This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
fuss:networking [2020/05/16 22:55] – [Determine ISP Address Blocks] office | fuss:networking [2025/02/16 17:49] (current) – [Mirroring Packets using IPTables] office | ||
---|---|---|---|
Line 169: | Line 169: | ||
| '' | | '' | ||
| '' | | '' | ||
+ | |||
+ | |||
+ | or all in one line for a copy & paste: | ||
+ | < | ||
+ | 10.0.0.0/8 100.64.0.0/ | ||
+ | </ | ||
====== Adjusting Ring Parameters ====== | ====== Adjusting Ring Parameters ====== | ||
Line 213: | Line 219: | ||
</ | </ | ||
where: | where: | ||
- | * '' | + | * '' |
* '' | * '' | ||
Line 354: | Line 360: | ||
</ | </ | ||
+ | ====== Zooko' | ||
+ | Zooko' | ||
+ | * Human-meaningful: | ||
+ | * Secure: The amount of damage a malicious entity can inflict on the system should be as low as possible. | ||
+ | * Decentralized: | ||
+ | Examples: | ||
+ | * DNSSec requires centralization and is thus not // | ||
+ | * onion and bitcoin addresses are //Secure// and // | ||
+ | * i2p uses name-translation services and is thus not // | ||
+ | ====== Testing a DHCP Server Request ====== | ||
+ | nmap can be used to issue a DHCP request to a DHCP server in order to analyze what the DHCP server offers to clients. Issue: | ||
+ | <code bash> | ||
+ | nmap --script broadcast-dhcp-discover -e wlan1 | ||
+ | </ | ||
+ | in order to issue a DHCP DISCOVER message and request through the '' | ||
+ | |||
+ | The expected output is similar to: | ||
+ | < | ||
+ | Starting Nmap 7.93 ( https:// | ||
+ | Pre-scan script results: | ||
+ | | broadcast-dhcp-discover: | ||
+ | | | ||
+ | | | ||
+ | | IP Offered: 192.168.100.68 | ||
+ | | DHCP Message Type: DHCPOFFER | ||
+ | | | ||
+ | | IP Address Lease Time: 1d00h00m00s | ||
+ | | | ||
+ | | | ||
+ | | | ||
+ | | | ||
+ | | | ||
+ | |_ Router: 192.168.100.1 | ||
+ | WARNING: No targets were specified, so 0 hosts scanned. | ||
+ | Nmap done: 0 IP addresses (0 hosts up) scanned in 11.31 seconds | ||
+ | </ | ||
+ | |||
+ | ====== Automatically Create an IP Set for Amazon AWS ====== | ||
+ | |||
+ | The following script: | ||
+ | <code bash> | ||
+ | # | ||
+ | ########################################################################### | ||
+ | ## Copyright (C) Wizardry and Steamworks 2020 - License: GNU GPLv3 ## | ||
+ | ########################################################################### | ||
+ | # Downloads Amazon AWS networks and adds all the ip blocks to an ipset. | ||
+ | ########################################################################### | ||
+ | |||
+ | `ipset list AMAZON-AWS 2>/ | ||
+ | if [ $? = 1 ]; then | ||
+ | ipset create AMAZON-AWS hash:net family inet | ||
+ | fi | ||
+ | ipset flush AMAZON-AWS | ||
+ | |||
+ | for NETWORK in `curl -s https:// | ||
+ | jq ' | ||
+ | ipset add AMAZON-AWS " | ||
+ | done | ||
+ | |||
+ | </ | ||
+ | will process the AWS networks provided by Amazon and will generate an ipset to hold all the addresses using a network hash. | ||
+ | |||
+ | ====== Mirroring Packets using IPTables ====== | ||
+ | |||
+ | The '' | ||
+ | |||
+ | The following example will match TCP packets with the destination port set to '' | ||
+ | <code bash> | ||
+ | iptables -t mangle -A POSTROUTING -p tcp --dport 55435 -j TEE --gateway 192.168.0.80 | ||
+ | </ | ||
+ | |||
+ | ====== How to Quickly Copy a Large Number of Files Quickly Between Two Servers ====== | ||
+ | |||
+ | {{fuss: | ||
+ | |||
+ | ====== On Wireless Range Extenders ====== | ||
+ | |||
+ | TL;DR There are no " | ||
+ | |||
+ | Wireless range extenders are frequently marketed as solutions that can increase the wireless range. | ||
+ | |||
+ | More than often, the solutions can be classified as: | ||
+ | * fake repeaters, ie: they create a different access point (sometimes even pettily named after the SSID of the first by adding some characters) and connect to the original access point requiring users of the extended network to connect to the secondary access point (it works, but clients must be reconfigured to connect to the new network), | ||
+ | * Apple extreme uses just standard networking principles with a networking bridge connecting Apple base-stations via Ethernet and then just transmit sing the same SSID (multiple BSSID, one SSID), | ||
+ | * signal amplifiers, in principle signal amplifiers can amplify the frequency on which the wireless radio operates on but powerful amplifiers are expensive, | ||
+ | * antennas, [[/ | ||
+ | * mesh networking have infinite scaling in terms of range given that mesh networks form amongst peers and that their geometrical disposition of nodes is what determines the range but mesh networking requires nodes that can do mesh (ie: the phone won't be able to participate in this network seamlessly), | ||
+ | |||
+ | ===== Using hostapd and Multiple Computers to Extend the Network ===== | ||
+ | |||
+ | hostapd on Linux can be used to extend a wireless network if multiple computers are available with wireless cards (built-in or USB), preferably far from each other, simply by connecting the computers together via one network bridge and then running hostapd instances on all machines. | ||
+ | |||
+ | Aside from range, another reason to do this is that a wireless device can typically only accept a given amount of wireless clients before it starts refusing them. For example, on Linux, an Intel wireless card will start failing after a certain number of clients with the error message //" | ||
+ | |||
+ | < | ||
+ | + + + | ||
+ | | wlan0 | wlan0 | wlan0 | ||
+ | | | | | ||
+ | +------+ | ||
+ | | node +--+ | node +--+ | node +--+ | ||
+ | +--+---+ | ||
+ | | ||
+ | | eth0 | eth0 | eth0 | ||
+ | | ||
+ | | ||
+ | </ | ||
+ | where: | ||
+ | * all '' | ||
+ | * the nodes are connected together, for example, via Ethernet cable with each node's interface '' | ||
+ | |||
+ | The previous will require a configuration similar to the following on each node in their corresponding hostapd configuration file '' | ||
+ | < | ||
+ | interface=wlan0 | ||
+ | bridge=br1 | ||
+ | </ | ||
+ | and the rest will vary depending on optimizations. | ||
+ | The channel selection might be important given that multiple devices are available such that the whole frequency band allocated can be covered by the channel selection. The following is a representation of $20MHz$ (and $40MHz$) wide channels for the $2.4GHz$ network in terms of frequency coverage from an [[https:// | ||
+ | {{fuss: | ||
+ | Given the chart, it seems sensible to run each hostapd instance on the channels that would cover the entire frequency range, namely channel '' | ||
For the contact, copyright, license, warranty and privacy terms for the usage of this website please see the contact, license, privacy, copyright.