среда, 29 апреля 2015 г.

Move your server* to openvz container

Really simple, as usual. What you need:
1) Proxmox(or any other openvz web-frontend)
2) rsync
So basically these 6 steps:
1) Create new container (or create new config in /etc/vz/conf/)
2) Remove all the files in /var/lib/vz/private/ID/
3) Do initial rsync:
rsync -av --numeric-ids --exclude=/boot/* --exclude=/lib/modules/* --exclude=/tmp/* \
 --exclude=/etc/blkid --exclude=/etc/mtab --exclude=/etc/lvm --exclude=/etc/fstab \
 --exclude=/etc/udev --exclude=/proc/* --exclude=/sys/* --exclude=/dev/* \
root@REMOTEHOST:/ /var/lib/vz/private/ID/
4) Stop all the services on remote server(i.e. mysql, apache, etc)
5) Do second rsync:
rsync -av --delete --numeric-ids --exclude=/boot/* --exclude=/lib/modules/* --exclude=/tmp/* \
 --exclude=/etc/blkid --exclude=/etc/mtab --exclude=/etc/lvm --exclude=/etc/fstab \
 --exclude=/etc/udev --exclude=/proc/* --exclude=/sys/* --exclude=/dev/* \
root@REMOTEHOST:/ /var/lib/vz/private/ID/
6) Start your container

And you're done!
* If you're using systemd this will probably fail.

вторник, 28 апреля 2015 г.

Pad file with zeroes (or 0xFF)

So you need to add zeroes (or 0xFF) to the end of file and make resulting file be exact size.
For example, we will make 128kb file from 84kb file with 0xFF at the end.

So basically we open special device /dev/zero and getting zeroes from it. Then we change every 0x00 to 0xFF(tr). then we create 128k size file full of 0xFF(first dd invocation). Then we use dd again to replace beginning of file with our own file - breed-mt7620-reset1.bin. Then just rename our padded file to correct name. Pretty simple.
$ tr "00" "\377" < /dev/zero | dd ibs=1k count=128 of=paddedFile.bin
128+0 records in
256+0 records out
131072 bytes transferred in 0.020307 secs (6454503 bytes/sec)
$ dd if=breed-mt7620-reset1.bin of=paddedFile.bin conv=notrunc
163+1 records in
163+1 records out
83566 bytes transferred in 0.004907 secs (17029502 bytes/sec)
$ mv paddedFile.bin breed-mt7620-reset1_128k.bin

Uboot alternative - Breed.

Chinese developer Hackpascal released his alternative to standard routers uboot - Breed. It is universal bootloader that supports MT7620/MT7620a from MTK and AR9344 chips from Atheros. Most important features are:
  • web-interface
  • possibility of entering bootloader without using hardware button
  • telnet access to bootloader's cmdline
Telnet test:
$ telnet
Connected to
Escape character is '^]'.
Boot and Recovery Environment for Embedded Devices
Copyright © 2015 HackPascal 
Build date 2015-04-07 [git-3bc4220]
Version 1.0 (r446)

Starting breed built-in shell

breed> help^M
Avaliable commands:
about    - About this bootloader
arp      - Display ARP table
autoboot - Detect firmware type and boot automatically
boot     - Boot firmware
btntst   - Test GPIO of buttons
dhcp     - Display DHCP leases
exit     - Exit from telnet
flash    - Flash utility
gpio     - GPIO utilities
help     - Show avaliable commands
mem      - Memory operation utilities
mii      - MII utility
net      - Network control
netstat  - Display network state
reset    - Restart device
setbrg   - Set baudrate
sysinfo  - Display system information
thread   - Display all threads
wget     - Retrieval file through HTTP

You can download this new bootloader here: http://breed.hackpascal.net/ But beware - this loader is closed source, so noone can know, what's inside of it.

Iptables change packet destination address

So you've faced this problem - you can't do anything to application and you know which host this application trying to connect. For example, your application connects to remote host, but you need it to connect to So here's simple solution, as simple as this:
iptables -t nat -I OUTPUT --dest -j DNAT --to-dest