Wednesday, May 4, 2022
Counting Movies
How many movies do I have?
What years are they from?
Resolution?
Type of encoding?
HEHEHE.
#!/bin/bash
ls -lR /nas/a/movies/ | sort +8 | awk ‘{print $9}’ | grep -v “/” | grep -v .srt > /tmp/movies.list
for YEAR in {1910..2021}
do
COUNT=`grep $YEAR /tmp/movies.list | wc -l`
echo $YEAR “=” $COUNT
done
TEN=`grep 1080 /tmp/movies.list | wc -l`
SEV=`grep 720 /tmp/movies.list | wc -l`
TOT=`cat /tmp/movies.list | wc -l`
AVI=`cat /tmp/movies.list | grep “.avi” | wc -l`
MKV=`cat /tmp/movies.list | grep “.mkv” | wc -l`
MP4=`cat /tmp/movies.list | grep “.mp4” | wc -l`
MPG=`cat /tmp/movies.list | grep “.mpg” | wc -l`
M4V=`cat /tmp/movies.list | grep “.m4v” | wc -l`
echo “___________________________________”
echo “AVI = $AVI”
echo “MKV = $MKV”
echo “MP4 = $MP4”
echo “MPG = $MPG”
echo “M4V = $M4V”
echo “___________________________________”
echo “1080p = $TEN”
echo ” 720p = $SEV”
echo “TOTAL = $TOT”
echo “___________________________________”/usr/bin/du -ch /nas/a/movies; echo ==========;/usr/bin/du | sort -n | tail -3
Results
root@nas4:~/bin# ./movie.year.sh
1910 = 0
1911 = 2
1912 = 0
1913 = 0
1914 = 1
1915 = 5
1916 = 6
1917 = 3
1918 = 2
1919 = 4
1920 = 7
1921 = 3
1922 = 6
1923 = 4
1924 = 6
1925 = 5
1926 = 6
1927 = 7
1928 = 7
1929 = 10
1930 = 15
1931 = 25
1932 = 28
1933 = 36
1934 = 31
1935 = 46
1936 = 40
1937 = 45
1938 = 32
1939 = 35
1940 = 48
1941 = 48
1942 = 55
1943 = 37
1944 = 34
1945 = 34
1946 = 38
1947 = 38
1948 = 51
1949 = 46
1950 = 63
1951 = 48
1952 = 57
1953 = 60
1954 = 65
1955 = 64
1956 = 63
1957 = 72
1958 = 65
1959 = 55
1960 = 56
1961 = 61
1962 = 65
1963 = 63
1964 = 69
1965 = 85
1966 = 89
1967 = 97
1968 = 98
1969 = 122
1970 = 112
1971 = 131
1972 = 173
1973 = 163
1974 = 167
1975 = 142
1976 = 142
1977 = 166
1978 = 169
1979 = 182
1980 = 170
1981 = 154
1982 = 163
1983 = 159
1984 = 191
1985 = 200
1986 = 202
1987 = 223
1988 = 208
1989 = 224
1990 = 207
1991 = 225
1992 = 215
1993 = 209
1994 = 218
1995 = 219
1996 = 253
1997 = 235
1998 = 254
1999 = 275
2000 = 298
2001 = 311
2002 = 280
2003 = 302
2004 = 342
2005 = 372
2006 = 439
2007 = 445
2008 = 467
2009 = 539
2010 = 487
2011 = 580
2012 = 644
2013 = 670
2014 = 778
2015 = 878
2016 = 947
2017 = 1086
2018 = 1297
2019 = 1746
2020 = 2750
2021 = 2527
___________________________________
AVI = 1811
MKV = 8179
MP4 = 16458
MPG = 2
M4V = 215
___________________________________
1080p = 5653
720p = 4746
TOTAL = 27885
Sunday, February 6, 2022
Make sure a process is running?
I have a openvpn tunnel up normally for certain things and want to kill some processes
if the tunnel goes down…
Check every minute
* * * * * /root/bin/tun.up.sh >> /var/log/tunnel.up.log
Which checks for the tunnel tun0 and kill some processes if it’s not.
IFCONFIG=/sbin/ifconfig GREP=/usr/bin/grep ECHO=/usr/bin/echo AWK=/usr/bin/awk PS=/usr/bin/ps PKILL=/usr/bin/pkill DATE=`/usr/bin/date +"%m.%d.%y.%H.%M"` PGREP=/usr/bin/pgrep TEST=`$IFCONFIG | $GREP tun | $AWK '{print $1}'` TOKILL=`$PS | $GREP ktorrent` if [ $TEST == "tun0:" ]; then $ECHO $TEST " UP " $DATE exit fi PROC=`$PGREP ktorrent` #$ECHO "Killing " $PROC $ECHO $TEST " DOWN " $DATE $PKILL -f ktorrent
Going to write a bit more code in the near future to bring the tunnel back up when it goes down
but that’s something for a different day.
Killing a process every day at certain time?
Gotta Schedule it with crontab -e (I use joe a wordstar equivalent)
alias cron='crontab -e'
=====================================================
root@ms2:/home/timc/bin# select-editor Select an editor. To change later, run 'select-editor'. 1. /usr/bin/joe 2. /usr/bin/jstar 3. /usr/bin/jpico 4. /usr/bin/jmacs 5. /bin/nano <---- easiest 6. /usr/bin/vim.basic 7. /usr/bin/rjoe 8. /usr/bin/vim.tiny 9. /bin/ed
=====================================================
4 0 * * * /home/timc/bin/kill.exp.sh &> /var/log/kill.log
===========================================================
#!/bin/bash #ps -elf | grep chia | grep exp > t TOUCH=/usr/bin/touch ECHO=/usr/bin/echo CHMOD=/usr/bin/chmod RM=/usr/bin/rm PS=/usr/bin/ps CAT=/usr/bin/cat GREP=/usr/bin/grep AWK=/usr/bin/awk DIR="/home/timc/bin" TMPFILE="temp.kill.file" KILLFILE="kill.up.exp.sh" $RM $DIR/$TMPFILE $RM $DIR/$KILLFILE $TOUCH $DIR/$TMPFILE $TOUCH $DIR/$KILLFILE $PS -elf | $GREP chia | $GREP exp | $AWK '{print $4}' >> $TMPFILE $ECHO "Start kill file to exec (kill.up.exp.sh)" $CAT $DIR/$TMPFILE | while read line do $ECHO kill -9 $line >> $DIR/$KILLFILE done $CHMOD 755 $DIR/$KILLFILE $DIR/$KILLFILE
Monday, December 20, 2021
[bmwg] AD Review of draft-ietf-bmwg-ngfw-performance
https://datatracker. … g-ngfw-performance
My recent review of the latest IETF NGFW performance testing Draft for RFC:
I think these guys are way off base with no grasp of reality. If you just want a raw
number of what a firewall can do without any real world issues, then MAYBE it’ll work
although I would argue that point…
=========================================================
Tim copley
Dec 16, 2021, 1:59 PM (4 days ago)
to Warren, draft-ietf-bmwg-ngfw-performance, bmwg
I also, wanted to chime in regarding this and again, I also apologize for not reviewing earlier.
I’ve not really been too involved in security devices until the last couple years, but boy has it changed
drastically from when I was. Also, I noted that this document is basically following prior standards that
are also a bit out dated.
Some of the evolution, I’ve noticed which I think should at least be addressed in. I think you tried
to exclude these in the Scope.? However I’m not really sure you are covering but maybe 1/2 of the devices
that are being deployed at this time without addressing:
Virtualization. / Remote FWs in the next gen.
*) Large FWs are compartmentalizing Customers and serving multiple customers with the same firewall. So while
you have said what would happen to a customer when The Firewall is UT, you don’t really address what’s going
on with all the other customers on this DUT. If there are 10 Customers going through 1 large FW, what are the
other 9 experiencing when this is under Test. Would be interesting to have multiple parallel tests underway
and verify that behaviour is consistent across every “VDOM” within the system?
*) Time to Change. If things are changed during your Load profile.perhaps even on a different virtual Firewall
within the system,
*) Sandbox dips. Several of the firewall vendors send stuff through labs / temp work spaces either online or
offline that allow them to test against Zero Day scenarios. What happens to traffic flows during anomalies
in the traffic flows. Does it change the throughput of the DUT? I know this is kind of an open ended question.
but not sure you have good benchmark stats for a FW without it…
*) Cloud based scenarios. If the firewall is removed, and I’m not really sure how you would test this with
consistent results, but if the FW is offsite and the traffic is being routed through a Cloud based FW What does
that do to your traffic results?
TimC
Fruth Group
tcopley@fruthgroup.com
======================================================================
–
Timothy Copley
602.350.0633
Wednesday, September 8, 2021
Blacklist…..
One way I’ve done this….
root@azcopley:~# route add 84.38.129.0 gw 127.0.0.1 lo
For people I’ve noticed are attacking me..
Not sure about you. I know there are a lot of easier ways to do this. Some of the programs.. fail2ban and that kind of thing work wonders. However I’m a bit heavy handed :)
BLACKLIST=/tmp/blacklist GREP="/usr/bin/grep -Ev" IPT="/usr/sbin/iptables -A" /root/blacklistip.sh IPS=$($GREP "^#" $BLACKLIST) for IP in $IPS do $IPT INPUT -s $IP -j DROP $IPT OUTPUT -d $IP -j DROP done root@azcopley:~#
Call out IP addresses / backup the list so I don’t have to re-exmine those people I’ll eventually want to clean it out, so people re-using ip addresses don’t get blocked, but I really don’t supose that’ll happen real frequently.
cat blacklistip.sh #!/bin/sh CAT="/usr/bin/cat" GREP="/usr/bin/grep -i" AWK="/usr/bin/awk" UNIQ="/usr/bin/uniq" SORT="/usr/bin/sort" ATTACK="sshd" TMPFILE=/tmp/$ATTACK.attack BLACK="/tmp/blacklist" FILE="/var/log/iptables.log" # # Copy off previous $CAT $BLACK.new > $BLACK.old $CAT $FILE | $GREP $ATTACK | $AWK '{ print $11 }' > $TMPFILE.1 $CAT $TMPFILE.1 | $AWK -F "=" '{ print $2 }' >> $TMPFILE.2 $SORT $TMPFILE.2 > $TMPFILE.3 $UNIQ $TMPFILE.3 > $BLACK.new # # Only blacklist ones not done before.... # $AWK 'NR=FNR{a[$0];next}!($0 in a)' $BLACK.old $BLACK.new > $BLACK
Well, the list keeps growing…. Script kiddies. and the like.
cat /tmp/blacklist.new 103.108.87.133 103.218.3.18 103.228.183.10 103.254.198.67 103.3.226.166 104.131.84.222 104.40.217.239 106.116.118.89 106.12.119.1 106.12.125.241 106.12.166.166 106.12.179.191 106.12.211.254 106.12.214.145 106.12.99.204 106.13.167.62 106.13.176.163 106.13.35.232 106.13.44.83 106.13.45.212 106.13.78.7 106.51.98.159 106.52.42.153 106.53.89.104 106.54.127.61 106.54.200.209 106.75.141.160 106.75.28.38 111.203.196.62 111.229.43.27 111.230.231.145 111.230.29.17 111.231.238.83 111.231.69.68 111.40.217.92 112.21.188.235 112.3.30.119 112.35.77.101 114.4.227.194 114.80.94.228 117.50.5.198 117.50.77.220 118.24.88.241 118.25.91.168 118.89.219.116 118.89.78.131 119.29.104.238 121.229.18.144 121.66.252.158 122.152.208.61 122.155.17.174 122.51.10.222 122.51.245.240 122.51.34.199 122.51.39.232 122.55.190.12 123.59.199.45 124.152.118.131 124.93.160.82 124.93.18.202 128.199.107.114 128.199.164.253 128.199.99.204 129.204.51.77 129.28.183.62 13.71.21.123 131.108.60.30 132.232.53.85 138.117.179.134 138.219.129.150 138.68.22.231 139.59.10.42 139.59.87.250 140.143.233.29 140.207.96.235 140.86.12.31 142.93.140.242 145.239.83.104 145.239.87.35 150.136.160.141 150.158.122.241 152.136.152.45 152.32.144.26 152.67.47.139 157.230.163.6 159.65.176.156 161.189.144.43 162.0.225.199 162.243.237.90 162.251.23.43 164.132.42.32 164.163.99.10 165.227.203.162 167.114.114.114 170.210.121.208 171.244.51.114 175.24.49.130 176.197.5.34 176.31.162.82 178.128.221.85 178.128.56.89 178.128.57.147 178.32.115.26 179.191.123.46 18.220.207.167 180.168.212.6 180.76.138.132 180.76.186.109 181.123.177.150 181.46.80.183 183.195.121.197 183.81.152.109 185.107.95.231 185.129.148.43 185.165.169.168 185.20.82.2 185.254.207.197 188.168.82.246 190.210.62.45 191.189.238.135 192.35.168.195 192.35.169.20 192.99.12.24 193.112.28.27 194.204.194.11 195.54.160.99 195.54.161.15 198.98.61.68 2.36.136.146 200.204.174.163 202.147.198.154 203.151.146.216 203.177.71.254 203.185.61.140 206.253.166.69 209.126.124.203 211.108.69.103 211.90.37.75 212.51.148.162 213.184.249.95 213.204.124.71 213.217.0.177 216.126.58.224 217.182.94.110 223.240.109.231 35.201.150.16 35.241.72.130 37.187.3.53 41.223.4.155 41.63.0.133 41.93.32.94 43.241.238.152 43.248.124.132 45.118.151.85 45.14.150.103 45.157.120.16 45.170.73.13 45.92.126.74 46.101.40.21 49.232.136.245 49.232.33.182 49.232.59.246 49.233.33.118 49.233.84.128 49.235.151.50 49.247.196.128 5.196.70.107 5.249.159.37 51.178.51.36 51.38.126.75 51.38.188.63 51.68.227.98 51.75.18.212 51.79.44.52 51.79.70.223 51.79.85.142 51.83.75.97 51.91.100.120 54.37.75.210 58.87.78.80 59.13.125.142 60.167.180.193 60.2.224.234 61.12.26.145 61.160.107.66 61.183.139.155 62.171.148.78 62.210.119.215 62.234.167.126 62.4.21.144 65.78.99.127 66.70.205.186 77.122.171.25 79.137.34.248 79.17.217.113 80.211.246.93 84.2.226.70 89.154.4.249 89.248.168.51 91.121.211.59 92.222.156.151 93.148.0.91 94.103.80.118 97.90.110.160 root@azcopley:~#