Batch unzip 7z archives

Posted by marian on June 06, 2010

  1. #!/bin/bash
  2. for i in $(find $(pwd) -name '*.7z')
  3. do
  4.        cd $(dirname $i)
  5.        7z x  $i
  6. done

Batch unrar archives

Posted by marian on June 06, 2010

  1. #!/bin/bash
  2. for i in $(find $(pwd) -name '*.rar')
  3. do
  4.        cd $(dirname $i)
  5.        unrar e  $i
  6. done

Batch unzip archives

Posted by marian on June 06, 2010

  1. #!/bin/bash
  2. for i in $(find $(pwd) -name '*.zip')
  3. do
  4.        cd $(dirname $i)
  5.        unzip  $i
  6. done

Strange errors when compiling Erlang R1304 on NetBSD

Posted by marian on June 03, 2010

Well I dindn’t expect this. If you are trying to compiler Erlang on this OS, this might save you some time.

If you get the the following error sequence:


make: "/home/acces/otp_src_R13B04/Makefile" line 88: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 89: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 91: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 92: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 93: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 94: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 95: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 96: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 97: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 98: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 159: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 164: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 166: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 167: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 169: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 171: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 172: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 202: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 217: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 220: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 222: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 228: Cannot open /home/acces/otp_src_R13B04/make//otp_ded.mk
make: "/home/acces/otp_src_R13B04/Makefile" line 250: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 254: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 256: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 258: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 268: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 270: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 272: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 276: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 277: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 279: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 280: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 287: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 288: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 290: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 292: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 293: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 305: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 308: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 310: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 313: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 315: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 320: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 337: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 344: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 360: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 363: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 365: warning: duplicate script for target "noboot" ignored
make: "/home/acces/otp_src_R13B04/Makefile" line 362: warning: using previous script for "noboot" defined here
make: "/home/acces/otp_src_R13B04/Makefile" line 366: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 373: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 377: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 381: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 391: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 392: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 401: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 403: warning: duplicate script for target "ifeq" ignored
make: "/home/acces/otp_src_R13B04/Makefile" line 376: warning: using previous script for "ifeq" defined here
make: "/home/acces/otp_src_R13B04/Makefile" line 403: warning: duplicate script for target "(,true)" ignored
make: "/home/acces/otp_src_R13B04/Makefile" line 376: warning: using previous script for "(,true)" defined here
make: "/home/acces/otp_src_R13B04/Makefile" line 404: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 409: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 441: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 442: warning: duplicate script for target "ifneq" ignored
make: "/home/acces/otp_src_R13B04/Makefile" line 390: warning: using previous script for "ifneq" defined here
make: "/home/acces/otp_src_R13B04/Makefile" line 443: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 447: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 463: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 466: warning: duplicate script for target "ifeq" ignored
make: "/home/acces/otp_src_R13B04/Makefile" line 376: warning: using previous script for "ifeq" defined here
make: "/home/acces/otp_src_R13B04/Makefile" line 466: warning: duplicate script for target "(,true)" ignored
make: "/home/acces/otp_src_R13B04/Makefile" line 376: warning: using previous script for "(,true)" defined here
make: "/home/acces/otp_src_R13B04/Makefile" line 467: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 471: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 493: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 502: warning: duplicate script for target "ifneq" ignored
make: "/home/acces/otp_src_R13B04/Makefile" line 390: warning: using previous script for "ifneq" defined here
make: "/home/acces/otp_src_R13B04/Makefile" line 502: warning: duplicate script for target "(,true)" ignored
make: "/home/acces/otp_src_R13B04/Makefile" line 376: warning: using previous script for "(,true)" defined here
make: "/home/acces/otp_src_R13B04/Makefile" line 503: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 530: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 542: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 558: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 972: Missing dependency operator
make: "/home/acces/otp_src_R13B04/Makefile" line 975: warning: duplicate script for target "ifeq" ignored
make: "/home/acces/otp_src_R13B04/Makefile" line 376: warning: using previous script for "ifeq" defined here
make: "/home/acces/otp_src_R13B04/Makefile" line 975: warning: duplicate script for target "(,true)" ignored
make: "/home/acces/otp_src_R13B04/Makefile" line 376: warning: using previous script for "(,true)" defined here
make: "/home/acces/otp_src_R13B04/Makefile" line 976: Need an operator
make: "/home/acces/otp_src_R13B04/Makefile" line 989: Need an operator
make: Fatal errors encountered -- cannot continue

make: stopped in /home/acces/otp_src_R13B04

then the easy solution to overcome it is to build Erlang with :

Another issue:

The only solution that I found was at http://mail-index.netbsd.org/pkgsrc-bugs/2007/11/11/msg025712.htm.

Basically you have to run config & gmake.

Starting Erlang at NetBSD boot up

Posted by marian on April 16, 2010

This would do the job:

vi /etc/rc.d/erlang.sh

  1. #!/bin/sh
  2. case $1 in
  3. start)
  4.         /usr/pkg/bin/erl -Pa /home/user/path_to_your_applications +A 5 -remsh -name e1@192.168.1.5 -heart -detached  -setcookie "mycookie" &
  5.         ;;
  6. stop)
  7.         killall erl
  8.         ;;
  9. esac

Setting up a transparent firewall on NetBSD

Posted by marian on April 16, 2010

A transparent firewall is a firewall running at Layer 2 in the OSI layer, that is Data link layer. Its main feature is that an attacker, usually remote, can’t actually see it. At Layer 2 we have MAC addresses offering local addressing, and we don’t have IP addresses. If you think that this has no point whatsoever, think again [1].

So, after reading this I’ve searched for a software solution. I was mainly motivated by [2] and [3]. A similar solution is presented at [4] for OpenBSD. I will describe a working solution for NetBSD in more detail, in a bottom up fashion, to reduce the need of googleing.

A transparent firewall is mainly a Layer 2 device with added filtering capabilities. Since firewalls usually need at least two physical interfaces, the logical choice is a bridge. It turns out that OpenBSD and NetBSD support building such a transparent firewall. Very good documentation is provided at [5].

First of all, a small introduction to Netbsd and OpenBSD.
Although many of you appreciate the openness and novelty of systems based on GNU/Linux, I recommend taking a look at NetBSD and OpenBSD.

OpenBSD started as a fork of NetBSD, and it is advertised in the community as being the most secure Operating System. Although I disagree with this kind of assertions, I can tell you that it is rather difficult to do stupid things on it.

NetBSD is advertised as the most portable OS. And it actually is.

For those of you who want to experiment on a Dell Inspiron 1525 laptop, surprises await you. NetBSD does not offer out-of-box support for the Marvell Ethernet controller, while OpenBSD does. Neither of the two offer any support for Broadcom BCM4312 802.11b/g wireless network controller, if you were wondering.

Therefore, the best solution for a transparent firewall that I could think of was an ancient AMD Duron based computer. The computer has two PCI based Gigabit Ethernet NICs: RealTek 8169/8110 Gigabit Ethernet (rev. 0×10) and D-Link DGE-528T Gigabit Ethernet (rev. 0×10), and an on-board VIA VT6102 (Rhine II) 10/100 Ethernet.

For those of you who think that a dual-core or quad-core computer would be blazing fast running this OSes, I tell you … support for SMP was just recently added and has much to catch up to match the Linux Kernel. At the same time, a 200 MB and 27 user processes OS is quite tempting for those experimenting with XEN virtualization.

What I really enjoy in the case of OpenBSD and NetBSD is the kernel source code documentation and the style of writing the code. Please, don’t thrust me. Just download and look at it. You would gain a better understanding of the Linux kernel by doing so.

To decline my preferences, I commonly use and enjoy Ubuntu and Fedora. But I also started to enjoy and appreciate BSD based system.

I also tried OpenSolaris. I have never encountered such an awful OS in my entire life. Its just a very big piece of crap. I don’t care what others say about its commercial brother, the so-called “most advanced OS”. The correct way of presenting it is: “the crappiest OS that mankind has ever witnessed”.

Ok, returning to our discussion one thing that would annoy any living being regarding NetBSD and OpenBSD is the lack of applications. There are less applications than on GNU/Linux and usually they are outdated. Yes, of course there is a reason for this. A funny thing is that tcpdump is not present in the ports tree. The main argument being the high number of bugs that could threaten the security of the system.

So lets start building a transparent firewall using NetBSD.

Install NetBSD, currently at version 5.0.2

Download it from: http://www.netbsd.org/releases/.
Accept default settings.

Building a custom made NetBSD kernel [6]
1) Copy the GENERIC kernel config to your local directory:

  1. cp /usr/src/sys/arch/`machine`/conf/GENERIC ~/TranspareFIREWALL

And make a symbolic link to it:

  1. ln -s ~/TranspareFIREWALL /usr/src/sys/arch/`machine`/conf/TransparentFirewall

Now in our custom kernel config add / modify the networking options to look as following :

  1. # Networking options
  2. options         GATEWAY         # packet forwarding
  3. options         INET            # IP + ICMP + TCP + UDP
  4. options         INET6           # IPV6
  5. options         IPSEC           # IP security
  6. options         IPSEC_ESP       # IP security (encryption part; define w/IPSEC)
  7. options         IPSEC_NAT_T     # IPsec NAT traversal (NAT-T)
  8. options         IPSEC_DEBUG     # debug for IP security
  9. options         MROUTING        # IP multicast routing
  10. #options        PIM             # Protocol Independent Multicast
  11. #options        ISO,TPIP        # OSI
  12. #options        EON             # OSI tunneling over IP
  13. options         NETATALK        # AppleTalk networking protocols
  14. options         PPP_BSDCOMP     # BSD-Compress compression support for PPP
  15. options         PPP_DEFLATE     # Deflate compression support for PPP
  16. options         PPP_FILTER      # Active filter support for PPP (requires bpf)
  17. options         PFIL_HOOKS      # pfil(9) packet filter hooks
  18. options         IPFILTER_LOG    # ipmon(8) log support
  19. options         IPFILTER_LOOKUP # ippool(8) support
  20. options         IPFILTER_DEFAULT_BLOCK  # block all packets by default
  21. #options        TCP_DEBUG       # Record last TCP_NDEBUG packets with SO_DEBUG
  22. options         ICMP_BANDLIM
  23. options         ALTQ            # Manipulate network interfaces' output queues
  24. options         ALTQ_BLUE       # Stochastic Fair Blue
  25. options         ALTQ_CBQ        # Class-Based Queueing
  26. options         ALTQ_CDNR       # Diffserv Traffic Conditioner
  27. options         ALTQ_FIFOQ      # First-In First-Out Queue
  28. options         ALTQ_FLOWVALVE  # RED/flow-valve (red-penalty-box)
  29. options         ALTQ_HFSC       # Hierarchical Fair Service Curve
  30. options         ALTQ_LOCALQ     # Local queueing discipline
  31. options         ALTQ_PRIQ       # Priority Queueing
  32. options         ALTQ_RED        # Random Early Detection
  33. options         ALTQ_RIO        # RED with IN/OUT
  34. options         ALTQ_WFQ        # Weighted Fair Queueing

Enable this if they aren’t by default:

  1. pseudo-device bpfilter                # Berkeley packet filter
  2. pseudo-device pf                      # PF packet filter
  3. pseudo-device pflog                   # PF log if

Increase the memory available in kernel to a value specific to your available memory. The memory available to the firewall, among others, depends on it.

  1. options       NMBCLUSTERS=16384

Then build the kernel:

  1. cd /usr/src/sys/arch/`machine`/conf/
  2. config ./TransparentFirewall
  3. cd ../compile/TransparentFirewall/
  4. make depend  && make

Save the old kernel and copy the new one:

  1. cp /netbsd /netbsd.original
  2. cp /usr/src/sys/arch/`machine`/compile/MYKERNEL/netbsd /netbsd

and do a simple reboot.
If you encounter problems, read the available documentation.
Mainly, you can return to the original kernel using, at boot, the following commands:

  1. boot netbsd.original -s
  2. fsck /
  3. mount /
  4. mv netbsd.old netbsd
  5. reboot

Now that you have a working kernel supporting the pf firewall and traffic shaping (ALQ options specified), you can start configuring the transparent firewall. Basically, as the documentation says, you can achieve this by setting up bridge between two physical NIC and filtering packets on one of them, using pf.

It is possible to set one of the interfaces to have an IP address for administrative purposes (static / dhcp) or use another network interface. The later strategy was adopted.

The re0 and re1 (Realtek driver naming) will denote the two bridge interfaces while sis0 will be the administrative interface. For each of these interfaces create a file such as the ones below:

  1. #vi /etc/ifconfig.re0
  2. up
  1. #vi /etc/ifconfig.re1
  2. up

and the configuration interface:

  1. #vi /etc/ifconfig.sis0
  2. up
  3. dhcp

To configure the bridge to use cycle detection (STP) and packet filtering:

  1. #vi /etc/ifconfig.bridge0
  2. create
  3. !brconfig bridge0 add re1 add re0 up stp re1

Now you have to set up the /etc/rc.conf. A sample configuration file is:

  1. rc_configured=YES
  2. dhclient="YES"  #<- comment if you don't need DHCP for the configuration interface
  3. sshd="YES"
  4. hostname=mycomputer.mynetwork
  5. firewall_enable="YES"
  6. pf=YES                           #enable pf
  7. pf_rules=/etc/pf.conf        #pf configuration file
  8. pf_program="/sbin/pfctl"  
  9. pf_flags=""
  10. pflogd=YES
  11. inetd=NO  
  12. syslogd=YES
  13. pflog_enable="YES"                 #log network packets, similar to ulog on GNU/Linux
  14. pflog_logfile="/var/log/pflog"    #log file location
  15. pflog_program="/sbin/pflogd"
  16. pflog_flags=""

and … reboot. You’ve just built a bridge using NetBSD.

The last thing you have to do is to set the firewall rules. Please note that despite the fact that we have built a bridge, Layer 2 device, we have access to the whole packet information. This has to do with the way the bridge code uses the BPF interface to copy packets from one interface to the other.

The main feature that distinguishes PF from iptables is the fact that rules that don’t employ the “quick” keyword are not definitive. In iptables, the action taken by the firewall is given by the first matching rule. In PF the action is given by the last matching rule or a rule having the “quick” keyword.

Therefore

  1. #vi /etc/pf.conf
  2. block in all
  3. pass in inet proto tcp from any to any port ssh

will allow just ssh session to be established, while

  1. #vi /etc/pf.conf
  2. pass in inet proto tcp from any to any port ssh  
  3. block in all

will block any packets from entering the local network.

A feature similar to the one provided by ulog is given by:

  1. #vi /etc/pf.conf
  2. block in log (all to pflog0) all
  3. block out log (all to pflog0) all

which will block all the packets and log them to pflog0. The packets could be later retrieved from the pflog0 interface using tcpdump or from /var/log/pflog (as specified in rc.conf).

Another awesome feature is that this interface is clonable. That is if we create a file with the content:

  1. #vi /etc/pflog1
  2. up

a new (cloned) logging interface is created. NetBSD supports many such interfaces. We can then specify firewall rules that send packets to different logs.

  1. #vi /etc/pf.conf
  2. block in log (all to pflog0) all
  3. block out log (all to pflog1) all

Thats it folks ! I will write a more advanced firewall configuration in a next post.

Convert all *.ppt files in a directory to *.pdf (or any format suported by OpenOffice to PDF)

Posted by marian on January 20, 2010

I believe that everybody came across the need to convert some Microsoft Office document into PDF format. Under GNU/Linux this can be accomplished very simply.
If you are a student and all the courses are in PowerPoint and you want to read them as PDF under GNU/Linux using the awesome evince, then you will appreciate this tutorial. ( Question to the reader: Why does Evince look so good, while the GNU/Linux version of Acrobat Reader is so sluggish ?)
Steps to follow:
1) Install OpenOffice
2) Install Cups-PDF:

  1. sudo apt-get install cups-pdf (Ubuntu)
  2. sudo yum install cups-pdf (Fedora)

3) Create a PDF directory in your home directory if it doesn’t exist:

  1. mkdir ~/PDF

4) For converting a single *.ppt file to *.pdf you should use:

  1. soffice -norestore -nofirststartwizard -nologo -headless -pt PDF your_pdf_file.ppt

But this can be achieved easily using OpenOffice GUI.
Now I will show you how easy is to convert all the files in a directory to PDF files and then merge them in a single PDF file. You just have to go to the directory containing your files and then execute :

  1. find . -type f -name "*.ppt" -exec soffice -norestore -nofirststartwizard -nologo -headless -pt PDF {} \;

Find will search in the current directory for all the files (due to “-type f”) and having the extension ppt (due to -name “*.ppt”) and convert them into PDF files.
You might also use *.doc (Microsoft Word), and i think (not tested) that also *.pptx and *.docx (Microsoft Office 2007) could be used. The output files will be stored in the ~/PDF directory.

Now the PDF merging stage. There are many tools that can do this under Linux, but I prefer pdftk which can be installed using:

  1. sudo apt-get install pdftk (Ubuntu)
  2. sudo yum install pdftk (Fedora)

And here is the easiest way to merge all the PDF files in a directory:

  1. pdftk *.pdf output merged.pdf

where merged.pdf is the name of the merged file :) ).

« Previous Entries