How to tcpdump to a file

Posted on April 27th, 2007 in General by Brandon

I use this quite frequently when trying to monitor network traffic to a host. This will save all of the traffic for a host to a file. The file can then be viewed with Ethereal (or some other tool)

tcpdump -n -i any -w /var/tmp/SOMEFILE -p -C 100 -W 10 -s 1500 host SOMEIP

This will make files up to 100 MB in size and keep up to 10 ‘rotations’ of it. Of course, you can use other parameters besides just the ‘host’ parameter to match whatever traffic it is that you want.

This is how open source should work

Posted on April 25th, 2007 in General by Brandon

Google announced on Monday that they are contributing some of their internally developed enhancements to MySQL back to the community.  They released a patch for MySQL 4 that improves on some high availability features, and a few python scripts that help manage MySQL clusters.

In my mind, this is a great example of how open-source software works.   MySQL of course, is a widely used database application that Google uses for many things.  Since it is open-source, they are able to modify some of the functionality to meet some of their needs.   Then, when those new functions or fixes are stable, they release that code back to the community for possible incorporation into the mainline MySQL code.

One common misconception that I see people make about open source software is that they seem to think that it is developed individuals who just do it for the experience or for the fun of it.   While that is true to some extent, the contributions that companies make is also significant.

I’m still struggling with getting involved in contributing back to some open source projects.   I’ve submitted fixes and documented bugs for the occasional program, but I’m still trying to find the right project where I can make regular, meaningful contributions.   Maybe I’ll find it someday.

Joost Beta

Posted on April 25th, 2007 in General by Brandon

After waiting for a couple months, I finally was invited to join the Joost beta program . I was pretty impressed with how easily the signup process went, the program installed, and I was able to start watching TV.

Joost is a company that is attempting to use Peer-to-peer protocols to deliver streaming video. It’s a pretty cool idea and seems to be well implemented. It certainly has a few problem areas still though:

When running the App in a window, it is pretty buggy. Switching between it an other applications is painfully slow sometimes. Also dragging or resizing the window looks weird.
I’m currently unable to exit the program from inside of it. I have to use the tray icon to kill it

I wasn’t interested in hardly any of the content that was available. I watched a couple of music videos and parts of some National Geographic shows, but everything else didn’t interest me much. I suppose the content will grow over time.
While playing a show, I did a quick tcpdump on my connection, and it looked like I was downloading from about 8 sources at any one time.

Upgrading Pear from an old version

Posted on April 25th, 2007 in General by Brandon

I just went to upgrade PEAR on a CentOS 4.4 server and had problems.  The installed PEAR version (from pear info PEAR) was 1.3.2, but when I ran ‘pear upgrade PEAR’, I was told that I needed PEAR version 1.3.3.   The solution: ‘pear install PEAR-1.3.3′ to upgrade to that particular version.  Then I could ‘pear update PEAR’ which brought it up to version 1.5.3.     Then I could run a ‘pear upgrade-all’ to update all of the other packages.

Compiling a kernel with support for iptables (netfilter) packet state inspection

Posted on April 25th, 2007 in General by Brandon

I went through several compiles trying to get a Kernel to compile with support for iptables that supported the -state argument. I eventually came up with the right combination, which included both the ‘state’ match support and IPv4 connection tracking support

Here’s where they are in menuconfig:

Networking Support ->
Networking Options ->
Network Packet Filtering Framework (Netfilter) ->
IP: Netfilter Configuration ->
IPv4 connection tracking support (required for NAT) = M
Core Netfilter Configuration ->
“state” Match support = M

(also most everything else on this page is selected as well)

After exiting menuconfig, you can make sure that those two options are correct in your .config by looking for CONFIG_NETFILTER_XT_MATCH_STATE and CONFIG_NF_CONNTRACK_IPV4.

PHP Conversion between and IP Address and an integer

Posted on April 24th, 2007 in General by Brandon

I’ve been spending quite a bit of time on a program recently, and have taken for granted these two functions that I wrote for it a while ago. The convert back and forth between an IP address and the integer representation of the IP address.

For example, the IP address ’207.210.219.125′ can also be represented as ’3486702461′. The magic behind the calculation involves converting each octet of the IP address into binary, and then reading the entire 32 bits as a single unsigned integer.

The PHP code uses some bitwise functions to do this pretty easily (Although it took some experimenting to get it right). I’ve named the functions the same as their MySQL equivelents. inet_ntoa = number to address and int_aton = address to number. That’s right MySQL supports them directly. It’s much better for MySQL to work with the integers rather than the string representations.

function inet_aton($ip_address)
{
    if(! preg_match("/[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$/",$ip_address)) {
        return;
    }
    list($octet1, $octet2, $octet3, $octet4) = split('\.',$ip_address);

    $ipaddress_number = (double)
        (($octet1 & 255) << 24 ) |
        (($octet2 & 255) << 16 ) |
        (($octet3 & 255) << 8 ) |
        ($octet4 & 255 ) ;
    ## PHP doesn't support unsigned ints, so we "fake" it into returning a double
    $return_number = doubleval(sprintf("%u", $ipaddress_number));
    return $return_number;
}

function inet_ntoa($ip_number)
{
    if(! is_numeric($ip_number)) {
        return $ip_number;
    }
    ## PHP doesn't support unsigned int's, so we'll use a double
    $ip_number = doubleval($ip_number);
    $octet1 = $ip_number >> 24 & 255;
    $octet2 = $ip_number >> 16 & 255;
    $octet3 = $ip_number >> 8 & 255;
    $octet4 = $ip_number & 255;
    $ip_address = $octet1 .'.'. $octet2 .'.'. $octet3 .'.'. $octet4 ;
    return $ip_address;
}

Convert an OpenSSL (Apache) SSL Certificate to a PKCS12 (Tomcat)

Posted on April 21st, 2007 in General by Brandon

I just spent a couple hours trying to figure out how to convert and OpenSSL Key/Certificate to one that can be used by Tomcat. It turned out being way more complicated than I thought, and I had to piece together instructions from various web sites. Here’s how I did it:

Convert the Key to a PKCS12 Key. This will prompt you for a password which you will need when you change the Tomcat configuration.

openssl pkcs12 -export -in /etc/apache2/ssl.crt/somedomain.com.crt -out somedomain.com.pkcs12 -name “somedomain.com” -inkey /etc/apache2/ssl.key/somedomain.com.com.key

Verify that the pkcs12 file contains your key. You should be able to see your certificate’s common name, and various other parameters.

keytool -list -v -keystore somedomain.com.pkcs12 -storetype pkcs12

Now configure Tomcat by editing conf/server.xml and changing the SSL Connector to something like this:

<connector port="8443" maxThreads="150" acceptCount="100" debug="0" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreType= "PKCS12"
keystoreFile="somedomain.pkcs12"
keystorePass="yourKeystorePass">

Perl function equivalent of PHP’s AddSlashes()

Posted on April 16th, 2007 in General by Brandon

Here is a perl equivalent of PHP’s AddSlashes() function. It’s a quick an dirty way to clean up text to insert into a database. There are better ways to do this. It should exactly mimic PHP’s function. It adds slashes before single quotes(‘), double-quotes(“), backslashes(\), and NULL bytes (\0).

sub AddSlashes {
    $text = shift;
    ## Make sure to do the backslash first!
    $text =~ s/\\/\\\\/g;
    $text =~ s/'/\\'/g;
    $text =~ s/"/\\"/g;
    $text =~ s/\\0/\\\\0/g;
    return $text;
}

CentOS 5 is released

Posted on April 13th, 2007 in General by Brandon

It’s official.  CentOS 5 is finally released.   This version upgrade has a number of significant upgrades.  I’m most excited about the inclusion of Apache 2.2, MySQL 5, PHP 5, and Xen.   I’ll be installing it on a new server as soon as I get the chance

Web 2.0 Domain Name search

Posted on April 11th, 2007 in General by Brandon

I’ve been considering starting a website just for the software that I write. Much of it will be open-source, like my Speedtest, and a few other things that I’ve written. I also want to create place to sell some software as well. I’ve been thinking about domain names, and it is difficult because any .com that is remotely desirable has already been taken and hosts a stupid search page. I’ve contacted a couple that I was interested in and the greedy people usually want thousands of dollars for them.

So, I’ve been looking at ‘alternative’ top level domains thinking that maybe I can come up with something clever like del.icio.us. I’ve been unable to find an online dictionary that allows me to search just based on the last letters of a word though. I’m hoping to search for .us, and have it show me all of the English words that end in “us”. Since I couldn’t seem to find any online, I just took a few minutes and made my own.

I found a free version of Webster’s Dictionary available at the Gutenberg project, and wrote a quick Perl script to find all of the words and then see if they match the criteria I specified. Figuring that it may be useful to others, I made a public Reverse-letter dictionary search available on my site. It searches about 110,000 English words that end in the letters you specify.

I also found a kindof fun Name Generator that generates random Web 2.0 names. Maybe it can come up with something interesting. I still haven’t come up with the right name yet, but I’ll keep trying

Next Page »