Contents: usage, history, startup, NSLOOKUP.
There are numerous ways to get rid of unwanted banners and spies like doubleclick.net, but unfortunately these programs (e.g. WebWasher) either don't work with OS/2 or are shareware. Therefore I looked for a simple OS/2 onboard solution for my serious problems with ad.de.doubleclick.net:
My second attempt was to add unwanted servers as aliases of localhost (127.0.0.1), see the pictures below. You can also edit /etc/hosts directly. I've then started a dummy server HTTPD404.cmd answering requests at localhost port 80 with HTTP 404 not found. Now there are no more delays and (in the case of banners) no more error messages. Maybe HTTP 204 no content or HTTP 403 forbidden would have a similar effect.
To enable loopback (localhost 127.0.0.1) use either IFCONFIG.exe on the command line (ifconfig lo up) or TCPCFG.exe (TCP/IP Configuration notebook). On the first page activate loopback (JPeG picture, 70 KB).
On the name resolution pages activate Look through HOSTS list before going to the nameserver (JPeG picture, 62 KB). This will simply add the line SET USE_HOSTS_FIRST=1 to CONFIG.SYS.
Then change the Aliases of 127.0.0.1, i.e. add unwanted servers (JPeG picture, 20 KB). You could also edit ?:\MPTN\ETC\HOSTS directly. Some programs may have difficulties with too many aliases, and in OS/2 TCP/IP 4.1 the maximal number of aliases is apparently 35, see ?:\MPTN\include\netdb.h. Therefore I start this line with the most relevant aliases...
...followed by blocked servers (only two shown here) and terminated by a test entry...
...all in one long line. Now commands like ping xyzzy.test or host xyzzy.test should have the same effect as ping or host xyzzy.invalid. More important, if your browser "finds" xyzzy.test, then it will also "find" all blocked servers. Of course you would replace xyzzy by your host name as defined with TCPCFG.exe. Look for a line SET HOSTNAME= in CONFIG.SYS if you really don't know the name of your host. ;-)
The line length is apparently unlimited, only the number of aliases might be a problem. You can also use 127.0.0.1 in multiple lines, and define one unwanted server per additional line. For test purposes use again something like...
...in the last additional line. To test your setup try http://localhost and http://127.0.0.1 etc. in your browser. On my system I could dynamically add aliases without problems, but additional hosts (lines) apparently need a restart of TCP/IP (?).
BTW, domain invalid as shown above is a case of WySiWyG : I really use domain invalid in programs like TCPCFG.exe and SLIPPM.exe or in ?:\MPTN\ETC\RESOLV2 used by NSLOOKUP.exe, because these programs insist on a domain, and invalid had the least unwanted side-effects (compared with say domain dnsalias.org of my DynDNS host xyzzy.dnsalias.org or even domains of five different DialUp-ISPs).
Finally create a program object for the HTTPD404.cmd and a reference (shadow) to this object in your startup folder - or simply start a background process HTTPD404.cmd in STARTUP.cmd.
Often blocked content is in fact an image with a link to the spamvertized site. In such cases a transparent pixel isn't very visible, I now use an even smaller GIF87a (35 bytes).
I've no clue what I did in this version. Maybe it was sending a transparent 1×1 GIF for any local request where the host name is neither localhost nor 127.0.0.1, because that's what happens if any other host mapped to IP 127.0.0.1 tries to load its spam (scripts, images, trackers also known as Web bugs, etc.).
Just a quick hack, for any Content-Type: image/gif introduced in version 1.5 don't send a Syslog datagram. Maybe I shouldn't log any local access, because that's already visible in the normal reply and also reported on STDOUT (standard output).
I've replaced the dummy HTTP 403 Forbidden by a redirection HTTP 302 Found to this page for any GET / or HEAD / request with header Host: xyzzy.dnsalias.org. Of course you can and should edit the corresponding variables PAGE and HOST at the begin of the script with your own home page and host name. The idea of this feature is to get rid of persistent crawlers like MSNbot.
Script kiddies asking for monster URLs and other probes are boring, therefore I now limit queries to 1000 or less bytes. Anything else is truncated, and the receiving side of the socket is closed after 1000 bytes. That should also fix an obscure problem with hanging HTTP sessions.
There is no lang="en" attribute in HTML 3.2, therefore I removed it. Maybe I should add a DOCTYPE, but OTOH these error and dummy documents are meant to work with any browser down to HTML 1.0.
Versions 1.0 and 1.1 skipped to avoid any confusion with HTTP/1.0 and HTTP/1.1. The script now sends Syslog datagrams to port 514. I've copied the Syslog-REXX-snippet already used by some other scripts, see below.. For method GET request header lines starting with Host: or User-Agent: are now shown. Syslog-entries contain only the peer name or IP, and either a User-Agent: string or the request.
The host name or IP of clients is now shown. I've replaced the dummy HTTP 405 Method not allowed reply for POST requests by HTTP 501 Method not implemented. The same reply is sent for PUT, DELETE, CONNECT, TRACE, and OPTIONS requests. Maybe I'll support TRACE and OPTIONS in a future version.
Neither Lynx nor Wget were happy, therefore I read RFC 1945 again, and then modified the status line to HTTP/1.0 404 Not found instead of HTTP 404 Not found - sorry :-(
Check out this snapshot (JPeG, 75 KB) of a GoogleBot visit. The display of a User-Agent: header currently works only if it's found before the Host: header. In a future version I could add some bogus replies for ill-behaved visitors. And maybe display the IP of all those script kiddies desperately trying to GET whatever secrets here.
Simple requests (HTTP/0.9 GET) result now in a simple response without header. POST requests are rejected with HTTP 405 Method not allowed. HEAD requests are not echoed, only the corresponding header without body is sent.
If a client claims to support HTTP/1.1, but does not send a Host: header in his GET or HEAD request, the response is now HTTP 400 Bad request. This error is also used for other invalid requests like unknown method or missing URL.
Just for fun HTTP 403 Forbidden rejects any access on the root directory like GET / HTTP. The Date: header is still the local time instead of GMT, and therefore this is no HTTP/1.1 "server".
Without argument or argument 0 as in HTTPD404 0 the REXX double click 404 HTTPD server only echoes requests on port 80 of 127.0.0.1 (localhost). Use argument 1 or higher to echo requests on port 80 of any IP (INADDR_ANY), but note that this will be a "real" server open for everybody while your system is online (unless you're behind a firewall).
I've started to experiment with HTTP proxies like Junkbuster, and checking the effects of these proxies echoed by HTTPD404.cmd is interesting. If you use Junkbuster on your system but are not sure try show-proxy-args, this should be answered by Junkbuster with your local proxy setup. Otherwise you'll either get a host xyzzy.dnsalias.org unavailable error message, or my HTTPD404.cmd server answers your request if xyzzy is online.
In an old version of this document I mentioned TCPSTART.cmd as one way to restart TCP/IP with loopback interface on the fly after modifying ?:\MPTN\ETC\HOSTS. That was probably wrong, or at least it wouldn't include ifconfig lo up. This command is executed by ?:\MPTN\BIN\SETUP.cmd called by MPTSTART.cmd in CONFIG.SYS. For details see the MPTS Configuration Guide in ?:\IBMLAN\BOOK\mptscfg.inf.
My system doesn't belong to a LAN, it's either connected to the internet with a dialup connection or offline. Maybe that's too trivial for MPTS, because hostname.exe shows no host name and fails with errorlevel 1 for this configuration before the first connection.
SockGetHostByAddr( SockGetHostId(), 'stem.') has a similar problem based on the REXX socket interface RXSOCK.dll. In both cases SockGetHostId() or hostid.exe return IP 255.255.255.255, and then SockGetHostByAddr or hostname.exe cannot resolve this invalid IP.
It's rather simple to handle the failure, use the value of the environmental variable HOSTNAME or as last resort localhost. Unfortunately ppp.exe or slippm.exe replace an undefined hostid 255.255.255.255 by the IP of the first dialup connection. If all dialup connections are configured as primary interface the system uses its dynamic IP as hostid. In conjunction with a service like DynDNS hostname.exe can then resolve the host name, compare rxdyndns. If the system is again offline hostname.exe would again fail, and so far anything should be okay.
But if one or more dialup connections are not configured as primary interface ppp.exe or slippm.exe do not replace an apparently valid hostid. Therefore the system can be online with a new dynamic IP still using the hostid of an old dynamic IP, and if this old IP is used by another system hostname.exe returns the name of a foreign system.
This strange problem forced me to fix the Syslog-feature in three scripts rxsyslog.cmd, rxident.cmd, and the rxdyndns client. I'm not sure about the best general solution:
...to startup.cmd. Adding this line to mptstart.cmd or ?:\MPTN\BIN\setup.cmd might be better, but these scripts are created by MPTN, and a later configuration could overwrite manual modifications.
A final note, because the OS/2 documentation for NSLOOKUP.exe and other programs found in ?:\MPTN\BIN and ?:\TCPIP\BIN is far from complete: The default (builtin) root server ns.internic.net of NSLOOKUP.exe is prehistoric. If you want to change this or other NSLOOKUP settings permanently, create a file .nslookuprc in your HOME directory with a line...
...where HOME is a directory defined in a CONFIG.SYS line like SET HOME=G:\BIN or whatever you want it to be. LYNX.exe, SLRN.exe, CURL.exe, KSH.exe, and other *NIX-applications ported to OS/2 have rather funny ideas about what to do with a HOME directory on a single-user system, but as long as this only results in a bunch of dot-files I don't care.Sources Site map