If you have a server with multiple interfaces – either public and/or private – your routing table might look something like this:
| || |
sh# ip route list
default via 184.108.40.206 dev eth1 metric 100
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.51
220.127.116.11/23 dev eth1 proto kernel scope link src 18.104.22.168
22.214.171.124/28 dev eth2 proto kernel scope link src 126.96.36.199
This example shows one private interface with IP 192.168.0.51, two public interfaces with IPs 188.8.131.52 and 184.108.40.206, and a default route to 220.127.116.11. This means that any traffic to/from an IP outside the interface’s subnets is sent to 18.104.22.168 — and this is where problems occur (and probably why you’re reading this article). ;-)
A few weeks ago I mentioned the wesley.pl script from GitHub to optimize images, and how I had modified it to keep (or discard) the EXIF / XMP information. Making sure images are as small as possible is important to save bandwidth and improve page load times (and google rank), so I think it’s worth discussing my image optimization process in more detail.
When an encrypted VPN is not available, the next best solution is usually port-forwarding one or more port(s) through an SSH tunnel. The down-side of SSH is that by itself it cannot maintain a persistent connection — network issues may force the tunnel to stop responding, or even drop completely. Autossh is a small front-end for SSH that can monitor the connection, and restart the tunnel if it drops or stops responding. I found that the startup scripts available for autossh on the internet were a little too basic for my needs — I wanted autossh to start multiple connections, and to start/stop each one individually if I needed — so I wrote my own.
I wrote a bash script this morning to report the size of WordPress cache folders, the number of files they contain, read each file to prime the OS disk cache, and optionally flush the OS disk cache as well. This might be a script you could execute to email a daily/weekly report of cache folder sizes, or perhaps execute during/after booting a server to prime the OS disk cache, or even on a regular schedule to make sure the OS cache is always primed. The script also has a “flush” argument to sync and drop the OS disk cache, which isn’t very useful (to me) except to see the difference in speed between a clean and primed cache (about 11s vs 0.4s for all websites on my server).
Recently, a co-worker was asking about my configuration for connecting to the corporate VPN, and I thought the information might be useful for others as well — I use a combination of Tunnelblick; an OpenVPN client for Mac OS X, Sidekick; an application that changes Mac OS X settings based on your physical location (and/or network SSID, etc.), and a little shell script I wrote to start the VPN, define additional routes, and update my dynamic DNS hostname.
I had to update several reverse zone files today, so wrote a quick for-loop in bash to freeze and thaw all the zones. The script parsed the zone file names and reversed them into a proper
d.c.b.a.in-addr.arpa format. Later I tweaked it with sed to make it more flexible (in order to pass it a full or partial IP address), but ended up using
tac for the reversing part instead – that’s what it’s made for after all. And if you’re wondering what
tac stand for, just read
cat backwards. :-)
I recently found myself needing to scrape information from a website that uses login credentials. The authentication and session information was available in several cookies, which Wget could use, if the cookies were stored in a plain text file. I used Firefox to login and set the cookies, but Firefox saves it’s cookies in an sqlite data file, which must be exported before Wget can use it. A quick Google search turned up a few possible methods using sqlite3, which I’ve adapted here to use with Wget. I’ve also added some additional (example) code to extract hrefs and print them out, along with the webpage url. The script is called with the target url as the only command line argument.
I recently began using csshx, a terminal cluster application for Mac OS X. csshx opens one terminal window per cluster node, and another window to capture keyboard input and send it to all others. This allows me to manage several servers at once, provided they are identical enough for my intended purpose.
Continuing the earlier idea of Autocompleting SSH Hostnames, here’s a useful addition to your /etc/profile.d/complete.sh file for users of csshx.
I wrote the following nsupdate-ddns.sh script to update the dynamic DNS entry for my laptop when switching network locations. There are several ways to execute a script like this automatically (cronjob, startup script, launcher, etc.) — I chose to use Sidekick for Mac OS X, which allows me to execute it when switching locations (either network or physical). This script can also create the private authentication key needed by the DDNS BIND server, and will display some sample configuration values. If you’re setting up a new DDNS BIND server, you can use the examples to configure your dynamic zone file.
There are plenty of SSH autocomplete (or command-line completion) scripts available on the web, but I found most don’t go far enough — they usually just parse the ~/.ssh/known_hosts, ignoring the ~/.ssh/config and /etc/hosts files. Some of these scripts also generate a static autocomplete list at login, and can’t include new hostnames added during the session. The following script uses a function call to autocomplete hostnames dynamically, and fetches hostnames from the ~/.ssh/known_hosts, ~/.ssh/config and system-wide /etc/hosts file.