Last year, I’ve come across a person, a magical person to be precise. This person later became my good friend. The magical power they possessed was read-only ptrace privilege over me. I hoped to meet that person in person, thankfully it never happened, and I hope it never happens in future either. Amen!
Anyways, the point of this post is here to remind me that there exists such a person, who can tcpdump/ptrace me and tell me that we’ve similar thoughts. 
I recently needed to analyse a tcpdump output for an application layer protocol (mysql). Wireshark is there, but I wanted to be able to process the output with various text-process utilities. So I decided to give a shot to tshark(1), which is part of wireshark, and is like wireshark for terminals. With it, I was able to find get the list of SELECT queries from the captured stream, using following command-line:
% tshark -r file.cap -d "tcp.port==$port,mysql" -Eheader=y -Tfields -e ip.src -e tcp.stream -e mysql.query -R 'mysql.query contains "SELECT"'
Perfect!
Eternity is a terrible thought. I mean, where’s it going to end?
— Tom Stoppard
Have a goodyear ahead!
Following is a script to checkout FreeBSD sources (from its subversion repository) to specific patch-level as asked by a friend on IRC:
#!/bin/sh
if [ -z "$1" -o -z "$2" ]; then
echo Usage: $0 release patchlevel
echo e.g. To get 8.0-p5, $0 8.0 5
exit 0
fi
RVER=$1
PVER=$2
SVNBASE=svn://svn.freebsd.org/base/releng
NEWVERS=sys/conf/newvers.sh
LIMIT=40
RETVAL=0
SVNLOG=$(mktemp -t $(basename $0))
if svn log -l $LIMIT $SVNBASE/$RVER/$NEWVERS >$SVNLOG; then
BASEREV=$(awk 'BEGIN { sec=1; i=0; } /^r[[:digit:]]+/ { sec=0; revs[i++]=rev=$1; } /^(Security|Errata):/ { sec=1; } /^-+$/ { if(sec == 0) { print revs[i-'$PVER'-1]; exit 0; } }' <$SVNLOG)
echo svn co -$BASEREV $SVNBASE/$RVER
else
echo Error executing svn log
RETVAL=$1
fi
rm -f $SVNLOG
exit $RETVAL
Obligatory screenshot:
chateau.d.if!abbe [~/bin] % co-freebsd-sources 7.0 4 svn co -r182740 svn://svn.freebsd.org/base/releng/7.0 chateau.d.if!abbe [~/bin] % svn cat -r 182740 svn://svn.freebsd.org/base/releng/7.0/sys/conf/newvers.sh|grep RELEASE-p BRANCH="RELEASE-p4"
Download link: http://www.lostca.se/~abbe/scripts/co-freebsd-sources SHA256 sum: c9958c4fd7cae5a5e9ff3fa84ba3af6adf38d9c8494b7913ad5b3a2f265a3f48
Sometime ago, I’ve received SSH access to a host which was quite restricted. Lots of executables are denied execution, as it was supposed to be only for learning, so no network access curl/wget/nc/socat/ssh -(L|D|R), or compilers, but then it’s got bash. Here is a tiny hack to connect to IRC from that host:
1. Create a file irc.sh on $host:
#!bash exec 3<>/dev/tcp/irc.freenode.net/7070 cat <&3 & cat >&3
2. Add following line to inetd/xinetd (or netcat):
sua stream tcp nowait $localuser /usr/bin/ssh ssh -i $privatekey -l $user $host bash irc.sh
3. Now connect your IRC client to localhost:sua (localhost:14001).
This is only a fun hack, and not something used to regularly circumvent access.
On numerous occasions, I need to find the direct shared library dependencies (for ELF ofcourse), and not what ldd(1) outputs. And at all those occasions, I’d to RTFM objdump(1) everytime, and now since I plan to ditch laziness, here is a script which I wrote:
#!/bin/sh
if [ -n "$1" ]; then
objdump --all-headers $1|awk '/^[[:space:]]*NEEDED/ { print "'$1' "$2; }'
else
echo Usage: $0 file.so
fi
Obligatory screenshot:
chateau.d.if!abbe [~] % ldd.sh /bin/ls /bin/ls libutil.so.9 /bin/ls libncurses.so.8 /bin/ls libc.so.7
HTH
After being a FreeBSD port maintainer for mail/opensmtpd port for quite sometime, missing updates, and committing a buggy snapshot, I decided to start using OpenSMTPD myself. It was on my TODO list since a long time, with a pf-like configuration syntax, it was very tempting. Due to laziness, I was not switching to it, so yesterday I gave up (my laziness ofcourse ), and following is my OpenSMTPD configuration:
listen on lo0
expire 3d
table aliases db:/usr/local/etc/mail/aliases.db
table secrets db:/usr/local/etc/mail/secrets.db
table personal { "user1@domain1.tld", "user2@domain2.tld" }
accept for local alias <aliases> deliver to mda "/usr/local/libexec/dovecot/deliver -o mail_location=mdbox:%{user.directory}/.mdbox -f %{sender}"
# my personal accounts
accept from local sender <personal> for any relay via smtp://localhost:8027
# my another personal account but goes through different MTA
accept from local sender user3@doman3.tld for any relay via smtp://localhost:8025
# my work account
accept from local sender work@workdomain.tld for any relay via tls+auth://work@localhost:8026 auth <secrets>
More details about my email setup in this mailing-list post. Back to being lazy again!
It’s been a long time since I posted something here. The diff of last post and this post is so big that even I’m lazy to post. I’ve lost couple of people past year which I’m never going to see again (mapM_ rip allOfThem), but then I cleaned up a bit of TODO, so it felt like worth coming back!
Hopefully this time, I’m here to stay for a longer time (despite the fact that time is always long).
/away
"Technique?" said the programmer turning from his terminal, "What I follow is Tao -- beyond all technique! When I first began to program I would see before me the whole problem in one mass. After three years I no longer saw this mass. Instead, I used subroutines. But now I see nothing. My whole being exists in a formless void. My senses are idle. My spirit, free to work without plan, follows its own instinct. In short, my program writes itself. True, sometimes there are difficult problems. I see them coming, I slow down, I watch silently. Then I change a single line of code and the difficulties vanish like puffs of idle smoke. I then compile the program. I sit still and let the joy of the work fill my being. I close my eyes for a moment and then log off."