Monthly Archives: January 2010

oneliner of the day – ps

Leave a reply

This is one of my old favourites, that is useful both for verifying what shell you are running and also the $$ variable is very useful for scripting and writing pid files, lock files, statuses etc.

Let’s have a look at it:
ps -p $$

What this does is tell ps to look at the process specified with the -p flag.
And in this case that is $$.
$$ is in turn a shell variable expanding to the pid of the current running process, in our case the shell.

Example output:
%ps -p $$
PID  TT  STAT      TIME COMMAND
47991  p0  Ss     0:00.03 -csh (csh)

$ ps -p $$
PID   TT  STAT      TIME COMMAND
5404 s002  S      0:00.02 ksh

[henrik@character ~]$ ps -p $$
PID TT STAT TIME COMMAND
40668 1 S 0:00.02 bash

henke@3(NXDOMAIN):~> ps -p $$
PID TTY TIME CMD
3152 pts/2 00:00:00 bash

(FreeBSD; Mac OS X, FreeBSD and OpenSuSe respectively)
You get the point.

Share

ipfw to pf in a few steps

Leave a reply

I recently made the choice to switch firewall software on one of my servers from ipfw to pf. One of the reasons was to use the same software on all systems, and to simplify my rules wich needed some oversight anyway.

This is just a simple outline of how I did the move. There are some steps wich could be skipped or simoltaneous. But since this will all be done remote, I like to keep a bit to the cautious side.

First step, disabling ipfw:

Comment out the stuff related to ipdivert or nat in /etc/rc.conf since you cant kldunload the ipfw.ko module when it is in use. And you can’t kldunload ipdivert.ko. This meens you need to reboot it out.

After that is done

kldunload ipfw.ko

should work just fine. (you will loose your connection if you are logged in from remote since all the states were dropped, just login again)

Then comment out all the rest related to ipfw in rc.conf:

#firewall_enable="YES"
#firewall_script"/path/to/rule-script"
#firewall_etc..

Remember to also check in /boot/loader.conf that you’re not loading anything IPFW related there, like ipdivert. I forgot just that and it caused a lot of confusion at the time.

now just load up the pf kld to get the /dev/pf

kldload pf.ko

and you are ready to load your new shiny pf ruleset with the command
pfctl -e -f /etc/pf.conf

/etc/pf.conf is the default location so we dont need to add anything to /etc/rc.conf except

pf_enable="YES"

(if you want to change that use pf_rules=”/path/to/your/config”)

And you’re done, simple as that!

other interresting flags for rc.conf is

     pf_flags	 (str) If pf_enable is set to ``YES'', these flags are passed
		 to the pfctl(8) program when loading the ruleset.

     pflog_enable
		 (bool) Set to ``NO'' by default.  Setting this to ``YES''
		 enables pflogd(8) which logs packets from the pf(4) packet
		 filter.

     pflog_logfile
		 (str) If pflog_enable is set to ``YES'' this controls where
		 pflogd(8) stores the logfile (default /var/log/pflog).  Check
		 /etc/newsyslog.conf to adjust logfile rotation for this.

     pflog_program
		 (str) Path to pflogd(8) (default /sbin/pflogd).

     pflog_flags
		 (str) Empty by default.  This variable contains additional
		 flags passed to the pflogd(8) program.

Share

New blog

Leave a reply

This is the first post of this brand spanking new blog of mine.

I will just give a quick explanation / intro, and then we´re off! More content, less ramblings!

For a long time I have been wanting to start something new, different from what I have tried before. So this is part of that. This will be a purely IT related blog. It also serves as a great opportunity for me to get to play around a bit with WordPress! Those interrested in what is going on in my life in general have other ways of keeping up with me, or should simply get in touch more.

Some posts here will be regurgitations and more or less plain translations of some posts from my previous blog over at blogger and other previous writings.

My first post on topic will be up soon, so check back in!

Oh, and since this is a new blog I will be playing around with the look and feel extensively. Any feedback is much appreciated.

Share