blog
Table des matières
- 2026:
- 2025:
1 billet(s) pour avril 2026
| Notes ping ICMP | 2026/04/03 23:01 | Jean-Baptiste |
Find prune
Trouver des prunes ou find -prune
C'est vrai que notre ami GNU find est efficace, rapide etc….
Mais quand nous voulons cherchez dans une arborescence il arrive que nous souhaitons exclure des répertoires. Un façon de faire est -not -wholename
Ça marche, donc où est le problème ? Et bien si nous suivons ce que fait find à l'aide de la commande strace, nous nous apercevons qu'il recherche malgré tout dans le dossier qu'y était pourtant exclu.
Dans notre exemple, nous avons un dossier 1wpixwnr.default dans .thunderbird
Et nous voulons tous les fichiers du répertoire courant sauf ceux présents dans .thunderbird
Ici nous constatons que find va dans .thunderbird, puisqu'il ouvre 1wpixwnr.default
# strace find . -not -wholename ".thunderbird/*" 2>&1 |grep '1wpixwnr.default'|grep ^open
open("1wpixwnr.default", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = 5
Même chose ici
# strace find . -not -wholename "./.thunderbird/*" 2>&1 |grep '1wpixwnr.default'|grep ^open open("1wpixwnr.default", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = 5
Alors qu'avec des prunes, il n'y a que les accès disque nécessaires
strace find . -wholename "./.thunderbird/*" -prune -o -print 2>&1 |grep '1wpixwnr.default'|grep ^open
Attention cependant, ici même avec prune, il y a des accès disques inutiles
# strace find . -wholename ".thunderbird/*" -prune -o -print 2>&1 |grep '1wpixwnr.default'|grep ^open
open("1wpixwnr.default", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = 5
Notons qu'ici .thunderbird est inclus dans le résultat :
$ find . -wholename "./.thunderbird/*" -prune -o -print |grep '\.thunderbird' ./.thunderbird
A présent comparons :
$ time find . -not -wholename "./Ziques/*" >/dev/null
real 0m0.321s user 0m0.170s sys 0m0.140s </code>
(encore une fois)
$ time find . -not -wholename "./Ziques/*" >/dev/null real 0m0.321s user 0m0.170s sys 0m0.140s
$ time find . -wholename "./Ziques/*" -prune -o -print >/dev/null real 0m0.138s user 0m0.100s sys 0m0.030s
Alors que le résultat est identique :
diff <(find . -not -wholename "./Ziques/*") <(find . -wholename "./Ziques/*" -prune -o -print)
Quelques liens sur find -prune que je n'ai pas vraiment eu le temps de lire.
http://www.liamdelahunty.com/tips/linux_find_exclude_multiple_directories.php
http://www.liamdelahunty.com/tips/linux_find_prune_directory.php
http://dit-archives.epfl.ch/FI94/5-94-page15.html
Exemple :
Trouvez tous les mp3 qui ne sont pas dans ./backup/Ziques :
find . -type f -iname "*.mp3" \( -wholename "./backup/Ziques/*" -prune -o -print \)
Évidement on peut faire :
find . -type f -iname "*.mp3" -not -wholename "./backup/Ziques/*"
Mais dans ce cas find ira quand même dans l'arborescence ./backup/Ziques et ça peut être long !
GNU/Linux - Commande find - Trouver les fichiers crées ou modifiés entre deux dates
Find entre la date aaa et la date bbb
man touch
-t DATE utiliser [[CC]AA]MMJJhhmm[.ss] à la place de la date actuelle
touch -t 1412310000 ~/tmp/ficref find /mnt/archives -maxdepth 1 -type f -newer ~/tmp/ficref -iname "*.csv"
Trouvez tous les fichiers logs modifié entre le 2016-10-18 07:00 (1610180700) et le 2016-10-20 09:00 (1610200900)
touch -t 1610180700 fic1 touch -t 1610200900 fic2 find /var/log/ -type f -newer fic1 -not -newer fic2
SystemD Voir les logs entre deux dates
journalctl --since "2019-10-16 06:00" --until "2019-10-16 10:00"
Autres
find . -type f -name "*.txt" -print | xargs ls -l -D %Y-%m-%d
Filtrage web avec SquidGuard
Listes :
/etc/squid/squid.conf
cache_peer localhost parent 8118 0 default no-query no-digest no-netdb-exchange acl all src all acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 acl localnet src 10.0.0.0/8 # RFC1918 possible internal network acl localnet src 172.16.0.0/12 # RFC1918 possible internal network acl localnet src 192.168.0.0/16 # RFC1918 possible internal network acl SSL_ports port 443 # https acl SSL_ports port 563 # snews acl SSL_ports port 873 # rsync acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 631 # cups acl Safe_ports port 873 # rsync acl Safe_ports port 901 # SWAT acl Safe_ports port 9920 # JIRA acl purge method PURGE acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access deny all icp_access allow localnet icp_access deny all http_port 3128 hierarchy_stoplist cgi-bin ? access_log /var/log/squid/access.log squid refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880 refresh_pattern . 0 20% 4320 acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9] upgrade_http0.9 deny shoutcast acl apache rep_header Server ^Apache broken_vary_encoding allow apache extension_methods REPORT MERGE MKACTIVITY CHECKOUT hosts_file /etc/hosts coredump_dir /var/spool/squid header_access From deny all header_access Server deny all #header_access WWW-Authenticate deny all header_access Link deny all header_access Cache-Control deny all header_access Proxy-Connection deny all header_access X-Cache deny all header_access X-Cache-Lookup deny all header_access Via deny all header_access Forwarded-For deny all header_access X-Forwarded-For deny all header_access Pragma deny all header_access Keep-Alive deny all header_access Referer deny all redirect_program /usr/bin/squidGuard -c /etc/squidguard/squidGuard.conf redirect_children 10 never_direct allow all
/etc/squidguard/squidGuard.conf
# # CONFIG FILE FOR SQUIDGUARD # dbhome /var/lib/squidguard/db logdir /var/log/squid src allusers { ip 127.0.0.1/32 } dest white { domainlist white/domains urllist white/urls log dest_white.log } dest adblock { expressionlist adblock/expressions log dest_adblock.log redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } dest adult1 { domainlist tlse/adult/domains urllist tlse/adult/urls expressionlist tlse/adult/very_restrictive_expression log dest_adult1.log redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } dest gambling1 { domainlist tlse/gambling/domains urllist tlse/gambling/urls log dest_gambling1.log redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } dest phishing1 { domainlist tlse/phishing/domains urllist tlse/phishing/urls log dest_phishing1.log redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } dest publicite1 { domainlist tlse/publicite/domains urllist tlse/publicite/urls expressionlist tlse/publicite/expressions log dest_publicite1.log redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } dest malware1 { domainlist tlse/malware/domains urllist tlse/malware/urls expressionlist tlse/malware/expressions log dest_malware1.log redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } dest marketingware1 { domainlist tlse/marketingware/domains urllist tlse/marketingware/urls log dest_marketingware1.log redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } dest dating1 { domainlist tlse/dating/domains urllist tlse/dating/urls log dest_dating1.log redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } dest mobile1 { domainlist tlse/mobile-phone/domains urllist tlse/mobile-phone/urls log dest_mobile1.log redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } dest social1 { domainlist tlse/social_networks/domains log dest_social1.log redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } dest ads2 { domainlist mesd/ads/domains urllist mesd/ads/urls log dest_ads2.log redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } dest gambling2 { domainlist mesd/gambling/domains urllist mesd/gambling/urls log dest_gambling2.log redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } dest porn2 { domainlist mesd/porn/domains urllist mesd/porn/urls log dest_porn2.log redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } dest spyware2 { domainlist mesd/spyware/domains urllist mesd/spyware/urls log dest_spyware2.log redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } dest suspect2 { domainlist mesd/suspect/domains urllist mesd/suspect/urls log dest_suspect2.log redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } dest adult3 { domainlist isak/Adult_domains.txt urllist isak/Adult_urls.txt log dest_adult3.log redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } dest ads3 { domainlist isak/Advertisements_domains.txt urllist isak/Advertisements_urls.txt log dest_ads3.log redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } dest gambling3 { domainlist isak/Gambling_domains.txt urllist isak/Gambling_urls.txt log dest_gambling3.log redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } dest phishing3 { domainlist isak/Phishing_domains.txt urllist isak/Phishing_urls.txt log dest_phishing3.log redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } dest spyware3 { domainlist isak/Spyware_domains.txt log dest_spyware3.log redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } dest mobile3 { domainlist isak/Mobilephones_domains.txt urllist isak/Mobilephones_urls.txt log dest_mobile3.log redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } dest jibe { domainlist jibe/domains urllist jibe/urls log dest_jibe.log redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } acl { allusers { pass white !gambling1 !gambling2 !gambling3 !phishing1 !phishing3 !publicite1 !ads2 !ads3 !malware1 !spyware2 !spyware3 !marketingware1 !suspect2 !mobile1 !mobile3 !jibe any redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u } default { pass none } }
squid-install.sh
#! /bin/bash mkdir -p /var/lib/squidguard/db/white mkdir -p /var/lib/squidguard/db/jibe mkdir -p /var/lib/squidguard/db/adblock # Creation fichiers echo "\ video.google.com mts1.google.com mts0.google.com maps.google.com mt0.google.com mt1.google.com code.google.com" >/var/lib/squidguard/db/white/domains echo "\ www.google.com/recaptcha/" >/var/lib/squidguard/db/white/urls touch /var/lib/squidguard/db/adblock/expressions echo "\ facebook.com facebook.net fbcdn.com fbcdn.net fbshare.me twitter.com twimg.com addthis.com google-analytics.com google.fr google.com 1e100.net googleapis.com gmodules.com stats.buzzea.com data.gosquared.com d1l6p2sc9645hc.cloudfront.net d1ros97qkrwjf5.cloudfront.net fstatic.iadvize.com flux.com meetic-partners.com stats.wattimpact.com els.a4.tl radar.cedexis.com greatviews.de get.adobe.com #microsoft.com ie.microsoft.com windowsupdate.microsoft.com update.microsoft.com download.windowsupdate.com live.com latestdl.info #go-mono.com traficmax.com atdmt.com r.msn.com #msn.com yesmessenger.com yes-messenger.com sexe4x.com clic.ws publicite-sexe.com adtech.de adultfriendfinder.com datasecureprocess.com tvwebgay.com partie-membres.com piximedia.fr piximedia.com tns-counter.ru mc.yandex.ru direction-x.com empiredusexe.com thumbs-share.com the-adult-company.com plugin-x.com xcams.com lescelibataires.net sexxxtape.net vador.com pub.oumma.com acces-charme.com pornattitude.com" > /var/lib/squidguard/db/jibe/domains echo "\ clck.yandex.com/ fr.search.yahoo.com/r/ wwwimages.adobe.com/www.adobe.com/images/shared/download_buttons/ www.adobe.com/images/shared/download_buttons/ www.topachat.com/images/bandeaux/ go-mono.com/moonlight/ www.microsoft.com/getsilverlight/ go.microsoft.com/fwlink/?LinkId=161376 yandex.st/serp/31.89/pages/foreign/_foreign.js" > /var/lib/squidguard/db/jibe/urls # Droits fichiers chown proxy: /var/lib/squidguard/db/jibe/urls /var/lib/squidguard/db/jibe/domains /var/lib/squidguard/db/white/domains /var/lib/squidguard/db/white/urls /var/lib/squidguard/db/adblock/expressions
squid-update.sh
#! /bin/bash # Definition des variables squiddb="/var/lib/squidguard/db" tmp_folder="/tmp" lst_logs_dest="dest_adblock.log dest_ads2.log dest_ads3.log dest_adult1.log dest_adult3.log dest_dating1.log dest_gambling1.log dest_gambling2.log dest_gambling3.log dest_malware1.log dest_marketingware1.log dest_mobile1.log dest_mobile3.log dest_phishing1.log dest_phishing3.log dest_porn2.log dest_publicite1.log dest_social1.log dest_spyware2.log dest_spyware3.log dest_suspect2.log dest_white.log dest_jibe.log"; cd $tmp_folder exec 2>$tmp_folder/squid-update.err #exec 1>$tmp_folder/squid-update.log # Fin normal fin_ok() { echo "FIN." cat $tmp_folder/squid-update.err exit 0 } # Fin erreur fin_err() { echo -e "ERREUR: \n" cat $tmp_folder/squid-update.err exit 1 } # Cleanning des Logs clean() { rm -f /var/log/squid/*.gz 2>/dev/null rm -f /var/log/squid/*[0-9] 2>/dev/null rm -f /var/log/privoxy/*.gz rm -f /var/log/squidguard/*.[0-9] echo "" > /var/log/dansguardian/access.log echo "" > /var/log/privoxy/logfile echo "" > /var/log/squid/squidGuard.log echo "" > /var/log/squid/cache.log echo "" > /var/log/squid/access.log echo "" > /var/log/squid/store.log for fic in $lst_logs_dest do echo "" >/var/log/squid/${fic} done } # Téléchargement des blacklists et expressions régulière (adblock) download() { #wget -nv -N http://adblockplus.mozdev.org/easylist/liste_fr+easylist.txt; wget -nv -N ftp://ftp.univ-tlse1.fr/blacklist/blacklists.tar.gz && mv blacklists.tar.gz tlse.tar.gz wget -nv -N http://squidguard.mesd.k12.or.us/blacklists.tgz && mv blacklists.tgz mesd.tar.gz wget -nv -N http://download.isak.gplindustries.com/isakurldbtext.tar.gz && mv isakurldbtext.tar.gz isak.tar.gz } # Décompression des lists uncompress() { tar xzf tlse.tar.gz && rm -rf /var/lib/squidguard/db/tlse && mv -f blacklists ${squiddb}/tlse tar xzf mesd.tar.gz && rm -rf /var/lib/squidguard/db/mesd && mv -f blacklists ${squiddb}/mesd tar xzf isak.tar.gz && rm -rf /var/lib/squidguard/db/isak && mv -f isakurldbtext ${squiddb}/isak } # Mise à jour update() { #/usr/share/doc/adzapper/examples/update-zapper #cat $tmp_folder/liste_fr+easylist.txt | sed -f $tmp_folder/adblock.sed > /var/lib/squidguard/db/adblock/expressions squidGuard -C all; } # Définition des droits droits() { chown -R proxy:proxy /var/log/squid; chown -R proxy:proxy /var/lib/squidguard; chmod -R 760 /var/lib/squidguard/db; } ##### DEBUT clean || fin_err; echo -e "1. Cleanning des Logs \t\t\t\t [OK]"; download || fin_err; echo -e "2. Téléchargement des listes \t\t\t [OK]"; uncompress || fin_err; echo -e "3. Décompression des listes \t\t\t [OK]"; update || fin_err; echo -e "4. Mise à jour \t\t\t\t\t [OK]"; droits || fin_err; echo -e "5. Définition des droits sur les fichiers \t [OK]\n"; killall -1 squid; fin_ok;
Autre système de filtrage :
- stay focused
- detoxify
- bulldog blocker
- pluckeye
Fichier effacé handle ouvert lsof espace disque
Voir :
Voir aussi :
lsfd
#lsof -nP +L1 |grep /var/log/ # lsof -a +L1 MOUNTPOINT lsof -a +L1 /var/log # lsof -l | grep deleted lsof +L1 find /proc/*/fd -ls | grep '(deleted)'
Fetchmail
Voir aussi
- imapsync
Intro
La cathédrale et le bazar
fetchmail -v -d 0 --sslproto TLS1 --sslcertfile dovecot.pem
Les options --sslproto et --sslcertfile peuvent être enregistrée dans le fichier .fetchmailrc
Le certificat dovecot.pem provient du serveur IMAP dovecot (/etc/dovecot/dovecot.pem) Il peut être récupéré par la commande suivante :
openssl s_client -connect imap.acme.fr:993 </dev/null > dovecot.pem
Exemple de fichier de conf
Récupérer les courriels de mon 2em serveur (secondaire backup DRP) pour les remettre sur le 1er Cette exemple nécessite Procmail
- ~/.fetchmailrc
### global settings ### #set syslog #set daemon 90 set postmaster "postmaster@acme.fr" set no bouncemail #set no spambounce ### server settings ### poll "imap.acme.fr" port 993 protocol IMAP aka acme.fr envelope "X-Envelope-To:" timeout 30 #localdomains acme.fr #### user settings ### user "alice" password "MOTDEPASS" is alice no keep ssl sslcertck sslcertfile dovecot.pem sslproto TLS1 options fetchall no rewrite warnings 86400 mda "/usr/bin/procmail -f %F -d %T"; smtphost "localhost" smtpname "alice@acme.fr" smtpaddress "localhost" fetchlimit 25 user "bob" password "MOTDEPASS" is bob no keep ssl sslcertck sslcertfile dovecot.pem sslproto TLS1 options fetchall no rewrite warnings 86400 mda "/usr/bin/procmail -f %F -d %T"; smtphost "localhost" smtpname "bob@acme.fr" smtpaddress "localhost" fetchlimit 25
Exemple 2
Récupérer mes courriels de Yahoo sur mon serveur perso
- ~/.fetchmailrc
### global settings ### set syslog set daemon 90 set postmaster "postmaster@acme.fr" #set no bouncemail #set no spambounce ### server settings ### poll "pop.mail.yahoo.com" port 995 with protocol POP3 aka acme.fr envelope "X-Envelope-To:" timeout 30 localdomains acme.fr #### user settings ### user "jblegra@yahoo.fr" password "MOTDEPASS" is jblegra here no keep ssl options fetchall no rewrite warnings 86400 smtphost "localhost" smtpname "jblegra@acme.fr" #smtpaddress "acme.fr" fetchlimit 25
chmod 600 ~/.fetchmailrc
blog.txt · Dernière modification : de 127.0.0.1