Whitelist Entire Country with ipset

Goal: Whitelist an Entire Country with ipset For this article i’ll be referencing the github repository I set up at

https://github.com/ssstonebraker/braker-scripts/tree/master/working-scripts/ipset We have a few files there, specifically: * cidr_to_ipset.sh (a script to create an ipset ruleset) * Some example CIDR blocks for Italy (IT.txt), Spain (ES.txt), Great Britian (GB.txt), USA (US.TXT) * sample_firewall.txt (example . . . → Read More: Whitelist Entire Country with ipset

barnyard2 won’t log to database – how to fix it

What to do when barnyard2 won’t log to the database….

Are you seeing something like this?

[SignatureReferencePullDataStore()]: No Reference found in database …

Full text:

# /usr/local/bin/barnyard2 -c /etc/barnyard2.conf -d /var/log/snort -f snort.log -w /var/log/barnyard2/barnyard2.waldo Running in Continuous mode –== Initializing Barnyard2 ==– Initializing Input Plugins! Initializing Output Plugins! Parsing config file “/etc/barnyard2.conf” +[ Signature . . . → Read More: barnyard2 won’t log to database – how to fix it

AWS add two network interfaces in ubuntu 12.04 precise

Objective Add two network interface in ubuntu 12.04 in aws and route traffic properly to either ip Scope: Amazon EC2 Attach Elastic Network Interface (VPC) Related Documentation https://github.com/ssstonebraker/braker-scripts/blob/master/working-scripts/aws_fix_dual_nic_routing.sh http://aws.amazon.com/about-aws/whats-new/2011/12/21/Multiple-Network-Interfaces/ http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html http://aws.typepad.com/aws/2012/07/multiple-ip-addresses-for-ec2-instances-in-a-virtual-private-cloud.html http://www.syscrunch.com/blog/amazon-ec2-attach-an-elastic-network-interface/ Process Start AMI in VPC After boot attach secondary nic Ensure both nic’s have an external IP associated with it configure new /etc/network/interfaces . . . → Read More: AWS add two network interfaces in ubuntu 12.04 precise

egrep valid ip address

Example to egrep valid ip address

To egrep all valid ip addresses in current directory:

egrep -r ‘[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}’ .

An Alternative:

/bin/egrep ‘\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b’

neo4j SSL howto

Getting SSL to work with neo4j can be very frustrating. The crux of the problem is that their documentation isn’t very robust.

Here’s what they don’t tell you:

Both the cert and the key MUST be in DER format!

example to convert a PEM formatted crt key to a der formatted crt key openssl x509 . . . → Read More: neo4j SSL howto

convert valid godaddy cert key to java keystore for tomcat

I spend hours trying to figure this out and here are the fruits of my labor

Problem

You are unable to create a valid Tomcat Keystore using a GoDaddy crt and key file

Curl output may look like this:

curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify . . . → Read More: convert valid godaddy cert key to java keystore for tomcat

nginx code igniter remove index.php prefix

Objective

Remove the index.php prefix from your nginx code igniter instance.

Assumptions In your main nginx conf file you define how php is called (unix socket or ip:port) You will replace foo.example.com with whatever your domain name is The proper logging path will be defined per your system as opposed to the location i have . . . → Read More: nginx code igniter remove index.php prefix

passing bash variable to perl command in bash script

Recently I tried passing a bash variable to perl command in bash script, it didn’t end well.

Troy Engel from http://tacticalvim.wordpress.com/ was nice enough to point out the issue:

use sed instead of perl for what you need; it’s simpler, faster and uses the bash variables easily.

I set up a test script /home/someuser/test.sh to . . . → Read More: passing bash variable to perl command in bash script

linux view disk space usage

Disk Space Usage Visual Tools

Some great tools for viewing disk space usage are: pydf (essential df with colors) Philesight (Web-based implementation of Filelight) ncdu (awesome text-only GUI!)

Philesight

Philesight is a tool to browse your filesystem and see where the diskspace is being used at a glance. Philesight is implemented as a simple command . . . → Read More: linux view disk space usage

Install Django centos redhat

To install Django on Centos or Redhat

echo “Installing httpd and httpd-devel” yum -q -y –enablerepo=ius install httpd httpd-devel > /dev/null 2>&1 chkconfig httpd on sed -i ‘s/Listen 80/Listen 8080/g’ /etc/httpd/conf/httpd.conf service varnish start service httpd start To Install Python 2.7.2 on redhat or centos echo “Install Python 2.7.2″ mkdir -p /usr/local/src/python.2.7.2.install cd /usr/local/src/python.2.7.2.install wget . . . → Read More: Install Django centos redhat