Posts Tagged ‘ubuntu’

sipcalc

By Mark Davidson on March 11th, 2010

While setting up some iptables rules the other day to allow connections from a clients IP range to are servers in London. I needed to translate an IP range expressed as a CIDR to real from and to values. I remembered being taught how to do so in college but that was a long time ago now so was looking for an online tool, I couldn’t find any I liked so I checked for a Linux tool. I found one called sipcalc which is really good. Not only can it do what I needed with translating the CIDR notation it can do a few other calculations / conversions as well.

Simple install process under Ubuntu just the usual

sudo apt-get install sipcalc

Once install its ready to go. To convert an IP range expressed in CIDR format you simply do

sipcalc 165.19.104.1/23
-[ipv4 : 165.19.104.1/23] - 0

[CIDR]
Host address            - 165.19.104.1
Host address (decimal)  - 2769512449
Host address (hex)      - A5136801
Network address         - 165.19.104.0
Network mask            - 255.255.254.0
Network mask (bits)     - 23
Network mask (hex)      - FFFFFE00
Broadcast address       - 165.19.105.255
Cisco wildcard          - 0.0.1.255
Addresses in network    - 512
Network range           - 165.19.104.0 - 165.19.105.255
Usable range            - 165.19.104.1 - 165.19.105.254

This is what I needed to do and it worked just fine giving me the network range and more.

Another useful one is to pass in an IP address and subnet mask this once again is a simple way of getting details about the IP range

sipcalc 10.0.1.84 255.255.0.0
-[ipv4 : 10.0.1.84 255.255.255.0] - 0

[CIDR]
Host address            - 10.0.1.84
Host address (decimal)  - 167772500
Host address (hex)      - A000154
Network address         - 10.0.1.0
Network mask            - 255.255.255.0
Network mask (bits)     - 24
Network mask (hex)      - FFFFFF00
Broadcast address       - 10.0.1.255
Cisco wildcard          - 0.0.0.255
Addresses in network    - 256
Network range           - 10.0.1.0 - 10.0.1.255
Usable range            - 10.0.1.1 - 10.0.1.254

The final example which is probably the most useful to people is to pass in an interface as the parameter

sipcalc -i eth0
-[int-ipv4 : eth0] - 0

[CIDR]
Host address            - 109.123.80.196
Host address (decimal)  - 1836798148
Host address (hex)      - 6D7B50C4
Network address         - 109.123.80.0
Network mask            - 255.255.255.0
Network mask (bits)     - 24
Network mask (hex)      - FFFFFF00
Broadcast address       - 109.123.80.255
Cisco wildcard          - 0.0.0.255
Addresses in network    - 256
Network range           - 109.123.80.0 - 109.123.80.255
Usable range            - 109.123.80.1 - 109.123.80.254
Posted in
Tags

WordPress Suhosin Memory Limit

By Mark Davidson on February 27th, 2010

On my last post I was uploading some images to include in the post using WordPress. I noticed in my error logs that while resizing the images the PHP script attempts to raise the memory limit.

Feb 26 22:52:29 host suhosin[9636]: ALERT - script tried to increase memory_limit to 268435456 bytes which is above the allowed value (attacker 'XXX.XXX.XXX.XXX', file '/var/www/wordpress/wp-admin/includes/image.php', line 161)

This is fair enough and is a good idea for security and to stop your server getting overloaded by a single script. So I looked into how to fix this and its a very simple process.

You need to edit your suhosin config. I am doing this under Ubuntu 9.04 mine is located ‘/etc/php5/apache2/conf.d/suhosin.ini’. To fix it for WordPress just add the setting `suhosin.memory_limit` to the config file with the appropriate value in the case of WordPress it needs to be set to 256.

Your config should end up looking like this

extension=suhosin.so
[suhosin]
suhosin.memory_limit = 256M

that is it really very simple. I am going to have a bit of a tweak with suhosin config later I think the default config can be improved a lot.

Posted in
Tags

mod_security & mod_deflate

By Mark Davidson on February 24th, 2010

Recently with having mod_security running on this server I noticed some errors in the mod_security logs in relation to content encoding

[22/Feb/2010:20:41:06 +0000] [www.pablumfication.co.uk/sid#7f5543997918][rid#7f5543ef1228][/wp-admin/load-styles.php][2] Warning. Operator EQ matched 0 at GLOBAL. [file "/etc/apache2/conf.d/modsecurity/modsecurity_crs_30_http_policy.conf"] [line "120"] [id "960903"] [msg "ModSecurity does not support content encodings"] [severity "WARNING"]

I did a bit of research into the error and found a good post on Klaubert’s Blog – modsecurity vs content compression he suggests a mod_deflate config. He also mentions gmane Mail Archive Rule 960903 – content encodings post where the orignal config is from.

The config file seems to work perfectly but I just thought I would make this post to add a bit of a step by step to making this configuration file work under a standard Ubuntu 9.04 install running mod_security as it is likely that all the required modules will not be enabled by default.

First enable the following modules

sudo a2enmod ext_filter
sudo a2enmod headers
sudo a2enmod filter

Next using your favourite editor start editing /etc/apache2/mods-enabled/deflate.conf and comment out the existing content then add the following.

<IfModule mod_deflate.c>
 ExtFilterDefine nodeflate mode=output cmd=/bin/true \
 enableenv=SomeVarThatWillNeverBeSet

 SetOutputFilter DEFLATE

 # Netscape 4.x has some problems¦
 BrowserMatch ^Mozilla/4 gzip-only-text/html
 # Netscape 4.06-4.08 have some more problems
 BrowserMatch ^Mozilla/4\.0[678] no-gzip
 # IE is ok, but looked like Netscape, so we reset it
 BrowserMatch \bMSIE !no-gzip !gzip-only-text/html

 SetEnvIfNoCase Accept-Encoding gzip force-gzip
 SetEnvIfNoCase TE gzip force-gzip

 RequestHeader unset Accept-Encoding
 RequestHeader unset TE

 # Skip images based on extension
 SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png|zip|exe|swf|mp?eg|mp3|tgz|tar.gz|avi|ico|gz)$ no-gzip dont-vary

 # Make sure caching still works
 Header append Vary User-Agent env=!dont-vary

 <IfModule mod_security2.c>
 FilterDeclare modsec CONTENT_SET
 FilterProvider modsec modsecurity_out env=modsec-ignore !=1
 </IfModule>

 FilterDeclare compress CONTENT_SET
 FilterProvider compress deflate env=force-gzip =1
 #FilterProvider compress inflate Content-Type $image/jpeg
 #FilterProvider compress inflate Content-Type $image/gif
 #FilterProvider compress inflate Content-Type $image/png

 FilterProtocol compress "change=yes"
 <IfModule mod_security2.c>
 FilterChain modsec compress
 </IfModule>

 <IfModule !mod_security2.c>
 FilterChain compress
 </IfModule>
</IfModule>

Lastly restart apache

sudo apache2ctl graceful

and thats it done this should allow for mod_security & mod_deflate to run on the server together without erroring.

Posted in
Tags
Older Entries Newer Entries