Archive for July, 2008

PHP: Get Country By Geo IP

Friday, July 18th, 2008

To use it, you’ll have to first download the GeoIP Free Country file and extract it into a directory in your Web server. Then you’ll have to pick which language API to use with the database file. For simplicity, we’re going to use the pure PHP version because it doesn’t require any additional configuration or Apache modules. Remember to read the license terms before installing these on your Web site to ensure you are in compliance.

The code in Listing A demonstrates the basics of using the module ( to access the GeoIP Free Country database (GeoIP.dat). The example assumes both the PHP include and the country database file are in the same directory as the PHP file itself. You’ll have to change the paths as needed if this is not the case in your installation.

The sample code is pretty straightforward. After including the GeoIP PHP function library, the first step is to open the GeoIP database file with the geoip_open() function. This function accepts two arguments: the path to the database file and the type of database.

We then use the handle returned by the call to geoip_open() to obtain the two-letter country code and human-friendly name corresponding to the given IP address, via the geoip_country_code_by_addr() and geoip_country_code_by_name() functions, respectively. Both functions accept two arguments: the handle returned by geoip_open() and the IP address to resolve.

Once the required information is obtained, we close the database file with a call to geoip_close(). Simple as that.

Wget using Cookies Firefox3

Wednesday, July 16th, 2008

Firefox 3 does not use cookies.txt but rather cookies.sqlite.
Solution: Uses a python script to extract the data from cookies.sqlite.


import sqlite3 as db
import sys

cookiedb = '/home/USENAME/.mozilla/firefox/PROFIL/cookies.sqlite'
targetfile = '/home/USERNAME/cookies.txt'
what = sys.argv[1]
connection = db.connect(cookiedb)
cursor = connection.cursor()
contents = "host, path, isSecure, expiry, name, value"

cursor.execute("SELECT " +contents+ " FROM moz_cookies WHERE host LIKE '%"
               +what+ "%'")

file = open(targetfile, 'w')
index = 0
for row in cursor.fetchall():
  file.write("%s\tTRUE\t%s\t%s\t%d\t%s\t%s\n" % (row[0], row[1],
             str(bool(row[2])).upper(), row[3], str(row[4]), str(row[5])))
  index += 1

print "Gesucht nach: %s" % what
print "Exportiert: %d" % index


phpBB3 Coding Guidelines

Monday, July 7th, 2008

4. Templating
File naming
Including files
Conditionals/Control structures
Extended syntax for Blocks/Loops

ZTE-MF622 and Indosat M2

Monday, July 7th, 2008

$ vi 15-zte-mf622.rules

ACTION!=”add”, GOTO=”ZTE_End”

# Is this the ZeroCD device?
SUBSYSTEM==”usb”, SYSFS{idProduct}==”2000″,
SYSFS{idVendor}==”19d2″, GOTO=”ZTE_ZeroCD”

# Is this the actual modem?
SUBSYSTEM==”usb”, SYSFS{idProduct}==”0001″,
SYSFS{idVendor}==”19d2″, GOTO=”ZTE_Modem”

# This is the ZeroCD part of the card, remove
# the usb_storage kernel module so
# it does not get treated like a storage device
RUN+=”/sbin/rmmod usb_storage”

# This is the Modem part of the card, let’s
# load usbserial with the correct vendor
# and product ID’s so we get our usb serial devices
RUN+=”/sbin/modprobe usbserial vendor=0×19d2 product=0×0001″,
# Make users belonging to the dialout group
# able to use the usb serial devices.
MODE=”660″, GROUP=”dialout”


simpan file tersebut di dalam direktori /etc/udev/rules.d

$ vi /etc/wvdial.conf :

[Dialer Defaults]
Init2 = ATZ
Init3 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
Init5 = AT+CGDCONT=1,”IP”,”indosatm2″
Stupid Mode = 1
Modem Type = Analog Modem
ISDN = 0
Phone = *99#
Modem = /dev/ttyUSB0
Username = user
Password = pass
Dial Command = ATDT
Baud = 460800

Wordpress: add_action

Friday, July 4th, 2008

Hooks a function on to a specific action. See Plugin API for a list of hooks for action.

To email some friends whenever an entry is posted on your blog:
function email_friends($post_ID) {
$friends = ‘,’;
mail($friends, “sally’s blog updated” , ‘I just put something on my blog:’);
return $post_ID;
add_action(’publish_post’, ‘email_friends’);


(string) The name of the action you wish to hook onto.

(callback) The name of the function you wish to be called. Note: any of the syntaxes explained in the PHP documentation for the ‘callback’ type are valid.

How important your function is. Alter this to make your function be called before or after other functions. The default is 10, so (for example) setting it to 5 would make it run earlier and setting it to 12 would make it run later.

How many arguments your function takes. In WordPress 1.5.1+, hooked functions can take extra arguments that are set when the matching do_action() or apply_filters() call is run. For example, the action comment_id_not_found will pass any functions that hook onto it the ID of the requested comment.

Diablo III and StarCraft II

Thursday, July 3rd, 2008

Diablo III is an action role-playing game currently in development and the third installment of Blizzard’s Diablo franchise. It was unveiled on June 28, 2008 at the 2008 Blizzard Entertainment Worldwide Invitational in Paris, France.

StarCraft II is a military science fiction real-time strategy video game currently under development by Blizzard Entertainment as a sequel to the award-winning 1998 video game StarCraft. First announced on May 19, 2007, in Seoul, South Korea,[5][6] StarCraft II is being developed for concurrent release on Windows XP, Windows Vista, and Mac OS X. The game has no certain release date[4] although a multiplayer demonstration was playable at BlizzCon 2007

Heroes (TV series) Season 3

Thursday, July 3rd, 2008

Season three will open with a two-hour episode, set to air Monday, September 22, 2008.

Comparison of firewalls

Thursday, July 3rd, 2008
Retrieved from “

The following tables compare different aspects of a number of firewalls, starting from simple home firewalls up to the most sophisticated Enterprise firewalls.

Personal firewalls

Main article: Personal firewall
Firewall  ↓ License ↓ OS ↓ 64 bit  ↓
CA Personal Firewall Proprietary Windows No
Comodo Firewall Pro Freeware Windows Yes
Core Force Apache Windows Unknown
IPFilter BSD Solaris, IRIX, HP-UX Yes
ipfirewall BSD FreeBSD Yes
Kaspersky Internet Security Proprietary Windows Yes
Lavasoft Personal Firewall Proprietary Windows Yes
Netfilter/iptables GPL Linux Yes
Norton 360 Proprietary Windows Yes
Online Armor Personal Firewall Freeware/Proprietary Windows Unknown
Outpost Firewall Pro Proprietary Windows Yes
PC Tools Firewall Plus Freeware Windows Unknown
Sunbelt Personal Firewall Proprietary Windows No
Trend Micro Internet Security Proprietary Windows Yes
Windows Firewall Proprietary Windows Yes
ZoneAlarm Freeware Windows No

Firewall rule-set basic filtering features comparison

Can Target: Changing default policy to accept/ reject (by issuing only 1 rule at most) IP destination address(es) IP source address(es) TCP/UDP destination port(s) TCP/UDP source port(s) Ethernet MAC destination address Ethernet MAC source address Inbound firewall (Ingress) Outbound firewall (Egress)
Windows XP Firewall No No Yes Partial No No No Yes No
Windows Vista Firewall Yes Yes Yes Yes Yes No No Yes Yes
Cisco Access List Yes Yes Yes Yes Yes Yes Yes Yes Yes
Linux iptables Yes Yes Yes Yes Yes Yes Yes Yes Yes
OpenBSD PF Yes Yes Yes Yes Yes Yes Yes Yes Yes
IPFilter Yes Yes Yes Yes Yes Yes Yes Yes Yes
Check Point VPN-1 Yes Yes Yes Yes Yes Yes Yes Yes Yes
Sidewinder G2 Yes Yes Yes Yes Yes Yes Yes Yes Yes
NAI Gauntlet Yes Yes Yes Yes Yes Yes Yes Yes Yes
Zorp Yes Yes Yes Yes Yes Yes Yes Yes Yes
Trend Micro Internet Security Yes Yes Yes Yes Yes No No Yes Yes
  • Windows XP Firewall can target only single destination TCP/UDP port per rule, not port ranges, therefore support is partial.

Firewall rule-set advanced features comparison

Can: work at OSI Layer 4 (stateful firewall) work at OSI Layer 7 (application inspection) Change TTL? (Transparent to traceroute) Configure REJECT-with answer DMZ (de-militarized zone) – allows for single/several hosts not to be firewalled. Filter according to time of day Redirect TCP/UDP ports (port forwarding) Redirect IP addresses (forwarding) Filter according to User Authorization Traffic rate-limit / QoS Tarpit Log
Windows XP Firewall Yes No No No No No No No No No No Yes
Windows Vista Firewall Yes No No No No No No No Yes No No Yes
Cisco Access List Yes (with CBAC) Partial (with CBAC) No No Yes Yes Yes Yes (with static routes) No Yes (with queueing) No Yes
Linux iptables Yes Yes (with patch) Yes Yes Yes Yes Yes Yes Yes (with NuFW) Yes Yes (with Patch-o-matic module) Yes
OpenBSD pf Yes Partial (selected protocols only) Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
IPFilter Yes Partial (selected protocols only) Yes Yes Yes Yes Yes Yes No Yes Yes Yes
Sidewinder Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
Check Point VPN-1 Yes Yes Yes Yes(With Web Intelligence) Yes Yes Yes Yes Yes Yes Yes Yes
  • NOTE: Because Linux Iptables is text-based firewall, you can “Filter according to time of day” by using additional 3rd party tools, like expect automation tool and cron jobs.

Firewall Management features comparison

Features: Configuration: GUI, text or both modes? Remote Access: Web (HTTP), Telnet, SSH, RDP, Serial COM RS232, … After rule change – requires firewall restart – less than one second ? Ability to centrally manage all firewalls together
Windows XP Firewall both RDP, telnet, Group Policy Yes Yes(with AD and GPO)
Windows Vista Firewall both RDP, telnet, Group Policy, MMC No Yes
Cisco Access List both Telnet, SSH, Web(Java App “PDM” or the newer “ASDM”), RS232 Yes Partial
Linux iptables both Telnet, SSH, Web (webmin), X/Win32 GUI “fwbuilder”, RS232 Yes Yes
OpenBSD pf both Telnet, SSH, Web (webmin), X/Win32 GUI “fwbuilder”, RS232 Yes Yes
IPFilter both Telnet, SSH, Web (webmin), X/Win32 GUI “fwbuilder”, RS232 Yes Yes
Check Point VPN-1 GUI proprietary GUI, SSH, Web (HTTP/HTTPS) Yes Yes
  • NOTE: Rule changes on Checkpoint firewalls do not require any restart and incur no outage time.
  • NOTE: Because Linux Iptables and Cisco ACL are text-based firewalls, you can centrally manage them all-at-once by using additional tools, like KDE Konsole or expect automation tool.
  • NOTE: Due to the distributed nature of the Checkpoint architecture, no single interface is used exclusively. Security, NAT and VPN configuration is always done using the proprietary GUI, however basic IP networking and routing configuration of individual firewalls could be done using SSH or the Web interface.

Firewall’s other features comparison

Features: Modularity: supports third-party modules to extend functionality? Open-Source License? supports IPv6 ? Class: Home / Professional on what Operating Systems it runs?
Windows XP Firewall No No No Home Windows XP
Windows Server 2003
Windows Vista Firewall Yes No Yes Both Windows Vista
Windows Server 2008
Cisco Access List No No Yes Professional Cisco IOS
Linux iptables Yes Yes Yes Professional Linux 2.4+
OpenBSD pf Yes Yes Yes Professional OpenBSD, FreeBSD 6.0+, NetBSD 3.0+
IPFilter Yes Yes Yes Professional Solaris, IRIX, HP-UX. Available but deprecated on Linux, BSD.
Check Point VPN-1 Yes No Yes Professional Solaris, Linux (SPLAT or RHEL), Windows NT,2000,2003
  • NOTE: Checkpoint support a limited range of third-party modules from certified partners. Modules are integrated with Checkpoint firewalls through a platform named OPSEC

Non-Firewall extra features comparison

Those features are not strictly firewall features, but are sometimes bundled with firewall software, or exist on the platform.

NOTE: Features will be marked as “yes”, even if it’s separate module that comes with the platform, on which firewall sits.

IDS: real-time firewall that logs/sniffs/blocks suspicious connections, that are not part of rule-set.

VPN (Virtual Private Network) Types are: PPTP, L2TP, MPLS, IPsec, SSL/SSH.

Can: NAT (static, dynamic w/o ports, PAT) IDS (Intrusion Detection System) VPN (Virtual Private Network) AV (Anti-Virus) Sniffer
Windows XP Partial (PAT, with Internet Connection Sharing) Yes (with SPECTER) Partial (Limited to 1 client) Yes (McAfee, Symantec, etc) Yes (with wireshark)
Windows Vista Partial (PAT, with Internet Connection Sharing) Yes (with SPECTER) Partial (Limited to 1 client) Yes (McAfee, Symantec, etc) Yes (with wireshark)
Cisco IOS Yes (supports three NAT types) Yes Yes (some IOS versions) No Yes (some IOS versions)
Linux OS Yes (supports three NAT types) Yes (with Prelude-IDS or Snort) Yes (with openVPN) Yes (with clamav) Yes (with wireshark or tcpdump)
OpenBSD pf Yes (supports three NAT types) Yes (with Prelude-IDS or Snort) Yes Yes (with clamav) Yes (with wireshark or tcpdump)
IPFilter Yes (supports three NAT types) Yes (with Prelude-IDS or Snort) Yes (Native on Solaris, HP-UX. With third-party software on IRIX, BSD, Linux.) Yes (with clamav) Yes (with wireshark or tcpdump)
Check Point Yes (supports three NAT types) Yes Yes Yes Yes (with wireshark,tcpdump or
FW-1 kernel inside dump “fw monitor” a powerful tool to determine many aspects of the connection before and after packet enters/leaves OS routing system

Easy WordPress and Google Calendar Integration

Tuesday, July 1st, 2008

The Wordpress Google calendar plugin allows for the integration of a Google calendar into a Wordpress blog. This section describes how to install the plugin and get it working.
1. Request Google GDATA API key (see link below)
2. Upload the contents of the ZIP file to the /wp-content/plugins/ directory
3. Activate the plugin through the Plugins menu
4. Configure your GDATA API key in the plugin options panel
5. Configure a Google calendar in the plugin options panel
6. Configure the option to render the description field as Wiki markup
7. Create a page and add the ’show-wpng-calendar’ custom field with the number of weeks you want to be displayed
8. Add the widget to your sidebar and configure the title and number of events to display