Windows routes - add many lines to routes table at once - windows

I have to add many lines (rules) to the routes table in Windows.
The regular way is to add it with:
route add 10.0.0.0 mask 240.0.0.0 192.168.0.1
However, if I want to add many lines at once (belive me I have a good reason to do it) - how can I do it quickly (running "route add" is slow)?
I tried running it in some threads and it still slow.

Option 1:
You can use this MS tool: netsh
Netsh is a command-line scripting utility that allows you to, either
locally or remotely, display or modify the network configuration of a
computer that is currently running.
Build a file with all the lines you want to add, like this:
[For more information on "add route" command and its parameters, see here].
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
add route prefix=10.0.0.0/4 interface="Ethernet" nexthop=192.168.0.1 metric=1 publish=Yes
add route prefix=240.0.0.0/4 interface="Ethernet" nexthop=192.168.0.1 metric=1 publish=Yes
[and so on...]
popd
# End of IPv4 configuration
Save it in a *.dat file, and run this command:
netsh exec file.dat
Option 2:
[As Harry Johnston commented]: You can use CreateIpForwardEntry function to add route (example code in the link).
The CreateIpForwardEntry function creates a route in the local
computer's IPv4 routing table.

Related

windows get IP dynamically

i want to implement the following logic. Does it possible to have such implementation using batch or power shell ? please share with me script for that.
Let say I have a configuration file with the following "config.propertis":
BOOTPRORO=statis or dhcp
IPADDR=192.168.10.10
NETMASK=255.255.255.0
GATEWAY=192.168.10.1
DNS=8.8.8.8
I want that at startup the system will check that file and configure network accordingly:
OS: Windows
if in BOOTPROTO=dhcp, when use DHCP in network configuration and ignore all another in config file, except DNS
if in BOOTPROTO=static, then use all variables from config file to configure IP as static.
So, I have such logic under the Linus, using shell. The script in configured in rc.d and execute before network service. Does it possible to implement such over the Windows ? Guys, please share the script !
We can definitely do this.
First things first, because a lot of systems have more than one network interface, you'll need to determine what the ifIndex is of the adapter that we want to change. Do that by running Get-NetIPInterface. You should see results like this:
In my example and going forward, I'll be using this index, 41. You should change this to match what you find on your own computer.
OK, now to read from the text file. Since you've provided the data in a key=value pair format, commonly called a hashtable, we can easily grab the data from there using ConvertFrom-Stringdata. This will give us a PowerShell hashtable, and we can pull the needed line out like this.
$values = get-content T:\config.properties | ConvertFrom-StringData
$values.BootProro
>statis
We can us this to set the PC in Dynamic IP mode, or to set static addresses. Now, for you to use this in your environment, you need to find the ifIndex, as I mentioned before. replace my index of 41 with your own, and then give it a shot. I've added -WhatIf to every line, so you will see what would happen when you run it. If you're happy with the changes it woudl make, remove -Whatif to make the script actually change the settings.
$values = gc T:\config.properties | ConvertFrom-StringData
if ($values.BOOTPRORO -eq "dhcp"){
Write-Output "---DHCP mode detected in 'config.properties' file"
Write-Output "---Setting Set-NetAdapter -DHCP Enabled"
Set-NetIPInterface –InterfaceIndex 41 –Dhcp Enabled -WhatIf
}
else{
Write-outPut "---static mode detected in 'config.properties' file"
Write-Output "---Removing network configuration"
Remove-NetIPAddress -InterfaceIndex 41 -whatif
Write-Output "---Setting new network configuration equal to"
$values
New-NetIPAddress -DefaultGateway $values.GATEWAY -IPAddress $values.IPADDR -PrefixLength 24 -InterfaceIndex 41 -WhatIf
Set-DnsClientServerAddress -ServerAddresses $values.DNS -InterfaceIndex 41 -WhatIf
}
The output looks like this:
in Windows we can set ip address via batch file or powershell script but when you use dhcp address your ip is Dynamic not static I Imposition you want static ip address
BAtch-file
netsh interface ip set address name=”Local Area Connection” static 192.168.10.10 255.255.255.0 192.168.10.1
netsh interface ip set dns name=”Local Area Connection” static 8.8.8.8
if you want be dhcp You should set
netsh interface ip set address name=”Local Area Connection” source=dhcp
note I Imposition you nic name is Local Area Connection
In powershell V3.0 and Later we Used
New-NetIPAddress –InterfaceAlias “Local Area Connection ” –IPv4Address “192.168.10.10” –PrefixLength 24 -DefaultGateway 192.168.10.1
Set-DnsClientServerAddress -InterfaceAlias “Local Area Connection” -ServerAddresses 8.8.8.8
and for startup you can put script .bat and .ps1 in startup windows but attention you should Set-ExecutionPolicy bypass before U run any script of powershell
for startup any script see link

How to disable DNS hostname lookup in rsyslog?

How do I configure rsyslog to write raw IP addresses instead of DNS names in log files for remote hosts?
In Debian, open /etc/defaults/rsyslog and modify:
RSYSLOGD_OPTIONS="-x -Q"
and then:
# service rsyslog restart
See man rsyslogd(8) for other possible options. This doesn't disable DNS names for all remote hosts, only some of them.
I use
fromhost-ip
instead of
hostname or source
fromhost-ip reference the host that send the packet to this rsyslog. It meant that if you have any relay intermediate system, the last one is the IP that you see. If you don't use relay this is a valid solution.
You need to create a new template and apply it on /etc/rsyslog.conf. You should create like these on:
$template myFormat,"%timegenerated% %HOSTNAME% %syslogtag%%msg%\n"
$ActionFileDefaultTemplate myFormat

parse /etc/hosts for ip and hostname with puppet, and transpose into /etc/sysconfig/network-scripts/ifcfg-eth0

I am kicking machines with cobbler to install redhat 6 and also put in hostname.
I am managing my machines with /etc/hosts file right now (may switch to dns in the future) and would like to have puppet (or anything that will work) parse through /etc/hosts and find my ip address and hostname (based on the hostname supplied by cobbler at kickstart). The trick is that some machines have multiple IP's and hostnames in the /etc/hosts file, like such:
# Maintenance Network
192.168.80.192 testsrv01-maint
192.168.80.193 testsrv02-maint
192.168.80.194 testsrv03-maint
# Lights Out Network
192.168.120.192 testsrv01-ilo
192.168.120.193 testsrv02-ilo
192.168.120.194 testsrv03-ilo
# Primary Data Network
192.168.150.192 testsrv01-pri
192.168.150.193 testsrv02-pri
192.168.150.194 testsrv03-pri
# Secondary Data Network
192.168.200.192 testsrv01-sec
192.168.200.193 testsrv02-sec
192.168.200.194 testsrv03-sec
I need to capture each ip and hostname pair (in a line) and transpose into /etc/sysconfig/network-scripts/ifcfg-eth* (eth1, eth2, eth3, ...). Puppet will need to create as many ifcfg-eth* files as there are matches in /etc/hosts for the hostname.
I just need puppet to append the $IP and $hostname to the ifcfg-eth file, the rest of the content is common.
So how would I get 4x ifcfg-eth files for 'testsrv01', with puppet?
Puppet is a very ill fit for this task. This calls for a script, which Puppet does not support. Puppet allows you to declare a piece of machine state that can portably enforced on different platforms.
The task is simple enough for a Shell or Perl Script.
With Puppet, it would entail the following scripts
writing custom facts to retrieve each address / hostname pair
devising a defined type to render such a pair into an ethX file
You'd possibly even need to generate the respective manifest, so that the appropriate interface index is chosen for each address.
All things considered, you would not make use of Puppet's strengths and suffer some of its weaknesses.

Remove EC2's entry from resolv.conf

I have private DNS servers and I want to write them to resolv.conf with resolvconf on Debian on AWS/EC2.
There is a problem in the order of nameserver entries.
In my resolv.conf, EC2's default nameserver is always written at first line like so:
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 172.16.0.23
nameserver 10.0.1.185
nameserver 10.100.0.130
search ap-northeast-1.compute.internal
172.16.0.23 is EC2's default nameserver and others are mine.
How to remove EC2 entry? Or, how to move EC2 entry to third?
Here I have an interface file:
% ls -l /etc/resolvconf/run/interface/
-rw-r--r-- 1 root root 62 Jun 7 23:35 eth0
It seems that the file eth0 is automatically generated by dhcp so can't remove it permanently.
% cat /etc/resolvconf/run/interface/eth0
search ap-northeast-1.compute.internal
nameserver 172.16.0.23
My private DNS entry is here:
% cat /etc/resolvconf/resolv.conf.d/base
nameserver 10.0.1.185
nameserver 10.100.0.130
Please help.
I think I just solved a very similar problem. I was bothered by Amazon EC2's crappy internal DNS servers so I wanted to run a local caching dnsmasq daemon and use that in /etc/resolv.conf. At first I just did echo nameserver 127.0.0.1 > /etc/resolv.conf but then I realized that my change would eventually be overwritten by the DHCP client after a reboot or DHCP lease refresh.
What I've now done instead is to edit /etc/dhcp3/dhclient.conf and uncomment the line prepend domain-name-servers 127.0.0.1;. You should be able to use the prepend directive in a very similar way.
Update: These instructions are based on Ubuntu Linux but I imagine the general concept applies on other systems as well, even other DHCP clients must have similar configuration options.
I'm approaching this problem from the other direction (wanting the internal nameservers), much of what I've learned may be of interest.
There are several options to control name resolution in the VPC management console.
VPC -> DHCP option sets -> Create dhcp option set
You can specify your own name servers there.
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html
Be sure to attach this dhcp option set to your VPC to get it to take effect.
Alternatively (I found this out by mistake) local dns servers are not set if the following settings are disabled in VPC settings:
DnsHostnames
and
DnsSupport
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-dns.html
Settings can also be overridden locally (which you'll notice if you move instances between vpcs). /etc/dhcp/dhclient.conf
The following line might be of interest:
prepend domain-name-servers
Changes, of course, take effect on dhclient start.
How do I assign a static DNS server to a private Amazon EC2 instance running Ubuntu, RHEL, or Amazon Linux?
Short Description
Default behavior for an EC2 instance associated with a virtual private cloud (VPC) is to request a DNS server address at startup using the Dynamic Host Configuration Protocol (DHCP). The VPC responds to DHCP requests with the address of an internal DNS server. The DNS server addresses returned in the DHCP response are written to the local /etc/resolv.conf file and are used for DNS name resolution requests. Any manual modifications to the resolv.conf file are overwritten when the instance is restarted.
Resolution
To configure an EC2 instance running Linux to use static DNS server entries, use a text editor such as vim to edit the file /etc/dhcp/dhclient.conf and add the following line to the end of the file:
supersede domain-name-servers xxx.xxx.xxx.xxx, xxx.xxx.xxx.xxx;
Ubuntu - dhclient.conf - DHCP client configuration file 
The supersede statement
supersede [ option declaration ] ;
If for some option the client should always use a locally-configured value or values
rather than whatever is supplied by the server, these values can be defined in the
supersede statement.
The prepend statement
prepend [ option declaration ] ;
If for some set of options the client should use a value you supply, and then use the
values supplied by the server, if any, these values can be defined in the prepend
statement. The prepend statement can only be used for options which allow more than one
value to be given. This restriction is not enforced - if you ignore it, the behaviour
will be unpredictable.
The append statement
append [ option declaration ] ;
If for some set of options the client should first use the values supplied by the server,
if any, and then use values you supply, these values can be defined in the append
statement. The append statement can only be used for options which allow more than one
value to be given. This restriction is not enforced - if you ignore it, the behaviour
will be unpredictable.
In here someone come with solution that basically replaces the file on boot using rc.local
https://forums.aws.amazon.com/thread.jspa?threadID=74497
Edit /etc/sysconfig/network-scripts/ifcfg-eth0 to say PEERDNS=no
Create a file called /etc/resolv.backup with what you want
Add the following 2 lines to /etc/rc.local:
rm -f /etc/resolv.conf cp /etc/resolv.backup /etc/resolv.conf
This is what we are doing for our servers in the environment.
interface "eth0"
{
prepend domain-name-servers 10.x.x.x;
supersede host-name "{Hostname}";
append domain-search "domain";
supersede domain-name "DOMAIN";
}
Hope this helps.
The following worked in a Debian stretch on AWS EC2.
Just create /etc/dhcp/dhclient-enter-hooks.d/nodnsupdate:
#!/bin/sh
make_resolv_conf(){
:
}
Then you can modify /etc/resolv.conf and it will persist your changes across restarts.
Setup in crontab as
#reboot cp -r /home/.../resolv.conf /etc/resolv.conf

cant get dnsmasq to push multiple search prefixes

I'm trying to get dnsmasq to push multiple search prefixes to windows machines. If I look in the MS dhcp server, it looks to be using dhcp option 135, but any attempt to configure that eg
dhcp-option=135,domain.local1,domain.local2
doesnt get pushed at all (I'm using tcpdump -i br0 -lenx -s 1500 port bootps or port bootpc | dhcpdump to view wat dnsmasq is sending)
I have minor success using dhcp option 15, but it only pushes a single name into the search prefix as displayed by ipconfig /all on windows
Any suggestions ?
Checking the ISC dhcp option list I found this:
119 Domain Search domain-search
One or more domain names, each enclosed in quotes and separated by commas
But note that dnsmasq actually provides you special option (although I'm not sure from which version it starts)
dhcp-option=option:domain-search,eng.apple.com,marketing.apple.com
Our client machines (Ubuntu 18 server using netplan/systemd-resolve) were not requesting DHCP option 119, but I could solve the problem by forcing the server (dnsmasq) to sentd that option in the reply anyway:
dhcp-option-force=option:domain-search,internal,maindomain.com
dhcp-option=option:domain-name,maindomain.com
Using the dhcp-option-force parameter makes sure that the list is sent to the clients regardless of what they ask for.

Resources