This article was useful to add interface into Windows OS quickly. Also this differentiation between TAP and TUN.
Acronyms explanation:
TAP = Terminating Access Point
TUN = Terminating Unbroadcasting Node
VPN = Virtual Private Network
This article was useful to add interface into Windows OS quickly. Also this differentiation between TAP and TUN.
Acronyms explanation:
TAP = Terminating Access Point
TUN = Terminating Unbroadcasting Node
VPN = Virtual Private Network
Here is non-breaking hyphen: ‑. You can copy & paste it freely where you want (it is open-source).
It was forked from this one (credit them for the original work).
Cisco AnyConnect VPN client is sometimes too restrictive (e.g. disconnecting internet on client side, when split tunnelling is not configured on server side, or running under privileged user - root or SYSTEM), and there comes OpenConnect giving more freedom to the user.
OpenConnect is truly multi-platform and partially also OpenConnect-GUI bundling OpenConnect for Windows and macOS. This GUI wrapper gives to using OpenConnect very similar way and feeling, as GUI of Cisco AnyConnect VPN client.
In Windows, after VPN connection established, if "split tunnelling" is not allowed on (Cisco) VPN server (concentrator), this can be bypassed on client side by increasing metric of TAP interface (to be higher than metric of physical network interface), and configuration of routes (slices) to be routed to VPN, but not anything other. This can be done e.g. via administrative shell (cmd.exe):
route add <IPsubnet> mask <mask> <IPdefaultGW-VPN> IF <IFnumber>
netsh interface ip set interface <IFnumber> metric=5
Routes, interfaces, default gateways, etc., can be displayed this way:
route print
Above commands may be chained (e.g. within the BAT file) this way (see https://stackoverflow.com/questions/8055371/how-do-i-run-two-commands-in-one-line-in-windows-cmd for details):
cmd /k "route print & route-add-command & netsh-interface-command & route print"
For macOS, this GUI wrapper is experimental, so OpenConnect can be installed also directly, not as part of GUI bundle (with sample usage with vpn-slice, to do client-side "split tunnelling" - allowing internet usage bypassing VPN):
(sudo) brew install openconnect
(sudo) brew install vpn-slice
(sudo) openconnect https://<address> -s 'vpn-slice <IPsubnet>/<mask>'
Similar setup should be possible also in Linux.
More info:
There are various ways, how to SCP through intermediary nodes, e.g. ProxyCommand (using netcat = nc), ProxyJump (scp -J), pipes, tunnels, ...
There is a new project hopscp, doing it without any of them, but prospectively may incorporate them in the future too, to make its possiblities wider.
By default, in its initial version, it is implementing this multi-hop SCP by sequential secure copying through whole chain, from source to target. Current maximum is:
[source_end] -> [source_hop] -> [local_host] -> [target_hop] -> [target_end]
For more information, download hopscp, read its heading synopsis, or run it to see its output in command-line.Useful site for HTTP(S) testing: https://httpstat.us/
Example 1:
curl --connect-timeout 5 -m 10 https://httpstat.us/200?sleep=7000 > test.curl
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 6 0 6 0 0 0 0 --:--:-- 0:00:07 --:--:-- 1
echo $?
0
Example 2:
curl --connect-timeout 5 -m 10 https://httpstat.us/200?sleep=10000 > test.curl
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:10 --:--:-- 0
curl: (28) Operation timed out after 10001 milliseconds with 0 out of -1 bytes received
echo $?
28
Notes about timeouts in curl:
https://unix.stackexchange.com/questions/94604/does-curl-have-a-timeout/94612
Add new file to rotation:
Inputs to functions:
https://tldp.org/HOWTO/Bash-Prog-Intro-HOWTO-8.html
Outputs from functions:
https://www.linuxjournal.com/content/return-values-bash-functions
Check for empty variable:
https://www.cyberciti.biz/faq/unix-linux-bash-script-check-if-variable-is-empty/
Keyboard shortcuts:
http://teohm.com/blog/shortcuts-to-move-faster-in-bash-command-line/
sudo cat /var/log/cron | cut -d ' ' -f 6- | sort | uniq -c | sort -nr
One-liner:
sudo grep -e '^select' -e '^insert' -e '^update' -e '^delete' /srv/data/mysql/mysql_slow.log | cut -d ' ' -f 1-3 | sort | uniq -c | sort -nr | head
Sample data:
{
"var_name1": {},
"var_name2": "string",
"var_name3": "long string",
"var_name4": 15
}
Fill Bash variable with extracted long string raw value from JSON:
VAR_NAME=`cat file.json | jq --raw-output '.var_name3'`
Then reference "chunks" of data using Bash variable index modifiers, e.g. by 255 characters:
VAR_NAME=`cat file.json | jq --raw-output '.var_name3'` ; echo $VAR_NAME ; echo ${VAR_NAME:0:255} ; echo ${VAR_NAME:255:255} ; echo ${VAR_NAME:510:255} ; echo ${VAR_NAME:765:255} ; echo ${VAR_NAME:1020:255}
Steps:
Using Azure portal:
https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal
Using Azure CLI:
https://docs.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli
Login via Azure CLI (password-based):
az login --service-principal
--tenant TENANT_ID
--username APP_ID
--password PASSWORD
Login via Azure CLI (certificate-based):
az login --service-principal
--tenant TENANT_ID
--username APP_ID --password /path/to/cert
Other sign-in options:
https://docs.microsoft.com/en-us/cli/azure/authenticate-azure-cli
git checkout -b new-branch
# more files can be added in this step too, wildcards supported
git add /path/to/locally/changed/file
git commit -m "commit message"
git show-branch
git push origin new-branch
Inspired by https://git-scm.com/book/en/v2/Git-Branching-Basic-Branching-and-Merging.