Day: May 20, 2019

BLACK CAT PROGRAMMER
by blackcat
Posted on

IP Table

iptables 就可以當作是 linux 裡的防火牆。

Each table has many chains which each chain has many rules

Common tables are nat and filter

filter is for controlling the incoming and outgoing packets

 CHAINS
  1. INPUT
  2. FORWARD
  3. OUTPUT

while

nat is for forwarding packets

 CHAINS
  1. PREROUTING
  2. INPUT
  3. OUTPUT
  4. POSTROUTING

Save the current iptables rules

iptables-save > file_path.rules

Restore iptables rules

iptables-restore < /etc/iptables.rules

Examples

1. List current iptable rules of NAT
iptables -t nat -L -v

2. List current iptables rules of INPUT line number
iptables -t nat -L -v --line-numbers

3.1. Adding a new rule accepting port 1194 traffic
3.1) Append mode
 iptables -t nat -A INPUT -i eth0 -p tcp -m tcp --dport 1194 -j ACCEPT
3.2) Insert mode
iptables -t nat -I INPUT [line number ]-i eth0 -p tcp -m tcp --dport 1194 -j ACCEPT
3.3) Insert mode v2
iptables -I INPUT 7 -p tcp --dport 8443 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT

4.Change the source IP from 10.8.0.0/24 to 192.168.13.11
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j SNAT --to-source 192.168.13.11

5. delete a rule
 1) first, show the current rules by
 iptables -t nat -L -v --line-numbers 
 
 2) delete the rule
 iptables -t nat -D POSTROUTING 1

REF: https://opensource.com/article/18/9/linux-iptables-firewalld

Posted in notesTagged ,
by blackcat
Posted on

Installing Raspbian to respberry using MAC

Installing the OS on SD card

  • donwload the image
  • insert the SD card in to MAC
  • find out the address of the SD card diskutil list
Blackcat-MacBook-Pro:Volumes blackcat$ diskutil list
/dev/disk0 (internal):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                         251.0 GB   disk0
   1:                        EFI EFI                     314.6 MB   disk0s1
   2:                 Apple_APFS Container disk1         250.7 GB   disk0s2

/dev/disk1 (synthesized):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      APFS Container Scheme -                      +250.7 GB   disk1
                                 Physical Store disk0s2
   1:                APFS Volume Macintosh HD            161.3 GB   disk1s1
   2:                APFS Volume Preboot                 21.9 MB    disk1s2
   3:                APFS Volume Recovery                519.0 MB   disk1s3
   4:                APFS Volume VM                      7.1 GB     disk1s4

/dev/disk2 (external, physical):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:     FDisk_partition_scheme                        *63.3 GB    disk2
   1:             Windows_FAT_32 boot                    46.0 MB    disk2s1
   2:                      Linux                         63.2 GB    disk2s2

the SD card is /dev/disk2 in my case

  • unmount the SD card sudo diskutil unmount /dev/disk2
  • write the image to SD card
    sudo dd bs=1m if=2017-04-10-raspbian-jessie.img of=/dev/disk2
  • eject the SD card sudo diskutil eject /dev/rdiskX

Connecting to raspberry

Reference

  • Create an empty file ssh on root directory of the SD card touch /ssh
  • Create a file vi /wpa_supplicant.conf on root directory
country=GB
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
network={
    ssid="<wifi ssid>"
    psk="<wifi password>"
}
  • ssh pi@<IP of the raspberry>
  • default password is raspberry
Posted in notesTagged
by blackcat
Posted on

Hong Kong ID

There are two types of Hong Kong AB123456(A) and A123456(3)

Algorithm of generating the check digit
A=10,B=11,...,Z=35, space=36

Example 1

HKID: AB123456(check digit)
0 = [A*9 + B*8 + 1*7 + 2*6 + 3*5 + 4*4 + 5*3 + 6*2 + (check digit)] % 11
check digit = A*9 + B*8 + 1*7 + 2*6 + 3*5 + 4*4 + 5*3 + 6*2 
= 11 - 255 % 11 
= 11 - 2
= 9

ps: if check digit == 10 then return A

Example 2

HKID: A123456
check digit = 11 - (36*9 + A*8 + 1*7 + 2*6 + 3*5 + 4*4 + 5*3 + 6*2)
= 11 - 481 % 11 
= 11 - 8
= 3

ps: if check digit == 10 then return A
Posted in notesTagged