Firefox Multi-Account Containers – manual site association

open about:debugging#/runtime/this-firefox

inspect “Firefox Multi-Account Containers”

paste the following function into Console

async function open_in_container(id, fqdn) {
	var uuid = Object(await browser.storage.local.get(`identitiesState@@_firefox-container-${id}`))[`identitiesState@@_firefox-container-${id}`]['macAddonUUID'] 
	return await browser.storage.local.set(JSON.parse(`{"siteContainerMap@@_${fqdn}": {"userContextId": "${id}","neverAsk": true,"identityMacAddonUUID": "${uuid}"}}`));
}

call the just defined function

await open_in_container(2, "example.com");

first parameter is the container id
second parameter is the fqdn of the site

Unifi USG Radius default vlan

on USG

/config/scripts/post-config.d/radius_default_vlan.sh

#!/bin/bash
# radius_default_vlan.sh
# This script goes in /config/scripts/post-config.d


if [[ -z "$1" ]] ; then
	echo "* * * * * root /config/scripts/post-config.d/radius_default_vlan.sh cron" > /etc/cron.d/radius_default_vlan
	exit 0
fi



if grep -q "DEFAULT Auth-Type" "/etc/freeradius/users" ; then
	exit 0
fi

cat >> /etc/freeradius/users <<EOF

DEFAULT Auth-Type := Accept
	Tunnel-Type             = 13,
	Tunnel-Medium-Type      = 6,
	Tunnel-Private-Group-Id = 1

EOF

service freeradius restart

install

chmod +x /config/scripts/post-config.d/radius_default_vlan.sh
/config/scripts/post-config.d/radius_default_vlan.sh

remove

rm /etc/cron.d/radius_default_vlan
rm /config/scripts/post-config.d/radius_default_vlan.sh

EdgeRouter IPv6

Interfaces used:

  • eth0: WAN
  • eth1: secondary WAN (optional)
  • eth2: LAN

Adjust accordingly.

Create firewall rules for WAN6_IN

edit firewall ipv6-name WAN6_IN
set default-action drop
set rule 10 action accept
set rule 10 description "allow established"
set rule 10 protocol all
set rule 10 state established enable
set rule 10 state related enable
set rule 20 action drop
set rule 20 description "drop invalid packets"
set rule 20 protocol all
set rule 20 state invalid enable
set rule 30 action accept
set rule 30 description "allow ICMPv6"
set rule 30 protocol icmpv6
top

Create firewall rules for WAN6_LOCAL

edit firewall ipv6-name WAN6_LOCAL
set default-action drop
set rule 10 action accept
set rule 10 description "allow established"
set rule 10 protocol all
set rule 10 state established enable
set rule 10 state related enable
set rule 20 action drop
set rule 20 description "drop invalid packets"
set rule 20 protocol all
set rule 20 state invalid enable
set rule 30 action accept
set rule 30 description "allow ICMPv6"
set rule 30 protocol icmpv6
set rule 40 action accept
set rule 40 description "allow DHCPv6 client/server"
set rule 40 protocol udp
set rule 40 source port 547
set rule 40 destination port 546
top

Assign IPv6 firewall rules to primary wan interface

set interfaces ethernet eth0 firewall in ipv6-name WAN6_IN
set interfaces ethernet eth0 firewall local ipv6-name WAN6_LOCAL

Assign IPv6 firewall rules to secondary wan interface (optional)

set interfaces ethernet eth1 firewall in ipv6-name WAN6_IN
set interfaces ethernet eth1 firewall local ipv6-name WAN6_LOCAL

request v6 address on eth0 (optional)

set interfaces ethernet eth0 ipv6 address autoconf
set interfaces ethernet eth0 ipv6 dup-addr-detect-transmits 1

Request prefix with eth0 and assign to eth2

Requested prefix size /60 for compatibility with FritzBox

edit interfaces ethernet eth0 dhcpv6-pd
set prefix-only
set pd 0 prefix-length /60
set pd 0 interface eth2 host-address ::1
set pd 0 interface eth2 prefix-id :0
set pd 0 interface eth2 service slaac
top

Set options for eth2

edit interfaces ethernet eth2 ipv6 router-advert
set send-advert true
set min-interval 200
set max-interval 600
set managed-flag true
set default-preference high
set prefix '::/64' autonomous-flag true
set prefix '::/64' preferred-lifetime 300
set prefix '::/64' valid-lifetime 600
top

enable mss-clamping for v6 (optional)

set firewall options mss-clamp6 1280

finally

commit
save

Resources

ESXi configure SNMP

To configure the ESXi SNMP Agent:

  1. Open an SSH session to the ESXi host.
  2. Run this command to show the current SNMP config:
    esxcli system snmp get
  3. Set the SNMP parameters of the ESXi Host:
    esxcli system snmp set --communities public,eastnoc,westnoc
    esxcli system snmp set --syscontact user
    esxcli system snmp set --syslocation "location, world"
    
  4. Enable the SNMP Agent:
    esxcli system snmp set --enable true

Powershell Mysql helper functions

Some Powershell functions for Preparing Mysql Statements and executing them.

Requires the MySQL .NET Connector

$Dbserv = "server"
$Dbname = "db"
$Dbuser = "user"
$Dbpass = "pass"

#MySQL Database connection
[System.Reflection.Assembly]::LoadWithPartialName("MySql.Data") | Out-Null
$SQLConnection = New-Object MySql.Data.MySqlClient.MySqlConnection
$SQLConnection.ConnectionString = "server=$Dbserv;port=3306;uid=$Dbuser;pwd=$Dbpass;database=$Dbname;Integrated Security=False"

function MySQLprepare {
	[OutputType([MySql.Data.MySqlClient.MySqlCommand])]
	param (
		# Query
		[Parameter(
			Mandatory = $true
		)]
		[String]
		$query,

		# Connection
		[Parameter(
			Mandatory = $true,
			ValueFromPipeline = $true
		)]
		[MySql.Data.MySqlClient.MySqlConnection]
		$connection
	)

	$command = New-Object MySql.Data.MySqlClient.MySqlCommand
	$command.Connection = $connection
	$command.CommandText = $query

	(Select-String "@\w+" -input $query -AllMatches).Matches.Value | ForEach-Object {
		if ($_) { $command.Parameters.AddWithValue($_, "") }
	} | Out-Null

	$command.Prepare()

	return , $command
}

function MySQLexec {
	[OutputType([Int])]
	param (
		# QueryParams
		[Parameter(
			Mandatory = $false
		)]
		[hashtable]
		$queryParams = @{},

		# Command
		[Parameter(
			Mandatory = $true,
			ValueFromPipeline = $true
		)]
		[MySql.Data.MySqlClient.MySqlCommand]
		$command
	)

	(Select-String "@\w+" -input $command.CommandText -AllMatches).Matches.Value | ForEach-Object {
		if ($_) { $command.Parameters[$_].Value = $queryParams[$_] }
	} | Out-Null

	$affectedRows = $command.ExecuteNonQuery()

	return $affectedRows
}

function MySQLquery {
	[OutputType([System.Data.DataTable])]
	param (
		# QueryParams
		[Parameter(
			Mandatory = $false
		)]
		[hashtable]
		$queryParams = @{},

		# Command
		[Parameter(
			Mandatory = $true,
			ValueFromPipeline = $true
		)]
		[MySql.Data.MySqlClient.MySqlCommand]
		$command
	)

	(Select-String "@\w+" -input $command.CommandText -AllMatches).Matches.Value | ForEach-Object {
		if ($_) { $command.Parameters[$_].Value = $queryParams[$_] }
	} | Out-Null

	$dataAdapter = New-Object MySql.Data.MySqlClient.MySqlDataAdapter($command)
	$dataSet = New-Object System.Data.DataSet
	$dataAdapter.Fill($dataSet, "data") | Out-Null
	return , $dataSet.Tables["data"]
}

Examples

Preparing some statements

$insertVM = $SQLConnection | MySQLprepare -query "INSERT INTO virtual_machines ( id, name, description, status ) VALUES
( @id, @name, @description, 'new' );"
$selectVMs = $SQLConnection | MySQLprepare -query "SELECT * FROM virtual_machines WHERE status LIKE @status;"
$updateVM = $SQLConnection | MySQLprepare -query "UPDATE virtual_machines SET status = @status WHERE id = @id;"

Executing them

$insertVM | MySQLexec -queryParams @{"@id" = 1; "@name" = 'test'; "@description" = 'example vm'} | Out-Null

$dtVMs = $selectVMs | MySQLquery -queryParams @{"@status" = 'new'}
foreach ($vm in $dtVMs.Rows) {
	Write-Host "Working on VM" $vm["id"] -ForegroundColor Cyan

	$updateVM | MySQLexec -queryParams @{"@id" = $vm["id"]; "@status" = 'ready'} | Out-Null
}