Ryan Byrd's Tech Ramblings

I interviewed an IT helpdesk guy today and I asked him these five questions. I thought they were relevant. He probably thought I was being a jerk.

• You are given a pile of salt and pepper mixed. How do you unmix it?
• How do you move a mountain. Literally. Like how would you move Mt. Timpanogos three miles to the east.
• How would you counterfeit a $100 bill
• How would you rob an armored car for less than $100k. Nobody can get hurt and you can’t get caught.
• How would you overthrow a dictator in a 3rd world country?

Maybe you have a ton of files with some text string that you need to replace. Perl is good for that:

perl -p -i -e 's/search/replace/' *

but that searches all files, which can be slow, so…

perl -p -i -e 's/search/replace/g' `find ./ -name '*.html'`

that just does .html files
Also, if you want to replace more than once in a file, use:

perl -p -i -e 's/search/replace/g' *

I don’t know if this is any faster, but you could always only feed perl the files you find though grep:

perl -p -i -e 's/search/replace/g' `grep -ril search *`

Maybe you have a couple of MySQL servers and occasionally you failover and make the slave the master. Then you have to make code changes to all of your load-balanced web applications to point to IP address of the slave. Instead, you could have a virtual IP address, a VIP, which is just an IP address that is shared on either the master or the slave. Below, are three scripts for managing the VIP assignment I just wrote. The VIP is 10.1.1.150
VIPon.sh

#!/bin/bash
VIPCHECK=`ping MYSQLVIP -c 1|tail -2|head -n 1|grep -v "1 error"` #check to see if VIP is in use
LOCALVIPCHECK=`ifconfig|grep "10.1.1.150"`
if [ "$LOCALVIPCHECK" != '' ]; then
echo "VIP is already added locally."
exit 1;
fi
if [ "$VIPCHECK" != '' ]; then
echo "VIP is in use. remove from other server first"
exit 1;
fi
echo "Adding MYSQLVIP to interface"
ip addr add 10.1.1.150 dev eth0:0 label eth0:0
echo "The VIP has been added."

VIPoff.sh

#!/bin/bash
LOCALVIPCHECK=`ifconfig|grep "10.1.1.150"`
if [ "$LOCALVIPCHECK" = "" ]; then
echo "VIP is not set locally."
exit 1;
fi
ip addr delete 10.1.1.150/32 dev eth0:0
arp -d 10.1.1.150 > /dev/null 2>&1
echo "The VIP has been removed."

VIPcheck.sh

#!/bin/bash
arp -d 10.1.1.150 >/dev/null  2>&1
VIPCHECK=`ping MYSQLVIP -c 1|tail -2|head -n 1|grep -v "1 error"` #check to see if VIP is in use
LOCALVIPCHECK=`ifconfig|grep "10.1.1.150"`
if [ "$LOCALVIPCHECK" != '' ]; then
echo "This server has the VIP."
exit 1;
fi
if [ "$VIPCHECK" != '' ]; then
echo "The other server has the VIP."
exit 1;
fi
echo "The VIP is not in use."

On Saturday morning a hacker from Mauritius managed to flood a friend’s Apache servers to the extent they started issuing 503s. Mauritius. Where the h3ll is Mauritius? Turns out, it is a smallish island 900KM off the shores of Madagascar that is evidently running a muck with black hats. That got me thinking, What good traffic ever comes out of most African and former Soviet republic countries? Are you sick of getting phpmyadmin hacked by Romanians? Tired of Nigerian spam emails? Through with Croatians port scanning you? You might consider blocking the lot of them. Here are the countries on the suspicious traffic list:

• Bosnia and Herzegovina
• Bulgaria
• Croatia
• Egypt
• Ghana
• Indonesia
• Lithuania
• Malaysia
• Morocco
• Nigeria
• Pakistan
• Romania
• Russia
• Serbia
• Slovenia
• Turkey
• Ukraine

Here are some firewall rules to accomplish this: (likely out of date, so go generate your own here: www.blockacountry.com )
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 58.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 61.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 124.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 126.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 202.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 210.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 218.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 220.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 222.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 196.192.0.0/16 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 80.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 81.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 82.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 83.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 84.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 85.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 86.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 87.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 88.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 89.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 90.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 91.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 193.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 194.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 212.224.0.0/16 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 212.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 213.0.0.0/8 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 217.68.146.190/16 -j REJECT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 217.0.0.0/8 -j REJECT

I’d like to apologize preemptively to the Russians, who are wicked smart, and the Romanians who have really pretty women.

Remember Linear Algebra when you learned about how to construct a matrix to perform 3D operations on a point? The rotation matrix about the Y axis looks like:

cos(a) 		0 	sin(a)
0 		1 	0
-sin(a) 	0 	cos(a)

so, for 90 degrees, rotating the point (1,0,0), we have:

           [0  0  1]   
[1 0 0 ] x [0  1  0] = [0 0 1]
           [-1 0  0]

Let’s say you have a Wavefront Technologies .obj file which contains 7124 vertexes and you’d like to rotate it sixty degrees. You might use this code:

function rotateY($angle)
{
    $c = round(cos($angle),6);
    $s = round(sin($angle),6);
    $matrix[0][0] = $c; 
    $matrix[1][0] = 0.0;
    $matrix[2][0] = -$s;
    $matrix[0][1] = 0.0;
    $matrix[1][1] = 1;
    $matrix[2][1] = 0.0;
    $matrix[0][2] = $s;
    $matrix[1][2] = 0.0;
    $matrix[2][2] = $c;
    return $matrix;
}
$matrix=rotateY(deg2rad(60));
function rotatePoint($x,$y,$z)
{
        $data=array(array($x,$y,$z));
        global $matrix;
        for ($rows=0;$rows<3;$rows++)
        {
           $rowValue=0;
           for($columns=0;$columns<3;$columns++)
           {
                $rowValue+=$data[0][$columns]*$matrix[$columns][$rows];
           }
           $newArray[0][$rows]=$rowValue;
        }
        return $newArray;
}
 
$lines=file($filename);
$length=count($lines);
for($i=0;$i<$length;$i++)
{
        if (strpos($lines[$i],"v ")!== false)
        {
                list($v,$x,$y,$z)=split(' ',$lines[$i]);
                $vertexCnt++;
                $z=trim($z);
                $newArray=rotatePoint($x,$y,$z);
                $newX=sprintf("%f",$newArray[0][0]);
                $newY=sprintf("%f",$newArray[0][1]);
                $newZ=sprintf("%f",$newArray[0][2]);
                echo("newX: $newX, newY: $newY, newZ: $newZ\n");
        }
}

PHP has a couple of matrix classes (Math_Matrix and Math_Vector), but they are big, buggy and huge memory hogs, so I didn’t use them.