Suricata 6.0.1-dev with PF_RING on Ubuntu 18.04

Installing Suricata 6.0.1-dev with pf_ring on Ubuntu 18.04 Get ntop package management: sudo apt-get install software-properties-common wget sudo add-apt-repository universe wget http://apt-stable.ntop.org/18.04/all/apt-ntop-stable.deb sudo apt install ./apt-ntop-stable.deb Install PFRing-DKMS: sudo apt-get install pfring-dkms Note the GIT version and/or release specified, we will need to build those libraries. Install dependencies: sudo apt-get install build-essential bison flex linux-headers-$(uname…

R8168 over R8169

Now compile the code. This may fail if you don’t have kernel headers and other standard features of a build environment: make clean make modules make install Make sure modprobe knows not to use r8169, and that depmod doesn’t find the r8169 module: echo -e “\nblacklist r8169\n” >> /etc/modprobe.d/blacklist mv /lib/modules/$(uname -r)/kernel/drivers/net/r8169.ko{,.bak} Let the OS…

Gitlab Omnibus Migration

Using Ubuntu 18.04 via a Vagrant Virtualbox VM I migrated a back up from my VPS to a VM at home. This document was made using the guide available at: https://docs.gitlab.com/ee/raketasks/backup_restore.html#restore-for-omnibus-gitlab-installations In old VM:Backup Gitlab Environment (12.1 and earlier): sudo gitlab-rake gitlab:backup:create Backup Gitlab Environment (12.2 and later): sudo gitlab-backup create In your new VM:Create…

CGroups and net_cls to assign specific IPTables rules

This one was a quick and dirty that I will do better with soon. This will take a kernel that is nearing the 4.5 version capabilities. First modprobe: modprobe cls_cgroup Then create a CGroup for your “task”: mkdir /sys/fs/cgroup/net_cls/mytask Then give it a classid: echo 0x100001 > /sys/fs/cgroup/net_cls/mytask/net_cls.classid Now you can assign PIDs to the…