CentOS 6.6 Major Package versions

CentOS 6.6 ships with these versions of some core packages:

Package Version
Perl 5.10.1 (bleh)
PHP 5.3.3
Vim 7.2.411
Firefox 31.2.0
Apache 2.2.15
Leave A Reply

ISC DHCP: Specific lease time for a given host

I needed to test lease timeout for a specific host. Rather than lowering the lease time globally for all clients I was able to target a specific MAC address using the following configuration block:

host shortlease_9b7d {
    hardware ethernet 00:5f:16:36:9b:7d;

    default-lease-time 900;
    max-lease-time 900;
    min-lease-time 900;
}
Leave A Reply

Linux: Block DNS queries for specific zone with IPTables

I have been seeing a lot of weird/bogus DNS traffic (thousands of queries a second) hitting our servers lately and I decided to try and block it. Specifically I saw tons of requests coming in for proxypipe.net with a bunch of random hosts prepended. Things like: 6Gdb1QlP.f.proxypipe.net., mhl00ULG.e.proxypipe.net., clacqxlG.f.proxypipe.net., etc. I decided I would block all DNS requests that contained the "proxypipe.net" anywhere in the packet.

The easiest way is to use iptables to block packets that contain a specific string. The problem with this approach is that DNS packets do not contain the actual string. Instead they are encoded in this manner: X domain Y TLD

Where X is the number of bytes in the domain portion, and Y is the number bytes of characters in the TLD portion. This makes your iptables rules look like this:

iptables -A INPUT -i eth0 -p udp --dport 53 -m string --hex-string "|09|proxypipe|03|net" --algo bm -j DROP
iptables -A INPUT -i eth0 -p udp --dport 53 -m string --hex-string "|06|kitten|02|ru" --algo bm -j DROP
iptables -A INPUT -i eth0 -p udp --dport 53 -m string --hex-string "|03|www|07|puppies|04|woof" --algo bm -j DROP

Advanced:

Technically the query looks like X domain Y TLD 0 where the zero indicates that there are no more parts of the domain. This is immediately followed by two bytes indicating the type of query.

This allows you to get fancy and only block specific types of queries for a domain while allowing others:

Type Code
Any 00ff
A 0011
CNAME 0005
MX 000f
AAAA 001c
NS 0002
SOA 0006

If you wanted to block all MX requests for domain.com you would do a rule like this:

iptables -A INPUT -i eth0 -p udp --dport 53 -m string --hex-string "|06|domain|03|com|00000f|" --algo bm -j DROP

IPTables converts your string rules to hex, so it is helpful to add a comment so you can read them later using iptables -vnL. You can use the iptables comment module to document your rules.

iptables -A INPUT -i eth0 -p udp --dport 53 -m string --hex-string "|06|domain|03|net|00000f|" \
--algo bm -j DROP -m comment --comment 'Block domain.net MX'
Leave A Reply

Fedora 21: Major package versions

Fedora 21 looks like it will ship with following package versions:

Package Version
Perl 5.18.4
PHP 5.6.2
Vim 7.4.475
Firefox 33.0
Apache 2.4.10
Leave A Reply

Git: Show changes made today or yesterday

I found two cool Git aliases that will show you all the commits that have been made today or yesterday. It's a simple way to figure out what you accomplished.

Define the aliases:

git config --global alias.today "log --since=midnight --oneline --graph --decorate"
git config --global alias.yesterday "log --after=yesterday.midnight --before 0am --oneline --graph --decorate"

Then run it with:

git today
git yesterday

I borrowed the idea from Coderwall.

Leave A Reply

Piers Anthony - Xanth Series

Here is a list of all the Xanth books currently available.

  1. A Spell for Chameleon (1977)
  2. The Source of Magic (1979)
  3. Castle Roogna (1979)
  4. Centaur Aisle (1982)
  5. Ogre, Ogre (1982)
  6. Night Mare (1983)
  7. Dragon on a Pedestal (1983)
  8. Crewel Lye (1984)
  9. Golem in the Gears (1986)
  10. Valey of the Vole (1987)
  11. Heaven Cent (1988)
  12. Man from Mundania (1989)
  13. Isle of View (1990)
  14. Quesiton Quest (1991)
  15. Color of her Panties (1992)
  16. Demons Don't Dream (1993)
  17. Harpy Time (1994)
  18. Geis of the Gargoyle (1995)
  19. Roc and Hard Place (1995)
  20. Yon Ill Wind (1996)
  21. Faun and Games (1997)
  22. Zombie Lover (1998)
  23. Xone of Contention (1999)
  24. The Dastard (2000)
  25. Swell Foop (2001)
  26. Up in a Heaval (2002)
  27. Cube Route (2003)
  28. Currant Events (2004)
  29. Pet Peeve (2005)
  30. Stork Naked (2006)
  31. Air Apparent (2007)
  32. Two to the Fifth (2008)
  33. Jumper Cable (2009)
  34. Know Gneiss (2010)
  35. Well-Tempered Clavicle (2011)
  36. Luck of the Draw (2013)
  37. Esrever Doom (2104)
  38. Board Stiff (2014)
  39. Five Portraits (2014)
  40. Isis Orb (TBD)
Leave A Reply - 1 Reply

Perl: remove empty elements from array

I have an array with a bunch of empty strings, and other "empty" items, that I want to remove. Perl's grep() command makes this very simple:

@a = ("one", "", "three", "four", 0, "", undef, "eight");

@b = grep($_, @a);

# @b = ("one","three","four","eight");

The first argument to grep is an expression which evaluates whether $_ is a truthy value. This could easily also have been $_ ne "" so we don't also filter out false and 0.

Leave A Reply

Perl: assign a regexp search/replace to a variable

Often I will want to assign a variable to be a search and replace of another variable. Logically you might write it like this:

$str = "foofoofoobar";
$new = $str =~ s/foo/FOO/g;

# $new contains 3 because three things were replaced in the string
print "$new\n";

This will not work because you are assigning the number of replacements made to $new. This is not what we wanted. Instead we want the search and replace to return the new string:

$str = "foobar";
$new = $str =~ s/foo/FOO/gr;

print "$new\n";

Note the /r after the regular expression. Documentation on /r is in Perlop

Leave A Reply

Reddit: School funding

It's not about priorities. It's about budget allocation and constraints. There is a common misunderstanding between many governmental systems, charities, and other non-profit organizations.

The public tends to think that their school has X amount of money and that money is in one big pile that they can spend on anything. The public assumes that teachers, overhead, and operating costs should get paid first, then schools can buy fancy new computers, renovate buiildings, etc...

Unfortunately, that's not how budgets work 99% of the time. School districts often receive large gifts and grants from individuals and organizations that they are contractually obligated to spend on certain goals/objects. Joe Schmo didn't give Y school district $1,000,000 to spend on anything; he gave them $1,000,000 under the conditions that the money is spent on school equipment for the kids (i.e. laptops, desktops, textbooks, playground equipment, etc...). He can exclude or include any specific item or place for the funds to be used. School districts occasionally have local taxes levied for them. For example, my area (about three school districts) imposes a 1% additional sales tax on its citizens. The 1% collected HAS to be used on school renovations, period. The money cannot be used for anything else. In a similar manner, one of the three school districts is putting to vote a tax that would raise property assessment tax by $0.20/$1,000. That money HAS TO BE spent on upgrading school playground equipment, and the school has outlined a 7+ year plan of fund implementation for specific schools within the district.

Borrowed from MisfitMonk on Reddit

Leave A Reply

Coreutils Viewer

I just found Coreutils Viewer, which gives you a progress meter for Linux coreutils. Specifically it can give status on cp, mv, dd, tar, gzip, and cat. It's great for doing a big dd to a flash drive or SD card.

I've used it with good success on Raspberry Pi SD card images.

Leave A Reply

PHP: is_ip() to test if a string is a valid IP address

I needed to test if a string was a valid IP address or not. PHP has filter_var() which tests for a lot of common things (email addresses, urls, etc) but I can never remember the syntax. Here is a simple wrapper function to match IPv4 and IPv6 addresses.

function is_ip($str) {
    $ret = filter_var($str, FILTER_VALIDATE_IP);

    return $ret;
}

If you just want to match IPv4 addresses:

function is_ipv4($str) {
    $ret = filter_var($str, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4);

    return $ret;
}
Leave A Reply

PHP: fakepath() to clean up a file path

Needed a quick function to remove relative elements from a path. Similar to PHP's realpath() but doesn't require the file to exist on the local filesystem. This also works for URLs.

function fakepath($url) {
    $split = preg_split("|/|",$url);
    $first = substr($url,0,1);

    foreach ($split as $item) {
        if ($item === "." || $item === "") {
            // If it's a ./ then it's nothing (just that dir) so don't add/delete anything
        } elseif ($item === "..") {
            // Remove the last item added since .. negates it.
            $removed = array_pop($ret);
        } else {
            $ret[] = $item;
        }
    }

    // Rebuild the string
    $ret = join("/",$ret);

    // Remove dupe /
    $ret = preg_replace("!/+!","/",$ret);

    // Restore the double / after the HTTP:
    $ret = preg_replace("!(https?:/)!","$1/",$ret);

    if ($first === '/') {
        $ret = "/$ret";
    }

    return $ret;
}
Leave A Reply

CentOS 7 has been released

CentOS 7.0 has been released and I gathered the versions of some core packages:

Package Version
Perl 5.16.3
PHP 5.4.16
Vim 7.4.160
Firefox 24.6.0
Apache 2.4.6
Leave A Reply

PHP: Assign a default value to a variable

PHP E_ALL causes a warning to be thrown if you read an unitialized value from an array. For example if you did $debug = $_GET['debug']; but debug is not present in $_GET.

This function will conditionally assign a value to a variable that will not cause a warning to be thrown. It also has the added benefit of having a default option that you can specify.

function var_set(&$value, $default = null) {
    if (isset($value)) {
        return $value;
    } else {
        return $default;
    }
}

This allows us to safely assign a variable from the superglobals.

# Default of null if not in array
$debug = var_set($_GET['debug']);

# Specific default of 99
$level = var_set($_GET['level'],99);
Leave A Reply

PHP: is_flat_array()

PHP supports numeric and associative arrays. PHP's numeric arrays do not have to be sequential, and I wanted a test for that.

function is_flat_array($array) {
    if (!is_array($array)) { return false; }

    $current = 0;
    foreach (array_keys($array) as $key) {
        if ($key !== $current) { return false; }

        $current++;
    }

    return true;
}

I wrote up all the test cases I could think of:

var_dump(is_flat_array(array(1, 2, 3)));                // True
var_dump(is_flat_array(array()));                       // True
var_dump(is_flat_array(array('foo' => 'bar')));         // False
var_dump(is_flat_array(array(0 => 3, 'foo' => 'bar'))); // False
var_dump(is_flat_array(array(0 => 3, 1 => 3, 2 => 3))); // True
var_dump(is_flat_array(array(0 => 3, 2 => 3, 3 => 3))); // False
var_dump(is_flat_array("foo"));                         // False

See also: Test for numeric and associative arrays

Leave A Reply