Recently I rewrote one of my Bash Shell Scripts that blocks TOR proxy exit nodes. It does this by doing numerous DROPs in IPTABLES and because of this, it take 1 minute or so to go through all of them. I decided that it would be nice to have a progress bar display in the shell while it was running to give me an idea how far along it was (You can see the final script at the bottom of this post).
I started to look around for some BASH scripts that have a progress bar and I found 2 notable ones; the first one is called Bar and the second PV (Pipe Viewer). These were nice but I actually needed something that was more based on strictly elements in an array. I reused some code and then optimized it a bit and I got something that is not only very customizable but also will resize the progress bar depending on the window size, much like WGET’s progress bar. The code is here:
lib_progress_bar() {
local current=0
local max=100
local completed_char="#"
local uncompleted_char="."
local decimal=1
local prefix=" ["
local suffix="]"
local percent_sign="%"
local max_width=$(tput cols)
local complete remain subtraction width atleast percent chars
local padding=3
local OPTIND
while getopts c:u:d:p:s:%:m:hV flag; do
case "$flag" in
c) completed_char="$OPTARG";;
u) uncompleted_char="$OPTARG";;
d) decimal="$OPTARG";;
p) prefix="$OPTARG";;
s) suffix="$OPTARG";;
%) percent_sign="$OPTARG";;
m) max_width="$OPTARG";;
(h) lib_help;;
(V) echo "$lib_script_name: version $Revision$ ($Date$)"; exit 0;;
(*) lib_usage;;
esac
done
shift $((OPTIND-1))
current=${1:-$current}
max=${2:-$max}
if (( decimal > 0 )); then
(( padding = padding + decimal + 1 ))
fi
let subtraction=${#completed_char}+${#prefix}+${#suffix}+padding+${#percent_sign}
let width=max_width-subtraction
if (( width < 5 )); then
(( atleast = 5 + subtraction ))
echo >&2 "the max_width of ($max_width) is too small, must be atleast $atleast"
return 1
fi
if (( current > max ));then
echo >&2 "current value must be smaller than max. value"
return 1
fi
percent=$(awk -v "f=%${padding}.${decimal}f" -v "c=$current" -v "m=$max" 'BEGIN{printf('f', c / m * 100)}')
(( chars = current * width / max))
# sprintf n zeros into the var named as the arg to -v
printf -v complete '%0*.*d' '' "$chars" ''
printf -v remain '%0*.*d' '' "$((width - chars))" ''
# replace the zeros with the desired char
complete=${complete//0/"$completed_char"}
remain=${remain//0/"$uncompleted_char"}
printf '%s%s%s%s %s%s\r' "$prefix" "$complete" "$remain" "$suffix" "$percent" "$percent_sign"
if (( current >= max )); then
echo ""
fi
}
if [ ! -z $1 ] && [ $lib_script_name = "lib_main" ]; then
"$1" "$2" "$3" "$4" "$5" "$6" "$7" "$8" "$9" "${10}" "${11}" "${12}" "${13}" "${14}" "${15}"
fiHere are some examples to demostrate how it works:
# [#########################################..........................................] 50.0%
for i in {1..100}; do
lib_progress_bar $i 100
done# [@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@__________________________________________] 50.0%
for i in {1..100}; do
lib_progress_bar -c '@' -u ' ' $i 100
done
# (****************************** ) 50 percent
for i in {1..754}; do
lib_progress_bar -c '*' -u '-' -d 0 -p ' (' -s ')' -% ' percent' -m 75 $i 754
done
#|******.......|-- 50.00%
for i in {1..100}; do
lib_progress_bar -c '*' -u '.' -d 2 -p '|' -s '|--' -% ' ' -m 25 $i 100
done
# [######################----------------------] 51.43%
for i in {1..1241}; do
lib_progress_bar -d 2 -m 55 $i 1241
done
Finally, here is a real-world example showing how to use it for blocking TOR nodes:
#!/bin/bash
IPTABLES_TARGET="DROP"
IPTABLES_CHAINNAME="TOR"
WORKING_DIR="/tmp/"
# get IP address of eth0 network interface
IP_ADDRESS=$(ifconfig eth0 | awk '/inet addr/ {split ($2,A,":"); print A[2]}')
if ! iptables -L "$IPTABLES_CHAINNAME" -n >/dev/null 2>&1 ; then #If chain doesn't exist
iptables -N "$IPTABLES_CHAINNAME" >/dev/null 2>&1 #Create it
fi
cd $WORKING_DIR
wget -q -O - http://proxy.org/tor_blacklist.txt -U NoSuchBrowser/1.0 > temp_tor_list1
sed -i 's|RewriteCond %{REMOTE_ADDR} \^||g' temp_tor_list1
sed -i 's|\$.*$||g' temp_tor_list1
sed -i 's|\\||g' temp_tor_list1
sed -i 's|Rewrite.*$||g' temp_tor_list1
wget -q -O - "https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=$IP_ADDRESS&port=80" -U NoSuchBrowser/1.0 > temp_tor_list2
wget -q -O - "https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=$IP_ADDRESS&port=9998" -U NoSuchBrowser/1.0 >> temp_tor_list2
sed -i 's|^#.*$||g' temp_tor_list2
iptables -F "$IPTABLES_CHAINNAME"
CMD=$(cat temp_tor_list1 temp_tor_list2 | uniq | sort)
UBOUND=$(echo "$CMD" | grep -cve '^\s*$')
for IP in $CMD; do
let COUNT=COUNT+1
lib_progress_bar $COUNT $UBOUND
iptables -A "$IPTABLES_CHAINNAME" -s $IP -j $IPTABLES_TARGET
done
iptables -A "$IPTABLES_CHAINNAME" -j RETURN
rm temp_tor*
No tags
I have updated to the jQ theme by http://devolux.nh2.me/.
I really liked the default look and I just made some minor changes to suit my needs. I added a welcome paragraph to index.php and also changed the CSS for hyperlinks to actually be underline to help them stand out more. I also sized strong/bold elements to be a tad bit bigger than the other text, but it doesn’t show much.
I am actually looking to perhaps implement an inline code block similar to how www.stackoverlow.com let’s you do with the `codehere` command. It would have the same basic idea but be rounded and not just a sqaure.
No tags
18
Hiding MySQL Passwords In PHP Using Apache Environment Variables
3 Comments · Posted by Brian Hare in Tutorials
This technique assumes you are running Apache Web Server and have access to edit the Apache configuration files; this technique can be used with .htaccess files but it’s not as secure. It’s generally geared towards users who don’t like having important passwords or information in PHP files owned by Apache’s user (www-data, nobody, etc). This is especially more risky if you don’t limit where users can open files or run suPHP or similar
This technique works by including a root owned file into the public run-time environment variables of apache. using Apache directives you can control which site or even page has access to these variables.
No tags
Back again
Brian’s back
tell a friend
OK, but seriously. I am not really the type to blog much because I am quite lazy and even though I am always working on something or busy, I never really want to document what I am doing. Lately though I’ve been tweaking alot of personal stuff as if its going to be released to the public, so I decided to come back and give this another shot.
I originally lost hope in this blog and when I found a new way to secure my MySQL passwords in PHP code, I didn’t bother to update brianhare.com with this handy trick. I ended up changing the MySQL password for the database and never really cared to update it for this blog. Not anymore though.
I will start things off in explaining the apache trick to securing secret passwords in PHP.
No tags
18
Why depreciate the TARGET attribute in HTML Strict?
No comments · Posted by Brian Hare in Problems
The HTML Strict standard does not allow for the target attribute to be applied to a tags. This means that you can no longer force a new window to open with valid strict HTML.
One of the reasonings for this seems to be that “It should be up to the end user, not the web site, to decide if a link should be opened in the same window, a new window or a new tab; web developers shouldn’t force such behavior on people.” (Reference: Robert Nyman)
(more…)
No tags
