The hidden and all powerful link that all NUS students need.
How to unsubscribe from NUS mailing lists:
- Go to https://groups.nus.edu.sg/NUSgroups/
- Login with your NUSNET account
- Uncheck all boxes on the mailing list option
- Enjoy life
Author: Jason
Updating Edgerouter Lite
Notes on updating edgerouter lite. Especially important since Ubiquiti does not provide an easy disaster recovery procedure to follow if anyone messes up the update.
Update
Where to download updates: Ubiquiti Web Site
How to update:
- Use the Upgrade System Image in the System Tab.
- When updating, if the render error message occurs, do not panic. This is normal behaviour. Continue to wait for another 1 minute before refreshing.
Disaster Recovery
Use the image below and dump it to a fresh flashdrive. Then use it to replace the existing flashdrive in the edgerouter lite.
Link
SoftEtherVPN Configuration/Installation
A quick lookup page for me to install softether vpn server on Ubuntu 16.04 since the apt version no longer work properly (17-01-2020)
Original apt version
https://launchpad.net/~paskal-07/+archive/ubuntu/softethervpn
Requirements
apt-get install -y build-essential make gccDownload
wget -O /tmp/softether-vpnserver.tar.gz https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/releases/download/v4.32-9731-beta/softether-vpnserver-v4.32-9731-beta-2020.01.01-linux-x64-64bit.tar.gzExtract
tar xfz /tmp/softether-vpnserver.tar.gz -C /usr/localCompile
cd /usr/local/vpnserver
makeMethod 1: Non-root User
Note that local bridge setting will not work, so you will need to use SecureNAT
Adding a service account for softether
sudo useradd --system --no-create-home softetherPermissions
chown -R softether:softether /usr/local/vpnserver
find /usr/local/vpnserver -type f -exec chmod 600 {} \;
find /usr/local/vpnserver -type d -exec chmod 700 {} \;
chmod +x /usr/local/vpnserver/vpncmd
chmod +x /usr/local/vpnserver/vpnserverCreate /etc/systemd/system/softether.service
[Unit]
Description=SoftEther VPN Server
After=network.target auditd.service
ConditionPathExists=!/usr/local/vpnserver/do_not_run
[Service]
Type=forking
TasksMax=16777216
User=softether
Group=softether
ExecStart=/usr/local/vpnserver/vpnserver start
ExecStop=/usr/local/vpnserver/vpnserver stop
KillMode=process
Restart=on-failure
# Hardening
PrivateTmp=yes
ProtectHome=yes
ProtectSystem=full
ReadOnlyDirectories=/
ReadWriteDirectories=/usr/local/vpnserver
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYSLOG CAP_SETUID
[Install]
WantedBy=multi-user.targetAllow vpnserver to bind to local ports despite being run by softether user (non-root)
sudo setcap CAP_NET_BIND_SERVICE=+eip /usr/local/vpnserver/vpnserverStart service
systemctl daemon-reload
systemctl start softether.service
systemctl enable softether.serviceMethod 2: Root User
Permissions
chown -R root:root /usr/local/vpnserver
find /usr/local/vpnserver -type f -exec chmod 600 {} \;
find /usr/local/vpnserver -type d -exec chmod 700 {} \;
chmod +x /usr/local/vpnserver/vpncmd
chmod +x /usr/local/vpnserver/vpnserverCreate /etc/systemd/system/softether.service
cat > /lib/systemd/system/softether.service << EOF
[Unit]
Description=SoftEther VPN Server
After=network.target auditd.service
ConditionPathExists=!/usr/local/vpnserver/do_not_run
[Service]
Type=forking
ExecStart=/usr/local/vpnserver/vpnserver start
ExecStop=/usr/local/vpnserver/vpnserver stop
KillMode=process
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOFRun
Enable and start the Service
systemctl daemon-reload
systemctl start softether.service
systemctl enable softether.serviceClean up
rm -f /tmp/softether-vpnserver.tar.gz Full Script
apt-get update
apt-get install -y build-essential make gcc
curl -s https://api.github.com/repos/SoftEtherVPN/SoftEtherVPN_Stable/releases/latest \
| grep "softether-vpnserver.*linux-x64-64bit.tar.gz" \
| cut -d : -f 2,3 \
| tr -d \" \
| wget -O /tmp/softether-vpnserver.tar.gz -i -
tar xfz /tmp/softether-vpnserver.tar.gz -C /usr/local
cd /usr/local/vpnserver
make
chown -R root:root /usr/local/vpnserver
find /usr/local/vpnserver -type f -exec chmod 600 {} \;
find /usr/local/vpnserver -type d -exec chmod 700 {} \;
chmod +x /usr/local/vpnserver/vpncmd
chmod +x /usr/local/vpnserver/vpnserver
cat > /lib/systemd/system/softether.service << EOF
[Unit]
Description=SoftEther VPN Server
After=network.target auditd.service
ConditionPathExists=!/usr/local/vpnserver/do_not_run
[Service]
Type=forking
ExecStart=/usr/local/vpnserver/vpnserver start
ExecStop=/usr/local/vpnserver/vpnserver stop
KillMode=process
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl start softether.service
systemctl enable softether.service
rm -f /tmp/softether-vpnserver.tar.gz You can find the script in https://github.com/adjscent/softether_installer.
How to get voice working on Huawei 3G Modern via dc unlocker
Huawei E1750 3G Modem has the ability to call, but the feature is disabled by default.
Most online solutions on enabling the voice feature do not work, including manual AT commands, the cracked version of dc unlocker or huawei unlocker.
I am not sure what the actual dc unlocker voice activation (4 credits) does, but it successfully activated the voice feature.
This video is just me trying out the dc unlocker voice activation (with credits T_T) in a virtual machine.
After this, the raspbx chan_dongle works 😀
Damage: 4 credits
Video Tutorial and Walkthrough
Certificate Creation
Some of the important openssl commands to create certificates
Configuration Issues
Environment Variables for Windows Openssl
set OpenSSL_HOME=C:\OpenSSL-Win64
set OPENSSL_CONF=C:\OpenSSL-Win64\bin\openssl.cfgCertificate Creation
Create self-sign certificates short method
openssl req -x509 -nodes -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365Create self-sign certificates long method
openssl genrsa -out helloeb.com.key 4096
openssl req -new -sha256 -key helloeb.com.key -out helloeb.com.csr
openssl x509 -req -nodes -days 365 -in helloeb.com.csr -CAkey helloeb.com.key -out sha1.crt -sha256