www.copyandwaste.com

Whenever I write a shell script I find myself trying to construct command line arguements to achieve what I want. Then I google the problem I’m going to solve and find better ways to do it. By the next time I need to solve a similar problem I forget what I’ve done… hence this post.

To list all files without extension:
======================================
ls -R | grep -v “\.”

To sum the first column of values:
======================================

awk ‘{tot=tot+$1} END {print tot}’

Today’s name abbreviated:
======================================

date +%a

Send an email message:
======================================

mail -s “subject line” blah@blah.com < /path/to/file

Traverse syslog directory, find all files with no extension, find out size
======================================

#Get Kilobytes for Today’s files into <date>daily with full path
find -f /data/ | grep -v “\.” | grep -e [Wed]/[0-9][0-9]$ | \
xargs du -k  > /home/staff/akonkol/scripts/$filename

• “find -f” will list the all the files/directorie’s full path
• “grep -v “\.” will find everything that is not a directory
• “grep -e” will find all paths that end with today’s abbreviation slash num num
• “xargs  du -k” will perform a “du -k” on every path that is piped in.

Scenario: You are VPN’d into your company and you wish to browse the web without any traffic traversing your corporation’s network.

If you company has split-tunneling configured on their vpn, chances are that traffic destined towards the internet will not touch the corporate network. One downside to split tunneling is that in Leopard your /etc/resolv.conf is replaced with your company’s DNS servers.

What does this mean? Although http/https traffic to the public internet never touches your company’s equipment, they can still log dns queries.

How do you keep your typical vpn connectivity EXCEPT for web traffic? simple, ssh -D and socks.

1. Open terminal and type in the following: ssh -D 2001 <username>@<remote host>
2. This will open port 2001 on your local interface (127.0.01)
3. Open firefox in the address bar type: about:config <enter>
4. In the filter bar type “proxy”
5. You should now see a few rows, set the following values:

• network.proxy.socks = 127.0.0.1
• network.proxy.socks_port = 2001
• network.proxy.socks_remote_dns = true
• network.proxy.socks_version = 5

This tells firefox that all requests that it makes (including DNS) should go to 127.0.0.1:2001 which is actually a tunnel back to the remote host you specified.

This is a clientside configuration, meaning that only firefox will be effected, you should be able to still ssh to remote hosts on your company’s network, as well as RDC.

Caveat: Any browsing to intranet sites will be broken, since external dns is being used.

Fix: Use safari or other browser to view intranet sites.

**And of course, don’t trust me…. open tcpdump on your local machine and on the remote and see where traffic generated via firefox goes**