Dec 212014

That. Was. Easy.

These are the three words that a fancy button says whenever I press it. That button was gifted by an ex-colleague of mine and it says it all! Once you did it, that was easy 🙂

Exactly when you try to configure a remote port monitoring on an HP v1910 switch. Once upon a time (and I’m really speaking about 20 years ago) a company called 3Com had a slogan saying “the network that go the distance” Then they have been bought approx 4 years ago by HP, but that philosophy remained. A philosophy which says that it does not matter if you have a small switch, but the features you need must be there. Maybe a bit hidden… maybe only from CLI.

It happens that some good 3Com switched were rebranded HP around the second half 2010. All those switches, under the name of the v1910 series, are lifetime warranted!!! If you do not believe it, just click here and insert your switch serial number.

But beside the good policies, I’ve decided to write this nice post since today I reached the nirvana of my home network: two HP 1910v switches, respectively 16 and 24 ports, configured for remote port monitoring.

Continue reading »

Sep 272014

While reviewing a wireshark video, I have seen this awesome technique to use shark to get very good statistics on whats going on the network in terms of errors.

Hence I’ve decided to report the command here since it could be very useful to do network monitoring.

The command should go all in one line…

tshark -r <filename>.pcap -q -z io,stat,1,"COUNT(tcp.analysis.retransmission)tcp.analysis.retransmission","COUNT(tcp.analysis.duplicate_ack)tcp.analysis.duplicate_ack","COUNT(tcp.analysis.lost_segment)tcp.analysis.lost_segment","COUNT(tcp.analysis.fast_retransmission)tcp.analysis.fast_retransmission","COUNT(tcp.analysis.out_of_order)tcp.analysis.out_of_order”

The output should be something like this:

Apr 132014

First of, a BIG thank you to my friend Luca Ferrarotti who inspired, actively contributed and helped me with this HowTo.

Then, something I wanted to write since a very long time. Other articles in this blog instruct about how to use OS X or iOS to build a native client to site IPSec VPN terminated on McAfee (formerly Stonesoft) Next Generation Firewall. Since I joined Stonesoft many years ago, lots of people enquired me and Support and my SE colleagues about how to build this configuration… here you are. Your voice has been listened!

I wrote this article using McAfee Next Generation Firewall version 5.5.6 and McAfee Security Management Center 5.7.0, while on client side I am on Ubuntu 12.04.4 LTS. Continue reading »

Jan 202009

Suppose you are on a Linux box with multiple NICs.

It happens that there is one of them that loads with a driver disturbing test/activity you’re doing and you want to exclude it from modprobe.

You should edit file /etc/modprobe/blacklist and add there the driver name used by the card you want to get rid of, as follows:


blacklist 8139cp
blacklist 8139too

The example above (no, you don’t have to add snips, it is just to show that this is part of a bigger file…) will avoid Linux to probe for Realtek based NICs.