HOWTO: Use Wireshark over SSH (Linux and Windows)

You want to use tcpdump in combination with Wireshark but on the server there is no X environment or no Wireshark installed?
No problem. Run Wireshark on your desktop (Linux or Windows) and capture on the remote server.

Linux

ssh remote-host "tcpdump -s0 -w - 'port 8080'" | wireshark -k -i -

This will run tcpdump on host “remote-host” and capture full packages (-s0) on port 8080. The output is sent over SSH to the local host’s “stdout” where Wireshark is waiting on “stdin” for input. (-k means start immediately).

There are a few things that may make the line above not work in your case. Make sure tcpdump is on the path on your remote host or change the line to include the path a la:

ssh remote-host "/usr/sbin/tcpdump -s0 -w - 'port 8080'" | wireshark -k -i -

You may also need to run tcpdump with sudo which means you need to change the command to:

ssh remote-host "sudo /usr/sbin/tcpdump -s0 -w - 'port 8080'" | wireshark -k -i -

Please note! Such a remote capture session can be pretty heavy on the network depending on the application. Make sure you filter as much as possible on the remote side using tcpdump’s filters.

Windows

On Windows plink.exe works best for me. Get it from the putty website.

plink -ssh username@remote-host "tcpdump -s 0 -w - 'port 8080'" | wireshark -i -

On Windows I have to omit the Wireshark option -k (immediately start capture) and manually start it from the Wireshark UI once SSH keyboard authentication is done. Alternatively, one can provide the password to plink using the -pw option.

Again, it may be that you have to provide the full path to tcpdump and/or wireshark. It also may be that you have to run tcpdump with sudo.

Advertisements

HOWTO: Install NVIDIA driver on Fedora 17 – replacing Nouveau

There are different reasons to replace nouveau drivers (open source drivers for NVIDIA cards) with proper NVIDIA drivers. Some want to use cool things like CUDA. Others want to play 3D games. NVIDIA’s drivers no doubt provide better performance and a better tool suite.

I had a horrible experience with gnome after installing Fedora 17. CPU was on all cores up at 85% doing nothing. Google said it is a common issue with gnome-shell and someone commented it would go away with having NVIDIA drivers installed. So I gave it a try.
What sounds simple took me a long night as many “HOWTOs” did not work for me. Below my summary. May it be useful for others.

This guide should work for both 32bit and 64bit systems.

Step #1: install rpm kernel-devel
NVIDIA’s installer will build a kernel module from the driver and link it to your kernel. Therefore it requires certain build tools being installed.

yum groupinstall "Development Tools"
yum install kernel-devel kernel-headers

Step #2: download NVIDIA driver from http://www.nvidia.com
In my case the file is NVIDIA-Linux-x86_64-304.60.run. Give it executable permission but don’t run it yet.

chmod +x NVIDIA-Linux-x86_64-304.60.run

Step #3: change default run-level to “3”
NVIDIA drivers only install if no X server is running. You can manually terminate X server. However, some components, buffers and modules won’t be unloaded. So, we need to boot directly into run-level “3” which is the text mode.
Fedora’s default run-level is defined through a symlink which we will modify now and change back later.

rm /etc/systemd/system/default.target
ln -sf /lib/systemd/system/multi-user.target /etc/systemd/system/default.target

Step #4: blacklist nouveau in /etc/modprobe.d
We need to prevent nouveau drivers from loading a) at boot time and b) post-boot. This step is to prevent it from being loaded manually or through any dependent module.
We create a new config file disable-nouveau.conf as the existing file blacklist.conf might be updated/overwritten by any system update.

echo 'blacklist nouveau' >> /etc/modprobe.d/disable-nouveau.conf
echo 'nouveau modeset=0' >> /etc/modprobe.d/disable-nouveau.conf

Step #5: blacklist nouveau at boot time
Fedora ships nouveau as part of the boot image. That’s why blacklisting a la Step #4 is not sufficient. We need to pass a parameter to the kernel at boot time that stops nouveau from loading.

In your file /boot/grub2/grub.cfg find the line that loads the kernel (yours might look slightly different but should start similarly):

linux	/vmlinuz-3.6.3-1.fc17.x86_64 root=/dev/mapper/vg_fedo-lv_root ro rd.lvm.lv=vg_fedo/lv_swap rd.md=0 rd.dm=0 SYSFONT=True rd.lvm.lv=vg_fedo/lv_root rd.luks=0  KEYTABLE=es LANG=en_US.UTF-8 rhgb quiet

And now add the parameter rdblacklist=nouveau to it:

linux	/vmlinuz-3.6.3-1.fc17.x86_64 root=/dev/mapper/vg_fedo-lv_root ro rd.lvm.lv=vg_fedo/lv_swap rd.md=0 rd.dm=0 SYSFONT=True rd.lvm.lv=vg_fedo/lv_root rd.luks=0  KEYTABLE=es LANG=en_US.UTF-8 rdblacklist=nouveau rhgb quiet

Step #6: Install NVIDIA driver
We need to reboot now to make the kernel parameter effective. The system will load run-level 3 and prompt for login in text mode. Login as root. Change dir to where you have the NVIDIA driver executable and run it.

./NVIDIA-Linux-x86_64-304.60.run

Once complete, reboot and login as root.

Step #7: Change default run-level back to 5
We now quickly change the symlink for default run-level back to 5 before we startup X.

rm /etc/systemd/system/default.target
ln -sf /lib/systemd/system/graphical.target /etc/systemd/system/default.target

Next time the boot process will directly bring you back to GDM (graphical login screen).

Now startup X:

telinit 5

Now you should find in your Settings menu an entry “NVIDIA X Server Settings”. Use that to configure dual screen and other custom X Server settings.

This Installation Guide from NVIDIA is very good for the interested readers http://us.download.nvidia.com/XFree86/Linux-x86_64/304.60/README/index.html

(i have moved this post to a permanent page)