tag:blogger.com,1999:blog-43531613376687413892024-03-18T04:00:10.238+01:00youresuchageekTips, News, How-to, Linux and Opensource addicted !Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.comBlogger29125tag:blogger.com,1999:blog-4353161337668741389.post-25812941496393256622014-04-25T00:18:00.000+02:002014-04-25T00:20:03.743+02:00NMON for Splunk, Performance Monitor for Unix and Linux Systems - Complete integration and usage guide<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpSOpqJCUrzUS1V0sCHQSaEQ5i589rLqVEZlipcwQfabaNBd4qeVFzFTMlWuyZFtYnRhfgkd7HOE-1o_lHbsOSe6KaAXuRsEiRPGE26MFzwQIrv6_IXgyzAtu9yshgbHQ94I5II9BKIVpw/s1600/NMON_Logo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpSOpqJCUrzUS1V0sCHQSaEQ5i589rLqVEZlipcwQfabaNBd4qeVFzFTMlWuyZFtYnRhfgkd7HOE-1o_lHbsOSe6KaAXuRsEiRPGE26MFzwQIrv6_IXgyzAtu9yshgbHQ94I5II9BKIVpw/s1600/NMON_Logo.png" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: large; line-height: 16px;"><a href="https://apps.splunk.com/app/1753/" target="_blank">https://apps.splunk.com/app/1753/</a></span></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: ProximaNovaRgRegular, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; line-height: 20px;">NMON stands for Nigel's Performance Monitor and is available on AIX, Solaris (With Sarmon), Linux and ARM Systems.</span></div>
<br style="background-color: white; color: #333333; font-family: ProximaNovaRgRegular, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; line-height: 20px;" />
<span style="background-color: white; color: #333333; font-family: ProximaNovaRgRegular, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; line-height: 20px;">This great System Performance tool associated with Splunk power provides an Enterprise class Application to automatically collact and/or exploit NMON data ouf of the box.</span><br />
<br style="background-color: white; color: #333333; font-family: ProximaNovaRgRegular, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; line-height: 20px;" />
<span style="background-color: white; color: #333333; font-family: ProximaNovaRgRegular, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; line-height: 20px;">NMON Splunk App is designed to massively collect, convert, index and analyse NMON Metrics Data.</span><br />
<br style="background-color: white; color: #333333; font-family: ProximaNovaRgRegular, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; line-height: 20px;" />
<span style="background-color: white; color: #333333; font-family: ProximaNovaRgRegular, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; line-height: 20px;">Data collect can be done on standalone or indexers, and also with Splunk forwarders which makes the App fully compatible with Splunk distributed architecture. </span><br />
<br style="background-color: white; color: #333333; font-family: ProximaNovaRgRegular, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; line-height: 20px;" />
<span style="background-color: white; color: #333333; font-family: ProximaNovaRgRegular, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; line-height: 20px;">Splunk for NMON does global Analysis per Host, Analysis per type of metric (CPU usage, Memory, I/O...), Predictive and Comparison Analysis for both AIX, Solaris and Linux OS.</span><br />
<br style="background-color: white; color: #333333; font-family: ProximaNovaRgRegular, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; line-height: 20px;" />
<span style="background-color: white; color: #333333; font-family: ProximaNovaRgRegular, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; line-height: 20px;">Specific IBM Power Systems metrics such as Micro-Partitions and Pools CPU utilization are supported and exploited in provided interfaces.</span><br />
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxwZbJXsMPMpFmg_HmwnUmuQzfA2IPlFW-lzrL2AbnKwyCgWvRyXJyMdo0kbJguNL1WMQNLC7yitj3lhklYpPO-SqgSkAa6xEjxzCjCny-LzDf-huR_TTUZ-JUN_D_9i4iNdEDn-CJy4Zk/s1600/screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxwZbJXsMPMpFmg_HmwnUmuQzfA2IPlFW-lzrL2AbnKwyCgWvRyXJyMdo0kbJguNL1WMQNLC7yitj3lhklYpPO-SqgSkAa6xEjxzCjCny-LzDf-huR_TTUZ-JUN_D_9i4iNdEDn-CJy4Zk/s1600/screenshot.png" height="179" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUgeUiyWrxcxtQsiriwXLBV-HcTmCJqCOnsdgBaEBFDerWMJFEPoPlYHdduBdyTf3isBUbPZpzd59s8JSddLIyJcUW0Algw3XzZjMxsJYGFG0uB2W7HWvYJTp7tVjUuBfQvy2UGZIcfbz3/s1600/screenshot2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUgeUiyWrxcxtQsiriwXLBV-HcTmCJqCOnsdgBaEBFDerWMJFEPoPlYHdduBdyTf3isBUbPZpzd59s8JSddLIyJcUW0Algw3XzZjMxsJYGFG0uB2W7HWvYJTp7tVjUuBfQvy2UGZIcfbz3/s1600/screenshot2.png" height="179" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7ls90MvmXg2goWFL-sKlQWi7KtVOEceWYDWfyyIfhPpTvk3-PzCrsIBQ_UHGBY8WvxxWq9c3eHAPj1jEREnmnb2akGBHDa_5dbJvHB-G8ZtvdQ9Q2przUGdlm-HhrQ_t1hhMtK-S6dcIg/s1600/screenshot3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7ls90MvmXg2goWFL-sKlQWi7KtVOEceWYDWfyyIfhPpTvk3-PzCrsIBQ_UHGBY8WvxxWq9c3eHAPj1jEREnmnb2akGBHDa_5dbJvHB-G8ZtvdQ9Q2przUGdlm-HhrQ_t1hhMtK-S6dcIg/s1600/screenshot3.png" height="179" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwfqbP9dtIxLzJYFcbmN88ZR7DwtOT4laHDrmCy83411Lul4C0JoSHakV1mRnZy_j_l7LfF5wznoNtsDqDQnKIm88-sCdVtmYYycqAZhEwnqqtTO0A1Qb4w_WZjpK2LMMfQlI_G_9Eq1zh/s1600/screenshot4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwfqbP9dtIxLzJYFcbmN88ZR7DwtOT4laHDrmCy83411Lul4C0JoSHakV1mRnZy_j_l7LfF5wznoNtsDqDQnKIm88-sCdVtmYYycqAZhEwnqqtTO0A1Qb4w_WZjpK2LMMfQlI_G_9Eq1zh/s1600/screenshot4.png" height="179" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiU3ANkMfBLvm3glMmZVjQMyW2qT1zG4pzr1IVvD7yqlH95xgv0foSn_IVccQ7TKusqETmlMj8YnkD2ebAm9Yt0JUr69yf79stU317n62pZ65zKGJhHiMW38rw0iEkRaH2jkUoBoCJ3NzlN/s1600/screenshot5.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiU3ANkMfBLvm3glMmZVjQMyW2qT1zG4pzr1IVvD7yqlH95xgv0foSn_IVccQ7TKusqETmlMj8YnkD2ebAm9Yt0JUr69yf79stU317n62pZ65zKGJhHiMW38rw0iEkRaH2jkUoBoCJ3NzlN/s1600/screenshot5.png" height="179" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;">Copyright 2014 Guilhem Marchand </span></div>
<br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;" />
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;">Licensed under the Apache License, Version 2.0 (the "License");</span><br />
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;">you may not use this file except in compliance with the License.</span><br />
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;">You may obtain a copy of the License at</span><br />
<br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;" />
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;">http://www.apache.org/licenses/LICENSE-2.0</span><br />
<br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;" />
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;">Unless required by applicable law or agreed to in writing, software</span><br />
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;">distributed under the License is distributed on an "AS IS" BASIS,</span><br />
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;">WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</span><br />
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;">See the License for the specific language governing permissions and</span><br />
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;">limitations under the License.</span><br />
<br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;" />
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;">nmon release 1.1.2</span><br />
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<h1 style="background-color: white; color: royalblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 20px; line-height: 32px; margin: 8px 0px; text-rendering: optimizelegibility;">
Welcome in Splunk for NMON, Performance Monitor for Unix and Linux Systems</h1>
<h2 style="background-color: white; color: darkslateblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 16px; font-weight: normal; margin: 10px 0px; text-rendering: optimizelegibility;">
TABLE OF CONTENT</h2>
<ol style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px; margin: 0px 0px 8px 25px; padding: 0px;">
<li>INTRODUCTION</li>
<li>PREREQUISITES</li>
<li>INSTALLATION</li>
<li>DEPLOYMENT SCENARIOS</li>
<li>ADVANCED CONFIGURATION</li>
<li>USAGE</li>
<li>UPGRADE INSTRUCTIONS</li>
<li>REFERENCE MATERIAL</li>
</ol>
<div>
<span style="color: #333333; font-family: Roboto, Droid, Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="font-size: 12px; line-height: 16px;"><br /></span></span></div>
<div>
<span style="color: #333333; font-family: Roboto, Droid, Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="font-size: 12px; line-height: 16px;"><br /></span></span></div>
<h1 style="background-color: white; color: royalblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 20px; line-height: 32px; margin: 8px 0px; text-rendering: optimizelegibility;">
1. INTRODUCTION</h1>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
NMON stands for Nigel's Performance Monitor and is available on AIX Systems, Solaris (with Sarmon), Linux and now ARM Systems.<br />
This is a great all in one Performance Monitor tool that gives a large amount of system performance informations and can be used in different scenarios.<br />
<br />
It first can be used for Realtime monitoring within a terminal by simply issuing the "nmon" command, giving you access to many system informations within a single screen. </div>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhKI3iZbTQkZOHPB1uNASgiRLif5oAwO8ivD5Y0EoYtqUhD7mtE5YeUb-aDpV44lwE6mPrFUD7gl-Cts4IA6nWbe-eJhkrdaNck9l5HnRSeHN4PaNuQw25JXsSeMs8G7uKdpRFRl7W5vj8m/s1600/nmon_screen.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhKI3iZbTQkZOHPB1uNASgiRLif5oAwO8ivD5Y0EoYtqUhD7mtE5YeUb-aDpV44lwE6mPrFUD7gl-Cts4IA6nWbe-eJhkrdaNck9l5HnRSeHN4PaNuQw25JXsSeMs8G7uKdpRFRl7W5vj8m/s1600/nmon_screen.png" height="187" width="320" /></a></div>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
Beyond RealTime Analysis, NMON is very often used as a Capacity Planning tool by running NMON in csv generating mode all along it's run time, for later cold Analyse.</div>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
There is very few (or none) solutions to Analyse these data with a global and historical vision (Excel has its limits), fortunately Splunk's power is here and this Application will, i hope, answer to your needs.</div>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
</div>
<h2 style="background-color: white; color: darkslateblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 16px; font-weight: normal; margin: 10px 0px; text-rendering: optimizelegibility;">
Here are some useful links about NMON:</h2>
<div class="separator" style="clear: both;">
<a href="http://nmon.sourceforge.net/pmwiki.php" style="background-color: white; color: #5379af; cursor: pointer; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px; text-decoration: none;">http://nmon.sourceforge.net/pmwiki.php</a></div>
<a href="http://www.ibm.com/developerworks/aix/library/au-analyze_aix" style="background-color: white; color: #5379af; cursor: pointer; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px; text-decoration: none;">http://www.ibm.com/developerworks/aix/library/au-analyze_aix</a><br />
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
Analysing NMON csv data is not easy because of a very specific format Splunk cannot directly manage. (One big problem stands in the event timestamp identification which is very uncommon and defined by a non timestamp pattern)<br />
This is why i decided to develop this App, based on my own professional experience in Unix systems Capacity Planning, to provide to anyone interested a powerful too to Analyse NMON data with an Enterprise Class Application.</div>
<h2 style="background-color: white; color: darkslateblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 16px; font-weight: normal; margin: 10px 0px; text-rendering: optimizelegibility;">
In a few words, here is how the App works:</h2>
<br />
<br />
<li style="line-height: 16px;">After installation, the App is ready to be used, out of the Box</li>
<li style="line-height: 16px;">Default installation has a file monitor that watches for any new nmon file located in "/opt/splunk/etc/apps/nmon/var/nmon_repository"</li>
<li style="line-height: 16px;">When a new file is found by Splunk Archive Processor (such as any monitored file or directory), Splunk will call a third party perl script</li>
<li style="line-height: 16px;">The perl script "nmon2csv" will translate nmon data into several csv files in "/opt/splunk/etc/apps/nmon/var/csv_repository"</li>
<li style="line-height: 16px;">By default, Splunk will watch for this this directory running in "batch" mode, meaning any csv file within this directory will be indexed then deleted (you should not need to keep these files)</li>
<li style="line-height: 16px;">Once indexed, NMON Data will be ready to be analysed within any available views</li>
<br />
<div class="separator" style="clear: both;">
<lu style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"></lu><span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"></span><br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;" /></div>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
</div>
<h2 style="background-color: white; color: darkslateblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 16px; font-weight: normal; margin: 10px 0px; text-rendering: optimizelegibility;">
You can verify NMON workflow indexing by requesting on index with nmon processing sourcetype:</h2>
<div class="separator" style="clear: both;">
<code style="background-color: #f7f7f9; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(225, 225, 232); color: #dd1144; font-family: 'Droid Sans Mono', Consolas, Monaco, 'Courier New', Courier, monospace; font-size: 10px; line-height: 16px; padding: 2px 4px; white-space: nowrap;">index="nmon" sourcetype="nmon_processing" </code></div>
<br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;" />
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;">This will output the NMON file processing timestamp that has been threaten by Splunk. (identified by standard "source" field) </span><br />
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;">The real data itself will be identified by it's "type" field and indexed in "nmon" Splunk index, currently here are NMON sections (type field) threaten by the third party script: </span><br />
<br />
<br />
<li style="line-height: 16px;">CPU_ALL</li>
<li style="line-height: 16px;">DISKBSIZE</li>
<li style="line-height: 16px;">DISKBUSY</li>
<li style="line-height: 16px;">DISKREAD</li>
<li style="line-height: 16px;">DISKWRITE</li>
<li style="line-height: 16px;">DISKXFER</li>
<li style="line-height: 16px;">FILE</li>
<li style="line-height: 16px;">IOADAPT</li>
<li style="line-height: 16px;">LPAR</li>
<li style="line-height: 16px;">MEM</li>
<li style="line-height: 16px;">MEMNEW</li>
<li style="line-height: 16px;">MEMUSE</li>
<li style="line-height: 16px;">NET</li>
<li style="line-height: 16px;">NETERROR</li>
<li style="line-height: 16px;">NETPACKET</li>
<li style="line-height: 16px;">PAGE</li>
<li style="line-height: 16px;">PROC</li>
<li style="line-height: 16px;">PROCSOL</li>
<li style="line-height: 16px;">TOP</li>
<li style="line-height: 16px;">JFSFILE</li>
<li style="line-height: 16px;">JFSINODE</li>
<br />
<div class="separator" style="clear: both;">
<lu style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"></lu><span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"></span><br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;" /></div>
<h2 style="background-color: white; color: darkslateblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 16px; font-weight: normal; margin: 10px 0px; text-rendering: optimizelegibility;">
Accessing Raw data will be achieved as follows:</h2>
<div class="separator" style="clear: both;">
<code style="background-color: #f7f7f9; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(225, 225, 232); color: #dd1144; font-family: 'Droid Sans Mono', Consolas, Monaco, 'Courier New', Courier, monospace; font-size: 10px; line-height: 16px; padding: 2px 4px; white-space: nowrap;">index="nmon" sourcetype="nmon_data"</code><span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"></span></div>
<h2 style="background-color: white; color: darkslateblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 16px; font-weight: normal; margin: 10px 0px; text-rendering: optimizelegibility;">
Technical informations about these system metrics and how they are collected are well described in NMON Analyser Documentation:</h2>
<div class="separator" style="clear: both;">
<a href="https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Power%20Systems/page/nmon_analyser" style="background-color: white; color: #5379af; cursor: pointer; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px; text-decoration: none;">https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Power%20Systems/page/nmon_analyser</a><span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"> </span></div>
<h3 style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; margin: 8px 0px; text-rendering: optimizelegibility;">
Sarmon site for Solaris version has also a very nice description of NMON Metrics (with some specifics to Sarmon):</h3>
<div class="separator" style="clear: both;">
<a href="http://www.geckotechnology.com/fr/sarmon" style="background-color: white; color: #5379af; cursor: pointer; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px; text-decoration: none;">http://www.geckotechnology.com/fr/sarmon</a><span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"> </span></div>
<h2 style="background-color: white; color: darkslateblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 16px; font-weight: normal; margin: 10px 0px; text-rendering: optimizelegibility;">
Installing NMON</h2>
<div class="separator" style="clear: both;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;">Installing NMON is out of the scope of this document, here are some links which should help installing NMON for your OS: </span></div>
<h3 style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; margin: 8px 0px; text-rendering: optimizelegibility;">
AIX NMON Installation:</h3>
<div class="separator" style="clear: both;">
<a href="http://www.ibm.com/developerworks/aix/library/au-analyze_aix/" style="background-color: white; color: #5379af; cursor: pointer; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px; text-decoration: none;">http://www.ibm.com/developerworks/aix/library/au-analyze_aix/</a><span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"></span></div>
<h3 style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; margin: 8px 0px; text-rendering: optimizelegibility;">
LINUX NMON Installation:</h3>
<div class="separator" style="clear: both;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;">For many distributions, NMON shall be available in distrib repository packages (rpm, deb and so on) </span></div>
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;">You can also download the last binary for you OS: </span><br />
<a href="http://nmon.sourceforge.net/pmwiki.php?n=Site.Download" style="background-color: white; color: #5379af; cursor: pointer; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px; text-decoration: none;">http://nmon.sourceforge.net/pmwiki.php?n=Site.Download</a><span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"></span><br />
<h3 style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; margin: 8px 0px; text-rendering: optimizelegibility;">
SOLARIS NMON (SARMON) Installation:</h3>
<div class="separator" style="clear: both;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;">Download and installation procedure: </span></div>
<a href="http://www.geckotechnology.com/fr/sarmon" style="background-color: white; color: #5379af; cursor: pointer; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px; text-decoration: none;">http://www.geckotechnology.com/fr/sarmon</a><span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"></span><br />
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br />
One great goal of this App is to take huge benefit of Splunk Archive processor system to identify and manage NMON files as it would do with any other standard log file, through a custom archive command stanza<br />
Splunk call when required the third party script which will convert NMON data in log files Splunk can easily manage.<br />
<br />
Beyond this, NMON data takes great advantage of Splunk intelligence to exploit this large amount of technical data.<br />
This Application comes as it is, with absolutely no warranty. Still i think and hope you will find this very very useful and will answer to your need.<br />
<br />
Do not hesitate to contact me if you have any further question or comment, any feedback will be greatly appreciated ! </div>
<h2 style="background-color: white; color: darkslateblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 16px; font-weight: normal; margin: 10px 0px; text-rendering: optimizelegibility;">
WARNING and DISCLAIMER:</h2>
<div class="separator" style="clear: both;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;">Depending on your nmon command settings, a huge amount of data may be generated by nmon2csv conversion script, don't expect to manage thousands of servers with a free Splunk licence. </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<h1 style="background-color: white; color: royalblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 20px; line-height: 32px; margin: 8px 0px; text-rendering: optimizelegibility;">
2. PREREQUISITES</h1>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
</div>
<h2 style="background-color: white; color: darkslateblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 16px; font-weight: normal; margin: 10px 0px; text-rendering: optimizelegibility;">
Here are requirements for successfully install and use Splunk for NMON</h2>
<div class="separator" style="clear: both;">
<br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;" /></div>
<h3 style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; margin: 8px 0px; text-rendering: optimizelegibility;">
- The Splunk Web Framework Toolkit, freely available</h3>
<div class="separator" style="clear: both;">
<a href="http://apps.splunk.com/app/1613" style="background-color: white; color: #5379af; cursor: pointer; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; text-decoration: none;">http://apps.splunk.com/app/1613</a></div>
<h3 style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; margin: 8px 0px; text-rendering: optimizelegibility;">
- PERL environment: The third party script required a standard and functional perl environment, thus no additional library are required</h3>
<div class="separator" style="clear: both;">
<br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;" /></div>
<h3 style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; margin: 8px 0px; text-rendering: optimizelegibility;">
- NMON installation: Only if you intend to collect NMON data using Splunk (see sections below)</h3>
<div class="separator" style="clear: both;">
<br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;" /></div>
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;">Nothing else is required, this App can be used with a free Splunk licence without any limitation, but as said above remember a very large amount of data may have to be indexed. </span><br />
<div class="separator" style="clear: both;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;"><br /></span></div>
<h1 style="background-color: white; color: royalblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 20px; line-height: 32px; margin: 8px 0px; text-rendering: optimizelegibility;">
3. INSTALLATION</h1>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
</div>
<h2 style="background-color: white; color: darkslateblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 16px; font-weight: normal; margin: 10px 0px; text-rendering: optimizelegibility;">
Splunk for NMON installation is very easy to achieve as for any standard Splunk application:</h2>
<br />
<li style="line-height: 16px;">Under SPlunk Application manager, getting the App online or downloaded as a file from Splunk Base</li>
<li style="line-height: 16px;">By directly uncompressing the Archive file content under your Splunk installation directory: $SPLUNK_HOME/etc/apps</li>
<br />
<div class="separator" style="clear: both;">
<lu style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;"></lu><br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;" /></div>
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;">Once installed, please restart Splunk to make the App fully available. </span><br />
<h2 style="background-color: white; color: darkslateblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 16px; font-weight: normal; margin: 10px 0px; text-rendering: optimizelegibility;">
Default installation:</h2>
<br />
<li style="line-height: 16px;">Every NMON data will indexed into an index called "nmon"</li>
<li style="line-height: 16px;">The App watches for nmon file available within the directory "/opt/splunk/etc/apps/nmon/nmon_repository"</li>
<li style="line-height: 16px;">The directory "/opt/splunk/etc/apps/nmon/spool" will be used as temporary directory by the nmon2csv third party script</li>
<li style="line-height: 16px;">The nmon2scv generates csv files within the directory "/opt/splunk/etc/apps/nmon/csv_repository" and immediately indexed and deleted</li>
<br />
<h2 style="background-color: white; color: darkslateblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 16px; font-weight: normal; margin: 10px 0px; text-rendering: optimizelegibility;">
NOTE: Path above are full path i could not yet adapt them with environment variables, if you have a non standard Splunk Home installation, please copy settings from:</h2>
<br />
<li style="line-height: 16px;">props.conf</li>
<li style="line-height: 16px;">inputs.conf</li>
<br />
<div class="separator" style="clear: both;">
<lu style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;"></lu><span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;"></span><lu style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;"></lu><span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;"></span><br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;" /></div>
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;">And adapt them to match your Splunk home path</span><br />
<h2 style="background-color: white; color: darkslateblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 16px; font-weight: normal; margin: 10px 0px; text-rendering: optimizelegibility;">
Additional Monitor:</h2>
<div class="separator" style="clear: both;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;">You can easily add additional NMON files monitors, therefore please set these monitors in the "local" directory bases on "props.conf" and "inputs.conf" default examples you will find within the App. </span></div>
<br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;" />
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;">Note about conversation and indexing system cost: </span><br />
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;">Please keep in mind than converting and indexing NMON files will temporarily have an important impact on local system load if they are very large files. (such as a full day Nmon file)</span><br />
<div class="separator" style="clear: both;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<h1 style="background-color: white; color: royalblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 20px; line-height: 32px; margin: 8px 0px; text-rendering: optimizelegibility;">
4. DEPLOYMENT SCENARIOS</h1>
<div class="separator" style="clear: both;">
<br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;" /></div>
<h1 style="background-color: white; color: royalblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 20px; line-height: 32px; margin: 8px 0px; text-rendering: optimizelegibility;">
Scenario 1 "Distributed Environment": Splunk indexer(s) And Splunk Forwarders Agents used to collect Nmon data on servers</h1>
<h2 style="background-color: white; color: darkslateblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 16px; font-weight: normal; margin: 10px 0px; text-rendering: optimizelegibility;">
In this scenario, Splunk indexer(s) will collect NMON Metrics data from clients servers using Splunk Forwarders.<br />Indexers themselves will collect local NMON Data.</h2>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg91guChN_KKUWLbcua1Il8O1arRZCiLyIVd01zoRl4VHU30mpIiqK1pN29Td909TFl-EMTUFrPdoYohQlZzshk9mveKBaGcn-99QtDsRv9WawiRzGH5flzHXRgez6l-F6HczZBW6o-B0Dk/s1600/diagram_forwarding.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg91guChN_KKUWLbcua1Il8O1arRZCiLyIVd01zoRl4VHU30mpIiqK1pN29Td909TFl-EMTUFrPdoYohQlZzshk9mveKBaGcn-99QtDsRv9WawiRzGH5flzHXRgez6l-F6HczZBW6o-B0Dk/s1600/diagram_forwarding.png" height="426" width="640" /></a></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<h3 style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; margin: 8px 0px; text-rendering: optimizelegibility;">
Step 1: Activate local Nmon data collect in Splunk indexers</h3>
<div class="separator" style="clear: both;">
<br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;" /></div>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
You will probably want to be able to have Usage statistics of Splunk indexer(s) themselves, this can be achieved very simply as follows:<br />
<br />
With Splunk Manager:<br />
<code style="background-color: #f7f7f9; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(225, 225, 232); color: #dd1144; font-family: 'Droid Sans Mono', Consolas, Monaco, 'Courier New', Courier, monospace; font-size: 10px; padding: 2px 4px; white-space: nowrap;">- Manager -> Data Inputs -> Script Inputs </code><br />
<br />
<br />
Then activate the nmon_collect entry according to the OS type of your Splunk indexer (eg. nmon_for_linux.sh will activate Linux data collect)<br />
<br />
Manually:<br />
<code style="background-color: #f7f7f9; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(225, 225, 232); color: #dd1144; font-family: 'Droid Sans Mono', Consolas, Monaco, 'Courier New', Courier, monospace; font-size: 10px; padding: 2px 4px; white-space: nowrap;">- Copy defaults/inputs.conf to local/, edit the file and look for the adapted nmon_collect entry </code><br />
<br />
Change "disabled = true" to "false", and restart Splunk. </div>
<div class="separator" style="clear: both;">
<br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;" /></div>
<h3 style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; margin: 8px 0px; text-rendering: optimizelegibility;">
Step 2: Forwarders Installation and configuration</h3>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br />
Note: If forwarders are already installed, go to Step 3<br />
Steps for Installing/Configuring *nix forwarders:</div>
<div class="separator" style="clear: both;">
<br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;" /></div>
<h4 style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin: 0px; text-rendering: optimizelegibility;">
2.1 Download Splunk Universal Forwarder:</h4>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<a href="http://www.splunk.com/download/universalforwarder" style="color: #5379af; cursor: pointer; text-decoration: none;">http://www.splunk.com/download/universalforwarder</a></div>
<div class="separator" style="clear: both;">
<br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;" /></div>
<h4 style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin: 0px; text-rendering: optimizelegibility;">
2.2 Install Forwarder</h4>
<div class="separator" style="clear: both;">
<br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;" /></div>
<h4 style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin: 0px; text-rendering: optimizelegibility;">
2.3 Enable boot-start/init script:</h4>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br />
Activate the forwarder at boot time:<br />
<code style="background-color: #f7f7f9; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(225, 225, 232); color: #dd1144; font-family: 'Droid Sans Mono', Consolas, Monaco, 'Courier New', Courier, monospace; font-size: 10px; padding: 2px 4px; white-space: nowrap;">/opt/splunkforwarder/bin/splunk enable boot-start </code><br />
<br />
To start the forwarder:<br />
<code style="background-color: #f7f7f9; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(225, 225, 232); color: #dd1144; font-family: 'Droid Sans Mono', Consolas, Monaco, 'Courier New', Courier, monospace; font-size: 10px; padding: 2px 4px; white-space: nowrap;">/opt/splunkforwarder/splunk start</code></div>
<div class="separator" style="clear: both;">
<br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;" /></div>
<h4 style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin: 0px; text-rendering: optimizelegibility;">
2.4 Enable Receiving input on the Index Server</h4>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br />
Configure the Splunk Index Server to receive data, either in the manager:<br />
<code style="background-color: #f7f7f9; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(225, 225, 232); color: #dd1144; font-family: 'Droid Sans Mono', Consolas, Monaco, 'Courier New', Courier, monospace; font-size: 10px; padding: 2px 4px; white-space: nowrap;">Manager -> sending and receiving -> configure receiving -> new </code><br />
<br />
or via the CLI:<br />
<code style="background-color: #f7f7f9; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(225, 225, 232); color: #dd1144; font-family: 'Droid Sans Mono', Consolas, Monaco, 'Courier New', Courier, monospace; font-size: 10px; padding: 2px 4px; white-space: nowrap;">/opt/splunk/bin/splunk enable listen 9997 </code><br />
Where 9997 (default) is the receiving port for Splunk Forwarder connections </div>
<div class="separator" style="clear: both;">
<br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;" /></div>
<h4 style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin: 0px; text-rendering: optimizelegibility;">
2.5 Configure Forwarder connection to Index Server:</h4>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br />
On Forwarders:<br />
<code style="background-color: #f7f7f9; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(225, 225, 232); color: #dd1144; font-family: 'Droid Sans Mono', Consolas, Monaco, 'Courier New', Courier, monospace; font-size: 10px; padding: 2px 4px; white-space: nowrap;">/opt/splunkforwarder/bin/splunk add forward-server hostname.domain:9997 </code><br />
(where hostname.domain is the index server, and 9997 is the receiving port you create on the Indexer: Manager -> sending and receiving -> configure receiving -> new)<br />
<br />
Note: Login / Password are default installation credentials (admin / changeme)<br />
<br />
To change this:<br />
<code style="background-color: #f7f7f9; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(225, 225, 232); color: #dd1144; font-family: 'Droid Sans Mono', Consolas, Monaco, 'Courier New', Courier, monospace; font-size: 10px; padding: 2px 4px; white-space: nowrap;">/opt/splunkforwarder/bin/splunk edit user admin -password NEWPASSWD -auth admin:changeme</code></div>
<div class="separator" style="clear: both;">
<br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;" /></div>
<h3 style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; margin: 8px 0px; text-rendering: optimizelegibility;">
Step 3: Deploy the lightweight version of Nmon App designed for Splunk forwarders</h3>
<div class="separator" style="clear: both;">
<br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;" /></div>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
Within directory $SPLUNK_HOME/etc/apps/nmon/ressources a lightweight version of Nmon App modified for forwarders is available:<br />
<code style="background-color: #f7f7f9; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(225, 225, 232); color: #dd1144; font-family: 'Droid Sans Mono', Consolas, Monaco, 'Courier New', Courier, monospace; font-size: 10px; padding: 2px 4px; white-space: nowrap;">nmon_forwarder_V*.tar.gz </code><br />
<br />
Transfer this Archive to your forwarders to untar it into:<br />
<code style="background-color: #f7f7f9; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(225, 225, 232); color: #dd1144; font-family: 'Droid Sans Mono', Consolas, Monaco, 'Courier New', Courier, monospace; font-size: 10px; padding: 2px 4px; white-space: nowrap;">/opt/splunkforwarder/etc/apps </code><br />
<br />
Before starting the forwarder, copy defaults/inputs.conf to local/, edit and enable the nmon_collect entry which corresponds to your OS<br />
<br />
Start the forwarder, Nmon data collect will begin. </div>
<div class="separator" style="clear: both;">
<br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;" /></div>
<h1 style="background-color: white; color: royalblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 20px; line-height: 32px; margin: 8px 0px; text-rendering: optimizelegibility;">
Scenario 2: Manage NMON Data collected into centralized shares</h1>
<h2 style="background-color: white; color: darkslateblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 16px; font-weight: normal; margin: 10px 0px; text-rendering: optimizelegibility;">
In a scenario where there is no Splunk forwarders installed in servers but there is another process in place which periodically collect Nmon data, all you need is a central share (such as an NFS share) which Splunk indexer has access.</h2>
<div class="separator" style="clear: both;">
<br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;" /></div>
<h3 style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; margin: 8px 0px; text-rendering: optimizelegibility;">
Step 1: Splunk indexer Nmon metrics local collect</h3>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br />
In such a scenario, you will still probably want to have Splunk indexer metrics being collected locally, to do so:<br />
<br />
With Splunk Manager:<br />
<code style="background-color: #f7f7f9; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(225, 225, 232); color: #dd1144; font-family: 'Droid Sans Mono', Consolas, Monaco, 'Courier New', Courier, monospace; font-size: 10px; padding: 2px 4px; white-space: nowrap;">- Manager -> Data Inputs -> Script Inputs </code><br />
<br />
Then activate the nmon_collect entry according to the OS type of your Splunk indexer (eg. nmon_for_linux.sh will activate Linux data collect)<br />
<br />
Manually:<br />
- Copy defaults/inputs.conf to local/, edit the file and look for the adapted nmon_collect entry<br />
<br />
Change "disabled = true" to "false", and restart Splunk.</div>
<div class="separator" style="clear: both;">
<br style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;" /></div>
<h3 style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; margin: 8px 0px; text-rendering: optimizelegibility;">
Step 2: Add Splunk Monitors</h3>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br />
Then, simply add a monitor that will watch for any new or updated Nmon file and will convert and index Nmon data.<br />
<br />
Copy defaults/inputs.conf and defaults/props.conf to local/, edit each config file to configure your additional monitor.<br />
<br />
Restart Splunk and Nmon collect will start. </div>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br /></div>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br /></div>
<h1 style="background-color: white; color: royalblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 20px; line-height: 32px; margin: 8px 0px; text-rendering: optimizelegibility;">
5. ADVANCED CONFIGURATION</h1>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br />
Splunk for NMON works out the box after installation and does not require additional configuration to manage NMON files, just copy them to "/opt/splunk/etc/apps/nmon/nmon_repository" and files will immediately be managed. </div>
<h2 style="background-color: white; color: darkslateblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 16px; font-weight: normal; margin: 10px 0px; text-rendering: optimizelegibility;">
Beyond this, you can add as many monitor as you which to threat other NMON files repository (such as an NFS share), achieving this is very simple:</h2>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
- Copy "props.conf" and "inputs.con" files to local directory (don't edit files in default directory to be upgrade resilient) and adapt/add sections as described in configuration files.</div>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br /></div>
<h2 style="background-color: white; color: darkslateblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 16px; font-weight: normal; margin: 10px 0px; text-rendering: optimizelegibility;">
IBM PSeries Environments: Mapping Partitions with PSeries names</h2>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
If you are planning to manage many partitions in IBM Pseries environment, you will take advantages of mapping lpars (also called micro-partitions) with your PSeries identification hostname.<br />
<br />
This will add a supplementary filter (interfaces, reports...) using the PSeries name, very useful in big environment.<br />
<br />
This can be achieved by adding a csv lookup based on "serialnum" field present in every NMON data section.<br />
<br />
In IBM Pseries environments, this serial number is in fact the PSeries serial number, create a csv lookup adapted to your need and store in SPLUNK_HOME/etc/apps/nmon/lookups, such as: </div>
<br />
<xmp style="background-color: white; color: #333333; font-size: 12px; line-height: 16px;">
PSERIES_NAME,serialnum<br>
PSERIESfoo,xxxxxxxxxxx
PSERIESbar,xxxxxxxxxxx
</xmp><br />
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
Create a stanza in "$SPLUNK_HOME/etc/apps/nmon/local/transforms.conf" such as:</div>
<br />
<xmp style="background-color: white; color: #333333; font-size: 12px; line-height: 16px;">
[mylookup]
filename = mylookupfile.csv
</xmp><br />
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br />
<br />
Then, copy "props.conf" from default directory to local directory, within the [nmon_data] stanza, add your csv lookup mapping such as:</div>
<br />
<xmp style="background-color: white; color: #333333; font-size: 12px; line-height: 16px;">
# mylookup Mapping
lookup_mylookup = mylookup serialnum OUTPUTNEW PSERIES
</xmp><br />
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br />
Restart Splunk (or refresh the configuration using debug URL), once this is done every lpar host will be associated with its PSeries.<br />
Beyond this point, you are free to modify views to include this information as a new important filter within dropdowns and so on... As always ensure you are working with files located in "local" directory to be upgrade resilient.<br />
You can off course add many other technical of functional informations depending on your environment to improve the way you exploit your data.</div>
<h2 style="background-color: white; color: darkslateblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 16px; font-weight: normal; margin: 10px 0px; text-rendering: optimizelegibility;">
Time Interval definition: Custom macros used by App to dynamically define the more accurate span value</h2>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br /></div>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
NMON Splunk App uses an advanced search (eg. macro) to dynamically define the more accurate interval time definition possible within charts.<br />
<br />
Splunk has a charting limit of 1000 points per series, an adapted span value (time interval) has to be defined if we want charts to be more accurate than when Splunk sets itself this value<br />
This is why this custom macro is being defined based on analysing Time ranges supplied by users, see:</div>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<code style="background-color: #f7f7f9; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(225, 225, 232); color: #dd1144; font-family: 'Droid Sans Mono', Consolas, Monaco, 'Courier New', Courier, monospace; font-size: 10px; padding: 2px 4px; white-space: nowrap;">${SPLUNK_HOME}/etc/apps/nmon/default/macros.conf </code></div>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
If you have a different minimal time interval than 1 minute, you can customize these macro to adapt them to your data. (as for an example if you generate NMON data with an other process than Splunk)<br />
Simply copy macros.conf to your local/ directory and issue your modifications, please note a 5 minute time interval macro example if provided within configuration file.</div>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br /></div>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br /></div>
<h1 style="background-color: white; color: royalblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 20px; line-height: 32px; margin: 8px 0px; text-rendering: optimizelegibility;">
6. USAGE</h1>
<h2 style="background-color: white; color: darkslateblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 16px; font-weight: normal; margin: 10px 0px; text-rendering: optimizelegibility;">
NMON files conversion:</h2>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
As soon as NMON files are present in default monitor location or your own, NMON files conversion and Splunk indexing will start.<br />
<br />
NMON conversion treatment can be checked with request over "nmon" index and "nmon_processing" sourcetype, such as:<br />
<code style="background-color: #f7f7f9; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(225, 225, 232); color: #dd1144; font-family: 'Droid Sans Mono', Consolas, Monaco, 'Courier New', Courier, monospace; font-size: 10px; padding: 2px 4px; white-space: nowrap;">index="nmon" sourcetype="nmon_processing" | stats count by _time,source,md5sum </code><br />
<br />
source is equivalent to the full path and name of NMON files proceeded.</div>
<h2 style="background-color: white; color: darkslateblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 16px; font-weight: normal; margin: 10px 0px; text-rendering: optimizelegibility;">
Splunk NMON data indexing:</h2>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
Once converted, NMON data are generated into multiple csv files. (one file per kind of metric)<br />
In default configuration these files are located in $SPLUNK_HOME/etc/apps/nmon/var/csv_repository.<br />
<br />
Splunk will immediately index any csv file located within this directory in batch mode, meaning file deletion after being indexed.<br />
Please note that in a massive NMON data integration operation, this directory size may temporary greatly increase.</div>
<h2 style="background-color: white; color: darkslateblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 16px; font-weight: normal; margin: 10px 0px; text-rendering: optimizelegibility;">
Duplicate Events Management and re-indexing Data</h2>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
Because the Splunk archive processor manages itself NMON files (watch for them as it would any other file instead of running a standalone script input),<br />
a side effect of this was in first App versions resulting in the third party script being called multiple times by Splunk, and the data to be indexed being generated multiple times. To deal with this, a built-in md5sum feature had been included in the third party script.<br />
<br />
For each copy of an NMON file, an md5sum key is added to the file $SPLUNK_HOME/etc/apps/nmon/var/md5sum_reference.txt. Before generating data, the third party script will check if an md5sum key exists, if it does, the script won't generate any new data.<br />
The md5sum key / NMON file association can be checked within the nmon index / processing sourcetype. (see above) </div>
<h3 style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; margin: 8px 0px; text-rendering: optimizelegibility;">
If you need to re-index NMON data, you can proceed as follows:</h3>
<br />
<li style="line-height: 16px;">Stop Splunk</li>
<li style="line-height: 16px;">Delete $SPLUNK_HOME/etc/apps/nmon/var/md5sum_reference.txt</li>
<li style="line-height: 16px;">Delete nmon index (ensure you have backups if required !)</li>
<li style="line-height: 16px;">Verify Splunk has still access to previously proceeded NMON files</li>
<li style="line-height: 16px;">Start index and check indexing process</li>
<br />
<h2 style="background-color: white; color: darkslateblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 16px; font-weight: normal; margin: 10px 0px; text-rendering: optimizelegibility;">
Accessing NMON Metrics Raw Data:</h2>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<lu></lu>Every NMON Metrics are available through the "nmon" index and "nmon_data" sourcetype:<br />
<code style="background-color: #f7f7f9; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(225, 225, 232); color: #dd1144; font-family: 'Droid Sans Mono', Consolas, Monaco, 'Courier New', Courier, monospace; font-size: 10px; padding: 2px 4px; white-space: nowrap;">index=nmon sourcetype=nmon_data any other filters </code><br />
<br />
For example, Percentage of CPU Usage (known as CPU_ALL in NMON context) Raw data are available in inline search by:<br />
<code style="background-color: #f7f7f9; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(225, 225, 232); color: #dd1144; font-family: 'Droid Sans Mono', Consolas, Monaco, 'Courier New', Courier, monospace; font-size: 10px; padding: 2px 4px; white-space: nowrap;">index=nmon sourcetype=nmon_data type=CPU_ALL</code></div>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br />
For information, fields identification within Splunk is automatically achieved using the csv file header generated by the third party script.<br />
<br />
Beyond this, many views will work with computed fields or aggregation of fields and other filters such as time.<br />
The App Home Page will you give direct access to every content and views available. </div>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br /></div>
<h1 style="background-color: white; color: royalblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 20px; line-height: 32px; margin: 8px 0px; text-rendering: optimizelegibility;">
7. UPGRADE INSTRUCTIONS</h1>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
Upgrading Splunk for NMON App should be as easy as with any other App, just upgrade the App through the manager and you're done.<br />
<br />
Please note any configuration file located in "local" directory shall not be affected by any update process.<br />
<br />
Therefore, as with any upgrade or update operation, i strongly recommend to have up to date backups before trying any update, moreover on Production systems.</div>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br /></div>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br /></div>
<h1 style="background-color: white; color: royalblue; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 20px; line-height: 32px; margin: 8px 0px; text-rendering: optimizelegibility;">
8. REFERENCE MATERIAL</h1>
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<lu></lu></div>
<br />
<li style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;"><b>- nmon2csv.pl:</b></li>
<br />
<div style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px; margin-bottom: 8px; padding: 0px;">
<br />
third party script located in "SPLUNK_HOME/etc/apps/nmon/bin/nmon2csv.pl"<br />
Invoked by the Splunk Archive Processor whenever required, this script will translate NMON data into data Splunk can successfully exploit<br />
This is a standard perl script with no uncommon perl requirement</div>
<br />
<li style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;"><b>- nmon_for_linux.sh:</b> third party script to collect NMON data for Linux indexer or forwarder</li>
<li style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;"><b>- nmon_for_solaris.sh:</b> third party script to collect NMON data for Solaris indexer or forwarder</li>
<li style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 16px;"><b>- purge_nmon_repository.sh:</b> third party script to purge NMON repository (activated by default)</li>
<br />
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: white; color: #333333; font-family: Roboto, Droid, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 11.818181991577148px; line-height: 16px;"><br /></span></div>
Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com143tag:blogger.com,1999:blog-4353161337668741389.post-81277957158353161582013-02-03T14:45:00.000+01:002013-06-16T11:56:42.591+02:00Splunk Howto - Splunk for Netfilter Iptables, get a great Iptables Multi-host frontend with Splunk! (Iptables log parser)<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDsGmRLHsUxf0fZPRfu3cCOoRZtJCr_3xUlgWMSf3-xTtrMEIW4WcH4TQLtic3BclKWDKn-HmNeUodPituTa-boe7E8_F5md0xuLYGLJBfCSet1jieTOt_utltFKlVLQJXgjx7ueWq4H7B/s1600/banner.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="51" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDsGmRLHsUxf0fZPRfu3cCOoRZtJCr_3xUlgWMSf3-xTtrMEIW4WcH4TQLtic3BclKWDKn-HmNeUodPituTa-boe7E8_F5md0xuLYGLJBfCSet1jieTOt_utltFKlVLQJXgjx7ueWq4H7B/s400/banner.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwxsnP_dtJfWyjn91TZVfSLv_sRZYl97v3GkOubQ1IwFNSHqj2gyExRWC-aIa5vRoUALcnW__jqAhgFkYqspucPduYWLbhatwqVEug34PicX3kfjIcEn_fa9MCzpxRVTa6-Mnu4spnfYZW/s1600/S%C3%A9lection_001.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="100" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwxsnP_dtJfWyjn91TZVfSLv_sRZYl97v3GkOubQ1IwFNSHqj2gyExRWC-aIa5vRoUALcnW__jqAhgFkYqspucPduYWLbhatwqVEug34PicX3kfjIcEn_fa9MCzpxRVTa6-Mnu4spnfYZW/s640/S%C3%A9lection_001.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsz0VRH4tfCZ77UOJFaHz5lNCvfaM7gaSlmMv-u8p6IXVwYOgDB1LkMI_qo9Ge5XpLDfIV982hSUNv3iq545Ig4LK6IwPwE4MZ_cgJEwHLzmb46ZYjWgB0AH0Cnc1AigF2ZxHhCjsygCbL/s1600/screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="406" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsz0VRH4tfCZ77UOJFaHz5lNCvfaM7gaSlmMv-u8p6IXVwYOgDB1LkMI_qo9Ge5XpLDfIV982hSUNv3iq545Ig4LK6IwPwE4MZ_cgJEwHLzmb46ZYjWgB0AH0Cnc1AigF2ZxHhCjsygCbL/s640/screenshot.png" width="640" /></a></div>
<br />
<br />
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<i><span style="color: #666666;"><b style="font-size: x-large;">*** Updated</b><b style="font-size: x-large;"> June 14, 2013 ***</b></span></i></div>
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<i><span style="color: #666666;"><b style="font-size: x-large;"><br /></b></span></i></div>
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<i style="text-align: -webkit-auto;"><b>Current Version = 2.04</b></i></div>
<br />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b>Major changes:</b></i><br />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">14/06/2013 - Details completion</i><br />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">03/06/2013 - New major release V2.0</i><br />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">29/05/2013 - Typo correction</i><br />
<br />
<br />
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="text-align: -webkit-auto;"><span style="font-family: inherit;"><b>To install this addon, follow this link on Splunkbase or install it through the standard Splunk application process search online: </b></span></span></div>
<a href="http://splunk-base.splunk.com/apps/74262/splunk-for-netfilter-iptables">http://splunk-base.splunk.com/apps/74262/splunk-for-netfilter-iptables</a><br />
<br />
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<br /></div>
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="text-align: -webkit-auto;"><span style="text-align: -webkit-auto;"><b style="color: #990000; font-size: large; line-height: 25px;">Splunk pre-requirements:</b></span></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="text-align: -webkit-auto;"><span style="text-align: -webkit-auto;"><b style="color: #990000; font-size: large; line-height: 25px;"><br /></b></span></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="text-align: -webkit-auto;"><span style="text-align: -webkit-auto;"><b>Ensure to install requirements Splunk addons:</b></span></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="text-align: -webkit-auto;"><span style="text-align: -webkit-auto;"></span></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
</div>
<ul style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px; list-style-image: initial; list-style-position: initial; margin: 0.5em 0px; padding: 0px 2.5em;">
<li style="border: none; margin: 0px 0px 0.25em; padding: 0.25em 0px;"><span style="text-align: -webkit-auto;"><span style="text-align: -webkit-auto;"><span style="text-align: -webkit-auto;"><a href="http://sideviewapps.com/apps/sideview-utils/download-full-version-internal-use" style="color: #7d181e; text-decoration: initial;" target="_blank">Sideview utils addon</a> <b>(V2, not the older version available in Splunk base)</b></span></span></span></li>
<li style="border: none; margin: 0px 0px 0.25em; padding: 0.25em 0px;"><span style="text-align: -webkit-auto;"><span style="text-align: -webkit-auto;"><span style="text-align: -webkit-auto;"><a href="http://splunk-base.splunk.com/apps/22365/google-maps" style="color: #7d181e; text-decoration: initial;" target="_blank">Google Maps addon</a></span></span></span></li>
<li style="border: none; margin: 0px 0px 0.25em; padding: 0.25em 0px;"><span style="text-align: -webkit-auto;"><span style="text-align: -webkit-auto;"><span style="text-align: -webkit-auto;"><a href="http://splunk-base.splunk.com/apps/22282/geo-location-lookup-script-powered-by-maxmind" style="color: #7d181e; text-decoration: initial;" target="_blank">Maxmind geo location addon</a></span></span></span></li>
</ul>
<br />
<br />
<br />
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<b style="color: #990000; font-size: large; line-height: 25px;">Splunk For Netfilter Iptables:</b></div>
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="text-align: -webkit-auto;"><span style="font-family: inherit;"><br /></span></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<br /></div>
<div class="separator" style="clear: both;">
<span style="color: #990000; font-size: large;"><b><i>Home application page:</i></b></span></div>
<div class="separator" style="clear: both; font-size: 13px;">
<br /></div>
<div class="separator" style="clear: both; text-align: start;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><b><i>Centralized Home page including Real time alert trend and majors stats:</i></b></span></span></div>
<div class="separator" style="clear: both; text-align: start;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><b><i><br /></i></b></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_dMzzfE5X6Ef0f634AnPBvyksMJoiQrSyudFCd0No82d9VB5FI0S4RmVL0H70Cist3JXtRCi6H8DltIRavUfi7Okca4LYIZzs-Jq2wu3SVeMXAtL5tvOydrP5E5NSyacbp3NgrQT49ncZ/s1600/S%C3%A9lection_380.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="246" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_dMzzfE5X6Ef0f634AnPBvyksMJoiQrSyudFCd0No82d9VB5FI0S4RmVL0H70Cist3JXtRCi6H8DltIRavUfi7Okca4LYIZzs-Jq2wu3SVeMXAtL5tvOydrP5E5NSyacbp3NgrQT49ncZ/s640/S%C3%A9lection_380.jpg" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJWX-cG2-JJPST2wUKntIt6v3I6U6NVz4KOv0vo5f0D97eTaUQKqCfuMDRtOCjAouL18sc4iDhY-oyrgeiEt6otqXzdRcTKxbkzpm7LA8Qp6IDz9q_pIQ7eTwOWpgl-cemp-ScQbta-YCv/s1600/S%C3%A9lection_381.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="120" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJWX-cG2-JJPST2wUKntIt6v3I6U6NVz4KOv0vo5f0D97eTaUQKqCfuMDRtOCjAouL18sc4iDhY-oyrgeiEt6otqXzdRcTKxbkzpm7LA8Qp6IDz9q_pIQ7eTwOWpgl-cemp-ScQbta-YCv/s640/S%C3%A9lection_381.jpg" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBR0tDOBKUxis8HI_QYdTle1uOXUZJZd-bhsID0FlG9LnMO4C4iQsnwX-KYPP30yFiidzKZZy4OLzX2IV1XkQcGd2Amnl0B9JLHOlhx8gpkW1LFjV3InRZhoCoBfoth-CCbnGzd14hLEfw/s1600/screen2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="134" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBR0tDOBKUxis8HI_QYdTle1uOXUZJZd-bhsID0FlG9LnMO4C4iQsnwX-KYPP30yFiidzKZZy4OLzX2IV1XkQcGd2Amnl0B9JLHOlhx8gpkW1LFjV3InRZhoCoBfoth-CCbnGzd14hLEfw/s640/screen2.png" width="640" /></a></div>
<br />
<i>Page Details:</i><br />
<br />
<b><i><span style="color: #990000;">1. Realtime view menu with statically defined time window</span></i></b><br />
<br />
Access to following views in Realtime data analysis mode with major time window: <br />
<ul>
<li><b>Activity Overview:</b> Complete analysis of Iptables activity with charts and stats</li>
<li><b>Google Map:</b> World map overview of identified origin connections</li>
</ul>
<div>
<br />
<b><i><span style="color: #990000;">2. View menu with TimeRange button access</span></i></b></div>
<br />
Access to following views: <br />
<ul>
<li><b>Activity Overview:</b> Complete analysis of Iptables activity with charts and stats</li>
<li><b>Google Map:</b> World map overview of identified origin connections</li>
<li><b>Event Search:</b> Event search interface using various filters</li>
</ul>
<br />
<div>
<b><i><span style="color: #990000;">3. Quick Activity Overview</span></i></b></div>
<br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEih2-bXftrNOxgYQboizZCn9TEls94_CV-RA0Ck4688l0X331cBs2uUzsvkQyMidUFoYg7dgYUp4h7w20AZ7mw83ylqpy92DVEnR3FN2M97FkoZHc8F1ZLs9nqGR_AUvaj98iai4czNQr5t/s1600/S%C3%A9lection_376.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="174" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEih2-bXftrNOxgYQboizZCn9TEls94_CV-RA0Ck4688l0X331cBs2uUzsvkQyMidUFoYg7dgYUp4h7w20AZ7mw83ylqpy92DVEnR3FN2M97FkoZHc8F1ZLs9nqGR_AUvaj98iai4czNQr5t/s320/S%C3%A9lection_376.jpg" width="320" /></a></div>
<ul>
<li>Total number of connections denied in Realtime mode with a 24 hours time window</li>
</ul>
<div>
<ul>
<li>Date and hour of the <u>first</u> event indexed in Iptables index</li>
</ul>
<div>
<ul>
<li>Date and hour of the <u>last</u> event indexed in Iptables index</li>
</ul>
</div>
</div>
<br />
<br />
<div>
<b><i><span style="color: #990000;">4. Alert trend:</span></i></b></div>
<div>
<b><i><span style="color: #990000;"><br /></span></i></b></div>
<div>
Alert trend of denied connection activity in Realtime mode using a 24 hours time window: (Area chart)</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjheHp-RXvphNitnXY9YB8GBHIu-o-ZxA9S-Dif3iIHaHFi0rlROD1ZbbUOmXA2gyz1GVEGtiEsTnfsfl-f8rJ7fMnP3YQoVhxnrJnIJRPP4kPbt2hS2rCYyzlRqtvclutIzw0ACLizQd4e/s1600/S%C3%A9lection_377.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="182" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjheHp-RXvphNitnXY9YB8GBHIu-o-ZxA9S-Dif3iIHaHFi0rlROD1ZbbUOmXA2gyz1GVEGtiEsTnfsfl-f8rJ7fMnP3YQoVhxnrJnIJRPP4kPbt2hS2rCYyzlRqtvclutIzw0ACLizQd4e/s640/S%C3%A9lection_377.jpg" width="640" /></a></div>
<br />
<br />
<div>
<b><i><span style="color: #990000;">5. Top Offenser stats:</span></i></b></div>
<div>
<b><i><span style="color: #990000;"><br /></span></i></b></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoNeU3J12fee20ZzBSB8qRlhE4h0Gt0DmSK4G2Twyt3PaOvU9qaYedq9UK7lpyhbRm-XjXvgc_w2JafXatJl_SWGzoTWioHuY6Orguf4wwVbF2baTz-hO-sg-3DmSIxicv10aLJopWcCNt/s1600/S%C3%A9lection_378.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="156" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoNeU3J12fee20ZzBSB8qRlhE4h0Gt0DmSK4G2Twyt3PaOvU9qaYedq9UK7lpyhbRm-XjXvgc_w2JafXatJl_SWGzoTWioHuY6Orguf4wwVbF2baTz-hO-sg-3DmSIxicv10aLJopWcCNt/s400/S%C3%A9lection_378.jpg" width="400" /></a></div>
<br />
<b>Major stats about Top offenser in Realtime 24 hours time window mode:</b><br />
<ul>
<li><b>Client IP:</b> IP with the higher number of connections denied</li>
<li><b>Last Event Time:</b> Date and hour of last connection occurence</li>
<li><b>Connections denied:</b> Total number of connections denied for this host</li>
<li><b>Country origin:</b> Identified country origin of this host (Unknown of unidentified)</li>
<li><b>Last destination IP:</b> Last event destination IP</li>
<li><b>Last protocol:</b> Last event protocol</li>
<li><b>Last source port:</b> Last event source port</li>
<li><b>Last destination port:</b> Last event destination port</li>
<li><b>Last service:</b> Last event network service name (Unknown if non IANA reserved port)</li>
<li><b>Reporting server:</b> Last event reporting server for this host</li>
</ul>
<br />
<div>
<b><i><span style="color: #990000;">6. Last connections denied stats:</span></i></b></div>
<div>
</div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3kwfIfjSlZGVf4DLhHUwYdK47Dnog5AsXrJwBKiwfADEN6asyA9obV8xBBoltU9VogmuEpM199Pin5aaMo1Vk3wcRYYo92OutKydYJeigCr8R28-xgixANEieQSqiigGPUSNwY7LiVXIE/s1600/S%C3%A9lection_379.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="157" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3kwfIfjSlZGVf4DLhHUwYdK47Dnog5AsXrJwBKiwfADEN6asyA9obV8xBBoltU9VogmuEpM199Pin5aaMo1Vk3wcRYYo92OutKydYJeigCr8R28-xgixANEieQSqiigGPUSNwY7LiVXIE/s400/S%C3%A9lection_379.jpg" width="400" /></a></div>
<br />
<br />
<b>Major stats about last connection denied in Realtime 24 hours time window mode:</b><br />
<ul>
<li><b>Client IP:</b> IP of the last denied connection</li>
<li><b>Event Time:</b> Date and hour of last connection denied</li>
<li><b>Interface:</b> Logical interface name reported by Iptables</li>
<li><b>Country origin:</b> Identified country origin of this host (Unknown of unidentified)</li>
<li><b>Destination IP:</b> Destination IP of this event</li>
<li><b>Protocol:</b> Protocol reported of this event</li>
<li><b>Source port:</b> Source connection port</li>
<li><b>Destination port:</b> Destination connection port</li>
<li><b>Service:</b> Network service name (Unknown if non IANA reserved port)</li>
<li><b>Reporting server:</b> Reporting server for this connection</li>
</ul>
<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<div class="separator" style="clear: both;">
<span style="color: #990000; font-size: large;"><b><i>Iptables Activity Overview Dashboard (Realtime/Timerange):</i></b></span></div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRn77CyITv-UBndpFW07YEyB0iFsQSM7ayf72p57w2lQe5WEUSEqDSGDJIK5WjGtSUQksjbVasWPljsrDbMHezxEIrJB1oVSC85_0yzArwKbKmFtfE88wdohAUf3uVSy2QTbg6j_Ht1oVU/s1600/screen3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="340" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRn77CyITv-UBndpFW07YEyB0iFsQSM7ayf72p57w2lQe5WEUSEqDSGDJIK5WjGtSUQksjbVasWPljsrDbMHezxEIrJB1oVSC85_0yzArwKbKmFtfE88wdohAUf3uVSy2QTbg6j_Ht1oVU/s640/screen3.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEbP5LgbV4_m-342ETT9fu0WPnVEj9c9k7of6oXBGYGV5qTFtHJsJQpW2YKze4gn0fd-Az4YSVFvmPi1BfodUj6yZIHDt2NqUj0ThFQnVUU_BOJrAPMl8Lj4-0ROT4tjDZISABf1HOn8Rt/s1600/screen4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="210" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEbP5LgbV4_m-342ETT9fu0WPnVEj9c9k7of6oXBGYGV5qTFtHJsJQpW2YKze4gn0fd-Az4YSVFvmPi1BfodUj6yZIHDt2NqUj0ThFQnVUU_BOJrAPMl8Lj4-0ROT4tjDZISABf1HOn8Rt/s640/screen4.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiC3t_GgAhkeg2gIJTz4doHgjS0TO56HUhyphenhyphen7F3iloutCCkJ-BpO1DfQZH3CjlTPO61jrtnneutpUG6lRoC3zXL4wQuKlsWeQ2H485DosgDKw7Hc29DWTNUEag1HuPCd2fF8Yp-md4GK7u3_/s1600/screen5.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="362" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiC3t_GgAhkeg2gIJTz4doHgjS0TO56HUhyphenhyphen7F3iloutCCkJ-BpO1DfQZH3CjlTPO61jrtnneutpUG6lRoC3zXL4wQuKlsWeQ2H485DosgDKw7Hc29DWTNUEag1HuPCd2fF8Yp-md4GK7u3_/s640/screen5.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5wgKYucskm3o87obxg9gV5bpyEZIDXSXB1cSi0vM2aCxI0CErvQETjF7tCJYlrWO3UVRqSuF1DPHji7WTS98ugR0zyc10lFAQHxSrIyXZ_f3_0us9wh5A_3T17V-pAGnkVqOB3HzsBKCR/s1600/screen6.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="380" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5wgKYucskm3o87obxg9gV5bpyEZIDXSXB1cSi0vM2aCxI0CErvQETjF7tCJYlrWO3UVRqSuF1DPHji7WTS98ugR0zyc10lFAQHxSrIyXZ_f3_0us9wh5A_3T17V-pAGnkVqOB3HzsBKCR/s640/screen6.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhd02NSgu12F00uAaXQYQDCFip0tu8Iqh-smhpKNi2KAyiFnOot63HFWluudwSluGelAOhdRXa-nPYxx769D3gWyWAipjraRzduBzjtLTbE3L1uOPFWLIkzzZ_rKDRvsh3QXJ5G-YSDsD4Y/s1600/screen7.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhd02NSgu12F00uAaXQYQDCFip0tu8Iqh-smhpKNi2KAyiFnOot63HFWluudwSluGelAOhdRXa-nPYxx769D3gWyWAipjraRzduBzjtLTbE3L1uOPFWLIkzzZ_rKDRvsh3QXJ5G-YSDsD4Y/s640/screen7.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<i><b>Dashboard details</b></i><br />
<br />
<br />
<div>
<b><i><span style="color: #990000;">1. Timerange overview:</span></i></b></div>
<div>
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjND-DLli_AB8Gel6sIgKm8IqSQKu2Qdrf8Tst9mUAi96WwForCCc9dNT_YkOKJrfsYkVZPeuvR9IfcCWY9nyylSXl2OzLVUgf0mQfFhT2tydWVBXwSSdczDhOnw1glfF-MS7VkyDAdVd9g/s1600/S%C3%A9lection_382.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="173" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjND-DLli_AB8Gel6sIgKm8IqSQKu2Qdrf8Tst9mUAi96WwForCCc9dNT_YkOKJrfsYkVZPeuvR9IfcCWY9nyylSXl2OzLVUgf0mQfFhT2tydWVBXwSSdczDhOnw1glfF-MS7VkyDAdVd9g/s320/S%C3%A9lection_382.jpg" width="320" /></a></div>
<ul>
<li><b>Span Time value:</b></li>
</ul>
<div>
The span time value is dynamically defined using a Macro to get the best chart granularity, this is being used in chart command using "span=$Span$"</div>
<div>
<br /></div>
<div>
In Realtime mode, this is statically defined to 1 minute, in Timerange mode the range value can be automatically set from 5 minutes to several hours depending of the time range width.</div>
<div>
<br /></div>
<div>
<ul>
<li><b>Begin Time Analysis:</b> Date and hour of the begining of the selected time range</li>
</ul>
<ul>
<li><b>End Time Analysis:</b> Date and hour ot the end of the selected time range</li>
</ul>
</div>
<br />
<div>
<b><i><span style="color: #990000;">2. Activity Summary:</span></i></b></div>
<div>
</div>
<br />
This section presents various stats about more important informations of Iptables activity:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgaBUMdrYF2U4qtZPl_55S5SbIaLIgJ71ScpxNiZ25UuxmStBf9dUb0qcGbAoako6PL1ZUdxgw7VB0n9xby1h2XBBMricuq2AyUxK4ReHoHs4SpZrvnXKRAIfq9Jv4Akj3mguou5WagMy_q/s1600/S%C3%A9lection_383.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="145" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgaBUMdrYF2U4qtZPl_55S5SbIaLIgJ71ScpxNiZ25UuxmStBf9dUb0qcGbAoako6PL1ZUdxgw7VB0n9xby1h2XBBMricuq2AyUxK4ReHoHs4SpZrvnXKRAIfq9Jv4Akj3mguou5WagMy_q/s640/S%C3%A9lection_383.jpg" width="640" /></a></div>
<br />
<ul>
<li><b>Number of connections denied:</b> Total number of connections denied within the time range</li>
<li><b>Top offenser:</b> Client IP with the highest number of connections denied</li>
<li><b>Denied for Top offenser:</b> Total number of connections denied for the Top offenser host</li>
<li><b>Country origin for Top Offenser:</b> Country origin for this host, Unknown if can't be identified</li>
<li><b>Top Protocol:</b> Protocol most often attempted within the selected time range</li>
<li><b>Top Source port:</b> Source port most often attempted</li>
<li><b>Top Destination port:</b> Destination port most often attempted</li>
<li><b>Top Identified network service:</b> Network service most often attempted</li>
<li><b>Top Destination IP:</b> Destination IP most often reported</li>
<li><b>Top Country origin:</b> Identified country most often reported</li>
<li><b>Top Reporting Host:</b> Iptables host with the highest number of denied connections</li>
</ul>
<br />
<br />
<div>
<b><i><span style="color: #990000;">3. Alert trend chart and peak load identification:</span></i></b></div>
<div>
</div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEifjTa3ylI5Pys6ds9H-VZ51A47vnbld9GB6PnyN68tVV6KEfPDcjzjvm6bUNHQvDLGmAGo_Nl_qfFvl34YuaPTdS7sarTvf9KGYVAKVc7abvCBsFpJYQFxlB20jUEVaQP1pmgWgakk2rtX/s1600/S%C3%A9lection_385.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="170" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEifjTa3ylI5Pys6ds9H-VZ51A47vnbld9GB6PnyN68tVV6KEfPDcjzjvm6bUNHQvDLGmAGo_Nl_qfFvl34YuaPTdS7sarTvf9KGYVAKVc7abvCBsFpJYQFxlB20jUEVaQP1pmgWgakk2rtX/s640/S%C3%A9lection_385.jpg" width="640" /></a></div>
<br />
<i>This sections shows:</i><br />
<br />
<b>- Alert trend by Iptables reporting host:</b><br />
<br />
For Realtime, the span value (eg. span=) is statically defined in the XML hard code<br />
<br />
For Timerange, the span value is dynamically defined by a macro (see Macro.conf) depending on the width of the time range itself, the goal here is to get the better chart granularity possible<br />
<br />
<b>- Peak load identification:</b><br />
<br />
We identify here the peak load within the selected time range, how many connections were refused (drop and deny) and when.<br />
<br />
Then this is being represented inside inside a gauge where the range (green, yellow, red range) will dynamically be defnied by a subsearch inside the global query.<br />
<br />
These gauge range values will depend on the arithmetical mean result of denied connections for past 48 hours, the goal is to represent a potentil abnormal Iptables activity. (eg. being under attack)<br />
<br />
The analysis result here should always equivalent between the chart and peak load. (both are cumulated results for all reporting hosts)<br />
<br />
<br />
<br />
<div>
<b><i><span style="color: #990000;">4. Last Events:</span></i></b></div>
<div>
</div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2hXDr5JarTr5drmwp10OeVPsAH1m34UIDag4_rXGzsT1kjTnnesAmYSH-0SMwhmxV1vAmHTgGsmiq0zRwZjN0DWopX8Otdv1VKjojI38Epeg-3sxmncZ_Jtc9kTIDAJVCV1-ar0xXrn5k/s1600/S%C3%A9lection_386.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="192" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2hXDr5JarTr5drmwp10OeVPsAH1m34UIDag4_rXGzsT1kjTnnesAmYSH-0SMwhmxV1vAmHTgGsmiq0zRwZjN0DWopX8Otdv1VKjojI38Epeg-3sxmncZ_Jtc9kTIDAJVCV1-ar0xXrn5k/s640/S%C3%A9lection_386.jpg" width="640" /></a></div>
<br />
Last 100 events represented by major type of data, click on show result to export them or change the request.<br />
<br />
<br />
<br />
<br />
<div>
<b><i><span style="color: #990000;">4. TOP Source IP and Country Origin:</span></i></b></div>
<div>
</div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiC3t_GgAhkeg2gIJTz4doHgjS0TO56HUhyphenhyphen7F3iloutCCkJ-BpO1DfQZH3CjlTPO61jrtnneutpUG6lRoC3zXL4wQuKlsWeQ2H485DosgDKw7Hc29DWTNUEag1HuPCd2fF8Yp-md4GK7u3_/s1600/screen5.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em; text-align: left;"><img border="0" height="362" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiC3t_GgAhkeg2gIJTz4doHgjS0TO56HUhyphenhyphen7F3iloutCCkJ-BpO1DfQZH3CjlTPO61jrtnneutpUG6lRoC3zXL4wQuKlsWeQ2H485DosgDKw7Hc29DWTNUEag1HuPCd2fF8Yp-md4GK7u3_/s640/screen5.png" width="640" /></a></div>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<b><br /></b>
<br />
<b><br /></b>
<b>- Top 10 pie chart and Top 100 data client IP with country origin identification</b><br />
<br />
<b>- Top 10 pie chart and Top 100 country origin of denied connections</b><br />
<br />
<br />
<br />
<div>
<b><i><span style="color: #990000;">5. TOP Network Services and Destination Port:</span></i></b></div>
<div>
</div>
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5wgKYucskm3o87obxg9gV5bpyEZIDXSXB1cSi0vM2aCxI0CErvQETjF7tCJYlrWO3UVRqSuF1DPHji7WTS98ugR0zyc10lFAQHxSrIyXZ_f3_0us9wh5A_3T17V-pAGnkVqOB3HzsBKCR/s1600/screen6.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" height="380" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5wgKYucskm3o87obxg9gV5bpyEZIDXSXB1cSi0vM2aCxI0CErvQETjF7tCJYlrWO3UVRqSuF1DPHji7WTS98ugR0zyc10lFAQHxSrIyXZ_f3_0us9wh5A_3T17V-pAGnkVqOB3HzsBKCR/s640/screen6.png" width="640" /></a><br />
<br />
<b><i>Data is being represented by:</i></b><br />
<br />
<b>- Top 10 pie chart and Top 100 data Network Services attempted:</b><br />
<br />
Network services are identified whenever they are destination port known as reserved (for most of theme IANA ports reserved) using a csv input lookup.<br />
<br />
See props.conf and transform.conf, Networking services are automatically defined for any event under the field called "Service", when the destination port is not known as reserved or standard port, the service name will defined under the value "Unknown".<br />
<br />
<b>- Top 10 pie chart and Top 100 destination port attempted with Network Service name identification</b><br />
<br />
<br />
<br />
<div>
<b><i><span style="color: #990000;">6. TOP Reporting Servers:</span></i></b></div>
<div>
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhd02NSgu12F00uAaXQYQDCFip0tu8Iqh-smhpKNi2KAyiFnOot63HFWluudwSluGelAOhdRXa-nPYxx769D3gWyWAipjraRzduBzjtLTbE3L1uOPFWLIkzzZ_rKDRvsh3QXJ5G-YSDsD4Y/s1600/screen7.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhd02NSgu12F00uAaXQYQDCFip0tu8Iqh-smhpKNi2KAyiFnOot63HFWluudwSluGelAOhdRXa-nPYxx769D3gWyWAipjraRzduBzjtLTbE3L1uOPFWLIkzzZ_rKDRvsh3QXJ5G-YSDsD4Y/s640/screen7.png" width="640" /></a></div>
<br />
<br />
<i><b>Data being represented by:</b></i><br />
<br />
<b>- Top 10 pie chart ad top 100 data Iptables Reporting Servers</b><br />
<br />
<br />
<br />
<div class="separator" style="clear: both;">
<span style="color: #990000; font-size: large;"><b><i>Real-Time and Time-Range Google Maps view:</i></b></span></div>
<br />
<br />
<div style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="text-align: -webkit-auto;"><span style="color: #990000;"><span style="font-family: inherit;"><b><i>Real-Time and Time-Range Google Maps Dashboard, identify the source of connexion attempts</i></b></span></span></span></div>
<div style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="text-align: -webkit-auto;"><span style="color: #990000;"><span style="font-family: inherit;"><b><i><br /></i></b></span></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4PJhi5DkuvgsDtvF3H4snH3XGYoJJaEyAhMgY9RyGm0sSszCXnBBwSxMU0Yf0a-M90ecQE-Z4_cbYR-N_8v4j-tMFbd-xWHVZbe_ncBamabF-bsdmNn80sEGPyozu9i9eT6j-gZ35wbNR/s1600/maps+RT.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="288" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4PJhi5DkuvgsDtvF3H4snH3XGYoJJaEyAhMgY9RyGm0sSszCXnBBwSxMU0Yf0a-M90ecQE-Z4_cbYR-N_8v4j-tMFbd-xWHVZbe_ncBamabF-bsdmNn80sEGPyozu9i9eT6j-gZ35wbNR/s640/maps+RT.png" width="640" /></a></div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhn1NoYvrIgB-xbGh4Fvy25v_PiK_okl0715hR5IVllmXVbHYfKYDo8JZ0A0sGw8gTBlayKHLW6xgpTAPdZCVW3hyq3RJRTXrPIrKCa74aUO1R2l7p1jVrX1pOKdbmTMPy0wBDzm3fpuik/s1600/maps.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="302" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhn1NoYvrIgB-xbGh4Fvy25v_PiK_okl0715hR5IVllmXVbHYfKYDo8JZ0A0sGw8gTBlayKHLW6xgpTAPdZCVW3hyq3RJRTXrPIrKCa74aUO1R2l7p1jVrX1pOKdbmTMPy0wBDzm3fpuik/s640/maps.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both;">
<span style="color: #990000; font-size: large;"><b><i>Event Search Interfaces:</i></b></span></div>
<br />
<br />
<div style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="text-align: -webkit-auto;"><span style="color: #990000;"><span style="font-family: inherit;"><b><i>Raw-Data and Charts Dedicated Event search interfaces:</i></b></span></span></span></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBQHL7k4GzlnmmGCM2kfhcxgiEW22dtD8GEaZl30KZr5zSYCTDmOV6hoEDQeemXv1jzGQZQJXfnhDHX_IU5BFave-0kBM2-tq_G9Gk5wbDMGNKsfiry_8ZyRO1-Dcbyi4l7nZ7Tq1Pwurn/s1600/screen9.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="446" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBQHL7k4GzlnmmGCM2kfhcxgiEW22dtD8GEaZl30KZr5zSYCTDmOV6hoEDQeemXv1jzGQZQJXfnhDHX_IU5BFave-0kBM2-tq_G9Gk5wbDMGNKsfiry_8ZyRO1-Dcbyi4l7nZ7Tq1Pwurn/s640/screen9.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<br />
<div style="background-color: #fefdfa; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: #990000;"><b><i>And associated saved Searches...</i></b></span></div>
<br />
<br />
<br />
<br />
<div class="separator" style="clear: both;">
<span style="color: #990000; font-size: large;"><b><i>System Dashboard, Iptables Index Activity:</i></b></span></div>
<div>
<span style="color: #990000; font-size: large;"><b><i><br /></i></b></span></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiSHrxkEaRMH5ayHOJ98kdO8rI1hbF2VzpoKzCSFzoCtOdN3FdyDAsns_fz4ZIqWt2hOG21Z1iLJ_P84kZf2J8W8CifyO9DdlhZ0xb8_KZbpUUXTXXGuqdzVhdaX8RDWpo_vPz383uOkYb7/s1600/S%C3%A9lection_370.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="222" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiSHrxkEaRMH5ayHOJ98kdO8rI1hbF2VzpoKzCSFzoCtOdN3FdyDAsns_fz4ZIqWt2hOG21Z1iLJ_P84kZf2J8W8CifyO9DdlhZ0xb8_KZbpUUXTXXGuqdzVhdaX8RDWpo_vPz383uOkYb7/s640/S%C3%A9lection_370.jpg" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvKOVTJLuFZsVURWY_uPpBVEiOhPs1A0hAsmo07FrZi2v30rCwUFVetq1txquVC5B06U_6Y3L5v7i8x7Hem0_ytl8Rf8RcB_HShADsgxkBPlaCUulPipsaS_S-UNAfICn-do6HpMBeTQo1/s1600/S%C3%A9lection_371.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="266" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvKOVTJLuFZsVURWY_uPpBVEiOhPs1A0hAsmo07FrZi2v30rCwUFVetq1txquVC5B06U_6Y3L5v7i8x7Hem0_ytl8Rf8RcB_HShADsgxkBPlaCUulPipsaS_S-UNAfICn-do6HpMBeTQo1/s640/S%C3%A9lection_371.jpg" width="640" /></a></div>
<br />
<br />
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="text-align: -webkit-auto;"><b style="color: #990000; font-size: large; line-height: 25px;">Installation and utilization</b></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="text-align: -webkit-auto;"><span style="font-size: xx-small;"><br /></span></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="text-align: -webkit-auto;"></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="text-align: -webkit-auto;"><span style="text-align: -webkit-auto;"><b style="color: #990000; font-size: large; line-height: 25px;"><i>Introduction</i></b></span></span></div>
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="text-align: -webkit-auto;"><span style="font-family: inherit;">Installing and configuring Splunk is out of the scope of this post, installing Splunk is really easy and well done, in 10 minutes you'll be done ^^</span></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="text-align: -webkit-auto;"><span style="font-family: inherit;"><br /></span></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="text-align: -webkit-auto;"><span style="font-family: inherit;"><a href="http://www.splunk.com/download" style="color: #7d181e; text-decoration: initial;" target="_blank">Download Splunk !</a></span></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="text-align: -webkit-auto;"><span style="font-family: inherit;"><br /></span></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px; text-align: -webkit-auto;">
<span style="font-family: inherit;"><b>As a brieve description, here is how Splunk for Iptables works:</b></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px; text-align: -webkit-auto;">
<span style="font-family: inherit;"><br /></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px; text-align: -webkit-auto;">
<span style="font-family: inherit;">- Configure Iptables to log dropped or rejected packets using Syslog</span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px; text-align: -webkit-auto;">
<span style="font-family: inherit;">- Splunk collects our data and produces the IT </span>intelligence</div>
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px; text-align: -webkit-auto;">
<span style="font-family: inherit;"><br /></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; text-align: -webkit-auto;">
<span style="color: #990000; font-family: inherit;"><span style="line-height: 18px;"><b>INFORMATION: </b></span></span><span style="font-family: inherit;"><br /></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; text-align: -webkit-auto;">
<span style="color: #990000; font-family: inherit;"><span style="line-height: 18px;"><b><br /></b></span></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; text-align: -webkit-auto;">
<span style="line-height: 18px;"><b>Please note that this application intends to analyse denied or dropped connections, any event containing following pattern will not be analysed by Splunk:</b></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; text-align: -webkit-auto;">
<span style="line-height: 18px;"><br /></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; text-align: -webkit-auto;">
<span style="line-height: 18px;"><span style="font-family: Courier New, Courier, monospace;">- "ACCEPT" OR "Accept" OR "ALLOW" OR "Allow"</span></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; text-align: -webkit-auto;">
<span style="line-height: 18px;"><br /></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; text-align: -webkit-auto;">
<span style="line-height: 18px;">Even if indexed by Splunk, if an event contains one of these patterns, it will be expected to be tagged as an accepted connection. If you need to adapt this general configuration to your own situation, please create a local Macro.conf containing the macro customized to your needs:</span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; text-align: -webkit-auto;">
<span style="line-height: 18px;"><br /></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; text-align: -webkit-auto;">
<span style="line-height: 18px;"><b>If you need custom settings, create your local Macro.conf:</b></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; text-align: -webkit-auto;">
<span style="line-height: 18px;"><br /></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; text-align: -webkit-auto;">
<span style="line-height: 18px;"><span style="font-family: Courier New, Courier, monospace;">$SPLUNK_HOME/etc/apps/iptables/local/Macro.conf:</span></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; text-align: -webkit-auto;">
<span style="line-height: 18px;"><span style="font-family: Courier New, Courier, monospace;">### Iptables sourcetype</span></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; text-align: -webkit-auto;">
<span style="line-height: 18px;"><span style="font-family: Courier New, Courier, monospace;">[iptables_src]</span></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; text-align: -webkit-auto;">
<span style="line-height: 18px;"><span style="font-family: Courier New, Courier, monospace;">definition = sourcetype="iptables_source" NOT "ACCEPT" OR "Accept" OR "ALLOW" OR "Allow"</span></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; text-align: -webkit-auto;">
<span style="line-height: 18px;"><span style="font-family: Courier New, Courier, monospace;">iseval = 0</span></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; text-align: -webkit-auto;">
<span style="font-family: Courier New, Courier, monospace;"><span style="line-height: 18px;"></span></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; text-align: -webkit-auto;">
<span style="line-height: 18px;"><span style="font-family: Courier New, Courier, monospace;">Save your local/Macro.conf file and restart Splunk.</span></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; text-align: -webkit-auto;">
<span style="color: #990000; font-family: inherit;"><span style="line-height: 18px;"><b><br /></b></span></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; line-height: 18px; text-align: -webkit-auto;">
<b><span style="font-family: inherit;">Installation and configuration will be done in a few steps:</span></b></div>
<div class="separator" style="background-color: #fefdfa; clear: both; color: #333333; line-height: 18px; text-align: -webkit-auto;">
<span style="font-family: inherit;"><br /></span></div>
<div class="separator" style="background-color: #fefdfa; clear: both; text-align: -webkit-auto;">
</div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><b>SUMMARY OF STEPS:</b></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><b>Iptables / Syslog Configurations steps:</b></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">1. Set each Iptables reporting host to log events using SYSLOG</span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">2. Configure SYSLOG to trap these events and put them in a dedicated log file of your choice</span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">3. Test your Iptables / Syslog configuration to ensure events are being sucessfully trapped by your centralized Syslog</span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><b>Splunk configuration steps:</b></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">4. Add Input source log file(s) in Splunk corresponding to the log file where your Syslog is trapping events</span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">7. Open Splunk for Iptables and observe the magical power of Splunk ^^</span></span></div>
<br />
<br />
<br />
<br />
<br />
<span style="color: #990000; font-family: inherit; font-size: large;"><b>Part 1 : Configuration of Iptables and Syslog</b></span><br />
<span style="font-family: inherit;"><br /></span>
<span style="color: #990000; font-family: inherit;"><b>1. Set each Iptables reporting host to log dropped or rejected packets</b></span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">Configuring Iptables is far away from the scope of this guide, the only thing required is to configure Iptables to log inbound dropped and rejected packets. (by default, Iptables logs its events to Syslog)</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">Iptables shall use a prefix pattern to log, this will be used first to manually recognize Iptables events in main syslog file, and then it shall be used to catched these events into a dedicated log file. (not obligatory but recommended)</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;"><br /></span>
<span style="color: #990000; font-family: inherit; font-size: large;"><b>Part 2 : Configuration of Syslog</b></span><br />
<br />
<span style="color: #990000; font-family: inherit;"><b>In 2 steps:</b></span><br />
<br />
<span style="font-family: inherit;">- if you want to manage different Iptables reporting hosts servers from Splunk, then read the Multiple Iptables client configuration note</span><br />
<span style="font-family: inherit;">- If you just have one host to manage (Iptables and Splunk are installed in the same host), then just follow the common configuration section</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;"><br /></span>
<span style="color: #990000; font-family: inherit;"><b>MULTIPLE IPTABLES CLIENT CONFIGURATION NOTE: Remote and centralized Syslog configuration:</b></span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">Configuring Syslog to send events from a Syslog host to a a remote Syslog server is out of the scope of this guide.</span><br />
<span style="font-family: inherit;">Therefore, if you want to send Iptables events of different hosts, you can choose between different solutions, as:</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">- Sending events using Syslog to a remote centralized Syslog</span><br />
<span style="font-family: inherit;">- Sending events from local log file using Splunk forwarder module</span><br />
<span style="font-family: inherit;">- Others (homemade scripts...)</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">I would recommend using "Rsyslog" (Enhanced Syslog version that comes with many modern Linux OS) to achieve this, which is </span>indeed<span style="font-family: inherit;"> easy enough.</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">Here is in 2 steps a quick syslog centralized configuration: (remember to restart rsyslog after each modification)</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;"><b>1.</b> In client rsyslog host, modify "/etc/rsyslog.conf" and add a section to send any events to your Syslog server: (adapt the example IP) </span><br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">*.* @192.168.1.254:514 </span></span></pre>
<br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;"><b>2.</b> In syslog server configuration, create a configuration file that will catch any remote client Syslog events and put them into a dedicated per host log file:</span><br />
<span style="font-family: inherit;">Ensure your configuration name will be read after the iptables syslog config file. (see above, use numbered prefix)</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;"><b><i>Create "/etc/rsyslog.d/10-remotehosts.conf" with the following content: (Note: The iptables config we will create after will be called 08 to be read before this and intercept messages </i></b></span><br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$template PerHostLog,"/var/log/%HOSTNAME%.log"
$template RemoteHostFileFormat,"%TIMESTAMP% %HOSTNAME% %syslogfacility-text% %syslogtag%%msg:::sp-if-no-1st-sp%%msg:::space-cc,drop-last-lf%\n"
:inputname, isequal, "imudp" ?PerHostLog;RemoteHostFileFormat
& ~</span></span></pre>
<br />
<br />
<span style="font-family: inherit;">Finally, achieve the rest to the configuration above to be able to intercept remote Syslog client events containing the iptables event tag and put them in a dedicated log file for all hosts.</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;"><br /></span>
<span style="color: #990000; font-family: inherit;"><b>COMMON CONFIGURATION for Single and Multiple Iptables installations: </b></span><br />
<span style="font-family: inherit;"><br /></span>
<span style="color: #990000; font-family: inherit;"><b>1. Set Syslog to trap iptables events to a dedicated logfile</b></span><br />
<br />
<span style="font-family: inherit;">This configuration part will depend on your system and needs, i recommend the use of "rsyslog"</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">The goal is to configure syslog to trap any event containing a key word set as the iptables prefix into a dedicated log file</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">For example, with UFW you will have "[UFW BLOCK]" as a prefix.</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">If you set manually configure Iptables, just choose and report your log prefix. (eg. example "DROP(wan)"</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">In Debian/Ubuntu systems for example, create an rsyslog configuration file, example:</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;"><b><i>Create "/etc/rsyslog.d/08-iptables.conf" with the following content: (adapt with your log prefix) </i></b></span><br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">:msg, contains, "DROP(wan)" /var/log/iptables.log
& ~</span></span></pre>
<br />
<br />
<span style="font-family: inherit;"><b>Restart rsyslog to take effect.</b></span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;"><br /></span>
<span style="color: #990000; font-family: inherit; font-size: large;"><b>Part 3 : Configuration of Splunk (the easy part!)</b></span><br />
<span style="font-family: inherit;"><br /></span>
<span style="color: #990000; font-family: inherit;"><b>Configure input file using Splunk Manager interface:</b></span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">Go to "manager", "Data Input", and configure MANUALLY a new input file pointing to your iptables log file.</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;"><b>With settings by part configuration:</b></span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;"><b><i>Host:</i></b></span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">You can let the default settings, it does not mind as we don't use it to recognize the iptables reporting server.</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;"><b><i>Source type:</i></b></span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">- Set the source Type: Manual</span><br />
<span style="font-family: inherit;">- Source type: iptables_source</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;"><b><i>Index:</i></b></span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">- Set the destination Index: iptables_index</span><br />
<span style="font-family: inherit;"><br /></span>
<br />
<span style="color: #990000; font-family: inherit;"><b>Configure input manually:</b></span><br />
<span style="color: #990000; font-family: inherit;"><b><br /></b></span>
<br />
<b><i>You can also add your input file manually, create a new file in "${APP_HOME}/local/inputs.conf" with the following content: (adapt to your case)</i></b><br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">[monitor:///var/log/remote-hosts/iptables_myserver.log]
disabled = 0
followTail = 0
index = iptables_index
sourcetype = iptables_source
[monitor:///var/log/iptables_ufw.log]
disabled = 0
followTail = 0
index = iptables_index
sourcetype = iptables_source</span></span>
</pre>
<div>
<br /></div>
<br />
<i><b>And restart Splunk.</b></i><br />
<br />
<div>
<span style="color: #990000; font-family: inherit;"><b><br /></b></span></div>
<div>
<span style="color: #990000; font-family: inherit;"><b><br /></b></span></div>
<br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">Good news, you're done!!!</span><br />
<span style="font-family: inherit;">Just wait a few minutes to let Splunk get the content of your iptables log file, then go to the splunk application</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;"><br /></span>
Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com41tag:blogger.com,1999:blog-4353161337668741389.post-27020286051985474362013-01-26T14:13:00.000+01:002013-02-01T09:28:12.258+01:00Howto Raspberry Pi - Use your Pi as a secure Reverse Proxy gateway to your Web internal Sites and Services<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPaiRdN6ABTTmcSXs42Dycub5UCcV6bMWhb3rqHSIQ5XsFqSCuJYE61NaiYC9RcZaQSRLGmOwremaPVxREyvs3mxO3SEhyC9A11ErnAmYC6OpVUnmXTtbh84dRS-hKCi5VSfqhPpZP9UFn/s1600/Raspberry-Pi-logo.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="285" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPaiRdN6ABTTmcSXs42Dycub5UCcV6bMWhb3rqHSIQ5XsFqSCuJYE61NaiYC9RcZaQSRLGmOwremaPVxREyvs3mxO3SEhyC9A11ErnAmYC6OpVUnmXTtbh84dRS-hKCi5VSfqhPpZP9UFn/s320/Raspberry-Pi-logo.jpg" width="320" /></a></div>
<br />
<b><i><span style="color: #666666;">Last update 02/01/2013</span></i></b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjoY1tIj8UShG3rG31uJNpwVEcD_78hs1lBqVrtLHxDJr6Wwx4Ikc1CHVRt8IHk_kqXHpeLDMIJdhU3i1HfgCKza17SjAh7Qa6E7U5NoblxsR3P4YXu-1zLguC2BCnH_FJWticNN3i2jFhW/s1600/guilhem@raspberry2:+~+-+Shell+In+A+Box+-+Chromium_001.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="386" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjoY1tIj8UShG3rG31uJNpwVEcD_78hs1lBqVrtLHxDJr6Wwx4Ikc1CHVRt8IHk_kqXHpeLDMIJdhU3i1HfgCKza17SjAh7Qa6E7U5NoblxsR3P4YXu-1zLguC2BCnH_FJWticNN3i2jFhW/s640/guilhem@raspberry2:+~+-+Shell+In+A+Box+-+Chromium_001.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<br />
<br />
<h3 style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; margin: 0px; position: relative;">
The Goal: </h3>
<div style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<br /></div>
<div style="background-color: #fefdfa; color: #333333; line-height: 18px;">
<span style="font-family: inherit;">You have a Raspberry Pi and want to use it as your secure Web reverse proxy gateway to access to your various Internal services through your main fully qualified domain name or IP.</span></div>
<div style="background-color: #fefdfa; color: #333333; line-height: 18px;">
<span style="font-family: inherit;"><br /></span></div>
<div style="background-color: #fefdfa; color: #333333; line-height: 18px;">
<b><span style="font-family: inherit;">Let's say:</span></b></div>
<div style="background-color: #fefdfa;">
<ul>
<li><span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">You have a main router or ISP Box</span></span></li>
<li><span style="color: #333333;"><span style="font-family: inherit;"><span style="line-height: 18px;">Your Rpi will be in front of the Internet by redirecting http/https por</span></span></span></li>
<li><span style="color: #333333;"><span style="line-height: 18px;">For this configuration to work from both inside and outside your home network, your domain name (here "myowndomain.com") must be associated with your public IP</span></span></li>
<span style="color: #333333;"><span style="font-family: inherit;"><span style="line-height: 18px;">ts from your router to your Rpi</span></span></span>
<li><span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">You have or not internal servers providing Web sites or services your want to access from your public IP / domain name</span></span></li>
</ul>
<div>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><b>We will use:</b></span></span></div>
<div>
<ul>
<li><span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">nginx as the great secure reverse proxy instance</span></span></li>
<li><span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">SSL with auto signed or officially signed certificate to secure our web traffic</span></span></li>
<li><span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">htpasswd to password protect your shellinbox from being visible and accessible whitout credentials</span></span></li>
<li><span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">shellinabox to host a nice Web SSH frontend</span></span></li>
</ul>
</div>
</div>
<div style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<br /></div>
<div style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: #990000; font-family: inherit; font-size: small;"><b>Summary of steps:</b></span> <b><span style="color: #990000;"><br /></span></b><span style="color: #990000;"><b></b></span><br />
<span style="font-family: inherit;"><b><span style="color: #990000;">Step 1: OPTIONAL - Get a fully Qualified Domain Name (FQDN)</span></b><br /><b><span style="color: #990000;">Step 2: Manage your SSL certificate</span></b><br /><b><span style="color: #990000;">Step 3: Put a Shellinabox in your Pi ^^</span></b><br /><b><span style="color: #990000;">Step 4: Install and configure Nginx</span></b></span><span style="font-family: inherit;"><span style="color: #990000;"><b><br /></b></span></span></div>
<div style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="font-family: inherit;"><b><span style="color: #990000;"><br /></span></b></span></div>
<div style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="font-family: inherit;"><b><span style="color: #990000;"><br /></span></b></span></div>
<div>
<div style="background-color: #fefdfa;">
<div style="margin-bottom: 0.5em; margin-top: 0.4em;">
<div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<div style="margin-bottom: 0.5em; margin-top: 0.4em;">
<div style="line-height: 19px;">
<b style="background-color: white; font-family: inherit;"><span style="color: #990000; font-size: small;">Step 1: OPTIONAL - Get a Fully Qualified Domain Name </span></b></div>
</div>
</div>
<div>
<div style="margin-bottom: 0.5em; margin-top: 0.4em;">
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 19px;">
<br /></div>
<div>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 19px;">This is absolutely optional, but you could think about getting a qualified domain name to access to your home network. (a domain costs very few per year, and your can dynamically associate it with your public IP)</span></span></div>
<div>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 19px;"><br /></span></span></div>
<div>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 19px;">In many cases, when you connect from secure places (such as your company site), trying to access to a web site using its public IP will be prohibited by internals web proxies and firewalls.</span></span></div>
<div>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 19px;">By using a fqdn to associate your public IP to a real Internal domain name, your site is as official as any Internet company web site :-)</span></span></div>
<div>
<span style="font-family: inherit;"><br /></span></div>
<div>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 19px;">As an alternative to buy your own domain name, you can also use dynamic free domain name services such as no-ip.org, but most of company proxy will also block them.</span></span></div>
<div>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 19px;"><br /></span></span></div>
<div>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 19px;">And finally, this is just clean and beautiful ^^</span></span></div>
<div>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 19px;"><br /></span></span></div>
<div>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 19px;">In this post, i will assume for the example purpose that your domaine name is "myowndomain.com". (still the fqdn is optional)</span></span></div>
<div>
<span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 19px;"> </span></span></div>
</div>
</div>
</div>
<div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<div style="margin-bottom: 0.5em; margin-top: 0.4em;">
<div style="line-height: 19px;">
<b style="background-color: white; font-family: inherit;"><span style="color: #990000; font-size: small;">Step 2: Manage your SSL certificate</span></b></div>
</div>
</div>
<div>
<div style="margin-bottom: 0.5em; margin-top: 0.4em;">
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 19px;">
<br /></div>
<div>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 19px;">Off course, we will want to secure our Web traffic using an SSL certificate, there is 2 ways to achieve this:</span></span></div>
<div>
<span style="color: #333333; line-height: 19px;"><span style="font-family: inherit;"><br /></span></span></div>
<div>
<span style="color: #333333; line-height: 19px;"><b><span style="font-family: inherit;">1. Generating an "auto-signed" SSL certificate</span></b></span></div>
<div style="color: #333333; line-height: 19px;">
<span style="font-family: inherit;"><br /></span></div>
<div>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 19px;">You can very easily generate an auto-signed SSL certificate, you will have exactly the same security and encrypting level than any official certificate but this certificate won't be officially recognized over the Internet.</span></span></div>
<div>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 19px;"><br /></span></span></div>
<div>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 19px;">That means that when connecting to your site, your Web browser will warn you about the impossibility to guaranty your security connecting to this site, and you have to accept this.</span></span></div>
<div>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 19px;"><br /></span></span></div>
<div>
<span style="color: #333333;"><span style="line-height: 19px;">I personally prefer having an official SSL certificate :-)</span></span></div>
<div>
</div>
<div>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 19px;"><br /></span></span></div>
<div>
<div>
<span style="color: #333333; line-height: 19px;"><b><span style="font-family: inherit;">2. Buy and generate an Officially signed SSL certificate</span></b></span></div>
</div>
<div>
<span style="color: #333333; line-height: 19px;"><b><span style="font-family: inherit;"><br /></span></b></span></div>
<div>
<span style="color: #333333; line-height: 19px;"><span style="font-family: inherit;">You can also buy an official SSL certificate for very few, in this case your browser will automatically recognize your certificate as valid and you won't get any warn.</span></span></div>
<div>
<span style="font-family: inherit;"><br /></span></div>
<div>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 19px;">There is some places where you can get a free official SSL certificate for personal use. (look for "startssl")</span></span></div>
<div>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 19px;"><br /></span></span></div>
<div>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 19px;">In both cases, Google is your friend ^^</span></span></div>
<div>
<br /></div>
<div>
<span style="color: #333333; line-height: 19px;"><b><span style="font-family: inherit;">How to generate an auto signed certificate:</span></b></span></div>
<div>
<span style="color: #333333; line-height: 19px;"><b><span style="font-family: inherit;"><br /></span></b></span></div>
<div>
<span style="color: #333333; line-height: 19px;"><b><i><span style="font-family: inherit;">Install OpenSSL:</span></i></b></span></div>
<div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo apt-get install openssl</span></span></pre>
</div>
<div>
<span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small; line-height: 19px;"><b><br /></b></span></div>
<div>
<span style="color: #333333; line-height: 19px;"><b><i><span style="font-family: inherit;">Generate your self signed certificate:</span></i></b></span></div>
<div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">sudo mkdir -p /etc/ssl/localcerts
openssl req -new -x509 -days 3650 -nodes -out /etc/ssl/localcerts/autosigned.crt -keyout /etc/ssl/localcerts/autosigned.key
chmod 600 /etc/ssl/localcerts/*</span></span></pre>
</div>
<div>
<span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small; line-height: 19px;"><b><br /></b></span></div>
<div>
<span style="color: #333333; line-height: 19px;"><i><span style="font-family: inherit;">Note: Respond to OpenSSL questions as you wish, it does not really mind as your certificate is a self-signed anyway</span></i></span></div>
</div>
</div>
</div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 19px;">
<b style="background-color: white; font-family: inherit;"><span style="color: #990000; font-size: small;"><br /></span></b></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 19px;">
<b style="background-color: white; font-family: inherit;"><span style="color: #990000; font-size: small;"><br /></span></b></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 19px;">
<b style="background-color: white; font-family: inherit;"><span style="color: #990000; font-size: small;">Step 3: Put a shellinabox in your Pi ^^</span></b></div>
</div>
</div>
<div style="background-color: #fefdfa;">
<div style="margin-bottom: 0.5em; margin-top: 0.4em;">
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 19px;">
<br /></div>
<div style="color: #333333; line-height: 19px;">
<span style="font-family: inherit;">As explained before, shellinabox is a wonderfull web frontend to SSH, this way you will access to your SSH server without having to deal with an SSH client.</span></div>
<div style="color: #333333; line-height: 19px;">
<span style="font-family: inherit;"><br /></span></div>
<div style="color: #333333; line-height: 19px;">
<span style="font-family: inherit;">By the past, i wrote an article about an other SSH web frontend "ajaxterm" which is nice too, but in my opinion much more limited and low.</span></div>
<div style="color: #333333; line-height: 19px;">
<span style="font-family: inherit;">So i recommend to use shellinabox instead.</span></div>
<div style="color: #333333; line-height: 19px;">
<span style="font-family: inherit;"><br /></span></div>
<div>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 19px;">You will be able to access to your SSH server using standard Web ports even when connecting from places where external SSH traffic is prohibited :-) </span></span></div>
</div>
</div>
<div style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<br /></div>
<div style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<i><b>To install:</b></i></div>
<div style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="line-height: 19px;"># sudo apt-get install shellinabox</span></pre>
</div>
<div style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<br /></div>
<div style="background-color: #fefdfa; color: #333333; line-height: 18px;">
<span style="font-family: inherit;">By default, shellinabox uses the port "4200" to listen to, you can let that as it is as your nginx reverse proxy take care about redirecting our request to this internal service. </span></div>
</div>
<div style="background-color: #fefdfa; color: #333333; line-height: 18px;">
<span style="font-family: inherit;"><br /></span></div>
<div style="background-color: #fefdfa; color: #333333; line-height: 18px;">
<b><span style="font-family: inherit;">If you want to manage your shellinabox configuration, take a look at main config files:</span></b></div>
<div style="background-color: #fefdfa;">
<ul>
<li><span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">/etc/default/shellinabox</span></span></li>
<li><span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">/etc/shellinabox/*</span></span></li>
</ul>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">Default configuration is ok for us, test your shellinabox by connecting from a browser inside your network: http://<mypiserver>:4200</span></span></div>
<div style="background-color: #fefdfa;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><br /></span></span></div>
<div style="background-color: #fefdfa;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">Note that even if we won't use it, shellinabox comes with embeded SSL auto-signed certificate configuration to redirect http to https and secure your web traffic.</span></span></div>
<div>
<span style="font-family: inherit;"><span style="color: #990000;"><b><br /></b></span></span></div>
<div>
<span style="font-family: inherit;"><span style="color: #990000;"><b><br /></b></span></span></div>
<div>
<div style="background-color: #fefdfa;">
<div style="margin-bottom: 0.5em; margin-top: 0.4em;">
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 19px;">
<b style="background-color: white; font-family: inherit;"><span style="color: #990000; font-size: small;">Step 4: Install and configure Nginx</span></b></div>
</div>
</div>
<div style="background-color: #fefdfa;">
<div style="margin-bottom: 0.5em; margin-top: 0.4em;">
</div>
</div>
</div>
<div>
<span style="font-family: inherit;"><span style="color: #990000;"><b><br /></b></span></span></div>
<div>
<span style="font-family: inherit;"><span style="color: #990000;"><b>Ok, serious things now, let's install and configure nginx.</b></span></span></div>
<div>
<span style="font-family: inherit;"><span style="color: #990000;"><b><br /></b></span></span></div>
<div>
<span style="font-family: inherit;">Nginx is an extremely powerful Opensource Web server, light secure and fast, that can be used as reverse proxy instance gateway to your internal Web services.</span></div>
<div>
<span style="font-family: inherit;"><br /></span></div>
<div>
<span style="font-family: inherit;">It is more and more used by many companies web site with high load Web Sites, do not hesitate to take a look at official sites:</span></div>
<div>
<ul>
<li><a href="http://wiki.nginx.org/Main">http://wiki.nginx.org/Main</a></li>
<li><a href="http://nginx.com/">http://nginx.com/</a></li>
</ul>
</div>
<div>
<span style="font-family: inherit;">I used by the past Apache running as a reverse proxy to do this job, but nginx assumes this job with great success, it's very modular and easy to maintain, this is why i recommend your Nginx.</span></div>
<div>
<span style="font-family: inherit;"><br /></span></div>
<div>
<div style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<i><b>To install:</b></i></div>
<div style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="line-height: 19px;"># sudo apt-get install nginx-full</span></pre>
</div>
</div>
<div>
<span style="font-family: inherit;"><br /></span></div>
<div>
<span style="font-family: inherit;"><br /></span></div>
<div>
<span style="font-family: inherit;"><span style="color: #990000;"><b>Now let's configure the beast:</b></span></span></div>
<div>
<span style="font-family: inherit;"><span style="color: #990000;"><b><br /></b></span></span></div>
<div>
<b><i>First, some configuration in main config file "/etc/nginx/nginx.conf", here is a sample config file:</i></b></div>
<div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># /etc/nginx/nginx.conf
user www-data;
worker_processes 4;
pid /var/run/nginx.pid;
events {
worker_connections 768;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
gzip_disable "msie6";
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}</span></span></pre>
</div>
<div>
<span style="font-family: inherit;"><span style="color: #990000;"><b><br /></b></span></span></div>
<div>
<span style="font-family: inherit;">Please note that as Apache configuration style under Debian/Ubuntu, any configuration file (for site or module) included in conf.d or sites-enabled will be loaded at Nginx start</span></div>
<div>
<span style="font-family: inherit;"><br /></span></div>
<div>
<span style="font-family: inherit;">A good practice is to create a symbolic link from "sites-available" to "sites-enabled".</span></div>
<div>
<span style="font-family: inherit;"><br /></span></div>
<div>
<i><b><span style="font-family: inherit;">Let's deactivate the default web site we won't use by removing its </span>symbolic<span style="font-family: inherit;"> link:</span></b></i></div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo rm /etc/nginx/sites-enable/default</span></span> </pre>
<div>
<span style="font-family: inherit;"><span style="color: #990000;"><b><br /></b></span></span></div>
<div>
<b><i>Create an htpasswd file that will contain your credentials (adapt <username>)</i></b></div>
<div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo htpasswd -c /etc/nginx/.htpasswd <username></span></span></pre>
</div>
<div>
<br /></div>
<div>
<span style="font-family: inherit;"><b>Now create your main web site configuration file, example:</b></span></div>
<div>
<ul>
<li>/etc/nginx/sites-available/main</li>
</ul>
<div>
<b><i>Here is a sample secured configuration:</i></b></div>
</div>
<div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">access_log off;
add_header Cache-Control public;
server_tokens off;
# HTTP 80
server {
listen 80;
server_name _;
rewrite ^ https://myowndomain.com$request_uri? permanent;
}
# HTTPS 443
server {
include /etc/nginx/proxy.conf;
listen 443 ssl;
keepalive_timeout 70;
server_name myowndomain.com;
# SSL config
ssl on;
ssl_certificate /etc/ssl/localcerts/autosigned.crt;
ssl_certificate_key /etc/ssl/</span></span><span style="color: #333333; line-height: 19px;">localcerts/autosigned</span><span style="color: #333333; line-height: 19px;">.key;</span>
<span style="color: #333333;"><span style="line-height: 19px;">
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1.2;
ssl_ciphers RC4:HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
add_header X-Frame-Options DENY;
# DDOS protection - Tune Values or deactivate in case of issue
# limit_conn conn_limit_per_ip 20;
# limit_req zone=req_limit_per_ip burst=20 nodelay;
# status for ngxin auditing
location /nginx-status {
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
}
location / {
rewrite ^ https://myowndomain.com/shellinabox/ permanent;
}
location /shellinabox/ {
proxy_pass http://localhost:4200;
auth_basic "Access Restricted";
auth_basic_user_file "/etc/nginx/.htpasswd";
access_log /var/log/nginx/shellinabox.access.log;
error_log /var/log/nginx/shellinabox.error.log;
}
}</span></span>
</pre>
</div>
<div>
<br /></div>
<div>
<i><span style="font-family: inherit;"><b>Create the file "/etc/nginx/proxy.conf" with following content:</b></span></i></div>
<div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffers 32 4k;</span></span></pre>
</div>
<div>
<span style="color: #990000;"><b><br /></b></span></div>
<div>
<div>
<b><i>Activate your nginx web site and restart:</i></b></div>
<div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">sudo ln -s /etc/nginx/sites-enables/main /etc/nginx/sites-available/main
sudo service nginx restart</span></span></pre>
</div>
</div>
<div>
<span style="color: #333333;"><span style="line-height: 19px;"><br /></span></span></div>
<div>
<span style="color: #990000;"><b>NOTE:</b></span></div>
<div>
<span style="color: #990000;"><b><br /></b></span></div>
<div>
For this configuration to work from both inside and outside your home network, your domain name (here "myowndomain.com") must be associated with your public IP</div>
<div>
<span style="font-family: inherit;"><span style="color: #990000;"><b><br /></b></span></span></div>
<div>
<span style="font-family: inherit;"><span style="color: #990000;"><b><br /></b></span></span></div>
<div>
<span style="font-family: inherit;"><span style="color: #990000;"><b>Now test accessing to your Web site from both internal and external access :-)</b></span></span></div>
<div>
<span style="font-family: inherit;"><span style="color: #990000;"><b><br /></b></span></span></div>
<div>
<div>
As you understood, you can manage as many internal Web sites as you need through a unique Web instance and virtual hosts. (called location in Nginx)</div>
</div>
<div>
<br /></div>
<div>
In the sample config, shellinabox is the default site accessible with your domain name, but you change it and/or add any other internal web sites very easily.</div>
<div>
<span style="font-family: inherit;"><span style="color: #990000;"><b><br /></b></span></span></div>
<div>
<span style="font-family: inherit;">Just add a new location related to your internal Web site you want to be able to access and you're done :-)</span></div>
<div>
<span style="font-family: inherit;"><span style="color: #990000;"><b><br /></b></span></span></div>
<div>
<span style="font-family: inherit;"><span style="color: #990000;"><b><br /></b></span></span></div>
<div>
<span style="font-family: inherit;"><span style="color: #990000;"><b><br /></b></span></span></div>
Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com55tag:blogger.com,1999:blog-4353161337668741389.post-30167047930215522412013-01-18T17:58:00.000+01:002013-01-19T13:33:31.750+01:00Howto Raspberry Pi: Monitor your Raspberry Pi with Observium!<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5W0AXgAz1xB4y798p4TLJN8r0LNe1l-0WI9ymRwYi4cSzEUi9QNWjH4jXvXAVtyzUkzGkUkp_H2IOtytGMU3KnlNYQqP6d2o6iISDyQyaf_nMSQwlff6XgsQgBvPl-yeJkyS0CuEV74HM/s1600/logo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="81" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5W0AXgAz1xB4y798p4TLJN8r0LNe1l-0WI9ymRwYi4cSzEUi9QNWjH4jXvXAVtyzUkzGkUkp_H2IOtytGMU3KnlNYQqP6d2o6iISDyQyaf_nMSQwlff6XgsQgBvPl-yeJkyS0CuEV74HM/s320/logo.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIk8xyDglj0Gzh3iXXNd-Fe81IodTpVjDDMFiwpH64uMhQkT01CI7WM_Qpr02ch_hZ0JuoZEobziuh3ao4vRMAAx4WrsGin0syx2pfPC93oEPVE2XPuWCV7vWEsszsihQtjNdXMz85LYkf/s1600/screen1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="564" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIk8xyDglj0Gzh3iXXNd-Fe81IodTpVjDDMFiwpH64uMhQkT01CI7WM_Qpr02ch_hZ0JuoZEobziuh3ao4vRMAAx4WrsGin0syx2pfPC93oEPVE2XPuWCV7vWEsszsihQtjNdXMz85LYkf/s640/screen1.png" width="640" /></a></div>
<br />
<br />
<br />
<h3 style="background-color: #fefdfa; margin: 0px; position: relative;">
<span style="color: #990000; font-family: inherit; font-size: large;">The Goal: </span></h3>
<br />
<br />
With Observium associated with Unix agent check_mk the goal will be to monitor any available indicator (CPU, Mem, Traffic interface...) and most of all, specific Raspberry Pi main indicators dynamically allocated when running Overclocked with Turbo mode:<br />
<ul>
<li>CPU Frequency</li>
<li>CORE Frequency</li>
<li>CORE Voltage</li>
<li>BCM2835 Soc Temperature</li>
</ul>
<div>
<b><i><br /></i></b>
<b><i>Corresponding "vgencmd" commands:</i></b></div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># CPU Frequency
vcgencmd measure_clock arm
# CORE Frequency
vcgencmd measure_clock core
# CORE Voltage
vcgencmd measure_volts core
# SoC Temp
vcgencmd measure_temp</span></span></pre>
</div>
<div>
<br /></div>
There are also other indicators you may want to monitor, even i don't feed it myself useful.<br />
The present article will take care of these 4 indicators.<br />
<br />
Take a look here: <a href="http://www.elinux.org/RPI_vcgencmd_usage">http://www.elinux.org/RPI_vcgencmd_usage</a><br />
<br />
<i><b>Global list of indicators available through "vgencmd":</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span class="text" style="font-size: 13px; white-space: nowrap;">vcgencmd measure_clock arm</span>
<span class="text" style="font-size: 13px; white-space: nowrap;">vcgencmd measure_clock core</span>
<span class="text" style="font-size: 13px; white-space: nowrap;">vcgencmd measure_clock h264</span>
<span class="text" style="font-size: 13px; white-space: nowrap;">vcgencmd measure_clock isp</span>
<span class="text" style="font-size: 13px; white-space: nowrap;">vcgencmd measure_clock v3d</span>
<span class="text" style="font-size: 13px; white-space: nowrap;">vcgencmd measure_clock uart</span>
<span class="text" style="font-size: 13px; white-space: nowrap;">vcgencmd measure_clock pwm</span>
<span class="text" style="font-size: 13px; white-space: nowrap;">vcgencmd measure_clock emmc</span>
<span class="text" style="font-size: 13px; white-space: nowrap;">vcgencmd measure_clock pixel</span>
<span class="text" style="font-size: 13px; white-space: nowrap;">vcgencmd measure_clock vec</span>
<span class="text" style="font-size: 13px; white-space: nowrap;">vcgencmd measure_clock hdmi</span>
<span class="text" style="font-size: 13px; white-space: nowrap;">vcgencmd measure_clock dpi</span>
<span class="text" style="font-size: 13px; white-space: nowrap;">vcgencmd measure_volts core</span>
<span class="text" style="font-size: 13px; white-space: nowrap;">vcgencmd measure_volts sdram_c</span>
<span class="text" style="font-size: 13px; white-space: nowrap;">vcgencmd measure_volts sdram_i</span>
<span class="text" style="font-size: 13px; white-space: nowrap;">vcgencmd measure_volts sdram_p</span></pre>
<br />
<br />
Installing Observium is out of the scope of this article, Observium installations documentations and well known and easy to read, see above.<br />
<br />
<i><b>Main sources:</b></i><br />
<ul>
<li><a href="http://www.observium.org/">Observium Website</a></li>
<li><a href="http://www.observium.org/wiki/Ubuntu_SVN_Installation">Ubuntu installation</a></li>
</ul>
<br />
I recommend to install Observium and Mysql into a central server which will request our Rpi to generate graphs and so on.<br />
<br />
We will use an additional agent called "check_mk" to request the Rpi, system load generated by snmp and Unix agent are very limited which is very great, the Rpi is a small power device and you don't want monitoring to generate high system load!<br />
<br />
One time you have Observium up and running, follow this guide to integrate any Raspberry Pi you want to monitor :-)<br />
<br />
<br />
<br />
<div style="background-color: #fefdfa;">
<div style="color: #333333; line-height: 18px;">
<span style="font-family: inherit; font-size: large;"><span style="color: #990000;"><b>Summary of steps:</b></span> <b><span style="color: #990000;"><br /></span></b><span style="color: #990000;"><b></b></span></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="font-family: inherit; font-size: large;"><br /></span></div>
<b><span style="color: #990000; font-family: inherit;"><span style="line-height: 18px;">Step 1: Install and configure snmpd</span><br /><span style="line-height: 18px;">Step 2: Install check_mk agent (Unix Agent)</span><br /><span style="line-height: 18px;">Step 3: </span><span style="line-height: 18px;">Add the custom Raspberry agent script</span><br /><span style="line-height: 18px;">Step 4: </span><span style="line-height: 18px;">Observium custom application configuration</span><br /><span style="line-height: 18px;">Step 5: </span><span style="line-height: 18px;">Configure your Rpi in Observium, the easy part!</span></span></b></div>
<div style="background-color: #fefdfa; color: #333333; line-height: 18px;">
<span style="font-family: inherit;"><span style="color: #990000;"><b><br /></b></span><b style="color: #990000;">Memorandum</b></span></div>
<div style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: #990000;"><b><br /></b></span></div>
<div style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: #990000;"><b><br /></b></span></div>
<div style="background-color: #fefdfa; line-height: 18px;">
<div style="margin-bottom: 0.5em; margin-top: 0.4em;">
<div style="color: #333333; line-height: 19px;">
<b style="background-color: white;"><span style="color: #990000;"><span style="font-family: inherit; font-size: large;">Step 1: Install and configure snmpd</span></span></b></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 19px;">
<b style="background-color: white; font-family: inherit;"><span style="color: #990000; font-size: small;"><br /></span></b></div>
<div style="line-height: 19px;">
<i><b><span style="font-family: inherit;">First thing, we will begin by installing the snmpd daemon, to do so:</span></b></i></div>
<div style="line-height: 19px;">
<pre style="border: 1px dashed rgb(47, 111, 171); line-height: normal; padding: 1em;"><span style="white-space: nowrap;">$ sudo apt-get install snmpd snmp-mibs-downloader</span></pre>
</div>
<div style="line-height: 19px;">
<b></b></div>
<div style="line-height: 19px;">
<b>Let's configure some little things:</b></div>
</div>
</div>
<br />
<div style="background-color: #fefdfa; line-height: 19px;">
<i><b>Edit "/etc/default/snmpd" and:</b></i></div>
<div style="background-color: #fefdfa;">
<ul>
<li><span style="line-height: 19px;"><i>set: export MIBS=UCD-SNMP-MIB</i></span></li>
</ul>
<div>
<ul>
<li><span style="line-height: 19px;"><i>Replace the line "SNMPDOPTS=" with the following values to prevent snmpd to log each connection (default behavior):</i></span></li>
</ul>
</div>
</div>
<div style="background-color: #fefdfa;">
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="white-space: nowrap;">SNMPDOPTS='-LS 0-4 d -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid'</span></pre>
</div>
<div style="background-color: #fefdfa; line-height: 19px;">
</div>
<br />
<i style="line-height: 19px;"><b>Edit "/etc/snmp/snmpd.conf" and:</b></i><br />
<ul>
<li>Comment with "#" the default line "agentaddress udp:127.0.0.1:161" which only allows connections from the localhost itself</li>
</ul>
<ul>
<li>Comment out the line "agentaddress udp:161,udp6:[::1]:161" to allow remote connections</li>
</ul>
<div>
<ul>
<li>Comment out the line "rocommunity secret <LANSUBNET>" (adapt <LANSUBNET> to the CIDR value of your LAN subnet, example: 192.168.0/24" </li>
</ul>
<div>
<i><b><br /></b></i>
<i><b>Note:</b> "secret" will the name of the snmp community, only accessible through your local network) </i></div>
</div>
<br />
<ul>
<li>Configure "sysLocation" and "sysContact"</li>
</ul>
<div>
<ul>
<li>Look for the section "EXTENDING THE AGENT" and add the following line:</li>
</ul>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); color: #333333; font-size: 13px; line-height: 18px; padding: 1em;"><span style="line-height: 19px;">extend .1.3.6.1.4.1.2021.7890.1 distro /usr/bin/distro</span></pre>
</div>
<ul>
<li>Install the "distro" script coming from observium (to recognize the remote OS)</li>
</ul>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo wget http://www.observium.org/svn/observer/trunk/scripts/distro -O /usr/bin/distro
$ sudo chmod 755 /usr/bin/distro</span></span></pre>
<br />
Finally restart snmpd daemon:<br />
<div style="background-color: #fefdfa;">
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="white-space: nowrap;">$ sudo service snmpd restart</span></pre>
</div>
<br />
<br />
<div style="background-color: #fefdfa; color: #333333; line-height: 19px;">
<b style="background-color: white;"><span style="color: #990000;"><span style="font-family: inherit; font-size: large;">Step 2: Install check_mk agent (Unix agent)</span></span></b></div>
<div style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 19px;">
</div>
<br />
We will used the great Unix agent "check_mk" called Unix agent by Observium.<br />
<br />
If you want more information about this very cool tool, check its main Web site:<br />
<a href="http://mathias-kettner.de/checkmk_monitoring_system.html">http://mathias-kettner.de/checkmk_monitoring_system.html</a><br />
<br />
<b><i>Install Xinetd requirement:</i></b><br />
<div style="background-color: #fefdfa;">
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="white-space: nowrap;">$ sudo apt-get install xinetd</span></pre>
<div>
<span style="white-space: nowrap;"><br /></span></div>
<div>
<span style="white-space: nowrap;"><b><i>Download and install check_mk:</i></b></span></div>
<div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ wget http://mathias-kettner.com/download/check-mk-agent_1.2.0p3-2_all.deb
$ sudo dpkg -i check-mk-agent_1.2.0p3-2_all.deb</span></span>
</pre>
<div style="white-space: nowrap;">
<br /></div>
<div style="white-space: nowrap;">
<span style="color: #333333;"><span style="line-height: 19px;">Verify that the package installation generated the xinetd configuration file called "</span></span></div>
<div>
<span style="color: #333333; line-height: 19px; white-space: nowrap;">/etc/xinetd.d/check_mk".</span></div>
<div>
<span style="color: #333333; line-height: 19px; white-space: nowrap;"><br /></span></div>
<div>
<span style="color: #333333; line-height: 19px; white-space: nowrap;"><b><i>If not (it seems this part fails under Rpi), create the file with the following content:</i></b></span></div>
<div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># +------------------------------------------------------------------+
# | ____ _ _ __ __ _ __ |
# | / ___| |__ ___ ___| | __ | \/ | |/ / |
# | | | | '_ \ / _ \/ __| |/ / | |\/| | ' / |
# | | |___| | | | __/ (__| < | | | | . \ |
# | \____|_| |_|\___|\___|_|\_\___|_| |_|_|\_\ |
# | |
# | Copyright Mathias Kettner 2012 mk@mathias-kettner.de |
# +------------------------------------------------------------------+
#
# This file is part of Check_MK.
# The official homepage is at http://mathias-kettner.de/check_mk.
#
# check_mk is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
# the Free Software Foundation in version 2. check_mk is distributed
# in the hope that it will be useful, but WITHOUT ANY WARRANTY; with-
# out even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU General Public License for more de-
# ails. You should have received a copy of the GNU General Public
# License along with GNU Make; see the file COPYING. If not, write
# to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor,
# Boston, MA 02110-1301 USA.
service check_mk
{
type = UNLISTED
port = 6556
socket_type = stream
protocol = tcp
wait = no
user = root
server = /usr/bin/check_mk_agent
# If you use fully redundant monitoring and poll the client
# from more then one monitoring servers in parallel you might
# want to use the agent cache wrapper:
#server = /usr/bin/check_mk_caching_agent
# configure the IP address(es) of your Nagios server here:
#only_from = 127.0.0.1 10.0.20.1 10.0.20.2
# Don't be too verbose. Don't log every check. This might be
# commented out for debugging. If this option is commented out
# the default options will be used for this service.
log_on_success =
disable = no
}</span></span></pre>
</div>
</div>
<div>
<br /></div>
<div>
<span style="white-space: nowrap;"></span><br />
<div style="white-space: normal;">
<span style="white-space: nowrap;"><span style="white-space: nowrap;"><b><i>Restart xinetd:</i></b></span></span></div>
<span style="white-space: nowrap;">
</span>
<br />
<div style="white-space: normal;">
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="white-space: nowrap;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo service xinetd restart</span></span></span></pre>
</div>
<span style="white-space: nowrap;">
</span></div>
<div>
<span style="white-space: nowrap;"><br /></span></div>
<div>
<span style="white-space: nowrap;">Finally, ensure your Observium machine willbe authorized to access to the Rpi check_mk service running on port TCP/6556.</span></div>
<div>
<br /></div>
<div>
<span style="white-space: nowrap;"></span><br />
<div style="color: #333333; line-height: 19px; white-space: normal;">
<span style="white-space: nowrap;"><b style="background-color: white;"><span style="color: #990000;"><span style="font-family: inherit; font-size: large;">Step 3: Add the custom Raspberry agent script</span></span></b></span></div>
<span style="white-space: nowrap;">
</span>
<br />
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 19px; white-space: normal;">
</div>
<span style="white-space: nowrap;">
</span></div>
<div>
<span style="white-space: nowrap;"><br /></span></div>
<div>
<span style="white-space: nowrap;"><b><i>Create a new file "/usr/lib/check_mk_agent/local/raspberry":</i></b></span></div>
<div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">#!/bin/bash
#set -x
echo "<<<app-raspberry>>>"
# CPU Frequency
expr `vcgencmd measure_clock arm|cut -f 2 -d "="` / 1000000
# CORE Frequency
expr `vcgencmd measure_clock core|cut -f 2 -d "="` / 1000000
# CORE Voltage
vcgencmd measure_volts core|cut -f 2 -d "="|cut -f 1 -d "V"
# SoC Temp
vcgencmd measure_temp|cut -f 2 -d "="| cut -f 1 -d "'"</span></span>
</pre>
<div style="white-space: nowrap;">
<br /></div>
<div style="white-space: nowrap;">
<i><b>Add execution right:</b></i></div>
<div>
<div>
<div>
<pre style="border: 1px dashed rgb(47, 111, 171); line-height: 19px; padding: 1em; white-space: pre;"><span style="color: #333333; font-family: monospace;">$ sudo chmod a+rx /usr/lib/check_mk_agent/local/raspberry</span></pre>
<span style="color: #333333; font-family: monospace;">
</span></div>
</div>
</div>
<div style="white-space: nowrap;">
<br /></div>
</div>
<div>
<span style="white-space: nowrap;">This script will be called by Observium at each poller time.</span></div>
</div>
<br />
<br />
<div>
<div style="color: #333333; line-height: 19px; white-space: normal;">
<span style="white-space: nowrap;"><b style="background-color: white;"><span style="color: #990000;"><span style="font-family: inherit; font-size: large;">Step 4: Observium custom application configuration</span></span></b></span></div>
<span style="white-space: nowrap;">
</span>
<br />
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 19px; white-space: normal;">
</div>
<span style="white-space: nowrap;">
</span></div>
<br />
<br />
Ok now a bigger part, we need to configure Observium to add our custom application has any other.<br />
By this way, we could run this with as many Rpi as you want ;-)<br />
<br />
To do so, we need to create and/or modify different configuration files.<br />
<br />
Go into your Observium root directory, usually "/opt/observium"<br />
<br />
<b>1. "./includes/polling/unix-agent.inc.php" (modify)</b><br />
<br />
<b><i>Look for the section containing:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"> if ($section == "apache") { $sa = "app"; $sb = "apache"; }</span></span></pre>
<br />
<b><i>And add new one just under :</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"> if ($section == "raspberry") { $sa = "app"; $sb = "raspberry"; }</span></span></pre>
<br />
<b>2. "./includes/polling/applications/raspberry.inc.php" (create)</b><br />
<b><br /></b>
<b><i>Create with following content:</i></b><br />
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"><?php
if (!empty($agent_data['app']['raspberry']))
{
$raspberry = $agent_data['app']['raspberry'];
}
$raspberry_rrd = $config['rrd_dir'] . "/" . $device['hostname'] . "/app-raspberry-".$app['app_id'].".rrd";
echo(" raspberry statistics\n");
list($cpufreq, $corefreq, $corevoltage, $soctemp) = explode("\n", $raspberry);
if (!is_file($raspberry_rrd))
{
rrdtool_create ($raspberry_rrd, "--step 300 \
DS:cpufreq:GAUGE:600:0:125000000000 \
DS:corefreq:GAUGE:600:0:125000000000 \
DS:corevoltage:GAUGE:600:0:125000000000 \
DS:soctemp:GAUGE:600:0:125000000000 ".$config['rrd_rra']);
}
print "cpufreq: $cpufreq corefreq: $corefreq corevoltage: $corevoltage soctemp: $soctemp";
rrdtool_update($raspberry_rrd, "N:$cpufreq:$corefreq:$corevoltage:$soctemp");
// Unset the variables we set here
unset($raspberry);
unset($raspberry_rrd);
unset($cpufreq);
unset($corefreq);
unset($corevoltage);
unset($soctemp);
?></span></span>
</pre>
</div>
<div>
<br /></div>
<b>3. "./html/includes/graphs/application/raspberry_soctemp.inc.php" (create)</b><br />
<div>
<br /></div>
<b><i>Create with following content:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"><?php
$scale_min = 0;
include("includes/graphs/common.inc.php");
$raspberry_rrd = $config['rrd_dir'] . "/" . $device['hostname'] . "/app-raspberry-".$app['app_id'].".rrd";
if (is_file($raspberry_rrd))
{
$rrd_filename = $raspberry_rrd;
}
$ds = "soctemp";
$colour_area = "F0E68C";
$colour_line = "FF4500";
$colour_area_max = "FFEE99";
$graph_max = 1;
$unit_text = "°C";
include("includes/graphs/generic_simplex.inc.php");
?></span></span>
</pre>
<div>
<br /></div>
<b>4. "./html/includes/graphs/application/raspberry_corevoltage.inc.php" (create)</b><br />
<div>
<br /></div>
<b><i>Create with following content:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"><?php
$scale_min = 0;
include("includes/graphs/common.inc.php");
$raspberry_rrd = $config['rrd_dir'] . "/" . $device['hostname'] . "/app-raspberry-".$app['app_id'].".rrd";
if (is_file($raspberry_rrd))
{
$rrd_filename = $raspberry_rrd;
}
$ds = "corevoltage";
$colour_area = "CDEB8B";
$colour_line = "006600";
$colour_area_max = "FFEE99";
$graph_max = 1;
$unit_text = "Volts";
include("includes/graphs/generic_simplex.inc.php");
?></span></span>
</pre>
<div>
<br /></div>
<b>5. "./html/includes/graphs/application/raspberry_corefreq.inc.php" (create)</b><br />
<div>
<br /></div>
<b><i>Create with following content:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"><?php
$scale_min = 0;
include("includes/graphs/common.inc.php");
$raspberry_rrd = $config['rrd_dir'] . "/" . $device['hostname'] . "/app-raspberry-".$app['app_id'].".rrd";
if (is_file($raspberry_rrd))
{
$rrd_filename = $raspberry_rrd;
}
$ds = "corefreq";
$colour_area = "B0C4DE";
$colour_line = "191970";
$colour_area_max = "FFEE99";
$graph_max = 1;
$unit_text = "Mhz";
include("includes/graphs/generic_simplex.inc.php");
?></span></span></pre>
<br />
<b>6. "./html/includes/graphs/application/raspberry_cpufreq.inc.php" (create)</b><br />
<div>
<br /></div>
<b><i>Create with following content:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"><?php
$scale_min = 0;
include("includes/graphs/common.inc.php");
$raspberry_rrd = $config['rrd_dir'] . "/" . $device['hostname'] . "/app-raspberry-".$app['app_id'].".rrd";
if (is_file($raspberry_rrd))
{
$rrd_filename = $raspberry_rrd;
}
$ds = "cpufreq";
$colour_area = "B0C4DE";
$colour_line = "191970";
$colour_area_max = "FFEE99";
$graph_max = 1;
$unit_text = "Mhz";
include("includes/graphs/generic_simplex.inc.php");
?></span></span>
</pre>
<div>
<br /></div>
<b>7. "./html/pages/device/apps/raspberry.inc.php" (create)</b><br />
<div>
<b><i><br /></i></b>
<b><i>Create with following content:</i></b></div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"><?php
global $config;
$graphs = array('raspberry_cpufreq' => 'CPU Frequency',
'raspberry_corefreq' => 'CORE Frequency',
'raspberry_corevoltage' => 'CORE Voltage',
'raspberry_soctemp' => 'BCM2835 SoC Temperature',
);
foreach ($graphs as $key => $text)
{
$graph_array['to'] = $config['time']['now'];
$graph_array['id'] = $app['app_id'];
$graph_array['type'] = "application_".$key;
echo('<h3>'.$text.'</h3>');
echo("<tr bgcolor='$row_colour'><td colspan=5>");
include("includes/print-graphrow.inc.php");
echo("</td></tr>");
}
?></span></span></pre>
</div>
<br />
<b>8. "./html/pages/apps.inc.php" (modify)</b><br />
<br />
<i><b>Look for the section containing:
</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$graphs['apache'] = array('bits', 'hits', 'scoreboard', 'cpu');</span></span>
</pre>
<div>
<br /></div>
<i><b>And add new one just under :
</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$graphs['raspberry'] = array('cpufreq', 'corefreq', 'corevoltage', 'soctemp');</span></span>
</pre>
<div>
<br /></div>
<div>
Ok, we're done!</div>
<br />
<br />
<br />
<div style="background-color: #fefdfa; color: #333333; line-height: 19px;">
<b style="background-color: white;"><span style="color: #990000;"><span style="font-family: inherit; font-size: large;">Step 5: Configure your Rpi in Observium, the easy part!</span></span></b></div>
<div style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 19px;">
</div>
<br />
<br />
<b>Now the easiest, add your Rpi into Observium, go to the menu <Devices>, <Add device>.</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEho1g-LO63dut_5fd2a2n7TY6BedWicKQL5N9cudwfMTLhLh0d_kmWevnUw-zHT7ovYBs8-NADh3r19IqfqsjRc3ILlmwFWIqncfB5fme4Z5LTOA-fxzSUtIw9HiBDOo4DgS-APnCSD5QAb/s1600/2013-01-17_094504.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="292" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEho1g-LO63dut_5fd2a2n7TY6BedWicKQL5N9cudwfMTLhLh0d_kmWevnUw-zHT7ovYBs8-NADh3r19IqfqsjRc3ILlmwFWIqncfB5fme4Z5LTOA-fxzSUtIw9HiBDOo4DgS-APnCSD5QAb/s640/2013-01-17_094504.png" width="640" /></a></div>
<br />
<br />
<i><b>In our case:</b></i><br />
<ul>
<li><b>Hostname:</b> Enter the hostname or IP of your Rpi</li>
<li><b>snmp Community</b>: secret</li>
</ul>
<div>
<br />
Let all the rest by default.</div>
<br />
<br />
<b>The Rpi shall be detected with sucess, and the Debian logo appears:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1iS6uhQtZ7zbcDtGF3eV_xW6aluInip8gPv3dVol0cmXwLMpT60Q5i7PVkHzpGiZZODF6Eoy9KzD6ozMwTvUDZkpLVywMLKSUP99P80aYT_rNXtHCwlGSDmXcfxoGQdMhMVhEJ24xdEa4/s1600/2013-01-17_103033.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="44" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1iS6uhQtZ7zbcDtGF3eV_xW6aluInip8gPv3dVol0cmXwLMpT60Q5i7PVkHzpGiZZODF6Eoy9KzD6ozMwTvUDZkpLVywMLKSUP99P80aYT_rNXtHCwlGSDmXcfxoGQdMhMVhEJ24xdEa4/s640/2013-01-17_103033.png" width="640" /></a></div>
<br />
<b>Now enter the device and go to device settings:</b><br />
<b><br /></b>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrvXF1ykqs4Be22wP9DtWSbbh7YNBHJkbDBZ-70AakMAXeZ8o-ioQ3MkAZH5cs2H7fsosNuvFpvwIrYz7TtXkl3bKKxRisBZh-3k2VG_A8BRtW1CxeFYcMGJLlaCpeJrDObPP3lbJbnNU4/s1600/2013-01-17_103451.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="144" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrvXF1ykqs4Be22wP9DtWSbbh7YNBHJkbDBZ-70AakMAXeZ8o-ioQ3MkAZH5cs2H7fsosNuvFpvwIrYz7TtXkl3bKKxRisBZh-3k2VG_A8BRtW1CxeFYcMGJLlaCpeJrDObPP3lbJbnNU4/s640/2013-01-17_103451.png" width="640" /></a></div>
<br />
<b>Go to "Applications" and activate the box corresponding to our Raspberry application:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEha9e1PODozVUmCkcTlwWArbvJRMzyomf52CAn8eYibZX8iFQNFJTnFaY-anBW_5OG7Smee__1km3MUoZfc5uttgf8q91nJKj0ssA5qj7zRqNeKdIQzksl1idKx5QoMAaNElEVC0RNNkLNa/s1600/2013-01-17_103735.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="166" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEha9e1PODozVUmCkcTlwWArbvJRMzyomf52CAn8eYibZX8iFQNFJTnFaY-anBW_5OG7Smee__1km3MUoZfc5uttgf8q91nJKj0ssA5qj7zRqNeKdIQzksl1idKx5QoMAaNElEVC0RNNkLNa/s640/2013-01-17_103735.png" width="640" /></a></div>
<br />
<b>Then, Go to "Modules" and Activate the Unix agent (disabled by default):</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKSUW2iMyFUyUaK_PfZjNAJ1uMuXbdtVzDfJhlXcSnoSknI1BH9-TyJ-lP_5b7j-jyCnMQOYs0QBFWxhRGT88eu8HSA_FPDzw0r1adNc-GLG1d_51_sqZY-G-IlYPVy8FFVHqKO_j5izqm/s1600/2013-01-17_104005.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="86" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKSUW2iMyFUyUaK_PfZjNAJ1uMuXbdtVzDfJhlXcSnoSknI1BH9-TyJ-lP_5b7j-jyCnMQOYs0QBFWxhRGT88eu8HSA_FPDzw0r1adNc-GLG1d_51_sqZY-G-IlYPVy8FFVHqKO_j5izqm/s640/2013-01-17_104005.png" width="640" /></a></div>
<br />
<br />
Great, you're done will all configuration parts, wait for a view poller execution (by default Observium proposes a cron task every 5 minutes)<br />
<br />
<b>You can run manually the poller under the host running Observium:</b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo /opt/observium/poller.php -h all</span></span>
</pre>
<br />
<b>And if you want to run it into debug mode to get more details:</b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo /opt/observium/poller.php -h all -d</span></span></pre>
<br />
<br />
<b>In my experience, you have to wait for 10-15 minutes before getting data being graphed.</b><br />
<br />
<b><i>Some screenshots with application data:</i></b><br />
<br />
<i><b>CPU Frequency:</b></i><br />
<i><b><br /></b></i>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUvh01_Nrz-3wuWrELF9APsN5Qy4BA_1ItQWpQCutj9xshHG-Y1tW_6BgdszRHtHwaiRSUY9HCwVph2RO7GtSPCWeVdY8TO3xLqJ6hdXBmRI0njYmGcusZGgGK2ewO_8j5vFaauAOJ7SHx/s1600/1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="202" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUvh01_Nrz-3wuWrELF9APsN5Qy4BA_1ItQWpQCutj9xshHG-Y1tW_6BgdszRHtHwaiRSUY9HCwVph2RO7GtSPCWeVdY8TO3xLqJ6hdXBmRI0njYmGcusZGgGK2ewO_8j5vFaauAOJ7SHx/s640/1.png" width="640" /></a></div>
<i><b><br /></b></i>
<br />
<i><b>CORE Frequency:</b></i><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUWv3CzwKZX0i8P-K7HL-8v-7Lg1xN97_5BJLNstJAY6ZA9O8xB0MSQZAJP5qOKZtBvqkImVReYiIjwsN4vlJCbwuDvZDvaTvGsCN5LqmvKTZJ0clKH6RZnHs7iwFw_pLnaDx07EkDkumk/s1600/2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="202" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUWv3CzwKZX0i8P-K7HL-8v-7Lg1xN97_5BJLNstJAY6ZA9O8xB0MSQZAJP5qOKZtBvqkImVReYiIjwsN4vlJCbwuDvZDvaTvGsCN5LqmvKTZJ0clKH6RZnHs7iwFw_pLnaDx07EkDkumk/s640/2.png" width="640" /></a></div>
<br />
<br />
<i><b>CORE Voltage:</b></i><br />
<i><b><br /></b></i>
<br />
<div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivntABFm4SxOwfyTYPx5fvKbEJjT5y_Yplkln5dFsxHrBdkBFq9lf25UOgONSAx5aeMvK1sFXxLYssqjg2zqJMylGDXqzKzLCcVzAwMNCQnx3gi8kdXDNuTySeHH2wqScQW6JI6Pcf92Vz/s1600/3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="208" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivntABFm4SxOwfyTYPx5fvKbEJjT5y_Yplkln5dFsxHrBdkBFq9lf25UOgONSAx5aeMvK1sFXxLYssqjg2zqJMylGDXqzKzLCcVzAwMNCQnx3gi8kdXDNuTySeHH2wqScQW6JI6Pcf92Vz/s640/3.png" width="640" /></a></div>
<br /></div>
<br />
<i><b>BCM2835 Soc Temperature:</b></i><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNnwDo_OhXIdRI-y4x3tDooKnqMzZvS9sbzbu0H0NxbxxECFpH5I4oDkKsDTxzrHKIjDfai9pd-2UTZypCIYiPnWe22-eWnRWA7o7nMAZrtuHPYYtw9zMafZ_goWSqe8vvCqlaet5DqRPi/s1600/4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="206" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNnwDo_OhXIdRI-y4x3tDooKnqMzZvS9sbzbu0H0NxbxxECFpH5I4oDkKsDTxzrHKIjDfai9pd-2UTZypCIYiPnWe22-eWnRWA7o7nMAZrtuHPYYtw9zMafZ_goWSqe8vvCqlaet5DqRPi/s640/4.png" width="640" /></a></div>
<br />
<br />
<br />
<b>Great :-)</b><br />
<br />
<br />
<br />Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com71tag:blogger.com,1999:blog-4353161337668741389.post-73763888056220454652013-01-16T12:30:00.000+01:002013-03-14T20:34:52.557+01:00Howto: Raspberry Pi Root NFS share - boot your System over NFS share and definitively deal with Flash data corruption <br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPaiRdN6ABTTmcSXs42Dycub5UCcV6bMWhb3rqHSIQ5XsFqSCuJYE61NaiYC9RcZaQSRLGmOwremaPVxREyvs3mxO3SEhyC9A11ErnAmYC6OpVUnmXTtbh84dRS-hKCi5VSfqhPpZP9UFn/s1600/Raspberry-Pi-logo.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="285" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPaiRdN6ABTTmcSXs42Dycub5UCcV6bMWhb3rqHSIQ5XsFqSCuJYE61NaiYC9RcZaQSRLGmOwremaPVxREyvs3mxO3SEhyC9A11ErnAmYC6OpVUnmXTtbh84dRS-hKCi5VSfqhPpZP9UFn/s320/Raspberry-Pi-logo.jpg" width="320" /></a></div>
<br />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><span style="color: #666666;"><b style="font-size: x-large;">*** Updated</b><b style="font-size: x-large;"> March 14, 2013 ***</b></span></i><br />
<br />
<br />
<h3 style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; margin: 0px; position: relative;">
The Goal: </h3>
<div>
<br /></div>
<div>
If you have a Raspberry Pi and a Linux Server (or a NAS), you shall really be interested by this post! :-)</div>
<div>
<br /></div>
<div>
I had a lot of issue with my main Rpi when overclocked generating File System data corruption...</div>
<div>
And finally, the real best solution, solid and efficient has been to convert my root installation into booting rootfs over NFS.</div>
<div>
<br /></div>
<div>
I recommend the most easy solution to first have a running installation of your system into your Flash card and simply migrate it to root fs over NFS.</div>
<div>
<br /></div>
<div>
Since i've done this, never had any system freeze, corruption or event kernel panic with my Rpi overclocked to turbo mode :-)</div>
<div>
<br /></div>
<div>
Also, you should ensure before beginning that your system is up to date (sudo apt-get update && sudo apt-get dist-upgrade -f) and your have the last firmware version (sudo rpi-update)</div>
<div>
<br /></div>
<div>
<b style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><span style="color: #990000;">Major source:</span></b> </div>
<div>
<ul>
<li><a href="http://raspberrypi.org/phpBB3/viewtopic.php?f=63&t=5974">http://raspberrypi.org/phpBB3/viewtopic.php?f=63&t=5974</a></li>
<li><a href="http://raspberrypi.stackexchange.com/questions/628/how-do-i-configure-the-raspberry-pi-to-boot-with-an-nfs-root">http://raspberrypi.stackexchange.com/questions/628/how-do-i-configure-the-raspberry-pi-to-boot-with-an-nfs-root</a></li>
</ul>
</div>
<div>
<br /></div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: inherit; font-size: medium;"><b>Summary of steps:</b></span><span style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"> </span><b style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><span style="color: #990000;"><br /></span></b><span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b></b></span><br />
<span style="font-family: inherit;"><b style="background-color: #fefdfa; color: #333333; line-height: 18px;"><span style="color: #990000;">Step 1: Set your NFS share</span></b><br style="background-color: #fefdfa; color: #333333; line-height: 18px;" /><b style="background-color: #fefdfa; color: #333333; line-height: 18px;"><span style="color: #990000;">Step 2: Copy your root fs into your NFS share</span></b><br style="background-color: #fefdfa; color: #333333; line-height: 18px;" /><b style="background-color: #fefdfa; color: #333333; line-height: 18px;"><span style="color: #990000;">Step 3: Modify your Raspberry Pi boot configuration</span></b><br style="background-color: #fefdfa; color: #333333; line-height: 18px;" /><b style="background-color: #fefdfa; color: #333333; line-height: 18px;"><span style="color: #990000;">Step 4: Adapt your Rpi fstab</span></b><br style="background-color: #fefdfa; color: #333333; line-height: 18px;" /><b style="background-color: #fefdfa; color: #333333; line-height: 18px;"><span style="color: #990000;">Step 5: Boot your Rpi!</span></b></span></div>
<div>
<span style="font-family: inherit;"><b style="background-color: #fefdfa; color: #333333; line-height: 18px;"><span style="color: #990000;">Step 6: </span></b><span style="color: #990000;"><b><span style="line-height: 18px;">Correct your swap configuration by migrating to a loop device</span></b></span></span></div>
<div>
<span style="font-family: inherit;"><span style="color: #990000;"><b><br style="background-color: #fefdfa; line-height: 18px;" /></b></span><b style="color: #990000; line-height: 18px;">Memorandum</b></span></div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b><br /></b></span></div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b><br /></b></span></div>
<div>
<div style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px; margin-bottom: 0.5em; margin-top: 0.4em;">
<div style="line-height: 19px;">
<b style="background-color: white; font-family: inherit;"><span style="color: #990000; font-size: medium;">Step 1: Set your NFS share</span></b></div>
</div>
</div>
<div>
<div style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px; margin-bottom: 0.5em; margin-top: 0.4em;">
<div style="line-height: 19px;">
<br /></div>
<div style="line-height: 19px;">
<span style="font-family: inherit;"></span></div>
</div>
</div>
<div>
<div>
If you have a Linux Home Server or NAS, then you probably already share data using NFS.</div>
</div>
<div>
<br /></div>
<div>
<i><b>To set a NFS share dedicated for your Rpi Root fs, add your share into "/etc/exports":</b></i></div>
<div>
<i><b>Adapt </b></i><i><b><raspberrypi_ip></b> </i><i><b>with your Rpi LAN IP or LAN subnet if you prefer</b></i></div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># Raspberry Root FS
/data/rpi_rootfs </span></span><i style="font-family: 'Times New Roman'; white-space: normal;"><raspberrypi_ip></i><span style="color: #333333;"><span style="line-height: 19px;">(rw,sync,no_root_squash,no_subtree_check)</span></span></pre>
</div>
<div>
<br /></div>
<div>
<div>
<b><i>Under Debian / Ubuntu, reload your NFS server config:</i></b></div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">sudo /etc/init.d/nfs-kernel-server reload</span></span></pre>
</div>
</div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<b style="background-color: white; color: #333333; font-family: inherit; font-size: 13px; line-height: 19px;"><span style="color: #990000; font-size: medium;">Step 2: Copy your Rpi root fs into your NFS share</span></b></div>
<div>
<br /></div>
<div>
<div>
Then simply copy all of your Rpi root fs into your new nfs share, you can do it directly under the Rpi or by plugging your Flash card into a client computer:</div>
</div>
<div>
<br /></div>
<div>
<i><b>Example with a client computer having the flash card and NFS share mounted:</b></i></div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">cp -rav /media/mmcblk0p2/* /data/rpi_rootfs/ </span></span></pre>
</div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 19px;">
<b style="background-color: white; font-family: inherit;"><span style="color: #990000; font-size: medium;">Step 3: Modify your Raspberry Pi boot configuration</span></b></div>
</div>
<div>
<b style="background-color: white; font-family: inherit;"><span style="color: #990000; font-size: medium;"><br /></span></b></div>
<div>
The only partition you will need to keep in your Rpi Flash card will be the boot partition (first partition), containing main boot configuration files and the Rpi firmware.</div>
<div>
<br /></div>
<div>
<i><b>To boot over NFS, we need to modify the file "/boot/cmdline.txt" (contained into the first fat partition of your Flash card) to add/correct some sections:</b></i></div>
<div>
<ul>
<li>root= --> Will be pointing to "/dev/nfs"</li>
<li>nfsroot=<i><nfs_server_ip></i>:/data/rpi_rootfs,udp,vers=3 ip=dhcp (replace<i><nfs_server_ip></i> with your NFS server IP)</li>
<li>rootfstype=nfs</li>
<li>smsc95xx.turbo_mode=N --> is a workaround to prevent kernel panic under high network load (i recommend this)</li>
</ul>
</div>
<div>
<i><b><br /></b></i></div>
<div>
<i><b>Note:</b></i></div>
<div>
<i><b><br /></b></i></div>
<div>
In this example, we use DHCP to set the Rpi Lan IP at boot time, this is in my opinion the easiest way to do as you preset a fix address in your DHCP server for your Rpi.</div>
<div>
Still you can also manually a fix IP at boot time.</div>
<div>
<br /></div>
<div>
Also note we will be using NFS V3 running under UDP for better performances. (see Memorandum for performances fine tuning)</div>
<div>
<i><b><br /></b></i></div>
<div>
<b><i>"cmdline.txt" example with DHCP (the file must contain only one line):</i></b></div>
<div>
<b><i><br /></i></b></div>
<div>
<div>
<i>Replace:</i></div>
<div>
<ul>
<li><i><nfs_server_ip> with the NFS server IP</i></li>
</ul>
</div>
</div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="background-color: transparent; line-height: 19px;"><span style="color: #333333;">dwc_otg.lpm_enable=0 console=ttyAMA0,115200 kgdboc=ttyAMA0,115200 console=tty1
root=/dev/nfs nfsroot=</span></span><span style="background-color: transparent; color: #333333; line-height: 19px;"><nfs_server_ip></span><span style="background-color: transparent; color: #333333; line-height: 19px;">:/data/rpi_rootfs,udp,vers=3</span>
<span style="background-color: transparent; line-height: 19px;"><span style="color: #333333;">ip=dhcp rootfstype=nfs smsc95xx.turbo_mode=N</span></span><span style="color: #333333;"><span style="line-height: 19px;"> </span></span></pre>
</div>
<div>
<br /></div>
<div>
<div>
<b><i>"cmdline.txt" example with Fix IP</i></b><b><i>(the file must contain only one line):</i></b></div>
<div>
<b><i><br /></i></b></div>
<div>
<i>Replace:</i></div>
<div>
<ul>
<li><i><raspberrypi_ip> with the Lan IP of your Rpi</i></li>
<li><i><nfs_server_ip> with the NFS server IP</i></li>
<li><i><default_gateway> with the IP of your local gateway</i></li>
</ul>
</div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="background-color: transparent; line-height: 19px;"><span style="color: #333333;">dwc_otg.lpm_enable=0 console=ttyAMA0,115200 kgdboc=ttyAMA0,115200 console=tty1
root=/dev/nfs nfsroot=</span></span><i style="font-family: 'Times New Roman'; white-space: normal;"><nfs_server_ip></i><span style="background-color: transparent; line-height: 19px;"><span style="color: #333333;">:/data/rpi_rootfs,udp,vers=3
ip=<raspberrypi_ip>:<nfs_server_ip>:<default_gateway>:<mask>:rpi:eth0:off rootfstype=nfs smsc95xx.turbo_mode=N</span></span></pre>
</div>
</div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 19px;">
<b style="background-color: white; font-family: inherit;"><span style="color: #990000; font-size: medium;">Step 4: Adapt your Rpi fstab</span></b></div>
</div>
</div>
<div>
<b style="background-color: white; font-family: inherit;"><span style="color: #990000; font-size: medium;"><br /></span></b></div>
<div>
<div>
Now edit the Rpi "/etc/fstab" file before trying to boot, do under your NFS server or client computer.</div>
</div>
<div>
<br /></div>
<div>
<div>
<b><i>/data/rpi_rootfs/etc/fstab:</i></b></div>
<div>
<ul>
<li>Delete the original line corresponding to your root fs and pointing to the second partition of your flash card (/dev/mmcblk0p2), we don't need anymore as it will automatically be mounted by the firmware at boot time</li>
</ul>
<div>
<br /></div>
</div>
<div>
<b style="background-color: white; color: #333333; font-family: inherit; font-size: 13px; line-height: 19px;"><span style="color: #990000; font-size: medium;">Step 5: Boot your Rpi!</span></b></div>
</div>
<div>
<br /></div>
<div>
<div>
Ok, let's go, time to boot :-)</div>
</div>
<div>
<br /></div>
<div>
If you follow all steps carefully, you system should boot with no major issue.</div>
<div>
<br /></div>
<div>
Therefore, you will not have anymore swap available, by default Raspbian uses dphys-swapfile os use a local file as swap.</div>
<div>
<br /></div>
<div>
We will correct this now.</div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 19px;">
<b style="background-color: white; font-family: inherit;"><span style="color: #990000; font-size: medium;">Step 6: Correct your swap configuration by migrating to a loop device</span></b></div>
</div>
</div>
<div>
<b style="background-color: white; font-family: inherit;"><span style="color: #990000; font-size: medium;"><br /></span></b></div>
<div>
<div>
By default, Raspbian uses dphys-swapfile to generate a local file being used as swap, this won't work anymore when booting under NFS.</div>
</div>
<div>
<br /></div>
<div>
I don't recommend to use your Flash card as a swap partition, this may generates system freeze or kernel panics if you have data corruption:</div>
<div>
<br /></div>
<div>
<b>The better way is to set a local file as a loop device that will be used a swap device, here is how.</b></div>
<div>
<br /></div>
<div>
<i><b>Clean current non working swap file and uninstall dphys-swapfile:</b></i></div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">sudo apt-get remove --purge dphys-swapfile
sudo rm /var/swap
sudo rm /etc/init.d/dphys-swapfile
sudo update-rc.d dphys-swapfile remove</span></span></pre>
</div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b><br /></b></span></div>
<div>
<div>
<i><b>Create a new swap file, create the loop swap device and activate swap (exemple with 1GB swap):</b></i></div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">sudo dd if=/dev/zero of=/var/swapfile bs=1M count=1024
sudo losetup /dev/loop0 /var/swapfile
sudo mkswap /dev/loop0
sudo swapon /dev/loop0</span></span></pre>
</div>
</div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b><br /></b></span></div>
<div>
<div>
<i><b>Check your current swap availability:</b></i></div>
<div>
</div>
</div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ free</span></span></pre>
</div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b><br /></b></span></div>
<div>
<div>
<div>
<i><b>Output example:</b></i></div>
<div>
</div>
</div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"> total used free shared buffers cached
Mem: 237656 213092 24564 0 24 93192
-/+ buffers/cache: 119876 117780
Swap: 1048572 1556 1047016</span></span></pre>
</div>
</div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b><br /></b></span></div>
<div>
<i><b>Make it permanent, edit "</b></i><b><i>/etc/rc.local" and add this section before "exit 0":</i></b></div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">echo "Setting up loopy/var/swapfile.."
sleep 2
losetup /dev/loop0 /var/swapfile
mkswap /dev/loop0
swapon /dev/loop0</span></span></pre>
</div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b><br /></b></span></div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b><br /></b></span></div>
<div>
<div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 19px;">
<b style="background-color: white; font-family: inherit;"><span style="color: #990000; font-size: medium;">Step 7: Other tunings</span></b></div>
</div>
</div>
<div>
<b style="background-color: white; font-family: inherit;"><span style="color: #990000; font-size: medium;"><br /></span></b></div>
<div>
<div>
<i><b><br /></b></i></div>
<div>
<b>There is also some other little thing to tune:</b></div>
<div>
<i><b><br /></b></i></div>
<div>
<i><b>Edit "</b></i><b><i>/etc/default/rcS" and:</i></b></div>
<div>
<div>
<ul>
<li><div style="display: inline !important;">
add:ASYNCMOUNTNFS=no<br />
<br /></div>
</li>
</ul>
</div>
</div>
<div>
<b><i>Edit "/etc/sysctl.conf" and:</i></b></div>
<div>
<ul>
<li>add or set: vm.min_free_kbytes = 12288 </li>
</ul>
This will ensure the system will always have 12Mb or RAM free to prevent kernel panic risk, your may try lower value if your prefer.</div>
<div>
<b><i><br /></i></b></div>
<div>
<br /></div>
</div>
<div>
<div>
<span style="font-family: inherit;"><b style="color: #990000; line-height: 18px;">Memorandum</b></span></div>
</div>
<div>
<span style="font-family: inherit;"><b style="color: #990000; line-height: 18px;"><br /></b></span></div>
<div>
<ul>
<li><span style="color: #990000;"><span style="font-family: inherit; line-height: 18px;"><b>NFS version and fine tuning</b></span></span></li>
</ul>
</div>
<div>
<span style="background-color: #fefdfa; font-family: inherit; line-height: 18px;">You may want to try different settings to get the better performance possible.</span></div>
<div>
<span style="background-color: #fefdfa; font-family: inherit; line-height: 18px;"><br /></span></div>
<div>
<span style="background-color: #fefdfa; font-family: inherit; line-height: 18px;">First, if you test your write speed, using dd will be very easy:</span></div>
<div>
<span style="background-color: #fefdfa; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><br /></span></div>
<div>
<span style="background-color: #fefdfa; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b><i>Create a 10 Mb file test:</i></b></span></div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ dd if=/dev/zero of=/tmp/test.file bs=1M count=10</span></span></pre>
</div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b><br /></b></span></div>
<div>
<b style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><i>Output sample:</i></b></div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span class="text" style="font-size: 13px; white-space: nowrap;">10+0 enregistrements lus </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">10+0 enregistrements écrits </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">10485760 octets (10 MB) copiés, 1,52525 s, 6,9 MB/s</span></pre>
</div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b><br /></b></span></div>
<div>
<span style="background-color: #fefdfa; font-family: inherit; line-height: 18px;"><b>You may want to try with different NFS version, change in cmdline.txt:</b></span></div>
<div>
<ul>
<li><span style="font-family: inherit; line-height: 18px;">Change the section nfsroot "vers=2/3"</span></li>
</ul>
</div>
<div>
<b style="line-height: 18px;"><span style="font-family: inherit;">You may want to try TCP versus UDP</span></b></div>
<div>
<ul>
<li><span style="font-family: inherit;"><span style="line-height: 18px;">Change the section nfsroot "</span>udp" or "tcp"</span></li>
</ul>
<div>
<b style="line-height: 18px;"><span style="font-family: inherit;">You may want to try different values of "rsize" and "wsize", example with NFS V3 and TCP:</span></b></div>
</div>
<div>
<b style="line-height: 18px;"><span style="font-family: inherit;"><br /></span></b></div>
<div>
<span style="font-family: inherit; line-height: 18px;"><i>Example:</i></span></div>
<div>
<ul>
<li><span style="font-family: inherit; line-height: 18px;">root=/dev/nfs nfsroot=<nfs_server_ip>:/data/rpi_rootfsrsize=32768,wsize=32768,tcp,vers=3</span></li>
</ul>
<span style="font-family: inherit; line-height: 18px;"></span><br />
<span style="font-family: inherit; line-height: 18px;">
In my case, it did not really change anything, so i kept kernel default values for wsize and rsize, udp with NFS V3.</span></div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: inherit; line-height: 18px;"><b><br /></b></span></div>
<div>
<ul>
<li><span style="color: #990000;"><span style="font-family: inherit; line-height: 18px;"><b>Netfilter Iptables</b></span></span></li>
</ul>
</div>
<div>
<div>
<span style="font-family: inherit; line-height: 18px;">When modifying your Iptables configuration, keep in mind that NFS traffic with your NFS server will result in system halt.</span></div>
</div>
<div>
<span style="font-family: inherit; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: inherit; line-height: 18px;">Applying default outbound policy to DROP (usually "iptables -P OUTPUT DROP") will in system crash.</span></div>
<div>
<span style="font-family: inherit; line-height: 18px;">You should apply instead "iptables -P OUTPUT ACCEPT" which will permit any outbound traffic from your Rpi (not a big deal, usually you trust your own machine)</span></div>
<div>
<span style="font-family: inherit; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: inherit; line-height: 18px;">Also you can ensure to accept NFS traffic with your NFS server before applying any other rules.</span></div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><br /></span></div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b><br /></b></span></div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b><br /></b></span></div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b><br /></b></span></div>
Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com39tag:blogger.com,1999:blog-4353161337668741389.post-72854400583892098742013-01-15T22:16:00.001+01:002013-06-09T15:39:16.441+02:00Splunk Howto - Splunk for Fail2ban, get a the Fail2ban Multi-host frontend with Splunk!<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3vTq8YIBEWj3uoYivUcOHDLDAspb7496546c8tKQLZDkpQFTsuaBTp7818A8xPJDab0kQdqGda-wxFId-drzijdmTkCZSoBrJxa8MvlF6TvFmh-8SKNuB1-3DfjweiG8e5SYNnC89YIbT/s1600/title.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="98" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3vTq8YIBEWj3uoYivUcOHDLDAspb7496546c8tKQLZDkpQFTsuaBTp7818A8xPJDab0kQdqGda-wxFId-drzijdmTkCZSoBrJxa8MvlF6TvFmh-8SKNuB1-3DfjweiG8e5SYNnC89YIbT/s640/title.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiB2Hr62pB49R10oWYt4SVUR9jF4uWzs0Pdcd-y7CWjQ2Yo9F7shKn-DpXL8M9iyy5dRRwDDZwBKERX3WncKnJYbosIPiv4HnuFYH8KHleZLrQxWz7szWGurCrfT26Q-tQWCrjn6c6QJNQk/s1600/overview.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="338" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiB2Hr62pB49R10oWYt4SVUR9jF4uWzs0Pdcd-y7CWjQ2Yo9F7shKn-DpXL8M9iyy5dRRwDDZwBKERX3WncKnJYbosIPiv4HnuFYH8KHleZLrQxWz7szWGurCrfT26Q-tQWCrjn6c6QJNQk/s640/overview.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><span style="color: #666666;"><b style="font-size: x-large;">*** Updated</b><b style="font-size: x-large;"> June 9, 2013 ***</b></span></i></div>
<div class="separator" style="clear: both; text-align: left;">
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><span style="color: #666666;"><b style="font-size: x-large;"><br /></b></span></i></div>
<div class="separator" style="clear: both; text-align: left;">
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px; text-align: -webkit-auto;"><b><br /></b></i></div>
<div class="separator" style="clear: both; text-align: left;">
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px; text-align: -webkit-auto;"><b>Current Version = 2.02</b></i></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: inherit;"><br /></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">Splunk (if you don't yet know it) is an incredibly powerful solution that collects, indexes and exploits any kind of data from any system, offering you as many solution as you need and even the possibility to create custom applications with graphical </span><span style="line-height: 18px;">front-ends</span><span style="line-height: 18px;">. (dashboards, reports, saved searches...)</span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: inherit;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: inherit;">In a few words, i am really impressed by Splunk, i think i've been looking for this for many many years!</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: inherit;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: inherit;">Don't hesitate to take a look at main Splunk Website, you will easily find a lot of information and great documentations: </span><a href="http://www.splunk.com/">http://www.splunk.com/</a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; color: #333333; font-family: inherit; line-height: 18px; text-align: -webkit-auto;">Splunk can be used for free with some little restrictions. (not more than 500Mb of input data per day)</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; color: #333333; font-family: inherit; line-height: 18px; text-align: -webkit-auto;">Details: </span><a href="http://docs.splunk.com/Documentation/Splunk/5.0.1/Admin/TypesofSplunklicenses">http://docs.splunk.com/Documentation/Splunk/5.0.1/Admin/TypesofSplunklicenses</a></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; color: #333333; font-family: inherit; line-height: 18px; text-align: -webkit-auto;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; color: #333333; font-family: inherit; line-height: 18px; text-align: -webkit-auto;"><br /></span><span style="font-family: inherit;"><span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333;"><span style="line-height: 18px;">I developed my first Splunk application "Splunk For Fail2ban" to provide a cool frontend and log managing tool associated with the well known and powerful Fail2ban tool. (take a look at my older post: </span></span></span><a href="http://youresuchageek.blogspot.fr/2012/11/howto-fail2ban-secure-your-network.html">http://youresuchageek.blogspot.fr/2012/11/howto-fail2ban-secure-your-network.html</a>)</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333;"><span style="font-family: inherit; line-height: 18px;"><br /></span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333;"><span style="font-family: inherit; line-height: 18px;"><b>To install this addon, follow this link on Splunkbase or install it through the standard Splunk application process search online: </b></span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<a href="http://splunk-base.splunk.com/apps/72087/splunk-for-fail2ban" target="_blank">http://splunk-base.splunk.com/apps/72087/splunk-for-fail2ban</a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="text-align: -webkit-auto;"><b style="color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: large; line-height: 25px;">Splunk pre-requirements:</b></span></span></div>
<div class="separator" style="clear: both;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="text-align: -webkit-auto;"><b style="color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: large; line-height: 25px;"><br /></b></span></span></div>
<div class="separator" style="clear: both;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="text-align: -webkit-auto;"><b style="color: #333333; line-height: 18px;">Ensure to install requirements Splunk addons:</b></span></span></div>
<div class="separator" style="clear: both;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; line-height: 18px; text-align: -webkit-auto;"></span></span></div>
<div class="separator" style="clear: both;">
</div>
<ul>
<li><span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; line-height: 18px; text-align: -webkit-auto;"><span style="text-align: -webkit-auto;"><a href="http://www.blogger.com/goog_1600173181">Sideview utils addon </a><b><a href="http://sideviewapps.com/apps/sideview-utils/download-full-version-internal-use/">V2.x</a> </b>(not the older version available in Splunk Base)</span></span></span></li>
<li><span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; line-height: 18px; text-align: -webkit-auto;"><span style="text-align: -webkit-auto;"><a href="http://splunk-base.splunk.com/apps/22365/google-maps" target="_blank">Google Maps addon</a></span></span></span></li>
<li><span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; line-height: 18px; text-align: -webkit-auto;"><span style="text-align: -webkit-auto;"><a href="http://splunk-base.splunk.com/apps/22282/geo-location-lookup-script-powered-by-maxmind" target="_blank">Maxmind geo location addon</a></span></span></span></li>
</ul>
<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: left;">
<b style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: large; line-height: 25px;">Splunk For Fail2ban provides:</b></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"></span></div>
<div class="separator" style="clear: both;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #990000; font-family: inherit; line-height: 18px;"><b><i>A complete Dashboard Overview of Fail2ban activity for all managed systems: </i></b></span></span></span></div>
<div>
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #990000; font-family: inherit; line-height: 18px;"><b><i><br /></i></b></span></span></span></div>
<div>
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="background-color: #fefdfa; color: #333333; text-align: -webkit-auto;"></span></span><br />
<div class="separator" style="clear: both; line-height: 18px;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="background-color: #fefdfa; color: #333333; text-align: -webkit-auto;"><b><i>Home page with realtime quick summary activity overview and links to interfaces:</i></b></span></span></div>
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="background-color: #fefdfa; color: #333333; text-align: -webkit-auto;">
</span></span>
<br />
<div class="separator" style="clear: both; line-height: 18px;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="background-color: #fefdfa; color: #333333; text-align: -webkit-auto;"><b><i><br /></i></b></span></span></div>
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="background-color: #fefdfa; color: #333333; text-align: -webkit-auto;">
</span></span>
<div class="separator" style="clear: both; text-align: center;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="background-color: #fefdfa; color: #333333; text-align: -webkit-auto;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhziFsQ_SGnzG0WWIQXf96dUOwhuBqxZlZ8VimcUrB0DmeGQntcFTxXS8yyu0K2gGSWZEiVZ1GWwEDSDrprjRkYJR344UD0jgEHJIVgXxCYqsimOF4CCbnQuY7K9Z7LZa9c5iOvz4RaPBwT/s1600/S%C3%A9lection_001.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="270" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhziFsQ_SGnzG0WWIQXf96dUOwhuBqxZlZ8VimcUrB0DmeGQntcFTxXS8yyu0K2gGSWZEiVZ1GWwEDSDrprjRkYJR344UD0jgEHJIVgXxCYqsimOF4CCbnQuY7K9Z7LZa9c5iOvz4RaPBwT/s640/S%C3%A9lection_001.png" width="640" /></a></span></span></div>
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="background-color: #fefdfa; color: #333333; text-align: -webkit-auto;">
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyDD3Wy0W0RNCbBrmvZwhcQKy-zsirBj84hduwnyILu_uCxuwr0D1ztCWzC5gbCbnRpO-BMU_QLy0vLccXOe2HlTr8YSa1LhkCiQpg_j4fx-TdVrmXLNOIjK2efS1ZFIQtl6LRRZp4sNa4/s1600/S%C3%A9lection_002.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="286" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyDD3Wy0W0RNCbBrmvZwhcQKy-zsirBj84hduwnyILu_uCxuwr0D1ztCWzC5gbCbnRpO-BMU_QLy0vLccXOe2HlTr8YSa1LhkCiQpg_j4fx-TdVrmXLNOIjK2efS1ZFIQtl6LRRZp4sNa4/s640/S%C3%A9lection_002.png" width="640" /></a></div>
<div class="separator" style="clear: both; line-height: 18px;">
<b><i><br /></i></b></div>
</span></span></div>
<div>
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #990000; font-family: inherit; line-height: 18px;"><b><i><br /></i></b></span></span></span></div>
<br />
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #990000; font-family: inherit; line-height: 18px;"><b><i>A complete Dashboard Overview of Fail2ban activity for all managed systems: </i></b></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333;"><span style="font-family: inherit; line-height: 18px;"><br /></span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="color: #333333;"><span style="line-height: 18px;"><b><i>Activity overview:</i></b></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="color: #333333;"><span style="line-height: 18px;"><b><i><br /></i></b></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgi4nRTI2mOuSFVztF9VWh9hMpZE5Y_qivfmo3FtL0t0PexA9ujIS06GUL520ip6zKfz1MyPPHOeRhUJRs24bcCSktj7Mb3YNuj2jQogsMdh_c0qY36qIOj9Hx2bi14_KJ8Q_hKQk-qUYJo/s1600/S%C3%A9lection_003.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="234" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgi4nRTI2mOuSFVztF9VWh9hMpZE5Y_qivfmo3FtL0t0PexA9ujIS06GUL520ip6zKfz1MyPPHOeRhUJRs24bcCSktj7Mb3YNuj2jQogsMdh_c0qY36qIOj9Hx2bi14_KJ8Q_hKQk-qUYJo/s640/S%C3%A9lection_003.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><i><br /></i></span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both;">
<span style="color: #333333;"><span style="line-height: 18px;"><b><i>Activity and Alert Trend:</i></b></span></span></div>
<div class="separator" style="clear: both;">
<span style="color: #333333;"><span style="line-height: 18px;"><b><i><br /></i></b></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXoWxbs8jB9UOAvYFXhzN6Jv1lGmtRun7ZHnMTX2jF2hm7Tcfkw8lIk5q-jCj7vvK_6bJBCNKBtY6Tgbehist-sQTLukQFeS9e54QqKlATC4xTw5359jzXjgJjHrXfbpYDaq8EXYWHV939/s1600/S%C3%A9lection_004.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="188" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXoWxbs8jB9UOAvYFXhzN6Jv1lGmtRun7ZHnMTX2jF2hm7Tcfkw8lIk5q-jCj7vvK_6bJBCNKBtY6Tgbehist-sQTLukQFeS9e54QqKlATC4xTw5359jzXjgJjHrXfbpYDaq8EXYWHV939/s640/S%C3%A9lection_004.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhU6AKGnh5CrQitIloNxq-ZJ8_ZEpbJ29ZI8aw0JBaTnJhapIkCisgW7eOZLZTSNG988SP-8jwsdnGW_IlnfSeQOvKnWPKtBBGBLmwoJFQfvV_NkO3jv8HJazGreh64bEdaWyb-VQdVN9Pw/s1600/S%C3%A9lection_006.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="168" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhU6AKGnh5CrQitIloNxq-ZJ8_ZEpbJ29ZI8aw0JBaTnJhapIkCisgW7eOZLZTSNG988SP-8jwsdnGW_IlnfSeQOvKnWPKtBBGBLmwoJFQfvV_NkO3jv8HJazGreh64bEdaWyb-VQdVN9Pw/s640/S%C3%A9lection_006.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div>
<div class="separator" style="clear: both;">
<i style="background-color: #fefdfa; color: #333333; font-family: inherit; line-height: 18px;"><b>Various Top 10 Charts and stats:</b></i></div>
</div>
<div>
<span style="background-color: #fefdfa;"><span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><i><br /></i></span></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8oIhXjLiOpAJ79HGfpb1lDcEZctWiMoxTW6GVG9gAmJDrgRAJIfsyLrJH2VLcOrw5byvA4nbiInzYXZCbXXd-o4EAeSFd0cwDlmgCw3VF5FesfObXxbxD-dkTjDTk-eNCAXg8IgI-r2Wv/s1600/S%C3%A9lection_007.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="176" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8oIhXjLiOpAJ79HGfpb1lDcEZctWiMoxTW6GVG9gAmJDrgRAJIfsyLrJH2VLcOrw5byvA4nbiInzYXZCbXXd-o4EAeSFd0cwDlmgCw3VF5FesfObXxbxD-dkTjDTk-eNCAXg8IgI-r2Wv/s640/S%C3%A9lection_007.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgIgfdqvveU6CNLBXkkc_Mzhp_-pwtp2y3HgiP2qCpdwmtx4ykD8uoz-wzU6ghct7j4X3BCnL5jhkFo_sMzJunkWnLq6kuB65I_7TRrzpMZVWq83adEphyZhhUnTWcqxgz9epDyxGz2WwDF/s1600/S%C3%A9lection_008.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="176" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgIgfdqvveU6CNLBXkkc_Mzhp_-pwtp2y3HgiP2qCpdwmtx4ykD8uoz-wzU6ghct7j4X3BCnL5jhkFo_sMzJunkWnLq6kuB65I_7TRrzpMZVWq83adEphyZhhUnTWcqxgz9epDyxGz2WwDF/s640/S%C3%A9lection_008.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEis5y8eH94esy9Uv6hbJDOr_vNEX5reL4_s4CRJB-4OD2nJtNNzg7H73TIA_zoXvblOU6R8sy284Fp0w-pk57SE4CzszZ34atAJHDBrVL2I-MCBUifif5fPs-j3PVvCUKA1dVyiRFGAjP_l/s1600/S%C3%A9lection_009.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="166" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEis5y8eH94esy9Uv6hbJDOr_vNEX5reL4_s4CRJB-4OD2nJtNNzg7H73TIA_zoXvblOU6R8sy284Fp0w-pk57SE4CzszZ34atAJHDBrVL2I-MCBUifif5fPs-j3PVvCUKA1dVyiRFGAjP_l/s640/S%C3%A9lection_009.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwlg6jpgyBvVQl2FIgX4r3pQg2Hm8RJuaXGzYIXT2uO6kT_0CW8KbbeST8FijhKojG9dq2BkDEjqvWHSrKOmZTTJvWRoU7NKtB4rNLpTZqQSTaEOrXgI9pUu2Sv4DVsdiB-vyW8xXzMplp/s1600/S%C3%A9lection_010.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="166" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwlg6jpgyBvVQl2FIgX4r3pQg2Hm8RJuaXGzYIXT2uO6kT_0CW8KbbeST8FijhKojG9dq2BkDEjqvWHSrKOmZTTJvWRoU7NKtB4rNLpTZqQSTaEOrXgI9pUu2Sv4DVsdiB-vyW8xXzMplp/s640/S%C3%A9lection_010.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjj91_T738e_e3KMCHTLbcIk58FrUtiT2R3feaPVlcbrViRRNNOcRcj6U9hC2ttb7P89R8rNa045JSkerVBFz3LPMYS34q9hC0YFF1SzpJBm3iDYo0LHYlAF8QHAs4m8i3517ibeFLbFTu_/s1600/S%C3%A9lection_011.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="176" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjj91_T738e_e3KMCHTLbcIk58FrUtiT2R3feaPVlcbrViRRNNOcRcj6U9hC2ttb7P89R8rNa045JSkerVBFz3LPMYS34q9hC0YFF1SzpJBm3iDYo0LHYlAF8QHAs4m8i3517ibeFLbFTu_/s640/S%C3%A9lection_011.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEijLqO7uuqSoZEc4nFoke4jRKEa5Hs6K_uf8CfUpBAz-xzfdwHu_eTFKekJF2xCNDT7ddT6tLlrZksVSRN8vngpvmkW67r6drDKxyJq4-VwtDD4JiKaFCajHRu_n-yyITkyyulFZY44HLke/s1600/S%C3%A9lection_012.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="168" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEijLqO7uuqSoZEc4nFoke4jRKEa5Hs6K_uf8CfUpBAz-xzfdwHu_eTFKekJF2xCNDT7ddT6tLlrZksVSRN8vngpvmkW67r6drDKxyJq4-VwtDD4JiKaFCajHRu_n-yyITkyyulFZY44HLke/s640/S%C3%A9lection_012.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div>
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><i><br /></i></span></span></span></div>
<div>
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><i><br /></i></span></span></span></div>
<div>
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #990000;"><span style="font-family: inherit; line-height: 18px;"><b><i>Google Maps Dashboard, identify the source of connexion attempts</i></b></span></span></span></div>
<div>
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><i><br /></i></span></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhYyc6RfWvl9ndpdm8_a6zNMcBJZAi_3MDROvzIC7tz8P4S2fygDEYwAYp1XM_7ltzVAuHKa-N4uKkxyAPk4VLEBML15kY1T8R52TOzkzPgrcegtVUhxcwGG9xnlmKBc964mHM_SPzNr7Q0/s1600/S%C3%A9lection_014.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="282" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhYyc6RfWvl9ndpdm8_a6zNMcBJZAi_3MDROvzIC7tz8P4S2fygDEYwAYp1XM_7ltzVAuHKa-N4uKkxyAPk4VLEBML15kY1T8R52TOzkzPgrcegtVUhxcwGG9xnlmKBc964mHM_SPzNr7Q0/s640/S%C3%A9lection_014.png" width="640" /></a></div>
<div>
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><i><br /></i></span></span></span></div>
<div>
<span style="color: #990000;"><span style="font-family: inherit; line-height: 18px;"><b><i>A Fail2ban Event search interface with selection per kind of data (IPs, ID, Jail...)</i></b></span></span></div>
<div>
<span style="color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><b><i><br /></i></b></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzrlPwKDie4hAziunjINTmTOQVx30DHA6ffvWgikLHqgSlswtrSape6y2BDcymTvFMkuln9n1gio9bi9iW_MgkLy9utl6ZclGc_b5OA8X3P76j4M_rsfpseyU1VTpd_3zDA5myqTJvROFa/s1600/S%25C3%25A9lection_013.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="286" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzrlPwKDie4hAziunjINTmTOQVx30DHA6ffvWgikLHqgSlswtrSape6y2BDcymTvFMkuln9n1gio9bi9iW_MgkLy9utl6ZclGc_b5OA8X3P76j4M_rsfpseyU1VTpd_3zDA5myqTJvROFa/s640/S%25C3%25A9lection_013.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div>
<span style="color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><b><i><br /></i></b></span></span></div>
<div>
<span style="background-color: #fefdfa;"><span style="color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><i><b><br /></b></i></span></span></span></div>
<div>
<div>
<span style="color: #990000;"><span style="font-family: inherit; line-height: 18px;"><b><i>Pre-defined major searches to get all the most important information</i></b></span></span></div>
</div>
<div>
<span style="color: #990000;"><span style="font-family: inherit; line-height: 18px;"><b><i><br /></i></b></span></span></div>
<div>
<div>
<div class="separator" style="clear: both;">
<br /></div>
<div class="separator" style="clear: both;">
</div>
<div style="-webkit-text-stroke-width: 0px; color: black; font-family: 'Times New Roman'; font-size: medium; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;">
</div>
<br />
<div style="-webkit-text-stroke-width: 0px; color: black; font-family: 'Times New Roman'; font-size: medium; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;">
<div style="margin: 0px;">
<span style="color: #990000;"><span style="font-family: inherit; line-height: 18px;"><b><i>System view: Index activity</i></b></span></span></div>
</div>
<div class="separator" style="clear: both;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgav5zPrwcyxE3rMWDaZRoMbTripvLWGf9ADBTPwtirHbuR2GvNP-XfpX14hi_2ZZc8IBtTJ_P8rQQ7iwaBftjiU8V2g3frrpxtkNrCC9LNx8c1gAKj5MnU5stqoG0n6GhFDiFpf3-svG6Y/s1600/2013-06-04_170858.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="342" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgav5zPrwcyxE3rMWDaZRoMbTripvLWGf9ADBTPwtirHbuR2GvNP-XfpX14hi_2ZZc8IBtTJ_P8rQQ7iwaBftjiU8V2g3frrpxtkNrCC9LNx8c1gAKj5MnU5stqoG0n6GhFDiFpf3-svG6Y/s640/2013-06-04_170858.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEijC53HuwvVMjky4JAWp5ptshp8dsh12OzFR6s424MRHYrPYHdEIofnqHkBBkIjRnBqivgbxrRS5S49i0RaGtQs27DjSsxAIJYusAH8O0VrZXu0EiKer6GICT1fOz_MUyOBmR8hFIqxUfsZ/s1600/2013-06-04_170916.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="284" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEijC53HuwvVMjky4JAWp5ptshp8dsh12OzFR6s424MRHYrPYHdEIofnqHkBBkIjRnBqivgbxrRS5S49i0RaGtQs27DjSsxAIJYusAH8O0VrZXu0EiKer6GICT1fOz_MUyOBmR8hFIqxUfsZ/s640/2013-06-04_170916.png" width="640" /></a></div>
<div class="separator" style="clear: both;">
<br /></div>
<div class="separator" style="clear: both;">
<br /></div>
</div>
</div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><br /></span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><b style="color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: large; line-height: 25px;">Installation and utilization</b></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><br /></span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="text-align: -webkit-auto;"><b style="color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: large; line-height: 25px;"><i>Introduction</i></b></span></span></div>
<br />
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333;"><span style="font-family: inherit; line-height: 18px;">Installing and configuring Splunk is out of the scope of this post, still installing Splunk is really easy and well done, in 10 minutes you'll be done ^^</span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333;"><span style="font-family: inherit; line-height: 18px;"><br /></span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333;"><span style="font-family: inherit; line-height: 18px;"><a href="http://www.splunk.com/download" target="_blank">Download Splunk !</a></span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333;"><span style="font-family: inherit; line-height: 18px;"><br /></span></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><b>As a brieve description, here is how Splunk for Fail2ban works:</b></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">- We modify Fail2ban to add a specific message for each ban action and containing fields Splunk will analyse</span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">- Through Syslog, we can manage as many Fail2ban servers as required</span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">- Splunk collects our data and produces the IT intelligency</span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><b>Installation and configuration will be done in a few steps:</b></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">1. Modifying Fail2ban configuration files related to the ban action (the goal is send fields we will analyse with Splunk)</span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">2. Setting up Fail2ban to log to Syslog system</span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">3. Setting up Syslog to trap custom Fail2ban events into a specific log file (can be local or remote Syslog if numerous Fail2ban hosts)</span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">4. Installation and configuring Splunk for Fail2ban</span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
</div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"></span></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><b style="color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: large; line-height: 25px;">Part 1: Configure Fail2ban</b></span></div>
<div>
<div>
</div>
</div>
<br />
<div class="separator" style="clear: both; text-align: left;">
<b>1. Set Fail2ban output to Syslog</b></div>
<br />
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="font-family: inherit;"><span style="color: #333333;"><span style="line-height: 18px;">I recommend the use of "rsyslog" as your main Syslog management, it comes with much more improvement than the standard Syslog. (</span></span><a href="http://www.rsyslog.com/">http://www.rsyslog.com/</a>)</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333;"><span style="font-family: inherit; line-height: 18px;"><br /></span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333;"><span style="font-family: inherit; line-height: 18px;">First, we need to set Fail2ban to log its messages into Syslog instead of a standard log file.</span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: inherit;"><br /></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333;"><span style="font-family: inherit; line-height: 18px;"><i><b>To do so, edit "/etc/fail2ban/fail2ban.conf" and set:</b></i></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
</div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">logtarget = SYSLOG</span></span></pre>
<br />
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><b style="text-align: left;">2. </b></span><b>Add a new action.d configuration file for events logging</b></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><br /></span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"></span></div>
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><i><b>Note: </b></i></span><br />
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><b><i>See this configuration sample if required: <a href="https://dl.dropbox.com/u/63061887/Splunk/SplunkForFail2ban/config_example/splunk.conf.example" target="_blank">splunk.conf.example</a></i></b></span><br />
<br />
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><br /></span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: inherit; line-height: 18px;"><b>Create a new file: "/etc/fail2ban/actions.d/splunk.conf" with the following content:</b></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; color: #333333; font-family: monospace; text-align: -webkit-auto;"></span></div>
<pre style="border: 1px dashed rgb(47, 111, 171); line-height: 19px; padding: 1em; white-space: pre;"><span style="background-color: #fefdfa; color: #333333; font-family: monospace; text-align: -webkit-auto;">[Definition]
actionban = logger -i "[fail2ban.banevent]: fail2ban_host: [`hostname`] \
Banhost: [<ip>] jailname: [<name>] numberoffailures: [<failures>] \
logmessage: [ `grep '\<<ip>\>' <logpath> | tail -1` ] "
[Init]</span></pre>
<br />
<br />
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; font-family: inherit; text-align: -webkit-auto;"></span></div>
<div class="separator" style="clear: both;">
<span style="background-color: #fefdfa; font-family: inherit; text-align: -webkit-auto;"><b><span style="text-align: -webkit-auto;">3. </span><span style="background-color: transparent; text-align: -webkit-auto;">Configure "/etc/fail2ban/jail.conf":</span></b></span></div>
<br />
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: inherit; line-height: 18px;"><b><i>Depending of your wish, you can set Fail2ban to use 1 of these 3 actions: (by editing /etc/fail2ban/jail.conf)</i></b></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
</div>
<ul>
<li><span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: inherit; line-height: 18px;"><span style="font-family: inherit;">action_ = Fail2ban will temporarely ban the IP source host</span></span></span></li>
<li><span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: inherit; line-height: 18px;"><span style="font-family: inherit;">action_mw = Fail2ban will temporarely ban the IP host and send a warning mail including whois result request</span></span></span></li>
<li><span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: inherit; line-height: 18px;"><span style="font-family: inherit;">action_mwl = Fail2ban will temporarely ban the IP host and send a warning mail including whois result request and log traces</span></span></span></li>
</ul>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333;"><span style="line-height: 18px;">All you need is to modify jail.conf for all these action level to include our specific logging for Splunk.</span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333;"><span style="line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
</div>
<i><b>Note: </b></i><br />
<b><i>See this configuration sample if required: <a href="https://dl.dropbox.com/u/63061887/Splunk/SplunkForFail2ban/config_example/jail.conf.example" target="_blank">jail.conf.example</a></i></b><br />
<br />
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333;"><span style="line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; line-height: 18px; text-align: -webkit-auto;"><b><i>In jail.conf, add the following line just before the 3 action definition lines (action_, action_mw, action_mwl)</i></b></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><i><span style="text-align: -webkit-auto;"></span></i></span></div>
<pre style="border: 1px dashed rgb(47, 111, 171); color: #333333; line-height: 19px; padding: 1em;"><span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="text-align: -webkit-auto;"># Name of Splunk config file
splunkconf = splunk</span></span></pre>
<br />
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; color: #333333; line-height: 18px; text-align: -webkit-auto;"><b><i>Then, add a new line related splunk underneath each action level, your configuration file will looks like:</i></b></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"></span></div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="line-height: 19px;"><span style="color: #333333;">#
# Action shortcuts. To be used to define action parameter
# The simplest action to take: ban only
action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
</span><span style="color: #990000;"> %(splunkconf)s[name=%(__name__)s, logpath=%(logpath)s]
</span><span style="color: #333333;">
# ban & send an e-mail with whois report to the destemail.
action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
%(mta)s-whois[name=%(__name__)s, dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"]
</span><span style="color: #990000;"> %(splunkconf)s[name=%(__name__)s, logpath=%(logpath)s]
</span><span style="color: #333333;">
# ban & send an e-mail with whois report and relevant log lines
# to the destemail.
action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
%(mta)s-whois-lines[name=%(__name__)s, dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s"]
</span><span style="color: #990000;"> %(splunkconf)s[name=%(__name__)s, logpath=%(logpath)s]</span></span><span style="color: #990000;">
</span></span></pre>
<div>
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><br /></span></div>
<div>
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><br /></span></div>
<br />
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"></span></div>
<div class="separator" style="clear: both; text-align: left;">
<b><span style="font-family: inherit;">3. Restart Fail2ban, check logging to Syslog:</span></b></div>
<div class="separator" style="clear: both; text-align: left;">
<b><br /></b></div>
<div>
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: inherit;"><span style="background-color: transparent; color: #333333; line-height: 18px;">Now let's test your system, generate a ban event (try to </span><span style="background-color: transparent; color: #333333; line-height: 18px;">log in</span><span style="background-color: transparent; color: #333333; line-height: 18px;"> </span><span style="background-color: transparent; color: #333333; line-height: 18px;">through</span><span style="background-color: transparent; color: #333333; line-height: 18px;"> SSH with bad credentials) and check</span></span></span></div>
<br />
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;">your Syslog file to find the generated event. (look for the pattern "fail2ban.banevent")</span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><i><b>You should find a ban event like this:</b></i></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"></span></div>
<pre style="border: 1px dashed rgb(47, 111, 171); color: #333333; line-height: 19px; padding: 1em;"><span style="background-color: #fefdfa; text-align: -webkit-auto;"><code style="background-color: white; border-color: rgb(204, 204, 204); line-height: normal; white-space: normal;">Jan 11 20:24:34 myhostname logger[30720]: [fail2ban.banevent]: fail2ban_host: [myfail2ban] Banhost: [xx.xx.xx.xx] jailname: [ssh] numberoffailures: [6] logmessage: [ Jan 11 20:24:32 myhostname sshd[30706]: Received disconnect from xx.xx.xx.xx: 11: Bye Bye [preauth] ]</code><span style="background-color: white; font-family: Arial, Helvetica, sans-serif; line-height: normal; white-space: normal;"> </span></span></pre>
<br />
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333;"><span style="font-family: inherit; line-height: 18px;">Now you're done with Fail2ban, let's configure Syslog ^^</span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><br /></span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><br /></span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"></span></div>
<div class="separator" style="clear: both;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><b style="color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: large; line-height: 25px;">Part 2: Configure Syslog - Standalone and Multi-Hosts</b></span></div>
<div>
</div>
<br />
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><br /></span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333;"><span style="font-family: inherit; line-height: 18px;"><b>In 2 steps:</b></span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<ul>
<li><span style="background-color: #fefdfa; color: #333333; line-height: 18px; text-align: -webkit-auto;"><span style="font-family: inherit;">if you want to manage different Fail2ban servers from Splunk, then read the Multiple Fail2ban client configuration note</span></span></li>
<li><span style="background-color: #fefdfa; color: #333333; line-height: 18px; text-align: -webkit-auto;"><span style="font-family: inherit;">If you just one host to manage (Fail2ban and Splunk are installed in the same host), then just follow the common configuration section</span></span></li>
</ul>
<br />
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><br /></span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"></span></div>
<div class="separator" style="clear: both; line-height: 18px; text-align: -webkit-auto;">
</div>
<div class="separator" style="clear: both; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><b><span style="color: #990000;">MULTIPLE FAIL2BAN CLIENT CONFIGURATION NOTE: Remote and centralized Syslog configuration</span></b></span></div>
<div class="separator" style="clear: both; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><br /></span></div>
<div class="separator" style="clear: both; color: #333333;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: inherit;">Configuring Syslog to send events from a Syslog host to a remote Syslog server is out of the scope of this guide.</span></span></div>
<div class="separator" style="clear: both; color: #333333;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: inherit;"><br /></span></span></div>
<div class="separator" style="clear: both; color: #333333;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: inherit;">Therefore, if you want to collect fail2ban events from different hosts, you can choose between different solutions, as:</span></span></div>
<div class="separator" style="clear: both; color: #333333;">
</div>
<ul>
<li><span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: inherit;">Sending events using Syslog to a remote centralized Syslog</span></span></li>
<li><span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: inherit;">Sending events from local log file using Splunk forwarder module</span></span></li>
<li><span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: inherit;">Others (homemade scripts, file sharing...)</span></span></li>
</ul>
<div class="separator" style="clear: both; color: #333333;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: inherit;">I would recommend using <b>Rsyslog</b> (default enhanced Syslog for many Linux systems) to achieve this, which is in deed easy enough, robust and efficient.</span></span></div>
<div class="separator" style="clear: both; color: #333333;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: inherit;"><br /></span></span></div>
<div class="separator" style="clear: both; color: #333333;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><b><span style="font-family: inherit;">Here is in 2 steps a quick rsyslog centralized configuration: (remember to restart rsyslog after each modification)</span></b></span></div>
<div class="separator" style="clear: both; color: #333333;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: inherit;"><br /></span></span></div>
<div class="separator" style="clear: both; color: #333333;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: inherit;">1. In each client rsyslog host, modify "/etc/rsyslog.conf" and add a section to send any events to your Syslog server: (adapt the example IP)</span></span></div>
<div class="separator" style="clear: both; color: #333333;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: inherit;"><br /></span></span></div>
<div class="separator" style="clear: both; color: #333333;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><b><i>"/etc/rsyslog.conf"</i></b></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; color: #333333; font-family: monospace; text-align: -webkit-auto;"></span></div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="background-color: #fefdfa; color: #333333; font-family: monospace; text-align: -webkit-auto;">*.* @192.168.1.254:514 </span></pre>
<br />
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: inherit; line-height: 18px;"></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: inherit; line-height: 18px;">2. In syslog server configuration, create a configuration file that will trapp any remote client Syslog events and put then into a dedicated per host log file:</span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: inherit; line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: inherit; line-height: 18px;">Ensure your configuration name will be read after the fail2ban syslog config file you will create after. (see above, this is very )</span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: inherit; line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: inherit; line-height: 18px;"><i>Create "/etc/rsyslog.d/10-fail2ban.conf" with the following content: (Note: The fail2ban config we will create after will be called 08 to be read before this and intercept messages)</i></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: inherit; line-height: 18px;"><i><br /></i></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: inherit; line-height: 18px;"><i><b>"/etc/rsyslog.d/10-fail2ban.conf"</b></i></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"></span></div>
<pre style="border: 1px dashed rgb(47, 111, 171); color: #333333; padding: 1em;"><span style="background-color: #fefdfa; text-align: -webkit-auto;">$template RemoteHostFileFormat,"%TIMESTAMP% %HOSTNAME% %syslogfacility-text% %syslogtag%%msg:::sp-if-no-1st-sp%%msg:::space-cc,drop-last-lf%\n"
:inputname, isequal, "imudp" ?PerHostLog;RemoteHostFileFormat
& ~</span></pre>
<br />
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333;"><span style="font-family: inherit; line-height: 18px;"><i><b>Restart rsyslog after any config modification.</b></i></span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><br /></span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><br /></span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; line-height: 18px;"></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; line-height: 18px;"><b><span style="color: #990000;">COMMON CONFIGURATION for Single and Multiple (for the centralized rsyslog server) Fail2ban installation: </span></b></span></span></div>
<div class="separator" style="clear: both; color: #333333; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; color: #333333; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: inherit; line-height: 18px;"><b>1. Set Syslog to trap ban events to a dedicated logfile</b></span></span></div>
<div class="separator" style="clear: both; color: #333333; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: inherit; line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; color: #333333; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: inherit; line-height: 18px;">This configuration part will depend on your system and needs, i recommend the use of "rsyslog"</span></span></div>
<div class="separator" style="clear: both; color: #333333; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: inherit; line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; color: #333333; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: inherit; line-height: 18px;">The goal is to configure syslog to trap any event containing a key word "[fail2ban.banevent]" into a dedicated log file</span></span></div>
<div class="separator" style="clear: both; color: #333333; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: inherit; line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; color: #333333; text-align: -webkit-auto;"><span style="font-family: inherit; line-height: 18px;">In Debian/Ubuntu syste</span></span><span style="color: #333333;"><span style="line-height: 18px;">printf</span></span><span style="background-color: #fefdfa; color: #333333; font-family: inherit; line-height: 18px;">ms for example, create an rsyslog configuration file, example:</span></div>
<div class="separator" style="clear: both; color: #333333; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: inherit; line-height: 18px;">Create "/etc/rsyslog.d/08-fail2ban.conf" with the following content: </span></span></div>
<div class="separator" style="clear: both; color: #333333; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="font-family: inherit; line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; color: #333333; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="line-height: 18px;"><i><b>"/etc/rsyslog.d/08-fail2ban.conf"</b></i></span></span></div>
<div class="separator" style="clear: both; color: #333333; text-align: -webkit-auto;">
</div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="line-height: 18px;">:msg, contains, "[fail2ban.banevent]" /var/log/fail2ban_banevent.log
& ~</span></pre>
<br />
<div class="separator" style="clear: both; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: inherit; line-height: 18px;"></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: inherit; line-height: 18px;"><i><b>Restart rsyslog to take effect:</b></i></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; font-family: monospace; text-align: -webkit-auto;"></span></div>
<pre style="border: 1px dashed rgb(47, 111, 171); line-height: 18px; padding: 1em; white-space: pre;"><span style="background-color: #fefdfa; font-family: monospace; text-align: -webkit-auto;">sudo service rsyslog restart</span></pre>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<br /></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: inherit; line-height: 18px;"><b>2. Generate a ban event and check your logfile</b></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: inherit; line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: inherit; line-height: 18px;">Generate a new ban event and check your log file, you should see a new ban event message! </span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: inherit; line-height: 18px;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: inherit; line-height: 18px;">If you are ok with that, then you're done with system configuration ^^ </span></span></div>
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;"><br /></span>
<br />
<h1 style="background-color: white; border-color: rgb(204, 204, 204); margin: 0px;">
<div class="separator" style="clear: both; font-size: medium;">
<span style="color: #990000;"><span style="background-color: #fefdfa;"><b style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: large; line-height: 25px;">Part 3: </b></span><span style="font-family: Arial, Helvetica, sans-serif; font-size: 18px;">Configuration of Splunk (the easy part!)</span></span></div>
<div class="separator" style="clear: both;">
</div>
<div class="separator" style="clear: both; font-size: medium; font-weight: normal; text-align: left;">
<span style="background-color: #fefdfa; text-align: -webkit-auto;"><span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><br class="Apple-interchange-newline" /></span></span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: small;">Here comes the easier part with no doubts :-)</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: small;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: small;">1. Configure Input file</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: small;"><span style="font-weight: normal;">Go to "manager", "Data Input" and configure MANUALLY a new input file pointing to your Fail2ban log file, with following settings:</span></span></div>
</h1>
<span style="font-family: inherit; font-size: small;"><b style="border-color: rgb(204, 204, 204); color: #333333; text-align: -webkit-auto;"><br /></b></span>
<b style="border-color: rgb(204, 204, 204); color: #333333;">Host:</b><br />
<br style="border-color: rgb(204, 204, 204); color: #333333;" />
<span style="color: #333333;">You can let the default settings, it does not mind as we don't use it to recognize the fail2ban reporting server.</span><br />
<br style="border-color: rgb(204, 204, 204); color: #333333;" />
<b style="border-color: rgb(204, 204, 204); color: #333333;">Source type:</b><br />
<br style="border-color: rgb(204, 204, 204); color: #333333;" />
<span style="color: #333333;">- Set the source Type: </span><b style="border-color: rgb(204, 204, 204); color: #333333;">Manual</b><br />
<span style="color: #333333;">- Source type: </span><b style="border-color: rgb(204, 204, 204); color: #333333;">fail2ban_banevent</b><br />
<br style="border-color: rgb(204, 204, 204); color: #333333;" />
<b style="border-color: rgb(204, 204, 204); color: #333333;">Index:</b><br />
<br style="border-color: rgb(204, 204, 204); color: #333333;" />
<span style="color: #333333;">- Set the destination Index: </span><b style="border-color: rgb(204, 204, 204); color: #333333;">fail2ban_index</b><br />
<span style="font-family: inherit; font-size: small;"><b style="border-color: rgb(204, 204, 204); color: #333333; text-align: -webkit-auto;"><br /></b></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEim8l23XzPgJo0XXKwLvjEq8M3wdRuYat4DACcXgjq8uBIbmI6dy-3HpIINEuIPnNiQWOlN_Na770ICSG_9BYvvMnM6Ry-KihYS00e8ayBt0VsFj-uU3RPuy59QyYQSYCmned7TA-N0Ldtk/s1600/S%25C3%25A9lection_006.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="496" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEim8l23XzPgJo0XXKwLvjEq8M3wdRuYat4DACcXgjq8uBIbmI6dy-3HpIINEuIPnNiQWOlN_Na770ICSG_9BYvvMnM6Ry-KihYS00e8ayBt0VsFj-uU3RPuy59QyYQSYCmned7TA-N0Ldtk/s640/S%25C3%25A9lection_006.png" width="640" /></a></div>
<span style="font-family: inherit; font-size: small;"><b style="border-color: rgb(204, 204, 204); color: #333333; text-align: -webkit-auto;"><br /></b></span>
<span style="font-family: inherit; font-size: small;"><br /><br style="border-color: rgb(204, 204, 204); color: #333333; font-weight: normal; text-align: -webkit-auto;" /><span style="color: #333333; font-weight: normal; text-align: -webkit-auto;">Good news, you're done!!!</span><br style="border-color: rgb(204, 204, 204); color: #333333; font-weight: normal; text-align: -webkit-auto;" /><span style="color: #333333; font-weight: normal; text-align: -webkit-auto;">Just wait a few minutes to let Splunk get the content of your fail2ban log file, then go to the splunk application </span><span style="color: #333333; text-align: -webkit-auto;"><b>Splunk for Fail2ban</b></span></span><span style="font-size: small;"><span style="font-weight: normal;"><br /></span></span><br />
<span style="font-family: inherit; font-size: small;"><span style="color: #333333; text-align: -webkit-auto;"><b><br /></b></span></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQfhnl1kWBWQg_a32MApeW1QRxchQIaBH3pr7HclJ3iaD9Wr-EvI_Z1O0b7EVV9E7X5eLf9MCHqGbaVT-V-W0sj1dTLXjP_99p5iSeFMav5qLisD5CWzVNriEoaaY_yRII-CALSzW9B1Um/s1600/S%C3%A9lection_007.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="126" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQfhnl1kWBWQg_a32MApeW1QRxchQIaBH3pr7HclJ3iaD9Wr-EvI_Z1O0b7EVV9E7X5eLf9MCHqGbaVT-V-W0sj1dTLXjP_99p5iSeFMav5qLisD5CWzVNriEoaaY_yRII-CALSzW9B1Um/s640/S%C3%A9lection_007.png" width="640" /></a></div>
<span style="font-family: inherit; font-size: small;"><span style="color: #333333; text-align: -webkit-auto;"><b><br /></b></span></span>
<span style="font-family: inherit; font-size: small;"><span style="color: #333333; text-align: -webkit-auto;"><b><br /></b></span></span><span style="font-size: small;"><span style="color: #333333; text-align: -webkit-auto;"><b><span style="font-family: inherit;">Don't hesitate to share any comment with me, this is my very first Splunk application and it may still needs some </span>improvement<span style="font-family: inherit;"> :-)</span></b></span></span>
<span style="font-family: inherit; font-size: small;"><span style="color: #333333; text-align: -webkit-auto;"><b><br /></b></span></span>
<span style="font-size: small;"><span style="font-weight: normal;"><br /></span></span>
<br />
<div class="separator" style="clear: both; font-size: medium; font-weight: normal; text-align: left;">
</div>
Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com16tag:blogger.com,1999:blog-4353161337668741389.post-30349262652790795212012-11-13T15:36:00.002+01:002012-11-13T15:36:51.417+01:00Howto : Fail2ban, Secure your Network services with Fail2ban and ban malicious hosts<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzEehgZgKLlFB3_K_0McPeF_cJbD_iPQNMZDZidNnH75YzVMtueYC6cIw4R0XmVvSVZBTX_b6jfzE_h-rqASwz8urylNJpHboAozdBiyBOuk91vvGCG0-c2ZjQQXN6-1g89bHGxzY5xeWL/s1600/fail2ban-logo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="229" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzEehgZgKLlFB3_K_0McPeF_cJbD_iPQNMZDZidNnH75YzVMtueYC6cIw4R0XmVvSVZBTX_b6jfzE_h-rqASwz8urylNJpHboAozdBiyBOuk91vvGCG0-c2ZjQQXN6-1g89bHGxzY5xeWL/s320/fail2ban-logo.png" width="320" /></a></div>
<br />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b><br /></b></i>
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b><br /></b></i>
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b>Last Update: 11/13/2012</b></i>
<br />
<br />
<br />
<b><span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: medium; line-height: 25px;">The Goal: </span>
</b><br />
<br />
<span style="font-family: inherit;">Fail2Ban is a very flexible and powerful tool to help you improving your security by temporarily banishing hosts IPs trying to have malicious activity against your services. (brute force attack...)</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">Easy to install and configure, Fail2Ban will permanently read your files logs and look for suspicious connection attempts or activity, based on provided / custom rules.</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">Depending on your configuration, Fail2Ban will ban the remote IP using Netfilter rules (iptables) and then unban it depending on your settings.</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="background-color: #fefdfa; font-family: inherit;">This a very great tool you MUST have in your server if you opened any service like ssh, http/https with basic authentication, smtp...and much more.</span><br />
<br />
<br />
<b><span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: medium; line-height: 25px;">Major sources: </span>
</b><br />
<br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><b>Official Fail2ban Wiki:</b></span></span><br />
<a href="http://www.fail2ban.org/wiki/index.php/Main_Page"><span style="font-family: inherit;">http://www.fail2ban.org/wiki/index.php/Main_Page</span></a><br />
<br />
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><b>Various articles:</b></span></span><br />
<span style="font-family: inherit;"><a href="http://www.fanatips.org/Apache_%2F%2F_Nginx_tips/Secure_Nginx_with_fail2ban">http://www.fanatips.org/Apache_%2F%2F_Nginx_tips/Secure_Nginx_with_fail2ban</a>
</span><br />
<a href="http://snippets.aktagon.com/snippets/554-How-to-Secure-an-nginx-Server-with-Fail2Ban"><span style="font-family: inherit;">http://snippets.aktagon.com/snippets/554-How-to-Secure-an-nginx-Server-with-Fail2Ban</span></a>
<br />
<br />
<br />
<br />
<div style="text-align: left;">
<span style="background-color: #fefdfa; color: #990000; font-family: inherit; line-height: 18px;"><b>Summary of steps: </b></span></div>
<span style="font-family: inherit;"><b>
</b></span><br />
<div style="color: #333333; line-height: 18px;">
<div style="text-align: left;">
<span style="color: #990000; font-family: inherit; line-height: 25px;"><b>Step 1: Requirements</b></span></div>
</div>
<span style="background-color: #fefdfa; color: #990000; font-family: inherit; line-height: 25px;"><b>Step 2: Installation and base configuration</b></span><br />
<div style="background-color: #fefdfa; color: #333333; line-height: 18px;">
<div>
<span style="color: #990000; font-family: inherit; line-height: 25px;"><b>Step 3: Enabling services</b></span></div>
<div>
<b style="color: #990000; line-height: 25px;"><span style="font-family: inherit;">Step 4: Test your configuration</span></b></div>
<span style="color: #990000; font-family: inherit; font-weight: bold; line-height: 25px;">Step 5: Adding new customized services, example with Nginx Web Server</span></div>
<br />
<div style="background-color: #fefdfa;">
<span style="color: #990000;"><span style="line-height: 25px;"><b>FAQ & Issues</b></span></span></div>
<br />
<br />
<div style="background-color: #fefdfa;">
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<b style="color: #990000; font-size: large; line-height: 25px;">Step 1: Requirements</b></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="font-family: inherit;">Fail2ban is quite easy to install and setup, still depending on your needs you have some requirements:</span></div>
<div style="color: #333333; line-height: 18px;">
<span style="font-family: inherit;"><br />
</span></div>
<div style="line-height: 18px;">
<b><span style="color: #990000; font-family: inherit;">Iptables:</span></b></div>
<div style="color: #333333; line-height: 18px;">
<span style="font-family: inherit;"><br /></span></div>
<div>
<span style="color: #333333;"><span style="font-family: inherit; line-height: 18px;">Fail2ban will require iptables to banish suspicious hosts, it is not a requirement to setup your iptables Firewall configuration (even if recommended).</span></span><br />
<span style="color: #333333;"><span style="font-family: inherit; line-height: 18px;"><br /></span></span>
<span style="color: #333333;"><span style="font-family: inherit; line-height: 18px;">Fail2ban will insert a drop line, whenever you are using iptables or not.</span></span></div>
<div>
<span style="color: #333333; font-family: inherit;"><span style="line-height: 18px;"><br /></span></span></div>
<div>
<span style="color: #333333;"><span style="font-family: inherit; line-height: 18px;"><i><b>It is probably installed by defaut (use the command "iptables" to check), if not:</b></i></span></span></div>
<pre style="border: 1px dashed rgb(47, 111, 171); color: #333333; font-size: 13px; line-height: 18px; padding: 1em;"><span style="line-height: 19px;"><span style="font-family: Courier New, Courier, monospace;">$ sudo apt-get install iptables</span></span></pre>
<div>
</div>
<div>
<span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><br /></span></span></div>
<div style="line-height: 18px;">
<div>
<b><span style="color: #990000; font-family: inherit;">MTA configuration for mail alerting:</span></b></div>
<span style="color: #333333; font-family: inherit;"><br class="Apple-interchange-newline" /></span></div>
<div>
<div style="color: #333333; line-height: 18px;">
<span style="font-family: inherit;">If you want Fail2ban to able to send you alerting mails in case of action done (banish, unbanish...), then you need to setup your MTA.</span></div>
</div>
<div style="color: #333333; line-height: 18px;">
<span style="font-family: inherit;"><br /></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="font-family: inherit;">Your system probably only be a client of a mail central hub (eg. your ISP), if this is the case i recommend to install "ssmtp" wich is very light and simple to setup, but you may prefer to use sendmail, postfix or anything else.</span></div>
<div style="color: #333333; line-height: 18px;">
<span style="font-family: inherit;"><br /></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="font-family: inherit;">If your system is a mail server itself, i guess you already know how to configure it :-)</span></div>
<div style="color: #333333; line-height: 18px;">
<span style="font-family: inherit;"><br /></span></div>
<div style="color: #333333; line-height: 18px;">
<b><i><span style="font-family: inherit;">Installation: </span></i></b></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="line-height: 19px;">$ sudo apt-get install ssmtp</span></pre>
</div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="font-family: inherit;"><b><i>Configuration (real simple!): </i></b>
</span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; line-height: normal;"><br /></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; line-height: normal;"><i><b>Edit "/etc/ssmtp/ssmtp.conf" and set:</b></i></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; line-height: normal;"><br /></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; line-height: normal;">- mailhub: Define here the smtp server of your local ISP (eg. myisp.smtp.com)</span></div>
<div>
<span style="font-family: inherit;">- rewriteDomain: if you want the sender domain to be rewritten with the value of your choice</span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; line-height: normal;"><br /></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; line-height: normal;">For most of cases, this will be the only modifications required, in case of need see ssmtp configuration pages. (ask Google ^^)</span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; line-height: normal;"><span style="font-family: inherit;"><br /></span></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; line-height: normal;"><b><i><span style="font-family: inherit;">Quick send test:</span></i></b></span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="line-height: 19px;">$ echo "Testing" | mail -s Subject dest@domain.com</span></pre>
</div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; line-height: normal;">If you receive the mail then you're done. (check /var/log/mail* if required)</span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<div>
<b style="color: #990000; font-size: large; line-height: 25px;">Step 2: Installation and base configuration</b></div>
</div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="line-height: 18px;">
<span style="font-size: small; line-height: normal;"><span style="color: #990000; font-family: inherit;"><b>Installation:</b></span></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<b><i>Very simple, For Debian/Ubuntu based systems:</i></b></div>
<div>
<pre style="border: 1px dashed rgb(47, 111, 171); color: #333333; font-size: 13px; line-height: 18px; padding: 1em;"><span style="line-height: 19px;">$ sudo apt-get install fail2ban</span></pre>
</div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div>
<div>
<span style="color: #990000;"><b>Initial Configuration:</b></span></div>
</div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div>
<div>
<div style="font-family: 'Times New Roman'; font-size: medium;">
Edit main Fail2Ban configuration file: "/etc/fail2ban/jail.conf" and define:</div>
<div style="font-family: 'Times New Roman'; font-size: medium;">
<br /></div>
<div style="font-family: 'Times New Roman'; font-size: medium;">
<b>1. Local hosts to ignore:</b></div>
<div style="font-family: 'Times New Roman'; font-size: medium;">
<br /></div>
<i><span style="font-family: inherit;">If you want to ignore some local hosts, add them to your configuration, example with 192.168.0.0/24 local network:</span></i><br />
<pre style="border: 1px dashed rgb(47, 111, 171); color: #333333; line-height: 18px; padding: 1em;"><span style="font-family: Courier New, Courier, monospace;"><span class="text" style="color: black; line-height: normal; white-space: nowrap;"># "ignoreip" can be an IP address, a CIDR mask or a DNS host</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">ignoreip = 127.0.0.1/8 192.168.0.0/24</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">bantime = 600</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">maxretry = 3</span></span><span style="font-family: Times New Roman; font-size: 13px;">
</span></pre>
<div style="font-family: 'Times New Roman'; font-size: medium;">
<br /></div>
<div style="font-family: 'Times New Roman'; font-size: medium;">
<b>2. Mail alert recipient:</b></div>
</div>
</div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<br /></div>
<div style="color: #333333; line-height: 18px;">
<div style="color: black; line-height: normal;">
<i><span style="font-family: inherit;">If you want to send alter when an action has been done, set the recipient</span></i></div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="font-family: Courier New, Courier, monospace;"><span class="text" style="color: black; line-height: normal; white-space: nowrap;"># Destination email address used solely for the interpolations in</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;"># jail.{conf,local} configuration files.</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">destemail = admin@mydomain.com</span></span><span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px;">
</span></pre>
<div style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px;">
<br /></div>
</div>
<div style="color: #333333; line-height: 18px;">
<div style="color: black; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: normal;">
<div style="font-family: 'Times New Roman'; font-size: medium;">
<b>3. MTA:</b></div>
</div>
<div style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px;">
<br /></div>
<div>
<div style="color: black; line-height: normal;">
<i><span style="font-family: inherit;">Sendmail is defined as default command called for sending mails, both should work but i prefer to call standard "mail" command:</span></i></div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="font-family: Courier New, Courier, monospace;"><span class="text" style="color: black; line-height: normal; white-space: nowrap;"># email action. Since 0.8.1 upstream fail2ban uses sendmail</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;"># MTA for the mailing. Change mta configuration parameter to mail</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;"># if you want to revert to conventional 'mail'.</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">mta = mail</span></span></pre>
</div>
</div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;"><b>4. Default action when a host has banished</b></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;">In default configuration, when a host has been banned, the information is just logged and no mail report will be sent.</span><br />
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span>
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;"><i><b>If you want a report to be sent by mail (associated with a whois request report for the concerned IP), set:</b></i></span><br />
<pre style="border: 1px dashed rgb(47, 111, 171); font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; padding: 1em;"><span style="color: black; line-height: normal; white-space: nowrap;">action = %(action_mw)s</span>
</pre>
</div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<br /></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;"><i><b>If you want a report to be sent by mail with a log extract (associated with a whois request report for the concerned IP), set:</b></i></span><br />
<pre style="border: 1px dashed rgb(47, 111, 171); font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; padding: 1em;"><span style="color: black; line-height: normal; white-space: nowrap;">action = %(action_mwl)s</span></pre>
<div style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px;">
<br /></div>
</div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<br />
<div>
<b style="color: #990000; font-size: large; line-height: 25px;">Step 3: Enabling services</b></div>
<div>
<br class="Apple-interchange-newline" /></div>
</div>
<div style="line-height: 18px;">
<span style="color: #990000; font-family: inherit; font-size: small; line-height: normal;"><b>SSH example:</b></span><br />
<div style="color: #333333;">
<br /></div>
</div>
<div style="color: #333333; line-height: 18px;">
<div style="font-size: 13px;">
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;">The next step will be to define which Network services you will want to supervise, in default configuration Fail2Ban will only monitor SSH for both login failed and DDOS attacks, extract:</span></div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="font-family: Courier New, Courier, monospace;"><span class="text" style="color: black; line-height: normal; white-space: nowrap;">[ssh]</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">enabled = true</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">port = ssh</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">filter = sshd</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">logpath = /var/log/auth.log</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">maxretry = 6</span></span><span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px;">
</span></pre>
</div>
<div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<span style="color: black; font-family: inherit; font-size: small;"><span style="color: #333333;">The import thing here will be the enabled value set to "true" (^^) but also the port, in case of host </span>banishing<span style="color: #333333;"> the iptables rules will be created using this port.</span></span><br />
<span style="font-family: inherit;"><span style="color: black; font-size: small;"><span style="color: #333333;"><br /></span></span>
<span style="color: black; font-size: small;"><span style="color: #333333;">Fail2ban will create multiport iptables rules, so you can add as many ports as you require.</span></span></span><br />
<span style="color: black; font-size: small;"><span style="color: #333333; font-family: inherit;">Example if your SSH is running on several port (example 22 for internal and OTHER for external purposes) then you can set:</span></span><br />
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
</div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="font-family: Courier New, Courier, monospace;"><span class="text" style="color: black; line-height: normal; white-space: nowrap;">[ssh]</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">enabled = true</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;"><b>port = ssh,OTHER</b></span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">filter = sshd</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">logpath = /var/log/auth.log</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">maxretry = 6</span></span></pre>
<br />
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<br /></div>
<div style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
</div>
<span style="color: #990000; font-family: inherit; font-size: small; line-height: normal;"><b>Other services important vars values:</b></span><br />
<br />
In each service section, you can overwrite default vars values or set specific ones for your needs.<br />
Here are some you may need to set.<br />
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;"><b><i>1. Protocol type:</i></b></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
The default protocol if not set will be tcp, you can set it to "udp" or "all" if you need to block bother tcp/udp ports.<br />
<div style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px;">
</div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="white-space: nowrap;">protocol = all</span></pre>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; line-height: 18px;">
<b style="color: black; line-height: normal;"><i><span style="font-family: inherit;">2. Ban time:</span></i></b></div>
<div style="color: #333333; line-height: 18px;">
<b style="color: black; line-height: normal;"><i><span style="font-family: inherit;"><br /></span></i></b></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;">You may want to overwrite the default bantime, then you just need to it in the service concerned section, time is set in seconds, example for 10 minutes banishment:</span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
</div>
<pre style="border: 1px dashed rgb(47, 111, 171); color: black; line-height: normal; padding: 1em;"><span style="white-space: nowrap;">bantime = 600 # 10 minutes</span></pre>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; line-height: 18px;">
<b style="color: black; line-height: normal;"><i><span style="font-family: inherit;">3. Ports:</span></i></b></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;">As seen before with the SSH example, you can set as many ports as you required in the port section.</span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;">You can call them by names if they are present in /etc/services or by the port number.</span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;">Each port must be separated by a coma.</span></div>
<div style="color: #333333; line-height: 18px;">
<div style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
</div>
<div style="color: #333333; line-height: 18px;">
<span style="font-family: inherit;"><b style="color: black; line-height: normal;"><i>4. Action:</i></b>
</span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<span style="color: #333333;">Defaults actions in response of matched events are defined in jail.conf, but you can overwrite values for each specific network service.</span><br />
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;"><br /></span></div>
<span style="font-family: inherit;"><span style="color: black; font-size: small; line-height: normal;">In the following example, let's say our default configuration sends emails alert with log extract ("</span><span style="white-space: nowrap;">action = %(action_mwl)s") but for a specific Network service we just it to be banned without any altering.</span></span><br />
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; line-height: normal; white-space: nowrap;"><br /></span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; line-height: normal; white-space: nowrap;"><i><b>Then you will overwrite the action value in your service section:</b></i></span></div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="white-space: nowrap;">action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s</span></pre>
<br />
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<br /></div>
<div style="line-height: 18px;">
<div style="color: black; line-height: normal;">
<span style="color: #990000; font-family: inherit; font-size: small;"><b>Enable your services:</b></span></div>
<div style="color: black; line-height: normal;">
<span style="color: #990000; font-family: inherit; font-size: small;"><b><br /></b></span></div>
<div style="line-height: normal;">
</div>
<span style="color: #333333; font-family: inherit;">Depending on your configuration, you need to enable Network services as you require.</span><br />
<span style="color: #333333; font-family: inherit;">Follow each section to enable if required.</span><br />
<div style="color: #333333; line-height: 18px;">
<span style="font-family: inherit;"><br /></span></div>
<span style="font-family: inherit;">If you need to create your own service, follow the example of Nginx as above.</span><br />
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px;">
<br /></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
</div>
<br />
<div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<b style="color: #990000; font-size: large; line-height: 25px;">Step 4: Testing your configuration</b></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<b style="color: #990000; font-size: large; line-height: 25px;"><br /></b></div>
<br />
Testing your configuration is very simple :-)<br />
<br />
Just test accessing your SSH host outside of your local network (using your Smartphone or whatever you want!) and put false credentials.<br />
<br />
Upon the max retry failures, your host should have been banished, you will see in fail2ban logs:<br />
<br />
<b><i>/var/log/fail2ban.log</i></b><br />
<pre style="border: 1px dashed rgb(47, 111, 171); color: #333333; font-size: 13px; line-height: 18px; padding: 1em;"><span style="color: black; line-height: normal; white-space: nowrap;">2012-11-13 10:41:43,487 fail2ban.actions: WARNING [ss] Ban xxx.xxx.xxx.xxx</span></pre>
<br /></div>
<b><i>Locally, a new iptables rule has been created inside the jail dedicated iptables section (automatically created by fail2ban at boot time):</i></b><br />
<pre style="border: 1px dashed rgb(47, 111, 171); color: #333333; font-size: 13px; line-height: 18px; padding: 1em;"><span class="text" style="color: black; line-height: normal; white-space: nowrap;">Chain fail2ban-ssh (1 references)</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">target prot opt source destination </span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">DROP all -- 37.160.52.0 anywhere </span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">RETURN all -- anywhere anywhere </span>
</pre>
<br />
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<br /></div>
<span style="font-family: inherit; line-height: 18px;">And you should (if you set it) have received a mail with all required information.</span><br />
<div style="color: #333333; line-height: 18px;">
<span style="font-family: inherit;"><br /></span></div>
<div style="color: #333333; line-height: 18px;">
</div>
<div style="color: black; line-height: normal;">
<span style="font-family: inherit;">Depending on your configuration, XX minutes/days or whatever after having been ban, the host will be unban and the iptables drop rule will be removed.</span></div>
<div style="color: black; line-height: normal;">
<b><span style="font-family: inherit;"><br /></span></b>
<b><span style="font-family: inherit;"><br /></span></b></div>
<div style="color: black; line-height: normal;">
<b><span style="font-family: inherit;">Powerful, simple, beautiful :-)</span></b></div>
<br />
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
</div>
<b style="color: #990000; font-size: large; line-height: 25px;">Step 5: Adding new customized services, example with nginx Web Server</b><br />
<br />
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;">One of very great things with Fail2ban is that you can easily add any customized service you would require, you just add to define regex expression that will be used to match patterns and define Network section.</span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;"><br /></span></div>
<span style="font-family: inherit;"><span style="color: #333333;">Here comes a full example for Nginx Web Server, we will monitor basic </span>authentication<span style="color: #333333;"><span style="color: black; font-size: small;"> failures, badbots, prevent script execution... and off course this can be easily </span>customized<span style="color: black; font-size: small;"> to your needs.</span></span></span><br />
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;"><br /></span></div>
<div style="line-height: 18px;">
<span style="color: #990000; font-family: inherit; font-size: small; line-height: normal;"><b>Nginx Web Server Fail2Ban integration:</b></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;"><br /></span></div>
<div style="line-height: 18px;">
<span style="color: #990000; font-family: inherit; font-size: small; line-height: normal;"><b>1. Create Nginx filters</b></span></div>
<div style="line-height: 18px;">
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;">Create each required file with its content:</span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="font-family: inherit;"><span style="color: black; line-height: normal; white-space: nowrap;"><b><i>/etc/fail2ban/filter.d/nginx-auth.conf</i></b></span>
</span></div>
<div style="color: #333333; line-height: 18px;">
</div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span class="text" style="color: black; line-height: normal; white-space: nowrap;">#</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;"># Auth filter /etc/fail2ban/filter.d/nginx-auth.conf:</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">#</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;"># Blocks IPs that fail to authenticate using basic authentication</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">#</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">[INCLUDES] </span>
<span class="whitespace" style="color: black; line-height: normal; white-space: nowrap;"> </span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;"># Read common prefixes. If any customizations available -- read them from </span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;"># common.local </span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">before = common.conf </span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">[Definition]</span>
<span class="whitespace" style="color: black; line-height: normal; white-space: nowrap;"> </span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">failregex = no user/password was provided for basic authentication.*client: <HOST></span>
<span class="whitespace" style="color: black; line-height: normal; white-space: nowrap;"> </span><span class="text" style="color: black; line-height: normal; white-space: nowrap;">user .* was not found in.*client: <HOST></span>
<span class="whitespace" style="color: black; line-height: normal; white-space: nowrap;"> </span><span class="text" style="color: black; line-height: normal; white-space: nowrap;">user .* password mismatch.*client: <HOST></span>
<span class="whitespace" style="color: black; line-height: normal; white-space: nowrap;"> </span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">ignoreregex =</span>
</pre>
<br />
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; line-height: normal; white-space: nowrap;"><b><i>/etc/fail2ban/filter.d/nginx-login.conf</i></b></span></div>
<div style="color: #333333; line-height: 18px;">
</div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span class="text" style="color: black; line-height: normal; white-space: nowrap;">#</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;"># Login filter /etc/fail2ban/filter.d/nginx-login.conf:</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">#</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;"># Blocks IPs that fail to authenticate using web application's log in page</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">#</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;"># Scan access log for HTTP 200 + POST /sessions => failed log in</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">[INCLUDES] </span>
<span class="whitespace" style="color: black; line-height: normal; white-space: nowrap;"> </span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;"># Read common prefixes. If any customizations available -- read them from </span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;"># common.local </span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">before = common.conf </span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">[Definition]</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">failregex = ^<HOST> -.*POST /sessions HTTP/1\.." 200</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">ignoreregex =</span>
</pre>
<br />
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; line-height: normal; white-space: nowrap;"><i><b>/etc/fail2ban/filter.d/nginx-noscript.conf</b></i></span></div>
<div style="color: #333333; line-height: 18px;">
</div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span class="text" style="color: black; line-height: normal; white-space: nowrap;"># Noscript filter /etc/fail2ban/filter.d/nginx-noscript.conf:</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">#</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;"># Block IPs trying to execute scripts such as .php, .pl, .exe and other funny scripts.</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">#</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;"># Matches e.g.</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;"># 192.168.1.1 - - "GET /something.php</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">#</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">[INCLUDES] </span>
<span class="whitespace" style="color: black; line-height: normal; white-space: nowrap;"> </span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;"># Read common prefixes. If any customizations available -- read them from </span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;"># common.local </span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">before = common.conf </span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">[Definition]</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">failregex = ^<HOST> -.*GET.*(\.php|\.asp|\.exe|\.pl|\.cgi|\scgi)</span>
<span class="text" style="color: black; line-height: normal; white-space: nowrap;">ignoreregex =</span>
</pre>
<br />
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; line-height: normal; white-space: nowrap;"><i><b>/etc/fail2ban/filter.d/nginx-proxy.conf</b></i></span></div>
<div style="color: #333333; line-height: 18px;">
</div>
<pre style="border: 1px dashed rgb(47, 111, 171); color: black; line-height: normal; padding: 1em;"><span class="text" style="white-space: nowrap;"># Proxy filter /etc/fail2ban/filter.d/nginx-proxy.conf:</span>
<span class="text" style="white-space: nowrap;">#</span>
<span class="text" style="white-space: nowrap;"># Block IPs trying to use server as proxy.</span>
<span class="text" style="white-space: nowrap;">#</span>
<span class="text" style="white-space: nowrap;"># Matches e.g.</span>
<span class="text" style="white-space: nowrap;"># 192.168.1.1 - - "GET http://www.something.com/</span>
<span class="text" style="white-space: nowrap;">#</span>
<span class="text" style="white-space: nowrap;">[INCLUDES] </span>
<span class="whitespace" style="white-space: nowrap;"> </span>
<span class="text" style="white-space: nowrap;"># Read common prefixes. If any customizations available -- read them from </span>
<span class="text" style="white-space: nowrap;"># common.local </span>
<span class="text" style="white-space: nowrap;">before = common.conf </span>
<span class="text" style="white-space: nowrap;">[Definition]</span>
<span class="text" style="white-space: nowrap;">failregex = ^<HOST> -.*GET http.*</span>
<span class="text" style="white-space: nowrap;">ignoreregex =</span>
</pre>
<br />
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<br /></div>
<div style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<b style="font-family: 'Times New Roman'; font-size: medium; line-height: normal;"><span style="color: #990000;">2. Create Nginx configuration</span></b></div>
<div style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<b style="color: black; font-family: 'Times New Roman'; font-size: medium; line-height: normal;"><br /></b></div>
<div style="line-height: 18px;">
<b><i><span style="font-family: inherit;"><span style="line-height: normal;">Edit Fail2Ban configuration </span> "/etc/fail2ban/jail.conf" and add:</span></i></b></div>
<div style="line-height: 18px;">
<b><i><span style="font-family: inherit;"><br /></span></i></b></div>
<div style="line-height: 18px;">
<span style="font-family: inherit;"><i style="font-weight: bold;">Note:</i> </span></div>
<div style="line-height: 18px;">
<span style="font-family: inherit;"><br /></span></div>
<div style="line-height: 18px;">
<span style="font-family: inherit;">If Nginx is listening to non standard http/https port, think to adapt to your configuration</span></div>
<div style="line-height: 18px;">
<span style="font-family: inherit;">Also, nginx-noscript will prevent any script execution on your sites, if this is not what you need just comment out this section.</span></div>
<div style="line-height: 18px;">
<span style="font-family: inherit;"><b><i><br /></i></b>
<b><i>/etc/fail2ban/jail.conf</i></b></span>
</div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
</div>
<pre style="border: 1px dashed rgb(47, 111, 171); color: black; line-height: normal; padding: 1em;"><span class="text" style="white-space: nowrap;">[nginx-auth]</span>
<span class="text" style="white-space: nowrap;">enabled = true</span>
<span class="text" style="white-space: nowrap;">filter = nginx-auth</span>
<span class="text" style="white-space: nowrap;">port = http,https</span>
<span class="text" style="white-space: nowrap;">logpath = /var/log/nginx*/*error*.log</span>
<span class="text" style="white-space: nowrap;">bantime = 600 # 10 minutes</span>
<span class="text" style="white-space: nowrap;">maxretry = 6</span>
<span class="whitespace" style="white-space: nowrap;"> </span>
<span class="text" style="white-space: nowrap;">[nginx-login]</span>
<span class="text" style="white-space: nowrap;">enabled = true</span>
<span class="text" style="white-space: nowrap;">filter = nginx-login</span>
<span class="text" style="white-space: nowrap;">port = http,https</span>
<span class="text" style="white-space: nowrap;">logpath = /var/log/nginx*/*access*.log</span>
<span class="text" style="white-space: nowrap;">bantime = 600 # 10 minutes</span>
<span class="text" style="white-space: nowrap;">maxretry = 6</span>
<span class="whitespace" style="white-space: nowrap;"> </span>
<span class="text" style="white-space: nowrap;">[nginx-badbots]</span>
<span class="text" style="white-space: nowrap;">enabled = true</span>
<span class="text" style="white-space: nowrap;">filter = apache-badbots</span>
<span class="text" style="white-space: nowrap;">port = http,https</span>
<span class="text" style="white-space: nowrap;">logpath = /var/log/nginx*/*access*.log</span>
<span class="text" style="white-space: nowrap;">bantime = 86400 # 1 day</span>
<span class="text" style="white-space: nowrap;">maxretry = 1</span>
<span class="whitespace" style="white-space: nowrap;"> </span>
<span class="text" style="white-space: nowrap;">[nginx-noscript]</span>
<span class="text" style="white-space: nowrap;">enabled = true</span>
<span class="text" style="white-space: nowrap;">port = http,https</span>
<span class="text" style="white-space: nowrap;">filter = nginx-noscript</span>
<span class="text" style="white-space: nowrap;">logpath = /var/log/nginx*/*access*.log</span>
<span class="text" style="white-space: nowrap;">axretry = 6</span>
<span class="text" style="white-space: nowrap;">bantime = 86400 # 1 day</span>
<span class="whitespace" style="white-space: nowrap;"> </span>
<span class="text" style="white-space: nowrap;">[nginx-proxy]</span>
<span class="text" style="white-space: nowrap;">enabled = true</span>
<span class="text" style="white-space: nowrap;">port = http,https</span>
<span class="text" style="white-space: nowrap;">filter = nginx-proxy</span>
<span class="text" style="white-space: nowrap;">logpath = /var/log/nginx*/*access*.log</span>
<span class="text" style="white-space: nowrap;">maxretry = 0</span>
<span class="text" style="white-space: nowrap;">bantime = 86400 # 1 day</span>
</pre>
<br />
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<br /></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<b style="color: black; font-family: 'Times New Roman'; font-size: medium; line-height: normal;"><br /></b></div>
<div style="color: #333333; line-height: 18px;">
<b style="color: black; line-height: normal;"><span style="font-family: inherit;">Finally, restart fail2ban and you're done! (sudo service fail2ban restart)</span></b></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;">To test your configuration, just try to access to your basic authentification protected Web Site with bad credentials, as for the SSH example your host will be ban and you'll get the report :-)</span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<br /></div>
<div>
<div style="color: black; font-family: 'Times New Roman'; font-size: medium; line-height: normal;">
</div>
<div>
<br />
<div style="color: black; font-family: 'Times New Roman'; font-size: medium; line-height: normal;">
<b style="color: #990000; font-size: large; line-height: 25px;">FAQ & Issues</b></div>
<div style="color: black; font-family: 'Times New Roman'; font-size: medium; line-height: normal;">
<b style="color: #990000; font-size: large; line-height: 25px;"><br /></b></div>
<br />
<ul>
<li><span style="font-family: inherit;"><span style="line-height: 25px;"><b>How to prevent Fail2ban from sending alerts mails when stopped/started</b></span></span></li>
</ul>
<br />
When email alerting is configured, fail2ban will send you one mail per jail configured (one per Network service) for each action (stop/start).<br />
<br />
This can be as usefull as boring :-)<br />
<br />
<b>If you want to disable this behavior:</b><br />
<br />
- Go in "/etc/fail2ban/actions.d/"<br />
<br />
- You will find 6 configurations files related to sendmail & mail, depending on what you set (sendmail vs mail) you just have to comment out actionstart and actionstop:<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">"action_": comment "actionstart" & "actionstop" in action.d/sendmail.conf</span><br />
<span style="font-family: Courier New, Courier, monospace;">"action_mw": comment "actionstart" & "actionstop" in action.d/sendmail-whois.conf</span><br />
<span style="font-family: Courier New, Courier, monospace;">"action_mwl": comment "actionstart" & "actionstop" in action.d/sendmail-whois-lines.conf</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">"action_": comment "actionstart" & "actionstop" in action.d/mail.conf</span><br />
<span style="font-family: Courier New, Courier, monospace;">"action_mw": comment "actionstart" & "actionstop" in action.d/mail-whois.conf</span><br />
<span style="font-family: Courier New, Courier, monospace;">"action_mwl": comment "actionstart" & "actionstop" in action.d/mail-whois-lines.conf</span></div>
</div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; line-height: 18px;">
<span style="color: black; font-family: inherit; font-size: small; line-height: normal;">- Restart fail2ban, you're done!</span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
</div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
<div style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
<span style="color: black; font-family: 'Times New Roman'; font-size: small; line-height: normal;"><br /></span></div>
</div>
Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com2tag:blogger.com,1999:blog-4353161337668741389.post-69732942283526262612012-11-11T13:28:00.003+01:002013-01-07T16:43:38.761+01:00Howto : Guide to SNORT IDS in Debian based system with Barnyard2, Mysql and Pullpork<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQbyuAs6SKocyO9PTk-x0AXrAaYMAUi3f5ZM63EoYtodKx1aW5UAEkDEFOZFzylJL0cmxo46hgR_zWVBwyFRSSL5zCkIj1mToAAfdUhVYVgpbOVAQRPszXmTDhSn1b2NGG0YcU1vv30n_U/s1600/logo_snortLOWres.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQbyuAs6SKocyO9PTk-x0AXrAaYMAUi3f5ZM63EoYtodKx1aW5UAEkDEFOZFzylJL0cmxo46hgR_zWVBwyFRSSL5zCkIj1mToAAfdUhVYVgpbOVAQRPszXmTDhSn1b2NGG0YcU1vv30n_U/s1600/logo_snortLOWres.jpg" /></a></div>
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b>Last Update: 01/07/2013</b></i><span style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"> </span><br />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b>Major changes:</b></i><span style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"> </span><br />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b>01/07/2013 - Ignoring local traffic</b></i><br />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b>11/11/2012 - Initial Version</b></i><br />
<br />
<br />
<br />
If you are interested in advanced Opensource security tools, you probably already know about Snort Intrusion Prevention System, and if you don't let's follow my guide to help easily getting a full working Snort installation running in Intrusion Prevention System mode.<br />
<br />
<b><i>I will begin with some explanations:</i></b><br />
<br />
- Snort can operate in various mode, as a Network sniffer, as an Intrusion Detection System (IDS) and as an Intrusion Prevention System (IPS)<br />
<br />
- Snort IDS is Opensource but rules are not (anymore) and can be delivered in 2 ways by Sourcefire :<br />
<br />
* For free if you register to Snort, you will get 1 month old rules version and an Oinckcode if you want to use third party tools to automatically update rules<br />
<br />
* With charge if you want to get a subscription and get always up to date verified rules<br />
<br />
- Snort does not support anymore database logging, all activity will logged to files, so you need a third party tool to insert Snort events into a database (Mysql recommended) : Barnyard2<br />
<br />
- Snort does not offer itself any frontend or GUI, you will need a third party tool : most known "Base" (Basic And Security Engine)<br />
<br />
- Snort won't update itself its detection rules, using the 3rd party tool "Pulledpork" will automatically update your rules. (you need to register on Snort site and generate an Oinckcode, see later)<br />
<br />
<br />
<b><i>My guide is based on following documentation, with some adaptations:</i></b><br />
<a href="http://www.snort.org/assets/167/deb_snort_howto.pdf">http://www.snort.org/assets/167/deb_snort_howto.pdf</a><br />
<a href="http://www.snort.org/assets/158/snortinstallguide293.pdf">http://www.snort.org/assets/158/snortinstallguide293.pdf</a><br />
<br />
<br />
I will assume you already have a working Linux installation, which is really far way from the objective of this guide :-)<br />
<br />
<br />
<br />
<span style="background-color: #fefdfa; color: #990000; font-family: inherit;"><b>Summary of steps:</b> </span><br />
<div style="background-color: #fefdfa; color: #333333; line-height: 18px;">
</div>
<span style="font-family: inherit;"><br style="background-color: #fefdfa; color: #333333; line-height: 18px;" /></span>
<span style="font-family: inherit;"><span style="background-color: #fefdfa; color: #990000; line-height: 18px;"><b>Step 1: Prepare your system</b></span><span style="background-color: #fefdfa; color: #990000; line-height: 18px;"><b> </b></span></span><br />
<span style="background-color: #fefdfa; color: #990000; font-family: inherit; line-height: 18px;"><b> 1.1: Install Apache2, Mysql and system dependencies</b></span><br />
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: inherit; line-height: 18px;"><b> 1.2: Install Snort dependencies (libpcap, libdnet, daq)</b></span></div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: inherit; line-height: 18px;"><b> 1.3: Update Library Path</b></span><br />
<div>
<b style="color: #990000; line-height: 18px;"><span style="font-family: inherit;">Step 2: Install and configure Snort</span></b></div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: inherit; line-height: 18px;"><b> 2.1: Installation</b></span></div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: inherit; line-height: 18px;"><b> 2.2: Test Snort</b></span></div>
<div>
<div>
<b style="color: #990000; line-height: 18px;"><span style="font-family: inherit;">Step 3: Install Barnyards</span></b></div>
</div>
<div>
<div>
<b style="color: #990000; line-height: 18px;"><span style="font-family: inherit;">Step 4: Setup Mysql Databases</span></b></div>
<div>
<b style="color: #990000; line-height: 18px;"><span style="font-family: inherit;"> 4.1: Connection to Mysql Server</span></b></div>
<div>
<div>
<b><span style="color: #990000;"><span style="font-family: inherit; line-height: 18px;"> 4.2: Databases and Privileges creation</span></span></b></div>
<div>
<div>
<b style="color: #990000; line-height: 18px;"><span style="font-family: inherit;"> 4.3: Populate database with Snort Structure</span></b></div>
<div>
<div>
<b style="color: #990000; line-height: 18px;"><span style="font-family: inherit;"> 4.4: Launch Snort and Barnyard for second testing</span></b><br />
<span style="color: #990000; font-weight: bold;"> 4.5: OPTIONAL - Ignoring local Traffic</span></div>
<div>
<b style="color: #990000; line-height: 18px;"><span style="font-family: inherit;">Step 5: Init script</span></b></div>
<div>
<div>
<div>
<b style="color: #990000; line-height: 18px;"><span style="font-family: inherit;">Step 6: Cleanup and start services</span></b></div>
<div>
<div>
<b style="color: #990000; line-height: 18px;"><span style="font-family: inherit;">Step 7: Install Pullpork and update your rules</span></b></div>
<div>
<div>
<b style="color: #990000; line-height: 18px;"><span style="font-family: inherit;"> 7.1: Register to Snort and get your Oinckcode</span></b></div>
<div>
<div>
<b style="color: #990000; line-height: 18px;"><span style="font-family: inherit;"> 7.2: Install and configure Pullpork</span></b></div>
<div>
<div>
<b style="color: #990000; line-height: 18px;"><span style="font-family: inherit;"> 7.3: Install Pullpork and update your rules</span></b></div>
<div>
<b style="color: #990000; line-height: 18px;"><span style="font-family: inherit;"> 7.4: Plan auto updates using cron</span></b></div>
</div>
</div>
</div>
</div>
<div>
<div>
<b style="color: #990000; line-height: 18px;"><span style="font-family: inherit;">Step 8: Configure Apache2 and BASE</span></b></div>
<div>
<div>
<b style="color: #990000; line-height: 18px;"><span style="font-family: inherit;"> 8.1: Configure php.ini</span></b></div>
<div>
<div>
<b style="color: #990000; line-height: 18px;"><span style="font-family: inherit;"> 8.2: Install Perl requirements</span></b></div>
<div>
<div>
<b style="color: #990000; line-height: 18px;"><span style="font-family: inherit;"> 8.3: Activate Apache SSL</span></b></div>
<div>
<div>
<b style="color: #990000; line-height: 18px;"><span style="font-family: inherit;"> 8.4: Install and configure BASE</span></b></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div>
<div>
<b style="color: #990000; line-height: 18px;">Step 9: Recommended alternative Frontend for Snort: Splunk for Snort</b><br />
<b style="color: #990000; line-height: 18px;">Step 10: Testing Snort IDS</b></div>
<div>
<div>
</div>
</div>
<br />
<br />
<br />
<br />
<br />
<b style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: large; line-height: 25px;">Step 1: Prepare your system</b><br />
<br />
The ideal configuration would be to have 2 networking interfaces, one used as the management interface and an other that will act as the collector interface. (eg. eth0: Management Int, eth1: Collector Int)<br />
<br />
Therefore you can off course install and use Snort with only one networking interface system that will be used for both normal networking traffic and data collecting.<br />
<br />
I will assume you only have one Networking Interface for all traffic, but this can be easily adapted to your needs.<br />
<br />
<br />
<b><span style="color: #990000;">Step 1.1: Configure your Network Interfaces</span></b><br />
<br />
<b><i>First, ensure your Network IP Address are statically fixed, or reserved in your DHCP Server.</i></b><br />
<br />
<b><i>Disable ”Large Receive Offload” and ”Generic Receive Offload” on the collector interface</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># ethtool -K eth0 gro off
# ethtool -K eth0 lro off</span></span></pre>
<br />
<i><b>Explanation from Snort guide, chapter 1.5:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"><i>Some network cards have features named ”Large Receive Offload” (lro) and ”Generic Receieve Offload”
(gro). With these features enabled, the network card performs packet reassembly before they’re processed by
the kernel.
By default, Snort will truncate packets larger than the default snaplen of 1518 bytes. In addition, LRO and
GRO may cause issues with Stream5 target-based reassembly. We recommend that you turn off LRO and
GRO. On linux systems, you can run:
$ ethtool -K eth1 gro off
$ ethtool -K eth1 lro off</i></span></span>
</pre>
<div>
<br /></div>
<br />
<b><span style="color: #990000;">Step 1.1: Install Apache2, Mysql and system dependencies</span></b><br />
<br />
<b><i>Update:</i></b><br />
<br />
<i>As always, update apt:</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># sudo apt-get update</span></span></pre>
<br />
<b><i>Install Apache2 Web Server:</i></b><br />
<br />
<i>If you don't already have Apache2 installed and running:</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># sudo apt-get install apache2 apache2-utils apache2.2-bin apache2.2-common libapache2-mod-php5</span></span></pre>
<br />
<b><i>Install Mysql server:</i></b><br />
<br />
<i>Your Mysql server can be local or remote.</i><br />
<i><br /></i>
<i>Local Mysql-server installation:</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># sudo apt-get install mysql-client mysql-common mysql-server</span></span></pre>
<br />
<b>Note:</b> Installation wizard will ask to enter your mysql-server admin password<br />
<br />
<i>In case of remote mysql-server, just install mysql client and some dependencies:</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># sudo apt-get install mysql-client</span></span></pre>
<br />
<b><i>Install Dependencies:</i></b><br />
<br />
<i>Install various dependencies:</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># sudo apt-get install g++ make autoconf automake libtool flex bison gcc libnet1 libnet1-dev libapache2-mod-php5 libcrypt-ssleay-perl libpcre3 libpcre3-dev libmysqlclient-dev libphp-adodb libssl-dev libtool libwww-perl libmysqlclient-dev mysql-common mysql-client ntp php5-cli php5-gd php5-mysql php-pear</span></span></pre>
<br />
<br />
<b><span style="color: #990000;">Step 1.2: Install Snort dependencies : (libpcap, libdnet, daq)</span></b><br />
<br />
<i><b>Install libpcap: </b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># cd /usr/src && wget http://www.tcpdump.org/release/libpcap-1.3.0.tar.gz
# tar -zxf libpcap-1.3.0.tar.gz && cd libpcap-1.3.0
# ./configure --prefix=/usr --enable-shared && make && make install</span></span></pre>
<br />
<i><b>Install libdnet: </b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># cd /usr/src && wget http://libdnet.googlecode.com/files/libdnet-1.12.tgz
# tar -zxf libdnet-1.12.tgz && cd libdnet-1.12
# ./configure --prefix=/usr --enable-shared && make && make install</span></span></pre>
<br />
<i><b>Install libdnet: </b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># cd /usr/src && wget http://www.snort.org/dl/snort-current/daq-1.1.1.tar.gz
# tar -zxf daq-1.1.1.tar.gz && cd daq-1.1.1
# ./configure && make && make install</span></span></pre>
<br />
<br />
<b><span style="color: #990000;">Step 1.3: Update library path</span></b><br />
<br />
<b><i>Do:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># echo >> /etc/ld.so.conf /usr/lib
# echo >> /etc/ld.so.conf /usr/local/lib && ldconfig </span></span></pre>
<br />
<br />
<b style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: large; line-height: 25px;">Step 2: Install Snort</b><br />
<br />
<br />
<b><span style="color: #990000;">Step 2.1: Installation</span></b><br />
<br />
<b><i>Download, configure compile and install Snort</i>:</b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># cd /usr/src && wget http://labs.snort.org/snort/2931/snort.conf -O snort.conf
# wget http://www.snort.org/dl/snort-current/snort-2.9.3.1.tar.gz -O snort-2.9.3.1.tar.gz
# tar -zxf snort-2.9.3.1.tar.gz && cd snort-2.9.3.1
# ./configure --enable-sourcefire && make && make install
# mkdir /etc/snort /etc/snort/rules /var/log/snort /var/log/barnyard2 /usr/local/lib/snort_dynamicrules
# touch /etc/snort/rules/white_list.rules /etc/snort/rules/black_list.rules
# groupadd snort && useradd -g snort snort
# chown snort:snort /var/log/snort /var/log/barnyard2
# cp /usr/src/snort-2.9.3.1/etc/*.conf* /etc/snort
# cp /usr/src/snort-2.9.3.1/etc/*.map /etc/snort
# cp /usr/src/snort.conf /etc/snort</span></span></pre>
<br />
<br />
<i><b>Edit "/etc/snort/snort.conf": (using vi to search for a line : esc then ":N" where N is the line number)</b></i><br />
<br />
Line #45 - ipvar HOME_NET 172.26.12.0/22 – make this match your internal (friendly) network<br />
Line #48 - ipvar EXTERNAL_NET !$HOME_NET<br />
Line #104 - var RULE_PATH ./rules<br />
Line #113 - var WHITE_LIST_PATH ./rules<br />
Line #114 - var BLACK_LIST_PATH ./rules<br />
Line #297 - add this to the end after “decompress_depth 65535” max_gzip_mem 104857600<br />
Line #538 - add this line output unified2: filename snort.log, limit 128<br />
Line #554 - delete or comment out all of the “include $RULE_PATH” lines except “local.rules”<br />
<br />
<b><span style="color: #990000;">Step 2.2: First test of Snort</span></b><br />
<i><b><br /></b></i>
<i><b>Temporarily and for testing purposes, add this to "/etc/snort/rules/local.rules" </b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">alert icmp any any -> $HOME_NET any (msg:"ICMP test"; sid:10000001;)</span></span></pre>
<br />
This will be a local testing rule using ICMP request, when running Snort in console and pinging our host from another computer, Snort shall detect it:<br />
<br />
<i><b>Start Snort:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># /usr/local/bin/snort -A console -q -u snort -g snort -c /etc/snort/snort.conf -i eth0</span></span></pre>
<br />
<i><b>Ping your Snort host, you should see Snort logging it:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">02/09-11:29:43.450236 [**] [1:10000001:0] ICMP test [**] [Priority: 0] {ICMP} 172.26.12.1 -> 172.26.12.2
02/09-11:29:43.450251 [**] [1:10000001:0] ICMP test [**] [Priority: 0] {ICMP} 172.26.12.2 -> 172.26.12.1</span></span></pre>
<br />
If you see this kind of output, then your Snort installation is functional ^^<br />
<br />
If not, you may have a configuration issue, stop all and carefully restart from the beginning!<br />
<br />
<i><b>Enter crtl+c to stop Snort.</b></i><br />
<br />
<br />
<br />
<b style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: large; line-height: 25px;">Step 3: Install Barnyard2</b><br />
<br class="Apple-interchange-newline" />
<br />
<i><b>Download, configure, compile and install:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># cd /usr/src && wget https://nodeload.github.com/firnsy/barnyard2/tarball/master
# tar -zxf master && cd firnsy-barnyard2-*
autoreconf -fvi -I ./m4 && ./configure --with-mysql && make && make install
# mv /usr/local/etc/barnyard2.conf /etc/snort
# cp schemas/create_mysql /usr/src</span></span></pre>
<br />
<br />
<i><b>Edit "/etc/snort/barnyard2.conf":</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">Line #215 change to output alert_fast</span></span></pre>
<br />
<br />
<i>At the end of the file, add the Database configuration line, adapt:</i><br />
<i><br /></i>
- "<mypassword>" to the value of the database snort password you want to set (not the admin password database, but the password you are planing to use for Snort database)<br />
<br />
- "localhost" : If your Mysql-server will local, then let localhost, if your Mysql server is remote then enter its IP Address<br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">output database: log, mysql, user=snort password=<mypassword> dbname=snort host=localhost</span></span></pre>
<br />
<br />
<br />
<b style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: large; line-height: 25px;">Step 4: Setup Mysql Databases</b><br />
<br />
<br />
<b>Here comes the Mysql configuration, we will:</b><br />
<br />
- Create a main database called "snort" where Snorts events are going to be logged by the barnyards daemon<br />
- Create a secondary database called "archive" to rotate Snort events<br />
- Create a user "snort" with all privileges to these databases<br />
<br />
<br />
<b><span style="color: #990000;">Step 4.1: Connect to your Mysql server</span></b><br />
<br />
<b><i>If Mysql-server local, enter:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># mysql -u root -p</span></span></pre>
<br />
<b><i>If Mysql-server remote, enter: (adapt IPAddress)</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># mysql -u root -p -h IPAddress</span></span></pre>
<br />
<i><b>Then enter your admin password, you should get the mysql prompt:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">mysql></span></span></pre>
<br />
<br />
<b><span style="color: #990000;">Step 4.2: Create Databases and privileges</span></b><br />
<br />
<b><i>Create Databases:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">mysql></span></span></pre>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">create database snort;
create database archive;</span></span></pre>
<br />
<b>Create Snort user and privileges: (adapt <mypassword> to the Snort database user password value of your choice)</b><br />
<b><br /></b>
<br />
<b><i>If Mysql-server local: (adapt IPAddress with Mysql Server value)</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">mysql></span></span></pre>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">grant usage on snort.* to snort@192.168.1.104;
grant usage on archive.* to snort@192.168.1.104;
set password for snort@192.168.1.104=PASSWORD('snort');
grant all privileges on snort.* to snort@192.168.1.104;
grant all privileges on archive.* to snort@192.168.1.104;
flush privileges;</span></span></pre>
<br />
<i>
<b>If Mysql-server Remote: (adapt IPAddress with Mysql Server value)</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">mysql></span></span></pre>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">grant usage on snort.* to snort@IPAddress;
grant usage on archive.* to snort@IPAddress;
set password for snort@IPAddress=PASSWORD('<mypassword>');
grant all privileges on snort.* to snort@IPAddress;
grant all privileges on archive.* to snort@IPAddress;
flush privileges;</span></span></pre>
<br />
<br />
<b><span style="color: #990000;">Step 4.3: Populate Database with Snort structure</span></b><br />
<br />
<b><i>Do:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">mysql></span></span></pre>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">use snort;
source /usr/src/create_mysql
show tables; # you should see the list of new tables you just imported.
exit</span></span></pre>
<br />
<br />
<span style="color: #990000; font-weight: bold;">Step 4.4: Launch Snort and Barnyes for second testing purposes</span><br />
<span style="font-weight: bold;"><br /></span>
<i><b>Launch Snort and </b></i><i><b>Barnyard </b></i><i><b>:</b></i><br />
<br />
<b><i>Do:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># /usr/local/bin/snort -q -u snort -g snort -c /etc/snort/snort.conf -i eth0 &</span></span></pre>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># /usr/local/bin/barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.log -w /etc/snort/bylog.waldo -G /etc/snort/gen-msg.map -S
/etc/snort/sid-msg.map -C /etc/snort/classification.config &</span></span></pre>
<br />
<i><b>If Barnyard successfully connects to the Snort database, you should get such an output:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span class="text" style="font-size: 13px; white-space: nowrap;">database: compiled support for (mysql) </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">database: configured to use mysql </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">database: schema version = 107 </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">database: host = 192.168.1.100 </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">database: user = snort </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">database: database name = snort </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">database: sensor name = raspberrypi:NULL </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">database: sensor id = 1 </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">database: sensor cid = 12275 </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">database: data encoding = hex </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">database: detail level = full </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">database: ignore_bpf = no </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">database: using the "log" facility </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">--== Initialization Complete ==-- </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">______ -*> Barnyard2 <*- </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">/ ,,_ \ Version 2.1.10 (Build 313) </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">|o" )~| By Ian Firns (SecurixLive): http://www.securixlive.com/ </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">+ '''' + (C) Copyright 2008-2012 Ian Firns <firnsy@securixlive.com> </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">Using waldo file '/etc/snort/bylog.waldo': </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">spool directory = /var/log/snort </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">spool filebase = snort.log </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">time_stamp = 1352226216 </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">record_idx = 24326 </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">Opened spool file '/var/log/snort/snort.log.1352226216' </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">Closing spool file '/var/log/snort/snort.log.1352226216'. Read 24326 records </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">Opened spool file '/var/log/snort/snort.log.1352301110' </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">Waiting for new data</span>
</pre>
<br />
<br />
Any error preventing Barnyard2 from connecting to the Mysql Database will be shown in ouput messages (bad username/password, host unreacheable, etc...)<br />
<br />
If successful, then congratulation you have a working Snort and Barnyard2 installation ^^<br />
<br />
Let's continue!<br />
<br />
<br />
<span style="color: #990000; font-weight: bold;">Step 4.5: OPTIONAL - Ignoring local Traffic</span><br />
<br />
<br />
In most situations you won't be really interested in monitoring your local networking traffic as you can consider it as a trust zone.<br />
<br />
If so, you can easily ask Snort to ignore any local traffic:<br />
<br />
<br />
<i><b>Edit "/etc/snort/snort.conf", search for "</b></i><b><i>config bpf_file", comment it out and change to</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">config bpf_file: /etc/snort/ignore.bpf</span></span></pre>
<br />
<br />
<b><i>Create the file "<span style="background-color: #fefdfa; color: #333333; line-height: 19px;">/etc/snort/ignore.bpf" with the following content: (adapt to your local Network CIDR address)</span></i></b><br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">!(src net 192.168.100.0/24)</span></span></pre>
<br />
<br />
And save, at next reboot any local traffic will be ignored.<br />
<br />
This configuration may also be more complex to ignore different Networks, Hosts and even specific ports.<br />
Google is your friend ^^<br />
<br />
Let's continue!<br />
<br />
<br />
<br />
<br />
<b style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: large; line-height: 25px;">Step 5: Init script</b><br />
<br />
<br />
<b>Add and enable an init script for Snort and Barnyard2.</b><br />
<br />
<b>NOTE:</b> Change "eth0" to your interface name if your collector Interface is different from eth0.<br />
<br />
<i><b>Create the new file "/etc/init.d/snortbarn" and add this content:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">#! /bin/sh
#set -x
#
### BEGIN INIT INFO
# Provides: snortbarn
# Required-Start: $remote_fs $syslog mysql
# Required-Stop: $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# X-Interactive: true
# Short-Description: Start Snort and Barnyard
### END INIT INFO
. /lib/init/vars.sh
. /lib/lsb/init-functions
do_start()
{
log_daemon_msg "Starting Snort and Barnyard" ""
/sbin/ifconfig eth0 up
/usr/local/bin/snort -q -u snort -g snort -c /etc/snort/snort.conf -i eth0 &
/usr/local/bin/barnyard2 -q -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.log -w /etc/snort/bylog.waldo -G /etc/snort/gen-msg.map –S /etc/snort/sid-msg.map -C /etc/snort/classification.config 2> /dev/null &
log_end_msg 0
return 0
}
do_stop()
{
log_daemon_msg "Stopping Snort and Barnyard" ""
kill $(pidof snort) 2> /dev/null
kill $(pidof barnyard2) 2> /dev/null
log_end_msg 0
return 0
}
case "$1" in
start)
do_start
;;
stop)
do_stop
;;
restart)
do_stop
do_start
;;
*)
echo "Usage: snort-barn {start|stop|restart}" >&2
exit 3
;;
esac
exit 0</span></span></pre>
<br />
<b><i>Authorisation</i></b><i><b>:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># chmod +x /etc/init.d/snortbarn</span></span></pre>
<br />
<b><i>Activate</i></b><i><b>:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># update-rc.d snortbarn defaults</span></span></pre>
<br />
<br />
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: medium; font-weight: bold; line-height: 25px;">Step 6: Cleanup and start services</span><br />
<br class="Apple-interchange-newline" />
<br />
<b><i>Stop existing processes and clean up various files:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># rm /var/www/index.html
# chmod 755 /var/www/base
# pkill snort && pkill barnyard2
# rm -rf /var/log/snort/* /var/log/barnyard2/*</span></span></pre>
<br />
<br />
<i><b>Deactivate the local test rules and activate standard rules:</b></i><br />
<br />
Edit "etc/snort/rules/local.rules" and comment out the test rule line<br />
Edit "/etc/snort/snort.conf" – Line 553: add: include $RULE_PATH/snort.rules<br />
<br />
<i><b>Start Snort and Barnyard2:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># sudo service snortbarn start</span></span></pre>
<br />
<br />
<b style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: large; line-height: 25px;">Step 7: Install Pullpork and update your rules</b><br />
<br />
<br />
<span style="color: #990000; font-weight: bold;">Step 7.1: Register to Snort and get your Oinckcode</span><br />
<br />
<b>First, go to www.snort.org and register (for free).</b><br />
<br />
<b>When your accound had been created, go in:</b><br />
<br />
- "My Account"<br />
- Then "Subscriptions and Oinckcodes"<br />
- "Oinkcodes"<br />
<br />
And generate your Oinckcode, copy it somewhere it will be required to set up Pulleporked.<br />
<br />
<br />
<span style="color: #990000; font-weight: bold;">Step 7.2: Install and configure Pulledporked</span><br />
<br />
<i><b>Do:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># cd /usr/src && wget http://pulledpork.googlecode.com/files/pulledpork-0.6.1.tar.gz
# tar -zxf pulledpork-0.6.1.tar.gz && cd pulledpork-0.6.1
# cp pulledpork.pl /usr/local/bin && cp etc/*.conf /etc/snort</span></span></pre>
<br />
<br />
<i><b>Edit "/etc/snort/pulledpork.conf":</b></i><br />
<br />
Comment out lines 22 & 26<br />
<br />
Line 20: enter your “oinkcode” where appropriate or comment out the line if you didn’t get one above<br />
Line 23: leave alone (uncommented) to use the Emerging Threats rule set<br />
Line 71: change to: rule_path=/etc/snort/rules/snort.rules<br />
Line 86: change to: local_rules =/etc/snort/rules/local.rules<br />
Line 89: change to: sid_msg=/etc/snort/sid-msg.map<br />
Line 112: change to: config_path=/etc/snort/snort.conf<br />
<br />
Line 124: change to: distro=Debian-Lenny<br />
<br />
Line 171: Uncomment and change to: enablesid=/etc/snort/enablesid.conf<br />
Line 173: Uncomment and change to: disablesid=/etc/snort/disablesid.conf<br />
Line 174: Uncomment and change to: modifysid=/etc/snort/modifysid.conf<br />
<br />
<i><b>Disable Blocking rules:</b></i><br />
<br />
<i><b>Do:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># echo pcre:fwsam >> /etc/snort/disablesid.conf # disables all block (fwsam) rules</span></span></pre>
<br />
<br />
<br />
<span style="color: #990000; font-weight: bold;">Step 7.3: Start Pulledporked and update your rules set</span><br />
<br />
<i><b>Do:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># /usr/local/bin/pulledpork.pl -c /etc/snort/pulledpork.conf -T -l</span></span></pre>
<br />
<i><b>If everything is fine, you should get this kind of output:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span class="text" style="font-size: 13px; white-space: nowrap;"># /usr/local/bin/pulledpork.pl -c /etc/snort/pulledpork.conf -T -l </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">http://code.google.com/p/pulledpork/ </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">_____ ____ </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">`----,\ ) </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">`--==\\ / PulledPork v0.6.1 the Smoking Pig <////~ </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">`--==\\/ </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">.-~~~~-.Y|\\_ Copyright (C) 2009-2011 JJ Cummings </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">@_/ / 66\_ cummingsj@gmail.com </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">| \ \ _(") </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">\ /-| ||'--' Rules give me wings! </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">\_\ \_\\ </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">Checking latest MD5 for snortrules-snapshot-2931.tar.gz.... </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">They Match </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">Done! </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">Prepping rules from snortrules-snapshot-2931.tar.gz for work.... </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">Done!</span>
<span class="text" style="font-size: 13px; white-space: nowrap;">Reading rules... </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">Reading rules... </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">Processing /etc/snort/enablesid.conf.... </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">Modified 0 rules </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">Done </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">Processing /etc/snort/disablesid.conf.... </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">Modified 0 rules</span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">Done </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">Setting Flowbit State.... </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">Enabled 10 flowbits </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">Enabled 1 flowbits</span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">Done</span>
<span class="text" style="font-size: 13px; white-space: nowrap;">Writing /etc/snort/rules/snort.rules.... </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">Done</span>
<span class="text" style="font-size: 13px; white-space: nowrap;">Generating sid-msg.map.... </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">Done</span>
<span class="text" style="font-size: 13px; white-space: nowrap;">Writing sid_msg.... </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">Done</span>
<span class="text" style="font-size: 13px; white-space: nowrap;">Writing /var/log/sid_changes.log.... </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">Done </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">Rule Stats.... </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">New:-------0 </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">Deleted:---0 </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">Enabled Rules:----3511 </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">Dropped Rules:----0 </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">Disabled Rules:---11787 </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">Total Rules:------15298 </span>
<span class="whitespace" style="font-size: 13px; white-space: nowrap;"> </span><span class="text" style="font-size: 13px; white-space: nowrap;">Done </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">Please review /var/log/sid_changes.log for additional details </span>
<span class="text" style="font-size: 13px; white-space: nowrap;">Fly Piggy Fly!</span>
</pre>
<br />
<br />
<span style="color: #990000; font-weight: bold;">Step 7.4:Plan auto updates using cron</span><br />
<br />
Edit your crontab and add a line for Pullpork, example with an auto update every Sunday at 2.30 AM:<br />
<br />
<i><b>Edit your crontab:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># crontab -e</span></span></pre>
<br />
<b><i>Add:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">30 2 0 * * /usr/local/bin/pulledpork.pl -c /etc/snort/pulledpork.conf -T -l >/var/log/snort/pulledpork_crontab.log</span></span></pre>
<br />
<br />
The auto update result will be available in the log file.<br />
<br />
<br />
<br />
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: medium; font-weight: bold; line-height: 25px;">Step 8: Configure Apache2 and install BASE</span><br />
<br />
To use BASE as a Snort front-end which is Web GUI you off course need a running Web Server, as installed before we will use Apache2.<br />
<br />
Configuring Apache is far away from this guide objective, the default configuration will allow us to access to BASE with no issue.<br />
<br />
<b><br /></b>
<b><span style="color: #990000;">Step 8.1: Configure php.in</span></b><br />
<br />
<i><b>Edit "/etc/php5/apache2/php.ini", look for the line "error_reporting" and change it to:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">error_reporting = E_ALL & ~E_NOTICE</span></span></pre>
<br />
<b><br /></b>
<b><span style="color: #990000;">Step 8.2: Install Perl requirements</span></b><br />
<br />
<i><b>Do:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># pear config-set preferred_state alpha && pear channel-update pear.php.net && pear install --alldeps Image_Color Image_Canvas Image_Graph</span></span></pre>
<br />
<b><br /></b>
<b><span style="color: #990000;">Step 8.3: If you are using Apache2 default configuration, activate SSL</span></b><br />
<br />
<i><b>Do:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># a2enmod ssl
# service apache2 restart</span></span></pre>
<br />
<br />
<span style="color: #990000;">
<b>Step 8.4: Install and configure BASE</b></span><br />
<br />
<i><b>Do:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># cd /usr/src && wget http://sourceforge.net/projects/secureideas/files/BASE/base-1.4.5/base-1.4.5.tar.gz
# tar -zxf base-1.4.5.tar.gz && cp -r base-1.4.5 /var/www/base
# chown -R www-data:www-data /var/www/base</span></span></pre>
<br />
<br />
<b>Open your Web Browser and navigate to "https://IPAddress/base", you should get the BASE configuration page.</b><br />
<br />
<b><i>Do as follows:</i></b><br />
<br />
Path to adodb: /usr/share/php/adodb<br />
Click Continue<br />
Database Name: snort<br />
Database Host: localhost or your Mysql Server IP if remote<br />
Database Port: leave blank<br />
Database User Name: snort<br />
Database Password: <mypassword><br />
<br />
Activate Database Archive and configure as above. (database name "archive")<br />
<br />
Put in values for the authentication system and click submit.<br />
Click "create baseag" which extends the DB to support BASE.<br />
<br />
<br />
<b>And you should get access to BASE ^^</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg08d8_2ARLo4T5Iw8KlL4zWCECLy63XssbmT-n_5h9RmxY_ja4f1FychYinwV0dVV0yKF3KZuji-3TD1vPiXtqKeH5O9WjkIoHGMDEWIofXVwqOZ5vG3x8WeGDVcyWkeKUdGsmoJPF2yNd/s1600/2012-11-07_183354.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="370" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg08d8_2ARLo4T5Iw8KlL4zWCECLy63XssbmT-n_5h9RmxY_ja4f1FychYinwV0dVV0yKF3KZuji-3TD1vPiXtqKeH5O9WjkIoHGMDEWIofXVwqOZ5vG3x8WeGDVcyWkeKUdGsmoJPF2yNd/s640/2012-11-07_183354.jpg" width="640" /></a></div>
<br />
<br />
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: medium; font-weight: bold; line-height: 25px;">Step 9: Recommended alternative frontend for Snort</span><br />
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: medium; font-weight: bold; line-height: 25px;"><br /></span>
<span style="background-color: #fefdfa;"><span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;">BASE is quite limited and obsolete, as a Snort Frontend i personally recommend the Snort plugin for Splunk.</span></span></span><br />
<span style="background-color: #fefdfa;"><span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><br /></span></span></span>
<span style="background-color: #fefdfa;"><span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;">Splunk is an extremely powerful knowledge tool that will aggregate and manipulate any data, an application is available for Snort and provides a very great frontend for Snort!</span></span></span><br />
<span style="background-color: #fefdfa;"><span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><br /></span></span></span>
<span style="background-color: #fefdfa;"><span style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;">A full guide coming soon :-) </span></span></span><br />
<br />
<br />
<br />
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: medium; font-weight: bold; line-height: 25px;">Step 10: Testing SNORT IDS</span><br />
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: medium; font-weight: bold; line-height: 25px;"><br /></span></div>
<div>
<b style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><i>Here are some tools i recommend:</i></b><br />
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">1. <b>Nessus</b></i><br />
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<span style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">Nessus is a well known security scan tool, you can get for a free a personal user key and use the software to scan your sites or hosts.</span><br />
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b>See:</b></i><br />
<a href="http://www.tenable.com/" style="background-color: #fefdfa; color: #7d181e; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px; text-decoration: none;">http://www.tenable.com/</a><br />
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<span style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">Installation is really simple, then simply launch a Web Application scan and wait for the report, this should generate a lot of events in Snort!</span><br />
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<b style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><i>2. Nikto</i></b><br />
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<span style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">Also very powerful and simple to use, Nikto will carefully scan and launch various attacks/exploit against your Web Server.</span><br />
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b>See:</b></i><br />
<a href="http://cirt.net/" style="background-color: #fefdfa; color: #7d181e; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px; text-decoration: none;">http://cirt.net/</a><br />
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<b style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">Example of use:</b><br />
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<b style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><i>Launching a scan in http:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); color: #333333; font-size: 13px; line-height: 18px; padding: 1em;"><span style="line-height: 19px;">perl nikto.pl -h HOST -p PORT</span></pre>
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<b style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><i>Launching a scan in https:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); color: #333333; font-size: 13px; line-height: 18px; padding: 1em;"><span style="line-height: 19px;">perl nikto.pl -h HOST -p PORT -ssl</span></pre>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: medium; font-weight: bold; line-height: 25px;"><br /></span></div>
<div>
<br />
<span style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">Testing Web Server with Nikto should also generate new events in Snort.</span><br />
<br class="Apple-interchange-newline" /></div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: medium; font-weight: bold; line-height: 25px;"><br /></span></div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: medium; font-weight: bold; line-height: 25px;"><br /></span></div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: medium; font-weight: bold; line-height: 25px;"><br /></span></div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: medium; font-weight: bold; line-height: 25px;"><br /></span></div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: medium; font-weight: bold; line-height: 25px;"><br /></span></div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: medium; font-weight: bold; line-height: 25px;"><br /></span></div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: medium; font-weight: bold; line-height: 25px;"><br /></span></div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: medium; font-weight: bold; line-height: 25px;"><br /></span></div>
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: medium; font-weight: bold; line-height: 25px;"><br /></span></div>
<br />
<br />
<br />
<br />
<br /></div>
</div>
Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com29tag:blogger.com,1999:blog-4353161337668741389.post-84825854769870506942012-11-10T20:43:00.002+01:002013-03-09T00:27:50.778+01:00Howto - Apache2 ModSecurity - Enhance your Web Server and Applications security with an Opensource Web Application Firewall (WAF)<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj24TXbhHn1VxlkoSS0PNvVtkIoRd-q3yVjgS1tx1-snRN6P956_FpHnRSvET95385B80-S4FXD4lUYGueVgpPIRdXf0iBCUkv5EWmbOJNYbyww3Ichr0lFfEI3Z4R346OovZ_-Le_1qMpJ/s1600/apache-logo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="201" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj24TXbhHn1VxlkoSS0PNvVtkIoRd-q3yVjgS1tx1-snRN6P956_FpHnRSvET95385B80-S4FXD4lUYGueVgpPIRdXf0iBCUkv5EWmbOJNYbyww3Ichr0lFfEI3Z4R346OovZ_-Le_1qMpJ/s400/apache-logo.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj41lHd1QOzMvjmhcBg_3T_WMvsnNLU_3VoO5xJQl0gxDCPN7mLkBw1fB8bohy4b6IvDfo_4aW-JZapqzKxuLolEEY8PMuzOScX5Vl8nDivDmodp_dBwNLL6DFjstiPwt175heHQxXSwkgl/s1600/button-modsecurity.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="67" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj41lHd1QOzMvjmhcBg_3T_WMvsnNLU_3VoO5xJQl0gxDCPN7mLkBw1fB8bohy4b6IvDfo_4aW-JZapqzKxuLolEEY8PMuzOScX5Vl8nDivDmodp_dBwNLL6DFjstiPwt175heHQxXSwkgl/s200/button-modsecurity.gif" width="200" /></a></div>
<br />
<br />
<br />
<i style="color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><span style="color: #666666;"><b style="font-size: x-large;">*** Updated</b><b style="font-size: x-large;"> March 9, 2013 ***</b></span></i><br />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b><br /></b></i>
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b>03/09/2013: Various typo corrections</b></i><br />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b><br /></b></i>
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b><br /></b></i>
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: medium; line-height: 25px;">The Goal: </span><br />
<br />
ModSecurity is an OpenSource Web Application Firewall, today stable when used with Apache Web server, it will allow to drastically increase your Web security by analyzing in real time any kind of traffic and applying various analysis rules.<br />
<br />
This tutorial is based on Ubuntu and Debian based system, bu can be easily adapted to any Unix / Linux based OS.<br />
<br />
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: medium; line-height: 25px;">Major sources: </span><br />
<br />
<i><b>Official ModSecurity site:</b></i><br />
<a href="http://www.modsecurity.org/">http://www.modsecurity.org/</a><br />
<br />
<i><b>ModSecurity Rules:</b></i><br />
<a href="http://spiderlabs.github.com/owasp-modsecurity-crs/">http://spiderlabs.github.com/owasp-modsecurity-crs/</a><br />
<br />
<b><i>Various interesting sources:</i></b><br />
<a href="http://www.thefanclub.co.za/how-to/how-install-apache2-modsecurity-and-modevasive-ubuntu-1204-lts-server">http://www.thefanclub.co.za/how-to/how-install-apache2-modsecurity-and-modevasive-ubuntu-1204-lts-server</a><br />
<a href="http://www.ebelair.fr/2011/06/07/installer-et-configurer-modsecurity/">http://www.ebelair.fr/2011/06/07/installer-et-configurer-modsecurity/</a><br />
<br />
<br />
<br />
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: medium;">Summary of steps: </span><br />
<div style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
</div>
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<span style="font-family: inherit;"><span style="background-color: #fefdfa; color: #990000; line-height: 18px;">Step 1: Prepare your system</span></span><span style="color: #990000; font-family: inherit;">Step 2: Download components - ModSecurity Sources and Rules</span><br />
<div>
</div>
<span style="color: #990000; font-family: inherit;">Step 3: Compile and install ModSecurity Module</span><br />
<span style="color: #990000; font-family: inherit;">Step 4: Configure ModSecurity module and rules</span><br />
<span style="color: #990000; font-family: inherit;">Step 5: Main ModSecurity Configuration</span><br />
<span style="color: #990000; font-family: inherit;">Step 6: Test your configuration, Simulate a generic attack and malicious code upload</span><br />
<span style="color: #990000; font-family: inherit;">Step 7: Whitelist configuration, test your Web sites and add whitelist exceptions if required</span><br />
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; line-height: 18px;">Step 8: Advanced vulnerabilities and attack tools</span><br />
<div>
<span style="background-color: #fefdfa; color: #990000; font-family: inherit; line-height: 18px;">FAQ & issues</span></div>
<br />
<br />
I will assume you already have a running OS and Apache installation.<br />
<br />
To implement ModSecurity for Apache on Debian / Ubuntu based systems, you can use official OS Repositories or download, compile and configure latest official versions of ModSecurity sources and rules.<br />
<br />
This tutorial is based on the second solution because we wan't to take benefit of very last versions. <br />
<br />
<br />
<span style="color: #990000;"><b>Step 1: Prepare your system</b></span><br />
<br />
<b><i>Install various dependencies:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333; font-size: 13px; line-height: 19px;"><span class="mw-headline"><span class="mw-headline" style="font-family: inherit;"><span class="mw-headline" style="background-color: white;">$ </span></span></span></span><span style="background-color: transparent; line-height: 19px;"><span style="color: #333333;">sudo apt-get install g++ make autoconf automake libtool flex bison gcc </span></span><span style="background-color: transparent; line-height: 19px;"><span style="color: #333333;">apache2-threaded-dev libxml2-dev libcurl4-gnutls-dev </span></span><span style="background-color: transparent; line-height: 19px;"><span style="color: #333333;">libapr1 libapr1-dev libpcre3 libpcre3-dev libxml2 libxml2-dev</span></span></pre>
<br />
ModSecurity can be combined with an Antivirus if you want to scan for malicious code any incoming file, this can be a great idea to secure your Web Server.<br />
Clamav is an Opensource Antivirus and will be used to achieve this.<br />
<br />
<i><b>Install Clamav:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333; font-size: 13px; line-height: 19px;"><span class="mw-headline"><span class="mw-headline" style="font-family: inherit;"><span class="mw-headline" style="background-color: white;">$ </span></span></span></span><span style="background-color: transparent; line-height: 19px;"><span style="color: #333333;">sudo apt-get install clamav clamav-base clamav-freshclam</span></span></pre>
<br />
<b><i>An Apache module called "unique_id" is required to use ModSecurity.</i></b><br />
<b><i>This module should be installed by default.</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333; font-size: 13px; line-height: 19px;"><span class="mw-headline"><span class="mw-headline" style="font-family: inherit;"><span class="mw-headline" style="background-color: white;">$ </span></span></span></span><span style="background-color: transparent; line-height: 19px;"><span style="color: #333333;">sudo a2enmod unique_id</span></span></pre>
<br />
<br />
<span style="color: #990000;"><b>Step 2: Download components - ModSecurity Sources and Rules</b></span><br />
<div>
<br /></div>
<div>
I would advise to download and keep files into "/usr/local/src/modsecurity" but this is up to you to change it.</div>
<div>
<br /></div>
<br />
<i><b>Download required components:</b></i><br />
<ul>
<li><b>ModSecurity sources</b>:</li>
</ul>
Go to <a href="http://www.modsecurity.org/download/">http://www.modsecurity.org/download/</a> and download last version "modsecurity*apache*.tar.gz"<br />
<ul>
<li><b>ModSecurity Core Rules:</b></li>
</ul>
Go to <a href="http://spiderlabs.github.com/owasp-modsecurity-crs/">http://spiderlabs.github.com/owasp-modsecurity-crs/</a> and download last modsecurity*apache*.tar.gz<br />
<br />
<br />
<span style="color: #990000;"><b>Step 3: Compile and install ModSecurity Module</b></span><br />
<br />
<i><b>Extract Modsecurity Sources:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ tar -xvzf <replace with Modsecurity Sources archive version name>
$ cd <extracted directory></span></span></pre>
<br />
<i><b>Configure, compile and install:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ ./autogen.sh
$ ./configure
$ make
$ sudo make install</span></span></pre>
<br />
The module core will be installed by default in "/usr/local/modsecurity/lib".<br />
<br />
<br />
<span style="color: #990000;"><b>Step 4: Configure ModSecurity module and rules</b></span><br />
<br />
<i><b>Create module loading file in Apache:</b></i>
<br />
<br />
<b><i>Create a new file "/etc/apache2/mods-available/security2_module.load" and add:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">LoadFile libxml2.so
LoadFile liblua5.1.so
LoadModule security2_module /usr/local/modsecurity/lib/mod_security2.so</span></span></pre>
<br />
<i><b>Extract Modsecurity Core Rules:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ tar -xvzf <replace with Modsecurity Core Rules archive version name>
$ sudo mv <extracted directory> /usr/local/src/modsecurity-crs</span></span></pre>
<br />
<b><i>Prepare your Apache configuration: </i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo mv <extracted directory> /usr/local/src/modsecurity-crs
$ sudo mkdir -p /etc/apache2/modsecurity/conf
$ sudo mkdir -p /etc/apache2/modsecurity/activated_rules
$ sudo cp /usr/local/src/modsecurity-crs/*.conf.example /usr/local/src/modsecurity-crs/modsecurity.conf
$ sudo ln -s /usr/local/src/modsecurity-crs/modsecurity.conf /etc/apache2/modsecurity/conf/modsecurity.conf</span></span></pre>
<br />
<b><i>Activate recommended rules by creating symlinks:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ for f in `ls base_rules/`; do sudo ln -s /usr/local/src/modsecurity-crs/base_rules/$f /etc/apache2/modsecurity/activated_rules/$f; done
$ for f in `ls optional_rules/ | grep comment_spam`; do sudo ln -s /usr/local/src/modsecurity-crs/optional_rules/$f /etc/apache2/modsecurity/activated_rules/$f; done</span></span></pre>
<br />
<b><i>Add symlink to "util" directory:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ </span></span><span style="background-color: transparent; line-height: 19px;"><span style="color: #333333;">sudo ln -s /usr/local/src/modsecurity-crs/util /etc/apache2/modsecurity/util</span></span></pre>
<br />
<b><i>Add module launch configuration file:</i></b><br />
<br />
<b><i>Create a new file "/etc/apache2/conf.d/modsecurity.conf" and add:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"><IfModule security2_module>
Include /etc/apache2/modsecurity/conf/*.conf
Include /etc/apache2/modsecurity/activated_rules/*.conf
<IfModule></span></span></pre>
<br />
<b><i>Activate modsecurity module:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo a2enmod security2_module</span></span></pre>
<br />
<span style="color: #990000;"><b><br /></b></span><span style="color: #990000;"><b>Step 5: Main ModSecurity Configuration</b></span><br />
<br />
<br />
<b><i>Now, let's create the module configuration file, based on recommended version by modsecurity:</i></b><br />
<a href="https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual">https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual</a>
<br />
<br />
Create the main Modsecurity configuration file:<br />
<br />
<b><i>/etc/apache2/mods-available/security2_module.conf :</i></b><br />
<b><i><br /></i></b>
<b><i>Modifications i recommend:</i></b><br />
<b><i><br /></i></b>
<b># Line 7: </b>Change "SecRuleEngine DetectionOnly" to "SecRuleEngine On" if you want active response from the module.<br />
In detection mode only, no actions but logging will be done by modsecurity module.<br />
<br />
<b># Line 167:</b> Comment out and change debug log file, change "#SecDebugLog /opt/modsecurity/var/log/debug.log" to "SecDebugLog /var/log/apache2/modsec_debug.log"<br />
<br />
<b># Line 187:</b> Change main modsec log from"SecAuditLog /var/log/modsec_audit.log" to "SecAuditLog /var/log/apache2/modsec_audit.log"<br />
<b><i><br /></i></b>
<i style="font-weight: bold;"># Line 147: </i>Change "#SecUploadDir /opt/modsecurity/var/upload/" to "/var/cache/www-upload" (will be created later)<br />
<br />
<i style="font-weight: bold;"># Line 32/33: </i>Depending on your needs, you have set the maximum allowed file size for uploads in your sites, there is an hard limit 1GB, if you want this, then set:<br />
SecRequestBodyLimit 1073741824<br />
SecRequestBodyNoFilesLimit 1073741824<br />
<br />
<b><i>If you want to use Clamav to scan uploaded files:</i></b><br />
<b><i><br /></i></b>
<br />
<b><i>#Line 160: add the following line:</i></b><br />
SecRule FILES_TMPNAMES "@inspectFile /etc/apache2/modsecurity/util/runav.pl" "id:159,phase:2,t:none,log,deny,msg:'Malicious Code Detected, access denied'"<br />
<br />
<br />
<b><i>/etc/apache2/mods-available/security2_module.conf :</i></b><br />
<pre style="background-color: #f8f8f8; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(204, 204, 204); margin-bottom: 15px; margin-top: 15px; overflow: auto; padding: 6px 10px;"><span style="color: #333333; font-family: Consolas, Liberation Mono, Courier, monospace; font-size: x-small;"><span style="line-height: 19px;"># -- Rule engine initialization ----------------------------------------------
# Enable ModSecurity, attaching it to every transaction. Use detection
# only to start with, because that minimises the chances of post-installation
# disruption.
#
SecRuleEngine On
# -- Request body handling ---------------------------------------------------
# Allow ModSecurity to access request bodies. If you don't, ModSecurity
# won't be able to see any POST parameters, which opens a large security
# hole for attackers to exploit.
#
SecRequestBodyAccess On
# Enable XML request body parser.
# Initiate XML Processor in case of xml content-type
#
SecRule REQUEST_HEADERS:Content-Type "text/xml" \
"id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML"
# Maximum request body size we will accept for buffering. If you support
# file uploads then the value given on the first line has to be as large
# as the largest file you are willing to accept. The second value refers
# to the size of data, with files excluded. You want to keep that value as
# low as practical.
#
SecRequestBodyLimit 1073741824
SecRequestBodyNoFilesLimit </span></span><span style="color: #333333; font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: x-small; line-height: 19px;">1073741824</span><span style="color: #333333; font-family: Consolas, Liberation Mono, Courier, monospace; font-size: x-small;"><span style="line-height: 19px;">
# Store up to 128 KB of request body data in memory. When the multipart
# parser reachers this limit, it will start using your hard disk for
# storage. That is slow, but unavoidable.
#
SecRequestBodyInMemoryLimit 131072
# What to do if the request body size is above our configured limit.
# Keep in mind that this setting will automatically be set to ProcessPartial
# when SecRuleEngine is set to DetectionOnly mode in order to minimize
# disruptions when initially deploying ModSecurity.
#
SecRequestBodyLimitAction Reject
# Verify that we've correctly processed the request body.
# As a rule of thumb, when failing to process a request body
# you should reject the request (when deployed in blocking mode)
# or log a high-severity alert (when deployed in detection-only mode).
#
SecRule REQBODY_ERROR "!@eq 0" "id:'200001', phase:2,t:none,log,deny, \
status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2"
# By default be strict with what we accept in the multipart/form-data
# request body. If the rule below proves to be too strict for your
# environment consider changing it to detection-only. You are encouraged
# _not_ to remove it altogether.
#
SecRule MULTIPART_STRICT_ERROR "!@eq 0" \
"id:'200002',phase:2,t:none,log,deny,status:400, \
msg:'Multipart request body failed strict validation: \
PE %{REQBODY_PROCESSOR_ERROR}, \
BQ %{MULTIPART_BOUNDARY_QUOTED}, \
BW %{MULTIPART_BOUNDARY_WHITESPACE}, \
DB %{MULTIPART_DATA_BEFORE}, \
DA %{MULTIPART_DATA_AFTER}, \
HF %{MULTIPART_HEADER_FOLDING}, \
LF %{MULTIPART_LF_LINE}, \
SM %{MULTIPART_MISSING_SEMICOLON}, \
IQ %{MULTIPART_INVALID_QUOTING}, \
IP %{MULTIPART_INVALID_PART}, \
IH %{MULTIPART_INVALID_HEADER_FOLDING}, \
FL %{MULTIPART_FILE_LIMIT_EXCEEDED}'"
# Did we see anything that might be a boundary?
#
SecRule MULTIPART_UNMATCHED_BOUNDARY "!@eq 0" "id:'200003',phase:2,t:none,log,deny, \
status:400,msg:'Multipart parser detected a possible unmatched boundary.'"
# PCRE Tuning
# We want to avoid a potential RegEx DoS condition
#
SecPcreMatchLimit 1000
SecPcreMatchLimitRecursion 1000
# Some internal errors will set flags in TX and we will need to look for these.
# All of these are prefixed with "MSC_". The following flags currently exist:
#
# MSC_PCRE_LIMITS_EXCEEDED: PCRE match limits were exceeded.
#
SecRule TX:/^MSC_/ "!@streq 0" \
"id:'200004',phase:2,t:none,deny,msg:'ModSecurity internal error flagged: %{MATCHED_VAR_NAME}'"
# -- Response body handling --------------------------------------------------
# Allow ModSecurity to access response bodies.
# You should have this directive enabled in order to identify errors
# and data leakage issues.
#
# Do keep in mind that enabling this directive does increases both
# memory consumption and response latency.
#
SecResponseBodyAccess On
# Which response MIME types do you want to inspect? You should adjust the
# configuration below to catch documents but avoid static files
# (e.g., images and archives).
#
SecResponseBodyMimeType text/plain text/html text/xml
# Buffer response bodies of up to 512 KB in length.
SecResponseBodyLimit 524288
# What happens when we encounter a response body larger than the configured
# limit? By default, we process what we have and let the rest through.
# That's somewhat less secure, but does not break any legitimate pages.
#
SecResponseBodyLimitAction ProcessPartial
# -- Filesystem configuration ------------------------------------------------
# The location where ModSecurity stores temporary files (for example, when
# it needs to handle a file upload that is larger than the configured limit).
#
# This default setting is chosen due to all systems have /tmp available however,
# this is less than ideal. It is recommended that you specify a location that's private.
#
SecTmpDir /tmp/
# The location where ModSecurity will keep its persistent data. This default setting
# is chosen due to all systems have /tmp available however, it
# too should be updated to a place that other users can't access.
#
SecDataDir /tmp/
# -- File uploads handling configuration -------------------------------------
# The location where ModSecurity stores intercepted uploaded files. This
# location must be private to ModSecurity. You don't want other users on
# the server to access the files, do you?
#
SecUploadDir /var/cache/www-upload
# By default, only keep the files that were determined to be unusual
# in some way (by an external inspection script). For this to work you
# will also need at least one file inspection rule.
#
#SecUploadKeepFiles RelevantOnly
# Uploaded files are by default created with permissions that do not allow
# any other user to access them. You may need to relax that if you want to
# interface ModSecurity to an external program (e.g., an anti-virus).
#
#SecUploadFileMode 0600
SecRule FILES_TMPNAMES "@inspectFile /etc/apache2/modsecurity/util/runav.pl" "id:159,phase:2,t:none,log,deny,msg:'Malicious Code Detected, access denied'"
# -- Debug log configuration -------------------------------------------------
# The default debug log configuration is to duplicate the error, warning
# and notice messages from the error log.
#
SecDebugLog /var/log/apache2/modsec_debug.log
#SecDebugLogLevel 3
# -- Audit log configuration -------------------------------------------------
# Log the transactions that are marked by a rule, as well as those that
# trigger a server error (determined by a 5xx or 4xx, excluding 404,
# level response status codes).
#
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus "^(?:5|4(?!04))"
# Log everything we know about a transaction.
SecAuditLogParts ABIJDEFHZ
# Use a single file for logging. This is much easier to look at, but
# assumes that you will use the audit log only occasionally.
#
SecAuditLogType Serial
SecAuditLog /var/log/apache2/modsec_audit.log
# Use concurrent logging
#SecAuditLogType Concurrent
#SecAuditLog "|/opt/modsecurity/bin/mlogc /opt/modsecurity/etc/mlogc.conf"
# Specify the path for concurrent audit logging.
#SecAuditLogStorageDir /opt/modsecurity/var/audit/
# -- Miscellaneous -----------------------------------------------------------
# Use the most commonly used application/x-www-form-urlencoded parameter
# separator. There's probably only one application somewhere that uses
# something else so don't expect to change this value.
#
SecArgumentSeparator &
# Settle on version 0 (zero) cookies, as that is what most applications
# use. Using an incorrect cookie version may open your installation to
# evasion attacks (against the rules that examine named cookies).
#
SecCookieFormat 0
# Specify your Unicode Code Point.
# This mapping is used by the t:urlDecodeUni transformation function
# to properly map encoded data to your language. Properly setting
# these directives helps to reduce false positives and negatives.
#
#SecUnicodeCodePage 20127
#SecUnicodeMapFile unicode.mapping</span></span></pre>
<i><b><br /></b></i>
<i><b>Create upload dir cache:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo mkdir /var/cache/www-upload
$ sudo chown www-data:wwwdata /var/cache/www-upload</span></span></pre>
<br />
<i><b>Create whitelist file (blank for now):</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo touch /etc/apache2/modsecurity/conf/whitelist.conf</span></span></pre>
<br />
<i><b>Were're done with configuration, restart Apache2:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo service apache2 restart</span></span></pre>
<br />
<span style="color: #990000;"><b><br /></b></span><span style="color: #990000;"><b>Step 6: Test your configuration, Simulate a generic attack and malicious code upload</b></span><br />
<br />
<br />
<i><b>Test your configuration:</b></i><br />
<i><b><br /></b></i>
<i><b>1. Main log file</b></i><br />
<i><b><br /></b></i>
<i><b>Upon Apache2 start-up, you should see a new file "/var/log/apache2/modsec_audit.log", to see its content in real time:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ tail -f /var/log/apache2/modsec_audit.log</span></span></pre>
<br />
<i><b>2. Simulate a simple attack</b></i><br />
<br />
Open your Web Browser and simulate a generic attack (adapt to your configuration, name and port):<br />
<b>http://localhost/test.php?secret_file=/etc/passwd</b><br />
<br />
If you have activated SecRuleEngine to On, then your get an refused error from Apache.<br />
Otherwise, an attack should have been logged in main audit log.<br />
<br />
<b>If ok:</b><br />
<pre style="background-color: #f8f8f8; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(204, 204, 204); margin-bottom: 15px; margin-top: 15px; overflow: auto; padding: 6px 10px;"><h1 style="font-family: 'Times New Roman'; white-space: normal;">
Forbidden</h1>
<div style="font-family: 'Times New Roman'; white-space: normal;">
You don't have permission to access / on this server.</div>
</pre>
<br />
<b><i>In log you should see something like this:</i></b><br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333; font-size: x-small;"><span style="line-height: 19px;">Message: Access denied with code 403 (phase 2). Pattern match "(?:\\b(?:\\.(?:ht(?:access|passwd|group)|www_?acl)|global\\.asa|httpd\\.conf|boot\\.ini)\\b|\\/etc\\/)" at ARGS:secret_file. [file "/etc/apache2/modsecurity/activated_rules/modsecurity_crs_40_generic_attacks.conf"] [line "205"] [id "950005"] [rev "2"] [msg "Remote File Access Attempt"] [data "Matched Data: /etc/ found within ARGS:secret_file: /etc/passwd"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.6"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/WEB_ATTACK/FILE_INJECTION"] [tag "WASCTC/WASC-33"] [tag "OWASP_TOP_10/A4"] [tag "PCI/6.5.4"]
Action: Intercepted (phase 2)
Apache-Handler: application/x-httpd-php
Stopwatch: 1352556406954555 3620 (- - -)
Stopwatch2: 1352556406954555 3620; combined=2104, p1=546, p2=1462, p3=0, p4=0, p5=95, sr=121, sw=1, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.7.0 (http://www.modsecurity.org/); OWASP_CRS/2.2.6.
Server: Apache
Engine-Mode: "ENABLED"</span></span></pre>
<div>
<br /></div>
<br />
<i><b>3. Try to upload a malicious test file</b></i><br />
<i><b><br /></b></i>
<i><b>Create locally a file "</b></i><b><i>testeicar.txt" with following content and try to upload it to your Web Server:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*</span></span></pre>
<br />
<i><b>Upload should fail and you should see this kind of message in modsec log:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333; font-size: x-small;"><span style="line-height: 19px;">Message: Access denied with code 403 (phase 2). File "/tmp//20121110-143758-UJ5Ytn8AAQEAAFjiESIAAAAI-file-pCUZqH" rejected by the approver script "/etc/apache2/modsecurity/util/runav.pl": 0 clamscan: Eicar-Test-Signature [file "/etc/apache2/mods-enabled/security2_module.conf"] [line "160"] [id "159"] [msg "Malicious Code Detected, access denied"]
Action: Intercepted (phase 2)
Apache-Handler: application/x-httpd-php
Stopwatch: 1352554678179590 9450540 (- - -)
Stopwatch2: 1352554678179590 9450540; combined=9447023, p1=562, p2=9446396, p3=0, p4=0, p5=64, sr=117, sw=1, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.7.0 (http://www.modsecurity.org/); OWASP_CRS/2.2.6.
Server: Apache
Engine-Mode: "ENABLED"</span></span></pre>
<div>
<br /></div>
<br />
<span style="color: #990000;"><b>Step 7: Whitelist configuration, test your Web sites and add whitelist exceptions if required</b></span><br />
<span style="color: #990000;"><b><br /></b></span>
<br />
You could probably encounter actions refused based on rules policies with your Web Sites and Applications, so it is recommended to test and add exceptions when required.<br />
<br />
As far en example, in my case using Ajaxplorer and uploading files won't possible in default configuration because some rules policies will reject it.<br />
<br />
The way to deal with that is almost simple, keep a terminal view on modsec log and test normal user action, each rejected action will be associated to a unique id, we will add exceptions to these ids to allow normal users actions.<br />
<br />
<b>Example with ajaxplorer and file upload:</b><br />
<br />
<i><b>Without whitelist exception, upload fails with following message log: </b></i><br />
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333; font-size: x-small;"><span style="line-height: 19px;">Message: Access denied with code 400 (phase 2). Match of "eq 0" against "MULTIPART_UNMATCHED_BOUNDARY" required. [file "/etc/apache2/mods-enabled/security2_module.conf"] [line "80"] [id "200003"] [msg "Multipart parser detected a possible unmatched boundary."]
Action: Intercepted (phase 2)
Apache-Handler: application/x-httpd-php
Stopwatch: 1352555512125594 4755100 (- - -)
Stopwatch2: 1352555512125594 4755100; combined=1441, p1=1276, p2=65, p3=0, p4=0, p5=99, sr=336, sw=1, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.7.0 (http://www.modsecurity.org/); OWASP_CRS/2.2.6.
Server: Apache
Engine-Mode: "ENABLED"</span></span></pre>
</div>
<br />
<br />
This is the first policy blocking our normal user action, so we will had an exception associated with this id:<br />
<br />
<b><i>Edit "/etc/apache2/modsecurity/conf/whitelist.conf" and add:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"><LocationMatch "/ajaxplorer/">
SecRuleRemoveById 200003
</LocationMatch></span></span>
</pre>
<div>
<br /></div>
<br />
Then reload or restart Apache2 (sudo service apache2 reload) and restart your normal user action, if it still fails then re-check your modsec log, note the id and add it to exception.<br />
<br />
<i><b>Finally, for Ajaxplorer/owncloud example, i had to deal with these exceptions:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"><LocationMatch "/ajaxplorer/">
SecRuleRemoveById 200003 960024 960915
</LocationMatch></span></span>
</pre>
<div>
<br /></div>
Proceed the same way with all your sites and applications, and you will be done!<br />
<br />
<b><i>Note:</i></b><br />
<br />
If you have any problem with whitelist by location like exception not been working, try to apply your exceptions directly in the Apache configuration file.<br />
<br />
Behind the directive DocumentRoot, append your exceptions like this:<br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">SecRuleRemoveById 200003 960024 960915</span></span></pre>
<br />
<br />
And restart/reload Apache.<br />
<br />
<span style="color: #990000;"><b><br /></b></span>
<span style="color: #990000;"><b>Step 8: Advanced vulnerabilities and attack tools</b></span><br />
<div>
<br /></div>
Now that your Apache installation has been secured, you should think about testing your site with advanced vulnerabilities tools.<br />
<br />
<b><i>Here are some tools i recommend:</i></b><br />
<br />
<i>1. <b>Nessus</b></i><br />
<br />
Nessus is a well known security scan tool, you can get for a free a personal user key and use the software to scan your sites or hosts.<br />
<br />
<i><b>See:</b></i><br />
<a href="http://www.tenable.com/">http://www.tenable.com/</a><br />
<br />
<br />
Installation is really simple, then simply launch a Web Application scan and wait for the report, you should see many output in log showing ModSecurity activity.<br />
<br />
<b><i>2. Nikto</i></b><br />
<br />
Also very powerful and simple to use, Nikto will carefully scan and launch various attacks/exploit against your Web Server.<br />
<br />
The result will instantly visible in ModSecurity main log with thousands of events logs, i would recommend to to launch 2 scan, a first scan with ModSecurity activated and second with ModSecurity deactivated and just compare results ^^<br />
<br />
<i><b>See:</b></i><br />
<a href="http://cirt.net/">http://cirt.net/</a><br />
<br />
<b>Example of use:</b><br />
<br />
<b><i>Launching a scan in http:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">perl nikto.pl -h HOST -p PORT</span></span></pre>
<br />
<b><i>Launching a scan in https:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">perl nikto.pl -h HOST -p PORT -ssl</span></span></pre>
<br />
<br />
<b><i>3. Web-sorrow</i></b><br />
<b><i><br /></i></b>
Another tool, under hard tests :-)<br />
<b><i><br /></i></b>
<a href="http://code.google.com/p/web-sorrow/">http://code.google.com/p/web-sorrow/</a><br />
<div>
<b><i><br /></i></b></div>
<div>
<b><i><br /></i></b></div>
<div>
<b><i><br /></i></b></div>
<br />
<br />
<span style="color: #990000;"><b>FAQ & Issues</b></span><br />
<div>
<span style="color: #990000;"><b><br /></b></span></div>
<ul>
<li><b>How to activate / deactivate ModSecurity Module</b></li>
</ul>
<div>
Nothing more simple:</div>
<div>
<br /></div>
<div>
<b><i>Activating:</i></b></div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo a2enmod security2_module
$ sudo service apache2 restart</span></span></pre>
</div>
<br />
<div>
<b><i>Deactivating:</i></b></div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo a2dismod security2_module
$ sudo service apache2 restart</span></span></pre>
</div>
<br />
<br />
<ul>
<li><b>How to partially deactivate ModSecurity for a location</b></li>
</ul>
<div>
You may want to partially deactivate ModSecurity for a specific location, to do this add a such section into your whitelist:</div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"><LocationMatch "/application/">
SecRuleEngine Off
</LocationMatch></span></span>
</pre>
</div>
<div>
<br /></div>
<div>
And restart / reload Apache to apply.</div>
<br />
<br />
<ul>
<li><b>How to deactivate ModSecurity for a full Apache instance</b></li>
</ul>
<div>
You may also want to deactivate ModSecurity by instance, to do so edit the instance Apache configuration file and this behind the DocumentRoot line:</div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">SecRuleEngine Off</span></span>
</pre>
</div>
<div>
<br /></div>
<div>
And restart / reload Apache to apply.</div>
<br />
<br />
<ul>
<li><b>How to update ModSecurity Rules</b></li>
</ul>
<div>
An auto update tool is provided with ModSecurity but the provided repository does not seem to be as up to date as the spiderlabs link... at this writing time the modsecurity contains v2.2.5 where spiderlabs provides 2.2.6 ^^</div>
<div>
<br /></div>
<div>
The update tool "rules-updater.pl" is located in "util" directory. </div>
<br />
You can also simply update rules by extracting and overwriting content in /usr/local/src/modsecurity-crs<br />
<br />
<br />
<br />
<br />
<br />Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com8tag:blogger.com,1999:blog-4353161337668741389.post-60919285568303327192012-09-24T12:00:00.000+02:002013-02-19T20:23:13.831+01:00HowTo OpenELEC : Get the perfect Fusion XBMC Media Center with Zotac Nano XS AD11<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoDValg9VlJhMaL2BRRohJFtzgquWyXaiVU8PmY2eN0r4tqqlnLKRuVh39l6kh75pG5fqbmN56bX4HQ-XyMf5J3O7CmONg4mhNLlYGn-SlJjTQyA7pLsoNcc7hBO6j6VVCAjJ4RvXsYiR9/s1600/zotac_openelec.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="235" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoDValg9VlJhMaL2BRRohJFtzgquWyXaiVU8PmY2eN0r4tqqlnLKRuVh39l6kh75pG5fqbmN56bX4HQ-XyMf5J3O7CmONg4mhNLlYGn-SlJjTQyA7pLsoNcc7hBO6j6VVCAjJ4RvXsYiR9/s640/zotac_openelec.jpg" width="640" /></a></div>
<br />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><span style="color: #666666;"><b style="font-size: x-large;"><br /></b></span></i>
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><span style="color: #666666;"><b style="font-size: x-large;">*** Updated</b><b style="font-size: x-large;"> February 3, 2013 ***</b></span></i><br />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><span style="color: #666666;"><b style="font-size: x-large;"><br /></b></span></i>
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b>Major changes:</b></i>
<br />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b>02/03/2013</b></i><i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b> - Upgrade to OpenELEC 3.0 ^^</b></i><br />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b>10/17/2012 - Upgrade to first Stable 2.0 !!!</b></i><br />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b>10/14/2012 - Upgrade to Release Candidate 2 (RC2)</b></i><br />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b>10/07/2012 - Upgrade to Release Candidate 1 (RC1)</b></i><br />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b>10/03/2012 - UMA Frame Buffer Size recommendation updated</b></i><br />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b>10/02/2012 - Various corrections</b></i><br />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b>09/25/2012 - Initial Version</b></i><br />
<br />
<i><b>Edit 10/17/2012:</b></i><br />
<i><br />I strongly recommend using OpenELEC 3.0 for Fusion systems, it's very stable and cool ^^</i><br />
<i>See: </i><a href="http://openelec.tv/get-openelec/viewcategory/4-fusion-builds">http://openelec.tv/get-openelec/viewcategory/4-fusion-builds</a><br />
<br />
<br />
Zotac Zbox are well known Home Media Center PC, small, complete and powerful.<br />
<br />
In this post, i will expose a recent model based on AMD Fusion system and called "Zotac NANO XS AD11", associated with Openelec.<br />
<br />
Openelec is very good Linux based distribution for XBMC, it's very light, almost all is working out of the box and easy to install and configure.<br />
<br />
This box is very very small, incredibly small and has a good factory product, first let's some pictures of the animal ^^<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgO_74kYpK39Ne1_5pVtN_QSHlxuNKYvNuD5beJnkOxqvjiE0V4yKoxrthiutlKUh-qgFk2_AhRLGKz9zArONFTP-Yv8MoFTIsx2k5jPSjif-zYUVIsYQzx8vZ7scPsbB7CwDbOC1TsmVF6/s1600/zbox_nano_xs_ad11_plus_1.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="243" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgO_74kYpK39Ne1_5pVtN_QSHlxuNKYvNuD5beJnkOxqvjiE0V4yKoxrthiutlKUh-qgFk2_AhRLGKz9zArONFTP-Yv8MoFTIsx2k5jPSjif-zYUVIsYQzx8vZ7scPsbB7CwDbOC1TsmVF6/s320/zbox_nano_xs_ad11_plus_1.jpg" width="320" /></a><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhCPVE6b9QTiwko9VqNus3kECo9qlpaHwvITyL-PfrrU6zVzSdZQiRB9zUtu0abxEMQmksDYrnnlxlclzEKiiGip3z7uVW4NJS5wlXoXeVJvPf_Sn_mJFELo_0ofsw_HuQu43PfgvFn_5Vl/s1600/ZBOX+Nano+AD11.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="149" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhCPVE6b9QTiwko9VqNus3kECo9qlpaHwvITyL-PfrrU6zVzSdZQiRB9zUtu0abxEMQmksDYrnnlxlclzEKiiGip3z7uVW4NJS5wlXoXeVJvPf_Sn_mJFELo_0ofsw_HuQu43PfgvFn_5Vl/s200/ZBOX+Nano+AD11.JPG" width="200" /></a></div>
<br />
<br />
<br />
And to give you an idea of its size, let's compare it to a well know product! (Iphone 4)<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgLRqUR6WaJY170VJuWhimMKYPAHrWeY3VN8bf4zrisBQNFOFGYJlgpPuvmiv5NsAEZs-2qcuCVEFWwFORupLd1KxvaCdxZuykt3XFa8EqqgmtvS_LMckG1pZpEQhhiTJHbqL944ryjC8xn/s1600/photo.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgLRqUR6WaJY170VJuWhimMKYPAHrWeY3VN8bf4zrisBQNFOFGYJlgpPuvmiv5NsAEZs-2qcuCVEFWwFORupLd1KxvaCdxZuykt3XFa8EqqgmtvS_LMckG1pZpEQhhiTJHbqL944ryjC8xn/s400/photo.JPG" width="300" /></a></div>
<br />
<br />
As you can see, it is very, very small :-)<br />
<br />
The Zotac AD11 is provided with a Zotac MCE Remote control, an internal IR receiver and also an external USB IR receiver.<br />
<br />
The remote control is perfectly working out of the box under Openelec, no intervention required.<br />
<br />
Also, this device is provided with a USB Wireless interface, again working out of the box ^^<br />
<br />
Thanks to the great work of Openelec developers, Openelec will easily give us an XBMC installation working out of the box, and able to deal with any HD movie!<br />
<br />
Let's start!<br />
<br />
<br />
<span style="background-color: #fefdfa; color: #990000; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: medium;"><b>Summary of steps:</b> </span><br />
<div style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">
</div>
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<span style="color: #990000;"><b>Step 1: Configure UMA frame buffer size in UEFI</b></span><br />
<span style="color: #990000;"><b>Step 2: Install OpenELEC</b></span><br />
<span style="color: #990000;"><b> Step 2.1: Standard installation using media installator</b></span><br />
<span style="color: #990000;"><b> Step 2.2: Manual alternative installation method (example in dual boot with an other system) </b></span><br />
<span style="color: #990000;"><b>Step 3: Configure OpenELEC (Network, Video Options, Skin)</b></span><br />
<span style="color: #990000;"><b>Step 4: Configure your Media Library</b></span><br />
<span style="color: #990000;"><b>Step 5: Configure the sound</b></span><br />
<span style="color: #990000;"><b>Step 6: Zotac MCE Remote control</b></span><br />
<span style="color: #990000;"><b>Step 7: Optional - Opera addon - Integrated Web Browser</b></span><br />
<span style="color: #990000;"><b>Conclusion</b></span><br />
<span style="color: #990000;"><b>Memorandum</b></span><br />
<span style="color: #990000;"><b>FAQ</b></span><br />
<span style="color: #990000;"><br /></span>
<span style="color: #990000;"><br /></span>
<span style="color: #990000;"><br /></span>
<br />
<span style="color: #990000; font-size: large;"><b>Step 1: Configure UMA frame buffer size in UEFI</b></span><br />
<div>
<span style="color: #990000; font-size: large;"><b><br /></b></span></div>
<br />
First of all, we need to set a very important setting in Zotac EFI, if you don't you will get playback issue impossible to resolve in OpenELEC!<br />
<br />
<i><b>See: </b></i><br />
<a href="http://openelec.tv/forum/117-xvba-amd/45194-solved-zotac-ad11-playback-problems">http://openelec.tv/forum/117-xvba-amd/45194-solved-zotac-ad11-playback-problems</a><br />
<br />
<b>So, to set this:</b><br />
<br />
<ul>
<li>Power on the Zotac and access to UEFI by pressing SUPPR key at boot time</li>
<li>Go in screen "Chipset"</li>
<li>Set UMA at 1G (default is 256M, see Note above for more details)</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZpkDzZoTULAIdUISfA1bqtMqb2Ceesokfvq5DqLSE1NrcQFeSd3PUGdmQ8q4dEqKEd8i2Im2saKcV2-BsIvaLrJ_mO4aJvajLOovXEmXtrch-FMa1DNoEminS5A4Ae2S_Os3MEmQMCRhk/s1600/photo+1.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="99" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZpkDzZoTULAIdUISfA1bqtMqb2Ceesokfvq5DqLSE1NrcQFeSd3PUGdmQ8q4dEqKEd8i2Im2saKcV2-BsIvaLrJ_mO4aJvajLOovXEmXtrch-FMa1DNoEminS5A4Ae2S_Os3MEmQMCRhk/s320/photo+1.JPG" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgp6C-m63z0ZUgK8b_JNoEtHGFntBqf6K5Ha5fARumOZu2rHrto6xp9eTmC5gSNBGlW4sBE7aeDvxhYC9rVyjlpEvomdcjLX0BnTDTpIzeJbyj6bE-AleZ-Ihho-Gmc23u4gcdv411dBZkE/s1600/photo+2.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="153" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgp6C-m63z0ZUgK8b_JNoEtHGFntBqf6K5Ha5fARumOZu2rHrto6xp9eTmC5gSNBGlW4sBE7aeDvxhYC9rVyjlpEvomdcjLX0BnTDTpIzeJbyj6bE-AleZ-Ihho-Gmc23u4gcdv411dBZkE/s320/photo+2.JPG" width="320" /></a></div>
<br />
<br />
Save and reset.<br />
<br />
<i>Note: If you have enough Memory (let's beginning with 2GB), then setting UMA at 1GB is recommended to avoid any playback issue.</i><br />
<i>Still you can try with 512MB and update to 1GB in case of trouble.</i><br />
<i>See Peter's comments. (thanks to him!)</i><br />
<br />
<br />
<span style="color: #990000; font-size: large;"><b>Step 2: Install Openelec</b></span><br />
<br />
<span style="color: #990000;"><b><br /></b></span>
<span style="color: #990000;"><b>Step 2.1: Standard installation with media installator</b></span><br />
<div>
<span style="color: #990000; font-size: large;"><b><br /></b></span></div>
<div>
<i>Use this method if you don't plan to have multiboot on same device, with an other Linux installation as for example.</i></div>
<div>
<i>If you plan to have multiboot, go to "Step 2.2: Manual alternative method (Multiboot)</i></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
Installing Openelec is very easy and will be done a few steps.</div>
<br />
<br />
Don't hesitate to take a look at the main Wiki Openelec Website:<br />
<a href="http://wiki.openelec.tv/index.php?title=Main_Page">http://wiki.openelec.tv/index.php?title=Main_Page</a><br />
<br />
<b>Installation will be done in a few simple steps, described as bellow:</b><br />
<ol>
<li>Download Openelec installator and extract</li>
<li>Create your installation booting USB Key</li>
<li>Boot with your USB Key and install Openelec</li>
</ol>
<b><span style="color: #990000;"><br /></span></b>
<b><span style="color: #990000;">1. Download and extract Openelec</span></b><br />
<br />
Go to:<br />
<a href="http://openelec.tv/get-openelec">http://openelec.tv/get-openelec</a><br />
<br />
Look for the section "FUSION Builds' and download the last version, i recommend you to use the last version even if still considered as Beta.<br />
<br />
<b><i>Note:</i></b> You have to choose between PVR version and non PVR version, if you want to know the difference, PVR means Personal Video Recorder and is used to access to Live TV systems.<br />
Even if you don't have any PVR, choosing the version with PVR won't change anything, so don't worry too much.<br />
<br />
Openelec is provided as a Bz2 compressed Tar archive, on Linux desktop environments, you can easily extract here with a right click / Extract Here, or use the command line in Terminal:<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333; font-size: 13px; line-height: 19px;"><span class="mw-headline"><span class="mw-headline" style="font-family: inherit;"><span class="mw-headline" style="background-color: white;">$ tar -xjf </span></span></span></span><span style="color: #333333;"><span style="line-height: 19px;">OpenELEC_PVR-Fusion</span></span><span style="background-color: transparent; color: #333333; font-size: 13px; line-height: 19px;">*.tar.bz2</span></pre>
<div>
<span style="line-height: 19px;"><br /></span></div>
For windows Users, i recommend you to download and install 7zip (freeware), it will be able to extract files with no issues.<br />
<br />
<br />
<span style="color: #990000;"><b>2. Create your USB installation key</b></span><br />
<br />
<b>For Linux Users:</b><br />
<br />
Insert your USB Key and go to the extracted Directory, identify your device name. (you can use the "mount" command to do it, usually your USB key should /dev/sdb)<br />
<br />
<b>Then execute the provided script:</b><br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333; font-size: 13px; line-height: 19px;"><span class="mw-headline"><span class="mw-headline" style="font-family: inherit;"><span class="mw-headline" style="background-color: white;">$ </span></span></span></span><span style="background-color: transparent; line-height: 19px;"><span style="color: #333333;">sudo ./create_installstick /dev/sdb</span></span></pre>
<div>
<span style="background-color: transparent; color: #333333; font-size: 13px; line-height: 19px;"><br /></span></div>
<div>
See the following Wiki page if you need more help:<br />
<a href="http://wiki.openelec.tv/index.php?title=Installing_OpenELEC_on_HTPCs_with_LINUX_(Part_1)">http://wiki.openelec.tv/index.php?title=Installing_OpenELEC_on_HTPCs_with_LINUX_(Part_1)</a> </div>
<div>
<span style="background-color: transparent; color: #333333; font-size: 13px; line-height: 19px;"><br /></span></div>
<br />
<b>For Windows Users:</b><br />
<br />
Inset your USB Key and launch "create_installstick.exe".<br />
See:<br />
<a href="http://wiki.openelec.tv/index.php?title=Installing_OpenELEC_on_HTPCs_via_Windows_(Part_1)">http://wiki.openelec.tv/index.php?title=Installing_OpenELEC_on_HTPCs_via_Windows_(Part_1)</a><br />
<br />
<br />
<b>For Mac OS X Users:</b><br />
<br />
See:<br />
<a href="http://wiki.openelec.tv/index.php?title=Installing_OpenELEC_on_HTPC%27s_with_Mac_OS_X_(Part_1)">http://wiki.openelec.tv/index.php?title=Installing_OpenELEC_on_HTPC%27s_with_Mac_OS_X_(Part_1)</a><br />
<br />
<br />
<br />
<span style="color: #990000;"><b>3. Boot with USB Key and install Openelec in your internal device</b></span><br />
<div>
<span style="color: #990000;"><b><br /></b></span></div>
<br />
Real simple, just boot with your USB Key connected. (if it fails then your first boot device may not be the USB key, enter the UEFI and force boot to the USB Key)<br />
<br />
<i>If you need help, see:</i><br />
<a href="http://wiki.openelec.tv/index.php?title=Installing_OpenELEC_on_HTPC%27s_Part_2_for_all_OS">http://wiki.openelec.tv/index.php?title=Installing_OpenELEC_on_HTPC%27s_Part_2_for_all_OS</a><br />
<br />
SSH: I recommend to activate SSH when asked by installator<br />
<br />
<i>Note</i>: You can also manually install OpenELEC if you plan to use it in Multiboot with other OS.<br />
I won't cover it here. <br />
<br />
<br />
<br />
<span style="color: #990000;"><b>Step 2.2: Manual alternative installation method (Multiboot)</b></span><br />
<span style="color: #990000;"><b><br /></b></span>
<span style="color: #990000;"><b><br /></b></span>
<span style="color: #990000;"><b>1. Install your system(s) and set your partitioning </b></span><br />
<span style="color: #990000;"><b><br /></b></span>
<i>Use this installation method if you plan to have Multiboot.</i><br />
<i>I recommend you to install first systems you are planning to use on same device, let enough space free on your internal Volume for 2 OpenELEC partitions. (which can be logical partitions and not primary)</i><br />
<i><br /></i>
<b>Partitioning example with an other Linux Installation (adapt to your needs or preferences):</b><br />
<b><br /></b>
Internal Volume is called "/dev/sda":<br />
<br />
<ul>
<li>/dev/sda1: Main root ("/") partition for system 1</li>
<li>/dev/sda2: Logical main partition</li>
<li>/dev/sda5: Home ("/home") parttion for system 1</li>
<li>/dev/sda6: Swap partition for system 1</li>
<li>/dev/sda7: System partition for OpenELEC</li>
<li>/dev/sda8: Data partition for OpenELEC</li>
</ul>
<br />
<i>When installation your first system, ensure to let enough space for your OpenELEC installation, the system partition does not requires much spaces. (256MB or 512MB will be largely enough)</i><br />
<i>Requirement for Data partition depends on you, if you have enough space set something like 8GB.</i><br />
<div>
<span style="color: #990000;"><b><br /></b></span></div>
<br />
I recommend to use "gparted" when your are running your first system to create required partitions for OpenELEC.<br />
<br />
Create 2 ext4 partitions with labels (labels are required, don't miss it) "OE_SYSTEM" and "OE_DATA".<br />
<br />
Mount the OE_SYSTEM partition in your active Linux.<br />
<br />
<br />
<span style="color: #990000;"><b>2. Extract OpenELEC and set your boot loader </b></span><br />
<br />
<br />
<ul>
<li>Download from OpenELEC site the last version and extract it. (using your desktop or the command "tar -xvjf <openelec archive" in command line)</li>
</ul>
<ul>
<li>Copy files contained in "target" directory to the OE_SYSTEM partition you have previously mounted</li>
</ul>
<div>
<ul>
<li>Edit the grub customize file and add your section for OpenELEC:</li>
</ul>
<div>
<i><b>Adapt to your set up, in my example case:</b></i></div>
</div>
<div>
<br /></div>
<div>
<i>/etc/grub.d/40_custom</i></div>
<div>
<pre style="background-color: #f9f9f9; border: 1px dashed rgb(47, 111, 171); color: #333333; font-size: 13px; line-height: 18px; padding: 1em;"><span style="line-height: 14px;">menuentry "OpenELEC" {
set root=(hd0,7)
linux /KERNEL boot=/dev/sda7 disk=/dev/sda8 quiet
}</span></pre>
</div>
<br />
<br />
And update grub:<br />
<br />
<pre style="background-color: #f9f9f9; border: 1px dashed rgb(47, 111, 171); color: #333333; font-size: 13px; line-height: 18px; padding: 1em;"><span style="line-height: 14px;">$ sudo update-grub</span></pre>
<br />
<br />
<b>Note: </b><br />
<i><br /></i>
<i>To easily manager your Grub boot loader (changing order and so on), i advise you to install grub-customizer:</i><br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); color: #333333; font-size: 13px; line-height: 18px; padding: 1em;"><span style="line-height: 14px;">sudo add-apt-repository ppa:danielrichter2007/grub-customizer && sudo apt-get update && sudo apt-get install -y grub-customizer</span></pre>
<br />
<br />
<br />
Your OpenELEC installation is ready to be started, just reboot and choose OpenELEC at boot time. (which you should choose as default)<br />
<br />
<br />
<br />
<span style="color: #990000; font-size: large;"><b>Step 3: Configure OpenELEC and customize XBMC</b></span><br />
<div>
<span style="color: #990000; font-size: large;"><b><br /></b></span></div>
<b><span style="color: #990000;">First, learn how to access to OpenELEC OS Setting:</span></b><br />
<br />
<i><b>If you have Confluent theme</b>, Go to Parameters, scroll down and select sub menu "OpenELEC":</i><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgocwBVTex2jvvFsslBfVsCc_8ySOpJTw5Eziqvb24lqS7WBpDRQt5WYMEg6GRmyNBDnGiZV6_jMPhFupCnrsxW7iVgRgs0tMQxsyYuVmr2aeI3haj8QI1bHn-NVEAHbgmt01IAfSxv-sU5/s1600/screenshot003.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgocwBVTex2jvvFsslBfVsCc_8ySOpJTw5Eziqvb24lqS7WBpDRQt5WYMEg6GRmyNBDnGiZV6_jMPhFupCnrsxW7iVgRgs0tMQxsyYuVmr2aeI3haj8QI1bHn-NVEAHbgmt01IAfSxv-sU5/s640/screenshot003.png" width="640" /></a></div>
<br />
<br />
<i><b>With other themes</b>, you have can go to "Addon" or Parameters > Addon, then you may have to scroll up upon "Program Addon" then "OpenELEC OS Settings":</i><br />
<i><br /></i>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgunUDZAJoGQRehNtFto0CBqzE18byBGiObmugOL5sWb2P_BNRncsYo8c8wJAdwgm6bNEcqq85I5n0CpIKHR5TPp2qEwrQWZw3rp6qtHNeD_AUXPVWJMIm9Yv-0upaT-GrQK0-DSU4ZyKC4/s1600/screenshot014.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgunUDZAJoGQRehNtFto0CBqzE18byBGiObmugOL5sWb2P_BNRncsYo8c8wJAdwgm6bNEcqq85I5n0CpIKHR5TPp2qEwrQWZw3rp6qtHNeD_AUXPVWJMIm9Yv-0upaT-GrQK0-DSU4ZyKC4/s640/screenshot014.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiO-F1loPn0BEhVQxNAHQcCkEIZRmMvHXWVuBOa7VW26cBXd7v1gtOCGyR7MN6gprvRFXthUVWyjYLvoqJIEYaHQoPu-goumnC-I5KOIksFWHgIeeSXHrFKA6Tw6eKScPUjayKe5Bshigs5/s1600/screenshot009.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiO-F1loPn0BEhVQxNAHQcCkEIZRmMvHXWVuBOa7VW26cBXd7v1gtOCGyR7MN6gprvRFXthUVWyjYLvoqJIEYaHQoPu-goumnC-I5KOIksFWHgIeeSXHrFKA6Tw6eKScPUjayKe5Bshigs5/s640/screenshot009.png" width="640" /></a></div>
<br />
<br />
<br />
<span style="color: #990000;"><b>Set up your language</b></span><br />
<span style="color: #990000;"><b><br /></b></span>
<i>To configure your language, Go to Parameters > Appearence:</i><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYiZhaRZ8MwKGWSDIv6xckKGWQp-JrQ23OaIsCpl8owC00Cl4M3f8GbOdiIwCofSeftSgNEndgeztP-grkqyTCH1nOe_DGrEfCI51-M47J9m4CJj7ALvpoPUQxkh0EDHx8hWDmpducn40W/s1600/screenshot004.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYiZhaRZ8MwKGWSDIv6xckKGWQp-JrQ23OaIsCpl8owC00Cl4M3f8GbOdiIwCofSeftSgNEndgeztP-grkqyTCH1nOe_DGrEfCI51-M47J9m4CJj7ALvpoPUQxkh0EDHx8hWDmpducn40W/s640/screenshot004.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<i>You may also need to configure your keyboard layout, Go to OpenELEC OS Settings, you have to reboot for this to be applied:</i><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipzIeXWQaGznsdVydIOGQysko8dx_mMChDU-OZovPwDUN7zyX5zGVh8qby_MXxTH5JDsDxXf60eVJ-kNM_jlMfS3Au33utF_MWU8CEgh02mtr35GMFhxEsyxjJ-HR7sL1CPCITB4zsnN8p/s1600/screenshot011.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipzIeXWQaGznsdVydIOGQysko8dx_mMChDU-OZovPwDUN7zyX5zGVh8qby_MXxTH5JDsDxXf60eVJ-kNM_jlMfS3Au33utF_MWU8CEgh02mtr35GMFhxEsyxjJ-HR7sL1CPCITB4zsnN8p/s640/screenshot011.png" width="640" /></a></div>
<br />
<br />
<span style="color: #990000; font-size: large;"><b>Configure your Network:</b></span><br />
<br />
<b><span style="color: #990000;">Wired Connection</span></b><br />
<br />
If you are using your local wired connection (always recommended, more powerful and stable than any Wireless connection).<br />
<br />
OpenELEC uses DHCP by default, so if you have a DHCP sever enabled in your Network (any ISP Box usually have one), you don't have nothing to do.<br />
<br />
<i>Note: If you don't know it already, DHCP will automatically set IP configuration of your devices connected to your Network</i><br />
<br />
Therefore, you can if you prefer set a fix IP Address, go to OpenELEC OS settings<br />
<br />
<b><span style="color: #990000;">Wireless Connection</span></b><br />
<br />
You may also want to use a wireless connection, the USB Wireless device provided works out of the Box, so just go to OpenELEC OS Settings.<br />
<br />
<b>You have to know:</b><br />
<ul>
<li>Your Wireless SSID (eg the name of your Wireless Network)</li>
<li>Your Wireless Encryption mode, WEB or WPA</li>
<li>Your encryption Key</li>
</ul>
<div>
<br />
Also, note that the name of your Wireless interface should be "wlan0".</div>
<div>
<br /></div>
<div>
<i>Example of configuration:</i></div>
<div>
<i><br /></i></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJMmEOzD48mKlQJkG16OYx6fSlcPdaDcStcXuLC2w3wk1rxstsM4ykohRAhTxR9nrpEQ96bdo53xEKnx_jwwm1TlmEisywhcLURaxExBHNVPIccEiO-jidOl03e3NRb3N8MVTtRYiVZ8gv/s1600/screenshot013.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJMmEOzD48mKlQJkG16OYx6fSlcPdaDcStcXuLC2w3wk1rxstsM4ykohRAhTxR9nrpEQ96bdo53xEKnx_jwwm1TlmEisywhcLURaxExBHNVPIccEiO-jidOl03e3NRb3N8MVTtRYiVZ8gv/s640/screenshot013.png" width="640" /></a></div>
<div>
<br /></div>
<div>
<br /></div>
<br />
<span style="color: #990000;"><b>Check your Network connection status</b></span><br />
<b><br /></b>
<i>Go to Parameters, scroll back and select sub-menu "System Information":</i><br />
<b><br /></b>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjj_gKxkjS7m-nfdLGoF3c1eJS7hA5jB7gORlNj9oYPQDdWKS9VoolTp8km8vXqdtz3SgL6GVwotC7F0k8LouyyMmCqN4bwn_azj0cqun48K15oj4vqc1I1H116o02p13XaJ7R4ZZNruGkb/s1600/screenshot015.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjj_gKxkjS7m-nfdLGoF3c1eJS7hA5jB7gORlNj9oYPQDdWKS9VoolTp8km8vXqdtz3SgL6GVwotC7F0k8LouyyMmCqN4bwn_azj0cqun48K15oj4vqc1I1H116o02p13XaJ7R4ZZNruGkb/s640/screenshot015.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj8mfmcn5Z8ghMogD_I5sFzPyCf0jeK51eBpnfNQL9Wd6kECsms83mz9Vxgo9ZaYb9eQ7k55VHG_YuFZFmqljwtxhvJBiFAWWGzH1tUMsIikL0lKQpvq64h8A0cfEGbxYt9QSBcGEmpNc42/s1600/screenshot016.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj8mfmcn5Z8ghMogD_I5sFzPyCf0jeK51eBpnfNQL9Wd6kECsms83mz9Vxgo9ZaYb9eQ7k55VHG_YuFZFmqljwtxhvJBiFAWWGzH1tUMsIikL0lKQpvq64h8A0cfEGbxYt9QSBcGEmpNc42/s640/screenshot016.png" width="640" /></a></div>
<b><br /></b>
<b><br /></b>
<br />
<b><br /></b>
<br />
<span style="color: #990000; font-size: large;"><b>Configure Video Playback options:</b></span><br />
<br class="Apple-interchange-newline" />
<br />
<b>Configuration advises:</b><br />
<br />
<ul style="background-color: #fefdfa; color: #333333; line-height: 19px; list-style-image: initial; list-style-position: initial; margin: 0.5em 0px; padding: 0px 2.5em;">
<li style="border: none; margin: 0px 0px 0.1em; padding: 0.25em 0px;"><span style="font-family: inherit;"><b>In System->Settings->System->Video Settings:</b></span></li>
</ul>
<div style="background-color: #fefdfa; color: #333333; line-height: 19px; margin-bottom: 0.5em; margin-top: 0.4em;">
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">- Vertical Sync: Always on</span></div>
<div style="background-color: #fefdfa; color: #333333; line-height: 19px; margin-bottom: 0.5em; margin-top: 0.4em;">
<span style="font-family: inherit;"><br /></span></div>
<ul style="background-color: #fefdfa; color: #333333; line-height: 18px; list-style-image: initial; list-style-position: initial; margin: 0.5em 0px; padding: 0px 2.5em;">
<li style="border: none; margin: 0px 0px 0.1em; padding: 0.25em 0px;"><span style="font-family: inherit;"><b>In System ->Video->Playback:</b></span></li>
</ul>
<div style="background-color: #fefdfa; color: #333333; line-height: 18px; margin-bottom: 0.5em; margin-top: 0.4em;">
<span style="font-family: inherit;"><br />- XVBA: On</span><br />
<span style="font-family: inherit;">- Adjust Refreshrate to match video: On</span><br />
<span style="font-family: inherit;">- Sync Playback to Display: On</span><br />
<span style="font-family: inherit;">- Sync Method: Video Clock (Drop/Dupe)</span></div>
<br />
<br />
<br />
<br />
<b><span style="color: #990000; font-size: large;">Configure your skin</span></b><br />
<br />
<br />
By default XBMC is provided with the Skin "Confluence" with is good enough but you may really appreciate to take a look at others skins.<br />
<br />
<b>I would recommend 2 skins in particular:</b><br />
<br />
- AEON NOX<br />
- NEON<br />
<br />
Let's give a try to Aeon Nox :-)<br />
<br />
<div>
<span style="color: #990000;"><b><br /></b></span></div>
<div>
<i>Go to Parameters, Skins:</i></div>
<div>
<i><br /></i></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhOZFTY8nSQ0MFu-6PT97m2fkiOKqtkkovcU24sMvBpydTdyMY0JHwnd8Rib_9yUhsHJAPRXw2rmjFcwXImW65aBKxYOSpk7aQKVARZ3DqQn_IyDR69YXV7Kl2w3wSvcyyOfIRUwa9KuOfH/s1600/screenshot005.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhOZFTY8nSQ0MFu-6PT97m2fkiOKqtkkovcU24sMvBpydTdyMY0JHwnd8Rib_9yUhsHJAPRXw2rmjFcwXImW65aBKxYOSpk7aQKVARZ3DqQn_IyDR69YXV7Kl2w3wSvcyyOfIRUwa9KuOfH/s640/screenshot005.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg6ruQL9PCrgsFU-gIx40JdEOQF7seEpR9OMlGWISYtQag8hAf-PROvdx5QT_ts5yeN4lQAshGR8_9nZxfaBtsuxVvn3uYTRw4NNeTU4VB40OyrfGVgaeu_DIddvQpwvpzGOAaiONZ20fD0/s1600/screenshot006.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg6ruQL9PCrgsFU-gIx40JdEOQF7seEpR9OMlGWISYtQag8hAf-PROvdx5QT_ts5yeN4lQAshGR8_9nZxfaBtsuxVvn3uYTRw4NNeTU4VB40OyrfGVgaeu_DIddvQpwvpzGOAaiONZ20fD0/s640/screenshot006.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgMnxey9w575r_EWOukqemDXV0gkbFVURrtInWW3DGJfhCSe-x5j0PPvbJZJtYqaM7yYYkMBXUyYEe3uX4AEZ1cz95jZEXdtfH8AN1lHbbiCYoZVJ9qtWmw1pCf6XH3vN8kxJP_z7BVuLLY/s1600/screenshot007.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgMnxey9w575r_EWOukqemDXV0gkbFVURrtInWW3DGJfhCSe-x5j0PPvbJZJtYqaM7yYYkMBXUyYEe3uX4AEZ1cz95jZEXdtfH8AN1lHbbiCYoZVJ9qtWmw1pCf6XH3vN8kxJP_z7BVuLLY/s640/screenshot007.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh2obBM4twMkV1ngleaqBM2wkimZV7X1wHGRtSdVAkIkFd91UBh50wE8LCQ0Du630iwJvsKZB5Q3GQAcxzAHAbkL2PQ5EaPrSBjPi4gkPZMdxHTfXsTKeen7THE2A0BHSXM5E-m5P9hk97w/s1600/screenshot008.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh2obBM4twMkV1ngleaqBM2wkimZV7X1wHGRtSdVAkIkFd91UBh50wE8LCQ0Du630iwJvsKZB5Q3GQAcxzAHAbkL2PQ5EaPrSBjPi4gkPZMdxHTfXsTKeen7THE2A0BHSXM5E-m5P9hk97w/s640/screenshot008.png" width="640" /></a></div>
<br />
<br />
<br />
<br />
<span style="color: #990000; font-size: large;"><b>Step 4: Configure your Media Library</b></span><br />
<br />
First of all, OpenELEC will automatically be able to access to any device you will connect (external Hard Drive, USB keys...) and also able to access to any shared in your Network.<br />
<br />
So do not worry about statically mounting your volumes in OpenELEC, this is not required.<br />
<br />
<b>Take a look on my older post, Step 9:</b><br />
<a href="http://youresuchageek.blogspot.fr/2012/06/xbmc-install-and-config-howto-for-linux.html">http://youresuchageek.blogspot.fr/2012/06/xbmc-install-and-config-howto-for-linux.html</a><br />
<br />
Everything will be explained on how you can set up your Media Library.<br />
<br />
<br />
<br />
<span style="color: #990000; font-size: large;"><b>Step 5: Configure the sound</b></span><br />
<div>
</div>
<br />
The Zotac AD11 is provided with a combo Jack / Optical connection (in front of the device) usable with an adapter, in addition with the HDMI connection, you have 3 possibilities:<br />
<br />
<ul>
<li>Analogical using jack</li>
<li>Numerical using HDMI</li>
<li>Numerical using SPDIF</li>
</ul>
<br />
<i><b>For information, here is the "aplay" output on Zotac AD11, you can see here the 3 interfaces:</b></i><br />
<pre style="background-color: #f9f9f9; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 14px;">**** List of PLAYBACK Hardware Devices ****
card 0: Generic [HD-Audio Generic], device 3: HDMI 0 [HDMI 0]
Subdevices: 1/1
Subdevice #0: subdevice #0
card 1: SB [HDA ATI SB], device 0: ALC892 Analog [ALC892 Analog]
Subdevices: 1/1
Subdevice #0: subdevice #0
card 1: SB [HDA ATI SB], device 1: ALC892 Digital [ALC892 Digital]
Subdevices: 1/1
Subdevice #0: subdevice #0</span></span><span style="color: #333333; font-size: 13px; line-height: 14px;">
</span></pre>
<div>
<br /></div>
<br />
I had some issues with the classic way of configuring sound in OpenELEC (using asound.conf) but this may depends on your configuration and hardware capacity. (capable DTS receiver and so on)<br />
<br />
<b>I would recommend using the following method which works perfectly.</b><br />
<br />
<i>Note: If you don't have sound in menu, set also the asound.conf file (see Memorandum at the end this post), the system will use default pcm value for system sounds.</i><br />
<br />
<br />
<b><span style="color: #990000;">FOR HMDI:</span></b><br />
<br />
<i>Sound output through HDMI, your TV is connected to your sound system through optical</i><br />
<i>Adapt to your hardware capacity: 2.0, 5.1 speakers, AC3/DTS capable...</i><br />
<br />
<b>Audio output = Optical or HDMI (try both)</b><br />
<b>Speaker configuration = 5.1</b><br />
<b><br /></b>
<b>Audio output device = Custom</b><br />
<b>Custom audio device = plughw:0,3</b><br />
<b><br /></b>
<b>Passthrough output device = plughw:0,3</b><br />
<br />
<b>Activate or Deactivate AC3, DDS...depending on your hardware</b><br />
<br />
<br />
<b><span style="color: #990000;">FOR SPDIF:</span></b><br />
<br />
<i>Sound output from SPDIF, your sound system is connected directly to your htpc using optical connection</i><br />
<i>Adapt to your hardware capacity: 2.0, 5.1 speakers, AC3/DTS capable...</i>
<br />
<br />
<b>Audio output = Optical</b><br />
<b>Speaker configuration = 5.1</b><br />
<b><br /></b>
<b>Audio output device = Custom</b><br />
<b>Custom audio device = plughw:1,1</b><br />
<b><br /></b>
<b>Passthrough output device = plughw:1,1</b><br />
<br />
<br />
<b>Activate or Deactivate AC3, DDS...depending on your hardware</b><br />
<br class="Apple-interchange-newline" />
<br />
<br />
<span style="color: #990000; font-size: large;"><b>Step 6: Zotac Remote control</b></span><br />
<div>
</div>
<br class="Apple-interchange-newline" />
<br />
Zotac AD11 is delivered with a small MCE remote control, and both an internal IR Receiver and external USB IR Receiver.<br />
<br />
Fortunately, this remote works perfectly fine out of the Box in OpenELEC.<br />
<br />
I would recommend you not to use the external USB IR Receiver because its quality (in my opinion) is very cheap and does not work as good as the Internal IR.<br />
<br />
Therefore, if you want to use it anyway, you have to deactivate the Internal IR Receiver to avoid repeating keys in OpenELEC. (Go in UEFI)<br />
<br />
<br />
<br />
<span style="color: #990000; font-size: large;"><b>Step 7: Optional - Opera Addon - Integrated Web Browser</b></span><br />
<div>
</div>
<br class="Apple-interchange-newline" />
If you want to get a Web Browser inside your OpenELEC installation, take a look at:<br />
<br />
<a href="http://dl.dropbox.com/u/8224157/OpenELEC-Ultra/opera/final/index.html">http://dl.dropbox.com/u/8224157/OpenELEC-Ultra/opera/final/index.html</a><br />
<br />
<br />
Thanks to his great work, you'll get a full operational Opera Web Browser ^^<br />
<br />
<br />
<span style="color: #990000; font-size: large;"><b>Conclusion:</b></span><br />
<br class="Apple-interchange-newline" />
<br />
If you are looking for an XBMC Media Center Fusion solution working out the box within a few minutes, then OpenELEC is definitively the solution for you.<br />
<br />
This is a very great work from OpenELEC guys!<br />
<br />
<br />
<br />
<br />
<br />
<span style="color: #990000; font-size: large;"><b>Memorandum:</b></span><br />
<br />
<ul>
<li><b>Traditional to configure your sound output using file "asound.conf":</b></li>
</ul>
<div>
<b style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">Navigate with your computer inside your network. (Under Linux and Windows, navigate to Network)</b><br />
<span style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">You should see a new host called "OPENELEC", go inside (no authentication required) and go to the share called "Configfiles"</span>
</div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQm6o_0dQzCRrgFYCpSLN90Er0RpcbtSQW_69Iuq5SWrJGyavdvzj2tXmV1lNTNxdVDxLX8ir8gKWDr-lzABSwiuiPjaKz004oHe1Epr0KqtxZrlUXV_WrE6BAsHkp1vn37Lka6eLHZ5sz/s1600/screen1.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="190" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQm6o_0dQzCRrgFYCpSLN90Er0RpcbtSQW_69Iuq5SWrJGyavdvzj2tXmV1lNTNxdVDxLX8ir8gKWDr-lzABSwiuiPjaKz004oHe1Epr0KqtxZrlUXV_WrE6BAsHkp1vn37Lka6eLHZ5sz/s640/screen1.jpg" width="640" /></a></div>
<br />
<span style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">Create a blank file called "asound.conf" and put the following content, depending on your choice:</span>
<br />
<span style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><br /></span>
<b style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">asound.conf:</b><br />
<pre style="background-color: #f9f9f9; border: 1px dashed rgb(47, 111, 171); color: #333333; font-size: 13px; line-height: 18px; padding: 1em;"><span style="line-height: 14px;">pcm.dmixer {
type dmix
ipc_key 1024
ipc_key_add_uid false
ipc_perm 0660
slave {
pcm "hw:0,3" #HDMI, defaults to 48000 kHz
channels 2
period_size 1024
buffer_size 4096
}
}
pcm.!default {
type plug
slave.pcm "dmixer"
}</span></pre>
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<b style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">Configuration in XBMC: Parameters, System, Sound configuration</b><br />
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<span style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">Audio output = HDMI</span><br />
<span style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">Speaker configuration = 5.1</span><br />
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<span style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">Audio output device = Custom</span><br />
<span style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">Custom audio device = plug:dmixer</span><br />
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<span style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">Passthrough output device = hdmi (alsa)</span><br />
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">Note: You may need to adapt this to your configuration, if you don't have a 5.1 sound system choose 2.0, if don't have DTS decoder uncheck it, and so...</i><br />
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<b style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><span style="color: #990000;">For Digital sound through SPDIF:</span></b><br />
<b style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><span style="color: #990000;"><br /></span></b><span style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"></span><b style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">asound.conf:</b><br />
<pre style="background-color: #f9f9f9; border: 1px dashed rgb(47, 111, 171); color: #333333; font-size: 13px; line-height: 18px; padding: 1em;"><span style="line-height: 14px;">pcm.dmixer {
type dmix
ipc_key 1024
slave {
pcm "hw:1,1"
period_time 0
period_size 1024
buffer_size 8192
rate 48000
}
bindings {
0 0
1 1
}
}
pcm.!default {
type plug
slave.pcm "dmixer"
}</span></pre>
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<b style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">Configuration in XBMC: Parameters, System, Sound configuration</b><br />
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<span style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">Audio output = Optical</span><br />
<span style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">Speaker configuration = 5.1</span><br />
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<span style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">Audio output device = Custom</span><br />
<span style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">Custom audio device = plug:dmixer</span><br />
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<span style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">Passthrough output device = plug:dmixer</span><br />
<br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;" />
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">Note: You may need to adapt this to your configuration, if you don't have a 5.1 sound system choose 2.0, if don't have DTS decoder uncheck it, and so...</i><span style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"> </span>
<br />
<br />
<br />
<br />
<br />
<span style="color: #990000; font-size: large;"><b>FAQ:</b></span><br />
<div>
<br /></div>
<div>
<br /></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<i><b>Feel Free to comment!</b></i><br />
<br />
<br />Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com67tag:blogger.com,1999:blog-4353161337668741389.post-45916016082350827592012-09-16T00:31:00.002+02:002013-04-05T00:40:09.947+02:00Howto Raspberry Pi : OpenELEC on Raspberry Pi, get a great XBMC experience on your Raspberry Pi<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGYdmqEr6NuUmQO4iRGpaboz6wqVsx5GfXAN7DKlHFSpy9P-14QLMtl6JixncKLfygW3690f5GFNqDmlmZ2ToSx2hfMXn_-r69_ApHi6XnuRv0MpSrr5pe_HYHyf9wmvhT0UOoCielky46/s1600/openelec_raspberry.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="380" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGYdmqEr6NuUmQO4iRGpaboz6wqVsx5GfXAN7DKlHFSpy9P-14QLMtl6JixncKLfygW3690f5GFNqDmlmZ2ToSx2hfMXn_-r69_ApHi6XnuRv0MpSrr5pe_HYHyf9wmvhT0UOoCielky46/s640/openelec_raspberry.jpg" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<i><b><br /></b></i>
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><span style="color: #666666;"><b style="font-size: x-large;">*** Updated</b><b style="font-size: x-large;"> April 5 2013 ***</b></span></i><br />
<i><b><br /></b></i>
<i><b>Major changes:</b></i><br />
<br />
<i>04/05/2013 - Remote control section update, mention about CEC</i><br />
<i>03/16/2013 - New advancedsettings.xml version</i><br />
<i>03/05/2013 - overclocking correction</i><br />
<i>02/11/2013 - Advancedsettings.xml corrections</i><br />
<i>01/18/2013 - Major review: Download location, SSH activation, Themes locations...</i><br />
<i>12/03/2012 - Rpi 512MB update / Recommended Build</i><br />
<i>13/11/2012 - Overclock corruption workarounds, Last build test, note about missing videos when used as client of main XBMC</i><br />
<i>23/10/2012 - Image builds location changed / Add link to upgrade script as alternative</i><br />
<i>10/15/2012 - Recommended "stable" build</i><br />
<i>11/09/2012 - Update Backup & Restore</i><br />
<i>10/09/2012 - Update issue amendment</i><br />
<i>09/29/2012 - Add Verified Wireless section</i><br />
<i>09/28/2012 - Add a conservative mode in case of constant corruption</i><br />
<i>09/26/2012 - Turbo Mode data corruption workaround</i><br />
<i>09/24/2012 - New Turbo mode</i><br />
<i>09/21/2012 - Add memorandum section</i><br />
<i>09/21/2012 - Fit to screen correction and turbo mode announcement</i><br />
<i>09/20/2012 - Fit to screen section</i><br />
<i>09/19/2012 - Add backup / restore section</i><br />
<i>09/18/2012 - Add upgrade section - Add recommended themes</i><br />
<i>09/16/2012 - First version</i><br />
<i><b><br /></b></i>
<i><b><br /></b></i>
<i><b><br /></b></i>
<br />
<span style="color: #990000; font-size: large;">The Goal: </span><br />
<br />
Get a fully functional XBMC Media Center on Raspberry Pi !<br />
<br />
The Raspberry Pi is a very cheap and interesting small computer created by the Raspberry foundation for educational purposes.<br />
<br />
Therefore, it comes with a GPU able to decode HD Video, a great community works on this device and allow us today to use it as a real XBMC Media Center.<br />
<br />
<br />
<span style="color: #990000; font-size: large;">Major sources: </span><br />
<div>
<br /></div>
<div>
To help you setting up Openlec on your Raspberry Pi, don't hesitate to take a look at following pages:</div>
<br />
<b>My others XBMC related posts and guides:</b><br />
<a href="http://youresuchageek.blogspot.fr/search/label/XBMC">http://youresuchageek.blogspot.fr/search/label/XBMC</a><br />
<br />
<b>OpenELEC Raspberry Pi FAQ:</b><br />
<a href="http://openelec.tv/forum/124-raspberry-pi/40979-raspberry-pi-faq">http://openelec.tv/forum/124-raspberry-pi/40979-raspberry-pi-faq</a><br />
<br />
<b>OpenELEC WIKI for Raspberry Pi:</b><br />
<a href="http://wiki.openelec.tv/index.php?title=Building_and_Installing_OpenELEC_for_Raspberry_Pi">http://wiki.openelec.tv/index.php?title=Building_and_Installing_OpenELEC_for_Raspberry_Pi</a><br />
<br />
<b>OpenELEC Forum for Raspberry Pi: </b><i><b>If you have any issue, this is the place to go!</b></i><br />
<a href="http://openelec.tv/forum/124-raspberry-pi">http://openelec.tv/forum/124-raspberry-pi</a><br />
<br />
<b>Official XBMC Website and Forum:</b><br />
<a href="http://xbmc.org/">http://xbmc.org/</a><br />
<a href="http://forum.xbmc.org/">http://forum.xbmc.org/</a><br />
<br />
<b>eLinux.org full description of available advanced values for Raspberry Pi:</b><br />
<div>
<a href="http://elinux.org/RPi_config.txt">http://elinux.org/RPi_config.txt</a></div>
<div>
<br />
<b>Raspberry Official Site and Forum:</b><br />
<a href="http://www.raspberrypi.org/">http://www.raspberrypi.org/</a><br />
<a href="http://www.raspberrypi.org/phpBB3/">http://www.raspberrypi.org/phpBB3/</a><br />
<br /></div>
<div>
<b>Interesting posts for Raspberry Pi:</b></div>
<div>
<a href="http://mrpfister.com/journal/setting-up-openelec-on-the-raspberry-pi/">http://mrpfister.com/journal/setting-up-openelec-on-the-raspberry-pi/</a></div>
<div>
<a href="http://mymediaexperience.com/raspberry-pi-xbmc-with-raspbmc/">http://mymediaexperience.com/raspberry-pi-xbmc-with-raspbmc/</a></div>
<br />
<br />
<br />
<span style="color: #990000; font-size: large;">Summary of steps: </span><br />
<div>
</div>
<br />
<span style="color: #990000;">Step 1: Install OpenELEC on your SDCard</span><br />
<div>
<span style="color: #990000;">Step 2: Boot your Raspberry Pi and first setup</span></div>
<span style="color: #990000;">Step 3: Activate SSH (default is off)</span><br />
<span style="color: #990000;">Step 4: Connect to your Raspberry Pi and setup config.txt</span><br />
<span style="color: #990000;">Step 5: Configure your advancedsettings.xml</span><br />
<span style="color: #990000;">Step 6: Sound Setup</span><br />
<span style="color: #990000;">Step 7: Set up XBMC and your Media Library</span><br />
<span style="color: #990000;">Step 8: Customize Skin</span><br />
<span style="color: #990000;">Step 9: Remote Control</span><br />
<span style="color: #990000;">Step 10: Optional - Verified Wireless Interfaces</span><br />
<span style="color: #990000;">Step 11: How to update OpenELEC</span><br />
<span style="color: #990000;">Step 12: How to backup and restore</span><br />
<span style="color: #990000;">Conclusion</span><br />
<span style="color: #990000;">Memorandum</span><br />
<span style="color: #990000;">FAQ & issues</span><br />
<br />
Let's start !<br />
<br />
<br />
<span style="color: #990000; font-size: large;">Step 1: Install OpenELEC on your SDCard</span><br />
<span style="color: #990000; font-size: large;"><br /></span>
<br />
First thing, if you don't already have one, i would recommend you to get a "Class 10" SDHC Card, XBMC will be much more powerful on such cards.<br />
<br />
Off course, this will still works on any SDHC Class SD card.<br />
<br />
<b><span style="color: #990000;">Download Last OpenELEC Build for Raspberry Pi:</span></b><br />
<br />
<i><b><span style="color: #990000;">Edit 01/18/2013:</span></b> Previous download locations are outdated, to get the very last Rpi OE version, please use the download link in main OpenELEC Website: (look for Raspberry Pi)</i><br />
<i><br /></i>
<a href="http://openelec.tv/get-openelec/"><span style="font-size: large;">http://openelec.tv/get-openelec/</span></a><br />
<br />
********************************************** <b><i>OUTDATED</i></b> **********************************************<br />
<i><b>Edit 12/03/2012:</b> Recommended build:<a href="http://sources.openelec.tv/tmp/image/OpenELEC-RPi.arm-devel-20121124031454-r12577.tar.bz2" target="_blank"> http://sources.openelec.tv/tmp/image/OpenELEC-RPi.arm-devel-20121124031454-r12577.tar.bz2</a></i><br />
<i><br /></i>
<i>Note: This build is compatible with both 256MB and 512MB Raspberry, take a look here:</i><br />
<a href="http://forum.xbmc.org/showthread.php?tid=140518&pid=1246709#pid1246709">http://forum.xbmc.org/showthread.php?tid=140518&pid=1246709#pid1246709</a>
<br />
<i><br /></i>
<i><b>Note for 512MB Raspberry:</b></i><br />
<i>If you have a 512MB Raspberry with a previous OpenELEC version installed, you should restart with a fresh install. (or move your current config.txt to config.txt.old before upgrade)</i><br />
<i>The required gpu mem option will automatically be set depending on your Raspberry Pi hardware.</i><br />
<br />
You could choose to compile yourself OpenELEC for your Raspberry Pi, therefore i advise you to download last OpenELEC build on:<br />
<br />
<ul>
<li><b>Archive Builds</b>: <a href="http://sources.openelec.tv/tmp/image/archive/">http://sources.openelec.tv/tmp/image/archive/</a></li>
</ul>
<div>
<ul>
<li><b>Last build</b> (file name: "http://sources.openelec.tv/tmp/image/OpenELEC-RPi.arm-devel-*.tar.bz2"):
<a href="http://sources.openelec.tv/tmp/image/">http://sources.openelec.tv/tmp/image/</a></li>
</ul>
</div>
*********************************************************** **********************************************<br />
<br />
<b><i>These images are provided in Bz2 tar archive, when downloaded just extract it using your Desktop (right click then extract here) or in command line:</i></b><br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="background-color: transparent; line-height: 19px;"><span style="color: #333333;">http://openelec.tv/get-openelec/</span></span><span style="color: #333333; font-size: 13px; line-height: 19px;"><span class="mw-headline"><span class="mw-headline" style="font-family: inherit;"><span class="mw-headline" style="background-color: white;">$ tar -xjf </span></span></span></span><span style="background-color: transparent; line-height: 19px;"><span style="color: #333333;">OpenELEC-RPi.arm-devel-*.tar.bz2</span></span></pre>
<br />
<i>Note:</i> For Windows users, you may need an Archive Software such as 7zip to extract this archive<br />
<br />
You will get a new directory "OpenELEC-RPi.arm-*", just go in this extracted directory to begin the creation of your SD-card.<br />
<br />
<b><span style="color: #990000;">If you are using Linux:</span></b><br />
<br />
Real easy, just insert your Flash card into your card reader.<br />
Your Flash card should identified as "/dev/sdb" (/dev/sda being your first drive), <u><b>ensure this is the case</b></u> (in case of you have more than one drive connected) using "mount" command.<br />
<br />
<i><b>Then, Go into the new directory and just execute:</b></i>
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333; font-size: 13px; line-height: 19px;"><span class="mw-headline"><span class="mw-headline" style="font-family: inherit;"><span class="mw-headline" style="background-color: white;">$ sudo ./create_sdcard /dev/sdb</span></span></span></span></pre>
<br />
<span style="color: #990000;"><b>If your are using Windows:</b></span><br />
<br />
Go to:<br />
<a href="http://www.squirrelhosting.co.uk/hosting-blog/hosting-blog-info.php?id=9">http://www.squirrelhosting.co.uk/hosting-blog/hosting-blog-info.php?id=9</a><br />
<br />
<br />
<br />
<span style="color: #990000; font-size: large;">Step 2: Boot your Raspberry Pi and first setup</span><br />
<div>
<span style="color: #990000; font-size: large;"><br /></span></div>
<br />
Insert your Flash card and boot your Raspberry.<br />
OpenELEC will boot within a few minutes and XBMC will open.<br />
<br />
<span style="color: #990000; font-size: large;">Set screen:</span><br />
<br />
With no additional configuration, you may have some "fit to screen" issues, in XBMC UI and play back also.<br />
<br />
<i>If you have some issues, proceed as follows:</i><br />
<br />
Depending on your TV/Screen and configuration, you may try 2 methods, one manipulating overscan values and one other with UI zoom tuning.<br />
<b><i><br /></i></b>
<b><i></i></b><br />
<b><span style="color: #990000;">Method 1: Set overscan - RECOMMENDED</span></b><br />
<i><b><br /></b></i>
<i><b>Note a reboot is required.</b></i><br />
<i><b>Also "overscan_scale" is an experimental set, test with and without.</b></i><br />
<i><b><br /></b></i>
<i><b>Try to set in your config.txt overscan settings (see Memorandum to learn how to update config.txt):</b></i><br />
<i><b>Note: Adapt overscan position values to your TV/screen</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># Make display smaller to stop text spilling off the screen
overscan_scale=1 # http://www.raspberrypi.org/phpBB3/viewtopic.php?f=67&t=15700
disable_overscan=1
overscan_left=57
overscan_right=59
overscan_top=20
overscan_bottom=20</span></span></pre>
<br />
This worked perfectly for me.<br />
<i><b><br /></b></i>
<i><b>Depending on your TV/Screen you can also just try: (did not worked for me)</b></i><br />
<i><b><br /></b></i>
<i><b>You can also just try to disable overscan:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">disable_overscan=1
</span></span></pre>
<br />
<i><b>Also test some overscan values (above) and check your TV config (set full mode...)</b></i><br />
<i><b><br /></b></i>
<i><b><br /></b></i>
<br />
<b><span style="color: #990000;">Method 2: Set UI Zoom </span></b><br />
<br class="Apple-interchange-newline" />
<br />
This method also worked for me, therefore the first method should be preferred to avoid issue when playing back.<br />
<br />
An easy way to resolve your fit to screen issue could be to customize UI zoom (by probably -6 or -8%).<br />
<br />
<b>To do so, do as follows:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0Urim3J7ZxylIvjEdV7vqVafrv528e-mlGcwZB7nP3GoA3tk2WE0I2XXmF1ItbxHamHF4lnmtHX-3YMET2Cc2WFOQAK5vi-nGOAERF5cPJh3KTmrzt4apo9g0jOLFie8PNtkyt5pMU1rR/s1600/screenshot002.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0Urim3J7ZxylIvjEdV7vqVafrv528e-mlGcwZB7nP3GoA3tk2WE0I2XXmF1ItbxHamHF4lnmtHX-3YMET2Cc2WFOQAK5vi-nGOAERF5cPJh3KTmrzt4apo9g0jOLFie8PNtkyt5pMU1rR/s640/screenshot002.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiddY0j9OE6YGUctgjnW_Ynt8S4B9I3HkHZf2FdgNfLRNjXACNbJZ8umIs7xq0KqyNqiW_kwbzLdQ699q7h08K3iMm-_sFm5LrCloHKSiwz0tMVa4qTjncZj3wCkzb-HjvT-YQS6h0bozkI/s1600/screenshot003.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiddY0j9OE6YGUctgjnW_Ynt8S4B9I3HkHZf2FdgNfLRNjXACNbJZ8umIs7xq0KqyNqiW_kwbzLdQ699q7h08K3iMm-_sFm5LrCloHKSiwz0tMVa4qTjncZj3wCkzb-HjvT-YQS6h0bozkI/s640/screenshot003.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDnDZXwNl113niQ1l1qdq_aTGKiaocVQbOKGh8zTAs1idz5UjLajUk6T_ONuXUT2QM9Of1EvT38yKP6AzBEKlO0w31-kV5FBDLpwthROSHhI1WxIXoPkZPvlKxMFkW3ZCWSxG7hCEy7Jl2/s1600/screenshot004.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDnDZXwNl113niQ1l1qdq_aTGKiaocVQbOKGh8zTAs1idz5UjLajUk6T_ONuXUT2QM9Of1EvT38yKP6AzBEKlO0w31-kV5FBDLpwthROSHhI1WxIXoPkZPvlKxMFkW3ZCWSxG7hCEy7Jl2/s640/screenshot004.png" width="640" /></a></div>
<br />
<b>When done, do not hesitate to calibrate your screen:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiD_GpptoZ9At7jU2CTvk9KZ3JWMWX_6BvHLrLnS5sszsUxDA-ml9MjueY_6lojTP2q55HMSPdA8GvhO74HicKYB2CHSv2g3L3U5tCfYAhwnIKrZszb-c5WI1yEyPb7wttEHeGLJT7dJpDx/s1600/screenshot005.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiD_GpptoZ9At7jU2CTvk9KZ3JWMWX_6BvHLrLnS5sszsUxDA-ml9MjueY_6lojTP2q55HMSPdA8GvhO74HicKYB2CHSv2g3L3U5tCfYAhwnIKrZszb-c5WI1yEyPb7wttEHeGLJT7dJpDx/s640/screenshot005.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3odYwm0UmmobPZKEpaW4qfmGoKIxG_CAYIf9yVwzXMUrJD9FGM9vbD2hjFKmrJWxjdAC6rxNHg67VUE4dyE6C8WOPIDEsaNtYSgvHMM_fl5UbSEntjlno9qyCypXjqQe99V0Qz9TClh8j/s1600/screenshot006.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3odYwm0UmmobPZKEpaW4qfmGoKIxG_CAYIf9yVwzXMUrJD9FGM9vbD2hjFKmrJWxjdAC6rxNHg67VUE4dyE6C8WOPIDEsaNtYSgvHMM_fl5UbSEntjlno9qyCypXjqQe99V0Qz9TClh8j/s640/screenshot006.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkP4YUeAHb3O_yzxEIlN8_XUO2Vm2tryZN27LlWbvkDl1y4b7h5sGoumFomTFsEfuwdyUG1ZVt8i78DYk8rlVC6HyKu9y9DA4XmdUpB_JzCjeRFtbysZn_TltN5ZvWN1tt3Hr0NU8xHSFi/s1600/screenshot007.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkP4YUeAHb3O_yzxEIlN8_XUO2Vm2tryZN27LlWbvkDl1y4b7h5sGoumFomTFsEfuwdyUG1ZVt8i78DYk8rlVC6HyKu9y9DA4XmdUpB_JzCjeRFtbysZn_TltN5ZvWN1tt3Hr0NU8xHSFi/s640/screenshot007.png" width="640" /></a></div>
<br />
<br />
<br />
<br />
<span style="color: #990000; font-size: large;">Step 3: Activate SSH (default is off)</span><br />
<div>
<span style="color: #990000; font-size: large;"><br /></span></div>
<i><b><span style="color: #990000;">Edit 01/18/2013:</span></b> SSH activation through OpenELEC OS Addon</i><br />
<i><br /></i>
SSH is now off by default and can be activated using the OpenELEC OS addon, under the section "Services".<br />
<br />
<b>To access to the OpenELEC OS Addon:</b><br />
<br />
- Main menu "Programs" / Sub-menu "OpenELEC OS"<br />
- Mai menu "Parameters" then Programs<br />
<br />
Choose to activate the SSH daemon under the section Services, and reboot.<br />
<br />
<br />
<br />
<span style="color: #990000; font-size: large;">Step 4: Connect to your Raspberry Pi and setup config.txt</span><br />
<div>
<br /></div>
<span style="color: #990000;">Identify the IP Address of your Raspberry Pi, to do so you can use XBMC system information.</span><br />
<br />
In XBMC, Go to "parameters", then scroll down and go to "System Information".<br />
<br />
<b>Finally go to the Network panel to know your device IP Address:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEimWj2bUS2eedMOAhNSsD8zcJ0HB4Jn0lp_qCKKcWBJOcxvByK-0-R1rMWCnh6FGwnLGeyTfDmjXCRkudTd7-CUP83GhHDBdJ2xqGJk1kjb0nFS1jN5V4kMnwFlZ_18hhFF1Qri4DSep6N4/s1600/screenshot000.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEimWj2bUS2eedMOAhNSsD8zcJ0HB4Jn0lp_qCKKcWBJOcxvByK-0-R1rMWCnh6FGwnLGeyTfDmjXCRkudTd7-CUP83GhHDBdJ2xqGJk1kjb0nFS1jN5V4kMnwFlZ_18hhFF1Qri4DSep6N4/s640/screenshot000.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgOFA3KbTdPCpTfa7Px1BYbRZtHB8R0GDVDhyphenhyphensW8Kv-dq-XvlGVAJ8ROkJR1CBNc6KslbNItRQw1n0br63ksYzgJdv6Hs9ApphM-4MBT4iNh-ALGdT0q8jn4SkXX2LjVQsBkFqtoadoJZ82/s1600/screenshot001.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgOFA3KbTdPCpTfa7Px1BYbRZtHB8R0GDVDhyphenhyphensW8Kv-dq-XvlGVAJ8ROkJR1CBNc6KslbNItRQw1n0br63ksYzgJdv6Hs9ApphM-4MBT4iNh-ALGdT0q8jn4SkXX2LjVQsBkFqtoadoJZ82/s640/screenshot001.png" width="640" /></a></div>
<br />
<br />
<b><span style="color: #990000;">Now that you know your IP Address, connect to your Raspberry;</span></b><br />
<br />
<b>Default password is: openelec
</b><br />
<br />
<b>If you are on Linux:</b><br />
<br />
<i>Open a Terminal and go into SSH:
</i><br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333; font-size: 13px; line-height: 19px;"><span class="mw-headline"><span class="mw-headline" style="font-family: inherit;"><span class="mw-headline" style="background-color: white;">$ ssh root@XXX.XXX.XXX.XXX</span></span></span></span></pre>
<br />
<b>If you are on Windows:</b><br />
<br />
<i>Download putty (freeware) and connect with SSH to your host</i><br />
<br />
<br />
<b><span style="color: #990000;">Setup your config.txt:</span></b><br />
<br />
<i><b><span style="color: #990000;">Edit 01/18/2013:</span></b> config.txt coming with new builds now contain all required information to correctly set your main settings like Overcloking values, still information above are correct</i><br />
<br />
*****************************************************************************************************************************************************************<br />
<b><span style="color: #990000;">DISCLAIMER ABOUT OVERCLOCKING:</span></b><br />
<br />
Overclocking is not officially supported by OpenELEC, if you do so this is at your own decision and own risk.<br />
Overclocking feature may result in file system corruption, data losses, crashed or global instability.<br />
OpenELEC developers won't give any warranty about those risks until a fix is officially supported.<br />
<br />
Therefore, Overclocking on Raspberry Pi will not break your guarantee if you use the new Turbo Mode which is described bellow. (only setting overvoltage without dynamic frequency allocation would break your Raspberry's warranty)<br />
<br />
Overclocking is still under work in OpenELEC and Raspberry Pi in general, this is an experimental feature and you should be prepared to restore your installation in case of trouble. (see section How to backup and restore)<br />
<br />
*****************************************************************************************************************************************************************<br />
<div>
<br /></div>
<br />
<i>Note: See Memorandum section for a full config.txt sample</i><br />
<br />
<br />
<b>Default CPU frequency of Raspberry Pi is 700Mhz, you can check it as follows:</b>
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">cat /proc/cpuinfo</span></span></pre>
<br />
You should see something like "BogoMIPS<span class="Apple-tab-span" style="white-space: pre;"> </span>: 697.95" which confirms this frequency.<br />
<br />
<b>Do as follows:</b>
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">mount -o remount,rw /flash
vi /flash/config.txt</span></span></pre>
<br />
<b>OVERCLOCKING</b>:<br />
<br />
*********************************************************************************<br />
<br />
<b><i>Edit 09/23/2012:</i></b> The Raspberry foundation introduced recently a new overclocking mode which sets on demand frequencies, you can now overclock your Raspberry Pi without breaking the guarantee.<br />
Ensure to have the very last OpenELEC build!<br />
<br />
<b><i>Data Corruption:</i></b><br />
<br />
Many people have data corruption and instability with higher overclocking modes, this seems to be related to high values of overvoltage.<br />
<br />
For example, i have myself the case with a 8GB Class 4 that gets instantly corrupted when any overclock mode is set, where the same manufacturer Class 10 never got corrupted, still this is not related with class type SD card.<br />
<br />
Anyway, you when your setup is done, see backup and restore section, this way if you have data corruption you could easily restore your flash card without re-installing.<br />
<br />
<span style="color: #990000;"><b>Workaround : Set initial_turbo in config.txt</b></span><br />
<br />
<b><i>Edit 09/28/2012:</i></b> If you have file system corruption with your settings, try to set:<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">initial_turbo=30</span></span></pre>
<i><b>See</b></i>: <a href="http://openelec.tv/forum/124-raspberry-pi/47056-turbo-mode?limit=20&start=20">http://openelec.tv/forum/124-raspberry-pi/47056-turbo-mode?limit=20&start=20</a><br />
<br />
It will force turbo mode after boot for the time set (max 60 secs) and should help preventing data corruption.<br />
<br />
If even with this setting you still have Data corruption, try to comment "overvoltage=2" in Medium mode.<br />
<br />
And if finally this still fails to work without file system corruption, i advise you to go back a more conservative overclocking mode which will work in most casse:<br />
<br />
<i><b>Conservative Overclocking mode:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">arm_freq=850
gpu_freq=325
sdram_freq=425</span></span></pre>
<br />
If after all, you can't get any stable situation with overclocking mode enable, then simply disable it :-)<br />
OpenElec works also very fine in default mode, moreover you should remember that higher CPU/GPU/Ram frequency does not change anything in playback quality ^^<br />
<br />
*********************************************************************************<br />
<br class="Apple-interchange-newline" />
<br />
<b>Then go in insert mode (press key "i") and set your overclock settings.</b><br />
<b><br /></b>
Based on my tests, i would recommend this settings, but you can change, test or prefer what ever you want.<br />
<br />
I could not get stability on higher overclocking model than Medium.<br />
<br />
Be sure <u>not</u> to set "turbo_force=1" (or to set it to "0") because it would deactivate dynamic frequency. (and break your guarantee)<br />
<br />
See Memorandum at the end of this post to see other overclocking modes and how to check activity.<br />
<b><br /></b>
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">force_turbo=0</span></span></pre>
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">#Medium
arm_freq=900
core_freq=333
sdram_freq=450
over_voltage=2</span></span></pre>
<div>
<span style="color: #333333;"><span style="line-height: 19px;"><br /></span></span></div>
<b>If you are using an HDMI connection, i also recommend to add:</b><br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># Force HDMI
hdmi_force_hotplug=1</span></span></pre>
<i><b><br /></b></i>
<b>Then save your file (press ":wq!") and:</b>
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">mount -o remount,ro /flash
reboot</span></span></pre>
<br />
<b>After reboot, you can see in kernel messages (run command "dmesg") CPU frequency dynamic allocation depending on your config:</b>
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">bcm2835-cpufreq: switching to governor ondemand
bcm2835-cpufreq: Freq 700000->900000 (min=700000 max=900000 target=900000 request=900000)
bcm2835-cpufreq: Freq 900000->700000 (min=700000 max=900000 target=700000 request=700000)
</span></span></pre>
<div>
<span style="color: #333333;"><span style="line-height: 19px;"><br /></span></span>
<br />
<div>
<b><i>Using the following command will also return current CPU frequency:</i></b></div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">vcgencmd measure_clock arm</span></span></pre>
</div>
<br />
<span style="color: #333333;"><span style="line-height: 19px;"><br /></span></span></div>
Mode "governor demand" confirms dynamic frequency allocation, and you can also notice CPU frequency changes depending on system load.<br />
<br />
<br />
<b><span style="color: #990000;">MPGE2 and VC1 Support:</span></b><br />
<br />
If you want MPEG2 and VC1 Support, the Raspberry foundation now allows us to buy 2 cheap licences that will activate this.<br />
<br />
<b>So simply go to Raspberry's site:</b><br />
<a href="http://www.raspberrypi.com/">http://www.raspberrypi.com/</a><br />
<br />
<b>You will need your CPU serial number, which you can easily get using the command:</b>
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">cat /proc/cpuinfo</span></span></pre>
<br />
<b>Or if you prefer, Go in XBMC, Parameters > Scroll down > System information and you will find you CPU serial number.</b><br />
<br />
Look for the value next to "Serial" and Enter it into the Raspberry's site.<br />
<br />
<b>You will receive your licence keys within a few hours or days, when done add your keys to your config.txt as follows:</b>
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># MPEG 2 Hardware acceleration
decode_MPG2=XXXXXXXXXX
# VC1 Hardware acceleration
decode_WVC1=XXXXXXXXXX</span></span></pre>
<div>
<span style="color: #333333;"><span style="line-height: 19px;"><br /></span></span></div>
<br />
<br />
<span style="color: #990000; font-size: large;">Step 5: Configure your advancedsettings.xml</span><br />
<div>
<span style="color: #990000; font-size: large;"><br /></span></div>
<br />
Now you need to configure your advancedsettings.xml file for XBMC, using this file you will ask XBMC to apply some tunes to improve UI performances:<br />
<br />
<ul>
<li>Deactivating RSS feeds that consumes CPU</li>
<li>Activating Dirty Region</li>
<li>Tuning Thumbnails and Fanart resolution</li>
<li>Tuning Network memory buffer (note: not really proved this changes anything!) </li>
</ul>
<br />
I advise you to access to the share called "Userdata" using your File Browser and navigating to your Network and OpenELEC host.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQm6o_0dQzCRrgFYCpSLN90Er0RpcbtSQW_69Iuq5SWrJGyavdvzj2tXmV1lNTNxdVDxLX8ir8gKWDr-lzABSwiuiPjaKz004oHe1Epr0KqtxZrlUXV_WrE6BAsHkp1vn37Lka6eLHZ5sz/s1600/screen1.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="190" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQm6o_0dQzCRrgFYCpSLN90Er0RpcbtSQW_69Iuq5SWrJGyavdvzj2tXmV1lNTNxdVDxLX8ir8gKWDr-lzABSwiuiPjaKz004oHe1Epr0KqtxZrlUXV_WrE6BAsHkp1vn37Lka6eLHZ5sz/s640/screen1.jpg" width="640" /></a></div>
<br />
<br />
<b>Then, use any text editor (example Gedit for Linux and Notepad for Windows) and create a new file called "advancedsettings.xml" with the following content:</b>
<br />
<b><br /></b>
<i><b><span style="color: #666666;">Updated March 16, 2013: New advancedsettings.xml version</span></b></i><br />
<i><b><span style="color: #666666;"><br /></span></b></i>
<i><span style="color: #666666;">Note: This is new version of the advancedsettings.xml adapted to ARM processor like the RPi, if you have any issue with thumbnails quality due to the older file version, please delete your folder "~/.xbmc/userdata/Thumbnails", ensure you have the following advancedsetings.xml file and reboot </span></i><br />
<i><span style="color: #666666;"><br /></span></i>
<i><span style="color: #666666;"><b>The option "useddsfanart" must be set to false, explanation (thanks to Anonymous commentary):</b></span></i><br />
<br />
<i><span style="color: #666666;">"This settings allows XBMC to use your GPU rendering fanart and some other images. This will make loading images considerably faster, especially on systems with slower processors (e.g. Intel Atom based systems). Do not use this option on ARM based systems (Apple TV2/iOS/RPi/many Android systems) as it is likely to degrade performance because DDS images are not supported."</span></i><br />
<i><b><span style="color: #666666;"><br /></span></b></i>
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"><advancedsettings>
<fanartres>540</fanartres>
<imageres>512</imageres>
<useddsfanart>false</useddsfanart>
<lookandfeel>
<enablerssfeeds>false</enablerssfeeds>
</lookandfeel>
<bginfoloadermaxthreads>2</bginfoloadermaxthreads>
</advancedsettings>
</span></span></pre>
<div>
</div>
<br />
<b><br /></b>
<b><i>Old version:</i></b><br />
<b><br /></b>
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"><advancedsettings>
<fanartheight>540</fanartheight>
<thumbsize>512</thumbsize>
<lookandfeel>
<enablerssfeeds>false</enablerssfeeds>
</lookandfeel>
<bginfoloadermaxthreads>2</bginfoloadermaxthreads>
</advancedsettings>
</span></span></pre>
<div>
<span style="color: #333333;"><span style="line-height: 19px;"><br /></span></span></div>
<br />
When done, finally reboot!<br />
<br />
<br />
<br />
<span style="color: #990000; font-size: large;">Step 6: Sound Setup</span><br />
<div>
<span style="color: #990000; font-size: large;"><br /></span></div>
<br />
In XBMC, setting the sound will be enough easy.<br />
<br />
There is 2 possibilities, or you want a sound output through HDMI, or you will use your analogical connection through the jack connection provided.<br />
<br />
In XBMC, go to parameters > sound configuration and set HDMI or analogical.<br />
<br />
Also, if your TV does not take this in charge (or the sound system connected to your TV), ensure to unset sounds protocols.<br />
<br />
Finally, please note that OpenELEC on Raspberry Pi does not uses ALSA for the sound ouput but OpenMixer (OMX), so don't try for now to use as far an example an external USB soundcard if you need an Optical connection, that won't be possible as for now...<br />
<br />
Also, it will be much better to have a sound system able to decode DDS and so on, if you don't the CPU/GPU will have to downmix the sound, which causes more usage.<br />
Some file could be hard to play for this reason.<br />
<br />
<i><b>Note:</b> Without any DDS hardware support, you may issues with some MKV files, this is causes by software sound conversion using CPU required when your sound system does not support it.</i><br />
<br />
<br />
<span style="color: #990000; font-size: large;">Step 7: Setup XBMC and your Media Library</span><br />
<div>
</div>
<br />
<br />
Now that your XBMC installation is ready to use, you need to configure your Media Library, and some few settings depending on your taste. (skins...)<br />
<br />
<b>I recommend you to take a look at other guides i wrote for XBMC, you will find fully applicable ways to manage your Library.</b><br />
<br />
<a href="http://youresuchageek.blogspot.fr/2012/06/xbmc-install-and-config-howto-for-linux.html">http://youresuchageek.blogspot.fr/2012/06/xbmc-install-and-config-howto-for-linux.html</a><br />
<i>Go to Step 9</i><br />
<i><br /></i>
The Raspberry Pi is a very small device, if you are used to htpc don't expect to get the same kind of performances while scanning your Media Library, this will take a long long time ^^<br />
<br />
<b>I would recommend to use it as client of an other main XBMC installation that will take care about managing the Media Library and sharing it through SMB or NFS with an automatically shared Database. (Mysql)</b><br />
<b><br /></b>
<i>Note about Mysql sharing: By the past i had some issues (missing videos) because of my XBMC master and slave version were using different versions of Mysql db (internal XBMC versions).</i><br />
<i>Ensure you always have most up to date possible XBMC versions when sharing over Mysql to avoid these kind of issue.</i><br />
<i><br /></i>
<i><br /></i>
<b><span style="color: #990000;">Consider your sharing Method:</span></b><br />
<i><br /></i>
If you are sharing your Media Files through your Network (from a NAS or share by another computer), you will probably wonder about the best way to set the Media Player.<br />
<br />
<i>Take a look at my post to configure Media Library sharing between your XBMC instances:</i><br />
<a href="http://youresuchageek.blogspot.fr/2012/09/howto-xbmc-share-and-sync-your-media.html">http://youresuchageek.blogspot.fr/2012/09/howto-xbmc-share-and-sync-your-media.html</a>
<br />
<br />
Files shared from a Windows computer (even Windows Server) should be shared and accessed by XBMC using SMB protocol.<br />
<br />
Files shared from an Unix / Linux Operating system should have better performances when accessed by NFS.<br />
<br />
Therefore, in my configuration with all tests i've made, i noticed instability with NFS sharing mode, while SMB share were very stable, even shared from a Linux based system.<br />
So, i would recommend SMB sharing in our configuration.<br />
<i><br /></i>
You don't have to mount your Network shares in your Raspberry Pi to act as a client, just browse when you add a Video source to the protocol of your choice, XBMC will care about that.<br />
<i><br /></i>
<i><br /></i>
<br />
<br />
<span style="color: #990000; font-size: large;">Step 8: Customize skin</span><br />
<div>
</div>
<br />
<i><br /></i>
By default XBMC is provided with Confluent skin.<br />
In my opinion, in our configuration the UI works good enough to keep it.<br />
<br />
<b>Therefore, i would recommend to deactivate Fanart back screen to get better performances:</b><br />
<b><br /></b>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_qvmPZR-RwfQe4hKOgHT9uVj5Q_ffCrCv_GlBG84hINcp0RFFAydot0in6PbdLx5mYl27lA1WUIXcQeQzRHZF5s2glCbsu_60CP4Wj0plRcfIpAD_EpqHIjt2WlieUnrbxmVnr9hG1K0s/s1600/screenshot008.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_qvmPZR-RwfQe4hKOgHT9uVj5Q_ffCrCv_GlBG84hINcp0RFFAydot0in6PbdLx5mYl27lA1WUIXcQeQzRHZF5s2glCbsu_60CP4Wj0plRcfIpAD_EpqHIjt2WlieUnrbxmVnr9hG1K0s/s640/screenshot008.png" width="640" /></a></div>
<br />
<br />
<i><b><span style="color: #990000;">Edit 01/18/2013:</span></b> With last OpenELEC builds, number of older themes are not available anymore under the main XBMC repository because they're not yet fully compatible with Frodo.</i><br />
<i><br /></i>
<i>Still some of theme now have dedicated Frodo version, like the Quartz theme i recommend for your Rpi.</i><br />
<i><br /></i>
<i>You can download it here:</i><br />
<a href="https://github.com/pecinko/quartz">https://github.com/pecinko/quartz</a><br />
<br />
<i>Download the theme as a Zip file, then proceed to manual installation under XBMC extension manager inside Parameters.</i><br />
<br />
Here are some themes known to work good on Raspberry Pi, my preference goes to "Quartz" which real fast and good looking:<br />
<ul>
<li>Quartz</li>
<li>Rapier</li>
<li>SLIK</li>
<li>Xperience1080</li>
</ul>
<br />
<b>Some Quarz screenshots on Raspberry Pi:</b><br />
<b><br /></b>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNcj8XpXESByQFPmqtnaqBmykxO2vDNIuOEkQ1PbWDJQ6JCmahuxoZLMd-LNMv4YFYWaEXzb9mbWAnW0Ura9UC8YjCuJmL1R2cp_jZzC10AVM1BBObDsGBpm13RZZmYQaVIqJPW4NBgv-y/s1600/screenshot012.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNcj8XpXESByQFPmqtnaqBmykxO2vDNIuOEkQ1PbWDJQ6JCmahuxoZLMd-LNMv4YFYWaEXzb9mbWAnW0Ura9UC8YjCuJmL1R2cp_jZzC10AVM1BBObDsGBpm13RZZmYQaVIqJPW4NBgv-y/s640/screenshot012.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgq5YMZvI25GIh2a0Oat7r5Lj8xzRRAP5Mw6Ds5DggRUGJLFETV3yQgBhwtfhImXsINdvj9o2ffjk59AV8vpH_kjtwSGD6IKM1s88XDNZxSoyyLuRt3FizzztaoFSeP-n-gBMYFbdN8yd8/s1600/screenshot014.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgq5YMZvI25GIh2a0Oat7r5Lj8xzRRAP5Mw6Ds5DggRUGJLFETV3yQgBhwtfhImXsINdvj9o2ffjk59AV8vpH_kjtwSGD6IKM1s88XDNZxSoyyLuRt3FizzztaoFSeP-n-gBMYFbdN8yd8/s640/screenshot014.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMmT3psd9EfaBOwkkRvaFpDzwZ93TnjxFX4Fyd4aRz-pFfGYBsM8MjrrfxbrmG1EqejiL2GR1BK9WL_TlvpBaR28WAa4dWXYDueKhWB7ohvd9ynDfIlKHxaDwNQ17MAsLajd8MnNgqRcH2/s1600/screenshot013.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMmT3psd9EfaBOwkkRvaFpDzwZ93TnjxFX4Fyd4aRz-pFfGYBsM8MjrrfxbrmG1EqejiL2GR1BK9WL_TlvpBaR28WAa4dWXYDueKhWB7ohvd9ynDfIlKHxaDwNQ17MAsLajd8MnNgqRcH2/s640/screenshot013.png" width="640" /></a></div>
<b><br /></b>
<br />
<i><br /></i>
<span style="color: #990000; font-size: large;">Step 9: Remote Control</span><br />
<div>
</div>
<div style="font-style: italic;">
<i><br /></i></div>
<div>
<span style="font-family: inherit; font-size: large;"><b>CEC - Consumer Electronic Control</b></span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">Controlling XBMC using a remote control is in my opinion something primordial for any nice media center solution.</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">If you are lucky, you have a quite recent TV which is CEC compatible :-)</span><br />
<br />
<i>Note: CEC stands for Consumer Electronics Control, a protocol built into HDMI that allows for one appliance to control another)</i><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">Then the good news, The Raspberry hardware in addition with libcec included in OpenELEC is fully CEC compatible :-) </span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">You simply have nothing to do! Just plug and boot, very impressive.</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">Your remote control will work out of the box, i've tested it several time and it works very very good!</span><br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;"><br /></span>
<br />
<span style="font-family: inherit; font-size: large;"><b>Generic MCE Remote control</b></span><br />
<br />
<span style="font-family: inherit;"><br /></span>
<span style="font-family: inherit;">If you're less (lucky), then i recommend you to get a cheap MCE Remote that will work out of the box in OpenELEC and XBMC.</span></div>
<br />
<b>I've tested and validated to work out of the box on OpenELEC for Raspberry:</b><br />
<br />
<span style="background-color: white; font-family: arial, helvetica, sans-serif; line-height: 18px; text-align: left;"><b><i>600-hfx-vista</i></b></span><br />
<div>
<a href="http://www.maisondunumerique.com/telecommande-hfx-vista-remote-control-gp.html">http://www.maisondunumerique.com/telecommande-hfx-vista-remote-control-gp.html</a></div>
<div style="font-style: italic;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgReLX826VqkMKq4QOFF6ZCi3cvW-Xj4AA_l7RrwOqaSeEz1W8j3elEn6IjpcWRnCqCPp2I5UR7GHIzVf4Lp0Wcr7XWljODBfMYN72KoqW2NZaNCbnHtqUg8y0vGPtFwjdqZvyWTVXrR9dP/s1600/photo.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgReLX826VqkMKq4QOFF6ZCi3cvW-Xj4AA_l7RrwOqaSeEz1W8j3elEn6IjpcWRnCqCPp2I5UR7GHIzVf4Lp0Wcr7XWljODBfMYN72KoqW2NZaNCbnHtqUg8y0vGPtFwjdqZvyWTVXrR9dP/s320/photo.JPG" width="320" /></a></div>
<div>
<b><i>Philipps RC197</i></b></div>
<span style="color: #d52a33; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="background-color: #fefdfa; line-height: 18px;"><a href="http://cgi.ebay.fr/Mando-HTPC-Media-Center-MCE-Multimedia-Philips-RC197-Receptor-Remote-Control-/271056452988?pt=LH_DefaultDomain_186&hash=item3f1c393d7c#ht_2183wt_1434">http://cgi.ebay.fr/Mando-HTPC-Media-Center-MCE-Multimedia-Philips-RC197-Receptor-Remote-Control-/271056452988?pt=LH_DefaultDomain_186&hash=item3f1c393d7c#ht_2183wt_1434</a></span></span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDXql3ZuRIFlbHGuHkN7MALLiPw7KPitpV-TIvhO9x0LFYHeKu2_zviE5R_B3_Nfy8d7uEeYzRAJAcJosSFCQZCd8DfAnA2Cmre8F2vElpZRk5y591qLeoIPpSRroy4mTz4TeBmb_GP59s/s1600/RC197.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDXql3ZuRIFlbHGuHkN7MALLiPw7KPitpV-TIvhO9x0LFYHeKu2_zviE5R_B3_Nfy8d7uEeYzRAJAcJosSFCQZCd8DfAnA2Cmre8F2vElpZRk5y591qLeoIPpSRroy4mTz4TeBmb_GP59s/s320/RC197.jpg" width="320" /></a></div>
<br />
<b><i>Validated to work out of the box by others:</i></b><br />
<br />
<span style="background-color: #fefdfa; line-height: 18px; text-align: justify;"><i><b><span style="font-family: inherit;">MCE r6 1039</span></b></i></span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxm8a3o6oV-wyoVNvbOWksV4V_mhdXtN4VE1g9S8x3ul044PAOO6TXsluZLUpBcN7ze0Zd8nwogVkdJpof24-shrQExr9VRQiKis_oqAj09lEVw0jwaRUZA2tttNFPiCICQ5LqJDMAmo8q/s1600/MCE-Remote-2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxm8a3o6oV-wyoVNvbOWksV4V_mhdXtN4VE1g9S8x3ul044PAOO6TXsluZLUpBcN7ze0Zd8nwogVkdJpof24-shrQExr9VRQiKis_oqAj09lEVw0jwaRUZA2tttNFPiCICQ5LqJDMAmo8q/s320/MCE-Remote-2.jpg" width="108" /></a></div>
<br />
<br />
Many others should also work!<br />
<br />
<br />
<br />
<span style="color: #990000; font-size: large;">Step 10: Optional - Verified Wireless Dongle</span><br />
<div>
</div>
<div style="font-style: italic;">
</div>
<br />
<br />
<b><span style="color: #990000;">Wireless Interfaces known to work out of the box under OpenELEC:</span></b><br />
<br />
<b>Here are some verified Wireless interfaces that works out of the Box in OpenELEC, many others way work but haven't been tested by myself or by people comments confirmation.</b><br />
<br />
<ul>
<li>Leguang LG-N18 150Mbps IEEE802.11 b/g/n USB 2.0 Wi-Fi Wireless Network Adapter</li>
<li>Silver Crest IEEE802.11 b/g/n USB 2.0 Wifi Dongle (rtl8192 chipset)</li>
<li>TP-Link TL-WN821N V2.0 300mbps IEEE802.11 b/g/n USB 2.0 Wifi Dongle</li>
</ul>
<br />
Feel free to add comments on this posts for any verified Wireless dongle under OE.
<br />
<br />
<br />
<b><span style="color: #990000;">Wireless Configuration:</span></b><br />
<br />
<b>To configure your Wireless interface, nothing more simple:</b><br />
<br />
<ul>
<li><span style="font-family: inherit;">Plug you Wireless interface</span></li>
<li><span style="font-family: inherit;">Check your interfaces status (ifconfig), if you Wireless interface works out of the box you should get a new interface normally called "wlan0"</span></li>
<li><span style="font-family: inherit;">Go to OpenELEC OS Settings addon (Parameters > Addons > Enabled Addons > Program)</span></li>
</ul>
<div>
<b style="background-color: #fefdfa; color: #333333; line-height: 18px;"><span style="font-family: inherit;">You have to know:</span></b><br />
<br />
<br />
<ul style="background-color: #fefdfa; color: #333333; line-height: 18px; list-style-image: initial; list-style-position: initial; margin: 0.5em 0px; padding: 0px 2.5em;">
<li style="border: none; margin: 0px 0px 0.25em; padding: 0.25em 0px;"><span style="font-family: inherit;">Your Wireless SSID (eg the name of your Wireless Network)</span></li>
</ul>
<ul style="background-color: #fefdfa; color: #333333; line-height: 18px; list-style-image: initial; list-style-position: initial; margin: 0.5em 0px; padding: 0px 2.5em;">
<li style="border: none; margin: 0px 0px 0.25em; padding: 0.25em 0px;"><span style="font-family: inherit;">Your Wireless Encryption mode, WEB or WPA</span></li>
</ul>
<ul style="background-color: #fefdfa; color: #333333; line-height: 18px; list-style-image: initial; list-style-position: initial; margin: 0.5em 0px; padding: 0px 2.5em;">
<li style="border: none; margin: 0px 0px 0.25em; padding: 0.25em 0px;"><span style="font-family: inherit;">Your encryption Key</span></li>
</ul>
<br /></div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJMmEOzD48mKlQJkG16OYx6fSlcPdaDcStcXuLC2w3wk1rxstsM4ykohRAhTxR9nrpEQ96bdo53xEKnx_jwwm1TlmEisywhcLURaxExBHNVPIccEiO-jidOl03e3NRb3N8MVTtRYiVZ8gv/s1600/screenshot013.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJMmEOzD48mKlQJkG16OYx6fSlcPdaDcStcXuLC2w3wk1rxstsM4ykohRAhTxR9nrpEQ96bdo53xEKnx_jwwm1TlmEisywhcLURaxExBHNVPIccEiO-jidOl03e3NRb3N8MVTtRYiVZ8gv/s640/screenshot013.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<span style="color: #990000; font-size: large;">Step 11</span><span style="color: #990000; font-size: large;">: Upgrade OpenELEC</span><br />
<div>
</div>
<div style="font-style: italic;">
<br class="Apple-interchange-newline" /></div>
<br />
As for now, the automatic update process through OpenELEC Addon does not seem to work for Raspberry. (as far as i have seen)<br />
<br />
Still you can update manually, which is easy enough anyway and the recommended way.<br />
<br />
<b>Edit 09/20/2012:</b> With last OpenELEC builds, this is not required anymore to manually upgrade the bootloader by copying files from "3rdparty/bootloader" to "/flash"<br />
<br />
<b>Edit 10/09/2012:</b> Thanks to xbs who gave the right answer, temporarily deactivating overcloking avoids update issues using the standard method<br />
<br />
<b><span style="color: #990000;">How to update:</span></b><br />
<br />
<br class="Apple-interchange-newline" />
*****************************************************************************************************************************************************************
<br />
<br />
<b><span style="color: #660000;">IMPORTANT - Issue while overclocking mode enabled </span></b><br />
<br />
If you have any overclocking mode enabled, i recommend for now to temporarily <u><b>deactivate </b></u>overclocking while applying upgrade, if you don't you have many chances to break your system.<br />
<br />
<b>To do so:</b><br />
<b><br /></b>
- Rename /flash/config.txt to anything you want (eg. mv /flash/config.txt /flash/config.txt.off) - <i>The goal is to deactivate Overclocking while we are updating</i><br />
<i><br /></i>
- Apply update as follow (copying SYSTEM* and KERNEL* to upgrade, reboot)<br />
<br />
- When update is done (you have rebooted), rename config.txt to normal name to reactivate Overcloking<br />
<br />
- Reboot (to apply)<br />
<br />
You're done :-)<br />
<br />
<br class="Apple-interchange-newline" />
*****************************************************************************************************************************************************************
<br />
<br />
<br />
<i><b>Edit 10/23/2012:</b></i> You may be interested with the following script that allows to achieve update in terminal within an SSH sessions. (pay attention to overclock issues when upgraded as in the manual way)<br />
See:<br />
<a href="https://github.com/xsteadfastx/rpi-openelec-upgrade">https://github.com/xsteadfastx/rpi-openelec-upgrade</a><br />
<br />
<br />
<br />
<b>1</b>. Download last version in your computer (See Step1 to get the proper URL)<br />
<br />
<b>2.</b> Extract files<br />
<br />
<b>3.</b> Connect to your Raspberry SMB share "Update" and copy files located in the directory "target" you previously extracted:<br />
<ul>
<li>KERNEL and KERNEL.md5</li>
<li>SYSTEM and SYSTEM.md5</li>
</ul>
<div>
<b>4.</b> Finally reboot, the update process will automatically occur</div>
<br />
<br />
<br />
<span style="color: #990000; font-size: large;">Step 12: How to backup and restore</span><br />
<div>
</div>
<div style="font-style: italic;">
<br class="Apple-interchange-newline" /></div>
<br />
Your should consider about backing up your installation, the only element really required to be backed up is the main xbmc directory which contains all of your data.<br />
<br />
<b>I personally recommend the method using Partclone or dd. (Partclone will be faster but has some requirements)</b><br />
<b><br /></b>
<b>Partclone will require that partitions you want to restore from previously backed up have exactly the same size.</b><br />
<b><br /></b>
<b>Using the well known tool "dd", there is no requirements to restore but the operation requires more time as dd also considers blank spaces as data.</b><br />
<b><br /></b>
<b>Using tar to backup the main xbmc folder will also works but you may have to recreate your flash card (if you system is broken) and cover the system itself.</b><br />
<b><br /></b>
<br />
<b><span style="color: #990000;">Method 1: Using "partclone"</span></b><br />
<br />
You can also use this alternatively method with Linux and Partclone:<br />
<br />
<b>Install Partclone:</b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo apt-get install partclone</span></span></pre>
<br />
<b>How to backup:</b>
<br />
<br />
<i>Insert your card into your computer and do as follows:</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo umount /dev/sdb1 && sudo umount /dev/sdb2
$ sudo fsck -yf /dev/sdb2
$ sudo partclone.fat -c -d -s /dev/sdb1 -o raspi_openelec_sdb1_mm_dd_yyyy.img
$ sudo partclone.ext4 -c -d -s /dev/sdb2 -o raspi_openelec_sdb2_mm_dd_yyyy.img</span></span></pre>
<br />
<b>How to restore:</b>
<br />
<br />
<i>Insert your card into your computer and do as follows:</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo umount /dev/sdb1 && sudo umount /dev/sdb2
$ sudo partclone.fat -r -d -s raspi_openelec_sdb1_mm_dd_yyyy.img -o /dev/sdb1
$ sudo partclone.ext4 -r -d -s raspi_openelec_sdb2_mm_dd_yyyy.img -o /dev/sdb2</span></span></pre>
<br />
<br />
<br />
<b><span style="color: #990000;">Method 2: Using "dd"</span></b><br />
<br />
You can also use this alternatively method with Linux and Partclone:<br />
<br />
<b>How to backup:</b><br />
<br />
<i>Insert your card into your computer and do as follows (</i><b><i><u>ensure your flash card is seen as sdb!</u></i></b><i>)</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo dd if=/dev/sdb of=raspi_openelec_mm_dd_yyyy.img bs=1M</span></span></pre>
<br />
<b>How to restore:</b><br />
<br />
<i>Insert your card into your computer and do as follows </i><i>(</i><b><i><u>ensure your flash card is seen as sdb!</u></i></b><i>):</i><br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo dd if=raspi_openelec_mm_dd_yyyy.img of=/dev/sdb bs=1M</span></span></pre>
<br />
<br />
<br />
Using dd will restore any partition without any other requirements.<br />
<br />
<br />
<b><span style="color: #990000;">Method 3 : Simple method using tar</span></b><br />
<br />
<b>How to backup:</b><br />
<br />
<i>Boot your Raspberry Pi and create a Tar archive of your XBMC folder:</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># cd /storage
# tar -cvzpf /storage/xbmc_raspi_backup_mm_dd_yyyy.tar.gz .xbmc</span></span></pre>
<br />
<b>How to restore:</b><br />
<br />
To restore, simply re-create your flash SD-Card using Openelec.<br />
Then boot your Raspberry Pi, use a SCP client to connect (WinSCP for Windows, native SSH /desktop integration / GFTP for Linux) and copy your previously backed up Archive directly in root Home Folder.<br />
<br />
<i>Then restore (adapt DIRECTORY to the folder where resides your tar.gz file)</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># cd /storage
# tar -xvzpf DIRECTORY/xbmc_raspi_backup_mm_dd_yyyy.tar.gz</span></span></pre>
<br />
<br />
<br />
<span style="color: #990000; font-size: large;">Conclusion:</span><br />
<div>
<span style="color: #990000; font-size: large;"><br /></span></div>
<br />
As for now, XBMC with OpenELEC works very great for such a small device that could seem really low powerful.<br />
<br />
I noticed a real low CPU usage using specified customization, providing you a smoothly XBMC Interface.<br />
<br />
<b>CPU Usage:</b><br />
<br />
For information, with last OpenELEC build, i can observe a very low CPU Usage when IDLE, around 15-20 % not more.<br />
<br />
<i><b>Note:</b></i> You should see very different CPU usage values in XBMC System Information Panel, this is caused by screen rendering. See Post #12 on <a href="http://openelec.tv/forum/124-raspberry-pi/44834-speed-comparison-with-xbian">http://openelec.tv/forum/124-raspberry-pi/44834-speed-comparison-with-xbian</a>)<br />
<br />
My Raspberry is connected trough the local Network and access to an XBMC Shared Library (Using SMB and Mysql), to be honest almost all videos 720p/1080p plays with no issues.<br />
<br />
Therefore, Huge HD Video files will probably be difficult or impossible to play, you should avoid having files with a size bigger than 13-14 Gb... (when playing over your Network)<br />
<br />
As a conclusion, i have to say that i am positively surprised by this small animal capacity, even if i would not change my main HTPC for a Raspberry Pi, this is very interesting and it makes a real good second XBMC client :-)<br />
<br />
OpenELEC guys have done a real good job for this device, thank you!<br />
<br />
Feel free to comment! <br />
<br />
<br />
<br />
<span style="color: #990000; font-size: large;">Memorandum:</span><br />
<div>
</div>
<br />
<ul>
<li><b><span style="color: #990000;">How to update config.txt to set your Raspberry Pi parameters:</span></b></li>
</ul>
<b><i>Log in to your Raspberry with ssh, and update your config.txt:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">mount -o remount,rw /flash
vi /flash/config.txt</span></span></pre>
<br />
<ul>
<li><b><span style="color: #990000;">Official 5 Overclocking settings with New Turbo mode:</span></b></li>
</ul>
<div>
<b><i><u>Don't</u> set "force_turbo" to value "1", let the default value (0)</i></b></div>
<div>
<b><br /></b></div>
<div>
<b><i>None</i></b></div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">force_turbo=0</span></span></pre>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">arm_freq=700
core_freq=250
sdram_freq=400
over_voltage=0</span></span></pre>
</div>
<div>
<br /></div>
<div>
<div>
<b><i>Modest</i></b></div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">force_turbo=0</span></span></pre>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">arm_freq=800
core_freq=300
sdram_freq=400
over_voltage=0</span></span></pre>
</div>
</div>
<div>
<br /></div>
<div>
<b><i>Medium</i></b></div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">force_turbo=0</span></span></pre>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">arm_freq=900
core_freq=333
sdram_freq=450
over_voltage=2</span></span></pre>
</div>
<br />
<div>
<b><i>High</i></b></div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">force_turbo=0</span></span></pre>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">arm_freq=950
core_freq=450
sdram_freq=450
over_voltage=6</span></span></pre>
</div>
<br />
<div>
<b><i>Turbo</i></b></div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">turbo_mode=0</span></span></pre>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">arm_freq=1000
core_freq=500
sdram_freq=500
over_voltage=6</span></span></pre>
</div>
<br />
<b><i>How to check:</i></b><br />
<br />
<i>Check your kernel messages using the command "dmesg", you will see such messages which confirms the Turbo mode:</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">bcm2835-cpufreq: switching to governor ondemand
bcm2835-cpufreq: Freq 1000000->700000 (min=700000 max=1000000 target=700000 request=700000)
bcm2835-cpufreq: Freq 700000->1000000 (min=700000 max=1000000 target=1000000 request=1000000)</span></span></pre>
<br />
<br />
<ul>
<li><b><span style="color: #990000;">Monitor CPU frequency, temperature and others </span></b></li>
</ul>
<div>
<b><i>Using the following command will return current CPU frequency:</i></b></div>
<div>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">vcgencmd measure_clock arm</span></span></pre>
</div>
<div>
<br />
<b><i>If you want, add this script to your storage:</i></b><br />
<br />
sysinfo.sh<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">#!/bin/bash
echo -e "\n###############################################"
echo "# RASPBERRY PI SYSTEM INFORMATIONS #"
echo "###############################################"
echo -e "\nCPU current Frequency: `vcgencmd measure_clock arm`"
echo "CORE current Frequency: `vcgencmd measure_clock core`"
echo "CORE current Voltage: `vcgencmd measure_volts core`"
echo "CPU current Temperature: `vcgencmd measure_temp`"
echo -e "\nFirmware Version: `vcgencmd version`\n"
echo -e "Codecs Status:"
echo "`vcgencmd codec_enabled H264`"
echo "`vcgencmd codec_enabled MPG2`"
echo "`vcgencmd codec_enabled WVC1`"
echo</span></span>
</pre>
<div>
<br /></div>
<br />
<i><b>And add this script to your "~.profile" if you want it when you log in with SSH, or add an alias to call this script, or whatever you want :-)</b></i><br />
<br /></div>
<ul>
<li><b><span style="color: #990000;">A sample current config.txt:</span></b></li>
</ul>
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># config.txt - In OpenELEC edit this file as follows:
#################################################
# mount -o remount,rw /flash #
# then edit and save your modification using vi #
# sync #
# mount -o remount,ro /flash && reboot #
#################################################
####################
# VARIOUS SETTINGS #
####################
# Force HDMI even if unplugged or powered off
hdmi_force_hotplug=1
#####################
# OVERSCAN SETTINGS #
#####################
# Make display smaller to stop text spilling off the screen
overscan_scale=1 # http://www.raspberrypi.org/phpBB3/viewtopic.php?f=67&t=15700
disable_overscan=1
# Adapt overscan values to your needs
overscan_left=57
overscan_right=59
overscan_top=20
overscan_bottom=20
############
# LICENCES #
############
# Licences for MPEG2 and VC1
decode_MPG2=xxxxxxxxxx
decode_WVC1=xxxxxxxxxx
###########################################################
# OVERCLOCKING MODE - REQUIRES TURBO MODE (recent builds) #
# #
# Uncomment one of the section you want to use #
# After reboot use command "vcgencmd measure_clock arm" #
# to get current CPU frequency #
##########################################################
# If you have any data corruption using Turbo Mode and overclocking
# to with this setting uncommented
#initial_turbo=30
# If this still fails, try to use Medium mode whitout "over_voltage=2"
# If this finally still fails, forget about this until this gets fixed
# Use a more conservative mode that will works fine in any cases:
# Conservative (unofficial mode)
#arm_freq=850
#gpu_freq=325
#sdram_freq=425
# Official Raspbian Overclocking modes:
# None
#force_turbo=0
#arm_freq=700
#core_freq=250
#sdram_freq=400
#over_voltage=0
# Modest
#force_turbo=0
#arm_freq=800
#core_freq=300
#sdram_freq=400
#over_voltage=0
# Medium
arm_freq=900
core_freq=333
sdram_freq=450
over_voltage=2
# High
#arm_freq=950
#core_freq=450
#sdram_freq=450
#over_voltage=6
# Turbo
#arm_freq=1000
#core_freq=500
#sdram_freq=500
#over_voltage=6</span></span></pre>
<div>
<span style="color: #333333;"><span style="line-height: 19px;"><br /></span></span></div>
<br />
<br />
<br />
<span style="color: #990000; font-size: large;">FAQ & Issues:</span><br />
<div>
</div>
<br />
<b><span style="color: #990000;">- Resolution and fit to screen issues:</span></b><br />
<br />
<b>If you still have issues with resolution, i've seen in this post an interesting config.txt setting, adapt to your needs:</b><br />
<b><br /></b>
<a href="http://openelec.tv/forum/124-raspberry-pi/38818-raspberry-pi-feedback?limit=20&start=160#44907">http://openelec.tv/forum/124-raspberry-pi/38818-raspberry-pi-feedback?limit=20&start=160#44907</a><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"># Set stdv mode to PAL (as used in Europe)
sdtv_mode=2
# defines the aspect ratio for composite output (3 = 16:9)
sdtv_aspect=3
# Force the monitor to HDMI mode so that sound will be sent over HDMI cable
hdmi_drive=2
# Set monitor mode to DMT
hdmi_group=1
# Set monitor resolution to 1080p 50Hz
hdmi_mode=31
# Pretends HDMI hotplug signal is asserted so it appears a HDMI display is attached
hdmi_force_hotplug=1
# Make display smaller to stop text spilling off the screen
overscan_scale=1 # http://www.raspberrypi.org/phpBB3/viewtopic.php?f=67&t=15700
disable_overscan=1
overscan_left=57
overscan_right=59
overscan_top=37
overscan_bottom=37</span></span></pre>
<br />
<br />
<div>
<br />
<b><span style="color: #990000;">- Fail to play back ISO of DVD and DVD files:</span></b><br />
<b><span style="color: #990000;"><br /></span></b>
This depends on many factors (the way you created your iso files and so on), still playing back with success ISO of DVD including Menu and DVD files is not absolutely guarantee.<br />
<br class="Apple-interchange-newline" /></div>
<div>
You could think about converting into MKV files which will play perfectly!</div>
<div>
<br /></div>
<br />
<br />
<br />
<br />
<br />Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com145tag:blogger.com,1999:blog-4353161337668741389.post-462306786312085732012-09-15T15:03:00.000+02:002012-09-15T16:55:23.249+02:00My Raspberry's nights ! Shopping List and first impression :-)<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPaiRdN6ABTTmcSXs42Dycub5UCcV6bMWhb3rqHSIQ5XsFqSCuJYE61NaiYC9RcZaQSRLGmOwremaPVxREyvs3mxO3SEhyC9A11ErnAmYC6OpVUnmXTtbh84dRS-hKCi5VSfqhPpZP9UFn/s1600/Raspberry-Pi-logo.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="285" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPaiRdN6ABTTmcSXs42Dycub5UCcV6bMWhb3rqHSIQ5XsFqSCuJYE61NaiYC9RcZaQSRLGmOwremaPVxREyvs3mxO3SEhyC9A11ErnAmYC6OpVUnmXTtbh84dRS-hKCi5VSfqhPpZP9UFn/s320/Raspberry-Pi-logo.jpg" width="320" /></a></div>
<br />
This will be the first post (of numerous ^^) about my Raspberry Pi that i finally received a few days ago :-)<br />
<br />
Let's resume all the history !<br />
<br />
<h3>
<span style="color: #990000; font-size: large;">First thing, why ?</span></h3>
<br />
If you're new to that, the Raspberry Pi is a very nice and cheap ARM mini computer, delivered as it is (no cases, no cables, nothing but the essential the computer!) and created by the Raspberry foundation.<br />
<br />
So why and what to with it ? Well, simple question indeed, just because that's cheap, fun, because you can, because you're such a geek :-)<br />
<br />
But seriously, that's a computer and you will do with it whatever you can, whatever you'll be able to, there is a great community of active people working on Raspberry Pi, you can easily get a nice XBMC cheap Media Center, or anything you want, Webserver, Fileserver, and so on!<br />
<br />
<h3>
<span style="color: #990000; font-size: large;">Where to buy and what to buy ?</span></h3>
<br />
That will be the first questions you will to answer and if you are planing to get a Rasperry Pi, quite simple to answer.<br />
<br />
First, do not hesitate to take a look at the official Raspberry Pi website:<br />
<a href="http://www.raspberrypi.org/" target="_blank">http://www.raspberrypi.org/</a><br />
<br />
<b><span style="color: #990000; font-size: large;">3 places to buy a Raspberry Pi:</span></b><br />
<br />
<ul>
<li>RS Components (official dealer):</li>
</ul>
<a href="http://uk.rs-online.com/web/generalDisplay.html?id=raspberrypi&cm_mmc=UK-Short_url-_-Internal-Flyer-_-%20RaspberryPie-062012-_-Multimedia" target="_blank">http://uk.rs-online.com/web/generalDisplay.html?id=raspberrypi&cm_mmc=UK-Short_url-_-Internal-Flyer-_-%20RaspberryPie-062012-_-Multimedia</a><br />
<br />
<ul>
<li>Farnell Element14 (official dealer):</li>
</ul>
<a href="http://www.element14.com/community/groups/raspberry-pi">http://www.element14.com/community/groups/raspberry-pi</a><br />
<br />
<ul>
<li>Ebay, unofficial and will be more expensive</li>
</ul>
<div>
That's my opinion, but i recommend Farnell, they have a very small delivery wait and are very serious.</div>
<div>
I don't know why but Rs components have crazy delivery wait (at this post article writing date) even if they are also serious. (my first attempt to get one, finally canceled) </div>
<div>
<br /></div>
<h3>
<span style="color: #990000; font-size: large;">Now, what do you need more ?</span></h3>
<div>
<br /></div>
<div>
My first advice to avoid compatibility issue, check this site:</div>
<div>
<a href="http://elinux.org/RPi_VerifiedPeripherals">http://elinux.org/RPi_VerifiedPeripherals</a></div>
<div>
<br /></div>
<div>
You will get a lot of information for verified Hardware for your Raspberry Pi!</div>
<div>
<br /></div>
<div>
<b><span style="color: #990000; font-size: large;">1. Obligatory : Keyboard / Mouse</span></b></div>
<div>
<br /></div>
<div>
You may certainly buy almost anything, it should work with no issue.</div>
<div>
<br /></div>
<div>
Still you can search on the website above before one, but compatibility with any keyboard or mouse should not be a problem. (perhaps not with Bluetooth devices)</div>
<div>
<br /></div>
<div>
I have a Trust wireless Keyboard with Touchpad integrated, this works out the box :-) </div>
<div>
<br /></div>
<div>
<br /></div>
<br />
<b><span style="color: #990000; font-size: large;">2. Obligatory : Power supply</span></b><br />
<br />
The Raspberry Pi uses a micro USB Power supply which is not delivered with the computer, letting you the choice to recycle one you may have or to buy a new one.<br />
<br />
In any case, the only real recommendation is about output voltage, minimum should be 700ma and recommended 1A output voltage.I bought this one and works with no issues:<br />
<div>
<br /></div>
<br />
With less power, you may encounter many issues with your hardware!<br />
<br />
<b>I bought this one and it works with no issues:</b><br />
<a href="http://www.rueducommerce.fr/Accessoires-Consommables/showdetl.cfm?product_id=4869696&option=1">http://www.rueducommerce.fr/Accessoires-Consommables/showdetl.cfm?product_id=4869696&option=1</a><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhbbwgKWbBQL3RsZ0_LbqjqHD89sC6Nuv_n3Z7-USQapDchNq0i9djTOxNwSq384tFnVe8gza300bpMzaLAEJRkr_-AcC9HvAeB1SjQMxcmHObOURGwWWi9Dd0i4EjC7qYj1YoCisNO-wzE/s1600/640034.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhbbwgKWbBQL3RsZ0_LbqjqHD89sC6Nuv_n3Z7-USQapDchNq0i9djTOxNwSq384tFnVe8gza300bpMzaLAEJRkr_-AcC9HvAeB1SjQMxcmHObOURGwWWi9Dd0i4EjC7qYj1YoCisNO-wzE/s1600/640034.jpg" /></a></div>
<br />
<br />
Alternatively, you may also use a powered USB Hub to aliment your Raspberry Pi, this is not recommended and not guaranteed but may also work perfectly.<br />
I have one with a power supply of 2,5A and this also works with no issue.<br />
<br />
<b><span style="color: #990000; font-size: large;">3. Obligatory : Flash Memory</span></b><br />
<br />
Then, you need a Flash Memory card (SDcard), i advise you to buy a "Class 10" which will gives you much more performance and are now cheap enough.<br />
<br />
Again, check the verified hardware site about before buying it to avoid any problem.<br />
<br />
My choice was finally:<br />
<a href="http://ec.transcendusa.com/product/ItemDetail.asp?itemid=TS8GSDHC10">http://ec.transcendusa.com/product/ItemDetail.asp?itemid=TS8GSDHC10</a><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1pfJuxu09D9xfvuziV2RzImnbJJVOcbLyTWFbnXmv1jXrg3j990P0OGWVCj_28XcQBXUwhVSoKGOvHhbonXICmnVeg1hXBxKQcqaCiZM4Ky4c9hxieMGKYN8QUBlzUtuqG6ucWCkLf_gA/s1600/TS8GSDHC10_b0.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1pfJuxu09D9xfvuziV2RzImnbJJVOcbLyTWFbnXmv1jXrg3j990P0OGWVCj_28XcQBXUwhVSoKGOvHhbonXICmnVeg1hXBxKQcqaCiZM4Ky4c9hxieMGKYN8QUBlzUtuqG6ucWCkLf_gA/s1600/TS8GSDHC10_b0.jpg" /></a></div>
<br />
<br />
<b><span style="color: #990000; font-size: large;">4. Optional : HDMI cable</span></b><br />
<br />
Probably you will want to use an HDMI connection between your Raspberry Pi and your TV or Screen.<br />
<br />
Off course, you can also simply use the available DVI connection.<br />
<br />
When choosing your HDMI cable, just ensure to buy an 1.4 HDMI Cable, or you may have issue with sound though HDMI. (if you plan to use numerical sound)<br />
<br />
<br />
<b><span style="color: #990000; font-size: large;">5. Optional : Powered USB Hub (USB2)</span></b><br />
<br />
This is optional but you may quickly need it, just because a Raspberry has only 2 USB ports.<br />
<br />
Also, because the Raspberry does not deliver much power through USB, using a Powered USB Hub will be very practical.<br />
<br />
<b>IMPORTANT:</b> Don't buy an auto alimented USB Hub, you need one that comes with an external power supply!<br />
<br />
Again, you can check the verified hardware site above before buying one, i bought this one and don't have any issue:<br />
<br />
<a href="http://www.bluestork.eu/produits/hubs-et-card-readers/item/477-hub-4-ports-avec-alimentation?lang=fr">http://www.bluestork.eu/produits/hubs-et-card-readers/item/477-hub-4-ports-avec-alimentation?lang=fr</a><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiD1EN18T8hw4-Oop69zGYXLXP4OqCEiH0cHF1Oyn4FvYejO9gXOR1NDvRcavAKp6sV_kr_ZFujDNFzBqhYFWiTAE3MSWowCFg6wjrxzC5qzTmF9ymw8X4XMZN8mqF-ZzK0qTo2-M89C03U/s1600/m_bs-usb4mps-bd.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="215" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiD1EN18T8hw4-Oop69zGYXLXP4OqCEiH0cHF1Oyn4FvYejO9gXOR1NDvRcavAKp6sV_kr_ZFujDNFzBqhYFWiTAE3MSWowCFg6wjrxzC5qzTmF9ymw8X4XMZN8mqF-ZzK0qTo2-M89C03U/s320/m_bs-usb4mps-bd.jpg" width="320" /></a></div>
<br />
<br />
<b><span style="color: #990000; font-size: large;">6. Optional : A nice case for you Raspberry Pi !!!</span></b><br />
<br />
You may want to protect your small animal with a nice case, just because the Raspberry comes absolutely as it is, this may seems a to be a good idea :-)<br />
<br />
You'll find a lot of nice cases in the Internet, i would you recommend you to take a look at ebay and you will easily find one you'll enjoy.<br />
<br />
<b>My choice: </b><br />
<a href="http://cgi.ebay.fr/ws/eBayISAPI.dll?ViewItem&item=271038580240&var=570108183975&ssPageName=STRK:MEWNX:IT&_trksid=p3984.m1439.l2648#ht_1128wt_1189">http://cgi.ebay.fr/ws/eBayISAPI.dll?ViewItem&item=271038580240&var=570108183975&ssPageName=STRK:MEWNX:IT&_trksid=p3984.m1439.l2648#ht_1128wt_1189</a><br />
<br />
<br />
<b><span style="color: #990000; font-size: large;">7. Optional : A cheap MCE Remote control if you're planing to use it as an XBMC Media Center</span></b><br />
<br />
If you are planing to use your Raspberry Pi with XBMC, you will probably want to get a remote control.<br />
<br />
Off course you will be able to use your Keyboard or even Android / IOS application to control XBMC but in my experience nothing is more reliable than a simple remote control :-)<br />
<br />
You will find thousand of on Ebay or anywhere else, just keep in mind that your life will be easier if you choose a standard MCE Remote (RC6) known to work out the box in XBMC with Linux.<br />
<br />
<b>My choice:</b><br />
<a href="http://cgi.ebay.fr/Mando-HTPC-Media-Center-MCE-Multimedia-Philips-RC197-Receptor-Remote-Control-/271056452988?pt=LH_DefaultDomain_186&hash=item3f1c393d7c#ht_2183wt_1434">http://cgi.ebay.fr/Mando-HTPC-Media-Center-MCE-Multimedia-Philips-RC197-Receptor-Remote-Control-/271056452988?pt=LH_DefaultDomain_186&hash=item3f1c393d7c#ht_2183wt_1434</a><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDXql3ZuRIFlbHGuHkN7MALLiPw7KPitpV-TIvhO9x0LFYHeKu2_zviE5R_B3_Nfy8d7uEeYzRAJAcJosSFCQZCd8DfAnA2Cmre8F2vElpZRk5y591qLeoIPpSRroy4mTz4TeBmb_GP59s/s1600/RC197.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDXql3ZuRIFlbHGuHkN7MALLiPw7KPitpV-TIvhO9x0LFYHeKu2_zviE5R_B3_Nfy8d7uEeYzRAJAcJosSFCQZCd8DfAnA2Cmre8F2vElpZRk5y591qLeoIPpSRroy4mTz4TeBmb_GP59s/s320/RC197.jpg" width="320" /></a></div>
<br />
<br />
Ok, done for the shopping list :-)<br />
<br />
I received my Raspberry Pi a few days ago, let's see some picture of the animal !<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkFSaR95Hb0OzBYAV1jFcPYyFWYFHYHxXcfVSSiIIrwx7XCPIq1H1pKQ3oNAbnWNBHpeqzrp7i8pht_6D1d8XVcHc5DMPSwvroa2Bwnv2wcRdVjeSDbp3eAlRqh0P04EO5u6z3BddZh_Fq/s1600/photo+1.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkFSaR95Hb0OzBYAV1jFcPYyFWYFHYHxXcfVSSiIIrwx7XCPIq1H1pKQ3oNAbnWNBHpeqzrp7i8pht_6D1d8XVcHc5DMPSwvroa2Bwnv2wcRdVjeSDbp3eAlRqh0P04EO5u6z3BddZh_Fq/s400/photo+1.JPG" width="300" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuMiN33NgAYQSa7M9sysi9hdztNGtNRNW7MMotjn6yl3JpRmBrpGz4_g0UqFXG_8iO99wRuhLbtPz-TqiZt0r86Vld7_YZcOHzpxUxvsCoGM-fsnhDo00V9EubzPkGIMZRs-6OvjzS17jD/s1600/photo+2.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuMiN33NgAYQSa7M9sysi9hdztNGtNRNW7MMotjn6yl3JpRmBrpGz4_g0UqFXG_8iO99wRuhLbtPz-TqiZt0r86Vld7_YZcOHzpxUxvsCoGM-fsnhDo00V9EubzPkGIMZRs-6OvjzS17jD/s400/photo+2.JPG" width="300" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiRi3SYL2_c4GATR7Z6j0pnQt9nOvjX8DPcsF4dJKN4EWUTWy7gOSE0srGGKDCXkvhWzvog7VGWdDUCpOc3Kyvv1Boh95NYOb5VPpiVaepWQurWkZK0ReGCU2s8Z6iyjR1ug7NG6ZN_MHg/s1600/photo+4.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiRi3SYL2_c4GATR7Z6j0pnQt9nOvjX8DPcsF4dJKN4EWUTWy7gOSE0srGGKDCXkvhWzvog7VGWdDUCpOc3Kyvv1Boh95NYOb5VPpiVaepWQurWkZK0ReGCU2s8Z6iyjR1ug7NG6ZN_MHg/s400/photo+4.JPG" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEik65REAakQxkQ1jJFUCrGFRLHfL4I24uirbzVnz9zcLwqyUHuEecsy5EqzGHjprd43v2ehbSIJzyPTdMTQMJ0LxiXexG6kp_HaR_Ax7hZmz2sdFuJaVt8NSE2lzC8ZxuMfMNAPv3FdZ-JL/s1600/photo+3.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEik65REAakQxkQ1jJFUCrGFRLHfL4I24uirbzVnz9zcLwqyUHuEecsy5EqzGHjprd43v2ehbSIJzyPTdMTQMJ0LxiXexG6kp_HaR_Ax7hZmz2sdFuJaVt8NSE2lzC8ZxuMfMNAPv3FdZ-JL/s400/photo+3.JPG" width="300" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiG_X8EqheGuTg399sgvZGUCdX8PGbEaKqNydVufv0CdC_unI9lffFO-CKCKOGzm4aEM16qUfeE_Ts7nAbZdn9tOaG1tTOFbKTI7zzwEuK6IFtyNd4oL8PHxavrYFDPKElSn4fgz3Tqg0Ek/s1600/photo+5.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiG_X8EqheGuTg399sgvZGUCdX8PGbEaKqNydVufv0CdC_unI9lffFO-CKCKOGzm4aEM16qUfeE_Ts7nAbZdn9tOaG1tTOFbKTI7zzwEuK6IFtyNd4oL8PHxavrYFDPKElSn4fgz3Tqg0Ek/s400/photo+5.JPG" width="300" /></a></div>
<br />
<br />
<br />
<br />
Ok, let's work now !<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com3tag:blogger.com,1999:blog-4353161337668741389.post-83829347341345040522012-09-09T15:48:00.000+02:002012-09-19T12:01:26.449+02:00Howto : XBMC share and sync your Media library between multiple XBMC instances using Samba/NFS and Mysql <div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiujS9RvkeBovoqtQ8BYomstT_LvC-rvZu6uS57X7zPNuI_Ivn20PIY8tQ6DnlRqmShbV8AOTfy2LkYZGewoA8RLNbGCC1uBPQtUZhlNGkg1UvkfwUdWxz59pqQjanb1pepGzR-ZXViTkFT/s1600/trio.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiujS9RvkeBovoqtQ8BYomstT_LvC-rvZu6uS57X7zPNuI_Ivn20PIY8tQ6DnlRqmShbV8AOTfy2LkYZGewoA8RLNbGCC1uBPQtUZhlNGkg1UvkfwUdWxz59pqQjanb1pepGzR-ZXViTkFT/s1600/trio.png" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<i><b>Last update:</b></i><br />
<i><b>09/19/2012: FAQ - deleting databases if required </b></i><br />
<br />
<br />
If you have multiple XBMC installations (or if you're planing to), you should be interested in sharing and syncing your Media Library between your installations.<br />
<br />
When you have multiple XBMC running in your Network, and one central storage, this will really really simplify your life ^^<br />
<br />
<b>Advantages:</b><br />
<br />
<ul>
<li>Share watched and unwatched status for your media on all devices</li>
<li>Stop watching a movie or TV show in one room then finish watching it in another room automatically</li>
<li>Only one library to maintain for all devices</li>
<li>Consolidate thumbnails and fanart to save hard drive space (only with XBMC Frodo v12) </li>
</ul>
<br />
<b>Main source:</b><br />
<a href="http://wiki.xbmc.org/index.php?title=HOW-TO:Sync_multiple_libraries/Share_your_files" target="_blank">http://wiki.xbmc.org/index.php?title=HOW-TO:Sync_multiple_libraries/Share_your_files</a><br />
<br />
You'll find in this Wiki page all required information to achieve this, but i wanted to share my own experience to help you implementing this great feature!<br />
<br />
I recommend you to use XBMC Frodo v12, even if not yet stable this version will work better in this configuration as it is able to deal itself with shared Library data like thumbnails and fanart.<br />
<br />
With XBMC Eden (v11) sharing the Library works too but you have to synchronize yourself Thumbnails Datas.<br />
<br />
Let's start ^^<br />
<br />
<br />
<h4>
1. Share your files</h4>
<b><br /></b>
<b><br /></b>
<b>First consider your sharing protocol:</b><br />
<b><br /></b>
You may use 2 major file sharing protocols to share your Media Library, SMB protocol which is the most implemented (used by Windows, implemented in Linux through Samba) or NFS. (Network File System, more known in Unix World)<br />
<br />
Choosing is simple, if you have or plan to have Windows XBMC clients, use SMB with Samba.<br />
If you only have Linux Based XBMC, you should use NFS because of betters speed performances.<br />
<br />
<i>Note: NFS will also be supported in XBMC under Windows, but you could lack performances</i><br />
<b><i><br /></i></b>
<b><i><span style="color: #990000;"><br /></span></i></b><br />
<b><i><span style="color: #990000;">To share your file with SMB using Samba:</span></i></b><br />
<br />
<br />
If it's not already installed, you have to get samba up and running to share your Multimedia files between your XBMC instances:<br />
<br />
<i>On Ubuntu based systems:</i><br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; color: #333333; font-size: 13px; line-height: 18px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="line-height: 19px;">$ sudo apt-get install samba</span></pre>
<br />
<br />
<b><i>Share your files:</i></b><br />
<br />
<i>Setup simple shares for your media library, edit "/etc/samba/smb.conf" and add your share, example:</i><br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">[MY_SHARE]
path = /media/MY_VOLUME
available = yes
browsable = yes
public = yes
writable = yes</span></span><span style="color: #333333; font-size: 13px; line-height: 19px;">
</span></pre>
<div>
<br /></div>
<br />
<i>Restart samba:</i><br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; color: #333333; font-size: 13px; line-height: 18px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="line-height: 19px;">$ sudo service samba restart</span></pre>
<br />
<br />
<br />
<b><i><span style="color: #990000;">To share your file with SMB using NFS:</span></i></b><br />
<div>
<b><i><br /></i></b></div>
<div>
<br /></div>
<i>On Ubuntu based systems, install NFS Server components:</i><br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; color: #333333; font-size: 13px; line-height: 18px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="line-height: 19px;">$ sudo apt-get install nfs-kernel-server</span></pre>
<br />
<br />
<i>Edit "/etc/exports" and configure your shared directory, example (adapt MY_VOLUME and your Local Network IP):</i><br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">/media/MY_VOLUME xxx.xxx.xxx.xxx/255.255.0.0(rw,all_squash,insecure,no_subtree_check,async)</span></span><span style="color: #333333; font-size: 13px; line-height: 19px;">
</span></pre>
<div>
<span style="line-height: 19px;"><br /></span></div>
<br />
<i>Note</i>: "async" option is not recommended for secured write operations, but an XBMC client should not expected to have write operations), this option may enhance NFS performances)<br />
You can also choose "sync".<br />
<br />
<i>Restart NFS Server:</i>
<br />
<h4>
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; font-weight: normal; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">sudo /etc/init.d/nfs-kernel-server restart</span></span></pre>
<div style="font-weight: normal;">
</div>
</h4>
<div>
<br /></div>
<h4>
2. Install and setup Mysql for your Database</h4>
<br />
Extracted from main XBMC Wiki page, follow these instructions:<br />
<br />
<i><b>Install Mysql:</b></i><br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo apt-get install mysql</span></span></pre>
<br />
<br />
- Create a main admin password when asked<br />
<br />
- After installation has complete, edit "/etc/mysql/my.cnf" and do changes as follows:<br />
<br />
Look for the line "bind-address" and change "127.0.01" with your host IP address.<br />
You can also simply comment this line to allow access from anywhere.<br />
<br />
<br />
<i><b>Restart Mysql:</b></i><br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo service mysql restart</span></span></pre>
<br />
<br />
<br />
<i><b>Login to Mysql using client (adapt password):</b></i><br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="background-color: transparent; line-height: 19px;"><span style="color: #333333;">$ mysql -u root -p</span></span></pre>
<br />
<br />
<b><i>Create the XBMC user, set password and rights, enter commands as follows:</i></b><br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">CREATE USER 'xbmc' IDENTIFIED BY 'xbmc';
GRANT ALL ON *.* TO 'xbmc';</span></span></pre>
<br />
<br />
<b><i>Exit mysql client. (exit)</i></b><br />
<br />
<br />
<h4>
3. Set up XBMC</h4>
<br />
At this point, if you already have set your Media Library inside your main XBMC installation, you have 2 possibilities:<br />
<br />
<ul>
<li>Converting your existing Media Library</li>
<li>Re-creating your Media Library from scratch</li>
</ul>
<br />
To be honest, even if you have a big Media Library, converting it will be enough complicated for not so much benefits.<br />
<br />
This is my opinion, but i would recommend to completely re-create your Library from scratch, this is much easier than converting it, moreover that you won't loose your existing thumbnails and fanart.<br />
<br />
<b><i>If you want to convert it, follow instructions at:</i></b><br />
<a href="http://wiki.xbmc.org/index.php?title=HOW-TO:Sync_multiple_libraries/Setting_up_XBMC" target="_blank">http://wiki.xbmc.org/index.php?title=HOW-TO:Sync_multiple_libraries/Setting_up_XBMC</a><br />
<br />
<b><i>If you want to re-create it from scratch (my advice), do:</i></b><br />
<br />
- In XBMC, Go to Video and delete each source you have previously set, say Yes when XBMC asks if you want to purge these media from your Library<br />
<br />
- Go to Parameters > Video and Clean your Library<br />
<br />
- Configure your mysql settings by editing your advancedsettings.xml (~/.xbmc/userdata/advancedsettings.xml) and adding:<br />
<br />
<b><i>Adapt "xxx.xxx.xxx.xxx" with your main IP Address:</i></b><br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"> <videodatabase>
<type>mysql</type>
<host>xxx.xxx.xxx.xxx</host>
<port>3306</port>
<user>xbmc</user>
<pass>xbmc</pass>
</videodatabase>
<musicdatabase>
<type>mysql</type>
<host>xxx.xxx.xxx.xxx</host>
<port>3306</port>
<user>xbmc</user>
<pass>xbmc</pass>
</musicdatabase>
</span></span></pre>
<div>
<span style="color: #333333;"><span style="line-height: 19px;"><br /></span></span></div>
<br />
- Restart XBMC<br />
<br />
- Go in Video and re-set your Media Sources using <b><u>Samba/NFS shares instead of Local paths</u></b><br />
<br />
This is very important, right now any source you want to add in your Media Library must be done using Samba shares, files paths must use UNC patchs to be able to be shared.<br />
<br />
<b><i>Here's some screenshots to explain:</i></b><br />
<br />
When you will add your source, ensure your choose a SMB or NFS Share:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVfpCGLsq7_M_TtSWZL8LQVZeCm47-5scfL29jRSGopqjjBEhM3KafnToMsA5WJ9uwEL91qs6ei-Xq-b_U8oVRjO5dELiuoZ-d95TroeofbjHgnzhi1YYmlLjTlByyrpshvjerYjMJrl44/s1600/screenshot002.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVfpCGLsq7_M_TtSWZL8LQVZeCm47-5scfL29jRSGopqjjBEhM3KafnToMsA5WJ9uwEL91qs6ei-Xq-b_U8oVRjO5dELiuoZ-d95TroeofbjHgnzhi1YYmlLjTlByyrpshvjerYjMJrl44/s640/screenshot002.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgs8bKBXW6tw63fw27Q62i_UX-4Qmr2G6VSCnh_xdPkKF8ceuvZF7kUoZVEWS4F-I9atpBVm7PgnPvuc42F5obmZp4fx3ysQvvHViMbE9_HUVBqF1mj_lzNscAsuDmEngzzbtgkpt-ZcPZH/s1600/screenshot003.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgs8bKBXW6tw63fw27Q62i_UX-4Qmr2G6VSCnh_xdPkKF8ceuvZF7kUoZVEWS4F-I9atpBVm7PgnPvuc42F5obmZp4fx3ysQvvHViMbE9_HUVBqF1mj_lzNscAsuDmEngzzbtgkpt-ZcPZH/s640/screenshot003.png" width="640" /></a></div>
<br />
<br />
And navigate until your Media Share, and finally set the scrapper as always.<br />
<br />
Any media found will automatically be added to the Mysql Database.<br />
<br />
<br />
<h4>
4- Setup other XBMC instances (clients)</h4>
<br />
- Stop XBMC<br />
<br />
<b>First thing to do with any XBMC client instance: Setup advancedsettings.xml</b><br />
<br />
- Edit each of your client advancedsettings.xml and ensure your add the mysql section (adapt your IP Adress), this is exactly the same code than for the main instance:<br />
<br />
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;"> <videodatabase>
<type>mysql</type>
<host>xxx.xxx.xxx.xxx</host>
<port>3306</port>
<user>xbmc</user>
<pass>xbmc</pass>
</videodatabase>
<musicdatabase>
<type>mysql</type>
<host>xxx.xxx.xxx.xxx</host>
<port>3306</port>
<user>xbmc</user>
<pass>xbmc</pass>
</musicdatabase></span></span></pre>
<br />
<br />
- Restart XBMC (on clients)<br />
<br />
<br />
<b>Then setup your sources on clients:</b><br />
<br />
For any other XBMC instances, just copy your main XBMC instance sources.xm file to your clients.<br />
<br />
This is very important as all of your XBMC instances have to use the same source settings, using SMB shares.<br />
<br />
To achieve this, nothing more simple :-)<br />
<br />
"sources.xml" is located in "~/.xbmc/userdata/sources.xml"<br />
<br />
If you have playlists and favorites, you can also just copy them from your main XBMC instance to client instances:<br />
<br />
<br />
<ul>
<li>Playlists are located in "~/.xbmc/userdata/playlists"</li>
<li>favourites.xml in "~/.xbmc/userdata/favourites.xml"</li>
</ul>
<br />
<br />
<b><i>Final before launching your XBMC client:</i></b><br />
<br />
About fanarts and other datas:<br />
<br />
- If your clients are running XBMC Frodo (v12), then you don't have nothing to do.<br />
XBMC will take care itself with fanart and other data.<br />
Any future added Media will also be available in clients, including Thumbnails and fanart.<br />
<br />
- If you have clients with XBMC Eden (v11), you have to copy the Thumbnails directory from your main XBMC instance: ~/<span style="background-color: #f9f9f9; font-family: monospace, 'Courier New'; font-size: 13px; line-height: 19px;">.xbmc/userdata/Thumbnails/</span><br />
<br />
For future media add, it will be available on both main XBMC and clients, but you won't get Thumbnails and fanart in clients.<br />
<br />
For this to work, you will have to set scrappers in clients too (as in main XBMC instance) and scan for new medias each time you added some. (or enable scan at launch time)<br />
<br />
<br />
<br />
<br />
<br />
And finally start XBMC.<br />
<br />
Magical you'll get your full Media Library centralized and always synced :-)<br />
<br />
Off course you main XBMC instance acts as the main server, clients won't be able to access to Media Library if the server is down...<br />
<br />
<br />
<br />
<h4>
FAQ</h4>
<br class="Apple-interchange-newline" /><br />
<b>- How to re-initialize my database in case of trouble:</b><br />
<br />
In case of trouble you may have to totally re-reinitialize your database. (if you're running thousands of hard tests ^^^).<br />
<br />
To do so, simply delete all XBMC databases and re-create from scratch:^<br />
<i><br /></i>
<i>Note: don't worry you won't loose nothing</i><br />
<br />
<br />
<i><b>Login to Mysql using client (adapt password):</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="background-color: transparent; line-height: 19px;"><span style="color: #333333;">$ mysql -u root -p</span></span></pre>
<br />
<br />
<br />
<i><b>List XBMC Databases:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="background-color: transparent; line-height: 19px;"><span style="color: #333333;">mysql > show databases;</span></span></pre>
<br />
<br />
<br />
<i><b>Then for each database, delete it, example:</b></i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="background-color: transparent; line-height: 19px;"><span style="color: #333333;">mysql > drop database xbmc_video;</span></span></pre>
<br />
<br />
And restart from importing your Media ^^<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com26tag:blogger.com,1999:blog-4353161337668741389.post-88009701186747323772012-09-09T01:13:00.001+02:002012-09-09T21:29:35.740+02:00Howto : Linux - Setup a simple and powerful DNLA server (UPnP protocol) in 5 minutes with minidlna<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDIz7f8zaGVFkuwoGM_LADudYbgY3lk9fQ1pqDdHtfURV9j3laktKRwBIbw4w3UrawkzEWjGadjSfWj_xCGeocWkywmhawiICSS0Gzv-xP-SKlAId6bNc883hhyphenhyphenocF2Rw6SVUeAQquwCYb/s1600/DLNA_logo_color.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="112" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDIz7f8zaGVFkuwoGM_LADudYbgY3lk9fQ1pqDdHtfURV9j3laktKRwBIbw4w3UrawkzEWjGadjSfWj_xCGeocWkywmhawiICSS0Gzv-xP-SKlAId6bNc883hhyphenhyphenocF2Rw6SVUeAQquwCYb/s320/DLNA_logo_color.gif" width="320" /></a></div>
<br />
<b>The Goal:</b><br />
<br />
With "minidlna" you will create within a few minutes a real simple but powerful DLNA Server.<br />
<br />
UPnP is a protocol (and DLNA a certification based on this protocol) being more and more used by many manufacturers, it allow you to share your multimedia files between all your DLNA compliant devices.<br />
<br />
As a simple example, you have a computer acting as your DLNA server and sharing multimedia files through your network to your Home Cinema.<br />
<br />
Minidlna is the perfect DNLA server, simple, light and powerful.<br />
<br />
Let's begin!<br />
<br />
<br />
<br />
<h4>
1 - Install minidna</h4>
<br />
On Ubuntu based systems, just do:<br />
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; color: #333333; font-size: 13px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="line-height: 19px;">$ sudo apt-get install minidlna</span></pre>
<br />
<br />
<h4>
2 - Configure minidlna</h4>
<br />
Edit main minidlna configuration file "/etc/minidlna.conf" and do same changes as follows:<br />
<br />
- Change port to "49200"<br />
<br />
- Add your media sources, you can add as many sources as you want like this:<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">media_dir=V,<MY VIDEO SOURCE 1>
media_dir=V,<MY VIDEO SOURCE 2>
media_dir=A,<MY MUSIC SOURCE></span></span></pre>
<br />
- uncomment "friendly_name" (delete "#") and set it to the value you want, it will be the displayed name of your DLNA server<br />
<br />
- uncomment "log_dir" (delete #) to ensure main log will be available in /var/log<br />
<br />
You case also manually setup the location of the database file. (called files.db)<br />
<h4>
3 - Start minidlna and begin the scan of your library</h4>
<br />
Minidlna has been started automatically when installed, but we want it to take in charge our modifications and begin to scan our sources.<br />
<br />
<i>First, stop minidlna:</i><br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo /etc/init.d/minidlna stop</span></span></pre>
<br />
<i>Delete existing database:</i><br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo rm </span></span><span style="background-color: transparent; line-height: 19px;"><span style="color: #333333;">/var/lib/minidlna/files.db</span></span></pre>
<br />
<i>Start minidlna:</i><br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ sudo /etc/init.d/minidlna start</span></span></pre>
<br />
<i>And finally take a look at the log files to see what is doing minidlna process:</i><br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ tail -20f /var/log/minidlna.log</span></span></pre>
<br />
Depending on number of files in your sources, minidlna will need a few time to scan, you should see a message like this:<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">[2012/09/08 17:08:25] scanner.c:719: warn: Scanning /media/FREECOM-HDD/Multimedia/Films_HD-DVD
[2012/09/08 17:08:57] scanner.c:790: warn: Scanning /media/FREECOM-HDD/Multimedia/Films_HD-DVD finished (232 files)!
</span></span></pre>
<div>
<span style="color: #333333;"><span style="line-height: 19px;"><br /></span></span></div>
<div>
<span style="color: #333333;"><span style="line-height: 19px;"><br /></span></span></div>
<h4>
<span style="color: #990000; font-size: large; line-height: 19px;">4 - Access to your DLNA device and navigate to your DLNA Server</span></h4>
<div>
<span style="color: #333333;"><span style="line-height: 19px;"><br /></span></span>
<span style="color: #333333;"><span style="line-height: 19px;"><br /></span></span></div>
<div>
<span style="color: #333333;"><span style="line-height: 19px;">Depending on your device, go the your menu and navigate into your DLNA server.</span></span></div>
<div>
<span style="color: #333333;"><span style="line-height: 19px;"><br /></span></span></div>
<div>
<span style="color: #333333;"><span style="line-height: 19px;">Here is one example screenshot using my LG Home Cinema:</span></span></div>
<div>
<span style="color: #333333;"><span style="line-height: 19px;"><br /></span></span></div>
<div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhyKOvDWt0J5uvFa8IxXFpjyvW2A_NJq61ZIJJda6evDVHqhq6J5JjN-jT8eiVHaSF5IiQCEHTgthDFAc9-sKlPiBk0w9pAaCVBn2L6eMpGF13Er6Moz6-30J3YY6CKwy9Cb2MebrpwiFRA/s1600/photo+1.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="480" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhyKOvDWt0J5uvFa8IxXFpjyvW2A_NJq61ZIJJda6evDVHqhq6J5JjN-jT8eiVHaSF5IiQCEHTgthDFAc9-sKlPiBk0w9pAaCVBn2L6eMpGF13Er6Moz6-30J3YY6CKwy9Cb2MebrpwiFRA/s640/photo+1.JPG" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUM2E433QkTOeO7r-uzqwxrW3weLXZpCf4mYwH79SBwaX_1m1W8863vL3FOhCnlskWlMiKZBJEv-VNnKSMfUIuTGPsSS6o92dLrNmKbKEXxKeeGSPd9GcrzFwtca8fkEgSJB3PKpUbGcaB/s1600/photo+3.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="480" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUM2E433QkTOeO7r-uzqwxrW3weLXZpCf4mYwH79SBwaX_1m1W8863vL3FOhCnlskWlMiKZBJEv-VNnKSMfUIuTGPsSS6o92dLrNmKbKEXxKeeGSPd9GcrzFwtca8fkEgSJB3PKpUbGcaB/s640/photo+3.JPG" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoUIKmGT_4qXNK75ANqSICE_RghA2rycX78HMXz4Ru7DFM5Mocdp4bez-kqi9a-5T1f0-M8_mcoh6arcX7kQDk3OC7BD7yJ7xxCD_avRkxwC1v0525-SCDJLbNOn2wOhBMoolFQ1otdiLc/s1600/photo+4.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="480" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoUIKmGT_4qXNK75ANqSICE_RghA2rycX78HMXz4Ru7DFM5Mocdp4bez-kqi9a-5T1f0-M8_mcoh6arcX7kQDk3OC7BD7yJ7xxCD_avRkxwC1v0525-SCDJLbNOn2wOhBMoolFQ1otdiLc/s640/photo+4.JPG" width="640" /></a></div>
<span style="color: #333333;"><span style="line-height: 19px;"><br /></span></span></div>
<br />
And this works very well, i can play a big big mkv in 1024p (around 45 GB size, native Blu-ray) using local Network (my LG Home Cinema has a 100 Mbps local network connection) with absolutely no issues!<br />
<br />
Real great!<br />
<br />
Keep in mind that this may also depends on your DLNA device capacity...<br />
<br />
<b>Finally, with minidlna note a few last more things:</b><br />
<br />
1. In case of trouble, do not hesitate to delete the database file (see steps above) and restart minidlna, it will automatically recreate the database<br />
<br />
2. minidlna sometimes does not like specific characters, you should avoid this in your folder names<br />
<br />
3. Some file format may not be playable, it depends on your DLNA device and minidlna.<br />
In my experience, prefer a mkv file, almost all recent devices will support mkv<br />
<br />
4. Any added media file will be automatically available in minidlna<br />
<br />
<br />
<br />
<br />Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com2tag:blogger.com,1999:blog-4353161337668741389.post-58018002539743559032012-09-08T22:48:00.002+02:002012-09-09T21:31:31.198+02:00News: XBMC on Android, upcoming!<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiHfMSNzlmJyFf2-4kDmpfdPD309dZoFGLpVsU0ZMGLLMZbtJ9s6urCwD19b4kt9SFgpDrftrvEGSGqYrV5xQ5WFNzgE2D5cdNxzazOXrwmRfHN7epV-Q02x106SiRn3oSWnTg2XpNs7suk/s1600/xbmc-android.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="195" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiHfMSNzlmJyFf2-4kDmpfdPD309dZoFGLpVsU0ZMGLLMZbtJ9s6urCwD19b4kt9SFgpDrftrvEGSGqYrV5xQ5WFNzgE2D5cdNxzazOXrwmRfHN7epV-Q02x106SiRn3oSWnTg2XpNs7suk/s640/xbmc-android.jpg" width="640" /></a></div>
<br />
<br />
<h4>
XBMC on Android has finally arrived, not yet fully mature but still it is here !</h4>
<br />
If you already know XBMC Media Center (and for sure you love it ^^) you also already know that information (if you don't know XBMC yet, no problem you'll be lucky to discover it!)<br />
<br />
But the Android apk is not yet official, and so it's not yet available trough Google play.<br />
<br />
My recommendation! Go to:<br />
<a href="http://forum.xda-developers.com/showthread.php?p=29737360" target="_blank">http://forum.xda-developers.com/showthread.php?p=29737360</a><br />
<br />
<b>Download last apk night build and install, please note a few things:</b><br />
<br />
- XBMC for Android is really young and not yet fully functional<br />
<br />
- As far as i know Hardware acceleration is for now only available on XIOS DS (which is the hardware XBMC developers used for XBMC Android, only available in the US and seems to be really hard to find)<br />
<br />
So, for any other hardware, Playback will be done using CPU and software, playing HD videos may not possible if your CPU can't do it...<br />
<br />
- Sound level has to be set before your launch XBMC, sound level is different between Android and XBMC<br />
<br />
The only Android device i have right now is a XOOM 3g (first generation) and XBMC runs with more or less success...<br />
<br />
But this is very promising and a real great job, i'm pretty sure there won't be too much time to wait before getting greats Android devices (like MK802 and others) and XBMC solutions :-)<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com1tag:blogger.com,1999:blog-4353161337668741389.post-30698473019940416412012-09-08T16:44:00.002+02:002012-09-09T21:35:11.596+02:00Linux TIP : Run an application in a different Language<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgc6TpGU5unpdwocCRN4S1E6E8ShJqN7LV1TUVOSQkYABO5oDqTG2g01CtH6D4kwWOxx8YtHMB8H5EYZvBcjbeXAC1bu9uiB9laNYNQN0AvbBwOPdXXDqbgIbzO5zkbYStTCvSjGEndOBlm/s1600/02252632-photo-logo-onu.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="191" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgc6TpGU5unpdwocCRN4S1E6E8ShJqN7LV1TUVOSQkYABO5oDqTG2g01CtH6D4kwWOxx8YtHMB8H5EYZvBcjbeXAC1bu9uiB9laNYNQN0AvbBwOPdXXDqbgIbzO5zkbYStTCvSjGEndOBlm/s200/02252632-photo-logo-onu.jpg" width="200" /></a></div>
<br />
Sometimes you may need to run an application in different languages, real easy to do with Linux, won't be permanent so you can get back to your initial language.<br />
<br />
<b>Here's how:</b><br />
<br />
1. First locate the language locale you want, let's say you want US English, use the command "locale -av" and locate the section you need:<br />
<br />
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; color: #333333; font-size: 13px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="line-height: 19px;"># locale -av</span></pre>
<br />
<br />
Output example:<br />
<br />
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">locale: en_US.utf8 archive: /usr/lib/locale/locale-archive
-------------------------------------------------------------------------------
title | English locale for the USA
source | Free Software Foundation, Inc.
address | 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
email | bug-glibc-locales@gnu.org
language | English
territory | USA
revision | 1.0
date | 2000-06-24
codeset | UTF-8</span></span><span style="color: #333333; font-size: 13px; line-height: 19px;">
</span></pre>
<div>
<span style="line-height: 19px;"><br /></span></div>
<div>
<span style="line-height: 19px;">2. Open a terminal, you will open your application within this terminal, that way all of your system won't affected but just the application you want</span></div>
<div>
<span style="line-height: 19px;"><br /></span></div>
<br />
3. Change your locale environnement var "LC_MESSAGES" to the locale value, in our example:<br />
<br />
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">$ export LC_MESSAGES=en_US.UTF-8</span></span><span style="color: #333333; font-size: 13px; line-height: 19px;">
</span></pre>
<div>
<span style="line-height: 19px;"><br /></span></div>
<br />
4. Open your application, language should be US<br />
<br />
5. To revert, nothing to do, just close your terminal an re-open the application<br />
<br />
<i>Note: For this to work on some application, you may have the install the language associated package.</i><br />
<i>If this does not work, you may lack a language package.</i><br />
<i><br /></i>
<i>You can also have to deal with "LANG" var, just test.</i><br />
<br />
<br />
<br />
<br />Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com3tag:blogger.com,1999:blog-4353161337668741389.post-63097165431123291222012-09-08T02:20:00.000+02:002012-09-09T21:34:06.314+02:00Howto Linux : Run Windows applications with Wine and PlayOnLinux (Internet Explorer, Itunes, Games and much more)<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjx_QkGICbK3i9uD8nr-TxZsOZHSeWJSFZq7Suis6EpEtaPOUr4AFyQ53W6UG8A19R0S6tT-DPa-yBWiA0r7-Ravt_MC4wDIsIUU7Ee0pOIbNcSaNHh3-14tezmKl2iBvATGzmBBqTjH4K9/s1600/wine_playonlinux.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjx_QkGICbK3i9uD8nr-TxZsOZHSeWJSFZq7Suis6EpEtaPOUr4AFyQ53W6UG8A19R0S6tT-DPa-yBWiA0r7-Ravt_MC4wDIsIUU7Ee0pOIbNcSaNHh3-14tezmKl2iBvATGzmBBqTjH4K9/s320/wine_playonlinux.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<b>The Goal:</b><br />
<br />
Today Linux has access to a very large amount of applications for any need, and hopefully more and more applications comes with a Linux version.<br />
<br />
But unfortunately this is not always the case and you may have to run Windows applications, there comes Wine to help us!<br />
<br />
Wine is a great and powerful solution that runs Windows softwares on Linux, with more or less success depending on the application complexity and support.<br />
<br />
Recently i discovered PlayOnLinux, a wonderfull solution to install and run various Windows applications using Wine, let's say this the better frontend for Wine !<br />
<br />
Let's begin ^^<br />
<br />
<h4>
First step: Install PlayOnLinux</h4>
<br />
Don't hesitate to take a look at great PlayOnLinux website:<br />
<a href="http://www.playonlinux.com/" target="_blank">http://www.playonlinux.com</a><br />
<br />
<br />
<b>For Ubuntu based distributions:</b><br />
<br />
PlayOnLinux is available in Ubuntu repositories, but i recommend to install the last version using their ppa, here's how:<br />
<br />
<b><i>Add the ppa and install PlayOnLinux and Wine:</i></b><br />
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #333333;"><span style="line-height: 19px;">wget -q "http://deb.playonlinux.com/public.gpg" -O- | sudo apt-key add -
sudo wget http://deb.playonlinux.com/playonlinux_precise.list -O /etc/apt/sources.list.d/playonlinux.list
sudo apt-get update
sudo apt-get install playonlinux wine </span></span><span style="background-color: transparent; line-height: 19px;"><span style="color: #333333;">wine1.4-i386 </span></span><span style="color: #333333; line-height: 19px;">-y</span></pre>
<br />
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<i>Wine and PlayOnLinux are off course available for others Linux systems, just follow your specific system instructions to install PlayOnLinux using their website.</i><br />
<br />
<h4>
Open PlayOnLinux for first launch</h4>
<br />
<i>First launch, a wizard automatically runs:</i><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjtpW6sTeHiQtWHuLl-Yl321p6fz8gfe9Qq0b2x5rTEQGUM7haDp9qP9DoARitzXms3DzJPPCFQKSMzxqJKovfbqvmD84KXtvGGStEpDdhZfVtm0aKL12TuAYx4HUf6DAI29cBnxJl-FHH/s1600/screen1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="322" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjtpW6sTeHiQtWHuLl-Yl321p6fz8gfe9Qq0b2x5rTEQGUM7haDp9qP9DoARitzXms3DzJPPCFQKSMzxqJKovfbqvmD84KXtvGGStEpDdhZfVtm0aKL12TuAYx4HUf6DAI29cBnxJl-FHH/s400/screen1.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<i>Follow instructions, requirements will be automatically downloaded and installed:</i><br />
<i><br /></i>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcba4DQb2JXbVI1N_TeF8S_2zQctgFVA2JA-AOU8Dzrnro39GhRih-E7TbA5PmK89ZycW8zeKcYvfQnrdqbEOybhNHNKqp9gDL-7GaWfq6zvqoWISLWEGVLIRy3aAMRS1zN6gai24OAxnL/s1600/screen2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="322" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcba4DQb2JXbVI1N_TeF8S_2zQctgFVA2JA-AOU8Dzrnro39GhRih-E7TbA5PmK89ZycW8zeKcYvfQnrdqbEOybhNHNKqp9gDL-7GaWfq6zvqoWISLWEGVLIRy3aAMRS1zN6gai24OAxnL/s400/screen2.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBkZ2lP9IKztP4Xni8mu6Hkw0a_GnhGpnDAD1E_MxgU65k9iNc49I2-mF2qfndY3uMiasN1nbargClPqX5Ilcr1n4IHjNAvqptvSz8h3oFr7GryPMlAH4yErsnOKBD4J2KemEqN2BUMyzr/s1600/screen3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="322" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBkZ2lP9IKztP4Xni8mu6Hkw0a_GnhGpnDAD1E_MxgU65k9iNc49I2-mF2qfndY3uMiasN1nbargClPqX5Ilcr1n4IHjNAvqptvSz8h3oFr7GryPMlAH4yErsnOKBD4J2KemEqN2BUMyzr/s400/screen3.png" width="400" /></a></div>
<br />
<br />
<h4>
Access to Application Repository</h4>
<br />
Click on "Install Program" to open the application Repository, first i recommend is to check the box "Testing" to get access to all applications:<br />
<br />
Note: You may choose "Refresh" to ensure you have last application repository<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEht9vKhiG_LjwpwXQbtacZmaQNCzFNJoxx4esg9tgT_rShDjVVSj9MkiaA5LO424iX31U4pQ5eaEkpUSu1dvDL6Eop7mhk6gDyWPHGt2B_Ki3XEoJVMCU1dFmMmzhH9KmHVmAZBN1w0syin/s1600/screen7.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="286" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEht9vKhiG_LjwpwXQbtacZmaQNCzFNJoxx4esg9tgT_rShDjVVSj9MkiaA5LO424iX31U4pQ5eaEkpUSu1dvDL6Eop7mhk6gDyWPHGt2B_Ki3XEoJVMCU1dFmMmzhH9KmHVmAZBN1w0syin/s400/screen7.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<br />
<h4>
Example : Install Internet Explorer 8 (listed program)</h4>
<div>
<br /></div>
<div>
Note: Internet Explorer will work for most of thing, but do not hope to get Directx working using Wine.</div>
<div>
As i far as i know and have tested for now, the only way to get Directx working on Linux is to install Windows into a Virtual Machine... (eg. using Virtual Box, Vmware...)</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8iHKuVnJE5hpEG8O8jwB0h6sH8cnTW2XAP_mGY7fFTQmXBfD2kb34ttFrZapUSSNMnzBlyUqVWgXKtcFBrYa_ANerBsvXDVNp9ZgSaJXVI0VPKZE1mst60apFyJjGLVUhRsyev3Lttmza/s1600/screen8.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="286" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8iHKuVnJE5hpEG8O8jwB0h6sH8cnTW2XAP_mGY7fFTQmXBfD2kb34ttFrZapUSSNMnzBlyUqVWgXKtcFBrYa_ANerBsvXDVNp9ZgSaJXVI0VPKZE1mst60apFyJjGLVUhRsyev3Lttmza/s400/screen8.png" width="400" /></a></div>
<br />
<br />
Just Select, Valid install and follow instructions, click to click ^^<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_fpYKRncOZGBMUzz8BtQf7i6m7cH-jy1kCs3YPcOTa_dgCZb_aAg4LbClQ5gjoLC7Hl5rlZcRao0Ze_W1aBSWSSJ8FxnU8CzIB-jBCwlOurp0A-Q77pe-0u0kHcsNnnJEnOwC0ZUOoAgS/s1600/screen9.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="322" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_fpYKRncOZGBMUzz8BtQf7i6m7cH-jy1kCs3YPcOTa_dgCZb_aAg4LbClQ5gjoLC7Hl5rlZcRao0Ze_W1aBSWSSJ8FxnU8CzIB-jBCwlOurp0A-Q77pe-0u0kHcsNnnJEnOwC0ZUOoAgS/s400/screen9.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkbIjf6-hXgpoWvAyUqzo1JkBAx0YqUsq2JXyGtyWBvWGUmOmN0vjx1UqYF5BgMzjhAAoOAW1iIMwVrJ7gIk2dLVk_SvWfed9-N0iAFXqmRNZkK7FFvhxeRFn1CRiVdYgBQdyvwcXVy_XW/s1600/screen10.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="322" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkbIjf6-hXgpoWvAyUqzo1JkBAx0YqUsq2JXyGtyWBvWGUmOmN0vjx1UqYF5BgMzjhAAoOAW1iIMwVrJ7gIk2dLVk_SvWfed9-N0iAFXqmRNZkK7FFvhxeRFn1CRiVdYgBQdyvwcXVy_XW/s400/screen10.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg8ZrF_c85ZIFC-ap4bHzccUxBhs7mvHbZ1GriBJZNYTvD1mZFysAMyErEsubvJDXHqHfOFEJOKESkRhJ3SaiBCBvSeDG60zt0SAqj90YXQUt-DfpmhYgtEk3qaXtnVg1Sd8SW_oLkqr667/s1600/screen12.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="295" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg8ZrF_c85ZIFC-ap4bHzccUxBhs7mvHbZ1GriBJZNYTvD1mZFysAMyErEsubvJDXHqHfOFEJOKESkRhJ3SaiBCBvSeDG60zt0SAqj90YXQUt-DfpmhYgtEk3qaXtnVg1Sd8SW_oLkqr667/s400/screen12.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<i>And finally you can run the Application through PlayOnLinux main screen or shortcut created:</i><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJHSixz7VQlxkFfn-P7BHRLNyr1In_qtIf4xlQxYTNIo6jmYoQe9UkfinOJ92it6ZjLAd91kv5ytS1ivJ2Sr9v4LfO5jPp0ISvsbhOEks7q2zPIdYbKhSaqU-4Ignbi97WV01A_4oyNgZn/s1600/screen13.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="330" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJHSixz7VQlxkFfn-P7BHRLNyr1In_qtIf4xlQxYTNIo6jmYoQe9UkfinOJ92it6ZjLAd91kv5ytS1ivJ2Sr9v4LfO5jPp0ISvsbhOEks7q2zPIdYbKhSaqU-4Ignbi97WV01A_4oyNgZn/s400/screen13.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHEN83CdwTydfPL1eygRk07wU_SstdSiDkiCpiuPWa3bRvrlNdcKXlJm9PlekeKePbY-q-zyH_AOvMedsCfrMcZ_qNciP6fLGqOAmw-5hjyogedIdnOgfI6d-UNfSMKkzYWpZhOumhky58/s1600/screen14.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="480" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHEN83CdwTydfPL1eygRk07wU_SstdSiDkiCpiuPWa3bRvrlNdcKXlJm9PlekeKePbY-q-zyH_AOvMedsCfrMcZ_qNciP6fLGqOAmw-5hjyogedIdnOgfI6d-UNfSMKkzYWpZhOumhky58/s640/screen14.png" width="640" /></a></div>
<br />
<br />
Workings out of the box!<br />
<br />
<span style="color: #990000; font-size: large;">Example : Itunes 10 on Linux</span><br />
<br />
Some screenshots of Itunes 10 running on Linux:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfgElUFW6lF6yNkjFu1s3AxsXgaiAEUX6WdVtzoU4uDHhXXVws44N8sLgcQneIK1cjtFx_ViieS9zdKIyeXlCzTZZE_QZZowEkPkU1dlYC6f1Cd82QuoAerhskDfJUhidnS1ZbdyuxGSL7/s1600/screen17.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="330" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfgElUFW6lF6yNkjFu1s3AxsXgaiAEUX6WdVtzoU4uDHhXXVws44N8sLgcQneIK1cjtFx_ViieS9zdKIyeXlCzTZZE_QZZowEkPkU1dlYC6f1Cd82QuoAerhskDfJUhidnS1ZbdyuxGSL7/s400/screen17.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAwK1Nq2yyKIcnyf23jLO5x8c-AmwJ98Nffql_JhdKGqF-l7TPXFdt40XWV8oqgSBi1BKOLDrgBgqeGjAi8mYJLlZBMR7XSRhjfwW0MWq0l8zHBoiHC-_VwQ44PuioKt7r1G9qXfdiIwQo/s1600/screen19.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="404" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAwK1Nq2yyKIcnyf23jLO5x8c-AmwJ98Nffql_JhdKGqF-l7TPXFdt40XWV8oqgSBi1BKOLDrgBgqeGjAi8mYJLlZBMR7XSRhjfwW0MWq0l8zHBoiHC-_VwQ44PuioKt7r1G9qXfdiIwQo/s640/screen19.png" width="640" /></a></div>
<br />
<br />
<br />
PlayOnLinux has many other possibilities, you can off course install a non listed program and much more, do not hesitate to read documentation on PlayOnLinux Website.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigI_e81alr0zS-MA9LYMxVOezj2QfBRqvmTdLtmXCScshj6AkYfPB1lbX05NJvtYwC3MyaWrXzbG9-prK-uFR0zshhtMs0-6saWIJ0dyilQB3M5dq-Y5vj6LuS8c0W9dHtDOVZrciqZYGo/s1600/screen15.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="322" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigI_e81alr0zS-MA9LYMxVOezj2QfBRqvmTdLtmXCScshj6AkYfPB1lbX05NJvtYwC3MyaWrXzbG9-prK-uFR0zshhtMs0-6saWIJ0dyilQB3M5dq-Y5vj6LuS8c0W9dHtDOVZrciqZYGo/s400/screen15.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhH3ZNkdc5DjUKZdX9iQPrmlaza7iBhuWht9PwEaWkGw6ocde7b3_Mlx1UNr-PfLDHqz2BhAZabcsntmUPOPH8eEBrF1bl8wrdQP45xEGJT2bWVWe92bO17NpcVLCHrAtHXzcNZ-75CW5n0/s1600/screen16.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="322" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhH3ZNkdc5DjUKZdX9iQPrmlaza7iBhuWht9PwEaWkGw6ocde7b3_Mlx1UNr-PfLDHqz2BhAZabcsntmUPOPH8eEBrF1bl8wrdQP45xEGJT2bWVWe92bO17NpcVLCHrAtHXzcNZ-75CW5n0/s400/screen16.png" width="400" /></a></div>
<br />
<br />
Wine and PlayOnLinux... I said great and Powerful no ? :-)<br />
<br />
<br />
<br />
<br />Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com3tag:blogger.com,1999:blog-4353161337668741389.post-63554236028173865072012-08-28T14:54:00.002+02:002012-09-08T12:38:29.596+02:00Howto: Truecrypt, Encryption on the fly - Easily Protect and Encrypt your private data with truecrypt <div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjs5B1SQavuzI8WIMYJNWU2prc_gYBSmcmDVS1bHduTYup1SLtgsG6Pz6J488sazflzHVdLrVIjy_QzqooWelBtV-IrZshnAIEFzMHFW4UNUGtpdA7d_SR0PDT6QssGgz4OYpd71RWuB8ob/s1600/logo.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="66" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjs5B1SQavuzI8WIMYJNWU2prc_gYBSmcmDVS1bHduTYup1SLtgsG6Pz6J488sazflzHVdLrVIjy_QzqooWelBtV-IrZshnAIEFzMHFW4UNUGtpdA7d_SR0PDT6QssGgz4OYpd71RWuB8ob/s640/logo.gif" width="640" /></a></div>
<br />
<b>The Goal:</b><br />
<br />
Real simple in fact, anyone should be interested in protecting its own private data, and this protection can only be achieved using encryption.<br />
<br />
But as for many things, protecting and encrypting your data often means complicating access and modifications of your files.<br />
<br />
This won't be the case with this great and opensource solution able to encrypt/decrypt on the fly.<br />
<br />
Truecrypt is definitively the best and the easiest solution i know to protect and encrypt your data, it's just working out the box ^^<br />
<br />
Finally, with the growing of cloud services, in my opinion using this kind of solution is definitively recommended...<br />
<br />
Imagine you want to save important and private data to an external USB key because you need it, with this solution you will in a few steps create a secured and encrypted key, and easily accessible. (on any system)<br />
<br />
Finally, choosing an opensource solution instead of other software is a guarantee of transparency and continuity.<br />
<br />
<b>What you need:</b><br />
<br />
Well, nothing...just a computer (any os, Windows, Linux, OSX...) and data to protect :-) <br />
And yes Truecrypt!<br />
<br />
<b>I will show 3 cases of uses:</b><br />
<br />
1. Create a secure and encrypted container (some kind of image file, stored in local or not)<br />
2. Create a secure and encrypted device (USB Key, Hard Drive partition...)<br />
3. Create a secure, encrypted <u><b>and hidden</b></u> container or device (Container file, USB Key, Hard Drive partition...)<br />
<br />
<b><i>Note:</i></b><br />
Step 3 will produce an hidden encrypted container or device, that means in a few words an invisible and undetectable encrypted volume inside the main volume.<br />
<br />
That way, someone that gains access to your main volume (you may have to reveal your password or someone cracked it) won't be able to access to your real private data.<br />
<br />
You would have 2 passwords sequences, one for the main volume (which is still encrypted) and one for the hidden device.<br />
<br />
<span style="color: #660000; font-size: large;">First, install Truecrypt</span><br />
<div>
<span style="color: #660000; font-size: large;"><br /></span></div>
<div>
No matters the system you're running on, Truecrypt is available for all OS, go to:<br />
<br />
<a href="http://www.truecrypt.org/downloads" target="_blank">http://www.truecrypt.org/downloads</a><br />
<br />
I won't cover the installation which is really easy (even for Linux ^^, no need for external software or dependencies)</div>
<div>
<br /></div>
<br />
Now that Truecrypt is installed, let's see some use examples of use!<br />
<br />
<br />
<span style="color: #660000; font-size: large;">Method 1: Create a secure and encrypted container</span><br />
<br />
This is one of the solution you can use with Truecrypt, if a few words, you will create a container (which is just a file, like an iso or dmg for Mac users) that will encrypted and protected.<br />
<br />
This container will mounted in your system like any external drive, any file you will store in it will be accessible and encrypted on the fly, so can add, remove or modify files without having to deal with anything related to encryption.<br />
<br />
<b>Open Truecrypt:</b><br />
<b><br /></b>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg5ZIG8wz_8lRSYJqCLBdEblEXYpbjn9YL_BErakbHKJmv43xz-XzYueLlIrZ13hTy48QfLaOYoP55jFAMOYfaHINo8Il05pTl0M_ApyDt4Ij1ajLYP1AtYoESaPpV9-tj3Pva5VZHpW0NP/s1600/screen1.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="358" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg5ZIG8wz_8lRSYJqCLBdEblEXYpbjn9YL_BErakbHKJmv43xz-XzYueLlIrZ13hTy48QfLaOYoP55jFAMOYfaHINo8Il05pTl0M_ApyDt4Ij1ajLYP1AtYoESaPpV9-tj3Pva5VZHpW0NP/s400/screen1.jpg" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<b>Click on "Create Volume" to open the Truecrypt wizard:</b><br />
<b><br /></b>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJmHGnQnvtOKbk09y8qnaFsCNmQzPBar6jEmGrmiDMgGM3iYJZs9aGDpskZPr4kJljIqrG6hymbVSjj3PqF7eiR8C8ss9Wu8ZRc9VNlX6pwbfX4IE1HAfHu2RmvLkSXznIIheHHIqdxc0o/s1600/screen2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJmHGnQnvtOKbk09y8qnaFsCNmQzPBar6jEmGrmiDMgGM3iYJZs9aGDpskZPr4kJljIqrG6hymbVSjj3PqF7eiR8C8ss9Wu8ZRc9VNlX6pwbfX4IE1HAfHu2RmvLkSXznIIheHHIqdxc0o/s640/screen2.jpg" width="640" /></a></div>
<b><br /></b>
<b>Let's create our container, click next:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGOD4BC21FGO3n7BN79REcBnsfuOvRzp_CuaD8r_mLBjubSjpYBMciMHh_OWvzpnLsH0KZImUQ3qJY-JgRS1by0xYgPGTuNxx1td9f4UmWZW5c2y58Jpo2rR365-me-9SsaSnnYxTmtYRi/s1600/screen3.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGOD4BC21FGO3n7BN79REcBnsfuOvRzp_CuaD8r_mLBjubSjpYBMciMHh_OWvzpnLsH0KZImUQ3qJY-JgRS1by0xYgPGTuNxx1td9f4UmWZW5c2y58Jpo2rR365-me-9SsaSnnYxTmtYRi/s640/screen3.jpg" width="640" /></a></div>
<br />
At this point, we will create a standard and non hidden volume.<br />
If already you are interested by the hidden volume, please go directly to the Method 3 example.<br />
<br />
For the explanation, an hidden volume is an invisible and undetectable secured and encrypted volume inside your secured volume, by this way you could always be forced to give access to the secured volume without having to reveal the existence of the hidden volume.<br />
<br />
This is feature is very great and powerful but may be a little complicated for the first use, this is why i prefer to do it in the 3rt method.<br />
<br />
<b>So we choose a standard Volume:</b><br />
<b><br /></b>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJ1_Yo60WV3lY0vN8x-bAupkQz7LO6Gj9gVgs7xWpcPeGlgMAR0EafvC4KQAW5fLxRtj5PWvRpiC0n83FXb72BKGa1gllEYBV5BWzLQT7YBLs-zjLyi_YCeEX3LZ_MBxOdIatM_cOsjxef/s1600/screen4.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJ1_Yo60WV3lY0vN8x-bAupkQz7LO6Gj9gVgs7xWpcPeGlgMAR0EafvC4KQAW5fLxRtj5PWvRpiC0n83FXb72BKGa1gllEYBV5BWzLQT7YBLs-zjLyi_YCeEX3LZ_MBxOdIatM_cOsjxef/s640/screen4.jpg" width="640" /></a></div>
<br />
Select the location and the file name you want, optionally you can leave "Never Save History" set, it will tell Truecrypt to never save history of volumes mount.<br />
In other words the location of the your container will never be shown inside Truecrypt. (for more security)<br />
<br />
<i><b>Note:</b></i><br />
Please note that you absolutely choose any file extension you want, Truecrypt won't care about that, so just choose something common that won't appear as something that could be special or protected. (img, rar, zip, doc...what you prefer)<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<b>In next screen, choose your encryption algorithm:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhdOAgVDSJfqUG8AhVzy8GQ37aZvX2H3yrwyYU694ami477IOBjMNtz5dT6d9INZJwshcGfabzW47A1rKsU1s-xek9Z-ckMsOty2acMpKuRvV4_YS03dm9LKeE70FZJL1qT2s6Qi8I8VN57/s1600/screen5.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhdOAgVDSJfqUG8AhVzy8GQ37aZvX2H3yrwyYU694ami477IOBjMNtz5dT6d9INZJwshcGfabzW47A1rKsU1s-xek9Z-ckMsOty2acMpKuRvV4_YS03dm9LKeE70FZJL1qT2s6Qi8I8VN57/s640/screen5.jpg" width="640" /></a></div>
<br />
In this section, you have to an encryption and hash algorithm, the most secured method will be using combinated algorithm, such as "AES-Twofich-Serpent".<br />
<br />
Note that using combinated method requires more operation and CPU, and so offers less read and write speeds.<br />
<br />
<b>You can click on "Benchmark" to see read and write speed you will get with different methods available:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWo9mKiduw0I0cES_kLoXfXPnAF1d2vzE-ii5Az_ky00G2aPgq11GM6dSenAZHeRuelqpNlju3_0cfRzFZWsgUkVJJNkHsb9jwXOHvKnh6RmefO_s9Pw3UuKlCmq47KbM8yZprj0sQp0ih/s1600/screen6.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWo9mKiduw0I0cES_kLoXfXPnAF1d2vzE-ii5Az_ky00G2aPgq11GM6dSenAZHeRuelqpNlju3_0cfRzFZWsgUkVJJNkHsb9jwXOHvKnh6RmefO_s9Pw3UuKlCmq47KbM8yZprj0sQp0ih/s640/screen6.jpg" width="640" /></a></div>
<br />
Just choose your method, if you want the best security you can choose "AES-Twofish-Serpent" and "SHA-512".<br />
<br />
<b>Then select the container size and click next.</b><br />
<i>Please note a container can't be resized later. (but still you can create a new one and migrate your data if required)</i><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2PRdaIitm91u1WW85QsxO4c2a9LZrfNOQPGrKIl4LTevWX1obT5eP37FvaDRG3StE1TcIr04qMHzL6RLRPeG2KHMG2Jh0YI_uieyzSgHvsASsCwDHhP3dLGwbc0WRRGJJdKj0OEIBMlTg/s1600/screen7.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2PRdaIitm91u1WW85QsxO4c2a9LZrfNOQPGrKIl4LTevWX1obT5eP37FvaDRG3StE1TcIr04qMHzL6RLRPeG2KHMG2Jh0YI_uieyzSgHvsASsCwDHhP3dLGwbc0WRRGJJdKj0OEIBMlTg/s640/screen7.jpg" width="640" /></a></div>
<br />
<b>Set the container password and optionally key files access:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJngJue9eh30gka2jrAHdJ9Zq-1Ne12u38me83kafyS2za1JtqKpEzDaaPa1cuxiROOQTkt-5YjZrVHBP2frMr9vLxHFl492-MKD0C4RU0UItrRqhDXrwJzR5QXqEOkBs4vuthFdhdnIp8/s1600/screen8.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJngJue9eh30gka2jrAHdJ9Zq-1Ne12u38me83kafyS2za1JtqKpEzDaaPa1cuxiROOQTkt-5YjZrVHBP2frMr9vLxHFl492-MKD0C4RU0UItrRqhDXrwJzR5QXqEOkBs4vuthFdhdnIp8/s640/screen8.jpg" width="640" /></a></div>
<br />
Using key files is optional but depending on your needs could be something really interesting.<br />
With this feature, getting the password won't be enough to gain access to protected data, getting the key files will also be required, but off course if you loose your key files, you loose your data access.<br />
<br />
The password needs to be really secured and complex, you should think about using a password sentence (a citation, proverb, whatever you want) in combination with a password containing various characters (standards, alpha numerical, specials)<br />
<br />
<b>Then, set the file format:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRPU6Vm7svq4LWcUyHGLwBOBop5W0xuBF5Noa_MHT739yuuOeKVDc0gRi6yTw-8orqTWUNFceBMrmWP5bsmYiPPtxBwYSSDERc-bSxQejpyKzJ1hbXhUY71YPYF4yMp5J4_5GxP_uUzyhP/s1600/screen9.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRPU6Vm7svq4LWcUyHGLwBOBop5W0xuBF5Noa_MHT739yuuOeKVDc0gRi6yTw-8orqTWUNFceBMrmWP5bsmYiPPtxBwYSSDERc-bSxQejpyKzJ1hbXhUY71YPYF4yMp5J4_5GxP_uUzyhP/s640/screen9.jpg" width="640" /></a></div>
<br />
If you are using Windows (or plan to access to your container from Windows), then choose Fat.<br />
Otherwise Ext4 if you are using Linux.<br />
<br />
If you are creating you device on Linux, next screen will ask you to choose the option for system crossover support, if you plan to access to your container for both system, ensure to use the crossover support.<br />
<br />
<b>Then follow the instruction and format the device, final screen:</b><br />
<b><br /></b>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYum8BuBBgL0rTDSoddVj1eUD_kHNqDd8809-2f2uTLCjVG9DYVCJvOzRKJ3KkyAPbC1UNpXxCX6ETcLTdMgHK3YoU32W0rNaGfRwjftu0fwoXbz723eln4ip-KF20CGuaGV2ai-G2lQ-b/s1600/screen10.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYum8BuBBgL0rTDSoddVj1eUD_kHNqDd8809-2f2uTLCjVG9DYVCJvOzRKJ3KkyAPbC1UNpXxCX6ETcLTdMgHK3YoU32W0rNaGfRwjftu0fwoXbz723eln4ip-KF20CGuaGV2ai-G2lQ-b/s640/screen10.jpg" width="640" /></a></div>
<br />
Exit the wizard, your container is ready.<br />
<br />
<b>Mounting your encrypted container:</b><br />
<br />
<b>In main Truecrypt screen, select your container, provide your password (and key files if required) and mount your volume:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGf1oEXv2uBWQMVMGTYmSm6tYPB2f49ut2luA3jg7HhxsW_PY2-zXkToBqHZnpE_4Ql2o2E2yNbjiabp9S1gIKM2xw1_546EtuNzCQxZQF9OROyrQfQEGfqTs6o08L5l5Rm5YXsx4lovcJ/s1600/screen11.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="576" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGf1oEXv2uBWQMVMGTYmSm6tYPB2f49ut2luA3jg7HhxsW_PY2-zXkToBqHZnpE_4Ql2o2E2yNbjiabp9S1gIKM2xw1_546EtuNzCQxZQF9OROyrQfQEGfqTs6o08L5l5Rm5YXsx4lovcJ/s640/screen11.jpg" width="640" /></a></div>
<br />
You volume is now available to read and write ^^<br />
<br />
To properly close your container, select your volume and select "Dismount". (you can also choose "Dismount All" if this is the only volume mounted)<br />
<br />
<br />
<span style="color: #660000; font-size: large;">Method 2: Create a secure and encrypted device (eg USB key...)</span><br />
<div>
<span style="color: #660000; font-size: large;"><br /></span></div>
<br />
A real simple and comprehensive example of use will be creating a secured and encrypted USB Key.<br />
But this can also be any partition of an internal or external Hard Drive or SSD, Flash memory, any storage you want.<br />
<br />
<i><b>Note:</b></i><br />
<i>Please note that any data present on your device will be lost!</i><br />
<br />
<b>To begin:</b><br />
<br />
<ul>
<li>Connect your device</li>
<li>Ensure you have one partition to use (remember data will be lost)</li>
<li>Note the device name</li>
</ul>
<br />
<br />
<b>Connect your device, open Truecrypt and click on "Create Volume", then select the required option:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeq56iHBxlWkbb2dBOYiA0bdxQD7p-wGMyDUOMXbg5BhKvL39fyiaUTWISS5GCEUovjYpe9xxeWD4leOZYmZMINhMSxDYsZ92D_5ig7gJORhTwDPijMfSEjCUSmNcOfCXJeRPz6XfXd9mL/s1600/screen12.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeq56iHBxlWkbb2dBOYiA0bdxQD7p-wGMyDUOMXbg5BhKvL39fyiaUTWISS5GCEUovjYpe9xxeWD4leOZYmZMINhMSxDYsZ92D_5ig7gJORhTwDPijMfSEjCUSmNcOfCXJeRPz6XfXd9mL/s640/screen12.jpg" width="640" /></a></div>
<br />
Select the Volume type, again we will create a standard volume.<br />
<br />
<b>Then, select your device (in this example my USB device is seen under Linux as /dev/sdc1) :</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjtiV7He9zzmptBvmG-RudZUVIcEt0QNJGop9lawCM32uGWZDqawu6CMCPrZTl901iZPtWbxoUFwEclqG7_eGWJ9Wuum5l1JY0yVecixIDDw5QwC5GWM4B9b0cftur1ZFnkvTP_y026Zqpk/s1600/screen14.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjtiV7He9zzmptBvmG-RudZUVIcEt0QNJGop9lawCM32uGWZDqawu6CMCPrZTl901iZPtWbxoUFwEclqG7_eGWJ9Wuum5l1JY0yVecixIDDw5QwC5GWM4B9b0cftur1ZFnkvTP_y026Zqpk/s640/screen14.jpg" width="640" /></a></div>
<br />
Valid any warning message and choose encryption / Hash algorithm (see details in method 1).<br />
<br />
<b>The only difference with Method 1 will come at the device formatting step:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNOOFibLj4NtIrvwluLNKlZkZun61ngEQa4tETD7I9TnoU7oaO5tqUodVfsT5Xx7jYPpI8AgNjm31GvVWst3DhRTlCpknakpP2ocK63j_YghvsuNOBN3Qav5ry27dhlKVvnCVgre3GHny9/s1600/screen15.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNOOFibLj4NtIrvwluLNKlZkZun61ngEQa4tETD7I9TnoU7oaO5tqUodVfsT5Xx7jYPpI8AgNjm31GvVWst3DhRTlCpknakpP2ocK63j_YghvsuNOBN3Qav5ry27dhlKVvnCVgre3GHny9/s640/screen15.jpg" width="640" /></a></div>
<br />
As the device hasn't been yet used as an encrypted device, you can let the box "Quick Format" unchecked. (which will result in encrypting also free space)<br />
<br />
Then follow instructions and proceed to creating the device. (same than Method 1)<br />
<br />
If you plan to use it on Windows, remember to select FAT as the file system and system crossover support if you created it on Linux.<br />
<br />
<b>Mounting your encrypted device:</b><br />
<div>
<b><br /></b></div>
<br />
Open Truecrypt, if you don't want to specify the name of your device, you can also choose the option "Auto-Mount Devices", it will scan your system and automatically detect your secured USB key:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqSlCK8MqtwCkixUdu-aUXfgzzpEAe5h8t04blndEb9Dd9j1YeQF7DL7GUGHnLyips_vSO-L4UebC2SLDHeAziNuRN3YuyVxKq74HjU_uLg8BJQLOMfo5Qr4WaYwR-7YbEQsh0JlfHz_Rh/s1600/screen16.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="576" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqSlCK8MqtwCkixUdu-aUXfgzzpEAe5h8t04blndEb9Dd9j1YeQF7DL7GUGHnLyips_vSO-L4UebC2SLDHeAziNuRN3YuyVxKq74HjU_uLg8BJQLOMfo5Qr4WaYwR-7YbEQsh0JlfHz_Rh/s640/screen16.jpg" width="640" /></a></div>
<br />
<br />
Your device will accessible as any Volume, and you can do any operation you want.<br />
<br />
To properly close your device, go in Truecrypt and select "Dismount All"<br />
<br />
<br />
<br />
<span style="color: #660000; font-size: large;">Method 3: Create a secure, encrypted and hidden container or device</span><br />
<div>
</div>
<br />
<b>Open Truecrypt and start the Volume creation wizard (Create Volume):</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJmHGnQnvtOKbk09y8qnaFsCNmQzPBar6jEmGrmiDMgGM3iYJZs9aGDpskZPr4kJljIqrG6hymbVSjj3PqF7eiR8C8ss9Wu8ZRc9VNlX6pwbfX4IE1HAfHu2RmvLkSXznIIheHHIqdxc0o/s1600/screen2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJmHGnQnvtOKbk09y8qnaFsCNmQzPBar6jEmGrmiDMgGM3iYJZs9aGDpskZPr4kJljIqrG6hymbVSjj3PqF7eiR8C8ss9Wu8ZRc9VNlX6pwbfX4IE1HAfHu2RmvLkSXznIIheHHIqdxc0o/s640/screen2.jpg" width="640" /></a></div>
<br />
For the example purpose, we will create an hidden container, you can off course also choose to create a secured hidden device.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAw7L1hV9NXcY0PP5ZeVJ4wdgJVrOaywJyljeo44Im5ZJXTb68qs0ydvTNKzHxQemdHWppz-0k6mhDhe_ps794zvQHMOIAS-xNTCuLASsfA-8rfJjCRUyL1-dnbxUQdTJwArZ_2c0TRrYE/s1600/Capture+du+2012-08-28+14:20:42.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAw7L1hV9NXcY0PP5ZeVJ4wdgJVrOaywJyljeo44Im5ZJXTb68qs0ydvTNKzHxQemdHWppz-0k6mhDhe_ps794zvQHMOIAS-xNTCuLASsfA-8rfJjCRUyL1-dnbxUQdTJwArZ_2c0TRrYE/s640/Capture+du+2012-08-28+14:20:42.png" width="640" /></a></div>
<br />
<b>Select the device name and location:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEguffEWiWXDuHuihZeQyfhH_Ou9dThnF0NzKBKcxR4nqbJ-bDyL5BYvtu8vGtStsCWNRJ6EBdJ2caCk8i-x8X9RuFr6agTjue2nU1gNFIOaOcKItJ1Wk-GkXUL3hbnVNd3O8lrDgCelxKpt/s1600/screen1.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEguffEWiWXDuHuihZeQyfhH_Ou9dThnF0NzKBKcxR4nqbJ-bDyL5BYvtu8vGtStsCWNRJ6EBdJ2caCk8i-x8X9RuFr6agTjue2nU1gNFIOaOcKItJ1Wk-GkXUL3hbnVNd3O8lrDgCelxKpt/s640/screen1.jpg" width="640" /></a></div>
<br />
<b>As usual, select your Encryption and Hash algorithm, example:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiieg7ltl4T-b5h7vaUPMgAWmRim1mgcmqhTVcD-QeEA-3ANFRFbJqZt0uY5Bt6We-LuN2WvOeq5-vnarNgXW5_Z4JZTeD1OkolTGXq6TpaDMa3M7u8uCp0at3ZTaDsxwGR4Iw9Q4tkCcjM/s1600/screen2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiieg7ltl4T-b5h7vaUPMgAWmRim1mgcmqhTVcD-QeEA-3ANFRFbJqZt0uY5Bt6We-LuN2WvOeq5-vnarNgXW5_Z4JZTeD1OkolTGXq6TpaDMa3M7u8uCp0at3ZTaDsxwGR4Iw9Q4tkCcjM/s640/screen2.jpg" width="640" /></a></div>
<br />
Select the Outer Volume size, it is specific to hidden volume and will represent the global Volume size.<br />
<br />
<b>For the example, we will create a 1GB Volume:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7jzOS3M09ZvvF0X7jSibGAs_BWq7odKFja9kOHVZbtuK-Fg55334RT1nonLJJdhSUbUqrRLEgNOBgnhfv61zdeSQTGr6qNo-VnNEbp8SIJrE9NN0_WbXVZHCOoU45fDD6sToArSzfMlqI/s1600/screen17.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7jzOS3M09ZvvF0X7jSibGAs_BWq7odKFja9kOHVZbtuK-Fg55334RT1nonLJJdhSUbUqrRLEgNOBgnhfv61zdeSQTGr6qNo-VnNEbp8SIJrE9NN0_WbXVZHCOoU45fDD6sToArSzfMlqI/s640/screen17.jpg" width="640" /></a></div>
<br />
<br />
<b>Set the Outer Volume password, this won't be the hidden Volume password (where you will store you real private data) but the visible Volume password:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihzRrtRLNFoAV9CAZKluX8gYv9bFd8pJCbVAiwR-zXH5elxIMi3zT9-h8zjEqh-gwEnsEsVejh3CAjCGZTbujX7tmqhWYxkFaeUV2Dm_ib5Tmbx9dx5d4xeSqAgPGjiQwh1AKgkSpxvZgh/s1600/screen18.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihzRrtRLNFoAV9CAZKluX8gYv9bFd8pJCbVAiwR-zXH5elxIMi3zT9-h8zjEqh-gwEnsEsVejh3CAjCGZTbujX7tmqhWYxkFaeUV2Dm_ib5Tmbx9dx5d4xeSqAgPGjiQwh1AKgkSpxvZgh/s640/screen18.jpg" width="640" /></a></div>
<br />
<b>Next screen, Outer volume creation done:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4HVIn0XG_nytosOZlt66rXpmvgsyazj6P1U4_b5Pr8CF_bNDmlvi799wffCTrC3jgNzW6pVv5USll2CqoMSk7xrvXjZeeGKYncNmfKHbimBP6HveYsFnF4-88xISJoiCNs5oJXloy25IH/s1600/screen19.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4HVIn0XG_nytosOZlt66rXpmvgsyazj6P1U4_b5Pr8CF_bNDmlvi799wffCTrC3jgNzW6pVv5USll2CqoMSk7xrvXjZeeGKYncNmfKHbimBP6HveYsFnF4-88xISJoiCNs5oJXloy25IH/s640/screen19.jpg" width="640" /></a></div>
<br />
<b>Click Next to configure the Hidden Volume:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwdKI3tw9lKdPA6js-TdIaJHOyF9UH5B1ZOPPfpHySLJV0CgHcvbkdb_Y1kd2TU2WoUiK0Nqwkf4CFiLoskwuYe7SSi_6A_NMVh1nY1H_Hgmux7ZFr3HSxL_AuZwQOb4Cy_vCQacyirZp_/s1600/screen20.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwdKI3tw9lKdPA6js-TdIaJHOyF9UH5B1ZOPPfpHySLJV0CgHcvbkdb_Y1kd2TU2WoUiK0Nqwkf4CFiLoskwuYe7SSi_6A_NMVh1nY1H_Hgmux7ZFr3HSxL_AuZwQOb4Cy_vCQacyirZp_/s640/screen20.jpg" width="640" /></a></div>
<br />
<b>As for the Outer Volume, configure Encryption:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhoJ33wLHJiTbWyzKhuID2wjfjaW3AYeMS5fbw1yhJzE4tXn4ZrcR390nb3K04WSkeGWlaPQaiULRWV7GrfoQhKxQrW5laXbO26HzJB_uUywsh4MGHfdMmJoTlAslyOrfowskguZ_dgUXVt/s1600/screen21.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhoJ33wLHJiTbWyzKhuID2wjfjaW3AYeMS5fbw1yhJzE4tXn4ZrcR390nb3K04WSkeGWlaPQaiULRWV7GrfoQhKxQrW5laXbO26HzJB_uUywsh4MGHfdMmJoTlAslyOrfowskguZ_dgUXVt/s640/screen21.jpg" width="640" /></a></div>
<br />
<br />
<b>Select the Hidden Volume Size, this will the maximum space usable by the Hidden Volume inside the main (Outer) Volume:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKdmNiMH36oOeaTo2MyytZPszGLTe6_RyIkPY0zRNvOzDu1bU_zCbhP81X8D63i3Dd9g0E5UXBnlSkXdqnYLyYpr4JYEQC9AUXmFF0d3yfkE9EyAtQTw9EUmUiicuI-vfNIIrle5jJA0xD/s1600/screen22.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKdmNiMH36oOeaTo2MyytZPszGLTe6_RyIkPY0zRNvOzDu1bU_zCbhP81X8D63i3Dd9g0E5UXBnlSkXdqnYLyYpr4JYEQC9AUXmFF0d3yfkE9EyAtQTw9EUmUiicuI-vfNIIrle5jJA0xD/s640/screen22.jpg" width="640" /></a></div>
<br />
<br />
<b>Configure the Hidden Volume password, the password <u>must be different</u> from the main (Outer) Volume!</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFKTY0dxRYluqb_8UFG309qvHRBTD41xalYAdmIcp9Y6vsddfuNpXbM3s8Nuulot_gZtak5VoHc5gJHK6zva78aOGQA6-DpNEKxPPlBXBJWDibH3vDBNENam_3DCNnMaxsfZrDCe18DeXf/s1600/screen23.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFKTY0dxRYluqb_8UFG309qvHRBTD41xalYAdmIcp9Y6vsddfuNpXbM3s8Nuulot_gZtak5VoHc5gJHK6zva78aOGQA6-DpNEKxPPlBXBJWDibH3vDBNENam_3DCNnMaxsfZrDCe18DeXf/s640/screen23.jpg" width="640" /></a></div>
<br />
<b>Choose file system option, example:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0h_3FJqapHmwsNG7eRBO8O01dWBffnUyK53VrSfnuV0-9rHZmmwBE52FvsRa5M3Zlbpm66gl3sPRlVGV0nlixWl3qnZcyCOlb1Ta2Emo6vgKAU15cAsv_pFMaOoAOrUugSZIuhQBFogri/s1600/screen24.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0h_3FJqapHmwsNG7eRBO8O01dWBffnUyK53VrSfnuV0-9rHZmmwBE52FvsRa5M3Zlbpm66gl3sPRlVGV0nlixWl3qnZcyCOlb1Ta2Emo6vgKAU15cAsv_pFMaOoAOrUugSZIuhQBFogri/s640/screen24.jpg" width="640" /></a></div>
<br />
<b>Choose crossover support, in my example case i used Linux to create the Volume so Truecrypt asks if i plan to use it on other systems than Linux, example:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjiCT_6zwsOaiq6Q6v8v3C8xOUpeVHbmyyUEansbJujboPXHFDRvO4-w9qQ7n0QPyzLQTbiJqrAFy0oQ2vJjDDA0Lv1o_DSeHKueyawH9Ldnvt5jmBX-Sg1vb1vBuTVyxTSDz4Z4vPHs7Xy/s1600/screen25.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjiCT_6zwsOaiq6Q6v8v3C8xOUpeVHbmyyUEansbJujboPXHFDRvO4-w9qQ7n0QPyzLQTbiJqrAFy0oQ2vJjDDA0Lv1o_DSeHKueyawH9Ldnvt5jmBX-Sg1vb1vBuTVyxTSDz4Z4vPHs7Xy/s640/screen25.jpg" width="640" /></a></div>
<br />
<b>Then format the Volume:</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj11cHk6j8FnSzMeRAeYQtvksTQfq_AanoINaDnwun5uX2PwxMBOVAJJKg99iq4ofxw5-zdm6_r6LjiMLxQLKFWB3U9tnbEJ9B3hDeVE2H1s3HqwVkWqKtGlUiy2LluXdKGcHsFEnL1ASWZ/s1600/screen26.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj11cHk6j8FnSzMeRAeYQtvksTQfq_AanoINaDnwun5uX2PwxMBOVAJJKg99iq4ofxw5-zdm6_r6LjiMLxQLKFWB3U9tnbEJ9B3hDeVE2H1s3HqwVkWqKtGlUiy2LluXdKGcHsFEnL1ASWZ/s640/screen26.jpg" width="640" /></a></div>
<br />
<br />
And exit the Wizard.<br />
<br />
<b>Mounting your device:</b><br />
<br />
When you are using an hidden device, things are not much more complicated than with standard devices.<br />
<br />
In fact, Tryecrypt will automatically mount the Outer or the Hidden device, depending on the password (Outer volume password or Hidden volume password) you will provide.<br />
<br />
The only thing you have to care about is protecting the hidden device from being damaged when you mount the Outer volume.<br />
<br />
<b>To mount the main (Outer) Volume:</b><br />
<br />
Open Truecrypt, select your file and click on mount, put your password and select "Option" to protect the hidden volume from being damaged by data copied into the Outer Volume:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-wU1jVAjIZY8ZNUsQXRY5CDcb5Mi89sEc095BCsctO6mEnMu_z_9eyOIPUhPcl5nHxd57lEWov7OJzGqnMBO3NTE2ZInY6ZbEMAn0Uag0DbESLf1EYiOHs8OnePdA7WKLBi9cbgk-wKbb/s1600/screen28.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-wU1jVAjIZY8ZNUsQXRY5CDcb5Mi89sEc095BCsctO6mEnMu_z_9eyOIPUhPcl5nHxd57lEWov7OJzGqnMBO3NTE2ZInY6ZbEMAn0Uag0DbESLf1EYiOHs8OnePdA7WKLBi9cbgk-wKbb/s640/screen28.jpg" width="520" /></a></div>
<br />
<br />
Now the Outer volume is mounted, copy some data that could seem sensitives and umount it.<br />
<br />
Then, using he same way <u>but without the hidden volume protection option</u> mount your hidden volume providing your hidden volume password.<br />
<br />
And finally, you can manage your real private data in your hidden space.<br />
<br />
Real powerful!<br />
<br />
<br />
<br />
<br />Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com6tag:blogger.com,1999:blog-4353161337668741389.post-22700843460850495292012-07-24T17:01:00.001+02:002012-09-26T15:48:14.034+02:00Linux Howto: Clone your active system to get a N-1 OS version available in case of update troubles or instability<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiaoUXb9YB0EYHYpvEBW3reVO_KsTUgT81OitPFKsY67o_HsNij29dppjKlvYi0LSpVm9r0n4d5NEKw_25foR0f13CsU5nDiZ5mLRZKFRjGjqv0CazLg8oGrWvr7MpVW7342ILMN8OWvfXN/s1600/tux-prof-150x150.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiaoUXb9YB0EYHYpvEBW3reVO_KsTUgT81OitPFKsY67o_HsNij29dppjKlvYi0LSpVm9r0n4d5NEKw_25foR0f13CsU5nDiZ5mLRZKFRjGjqv0CazLg8oGrWvr7MpVW7342ILMN8OWvfXN/s1600/tux-prof-150x150.jpg" /></a></div>
<br />
<br />
If you are in the same situation as i am, your Linux XBMC Box became the Multimedia center for all the family, let's say it's now in "production" and as any client would, they won't accept any downtime due to system or application upgrade issue :-)<br />
<br />
There is off course several solutions you may use to backup and restore your system if required, in my opinion the easiest is to have a secondary N-1 version system available and ready to run in case the last update you absolutely had to applied (because you're such a geek you cannot keep running an outdated system ^^) broke your nice and stable installation!<br />
<br />
Naturally, this will be applicable for any Linux installation.<br />
<br />
<br />
<b>************************ CAUTION </b><b>***********************************************</b><b style="background-color: white;">****************</b><br />
<b><br /></b>
<b>These operations may easily break your system if you don't pay attention, </b><br />
<b>please follow this Howto with many cautions and very carefully!</b><br />
<b><br /></b>
<br />
<b>**********************************</b><b>***********************************************</b><b style="background-color: white;">****************</b><br />
<br />
<br />
<h4>
Methods and requirements:</h4>
<br />
I recommend the following method using "partclone" to clone your system.<br />
<br />
First and in any case, ensure you have a secondary partition with a size <b><u>strictly</u></b> identical to your base system. (obligatory for partclone)<br />
<br />
This secondary partition will be uased by our cloned system.<br />
<br />
Also, i would recommend you install "/home"' under a dedicated third partition.<br />
<br />
<b>So, let's say as an example you installation is partitioned that way (all formatted in ext4) :</b><br />
<br />
<ul>
<li>"/dev/sda1" is your main OS installation</li>
<li>"/dev/sda2" will be your N-1 OS version</li>
<li>"/dev/sda3" is your "/home" partition</li>
</ul>
<br />
<b><i>Note:</i></b> With partclone, your 2 system partitions must have strictly the same size, use Gparted when you are in your Live OS to modify your partitions as required, you resize, create move and so on.<br />
But be careful, you can easily break everything if you don't pay attention ^^<br />
<br />
<br />
<h4>
Clone your system with partclone</h4>
<b><br /></b>
<b>Limitations and constraints:</b><br />
<b><br /></b>
You can't clone a partition being used and mounted, so the easiest method is to use a USB Live Distribution you will use to boot and clone your system.<br />
<br />
This is very easy, just download any Linux distribution (i recommend Xubuntu) and use "Unetbootin" to create the Live USB key.<br />
<br />
Also, ensure your live system will be able to access to Internet as you will need to install some packages.<br />
<br />
<h4>
Step 1: Boot to Live OS</h4>
<br />
<i>Insert your Live USB Key and boot the system, when the system is ready install some requirements:</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); color: #333333; font-size: 13px; line-height: 18px; padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">sudo apt-get install partclone</span></span></pre>
<b>Notes:</b> Ensure you are connected to Internet before the apt-get, no need to update first but you also can do it if you want<br />
<br />
<br />
<h4>
Step 2: Clone the system</h4>
<i><b><br /></b></i>
<i><b>Recommended:</b></i><br />
<i><br /></i>
<i>I recommend to first backup the partition to an external image you may need later and after that restoring it to the secondary partition:</i><br />
<i><br /></i>
<i>First check and correct the filesystem if required:</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); color: #333333; font-size: 13px; line-height: 18px; padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">sudo fsck.ext4 -yf /dev/sda1</span></span></pre>
<br />
<i>Clone sda1 to an external image:</i>
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); color: #333333; font-size: 13px; line-height: 18px; padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">sudo partclone.ext4 -c -d -s /dev/sda1 -o <MY DESTINATION FOLDER>/sda1_partclone_ext4_MMDDYYYY.img</span></span></pre>
<br />
<i>Restore sda1 image to sda2 partition:</i>
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); color: #333333; font-size: 13px; line-height: 18px; padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">sudo partclone.ext4 -r -d -s <MY DESTINATION FOLDER>/sda1_partclone_ext4_MMDDYYYY.img -o /dev/sda2</span></span></pre>
<br />
<h4>
Step 3: Update secondary partition UUID and Label</h4>
<br />
<br />
This a very important operation, i you don't update the secondary partition UUID, it will have the same than your first OS and you can be sure you're going into big troubles!<br />
<br />
<i>Install requirements:</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); color: #333333; font-size: 13px; line-height: 18px; padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">sudo apt-get install uuid e2label</span></span></pre>
<br />
<i>List actual UUID, sda1 and sda2 have <b>the same UUID and same label</b> which is really is bad thing:</i><br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">sudo blkid</span></span></pre>
<i>Note: You can also use the command "sudo tune2fs -l /dev/sda1 | grep UUID"</i><br />
<br />
<i>Output example before update:</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">/dev/sda1: LABEL="SYSTEM1" UUID="affe0f48-6b88-43a5-b131-20a58cd776b8" TYPE="ext4"
/dev/sda2: LABEL="SYSTEM1" UUID="affe0f48-6b88-43a5-b131-20a58cd776b8" TYPE="ext4"</span></span></pre>
<br />
<i>Update "/dev/sda2" UUID:</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">sudo tune2fs -U `uuid` /dev/sda2</span></span></pre>
<br />
<i>Update "/dev/sda2" Label:</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">sudo e2label /dev/sda2 SYSTEM2</span></span></pre>
<br />
Check and note the new configuration:
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">sudo blkid</span></span></pre>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">/dev/sda1: LABEL="SYSTEM1" UUID="affe0f48-6b88-43a5-b131-20a58cd776b8" TYPE="ext4"
/dev/sda2: LABEL="SYSTEM2" UUID="8e1e225a-d51e-11e1-b5aa-00012e409020" TYPE="ext4"</span></span></pre>
<br />
<b>Everything is fine, we have different UUID and Labels for both partitions, let's mount the secondary partition and update "/etc/fstab" with this new information:</b><br />
<br />
<i>Mount the partition:</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">sudo mkdir /mnt/sda2 && sudo mount -t ext4 /dev/sda2 /mnt/sda2</span></span></pre>
<br />
<i>Edit "/mnt/sda2/etc/fstab" and replace initial UUID by the new one, in this example we replace:</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">UUID=affe0f48-6b88-43a5-b131-20a58cd776b8 / ext4 errors=remount-ro,noatime 0 1 </span></span></pre>
<br />
<i>By:</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">UUID=8e1e225a-d51e-11e1-b5aa-00012e409020 / ext4 errors=remount-ro,noatime 0 1 </span></span></pre>
<br />
<i>Save and umount the partition:</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">sudo umount /dev/sda2 && sudo rm -rf /mnt/sda2</span></span></pre>
<br />
<br />
<h4>
Step 4: Reboot to main system and update grub</h4>
<b><br /></b>
<b>Notes:</b> Os prober from Grub should be able to generate a functional boot configuration finding our cloned system in "/dev/sda2", for an unknown reason this doesn't work so i recommend a manual operation which will be more reliable.<br />
<br />
<br />
<i>Leave the Live USB system and reboot to the main system, then open "/boot/grub/grub.cfg" and copy main system boot lines to clipboard or a temporary text editor, in our example we will find the original kernel lines:</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">menuentry 'Ubuntu, avec Linux 3.2.0-26-generic' --class ubuntu --class gnu-linux --class gnu --class os {
recordfail
gfxmode $linux_gfx_mode
insmod gzio
insmod part_msdos
insmod ext2
set root='(hd0,msdos1)'
search --no-floppy --fs-uuid --set=root affe0f48-6b88-43a5-b131-20a58cd776b8
linux /boot/vmlinuz-3.2.0-26-generic root=UUID=affe0f48-6b88-43a5-b131-20a58cd776b8 ro quiet splash $vt_handoff
initrd /boot/initrd.img-3.2.0-26-generic
}
menuentry 'Ubuntu, avec Linux 3.2.0-26-generic (mode de dépannage)' --class ubuntu --class gnu-linux --class gnu --class os {
recordfail
insmod gzio
insmod part_msdos
insmod ext2
set root='(hd0,msdos1)'
search --no-floppy --fs-uuid --set=root affe0f48-6b88-43a5-b131-20a58cd776b8
echo 'Chargement de Linux 3.2.0-26-generic ...'
linux /boot/vmlinuz-3.2.0-26-generic root=UUID=affe0f48-6b88-43a5-b131-20a58cd776b8 ro recovery nomodeset
echo 'Chargement du disque mémoire initial ...'
initrd /boot/initrd.img-3.2.0-26-generic
} </span></span></pre>
<br />
<br />
<i>Add "(on /dev/sda2) behind the kernel version in "menuentry" and replace "msdos1" by "msdos2" and the old UUID by the new one and put these lines into "</i><span style="background-color: white;"><i>/etc/grub.d/40_custom", in our example our new lines will be:</i></span><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">menuentry "Ubuntu, avec Linux 3.2.0-26-generic (on /dev/sda2)" --class gnu-linux --class gnu --class os {
recordfail
gfxmode $linux_gfx_mode
insmod gzio
insmod part_msdos
insmod ext2
set root='(hd0,msdos2)'
search --no-floppy --fs-uuid --set=root 8e1e225a-d51e-11e1-b5aa-00012e409020
linux /boot/vmlinuz-3.2.0-26-generic root=UUID=8e1e225a-d51e-11e1-b5aa-00012e409020 ro quiet splash $vt_handoff
initrd /boot/initrd.img-3.2.0-26-generic
}
menuentry "Ubuntu, avec Linux 3.2.0-26-generic (mode de dépannage) (on /dev/sda2)" --class gnu-linux --class gnu --class os {
recordfail
insmod gzio
insmod part_msdos
insmod ext2
set root='(hd0,msdos2)'
search --no-floppy --fs-uuid --set=root 8e1e225a-d51e-11e1-b5aa-00012e409020
linux /boot/vmlinuz-3.2.0-26-generic root=UUID=8e1e225a-d51e-11e1-b5aa-00012e409020 ro recovery nomodeset
initrd /boot/initrd.img-3.2.0-26-generic
} </span></span></pre>
<br />
<i>Update grub:</i><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">sudo update-grub </span></span></pre>
<br />
<br />
Reboot from your main system and test booting to the secondary OS, it should boot with no problem and you will get exactly the same system than the main one.<br />
<br />
You can test whatever you need in the secondary system such as important system and application upgrade without the risk of breaking down your main system.<br />
<br />
Therefore, don't forget that if you have a third partition for "/home", any issue not related to the system partition but related to the home partition (such as deleting user's files) will off course exist in both systems!<br />
<br />
So a best practice will always be to also backup the /home partition ^^<br />
<br />
<b>As now you have 2 systems available, if you want to update the secondary system, you don't have to boot again with a Live OS:</b><br />
<br />
<ul>
<li>Boot to secondary system</li>
<li>Create the partclone image from primary system to an external image</li>
<li>Boot to primary system</li>
<li>Restore the external image to secondary partition</li>
<li>Re do UUID change and fstab correction</li>
</ul>
<br />
<br />
<h4>
Step 5: Optional - Home Directory</h4>
<div>
<br /></div>
<div>
If you want to be completely independent of your first installation, you may also copy your initial main user home directory, example to "/home/user_system2".</div>
<div>
<br /></div>
<div>
Then just ensure to change the home directory in your second system by editing "/etc/passwd". (remember to adapt from where you edit it)</div>
<br class="Apple-interchange-newline" />
<br />
<br />
<br />
<br />
<b>Feel free to comment :-)</b><br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com1tag:blogger.com,1999:blog-4353161337668741389.post-68720053615416748192012-07-20T00:16:00.001+02:002012-10-11T15:55:34.389+02:00Mini How-to : Installation of Avermedia Green Volar HD under Linux<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhD-_QN0WjF4fNUeRWEhkluxxExrpfx3_OehyTn8KdcStO56212_9l17PELSfkgFGPKKVaY2qTF6AIUSlje7XWKmZ1qiL7KvGlQChVNitTH3EEfUMkh821CSoxw4PiCs_7K3mowE54vMiRq/s1600/139537.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhD-_QN0WjF4fNUeRWEhkluxxExrpfx3_OehyTn8KdcStO56212_9l17PELSfkgFGPKKVaY2qTF6AIUSlje7XWKmZ1qiL7KvGlQChVNitTH3EEfUMkh821CSoxw4PiCs_7K3mowE54vMiRq/s320/139537.jpg" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<b><i>****************************************************************************************************</i></b><br />
<b><i>Edit 10/11/2012:</i></b><br />
<i><br /></i>
<i>This how-to is outdated, if you have this device, i recommend you to install a kernel beginning on 3.5, this DVB adapter will automatically be taken in charge by new kernels.</i><br />
<i>The only required operation will be to download the firmware as usual.</i><br />
<i><br /></i>
<i>In a few words:</i><br />
<br />
<br />
<i><b>For Ubuntu 12.04:</b></i><br />
<i><br /></i>
<i>Go to <a href="http://kernel.ubuntu.com/~kernel-ppa/mainline/">http://kernel.ubuntu.com/~kernel-ppa/mainline/</a></i><br />
<i><br /></i>
<i>Then choose your kernel, eg. <a href="http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.5.5-quantal/">http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.5.5-quantal/</a></i><br />
<br />
<b><i>32 bits kernel, download:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">linux-headers-3.5.5-030505_3.5.5-030505.201210021510_all.deb
linux-headers-3.5.5-030505-generic_3.5.5-030505.201210021510_i386.deb
linux-image-3.5.5-030505-generic_3.5.5-030505.201210021510_i386.deb
linux-image-extra-3.5.5-030505-generic_3.5.5-030505.201210021510_i386.deb</span></span></pre>
<br />
<br />
<br />
<b><i>64 bits kernel, download:</i></b><br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">linux-headers-3.5.5-030505_3.5.5-030505.201210021510_all.deb
linux-headers-3.5.5-030505-generic_3.5.5-030505.201210021510_amd64.deb
linux-image-3.5.5-030505-generic_3.5.5-030505.201210021510_amd64.deb
linux-image-extra-3.5.5-030505-generic_3.5.5-030505.201210021510_amd64.deb</span></span></pre>
<br />
<br />
<b><i>Then install:</i></b><br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">$ sudo dpkg -i *.deb</span></span></pre>
<br />
<br />
<b><i>Reboot.</i></b><br />
<br />
<b><i>Download firmware:</i></b><br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">cd /lib/firmware
sudo wget http://xgazza.altervista.org/Linux/DVB/dvb-usb-af9035-02.fw</span></span></pre>
<br />
<br />
<i>And you're done, just plug, and check your kernel log (command "dmesg")</i><br />
<br />
<b><i>****************************************************************************************************</i></b>
<br />
<br />
<br />
<br />
So you bought this cheap DVB Tuner USB key and was thinking it would work under Linux with no efforts...well not absolutely in fact :-)<br />
<br />
Let's see how to deal with this key, see my post on tvheadend and XBMC for more information on getting live TV using such DVB Tuners:<br />
<a href="http://youresuchageek.blogspot.fr/2012/07/xbmc-pvr-how-to-enhance-your-xbmc-media.html" target="_blank">http://youresuchageek.blogspot.fr/2012/07/xbmc-pvr-how-to-enhance-your-xbmc-media.html</a><br />
<br />
We will use v4l-DVB drivers from Linux TV:<br />
<br />
<i><b>First install some requirements:</b></i><br />
<i><b>For Ubuntu 12.04:</b></i><br />
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">sudo apt-get install libdigest-sha-perl make gcc git patch patchutils libproc-processtable-perl linux-source linux-headers-`uname -r`</span></span></pre>
<br />
<br />
<b><i>For Ubuntu 11.10 and previous:</i></b><br />
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">sudo aptitude install libdigest-sha1-perl make gcc git patch patchutils libproc-processtable-perl linux-source linux-headers-`uname -r`</span></span></pre>
<br />
<br />
<span style="background-color: white;"><b><i>Download</i></b></span><b><i> modules, when the process will begin to compile abort it with "ctrl+c", this is very unusual but we don't need the compilation to complete:</i></b><br />
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">git clone git://linuxtv.org/media_build.git
cd media_build
./build</span></span></pre>
<br />
<b><i><br /></i></b>
<b><i>So you aborted compilation, then we will compile and install DVB modules (NB: I you have double core processor using "make -j 2" will speed up the compilation, you may also use standard command with "make")</i></b><br />
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">make allyesconfig
make -j 2
sudo make install</span></span></pre>
<br />
<b><i><br /></i></b>
<b><span style="background-color: white;"><span style="font-family: inherit;"><i>NOTE for Ubuntu kernel 3.2.0-26, compilation could fail, proceed with:</i></span></span></b><br />
<b style="background-color: white;"><span style="font-family: inherit;"><i>creating "<span style="line-height: 19px;">media_build/linux/include/linux/v4l2-common.h" with the following content and relaunch compilation</span></i></span></b><br />
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">#ifndef V4L2_COMMON_H
#define V4L2_COMMON_H
/* Hints for adjustments of selection rectangle */
#define V4L2_SEL_FLAG_GE 0x00000001
#define V4L2_SEL_FLAG_LE 0x00000002
/* Selection targets */
/* Current cropping area */
#define V4L2_SEL_TGT_CROP 0x0000
#define V4L2_SEL_TGT_CROP_ACTIVE 0x0000
/* Default cropping area */
#define V4L2_SEL_TGT_CROP_DEFAULT 0x0001
/* Cropping bounds */
#define V4L2_SEL_TGT_CROP_BOUNDS 0x0002
/* Current composing area */
#define V4L2_SEL_TGT_COMPOSE 0x0100
#define V4L2_SEL_TGT_COMPOSE_ACTIVE 0x0100
/* Default composing area */
#define V4L2_SEL_TGT_COMPOSE_DEFAULT 0x0101
/* Composing bounds */
#define V4L2_SEL_TGT_COMPOSE_BOUNDS 0x0102
/* Current composing area plus all padding pixels */
#define V4L2_SEL_TGT_COMPOSE_PADDED 0x0103
#endif //V4L2_COMMON_H</span></span></pre>
<br />
<b><i><br /></i></b>
<b><i>Download Firmware:</i></b><br />
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">cd /lib/firmware
sudo wget http://xgazza.altervista.org/Linux/DVB/dvb-usb-af9035-02.fw</span></span></pre>
<br />
<br />
<i><b>Plug your DVB USB Key and check kernel message, if you're ok you will get this kind of message:</b></i><br />
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">dvb-usb: found a 'AVerMedia AVerTV Volar HD/PRO (A835)' in cold state, will try to load a firmware
dvb-usb: downloading firmware from file 'dvb-usb-af9035-02.fw'
af9035: firmware version=11.5.9.0
dvb-usb: found a 'AVerMedia AVerTV Volar HD/PRO (A835)' in warm state.
dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
DVB: registering new adapter (AVerMedia AVerTV Volar HD/PRO (A835))
dvb-usb: MAC address: 00:00:00:00:00:00
af9033: firmware version: LINK=11.5.9.0 OFDM=5.17.9.1
DVB: registering adapter 0 frontend 0 (Afatech AF9033 (DVB-T))...
tda18218: NXP TDA18218HN successfully identified.
Registered IR keymap rc-empty
input: IR-receiver inside an USB DVB receiver as /devices/pci0000:00/0000:00:12.2/usb1/1-1/rc/rc0/input7
rc0: IR-receiver inside an USB DVB receiver as /devices/pci0000:00/0000:00:12.2/usb1/1-1/rc/rc0
dvb-usb: schedule remote query interval to 250 msecs.
dvb-usb: AVerMedia AVerTV Volar HD/PRO (A835) successfully initialized and connected.
usbcore: registered new interface driver dvb_usb_af9035
</span></span></pre>
<div>
<span style="color: #444444;"><span style="line-height: 14px;"><br /></span></span></div>
<div>
<span style="color: #444444;"><span style="line-height: 14px;">That's all you're done :-)</span></span></div>
<div>
<span style="color: #444444;"><span style="line-height: 14px;"><br /></span></span></div>
<div>
<span style="color: #444444;"><span style="line-height: 14px;"><b><i>Some sources:</i></b></span></span></div>
<div>
<span style="color: #444444;"><span style="line-height: 14px;"><br /></span></span></div>
<div>
<span style="color: #444444;"><span style="line-height: 14px;"><a href="http://forum.ubuntu-it.org/viewtopic.php?f=9&t=516182" target="_blank">http://forum.ubuntu-it.org/viewtopic.php?f=9&t=516182</a></span></span></div>
<div>
<span style="color: #444444;"><br /></span></div>
<div>
<span style="color: #444444;"><a href="http://forum.ubuntu-fr.org/viewtopic.php?id=799061" target="_blank">http://forum.ubuntu-fr.org/viewtopic.php?id=799061</a></span></div>
<div>
<span style="color: #444444;"><span style="line-height: 14px;"><br /></span></span></div>
<div>
<span style="color: #444444;"><span style="line-height: 14px;"><br /></span></span></div>
<div>
<span style="color: #444444;"><span style="line-height: 14px;"><br /></span></span></div>
<div>
<span style="color: #444444;"><span style="line-height: 14px;"><br /></span></span></div>
<div>
<span style="color: #444444;"><span style="line-height: 14px;"><br /></span></span></div>
<br />
<br />
<br />
<br />Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com0tag:blogger.com,1999:blog-4353161337668741389.post-10210215898685380362012-07-18T15:19:00.002+02:002012-09-08T12:40:29.726+02:00Mini Howto XBMC : Install an MCE remote control to take over your Linux XBMC Box<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivP1E-eK1q13izN3hb5cFBl1k1Q5mnuMgsYWOq4BGuYFBXruV7sT7_hvUrZkLwmh3DL1HaA1CViaXyOBa_QI32UsXClZl-qCgzPE_1QZznoEmeRxVjq28fZJ_Zm4BWGMKm1cpNdb30PiEa/s1600/logo_xbmc.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivP1E-eK1q13izN3hb5cFBl1k1Q5mnuMgsYWOq4BGuYFBXruV7sT7_hvUrZkLwmh3DL1HaA1CViaXyOBa_QI32UsXClZl-qCgzPE_1QZznoEmeRxVjq28fZJ_Zm4BWGMKm1cpNdb30PiEa/s1600/logo_xbmc.png" /></a></div>
<br />
<h3>
The Goal: </h3>
<div>
The better and easiest way to control your XBMC box is naturally a remote control. (moreover for the rest of the family ^^) </div>
<div>
<br /></div>
<div>
If your HTPC wasn't provided with one or if you want to change, that's my opinion but my advise would be to buy an MCE remote, also called Microsoft remote control.</div>
<div>
<br /></div>
<div>
They will easily work in any Linux installation and will work without any suffering effort in XBMC !</div>
<div>
<br /></div>
<h3>
What you need:</h3>
<div>
<ul>
<li>A functional XBMC Linux installation</li>
<li>An MCE remote control associated with its IR receiver. (prefer an external USB IR receiver)</li>
</ul>
<div>
For my personal installation, i bought this one (french link):</div>
</div>
<div>
<a href="http://www.maisondunumerique.com/telecommande-hfx-vista-remote-control-gp.html" target="_blank">http://www.maisondunumerique.com/telecommande-hfx-vista-remote-control-gp.html</a></div>
<div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgReLX826VqkMKq4QOFF6ZCi3cvW-Xj4AA_l7RrwOqaSeEz1W8j3elEn6IjpcWRnCqCPp2I5UR7GHIzVf4Lp0Wcr7XWljODBfMYN72KoqW2NZaNCbnHtqUg8y0vGPtFwjdqZvyWTVXrR9dP/s1600/photo.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgReLX826VqkMKq4QOFF6ZCi3cvW-Xj4AA_l7RrwOqaSeEz1W8j3elEn6IjpcWRnCqCPp2I5UR7GHIzVf4Lp0Wcr7XWljODBfMYN72KoqW2NZaNCbnHtqUg8y0vGPtFwjdqZvyWTVXrR9dP/s320/photo.JPG" width="320" /></a></div>
<br />
It works perfectly in Linux and XBMC and comes with a great IR USB reveiver.<br />
The remote itself has a good quality, nothing to regret.<br />
<br />
You may also look for one on ebay, you'll easily find a lot of MCE remotes that will work with no issues in XBMC and Linux.<br />
<br />
<h3>
</h3>
<h3>
Step 1: Install and configure LIRC</h3>
<b>Plug the IR and check kernel messages:</b><br />
<br />
<i>First plug the IR receiver and check kernel messages, you should find such a message telling your the IR receiver has been detected and installed:</i><br />
<br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">[ 11.560051] input: MCE IR Keyboard/Mouse (mceusb) as /devices/virtual/input/input9
[ 11.563329] IR MCE Keyboard/mouse protocol handler initialized
[ 11.572910] lirc_dev: IR Remote Control driver registered, major 249
[ 11.574374] rc rc0: lirc_dev: driver ir-lirc-codec (mceusb) registered at minor = 0
[ 11.574382] IR LIRC bridge handler initialized
[ 11.624101] mceusb 4-2:1.0: Registered Topseed Technology Corp. eHome Infrared Transceiver with mce emulator interface version 1
[ 11.624110] mceusb 4-2:1.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x1 active) </span></span></pre>
<br />
<br />
Here you can see Linux recognized the IR device has an "mceusb", the driver will be loaded directly by the kernel itself.<br />
<br />
<b>Install and configure LIRC:</b><br />
<br />
If LIRC is already installed in your system, my advise is to completely uninstall it, you could use "dpkg-reconfigure lirc" but it my case it was not completely working as expected.<br />
<br />
<i><b>Moreover, in Ubuntu 12.04 there seems to be problem identiying a kernel directory when installing LIRC, if you have any issue starting LIRC, the workaround is:</b></i><br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444; font-size: 13px; line-height: 18px;"><span style="line-height: 14px;">$ sudo </span></span><span style="background-color: white; line-height: 14px;"><span style="color: #444444;">ln -s /lib/modules/3.2.0-26-generic/kernel/drivers/staging/media/lirc /lib/modules/3.2.0-26-generic/kernel/drivers/staging/lirc</span></span></pre>
<br />
<br />
<b>NB: Replace with your kernel version (eg. 3.2.X-XX-....), use the command "uname -a" if you don't know it</b><br />
<br />
<br />
<b>So backup your config files if required (in directory "/etc/lirc") and:</b><br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">sudo apt-get remove --purge lirc</span></span></pre>
<br />
<br />
<i><b>Install LIRC:</b></i><br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">sudo apt-get install lirc</span></span></pre>
<br />
<br />
<i><b>Accept the installation and when requested in first configuration screen, choose the "Windows Media Center Transceivers/Remotes [all]" :</b></i><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjK1C8VA8uVwajrxBQxITDWuEPxdYBHttJTGNd6TTnkSwGKy2U7ouA8M4RwY2HPEMSZzLLk865kHZHzvWC-t6oY7SvMBbnMGc2CEQbsdr33FkJ7ZpEDcuKXChmVcP6Z6xneYx4OCCM4w8xQ/s1600/2012-07-18_145730.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="446" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjK1C8VA8uVwajrxBQxITDWuEPxdYBHttJTGNd6TTnkSwGKy2U7ouA8M4RwY2HPEMSZzLLk865kHZHzvWC-t6oY7SvMBbnMGc2CEQbsdr33FkJ7ZpEDcuKXChmVcP6Z6xneYx4OCCM4w8xQ/s640/2012-07-18_145730.jpg" width="640" /></a></div>
<br />
<br />
<b>And choose none for the second screen and valid.</b><br />
<br />
<br />
<h3>
Step 2: Test</h3>
<br />
<i>use the LIRC provided tool to test your remote control:</i><br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">$ irw</span></span></pre>
<br />
<br />
Press some randoms remote keys, if your MCE remote works, you will get keys signals.<br />
If you don't have nothing, you might have a problem with LIRC or with your configuration:<br />
<br />
<ul>
<li>double check that LIRC is started, in case of and to check messages restart it (sudo /etc/init.d/lirc restart)</li>
<li>If LIRC is failing to start, check the workaround at the beginning of this article, a kernel directory location change seems to break LIRC!</li>
<li>check your receiver, on various IR receivers you'll get a red light when pressing a remote key</li>
<li>perhaps your remote control will need a other driver, ask Google :-)</li>
</ul>
<h3>
<b><br /></b></h3>
<h3>
<b>Step 3: XBMC Test</b></h3>
<div>
<br />
Restart XBMC and test your remote control, in my case (and in general with an MCE remote) you absolutely have nothing more to configure ^^</div>
<div>
<br /></div>
<div>
And you're done, enjoy :-)</div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<br />
<br /></div>
Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com7tag:blogger.com,1999:blog-4353161337668741389.post-90497599887879247072012-07-16T14:53:00.000+02:002012-10-19T16:42:02.743+02:00Mini How-to : Google Drive under Linux: Synchronize your Google Drive under Linux with grive ! (waiting for the official Google client ^^)<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYXmdOIKk5TGJ0fSweFr8Yv0bccxNtLhyGRoAEN9ZKiPdmhSh-c9816gOy2vgPgCKPN45dNp1demQwgdkO4xME5zDF-jRapSz9ImOkTn4ayu_Ci36HE6g2I45k7SHUyvWyo27LmnX8-Sun/s1600/Google-Introducing-Google-Drive-Most-Reliable-Cloud-Storage-Ever-Created.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYXmdOIKk5TGJ0fSweFr8Yv0bccxNtLhyGRoAEN9ZKiPdmhSh-c9816gOy2vgPgCKPN45dNp1demQwgdkO4xME5zDF-jRapSz9ImOkTn4ayu_Ci36HE6g2I45k7SHUyvWyo27LmnX8-Sun/s1600/Google-Introducing-Google-Drive-Most-Reliable-Cloud-Storage-Ever-Created.png" /></a></div>
<br />
<br />
<b><i><span style="color: #990000;">Edit 10/18/2012:</span></i></b><br />
<i><span style="color: #990000;">Take a look at new project <a href="https://www.insynchq.com/">https://www.insynchq.com/</a>, it's very easy to install and use, offers much more integration in Linux desktop than grive.</span></i><br />
<i><span style="color: #990000;"><br /></span></i>
<i><span style="color: #990000;">Very great !!!</span></i><br />
<br />
<br />
<br />
Official Linux Google drive version is still lacking... if you are as i am addicted to various Google Services this lack is very frustrating ! (what does Google waits for ???)<br />
<br />
Fortunately, you can now, thanks to "grive" and its author, synchronize your local documents to your Google Drive in command line :-)<br />
<br />
<b>Here's how in a few command lines:</b><br />
<b style="background-color: white;"><br /></b>
<b style="background-color: white;">Install grive:</b><br />
<br />
<i>Install grive (under Ubuntu and derived distributions)</i><br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">sudo add-apt-repository ppa:nilarimogard/webupd8
sudo apt-get update
sudo apt-get install grive</span></span></pre>
<b><br /></b>
<b>Configure first launch to authorize grive to access to your Google Drive:</b><br />
<br />
<i><b>Go to the directory</b> you to be synchronize with Google Drive and configure griv</i>e<br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">$ cd <My Local Directory to synchronize></span></span></pre>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">$ grive</span></span></pre>
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">-----------------------
Please go to this URL and get an authentication code:
https://accounts.google.com/o/oauth2/auth?scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2F
auth%2Fuserinfo.profile+https%3A%2F%2Fdocs.google.com%2Ffeeds%2F+https%3A%2F%2Fdocs.googleusercontent.com%2F+https%3A%2F%2Fspreadsheets.goog
le.com%2Ffeeds%2F&redirect_uri=urn:ietf:wg:oauth:2.0:oob&response_type=code&client_id=22314510474.apps.googleusercontent.com
-----------------------
Please input the authentication code here: </span></span></pre>
<br />
<br />
Open your Web browser, paste this URL and login with your Google account when asked and finally copy the code that Google will provide to paste into the terminal<br />
<br />
<i>grive will execute the first synchronization:</i><br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="background-color: white; line-height: 14px;"><span style="color: #444444;">Reading local directories
Synchronizing folders
Reading remote server file list
Detecting changes from last sync
Synchronizing files
Finished!</span></span><span style="color: #444444;"><span style="line-height: 14px;"> </span></span></pre>
<br />
<br />
You're done, now every time you want to synchronize your local data with your Google Drive, just enter a terminal, "cd" to your directory and enter "grive" command line.<br />
<br />
It is not necessary anymore to run it with "-a" option as its purpose was to configure and associate your computer with your Google drive account, just run grive with no option to initiate synchronization.<br />
<br />
<i>You may also want to see others options such as "-v" to enable more verbose mode or "--dry-run" to simulate execution, just see help:</i><br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">grive --help
Grive options:
-h [ --help ] Produce help message
-v [ --version ] Display Grive version
-a [ --auth ] Request authorization token
-V [ --verbose ] Verbose mode. Enable more messages than normal.
-d [ --debug ] Enable debug level messages. Implies -v.
-l [ --log ] arg Set log output filename.
-f [ --force ] Force grive to always download a file from Google Drive
instead of uploading it.
--dry-run Only detect which files need to be uploaded/downloaded,
without actually performing them. </span></span></pre>
<br />
<br />
<br />
<b>Really great work from the author (see man):</b><br />
<br />
<pre style="background-color: #fefdfa; border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">AUTHOR
The software was developed by Nestal Wan.
This manpage was written by Jose Luis Segura Lucas (josel.segura@gmx.es) </span></span></pre>
<br />
<br />
<span style="background-color: white;"> </span><br />
<b>Now we (all Linux Google services users) are still waiting from Google to finally provide us their official client... Google listen to us, it would be nice not to forgive Linux users :-)</b><br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com1tag:blogger.com,1999:blog-4353161337668741389.post-3289970177429798272012-07-15T12:19:00.002+02:002013-03-09T00:40:32.658+01:00SSH / Google 2-Step Authentication How-To : Enhance your SSH security with Google Two factor Authentication Service<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjv206BIOTH1AC-yVo39Xf6yyGaSOPDFs_Gm3-olE1RwPegg0rKtJiq8aCSkxV3hxZXBy7ota0wyi0Muc2ijCs3U1Az_e3vhlJ54tuYBsCrP2aYlUnrwtet732t5lj5fk_xExnRlB1PgBsm/s1600/ssh_google.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="172" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjv206BIOTH1AC-yVo39Xf6yyGaSOPDFs_Gm3-olE1RwPegg0rKtJiq8aCSkxV3hxZXBy7ota0wyi0Muc2ijCs3U1Az_e3vhlJ54tuYBsCrP2aYlUnrwtet732t5lj5fk_xExnRlB1PgBsm/s320/ssh_google.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<h3>
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; font-weight: normal; line-height: 18px;"><span style="color: #666666;"><b style="font-size: x-large;">*** Updated</b><b style="font-size: x-large;"> March 9, 2013 ***</b></span></i></h3>
<h3>
<i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; font-weight: normal; line-height: 18px;"><b>Major changes:</b></i><br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; font-weight: normal; line-height: 18px;" /><i style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; font-weight: normal; line-height: 18px;">03/09/2013 - Added missing pam settings upon user comment</i></h3>
<h3>
</h3>
<h3>
The Goal:</h3>
<div>
<br /></div>
<div>
Google provides for free a great service to enhance your Google account security called "Google 2-Step Authentication" (also called two factor authentication) and offers a real strong authentication mechanism.</div>
<div>
<br /></div>
<div>
This service can also easily be used to enhance your SSH access security.</div>
<div>
In a few words, you will be able to protect your SSH access with strong authentication using your smartphone as a software token.</div>
<div>
<br /></div>
<div>
<b>Do not hesitate to read official Google page if you need more information:</b></div>
<div>
<a href="https://support.google.com/accounts/bin/topic.py?hl=en&topic=28786" target="_blank">https://support.google.com/accounts/bin/topic.py?hl=en&topic=28786 </a></div>
<div>
<span style="color: #444444; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><b>You may also read my article about configuring it to protect your Google account access:</b></span></div>
<div>
<a href="http://youresuchageek.blogspot.fr/2012/07/google-account-howto-protect-and-secure.html">http://youresuchageek.blogspot.fr/2012/07/google-account-howto-protect-and-secure.html</a>
</div>
<div>
<br /></div>
<div>
<b>Other useful sources (thanks to various authors):</b></div>
<div>
<a href="http://www.mnxsolutions.com/security/two-factor-ssh-with-google-authenticator.html">http://www.mnxsolutions.com/security/two-factor-ssh-with-google-authenticator.html</a></div>
<div>
<br /></div>
<h3>
What you need:</h3>
<div>
<ul>
<li>A running Linux Box with SSH installed and accessible</li>
<li>A smartphone : Iphone, Android or RIM</li>
</ul>
<div>
<br /></div>
</div>
<h3>
Step 1: Install Google Authenticator</h3>
<div>
<br /></div>
<div>
<i>Tested under Ubuntu 12.04 TLS:</i></div>
<div>
<pre style="border: 1px dashed rgb(47, 111, 171); padding: 1em;"><span style="background-color: white; color: #444444; line-height: 14px;">sudo apt-get install libpam-google-authenticator</span></pre>
</div>
<div>
<br /></div>
<div>
<h3>
Step 2: Configure SSH to use Google Authenticator</h3>
</div>
<div>
<br /></div>
<span style="font-family: inherit; font-weight: normal;"><i><span style="line-height: 18px;">Edit "</span><span style="background-color: white; line-height: 23px;">/etc/pam.d/sshd" with your favorite text editor and add:</span></i></span><br />
<div>
<pre style="border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #777777; font-size: 13px; line-height: 23px; white-space: normal;">auth required pam_google_authenticator.so</span></pre>
<span style="color: #444444;"><span style="font-family: inherit; line-height: 18px;"><i><br /></i></span></span>
<span style="color: #444444;"><span style="font-family: inherit; line-height: 18px;"><i>Edit "/etc/ssh/sshd_config" and set:</i></span></span><br />
<pre style="border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #777777;"><span style="line-height: 23px; white-space: normal;">ChallengeResponseAuthentication yes</span></span></pre>
<i style="color: #444444; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><br /></i>
<span style="font-family: inherit;"><i style="background-color: #fefdfa;"><span style="color: #444444;"><span style="line-height: 18px;">Edit "/etc/pam.d/common-auth" and set:</span></span></i><i style="color: #444444; line-height: 18px;"><br /></i></span><br />
<span style="background-color: #fefdfa; line-height: 18px;"><span style="color: #444444; font-family: inherit;"><i></i></span></span><br />
<span style="color: #444444; font-family: inherit;"><i>auth required pam_google_authenticator.so</i></span><br />
<span style="color: #444444; font-family: inherit;"><i>auth [success=1 default=ignore] pam_unix.so nullok_secure</i></span><br />
<br />
<br />
<i style="color: #444444; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;">As the user you want to connect with, configure your Google two factors authentication:</i><br />
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">$ google-authenticator</span></span></pre>
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">https://www.google.com/chart?chs=200x200&chld=M|0&cht=qr&chl=otpauth://totp/user@host%3Fsecret%3DZDTR6VU5FR5OIZ3G
<BAR CODE>
Your new secret key is: ZDTR6VU5FR5OIZ3G
Your verification code is 843231
Your emergency scratch codes are:
31043901
75807840
98606066
42902460
31208347
Do you want me to update your "~/.google_authenticator" file (y/n)
Do you want to disallow multiple uses of the same authentication
token? This restricts you to one login about every 30s, but it increases
your chances to notice or even prevent man-in-the-middle attacks (y/n) y
By default, tokens are good for 30 seconds and in order to compensate for
possible time-skew between the client and the server, we allow an extra
token before and after the current time. If you experience problems with poor
time synchronization, you can increase the window from its default
size of 1:30min to about 4min. Do you want to do so (y/n) y
If the computer that you are logging into isn't hardened against brute-force
login attempts, you can enable rate-limiting for the authentication module.
By default, this limits attackers to no more than 3 login attempts every 30s.
Do you want to enable rate-limiting (y/n) y
</span></span></pre>
<div>
<span style="color: #444444;"><span style="line-height: 14px;"><br /></span></span></div>
<br />
<span style="color: #444444; font-family: inherit; line-height: 18px;"><b>Note: </b></span><br />
<span style="color: #444444; font-family: inherit; line-height: 18px;">Emergency codes are provided in case of your phone would be unavailable, you should keep it somewhere </span><br />
<span style="color: #444444; font-family: inherit; line-height: 18px;"><br /></span>
<span style="color: #444444; font-family: inherit;"><span style="line-height: 18px;">Open your Google Authenticator application on your phone, click on "+" and "read bar code", get the bar code provided by the terminal, it will be added automatically in the application.</span></span><br />
<span style="color: #444444; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><br /></span></span>
<br />
<span style="color: #444444;"><span style="font-family: inherit; line-height: 18px;"><i>Restart ssh:</i></span></span><br />
<pre style="border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #777777;"><span style="line-height: 23px; white-space: normal;">sudo service ssh restart</span></span></pre>
<br />
<span style="color: #444444; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"><br /></span></span>
<span style="color: #444444; font-family: inherit;"><span style="line-height: 18px;"></span></span><br />
<span style="color: #444444; font-family: inherit;"><b>Note:</b></span><br />
<span style="color: #444444; font-family: inherit;">I recommend you to keep your opened terminal up in case you would be unable to connect </span></div>
<div>
<h3>
</h3>
<h3>
<br class="Apple-interchange-newline" />Step 3: Check authentication<div style="font-size: medium; font-weight: normal;">
</div>
</h3>
</div>
<div>
<br /></div>
<div>
<div>
<span style="color: #444444; font-family: inherit;"><span style="line-height: 18px;"></span></span><br />
<span style="color: #444444;">Try to connect to your host using Google code provided by your phone:</span><br />
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">ssh user@host
Password:
Verification code:
Welcome to Ubuntu 12.04 LTS (GNU/Linux 3.2.0-26-generic x86_64)
Last login: Sun Jul 15 11:28:17 2012 from XXX.XXX.X.XX
user@host:~$
</span></span></pre>
<div>
<span style="color: #444444;"><span style="line-height: 14px;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJLWeZDQtp1BG65xEwhoyGTyA5t1sS8HpDOA1acLQgFb3YxAtaFCOxjpCRc9A7wolPalNl6ASahDNO3VFkaxDp0YJ5KaCDeh8css6ss-jm9e5WjGzNTUoRx57Djeweh2VfH3fOKl-w8-ox/s1600/photo+1.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJLWeZDQtp1BG65xEwhoyGTyA5t1sS8HpDOA1acLQgFb3YxAtaFCOxjpCRc9A7wolPalNl6ASahDNO3VFkaxDp0YJ5KaCDeh8css6ss-jm9e5WjGzNTUoRx57Djeweh2VfH3fOKl-w8-ox/s320/photo+1.PNG" width="213" /></a></div>
<div>
<span style="color: #444444;"><span style="line-height: 14px;"><br /></span></span></div>
<br />
<span style="color: #444444;"><br /></span>
<br />
<span style="color: #444444; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-small;"><span style="line-height: 18px;"></span></span></div>
<div>
</div>
</div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: small; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: small; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: small; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: small; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: small; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: small; line-height: 18px;"><br /></span></div>
<div>
<span style="font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: small; line-height: 18px;"><br /></span></div>
<div>
<span style="color: #444444; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px;"><br /></span></div>
Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com5tag:blogger.com,1999:blog-4353161337668741389.post-75966669551657700932012-07-08T16:45:00.000+02:002012-08-27T23:26:46.968+02:00XBMC PVR How-to : Enhance your XBMC Media Center Experience with Live TV<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivP1E-eK1q13izN3hb5cFBl1k1Q5mnuMgsYWOq4BGuYFBXruV7sT7_hvUrZkLwmh3DL1HaA1CViaXyOBa_QI32UsXClZl-qCgzPE_1QZznoEmeRxVjq28fZJ_Zm4BWGMKm1cpNdb30PiEa/s1600/logo_xbmc.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivP1E-eK1q13izN3hb5cFBl1k1Q5mnuMgsYWOq4BGuYFBXruV7sT7_hvUrZkLwmh3DL1HaA1CViaXyOBa_QI32UsXClZl-qCgzPE_1QZznoEmeRxVjq28fZJ_Zm4BWGMKm1cpNdb30PiEa/s1600/logo_xbmc.png" /></a></div>
<br />
<h3>
<b style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-large;">*** Updated</b><b style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-large;"> August 2012: ***</b><br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; font-weight: normal; line-height: 18px;" /><span style="background-color: #fefdfa; color: #333333; font-family: inherit; font-size: 13px; font-weight: normal; line-height: 18px;">- Debian/Ubuntu package 3.0</span><br style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; font-weight: normal; line-height: 18px;" /><b style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-large;">*********************</b><b style="background-color: #fefdfa; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: x-large;">***</b>
</h3>
<h3>
The Goal:</h3>
<br />
Configuring Live TV on XBMC is a great way to complete your Media Center Experience, that's called "PVR" and will allow you to watch real Live TV on your XBMC Box!<br />
<br />
For now, XBMC does not take in charge TV Backend functionality, it will only act as a frontend to a backend software that will manage the TV Tuner.<br />
<br />
Please take a look on my Full XBMC post to help you installing and configuring XBMC:<br />
<a href="http://youresuchageek.blogspot.fr/2012/06/xbmc-install-and-config-howto-for-linux.html">xbmc-install-and-config-howto-for-linux</a><br />
<br />
<h3>
What you need:</h3>
<br />
<ul>
<li>A working XBMC installation embedded with PVR (if you used my post, PVR is part of XBMC compilation)</li>
<li>A TV Tuner: USB Tv tuner, PCI, HD HomeRun... I used an "Elgato Eye TV Diversity"</li>
<li>A Backend software to manage TV flow, i recommend you to use tvheadend</li>
</ul>
<h3>
</h3>
<h3>
<span style="color: #990000; font-size: large;">
Step 1: Install the TV Tuner and check configuration</span></h3>
<div>
First, plug the TV Tuner to your Linux Box and check kernel log, if everything are right you should get this kind of message:</div>
<div>
<br /></div>
<div>
<pre style="border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">[30943.681707] dvb-usb: found a 'Elgato EyeTV Diversity' in cold state, will try to load a firmware
[30943.690351] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[30943.929564] dib0700: firmware started successfully.
[30944.432325] dvb-usb: found a 'Elgato EyeTV Diversity' in warm state.
[30944.432550] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[30944.432693] DVB: registering new adapter (Elgato EyeTV Diversity)
[30944.700631] DVB: registering adapter 0 frontend 0 (DiBcom 7000PC)...
[30944.936519] DiB0070: successfully identified
[30944.936530] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[30944.936749] DVB: registering new adapter (Elgato EyeTV Diversity)
[30945.106998] DVB: registering adapter 1 frontend 0 (DiBcom 7000PC)...
[30945.348653] DiB0070: successfully identified
[30945.348689] Registered IR keymap rc-dib0700-nec
[30945.349030] input: IR-receiver inside an USB DVB receiver as /devices/pci0000:00/0000:00:12.2/usb1/1-1/rc/rc1/input8
[30945.349535] rc1: IR-receiver inside an USB DVB receiver as /devices/pci0000:00/0000:00:12.2/usb1/1-1/rc/rc1
[30945.349911] dvb-usb: schedule remote query interval to 50 msecs.
[30945.349924] dvb-usb: Elgato EyeTV Diversity successfully initialized and connected.</span></span><span style="color: #444444; font-size: 13px; line-height: 1.1em;">
</span></pre>
</div>
<div>
<br /></div>
<div>
You can see here that the kernel successfully identified the USB TV Tuner ind installed appropriated driver, i recommend you to double check Linux compatibility before buying your TV Tuner.</div>
<div>
<br /></div>
<h3>
<span style="color: #990000; font-size: large;">
Step 2: Install tvheadend as the Backend for Live TV</span></h3>
<div>
<br /></div>
<div>
Download and install the backend, we will use "tvheadend".<br />
In my opinion, this a very good TV Backend that comes with a nice web interface.</div>
<div>
<br /></div>
<div>
So we will use the last version which is still running underdevelopment to get all tvheadend functionalities. Tvheadend is small and does not have much dependencies, so compilation will be easy.</div>
<div>
<br /></div>
<div>
(You can also install the version provided by your package system, on Debian derived systems: sudo apt-get install tvheadend)</div>
<div>
<br /></div>
<div>
<b>Install tvheadend:</b></div>
<div>
<br /></div>
<div>
Source:</div>
<div>
<a href="https://www.lonelycoder.com/redmine/projects/tvheadend/wiki/download">https://www.lonelycoder.com/redmine/projects/tvheadend/wiki/download</a>
</div>
<div>
<pre style="background-color: #fafafa; border-bottom-color: rgb(218, 218, 218); border-bottom-style: solid; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(218, 218, 218); border-left-style: solid; border-left-width: 1px; border-right-color: rgb(218, 218, 218); border-right-style: solid; border-right-width: 1px; border-top-color: rgb(218, 218, 218); border-top-style: solid; border-top-width: 1px; color: #484848; font-size: 12px; margin-bottom: 1em; margin-left: 1.6em; margin-right: 1em; margin-top: 1em; overflow-x: auto; overflow-y: hidden; padding-bottom: 2px; padding-left: 0px; padding-right: 2px; padding-top: 2px; width: auto;">$ wget https://github.com/downloads/tvheadend/tvheadend/tvheadend_3.0_amd64.deb</pre>
</div>
<div>
<pre style="background-color: #fafafa; border-bottom-color: rgb(218, 218, 218); border-bottom-style: solid; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(218, 218, 218); border-left-style: solid; border-left-width: 1px; border-right-color: rgb(218, 218, 218); border-right-style: solid; border-right-width: 1px; border-top-color: rgb(218, 218, 218); border-top-style: solid; border-top-width: 1px; color: #484848; font-size: 12px; margin-bottom: 1em; margin-left: 1.6em; margin-right: 1em; margin-top: 1em; overflow-x: auto; overflow-y: hidden; padding-bottom: 2px; padding-left: 0px; padding-right: 2px; padding-top: 2px; width: auto;">$ sudo dpkg -i tvheadend_3.0_amd64.deb</pre>
</div>
<div>
<br />
Answer to installation questions, admin username and password.<br />
<br />
After installation, you should find the process up (ps -ef - grep tvheadend) and an init script in "/etc/init.d/tvheadend".<br />
<br />
Configuration files will be located in "/home/hts/.hts" and "/home/hts/.xmltv".<br />
<br /></div>
<div>
<span style="color: #990000; font-size: large;"><b>Step 3: Configure tvheadend</b></span><br />
<br /></div>
<div>
<b>Connect to tvheadend web interface using your localhost URL (change localhost by appropriated backend IP or Hostname if required) :</b></div>
<div>
<br /></div>
<div>
<a href="http://localhost:9981/">http://localhost:9981</a></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUONXY1iDZuMnlcdx2R-Q6XRachK46WdQJxsUZmrwvwKOcTlYFKmvkWVWNpW6_vjNNzvT5Za7n_jXXBct4k7ChbL52ArDZaIE1XScZxNHuqRAFg6yac9VeMjEDPRZv7kLG25-uQ3XsnS0l/s1600/screen1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="330" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUONXY1iDZuMnlcdx2R-Q6XRachK46WdQJxsUZmrwvwKOcTlYFKmvkWVWNpW6_vjNNzvT5Za7n_jXXBct4k7ChbL52ArDZaIE1XScZxNHuqRAFg6yac9VeMjEDPRZv7kLG25-uQ3XsnS0l/s640/screen1.png" width="640" /></a></div>
<div>
<br /></div>
<div>
<b>Click on "Configuration" then "TVAdapters" and choose your adapter:</b></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhAjlTbTKS3YCTLM-xxHC0Luxu9ZrVXva1F0SVQNTZxDjisghR8J1YhAJtkCbYfgWcAeGQdm4Ia_ouQMwQtH3IdjqsQ4Qdg5-rGaw6svKDaoKqoH4dubJtZ0eKH8K_6AXU3zm81Ta5fq7kz/s1600/screen2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="334" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhAjlTbTKS3YCTLM-xxHC0Luxu9ZrVXva1F0SVQNTZxDjisghR8J1YhAJtkCbYfgWcAeGQdm4Ia_ouQMwQtH3IdjqsQ4Qdg5-rGaw6svKDaoKqoH4dubJtZ0eKH8K_6AXU3zm81Ta5fq7kz/s640/screen2.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div>
<b>Scan for channels:</b><br />
<br />
Select "Add DVB Networks By Location" and add your country and/or city, in my case i choosed defaults and my country to ensure i would get all channels.</div>
<div>
<br /></div>
<div>
Immediately after that, tvheadend will start to scan for channels.<br />
Be patient, this will required a long time to end.<br />
In "General" screen (middle right page), you will see the scan result and running "services". (which mean channels found by the adapter)</div>
<div>
<br /></div>
<div>
Take a look on "Multiplexes", if your antenna and your TV Tuner works fine you should see something like that:</div>
<div>
<br /></div>
<div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEig7zsNrTgbliRyzlL3eARBahCA8BqAyq5hGJewkbcbCx0Aa_jXZfp11LZcucr8VAwJGfLx_5skSu3dnfCGcesFRZonmCRoqzB7EViFL0_CmlJPBZB0oa1n4lyzznv1iYLTMGg85wYg5ULx/s1600/screen3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="330" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEig7zsNrTgbliRyzlL3eARBahCA8BqAyq5hGJewkbcbCx0Aa_jXZfp11LZcucr8VAwJGfLx_5skSu3dnfCGcesFRZonmCRoqzB7EViFL0_CmlJPBZB0oa1n4lyzznv1iYLTMGg85wYg5ULx/s640/screen3.png" width="640" /></a></div>
<br /></div>
<div>
<br /></div>
<div>
<b>When the scan process will be over, you will see channels in "Services":</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQnZTKNWg8GOJ1kVSLLu2v22AwP_IRbOFmq8L_PHeqQxp0B5JAq6izJNR0HaI79d7KdMhzrrpoUjEvp60R3W7IvWQKc5whgn193KM5IPpEOJzY5stWbfT70QIuD1tfRPiMXmD-DkGv8z7j/s1600/screen4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="332" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQnZTKNWg8GOJ1kVSLLu2v22AwP_IRbOFmq8L_PHeqQxp0B5JAq6izJNR0HaI79d7KdMhzrrpoUjEvp60R3W7IvWQKc5whgn193KM5IPpEOJzY5stWbfT70QIuD1tfRPiMXmD-DkGv8z7j/s640/screen4.png" width="640" /></a></div>
<br />
<br />
Wait for the full process to end, then in "General", click "Map DB services to channels".<br />
<br />
<span style="background-color: white;">Additionally</span>, edit others services and map them manually to channels.<br />
<br /></div>
<div>
<b>Edit channels to end configuration:</b><br />
<br />
Go in "Channels" panel and edit any channel to set channel number and so on.<br />
<br />
If you want channels logo to appear in XBMC (and you will because that's pretty), we will have to use an apache instance for it, so create an apache instance, download channels logo (use google image) and save them to the root folder of the apache instance.<br />
<br />
<b>In a few words:</b><br />
<br />
<ul>
<li>Edit new Apache service (don't forget to add the port if new in ports.conf) and tune to your needs:</li>
</ul>
</div>
<div>
<br />
<pre style="border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #444444;"><span style="line-height: 14px;"><VirtualHost *:10000>
ServerAdmin webmaster@localhost
ServerName xxxxxxxxxxxxxxx
DocumentRoot /media/xbmc/logo
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel notice
CustomLog /var/log/apache2/access.log combined
ErrorLog /var/log/apache2/error.log
ServerSignature On
</VirtualHost>
</span></span></pre>
<div>
<span style="color: #444444;"><span style="line-height: 14px;"><br /></span></span></div>
</div>
<div>
<br />
<ul>
<li>Restart apache and add channels logo pictures to the apache root folder</li>
</ul>
<div>
<ul>
<li>Ensure it works by get one logo as for an example with your web browser</li>
</ul>
<ul>
<li>In tvheadend "Channels" panel, configure the logo, configuration example:</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTTmMUilhItUy4qXPje8a0MUdOEDDcW3UTNmT1hE8L6ZrUQuTEIz7t2qta_vAkR2zsKmBv0neZ7kyyAj0KlDy8ld-JI15-FNw84Ud6OiqvG4izepfVpkEFT0kTh32upR7Wy4BcXgvAFAqK/s1600/screen5.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="316" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTTmMUilhItUy4qXPje8a0MUdOEDDcW3UTNmT1hE8L6ZrUQuTEIz7t2qta_vAkR2zsKmBv0neZ7kyyAj0KlDy8ld-JI15-FNw84Ud6OiqvG4izepfVpkEFT0kTh32upR7Wy4BcXgvAFAqK/s640/screen5.png" width="640" /></a></div>
<div>
<br /></div>
</div>
<div>
<br /></div>
<div>
You're done with tvheadend configuration, i recommend you to simply add it to your session automatic run. (if your are using a desktop session)</div>
<div>
<br /></div>
<div>
You may also simply write an initrc script shell to start and stop it as a service.</div>
<div>
<br /></div>
<div>
<b>Finally configure the XML Grabber:</b></div>
<div>
<br /></div>
<div>
On Debian derived systems, install xmltv:</div>
<div>
<br /></div>
<div>
<pre style="border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span style="color: #444444;"><span style="line-height: 14px;">sudo </span></span><span style="background-color: white; line-height: 14px;"><span style="color: #444444;">apt-get install xmltv</span></span></pre>
</div>
<div>
<br /></div>
<div>
Go to XML TV panel, select your country and follow instruction.</div>
</div>
<div>
<h3>
<span style="color: #990000; font-size: large;"><br /></span></h3>
<h3>
<span style="color: #990000; font-size: large;">
Step 4: Configure XBMC</span></h3>
</div>
<div>
<b><br /></b>
<b>Go back in XBMC and activate the PVR addon for tvheadend frontend (system>settings>add-ons>activated addons):</b></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTHHdBHCrmYhRgyPS2D4vxAaNAsaubMdkXQZtrrJo4zzOOS6oOB3wyqK9Rp_w7qdiMQ_xcIJFZYvwVX7jw9h33QRHMD48BsymLvFFDRiwPP4HcWPiuq9ZZnq0p3NbmeA4WeB7a1KgjoiTW/s1600/screenshot036.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTHHdBHCrmYhRgyPS2D4vxAaNAsaubMdkXQZtrrJo4zzOOS6oOB3wyqK9Rp_w7qdiMQ_xcIJFZYvwVX7jw9h33QRHMD48BsymLvFFDRiwPP4HcWPiuq9ZZnq0p3NbmeA4WeB7a1KgjoiTW/s640/screenshot036.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div>
If you don't run tvheadend on same host, or if you wanted to set an admin user in tvheadend, configure it.</div>
<div>
<br /></div>
<div>
<b>If you haven't changed anything, default configuration is fine and will work.</b></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcyvi5JS4rE9GsteVhx_ziLQWw8-J1LKrJtQFlF0bGDjpDcopx9BA4VqNnK153VjaApPaFI4Kcq3mT02o4qD-ANFPYUJ4A4Ti-HB2UgPSCWqyZhRHm7FAPyq97Ah7xNPLr9XT2a0ekWE_B/s1600/screenshot037.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcyvi5JS4rE9GsteVhx_ziLQWw8-J1LKrJtQFlF0bGDjpDcopx9BA4VqNnK153VjaApPaFI4Kcq3mT02o4qD-ANFPYUJ4A4Ti-HB2UgPSCWqyZhRHm7FAPyq97Ah7xNPLr9XT2a0ekWE_B/s640/screenshot037.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<br /></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<br /></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<b>Save, and Go to "Live TV", XBMC will automatically get channels configuration, final result:</b></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjOWJLO2nW2D7NY2KhPDLdES46dRXWPIdlRx08YUlHhgRryTCLWa-Z-dV1BMyTTCX2NAOKkBf27Khs040qDleXf0l4I1bnEhiGovtmbUv_oWDOb-WF7PvkzEN2O6g4NltG1ENMGJ_VX6WZG/s1600/screenshot038.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjOWJLO2nW2D7NY2KhPDLdES46dRXWPIdlRx08YUlHhgRryTCLWa-Z-dV1BMyTTCX2NAOKkBf27Khs040qDleXf0l4I1bnEhiGovtmbUv_oWDOb-WF7PvkzEN2O6g4NltG1ENMGJ_VX6WZG/s640/screenshot038.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: -webkit-auto;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3ytY5Bia6iphBhJpd1ZVnQTOkh-oof3KdABxvEE9ZJfQ3jN7dc4whU9O4B5BIUpiQJyiEdqlP_epPhxuLFZRo_xsxzPkHnsBVmwHC2WwOWgIzcAS3RZ2lhc8Z5723X5iFh0D2ljqbOHxJ/s1600/screenshot030.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3ytY5Bia6iphBhJpd1ZVnQTOkh-oof3KdABxvEE9ZJfQ3jN7dc4whU9O4B5BIUpiQJyiEdqlP_epPhxuLFZRo_xsxzPkHnsBVmwHC2WwOWgIzcAS3RZ2lhc8Z5723X5iFh0D2ljqbOHxJ/s640/screenshot030.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div>
<br /></div>
<div>
Everything works ^^ Take a look on time-shift function or record, some of them are still under improvement and may not be as stable as it should but work.</div>
<div>
<br /></div>
<div>
As a conclusion, your XBMC Media Center is now really complete, enjoy :-)</div>
<div>
<br /></div>
<div>
<b><span style="color: #990000; font-size: large;">
FAQ and issues:</span></b><br />
<br />
<ul>
<li><b style="background-color: white;">Failing to start tvheadend with message of segmentation fault</b></li>
</ul>
<br />
I experienced this several time for unknown reasons after reboots, it was always caused by some king o epg file corruption.<br />
<br />
I you experience this, just remove the file and restart:<br />
<br />
<br />
<pre style="background-color: #fefdfa; border-bottom-color: rgb(47, 111, 171); border-bottom-style: dashed; border-bottom-width: 1px; border-image: initial; border-left-color: rgb(47, 111, 171); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(47, 111, 171); border-right-style: dashed; border-right-width: 1px; border-top-color: rgb(47, 111, 171); border-top-style: dashed; border-top-width: 1px; color: #333333; font-size: 13px; line-height: 1.1em; padding-bottom: 1em; padding-left: 1em; padding-right: 1em; padding-top: 1em;"><span class="mw-headline"><span class="mw-headline" style="background-color: white; font-family: inherit;">rm ~/.hts/tvheadend/epgdb</span></span></pre>
<br />
<br />
<br />
<br />
<br />
<br /></div>
<br />
<br />Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com27tag:blogger.com,1999:blog-4353161337668741389.post-83500813451686673372012-07-03T22:51:00.003+02:002012-09-08T12:42:21.395+02:00Google Account Howto - Protect and secure your Google Account (gmail, google+, Google Drive...) with Strong Authentication (turn your phone into a Software Secure Token, use 2 steps authentication)<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgcyH5oTE1NCpBk_gG7EI5r0__t591_38ReuQVlJ2F0J6JaQBGDVfxXZgsQO_13xpX-9xbCm2gFJnzingmih8YxcrYEQE4N8lXGNS5SaFYVBXEsTLPx5n2bWCxMafaE5828hae_-99zLzRH/s1600/Using-Google-Authenticator-with-Amazon-AWS.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgcyH5oTE1NCpBk_gG7EI5r0__t591_38ReuQVlJ2F0J6JaQBGDVfxXZgsQO_13xpX-9xbCm2gFJnzingmih8YxcrYEQE4N8lXGNS5SaFYVBXEsTLPx5n2bWCxMafaE5828hae_-99zLzRH/s1600/Using-Google-Authenticator-with-Amazon-AWS.png" /></a></div>
<h2>
</h2>
<h2>
The Goal:</h2>
<div>
How much is your Google account precious to you ? Does Google host your mails, contacts, documents of all sorts (thanks to Google Drive), professional or confidential datas ? Do you think only protecting it with a password (even strong) is enough ? You may be wrong !</div>
<div>
<br /></div>
<div>
Google offers you a great and free service which is almost the better way to secure your account access and really improves the security of your Google services and your personal data security.</div>
<div>
<br /></div>
<div>
They call it "2 Steps Authentication", i<span style="background-color: white;">n professional environment you may already know it as "Strong Identification" such as RSA SecureID and others professional solutions.</span></div>
<div>
<br /></div>
<div>
Off course Google gives you all required explanations here:</div>
<div>
<a href="https://support.google.com/accounts/bin/topic.py?hl=en&topic=28786">https://support.google.com/accounts/bin/topic.py?hl=en&topic=28786</a> </div>
<div>
<br /></div>
<div>
My Goal here is to present you and easily help to activate this great Google service in a few simple steps.<br />
It will drastically improve your account Security!<br />
<br />
<b>With this service, the only way to connect to your account will be to get your login name, your current password and to steal your Smartphone!</b><br />
<br />
<br />
<h2>
What you need:</h2>
<br />
<ul>
<li><span style="background-color: white;">First of all, a Google account ! ^^</span></li>
<li><span style="background-color: white;">A computer</span></li>
<li><span style="background-color: white;">A smartphone that will act as the Security device, IOS, Android or RIM (even an Ipad or could do the job you will have to always keep it in the pocket !)</span></li>
<li><span style="background-color: white;">Optionally a printer to be able to print your personal code for safety </span></li>
</ul>
</div>
<div>
<br />
<h3>
Step 1: Connect to your Google Account and activate the 2 Steps authentication</h3>
</div>
<div>
<br />
<ul>
<li><b>Connect to your Google account management interface and sign in:</b></li>
</ul>
<span style="background-color: white;"> (you may also connect to any Google service such as gmail, Google Drive..développement. and access to your account properties) :</span></div>
<div>
<br />
<div>
<a href="https://accounts.google.com/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2FManageAccount&followup=https%3A%2F%2Faccounts.google.com%2FManageAccount">Direct link to Google Account</a></div>
</div>
<div>
<br />
<ul>
<li><b>When connected, click on "Security" (bottom left page) :</b></li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigrRqEXnCTeIlm8FE973f-3bZH5cXdXvCizFN5oJn_mlItBrZ-bwISn7yrLy6nQI7IyiWif58EYo3u3_bGMcVbwFIU20GalbgFw12W77NSX-8VfvIYGITYbeaUkikK75Jb54Ubx1TaxfOx/s1600/2012-07-03_155944.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigrRqEXnCTeIlm8FE973f-3bZH5cXdXvCizFN5oJn_mlItBrZ-bwISn7yrLy6nQI7IyiWif58EYo3u3_bGMcVbwFIU20GalbgFw12W77NSX-8VfvIYGITYbeaUkikK75Jb54Ubx1TaxfOx/s1600/2012-07-03_155944.jpg" /></a></div>
<div>
<br /></div>
<div>
<br /></div>
</div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br />
<br />
<br />
<br />
<br />
<ul>
<li><b>In this new page, look a at the middle of the page and click on "Edit" :</b></li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPXCJw5h_AbBCj4R6LxIk0rV5DjZYZV42kDQHO6vamnfTC8Sscp48pX_Vp6qgxFI5rgVUDwlNj7c3GCfQsWaLDNKIduaRpVNxp275hvBRsH-3HWpuaLChvoS3XQgi9oNpmCWGpGOniVZVc/s1600/2012-07-03_160356.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="104" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPXCJw5h_AbBCj4R6LxIk0rV5DjZYZV42kDQHO6vamnfTC8Sscp48pX_Vp6qgxFI5rgVUDwlNj7c3GCfQsWaLDNKIduaRpVNxp275hvBRsH-3HWpuaLChvoS3XQgi9oNpmCWGpGOniVZVc/s640/2012-07-03_160356.jpg" width="640" /></a></div>
<div>
<ul>
<li><b>In the animation page, Click on "Start Setup" (bottom right):</b></li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmT_xHXqVFIHz4tn2t-NmFawthwoaFANSywEVuUNAr6fLMwiwpHjiSsiuGl2Ei2P6XKMcB2F7KvVhRyoWfyDiRVJUcpFxU1b3gJnvMIzkJqzYUzFYTcq64AED_KxzyTUYFlxyR7AcZF138/s1600/2012-07-03_162757.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmT_xHXqVFIHz4tn2t-NmFawthwoaFANSywEVuUNAr6fLMwiwpHjiSsiuGl2Ei2P6XKMcB2F7KvVhRyoWfyDiRVJUcpFxU1b3gJnvMIzkJqzYUzFYTcq64AED_KxzyTUYFlxyR7AcZF138/s1600/2012-07-03_162757.jpg" /></a></div>
<div>
<ul>
<li><b>Enter your (real) phone number and select Text message for the way to transmit you the activation code and submit:</b></li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh4LhKoBDQ0sTbVkYEa7xtaSy7SGS0_VrOlR22ctOWcpRVBGWilsCf5LKdbGd6qSk2eUEBrWNr6-5wjDTbqBGWtl2Nxsq28LNybCG7Tfvffa9Jc-3MP2vZvrExTEGcsPw83wVezfaifsw0K/s1600/2012-07-03_163324.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="356" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh4LhKoBDQ0sTbVkYEa7xtaSy7SGS0_VrOlR22ctOWcpRVBGWilsCf5LKdbGd6qSk2eUEBrWNr6-5wjDTbqBGWtl2Nxsq28LNybCG7Tfvffa9Jc-3MP2vZvrExTEGcsPw83wVezfaifsw0K/s640/2012-07-03_163324.jpg" width="640" /></a></div>
<div>
<br /></div>
<div>
<ul>
<li><b>You will receive a text message from Google, Enter the received code:</b></li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhtxjw0q6gqvNoWUsAAD0ccNxXrTd-LchlsWkCNBhJThSUuAtg10LnrMg1-xSsQRINqE-DmonlnpPVYtGEuPpg77ZHbWTkktr0kZY2G8pIkuNKzRdNKDV8OJdf12mRCf0aHg-9PPn0njsxj/s1600/2012-07-03_163911.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="228" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhtxjw0q6gqvNoWUsAAD0ccNxXrTd-LchlsWkCNBhJThSUuAtg10LnrMg1-xSsQRINqE-DmonlnpPVYtGEuPpg77ZHbWTkktr0kZY2G8pIkuNKzRdNKDV8OJdf12mRCf0aHg-9PPn0njsxj/s640/2012-07-03_163911.jpg" width="640" /></a></div>
<div>
<ul>
<li><b>Select if you want or not trust the computer you are connected to for 30 days:</b></li>
</ul>
<span style="background-color: white;">If you are on your personal computer you can activate this to avoid having to </span><span style="background-color: white;">systematically submit your verification code using Google Authenticator.</span></div>
<div>
<span style="background-color: white;"><br /></span></div>
<div>
<span style="background-color: white;">If you are a non private computer, don't activate this this is not a computer you can trust !</span></div>
<div>
<span style="background-color: white;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0xk52uxYQdgc78tBYwAZRssTkKnUhG-feXUCzGYpWMjk9BoI13roXwBw_0cRXLm1yd-hh3SjE8BWWpRbOvDi0gu6uCl5SWjYFqU1c8xI57FHX4P3qjAfPAsE2pLlK7Ox288sdHdZ_ALOO/s1600/2012-07-03_164433.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="291" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0xk52uxYQdgc78tBYwAZRssTkKnUhG-feXUCzGYpWMjk9BoI13roXwBw_0cRXLm1yd-hh3SjE8BWWpRbOvDi0gu6uCl5SWjYFqU1c8xI57FHX4P3qjAfPAsE2pLlK7Ox288sdHdZ_ALOO/s640/2012-07-03_164433.jpg" width="640" /></a></div>
<div>
<span style="background-color: white;"> </span><span style="background-color: white;"> </span></div>
</div>
</div>
</div>
</div>
<div>
<br />
<ul>
<li><b>Confirm to activate:</b></li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiA62YWq4ShDbWwaPthZFQIGdRZ27s12wkXhHfBrQ0j43EHic28h9vA4o5QThhcnoHvP_80IT8HMcOsIdRl-tjKgkBJdtDfRG6HXrM8bmSd1cyCmh7HUoHTjsUz1RfttGZcLkOJOTElx-_/s1600/2012-07-03_164625.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="388" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiA62YWq4ShDbWwaPthZFQIGdRZ27s12wkXhHfBrQ0j43EHic28h9vA4o5QThhcnoHvP_80IT8HMcOsIdRl-tjKgkBJdtDfRG6HXrM8bmSd1cyCmh7HUoHTjsUz1RfttGZcLkOJOTElx-_/s640/2012-07-03_164625.jpg" width="640" /></a></div>
<div>
<br /></div>
</div>
<div>
<br />
<ul>
<li><b>In the new page, Sign in (you do not yet need to provide a verification code because not things are not yet over ^^), the following page will open :</b></li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5hYr0eGDqC2JMWiY1ktfxdkTsOPysd7gT2Rluihat-SUHReQtY9H1pmlCAb4UoY4cdUnuJRL-ZivOO1mVb34oHm78rtbg3hjWXSzaMISi0fCrja_MBlgIeDp614lpiNYcyFPfspTOxX8Q/s1600/2012-07-03_164930.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="324" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5hYr0eGDqC2JMWiY1ktfxdkTsOPysd7gT2Rluihat-SUHReQtY9H1pmlCAb4UoY4cdUnuJRL-ZivOO1mVb34oHm78rtbg3hjWXSzaMISi0fCrja_MBlgIeDp614lpiNYcyFPfspTOxX8Q/s640/2012-07-03_164930.jpg" width="640" /></a></div>
<div>
<br /></div>
<div>
<ul>
<li><b>Answer "Do this later", we will take care of that a small bit later</b></li>
</ul>
</div>
<div>
<ul>
<li><b>VERY IMPORTANT: Print your backup code in case of loose of your Phone !!!</b></li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi88uTWQ-A6xNM99fCujwvp_uKzJAh62GyF5uW34VAfeGecRnAnP-fe8HnHXvNuw0LBAe9W64GrkLUsJPvyajvKGT9ZXumWd9mAoln0I1IwCLIO3SlH1B3y8QAkXuxdOktT2P04Neuv-kCp/s1600/2012-07-03_165250.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="117" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi88uTWQ-A6xNM99fCujwvp_uKzJAh62GyF5uW34VAfeGecRnAnP-fe8HnHXvNuw0LBAe9W64GrkLUsJPvyajvKGT9ZXumWd9mAoln0I1IwCLIO3SlH1B3y8QAkXuxdOktT2P04Neuv-kCp/s640/2012-07-03_165250.jpg" width="640" /></a></div>
<div>
<br /></div>
</div>
<div>
Print the code provided by Google and keep it always on you (or at home if you prefer), with this code you will be able to connect to your account and deactivate 2 Steps Authentication if you loose your phone and can't get a new code quickly.</div>
<div>
<br /></div>
<div>
Without this code and without your phone or being able to access to a text message Google could send you if required, you will irremediably loose your account access !!!</div>
<div>
<br /></div>
<div>
<ul>
<li><b>Configure your Phone, click on your smartphone System:</b></li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhyy_ZLaxmBa311V3KwFl7Rcl1WmP01IkhecEup-I0QF-7c6is3I_FOKLJ3WlJMZUR8UFhv5VB80zdupi7g7Wexw6VhjHbZh2nMjvHUAfOek5sMGsMMhdNGeN1tdj8EHfC_5PUm3OSYv2Ia/s1600/2012-07-03_165918.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="38" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhyy_ZLaxmBa311V3KwFl7Rcl1WmP01IkhecEup-I0QF-7c6is3I_FOKLJ3WlJMZUR8UFhv5VB80zdupi7g7Wexw6VhjHbZh2nMjvHUAfOek5sMGsMMhdNGeN1tdj8EHfC_5PUm3OSYv2Ia/s640/2012-07-03_165918.jpg" width="640" /></a></div>
<div>
<br /></div>
</div>
</div>
<div>
<br />
<ul>
<li><b>You will get this page:</b></li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgfZy_pN7g_REhSsPO51pzUWoqCQqNhCd6e3L-U_9vo6kGEx1_uSZW4KpUXMaajEwZnZq9Iq5avX3_OuAAaX23a99N4QAhIX9vfbcqq5F6YXHhJ3dGEJ63qgunA0j4XkeIkSGhAi6-b0r-i/s1600/2012-07-03_170033.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgfZy_pN7g_REhSsPO51pzUWoqCQqNhCd6e3L-U_9vo6kGEx1_uSZW4KpUXMaajEwZnZq9Iq5avX3_OuAAaX23a99N4QAhIX9vfbcqq5F6YXHhJ3dGEJ63qgunA0j4XkeIkSGhAi6-b0r-i/s640/2012-07-03_170033.jpg" width="520" /></a></div>
<div>
<br /></div>
</div>
<div>
<br />
<ul>
<li><b>Take your Phone and install the Google application "Google Authenticator" :</b></li>
</ul>
<div>
With Apple's Iphone:</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinlHaaNz_Fktvcujn49qID6dKvGpyGlARM-zKgSCw4FHZhPwPBX6Saa2qHVBs14CSbQT2tKjvfzi5JKtlGqOJcTc3h8LqHd4zoYVKcx864ECFsqEnJtwUk3ueokfeHMJxs_tRaT-k_DsIf/s1600/photo.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinlHaaNz_Fktvcujn49qID6dKvGpyGlARM-zKgSCw4FHZhPwPBX6Saa2qHVBs14CSbQT2tKjvfzi5JKtlGqOJcTc3h8LqHd4zoYVKcx864ECFsqEnJtwUk3ueokfeHMJxs_tRaT-k_DsIf/s400/photo.PNG" width="266" /></a></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<ul>
<li><b>Open Google Authenticator:</b></li>
</ul>
<div>
<b>NB: </b></div>
<div>
Sorry Screenshots will be in french :)</div>
</div>
<div>
<br /></div>
<div>
As i already had a Google account configured, you will see one at the bottom of the screen.</div>
<div>
As a consequence, you know now that you can have various Google account configured using 2 Steps authentication !</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJLWeZDQtp1BG65xEwhoyGTyA5t1sS8HpDOA1acLQgFb3YxAtaFCOxjpCRc9A7wolPalNl6ASahDNO3VFkaxDp0YJ5KaCDeh8css6ss-jm9e5WjGzNTUoRx57Djeweh2VfH3fOKl-w8-ox/s1600/photo+1.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJLWeZDQtp1BG65xEwhoyGTyA5t1sS8HpDOA1acLQgFb3YxAtaFCOxjpCRc9A7wolPalNl6ASahDNO3VFkaxDp0YJ5KaCDeh8css6ss-jm9e5WjGzNTUoRx57Djeweh2VfH3fOKl-w8-ox/s400/photo+1.PNG" width="266" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
</div>
<div>
<br />
<ul>
<li><b>Select the "plus" sign and then select the option "Read bar code":</b></li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQjKqbb5EsoCPg2fTo3sII3BYg49p5IFRF4RS7M3-WZC7n8k6bAfnwQU-0nYWM8OwoGa_AWQ8L3xyVPNDnf580aTKr2J6DNd-3-QpQt6pM-iQM3-hlpPleGc9dAzYZRdsXf9Ln3HBePnsA/s1600/photo+2.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQjKqbb5EsoCPg2fTo3sII3BYg49p5IFRF4RS7M3-WZC7n8k6bAfnwQU-0nYWM8OwoGa_AWQ8L3xyVPNDnf580aTKr2J6DNd-3-QpQt6pM-iQM3-hlpPleGc9dAzYZRdsXf9Ln3HBePnsA/s400/photo+2.PNG" width="266" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div>
<ul>
<li><b>Use your smartphone camera to get the Bar code, Google Authenticator will detect it and automatically add the associated service in the application !</b></li>
</ul>
<div>
<ul>
<li><b>Last Step, enter the validation code provided by your phone into your web browser and submit, you're done and 2 steps authentication has been activated</b></li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrDd4xYoXkbHaqcLQN7-sj2SxFvKe1e_DzgIz2BxU2uGNxu0KrdrLkLWG8Ghx4DS3kHtL5JaMdww89hyczamDG-LNZFNGvSWiEcxDaXf5clX0aV4QPnWtungEv5eNIIzR4RKFFMKKByZj7/s1600/2012-07-03_173141.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrDd4xYoXkbHaqcLQN7-sj2SxFvKe1e_DzgIz2BxU2uGNxu0KrdrLkLWG8Ghx4DS3kHtL5JaMdww89hyczamDG-LNZFNGvSWiEcxDaXf5clX0aV4QPnWtungEv5eNIIzR4RKFFMKKByZj7/s1600/2012-07-03_173141.jpg" /></a></div>
<div>
<b><br /></b></div>
</div>
<div>
<b><br /></b></div>
<div>
<b style="background-color: white;">Step 2: Sign out and access to your account using 2 steps authentication</b><br />
<b style="background-color: white;"><br /></b></div>
<div>
<b style="background-color: white;">How does it work:</b></div>
</div>
<div>
<br /></div>
<div>
Google Authenticator automaticaly generates a new validation code associated with your account every minute.</div>
<div>
<br /></div>
<div>
<b>When you will sign in in any non trusted computer, you will obligatory have to provide :</b></div>
<div>
<br /></div>
<div>
- Your login name</div>
<div>
- Your account password</div>
<div>
<br /></div>
<div>
And now the Google verification code, it has to be still valid when your enter it in your browser and submit, if not you have to try again using the re-generated code.</div>
<div>
<br /></div>
<div>
As explained before, you also have the possibility to you allow the computer you are connecting with to be associated as a trust computer.</div>
<div>
In other words, if you allow that, there is no validation code required during 30 days and so no 2 steps authentication.</div>
<div>
<br /></div>
<div>
Off course, you should do that only with your own personal computers.</div>
<div>
<ul>
<li><b>Sign in into your account as usual (if not done before, sign out before signing in again)</b></li>
</ul>
<div>
You will get this new Window on any non trusted computer:</div>
</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvm7bygzTIlgiXtsWtzZrIndCfqcwm0nzkh2hU90CQjIr6lilcZ25EosaVEKJ5DAovYTj97j91WMPjCeovDwbHwfST7QJvp5nf2MUKbWUDPfNz1TMMOclDi4zgnP4e4k9yxIilOiR3SMgw/s1600/2012-07-03_173636.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvm7bygzTIlgiXtsWtzZrIndCfqcwm0nzkh2hU90CQjIr6lilcZ25EosaVEKJ5DAovYTj97j91WMPjCeovDwbHwfST7QJvp5nf2MUKbWUDPfNz1TMMOclDi4zgnP4e4k9yxIilOiR3SMgw/s1600/2012-07-03_173636.jpg" /></a></div>
<div>
If you want to trust this computer, tick the box.</div>
<div>
<br /></div>
<div>
In any case, enter the code provided by Google Authenticator and Submit "Verify", if your code is valid then you'll be connected.</div>
<div>
<br /></div>
<div>
You have to this every time you connect from a non trusted computer.</div>
<div>
<br /></div>
<h3>
Step 3: Configure "Applications codes" for additional access to your account</h3>
<div>
Any application that was connecting to your account won't work anymore after you activated the 2 steps authentication.</div>
<div>
<br /></div>
<div>
As far an example, your Apple mail Application will be unable to connect to your account until you configure a specific application code to allow it : Iphone, Chrome synchronization...</div>
<div>
<br /></div>
<div>
<b>It will be the case for any application that automatically connects to your Google account and for any Google service associated with your account.</b></div>
<div>
<br /></div>
<div>
<ul>
<li>Configure a specific Application code for any access needed (you'll do it one time per application that needs an access)</li>
</ul>
<div>
<b>Go back to your account management.</b></div>
</div>
<div>
<br /></div>
<div>
<b>Select "Authorizing applications and sites":</b></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfuPnoLOWOgPSKhR-2-of47X7eCq_U_ikQLGHEV3WZ14wQoKJ6F6UKwwqFCPYyzt8R_1AIJinKpjHCJkg4_09XlUsKjBL1YgEgM9mryasv98pHRDROnl-32dIQDF_Hr6UqODi9lncMCXCq/s1600/2012-07-03_174751.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="308" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfuPnoLOWOgPSKhR-2-of47X7eCq_U_ikQLGHEV3WZ14wQoKJ6F6UKwwqFCPYyzt8R_1AIJinKpjHCJkg4_09XlUsKjBL1YgEgM9mryasv98pHRDROnl-32dIQDF_Hr6UqODi9lncMCXCq/s640/2012-07-03_174751.jpg" width="640" /></a></div>
<div>
<b>On the new page, Choose a description for your Application and click "Generate Password":</b></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhkR1HlCdCprUv1EOiIVLvx_MBg7fkRFoYFABzriVUaMeJocn4I3WPPy6gA6pltccR8QJAgPQymy-Fne1xeUeZp3Ef88i1ziBxZp-lkWOIa08K7DI0jOjBI702taEL7HXWcDJUPX3obL0oZ/s1600/2012-07-03_175607.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="136" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhkR1HlCdCprUv1EOiIVLvx_MBg7fkRFoYFABzriVUaMeJocn4I3WPPy6gA6pltccR8QJAgPQymy-Fne1xeUeZp3Ef88i1ziBxZp-lkWOIa08K7DI0jOjBI702taEL7HXWcDJUPX3obL0oZ/s640/2012-07-03_175607.jpg" width="640" /></a></div>
<div>
<br /></div>
<div>
<b>You will get a dedicated password for you application:</b></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5b5wyInazNg9ARcW0rwC3OEkntbAg66fnaDnXpQ9eR5L1w-v-8cYR0MDB2UEuXVgwTfeQyXRcGvch0EiaNlQvSct4L1YMS_nv5do6_wRO_kqWwroH_0v1LClTwyQE-BfNPO2aRFFqIhRN/s1600/2012-07-03_175836.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="342" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5b5wyInazNg9ARcW0rwC3OEkntbAg66fnaDnXpQ9eR5L1w-v-8cYR0MDB2UEuXVgwTfeQyXRcGvch0EiaNlQvSct4L1YMS_nv5do6_wRO_kqWwroH_0v1LClTwyQE-BfNPO2aRFFqIhRN/s640/2012-07-03_175836.jpg" width="640" /></a></div>
<div>
<br /></div>
<div>
And then simply configure your application (in the example your gmail account configuration in your Iphone) and use this password instead of your account password, and you're done !</div>
<div>
<br /></div>
<div>
Repeat this operation for any application that needs access to your account.</div>
<div>
<br />
<br />
<h3>
Conclusion:</h3>
<div>
You're done, your Google account access is now much more secured than simply using a standard password mechanism protection.</div>
<div>
<br /></div>
<div>
It happens very often that well known Internet companies are hacked and password databases stolen, if you have the bad idea to use the same password (or even same syntax) it is not really difficult to associate it with your Google account and gain access to it...</div>
<div>
<br /></div>
<div>
With strong Authentication as Google provides, things are much more complicated, hacking your account won't be easy anyway!</div>
<div>
<br /></div>
<div>
As a conclusion, with constant development of Clouds services like Google Drive, a such security mechanism becomes necessary and something you really have to consider if you are interested in protecting your data. </div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<br />
<br />
<br />
<br />
<br />
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
</div>
Anonymoushttp://www.blogger.com/profile/11207934187692801099noreply@blogger.com2