David Andrzejewski

Python: Get XML Representation of an Object

Computing, Programming, Python Comments Off

Nov 182011

I needed to return all the members of an object as an XML document in Python. I used the ElementTree library to do this.

The class in question is pretty basic: It has a constructor, member variables, getters and setters for the member variables, and now this new function.

Every Python class has a built-in __dict__ member, which is a dictionary ({}) of key/value pairs for all of the member variables, so I use that to get all of the variables to add to the ElementTree.

This function returns an xml.etree.ElementTree.Element object, which can be turned into a string if needed by using ElementTree’s tostring() method.

def getXML(self):
    """ Returns an XML representation of the object """
    topElem = Element("item")
    for key in self.__dict__.keys():
        elem = SubElement(topElem, key)
        elem.text = str(self.__dict__[key])
    return topElem

Squid: Bypass redirector for specific URL

Computing, Software Comments Off

Nov 162011

Often times, in your Squid proxy, you may have a redirector configured – such as SquidGuard:

redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squid/squidGuard.conf

I ran into a problem tonight with my Roku box where SquidGuard was seeing Roku’s NetFlix access as a security threat. So, to make Squid bypass the redirector, add an ACL and a redirector-access rule:

acl netflix dstdomain .netflix.com
redirector_access deny netflix

There you have it – any requests to *.netflix.com will skip the redirector.

Squid Proxy: Make Outgoing Headers Anonymous

Computing, Security, Software Comments Off

Nov 062011

By default, Squid sends HTTP headers on every request that can give away information about your internal network. Here’s an example of these headers:

HTTP_VIA:1.1 proxyserver.local (squid/3.1.16)
HTTP_X_FORWARDED_FOR:192.168.0.123

That’s three pieces of information you may not want to give away: The host name of your proxy server, the version of Squid it’s running, and the IP address of the system that’s making the request via the proxy.

Fortunately, it’s simple (and does not apparently violate any standards) to make these headers more anonymous – just use these configuration directives in your squid.conf:

# Be more anonymous
forwarded_for off
visible_hostname proxy.local
httpd_suppress_version_string on

That will change the headers to look more like this:

HTTP_VIA:1.1 proxy.local (squid)
HTTP_X_FORWARDED_FOR:unknown

CSS: Make an element unselectable

Computing, Programming Comments Off

Oct 282011

Apparently, it’s necessary to use separate CSS properties for each browser.

.unselectable {
	-webkit-user-select: none;
	-khtml-user-select: none;
	-moz-user-select: none;
	-o-user-select: none;
	user-select: none;
}

Configure VLANs on FreeBSD

Computing, Security Comments Off

Sep 072011

If you have a switch, access point or other piece of network hardware that supports 802.1q VLAN tagging, and you’d like to your FreeBSD system to recognize them, it’s a pretty straight-forward configuration. I’ll use examples from my network to illustrate. My goal in this case, which I may write about in a separate post, was to create two segmented wifi networks – one for my main network and one for guests to connect to. I wanted the guest network to have access to the internet, but not to any of my other systems on the network.

Older Entries