemember -a
}}}
{{{
porterrshow
}}}
{{{
fcs11:FID128:admin> help
aaaconfig Configure RADIUS for AAA services
ad Specifies all administration domain (AD)-level
operations
ag Configure the Access Gateway feature
agshow Displays the Access Gateway information registered
with the fabric
agtcfgdefault Reset SNMP agent to factory default
aliadd Add a member to a zone alias
alicreate Create a zone alias
alidelete Delete a zone alias
aliremove Remove a member from a zone alias
alishow Print zone alias information
aptpolicy Get and set Advanced Performance Tuning policy
auditcfg Modifies and displays audit log filter
configuration.
auditdump Display audit log
authutil Get and set authentication configuration
backplanetest Backplane connection test for multi-blade systems.
backport Test for back-end ASIC pair to ASIC pair links.
bannerset Set security banner
bannershow Display security banner
bcastshow Display broadcast routing information
bladebeacon Enables or disables blade beaconing or displays the
current mode.
bladedisable Disables all user ports on a blade.
bladeenable Enables all User Ports on a blade.
bpportloopbacktest Functional test of port via blade processor path.
bpturboramtest MBIST test for AP blade BP ASICs
burninerrclear Clear errors that are stored in the non-volatile
storage
burninerrshow Display errors that are stored in the non-volatile
storage
burninstatus Display the diagnostics burnin status.
camtest Verify QuickLoop's Content Addressable Memory
(CAM).SID translation
centralmemorytest Test ASIC central memory operation.
cfgactvshow Display Effective zone configuration information
cfgadd Add a member to a configuration
cfgclear Clear all zone configurations
cfgcreate Create a zone configuration
cfgdelete Delete a zone configuration
cfgdisable Disable a zone configuration
cfgenable Enable a zone configuration
cfgmcdtmode Configure legacy MCDT zoning behavior
cfgremove Remove a member from a configuration
cfgsave Save zone configurations in flash
cfgsaveactivetodefined Moves the effective configuration to the defined
configuration
cfgshow Print zone configuration information
cfgsize Print size details of zone database
cfgtransabort Abort zone configuration transaction
cfgtransshow Print zone configurations in transaction buffer
chassisbeacon Set chassis beacon on or off
chassisconfig Display or set the chassis configuration
chassisdisable Disable all ports in chassis
chassisenable Enable all ports in chassis
chassisname Display or set the chassis's Name
chassisshow Display all Field Replaceable Units (FRU)
chipregshow Displays the port registers for a given chip
number.
clihistory Displays a log of most recently executed CLI
commands
cmemretentiontest Data retention test of the central memory SRAMs.
cmitest Verify CMI bus between ASICs.
configdefault Reset config to factory default
configdownload Load switch config from a server
configlist List the stored config files
configremove Remove a stored config file
configshow Print switch config parameters
configupload Save switch config to a server
configure Set logical switch config parameters
configurechassis Set chassis config parameters
cryptocfg Configure encryption node functions
datatypeshow Display available diagnostic data types.
date Print/set the system date and time
dbgshow Display debug levels of various modules
defzone Activates or deactivates a default zone
configuration.
diagclearerror Clears diagnostics failure status.
diagcommandshow Display diagnostic command descriptions.
diagdisablepost Disable diagnostic POST.
diagenablepost Enable diagnostic POST.
diagenv Diagnostic debug parameters management package.
diaghelp Display diagnostic command descriptions.
diagloopid Select the diagnostics loop ID.
diagmodeshow Displays diagnostic mode configuration.
diagpost Displays the contents of port registers and
memories.
diagretry Sets diagnostic retry mode
diagsetburnin Initializes the blade for a burnin run.
diagsetcycle Set diagnostic script parameters.
diagsetesdmode Set or display ESD mode.
diagsetshowtime Set or display diagnostic show-time mode.
diagshow Display diagnostic status.
diagshowtime Set or display diagnostic show-time mode.
diagstatus Display currently running diagnostic tests.
diagstopburnin Terminate burnin run on a blade.
distribute Distributes data to switches in a fabric.
dlsreset Turn off the dynamic load sharing (DLS) option
dlsset Turn on the dynamic load sharing (DLS) option
dlsshow Display the state of the dynamic load sharing
option
dnsconfig Configure DNS service
enclosureshow Display the switch enclosure attributes
errclear Clear error log
errdelimiterset Sets the error log start and end delimiter for
messages sent to the console and syslog
errdump Print error log (no page breaks)
errfilterset Sets a filter for an error log destination
errmoduleshow Displays all the defined modules in the system
errshow Print error log
fabportshow Display contents of a particular port's data
fabretryshow Display retry count of various fabric commands
fabriclog Displays or manipulates the fabric log
fabricprincipal Configure Principal Switch Selection mode
fabricshow Print fabric membership info
fabstateclear Clears the fabric state information
fabstateresize Changes the number of state entries
fabstateshow Displays the fabric state information
fabstatsshow Displays the fabric statistics information
fabswitchshow Display fabric switch state information
fandisable Disables a fan unit.
fanenable Enables a fan unit.
fanshow Print fan status
fastboot Reboot this switch and bypass POST
fastwritecfg Configure FC fastwrite feature
fcipchiptest Functional Test of Components in FCIP Complex.
fciphelp Print FCIP help info
fcippathtest Data Path Test of the FCIP complex.
fcping Sends a FC ELS ECHO request to a port
fcplogclear Clear the FCP log
fcplogdisable Disable logging of FCP events
fcplogenable Enable logging of FCP events
fcplogshow Display FCP probing log information
fcpprobeshow Display FCP probing information
fcprlsshow Display FCP RLS (read link state) information
fcrbcastconfig Configure interfabric broadcast frame forwarding
fcrchiptest Functional Test of FCR FPGA.
fcrconfigure Sets FC Router configuration parameters.
fcrfabricshow Displays FC Routers on a backbone fabric.
fcrlsan Configure LSAN policies
fcrlsancount Display maximum LSAN zone limit.
fcrlsanmatrix Manage LSAN fabric matrix configuration.
fcrpathtest Data Path Test on Connection between FCR FPGA and
Central ASIC.
fcrphydevshow Displays FC Router physical device information.
fcrproxyconfig Displays or configures proxy devices presented by
an FC Router.
fcrproxydevshow Displays FC Router proxy device information.
fcrresourceshow Displays FC Router physical resource usage.
fcrrouterportcost Modify FC Router port cost configuration.
fcrrouteshow Displays FC Router route information.
fcrxlateconfig Displays or persistently configures a translate
(xlate) domain's domain ID for both
EX_Port-attached fabric and backbone fabric.
fddcfg fddcfg manages the fabric data distribution
configuration parameters.
fdmicacheshow Display abbreviated remote FDMI device information
according to remote domain ID
fdmishow Display detailed FDMI device information
ficonclear Clears contents of the specified FICON management
database
ficoncupset Sets FICON-CUP parameters for a switch
ficoncupshow Displays FICON-CUP parameters for a switch
ficonhelp Displays FICON commands
ficonshow Displays contents of the specified FICON management
database
filtertest Run frame filter test for bloom ASICs.
fipscfg Configure FIPS mode operation
firmwarecommit Commit firmware to stable storage
firmwaredownload Download firmware into switch
firmwaredownloadstatus Display the progress and status of firmwareDownload
firmwarekeyshow Manage the keys used to check firmware signatures
firmwarekeyupdate Manage the keys used to check firmware signatures
firmwarerestore Restore the old firmware in the switch
firmwareshow Display firmware versions in the switch
fosconfig Enable/disable FabOS services
fosexec Invoke command in alternate VF context
fporttest Functional test of F->N N->F point to point path.
framerpathtest Tests data path between ASICs
frureplace Replace a Field Replacable Unit
fspfshow Print FSPF global information
fwalarmsfilterset Configure alarms filtering for Fabric Watch
fwalarmsfiltershow Show alarms filtering for Fabric Watch
fwclassinit Initialize all Fabric Watch classes
fwconfigreload Reload Fabric Watch configuration
fwconfigure Configure Fabric Watch
fwfrucfg Configure FRU state and notification
fwhelp Print Fabric Watch help info
fwmailcfg Configure Fabric Watch Email Alert
fwportdetailshow Create a report with detailed port information
fwsamshow Show availability monitor information
fwset Set port persistence time
fwsettocustom Set boundary & alarm level to custom
fwsettodefault Set boundary & alarm level to default
fwshow Show thresholds monitored and port persistence time
grep Linux grep command
h Print shell history
hadisable Disables the High Availability feature in the
switch.
hadump Displays information about the status of the High
Availability feature in the switch.
haenable Enables the High Availability feature in the switch
hafailover Forces the failover mechanism so that the Standby
Control Processor (CP)becomes the Active CP.
hashow Displays control processor (CP) status
hasyncstart Enables HA state synchronization.
hasyncstop Disables the HA state synchronization.
help Print this list
historylastshow Displays last history record
historymode Display or set the mode of the history log
historyshow Displays entire history log
httpcfgshow Used to show the version of the Java plug-in used
by the Webtools
i Display process summary
iclcfg Configure ICL state
ifmodeset Set the link operating mode for a network interface
ifmodeshow Display the link operating mode for a network
interface
interfaceshow Display the FSPF (TM) interface information
interopmode Displays/enables/disables Brocade switch
interoperability with switches from other
manufacturers
ioddelayreset Configure in-order-delivery (IOD) delay parameter
ioddelayset Configure in-order-delivery (IOD) delay parameter
ioddelayshow Configure in-order-delivery (IOD) delay parameter
iodreset Turn off the in-order delivery (IOD) option
iodset Manage the in-order delivery (IOD) option
iodshow Display the state of the in-order delivery option
ipaddrset Set ethernet and FC IP addresses
ipaddrshow Print ethernet and FC IP addresses
ipfilter Manage/display IP filters
ipsecconfig Configure IPSec feature
iscsihelp Print iSCSI help info
islshow Display the current connections and status
killtelnet Terminate telnet/serial login sessions
interactively
ldapcfg Configure LDAP role mapping
ledtest Cycle system LEDs.
lfcfg Configure logical fabrics
lfexec Invoke command in alternate VF context
licenseadd Adds license keys to switch
licensehelp Print license help info
licenseidshow Displays the system license ID
licenseport Configure per-port POD license assignments
licenseremove Removes a license key from this system
licenseshow Displays current license keys
linkcost Set or print the FSPF cost of a link
login Login as a new user
logout Logout from remote session
loopporttest Functional test of L-port M->M path on a loop.
lscfg Configure logical switches
lsdbshow Displays the FSPF link state database
memshow Display memory usage in the system.
minispropshow Displays ASIC pair properties.
more Linux more command
mscapabilityshow Display Management Server Capability.
msconfigure Configure Management Server
msplatshow Display the Management Server Platform Database
msplatshowdbcb Display the Management Server Database Control
Block
msplcleardb Clear the Management Server Platform Database
fabric-wide
msplmgmtactivate Activate the Management Server Platform Database
fabric-wide
msplmgmtdeactivate Deactivate the Management Server Platform Database
fabric-wide
mstddisable Disables the Management Server Topology Discovery
Management Service
mstdenable Enables the Management Server Topology Discovery
Management Service
mstdreadconfig Display status of Management Server Topology
Discovery Service
myid Display the current login session details
nbrstateshow Display FSPF (TM) neighbors' states
nbrstatsclear Reset the FSPF (TM) interface counters
netstat Display network connections and statistics
nodefind Display all the devices' PID matching the given
world wide name
nsaliasshow Display local Name Server information with Aliases
nsallshow Print global Name Server information
nscamshow Print local Name Server Cache information
nsshow Print local Name Server information information
nszonemember Display the information of all the online devices
which are zoned with the given device.
opensource Display information on open source software
utilized in FabOS
passwd Set usernames and passwords
passwdcfg passwdcfg manages the password policies.
pathinfo Display routing information between two ports
pdshow Show information from Panic Dump file
perfaddeemonitor Add end-to-end monitor
perfaddipmonitor Add monitor for IP trafic frame count
perfaddreadmonitor Add filter-based monitor - SCSI Read
perfaddrwmonitor Add monitor - SCSI Read and Write
perfaddscsimonitor Add monitor for SCSI frame count
perfaddusermonitor Add filter-based monitor
perfaddwritemonitor Add filter-based monitor - SCSI Write
perfcfgclear Clear Performance settings from FLASH
perfcfgrestore Restore Performance configuration from FLASH
perfcfgsave Save Performance configuration to FLASH
perfclearalpacrc Clears the CRC error count associated with a port
and Arbitrated Loop Physical Address (AL_PA).
perfcleareemonitor Clears statistics counters of one or more
end-to-end performance monitors.
perfclearfiltermonitor Clears counters of one or more filter-based
performance monitors.
perfdeleemonitor Delete end-to-end monitor
perfdelfiltermonitor Delete filter-based monitor
perfhelp Print Performance Monitoring help info
perfmonitorclear Clear end-to-end/filter-based/ISL monitors
perfmonitorshow Show end-to-end/filter-based/ISL monitors
perfsetporteemask Set overall mask for end-to-end monitors
perfshowalpacrc Get ALPA CRC count by port and ALPA
perfshoweemonitor Show user-defined end-to-end monitors
perfshowfiltermonitor Show filter-based monitors
perfshowporteemask Show the current end-to-end mask
perfttmon Configure bandwidth usage monitor
ping Display the link operating mode for a network
interface
ping6 Display the link operating mode for a network
interface
pkicreate Creates public key infrastructure (PKI) objects
pkiremove Removes existing public key infrastructure (PKI)
objects
pkishow Displays existing public key infrastructure (PKI)
objects
policy Configure IPSec encryption and authentication
algorithms
portaddress Configure low 16 bits of Fibre Channel Porrt ID
portalpashow Show the ALPAs of a port
portbuffershow Print the buffer allocations for the ports of a
quad
portcamshow Display filter utilization
portcfg Create/Delete a new ip interface/route/arp entry on
the GigE port
portcfgalpa Set AL_PA to 0x0 (default) or 0x13
portcfgautodisable Configure auto disable
portcfgcreditrecovery Configure credit recovery
portcfgdefault Restore the port configuration to defaults
portcfgeport Enable/Disable a port from becoming E_Port
portcfgexport Sets a port to be an EX_Port and sets and displays
EX_Port configuration parameters.
portcfgfillword Configure a port to a particular fill word
portcfgfportbuffers Configure F_Port buffers
portcfggport Lock a port as a G_Port
portcfgislmode Configure a port to be ISL R_RDY Mode
enabled/disabled
portcfglongdistance Configure a Long Distance Port
portcfglosstov Configure frontend port signal debounce
portcfglport Lock a port as a L_Port
portcfgnpivport Enables and disables NPIV functionality on a port.
portcfgnport Enable/disable N_Port capability for a port
portcfgpersistentdisable Persistently disable a port
portcfgpersistentenable Enable a persistently disabled port
portcfgqos Configure QoS feature
portcfgshow Displays port configuration settings.
portcfgspeed Configure a port to a particular speed level
portcfgtrunkport Configure a port for trunking
portcfgvexport Sets a port to be an VEX_Port connected to FC-IP
and sets and displays VEX_Port configuration
parameters.
portcmd Execute commands (ping etc) on the GigE port
portdebug Set debug level and verbosity level of port modules
portdisable Disable a specified port
portenable Enable a specified port
porterrshow Print port error summary
portflagsshow Display the port status bitmaps of all ports in a
switch
portledtest Cycle user port LEDs.
portlogclear Clear port activity log
portlogconfigshow Display portlog configuration
portlogdisable Disable portlog facility
portlogdump Print port log (no page breaks)
portlogdumpport Print port log (no page breaks)
portlogenable Enables port log facility
portlogeventshow Display information about port log events
portloginshow Display port login information
portlogpdisc Set or clear the debug_pdisc_flag
portlogreset Enable portlog facility
portlogresize Resize the port log
portlogshow Print port activity log
portlogshowport Print port activity log
portlogtypedisable Disable port logging
portlogtypeenable Enable port logging
portloopbacktest Functional test of port N->N path.
portmirror Set a port's configuration to be disabled or
enabled
portname Assign or display the name associated with a port
portperfshow Print port throughput numbers
portregtest Write/read test of the ASIC SRAMs portregtest.
portrouteshow Display various routing tables for a port
portshow Show configured ip interfaces/routes/arp entries on
the GigE Port
portstats64show Display the 64-bit hardware statistics for a port
portstatsclear Clear the status of a specified switch port
portstatsshow Print hardware statistics
portswap Swaps area numbers
portswapdisable Disable portswap feature
portswapenable Enable portswap feature
portswapshow Display port and area information
porttest Functional test on a live fabric. Starts porttest.
porttestshow Retreive information from porttest.
porttrunkarea Configure area trunking
portzoneshow Displays the enforced zone type of the F/FL-ports
of a switch.
powerofflistset sets slot power off list order
powerofflistshow Displays slot power-off order.
psshow Print power supply status
quietmode Displays/enables/disables quietmode on telnet
session
reboot Reboot this processor
routehelp Print routing help info
saschiptest Functional Test of Components in SAS Complex.
saspathtest Data Path Test of the SAS complex.
secactivesize Displays size of the active (security) database
secauthsecret Creates/Manages DHCHAP secret key details
seccertutil Creates/Manages/Displays third party PKI
certificates
secdefinesize Displays size of the defined (security) database
secglobalshow Displays current internal security state
information
sechelp Displays information about security commands
secpolicyabort Aborts changes to defined policy
secpolicyactivate Activates all policy sets
secpolicyadd Adds members to an existing policy
secpolicycreate Creates a new policy
secpolicydelete Deletes an existing policy
secpolicydump Displays all members of existing policies
secpolicyfcsmove Moves a member in the FCS policy
secpolicyremove Removes members from an existing policy
secpolicysave Saves defined policy set and sends to all switches
secpolicyshow Shows members of one or more policies
secstatsreset Resets security statistics
secstatsshow Displays security statistics
sensorshow Display sensor readings
setdbg Set debug level of the specified module
setesdmode Set or display ESD mode.
setmfgmode Set or display diagnostic MFG mode.
setmodem Enables or disables modem login to a control
processor (CP)
setsplbmode Set or display SPLB mode.
setverbose Set verbosity level of the specified module
sfpshow Print Serial ID SFP information
shellflowcontroldisable Disable xon-xoff flow control on console serial
port
shellflowcontrolenable Enable xon-xoff flow control on console serial port
slotpoweroff Removes power from a slot.
slotpoweron Restores power to a slot.
slotshow Displays the status of all slots in the system.
sltest Serial link test of port N->N path.
snmpconfig Configure SNMP
snmpmibcapset Set options for configuring SNMP Mib/Trap
Capability
snmpmibcapshow Show SNMP Mib/Trap Configuration
spinfab Functional test of switch to switch ISL cabling and
trunk group operation.
spinjitter line-speed jitter measurement
spinsilk Functional test of internal and external transmit
and receive paths at full speed
sramretentiontest Data retention test of the miscellaneous SRAMs in
ASIC.
sshutil Configure SSH authentication options
statsclear Clear port and diagnostic statistics.
statstest Statistics counter test for the ASICs.
stopporttest Terminate the running porttest.
supportffdc Modifies or displays first-failure data capture
(FFDC) configuration.
supportftp set support Ftp parameters
supportsave retrieve support data from switch to host
supportshow Prints switch information for debugging purposes.
supportshowcfgdisable Disables a group of commands under supportshow
command.
supportshowcfgenable Enables a group of commands under supportshow
command.
supportshowcfgshow Displays the groups of commands enabled for
display. by the supportshow command.
switchbeacon Set switch beacon on or off
switchcfgpersistentdisable Persistently disable a switch
switchcfgpersistentenable Enable a persistently disabled switch
switchcfgspeed Configures all ports of the switch to a particular
speed level
switchcfgtrunk Configure all ports on the switch for trunking
switchdisable Disable this switch
switchenable Enable this switch
switchname Print/set this switch's name
switchshow Print switch and port status
switchstatuspolicyset Set policy parameters for overall switch status
switchstatuspolicyshow Print policy parameters for overall switch status
switchstatusshow Print overall switch status
switchuptime Display the amount of time for which the switch is
up
switchviolation Display policy violations recorded in RAS log
syslogdfacility Change the syslog facility
syslogdipadd Add syslog daemon IP address
syslogdipremove Remove syslog daemon IP address
syslogdipshow Print the syslog daemon targets
sysshutdown Provides a graceful shutdown to protect the switch
file systems.
systemverification Run a suit of diagnostic tests on all switches in a
system.
tempshow Print temperature readings
timeout Set/show the IDLE timeout value for a login session
topologyshow Display the unicast fabric topology
tracedump generate/remove trace dump or display trace dump
status
traceftp enable/disable trace auto-FTP or transfer trace
dump
trackchangeshelp Print Track Changes help info
trackchangesset Configure alert for login/logout/config update
trackchangesshow Displays status of track changes
trunkdebug Debug a trunk link failure
trunkshow Display trunking information
tsclockserver Displays or sets the NTP server address
tstimezone Displays or sets the time zone
turboramtest Turbo SRAM test for bloom ASICs.
txdpath Functional test of ASIC pair TXA TXD connections.
uptime Print how long switch has been up
urouteconfig Configure a static route
urouteremove Remove a static route
urouteshow Display unicast routing information
usbstorage Manage USB storage device (available on Brocade
Data Center Director only).
userconfig Display or configure user accounts
userrename Rename user login name
version Print firmware version
wwn Display or set the world wide name
zone Configure zone objects
zoneadd Add a member to a zone
zonecreate Create a zone
zonedelete Delete a zone
zonehelp Print zoning help info
zoneobjectcopy Copies a zone object
zoneobjectexpunge Expunges a zone object
zoneobjectrename Rename a zoning Object
zoneremove Remove a member from a zone
zoneshow Print zone information
}}}
CPE: customer premise equipment
{{{(FileSizeMegabyte*8Megabits/Megabyte)/(TransferSpeedMegabit/Second)/(60Seconds)=TransferTimeMinutes}}}
Does not take into account overhead (TCP/IP or VPN or other).
{{{
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}]
@="Computer"
"InfoTip"=hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,\
6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,\
00,73,00,68,00,65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,2c,00,\
2d,00,32,00,32,00,39,00,31,00,33,00,00,00
"LocalizedString.orig"=hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,\
52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,\
00,32,00,5c,00,73,00,68,00,65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,2c,00,2d,00,39,00,32,00,31,00,36,00,00,00
"LocalizedString"=hex(2):25,00,63,00,6f,00,6d,00,70,00,75,00,74,00,65,00,72,00,\
6e,00,61,00,6d,00,65,00,25,00,3a,00,3a,00,25,00,75,00,73,00,65,00,72,00,6e,\
00,61,00,6d,00,65,00,25,00,20,00,00,00
}}}
edit /etc/hostname
edit /etc/hosts
{{{
Control A Goes to the beginning of the line
Control E Goes to the end of the line
Control K Deletes everything to the right of the cursor
Control P Recalls the previous command in the history buffer
Control N Recalls the next command in the history buffer
}}}
From http://blogs.techrepublic.com.com/networking/?p=569
by David Davis
{{{
Why do you need to secure your router with passwords?
The question you might ask is: Doesn’t the router already have default passwords? The answer is NO, it doesn’t. There is no automatic password defense that comes with your router.
As a Cisco admin, this should be taken very seriously. It is so important and so easy to set up passwords.
First, let’s discuss the different modes of the Cisco IOS. They are set up in a hierarchical manner, which means that the deeper the access, the more privilege you have and, hopefully, the more passwords you have set up for each level. For additional information on security for your router, please see another of my TechRepublic articles, “Fundamentals: Five Ways to Secure Your Cisco Routers and Switches.”
What are the three modes of the Cisco IOS?
Before I can tell you how to secure your router with passwords, I need to first make sure you know the three modes of the Cisco IOS. They are:
User: In User mode, basic interface information on the router is displayed. Well-known Cisco CCNA author, Todd Lammle, once called the user mode “useless mode” because no configuration changes can be made, nor can you view anything important at this level. It is also called user exec mode.
Privileged: Sometimes called the privileged exec (or just priv mode), configuration views and changes are made at this level. In my opinion, this is the first point at which it is absolutely critical to have a password set (although you should have password access even at user mode). To move from user mode to priv mode, you just type enable while in user exec mode and press [Enter]:
Router> enable
Router#
Global Configuration: From the exec priv mode, we can now access the global configuration mode. This is where you would make changes that would affect your whole router, including configuration changes. You will need to step in a little deeper in the router’s commands to make changes to your configuration.
Here’s an example of how to access that mode:
Router# configure terminal
Router(config)#
Note: you can also just type conf t.
How to configure the five main passwords of the Cisco IOS
The five main passwords of the Cisco IOS are:
* Console
* Aux
* VTY
* Enable password
* Enable secret
Console
If you have no password set on the router’s console, by default, you can access user mode (and then on to the other modes if no passwords are set there either). The console port is where you would initially start to configure a new router. It is critical to set a password on the console port of the router to protect someone from physically walking up to the router, connecting, and gaining access to user mode (and, potentially, much more).
Because there is only one console port per router, you would use the command line console 0 in global configuration mode, and then use the login and password commands to finish up the configuration. The command, login, tells the router to look under the console line configuration for the password. The command, password, sets the actual password.
Here is what it looks like:
Router# config t
Router(config)# line console 0
Router(config-line)# password SecR3t!pass
Router(config-line)# login
Note: Complex passwords are important to keep someone from guessing your password.
Aux
This is short for auxiliary port. This is also a physical access port on the router. Not all routers have this port. As the aux port is a backup configuration port for the console, it is equally important to configure a password on it.
Router# config t
Router(config)# line aux 0
Router(config-line)#password SecR3t!pass
Router(config-line)# login
VTY
The “virtual tty” line is not a physical connection, but a virtual connection. You would use this line to Telnet or SSH into the router (for SSH configuration, see my article “Configure SSH on Your Cisco Router“). Of course, you would need to have an active LAN or WAN interface set up on your router for Telnet to work. As different routers and switches can have a different number of vty ports, you should see how many you have before you configure them. To do this, just type line ? in privileged mode.
Here’s an example of configuring vty lines:
Router# config t
Router(config)# line vty 0 4
Router(config-line)# password SecR3t!pass
Router(config-line)# login
Enable password
The enable password prevents someone from getting full access to your router. The enable command is actually used to change between different security levels on the router (there are 0-15 levels of security). However, it is typically used to go from user mode (level 1) to privileged mode (level 15). In fact, if you are at user mode and you just type enable, it assumes you want to go to privileged mode.
To set a password to control access from user mode to privileged mode, go to the global configuration mode and use the enable password command, like this:
Router# config t
Router(config)# enable password SecR3t!enable
Router(config)# exit
The downside of the enable password is that it can be easily unencrypted by someone, and that is why you should use enable secret instead.
Enable secret
The enable secret password has the same function as the enable password, but with enable secret, the password is stored in a much stronger form of encryption:
Router(config)# enable secret SecR3t!enable
Conclusion
I’ve introduced you to the different modes of the Cisco IOS and the five different types of passwords you need to set to ensure that your Cisco router or switch is secure. Remember that, many times, entire networks can be brought down due to the lack of simple password security. Make sure that your Cisco router and switch passwords are set properly.
}}}
Hi Marc,
For version 7.x you may collect tunnel info w/
show vpn-sessiondb detail remote
The command to clear one tunnel at a time is:
clear ipsec sa peer <remote_public_ip>
This will not affect or break all other tunnel's running simultaneouly on your pix.
I'm not aware of any command doing this in previous ver. (except clear isakmp sa/clear ipsec sa that you have mentionned earlier).
HTH
Mike
To remove the entire access list, use the clear configure access-list command.
/***
|Name:|CloseOnCancelPlugin|
|Description:|Closes the tiddler if you click new tiddler then cancel. Default behaviour is to leave it open|
|Version:|3.0.1 ($Rev: 3861 $)|
|Date:|$Date: 2008-03-08 10:53:09 +1000 (Sat, 08 Mar 2008) $|
|Source:|http://mptw.tiddlyspot.com/#CloseOnCancelPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License:|http://mptw.tiddlyspot.com/#TheBSDLicense|
***/
//{{{
merge(config.commands.cancelTiddler,{
handler_mptw_orig_closeUnsaved: config.commands.cancelTiddler.handler,
handler: function(event,src,title) {
this.handler_mptw_orig_closeUnsaved(event,src,title);
if (!store.tiddlerExists(title) && !store.isShadowTiddler(title))
story.closeTiddler(title,true);
return false;
}
});
//}}}
Name: MptwGreen
Background: #fff
Foreground: #000
PrimaryPale: #9b9
PrimaryLight: #385
PrimaryMid: #031
PrimaryDark: #020
SecondaryPale: #ffc
SecondaryLight: #fe8
SecondaryMid: #db4
SecondaryDark: #841
TertiaryPale: #eee
TertiaryLight: #ccc
TertiaryMid: #999
TertiaryDark: #666
Error: #f88
This doesn't work on a stand-alone server.
How to Rename a Computer
1. Install Windows Server 2003 Support Tools from the Support\Tools folder on the Windows Server 2003 CD-ROM. (To do this, right-click the Suptools.msi file in the Support\Tools folder, and then click Install.)
2. At a command prompt, type the following command.NOTE: The following command line has been wrapped to multiple lines to make it easier to read. Enter the command as a single line.
netdom renamecomputer Computername /newname:new_computername
/userd:domain\UserName /passwordd:password |* /usero:UserName
/passwordo:password |* /force /reboot:Time in seconds
The following is a description of this command line:
• Computername: The current name of the computer to be renamed.
• New_computername: The name that the computer will be renamed to. Both the Domain Name System (DNS) host label and the NetBIOS name are changed to the new name. If the new name is longer than 15 characters, the NetBIOS name is derived from the first 15 characters.
• /userd:Domain\UserName: The user account to be used for the destination domain. This account is used to make the connection with the domain to which the computer is joined. This parameter is required, and if no domain is specified, the computer's domain is assumed.
• /usero:UserName: A user account to be used for the originating domain that has local administrative permissions (this can be the same account specified for /userd:). This account is used to make the connection with the computer to be renamed. If omitted, the currently logged on user's account is used. The user's domain can be specified as "/uo:domain\user". If the domain is omitted, a local computer account is assumed.
• /passwordd: password: The password of the user account specified by /userd.
• /passwordo: password: The password of the user account specified by /usero.
The asterisk symbol (*): A value that can be connected to either /passwordd or /passwordo and which indicates to prompt for the password.
• force: This command can adversely affect some services running on the computer. The user will be prompted for confirmation unless the /force switch is specified.
• Reboot: This specifies that the computer should be shut down and automatically restarted after the rename operation is completed. The number of seconds before automatic shutdown can also be provided. The default is 30 seconds. If this parameter is not specified, the computer must be restarted manually.
For example, assume that you have a workstation named "Mycomputer" that is a member of a domain named "Mydomain." You want to change the workstation name to "Yourcomputer," and then automatically restart the workstation after 60 seconds. You can use the following command.
NOTE: The following command-line syntax has been wrapped to multiple lines to make it easier to read. You must enter the command as a single line.
netdom renamecomputer mycomputer /newname:yourcomputer
/userD:mydomain\administrator /passwordd:*
/usero:administrator /passwordo:* /reboot:60
The following warning message may be displayed and you may be prompted about whether or not you want to continue:
This operation will rename the computer "Mycomputer" to "Yourcomputer". Certain services, such as certification authority, rely on a fixed computer name. If any services of this type are running on "Mycomputer", a computer name change would have an adverse impact.
If you do not want to be prompted to continue, include the /force switch when you enter the netdom command in addition to the other parameters.
http://support.microsoft.com/kb/325354
//{{{
config.options.chkHttpReadOnly = false; // means web visitors can experiment with your site by clicking edit
config.options.chkInsertTabs = true; // tab inserts a tab when editing a tiddler
config.views.wikified.defaultText = ""; // don't need message when a tiddler doesn't exist
config.views.editor.defaultText = ""; // don't need message when creating a new tiddler
//}}}
#Enable "Use Directory Default Schema"
#Enter value for "Directory Server Address"
#Enter value for "Directory User Context 1"
##This should be the DN (distinguished name) of the OU that holds the accounts that are going to authenticate. You can find the DN via dsquery [[Determine Distinguished Name from Command Line]]
#Click on "Apply Settings" button
#Click on "Administer Groups" button
#Select the group "Administrators"
#Click on "View/Modify" button
##Select the "Allowed" button for all options
##Enter in the DN of the security group that the accounts must be a member of in order to authenticate.
!!!Links
http://www.dynamicnetworks.us/netflow/index.html
http://www.velocityreviews.com/forums/t33339-stopping-traceroute.html
{{{echo %date:~-4,4%%date:~-7,2%%date:~10,2%-%time:~0,2%%time:~3,2%}}}
{{{
C:\>echo %date:~-4,4%%date:~-7,2%%date:~10,2%-%time:~0,2%%time:~3,2%
20102820-1545
}}}
add a tilde before the word:
output:
DeWikiFy
~DeWikify
code:
{{{
DeWikiFy
~DeWikify
}}}
#open cmd
#cd to path
#drop to 16bit command.com {{{command}}}
#copy and paste
{{{
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\WINDOWS\system32>cd \progra*
C:\Program Files>cd hew*
C:\Program Files\Hewlett-Packard>cd san*
C:\Program Files\Hewlett-Packard\Sanworks>cd el*
C:\Program Files\Hewlett-Packard\Sanworks\Element Manager for StorageWorks HSV>command
Microsoft(R) Windows DOS
(C)Copyright Microsoft Corp 1990-2001.
C:\PROGRA~1\HEWLET~1\SANWORKS\ELEMEN~1>
}}}
From: http://windowspeople.com/brocade/brocadehow-to-find-out-the-model-brocade-switch-from-a-switchshow/supportshow.html
{{{
[Brocade]How to find out the model Brocade Switch from a Switchshow/Supportshow? Print E-mail
Tag it:
Delicious
Furl it!
Spurl
NewsVine
Reddit
YahooMyWeb
Technorati
To find out the switch model (Brocade), you can either run a switchshow or open supportshow output and located the "switchType". Below is a switchshow output(for security reason the output is truncted)Type:9.2 is a DS-16b2 switch with revision 2 of the motherboard
DIR1:root> switchshow
switchName: DIR3
switchType: 42.2
switchState: Online
switchMode: Native
switchRole: Subordinate
switchDomain: 3
switchId: fffc03
switchWwn: 10:00:00:00:00:00:00:00
zoning: ON (COMP_FABRIC_A)
switchBeacon: OFF
blade1 Beacon: OFF
blade2 Beacon: OFF
blade3 Beacon: OFF
blade4 Beacon: OFF
blade7 Beacon: OFF
blade8 Beacon: OFF
blade9 Beacon: OFF
blade10 Beacon: OFF
For the appropriate switchtype entry, see the below chart for description of the switch:
switchType – <model_type>.<motherboard_revision_level> The model types are as follows: 1.x = Brocade SilkWorm 1000 series 2.x = DS-16B / Brocade SilkWorm 2800 series 3.x = DS-8B / Brocade SilkWorm 2400 series 4.x = Brocade SilkWorm 20x0;
5.x = Brocade SilkWorm 22x0;
6.x = DS-16B / Brocade SilkWorm 3800 Series (Includes parity checking on all paths)
7.x = SCB
9.x = DS-16B2 / Brocade SilkWorm 3800 series
10.x = ED-12000B / Brocade SilkWorm 12000 switch blade
12.x = DS-32B2 / Brocade SilkWorm 3900 series
16.x = DS-8B2 / Brocade SilkWorm 3200 series
17.x = Brocade SilkWorm 3800VL series
18.x = Brocade SilkWorm 3000 series
21.x = ED-24000B / Brocade 24000 switch blade
22.x= Brocade SilkWorm 3016 2GB Embedded Switch for IBM and Intel Blade Servers
26.x = DS-16B3 / Brocade 3850 series
27.x = DS-8B3 / Brocade 3250 series
29.x= Brocade SilkWorm 4012 4GB Embedded Switch for HP Blade Servers
32.x = DS-4100B / Brocade Silkworm 4100 series
33.x = Brocade SilkWorm 3014 2GB Embedded Switch for Dell, Fujitsu-Siemens and Hitachi Blade Servers
34.x = DS-220B / Brocade 200E
36.x = PB-48000-18i / Brocade SilkWorm FR4-18i 48000 Director Blade
37.x = Brocade SilkWorm 4020 4GB Embedded Switch for IBM and Intel Blade Servers
38.0 = AP-7420
40.x= Fibre Channel Routing (FCR) Front Domain
41.x= Fibre Channel Routing (FCR) Xlate Domain
42.2 = ED-48000B / Brocade Silkworm 48000 series
43.x = Brocade SilkWorm 4024 4GB Embedded Switch for NEC Blade Servers
44.x = DS-4900 / Brocade SilkWorm 4900 series
45.x = Brocade SilkWorm 4016 4GB Embedded Switch for Hitachi Blade Servers
46.x = MP-7500B / Brocade SilkWorm 7500 series
47.x = PB-48K-16IP / Brocade SilkWorm FC4-16IP 48000 Director Blade
51.x = Brocade SilkWorm 4018 4GB Embedded Switch for Blade Servers
55.x = Brocade SilkWorm FA4-18 48000 Director Blade
55.2 = AP7600B / Brocade SilkWorm 7600 series
58.x = DS-5000B / Brocade SilkWorm 5000 series
SwitchBlade: If the model type shows up as switchblade this is the Blade Server sold by IBM, which is a 4.x OS switch on a blade that is installed into and IBM server. We have qualified this but do not sale it directly.
The motherboard revision level varies per type. ex: switch
And it's not difficult to see that the output above is Brocade Silkworm 48000.
1 Brocade 1000 Switches
2,6 Brocade 2800 Switch
3 Brocade 2100, 2400 Switches
4 Brocade 20x0, 2010, 2040, 2050 Switches
5 Brocade 22x0, 2210, 2240, 2250 Switches
Switch Types and Product Names
Generated by Jive SBS on 2011-01-06-07:00
2
7 Brocade 2000 Switch
9 Brocade 3800 Switch
10 Brocade 12000 Director
12 Brocade 3900 Switch
16 Brocade 3200 Switch
17 Brocade 3800VL
18 Brocade 3000 Switch
21 Brocade 24000 Director
22 Brocade 3016 embedded Blade Switch
23 8Gbit 10-port embedded fabric switch
26 Brocade 3850 Switch
27 Brocade 3250 Switch
29 Brocade 4012 Embedded Blade Switch
32 Brocade 4100 Switch
33 Brocade 3014 Switch
34 Brocade 200E Switch
36 Brocade FR4-18i Director Blade
37 Brocade 4020 Embedded Blade Switch
38 Brocade 7420 SAN Router
40 Fibre Channel Routing (FCR) Front Domain
41 Fibre Channel Routing (FCR) Xlate Domain
42 Brocade 48000 Director
43 Brocade 4024 Embedded Blade Switch
44 Brocade 4900 Switch
45 Brocade 4016 Embedded Blade Switch
46 Brocade 7500 Switch
Switch Types and Product Names
Generated by Jive SBS on 2011-01-06-07:00
3
47 Brocade FC4-16IP Director Blade
50 Brocade 4GB FC Port Blade
51 Brocade 4018 Embedded Blade Switch
55 Brocade FA4-18i Extension Director Blade
55,2 Brocade 7600 Switch
58 Brocade 5000 Switch
62 Brocade DCX Backbone
63 Brocade 8Gb Backbone Core Fabric Switch
64 Brocade 5300 Switch
66 Brocade 5100 Switch
67 Brocade Encryption Switch
68 Brocade 8Gb 16 FC 2 GigE ports Director Encryption
Blade
69 Brocade 5410 Blade
70 Brocade 8GB 10 Port Embedded Fabric Switch
71 Brocade 300 Switch
72 Brocade 5480 Embedded Blade Switch
75 Brocade M5424 Embedded Blade Switch
76,6 Brocade 8000 FCoE Switch
77,3 Brocade DCX-4S
82 Brocade 8Gb 24-port Embedded Blade Switch
83 Brocade 16-FC port, 6-GE port, auto sensing 1, 2, 4 or
8Gbit Switch
86 Brocade 8Gbit 26-port embedded Switch
88 Brocade 10Gb 24 GigE ports DCE Blade
Switch Types and Product Names
Generated by Jive SBS on 2011-01-06-07:00
4
89 Brocade 8Gb 12 FC, 1Gb 10 GigE FCIP Blade, 10Gb 2
GigE ports FCR
}}}
{{{
HP5308# sh mod
Status and Counters - Module Information
Slot Module Description Serial Number
----- ------------------------------------ --------------
A HP J4907A XL Gig-T/GBIC module SG432PM0AY
B HP J4907A XL Gig-T/GBIC module SG432PM0B3
C HP J8161A XL PoE 10/100-TX module SG436QD03H
D HP J4820A XL 10/100-TX module SG416KZ0J4
G HP J8161A XL PoE 10/100-TX module SG423QD086
H HP J8161A XL PoE 10/100-TX module SG423QD0BQ
}}}
{{{
show running-config
Running configuration:
; J4819A Configuration Editor; Created on release #E.10.44
}}}
{{{
HP5308# sh system-information
Status and Counters - General System Information
System Name : HP5308
System Contact : System Contact
System Location : System Location
MAC Age Time (sec) : 300
Time Zone : -300
Daylight Time Rule : Continental-US-and-Canada
Software revision : E.10.44 Base MAC Addr : 00110a-90f400
ROM Version : E.05.04 Serial Number : SG432JZ09C
Up Time : 175 days Memory - Total : 17,973,152
CPU Util (%) : 1 Free : 5,163,144
IP Mgmt - Pkts Rx : 441,182,527 Packet - Total : 2176
Pkts Tx : 129,797,247 Buffers Free : 1665
Lowest : 643
Missed : 0
HP5308#
}}}
Command: dsquery
{{{
e:\>dsquery ou -name "Domain Admins"
"OU=Domain Admins,DC=test,DC=internal"
e:\>dsquery group -name "Domain Admins"
"CN=Domain Admins,CN=Users,DC=test,DC=internal"
e:\>dsquery user -name Bob
"CN=Bob,OU=Domain Admins,DC=test,DC=internal"
}}}
If you only know the account id, which can be different from the CN, try this:
{{{
e:\>dsquery user -samid root
"CN=Smith\, Brad,OU=Domain Admins,DC=test,DC=internal"
e:\>dsquery user -name "Smith, Brad"
"CN=Smith\, Brad,OU=Domain Admins,DC=test,DC=internal"
C:\WINDOWS\system32>dsquery group -samid "Domain Admins"
"CN=Domain Admins,CN=Users,DC=asdf,DC=internal"
}}}
{{{
Dsquery can output many object attributes, including the SID (objectSID). The easiest way is to use a filter query to show the objectsid attribute, as in the following example:
dsquery * -filter "&(objectcategory=user)(samaccountname=john)" -attr objectsid
The return is:
objectsid S-1-5-21-2835294230-785241407-2532694646-1106
You can also use Dsget to get the distinguished name (DN), like the following example:
dsget user "cn=john savill,cn=users,dc=savilltech,dc=net" -sid
The return would be:
sid S-1-5-21-2835294230-785241407-2532694646-1106 dsget succeeded
}}}
Look for *release or *version in /etc. Sometimes /etc/issue will have something too.
Slackware: /etc/slackware-version
Mandrake: /etc/mandrake-release
Red Hat: /etc/redhat-release
Fedora: /etc/fedora-release
Debian: /etc/Debian_version
{{{
# cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=6.06
DISTRIB_CODENAME=dapper
DISTRIB_DESCRIPTION="Ubuntu 6.06 LTS"
# cat /etc/debian_version
testing
}}}
http://support.microsoft.com/kb/321185
!!!~SQL2008
{{{
SELECT SERVERPROPERTY('productversion'), SERVERPROPERTY ('productlevel'), SERVERPROPERTY ('edition')
}}}
!!!~SQL2005
{{{
SELECT SERVERPROPERTY('productversion'), SERVERPROPERTY ('productlevel'), SERVERPROPERTY ('edition')
}}}
!!!SQL Build Numbers
|SQL Server 2008 R2 CU2|10.5.1720.0 |
|SQL Server 2008 R2 CU1 |10.5.1702.0|
|SQL Server 2008 R2 RTM|10.5.1600.1 |
|SQL Server 2008 RTM |2007.100.1600.0|
|SQL Server 2008 SP1 |2007.100.2531.0|
|SQL Server 2005 RTM |2005.90.1399|
|SQL Server 2005 SP1 |2005.90.2047|
|SQL Server 2005 SP2 |2005.90.3042|
|SQL Server 2005 SP3 |2005.90.4035|
|SQL Server 2000 RTM |2000.80.194.0|
|SQL Server 2000 SP1 |2000.80.384.0|
|SQL Server 2000 SP2 |2000.80.534.0|
|SQL Server 2000 SP3 |2000.80.760.0|
|SQL Server 2000 SP3a |2000.80.760.0|
|SQL Server 2000 SP4 |2000.8.00.2039|
|SQL Server 7.0 RTM |7.00.623|
|SQL Server 7.0 SP1 |7.00.699|
|SQL Server 7.0 SP2 |7.00.842|
|SQL Server 7.0 SP3 |7.00.961|
|SQL Server 7.0 SP4 |7.00.1063|
|SQL Server 6.5 RTM |6.50.201|
|SQL Server 6.5 SP1 |6.50.213|
|SQL Server 6.5 SP2 |6.50.240|
|SQL Server 6.5 SP3 |6.50.258|
|SQL Server 6.5 SP4 |6.50.281|
|SQL Server 6.5 SP5 |6.50.415|
|SQL Server 6.5 SP5a |6.50.416|
|SQL Server 6.5 SP5a Update |6.50.479|
Two ways:
{{{
show trunks
}}}
{{{
show interfaces brief
}}}
{{{
show trunks
Load Balancing
Port | Name Type | Group Type
---- + -------------------------------- --------- + ----- -----
A15 | 1000SX | Mesh
B15 | 1000SX | Trk1 LACP
}}}
{{{
show interfaces brief
Status and Counters - Port Status
| Intrusion MDI Flow
Port Type | Alert Enabled Status Mode Mode Ctrl
-------- --------- + --------- ------- ------ ---------- ----- -----
A1 100/1000T | No Yes Down 1000FDx Auto off
A2 100/1000T | No Yes Down 1000FDx Auto off
A3 100/1000T | No Yes Down 1000FDx MDIX off
A4 100/1000T | No Yes Up 1000FDx MDIX off
A5 100/1000T | No Yes Up 100FDx MDIX off
A6 100/1000T | No Yes Up 100FDx MDIX off
A7 100/1000T | No Yes Down 1000FDx Auto off
A8 100/1000T | No Yes Down 1000FDx MDIX off
A9 100/1000T | No Yes Down 1000FDx Auto off
A10 100/1000T | No Yes Down 1000FDx Auto off
A11 100/1000T | No Yes Down 1000FDx Auto off
A12 100/1000T | No Yes Down 1000FDx Auto off
A13 100/1000T | No Yes Up 10HDx MDIX off
A14 100/1000T | No Yes Down 1000FDx Auto off
A15-Mesh 1000SX | No Yes Up 1000FDx off
A16 100/1000T | No Yes Down 1000FDx Auto off
B1 100/1000T | No Yes Up 1000FDx MDI off
B2 100/1000T | No Yes Up 100FDx MDIX off
B3 100/1000T | No Yes Down 1000FDx Auto off
B4 100/1000T | No Yes Down 1000FDx Auto off
B5 100/1000T | No Yes Up 100FDx MDIX off
B6 100/1000T | No Yes Down 1000FDx MDIX off
B7 100/1000T | No Yes Down 1000FDx MDIX off
B8 100/1000T | No Yes Down 1000FDx Auto off
B9 100/1000T | No Yes Up 100FDx MDIX off
B10 100/1000T | No Yes Down 1000FDx Auto off
B11 100/1000T | No Yes Down 1000FDx Auto off
B12 100/1000T | No Yes Down 1000FDx Auto off
B13 100/1000T | No Yes Up 100FDx MDIX off
B14 100/1000T | No Yes Down 1000FDx Auto off
B15-Trk1 1000SX | No Yes Up 1000FDx off
B16 100/1000T | No Yes Down 1000FDx Auto off
C1 10/100TX | No Yes Down 10FDx Auto off
C2 10/100TX | No Yes Down 10FDx Auto off
C3 10/100TX | No Yes Down 10FDx Auto off
C4 10/100TX | No Yes Down 10FDx Auto off
C5 10/100TX | No Yes Down 10FDx Auto off
C6 10/100TX | No Yes Down 10FDx Auto off
C7 10/100TX | No Yes Down 10FDx Auto off
C8 10/100TX | No Yes Down 10FDx Auto off
C9 10/100TX | No Yes Down 10FDx Auto off
C10 10/100TX | No Yes Down 10FDx Auto off
C11 10/100TX | No Yes Down 10FDx Auto off
C12 10/100TX | No Yes Down 10FDx Auto off
C13 10/100TX | No Yes Down 100FDx MDIX off
C14 10/100TX | No Yes Down 100FDx MDIX off
C15 10/100TX | No Yes Up 100FDx MDI off
C16 10/100TX | No Yes Up 100FDx MDIX off
C17 10/100TX | No Yes Up 10HDx MDIX off
C18 10/100TX | No Yes Down 10FDx Auto off
C19 10/100TX | No Yes Down 10FDx Auto off
C20 10/100TX | No Yes Up 100FDx MDIX off
C21 10/100TX | No Yes Down 10FDx Auto off
C22 10/100TX | No Yes Down 10FDx Auto off
C23 10/100TX | No Yes Down 10FDx Auto off
C24 10/100TX | No Yes Down 10FDx Auto off
D1 10/100TX | No Yes Up 100FDx MDI off
D2 10/100TX | No Yes Up 100FDx MDIX off
D3 10/100TX | No Yes Down 10FDx Auto off
D4 10/100TX | No Yes Up 100FDx MDIX off
D5 10/100TX | No Yes Down 10FDx Auto off
D6 10/100TX | No Yes Down 10FDx Auto off
D7 10/100TX | No Yes Up 100FDx MDIX off
D8 10/100TX | No Yes Down 10FDx Auto off
D9 10/100TX | No Yes Down 10FDx Auto off
D10 10/100TX | No Yes Up 100FDx MDIX off
D11 10/100TX | No Yes Down 10FDx Auto off
D12 10/100TX | No Yes Down 10FDx Auto off
D13 10/100TX | No Yes Up 100FDx MDI off
D14 10/100TX | No Yes Down 10FDx Auto off
D15 10/100TX | No Yes Down 10FDx Auto off
D16 10/100TX | No Yes Down 10FDx Auto off
D17 10/100TX | No Yes Up 100FDx MDI off
D18 10/100TX | No Yes Up 100FDx MDI off
D19 10/100TX | No Yes Down 10FDx Auto off
D20 10/100TX | No Yes Down 10FDx Auto off
D21 10/100TX | No Yes Down 10FDx Auto off
D22 10/100TX | No Yes Down 10FDx Auto off
D23 10/100TX | No Yes Down 10FDx Auto off
D24 10/100TX | No Yes Down 10FDx Auto off
G1 10/100TX | No Yes Down 10FDx Auto off
G2 10/100TX | No Yes Down 10FDx Auto off
G3 10/100TX | No Yes Up 100FDx MDIX off
G4 10/100TX | No Yes Up 100FDx MDIX off
G5 10/100TX | No Yes Down 10FDx Auto off
G6 10/100TX | No Yes Up 100FDx MDIX off
G7 10/100TX | No Yes Down 10FDx Auto off
G8 10/100TX | No Yes Up 100FDx MDIX off
G9 10/100TX | No Yes Down 100FDx MDIX off
G10 10/100TX | No Yes Down 10FDx Auto off
G11 10/100TX | No Yes Up 100FDx MDIX off
G12 10/100TX | No Yes Up 100FDx MDI off
G13 10/100TX | No Yes Up 10HDx MDI off
G14 10/100TX | No Yes Down 10FDx Auto off
G15 10/100TX | No Yes Down 10FDx Auto off
G16 10/100TX | No Yes Up 100FDx MDI off
G17 10/100TX | No Yes Down 100FDx MDIX off
G18 10/100TX | No Yes Up 100FDx MDIX off
G19 10/100TX | No Yes Up 100FDx MDIX off
G20 10/100TX | No Yes Up 100HDx MDI off
G21 10/100TX | No Yes Down 100FDx MDI off
G22 10/100TX | No Yes Down 10FDx Auto off
G23 10/100TX | No Yes Up 100FDx MDIX off
G24 10/100TX | No Yes Up 100FDx MDIX off
H1 10/100TX | No Yes Down 10FDx Auto off
H2 10/100TX | No Yes Down 10FDx Auto off
H3 10/100TX | No Yes Down 10FDx Auto off
H4 10/100TX | No Yes Down 10FDx Auto off
H5 10/100TX | No Yes Down 10FDx Auto off
H6 10/100TX | No Yes Down 10FDx Auto off
H7 10/100TX | No Yes Down 10FDx Auto off
H8 10/100TX | No Yes Down 10FDx Auto off
H9 10/100TX | No Yes Down 10FDx Auto off
H10 10/100TX | No Yes Down 10FDx Auto off
H11 10/100TX | No Yes Down 100FDx MDIX off
H12 10/100TX | No Yes Down 10FDx Auto off
H13 10/100TX | No Yes Down 10FDx Auto off
H14 10/100TX | No Yes Up 100FDx MDIX off
H15 10/100TX | No Yes Down 10FDx Auto off
H16 10/100TX | No Yes Up 100FDx MDI off
H17 10/100TX | No Yes Down 10FDx Auto off
H18 10/100TX | No Yes Down 100FDx MDIX off
H19 10/100TX | No Yes Down 10FDx Auto off
H20 10/100TX | No Yes Down 10FDx Auto off
H21 10/100TX | No Yes Down 10FDx Auto off
H22 10/100TX | No Yes Down 10FDx Auto off
H23 10/100TX | No Yes Down 10FDx Auto off
}}}
{{{
[root@ESX01 /]# find / -name qla* -print | grep proc
/proc/scsi/qla2xxx
[root@ESX01 /]# grep Firmware /proc/scsi/qla2xxx/*
/proc/scsi/qla2xxx/4: FC Firmware version 5.04.01 (48d4), Chip Type: QLE815x
/proc/scsi/qla2xxx/4: MPI Firmware Version: 1.40.03 (66304)
/proc/scsi/qla2xxx/4: PHY Firmware Version: 1.08.00
/proc/scsi/qla2xxx/5: FC Firmware version 5.04.01 (48d4), Chip Type: QLE815x
/proc/scsi/qla2xxx/5: MPI Firmware Version: 1.40.03 (66304)
/proc/scsi/qla2xxx/5: PHY Firmware Version: 1.08.00
/proc/scsi/qla2xxx/6: FC Firmware version 5.04.01 (48d4), Chip Type: QLE815x
/proc/scsi/qla2xxx/6: MPI Firmware Version: 1.40.03 (66304)
/proc/scsi/qla2xxx/6: PHY Firmware Version: 1.08.00
/proc/scsi/qla2xxx/7: FC Firmware version 5.04.01 (48d4), Chip Type: QLE815x
/proc/scsi/qla2xxx/7: MPI Firmware Version: 1.40.03 (66304)
/proc/scsi/qla2xxx/7: PHY Firmware Version: 1.08.00
[root@ESX01 /]#
[root@ESX01 /]# grep BIOS /proc/scsi/qla2xxx/*
/proc/scsi/qla2xxx/4:BIOS version 3.00
/proc/scsi/qla2xxx/5:BIOS version 3.00
/proc/scsi/qla2xxx/6:BIOS version 3.00
/proc/scsi/qla2xxx/7:BIOS version 3.00
[root@ESX01 /]#
}}}
{{{
for i in /proc/scsi/qla2xxx/*; do echo; echo $i; grep hba $i; grep node $i; done
}}}
* In the Start Menu go to Run type “gpedit.msc” and press Enter
* Now a Group Policy editor will open. In this window navigate to: Computer Configuration -> Administrative Template -> Windows Components -> Windows Update
* Double click on No auto-restart for scheduled Automatic Updates installations
* In the settings window Choose Enabled and click OK
* Close Group Policy Editor
from: http://www.aviransplace.com/2004/12/18/tip-disable-auto-restart-in-windows-update/
ios:
{{{sh ip nat translations}}}
{{{sh ip nat statistics}}}
{{{
rtr-PDCity#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
--- 192.168.69.17 10.20.14.100 192.168.69.2 192.168.5.11
--- 10.90.204.12 10.90.204.12 192.168.69.2 192.168.5.11
--- --- --- 192.168.69.2 192.168.5.11
--- 192.168.69.17 10.20.14.100 --- ---
rtr-PDCity#
rtr-PDCity#sh ip nat statistics
Total active translations: 4 (1 static, 3 dynamic; 0 extended)
Outside interfaces:
Ethernet0
Inside interfaces:
FastEthernet0
Hits: 23 Misses: 2
Expired translations: 0
Dynamic mappings:
-- Inside Source
[Id: 1] access-list 1 pool city refcount 2
pool city: netmask 255.255.255.248
start 192.168.69.17 end 192.168.69.22
type generic, total addresses 6, allocated 1 (16%), misses 0
rtr-PDCity#
}}}
PIX/ASA:
{{{sh xlate}}}
[[IOS Doc|http://www.cisco.com/en/US/products/ps6441/products_command_reference_chapter09186a0080611830.html#wp1163231]]
Can only change group types/scopes in native mode. Cannot in mixed mode.
!!!ESX
|ESX 4.0 ||Build 164009| 21 May 2009|
|ESX 4.0 |Update 1 |Build 208167 |19 Nov 2009|
|ESX 4.0 |Update 2 |Build 261974 |10 Jun 2010|
|ESX 4.0 |Update 3 |Build 398348 |5 May 2011|
|ESX 4.0 |Update 4 |Build 504850 |November 17, 2011|
|ESX 4.1 ||Build 260247 |July 13, 2010|
|ESX 4.1 |Update 1 |Build 348481 |Feb 10, 2011|
|ESX 4.1 |Update 2 |Build 502767 |Oct 27, 2011|
!!!ESXi
|ESXi 4.0||Build 164009 |May 21, 2009|
|ESXi 4.0 |Update 1 |Build 208167|
|ESXi 4.0 |Update 2 |Build 261974 |June 10, 2010|
|ESXi 4.0 |Update 3 |Build 398348 |May 5, 2011|
|ESXi 4.0 |Update 4 |Build 504850 |November 17, 2011|
|ESXi 4.1 ||Build 260247 |July 13, 2010|
|ESXi 4.1 |Update 1 |Build 348481 |February 10, 2011|
|ESXi 4.1 |Update 2 |Build 502767 |October 27, 2011|
|ESXi 5.0 ||Build 456551 |August 24, 2011|
{{{
http://<ip or hostname>:2372
}}}
Password Management
Passwords and similar secrets, such as Simple Network Management Protocol (SNMP) community strings, are the primary defense against unauthorized access to your router. The best way to handle most passwords is to maintain them on a TACACS+ or RADIUS authentication server. However, almost every router still has a locally configured password for privileged access, and can also have other password information in its configuration file.
enable secret
The enable secret command is used to set the password that grants privileged administrative access to the IOS system. An enable secret password must always be set. Use the enable secret command, not the older enable password command. The enable password command uses a weak encryption algorithm. See the service password-encryption section of this document for more information.
If no enable secret is set, and a password is configured for the console TTY line, the console password can be used to receive privileged access, even from a remote VTY session. This is almost certainly not what you want, and is another reason to be certain to configure an enable secret.
http://www.cisco.com/warp/public/701/64.html
''The enable password command should no longer be used.''
http://tombuntu.com/index.php/2008/09/23/encrypted-private-directory-in-ubuntu-810/
{{{
2/27/2006 9:38:16 AM Getting Excel MDI/SDI/Excel Instance to behave more logically
I put this in a reply to a related post which may confuse people. It
should be in it's own topic.
I think I have figured out this stupid Excel thing.
Excel has this bast%^%^ized MDI SDI thing.
I think most people run Excel with it's child Window Maximized (which
makes it really confusing).
So when you click on another file it switches to that file, hides the
other window but adds another icon on your task bar giving you the
feeling you started another instance of excel (but it didn't !!). I've
been burned by this too many times and shutdown what I thought was one
instance of excel turned out to be all of them. Word does not behave
this way.
So there is an option to disable this feature called "Ignore Other
Applications" (under Options-> General). If you look at the help on
this it basically shuts of DDE. What DDE basically does is when you
click on a file it checks to see if Excel is already running and if it
is, it passes the file to that already running instance. The problem
with turning this switch on is the file mappings that are already
installed assume DDE is on and things break. So when you shut that
option off you suddenly start getting errors that Excel cannot find the
file.
To fix this go into your File Explorer (My Computer) and Choose Folder
-> Options -> File Type. Find XLS and select it, then click advanced
button. Now Select the "Open" Action and choose Edit button. Now this
is the trick, shutoff DDE by unchecking it. Then edit the end of the
action. The end should be something like this (note the "%1") and note
there must be a space between the /e and the first quote.
"C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE" /e "%1"
Now this allows you to create a SEPERATE instance of excel everytime
you click on an Excel file. And when you close that excel instance it
has no impact on any other. It also gets rid of the I can't find the
file problem. In some cases you will see a %1 without the quotes. That
causes the problem that excel can't find files when the path has spaces
in it.
You may want to repeat this for other files types that maps to Excel.
Like .CSV
If you have "ignore other applications" switch unchecked (default
behavior) you get the funky SDI/MDI/Excel Instance behavior.
If you have "ignore other applications" switch checked, you get the
more logical MDI/SDI/Excel Instance behavior but the file type mappings
must be fixed as I described above.
This all assumes under WinXP.
}}}
http://searchexchange.techtarget.com/tip/1,289483,sid43_gci1112139,00.html
{{{
net stop MSExchangeSRS
net stop MSExchangeMGMT
net stop IISAdmin /Y
net stop MSExchangeSA /Y
ntbackup backup /f "D:<dirbackup.bkf" /j "Directory services backup" DS "<exchange_server>" /d "Directory services backup set created %date% %time%" /v:yes /r:no /rs:no
ntbackup backup /f "D:<exchangebackup.bkf" /j "Exchange server backup" IS "<exchange_server>" /d "Exchange backup set created %date% %time%" /v:yes /r:no /rs:no
net start MSExchangeSRS
net start ExIFS
net start IISAdmin
net start MSExchangeSA
}}}
http://www.petri.co.il/backup_exchange_2000_2003_with_ntbackup.htm
http://technet.microsoft.com/en-us/library/8bcc6e38-363a-43ad-9c43-3f558a435b06.aspx
[[How to use command line parameters with the Ntbackup command in Windows Server 2003|http://support.microsoft.com/kb/814583]]
ntbackup information store:
{{{
::C:\WINDOWS\system32\ntbackup.exe backup "@C:\Documents and Settings\Administrator.NEWFIELD2\Local Settings\Application Data\Microsoft\Windows NT\NTBackup\data\exch-is.bks" /n "exch-is1.bkf created 8/6/2007 at 10:58 AM" /d "Set created 8/6/2007 at 10:58 AM" /n "exch-is1.bkf created 8/6/2007 at 10:58 AM" /v:no /r:no /rs:no /hc:off /m normal /j "ExchangeInfoStore" /l:s /f "c:\backup\exch-is1.bkf"
}}}
!!General Links
http://msexchangeteam.com/
!!!Exchange 2007
allow smtp relay: http://msexchangeteam.com/archive/2006/12/28/432013.aspx
Configuring Exchange 2007 Hub Transport role to receive Internet mail: http://msexchangeteam.com/archive/2006/11/17/431555.aspx
#Create LUN for Source LUN Expansion
#Create LUN for Clone LUN Expansion
#Remove Clone LUN from Storage Group
#Remove Clone LUN from Clone Group
#Destroy Clone Group
#Expand Source LUN
#Expand Clone LUN
#Extend Source LUN in Windows
#Create Clone Group
#Add Clone LUN to Clone Group
#Add Clone to Storage Group
#Restart hubsan service on source server
/***
|Name:|ExtentTagButtonPlugin|
|Description:|Adds a New tiddler button in the tag drop down|
|Version:|3.2 ($Rev: 3861 $)|
|Date:|$Date: 2008-03-08 10:53:09 +1000 (Sat, 08 Mar 2008) $|
|Source:|http://mptw.tiddlyspot.com/#ExtendTagButtonPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License|http://mptw.tiddlyspot.com/#TheBSDLicense|
***/
//{{{
window.onClickTag_mptw_orig = window.onClickTag;
window.onClickTag = function(e) {
window.onClickTag_mptw_orig.apply(this,arguments);
var tag = this.getAttribute("tag");
var title = this.getAttribute("tiddler");
// Thanks Saq, you're a genius :)
var popup = Popup.stack[Popup.stack.length-1].popup;
createTiddlyElement(createTiddlyElement(popup,"li",null,"listBreak"),"div");
wikify("<<newTiddler label:'New tiddler' tag:'"+tag+"'>>",createTiddlyElement(popup,"li"));
return false;
}
//}}}
!!!PDC Emulator
The PDC emulator is a domain controller that advertises itself as the primary domain controller (PDC) to workstations, member servers, and domain controllers that are running earlier versions of Windows. It is also the Domain Master Browser, and it handles password discrepancies. All ~DCs synchronize their time with the PDC emulator. At any one time, there can be only one domain controller acting as the PDC emulator master in each domain in the ''forest''.
!!!!Transfer PDC emulator role:
# Open Active Directory Users and Computers MMC snap-in.
# In the console tree, right-click Active Directory Users and Computers, point to All Tasks, and then click Operations Master.
# Click the PDC emulator tab, and then click Change.
# Click OK to confirm that you want to transfer the role, and then click Close.
!!!RID Master
The RID (Relative ID) master is responsible for processing RID pool requests from all domain controllers in a particular domain. At any one time, there can be only one domain controller acting as the RID master in the ''domain''.
!!!!Transfer RID master role:
# Open Active Directory Users and Computers MMC snap-in.
# In the console tree, right-click Active Directory Users and Computers, point to All Tasks, and then click Operations Master.
# Click the RID master role tab, and then click Change.
# Click OK to confirm that you want to transfer the role, and then click Close.
!!!Infrastructure Master
The infrastructure master is responsible for updating references from objects in its domain to objects in other domains. At any one time, there can be only one domain controller acting as the infrastructure master in each ''domain''.
!!!!Transfer infrastructure master role
# Open Active Directory Users and Computers MMC snap-in.
# In the console tree, right-click Active Directory Users and Computers, point to All Tasks, and then click Operations Master.
# Click the infrastructure master role tab, and then click Change.
# Click OK to confirm that you want to transfer the role, and then click Close.
!!!Schema Master
The schema master domain controller controls all updates and modifications to the schema. To update the schema of a forest, you must have access to the schema master. There can be only one schema master in the whole ''forest''.
!!!!Transfer schema master role
#Register Schmmgmt.dll
##Run: {{{regsvr32 schmmgmt.dll}}} from command line or run dialog box.
#Transfer the Schema Master Role
##Click Start, click Run, type mmc in the Open box, and then click OK.
##On the File, menu click Add/Remove Snap-in.
##Click Add.
##Click Active Directory Schema, click Add, click Close, and then click OK.
##In the console tree, right-click Active Directory Schema, and then click Change Domain Controller.
##Click Specify Name, type the name of the domain controller that will be the new role holder, and then click OK.
##In the console tree, right-click Active Directory Schema, and then click Operations Master.
##Click Change.
##Click OK to confirm that you want to transfer the role, and then click Close.
!!!Domain Naming Master
The domain naming master domain controller controls the addition or removal of domains in the forest. There can be only one domain naming master in the whole ''forest''.
!!!!Transfer domain naming master role
1. Click Start, point to Administrative Tools, and then click Active Directory Domains and Trusts.
2. Right-click Active Directory Domains and Trusts, and then click Connect to Domain Controller.
NOTE: You must perform this step if you are not on the domain controller to which you want to transfer the role. You do not have to perform this step if you are already connected to the domain controller whose role you want to transfer.
3. Do one of the following:
* In the Enter the name of another domain controller box, type the name of the domain controller that will be the new role holder, and then click OK.
-or-
* In the Or, select an available domain controller list, click the domain controller that will be the new role holder, and then click OK.
4. In the console tree, right-click Active Directory Domains and Trusts, and then click Operations Master.
5. Click Change.
6. Click OK to confirm that you want to transfer the role, and then click Close.
!!!Global Catalog
!!!Notes:
How to view and transfer FSMO roles in Windows Server 2003: http://support.microsoft.com/kb/324801
Using ntdsutil to view FSMO roles: http://technet.microsoft.com/en-us/library/cc758870.aspx [[NTDSUTIL to view FSMO]]
|!Bookmark Name|!Location|!Keyword|
|Google Search|http://www.google.com/search?q=%s|g|
|Wikipedia Search|???|wp|
ForecastFox
AdBlock
filtersetg updater
tiny menu
fireftp
pdfdownload
download statusbar
ie tab
sage
{{{
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\>for /?
Runs a specified command for each file in a set of files.
FOR %variable IN (set) DO command [command-parameters]
%variable Specifies a single letter replaceable parameter.
(set) Specifies a set of one or more files. Wildcards may be used.
command Specifies the command to carry out for each file.
command-parameters
Specifies parameters or switches for the specified command.
To use the FOR command in a batch program, specify %%variable instead
of %variable. Variable names are case sensitive, so %i is different
from %I.
If Command Extensions are enabled, the following additional
forms of the FOR command are supported:
FOR /D %variable IN (set) DO command [command-parameters]
If set contains wildcards, then specifies to match against directory
names instead of file names.
FOR /R [[drive:]path] %variable IN (set) DO command [command-parameters]
Walks the directory tree rooted at [drive:]path, executing the FOR
statement in each directory of the tree. If no directory
specification is specified after /R then the current directory is
assumed. If set is just a single period (.) character then it
will just enumerate the directory tree.
FOR /L %variable IN (start,step,end) DO command [command-parameters]
The set is a sequence of numbers from start to end, by step amount.
So (1,1,5) would generate the sequence 1 2 3 4 5 and (5,-1,1) would
generate the sequence (5 4 3 2 1)
FOR /F ["options"] %variable IN (file-set) DO command [command-parameters]
FOR /F ["options"] %variable IN ("string") DO command [command-parameters]
FOR /F ["options"] %variable IN ('command') DO command [command-parameters]
or, if usebackq option present:
FOR /F ["options"] %variable IN (file-set) DO command [command-parameters]
FOR /F ["options"] %variable IN ('string') DO command [command-parameters]
FOR /F ["options"] %variable IN (`command`) DO command [command-parameters]
filenameset is one or more file names. Each file is opened, read
and processed before going on to the next file in filenameset.
Processing consists of reading in the file, breaking it up into
individual lines of text and then parsing each line into zero or
more tokens. The body of the for loop is then called with the
variable value(s) set to the found token string(s). By default, /F
passes the first blank separated token from each line of each file.
Blank lines are skipped. You can override the default parsing
behavior by specifying the optional "options" parameter. This
is a quoted string which contains one or more keywords to specify
different parsing options. The keywords are:
eol=c - specifies an end of line comment character
(just one)
skip=n - specifies the number of lines to skip at the
beginning of the file.
delims=xxx - specifies a delimiter set. This replaces the
default delimiter set of space and tab.
tokens=x,y,m-n - specifies which tokens from each line are to
be passed to the for body for each iteration.
This will cause additional variable names to
be allocated. The m-n form is a range,
specifying the mth through the nth tokens. If
the last character in the tokens= string is an
asterisk, then an additional variable is
allocated and receives the remaining text on
the line after the last token parsed.
usebackq - specifies that the new semantics are in force,
where a back quoted string is executed as a
command and a single quoted string is a
literal string command and allows the use of
double quotes to quote file names in
filenameset.
Some examples might help:
FOR /F "eol=; tokens=2,3* delims=, " %i in (myfile.txt) do @echo %i %j %k
would parse each line in myfile.txt, ignoring lines that begin with
a semicolon, passing the 2nd and 3rd token from each line to the for
body, with tokens delimited by commas and/or spaces. Notice the for
body statements reference %i to get the 2nd token, %j to get the
3rd token, and %k to get all remaining tokens after the 3rd. For
file names that contain spaces, you need to quote the filenames with
double quotes. In order to use double quotes in this manner, you also
need to use the usebackq option, otherwise the double quotes will be
interpreted as defining a literal string to parse.
%i is explicitly declared in the for statement and the %j and %k
are implicitly declared via the tokens= option. You can specify up
to 26 tokens via the tokens= line, provided it does not cause an
attempt to declare a variable higher than the letter 'z' or 'Z'.
Remember, FOR variables are single-letter, case sensitive, global,
and you can't have more than 52 total active at any one time.
You can also use the FOR /F parsing logic on an immediate string, by
making the filenameset between the parenthesis a quoted string,
using single quote characters. It will be treated as a single line
of input from a file and parsed.
Finally, you can use the FOR /F command to parse the output of a
command. You do this by making the filenameset between the
parenthesis a back quoted string. It will be treated as a command
line, which is passed to a child CMD.EXE and the output is captured
into memory and parsed as if it was a file. So the following
example:
FOR /F "usebackq delims==" %i IN (`set`) DO @echo %i
would enumerate the environment variable names in the current
environment.
In addition, substitution of FOR variable references has been enhanced.
You can now use the following optional syntax:
%~I - expands %I removing any surrounding quotes (")
%~fI - expands %I to a fully qualified path name
%~dI - expands %I to a drive letter only
%~pI - expands %I to a path only
%~nI - expands %I to a file name only
%~xI - expands %I to a file extension only
%~sI - expanded path contains short names only
%~aI - expands %I to file attributes of file
%~tI - expands %I to date/time of file
%~zI - expands %I to size of file
%~$PATH:I - searches the directories listed in the PATH
environment variable and expands %I to the
fully qualified name of the first one found.
If the environment variable name is not
defined or the file is not found by the
search, then this modifier expands to the
empty string
The modifiers can be combined to get compound results:
%~dpI - expands %I to a drive letter and path only
%~nxI - expands %I to a file name and extension only
%~fsI - expands %I to a full path name with short names only
%~dp$PATH:I - searches the directories listed in the PATH
environment variable for %I and expands to the
drive letter and path of the first one found.
%~ftzaI - expands %I to a DIR like output line
In the above examples %I and PATH can be replaced by other valid
values. The %~ syntax is terminated by a valid FOR variable name.
Picking upper case variable names like %I makes it more readable and
avoids confusion with the modifiers, which are not case sensitive.
C:\>
}}}
Per User setting:
{{{
Windows 2003
Start regedit and go to
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StuckRects2
You'll see a "Settings" value, which contains something like this:
28 00 00 00 ff ff ff ff 02 00 00 00 03 00 00 00 6d 00 00 00 20 00 00 00 00 00 00 00 e0 03 00 00 00 05 00 00 00 04 00 00
The nineth pair of digits determines the Taskbar properties. Possible values are:
Always on top = 0x02
Auto hide = 0x01
Show small icons in Start menu = 0x04
Hide clock = 0x08
Combine the properties you want and set the byte. For example:
Always on top + Show small icons + Show clock = 06
Always on top + Show small icons + Hide clock = 0e
Note that the changes do not take effect immediately, you have to restart Explorer, or logoff and logon again to see the changes.
If you want to set this for all users, you'll have to export the registry key into a .reg file
and import it into the user profile in a logon script. Start the logon script in your GPO to
make sure that it runs (and imports the registry file) before Explorer is started.
}}}
Source: http://ts.veranoest.net/ts_faq_configuration.htm#enable_clock
Regfile:
{{{
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StuckRects2]
"Settings"=hex:28,00,00,00,ff,ff,ff,ff,06,00,00,00,03,00,00,00,3c,00,00,00,1e,\
00,00,00,fe,ff,ff,ff,e4,02,00,00,02,04,00,00,02,03,00,00
}}}
*You can create ''Bold'' text by enclosing it in pairs of single quotes:
{{{
''bold text''
}}}
*You can create ==Strikethrough== text by enclosing it in pairs of equal signs:
{{{
==strikethrough text==
}}}
*You can __Underline__ text by enclosing it in pairs of underscores:
{{{
__underlined text__
}}}
*You can create //Italic// text by enclosing it in pairs of forward slashes:
{{{
//italic text//
}}}
*You can create ^^superscript^^ text by enclosing it in pairs of carets:
{{{
^^superscript text^^
}}}
*You can create ~~subscript~~ text by enclosing it in pairs of tildes:
{{{
~~subscript text~~
}}}
*You can @@highlight text@@ by enclosing it in pairs of at-signs.
{{{
@@highlighted text@@
}}}
*You can also change many other CSS attributes by adding arguments to the highlight command. For example, you can change the text color to @@color:red;red@@ or give it a background-color of @@background-color:#0000FF;color:white;blue@@.
{{{
@@CSS attributes separated by semicolons;text@@
}}}
You can find out more about CSS from the excellent [[w3schools tutorial|http://w3schools.com/css/default.asp]].
*Finally, you can add new CSS classes to the Tiddlywiki so that you can style a number of items with the same CSS formatting. Simply add the new class to the StyleSheet [[ShadowTiddler|ShadowTiddlers]], such as:
{{{
.moveover{
margin-left:120px;
}
}}}
Then, when you want to use that CSS class, use the following formatting:
{{{
{{classname{text to be formatted}}}
}}}
{{moveover{So, for example, this paragraph has been formatted using the moveover CSS class.}}}
[[Tutorial|file:///C:/Documents%20and%20Settings/jcw/My%20Documents/data/docs/wiki/TiddlyWikiTutorial.html]]
{{{
4.2.2.2 dns server (vnsc-bak.sys.gtei.net.)
FLTG routers:
66.152.113.33 virt ip
66.152.113.34
66.152.113.35
FLTG interconnects:
208.20.35.2 fltg dns
208.20.35.3 fltg dns
128.253.161.221 www.cornell.edu
132.236.56.250 ntp0.cornell.edu
TW routers:
24.39.87.101
TW interconnects:
24.92.226.11 time warner dns
24.92.226.12 time warner dns
72.43.91.85 web1.compguard.net
}}}
http://yoopergeek.blogspot.com/2007/07/vmware-loosing-eth0-after-youve-copied.html
{{{
Wednesday, July 18, 2007
VMWare : Loosing eth0 after you've copied your VM
Background
Here's a bit of weird-behavior I've noticed when working with some of our production virtual machines (running Gentoo Linux) here at work.
In order to update the OS's on our virtual machines, I will copy them to my local machine, power them on, update them, and then push the updated OS's back out into production at the earliest convenience.
When you copy the VM from one location to another, VMWare notices this and asks you "Hey, it looks like this machine has been physically moved or copied, do you want me to create a new VM-UUID?" If you answer in the affirmative, VMWare internally regenerates any unique-identifiers tied to this virtual machine. The one thing that's really noticeable is that any virtual ethernet adapters get their MAC addresses changed.
The problem I've experienced is that when you power on the new-UUID'd VM, you no longer have an ethernet adapter. Gentoo tries to bring-up eth0 and it says "network interface eth0 does not exist" and "Please verify hardware or kernel module (driver)"
Explanation
"So, what's going on?"
Try a couple things:
* If you run lspci you should still see the ethernet adapter.
* If you run 'dmesg' and should see the kernel find the network card and it even calls it eth0
"So, where does eth0 go?"
Try running ifconfig -a. I bet you now have an eth1 and it's MAC address matches the newly-generated virtual MAC address specified in the virtual machine's .vmx file.
"Oh great, so every time I copy the VM I need to update the system configs to use the new eth1, or eth2, etc!?!?!"
No, hush, I'm getting to the answer.
The problem stems from the linux distro 'remembering' the MAC address of the network adapter and expecting it to be the same between boots. In the case of our Gentoo VM's, it's udev that mucks this up.
"Ok, fine, it's udev's fault. We know it's broken because it's expecting the ethernet adapter to have a MAC address that it no longer has. What to do?
The Answer
To fix this problem you need to tell your linux distro the VM's new MAC address. How you do this can vary by distro. In my spelunking, I found a few ways:
* In Gentoo do one of the following: (Do #1, it's the easiest.)
1. Delete /etc/udev/rules.d/70-persistent-net.rules and reboot. Your eth0 should be back.
o 2007/09/13 Update: This almost-always works for me. But, for some reason, sometimes it seems to confuse udev even more; after rebooting, I'll have an eth2 or eth3. When this happens, I end up following #2, making sure the udev config file has 'eth0' listed, and not eth1, eth2, or eth3.
2. Edit /etc/udev/rules.d/70-persistent-net.rules (or whatever it's named) to match your new MAC address and reboot. Your eth0 should be back.
* Other distros:
o Look for, (and edit if you find,) /etc/iftab
o Look for, and delete, then reboot /etc/udev/rules.d/25-iftab.rules
o Look for, (and edit if you find,) /etc/sysconfig/network-scripts/ifcfg-eth0
Give Credit Where Credit Is Due
I got hints from a number of pages, but in the end, it was the folks over at the VMWare discussion forums for the win:
VMWare Discussion Forums
Posted by Jason Poll at 4:35 PM
}}}
{{{
dir /b /s
}}}
/b :: bare format
/s :: include subdirectories
It looks like:
{{{
D:\>cd vmware
D:\vmware>dir /b /s
D:\vmware\centos
D:\vmware\gwopen5
D:\vmware\fc5nagios
D:\vmware\CentOS-4.4.ServerCD-i386.iso
D:\vmware\en_office_2003_pro.iso
D:\vmware\ISPConfig_Appliance
D:\vmware\m0n0wall-1.2-HD
D:\vmware\perfectsetup-1
D:\vmware\iscsi
D:\vmware\centos\Red Hat Enterprise Linux 4.vmx
D:\vmware\centos\Red Hat Enterprise Linux 4.vmsd
D:\vmware\centos\Red Hat Enterprise Linux 4.nvram
D:\vmware\centos\vmware-2.log
D:\vmware\centos\vmware-1.log
D:\vmware\centos\vmware-0.log
D:\vmware\centos\vmware.log
D:\vmware\gwopen5\gwopen5.vmdk
D:\vmware\gwopen5\gwopen5-vm-readme.txt
}}}
{{{
foreach ($ServerName in get-content "E:\data\zWorking\adps1\tocservernames.txt") {
"$ServerName"
## check the machine is pingable
$query = "select * from win32_pingstatus where address = '$ServerName'"
$result = Get-WmiObject -query $query
if ($result.protocoladdress) {
# $build = @{n="Build";e={$_.BuildNumber}}
# $SPNumber = @{n="SPNumber";e={$_.CSDVersion}}
# $sku = @{n="SKU";e={$_.OperatingSystemSKU}}
# $hostname = @{n="HostName";e={$_.CSName}}
$Win32_OS = Get-WmiObject Win32_OperatingSystem -computer $ServerName | select servicepackmajorversion, caption
## Get the Service pack level
$servicepack = $Win32_OS.servicepackmajorversion
$osversion = $Win32_OS.caption
## Get the OS build
# switch ($Win32_OS.build) {
# the break statement will stop at the first match
# 2600 {$os = "XP"; break}
# 3790 { if ($Win32_OS.caption -match "XP") { $os = "XPx64" } else { $os = "Server 2003" }; break }
# 6000 {$os = "Vista"; break}
# 6001 { if ($Win32_OS.caption -match "Vista" ) { $os = "Vista" } else { $os = "Server 2008"}; break }
# }
"$osversion"
"Service Pack: $servicepack"
"`n"
#"Operating System: $os Service Pack: $servicepack" | out-file -filepath C:\ServicePack.txt
} else {
"Not Responding"
"`n"}
}
}}}
force create mode = 0775
force directory mode = 0775
force group = web
http://www.hp.com/rnd/itmgrnews/technical_tips.htm
|fiber|fiber channel switch|
|procurve|network switch|
|blade|blade running microsoft|
|proliant|proliant running microsoft|
|eva|eva disk|
|msl6000|msl tape proliant|
|xp|xp disk|
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel]
"ConnectionsTab"=dword:00000001
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet
Explorer\Control Panel]
"ConnectionsTab"=dword:00000001
/***
|Name:|HideWhenPlugin|
|Description:|Allows conditional inclusion/exclusion in templates|
|Version:|3.1 ($Rev: 3919 $)|
|Date:|$Date: 2008-03-13 02:03:12 +1000 (Thu, 13 Mar 2008) $|
|Source:|http://mptw.tiddlyspot.com/#HideWhenPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License:|http://mptw.tiddlyspot.com/#TheBSDLicense|
For use in ViewTemplate and EditTemplate. Example usage:
{{{<div macro="showWhenTagged Task">[[TaskToolbar]]</div>}}}
{{{<div macro="showWhen tiddler.modifier == 'BartSimpson'"><img src="bart.gif"/></div>}}}
***/
//{{{
window.hideWhenLastTest = false;
window.removeElementWhen = function(test,place) {
window.hideWhenLastTest = test;
if (test) {
removeChildren(place);
place.parentNode.removeChild(place);
}
};
merge(config.macros,{
hideWhen: { handler: function(place,macroName,params,wikifier,paramString,tiddler) {
removeElementWhen( eval(paramString), place);
}},
showWhen: { handler: function(place,macroName,params,wikifier,paramString,tiddler) {
removeElementWhen( !eval(paramString), place);
}},
hideWhenTagged: { handler: function (place,macroName,params,wikifier,paramString,tiddler) {
removeElementWhen( tiddler.tags.containsAll(params), place);
}},
showWhenTagged: { handler: function (place,macroName,params,wikifier,paramString,tiddler) {
removeElementWhen( !tiddler.tags.containsAll(params), place);
}},
hideWhenTaggedAny: { handler: function (place,macroName,params,wikifier,paramString,tiddler) {
removeElementWhen( tiddler.tags.containsAny(params), place);
}},
showWhenTaggedAny: { handler: function (place,macroName,params,wikifier,paramString,tiddler) {
removeElementWhen( !tiddler.tags.containsAny(params), place);
}},
hideWhenTaggedAll: { handler: function (place,macroName,params,wikifier,paramString,tiddler) {
removeElementWhen( tiddler.tags.containsAll(params), place);
}},
showWhenTaggedAll: { handler: function (place,macroName,params,wikifier,paramString,tiddler) {
removeElementWhen( !tiddler.tags.containsAll(params), place);
}},
hideWhenExists: { handler: function(place,macroName,params,wikifier,paramString,tiddler) {
removeElementWhen( store.tiddlerExists(params[0]) || store.isShadowTiddler(params[0]), place);
}},
showWhenExists: { handler: function(place,macroName,params,wikifier,paramString,tiddler) {
removeElementWhen( !(store.tiddlerExists(params[0]) || store.isShadowTiddler(params[0])), place);
}},
hideWhenTitleIs: { handler: function(place,macroName,params,wikifier,paramString,tiddler) {
removeElementWhen( tiddler.title == params[0], place);
}},
showWhenTitleIs: { handler: function(place,macroName,params,wikifier,paramString,tiddler) {
removeElementWhen( tiddler.title != params[0], place);
}},
'else': { handler: function(place,macroName,params,wikifier,paramString,tiddler) {
removeElementWhen( !window.hideWhenLastTest, place);
}}
});
//}}}
{{{
access-list 101 permit icmp any host 192.168.1.5 echo-reply
access-list 101 permit icmp any host 192.168.1.5 source-quench
access-list 101 permit icmp any host 192.168.1.5 unreachable
access-list 101 permit icmp any host 192.168.1.5 time-exceeded
access-group 101 in interface outside
}}}
Scripts to backup/import iis metabase:
iiscnfg.vbs
iisback.vbs
from: http://redmondmag.com/columns/article.asp?EditorialsID=498
seems to be from win2k
{{{
[Components]
iis_common=On
iis_inetmgr=On
iis_www=On
iis_ftp=On
iis_htmla=Off
iis_doc=Off
iis_pwmgr=Off
iis_smtp=Off
iis_smtp_docs=Off
iis_nntp=Off
iis_nntp_docs=Off
iisdbg=Off
Fp=Off
[InternetServer]
PathFTPRoot=D:\Inetpub\ftproot
PathWWWRoot=D:\Inetpub\wwwroot
If you plan on using the server as an Exchange 2000 platform, you’ll need to enable SMTP and NNTP, as well.
Once you’ve built the script (call it IIS.txt), use Sysocmgr with the following syntax to install the components:
sysocmgr/inf:%windir%\inf\sysoc.inf /u:c:\iis.txt
}}}
here's a list for w2k3/iis6
{{{
aspnet= on/off Enable ASP.NET .
complusnetwork = on/off Enable network COM+ access.
dtcnetwork = on/off Enable network Distributed Transaction Coordinator (DTC) network access.
bitsserverextensionsisapi = on/off Enable the BITS Server Extensions ISAPI.
bitsserverextensionsmanager = on/off Enable the BITS Server Extensions snap-in.
iis_common = on/off Enable Common Files.
iis_ftp = on/off Enable the File Transfer Protocol (FTP) service.
fp_extensions = on/off Enable FrontPage® 2002 Server Extensions from Microsoft.
iis_inetmgr = on/off Enable IIS Manager.
iis_nntp = on/off Enable the Network News Transfer Protocol (NNTP) service.
iis_smtp = on/off Enable the Simple Mail Transfer Protocol (SMTP) service.
iis_asp = on/off Enable Active Server Pages (ASP).
iis_internetdataconnector = on/off Enable Internet Data Connector (IDC).
sakit_web = on/off Enable Remote Administration (HTML).
You cannot perform an unattended installation of this feature simultaneously with performing an unattended installation of the operating system.
You can perform an unattended installation of this feature if you install IIS after you have installed the operating system by using the Sysocmgr.exe command-line utility.
This feature is not available on Itanium-based computers running Windows XP 64-Bit Edition; the 64-bit version of Windows Server 2003, Enterprise Edition; or the 64-bit version of Windows Server 2003, Datacenter Edition.
tswebclient = on/off Enable remote desktop Web connection.
iis_serversideincludes = on/off Enable server-side includes (SSI).
iis_webdav = on/off Enable WebDAV publishing.
iis_www = on/off Enable the WWW service.
appsrv_console = on/off Enable Application Server Console.
This feature is not available on Itanium-based computers running Windows XP 64-Bit Edition.
inetprint = on/off Enable Internet printing.
}}}
It's a virtual box (on VMware ESX), so my fav distro, debian, isn't supported. ubuntu 8.04 is, though. Standard install of that off of the server install cd.
{{{
apt-get install ejabberd
}}}
Now it's time to play around with the config.
Goals: chatrooms, conversation logging, ad integration
Documentation: http://www.process-one.net/en/ejabberd/guide_en
{{{
Performs conditional processing in batch programs.
IF [NOT] ERRORLEVEL number command
IF [NOT] string1==string2 command
IF [NOT] EXIST filename command
NOT Specifies that Windows XP should carry out
the command only if the condition is false.
ERRORLEVEL number Specifies a true condition if the last program run
returned an exit code equal to or greater than the number
specified.
string1==string2 Specifies a true condition if the specified text strings
match.
EXIST filename Specifies a true condition if the specified filename
exists.
command Specifies the command to carry out if the condition is
met. Command can be followed by ELSE command which
will execute the command after the ELSE keyword if the
specified condition is FALSE
The ELSE clause must occur on the same line as the command after the IF. For
example:
IF EXIST filename. (
del filename.
) ELSE (
echo filename. missing.
)
The following would NOT work because the del command needs to be terminated
by a newline:
IF EXIST filename. del filename. ELSE echo filename. missing
Nor would the following work, since the ELSE command must be on the same line
as the end of the IF command:
IF EXIST filename. del filename.
ELSE echo filename. missing
The following would work if you want it all on one line:
IF EXIST filename. (del filename.) ELSE echo filename. missing
If Command Extensions are enabled IF changes as follows:
IF [/I] string1 compare-op string2 command
IF CMDEXTVERSION number command
IF DEFINED variable command
where compare-op may be one of:
EQU - equal
NEQ - not equal
LSS - less than
LEQ - less than or equal
GTR - greater than
GEQ - greater than or equal
and the /I switch, if specified, says to do case insensitive string
compares. The /I switch can also be used on the string1==string2 form
of IF. These comparisons are generic, in that if both string1 and
string2 are both comprised of all numeric digits, then the strings are
converted to numbers and a numeric comparison is performed.
The CMDEXTVERSION conditional works just like ERRORLEVEL, except it is
comparing against an internal version number associated with the Command
Extensions. The first version is 1. It will be incremented by one when
significant enhancements are added to the Command Extensions.
CMDEXTVERSION conditional is never true when Command Extensions are
disabled.
The DEFINED conditional works just like EXISTS except it takes an
environment variable name and returns true if the environment variable
is defined.
%ERRORLEVEL% will expand into a string representation of
the current value of ERRORLEVEL, provided that there is not already
an environment variable with the name ERRORLEVEL, in which case you
will get its value instead. After running a program, the following
illustrates ERRORLEVEL use:
goto answer%ERRORLEVEL%
:answer0
echo Program had return code 0
:answer1
echo Program had return code 1
You can also using the numerical comparisons above:
IF %ERRORLEVEL% LEQ 1 goto okay
%CMDCMDLINE% will expand into the original command line passed to
CMD.EXE prior to any processing by CMD.EXE, provided that there is not
already an environment variable with the name CMDCMDLINE, in which case
you will get its value instead.
%CMDEXTVERSION% will expand into a string representation of the
current value of CMDEXTVERSION, provided that there is not already
an environment variable with the name CMDEXTVERSION, in which case you
will get its value instead.
}}}
{{{
@echo off
::insightsprep.cmd
::author: me@domain.tld
::
net use z: /d /y
net use z: \\server\scriptlogicfiles\InsightsPrep /persistent:no
::install .net35
SET FileName=%windir%\Microsoft.NET\Framework\v3.5
IF NOT EXIST %FileName% (
start /wait z:\dotnetfx35.exe /passive /norestart
)
::modify registry so that authenticated users have full rights to asp.net regkey
ECHO y| SECEDIT.EXE /CONFIGURE /CFG z:\InsightsASPDotNetFix.inf /DB c:\windows\InsightsASPDotNetFix.sdb /OVERWRITE /AREAS REGKEYS /LOG c:\windows\InsightsASPDotNetFix.log /QUIET
::install crystal reports
start /wait msiexec /i z:\Insights_5_Crystal_11_5.msi /qn /norestart
::mail install link
for /f "skip=1 tokens=2" %%i in ('qwinsta.exe') do set recip=%%i
::echo %recip%
z:\blat.exe - -to %recip%@domain.tld -f me@domain.tld -server mail3.domain.tld -body "\\server\insights5deploy\Insights.application" -s "Insights Installer Link" -q
net use z: /d /y
set recip=
set filename=
}}}
!!!Change Welcome Message to indicate service downtime
#open gpedit.msc
#browse to {{{local computer policy > computer configuration > windows settings > security settings > local policies > security options}}}
#change text for {{{Interactive logon: Message text for users attempting to logon}}}
!!!Disable logins
#open command prompt
#run: {{{change logon /disable}}}
!!!Change to install mode
#open command prompt
#run: {{{change user /install}}}
!!!Install app
#follow application installation instructions
!!!Change to execute mode
#open command prompt
#run: {{{change user /execute}}}
!!!Enable logins
#open command prompt
#run: {{{change logon /enable}}}
/***
|Name:|InstantTimestampPlugin|
|Description:|A handy way to insert timestamps in your tiddler content|
|Version:|1.0.10 ($Rev: 3646 $)|
|Date:|$Date: 2008-02-27 02:34:38 +1000 (Wed, 27 Feb 2008) $|
|Source:|http://mptw.tiddlyspot.com/#InstantTimestampPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License:|http://mptw.tiddlyspot.com/#TheBSDLicense|
!!Usage
If you enter {ts} in your tiddler content (without the spaces) it will be replaced with a timestamp when you save the tiddler. Full list of formats:
* {ts} or {t} -> timestamp
* {ds} or {d} -> datestamp
* !ts or !t at start of line -> !!timestamp
* !ds or !d at start of line -> !!datestamp
(I added the extra ! since that's how I like it. Remove it from translations below if required)
!!Notes
* Change the timeFormat and dateFormat below to suit your preference.
* See also http://mptw2.tiddlyspot.com/#AutoCorrectPlugin
* You could invent other translations and add them to the translations array below.
***/
//{{{
config.InstantTimestamp = {
// adjust to suit
timeFormat: 'DD/0MM/YY 0hh:0mm',
dateFormat: 'DD/0MM/YY',
translations: [
[/^!ts?$/img, "'!!{{ts{'+now.formatString(config.InstantTimestamp.timeFormat)+'}}}'"],
[/^!ds?$/img, "'!!{{ds{'+now.formatString(config.InstantTimestamp.dateFormat)+'}}}'"],
// thanks Adapted Cat
[/\{ts?\}(?!\}\})/ig,"'{{ts{'+now.formatString(config.InstantTimestamp.timeFormat)+'}}}'"],
[/\{ds?\}(?!\}\})/ig,"'{{ds{'+now.formatString(config.InstantTimestamp.dateFormat)+'}}}'"]
],
excludeTags: [
"noAutoCorrect",
"noTimestamp",
"html",
"CSS",
"css",
"systemConfig",
"systemConfigDisabled",
"zsystemConfig",
"Plugins",
"Plugin",
"plugins",
"plugin",
"javascript",
"code",
"systemTheme",
"systemPalette"
],
excludeTiddlers: [
"StyleSheet",
"StyleSheetLayout",
"StyleSheetColors",
"StyleSheetPrint"
// more?
]
};
TiddlyWiki.prototype.saveTiddler_mptw_instanttimestamp = TiddlyWiki.prototype.saveTiddler;
TiddlyWiki.prototype.saveTiddler = function(title,newTitle,newBody,modifier,modified,tags,fields,clearChangeCount,created) {
tags = (typeof(tags) == "string") ? tags.readBracketedList() : tags;
var conf = config.InstantTimestamp;
if ( !tags.containsAny(conf.excludeTags) && !conf.excludeTiddlers.contains(newTitle) ) {
var now = new Date();
var trans = conf.translations;
for (var i=0;i<trans.length;i++) {
newBody = newBody.replace(trans[i][0], eval(trans[i][1]));
}
}
// TODO: use apply() instead of naming all args?
return this.saveTiddler_mptw_instanttimestamp(title,newTitle,newBody,modifier,modified,tags,fields,clearChangeCount,created);
}
// you can override these in StyleSheet
setStylesheet(".ts,.ds { background-color:#ddd; font-style:italic; }","instantTimestampStyles");
//}}}
bounce back book: http://www.amazon.com/Bounce-Back-Book-Adversity-Setbacks/dp/076114627X/ref=pd_bbs_sr_1?ie=UTF8&s=books&qid=1213964816&sr=8-1
never ending list:
http://www.huffingtonpost.com/linda-stone/is-it-time-to-retire-the_b_106624.html
http://communities.vmware.com/docs/DOC-9279
Interviewing job candidates is tough, especially because some candidates are a lot better at interviewing than they are at working.
To get the core info you need about the candidates you interview, here's a simple but incredibly effective interview technique I learned from John Younger, the CEO of Accolo, a cloud recruiting solutions provider. (If you think you've conducted a lot of interviews, think again: Younger has interviewed thousands of people.)
Here's how it works. Just start from the beginning of the candidate's work history and work your way through each subsequent job. Move quickly, and don't ask for detail. And don't ask follow-up questions, at least not yet.
Go through each job and ask the same three questions:
1. How did you find out about the job?
2. What did you like about the job before you started?
3. Why did you leave?
"What's amazing," Younger says, "is that after a few minutes, you will always have learned something about the candidate-whether positive or negative-that you would never have learned otherwise."
Here's why:
How did you find out about the job?
Job boards, general postings, online listings, job fairs-most people find their first few jobs that way, so that's certainly not a red flag.
But a candidate who continues to find each successive job from general postings probably hasn't figured out what he or she wants to do-and where he or she would like to do it.
He or she is just looking for a job; often, any job.
And that probably means he or she isn't particularly eager to work for you. He or she just wants a job. Yours will do-until something else comes along.
"Plus, by the time you get to Job Three, Four, or Five in your career, and you haven't been pulled into a job by someone you previously worked for, that's a red flag," Younger says. "That shows you didn't build relationships, develop trust, and show a level of competence that made someone go out of their way to bring you into their organization."
On the flip side, being pulled in is like a great reference-without the letter.
What did you like about the job before you started?
In time, interviewees should describe the reason they took a particular job for more specific reasons than "great opportunity," "chance to learn about the industry," or "next step in my career."
Great employees don't work hard because of lofty titles or huge salaries. They work hard because they appreciate their work environment and enjoy what they do. (Titles and salary are just icing on the fulfillment cake.)
That means they know the kind of environment they will thrive in, and they know the type of work that motivates and challenges them-and not only can they describe it, they actively seek it.
Why did you leave?
Sometimes people leave for a better opportunity. Sometimes they leave for more money.
Often, though, they leave because an employer is too demanding. Or the employee doesn't get along with his or her boss. Or the employee doesn't get along with co-workers.
When that is the case, don't be judgmental. Resist the temptation to ask for detail. Hang on to follow-ups. Stick to the rhythm of the three questions. That makes it natural for candidates to be more open and candid.
In the process, many candidates will describe issues with management or disagreements with other employees or with taking responsibility-issues they otherwise would not have shared.
Then follow up on patterns that concern you.
"It's a quick way to get to get to the heart of a candidate's sense of teamwork and responsibility," Younger says. "Some people never take ownership and always see problems as someone else's problem. And some candidates have consistently had problems with their bosses-which means they'll also have issues with you."
And a bonus question:
How many people have you hired, and where did you find them?
Say you're interviewing candidates for a leadership position. Want to know how their direct reports feel about them?
Don't look only for candidates who were brought into an organization by someone else; look for candidates who brought employees into their organization.
"Great employees go out of their way to work with great leaders," Younger says. "If you're tough but fair, and you treat people well, they will go out of their way to work with you. The fact that employees changed jobs just so they could work for you speaks volumes to your leadership and people skills."
Jeff Haden learned much of what he knows about business and technology as he worked his way up in the manufacturing industry. Everything else he picks up from ghostwriting books for some of the smartest leaders he knows in business. @jeff_haden
5 Questions Great Job Candidates Ask
Many of the questions potential new hires ask are throwaways. But not these.
Be honest. Raise your hand if you feel the part of the job interview where you ask the candidate, "Do you have any questions for me?" is almost always a waste of time.
Thought so.
The problem is most candidates don't actually care about your answers; they just hope to make themselves look good by asking "smart" questions. To them, what they ask is more important than how you answer.
Great candidates ask questions they want answered because they're evaluating you, your company-and whether they really want to work for you.
Here are five questions great candidates ask:
What do you expect me to accomplish in the first 60 to 90 days?
Great candidates want to hit the ground running. They don't want to spend weeks or months "getting to know the organization."
They want to make a difference-right away.
What are the common attributes of your top performers?
Great candidates also want to be great long-term employees. Every organization is different, and so are the key qualities of top performers in those organizations.
Maybe your top performers work longer hours. Maybe creativity is more important than methodology. Maybe constantly landing new customers in new markets is more important than building long-term customer relationships. Maybe it's a willingness to spend the same amount of time educating an entry-level customer as helping an enthusiast who wants high-end equipment.
Great candidates want to know, because 1) they want to know if they fit, and 2) if they do fit, they want to be a top performer.
What are a few things that really drive results for the company?
Employees are investments, and every employee should generate a positive return on his or her salary. (Otherwise why are they on the payroll?)
In every job some activities make a bigger difference than others. You need your HR folks to fill job openings... but what you really want is for HR to find the right candidates because that results in higher retention rates, lower training costs, and better overall productivity.
Great candidates want to know what truly makes a difference. They know helping the company succeed means they succeed as well.
What do employees do in their spare time?
Happy employees 1) like what they do and 2) like the people they work with.
Granted this is a tough question to answer. Unless the company is really small, all any interviewer can do is speak in generalities.
What's important is that the candidate wants to make sure they have a reasonable chance of fitting in-because great job candidates usually have options.
How do you plan to deal with...?
Every business faces a major challenge: technological changes, competitors entering the market, shifting economic trends... there's rarely a Warren Buffett moat protecting a small business.
So while a candidate may see your company as a stepping-stone, they still hope for growth and advancement... and if they do eventually leave, they want it to be on their terms and not because you were forced out of business.
Say I'm interviewing for a position at your bike shop. Another shop is opening less than a mile away: How do you plan to deal with the new competitor? Or you run a poultry farm (a huge industry in my area): What will you do to deal with rising feed costs?
A great candidate doesn't just want to know what you think; they want to know what you plan to do-and how they will fit into those plans.
http://www.nslu2-linux.org/wiki/HowTo/MountDisksByLabel
/***
|Name:|LessBackupsPlugin|
|Description:|Intelligently limit the number of backup files you create|
|Version:|3.0.1 ($Rev: 2320 $)|
|Date:|$Date: 2007-06-18 22:37:46 +1000 (Mon, 18 Jun 2007) $|
|Source:|http://mptw.tiddlyspot.com/#LessBackupsPlugin|
|Author:|Simon Baird|
|Email:|simon.baird@gmail.com|
|License:|http://mptw.tiddlyspot.com/#TheBSDLicense|
!!Description
You end up with just backup one per year, per month, per weekday, per hour, minute, and second. So total number won't exceed about 200 or so. Can be reduced by commenting out the seconds/minutes/hours line from modes array
!!Notes
Works in IE and Firefox only. Algorithm by Daniel Baird. IE specific code by by Saq Imtiaz.
***/
//{{{
var MINS = 60 * 1000;
var HOURS = 60 * MINS;
var DAYS = 24 * HOURS;
if (!config.lessBackups) {
config.lessBackups = {
// comment out the ones you don't want or set config.lessBackups.modes in your 'tweaks' plugin
modes: [
["YYYY", 365*DAYS], // one per year for ever
["MMM", 31*DAYS], // one per month
["ddd", 7*DAYS], // one per weekday
//["d0DD", 1*DAYS], // one per day of month
["h0hh", 24*HOURS], // one per hour
["m0mm", 1*HOURS], // one per minute
["s0ss", 1*MINS], // one per second
["latest",0] // always keep last version. (leave this).
]
};
}
window.getSpecialBackupPath = function(backupPath) {
var now = new Date();
var modes = config.lessBackups.modes;
for (var i=0;i<modes.length;i++) {
// the filename we will try
var specialBackupPath = backupPath.replace(/(\.)([0-9]+\.[0-9]+)(\.html)$/,
'$1'+now.formatString(modes[i][0]).toLowerCase()+'$3')
// open the file
try {
if (config.browser.isIE) {
var fsobject = new ActiveXObject("Scripting.FileSystemObject")
var fileExists = fsobject.FileExists(specialBackupPath);
if (fileExists) {
var fileObject = fsobject.GetFile(specialBackupPath);
var modDate = new Date(fileObject.DateLastModified).valueOf();
}
}
else {
netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
var file = Components.classes["@mozilla.org/file/local;1"].createInstance(Components.interfaces.nsILocalFile);
file.initWithPath(specialBackupPath);
var fileExists = file.exists();
if (fileExists) {
var modDate = file.lastModifiedTime;
}
}
}
catch(e) {
// give up
return backupPath;
}
// expiry is used to tell if it's an 'old' one. Eg, if the month is June and there is a
// June file on disk that's more than an month old then it must be stale so overwrite
// note that "latest" should be always written because the expiration period is zero (see above)
var expiry = new Date(modDate + modes[i][1]);
if (!fileExists || now > expiry)
return specialBackupPath;
}
}
// hijack the core function
window.getBackupPath_mptw_orig = window.getBackupPath;
window.getBackupPath = function(localPath) {
return getSpecialBackupPath(getBackupPath_mptw_orig(localPath));
}
//}}}
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2219
{{{
Linux Guest Clock Runs Slowly on ESX Server 3
Products
VMware ESX
Details
Why does the clock in my Linux guest run more slowly than real time?
Solution
ESX Server 3.x (and earlier versions) programs the physical timer hardware to deliver between 1000 and 2500 clock interrupts per second per CPU, depending on the requirements of the virtual machines being run. This is ordinarily enough for all guest operating systems in their default configurations. However, it is possible for a guest to require a higher virtual clock interrupt rate. For example, a guest that uses the Linux /dev/rtc feature can request over 8000 virtual clock interrupts per second. ESX Server generally cannot sustain a virtual clock interrupt rate higher than the real hardware rate.
With ESX Server 3, you can increase the maximum hardware clock interrupt rate to correct this problem, at the cost of increased CPU overhead for interrupt handling. To do so, perform the following steps:
1. Log on to VI Client as root.
2.
Select the relevant ESX Server host.
3.
Go to the Configuration tab and look under Software.
4.
Choose Advanced Settings > Misc.
5.
Scroll to the Misc.TimerMinHardPeriod parameter and click the current value. This opens a new window where you can update the value.
6.
Type a new value, then click the OK button to exit. The default value is 400; that is, a minimum of 400 microseconds between interrupts, or in other words, 2500 interrupts per second.
Important: If the clock in your Linux guest is running faster than real time, do not attempt to change TimerMinHardPeriod to slow it down. It is impossible to achieve correct timekeeping that way. Instead, see http://kb.vmware.com/kb/1420 for an explanation of this issue and a correct workaround.
Neither ESX Server nor the guest need to be rebooted after changing TimerMinHardPeriod.
This workaround does not apply to VMware products other than ESX Server 3. For a similar workaround that applies to ESX Server version 2, refer to Linux Guest Clock Runs Slowly on ESX Server 2 (kb.vmware.com/kb/1518). For a similar workaround that applies to some Linux hosts with VMware Workstation or GSX Server, refer to Virtual Machine Seems Slow when Running a Particular Program - Clock Issue (kb.vmware.com/kb/892). For additional information about timekeeping in virtual machines, see the following white paper at www.vmware.com/pdf/vmware_timekeeping.pdf.
Note: If you implemented Linux Guest Clock Runs Slowly on ESX Server 2 (kb.vmware.com/kb/1518) on your ESX Server 2 system, you generally don't need to re-implement this workaround after upgrading to ESX Server 3.
}}}
/***
|''Name:''|LoadRemoteFileThroughProxy (previous LoadRemoteFileHijack)|
|''Description:''|When the TiddlyWiki file is located on the web (view over http) the content of [[SiteProxy]] tiddler is added in front of the file url. If [[SiteProxy]] does not exist "/proxy/" is added. |
|''Version:''|1.1.0|
|''Date:''|mar 17, 2007|
|''Source:''|http://tiddlywiki.bidix.info/#LoadRemoteFileHijack|
|''Author:''|BidiX (BidiX (at) bidix (dot) info)|
|''License:''|[[BSD open source license|http://tiddlywiki.bidix.info/#%5B%5BBSD%20open%20source%20license%5D%5D ]]|
|''~CoreVersion:''|2.2.0|
***/
//{{{
version.extensions.LoadRemoteFileThroughProxy = {
major: 1, minor: 1, revision: 0,
date: new Date("mar 17, 2007"),
source: "http://tiddlywiki.bidix.info/#LoadRemoteFileThroughProxy"};
if (!window.bidix) window.bidix = {}; // bidix namespace
if (!bidix.core) bidix.core = {};
bidix.core.loadRemoteFile = loadRemoteFile;
loadRemoteFile = function(url,callback,params)
{
if ((document.location.toString().substr(0,4) == "http") && (url.substr(0,4) == "http")){
url = store.getTiddlerText("SiteProxy", "/proxy/") + url;
}
return bidix.core.loadRemoteFile(url,callback,params);
}
//}}}
{{{
Jeff writes:
> is there a preferred method to logging bash scripts, especially from a
> cron job?
There are many options; it sort of depends on what you're looking to
record.
* Redirection in shell scripts
You can redirect all output from a shell script by inserting a call to
the "exec" builtin, as in the following transcript:
$ cat > redirection-demonstration.sh
#!/bin/sh
exec > /tmp/redirection-demonstration.txt
echo "This line will go to that file"
^D
$ chmod 755 redirection-demonstration.sh
$ ./redirection-demonstration.sh
$ cat /tmp/redirection-demonstration.txt
This line will go to that file
(That this works as it does is just an obscure detail of the POSIX
shell: the exec builtin doubles both as a way of invoking a program
and as a way to manipulate file descriptors.)
* Tracing shell scripts
The shell has an option, -x, which makes the shell write every command
to standard error before execution. These traces can therefore record
everything a script does. You can turn tracing on or off for regions
in a program via the set builtin:
$ cat > trace-demonstration.sh
#!/bin/sh
echo "Hello from $0"
set -x # Turn tracing /on/
if test $((`date +%s` % 2)) -eq 0; then
echo "The current second is even"
else
echo "The current second is odd"
fi
set +x # Turn tracing /off/
echo "Goodbye from $0"
^D
$ chmod 755 trace-demonstration.sh
$ ./trace-demonstration.sh
Hello from ./trace-demonstration.sh
++ date +%s
+ test 1 -eq 0
+ echo 'The current second is odd'
The current second is odd
+ set +x
Goodbye from ./trace-demonstration.sh
Combining tracing with redirection can be handy:
$ cat > trace-and-redirection-demonstration.sh
exec >& /tmp/trace-and-redirection-demonstration.txt 2>&1
echo "Hello from $0"
set -x # Turn tracing /on/
if test $((`date +%s` % 2)) -eq 0; then
echo "The current second is even"
else
echo "The current second is odd"
fi
set +x # Turn tracing /off/
echo "Goodbye from $0"
^D
$ chmod 755 trace-and-redirection-demonstration.sh
$ ./trace-and-redirection-demonstration.sh
$ cat /tmp/trace-and-redirection-demonstration.txt
Hello from ./trace-and-redirection-demonstration.sh
+++ date +%s
++ test 0 -eq 0
++ echo 'The current second is even'
The current second is even
++ set +x
Goodbye from ./trace-and-redirection-demonstration.sh
* Logging via syslog
There's a command called "logger" which sends a message to the system
log facility. An example use:
$ cat > logger-demonstration.sh
#!/bin/sh
logger "message from $0: fooooo!"
^D
$ chmod 755 logger-demonstration.sh
$ ./logger-demonstration.sh
$ su -c "tail -1 /var/log/syslog"
Password:
Oct 6 10:43:33 tan-ru logger: message from ./logger-demonstration.sh: fooooo!
The standard doesn't mandate any options for the logger command, so
all you can do portably across conforming POSIX platforms is send a
string as above. However, the implementation of logger on the Debian
and NetBSD hosts I can reach has many nifty extensions, including an
option for sending a whole file to syslog. With this option, it
becomes possible to combine redirection, tracing, and logging to
syslog:
$ cat > trace-and-redirection-and-logger-demonstration.sh
#!/bin/sh
exec > /tmp/trace-and-redirection-and-logger-demonstration.txt 2>&1
echo "Hello from $0"
set -x # Turn tracing /on/
if test $((`date +%s` % 2)) -eq 0; then
echo "The current second is even"
else
echo "The current second is odd"
fi
set +x # Turn tracing /off/
echo "Goodbye from $0"
logger -f /tmp/trace-and-redirection-and-logger-demonstration.txt
$ chmod 755 trace-and-redirection-and-logger-demonstration.sh
$ ./trace-and-redirection-and-logger-demonstration.sh
$ su -c "tail -7 /var/log/syslog"
Password:
Oct 6 11:39:41 tan-ru logger: Hello from ./trace-and-redirection-and-logger-demonstration.sh
Oct 6 11:39:41 tan-ru logger: ++ date +%s
Oct 6 11:39:41 tan-ru logger: + test 1 -eq 0
Oct 6 11:39:41 tan-ru logger: + echo 'The current second is odd'
Oct 6 11:39:41 tan-ru logger: The current second is odd
Oct 6 11:39:41 tan-ru logger: + set +x
Oct 6 11:39:41 tan-ru logger: Goodbye from ./trace-and-redirection-and-logger-demonstration.sh
Some upsides to logging via syslog are that you get automatic,
consistently formatted timestamps, that syslog can be configured in
various flexible ways (including shipping messages to another host on
a network), and that system logs are likely already to be managed by
something like logrotate, so you don't have to roll your own facility
for cleaning up after your cron jobs [1].
--
The Other Marty
[1] In the examples above, I used constant filenames in /tmp, and left
those files behind. In a real script, I'd use mktemp to generate
fresh files for writing into, and then either delete or rename those
files once the program stops doing I/O. For temporary files that
should not exist after the program exits, the trap shell builtin can
run a command at exit-time. So the last program should probably be
written like this:
#!/bin/sh
output_and_error_tempfile="`mktemp`"
trap "rm \"$output_and_error_tempfile\"" 0
exec > "$output_and_error_tempfile" 2>&1
echo "Hello from $0"
set -x # Turn tracing /on/
if test $((`date +%s` % 2)) -eq 0; then
echo "The current second is even"
else
echo "The current second is odd"
fi
set +x # Turn tracing /off/
echo "Goodbye from $0"
logger -f "$output_and_error_tempfile"
}}}
MPTW is a distribution or edition of TiddlyWiki that includes a standard TiddlyWiki core packaged with some plugins designed to improve usability and provide a better way to organise your information. For more information see http://mptw.tiddlyspot.com/.
{{{
dpkg-reconfigure exim4-config
apt-get install mailutils
}}}
[[Home|127.0.0.1]] [[Other]] [[More]]
from 0.53 change log:
<<<
Enable handling of {{{telnet://hostname:port/}}} ~URLs on the command line. With this feature, you can now set ~PuTTY as the default handler for Telnet ~URLs. If you run the Registry Editor and set the value in ~HKEY_CLASSES_ROOT\telnet\shell\open\command to be "\path\to\putty.exe %1" (with the full pathname of your ~PuTTY executable), you should find that clicking on telnet links in your web browser now runs ~PuTTY.
<<
{{{
@echo off
set drive=
for /f "tokens=2" %%a in ('net use * \\SERVER\SHARE password /user:fileserver\administrator /persistent:no 2^>NUL ^| findstr "Drive"') do (
set drive=%%a
)
if "%drive%"=="" (
echo Could not map to server.
pause
goto :EOF
)
echo Drive: %drive%
net use %drive% /del >NUL 2>&1
}}}
65.52.0.0/14 (255.252.0.0)
64.4.0.0/18 (255.255.192.0)
Monitoring the NTP Service
Perform these steps as root on the service console.
#After you have edited the previous files, restart the NTP service.
##To restart the service now, run:
###{{{service ntpd restart}}}
##To enable the NTP daemon to autostart when the server is rebooted, run:
###{{{chkconfig --level 345 ntpd on}}}
#Now you can set the local hardware clock to the NTP synchronized local system time. Run:
##{{{hwclock --systohc}}}
##As ntpd successfully polls NTP servers, the kernel automatically sets the hardware clock to the system clock time periodically.
#Monitor the NTP service as desired:
##To see the offset (in seconds) between the local clock and the source clock, run:
###{{{ntpdate -q time_server_name_or_ip_address}}}
##If the correction resulting from synchronizing the local clock with the time server is large enough, it could affect the operating systems or applications running in virtual machines when they synchronize their clocks with the ESX Server system on which they are running.
##To watch the status of the ntpd process, run:
###{{{watch "ntpq -p"}}}
###Press Ctrl-c to stop watching the process
###Note the information in the following columns:
####The character in the first column indicates the quality of the source.
####The asterisk ( * ) indicates the source is the current reference.
####{{{remote}}} lists the IP address or host name of the source.
####{{{when}}} indicates how many seconds have passed since the source was polled.
####{{{poll}}} indicates the polling interval. This value increases depending on the accuracy of the local clock.
####{{{reach}}} is an octal number that indicates reachability of the source. A value of 377 indicates the source has answered the last eight consecutive polls.
####{{{offset}}} is the time difference between the source and the local clock in milliseconds.
###Note: If ntpq -p returns ntpq: read: Connection refused, check /var/log/messages for a more detailed error message.
Additional documentation for NTP is available at http://ntp.isc.org/bin/view/Main/DocumentationIndex.
from http://kb.vmware.com/selfservice/viewContent.do?externalId=1339
In monospaced text, also known as non-proportional text, all the characters are of an equal width. So while in a normal font, i is thinner than W is, in {{{monospaced text, i and W are the same width}}}. It is primarily used in programming manuals and sites to identify blocks of code.
Also, <<tag Formatting>> and [[macros|Macros]] that are in a monospaced block are not executed. For example:
{{{
<<today>>
}}}
To add a monotype text block, enclose the text in triple squiggly-brackets:
{{{
{{{This is monotype}}}
}}}
Export dhcp database on server1:
{{{
netsh dhcp server export <filename> all
}}}
Import dhcp database on server2:
{{{
netsh dhcp server import <filename> all
}}}
See http://support.microsoft.com/kb/325473 for more info.
Name: MptwBlack
Background: #000
Foreground: #fff
PrimaryPale: #333
PrimaryLight: #555
PrimaryMid: #888
PrimaryDark: #aaa
SecondaryPale: #111
SecondaryLight: #222
SecondaryMid: #555
SecondaryDark: #888
TertiaryPale: #222
TertiaryLight: #666
TertiaryMid: #888
TertiaryDark: #aaa
Error: #300
This is in progress. Help appreciated.
Name: MptwBlue
Background: #fff
Foreground: #000
PrimaryPale: #cdf
PrimaryLight: #57c
PrimaryMid: #114
PrimaryDark: #012
SecondaryPale: #ffc
SecondaryLight: #fe8
SecondaryMid: #db4
SecondaryDark: #841
TertiaryPale: #eee
TertiaryLight: #ccc
TertiaryMid: #999
TertiaryDark: #666
Error: #f88
/***
|Name:|MptwConfigPlugin|
|Description:|Miscellaneous tweaks used by MPTW|
|Version:|1.0 ($Rev: 3646 $)|
|Date:|$Date: 2008-02-27 02:34:38 +1000 (Wed, 27 Feb 2008) $|
|Source:|http://mptw.tiddlyspot.com/#MptwConfigPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License:|http://mptw.tiddlyspot.com/#MptwConfigPlugin|
!!Note: instead of editing this you should put overrides in MptwUserConfigPlugin
***/
//{{{
var originalReadOnly = readOnly;
config.options.chkHttpReadOnly = false; // means web visitors can experiment with your site by clicking edit
readOnly = false; // needed because the above doesn't work any more post 2.1 (??)
config.options.chkInsertTabs = true; // tab inserts a tab when editing a tiddler
config.views.wikified.defaultText = ""; // don't need message when a tiddler doesn't exist
config.views.editor.defaultText = ""; // don't need message when creating a new tiddler
config.options.chkAutoSave = true; // do autosave
config.options.chkSaveBackups = true; // do save backups
config.options.txtBackupFolder = 'twbackup'; // put backups in a backups folder
config.mptwVersion = "2.4.0";
config.macros.mptwVersion={handler:function(place){wikify(config.mptwVersion,place);}};
if (config.options.txtTheme == '')
config.options.txtTheme = 'MptwTheme';
// add to default GettingStarted
config.shadowTiddlers.GettingStarted += "\n\nSee also [[MPTW]].";
// add select theme and palette controls in default OptionsPanel
config.shadowTiddlers.OptionsPanel = config.shadowTiddlers.OptionsPanel.replace(/(\n\-\-\-\-\nAlso see AdvancedOptions)/, "{{select{<<selectTheme>>\n<<selectPalette>>}}}$1");
// these are used by ViewTemplate
config.mptwDateFormat = 'DD/MM/YY';
config.mptwJournalFormat = 'Journal DD/MM/YY';
//}}}
Name: MptwGreen
Background: #fff
Foreground: #000
PrimaryPale: #9b9
PrimaryLight: #385
PrimaryMid: #031
PrimaryDark: #020
SecondaryPale: #ffc
SecondaryLight: #fe8
SecondaryMid: #db4
SecondaryDark: #841
TertiaryPale: #eee
TertiaryLight: #ccc
TertiaryMid: #999
TertiaryDark: #666
Error: #f88
Name: MptwRed
Background: #fff
Foreground: #000
PrimaryPale: #eaa
PrimaryLight: #c55
PrimaryMid: #711
PrimaryDark: #500
SecondaryPale: #ffc
SecondaryLight: #fe8
SecondaryMid: #db4
SecondaryDark: #841
TertiaryPale: #eee
TertiaryLight: #ccc
TertiaryMid: #999
TertiaryDark: #666
Error: #f88
|Name|MptwRounded|
|Description|Mptw Theme with some rounded corners (Firefox only)|
|ViewTemplate|MptwTheme##ViewTemplate|
|EditTemplate|MptwTheme##EditTemplate|
|PageTemplate|MptwTheme##PageTemplate|
|StyleSheet|##StyleSheet|
!StyleSheet
/*{{{*/
[[MptwTheme##StyleSheet]]
.tiddler,
.sliderPanel,
.button,
.tiddlyLink,
.tabContents
{ -moz-border-radius: 1em; }
.tab {
-moz-border-radius-topleft: 0.5em;
-moz-border-radius-topright: 0.5em;
}
#topMenu {
-moz-border-radius-bottomleft: 2em;
-moz-border-radius-bottomright: 2em;
}
/*}}}*/
Name: MptwSmoke
Background: #fff
Foreground: #000
PrimaryPale: #aaa
PrimaryLight: #777
PrimaryMid: #111
PrimaryDark: #000
SecondaryPale: #ffc
SecondaryLight: #fe8
SecondaryMid: #db4
SecondaryDark: #841
TertiaryPale: #eee
TertiaryLight: #ccc
TertiaryMid: #999
TertiaryDark: #666
Error: #f88
|Name|MptwStandard|
|Description|Mptw Theme with the default TiddlyWiki PageLayout and Styles|
|ViewTemplate|MptwTheme##ViewTemplate|
|EditTemplate|MptwTheme##EditTemplate|
Name: MptwTeal
Background: #fff
Foreground: #000
PrimaryPale: #B5D1DF
PrimaryLight: #618FA9
PrimaryMid: #1a3844
PrimaryDark: #000
SecondaryPale: #ffc
SecondaryLight: #fe8
SecondaryMid: #db4
SecondaryDark: #841
TertiaryPale: #f8f8f8
TertiaryLight: #bbb
TertiaryMid: #999
TertiaryDark: #888
Error: #f88
|Name|MptwTheme|
|Description|Mptw Theme including custom PageLayout|
|PageTemplate|##PageTemplate|
|ViewTemplate|##ViewTemplate|
|EditTemplate|##EditTemplate|
|StyleSheet|##StyleSheet|
http://mptw.tiddlyspot.com/#MptwTheme ($Rev: 1829 $)
!PageTemplate
<!--{{{-->
<div class='header' macro='gradient vert [[ColorPalette::PrimaryLight]] [[ColorPalette::PrimaryMid]]'>
<div class='headerShadow'>
<span class='siteTitle' refresh='content' tiddler='SiteTitle'></span>
<span class='siteSubtitle' refresh='content' tiddler='SiteSubtitle'></span>
</div>
<div class='headerForeground'>
<span class='siteTitle' refresh='content' tiddler='SiteTitle'></span>
<span class='siteSubtitle' refresh='content' tiddler='SiteSubtitle'></span>
</div>
</div>
<!-- horizontal MainMenu -->
<div id='topMenu' refresh='content' tiddler='MainMenu'></div>
<!-- original MainMenu menu -->
<!-- <div id='mainMenu' refresh='content' tiddler='MainMenu'></div> -->
<div id='sidebar'>
<div id='sidebarOptions' refresh='content' tiddler='SideBarOptions'></div>
<div id='sidebarTabs' refresh='content' force='true' tiddler='SideBarTabs'></div>
</div>
<div id='displayArea'>
<div id='messageArea'></div>
<div id='tiddlerDisplay'></div>
</div>
<!--}}}-->
!ViewTemplate
<!--{{{-->
[[MptwTheme##ViewTemplateToolbar]]
<div class="tagglyTagged" macro="tags"></div>
<div class='titleContainer'>
<span class='title' macro='view title'></span>
<span macro="miniTag"></span>
</div>
<div class='subtitle'>
(updated <span macro='view modified date {{config.mptwDateFormat?config.mptwDateFormat:"MM/0DD/YY"}}'></span>
by <span macro='view modifier link'></span>)
<!--
(<span macro='message views.wikified.createdPrompt'></span>
<span macro='view created date {{config.mptwDateFormat?config.mptwDateFormat:"MM/0DD/YY"}}'></span>)
-->
</div>
<div macro="showWhen tiddler.tags.containsAny(['css','html','pre','systemConfig']) && !tiddler.text.match('{{'+'{')">
<div class='viewer'><pre macro='view text'></pre></div>
</div>
<div macro="else">
<div class='viewer' macro='view text wikified'></div>
</div>
<div class="tagglyTagging" macro="tagglyTagging"></div>
<!--}}}-->
!ViewTemplateToolbar
<!--{{{-->
<div class='toolbar'>
<span macro="showWhenTagged systemConfig">
<span macro="toggleTag systemConfigDisable . '[[disable|systemConfigDisable]]'"></span>
</span>
<span macro="showWhenTagged systemTheme"><span macro="applyTheme"></span></span>
<span macro="showWhenTagged systemPalette"><span macro="applyPalette"></span></span>
<span macro="showWhen tiddler.tags.contains('css') || tiddler.title == 'StyleSheet'"><span macro="refreshAll"></span></span>
<span style="padding:1em;"></span>
<span macro='toolbar closeTiddler closeOthers +editTiddler deleteTiddler > fields syncing permalink references jump'></span> <span macro='newHere label:"new here"'></span>
<span macro='newJournalHere {{config.mptwJournalFormat?config.mptwJournalFormat:"MM/0DD/YY"}}'></span>
</div>
<!--}}}-->
!EditTemplate
<!--{{{-->
<div class="toolbar" macro="toolbar +saveTiddler saveCloseTiddler closeOthers -cancelTiddler cancelCloseTiddler deleteTiddler"></div>
<div class="title" macro="view title"></div>
<div class="editLabel">Title</div><div class="editor" macro="edit title"></div>
<div macro='annotations'></div>
<div class="editLabel">Content</div><div class="editor" macro="edit text"></div>
<div class="editLabel">Tags</div><div class="editor" macro="edit tags"></div>
<div class="editorFooter"><span macro="message views.editor.tagPrompt"></span><span macro="tagChooser"></span></div>
<!--}}}-->
!StyleSheet
/*{{{*/
/* a contrasting background so I can see where one tiddler ends and the other begins */
body {
background: [[ColorPalette::TertiaryLight]];
}
/* sexy colours and font for the header */
.headerForeground {
color: [[ColorPalette::PrimaryPale]];
}
.headerShadow, .headerShadow a {
color: [[ColorPalette::PrimaryMid]];
}
/* separate the top menu parts */
.headerForeground, .headerShadow {
padding: 1em 1em 0;
}
.headerForeground, .headerShadow {
font-family: 'Trebuchet MS' sans-serif;
font-weight:bold;
}
.headerForeground .siteSubtitle {
color: [[ColorPalette::PrimaryLight]];
}
.headerShadow .siteSubtitle {
color: [[ColorPalette::PrimaryMid]];
}
/* make shadow go and down right instead of up and left */
.headerShadow {
left: 1px;
top: 1px;
}
/* prefer monospace for editing */
.editor textarea, .editor input {
font-family: 'Consolas' monospace;
background-color:[[ColorPalette::TertiaryPale]];
}
/* sexy tiddler titles */
.title {
font-size: 250%;
color: [[ColorPalette::PrimaryLight]];
font-family: 'Trebuchet MS' sans-serif;
}
/* more subtle tiddler subtitle */
.subtitle {
padding:0px;
margin:0px;
padding-left:1em;
font-size: 90%;
color: [[ColorPalette::TertiaryMid]];
}
.subtitle .tiddlyLink {
color: [[ColorPalette::TertiaryMid]];
}
/* a little bit of extra whitespace */
.viewer {
padding-bottom:3px;
}
/* don't want any background color for headings */
h1,h2,h3,h4,h5,h6 {
background-color: transparent;
color: [[ColorPalette::Foreground]];
}
/* give tiddlers 3d style border and explicit background */
.tiddler {
background: [[ColorPalette::Background]];
border-right: 2px [[ColorPalette::TertiaryMid]] solid;
border-bottom: 2px [[ColorPalette::TertiaryMid]] solid;
margin-bottom: 1em;
padding:1em 2em 2em 1.5em;
}
/* make options slider look nicer */
#sidebarOptions .sliderPanel {
border:solid 1px [[ColorPalette::PrimaryLight]];
}
/* the borders look wrong with the body background */
#sidebar .button {
border-style: none;
}
/* this means you can put line breaks in SidebarOptions for readability */
#sidebarOptions br {
display:none;
}
/* undo the above in OptionsPanel */
#sidebarOptions .sliderPanel br {
display:inline;
}
/* horizontal main menu stuff */
#displayArea {
margin: 1em 15.7em 0em 1em; /* use the freed up space */
}
#topMenu br {
display: none;
}
#topMenu {
background: [[ColorPalette::PrimaryMid]];
color:[[ColorPalette::PrimaryPale]];
}
#topMenu {
padding:2px;
}
#topMenu .button, #topMenu .tiddlyLink, #topMenu a {
margin-left: 0.5em;
margin-right: 0.5em;
padding-left: 3px;
padding-right: 3px;
color: [[ColorPalette::PrimaryPale]];
font-size: 115%;
}
#topMenu .button:hover, #topMenu .tiddlyLink:hover {
background: [[ColorPalette::PrimaryDark]];
}
/* make 2.2 act like 2.1 with the invisible buttons */
.toolbar {
visibility:hidden;
}
.selected .toolbar {
visibility:visible;
}
/* experimental. this is a little borked in IE7 with the button
* borders but worth it I think for the extra screen realestate */
.toolbar { float:right; }
/* fix for TaggerPlugin. from sb56637. improved by FND */
.popup li .tagger a {
display:inline;
}
/* makes theme selector look a little better */
#sidebarOptions .sliderPanel .select .button {
padding:0.5em;
display:block;
}
#sidebarOptions .sliderPanel .select br {
display:none;
}
/* make it print a little cleaner */
@media print {
#topMenu {
display: none ! important;
}
/* not sure if we need all the importants */
.tiddler {
border-style: none ! important;
margin:0px ! important;
padding:0px ! important;
padding-bottom:2em ! important;
}
.tagglyTagging .button, .tagglyTagging .hidebutton {
display: none ! important;
}
.headerShadow {
visibility: hidden ! important;
}
.tagglyTagged .quickopentag, .tagged .quickopentag {
border-style: none ! important;
}
.quickopentag a.button, .miniTag {
display: none ! important;
}
}
/* get user styles specified in StyleSheet */
[[StyleSheet]]
/*}}}*/
|Name|MptwTrim|
|Description|Mptw Theme with a reduced header to increase useful space|
|ViewTemplate|MptwTheme##ViewTemplate|
|EditTemplate|MptwTheme##EditTemplate|
|StyleSheet|MptwTheme##StyleSheet|
|PageTemplate|##PageTemplate|
!PageTemplate
<!--{{{-->
<!-- horizontal MainMenu -->
<div id='topMenu' macro='gradient vert [[ColorPalette::PrimaryLight]] [[ColorPalette::PrimaryMid]]'>
<span refresh='content' tiddler='SiteTitle' style="padding-left:1em;font-weight:bold;"></span>:
<span refresh='content' tiddler='MainMenu'></span>
</div>
<div id='sidebar'>
<div id='sidebarOptions'>
<div refresh='content' tiddler='SideBarOptions'></div>
<div style="margin-left:0.1em;"
macro='slider chkTabSliderPanel SideBarTabs {{"tabs \u00bb"}} "Show Timeline, All, Tags, etc"'></div>
</div>
</div>
<div id='displayArea'>
<div id='messageArea'></div>
<div id='tiddlerDisplay'></div>
</div>
For upgrading. See [[ImportTiddlers]].
URL: http://mptw.tiddlyspot.com/upgrade.html
/***
|Description:|A place to put your config tweaks so they aren't overwritten when you upgrade MPTW|
See http://www.tiddlywiki.org/wiki/Configuration_Options for other options you can set. In some cases where there are clashes with other plugins it might help to rename this to zzMptwUserConfigPlugin so it gets executed last.
***/
//{{{
// example: set your preferred date format
//config.mptwDateFormat = 'MM/0DD/YY';
//config.mptwJournalFormat = 'Journal MM/0DD/YY';
// example: set the theme you want to start with
//config.options.txtTheme = 'MptwRoundTheme';
// example: switch off autosave, switch on backups and set a backup folder
//config.options.chkSaveBackups = true;
//config.options.chkAutoSave = false;
//config.options.txtBackupFolder = 'backups';
//}}}
Use the mount command to mount a shared NFS directory from another machine:
mount shadowman.example.com:/misc/export /misc/local
Warning Warning
The mount point directory on local machine (/misc/local in the above example) must exist.
In this command, shadowman.example.com is the hostname of the NFS fileserver, /misc/export is the directory that shadowman is exporting, and /misc/local is the location to mount the file system on the local machine. After the mount command runs (and if the client has proper permissions from the shadowman.example.com NFS server) the client user can execute the command ls /misc/local to display a listing of the files in /misc/export on shadowman.example.com.
View the current operations master role holders
Updated: March 2, 2005
Once an operations master role has been transferred, it should be verified that the transfer has occurred successfully throughout the domain. The change must be replicated to all relevant domain members in order to truly take effect.
To view the current operations master role holders, use Ntdsutil.exe with the roles option. This option displays a list of all current role holders.
Administrative Credentials
To perform this procedure, you must be logged on as a User or an Administrator.
To view the current operations master role holder
1.
Click Start, click Run, type ntdsutil, and then press ENTER.
2.
At the ntdsutil: prompt, type roles and press ENTER.
3.
At the fsmo maintenance: prompt, type connections and press ENTER.
4.
At the server connections: prompt, type connect to server servername (where servername is the name of the domain controller that belongs to the domain containing the operations masters).
5.
After receiving confirmation of the connection, type quit and press ENTER to exit this menu.
6.
At the fsmo maintenance: prompt, type select operation target and press ENTER.
7.
At the select operations target: prompt, type list roles for connected server and press ENTER.
The system responds with a list of the current roles and the Lightweight Directory Access Protocol (LDAP) name of the domain controllers currently assigned to host each role.
8.
Type quit and press ENTER to exit each prompt in Ntdsutil.exe. Type quit and press ENTER at the ntdsutil: prompt to close the window.
Your System event log contains:
Event ID: 7000
Event Source: Service Control Manager
Description: The Network Load Balancing service failed to start due to the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Network Load Balancing is not installed?
Use Regedt32 to remove the following registry keys, if they exist:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\System\WLBS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WLBS
{{{
nsr_render_log <filename>
}}}
backups == nsrmedisv.raw
recovers == nsrmeidrc.raw
{{{
F:\>nsr_render_log --help
Usage: nsr_render_log [-acdehlmoptyz]
[-L locale]
[-S starttimestamp]
[-E endtimestamp]
[-N no of lines]
[-x exportspec]
[-T Threadid]
[-P processid]
[-O programname]
[-B StartLineNo]
[-M message id]
[-G groupname]
[-H host name]
[-J hostname_referenced]
[-A activityID]
[-C category]
[-F devicename]
[-Y severity]
log_file_name
}}}
To render all lines since yesterday
{{{
nsr_render_log -S 12/11/2011 nsrmedirc.raw > nsrmedirc.log
}}}
!skip missing files
{{{
save -a '"ignore-all-missing-system-files=yes"'
}}}
append "-c <fqdn proxy host>" to the shortcut parameters
/***
|Name:|NewHerePlugin|
|Description:|Creates the new here and new journal macros|
|Version:|3.0 ($Rev: 3861 $)|
|Date:|$Date: 2008-03-08 10:53:09 +1000 (Sat, 08 Mar 2008) $|
|Source:|http://mptw.tiddlyspot.com/#NewHerePlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License|http://mptw.tiddlyspot.com/#TheBSDLicense|
***/
//{{{
merge(config.macros, {
newHere: {
handler: function(place,macroName,params,wikifier,paramString,tiddler) {
wikify("<<newTiddler "+paramString+" tag:[["+tiddler.title+"]]>>",place,null,tiddler);
}
},
newJournalHere: {
handler: function(place,macroName,params,wikifier,paramString,tiddler) {
wikify("<<newJournal "+paramString+" tag:[["+tiddler.title+"]]>>",place,null,tiddler);
}
}
});
//}}}
/***
|Name:|NewMeansNewPlugin|
|Description:|If 'New Tiddler' already exists then create 'New Tiddler (1)' and so on|
|Version:|1.1 ($Rev: 2263 $)|
|Date:|$Date: 2007-06-13 04:22:32 +1000 (Wed, 13 Jun 2007) $|
|Source:|http://mptw.tiddlyspot.com/empty.html#NewMeansNewPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License|http://mptw.tiddlyspot.com/#TheBSDLicense|
!!Note: I think this should be in the core
***/
//{{{
String.prototype.getNextFreeName = function() {
var numberRegExp = / \(([0-9]+)\)$/;
var match = numberRegExp.exec(this);
if (match) {
var num = parseInt(match[1]) + 1;
return this.replace(numberRegExp," ("+num+")");
}
else {
return this + " (1)";
}
}
config.macros.newTiddler.checkForUnsaved = function(newName) {
var r = false;
story.forEachTiddler(function(title,element) {
if (title == newName)
r = true;
});
return r;
}
config.macros.newTiddler.getName = function(newName) {
while (store.getTiddler(newName) || config.macros.newTiddler.checkForUnsaved(newName))
newName = newName.getNextFreeName();
return newName;
}
config.macros.newTiddler.onClickNewTiddler = function()
{
var title = this.getAttribute("newTitle");
if(this.getAttribute("isJournal") == "true") {
var now = new Date();
title = now.formatString(title.trim());
}
title = config.macros.newTiddler.getName(title); // <--- only changed bit
var params = this.getAttribute("params");
var tags = params ? params.split("|") : [];
var focus = this.getAttribute("newFocus");
var template = this.getAttribute("newTemplate");
var customFields = this.getAttribute("customFields");
story.displayTiddler(null,title,template,false,null,null);
var tiddlerElem = document.getElementById(story.idPrefix + title);
if(customFields)
story.addCustomFields(tiddlerElem,customFields);
var text = this.getAttribute("newText");
if(typeof text == "string")
story.getTiddlerField(title,"text").value = text.format([title]);
for(var t=0;t<tags.length;t++)
story.setTiddlerTag(title,tags[t],+1);
story.focusTiddler(title,focus);
return false;
};
//}}}
Create Alias
{{{
fcalias name stor-array-processor-a vsan XXX
member pwwn AA:BB:CC:DD:EE:FF:00:11
}}}
Create Zone
{{{
zone name first-new-zone vsan XXX
member fcalias stor-array-processor-a
member fcalias server-hba
}}}
Add Zone to Zoneset
{{{
zoneset new-zoneset vsan XXX
member first-new-zone
member second-new-zone
}}}
Example
{{{
!Info from ESX server
/proc/scsi/qla2xxx/12
Host Device Name vmhba5
scsi-qla3-adapter-node=200000c0dd1c3cc3:bf0012:1;
scsi-qla3-adapter-port=210000c0dd1c3cc3:bf0012:1;
/proc/scsi/qla2xxx/9
Host Device Name vmhba2
scsi-qla0-adapter-node=200000c0dd1b6d41:bf0010:1;
scsi-qla0-adapter-port=210000c0dd1b6d41:bf0010:1;
!Infor from Nexus
vfc23 11 0xbf0010 21:00:00:c0:dd:1b:6d:41 20:00:00:c0:dd:1b:6d:41
vfc24 11 0xbf0012 21:00:00:c0:dd:1c:3c:c3 20:00:00:c0:dd:1c:3c:c3
!Create Aliases
fcalias name Site01_ESX06_VMHBA2 vsan 11
member pwwn 21:00:00:c0:dd:1b:6d:41
fcalias name Site01_ESX06_VMHBA5 vsan 11
member pwwn 21:00:00:c0:dd:1c:3c:c3
!Create Zones
zone name Site01_ESX06_VMHBA2_CX4_240_SPA0 vsan 11
member fcalias CX4_240_SPA0 vsan 11
member fcalias Site01_ESX06_VMHBA2 vsan 11
zone name Site01_ESX06_VMHBA2_CX4_240_SPB1 vsan 11
member fcalias CX4_240_SPB1 vsan 11
member fcalias Site01_ESX06_VMHBA2 vsan 11
zone name Site01_ESX06_VMHBA5_CX4_240_SPA0 vsan 11
member fcalias CX4_240_SPA0 vsan 11
member fcalias Site01_ESX06_VMHBA5 vsan 11
zone name Site01_ESX06_VMHBA5_CX4_240_SPB1 vsan 11
member fcalias CX4_240_SPB1 vsan 11
member fcalias Site01_ESX06_VMHBA5 vsan 11
!Add Zones to Zoneset
zoneset name VSAN11 vsan 11
member Site01_ESX06_VMHBA2_CX4_240_SPA0
member Site01_ESX06_VMHBA2_CX4_240_SPB1
member Site01_ESX06_VMHBA5_CX4_240_SPA0
member Site01_ESX06_VMHBA5_CX4_240_SPB1
!Activate Zoneset
zoneset activate name VSAN11 vsan 11
}}}
ONT: Optical Network Terminal
ONT is an media converter that is installed by Verizon either outside or inside your home, during the FiOS installation. This device will convert fiber-optic/light to copper (which is installed in your home, currently).
#Create incident
#Create change
#Create request for CE to access site
208.67.222.222
208.67.220.220
http://www.opendns.com/start/
OpenFiler local LDAP server setup
OpenFiler is a powerful open-source NAS/SAN system based on rPath Linux. You can use an old PC to load up OpenFiler to use as file server.
OpenFile uses LDAP/AD server for authentication only. For local users, you must setup a local LDAP for authentication.
- Click "Services" and then "LDAP Setup" on the right.
- Click "Clear LDAP" and then "Yes".
- Click "Rebuild LDAP".
- Click "Accounts"
- Check the box next to "Use LDAP"
- In the LDAP section set the following values:
- Local LDAP Server: Checked
- Use TLS: Unchecked
- Server: 127.0.0.1
- Base DN: "dc=openfiler,dc=local"
- Root bind DN: "cn=Manager,dc=openfiler,dc=local"
- Root bind password: "password"
- Login SMB server to root DN: Checked
- Allow user to change password: Checked
- Click "Submit" at the bottom of the page.
- Check the "Services" tab to see if the "LDAP Server" service is running (it should have started automatically)
- Click "Accounts" and then "Administration" and you should be able to start adding groups and users.
from: http://office.microsoft.com/en-us/outlook/HP010031101033.aspx
The command that starts Microsoft Outlook is Outlook.exe. A command-line switch is the addition of a forward slash (/) followed by the switch name and any parameters the switch has.
ShowHow to use switches
1. Search for the Microsoft Outlook executable file, Outlook.exe, and make a note of the path to Outlook.exe. For example, the path might be C:\Program Files\Microsoft Office\Office11\Outlook.exe.
2. Click Start, and then click Run.
3. In the Open box, type the complete path you noted in step 1, including the file name. Press the SPACEBAR once, and then type a forward slash mark (/) followed by the switch.
For example, if you want to use the CleanReminders switch, the command you type in the Open box should look like this:
"C:\Program Files\Microsoft Office\Office11\Outlook.exe" /Cleanreminders
Note Paths that include spaces between words must be enclosed in quotation marks (") and are case sensitive.
4. To run the command, click OK.
HideSwitch reference
Switch Description
/a
Creates an item with the specified file as an attachment.
Example:
* "C:\Program Files\Microsoft Office\Office11\Outlook.exe" /a "C:\My Documents\labels.doc"
If no item type is specified, IPM.Note is assumed. Cannot be used with message classes that aren't based on Outlook.
/altvba otmfilename
Opens the VBA program specified in otmfilename, rather than %appdata%\Microsoft\Outlook\VbaProject.OTM.
/c messageclass
Creates a new item of the specified message class (Outlook forms or any other valid MAPI form).
Examples:
* /c ipm.activity creates a Journal entry
* /c ipm.appointment creates an appointment
* /c ipm.contact creates a contact
* /c ipm.note creates an e-mail message
* /c ipm.stickynote creates a note
* /c ipm.task creates a task
/checkclient
Prompts for the default manager of e-mail, news, and contacts.
/cleanclientrules
Starts Outlook and deletes client-based rules.
/cleandmrecords
Deletes the logging records saved when a manager or a delegate declines a meeting.
/cleanfinders
Removes Search Folders from the Microsoft Exchange server store.
/cleanfreebusy
Clears and regenerates free/busy information. This switch can only be used when you are able to connect to your Microsoft Exchange server.
/cleanprofile
Removes invalid profile keys and recreates default registry keys where applicable.
/cleanpst
Launches Outlook with a clean Personal Folders file (.pst) (Personal Folders file (.pst): Data file that stores your messages and other items on your computer. You can assign a .pst file to be the default delivery location for e-mail messages. You can use a .pst to organize and back up items for safekeeping.).
/cleanreminders
Clears and regenerates reminders.
/cleanrules
Starts Outlook and deletes client- and server-based rules.
/cleanschedplus
Deletes all Schedule+ data (free/busy, permissions, and .cal file) from the server and enables the free/busy information from the Outlook Calendar to be used and viewed by all Schedule+ 1.0 users.
/cleanserverrules
Starts Outlook and deletes server-based rules.
/cleansniff
Deletes duplicate reminder messages.
/cleansubscriptions
Deletes the subscription messages and properties for subscription features.
/cleanviews
Restores default views. All custom views you created are lost.
/designer
Starts Outlook without figuring out if Outlook should be the default client in the first run.
/embedding
Opens the specified message file (.msg) as an OLE embedding. Also used without command-line parameters for standard OLE co-create.
/f msgfilename
Opens the specified message file (.msg) or Microsoft Office saved search (.oss).
/firstrun
Starts Outlook as if it were run for the first time.
/hol holfilename
Opens the specified .hol file.
/ical icsfilename
Opens the specified .ics file.
/importprf prffilename
Launches Outlook and opens/imports the defined MAPI profile (*.prf). If Outlook is already open, queues the profile to be imported on the next clean launch.
/l olkfilename
Opens the specified .olk file.
/launchtraininghelp assetid
Opens a Help window with the Help topic specified in assetid.
/m emailname
Provides a way for the user to add an e-mail name to the item. Only works in conjunction with the /c command-line parameter.
Example:
* Outlook.exe /c ipm.note /m emailname
/nocustomize
Starts Outlook without loading outcmd.dat (customized toolbars) and *.fav file.
/noextensions
Starts Outlook with extensions turned off, but listed in the Add-In Manager.
/nopollmail
Starts Outlook without checking mail at startup.
/nopreview
Starts Outlook with the Reading Pane off.
/p msgfilename
Prints the specified message (.msg). Does not work with HTML.
/profile profilename
Loads the specified profile. If your profile name contains a space, enclose the profile name in quotation marks (").
/profiles
Opens the Choose Profile dialog box regardless of the Options setting on the Tools menu.
/recycle
Starts Outlook using an existing Outlook window, if one exists. Used in combination with /explorer or /folder.
/resetfoldernames
Resets default folder names (such as Inbox or Sent Items) to default names in the current Office user interface language.
For example, if you first connect to your mailbox Outlook using a Russian user interface, the Russian default folder names cannot be renamed. To change the default folder names to another language such as Japanese or English, you can use this switch to reset the default folder names after changing the user interface language or installing a different language version of Outlook.
/resetfolders
Restores missing folders for the default delivery location.
/resetnavpane
Clears and regenerates the Navigation Pane for the current profile.
/rpcdiag
Opens Outlook and displays the remote procedure call (RPC) connection status dialog.
/s filename
Loads the specified shortcuts file (.fav).
/safe
Starts Outlook without extensions, Reading Pane, or toolbar customization.
/safe:1
Starts Outlook with the Reading Pane off.
/safe:2
Starts Outlook without checking mail at startup.
/safe:3
Starts Outlook with extensions turned off, but listed in the Add-In Manager.
/safe:4
Starts Outlook without loading Outcmd.dat (customized toolbars) and *.fav file.
/select foldername
Starts Outlook and opens the specified folder in a new window. For example, to open Outlook and display the default calendar use: "c:\Program Files\Microsoft Office\Office11\Outlook.exe" /select outlook:calendar
/sniff
Starts Outlook and forces a detection of new meeting requests in the Inbox, and then adds them to the calendar.
/t oftfilename
Opens the specified .oft file.
/v vcffilename
Opens the specified .vcf file.
/vcal vcsfilename
Opens the specified .vcs file.
/x xnkfilename
Opens the specified .xnk file.
Was this information helpful?
*reset local admin password
**see tcccinfo for password
*reset local user "user" password
**i generally use the location: auburn, cortland...
*confirm windows update set to automatically download and install
*internet explorer lockdown
**set home page to http://www.flsmiledocs.com
**add flsmiledocs.com and invisalign to links folder
**copy proxy.pac from http://www.compcenter.com/public/ortho/proxy.pac to c:\proxy\proxy.pac
**set inet options proxy script file://c:/proxy/proxy.pac
**confirm that websites fail
*email lockdown (only if user uses email!)
**install mozilla thunderbird (http://www.mozilla.com/products/download.html?product=thunderbird-2.0.0.0&os=win&lang=en-US)
**import settings from outlook express during first run
**use Mail Pass View from http://www.nirsoft.net/password_recovery_tools.html to determine user's password if it is unknown
*im lockdown (only if user uses im)
**install pidgin (http://downloads.sourceforge.net/pidgin/pidgin-2.0.1.exe)
**determine username from msn
**use MessenPass from http://www.nirsoft.net/password_recovery_tools.html to determine user's im password, or reset it at Windows Live website
*app uninstalls
**uninstall MSN Messenger (though i've done this, and it still shows)
***control panel > add/remove programs > add/remove windows components
**uninstall outlook express
***control panel > add/remove programs > add/remove windows components
*disable access to connections tab in internet options
***run gpedit.msc
***navigate to User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel.
***enable "Disable Connections Tab"
**or
***to disable connections tab run http://www.compcenter.com/public/ortho/remove-connectionstab.reg
***to enable connections tab run http://www.compcenter.com/public/ortho/add-connectionstab.reg
*remove local user from local administrators group
*test email
*test im
*test internet access
*test access to connections tab
Site: http://www.accesspdf.com/index.php?topic=pdftk
cat two pdf files:
{{{
pdftk in1.pdf in2.pdf cat output out1.pdf
}}}
{{{
pdftk.exe *.pdf cat output outputname.pdf
}}}
Summary:
{{{
aaa authentication ssh console LOCAL
aaa authentication enable console LOCAL
aaa authorization command LOCAL
username user1 password TUgFoweE932kS0z privilege 15
username user2 password TUgFoweE932kS0z privilege 15
}}}
PIX Authentication Using Local User Database (and Kiwi CatTools)
So here's the scenario I ran into...I just set up a new client for managed network services (where my company (AdTEC Networks) is doing the management). This client happened to have some fairly technical people on staff who wanted privileged mode access to the PIX firewall. No problemo...that is, until I received phone calls with people screaming, "THE NETWORK IS DOWN!!!"
There I am, feeling a cold drip of sweat trickling down the side of my face, scrolling through a running config on a PIX firewall. Aha! Who put that command there?!?! After removing the 'mystery' NAT statement, the network magically works again...now who's to blame...
Of course, all my customer's network admins deny any responsibility, and since there's only a single username / password combination on the PIX (and enable password), there was no way of telling who was responsible. It's time for deeper authentication on the PIX firewall.
Three commands to make this happen:
aaa authentication ssh console LOCAL
aaa authentication enable console LOCAL
aaa authorization command LOCAL
Then create your user accounts using this syntax:
username user1 password TUgFoweE932kS0z encrypted privilege 15
username user2 password TUgFoweE932kS0z encrypted privilege 15
...and so on
Here's the powerful result: The users now log in using their own username (i.e. user1 and user2 in this case) rather than the generic "pix" and their own password. The ultra-cool thing (in my opinion) is that second command "aaa authentication enable console LOCAL" - it synchronizes the enable password with the user account, so the admin can use the same password for the SSH/Telnet session as they do to access enable mode. Sweet!
Last, but not least, pick up a copy of Kiwi CatTools. This AWESOME (and cheap - free for 5 devices) utility does configuration change management. Now, if the configuration changes, I get an email showing me what changed and who made the changes. Niiice.
from http://www.ciscoblog.com/archives/2006/09/pix_authenticat.html
interface ethernet0 100full
pixfirewall#copy tftp flash
Address or name of remote host [127.0.0.1]? 172.18.125.3
Source file name [cdisk]?pix611.bin
copying tftp://172.18.125.3/pix611.bin to flash
[yes|no|again]?yes
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Received 2562048 bytes.
Erasing current image.
Writing 2469944 bytes of image.
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Image installed.
pixfirewall#
{{{
>Get-Command | where { $_.parameters.keys -contains "computername" }
CommandType Name Definition
----------- ---- ----------
Cmdlet Clear-EventLog Clear-EventLog [-LogName] <String[]> [..
Cmdlet Connect-WSMan Connect-WSMan [[-ComputerName] <String..
Cmdlet Disconnect-WSMan Disconnect-WSMan [[-ComputerName] <Str..
Cmdlet Enter-PSSession Enter-PSSession [-ComputerName] <Strin..
Alias etsn Enter-PSSession
Cmdlet Get-Counter Get-Counter [[-Counter] <String[]>] [-..
Cmdlet Get-EventLog Get-EventLog [-LogName] <String> [[-In..
Cmdlet Get-HotFix Get-HotFix [[-Id] <String[]>] [-Comput..
Cmdlet Get-Process Get-Process [[-Name] <String[]>] [-Com..
Cmdlet Get-PSSession Get-PSSession [[-ComputerName] <String..
Cmdlet Get-Service Get-Service [[-Name] <String[]>] [-Com..
Cmdlet Get-WinEvent Get-WinEvent [[-LogName] <String[]>] [..
Cmdlet Get-WmiObject Get-WmiObject [-Class] <String> [[-Pro..
Cmdlet Get-WSManInstance Get-WSManInstance [-ResourceURI] <Uri>..
Alias gps Get-Process
Alias gsn Get-PSSession
Alias gsv Get-Service
Alias gwmi Get-WmiObject
Alias icm Invoke-Command
Cmdlet Invoke-Command Invoke-Command [-ScriptBlock] <ScriptB..
Cmdlet Invoke-WmiMethod Invoke-WmiMethod [-Class] <String> [-N..
Cmdlet Invoke-WSManAction Invoke-WSManAction [-ResourceURI] <Uri..
Alias iwmi Invoke-WMIMethod
Cmdlet Limit-EventLog Limit-EventLog [-LogName] <String[]> [..
Cmdlet New-EventLog New-EventLog [-LogName] <String> [-Sou..
Cmdlet New-PSSession New-PSSession [[-ComputerName] <String..
Cmdlet New-WSManInstance New-WSManInstance [-ResourceURI] <Uri>..
Alias nsn New-PSSession
Alias ps Get-Process
Alias rcjb Receive-Job
Cmdlet Receive-Job Receive-Job [-Job] <Job[]> [[-Location..
Cmdlet Register-WmiEvent Register-WmiEvent [-Class] <String> [[..
Cmdlet Remove-EventLog Remove-EventLog [-LogName] <String[]> ..
Cmdlet Remove-PSSession Remove-PSSession [-Id] <Int32[]> [-Ver..
Cmdlet Remove-WmiObject Remove-WmiObject [-Class] <String> [-A..
Cmdlet Remove-WSManInstance Remove-WSManInstance [-ResourceURI] <U..
Cmdlet Restart-Computer Restart-Computer [[-ComputerName] <Str..
Alias rsn Remove-PSSession
Alias rwmi Remove-WMIObject
Cmdlet Set-Service Set-Service [-Name] <String> [-Compute..
Cmdlet Set-WmiInstance Set-WmiInstance [-Class] <String> [[-A..
Cmdlet Set-WSManInstance Set-WSManInstance [-ResourceURI] <Uri>..
Cmdlet Show-EventLog Show-EventLog [[-ComputerName] <String..
Cmdlet Stop-Computer Stop-Computer [[-ComputerName] <String..
Alias swmi Set-WMIInstance
Cmdlet Test-Connection Test-Connection [-ComputerName] <Strin..
Cmdlet Test-WSMan Test-WSMan [[-ComputerName] <String>] ..
Cmdlet Write-EventLog Write-EventLog [-LogName] <String> [-S..
}}}
Documentation:
http://www.openideas.info/wiki/index.php?title=Pandora_2.0:Documentation_en:Introduction
|Total Available|73728|
|/|10240|
|/boot|256|
|swap|1600|
|/var|5120|
|/tmp|2048|
|/opt|5120|
|(vmcore)|103|
|/home|5120|
|vmfs|rest|
http://www.tech-archive.net/Archive/Windows/microsoft.public.windows.terminal_services/2008-01/msg00430.html
http://support.microsoft.com/?kbid=186498
{{{
#!/bin/bash
# author: Jeff Wardlaw
# email: jeff@urgo.org
# list of hosts to ping
# add ip / hostname separated by while space
HOSTS="10.1.1.1 10.1.1.12"
# # of pings
COUNT=5
EMAILID="me@mydomain.org"
for myHost in $HOSTS
do
ping -c $COUNT $myHost > /dev/null
if [ $? -ne 0 ]; then # Test exit status of "ping" command.
echo "host:$myHost failed icmp connectivity test at $(date)" | mail -s "ISPNAME icmp connectivty failed $(date)" -t $EMAILID
fi
done
}}}
!!!Note:
When running this script I kept getting:
{{{
+ mail -s 'FLTG icmp connectivty failed Wed Aug 20 16:05:33 EDT 2008'
Cannot parse address `10.1.1.1 failed icmp connectivity test at Wed Aug 20 16:05:33 EDT 2008' (while expanding `10.1.1.1 failed icmp connectivity test at Wed Aug 20 16:05:33 EDT 2008'): Format of RFC822 object is bad
+ netadmins@cayugamed.org
./fltgpingtest.bash: line 20: netadmins@cayugamed.org: command not found
}}}
It's because stupid nano added a cr to the end of the mail line.
Edited it vi, joined the two lines, it worked.
{{{
#!/bin/bash
# Simple SHELL script for Linux and UNIX system monitoring with
# ping command
# -------------------------------------------------------------------------
# Copyright (c) 2006 nixCraft project <http://www.cyberciti.biz/fb/>
# This script is licensed under GNU GPL version 2.0 or above
# -------------------------------------------------------------------------
# This script is part of nixCraft shell script collection (NSSC)
# Visit http://bash.cyberciti.biz/ for more information.
# -------------------------------------------------------------------------
# Setup email ID below
# See URL for more info:
# http://www.cyberciti.biz/tips/simple-linux-and-unix-system-monitoring-with-ping-command-and-scripts.html
# -------------------------------------------------------------------------
# add ip / hostname separated by while space
HOSTS="cyberciti.biz theos.in router"
# no ping request
COUNT=1
# email report when
SUBJECT="Ping failed"
EMAILID="me@mydomain.com"
for myHost in $HOSTS
do
count=$(ping -c $COUNT $myHost | grep 'received' | awk -F',' '{ print $2 }' | awk '{ print $1 }')
if [ $count -eq 0 ]; then
# 100% failed
echo "Host : $myHost is down (ping failed) at $(date)" | mail -s "$SUBJECT" $EMAILID
fi
done
}}}
{{{
access-list Net1-PAT extended permit ip a.b.c.d 255.255.255.0 any
nat (inside) 10 access-list Net1-PAT
global (outside) 10 z.x.y.w
}}}
Definitions:
#Mirror Port: the port that receives monitored traffic
#Monitored Port: the port that sends traffic to the mirror port
{{{
StackMbr-2# conf t
StackMbr-2(config)# mirror-port 11
StackMbr-2(config)# int 12 monitor
StackMbr-2(config)#
StackMbr-2#
StackMbr-2# sh mon
Network Monitoring Port
Mirror Port: 11
Monitoring sources
------------------
12
StackMbr-2#
}}}
{{{
#Connect to your vcenter server
connect-viserver -server yourvcenterservername
#Put ESX host into maintenance mode
Set-VMHost -vmhost youresxservername -state maintenance
#Take ESX host out of maintenance mode
Set-VMHost -vmhost youresxservername -state connected
#Reboot your ESX host (must be in maintenance mode or also use -force in the command)
Restart-VMHost -vmhost youresxservername
}}}
{{{
gwmi blahblah | format-list *
}}}
{{{
enable-psremoting -force
set-item wsman:localhost\client\trustedhosts * -force
restart-service winrm
}}}
Requires psh v2 & bits 40
Server 2008x86:
pshv2:http://download.microsoft.com/download/F/9/E/F9EF6ACB-2BA8-4845-9C10-85FC4A69B207/Windows6.0-KB968930-x86.msu
bits40: http://download.microsoft.com/download/8/F/9/8F917766-5CBA-4B9A-81FB-10A97E851392/Windows6.0-KB960568-x86.msu
Server 2008x64:
pshv2:http://download.microsoft.com/download/2/8/6/28686477-3242-4E96-9009-30B16BED89AF/Windows6.0-KB968930-x64.msu
bits40: http://download.microsoft.com/download/D/D/3/DD3CECA2-0866-4DFB-9873-16B5F354EB9F/Windows6.0-KB960568-x64.msu
Additionally: the winrm service may get screwed up try these:
# {{{winrm quickconfig}}}
# {{{enable-psremoting -force}}}
{{{
# if your user name is whatever\test
$domain = "whatever"
$strComputer = "XYZ"
$username = "test"
$computer = [ADSI]("WinNT://" + $strComputer + ",computer")
$computer.name
$Group = $computer.psbase.children.find("administrators")
$Group.name
# This will list what’s currently in Administrator Group so you can verify the result
function ListAdministrators
{$members= $Group.psbase.invoke("Members") | %{$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)}
$members}
ListAdministrators
# Even though we are adding the AD account but we add it to local computer and so we will need to use WinNT: provider
$Group.Add("WinNT://" + $domain + "/" + $username)
ListAdministrators
$Group.Remove("WinNT://" + $domain + "/" + $username)
ListAdministrators
}}}
Dont use enter-pssession...
use
{{{
Invoke-Command -ComputerName XYZ -FilePath c:\myscript.ps1
}}}
{{{
C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe "C:\ScheduledTaskScripts\scriptname.ps1" -noprofile -Noninteractive
}}}
{{{
Set-ExecutionPolicy RemoteSigned
}}}
!!!v1.0:
{{{
(Get-WmiObject -computer Server1 Win32_Service -filter "name='vpxd'").InvokeMethod("StartService",$null)
}}}
!!!v2.0:
{{{
PS C:\> Invoke-Command { Stop-Service -force vpxd } -Computer Server1
PS C:\> Invoke-Command { Start-Service vpxd } -Computer Server1
WARNING: Waiting for service 'VMware VirtualCenter Server (vpxd)' to finish
starting...
WARNING: Waiting for service 'VMware VirtualCenter Server (vpxd)' to finish
starting...
PS C:\>
}}}
{{{
find /n /v "" <filename>
}}}
{{{
C:\bin>find /n /v "" br.cmd
---------- BR.CMD
[1]@echo off
[2]::br.cmd
[3]setlocal enabledelayedexpansion
[4]
[5]::logfile settings
[6]call :GetDate year month day
[7]call :GetTime hour minute second hsecond
[8]set DateTimeString=%year%%month%%day%T%hour%%minute%%second%
[9]set logfile=%~f0
[10]set logfile=%logfile:~0,-4%
[11]set logfile=%logfile%%DateTimeString%.log
[12]echo %0 beginning at... > %logfile%
[13]date /t >> %logfile%
[14]time /t >> %logfile%
[15]echo logfile = %logfile% >> %logfile%
[16]echo. >> %logfile%
[17]
[18]::files to rename
[19]set rootname=rootname
[20]set filename1=CLAIM_FORMS_FILE_
[21]set dirname1=D:\ssiapp\renws\billing\uploadh
[22]
[23]::email settings
[24]set operatoremailaddress=me@domain.tld
[25]set operatoremailserver=mail3.domain.tld
[26]set emailprogram=c:\bin\blat.exe
[27]set fromaddress=server@domain.tld
[28]set emailsubject=%0 log
[29]
.
.
.
}}}
/***
|Name:|PrettyDatesPlugin|
|Description:|Provides a new date format ('pppp') that displays times such as '2 days ago'|
|Version:|1.0 ($Rev: 3646 $)|
|Date:|$Date: 2008-02-27 02:34:38 +1000 (Wed, 27 Feb 2008) $|
|Source:|http://mptw.tiddlyspot.com/#PrettyDatesPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License:|http://mptw.tiddlyspot.com/#TheBSDLicense|
!!Notes
* If you want to you can rename this plugin. :) Some suggestions: LastUpdatedPlugin, RelativeDatesPlugin, SmartDatesPlugin, SexyDatesPlugin.
* Inspired by http://ejohn.org/files/pretty.js
***/
//{{{
Date.prototype.prettyDate = function() {
var diff = (((new Date()).getTime() - this.getTime()) / 1000);
var day_diff = Math.floor(diff / 86400);
if (isNaN(day_diff)) return "";
else if (diff < 0) return "in the future";
else if (diff < 60) return "just now";
else if (diff < 120) return "1 minute ago";
else if (diff < 3600) return Math.floor(diff/60) + " minutes ago";
else if (diff < 7200) return "1 hour ago";
else if (diff < 86400) return Math.floor(diff/3600) + " hours ago";
else if (day_diff == 1) return "Yesterday";
else if (day_diff < 7) return day_diff + " days ago";
else if (day_diff < 14) return "a week ago";
else if (day_diff < 31) return Math.ceil(day_diff/7) + " weeks ago";
else if (day_diff < 62) return "a month ago";
else if (day_diff < 365) return "about " + Math.ceil(day_diff/31) + " months ago";
else if (day_diff < 730) return "a year ago";
else return Math.ceil(day_diff/365) + " years ago";
}
Date.prototype.formatString_orig_mptw = Date.prototype.formatString;
Date.prototype.formatString = function(template) {
return this.formatString_orig_mptw(template).replace(/pppp/,this.prettyDate());
}
// for MPTW. otherwise edit your ViewTemplate as required.
// config.mptwDateFormat = 'pppp (DD/MM/YY)';
config.mptwDateFormat = 'pppp';
//}}}
/***
|Name:|QuickOpenTagPlugin|
|Description:|Changes tag links to make it easier to open tags as tiddlers|
|Version:|3.0.1 ($Rev: 3861 $)|
|Date:|$Date: 2008-03-08 10:53:09 +1000 (Sat, 08 Mar 2008) $|
|Source:|http://mptw.tiddlyspot.com/#QuickOpenTagPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License:|http://mptw.tiddlyspot.com/#TheBSDLicense|
***/
//{{{
config.quickOpenTag = {
dropdownChar: (document.all ? "\u25bc" : "\u25be"), // the little one doesn't work in IE?
createTagButton: function(place,tag,excludeTiddler) {
// little hack so we can do this: <<tag PrettyTagName|RealTagName>>
var splitTag = tag.split("|");
var pretty = tag;
if (splitTag.length == 2) {
tag = splitTag[1];
pretty = splitTag[0];
}
var sp = createTiddlyElement(place,"span",null,"quickopentag");
createTiddlyText(createTiddlyLink(sp,tag,false),pretty);
var theTag = createTiddlyButton(sp,config.quickOpenTag.dropdownChar,
config.views.wikified.tag.tooltip.format([tag]),onClickTag);
theTag.setAttribute("tag",tag);
if (excludeTiddler)
theTag.setAttribute("tiddler",excludeTiddler);
return(theTag);
},
miniTagHandler: function(place,macroName,params,wikifier,paramString,tiddler) {
var tagged = store.getTaggedTiddlers(tiddler.title);
if (tagged.length > 0) {
var theTag = createTiddlyButton(place,config.quickOpenTag.dropdownChar,
config.views.wikified.tag.tooltip.format([tiddler.title]),onClickTag);
theTag.setAttribute("tag",tiddler.title);
theTag.className = "miniTag";
}
},
allTagsHandler: function(place,macroName,params) {
var tags = store.getTags(params[0]);
var filter = params[1]; // new feature
var ul = createTiddlyElement(place,"ul");
if(tags.length == 0)
createTiddlyElement(ul,"li",null,"listTitle",this.noTags);
for(var t=0; t<tags.length; t++) {
var title = tags[t][0];
if (!filter || (title.match(new RegExp('^'+filter)))) {
var info = getTiddlyLinkInfo(title);
var theListItem =createTiddlyElement(ul,"li");
var theLink = createTiddlyLink(theListItem,tags[t][0],true);
var theCount = " (" + tags[t][1] + ")";
theLink.appendChild(document.createTextNode(theCount));
var theDropDownBtn = createTiddlyButton(theListItem," " +
config.quickOpenTag.dropdownChar,this.tooltip.format([tags[t][0]]),onClickTag);
theDropDownBtn.setAttribute("tag",tags[t][0]);
}
}
},
// todo fix these up a bit
styles: [
"/*{{{*/",
"/* created by QuickOpenTagPlugin */",
".tagglyTagged .quickopentag, .tagged .quickopentag ",
" { margin-right:1.2em; border:1px solid #eee; padding:2px; padding-right:0px; padding-left:1px; }",
".quickopentag .tiddlyLink { padding:2px; padding-left:3px; }",
".quickopentag a.button { padding:1px; padding-left:2px; padding-right:2px;}",
"/* extra specificity to make it work right */",
"#displayArea .viewer .quickopentag a.button, ",
"#displayArea .viewer .quickopentag a.tiddyLink, ",
"#mainMenu .quickopentag a.tiddyLink, ",
"#mainMenu .quickopentag a.tiddyLink ",
" { border:0px solid black; }",
"#displayArea .viewer .quickopentag a.button, ",
"#mainMenu .quickopentag a.button ",
" { margin-left:0px; padding-left:2px; }",
"#displayArea .viewer .quickopentag a.tiddlyLink, ",
"#mainMenu .quickopentag a.tiddlyLink ",
" { margin-right:0px; padding-right:0px; padding-left:0px; margin-left:0px; }",
"a.miniTag {font-size:150%;} ",
"#mainMenu .quickopentag a.button ",
" /* looks better in right justified main menus */",
" { margin-left:0px; padding-left:2px; margin-right:0px; padding-right:0px; }",
"#topMenu .quickopentag { padding:0px; margin:0px; border:0px; }",
"#topMenu .quickopentag .tiddlyLink { padding-right:1px; margin-right:0px; }",
"#topMenu .quickopentag .button { padding-left:1px; margin-left:0px; border:0px; }",
"/*}}}*/",
""].join("\n"),
init: function() {
// we fully replace these builtins. can't hijack them easily
window.createTagButton = this.createTagButton;
config.macros.allTags.handler = this.allTagsHandler;
config.macros.miniTag = { handler: this.miniTagHandler };
config.shadowTiddlers["QuickOpenTagStyles"] = this.styles;
store.addNotification("QuickOpenTagStyles",refreshStyles);
}
}
config.quickOpenTag.init();
//}}}
RSYNC
Trailing Slashes Do Matter...Sometimes
This isn't really an article about rsync, but I would like to take a momentary detour to clarify one potentially confusing detail about its use. You may be accustomed to commands that don't care about trailing slashes. For example, if a and b are two directories, then cp -a a b is equivalent to cp -a a/ b/. However, rsync does care about the trailing slash, but only on the source argument. For example, let a and b be two directories, with the file foo initially inside directory a. Then this command:
{{{
rsync -a a b
}}}
produces b/a/foo, whereas this command:
{{{
rsync -a a/ b
}}}
produces b/foo. The presence or absence of a trailing slash on the destination argument (b, in this case) has no effect.
Slash means copy content, no slash means copy directory.
generally: don't use slashes, don't specify target directory, specify target directory parent
OR
use slashes, make sure directories are the same
{{{
rsync -a /home/jcw /var/backup/
}}}
should create /var/backup/jcw and subsequent files
{{{
rsync -a /home/jcw/ /var/backup/jcw/
}}}
should do the same thing
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806de37e.shtml
!!!Files: all located in /home/rancid/
{{{~/.cloginrc}}}: contains login information for devices. see [[.cloginrc]]
You can do router specific configs in [[.cloginrc]]
{{{~/etc/rancid.conf}}}: contains groups (to organize the devices, and determine email recipients) and general options
{{{~/var/rancid/$groupname/router.db}}}: contains fqdn of devices for that group
{{{~/var/rancid/$groupname/$groupname/configs}}}: contain the downloaded config files for the devices
!!!Email
Email is sent to two email addresses: {{{rancid-$groupname}}} and {{{rancid-admin-$groupname}}}. By default it is sent to the local mail server running on the server. That can be changed by using adding a line to {{{~/etc/rancid.conf}}}
{{{
MAILDOMAIN="@domain.org"; export MAILDOMAIN
}}}
!!!CVSWEB
install:
{{{
apt-get install httpd
apt-get install cvsweb
}}}
config:
edit {{{/etc/cvsweb/cvsweb.conf}}}
{{{
@CVSrepositories = (
'Rancid' => ['Rancid', '/home/rancid/var/rancid/CVS'],
);
}}}
Browse to http://servername/cgi-web/cvsweb
!!!Notes
http://www.samag.com/documents/s=10093/sam0609a/0609a.htm (not available anymore as of 20090223)
Maybe try: http://homepage.mac.com/duling/halfdozen/
create access list
{{{
access-list 101 permit ip any host 72.43.91.125
access-list 101 permit ip host 72.43.91.125 any
}}}
add rate limit commands
{{{
rate-limit input access-group 101 768000 14400 28800 conform-action transmit exceed-action drop
rate-limit output access-group 101 768000 14400 28800 conform-action transmit exceed-action drop
}}}
So I was creating a backup solution for me and a friend using a couple of [[nslu2s|http://www.linksys.com/servlet/Satellite?c=L_Product_C2&childpagename=US%2FLayout&cid=1115416906769&pagename=Linksys%2FCommon%2FVisitorWrapper&lid=0676923093B14]] running [[debian|http://nslu2-linux.org/wiki/Debian/HomePage]] with large usb2 hard drives. One of the drives crashed after I installed debian gnu/linux on it. Luckily, no data was lost, just time. Here is how I plan to recover.
!!Put the nslu2 in upgrade mode
You can force the NSLU2 into "upgrade mode" using the reset button at power-on. You will need to do this if you want to use the Upslug2 or Sercomm program to reprogram the flash. Proceed as follows:
# Shutdown the slug
# Using a paper clip, push and hold in the reset button. (The reset button is located on the back of the NSLU2 above the power connection.)
# While holding in the reset button, press and release the power button.
# Watch the orange Ready/Status LED and after approx 10 seconds the LED will turn solid red (except for some models, see note below). Quickly release the reset button.
# You should be in upgrade mode which is indicated by the Ready/Status LED alternating between red and green.
If the Ready/Status LED is flashing yellow rather than red/green, you didn't release the reset button quickly enough after the Ready/Status LED turned red, and the Slug is now in "assign mode", whatever that means. Don't panic; just remove the power and start again.
Note on LED colours
Older slugs have a clearly distinguishable red status LED color. Newer ones (sometime in late 2006) are not as distinguishable, it is more like orange to a darker orange. If you have trouble seeing the change, the secret is to not look directly at the led; at about 45 degrees off center the contrast change is much clearer. Adjust the lighting conditions also if necessary (darker room is probably better). The procedure to enter the upgrade mode is just the same as described above though, but you have to eye the status LED more carefully to get the right reset release moment. In my case, the timing was also closer to 7 seconds rather than 10.
from: http://www.nslu2-linux.org/wiki/HowTo/UseTheResetButtonToEnterUpgradeMode
!!Run upslug to re-flash the nslu2
http://www.nslu2-linux.org/wiki/Main/UpSlug2
!!Run the debian installer to re-install debian on the device
follow the directions from: http://www.cyrius.com/debian/nslu2/
Installing Debian on the Linksys NSLU2
Requirements and Preparation
In order to install Debian on a Linksys NSLU2, you need the following:
* A Linksys NSLU2, obviously.
* An external USB disk (or a big USB stick).
* A network connection.
* Another machine on which you have an SSH client. Every Linux distribution includes an OpenSSH client and there is PuTTY for Windows.
There is one complication: the Ethernet drivers require a proprietary microcode that cannot be included in the official images from Debian. There are basically two ways around this:
* Use an USB Ethernet adapter which has an open source driver. Note that if you choose this option, you will have to change the network cable a number of times. When you flash debian-installer, you have to use the internal Ethernet device whereas debian-installer itself needs the USB gadget.
* Use an unofficial image which consists of the official Debian image plus the proprietary IXP4xx microcode.
Regardless of which image you intend to use, you should configure your network settings (IP address, DNS, hostname) using the web interface before flashing the debian-installer image in case you do not want to use DHCP. Debian's installer will use those settings to bring up the network.
Please note that if you use a static IP configuration, you have to specify all information, including netmask, gateway and DNS. If you don't specify all information, debian-installer will not be able to bring up the network and there's currently no way to tell the user that an error has occurred. An incomplete network configuration has so far been the most common reasons for problems with these images, so please make sure you have filled in all values.
Starting the Installer
First, you need to download a debian-installer firmware image which you can then flash to your NSLU2. As mentioned above, the Intel IXP4xx chip used in the Linksys NSLU2 needs some proprietary microcode for the Ethernet driver. As such, it cannot be distributed by the Debian project since we believe in free software and the advantages it offers to our users. While you can download an NSLU2 image directly from Debian this is probably not what you are looking for. It will only work if you use a USB Ethernet adapter. If you wish to use the Ethernet port of your NSLU2, you have to use the unofficial image which is a copy of the Debian images plus the proprietary Ethernet microcode.
You can choose between one of the following methods to write the installer image di-nslu2.bin to flash:
1.
Using the web interface from the original NSLU2 firmware. Go to the administration section, choose Upgrade, browse your disk for the debian-installer image you have just downloaded. Then press the Start Upgrade button, confirm, wait for a few minutes and confirm again.
Upgrading the firmware via the web interface
Upgrading the firmware via the web interface
Upgrading the firmware via the web interface
2. Using upslug2 from any Linux or Unix machine to upgrade the machine via the network (the software is packaged for Debian).
First, you have to put your NSLU2 in upgrade mode:
1. Disconnect any disks and/or devices from the USB ports.
2. Power off the NSLU2
3. Press and hold the reset button (accessible through the small hole on the back just above the power input).
4. Press and release the power button to power on the NSLU2.
5. Wait for 10 seconds watching the ready/status LED. After 10 seconds it will change from amber to red (old older NSLU2) or dark orange (on newer machines). Immediately release the reset button.
6. The NSLU2 ready/status LED will flash alternately dark orange and green (there is a 1 second delay before the first green). The NSLU2 is now in upgrade mode.
See the NSLU2-Linux pages if you have problems with this.
Once your NSLU2 is in upgrade mode, you can flash the new image:
$ sudo upslug2 -i di-nslu2.bin
Password:
NSLU2 00:13:10:d6:1e:a7 Product ID: 1 [...]
Upgrading LKGD61EA7 00:13:10:d6:1e:a7
. original flash contents * packet timed out
! being erased - erased
u being upgraded U upgraded
v being verified V verified
Display:
<status> <address completed>+<bytes transmitted but not completed>
Status:
* timeout occurred + sequence error detected
2a013f+000000 ...UUUUUUUUUUUUUUUUUUu--------------------[...]
By default, upslug2 will look for the NSLU2 on the network connected to the eth0 interface of your machine. If you have multiple network interfaces and the NSLU2 is not connected to eth0, you have to specify the network interface with the -d option (for example, -d eth1).
Note that the tool also shows the MAC address of your NSLU2, which may come in handy to configure your DHCP server.
After the whole image has been written and verified, the system will automatically reboot:
[...]
7fffff+000000 ...VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV[...]
Rebooting... done
Make sure you connect and turn on your USB disk again, otherwise debian-installer won't be able to find it.
3. Using a tool for Windows to upgrade via the network.
After you have flashed the debian-installer image, your NSLU2 will boot and start the Debian installer. Since the NSLU2 does not have any IO device, SSH will be used for the installation. The installer will bring up the network, start the OpenSSH server and you can then connect to the device using SSH. You have to wait approximately five minutes after the debian-installer firmware has been flashed before you can connect, but please be patient as it can sometimes take slightly longer, say 10-15 minutes. When the installer is ready, it will beep three times to indicate that you can now login via SSH.
Since the NSLU2 does not have an LCD, the installer cannot tell you which IP address to connect to or which password to use. With regards to the IP address, the following strategy is used:
1. If you have configured your network settings through the Linksys web interface to use a static IP address other than the default address 192.168.1.77, these values will be used (including the hostname). Note that the installer will not start if your network configuration configuration was incomplete (this includes gateway and DNS). In this case, flash the original firmware again and enter the missing values.
2. Otherwise, DHCP will be used. You can use the MAC address of your NSLU2 to tell your DHCP server to give out a specific IP address to your machine.
3. If no address can be found via DHCP, the default value which Linksys uses will be used: 192.168.1.77
Please make sure that the NSLU2 is on a local network to which only you have access since the password from the NSLU2 firmware is not used for the installer but rather the the very generic password install. The user is installer. Connect to the installer:
ssh installer@192.168.1.77
The Installation
The installation itself should be pretty standard and you can follow the installation guide. It knows about the NSLU2 and at the end of the installation it will flash a kernel and initramfs that will automatically boot into Debian.
Since the NSLU2 doesn't have much memory, the installer won't automatically load all installer modules that are available. You therefore need to manually select which modules to load:
Module selection
In order for the installation to succeed, you need to select the following modules:
* partman-auto: Automatically partition storage devices (partman)
* partman-ext3: Add to partman support for ext3
* usb-storage-modules-2.6.18-6-ixp4xx-di: USB storage support
If you have a USB stick with only 1 GB the current version of the installer will by default create a swap partition that is too small and your system will run out of memory during the installation and fail (the symptom of this is that your SSH connection will be closed). On such systems, you therefore have to manually partition your hard drive instead of using the guided partition option. Make sure that you have at least a swap partition with at least 256 MB.
Please also note that LVM and RAID are not really supported on this device, although there is an external page with some information about such a setup.
The installation will take roughly 2.5 hours (or slightly more if you have a slow Internet connection). At the end of the installation, the installer will write the new kernel to flash. Afterwards you will get a confirmation that the installation is complete. Confirm, wait for the installer to finish and once your SSH session terminates, wait a few minutes before you can connect to your newly installed system vis SSH. You will be able to log in as root or your newly created user via SSH.
Flashing the kernel
Rebooting after d-i finishes
When you first login to your new system, it is recommended that you install the ntpdate (or ntp) package to make sure the clock is always up-to-date; otherwise attempts to install new packages might fail due to GPG verification errors (for the first time, you'll probably have to setup the clock manually using the date command).
Success
You should now have a complete Debian system running on your NSLU2. You can use apt-get and other tools to install additional software. The NSLU2 is an ARM based device and the ARM architecture is fully supported by Debian. Unlike the original firmware, the Debian port runs in little-endian mode. In case you faced any problems with the installer that couldn't be resolved, it's also possible to install Debian on your NSLU2 by manually unpacking a tar ball which I've prepared.
There are a number of resources where you can find more information about running Debian on your NSLU2. The NSLU2-Linux wiki has lots of information about Debian and the README file from the nslu2-utils package (/usr/share/doc/nslu2-utils/README.Debian on your newly installed system) includes some important information you should definitely read. Also, there are some tips for running Linux on a flash device (in case you didn't install Debian on a hard drive but a USB flash stick) and for reducing memory usage.
Troubleshooting
There are some common problems found during or after the installation:
* The installer disconnects while formating the disk. This happens sometimes when the installer runs out of memory. The best workaround is to manually partition and format the disk before starting the installer and to reuse the existing partitions; read this page for instructions.
* The machine fails to boot after connecting more than one drive: this is because Debian currently doesn't use persistent naming for disks, which means that it might try to boot from the wrong disk. There is a manual workaround that is documented in section "The slug fails to reboot with 2 drives connected" of the troubleshooting wiki page.
* For other issues, please refer to the troubleshooting wiki page.
If you find this site helpful, you're welcome to make a donation.
Last modified on 2008-02-18 11:14:24 +0100 (Mon, 18 Feb 2008).
!!Here's the link for the image
http://www.slug-firmware.net/d-dls.php
{{{
Regsvr32.exe /u msutb.dll
}}}
http://www.vmware.com/community/message.jspa?messageID=503451
AZDeveloper
Remove Snapshot menu item greyed out
Posted: Oct 27, 2006 1:38 PM
Host OS: XP Pro x64
Guest OS: Windows 2000
I took a snapshot of my VM, but now I cannot "remove" the snapshot so that I may take another one. The "Remove Snapshot" menu item in the VMWare Console is greyed out.
Any ideas ?
devzero
Posts: 1,823
From: Germany
Registered: 12/27/04
Re: Remove Snapshot menu item greyed out
Posted: Oct 27, 2006 2:16 PM in response to: AZDeveloper
Click to reply to this topic Reply
shutdown the Guest OS
AZDeveloper
Posts: 5
Registered: 4/4/06
Re: Remove Snapshot menu item greyed out
Posted: Oct 27, 2006 4:36 PM in response to: devzero
Click to reply to this topic Reply
I've shut down the guest OS.
I've rebooted the machine.
It is still greyed out.
KevinG
Posts: 13,808
From: VCP Palo Alto, CA USA
Registered: 1/8/04
Re: Remove Snapshot menu item greyed out
Posted: Oct 27, 2006 4:46 PM in response to: AZDeveloper
Click to reply to this topic Reply
You must power off the virtual machine to use the "Remove" snapshot menu option.
By the way, "Remove" will commit the changes in the snapshot to the base .vmdk file. "Revert" option will throw away the changes and go back to using the base .vmdk file
[HKEY_LOCAL_MACHINE\SOFTWARE\VMware, Inc.\VMware Tools]
"ShowTray"=dword:00000000
Source: http://communities.vmware.com/message/453374;jsessionid=35FD72C6830395710F802633085BAACB
{{{
grep -v "^$" filename > newfilename
}}}
{{{
grep -v "^[ \t]" drivers2.txt > drivers3.txt
}}}
{{{
sp_dropserver <old_name>
GO
sp_addserver <new_name>, local
GO
}}}
#delete any maintenance plans {{{<<<<<}}}''IMPORTANT''
#rename server
#reboot server
#run sql commands [[Rename SQL 2005 Server Script]]
#recreate maintenance plans
http://msdn.microsoft.com/en-us/library/ms143799(SQL.90).aspx
/***
|Name:|RenameTagsPlugin|
|Description:|Allows you to easily rename or delete tags across multiple tiddlers|
|Version:|3.0 ($Rev: 3861 $)|
|Date:|$Date: 2008-03-08 10:53:09 +1000 (Sat, 08 Mar 2008) $|
|Source:|http://mptw.tiddlyspot.com/#RenameTagsPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License|http://mptw.tiddlyspot.com/#TheBSDLicense|
Rename a tag and you will be prompted to rename it in all its tagged tiddlers.
***/
//{{{
config.renameTags = {
prompts: {
rename: "Rename the tag '%0' to '%1' in %2 tidder%3?",
remove: "Remove the tag '%0' from %1 tidder%2?"
},
removeTag: function(tag,tiddlers) {
store.suspendNotifications();
for (var i=0;i<tiddlers.length;i++) {
store.setTiddlerTag(tiddlers[i].title,false,tag);
}
store.resumeNotifications();
store.notifyAll();
},
renameTag: function(oldTag,newTag,tiddlers) {
store.suspendNotifications();
for (var i=0;i<tiddlers.length;i++) {
store.setTiddlerTag(tiddlers[i].title,false,oldTag); // remove old
store.setTiddlerTag(tiddlers[i].title,true,newTag); // add new
}
store.resumeNotifications();
store.notifyAll();
},
storeMethods: {
saveTiddler_orig_renameTags: TiddlyWiki.prototype.saveTiddler,
saveTiddler: function(title,newTitle,newBody,modifier,modified,tags,fields) {
if (title != newTitle) {
var tagged = this.getTaggedTiddlers(title);
if (tagged.length > 0) {
// then we are renaming a tag
if (confirm(config.renameTags.prompts.rename.format([title,newTitle,tagged.length,tagged.length>1?"s":""])))
config.renameTags.renameTag(title,newTitle,tagged);
if (!this.tiddlerExists(title) && newBody == "")
// dont create unwanted tiddler
return null;
}
}
return this.saveTiddler_orig_renameTags(title,newTitle,newBody,modifier,modified,tags,fields);
},
removeTiddler_orig_renameTags: TiddlyWiki.prototype.removeTiddler,
removeTiddler: function(title) {
var tagged = this.getTaggedTiddlers(title);
if (tagged.length > 0)
if (confirm(config.renameTags.prompts.remove.format([title,tagged.length,tagged.length>1?"s":""])))
config.renameTags.removeTag(title,tagged);
return this.removeTiddler_orig_renameTags(title);
}
},
init: function() {
merge(TiddlyWiki.prototype,this.storeMethods);
}
}
config.renameTags.init();
//}}}
{{{
::Date Variables - replace characters that are not legal as part of filesystem file names (to produce name like "backup_04.15.08.7z")
SET DT=%date%
SET DT=%DT:/=.%
SET DT=%DT:-=.%
}}}
Robocopy is great for moving files among Windows hosts. It logs nicely, tells me how long it took, and I can script it easily. My primary directory synchronization script looks like:
{{{
@ECHO OFF
SETLOCAL ENABLEDELAYEDEXPANSION
SET _ROBO=c:\bin\robocopy.exe
SET _BLAT=c:\bin\blat.exe
SET _sourcedir=\\server1\c$\dir1
SET _destdir=G:\dir2
SET _logfile=%0.log
SET _what=/COPYALL /ZB /SEC /MIR
:: /COPYALL :: COPY ALL file info
:: /ZB :: use restartable mode; if access denied use Backup mode.
:: /SEC :: copy files with SECurity
:: /MIR :: MIRror a directory tree
SET _options=/R:5 /W:30 /LOG+:%_logfile% /NFL /NDL
:: /R:n :: number of Retries
:: /W:n :: Wait time between retries
:: /LOG :: Output log file
:: /NFL :: No file logging
:: /NDL :: No dir logging
%_ROBO% %_sourcedir% %_destdir% %_what% %_options%
%_BLAT% %_logfile% -t <recipient>@<domain>.<tld> -s "%0 done"
}}}
!!!Gotcha
The above script works great on directories, I've used it many, many times. However, here's the gotcha: If you're trying to sync only certain files (*.txt or *.mdf or *.ldf) from just the source directory (and not child directories), you have to do two things: 1) add a parameter: {{{files}}}, and 2) add an argument: {{{/lev:###}}}.
This is what the file sync script looks like:
{{{
@ECHO OFF
SETLOCAL ENABLEDELAYEDEXPANSION
SET _ROBO=c:\bin\robocopy.exe
SET _BLAT=c:\bin\blat.exe
SET _sourcedir=\\server1\c$\dir1
SET _destdir=G:\dir2
SET _files=*.txt
SET _logfile=%0.log
SET _what=/COPYALL /ZB /SEC /MIR
:: /COPYALL :: COPY ALL file info
:: /ZB :: use restartable mode; if access denied use Backup mode.
:: /SEC :: copy files with SECurity
:: /MIR :: MIRror a directory tree
SET _options=/R:5 /W:30 /LOG:%_logfile% /NFL /NDL
:: /R:n :: number of Retries
:: /W:n :: Wait time between retries
:: /LOG :: Output log file
:: /NFL :: No file logging
:: /NDL :: No dir logging
%_ROBO% %_sourcedir% %_destdir% %_files% %_what% %_options%
%_BLAT% %_logfile% -t smaug9@tld.org -s "%0 complete"
}}}
There are a couple key points here:
*Robocopy doesn't work like copy or xcopy, the source and destination must be directories, eg:
**Incorrect: {{{source=c:\test\*.txt}}}
**Correct: {{{source=c:\test}}}, {{{files=*.txt}}}
*The source and destination directories must __not__ have a trailing backslash eg:
**Incorrect: {{{source=c:\test\}}}
**Correct: {{{source=c:\test}}}
*If you don't specify the levels argument ({{{/lev:###}}}), robocopy will default to copy the entire directory tree, and create child directories as needed, even if there aren't any files in those child directories that match the files parameter.
You can get v26 of robocopy by installing the robocopy gui app, and copy robocopy/exe from %windir%\system32\ to wherever.
Get the robocopy app here: http://download.microsoft.com/download/f/d/0/fd05def7-68a1-4f71-8546-25c359cc0842/UtilitySpotlight2006_11.exe
Helpfiles:
[[Robocopy V026 Help]]
[[Robocopy V010 Help]]
{{{
-------------------------------------------------------------------------------
ROBOCOPY :: Robust File Copy for Windows :: Version XP010
-------------------------------------------------------------------------------
Started : Fri Nov 07 17:44:32 2008
Usage :: ROBOCOPY source destination [file [file]...] [options]
source :: Source Directory (drive:\path or \\server\share\path).
destination :: Destination Dir (drive:\path or \\server\share\path).
file :: File(s) to copy (names/wildcards: default is "*.*").
::
:: Copy options :
::
/S :: copy Subdirectories, but not empty ones.
/E :: copy subdirectories, including Empty ones.
/LEV:n :: only copy the top n LEVels of the source directory tree.
/Z :: copy files in restartable mode.
/B :: copy files in Backup mode.
/ZB :: use restartable mode; if access denied use Backup mode.
/COPY:copyflag[s] :: what to COPY (default is /COPY:DAT).
(copyflags : D=Data, A=Attributes, T=Timestamps).
(S=Security=NTFS ACLs, O=Owner info, U=aUditing info).
/SEC :: copy files with SECurity (equivalent to /COPY:DATS).
/COPYALL :: COPY ALL file info (equivalent to /COPY:DATSOU).
/NOCOPY :: COPY NO file info (useful with /PURGE).
/PURGE :: delete dest files/dirs that no longer exist in source.
/MIR :: MIRror a directory tree (equivalent to /E plus /PURGE).
/MOV :: MOVe files (delete from source after copying).
/MOVE :: MOVE files AND dirs (delete from source after copying).
/A+:[RASHNT] :: add the given Attributes to copied files.
/A-:[RASHNT] :: remove the given Attributes from copied files.
/CREATE :: CREATE directory tree and zero-length files only.
/FAT :: create destination files using 8.3 FAT file names only.
/FFT :: assume FAT File Times (2-second granularity).
/256 :: turn off very long path (> 256 characters) support.
/MON:n :: MONitor source; run again when more than n changes seen.
/MOT:m :: MOnitor source; run again in m minutes Time, if changed.
/RH:hhmm-hhmm :: Run Hours - times when new copies may be started.
/PF :: check run hours on a Per File (not per pass) basis.
/IPG:n :: Inter-Packet Gap (ms), to free bandwidth on slow lines.
::
:: File Selection Options :
::
/A :: copy only files with the Archive attribute set.
/M :: copy only files with the Archive attribute and reset it.
/IA:[RASHCNETO] :: Include only files with any of the given Attributes set.
/XA:[RASHCNETO] :: eXclude files with any of the given Attributes set.
/XF file [file]... :: eXclude Files matching given names/paths/wildcards.
/XD dirs [dirs]... :: eXclude Directories matching given names/paths.
/XC :: eXclude Changed files.
/XN :: eXclude Newer files.
/XO :: eXclude Older files.
/XX :: eXclude eXtra files and directories.
/XL :: eXclude Lonely files and directories.
/IS :: Include Same files.
/IT :: Include Tweaked files.
/MAX:n :: MAXimum file size - exclude files bigger than n bytes.
/MIN:n :: MINimum file size - exclude files smaller than n bytes.
/MAXAGE:n :: MAXimum file AGE - exclude files older than n days/date.
/MINAGE:n :: MINimum file AGE - exclude files newer than n days/date.
/MAXLAD:n :: MAXimum Last Access Date - exclude files unused since n.
/MINLAD:n :: MINimum Last Access Date - exclude files used since n.
(If n < 1900 then n = n days, else n = YYYYMMDD date).
/XJ :: eXclude Junction points. (normally included by default).
::
:: Retry Options :
::
/R:n :: number of Retries on failed copies: default 1 million.
/W:n :: Wait time between retries: default is 30 seconds.
/REG :: Save /R:n and /W:n in the Registry as default settings.
/TBD :: wait for sharenames To Be Defined (retry error 67).
::
:: Logging Options :
::
/L :: List only - don't copy, timestamp or delete any files.
/X :: report all eXtra files, not just those selected.
/V :: produce Verbose output, showing skipped files.
/TS :: include source file Time Stamps in the output.
/FP :: include Full Pathname of files in the output.
/NS :: No Size - don't log file sizes.
/NC :: No Class - don't log file classes.
/NFL :: No File List - don't log file names.
/NDL :: No Directory List - don't log directory names.
/NP :: No Progress - don't display % copied.
/ETA :: show Estimated Time of Arrival of copied files.
/LOG:file :: output status to LOG file (overwrite existing log).
/LOG+:file :: output status to LOG file (append to existing log).
/TEE :: output to console window, as well as the log file.
/NJH :: No Job Header.
/NJS :: No Job Summary.
::
:: Job Options :
::
/JOB:jobname :: take parameters from the named JOB file.
/SAVE:jobname :: SAVE parameters to the named job file
/QUIT :: QUIT after processing command line (to view parameters).
/NOSD :: NO Source Directory is specified.
/NODD :: NO Destination Directory is specified.
/IF :: Include the following Files.
}}}
cuz im lazy
{{{
C:\0\bin>ROBOCOPY.EXE /?
-------------------------------------------------------------------------------
ROBOCOPY :: Robust File Copy for Windows :: Version XP026
-------------------------------------------------------------------------------
Started : Thu Feb 12 11:42:38 2009
Usage :: ROBOCOPY source destination [file [file]...] [options]
source :: Source Directory (drive:\path or \\server\share\path).
destination :: Destination Dir (drive:\path or \\server\share\path).
file :: File(s) to copy (names/wildcards: default is "*.*").
::
:: Copy options :
::
/S :: copy Subdirectories, but not empty ones.
/E :: copy subdirectories, including Empty ones.
/LEV:n :: only copy the top n LEVels of the source directory tree.
/Z :: copy files in restartable mode.
/B :: copy files in Backup mode.
/ZB :: use restartable mode; if access denied use Backup mode.
/COPY:copyflag[s] :: what to COPY for files (default is /COPY:DAT).
(copyflags : D=Data, A=Attributes, T=Timestamps).
(S=Security=NTFS ACLs, O=Owner info, U=aUditing info).
/DCOPY:T :: COPY Directory Timestamps.
/SEC :: copy files with SECurity (equivalent to /COPY:DATS).
/COPYALL :: COPY ALL file info (equivalent to /COPY:DATSOU).
/NOCOPY :: COPY NO file info (useful with /PURGE).
/SECFIX :: FIX file SECurity on all files, even skipped files.
/TIMFIX :: FIX file TIMes on all files, even skipped files.
/PURGE :: delete dest files/dirs that no longer exist in source.
/MIR :: MIRror a directory tree (equivalent to /E plus /PURGE).
/MOV :: MOVe files (delete from source after copying).
/MOVE :: MOVE files AND dirs (delete from source after copying).
/A+:[RASHCNET] :: add the given Attributes to copied files.
/A-:[RASHCNET] :: remove the given Attributes from copied files.
/CREATE :: CREATE directory tree and zero-length files only.
/FAT :: create destination files using 8.3 FAT file names only.
/256 :: turn off very long path (> 256 characters) support.
/MON:n :: MONitor source; run again when more than n changes seen.
/MOT:m :: MOnitor source; run again in m minutes Time, if changed.
/RH:hhmm-hhmm :: Run Hours - times when new copies may be started.
/PF :: check run hours on a Per File (not per pass) basis.
/IPG:n :: Inter-Packet Gap (ms), to free bandwidth on slow lines.
::
:: File Selection Options :
::
/A :: copy only files with the Archive attribute set.
/M :: copy only files with the Archive attribute and reset it.
/IA:[RASHCNETO] :: Include only files with any of the given Attributes set.
/XA:[RASHCNETO] :: eXclude files with any of the given Attributes set.
/XF file [file]... :: eXclude Files matching given names/paths/wildcards.
/XD dirs [dirs]... :: eXclude Directories matching given names/paths.
/XC :: eXclude Changed files.
/XN :: eXclude Newer files.
/XO :: eXclude Older files.
/XX :: eXclude eXtra files and directories.
/XL :: eXclude Lonely files and directories.
/IS :: Include Same files.
/IT :: Include Tweaked files.
/MAX:n :: MAXimum file size - exclude files bigger than n bytes.
/MIN:n :: MINimum file size - exclude files smaller than n bytes.
/MAXAGE:n :: MAXimum file AGE - exclude files older than n days/date.
/MINAGE:n :: MINimum file AGE - exclude files newer than n days/date.
/MAXLAD:n :: MAXimum Last Access Date - exclude files unused since n.
/MINLAD:n :: MINimum Last Access Date - exclude files used since n.
(If n < 1900 then n = n days, else n = YYYYMMDD date).
/XJ :: eXclude Junction points. (normally included by default).
/FFT :: assume FAT File Times (2-second granularity).
/DST :: compensate for one-hour DST time differences.
/XJD :: eXclude Junction points for Directories.
/XJF :: eXclude Junction points for Files.
::
:: Retry Options :
::
/R:n :: number of Retries on failed copies: default 1 million.
/W:n :: Wait time between retries: default is 30 seconds.
/REG :: Save /R:n and /W:n in the Registry as default settings.
/TBD :: wait for sharenames To Be Defined (retry error 67).
::
:: Logging Options :
::
/L :: List only - don't copy, timestamp or delete any files.
/X :: report all eXtra files, not just those selected.
/V :: produce Verbose output, showing skipped files.
/TS :: include source file Time Stamps in the output.
/FP :: include Full Pathname of files in the output.
/BYTES :: Print sizes as bytes.
/NS :: No Size - don't log file sizes.
/NC :: No Class - don't log file classes.
/NFL :: No File List - don't log file names.
/NDL :: No Directory List - don't log directory names.
/NP :: No Progress - don't display % copied.
/ETA :: show Estimated Time of Arrival of copied files.
/LOG:file :: output status to LOG file (overwrite existing log).
/LOG+:file :: output status to LOG file (append to existing log).
/UNILOG:file :: output status to LOG file as UNICODE (overwrite existing
log).
/UNILOG+:file :: output status to LOG file as UNICODE (append to existing
log).
/TEE :: output to console window, as well as the log file.
/NJH :: No Job Header.
/NJS :: No Job Summary.
/UNICODE :: output status as UNICODE.
::
:: Job Options :
::
/JOB:jobname :: take parameters from the named JOB file.
/SAVE:jobname :: SAVE parameters to the named job file
/QUIT :: QUIT after processing command line (to view parameters).
/NOSD :: NO Source Directory is specified.
/NODD :: NO Destination Directory is specified.
/IF :: Include the following Files.
}}}
<X>:\htape\sn\bin\setup.ini
!!SUMMARY
SQL Server 2000 Books ~On-Line states that the Database Maintenance Plan Wizard only supports backups to local disks. Backups can be done to a network resource under certain circumstances.
!!RESOLUTION
Backups to a network folder require the following prerequisites:
1) The SQL Server service must be running under a domain-level account.
2) The SQL Server service account must have FULL CONTROL rights to the file system folder and to the share.
3) The remote share should only be accessed via UNC name. Mapped drives may not be consistently visible to the SQL Service.
Once these prerequisites are met, the UNC name can be typed into the 'Use this directory' text field on the 'Complete Backup' and/or the 'Transaction Log Backup' tabs of the Database Maintenance plan. SQL will then write backups to this location. Do not use the '…' button. This button will only enumerate local disk resources.
!!MORE INFORMATION
The most common failure cause is incorrect access permissions to the share or the underlying folder(s). Access to the share can be tested by logging into the console of the SQL Server as the SQL Service account. Test using the UNC share name only and not a mapped drive.
Note that backing up to a network share can cause significant network traffic. Make sure your network can handle this load without adversely affecting other systems or end users. You may find it beneficial to establish a dedicated physical network connection between your database server and your backup file host.
from article: http://support.microsoft.com/?id=555128
MSSQL box looks like transaction logs on server have never worked.
Windows Application Log has:
{{{
Event Type: Warning
Event Source: SQLSERVERAGENT
Event Category: Job Engine
Event ID: 208
Date: 7/1/2008
Time: 10:00:01 PM
User: N/A
Computer: Computer
Description:
SQL Server Scheduled Job 'Transaction Log Backup Job for DB Maintenance Plan 'DB Maintenance Plan1'' (0x045DE9CE32CFE344AB93033E1A400017)
- Status: Failed
- Invoked on: 2008-07-01 22:00:00
- Message: The job failed. The Job was invoked by Schedule 2 (Schedule 1). The last step to run was step 1 (Step 1).
}}}
SQL Job has:
{{{
Executed as user: NT AUTHORITY\SYSTEM. sqlmaint.exe failed. [SQLSTATE 42000] (Error 22029). The step failed.
}}}
DB Maintenance Plan History has:
{{{
Backup can not be performed on this database. This sub task is ignored
}}}
Woohoo, so descriptive =\
Found this: [[A transaction log backup job that is created in Database Maintenance Planner fails to execute|http://support.microsoft.com/kb/303229]]
Basically, in the db properties, options tab, change the recovery model from simple to full. Doesn't look like you can do this for master or msdb.
Have fun!
http://www.mssqltips.com/tip.asp?tip=1219
If you receive the following error when creating a maintenance plan...
{{{
Create maintenance plan failed.
Additional information:
Create failed for JobStep 'Subplan'. (Microsoft.SqlServer.MaintenancePlanTasks)
An exception occurred while executing a Transact-SQL statement or batch. (Microsoft.SqlServer.ConnectionInfo)
The specified '@subsystem' is invalid (valid values are returned by sp_enum_sqlagent_subsystems). (Microsoft SQL Server, Error 14234)
}}}
Install the integration service component.
see: http://support.microsoft.com/kb/909036/en-us
{{{
SSH(1) BSD General Commands Manual SSH(1)
NAME
ssh - OpenSSH SSH client (remote login program)
SYNOPSIS
ssh [-1246AaCfgKkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec] [-D
[bind_address:]port] [-e escape_char] [-F configfile]
[-i identity_file] [-L [bind_address:]port:host:hostport]
[-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port] [-R
[bind_address:]port:host:hostport] [-S ctl_path] [-w tunnel:tunnel]
[user@]hostname [command]
DESCRIPTION
ssh (SSH client) is a program for logging into a remote machine and for
executing commands on a remote machine. It is intended to replace rlogin
and rsh, and provide secure encrypted communications between two
untrusted hosts over an insecure network. X11 connections and arbitrary
TCP ports can also be forwarded over the secure channel.
ssh connects and logs into the specified hostname (with optional user
name). The user must prove his/her identity to the remote machine using
one of several methods depending on the protocol version used (see
below).
If command is specified, it is executed on the remote host instead of a
login shell.
The options are as follows:
-1 Forces ssh to try protocol version 1 only.
-2 Forces ssh to try protocol version 2 only.
-4 Forces ssh to use IPv4 addresses only.
-6 Forces ssh to use IPv6 addresses only.
-A Enables forwarding of the authentication agent connection. This
can also be specified on a per-host basis in a configuration
file.
Agent forwarding should be enabled with caution. Users with the
ability to bypass file permissions on the remote host (for the
agentâs Unix-domain socket) can access the local agent through
the forwarded connection. An attacker cannot obtain key material
from the agent, however they can perform operations on the keys
that enable them to authenticate using the identities loaded into
the agent.
-a Disables forwarding of the authentication agent connection.
-b bind_address
Use bind_address on the local machine as the source address of
the connection. Only useful on systems with more than one
address.
-C Requests compression of all data (including stdin, stdout,
stderr, and data for forwarded X11 and TCP connections). The
compression algorithm is the same used by gzip(1), and the
âlevelâ
tocol version 1. Compression is desirable on modem lines and
other slow connections, but will only slow down things on fast
networks. The default value can be set on a host-by-host basis
in the configuration files; see the Compression option.
-c cipher_spec
Selects the cipher specification for encrypting the session.
Protocol version 1 allows specification of a single cipher. The
supported values are â3desâblowfishâdesâ
(triple-des) is an encrypt-decrypt-encrypt triple with three d
ifâ
ferent keys. It is believed to be secure. blowfish is a fast
block cipher; it appears very secure and is much faster than
3des. des is only supported in the ssh client for interoperabilâ
ity with legacy protocol 1 implementations that do not support
the 3des cipher. Its use is strongly discouraged due to cryptoâ
graphic weaknesses. The default is â3desâ
For protocol version 2, cipher_spec is a comma-separated list of
ciphers listed in order of preference. The supported ciphers
are: 3des-cbc, aes128-cbc, aes192-cbc, aes256-cbc, aes128-ctr,
aes192-ctr, aes256-ctr, arcfour128, arcfour256, arcfour, blowâ
fish-cbc, and cast128-cbc. The default is:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,
arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr,
aes192-ctr,aes256-ctr
-D [bind_address:]port
Specifies a local âdynamicâ
This works by allocating a socket to listen to port on the local
side, optionally bound to the specified bind_address. Whenever a
connection is made to this port, the connection is forwarded over
the secure channel, and the application protocol is then used to
determine where to connect to from the remote machine. Currently
the SOCKS4 and SOCKS5 protocols are supported, and ssh will act
as a SOCKS server. Only root can forward privileged ports.
Dynamic port forwardings can also be specified in the configuraâ
tion file.
IPv6 addresses can be specified with an alternative syntax:
[bind_address/]port or by enclosing the address in square brackâ
ets. Only the superuser can forward privileged ports. By
default, the local port is bound in accordance with the
GatewayPorts setting. However, an explicit bind_address may be
used to bind the connection to a specific address. The
bind_address of âlocalhostâ
bound for local use only, while an empty address or â*â indicates
that the port should be available from all interfaces.
-e escape_char
Sets the escape character for sessions with a pty (default: â~â).
The escape character is only recognized at the beginning of a
line. The escape character followed by a dot (â.â) closes the
connection; followed by control-Z suspends the connection; and
followed by itself sends the escape character once. Setting the
character to ânoneâ
fully transparent.
-F configfile
Specifies an alternative per-user configuration file. If a conâ
figuration file is given on the command line, the system-wide
configuration file (/etc/ssh/ssh_config) will be ignored. The
default for the per-user configuration file is ~/.ssh/config.
-f Requests ssh to go to background just before command execution.
This is useful if ssh is going to ask for passwords or
passphrases, but the user wants it in the background. This
implies -n. The recommended way to start X11 programs at a
remote site is with something like ssh -f host xterm.
-g Allows remote hosts to connect to local forwarded ports.
-I smartcard_device
Specify the device ssh should use to communicate with a smartcard
used for storing the userâs private RSA key. This option is only
available if support for smartcard devices is compiled in
(default is no support).
-i identity_file
Selects a file from which the identity (private key) for RSA or
DSA authentication is read. The default is ~/.ssh/identity for
protocol version 1, and ~/.ssh/id_rsa and ~/.ssh/id_dsa for proâ
tocol version 2. Identity files may also be specified on a per-
host basis in the configuration file. It is possible to have
multiple -i options (and multiple identities specified in configâ
uration files).
-K Enables forwarding (delegation) of GSSAPI credentials to the
server.
-k Disables forwarding (delegation) of GSSAPI credentials to the
server.
-L [bind_address:]port:host:hostport
Specifies that the given port on the local (client) host is to be
forwarded to the given host and port on the remote side. This
works by allocating a socket to listen to port on the local side,
optionally bound to the specified bind_address. Whenever a conâ
nection is made to this port, the connection is forwarded over
the secure channel, and a connection is made to host port
hostport from the remote machine. Port forwardings can also be
specified in the configuration file. IPv6 addresses can be specâ
ified with an alternative syntax:
[bind_address/]port/host/hostport or by enclosing the address in
square brackets. Only the superuser can forward privileged
ports. By default, the local port is bound in accordance with
the GatewayPorts setting. However, an explicit bind_address may
be used to bind the connection to a specific address. The
bind_address of âlocalhostâ
bound for local use only, while an empty address or â*â indicates
that the port should be available from all interfaces.
-l login_name
Specifies the user to log in as on the remote machine. This also
may be specified on a per-host basis in the configuration file.
-M Places the ssh client into âmasterâ
Multiple -M options places ssh into âmasterâ
tion requi
red before slave connections are accepted. Refer to
the description of ControlMaster in ssh_config(5) for details.
-m mac_spec
Additionally, for protocol version 2 a comma-separated list of
MAC (message authentication code) algorithms can be specified in
order of preference. See the MACs keyword for more information.
-N Do not execute a remote command. This is useful for just forâ
warding ports (protocol version 2 only).
-n Redirects stdin from /dev/null (actually, prevents reading from
stdin). This must be used when ssh is run in the background. A
common trick is to use this to run X11 programs on a remote
machine. For example, ssh -n shadows.cs.hut.fi emacs & will
start an emacs on shadows.cs.hut.fi, and the X11 connection will
be automatically forwarded over an encrypted channel. The ssh
program will be put in the background. (This does not work if
ssh needs to ask for a password or passphrase; see also the -f
option.)
-O ctl_cmd
Control an active connection multiplexing master process. When
the -O option is specified, the ctl_cmd argument is interpreted
and passed to the master process. Valid commands are: âcheckâ
exitâ
the master to exit).
-o option
Can be used to give options in the format used in the configuraâ
tion file. This is useful for specifying options for which there
is no separate command-line flag. For full details of the
options listed below, and their possible values, see
ssh_config(5).
AddressFamily
BatchMode
BindAddress
ChallengeResponseAuthentication
CheckHostIP
Cipher
Ciphers
ClearAllForwardings
Compression
CompressionLevel
ConnectionAttempts
ConnectTimeout
ControlMaster
ControlPath
DynamicForward
EscapeChar
ForwardAgent
ForwardX11
ForwardX11Trusted
GatewayPorts
GlobalKnownHostsFile
GSSAPIAuthentication
GSSAPIDelegateCredentials
HashKnownHosts
Host
HostbasedAuthentication
HostKeyAlgorithms
HostKeyAlias
HostName
IdentityFile
IdentitiesOnly
KbdInteractiveDevices
LocalCommand
LocalForward
LogLevel
MACs
NoHostAuthenticationForLocalhost
NumberOfPasswordPrompts
PasswordAuthentication
PermitLocalCommand
Port
PreferredAuthentications
Protocol
ProxyCommand
PubkeyAuthentication
RekeyLimit
RemoteForward
RhostsRSAAuthentication
RSAAuthentication
SendEnv
ServerAliveInterval
ServerAliveCountMax
SmartcardDevice
StrictHostKeyChecking
TCPKeepAlive
Tunnel
TunnelDevice
UsePrivilegedPort
User
UserKnownHostsFile
VerifyHostKeyDNS
XAuthLocation
-p port
Port to connect to on the remote host. This can be specified on
a per-host basis in the configuration file.
-q Quiet mode. Causes all warning and diagnostic messages to be
suppressed. Only fatal errors are displayed. If a second -q is
given then even fatal errors are suppressed.
-R [bind_address:]port:host:hostport
Specifies that the given port on the remote (server) host is to
be forwarded to the given host and port on the local side. This
works by allocating a socket to listen to port on the remote
side, and whenever a connection is made to this port, the connecâ
tion is forwarded over the secure channel, and a connection is
made to host port hostport from the local machine.
Port forwardings can also be specified in the configuration file.
Privileged ports can be forwarded only when logging in as root on
the remote machine. IPv6 addresses can be specified by enclosing
the address in square braces or using an alternative syntax:
[bind_address/]host/port/hostport.
By default, the listening socket on the server will be bound to
the loopback interface only. This may be overriden by specifying
a bind_address. An empty bind_address, or the address â*â, indiâ
cates that the remote socket should listen on all interfaces.
Specifying a remote bind_address will only succeed if the
serverâs GatewayPorts option is enabled (see sshd_config(5)).
-S ctl_path
Specifies the location of a control socket for connection sharâ
ing. Refer to the description of ControlPath and ControlMaster
in ssh_config(5) for details.
-s May be used to request invocation of a subsystem on the remote
system. Subsystems are a feature of the SSH2 protocol which
facilitate the use of SSH as a secure transport for other appliâ
cations (eg. sftp(1)). The subsystem is specified as the remote
command.
-T Disable pseudo-tty allocation.
-t Force pseudo-tty allocation. This can be used to execute arbiâ
trary screen-based programs on a remote machine, which can be
very useful, e.g., when implementing menu services. Multiple -t
options force tty allocation, even if ssh has no local tty.
-V Display the version number and exit.
-v Verbose mode. Causes ssh to print debugging messages about its
progress. This is helpful in debugging connection, authenticaâ
tion, and configuration problems. Multiple -v options increase
the verbosity. The maximum is 3.
-w tunnel:tunnel
Requests a tun(4) device on the client (first tunnel arg) and
server (second tunnel arg). The devices may be specified by
numerical ID or the keyword âanyâ
tunnel device. See also the Tunnel directive in ssh_config(5).
-X Enables X11 forwarding. This can also be specified on a per-host
basis in a configuration file.
X11 forwarding should be enabled with caution. Users with the
ability to bypass file permissions on the remote host (for the
userâs X authorization database) can access the local X11 display
through the forwarded connection. An attacker may then be able
to perform activities such as keystroke monitoring.
For this reason, X11 forwarding is subjected to X11 SECURITY
extension restrictions by default. Please refer to the ssh -Y
option and the ForwardX11Trusted directive in ssh_config(5) for
more information.
-x Disables X11 forwarding.
-Y Enables trusted X11 forwarding. Trusted X11 forwardings are not
subjected to the X11 SECURITY extension controls.
ssh may additionally obtain configuration data from a per-user configuraâ
tion file and a system-wide configuration file. The file format and conâ
figuration options are described in ssh_config(5).
ssh exits with the exit status of the remote command or with 255 if an
error occurred.
AUTHENTICATION
The OpenSSH SSH client supports SSH protocols 1 and 2. Protocol 2 is the
default, with ssh falling back to protocol 1 if it detects protocol 2 is
unsupported. These settings may be altered using the Protocol option in
ssh_config(5), or enforced using the -1 and -2 options (see above). Both
protocols support similar authentication methods, but protocol 2 is preâ
ferred since it provides additional mechanisms for confidentiality (the
traffic is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour) and
integrity (hmac-md5, hmac-sha1, hmac-ripemd160). Protocol 1 lacks a
strong mechanism for ensuring the integrity of the connection.
The methods available for authentication are: host-based authentication,
public key authentication, challenge-response authentication, and passâ
word authentication. Authentication methods are tried in the order specâ
ified above, though protocol 2 has a configuration option to change the
default order: PreferredAuthentications.
Host-based authentication works as follows: If the machine the user logs
in from is listed in /etc/hosts.equiv or /etc/ssh/shosts.equiv on the
remote machine, and the user names are the same on both sides, or if the
files ~/.rhosts or ~/.shosts exist in the userâs home directory on the
remote machine and contain a line containing the name of the client
machine and the name of the user on that machine, the user is considered
for login. Additionally, the server must be able to verify the clientâs
host key (see the description of /etc/ssh/ssh_known_hosts and
~/.ssh/known_hosts, below) for login to be permitted. This authenticaâ
tion method closes security holes due to IP spoofing, DNS spoofing, and
routing spoofing. [Note to the administrator: /etc/hosts.equiv,
~/.rhosts, and the rlogin/rsh protocol in general, are inherently inseâ
cure and should be disabled if security is desired.]
Public key authentication works as follows: The scheme is based on pubâ
lic-key cryptography, using cryptosystems where encryption and decryption
are done using separate keys, and it is unfeasible to derive the decrypâ
tion key from the encryption key. The idea is that each user creates a
public/private key pair for authentication purposes. The server knows
the public key, and only the user knows the private key. ssh implements
public key authentication protocol automatically, using either the RSA or
DSA algorithms. Protocol 1 is restricted to using only RSA keys, but
protocol 2 may use either. The HISTORY section of ssl(8) contains a
brief discussion of the two algorithms.
The file ~/.ssh/authorized_keys lists the public keys that are permitted
for logging in. When the user logs in, the ssh program tells the server
which key pair it would like to use for authentication. The client
proves that it has access to the private key and the server checks that
the corresponding public key is authorized to accept the account.
The user creates his/her key pair by running ssh-keygen(1). This stores
the private key in ~/.ssh/identity (protocol 1), ~/.ssh/id_dsa (protocol
2 DSA), or ~/.ssh/id_rsa (protocol 2 RSA) and stores the public key in
~/.ssh/identity.pub (protocol 1), ~/.ssh/id_dsa.pub (protocol 2 DSA), or
~/.ssh/id_rsa.pub (protocol 2 RSA) in the userâs home directory. The
user should then copy the public key to ~/.ssh/authorized_keys in his/her
home directory on the remote machine. The authorized_keys file correâ
sponds to the conventional ~/.rhosts file, and has one key per line,
though the lines can be very long. After this, the user can log in withâ
out giving the password.
The most convenient way to use public key authentication may be with an
authentication agent. See ssh-agent(1) for more information.
Challenge-response authentication works as follows: The server sends an
arbitrary "challenge" text, and prompts for a response. Protocol 2
allows multiple challenges and responses; protocol 1 is restricted to
just one challenge/response. Examples of challenge-response authenticaâ
tion include BSD Authentication (see login.conf(5)) and PAM (some non-
OpenBSD systems).
Finally, if other authentication methods fail, ssh prompts the user for a
password. The password is sent to the remote host for checking; however,
since all communications are encrypted, the password cannot be seen by
someone listening on the network.
ssh automatically maintains and checks a database containing identificaâ
tion for all hosts it has ever been used with. Host keys are stored in
~/.ssh/known_hosts in the userâs home directory. Additionally, the file
/etc/ssh/ssh_known_hosts is automatically checked for known hosts. Any
new hosts are automatically added to the userâs file. If a hostâs idenâ
tification ever changes, ssh warns about this and disables password
authentication to prevent server spoofing or man-in-the-middle attacks,
which could otherwise be used to circumvent the encryption. The
StrictHostKeyChecking option can be used to control logins to machines
whose host key is not known or has changed.
When the userâs identity has been accepted by the server, the server
either executes the given command, or logs into the machine and gives the
user a normal shell on the remote machine. All communication with the
remote command or shell will be automatically encrypted.
If a pseudo-terminal has been allocated (normal login session), the user
may use the escape characters noted below.
If no pseudo-tty has been allocated, the session is transparent and can
be used to reliably transfer binary data. On most systems, setting the
escape character to ânoneâ
a tty is used.
The session terminates when the command or shell on the remote machine
exits and all X11 and TCP connections have been closed.
ESCAPE CHARACTERS
When a pseudo-terminal has been requested, ssh supports a number of funcâ
tions through the use of an escape character.
A single tilde character can be sent as ~~ or by following the tilde by a
character other than those described below. The escape character must
always follow a newline to be interpreted as special. The escape characâ
ter can be changed in configuration files using the EscapeChar configuraâ
tion directive or on the command line by the -e option.
The supported escapes (assuming the default â~â) are:
~. Disconnect.
~^Z Background ssh.
~# List forwarded connections.
~& Background ssh at logout when waiting for forwarded connection /
X11 sessions to terminate.
~? Display a list of escape characters.
~B Send a BREAK to the remote system (only useful for SSH protocol
version 2 and if the peer supports it).
~C Open command line. Currently this allows the addition of port
forwardings using the -L and -R options (see above). It also
allows the cancellation of existing remote port-forwardings using
-KR hostport. !command allows the user to execute a local comâ
mand if the PermitLocalCommand option is enabled in
ssh_config(5). Basic help is available, using the -h option.
~R Request rekeying of the connection (only useful for SSH protocol
version 2 and if the peer supports it).
TCP FORWARDING
Forwarding of arbitrary TCP connections over the secure channel can be
specified either on the command line or in a configuration file. One
possible application of TCP forwarding is a secure connection to a mail
server; another is going through firewalls.
In the example below, we look at encrypting communication between an IRC
client and server, even though the IRC server does not directly support
encrypted communications. This works as follows: the user connects to
the remote host using ssh, specifying a port to be used to forward conâ
nections to the remote server. After that it is possible to start the
service which is to be encrypted on the client machine, connecting to the
same local port, and ssh will encrypt and forward the connection.
The following example tunnels an IRC session from client machine
â127.0.0.1âserver.example.comâ
$ ssh -f -L 1234:localhost:6667 server.example.com sleep 10
$ irc -c â#usersâ -p 1234 pinky 127.0.0.1
This tunnels a connection to IRC server âserver.example.comâ
channel â#usersâpinkyâ
which port is used, as long as
itâs greater than 1023 (remember, only
root can open sockets on privileged ports) and doesnât conflict with any
ports already in use. The connection is forwarded to port 6667 on the
remote server, since thatâs the standard port for IRC services.
The -f option backgrounds ssh and the remote command âsleep 10â
fied to allow an amount of time (10 seconds, in the exa
mple) to start the
service which is to be tunnelled. If no connections are made within the
time specified, ssh will exit.
X11 FORWARDING
If the ForwardX11 variable is set to âyesâ
-X, -x, and -Y options above) and the user is using X11 (the DISPLAY
environment variable is set), the connection to the X11 display is autoâ
matically forwarded to the remote side in such a way that any X11 proâ
grams started from the shell (or command) will go through the encrypted
channel, and the connection to the real X server will be made from the
local machine. The user should not manually set DISPLAY. Forwarding of
X11 connections can be configured on the command line or in configuration
files.
The DISPLAY value set by ssh will point to the server machine, but with a
display number greater than zero. This is normal, and happens because
ssh creates a âproxyâ
connections over the encrypted channel.
ssh will also automatically set up Xauthority data on the server machine.
For this purpose, it will generate a random authorization cookie, store
it in Xauthority on the server, and verify that any forwarded connections
carry this cookie and replace it by the real cookie when the connection
is opened. The real authentication cookie is never sent to the server
machine (and no cookies are sent in the plain).
If the ForwardAgent variable is set to âyesâ
the -A and -a options above) and the user is using an authentication
agent, the connection to the agent is automatically forwarded to the
remote side.
VERIFYING HOST KEYS
When connecting to a server for the first time, a fingerprint of the
serverâs public key is presented to the user (unless the option
StrictHostKeyChecking has been disabled). Fingerprints can be determined
using ssh-keygen(1):
$ ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key
If the fingerprint is already known, it can be matched and verified, and
the key can be accepted. If the fingerprint is unknown, an alternative
method of verification is available: SSH fingerprints verified by DNS.
An additional resource record (RR), SSHFP, is added to a zonefile and the
connecting client is able to match the fingerprint with that of the key
presented.
In this example, we are connecting a client to a server,
âhost.example.comâ
the zonefile for host.example.com:
$ ssh-keygen -f /etc/ssh/ssh_host_rsa_key.pub -r host.example.com.
$ ssh-keygen -f /etc/ssh/ssh_host_dsa_key.pub -r host.example.com.
The output lines will have to be added to the zonefile. To check that
the zone is answering fingerprint queries:
$ dig -t SSHFP host.example.com
Finally the client connects:
$ ssh -o "VerifyHostKeyDNS ask" host.example.com
[...]
Matching host key fingerprint found in DNS.
Are you sure you want to continue connecting (yes/no)?
See the VerifyHostKeyDNS option in ssh_config(5) for more information.
SSH-BASED VIRTUAL PRIVATE NETWORKS
ssh contains support for Virtual Private Network (VPN) tunnelling using
the tun(4) network pseudo-device, allowing two networks to be joined
securely. The sshd_config(5) configuration option PermitTunnel controls
whether the server supports this, and at what level (layer 2 or 3 trafâ
fic).
The following example would connect client network 10.0.50.0/24 with
remote network 10.0.99.0/24, provided that the SSH server running on the
gateway to the remote network, at 192.168.1.15, allows it:
# ssh -f -w 0:1 192.168.1.15 true
# ifconfig tun0 10.0.50.1 10.0.99.1 netmask 255.255.255.252
Client access may be more finely tuned via the /root/.ssh/authorized_keys
file (see below) and the PermitRootLogin server option. The following
entry would permit connections on the first tun(4) device from user
âjaneâjohnâ
set to âforced-commands-onlyâ
tunnel="1",command="sh /etc/netstart tun1" ssh-rsa ... jane
tunnel="2",command="sh /etc/netstart tun1" ssh-rsa ... john
Since a SSH-based setup entails a fair amount of overhead, it may be more
suited to temporary setups, such as for wireless VPNs. More permanent
VPNs are better provided by tools such as ipsecctl(8) and isakmpd(8).
ENVIRONMENT
ssh will normally set the following environment variables:
DISPLAY The DISPLAY variable indicates the location of the
X11 server. It is automatically set by ssh to
point to a value of the form âhostname:nâ
âhostnameâ
and ânâ is an integer ⥠1. ssh uses this special
value to forward X11 connections over the secure
channel. The user should normally not set DISPLAY
explicitly, as that will render the X11 connection
insecure (and will require the user to manually
copy any required authorization cookies).
HOME Set to the path of the userâs home directory.
LOGNAME Synonym for USER; set for compatibility with sysâ
tems that use this variable.
MAIL Set to the path of the userâs mailbox.
PATH Set to the default PATH, as specified when compilâ
ing ssh.
SSH_ASKPASS If ssh needs a passphrase, it will read the
passphrase from the current terminal if it was run
from a terminal. If ssh does not have a terminal
associated with it but DISPLAY and SSH_ASKPASS are
set, it will execute the program specified by
SSH_ASKPASS and open an X11 window to read the
passphrase. This is particularly useful when callâ
ing ssh from a .xsession or related script. (Note
that on some machines it may be necessary to rediâ
rect the input from /dev/null to make this work.)
SSH_AUTH_SOCK Identifies the path of a UNIX-domain socket used to
communicate with the agent.
SSH_CONNECTION Identifies the client and server ends of the conâ
nection. The variable contains four space-sepaâ
rated values: client IP address, client port numâ
ber, server IP address, and server port number.
SSH_ORIGINAL_COMMAND This variable contains the original command line if
a forced command is executed. It can be used to
extract the original arguments.
SSH_TTY This is set to the name of the tty (path to the
device) associated with the current shell or comâ
mand. If the current session has no tty, this
variable is not set.
TZ This variable is set to indicate the present time
zone if it was set when the daemon was started
(i.e., the daemon passes the value on to new conâ
nections).
USER Set to the name of the user logging in.
Additionally, ssh reads ~/.ssh/environment, and adds lines of the format
âVARNAME=valueâ
allowed to change their environment. For more information, see the
PermitUserEnvironment option in sshd_config(5).
FILES
~/.rhosts
This file is used for host-based authentication (see above). On
some machines this file may need to be world-readable if the
userâs home directory is on an NFS partition, because sshd(8)
reads it as root. Additionally, this file must be owned by the
user, and must not have write permissions for anyone else. The
recommended permission for most machines is read/write for the
user, and not accessible by others.
~/.shosts
This file is used in exactly the same way as .rhosts, but allows
host-based authentication without permitting login with
rlogin/rsh.
~/.ssh/authorized_keys
Lists the public keys (RSA/DSA) that can be used for logging in
as this user. The format of this file is described in the
sshd(8) manual page. This file is not highly sensitive, but the
recommended permissions are read/write for the user, and not
accessible by others.
~/.ssh/config
This is the per-user configuration file. The file format and
configuration options are described in ssh_config(5). Because of
the potential for abuse, this file must have strict permissions:
read/write for the user, and not accessible by others. It may be
group-writable provided that the group in question contains only
the user.
~/.ssh/environment
Contains additional definitions for environment variables; see
ENVIRONMENT, above.
~/.ssh/identity
~/.ssh/id_dsa
~/.ssh/id_rsa
Contains the private key for authentication. These files contain
sensitive data and should be readable by the user but not accesâ
sible by others (read/write/execute). ssh will simply ignore a
private key file if it is accessible by others. It is possible
to specify a passphrase when generating the key which will be
used to encrypt the sensitive part of this file using 3DES.
~/.ssh/identity.pub
~/.ssh/id_dsa.pub
~/.ssh/id_rsa.pub
Contains the public key for authentication. These files are not
sensitive and can (but need not) be readable by anyone.
~/.ssh/known_hosts
Contains a list of host keys for all hosts the user has logged
into that are not already in the systemwide list of known host
keys. See sshd(8) for further details of the format of this
file.
~/.ssh/rc
Commands in this file are executed by ssh when the user logs in,
just before the userâs shell (or command) is started. See the
sshd(8) manual page for more information.
/etc/hosts.equiv
This file is for host-based authentication (see above). It
should only be writable by root.
/etc/ssh/shosts.equiv
This file is used in exactly the same way as hosts.equiv, but
allows host-based authentication without permitting login with
rlogin/rsh.
/etc/ssh/ssh_config
Systemwide configuration file. The file format and configuration
options are described in ssh_config(5).
/etc/ssh/ssh_host_key
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_rsa_key
These three files contain the private parts of the host keys and
are used for host-based authentication. If protocol version 1 is
used, ssh must be setuid root, since the host key is readable
only by root. For protocol version 2, ssh uses ssh-keysign(8) to
access the host keys, eliminating the requirement that ssh be
setuid root when host-based authentication is used. By default
ssh is not setuid root.
/etc/ssh/ssh_known_hosts
Systemwide list of known host keys. This file should be prepared
by the system administrator to contain the public host keys of
all machines in the organization. It should be world-readable.
See sshd(8) for further details of the format of this file.
/etc/ssh/sshrc
Commands in this file are executed by ssh when the user logs in,
just before the userâs shell (or command) is started. See the
sshd(8) manual page for more information.
SEE ALSO
scp(1), sftp(1), ssh-add(1), ssh-agent(1), ssh-argv0(1), ssh-keygen(1),
ssh-keyscan(1), tun(4), hosts.equiv(5), ssh_config(5), ssh-keysign(8),
sshd(8)
T. Ylonen, T. Kivinen, M. Saarinen, T. Rinne, and S. Lehtinen, SSH
Protocol Architecture, draft-ietf-secsh-architecture-12.txt, January
2002, work in progress material.
AUTHORS
OpenSSH is a derivative of the original and free ssh 1.2.12 release by
Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
de Raadt and Dug Song removed many bugs, re-added newer features and creâ
ated OpenSSH. Markus Friedl contributed the support for SSH protocol
versions 1.5 and 2.0.
BSD September 25, 1999 BSD
idptransfer:~#
}}}
{{{
idp@deb-nfs1:~$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/idp/.ssh/id_rsa):
/home/idp/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/idp/.ssh/id_rsa.
Your public key has been saved in /home/idp/.ssh/id_rsa.pub.
The key fingerprint is:
b0:06:31:1c:8b:30:46:72:cb:db:b1:57:c1:3a:d5:0a idp@deb-nfs1
idp@deb-nfs1:~$ cd .ssh
idp@deb-nfs1:~/.ssh$ ls -Flash
total 20K
4.0K drwx------ 2 idp idp 4.0K 2007-06-12 16:09 ./
4.0K drwx------ 3 idp idp 4.0K 2007-06-12 16:02 ../
4.0K -rw------- 1 idp idp 1.7K 2007-06-12 20:03 id_rsa
4.0K -rw-r--r-- 1 idp idp 394 2007-06-12 20:03 id_rsa.pub
4.0K -rw-r--r-- 1 idp idp 442 2007-06-12 16:09 known_hosts
idp@deb-nfs1:~/.ssh$ scp ./id_rsa.pub idp@192.168.10.201:~/
idp@192.168.10.201's password:
id_rsa.pub 100% 394 0.4KB/s 00:00
idp@deb-nfs1:~/.ssh$ ssh idp@192.168.10.201
idp@192.168.10.201's password:
Linux idptransfer 2.6.18-4-686 #1 SMP Wed May 9 23:03:12 UTC 2007 i686
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Thu Jul 5 12:40:28 2007 from 192.168.10.109
idp@idptransfer:~$ ls -Flash
total 44K
4.0K drwxr-xr-x 4 idp idp 4.0K 2007-08-21 07:47 ./
4.0K drwxr-xr-x 4 root root 4.0K 2007-06-08 10:44 ../
4.0K -rw------- 1 idp idp 1.6K 2007-08-21 07:43 .bash_history
4.0K -rw-r--r-- 1 idp idp 220 2007-06-08 10:44 .bash_logout
4.0K -rw-r--r-- 1 idp idp 414 2007-06-08 10:44 .bash_profile
4.0K -rw-r--r-- 1 idp idp 2.2K 2007-06-08 10:44 .bashrc
4.0K -rw-r--r-- 1 idp idp 394 2007-08-21 07:47 id_rsa.pub
4.0K -rw------- 1 idp idp 47 2007-08-21 06:32 .lesshst
4.0K -rw-r--r-- 1 root root 402 2007-08-21 10:14 ssalomon.lxwypweb01.pub
4.0K drwx------ 2 idp idp 4.0K 2007-08-21 07:45 .ssh/
4.0K drwxrw-rw- 2 idp idp 4.0K 2007-07-05 11:45 TRANSFER/
idp@idptransfer:~$ mv id_rsa.pub idp.deb-nfs1.pub
idp@idptransfer:~$ cat idp.deb-nfs1.pub >> .ssh/authorized_keys
idp@idptransfer:~$ logout
Connection to 192.168.10.201 closed.
idp@deb-nfs1:~/.ssh$ ssh idp@192.168.10.201
Linux idptransfer 2.6.18-4-686 #1 SMP Wed May 9 23:03:12 UTC 2007 i686
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Tue Aug 21 07:47:51 2007 from 192.168.10.100
idp@idptransfer:~$
}}}
!!! 6.x:
{{{
passwd <password>
enable password <password>
hostname <hostname>
domain-name <domainname>
ca gen rsa key 1024
ca save all
}}}
!!!7.x:
{{{
passwd <password>
enable password <password>
hostname <hostname>
crypto key generate rsa modulus 2048
end
wr me
}}}
{{{
FW1# sh ssh sessions
SID Client IP Version Mode Encryption Hmac State Username
1 72.43.91.101 2.0 IN aes256-cbc sha1 SessionStarted pix
OUT aes256-cbc sha1 SessionStarted pix
}}}
Private Key is on the host you are connecting from (source/ssh client)
Public key is on the host you are connecting to (target/ssh server)
RSA: ssh version 1
DSA: ssh version 2
I'm using dsa/v2 here.
On the source/ssh client run:
{{{
ssh-keygen -t dsa
}}}
Notice the perms: ~/.ssh has 700, id_dsa has 600, and id_dsa.pub has 644.
{{{
idp@idptransfer:~/.ssh$ pwd
/home/idp/.ssh
idp@idptransfer:~/.ssh$ ls -Flash
total 16K
4.0K drwx------ 2 idp idp 4.0K 2007-07-05 09:32 ./
4.0K drwxr-xr-x 4 idp idp 4.0K 2007-07-05 09:31 ../
4.0K -rw------- 1 idp idp 668 2007-07-05 09:32 id_dsa
4.0K -rw-r--r-- 1 idp idp 605 2007-07-05 09:32 id_dsa.pub
idp@idptransfer:~/.ssh$
}}}
Now copy the id_dsa.pub to your remote machine (target/ssh server), append the file to ~/.ssh/authorized_keys and you should have a secured, passwordless login from remote to local
From [[SSH Man Page]]
{{{
The file ~/.ssh/authorized_keys lists the public keys that are permitted
for logging in. When the user logs in, the ssh program tells the server
which key pair it would like to use for authentication. The client
proves that it has access to the private key and the server checks that
the corresponding public key is authorized to accept the account.
The user creates his/her key pair by running ssh-keygen(1). This stores
the private key in ~/.ssh/identity (protocol 1), ~/.ssh/id_dsa (protocol
2 DSA), or ~/.ssh/id_rsa (protocol 2 RSA) and stores the public key in
~/.ssh/identity.pub (protocol 1), ~/.ssh/id_dsa.pub (protocol 2 DSA), or
~/.ssh/id_rsa.pub (protocol 2 RSA) in the userâs home directory. The
user should then copy the public key to ~/.ssh/authorized_keys in his/her
home directory on the remote machine. The authorized_keys file correâ
sponds to the conventional ~/.rhosts file, and has one key per line,
though the lines can be very long. After this, the user can log in withâ
out giving the password.
The most convenient way to use public key authentication may be with an
authentication agent. See ssh-agent(1) for more information.
}}}
References:
http://sourceforge.net/docman/display_doc.php?docid=761&group_id=1
http://www.ibm.com/developerworks/library/l-keyc.html
[[SSH Man Page]]
{{{
<Name>
<VPNGroupPolicyName>
<LocalNet>
<LocalNetMask>
<VPNClientIPPoolName>
<VPNClientIPPoolNet>
<VPNClientIPPoolNetMask>
<VPNClientIPPoolNetBegin>
<VPNClientIPPoolNetEnd>
<VPNClientSplitTunnelACLName>
<Nat0ACLName>
}}}
{{{
!ADD Group & User Account to AD
!Group account MUST be located in *VPNGroups OU
}}}
{{{
ldap attribute-map LDAPMap
map-value memberOf CN=<VPNGroupPolicyName>,OU=*VPNGroups,OU=MyUsers,DC=domain,DC=internal <VPNGroupPolicyName>
access-list <Nat0ACLName> remark BEGIN >>>>> <Name> Support SSL VPN Client Nat0
access-list <Nat0ACLName> extended permit ip <LocalNet> <LocalNetMask> <VPNClientIPPoolNet> <VPNClientIPPoolNetMask>
access-list <Nat0ACLName> extended permit ip <LocalNet> <LocalNetMask> <VPNClientIPPoolNet> <VPNClientIPPoolNetMask>
access-list <Nat0ACLName> remark END >>>>> <Name> Support SSL VPN Client Nat0
ip local pool <VPNClientIPPoolName> <VPNClientIPPoolNetBegin>-<VPNClientIPPoolNetEnd> mask <VPNClientIPPoolNetMask>
access-list <VPNClientSplitTunnelACLName> extended permit ip object-group <GroupName> host <z.y.x.w>
group-policy <VPNGroupPolicyName> internal
group-policy <VPNGroupPolicyName> attributes
!change below to accomodate # of logins on this VPN Client Policy
!3 for a single user
!I use (# of users) +5
vpn-simultaneous-logins 3
split-tunnel-policy tunnelspecified
split-tunnel-network-list value <VPNClientSplitTunnelACLName>
address-pools value <VPNClientIPPoolName>
}}}
/***
|Name:|SaveCloseTiddlerPlugin|
|Description:|Provides two extra toolbar commands, saveCloseTiddler and cancelCloseTiddler|
|Version:|3.0 ($Rev: 3861 $)|
|Date:|$Date: 2008-03-08 10:53:09 +1000 (Sat, 08 Mar 2008) $|
|Source:|http://mptw.tiddlyspot.com/#SaveCloseTiddlerPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License:|http://mptw.tiddlyspot.com/#TheBSDLicense|
To use these you must add them to the tool bar in your EditTemplate
***/
//{{{
merge(config.commands,{
saveCloseTiddler: {
text: 'done/close',
tooltip: 'Save changes to this tiddler and close it',
handler: function(e,src,title) {
config.commands.saveTiddler.handler(e,src,title);
config.commands.closeTiddler.handler(e,src,title);
return false;
}
},
cancelCloseTiddler: {
text: 'cancel/close',
tooltip: 'Undo changes to this tiddler and close it',
handler: function(e,src,title) {
config.commands.cancelTiddler.handler(e,src,title);
config.commands.closeTiddler.handler(e,src,title);
return false;
}
}
});
//}}}
{{{
@echo off
setlocal enabledelayedexpansion
for /f %%g in (file.txt) do (
sleep 61
for /f "tokens=1,2 delims=: " %%h in ('time /t') do (
set NowTime=%%h:%%i
)
xcopy /e /c /y /i "\\fs1\data\information systems\installers\bin" \\%%g\c$\bin
schtasks /create /f /tn ServerAudit /tr c:\bin\helpstaraudit\serveraudit.cmd /sc daily /st !nowtime! /s %%g /ru "System"
schtasks /run /tn ServerAudit /s %%g
)
}}}
!!!Starting
screen
!!!reattaching
screen -ls
screen -R
!!!listing
Ctrl-a "
!!!navigation
Ctrl-a n :: next screen
Ctrl-a c :: create new screen
Ctrl-a p :: previous screen
Ctrl-a A :: assign name to a screen
!!!Regions
CTRL-a S :: Start new region
CTRL-a [TAB] :: switch regions
CTRL-a X :: Close region
http://www.cymru.com/Documents/secure-ios-template.html
This version: 5.4 5/12/2008
{{{
Template
The commands are in BOLD text so that they stand out from the surrounding comments.
! Secure router configuration template.
! Version 3.1
! @(#)Secure IOS template v3.1 17 NOV 2003 Rob Thomas noc@cymru.com
! @(#)http://www.cymru.com/Documents/secure-ios-template.html
!
! This configuration assumes the following topology:
!
! Upstream/Internet
! 5.5.5.1/24
! |
! 5.5.5.254/24 (Ethernet 2/0)
! THIS ROUTER
! 6.6.6.254/24 (Ethernet 2/1)
! |
! 6.6.6.1/24
! Firewall
! 7.7.7.1/24
! |
! 7.7.7.0/24
! Intranet
!
! In this case, 7.7.7.5 is the loghost, FTP server, etc.
! for the router. It could also be the firewall if
! circumstances dictate.
!
service nagle
service tcp-keepalives-in
service tcp-keepalives-out
! Show copious timestamps in our logs
service timestamps debug datetime msec show-timezone localtime
service timestamps log datetime msec show-timezone localtime
service password-encryption
no service dhcp
!
hostname secure-router01
!
boot system flash slot0:rsp-pv-mz.121-5a.bin
logging buffered 16384 debugging
no logging console
enable secret <PASSWORD>
no enable password
!
! Use TACACS+ for AAA. Ensure that the local account is
! case-sensitive, thus making brute-force attacks less
! effective.
aaa new-model
aaa authentication login default group tacacs+ local-case
aaa authentication enable default group tacacs+ enable
aaa authorization commands 15 default group tacacs+ local
aaa accounting exec default stop-only group tacacs+
aaa accounting commands 15 default stop-only group tacacs+
aaa accounting network default stop-only group tacacs+
tacacs-server host 7.7.7.5
tacacs-server key cheezit
!
! In the event that TACACS+ fails, use case-sensitve local
! authentication instead. Keeps the hackers guessing, and
! the router more secure.
username <USERNAME> secret <PASSWORD>
!
! Logging the commands run while at enable level access is
! a great way to track mistakes, security issues, etc.
archive
log config
logging enable
logging size 500
notify syslog
hidekeys
!
! Ensure TCL doesn't use an initilizaion file where available. This won't show up in the
! config. It will break your router-based TCL scripts if
! if you use such, so use with care!
no scripting tcl init
no scripting tcl encdir
!
! Enable the netflow top talkers feature.
! You can see the top N talkers (50 in this example) with the
! show ip flow top-talkers command. This is a handy
! utility to use during DDoS attacks and traffic issues. You
! can sort-by either packets or bytes, as you prefer.
ip flow-top-talkers
top 50
sort-by packets
!
! Don't run the HTTP server.
no ip http server
no ip http secure-server
!
! Allow us to use the low subnet and go classless
ip subnet-zero
ip classless
!
! Disable noxious services
no service pad
no ip source-route
no ip finger
no ip bootp server
no ip domain-lookup
!
! Catch crash dumps; very important with a "security router."
ip ftp username rooter
ip ftp password <PASSWORD>
! Give our core dump files a unique name.
exception core-file secure-router01-core
exception protocol ftp
exception dump 7.7.7.5
! Fire up CEF for both performance and security.
ip cef
! Set the timezone properly. It is best to standardize on one
! timezone for all routers, thus making problem tracking easier.
clock timezone GMT 0
! Synchronize our clocks with a local (trusted and authenticated)
! NTP server. The SECRETKEY must be the same on both the router
! and the NTP server.
ntp authentication-key 6767 md5 <SECRETKEY>
ntp authenticate
ntp update-calendar
ntp server 7.7.7.5
!
! Configure the loopback0 interface as the source of our log
! messages. This is often used for routing protocols as well.
! Select an IP address that uniquely identifies this router.
! One trick is to allocate a netblock for use as the router
! loopback netblock.
int loopback0
ip address 10.10.10.10 255.255.255.255
no ip redirects
no ip unreachables
no ip proxy-arp
!
! Configure null0 as a place to send naughty packets. This
! becomes the "roach motel" for packets -- they can route in,
! but they can't route out.
interface null0
no ip unreachables
!
interface Ethernet2/0
description Unprotected interface, facing towards Internet
ip address 5.5.5.254 255.255.255.0
! Do we run CEF verify? Yes if the data path is symmetric. No
! if the data path is asymmetric.
ip verify unicast reverse-path
! Apply our template ACL
ip access-group 2010 in
! Allow UDP to occupy no more than 2 Mb/s of the pipe.
rate-limit input access-group 150 2010000 250000 250000 conform-action transmit exceed-action drop
! Allow ICMP to occupy no more than 500 Kb/s of the pipe.
rate-limit input access-group 160 500000 62500 62500 conform-action transmit exceed-action drop
! Allow multicast to occupy no more than 5 Mb/s of the pipe.
rate-limit input access-group 170 5000000 375000 375000 conform-action transmit exceed-action drop
! Don't send redirects.
no ip redirects
! Don't send unreachables.
! NOTE WELL that this may break PMTU discovery.
! For example, if this router is edge for a VPN of any sort, you might need
! to enable ip unreachables
! A typical symptom is ping working but a larger transmission doesn't.
no ip unreachables
! Don't propogate smurf attacks.
no ip directed-broadcast
! Don't pretend to be something you're not. :-)
no ip proxy-arp
! Do not reveal our netmask
no ip mask-reply
! Log all naughty business.
ip accounting access-violations
! If you allow multicast in your network or participate in the
! MBONE, the following multicast filtering steps will help to
! ensure a secure multicast environment. These must be applied
! per interface.
ip multicast boundary 30
!
! Keep flow data for analysis. If possible, export it to a
! cflowd server.
ip route-cache flow
!
interface Ethernet2/1
description Protected interface, facing towards DMZ
ip address 6.6.6.254 255.255.255.0
! Do we run CEF verify? Yes if the data path is symmetric. No
! if the data path is asymmetric.
ip verify unicast reverse-path
! If we are using RPF, comment out the ACL below.
ip access-group 115 in
no ip redirects
no ip unreachables
no ip directed-broadcast
no ip proxy-arp
ip accounting access-violations
ip multicast boundary 30
no ip mask-reply
ip route-cache flow
!
! Default route to the Internet (could be a routing
! protocol instead)
ip route 0.0.0.0 0.0.0.0 5.5.5.1
! Route to network on the other side of the firewall
ip route 7.7.7.0 255.255.255.0 6.6.6.1
! Black hole routes. Do not combine this with TCP Intercept;
! in fact, don't use TCP Intercept at all.
ip route 1.0.0.0 255.0.0.0 null0
ip route 2.0.0.0 255.0.0.0 null0
ip route 5.0.0.0 255.0.0.0 null0
ip route 10.0.0.0 255.0.0.0 null0
ip route 14.0.0.0 255.0.0.0 null0
ip route 23.0.0.0 255.0.0.0 null0
ip route 27.0.0.0 255.0.0.0 null0
ip route 31.0.0.0 255.0.0.0 null0
ip route 36.0.0.0 255.0.0.0 null0
ip route 37.0.0.0 255.0.0.0 null0
ip route 39.0.0.0 255.0.0.0 null0
ip route 42.0.0.0 255.0.0.0 null0
ip route 46.0.0.0 255.0.0.0 null0
ip route 49.0.0.0 255.0.0.0 null0
ip route 50.0.0.0 255.0.0.0 null0
ip route 100.0.0.0 255.0.0.0 null0
ip route 101.0.0.0 255.0.0.0 null0
ip route 102.0.0.0 255.0.0.0 null0
ip route 103.0.0.0 255.0.0.0 null0
ip route 104.0.0.0 255.0.0.0 null0
ip route 105.0.0.0 255.0.0.0 null0
ip route 106.0.0.0 255.0.0.0 null0
ip route 107.0.0.0 255.0.0.0 null0
ip route 108.0.0.0 255.0.0.0 null0
ip route 109.0.0.0 255.0.0.0 null0
ip route 110.0.0.0 255.0.0.0 null0
ip route 111.0.0.0 255.0.0.0 null0
ip route 112.0.0.0 255.0.0.0 null0
ip route 113.0.0.0 255.0.0.0 null0
ip route 127.0.0.0 255.0.0.0 null0
ip route 169.254.0.0 255.255.0.0 null0
ip route 172.16.0.0 255.240.0.0 null0
ip route 175.0.0.0 255.0.0.0 null0
ip route 176.0.0.0 255.0.0.0 null0
ip route 177.0.0.0 255.0.0.0 null0
ip route 178.0.0.0 255.0.0.0 null0
ip route 179.0.0.0 255.0.0.0 null0
ip route 180.0.0.0 255.0.0.0 null0
ip route 181.0.0.0 255.0.0.0 null0
ip route 182.0.0.0 255.0.0.0 null0
ip route 183.0.0.0 255.0.0.0 null0
ip route 184.0.0.0 255.0.0.0 null0
ip route 185.0.0.0 255.0.0.0 null0
ip route 192.0.2.0 255.255.255.0 null0
ip route 192.168.0.0 255.255.0.0 null0
ip route 197.0.0.0 255.0.0.0 null0
ip route 223.0.0.0 255.0.0.0 null0
!
! Export our NetFlow data to our NetFlow server, 7.7.7.5. NetFlow
! provides some statistics that can be of use when tracing the true
! source of a spoofed attack.
ip flow-export source loopback0
ip flow-export destination 7.7.7.5 2055
ip flow-export version 5 origin-as
!
! Log anything interesting to the loghost. Capture all of
! the logging output with FACILITY LOCAL5.
logging trap debugging
logging facility local5
logging source-interface loopback0
logging 7.7.7.5
!
! With the ACLs, it is important to log the naughty folks.
! Thus, the implicit drop all ACL is replaced (augmented,
! actually) with an explicit drop all that logs the attempt.
! You may wish to keep a second list (e.g. 2011) that does not
! log. During an attack, the additional logging can impact the
! performance of the router. Simply copy and paste access-list 2010,
! remove the log-input keyword, and name it access-list 2011. Then
! when an attack rages, you can replace access-list 2010 on the
! Internet-facing interface with access-list 2011.
!
! Block SNMP access to all but the loghost
access-list 20 remark SNMP ACL
access-list 20 permit 7.7.7.5
access-list 20 deny any log
!
! Multicast - filter out obviously naughty or needless traffic
access-list 30 remark Multicast filtering ACL
! Link local
access-list 30 deny 224.0.0.0 0.0.0.255 log
! Locally scoped
access-list 30 deny 239.0.0.0 0.255.255.255 log
! sgi-dogfight
access-list 30 deny host 224.0.1.2 log
! rwhod
access-list 30 deny host 224.0.1.3 log
! ms-srvloc
access-list 30 deny host 224.0.1.22 log
! ms-ds
access-list 30 deny host 224.0.1.24 log
! ms-servloc-da
access-list 30 deny host 224.0.1.35 log
! hp-device-disc
access-list 30 deny host 224.0.1.60 log
! Permit all other multicast traffic
access-list 30 permit 224.0.0.0 15.255.255.255 log
!
! Block access to all but the loghost and the firewall, and log any
! denied access attempts. This also serves to create an audit trail
! of all access to the router. Extended ACLs are used to log some
! additional data.
access-list 100 remark VTY Access ACL
access-list 100 permit tcp host 7.7.7.5 host 0.0.0.0 range 22 23 log-input
access-list 100 permit tcp host 6.6.6.1 host 0.0.0.0 range 22 23 log-input
access-list 100 deny ip any any log-input
!
! Leave one VTY safe for access, just in case. The host
! 7.7.7.8 is a secure host in the NOC. If all the VTYs are
! occupied, this leaves one VTY available.
access-list 105 remark VTY Access ACL
access-list 105 permit tcp host 7.7.7.8 host 0.0.0.0 range 22 23 log-input
access-list 105 deny ip any any log-input
!
! Configure an ACL that prevents spoofing from within our network.
! This ACL assumes that we need to access the Internet only from the
! 7.7.7.0/24 network. If you have additional networks behind
! 7.7.7.0/24, then add them into this ACL.
access-list 115 remark Anti-spoofing ACL
! First, allow our intranet to access the Internet.
access-list 115 permit ip 7.7.7.0 0.0.0.255 any
! Second, allow our firewall to access the Internet. This is useful
! for testing.
access-list 115 permit ip host 6.6.6.1 any
! Now log all other such attempts.
access-list 115 deny ip any any log-input
!
! Rate limit (CAR) ACLs for UDP, ICMP, and multicast.
access-list 150 remark CAR-UDP ACL
access-list 150 permit udp any any
access-list 160 remark CAR-ICMP ACL
access-list 160 permit icmp any any
access-list 170 remark CAR-Multicast ACL
access-list 170 permit ip any 224.0.0.0 15.255.255.255
!
! Deny any packets from the RFC 1918, IANA reserved, test,
! multicast as a source, and loopback netblocks to block
! attacks from commonly spoofed IP addresses.
access-list 2010 remark Anti-bogon ACL
! Claims it came from the inside network, yet arrives on the
! outside (read: Internet) interface. Do not use this if CEF
! has been configured to take care of spoofing.
! access-list 2010 deny ip 6.6.6.0 0.0.0.255 any log-input
! access-list 2010 deny ip 7.7.7.0 0.0.0.255 any log-input
! Bogons
access-list 2010 deny ip 0.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 1.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 2.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 5.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 10.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 14.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 23.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 27.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 31.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 36.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 37.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 39.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 42.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 46.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 49.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 50.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 100.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 101.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 102.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 103.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 104.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 105.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 106.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 107.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 108.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 109.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 110.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 111.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 112.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 113.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 127.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 169.254.0.0 0.0.255.255 any log-input
access-list 2010 deny ip 172.16.0.0 0.15.255.255 any log-input
access-list 2010 deny ip 175.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 176.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 177.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 178.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 179.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 180.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 181.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 182.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 183.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 184.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 185.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 192.0.2.0 0.0.0.255 any log-input
access-list 2010 deny ip 192.168.0.0 0.0.255.255 any log-input
access-list 2010 deny ip 197.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 223.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 224.0.0.0 31.255.255.255 any log-input
! Drop all ICMP fragments
access-list 2010 deny icmp any any fragments log-input
! Allow IP access to the intranet (firewall filters specific ports)
access-list 2010 permit ip any 7.7.7.0 0.0.0.255
! Allow multicast to enter. See also access-list 30 for more
! specific multicast rules.
access-list 2010 permit ip any 224.0.0.0 15.255.255.255
! Our explicit (read: logged) drop all rule
access-list 2010 deny ip any any log-input
!
! Do not share CDP information, which contains key bits about our
! configuration, etc. This command disabled CDP globally. If you
! require CDP on an interface, use cdp run and disable cdp
! (no cdp enable) on the Internet-facing interface.
no cdp run
! SNMP is VERY important, particularly with MRTG.
! Treat the COMMUNITY string as a password - keep it difficult to guess.
snmp-server community <COMMUNITY> RO 20
!
! Introduce ourselves with an appropriately stern banner.
banner motd %
Router foo. Access to this device or the attached
networks is prohibited without express written permission.
Violators will be prosecuted to the fullest extent of both civil
and criminal law.
We don't like you. Go away.
%
!
line con 0
exec-timeout 15 0
transport input none
line aux 0
exec-timeout 15 0
line vty 0 3
access-class 100 in
exec-timeout 15 0
! Enable SSH connectivity. This is much more secure than telnet.
! Obviously, you must have an IOS image that supports SSH, and don't
! forget to generate the key with crypto key generate rsa.
transport input telnet ssh
line vty 4
access-class 105 in
exec-timeout 15 0
transport input telnet ssh
!
}}}
/***
|Name:|SelectThemePlugin|
|Description:|Lets you easily switch theme and palette|
|Version:|1.0 ($Rev: 3646 $)|
|Date:|$Date: 2008-02-27 02:34:38 +1000 (Wed, 27 Feb 2008) $|
|Source:|http://mptw.tiddlyspot.com/#SelectThemePlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License:|http://mptw.tiddlyspot.com/#TheBSDLicense|
!Notes
* Borrows largely from ThemeSwitcherPlugin by Martin Budden http://www.martinswiki.com/#ThemeSwitcherPlugin
* Theme is cookie based. But set a default by setting config.options.txtTheme in MptwConfigPlugin (for example)
* Palette is not cookie based. It actually overwrites your ColorPalette tiddler when you select a palette, so beware.
!Usage
* {{{<<selectTheme>>}}} makes a dropdown selector
* {{{<<selectPalette>>}}} makes a dropdown selector
* {{{<<applyTheme>>}}} applies the current tiddler as a theme
* {{{<<applyPalette>>}}} applies the current tiddler as a palette
* {{{<<applyTheme TiddlerName>>}}} applies TiddlerName as a theme
* {{{<<applyPalette TiddlerName>>}}} applies TiddlerName as a palette
***/
//{{{
config.macros.selectTheme = {
label: {
selectTheme:"select theme",
selectPalette:"select palette"
},
prompt: {
selectTheme:"Select the current theme",
selectPalette:"Select the current palette"
},
tags: {
selectTheme:'systemTheme',
selectPalette:'systemPalette'
}
};
config.macros.selectTheme.handler = function(place,macroName)
{
var btn = createTiddlyButton(place,this.label[macroName],this.prompt[macroName],this.onClick);
// want to handle palettes and themes with same code. use mode attribute to distinguish
btn.setAttribute('mode',macroName);
};
config.macros.selectTheme.onClick = function(ev)
{
var e = ev ? ev : window.event;
var popup = Popup.create(this);
var mode = this.getAttribute('mode');
var tiddlers = store.getTaggedTiddlers(config.macros.selectTheme.tags[mode]);
// for default
if (mode == "selectPalette") {
var btn = createTiddlyButton(createTiddlyElement(popup,'li'),"(default)","default color palette",config.macros.selectTheme.onClickTheme);
btn.setAttribute('theme',"(default)");
btn.setAttribute('mode',mode);
}
for(var i=0; i<tiddlers.length; i++) {
var t = tiddlers[i].title;
var name = store.getTiddlerSlice(t,'Name');
var desc = store.getTiddlerSlice(t,'Description');
var btn = createTiddlyButton(createTiddlyElement(popup,'li'),name ? name : title,desc ? desc : config.macros.selectTheme.label['mode'],config.macros.selectTheme.onClickTheme);
btn.setAttribute('theme',t);
btn.setAttribute('mode',mode);
}
Popup.show();
return stopEvent(e);
};
config.macros.selectTheme.onClickTheme = function(ev)
{
var mode = this.getAttribute('mode');
var theme = this.getAttribute('theme');
if (mode == 'selectTheme')
story.switchTheme(theme);
else // selectPalette
config.macros.selectTheme.updatePalette(theme);
return false;
};
config.macros.selectTheme.updatePalette = function(title)
{
if (title != "") {
store.deleteTiddler("ColorPalette");
if (title != "(default)")
store.saveTiddler("ColorPalette","ColorPalette",store.getTiddlerText(title),
config.options.txtUserName,undefined,"");
refreshAll();
if(config.options.chkAutoSave)
saveChanges(true);
}
};
config.macros.applyTheme = {
label: "apply",
prompt: "apply this theme or palette" // i'm lazy
};
config.macros.applyTheme.handler = function(place,macroName,params,wikifier,paramString,tiddler) {
var useTiddler = params[0] ? params[0] : tiddler.title;
var btn = createTiddlyButton(place,this.label,this.prompt,config.macros.selectTheme.onClickTheme);
btn.setAttribute('theme',useTiddler);
btn.setAttribute('mode',macroName=="applyTheme"?"selectTheme":"selectPalette"); // a bit untidy here
}
config.macros.selectPalette = config.macros.selectTheme;
config.macros.applyPalette = config.macros.applyTheme;
config.macros.refreshAll = { handler: function(place,macroName,params,wikifier,paramString,tiddler) {
createTiddlyButton(place,"refresh","refresh layout and styles",function() { refreshAll(); });
}};
//}}}
http://support.microsoft.com/kb/291964
you have to have outlook running.
also sometimes the outlook vba gets disabled
goto help>about>disabled items, enable it.
from http://help.lockergnome.com/office/Outlook-2003-Visual-Basic-Editor-open--ftopict1009111.html
{{{
Displays, sets, or removes cmd.exe environment variables.
SET [variable=[string]]
variable Specifies the environment-variable name.
string Specifies a series of characters to assign to the variable.
Type SET without parameters to display the current environment variables.
If Command Extensions are enabled SET changes as follows:
SET command invoked with just a variable name, no equal sign or value
will display the value of all variables whose prefix matches the name
given to the SET command. For example:
SET P
would display all variables that begin with the letter 'P'
SET command will set the ERRORLEVEL to 1 if the variable name is not
found in the current environment.
SET command will not allow an equal sign to be part of the name of
a variable.
Two new switches have been added to the SET command:
SET /A expression
SET /P variable=[promptString]
The /A switch specifies that the string to the right of the equal sign
is a numerical expression that is evaluated. The expression evaluator
is pretty simple and supports the following operations, in decreasing
order of precedence:
() - grouping
! ~ - - unary operators
* / % - arithmetic operators
+ - - arithmetic operators
<< >> - logical shift
& - bitwise and
^ - bitwise exclusive or
| - bitwise or
= *= /= %= += -= - assignment
&= ^= |= <<= >>=
, - expression separator
If you use any of the logical or modulus operators, you will need to
enclose the expression string in quotes. Any non-numeric strings in the
expression are treated as environment variable names whose values are
converted to numbers before using them. If an environment variable name
is specified but is not defined in the current environment, then a value
of zero is used. This allows you to do arithmetic with environment
variable values without having to type all those % signs to get their
values. If SET /A is executed from the command line outside of a
command script, then it displays the final value of the expression. The
assignment operator requires an environment variable name to the left of
the assignment operator. Numeric values are decimal numbers, unless
prefixed by 0x for hexadecimal numbers, and 0 for octal numbers.
So 0x12 is the same as 18 is the same as 022. Please note that the octal
notation can be confusing: 08 and 09 are not valid numbers because 8 and
9 are not valid octal digits.
The /P switch allows you to set the value of a variable to a line of input
entered by the user. Displays the specified promptString before reading
the line of input. The promptString can be empty.
Environment variable substitution has been enhanced as follows:
%PATH:str1=str2%
would expand the PATH environment variable, substituting each occurrence
of "str1" in the expanded result with "str2". "str2" can be the empty
string to effectively delete all occurrences of "str1" from the expanded
output. "str1" can begin with an asterisk, in which case it will match
everything from the beginning of the expanded output to the first
occurrence of the remaining portion of str1.
May also specify substrings for an expansion.
%PATH:~10,5%
would expand the PATH environment variable, and then use only the 5
characters that begin at the 11th (offset 10) character of the expanded
result. If the length is not specified, then it defaults to the
remainder of the variable value. If either number (offset or length) is
negative, then the number used is the length of the environment variable
value added to the offset or length specified.
%PATH:~-10%
would extract the last 10 characters of the PATH variable.
%PATH:~0,-2%
would extract all but the last 2 characters of the PATH variable.
Finally, support for delayed environment variable expansion has been
added. This support is always disabled by default, but may be
enabled/disabled via the /V command line switch to CMD.EXE. See CMD /?
Delayed environment variable expansion is useful for getting around
the limitations of the current expansion which happens when a line
of text is read, not when it is executed. The following example
demonstrates the problem with immediate variable expansion:
set VAR=before
if "%VAR%" == "before" (
set VAR=after
if "%VAR%" == "after" @echo If you see this, it worked
)
would never display the message, since the %VAR% in BOTH IF statements
is substituted when the first IF statement is read, since it logically
includes the body of the IF, which is a compound statement. So the
IF inside the compound statement is really comparing "before" with
"after" which will never be equal. Similarly, the following example
will not work as expected:
set LIST=
for %i in (*) do set LIST=%LIST% %i
echo %LIST%
in that it will NOT build up a list of files in the current directory,
but instead will just set the LIST variable to the last file found.
Again, this is because the %LIST% is expanded just once when the
FOR statement is read, and at that time the LIST variable is empty.
So the actual FOR loop we are executing is:
for %i in (*) do set LIST= %i
which just keeps setting LIST to the last file found.
Delayed environment variable expansion allows you to use a different
character (the exclamation mark) to expand environment variables at
execution time. If delayed variable expansion is enabled, the above
examples could be written as follows to work as intended:
set VAR=before
if "%VAR%" == "before" (
set VAR=after
if "!VAR!" == "after" @echo If you see this, it worked
)
set LIST=
for %i in (*) do set LIST=!LIST! %i
echo %LIST%
If Command Extensions are enabled, then there are several dynamic
environment variables that can be expanded but which don't show up in
the list of variables displayed by SET. These variable values are
computed dynamically each time the value of the variable is expanded.
If the user explicitly defines a variable with one of these names, then
that definition will override the dynamic one described below:
%CD% - expands to the current directory string.
%DATE% - expands to current date using same format as DATE command.
%TIME% - expands to current time using same format as TIME command.
%RANDOM% - expands to a random decimal number between 0 and 32767.
%ERRORLEVEL% - expands to the current ERRORLEVEL value
%CMDEXTVERSION% - expands to the current Command Processor Extensions
version number.
%CMDCMDLINE% - expands to the original command line that invoked the
Command Processor.
}}}
Hive: HKEY_LOCAL_MACHINE
Key: Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\DelegateFolders
DelegateFolders has a subkey : {59031a47-3f72-44a7-89c5-5595fe6b30ee}. Once you delete this subkey, all of the Shared Documents folders displayed on My Computer will be gone. Effect of hack is immediate. No reboot needed in XP.
{{{
@echo off
if [%1]==[] exit /b
if /i not %1==doit (exit /b)
echo.
echo This server is %computername%.
choice /c:yn /m "Are you prepared to shutdown %computername%?"
if %errorlevel% neq 1 exit /b
echo.
echo Stopping MEDITECH Services.
net stop ANPServer > NUL 2>&1
net stop MAST > NUL 2>&1
net stop MSO > NUL 2>&1
net stop "MEDITECH Document Manager" > NUL 2>&1
net stop "MEDITECH Event Scheduler" > NUL 2>&1
net stop "MEDITECH Application Manager" > NUL 2>&1
net stop "MEDITECH CS Bkg Jobs" > NUL 2>&1
net stop "MEDITECH CSProxy Server" > NUL 2>&1
net stop "MEDITECH Document Manager" > NUL 2>&1
net stop "MEDITECH Event Scheduler" > NUL 2>&1
net stop "MEDITECH Network Services (JMK)" > NUL 2>&1
net stop "MEDITECH UNV Daemon (JMK)" > NUL 2>&1
net stop "MEDITECH UNV TCP (JMK)" > NUL 2>&1
net stop "MEDITECH ISB-TXN" > NUL 2>&1
net stop "MEDITECH Task Service" > NUL 2>&1
net stop "MEDITECH CS File Server" > NUL 2>&1
net stop "Meditech Authorization Service" > NUL 2>&1
net stop "DRServer31" > NUL 2>&1
net stop "SQL Server (MSSQLSERVER)" > NUL 2>&1
echo.
echo This server is %computername%.
choice /c:yn /m "Are you prepared to shutdown %computername%?"
if %errorlevel% neq 1 exit /b
echo Shutting down %computername%.
::shutdown /s /f /c "Datacenter Move Shutdown"
}}}
{{{
@echo off
set site=<sitename>
set shutdownreason="MT Reboot"
if [%1]==[] exit /b
if /i not %1==doit (exit /b)
echo.
echo This server is %computername%.
choice /c:yn /m "Are you prepared to shutdown %computername%?"
if %errorlevel% neq 1 exit /b
echo.
echo Stopping MEDITECH Services.
net stop ANPServer > NUL 2>&1
net stop MAST > NUL 2>&1
net stop MSO > NUL 2>&1
net stop "MEDITECH Document Manager" > NUL 2>&1
net stop "MEDITECH Event Scheduler" > NUL 2>&1
net stop "MEDITECH Application Manager" > NUL 2>&1
net stop "MEDITECH CS Bkg Jobs" > NUL 2>&1
net stop "MEDITECH CSProxy Server" > NUL 2>&1
net stop "MEDITECH Document Manager" > NUL 2>&1
net stop "MEDITECH Event Scheduler" > NUL 2>&1
net stop "MEDITECH Network Services (%site%)" > NUL 2>&1
net stop "MEDITECH UNV Daemon (%site%)" > NUL 2>&1
net stop "MEDITECH UNV TCP (%site%)" > NUL 2>&1
net stop "MEDITECH ISB-TXN" > NUL 2>&1
net stop "MEDITECH Task Service" > NUL 2>&1
net stop "MEDITECH CS File Server" > NUL 2>&1
net stop "Meditech Authorization Service" > NUL 2>&1
net stop "DRServer31" > NUL 2>&1
net stop "SQL Server (MSSQLSERVER)" > NUL 2>&1
echo.
echo This server is %computername%.
choice /c:yn /m "Are you prepared to kill the MEDITECH processes on %computername%?"
if %errorlevel% neq 1 exit /b
echo Killing MEDITECH processes on %computername%.
taskkill /f /im:CSMAGIC.EXE
taskkill /f /im:Magic.exe
taskkill /f /im:Magic_Console.exe
echo.
echo This server is %computername%.
choice /c:yn /m "Are you prepared to shutdown %computername%?"
if %errorlevel% neq 1 exit /b
echo Shutting down %computername%.
::shutdown /s /f /c %shutdownreason%
}}}
ravings from a nearly lucid sysadmin
from: http://www.lostinthebox.com/viewtopic.php?t=117
en and the Art of Creating BLACKBOX Styles.
by thewayofzen (thewayofzen@gmail.com) & snkmchnb (snkmchnb@crackmonkey.us)
Blackbox was originally a window manager for the X Window System in the *NIX environments. It aimed at providing the user with a minimalistic, attractive yet customizeable and fast interface. Blackbox then influenced the creation of several other window managers aiming to do more or less the same thing.
Fluxbox, OpenBox, Hackedbox.. all taking more or less the same approach. It was only a matter of time before alternative shell users who were NOT *NIX users grabbed onto the concept.. and before long BlackBox for Windows (and its sister branches) was born.
The actual look of blackbox, as far as the colouring is concerned, is all done through the use of a text file called a STYLE. This text file contains all the definitions for each component of the interface, assigns the way it looks (bevelled or flat?), the appearance of the color (gradients or solid?), fonts and their sizes, and it will even change your wall paper for you. This
tutorial has one goal and that is simple. Helping you create your own styles for blackbox, whether you choose to use any of the *NIX variants.. or a WINDOWS branch. Thats the beauty of it because they all manage to use the same definitions.
Before one begins to create their own style it is important to understand a few things first. Here are those things:
1. Any item can take on a number of different "looks" or "feels" The first of which would be RAISED, SUNKEN or FLAT. These are rather self explanitory but for the sake of keeping things simple do you wish your style to look "3d" then use RAISED or SUNKEN.. if you would prefer a "2D" approach then use FLAT
2. If you choose to use RAISED of SUNKEN as a definition you then enter the realm of BEVEL. Bevel will effect the appearance of the RAISED or SUNKEN object. BEVEL can be defined as either bevel1 or bevel2 . Forgetting to assign a bevel type to any 3D object defaults to bevel1. (Play with these..you will grasp the concept better if you actaully see them in action)
3. The next part of any object definition usually determines the color format. Is your style going to be one color? or do u wish it to fade from one color and then into another different or darker shade of color? This is determined with either GRADIENT or SOLID. Solid is self explanitory while a gradient can be either horizontal, vertical, elliptical, rectangular, or pipecross. (grasped much better through practice)
4. You can add texture to any object you define by making it INTERLACED. This will add the effect that the object is composed somewhat like a ruffled potato chip.
5. The colors of any object can be assigned using a number of different
formats. You can choose from HEX code or RGB.
6. Certain "appearance" definitions can also be given the definition of
PARENTRELATIVE whereby the item will inherit the look of that object which blackbox considers its parent. (for example a toolbar button.. or a toolbar label considers the toolbar itself to be parent)
Any object on the interface you wish to script will generally use an approach where you will assign the LOOK of the object and then assign the color(s) of the object and the font.
To put the above information in perspective consider the following
configuration if you wish to make a toolbar that is 3d and "pops out" at you and changes color vertically from WHITE to BLACK with a GREY font. The standard would be:
Code:
toolbar: raised bevel1 gradient vertical
toolbar.color: #ffffff
toolbar.colorTO: #000000
toolbar.textcolor: #989898
Time to get your hands dirty.
The first thing you will find in any style is a blurb at the top tht will fill
you in on the name of the artist, the name of the style and maybe any comments that wish to be made. These usually take the format of:
Code:
style.name:
style.author:
style.date:
style.credits:
style.comments:
This is quite self explanitory. After you have created this portion of your
style its time to worry about actual parts of a style and the definitions that
effect how they look to the user. These are handled below.. object by object.
A. THE BLACKBOX TOOLBAR!
The first thing you will notice about Blackbox is the TOOLBAR. The toolbar is made up of a few components. Your toolbar is generally at the top or bottom of the screen. It looks like a stick with buttons on each end. Generally the toolbar itself is made up of a few import elements when it comes to style. They are:
1.Toolbar
The toolbar is assigned its appearance and its color using the following
extensions
Code:
toolbar:
toolbar.color:
toolbar.colorTo:
toolbar.textcolor:
2.Toolbar Button
Buttons are defined in a few different ways because they are likely the only moving part of your default interface in blackbox. The toolbar buttons are defined as follows:
Code:
toolbar.button:
toolbar.button.color:
toolbar.button.colorTo:
toolbar.button.picColor: (this is the color of the picture on the button)
toolbar.button.pressed:
toolbar.button.pressed.color:
toolbar.button.pressed.colorTo:
toolbar.button.pressed.picColor:
3.Toolbar Label
This is the portion of the toolbar that will display your workspace names
informing you of which virtual desktop you are currently working. Its
definitions are:
Code:
toolbar.label:
toolbar.label.color:
toolbar.label.colorTo:
toolbar.label.textColor:
4.Toolbar Window Label
The part of the toolbar that you find between both sets of buttons is called
the window label. If you are a blackbox for windows user this portion of the style will also define the portion of your systembar that indicates which of your tasks is currently active and focused. It is defined as:
Code:
toolbar.windowLabel:
toolbar.windowLabel.color:
toolbar.windowLabel.colorTo:
toolbar.windowLabel.textColor:
5.Toolbar Clock
Simply put this is your clock. It might even have the date. It is defined with the following extensions:
Code:
toolbar.clock:
toolbar.clock.color:
toolbar.clock.colorTo:
toolbar.clock.textColor:
B. THE BLACKBOX MENU
If one was to right click anywhere on the actual desktop not covered by a
window one would discover the menu. A menu in blackbox is composed of the following elements.
1.MENU TITLE
The menu title is the top part of the menu. It is defined using:
Code:
menu.title:
menu.title.color:
menu.title.colorTo:
menu.title.textColor:
2. MENU FRAME
The menu frame is perhaps the largest part of the menu. It is here that any applications you wish to open or any submenus etc will be found. Change its appearance using:
Code:
menu.frame:
menu.frame.color:
menu.frame.colorTo:
menu.frame.textColor:
3. MENU HILITE
The menu hilite is self explanitory. But it is basically the way that the menu shows the user what part of the menu is user is about to choose. Its settings are changed using:
Code:
menu.hilite:
menu.hilite.color:
menu.hilite.colorTo:
menu.hilite.textColor:
4. BULLET
The bullet is the little thingy that lets you know when something splits off
into a submenu. It defines itself with a shape (square, circle, triangle and empty) and
also a direction (left or right) as:
Code:
menu.bullet:
menu.bullet.position:
C. BLACKBOX WINDOWS
Any application in blackbox will open in a window. Each of these windows are made up of a few different parts that all work together to provide you with that window you see. Any window definition found in this section will actually look like it might be assigned its look twice. A closer look will let the user know that there are actually two windows that need to be defined. These are the FOCUS WINDOW(which is the currently ACTIVE window being used by the user) and UNFOCUS WINDOW(any window in the back ground that is open but not necessarily active and being used). The parts of a window that need definition are:
1. Window Title
The window title is the part of the window that, if anything resembles the
toolbar. It is the top portion of the window which houses a few other things on it. (the buttons and labels) Remember: There are two window titles that need be configured. (focus and unfocus)
Code:
window.title.focus:
window.title.focus.color:
window.title.focus.colorTo:
window.title.unfocus:
window.title.unfocus.color:
window.title.unfocus.colorTo:
2. Label
The label on the window is the portion of the window which contains the TEXT. This is the part of the label which lets the user know what that window actually is. It is defined as follows:
Code:
window.label:
window.label.color:
window.label.colorTo:
window.label.textColor:
window.label.unfocus:
window.label.unfocus.color:
window.label.unfocus.colorTo:
window.label.unfocus.textColor:
3. HANDLES
The window handle is actually part of the BOTTOM of a window. You will likely notice that the window bottom is divided into THREE and that there are two short outer segments with a long bar in the middle. That long bar is the handle. Change its appearance with:
Code:
window.handle.focus:
window.handle.focus.color:
window.handle.focus.colorTo:
window.handle.unfocus:
window.handle.unfocus.color:
window.handle.unfocus.colorTo:
4. Grips
Look at the bottom part of your window again. The grips are the two short
segments that are on each end of the handle. They look to these definitions for their look:focus
Code:
window.grip.focus:
window.grip.focus.color:
window.grip.focus.colorTo:
window.grip.unfocus:
window.grip.unfocus.color:
window.gip.unfocus.colorTo:
5. Buttons
Window buttons are defined in much the same way as the buttons on the toolbar. But with one difference, you have to define the unfocused buttons as well. Use these definitions and you will be fine:
Code:
window.button.focus:
window.button.focus.color:
window.button.focus.colorTo:
window.button.focus.picColor:
window.button.unfocus:
window.button.unfocus.color:
window.button.unfocus.colorTo:
window.button.unfocus.picColor:
window.button.pressed:
window.button.pressed.color:
window.button.pressed.colorTo:
window.button.pressed.picColor:
D. Fonts
Fonts can be assigned in two ways. You can assign a font to each of the above elements (A.B.C.) or you can assign one font to be applied to all of them universally. To assign your fonts use the following definitions:
Code:
toolbar.font:
menu.title.font:
menu.frame.font:
window.font:
Or if you wish to assign one font to be associated with EVERY object that would use or have use for a font use this as a definition:
Code:
*font:
Along with assigning a font one is also able to effect the way it sits in its
object. This is called JUSTIFICATION and can be determined as either Center, Right, Or Left:
Code:
toolbar.justify:
menu.title.justify:
menu.frame.justify:
window.justify:
If one does not assign a font size the window manager or shell will use the
default. If the default bores you, a fonts appearance can be changed by
definings its size (numeric value) or weight (normal or bold)
Code:
toolbar.fontHeight:
toolbar.fontWeight:
menu.fontHeight:
menu.fontWeight:
window.fontHeight:
window.fontWeight:
E. Misc Values
There are certain values that will help you further customize the look and feel of your interface.
1. border
Border is the portion of the window that outlines pretty much every object. It is effected by two values, its color (hex or rgb), and its width (numeric). Use these definitions for your border:
Code:
borderColor:
borderWidth:
2. Handle Width
This value will change how thick your handle is and then, as a result also
effect the grips on each end. Using a numeric value it is defined with:
Code:
handleWidth:
3. Bevel
The bevel setting allows you to change the size of the bevel (3d effect) of any object you have defined. It also uses a numeric value and is defined with:
Code:
bevelWidth:
F. RootCommand
The rootCommand in your style is optional. It is this line that will change
the wallpaper of your desktop if you wish it to. It call upon other
applications that may be available on your system to change the background of your desktop. Some of these applications are bsetroot and bsetbg or perhaps xsri or fluxbg. An example of a rootcommand using bsetbg would be:
Code:
rootCommand: bsetbg -full ~/.blackbox/delaneysucks.jpg (*NIX)
or
Code:
rootCommand: bsetbg -full c:\blackbox\backgrounds\delaneysucks.jpg (WIN)
PARENTS AND THEIR CHILDREN?
At some point in this tutorial i have already mentioned the idea of
parentrelative-ness. Here is a general idea of items that you most often see set to parent relative who their "parent" may be:
Code:
toolbar.window.label: will adopt the toolbar setttings.
toolbar.button: will adopt the toolbar setting
toolbar.button.pressed: will adopt the toolbar setting
toolbar.label: will adopt the toolbar setting
toolbar.clock: will adopt the toolbar setting
window.label: will adopt the window setting
window.label.unfocus: will adopt the unfocus window setting
window.button: will adopt the window setting
window.button.pressed: will adopt the window setting
window.button.unfocus: will adopt the unfocus window setting
*IMPORTANT* Any definition that is mentioned in this tutorial is done so using its correct form. And while people might tell you that a style is a style and can be used on any *BOX variant this is not necessarily so. *NIX box is case sensitive while the windows shell replacement *BOX is not. *NIX box requires that the style be in *NIX format, while the windows variants are lazy and do not seem to care. So if you want to be known around the world for your elite style creating talent.. do yourself a favor and learn it right the first time.
For ease of use, and the well being of everyone involved, i include this
template. Feel free to copy and paste. Any value that beings with a "!" is
ignored.
Code:
style.name:
style.author:
style.date:
style.credits:
style.comments:
!toolbar: change your toolbar with these settings.
toolbar.label:
toolbar.label.color:
toolbar.label.colorTo:
toolbar.label.textColor:
toolbar.button:
toolbar.button.color:
toolbar.button.colorTo:
toolbar.button.picColor:
toolbar.button.pressed:
toolbar.button.pressed.color:
toolbar.button.pressed.colorTo:
toolbar.button.pressed.picColor:
toolbar.label:
toolbar.label.color:
toolbar.label.colorTo:
toolbar.label.textColor:
toolbar.windowLabel:
toolbar.windowLabel.color:
toolbar.windowLabel.colorTo:
toolbar.windowLabel.textColor:
toolbar.clock:
toolbar.clock.color:
toolbar.clock.colorTo:
toolbar.clock.textColor:
!menu: change your menu appearance with these values.
menu.title:
menu.title.color:
menu.title.colorTo:
menu.title.textColor:
menu.frame:
menu.frame.color:
menu.frame.colorTo:
menu.frame.textColor:
menu.hilite:
menu.hilite.color:
menu.hilite.colorTo:
menu.hilite.textColor:
menu.bullet:
menu.bullet.position:
!window: change your window appearance here.
window.title.focus:
window.title.focus.color:
window.title.focus.colorTo:
window.title.unfocus:
window.title.unfocus.color:
window.title.unfocus.colorTo:
window.label:
window.label.color:
window.label.colorTo:
window.label.textColor:
window.label.unfocus:
window.label.unfocus.color:
window.label.unfocus.colorTo:
window.label.unfocus.textColor:
window.grip.focus:
window.grip.focus.color:
window.grip.focus.colorTo:
window.grip.unfocus:
window.grip.unfocus.color:
window.gip.unfocus.colorTo:
window.handle.focus:
window.handle.focus.color:
window.handle.focus.colorTo:
window.handle.unfocus:
window.handle.unfocus.color:
window.handle.unfocus.colorTo:
window.button.focus:
window.button.focus.color:
window.button.focus.colorTo:
window.button.focus.picColor:
window.button.unfocus:
window.button.unfocus.color:
window.button.unfocus.colorTo:
window.button.unfocus.picColor:
window.button.pressed:
window.button.pressed.color:
window.button.pressed.colorTo:
window.button.pressed.picColor:
!fonts: configured here
toolbar.font:
menu.title.font:
menu.frame.font:
window.font:
toolbar.justify:
menu.title.justify:
menu.frame.justify:
window.justify:
toolbar.fontHeight:
toolbar.fontWeight:
menu.fontHeight:
menu.fontWeight:
window.fontHeight:
window.fontWeight:
!misc: borders bevels and handle widths
borderColor:
borderWidth:
bevelWidth:
handleWidth:
rootCommand:
The End!
_________________
surely there is a way..
Last edited by snkmchnb on Sat Dec 17, 2005 2:33 pm; edited 6 t
|!CIDR|!CIDR Shortcut|!~DecimalMaskBase|!~DecimalMaskEnd|!~BinaryMask|!~TotalHosts|!Note|
|/11|
|/12|
|/13|
|/14|
|/15|
|/16|
|/17|
|/18|
|/19|
|/20|
|/21|
|/22|
|/23|
|/24|/24+0|255.255.255.|0|00000000|254| |
|bgcolor(#cccccc):/25|bgcolor(#cccccc):/24+1|bgcolor(#cccccc):255.255.255.|bgcolor(#cccccc):128|bgcolor(#cccccc):10000000|bgcolor(#cccccc):126|bgcolor(#cccccc): |
|/26|/24+2|255.255.255.|192|11000000|62| |
|bgcolor(#cccccc):/27|bgcolor(#cccccc):/24+3|bgcolor(#cccccc):255.255.255.|bgcolor(#cccccc):224|bgcolor(#cccccc):11100000|bgcolor(#cccccc):30|bgcolor(#cccccc): |
|/28|/24+4|255.255.255.|240|11110000|14| |
|bgcolor(#cccccc):/29|bgcolor(#cccccc):/24+5|bgcolor(#cccccc):255.255.255.|bgcolor(#cccccc):248|bgcolor(#cccccc):11111000|bgcolor(#cccccc):6|bgcolor(#cccccc): |
|/30|/24+6|255.255.255.|252|11111100|2| |
|bgcolor(#cccccc):/31|bgcolor(#cccccc):/24+7|bgcolor(#cccccc):255.255.255.|bgcolor(#cccccc):254|bgcolor(#cccccc):11111110|bgcolor(#cccccc):1|bgcolor(#cccccc):Not used, added for completeness|
|/32|/24+8|255.255.255.|255|11111111|0|Host mask|
Syslog daemon is on by default in debian. Thing that screwed me up was that the {{{/etc/init.d/}}} entry is {{{sysklogd}}}. Don't know why.
!!1. Edit {{{/etc/default/syslogd}}}
change the line
{{{
SYSLOGD=""
}}}
to
{{{
SYSLOGD="-r -m0"
}}}
{{{-r}}} allows remote hosts access to syslog
{{{-m0}}} removes the "mark" messages in the syslog.
!!2. Configure which hosts log to which file, I just send everything to one file: {{{/var/log/cisco.log}}}
Edit {{{/etc/syslog.conf}}}
Add the line
{{{
local7.* /var/log/cisco.log
}}}
Also, modify the default line that sends everything to {{{/var/log/syslog}}}
from:
{{{
*.*;auth,authpriv.none -/var/log/syslog
}}}
to:
{{{
*.*;auth,authpriv.none;local7.none -/var/log/syslog
}}}
Remeber to use tabs between facility.priority and file.
"You may prefix each entry with the minus '-' sign to omit syncing the file after every logging."
!!3. Enable log rotation
Create file {{{/etc/logrotate.d/cisco}}}
{{{
touch /etc/logrotate.d/cisco
}}}
Edit file {{{/etc/logrotate.d/cisco}}}
{{{
/var/log/cisco.log {
daily
rotate 12
compress
delaycompress
missingok
notifempty
create 640 root adm
}
}}}
!!End Notes:
Cisco PIX/ASA syslog configuration
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094030.shtml#logfacility
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805a2e04.shtml
Here's a table to map Cisco Facility numbers to syslog local numbers:
|!Cisco|!Linux|
|16|local0|
|17|local1|
|18|local2|
|19|local3|
|20|local4|
|21|local5|
|22|local6|
|23|local7|
Exchange System Manager in Exchange Server 2003 stops responding when you try to access Exchange Help after you install Internet Explorer 7
View products that this article applies to.
Article ID : 932513
Last Review : February 19, 2007
Revision : 1.1
On This Page
SYMPTOMS
CAUSE
WORKAROUND
You have installed Internet Explorer 7 on the Exchange server that also has Exchange System Manager installed
You have installed Internet Explorer 7 on a workstation that also has Exchange System Manager installed
STATUS
SYMPTOMS
Consider the following scenario. You are using Microsoft Exchange Server 2003 on a computer that is running Microsoft Windows Server 2003 Service Pack 1 (SP1). You install Windows Internet Explorer 7 on the computer that is running Exchange System Manager. In this scenario, when you try to access Exchange Help in Exchange System Manager, Exchange System Manager stops responding because of an access violation.
Back to the top
CAUSE
This problem occurs because of a conflict between the newer version of the Psapi.dll file that Internet Explorer 7 uses and the older version that Exchange System Manager uses.
Back to the top
WORKAROUND
To work around this issue, you must rename the Psapi.dll file in the Exchsrvr\Bin directory so that the Exchange services use the Psapi.dll file from the %Windir%\System32 directory. To do this, follow the steps that are appropriate for your situation.
Back to the top
You have installed Internet Explorer 7 on the Exchange server that also has Exchange System Manager installed
If you have installed Internet Explorer 7 on the Exchange server that also has Exchange System Manager installed, follow these steps:
1. Stop all Exchange and Internet Information Services (IIS) services.
a. Open the Services snap-in.
b. Stop the Microsoft Exchange System Attendant service.
Important Note the list of dependent services that will be stopped. For example, the list of dependent services may resemble the following:
• Microsoft Exchange Information Store
• Microsoft Exchange MTA Stacks
c. Stop the IIS Admin Service.
Important Note the list of dependent services that will be stopped. For example, the list of dependent services may resemble the following:
• World Wide Web Publishing Service
• Simple Mail Transfer Protocol (SMTP)
• HTTP SSL
• AntigenIMC
2. Rename the Psapi.dll file. To do this, follow these steps:
a. Open a command prompt.
b. Move to the following directory:
Drive_Letter:\Program Files\Exchsrvr\bin
c. Change the name of the Psapi.dll file to Psapi.dll.old.
d. Close the Command Prompt window.
3. Restart the Exchange services and the IIS services. This includes the dependent services that were stopped.
Back to the top
You have installed Internet Explorer 7 on a workstation that also has Exchange System Manager installed
If you have installed Internet Explorer 7 on a workstation that also has Exchange System Manager installed, follow these steps:
1. Stop all IIS services. To do this, open the Services snap-in, and then stop the IIS Admin Service.
Important Note the list of dependent services that will be stopped. For example, the list of dependent services may resemble the following:
• World Wide Web Publishing Service
• HTTP SSL
2. Rename the Psapi.dll file.
a. Open a command prompt.
b. Move to the following directory:
Drive_Letter:\Program Files\Exchsrvr\bin
c. Change the name of the Psapi.dll file to Psapi.dll.old.
d. Close the Command Prompt window.
3. Restart the IIS services. This includes the dependent services that were stopped.
Back to the top
STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
Back to the top
APPLIES TO
• Microsoft Exchange Server 2003 Enterprise Edition
• Microsoft Exchange Server 2003 Standard Edition
Back to the top
Keywords:
kbdll kbcrashes kbexchesm kbexpertiseadvanced kbtshoot kbprb KB932513
From: http://support.microsoft.com/?kbid=932513
Domain Controller:
*Active Directory (NTDS)
*The boot files
*The COM+ class registration database
*The registry
*The system volume (SYSVOL)
Non-Domain Controller:
*The Boot file
*The COM+ class registration database
*The registry
If Certificate Server installed:
*Certificate Server
ASR Backups:
System State
Operating System Files
!!copy files via tar
{{{
tar cf - .| (cd ../2; tar xvf -)
}}}
{{{
tar cvf - /source/directory | (cd /target/directory ; tar x -)
}}}
If I wanted to copy the directory 'jcw' from /home/jcw to /var/backup/jcw it might look like:
{{{
cd /home
tar cvf - ./jcw | (cd /var/backup ; tar x -)
}}}
!!!Tar through ssh
{{{
tar zcvf - /home | ssh root@rhost "cat > /backup/homes.tgz"
}}}
!!!Tar restore through ssh
{{{
ssh root@rhost cat /backup/homes.tgz | ( cd /restore && tar xzvf - )
}}}
!!!Tarring through netcat
from http://compsoc.dur.ac.uk/~djw/tarpipe.html
{{{
Using netcat and tar to quickly transfer files between machines, aka tar pipe
So you have gigs of data to transfer between two machines over ethernet.
A nice quick and dirty method is to use netcat and tar.
This is by no means secure, but if you haven't got the time or desire to setup NFS, FTPd, Samba.
Or wait hours for scp to do it's job then this can save you a lot of time.
Linux System using tar and netcat
On the receiving end do:
# netcat -l -p 7000 | tar x
And on the sending end do:
# tar cf - * | netcat otherhost 7000
Notes
Depending on your hardware you might want to use compression with tar.
You'll probably find your hard disk drive is a bottleneck on a fast network.
Compression is useless if you can't saturate your network and will probably just slow things down. tar cf - * is copy everything in the current working directory.
And your files will be untared at the other end from where you started the listening netcat.
It won't be obivous that the operation is finished so you'll need to check network activity or top. This is indeed quick and dirty.
}}}
0022: SSH
0023: Telnet
0080: HTTP
0110: POP
0443: HTTPS
8300: GroupWise Messenger
Install atftpd (Advanced TFTP Daemon) and tftp client.
{{{
apt-get install atftpd tftp
}}}
Create and configure tftp directory. Default is {{{/tftpboot}}}.
{{{
mkdir /tftpboot
chown nobody /tftpboot
chmod 770 /tftpboot
}}}
Start inetd
{{{
inetd
}}}
Test tftp
{{{
tftp 127.0.0.1
}}}
Power cycle test
TLA: Three Letter Acronym
http://www.google.com/search?hl=en&q=exchange%202003%20encrypt%20email&safe=on
http://www.networkworld.com/news/2007/011807-tls1.html
http://www.google.com/search?hl=en&q=tls%20exchange%202003&safe=on
http://msexchangeteam.com/archive/2006/10/04/429090.aspx
http://support.microsoft.com/default.aspx?scid=kb;EN-US;829721
http://www.experts-exchange.com/Networking/Protocols/Application_Protocols/Email/SMTP/Q_22494569.html
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_23219508.html
http://support.microsoft.com/kb/329061/
client license key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSLicensing
terminal server license server:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermService\Parameters\LicenseServers
http://www.ctrl-alt-del.com.au/CAD_TSUtils.htm
{{{
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"disablecad"=dword:00000000
"legalnoticecaption"="Legal Notice Caption"
"legalnoticetext"="This is a private system. Authorized Users only."
}}}
<<tabs txtMoreTab "Tags" "All Tags" TabAllTags "Miss" "Missing tiddlers" TabMoreMissing "Orph" "Orphaned tiddlers" TabMoreOrphans "Shad" "Shadowed tiddlers" TabMoreShadowed>>
<<allTags excludeLists [a-z]>>
/***
|Name:|TagglyTaggingPlugin|
|Description:|tagglyTagging macro is a replacement for the builtin tagging macro in your ViewTemplate|
|Version:|3.1 ($Rev: 4092 $)|
|Date:|$Date: 2008-03-24 12:32:33 +1000 (Mon, 24 Mar 2008) $|
|Source:|http://mptw.tiddlyspot.com/#TagglyTaggingPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License:|http://mptw.tiddlyspot.com/#TheBSDLicense|
!Notes
See http://mptw.tiddlyspot.com/#TagglyTagging
***/
//{{{
config.taggly = {
// for translations
lingo: {
labels: {
asc: "\u2191", // down arrow
desc: "\u2193", // up arrow
title: "title",
modified: "modified",
created: "created",
show: "+",
hide: "-",
normal: "normal",
group: "group",
commas: "commas",
sitemap: "sitemap",
numCols: "cols\u00b1", // plus minus sign
label: "Tagged as '%0':",
excerpts: "excerpts",
descr: "descr",
slices: "slices",
contents: "contents",
sliders: "sliders",
noexcerpts: "title only"
},
tooltips: {
title: "Click to sort by title",
modified: "Click to sort by modified date",
created: "Click to sort by created date",
show: "Click to show tagging list",
hide: "Click to hide tagging list",
normal: "Click to show a normal ungrouped list",
group: "Click to show list grouped by tag",
sitemap: "Click to show a sitemap style list",
commas: "Click to show a comma separated list",
numCols: "Click to change number of columns",
excerpts: "Click to show excerpts",
descr: "Click to show the description slice",
slices: "Click to show all slices",
contents: "Click to show entire tiddler contents",
sliders: "Click to show tiddler contents in sliders",
noexcerpts: "Click to show entire title only"
}
},
config: {
showTaggingCounts: true,
listOpts: {
// the first one will be the default
sortBy: ["title","modified","created"],
sortOrder: ["asc","desc"],
hideState: ["show","hide"],
listMode: ["normal","group","sitemap","commas"],
numCols: ["1","2","3","4","5","6"],
excerpts: ["noexcerpts","excerpts","descr","slices","contents","sliders"]
},
valuePrefix: "taggly.",
excludeTags: ["excludeLists","excludeTagging"],
excerptSize: 50,
excerptMarker: "/%"+"%/"
},
getTagglyOpt: function(title,opt) {
var val = store.getValue(title,this.config.valuePrefix+opt);
return val ? val : this.config.listOpts[opt][0];
},
setTagglyOpt: function(title,opt,value) {
if (!store.tiddlerExists(title))
// create it silently
store.saveTiddler(title,title,config.views.editor.defaultText.format([title]),config.options.txtUserName,new Date(),"");
// if value is default then remove it to save space
return store.setValue(title,
this.config.valuePrefix+opt,
value == this.config.listOpts[opt][0] ? null : value);
},
getNextValue: function(title,opt) {
var current = this.getTagglyOpt(title,opt);
var pos = this.config.listOpts[opt].indexOf(current);
// a little usability enhancement. actually it doesn't work right for grouped or sitemap
var limit = (opt == "numCols" ? store.getTaggedTiddlers(title).length : this.config.listOpts[opt].length);
var newPos = (pos + 1) % limit;
return this.config.listOpts[opt][newPos];
},
toggleTagglyOpt: function(title,opt) {
var newVal = this.getNextValue(title,opt);
this.setTagglyOpt(title,opt,newVal);
},
createListControl: function(place,title,type) {
var lingo = config.taggly.lingo;
var label;
var tooltip;
var onclick;
if ((type == "title" || type == "modified" || type == "created")) {
// "special" controls. a little tricky. derived from sortOrder and sortBy
label = lingo.labels[type];
tooltip = lingo.tooltips[type];
if (this.getTagglyOpt(title,"sortBy") == type) {
label += lingo.labels[this.getTagglyOpt(title,"sortOrder")];
onclick = function() {
config.taggly.toggleTagglyOpt(title,"sortOrder");
return false;
}
}
else {
onclick = function() {
config.taggly.setTagglyOpt(title,"sortBy",type);
config.taggly.setTagglyOpt(title,"sortOrder",config.taggly.config.listOpts.sortOrder[0]);
return false;
}
}
}
else {
// "regular" controls, nice and simple
label = lingo.labels[type == "numCols" ? type : this.getNextValue(title,type)];
tooltip = lingo.tooltips[type == "numCols" ? type : this.getNextValue(title,type)];
onclick = function() {
config.taggly.toggleTagglyOpt(title,type);
return false;
}
}
// hide button because commas don't have columns
if (!(this.getTagglyOpt(title,"listMode") == "commas" && type == "numCols"))
createTiddlyButton(place,label,tooltip,onclick,type == "hideState" ? "hidebutton" : "button");
},
makeColumns: function(orig,numCols) {
var listSize = orig.length;
var colSize = listSize/numCols;
var remainder = listSize % numCols;
var upperColsize = colSize;
var lowerColsize = colSize;
if (colSize != Math.floor(colSize)) {
// it's not an exact fit so..
upperColsize = Math.floor(colSize) + 1;
lowerColsize = Math.floor(colSize);
}
var output = [];
var c = 0;
for (var j=0;j<numCols;j++) {
var singleCol = [];
var thisSize = j < remainder ? upperColsize : lowerColsize;
for (var i=0;i<thisSize;i++)
singleCol.push(orig[c++]);
output.push(singleCol);
}
return output;
},
drawTable: function(place,columns,theClass) {
var newTable = createTiddlyElement(place,"table",null,theClass);
var newTbody = createTiddlyElement(newTable,"tbody");
var newTr = createTiddlyElement(newTbody,"tr");
for (var j=0;j<columns.length;j++) {
var colOutput = "";
for (var i=0;i<columns[j].length;i++)
colOutput += columns[j][i];
var newTd = createTiddlyElement(newTr,"td",null,"tagglyTagging"); // todo should not need this class
wikify(colOutput,newTd);
}
return newTable;
},
createTagglyList: function(place,title) {
switch(this.getTagglyOpt(title,"listMode")) {
case "group": return this.createTagglyListGrouped(place,title); break;
case "normal": return this.createTagglyListNormal(place,title,false); break;
case "commas": return this.createTagglyListNormal(place,title,true); break;
case "sitemap":return this.createTagglyListSiteMap(place,title); break;
}
},
getTaggingCount: function(title) {
// thanks to Doug Edmunds
if (this.config.showTaggingCounts) {
var tagCount = store.getTaggedTiddlers(title).length;
if (tagCount > 0)
return " ("+tagCount+")";
}
return "";
},
getExcerpt: function(inTiddlerTitle,title,indent) {
if (!indent)
indent = 1;
var displayMode = this.getTagglyOpt(inTiddlerTitle,"excerpts");
var t = store.getTiddler(title);
if (t && displayMode == "excerpts") {
var text = t.text.replace(/\n/," ");
var marker = text.indexOf(this.config.excerptMarker);
if (marker != -1) {
return " {{excerpt{<nowiki>" + text.substr(0,marker) + "</nowiki>}}}";
}
else if (text.length < this.config.excerptSize) {
return " {{excerpt{<nowiki>" + t.text + "</nowiki>}}}";
}
else {
return " {{excerpt{<nowiki>" + t.text.substr(0,this.config.excerptSize) + "..." + "</nowiki>}}}";
}
}
else if (t && displayMode == "contents") {
return "\n{{contents indent"+indent+"{\n" + t.text + "\n}}}";
}
else if (t && displayMode == "sliders") {
return "<slider slide>\n{{contents{\n" + t.text + "\n}}}\n</slider>";
}
else if (t && displayMode == "descr") {
var descr = store.getTiddlerSlice(title,'Description');
return descr ? " {{excerpt{" + descr + "}}}" : "";
}
else if (t && displayMode == "slices") {
var result = "";
var slices = store.calcAllSlices(title);
for (var s in slices)
result += "|%0|<nowiki>%1</nowiki>|\n".format([s,slices[s]]);
return result ? "\n{{excerpt excerptIndent{\n" + result + "}}}" : "";
}
return "";
},
notHidden: function(t,inTiddler) {
if (typeof t == "string")
t = store.getTiddler(t);
return (!t || !t.tags.containsAny(this.config.excludeTags) ||
(inTiddler && this.config.excludeTags.contains(inTiddler)));
},
// this is for normal and commas mode
createTagglyListNormal: function(place,title,useCommas) {
var list = store.getTaggedTiddlers(title,this.getTagglyOpt(title,"sortBy"));
if (this.getTagglyOpt(title,"sortOrder") == "desc")
list = list.reverse();
var output = [];
var first = true;
for (var i=0;i<list.length;i++) {
if (this.notHidden(list[i],title)) {
var countString = this.getTaggingCount(list[i].title);
var excerpt = this.getExcerpt(title,list[i].title);
if (useCommas)
output.push((first ? "" : ", ") + "[[" + list[i].title + "]]" + countString + excerpt);
else
output.push("*[[" + list[i].title + "]]" + countString + excerpt + "\n");
first = false;
}
}
return this.drawTable(place,
this.makeColumns(output,useCommas ? 1 : parseInt(this.getTagglyOpt(title,"numCols"))),
useCommas ? "commas" : "normal");
},
// this is for the "grouped" mode
createTagglyListGrouped: function(place,title) {
var sortBy = this.getTagglyOpt(title,"sortBy");
var sortOrder = this.getTagglyOpt(title,"sortOrder");
var list = store.getTaggedTiddlers(title,sortBy);
if (sortOrder == "desc")
list = list.reverse();
var leftOvers = []
for (var i=0;i<list.length;i++)
leftOvers.push(list[i].title);
var allTagsHolder = {};
for (var i=0;i<list.length;i++) {
for (var j=0;j<list[i].tags.length;j++) {
if (list[i].tags[j] != title) { // not this tiddler
if (this.notHidden(list[i].tags[j],title)) {
if (!allTagsHolder[list[i].tags[j]])
allTagsHolder[list[i].tags[j]] = "";
if (this.notHidden(list[i],title)) {
allTagsHolder[list[i].tags[j]] += "**[["+list[i].title+"]]"
+ this.getTaggingCount(list[i].title) + this.getExcerpt(title,list[i].title) + "\n";
leftOvers.setItem(list[i].title,-1); // remove from leftovers. at the end it will contain the leftovers
}
}
}
}
}
var allTags = [];
for (var t in allTagsHolder)
allTags.push(t);
var sortHelper = function(a,b) {
if (a == b) return 0;
if (a < b) return -1;
return 1;
};
allTags.sort(function(a,b) {
var tidA = store.getTiddler(a);
var tidB = store.getTiddler(b);
if (sortBy == "title") return sortHelper(a,b);
else if (!tidA && !tidB) return 0;
else if (!tidA) return -1;
else if (!tidB) return +1;
else return sortHelper(tidA[sortBy],tidB[sortBy]);
});
var leftOverOutput = "";
for (var i=0;i<leftOvers.length;i++)
if (this.notHidden(leftOvers[i],title))
leftOverOutput += "*[["+leftOvers[i]+"]]" + this.getTaggingCount(leftOvers[i]) + this.getExcerpt(title,leftOvers[i]) + "\n";
var output = [];
if (sortOrder == "desc")
allTags.reverse();
else if (leftOverOutput != "")
// leftovers first...
output.push(leftOverOutput);
for (var i=0;i<allTags.length;i++)
if (allTagsHolder[allTags[i]] != "")
output.push("*[["+allTags[i]+"]]" + this.getTaggingCount(allTags[i]) + this.getExcerpt(title,allTags[i]) + "\n" + allTagsHolder[allTags[i]]);
if (sortOrder == "desc" && leftOverOutput != "")
// leftovers last...
output.push(leftOverOutput);
return this.drawTable(place,
this.makeColumns(output,parseInt(this.getTagglyOpt(title,"numCols"))),
"grouped");
},
// used to build site map
treeTraverse: function(title,depth,sortBy,sortOrder) {
var list = store.getTaggedTiddlers(title,sortBy);
if (sortOrder == "desc")
list.reverse();
var indent = "";
for (var j=0;j<depth;j++)
indent += "*"
var childOutput = "";
for (var i=0;i<list.length;i++)
if (list[i].title != title)
if (this.notHidden(list[i].title,this.config.inTiddler))
childOutput += this.treeTraverse(list[i].title,depth+1,sortBy,sortOrder);
if (depth == 0)
return childOutput;
else
return indent + "[["+title+"]]" + this.getTaggingCount(title) + this.getExcerpt(this.config.inTiddler,title,depth) + "\n" + childOutput;
},
// this if for the site map mode
createTagglyListSiteMap: function(place,title) {
this.config.inTiddler = title; // nasty. should pass it in to traverse probably
var output = this.treeTraverse(title,0,this.getTagglyOpt(title,"sortBy"),this.getTagglyOpt(title,"sortOrder"));
return this.drawTable(place,
this.makeColumns(output.split(/(?=^\*\[)/m),parseInt(this.getTagglyOpt(title,"numCols"))), // regexp magic
"sitemap"
);
},
macros: {
tagglyTagging: {
handler: function (place,macroName,params,wikifier,paramString,tiddler) {
var refreshContainer = createTiddlyElement(place,"div");
// do some refresh magic to make it keep the list fresh - thanks Saq
refreshContainer.setAttribute("refresh","macro");
refreshContainer.setAttribute("macroName",macroName);
if (params[0])
refreshContainer.setAttribute("title",params[0]);
else {
refreshContainer.setAttribute("title",tiddler.title);
}
this.refresh(refreshContainer);
},
refresh: function(place) {
var title = place.getAttribute("title");
removeChildren(place);
addClass(place,"tagglyTagging");
if (store.getTaggedTiddlers(title).length > 0) {
var lingo = config.taggly.lingo;
config.taggly.createListControl(place,title,"hideState");
if (config.taggly.getTagglyOpt(title,"hideState") == "show") {
createTiddlyElement(place,"span",null,"tagglyLabel",lingo.labels.label.format([title]));
config.taggly.createListControl(place,title,"title");
config.taggly.createListControl(place,title,"modified");
config.taggly.createListControl(place,title,"created");
config.taggly.createListControl(place,title,"listMode");
config.taggly.createListControl(place,title,"excerpts");
config.taggly.createListControl(place,title,"numCols");
config.taggly.createTagglyList(place,title);
}
}
}
}
},
// todo fix these up a bit
styles: [
"/*{{{*/",
"/* created by TagglyTaggingPlugin */",
".tagglyTagging { padding-top:0.5em; }",
".tagglyTagging li.listTitle { display:none; }",
".tagglyTagging ul {",
" margin-top:0px; padding-top:0.5em; padding-left:2em;",
" margin-bottom:0px; padding-bottom:0px;",
"}",
".tagglyTagging { vertical-align: top; margin:0px; padding:0px; }",
".tagglyTagging table { margin:0px; padding:0px; }",
".tagglyTagging .button { visibility:hidden; margin-left:3px; margin-right:3px; }",
".tagglyTagging .button, .tagglyTagging .hidebutton {",
" color:[[ColorPalette::TertiaryLight]]; font-size:90%;",
" border:0px; padding-left:0.3em;padding-right:0.3em;",
"}",
".tagglyTagging .button:hover, .hidebutton:hover, ",
".tagglyTagging .button:active, .hidebutton:active {",
" border:0px; background:[[ColorPalette::TertiaryPale]]; color:[[ColorPalette::TertiaryDark]];",
"}",
".selected .tagglyTagging .button { visibility:visible; }",
".tagglyTagging .hidebutton { color:[[ColorPalette::Background]]; }",
".selected .tagglyTagging .hidebutton { color:[[ColorPalette::TertiaryLight]] }",
".tagglyLabel { color:[[ColorPalette::TertiaryMid]]; font-size:90%; }",
".tagglyTagging ul {padding-top:0px; padding-bottom:0.5em; margin-left:1em; }",
".tagglyTagging ul ul {list-style-type:disc; margin-left:-1em;}",
".tagglyTagging ul ul li {margin-left:0.5em; }",
".editLabel { font-size:90%; padding-top:0.5em; }",
".tagglyTagging .commas { padding-left:1.8em; }",
"/* not technically tagglytagging but will put them here anyway */",
".tagglyTagged li.listTitle { display:none; }",
".tagglyTagged li { display: inline; font-size:90%; }",
".tagglyTagged ul { margin:0px; padding:0px; }",
".excerpt { color:[[ColorPalette::TertiaryDark]]; }",
".excerptIndent { margin-left:4em; }",
"div.tagglyTagging table,",
"div.tagglyTagging table tr,",
"td.tagglyTagging",
" {border-style:none!important; }",
".tagglyTagging .contents { border-bottom:2px solid [[ColorPalette::TertiaryPale]]; padding:0 1em 1em 0.5em;",
" margin-bottom:0.5em; }",
".tagglyTagging .indent1 { margin-left:3em; }",
".tagglyTagging .indent2 { margin-left:4em; }",
".tagglyTagging .indent3 { margin-left:5em; }",
".tagglyTagging .indent4 { margin-left:6em; }",
".tagglyTagging .indent5 { margin-left:7em; }",
".tagglyTagging .indent6 { margin-left:8em; }",
".tagglyTagging .indent7 { margin-left:9em; }",
".tagglyTagging .indent8 { margin-left:10em; }",
".tagglyTagging .indent9 { margin-left:11em; }",
".tagglyTagging .indent10 { margin-left:12em; }",
"/*}}}*/",
""].join("\n"),
init: function() {
merge(config.macros,this.macros);
config.shadowTiddlers["TagglyTaggingStyles"] = this.styles;
store.addNotification("TagglyTaggingStyles",refreshStyles);
}
};
config.taggly.init();
//}}}
/***
InlineSlidersPlugin
By Saq Imtiaz
http://tw.lewcid.org/sandbox/#InlineSlidersPlugin
// syntax adjusted to not clash with NestedSlidersPlugin
// added + syntax to start open instead of closed
***/
//{{{
config.formatters.unshift( {
name: "inlinesliders",
// match: "\\+\\+\\+\\+|\\<slider",
match: "\\<slider",
// lookaheadRegExp: /(?:\+\+\+\+|<slider) (.*?)(?:>?)\n((?:.|\n)*?)\n(?:====|<\/slider>)/mg,
lookaheadRegExp: /(?:<slider)(\+?) (.*?)(?:>)\n((?:.|\n)*?)\n(?:<\/slider>)/mg,
handler: function(w) {
this.lookaheadRegExp.lastIndex = w.matchStart;
var lookaheadMatch = this.lookaheadRegExp.exec(w.source)
if(lookaheadMatch && lookaheadMatch.index == w.matchStart ) {
var btn = createTiddlyButton(w.output,lookaheadMatch[2] + " "+"\u00BB",lookaheadMatch[2],this.onClickSlider,"button sliderButton");
var panel = createTiddlyElement(w.output,"div",null,"sliderPanel");
panel.style.display = (lookaheadMatch[1] == '+' ? "block" : "none");
wikify(lookaheadMatch[3],panel);
w.nextMatch = lookaheadMatch.index + lookaheadMatch[0].length;
}
},
onClickSlider : function(e) {
if(!e) var e = window.event;
var n = this.nextSibling;
n.style.display = (n.style.display=="none") ? "block" : "none";
return false;
}
});
//}}}
!!!OS Install & Update
# Install OS
# Update OS
!!! Terminal Services Installation
#full security
#autodiscover licensing server
#per device licensing mode
!!!Lockdown Server
#Set Filesystem Permissions
!!!Install Applications
http://www.msterminalservices.org/articles/Windows-Terminal-Services-Printing.html
http://www.msterminalservices.org/articles/Managing-Printer-Drivers.html?printversion
http://ts.veranoest.net/ts_printing.htm
{{{
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd]
"PrinterMappingINFName"="C:\\WINDOWS\\SYSTEM32\\TSPDRW\\NTPrintSubs.inf"
"PrinterMappingINFSection"="Printers"
}}}
There's the tsredirect utility from MS: tspdrw.exe
http://www.microsoft.com/downloads/details.aspx?familyid=9AD27BE9-40DB-484F-862E-38A094EEEAF7&displaylang=en
test aaa-server
Use the test aaa-server command to check whether the security appliance can authenticate or authorize users with a particular AAA server. Failure to reach the AAA server may be due to incorrect configuration on the security appliance, or the AAA server may be unreachable for other reasons, such as restrictive network configurations or server downtime.
test aaa-server {authentication | authorization} <server-tag> [host server-ip] [username <username>] [password <password>]
Syntax Description
authentication
Specifies that the security appliance should send a test authentication request.
authorization
Specifies that the security appliance should send a test authorization request.
host server-ip
Specifies The IP address of the AAA server.
password <password>
Specifies the password for the username given. The password argument is available only for authentication tests. Make sure the password is correct for the username entered; otherwise, the authentication test will fail.
server-tag
Specifies the symbolic name of the server group, as defined by the aaa-server protocol command.
Look for
{{{
aaa-server RADIUS protocol radius
aaa-server RADIUS host 10.0.0.33
}}}
username <username>
Specifies the username of the account used to test the AAA server settings. Make sure the username exists on the AAA server; otherwise, the test will fail.
{{{
FW1# test aaa authentication RADIUS host 10.0.0.33
Username: jcw
Password: *********
INFO: Attempting Authentication test to IP address <10.0.0.33> (timeout: 12 seconds)
ERROR: Authentication Server not responding: No error
FW1#
}}}
{{{
test aaa authentication radius host 10.11.1.2
}}}
DNS & Email:
https://dns-email.twcbc.com/
Help & Support:
http://help.twcbc.com
TW Biz Class Webmail:
http://mail.twcbc.com/
/***
|Name:|ToggleTagPlugin|
|Description:|Makes a checkbox which toggles a tag in a tiddler|
|Version:|3.1.0 ($Rev: 4907 $)|
|Date:|$Date: 2008-05-13 03:15:46 +1000 (Tue, 13 May 2008) $|
|Source:|http://mptw.tiddlyspot.com/#ToggleTagPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License:|http://mptw.tiddlyspot.com/#TheBSDLicense|
!!Usage
{{{<<toggleTag }}}//{{{TagName TiddlerName LabelText}}}//{{{>>}}}
* TagName - the tag to be toggled, default value "checked"
* TiddlerName - the tiddler to toggle the tag in, default value the current tiddler
* LabelText - the text (gets wikified) to put next to the check box, default value is '{{{[[TagName]]}}}' or '{{{[[TagName]] [[TiddlerName]]}}}'
(If a parameter is '.' then the default will be used)
* TouchMod flag - if non empty then touch the tiddlers mod date. Note, can set config.toggleTagAlwaysTouchModDate to always touch mod date
!!Examples
|Code|Description|Example|h
|{{{<<toggleTag>>}}}|Toggles the default tag (checked) in this tiddler|<<toggleTag>>|
|{{{<<toggleTag TagName>>}}}|Toggles the TagName tag in this tiddler|<<toggleTag TagName>>|
|{{{<<toggleTag TagName TiddlerName>>}}}|Toggles the TagName tag in the TiddlerName tiddler|<<toggleTag TagName TiddlerName>>|
|{{{<<toggleTag TagName TiddlerName 'click me'>>}}}|Same but with custom label|<<toggleTag TagName TiddlerName 'click me'>>|
|{{{<<toggleTag . . 'click me'>>}}}|dot means use default value|<<toggleTag . . 'click me'>>|
!!Notes
* If TiddlerName doesn't exist it will be silently created
* Set label to '-' to specify no label
* See also http://mgtd-alpha.tiddlyspot.com/#ToggleTag2
!!Known issues
* Doesn't smoothly handle the case where you toggle a tag in a tiddler that is current open for editing
* Should convert to use named params
***/
//{{{
if (config.toggleTagAlwaysTouchModDate == undefined) config.toggleTagAlwaysTouchModDate = false;
merge(config.macros,{
toggleTag: {
createIfRequired: true,
shortLabel: "[[%0]]",
longLabel: "[[%0]] [[%1]]",
handler: function(place,macroName,params,wikifier,paramString,tiddler) {
var tiddlerTitle = tiddler ? tiddler.title : '';
var tag = (params[0] && params[0] != '.') ? params[0] : "checked";
var title = (params[1] && params[1] != '.') ? params[1] : tiddlerTitle;
var defaultLabel = (title == tiddlerTitle ? this.shortLabel : this.longLabel);
var label = (params[2] && params[2] != '.') ? params[2] : defaultLabel;
var touchMod = (params[3] && params[3] != '.') ? params[3] : "";
label = (label == '-' ? '' : label); // dash means no label
var theTiddler = (title == tiddlerTitle ? tiddler : store.getTiddler(title));
var cb = createTiddlyCheckbox(place, label.format([tag,title]), theTiddler && theTiddler.isTagged(tag), function(e) {
if (!store.tiddlerExists(title)) {
if (config.macros.toggleTag.createIfRequired) {
var content = store.getTiddlerText(title); // just in case it's a shadow
store.saveTiddler(title,title,content?content:"",config.options.txtUserName,new Date(),null);
}
else
return false;
}
if ((touchMod != "" || config.toggleTagAlwaysTouchModDate) && theTiddler)
theTiddler.modified = new Date();
store.setTiddlerTag(title,this.checked,tag);
return true;
});
}
}
});
//}}}
/***
Contains the stuff you need to use Tiddlyspot
Note you must also have UploadPlugin installed
***/
//{{{
// edit this if you are migrating sites or retrofitting an existing TW
config.tiddlyspotSiteId = 'smaug9';
// make it so you can by default see edit controls via http
config.options.chkHttpReadOnly = false;
window.readOnly = false; // make sure of it (for tw 2.2)
window.showBackstage = true; // show backstage too
// disable autosave in d3
if (window.location.protocol != "file:")
config.options.chkGTDLazyAutoSave = false;
// tweak shadow tiddlers to add upload button, password entry box etc
with (config.shadowTiddlers) {
SiteUrl = 'http://'+config.tiddlyspotSiteId+'.tiddlyspot.com';
SideBarOptions = SideBarOptions.replace(/(<<saveChanges>>)/,"$1<<tiddler TspotSidebar>>");
OptionsPanel = OptionsPanel.replace(/^/,"<<tiddler TspotOptions>>");
DefaultTiddlers = DefaultTiddlers.replace(/^/,"[[WelcomeToTiddlyspot]] ");
MainMenu = MainMenu.replace(/^/,"[[WelcomeToTiddlyspot]] ");
}
// create some shadow tiddler content
merge(config.shadowTiddlers,{
'WelcomeToTiddlyspot':[
"This document is a ~TiddlyWiki from tiddlyspot.com. A ~TiddlyWiki is an electronic notebook that is great for managing todo lists, personal information, and all sorts of things.",
"",
"@@font-weight:bold;font-size:1.3em;color:#444; //What now?// @@ Before you can save any changes, you need to enter your password in the form below. Then configure privacy and other site settings at your [[control panel|http://" + config.tiddlyspotSiteId + ".tiddlyspot.com/controlpanel]] (your control panel username is //" + config.tiddlyspotSiteId + "//).",
"<<tiddler TspotControls>>",
"See also GettingStarted.",
"",
"@@font-weight:bold;font-size:1.3em;color:#444; //Working online// @@ You can edit this ~TiddlyWiki right now, and save your changes using the \"save to web\" button in the column on the right.",
"",
"@@font-weight:bold;font-size:1.3em;color:#444; //Working offline// @@ A fully functioning copy of this ~TiddlyWiki can be saved onto your hard drive or USB stick. You can make changes and save them locally without being connected to the Internet. When you're ready to sync up again, just click \"upload\" and your ~TiddlyWiki will be saved back to tiddlyspot.com.",
"",
"@@font-weight:bold;font-size:1.3em;color:#444; //Help!// @@ Find out more about ~TiddlyWiki at [[TiddlyWiki.com|http://tiddlywiki.com]]. Also visit [[TiddlyWiki.org|http://tiddlywiki.org]] for documentation on learning and using ~TiddlyWiki. New users are especially welcome on the [[TiddlyWiki mailing list|http://groups.google.com/group/TiddlyWiki]], which is an excellent place to ask questions and get help. If you have a tiddlyspot related problem email [[tiddlyspot support|mailto:support@tiddlyspot.com]].",
"",
"@@font-weight:bold;font-size:1.3em;color:#444; //Enjoy :)// @@ We hope you like using your tiddlyspot.com site. Please email [[feedback@tiddlyspot.com|mailto:feedback@tiddlyspot.com]] with any comments or suggestions."
].join("\n"),
'TspotControls':[
"| tiddlyspot password:|<<option pasUploadPassword>>|",
"| site management:|<<upload http://" + config.tiddlyspotSiteId + ".tiddlyspot.com/store.cgi index.html . . " + config.tiddlyspotSiteId + ">>//(requires tiddlyspot password)//<br>[[control panel|http://" + config.tiddlyspotSiteId + ".tiddlyspot.com/controlpanel]], [[download (go offline)|http://" + config.tiddlyspotSiteId + ".tiddlyspot.com/download]]|",
"| links:|[[tiddlyspot.com|http://tiddlyspot.com/]], [[FAQs|http://faq.tiddlyspot.com/]], [[blog|http://tiddlyspot.blogspot.com/]], email [[support|mailto:support@tiddlyspot.com]] & [[feedback|mailto:feedback@tiddlyspot.com]], [[donate|http://tiddlyspot.com/?page=donate]]|"
].join("\n"),
'TspotSidebar':[
"<<upload http://" + config.tiddlyspotSiteId + ".tiddlyspot.com/store.cgi index.html . . " + config.tiddlyspotSiteId + ">><html><a href='http://" + config.tiddlyspotSiteId + ".tiddlyspot.com/download' class='button'>download</a></html>"
].join("\n"),
'TspotOptions':[
"tiddlyspot password:",
"<<option pasUploadPassword>>",
""
].join("\n")
});
//}}}
/etc/udev/rules.d/z25_persistent-net.rules is the home of where Debian remembers the network adapters
http://www-128.ibm.com/developerworks/aix/library/au-unix-find.html
{{{
ASA#copy tftp [[flash:/disk0:][software image name/asdm image name]]
!--- Command to set an image as bootup or specify the
!--- ASDM image file.
ASA(config)#boot system [flash:/disk0:]/[software image name]
!--- Save active configuration to the Flash.
ASA#write memory
!--- Reboot the security appliance and load
!--- with the new boot image as per the configuration file.
ASA#reload
Example:
ASA5510#copy tftp disk0:
Address or name of remote host []? 172.16.31.1
Source filename []? asa722-k8.bin
Destination filename [asa722-k8.bin]?
Accessing tftp://172.16.31.1/asa722-k8.bin...!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Writing file disk0:/asa722-k8.bin...
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
8312832 bytes copied in 163.350 secs (50998 bytes/sec)
ASA5510#show disk0:
-#- --length-- -----date/time------ path
6 5124096 Jan 01 2003 00:06:22 asa702-k8.bin
7 5623108 Feb 12 2007 00:23:48 asdm-522.bin
10 5539756 Feb 12 2007 00:14:18 asdm-521.bin
11 8294400 Dec 07 2006 05:47:20 asa721-24-k8.bin
12 6002680 Dec 21 2006 03:58:30 asdm-52034.bin
13 8312832 Feb 12 2007 22:46:30 asa722-k8.bin
23949312 bytes available (38932480 bytes used)
!--- Command to set "asa722-k8.bin" as the boot image.
ASA5510(config)# boot system disk0:/asa722-k8.bin
!--- Command to set "asdm-522.bin" as the ASDM image.
ASA5510(config)# asdm image disk0:/asdm-522.bin
ASA5510# write memory
ASA5510# reload
}}}
| !date | !user | !location | !storeUrl | !uploadDir | !toFilename | !backupdir | !origin |
| 04/09/2012 15:43:23 | smaug9 | [[/|http://smaug9.tiddlyspot.com/]] | [[store.cgi|http://smaug9.tiddlyspot.com/store.cgi]] | . | [[index.html | http://smaug9.tiddlyspot.com/index.html]] | . | ok |
| 04/09/2012 15:45:26 | smaug9 | [[/|http://smaug9.tiddlyspot.com/]] | [[store.cgi|http://smaug9.tiddlyspot.com/store.cgi]] | . | [[index.html | http://smaug9.tiddlyspot.com/index.html]] | . |
| 21/09/2012 08:12:47 | smaug9 | [[/|http://smaug9.tiddlyspot.com/]] | [[store.cgi|http://smaug9.tiddlyspot.com/store.cgi]] | . | [[index.html | http://smaug9.tiddlyspot.com/index.html]] | . |
| 28/09/2012 16:54:17 | smaug9 | [[/|http://smaug9.tiddlyspot.com/]] | [[store.cgi|http://smaug9.tiddlyspot.com/store.cgi]] | . | [[index.html | http://smaug9.tiddlyspot.com/index.html]] | . |
| 07/03/2013 02:12:12 | smaug9 | [[/|http://smaug9.tiddlyspot.com/]] | [[store.cgi|http://smaug9.tiddlyspot.com/store.cgi]] | . | [[index.html | http://smaug9.tiddlyspot.com/index.html]] | . |
| 26/11/2013 16:13:45 | smaug9 | [[/|http://smaug9.tiddlyspot.com/]] | [[store.cgi|http://smaug9.tiddlyspot.com/store.cgi]] | . | [[index.html | http://smaug9.tiddlyspot.com/index.html]] | . | ok |
| 26/11/2013 16:14:22 | Smaug9 | [[/|http://smaug9.tiddlyspot.com/]] | [[store.cgi|http://smaug9.tiddlyspot.com/store.cgi]] | . | [[index.html | http://smaug9.tiddlyspot.com/index.html]] | . | ok |
| 26/11/2013 16:15:02 | Smaug9 | [[/|http://smaug9.tiddlyspot.com/]] | [[store.cgi|http://smaug9.tiddlyspot.com/store.cgi]] | . | [[index.html | http://smaug9.tiddlyspot.com/index.html]] | . | ok |
| 26/11/2013 17:29:01 | Smaug9 | [[/|http://smaug9.tiddlyspot.com/]] | [[store.cgi|http://smaug9.tiddlyspot.com/store.cgi]] | . | [[index.html | http://smaug9.tiddlyspot.com/index.html]] | . | ok |
| 26/11/2013 17:56:20 | Smaug9 | [[/|http://smaug9.tiddlyspot.com/]] | [[store.cgi|http://smaug9.tiddlyspot.com/store.cgi]] | . | [[index.html | http://smaug9.tiddlyspot.com/index.html]] | . |
/***
|''Name:''|PasswordOptionPlugin|
|''Description:''|Extends TiddlyWiki options with non encrypted password option.|
|''Version:''|1.0.2|
|''Date:''|Apr 19, 2007|
|''Source:''|http://tiddlywiki.bidix.info/#PasswordOptionPlugin|
|''Author:''|BidiX (BidiX (at) bidix (dot) info)|
|''License:''|[[BSD open source license|http://tiddlywiki.bidix.info/#%5B%5BBSD%20open%20source%20license%5D%5D ]]|
|''~CoreVersion:''|2.2.0 (Beta 5)|
***/
//{{{
version.extensions.PasswordOptionPlugin = {
major: 1, minor: 0, revision: 2,
date: new Date("Apr 19, 2007"),
source: 'http://tiddlywiki.bidix.info/#PasswordOptionPlugin',
author: 'BidiX (BidiX (at) bidix (dot) info',
license: '[[BSD open source license|http://tiddlywiki.bidix.info/#%5B%5BBSD%20open%20source%20license%5D%5D]]',
coreVersion: '2.2.0 (Beta 5)'
};
config.macros.option.passwordCheckboxLabel = "Save this password on this computer";
config.macros.option.passwordInputType = "password"; // password | text
setStylesheet(".pasOptionInput {width: 11em;}\n","passwordInputTypeStyle");
merge(config.macros.option.types, {
'pas': {
elementType: "input",
valueField: "value",
eventName: "onkeyup",
className: "pasOptionInput",
typeValue: config.macros.option.passwordInputType,
create: function(place,type,opt,className,desc) {
// password field
config.macros.option.genericCreate(place,'pas',opt,className,desc);
// checkbox linked with this password "save this password on this computer"
config.macros.option.genericCreate(place,'chk','chk'+opt,className,desc);
// text savePasswordCheckboxLabel
place.appendChild(document.createTextNode(config.macros.option.passwordCheckboxLabel));
},
onChange: config.macros.option.genericOnChange
}
});
merge(config.optionHandlers['chk'], {
get: function(name) {
// is there an option linked with this chk ?
var opt = name.substr(3);
if (config.options[opt])
saveOptionCookie(opt);
return config.options[name] ? "true" : "false";
}
});
merge(config.optionHandlers, {
'pas': {
get: function(name) {
if (config.options["chk"+name]) {
return encodeCookie(config.options[name].toString());
} else {
return "";
}
},
set: function(name,value) {config.options[name] = decodeCookie(value);}
}
});
// need to reload options to load passwordOptions
loadOptionsCookie();
/*
if (!config.options['pasPassword'])
config.options['pasPassword'] = '';
merge(config.optionsDesc,{
pasPassword: "Test password"
});
*/
//}}}
/***
|''Name:''|UploadPlugin|
|''Description:''|Save to web a TiddlyWiki|
|''Version:''|4.1.0|
|''Date:''|May 5, 2007|
|''Source:''|http://tiddlywiki.bidix.info/#UploadPlugin|
|''Documentation:''|http://tiddlywiki.bidix.info/#UploadPluginDoc|
|''Author:''|BidiX (BidiX (at) bidix (dot) info)|
|''License:''|[[BSD open source license|http://tiddlywiki.bidix.info/#%5B%5BBSD%20open%20source%20license%5D%5D ]]|
|''~CoreVersion:''|2.2.0 (#3125)|
|''Requires:''|PasswordOptionPlugin|
***/
//{{{
version.extensions.UploadPlugin = {
major: 4, minor: 1, revision: 0,
date: new Date("May 5, 2007"),
source: 'http://tiddlywiki.bidix.info/#UploadPlugin',
author: 'BidiX (BidiX (at) bidix (dot) info',
coreVersion: '2.2.0 (#3125)'
};
//
// Environment
//
if (!window.bidix) window.bidix = {}; // bidix namespace
bidix.debugMode = false; // true to activate both in Plugin and UploadService
//
// Upload Macro
//
config.macros.upload = {
// default values
defaultBackupDir: '', //no backup
defaultStoreScript: "store.php",
defaultToFilename: "index.html",
defaultUploadDir: ".",
authenticateUser: true // UploadService Authenticate User
};
config.macros.upload.label = {
promptOption: "Save and Upload this TiddlyWiki with UploadOptions",
promptParamMacro: "Save and Upload this TiddlyWiki in %0",
saveLabel: "save to web",
saveToDisk: "save to disk",
uploadLabel: "upload"
};
config.macros.upload.messages = {
noStoreUrl: "No store URL in parmeters or options",
usernameOrPasswordMissing: "Username or password missing"
};
config.macros.upload.handler = function(place,macroName,params) {
if (readOnly)
return;
var label;
if (document.location.toString().substr(0,4) == "http")
label = this.label.saveLabel;
else
label = this.label.uploadLabel;
var prompt;
if (params[0]) {
prompt = this.label.promptParamMacro.toString().format([this.destFile(params[0],
(params[1] ? params[1]:bidix.basename(window.location.toString())), params[3])]);
} else {
prompt = this.label.promptOption;
}
createTiddlyButton(place, label, prompt, function() {config.macros.upload.action(params);}, null, null, this.accessKey);
};
config.macros.upload.action = function(params)
{
// for missing macro parameter set value from options
var storeUrl = params[0] ? params[0] : config.options.txtUploadStoreUrl;
var toFilename = params[1] ? params[1] : config.options.txtUploadFilename;
var backupDir = params[2] ? params[2] : config.options.txtUploadBackupDir;
var uploadDir = params[3] ? params[3] : config.options.txtUploadDir;
var username = params[4] ? params[4] : config.options.txtUploadUserName;
var password = config.options.pasUploadPassword; // for security reason no password as macro parameter
// for still missing parameter set default value
if ((!storeUrl) && (document.location.toString().substr(0,4) == "http"))
storeUrl = bidix.dirname(document.location.toString())+'/'+config.macros.upload.defaultStoreScript;
if (storeUrl.substr(0,4) != "http")
storeUrl = bidix.dirname(document.location.toString()) +'/'+ storeUrl;
if (!toFilename)
toFilename = bidix.basename(window.location.toString());
if (!toFilename)
toFilename = config.macros.upload.defaultToFilename;
if (!uploadDir)
uploadDir = config.macros.upload.defaultUploadDir;
if (!backupDir)
backupDir = config.macros.upload.defaultBackupDir;
// report error if still missing
if (!storeUrl) {
alert(config.macros.upload.messages.noStoreUrl);
clearMessage();
return false;
}
if (config.macros.upload.authenticateUser && (!username || !password)) {
alert(config.macros.upload.messages.usernameOrPasswordMissing);
clearMessage();
return false;
}
bidix.upload.uploadChanges(false,null,storeUrl, toFilename, uploadDir, backupDir, username, password);
return false;
};
config.macros.upload.destFile = function(storeUrl, toFilename, uploadDir)
{
if (!storeUrl)
return null;
var dest = bidix.dirname(storeUrl);
if (uploadDir && uploadDir != '.')
dest = dest + '/' + uploadDir;
dest = dest + '/' + toFilename;
return dest;
};
//
// uploadOptions Macro
//
config.macros.uploadOptions = {
handler: function(place,macroName,params) {
var wizard = new Wizard();
wizard.createWizard(place,this.wizardTitle);
wizard.addStep(this.step1Title,this.step1Html);
var markList = wizard.getElement("markList");
var listWrapper = document.createElement("div");
markList.parentNode.insertBefore(listWrapper,markList);
wizard.setValue("listWrapper",listWrapper);
this.refreshOptions(listWrapper,false);
var uploadCaption;
if (document.location.toString().substr(0,4) == "http")
uploadCaption = config.macros.upload.label.saveLabel;
else
uploadCaption = config.macros.upload.label.uploadLabel;
wizard.setButtons([
{caption: uploadCaption, tooltip: config.macros.upload.label.promptOption,
onClick: config.macros.upload.action},
{caption: this.cancelButton, tooltip: this.cancelButtonPrompt, onClick: this.onCancel}
]);
},
refreshOptions: function(listWrapper) {
var uploadOpts = [
"txtUploadUserName",
"pasUploadPassword",
"txtUploadStoreUrl",
"txtUploadDir",
"txtUploadFilename",
"txtUploadBackupDir",
"chkUploadLog",
"txtUploadLogMaxLine",
]
var opts = [];
for(i=0; i<uploadOpts.length; i++) {
var opt = {};
opts.push()
opt.option = "";
n = uploadOpts[i];
opt.name = n;
opt.lowlight = !config.optionsDesc[n];
opt.description = opt.lowlight ? this.unknownDescription : config.optionsDesc[n];
opts.push(opt);
}
var listview = ListView.create(listWrapper,opts,this.listViewTemplate);
for(n=0; n<opts.length; n++) {
var type = opts[n].name.substr(0,3);
var h = config.macros.option.types[type];
if (h && h.create) {
h.create(opts[n].colElements['option'],type,opts[n].name,opts[n].name,"no");
}
}
},
onCancel: function(e)
{
backstage.switchTab(null);
return false;
},
wizardTitle: "Upload with options",
step1Title: "These options are saved in cookies in your browser",
step1Html: "<input type='hidden' name='markList'></input><br>",
cancelButton: "Cancel",
cancelButtonPrompt: "Cancel prompt",
listViewTemplate: {
columns: [
{name: 'Description', field: 'description', title: "Description", type: 'WikiText'},
{name: 'Option', field: 'option', title: "Option", type: 'String'},
{name: 'Name', field: 'name', title: "Name", type: 'String'}
],
rowClasses: [
{className: 'lowlight', field: 'lowlight'}
]}
}
//
// upload functions
//
if (!bidix.upload) bidix.upload = {};
if (!bidix.upload.messages) bidix.upload.messages = {
//from saving
invalidFileError: "The original file '%0' does not appear to be a valid TiddlyWiki",
backupSaved: "Backup saved",
backupFailed: "Failed to upload backup file",
rssSaved: "RSS feed uploaded",
rssFailed: "Failed to upload RSS feed file",
emptySaved: "Empty template uploaded",
emptyFailed: "Failed to upload empty template file",
mainSaved: "Main TiddlyWiki file uploaded",
mainFailed: "Failed to upload main TiddlyWiki file. Your changes have not been saved",
//specific upload
loadOriginalHttpPostError: "Can't get original file",
aboutToSaveOnHttpPost: 'About to upload on %0 ...',
storePhpNotFound: "The store script '%0' was not found."
};
bidix.upload.uploadChanges = function(onlyIfDirty,tiddlers,storeUrl,toFilename,uploadDir,backupDir,username,password)
{
var callback = function(status,uploadParams,original,url,xhr) {
if (!status) {
displayMessage(bidix.upload.messages.loadOriginalHttpPostError);
return;
}
if (bidix.debugMode)
alert(original.substr(0,500)+"\n...");
// Locate the storeArea div's
var posDiv = locateStoreArea(original);
if((posDiv[0] == -1) || (posDiv[1] == -1)) {
alert(config.messages.invalidFileError.format([localPath]));
return;
}
bidix.upload.uploadRss(uploadParams,original,posDiv);
};
if(onlyIfDirty && !store.isDirty())
return;
clearMessage();
// save on localdisk ?
if (document.location.toString().substr(0,4) == "file") {
var path = document.location.toString();
var localPath = getLocalPath(path);
saveChanges();
}
// get original
var uploadParams = Array(storeUrl,toFilename,uploadDir,backupDir,username,password);
var originalPath = document.location.toString();
// If url is a directory : add index.html
if (originalPath.charAt(originalPath.length-1) == "/")
originalPath = originalPath + "index.html";
var dest = config.macros.upload.destFile(storeUrl,toFilename,uploadDir);
var log = new bidix.UploadLog();
log.startUpload(storeUrl, dest, uploadDir, backupDir);
displayMessage(bidix.upload.messages.aboutToSaveOnHttpPost.format([dest]));
if (bidix.debugMode)
alert("about to execute Http - GET on "+originalPath);
var r = doHttp("GET",originalPath,null,null,null,null,callback,uploadParams,null);
if (typeof r == "string")
displayMessage(r);
return r;
};
bidix.upload.uploadRss = function(uploadParams,original,posDiv)
{
var callback = function(status,params,responseText,url,xhr) {
if(status) {
var destfile = responseText.substring(responseText.indexOf("destfile:")+9,responseText.indexOf("\n", responseText.indexOf("destfile:")));
displayMessage(bidix.upload.messages.rssSaved,bidix.dirname(url)+'/'+destfile);
bidix.upload.uploadMain(params[0],params[1],params[2]);
} else {
displayMessage(bidix.upload.messages.rssFailed);
}
};
// do uploadRss
if(config.options.chkGenerateAnRssFeed) {
var rssPath = uploadParams[1].substr(0,uploadParams[1].lastIndexOf(".")) + ".xml";
var rssUploadParams = Array(uploadParams[0],rssPath,uploadParams[2],'',uploadParams[4],uploadParams[5]);
bidix.upload.httpUpload(rssUploadParams,convertUnicodeToUTF8(generateRss()),callback,Array(uploadParams,original,posDiv));
} else {
bidix.upload.uploadMain(uploadParams,original,posDiv);
}
};
bidix.upload.uploadMain = function(uploadParams,original,posDiv)
{
var callback = function(status,params,responseText,url,xhr) {
var log = new bidix.UploadLog();
if(status) {
// if backupDir specified
if ((params[3]) && (responseText.indexOf("backupfile:") > -1)) {
var backupfile = responseText.substring(responseText.indexOf("backupfile:")+11,responseText.indexOf("\n", responseText.indexOf("backupfile:")));
displayMessage(bidix.upload.messages.backupSaved,bidix.dirname(url)+'/'+backupfile);
}
var destfile = responseText.substring(responseText.indexOf("destfile:")+9,responseText.indexOf("\n", responseText.indexOf("destfile:")));
displayMessage(bidix.upload.messages.mainSaved,bidix.dirname(url)+'/'+destfile);
store.setDirty(false);
log.endUpload("ok");
} else {
alert(bidix.upload.messages.mainFailed);
displayMessage(bidix.upload.messages.mainFailed);
log.endUpload("failed");
}
};
// do uploadMain
var revised = bidix.upload.updateOriginal(original,posDiv);
bidix.upload.httpUpload(uploadParams,revised,callback,uploadParams);
};
bidix.upload.httpUpload = function(uploadParams,data,callback,params)
{
var localCallback = function(status,params,responseText,url,xhr) {
url = (url.indexOf("nocache=") < 0 ? url : url.substring(0,url.indexOf("nocache=")-1));
if (xhr.status == httpStatus.NotFound)
alert(bidix.upload.messages.storePhpNotFound.format([url]));
if ((bidix.debugMode) || (responseText.indexOf("Debug mode") >= 0 )) {
alert(responseText);
if (responseText.indexOf("Debug mode") >= 0 )
responseText = responseText.substring(responseText.indexOf("\n\n")+2);
} else if (responseText.charAt(0) != '0')
alert(responseText);
if (responseText.charAt(0) != '0')
status = null;
callback(status,params,responseText,url,xhr);
};
// do httpUpload
var boundary = "---------------------------"+"AaB03x";
var uploadFormName = "UploadPlugin";
// compose headers data
var sheader = "";
sheader += "--" + boundary + "\r\nContent-disposition: form-data; name=\"";
sheader += uploadFormName +"\"\r\n\r\n";
sheader += "backupDir="+uploadParams[3] +
";user=" + uploadParams[4] +
";password=" + uploadParams[5] +
";uploaddir=" + uploadParams[2];
if (bidix.debugMode)
sheader += ";debug=1";
sheader += ";;\r\n";
sheader += "\r\n" + "--" + boundary + "\r\n";
sheader += "Content-disposition: form-data; name=\"userfile\"; filename=\""+uploadParams[1]+"\"\r\n";
sheader += "Content-Type: text/html;charset=UTF-8" + "\r\n";
sheader += "Content-Length: " + data.length + "\r\n\r\n";
// compose trailer data
var strailer = new String();
strailer = "\r\n--" + boundary + "--\r\n";
data = sheader + data + strailer;
if (bidix.debugMode) alert("about to execute Http - POST on "+uploadParams[0]+"\n with \n"+data.substr(0,500)+ " ... ");
var r = doHttp("POST",uploadParams[0],data,"multipart/form-data; boundary="+boundary,uploadParams[4],uploadParams[5],localCallback,params,null);
if (typeof r == "string")
displayMessage(r);
return r;
};
// same as Saving's updateOriginal but without convertUnicodeToUTF8 calls
bidix.upload.updateOriginal = function(original, posDiv)
{
if (!posDiv)
posDiv = locateStoreArea(original);
if((posDiv[0] == -1) || (posDiv[1] == -1)) {
alert(config.messages.invalidFileError.format([localPath]));
return;
}
var revised = original.substr(0,posDiv[0] + startSaveArea.length) + "\n" +
store.allTiddlersAsHtml() + "\n" +
original.substr(posDiv[1]);
var newSiteTitle = getPageTitle().htmlEncode();
revised = revised.replaceChunk("<title"+">","</title"+">"," " + newSiteTitle + " ");
revised = updateMarkupBlock(revised,"PRE-HEAD","MarkupPreHead");
revised = updateMarkupBlock(revised,"POST-HEAD","MarkupPostHead");
revised = updateMarkupBlock(revised,"PRE-BODY","MarkupPreBody");
revised = updateMarkupBlock(revised,"POST-SCRIPT","MarkupPostBody");
return revised;
};
//
// UploadLog
//
// config.options.chkUploadLog :
// false : no logging
// true : logging
// config.options.txtUploadLogMaxLine :
// -1 : no limit
// 0 : no Log lines but UploadLog is still in place
// n : the last n lines are only kept
// NaN : no limit (-1)
bidix.UploadLog = function() {
if (!config.options.chkUploadLog)
return; // this.tiddler = null
this.tiddler = store.getTiddler("UploadLog");
if (!this.tiddler) {
this.tiddler = new Tiddler();
this.tiddler.title = "UploadLog";
this.tiddler.text = "| !date | !user | !location | !storeUrl | !uploadDir | !toFilename | !backupdir | !origin |";
this.tiddler.created = new Date();
this.tiddler.modifier = config.options.txtUserName;
this.tiddler.modified = new Date();
store.addTiddler(this.tiddler);
}
return this;
};
bidix.UploadLog.prototype.addText = function(text) {
if (!this.tiddler)
return;
// retrieve maxLine when we need it
var maxLine = parseInt(config.options.txtUploadLogMaxLine,10);
if (isNaN(maxLine))
maxLine = -1;
// add text
if (maxLine != 0)
this.tiddler.text = this.tiddler.text + text;
// Trunck to maxLine
if (maxLine >= 0) {
var textArray = this.tiddler.text.split('\n');
if (textArray.length > maxLine + 1)
textArray.splice(1,textArray.length-1-maxLine);
this.tiddler.text = textArray.join('\n');
}
// update tiddler fields
this.tiddler.modifier = config.options.txtUserName;
this.tiddler.modified = new Date();
store.addTiddler(this.tiddler);
// refresh and notifiy for immediate update
story.refreshTiddler(this.tiddler.title);
store.notify(this.tiddler.title, true);
};
bidix.UploadLog.prototype.startUpload = function(storeUrl, toFilename, uploadDir, backupDir) {
if (!this.tiddler)
return;
var now = new Date();
var text = "\n| ";
var filename = bidix.basename(document.location.toString());
if (!filename) filename = '/';
text += now.formatString("0DD/0MM/YYYY 0hh:0mm:0ss") +" | ";
text += config.options.txtUserName + " | ";
text += "[["+filename+"|"+location + "]] |";
text += " [[" + bidix.basename(storeUrl) + "|" + storeUrl + "]] | ";
text += uploadDir + " | ";
text += "[[" + bidix.basename(toFilename) + " | " +toFilename + "]] | ";
text += backupDir + " |";
this.addText(text);
};
bidix.UploadLog.prototype.endUpload = function(status) {
if (!this.tiddler)
return;
this.addText(" "+status+" |");
};
//
// Utilities
//
bidix.checkPlugin = function(plugin, major, minor, revision) {
var ext = version.extensions[plugin];
if (!
(ext &&
((ext.major > major) ||
((ext.major == major) && (ext.minor > minor)) ||
((ext.major == major) && (ext.minor == minor) && (ext.revision >= revision))))) {
// write error in PluginManager
if (pluginInfo)
pluginInfo.log.push("Requires " + plugin + " " + major + "." + minor + "." + revision);
eval(plugin); // generate an error : "Error: ReferenceError: xxxx is not defined"
}
};
bidix.dirname = function(filePath) {
if (!filePath)
return;
var lastpos;
if ((lastpos = filePath.lastIndexOf("/")) != -1) {
return filePath.substring(0, lastpos);
} else {
return filePath.substring(0, filePath.lastIndexOf("\\"));
}
};
bidix.basename = function(filePath) {
if (!filePath)
return;
var lastpos;
if ((lastpos = filePath.lastIndexOf("#")) != -1)
filePath = filePath.substring(0, lastpos);
if ((lastpos = filePath.lastIndexOf("/")) != -1) {
return filePath.substring(lastpos + 1);
} else
return filePath.substring(filePath.lastIndexOf("\\")+1);
};
bidix.initOption = function(name,value) {
if (!config.options[name])
config.options[name] = value;
};
//
// Initializations
//
// require PasswordOptionPlugin 1.0.1 or better
bidix.checkPlugin("PasswordOptionPlugin", 1, 0, 1);
// styleSheet
setStylesheet('.txtUploadStoreUrl, .txtUploadBackupDir, .txtUploadDir {width: 22em;}',"uploadPluginStyles");
//optionsDesc
merge(config.optionsDesc,{
txtUploadStoreUrl: "Url of the UploadService script (default: store.php)",
txtUploadFilename: "Filename of the uploaded file (default: in index.html)",
txtUploadDir: "Relative Directory where to store the file (default: . (downloadService directory))",
txtUploadBackupDir: "Relative Directory where to backup the file. If empty no backup. (default: ''(empty))",
txtUploadUserName: "Upload Username",
pasUploadPassword: "Upload Password",
chkUploadLog: "do Logging in UploadLog (default: true)",
txtUploadLogMaxLine: "Maximum of lines in UploadLog (default: 10)"
});
// Options Initializations
bidix.initOption('txtUploadStoreUrl','');
bidix.initOption('txtUploadFilename','');
bidix.initOption('txtUploadDir','');
bidix.initOption('txtUploadBackupDir','');
bidix.initOption('txtUploadUserName','');
bidix.initOption('pasUploadPassword','');
bidix.initOption('chkUploadLog',true);
bidix.initOption('txtUploadLogMaxLine','10');
/* don't want this for tiddlyspot sites
// Backstage
merge(config.tasks,{
uploadOptions: {text: "upload", tooltip: "Change UploadOptions and Upload", content: '<<uploadOptions>>'}
});
config.backstageTasks.push("uploadOptions");
*/
//}}}
so the vlans get listed as root-enumerated devices.
{{{
ROOT\IANSMINIPORT\0000 : Intel(R) 82566DM Gigabit Network Connection - VLAN : ID30
ROOT\IANSMINIPORT\0001 : Intel(R) 82566DM Gigabit Network Connection - VLAN : Untagged VLAN
}}}
which means that you have to refer to them with an '@' sign when using it with devcon. something like:
{{{
devcon disable @ROOT\IANSMINIPORT\0000
}}}
online quiz:
http://www.vmuser.com/joomla/index.php?option=com_joomlaquiz&Itemid=7
Ref Card:
http://vmreference.googlepages.com/vmreferenceVI3Card1.1.pdf
VMware Blueprint
http://mylearn1.vmware.com/lcms/mL_faq/1714/VCP3.5Blueprint.PDF
!!line numbers
on:
{{{
:set number
}}}
off:
{{{
:set nonumber
}}}
Trunk Port: tagged for all vlans
Access Port: untagged for 1 vlan
VLAN1 VLAN2
1 Tagged Tagged
2-12 Untagged Untagged
13-24 Untagged Tagged
But I'm beginning to think that this is incorrect. I tagged port 1 to both because of the PIX interface being trunked. I left the remaineder untagged because this is the native vlan (now I'm not 100% sure if these two issues are even related). I can ping the default gateway on the PIX which is defined as physical. However, if I change port 2 (where the PC I'm testing from is plugged into) then I can no longer reach the pix. I don't quiet understand that, surely Tagging it into VLAN1 is a more explicit way of saying that the port belongs to VLAN1.
On the second VLAN however, where I've tagged all the ports for VLAN2, I cannot reach the interface on the pix (same subnet, defined on the PIX as logical). Am I completely missing the point here? Could somebody explin to me a little about the tagging? If I changed the VLAN assignement for VLAN2 on port 13 to Unassigned, would it work? Sorry, I didn't have much time to test yet ... but it just seems the more I think about this the more confused I get about the tagging and the native VLAN. Can somebody help me out at all?
Irish Poetry - Karen O'Connor
Get your Irish Poetry Published
Garten und Landschaftsbau
Start your own Tek-Tips Group! Click Here!
Helpful Member!TheBublitz (IS/IT--Management)
7 Jul 06 16:29
OK here is the skinny on VLAN tagging.
1. You ONLY tagg a port if it is going to recieve traffic from more than 1 vlan.(Examples would be an access point may be connected to a switch port. The access point may serv requests for Laptops<--Not 802.1q compatible so only get traffic from untagged vlan ususally vlan 1, and then wireless ip phones <---probably vlan 2 Tagged) another example is some people connect their PC to their IP phones to conserv cable drops. SO you set the phone to vlan 2 TAGGED and the pc only gets vlan 1 info Untagged.
2. You can only have 1 Untagged Vlan per port.
3. All non 802.1q devices will only recieve traffic on a port from the UNtagged VLan
4.Trunk ports to other hp switchs NEED to have both ends configured for 802.1q so both switchs get vlan 1 and 2 info
5. If you assign a device to ONLY 1 vlan lets say vlan 2. You dont need to tagg the vlan. so you would enter.....
vlan 2 untagged ethernet 5
This would take port 5 out of vlan 1 and into vlan 2 untagged(there is No need for the tag since its apart of only 1 vlan which is vlan 2).
If you wanted port 5 to be an access point OR a trunk port to another hp switch you would enter this
vlan 2 tagged ethernet 5
This would leave port 5 in vlan 1 untagged, and it would also be apart of vlan 2 tagged
6. If your PIX isn't 802.1q compatible then you need to enable IP routing on your switch to route between vlans. to do this enter the command...
ip routing
VERY important hehe
7. If you switch is going to be routing the vlans(most common setup)
All devices on vlan 2 Need to set their gateway to the switch IP configured for vlan 2.
The same can be said for vlan 1 devices unless you want the pix to be the gateway. (I woulden't reccommend this unless there wont be much traffic between the vlans)
8. The switch should use the PIX as its gateway or make a route
0.0.0.0 0.0.0.0 (ip of pix)
9. The pix needs a route to lan 2 also if its not handling vlan 2 traffic. Ill use 10.50.10.0/24 as an example for vlan 2 network and 10.30.30.0/24 for vlan 1 netowrk.
"10.50.10.0 255.255.255.0 (vlan 1)" (ip addres of vlan 1 configured into switch
and another route (if vlan 1 devices are using switch as gateway)
"10.30.30.0 255.255.255.0 (vlan 1)" (ip configured in the switch)
Billy Bublitz
Integrity Windows and Doors
{{{get-vm | get-vmresourceconfiguration | select VM,MemLimitMB,CpuLimitMhz | sort MemLimitMB | ft -auto}}}
#configure pNIC parameters
##[[esxcfg-nics]]
#create vswitch
##[[esxcfg-vswitch -a]]
#link pNIC with vswitch
##[[esxcfg-vswitch -L]]
#link additional pNIC with vswitch
##[[esxcfg-vswitch -L]]
#create portgroup on vswitch
##[[esxcfg-vswitch -A]]
Help: [[esxcfg-vswitch help]]
{{{
Add-PSSnapin VMware.VimAutomation.Core
}}}
{{{
Connect-VIServer vcenter2.domain.tld
}}}
{{{
ASA# conf t
ASA(config)# group-policy groupname attributes
ASA(config-group-policy)# vpn-idle-timeout 30
ASA(config-group-policy)# <control z>
ASA# wr m
}}}
{{{
hostname fw-compguard
domain-name compguard.net
access-list NONAT permit ip 192.168.10.0 255.255.255.0 172.31.1.0 255.255.255.0
access-list VPN-ACL permit ip 192.168.10.0 255.255.255.0 172.31.1.0 255.255.255.0
ip address outside 72.43.91.75 255.255.255.192
ip address inside 192.168.10.1 255.255.255.0
ip local pool VPNPOOL 172.31.1.10-172.31.1.20
global (outside) 1 interface
nat (inside) 0 access-list NONAT
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
route outside 0.0.0.0 0.0.0.0 72.43.91.65 1
aaa-server LOCAL protocol local
sysopt connection permit-ipsec
crypto ipsec transform-set SET1 esp-3des esp-md5-hmac
crypto dynamic-map VPNMAP1 20 set transform-set SET1
crypto map CLIENT-MAP 65535 ipsec-isakmp dynamic VPNMAP1
crypto map CLIENT-MAP client authentication LOCAL
crypto map CLIENT-MAP interface outside
isakmp enable outside
isakmp identity address
isakmp nat-traversal 20
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption 3des
isakmp policy 10 hash md5
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400
vpngroup VPN address-pool VPNPOOL
vpngroup VPN default-domain compguard.net
vpngroup VPN split-tunnel VPN-ACL
vpngroup VPN idle-time 1800
vpngroup VPN password ********
username mjz2 password XXXXXXXXXXXXXXx encrypted privilege 2
}}}
http://www.microsoft.com/downloads/thankyou.aspx?familyId=95ac1610-c232-4644-b828-c55eec605d55&displayLang=en
{{{
@echo off && for /l %i in (1,1,9999) do echo.|time | findstr current && ping -n 1 4.2.2.2 | findstr Reply && timeout /t 5 > nul
}}}
{{{
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout]
"Scancode Map"=hex:00,00,00,00,00,00,00,00,02,00,00,00,1d,00,3a,00,00,00,00,00
}}}
Registry Keys for Environment Variables
For those who are experienced with editing the Registry, there is another way to make changes in environment variables.
User environment variables are stored in the Registry in the key:
{{{
HKEY_CURRENT_USER\Environment
}}}
System variables are found in the key:
{{{
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment
}}}
Note that any environment variable that is in the form that needs to be expanded (for example, %PATH%) must be stored in the registry as a REG_EXPAND_SZ registry value. Editing the Registry is primarily for scripts used by systems administrators and is not recommended for the average PC user.
Using the add-on tool Setx.exe
It is not part of the standard Windows XP setup but a command-line tool called setx.exe is included in the Windows XP Service Pack 2 Support Tools. This tool extends the set command so that permanent changes in the environment variables can be made. For example, to add a folder C:\New Folder to the path, the command would be setx path "%PATH%;C:\New Folder"
I recently set up disk space alerts for a few servers.
The trick to get the alerts to run all the time:
Configure the alert on the Schedule tab:
#set the 'Start scan' time to a time in the past
#set the 'Stop scan' to 'After' 100000 days
If moving a task between servers (or cloning a vm template), you may need to change the account that the alert runs under.
Here's my setup:
General tab:
{{{
Comment: Free space on system volume
Counters:\LogicalDisk(C:)\Free Megabytes
Alert when the value is: 'Under' Limit: '5000'
Sample data every: Interval: '30' Units: 'seconds'
Run As: host\username
}}}
Action tab:
{{{
When an alert is triggered:
[X] Log an entry int he application event log
[ ] Send a network message to:
[ ] Start performance data log
[ ] Run this program: 'c:\bin\diskspacealert.cmd
}}}
Command Line Arguments:
{{{
[ ] Single argument string
[X] Date/time
[X] Measured Value
[X] Alert Name
[X] Counter Name
[X] Limit Value
[ ] Text Message
}}}
Schedule tab:
{{{
Start scan: any time in the past
Stop scan: after 100000 days
When an alert scan finishes: [X] start a new scan
}}}
c:\bin\diskspacealert.cmd:
{{{
date /t >> c:\bin\alert.txt
time /t >> c:\bin\alert.txt
set emailprogram=c:\bin\blat.exe
set recip=netadmins@domain.org
set subject="%computername% Disk Space Alert: %~4 MB Free"
set body="%~1 %~2 %~3 %~4 %~5"
%emailprogram% - -t %recip% -s %subject% -body %body% >> c:\bin\alert.txt 2>&1
echo args = %* >> c:\bin\alert.txt
echo blat = %emailprogram% >> c:\bin\alert.txt
echo recip = %recip% >> c:\bin\alert.txt
echo subject = %subject% >> c:\bin\alert.txt
echo body = %body% >> c:\bin\alert.txt
echo. >> c:\bin\alert.txt
echo. >> c:\bin\alert.txt
}}}
Note to self: this alert batch file could probably be engineered for any alert.
{{{
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout]
"Scancode Map"=-
}}}
{{{
ip proto ICMP
}}}
Case F@#%$in Sensitive.
*add c:\horcm\etc to path
*set environmental variables, then open new command prompt to get those variables:
{{{
horcc_mrcf=1
horcminst=0
}}}
*horcm files must be the same on both sides, local & remote
**Local
{{{
HORCM_MON
#host service poll timeout(10ms)
<LocalHost> horcm0 -1 3000
HORCM_CMD
\\.\CMD-<XPSN>-<hex of entire cu:ldev>
HORCM_LDEV
#device_group device_name serial cu:ldev mu
<groupname> <devname> <SN> <cu:ldev local to server> <mu>
HORCM_INST
<localhost> <remotehost> <horcminstance (usually horcm0)>
}}}
**Remote
{{{
HORCM_MON
#host service poll timeout(10ms)
<remotehost> horcm0 -1 3000
HORCM_CMD
\\.\CMD-<XPSN>-<hex of entire cu:ldev>
HORCM_LDEV
#device_group device_name serial cu:ldev mu
<groupname> <devname> <SN> 00:41 0
HORCM_INST
<remotehost> <localhost> <horcminstance (usually horcm0)>
}}}
*Start the horcmstart0 service from services.msc, not from cli. Otherwise the service stops when you logout. Acchh!
*add everycli=1 to horcmstart0run.txt if you want to run it as localservice
!!!!Create pair
{{{
paircreate -g <groupname> -vl (localprimary) | -vr (remoteprimary)
}}}
!!!!Fracture pair
{{{
pairsplit -g <groupname>
}}}
!!!!Resynch pair
{{{
pairresync -g <groupname>
}}}
!!!!Delete pair
{{{
pairsplit -S -g <groupname>
}}}
The dash character is a special character in Bash as noted at http://tldp.org/LDP/abs/html/special-chars.html#DASHREF. So escaping this once just gets you past Bash, but Grep still has it's own meaning to dashes (by providing options).
So you really need to escape it twice (if you prefer not to use the other mentioned answers). The following will/should work
{{{
grep \\-X
grep '\-X'
grep "\-X"
}}}
One way to try out how Bash passes arguments to a script/program is to create a .sh script that just echos all the arguments. I use a script called echo-args.sh to play with from time to time, all it contains is:
{{{
echo $*
}}}
I invoke it as:
{{{
bash echo-args.sh \-X
bash echo-args.sh \\-X
bash echo-args.sh "\-X"
}}}
{{{
hostb:~# cd /etc/boxbackup/
hostb:/etc/boxbackup# /usr/bin/bbstored-certs ca init
Generating RSA private key, 2048 bit long modulus
....+++
.............+++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, YOUR name) []:Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:An optional company name []:
Signature ok
subject=/CN=Backup system client root
Getting Private key
Generating RSA private key, 2048 bit long modulus
.................+++
...................................................................................+++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, YOUR name) []:Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:An optional company name []:
Signature ok
subject=/CN=Backup system server root
Getting Private key
hostb:/etc/boxbackup#
}}}
{{{
hostb:~# /usr/sbin/bbstored-config /etc/boxbackup hostb.ath.cx bbstored
Checking permissions on /home/108boxbackup/backup
Checking permissions on /home/108boxbackup/backup
Checking permissions on /home/108boxbackup/backup
Setup bbstored config utility.
Configuration:
Writing configuration file: /etc/boxbackup/bbstored.conf
Writing empty accounts file: /etc/boxbackup/bbstored/accounts.txt
Server hostname: hostb.ath.cx
RaidFile config: /etc/boxbackup/raidfile.conf
Creating blank accounts file
Generating private key...
Generating RSA private key, 2048 bit long modulus
............................................+++
.......+++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, YOUR name) []:Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:An optional company name []:
Writing configuration file /etc/boxbackup/bbstored.conf
===================================================================
bbstored basic configuration complete.
What you need to do now...
1) Sign /etc/boxbackup/bbstored/hostb.ath.cx-csr.pem
using the bbstored-certs utility.
2) Install the server certificate and root CA certificate as
/etc/boxbackup/bbstored/hostb.ath.cx-cert.pem
/etc/boxbackup/bbstored/clientCA.pem
3) You may wish to read the configuration file
/etc/boxbackup/bbstored.conf
and adjust as appropraite.
4) Create accounts with bbstoreaccounts
5) Start the backup store daemon with the command
/usr/local/bin/bbstored
in /etc/rc.local, or your local equivalent.
===================================================================
hostb:~#
}}}
SN? eprpsave, Server EXE-BGTST10 responded with an error "" (4) to a prepare save request
toggle listener
#save all switch info: {{{supportsave}}}
#save switch config info: {{{configupload}}}
#confirm current firmware version: {{{firmwareshow}}}
#download new firmware: {{{firmwaredownload}}}
#confirm new firmware version: {{{firmwareshow}}}
http://wiki.centos.org/Repositories/CentOSPlus
#Go to Start>> Control Panel>> System.
#At the bottom of the System applet, you'll see a link titled: "Change product key". Click this link.
#Click Next, then in the resulting window, enter your new product key ID information.
#Click OK.
{{{
LunCount=0
for DEVICE in $( esxcli nmp device list | grep naa.60060e8005712a000000712a | grep -v Device | sort); do
set -x
esxcli nmp device setpolicy --device $DEVICE --psp VMW_PSP_RR
set +x
(( ++LunCount ))
echo LunCount: $LunCount
for count in {30..1}; do
sleep 1
done
done
}}}
{{{
fw(config)# ip local pool vpnpool1 172.29.129.1-172.29.129.10 mask 255.255.255$
fw(config)# username Smaug9 password xxxxxxx
fw(config)# tunnel-group vpn1 type ipsec-ra
fw(config)# tunnel-group vpn1 general-attributes
fw(config-tunnel-general)# address-pool vpnpool1
fw(config-tunnel-general)# tunnel-group vpn1 ipsec-attributes
fw(config-tunnel-ipsec)# pre-shared-key xxxxxxxx
fw(config-tunnel-ipsec)# exit
fw# conf t
fw(config)# isakmp policy 10 authentication pre-share
fw(config)# isakmp policy 10 encryption 3des
fw(config)# isakmp policy 10 hash shaI
fw(config)# isakmp policy 10 group 2
fw(config)# isakmp enable outside
fw(config)# crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
fw(config)# crypto dynamic-map map1 10 set transfor ESP-3DES-SHA
fw(config)# crypto dynamic-map map1 10 set reverse-route
fw(config)# crypto dynamic-map map1 10 set security-association lifetime seconds 28800
fw(config)# crypto map map2 65534 ipsec-isakmp dynamic map1
fw(config)# crypto map map2 interface outside
fw(config)# crypto isakmp nat-traversal
fw(config)# sysopt connection permit-vpn
fw(config)# group-policy vpn1 internal
fw(config)# group-policy vpn1 attributes
fw(config-group-policy)# vpn-tunnel-protocol ipsec
fw(config-group-policy)# access-list split-tunnel standard permit 10.90.0.0 25$
fw(config-group-policy)# split-tunnel-policy tunnelspecified
fw(config-group-policy)# split-tunnel-network-list value split-tunnel
fw(config-group-policy)# exit
fw# wr me
}}}
from: http://www.cisco.com/en/US/customer/products/ps6120/products_configuration_example09186a008060f25c.shtml#cli
{{{
ASA-AIP-CLI(config)#show running-config
ASA Version 7.2(2)
!
hostname ASAwAIP-CLI
domain-name corp.com
enable password WwXYvtKrnjXqGbu1 encrypted
names
!
interface Ethernet0/0
nameif Outside
security-level 0
ip address 10.10.10.2 255.255.255.0
!
interface Ethernet0/1
nameif inside
security-level 100
ip address 172.16.1.2 255.255.255.0
!
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
!
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
!
interface Management0/0
shutdown
no nameif
no security-level
no ip address
!
passwd 2KFQnbNIdI.2KYOU encrypted
ftp mode passive
dns server-group DefaultDNS
domain-name corp.com
pager lines 24
mtu Outside 1500
mtu inside 1500
ip local pool vpnpool 172.16.1.100-172.16.1.199 mask 255.255.255.0
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
group-policy hillvalleyvpn1 internal
group-policy hillvalleyvpn1 attributes
dns-server value 172.16.1.11
vpn-tunnel-protocol IPSec
default-domain value test.com
username marty password 6XmYwQOO9tiYnUDN encrypted
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto dynamic-map Outside_dyn_map 10 set transform-set ESP-3DES-SHA
crypto dynamic-map outside_dyn_map 10 set security-association lifetime seconds 288000
crypto map Outside_map 10 ipsec-isakmp dynamic Outside_dyn_map
crypto map Outside_map interface Outside
crypto isakmp enable Outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp nat-traversal 20
tunnel-group hillvalleyvpn type ipsec-ra
tunnel-group hillvalleyvpn general-attributes
address-pool vpnpool
tunnel-group hillvalleyvpn ipsec-attributes
pre-shared-key *
telnet timeout 5
ssh timeout 5
console timeout 0
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
!
service-policy global_policy global
prompt hostname context
Cryptochecksum:0f78ee7ef3c196a683ae7a4804ce1192
: end
ASA-AIP-CLI(config)#
}}}
*List sessions
{{{
query session /server:<servername>
}}}
*Reset session
{{{
reset session <ID> /server:<servername>
}}}
{{{
dpkg-reconfigure exim4-common
}}}
{{{
echo `date +%Y%m%d`.`date +%H%M`
}}}
{{{
[rsync@northernstaging rsync]$ date
Wed Nov 22 10:07:20 EST 2006
[rsync@northernstaging rsync]$ date +%Y%m%d%H%M
200611221011
[rsync@northernstaging rsync]$ date +%Y%m%d
20061122
}}}
{{{
Domain Controller Diagnosis
dcdiag.exe /s:<Domain Controller> [/u:<Domain>\<Username> /p:*|<Password>|""]
[/hqv] [/n:<Naming Context>] [/f:<Log>] [/ferr:<Errlog>]
[/skip:<Test>] [/test:<Test>]
/h: Display this help screen
/s: Use <Domain Controller> as Home Server. Ignored for DcPromo and
RegisterInDns tests which can only be run locally.
/n: Use <Naming Context> as the Naming Context to test
Domains may be specified in Netbios, DNS or DN form.
/u: Use domain\username credentials for binding.
Must also use the /p option
/p: Use <Password> as the password. Must also use the /u option
/a: Test all the servers in this site
/e: Test all the servers in the entire enterprise. Overrides /a
/q: Quiet - Only print error messages
/v: Verbose - Print extended information
/i: ignore - ignores superfluous error messages.
/fix: fix - Make safe repairs.
/f: Redirect all output to a file <Log>, /ferr will redirect error output
seperately.
/ferr:<ErrLog> Redirect fatal error output to a seperate file <ErrLog>
/c: Comprehensive, runs all tests, including non-default tests but excluding
DcPromo and RegisterInDNS. Can use with /skip
/test:<TestName> - Test only this test. Required tests will still
be run. Do not mix with /skip.
Valid tests are:
Connectivity - Tests whether DCs are DNS registered, pingeable, and
have LDAP/RPC connectivity.
Replications - Checks for timely replication between domain controllers.
Topology - Checks that the generated topology is fully connected for
all DCs.
CutoffServers - Check for servers that won't receive replications
because its partners are down
NCSecDesc - Checks that the security descriptosrs on the naming
context heads have appropriate permissions for replication.
NetLogons - Checks that the appropriate logon priviledges allow
replication to proceed.
Advertising - Checks whether each DC is advertising itself, and whether
it is advertising itself as having the capabilities of a DC.
KnowsOfRoleHolders - Check whether the DC thinks it knows the role
holders, and prints these roles out in verbose mode.
Intersite - Checks for failures that would prevent or temporarily
hold up intersite replication.
FsmoCheck - Checks that global role-holders are known, can be
located, and are responding.
RidManager - Check to see if RID master is accessable and to see if
it contains the proper information.
MachineAccount - Check to see if the Machine Account has the proper
information. Use /RecreateMachineAccount to attempt a repair
if the local machine account is missing. Use /FixMachineAccount
if the machine account flags are incorrect
Services - Check to see if appropriate DC services are running.
OutboundSecureChannels - See if we have secure channels from all of the
DC's in the domain the domains specified by /testdomain:.
/nositerestriction will prevent the test from
being limited to the DC's in the site.
ObjectsReplicated - Check that Machine Account and DSA objects have
replicated. Use /objectdn:<dn> with /n:<nc> to specify an
additional object to check.
frssysvol - This test checks that the file replication system (FRS)
SYSVOL is ready
frsevent - This test checks to see if there are any operation errors
in the file replication system (FRS). Failing replication
of the SYSVOL share, can cause Policy problems.
kccevent - This test checks that the Knowledge Consistency Checker
is completing without errors.
systemlog - This test checks that the system is running without errors.
DcPromo - Tests the existing DNS infrastructure for promotion to domain
controller. If the infrastructure is sufficient, the computer
can be promoted to domain controller in a domain specified in
<Active_Directory_Domain_DNS_Name>. Reports whether any
modifications to the existing DNS infrastructure are required.
Required argument:
/DnsDomain:<Active_Directory_Domain_DNS_Name>
One of the following arguments is required:
/NewForest
/NewTree
/ChildDomain
/ReplicaDC
If NewTree is specified, then the ForestRoot argument is
required:
/ForestRoot:<Forest_Root_Domain_DNS_Name>
RegisterInDNS - Tests whether this domain controller can register the
Domain Controller Locator DNS records. These records must be
present in DNS in order for other computers to locate this
domain controller for the <Active_Directory_Domain_DNS_Name>
domain. Reports whether any modifications to the existing DNS
infrastructure are required.
Required argument:
/DnsDomain:<Active_Directory_Domain_DNS_Name>
CrossRefValidation - This test looks for cross-refs that are in some
way invalid.
CheckSDRefDom - This test checks that all application directory
partitions have appropriate security descriptor reference
domains.
VerifyReplicas - This test verifys that all application directory
partitions are fully instantiated on all replica servers.
VerifyReferences - This test verifys that certain system references
are intact for the FRS and Replication infrastructure.
VerifyEnterpriseReferences - This test verifys that certain system
references are intact for the FRS and Replication
infrastructure across all objects in the enterprise
on each DC.
CheckSecurityError - Locates security errors (or those possibly security related)
and performs the initial diagnosis of the problem.
Optional Arguments:
/ReplSource:<Source DC> to target a specific source,
regardless of it's error status. Need not be a current partner.
DNS - This test checks the health of DNS settings
for the whole enterprise. Sub tests can be run individually
using the switches below. By default, all tests except
external name resolution are run)
/DnsBasic (basic tests, can't be skipped)
/DnsForwarders (forwarders and root hints tests)
/DnsDelegation (delegations tests)
/DnsDynamicUpdate (dynamic update tests)
/DnsRecordRegistration (records registration tests)
/DnsResolveExtName (external name resolution test)
/DnsAll (includes all tests above)
/DnsInternetName: <internet name> (for test /DnsResolveExtName)
(default is www.microsoft.com)
/skip:<TestName> - Skip the named test. Required tests will still
be run. Do not mix with /test.
Tests that can be skipped are:
Replications - Checks for timely replication between domain controllers.
Topology - Checks that the generated topology is fully connected for
all DCs.
CutoffServers - Check for servers that won't receive replications
because its partners are down
NCSecDesc - Checks that the security descriptosrs on the naming
context heads have appropriate permissions for replication.
NetLogons - Checks that the appropriate logon priviledges allow
replication to proceed.
Advertising - Checks whether each DC is advertising itself, and whether
it is advertising itself as having the capabilities of a DC.
KnowsOfRoleHolders - Check whether the DC thinks it knows the role
holders, and prints these roles out in verbose mode.
Intersite - Checks for failures that would prevent or temporarily
hold up intersite replication.
FsmoCheck - Checks that global role-holders are known, can be
located, and are responding.
RidManager - Check to see if RID master is accessable and to see if
it contains the proper information.
MachineAccount - Check to see if the Machine Account has the proper
information. Use /RecreateMachineAccount to attempt a repair
if the local machine account is missing. Use /FixMachineAccount
if the machine account flags are incorrect
Services - Check to see if appropriate DC services are running.
OutboundSecureChannels - See if we have secure channels from all of the
DC's in the domain the domains specified by /testdomain:.
/nositerestriction will prevent the test from
being limited to the DC's in the site.
ObjectsReplicated - Check that Machine Account and DSA objects have
replicated. Use /objectdn:<dn> with /n:<nc> to specify an
additional object to check.
frssysvol - This test checks that the file replication system (FRS)
SYSVOL is ready
frsevent - This test checks to see if there are any operation errors
in the file replication system (FRS). Failing replication
of the SYSVOL share, can cause Policy problems.
kccevent - This test checks that the Knowledge Consistency Checker
is completing without errors.
systemlog - This test checks that the system is running without errors.
DcPromo - Tests the existing DNS infrastructure for promotion to domain
controller. If the infrastructure is sufficient, the computer
can be promoted to domain controller in a domain specified in
<Active_Directory_Domain_DNS_Name>. Reports whether any
modifications to the existing DNS infrastructure are required.
Required argument:
/DnsDomain:<Active_Directory_Domain_DNS_Name>
One of the following arguments is required:
/NewForest
/NewTree
/ChildDomain
/ReplicaDC
If NewTree is specified, then the ForestRoot argument is
required:
/ForestRoot:<Forest_Root_Domain_DNS_Name>
RegisterInDNS - Tests whether this domain controller can register the
Domain Controller Locator DNS records. These records must be
present in DNS in order for other computers to locate this
domain controller for the <Active_Directory_Domain_DNS_Name>
domain. Reports whether any modifications to the existing DNS
infrastructure are required.
Required argument:
/DnsDomain:<Active_Directory_Domain_DNS_Name>
CrossRefValidation - This test looks for cross-refs that are in some
way invalid.
CheckSDRefDom - This test checks that all application directory
partitions have appropriate security descriptor reference
domains.
VerifyReplicas - This test verifys that all application directory
partitions are fully instantiated on all replica servers.
VerifyReferences - This test verifys that certain system references
are intact for the FRS and Replication infrastructure.
VerifyEnterpriseReferences - This test verifys that certain system
references are intact for the FRS and Replication
infrastructure across all objects in the enterprise
on each DC.
CheckSecurityError - Locates security errors (or those possibly security related)
and performs the initial diagnosis of the problem.
Optional Arguments:
/ReplSource:<Source DC> to target a specific source,
regardless of it's error status. Need not be a current partner.
DNS - This test checks the health of DNS settings
for the whole enterprise. Sub tests can be run individually
using the switches below. By default, all tests except
external name resolution are run)
/DnsBasic (basic tests, can't be skipped)
/DnsForwarders (forwarders and root hints tests)
/DnsDelegation (delegations tests)
/DnsDynamicUpdate (dynamic update tests)
/DnsRecordRegistration (records registration tests)
/DnsResolveExtName (external name resolution test)
/DnsAll (includes all tests above)
/DnsInternetName: <internet name> (for test /DnsResolveExtName)
(default is www.microsoft.com)
The following tests are not run by default:
Topology - Checks that the generated topology is fully connected for
all DCs.
CutoffServers - Check for servers that won't receive replications
because its partners are down
OutboundSecureChannels - See if we have secure channels from all of the
DC's in the domain the domains specified by /testdomain:.
/nositerestriction will prevent the test from
being limited to the DC's in the site.
VerifyReplicas - This test verifys that all application directory
partitions are fully instantiated on all replica servers.
VerifyEnterpriseReferences - This test verifys that certain system
references are intact for the FRS and Replication
infrastructure across all objects in the enterprise
on each DC.
CheckSecurityError - Locates security errors (or those possibly security related)
and performs the initial diagnosis of the problem.
Optional Arguments:
/ReplSource:<Source DC> to target a specific source,
regardless of it's error status. Need not be a current partner.
DNS - This test checks the health of DNS settings
for the whole enterprise. Sub tests can be run individually
using the switches below. By default, all tests except
external name resolution are run)
/DnsBasic (basic tests, can't be skipped)
/DnsForwarders (forwarders and root hints tests)
/DnsDelegation (delegations tests)
/DnsDynamicUpdate (dynamic update tests)
/DnsRecordRegistration (records registration tests)
/DnsResolveExtName (external name resolution test)
/DnsAll (includes all tests above)
/DnsInternetName: <internet name> (for test /DnsResolveExtName)
(default is www.microsoft.com)
All tests except DcPromo and RegisterInDNS must be run on computers
after they have been promoted to domain controller.
Note: Text (Naming Context names, server names, etc) with International or
Unicode characters will only display correctly if appropriate fonts and
language support are loaded
}}}
{{{
hostb:/etc/boxbackup# cat raidfile.conf
#To reconfigure boxbackup-server run #dpkg-reconfigure boxbackup-server
disc0
{
SetNumber = 0
BlockSize = 4096
Dir0 = /home/108boxbackup
Dir1 = /home/108boxbackup
Dir2 = /home/108boxbackup
}
hostb:/etc/boxbackup#
}}}
The usual {{{df}}} doesn't show all partitions of your ESX-server, instead try {{{vdf}}}
{{{
[root@mother]# vdf -h
Filesystem Size Used Avail Use% Mounted on
/dev/cciss/c0d0p2 4.9G 2.0G 2.6G 44% /
/dev/cciss/c0d0p1 99M 29M 65M 31% /boot
none 131M 0 131M 0% /dev/shm
/dev/cciss/c0d0p6 2.0G 45M 1.8G 3% /var/log
/vmfs/devices 197G 0 197G 0% /vmfs/devices
/vmfs/volumes/4643f1e7-629ddfdd-904c-0019bbccc348
60G 21G 38G 35% /vmfs/volumes/storage1
/vmfs/volumes/46440f8b-b438c1fc-2890-0019bbccc348
68G 58G 9.6G 85% /vmfs/volumes/storage2
}}}
{{{
[root@sc-bromine04 vmfs]# esxcfg-nics -h
esxcfg-nics <options> [nic]
-s|--speed <speed> Set the speed of this NIC to one of 10/100/1000/10000.
Requires a NIC parameter.
-d|--duplex <duplex> Set the duplex of this NIC to one of 'full' or 'half'.
Requires a NIC parameter.
-a|--auto Set speed and duplexity automatically. Requires a NIC parameter.
-l|--list Print the list of NICs and their settings.
-r|--restore Restore the nics configured speed/duplex settings (INTERNAL ONLY)
-h|--help Display this message.
[root@sc-bromine04 vmfs]# esxcfg-nics -l
Name PCI Driver Link Speed Duplex MTU Description
vmnic0 03:00.00 bnx2 Up 1000Mbps Full 1500 Broadcom Corporation Broadcom NetXtreme II BCM5708 1000Base-T
vmnic1 05:00.00 bnx2 Up 1000Mbps Full 1500 Broadcom Corporation Broadcom NetXtreme II BCM5708 1000Base-T
vmnic2 0b:00.00 e1000 Up 1000Mbps Full 1500 Intel Corporation 82572EI Gigabit Ethernet Controller
[root@sc-bromine04 vmfs]#
}}}
Example: set vmnic0 to 10half
{{{
esxcfg-nics -s 10 -d half vmnic0
}}}
Syntax:
{{{
esxcfg-vswitch -A <portgroupname> <vswitchname>
}}}
Example:
{{{
esxcfg-vswitch -A SNOOP vSwitch2
}}}
Example:
{{{
esxcfg-vswitch -L vmnic2 vSwitch2
}}}
Example:
{{{
esxcfg-vswitch -a vSwitch1
}}}
{{{
[root@sc-bromine04 vmfs]# esxcfg-vswitch -h
esxcfg-vswitch [options] [vswitch[:ports]]
-a|--add Add a new virtual switch.
-d|--delete Delete the virtual switch.
-l|--list List all the virtual switches.
-L|--link=pnic Set pnic as an uplink for the vswitch.
-U|--unlink=pnic Remove pnic from the uplinks for the vswitch.
-M|--add-pg-uplink Add an uplink to the list of uplinks for a portgroup
-N|--del-pg-uplink Delete an uplink from the list of uplinks for a portgroup
-p|--pg=portgroup Specify a portgroup for operation
Use ALL to set VLAN IDs on all portgroups
-v|--vlan=id Set vlan id for portgroup specified by -p
0 would disable the vlan
-c|--check Check to see if a virtual switch exists.
Program outputs a 1 if it exists, 0 otherwise.
-A|--add-pg=name Add a new portgroup to the virtual switch.
-D|--del-pg=name Delete the portgroup from the virtual switch.
-C|--check-pg=name Check to see if a portgroup exists. Program
outputs a 1 if it exists, 0 otherwise.
-B|--set-cdp Set the CDP status for a given virtual switch.
To set pass one of "down", "listen", "advertise", "both".
-b|--get-cdp Print the current CDP setting for this switch.
-m|--mtu=MTU Set MTU for the vswitch. This affects all the nics attached on the vswitch.
-r|--restore Restore all virtual switches from the configuration file
(FOR INTERNAL USE ONLY).
-h|--help Show this message.
[root@sc-bromine04 vmfs]#
}}}
{{{
hostb:/etc/boxbackup/ca# ls -FlashR
.:
total 6.0K
1.0K drwx------ 6 root root 1.0K Jun 29 20:30 ./
1.0K drwxr-xr-x 4 root root 1.0K Jun 29 20:30 ../
1.0K drwx------ 2 root root 1.0K Jun 29 20:30 clients/
1.0K drwx------ 2 root root 1.0K Jun 29 20:33 keys/
1.0K drwx------ 2 root root 1.0K Jun 29 20:33 roots/
1.0K drwx------ 2 root root 1.0K Jun 29 20:30 servers/
./clients:
total 2.0K
1.0K drwx------ 2 root root 1.0K Jun 29 20:30 ./
1.0K drwx------ 6 root root 1.0K Jun 29 20:30 ../
./keys:
total 8.0K
1.0K drwx------ 2 root root 1.0K Jun 29 20:33 ./
1.0K drwx------ 6 root root 1.0K Jun 29 20:30 ../
1.0K -rw-r--r-- 1 root root 911 Jun 29 20:30 clientRootCSR.pem
2.0K -rw-r--r-- 1 root root 1.7K Jun 29 20:30 clientRootKey.pem
1.0K -rw-r--r-- 1 root root 911 Jun 29 20:33 serverRootCSR.pem
2.0K -rw-r--r-- 1 root root 1.7K Jun 29 20:33 serverRootKey.pem
./roots:
total 6.0K
1.0K drwx------ 2 root root 1.0K Jun 29 20:33 ./
1.0K drwx------ 6 root root 1.0K Jun 29 20:30 ../
1.0K -rw-r--r-- 1 root root 1021 Jun 29 20:30 clientCA.pem
1.0K -rw-r--r-- 1 root root 3 Jun 29 20:30 clientCA.srl
1.0K -rw-r--r-- 1 root root 1021 Jun 29 20:33 serverCA.pem
1.0K -rw-r--r-- 1 root root 3 Jun 29 20:33 serverCA.srl
./servers:
total 2.0K
1.0K drwx------ 2 root root 1.0K Jun 29 20:30 ./
1.0K drwx------ 6 root root 1.0K Jun 29 20:30 ../
hostb:/etc/boxbackup/ca#
}}}
{{{
hostb:/etc/boxbackup# cat /etc/boxbackup/raidfile.conf
#To reconfigure boxbackup-server run #dpkg-reconfigure boxbackup-server
108inspiron
{
SetNumber = 0
BlockSize = 4096
Dir0 = /home/bbstored/108/inspiron
Dir1 = /home/bbstored/108/inspiron
Dir2 = /home/bbstored/108/inspiron
}
hostb:/etc/boxbackup#
}}}
{{{
cmp $1 $2 &> /dev/null # /dev/null buries the output of the "cmp" command.
# cmp -s $1 $2 has same result ("-s" silent flag to "cmp")
# Thank you Anders Gustavsson for pointing this out.
#
# Also works with 'diff', i.e., diff $1 $2 &> /dev/null
if [ $? -eq 0 ] # Test exit status of "cmp" command.
then
echo "File \"$1\" is identical to file \"$2\"."
else
echo "File \"$1\" differs from file \"$2\"."
fi
}}}
{{{
[root@esx01 qla2xxx]# for file in $(ls); do echo; grep 'Device Name' $file ; grep \\-adapter\\- $file; done
}}}
{{{
for i in $(find /proc/scsi/qla2xxx/*); do echo $i; grep ersion $i; done
}}}
{{{
for file in $(find /proc/scsi/qla2xxx/*); do echo; echo $file; grep \\-adapter\\- $file; done
}}}
{{{
~ # for file in $(find /proc/scsi/qla2xxx/*); do echo; echo $file; grep 'Device Name' $file; grep \\-adapter\\- $file ; done
/proc/scsi/qla2xxx/10
Host Device Name vmhba3
scsi-qla1-adapter-node=200000c0dd1b6d43:be0011:1;
scsi-qla1-adapter-port=210000c0dd1b6d43:be0011:1;
/proc/scsi/qla2xxx/11
Host Device Name vmhba4
scsi-qla2-adapter-node=200000c0dd1c3cc1:be0013:1;
scsi-qla2-adapter-port=210000c0dd1c3cc1:be0013:1;
/proc/scsi/qla2xxx/12
Host Device Name vmhba5
scsi-qla3-adapter-node=200000c0dd1c3cc3:bf0012:1;
scsi-qla3-adapter-port=210000c0dd1c3cc3:bf0012:1;
/proc/scsi/qla2xxx/9
Host Device Name vmhba2
scsi-qla0-adapter-node=200000c0dd1b6d41:bf0010:1;
scsi-qla0-adapter-port=210000c0dd1b6d41:bf0010:1;
~ #
}}}
requires fping.exe
{{{
::@echo off
setlocal enabledelayedexpansion
::fpinger.cmd
for /l %%i in (1,1,99) do (
set count=%%i
rem echo !count!
set count=0!count!
set count=!count:~-2!
rem echo !count!
d:\data\bin\fping.exe -H d:\data\bin\hostlist.txt -n 10000 -T -L d:\data\bin\fping!count!.log
)
}}}
{{{
::filename: g.cmd
::description: starts firefox with a google search
::creator: jeff wardlaw, jeff@urgo.org
::create date: 20070505
::version: 0.1
start firefox "http://www.google.com/search?q=%*"
}}}
{{{get-vmhost | select name,cpuusagemhz,cputotalmhz,memoryusagemb,memorytotalmb | sort name | ft -auto}}}
{{{
PS C:\> get-vmhost | select name,cpuusagemhz,cputotalmhz,memoryusagemb,memorytotalmb | sort name | ft -auto
Name CpuUsageMhz CpuTotalMhz MemoryUsageMB MemoryTotalMB
---- ---------- ----------- ------------- ------------
esx01.lan 2604 20264 35784 65526
esx02.lan 8735 20264 31874 65526
esx03.lan 5041 20264 32499 65526
esx04.lan 4519 20264 36664 65526
esx05.lan 4667 20264 27532 65526
esx06.lan 5403 20264 42974 65526
}}}
{{{ get-vm | select name,memorymb | sort name | ft -auto}}}
{{{
::hosts
set param1=%1
if defined param1 (
type c:\windows\system32\drivers\etc\hosts | findstr -i %1
) else (
type c:\windows\system32\drivers\etc\hosts
)
exit /b
}}}
Ya gotta use IE. Damn.
Ya gotta add the ilo site to your trusted sites.
Ya gotta add configure the trusted sites with custom security level
*Internet Options
**Security
***Trusted Sites
****Custom Level
*****ActiveX controls and plug-ins
******Initialize and script ActiveX controls not marked as safe for scripting == Prompt
{{{
C:\Program Files (x86)\Compaq\Hpacucli\Bin>hpacucli.exe
}}}
{{{
=> ctrl all show config detail
}}}
{{{
The right thing would be to use a "if defined" statement, which is used to test for the existence of a variable. For example:
IF DEFINED somevariable echo Value exists
In this particular case, the negative form should be used:
IF NOT DEFINED somevariable echo Value missing
PS: the variable name should be used without "%" caracters.
}}}
{{{
~#
hostb:~# aptitude -t etch-backuports install boxbackup-server
Reading package lists... Done
Building dependency tree... Done
Reading extended state information
Initializing package states... Done
Writing extended state information... Done
Reading task descriptions... Done
Building tag database... Done
The following NEW packages will be automatically installed:
openssl
The following packages have been kept back:
linux-image-2.6.18-6-ixp4xx
The following NEW packages will be installed:
boxbackup-server openssl
0 packages upgraded, 2 newly installed, 0 to remove and 1 not upgraded.
Need to get 0B/1833kB of archives. After unpacking 4375kB will be used.
Do you want to continue? [Y/n/?]
Writing extended state information... Done
Preconfiguring packages ...
Selecting previously deselected package openssl.
(Reading database ... 16183 files and directories currently installed.)
Unpacking openssl (from .../openssl_0.9.8c-4etch3_arm.deb) ...
Selecting previously deselected package boxbackup-server.
Unpacking boxbackup-server (from .../boxbackup-server_0.11~rc2-3~bpo40+1_arm.deb) ...
Setting up openssl (0.9.8c-4etch3) ...
Setting up boxbackup-server (0.11~rc2-3~bpo40+1) ...
Creating bbstored user.
Adding system user `bbstored' (UID 104) ...
Adding new group `bbstored' (GID 104) ...
Adding new user `bbstored' (UID 104) with group `bbstored' ...
Not creating home directory `/var'.
Generating RSA private key, 2048 bit long modulus
............................+++
......................................+++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, YOUR name) []:Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:An optional company name []:
Creating config file /etc/boxbackup/raidfile.conf with new version
Creating config file /etc/boxbackup/bbstored.conf with new version
hostb:~#
}}}
Hmm, need a cheap enterprise network monitoring solution: let's try nagios.
Install base debian in a vm.
Install ntpd, exim, mailutils.
{{{
apt-get install ntpd exim mailutils
}}}
Configure ntp
Configure mail
Test mail
Install nagios, now what?
{{{
WindowsServer2003-KB914961-SP2-x86-ENU.exe /passive /norestart
}}}
{{{
@echo off
setlocal EnableDelayedExpansion
::ip.cmd
::by jeff wardlaw, jeff@urgo.org
::Date: 20070211
::windows batch file to set ip information from the command line
set interface=%1
set dhcp=%2
::testing value for interface
if not defined interface goto config
netsh interface ip show config | findstr /c:%interface% > nul
if %errorlevel% neq 0 goto config
::testing value for dhcp
if not defined dhcp goto dhcpconfig
if %dhcp%==dhcp goto %dhcp%
if %dhcp%==static goto %dhcp%
echo Second argument needs to be either "static" or "dhcp"
goto usage
:config
echo Huh?
if defined interface (
echo Interface %interface% doesn't seem to exist on this computer.
echo Maybe it's one of the following?
netsh interface ip show config | findstr interface
echo Use one of the interfaces in quotes as argument 1.
) else (
echo I need an interface to work on.
echo Try one of these:
netsh interface ip show config | findstr interface
)
goto usage
:dhcpconfig
if defined dhcp (
echo something is really wrong here
goto usage
) else (
echo I need a dhcp or static argument.
goto usage
)
:usage
echo.
echo Usage:
echo ip.cmd ^<interface name^> ^<static^|dhcp^>
echo.
echo If the interface name has spaces in it, please enclose the name in quotes.
echo example: ip.cmd "local area connection" dhcp
echo example: ip.cmd e0 static
goto cleanup
:dhcp
echo Doing:
echo netsh interface ip set address %interface% %dhcp%
netsh interface ip set address %interface% %dhcp%
echo Doing:
echo netsh interface ip set dns %interface% source=dhcp
netsh interface ip set dns %interface% source=dhcp
echo Doing: ipconfig /release
ipconfig /release
echo Doing: ipconfig /renew
ipconfig /renew
goto precleanup
:static
set /p ip="IP Address: "
set /p mask="Subnet Mask: "
set /p gateway="Gateway: "
set /p metric="Gateway Metric: "
set /p dns1="DNS1: "
set /p dns2="DNS2: "
echo Doing:
echo netsh interface ip set address name=%interface% static %ip% %mask% %gateway% %metric%
netsh interface ip set address name=%interface% static %ip% %mask% %gateway% %metric%
echo Doing:
echo netsh interface ip set dns name=%interface% static %dns1%
netsh interface ip set dns name=%interface% static %dns1%
echo Doing:
echo netsh interface ip add dns name=%interface% %dns2% index=2
netsh interface ip add dns name=%interface% %dns2% index=2
goto precleanup
:precleanup
netsh interface ip show config %interface%
goto cleanup
:cleanup
set interface=
set dhcp=
set ip=
set mask=
set gateway=
set metric=
endlocal
echo.
echo.
echo here's your current config:
echo.
ipconfig /all
exit /b
}}}
{{{
iptables -F
iptables -A INPUT -i lo -p all -j ACCEPT
iptables -A OUTPUT -o lo -p all -j ACCEPT
iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp --tcp-option ! 2 -j REJECT --reject-with tcp-reset
iptables -A INPUT -p tcp -i eth0 --dport 21 -j ACCEPT
iptables -A INPUT -p udp -i eth0 --dport 21 -j ACCEPT
iptables -A INPUT -p tcp -i eth0 --dport 22 -j ACCEPT
iptables -A INPUT -p udp -i eth0 --dport 22 -j ACCEPT
iptables -A INPUT -p tcp -i eth0 --dport 80 -j ACCEPT
iptables -A INPUT -p udp -i eth0 --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --syn -s 192.168.10.0/24 --destination-port 139 -j ACCEPT
iptables -A INPUT -p tcp --syn -s trancas --destination-port 139 -j ACCEPT
iptables -P INPUT DROP
}}}
from http://www.yolinux.com/TUTORIALS/LinuxTutorialIptablesNetworkGateway.html
start up up in debian with /etc/network/interfaces:
{{{
iface eth0 inet dhcp
pre-up iptables-restore < /etc/iptables.conf
}}}
Then redirect the output of iptables-save to the above location:
{{{
CactiVM:~# iptables-save > /etc/iptables/iptables.conf
}}}
You could even save this as a script to backup your current fw config before saving it:
{{{
cat > wrme.bash
today=`date +%Y%m%d%H%M`
cp /etc/iptables/iptables.conf /etc/iptables/iptables.conf.$today
iptables-save > /etc/iptables/iptables.conf
}}}
{{{
PS C:\> (get-vm | where {$_.name -like "*template_2k8*"} | get-view).markastemplate()
PS C:\>
}}}
sanity.exe needs to be in the same directory as the mtsan.dll.
sanity.exe –iqx 1 to query the state of the clone
sanity.exe –ibx 1 to fracture
sanity.exe –iBx 1 to synch
sanity.exe -ibBx 1 to fracture & sync in 1 command
!!Searching in less:
/<searchterm>
n to find againin doc
!!line numbers:
less -N
!!!Samba stuff
((SambaHostsAllow))
((SambaTestParm))
{{{
::mute.cmd
::created by jeff wardlaw, jeff@urgo.org
::20080323
::version 0.1
::requires nircmd.exe in path from http://www.nirsoft.net/utils/nircmd.html
::toggles mute on/off
nircmd.exe mutesysvolume 2
}}}
{{{C:\bin>netdom remove <computername> /domain:asdf.internal /UserD:jcw /PasswordD:* /REBoot}}}
{{{
C:\bin>netdom /?
The syntax of this command is:
NETDOM HELP command
-or-
NETDOM command /help
Commands available are:
NETDOM ADD NETDOM RESETPWD NETDOM RESET
NETDOM COMPUTERNAME NETDOM QUERY NETDOM TRUST
NETDOM HELP NETDOM REMOVE NETDOM VERIFY
NETDOM JOIN NETDOM RENAME
NETDOM MOVE NETDOM RENAMECOMPUTER
NETDOM HELP SYNTAX explains how to read NET HELP syntax lines.
NETDOM HELP command | MORE displays Help one screen at a time.
Note that verbose output can be specified by including /VERBOSE with
any of the above netdom commands.
The command completed successfully.
C:\bin>netdom help remove
The syntax of this command is:
NETDOM REMOVE machine /Domain:domain [/UserD:user]
[/PasswordD:[password | *]]
[UserO:user] [/PasswordO:[password | *]]
[/REBoot[:Time in seconds]]
NETDOM REMOVE Removes a workstation or server from the domain.
machine is the name of the computer to be removed
/Domain Specifies the domain in which to remove the machine
/UserD User account used to make the connection with the domain
specified by the /Domain argument
/PasswordD Password of the user account specified by /UserD. A * means
to prompt for the password
/UserO User account used to make the connection with the machine to be
removed
/PasswordO Password of the user account specified By /UserO. A * means
to prompt for the password
/REBoot Specifies that the machine should be shutdown and automatically
rebooted after the Remove has completed. The number of seconds
before automatic shutdown can also be provided. Default is
30 seconds
NETDOM HELP command | MORE displays Help one screen at a time.
The command completed successfully.
C:\bin>
}}}
{{{
netsh int ip show config
}}}
{{{
netsh int ip reset c:\filename.txt
}}}
showmount -e <host> shows exported directories
(13:02:23) jcmoore: smaug9: I use rsize=8192,wsize=8192, from what I've seen, those are fairly "standard"
{{{
nmap -PN -p1-65535 <hostname>
}}}
{{{
e:\>nmap
Nmap 4.62 ( http://nmap.org )
Usage: nmap [Scan Type(s)] [Options] {target specification}
TARGET SPECIFICATION:
Can pass hostnames, IP addresses, networks, etc.
Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254
-iL <inputfilename>: Input from list of hosts/networks
-iR <num hosts>: Choose random targets
--exclude <host1[,host2][,host3],...>: Exclude hosts/networks
--excludefile <exclude_file>: Exclude list from file
HOST DISCOVERY:
-sL: List Scan - simply list targets to scan
-sP: Ping Scan - go no further than determining if host is online
-PN: Treat all hosts as online -- skip host discovery
-PS/PA/PU [portlist]: TCP SYN/ACK or UDP discovery to given ports
-PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes
-PO [protocol list]: IP Protocol Ping
-n/-R: Never do DNS resolution/Always resolve [default: sometimes]
--dns-servers <serv1[,serv2],...>: Specify custom DNS servers
--system-dns: Use OS's DNS resolver
SCAN TECHNIQUES:
-sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans
-sU: UDP Scan
-sN/sF/sX: TCP Null, FIN, and Xmas scans
--scanflags <flags>: Customize TCP scan flags
-sI <zombie host[:probeport]>: Idle scan
-sO: IP protocol scan
-b <FTP relay host>: FTP bounce scan
--traceroute: Trace hop path to each host
--reason: Display the reason a port is in a particular state
PORT SPECIFICATION AND SCAN ORDER:
-p <port ranges>: Only scan specified ports
Ex: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080
-F: Fast mode - Scan fewer ports than the default scan
-r: Scan ports consecutively - don't randomize
--top-ports <number>: Scan <number> most common ports
--port-ratio <ratio>: Scan ports more common than <ratio>
SERVICE/VERSION DETECTION:
-sV: Probe open ports to determine service/version info
--version-intensity <level>: Set from 0 (light) to 9 (try all probes)
--version-light: Limit to most likely probes (intensity 2)
--version-all: Try every single probe (intensity 9)
--version-trace: Show detailed version scan activity (for debugging)
SCRIPT SCAN:
-sC: equivalent to --script=safe,intrusive
--script=<Lua scripts>: <Lua scripts> is a comma separated list of
directories, script-files or script-categories
--script-args=<n1=v1,[n2=v2,...]>: provide arguments to scripts
--script-trace: Show all data sent and received
--script-updatedb: Update the script database.
OS DETECTION:
-O: Enable OS detection
--osscan-limit: Limit OS detection to promising targets
--osscan-guess: Guess OS more aggressively
TIMING AND PERFORMANCE:
Options which take <time> are in milliseconds, unless you append 's'
(seconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m).
-T[0-5]: Set timing template (higher is faster)
--min-hostgroup/max-hostgroup <size>: Parallel host scan group sizes
--min-parallelism/max-parallelism <time>: Probe parallelization
--min-rtt-timeout/max-rtt-timeout/initial-rtt-timeout <time>: Specifies
probe round trip time.
--max-retries <tries>: Caps number of port scan probe retransmissions.
--host-timeout <time>: Give up on target after this long
--scan-delay/--max-scan-delay <time>: Adjust delay between probes
--min-rate <number>: Send packets no slower than <number> per second
FIREWALL/IDS EVASION AND SPOOFING:
-f; --mtu <val>: fragment packets (optionally w/given MTU)
-D <decoy1,decoy2[,ME],...>: Cloak a scan with decoys
-S <IP_Address>: Spoof source address
-e <iface>: Use specified interface
-g/--source-port <portnum>: Use given port number
--data-length <num>: Append random data to sent packets
--ip-options <options>: Send packets with specified ip options
--ttl <val>: Set IP time-to-live field
--spoof-mac <mac address/prefix/vendor name>: Spoof your MAC address
--badsum: Send packets with a bogus TCP/UDP checksum
OUTPUT:
-oN/-oX/-oS/-oG <file>: Output scan in normal, XML, s|<rIpt kIddi3,
and Grepable format, respectively, to the given filename.
-oA <basename>: Output in the three major formats at once
-v: Increase verbosity level (use twice or more for greater effect)
-d[level]: Set or increase debugging level (Up to 9 is meaningful)
--open: Only show open (or possibly open) ports
--packet-trace: Show all packets sent and received
--iflist: Print host interfaces and routes (for debugging)
--log-errors: Log errors/warnings to the normal-format output file
--append-output: Append to rather than clobber specified output files
--resume <filename>: Resume an aborted scan
--stylesheet <path/URL>: XSL stylesheet to transform XML output to HTML
--webxml: Reference stylesheet from Insecure.Org for more portable XML
--no-stylesheet: Prevent associating of XSL stylesheet w/XML output
MISC:
-6: Enable IPv6 scanning
-A: Enables OS detection and Version detection, Script scanning and Traceroute
--datadir <dirname>: Specify custom Nmap data file location
--send-eth/--send-ip: Send using raw ethernet frames or IP packets
--privileged: Assume that the user is fully privileged
--unprivileged: Assume the user lacks raw socket privileges
-V: Print version number
-h: Print this help summary page.
EXAMPLES:
nmap -v -A scanme.nmap.org
nmap -v -sP 192.168.0.0/16 10.0.0.0/8
nmap -v -iR 10000 -PN -p 80
SEE THE MAN PAGE FOR MANY MORE OPTIONS, DESCRIPTIONS, AND EXAMPLES
}}}
*Copy backup
**A copy backup copies all selected files but does not mark each file as having been backed up (in other words, the archive attribute is not cleared). Copying is useful if you want to back up files between normal and incremental backups because copying does not affect these other backup operations.
*Daily backup
** daily backup copies all selected files that have been modified the day the daily backup is performed. The backed-up files are not marked as having been backed up (in other words, the archive attribute is not cleared).
*Differential backup
**A differential backup copies files created or changed since the last normal or incremental backup. It does not mark files as having been backed up (in other words, the archive attribute is not cleared). If you are performing a combination of normal and differential backups, restoring files and folders requires that you have the last normal as well as the last differential backup.
*Incremental backup
**An incremental backup backs up only those files created or changed since the last normal or incremental backup. It marks files as having been backed up (in other words, the archive attribute is cleared). If you use a combination of normal and incremental backups, you will need to have the last normal backup set as well as all incremental backup sets in order to restore your data.
*Normal backup
**A normal backup copies all selected files and marks each file as having been backed up (in other words, the archive attribute is cleared). With normal backups, you need only the most recent copy of the backup file or tape to restore all of the files. You usually perform a normal backup the first time you create a backup set.
Backing up your data using a combination of normal backups and incremental backups requires the least amount of storage space and is the quickest backup method. However, recovering files can be time-consuming and difficult because the backup set can be stored on several disks or tapes.
Backing up your data using a combination of normal backups and differential backups is more time-consuming, especially if your data changes frequently, but it is easier to restore the data because the backup set is usually stored on only a few disks or tapes.
From: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/ntbackup_options_type.mspx?mfr=true
http://ask.metafilter.com/35884/My-keyboard-is-all-screwed-up-in-Outlook
!!!Evacuate datastore using pcli/svmotion
{{{
get-vm -datastore "<SourceDSName>" | % {move-vm $_ -datastore (get-datastore "<TargetDSName>")}
}}}
{{{
move-vm <vmname> -datastore <dsname>
}}}
!!!get datastore capacity/free
{{{
get-datastore zTemp*
}}}
{{{
PS C:\> get-datastore *temp* | sort freespacemb -descending | ft name, freespacemb -auto
Name FreeSpaceMB
---- -----------
zTempDS102 143266
zTempDS105 121853
zTempDS101 83103
zTempDS103 81092
zTempDS104 81059
zTempDS106 48305
}}}
{{{
pdftk 1.pdf 2.pdf 3.pdf cat output 123.pdf
}}}
{{{
>for ($i=1; $i -le 7; $i++)
>> {write-host fs0$i}
>>
fs01
fs02
fs03
fs04
fs05
fs06
fs07
[38]is45 {C:\}
>for ($i=1; $i -le 7; $i++)
>> {invoke-command {stop-service -force horcm0} -computer fs0$i
>> invoke-command {start-service horcm0} -computer fs0$i
>> }{
>> }
>>
WARNING: Waiting for service 'horcm0 (HORCM0)' to finish starting...
WARNING: Waiting for service 'horcm0 (HORCM0)' to finish starting...
WARNING: Waiting for service 'horcm0 (HORCM0)' to finish starting...
WARNING: Waiting for service 'horcm0 (HORCM0)' to finish starting...
WARNING: Waiting for service 'horcm0 (HORCM0)' to finish starting...
WARNING: Waiting for service 'horcm0 (HORCM0)' to finish starting...
WARNING: Waiting for service 'horcm0 (HORCM0)' to finish starting...
}}}
{{{
>get-vm -location vmhost1.dom.tld | Where-Object {$_.name -like "*test*"} | % {move-vm $_.name -location vmhost2.dom.tld}
}}}
Method1:
{{{
PS C:\> foreach ($_ in gc C:\bin\locservers.txt) {$_}
server-locfs01
server-locfs02
server-locfs03
server-locbg01
server-locbg02
server-locbg03
server-locbg04
server-eapplication
server-locsc01
server-locimage01
server-locportal
PS C:\>
}}}
Method2:
{{{
PS C:\bin> gc .\locservers.txt | foreach {$_}
server-locfs01
server-locfs02
server-locfs03
server-locbg01
server-locbg02
server-locbg03
server-locbg04
server-eapplication
server-locsc01
server-locimage01
server-locportal
PS C:\bin>
}}}
Shortcut: %sign
{{{
gci "c:\" -r | where {$_.name -like "*.txt"} | % {write-host $_.fullname}
}}}
See also:
http://technet.microsoft.com/en-us/library/ff730958.aspx
[[How to add, modify, or delete registry subkeys and values by using a registration entries (.reg) file|http://support.microsoft.com/kb/310516]]
{{{
idptransfer:~# testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[transfer]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
[global]
workgroup = SMIC1
server string = %h server
security = SHARE
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
name resolve order = lmhosts host wins bcast
dns proxy = No
panic action = /usr/share/samba/panic-action %d
invalid users = root
[transfer]
comment = idp transfer
path = /home/idp/TRANSFER
force user = idp
force group = idp
read only = No
guest ok = Yes
}}}
smbclient -L <host> lists smb shares
{{{
$ sed -i 's/ugly/beautiful/g' /home/bruno/old-friends/sue.txt
}}}
To ECHO from the command line, the name of every environment variable.
FOR /F "delims==" %G IN ('SET') DO @Echo %G
The same command with usebackq (Windows 2000 and above)
FOR /F "usebackq delims==" %G IN (`SET`) DO @Echo %G
To put the Windows Version into an environment variable
@echo off
::parse the VER command
FOR /F "tokens=4*" %%G IN ('ver') DO SET _version=%%G
:: show the result
echo %_version%
List all the text files in a folder
FOR /F "tokens=*" %%G IN ('dir /b C:\docs\*.txt') DO echo %%G
FOR /F "tokens=*" %%G IN ('dir/b ^"c:\program files\*.txt^"') DO echo %%G
{{{
HP5308-NCR1# sh lacp
LACP
PORT LACP TRUNK PORT LACP LACP
NUMB ENABLED GROUP STATUS PARTNER STATUS
---- ------- ------- ------- ------- -------
A2 Passive A2 Down No Success
A4 Active Trk1 Up Yes Success
C1 Disable C1 Up No Success
C2 Passive C2 Down No Success
C3 Passive C3 Down No Success
C4 Passive C4 Down No Success
C5 Passive C5 Up No Success
C6 Passive C6 Down No Success
C7 Passive C7 Down No Success
C8 Passive C8 Down No Success
C9 Passive C9 Up No Success
C10 Passive C10 Down No Success
C11 Passive C11 Down No Success
C12 Passive C12 Up No Success
C13 Passive C13 Down No Success
C14 Passive C14 Down No Success
C15 Passive C15 Up No Success
C16 Passive C16 Down No Success
C17 Passive C17 Up No Success
C18 Passive C18 Down No Success
C19 Passive C19 Down No Success
C20 Passive C20 Up No Success
C21 Passive C21 Down No Success
C22 Passive C22 Down No Success
C23 Passive C23 Down No Success
C24 Passive C24 Down No Success
D1 Active Trk10 Up Yes Success
D2 Passive D2 Up No Success
D3 Passive D3 Up No Success
D4 Passive D4 Down No Success
D5 Passive D5 Down No Success
D6 Passive D6 Down No Success
D7 Passive D7 Down No Success
D8 Passive D8 Down No Success
D9 Passive D9 Down No Success
D10 Passive D10 Down No Success
D11 Passive D11 Down No Success
D12 Passive D12 Down No Success
D13 Passive D13 Down No Success
D14 Passive D14 Down No Success
D15 Passive D15 Up No Success
D16 Passive D16 Down No Success
D17 Passive D17 Up No Success
D18 Passive D18 Down No Success
D19 Passive D19 Down No Success
D20 Passive D20 Down No Success
D21 Passive D21 Down No Success
D22 Passive D22 Up No Success
D23 Passive D23 Down No Success
D24 Passive D24 Down No Success
E1 Passive E1 Down No Success
E2 Passive E2 Down No Success
E3 Passive E3 Up No Success
E4 Passive E4 Up No Success
E5 Passive E5 Up No Success
E6 Passive E6 Up No Success
E7 Passive E7 Down No Success
E8 Passive E8 Down No Success
E9 Passive E9 Down No Success
E10 Passive E10 Down No Success
E11 Passive E11 Down No Success
E12 Passive E12 Down No Success
E13 Passive E13 Down No Success
E14 Passive E14 Up No Success
E16 Passive E16 Up No Success
F1 Active Trk10 Up Yes Success
F2 Passive F2 Down No Success
F3 Passive F3 Up No Success
F4 Passive F4 Down No Success
F5 Passive F5 Down No Success
F6 Passive F6 Down No Success
F7 Passive F7 Down No Success
F8 Passive F8 Down No Success
F9 Passive F9 Up No Success
F10 Passive F10 Down No Success
F11 Passive F11 Up No Success
F12 Passive F12 Up No Success
F13 Passive F13 Down No Success
F14 Passive F14 Down No Success
G1 Active Trk14 Up Yes Success
G2 Passive G2 Down No Success
G3 Passive G3 Down No Success
G4 Passive G4 Up No Success
G5 Active Trk2 Up Yes Success
G6 Active Trk4 Up Yes Success
G7 Active Trk4 Up Yes Success
G8 Active Trk14 Up Yes Success
G9 Passive G9 Down No Success
G10 Passive G10 Down No Success
G11 Passive G11 Up No Success
G12 Passive G12 Down No Success
G13 Passive G13 Down No Success
G14 Passive G14 Down No Success
G15 Active Trk15 Up Yes Success
H1 Passive H1 Blocked Yes Failure
H2 Passive Dyn1 Blocked Yes Failure
H3 Passive Dyn1 Blocked Yes Failure
H4 Passive H4 Up No Success
H5 Passive H5 Down No Success
H6 Passive H6 Up No Success
H7 Passive H7 Up No Success
H8 Active Trk2 Down No Success
H9 Passive H9 Down No Success
H10 Passive H10 Down No Success
H11 Passive H11 Down No Success
H12 Passive H12 Down No Success
H13 Passive H13 Down No Success
H14 Passive H14 Down No Success
H15 Passive H15 Down No Success
H16 Passive H16 Up No Success
HP5308-NCR1#
}}}
{{{
bladecage1sw03#sh int trunk
Port Mode Encapsulation Status Native vlan
Gi0/1 on 802.1q trunking 1
Gi0/2 on 802.1q trunking 1
Gi0/3 on 802.1q trunking 1
Gi0/4 on 802.1q trunking 1
Po1 on 802.1q trunking 1
Po2 on 802.1q trunking 1
Port Vlans allowed on trunk
Gi0/1 1-4094
Gi0/2 1-4094
Gi0/3 1-4094
Gi0/4 1-4094
Po1 1-4094
Po2 1-4094
Port Vlans allowed and active in management domain
Gi0/1 1,3,8
Gi0/2 1,3,8
Gi0/3 1,3,8
Gi0/4 1,3,8
Po1 1,3,8
Po2 1,3,8
Port Vlans in spanning tree forwarding state and not pruned
Gi0/1 1,3,8
Gi0/2 1,3,8
Gi0/3 1,3,8
Gi0/4 1,3,8
Po1 1,3,8
Po2 none
bladecage1sw03#
}}}
{{{
e:\>shutdown /?
Usage: shutdown [-i | -l | -s | -r | -a] [-f] [-m \\computername] [-t xx] [-c "comment"] [-d up:xx:y
y]
No args Display this message (same as -?)
-i Display GUI interface, must be the first option
-l Log off (cannot be used with -m option)
-s Shutdown the computer
-r Shutdown and restart the computer
-a Abort a system shutdown
-m \\computername Remote computer to shutdown/restart/abort
-t xx Set timeout for shutdown to xx seconds
-c "comment" Shutdown comment (maximum of 127 characters)
-f Forces running applications to close without warning
-d [u][p]:xx:yy The reason code for the shutdown
u is the user code
p is a planned shutdown code
xx is the major reason code (positive integer less than 256)
yy is the minor reason code (positive integer less than 65536)
e:\>
}}}
if you do not already have a key pair
$ ssh-keygen -t dsa
send your public key to each host you ssh into
$ cat ~/.ssh/id_dsa.pub | ssh you@host 'cat - >> ~/.ssh/authorized_keys2'
{{{
::start.cmd
rasdial dragnet5americas /phonebook:c:\dell\dragnet5\dragnet5.pbk
ping 4.2.2.2
start communicator
start outlook
start np
start ie http://siebelapp/service_enu/
}}}
You can run the script using the -x option which will trace
through it. You can do this in one of several ways:
Put this at the top of your script:
#!/bin/bash -x
From the command line:
bash -x scriptname
Or, for long scripts, put this line where you want to
start tracing (this way, you don't have to wade through
a lot of junk):
set -x
And this line where you want to stop:
set +x
pace = permission access control entry
pacl = permission access control list
sacl = system access control list (audit permissions)
dacl = discretionary access control list (grant/deny permissions)
Also see: http://alt.pluralsight.com/wiki/default.aspx/Keith.GuideBook/WhatIsAnAccessControlList.html
{{{
SubInAcl version 5.2.3790.1180
USAGE
-----
Usage :
SubInAcl [/option...] /object_type object_name [[/action[=parameter]...]
/options :
/outputlog=FileName /errorlog=FileName
/noverbose /verbose (default)
/notestmode (default) /testmode
/alternatesamserver=SamServer /offlinesam=FileName
/stringreplaceonoutput=string1=string2
/expandenvironmentsymbols (default) /noexpandenvironmentsymbols
/statistic (default) /nostatistic
/dumpcachedsids=FileName /separator=character
/applyonly=[dacl,sacl,owner,group]
/nocrossreparsepoint (default) /crossreparsepoint
/object_type :
/service /keyreg /subkeyreg
/file /subdirectories[=directoriesonly|filesonly]
/clustershare /kernelobject /metabase
/printer /onlyfile /process
/share /samobject
/action :
/display[=dacl|sacl|owner|primarygroup|sdsize|sddl] (default)
/setowner=owner
/replace=[DomainName\]OldAccount=[DomainName\]New_Account
/accountmigration=[DomainName\]OldAccount=[DomainName\]New_Account
/changedomain=OldDomainName=NewDomainName[=MappingFile[=Both]]
/migratetodomain=SourceDomain=DestDomain=[MappingFile[=Both]]
/findsid=[DomainName\]Account[=stop|continue]
/suppresssid=[DomainName\]Account
/confirm
/ifchangecontinue
/cleandeletedsidsfrom=DomainName[=dacl|sacl|owner|primarygroup|all]
/testmode
/accesscheck=[DomainName\]Username
/setprimarygroup=[DomainName\]Group
/grant=[DomainName\]Username[=Access]
/deny=[DomainName\]Username[=Access]
/sgrant=[DomainName\]Username[=Access]
/sdeny=[DomainName\]Username[=Access]
/sallowdeny==[DomainName\]Username[=Access]
/revoke=[DomainName\]Username
/perm
/audit
/compactsecuritydescriptor
/pathexclude=pattern
/objectexclude=pattern
/sddl=sddl_string
/objectcopysecurity=object_path
/pathcopysecurity=path_container
Usage : SubInAcl [/option...] /playfile file_name
Usage : SubInAcl /help [keyword]
SubInAcl /help /full
keyword can be :
features usage syntax sids view_mode test_mode object_type
domain_migration server_migration substitution_features editing_features
- or -
any [/option] [/action] [/object_type]
}}}
{{{
Display or modify Access Control Entries (ACEs) for file and folder Permissions, Ownership and Domain.
Access Control Lists apply only to files stored on an NTFS formatted drive, each ACL determines which users (or groups of users) can read or edit the file. When a new file is created it normally inherits ACL's from the folder where it was created.
Syntax
SUBINACL [/noverbose] /object_type object_name [/action=parameter] [/help]
Key
object_type: service e.g. /service Messenger \\ServerName\Messenger
keyreg e.g. /keyreg HKEY_CURRENT_USER\Software
/keyreg \\Srv\HKEY_LOCAL_MACHINE\KeyPath
file e.g. /file *.obj /file c:\test.txt
/file \\ServerName\Share\Path
subdirectories manipulate files in specified directory and all subdirectories
object_name : This will vary according to the object_type - see the examples above
action : setowner=owner
will change the owner of the object e.g. /setowner=MyDomain\Administrators
replace=SamName\OldAccount=DomainName\New_Account
will replace all ACE (Audit and Permissions) in the object
e.g. /replace=MyOldDomain\Finance=NEWDOM\Finance
changedomain=OldDomainName=NewDomainName
will replace all ACEs with a Sid from OldDomainName
with the equivalent Sid found in NewSamServer
e.g. /changedomain=MyOldDomain=NEWDOMAIN
This option requires a trust relationship with the server containing the object.
Examples:
subinacl can do everything that cacls and xcacls can do and more besides.
List permissions to log file:
subinacl /noverbose /nostatistic /outputlog=my.log /subdirectories "C:\Program Files\My Folder" /display
Restore Permissions:
subinacl /nostatistic /playfile my.log
Change owner :
subinacl /file C:\demofile.doc /setowner=MYDOMAIN\BillG
Bugs
Running subinacl against a subfolder, as in the example above will affect just that folder and it's contents. However if you run subinacl against a folder in the root of the drive it will scan the entire drive for folders matching that name (which can take some time).
e.g.
subinacl /subdirectories "C:\Spud"
Will also match
C:\Program Files\Spud
C:\Documents and Settings\Spud etc
}}}
{{{
tcpdump -nnvvSs 1514 -w capture1.pcap -C 100
}}}
Determine interface:
{{{
C:\>"c:\Program Files\Wireshark\tshark.exe" -D
1. \Device\NPF_GenericDialupAdapter (Adapter for generic dialup and VPN capture)
2. \Device\NPF_{4DB8640A-8B6A-464F-8788-71396098B36A} (EL574ND4 Ethernet Adapter
)
3. \Device\NPF_{24D2A19D-8CA2-4C95-9BAA-051DA889E5FF} (Intel(R) PRO/Wireless 220
0BG Network Connectio (Microsoft's Packet Scheduler) )
4. \Device\NPF_{57583FDA-71E3-4BC3-AE8B-6EE5F9C558B4} (Broadcom NetXtreme Gigabi
t Ethernet Driver (Microsoft's Packet Scheduler) )
C:\>
}}}
{{{
:: ts.cmd
set ts=c:\progra~1\wireshark\tshark.exe
%ts% -i 2 -w e:\wireshark\mtechd.pcap -b filesize:100000
:: -i :: interface #
:: -w :: filename
:: -b :: multiple file option filesize:<k>
}}}
1. If you'd asked someone in the 18th century what the perfect mode of transportation would be, they'd describe a faster horse that can run all day, carry a heavy load, and not need much food or water. They would not describe a car or a train or an airplane because, no one had yet laid out a vision for these modes of transportation.
2. The task is not to ask customers what they want but to ask them what they are trying to accomplish and what obstacles they face in meeting those goals.
[Paraphrased from http://www.userdriven.org/blog/2007/1/17/a-faster-horse.html]
This is an interesting example of what our department's focus should be. Segues nicely into a discussion about our mission statement.
*suspend vm
{{{
vmware-cmd /path/to/vmware.vmx suspend
}}}
*copy files to /vmfiles/backups
{{{
tar cf dirname.date.tar
}}}
*restart vm
{{{
vmware-cmd /path/to/vmware.vmx start
}}}
*compress files
{{{
bzip2 dirname.date.tar
}}}
*mail results
{{{
mail
{{{
[root@vmhost4 root]# /usr/local/bin/vmbk.pl --help
"my" variable $Tivoli masks earlier declaration in same scope at /usr/local/bin/
vmbk.pl line 211.
Unknown option: -
vmbk.pl Version 3.00.0 rev.11
Massimiliano Daneri
for support send email to
support@vmts.net
usage: /usr/local/bin/vmbk.pl -h | -d directory |-f <params> |-B <params> |-G <p
arams> <option>
-h print this help message
-------------------------------------------------------------------------------
-d backup destination directory
-f ftp server syntax: ftp='host',dir='remote directory',user='user name',
password='password',passive='true or false',timeout=<number>
-B use Veritas Netbackup syntax:policy='policyname'[,master='masterserver']
[,clientname='clientname'][,logfile='logfile][,prepost=true|false]
-G use Legato Networker syntax:server='servername',group='groupname'
[,pool='poolname'][,clientname='clientname']
-M use Tivoli Storage Manager syntax:type='incremental/selective/archive'
[,stanza='servername'][,archmc='management class']
-------------------------------------------------------------------------------
Options
-n nfs mount syntax: nfs='host:/share',mountpoint='/dir',options='options'
-s smb mount syntax: smb='//host/share'[,mountpoint='/dir']
[,user='domain\user name'][,password='password'][,options='options']
-e smtp='host',to='email address'[,from='email address'][,encode='encode ty
pe']
[,html=true|false] send a report by email
-l <logfile> create a test format log
-L <logfile> create a HTML format log
-y [facility=<facility>],{level=<level>] use syslog default 'local6' and 'i
nfo'
-t test mode
-i interactive mode
-H don't display header
-a backup all VM also guest with backup="manual"
-4 backup configuration file and CMOS
-c create restore command on export directory
-m export disk to unique directory
-j set minimum space permitted on destination directory
DEFAULT = 1024 (value in MB)
-J set min space permitted on VMFS partition to permit REDO disk
DEFAULT = 512 (value in MB)
-z use command cp instead of vmkfstools
-R use vmkfstool(raw mode more faster than cp. !!caution with smb share!!)
command to disk instead of cp
-5 set pre directory name (default 'vm-')
-b Backup session DEFAULT = 'default'
(use vmx parameter 'backup.session'=name)
-6 set timeout default 60000 ms (1min)
-v set guest to backup using "vm number order"
-F backup host configuration
-C Configuration File (set parameters by file)
-2 Force a dismount before the mount operation
-N create a file with a list of files to backup
-O Only do add redo (without redo commit)
-o Only do commit (without add redo)
-P run command before backup process
-p run command after backup process
-x select guest by vmx file ( es. -x /home/vmware/win2000/win2000.vmx,etc)
-7 use a temporary directory for export (move file after export)
-r create snapshot with memory dump
-Q create a tar.gz file one for each disk inside a unique guest directory
-q create only one tar.gz for each vm guest, with inside every file owned b
y vm
-g create a zip for each vm guest
-8 use the original vmdk disk filename
[root@vmhost4 root]#
}}}
{{{
::@echo off
::::::::::::::::::::::::::::::::::::::::
::wakeit.cmd
::purpose: wakes a list of computers via mc-wol.exe and then shuts them down.
::
::file requirements:
::sleep.exe
::Mc-wol.exe
::shutdown.exe from a winxp box (no 600sec limit)
::
::usage:
::wakeit.cmd <filename.ext>
::example:
::wakeit.cmd daves.txt
::::::::::::::::::::::::::::::::::::::::
set shutit=c:\wol\shutdown.exe
set sleepit=c:\wol\sleep.exe
set wake=c:\wol\mc-wol.exe
set shutdelay=10800
set sleepdelay=240
set file=%1
FOR /F "eol=# tokens=2,3 delims=," %%i in (%file%) do (
::wake it up
%wake% wakeup %%j > nul
)
sleep %sleepdelay%
FOR /F "eol=# tokens=2,3 delims=," %%i in (%file%) do (
::shut it down in 10800 seconds (3 hours)
%shutit% /m \\%%i /f /s /t %shutdelay%
)
exit /b
}}}
!!!1. Install Debian.
*Install from bizcard cd
*Update Debian
!!!3. Install apache
{{{
apt-get install apache
}}}
!!!4. Install mysql
run dispart volume list
then
{{{
C:\>for %i in (d h i z c y g e r) do (
More? echo %i >> diskfree.txt
More? fsutil volume diskfree %i: >> diskfree.txt
More? )
}}}
where the letters are the used drive letters
{{{
Xnest :1 -ac &
fluxbox -display :1
}}}
{{{
xset mouse 5/1 5
}}}