Jul 12

Windows 10: Internal Virtual Switch with NAT

Reading time: 2 – 4 minutes

When you are playing with Windows Hyper-V and you want to create a completely virtual internal network with private virtual machines inside your Windows 10 machine virtual switch are mandatory.

Then it’s the time to connect that virtual switch with the host machine using a virtual network interface. All those steps can be done using Hyper-V manager user interface, but you cannot control 100% of parameters like enable, or not, the NAT of the virtual internal network.

Using PowerShell the steps are:

New-VMSwitch -SwitchName NATSwitch -SwitchType Internal
New-NetIPAddress -IPAddress 10.46.1.1 -PrefixLength 24 -InterfaceAlias "vEthernet (NATSwitch)"
New-NetNAT -Name NATNetwork -InternalIPInterfaceAddressPrefix 10.46.1.0/24

Of course, change “NATSwitch” for your switch name and “10.46.1.1” for the IP address of the host virtual network card. Finally “NATNetwork” is another arbitrary name for referring to the NAT rule, and “10.46.1.0/24” is the network address of the virtual internal host network.

Running the commands looks like:

For removing what you did:

Remove-VMSwitch -Name "NATSwitch"
Remove-NetIPAddress -InterfaceAlias "vEthernet (NATSwitch)"
Remove-NetNAT -Name NATNetwork

In Windows 10 IP forwarding is not enabled and packets between interfaces are not routed. According to the Microsoft forums, you can enable IP forwarding (routing) using the following steps:

Go to Start and search on cmd or command. Right click on either cmd or command then select Run as administrator. At the command prompt type regedit. Navigate to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\Tcpip\Parameters\IPEnableRouter setting, right click and select Modify. Change 0 to 1 and exit the editor.

When your back at the command prompt type services.msc and navigate to the Routing and Remote Access service. Right click and select Properties. Change to Automatic and click on Start to start the service.

I had to research a long time until I found all this information, but in my case leverage my proofs of concepts to another level.

Jul 07

rp_filter Linux kernel feature

Reading time: 1 – 2 minutes

It’s just an IP spoofing protection which is by default enabled on Linux kernels. When it’s value is ‘1’ means that all IP address which are not directly routable and received form a network interface they are directly discarded.

So, if you want to scan a range of IP address in your LAN which not belong to that interface address space when packets from IP addresses are received they are going to be discarded by the kernel. So, take that into account when you have those “unusual” requirements.

It can be enable/disabled by all interfaces or just one:

root@mini9:/proc/sys/net/ipv4# cat ./conf/all/rp_filter
1
root@mini9:/proc/sys/net/ipv4# cat ./conf/ztly5q4n37/rp_filter
1

Jul 05

Zerotier peers monitored on Windows PowerShell

Reading time: < 1 minute

No words just a simple an powerful .ps1 script:

while (1) { Start-Process -NoNewWindow -FilePath 'C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe' -ArgumentList "-q","peers"; sleep 5; cls }

Or just a command, even equally useful.

May 27

DRY DHCP Client: request and IP address to the DHCP server without a DHCP Client

Reading time: < 1 minute

When you want to discover LAN metadata without being part of that network. So, when you want to discover network address range, gateway, DNS IPs, DHCP server IPs, etc. this simple nmap parameter will help you so much.

# nmap --script broadcast-dhcp-discover

Starting Nmap 7.60 ( https://nmap.org ) at 2021-05-19 15:07 CEST
Pre-scan script results:
| broadcast-dhcp-discover:
|   Response 1 of 1:
|     IP Offered: 192.168.1.127
|     DHCP Message Type: DHCPOFFER
|     Subnet Mask: 255.255.255.0
|     Renewal Time Value: 4d00h00m00s
|     Rebinding Time Value: 7d00h00m00s
|     IP Address Lease Time: 8d00h00m00s
|     Server Identifier: 192.168.1.1
|     Router: 192.168.1.1
|_    Domain Name Server: 8.8.8.8, 8.8.4.4
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 1.43 seconds

May 26

Alive: shell script for alive monitoring using PING

Reading time: < 1 minute

Simple shell script based on bash which monitor a host with command line ping. Just bash and ping are the unique dependencies. Only state change are going to be printed:

#!/bin/bash

IP="THE_IP_TO_MONITOR"
STATE="offline"

show_state()
{
  echo "$(date '+%Y-%m-%dT%H:%M:%S') - " + $STATE;
}

while true;
do
  ping -c 4 $IP > /dev/null 2>&1
  if [ "$?" = "0" ]; then
    if [ "$STATE" = "offline" ];
    then
      STATE="online"
      show_state
    fi
  else
    if [ "$STATE" = "online" ];
    then
      STATE="offline"
      show_state
    fi
  fi
  sleep 10
done

Nov 27

Get Linux system process list without ‘ps’ command

Reading time: < 1 minute

When you work with embedded systems sometimes you would feel happy to have a Linux box until you discover there are plenty of basic things that you don’t have available, the extreme of that could be the ‘ps’ command which is used most of the time for checking if any process is running . Maybe you know that thanks the /proc filesystem there is access to the source of the information.

Keep next command close for solving this inconvenience he next time:

find /proc -mindepth 2 -maxdepth 2 -name exe -exec ls -lh {} \; 2>/dev/null

Sep 12

RDP vs Team Viewer vs Anydesk

Reading time: 4 – 6 minutes

Lately I bought a Surface Go for working specially as an agenda and for working outside home when I don’t have to work on technical stuff. At some point I considered the idea of working on that device remotely when I’m working with my desktop environment because it could be more comfortable specially because I have a bigger screen and keyboard for interacting with the content that I have on the tablet.

The first thing that I tried to do was enabling Remote Desktop Protocol on my Surface Go. But it was officially impossible because it has Windows 10 Home and the “Home” version doesn’t have this feature. BTW when you are not comfortable with this the best is googling little for finding any hack which allow me to enable the service. And yes, it exists and works really well.

You can find the project which hacks that in Windows 10 Home GitHub it’s called “rdpwrap” and if you want to know more about that go to next links:

After so much effort for getting RDP working on Windows 10 I discovered that RDP doesn’t work like Team Viewer, so you’re not going to control remote desktop while you can view what is happening in that remote session. This is not mandatory for me but in some cases it’s really useful. After some weeks I had to install Team Viewer for getting that feature working and I rediscovered that tool after some years without using it, and I was pleased to discover how good it works and how it improved after some years.

Then something inside me triggered the idea to look it up for an alternative to Team Viewer without so many restrictions and with a better free version. After trying some alternatives to Team Viewer I have to recommend Anydesk as an excellent and simple to use tool. And the most important thing, you don’t have to install anything in your Linux, Mac or Windows computer for using it. The only thing that you have to do is run the executable and use the auto-generated code for connecting to the remote system. I felt very good for those features and currently this is the option which I use for giving some support to friends remotely and for connecting to my Surface Go desktop remotely from my desktop computer.

As you can see this is not an exahustive revision, or comparsion of feautrues of all those three tools. But at the end of the day most of them allow you to do the same things but with slightly different procedures. BTW, the killer feature for me is something that I’ve got from “join.me” in the past, I mean use a tool for remote desktop control without having to install anything in the server and neither in the client part. I didn’t talk about “join.me” because it eats all my resources when I run it, and they focused the tool as a meeting tool and this is not anything that I want. Those extra features killed IMHO the best things that tool had in the past.

TL;DR

The best option IMHO and for my use is Anydesk.

Enjoy it.

Jun 11

Nested byobu, re-assigning shortcuts

Reading time: 2 – 2 minutes

I’m a byobu user for a long time, I love it for many reasons. But this is just a quick tip for extreme users like me. I mean people who use byobu for local consoles with remote byobu sessions running on top of SSH, for instance.

When prefix key combinations has to be sent to the remote host we have to press “Control + a + a” and finally the command that we want to send to the remote systems. This is not comfortable many times. So, I modified my configuration file for changing the prefix when I want to send remote commands to the nested byobu.

This is going to work this way:

Control + a

    • as a prefix for local byobu session.

Control + b

    as a prefix for remote byobu session

Take a look on this screen capture where you can see byobu status bars stacked.

If you find useful the configuration that I described the only thing that you have to do is modify the configuration file: ~/.byobu/keybindings.tmux

unbind-key -n C-a 
set -g prefix C-a
set -g prefix2 F12
unbind-key -n C-b 
bind-key -n C-b send-prefix

I hope this is useful as it is for me.