Free echo press software for linux

Compress::BraceExpansion is a Perl module to create a human-readable compressed string suitable for shell brace expansion.

SYNOPSIS

use Compress::BraceExpansion;

# output: ab{c,d}
print Compress::BraceExpansion->new( qw( abc abd ) )->shrink();

# output: aabb{cc,dd}
print Compress::BraceExpansion->new( qw( aabbcc aabbdd ) )->shrink();

# output: aa{bb{cc,dd},eeff}
print Compress::BraceExpansion->new( qw( aabbcc aabbdd aaeeff ) )->shrink();

Shells such as bash and zsh have a feature call brace expansion. These allow users to specify an expression to generate a series of strings that contain similar patterns. For example:

$ echo a{b,c}
ab ac

$ echo aa{bb,xx}cc
aabbcc aaxxcc

$ echo a{b,x}c{d,y}e
abcde abcye axcde axcye

$ echo a{b,x{y,z}}c
abc axyc axzc

This module was designed to take a list of strings with similar patterns (e.g. the output of a shell expansion) and generate the un-expanded expression. Given a reasonably sized array of similar strings, this module will generate a single compressed string that can be comfortably parsed by a human.
The current algorithm is most efficient if groups of the input strings start with or end with similar characters. See BUGS AND LIMITATIONS section for more details.

Configuration with no services supported script is for a single host firewall configuration with no services supported by the firewall machine itself.

Sample:

# USER CONFIGURABLE SECTION

# The name and location of the ipchains utility.
IPTABLES=iptables

# The path to the ipchains executable.
PATH="/usr/local/sbin"

# Our internal network address space and its supporting network device.
OURNET="10.5.0.0/24"
OURBCAST="10.5.0.255"
OURDEV="eth0"

# The outside address and the network device that supports it.
ANYADDR="0/0"
ANYDEV="ppp0"

# The TCP services we wish to allow to pass - "" empty means all ports
# note: comma separated
TCPIN="ssh,ftp,ftp-data"
TCPOUT="smtp,www,ssh,telnet,ftp,ftp-data,irc,http"

# The UDP services we wish to allow to pass - "" empty means all ports
# note: comma separated
UDPIN="domain"
UDPOUT="domain"

# The ICMP services we wish to allow to pass - "" empty means all types
# ref: /usr/include/netinet/ip_icmp.h for type numbers
# note: comma separated
ICMPIN="0,3,11"
ICMPOUT="8,3,11"

# Logging; uncomment the following line to enable logging of datagrams
# that are blocked by the firewall.
# LOGGING=1

# END USER CONFIGURABLE SECTION
####################################
# Flush the Input table rules
echo -n Flushing forward... && {
$IPTABLES -F FORWARD
} && echo done

# We want to deny incoming access by default.
# echo -n Denying incoming access... && {
# $IPTABLES -P FORWARD drop
# } && echo done

# Drop all datagrams destined for this host received from outside.
echo -n Dropping incoming datagrams... && {
$IPTABLES -A INPUT -i $ANYDEV -j DROP
} && echo done

# SPOOFING
# We should not accept any datagrams with a source address matching ours
# from the outside, so we deny them.
echo -n Preventing spoofing... && {
$IPTABLES -A FORWARD -s $OURNET -i $ANYDEV -j DROP
} && echo done

# SMURF
# Disallow ICMP to our broadcast address to prevent "Smurf" style attack.
echo -n Preventing SMURFs... && {
$IPTABLES -A FORWARD -p icmp -i $ANYDEV -d $OURNET -j DROP
} && echo done

# We should accept fragments, in iptables we must do this explicitly.
echo -n Accepting fragments... && {
$IPTABLES -A FORWARD -f -j ACCEPT
} && echo done

# TCP
# We will accept all TCP datagrams belonging to an existing connection
# (i.e. having the ACK bit set) for the TCP ports were allowing through.
# This should catch more than 95 % of all valid TCP packets.
echo -n Accepting valid incoming tcp datagrams on existing connections... && {
$IPTABLES -A FORWARD -m multiport -p tcp -d $OURNET --dports $TCPIN ! --tcp-flags SYN,ACK ACK -j ACCEPT
} && echo done
echo -n Accepting valid outgoing tcp datagrams on existing connections... && {
$IPTABLES -A FORWARD -m multiport -p tcp -s $OURNET --sports $TCPIN ! --tcp-flags SYN,ACK ACK -j ACCEPT
} && echo done

# TCP - INCOMING CONNECTIONS
# We will accept connection requests from the outside only on the
# allowed TCP ports.
echo -n Accepting incoming tcp connections on allowed ports... && {
$IPTABLES -A FORWARD -m multiport -p tcp -i $ANYDEV -d $OURNET --dports $TCPIN --syn -j ACCEPT
} && echo done

# TCP - OUTGOING CONNECTIONS
# We will accept all outgoing tcp connection requests on the allowed TCP ports.
echo -n Accepting outgoing traffic on allowed tcp ports... && {
$IPTABLES -A FORWARD -m multiport -p tcp -i $OURDEV -d $ANYADDR --dports $TCPOUT --syn -j ACCEPT
} && echo done

# UDP - INCOMING
# allow UDP datagrams in on the allowed ports and back.
echo -n Allowing UDP datagrams in on the allowed ports and back... && {
$IPTABLES -A FORWARD -m multiport -p udp -i $ANYDEV -d $OURNET --dports $UDPIN -j ACCEPT
$IPTABLES -A FORWARD -m multiport -p udp -i $ANYDEV -s $OURNET --sports $UDPIN -j ACCEPT
} && echo done

# UDP - OUTGOING
# We will allow UDP datagrams out to the allowed ports and back.
echo -n Allowing UDP datagrams out on the allowed ports and back... && {
$IPTABLES -A FORWARD -m multiport -p udp -i $OURDEV -d $ANYADDR --dports $UDPOUT -j ACCEPT
$IPTABLES -A FORWARD -m multiport -p udp -i $OURDEV -s $ANYADDR --sports $UDPOUT -j ACCEPT
} && echo done

# ICMP - INCOMING
# We will allow ICMP datagrams in of the allowed types.
# echo -n Allowing ICMP datagrams in of the allowed types... && {
# $IPTABLES -A FORWARD -p icmp -i $ANYDEV -d $OURNET --icmp-type $ICMPIN -j ACCEPT
# } && echo done

# ICMP - OUTGOING
# We will allow ICMP datagrams out of the allowed types.
# echo -n Allowing ICMP datagrams out of the allowed types... && {
# $IPTABLES -A FORWARD -p icmp -i $OURDEV -d $ANYADDR --icmp-type $ICMPOUT -j ACCEPT
# } && echo done

# DEFAULT and LOGGING
# All remaining datagrams fall through to the default
# rule and are dropped. They will be logged if youve
# configured the LOGGING variable above.
#

# DoS
# enabling Syn-flood protection
echo -n Enabling Syn-flood protection... && {
iptables -A FORWARD -p tcp --syn -m limit --limit 1/s -j ACCEPT
} && echo done
# Enabling Furtive port scanner protection
echo -n Enabling Furtive port scanner protection... && {
iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j ACCEPT
} && echo done
# Enabling ping of death protection
echo -n Enabling ping of death protection... && {
iptables -A FORWARD -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT
} && echo done


if [ "$LOGGING" ]
then
# Log barred TCP
$IPTABLES -A FORWARD -m tcp -p tcp -j LOG
# Log barred UDP
$IPTABLES -A FORWARD -m udp -p udp -j LOG
# Log barred ICMP
$IPTABLES -A FORWARD -m udp -p icmp -j LOG
fi
#
# end.

Webforce Cart (wfCart) is a free PHP shopping cart class you can use a component of a PHP based online store. Its designed as a component for PHP developers who would rather write their own store rather than a complete solution.
Instructions and examples for the free PHP Shopping Cart
To use the cart in an existing script:
Rename wfcart.php.txt to wfcart.php and upload to your server.
Then include the file:
include("wfcart.php");
Start the session, and assign the cart to it. NOTE: You must include the file wfcart.php before you start the session, its just the way PHP works.
session_start();
$cart =& $_SESSION[cart];
if(!is_object($cart)) $cart = new wfCart();
Then you can use the functions like $cart->get_contents();, these functions are documented below.
Adding an Item - $cart->add_item( code , quantity , price , info )
If you have a widget with code AB313 and a price of $40.11, you can add it to the cart with :
$cart->add_item(AB313,1,40.11,Widget AB313 Standard);
If the item AB313 is alreay in the cart, then the quantity of it will be increased by the quantity supplied to the function, in this case 1. The itemid must be unique, and can be letters and/or numbers.
Deleting an Item - $cart->del_item( itemid );
E.g. to delete the item ID 123
$cart->del_item(123);
Changing the quantity of an item -
$cart->edit_item( itemid, new_quantity );
For example :
$cart->edit_item(HA2,3);
If you set the quanitity to zero, the item is deleted.
Getting the number of items in a cart
echo $cart->itemcount;
Getting the total value of the cart.
echo $cart->total;
Emptying the cart
$cart->empty_cart();
Getting the cart contents
$items = $cart->get_contents();
$items is an array, so the following code displays the items.
foreach($items as $item) {
echo "Code/ID :".$item[id]."
";
echo "Quantity:".$item[qty]."
";
echo "Price :".$item[price]."
";
echo "Info :".$item[info]."
";
echo "Subtotal".$item[subtotal]."
";
}
Note, subtotal is quantity X price for that item, not a running total..
Extending Webforce Cart
There are 2 functions you can create that will enable more flexability.
One is wf_get_price( itemid, qty ). If you need to do pricing based on Quantity ( e.g. bulk discounts ) then you can create a function called wf_get_price to do what you need itto do. If you do not pass a price to add_item, then the wf_ get_price function will be called. If you use this functionality, AND your price is quantity dependant, then you must uncomment the line in the edit_item function.
The other is wf_get_info, again, if you do not pass info to add_item then get_info will be called. TIP: you do not have to pass a string to add_item(), you could use an array of infomation instead. e.g. add_item( AS2112,5,19.95,array(size=>large,color=>red)); then when you use get_contents, you echo $item[info][color] etc.
Enhancements:
- The empty cart function was fixed.

mass.pl is the implementation of a relatively simple idea. Instead of interactively doing some task on one machine, then duplicating the effort on N other machines, write a shell script, then scp it to N machines and execute it as root.

Example

(sic@foo)($:~/mass)- ./mass.pl --name solaris --script pushsomething --su --sshpass
sudo password:
ssh password:

trying to run pushsomething on 1 machines
test

test

PING test.example.com (10.1.1.10) from 10.1.2.3 : 56(84) bytes of data.
64 bytes from 10.1.1.10: icmp_seq=1 ttl=64 time=0.142 ms

--- test.example.com ping statistics ---
1 packets transmitted, 1 received, 0% loss, time 0ms
rtt min/avg/max/mdev = 0.142/0.142/0.142/0.000 ms
pushsomething 100% |*****************************| 183 00:00
test.txt 100% |*****************************| 15 00:00
sic@tests password: sh-2.05a$ PS1=$ ; PATH=/usr/local/bin:/bin:/usr/bin:/usr/s;export PS1;export PATH
$ sudo -K ; sudo sh
Password:
$ PATH=/usr/local/bin:/bin:/usr/bin:/usr/sbin:/usr/local/sbin:/sbin ; export PATH
$ if [ `id|cut -d -f 1` = uid=0(root) ]; then PS1=# ; fi
# sh pushsomething && echo script done || echo script failed
script done
# /bin/rm pushsomething test.txt && echo removed pushsomething test.txt
removed pushsomething test.txt
#

1 passed: test
0 failed:
0 fatal errors:

Host enumeration is the act of determining the IP address of potential targets on a network. This can be done in both layer 2 and layer 3. Icmpenum project can send ICMP traffic for such enumeration.

The ICMP packets supported are: Echo, Timestamp, Information and Netmask. Furthermore, it supports spoofing and promiscuous listening for reply packets. Icmpenum is great for enumerating networks which allow ICMP traffic.

jZeno is a meta-project that integrates a collection of java open source libraries, to form a ready-to-use web development environment. jZeno is made to allow people to create web applications by using pure java development as much as possible. The main architectural goal of Largely reducing the need to know technologies like javascript, HTML, CSS, database specific SQL, and tons of different APIs.
Limiting the amount of APIs, technologies and programming styles allows developers to learn a smaller set of skills much deeper. We think this set of skills should be : a thorough understanding of java, OO development and design patterns.
We decided to create jZeno after growing more and more frustrated with JSP and Struts over the years. We hoped JSF would improve things but have come to the conclusion that it is mainly a commercially-driven API that does not really make development life any easier. So we started looking further and came across Echo, a toolkit for developing web applications in pure java. In a nutshell Echo provides you with an implementation of the Swing API for developing web applications. We have created an optimized version of the Echo toolkit to allow partial, and highly compressed updates of web pages, providing AJAX like performance (available in the upcoming 0.9 release).
While Echo provides an easy way of creating the presentation layer of a web application, some glue was still missing to turn it into a rapid development platform. So we decided to add a set of easy to use dynamic components, that provide an easy way to do data-binding, validation, event handling and such. Many useful components are also provided by the EchoPoint library, a collection of rich Echo components.
Besides the presentation layer jZeno also provides a number of services for facilitating the creation of business facades. This environment is similar to stateless session beans in the EJB specification, but witout the overhead of EJBs. These services include transaction management, dead-lock detection and retrying, performance monitoring, security checking, etc...
jZeno also uses Hibernate for O/R mapping inside you business facades. Besides these major functions jZeno contains out-of-the-box solutions for a host of other features any real-life web application needs. This inluces things like genrating reports in a pdf,xls,rtf and other formats (through JasperReports). It also includes live performance monitoring (JAMon) and heap monitoring of your application in its production environment, among other features...
jZeno applications have a traditional layered architecture. The tradidional 3 tiers are seperated : the presentation tier, the business tier and the domain model. The first tier is created by using the jZeno dynamic components and the lower level Echo and EchoPoint components. The business tier contains support for running your business logic, decorated with a stack of aspects that together create an environment very similar to stateless session beans (but with less requirements and configuration overhead). The domain model tier is basically the O/R mapping provided by Hibernate. jZeno provides a tightly integrated environment for all these tiers. In the future support for deploying on an EJB container may be added if required.
Enhancements:
- A bug in errormessagescomponent (warnings) has been fixed.
- Validation has been fixed to pre-render/rebind invisible pages on DynaTables before validation.
- The TTL for DNS caching has been set to a maximum of 5 minutes.
- SessionSyncFilter will always serialize unless using an image/script service.
- A McKoi startup bug when using hibernate annotations has been fixed.
- Processing of radio buttons with action listeners has been fixed.
- BigDecimalViewer and ComponentUI have been added for consistency.
- A bug in the NewsTicker component has been fixed.

IPv6 FireWall script is a firewall based on ip6tables.

firewall6.sh 122 lines

#!/bin/bash

# Basic IPv6 FireWall script by Dennis Kruyt (dennis@klingon.nl)
#
# Sun Jan 5 18:26:28 2003 - DK

#debug
#set -x

cd /opt/scripts/firewall

source ./config6
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/bin/X11

# change to script directory
cd ${SCRIPTSDIR}

SCRIPT=${SCRIPTSDIR}/firewall6.sh

case "$1" in
flush)
echo -e "Starting Firewall:"
${IPTABLE6} -F >> /dev/null 2>&1
${IPTABLE6} -X >> /dev/null 2>&1
echo -e "Setting defaults op ACCEPT!"
echo -e "ALERT: no firewall rules active"
#
${IPTABLE6} -P INPUT ACCEPT
${IPTABLE6} -P OUTPUT ACCEPT
${IPTABLE6} -P FORWARD ACCEPT
;;
start|reload)
echo -n "Starting Firewall: "
# paging!
#

# create a backup
TIME=`date +%s`
tar -czf /opt/backups/firewall/firewall.${TIME}.tar.gz /opt/scripts/firewall

# sending mail
mail email@address.com -s "Firewall - (re)started" < $0

# wait
sleep 1

# kerneloptions
echo -n "Loading Kernel options.."
./kernel_options6.sh

echo -n "Flushing and deleting all chains.."
${IPTABLE6} -F >> /dev/null 2>&1
${IPTABLE6} -X >> /dev/null 2>&1

# default policy
echo -n "Setting default policy DROP.."
${IPTABLE6} -P INPUT DROP
${IPTABLE6} -P OUTPUT DROP
${IPTABLE6} -P FORWARD DROP

# ?????????????
#${IPTABLE} -F -t mangle
#${IPTABLE} -t mangle -X

echo -e "Loading chains.."
# create chain blacklist
${IPTABLE6} --new blacklist
#And drop the evil ones
for i in $BLACKLIST6;do
${IPTABLE6} -A blacklist --src $i -j DROP
done

#icmp chain
${IPTABLE6} --new icmprules
${IPTABLE6} -A icmprules -p icmpv6 -j ACCEPT

# create out chain
${IPTABLE6} --new out
#localhost to localhost
${IPTABLE6} -A out --src $LOCALHOST6 --dst $LOCALHOST6 -j ACCEPT
# for now accept all outgoing IPv6 traffic
${IPTABLE6} -A out --src $SIXXS --dst $ANY6 -j ACCEPT

# create in chain
${IPTABLE6} --new in
#localhost to localhost
${IPTABLE6} -A in --src $LOCALHOST6 --dst $LOCALHOST6 -j ACCEPT
# for now accept all incomming IPv6 traffic
${IPTABLE6} -A in --dst $SIXXS --src $ANY6 -j ACCEPT

#All that are in trusted may ssh
for i in $THRUSTED6;do
${IPTABLE6} -A in -p tcp --dst $SIXXS --dport 22 --src $i -j ACCEPT
done

# jump to all ipv6 chains
${IPTABLE6} -A INPUT -j blacklist
${IPTABLE6} -A OUTPUT -j blacklist
${IPTABLE6} -A FORWARD -j blacklist

${IPTABLE6} -A INPUT -j icmprules
${IPTABLE6} -A OUTPUT -j icmprules

${IPTABLE6} -A INPUT -j in
${IPTABLE6} -A OUTPUT -j out

;;
show)
echo -e "Rules in the firewall: ${CHAIN} n"
${IPTABLE6} -L -n
;;
*)
echo -e "Usage: ${SCRIPT} {flush|start|reload|show} n"
exit 1
;;
esac
exit 0

config6 12 lines

export IPTABLE6=/sbin/ip6tables

export SCRIPTSDIR=/opt/scripts/firewall

export EXT="eth0" # device
export SIXXS="3ffe:8114:1000::50f/127" # extern

export ANY6="::/0"
export LOCALHOST6="::1/128"

export THRUSTED6=""

export BLACKLIST6="3ffe:8114:2fff:1391::1"

kernel_options6.sh 7 lines

#!/bin/bash


# forwarding on
#echo "1" > /proc/sys/net/ipv6 blablabla

# Set some other IPv6 proc settings
#echo "1" > /proc/sys/net/ipv6 blablabla