Wednesday, January 27, 2010

Fun C# ASP.NET Page for Lotto Numbers

To lighten the mood in my office, I came up with fun C# ASP.NET page to randomly display lotto numbers. It's configured for the Cali lotto format but you can easily modify it for whatever state your in. Enjoy.

using System;
using System.Web;
using System.Text;

public partial class numbers : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{

}

protected void GetLottoNumbers(object sender, EventArgs e)
{
ArrayList arlNum = new ArrayList();
Random RandomClass = new Random();

while (arlNum.Count < 5)
{
int g = RandomClass.Next(1, 56);
if (!arlNum.Contains(g))
{
arlNum.Add(g);
}
}

arlNum.Sort();

pnlNum.Visible = true;
lblN1.Text = arlNum[0].ToString();
lblN2.Text = arlNum[1].ToString();
lblN3.Text = arlNum[2].ToString();
lblN4.Text = arlNum[3].ToString();
lblN5.Text = arlNum[4].ToString();
lblN6.Text = RandomClass.Next(1, 46).ToString();
btnNumbers.Text = "Get Another Set";
}


}


-----------------------Portion of numbers.aspx------------------------------

<h2>IT Retirement Numbers</h2>
<hr />
<p><strong>Would you like to see some IT retirement numbers?</strong></p>

<asp:Button ID="btnNumbers" runat="server" Text="Get Numbers" OnClick="GetLottoNumbers" />

<asp:Panel ID="pnlNum" runat="server" Visible="false">

<br />
Here you go...

<asp:Label ID="lblN1" runat="server" Width="20" />

<asp:Label ID="lblN2" runat="server" Width="20" />

<asp:Label ID="lblN3" runat="server" Width="20" />

<asp:Label ID="lblN4" runat="server" Width="20" />

<asp:Label ID="lblN5" runat="server" Width="20" />

and mega number
<asp:Label ID="lblN6" runat="server" Width="20" />
</asp:Panel>

Friday, January 22, 2010

OpenBSD Transparent Firewall for Server Room Switch

Below is the rule set for an OpenBSD transparent firewall to protect servers on the same switch from unauthorized hosts on the local network. This ruleset assumes that there is a network firewall in place and only filters on MAC addresses of the local network clients and devices.

The firewall is setup with three network interfaces and sits between the server room network access port and the switch for the server room. The third interface is needed for remote ssh access and is plugged into a regular port on the switch.

Here is a link to my old post on MAC filtering using a Bridge and Packet Tagging



#############################################################
# Macros and Tables
#############################################################

# Interfaces
switch_if = "bge0"
nap_if = "bge1"
ssh_if = "em0"

############################################################
# Logging, Timeouts, Limits, Interface skips, Scrubs
############################################################

# Set logging interface
set loginterface $nap_if

# Revised - Adaptive Set higher state limits
set timeout { adaptive.start 10000, adaptive.end 110000 }
set limit states 100000
set timeout interval 10

# Normalize all incoming/outgoing traffic to prevent malformed packets
match in all scrub (no-df)

# Don't filter on loopback interface or ssh_if
set skip on lo0
set skip on em0

###########################################################
# Rules
###########################################################

# Block Traffic from Unauthorized Hosts into Servers
block in log on $nap_if all label "block in"

# Allow All Traffic on Switch Interface
pass in quick on $switch_if all
pass out quick on $switch_if all

# Allow All Traffic From Servers Behind Switch to Rest of Network
pass out quick on $nap_if all

# Allow Traffic from Known Good Mac Addresses into Servers
pass in quick on $nap_if all tagged goodmac

# Allowing Broadcast UDP into Servers
pass in quick on $nap_if proto udp to any port { 67 68 137 138 1900 3702 }

Tuesday, January 12, 2010

Manually Rotating OpenBSD PF Logs

While installing a new OpenBSD transparent bridge, the need came up to view with Wireshark a relatively new pf log file. Thanks to some colleagues at work I was able to accomplish this task by two quick commands.

$ su root

# newsyslog /var/log/pflog

Another way to do this is a simple tcpdump command.

$ sudo tcpdump -nettti pflog0 -w pfdumpfile