Converting from m4a to mp3 on a whole bunch of files recursively
find . -name \*.[Ww][Aa][Vv] -exec lame {} \;
Various and sundry technical notes and instructions for myself or anyone who cares to decipher them
Before getting started, you will need to make sure that you have to proper installation materials, and that the SAN configuration is appropriately setup for a system install.
Install Media
RHEL 4, Update 6 (RHEL 4.6) or RHEL 5. Earlier versions of RedHat, including earlier update versions, have an improperly functioning QLogic driver. Use this specific installation media for this document. Also, depending on the version of the QLogic driver, the SAN devices may be laid out before or after the local storage, use fdisk and look at the volume sizes to identify the local storage and remember which it is.
SAN Configuration
One path to the SAN. There cannot be multiple paths to the SAN during an install as it will cause problems with mounting /boot and finding the LVM partitions. The system must be booted in order to correct the configuration, so you must perform the install with only one path configured. Once the system boots, the appropriate adjustments can be made to fstab and the LVM to allow the system to boot properly with multiple paths.
Location of SAN Boot Card
You must know in which PCI slot the HBA that you will be booting off resides. You will need to configure the BIOS to boot from here. You must also make sure that this is the card with the active path, and you will need to configure that specific card to have boot enabled.
Three things that need to line up:
BIOS boot device = HBA w/active path = HBAconfigured to boot
BIOS Configuration
This section is written based on an installation on IBM x86 hardware. If you are using another platform these menus may be different.
Setting The Boot Device
Boot the system and enter the system BIOS. You will need to make sure that the SAN card is a valid boot device.
Select “Start Options”
Go To “PCI Device Boot Priority”
Modify this field to reflect the PCI slot number in which the boot HBA resides.
Go To “Startup Sequence Options”
Under “Primary Startup Sequence”, set the four devices as follows:[1]
“CD ROM”
“Hard Disk 0”
“Hard Disk 1”
“Network”
Escape back to the main menu.
Select “Save Settings” then “Exit Setup”
Configuring the HBA
The HBA will now need to be configured to be bootable. On the next boot, enter the HBA BIOS. This document was written against QLogic 2460 HBAs. If you are using a different HBA, the process may vary.
Enter the BIOS with a <CTRL-Q> when prompted.
Select the adapter with the active path (also should be the slot configured for boot in the BIOS)
Select “Configuration Settings”
Select “Adapter Settings”
Set “Host Adapter BIOS” to “Enabled”
Return to the previous menu.
Select “Selectable Boot Settings”
Set “Selectable Boot” to “Enabled”
Set each boot device by selecting the field, pressing Enter, then selecting a LUN.
Escape back to the main menu, and select “Save Changes” when prompted.
Select “Select Host Adapter”
Select the other adapter this time (the NON boot one)
Repeat the process as with the first adapter, EXCEPT:
Disable the Host Adapter BIOS”
Disable “Selectable Boot”
Escape to the main menu and save changes again.
Exit the utility and reboot the system.
Starting the Linux Install
Have the appropriate RedHat media in the optical drive and boot the system. Boot to the default graphical install. Watch when the “Loading SCSI Drivers” screen appears, you should see the module for the HBAs get loaded. For the QLogic cards, this is qla2xxx or qla2400.
Once the graphical installer is fully started and prompting you to click next to begin, switch to the terminal by pressing “CTRL-ALT-F2”.
At the console, enter “ls /dev/sd*”. You should see at least /dev/sda and /dev/sdb. There may be more. Identify the SAN and local devices. The local device will usually be /dev/sda. You can test this by entering “fdisk /dev/sda”, then at the menu enter “p” to print the partition table. It will also tell you the size of the volume. Look for a size that indicated a SAN LUN or local storage and remember which devices are which.
Addendum to Standard Linux Build – Partitioning
The name of the volume group created on the SAN device should be “sanvg”. The /boot partition should be create on the SAN device as well.
Continue with the install from this point as described in “Standard Linux Build”.
First Boot After Install
The first boot of the system after installation will likely FAIL. This is normal, as the installer did not choose the appropriate boot device when installing GRUB. To boot the system you will need to modify the GRUB commands.
After you are informed of the failed boot, hit enter to get the GRUB menu.
OH NO! GRUB comes up and the screen is all wiggedy wack! Read Appendix A at the end of the document for help!
With the first boot option selected, press “e” for edit.
The first line in the next menu should be something like “root (hd1,0)”.
Press “e” to edit this line.
Change the line to read “root (hd0,0)”
Hit enter to accept your changes
Press “b” to boot the system with the modified commands.
Install EMC PowerPath
The PowerPath software will perform failover functions as well as create special /dev devices allowing unambiguous access to the active path.
Fetch the install archive EMCpower.LINUX-5.1.2.00.00-021.tar.gz and extract it. Then use rpm to install the appropriate package onto the system:
Verify EMC PowerPath Install
PowerPath should now be installed. To verify, type “lsmod | grep emc” You should see a lot of modules with names beginning with emc. This indicates that PowerPath has loaded successfully.
Start PowerPath with its init script. Afterward you should see it coalesce the available paths to the SAN into a new virtual device. Verify that this is your SAN device by reading the partition table with fdisk.
[root@ ~]# service PowerPath start
Starting PowerPath: done
[root@ ~]# ls /dev/emcpower*
/dev/emcpower /dev/emcpowera /dev/emcpowera1 /dev/emcpowera2
As you can see above, there are now devices for /dev/emcpowera, a block device representing the SAN which is backed by /dev/sdb - /dev/sde.
[root@ ~]# fdisk /dev/emcpowera
The number of cylinders for this disk is set to 9137.
There is nothing wrong with that, but this is larger than 1024,
and could in certain setups cause problems with:
1) software that runs at boot time (e.g., old versions of LILO)
2) booting and partitioning software from other OSs
(e.g., DOS FDISK, OS/2 FDISK)
Command (m for help): p
Disk /dev/emcpowera: 75.1 GB, 75161927680 bytes
255 heads, 63 sectors/track, 9137 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/emcpowera1 * 1 19 152586 83 Linux
/dev/emcpowera2 20 9137 73240335 8e Linux LVM
Command (m for help): q
Modify modprobe.conf
At the end of /etc/modprobe.conf add the following line:
options scsi_mod max_scsi_luns=256
Modify grub.conf
Open the file and make the following edits:
Change any occurrence of “(hd*,0)” to “(hd0,0)”. (Where * is any number that is not 0).
On any line that starts with kernel, remove “rhgb quiet” from the end of it.
Comment out the “hiddenmenu” option with a “#” at the start of the line.
When you are finished, the file should look something like this:
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd1,0)
# kernel /vmlinuz-version ro root=/dev/sanvg/rootlv
# initrd /initrd-version.img
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
#hiddenmenu
title Red Hat Enterprise Linux AS (2.6.9-67.ELsmp)
root (hd0,0)
kernel /vmlinuz-2.6.9-67.ELsmp ro root=/dev/sanvg/rootlv
initrd /initrd-2.6.9-67.ELsmp.img
title Red Hat Enterprise Linux AS-up (2.6.9-67.EL)
root (hd0,0)
kernel /vmlinuz-2.6.9-67.EL ro root=/dev/sanvg/rootlv
initrd /initrd-2.6.9-67.EL.img
Modify the LVM Config
Finally, you must modify the LVM config file in /etc/lvm/lvm.conf to ignore the raw paths to the SAN and only use the PowerPath devices.
Find the line that sets up the default filter:
filter = [ "a/.*/" ]
Comment it out with a “#” at the start of the line, then put in the following line to tell LVM to only look at the emcpower devices and local storage:
filter = [ "a/sda/", "a/emcpower/", "r/.*/" ]
This is assuming that /dev/sda is local storage, you may have to modify this line if another device is local storage.
To make sure that the filter is working, run “vgscan” and verify that there are no messages about a “Duplicate PV”.
[root@mnsvliapp003 ~]# vgscan
Reading all physical volumes. This may take a while...
Found volume group "sanvg" using metadata type lvm2
Setting Failover Policy
The appropriate failover policy will need to be set depending on the type of SAN. Up to this point, only one path to each service processor should show as “active”, the rest show a state of “unlic”. Running “powermt display dev=all” will show this information:
[root@~]# powermt display dev=all
Pseudo name=emcpowera
CLARiiON ID=APM00064800054 [prod_jboss1]
Logical device ID=60060160A9D01A00A2AD9882F5ACDC11 [prod_jboss1_lun20]
state=alive; policy=BasicFailover; priority=0; queued-IOs=0
Owner: default=SP A, current=SP A
==============================================================================
---------------- Host --------------- - Stor - -- I/O Path - -- Stats ---
### HW Path I/O Paths Interf. Mode State Q-IOs Errors
==============================================================================
1 qla2xxx sdb SP A4 active alive 0 0
1 qla2xxx sdc SP B5 active alive 0 0
2 qla2xxx sdd SP A5 unlic alive 0 0
2 qla2xxx sde SP B4 unlic alive 0 0
For a CLARiiON array, issue the following command to set the failover policy to “CLARiiON Optimal”. this will cause all other paths to become active. You will then need to save the configuration, and it will then persist across reboots.
[root@ ~]# powermt set policy=co
[root@ ~]# powermt display dev=all
Pseudo name=emcpowera
CLARiiON ID=APM00064403323 [dr_epicdb]
Logical device ID=600601602E811900C8E4B43C79AADC11 [dr_epicdb_LUN_100]
state=alive; policy=CLAROpt; priority=0; queued-IOs=0
Owner: default=SP A, current=SP A
==============================================================================
---------------- Host --------------- - Stor - -- I/O Path - -- Stats ---
### HW Path I/O Paths Interf. Mode State Q-IOs Errors
==============================================================================
1 qla2xxx sdb SP B4 active alive 0 0
1 qla2xxx sdc SP A5 active alive 0 0
2 qla2xxx sdd SP B4 active alive 0 0
2 qla2xxx sde SP A5 active alive 0 0
Error displaying HBAs and associated devices.
[root@ ~]# powermt save
CABLE PULL TEST
At this point in the document, the configuration should be correct to survive a cable pull test. If the system cannot recover from the I/O errors after a cable pull at this point, something is wrong with the configuration. Review all steps and ensure that the output from the diagnostic commands is consistent with what is documented here.
Finishing Up
The system should be configured to boot and handle multiple paths now. Have the extra paths configured on the SAN then reboot the system.
During the system startup, PowerPath may report failure to start. This is fine, all that failed was the module load, which is because the modules were already loaded in the initrd.
Checking the PowerPath Configuration
PowerPath should now see all the active paths to the storage. To verify this, run the command “powermt display dev=all”. This should return the expected number of paths and show what raw devices are backing each path.
[root@ ~]# powermt display dev=all
Pseudo name=emcpowera
CLARiiON ID=APM00064403323 [dr_epicdb]
Logical device ID=600601602E811900C8E4B43C79AADC11 [dr_epicdb_LUN_100]
state=alive; policy=CLAROpt; priority=0; queued-IOs=0
Owner: default=SP A, current=SP A
==============================================================================
---------------- Host --------------- - Stor - -- I/O Path - -- Stats ---
### HW Path I/O Paths Interf. Mode State Q-IOs Errors
==============================================================================
1 qla2xxx sdb SP B4 active alive 0 0
1 qla2xxx sdc SP A5 active alive 0 0
2 qla2xxx sdd SP B4 active alive 0 0
2 qla2xxx sde SP A5 active alive 0 0
Error displaying HBAs and associated devices.
Appendix A – GRUB Problems on IBM
On some of the IBM x86 hardware, when going into the GRUB menu after a failed boot, the screen goes berserk and it is difficult to read. The menu gets somewhat broken too, but it is still possible to modify the GRUB commands and boot the system:
When selecting the “root (hd1,0)” line, after you hit “e” to edit the line, the line you are presented with in the editor reads “initrd /init”, NOT “root (hd1,0)”. You CANNOT edit this line, follow this process:
Hit enter to accept the weird line. Then press “b” to boot the system. IT WILL FAIL AGAIN. This is fine, now hit “e” to edit the line again, and this time you should be presented with the correct line. Make the modifications described in “First Boot After Install”, and again press “b”. This time, the system should boot.
The screen will return to normal after RedHat startup loads the font files.
[1] Many BIOSes have an option for “PCI” or “Additional Boot Devices”, or even names the HBA. If this is the case on the target system, use that selection instead of “Hard Disk”. On the IBM hardware the PCI boot device magically becomes Hard Disk 0 or 1 in the boot order, so make sure they are both in there. Boot from SAN may fail if there are bootable partitions on ANY local storage device.
/etc/modprobe.conf or /etc/modules.conf for RHEL3 and below alias bond0 bonding options bonding mode=1 miimon=100 downdelay=200 updelay=200 alias eth0 tg3 alias eth1 tg3 alias scsi_hostadapter megaraid_mbox alias usb-controller ohci-hcd /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 USERCTL=no BOOTPROTO=none HWADDR=00:14:5E:57:98:8E ONBOOT=yes MASTER=bond0 SLAVE=yes TYPE=Ethernet /etc/sysconfig/network-scripts/ifcfg-eth1 DEVICE=eth1 USERCTL=no BOOTPROTO=none HWADDR=00:14:5E:57:98:90 ONBOOT=yes MASTER=bond0 SLAVE=yes TYPE=Ethernet /etc/sysconfig/network-scripts/ifcfg-bond0 DEVICE=bond0 USERCTL=no BOOTPROTO=static BROADCAST=10.3.1.255 IPADDR=10.3.1.235 NETMASK=255.255.255.0 NETWORK=10.3.1.0 ONBOOT=yes TYPE=Ethernet /etc/sysconfig/network-scripts/ifcfg-bond0:1 DEVICE=bond0:1 USERCTL=no BOOTPROTO=static BROADCAST=10.3.1.255 IPADDR=10.3.1.237 NETMASK=255.255.255.0 NETWORK=10.3.1.0 ONBOOT=yes TYPE=Ethernet run rmmod bonding then service network restart
Error "You are about to be redirected to a connection that is not secure." for pages on your ssl protected sites you may want to try the following:
Create csw rules for Redirects
csw-rule "r6" response-status-code 301 302
csw-rule "r7" response-header "Location" pattern "http://www.sysxperts.com"
Create a csw policy to rewrite the headers so that all redirects are sent via https instead of http
csw-policy "sysxperts-301" type response-rewrite
! matches all status codes 301-302 for redirects
match "r6" response-header-rewrite
! this takes the first four characters (offset 0 length 4 which is http) and replaces them with "https"
match "r7" rewrite response-header-replace "https" offset 0 length 4
Bind the policy to your virtual server
server virtual sysxperts.com
port ssl response-rewrite-policy "sysxperts-301"
Show tech
Rconsole 1 1
show server session
show server debug
show server traffic
show server proxy
wsm show cpu
wsm dm resource
sh ssl key *
sh ssl cert *
sh ssl stat counter
sh ssl stat alert
sh ssl stat crypto
sh ssl stat client
sh socket stat
sh vm mem
sh vm deb
sh cp deb
sh ssl deb
sh tcp buf
sh cp stat
sh vm stat
sh sock list
sh ssl con
rconsole-exit
Make a note of the existing certificates and keys on the Foundry as follows:
logon to each load balancer with putty and perform a sh config
You just need to look at the ssl profile section (see items in bold)
ssl profile www-sysxperts-org2 keypair-file sysxperts-key2 certificate-file sysxpertsnew cipher-suite all-cipher-suites disable-ssl-v2 session-cache off enable-certificate-chaining ssl profile pvalentino keypair-file pvalentino-key certificate-file pvalentinochain cipher-suite all-cipher-suites disable-ssl-v2 session-cache off enable-certificate-chaining
Make a not of the existing keypair-file and certificate-file names because you cannot use the same name when uploading the new certs and keys. Given the output above and the need to install a new cert for www.sysxperts.org:
Logon to apache web server mnsvlwwwp001 as a regular user (uploads will not work as the root user)
cd to the /data/web/certs folder or wherever you stored the keys and certs. The following uploads must be done as a regular user and in the proper order.
Verify that the new keys and certs have been uploaded to the Foundry devices as follows:
After uploading all the keys and certs to both devices and verifying, update the config on both devices as follows:
server virtual webprd no port ssl ssl-terminate www-sysxperts-org2 ssl profile www-sysxperts-org2 no certificate-file sysxpertsnew no keypair-file sysxperts-key2
Perform a save with:
ssl profile www-sysxperts-org2 keypair-file sysxperts-key3 certificate-file sysxpertsorg3 cipher-suite all-cipher-suites disable-ssl-v2 session-cache off
enable-certificate-chaining
server virtual webprd port ssl ssl-terminate www-sysxperts-org2
Perform a save with:
Test configuration and burn-in for at least 7 days before cleaning up old certs and keys.
Cleaning up:
Ctrl-H is the backspace key on the Foundry - you can update putty keyboard properties to use Ctrl-H if you find this as annoying as i do :)
Sed Examples
To replace /usr/bin with /usr/local/bin in all files ending in .pl use:
for i in *.pl ; do sed s^\/usr\/bin^\/usr\/local\/bin^g < $i > $i.new; done
Now read the files... they should read /usr/local/bin instead of /usr/bin
to remove all instances of /usr from a file
for i in *.pl ; do `sed s^\/usr^^g < $i > $i.new && mv $i.new $i`; done
for i in *.conf; do sed s^webtest^www^g < $i > $i.new;done
------------------------------------------------------------------------- HANDY ONE-LINERS FOR SED (Unix stream editor) Apr. 26, 2004 compiled by Eric Pement - pemente[at]northpark[dot]edu version 5.4 Latest version of this file is usually at: http://sed.sourceforge.net/sed1line.txt http://www.student.northpark.edu/pemente/sed/sed1line.txt This file is also available in Portuguese at: http://www.lrv.ufsc.br/wmaker/sed_ptBR.html FILE SPACING: # double space a file sed G # double space a file which already has blank lines in it. Output file # should contain no more than one blank line between lines of text. sed '/^$/d;G' # triple space a file sed 'G;G' # undo double-spacing (assumes even-numbered lines are always blank) sed 'n;d' # insert a blank line above every line which matches "regex" sed '/regex/{x;p;x;}' # insert a blank line below every line which matches "regex" sed '/regex/G' # insert a blank line above and below every line which matches "regex" sed '/regex/{x;p;x;G;}' NUMBERING: # number each line of a file (simple left alignment). Using a tab (see # note on '\t' at end of file) instead of space will preserve margins. sed = filename | sed 'N;s/\n/\t/' # number each line of a file (number on left, right-aligned) sed = filename | sed 'N; s/^/ /; s/ *\(.\{6,\}\)\n/\1 /' # number each line of file, but only print numbers if line is not blank sed '/./=' filename | sed '/./N; s/\n/ /' # count lines (emulates "wc -l") sed -n '$=' TEXT CONVERSION AND SUBSTITUTION: # IN UNIX ENVIRONMENT: convert DOS newlines (CR/LF) to Unix format sed 's/.$//' # assumes that all lines end with CR/LF sed 's/^M$//' # in bash/tcsh, press Ctrl-V then Ctrl-M sed 's/\x0D$//' # gsed 3.02.80, but top script is easier # IN UNIX ENVIRONMENT: convert Unix newlines (LF) to DOS format sed "s/$/`echo -e \\\r`/" # command line under ksh sed 's/$'"/`echo \\\r`/" # command line under bash sed "s/$/`echo \\\r`/" # command line under zsh sed 's/$/\r/' # gsed 3.02.80 # IN DOS ENVIRONMENT: convert Unix newlines (LF) to DOS format sed "s/$//" # method 1 sed -n p # method 2 # IN DOS ENVIRONMENT: convert DOS newlines (CR/LF) to Unix format # Can only be done with UnxUtils sed, version 4.0.7 or higher. # Cannot be done with other DOS versions of sed. Use "tr" instead. sed "s/\r//" infile >outfile # UnxUtils sed v4.0.7 or higher tr -d \r <infile >outfile # GNU tr version 1.22 or higher # delete leading whitespace (spaces, tabs) from front of each line # aligns all text flush left sed 's/^[ \t]*//' # see note on '\t' at end of file # delete trailing whitespace (spaces, tabs) from end of each line sed 's/[ \t]*$//' # see note on '\t' at end of file # delete BOTH leading and trailing whitespace from each line sed 's/^[ \t]*//;s/[ \t]*$//' # insert 5 blank spaces at beginning of each line (make page offset) sed 's/^/ /' # align all text flush right on a 79-column width sed -e :a -e 's/^.\{1,78\}$/ &/;ta' # set at 78 plus 1 space # center all text in the middle of 79-column width. In method 1, # spaces at the beginning of the line are significant, and trailing # spaces are appended at the end of the line. In method 2, spaces at # the beginning of the line are discarded in centering the line, and # no trailing spaces appear at the end of lines. sed -e :a -e 's/^.\{1,77\}$/ & /;ta' # method 1 sed -e :a -e 's/^.\{1,77\}$/ &/;ta' -e 's/\( *\)\1/\1/' # method 2 # substitute (find and replace) "foo" with "bar" on each line sed 's/foo/bar/' # replaces only 1st instance in a line sed 's/foo/bar/4' # replaces only 4th instance in a line sed 's/foo/bar/g' # replaces ALL instances in a line sed 's/\(.*\)foo\(.*foo\)/\1bar\2/' # replace the next-to-last case sed 's/\(.*\)foo/\1bar/' # replace only the last case # substitute "foo" with "bar" ONLY for lines which contain "baz" sed '/baz/s/foo/bar/g' # substitute "foo" with "bar" EXCEPT for lines which contain "baz" sed '/baz/!s/foo/bar/g' # change "scarlet" or "ruby" or "puce" to "red" sed 's/scarlet/red/g;s/ruby/red/g;s/puce/red/g' # most seds gsed 's/scarlet\|ruby\|puce/red/g' # GNU sed only # reverse order of lines (emulates "tac") # bug/feature in HHsed v1.5 causes blank lines to be deleted sed '1!G;h;$!d' # method 1 sed -n '1!G;h;$p' # method 2 # reverse each character on the line (emulates "rev") sed '/\n/!G;s/\(.\)\(.*\n\)/&\2\1/;//D;s/.//' # join pairs of lines side-by-side (like "paste") sed '$!N;s/\n/ /' # if a line ends with a backslash, append the next line to it sed -e :a -e '/\\$/N; s/\\\n//; ta' # if a line begins with an equal sign, append it to the previous line # and replace the "=" with a single space sed -e :a -e '$!N;s/\n=/ /;ta' -e 'P;D' # add commas to numeric strings, changing "1234567" to "1,234,567" gsed ':a;s/\B[0-9]\{3\}\>/,&/;ta' # GNU sed sed -e :a -e 's/\(.*[0-9]\)\([0-9]\{3\}\)/\1,\2/;ta' # other seds # add commas to numbers with decimal points and minus signs (GNU sed) gsed ':a;s/\(^\|[^0-9.]\)\([0-9]\+\)\([0-9]\{3\}\)/\1\2,\3/g;ta' # add a blank line every 5 lines (after lines 5, 10, 15, 20, etc.) gsed '0~5G' # GNU sed only sed 'n;n;n;n;G;' # other seds SELECTIVE PRINTING OF CERTAIN LINES: # print first 10 lines of file (emulates behavior of "head") sed 10q # print first line of file (emulates "head -1") sed q # print the last 10 lines of a file (emulates "tail") sed -e :a -e '$q;N;11,$D;ba' # print the last 2 lines of a file (emulates "tail -2") sed '$!N;$!D' # print the last line of a file (emulates "tail -1") sed '$!d' # method 1 sed -n '$p' # method 2 # print only lines which match regular expression (emulates "grep") sed -n '/regexp/p' # method 1 sed '/regexp/!d' # method 2 # print only lines which do NOT match regexp (emulates "grep -v") sed -n '/regexp/!p' # method 1, corresponds to above sed '/regexp/d' # method 2, simpler syntax # print the line immediately before a regexp, but not the line # containing the regexp sed -n '/regexp/{g;1!p;};h' # print the line immediately after a regexp, but not the line # containing the regexp sed -n '/regexp/{n;p;}' # print 1 line of context before and after regexp, with line number # indicating where the regexp occurred (similar to "grep -A1 -B1") sed -n -e '/regexp/{=;x;1!p;g;$!N;p;D;}' -e h # grep for AAA and BBB and CCC (in any order) sed '/AAA/!d; /BBB/!d; /CCC/!d' # grep for AAA and BBB and CCC (in that order) sed '/AAA.*BBB.*CCC/!d' # grep for AAA or BBB or CCC (emulates "egrep") sed -e '/AAA/b' -e '/BBB/b' -e '/CCC/b' -e d # most seds gsed '/AAA\|BBB\|CCC/!d' # GNU sed only # print paragraph if it contains AAA (blank lines separate paragraphs) # HHsed v1.5 must insert a 'G;' after 'x;' in the next 3 scripts below sed -e '/./{H;$!d;}' -e 'x;/AAA/!d;' # print paragraph if it contains AAA and BBB and CCC (in any order) sed -e '/./{H;$!d;}' -e 'x;/AAA/!d;/BBB/!d;/CCC/!d' # print paragraph if it contains AAA or BBB or CCC sed -e '/./{H;$!d;}' -e 'x;/AAA/b' -e '/BBB/b' -e '/CCC/b' -e d gsed '/./{H;$!d;};x;/AAA\|BBB\|CCC/b;d' # GNU sed only # print only lines of 65 characters or longer sed -n '/^.\{65\}/p' # print only lines of less than 65 characters sed -n '/^.\{65\}/!p' # method 1, corresponds to above sed '/^.\{65\}/d' # method 2, simpler syntax # print section of file from regular expression to end of file sed -n '/regexp/,$p' # print section of file based on line numbers (lines 8-12, inclusive) sed -n '8,12p' # method 1 sed '8,12!d' # method 2 # print line number 52 sed -n '52p' # method 1 sed '52!d' # method 2 sed '52q;d' # method 3, efficient on large files # beginning at line 3, print every 7th line gsed -n '3~7p' # GNU sed only sed -n '3,${p;n;n;n;n;n;n;}' # other seds # print section of file between two regular expressions (inclusive) sed -n '/Iowa/,/Montana/p' # case sensitive SELECTIVE DELETION OF CERTAIN LINES: # print all of file EXCEPT section between 2 regular expressions sed '/Iowa/,/Montana/d' # delete duplicate, consecutive lines from a file (emulates "uniq"). # First line in a set of duplicate lines is kept, rest are deleted. sed '$!N; /^\(.*\)\n\1$/!P; D' # delete duplicate, nonconsecutive lines from a file. Beware not to # overflow the buffer size of the hold space, or else use GNU sed. sed -n 'G; s/\n/&&/; /^\([ -~]*\n\).*\n\1/d; s/\n//; h; P' # delete all lines except duplicate lines (emulates "uniq -d"). sed '$!N; s/^\(.*\)\n\1$/\1/; t; D' # delete the first 10 lines of a file sed '1,10d' # delete the last line of a file sed '$d' # delete the last 2 lines of a file sed 'N;$!P;$!D;$d' # delete the last 10 lines of a file sed -e :a -e '$d;N;2,10ba' -e 'P;D' # method 1 sed -n -e :a -e '1,10!{P;N;D;};N;ba' # method 2 # delete every 8th line gsed '0~8d' # GNU sed only sed 'n;n;n;n;n;n;n;d;' # other seds # delete ALL blank lines from a file (same as "grep '.' ") sed '/^$/d' # method 1 sed '/./!d' # method 2 # delete all CONSECUTIVE blank lines from file except the first; also # deletes all blank lines from top and end of file (emulates "cat -s") sed '/./,/^$/!d' # method 1, allows 0 blanks at top, 1 at EOF sed '/^$/N;/\n$/D' # method 2, allows 1 blank at top, 0 at EOF # delete all CONSECUTIVE blank lines from file except the first 2: sed '/^$/N;/\n$/N;//D' # delete all leading blank lines at top of file sed '/./,$!d' # delete all trailing blank lines at end of file sed -e :a -e '/^\n*$/{$d;N;ba' -e '}' # works on all seds sed -e :a -e '/^\n*$/N;/\n$/ba' # ditto, except for gsed 3.02* # delete the last line of each paragraph sed -n '/^$/{p;h;};/./{x;/./p;}' SPECIAL APPLICATIONS: # remove nroff overstrikes (char, backspace) from man pages. The 'echo' # command may need an -e switch if you use Unix System V or bash shell. sed "s/.`echo \\\b`//g" # double quotes required for Unix environment sed 's/.^H//g' # in bash/tcsh, press Ctrl-V and then Ctrl-H sed 's/.\x08//g' # hex expression for sed v1.5 # get Usenet/e-mail message header sed '/^$/q' # deletes everything after first blank line # get Usenet/e-mail message body sed '1,/^$/d' # deletes everything up to first blank line # get Subject header, but remove initial "Subject: " portion sed '/^Subject: */!d; s///;q' # get return address header sed '/^Reply-To:/q; /^From:/h; /./d;g;q' # parse out the address proper. Pulls out the e-mail address by itself # from the 1-line return address header (see preceding script) sed 's/ *(.*)//; s/>.*//; s/.*[:<] *//' # add a leading angle bracket and space to each line (quote a message) sed 's/^/> /' # delete leading angle bracket & space from each line (unquote a message) sed 's/^> //' # remove most HTML tags (accommodates multiple-line tags) sed -e :a -e 's/<[^>]*>//g;/</N;//ba' # extract multi-part uuencoded binaries, removing extraneous header # info, so that only the uuencoded portion remains. Files passed to # sed must be passed in the proper order. Version 1 can be entered # from the command line; version 2 can be made into an executable # Unix shell script. (Modified from a script by Rahul Dhesi.) sed '/^end/,/^begin/d' file1 file2 ... fileX | uudecode # vers. 1 sed '/^end/,/^begin/d' "$@" | uudecode # vers. 2 # zip up each .TXT file individually, deleting the source file and # setting the name of each .ZIP file to the basename of the .TXT file # (under DOS: the "dir /b" switch returns bare filenames in all caps). echo @echo off >zipup.bat dir /b *.txt | sed "s/^\(.*\)\.TXT/pkzip -mo \1 \1.TXT/" >>zipup.bat TYPICAL USE: Sed takes one or more editing commands and applies all of them, in sequence, to each line of input. After all the commands have been applied to the first input line, that line is output and a second input line is taken for processing, and the cycle repeats. The preceding examples assume that input comes from the standard input device (i.e, the console, normally this will be piped input). One or more filenames can be appended to the command line if the input does not come from stdin. Output is sent to stdout (the screen). Thus: cat filename | sed '10q' # uses piped input sed '10q' filename # same effect, avoids a useless "cat" sed '10q' filename > newfile # redirects output to disk For additional syntax instructions, including the way to apply editing commands from a disk file instead of the command line, consult "sed & awk, 2nd Edition," by Dale Dougherty and Arnold Robbins (O'Reilly, 1997; http://www.ora.com), "UNIX Text Processing," by Dale Dougherty and Tim O'Reilly (Hayden Books, 1987) or the tutorials by Mike Arst distributed in U-SEDIT2.ZIP (many sites). To fully exploit the power of sed, one must understand "regular expressions." For this, see "Mastering Regular Expressions" by Jeffrey Friedl (O'Reilly, 1997). The manual ("man") pages on Unix systems may be helpful (try "man sed", "man regexp", or the subsection on regular expressions in "man ed"), but man pages are notoriously difficult. They are not written to teach sed use or regexps to first-time users, but as a reference text for those already acquainted with these tools. QUOTING SYNTAX: The preceding examples use single quotes ('...') instead of double quotes ("...") to enclose editing commands, since sed is typically used on a Unix platform. Single quotes prevent the Unix shell from intrepreting the dollar sign ($) and backquotes (`...`), which are expanded by the shell if they are enclosed in double quotes. Users of the "csh" shell and derivatives will also need to quote the exclamation mark (!) with the backslash (i.e., \!) to properly run the examples listed above, even within single quotes. Versions of sed written for DOS invariably require double quotes ("...") instead of single quotes to enclose editing commands. USE OF '\t' IN SED SCRIPTS: For clarity in documentation, we have used the expression '\t' to indicate a tab character (0x09) in the scripts. However, most versions of sed do not recognize the '\t' abbreviation, so when typing these scripts from the command line, you should press the TAB key instead. '\t' is supported as a regular expression metacharacter in awk, perl, and HHsed, sedmod, and GNU sed v3.02.80. VERSIONS OF SED: Versions of sed do differ, and some slight syntax variation is to be expected. In particular, most do not support the use of labels (:name) or branch instructions (b,t) within editing commands, except at the end of those commands. We have used the syntax which will be portable to most users of sed, even though the popular GNU versions of sed allow a more succinct syntax. When the reader sees a fairly long command such as this: sed -e '/AAA/b' -e '/BBB/b' -e '/CCC/b' -e d it is heartening to know that GNU sed will let you reduce it to: sed '/AAA/b;/BBB/b;/CCC/b;d' # or even sed '/AAA\|BBB\|CCC/b;d' In addition, remember that while many versions of sed accept a command like "/one/ s/RE1/RE2/", some do NOT allow "/one/! s/RE1/RE2/", which contains space before the 's'. Omit the space when typing the command. OPTIMIZING FOR SPEED: If execution speed needs to be increased (due to large input files or slow processors or hard disks), substitution will be executed more quickly if the "find" expression is specified before giving the "s/.../.../" instruction. Thus: sed 's/foo/bar/g' filename # standard replace command sed '/foo/ s/foo/bar/g' filename # executes more quickly sed '/foo/ s//bar/g' filename # shorthand sed syntax On line selection or deletion in which you only need to output lines from the first part of the file, a "quit" command (q) in the script will drastically reduce processing time for large files. Thus: sed -n '45,50p' filename # print line nos. 45-50 of a file sed -n '51q;45,50p' filename # same, but executes much faster -------------------------------------------------------------------------
Foundry ServerIron 4G-SSL config
!Using 8832 out of 393214 bytes
!
ver 10.1.00TI2
!
!
!
trunk switch ethe 3 to 4
!
!
!
ssl profile workplace-ssh
keypair-file workplace-key
certificate-file workplacechain
cipher-suite all-cipher-suites
disable-ssl-v2
session-cache off
ssl profile corp1-ssl
keypair-file corp1-key
certificate-file corp1chain
cipher-suite all-cipher-suites
disable-ssl-v2
session-cache off
ssl profile groupware
keypair-file groupware-key
certificate-file groupwarechain
cipher-suite all-cipher-suites
disable-ssl-v2
session-cache off
!
server backup ethe 3 0012.f27c.5400 vlan-id 100
server no-graceful-shutdown
!
!
!
!
server port 80
tcp
udp
server port 8080
tcp
server port 8081
tcp
server port 8083
tcp
server port 8084
tcp
server port 8085
tcp
server port 8087
tcp
server port 8089
tcp
server port 8090
tcp
server port 8086
tcp
server port 8082
tcp
server port 8088
tcp
server port 8092
tcp
server port 8093
tcp
server port 8094
tcp
server port 81
tcp
tcp keepalive use-master-state
server port 82
tcp
tcp keepalive use-master-state
server source-nat-ip 192.168.5.62 255.255.255.0 192.168.5.1 port-range 2
server source-nat-ip 192.168.5.63 255.255.255.0 192.168.5.1 port-range 2 for-ssl
server source-nat-ip 192.168.5.64 255.255.255.0 192.168.5.1 port-range 2 for-ssl
!
!
!
csw-rule "r1" url prefix "html"
csw-rule "r15" url prefix "/sales"
csw-rule "r17" url prefix "/PVWeb"
csw-rule "r2" header "Host" pattern "webtest.corp1.com"
csw-rule "r21" url prefix "/finance"
csw-rule "r25" url prefix "/edocs"
csw-rule "r3" header "Host" pattern "webtest.corp1groupware.com"
csw-rule "r30" url prefix "/acctg"
csw-rule "r35" url prefix "/eforms"
csw-rule "r45" url prefix "/custdb"
csw-rule "r50" url prefix "/estatement"
csw-rule "r55" url prefix "/ecosts"
csw-rule "r60" url prefix "/ereports"
csw-rule "r65" url prefix "/ebenefits"
csw-rule "r70" url prefix "/elabels"
csw-rule "r75" url prefix "/etraining"
csw-rule "r80" url prefix "/eordering"
!
!
!
csw-policy "app-forward"
match "r15" forward 11
match "r25" forward 25
match "r21" forward 21
match "r30" forward 30
match "r35" forward 35
match "r45" forward 45
match "r50" forward 50
match "r55" forward 55
match "r60" forward 60
match "r65" forward 65
match "r70" forward 70
match "r75" forward 75
match "r80" forward 80
match "r2" forward 2
match "r3" forward 3
default forward 2
!
csw-policy "redirect"
match "r15" redirect "*" "*" ssl
match "r17" redirect "PVweb.corp1.com" "*" ssl
match "r25" redirect "*" "*" ssl
match "r21" redirect "*" "*" ssl
match "r30" redirect "*" "*" ssl
match "r35" redirect "*" "*" ssl
match "r45" redirect "*" "*" ssl
match "r50" redirect "*" "*" ssl
match "r55" redirect "*" "*" ssl
match "r1" forward 1218
match "r1" rewrite request-insert client-ip
match "r60" redirect "*" "*" ssl
match "r65" redirect "*" "*" ssl
match "r70" redirect "*" "*" ssl
match "r75" redirect "*" "*" ssl
match "r80" redirect "*" "*" ssl
default forward 1
default rewrite request-insert client-ip
!
!
server real pvwwwt001 192.168.5.40
source-nat
port http
port http keepalive
port http url "HEAD /"
port http server-id 1218
port http group-id 1 1
port 8080
port 8080 keepalive
port 8080 group-id 11 11
port 8080 url "GET /sales/includes/isalive.html"
port 8081
port 8081 keepalive
port 8081 group-id 21 21
port 8081 url "GET /finance/isalive.html"
port 8082
port 8082 keepalive
port 8082 group-id 25 25
port 8082 url "GET /edocs/isalive.html"
port 8083
port 8083 keepalive
port 8083 group-id 30 30
port 8083 url "GET /acctg/isalive.html"
port 8084
port 8084 keepalive
port 8084 group-id 35 35
port 8084 url "GET /eforms/isalive.html"
port 8086
port 8086 keepalive
port 8086 group-id 45 45
port 8086 url "GET /custdb/isalive.html"
port 8087
port 8087 keepalive
port 8087 group-id 50 50
port 8087 url "GET /estatement/isalive.html"
port 8088
port 8088 keepalive
port 8088 group-id 55 55
port 8088 url "GET /ecosts/isalive.html"
port 8089
port 8089 keepalive
port 8089 group-id 60 60
port 8089 url "GET /ereports/isalive.htm"
port 8092
port 8092 keepalive
port 8092 group-id 65 65
port 8092 url "GET /ebenefits/"
port 8090
port 8090 keepalive
port 8090 group-id 70 70
port 8090 url "GET /elabels/"
port 8094
port 8094 keepalive
port 8094 group-id 80 80
port 8094 url "GET /eordering/isalive.html"
port 81
port 81 group-id 2 2
!
server real pvwwwt003 192.168.5.50
source-nat
port http
port http keepalive
port http url "HEAD /"
port http server-id 1211
port http group-id 1 1
port 8080
port 8080 keepalive
port 8080 group-id 11 11
port 8080 url "GET /sales/includes/isalive.html"
port 8082
port 8082 keepalive
port 8082 group-id 25 25
port 8082 url "GET /edocs/isalive.html"
port 8081
port 8081 keepalive
port 8081 group-id 21 21
port 8081 url "GET /finance/isalive.html"
port 8083
port 8083 keepalive
port 8083 group-id 30 30
port 8083 url "GET /acctg/isalive.html"
port 8084
port 8084 keepalive
port 8084 group-id 35 35
port 8084 url "GET /eforms/isalive.html"
port 8086
port 8086 keepalive
port 8086 group-id 45 45
port 8086 url "GET /custdb/isalive.html"
port 8087
port 8087 keepalive
port 8087 group-id 50 50
port 8087 url "GET /estatement/isalive.html"
port 8088
port 8088 keepalive
port 8088 group-id 55 55
port 8088 url "GET /ecosts/isalive.html"
port 8089
port 8089 keepalive
port 8089 group-id 60 60
port 8089 url "GET /ereports/isalive.htm"
port 8092
port 8092 keepalive
port 8092 group-id 65 65
port 8092 url "GET /ebenefits/"
port 8090
port 8090 keepalive
port 8090 group-id 70 70
port 8090 url "GET /elabels/"
port 8094
port 8094 keepalive
port 8094 group-id 80 80
port 8094 url "GET /eordering/isalive.html"
port 81
port 81 group-id 2 2
!
server remote-name pvwwwt002 192.168.4.70
source-nat
port http
port http keepalive
port http url "GET /"
!
server remote-name pvwwwt004 192.168.4.71
source-nat
port http
port http keepalive
port http url "GET /"
!
server real t001-groupware 192.168.5.101
source-nat
port http
port http keepalive
port http url "HEAD /"
port http group-id 1 1
port 8093
port 8093 keepalive
port 8093 group-id 75 75
port 8093 url "GET /etraining/isalive.html"
port 82
port 82 group-id 3 3
!
server real t003-groupware 192.168.5.102
source-nat
port http
port http keepalive
port http url "HEAD /"
port http group-id 1 1
port 8093
port 8093 keepalive
port 8093 group-id 75 75
port 8093 url "GET /etraining/isalive.html"
port 82
port 82 group-id 3 3
!
!
server virtual webtest1 192.168.5.61
port default sticky
port http
port http cookie-name "ServerID"
port http csw-policy "redirect"
port http csw
port http request-insert client-ip "X-Forwarded-For"
port ssl sticky
port ssl ssl-terminate corp1-ssl
port ssl csw-policy "app-forward"
port ssl csw
bind http pvwwwt001 http pvwwwt003 http
bind ssl pvwwwt001 81 real-port http pvwwwt003 81 real-port http pvwwwt001 8080 pvwwwt003 8080
bind ssl pvwwwt001 8081 pvwwwt003 8081 pvwwwt001 8082 pvwwwt003 8082
bind ssl pvwwwt001 8083 pvwwwt003 8083 pvwwwt001 8084 pvwwwt001 8087
bind ssl pvwwwt003 8087 pvwwwt001 8088 pvwwwt003 8088 pvwwwt003 8084
bind ssl pvwwwt001 8086 pvwwwt003 8086 pvwwwt001 8089 pvwwwt003 8089
bind ssl pvwwwt001 8092 pvwwwt003 8092 pvwwwt001 8090 pvwwwt003 8090
bind ssl pvwwwt001 8094 pvwwwt003 8094
!
server virtual salestest 192.168.5.67
port default sticky
port http
bind http pvwwwt002 http pvwwwt004 http
!
server virtual groupware 192.168.5.100
port default sticky
port http
port http cookie-name "ServerID"
port http csw-policy "redirect"
port http csw
port http request-insert client-ip "X-Forwarded-For"
port ssl sticky
port ssl ssl-terminate groupware
port ssl csw-policy "app-forward"
port ssl csw
bind http t001-groupware http t003-groupware http
bind ssl t001-groupware 8093 t003-groupware 8093 t001-groupware 82 real-port http t003-groupware 82 real-port http
!
!
!
!
!
vlan 1 name DEFAULT-VLAN by port
no spanning-tree
!
vlan 100 name HOT-SYNC by port
untagged ethe 3 to 4
no spanning-tree
!
!
aaa authentication web-server default local
aaa authentication login default local
no enable aaa console
hostname foundry1
ip address 192.168.5.60 255.255.255.0
ip default-gateway 192.168.5.1
ip dns domain-name corp1.com
ip dns server-address 192.168.1.11 192.168.1.10
logging buffered 1000
telnet server
snmp-server
clock summer-time
clock timezone us Central
web-management
!
!
!
!
ip ssh idle-time 240
!
!
end