random stuff
scripts and apps that might be useful for somebody out there
openVZ autobridge script
When you use openVZ you will sooner or later need virtual ethernet interfaces
in your VEs you're going to bridge to an interface on your host node. Though
openVZ included the optional "bridge" parameter to their configuration
specification, they do not provide an automatic way of dealing with it once you
set it up so you'll have to take care about it yourself.
This script allows you to bridge the virtual ethernet interface automatically
to the hosts interface you specified within your VEs configuration once you start
a VE. All you have to do is storing it with execution permissions and starting it
as "./vzbridge.sh $VEID &" with the vps.mount event.
pflog to logstalgia converter
Actually it is an pflog to apache access log converter, but its primary use is
to visualize current ( or former ) pf activity in logstalgia - and it's pretty
simple :)
Teach your PF to log the packets that are accepted or dropped.
To show how the packets are handled - we want accepted packets to pass the paddle, while dropped
or rejected packets should be reflected back to the clients - that seems to be the right way to show how
packets are prohibited to pass the perimeter.
Use tcpdump on the pf logging interface to get a more or less real time output of accepted and dropped
packets. Since logstalgia won't understand the PF logging format, you pipe this output through my script.
My script is called "transmogrify" and just uses a bunch of standard tools ( grep, count, cut, ... ) in order to
"convert" ( or transmogrifying ;-) ) pf log lines into Apache log lines.
At the moment, it converts:
• PF: Source IP -> Apache: Client IP
• PF: Dest IP & Port -> Apache: Requested Resource Name
• PF: Action Drop -> Apache: Status Code 200 (OK)
• PF: Action Accept -> Apache: Status Code 404 (Not found)
• current time -> Apache: timestamp
I'm not taking care of the size as of now, feel free to consider that too.
The command line for the conversion progress is:
tcpdump -n -e -ttt -l -i pflog0 "ip proto \\tcp or \\udp or \\icmp" | transmogrify.sh >> /tmp/logstalgia.input &
As you can see, the output of my script is written to a tmp file you can use as
input for logstalgia:
tail -f /tmp/logstalgia.input | logstalgia -f --sync --hide-response-code -
( note the "-" at the end that is used to let logstalgia read from STDIN instead of a file )
|
|