Install PFSense on a Digital Ocean Droplet

This article is a rewrite of the following Original and Updated Version only with a few thoughts and observations added.

The technique described here may or may not work on other cloud/vps providers, it is imperative that you have some kind of console access so you can follow the pfsense installation steps.

Start by logging in your Digital Ocean Dashboard then create a new droplet, it actually doesn’t matter the size of the droplet but it ideally it you should enable the following options:
1) Select FreeBSD 11.X, the exact version probably doesn’t matter 11.x or 12.x are fine
2) Enable “Private Networking”, it will be nicer in the long term when you setup a VPN then you’ll be able to access your DigitalOcean VMs like a big LAN.
3) Enable “IPv6”, because ipv6 its the future, better start adapting now rather than later.
Continue reading “Install PFSense on a Digital Ocean Droplet”

Shell Script to get the network list by domain name

If you followed my guide HERE and HERE you might be wondering if there is no easier/more automated way of doing it, and in fact there is a simple script that you could build.


#!/bin/bash
if [ "$#" -eq 0 ]; then
  echo "Usage: ./${0}  [v4|v6]"
  exit 1
fi

FILTER="route"
if [ "$#" -eq 2 ]; then
  if [ "$2" == "v4" ]
  then
     FILTER="route:"
  fi
  if [ "$2" == "v6" ]
     then
         FILTER="route6:"
  fi
fi

WHOISSERVER="whois.radb.net"
IPN=$(dig +short $1 | head -1)
ASN=$( whois -h ${WHOISSERVER} ${IPN} | grep -i origin | tr -s " " | cut -d " " -f2)
for i in $ASN; do
  whois -h ${WHOISSERVER} -- "-i origin ${i}" | grep ^${FILTER} | tr -s " " | cut -d " " -f2-
done

Continue reading “Shell Script to get the network list by domain name”

Get IP address Space By AS(Autonomous System) Number

Sometimes you need to get all possible address blocks of a network but most of the time there is no easy way to figure it out, looking at you Facebook and Google, but fear not sysadmin we have one handy trick up in our sleeve, by using whois with the AS number of the company we can build this kind of list.
 
We’ll use Facebook(AS32934) as an example, but it should work for any Autonomous System.


whois -h whois.radb.net -- "-i origin AS32934" | grep ^route | tr -s " " | cut -d " " -f2-

Continue reading “Get IP address Space By AS(Autonomous System) Number”

IPv4 Subnet from /8 to /30 Cheat Sheet

This is handy cheat sheet for calculating the size you will need for a subnet and to convert from CIDR to Netmask format.
The number of Avaliable Address is always the number (Total Addresses – 2 ), one address is broadcast and the other is the network address

Continue reading “IPv4 Subnet from /8 to /30 Cheat Sheet”

CIDR Total Addresses Netmask
/30 4 255.255.255.252
/29 8 255.255.255.248
/28 16 255.255.255.240
/27 32 255.255.255.224
/26 64 255.255.255.192
/25 128 255.255.255.128
/24 256 255.255.255.0