Difficiles Nugae Labs

FH_DATE_PAST_20XX spamassassin false positives

January 7th, 2010

Spamassassin is a good way to fight spam but a quite curious bug went out in the beginning of the new year. This bug may produce a great number of valid mail messages tagged as spam.
The reason is all mail messages will match the FH_DATE_PAST_20XX rule since the 1st january 2010.
When the current release (3.2.5) was released, a message date in the year 2010 was reasonable seen as a bad mail, but now we are …in the future.
So, this rule

##{ FH_DATE_PAST_20XX
header FH_DATE_PAST_20XX Date =~ /20[1-9][0-9]/ [if-unset: 2006]
describe FH_DATE_PAST_20XX The date is grossly in the future.
##} FH_DATE_PAST_20XX

have to be disabled, waiting for the new spamassassin release.
The way suggested by spamassassin staff is to add the following line in the local.cf file:

score FH_DATE_PAST_20XX 0.0

Tags: spam, spamassassin
Posted in kludges | No Comments »

wrapped nagios plugin to enable performance data

December 29th, 2009

In the nagios world, PNP4Nagios is an useful tool for collecting measures and drawing a graphic, e.g. to show the use of a monitored resource.
A plugin for PNP4Nagios is useful if it’s able to write some performance data.

So, the plugin output should be something like

PING OK – Packet loss = 0%, RTA = 0.26 ms|’ping reply time’=26ms

instead of

PING OK – Packet loss = 0%, RTA = 0.26 ms

If Your plugin does’n write performance data, You can put a simple shell scritp between nagios and the plugin with a small modification of Your nagios config.

/etc/nagios/commands.cfg

define command{
command_name wrapped_ping
command_line /usr/lib/nagios/plugins/wrapped_ping $HOSTADDRESS$ $ARG1$ $ARG2$
}
/etc/nagios/services.cfg

define service{
use generic-service ; Name of service template to use

host_name intranet
service_description PING
is_volatile 0
check_period 24×7
max_check_attempts 3
normal_check_interval 5
retry_check_interval 1
contact_groups admins
notification_interval 120
notification_period 24×7
notification_options w,u,c,r
check_command wrapped_ping!100.0,20%!500.0,60%
}
/etc/nagios/serviceextinfo.cfg

define serviceextinfo {
host_name intranet
service_description PING
action_url /nagios/share/index.php?host=$HOSTNAME$&srv=$SERVICEDESC$
}

Here You can download my version of the wrapped_ping shell script I wrote.

Tags: nagios
Posted in Notes | No Comments »

nagios plugin using expect and shell scripting

October 13th, 2009

In some cases, if You need to monitor some remote host resource without SNMP or any other simplest way, maybe You need to write a shell nagios plugin calling an expect script. A quite strange way, I admit.

Well, You can write something like that:

MYRESULT=$(/usr/bin/expect – << EOF
set timeout -1

spawn ssh $MYUSERNAME@$MYHOSTNAME
expect {
ssword: {
send “$MYPASSWORD\r”
}
}
expect {
bash-prompt {
send “$MYCOMMAND\r”
}
}
expect {
bash-prompt {
send “exit\r”
}
}
EOF)

Tags: expect, nagios
Posted in Notes | 1 Comment »

ssh tunnel to get into a private network

September 13th, 2009

If Your Linux box is inside a private network and You need some friend of yours get in, ssh may help You: from the linux box try

ssh -R afreeport:localhost:22 user@remote.host.name

E.g. the command

ssh -R 2048:localhost:22 jose@nic-nac-project.de

opens a shell on the nic-nac-project.de host redirecting all connections to port 22 (ssh) to the 2048 port.
It means while your ssh session is opened, all the users logged into nic-nac-project.de host can get inside your Linux box opening a ssh session to 2048 port of localhost.

ssh -p 2048 localhost

Obviously ssh server daemon have to be running on the linux box!

Tags: ssh
Posted in Notes | No Comments »

NFS mount from an AIX client

August 26th, 2009

Today I had to mount a NFS linux machine (e.g. 192.168.33.33) from an AIX client.
So I noticed the “normal” mount command may not work:

# mount 192.168.33.33:/opt/something /home/guest/tmp
mount: 1831-008 giving up on:
192.168.33.33:/opt/something
vmount: Operation not permitted.

As reported by Doomlands of the Lunatics, apparently, AIX uses high ports to establish the connectivity to NFS Server, but Linux NFS Server requires low ports (below 1024). For this reason We have to tell AIX to use those reserved ports.

# nfso -o nfs_use_reserved_ports=1
Setting nfs_use_reserved_ports to 1

OK, now We can mount the directory on the Linux NFS server:

# mount 192.168.33.33:/opt/something /home/guest/tmp

Tags: aix, nfs
Posted in kludges | 2 Comments »

How to make a Debian Lenny Box leave a M$ Active Directory Domain

July 9th, 2009

In order to remove a linux box from an Active Directory domain, just do a

# net ads leave -U adminaccount -W DOMAIN

Tags: Active Directory, debian, samba
Posted in Notes | No Comments »

A “case” history for MySQL select distinct

June 23rd, 2009

on an old linux running mysql4.0.x, I noticed a simple SQL query

select distinct item from tablename

returned a case insensitive results (e.g. “foo”, “FOO, “Foo” was listed on a different rows).

But how to obtain a unique record “foo” from a select distinct?

Reading this post I was able to obtain a case insensitive result from my “select distinct” SQL query.

# mysqldump dbname > dbname.dump
# mysqladmin drop dbname
# mysqladmin create dbname
# vi dbname.dump

using vi the editor I added the “binary” attribute to the record definition, for instance

create table kludges ( shortdesc varchar(100) BINARY, fulldesc text)

and then

# mysql dbname < dbname.dump

Tags: mysql
Posted in kludges | No Comments »

Windows monitoring with nagios

May 22nd, 2009

Nagios is a good monitoring system in the GPL world.

You can be informed in “real time” about the state of your systems, even if You need to know the state of a M$ host. 😉
Recently I have found a strange error in monitoring a Windows host: NSClient – ERROR: Could not get data for 5 perhaps we don’t collect data this far back? or NSClient – ERROR:Failed to get PDH value.

A strange error from a windows host

In the NSClient++ logs, I found some strange lines like this:

\PDHCollector.cpp(133) Failed to open performance counters: \?¦ƒ¦(_total)\?¦ƒ¦: PdhAddCounter failed: -1073738824: The specified object is not found on the system.

The solution is in rebuilding the performance counter files. On windows 2003 this could be done with:

C:\> lodctr /R

Tags: nagios, NSCLient++
Posted in kludges | 1 Comment »