?

Log in

Agnus Dei's Journal

> recent entries
> calendar
> friends
> profile
> previous 20 entries

Tuesday, February 9th, 2016
1:54 pm - undocumented flag in mtr
MTR has a --first-ttl (or -f) option that does NOT show up in the man page for mtr.

The default for this value is 1.

/usr/sbin/mtr --first-ttl 5 --report-wide --report --report-cycles 10 www.google.com

(comment on this)

Monday, February 1st, 2016
10:15 am - Using associative arrays in bash (Example)
Example of using associative arrays in bash.

declare -A ELB_REGION=(
        ["AAAA-ELB"]="us-east-1"
        ["BBBB-ELB"]="us-west-1"
        ["CCCC-ELB"]="us-east-1"
)
declare -A ELB_CRITIALLIMIT=(
        ["AAAA-ELB"]="-1"
        ["BBBB-ELB"]="0"
        ["CCCC-ELB"]="0"
)

# Test for each ELB
for ELB in "${!ELB_REGION[@]}"
do
        # echo $ELB ${ELB_REGION[$ELB]} ${ELB_CRITIALLIMIT[$ELB]}
        RESULTS=`/usr/local/bin/check_elb_health.sh -r  ${ELB_REGION[$ELB]} -c ${ELB_CRITIALLIMIT[$ELB]}  $ELB`
        RETURNCODE=$?
        # RETURNCODE=2  # set for debugging
        track_worst_result $RETURNCODE  # External function

        # Capture the results for any bad checks
        if [[ "$RETURNCODE" -gt "0" ]]; then
                FINALRESULTS="$RESULTS $FINALRESULTS"
        fi
done

(comment on this)

10:12 am - Using standard arrays in bash (Example)
Example of using standard arrays on bash.

# ELB's to check
ELBARRAY[0]="AAAA-ELB"     # dev
ELBARRAY[1]="BBBB-ELB"    #
ELBARRAY[2]="CCCC-ELB"    #

#Matching regions to the above
REGION[0]="us-east-1"
REGION[1]="us-west-1"
REGION[2]="us-east-1"

#CRITICAL LIMIT - Set to -1 for dev servers so they can't alarm critical
CRITLIMIT[0]="-1"  # dev ELB
CRITLIMIT[1]="0"
CRITLIMIT[2]="0"

     
# Test for each ELB
INDEX=0
for foofoo in "${ELBARRAY[@]}"
do   
    RESULTS=`/usr/local/bin/check_elb_health.sh -r ${REGION[$INDEX]} -c ${CRITLIMIT[$INDEX]}  ${ELBARRAY[$INDEX]}`
    RETURNCODE=$?
    # RETURNCODE=2  # set for debugging
    track_worst_result $RETURNCODE  # external function

    # Capture the results for any bad checks
    if [[ "$RETURNCODE" -gt "0" ]]; then
        FINALRESULTS="$RESULTS $FINALRESULTS"
    fi
    ((INDEX=INDEX+1))
done

(comment on this)

Sunday, January 31st, 2016
10:20 am - Converting mkv to m4v/mp4 for use with Connect 360

This is a how to for converting mkv files to mp4 on a mac for use with Xbox360 (Connect 360).

http://www.maclive.net/watchmkvfilesonthexbox360theeasyway/

I've been doing the same thing for years using "video passthrough" with ffmpeg.   Here's my script for that using ffmpeg:


$ cat ~/bin/convert-2-m4v.sh
#!/bin/bash

echo $1
NAME=`echo $1| rev | cut -d. -f2- |rev`
echo $NAME

/opt/local/binary_downloads/ffmpeg -i $1 -vcodec copy -acodec copy $NAME.m4v


(comment on this)

Friday, January 29th, 2016
3:01 pm - Mac OS X's "new" default firewall is Packet Filter ("pf")
A good read on PF for Mac OS X:

https://pleiades.ucsc.edu/hyades/PF_on_Mac_OS_X

(comment on this)

Wednesday, January 13th, 2016
3:37 pm - Daisy Chaining SSH Tunnels

This allows me to connect to a remote database from my desktop by daisy chaining ssh tunnels through a jump host to the remote database.

This way the data is moved over the network encrypted and secure.   In my case all logins are done using GSSAPI (kerberos ticket forwarding).

In a terminal:

# export RANDOMPORT=$RANDOM ; ssh brad.allison@hostname-1.com -L3308:0:$RANDOMPORT RANDOMPORT=$RANDOMPORT ssh brad.allison@hostname-2.com -L$RANDOMPORT:0:3306

OR MUCH EASIER (use ProxyCommand, requires netcat though):

# ssh -o "ProxyCommand ssh brad.allison@hostaname-1.com nc %h %p" -l brad.allison hostname-2.com -L3308:0:3306



Then on my local desktop, run the mysql client (I bound the tunnel to port 3308 locally):

# mysql -uroot -p -h0 -P3308

(comment on this)

Tuesday, January 12th, 2016
11:39 am - Linux: How to find process not releasing disk space back to the OS

Super cool trick to see what process is holding up disk space for a file handle for a file that's already been deleted.

This is wonderful.

An example would be seeing disk utilization at 80% and you clean out all the disk space and the utilization is still at 80%.

This happens when a process is holding a file handle open for a file who's content has been removed.

Here's how you find the PID of the process holding open file handles for deleted files:

lsof | grep deleted

(comment on this)

Saturday, January 9th, 2016
1:14 am - COMCAST SUCKS!
$ traceroute 4.2.2.2
traceroute to 4.2.2.2 (4.2.2.2), 64 hops max, 52 byte packets
 1  192.168.1.1 (192.168.1.1)  1.939 ms  2.573 ms  1.246 ms
 2  XXXXXXXXX (XXXXXXXXX)  14.551 ms  11.536 ms  9.963 ms
 3  162.151.115.53 (162.151.115.53)  9.462 ms  12.051 ms  132.984 ms
 4  xe-8-0-1-0-sur06.pompanobeach.fl.pompano.comcast.net (162.151.123.86)  10.924 ms
    xe-11-0-0-0-sur06.pompanobeach.fl.pompano.comcast.net (69.139.183.74)  12.395 ms
    xe-11-1-2-0-sur06.pompanobeach.fl.pompano.comcast.net (69.139.183.98)  10.251 ms
 5  te-0-3-0-20-ar01.pompanobeach.fl.pompano.comcast.net (162.151.2.225)  10.476 ms
    te-0-3-0-22-ar01.pompanobeach.fl.pompano.comcast.net (162.151.2.233)  10.363 ms
    te-0-3-0-23-ar01.pompanobeach.fl.pompano.comcast.net (162.151.2.237)  10.483 ms
 6  * * *
 7  * * *
 8  * * *
 9  * *^C

(comment on this)

Tuesday, December 29th, 2015
12:24 am - Review of "The Final Girls"
I watched "The Final Girls" last night and really enjoyed it. It's part of this new genre of what I'm calling "meta-horror" movies that are not really horror movies but more thoughtful post-modern (if you will) views on classic horror movies.
Examples of "meta-horror" movies would be "Cabin in the Woods", "It Follows", "The Final Girls", and even back to "Scream." Some are more self aware than others. For example, "The Final Girls" is completely self aware that it's breaking down the components of a class horror movie and using them to the advantage of the heroes. The heroes know they are trapped in a horror movie.
"Cabin in the Woods" was completely meta-horror. You have to be a fan of horror movies to even understand all the references in the movie. Plus like the board in the control room is a list of horror movie archetypes.
Even "Scream" was meta-horror as they broke down for you the plot points of a horror movie.
But "It Follows" was different. "It Follows" was meta-horror, but it didn't throw it in your face. The characters were not aware they were in a horror movie. But it was meta-horror because it was playing on the archetypes of a classic horror movie. For example, a person who has sex in a horror movie is going to die. Well that's like the whole plot line of "It Follows."
So did I like "The Final Girls." Yes. Very enjoyable for a horror movie fan. Would everyone like "The Final Girls?" Probably not. But I'd still watch it again.

(comment on this)

Friday, December 25th, 2015
2:23 pm - I'm in Facebook Jail

I'm in Facebook Jail... but why I'm in Facbeook Jail is a bit infuriating.  Especially given that there's no human being to talk to about it.

I posted the same photo twice on facebook.   The original was uneditted.  The second time, I had adjusted the shadows and contrast a little on my phone via Photoshop Express app.

The photo is below.  It's a photo of me standing next to the pool.  The statue does not count according to the Community Standards on nudity.  Artwork, statues and figurines are allowed.



1- First the original was flagged for "nudity" on Facebook.  Even though there's no nudity in it.

2- The the contrast adjusted one was flagged for "nudity".   The contrast adjusted one was then removed by Facebook for "nudity" even though there's no nudity in the photo.



3- Then the original was reviewed by Facebook and deemed to contain NO COMMUNITY VIOLATIONS, and was NOT removed because there was NO community standards violations:



4- So then I took a screenshot of the photo being removed above along with the "We removed the content" and posted it on Facebook ALONG WITH the screenshot showing that it had been reviewed and found to contain NO violation.  I posted the question, "If it's the same photo both times, and it's reviewed to contain no violations, then why was it removed?"

5- Well that got flagged for "nudity" (even though again, there's no nudity in the photo).   That was then removed and now I'm in Facebook Jail for 24 hours.... On Christmas day.  For a photo that did NOT violate any Facebook standards!

(comment on this)

Thursday, November 19th, 2015
2:38 pm - How to reroute all TCP track to a given port to another server using iptables.
[root@fdsfdsfds ~]# cat /tmp/foo.sh
#!/bin/bash

LOCALPORT=443
REMOTEIP=123.123.123.123  # external IP for remove server
REMOTEPORT=443

iptables -F
iptables -t nat -F
iptables -X

iptables -t nat -A PREROUTING  -p tcp -m tcp --dport $LOCALPORT -j DNAT --to-destination $REMOTEIP:$REMOTEPORT
iptables -t nat -A POSTROUTING -j MASQUERADE

(comment on this)

10:35 am - bash code to tail a file and return the lines, but if you hit a given line, execute a function
My code blocks the tomcat port when we start up tomcat because I don't want tomcat answering web request until it's 100% up.

At the end of the rc script it tail catalina.out for you and returns the lines to your screen.

I have it wait for the "Server startup" line and when it sees the server startup line it calls the function to remove all the 
iptables block lines I've created.

removing_all_iptables_blocks() {
   # List all the current iptables rules
   #  grep just the INPUT/OUTPUT chain DROP's
   #  ignore any ipsets ('match-set')
   #  loop through them and remove them
    iptables-save |egrep -o 'INPUT.*DROP|OUTPUT.*DROP' |grep -v match-set | while read a
         do
            /sbin/iptables -D $a
         done
}

...


      tail -f /usr/local/tomcat/default/logs/catalina.out | while read LOGLINE
            do
               echo "${LOGLINE}"
               [[ "${LOGLINE}" == *"Server startup in"* ]] && removing_all_iptables_blocks
            done
      echo "Tomcat is started"

(comment on this)

Tuesday, November 3rd, 2015
10:01 pm - The true definition of Generation-Y (wikipedia is wrong)

The wikipedia definition for "Generation-Y" is simply wrong.  Wikipedia says that "Generation-Y" == "Millennials" and that's simply wrong.

See I was born in 1973 and I've always referred to myself as Generation-Y.  My brother who is 3 years older than me
is Generation-X (the "do nothing generation.")

You say, "So what's the difference?"  Simple.   Generation-Y were the pineers of the internet.  My brother just missed
the internet explosion because he's 3 years older than me.  He's Generation-X.

I'm Generation-Y.  I had one of the first 10,000 "home pages" on the internet.

But I'm not a Millennial.  So no, Generation-Y does NOT equal a Millennial.   Wikipedia is wrong.

So the clearify this once and for all:

Born in the 1960's = Generation-X
Born in the 1970's = Generation-Y
Born in the 1980's to 1990's = Millennials.

(comment on this)

Thursday, October 29th, 2015
5:09 pm - How to log packets from a Source IP using just iptables
Set up rules to match your IP address for logging. In this example the SRC IP we want to log is 10.0.3.19:

iptables -N LOGGINGCHAIN
iptables -A LOGGINGCHAIN -m limit --limit 20/min -j LOG --log-prefix "iptables: logging: " --log-level 7
iptables -A INPUT -s 10.0.3.19/32 -j LOGGINGCHAIN


Note: We did log-level 7 (debug) because log level 6 is info, and most /etc/rsyslog.conf's have *.info go to /var/log/messages and we don't want to spam /var/log/messages with iptables info.

So instead we add something to /etc/rsyslog.d/ for logging these packets:

cat << EOF >  /etc/rsyslog.d/10-iptables.conf
:msg, contains, "iptables:" -/var/log/iptables.log
:msg, contains, "iptables:" ~
EOF

That says anything that contains the string "iptables:" gets written down to /var/log/iptables.log .

Then restart syslog:
service rsyslog restart

(comment on this)

9:38 am - How to do timeouts in perl

#!/opt/local/bin/perl
$|++;

use strict;
my $timeout_length=3;  # 3 seconds

eval {
        local $SIG{ALRM} = sub { die "timeout\n" };
        alarm $timeout_length;
        infinite_loop();  # call the loop
        # print_line();  # print a single line
        alarm 0;
};

# warn "external command timed out: $@\n" if $@ eq "timeout\n"; # This only prints if the alarm timeout was hit.
if ( $@ eq "timeout\n") {
        warn "The timeout value was hit.... exiting....\n";
        exit 1;
}

sub infinite_loop {
        for( ; ; ) {
                printf "This loop will run forever.\n";
        }
}

sub print_line {
        print "Hello\n" ;
}

(comment on this)

Friday, October 23rd, 2015
12:35 am - Sammydress.com XXL is an American Size Small

This is an actual XXL shirt:




And this is a SammyDress.com XXL shirt ontop of an actuall XXL shirt.  Notice how the SammyDress.com XXL shirt is actually a Small.
image_1.jpg

Here's another SammyDress XXL ontop of an actual XXL shirt:

image_2.jpg

(2 comments | comment on this)

Thursday, October 22nd, 2015
12:01 pm - using awk to make histogram data of response times from your HTTP access log
In this example I'm using an access log that ends with the string "millis".

For example, a tomcat access log (doesn't matter the type of access log):


123.123.123.123 XXXXXX.XXXX.com - - [22/Oct/2015:00:00:03 +0000] GET /happy/dance HTTP/1.1 200 21 - "XXXX/4.9.2 (iPad; iOS 8.3; Scale/2.00)" lalala lalala "-" http-8443-21 - 8 millis

Since I know the time is in millis, and I want to group by 0-5 seconds, 5-10 seconds, 10-15 seconds... etc.

$ zcat access_log.2015-10-21.txt.gz | awk -vL=5000 '$NF=="millis" { ++b[i=int($(NF-1)/L)] ; if(i>m) m=i } END  { for(i=0;i<=m;i++) print "["i*L/1000","(i*L+L)/1000"]",b[i] }'
[0,5] 677608
[5,10] 1240
[10,15] 153
[15,20] 33
[20,25] 26
[25,30] 17
[30,35] 16
[35,40] 11
[40,45] 3
[45,50] 1
[50,55]
[55,60] 2
[60,65]
[65,70]
[70,75] 1
[75,80]
[80,85]
[85,90]
[90,95]
[95,100]
[100,105]
[105,110]
[110,115] 1
[115,120] 1
[120,125]
[125,130] 1
[130,135]
[135,140]
[140,145]
[145,150] 1

(comment on this)

Tuesday, October 20th, 2015
8:25 pm - How to fix terminals hanging on macosx
#################################################
# 1 - create a ~/.profile

$ cat .profile
if [ -f ~/.bashrc ]; then
    source ~/.bashrc
fi

#################################################
# 2 - create a ~/.bash_profile

$ cat .bash_profile
if [ -f ~/.bashrc ]; then
    source ~/.bashrc
fi

#################################################
# 3 - create a ~/.bashrc

$ cat .bashrc
#################################################
#Mac Ports
#################################################
export PATH=/opt/local/bin:/opt/local/sbin:$PATH
export MANPATH=/opt/local/share/man:$MANPATH
# export DISPLAY=:0.0

#################################################
#My Aliases
#################################################

(comment on this)

Sunday, October 18th, 2015
1:48 pm - reporitng sammydress.com

This is the link for reporting sammydress.com (a scam website)

https://www.facebook.com/help/contact/234887816572954

And here is the example where they claim it cost more in shipping to return an item that the item is worth:

http://www.sitejabber.com/reviews/www.sammydress.com#question_21359?utm_source=transactional%20email&utm_medium=email&utm_campaign=question%20notification&utm_content=text%3A%20respond%20here

(comment on this)

Thursday, October 15th, 2015
11:58 pm - How to See and Remove your iTunes App Subscriptions
Step 1:  Settings



------------------------------------------------------------------------------------------------------------------------------------------------------
Step 2:  iTunes & App Store



------------------------------------------------------------------------------------------------------------------------------------------------------

Step 3: Apple ID:  XXXXX@XXXXXXXXXX



------------------------------------------------------------------------------------------------------------------------------------------------------
Step 4: View Apple ID



------------------------------------------------------------------------------------------------------------------------------------------------------
Step 5: Manage



------------------------------------------------------------------------------------------------------------------------------------------------------

Step 6: Select your Subscriptions to view/change subscription settings

(comment on this)

> previous 20 entries
> top of page
LiveJournal.com