Yumex to the rescue!

Yumex is a yum extender that provides a GUI for package management.

So why am I writing about it, well, read on…

I had written recently about my upgrading from Fedora Core 1 to Fedora Core 6, and one major, annoying issue I encountered was with the yum updates.

I encountered approximately 5 conflicts and about 2 dependency errors.  I believe it was with php-do and php and some elib libraries.  I know, I know.  You’re thinking, “if it ain’t broke, don’t fix it,” right?  Well, unfortunately, I can only take so much of that.

So, with the mission at hand, I started googling for fixes and finally found a thread about yumex.  I yum installed it, went into init 5 (I run init 3 by default), vnc‘ed into my box and run it.

After having used it, I strongly recommend you give it a try, especially if you have problems updating via a terminal window.

What yumex gives you is the freedom to update only certain packages via a click-and-process method; for example to fix my problem, I updated 15-20 packages at a time, continuously went through the list until I came across the offending package.  I then took care of problematic ones one-by-one.

Pretty cool, ey…All you need to complete this process is patience and a book.  =0)

Blogs and Wikis: Why just now?

Man, I am really enjoying having my own blog and wiki. It’s so addicting! And how I wish I had started a lot sooner. I can’t even imagine how much data I would’ve logged and shared if I had started sooner. Oh, well…it’s alright, the good thing is I’ve already started. No use on sulking over poured milk, ey…

According to Wikipedia, a blog or weblog is a user-generated website where entries are made in journal style and displayed in a reverse chronological order.

A wiki, on the other hand, is a website that allows visitors to add, remove, edit and change content, typically without the need for registration.

I use both: blog for my journal and wiki as my knowledge-base. =0)

OK, so here are my brief pros-and-cons thoughts regarding these technologies:

Pros: addicting, release for creativity, journal-like, forces you (as a by-product) to really think which will keep your mind sharp, writing skills increases, career-enhancing, allows you to share knowledge with others, empowers you to archive and organize knowledge and thoughts very well

Cons: time-demanding, addicting, must be focused on what posts you write, must be careful with what you say (read: employers)

As you can see, the pros outweigh the cons – this, of course, are my own personal thoughts on it. What I’m trying to say is, if used right, these two technologies can free you.

Lastly, to end this post, I share this article from Penelope Trunk‘s excellent career-oriented blog discussing why “Blogging is good for your career.”

Until the next, ciao!

iptables script

I’ve been running Fedora Core 1 for about, hmm…5 years(?) on my little ‘ole work-horse server, but this reliable/stable OS has started showing its age.  Repository issues, keeping software and everything else up-to-date.  Ugh.  =0( 

I was initially sold on installing RHEL ES 4 (I had the disks already), but my server had problems with the “transferring image to install…” phase.  So, I took it as a sign to stick with Fedora, which I was happy about since I’m used to it.  More importantly, however, it was an opportunity to try out the new Fedora Core release.

So with tools in hand, I backed up all my scripts and website files and installed Fedora Core 6 last night.  It took about 4 hours to install and configure – in fact, I started a “how-to” on my wiki, just in case I have to do it all over again.

OK, so enough of the rambling.  This post is, after all, about iptables (hats off to to the netfilter.org guys/gals and thanks to Dan Farino for helping out with this).  BTW, I had to disable the security firewall on Fedora to have more control over the firewall.

Steps to take:

  1. Open up a terminal
  2. cd /usr/local/src
  3. mkdir iptables
  4. vi iptables
  5. Copy and paste the script below
  6. chmod 777 scriptname
  7. ./scriptname

Verify no errors occurred, then once done, type the following:

tail -f /var/log/messages

From this point, watch for some interesting stuff.  =0)

Simple enough, huh?  Hopefully, you can make use of this script to build your personal *nix firewall.  Take care.

Make sure /proc/sys/net/ipv4/p_forward is ‘1’ and both ip_conntrack_ftp & ip_nat_ftp modules are loaded (use modprobe modulename).

#————————————————-#

# flush and delete chains
iptables -F
iptables -X
iptables -t nat -F

# default policies
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

iptables -t nat –policy PREROUTING ACCEPT
iptables -t nat –policy POSTROUTING ACCEPT
iptables -t nat –policy OUTPUT ACCEPT

# new user-defined chains
iptables -N tcp-state-flags
iptables -N fragments
iptables -N spoof
iptables -N syn-flood

iptables -N log-tcp-state
iptables -N log-drop-spoof

iptables -N log-input-accept

iptables -N log-input-drop
iptables -N log-fwd-drop

#————————————————-#

# input rules
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i ! eth0 -j ACCEPT
iptables -A INPUT -p tcp -j tcp-state-flags
iptables -A INPUT -m state –state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -f -j fragments
iptables -A INPUT -m state –state NEW -j spoof
iptables -A INPUT -p tcp –dport 80 -m state –state NEW -j ACCEPT
iptables -A INPUT -j log-input-drop

# forward rules
iptables -A FORWARD -i lo -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -m state –state NEW,RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -m state –state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -j log-fwd-drop

# output rules
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A OUTPUT -o eth0 -m state –state NEW,RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth1 -m state –state NEW,RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -m state –state INVALID -j DROP

#————————————————-#

# tcp-state-flags rules
iptables -A tcp-state-flags -p tcp –tcp-flags ALL NONE -j log-tcp-state
iptables -A tcp-state-flags -p tcp –tcp-flags SYN,FIN SYN,FIN -j log-tcp-state
iptables -A tcp-state-flags -p tcp –tcp-flags SYN,RST SYN,RST -j log-tcp-state
iptables -A tcp-state-flags -p tcp –tcp-flags FIN,RST FIN,RST -j log-tcp-state
iptables -A tcp-state-flags -p tcp –tcp-flags ACK,FIN FIN -j log-tcp-state
iptables -A tcp-state-flags -p tcp –tcp-flags ACK,PSH PSH -j log-tcp-state
iptables -A tcp-state-flags -p tcp –tcp-flags ACK,URG URG -j log-tcp-state

# fragments rules
iptables -A fragments -f -j LOG –log-level info –log-prefix “___ipt:fragment___: “
iptables -A fragments -f -j DROP

# spoof rules
iptables -A spoof -s 127.0.0.0/8 -j log-drop-spoof
iptables -A spoof -s 10.0.0.0/8 -j log-drop-spoof
iptables -A spoof -s 255.255.255.255 -j log-drop-spoof
iptables -A spoof -s 0.0.0.0/8 -j log-drop-spoof
iptables -A spoof -s 169.254.0.0/16 -j log-drop-spoof
iptables -A spoof -s 172.16.0.0/12 -j log-drop-spoof
iptables -A spoof -s 192.0.2.0/24 -j log-drop-spoof
iptables -A spoof -s 192.168.0.0/16 -j log-drop-spoof
iptables -A spoof -s 224.0.0.0/4 -j log-drop-spoof
iptables -A spoof -s 248.0.0.0/5 -j log-drop-spoof
iptables -A spoof -s 240.0.0.0/5 -j log-drop-spoof

# syn-flood rules
iptables -A syn-flood -m limit –limit 1/s –limit-burst 4 -j RETURN
iptables -A syn-flood -j LOG –log-level info –log-prefix “___ipt-fw:syn-flood___: “
iptables -A syn-flood -j DROP

# log-tcp-state rules
iptables -A log-tcp-state -j LOG –log-level info –log-prefix “___ipt:invalid-tcp-flag___: “
iptables -A log-tcp-state -j DROP

# log-drop-spoof rules
iptables -A log-drop-spoof -j LOG –log-level info –log-prefix “___ipt:spoof,mcast___: “
iptables -A log-drop-spoof -j DROP

# log-input-accept rules
iptables -A log-input-accept -j LOG –log-level info –log-prefix “___ipt:input-accept___: “
iptables -A log-input-accept -j ACCEPT

# log-input-drop
iptables -A log-input-drop -j LOG –log-level info –log-prefix “___ipt:input-drop___: “
iptables -A log-input-drop -j DROP

# log-fwd-drop
iptables -A log-fwd-drop -j LOG –log-level info –log-prefix “___ipt:fwd-drop___: “
iptables -A log-fwd-drop -j DROP

#————————————————-#

# postrouting
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

#————————————————-#

# activate rules
iptables-save
iptables-save > /etc/sysconfig/iptables
service iptables restart

#————————————————-#

Add text highlighting in ASP.NET 2.0 GridView

I built an ASP.NET 2.0 web application [for the company I work for] that streamlined the deployment process to our production environment. It processed, tracked, archived, and notified automatically on each step of the deployment process.

So with that in mind, I’ll be showing you how to add text highlighting in a GridView; for example, a Date & Time column (i.e., red=overdue, green=still OK), which, at work, presented to the the technical group if a deployment was late or not. =0)

Here’s a screenshot:

Fig. 1.1 – Text highlighting in ASP.NET 2.0 GridView

Text highlighting in ASP.NET GridView

Adding this feature is quite easy. The first thing you’ll need to do is add a RowDataBound event in the GridView code:

<font size="2"><span style="color: #0000ff">&lt;</span><span style="color: #a31515">asp</span><span style="color: #0000ff">:</span><span style="color: #a31515">GridView</span> <span style="color: #ff0000">OnRowDataBound</span><span style="color: #0000ff">="GridView_RowDataBound"&gt;</span></font>

The second thing is add an ASP label within an ASP template field, like so:
<font size="2"><span style="color: #0000ff">&lt;</span><span style="color: #a31515">asp</span><span style="color: #0000ff">:</span><span style="color: #a31515">TemplateField</span> <span style="color: #ff0000">HeaderText</span><span style="color: #0000ff">="Date &amp; Time"</span>

            <span style="color: #ff0000">SortExpression</span></font><font size="2"><span style="color: #0000ff">="TargetDateTime"&gt;

</span>    <span style="color: #0000ff">&lt;</span><span style="color: #a31515">ItemTemplate</span></font><font size="2"><span style="color: #0000ff">&gt;

</span>        <span style="color: #0000ff">&lt;</span><span style="color: #a31515">asp</span><span style="color: #0000ff">:</span><span style="color: #a31515">Label</span> <span style="color: #ff0000">ID</span><span style="color: #0000ff">="lblTargetDateTime"</span> <span style="color: #ff0000">runat</span><span style="color: #0000ff">="server"</span>

                <span style="color: #ff0000">Text</span><span style="color: #0000ff">='</span><span style="background: #ffee62 none repeat scroll 0% 50%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial">&lt;%</span># Eval("TargetDateTime") <span style="background: #ffee62 none repeat scroll 0% 50%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial">%&gt;<span style="color: #0000ff"></span>'</span> </font><font size="2"><span style="color: #0000ff">/&gt;

</span>    <span style="color: #0000ff">&lt;/</span><span style="color: #a31515">ItemTemplate</span></font><font size="2"><span style="color: #0000ff">&gt;

</span><span style="color: #0000ff">&lt;/</span><span style="color: #a31515">asp</span><span style="color: #0000ff">:</span><span style="color: #a31515">TemplateField</span><span style="color: #0000ff">&gt;</span></font>

Pretty simple so far, ‘ey?  Now, to the last bread-and-butter step, the code-behind file:

<font size="2"><span style="color: #0000ff">using</span> System.Drawing;</font><font size="2">
</font><span style="color: #0000ff"><font size="2">private</font></span><font size="2"> <span style="color: #0000ff">void</span> GridView_RowDataBound(<span style="color: #0000ff">object</span> sender,

        <span style="color: #2b91af">GridViewRowEventArgs</span> e)

{

    </font><font size="2"><span style="color: #008000">// Find control to add text highlighting

</span>    <span style="color: #0000ff">if</span> (e.Row.RowType == <span style="color: #2b91af">DataControlRowType</span>.DataRow)

    {

        </font><font size="2"><span style="color: #008000">// Create Label datatype then cast and assign control

</span>        <span style="color: #2b91af">Label</span> dateTimeType =

            (<span style="color: #2b91af">Label</span>)e.Row.FindControl(<span style="color: #a31515">"lblTargetDateTime"</span>);</font>

<font size="2">
</font><font size="2">        </font><font size="2"><span style="color: #008000">// Instantiate new DateTime object

</span>        <span style="color: #2b91af">DateTime</span> dateTime = <span style="color: #0000ff">new</span> <span style="color: #2b91af">DateTime</span>();

        dateTime = <span style="color: #2b91af">Convert</span>.ToDateTime(dateTimeType.Text);</font>

<font size="2">
</font><font size="2">        </font><font size="2"><span style="color: #008000">// Set coloring based on date and time

</span>        <span style="color: #0000ff">if</span> (<span style="color: #2b91af">DateTime</span>.Compare(dateTime, <span style="color: #2b91af">DateTime</span>.Today) &gt;= 0)

            dateTimeType.BackColor = Color.LawnGreen;

        </font><font size="2"><span style="color: #0000ff">else

</span>            dateTimeType.BackColor = Color.Red;

    }

}</font>

That’s it! Using text highlighting in your GridView not only makes it look “pretty,” but also emphasizes a record’s importance based on colors.

The power of ‘$’ in Windows

The $ character not only exudes money and power, but is also useful in many dynamically-typed languages, such as Perl and Windows PowerShell. I won’t be discussing it’s use in any of these languages, but rather, how you can take advantage of it in one powerful way: To share a folder in “steath-mode.”

Here’s how:

  1. Navigate to the folder you’d like to share.
  2. Access the Sharing and Security properties.
  3. Share the folder like so: FolderName$, then apply the change.
  4. Next go to the Security tab and add the user with the appropriate permissions.

That’s pretty much it. To access, type the following from the Run command: \\ComputerName\FolderName$