Welcome

Snippets is a public source code repository. Easily build up your personal collection of code snippets, categorize them with tags / keywords, and share them with the world (or not, you can keep them private!)

What next?
1. Bookmark us with del.icio.us or Digg Us!
2. Subscribe to this site's RSS feed
3. Browse the site.
4. Post your own code snippets to the site!

1202 total

On This Page:

  1. 1 Analyze internet traffic volume with dynamic ipfw rules
  2. 2 backreferences textmate
  3. 3 Block internet traffic to specified web sites on the fly
  4. 4 Enable internet traffic via specified ports through ipfw
  5. 5 List whois servers on Mac OS X
  1. 6 Create & resolve Mac-type aliases from the command line
  2. 7 httpd.conf snippet to append to get mod_jk tomcat apache running with apache2 in Leopard 10.5
  3. 8 workers.properties file in /private/etc/apache2/ to get mod_jk apache tomcat running with apache2 in Leopard 10.5
  4. 9 Enable access to specified web sites through ipfw
  5. 10 Command line audio players for Mac OS X

Analyze internet traffic volume with dynamic ipfw rules

to shell osx mac bash unix dynamic web ipfw internet traffic volume rule by jvs on Oct 11, 2008 
man ipfw 2>/dev/null | less -p "If the ruleset"
man ipfw 2>/dev/null | less -p "These dynamic rules"
man ipfw 2>/dev/null | less -p "All rules"

man ipfw 2>/dev/null | less -p "STATEFUL FIREWALL"     # press [n]
man ipfw 2>/dev/null | less -p "SYSCTL VARIABLES"
man ipfw 2>/dev/null | less -p "EXAMPLES"
man ipfw 2>/dev/null | less -p "DYNAMIC RULES"

/usr/bin/sudo /sbin/ipfw -d -e -t list
/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/sed -E -n -e '/^## Dynamic rules/,$p'
/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/awk '/^## Dynamic rules/,/^$/ {print $0}'
/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/awk '/<->/ {print $0}'
/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/awk '{ if ( $0 ~ /<->/ ) {print $0}}'

/usr/bin/sudo /sbin/ipfw -d -e -t list | grep RULENUM
/usr/bin/sudo /sbin/ipfw -d -e -t list | grep IPADDR

/usr/sbin/sysctl -a | egrep 'tcp'
/usr/sbin/sysctl -a | egrep 'net.inet'
/usr/sbin/sysctl -a | egrep '\.fw'
/usr/sbin/sysctl -a | egrep 'ip.fw'
/usr/sbin/sysctl -a | egrep 'li[fv]e'
/usr/sbin/sysctl -a | egrep 'ip.fw.+life'

/usr/sbin/sysctl -n net.inet.tcp.always_keepalive
/usr/sbin/sysctl -n net.inet.ip.fw.dyn_keepalive
/usr/sbin/sysctl -n net.inet.ip.fw.dyn_buckets
/usr/sbin/sysctl -n net.inet.ip.fw.dyn_count
/usr/sbin/sysctl -n net.inet.ip.fw.dyn_max


# list all dynamic ipfw rules

function ipfwtraffic() {

   declare args argsregex bytes megabytes

   if [[ $# -eq 0 ]]; then

      /usr/bin/sudo /sbin/ipfw -d -e -t list | \
         /usr/bin/awk '/<->/ {printf "%-10s %-10s %-20s %-10s %-20s %-10s %-10s\n", $3, $6, $7, $8, $10, $11, $1}' | \
         /usr/bin/sort -bu | while IFS=" " read  bytes proto ipnum1 port1 ipnum2 port2 rulenum; do

      # byte
      #bytes=$(printf "%s\n" "${bytes}" | /usr/bin/awk '{ total = total + $1 } END { print total }')
      #printf "\e[1mbytes\e[m: %-17s %-10s %-40s \e[1mrule\e[m: %-15s \e[1mports\e[m: %-15s\n" \
           #"${bytes}" "${proto}" "${ipnum1}  ::  ${ipnum2}" "${rulenum}" "${port1}  ${port2}"

      # mega byte
      megabytes=$(printf "%s\n" "${bytes}" | /usr/bin/awk '{ total = (total + $1) / (1024*1024.0) } END { print total }')
      printf "\e[1mmbytes\e[m: %-17s %-10s %-40s \e[1mrule\e[m: %-15s \e[1mports\e[m: %-15s\n" \
           "${megabytes}" "${proto}" "${ipnum1}  ::  ${ipnum2}" "${rulenum}" "${port1}  ${port2}"

      #done | /usr/bin/sort -rn -k 2,2
      done | /usr/bin/sort -rn -k 2,2 | egrep -v '^[^ ]+ +[^ ]+e[^ ]+'

   else

      args="${@}"
      if [[ "${args}" != "${args//[^. [:digit:]]/}" ]]; then 
         printf "%s\n" 'Found at least one invalid rule number or IP address!'
         return 1
      fi

      if [[ "${args//[ [:digit:]]/}" == '' ]]; then 
         argsregex="^0*(${args// /|})"    #  ipfw rule numbers 
      else
         argsregex="(${args// /|})"    #  IP addresses
      fi
    
      #echo $argsregex

      /usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/egrep "${argsregex}" | \
         /usr/bin/awk '/<->/ {printf "%-10s %-10s %-20s %-10s %-20s %-10s %-10s\n", $3, $6, $7, $8, $10, $11, $1}' | \
         /usr/bin/sort -bu | while IFS=" " read  bytes proto ipnum1 port1 ipnum2 port2 rulenum; do

      # byte
      #bytes=$(printf "%s\n" "${bytes}" | /usr/bin/awk '{ total = total + $1 } END { print total }')
      #printf "\e[1mbytes\e[m: %-17s %-10s %-40s \e[1mrule\e[m: %-15s \e[1mports\e[m: %-15s\n" \
           #"${bytes}" "${proto}" "${ipnum1}  ::  ${ipnum2}" "${rulenum}" "${port1}  ${port2}"

      # mega byte
      megabytes=$(printf "%s\n" "${bytes}" | /usr/bin/awk '{ total = (total + $1) / (1024*1024.0) } END { print total }')
      printf "\e[1mmbytes\e[m: %-17s %-10s %-40s \e[1mrule\e[m: %-15s \e[1mports\e[m: %-15s\n" \
           "${megabytes}" "${proto}" "${ipnum1}  ::  ${ipnum2}" "${rulenum}" "${port1}  ${port2}"

      #done | /usr/bin/sort -rn -k 2,2
      done | /usr/bin/sort -rn -k 2,2 | egrep -v '^[^ ]+ +[^ ]+e[^ ]+'

   fi

   return 0
}



# usage:
# ipfwtraffic
# ipfwtraffic [rulenum1] [rulenum2] [rulenum3] ...
# ipfwtraffic [ipaddr1] [ipaddr2] [ipaddr3] ...


ipfwtraffic
ipfwtraffic  9600 10600 11000
ipfwtraffic xx.xxx.xx.xxx xx.xxx.xx.xx

ipfwtraffic | grep 'xx.xxx.xx.xx'



#------------------------------------------------------------------------------



# summarize pairs of IP addresses

function ipfwdynstats() {

   declare args argsregex dynrules ipaddr_pairs

   OIFS=${IFS}
   IFS=$'\n'

   if [[ $# -eq 0 ]]; then

      ipaddr_pairs=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/awk '/<->/ {print $7, $10}' | /usr/bin/sort -bu))
      dynrules=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/awk '/<->/ {print $7, $8, $10, $11, $6, $2, $3, $1}' | /usr/bin/sort -bu))

   else

      args="${@}"
      if [[ "${args}" != "${args//[^. [:digit:]]/}" ]]; then 
         printf "%s\n" 'Found at least one invalid rule number or IP address!'
         return 1
      fi

      if [[ "${args//[ [:digit:]]/}" == '' ]]; then 
         argsregex="^0*(${args// /|})"    #  ipfw rule numbers 
      else
         argsregex="(${args// /|})"    #  IP addresses
      fi
    
      #echo $argsregex

      ipaddr_pairs=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/egrep "${argsregex}" | \
           /usr/bin/awk '/<->/ {print $7, $10}' | /usr/bin/sort -bu))
      dynrules=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/egrep "${argsregex}" | \
           /usr/bin/awk '/<->/ {print $7, $8, $10, $11, $6, $2, $3, $1}' | /usr/bin/sort -bu))

   fi


for ((i=0; i < "${#ipaddr_pairs[@]}"; i++)); do 

   # byte
   #bytesum=$(printf "%s\n" "${dynrules[@]}" | \
        #/usr/bin/awk "{ if ( \$1 == \"${ipaddr_pairs[${i}]% *}\" && \$3 == \"${ipaddr_pairs[${i}]#* }\" ) print \$7 }" | \
        #/usr/bin/awk '{ total = total + $1 } END { print total }')

   # mega byte
   bytesum=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk "{ if ( \$1 == \"${ipaddr_pairs[${i}]% *}\" && \$3 == \"${ipaddr_pairs[${i}]#* }\" ) print \$7 }" | \
        /usr/bin/awk '{ total = (total + $1) / (1024*1024.0) } END { print total }')

   proto=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk "{ if ( \$1 == \"${ipaddr_pairs[${i}]% *}\" && \$3 == \"${ipaddr_pairs[${i}]#* }\" ) print \$5 }" | \
        /usr/bin/sort -bu)

   rule=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk "{ if ( \$1 == \"${ipaddr_pairs[${i}]% *}\" && \$3 == \"${ipaddr_pairs[${i}]#* }\" ) print \$NF }" | \
        /usr/bin/sort -bu)

   ports=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk "{ if ( \$1 == \"${ipaddr_pairs[${i}]% *}\" && \$3 == \"${ipaddr_pairs[${i}]#* }\" ) print \$2, \$4 }" | \
        /usr/bin/sort -bu)

   # byte
   #printf "%-15s %-10s %-40s %-30s \e[1m%-30s\e[m\n" \
        #"bytes: ${bytesum}" "${proto//[[:cntrl:]]/, }" "${ipaddr_pairs[${i}]% *}  ::  ${ipaddr_pairs[${i}]#* }" \
        #"rules: ${rule//[[:cntrl:]]/, }" "ports: ${ports//[[:cntrl:]]/, }"

   # mega byte
   printf "\e[1mmbytes\e[m: %-15s %-10s %-40s \e[1mrules\e[m: %-25s \e[1mports\e[m: %-30s\n" \
        "${bytesum}" "${proto//[[:cntrl:]]/, }" "${ipaddr_pairs[${i}]% *}  ::  ${ipaddr_pairs[${i}]#* }" \
        "${rule//[[:cntrl:]]/, }" "${ports//[[:cntrl:]]/, }"

#done | /usr/bin/sort -rn -k 2,2
done | /usr/bin/sort -rn -k 2,2 | /usr/bin/egrep -v '^[^ ]+ +[^ ]+e[^ ]+'

   export IFS=${OIFS}
   return 0
}

# usage:
# ipfwdynstats
# ipfwdynstats [rulenum1] [rulenum2] [rulenum3] ...
# ipfwdynstats [ipaddr1] [ipaddr2] [ipaddr3] ...


ipfwdynstats
ipfwdynstats  5200 12700
ipfwdynstats xx.xxx.xx.xxx xxx.xxx.xx.xxx



#------------------------------------------------------------------------------



# list port-specific internet traffic

function porttraffic() {

   declare args argsregex dynrules ipaddr_pairs

   OIFS=${IFS}
   IFS=$'\n'

   if [[ $# -eq 0 ]]; then
   
      printf "%s\n" 'No port number given!'
      return 1
   
   elif [[ $# -eq 1 ]]; then

      ipaddr_pairs=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | \
         /usr/bin/awk "{ if ( \$0 ~ /<->/ && ( \$8 == "${1}" || \$11 == "${1}" ) ) {print \$7, \$10 }}" | /usr/bin/sort -bu))

      dynrules=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | \
         /usr/bin/awk "{ if ( \$0 ~ /<->/ && ( \$8 == "${1}" || \$11 == "${1}" ) ) {print \$7, \$8, \$10, \$11, \$6, \$2, \$3, \$1} }" | \
         /usr/bin/sort -bu))

   else

      args="${@:2}"   # all arguments starting with the second
      if [[ "${args}" != "${args//[^. [:digit:]]/}" ]]; then 
         printf "%s\n" 'Found at least one invalid rule number or IP address!'
         return 1
      fi

      if [[ "${args//[ [:digit:]]/}" == '' ]]; then 
         argsregex="^0*(${args// /|})"    #  ipfw rule numbers 
      else
         argsregex="(${args// /|})"    #  IP addresses
      fi
    
      #echo $argsregex

      ipaddr_pairs=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/egrep "${argsregex}" | \
         /usr/bin/awk "{ if ( \$0 ~ /<->/ && ( \$8 == "${1}" || \$11 == "${1}" ) ) {print \$7, \$10 }}" | /usr/bin/sort -bu))


      dynrules=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/egrep "${argsregex}" | \
         /usr/bin/awk "{ if ( \$0 ~ /<->/ && ( \$8 == "${1}" || \$11 == "${1}" ) ) {print \$7, \$8, \$10, \$11, \$6, \$2, \$3, \$1}}" | \
         /usr/bin/sort -bu))

   fi


for ((i=0; i < "${#ipaddr_pairs[@]}"; i++)); do 

   # byte
   #bytesum=$(printf "%s\n" "${dynrules[@]}" | \
        #/usr/bin/awk "{ if ( \$1 == \"${ipaddr_pairs[${i}]% *}\" && \$3 == \"${ipaddr_pairs[${i}]#* }\" ) print \$7 }" | \
        #/usr/bin/awk '{ total = total + $1 } END { print total }')

   # mega byte
   bytesum=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk "{ if ( \$1 == \"${ipaddr_pairs[${i}]% *}\" && \$3 == \"${ipaddr_pairs[${i}]#* }\" ) print \$7 }" | \
        /usr/bin/awk '{ total = (total + $1) / (1024*1024.0) } END { print total }')

   proto=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk "{ if ( \$1 == \"${ipaddr_pairs[${i}]% *}\" && \$3 == \"${ipaddr_pairs[${i}]#* }\" ) print \$5 }" | \
        /usr/bin/sort -bu)

   rule=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk "{ if ( \$1 == \"${ipaddr_pairs[${i}]% *}\" && \$3 == \"${ipaddr_pairs[${i}]#* }\" ) print \$NF }" | \
        /usr/bin/sort -bu)

   ports=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk "{ if ( \$1 == \"${ipaddr_pairs[${i}]% *}\" && \$3 == \"${ipaddr_pairs[${i}]#* }\" ) print \$2, \$4 }" | \
        /usr/bin/sort -bu)

   # byte
   #printf "%-15s %-10s %-40s %-30s \e[1m%-30s\e[m\n" \
        #"bytes: ${bytesum}" "${proto//[[:cntrl:]]/, }" "${ipaddr_pairs[${i}]% *}  ::  ${ipaddr_pairs[${i}]#* }" \
        #"rules: ${rule//[[:cntrl:]]/, }" "ports: ${ports//[[:cntrl:]]/, }"

   # mega byte
   printf "\e[1mmbytes\e[m: %-15s %-10s %-40s \e[1mrules\e[m: %-25s \e[1mports\e[m: %-30s\n" \
        "${bytesum}" "${proto//[[:cntrl:]]/, }" "${ipaddr_pairs[${i}]% *}  ::  ${ipaddr_pairs[${i}]#* }" \
        "${rule//[[:cntrl:]]/, }" "${ports//[[:cntrl:]]/, }"

#done | /usr/bin/sort -rn -k 2,2
done | /usr/bin/sort -rn -k 2,2 | /usr/bin/egrep -v '^[^ ]+ +[^ ]+e[^ ]+'

   export IFS=${OIFS}
   return 0
}


# usage:
# porttraffic [portnum]
# porttraffic [portnum] [rulenum1] [rulenum2] [rulenum3] ...
# porttraffic [portnum] [ipaddr1] [ipaddr2] [ipaddr3] ...


porttraffic 80
porttraffic 80 5200 12700 7100
porttraffic 80 xx.xxx.xx.xxx xxx.xxx.xx.xxx



#------------------------------------------------------------------------------



# list rule-specific internet traffic

function ruletraffic() {

   declare args argsregex dynrules ipaddr_pairs

   OIFS=${IFS}
   IFS=$'\n'

   if [[ $# -eq 0 ]]; then
   
      printf "%s\n" 'No rule number given!'
      return 1
   
   elif [[ $# -eq 1 ]]; then

      ipaddr_pairs=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | \
         /usr/bin/awk "{ if ( \$0 ~ /<->/ && \$1 == "${1}" ) {print \$7, \$10 }}" | /usr/bin/sort -bu))

      dynrules=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | \
         /usr/bin/awk "{ if ( \$0 ~ /<->/ && \$1 == "${1}" ) {print \$7, \$8, \$10, \$11, \$6, \$2, \$3, \$1} }" | \
         /usr/bin/sort -bu))

   else

      args="${@:2}"   # all arguments starting with the second
      if [[ "${args}" != "${args//[^. [:digit:]]/}" ]]; then 
         printf "%s\n" 'Found at least one invalid rule number or IP address!'
         return 1
      fi

      if [[ "${args//[ [:digit:]]/}" == '' ]]; then 
         argsregex="^0*(${args// /|})"    #  ipfw rule numbers 
      else
         argsregex="(${args// /|})"    #  IP addresses
      fi
    
      #echo $argsregex

      ipaddr_pairs=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/egrep "${argsregex}" | \
         /usr/bin/awk "{ if ( \$0 ~ /<->/ && \$1 == "${1}" ) {print \$7, \$10 }}" | /usr/bin/sort -bu))


      dynrules=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/egrep "${argsregex}" | \
         /usr/bin/awk "{ if ( \$0 ~ /<->/ && \$1 == "${1}" ) {print \$7, \$8, \$10, \$11, \$6, \$2, \$3, \$1}}" | \
         /usr/bin/sort -bu))

   fi


for ((i=0; i < "${#ipaddr_pairs[@]}"; i++)); do 

   # byte
   #bytesum=$(printf "%s\n" "${dynrules[@]}" | \
        #/usr/bin/awk "{ if ( \$1 == \"${ipaddr_pairs[${i}]% *}\" && \$3 == \"${ipaddr_pairs[${i}]#* }\" ) print \$7 }" | \
        #/usr/bin/awk '{ total = total + $1 } END { print total }')

   # mega byte
   bytesum=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk "{ if ( \$1 == \"${ipaddr_pairs[${i}]% *}\" && \$3 == \"${ipaddr_pairs[${i}]#* }\" ) print \$7 }" | \
        /usr/bin/awk '{ total = (total + $1) / (1024*1024.0) } END { print total }')

   proto=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk "{ if ( \$1 == \"${ipaddr_pairs[${i}]% *}\" && \$3 == \"${ipaddr_pairs[${i}]#* }\" ) print \$5 }" | \
        /usr/bin/sort -bu)

   rule=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk "{ if ( \$1 == \"${ipaddr_pairs[${i}]% *}\" && \$3 == \"${ipaddr_pairs[${i}]#* }\" ) print \$NF }" | \
        /usr/bin/sort -bu)

   ports=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk "{ if ( \$1 == \"${ipaddr_pairs[${i}]% *}\" && \$3 == \"${ipaddr_pairs[${i}]#* }\" ) print \$2, \$4 }" | \
        /usr/bin/sort -bu)

   # byte
   #printf "%-15s %-10s %-40s %-30s \e[1m%-30s\e[m\n" \
        #"bytes: ${bytesum}" "${proto//[[:cntrl:]]/, }" "${ipaddr_pairs[${i}]% *}  ::  ${ipaddr_pairs[${i}]#* }" \
        #"rules: ${rule//[[:cntrl:]]/, }" "ports: ${ports//[[:cntrl:]]/, }"

   # mega byte
   printf "\e[1mmbytes\e[m: %-15s %-10s %-40s \e[1mrules\e[m: %-25s \e[1mports\e[m: %-30s\n" \
        "${bytesum}" "${proto//[[:cntrl:]]/, }" "${ipaddr_pairs[${i}]% *}  ::  ${ipaddr_pairs[${i}]#* }" \
        "${rule//[[:cntrl:]]/, }" "${ports//[[:cntrl:]]/, }"

#done | /usr/bin/sort -rn -k 2,2
done | /usr/bin/sort -rn -k 2,2 | /usr/bin/egrep -v '^[^ ]+ +[^ ]+e[^ ]+'

   export IFS=${OIFS}
   return 0
}


# usage:
# ruletraffic [rulenum]
# ruletraffic [rulenum1] [rulenum2] [rulenum3] ...

ruletraffic 5200
ruletraffic 5200 12700 7100

backreferences textmate

to regex textmate by deckard on Oct 11, 2008
Use dollar sign and ordinal number to specify back references.
Don't escape group delimiters (regular round braces)

(/something)_else\n



$1_other

Block internet traffic to specified web sites on the fly

to shell osx mac bash ip unix web internet access route traffic website localhost ipaddress block blackhole by jvs on Oct 09, 2008 
man 8 route
/sbin/route -n get default
/sbin/route -n get default | grep -w gateway
/sbin/route -n get default | grep interface | awk '{print $NF}'

/usr/bin/dig +short www.web_site.com                                 # get IPNUM
/usr/bin/sudo /sbin/route -n add -host IPNUM 127.0.0.1 -blackhole    # block IPNUM
/usr/sbin/netstat -rn | grep IPNUM                                   # show routing table
/usr/bin/sudo /sbin/route delete IPNUM 127.0.0.1                     # undo blocking


function blocksite() {
   declare ipaddr ipnum
   if [[ "${1//localhost/}" == '' ]] || [[ "${1//127.0.0.1/}" == '' ]]; then 
      printf "%s\n" 'Argument "localhost" is not permitted!'
      return 1
   fi
   ipnum=$(/usr/bin/dig +short "${1}" | /usr/bin/sed -E -n -e 's/^(([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3})$/\1/p'; exit ${PIPESTATUS[0]})
   if [[ $? -ne 0 ]] || [[ -z "${ipnum}" ]]; then 
      printf "%s\n%s\n" "Are you connected to the internet?" "man dig could not find the IP address of: ${1}"
      return 1
   fi
   OIFS=${IFS}
   IFS=$' \t\n'
   for ipaddr in ${ipnum//[[:cntrl:]]/ }; do
      /usr/bin/sudo /sbin/route -n add -host ${ipaddr} 127.0.0.1 -blackhole >/dev/null 2>&1
   done
   export IFS=${OIFS}
   printf "%s\n" "... blocking internet access to site: ${1} with IP address: ${ipnum//[[:cntrl:]]/, }"
   return 0
}


function unblocksite() {
   declare ipaddr ipnum
   if [[ "${1//localhost/}" == '' ]] || [[ "${1//127.0.0.1/}" == '' ]]; then 
      printf "%s\n" 'Argument "localhost" is not permitted!'
      return 1
   fi
   ipnum=$(/usr/bin/dig +short "${1}" | /usr/bin/sed -E -n -e 's/^(([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3})$/\1/p'; exit ${PIPESTATUS[0]})
   if [[ $? -ne 0 ]] || [[ -z "${ipnum}" ]]; then 
      printf "%s\n%s\n" "Are you connected to the internet?" "man dig could not find the IP address of: ${1}"
      return 1
   fi
   OIFS=${IFS}
   IFS=$' \t\n'
   for ipaddr in ${ipnum//[[:cntrl:]]/ }; do
      /usr/bin/sudo /sbin/route delete ${ipaddr} 127.0.0.1 >/dev/null 2>&1
   done
   export IFS=${OIFS}
   printf "%s\n" "... unblocking internet access to site: ${1} with IP address: ${ipnum//[[:cntrl:]]/ }"
   return 0
}


function unblockall() {
   declare ipaddr ipnums
   ipnums=$(/usr/sbin/netstat -rnf inet | /usr/bin/awk '{ if ( $2 == "127.0.0.1" && $3 == "UGHSB" ) print $1 }'; exit ${PIPESTATUS[0]})
   if [[ $? -ne 0 ]] || [[ -z "${ipnums}" ]]; then 
      printf "%s\x21\n" "No IP addresses to unblock"
      return 1
   fi
   OIFS=${IFS}
   IFS=$' \t\n'
   for ipaddr in ${ipnums//[[:cntrl:]]/ }; do
      /usr/bin/sudo /sbin/route delete ${ipaddr} 127.0.0.1 >/dev/null 2>&1
   done
   export IFS=${OIFS}
   printf "%s\n" "... unblocking internet access to IP addresses: ${ipnums//[[:cntrl:]]/ }"
   return 0
}


function showblocked() {
   ipnums=$(/usr/sbin/netstat -rnf inet | /usr/bin/awk '{ if ( $2 == "127.0.0.1" && $3 == "UGHSB" ) print $1 }'; exit ${PIPESTATUS[0]})
   printf "%s\n" "Blocked IP addresses: ${ipnums//[[:cntrl:]]/, }"
   return 0
}



blocksite codesnippets.joyent.com
netstat -rnf inet | grep UGHSB
showblocked
open http://codesnippets.joyent.com
unblocksite codesnippets.joyent.com

blocksite codesnippets.joyent.com
blocksite www.google.com
netstat -rnf inet | grep UGHSB
showblocked
open http://www.google.com
unblockall

Enable internet traffic via specified ports through ipfw

to shell osx mac bash unix web port ipfw firewall internet access traffic by jvs on Oct 08, 2008 
# cf. Example ipfw ruleset, http://codesnippets.joyent.com/posts/show/1267

# choose appropriate numbers for num1 & num2 according to your ipfw ruleset

/usr/bin/sudo /sbin/ipfw list
/usr/sbin/sysctl -n net.inet.ip.fw.autoinc_step

function free_ipfw_rule_num() {
   declare -i num1=6701 num2=6799 lastipfwnum
   if [[ $(/usr/sbin/sysctl -n net.inet.ip.fw.autoinc_step) -ne 100 ]]; then 
      printf "%s\x21\n" "sysctl -n net.inet.ip.fw.autoinc_step is not set to 100"
      return 1
   fi
   lastipfwnum=$(/usr/bin/sudo /sbin/ipfw list | /usr/bin/tail -n 2 | /usr/bin/head -n 1 | /usr/bin/awk '{print $1}')
   if [[ $num2 -ge $lastipfwnum ]]; then 
      printf "%s\x21\n" "${num2} is greater than or equal to ${lastipfwnum}"
      return 1
   fi
   while $(/usr/bin/sudo /sbin/ipfw show ${num1} &>/dev/null) ; do
      let "num1 += 1"
      if [[ $num1 -gt $num2 ]]; then num1=; break; return 1; fi
   done
   printf "%s\n" "${num1}"
   return 0
}


function openport() {
   declare portnum rulenum
   if [[ $# -ne 1 ]]; then printf "%s\n" "Wrong number of arguments: $#"; return 1; fi
   portnum="${1//[^[:digit:]]/}"
   if [[ -z $portnum ]]; then printf "%s\n" "No valid port number given: ${1}"; return 1; fi
   if [[ $portnum -gt 65535 ]]; then printf "%s\n" "Given port number is greater than 65535: ${portnum}"; return 1; fi
   rulenum=$(free_ipfw_rule_num)
   /usr/bin/sudo /sbin/ipfw -q add ${rulenum} allow all from any to any dst-port ${portnum} keep-state
   printf "%s\n" "... opening ipfw rule no. ${rulenum} for internet access via port ${portnum}"
   return 0
}


function closeport() {
   declare portnum rulenum
   if [[ $# -ne 1 ]]; then printf "%s\n" "Wrong number of arguments: $#"; return 1; fi
   portnum="${1//[^[:digit:]]/}"
   if [[ -z $portnum ]]; then printf "%s\n" "No valid port number given: ${1}"; return 1; fi
   if [[ $portnum -gt 65535 ]]; then printf "%s\n" "Given port number is greater than 65535: ${portnum}"; return 1; fi
   rulenum=$(/usr/bin/sudo /sbin/ipfw list | /usr/bin/awk "/from +any +to +any +dst-port +${portnum} +keep-state[[:space:]]*$/ {print \$1}")
   if [[ -z "${rulenum}" ]]; then printf "%s\n" "No ipfw rule for port number: ${portnum}"; return 1; fi
   /usr/bin/sudo /sbin/ipfw -q delete ${rulenum}
   printf "%s\n%s\n" "... deleting ipfw rule no. ${rulenum//[[:cntrl:]]/ }" "... closing internet access via port: ${portnum}"
   return 0
}


openport 43
openport 43
openport 43

/usr/bin/sudo /sbin/ipfw show [rulenum]     # ... allow ip from any to any dst-port 43 keep-state

closeport 43

List whois servers on Mac OS X

to shell osx mac bash server unix defaults whois list by jvs on Oct 08, 2008 
defaults domains | tr ',' '\n' | nl
defaults domains | tr ',' '\n' | grep -i network
defaults find network | egrep '^Found'
defaults find whois | egrep '^Found'
defaults find server | egrep '^Found'

defaults read com.apple.NetworkUtility
defaults read ~/Library/Preferences/com.apple.NetworkUtility NUWhoisSelectedServer
defaults read com.apple.NetworkUtility NUWhoisServers | awk -F '"' '/"/{print $2}' | nl

defaults read com.apple.NetworkUtility NUWhoisServers | awk -F '"' '/"/{print $2}' | xargs -I '{}' \
     bash -c 'ipaddr="$(/usr/bin/dig +short {})"; printf "%s\n" "${ipaddr//[[:cntrl:]]/, }"'

defaults read com.apple.NetworkUtility NUWhoisServers | awk -F '"' '/"/{print $2}' | xargs -I '{}' \
     bash -c 'ipaddr="$(/usr/bin/dig +short {})"; printf "%s  --  %s\n" "{}" "${ipaddr//[[:cntrl:]]/, }"'

Create & resolve Mac-type aliases from the command line

to shell osx mac bash unix alias mkalias hfsdata by jvs on Oct 08, 2008 
# See:
# - http://osxutils.sourceforge.net
# - http://www.sveinbjorn.org/osxutils_docs
# - http://developer.apple.com/technotes/tn/tn1188.html

/usr/local/bin/mkalias -r /path/to/file /path/to/mac-alias
/usr/local/bin/hfsdata -e /path/to/mac-alias

httpd.conf snippet to append to get mod_jk tomcat apache running with apache2 in Leopard 10.5

by restbeckett on Oct 08, 2008 
# Load mod_jk module
# Update this path to match your modules location

LoadModule jk_module /usr/libexec/apache2/mod_jk.so
# Where to find workers.properties
# Update this path to match your conf directory location (put workers.properties next to httpd.conf)
JkWorkersFile /private/etc/apache2/workers.properties
# Where to put jk shared memory
# Update this path to match your local state directory or logs directory
JkShmFile /var/log/apache2/mod_jk.shm
# Where to put jk logs
# Update this path to match your logs directory location (put mod_jk.log next to access_log)
JkLogFile /var/log/apache2/mod_jk.log
# Set the jk log level [debug/error/info]
JkLogLevel info
# Select the timestamp log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
# Send everything for context /examples to worker named ajp13 (ajp13)
# These are determined by tomcat apache configuration, the path below determines which part of your site will serve .jsp files.
JKMount /jqia/* ajp13

workers.properties file in /private/etc/apache2/ to get mod_jk apache tomcat running with apache2 in Leopard 10.5

by restbeckett on Oct 08, 2008 
#
# The workers that jk should create and work with
#
worker.list=ajp13

#
# Defining a worker named ajp13 and of type ajp13
# Note that the name and the type do not have to match.
#
worker.ajp13.type=ajp13
worker.ajp13.host=localhost
worker.ajp13.port=8009

Enable access to specified web sites through ipfw

to shell osx mac bash unix web ipfw firewall internet access traffic website pipestatus by jvs on Oct 07, 2008 
# cf. Example ipfw ruleset, http://codesnippets.joyent.com/posts/show/1267

# choose appropriate numbers for num1 & num2 according to your ipfw ruleset

/usr/bin/sudo /sbin/ipfw list
/usr/sbin/sysctl -n net.inet.ip.fw.autoinc_step

function free_ipfw_rule_num() {
   declare -i num1=6701 num2=6799 lastipfwnum
   if [[ $(/usr/sbin/sysctl -n net.inet.ip.fw.autoinc_step) -ne 100 ]]; then 
      printf "%s\x21\n" "sysctl -n net.inet.ip.fw.autoinc_step is not set to 100"
      return 1
   fi
   lastipfwnum=$(/usr/bin/sudo /sbin/ipfw list | /usr/bin/tail -n 2 | /usr/bin/head -n 1 | /usr/bin/awk '{print $1}')
   if [[ $num2 -ge $lastipfwnum ]]; then 
      printf "%s\x21\n" "${num2} is greater than or equal to ${lastipfwnum}"
      return 1
   fi
   while $(/usr/bin/sudo /sbin/ipfw show ${num1} &>/dev/null) ; do
      let "num1 += 1"
      if [[ $num1 -gt $num2 ]]; then num1=; break; return 1; fi
   done
   printf "%s\n" "${num1}"
   return 0
}


function opensite() {
   declare ipnum ipfwnum
   if [[ $# -eq 0 ]] || [[ $# -