Unix

Blocking web traffic behind an Elastic Load Balancer (ELB)

Over the past few hours we’ve been on the receiving end of a fairly large scale set of web requests (read: attack) to a website we host over on Amazon EC2. Our setup is not really that complicated, however we encountered a problem that wasn’t that easy to solve.


Read more

Share Comments

Using ferm to build firewall rulesets

This post is thanks to a suggestion from JP Viljoen to check out ferm. Well, I did, and it’s fairly neat. You get to express your firewall configuration in structures resembling simple C code along with using things like arrays, functions and if / else constructs which makes building complex rulesets quite a simple task.

I’ve included an example configuration below of one of my machines. The network configuration is not extremely complex, but there is a mix of IPv4, IPv6 and - as this is an IRC server - some DNAT to make the IRC service available on a number of other privileged ports without having the service actually listen on those ports. This particular server is running Debian however ferm is basically just a front to ip(6)tables so it’ll run pretty much anywhere that runs.


Read more

Share Comments

Getting Git man pages on OS X

For some reason the OS X install of Git doesn’t include the manpages. Here is how I installed them.


Read more

Share Comments

Using an alternative mirror for FreeBSD port retrieval

This is something I always search for which doesn’t seem to be very clear from the initial results. The mirrors included below are South Africa specific, so if you are not in South Africa then replace the hostname with something more appropriate for your location.


Read more

Share Comments

Using a ZFS filesystem with Time Machine

This simple how-to explains how to get your Time Machine backups working with a ZFS filesystem. This allows you to use the features of ZFS filesystems for your Time Machine backups.

Please note this is for Mac OS X - Snow Leopard.


Read more

Share Comments

Quick Solaris zone stats

Add this: alias zonestat="prstat -vZ 1 1 | grep -A50 ‘^ZONEID’" to your ~/.profile and you should see something like this when running it: [email protected]:~# zonestat ZONEID NPROC SWAP RSS MEMORY TIME CPU ZONE 0 58 1198M 1206M 30% 16:15:40 1.7% global 6 25 172M 175M 4.4% 0:03:14 0.0% cl-build 2 27 48M 31M 0.8% 0:00:47 0.0% mirror Total: 110 processes, 534 lwps, load averages: 0.09, 0.08, 0.07

Read more

Share Comments

The basics of ZFS ACLs

This post was mostly inspired by reading this post in trying to get my head around the ZFS ACL and permission system.


Read more

Share Comments

Run something as another user

Here is a simple way to run something on UNIX / Linux as another user, without having to resort to weird sudo incantations. The Makefile is left as an exercise for the reader.

This has only been tested on FreeBSD, Debian Linux and OpenSolaris so far.


Read more

Share Comments