iptables mirror target for linux kernel 3.1

After my last kernel upgrade I tried to build the iptables mirror target published here. The iptables mirror target takes the packet sent to your machine and returns the same packet to the machine the packet came from. Thus, let’s say someone tries to scan your machine or tries an attack he would scan his own machine or even attack his own machine. Guess what happened when I tried it with kernel versions 3.1 and 3.2 , it did not build anymore with the current linux kernel. There were some changes in the  kernels network stack. So I had to modify the iptables mirror target again to make the module work with current kernel versions. You can download the newer release for kernel version 3.1 and probably future kernels here:

MIRROR.3.1.0.tar.gz (2362) gplv3-127x51

The kernel module has been tested with kernel version 3.2.1 and 3.1. To build the module, boot the kernel you want to use the module with. Afterwards unpack the archive and run the compile.sh script to build the module. Then run the install.sh script for installing the compiled module into the /lib/modules directory for your kernel.

Now you may use the mirror target in place of the REJECT or DROP target in the INPUT, FORWARD and PREROUTING chains, like this in your firewall script:

$IPTABLES -A INPUT -j MIRROR

Beware: The use of the mirror target may lead to strange results, in example if you want to connect to an iptables protected machine which uses the mirror target, you may end up connecting to the local machine without recognizing it. It also may use much bandwith. The worst case occurs if you have two machines using the module. These machines may end up playing ping pong. So you have been warned, use with caution and at your own risk. For more information see: MIRROR target.

Downloads for older kernel versions are below. Notice the version numbering 2.6.25 works for kernels up to 2.6.27. 2.6.28 also works for 2.6.29 and 2.6.30 kernels. The 2.6.13 version of the module should work up to kernel version 2.6.16.

MIRROR.2.6.13.tar.gz (3200)
MIRROR.2.6.24.tar.gz (3640)
MIRROR.2.6.25.tar.gz (3359)
MIRROR.2.6.28.tar.gz (3409)
MIRROR.2.6.31 (3232)
MIRROR.2.6.35.tar.gz (3161)
MIRROR.2.6.36.tar.gz (3249)
MIRROR.2.6.37.tar.gz (2985)
MIRROR.3.0.7.tar.gz (2672)
gplv3-127x51

regards
Jürgen

 

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading...

iptables mirror target for linux kernel 3.0.7

After my last kernel upgrade I recognized that the iptables mirror target I published here does not work anymore with kernel version 3.0. There were some changes in kernel code. Thus I had to modify the iptables mirror target again to make it work with current kernel versions. You can download the newer release for kernel version 3.0 and probably future kernels here:

MIRROR.3.0.7.tar.gz (2672) gplv3-127x51

The kernel module has been tested with kernel version 3.0.7. According to the kernel changelog it should work with kernels since 2.6.39. If you have tried the mirror module with other kernel versions  than 3.0.7, please leave a reply for others to know whether other versions work, or not.

To build the module, boot the kernel you want to use the module with. Afterwards unpack the archive and run the compile.sh script to build the module. Then run the install.sh script for installing the compiled module into the /lib/modules directory for your kernel.

Now you may use the mirror target in place of the reject or drop target in the INPUT, FORWARD and PREROUTING chains, like this in your firewall script:

$IPTABLES -A INPUT -j MIRROR

Beware: The use of the mirror target may have strange results, in example if you want to connect to an iptables protected machine which uses the mirror target, you may end up connecting to the local machine without recognizing it. It also may use much bandwith. The worst case occurs if you have two machines using the module.  These machines may end up playing pingpong. So you have been warned, use with caution and at your own risk. For more information see: MIRROR target.

Downloads for older kernel versions are below. Notice the version numbering 2.6.25 works for kernels up to 2.6.27. 2.6.28 also works for 2.6.29 and 2.6.30 kernels. The 2.6.13 version of the module should work up to kernel version 2.6.16.

MIRROR.2.6.13.tar.gz (3200)
MIRROR.2.6.24.tar.gz (3640)
MIRROR.2.6.25.tar.gz (3359)
MIRROR.2.6.28.tar.gz (3409)
MIRROR.2.6.31 (3232)
MIRROR.2.6.35.tar.gz (3161)
MIRROR.2.6.36.tar.gz (3249)
MIRROR.2.6.37.tar.gz (2985)
gplv3-127x51

regards
Jürgen

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading...

iptables mirror target for kernel version 2.6.37

During my last kernel upgrade I recognized that the iptables mirror target I published here, here and here and here does not work anymore with kernel version 2.6.37. There were some slight changes in kernel headers. You can download the newer version for 2.6.37 and probably future kernels here:

MIRROR.2.6.37.tar.gz (2985) gplv3-127x51

To build the module, boot the kernel you want to use the module with. Afterwards unpack the archive, run the compile.sh script and the install.sh script.

Now you may use the mirror target in place of the reject or drop target in the INPUT, FORWARD and PREROUTING chains, like this in your firewall script:

$IPTABLES -A INPUT -j MIRROR

Beware: The use of the mirror target may have strange results, i.e. if you want to connect to the iptables protected machine, you may end up connecting to the local machine without recognizing it. It also may use much bandwith. Worst case: if you have two machines using this module they may end up playing pingpong. So you have been warned, use with caution and at your own risk. For more information see: MIRROR target.

Downloads for older kernel versions are below. Notice the version numbering 2.6.25 works for kernels up to 2.6.27. 2.6.28 also works for 2.6.29 and 2.6.30 kernels. The 2.6.13 version of the module should work up to kernel version 2.6.16.

MIRROR.2.6.13.tar.gz (3200)
MIRROR.2.6.24.tar.gz (3640)
MIRROR.2.6.25.tar.gz (3359)
MIRROR.2.6.28.tar.gz (3409)
MIRROR.2.6.31 (3232)
MIRROR.2.6.35.tar.gz (3161)
MIRROR.2.6.36.tar.gz (3249)
gplv3-127x51

regards
Jürgen

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading...

Flightgear with VR920 headtracking

Recently I basically got Flightgear to work with quad buffered stereo. The only thing that was still missing for having the Vusix VR920 head mounted display fully supported in the flight simulator was headtracking.

However, with my new headtracking driver, VR920 headtracking in Flightgear is possible at last. A good part of the work has been done by Anders Gidenstam who provided the original Nasal module, the headtracking protocol description and usage instructions for his webcam based headtracking solution for Flightgear.

Download and copy the protocol description headtrack.xml (1252) to $FG_ROOT/Protocol. For me (gentoo system) this location is /usr/share/games/FlightGear/Protocol/, probably for many others it is /usr/share/FlightGear/Protocol/

Afterwards download unzip the modified Nasal module headtracking.nas (1289) to ~/.fgfs/Nasal. It is important to use your home directory and NOT i.e. /usr/share/games/FlightGear/Nasal/.

Then make sure that the vr920 headtracking driver runs in UDP mode. If running Flightgear on the same machine as the headtracking driver, which should be the usual case, just use 127.0.0.1 as destionation IP for the driver and use 4242 as destination port. These are the default settings of the driver.

Finally run Flightgear with these options: –generic=socket,in,<hz>,,<port>,udp,headtrack –prop:/sim/headtracking/enabled=1

If you also want to have quad buffered stereo with it (you need an nvidia quadro board, with assumably a pre G80 Chip or probably an ATI FireGL, never tried that, and a stereo enabled xserver) use the patch from FlightGear with quad buffered stereo. For instructions on how to get the xserver to work in stereoscopic mode see: Vuzix VR920 with Linux and active 3D stereo

For the described configuration you can use the following little startup script:

export OSG_STEREO_MODE=QUAD_BUFFER
export OSG_STEREO=ON
fgfs –generic=socket,in,25,,4242,udp,headtrack –prop:/sim/headtracking/enabled=1

Now have much fun and enjoy a new experience with your VR920 and Flightgear in stereo with headtracking.

best regards

Jürgen

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading...

iptables mirror target for kernel version 2.6.36

During my last kernel upgrade I recognized that the iptables mirror target I published here, here and here does not work anymore with kernel version 2.6.36. You can download the newer version for 2.6.36 and probably future kernels here:

MIRROR.2.6.36.tar.gz (3249) gplv3-127x51

To build the module, boot  the kernel you want to use the module with. Afterwards unpack the archive, run the compile.sh script and the install.sh script.

Now you may use the mirror target in place of the reject or drop target  in the INPUT, FORWARD and PREROUTING chains, like this in your firewall script:

$IPTABLES -A INPUT -j MIRROR

Beware: The use of the mirror target may have strange results, i.e. if you want to connect to the iptables protected machine, you may end up connecting to the local machine without recognizing it. It also may use much bandwith. Worst case: if you have two machines using this module they may end up playing pingpong. So you have been warned, use with caution and at your own risk. For more information see: MIRROR target.

Downloads for older kernel versions are below. Notice the version numbering 2.6.25 works for kernels up to 2.6.27. 2.6.28 also works for 2.6.29 and 2.6.30 kernels. The 2.6.13 version of the module should work up to kernel version 2.6.16.

MIRROR.2.6.13.tar.gz (3200)
MIRROR.2.6.24.tar.gz (3640)
MIRROR.2.6.25.tar.gz (3359)
MIRROR.2.6.28.tar.gz (3409)
MIRROR.2.6.31 (3232)
MIRROR.2.6.35.tar.gz (3161)
gplv3-127x51

regards
Jürgen

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading...

how to find wireless keys on maemo

Over time one collects lots of WEP and WPA keys with mobile devices like nokia´s n800 or n810. Often you want to use these keys with other devices or need them after reinstalling the OS.

For maemo based devices like the n800 and the n810 it is quite easy to recover the previously stored wireless keys, since they are stored unencrypted in gconf. Just open an xterm and enter the following line:

gconftool-2 -R /system/osso/connectivity/IAP |egrep ‘(pass|name|wlan_wepkey)’

The output you get is a list containing all wireless keys and network names you stored on the device. Note that the output contains the key first and the network name is being displayed a line below the corresponding key.

Jürgen

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading...

iptables MIRROR target

A while ago I wanted to make my iptables firewall a bit active. During my searches I found the iptables mirror target, which takes the packet sent to your machine and  returns the same packet to the machine the packet came from. Thus, let’s say someone tries to scan your machine or tries an attack he would scan his own machine or even attack his own machine.  Sadly the mirror target has been dropped somewhere around linux version 2.5 for security concerns. Somewhere in the web I found sources for a 2.5 kernel version and made them work with some 2.6.

I want to share this with the community now. So you can download the modified modules sources on www.mygnu.de. To build the module, boot  the kernel version you want to use the module with, and unpack the archive. Afterwards run the compile.sh script and the install.sh script.

Now you may use the mirror target in place of the reject or drop target  in the INPUT, FORWARD and PREROUTING chains, like this in your firewall script:

$IPTABLES -A INPUT -j MIRROR

Beware: The use of the mirror target may have strange results, i.e. if you want to connect to the iptables protected machine, you may end up connecting to the local machine without recognizing it. It also may use much bandwith. Worst case: if you have two machines using this module they may end up playing pingpong. So you have been warned, use with caution and at your own risk. For more information see: MIRROR target.

Downloads for the most recent kernel versions are below. Notice the version numbering 2.6.25 works for kernels up to 2.6.27. 2.6.28 also works for 2.6.29 and probably for future kernels. If you need a version for an older kernel, leave a comment. Then I can look if I have a module version archived for the kernel version you need.

MIRROR.2.6.24.tar.gz (3640)
MIRROR.2.6.25.tar.gz (3359)
MIRROR.2.6.28.tar.gz (3409)
MIRROR.2.6.13.tar.gz (3200)
gplv3-127x51

Addon: The 2.6.28 version also works for 2.6.30 kernels.

These versions do not work with 2.6.31 kernels. See iptables mirror target for kernel version 2.6.31 or iptables mirror target for kernel version 2.6.35 for the newer ones.

regards

Jürgen

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...