NetScaler Modify kernel image and make Flashboot

Last Update:2018-01-12 Source: Internet

Author: User

Tags gz file netscaler

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

NetScaler Modify kernel image and make Flashboot

First, modify kernel image

1) NETSCALER-ADC download page address https://www.citrix.com/downloads/netscaler-adc/

2) Netscaler-vpx-express version download page address https://www.citrix.com/downloads/netscaler-adc/virtual-appliances/ Netscaler-vpx-express.html

Gets the NetScaler VPX Build upgrade package file that contains the NetScaler kernel image.

Get a free trial License serial number.

3) See if the sha256 value of the downloaded file is the same as the official website list.

Ls-alh. Total 464594drwxr-xr-x   2 root  wheel     3B  January 14:11 drwxr-xr-x  root  wheel    28B  January 12 14:10.. -rw-r--r--   1 root  wheel   453M  build-12.0-56.20_nc_32.tgzsha256 Build-12.0-56.20_nc_32.tgz0933d78e50d367ac99e284e89d6f265daeddaf6b32d800d71bd7e966566f373b

4) Extract file NetScaler kernel file ns-12.0-56.20.gz

ns-12.0-56.20.gz Ls-alh. Total 617998drwxr-xr-x   2 root  wheel     4 b  January 14:19 drwxr-xr-x  root  wheel    28B  January 12 14:10.. -rw-r--r--   1 root  wheel   453M  January 14:10 build-12.0-56.20_nc_32.tgz-rwxr-xr-x   1 root  Wheel   ns-12.0-56.20.gz

5) Unzip the ns-12.0-56.20.gz file using the Gunzip command

CP ns-12.0-56.20.gz ns-12.0-56.20-ori.gz gunzip-d ns-12.0-56.20.gz MV ns-12.0-56.20 Ns-12.0-56.20-ori.bin Ls-alh. Total 832887drwxr-xr-x   2 root  wheel     5B  January 14:23 drwxr-xr-x  root  wheel    28B  January 12 14:22. -rw-r--r--   1 root  wheel   453M  January 14:10 build-12.0-56.20_nc_32.tgz-rwxr-xr-x   1 root  Wheel   423M  ns-12.0-56.20-ori.bin-rwxr-xr-x   1 root  wheel   150M   Ns-12.0-56.20-ori.gz

6) Find the starting boundary location for UFS chunks in the Ns-12.0-56.20-ori.bin file

[Email Protected]:~/nsdev #CP.. /ufs.magic/root/nsdev/[Email Protected]:~/nsdev #binwalk-m./ufs.magic./ns-12.0-56.20-ori.bin | grep "Mdroot"Warning:signature ' 42332 lelong 0x19540119 Unix Fast File System [v2] (Little-endian) ' is a Self-overlapp ing signature! Warning:signature ' 66908 lelong 0x19540119 Unix Fast File System [v2] (Little-endian) ' is a Self-overlapp ing signature!  Warning:signature ' 42332 belong 0x19540119 Unix Fast File System [v2] (Big-endian) ' is a self-overlapping signature!  Warning:signature ' 66908 belong 0x19540119 Unix Fast File System [v2] (Big-endian) ' is a self-overlapping signature! 179684640x1122d50       Unix Fast File System [v2] (Little-endian) last mounted On/tmp/netscaler_Mdroot/a81a1f9f3da5511e6348b8998ce7bb68, last written at 1513692003,17993040 0X1128D50Unix Fast File System [v2] (Little-endian) last mounted On/tmp/netscaler_Mdroot/a81a1f9f3da5511e6348b8998ce7bb68, last written at 1513692003,[email Protected]:~/nsdev #

7) Extract the UFS memory system chunks and Bootkernel boot blocks from the Ns-12.0-56.20-ori.bin file (note: This is slow to read and write files using the DD command, it is recommended to operate with the Winhex software)

[Email Protected]:~/nsdev # ls-alh. Total 832899drwxr-xr-x   2 root  wheel     6B  January 14:34. Drwxr-xr-x  Root  wheel    28B  January 12 14:27.. -rw-r--r--   1 root  wheel   453M  January 14:10 build-12.0-56.20_nc_32.tgz-rwxr-xr-x   1 root  Wheel   423M  January 14:21 ns-12.0-56.20-ori.bin-rwxr-xr-x   1 root  wheel   150M  January 12 14:23 ns-12.0-56.20-ori.gz-rw-r--r--   1 root  wheel   2.0K  dd Bs=1 count=17968463 if= Ns-12.0-56.20-ori.bin of=ns-12.0-56.20-bk.bindd bs=1 skip=17968463 if=ns-12.0-56.20-ori.bin of= Ns-12.0-56.20-md.bin

Define the block 1122D50 (hexadecimal value)-1A6DCB40 (the end of the file) and click Remove in edit to save the file when finished. the content of this file is the Bootkernel boot block.

Define the block 0-1122d4f (hexadecimal value) and click Remove in edit to save the file when finished. This file content is a UFS memory system chunk .

File list: Ns-12.0-56.20-kb.bin (17968464) + ns-12.0-56.20-md.bin (425434609) = Ns-12.0-56.20-ori.bin (443403073)

[Email Protected]:~/nsdev # Ls-al
Total 1047652
Drwxr-xr-x 2 root Wheel 8 January 12 17:07.
Drwxr-xr-x Root Wheel 28 January 12 14:27..
-rw-r--r--1 root wheel 475345478 January 16:51 build-12.0-56.20_nc_32.tgz
-rw-r--r--1 root wheel 17968464 January 17:07 ns-12.0-56.20-kb.bin
-rw-r--r--1 root wheel 425434609 January 17:07 ns-12.0-56.20-md.bin
-rwxr-xr-x 1 root wheel 443403073 January 16:53 ns-12.0-56.20-ori.bin
-rwxr-xr-x 1 root wheel 157124251 January 16:52 ns-12.0-56.20-ori.gz
-rw-r--r--1 root Wheel 2021 January 16:51 ufs.magic
[Email Protected]:~/nsdev #

8) Mount UFS memory system chunk file Ns-12.0-56.20-md.bin

[Email Protected]:~/nsdev #mdconfig-a-T vnode-f ns-12.0-56.20-md.bin-u 3[Email Protected]:~/nsdev #Gpart show-p/dev/md3= 0 830926 md3 BSD (406M) 0 16-free-(8.0K) 827376 md3a!0 (404M) 827392 3534-free-(1.7M) [Email Protected]:~/nsdev #MOUNT/DEV/MD3/MNT/NSMD[Email Protected]:~/nsdev #CD/MNT/NSMD[Email PROTECTED]:/MNT/NSMD #Ls-alh.Total 49drwxr-xr-x root wheel 512B December 21:10 drwxrwxrwx 9 root wheel 9B August 26 23:54..  Drwxrwxr-x 2 root operator 512B December 20:27. Snapdrwxr-xr-x 2 root wheel 1.0K December 20:29 bindrwxr-xr-x 3      Root wheel 512B December 21:10 compatdrwxr-xr-x 2 root wheel 512B December 20:28 devdrwxr-xr-x 8 root Wheel 1.5K December 20:29 etcdrwxr-xr-x 2 root wheel 512B December 20:28 flashdrwxr-xr-x 2 root wheel 512B December 20:28 homedrwxr-xr-x 3 root wheel 2.0K December 21:10 libdrwxr-xr-x 2 root wheel 512B December 21:07 Libexe Cdrwxr-xr-x 2 root wheel 512B December 20:28 mntdrwxr-xr-x root wheel 5.0K December 22:00 netscalerdrwxr-xr- X 2 root wheel 512B December 20:28 procdrwxr-xr-x 2 root wheel 512B December 20:28 rootdrwxr-xr-x 2 root WH Eel 2.0K December 20:28 sbindrwxrwxrwt 2 root wheel 512B December 20:28 tmpdrwxr-xr-x Ten root wheel 512B 1 February 21:10 usrdrwxr-xr-x 8 root Wheel 512B December 20:28 VAR[EMAIL&NBSP;PROTECTED]:/MNT/NSMD #

9) Add Modify configuration file

A: Modify/etc/httpd.conf

Add the following on line 154

# Set the Content-type to always set the default charset to Utf-8adddefaultcharset UTF-8

B: Modify/etc/profile

Add the following at the end

if [-f/var/python/bin/python]; Then   export path= $PATH:/VAR/PYTHON/BINFI

C: Modify/etc/sshd_config

Add the following configuration items

D: Increase file/etc/ftpd_ctl and file permissions to 444 read-only permissions

#!/bin/SHFtpd_program="/usr/libexec/ftpd"Ftpd_flags="-d-l" Case$1 inchstart)Echo "starting FTPD"$ftpd _program $ftpd _flags; Stop)Echo "stopping FTPD"        Killallftpd;; Restart) $0StopSleep 1        $0start;;Esac

E: Modify/ETC/RC

Add the following content

if [!-F $1/ssh/ssh_host_key]thenecho-n ' Creating ssh1 RSA host key: '/usr/bin/ssh-keygen-t rsa1-n '-F $1/ssh/ssh_h Ost_key/bin/ln-fs $1/ssh/ssh_host_key/etc/ssh_host_keyecho '. ' Fi

Add the following, already commented statement, and does not work, this statement is intended to set up the boot FTPD program.

However, the FTP process is not secure and easily leads to risk. So comment on this statement.

    #/bin/sh /etc/ftpd_ctl start;

f) Modify/etc/rc.conf.defaults

#ftpd_enable ="YES"

g) Modify/ETC/MONITRC

Add the following statement

Check process ftpd with pidfile/var/run/ftpd.pid   start  program"/bin/sh/etc/ftpd_ctl Start"   stop   program"/bin/sh/etc/ftpd_ctl stop"   #if failed port and then restart   #if 5 restarts within 5 cycles then timeout

Add the following statement at the end

# # Check Nscrlrefresh, a netscaler daemoncheck process Nscrlrefresh with Pidfile/var/run/nscrlrefresh.pid Start Program"/bin/sh/etc/nscrlrefresh_ctl Start"Stop Program"/bin/sh/etc/nscrlrefresh_ctl Stop"# # Check websocketd, a netscaler daemoncheck process websocketd with Pidfile/var/run/websocketd.pid Start Program"/bin/sh/etc/websocketd_ctl Start"Stop Program"/bin/sh/etc/websocketd_ctl Stop"# # Check NSKRB, the NetScaler Kerberos Daemoncheck process NSKRB with Pidfile/var/run/nskrb.pid Start Program"/bin/sh/etc/nskrb_ctl Start"Stop Program"/bin/sh/etc/nskrb_ctl Stop"# # Check iked,whichis a daemon to DoIKE handshake forIpseccheck process iked with Pidfile/var/run/iked.pid Start Program"/bin/sh/etc/iked_ctl Start"Stop Program"/bin/sh/etc/iked_ctl Stop"

h) Modify/netscaler/nsstart.sh

Add the following content

# Load Default local start Sript Echo ' Loading Default local rc start phase Sript ... ' Sleep 5  -F $NSCONFIG/rc.local.start] &&. $NSCONFIG/rc.local.start

i) Modify/netscaler/nsstop.sh

Add the following content

# Load Default local stop Sript Echo ' Loading default local rc stop phase Sript ... ' Sleep 5  -F $NSCONFIG/rc.local.stop] &&. $NSCONFIG/rc.local.stop

Second, the production of Flashboot

NetScaler Modify kernel image and make Flashboot

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More