Author Archives: Tom

Data download and Nagios Plugin for MyBasis

Update: myBasis have changed their API, breaking the scripts below.
– January 2014

Tested and being used on Debian Wheezy. Script download

These scripts will retrieve your biometric data from MyBasis for the last hour. The results can be checked from a Nagios host file, using the downloaded plugin.

First you must find your BasisID, and set the ‘uid‘ value in get_basis_data.py

Execute the script ‘get_basis_data.py‘ from crontab, setting it to run no more frequently than every 15 minutes (Basis data is uploaded once every 15 minutes, at best). It is recommended to run the script in crontab as user nobody.
Basis data is now written to several files in /tmp

The file nagios_plugins/usr/lib/nagios/plugins/check_basis should be copied to directory: /usr/lib/nagios/plugins/ on the Nagios Server, and permission set to 0755 (-rwxr-xr-x).

The file nagios_plugins/etc/nagios-plugins/config/basis.cfg should be copied to directory: /etc/nagios-plugins/config/ on the Nagios Server.

The commands check_basis and check_basis_body may be called from a standard Nagios Host configuration file. Example:
define service{
use generic-service
host_name tom
service_description Check max heartrate
check_command check_basis!hr!max!110!130
}

Substitude ‘hr‘ for ‘gsr‘, ‘air_temp‘ or ‘skin_temp‘. ‘max‘ may be replaced with ‘min‘. The other two values set the warning and critical thresholds.

The other command ‘check_basis_body‘ takes no parameters and is only informative.

You can now be monitored by your NMS!

Nagios - MyBasis

Generate White Noise using Raspberry Pi

As an alternative to listening to unwanted background noise or uncomfortable silence, create white noise with the Raspberry Pi.

Using Raspbian (other distros may vary):
apt-get install sox

Create your shell script:
#!/bin/bash

len='7:00:00'
export AUDIODRIVER=alsa
export AUDIODEV=hw:0,0
play -t sl - synth $len pinknoise band -n 1200 200 tremolo 20 .1 < /dev/zero

(adapted from the unreasonable man)

Backport of Aircrack-ng for Debian Wheezy

I have created a backport of aircrack-ng based on the version in Jessie/Testing. This may be installed with the command:
dpkg -i aircrack-ng_1.1-6~bpo70+1_amd64.deb
(remove the package with command: dpkg -r aircrack-ng)
download here

This package is now available in Debian wheezy-backports.

Back in March 2012 I built the latest svn version from source, available here.
I have included the necessary scripts and binary files in the ‘bin/’ directory. Copy these to somewhere like: /usr/local/sbin/

ipt_ROUTE Netfilter module ported to Linux 2.6.31

The ipt_ROUTE module became depreciated in an earlier version of Linux 2.6 – however I needed it so ported it to Linux Kernel version 2.6.31.

Disclaimer: wherever possible iproute2 should be used to achieve the desired effect.

The sources include the Kernel module and extensions to iptables.

This module and iptables extension create a new target which may be used on the mangle table.
Target usage: -j ROUTE <option>
options:
--oif ifname - Route packet through `ifname' network interface
--iif ifname - Change packet's incoming interface to `ifname'
--gw ip - Route packet via this gateway `ip'
--continue - Route packet and continue traversing the rules. (Not valid with --iif or --tee)
--tee - Duplicate packet and route the duplicate, continue traversing the original packet. (Not valid with --iif or --continue)

I have tested the ported module on the PREROUTING and INPUT chains of the mangle table.

I use this module to route packets that have a destination IP address which matches a local IP address, out of an ethernet interface (using --oif option). These packets would normally be directed to the local system.

OpenVPN – IPv6 with tun device

Note: IPv6 is not supported using OpenVPN on Debian Squeeze (stable). The version used by Debian Wheezy (testing) supports IPv6.

Network setup:
- 192.168.1.0/24 - Local IPv4 network
- 2001:412:abcd::/48 - Local IPv6 network
- 192.168.2.0/24 - Tunnel IPv4 network
- 2001:412:abcd:2::/64 - Tunnel IPv6 network

I have included only the sections of config files which need ammending to enable IPv6 over OpenVPN.

Client Config
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
dev tun
# enable ipv6
tun-ipv6

Server Config
# "dev tun" will create a routed IP tunnel,
# "dev tap" will create an ethernet tunnel.
# Use "dev tap0" if you are ethernet bridging
# and have precreated a tap0 virtual interface
# and bridged it with your ethernet interface.
# If you want to control access policies
# over the VPN, you must create firewall
# rules for the the TUN/TAP interface.
# On non-Windows systems, you can give
# an explicit unit number, such as tun0.
# On Windows, use "dev-node" for this.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
dev tun0
# Enable TUN IPv6 module
tun-ipv6

# Configure server mode and supply a VPN subnet
# for OpenVPN to draw client addresses from.
# The server will take 10.8.0.1 for itself,
# the rest will be made available to clients.
# Each client will be able to reach the server
# on 10.8.0.1. Comment this line out if you are
# ethernet bridging. See the man page for more info.
server 192.168.2.0 255.255.255.0
server-ipv6 2001:412:abcd:2::/64

# Push routes to the client to allow it
# to reach other private subnets behind
# the server. Remember that these
# private subnets will also need
# to know to route the OpenVPN client
# address pool (10.8.0.0/255.255.255.0)
# back to the OpenVPN server.
push "route 192.168.1.0 255.255.255.0"
push "route-ipv6 2001:412:abcd::/48

# If enabled, this directive will configure
# all clients to redirect their default
# network gateway through the VPN, causing
# all IP traffic such as web browsing and
# and DNS lookups to go through the VPN
# (The OpenVPN server machine may need to NAT
# or bridge the TUN/TAP interface to the internet
# in order for this to work properly).
;push "redirect-gateway def1 bypass-dhcp"

# Enable to make openvpn the default route for ipv6 connectivity?
;push "route-ipv6 2000::/3"