If you are not interested in the explanation behind this, skip to the script section.

OK, I’ve been using Scarlet ISP for my DSL connection for something like 5 years.
My contract mentions I get a dynamic IP.
The thing is, until two days ago, as long as my DSL router remained connected, I was keeping the same IP.
Scarlet didn’t mind until Belgacom ISP bought them.

If you are a residential customer, Belgacom do not want you to keep the same IP for extended period of time (and by extended, Belgacom mean “2 days”)… Unless you pay for the professional package, of course.

So Belgacom disconnect residential customers on purpose every 36 hours. You’ll note they don’t disconnect every 24 hours. Smart alec could disconnect and reconnect their modem at 4am and not be distracted by disconnections ever again.

With the 36 hour rule, whatever you do, you’ll be disconnected in the middle of the day once every two days, say goodbye to your SSH sessions, rsync backups, etc..

In order to avoid such problems, I came up with a little script that I run every night at 1am.

Basically, it goes through the web interface of my Linksys WAG200G, click the disconnect button, wait for 5 seconds and click the connect button.

The “challenge” was to figure out which variables I needed to pass in the POST request, for that I used the firefox addon “Tamper data“.

The script :

#!/usr/bin/perl -w

use strict;
use warnings;
use LWP;
use HTTP::Request::Common;

our $ua = LWP::UserAgent->new;

$ua->request(POST 'http://LOGIN:PASSWORD@192.168.177.254/apply.cgi',
[submit_button => 'Status_Router', submit_type => 'disconnect',
change_action => 'gozila_cgi', wan_proto => 'dhcp', status_connection => '0']);

sleep 5;

$ua->request(POST 'http://LOGIN:PASSWORD@192.168.177.254/apply.cgi',
[submit_button => 'Status_Router', submit_type => 'connect',
change_action => 'gozila_cgi', wan_proto => 'dhcp', status_connection => '0']);

My dad’s router (SMC 7908) was a bit trickier as it required to pass the complete header set and referer or it rejected the authentication, by the way I decided to give curl a try :

#!/bin/sh

# First we need to auth with headers and referer.. Authentication is IP based so after auth we can access the router config from any browser
/usr/bin/curl -d 'pws=password' -H "Host:192.168.2.1" -A "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3" -H "Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8" -H "Accept-Language:en-us,en;q=0.5" -H "Accept-Encoding:gzip,deflate" -H "Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.7" -H "Keep-Alive:300" -H "Connection:keep-alive" -e "http://192.168.2.1/login.stm" http://192.168.2.1/cgi-bin/login.exe

sleep 3

# Now we can proceed, we only need to disconnect, the router reconnects automatically
/usr/bin/curl -d 'pvc=0' -d 'cur_if=11' -d 'disconnect=Disconnect' -H "Host:192.168.2.1" -A "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3" -H "Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8" -H "Accept-Language:en-us,en;q=0.5" -H "Accept-Encoding:gzip,deflate" -H "Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.7" -H "Keep-Alive:300" -H "Connection:keep-alive" -e "http://192.168.2.1/login.stm" http://192.168.2.1/cgi-bin/statusprocess.exe

This is a very interesting link with reconnect scripts for a lot of routers : http://www.paehl.de/reconnect/Curl_search.php?router=firmware

Note : in regards to Epe’s comment, this article has been updated with a newer script, which should be doing a better job. Please drop me a comment, I’d love to hear feedback !

This script will parse the RIPE database and generate the iptables rules automatically..

Download the script here : http://www.wains.be/pub/update_country_block_list

The output would look like this :

-A INPUT -s 62.217.192.0/18 -m state --state NEW -j DROP
-A INPUT -s 62.231.64.0/18 -m state --state NEW -j DROP
-A INPUT -s 80.74.48.0/20 -m state --state NEW -j DROP

Or like this if you just want blocks :

62.217.192.0/18
62.231.64.0/18
80.74.48.0/20

You can use the output with iptables or any other firewall

#!/bin/sh

# Check storage used by virtual mail accounts under courier-imap

DOMAINS="domain1.be domain2.be"
TIMESTAMP=`date +%d/%m/%Y`

echo "REPORT DATE : $TIMESTAMP"
echo " "
for domains in $DOMAINS

do
echo "---------------------------"
echo "$domains"
echo "===================================================="
echo "Size               Accounts"
echo "---------------------------"
echo " "
du -h /var/spool/postfix/vmail/$domains/ --max-depth=2 -c | \
        egrep "\/var\/spool\/postfix\/vmail\/$domains\/[a-z]\/" | \
        sed -re "s/\/var\/spool\/postfix\/vmail\/$domains\/[a-z]\///g" | \
        egrep "[0-9]{2,3}M" | \
        awk '{print $1, "               ",$2}' | \
        sort -r

du -h /var/spool/postfix/vmail/$domains/ --max-depth=2 -c | \
        egrep "\/var\/spool\/postfix\/vmail\/$domains\/[a-z]\/" | \
        sed -re "s/\/var\/spool\/postfix\/vmail\/$domains\/[a-z]\///g" | \
        egrep "[0-9]{1}\.[0-9]{1}M" | \
        awk '{print $1, "       ",$2}' | \
        sort -r

du -h /var/spool/postfix/vmail/$domains/ --max-depth=2 -c | \
        egrep "\/var\/spool\/postfix\/vmail\/$domains\/[a-z]\/" | \
        sed -re "s/\/var\/spool\/postfix\/vmail\/$domains\/[a-z]\///g" | \
        egrep "[0-9]{3}K" | \
        awk '{print $1, "       ",$2}' | \
        sort -r

du -h /var/spool/postfix/vmail/$domains/ --max-depth=2 -c | \
        egrep "\/var\/spool\/postfix\/vmail\/$domains\/[a-z]\/" | \
        sed -re "s/\/var\/spool\/postfix\/vmail\/$domains\/[a-z]\///g" | \
        egrep -v "[0-9]{3}" | \
        egrep "[0-9]{2}K" | \
        awk '{print $1, "       ",$2}' | \
        sort -r

        echo " "
done

Output looks like this :

REPORT DATE : 17/01/2006

---------------------------
mac-s.be
====================================================
Size             Accounts
---------------------------

23M              admin
1.1M              admin
221K              admin
24K              admin

---------------------------
label-design.be
====================================================
Size             Accounts
---------------------------

20K              admin

I found Nagios http://www.nagios.org/ but it was not really what I needed. Indeed, Nagios can only monitor some specific services (usually services opening a tcp port) and it offered just way too many features, thus requiring a lot of dependencies and was not the easiest piece of software to install.

To do the job, I made this (very) little script that runs from a cron on a daily basis :

#!/bin/sh

SERVICES_REGULAR="squid smb 3dm mysqld postfix frox dhcpd sshd spamassassin httpd courier-imap arpwatch xinetd"

echo "Services"
echo "========"
for services_regular in $SERVICES_REGULAR
do
/sbin/service $services_regular status | sed -re 's/(pid|\(|\)|[0-9]{2,}|\.\.\.|\ )//g;s/\is/ : /g'
done
/sbin/service named status | grep server | sed -re 's/server/named/g;s/is/:/g'
echo " "

The output is :

Services
========
squid : running
smbd : running
nmbd : running
3dmd : running
mysqld : running
master : running
Frox : running
dhcpd : running
sshd : running
spamd : running
httpd : running
arpwatch : running
xinetd : running
named : up and running

This should work on many Redhat flavors, if you take a look at the code, named doesn’t output a regular “service is (running|stopped)”, I needed to make a special line for this service