being a dictator syadmin: blocking sites using squid

Sometime, it’s hard to be a sysadmin, because sometime we have to do evil thing. A good example is, blocking sites, that, have legal use, but some one high above, want it so.

In squid, the is a squid.conf, which should be resided, in your configuration directory. In my example, my network server running fc 7, using squid from repository, so the configuration is in, /etc/squid

In the squid.conf, comes 2 directive, the acl, and http_access. Just below the acl to your own network,
which should be
acl something src “a list of ip”

From this line, there is 2 way to blog a site
First Way
Add the following:

acl evilsite dstdomain somesite
acl deny evilsite

This is not a bad idea, except, for all the site, you want to block, you will have to add one by one.
Make a messy configuration file, more messy.
another way is to create a file with a list of bad ip.

Second Way
first as root create a text file, which I just put it in the same directory as squid.conf. And fill it with the ip you want to block, separated with a newline.
Which in my example, in my squid configuration directory

touch restricted-site.squid

This will create a empty text file

echo “http://evilsite” >>restricted-site.squid

This will add the a line in restricted-site.squid
do it again, by change http://evilsite. with another site.

then create a new acl in your squid.conf

acl badlist dstdomain “yourlistfile
http_access deny badlist

Now this way, you can just add a site, to the restricted file, with messing with the already messy, squid.conf

p.s This is tested on a server I manage, which runs fedora. Not my laptop which runs ubuntu

fun with bash: append text to a file

There is time when we need to edit a file on linux, or unix for that matter, and usually a configuration file. And to me at least, it is usually append to end of a file.

On the other hand, unix got many many, text manipulating utilities, and often, one liner to do text manipulation exist. From cat, to sed. And some an echo will do.

To append a line to a file, it just

echo “your text”>> yourFile

here’s a bit explaination, in layman term

echo “your text”

will by default, print to your screen, which comes to

>>

which means, redirect output to, somewhere. Another variation is, >, the difference is that, this will replace, the whole thing. >> will append

>> yourFile

means redirect to your file.

And there you go, a one line to append a file.

fun with python: running programs using popen

Yesterday, I run unix command, by using the command modules.

It turn out that there is another way, and more importantly cross platform. So it will run on windows.

Python provides a set of modules for generic operating system service. In the os module. And in it is a popen() function. Which can be used to call program,

so to run a program using popen, using “ls ~” as an example, it can be many program:

import os
comm=os.popen(“ls ~”)
for line in comm.read():
print line

which will print the output. But for some reason, cat a file don’t work. You don’t really need to print an output, you can just use it to run a program.

fun with python: running unix command with commands module

One of the best thing in python is, the fact that it have a “battery included”, this I really believe.

There is a few ways of running system command on python. There is the popular, execl, execlv, etc in the os modules, which is cross platform.

There is also a commands module. What is cool about it, is that, it will generate output. Where as execl, will exit python shell, back to the parent shell. Meaning, it’s easy to write code that read an output of a command, and put it in a front end of something. While it is cool, the command module comes with a cost, it’s only available for unix like system, such as linux, bsd, and other unix.

Here’s an example, assumes that you already started python, in python shell, either in terminal, or idle, type

>>> import commands

this will loads the modules, now type

>>> commands.getstatusoutput(‘ls /’)

you should get something like this:

(0, ‘bin\nboot\ncdrom\ndebian\ndev\netc\nhome\ninitrd\ninitrd.img\nlib\nlib32\nlib64\nlost+found\nmedia\nmnt\nopt\nproc\nroot\nsbin\nsrv\nsys\ntmp\nusr\nvar\nvmlinuz’)

the output depends on the system you have. the first part of the tuple is the exit code, which since the code successfully executed, it’s 0. the second part is the output of the command, separated by \n.

Now type

>>> commands.getoutput(‘ls /’)

you should get something like this

‘bin\nboot\ncdrom\ndebian\ndev\netc\nhome\ninitrd\ninitrd.img\nlib\nlib32\nlib64\nlost+found\nmedia\nmnt\nopt\nproc\nroot\nsbin\nsrv\nsys\ntmp\nusr\nvar\nvmlinuz’

the output differs between system. now you get a string again separated by \n.

last methods that is available to the commands module is. getstatus, this can only run on an directory:

>>>commands.getstatus(‘/’)

the output should be something like this.

‘drwxr-xr-x 23 root root 4096 2007-12-11 13:21 /’

What’s interesting is, it getoutput, and getstatusoutput, applies to many system command(if not all).

interesting example that I do. This is to print the result of ping, interesting example

import commands
s=commands.getoutput(‘ping google.com -c 10’)
#i try to limit the command to make sure it stops
l=s.split(‘\n’) #because it’s separated by \n
for line in l:
print l

another interesting thing to do is, is to get cpu info, nothing that cannot be done, using open, since it uses the proc filesystem(gotta love /proc) but still it’s interesting.

import commands
s=commands.getoutput(‘cat /proc/cpuinfo)
for line in s.split(‘\n’):
print line

the commands module is an interesting way to automate stuff on unix. Pity it doesn’t work, on windows. But still it’s fun, and interesting. Something the original unix principle.

Alternative OS Adventure: Haiku On kubuntu Qemu

In the last century, as in 10 years back, was an operating system, totally start from scratch. With the goal of being user friendly, multimedia capable. And in the process of development develop many new operating system concept. It is said that, it is one of the candidate for replacement of the mac os in the 1990’s. In the end they choose, nextstep, a type of unix, which ends up as os x

Unlike most system, the os is designed for modern, hardware, so it already have multiprocessor support, 64 bit journaling file system. Really, compared to most commercial desktop OS, it is modern.

Either way the company failed. The fan disappointed. And a few project to recreate the BeOS is created.

Here I use haiku. Which currently in alpha. First thing I see from the boot screen. Quite nice. And on qemu, it booted quite fast. By then it still quite new. Another thing is the shell. Don’t fools by it’s look, it is actually bash, the shell that is the same on unix.

The desktop is very simplistic, and the layout is different, but very nice. Ubuntu user get used to start button on the top left, and windows on the bottom. Windows on the bottom, and the start button on bottom left. Haiku is different, everything is top right.

Not much application on beos yet. By then it is alpha, and the disk image is just 26-27 meg. Not much here. By then there is a lot of demo to play around.

To run it on qemu on ubuntu,
get the nightly build from
http://haiku-os.org/build_factory

get the raw disk image.
then unzip it, there is 2 ways to run it. one is using command line
qemu haiku.image

or you can use qemulator, like my previous post here.

p.s there is vmware image for use for well vmware and virtualbox

more resource on haiku
http://haiku-os.org/

Qemulator: a front end for qemu.


One of the most popular open source virtualization soft is qemu, arm with kqemu, it can be about as good as vmware. Most probably recognize that qemu don’t really have a front end. But it does, Qemulator is a front end for qemu.

Use an example from haiku.


just click on the + on the main menu, then fill in the name,
then open the image file. Then you done. You should have a virtual machine to run.

To install on ubuntu, it just a matter of:
sudo apt-get install qemulator

make sure you have qemu first. Which probably installed as a dependency anyway.

network diagnostic using mtr


There is a few ways to diagnose network problem, and tools like ping, and traceroute, are indispensable for the task.

Here’s another tools that, is useful. mtr. mtr can be seen as a combination of ping and traceroute. When started it runs as a ncurses program. And what make it interesting is that, it shows the result, live. To me it’s interesting. There is 2 version in the ubuntu repository, one is mtr, another is mtr-tiny. The version I use, is mtr-tiny, which do not have x11 support. to install it on ubuntu, is a matter of
sudo apt-get install mtr or sudo apt-get install mtr-tiny

To run in is a matter of

mtr destination(could be address or URL)

or to leave ncurses, useful if you want to redirect the output to a file.

mtr -r destination

or to run on certain cycle

mtr -c 10 destination

or you can combine it

mtr -c 10 -r destination

What interesting is that, when I run it, I noticed some interesting stuff, my route from my home to google always changing. Maybe it just me.

openkomodo: an open source, code editor


Open Komodo, is an initiatif, by active state, to open source some of their software. Open Komodo is essentially Komodo Edit. A shrink down version of their IDE. So what happens here is that, they open source thei Komodo Edit, which is cost free anyway. But not much of an ide, but good enough for most task.

The editor, support quite a number of language, such as python, ruby, java, and a few. One notable exception is PHP, which is not in the list. Been testing it with python, because been playing around with django.

The basics is there, such as organize as project, code completion, which is totally useful. But the code completion feature, is a bit not quite there yet. Some code in the directory cannot be imported, using import. don’t really work.

Compared to ide, it is a bit barebone, but by then it is a bit like GUI version of emacs, and vi. Probably the reason, why I think it is quite fine.

One thing is it is still alpha, but it quite usable to me now. Probably there is more to come in the future.

One cool thing is, to install open komodo, on linux, any linux, just run the shell script, in shell, chmod +x install.sh
then
./install.sh.

It will copy to your home directory, and create a shortcut at the desktop. to remove it, just remove the Directory created and the shortcut. It’s in the README file,

You can get Open Komodo here
http://www.openkomodo.com/

me and my realplayer adventure

I noticed that, there is version of real player on helix community site, for amd 64.

http://forms.helixcommunity.org/helix/builds/?category=realplay-current

Which can be found here. Well it is a nightly build, but it is there for sometime, so it show how ignorant, I am.

One thing I tested is, the playback is not choppy anymore, and with sound too. Also with alsa support. What sucks, the sound, it so machine like. Need to figure out the right alsa configuration.