configuring ipfw on mac os x 10.3: revisited.

It has been a few months since I first posted about configuring ipfw on Mac OS X. Since then I have had a few random issues with startup that may have been related to my firewall settings, but I was never able to really hone in on the exact problem (because the problem was not constant, and the logs were not useful). After MacDevCenter recently posted an article on configuring ipfw I took a few minutes to see how they had everything configured and set up, then tweaked my firewall. To my pleasure, I have my new configuration running on my computers and have had no problems.
What I changed:

  • ipfw.conf: add 02000 allow ip from any to any via lo0 to add 02000 allow ip from any to any via lo*
  • /Library/StartupItems/ipfw/ipfw: my new file.
  • /etc/hostconfig: Add: FIREWALL=-YES-
  • /Library/StartupItems/ipfw/StartupParameters.plist: my new file
  • new syntax in the ipfw.conf (rules are still the same, ecept for my noted change above): my new file

Why did I change my files? I figured O’Reilly knew what they were talking about, and I liked their code better than what I orginally found. Now I am confident in my setup and can recommend it for everyone who is interested in customizing their firewall rules more than Apple allows with their GUI.

Mac OS, UNIX, and Web Development Training

I have been looking for good Mac (not MAC) OS and UNIX training opportunities and think I finally came up with the missing piece, Big Nerd Ranch. Over the years, I have looked for good training for Mac OS X/Mac OS X Server, Apache, PHP, and other web technologies, but have often come up empty handed or less than satisfied. So if you are looking for some decent training, here is what I would recommend:

what is going on here?

What is going on here? Adobe announced http://opensource.adobe.com/ which allows the open source community to have access to some of Adobe’s great C++ libraries in the past few days. I am, for the first time in my life, installing a non Apple OS on my PowerBook…Mandrake Linux 10.1. Wow. Sun…your turn…and please do not forget about us PPC users 😉 . What is next? Oh that’s right, I am also installing my friend Mac OS X Server on my PB too. I am never quite sure why, but at this point…why not?

random bookmarks and such.

I recently went through my bookmarks and realized I had some cool stuff bookmarked, but forgot about it and wanted to share.

Apple/Mac

UNIX Tools/Tips/Tech Resources

Music:

Fun Stuff

my OS X web development setup.

If you find yourself developing more than one web site at home, or anywhere with a *NIX machine with Apache, and want to be able to access all the sites for testing, it is time to set up Virtual Hosts. By using Virtual Hosts, you can access all your web sites easily (especially if you use absolute links) and separately by typing in: http://jappler/ and http://bareminimum/ and http://other. How does this work? Like I mentioned before, the first step is to set up Virtual Hosts. The second step is to edit your /etc/hosts file so you can assign names to your localhost address (jappler for http://jappler/)
Setting up Virtual Hosts

  • To set up virtual hosts, you will need to edit your Apache configuration (sudo pico /etc/httpd/httpd.conf). You can make a number of changes in the Apache configuration to set up an environment that is right for you, but for now, all you are concerned about is located at the end of the standard config file.
  • Uncomment the line: NameVirtualHost *:80 (delete the number sign in front of the line)
  • Add in your Virtual Hosts information:

    ServerAdmin [email protected]
    DocumentRoot /Volumes/www/Sites/jappler.com/web_files
    ServerName jappler
    ErrorLog /Volumes/www/Sites/jappler.com/logs/error_log
    CustomLog /Volumes/www/Sites/jappler.com/logs/access_log common


    To break it down line by line:

    • ServerAdmin: your email address, not really too important for local testing.
    • DocumentRoot: where your site files are located.
    • ServerName: This is the name you want to use when to test the web site in your browser (ex. I use jappler for http://jappler/)
      *This will also match the name you will add to your /etc/hosts file)
    • ErrorLogs: Location of your error logs. You can create separate log files for each hostname, or use one log file for all errors.
    • CustomLog: Location of your access logs. You can create separate log files for each hostname, or use one log file for all access information.
  • For more information on Virtual Hosts, check out other Virtual Host options.
  • Modifying the /etc/hosts file

    • You will need to edit the /etc/hosts file (sudo pico /etc/hosts).
    • Your /etc/hosts file will look like: ##
      # Host Database
      #
      # localhost is used to configure the loopback interface
      # when the system is booting. Do not change this entry.
      ##
      127.0.0.1 localhost
      255.255.255.255 broadcasthost
      ::1 localhost

      You will need to add in the site names you want, after the 127.0.0.1 localhost line. You can add in as many as you want, but know these will only work on your local machine. More on the /etc/hosts file. Using pico or any other editor, add the hostnames you want to use locally to the /etc/files so it will now look like this (see changes in bold):

      127.0.0.1 localhost
      127.0.0.1 jappler
      127.0.0.1 thebareminimum
      127.0.0.1 other

      255.255.255.255 broadcasthost
      ::1 localhost

      *Make sure your hostnames match the names you used in your Apache Virtual Host section

    Once you have your Virtual Host information in place, and you have editted your /etc/hosts file, it is time to start up Apache. To start, stop, or restart Apache, you can use apachectl in the command line. On Mac OS X, this is located: /usr/sbin/apachectl and in most UNIX/Linux distributions, it is located: /usr/local/apache/bin/apachectl. To use it, you can type in (on Mac OS X) sudo /usr/sbin/apachectl stop (to stop Apache). To start Apache type in: sudo /usr/sbin/apachectl start. If you have any syntax errors, Apache will display them after you type in that command, if not and everything is ok, you will get the message: /usr/sbin/apachectl start: httpd started.
    Now you are all set to serve your web projects on your local machine with unique names for testing purposes! Questions? Just ask.
    [tags]Mac OS X, web development, apache, vhosts[/tags]

    cheers! windows applications without windows.

    This weekend, in between validatint my code, football, and SoCom II, I ran into a cool project that I think is worth mentioning: Darwine. For people like me that do not always have access to a PC but believes in QA for multiple browsers/platforms, there are times when all I need is IE for Windows. I do not want to buy a PC or super slow Virtual PC…I just need to open a window or two in IE, look at it, make adjustments to my code and get on with my day. Enter: Darwine. Darwine is an open source project/port of Wine for Darwin/Mac OS X. Darwine (and Wine) provide users like me who only need to use an application or two the abilty to do so without using Windows. Very cool. The project is still in the early stages, but something to watch in the next few months.

    sed and awk.

    In my latest bit of training, I learned about sed and awk.
    sed is a line editor (stream editor) (scripting with ed).
    awk is a pattern-directed scanning and processing language and divides each line to fields by separating words by spaces or other specified field separators.

    Some tidbits about using sed to quickly edit files:

    • To use multiple commands in one line, separate the commands by semi-colons ( ex. sed -n '/jappler/s/=/!/g ; /jappler/p' jappler.txt) the example command will look for all lines with jappler and on those lines, it will replace all equal signs with exclamation points in the text document jappler.txt, then print (-p) all occurances of jappler.
    • To save changes to files, you would perform your sed command and redirect it to another file (sed '/jappler/s/=/!/g jappler.txt > jappler2.txt). If you wanted the new text in the original file, you could use: mv jappler2.txt > jappler.txt.
    • Instead of using multiple commands separated with semicolons (let’s say you want to reuse the commands), you can also list the commands in a file (ex. commands.sed) and then call the file when you want to issue the commands. (ex. sed -nf commands.sed jappler.txt (-n is used when you do not want all the lines printed) (-f is to specify a file)

    Some general tidbits I found useful while learning awk:

    • Let’s say you see your crazy friend Ken on your server and he is is running all kinds of processes, but you are pissed off that he forgot your birthday so you decide to kill all of his processes…you can use awk for that: kill -9 `ps aux |awk '/ken/ { print $2 }'`. The first part of the command gets a list of all the processes Ken is running, and then that output is piped to awk where it looks at the second field (user name) and then kills all processes that Ken is running. 😉
    • uniq is a UNIX command that will remove duplicates from a sorted list (sort command will sort)
    • wc is a UNIX command that will count words (word count) and adding a -l will show the number of lines.

    regular expressions help.

    No, the site was not hacked, I chose to write about regular expressions. I am in my last section of my UNIX/Linux Systems Administrator training and I am equally excited about regular expressions as I was about learning subnets. I know regular expressions are very powerful, and I remember enjoying subnets after I finally figured them out, so I will give it a shot. I just feel like I did when I was forced to take world history. Anyway, I already found a useful web site that covers the basics of regular expressions that I wanted to share.

    growl.

    I am always looking for cool stuff for Mac OS X…and I have been carrying around a bookmark for growl for the last few months, and today I finally installed it. Growl is “a global notification system for Mac OS X .” Translation: something really cool that works with multiple apps. So you have mail checking mail all day and you would like to be notified of new mail, or perhaps you are listening to iTunes, and the song changes and you would like to know what you are listening to, growl will notify you with a cool little window.

    You can do a number of cool things with growl.

    1. Have your web server notify you of anything strange going on.
    2. Using Growl, Rendezvous and Python for LAN notification
    3. Remote notification using growl.

    So if you want something cool and useful…download growl today!