Archive

Posts Tagged ‘Toolbox’

Using Vyatta as firewall in ESX/ESXi for Private network simulation, routing, firewalls, DHCP and identifying port requirements

February 18th, 2011 No comments

VMware is an amazing tool for emulating physical Firewalls, Routers, DHCP servers. It is especially useful for helping identify port requirements of various applications and tools.
Quite often, as a consultant, people ask you to implement some new product and expect you to provide all port requirements for the product, so that relevant firewall rules etc can be created – but they won’t allow you to drop anything like Wireshark on their live network.

My normal solution is to create my own ‘Private’ network on an ESX host (which could be your mobile lab)
This allows me to isolate traffic behind an ‘appliance’ firewall / router and if I like, drop a VM on that private network, to do port capture etc.

Of course, this is also a great tool for simulating routing / firewalls in your home lab, providing DHCP and so on.

In the following example, I’ll use Vyatta to build a Private network and then do some port monitoring.
Read more…

Categories: Toolbox, VMWare Tags: ,

Copying VMware Network config / Port Groups

February 7th, 2011 No comments

How often do you need to duplicate the port group config from one ESX host to another – easy if you can use Host Profiles . . but maybe you are not licensed for it?

I found a great (FREE . . the best type) tool for this:

http://www.vladan.fr/itq-vlan-and-portgroup-manager-free-utility/

The author is Flores Eken from ITQ Consultancy in the Netherlands. He is a VMware SDK programmer. He wrote this application in C# based on the new ESX3.x /VC2.x SDK, but it works in ESX 4

you can download it at :

http://www.run-virtual.com/files/ITQ-VI-Setup.msi

Categories: VMWare Tags: , ,

Useful websites . . searching for Microsoft / Mac / Linux / BSD related results

February 1st, 2011 No comments

As a techie . . I heavily rely on google for answers to questions that relate to various IT systems (seeing as most people know more than me)

Well, the majority of my queries are related to Windows / Microsoft and supporting tools.

some of you may know this (and some of you may not), but Google has actually built a tool just for techies like us.

If you browse to http://www.google.com/microsoft.html you’ll be able to run a search that only queries websites that are specifically related to Microsoft support etc.

but this is not all . .there are a few others..

Apple Macintoshwww.google.com/mac Search for Mac & Apple things
BSDwww.google.com/bsd Search for the BSD operating systems
Linuxwww.google.com/linux Search for the Linux operating system
Microsoftwww.google.com/microsoft Search Microsoft-related pages
U.S. Government and state governmentswww.google.com/unclesam Search .gov, .mil and state sites
Universitieswww.google.com/options/universities.html Narrow your search to a specific institution’s website

Definitely worth a look (methinks)

Categories: Toolbox Tags: , ,

Script of the day – writing to a cell in Excel

January 31st, 2011 No comments

Ever needed to inject info to a cell in an Excel spreadsheet – repeatedly . . . you can do so from Powershell . . like so:

Function write-excel ($ExcelFile, $WorkSheet, $Column, $Row, $Value)
{
<#
	.SYNOPSIS
	 Write value(s) to Excel cells
	.DESCRIPTION
	 No return - Updates an Excel Cell
	.PARAMETER
		e.g. Specify the requested parameter, if not specified this will be prompted
	.EXAMPLE
		PS C:\> write-excel $ExcelFile $WorkSheet $Column $Row $Value
#>
	$File = (ls $ExcelFile).FullName
	# Open Excel
	$Excel = New-Object -Com Excel.Application

	# Prevent Overwrite and Macro Prompt
	$Excel.displayalerts=$False

	# Open Template File

	$WorkBook = $Excel.Workbooks.Open($File)
	$WorkSheet = $WorkBook.Worksheets.Item("$WorkSheet")
	$Worksheet.Cells.Item($Row,$Column) = $Value

	# Setting All Variables to Null

	$WorkBook.SaveAs($ExcelFile,1)
	$Excel.Quit()
 	$WorkBook = $Null
	$WorkSheet = $Null
	$Excel = $Null

	# Releasing Object Wrapper

	[GC]::Collect()
}

Importing a VM from VM Workstation to ESX / ESXi

January 28th, 2011 No comments

Importing and exporting virtual machine from a VMWare ESX Server host requires converting that virtual machine’s .vmdk file(s) from one format to another.
Although the underlying technologies work the same, the formatting of the VMDKs differ.

You have 2 options:
1) If you have a running copy of workstation, simply use VMware Converter as you would for any normal conversion, treating the VM as you normally would a physical host in a P2V
2) If you have no working Workstation, you can clone / convert the vmdk at the command line – as I have a fully ESXi lab to play in, I don’t have Workstation running on any machines in my office – as such, when IBM recently supplied a VM for a demo . . that had been created on VM workstation, I had to import it. I used the following process.

Firstly, get hold of an SSH tool ( I use putty)

Next, open a connection to any host that has the storage containing the vmdk presented

In ESX / ESXi, this will be in /vmfs/volumes/<datastorename>

Note: the destination path /dest/folder/vmserver1.vmdk should not contain any existing files with the name ‘vmserver1.vmdk’. If it does the file will be overwritten.

Importing Virtual Disks from GSX Server and Workstation to ESX Server

Before an ESX Server can run a virtual machine created on a different version of VMWare, the virtual disks must first be converted to a format that can be read by the VMFS file system. This is done by running the following vmkfstools command:

vmkfstools -i <folder>/<filename>.vmdk <vmhba number>:<filename>.dsk

<folder> is the name of the folder from which you are importing from

<filename> is the name of the virtual machine file(s) to be imported

<vmhba number> is the name of the VMFS partition you are importing to

An example of a complete command would be:

vmkfstools -i /vmfs/volumes/CLRLAB001T1/vmserver1.vmdk /vmfs/volumes/CLRLAB001T1/vmserver1_new.vmdk

Additional information regarding the vmkfstools command can be found in the ESX Server documentation.

Categories: Toolbox, VMWare Tags: , ,

Powershell – Script of the Day – Menu-Plus

January 27th, 2011 No comments

Yesterday, we created a simple Powershell menu

http://www.get-virtual.info/2011/01/26/script-of-the-day-powershell-menu-select-list/

Today’s script is a feeder for the menu, that allows you use any filed of an object as your menu source and return a different field of it as your return value.

For Example:
the following query will give you a list of the filenames in the current directory, once you select an item, it will return that ‘LastWriteTime’ of that file. – Simple

PS:8 &amp;gt;menu-plus -object (gci) -displayfield &quot;name&quot; -menuTitle Please select a file -returnfield &quot;LastWriteTime&quot;
Function menu-plus ($object, $displayfield, $menuTitle, $returnfield)

{
&amp;lt;#
.SYNOPSIS
Feeder object to Menu Function to Enable return of different field in Object

.DESCRIPTION
Requires:Menu Function
Creates a menu that allows return of a different object field.

.PARAMETER
$object - the array that we're sselecting from
$Displayfield : Name of the field that will be displayed for selection
$MenuTitle : The prompt to included at top of menu
$Returnfield : Field to be returned - defauilts to all fields

.EXAMPLE

PS: &amp;gt;$a = gci
PS: &amp;gt;$b=menu-plus -object $a -displayfield &quot;name&quot; -menuTitle Please select a file -returnfield &quot;LastWriteTime&quot;
¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦
¦ Please select a file ¦
¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦
CDB

Compare
Decom
edit-table
temp.csv
PS:87 &amp;gt;$b.LastWriteTime
25 March 2010 15:20:53
#&amp;gt;
$menulist = @()
ForEach ($item in $object){$menulist += $item.$displayfield}
$returnval = menu $menulist $menuTitle $returnfield
$output = $object | where {$_.$displayfield -eq $returnval} | Select $returnfield
return $output
}

Script of the Day – Powershell Menu Select list

January 26th, 2011 No comments

Sometimes you’d like to prompt a user to select an option from a list in Powershell . .

try this:


Function menu
{
&lt;#
	.SYNOPSIS
	 Generate a small &quot;DOS-like&quot; menu.
	.DESCRIPTION
	  Allows you to pick  a menuitem using up and down arrows, select by pressing ENTER
  	.PARAMETER
		e.g. Specify the requested parameter, if not specified this will be prompted
	.EXAMPLE
		C:\&gt; $Options = &quot;Option1&quot;, &quot;Option2&quot;, &quot;Option3&quot;, &quot;Option4&quot;, &quot;Option5&quot;
		C:\&gt; $selection = Menu $Options &quot;Please select an Option?&quot;

		****************************
		* Please select an Option? *
		****************************

		Option1
		Option2
		Option3
		Option4
		Option5

		write-host $selection
		Option1

#&gt;
    param ([array]$menuItems, $menuTitle = &quot;MENU&quot;, [switch]$quit)
    $vkeycode = 0
    $pos = 0
	If ($quit){$menuItems += &quot;Quit&quot;}
    DrawMenu $menuItems $pos $menuTitle
    While ($vkeycode -ne 13) {
        $press = $host.ui.rawui.readkey(&quot;NoEcho,IncludeKeyDown&quot;)
        $vkeycode = $press.virtualkeycode
        Write-host &quot;$($press.character)&quot; -NoNewLine
        If ($vkeycode -eq 38) {$pos--}
        If ($vkeycode -eq 40) {$pos++}
        if ($pos -lt 0) {$pos = 0}
        if ($pos -ge $menuItems.length) {$pos = $menuItems.length -1}
        DrawMenu $menuItems $pos $menuTitl
    }
	If ($($menuItems[$pos]) -eq 'Quit'){return}
	Else
	{Write-Output $($menuItems[$pos])}
}



function DrawMenu {
    ## supportfunction to the Menu function above
    param ($menuItems, $menuPosition, $menutitle)
    $fcolor = $host.UI.RawUI.ForegroundColor
    $bcolor = $host.UI.RawUI.BackgroundColor
    $l = $menuItems.length + 1
    cls
    $menuwidth = $menutitle.length + 4
    Write-Host &quot;`t&quot; -NoNewLine
    Write-Host (&quot;#&quot; * $menuwidth) -fore $fcolor -back $bcolor
    Write-Host &quot;`t&quot; -NoNewLine
    Write-Host &quot;# $menutitle #&quot; -fore $fcolor -back $bcolor
    Write-Host &quot;`t&quot; -NoNewLine
    Write-Host (&quot;#&quot; * $menuwidth) -fore $fcolor -back $bcolor
    Write-Host &quot;&quot;
    Write-debug &quot;L: $l MenuItems: $menuItems MenuPosition: $menuposition&quot;
    for ($i = 0; $i -le $l;$i++) {
        Write-Host &quot;`t&quot; -NoNewLine
        if ($i -eq $menuPosition) {
            Write-Host &quot;$($menuItems[$i])&quot; -fore $bcolor -back $fcolor
        } else {
            Write-Host &quot;$($menuItems[$i])&quot; -fore $fcolor -back $bcolor
        }
    }
}

Extending a Windows C:\ Dell EXTPart

January 26th, 2011 No comments

I get many requests to extend the C:\ (or any other drive)
Most times these are for VMs – so it is pretty easy right? Extend the amount of disk allocated to the virtual machine, then extend in Computer Management – or using diskpart?

Well this does not always work – see, Windows does not really like you messing with system drive.

Well, Dell have come up with a brilliant tool called EXTPart
http://support.dell.com/support/downloads/download.aspx?c=us&cs=19&l=en&s=dhs&releaseid=R64398&formatcnt=2&fileid=83929

All you need to do now is provision the extra space to the VM, then run the tool at the command line and follow the wizard:

C:\>extpart.exe
ExtPart - Utility to extend basic disks (Build 1.0.4)
(c) Dell Computer Corporation 2003

Volume to extend (drive letter or mount point): c:
Current volume size : 66285 MB (69504860160 bytes)
Current partition size : 76285 MB (79990815744 bytes)
Size to expand the volume (MB): 76285

that’s it – job done . . zero downtime (watch out of course . . this works differently if you have a clustered disk to extend – see:  http://www.get-virtual.info/2011/01/25/replacing-clustered-storage-for-a-sql-cluster-emc-ce-ms-clustering/ )

Categories: Toolbox Tags: , , , ,

Powershell – function to Query a SQL database

January 21st, 2011 2 comments

# Today’s quick and easy function is a simple one that I regularly use to query a SQL database.

It will return an object containing the result of your query – so makes SQL access very simply from Powershell

Function QuickQuery-SQL {
## Performs a T-SQL query against an SQL 2000/2005/2008
## with the result returned as as a PowerShell object.
## QuickQuery-SQL "server" "database" "t-sql query"
##Usage:
## Find NodeID from FindIt DB
## $output = QuickQuery-SQL "MySqlServername" "MyDatabase" "SELECT * FROM MyTable WHERE name = 'MySearchValue'"
Param ($server = "MyServer\MyInstance",
$database = "master",
$query = "SELECT * FROM sysdatabases",
$connectionName = "PS QuickQuery SQL",
$commandTimeout = 15)
$conn =new-object ('System.Data.SqlClient.SqlConnection')
$connString = "Server=$server;Integrated Security=SSPI;Database=$database;Application Name=$connectionName"
$conn.ConnectionString = $connString
Write-Debug ("Function: Query-SQL: $server $database")
if (test-path variable:\conn) {
$conn.close()
} else {
$conn =new-object ('System.Data.SqlClient.SqlConnection')
}
$conn.Open()
$sqlCmd =New-Object System.Data.SqlClient.SqlCommand
$sqlCmd.CommandTimeout = $CommandTimeout
$sqlCmd.CommandText = $query
$sqlCmd.Connection = $conn
$data = $sqlCmd.ExecuteReader()
while ($data.read() -eq $true) {
$max = $data.FieldCount -1
$obj =New-Object Object
For ($i = 0; $i -le $max; $i++) {
$name = $data.GetName($i)
if ($name.length -eq 0) {
$name = "field$i"
}
$obj |Add-Member Noteproperty $name -value $data.GetValue($i) -Force
}
$obj
}
$conn.close()
$conn = $null
}

Authenticating through a proxy when the app has no option to do so

January 20th, 2011 1 comment

Sometimes, you work in an environment where all web queries run through a proxy server and the proxy requires authentication . .

Then sometimes, you use apps that need to access the web . . and they don’t have a method of inputting Username and Password for Web connections.

The easy way to fix this is with a Squid Proxy (effectively, run a proxy server locally . . that authenticates to your web proxy)

(I have since creating this post also posted an alternative solution at http://www.get-virtual.info/2011/11/16/authenticating-to-your-proxy-when-your-application-does-not-have-the-ability-option-2/ )
All you need to do is use the following configuration settings:

# Listen only local interface rc:
http_port 127.0.0.1:3128

# Parent proxy (192.168.1.253:8080) and Authentication settings
cache_peer 192.168.1.253 parent 8080 0 no-query default login=User:Passwd

# No direct access
never_direct allow all

Of course, you may not have a Linux box available for you to run a Squid proxy . . Squid can compile and run on Windows as a system service using the Cygwin emulation environment

Alternatively and more easily, get a compiled version of Squid for Windows like : www.reaper-x.com/2006/07/18/complete-guide-on-installing-and-configuring-squid-proxy-server-for-windows/

Here’s a quick how to:

  1. Download the latest package from the above link
  2. Extract it (I extracted to c:squid for my example)
  3. Rename *.conf.default to *.conf for all files in c:squidetc
  4. Open the file squid.conf (Notepad / VI or whatever you favour)
  5. Amend the file as above – Save and exit . . .or use the file below if you’re battling and just replace the username / password, IP addresses and DNS servers

If you are battling, you could use the following file and simply edit the row starting with dns_nameservers
and the row starting with cache_peer

6. Now from a dos box, just run the following commands:
mkdir c:\squid\var\cache
c:\squid\sbin\squid -D

(this will start the Squid and ignore the DNS check it normally does at startup)

7. At this point your squid server is running. You should be able to point the proxy server for any app at 127.0.0.1:3128 and the authentication will be handled by the squid proxy. As a test I user the “Android SDK and AVD manager” which only allows specifying of Proxy, but not of credentials . . and all downloads ran properly.

Sample File

# [START - Copy from after this]
# HTTP Port (in this tutorial squid will run on localhost at port 3128)
http_port 127.0.0.1:3128
# ICP Port and HTCP Port (we’ll disable this since we are not going to use it)
icp_port 0
htcp_port 0
# Cache Peer (we’ll forward all request into parent proxy)
cache_peer 192.168.1.1 parent 8080 0 no-query default login=username:password #amend these . .the IP is the Proxy, and Username and Password need replacing.
# Cache directory (in this example i was using 30 MB space to store squid cache)
# cache_dir awin32 c:/squid/var/cache 3000 16 256
# access_log
access_log c:/squid/var/logs/access.log squid
# cache_log
cache_log c:/squid/var/logs/cache.log
# cache_store_log
cache_store_log none
# mime_table
mime_table c:/squid/etc/mime.conf
# pid_filename
pid_filename c:/squid/var/logs/squid.pid
# unlinkd_program
unlinkd_program c:/squid/libexec/unlinkd.exe
# refresh_pattern (you can configure this as you like it, to get more hits from a website)
# note: if you change this parameter "refresh_pattern . 1 100% 20160 reload-into-ims ignore-reload” into something else for
# example like "refresh_pattern . 10 100% 20160 reload-into-ims ignore-reload”
# there’ll be some error on some page (Gamefaqs.com for an example) because the page didnt reload correctly after login into Gamefaqs
refresh_pattern ^http://.*.gif$ 1440 50% 20160 reload-into-ims
refresh_pattern ^http://.*.asis$ 1440 50% 20160
refresh_pattern -i .png$ 10080 150% 40320 reload-into-ims
refresh_pattern -i .jpg$ 10080 150% 40320 reload-into-ims
refresh_pattern -i .bmp$ 10080 150% 40320 reload-into-ims
refresh_pattern -i .gif$ 10080 300% 40320 reload-into-ims
refresh_pattern -i .ico$ 10080 300% 40320 reload-into-ims
refresh_pattern -i .swf$ 10080 300% 40320 reload-into-ims
refresh_pattern -i .flv$ 10080 300% 40320 reload-into-ims
refresh_pattern -i .rar$ 10080 150% 40320
refresh_pattern -i .ram$ 10080 150% 40320
refresh_pattern -i .txt$ 1440 100% 20160 reload-into-ims override-lastmod
refresh_pattern -i .css$ 1440 60% 20160
refresh_pattern ^http:// 1 100% 20160 reload-into-ims ignore-reload
refresh_pattern ^ftp:// 240 50% 20160
refresh_pattern ^gopher:// 240 40% 20160
refresh_pattern /cgi-bin/ 0 0% 30
refresh_pattern . 0 100% 20160 reload-into-ims
# Deny requests to unknown ports
# http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
# http_access deny CONNECT !SSL_ports
# Block access to Malware & ads farm site
# Insert your own rule here by using
# acl blablabla url_regex -i "path to file”
# or
# acl blablabla url_regex "path to file”
acl all src 0.0.0.0/0.0.0.0
http_access allow all
# http_access deny all
cache_mgr Reaper-X
httpd_suppress_version_string on
visible_hostname Reaper
via off
forwarded_for off
log_icp_queries off
client_db off
never_direct allow all
#Some anonymizing
header_access From deny all
#there’s some website which use referer check
#so its better to disable this
#header_access Referer deny all
header_access WWW-Authenticate deny all
header_access Link deny all
header_access Warning deny all
header_access Via deny all
header_access User-Agent deny all
header_access Proxy-Connection deny all
header_access X-Forwarded-For deny all
dns_nameservers 192.168.1.2

#[END – Copy to before here]

What we are doing here in effect is running the Squid proxy as a local proxy, that has the authnetication to your Network Proxy already configured. the squid.conf contains the username and passwpord and any request sent from your cliebt via the squid proxy thus has the request redirected and processed using an authenticated connection.

The added bonus of course is that you can set your local squid proxy to cache your web requests, thus in theory having your own local cahing proxy that never requires manual authentication.

Interestingly, if you are normally prompted for authentication when you access your work proxt, you should now stop seeing the prompt, as you dekstop / laptop will never communicate directly with the proxy anymore (unless of course you tell it to)

Happy Days

Categories: Toolbox Tags: , , ,