Skip to main content
Version: 8.2411.x.x RR

Helper tools

Helper binaries

NevisProxy comes with some helper tools. These tools are usually preset in the configuration files, for example the log rotation tool bclogmgr or the passphrase getter keystorepwget. But you can use some tools for testing and debugging issues, too.

base62

Base62 encoding and decoding tool:

Usage: /opt/nevisproxy/bin/base62 [-d]
Base62 encode or decode standard input
-d Decode data.

bclogmgr

Log file rotation tool used by nevisProxy. See usage below.

usage: bclogmgr [pidfile=<file>] [size=<num>] [time=<time>] [compression=<command>] [archives=<num>] [archivedir=<dir>] [archivefmt=<format>] [persistent] [input=<file>] <logfile>

pidfile : File to write PID to. 'kill -USR1 <PID>' makes the bclogmgr reopen its logfile (useful with external rotation).
size : The file size in bytes for size based log rotation. Minimal size is 2048.
time : Time specification in cron format for time based log rotation. Will be ignored if size is configured
Format: min{,min} hour{,hour} day{,day} month{,month} wday{,wday}
Where : minute in range [0..59] or * for every minute
hour in range [0..23] or * for every hour
day of the month in range [1..31] or * for every day
month of the year in range [1..12] or * for every month
day of the week in range [0..6] with 0=Sunday or * for every day
Sample: 10,40 14 1,2 * *
Every 1st and 2nd of the month at 14:10 and 14:40
archives : Number of archived files to keep
archivedir: Directory where archived files are moved. If none specified, then the default is the current directory
archivefmt: Format to use when renaming archived files.
Format: Supported conversion specifiers
%f : name of log file without extension
%Y: 4-digit year
%y: last two digits of year [00..99]
%m: month [01..12]
%d: day of month [01..31]
%H: hour [00..23]
%M: M (minute [00..59]
Sample: archivefmt=%f-%Y%m%d.log
would produce archive files named (assuming the logfile is called mylog.log)
mylog-20070322.log

persistent: Disables program termination on EOF (useful when reading from named pipes).
input : File which gives the log's input. Default is standard input.

bcxmlparser

A simple XML parser with limited XPath support.

usage:
bcxmlparser nodes -in filename -xpath xpath
bcxmlparser values -in filename -xpath xpath
bcxmlparser set -in filename -out filename -xpath xpath -value string
bcxmlparser format -in filename -out filename
bcxmlparser add -in <xml_file> -out <xml-file> -xpath <element where ot add> -fragment <xml-file>
bcxmlparser remove -in <xml_file> -out <xml-file> -xpath <elements to be removed>

bin2hex

Prints out the hexadecimal representation of the input.

usage: ./bin2hex <input>

keystorepwget

Script to access the passphrase of certificates. For more information, see the bc.security.PassPhraseDialog low level property.

nevisproxy_pkcs11

The nevisproxy_pkcs11 command allows the dumping of information and contents of PKCS#11 (Cryptoki) devices. For more information, see Appendix E.

openssl

The most recent version of OpenSSL shipped by nevisProxy. Can be used to generate certificates, DH parameters, etc.

semflush

Lost semaphore remover tool. In case the proxy crashes or is stopped using SIGKILL then the used semaphores may not be cleaned up. This could lead to system resource shortage when this is repeated multiple times. Usage: call the tool without parameters with superuser privileges.

mod-qos utilities

The Apache module mod_qos provides optional tools for log data processing and analysis. For more information on these tools, see the official mod_qos documentation.

qscheck

Monitor tool testing the TCP connectivity to servers used by mod_proxy.

qsdt

Simple tool to measure the elapsed time between related log messages.

qsexec

Command execution triggered by patterns within log files.

qsfilter2

Rule generator. Creates QS_Permit directives and rule patterns from audit log files.

qsgeo

Adds the country code for the client IP address within a log file.

qsgrep

Searches a file for a pattern and prints the data in a new format.

qshead

A utility that reads from stdin and prints all lines to stdout until reaching the defined pattern.

qslog

A real time TransferLog/CustomLog data analyzer. It reads the per request log data from stdin and generates statistic records every minute. qslog collects request statistics (req/sec, bytes/sec, status codes, response times, memory consumption, server load) every minute and writes the collected data to the configured log file. This utility can be configured within the navajo.xml file as shown in the template that comes with the nevisProxy package.

The qslog is enabled by default in the navajo.xml file, via the CustomLog attribute. If you do not need the runtime statistics, it is safe to remove the qslog, or delete the CustomLog attribute altogether. The CPU usage of the qslog utility is small but not negligible.

qslogger

Shell command interface to the syslog(3) system log module.

qsre

Regular expression (pcre) pattern match test tool.

qsrespeed

Compares the expected processing time per regular expression.

qsrotate

Log rotation tool similar to Apache's rotatelogs.

qssign

A log data integrity check tool. It reads log data from stdin (pipe) and writes the signed data to stdout adding a sequence number and signature to every log line.qssign.rb is a Logstash filter plug-in that you can use to verify the signatures of log messages in real time.

qstail

Shows the end of a log file beginning at a defined pattern.

ipfilter

Simple tool to replace/hide IP addresses in log files.

wlsg

Internal binary for rule generation for the self-learning feature of input validation.

Internal binaries

Internal binaries used by nevisProxy: apachesv_2_4, navajosv2_4, nevisproxy, nevisproxy2_4.