I’m almost ashamed to admit I didn’t knew of this command until very recently. :-)
Everybody knows the kill command, and almost everybody knows killall too (like kill using the process’ name instead of its PID). The problem with killall is that it only signals the processes matching the exact name you specify, and sometimes you want to work over a series of related processes that begin with the same word, or have a given word on their command line. pkill does just that:
pkill -9 -f foo
As a side note, what I used before when I wanted to do this was:
kill $SIGNAL $(ps aux | grep $PROG | awk '{print $2}')
Si te ha interesado, ¿me invitas a una cerveza? / If you liked the post, would you buy me a beer?
ifstat is like some kind of vmstat for network interfaces. Every X seconds, it prints two columns per network interface monitoring the input and output bandwidth.
Quite useful when you need to diagnose a slow network, identify bottlenecks, monitor bandwidth consumption, etc. When invoked with the -t parameter it adds a timestamp on each line, very important if you plan to left it running for hours dumping its output to a file.
# ifstat -t
Time eth0 eth1
HH:MM:SS KB/s in KB/s out KB/s in KB/s out
12:40:25 0.05 0.19 0.00 0.00
12:40:26 0.26 0.24 0.00 0.00
12:40:27 6.87 30.14 0.00 0.00
12:40:28 0.17 0.26 0.00 0.00
12:40:29 0.05 0.22 0.00 0.00
12:40:30 0.05 0.14 0.00 0.00
12:40:31 0.05 0.14 0.00 0.00
12:40:32 0.29 0.38 0.00 0.00
12:40:33 0.29 0.38 0.00 0.00
12:40:34 0.13 0.22 0.00 0.00
12:40:35 2.85 8.70 0.00 0.00
12:40:36 9.01 38.84 0.00 0.00
12:40:37 0.55 0.24 0.00 0.00
12:40:38 0.05 0.14 0.00 0.00
Si te ha interesado, ¿me invitas a una cerveza? / If you liked the post, would you buy me a beer?
I start here a new section on my blog, Command Line (feed), where I will comment on UNIX commands (Linux and MacOS X mainly) that I find useful on my daily work. The articles will range from a very obscure command that I didn’t knew of until some day I needed something like it and found it and saved my day, new or creative ways to use old commands, or small shell-scripts that can make your life easier.
Unless otherwise specified, all these commands are just an “aptitude install” away on Debian and derivate distros (on Ubuntu they may be on universe or multiverse). For RedHat, CentOS, etc. there’s a good chance that you’ll find RPM packages on Dag Wieërs’ repository.
So, without further addo, the first command on the next entry. :)
I’ve been playing around a little bit with the MacOS X port of Virtual Box, and it looks really promising. Speed-wise it runs quite OK, I couldn’t tell wether or not it’s on par with VMWare Fusion. But I’ve had small problems with the keyboard (couldn’t get the alt and command keys to work right) and the “desktop resolution resizing” when in windowed mode.
Following these instrucions, I’ve made a small shell-script that converts a .vmdk disk image file from VMWare to a .vdi one for Virtual Box. It should detect the OS (Mac or Linux) and warn you in case you miss some of the dependencies (QEMU ’s qemu-img and Virtual Box’s vditool). It can be downloaded here:
WordPress MU 1.3.3 has been released today (announce, download). It includes a series of important security fixes and gets the code in sync with WordPress 2.3.3.
Once again, I’ve prepared a .diff file for an easier upgrade procedure from the previous version:
Desde que dejé la otra empresa que no estoy muy metido en el mundillo del Asterisk. En la que estoy ahora también se usa, pero lo administra otra persona. Pues ayer recibí un mail de un representante de Red-Fone, fabricantes del fonebridge2 del que escribí un artículo explicando cómo configurarlo para obtener alta disponibilidad con Asterisk, preguntándome si quería escribir un “case study” para usar como “success story” del producto. Mola. :) Tengo que hablar con mi antiguo jefe, ya que al no trabajar ya allí no se, por lo menos pedir permiso antes de hablar del negocio y demás.
Aparte me he pasado por la web de Red-Fone, que hacía siglos que no entraba, ¡y tienen un enlace en portada a mi HOWTO! :D
Nada, una de esas chorradas que te alegran el día. :) Uno, que se conforma con poca cosa. :)
One detail about VPNs that I’ve learnt this week the hard way:
If you want to use a VPN as your default gateway and not only to reach some private networks, you have to add first a static route to reach the VPN server through your current gateway.
It may not be very obvious but it’s quite logical: in order to start and maintain the VPN, you need to have network connectivity with the VPN server, that isn’t on our local network, so we reach it through our default gateway (the DSL router or whatever). Once the VPN is up, the “in transit” VPN is just TCP, UDP or some other protocol packets flowing from your host, through your gateway, and reaching the VPN server, that “unpacks” the actual VPN traffic. And what happens if now we set a default gateway on the other side of the VPN connection? It “overwrites” the previous GW, the DSL router. The new GW is not on our real local network anymore, we can’t reach it, so our “in transit” VPN packets can’t get to the VPN server.
Think about it. It’s quite silly, but it’s one of those things that get set up for you when configuring a VPN using a GUI, and you don’t even realize about them until you have to deal with things at a lower level (configuring a router, dealing with a server config files, etc.)
A friend of mine just sent me this:
WordPress MU 1.3.2 has been released. It gets the project in sync with WordPress 2.3.2 and besides that adds several WPMU-specific security fixes, so it’s a must.
The full package is available for download here. If you already have the previous release installed (simply 1.3, but it was in sync with WP 2.3.1) you can use the following patch to upgrade it more easily: wpmu-1_3-1_3_2.diff
It has happened to me a cuple of times when dealing with UDP-based services that, when a server has more than one network interface (either physical or virtual), all the UDP traffic goes out through the interface on the default gateway’s network segment and with that interface’s IP address, even when the original request came through the other interface and was directed to the other IP address.
Graphically, say you have something similar to this:
If the server receives a request on IPa, the response goes out through that same interface and with origin IPa. But if the request arrives on IPb through the interface on the right, the response is also sent through the left interface with IPa. And what happens when the client receives a response from an incorrect IP address? Maybe even from a completely different network segment? And if there’s a fw in between doing NAT?
Of course this breaks the service. This week I’ve had this very problem setting up a L2TP VPN, and it was impossible to establish the tunnel. On some other ocasions I’ve had a similar problem with a DNS server, and the outcome depended on the client’s operating system: some OSes accepted the DNS response even when it came from a different address than that of the server originally queried; others would reject it and even raise a security alert.
I guess that this behaviour can be programmatically controlled. I mean, when you receive a packet you can check the IP address it was sent to, and craft the response so that it gets sent with that same address from the right interface. But it seems that this is seldom done.
Yesterday I got around this issue with the help of iptables and a coworker more knowledgeable than me on routing issues:
- with iptables, you can detect the traffic to “redirect” and mark it
- depending on this mark and using “ip rule/route”, have a special routing table that sends this traffic to the proper GW/through the right interface.
- with iptables again and using the previous mark, do a SNAT on the origin IP address
An example for redirecting all UDP traffic from a certain $PORT using IP address $IPb through gateway $GWb would be:
echo 255 local > /etc/iproute2/rt_tables
echo 254 main >> /etc/iproute2/rt_tables
echo 253 default >> /etc/iproute2/rt_tables
echo 0 unspec >> /etc/iproute2/rt_tables
echo 200 udp >> /etc/iproute2/rt_tables
ip rule add fwmark 1 table udp
ip route add default via $GWb dev eth0 table l2tp
iptables -t mangle -A OUTPUT -p udp -m udp –sport $PORT -j MARK –set-mark 0×1
iptables -t nat -A POSTROUTING -m mark –mark 0×1 -j SNAT –to-source $IPb
Últimos comentarios
RSS