Tag Archives: linux

Linux Administration, Security, Uncategorized

Central Rsyslog server with TLS encrytion. | rsyslog log central splunk

June 18, 2020 g33k Leave a comment

Certificate setup.

Server Certificate.

Create the following directory

mkidr /etc/ssl/rsyslog/   
cd /etc/ssl/rsyslog/

mkidr /etc/ssl/rsyslog/

cd /etc/ssl/rsyslog/

Install the following package to enable encryption on rsyslog.

yum install -y gnutls-utils

1 2	yum install -y gnutls-utils

Execute the following command which create the certificates.

certtool --generate-self-signed --load-privkey CA-key.pem --outfile CA.pem

1	certtool --generate-self-signed --load-privkey CA-key.pem --outfile CA.pem

chmod 400 CA-key.pem

1	chmod 400 CA-key.pem

certtool --generate-self-signed --load-privkey CA-key.pem --outfile CA.pem

1	certtool --generate-self-signed --load-privkey CA-key.pem --outfile CA.pem

certtool --generate-privkey --outfile SERVER-key.pem --bits 2048\

1	certtool --generate-privkey --outfile SERVER-key.pem --bits 2048\

certtool --generate-request --load-privkey SERVER-key.pem --outfile SERVER-request.pem

1	certtool --generate-request --load-privkey SERVER-key.pem --outfile SERVER-request.pem

certtool --generate-certificate --load-request SERVER-request.pem --outfile SERVER-cert.pem --load-ca-certificate CA.pem --load-ca-privkey CA-key.pem

1	certtool --generate-certificate --load-request SERVER-request.pem --outfile SERVER-cert.pem --load-ca-certificate CA.pem --load-ca-privkey CA-key.pem

Client Certificate.

certtool --generate-privkey --outfile CLIENT-key.pem --bits 2048

1 2	certtool --generate-privkey --outfile CLIENT-key.pem --bits 2048

certtool --generate-request --load-privkey CLIENT-key.pem --outfile CLIENT-request.pem

1	certtool --generate-request --load-privkey CLIENT-key.pem --outfile CLIENT-request.pem

certtool --generate-certificate --load-request CLIENT-request.pem --outfile CLIENT-cert.pem --load-ca-certificate CA.pem --load-ca-privkey CA-key.pem

1	certtool --generate-certificate --load-request CLIENT-request.pem --outfile CLIENT-cert.pem --load-ca-certificate CA.pem --load-ca-privkey CA-key.pem

Copy the following three certificates to the client machine to the following location /etc/ssl/rsyslog/.

-rw-r--r-- 1 root root 1663 Dec 5 01:01 CA.pem
-rw-r--r-- 1 root root 0 Dec 5 01:01 CLIENT-cert.pem
-rw------- 1 root root 1675 Dec 5 01:01 CLIENT-key.pem

-rw-r--r-- 1 root root 1663 Dec 5 01:01 CA.pem

-rw-r--r-- 1 root root 0 Dec 5 01:01 CLIENT-cert.pem

-rw------- 1 root root 1675 Dec 5 01:01 CLIENT-key.pem

Server Setup.

Create the following configuration file.

sudo vi /etc/rsyslog.d/rsyslog-tls.conf

$ModLoad imtcp
$DefaultNetstreamDriver gtls
$DefaultNetstreamDriverCAFile /etc/ssl/rsyslog/CA.pem
$DefaultNetstreamDriverCertFile /etc/ssl/rsyslog/SERVER-cert.pem
$DefaultNetstreamDriverKeyFile /etc/ssl/rsyslog/SERVER-key.pem
$InputTCPServerStreamDriverAuthMode x509/name
$InputTCPServerStreamDriverPermittedPeer *.EXAMPLE.COM
$InputTCPServerStreamDriverMode 1 
$InputTCPServerRun 10514

sudo vi /etc/rsyslog.d/rsyslog-tls.conf

$ModLoad imtcp

$DefaultNetstreamDriver gtls

$DefaultNetstreamDriverCAFile /etc/ssl/rsyslog/CA.pem

$DefaultNetstreamDriverCertFile /etc/ssl/rsyslog/SERVER-cert.pem

$DefaultNetstreamDriverKeyFile /etc/ssl/rsyslog/SERVER-key.pem

$InputTCPServerStreamDriverAuthMode x509/name

$InputTCPServerStreamDriverPermittedPeer *.EXAMPLE.COM

$InputTCPServerStreamDriverMode 1

$InputTCPServerRun 10514

Restart the server.

/etc/init.d/rsyslog restart

1	/etc/init.d/rsyslog restart

This will allow the changes to take effect.

Running netstat will show you that its listen on encrypted and un-encrypted ports for logging traffic.

[root@f842608432ca rsyslog.d]# netstat -ntl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:514 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:10514 0.0.0.0:* LISTEN
tcp 0 0 :::514 :::* LISTEN
tcp 0 0 :::10514 :::* LISTEN
[root@f842608432ca rsyslog.d]#

[root@f842608432ca rsyslog.d]# netstat -ntl

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address Foreign Address State

tcp 0 0 0.0.0.0:514 0.0.0.0:* LISTEN

tcp 0 0 0.0.0.0:10514 0.0.0.0:* LISTEN

tcp 0 0 :::514 :::* LISTEN

tcp 0 0 :::10514 :::* LISTEN

[root@f842608432ca rsyslog.d]#

Client Setup.

sudo vi /etc/rsyslog.d/rsyslog-tls.conf

$DefaultNetstreamDriver gtls
$DefaultNetstreamDriverCAFile /etc/ssl/rsyslog/CA.pem
$DefaultNetstreamDriverCertFile /etc/ssl/rsyslog/CLIENT-cert.pem
$DefaultNetstreamDriverKeyFile /etc/ssl/rsyslog/CLIENT-key.pem
$ActionSendStreamDriverAuthMode x509/name
$ActionSendStreamDriverPermittedPeer SERVER.EXAMPLE.COM
$ActionSendStreamDriverMode 1
*.* @@SERVER.EXAMPLE.COM:10514

sudo vi /etc/rsyslog.d/rsyslog-tls.conf

$DefaultNetstreamDriver gtls

$DefaultNetstreamDriverCAFile /etc/ssl/rsyslog/CA.pem

$DefaultNetstreamDriverCertFile /etc/ssl/rsyslog/CLIENT-cert.pem

$DefaultNetstreamDriverKeyFile /etc/ssl/rsyslog/CLIENT-key.pem

$ActionSendStreamDriverAuthMode x509/name

$ActionSendStreamDriverPermittedPeer SERVER.EXAMPLE.COM

$ActionSendStreamDriverMode 1

*.* @@SERVER.EXAMPLE.COM:10514

Replace the SERVER with the IP address of your rsyslog server.

Restart rsyslog on the client so that changes can take effect.

/etc/init.d/rsyslog restart

1	/etc/init.d/rsyslog restart

Now to test the logs are transmitted execute.

logger -i -t cron "Boom, shagalaga."

1	logger -i -t cron "Boom, shagalaga."

To verify that the logs are received on the encrypted port, connect to the server and run the following.

tcpdump port 10514

1	tcpdump port 10514

This will listen for traffic on the encrypted port. Successful results should look like this.

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
03:45:29.688443 IP 172.17.0.4.59038 > f842608432ca.10514: Flags [S], seq 299354345, win 29200, options [mss 1460,sackOK,TS val 16418731 ecr 0,nop,wscale 7], length 0
03:45:29.688660 IP f842608432ca.10514 > 172.17.0.4.59038: Flags [S.], seq 3462609508, ack 299354346, win 28960, options [mss 1460,sackOK,TS val 16418731 ecr 16418731,nop,wscale 7], length 0
03:45:29.688903 IP 172.17.0.4.59038 > f842608432ca.10514: Flags [.], ack 1, win 229, options [nop,nop,TS val 16418731 ecr 16418731], length 0
03:45:29.689938 IP 172.17.0.4.59038 > f842608432ca.10514: Flags [F.], seq 1, ack 1, win 229, options [nop,nop,TS val 16418731 ecr 16418731], length 0
03:45:29.690544 IP f842608432ca.10514 > 172.17.0.4.59038: Flags [.], ack 2, win 227, options [nop,nop,TS val 16418732 ecr 16418731], length 0
03:45:29.764463 IP f842608432ca.10514 > 172.17.0.4.59038: Flags [F.], seq 1, ack 2, win 227, options [nop,nop,TS val 16418739 ecr 16418731], length 0
03:45:29.764599 IP 172.17.0.4.59038 > f842608432ca.10514: Flags [.], ack 2, win 229, options [nop,nop,TS val 16418739 ecr 16418739], length 0

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes

03:45:29.688443 IP 172.17.0.4.59038 > f842608432ca.10514: Flags [S], seq 299354345, win 29200, options [mss 1460,sackOK,TS val 16418731 ecr 0,nop,wscale 7], length 0

03:45:29.688660 IP f842608432ca.10514 > 172.17.0.4.59038: Flags [S.], seq 3462609508, ack 299354346, win 28960, options [mss 1460,sackOK,TS val 16418731 ecr 16418731,nop,wscale 7], length 0

03:45:29.688903 IP 172.17.0.4.59038 > f842608432ca.10514: Flags [.], ack 1, win 229, options [nop,nop,TS val 16418731 ecr 16418731], length 0

03:45:29.689938 IP 172.17.0.4.59038 > f842608432ca.10514: Flags [F.], seq 1, ack 1, win 229, options [nop,nop,TS val 16418731 ecr 16418731], length 0

03:45:29.690544 IP f842608432ca.10514 > 172.17.0.4.59038: Flags [.], ack 2, win 227, options [nop,nop,TS val 16418732 ecr 16418731], length 0

03:45:29.764463 IP f842608432ca.10514 > 172.17.0.4.59038: Flags [F.], seq 1, ack 2, win 227, options [nop,nop,TS val 16418739 ecr 16418731], length 0

03:45:29.764599 IP 172.17.0.4.59038 > f842608432ca.10514: Flags [.], ack 2, win 229, options [nop,nop,TS val 16418739 ecr 16418739], length 0

Linux Administration

Converting a text file from uppercase to lowercase. | converting text files from uppercase to lowercase

June 3, 2020 g33k Leave a comment

I had a bunch of hostnames in a text file, but some were uppercase and some lowercase. This presents problems when searching and automating tasks, so I wanted a way to convert them all into lowercase as all text should be in Linux.

Here we are using “tr” to completed this task.

tr '[:upper:]' '[:lower:]' < input.txt > output.txt

1	tr '[:upper:]' '[:lower:]' < input.txt > output.txt

Linux Administration, Security, SSH

How to disable root access to RHEL Redhat systems. | disable root access linux

June 3, 2020 g33k Leave a comment

For security reasons, root access to Linux systems should be disabled as standard theses days. Some distributions still allow it but other have blocked it by default. We should be taking advantage of sudo, which allows you to log in with your standard unprivileged account but execute root commands with the sudo app.

Here are some quick and easy steps to stop root access to your system and improve your security footprint.

This command will lock the root account

passwd -l root

1	passwd -l root

This will replace the hashed password with “!”, which is another way to stop logons

usermod -p '!' root

1	usermod -p '!' root

To add another level of security you should also disable root logons from the ssh server too. Here is how to do so,

vim /etc/ssh/sshd_config

1	vim /etc/ssh/sshd_config

Ensure the following entry is set, if it currently does not exist in the config file, add it anywhere.

PermitRootLogin no

1	PermitRootLogin no

Linux Administration

Syslog permissions blocking Splunk Access | syslog splunk permissions /var/log/messages

June 3, 2020 g33k Leave a comment

Had a problem splunk having access permissions to /var/log/messages, syslog would change the permissions to read only by root and no one else. The fix is in the syslog config file. See below.

vim /etc/syslog-ng/syslog-ng.conf

1	vim /etc/syslog-ng/syslog-ng.conf

Should have an entry like this

destination d_mesg { file("/var/log/messages" perm(0655)); };

1	destination d_mesg { file("/var/log/messages" perm(0655)); };

Pay particular attentions to,

perm(0655));

1	perm(0655));

Then restart syslog

systemctl status syslog-ng.service

1	systemctl status syslog-ng.service

Linux Administration

RHEL and Fedora setting password expiry | bash linux password expire chage

May 27, 2020 g33k Leave a comment

A very common Linux administration task is to set user account to expire their password and request a new account password from the user.

To see what the current policy is set to, execute the following.

sudo chage -l username

1	sudo chage -l username

You should see output like.

Last password change : May 27, 2020Password expires : Sep 24, 2020
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 120
Number of days of warning before password expires : 7

Last password change : May 27, 2020Password expires : Sep 24, 2020

Password inactive : never

Account expires : never

Minimum number of days between password change : 0

Maximum number of days between password change : 120

Number of days of warning before password expires : 7

You can change the password expiry with the following command

sudo chage -M 120 username

1	sudo chage -M 120 username

Linux Administration, Security

Setup a backup job for your LAMP sites. | Setup a backup job for your LAMP sites.

December 3, 2018 g33k Leave a comment

I wrote a script which takes a backup of my webserver, taking a snapshot of all the website content, database, and configuration files.

Theory is if the webserver died, we would be about to result quickly using the data backed up.

On the server, put the following script and below is the cron entry which triggers every week. You will need up change the username and password for your mysql server.

#!/bin/bash

tempdir="/tmp/backup-`date +%Y%m%d`"
username="root"
password="password"
backuplocation="/home/ubuntu/backup.tgz"
weblocation="/var/www"
configlocation="/etc/apache2"

mkdir ${tempdir}
mysqldump -u${username} -p${password} --all-databases > ${tempdir}/backup.db
cp -rf ${weblocation} ${tempdir}/
cp -rf ${configlocation} ${tempdir}/
tar -czf ${backuplocation} ${tempdir}
rm -rf ${tempdir}

#!/bin/bash

tempdir="/tmp/backup-`date +%Y%m%d`"

username="root"

password="password"

backuplocation="/home/ubuntu/backup.tgz"

weblocation="/var/www"

configlocation="/etc/apache2"

mkdir ${tempdir}

mysqldump -u${username} -p${password} --all-databases > ${tempdir}/backup.db

cp -rf ${weblocation} ${tempdir}/

cp -rf ${configlocation} ${tempdir}/

tar -czf ${backuplocation} ${tempdir}

rm -rf ${tempdir}

This is the cron entry which fires up every friday.

40 15 * * 5 /home/ubuntu/backup.sh

1	40 15 * * 5 /home/ubuntu/backup.sh

Now this script will be on a linux machine somewhere else, it will connect and copy the backup archive file generated. You must first setup the ssh key so that its passwordless connection.

45 01 * * 1 scp ubuntu@www.url.com.au:backup.tgz /mnt/backup/sitename/

1	45 01 * * 1 scp ubuntu@www.url.com.au:backup.tgz /mnt/backup/sitename/

Simplicity it key! It works and will get you out of trouble. Well worth the 5minute investment.

Linux Administration, Security

Hacking into my cheap Chinese CCTV box | Hacking a cheap Chinese CCTV recorder

November 26, 2018 g33k Leave a comment

I have a cheap Chinese CCTV camera system at home, I wanted to explore the system up close.

I did a nmap scan of the system and found that port 23 (telnet) was open.

Nmap scan report for (192.168.1.88)
Host is up (0.0051s latency).
Not shown: 995 closed ports
PORT STATE SERVICE
23/tcp open telnet
80/tcp open http
5000/tcp open upnp
8000/tcp open http-alt
10002/tcp open documentum
MAC Address: 00:5A:E8:AB:EB:9C (Unknown)

Nmap scan report for (192.168.1.88)

Host is up (0.0051s latency).

Not shown: 995 closed ports

PORT STATE SERVICE

23/tcp open telnet

80/tcp open http

5000/tcp open upnp

8000/tcp open http-alt

10002/tcp open documentum

MAC Address: 00:5A:E8:AB:EB:9C (Unknown)

I kicked off a connection and saw that it was contactable. I tried a whole bunch of default username and passwords for these CCTV boxes but none worked.

So I tried googling it strange login prompt.

telnet 192.168.1.88
Trying 192.168.1.88...
Connected to 192.168.1.88.
Escape character is '^]'.

GM login:
Password

telnet 192.168.1.88

Trying 192.168.1.88...

Connected to 192.168.1.88.

Escape character is '^]'.

GM login:

Password

I googled “GM Login”. Turns out GM stands for Grain Media and its default password is

GM login: root
Password: GM8182

1 2	GM login: root Password: GM8182

Ill continue to experiment with the machine and post my findings.

Linux Administration, Uncategorized

Finding deleted text on a Linux system using Grep | finding deleted text files using grep

October 15, 2018 g33k Leave a comment

I ran across a neat little trick when attempted to recover a deleted file on my Linux box.

You can use grep to search your disk at a bit level for a deleted file, on the condition you know a string in its contents.

You can test it like this, write a text file and store a specific string in it. ie

vim /home/username/myfile.txt

1	vim /home/username/myfile.txt

then insert something like

I like cats
I like Dogs
fast cars smell like roses
i like rinos
i like lions.

I like cats

I like Dogs

fast cars smell like roses

i like rinos

i like lions.

then delete the file.

rm /home/username/myfile.txt

1	rm /home/username/myfile.txt

Now lets find the deleted file.

grep -a -B10 -A10 'fast cars smell like roses' /dev/mapper/vg_system-root

1	grep -a -B10 -A10 'fast cars smell like roses' /dev/mapper/vg_system-root

Your missing file should appear with a bit of junk above and below the contents of your file.

Increase the lines in the -B10 -A10 depending how big your file it.

Linux Administration, Network

Get an email when your public IP changes | get notified when your public ip changes.

October 11, 2018 g33k Leave a comment

Alot of us have ISPs which change your IP address and you may not want to setup a client with a dynamic IP or want a backup in case the services fails.

So i developed a bash script which checks to see if your public IP has changed. If it has it will log it and email you the new IP.

See below.

#!/bin/bash

log="ip_local_log.txt"
email="email@gmail.com"
url="http://www.whatsmyip.com.au"
tmp="/tmp/ip.tmp"

wget -q -O $tmp --user-agent="Mozilla/5.0 (Windows NT 5.2; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" $url
ip=`cat $tmp | grep "displayTextarea" | awk -F '>' '{ print $3 }' | sed 's#</textarea##'`
lastip=$(cat $log | tail -n 1 | awk -F ',' '{print $2}')


if [ -z ${lastip} ]
then
echo "$(date),${ip}" >> ${log}
exit 0
fi

if [ ${lastip} == ${ip} ]
then
echo "Nothing changed."
else
echo "$(date),${ip}" >> ${log}
mail -s "IP Address Change (Local Rye)" ${email} < ${log}
fi

#!/bin/bash

log="ip_local_log.txt"

email="email@gmail.com"

url="http://www.whatsmyip.com.au"

tmp="/tmp/ip.tmp"

wget -q -O $tmp --user-agent="Mozilla/5.0 (Windows NT 5.2; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" $url

ip=`cat $tmp | grep "displayTextarea" | awk -F '>' '{ print $3 }' | sed 's#</textarea##'`

lastip=$(cat $log | tail -n 1 | awk -F ',' '{print $2}')

if [ -z ${lastip} ]

then

echo "$(date),${ip}" >> ${log}

exit 0

if [ ${lastip} == ${ip} ]

then

echo "Nothing changed."

else

echo "$(date),${ip}" >> ${log}

mail -s "IP Address Change (Local Rye)" ${email} < ${log}

DevOps, Experiment, IOT, Linux Administration, Raspberry Pi

Dump1090 to MySQL Script | send flight data from dump1090 to mysql

October 10, 2018 g33k Leave a comment

I wanted a script which would read all the live dump1090 aircraft data and log it to a mysql database.

This base script does it, it will dump all the data to Mysql every minute.

It will start the dump1090 server and kick off a process which reads/sorts and inserts.

#!/bin/bash

dbserver="localhost"
dbuser="flighttrax"
dbpw="flighttrax"
dbtable="flighttrax"
clientid="1000000"
core="/root/file.txt"
dump="/tmp/dump.txt"
selectdate=`date -d "1 min ago" '+%Y/%m/%d,%H:%M'`
listener="localhost"
listenerport="30003"
ncpid=`ps waux | grep "nc $listener $listenerport"| grep -v grep | awk '{print $2}'`
dumppid=`ps waux | grep "dump1090"| grep -v grep | awk '{print $2}'`
log="/var/log/flighttrax.log"

echo "`date`" >> $log
echo "`date` - Starting script" >> $log
echo "`date` - Netcat pid is $ncpid" >> $log
echo "`date` - Dump1090 pid is $dumppid" >> $log

if [ -z $dumppid ]
then
echo "`date` - Dump1090 not started yet" >> $log
/root/dump1090/dump1090 --net --quiet &
echo "`date` - Started Dump1090" >> $log
exit
fi

if [ -z $ncpid ]
then
echo "`date` - Netcat not started yet" >> $log
nc $listener $listenerport >> $core
echo "`date` - Started NC" >> $log
exit
fi

echo "`date` - Copying last minute" >> $log
cat $core | grep $selectdate > $dump
echo "`date` - Calculating Entries" >> $log
entries=`wc -l $dump`
echo "`date` - Total of $entries to import" >> $log
echo "`date` - Starting FOR statement" >> $log
for i in `cat $dump | awk -F ',' '{print $5}' | sort | uniq | sed '/^$/d'`
do

reg=$i
flightnum=`cat $dump | grep $i | awk -F ',' '{print $11}'| sort| uniq | sed '/^$/d'|awk '{print $1}'|sed 's/\r//'`
for i in `cat $dump | grep $reg | awk -F ',' '{print $7","$8","$15","$16","$12}'| sort| uniq | sed '/,,/d'`
do
date=`echo $i| awk -F ',' '{print $1}' | sed 's#/#-#g'`
time=`echo $i| awk -F ',' '{print $2}'`
lat=`echo $i| awk -F ',' '{print $3}'`
long=`echo $i| awk -F ',' '{print $4}'`
alt=`echo $i| awk -F ',' '{print $5}'`
echo "$reg,$flightnum,$date,$time,$lat,$long,$alt"
mysql -uflighttrax -pflighttrax flighttrax -e "INSERT INTO flighttrax VALUES ('','$clientid','$reg','$flightnum','$date $time','$lat','$long','$alt');"
done
done
echo "`date` - For completed" >> $log
echo "`date` - Deleting temp files" >> $log
rm $dump
echo "`date` - Done." >> $log

#!/bin/bash

dbserver="localhost"

dbuser="flighttrax"

dbpw="flighttrax"

dbtable="flighttrax"

clientid="1000000"

core="/root/file.txt"

dump="/tmp/dump.txt"

selectdate=`date -d "1 min ago" '+%Y/%m/%d,%H:%M'`

listener="localhost"

listenerport="30003"

ncpid=`ps waux | grep "nc $listener $listenerport"| grep -v grep | awk '{print $2}'`

dumppid=`ps waux | grep "dump1090"| grep -v grep | awk '{print $2}'`

log="/var/log/flighttrax.log"

echo "`date`" >> $log

echo "`date` - Starting script" >> $log

echo "`date` - Netcat pid is $ncpid" >> $log

echo "`date` - Dump1090 pid is $dumppid" >> $log

if [ -z $dumppid ]

then

echo "`date` - Dump1090 not started yet" >> $log

/root/dump1090/dump1090 --net --quiet &

echo "`date` - Started Dump1090" >> $log

exit

if [ -z $ncpid ]

then

echo "`date` - Netcat not started yet" >> $log

nc $listener $listenerport >> $core

echo "`date` - Started NC" >> $log

exit

echo "`date` - Copying last minute" >> $log

cat $core | grep $selectdate > $dump

echo "`date` - Calculating Entries" >> $log

entries=`wc -l $dump`

echo "`date` - Total of $entries to import" >> $log

echo "`date` - Starting FOR statement" >> $log

for i in `cat $dump | awk -F ',' '{print $5}' | sort | uniq | sed '/^$/d'`

reg=$i

flightnum=`cat $dump | grep $i | awk -F ',' '{print $11}'| sort| uniq | sed '/^$/d'|awk '{print $1}'|sed 's/\r//'`

for i in `cat $dump | grep $reg | awk -F ',' '{print $7","$8","$15","$16","$12}'| sort| uniq | sed '/,,/d'`

date=`echo $i| awk -F ',' '{print $1}' | sed 's#/#-#g'`

time=`echo $i| awk -F ',' '{print $2}'`

lat=`echo $i| awk -F ',' '{print $3}'`

long=`echo $i| awk -F ',' '{print $4}'`

alt=`echo $i| awk -F ',' '{print $5}'`

echo "$reg,$flightnum,$date,$time,$lat,$long,$alt"

mysql -uflighttrax -pflighttrax flighttrax -e "INSERT INTO flighttrax VALUES ('','$clientid','$reg','$flightnum','$date $time','$lat','$long','$alt');"

done

echo "`date` - For completed" >> $log

echo "`date` - Deleting temp files" >> $log

rm $dump

echo "`date` - Done." >> $log

Tech Interchange

Tag Archives: linux

Central Rsyslog server with TLS encrytion. | rsyslog log central splunk

Certificate setup.

Server Certificate.

Client Certificate.

Server Setup.

Client Setup.

Converting a text file from uppercase to lowercase. | converting text files from uppercase to lowercase

How to disable root access to RHEL Redhat systems. | disable root access linux

Syslog permissions blocking Splunk Access | syslog splunk permissions /var/log/messages

RHEL and Fedora setting password expiry | bash linux password expire chage

Setup a backup job for your LAMP sites. | Setup a backup job for your LAMP sites.

Finding deleted text on a Linux system using Grep | finding deleted text files using grep

Get an email when your public IP changes | get notified when your public ip changes.

Dump1090 to MySQL Script | send flight data from dump1090 to mysql

Projects, products and howtos