Personal Red Hat Licenses


Share

Cisco Anyconnect with a Chromebook

Ok all, I wanted to post how I now use my chromebook (non-pixel) to connect to my work Cisco Anyconnect VPN.

In developer mode. Install crouton, this is mainly to get the chroot environment.

Open a shell and ‘enter-chroot’
# Install the following items

apt-get install network-manager network-manager-openconnect
apt-get install vpnc uml-utilities

My bash script to connect each time. Once you edit it

#!/bin/bash
### Edit this section for your VPN Setup
SSLVpn="ssl.example.com"
SearchDomain="example.com"
DNSServer="192.168.1.1"   
# Below the 192.168.1.1 is a static example of an internal DNS Server
###
if [ ! -f /dev/net/tun ]; then
        tunctl -t tap1 -f /dev/net/tun 
fi
mknod /dev/net/tun0 c 10 200
cp /etc/resolv.conf ~/.resolv.conf
echo "nameserver ${DNSServer}" > /etc/resolv.conf
echo "search ${SearchExample}" >> /etc/resolv.conf
cat ~/.resolv.conf >> /etc/resolv.conf
openconnect -s /etc/vpnc/vpnc-script ${SSLVpn}
cat ~/.resolv.conf > /etc/resolv.conf
rm /dev/net/tun0

When you’re done, just ctrl+c out and your done.
edit: I was getting some strange errors and had to a little more of a brute force on tun0. SO…. I added the create and delete on tun0.

How to – Nagios and Pushover alerts

First and foremost some great credit to Jedda Wignall from (http://jedda.me) for the notify_by_pushover.sh script. Drop by his site and say thanks.

This is just my implementation of that script and nagios setup in order to get alerts in my notification panel on my Android phone, tablet and iDevices (of which I have none.)

01. Purchase Pushover from your app store; links can be found here – https://pushover.net/
02. Download the notify_by_pushover.sh script. Can be found here – http://jedda.me/tag/pushover/
03. Login to pushover.net and copy off your “Your User Key” for later use
04. Click “Edit” that’s next to “Your Applications”
05. Then select “Create New Application”
06. Name the application Nagios or maybe your Nagios Server name
07. The type will be “website”
08. You can leave the URL blank and upload an Icon for your Nagios server
09. Accept the EULA and click “Create Application”
10. Copy off your “API Token/Key” for later use
11. On your device(s) open and login to the pushover app
12 Copy the “notify_by_pushover.sh” to the Nagios server; I copied mine to “/usr/lib64/nagios/plugins/notify_by_pushover.sh”
13. Ensure that the file is owned by your Nagios user

# chmod 755 /usr/lib64/nagios/plugins/notify_by_pushover.sh
# chown nagios:nagios /usr/lib64/nagios/plugins/notify_by_pushover.sh
# restorecon /usr/lib64/nagios/plugins/notify_by_pushover.sh

14. Modify your Nagios templates file to add the “generic-pushover” template

define contact {
        name generic-pushover
        host_notifications_enabled      1
        service_notifications_enabled   1
        host_notification_period        24x7
        service_notification_period     24x7
        host_notification_options       d,r
        service_notification_options    c,r
        host_notification_commands      notify-host-pushover
        service_notification_commands   notify-service-pushover
        can_submit_commands             1
        retain_status_information       1
        retain_nonstatus_information    1
        register
}

15. Now add command definitions to enable the notification to leave

# 'notify-host-pushover' command definition
define command {
  command_name    notify-host-pushover
   command_line    /usr/lib64/nagios/plugins/notify_by_pushover.sh -u $CONTACTADDRESS1$ -a $CONTACTADDRESS2$ -c 'persistent' -w 'siren' -t "Nagios" -m "$NOTIFICATIONTYPE$ Host $HOSTNAME$ $HOSTSTATE$"
}

# 'notify-service-pushover' command definition
define command {
  command_name   notify-service-pushover
  command_line   /usr/lib64/nagios/plugins/notify_by_pushover.sh -u $CONTACTADDRESS1$ -a $CONTACTADDRESS2$ -c 'persistent' -w 'siren' -t "Nagios" -m "$HOSTNAME$ $SERVICEDESC$ : $SERVICESTATE$ Additional info: $SERVICEOUTPUT$"
}

16. Now finally add some information to your contact information. I added a new stanza with Pushover information. Also since Nagios has a limited set of options it can use within contacts I used the “address1” and “address2” attributes.

define contact{
        use			generic-pushover
        contact_name		matt_wells_pushover
        alias				Matt Wells Pushover
        contactgroups		pushover-it
        address1			zxcvbnmUSERKEYmnbvcxz
        address2			poiuytrewqAPIKEYqwertyuiop
}

You should be done now! Enjoy your alerts.
Some items to note. I selected the “persistent” alarm when critical and the “siren” when warning. You can change those to anything you see fit.
Also I’ve toyed with the idea of adding links to the alerts but haven’t really done much with that yet.

Git activity

Master IPTables

These are some awesome videos for iptables; I really enjoyed them and if you as well make sure you tell the guys over at Linux Journal.
I find embedded videos annoying so I’m just putting these links up.

Mastering IPTables by Linux Journal

http://www.linuxjournal.com/

IPTables Episode one

IPTables Episode two

IPTables Episode three

IPA Link from Red Hat

This is just a great video and link to the Enterprise IPA Server.
Red Hat IPA Server