Archive

Archive for the ‘Perl’ Category

Misconfigured Perl install path

December 17th, 2008 No comments

I got a strange problem on a server. CPAN was installing module outside of perl @INC, this is quite a nightmare.
I found what was wrong and it was quite easy to solve.
Run this command:

# perl -V:'install.*'

Look at installprivlib and installarchlib. If they don’t match @INC you can change them at the end of perl Config.pm (in tie %Config, ‘Config’, {..})

To find your Config.pm file type

# perl -MConfig -le 'print $INC{"Config.pm"};'

If you only use CPAN to install module I guess you can just change PREFIX in the CPAN Config.pm (but I haven’t tested this)

N.B.: If you can’t find installprivlib and installarchlib in tie %Config just add them.

Categories: Perl Tags: ,

Getting human reading time info from RRD files

December 17th, 2008 No comments

You have a .rrd file but you don’t remember how much time RRAs can store data ? all right, no problem.

First save this Perl code into a .pl file.

$step = $1 if (m/step = (\d+)/);
$rows = $1 if (m/rra.*\.rows = (\d+)/);
if (m/(.*)\.pdp_per_row = (\d+)/) {
$pdp = $2; $time = $step*$rows*$pdp;
if ($time > 31536000) { $time = sprintf("%.2f year",$time/31536000) }
elsif ($time > 86400) { $time = sprintf("%.2f days",$time/86400) }
elsif ($time > 3600) { $time = sprintf("%.2f hours",$time/3600) }
print "$1: $step*$rows*$pdp = $time\n";
}

Assuming the filename of the script is rrd_info.pl, run this Shell command:

rrdtool info file.rrd | perl -n rrd_info.pl

Here is an output example:

rra[0]: 300*864*1 = 3.00 days
rra[1]: 300*864*5 = 15.00 days
rra[2]: 300*702*25 = 60.94 days
rra[3]: 300*840*125 = 364.58 days
rra[4]: 300*840*625 = 4.99 year
rra[5]: 300*864*1 = 3.00 days
rra[6]: 300*864*5 = 15.00 days
rra[7]: 300*702*25 = 60.94 days
rra[8]: 300*840*125 = 364.58 days
rra[9]: 300*840*625 = 4.99 year
rra[10]: 300*864*1 = 3.00 days
rra[11]: 300*864*5 = 15.00 days
rra[12]: 300*702*25 = 60.94 days
rra[13]: 300*840*125 = 364.58 days
rra[14]: 300*840*625 = 4.99 year

The formula is update step time * numbers of rows in the rra * pdp_per_row

Categories: Perl, RRDTool Tags: , ,

How big is you MP3 collection all over your hard drives ?

December 17th, 2008 No comments

You want to know the total size of all your .mp3 files ? (or any kind of file, juste change the locate argument)

Try :

locate .mp3 | perl -e 'while(<STDIN>) { chop ; $tsize += -s $_; } print $tsize/1048576 . "Mo\n"'

or

locate .mp3 | perl -e 'foreach (<>) { chop and $_["+"]+=-s$_ } print $_["+"]/1048576 . "Mo\n"'

or if you didn’t have perl (sorry for you ;))

locate .mp3 | awk '{print "\"" $0 "\""}' | xargs ls -l | awk 'BEGIN{s=0}{s+=($5/1024/1024)}END{print s "Mo"}'
Categories: Perl, Unix Tags: , ,

Add IPF rule automatically from log files

December 17th, 2008 No comments

Here is a very simple command to add a rule to your firewall (IPF in my example) when you match something in a log file (apache in this case)

for item in `tail -n 150 access_log | grep "c+dir" | awk '{print $1}'` ;
  do echo "block in quick on ne0 proto ip from $item to any" >> /etc/ipf.conf ;
done

This read 150 last line of access_log using tail, use grep as matching operator, use awk to catch ip (note that you could do /c+dir/{print $1} in awk to don’t use grep) then add a blocking rule in /etc/ipf.conf

You may want to add a comment to the end of the blocking rule saying why it was blocked.

Don’t forget to reload the firewall, /sbin/ipf -Fa -f /etc/ipf.conf for ipf, from time to time with cron to active the rule.

You may reload the firewall each time with

for item in `tail -n 150 access_log | grep "c+dir" | awk '{print $1}'` ;
  do echo "block in quick on ne0 proto ip from $item to any" >> /etc/ipf.conf; /sbin/ipf -Fa -f /etc/ipf.conf ;
done

This system has 2 problems:

  • You must run tail from cron as -f can’t work with the for statement.
  • Rules are added at the end of ipf.conf, this is very useless if you have pass in quick proto ip any to any port 80 before.

So, here is a Perl script that will do a better job.

my $IPF_FILE="/etc/ipf.conf";
my $TMP_FILE="/tmp/ipf.new.rules";
my %h;
open (FILE,"tail -fn 1 /usr/local/apache/logs/access_log|") || die "can't open FILE: $!";
 while (<FILE>) {
  if ($_ =~ /^(.*)s-s-.*c+dir/) {
   if(exists($h{"$1"})) { $h{"$1"}++ }
   else {
    $h{"$1"} = 1;
    open(IPF, "< $IPF_FILE") or die "can't open $IPF_FILE: $!";
    open(TMP, "> $TMP_FILE") or die "can't open $TMP_FILE: $!";
    print TMP "block in log quick on ne0 from $1 to anyn" or die "can't write to $TMP_FILE: $!";
    while (<IPF>) { (print TMP $_) or die "can't write to $TMP_FILE: $!"; }
    close(IPF)                  or die "can't close $IPF_FILE: $!";
    close(TMP)                  or die "can't close $TMP_FILE: $!";
    rename("$TMP_FILE", "$IPF_FILE") or die "can't rename $TMP_FILE to $IPF_FILE: $!";
    system("ipf -Fa -f $IPF_FILE");
   }
  }
 }
close (FILE);
}

Incrementation of $h{“$1”} is totally useless here but you may use it for something (like waiting more than one attemp of the IP before adding it to IPF). $h is used to don’t firewall two time the same IP.

You may think that $h is not usefull because as we have blocked the IP, we will not get any new request from it. Not really

  • Tail is not working really in live, it check time to time for new line then print them, so between the first request of the IP and the reload of the firwall, you may have more than one request (don’t forget that reloading ipf take time also);
  • My IPF rule is very strict, you may only block port 80, so you can still get request on port 443, or things like that.
Categories: NetBSD, Perl, Unix Tags: , , ,