Never been to CodeSnippets before?

Snippets is a public source code repository. Easily build up your personal collection of code snippets, categorize them with tags / keywords, and share them with the world (or not, you can keep them private!)

4 total

On This Page:

  1. 1 Ping a port with hping3
  2. 2 Enable internet traffic via specified ports through ipfw
  3. 3 portscan
  4. 4 ssh tunnel for mysql

Ping a port with hping3

to shell osx mac bash ping unix network web port ipfw internet hping hping3 by jvs on Oct 14, 2008 
# cf. http://trac.macports.org/wiki/InstallingMacPorts
/opt/local/bin/port info hping3
/usr/bin/sudo /opt/local/bin/port install hping3

hping3 --help


# Terminal window 1
alias sudo=/usr/bin/sudo
alias tcpdump=/usr/sbin/tcpdump
#sudo tcpdump -s0 -xX -i lo0 port 4678 and host localhost
sudo tcpdump -s0 -vvv -i lo0 port 4678 and host localhost


# Terminal window 2
alias sudo=/usr/bin/sudo
alias hping3=/opt/local/sbin/hping3
sudo hping3 -I lo0 -s 4678 -c 1 localhost -p 4678
sudo hping3 -S -I lo0 -d 995 -s 4678 -c 1 localhost -p 4678
sudo hping3 -SA -I lo0 -d 995 -w 200 -s 4678 -c 1 localhost -p 4678
sudo hping3 -SA -M 3000 -I lo0 -d 995 -w 65 -s 4678 -c 1 localhost -p 4678
sudo hping3 -DV -SA -I lo0 -s 4678 -a 192.168.1.100 -c 1 localhost -p 4678


#----------------------------------------


# some corresponding ipfw rules for testing purposes 
# (just place them at the beginning of your ipfw rule set)

# not me to me & me to not me
/sbin/ipfw -q add count log all from not me to me 4678 in
/sbin/ipfw -q add count log all from me to not me 4678 out

# any to me & me to any
/sbin/ipfw -q add count log all from any to me 4678 in
/sbin/ipfw -q add count log all from me to any 4678 out
    
# any to any
/sbin/ipfw -q add count log all from any to any 4678

Enable internet traffic via specified ports through ipfw

to awk shell osx mac bash unix web port ipfw firewall internet access traffic by jvs on Oct 08, 2008 
# cf. Example ipfw ruleset, http://codesnippets.joyent.com/posts/show/1267

# choose appropriate numbers for num1 & num2 according to your ipfw ruleset

/usr/bin/sudo /sbin/ipfw list
/usr/sbin/sysctl -n net.inet.ip.fw.autoinc_step

function free_ipfw_rule_num() {
   declare -i num1=6701 num2=6799 lastipfwnum
   if [[ $(/usr/sbin/sysctl -n net.inet.ip.fw.autoinc_step) -ne 100 ]]; then 
      printf "%s\x21\n" "sysctl -n net.inet.ip.fw.autoinc_step is not set to 100"
      return 1
   fi
   lastipfwnum=$(/usr/bin/sudo /sbin/ipfw list | /usr/bin/tail -n 2 | /usr/bin/head -n 1 | /usr/bin/awk '{print $1}')
   if [[ $num2 -ge $lastipfwnum ]]; then 
      printf "%s\x21\n" "${num2} is greater than or equal to ${lastipfwnum}"
      return 1
   fi
   while $(/usr/bin/sudo /sbin/ipfw show ${num1} &>/dev/null) ; do
      let "num1 += 1"
      if [[ $num1 -gt $num2 ]]; then num1=; break; return 1; fi
   done
   printf "%s\n" "${num1}"
   return 0
}


function openport() {
   declare portnum rulenum
   if [[ $# -ne 1 ]]; then printf "%s\n" "Wrong number of arguments: $#"; return 1; fi
   portnum="${1//[^[:digit:]]/}"
   if [[ -z $portnum ]]; then printf "%s\n" "No valid port number given: ${1}"; return 1; fi
   if [[ $portnum -gt 65535 ]]; then printf "%s\n" "Given port number is greater than 65535: ${portnum}"; return 1; fi
   rulenum=$(free_ipfw_rule_num)
   /usr/bin/sudo /sbin/ipfw -q add ${rulenum} allow all from any to any dst-port ${portnum} keep-state
   printf "%s\n" "... opening ipfw rule no. ${rulenum} for internet access via port ${portnum}"
   return 0
}


function closeport() {
   declare portnum rulenum
   if [[ $# -ne 1 ]]; then printf "%s\n" "Wrong number of arguments: $#"; return 1; fi
   portnum="${1//[^[:digit:]]/}"
   if [[ -z $portnum ]]; then printf "%s\n" "No valid port number given: ${1}"; return 1; fi
   if [[ $portnum -gt 65535 ]]; then printf "%s\n" "Given port number is greater than 65535: ${portnum}"; return 1; fi
   rulenum=$(/usr/bin/sudo /sbin/ipfw list | /usr/bin/awk "/from +any +to +any +dst-port +${portnum} +keep-state[[:space:]]*$/ {print \$1}")
   if [[ -z "${rulenum}" ]]; then printf "%s\n" "No ipfw rule for port number: ${portnum}"; return 1; fi
   /usr/bin/sudo /sbin/ipfw -q delete ${rulenum}
   printf "%s\n%s\n" "... deleting ipfw rule no. ${rulenum//[[:cntrl:]]/ }" "... closing internet access via port: ${portnum}"
   return 0
}


openport 43
openport 43
openport 43

/usr/bin/sudo /sbin/ipfw show [rulenum]     # ... allow ip from any to any dst-port 43 keep-state

closeport 43

portscan

to shell osx mac bash ip network port scan by jv on Jan 03, 2008 

# first create a symbolic link
sudo ln -s "/Applications/Utilities/Network Utility.app/Contents/Resources/stroke" /bin/portscan

# usage: portscan address startPort endPort

portscan localhost 1 5000

portscan $(/usr/sbin/ipconfig getifaddr en0 2>/dev/null || /bin/echo localhost) 1 10000

ssh tunnel for mysql

to mysql ssh tunnel port by deckard on Apr 09, 2007
// description of your code here

No forking in background and verbose

ssh -2 -v -c blowfish -C -N user@servername.textdrive.com -L 3370/127.0.0.1/3306



Forking in background

ssh -2 -f -c blowfish -C -N user@servername.textdrive.com -L 3370/127.0.0.1/3306
4 total

On This Page:

  1. 1 Ping a port with hping3
  2. 2 Enable internet traffic via specified ports through ipfw
  3. 3 portscan
  4. 4 ssh tunnel for mysql