Opening port in firewall - SuSE Linux

Recently I stumbled upon a problem of opening a port in firewall in SuSE Linux. I did follow the steps mentioned in https://www.digitalocean.com/community/tutorials/iptables-essentials-common-firewall-rules-and-commands. The problem is that once you start the firewall service, the rules set using iptables are gone. No new SSH connections are allowed. Thankfully the existing SSH connection was active. I was searching for iptables-save command in SuSE Linux to save this iptables configuration. But there is no such command.

To open a port in firewall in SuSE Linux, there are 2 steps. One is to use YaST. The other is to modify /etc/sysconfig/SuSEfirewall2 file.

As I was using ssh to connect to the linux box, I had to use the 2nd option of modifying /etc/sysconfig/SuSEfirewall2 file.

First we need to know the service that is listening on the port uses TCP or UDP. If the service is TCP, we need to find FW_SERVICES_EXT_TCP property in the file. If it is UDP, we need to find FW_SERVICES_EXT_UDP property in the file.

Then we need to insert the port number that we need to open in the firewall.

Assume the existing property looks like this:

FW_SERVICES_EXT_TCP = "61491 61492"

If we need to open port 5000, the property need to be changed as:

FW_SERVICES_EXT_TCP = "61491 61492 50000"

It is better to keep the port numbers sorted in asc/desc order so that it will be easier to search for any port.

FW_SERVICES_EXT_TCP = "50000 61491 61492" - This would be the final configuration.

References:

https://serverfault.com/questions/828458/how-to-save-and-reload-iptables-permanently-in-opensuse

 

https://blog.remibergsma.com/2013/02/12/automating-persistent-iptables-rules-on-red-hat-suse-and-debian/

 

How to find primary key of a table in different databases?

Here are the queries to find primary key of a table in Postgres, SQL Server and Oracle. Replace the <TABLE_NAME> with the table name that we are interested in.

Postgre

SELECT a.attname, format_type(a.atttypid, a.atttypmod) AS data_type
FROM   pg_index i
JOIN   pg_attribute a ON a.attrelid = i.indrelid
                     AND a.attnum = ANY(i.indkey)
WHERE  i.indrelid = '<TABLE_NAME>'::regclass
AND    i.indisprimary;

SQL Server

select C.COLUMN_NAME FROM  
    INFORMATION_SCHEMA.TABLE_CONSTRAINTS T  
    JOIN INFORMATION_SCHEMA.CONSTRAINT_COLUMN_USAGE C  
    ON C.CONSTRAINT_NAME=T.CONSTRAINT_NAME  
    WHERE  
    C.TABLE_NAME='<TABLE_NAME>'  
    and T.CONSTRAINT_TYPE='PRIMARY KEY'  

Oracle

SELECT COLUMN_NAME FROM all_cons_columns WHERE constraint_name = (
  SELECT constraint_name FROM user_constraints
  WHERE UPPER(table_name) = UPPER('<TABLE_NAME>') AND CONSTRAINT_TYPE = 'P')

Converting PEM cert to X509Certificate object in Java

 In firefox, when we select the certificate of the website and click on view certificate, it gives us the option to download PEM cert or PEM cert chain. For my use case, I need to work with java.security.cert.X509Certificate. The code to do this is:

 

InputStream is = ...//read the PEM cert file
java.security.cert.CertificateFactory cf = java.security.cert.CertificateFactory.getInstance("X.509");
java.security.cert.X509Certificate cert = (java.security.cert.X509Certificate)cf.generateCertificate(is);

 

Reference:

https://stackoverflow.com/questions/9739121/convert-a-pem-formatted-string-to-a-java-security-cert-x509certificate

Testing Data Access Layer with DataContainers