October 29th, 2015

How to do timeouts in perl


#!/opt/local/bin/perl
$|++;

use strict;
my $timeout_length=3;  # 3 seconds

eval {
        local $SIG{ALRM} = sub { die "timeout\n" };
        alarm $timeout_length;
        infinite_loop();  # call the loop
        # print_line();  # print a single line
        alarm 0;
};

# warn "external command timed out: $@\n" if $@ eq "timeout\n"; # This only prints if the alarm timeout was hit.
if ( $@ eq "timeout\n") {
        warn "The timeout value was hit.... exiting....\n";
        exit 1;
}

sub infinite_loop {
        for( ; ; ) {
                printf "This loop will run forever.\n";
        }
}

sub print_line {
        print "Hello\n" ;
}

How to log packets from a Source IP using just iptables

Set up rules to match your IP address for logging. In this example the SRC IP we want to log is 10.0.3.19:

iptables -N LOGGINGCHAIN
iptables -A LOGGINGCHAIN -m limit --limit 20/min -j LOG --log-prefix "iptables: logging: " --log-level 7
iptables -A INPUT -s 10.0.3.19/32 -j LOGGINGCHAIN


Note: We did log-level 7 (debug) because log level 6 is info, and most /etc/rsyslog.conf's have *.info go to /var/log/messages and we don't want to spam /var/log/messages with iptables info.

So instead we add something to /etc/rsyslog.d/ for logging these packets:

cat << EOF >  /etc/rsyslog.d/10-iptables.conf
:msg, contains, "iptables:" -/var/log/iptables.log
:msg, contains, "iptables:" ~
EOF

That says anything that contains the string "iptables:" gets written down to /var/log/iptables.log .

Then restart syslog:
service rsyslog restart