Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Translate outgoing destination ports UNIX
This is probably evident for Unix wizards, but I spent a whole morning figuring this out so I thought some of you might find it useful too.

I have a client app which does not permit specifying a non-standard destination port. In this example, it is an LDAP client which will only contact a host on the local network on the standard port 389. The LDAP server it is trying to contact is in the local network at 193.168.4.253, but listening on the non-standard port 712. So, I had to set up a port translation for outgoing connections. The code to achieve this is as follows (must be run with sudo privileges, or as root in a launchd startup daemon to make it persistent):
sysctl -w net.inet.ip.forwarding=1
ipfw add 01000 divert natd tcp from me to 192.168.4.253 389 via en0
ipfw add 01000 divert natd tcp from 192.168.4.253 712 to me via en0
cat > natd.conf << end
interface en0
reverse
same_ports
redirect_port tcp 192.168.4.253:712 192.168.4.253:389
redirect_port tcp 192.168.4.253:389 192.168.4.253:712
end
natd -f natd.conf
Specifically, what this does is enable ipfw forwarding, then set up that ipfw should pass all traffic to host 192.168.4.253 on port 389, and from host 192.168.4.253 port 712 to the natd daemon. natd gets launched as a daemon and is told to rewrite the outgoing connection to the host's port 389 to the "real" port 712. All returning packets from the host's port 712 are then translated back to the original port 389 expected by the client application.

[robg adds: I haven't tested this one.]
  Post a comment  •  Comments (4)  
  • Currently 2.33 / 5
  You rated: 4 / 5 (12 votes cast)
 
[6,278 views] Email Article To a Friend View Printable Version
Ease encrypt/decrypt via ssl with two functions UNIX
The following two functions (just add to your .bash_profile or .profile file) will make life easier when encrypting and decrypting files with openssl in Terminal:
function encrypt {
  if [ "$1" = "" ]; then
    echo "Usage: encrypt filename"
  elif [ -d "$1" ]; then
    echo ""$1" is a directory"
  elif [ -L "$1" ]; then
    echo ""$1" is a symbolic link"
  elif ! [ -r "$1" ]; then
    echo ""$1" is not readable"
  else
    /usr/bin/openssl aes-256-cbc -salt -in "$1" -out "$1".aes
      if [ $? -eq 0 ] ; then
        echo "encryted file: "$1".aes"
      fi
  fi
}

function decrypt {
  if [ "$1" = "" ] || [ "${1##*.}" != aes ]; then
    echo "Usage: decrypt filename.aes"
  else
    /usr/bin/openssl aes-256-cbc -d -salt -in "$1" -out "${1%.aes}" 2>/dev/null
      if [ $? -eq 0 ] ; then
        echo "decryted file: ${1%.aes}"
      else
        /bin/rm "${1%.aes}"
        echo -e "bad decrypt, possible incorrect password \n(${1%.aes} deleted)"
      fi
  fi
}
[robg adds: I haven't tested these functions.]
  Post a comment  •  Comments (1)  
  • Currently 2.75 / 5
  You rated: 4 / 5 (12 votes cast)
 
[6,085 views] Email Article To a Friend View Printable Version
Handle resource forks correctly with newer rsync UNIX
For rsync users, the newest version of rsync (3.0.6 as of this moment) seems to be able to handle Mac extended attributes and resource forks correctly. Unfortunately, it doesn't seem to ship with Snow Leopard, but it can be downloaded and installed fairly easily. After downloading from the above-linked site, just follow the instructions in the INSTALL text file, and remember that the make install command needs to be run with administrator privileges (sudo). Further, you may need to adjust your PATH and MANPATH settings, so that /usr/local/bin and /usr/local/share/man (the default install locations) appear earlier in the list than do /usr/bin, the home of the stock rsync.

Your current rsync scripts may need some tweaking, too. For example, the -E flag no longer refers to extended attributes (it now tells rsync to preserve executability); -X is used for extended attributes. Also, -X is not included in the standard -a (archive) flag, and should be added explicitly.

[robg adds: The version of rsync in both Leopard and Snow Leopard is quite old -- 2.6.9, which shipped in November of 2006. You can also install the newest rsync via either MacPorts or Fink.]
  Post a comment  •  Comments (8)  
  • Currently 2.40 / 5
  You rated: 3 / 5 (10 votes cast)
 
[14,776 views] Email Article To a Friend View Printable Version
10.6: Compress files with HFS+ compression UNIX
Snow Leopard introduces a new feature that has been used on most of the system files: HFS+ compression. This compression is rather different than most other file compression options available in the sense that it is completely transparent; there isn't even a way to tell that the files are compressed using Snow Leopard's included command line tools (in fact, contrary to what some posts on this site have suggested, command line utilities like strings will see the same file regardless if it is compressed or not).

In order to even determine if a file is compressed using HFS+ compression or not, a tool like hfsdebug is needed.
read more (644 words)   Post a comment  •  Comments (34)  
  • Currently 3.50 / 5
  You rated: 1 / 5 (16 votes cast)
 
[44,909 views] Email Article To a Friend View Printable Version
Adjust brightness from Terminal UNIX
I've searched for a way to control the display brightness from the command line. I found several AppleScripts that open the System Preferences panel and set the slider, but I wanted a pure command line tool. Maybe someone else is looking for the same solution, so here is what I found:

This blog post discusses has a small commandline tool (written by Nicholas Riley) to set the brightness from Terminal. Just download the binary [4KB] and install it. You can then set the brightness by typing brightness 0 (to set it to minimum, use 1 for maximum, or any value between).

Note: The binary is Intel-Only (32-Bit), but the source code is available on the above linked page too, so you could easily compile a PowerPC or 64Bit Intel Binary on your own. I've tested it only with Snow Leopard and a self-compiled 64Bit binary, and it works fine
  Post a comment  •  Comments (18)  
  • Currently 3.08 / 5
  You rated: 3 / 5 (12 votes cast)
 
[26,020 views] Email Article To a Friend View Printable Version
10.6 Server: Install HellaNZB without using MacPorts UNIX
If you try to install hellanzb via MacPorts, the method is currently broken on 10.6.. That's because py25-twisted fails to build on my 64bit system ( Ticket #20820).

The solution is to build using Python 2.5 instead of the default Python 2.6 in Snow Leopard. This avoids conflicts with Apple's own wiki and blog software, and problems with deprecated sys calls with HellaNZB.
  1. Build Twisted-8.2.0 [download: sudo /usr/bin/python2.5 setup.py install
  2. Build hellanzb-0.13 [download]: sudo /usr/bin/python2.5 setup.py install. This will install to /usr/local/bin/hellanzb.py.
  3. Place unrar and rar version 3.90 (rarosx-3.9.0.tar) into /usr/local/bin/.
  4. Install par2cmdline-0.4-tbb-20090203-mac [download]. Store the files here: /usr/lib/libtbb.dylib and /usr/local/bin/par2
  5. For SSL functionality, install pyOpenSSL-0.9 [download]: sudo /usr/bin/python2.5 setup.py
  6. Create a hellanzb.sh daemon startup script, saved as /usr/local/bin/hellanzbd.sh:
    #!/bin/bash 
    export PATH=/usr/local/bin/;
    /usr/local/bin/hellanzb.py -D
  7. Configure hellanzb using /opt/local/etc/hellanzb.conf
  8. Create a launchctl item in /Library/LaunchDaemons/com.hellanzb.daemon.plist:
    <?xml version="1.0" encoding="UTF-8"?>
    <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
    <plist version="1.0">
    <dict>
    	<key>Label</key>
    	<string>com.hellanzb.daemon</string>
    	<key>ProgramArguments</key>
    	<array>
    	<string>/usr/local/bin/hellanzbd.sh</string>
    	</array>
    	<key>RunAtLoad</key>
    	<true/>
    	<key>StandardErrorPath</key>
    	<string>/Library/Logs/HellaNZB/error.log</string>
    	<key>StandardOutPath</key>
    	<string>/Library/Logs/HellaNZB/hella.log</string>
    	<key>UserName</key>
    	<string>*myusername*</string>
    	<key>GroupName</key>
    	<string>admin</string>
    </dict>
    </plist>
  9. Start the daemon: sudo launchctl load /Library/LaunchDaemons/com.hellanzb.daemon.plist
[robg adds: I haven't tested this one.]
  Post a comment  •  Comments (1)  
  • Currently 2.55 / 5
  You rated: 2 / 5 (11 votes cast)
 
[7,418 views] Email Article To a Friend View Printable Version
10.6: Set default time zone for PHP in Snow Leopard UNIX
It seems like the new PHP version in Snow Leopard wants you to explicitly set a default timezone when calculating stuff using the date() function, and will warn you about this in your script's output.

To set the date, look in /etc and find php.ini.default, open it up in your favorite editor (BBEdit work great, but sudo pico /etc/php.ini.default works as well). Look for this line:
date.timezone = 
Add your preferred timezone, like so:
date.timezone = "Europe/Berlin"
Read this page in the PHP manual for supported zones and cities.

After you're done with that, rename the file using sudo mv php.ini.default php.ini and restart your computer to implement the time zone change.
  Post a comment  •  Comments (5)  
  • Currently 2.67 / 5
  You rated: 2 / 5 (15 votes cast)
 
[30,063 views] Email Article To a Friend View Printable Version
Send Growl notifications to Macs from Linux boxes UNIX
There is a way of sending messages to Growl running on a Mac OS X machine from any Unix machine with the standard X11 tools. You do not need to install anything on the Unix machine, just use the xkbbell command.

In short, you need to first install growlnotify on the Mac. You then need a configuration file, xkbevd.cf, with the following content:
Bell()  shell "/usr/local/bin/growlnotify --message \"$(name)\" --appIcon X11; true "
Start the X11 server, then start the xkbevd daemon (again on the Mac) pointing to the configuration file you just created (xkbevd -cfg xkbevd.cf -bg). You can then call the command xkbbell on the Unix machine to generate a Growl notification on the Mac. For example, xkbbell "lasers offline". There are detailed instructions and notes on my blog, for those who'd like more information on how this works.

[robg adds: I haven't tested this one.]
  Post a comment  •  Comments (6)  
  • Currently 2.36 / 5
  You rated: 4 / 5 (11 votes cast)
 
[20,125 views] Email Article To a Friend View Printable Version
Keep Safari/Mail RSS feeds in sync between two Macs UNIX
I have two Macs, a desktop and a portable, and on both I use Safari as an RSS reader. Until recently, I was having trouble keeping feeds synchronized. Obviously, after reading a set of feeds on one machine, I don't want to see them unread when I switch to the other one. I'm well aware that this problem can be solved by subscribing to MobileMe, Google Reader, or other "cloud data" services. I choose not to use them because of privacy concerns, which I'm not going to debate here. So I came up with a simple standalone method to sync my RSS data.

My research showed that Safari stores information about RSS feeds in an SQLite database file called Database.sqlite3 in your home directory. That database is managed by a background process called PubSubAgent, which starts automatically when you log in. This process communicates with MobileMe, if you have an account, to sync the database between devices. I assume this is done by sending SQL commands over the network. Safari and Mail are also clients of PubSubAgent.

Now, in general there's no way to duplicate the functionality of MobileMe. If you read some feeds on host A, then some other feeds on host B, you have two conflicting versions of the database. You can't resolve the conflict by simply copying the file from A to B or vice versa. MobileMe will resolve it by merging the changes so that any feed marked as read on either A or B will be marked read on both. This also works if you have more than two devices on the same account.

But in my case, I have only two devices, and I use only one at a time. When I switch from A to B, I should be able to just copy the database file from A to B over the network and take up where I left off.
read more (318 words)   Post a comment  •  Comments (3)  
  • Currently 2.44 / 5
  You rated: 3 / 5 (9 votes cast)
 
[11,967 views] Email Article To a Friend View Printable Version
Install Ruby 1.9 alongside Ruby 1.8 UNIX
I have put together a process that will make Ruby 1.9 from source, and install the resulting binaries in the folder of your choice. The script downloads all the files and patches to /tmp. I also wrote a script that allows me to swap ruby 1.8 and 1.9 as I need.

Here's how I installed the newer version of Ruby in its own directory. First, I downloaded, compiled, and installed readline and patch:
$ cd /tmp
$ curl -O ftp://ftp.gnu.org/gnu/readline/readline-5.2.tar.gz
$ tar xzvf readline-5.2.tar.gz
$ cd readline-5.2
$ curl -O http://ftp.gnu.org/gnu/readline/readline-5.2-patches/readline52-012
$ patch -p0 <>
$ ./configure --prefix=$HOME/
$ make
$ sudo make install
$ cd ..
Next, I downloaded, compiled, and installed the latest version of Ruby, picking up right where the above commands left off (comments denoted with #):
$ rm index.ht*
$ wget -F ftp://ftp.ruby-lang.org/pub/ruby/1.9/
# I am only interesting in the tar.gz files
# you can go crazy and do a less/more cryptic regex here.
$ sed -e 's#<[^>]*>##g' index.html |sed -e 's#.*File *##g'|sed -e '1,6d'|sed 'N;$!P;$!D;$d'| sed -e '/zip/d'|sed -e '/bz2/d'
$ echo -n "please enter a file from the above list:"
$ read -e Ruby_File
$ curl -O ftp://ftp.ruby-lang.org/pub/ruby/1.9/$Ruby_File
$ tar xzvf {$Ruby_File}
# since we are working in /tmp, I assumed there are no
# existing directories with namme ruby.....
$ cd ruby*
$ autoconf
$ sudo ./configure --prefix=$HOME/ruby--with-readline-dir=$HOME/
$ sudo make
$ sudo make install
Now I have safely installed Ruby 1.9 in a place where it does not disturb the original Ruby. You can change where to install Ruby by replacing $HOME above with whatever directory you want to use.
read more (246 words)   Post a comment  •  Comments (8)  
  • Currently 2.00 / 5
  You rated: 5 / 5 (11 votes cast)
 
[12,435 views] Email Article To a Friend View Printable Version