Martin Milesich

I made this simple PHP script because I was tired of getting 400KB security run output emails from my FreeBSD box. It's written in PHP because I'm not good in shell scripting.

Every minute it checks for line like this

Feb  5 01:40:02 kyle sshd[939]: Failed password for root from 80.86.75.67 port 11807 ssh2

in the auth.log and grabs the IP address. If there is more than 3 failed logins from 1 IP address in one minute it is added to the firewall. I'm using the ipfw firewall.

// Both your server and this script must share the same timezone
date_default_timezone_set('Europe/Bratislava');

// Get the last minute.
// We need this because when we run this script from the cron
// it starts at zero seconds and the log file will have not any entries.
$lastminute = mktime(date('G'), date('i') - 1);

// Get the lines with failed logins for last minute
$cmd  = '/usr/bin/more /var/log/auth.log | /usr/bin/grep "Failed password" | /usr/bin/grep "';
$cmd .= date('j H:i:', $lastminute).'"';
$output = shell_exec($cmd);

// Make the $output an array
$output = explode("\n", $output);

// Array of IPs that you do not want to block
$ignore = array('127.0.0.1');

// This array will hold IPs with failed logins
$ips    = array();

// Get and count IPs
foreach ($output as $line) {
  $line = trim($line);
  preg_match_all('/[0-9]{1,3}(\.[0-9]{1,3}){3}/', $line, $matches);

  foreach ($matches[0] as $ip) {
    if (!isset($ips[$ip])) {
      $ips[$ip] = 1;
    } else {
      $ips[$ip]++;
    }
  }
}

// Block IPs
foreach ($ips as $ip => $count) {
  if ($count > 3 && !in_array($ip, $ignore)) {
    $data = "/sbin/ipfw -q add 20000 deny log all from {$ip} to me";
    file_put_contents('/etc/ipfw-dynamic.rules',$data, FILE_APPEND);
    shell_exec($data);
  }
}

Put this script to cron and set it to start every minute.

I decided to write another post to my blog while my last post was a long time ago. After I wrote a few words I want to check if the words are correctly typed because I am not good in English. To my surprise words that I know was correct was underlined and was suggested a correction. That correction was in Slovak! (fyi I am Slovak and live in Slovakia) I have blogger set to English. I can't make the spellchecker work as I want. Do the spellcheck in English. I cleared all cookies, set my preferred language to English and English-US in my browser, I was restarted the browser and still no luck. As I am writing this post I recognized another strange thing. You know when you are writing a post it is automatically saved as a draft. And that is the strange thing. Not the autosave feature but the message I got when it was saved. When it is autosaved I get "Draft autosaved at 2:01 AM" but when I click "SAVE NOW" I get "Koncept bol uložený o 2:04" (which is the same as the previous one but in Slovak). I changed everything that I found on Blogger and Google to English but country.

I will not change my country just because Google doesn't know how to handle languages.

And I am still not sure if it will help.

When I cleared all cookies I go to www.google.com and get www.google.sk. Why?? I was not logged in to my Google account. How they know that I might want sk version which I really don't want when I have set all to English. (Well I know that my IP address tells Google I am in Slovakia.) When I type www.google.com I want www.google.com and not the sk version! When I will want sk version I will type www.google.sk!

Till Google doesn't learn how to read my mind I suggest Google to get me what I requested instead of what Google think that I might want!

In this post I'm going to write about how to run Zend Studio 5.5 on FreeBSD 6.2. FreeBSD isn't officially supported by Zend therefore you can't use their support.

I'm using the trial version of Zend Studio 5.5 and I think I will buy it soon. It's the best PHP IDE that I've tried. Who knows the PHP better than the folks at Zend :-)

OK, let's start...

I assume that you have correctly installed xwindows and your favorite windows manager. I'm using Xorg 7.2 and KDE 3.5.7.

First we need to download the Zend Studio from Zend. If you are not already registered on Zend website, you will have to register. Only registered users can download products from their website.

I saved it to the /home/majlo/ZendStudio-5_5_0a.tar.gz. We need to unpack it and execute.

kevin# tar xzf ZendStudio-5_5_0a.tar.gz
kevin# sh ZendStudio-5_5_0.bin

We get an error that this binary type is not known. This is because we don't have installed Linux compatibility.

ELF binary type „0“ not known

We need to install linux base from ports.

kevin# cd /usr/ports/emulators/linux_base-fc4/
kevin# make install clean

This installation will also load linux module to the kernel. To load linux module on system start add this line to /etc/rc.conf.

linux_enable="YES"

Next attempt to start installation.

kevin# cd /home/majlo/
kevin# sh ZendStudio-5_5_0.bin

We get another error:

Java HotSpot(TM) Client VM warning: Can't detect initial thread stack location – find vma failed
'SWING' UI not supported by VM. Reverting to AWT.

We need linux xorg libraries.

kevin# cd /usr/ports/x11/linux-xorg-libs/
kevin# make install clean

OK. Now we can successfully start the installation wizard. I will install Zend Studio into /usr/local/Zend/ZendStudio-5.5.0.

kevin# cd /home/majlo/
kevin# sh ZendStudio-5_5_0.bin

When the installation finish we can start Zend Studio from /usr/local/Zend/ZendStudio-5.5.0/bin/ZDE but after the "Tip of the Day..." it stop responding and after few minutes it crash. This can be resolved by modification the ZDE file.

kevin# cd /usr/local/Zend/ZendStudio-5.5.0/bin/
kevin# mv ZDE ZDE.bak
kevin# cat ZDE.bak | sed 's/jitOnOrOff=on/jitOnOrOff=off/' > ZDE
kevin# chmod 755 ZDE

Now we can successfully start and use Zend Studio on FreeBSD. (It may take a while to load.)

kevin# ./ZDE

We now have running Zend Studio on FreeBSD. But I'm Slovak and I need to write Slovak national characters in Zend Studio and when I tried, it doesn't work. After spending days searching the Internet I've found that the solution is really simple. Just add this line to your ~/.cshrc file and reboot.

setenv LC_ALL sk_SK.ISO8859-2

We can now use Zend Studio on FreeBSD with Slovak keyboard :-)

Well, I'm trying to switch from Windows XP on my laptop to FreeBSD. I'm using FreeBSD since FreeBSD 3.0 as a server but I think it's the best time to use it as a desktop too. You may ask why not Linux for a desktop? Hmm.. Every time I need to build a server I choose FreeBSD and as a desktop I have Microsoft Windows. Therefore I don't have any experiences with Linux. I'm using my laptop mainly as a developer machine.

What really speeded up the process of switching to FreeBSD is the lack of PHP function PDOStatement::nextRowset() on Windows. I'm developing projects in Zend Framework with Zend_Db component and I can't use all results from a stored procedures on MySQL.

In next few posts I'm going to write about FreeBSD as a desktop and how to run Zend Studio on FreeBSD which is not officially supported by Zend.

Thank you for reading my first post :-)

/**
 * Calculate geodesic distance (in meters) between two points specified by
 * latitude/longitude using Vincenty inverse formula for ellipsoids
 *
 * from: Vincenty inverse formula - T Vincenty, "Direct and Inverse
 * Solutions of Geodesics on the Ellipsoid with application of nested
 * equations", Survey Review, vol XXII no 176, 1975
 * http://www.ngs.noaa.gov/PUBS_LIB/inverse.pdf
 *
 * Ported from JavaScript to PHP Martin Milesich - http://milesich.com
 *
 * Original JavaScript version
 * http://www.movable-type.co.uk/scripts/latlong-vincenty.html
 *
 * @param float $lat1 in form 52.2166667
 * @param float $lat2 in form 52.35
 * @param float $lon1 in form 5.9666667
 * @param float $lon2 in form 4.9166667
 * @return float      in form 73.174873 (meters)
 */
function distVincenty($lat1, $lon1, $lat2, $lon2)
{
    $lat1 = deg2rad($lat1);
    $lat2 = deg2rad($lat2);
    $lon1 = deg2rad($lon1);
    $lon2 = deg2rad($lon2);

    $a = 6378137; $b = 6356752.3142; $f = 1/298.257223563; // WGS-84 ellipsoid

    $L = $lon2 - $lon1;

    $U1 = atan((1-$f) * tan($lat1));
    $U2 = atan((1-$f) * tan($lat2));

    $sinU1 = sin($U1); $cosU1 = cos($U1);
    $sinU2 = sin($U2); $cosU2 = cos($U2);

    $lambda = $L; $lambdaP = 2 * M_PI;

    $iterLimit = 20;

    while (abs($lambda - $lambdaP) > 1e-12 && --$iterLimit > 0)
    {
        $sinLambda = sin($lambda);
        $cosLambda = cos($lambda);
        $sinSigma  = sqrt(($cosU2 * $sinLambda) * ($cosU2 * $sinLambda) +
                          ($cosU1 * $sinU2 - $sinU1 * $cosU2 * $cosLambda) *
                          ($cosU1 * $sinU2 - $sinU1 * $cosU2 * $cosLambda));

        if ($sinSigma == 0) return 0; // co-incident points

        $cosSigma   = $sinU1 * $sinU2 + $cosU1 * $cosU2 * $cosLambda;
        $sigma      = atan2($sinSigma, $cosSigma); // was atan2
        $alpha      = asin($cosU1 * $cosU2 * $sinLambda / $sinSigma);
        $cosSqAlpha = cos($alpha) * cos($alpha);
        $cos2SigmaM = $cosSigma - 2 * $sinU1 * $sinU2 / $cosSqAlpha;
        $C          = $f / 16 * $cosSqAlpha * (4 + $f * (4 - 3 * $cosSqAlpha));
        $lambdaP    = $lambda;
        $lambda     = $L + (1 - $C) * $f * sin($alpha) *
                      ($sigma + $C * $sinSigma * ($cos2SigmaM + $C * $cosSigma *
                      (-1 + 2 * $cos2SigmaM * $cos2SigmaM)));
    }
    if ($iterLimit == 0) return false; // formula failed to converge

    $uSq = $cosSqAlpha * ($a * $a - $b * $b) / ($b * $b);
    $A   = 1 + $uSq / 16384 * (4096 + $uSq * (-768 + $uSq * (320 - 175 * $uSq)));
    $B   = $uSq / 1024 * (256 + $uSq * (-128 + $uSq * (74 - 47 * $uSq)));

    $deltaSigma = $B * $sinSigma * ($cos2SigmaM + $B / 4 * ($cosSigma * (-1 + 2 * $cos2SigmaM * $cos2SigmaM) -
                  $B / 6 * $cos2SigmaM * (-3 + 4 * $sinSigma * $sinSigma) * (-3 + 4 * $cos2SigmaM * $cos2SigmaM)));

    $s = $b * $A * ($sigma - $deltaSigma);

    $s = round($s, 3); // round to 1mm precision

    return $s;
}