Setup Remote Syslog on Cisco

Posted on by
Reply

Configure Logging

First we need to drop into configuration mode

conf t

Now we run the following command. Change ip-address to the address of you remote syslog server.

logging host ip-address

You will want to make sure that your time/timezone is correct.

https://community.cisco.com/t5/networking-knowledge-base/how-to-configure-logging-in-cisco-ios/ta-p/3132434

Set timezone

Change UTC and 0 to your your timezone and how many hours off UTC you are. For example for EST you would do EST -5

clock timezone UTC 0

Here are just the commands

terminal config
logging on
logging logserveraddress
clock timezone UTC 0
quit
wr

Setting up Databricks Dolly on Windows with GPU

Posted on by
Reply

The total process can take awhile to setup Dolly. You’ll need a good internet connection and around 50GB of hard drive space.

Install Nvidia CUDA Toolkit

You’ll need to install the CUDA Toolkit to take advantage of the GPU. The GPU is much faster than just using the CPU.

https://developer.nvidia.com/cuda-downloads

Install Git

Install git from the following site.

https://git-scm.com/downloads

Download Dolly

Download Dolly with git.

git lfs install 
git clone https://huggingface.co/databricks/dolly-v2-12b

Install Python

We’ll also need Python installed if it is not already.
https://www.python.org/downloads/release/

Next we’ll need the following installed

py.exe -m pip install numpy
py.exe -m pip install accelerate>=0.12.0 transformers[torch]==4.25.1
py.exe -m pip install numpy --pre torch --force-reinstall --index-url https://download.pytorch.org/whl/nightly/cu117 --user

The last one is needed to get Dolly to utilize a GPU.

Run Dolly

Run a python console. If you run it as administrator, it should be faster.

py.exe

Run the following commands to set up Dolly.

import torch
from transformers import pipeline

generate_text = pipeline(model="databricks/dolly-v2-3b", torch_dtype=torch.bfloat16, trust_remote_code=True, device_map="auto")

# Or to use the full model run

generate_text = pipeline(model="databricks/dolly-v2-12b", torch_dtype=torch.bfloat16, trust_remote_code=True, device_map="auto")

Note: if you have issues, you may want/need to specify an offload folder with offload_folder=”.\offloadfolder”. An SSD is preferable.
Also if you have lots of RAM, you can take out the “torch_dtype=torch.bfloat16”

Alternatively, if we don’t want to trust_remote_code, we can do run the following

from instruct_pipeline import InstructionTextGenerationPipeline
from transformers import AutoModelForCausalLM, AutoTokenizer

tokenizer = AutoTokenizer.from_pretrained("databricks/dolly-v2-3b", padding_side="left")
model = AutoModelForCausalLM.from_pretrained("databricks/dolly-v2-3b", device_map="auto")

generate_text = InstructionTextGenerationPipeline(model=model, tokenizer=tokenizer)

Now can ask Dolly a question.

generate_text("Your question?")

Example:

>>> generate_text("Tell me about Databricks dolly-v2-3b?")
'Dolly is the fully managed open-source engine that allows you to rapidly build, test, and deploy machine learning models, all on your own infrastructure.'

Further information is available at the following two links.

https://github.com/databrickslabs/dolly
https://huggingface.co/databricks/dolly-v2-3b

Cisco, Reload in X Minutes and Canceling

Posted on by
Reply

Cisco’s can be rebooted with the reload command. The reload command allows you to specify how many minutes like

reload 5

to reload in 5 minutes. We can also reload at a specific time. For instance

reload 13:30

will reload the router at 1:30PM.

For a Cisco config to remain permanent, we have to “write” i.e. save the config. By default, making changes, for instance an IP address on an interface, will get wiped on a reboot or reload.

We can take advantage of this behavior to “test” changes on a Cisco router.

Example:

  1. Run the command “reload 10” to reboot the router in 10 minutes. The plan is to cancel the reload after making sure our changes work
  2. Make the needed changes to the Router.
  3. After verifying that everything is working, run the “reload cancel” command to cancel the reload
  4. Now we can run “write” to save our new config

To recap reload 10 will reload a router in 10 minutes
If we loose access to the router while making changes, once 10 minutes has expired, the router will reload, returning it to the last know working state.
The reload cancel command will cancel the reload.
write will make our config persistent across reboots/reloads

https://superuser.com/questions/1080513/cisco-router-auto-restart-in-x-seconds

Simple OSPF between Mikrotik Routers

Posted on by
Reply

https://help.mikrotik.com/docs/display/ROS/OSPF

Setting up OSPF between Mikrotik routers is not too difficult. The following commands should work with RouterOS version 7+. Run these commands on each Mikrotik changing out the router-id.

Create a Loop-back interface

First it would be a good idea to create an loopback interface that will stay up. We’ll use this address as the router-id. This should be unique per router.

/interface/bridge/add name=loopback
/ip/address/add address=1.2.3.4 interface=loopback

Now lets setup OSPF.

Create OSPF Instance

First we’ll create the instance. Use the address from the above loopback address. Technically you can use whatever id you want as long as it is a 32 bit “address” and is unique.

/routing/ospf/instance/add name=default router-id=1.2.3.4

IMPORTANT NOTE: If this router is also the default gateway, you’ll need to specify the “originate-default=always” option to share the default gateway over OSPF to the other routers. You don’t have to do this if you don’t want to share the default route.

Create OSPF Area

Now we can create an OSPF area. For a simple OSPF setup, we’ll just use the default 0.0.0.0 area.

routing/ospf/area/ add name=default area-id=0.0.0.0 instance=default

Create Instance

Now we can add an instance. This is responsible for what networks get shared with OSPF. If you want to do all the addresses on the router, then use 0.0.0.0/0. If you only want to do specific networks, run an entry for every network, changing 0.0.0.0/0 to the network of interest.

/routing/ospf/interface-template/add networks=0.0.0.0/0 area=default

Wrapping Up

After that we can check to make sure things worked.

/routing/ospf/neighbor/print

You should see at a neighbor. It can take a little bit for the neighbors to show up.

You can also check the routes on the router.

/ip/route/print

OSPF has a default distance of 110, so checking the routes is a quick way to verify the routes are getting updated. Do note that if you have a static route in with a lower distance, that will take precedence over OSPF.

Exim Troubleshooting Email Logs

Posted on by
Reply

The following is a great article explaining the main Exim log.

https://forums.cpanel.net/resources/reading-and-understanding-the-exim-main_log.383/

The following are some helpful tips from the post.

Search log by email address

You can search for specific addresses with the exigrep. Replace email@address with the email address of interest.

exigrep email@address /var/log/exim_mainlog

Message Direction

Looking at entries in the main log, some of the messages will have an indicator from the following table that tell us the status of the message and/or where it came from or went.

<=Indicates the arrival of a message to Exim for handling
=>Shows a normal message delivery
->Additional address for the same delivery, i.e. an Email forwarder.
>>cutthrough is a router precondition
This option requests delivery be attempted while the item is being received. It is usable in the RCPT ACL and valid only for single-recipient mails forwarded from one SMTP connection to another. If a recipient-verify callout connection is requested in the same ACL it is held open and used for the data, otherwise one is made after the ACL completes.
*>delivery suppressed by -N
**delivery failed; address bounced
==delivery deferred; temporary problem
<>For “<>” from the exim manual; Additionally, you will often find A bounce message is shown with the sender address “<>”, and if it is locally generated, this is followed by an item of the form
R=<message id>

Some other posts that may be helpful while troubleshooting mail deliveries.

View messages by ID

Exim View Email Message by ID

Bulk Delete Messages in Queue

Exim Bulk Remove Email Messages in Queue

Unable to launch Flatpaks on Fedora using Hardened Kernel

Posted on by
Reply

If you have installed the hardened Linux Kernel on Fedora, you may have encountered the following error when trying to launch Flatpak applications.

bwrap: No permissions to creating new namespace, likely because the kernel does not allow non-privileged user namespaces. On e.g. debian this can be enabled with 'sysctl kernel.unprivileged_userns_clone=1'.
error: Failed to sync with dbus proxy

https://security.stackexchange.com/questions/209529/what-does-enabling-kernel-unprivileged-userns-clone-do

https://github.com/containers/bubblewrap/issues/324

The issue looks to arise from the fact that the hardened Linux Kernel disables unprivileged name space and Fedora does not have setuid on by default on the bubblewrap executable.

Enabling setuid on bubblewrap

You can set the setuid permission on the bubblewrap executable with

sudo chmod u+s /usr/bin/bwrap

Allow Unprivileged Name Space (Alternative work around)

You could also allow unprivileged name space by running 

sysctl kernel.unprivileged_userns_clone=1

Note that setting the setuid seems the safer/recommended option.

It looks like using the setuid binary for bubblewrap would be better to use then enabling unprivileged user space.

https://madaidans-insecurities.github.io/guides/linux-hardening.html#sysctl-kernel

Remove setuid on bubblewrap

If you would like to remove the setuid permission for any reason, you can with the following command.

sudo chmod u-s /usr/bin/bwrap

How to POST a message to a Telegram Channel

Posted on by
Reply

It’s fairly easy to send a message to a Telegram Channel using curl. Copy and paste the following command in, replacing the API_TOKEN, chat_id, and test_message, with the appropriate items.

curl -s -o /dev/null -X POST -H "Content-Type: application/json" -d "{\"chat_id\": \"-100XXXXXXXXXX\", \"text\": \"test_message\", \"disable_notification\": true}" https://api.telegram.org/bot{API_TOKEN}/sendMessage

https://stackoverflow.com/questions/68213124/telegram-example-of-how-to-use-curl-for-windows-10-to-message-myself-with-a-bot

Need to send a message to Teams? Check out the following post.

Bash script to send messages to Microsoft Teams

Can you run a Dell PowerEdge server on 120v and 240v?

Posted on by
Reply

The short answer is no. At least on some of the newer Dell PowerEdge servers. There are some places online where it sounds like it may work with certain servers.

If you are running on 120v and then plug in a 240v line on the second PSU, the PSU light flashes 3 times and then stays off.

From the iDRAC we can see that one PSU Input Line Type is Low line (120v) and the other is High line (240v)

As a side note, the Input Wattage is different because we can pull more watts from a 240v line. Watts are Amps X Voltage, so halving our voltage, halves our total wattage.

Looking through the Lifecycle Log we see the following saying that the PSU is disabled because of a input voltage mismatch.