Friday, July 18, 2008

A Script Looking For Processes That Open Specific Ports

Question: In Solaris, how to know which process opens a specific port?

There is an easy answer in Linux: lsof. However, Solaris doesn't deliver a similar command. So I need a workround to resolve it: using ps command to get pid of all processes, and use pfiles to find ports opened by those processes and match them with the given ports.

I wrote the following script to manage it.

Example of usage:

pp 9000
pp 9000 9001
pp 9000-9010 9100 9200-9201


#!/usr/bin/bash

# The script lists the process that opens given ports

# function printing usage message
help_msg () {
echo "Usage: pp ... -..."
}

# initialize argument array
aports=""

# function appending a port to $aports
append_arg () {
if echo " $aports " | grep " $1 " > /dev/null
then
return
fi
aports=`echo $aports $1`
}

# verify arguments
if [ $# -eq 0 ]
then
help_msg
exit 1
fi

# process arguments
for arg in $*
do
if echo $arg | grep "^[0-9]*$" > /dev/null
then
#process single port
append_arg $arg
elif echo $arg | grep "^[0-9]*-[0-9]*" > /dev/null
then
# process port range (-)
n1=`echo $arg | cut -d "-" -f1`
n2=`echo $arg | cut -d "-" -f2`
if [ $n1 -le $n2 ]
then
until [ $n1 -gt $n2 ]
do
append_arg $n1
n1=$((n1 + 1))
done
else
echo "Invalid port:" $arg
fi
else
echo "Invalid port: " $arg
fi
done

# loop arguments
for port in $aports
do
echo "Port: $port"
found=false

# find processes
for pid in `ps -ef -o pid | tail +2`
do
for pport in `/usr/proc/bin/pfiles $pid 2>/dev/null | grep "sockname:" | cut -d: -f 3`
do
if [ $pport -eq $port ]
then
found=true
echo "Process: $pid"
# echo "Command: " `ps -ef -o pid -o args | grep ^\ *$pid | cut -b7-`
echo "Command: " `pargs -l $pid`
#echo $pports
echo
break
fi
done
done

if ! $found
then
echo "Not found"
echo
fi
done

Thursday, July 10, 2008

How To Map A HTTPS-only Web Folder To A Drive

Question: In Windows XP/2003, how to map a web folder which allows for only HTTPS connections to a drive?

Windows web folder is Microsoft's implementation of WebDAV (Web Distributed Authoring and Versioning). Two WebDAV clients: Web Folders and WebDAV Mini Redirector are integrated and preinstalled with Windows. Based on them, there are usually 2 methods to access a web folder in Windows:

1) Use 'Add Network Place' in 'My Network Places',

This always works regardless of the connection type (HTTP or HTTPS). However, you can't map a web folder opened this way to a drive.

2) Use 'net use' at command line, as shown below:
net use x: http://domain-name/path-to-web-folder

The web folder is mapped to a drive, but this method only works for HTTP connection because of the limitations of WebDAV Mini Redirector:
  • No support for HTTPS, i.e. no support for secure connections, unless you are using Vista as a client.

  • No support for declared ports (http://myserver.com:8080/dav/) i.e. your WebDAV server must be using port 80, the default port.

  • No support for LOCK and UNLOCK commands, i.e. no locking if, for example, two users try to access (open) the same Word document.

Therefore, if a web folder supports only HTTPS connections, and you issue command:

net use x: https://domain-name/path-to-web-folder

you are given an error message something like 'Sysytem error 67 has occurred. The network name cannot be found.'

A software called WebDrive does feature a function mapping a HTTPS web folder to a drive, but it is not free, unfortunately.

Good news is we can do it free, with the help of stunnel - a universal SSL wrapper.

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL available on both Unix and Windows. And it is licensed under GPL. We use it here as a proxy that encrypts a HTTP request to a HTTPS one and submits to WebDAV server. The details are below:

1) Download stunnel Win32 binary from here and install it. The latest release is 4.25.

2) Edit stunnel.conf that is located at 'c:\program Files\stunnel\', make the following changes:

client=yes

verify=0

and add the following section to the end of the file:

[psuedo-https]

accept = 80

connect = domain-name:443

TIMEOUTclose = 0

The 'domain-name' above refers to the WebDAV server's domain name or IP address. Save the changes and start stunnel, now you should be able to map the HTTPS web folder to a drive by issuing command:


net use x: http://localhost/path-to-web-folder
Note:

  • This solution has been tested to work on Windows XP Pro SP3 and Windows 2003 EE SP2.
  • Please make sure WebClient service is on, and 'Networking Services' component has been installed with your Windows, otherwise you can't use 'net use' command to connect web folder.
  • If the WebDAV server requires Windows AD authentication, ie you must provide a user id in format of 'domain\user' and password so as to connect, you must logon to the domain first. My attempt to map a drive while logging on as a local user has failed, even I have forced stunnel to launch using a valid domain user id. The reason is not known yet.

Reference:

Tuesday, July 1, 2008

Change Shortcut Key for Firefox Download Manager

Firefox is officially supported by Peoplesoft PIA, and it works fine most of the time. But advanced users may have found they were stuck when trying to invoke system info screen - they hit CTRL-J in FF as they did in IE but saw no system info appeared. Instead, FF popped up a download manager window.

The reason is simple: CTRL-J is being used by FF as a shortcut key for download manager. And unfortunately, FF is not shipping a direct way for user to customize those keys. 'about:config' doesn't enable you to do that.

But there are still ways to tweak it:

1) With add-on. An unofficial FF add-on, 'keyconfig', is available at
http://forums.mozillazine.org/viewtopic.php?t=72994. With that you are free to customize shortcut keys for FF, provided you know how to manually edit FF's user preference file (perfs.js). If you can't or don't want, install one more add-on, 'functions for keyconfig' from http://www.pqrs.org/tekezo/firefox/extensions/functions_for_keyconfig/index.html. This enables you to change keys through UI.

2) Without add-on. Knowing where to get a tool is good, but doing it w/o a tool is cool, right?


Let's look at how FF launches download manager first. Explorer %FIREFOX_HOME%\chrome, find the following 2 files:

  • browser.jar
  • en-US.jar

Unjar browser.jar into %TEMP%, find browser.xul from extracted files and open it in your text editor, you see a line that looks like

  • <menuitem id="menu_openDownloads" label="&downloads.label;" key="key_openDownloads" accesskey="&downloads.accesskey;" command="Tools:Downloads"/>
Note the highlighted 'key' attribute, this obviously defines a shortcut key for download manager menu. Remove it to disable the key.

But what if you only want to change the shortcut key rather than disabling it? Let's look at how "key_openDownloads" is defined. In the same browser.xul, you see

  • <key id="key_openDownloads" key="&downloads.commandkey;" command="Tools:Downloads" modifiers="accel"/>
The highlighted attribute denotes the key value, but how do we know what "&downloads.commandKey;" actually is?

Now extract en-US.jar into %TEMP%, find browser.dtd in which you see

  • <!ENTITY downloads.commandkey "j">
The truth is out there!. Change 'j' to whatever you prefer, but make sure the new key doesn't conflict with other FF shortcuts.

Stuff the modified browser.xul or/and browser.dtd back into the jar files. Open FF and see whether it works.

This tip applies to both FireFox 2 and 3.