Featured »

January 6, 2020 – 12:38 am

I have a squid proxy server that uses a long list of authenticated cache peers in a round-robin configuration. The process looks something like this:

The key to getting this setup working well is to weed …

Read the full story »
Networking

Unix and Linux network configuration. Multiple network interfaces. Bridged NICs. High-availability network configurations.

Applications

Reviews of latest Unix and Linux software. Helpful tips for application support admins. Automating application support.

Data

Disk partitioning, filesystems, directories, and files. Volume management, logical volumes, HA filesystems. Backups and disaster recovery.

Monitoring

Distributed server monitoring. Server performance and capacity planning. Monitoring applications, network status and user activity.

Commands & Shells

Cool Unix shell commands and options. Command-line tools and application. Things every Unix sysadmin needs to know.

Home » Archive by Category

Articles in Featured

Validating HTTPS Cache Peers for Squid

January 6, 2020 – 12:38 am
sy2zeb1vp2h8itlxfbbylw0jrm0[1]

I have a squid proxy server that uses a long list of authenticated cache peers in a round-robin configuration. The process looks something like this:

The key to getting this setup working well is to weed …

Analyzing atop Logs with atopsar

December 26, 2019 – 9:52 pm
0h7vjqy3irb9p63bjuuxvd0tq85[1]

I have discussed atop previously but concentrated primarily on how to run it and how to collect data. Now I’d like to spend some time talking about ways to analyze the data collected with atop.

Appending Filenames

December 22, 2019 – 9:51 pm
gk5arsj5ijgmshcbh73vvpkdh2k[1]

If you google how to append, say, current timestamp to the filename in Bash, almost every suggestion boils down to something really basic along the lines of mv $somefile $somefile_$(date +’Y%-%m-%d’). Technically, this is correct …

Selecting Time Ranges from Logs, Part 2

December 16, 2019 – 9:47 pm
4bbqfrqoa4vxlgrr02pg883ozks[1]

A couple of years ago I wrote an article about selecting specific time ranges from log files. I proposed two options: either convert all timestamps to epoch format (a CPU-intensive process) or rely on regex …

Automatically Block Frequent Visitors

December 9, 2019 – 9:45 pm
gea59uduencunzibzb6i3gxn36m[1]

I had a few similar scripts floating around this site, but this one is a bit more all-inclusive and better organized. The script will analyze your firewall/whatever access log and block particularly active visitors.

Detecting Blurry Photos with ImageMagick

December 3, 2019 – 9:43 pm
ll7je7yy7kvxsiw8ibssm0nmqf0-2[1]

Here’s a typical scenario: I go to a birthday party where everyone knows I’m a shutterbug, so I have to bring my camera. As time goes by and blood alcohol concentration rises and attention to …

Working with iptables Logging

November 30, 2019 – 9:41 pm
gpxvtms6cvea4q504jtbxjfwcd5z-2[1]

Most commonly iptables is used to allow, block, or redirect connections. However, it also has a logging feature that can be very useful for network traffic analysis and system security.

Copying File Attributes Across Servers

November 29, 2019 – 9:40 pm
5wqsp02uml4to2k7pe8m63sd7q7[1]

To make long story short, had to fix someone’s chmod -R 777 /. A late-night copy-paste fail, it would seem. Needless to say, console access is required, as SSH will not work with permissions on …

Analyzing Network Performance

November 25, 2019 – 9:37 pm
gly8stqifn615gp3xbc34h64byx-2[1]

Much of network performance analysis will be comparative in nature. Thus, seeing the output of multiple commands side by side can be quite useful. Bash has a useful little utility called pr and we’ll make …

Copying Data in a Restricted Environment

August 17, 2019 – 8:04 pm
o42ex2ebr1lhz7wxo84scrr9iuu

Consider this not-so-hypothetical scenario: you have some data on server_a that you would like to copy to server_b. Unfortunately, these two servers cannot communicate with each other. Nor do they have access to any common …

Raising Dead Services

August 15, 2019 – 2:23 pm
ktd9zk0j9t6vap82rmdxxip6jgg

I suppose you may say all of this can be just as easily done via systemd service config files. Well, yes and no. Yes, it can. And, no, not as easily. Not even close. Because …

IMDb Movie Title Parser in Bash

July 12, 2019 – 7:19 pm
42out6dayezwo4ntrduw5udzq0k-2

This is an update to the IMDb parser I wrote years back. From time to time IMDb makes small changes to their setup that break my script. This time they decided to start blocking curl, …

Plugging iPhone’s Privacy

July 3, 2019 – 11:19 am
0841lqjlj5ql1mfi3s4iyfznsny

Many recent publications , , suggest the iPhone is full of security holes threatening your privacy. The threat seems to be coming not so much from the phone’s operating system, but from the apps, …

Squeezing Video Files

June 30, 2019 – 11:16 am
sqsb8tfjfhkyxgnmnq8dqzdbbdm

All that crap I’ve been saving from YouTube, Facebook and whatnot tends to add up. As quality is not a huge concern here (not that it was very high to begin with), optimizing those video …

Finding Passwords in Logs and Shell History

June 27, 2019 – 11:15 am
odjxa5y2t4lq4jzrfzv1cf3pvzw

Sooner or later it will happen: you type something after which you expect a password prompt then, without looking, you type the password. However, you fat-fingered the first command, and your password ended up in …

Creating a Chroot Jail for SSH Access

April 17, 2019 – 4:51 pm
Photo-2019-03-25-16-55-55_2462

Just a quick collection of notes on – rather than a definitive guide to – setting up an SSH chroot jail on RHEL 6. The same should work on RHEL 7 and unrelated flavors. For …

Encrypting Log Data During Log Rotation

April 9, 2019 – 4:12 pm
zbndpnm52bwk2uvwwyu9uomvglc

Most log files do not contain personally-identifiable information or other sensitive data. And even if they do, encryption of all personal data is not mandatory under GDPR. Still, on occasion, for testing and troubleshooting purposes …

DevOps Obfuscation

April 6, 2019 – 4:10 pm
1wwk5j68lvbgnevinwc1w265zqd

Some years ago I’ve been reading “DevOps in Straight English” by Magnus Hedemark  and encountered the Release Frequency vs. Risk chart that supposedly illustrated the advantages of DevOps. It seemed convincing enough to not give …

Gnuplot with Bash

April 2, 2019 – 4:08 pm
4804B26A-4735-42D4-AAA8-AF5DAADA39E9

OK, so both of these things have been around forever and will be around long after we’re gone. It’s worth your time to learn how to use the to together.

File Compression Testing

January 27, 2019 – 5:29 pm
IMG_2308

For some reason I haven’t used zip much on Linux, sticking to the standard tar/gzip combo. But zip seems to be a viable alternative. While not as space-efficient, it is definitely faster; syntax is simple; …

Killing Process Network Access

January 27, 2019 – 4:45 pm
IMG_1941[1]

Imagine this scenario: a particular process on your server is connecting to a host outside your internal network and you don’t like that. On the other hand, you can’t just kill that process because you need it.

Installing t CLI power tool for Twitter

January 21, 2019 – 4:41 pm
k0c1xg3f9erebub0aeel9842kih-1[1]

The ‘t’ is an excellent Ruby-based CLI utility for interacting with the Twitter API written by Erik Berlin. This is certainly not the only such tool available, but, in my estimation, it is the most full-featured and expertly-written. No amateur-hour coding here.