Category Archives: Uncategorized

Exchange 2013 default event log levels

Identity EventLevel
——– ———-
EX02\MSExchange ActiveSync\Requests Lowest
EX02\MSExchange ActiveSync\Configuration Lowest
EX02\MSExchange Antispam\General Lowest
EX02\MSExchange Assistants\Assistants Lowest
EX02\MSExchange Autodiscover\Core Lowest
EX02\MSExchange Autodiscover\Web Lowest
EX02\MSExchange Autodiscover\Provider Lowest
EX02\MSExchange Availability\Availability Service Lowest
EX02\MSExchange Availability\Availability Service General Lowest
EX02\MSExchange Availability\Availability Service Authentication Lowest
EX02\MSExchange Availability\Availability Service Authorization Lowest
EX02\MSExchange Cluster\Move Lowest
EX02\MSExchange Cluster\Upgrade Lowest
EX02\MSExchange Cluster\Action Lowest
EX02\MSExchange Common\General Lowest
EX02\MSExchange Common\Configuration Lowest
EX02\MSExchange Common\Logging Lowest
EX02\MSExchange RBAC\General Lowest
EX02\MSExchange RBAC\RBAC Low
EX02\MSExchange CmdletLogs\General Lowest
EX02\MSExchange Configuration Cmdlet – Management Console\General Lowest
EX02\MSExchange Configuration Cmdlet – Management Console\RBAC Lowest
EX02\MSExchange Delegated Authentication Module\General Lowest
EX02\MSExchange LiveId Redirection Module\General Lowest
EX02\MSExchange Organization Redirection Module\General Lowest
EX02\MSExchange Certificate Authentication Module\General Lowest
EX02\MSExchange Control Panel\General Lowest
EX02\MSExchange Control Panel\Performance Lowest
EX02\MSExchange Control Panel\Redirect Lowest
EX02\MSExchange Control Panel\Proxy Lowest
EX02\MSExchange Extensibility\Transport Address Book Lowest
EX02\MSExchange Extensibility\MExRuntime Lowest
EX02\MSExchange EdgeSync\Synchronization Lowest
EX02\MSExchange EdgeSync\Topology Lowest
EX02\MSExchange EdgeSync\SyncNow Lowest
EX02\MSExchange TransportService\TransportService Lowest
EX02\MSExchange Web Services\Core Lowest
EX02\MSExchange IMAP4\General Lowest
EX02\MSExchange IMAP4 BE\General Lowest
EX02\MSExchange Messaging Policies\Journaling Lowest
EX02\MSExchange Messaging Policies\AttachFilter Lowest
EX02\MSExchange Messaging Policies\AddressRewrite Lowest
EX02\MSExchange Messaging Policies\Rules Lowest
EX02\MSExchange Messaging Policies\Prelicensing Lowest
EX02\MSExchange Messaging Policies\PolicyApplication Lowest
EX02\MSExchange Messaging Policies\JournalReportDecryption Lowest
EX02\MSExchange Messaging Policies\RightsManagement Lowest
EX02\MSExchange Messaging Policies\TransportDecryption Lowest
EX02\MSExchange Messaging Policies\RedirectionAgent Lowest
EX02\MSExchange Messaging Policies\Information Rights Management Lowest
EX02\MSExchange Anti-spam Update\HygieneUpdate Lowest
EX02\MSExchange Mailbox Replication\Service Lowest
EX02\MSExchange Mailbox Replication\Mailbox Move Lowest
EX02\MSExchange Mid-Tier Storage\Xtc Lowest
EX02\MSExchange Mid-Tier Storage\Audit Lowest
EX02\MSExchange Mid-Tier Storage\Discovery Lowest
EX02\MSExchange Mid-Tier Storage\Information Rights Management Lowest
EX02\MSExchange Mid-Tier Storage\CopyOnWrite Lowest
EX02\MSExchange Mid-Tier Storage\ResourceHealth Lowest
EX02\MSExchange Management Application\Shell Lowest
EX02\MSExchange Management Application\Console Lowest
EX02\MSExchange Management Application\ProvisioningAgent Lowest
EX02\MSExchange Management Application\ComponentInfoBasedTask Lowest
EX02\MSExchange Management Application\AdminAuditLog Lowest
EX02\MSExchange OWA\FormsRegistry Lowest
EX02\MSExchange OWA\Core Lowest
EX02\MSExchange OWA\Configuration Lowest
EX02\MSExchange OWA\Themes Lowest
EX02\MSExchange OWA\SmallIcons Lowest
EX02\MSExchange OWA\Proxy Lowest
EX02\MSExchange OWA\Transcoding Lowest
EX02\MSExchange OWA\ADNotifications Lowest
EX02\MSExchange OWA\InstantMessage Lowest
EX02\MSExchange POP3\General Lowest
EX02\MSExchange POP3 BE\General Lowest
EX02\MSExchange Process Manager\ProcessManager Lowest
EX02\MSExchange Repl\Service Lowest
EX02\MSExchange Repl\Exchange VSS Writer Lowest
EX02\MSExchange ReportingWebService\General Lowest
EX02\MSExchange Topology\Topology Discovery Lowest
EX02\MSExchange Unified Messaging\UMWorkerProcess Lowest
EX02\MSExchange Unified Messaging\UMCore Lowest
EX02\MSExchange Unified Messaging\UMManagement Lowest
EX02\MSExchange Unified Messaging\UMService Lowest
EX02\MSExchange Unified Messaging\UMClientAccess Lowest
EX02\MSExchange Unified Messaging\UMCallData Lowest
EX02\MSExchange Unified Messaging\MWI General Lowest
EX02\MSExchange Unified Messaging\UMCallRouter Lowest
EX02\MSExchange ADAccess\General Lowest
EX02\MSExchange ADAccess\Cache Lowest
EX02\MSExchange ADAccess\Topology Low
EX02\MSExchange ADAccess\Configuration Lowest
EX02\MSExchange ADAccess\LDAP Lowest
EX02\MSExchange ADAccess\Validation Low
EX02\MSExchange ADAccess\Recipient Update Service Lowest
EX02\MSExchange ADAccess\Site Update Lowest
EX02\MSExchange ADAccess\Exchange Topology Lowest
EX02\MSExchange ADAccess\MSERV Lowest
EX02\MSExchange ADAccess\GLS Lowest
EX02\MSExchangeADTopology\General Lowest
EX02\MSExchangeADTopology\Configuration Lowest
EX02\MSExchangeADTopology\Topology Low
EX02\MSExchangeApplicationLogic\TextMessaging Lowest
EX02\MSExchangeApplicationLogic\ServerPicker Lowest
EX02\MSExchangeApplicationLogic\Extension Lowest
EX02\MSExchangeApplicationLogic\E4E Lowest
EX02\MSExchangeApplicationLogic\DiagnosticHandlers Lowest
EX02\MSExchangeIS\General Lowest
EX02\MSExchangeIS\Physical Access Lowest
EX02\MSExchangeIS\Lazy Indexing Lowest
EX02\MSExchangeIS\Logical Data Model Lowest
EX02\MSExchangeIS\Directory Services Lowest
EX02\MSExchangeIS\MAPI Lowest
EX02\MSExchangeIS\High Availability Lowest
EX02\MSExchangeMailboxAssistants\Service Lowest
EX02\MSExchangeMailboxAssistants\OOF Assistant Lowest
EX02\MSExchangeMailboxAssistants\OOF Library Lowest
EX02\MSExchangeMailboxAssistants\Resource Booking Attendant Lowest
EX02\MSExchangeMailboxAssistants\Email_Lifecycle_Assistant Lowest
EX02\MSExchangeMailboxAssistants\Junk Email Options Assistant Lowest
EX02\MSExchangeMailboxAssistants\Conversations Assistant Lowest
EX02\MSExchangeMailboxAssistants\Approval Assistant Lowest
EX02\MSExchangeMailboxAssistants\ELC Library Lowest
EX02\MSExchangeGlobalLocatorCache\General Lowest
EX02\MSExchangeTransport\SmtpReceive Lowest
EX02\MSExchangeTransport\SmtpSend Lowest
EX02\MSExchangeTransport\DSN Lowest
EX02\MSExchangeTransport\Routing Lowest
EX02\MSExchangeTransport\Logging Lowest
EX02\MSExchangeTransport\Components Lowest
EX02\MSExchangeTransport\RemoteDelivery Lowest
EX02\MSExchangeTransport\Pickup Lowest
EX02\MSExchangeTransport\Categorizer Lowest
EX02\MSExchangeTransport\PoisonMessage Lowest
EX02\MSExchangeTransport\MessageSecurity Lowest
EX02\MSExchangeTransport\TransportService Lowest
EX02\MSExchangeTransport\Exch50 Lowest
EX02\MSExchangeTransport\Process Lowest
EX02\MSExchangeTransport\ResourceManager Lowest
EX02\MSExchangeTransport\Configuration Lowest
EX02\MSExchangeTransport\Storage Lowest
EX02\MSExchangeTransport\Agents Lowest
EX02\MSExchangeTransport\Transport Address Book Lowest
EX02\MSExchangeTransport\Orar Lowest
EX02\MSExchangeTransport\Unused Lowest
EX02\MSExchangeTransport\ShadowRedundancy Lowest
EX02\MSExchangeTransport\Approval Lowest
EX02\MSExchangeTransport\TransportSafetyNet Lowest
EX02\MSExchangeTransport\TransportTenantAttribution Lowest
EX02\MSExchangeTransportSyncCommon\General Lowest
EX02\MSExchangeTransportSyncManager\General Lowest
EX02\MSExchangeTransportSyncWorker\General Lowest
EX02\MSExchangeTransportSyncWorkerFramework\General Lowest
EX02\MSExchange OutlookProtectionRules\Outlook Protection Rules Lowest
EX02\MSExchange Provisioning MailboxAssistant\Provisioning Assistant General Lowest
EX02\MSExchangeThrottling\General Lowest
EX02\MSExchangeThrottlingClient\General Lowest
EX02\MSExchange FailFast Module\General Lowest
EX02\MSExchange Store Driver Delivery\MSExchangeStoreDriverDelivery Lowest
EX02\MSExchange Store Driver Delivery\MeetingMessageProcessing Lowest
EX02\MSExchange Store Driver Delivery\OofHistory Lowest
EX02\MSExchange Store Driver Delivery\Approval Lowest
EX02\MSExchange Store Driver Delivery\UnifiedMessaging Lowest
EX02\MSExchange Store Driver Submission\MSExchangeStoreDriverSubmission Lowest
EX02\MSExchangeSubmission\MSExchangeSubmission Lowest
EX02\MSExchange Antimalware\General Lowest
EX02\MSExchange Antimalware\Init Lowest
EX02\MSExchange Antimalware\ScanResults Lowest
EX02\MSExchange Antimalware\ScanError Lowest
EX02\MSExchange OAuth\Requests Lowest
EX02\MSExchange OAuth\Configuration Low
EX02\MSExchange OAuth\Server 2
EX02\MSExchange BackEndRehydration\Requests Lowest
EX02\MSExchange BackEndRehydration\Configuration Low
EX02\MSExchange BackEndRehydration\Server 2
EX02\MSExchange Front End HTTP Proxy\Core Lowest
EX02\MSExchange RemotePowershell BackendCmdletProxy Module\General Lowest
EX02\MSExchange Error Logging Module\General Lowest
EX02\MSExchange Client Diagnostics Module\General Lowest
EX02\MSExchangeFrontEndTransport\SmtpReceive Lowest
EX02\MSExchangeFrontEndTransport\SmtpSend Lowest
EX02\MSExchangeFrontEndTransport\DSN Lowest
EX02\MSExchangeFrontEndTransport\Routing Lowest
EX02\MSExchangeFrontEndTransport\Logging Lowest
EX02\MSExchangeFrontEndTransport\Components Lowest
EX02\MSExchangeFrontEndTransport\RemoteDelivery Lowest
EX02\MSExchangeFrontEndTransport\Pickup Lowest
EX02\MSExchangeFrontEndTransport\Categorizer Lowest
EX02\MSExchangeFrontEndTransport\PoisonMessage Lowest
EX02\MSExchangeFrontEndTransport\MessageSecurity Lowest
EX02\MSExchangeFrontEndTransport\TransportService Lowest
EX02\MSExchangeFrontEndTransport\Exch50 Lowest
EX02\MSExchangeFrontEndTransport\Process Lowest
EX02\MSExchangeFrontEndTransport\ResourceManager Lowest
EX02\MSExchangeFrontEndTransport\Configuration Lowest
EX02\MSExchangeFrontEndTransport\Storage Lowest
EX02\MSExchangeFrontEndTransport\Agents Lowest
EX02\MSExchangeFrontEndTransport\Transport Address Book Lowest
EX02\MSExchangeFrontEndTransport\Orar Lowest
EX02\MSExchangeFrontEndTransport\Unused Lowest
EX02\MSExchangeFrontEndTransport\ShadowRedundancy Lowest
EX02\MSExchangeFrontEndTransport\Approval Lowest
EX02\MSExchangeFrontEndTransport\TransportSafetyNet Lowest
EX02\MSExchangeFrontEndTransport\TransportTenantAttribution Lowest

Enable / Disable Windows Photoviewer in Windows 10

 

To enable / disable Windows Photoviewer in Windows 10

Use the .reg files below.

 

Enable

 

Windows Registry Editor Version 5.00

; Enable Windows Photoviewer in Win 10

[HKEY_CLASSES_ROOT\Applications\photoviewer.dll]

[HKEY_CLASSES_ROOT\Applications\photoviewer.dll\shell]

[HKEY_CLASSES_ROOT\Applications\photoviewer.dll\shell\open]
“MuiVerb”=”@photoviewer.dll,-3043”

[HKEY_CLASSES_ROOT\Applications\photoviewer.dll\shell\open\command]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,72,00,75,00,\
6e,00,64,00,6c,00,6c,00,33,00,32,00,2e,00,65,00,78,00,65,00,20,00,22,00,25,\
00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,00,6c,00,65,00,73,00,\
25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,50,00,68,00,6f,\
00,74,00,6f,00,20,00,56,00,69,00,65,00,77,00,65,00,72,00,5c,00,50,00,68,00,\
6f,00,74,00,6f,00,56,00,69,00,65,00,77,00,65,00,72,00,2e,00,64,00,6c,00,6c,\
00,22,00,2c,00,20,00,49,00,6d,00,61,00,67,00,65,00,56,00,69,00,65,00,77,00,\
5f,00,46,00,75,00,6c,00,6c,00,73,00,63,00,72,00,65,00,65,00,6e,00,20,00,25,\
00,31,00,00,00

[HKEY_CLASSES_ROOT\Applications\photoviewer.dll\shell\open\DropTarget]
“Clsid”=”{FFE2A43C-56B9-4bf5-9A79-CC6D4285608A}”

[HKEY_CLASSES_ROOT\Applications\photoviewer.dll\shell\print]

[HKEY_CLASSES_ROOT\Applications\photoviewer.dll\shell\print\command]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,72,00,75,00,\
6e,00,64,00,6c,00,6c,00,33,00,32,00,2e,00,65,00,78,00,65,00,20,00,22,00,25,\
00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,00,6c,00,65,00,73,00,\
25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,50,00,68,00,6f,\
00,74,00,6f,00,20,00,56,00,69,00,65,00,77,00,65,00,72,00,5c,00,50,00,68,00,\
6f,00,74,00,6f,00,56,00,69,00,65,00,77,00,65,00,72,00,2e,00,64,00,6c,00,6c,\
00,22,00,2c,00,20,00,49,00,6d,00,61,00,67,00,65,00,56,00,69,00,65,00,77,00,\
5f,00,46,00,75,00,6c,00,6c,00,73,00,63,00,72,00,65,00,65,00,6e,00,20,00,25,\
00,31,00,00,00

[HKEY_CLASSES_ROOT\Applications\photoviewer.dll\shell\print\DropTarget]
“Clsid”=”{60fd46de-f830-4894-a628-6fa81bc0190d}”

 

Disable

 

Windows Registry Editor Version 5.00

; Disable Windows Photoviewer in Win 10

[-HKEY_CLASSES_ROOT\Applications\photoviewer.dll]

 

Save the file as a .reg file.  Double click it.

image

Select Yes

image

Select Yes

image

Click OK

image

Right click an image file, select Open With –> Choose another app

image

Select More apps

image

Select Windows Photo Viewer, and tick Always use this app to open this type of file, and click Ok.

image

Install netdata on C.H.I.P (or a raspberry PI)

 
Netdata details: https://github.com/firehol/netdata/wiki

Requirements:
C.H.I.P: http://anonit.blogspot.com.au/2016/08/installing-chip-headless.html; or
Raspberry PI:  http://anonit.blogspot.com.au/2016/05/headless-install-of-raspbian-jessie.html

Logon to the device using SSH.
Check if CURL is installed by using the command
which curl
if it is not installed then install using sudo apt-get install curl.
Install the full install packages for netdata:
curl -Ss ‘https://raw.githubusercontent.com/firehol/netdata-demo-site/master/install-required-packages.sh’ >/tmp/kickstart.sh && bash /tmp/kickstart.sh -i netdata-all
(There is a minimum install package that can be used if necessary: curl -Ss ‘https://raw.githubusercontent.com/firehol/netdata-demo-site/master/install-required-packages.sh’ >/tmp/kickstart.sh && bash /tmp/kickstart.sh -i netdata)
Download the netdata installer:
git clone https://github.com/firehol/netdata.git –depth=1
go into the netdata folder:
cd netdata
install netdata:
sudo ./netdata-installer.sh
Once installed, you can access the website on %IPADDRESS%:19999
to update, go into the netdata folder:
cd netdata
and run the updater:
sudo ./netdata-updater.sh
references:  https://github.com/firehol/netdata/wiki/Installation

Installing Pi-hole on a C.H.I.P

Requirements: C.H.I.P configured as: http://anonit.blogspot.com.au/2016/08/installing-chip-headless.html, with a static IP address

Type the command
sudo cp /etc/resolv.conf resolv.conf.bak
sudo nano /etc/resolv.conf

Edit the nameserver to have the DNS forwader settings of your choice.

Save and Exit Nano.

Install curl using the command

sudo apt-get –y install curl

Download and install pi-hole:
wget –O basic-install.sh https://install.pi-hole.net
chmod +x basic-install.sh
./basic-install.sh

Press OK

You should donate (I did!).  Press OK

Chose wlan0 and press OK (wlan1 is bluetooth)

Choose IPv4, IPv6 or both and press OK

If the IP address is correct, select YES

If the IP address you have assigned the CHIP is within the DHCP range of your DHCP Server or router, you may need to exclude this IP address, or modify the range.
Click OK

Select the DNS servers to use as forwarders.  If you are not sure, choose Google, and select OK.

Once the install is complete, press OK

You can add additional block lists by doing the following:
sudo cp /etc/pihole/adlists.default /etc/pihole/adlists.list
sudo nano /etc/pihole/adlists.list

Add the bottom to the file (or add your own)

##############
# Additional #
##############
#easylist
https://easylist.to/easylist/easylist.txt
https://easylist-downloads.adblockplus.org/easyprivacy.txt
#malwaredomains
http://www.malwaredomainlist.com/hostslist/hosts.txt
http://mirror1.malwaredomains.com/files/justdomains
#Peter Lowes Ad Server List
https://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts&showintro=1&mimetype=plaintext
#Ublock Filters
https://github.com/gorhill/uBlock/blob/master/assets/ublock/filters.txt
https://github.com/gorhill/uBlock/blob/master/assets/ublock/badware.txt
https://github.com/gorhill/uBlock/blob/master/assets/ublock/privacy.txt
https://github.com/gorhill/uBlock/blob/master/assets/ublock/unbreak.txt
Reboot the chip with
sudo reboot

Change the DNS on your computer / or router to point to the IP address of the chip.  In a Window DNS environment, change the DNS forwarders

You can check the status and modify the blocklist / whitelist by navigating to:
http://nnn.nnn.nnn.nnn/admin/

References:
https://github.com/pi-hole/pi-hole
http://jacobsalmela.com/network-wide-hardware-ad-blocking-9-chip-hole/

Installing C.H.I.P headless

Requirements:  miniUSB cable; C.H.I.P, computer running linux, wireless network.
Optional – Powered USB hub, additional miniUSB cable, computer running Windows.

I recieved my C.H.I.P, but had no spare keyboard, mouse, or monitor.  To get the device configured I did the following:
Download and install Chrome https://www.google.com/chrome/
In chrome, navigate to http://flash.getchip.com/

I chose Headless 4.4.

If you are on a windows computer, click Install the Driver.  Download and run the installer.

Next


And click Finish.

Click Next

Connect a paperclip, or a 1/2 stripped twist tie to FEL and GND

Connect the C.H.I.P to the computer using a USB cable.



If the flashing fails, disconnect the C.H.I.P.  Close Chrome, and reopen Chrome and navigate to http://flash.getchip.com/ – begin the process again (if you already installed the drivers, you don’t need to install them again)



Once the flash has completed, close Chrome, and remove the paperclip / twist tie jumper.  If necessary – connect the C.H.I.P to the linux computer (used a raspberry pi – it was necessary to use a powered USB hub in order to get the C.H.I.P to have enough power).
Install screen on the linux computer: sudo apt-get install screen

Type the command dmesg | tail

In the output above, you can see the C.H.I.P is presented to the OS as ttyACM1. 
Type the following command: screen /dev/ttyACM1 (replace ttyACM1 with the USB port number from the output of dmesg | tail
If the screen appears blank, press <ENTER>

The default credentials are chip / chip

Type the command sudo nmtui

Authenticate if necessary

Select Activate a Connection

Select your wifi connection from the list and press <ENTER>
Enter your wireless passkey and press <ENTER>

Once connected, you will see an asterisk next to the network you are connected to

Select Quit
type sudo nmtui again

Select Edit a connection

Select your wireless connection and select Edit…

Go to the bottom, and select Automatically connect and Available to all users.

If you wish, open IPv4 Configuration, and manually assign an IP address, Gateway and DNS servers.

Select OK and Quit
Verify you can access the internet.  ping www.google.com
CTRL-C to finish the ping.

Run the command sudo apt-get update to update the package list
Run the command sudo apt-get dist-upgrade
Select ‘Y’ to continue if prompted.
This may take some time.
Once completed, uninstall group-bin and configuration files
sudo apt-get purge cgroup-bin
It may / may not have anything to uninstall.  This can prevent the unit from booting.
Change the name of the device
sudo nano /etc/hostname
CTRL-X, Y and <Enter> to save the name
sudo nano /etc/hosts
Change the line
127.0.1.1     chip
to
127.0.1.1     <new name of the device>
CTRL-X, Y and <Enter> to save the name
Reboot the unit with
sudo reboot
you shuld now be able to connect to the chip with SSH via wifi.

References:
http://anonit.blogspot.com.au/2016/05/headless-install-of-raspbian-jessie.html
https://bbs.nextthing.co/t/setting-up-chip-as-a-headless-server-with-minimal-tools/1505

Configure Raspberry Pi as a router (ethernet and wifi) on Jessie

I used these instructions to create a router with 2 ethernet and 1 wireless connection.  These instructions can be modified for more wireless or more ethernet connections.  I was setting up eth1 as the WAN connection, eth0 and wlan0 as LAN connections.  Wlan0 was to broadcast DHCP from the PI, eth0 would have static IP, and DHCP on this netowrk would be from an external DHCP server.

Requirements:
Pi model B+ running Raspbian Jessie;
Wireless USB dongle;
USB Ethernet Adapter.
In this example I used a Wi-Pi adapter, and a TP-Link UE300
rfkill: a wireless utility
zd1211-firmware: common firmware that works with many Wi-Fi dongles
hostapd: the hostap wireless access point daemon
hostap-utils: supplemental hostap tools
iw: wireless configuration utility
isc-dhcp-server: ISC implementation of DHCP
bridge-utils:  used for connecting multiple Ethernet devices together

Connect to the Pi via SSH

Install requirements by using the command:

sudo apt-get update -y
sudo apt-get install rfkill zd1211-firmware hostapd hostap-utils iw bridge-utils isc-dhcp-server -y

Jessie may have iw preinstalled — if it does and is updated, running the command above will automatically skip it.

Connect the wifi dongle and USB Ethernet adapter

Use the command lsusb to ensure that the USB wireless dongle is being detected

pi@gw:~ $ lsusb
Bus 001 Device 004: ID 148f:5370 Ralink Technology, Corp. RT5370 Wireless Adapter
Bus 001 Device 003: ID 0424:ec00 Standard Microsystems Corp. SMSC9512/9514 Fast Ethernet Adapter
Bus 001 Device 002: ID 0424:9514 Standard Microsystems Corp.
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub

Use the command iw list to ensure that the adapter has a supported interface mode of AP
Supported interface modes:
         * IBSS
         * managed
         * AP
         * AP/VLAN
         * WDS
         * monitor
         * mesh point

Use ifconfig to identify which interface is which:

image

Based on the IP Addresses, I could identify eth0 as my LAN connection, and eth1 will be my WAN connection.

Create a backup of /etc/network/interfaces, and edit the file:

sudo cp /etc/network/interfaces /etc/network/interfaces.orig
sudo nano /etc/network/interfaces

Modify the file as appropriate. 

source-directory /etc/network/interfaces.d
auto lo
iface lo inet loopback

allow-hotplug eth0
auto eth0
iface eth0 inet static
    address 192.168.168.1
    netmask 255.255.255.0

allow-hotplug eth1
auto eth1
iface eth1 inet static
    address 172.16.0.20
    netmask 255.255.0.0
    gateway 172.16.0.1

allow-hotplug wlan0
auto wlan0
iface wlan0 inet static
    address 192.168.200.1
    netmask 255.255.255.0

Take a backup of /etc/hostapd/hostapd.conf and edit the file (it it doesn’t exist, create the file).

sudo cp /etc/hostapd/hostapd.conf /etc/hostapd/hostapd.conf.orig
sudo nano /etc/hostapd/hostapd.conf

Modify the file as appropriate

interface=wlan0
country_code=AU
ctrl_interface=wlan0
ctrl_interface_group=0
ssid=wifissid
hw_mode=g
channel=8
wpa=2
wpa_passphrase=secretwifipassphrase
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP TKIP
rsn_pairwise=CCMP
beacon_int=100
auth_algs=3
macaddr_acl=0
wmm_enabled=1
eap_reauth_period=360000000

Backup and modify /etc/default/hostapd

sudo cp /etc/default/hostapd /etc/default/hostapd.orig
sudo nano /etc/default/hostapd

Edit the DAEMON_CONF=”” line to point to the hostadp.conf file modified earlier.

DAEMON_CONF=”/etc/hostapd/hostapd.conf”

Configure DHCP
Create a backup of /etc/dhcp/dhcpd.conf and edit it

sudo cp /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf.orig
sudo nano /etc/dhcp/dhcpd.conf

Make the following changes as appropriate

authoritative;
option domain-name “dmz.anonit.net”;
default-lease-time 86400;
option subnet-mask 255.255.255.0;
max-lease-time 172800;
option broadcast-address 192.168.200.255;
option routers 192.168.200.1;

subnet 192.168.200.0 netmask 255.255.255.0 {
range 192.168.200.50 192.168.200.99;
option domain-name-servers 8.8.8.8, 8.8.4.4;
}

Backup and edit /etc/default/isc-dhcp-server and setup the interface to broadcast DHCP on

sudo cp /etc/default/isc-dhcp-server /etc/default/isc-dhcp-server.orig
sudo nano /etc/default/isc-dhcp-server

Find and edit the INTERFACES line to the interface to broadcast DHCP on.

INTERFACES=”wlan0″

(If you wanted to broadcast DHCP on eth0 as well you could add it in here)

Enable routing and Nat

sudo cp /etc/sysctl.conf /etc/sysctl.conf.orig
sudo nano /etc/sysctl.conf

Edit the file to add the line (or uncomment it)

net.ipv4.ip_forward=1

Enable the translation immediately

 
sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"

Configure IPTables for NAT

sudo iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
sudo iptables -A FORWARD -i eth1 -o wlan0 -m state –state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i eth1 -o eth0 -m state –state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i wlan0 -o eth1 -j ACCEPT
sudo iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT

sudo iptables-save

If this is the first time modifying iptables, install iptables-persistent by running

sudo apt-get install iptables-persistent

If prompted to make the rules persistent, select YES
If you already have iptables-persistent installed, you can save the iptables rules by running the command

sudo iptables-save

make the changes permanent (starts hostapd and dhcp on boot)

sudo update-rc.d hostapd enable 
sudo update-rc.d isc-dhcp-server enable
 
save the iptables setup and restore on boot
 
sudo sh -c "iptables-save > /etc/iptables.ipv4.nat" 
 
Edit the /etc/network/interfaces file and add the following to the end.
 

up iptables-restore < /etc/iptables.ipv4.nat

Reboot the device and test
 
Reference:

http://jacobsalmela.com/raspberry-pi-and-routing-turning-a-pi-into-a-router/
https://alwaystinkering.wordpress.com/2015/12/29/basic-raspberry-pi-home-wifi-router/
https://w1.fi/cgit/hostap/plain/hostapd/hostapd.conf
http://raspberrypihq.com/how-to-turn-a-raspberry-pi-into-a-wifi-router/
https://www.raspberrypi.org/forums/viewtopic.php?t=31227#p293467
https://www.raspberrypi.org/forums/viewtopic.php?f=36&t=63048

Add Raspberrian (Jessie) to a wireless network

Login to the device using SSH
Type the following command:

sudo nano /etc/network/interfaces
 
Add the following lines at the bottom:

auto wlan0
iface wlan0 inet dhcp
wpa-ssid “SSIDNAME”
wpa-psk “PSKPASSPHRASE”
 
Where SSIDNAME is the SSID network name, and PSKPASSPHRASE is the passphrase for the wireless network.
EG: If my network was called:
Front Office Wireless
and my network passphrase is:
QLDWireless3827
The interfaces file will look like:

auto lo
iface lo inet loopback

iface eth0 inet manual
allow-hotplug wlan0
iface wlan0 inet manual
    wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf

allow-hotplug wlan1
iface wlan1 inet manual
    wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf

auto wlan0
iface wlan0 inet dhcp
wpa-ssid “Front Office Wireless”
wpa-psk “QLDWireless3827”

Press CTRL-X to exit, press Y to save changes, and press ENTER to save the file called interfaces
type:

sudo /etc/init.d/networking restart
 
to restart the networking services.

You should then be able to see the IP Address that is assigned to WLAN0.
type ifconfig to see the network settings in full.

image

Headless install of Raspbian (Jessie)

I needed to perform an install of Raspbian (Jessie) on a Raspberry PI, but I didn’t have a spare keyboard, mouse, or monitor / tv to connect it to. 
Download Raspbian from (current Jessie):
https://www.raspberrypi.org/downloads/
At the time of writing it was 4.1 (I used the lite version)
Download and install the SDCard Formatter from SDCard.org:
https://www.sdcard.org/downloads/formatter_4/eula_windows/
Download and install Win32 Disk Imager from sourceforge:
https://sourceforge.net/projects/win32diskimager/
 
Connect the SDCard, and run the SDFormatter application as an administrator.
This procedure will delete anything on the SDCard
clip_image002
Ensure the drive letter specified in the SDFormatter is the same as the drive letter of the SDCard connected (Open ‘Computer’ and check if need be)
clip_image004
Click the Option button and set FORMAT SIZE ADJUSTMENT to ON
Click OK.
clip_image006
click Format and Click OK
clip_image008
Click OK
clip_image010
Wait!
clip_image012
Once the format is finished, click OK and then click Exit.
clip_image014
  Run Win32 Disk Imager as Administrator
image
Select the correct Device, browse and select the Raspbian Jessie image downloaded, and click Write
image
Double check the drive letter, and click Yes to proceed
image
This will copy the Raspbian Jessie image to the SDCard, and may take some time.
Once the write is Successful, click OK, and Exit the Win32 Disk Imager

image

edit 22/03/17
Open the USB drive in file explorer and create a new blank file called ssh in the root.  (Make sure you don’t have an extension on the file).  See note #3  https://www.raspberrypi.org/documentation/remote-access/ssh/

Connect the SDCard back into the Raspberry Pi, connect an eternet cable, and boot the device.
After some time, check your DHCP server or logs to identify the IP address of the device, alternatively query dns for raspberrypi.
Using putty, connect to the device using SSH.
image
Click Yes to the key warning
image
Login credentials are:
username: pi
password: raspberry
image
Run the initial Raspberry Pi Configuration by using the command:
sudo raspi-config
image
Modify the configuration as required.  Once completed, select Finish
If prompted to reboot, select No
image
Update the package source by running the commands
sudo sed -i ‘s/wheezy/jessie/g’ /etc/apt/sources.list
sudo sed -i ‘s/wheezy/jessie/g’ /etc/apt/sources.list.d/*
Update the package list using the command
sudo aptget update
Update the distribution
sudo apt-get dist-upgrade
Select ‘Y’ to continue if prompted.
This may take some time.
Once completed, uninstall group-bin and configuration files
sudo aptget purge cgroupbin
It may / may not have anything to uninstall.  This can prevent the unit from booting.
Change the name of the device
sudo nano /etc/hostname
CTRL-X, Y and <Enter> to save the name
sudo nano /etc/hosts
Change the line
127.0.1.1     raspberrypi
to
127.0.1.1     <new name of the device>
CTRL-X, Y and <Enter> to save the name
 
Reboot the unit with
sudo reboot
 
Reference:
http://tech.tiefpunkt.com/2015/06/headless-raspberrypi-installation-with-raspbian-jessie/
https://www.raspberrypi.org/documentation/installation/installing-images/README.md
http://askubuntu.com/questions/231562/what-is-the-difference-between-apt-get-purge-and-apt-get-remove
http://packages.ubuntu.com/trusty/admin/cgroup-bin
http://www.raspians.com/Knowledgebase/how-to-change-hostname-on-raspberrypi/
https://www.raspberrypi.org/documentation/remote-access/ssh/