I'd like to write an nftables rule that matches packet fields which are NOT found in a set:
ip not ip saddr #local_networks drop
Unfortunately this gives a syntax error: "unexpected !"
Moving the 'not' to various other likely points in the statement makes no difference to error message. Is negation allowed?
In Debian 10 (nftables 0.9.0 + whatever Debian patches) this syntax works to drop packets with source IP address not in set local_networks:
ip saddr != #local_networks drop
I've examined the source code and discovered that although "!" and "not" are both syntax elements - they have lexer symbols defined for them, they are not used anywhere in the parser. I suppose I'll have to put in an enhancement request.
Related
I am very new to q language and trying to get my IP address using system commands. I can get it in this format 127 0 0 1i using function
getIP:{"i"$0x0 vs .z.a}
But I need the answer to be in this format: 127.0.0.1.
Casting it to a symbol will not give me a dot format. So I must be using the wrong system command or wrong parsing!
You can use .z.a to get the ip address but it returns as an integer as you know. To get it in the format you want you can use
`$"." sv string 256 vs .z.a
where 256 vs .z.a turns it to the number base 256 and sv joins the returned numbers with a dot.
The ability to use a base with vs was added in v3.4 2015.12.13 and so won't work on an earlier version. You can check your version using .z.K. If you are using an earlier version then you can substitute 256 with "h"$0x0.
You can read more here: https://code.kx.com/q/ref/casting/#vs
Note that you can also make system calls to the machine to determine it's environment. Generally speaking anything you can find from a linux prompt you can also find in kdb via system calls.
q)system"hostname -i"
"12.345.6.789"
You can get the Hostname from .z.h , and pass the value from it get the IP address
`$"." sv string 256 vs .Q.addr .z.h
I need to define a variable name for different files inside a Fortran code, while I 'm using this commands
open(unit=5,file="plot.sm")
write(unit=zbin_str,fmt='(f5.2)') zbin
plotname="LF_z"//zbin_str//".ps"
write(5,"dev postencap" plotname)
write(5,"toplabel LF for",//zbin_str//)
I'm receiving these errors :
Syntax error, found '//' when expecting one of: ( * <IDENTIFIER> <CHAR_CON_KIND_PARAM> <CHAR_NAM_KIND_PARAM> <CHARACTER_CONSTANT> ...
write(5,"toplabel LF for",//zbin_str//)
error #6355: This binary operation is invalid for this data type. [PLOTNAME]
write(5,"dev postencap" plotname)
An arithmetic or LOGICAL type is required in this context.
write(5,"dev postencap" plotname)
How I can define the available name inside the Fortran code??
Thanks
Neither of these lines
write(5,"dev postencap" plotname)
write(5,"toplabel LF for",//zbin_str//)
is well-formed; that's what the compiler is trying to tell you.
Beyond that, I'm not sure what you are trying to do or, therefore, how to fix it. Unless you use keywords your Fortran compiler will understand the 2nd argument in a write statement to be the format specifier in which you want to present the output. I can't see how either "dev postencap" plotname or "toplabel LF for",//zbin_str// can be made into a valid format specifier. Perhaps what you want is
write(5,'(a32)') "dev postencap"//plotname
write(5,'(a32)') "toplabel LF for"//zbin_str
Anything more would be based on guesswork. If this doesn't answer your question explain it more clearly if you can.
I am attempting to edit a remote file in Emacs, and I'm having trouble getting from the documentation and previous SO questions to doing the thing I want.
I'm working remotely, from a variety of locations, and I want to edit files on server Foo. Server Foo isn't directly reachable from the Internet, but server Bar is, and Foo accepts connections from Bar. I can count on reaching Bar, and Bar can count on reaching Foo.
The Tramp documentation tells me that I need to add to Tramp's proxy list to do this, and that it should look like the following:
(add-to-list 'tramp-default-proxies-alist
("foo_host" "seanm" "/ssh:seanm#bar_host"))
However, when I try that, it doesn't work, and I get inscrutable error messages.
How can I unambiguously refer to Foo? There is no DNS server that knows how to find Foo from its hostname, and Foo's IP address is in the 10.0.0.0/8 private space. I don't want to refer to Foo by that IP address, because that risks colliding with hosts in other 10.0.0.0/8 networks I may visit. As a kludge, I added Foo to Bar's /etc/hosts file, but that didn't seem to work. Is there a better solution?
What quoting rules do I need to adhere to? The examples that I'm seeing use both "double quotes" and `tick-and-single' quotes, the latter apparently requiring double-backslash escaping. I don't understand what's going on there - it seems like there are multiple layers of parsing that this string is going to be shoved through.
While trying variations on this, I've gotten error messages that amount to "you can't use that remote-access method for that scenario." How can I set up a second proxy method that will let me do the equivalent of C-x C-f /su::/path/to/file ?
It all seems very painful compared to the previous multi-hop syntax.
Later: I was able to get the many layers of escaping right so that emacs correctly 'hears' the names of hosts. However, I can't get any hops beyond a second to work correctly, which is a very disappointing lapse in functionality.
The correct answer turned out to be modifying my SSH config with Host, HostAlias, and ProxyCommand directives.
I read somewhere that it wasn't possible to specify multiple ports to
exclude for shellcode is that correct? if not is the following
correct?
List of ports you want to look for SHELLCODE on.
portvar SHELLCODE_PORTS ![21,25,80,143,587,8889]
I'm using snort 2905
Try it. If Snort doesn't like the syntax, it should throwback a fatal parsing error. I believe, though, that syntax is better implemented as:
portvar SHELLCODE_PORTS [21,25,80,143,587,8889]
I.e., without the negation, and then used in a rule thus:
alert tcp any any <> any !SHELLCODE_PORTS ( ... )
You could also do:
portvar SHELLCODE_PORTS [!21,!25,!80,!143,!587,!8889]
Which should be valid syntax. Haven't tested, though. YMMV.
You want !$SHELLCODE_PORTS
You are missing the dollar sign.
I want to allow emails like myusername+something#mydomain.com instead of simply myusername#mydomain.com using Zimbra - this is a feature on Gmail.
Does anyone where to begin looking to allow this to work? Postfix?
How to implement this in Zimbra is available on the official Zimbra wiki here:
http://wiki.zimbra.com/wiki/Plus_Addressing
Zimbra stores a lot of Postfix parameters in LDAP so modifying the running Postfix config won't work.
To enable Plus Addressing with Zimbra, use zmprov as follows:
zmprov mcf zimbraMtaRecipientDelimiter +
Note that the delimiter can be a character other than '+'.
To disable Plus Addressing, use zmprov as follows:
zmprov mcf -- -zimbraMtaRecipientDelimiter +
After making changes to enable or disable this feature, it may be required to restart tomcat. Postfix should pick up the changes automatically, though it may take a couple minutes to register.
Yeah, postfix is the right place. Look at recipient_delimiter in the postconf docs:
recipient_delimiter (default: empty)
The separator between user names and address extensions (user+foo). See canonical(5), local(8), relocated(5) and virtual(5) for the effects this has on aliases, canonical, virtual, relocated and on .forward file lookups. Basically, the software tries user+foo and .forward+foo before trying user and .forward.
Example:
recipient_delimiter = +