dl

David Lundgren

Web Developer & Systems Administrator

BlockList.de IP lists with CIDR notation

Several weeks ago one of the servers I manage ended up with a lot of comment spam. After several hours of searching through the logs and correlating the IP’s, I found out that a majority of the hosts were listed in the BlockList.de’s bots.txt file. I didn’t want to import ALL the IP’s on the list as I noticed that quite a few could be pushed into fewer lines using CIDR notation.

I set out to compress this and ended up with this Gist that can do exactly that.

<?php
require_once "/path/to/BlocklistDe.php";

$botList = new BlocklistDe('bots.txt');
$botList->writeToFile('converted-bots.txt');

This particular server was using Ubuntu, so I pushed the 13k addresses into the iptables configuration. Spam has been cut quite dramatically.

MySQL Transactions and Altering Schema

While reviewing the log files for a project I am working on I came across a MySQL error that dealt with mismatched character sets. Specifically the table was set to latin1 and the connection was set to UTF8. This error was rare but happened at the right time for me to catch it, as I was reviewing the log files for an unrelated problem.

Further investigation revealed that the schema and some tables were set to latin1. If we weren’t setting the connection to UTF8 this wouldn’t be a problem. So I set to work on creating a database update to include the alter database and necessary alter table statements.

The first statement among the list of statements that needs to run:

ALTER DATABASE project CHARACTER SET UTF8.

Response from MySQL: Error 1192: “Can’t execute the given command because you have active locked tables or an active transaction”

I was stuck, as this had run fine in the development, QA, and staging environments. Why would it fail in production? The tables didn’t have any locks, and there were no transactions that I was aware of. My Google-Fu led me to the MySQL 5.1 Reference section 13.3.3.┬áStatements That Cause an Implicit Commit. Armed with the knowledge that create, alter, delete table statements cause implicit commits, I was still stuck where I began.

I began reviewing our database update mechanism (based on Zend Framework Database Table Adapters) and found that it was starting a transaction before running the statements. I set forth to update the tool, but some updates needed transactions for their modifications, so I ended up running the query manually.

Sometimes there is no easy answer and you need to just Ops up and get your DBA on.

FreeBSD and sudo defaults

Several weeks ago I started transitioning some Ubuntu VM’s to FreeBSD VM’s . On previous VM’s I was able to use the following command line without any problems

sudo phing code-update

After switching to FreeBSD I found that sudo, or its “sudo -E” variant, was having problems when running in sub shells. Phing svn tasks were asking for passwords that were previously setup to use svn+ssh. Using “sudo svn list svn+ssh://svn.example.com/svn/project” worked but not when phing ran. It turns out there are two environment variables that Ubuntu’s sudo package was preserving: HOME & MAIL. NOTE: Ubuntu 14.04LTS’ sudo package appears to only preserve HOME.

I created /usr/local/etc/sudoers.d/svnusers

Defaults env_reset
Defaults env_keep+="HOME"

This made FreeBSD’s sudo work as it had on Ubuntu. A day’s worth of investigation to solve the riddle but it works as I would expect it to.

Value of IT certifications

The other day the COO, a co-worker, and I were talking about things happening at the Company, and a quick side trek into the value of IT certifications came up. My original stance on the subject was that certifications weren’t valuable and that the skills we end up sharpening are better. After talking with them though I came to find out that not all certifications are created equal, some have more value than others. I don’t have all the answers to what the best measures of how to find those valuable certifications, but I did think about it longer, and I believe I’ve come up with something to help us measure wither getting a certification is worth it.

Continue reading

« Previous PageNext Page »