Blog

Blogs and Wikis: Why just now?

Man, I am really enjoying having my own blog and wiki. It’s so addicting! And how I wish I had started a lot sooner. I can’t even imagine how much data I would’ve logged and shared if I had started sooner. Oh, well…it’s alright, the good thing is I’ve already started. No use on sulking over poured milk, ey…

According to Wikipedia, a blog or weblog is a user-generated website where entries are made in journal style and displayed in a reverse chronological order.

A wiki, on the other hand, is a website that allows visitors to add, remove, edit and change content, typically without the need for registration.

I use both: blog for my journal and wiki as my knowledge-base. =0)

OK, so here are my brief pros-and-cons thoughts regarding these technologies:

Pros: addicting, release for creativity, journal-like, forces you (as a by-product) to really think which will keep your mind sharp, writing skills increases, career-enhancing, allows you to share knowledge with others, empowers you to archive and organize knowledge and thoughts very well

Cons: time-demanding, addicting, must be focused on what posts you write, must be careful with what you say (read: employers)

As you can see, the pros outweigh the cons – this, of course, are my own personal thoughts on it. What I’m trying to say is, if used right, these two technologies can free you.

Lastly, to end this post, I share this article from Penelope Trunk‘s excellent career-oriented blog discussing why “Blogging is good for your career.”

Until the next, ciao!

iptables script

I’ve been running Fedora Core 1 for about, hmm…5 years(?) on my little ‘ole work-horse server, but this reliable/stable OS has started showing its age.  Repository issues, keeping software and everything else up-to-date.  Ugh.  =0( 

I was initially sold on installing RHEL ES 4 (I had the disks already), but my server had problems with the “transferring image to install…” phase.  So, I took it as a sign to stick with Fedora, which I was happy about since I’m used to it.  More importantly, however, it was an opportunity to try out the new Fedora Core release.

So with tools in hand, I backed up all my scripts and website files and installed Fedora Core 6 last night.  It took about 4 hours to install and configure – in fact, I started a “how-to” on my wiki, just in case I have to do it all over again.

OK, so enough of the rambling.  This post is, after all, about iptables (hats off to to the netfilter.org guys/gals and thanks to Dan Farino for helping out with this).  BTW, I had to disable the security firewall on Fedora to have more control over the firewall.

Steps to take:

  1. Open up a terminal
  2. cd /usr/local/src
  3. mkdir iptables
  4. vi iptables
  5. Copy and paste the script below
  6. chmod 777 scriptname
  7. ./scriptname

Verify no errors occurred, then once done, type the following:

tail -f /var/log/messages

From this point, watch for some interesting stuff.  =0)

Simple enough, huh?  Hopefully, you can make use of this script to build your personal *nix firewall.  Take care.

Make sure /proc/sys/net/ipv4/p_forward is ‘1’ and both ip_conntrack_ftp & ip_nat_ftp modules are loaded (use modprobe modulename).

#————————————————-#

# flush and delete chains
iptables -F
iptables -X
iptables -t nat -F

# default policies
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

iptables -t nat –policy PREROUTING ACCEPT
iptables -t nat –policy POSTROUTING ACCEPT
iptables -t nat –policy OUTPUT ACCEPT

# new user-defined chains
iptables -N tcp-state-flags
iptables -N fragments
iptables -N spoof
iptables -N syn-flood

iptables -N log-tcp-state
iptables -N log-drop-spoof

iptables -N log-input-accept

iptables -N log-input-drop
iptables -N log-fwd-drop

#————————————————-#

# input rules
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i ! eth0 -j ACCEPT
iptables -A INPUT -p tcp -j tcp-state-flags
iptables -A INPUT -m state –state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -f -j fragments
iptables -A INPUT -m state –state NEW -j spoof
iptables -A INPUT -p tcp –dport 80 -m state –state NEW -j ACCEPT
iptables -A INPUT -j log-input-drop

# forward rules
iptables -A FORWARD -i lo -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -m state –state NEW,RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -m state –state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -j log-fwd-drop

# output rules
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A OUTPUT -o eth0 -m state –state NEW,RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth1 -m state –state NEW,RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -m state –state INVALID -j DROP

#————————————————-#

# tcp-state-flags rules
iptables -A tcp-state-flags -p tcp –tcp-flags ALL NONE -j log-tcp-state
iptables -A tcp-state-flags -p tcp –tcp-flags SYN,FIN SYN,FIN -j log-tcp-state
iptables -A tcp-state-flags -p tcp –tcp-flags SYN,RST SYN,RST -j log-tcp-state
iptables -A tcp-state-flags -p tcp –tcp-flags FIN,RST FIN,RST -j log-tcp-state
iptables -A tcp-state-flags -p tcp –tcp-flags ACK,FIN FIN -j log-tcp-state
iptables -A tcp-state-flags -p tcp –tcp-flags ACK,PSH PSH -j log-tcp-state
iptables -A tcp-state-flags -p tcp –tcp-flags ACK,URG URG -j log-tcp-state

# fragments rules
iptables -A fragments -f -j LOG –log-level info –log-prefix “___ipt:fragment___: “
iptables -A fragments -f -j DROP

# spoof rules
iptables -A spoof -s 127.0.0.0/8 -j log-drop-spoof
iptables -A spoof -s 10.0.0.0/8 -j log-drop-spoof
iptables -A spoof -s 255.255.255.255 -j log-drop-spoof
iptables -A spoof -s 0.0.0.0/8 -j log-drop-spoof
iptables -A spoof -s 169.254.0.0/16 -j log-drop-spoof
iptables -A spoof -s 172.16.0.0/12 -j log-drop-spoof
iptables -A spoof -s 192.0.2.0/24 -j log-drop-spoof
iptables -A spoof -s 192.168.0.0/16 -j log-drop-spoof
iptables -A spoof -s 224.0.0.0/4 -j log-drop-spoof
iptables -A spoof -s 248.0.0.0/5 -j log-drop-spoof
iptables -A spoof -s 240.0.0.0/5 -j log-drop-spoof

# syn-flood rules
iptables -A syn-flood -m limit –limit 1/s –limit-burst 4 -j RETURN
iptables -A syn-flood -j LOG –log-level info –log-prefix “___ipt-fw:syn-flood___: “
iptables -A syn-flood -j DROP

# log-tcp-state rules
iptables -A log-tcp-state -j LOG –log-level info –log-prefix “___ipt:invalid-tcp-flag___: “
iptables -A log-tcp-state -j DROP

# log-drop-spoof rules
iptables -A log-drop-spoof -j LOG –log-level info –log-prefix “___ipt:spoof,mcast___: “
iptables -A log-drop-spoof -j DROP

# log-input-accept rules
iptables -A log-input-accept -j LOG –log-level info –log-prefix “___ipt:input-accept___: “
iptables -A log-input-accept -j ACCEPT

# log-input-drop
iptables -A log-input-drop -j LOG –log-level info –log-prefix “___ipt:input-drop___: “
iptables -A log-input-drop -j DROP

# log-fwd-drop
iptables -A log-fwd-drop -j LOG –log-level info –log-prefix “___ipt:fwd-drop___: “
iptables -A log-fwd-drop -j DROP

#————————————————-#

# postrouting
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

#————————————————-#

# activate rules
iptables-save
iptables-save > /etc/sysconfig/iptables
service iptables restart

#————————————————-#

Add text highlighting in ASP.NET 2.0 GridView

I built an ASP.NET 2.0 web application [for the company I work for] that streamlined the deployment process to our production environment. It processed, tracked, archived, and notified automatically on each step of the deployment process.

So with that in mind, I’ll be showing you how to add text highlighting in a GridView; for example, a Date & Time column (i.e., red=overdue, green=still OK), which, at work, presented to the the technical group if a deployment was late or not. =0)

Here’s a screenshot:

Fig. 1.1 – Text highlighting in ASP.NET 2.0 GridView

Text highlighting in ASP.NET GridView

Adding this feature is quite easy. The first thing you’ll need to do is add a RowDataBound event in the GridView code:

<font size="2"><span style="color: #0000ff">&lt;</span><span style="color: #a31515">asp</span><span style="color: #0000ff">:</span><span style="color: #a31515">GridView</span> <span style="color: #ff0000">OnRowDataBound</span><span style="color: #0000ff">="GridView_RowDataBound"&gt;</span></font>

The second thing is add an ASP label within an ASP template field, like so:
<font size="2"><span style="color: #0000ff">&lt;</span><span style="color: #a31515">asp</span><span style="color: #0000ff">:</span><span style="color: #a31515">TemplateField</span> <span style="color: #ff0000">HeaderText</span><span style="color: #0000ff">="Date &amp; Time"</span>

            <span style="color: #ff0000">SortExpression</span></font><font size="2"><span style="color: #0000ff">="TargetDateTime"&gt;

</span>    <span style="color: #0000ff">&lt;</span><span style="color: #a31515">ItemTemplate</span></font><font size="2"><span style="color: #0000ff">&gt;

</span>        <span style="color: #0000ff">&lt;</span><span style="color: #a31515">asp</span><span style="color: #0000ff">:</span><span style="color: #a31515">Label</span> <span style="color: #ff0000">ID</span><span style="color: #0000ff">="lblTargetDateTime"</span> <span style="color: #ff0000">runat</span><span style="color: #0000ff">="server"</span>

                <span style="color: #ff0000">Text</span><span style="color: #0000ff">='</span><span style="background: #ffee62 none repeat scroll 0% 50%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial">&lt;%</span># Eval("TargetDateTime") <span style="background: #ffee62 none repeat scroll 0% 50%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial">%&gt;<span style="color: #0000ff"></span>'</span> </font><font size="2"><span style="color: #0000ff">/&gt;

</span>    <span style="color: #0000ff">&lt;/</span><span style="color: #a31515">ItemTemplate</span></font><font size="2"><span style="color: #0000ff">&gt;

</span><span style="color: #0000ff">&lt;/</span><span style="color: #a31515">asp</span><span style="color: #0000ff">:</span><span style="color: #a31515">TemplateField</span><span style="color: #0000ff">&gt;</span></font>

Pretty simple so far, ‘ey?  Now, to the last bread-and-butter step, the code-behind file:

<font size="2"><span style="color: #0000ff">using</span> System.Drawing;</font><font size="2">
</font><span style="color: #0000ff"><font size="2">private</font></span><font size="2"> <span style="color: #0000ff">void</span> GridView_RowDataBound(<span style="color: #0000ff">object</span> sender,

        <span style="color: #2b91af">GridViewRowEventArgs</span> e)

{

    </font><font size="2"><span style="color: #008000">// Find control to add text highlighting

</span>    <span style="color: #0000ff">if</span> (e.Row.RowType == <span style="color: #2b91af">DataControlRowType</span>.DataRow)

    {

        </font><font size="2"><span style="color: #008000">// Create Label datatype then cast and assign control

</span>        <span style="color: #2b91af">Label</span> dateTimeType =

            (<span style="color: #2b91af">Label</span>)e.Row.FindControl(<span style="color: #a31515">"lblTargetDateTime"</span>);</font>

<font size="2">
</font><font size="2">        </font><font size="2"><span style="color: #008000">// Instantiate new DateTime object

</span>        <span style="color: #2b91af">DateTime</span> dateTime = <span style="color: #0000ff">new</span> <span style="color: #2b91af">DateTime</span>();

        dateTime = <span style="color: #2b91af">Convert</span>.ToDateTime(dateTimeType.Text);</font>

<font size="2">
</font><font size="2">        </font><font size="2"><span style="color: #008000">// Set coloring based on date and time

</span>        <span style="color: #0000ff">if</span> (<span style="color: #2b91af">DateTime</span>.Compare(dateTime, <span style="color: #2b91af">DateTime</span>.Today) &gt;= 0)

            dateTimeType.BackColor = Color.LawnGreen;

        </font><font size="2"><span style="color: #0000ff">else

</span>            dateTimeType.BackColor = Color.Red;

    }

}</font>

That’s it! Using text highlighting in your GridView not only makes it look “pretty,” but also emphasizes a record’s importance based on colors.

The power of ‘$’ in Windows

The $ character not only exudes money and power, but is also useful in many dynamically-typed languages, such as Perl and Windows PowerShell. I won’t be discussing it’s use in any of these languages, but rather, how you can take advantage of it in one powerful way: To share a folder in “steath-mode.”

Here’s how:

  1. Navigate to the folder you’d like to share.
  2. Access the Sharing and Security properties.
  3. Share the folder like so: FolderName$, then apply the change.
  4. Next go to the Security tab and add the user with the appropriate permissions.

That’s pretty much it. To access, type the following from the Run command: \\ComputerName\FolderName$

Essential Windows tools

I’m actually a Mac and Linux convert, but use a Windows PC [for work] on a daily basis. And as all of you may know, Windows doesn’t provide a lot of the “essential” and/or “nice-to-have” tools out-of-the-box (which I think are essential) compared to OS X and Linux. Why another list? Why not? So here’s my list, in no particular order:

  • FireFox – The best browser (duh?)! Just check out the add-ons.
  • AVG – The best free anti-virus software out there.
  • Windows Server 2003 Administration Tools Pack – Free and it’s essential if you administer AD, etc.
  • PS Tools – Best command-line tools from Systinternals.
  • WinRAR – Way, way better than WinZip.
  • visionApp – An excellent alternative to Windows’ Remote Desktop Manager. You can save credentials and pair it to any connection for auto-login (only on XP/2K3 and up).
  • RealVNC – RDP’s not the only remote control software out there.
  • UltraMon – A really must-have if using dual monitors.
  • Windows PowerShell – A new, excellent shell from Microsoft that uses the .NET Framework in a scripting environment and method.
  • Taskbar Manager – If you’re like me, you like your apps opened and sequenced in a certain order, especially, when a program crashes.
  • Cygwin – This virtual workspace mimics a *nix environment, which becomes handy when you need to perform text parsing.
  • PuTTY – A must have if you need to access routers, SSH tunnels, and telnet.
  • TextPad – Not only can you use it for .txt files, but you can take advantage of the highlighting features it provides to program in C, C++, Perl, etc.

That’s it! Hopefully, this list will help you become a more productive and efficient Windows user.

Disclaimer: Some tools I mention are not free, but I’ve found them to be invaluable in numerous occasions. Some of the tools can also be older, but again, invaluable.