GloboDyne.gr Blog

Colorized text from php in unix terminals

# first define colors to use
$_colors = array(
LIGHT_RED => “[1;31m",
LIGHT_GREEN => "[1;32m",
YELLOW => "[1;33m",
LIGHT_BLUE => "[1;34m",
MAGENTA => "[1;35m",
LIGHT_CYAN => "[1;36m",
WHITE => "[1;37m",
NORMAL => "[0m",
BLACK => "[0;30m",
RED => "[0;31m",
GREEN => "[0;32m",
BROWN => "[0;33m",
BLUE => "[0;34m",
CYAN => "[0;36m",
BOLD => "[1m",
UNDERSCORE => "[4m",
REVERSE => "[7m",

);
##############################################
# Output colorized text to terminal run
# php scripts..
##############################################
function termcolored($text, $color="NORMAL", $back=1){
global $_colors;
$out = $_colors["$color"];
if($out == “”){ $out = “[0m”; }
if($back){
return chr(27).”$out$text”.chr(27).”[0m”;#.chr(27);
}else{
echo chr(27).”$out$text”.chr(27).chr(27).”[0m”;#.chr(27);
}//fi
}// end function
##############################################

Step 1.
vi /etc/fail2ban/filter.d/asterisk.conf

[Definition]

#_daemon = asterisk

# Option: failregex
# Notes.: regex to match the password failures messages in the logfile. The
# host must be matched by a group named “host”. The tag “” can
# be used for standard IP/hostname matching and is only an alias for
# (?:::f{4,6}:)?(?P\S+)
# Values: TEXT
#

failregex = NOTICE.* .*: Registration from ‘.*’ failed for ‘:.*’ – Wrong password
NOTICE.* .*: Registration from ‘.*’ failed for ‘:.*’ – No matching peer found
NOTICE.* .*: Registration from ‘.*’ failed for ‘:.*’ – Username/auth name mismatch
NOTICE.* .*: Registration from ‘.*’ failed for ‘:.*’ – Device does not match ACL
NOTICE.* failed to authenticate as ‘.*’$
NOTICE.* .*: No registration for peer ‘.*’ (from )
NOTICE.* .*: Host failed MD5 authentication for ‘.*’ (.*)
VERBOSE.* logger.c: — .*IP/-.* Playing ‘ss-noservice’ (language ‘.*’)

# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.
# Values: TEXT
#
ignoreregex =

Step 2.
vi /etc/fail2ban/jail.conf

[general]

ignoreip = 127.0.0.1 youripaddress (don’t ban yourself)

[asterisk-iptables]

enabled = true
filter = asterisk
action = iptables-allports[name=ASTERISK, protocol=all]
sendmail-whois[name=ASTERISK, dest=root, sender=fail2ban@example.org]
logpath = /var/log/asterisk/full
maxretry = 3
bantime = 600

Step 3.

chkconfig fail2ban on
/etc/init.d/fail2ban start

Step 4.
check if your fail2ban is running

iptables -L -v

you should see something like this

Chain fail2ban-ASTERISK (1 references)
pkts bytes target prot opt in out source destination
2013K 377M RETURN all — any any anywhere anywhere

Now try to register on your elastix with the false credentials, also remeber test it from the ip which is not in ignoreip list. if everything goes well after 3 attempts you’ll be baned for 3600 seconds!

Sometimes you may need to make sure that the user is browsing your site over secure connection. An easy to way to always redirect the user to secure connection (https://) can be accomplished with a .htaccess file containing the following lines:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

In case you wish to force HTTPS for a particular folder you can use:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} myfolder
RewriteRule ^(.*)$ https://www.example.com/myfolder/$1 [R,L]

The .htaccess file should be placed in the folder where you need to force HTTPS.

rm /etc/localtime
ln -s /usr/share/zoneinfo/Europe/London /etc/localtime

If you don’t know how to validate the IP address format in PHP, then you are in the right place.

I’ll show you here how to validate the IP address using regular expression in PHP.

IP address consists four parts. Each parts separated by period “.” and these part consists the digits which ranges from 0 to 255.

Function to validate IP address in PHP using Regular Expression

//function to validate ip address format in php
function validateIpAddress($ip_addr)
{
//first of all the format of the ip address is matched
if(preg_match(“/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/”,$ip_addr))
{
//now all the intger values are separated
$parts=explode(“.”,$ip_addr);
//now we need to check each part can range from 0-255
foreach($parts as $ip_parts)
{
if(intval($ip_parts)>255 || intval($ip_parts)<0)
return false; //if number is not within range of 0-255
}
return true;
}
else
return false; //if format of ip address doesn’t matches
}

As you can see above, first of all the format of the “$ip_addr” is validated using regular expression. In the regular expression “\d{1,3}” means that there should be digits which can be either 1 to 3 digits because a IP Adress can be “222.0.123.12″ or
“12.15.123.5″. So, each part can consists 1 to 3 digits.

After validating the format using regular expression, each part of the IP address is separated using period(“.”) using explode() function available in PHP. And finally, it is checked that each part of the IP address is between 0 to 225 or not.

What to note is that differnet scripts use different IP to Address databases. Some are better than others.

If you’re interested in writing your own, you can download a database from sourceforge, or http://www.hostip.info for example..

Then use it to get the country from the IP.

Another way is to use a webservice.

For instance you can use this one:
http://www.hostip.info/use.html

To get the country would be:

http://api.hostip.info/country.php?ip=$IP

Where $IP is the user IP.

PHP would look something like:

<?php

$country = ”;
$IP = $_SERVER['REMOTE_ADDR'];

if (!empty($IP)) {
$country = file_get_contents(‘http://api.hostip.info/country.php?ip=’.$IP);
}
?>

n this tutorial, I will use pptp as protocol to connect to VPN server using a username and password, with 128 bit MPPE encryption. Variable as below:

OS: CentOS 6 64bit
VPN server:  209.85.227.26
VPN client IP: 209.85.227.27 - 209.85.227.30
VPN username: vpnuser
Password: myVPN$99

1. Install ppp via yum:

$ yum install ppp -y

2. Download and install pptpd (the daemon for point-to-point tunneling). You can find the correct package at this website http://poptop.sourceforge.net/yum/stable/packages/ :

$ cd /usr/local/src
$ wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-2.el6.x86_64.rpm
$ rpm -Uhv pptpd-1.3.4-2.el6.x86_64.rpm

3. Once installed, open /etc/pptpd.conf using text editor and add following line:

localip 209.85.227.26
remoteip 209.85.227.27-30

4. Open /etc/ppp/options.pptpd and add DNS resolver value:

ms-dns 8.8.8.8

5. Lets create user to access the VPN server. Open /etc/ppp/chap-secrets and add the user as below:

vpnuser pptptd myVPN$99 *

6. We need to allow IP packet forwarding for this server. Open /etc/sysctl.conf via text editor and change line below:

net.ipv4.ip_forward = 1

7. Run following command to take effect on the changes:

$ sysctl -p

8. Allow IP masquerading in IPtables:

$ iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

9. Turn on the pptpd service at startup and reboot the server:

$ chkconfig pptpd on

To enable snmp you have to use telnet to connect to the speedtouch router.

telnet x.x.x.x

After this type in the following commands:

service system modify name=SNMP_AGENT state=enabled

to check if it is really enabled type:

service system list

Default the community string is public. If you want to change it to your own one type the following cli:

snmp community add securityname=ROCommunity communityname=<community>

If you have a Linux System you can also check if it’s working. Go to your bash shell and type the following command:

snmpwalk -m ALL -v1 -c <communitystring> <ip address router>

CentOS 6 still doesn’t by default include mcrypt in it’s distribution on repositories.

There is hope, EPEL to the rescue again:

rpm -ivh http://download.fedora.redhat.com/pub/epel/6/x86_64/epel-release-6-5.noarch.rpm

yum update

yum install php-mcrypt

**Please note the above download is for CentOS 6 x86_64**

Using PHP to convert MySQL query result to Excel format is also common especially in web based finance applications. The finance data stored in database are downloaded as Excel file for easy viewing. There is no special functions in PHP to do the job. But you can do it easily by formatting the query result as tab separated values or put the value in an HTML table. After that set the content type to application/vnd.ms-excel