FreeBSD commands

The purpose of this post is to provide useful command needed while working on freebsd:

How to check ipv4 routing table:

netstat -rn -4

How to install a package:

pkg install apache24

How to get list of software installed in freebsd?

pkg list

View only specific content of a file :

grep -v '^#' httpd.conf
This command shows line which doesn't start with #

 

Advertisements
Posted in Linux | Leave a comment

Understanding HTTP methods

HTTP connect method:

One of the HTTP request is CONNECT method.  When you have a client with explicit proxy configured at that time when the client tries to connect to some https website then the client send a HTTP CONNECT request to proxy server requesting proxy server to build a tunnel with the website. The proxy server will reply with http 200 ok message upon building tunnel successfully.

.If the client is not aware that there is a proxy server then the client will send GET request.

Lets take an example:

For example I have a client 192.168.3.138 and the proxy server is 192.168.3.134 listening on port 3127. When the client will try to connect to http://www.youtube.com the client will send a HTTP CONNECT request instead of GET request.

http connect:

http-connect method

http 200 ok

http-200-ok-connect.JPG

If you look at http 200 ok it is not specifying for which http request this response is for. Now question arise how will you know which http 20 ok is for which http connection request.  You can get the source port of the http request and match it with the destination port of http response message.

HTTP DELETE method:

Delete request method can be used to delete the file. Possible response method are 202, 204,200

http-delete

CURL command to send a DELETE request

curl -X "DELETE" http://192.168.3.139/delete.file

HTTP head method:

HTTP head request ask server to send only the header of the requested URL. The response will not have any body.  In response you may get HTTP 200 ok

http-head request

http-head-response

HTTP OPTION method:

If you want to find out what all method are supported by a server you can use option method.

http-options

http-options-response

HTTP POST method:

HTTP POST method can be used when you want to send some data to server for example you have filled a form and you want to send the filled data to server then you can use POST method.

http-post method

http-post-response

Posted in HTTP | Leave a comment

Squid Proxy basics

How to start squid proxy in ubuntu?

service squid start

How to restart squid proxy in ubuntu?

service squid restart

Where the configuration file for squid proxy is stored.

The squid proxy configuration file “squid.conf” you will find in “/etc/squid/”

How to check if squid proxy is running or not?

Run command “service squid status” to check the status. Check the below highlighted and you will find if the proxy is running or not.

 â squid.service - LSB: Squid HTTP Proxy version 3.x
 Loaded: loaded (/etc/init.d/squid; bad; vendor preset: enabled)
 Active: active (running) since Mon 2017-12-11 21:52:52 IST; 3s ago
 Docs: man:systemd-sysv-generator(8)
 Process: 2549 ExecStop=/etc/init.d/squid stop (code=exited, status=0/SUCCESS)
 Process: 1309 ExecReload=/etc/init.d/squid reload (code=exited, status=0/SUCCESS)
 Process: 2632 ExecStart=/etc/init.d/squid start (code=exited, status=0/SUCCESS)
 CGroup: /system.slice/squid.service
 ââ2671 /usr/sbin/squid -YC -f /etc/squid/squid.conf
 ââ2673 (squid-1) -YC -f /etc/squid/squid.conf
 ââ2674 (logfile-daemon) /var/log/squid/access.log
 ââ2675 (pinger)
â squid.service - LSB: Squid HTTP Proxy version 3.x
 Loaded: loaded (/etc/init.d/squid; bad; vendor preset: enabled)
 Active: inactive (dead) since Mon 2017-12-11 21:51:14 IST; 1min 17s ago
 Docs: man:systemd-sysv-generator(8)
 Process: 2549 ExecStop=/etc/init.d/squid stop (code=exited, status=0/SUCCESS)
 Process: 1309 ExecReload=/etc/init.d/squid reload (code=exited, status=0/SUCCESS)
 Process: 612 ExecStart=/etc/init.d/squid start (code=exited, status=0/SUCCESS)

How to use wget with squid proxy:

http_proxy=”http://192.168.3.134:3127″ wget http://www.google.com
Posted in Squid proxy | Leave a comment

Resolving ASA 8.4 NAT mystery

ASA_8_4_NAT_Topology

Static NAT/PAT:

object network dynamic-nat-ip
 host 12.12.12.16 

object network R3
 host 13.13.13.13
 nat (dmz,outside) static dynamic-nat-ip service tcp telnet ftp

For traffic from dmz to outside this rule says that when 13.13.13.13 is trying to go to outside with source port as 23 then change the source ip to 12.12.12.16 and source port as 21. Check the below diagram:

dynamic nat dmz to out

For traffic from outside to dmz this rule says that when someone  is trying to go to 12.12.12.16 with destination port as 21 change the destination to 13.13.13.13 and destination port as 23. Check the below diagram

dynamic nat out to dmz

 

Posted in ASA | Leave a comment

Layer 2 Frame

A layer 2 frame contain following field:

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-++
|  preamble |   SFD  |  DMAC  |  SMAC  | Type/Length | Data + padding |  CRC   |
|   7 byte  | 1 byte | 6 byte | 6 byte |    2 byte   |  46-1500 byte  | 4 byte |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-++

Data: This contains payload. Minimum value of payload is 46 byte. Maximum value of payload for Ethernet is 1500. If the size of the payload is less then 46 byte then padding is used. If the size of the payload is >= 46 byte then padding is not used.

DMAC: This contain destination MAC address. The value of the field is 6 byte.

SMAC: This contain destination MAC address. The value of the field is 6 byte.

Type/Length: This field is overloaded. If the value in this field is >=1536 then this field is type other wise it is length. When this field is acting as length then this field tells how many bytes are present in the data field. If data is less than 46 bytes the amount of padding can be found out by length field

Type indicate what is the next header in payload. Following are the values:

0x0800 for IP
0x0806 for ARP
0x8100 for dot1q

==========================================================================

Tagging can be used to send a frame over trunk links. There are two type of tagging: ISL, 802.1q

ISL[Inter-Switch Link]:

ISL have 30 byte of header. It encapsulate the frame in it.

802.1q:

802.1q have 4 byte and the 802.1q tag is introduced within the layer 2 frame.

802.1 q tag is as follows:

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   TPID  | PRIORITY |  CFI  |   VID  |
|  2 byte |   3 bit  | 1 bit | 3 byte |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

After embedding into layer 2 frame the complete frame looks like below:

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
|  preamble |   SFD  |  DMAC  |  SMAC  | TPID   | PRIORITY | CFI   |  VID   |Type/Length | Data + padding |  CRC   |
|   7 byte  | 1 byte | 6 byte | 6 byte | 2 byte | 3 bit    | 1 bit | 3 byte |   2 byte   |  46-1500 byte  | 4 byte |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-

Note once 802.1q tag is introduced a new CRC is calculated and a new value if kept

802.1q

Posted in Protocol | Leave a comment

Subnetting

Purpose of this post is:

1> How To find all subnet and host ip in a given network?
2> How to find out the subnet when you are given with a ip and subnet mask?
3> How to break a network in such a way that you have n number of network or n number of host>

Subnet Chart:

subnet-chart

Number of subnet = 2^ # of subnet bit

Number of host in a subnet = 2^ # of host bits -2

# of subnet bit will be the additional bits taken

# of host bit will be # host bit remaining.

Class A have 8 network bit and 24 host bits.
Class B have 16 network bit and 16 host bits.
Class C have 24 network bit and 8 host bits.

To find all subnet and host in a given network:

Example #1:Let’s find number of host and subnet in 192.168.10.0/27

This is class C address and the default subnet mask for class c is /24 but here subnet mask is /27 so additional 3 (27-24) bits are taken from host bits.

In this example remaining number of host bit are 5 (32-27) and number of subnet bit taken is 3 (27-24)

Number of subnet = 2^3 = 8

Number of host in a subnet= 2^5-2= 30

First subnet:

First subnet will be 192.168.10.0/27

Second subnet:

To calculate the second subnet check the value of step at /27 in the subnet chart it is 32 so the next network will be 0+32

192.168.10.32/27

To calculate the third subnet check the value of step at /27 in the subnet chart it is 32 so the next network will be 32+32

192.168.10.64/27

To calculate the fourth subnet check the value of step at /27 in the subnet chart it is 32 so the next network will be 64+32

192.168.10.96/27

192.168.10.128/27

192.168.10.160/27

192.168.10.192/27

Last subnet:

192.168.10.224/27

====================================================================

Example #2:

Let’s find number of host and subnet in 172.16.10.0/27

This is class B subnet and the default subnet mask for class c is /16 but here subnet mask is /27 so additional 11 (27-16) bits are taken from host side.

In this example remaining number of host bit are 5 (32-27) and number of subnet bit taken is 11 (27-16)

Number of subnet = 2^11 = 2048

Number of host in a subnet= 2^5-2= 30

First subnet:

172.16.10.0/27

Second subnet:

172.16.10.32/27

172.16.10.64/27

172.16.10.96/27

172.16.10.128/27

172.16.10.160/27

172.16.10.192/27

172.16.10.224/27

172.16.11.0/27

:

:

Last subnet:

172.16.255.224/27

How to find out the subnet when you are given with a ip and subnet mask?

You have to do AND operation of IP address and the given subnet mask.

Example #1

For example 172.10.5.11/24 is equivalent to 172.10.5.11/255.255.255.0

172 AND 255 = 172

10 AND 255= 10

5 AND 255 = 5

11 AND 0 = 0

so subnet is 172.10.5.0/24

Trick if subnet mask have 255 then write the number as it is.

Example #2

For example 172.10.5.201/26 is equivalent to 172.10.5.201/255.255.255.192

Subnet would be 172.10.5.x/26

To find the value of x do following:

Step 1> Find out the step.

/26 = /24 +/2 In step chart the number written on /26 is 64 it means the step is 64

Step 2> Divide the ip with the step you got in step 1 and consider only the integer part of the number.

201/ 64 = 3.14

Step 3> Multiply step with the result you got in step 2
64 * 3 = 192 so value of x is 192

The subnet is 172.10.5.192/26

Example #3

10.7.4.163/25 is equivalent to 10.5.4.163/255.254.0.0 as last two octect are 0 we can ignore them.

Subnet would be 10.x.0.0/15

Find value of x

Step 1> Find out step /15 = /16- /2 in step chart the value is 2

Step 2> Divide 7/2 = 3.5

Step 3> Find the network 2*3 = 6

10.6.0.0/15

How to break a network in such a way that you have n number of network or n number of host:

Example #1 Lets say someone gave you a network 192.168.10.0/24 and asked to generate 40 network.

Step 1> We know the formula for number of network is 2^x

Step 2> Find a number x which so that 2^x is >= to required number of subnet.

2^6 = 64

Step 3> Determine the first subnet:

Find out the step: Subnet mask have 30 bits (6+24 note 24 is given to us and 6 we calculated in step 2) now check the subnet chart the step is 4

first subnet 192.168.10.0/30
Second subnet 192.168.10.4/30

Step 4> Number of host will be 2^y -2

Value of y is 32-30 (30 came from 6+24)

Posted in Other | Leave a comment

Number system conversion

Binary number system: This number system have two possibility (0,1)

Octal number system: This number system have 8 possibility (0,1,2,3,4,5,6,7) [3 bits can represent 8 possibility 2^3=8]

Decimal number system: This number system have 10 possibility (0,1,2,3,4,5,6,7,8,9)

Hexa decimal number system: This number system have 16 possibility (0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F)  [4 bits can represent 16 possibility 2^4=16]

To convert from a number system to another number system the easy way is to convert the number to binary number system and then convert it to required number system from binary number system.

Decimal to Binary:

Let’s take a decimal number 1610 we will convert it to binary.

First of all right down the following. Following series start from left 2^0, 2^1, 2^2, 2^3…. and can go till 2^n

d2b-1

dec-to-bin

Binary to Decimal:

bin-to-dec

 

Hexadecimal table:

hex

Octal table:

 

oct

========================================================

Binary to Hex:

bin-to-hex

========================================================

Hex to binary:

hex-to-bin

 

Octal to binary:

oct-to-bin

Binary to octal:

bin-to-oct

Posted in Other | Leave a comment