Dual_boot windows10 and linux by using clover on a uefi PC that cannot be booted from nvme
It is dual boot with clover. This method is written in the last XXX)
The mask is grilled, and the bottom is an ultraviolet LED. Ultraviolet light penetrates through the mask, which is a self-flowing corona countermeasure.
However, ** 222nm ** ultraviolet rays "almost inactivate viruses and bacteria in a few minutes of irradiation", but it is ** unknown ** whether they are at this wavelength. But it was good because the mask that got wet with breath dries. (Corona is derived from a bat that flies through the dark night, and Black Devil dies in the light)
I don't know anything, but it's just a report.
I bought a used PC
I see, it's 1x, so it can't reach 1GB / sec ~
| Used purchase at Dell OptiPlex 3020SSF |
|---|
| Install Windows 10 Pro 64bit 1909 in UEFI on a brand new M.2 NVMe 128GB. |
| Realize speed that is impossible with SSD with nvme |
| ** Do not remove or erase the 16GB USB memory that comes with the product. (It is a boot loader and cannot be started) ** |
is what they said
** With clover ** in USB memory ** It is a mechanism to start windows 10 installed on nvme ** (OptiPlex 3020SSF is probably a machine that can not be started from nvme itself, so it probably needed clover)
| But ** Because it is troublesome to attach a USB memory ** |
|---|
| I cloned the USB memory to a 160GB 3.5 inch mechanical hard disk that is not used by dd. |
Then ** without USB memory ** windows10 will start from nvme
| In other words, now I only have a 160GB hard disk and NVME on my PC. |
|---|
1) Analysis of clover USB memory
fdisk -l /dev/sdc
Device start position end position sector size type
/dev/sdc1 40 409639 409600 200M EFI system
/dev/sdc2 411648 15628287 15216640 7.3G Microsoft basic data
---------------------About sdc1----------------
# mount /dev/sdc1 /mc1
[elite jaro]# ls -l /mc1
Total 442
drwxr-xr-x 4 root root 512 July 8 23:38 EFI
drwxr-xr-x 2 root root 512 July 8 23:38 EFI-Backups
drwxr-xr-x 4 root root 512 July 8 23:38 Library
drwxr-xr-x 4 root root 512 July 8 23:38 'System Volume Information'
-rwxr-xr-x 1 root root 450048 February 25 00:19 boot
drwxr-xr-x 4 root root 512 July 8 23:38 usr
# du /mc1/EFI
865 /mc1/EFI/BOOT
1 /mc1/EFI/CLOVER/misc
1 /mc1/EFI/CLOVER/ACPI/origin
1 /mc1/EFI/CLOVER/ACPI/WINDOWS
1 /mc1/EFI/CLOVER/ACPI/patched
4 /mc1/EFI/CLOVER/ACPI
2720 /mc1/EFI/CLOVER/tools
26 /mc1/EFI/CLOVER/drivers/UEFI
26 /mc1/EFI/CLOVER/drivers
1 /mc1/EFI/CLOVER/kexts/10.11
1 /mc1/EFI/CLOVER/kexts/Other
1 /mc1/EFI/CLOVER/kexts/10.14
1 /mc1/EFI/CLOVER/kexts/10.13
1 /mc1/EFI/CLOVER/kexts/10.12
1 /mc1/EFI/CLOVER/kexts/10.15
1 /mc1/EFI/CLOVER/kexts/Off
8 /mc1/EFI/CLOVER/kexts
19 /mc1/EFI/CLOVER/OEM/SystemProductName/UEFI
37 /mc1/EFI/CLOVER/OEM/SystemProductName
38 /mc1/EFI/CLOVER/OEM
1 /mc1/EFI/CLOVER/ROM
30 /mc1/EFI/CLOVER/doc
98 /mc1/EFI/CLOVER/themes/BGM/Anim_4_Options
111 /mc1/EFI/CLOVER/themes/BGM/Anim_5_Graphics
96 /mc1/EFI/CLOVER/themes/BGM/Anim_14_Themes
109 /mc1/EFI/CLOVER/themes/BGM/Anim_11_Tables
98 /mc1/EFI/CLOVER/themes/BGM/Anim_6_CPU
110 /mc1/EFI/CLOVER/themes/BGM/Anim_12_RC_Script
101 /mc1/EFI/CLOVER/themes/BGM/Anim_13_PCI_Devices
104 /mc1/EFI/CLOVER/themes/BGM/Anim_8_DSDT
194 /mc1/EFI/CLOVER/themes/BGM/Anim_1_Logo
95 /mc1/EFI/CLOVER/themes/BGM/Anim_2_About
101 /mc1/EFI/CLOVER/themes/BGM/alternative_icons
358 /mc1/EFI/CLOVER/themes/BGM/icons
90 /mc1/EFI/CLOVER/themes/BGM/Anim_3_Help
107 /mc1/EFI/CLOVER/themes/BGM/Anim_7_Binaries
105 /mc1/EFI/CLOVER/themes/BGM/Anim_9_Boot_Sequence
5 /mc1/EFI/CLOVER/themes/BGM/scrollbar
108 /mc1/EFI/CLOVER/themes/BGM/Anim_15_SysVars
110 /mc1/EFI/CLOVER/themes/BGM/Anim_10_SMBIOS
2306 /mc1/EFI/CLOVER/themes/BGM
1 /mc1/EFI/CLOVER/themes/random
10 /mc1/EFI/CLOVER/themes/embedded
2335 /mc1/EFI/CLOVER/themes
6055 /mc1/EFI/CLOVER
6924 /mc1/EFI
# find /mc1 -name *efi
/mc1/EFI/BOOT/BOOTX64.efi
/mc1/EFI/CLOVER/tools/Shell64.efi
/mc1/EFI/CLOVER/tools/bdmesg.efi
/mc1/EFI/CLOVER/tools/Shell64U.efi
/mc1/EFI/CLOVER/tools/Shell32.efi
/mc1/EFI/CLOVER/drivers/UEFI/NvmExpressDxe.efi
/mc1/EFI/CLOVER/CLOVERX64.ef
# find /mc1 -name *plist*
/mc1/.Spotlight-V100/Store-V1/VolumeConfig.plist
/mc1/.Spotlight-V100/VolumeConfiguration.plist
/mc1/EFI/CLOVER/OEM/SystemProductName/UEFI/config-sample.plist
/mc1/EFI/CLOVER/OEM/SystemProductName/config-sample.plist
**/mc1/EFI/CLOVER/config.plist**
/mc1/EFI/CLOVER/._config.plist
/mc1/EFI/CLOVER/themes/BGM/theme.plist
/mc1/EFI/CLOVER/themes/random/theme.plist
/mc1/EFI/CLOVER/themes/embedded/theme.plist
/mc1/Library/Receipts/org.clover.post.plist
/mc1/Library/Receipts/org.clover.cloverefi.64.sata.plist
/mc1/Library/Receipts/org.clover.themes.bgm.plist
/mc1/Library/Receipts/org.clover.efifolder.plist
/mc1/Library/Receipts/org.clover.drivers64uefi.nvmexpressdxe.uefi.plist
/mc1/Library/Receipts/org.clover.biosboot.plist
/mc1/Library/Receipts/org.clover.utils.plist
/mc1/Library/Receipts/org.clover.bootloader.boot0ss.plist
/mc1/Library/Receipts/org.clover.pre.plist
/mc1/Library/Preferences/com.projectosx.clover.installer.plist
# head -50 /mc1/EFI/CLOVER/config.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>#DisableDrivers</key>
<array>
<string>CsmVideoDxe</string>
<string>VBoxExt4</string>
</array>
<key>ACPI</key>
<dict>
<key>#PatchAPIC</key>
<false/>
<key>#ResetAddress</key>
<string>0x64</string>
<key>#ResetValue</key>
<string>0xFE</string>
<key>#SortedOrder</key>
<array>
<string>SSDT-3.aml</string>
<string>SSDT-1.aml</string>
<string>SSDT-2.aml</string>
</array>
<key>#smartUPS</key>
<false/>
<key>AutoMerge</key>
<false/>
<key>DSDT</key>
<dict>
<key>#DropOEM_DSM</key>
<dict>
<key>ATI</key>
<true/>
<key>Firewire</key>
<true/>
<key>HDA</key>
<true/>
<key>HDMI</key>
<true/>
<key>IDE</key>
<true/>
<key>IntelGFX</key>
<true/>
<key>LAN</key>
<true/>
<key>LPC</key>
<false/>
<key>NVidia</key>
<true/>
<key>SATA</key>
------------sdc2---------------
# mount /dev/sdc2 /mc2
# ls -l /mc2/
.Spotlight-V100/ .fseventsd/ System Volume Information/
# ls -l /mc2/System\ Volume\ Information/
8 in total
-rwxr-xr-x 1 root root 76 July 12 02:14 IndexerVolumeGuid
-rwxr-xr-x 1 root root 12 July 12 02:15 WPSettings.dat
# find /mc2 -name *efi
# (None)
# find /mc2 -name *plist*
/mc2/.Spotlight-V100/Store-V1/VolumeConfig.plist
/mc2/.Spotlight-V100/VolumeConfiguration.plist
XXX) How to make dual boot of windows10 and manjaro linux
-
Premise Currently only windows 10 is included in nvme There is also a mechanical hard disk, but this is a clone of a USB memory.
-
Boot from the ** USB memory for installing manjaro **
-
Coexist with windows10, select installation and install
-
** How to boot linux ** Since this PC is a dell, press ** F10 ** as soon as you turn on the power. Then the following screen will come
- If you press the linux mark here, manjar will start up as shown in the following screen.
The mystery has melted a little, so I'm toasting with whiskey while listening to the next song, Mom is Sayuri Ishikawa, it's delicious https://www.youtube.com/watch?v=7o5gw1q_8Dg
George Yanagi, I drank too much and my voice was ~ https://www.youtube.com/watch?v=to8xyPlVAe4 I give an opinion, but I don't listen https://www.youtube.com/watch?v=f91WTqMf7aE
https://www.apiste.co.jp/contents/water/chapter01.html according to There is 1.4 billion km3 of water on the earth 1410^8(10^310^310^3)(10^210^210^2)=1410^23 cm3
Assuming that a person weighing 60 kg has 50 kg of water 50 * 10 ^ 3/18 * (6 * 10 ^ 23) = 16666 * 10 ^ 23 ** pieces **
Therefore, when person A is cremated and its water is released into the atmosphere and mixed evenly with 1.4 billion km3 of water. There are 16666/14 = ** 1190 ** of water molecules of former person A in 1 cm square water. Therefore
(Become a thousand winds, no, 1190 pieces / cc, I'm everywhere)
Is this a reincarnation? The water molecules that made up the former person A became plants and animals ...
From https://www.youtube.com/watch?v=pIpI5DB6lXk&t=3703s
The solution is to take a break, so that you can boot from a USB memory
#modprobe fuse
#fuseiso ./Clover-v2.5k-5070-X64.iso /mnt
#mount /dev/sdc1 /mc1
#rsync -avHx /mnt/ /mc1/
# reboot
When booting from the USB memory created in this way
However, with the USB memory clover I made, windows10 will start, but manjaro will not. It seems that some seasoning is applied. However, the USB memory clover that came with the purchase will start manjaro easily. This information is described.
This time it is the case of another personal computer ** elitedesk 800g1sff **
# df
File system size used Remaining used%Mount position
dev 3.9G 0 3.9G 0% /dev
run 3.9G 1.4M 3.9G 1% /run
/dev/nvme0n1p2 225G 8.3G 206G 4% /
tmpfs 3.9G 235M 3.7G 6% /dev/shm
tmpfs 3.9G 0 3.9G 0% /sys/fs/cgroup
tmpfs 3.9G 8.5M 3.9G 1% /tmp
/dev/nvme0n1p1 300M 280K 300M 1% /boot/efi
tmpfs 787M 12K 787M 1% /run/user/1000
cat /etc/fstab
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a device; this may
# be used with UUID= as a more robust way to name devices that works even if
# disks are added and removed. See fstab(5).
#
# <file system> <mount point> <type> <options> <dump> <pass>
UUID=9190-B611 /boot/efi vfat umask=0077 0 2
UUID=dee0d6a3-b03d-4a1e-8aa1-f9a06c47a8c4 / ext4 defaults,noatime 0 1
UUID=1b9bac8f-3c31-449d-8876-edca881518f6 swap swap defaults,noatime 0 2
When you start while pressing the F7 key
I will come. F7 If you don't stick, grub will come suddenly /dev/sda1: LABEL_FATBOOT="EFI" LABEL="EFI" UUID="67E3-17ED" BLOCK_SIZE="512" TYPE="vfat" PARTLABEL="EFI System Partition" PARTUUID="f7bc121e-7243-4193-813d-df9c889ba418"
blkid /dev/nvme0n1p1 /dev/nvme0n1p1: UUID="9190-B611" BLOCK_SIZE="512" TYPE="vfat" PARTUUID="530a0aac-4c5e-e74d-a3ef-4bbf8c9f3bd6" Based on
** Suddenly grub ** looks like this
https://youtu.be/d2vZUJKFkF4
It should be noted that https://support.microsoft.com/ja-jp/help/2879602/unable-to-boot-if-more-than-one-efi-system-partition-is-present And https://zunda-hack.com/2020:01/30/how-to-hide-clover-extra-boot-disk/ Something useful
| Hackintosh(OSx86)Is macOS on a non-Apple computer(OSX)Refers to running. Originally, Macintosh was equipped with an IBM CPU, but Apple changed the route from IBM to a general-purpose CPU made by Intel around 2005. That's why Hackintosh is a project in a dream that started with the idea that a Mac could be used on a machine running Windows. |
|---|
| http://www.yshimabu.com/index.php/2019/11/28/osx86/Than |
| So the clover, which is closely related to Hackintosh, is subtle. |
# hdparm -t /dev/nvme0n1p2
/dev/nvme0n1p2:
HDIO_DRIVE_CMD(identify) failed: Inappropriate ioctl for device
Timing buffered disk reads: 5690 MB in 3.00 seconds = 1896.04 MB/sec
**Oh, the speed is close to 2G**
#grub.The central part of conf is
menuentry 'Manjaro Linux' --class manjaro --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-simple-dee0d6a3-b03d-4a1e-8aa1-f9a06c47a8c4' {
savedefault
load_video
set gfxpayload=keep
insmod gzio
insmod part_gpt
insmod ext2
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root dee0d6a3-b03d-4a1e-8aa1-f9a06c47a8c4
else
search --no-floppy --fs-uuid --set=root dee0d6a3-b03d-4a1e-8aa1-f9a06c47a8c4
fi
linux /boot/vmlinuz-5.6-x86_64 root=UUID=dee0d6a3-b03d-4a1e-8aa1-f9a06c47a8c4 rw quiet apparmor=1 security=apparmor resume=UUID=1b9bac8f-3c31-449d-8876-edca881518f6 udev.log_priority=3
initrd /boot/intel-ucode.img /boot/initramfs-5.6-x86_64.img
}
It should be noted that
# blkid /dev/nvme0n1p1
/dev/nvme0n1p1: UUID="9190-B611" BLOCK_SIZE="512" TYPE="vfat" PARTUUID="530a0aac-4c5e-e74d-a3ef-4bbf8c9f3bd6"
# blkid /dev/nvme0n1p2
/dev/nvme0n1p2: UUID="dee0d6a3-b03d-4a1e-8aa1-f9a06c47a8c4" BLOCK_SIZE="4096" TYPE="ext4" PARTUUID="17da0da7-c545-504e-8e33-c0affa352200"<-
# fdisk -l
disk/dev/nvme0n1: 238.49 GiB,256060514304 bytes,500118192 sectors
Device start position end position sector size type
/dev/nvme0n1p1 4096 618495 614400 300M EFI system
/dev/nvme0n1p2 618496 481648510 481030015 229.4G Linux file system
/dev/nvme0n1p3 481648511 500103449 18454939 8.8G Linux swap
disk/dev/sda: 149.5 GiB,160041885696 bytes,312581808 sector
Device start position end position sector size type
/dev/sda1 40 409639 409600 200M EFI system
/dev/sda2 411648 15628287 15216640 7.3G Microsoft basic data
/dev/sda3 15628288 312581774 296953487 141.6G Linux file system
disk/dev/sdb: 465.78 GiB,50010786 2016 bytes,976773168 sector
Device start position end position sector size type
/dev/sdb1 2048 1085439 1083392 529M Windows recovery environment
/dev/sdb2 1085440 1290239 204800 100M EFI system
/dev/sdb3 1290240 1323007 32768 16M Microsoft Reserved Area
/dev/sdb4 1323008 250068991 248745984 118.6G Microsoft basic data
/dev/sdb5 250068992 643284991 393216000 187.5G Linux file system <-Data area (for backup)
/dev/sdb6 643284992 976771071 333486080 159G Linux file system <-ubuntu
The mystery has melted in practice, but not enough. However, if the motherboard that boots from nvme becomes common, you don't need clover.
nvme temperature
pacman -S nvme-cli
nvme smart-log /dev/nvme0n1 | grep temperature I'm not using it now temperature : 34 C And other than low
To keep drawing NVME and CPU temperature every 30 seconds
./comment-out.bat nvme-temperature.bat
while true
do
echo '---------------'
date +%Hh:%Mm-%Ss
echo ' nvme temperature'
nvme smart-log /dev/nvme0n1 | grep temperature
echo
echo
echo ' CPU temperature'
sensors | grep Core
echo
echo
echo '================'
sleep 30
done
Run
Then
# ./nvme-temperature.bat
---------------
13h:27m-43s
nvme temperature
temperature : 33 C
CPU temperature
Core 0: +33.0°C (high = +80.0°C, crit = +100.0°C)
Core 1: +34.0°C (high = +80.0°C, crit = +100.0°C)
Core 2: +34.0°C (high = +80.0°C, crit = +100.0°C)
Core 3: +33.0°C (high = +80.0°C, crit = +100.0°C)
================
---------------
13h:28m-13s
nvme temperature
temperature : 32 C
CPU temperature
Core 0: +34.0°C (high = +80.0°C, crit = +100.0°C)
Core 1: +34.0°C (high = +80.0°C, crit = +100.0°C)
Core 2: +34.0°C (high = +80.0°C, crit = +100.0°C)
Core 3: +32.0°C (high = +80.0°C, crit = +100.0°C)
The following is omitted
nat
A) pc A ---> eno1: NVME PC: wlp0s20u7 ---> internet nat.bat just added a hand to what happened on morizot.net
The whole of nat.bat is below
ifconfig eno1 192.168.100.1
X=`ifconfig | grep wlp | cut -d : -f 1`
SYSCTL="/sbin/sysctl -w"
IPT="/sbin/iptables"
IPTS="/sbin/iptables-save"
IPTR="/sbin/iptables-restore"
INET_IFACE=$X
echo '---INET_IFACE---'
echo $INET_IFACE
echo '---INET_IFACE---'
LOCAL_IFACE="eno1"
LOCAL_IP="192.168.100.1"
LOCAL_NET="192.168.100.0/24"
LOCAL_BCAST="192.168.100.255"
LO_IFACE="lo"
LO_IP="127.0.0.1"
if [ "$1" = "save" ]
then
echo -n "Saving firewall to /etc/sysconfig/iptables ... "
$IPTS > /etc/sysconfig/iptables
echo "done"
exit 0
elif [ "$1" = "restore" ]
then
echo -n "Restoring firewall from /etc/sysconfig/iptables ... "
$IPTR < /etc/sysconfig/iptables
echo "done"
exit 0
fi
echo "Loading kernel modules ..."
/sbin/modprobe ip_tables
/sbin/modprobe ip_conntrack
/sbin/modprobe ip_nat_ftp
/sbin/modprobe ip_conntrack_ftp
/sbin/modprobe ip_conntrack_irc
if [ "$SYSCTL" = "" ]
then
echo "1" > /proc/sys/net/ipv4/ip_forward
else
$SYSCTL net.ipv4.ip_forward="1"
fi
if [ "$SYSCTL" = "" ]
then
echo "1" > /proc/sys/net/ipv4/tcp_syncookies
else
$SYSCTL net.ipv4.tcp_syncookies="1"
fi
if [ "$SYSCTL" = "" ]
then
echo "1" > /proc/sys/net/ipv4/conf/all/rp_filter
else
$SYSCTL net.ipv4.conf.all.rp_filter="1"
fi
if [ "$SYSCTL" = "" ]
then
echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
else
$SYSCTL net.ipv4.icmp_echo_ignore_broadcasts="1"
fi
if [ "$SYSCTL" = "" ]
then
echo "0" > /proc/sys/net/ipv4/conf/all/accept_source_route
else
$SYSCTL net.ipv4.conf.all.accept_source_route="0"
fi
if [ "$SYSCTL" = "" ]
then
echo "1" > /proc/sys/net/ipv4/conf/all/secure_redirects
else
$SYSCTL net.ipv4.conf.all.secure_redirects="1"
fi
if [ "$SYSCTL" = "" ]
then
echo "1" > /proc/sys/net/ipv4/conf/all/log_martians
else
$SYSCTL net.ipv4.conf.all.log_martians="1"
fi
echo "Flushing Tables ..."
$IPT -P INPUT ACCEPT
$IPT -P FORWARD ACCEPT
$IPT -P OUTPUT ACCEPT
$IPT -t nat -P PREROUTING ACCEPT
$IPT -t nat -P POSTROUTING ACCEPT
$IPT -t nat -P OUTPUT ACCEPT
$IPT -t mangle -P PREROUTING ACCEPT
$IPT -t mangle -P OUTPUT ACCEPT
$IPT -F
$IPT -t nat -F
$IPT -t mangle -F
$IPT -X
$IPT -t nat -X
$IPT -t mangle -X
if [ "$1" = "stop" ]
then
echo "Firewall completely flushed! Now running with no firewall."
exit 0
fi
$IPT -P INPUT DROP
$IPT -P OUTPUT DROP
$IPT -P FORWARD DROP
echo "Create and populate custom rule chains ..."
$IPT -N bad_packets
$IPT -N bad_tcp_packets
$IPT -N icmp_packets
$IPT -N udp_inbound
$IPT -N udp_outbound
$IPT -N tcp_inbound
$IPT -N tcp_outbound
$IPT -A bad_packets -p ALL -i $INET_IFACE -s $LOCAL_NET -j LOG \
--log-prefix "Illegal source: "
$IPT -A bad_packets -p ALL -i $INET_IFACE -s $LOCAL_NET -j DROP
$IPT -A bad_packets -p ALL -m state --state INVALID -j LOG \
--log-prefix "Invalid packet: "
$IPT -A bad_packets -p ALL -m state --state INVALID -j DROP
$IPT -A bad_packets -p tcp -j bad_tcp_packets
$IPT -A bad_packets -p ALL -j RETURN
$IPT -A bad_tcp_packets -p tcp -i $LOCAL_IFACE -j RETURN
$IPT -A bad_tcp_packets -p tcp ! --syn -m state --state NEW -j LOG \
--log-prefix "New not syn: "
$IPT -A bad_tcp_packets -p tcp ! --syn -m state --state NEW -j DROP
$IPT -A bad_tcp_packets -p tcp --tcp-flags ALL NONE -j LOG \
--log-prefix "Stealth scan: "
$IPT -A bad_tcp_packets -p tcp --tcp-flags ALL NONE -j DROP
$IPT -A bad_tcp_packets -p tcp --tcp-flags ALL ALL -j LOG \
--log-prefix "Stealth scan: "
$IPT -A bad_tcp_packets -p tcp --tcp-flags ALL ALL -j DROP
$IPT -A bad_tcp_packets -p tcp --tcp-flags ALL FIN,URG,PSH -j LOG \
--log-prefix "Stealth scan: "
$IPT -A bad_tcp_packets -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP
$IPT -A bad_tcp_packets -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j LOG \
--log-prefix "Stealth scan: "
$IPT -A bad_tcp_packets -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP
$IPT -A bad_tcp_packets -p tcp --tcp-flags SYN,RST SYN,RST -j LOG \
--log-prefix "Stealth scan: "
$IPT -A bad_tcp_packets -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
$IPT -A bad_tcp_packets -p tcp --tcp-flags SYN,FIN SYN,FIN -j LOG \
--log-prefix "Stealth scan: "
$IPT -A bad_tcp_packets -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
$IPT -A bad_tcp_packets -p tcp -j RETURN
$IPT -A icmp_packets --fragment -p ICMP -j LOG \
--log-prefix "ICMP Fragment: "
$IPT -A icmp_packets --fragment -p ICMP -j DROP
$IPT -A icmp_packets -p ICMP -s 0/0 --icmp-type 8 -j DROP
$IPT -A icmp_packets -p ICMP -s 0/0 --icmp-type 11 -j ACCEPT
$IPT -A icmp_packets -p ICMP -j RETURN
$IPT -A udp_inbound -p UDP -s 0/0 --destination-port 137 -j DROP
$IPT -A udp_inbound -p UDP -s 0/0 --destination-port 138 -j DROP
$IPT -A udp_inbound -p UDP -s 0/0 --source-port 67 --destination-port 68 \
-j ACCEPT
$IPT -A udp_inbound -p UDP -j RETURN
$IPT -A udp_outbound -p UDP -s 0/0 -j ACCEPT
$IPT -A tcp_inbound -p TCP -j RETURN
$IPT -A tcp_outbound -p TCP -s 0/0 -j ACCEPT
echo "Process INPUT chain ..."
$IPT -A INPUT -p ALL -i $LO_IFACE -j ACCEPT
$IPT -A INPUT -p ALL -j bad_packets
$IPT -A INPUT -p ALL -d 224.0.0.1 -j DROP
$IPT -A INPUT -p ALL -i $LOCAL_IFACE -s $LOCAL_NET -j ACCEPT
$IPT -A INPUT -p ALL -i $LOCAL_IFACE -d $LOCAL_BCAST -j ACCEPT
$IPT -A INPUT -p ALL -i $INET_IFACE -m state --state ESTABLISHED,RELATED \
-j ACCEPT
$IPT -A INPUT -p TCP -i $INET_IFACE -j tcp_inbound
$IPT -A INPUT -p UDP -i $INET_IFACE -j udp_inbound
$IPT -A INPUT -p ICMP -i $INET_IFACE -j icmp_packets
$IPT -A INPUT -m pkttype --pkt-type broadcast -j DROP
$IPT -A INPUT -m limit --limit 3/minute --limit-burst 3 -j LOG \
--log-prefix "INPUT packet died: "
echo "Process FORWARD chain ..."
$IPT -A FORWARD -p ALL -j bad_packets
$IPT -A FORWARD -p tcp -i $LOCAL_IFACE -j tcp_outbound
$IPT -A FORWARD -p udp -i $LOCAL_IFACE -j udp_outbound
$IPT -A FORWARD -p ALL -i $LOCAL_IFACE -j ACCEPT
$IPT -A FORWARD -i $INET_IFACE -m state --state ESTABLISHED,RELATED \
-j ACCEPT
$IPT -A FORWARD -m limit --limit 3/minute --limit-burst 3 -j LOG \
--log-prefix "FORWARD packet died: "
echo "Process OUTPUT chain ..."
$IPT -A OUTPUT -m state -p icmp --state INVALID -j DROP
$IPT -A OUTPUT -p ALL -s $LO_IP -j ACCEPT
$IPT -A OUTPUT -p ALL -o $LO_IFACE -j ACCEPT
$IPT -A OUTPUT -p ALL -s $LOCAL_IP -j ACCEPT
$IPT -A OUTPUT -p ALL -o $LOCAL_IFACE -j ACCEPT
$IPT -A OUTPUT -p ALL -o $INET_IFACE -j ACCEPT
$IPT -A OUTPUT -m limit --limit 3/minute --limit-burst 3 -j LOG \
--log-prefix "OUTPUT packet died: "
echo "Load rules for nat table ..."
$IPT -t nat -A POSTROUTING -o $INET_IFACE -j MASQUERADE
echo "Load rules for mangle table ..."
[elitedesk800g1sff jaro]#
B) pc A will then go to the internet route.bat
route add default gw 192.168.100.10
rm /etc/resolv.conf
echo 'nameserver 8.8.8.8' > /etc/resolv.conf
ping -c 3 www.google.com
Go back to the beginning optiplex3020
litedesk800g1sff is too complicated for analysis because it has clover sda, win10 sdb, manjaro nvme0n1 Therefore, optiplex3020 wants to see clover sda win10 + manjaro nvme0n1. I added manjaro to nvme0n1 for analysis
# fdisk -l
Device start position end position sector size type
/dev/nvme0n1p1 63 883574 883512 431.4M Windows recovery environment
/dev/nvme0n1p2 883575 1188809 305235 149M EFI system
/dev/nvme0n1p3 1188810 1221577 32768 16M Microsoft Reserved Area
/dev/nvme0n1p4 1237005 184105043 182868039 87.2G Microsoft basic data
/dev/nvme0n1p5 184105045 250067789 65962745 31.5G Linux file system
Device start position end position sector size type
/dev/sda1 40 409639 409600 200M EFI system
/dev/sda2 411648 15628287 15216640 7.3G Microsoft basic data
mkdir /mp2 ; mount /dev/nvme0n1p2 /mp2
mkdir /ma1 ;mount /dev/sda1 /ma1
# df
File system size used Remaining used%Mount position
dev 1.9G 0 1.9G 0% /dev
run 1.9G 1.2M 1.9G 1% /run
/dev/nvme0n1p5 31G 7.8G 22G 27% /
tmpfs 1.9G 0 1.9G 0% /dev/shm
tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup
tmpfs 1.9G 8.5M 1.9G 1% /tmp
/dev/nvme0n1p2 148M 26M 123M 17% /mp2
tmpfs 389M 12K 389M 1% /run/user/1000
/dev/sda1 197M 9.9M 188M 6% /ma1
# ls /ma1/
EFI EFI-Backups Library 'System Volume Information' boot usr
# ls /ma1/EFI
BOOT CLOVER Clover_Install_Log.txt
# ls /ma1/EFI/BOOT/
BOOTX64.efi
# ls /ma1/EFI/CLOVER/
ACPI CLOVERX64.efi OEM ROM config.plist doc drivers kexts misc themes tools
--------
# ls /mp2/
EFI
**# ls /mp2/EFI/** <----I value here
Boot Manjaro Microsoft
# ls /mp2/EFI/Boot/
bootx64.efi
# ls /mp2/EFI/Manjaro/
grubx64.efi
# ls /mp2/EFI/Microsoft/
Boot Recovery
Using sddm autologin
# pacman -S sddm
# sddm --example-config > /etc/sddm.conf
# systemctl disable lightdm
Removed /etc/systemd/system/display-manager.service.
# systemctl enable sddm
Created symlink /etc/systemd/system/display-manager.service → /usr/lib/systemd/system/sddm.service.
# diff /etc/sddm.conf-ori /etc/sddm.conf
9c9
< User=
---
> User=ManJaro
However, with sddm, the screen became black and I got stuck in this. Therefore, I returned to lightdm
groupadd -r autologin
gpasswd -a MANjaro autologin
./comment-out.bat /etc/lightdm/lightdm.conf
[Seat:*]
[LightDM]
run-directory=/run/lightdm
[Seat:*]
greeter-session=lightdm-gtk-greeter
user-session=xfce
session-wrapper=/etc/lightdm/Xsession
autologin-user=MANjaro
[XDMCPServer]
[VNCServer]
tar xvf CloverISO-5070.tar.lzma --lzma
do it
modprobe fuse
fuseiso ./Clover-v2.5k-5070-X64.iso /mnt
ls /mnt
EFI Library usr
Recommended Posts