I want to code a simpe vpn as a part of my course work. I am looking for ways to start. Will be helpful if you guys could help me with resources
As a basic starting point, you need to be able to write a client/server setup in your language of choice that will transport over IP. Your VPN must also be able to present the operating system with a network interface. If you are using Linux, I suggest the tun/tap system interface. For reference, you could look at the code in qemu which does make use of those OS calls. For the encryption purposes, the OpenSSL library should be able to provide you with all the calls necessary.
I'm not sure what the ultimate requirements of your coursework are. You can build anything from a basic shared-symmetric key setup that can be quickly hacked up to the bottomless pit of trying to build a production worthy VPN system. You should mention your requirements.
Related
I'am going to communicate EtherCAT master(CX2020) with Linux OS PC(ubuntu) for storing value from PLC on server and writing also.
By EthearCAT network protcol, it should be availave to communicate with windows plc installed twincat.
But I couldn't find the way for Linux.
Is there any solution?
There are various ways for you to communicate with a CX2020 from Linux, it all depends on your requirements and what the usage is for.
Without knowing anything about those, one option is to use the Beckhoff ADS protocol. All Beckhoff PLCs have by default ADS installed on them and you can
(with the right credentials setup for ADS) communicate with the ADS-library. The good thing about ADS is that it is open-source, and thus it's possible to
get the code for Linux.
The ADS sourcecode is available at:
https://github.com/Beckhoff/ADS
You basically need to:
Compile/Install the library on your Linux machine
Create an ADS/AMS-route to your CX2020
Create a program that uses this route to communicate with the PLC
With ADS you can access the variables directly in the CX2020 memory (both read and write!).
There are many finished wrapper libraries available for all common programming languages that you can use directly in Linux. If you're up to Python, I would
recommend checking out PyADS (https://github.com/stlehmann/pyads), which has a good user base and many examples available all around the net.
Have you seen those apps which explore your local network looking for devices?
Well, I would like to know how they get (mostly) the names of devices!
Does anyone know? Because I am building an application which needs to get (if possible) the hostname of the local devices..
Local network device discovery is often done by a zeroconf implementation (e.g. Apple services typically use Bonjour services to discover local device names).
If you wanted to explore this type of service for use in nodeJS, then maybe have a look at https://github.com/agnat/node_mdns. I've never used it myself but it does seem reasonably popular and stable.
Otherwise just do some research generally around zeroconf/mdns and make a decision based on your needs.
When use wcdma module ,we should use ppp protocol to communicate with ppp server. But I can't see any file about ppp in NOKIA N9's filesystem.
So,How N9 use linux(harmattan) to dial to PPP server and then linked to internet ?
This question seems more suited to SuperUser.com - it is not related to programming. See the StackOverflow FAQ for more information on what kind of questions you can ask here.
Regardless of where you post a question, it would help all of us if you provided more context, preferably using full sentences. As it stands now, it is difficult to tell what your actual question is. Do you want to connect a computer to the internet using the phone? Do you want to use the phone itself to access the network?
It is also difficult to understand what the problem is. You should at least tell us what you have tried and where that failed.
Unless you pay more attention to your question, you will not get any meaningful answers. You should probably have a look here for a guide on asking questions.
You should keep in mind that hardware-related questions can usually be answered only by people that have access to that particular device. With the amount of information you are providing this question boils down to "How do I connect to a PPP server on Nokia N9?", which is impossible to answer, unless one has access to that particular phone model.
By providing more context, such as describing how the firmware in that phone is setup, you allow people that have more general experience on Linux and embedded devices to help you.
Since I do not have that particular device, I will take a shot in the dark and offer a few alternatives, in order of decreasing probability:
You may need to install additional packages. I believe that MeeGo uses Debian-style packages and the PPP-related packages may not be installed by default. You should have a look at your software repositories.
The PPP support does not have to be a module - it can be included in the main kernel binary. pppd could also be replaced by a custom binary, although that is not very common, even on embedded devices.
Are you absolutely certain that your current software configuration does not support PPP? How are you searching in the filesystem for PPP-related files? What are you expecting to find? Does using the phone UI to connect work?
There is a very slim chance that the default firmware does not support PPP at all - in that case you may have to install custom packages or even replace the firmware itself with a custom version.
i am newbie to Linux platform, i am working on java technology.
what i have to do is : Having a program that running on mobile devices,that sends some data to my Linux machine, now i have to create a program in java that
listen to a particular port.
access data comes on that port(which is sending by mobile device)
save that data to the database.
response back to the mobile device.
i.e. i would make my Linux system as server that can listen from many clients(mobile devices), but not getting how to configure this environment... :(
i used cent OS 5.4 and
installed jdk1.6.0_24
any help would be appreciated.....
thanx in advance!
khushi
One of Java's greatest strengths is that you can pretty much ignore the host operating system as long as you stick to core Java features. In the case you're describing, you should be able to accomplish everything by simply using the standard Java networking APIs and either the JDBC to access an existing, external database or you could choose any number of embedded Java databases such as Derby. For your stated use case, that you'll be running the application on Linux is pretty much irrelevant (which should be good news... you don't need to learn a whole operating system in addition to writing your app ;-).
Here's a nice client/server tutorial, in that it is broken into steps, and adds each new concept in another step.
Here's another client/server tutorial with much more detail.
I would write it to accept one connection at a time. Once that works, I would study the new(ish) java.lang.concurrent classes, in particular the ExecutorService, as a way of managing the worker bee handling each connection. Then change your program to handle multiple connections using those classes. Breaking it up in two steps like that will be a lot easier.
Is it possible to create GUI firewall that works as Windows and Mac counterparts? Per program basis. Popup notification window when specific program want to send\recv data from network.
If no, than why? What Linux kernel lacks to allow existence of such programs?
If yes, than why there aren't such program?
P.S. This is programming question, not user one.
Yes it's possible. You will need to setup firewall rules to route traffic through an userspace daemon, it'll involve quite a bit of work.
N/A
Because they're pretty pointless - if the user understands which programs he should block from net access he could just as well use one of multiple existing friendly netfilter/iptables frontends to configure this.
It is possible, there are no restrictions and at least one such application exists.
I would like to clarify a couple of points though.
If I understood this article correct, the firewalls mentioned here so far and iptables this question is tagged under are packet filters and accept and drop packets depending more on IP addresses and ports they come from/sent to.
What you describe looks more like mandatory access control to me. There are several utilities for that purpose in Linux - selinux, apparmor, tomoyo.
If I had to implement a graphical utility you describe, I would pick, for example, AppArmor, which supports whitelists, and, to some extent, dynamic profiling, and tried to make a GUI for it.
OpenSUSE's YaST features graphical interface for apparmor setup and 'learning' , but it is specific to the distribution.
So Linux users and administrators have several ways to control network (and files) access on per-application basis.
Why the graphical frontends for MAC are so few is another question. Probably it's because Linux desktop users tend to trust software they install from repositories and have less reasons to control them this way (if an application is freely distributed, it has less reasons to call home and packages are normally reviewed before they get to repositories) while administrators and power users are fine with command line.
As desktop Linux gets more popular and people install more software from AUR or PPA or even from gnome-look.org where packages and scripts are not reviewed that accurately (if at all) a demand for such type of software (user-friendly, simple to configure MAC) might grow.
To answer your 3rd point.
There is such a program which provides zenity popups, it is called Leopard Flower:
http://sourceforge.net/projects/leopardflower
Yes. Everything is possible
-
There are real antiviruses for linux, so there could be firewalls with GUI also. But as a linux user I can say that such firewall is not needed.
I reached that Question as i am currently trying to migrate from a Mac to Linux. There are a lot of applications I run on my Mac and on my Linux PC. Some of them I trust fully. But others I am not fully trusting. If they are installed from a source that checks them or not, do i have to trust them because someone else did? No, I am old enough to choose myself.
In times where privacy is getting more and more complicate to achieve, and Distributions exist that show that we should not trust everyone, I like to be in control of what my applications do. This control might not end at the connection to the network/Internet but it is what this question (and mine is about.
I have used LittleSnitch for MacOSX in the past years and I was surprised how often an application likes to access the internet without me even noticing. To check for updates, to call home, ...
Now where i would like to switch to Linux, I tried to find the same thing as I want to be in control of what leaves my PC.
During my research I found a lot of questions about that topic. This one, in my opinion, best describes what it is about. The question for me is the same. I want to know when an application tries to send or receive information over the network/internet.
Solutions like SELinux and AppAmor might be able to allow or deny such connections. Configuring them means a lot of manual configuration and does not inform when a new application tries to connect somewhere. You have to know which application you want to deny access to the network.
The existence of Douane (How to control internet access for each program? and DouaneApp.com) show that there is a need for an easy solution. There is even a Distribution which seems to have such a feature included. But i am not sure what Subgraph OS (subgraph.com) is using, but they state something like this on there website. It reads exactly like the initial question: "The Subgraph OS application firewall allows a user to control which applications can initiate outgoing connections. When an unknown application attempts to make an outgoing connection, the user will be prompted to allow or deny the connection on a temporary or permanent basis. This helps prevent malicious applications from phoning home."
As it seems to me, there are only two options at the moment. One is to Compiling Douane manually mysqlf or two, switch distribution to Subgraph OS. As one of the answers state, everything is possible - So i am surprised there is no other solution. Or is there?