DD-WRT:OTRW Package Tutorial

Table of Contents
* = Is a service controlled by the service tool

Threads of Insterest:

iptables-save?

Optware MMC Install - WRT54G-TM - DD-WRT v24-sp2 (07/21/09)

Still need info on:

cdrtools

ncursesw

ntfsprogs

openldap-libs

perl-compress-zlib

perl-html-parser

perl-html-tagset

perl-libwww

perl-uri

spawn-fcgi

automount
Service

Script written by frater

Automounting, Unmounting and Hotmounting of storage devices - Automatically mounts all recognized partitions and filesystem formats (including NTFS in K26).

Location of file that shows what is automounted is: /opt/etc/automount

Changing a partition mount so that automount will mount it example: service automount umount /tmp/c mount -n /dev/discs/disc0/part3 /jffs

Common Commands

service automount start - mount all partitions service automount stop - umount all partitions instead of the one to /opt service automount status - show all partitions service automount mount  - mount that partition service automount umount  - unmount that partition and remove it fromautomount service automount nomount - Do not automount this partition service automount nonomount - remove this partition from the nomount list

Backup/Restore on Different Hardware

 * Full Detail

This allows you to backup your settings on one router, change builds, and then restore the settings without having to reconfigure by hand (using old backups is NOT safe other than this method). Telnet into your router. Issue the "cd .." command twice to get to the root directory. "cd opt" to get to the /opt directory. "cd usr", then "cd sbin". (Someone with more linux experience should clean up these commands and simplify them. I have to stick with what works for me). Type "backupessential" and WAIT for about two minutes. Your nvram values are now backed up in your /opt/var/backups directory on your external hard drive. To restore them, after upgrading your firmware/changing routers and enabling usb access in services/usb, navigate to this folder and then execute permissions to run the script file by typing "chmod +x /backups/*.sh " Type "ls" and see the backups. Type "./{backupfilename.sh}" to restore that backup. The safest file to use is the one with "essentials" in the name. For further discussion on this see this page: http://www.dd-wrt.com/phpBB2/viewtopic.php?t=44324

bash
Bash Homepage

Bash Reference Manual

Bash (Unix shell) on Wikipedia

Bash instead of shell in busybox - (LFS support)

Bash is the shell, or command language interpreter, for the GNU operating system. The name is an acronym for the Bourne-Again SHell, a pun on Stephen Bourne, the author of the direct ancestor of the current Unix shell sh, which appeared in the Seventh Edition Bell Labs Research version of Unix.

Bash is largely compatible with sh and incorporates useful features from the Korn shell ksh and the C shell csh. It is intended to be a conformant implementation of the IEEE POSIX Shell and Tools portion of the IEEE POSIX specification (IEEE Standard 1003.1). It offers functional improvements over sh for both interactive and programming use.

While the GNU operating system provides other shells, including a version of csh, Bash is the default shell. Like other GNU software, Bash is quite portable. It currently runs on nearly every version of Unix and a few other operating systems - independently-supported ports exist for MS-DOS, OS/2, and Windows platforms.

Top

bc
http://www.gnu.org/software/bc/

bc is an arbitrary precision numeric processing language. Syntax is similar to C, but differs in many substantial areas. It supports interactive execution of statements. bc is a utility included in the POSIX P1003.2/D11 draft standard.

Since the POSIX document does not specify how bc must be implemented, this version does not use the historical method of having bc be a compiler for the dc calculator. This version has a single executable that both compiles the language and runs the resulting `byte code'. The byte code is not the dc language.

Online Manual is available at http://www.gnu.org/software/bc/manual, as well as one for dc.

bind
Package: bind

Version: 9.6.1.3-2

Depends: openssl

Status: install user installed

Architecture: mipsel

Home

Referance and Documentation

BIND on Wikipedia

BIND is by far the most widely used DNS software on the Internet. It provides a robust and stable platform on top of which organizations can build distributed computing systems with the knowledge that those systems are fully compliant with published DNS standards.

bzip2
http://www.bzip.org/

http://en.wikipedia.org/wiki/Bzip2

bzip2 is a freely available, patent free (see below), high-quality data compressor. It typically compresses files to within 10% to 15% of the best available techniques (the PPM family of statistical compressors), whilst being around twice as fast at compression and six times faster at decompression.

calc
http://isthe.com/chongo/tech/comp/calc/

http://www.linux.org/apps/AppId_2250.html

Calc is arbitrary precision arithmetic system that uses a C-like language. It's useful as a calculator, an algorithm prototype, and as a mathematical research tool. More importantly, calc provides a machine-independent means of computation. Calc comes with a rich set of builtin mathematical and programmatic functions.

colordiff
http://colordiff.sourceforge.net/

The Perl script colordiff is a wrapper for 'diff' and produces the same output but with pretty 'syntax' highlighting. Colour schemes can be customized.

coreutils
http://www.gnu.org/software/coreutils/

http://en.wikipedia.org/wiki/GNU_Core_Utilities

The GNU Core Utilities are the basic file, shell and text manipulation utilities of the GNU operating system. These are the core utilities which are expected to exist on every operating system.

Previously these utilities were offered as three individual sets of GNU utilities, Fileutils, Shellutils, and Textutils. Those three have been combined into a single set of utilities called Coreutils.

cyrus-sasl-libs
http://asg.web.cmu.edu/sasl/sasl-library.html

This is the Cyrus SASL API implentation. It can be used on the client or server side to provide authentication. See RFC 2222 for more information.

The following "core" mechanisms are included in this distribution:


 * ANONYMOUS
 * CRAM-MD5
 * PLAIN
 * GSSAPI (MIT Kerberos 5 or Heimdal Kerberos 5)
 * DIGEST-MD5

The distribution also includes these mechanisms:


 * LOGIN
 * SRP
 * NTLM
 * OTP
 * KERBEROS_V4

This software package contains encryption software. Be sure to abide by appropriate export rules if you download it.

The library uses the environment variable SASL_PATH to locate the directory where the mechanisms are; this should be a colon-seperated list of directories containing plugins; by default, it looks in /usr/lib/sasl2.

The library uses a gdbm or ndbm file on the server side to store per-user authentication secrets (except for the PLAIN mechanism, which tries to use PAM, or crypt with /etc/passwd and /etc/shadow, if available). The utility saslpasswd has been included for adding authentication secrets to the file.

The sample directory contains two programs which provide a reference for using the library, as well as making it easy to test a mechanism on the command line.

diffutils
http://www.gnu.org/software/diffutils/

GNU Diffutils is a package of several programs related to finding differences between files.

Computer users often find occasion to ask how two files differ. Perhaps one file is a newer version of the other file. Or maybe the two files started out as identical copies but were changed by different people.

You can use the diff command to show differences between two files, or each corresponding file in two directories. diff outputs differences between files line by line in any of several formats, selectable by command line options. This set of differences is often called a ‘diff’ or ‘patch’. For files that are identical, diff normally produces no output; for binary (non-text) files, diff normally reports only that they are different.

You can use the cmp command to show the offsets and line numbers where two files differ. cmp can also show all the characters that differ between the two files, side by side.

You can use the diff3 command to show differences among three files. When two people have made independent changes to a common original, diff3 can report the differences between the original and the two changed versions, and can produce a merged file that contains both persons' changes together with warnings about conflicts.

You can use the sdiff command to merge two files interactively

DNSBL
|Sun Dec 19, 2010

Today I added a new tool in OTRW intended to be used later on in conjunction with Zabbix.

It's a DNSBL tool

http://www.dnsbl.info/

DNSBL sounds complicated, but it isn't really. You can do a DNS-request for that DNSBL combined with your IP and if you get a 127.0.0.0/8 address as an answer, it means you are listed.

Anti-spam software (like ASSP I'm using) can do a quick lookup on these servers and can decide if they want to pass you or not.

If you are sending mail directly to the recipient's mailservers (not using your ISP's SMTP-server) you don't want to be on such a list.

That's where this script comes in. It will enable you to query almost 50 servers to see if you are listed.

If used with Zabbix, you can do an automated check every hour and get informed when something's wrong.....

I will post some more info later about zabbix integration.

For this to work you need to turn on rebinding again in DNSMasq as it otherwise doesn't work with these blocklists. Not even for your local linux box.

So "No Rebind" should be set to "disable" (can't this be changed in the webif?)

The damage will be limited as the script uses 8.8.8.8 as the DNS-server to query. Some servers (at least spamhaus.org) has that blocked.

e2fs
http://e2fsprogs.sourceforge.net/ext2.html

http://e2fsprogs.sourceforge.net

http://en.wikipedia.org/wiki/E2fsprogs

e2fslibs

The ext2, ext3 and ext4 file systems are successors of the original ext ("extended") file system. They are the main file system types used for hard disks on Debian and other Linux systems.

This package provides the ext2fs and e2p libraries, for userspace software that directly accesses extended file systems. Programs that use libext2fs include e2fsck, mke2fs, and tune2fs. Programs that use libe2p include dumpe2fs, chattr, and lsattr.

e2fsprogs

consists of e2fsck, mke2fs, debugfs, dumpe2fs, tune2fs, and most of the other core ext2fs filesystem utilities. Ext2/3/4 Filesystem Utilities

findutils
http://www.gnu.org/software/findutils/

The GNU Find Utilities are the basic directory searching utilities of the GNU operating system. These programs are typically used in conjunction with other programs to provide modular and powerful directory search and file locating capabilities to other commands.

The tools supplied with this package are:


 * find - search for files in a directory hierarchy
 * locate - list files in databases that match a pattern
 * updatedb - update a file name database
 * xargs - build and execute command lines from standard input

The find program searches a directory tree to find a file or group of files. It traverses the directory tree and reports all occurrences of a file matching the user's specifications. The find program includes very powerful searching capability.

The locate program scans one or more databases of filenames and displays any matches. This can be used as a very fast find command if the file was present during the last file name database update.

The updatedb program updates the file name database used by the locate program. The file name database contains lists of files that were in particular directory trees when the databases were last updated. This is usually run nightly by the cron system daemon.

The xargs program builds and executes command lines by gathering together arguments it reads on the standard input. Most often, these arguments are lists of file names generated by find.

fixtables
Service

Script written by frater

This service fixes vital security flaws (and overall improper default configuration) by creating additional iptable rulesets. It can also act as a way of Preventing Brute Force Attacks using the netfilter projects 'recent' matcher. It turns out that -m limit x/min is an improper way of enforcing this type of security.

It also adds the INVALID state, which inspects packets before they reach the WAN and automatically determines if they are, well, VALID! This will improve your network "cleanliness" quite a bit.

A few processes that the script handles are as follows:


 * 1) Moves traffic coming from lan to lan to top of FORWARD chain
 * 2) Removes lan2wan rule and only moves it back if it is in use with Access Restrictions
 * 3) Moves traffic coming from br0 to almost top of the INPUT chain
 * 4) Moves the RIP drop coming from LAN above the ACCEPT on the INPUT chain
 * 5) Moves traffic coming from local to almost top of the INPUT chain
 * 6) Creates an INVALID entry right after ESTABLISHED on the INPUT chain
 * 7) Creates a ratelimiter for PING (ICMP) on the INPUT chain from the WAN
 * 8) Moves Forwards to Lan IP from FORWARD to INPUT
 * 9) Sets a MaxLoginRate limit for Proftpd to 1/min
 * 10) Applies the [BRUTEPROTECT] mechanism even if your build does not have the recent module.
 * 11) Fixes the current loopback issue in current builds that is creating many problems for some...

The service is already enabled by default, but may require a start:

service fixtables on service fixtables start

gawk
http://www.gnu.org/software/gawk/

Many computer users need to manipulate text files: extract and then operate on data from parts of certain lines while discarding the rest, make changes in various text files wherever certain patterns appear, and so on. To write a program to do these things in a language such as C or Pascal is a time-consuming inconvenience that may take many lines of code. The job is easy with awk, especially the GNU implementation: Gawk.

The awk utility interprets a special-purpose programming language that makes it possible to handle many data-reformatting jobs with just a few lines of code.

gdbm
http://www.gnu.org/software/gdbm/

http://en.wikipedia.org/wiki/Dbm

GNU dbm is a set of database routines that use extensible hashing. It works similar to the standard UNIX dbm routines.

getopt
http://www.gnu.org/s/libc/manual/html_node/Getopt.html

The getopt and getopt_long functions automate some of the chore involved in parsing typical unix command line options.

gettext
http://www.gnu.org/software/gettext/

Usually, programs are written and documented in English, and use English at execution time for interacting with users. This is true not only from within GNU, but also in a great deal of proprietary and free software. Using a common language is quite handy for communication between developers, maintainers and users from all countries. On the other hand, most people are less comfortable with English than with their own native language, and would rather be using their mother tongue for day to day's work, as far as possible. Many would simply love seeing their computer screen showing a lot less of English, and far more of their own language.

GNU `gettext' is an important step for the GNU Translation Project, as it is an asset on which we may build many other steps. This package offers to programmers, translators, and even users, a well integrated set of tools and documentation. Specifically, the GNU `gettext' utilities are a set of tools that provides a framework to help other GNU packages produce multi-lingual messages. These tools include a set of conventions about how programs should be written to support message catalogs, a directory and file naming organization for the message catalogs themselves, a runtime library supporting the retrieval of translated messages, and a few stand-alone programs to massage in various ways the sets of translatable strings, or already translated strings. A special GNU Emacs mode also helps interested parties in preparing these sets, or bringing them up to date.

Online Manual is available at http://www.gnu.org/software/gettext/manual/gettext.html

The Frequently Asked Questions and their answers are at http://www.gnu.org/software/gettext/FAQ.html

glib
http://library.gnome.org/devel/glib/

http://en.wikipedia.org/wiki/GLib

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures.

httping
http://www.vanheusden.com/httping/

Httping is like 'ping' but for http-requests. Give it an url, and it'll show you how long it takes to connect, send a request and retrieve the reply (only the headers). Be aware that the transmission across the network also takes time! So it measures the latency of the webserver + network.

inetutils
http://www.gnu.org/software/inetutils/

Inetutils is a collection of common network programs. It includes:


 * An ftp client and server.
 * A telnet client and server.
 * An rsh client and server.
 * An rlogin client and server.
 * A tftp client and server.
 * And much more...

Most of them are improved versions of programs originally from BSD. Some others are original versions, written from scratch.

ipcalc
http://linux.about.com/library/cmd/blcmdl1_ipcalc.htm

http://linuxappfinder.com/package/ipcalc

http://linux.die.net/man/1/ipcalc

ipcalc provides a simple way to calculate IP information for a host. The various options specify what information ipcalc should display on standard out. Multiple options may be specified. An IP address to operate on must always be specified. Most operations also require a netmask or a CIDR prefix as well.

less
http://en.wikipedia.org/wiki/Less_%28Unix%29

http://linux.about.com/library/cmd/blcmdl1_less.htm

Less is a program similar to more (1), but which allows backward movement in the file as well as forward movement. Also, less does not have to read the entire input file before starting, so with large input files it starts up faster than text editors like vi (1). Less uses termcap (or terminfo on some systems), so it can run on a variety of terminals. There is even limited support for hardcopy terminals. (On a hardcopy terminal, lines which should be printed at the top of the screen are prefixed with a caret.)

Commands are based on both more and vi. Commands may be preceded by a decimal number, called N in the descriptions below. The number is used by some commands, as indicated.

libcurl
http://curl.haxx.se/

http://curl.haxx.se/libcurl/

http://en.wikipedia.org/wiki/CURL

A free and easy-to-use client-side URL transfer library, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, FILE, LDAP, LDAPS · IMAP, POP3, SMTP and RTSP (the last four—only in versions newer than 7.20.0 or 9 February 2010). libcurl supports HTTPS certificates, HTTP POST, HTTP PUT, FTP uploading, kerberos, HTTP form based upload, proxies, cookies, user+password authentication, file transfer resume, http proxy tunneling and more.

libcurl is portable. It builds and works identically on several platforms, including Solaris, NetBSD, FreeBSD, OpenBSD, Darwin, HPUX, IRIX, AIX, Tru64, Linux, UnixWare, HURD, Windows, Symbian, Amiga, OS/2, BeOS, Mac OS X, Ultrix, QNX, OpenVMS, RISC OS, Novell NetWare, DOS and more.

libcurl is free, thread-safe, IPv6 compatible, feature rich, supported and fast. Software programmers may incorporate libcurl into their programs. Bindings in more than 40 languages are available for libcurl.

libdb
http://sourceforge.net/projects/libdb/

http://linux.about.com/cs/linux101/g/libdb.htm

LibDB is a library and asset management system inspired by the Functional Requirements for Bibliographic Record, RDF triples, and end-usability. In English, you'll be able to smartly and easily catalog your movies, books, magazines, comics, etc.

libevent
http://monkey.org/~provos/libevent/

http://en.wikipedia.org/wiki/Libevent

The libevent API provides a mechanism to execute a callback function when a specific event occurs on a file descriptor or after a timeout has been reached. Furthermore, libevent also support callbacks due to signals or regular timeouts.

libevent is meant to replace the event loop found in event driven network servers. An application just needs to call event_dispatch and then add or remove events dynamically without having to change the event loop.

libidn
http://www.gnu.org/software/libidn/

http://www.gnu.org/software/libidn/manual/

NU Libidn is a fully documented implementation of the Stringprep, Punycode and IDNA specifications. Libidn's purpose is to encode and decode internationalized domain names. The native C, C# and Java libraries are available under the GNU Lesser General Public License version 2.1 or later.

The library contains a generic Stringprep implementation. Profiles for Nameprep, iSCSI, SASL, XMPP and Kerberos V5 are included. Punycode and ASCII Compatible Encoding (ACE) via IDNA are supported. A mechanism to define Top-Level Domain (TLD) specific validation tables, and to compare strings against those tables, is included. Default tables for some TLDs are also included.

The Stringprep API consists of two main functions, one for converting data from the system's native representation into UTF-8, and one function to perform the Stringprep processing. Adding a new Stringprep profile for your application within the API is straightforward. The Punycode API consists of one encoding function and one decoding function. The IDNA API consists of the ToASCII and ToUnicode functions, as well as an high-level interface for converting entire domain names to and from the ACE encoded form. The TLD API consists of one set of functions to extract the TLD name from a domain string, one set of functions to locate the proper TLD table to use based on the TLD name, and core functions to validate a string against a TLD table, and some utility wrappers to perform all the steps in one call.

libjpeg
http://www.ijg.org/

http://en.wikipedia.org/wiki/Libjpeg

libjpeg is a library written entirely in C which contains a widely-used implementation of a JPEG decoder, JPEG encoder and other JPEG utilities. This library is maintained by the Independent JPEG Group.

libpar2
http://sourceforge.net/projects/parchive/files/libpar2/

Providing a tool to apply the data-recovery capability concepts of RAID-like systems to the posting & recovery of multi-part archives on Usenet.

libpcap
http://sourceforge.net/projects/libpcap/

libpcap is a system-independent interface for user-level packet capture. libpcap provides a portable framework for low-level network monitoring. Applications includenetwork statistics collection, security monitoring, network debugging, etc.

libsigc++
http://libsigc.sourceforge.net/

libsigc++ implements a typesafe callback system for standard C++. It allows you to define signals and to connect those signals to any callback function, either global or a member function, regardless of whether it is static or virtual.

It also contains adaptor classes for connection of dissimilar callbacks and has an ease of use unmatched by other C++ callback libraries. Libsigc++ is licensed under the GNU Library General Public License

libusb
http://www.libusb.org/

http://en.wikipedia.org/wiki/Libusb

libusb is a suite of user-mode routines for controlling data transfer to and from USB devices on Unix-like systems without the need for kernel-mode drivers.

libxml2
http://xmlsoft.org/

http://en.wikipedia.org/wiki/Libxml2

Libxml2 is the XML C parser and toolkit developed for the Gnome project (but usable outside of the Gnome platform), it is free software available under the MIT License. XML itself is a metalanguage to design markup languages, i.e. text language where semantic and structure are added to the content using extra "markup" information enclosed between angle brackets. HTML is the most well-known markup language. Though the library is written in C a variety of language bindings make it available in other environments.

Libxml2 is known to be very portable, the library should build and work without serious troubles on a variety of systems (Linux, Unix, Windows, CygWin, MacOS, MacOS X, RISC Os, OS/2, VMS, QNX, MVS, VxWorks, ...)

libxslt
http://xmlsoft.org/XSLT/

http://linux.about.com/cs/linux101/g/libxslt.htm

http://en.wikipedia.org/wiki/Libxslt

Libxslt is the XSLT C library developed for the GNOME project. XSLT itself is a an XML language to define transformation for XML. Libxslt is based on libxml2 the XML C library developed for the GNOME project. It also implements most of the EXSLT set of processor-portable extensions functions and some of Saxon's evaluate and expressions extensions.

People can either embed the library in their application or use xsltproc the command line processing tool. This library is free software and can be reused in commercial applications (see the intro)

lighttpd
http://www.lighttpd.net/

Service

A fast webserver with minimal memory footprint.

Security, speed, compliance, and flexibility -- all of these describe lighttpd (pron. lighty) which is rapidly redefining efficiency of a webserver; as it is designed and optimized for high performance environments. With a small memory footprint compared to other web-servers, effective management of the cpu-load, and advanced feature set (FastCGI, SCGI, Auth, Output-Compression, URL-Rewriting and many more) lighttpd is the perfect solution for every server that is suffering load problems. And best of all it's Open Source licensed under the revised BSD license.

lsof
http://linux.about.com/library/cmd/blcmdl8_lsof.htm

http://www.linux.com/archive/feed/58142

http://www.dedoimedo.com/computers/lsof.html

lsof is one of the more important tools you can use on your Linux box. Its name is somewhat misleading. lsof stands for list open files, but the term files fails to impact the true significance of power. That is, unless you remember the fundamental lesson, in Linux everything is a file.

m4
http://linux.about.com/cs/linux101/g/m4.htm

m4: a macro processing language GNU `m4' is an implementation of the traditional UNIX macro processor. It is mostly SVR4 compatible, although it has some extensions (for example, handling more than 9 positional parameters to macros). `m4' also has builtin functions for including files, running shell commands, doing arithmetic, etc. Autoconf needs GNU `m4' for generating `configure' scripts, but not for running them.

make
http://linux.about.com/library/cmd/blcmdl1_make.htm

The purpose of the make utility is to determine automatically which pieces of a large program need to be recompiled, and issue the commands to recompile them. The manual describes the GNU implementation of make, which was written by Richard Stallman and Roland McGrath. Our examples show C programs, since they are most common, but you can use make with any programming language whose compiler can be run with a shell command. In fact, make is not limited to programs. You can use it to describe any task where some files must be updated automatically from others whenever the others change.

To prepare to use make, you must write a file called the makefile that describes the relationships among files in your program, and the states the commands for updating each file. In a program, typically the executable file is updated from object files, which are in turn made by compiling source files.

Once a suitable makefile exists, each time you change some source files, this simple shell command:


 * make

suffices to perform all necessary recompilations. The make program uses the makefile data base and the last-modification times of the files to decide which of the files need to be updated. For each of those files, it issues the commands recorded in the data base.

make executes commands in the makefile to update one or more target names, where name is typically a program. If no -f option is present, make will look for the makefiles GNUmakefile, makefile, and Makefile, in that order.

Normally you should call your makefile either makefile or Makefile. (We recommend Makefile because it appears prominently near the beginning of a directory listing, right near other important files such as README.) The first name checked, GNUmakefile, is not recommended for most makefiles. You should use this name if you have a makefile that is specific to GNU make, and will not be understood by other versions of make. If makefile is `-', the standard input is read.

make updates a target if it depends on prerequisite files that have been modified since the target was last modified, or if the target does not exist.

mc
http://www.midnight-commander.org/

http://linuxreviews.org/man/mc/

http://en.wikipedia.org/wiki/Midnight_Commander

GNU Midnight Commander is a visual file manager, licensed under GNU General Public License and therefore qualifies as Free Software. It's a feature rich full-screen text mode application that allows you to copy, move and delete files and whole directory trees, search for files and run commands in the subshell. Internal viewer and editor are included.

Midnight Commander is based on versatile text interfaces, such as Ncurses or S-Lang, which allows it to work on a regular console, inside an X Window terminal, over SSH connections and all kinds of remote shells.

This site hosts the new home of the Midnight Commander. Due to the recent restructuring of the development team, the main project repository was moved from Savannah to this new Git repository.

modutils
http://linux.about.com/cs/linux101/g/modutils.htm

The modutils packages includes the kerneld program for automaticloading and unloading of modules under 2.2 and 2.4 kernels, as well as other module management programs. Examples of loaded and unloaded modules are device drivers and filesystems, as well as some other things.

named
See bind

Service

Script written by frater

ncdu
http://dev.yorhel.nl/ncdu

NCurses Disk Usage - Not quite happy with the available disk usage analyzers and looking for a fun project to get used to C programming, I started working on ncdu: A disk usage analyzer with an ncurses interface, aimed to be run on a remote server where you don't have an entire gaphical setup, but have to do with a simple SSH connection. ncdu aims to be fast, simple and easy to use, and should be able to run in any minimal POSIX-like environment with ncurses installed.

ncurses
http://www.gnu.org/software/ncurses/

http://www.linux.org/docs/ldp/howto/NCURSES-Programming-HOWTO/index.html

The Ncurses (new curses) library is a free software emulation of curses in System V Release 4.0, and more. It uses Terminfo format, supports pads and color and multiple highlights and forms characters and function-key mapping, and has all the other SYSV-curses enhancements over BSD Curses.

The ncurses code was developed under GNU/Linux. It has been in use for some time with OpenBSD as the system curses library, and on FreeBSD and NetBSD as an external package. It should port easily to any ANSI/POSIX-conforming UNIX. It has even been ported to OS/2 Warp!

The distribution includes the library and support utilities, including a terminfo compiler tic, a decompiler infocmp, clear, tput, tset, and a termcap conversion tool captoinfo. Full manual pages are provided for the library and tools.

net-tools
http://www.linuxfoundation.org/collaborate/workgroups/networking/net-tools

A collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. This package includes arp(8), hostname(1), ifconfig(8), ipmaddr, iptunnel, mii-tool(8), nameif(8), netstat(8), plipconfig(8), rarp(8), route(8) and slattach(8).

netcat
http://netcat.sourceforge.net/

http://en.wikipedia.org/wiki/Netcat


 * Netcat is a featured networking utility which reads and writes data across network connections, using the TCP/IP protocol.

It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities.

It provides access to the following main features:


 * Outbound and inbound connections, TCP or UDP, to or from any ports.
 * Featured tunneling mode which allows also special tunneling such as UDP to TCP, with the possibility of specifying all network parameters (source port/interface, listening port/interface, and the remote host allowed to connect to the tunnel.
 * Built-in port-scanning capabilities, with randomizer.
 * Advanced usage options, such as buffered send-mode (one line every N seconds), and hexdump (to stderr or to a specified file) of trasmitted and received data.
 * Optional RFC854 telnet codes parser and responder.

The GNU Netcat is distributed freely under the GNU General Public License (GPL).

Network printing
See p910nd

Service

Plug a USB printer into your router and let anyone on the LAN (or even WAN) print.

A very convenient service for allowing users on your network to print to a dedicated print server. To get this to work, make sure you have the LATEST build!

After plugging your USB printer in, open up a Telnet/SSH prompt and type service xinetd on followed by service xinetd start. After that type service watchprinter start. Wait about 5 minutes and then setup your printer in Printers and Faxes. This procedure is documented both Here and the net.

ntfs-3g
http://www.tuxera.com/products/ntfs-open-source/

http://en.wikipedia.org/wiki/NTFS-3G

http://www.tuxera.com/community/

Tuxera’s developers have been active contributors to open source and free software for the past 15 years. Some of the major achievements and contributions still being developed and maintained by us today:


 * Linux NTFS kernel driver, included in all Linux 2.6 kernels.
 * NTFS-3G read/write NTFS driver for Linux, Mac OS X, FreeBSD, NetBSD, OpenSolaris, QNX, Haiku, and other operating systems. The driver is used by millions of computers for reliable data exchange and referenced in over 45 computer books.
 * Ntfsprogs is a wide collection of NTFS utilities. The most notable ones are to create, resize, clone, backup, restore, label, repair, investigate NTFS volumes.
 * POSIX File System Test Suite is widely used by many file system developers.

ntfsprogs
http://www.tuxera.com/community/

Ntfsprogs is a wide collection of NTFS utilities. The most notable ones are to create, resize, clone, backup, restore, label, repair, investigate NTFS volumes.

nzbget
Service

http://nzbget.sourceforge.net/Overview

NZBGet is a command-line based binary newsgrabber for nzb files, written in C++. It supports client/server mode, automatic par-check/-repair and web-interface (via additional package). NZBGet requires low system resources and runs great on routers and NAS-devices.

NZBGet can be used in standalone and in server/client modes. In standalone mode you pass a nzb-file as parameter in command-line, NZBGet downloads listed files and then exits. In server/client mode NZBGet runs as server in background. Then you use client to send requests to server. The sample requests are: download nzb-file, list files in queue, etc.

Standalone-tool, server and client are all contained in only one executable file "nzbget". The mode in which the program works depends on command-line parameters passed to the program.

Top

openldap-libs
http://www.openldap.org/

OpenLDAP Software is an open source implementation of the Lightweight Directory Access Protocol.

openssl
http://www.openssl.org/

http://en.wikipedia.org/wiki/OpenSSL

The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation.

OpenSSL is based on the excellent SSLeay library developed by Eric A. Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an Apache-style licence, which basically means that you are free to get and use it for commercial and non-commercial purposes subject to some simple license conditions.

p910nd
http://p910nd.sourceforge.net/

p910nd is a small printer daemon intended for diskless workstations that does not spool to disk but passes the job directly to the printer. Normally a lpr daemon on a spooling host connects to it with a TCP connection on port 910n (where n=0, 1, or 2 for lp0, 1 and 2 respectively). p910nd is particularly useful for diskless Linux workstations such as those set up with LTSP and embedded devices that have a printer hanging off them. Common Unix Printing System (CUPS) supports this protocol, it's called the AppSocket protocol and has the scheme socket://. LPRng also supports this protocol and the syntax is lp=remotehost%9100 in /etc/printcap.

par2cmdline
http://parchive.sourceforge.net/

The original idea behind this project was to provide a tool to apply the data-recovery capability concepts of RAID-like systems to the posting and recovery of multi-part archives on Usenet. We accomplished that goal. Our new goal with version 2.0 of the specification is to improve. It extends the idea of version 1.0 and takes the recovery process beyond the file-level barrier. This allows for more effective protection with less recovery data, and removes some previous limitations on the number of recoverable parts.

pcre
http://www.pcre.org/

http://en.wikipedia.org/wiki/Perl_Compatible_Regular_Expressions

The PCRE library is a set of functions that implement regular expression pattern matching using the same syntax and semantics as Perl 5. PCRE has its own native API, as well as a set of wrapper functions that correspond to the POSIX regular expression API. The PCRE library is free, even for building proprietary software.

perl
http://www.perl.com/

http://www.perl.com/pub/q/documentation

http://linux.about.com/library/cmd/blcmdl1_perl.htm

Perl is a language optimized for scanning arbitrary text files, extracting information from those text files, and printing reports based on that information. It's also a good language for many system management tasks. The language is intended to be practical (easy to use, efficient, complete) rather than beautiful (tiny, elegant, minimal).

php
http://php.net/

PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. If you are new to PHP and want to get some idea of how it works, try the introductory tutorial. After that, check out the online manual, and the example archive sites and some of the other resources available in the links section.

php-fcgi
http://www.nslu2-linux.org/wiki/HowTo/DeployPHPWebAppUsingFastCGI

http://www.fastcgi.com/drupal/

About FastCGI


 * FastCGI is simple because it is actually CGI with only a few extensions. Like CGI, FastCGI is also language-independent. For instance, FastCGI provides a way to improve the performance of the thousands of Perl applications that have been written for the Web.
 * Like CGI, FastCGI runs applications in processes isolated from the core Web server, which provides greater security than APIs. (APIs link application code into the core Web server, which means that a bug in one API-based application can corrupt another application or the core server; a malicious API-based application can, for example, steal key security secrets from another application or the core server.)
 * Although FastCGI cannot duplicate the universality of CGI overnight, the FastCGI developers are committed to propagating FastCGI as an open standard. To that end, free FastCGI application libraries (C/C++, Java, Perl, Tcl) and upgrade modules for popular free servers (Apache, ISS, Lighttpd) are available.
 * Like CGI, FastCGI is not tied to the internal architecture of any Web server and is therefore stable even when server technology changes. An API reflects the internal architecture of a Web server, so when that architecture changes, so does the API.

Not only does FastCGI restore the strengths of CGI, it also adds two new benefits:


 * Distributed computing: Companies can run their FastCGI application on a different machine from the one on which they run their Web server. Distributed computing is a proven technique for scaling, linking to existing corporate systems, improving system availability, and improving security via compartmentalization, such as firewalls.
 * Multiple and extensible roles: CGI applications compute the response to an HTTP request. FastCGI applications can do that and more, such as perform modular authentication and authorization checks and translate data from one type to another. FastCGI is designed so that more roles can be introduced in the future.

pixelserv
Service

A super minimal webserver, it's one and only purpose is serving a 1x1 pixel transparent gif file. Using some creative firewalling (netfilter/iptables) rules you can redirect some webrequests (for adds for example) to pixelserv. http://proxytunnel.sourceforge.net/pixelserv.php

popt
http://linux.about.com/cs/linux101/g/popt.htm

http://linux.about.com/library/cmd/blcmdl3_popt.htm

Popt is a C library for parsing command line parameters. Popt was heavily influenced by the getopt and getopt_long functions, but it improves on them by allowing more powerful argument expansion. Poptcan parse arbitrary argv[] style arrays and automatically set variables based on command line arguments. Popt allows command line arguments to be aliased via configuration files and includes utility functions for parsing arbitrary strings into argv[] arrays using shell-like rules.

pound
http://www.apsis.ch/pound/

Service

A lightweight open source reverse proxy program suitable to be used as a web server load balancing solution.

The Pound program is a reverse proxy, load balancer and HTTPS front-end for Web server(s). Pound was developed to enable distributing the load among several Web-servers and to allow for a convenient SSL wrapper for those Web servers that do not offer it natively.

procps
http://procps.sourceforge.net/

procps is the package that has a bunch of small useful utilities that give information about processes using the /proc filesystem. The package includes the programs ps, top, vmstat, w, kill, free, slabtop, and skill.

psmisc
http://psmisc.sourceforge.net/

This PSmisc package is a set of some small useful utilities that use the proc filesystem.

psmisc
http://psmisc.sourceforge.net/

This PSmisc package is a set of some small useful utilities that use the proc filesystem. We're not about changing the world, but providing the system administrator with some help in common tasks.

psutils
http://www.tardis.ed.ac.uk/~ajcd/psutils/

PSUtils is a collection of useful utilities for manipulating PostScript documents. Programs included are psnup, for placing out several logical pages on a single sheet of paper, psselect, for selecting pages from a document, pstops, for general imposition, psbook, for signature generation for booklet printing, and psresize, for adjusting page sizes.

readline
http://tiswww.case.edu/php/chet/readline/rltop.html

http://en.wikipedia.org/wiki/GNU_readline

The GNU Readline library provides a set of functions for use by applications that allow users to edit command lines as they are typed in. Both Emacs and vi editing modes are available. The Readline library includes additional functions to maintain a list of previously-entered command lines, to recall and perhaps reedit those lines, and perform csh-like history expansion on previous commands.

The history facilites are also placed into a separate library, the History library, as part of the build process. The History library may be used without Readline in applications which desire its capabilities.

samba2
http://www.samba.org/

http://samba.netfirms.com/index.htm - Tutorial for reference

http://wiki.samba.org/index.php/Main_Page

Use Samba With Windows 7 Clients

Service

About

As the front page at samba.org says, "Samba is an Open Source/Free Software suite that provides seamless file and print services to SMB/CIFS clients." Samba is freely available, unlike other SMB/CIFS implementations, and allows for interoperability between Linux/Unix servers and Windows-based clients.

Accessing the GUI http://your.routers.ip:901

Tutorial for removing samba2 and installing samba3.5 here.

sed
http://lowfatlinux.com/linux-sed.html

http://www.oracle.com/technology/pub/articles/dulaney_sed.html

http://www.panix.com/~elflord/unix/sed.html

Sed works as follows: it reads from the standard input, one line at a time. for each line, it executes a series of editing commands, then the line is written to STDOUT. An example which shows how it works : we use the s sommand. s means "substitute" or search and replace. The format is

s/regular-expression/replacement text/{flags}

service tool
Control all of services.

Script written by frater

slang
http://space.mit.edu/~davis/slang/

S-Lang is a multi-platform programmer's library designed to allow a developer to create robust multi-platform software.

It provides facilities required by interactive applications such as display/screen management, keyboard input, keymaps, and so on. The most exciting feature of the library is the slang interpreter that may be easily embedded into a program to make it extensible.

The language features both global and local variables, branching and looping constructs, user-defined functions, structures, datatypes, and arrays. In addition, there is limited support for pointer types. The concise array syntax rivals that of commercial array-based numerical computing environments.

The language provides built-in support for string, integer (signed and unsigned long and short), double precision floating point, and double precision complex numbers. In addition, it supports user defined structure types, multi-dimensional array types, and associative arrays.

To facilitate the construction of sophisticated data structures such as linked lists and trees, a `reference' type was added to the language. The reference type provides much of the same flexibility as pointers in other languages. Finally, applications embedding the interpreter may also provide special application specific types, such as the Mark_Type that the jed editor provides.

The language provides standard arithmetic operations such as addition, subtraction, multiplication, and division. It also provides support for modulo arithmetic as well as operations at the bit level, e.g., exclusive-or. Any binary or unary operator may be extended to work with any data type. For example, the addition operator (+) has been extended to work between string types to permit string concatenation.

The binary and unary operators work transparently with array types. For example, if a and b are arrays, then a + b produces an array whose elements are the result of element by element addition of a and b. This permits one to do vector operations without explicitly looping over the array indices.

spawn-fcgi
http://redmine.lighttpd.net/projects/spawn-fcgi/

sqlite
http://www.sqlite.org/

http://en.wikipedia.org/wiki/SQLite

SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine. SQLite is the most widely deployed SQL database engine in the world. The source code for SQLite is in the public domain.

stophack
Service

Script written by frater

This CRON script will check /var/log/messages for pound entries that are malicious and put the IP's in /opt/etc/asia.spam. The AsiaBlock service MUST be running for this to work.

stophammer
A very unique and ingenious script written by frater. The service essentially monitors /var/log/messages for ANY evidence of a brute-force/DoS attack/etc. It works as a cron-job that monitors syslogd (must be enabled to work!) every 15 minutes for any signs of a malicious user or users attempting to probe open ports on your network. Once the user(s) are detected, it appends the IP(s) to a custom iptables chain called "syn-flood". Once the flood is detected, the service outputs the iptables chain to a file located in /opt/etc/iptables.hammer.rules, which can also be customized.

To enable the service, and make sure it is working, do the following:

service stophammer on service stophammer start

To make sure it is working, open up a shell prompt and enter the following:

tail -f /var/log/messages

Now go to a port scanning site (my personal favorite is ShieldsUp!) and watch what happens ;)

https://www.grc.com/x/ne.dll?bh0bkyd2

sudo
http://www.gratisoft.us/sudo/

http://en.wikipedia.org/wiki/Sudo

Sudo (su "do") allows a system administrator to delegate authority to give certain users (or groups of users) the ability to run some (or all) commands as root or another user while providing an audit trail of the commands and their arguments.

tar
http://www.gnu.org/software/tar/

http://en.wikipedia.org/wiki/Tar_%28file_format%29

The Tar program provides the ability to create tar archives, as well as various other kinds of manipulation. For example, you can use Tar on previously created archives to extract files, to store additional files, or to update or list files which were already stored.

Initially, tar archives were used to store files conveniently on magnetic tape. The name "Tar" comes from this use; it stands for tape archiver. Despite the utility's name, Tar can direct its output to available devices, files, or other programs (using pipes), it can even access remote devices or files (as archives).

tcpdump
http://www.tcpdump.org/

http://en.wikipedia.org/wiki/Tcpdump

tcpdump is a common packet analyzer that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. It was originally written in 1987 by Van Jacobson, Craig Leres and Steven McCanne who were, at the time, working in the Lawrence Berkeley Laboratory Network Research Group

termcap
http://en.wikipedia.org/wiki/Termcap

http://www.gnu.org/software/termutils/manual/termcap-1.3/html_mono/termcap.html

Termcap is a library and data base that enables programs to use display terminals in a terminal-independent manner. It originated in Berkeley Unix.

The termcap data base describes the capabilities of hundreds of different display terminals in great detail. Some examples of the information recorded for a terminal could include how many columns wide it is, what string to send to move the cursor to an arbitrary position (including how to encode the row and column numbers), how to scroll the screen up one or several lines, and how much padding is needed for such a scrolling operation.

The termcap library is provided for easy access this data base in programs that want to do terminal-independent character-based display output.

This manual describes the GNU version of the termcap library, which has some extensions over the Unix version. All the extensions are identified as such, so this manual also tells you how to use the Unix termcap.

The GNU version of the termcap library is available free as source code, for use in free programs, and runs on Unix and VMS systems (at least). You can find it in the GNU Emacs distribution in the files `termcap.c' and `tparam.c'.

transmission
http://www.transmissionbt.com/

Service

About

Torrent transmission with watchdog - Including Bittorrent transmission with Web Administration

Transmission is a cross-platform BitTorrent client that is: Free and Community-Driven. Transmission is made by volunteers, so it won't be "monetized". We won't sell your bandwidth to Sony-BMG, save some features for a premium version, bundle third-party junk, or charge for upgrades... what you see is what you get, with no hidden surprises. If you'd like to check under the hood to see for yourself, the source code is available for anyone to read.

If you're a programmer, translator, tester, web designer, graphic artist, or a regular person who wants to help, we happily welcome volunteers. :) Easy.

Transmission is designed to for easy, powerful use. We've set the defaults to "Just Work" and it only takes a few clicks to configure advanced features like watch directories, bad peer blocklists, and the web interface. When Ubuntu chose Transmission as its default BitTorrent client, one of the most-cited reasons was its easy learning curve. Lean.

Transmission has the lowest memory footprint of any major BitTorrent client. Imageshack chose Transmission for its BitTorrent farms because the competition "requires amounts of memory several times greater than Transmission". The headless version of Transmission is the client of choice on low-memory hardware, leading many users to install it on their routers to leave running 24/7. Some commercial devices ship with it preinstalled. Native.

Unlike many cross-platform applications, Transmission integrates seamlessly with your operating system.

The Mac OS X interface is written in Objective-C and uses Growl notifications and dock badging to keep you informed.

"It's fast, it's extremely lightweight, and — even though it's available for a variety of platforms — it behaves just as you'd expect a Mac program to." Macworld, naming Transmission a "Mac Gem"

The GTK+ interface has been carefully written to follow the GNOME Human Interface Guidelines. If your desktop supports popup notifications, desktop sounds, and a system tray, the GTK+ interface will make use of them. Powerful.

Transmission has the features you want from a BitTorrent client: encryption, a web interface, peer exchange, magnet links, DHT, UPnP and NAT-PMP port forwarding, webseed support, watch directories, tracker editing, global and per-torrent speed limits, and more.

Accessing the GUI http://your.routers.ip:9091

twonky
http://www.twonkymedia.com/

Service

About

Twonky Media - Share your media on compatible devices throughout your home.

Accessing the GUI http://your.routers.ip:9000

uclibc-opt
http://www.nslu2-linux.org/wiki/FAQ/Optware-uClibcBuild

The main feature of this packages is that it installs all required files under /opt with 1000+ ported applications. With buildroot toolchain and patched uClibc search paths feed also added system library indenpendence. This means that packages now depends on /opt/lib/uClibc.so and dynamic loader also in /opt/lib with separate /opt/etc/ld-opt.so.conf for custom .so cache.

unrar
http://linuxappfinder.com/package/unrar

Unrar can extract files from .rar archives. If you want to create .rar archives, install package rar.

unzip
http://linuxappfinder.com/package/unzip

InfoZIP's unzip program. With the exception of multi-volume archives (ie, .ZIP files that are split across several disks using PKZIP's /& option), this can handle any file produced either by PKZIP, or the corresponding InfoZIP zip program.

usbutils
http://www.linuxfromscratch.org/blfs/view/cvs/general/usbutils.html

The usbutils package contains a utility used to display information about USB buses in the system and the devices connected to them.

This package is known to build and work properly using an LFS-6.5 platform.

util-linux-ng
http://userweb.kernel.org/~kzak/util-linux-ng/

http://en.wikipedia.org/wiki/Util-linux

The util-linux-ng is a fork of the original util-linux project. The goal of the util-linux-ng is a transparent and reliable development that follows the Linux kernel and Linux distributions.

vim
http://www.vim.org/about.php

Vim with proper terminal support - Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set.

vlighttpd
Service

Allows you to get a 2nd IP on your system and run virtual hosting there.

vsftpd
http://vsftpd.beasts.org/

http://en.wikipedia.org/wiki/Vsftpd

vsftpd is a GPL licensed FTP server for UNIX systems, including Linux. It is secure and extremely fast. It is stable. Don't take my word for it, though. Below, we will see evidence supporting all three assertions. We will also see a list of a few important sites which are happily using vsftpd. This demonstrates vsftpd is a mature and trusted solution.

wget
http://www.gnu.org/software/wget/

http://en.wikipedia.org/wiki/Wget

GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the most widely-used Internet protocols. It is a non-interactive commandline tool, so it may easily be called from scripts, cron jobs, terminals without X-Windows support, etc.

whois
http://www.computerhope.com/unix/uwhois.htm

Internet user name directory service.

worldblock
Service

Script written by frater

Very similar to Asiablock, other than the fact that it is for blocking everything except your country. To properly use this service, you must know how to use Vi editor to add your country.

Top

xinetd
http://www.xinetd.org/

Service

A replacement for inetd, the internet services daemon. Controls user defined network services such as printing and SWAT (Samba Web Administration Tool)

Zabbix
Kong mod only
 * Forget about SNMP, Cacti, MRTG
 * Zabbix

zip
http://linux.die.net/man/1/zip

zip is a compression and file packaging utility for Unix, VMS, MSDOS, OS/2, Windows NT, Minix, Atari and Macintosh, Amiga and Acorn RISC OS.

zlib
http://www.zlib.net/

A Massively Spiffy Yet Delicately Unobtrusive Compression Library

Top

http://www.nslu2-linux.org/wiki/Main/HomePage

http://mybookworld.wikidot.com/

http://ipkg.nslu2-linux.org/feeds/optware/ddwrt/cross/stable/

http://nuwiki.openwrt.org/oldwiki/OpenWrtDocs/Packages