Syed Jahanzaib Personal Blog to Share Knowledge !

February 24, 2015

Table ‘conntrack.tabidx’ doesn’t exist

Filed under: Linux Related — Tags: , — Syed Jahanzaib / Pinochio~:) @ 11:32 AM


Short reference:

While accessing RM users section , received “Table ‘conntrack.tabidx‘ doesn’t exist” error.
As showed in the image below …



This is how I fixed it.

On your RM box, create a file in which we will add table information.

touch conntrack.sql
nano conntrack.sql

Paste the following table

-- phpMyAdmin SQL Dump
-- version 2.11.0
-- Host: localhost
-- Generation Time: Sep 03, 2008 at 11:57 AM
-- Server version: 5.0.18
-- PHP Version: 5.1.2


-- Database: `conntrack`

-- --------------------------------------------------------

-- Table structure for table `tabidx`

`date` date NOT NULL,
PRIMARY KEY  (`date`)



SAVE and exit.

Now use the following command to import table into mysql database ‘conntrack

mysql -h localhost -u root -pYOURPASS radius < conntrack.sql




The table code have been extracted from radius manager installation archive.  Example:

You can import any missing table from above file and import it in mysql.




Automated installation Script For DMASOFTLAB RADIUS MANAGER v4.1 in CENTOS

Filed under: Linux Related — Tags: — Syed Jahanzaib / Pinochio~:) @ 10:49 AM


[As demanded by few Humans 😉 ]

Following is an customized script to install DMASOFTLAB Radius Manager ver 4.1 in CENTOS 6.x / 32bit

The aim of writing this script was to save some time and efforts every time I put in new RM installation. Since DMA don’t have any official support forum (except for there email support which is valid for paid customers only) , so I thought it might be helpful for others too  by sharing this info 🙂

I know very well that It is not a perfect script, it can be very well shorten as per the requirement, but still it does it’s job very nicely with out any user intervention 🙂

Suggestions are most welcome at  . . .
aacable @ hotmail . com


1- Fresh Installation of CENTOS 6.x 32bit  (script is well tested with 6.6 edition 32bit edition only)

2- good Internet access, off course ; )

3- Valid License files provided by DMASOFTLAB , valid with your physical (or virtual) interface MAC address [You can upload your license files in /temp folder as this script will try to copy the 2 licenses files required [lic.txt and mod.txt] from temp folder to appropriate place.


What components does this script add to the system ?

This script will install following in your system. (as per order nos.)

> Disable iptables service , ipv6 and selinux in centos

> Download Radius Manager from remote location (preferably Google Drive, adjustable in the script)

> Install necessary components like mysql , apache2, php5 etc

> Download and install dmasoftlab required components like libltd* , IONCUBE and add its entries in Apache’s php config file

> Download and compile freeradius-server-2.2.0-dma-patch-2 package

> Add Radius & Conntrack DB in mysql suing CLI (I have configured default password for mysql which is ‘zaib1234′ , you can change it later)

> Extract Radius Manager Installation file & install it accordingly.

> Restart Services like apache2, mysql, radius



Before accessing RM ACP , make sure you upload valid LICENSE files in /var/www/html/radiusmanager folder

2- This script will set mysql password to “zaib1234″ , you can change it later.

How-to Execute The Script  !!

There are several ways to do it, one is explained below . . .

Create a new script

touch /
chmod +x /
vi /

Now copy paste the following code.


echo "$COL_GREEN Radius Manager installer script for CENTOS 6.x 32bit"
echo "Copyright 2004-2013, DMA Softlab LLC"
echo "All right reserved.. $COL_RESET"
echo "$COL_GREEN Script modified by Syed Jahanzaib for CENTOS"

# Colors Config  . . . [[ JZ . . . ]]

# Variables & Paths [jz]

# MySQL ROOT Password , Change this variable according to your own setup if required. . . [[ JZ . . . ]]

# RM Installation Package Download URL , Change this variable according to your own setup , if required. . . [[ JZ . . . ]]
#Google Drive link is more reliable

# Temporary Folder where all software will be downloaded . . . [[ JZ . . . ]]

# Packages which will be installed as pre requisite and to make your life easier
PKG="nano wget curl net-tools lsof mc make gcc libtool-ltdl curl httpd mysql-server mysql-devel net-snmp net-snmp-utils php php-mysql php-gd php-snmp php-process"

# Turn off iptables and disabled
echo -e "$COL_GREEN Disabling iptables service, $COL_RESET"
service iptables stop
chkconfig iptables off

echo -e "$COL_GREEN Disabling IPv6 to avoid slow link issue $COL_RESET"
echo "net.ipv6.conf.all.disable_ipv6 = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.default.disable_ipv6 = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.lo.disable_ipv6 = 1" >> /etc/sysctl.conf

# Turn off SELINUX andd disable it on boot
echo -e "$COL_GREEN Disabling SELINUX & setting it disabled on boot ... $COL_RESET"
echo 0 > /selinux/enforce
sed -i "s/=enforcing/=disabled/g" /etc/selinux/config

# Installing WGET which is not in default installation of CENTOS 6.5 Minimal [jz]
sleep 3
echo -e "$COL_GREEN Installing WGET to fetch required tools later ... $COL_RESET"
yum install -y wget

# Checking if /temp folder is previously present or not . . .
if [ ! -d "/temp" ]; then
echo -e "$COL_RED /temp folder not found, Creating it so all downloads will be placed here  . . . $COL_RESET"
mkdir /$temp
echo -e "$COL_GREEN /temp folder is already present , so no need to create it, Proceeding further . . . $COL_RESET"

# Clearing Old downloads in /temp to avoid DUPLICATIONS . . .
echo -e "$COL_RED Clearing Old downloads in /temp to avoid DUPLICATIONS . . . $COL_RESET"

rm -fr /$temp/radiusmanager*.*
rm -fr /$temp/freeradius*.*
rm -fr /$temp/libltd*.*
rm -fr /$temp/ioncube*.*
rm -fr /$temp/php-my*
rm -fr /$temp/libmy*
rm -fr /$temp/rm4.txt

# Checking IF $rmurl is accessible m if YES then continue further , otherwise EXIT the script with ERROR ! [[ JZ .. . .]]
echo -e "$COL_GREEN Checking if zaib Google Drive or other URL to download requires  packages is accessible in order to proceed further. . .!! $COL_RESET"
sleep 3
cd /$temp
wget -q $rmurl/rm4.txt
if [ ! -f /$temp/rm4.txt ]; then
echo -e "$COL_RED ERROR: Unable to contact $rmurl, or possibly internet is not working or your IP is in black list at destination server  !! $COL_RESET"
echo -e "$COL_RED ERROR: Please check manual if $rmurl is accessible or not or if it have required files, JZ  !! $COL_RESET"
exit 0


echo -e "$COL_GREEN $url accessible $COL_RESET ......OK......"
echo -e "$COL_GREEN Downloading RADIUS MANAGER 4.1.0 package from INTERNET  .  (Press CTRL+C to stop any time) $COL_RESET"
wget $rmurl/radiusmanager-4.1.0.tgz
# Checking if RM installation file have been downloaded. if YES continue further , otherwise EXIT the script with ERRO ! [[ JZ .. . .]]
if [ ! -f /$temp/radiusmanager-4.1.0.tgz ]; then
echo .
echo -e "$COL_RED ERROR: RM Installation File could not be download or found in /$temp ! $COL_RESET"
exit 0

echo -e "$COL_GREEN Installing some tools and other rpe requisite for the application ... ! $COL_RESET"
yum install -y $PKG
echo -e "$COL_GREEN YUM install/update Done.! $COL_RESET"

echo -e "$COL_GREEN Installing LIBMYCRYPT and PHPMCRYPT ... ! $COL_RESET"
wget $rmurl/libmcrypt-2.5.8-9.el6.i686.rpm
wget $rmurl/php-mcrypt-5.3.2-3.el6.i686.rpm
rpm -i libmcrypt-2.5.8-9.el6.i686.rpm
rpm -i php-mcrypt-5.3.2-3.el6.i686.rpm
sleep 3

# IONCUBE Installation:
# Now Download ioncube library and add it to php  . . . [[ JZ . . . ]]
echo .
echo -e "$COL_GREEN Installing IONCUBE  .  (Press CTRL+C to stop any time) $COL_RESET"
wget $rmurl/ioncube_loaders_lin_x86.tar.gz

# Checking if IONCUBE installation file have been downloaded. if YEs continue further , otherwise EXIT the script with ERROR ! [[ JZ .. . .]]
if [ ! -f /$temp/ioncube_loaders_lin_x86.tar.gz ]; then
echo .
exit 0

tar zxvf ioncube_loaders_lin_x86.tar.gz
mkdir /usr/local/ioncube
cp -fr /$temp/ioncube/* /usr/local/ioncube/

# Now Add the appropriate ionCube loader to your php.ini . . . [JZ]
echo .
echo -e "$COL_GREEN Adding iONCUBE extension in PHP config file  .  (Press CTRL+C to stop any time) $COL_RESET"
echo "zend_extension=/usr/local/ioncube/" >> /etc/php.ini
echo .
echo -e "$COL_GREEN Downloading FREERADiUS 2.2.20-dma-patch-2 package  .  (Press CTRL+C to stop any time) $COL_RESET"
wget $rmurl/freeradius-server-2.2.0-dma-patch-2.tar.gz

# Checking if FREERADIUS is downloaded, just to make sure internet is working ,IF NOT, EXIT the script with ERROR ! [[ JZ .. . .]]
if [ ! -f /$temp/freeradius-server-2.2.0-dma-patch-2.tar.gz ]; then
echo .
echo -e "$COL_RED ERROR: COULD NOT DOWNLOAD FREERADIUS 2.2.20-dma-patch-2, possible INTERNET is not Working !!! EXITING . . .  $COL_RESET"
exit 0

echo .
echo -e "$COL_GREEN Starting to Compile FREERADIUS  ...  (Press CTRL+C to stop any time) $COL_RESET"
sleep 3

cd /$temp
tar zxvf freeradius-server-2.2.0-dma-patch-2.tar.gz
cd /$temp/freeradius-server-2.2.0/

### Now proceed with the compilation of FREERAIDUS , applicable for all
make install
echo -e "$COL_GREEN Starting FREERADIUS by radiusd -xx coommand & start radius service.  (Press CTRL+C to stop any time) $COL_RESET"
radiusd -xx
service radiusd start
sleep 3

# ================================================================
# Creating MySQL databases with MySQL command line tool . . . [JZ]
# ================================================================
# ** FROM CLI ** . . . [JZ]
echo -e "$COL_GREEN Starting MYSQLD servuce to create Radius Manager Database.  (Press CTRL+C to stop any time) $COL_RESET"
echo -e "$COL_GREEN MYSQL password is set to   'zaib1234'  $COL_RESET"
service mysqld start
mysqladmin -u root password 'zaib1234'
echo .
echo -e "$COL_GREEN adding RADIUS user & DB in MYSQL  .  (Press CTRL+C to stop any time) $COL_RESET"
mysql -u root -p$sqlpass -e "create database radius";
mysql -u root -p$sqlpass -e "create database conntrack";
mysql -u root -p$sqlpass -e "CREATE USER '$myusr_rad'@'$radhost' IDENTIFIED BY '$mypsw_radius';"
mysql -u root -p$sqlpass -e "CREATE USER '$myusr_cts'@'$radhost' IDENTIFIED BY '$mypsw_cts';"
mysql -u root -p$sqlpass -e "GRANT ALL ON radius.* TO radius@$radhost;"
mysql -u root -p$sqlpass -e "GRANT ALL ON conntrack.* TO conntrack@$radhost;"

# UNTAR Copy WEB content

echo "$COL_GREEN Copying Radius Manager WEB content to $wwwpath/radiusmanager $COL_RESET"
cd /$temp
tar zxvf radiusmanager-4.1.0.tgz
mkdir $wwwpath/radiusmanager
cp -fr /$temp/radiusmanager-4.1.0/www/radiusmanager $wwwpath
sleep 3

# rename .dist files

mv $wwwpath/radiusmanager/config/paypal_cfg.php.dist $wwwpath/radiusmanager/config/paypal_cfg.php
mv $wwwpath/radiusmanager/config/netcash_cfg.php.dist $wwwpath/radiusmanager/config/netcash_cfg.php
mv $wwwpath/radiusmanager/config/authorizenet_cfg.php.dist $wwwpath/radiusmanager/config/authorizenet_cfg.php
mv $wwwpath/radiusmanager/config/dps_cfg.php.dist $wwwpath/radiusmanager/config/dps_cfg.php
mv $wwwpath/radiusmanager/config/2co_cfg.php.dist $wwwpath/radiusmanager/config/2co_cfg.php
mv $wwwpath/radiusmanager/config/payfast_cfg.php.dist $wwwpath/radiusmanager/config/payfast_cfg.php

# set ownership and permissions

chown $httpusr $wwwpath/radiusmanager/config
chown $httpusr $wwwpath/radiusmanager/config/system_cfg.php
chown $httpusr $wwwpath/radiusmanager/config/paypal_cfg.php
chown $httpusr $wwwpath/radiusmanager/config/netcash_cfg.php
chown $httpusr $wwwpath/radiusmanager/config/authorizenet_cfg.php
chown $httpusr $wwwpath/radiusmanager/config/dps_cfg.php
chown $httpusr $wwwpath/radiusmanager/config/2co_cfg.php
chown $httpusr $wwwpath/radiusmanager/config/payfast_cfg.php
mkdir -p $wwwpath/radiusmanager/tmpimages
chown $httpusr $wwwpath/radiusmanager/tmpimages
chown $httpusr $wwwpath/radiusmanager/tftpboot
chmod 600 $wwwpath/radiusmanager/config/system_cfg.php
chmod 600 $wwwpath/radiusmanager/config/paypal_cfg.php
chmod 600 $wwwpath/radiusmanager/config/netcash_cfg.php
chmod 600 $wwwpath/radiusmanager/config/authorizenet_cfg.php
chmod 600 $wwwpath/radiusmanager/config/dps_cfg.php
chmod 600 $wwwpath/radiusmanager/config/2co_cfg.php
chmod 600 $wwwpath/radiusmanager/config/payfast_cfg.php
chmod 644 $wwwpath/radiusmanager/config/docsis_keyfile
chmod 644 $wwwpath/radiusmanager/config/docsis_template

# chmod and copy binaries
cd /$temp/radiusmanager-4.1.0/
echo "Copying binaries to /usr/local/bin"
chmod 755 bin/rm*
cp bin/rm* /usr/local/bin

echo "Copying rootexec to /usr/local/sbin"
cp bin/rootexec /usr/local/sbin
chmod 4755 /usr/local/sbin/rootexec

# chmod and copy radiusmanager.cfg

echo "Copying radiusmanager.cfg to /etc"
cp etc/radiusmanager.cfg /etc
chown $radusr /etc/radiusmanager.cfg
chmod 600 /etc/radiusmanager.cfg

# create Tables

echo -e "$COL_GREEN Creating MYSQL Table $COL_RESET"
mysql -h $radhost -u $myusr_rad -p$mypsw_radius radius < sql/radius.sql
mysql -h $radhost -u $myusr_cts -p$mypsw_cts conntrack < sql/conntrack.sql

# create rmpoller service
echo "Enabling rmpoller service at boot time"
cp rc.d/rmpoller /etc/init.d
chown root.root /etc/init.d/rmpoller
chmod 755 /etc/init.d/rmpoller
chkconfig --add rmpoller

# create rmconntrack service
echo "Enabling rmconntrack service at boot time"
cp rc.d/rmconntrack /etc/init.d
chown root.root /etc/init.d/rmconntrack
chmod 755 /etc/init.d/rmconntrack
chkconfig --add rmconntrack

# copy radiusd init script

echo "$COL_GREEN Enabling radiusd service at boot time $COL_RESET"
chmod 755 rc.d/redhat/radiusd
cp rc.d/redhat/radiusd /etc/init.d
chkconfig --add radiusd

# copy logrotate script
echo "Copying logrotate script"
cp etc/logrotate.d/radiusd /etc/logrotate.d/radiusd

# copy cron job script
echo "$COL_GREEN Copying cronjob script $COL_RESET"
cp etc/cron/radiusmanager /etc/cron.d/radiusmanager
chmod 644 /etc/cron.d/radiusmanager

# comment out the old style cron job
sed -i 's/02\ 0\ \*\ \*\ \*\ root\ \/usr\/bin\/php/#2\ 0\ \*\ \*\ \*\ root\ \/usr\/bin\/php/g' /etc/crontab

# set permission on raddb files
echo "$COL_GREEN Setting permission on raddb files $COL_RESET"
chown $httpusr /usr/local/etc/raddb
chown $httpusr /usr/local/etc/raddb/clients.conf
sleep 3

echo -e "$COL_GREEN Re-Starting Apache2, Radius Service & add them in startup... $COL_RESET"
service httpd restart
chkconfig --add mysqld
chkconfig --add httpd
chkconfig --add radiusd
chkconfig mysqld on
chkconfig httpd on
chkconfig radiusd on

cp /temp/lic.txt $wwwpath/radiusmanager
cp /temp/mod.txt $wwwpath/radiusmanager

echo .
echo .
echo .
echo .
echo .
echo -e "$COL_GREEN All Done. Kindly RESTART the system one time to maek sure everything is ok on reboot."
echo -e "Dont forget to upload the correct License files for your valid MAC address in /var/www/html/radiusmanager folder"
echo -e "Please access ADMIN panel via http://yourip/radiusmanager/admin.php $COL_RESET"
echo -e "DMASOFTLAB RM Installation script modified for CENTOS by $COL_RED SYED JAHANZAIB / $COL_RESET"


Save & Exit …



Now execute the script by



After the script ends, do make sure that you don’t see any Error’s  on the installation. Thats why I have added 3 Seconds delay in few section so you can view the results.

Now UPLOAD your valid License into /var/www/radiusmanager OTEHRWISE YOU WILL SEE BLANK PAGE ON ACCESSING RM ADMIN PANEL.


Now try to access RM ACP via browser by



If you get blank page, then use tail command to view Apache error log , example

tail -f /var/log/apache2/error.log


OR more specifically

tail -f /var/log/apache2/error.log |grep lic


If you see any error like showed in the image below . . . (for not valid license), then make sure your license files are valid for right version and with the right mac address interface.





To deploy Radius Manager Patch 5 (4.1.5) , Kindly see the following Link

I will add few snapshots and video as soon as I get some time.




Syed Jahanzaib

February 20, 2015

LEGACY OF CENTOS ! Continued …

Filed under: Linux Related — Tags: , , , , — Syed Jahanzaib / Pinochio~:) @ 3:14 PM


Some personnel notes /references for CENTOS 6.x command line.


CENTOS  6.6  <32 bit>   DOWNLOAD LINK   …


Kill all DEFUNCT processes automatically

ps -ef | grep defunct | grep -v grep | cut -b8-20 | xargs kill -9

Enable SNMP in CENTOS , tested with 6.x

To enable SNMP in CENTOS quickly, copy paste following. it will add ‘public’ community as Read Only.

yum -y install net-snmp net-snmp-utils
> /etc/snmp/snmpd.conf

# Add following
echo "rocommunity public" > /etc/snmp/snmpd.conf
echo "syslocation "Karachi NOC, Paksitan" >> /etc/snmp/snmpd.conf
echo "syscontact  aacable_at_hotmail_com >> /etc/snmp/snmpd.conf

service snmpd restart
chkconfig snmpd on

snmpwalk -v1 -c public

Configuring Static IP address in CENTOS [6.x]

If you want to configure static IP address in CENTOS, then edit following file

vi /etc/sysconfig/network-scripts/ifcfg-eth0

Use following as sample

IPADDR=  # IP Address you want to fix
NETMAST=   # Netmask as per network
# or if netmask dont work, use PREFIX=24 (change 24 as per network like /8 or whatever)
GATEWAY=   # Your Router/DLS Gateway
DNS1=   # Your ISP DNS or standard Google dns

Note: set following for sure


Save & Exit, and restart the network service or interface to take effect

service network restart


ifdown eth0
ifup eth0

Issue IFCONFIG command to verify the result.

centos7 is a mess 😦 so better to stick with 6

Change/Clone MAC address

To change mac address in CENTOS , edit your required ethernet network config file , Example …

nano /etc/sysconfig/network-scripts/ifcfg-eth0

here you will see HWADDR line with current mac address, dont modify it, just add another line above it, like following

MACADDR=00:11:11:11:11:11          < Add this line with your required mac address
HWADDR=00:22:22:22:22:22       < Your current mac address

An example of full cfg file for eth0


Save & Exit, and restart the network service or interface to take effect

service network restart


ifdown eth0
ifup eth0

Issue IFCONFIG command to verify the result.


use the sed shortcut 😉

sed -i -e ‘1iHere is my new top line\’ filename


Disabling CENTOS default firewall ‘SELINUX’

To disable SELINUX temporary for the current session, use following…

echo 0 > /selinux/enforce


To disable builtin firewall permanently in centos, edit following

vi /etc/selinux/config

and change the




Save & Exit & reboot to take effect.

Or use the SED shortcut to replace the string within cli 😉 # Zaib

sed -i "s/=enforcing/=disabled/g" /etc/selinux/config


To disable iptables services

service iptables stop
chkconfig iptables off

You can check the status with following

service iptables status

and you can also use following command to clear the current iptables (for the current session only)

iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT


Some must-have tools

yum install -y nano wget curl net-tools lsof


service --status-all

To disable service on startup , use

chkconfig httpd off

To always start any service on boot, use

chkconfig --add httpd on 

Excluding slow mirrors

When I was installing some packages in Centos and the YUm was doing it at painfully slow speed, I figured the mirror (indian and bangladeshi mirror sites) were very slow. So I disabled two mirrors domain it was selecting in start which were .in and .bd

use following file

nano /etc/yum/pluginconf.d/fastestmirror.conf

and add the slow mirror (to be excluded) like, .bd,

or use the cli command to add it in the file

echo ", .in, .vn," >> //etc/yum/pluginconf.d/fastestmirror.conf

How to Check CentOS Version / kernel Number

Centos Version
cat /etc/centos-release
32bit/64bit check
uname -a

Howto Disable IPV6 in CENTOS  [Tested on 6.x versions]

First edit sysctl.conf file in any editor , e.g:

nano /etc/sysctl.conf

and add following lines in the end

# IPv6
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

Use following to add them directly to file using echo command

echo >> /etc/sysctl.conf  net.ipv6.conf.all.disable_ipv6 = 1
echo >> /etc/sysctl.conf net.ipv6.conf.default.disable_ipv6 = 1
echo >> /etc/sysctl.conf net.ipv6.conf.lo.disable_ipv6 = 1

Save and Exit and execute following to activate changes 🙂

sysctl -p


Howto install PHPMYADMIN in centos 6.x

To install PHPMYAMDIN which is a good tool to manage your mysql via GUI in centos, use following...

 cd /tmp
rpm -ivh epel-release-6-8.noarch.rpm

yum search phpmyadmin
yum -y install phpmyadmin

Now You need to edit /etc/httpd/conf.d/phpMyAdmin.conf file, enter:

vi /etc/httpd/conf.d/phpMyAdmin.conf

Replace your ip in

Require ip

Allow from

Change to your management pc ip from where you want to access phpmyadmin

after saving, restart the httpd service.

service httpd restart


Or use the SED shortcut to replace the string within cli 😉 # Zaib

sed -i "s/" /etc/selinux/config

[replace with your management pc ip]


Solving WGET hangs/sleep problem when internet link break or with poor connectivity

wget --retry-connrefused --waitretry=1 --read-timeout=20 --timeout=15 -t 0

Adding Virtual NIC

Quick and dirty way (it will add the nic temporary for the session, you can also add these commands in startup as well.

ip link add link eth0 address 11:22:33:44:55:66 eth0.10 type macvlan
ifconfig eth0.1 up
ifconfig eth0.1

Adding Virtual NIC  permanently.


Adding simple VPN Server (in view f connecting radius with nas)

On CentOS 6 x64:

rpm -i
yum -y install pptpd

Now you should edit /etc/pptpd.conf and add the following lines:


Where localip is IP address of your server and remoteip are IPs that will be assigned to clients that connect to it.

Next, you should setup authentication for PPTP by adding users and passwords. Simply add them to /etc/ppp/chap-secrets :
(example of id pass)

zaib    pptdp    zaibpass    *
service pptpd restart


To be continued ...


February 16, 2015

Expanding Possibilities / Howto add 3rd party packages in Mikrotik KVM/Metarouter!

Filed under: Mikrotik Related — Tags: , , , — Syed Jahanzaib / Pinochio~:) @ 2:22 PM

As asked by few friends, i thoughts its a good idea to share it with all.
Last Update: 5th March, 2015, 08:43 am


1- Whatis Metarouter
2- Howto install Metarouter in Mikrotik Routerboard
3- Howto install APACHE web server in METAROUTER to host your web files.
4- Howto install ASTERISK 1.8 with GUI [Feb 2015]
5- Howto setup NTP to solve DATE Time synch issue [5th March, 2015 8:43am]
6- Howto disable firewall [17th Mrach, 2015 13:00 hrs]

1- What is METAROUTER?

as defined by Greg

Metarouter is a way to have logical routers running on your existing routerboard. In essence, you create a virtual router on your RB, then you assign some interfaces to it. You then can hand this virtual router off to a customer hand allow them to administer it without effecting any of the core functions necessary on the device. .”

Also on METAROUTER you can use openwrt image to host tiny linux and its few apps in it. like APACHE, asterisk etc. web server was in highly demand by local cable operator who wanted to host NON payment/reminder page to be shown at there clients.

Currently MetaRouter can be used on

  • RB4xx, RB7xx series, RB900 series, RB2011.xx boards
  • Listed PPC boards: RB1000, RB1100, RB1100AH and RB800.


Hardware Software Used in this guide:

Routerboard Model = RB2011UiAS-2HnD
Mikrotik ROS version = 6.27

2- Howto install METAROUTER in Mikrotik Routerboard

First download OPENWRT image into mikrotik. Open New Terminal, and issue following command …

/tool fetch url=

Now import the openwrt downloaded in above step,

As showed in the mage below …

2- Import Image

Now we need to add virtual network interface into this machine. We also have to provide valid network configuration with internet access so that it can download required software later. For this demonstration purposes I added manual IP , but you can use virtual bridge and use your mikrotik DHCP serve to allow internet access to the metarouter machine or whatever you prefer to establish network connectivity.

In the below pic, I selected ETHER2 which is LAN interface of mikrotik host.

add interface



Now double click on newly created machine and select CONSOLE and press enter key few times to get command prompt.

6- Open Metarouter CONSOLE zaib


Edit the network configuration file.

vi /etc/config/network

Press “i” to enter edit mode.

and configure the network as per your local need.



7- edit interface settings.

Add DNS server entry for resolving internet hosts …

vi /etc/resolv.conf



After setting network configuration, save and exit. enable/restart the network services so changes can take effect.

/etc/init.d/network enable
/etc/init.d/network restart

Now try to ping any internet site to verify the connectivity. On successful attempt, you should get reply.


8- ping successfull



3- Howto install APACHE web server in METAROUTER to host your files.

Install APACHE web server with OPKG (like yum or apt-get)

Edit the opkg file

vi /etc/opkg.conf

Change a string in first line, as it should be like below one …

src/gz snapshots

Now update opkg (like you do in ubuntu to update apt-get)

opkg update
opkg install apache

its better if you restart your mikrotik routerboard with reboot command so that all changes should take effect properly otherwise you MAY see few errors on accessing apache.

Now start apache service

apachctl start

(or restart as required)

Access via browser

10-apache works

html index files are placed at


4- Howto install ASTERISK 1.8 with GUI

Make metarouter machine with following image,and setup proper networking.

/tool fetch url=

Edit /etc/opkg.conf and use following repository

src/gz snapshots
dest root /
dest ram /tmp
lists_dir ext /var/opkg-lists
option overlay_root /jffs

Save and exit. then update opkg , install asterisk , and start it.

opkg update
opkg install asterisk18 asterisk18-codec-alaw asterisk18-chan-iax2 asterisk-gui
/etc/init.d/asterisk enable
/etc/init.d/asterisk start

Upon successful start you can see following ports (5038 and 8088 started) as showed below …

root@metarouter:~# netstat -l
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0  *               LISTEN
tcp        0      0    *               LISTEN
tcp        0      0    *               LISTEN
tcp        0      0  *               LISTEN

Now you can access asterisk GUI via


Default ID Password is

Id = admin
Password = ast-owrt

You can change the password and other stuff in /etc/asterisk/manager.conf

Note: in RB750 , client faced issue that after rebooting / power on off the host router, web page of asterisk doesnt work and time out. on RB2011 there was no such issue with same image.

5- Howto setup NTP to solve DATE Time synch issue

Mikrotik itself and most hardware devices supported by OpenWrt do not have a hardware clock.Therefore use NTP package to solve the date time synch issue,

opkg update
opkg install ntpd
/etc/init.d/sysntpd disable
/etc/init.d/ntpd enable
/etc/init.d/ntpd start

# To view if NTP is started properly or not
netstat -l | grep ntp

Note: It will take some after reboot to synch time with the internet, make sure internet is operational in metarouter.

 6- Howto disable firewall [17th Mrach, 2015 13:00 hrs]

/etc/init.d/firewall stop
/etc/init.d/firewall disable


To be continued ….

Syed Jahanzaib

February 15, 2015

Windows Server 2008 R2 Active Directory Reference Guide.

Howto enable RECYCLE BIN in Widnows 2008 Active Directory Server.

Pre requisite to enable Recycle Bin in Windows 2008 Active Directory.

1- Domain controller must be Windows 2008 R2 or later.
2- Forest and domain functional levels must be Windows Server 2008 R2, If not , then first raise functional level to windows 2008 R2 using ADUC
3- Enable Recycle Bin using Power Shell. Follow the below to do so
> Open powershell by using CMD and type powershell
> Load AD module by using following command.

Import-Module ActiveDirectory

Now activate Recycle BIN using following command

Enable-ADOptionalFeature -Identity ‘CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=zaib,DC=com’ -Scope ForestOrConfigurationSet -Target ‘’

Note: Change the zaib , com and to match your local domain name

Delete any single user from AD for test purpose

> Now delete any user for test purpose via AD or net command

> From Powershell , Search for deleted items using following commands (TIP: To execute commands related to AD, always load module ActiveDirectory after you launch PowerShell)

Get-ADObject -Filter {name -like “*test*” -and deleted -eq $true} -IncludeDeletedObjects

Note: Change the *test to match the name or portion of delete user name

Restore Deleted User

To restore the deleted account, use following command

Get-ADObject -Filter {name -like “*test*” -and deleted -eq $true} -IncludeDeletedObjects | Restore-ADObject

If you want to use GUI for easy access, then you can try ADRecycleBin.exe (Active Directory Recycle Bin) which allows administrators to quickly restore deleted Active Directory objects via an easy to use GUI (Graphical User Interface). This is a free Active Directory Recycle Bin tool. You can download it from


Backup and restore system state in windows 2008

Following is an small howto of ‘Backup and restore system state in windows 2008


1- First install the backup features from the Server Manager.
2- Open command prompt and type

wbadmin start systemstatebackup -backuptarget:d:

and press enter. It will ask for confirmation, Type Y to continue

Note: You can use a different backup target of your choosing, it must be a local drive of your server.

When the backup finishes running, you should get a message that the backup completed successfully. Goto your backup drive and you will find folder name WindowsImageBackup with backup data.

RESTORE (Authoritative)

– To restore backup, Boot Windows 2008 in Directory Services Restore Mode (DSRM)

– Open command prompt , First you need to get backup version number so that you may restore correct version of backup, use the followign command to get the version number

wbadmin get versions

– Write down the version you need to use.

– To restore AD in AUTHORITATIVE mode (Usually used for DC), use the following command

wbadmin start systemstaterecovery -version:04/04/2013-15:00 –authsysvol

Note: Change the -version: to match your backup number that noted from wbadmin get version command

– To restore AD in non-authoritative mode, remove the –authsysvol syntax at the end of the command (Usually used at ADC)

To get mroe info, please visit for more detailed step by step guide with snapshots

Syed Jahanzaib

Create a free website or blog at

%d bloggers like this: