Fail2ban: Block CIDR IP Address Ranges (aka wildcard)

Posted on

It [has been requested](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=724274) to have the ability in `fail2ban` to block whole IP address ranges.

Yaroslav Halchenko replied, saying

> we are working on the features which would occur in some 0.9.x release which would make it configurable out-of-the-box, but meanwhile you can just easily create an augmented action file where you would have customized iptables call with /XX to ban whatever big subnet you like

Well, at the time of this writing the current version is `Fail2Ban v0.8.6` – and it seems to not have CIDR capabilities out of the box. However, you can still have `fail2ban` block an IP address by using a command like this:

fail2ban-client -vvv set apache banip 1.2.3.0/24

Your fail2ban log file ( maybe `/var/log/fail2ban.log` ) should have information about the rule you just added. Also, the `-vvv` flag tells the command to be verbose.

For the rule to take effect, you may need to wait until one of the other files fail2ban is monitoring has a change. So check out your /etc/fail2ban/jail.local file, see what is enabled, and then run `touch /path/to/file` on a logfile you are watching with fail2ban

Posted in Server Admin | Leave a comment

How to use http_get_request_headers with PECL_HTTP version 2

Posted on

If you’re using the version 2 `pecl_http` (possibly version 2.0.6?) on your webserver, perhaps Ubuntu or CentOS, with PHP5, maybe 5.3, 5.4, or 5.5, you may have noticed that after getting it all installed and adding this to your `php.ini` file:

extension=raphf.so
extension=propro.so
extension=http.so

But then when you try and use the function `get_request_headers()` you end up getting:

> PHP Fatal error: Call to undefined function http_get_request_headers()

Well, when this extension switched to [pecl/http v2](http://devel-m6w6.rhcloud.com/mdref/http) it changed a lot of things, and global functions was one of them. It now uses namespaces, and so instead of using `http_get_request_headers()` you’ll need to use something like this:

$headers = \http\Env::getRequestHeader();
print_r($headers);

The check out the [docs](http://devel-m6w6.rhcloud.com/mdref/http/Env/getRequestHeader) for more details on how to use the new function, basically you’ll see

##getRequestHeader: Retrieve one or all headers of the current HTTP request.

###Parameters:

Optional string **$header_name**

The key of a header to retrieve.

###Returns:

– NULL, if $header_name was not found
– string, the compound header when $header_name was found
– array of all headers if $header_name was not specified

Posted in Web Development | Tagged , | Leave a comment

How to install pecl pecl_http with homebrew php54 / php55

Posted on

You may be tempted to try and run `pecl install pecl_http` if you’re using `homebrew` on Mac OS X in order to be able to access functions like `http_get_request_headers` – but there’s a better way. Instead, try using the command `brew install php54-http` or `brew install php55-http` ( depending on if you are using php 5.4 or php 5.5 with homebrew )

You can get more info about `pecl_http` with homebrew by using `brew info php54-http` or `brew info php55-http` ( again depending on your PHP version ).

If you have already tried `pecl install pecl_http` you may want to run `pecl uninstall pecl_http` before running the other commands.

If you have previously used something like `brew install php54-http` and now it doesn’t seem to be loading, check your configuration file in `/usr/local/etc/php/5.4/conf.d` or try doing:

brew remove php54-http

And then running:

brew install php54-http

Posted in Tech Tips | Tagged , | Leave a comment

zshell: rsync hostname completion with zsh

Posted on

If you use `ssh` a lot with `zsh` and have a lot of entries in your hostsfile (`/etc/hosts`) you might find it convenient to disable completion from these hosts by using:

zstyle ‘:completion:*’ hosts off

However, this may give you adverse affects, and your hostnames may stop auto-completing with `rsync` – in order to fix this try also adding this in to your `.zshrc`

zstyle -s ‘:completion:*:hosts’ hosts _ssh_config
[[ -r ~/.ssh/config ]] && _ssh_config+=($(cat ~/.ssh/config | sed -ne ‘s/Host[=\t ]//p’))
zstyle ‘:completion:*:hosts’ hosts $_ssh_config

If you also use `oh-my-zsh` and are still having trouble, trying adding those lines **after** this line:

source $ZSH/oh-my-zsh.sh

Posted in Tech Tips | Tagged , | 1 Comment

Hide “You can search from here with Google” in Chromium

Posted on

If you’re running chrome in kiosk mode Google Chrome, or Chromium, or even if you are not using kiosk mode, you may have encountered the nuisance popup bubble telling you:

> You can search from here with Google

According to a [bug ticket](https://code.google.com/p/chromium/issues/detail?id=238836) you can create a `master_preferences` file “in the same directory as the chrome binary” and add this information to it:

{
“distribution” : {
“suppress_first_run_bubble”: true
}
}

That did not work for me, however, I used a command line switch ( a.k.a. a “flag” ) to successfully disable this popup balloon from showing.

Just use:

–no-first-run

When you are launching the Chrome / Chromium player.

That would look something like this on Linux:

./chrome –no-first-run

Or like this on Windows:

C:\path_to_chrome\chrome.exe –no-first-run

Posted in Linux | Tagged , | 1 Comment

strange error flushing buffer – solved

Posted on

When trying to use some LAME libraries like the WAV2SWF from swftools I started gettin this error:

> strange error flushing buffer

The file was still generated but it did not work.

Here’s what I did to fix:

###Installed the latest version of swftools

This was done on Ubuntu but you can probably do almost the same thing on Mac OS X. I tried using `homebrew` but was not able to get a new enough version of the software.

Make sure you have `zlib`

sudo apt-get install zlib1g-dev

Or

brew install zlib

Next check the [downloads page](http://swftools.org/download.html) and get the latest version of the software, something like:

cd /tmp
wget “http://swftools.org/swftools-2013-04-09-1007.tar.gz”
cd swftools-2013-04-09-1007
./configure
make

You can then install this if you want, but to test I just continued without installing:

cd src
./wav2swf ~/input.wav

this gave me another error:

Error: no mp3 soundstream support compiled in.

So to get around needing support for that you can just specify some additional parameter so it doesn’t have to detect them:

./wav2swf -d -s 44100 -o ~/test.swf ~/input.wav

And voila! it worked!

Additional parameters are:

Usage: wav2swf [-o filename] file.wav

-h , –help Print short help message and exit
-V , –version Print version info and exit
-o , –output Explicitly specify output file. (Otherwise, output will go to output.swf)
-r , –framerate Set file framerate to frames per second.
-s , –samplerate Set samplerate to frames per second (default: 11025).
-d , –definesound Generate a DefineSound tag instead of streaming sound.
-l , –loop n (Only used with -d)
-C , –cgi For use as CGI- prepend http header, write to stdout.
-S , –stop Stop the movie at frame 0
-E , –end Stop the movie at the end frame
-b , –bitrate Set mp3 bitrate to (default: 32)
-v , –verbose Be more verbose

Posted in Linux, Mac | Tagged , , | Leave a comment

How can I prevent zsh from autocompleting ssh hosts with the hosts file?

Posted on

In `bash` you am able to export a variable to prevent `/etc/hosts` from being used with autocompletion of the `ssh` command:

export COMP_KNOWN_HOSTS_WITH_HOSTFILE=””

You can try that setting that in `zsh` but it won’t work. If you’ve tried searching in the `zsh-completions` directory but couldn’t find anything similar, it’s because it’s not there.

How can I prevent zsh from autocompleting ssh hosts with the hosts file?

So, how can you prevent `zsh` from autocompleting ssh hosts with the `/etc/hosts` file?

Add this to your `~/.zshrc` file:

zstyle ‘:completion:*’ hosts off

Posted in Uncategorized | Leave a comment

What does zsh-lovers do?

Posted on

What is zsh-lovers? What does zsh-lovers do?

You may have run something like `brew search zsh` and gotten a few results:

zsh
zsh-completions
zsh-history-substring-search
zsh-lovers
zsh-syntax-highlighting
zshdb

Running `brew info zsh-lovers` isn’t that helpful:

zsh-lovers: stable 0.9.0
http://grml.org/zsh/#zshlovers
/usr/local/Cellar/zsh-lovers/0.9.0 (2 files, 60K) *
Built from source
From: https://github.com/Homebrew/homebrew/commits/master/Library/Formula/zsh-lovers.rb

And neither is visiting the website that is referenced: `http://grml.org/zsh/#zshlovers`

###So, what is zsh-lovers? And what does zsh-lovers do?

Simple! It’s just a `man` page with a lot of `zsh` examples that gets added alongside your other `man` pages, allowing you to run:

man zsh-lovers

And get this:

ZSH-LOVERS(1) ZSH-LOVERS(1)

NAME

zsh-lovers – tips, tricks and examples for the Z shell

SYNOPSIS

Just read it. ;-)

OVERVIEW

Whenever we look at the zsh manual we wonder why there are no examples
or those simply things in (shell) life. The zsh contains many features,
but there was no manpage with some examples (like procmailex(5)).
That’s why we wrote this manpage.

Most of the tricks and one-liner come from the mailing lists zsh-users,
zsh-workers, google, newsgroups and from ourself. See section LINKS for
details.

Note: This manpage (zsh-lovers(1)) is not an official part of the Z
shell! It’s just a just for fun – manpage ;) For comments, bug reports
and feedback take a quick look at the section BUGS.

Posted in Tech Tips | Tagged | Leave a comment

Video Modal Popup similar to Apple.com for HTML5 video

Posted on

I wanted to know “Are there any open source tools to create modal popups for videos like the ones used on apple.com ?”

I wanted something to do video popups in a modal like those on Apple.com – for product videos, etc. I was looking for how the popups are done on the main website – not the regular dialog popups on the apple “store” site.

After a lot of looking I found SublimeVideo which is not open source but it is free.

So, if you need it for popping up a video like how the main apple website does their videos, check out [SublimeVideo](http://www.sublimevideo.net/) and click on “lightbox”:

Video Modal Popup similar to Apple.com for HTML5 video

The customization is really easy and it is really easy to add multiple video sources / formats to have both low and high def ( HD ) video and posters, as well as a nice javascript API to interface with the video player.

Posted in Web Development | Tagged , | Leave a comment

QSFoundation/QSFoundation.h file not found – Building Quicksilver Plugins

Posted on

Ok, so you’ve read the [getting started](http://projects.skurfer.com/QuicksilverPlug-inReference.mdown#getting_started) guide on how to write quicksilver plugins, and read the [QSApp Blog Post](http://blog.qsapp.com/post/47769690224/developing-plugins-for-quicksilver) about how to get started with QS plugins, and checked out the Quicksilver [Plugin Development Reference](https://github.com/quicksilver/PluginDevelopmentReference) and checked out the [repo of current plugins](https://github.com/quicksilver/?query=plugin) and visited the [Quicksilver Developer Wiki](http://qsapp.com/wiki/Developer_Information) and already referenced the [Quicksilver Plugin Reference](http://qsapp.com/wiki/Plugin_Reference) and read PJRobertson’s [Quicksilver Plugin Reference page](https://github.com/quicksilver/PluginDevelopmentReference/blob/master/QuicksilverPlug-inReference.mdown) and now you have got your new Xcode project all setup and when you click “build” you get something like:

QSFoundation/QSFoundation.h file not found – Building Quicksilver Plugins

###Here’s what to check

Make sure that in Xcode5 you have set up the SourceTrees in the preference pane – it’s under Locations -> Source Trees:

QSFoundation/QSFoundation.h file not found – Building Quicksilver Plugins

Secondly, you should have also already used git to clone the [Quicksilver repo](https://github.com/quicksilver/Quicksilver) and built Quicksilver successfully. For help on this topic see [Building Quicksilver](http://qsapp.com/wiki/Building_Quicksilver).

Finally, you must have built Quicksilver for development in order for the header files to be in the right places. Here’s how to build for development:

QSFoundation/QSFoundation.h file not found – Building Quicksilver Plugins

To check and make sure the headers are in the correct place, check this folder:

/tmp/QS/build/Debug/QSFoundation.framework/Headers/

It should exist and not be empty.

For more help visit Quicksilver’s Google Group or open a support request on the Github page.

Posted in Web Development | Tagged | Leave a comment