2009-11-17

tar extract single file

Good to know how to extract a single file from a big archive.

List the content of the tar archive

for tar archives
tar -tvf archive.tar

for tar.gz archives
tar -ztvf archive.tar

for tar.bz2 archives
tar -jtvf archive.tar

Then to extract the single file
tar -ztvf archive.tar.gz # to see the whole archive
tar -zxvf archive.tar.gz /root/my/file.txt # to get the file or directory
tar -zxvf archive.tar.gz {path/to/file}

might be wise to use -C target_dir aswell so we dont overwrite it!

2009-11-16

conditional statements mysql

shortie on conditional statements with update. useful!

CREATE TABLE `table` (
`id` int(11) NOT NULL,
`text` varchar(255) default NULL,
`int` int(11) default NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1


UPDATE table SET `int` = IF(`int`='0','1','0') WHERE id =1 

2009-10-08

moinmoin

There always comes times when a wiki is good to have.
This is how to move the wiki instance from one host to another.

apt-get install libapache2-mod-python python-moinmoin
a2enmod mod_python

restart apache

extract the wiki to /opt
chown -R www-data:www-data

add to default vhost
Alias /moin_static/ /opt/share/moin/htdocs/

Order deny,allow
Allow from all

ScriptAlias /wiki /opt/wiki/cgi-bin/moin.cgi

Order deny,allow
Allow from all


restart apache

good to go.

2009-09-14

nmon analyzer

Came across this great system and network analyzer tool today.
It's an oldie from IBM but still as good as ever!

download nmon from ibm and their unsupported analyzer spreadsheet.

run
./nmon -f -s2 -c 60

where c is number of datapoints
and s is interval between gatherpoints
f is for background.

then sort the file into a .csv
open nmon analyser v33C.xls
import system.090914_1445.csv into it.

Aswell did a little perl-script for merging logs if you've as me managed to collect to much data for excel to handle.

Just change $a % 50 to a value that fits your needs

#!/usr/bin/perl
open(FILE, shift) or
die("Unable to open file!");
$a = 0;
$b = 0001;
$start = 1;
foreach $sak (<FILE>) {
chomp($sak);
@divided = split(/,/,$sak);
$curr = $divided[0];
if (($curr =~ "AAA") || ($curr =~ "BBBP")) {
print $sak . "\n";
next;
}
if ($start == 1) {
$last = $curr;
$start = 0;
}
$a++;
if ($curr !~ $last) {
$a = 0;
$b = 0001;
$last = $curr;
print $sak . "\n";
next;
}
if ($a % 50 == 0) {
$d = sprintf("%04d",$b);
$divided[1] = "T$d";
print join(',', @divided) . "\n";
$b++;
}
}
close(FILE);

2009-07-24

godaddy ssl certificates with jboss

There are actually alot of guides out there on how to make a keystore for jboss and how to get the certificate signed. But I had to combine all of them to fit our needs.

I reissued the old key. so we already got the tomcat.keystore
download the zip from godaddy and extract in same dir as tomcat.keystore

## create new key with
# keytool -genkey -alias tomcat -keyalg RSA -keystore keystore.jks
##

# verify integrity of tomcat.keystore
keytool -list -v -keystore tomcat.keystore

# import the intermed certificate
keytool -import -alias intermed -keystore tomcat.keystore -trustcacerts -file gd_intermediate.crt

# import the cross certificate
keytool -import -alias cross -keystore tomcat.keystore -trustcacerts -file gd_cross_intermediate.crt

# import our wildcard certificate
keytool -import -alias tomcat -keystore tomcat.keystore -trustcacerts -file _.nsa.gov.crt

if it reply's with:
"java.security.cert.CertificateException: Unable to initialize, java.io.IOException: DerInputStream.getLength(): lengthTag=127, too big"
Then the certificate is too long, and there is some crap \c\r at the end, just edit it and make sure
-----END CERTIFICATE-----
is on the last line.

then re-import and it should say:
Certificate reply was installed into keystore

Replace the chap8.keystore, make sure you have the path in server.xml
restart jboss verify expire date on the certificate.

2009-07-20

tunneling with socat

Socat is a command line based utility that establishes two bidirectional byte streams and transfers data between them. Really good for tunneling!

Simple example:
You need to be root to establish low-port connectiosn
socat TCP-LISTEN:23,fork,bind=192.168.150.99 TCP4:192.168.157.254:23

port to bind on, fork it, ip to bind on, target:port

How to make a simple portforwarding on the Cisco ASA 5505

IP configuration
interface Vlan1
nameif inside
security-level 100
ip address 192.168.150.1 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
ip address 74.125.77.191 255.255.255.252

Make sure we are using correct globals and nats.

global (outside) 1 interface
nat (inside) 0 access-list ACL-INSIDE
nat (inside) 1 192.168.150.0 255.255.255.0
nat (inside) 1 0.0.0.0 0.0.0.0

Set a static route between outside interface and inside ip on specified port.
Do NOT use outside ip, that will fail, we need "tcp interface".

static (inside,outside) tcp interface 22 192.168.150.99 22 netmask 255.255.255.255

Then its just the matter of a simple access-list to allow hosts and log errors.

access-list ACL-INBOUND extended permit tcp host 12.120.77.169 host 74.125.77.191 eq 22 log errors
access-group ACL-INBOUND in interface outside