Archive for the ‘Internet protocol suite’ Category
Posted by jpluimers on 2018/12/12
Having mainly used ssh as a means to connect to a shell on remote machines and occasionally a manual port forward.
I never noticed autossh where you can automate the ssh logon process to keep permanent port forwards up and running. Cool!
It’s on my research list now, as this will be useful probably sooner than later:
My initial impression is that autossh is a wrapper around the regular ssh client that allows reconnection upon communication failures.
–jeroen
Posted in *nix, *nix-tools, Communications Development, Development, Internet protocol suite, Power User, SSH, TCP | Leave a Comment »
Posted by jpluimers on 2018/11/08
Based on:
- Download the most recent x64 Apache binaries for Windows from [WayBack] Apache VC15 binaries and modules download (at the time of writing: https://www.apachelounge.com/download/VC15/binaries/httpd-2.4.34-win64-VC15.zip )
- Extract recursively to
D:\bin
- Run the UltrawareController locally
- Run
D:\bin\httpd-2.4.34-win64-VC15\Apache24\bin\ab.exe -n 1000 -c 10 http://localhost:8000/foo
This will run the ab Apache benchmark tool with 1000 connections using 10 threads all doing the same http GET request at http://localhost:8000/foo
If you want to test TLS (https) connections, then you need to use the abs tool in the same directory as the ab tool supports http-only (when you still try, you get the message SSL not compiled in; no https support as explained in [WayBack] Add https support to Apache Bench on Windows – Stack Overflow).
Download location via [WayBack] windows – Is there any link to download ab Apache benchmark – Stack Overflow:
There are many more command-line parameters documented at [WayBack] ab – Apache HTTP server benchmarking tool – Apache HTTP Server Version 2.4, this is the summary:
Synopsis
ab [ -A auth-username:password ] [ -b windowsize ] [ -B local-address ] [ -c concurrency ] [ -Ccookie-name=value ] [ -d ] [ -e csv-file ] [ -f protocol ] [ -g gnuplot-file ] [ -h ] [ -Hcustom-header ] [ -i ] [ -k ] [ -l ] [ -m HTTP-method ] [ -n requests ] [ -p POST-file ] [ -Pproxy-auth-username:password ] [ -q ] [ -r ] [ -s timeout ] [ -S ] [ -t timelimit ] [ -Tcontent-type ] [ -u PUT-file ] [ -v verbosity] [ -V ] [ -w ] [ -x <table>-attributes ] [ -Xproxy[:port] ] [ -y <tr>-attributes ] [ -z <td>-attributes ] [ -Z ciphersuite ] [http[s]://]hostname[:port]/path
Via: [WayBack] apache – ab load testing – Stack Overflow
––jeroen
Posted in Communications Development, Development, HTML, HTTP, Internet protocol suite, Software Development, Web Development | Leave a Comment »
Posted by jpluimers on 2018/11/07
Posted in *nix, Awk, bash, Communications Development, Development, Internet protocol suite, Power User, Scripting, Software Development, SSH, TCP | Leave a Comment »
Posted by jpluimers on 2018/10/16
At [WayBack] Error when trying to signup using an email address with uppercase letters (#27898) · Issues · GitLab.org / GitLab Community Edition · GitLab, I commented this:
Both the :e-mail and :email_confirmation fields should get the same case processing treatment.
That treatment should consist of this:
- The part before the @ should be treated as case sensitive
- The part after the @ should be treated as case insensitive
This means that:
Foo@Example.Org and Foo@example.org are the sameFoo@example.org and foo@example.org are different
The main reason is that there are email systems expecting case sensitivity in the part before the @ sign.
I think excluding those users from being able to use GitLab is a bad idea.
See especially the comments at the Stack Overflow answer to Are email addresses case sensitive?
Relevant RFC 5321: Simple Mail Transfer Protocol sections:
Important comments:
I work at a large company and there is another person with the same first and last name. I discovered today that his local-part differs from mine only in capitalization. This has been working properly, so I was surprised to see “no widely used mail systems distinguish different addresses based on case”. We use MS Exchange which I would call “widely used”. – Matthew James Briggs Nov 24 ’15 at 20:14
RFC 5321 2.4. General Syntax Principles and Transaction Model – SMTP implementations MUST take care to preserve the case of mailbox local-parts. In particular, for some hosts, the user “smith” is different from the user “Smith”. Mailbox domains follow normal DNS rules and are hence not case sensitive. – Adam111p Apr 27 ’16 at 10:02
Most important parts of the answer:
From RFC 5321, section-2.3.11:
The standard mailbox naming convention is defined to be “local-part@domaiN“; contemporary usage permits a much broader set of applications than simple “user names”. Consequently, and due to a long history of problems when intermediate hosts have attempted to optimize transport by modifying them, the local-part MUST be interpreted and assigned semantics only by the host specified in the domain part of the address.
So yes, the part before the “@” could be case-sensitive, since it is entirely under the control of the host system. In practice though, no widely used mail systems distinguish different addresses based on case.
The part after the @ sign however is the domain and according to RFC 1035, section 3.1,
“Name servers and resolvers must compare [domains] in a case-insensitive manner”
–jeroen
Posted in Communications Development, Development, Internet protocol suite, SMTP, Software Development | Leave a Comment »
Posted by jpluimers on 2018/10/09
Netcat to the rescue waiting for a Windows 10 upgrade to finish (which can take hours):
while ! nc -z 172.22.0.67 3389; do echo "sleeping"; sleep 10; done; echo 'The server is up!'
Via: [WayBack] tcp – How can I trigger a script when a certain port becomes available for requests? – Unix & Linux Stack Exchange, quoting from the answer:
nc is Netcat, “the Swiss-army knife for TCP/IP”,-z means: do not send any data, just check if the port is open,while ! nc -z …; do sleep 0.1; done: keep checking and sleeping for one tenth of a second until the port opens up, i.e. Netcat returns with a zero (success) status.
–jeroen
Posted in *nix, *nix-tools, Communications Development, Development, Internet protocol suite, Power User, TCP, Windows | Leave a Comment »
Posted by jpluimers on 2018/08/01
Despite many posts saying you can use it on other than outbound connections, lets quote that it doesn’t:
MaxUserPort controls “outbound” TCP connections
[WayBack] MaxUserPort is used to limit the number of dynamic ports available to TCP/IP applications.
…
It’s never going to be an issue affecting inbound connections.
MaxUserPort is not the right answer if you think you have an inbound connection problem.
Source: [WayBack] MaxUserPort – what it is, what it does, when it’s important – Blog du Tristank
The side of the TCP connection that closes is gets the TIME_WAIT state, which means you should avoid your server to terminate connections because it then will run out of available ports. Clients should disconnect when done (or when done for the foreseeable future) otherwise the server gets the 2MSL TIME_WAIT penalty as for instance explained by [WayBack] TIME_WAIT and its design implications for protocols and scalable client server systems – AsynchronousEvents.
The solution for inbound connections is that your TCP based protocol should enforce either the client to close the connection, or to use some form of client pooling so there is no need for many connection setup/teardowns of short lived connections.
TIME_WAIT can last for about ~10 minutes if you are unlucky.
More recommended reading:
–jeroen
Posted in Communications Development, Development, Internet protocol suite, Software Development, TCP | Leave a Comment »
In this article, we will explain you how to restrict a SSH user access to a specific directory using chrooted jail in Linux systems.
The Wiert Corner - irregular stream of stuff 