8 – How to place a plugin block to twig template without any contributed module?

I am using Drupal 8. Have created a custom module, added custom block “LskyTestVideo”, created a new page template with its own controller (“LskyOpenTokTestController”). In LskyOpenTokTestController::index action I rendered test-video-page.html.twig . Inside this page I need to place LskyTestVideo block.Here my code:

class LskyOpenTokTestController extends ControllerBase {

public function index() {
$block_manager = Drupal::service('plugin.manager.block');

$config = ();
$plugin_block = $block_manager->createInstance('lsky_test_video', $config);

$access_result = $plugin_block->access(Drupal::currentUser());

if (is_object($access_result) && $access_result->isForbidden() || is_bool($access_result) && 
!$access_result) {
  return ();
}
$render = $plugin_block->build();

return (
  '#theme' => 'open_tok_test_video_page',
  '#attached' => (
    'library' => (
      'lsky_open_tok/video-test-window',
      'lsky_open_tok/opentok',
    ),
  ),
  '#test' => $render,
);
 }

}

Here test-video.html.twig

    <div class="test-video-block">{{ test }}</div>

When the page is rendered, it returns 0.
How I can place a custom plugin block inside twig template. Thanks.

Can’t block specific IP address with iptables, Ubuntu 16.04

I’m trying to troubleshoot Fail2ban recognizing our http-get-dos trigger, but not actually banning the offending host. I can see it adding entries to iptables rules, but they don’t have any affect.

So I tried to manually ban a host, and I cant get that to work either.

I’m trying to drop all traffic from a specific host. I inserted a DROP rule, and appended a DROP rule, so they bookend everything. I’ve X’ed out the ip address of the host I’m trying to ban. This host can still connect to my web server, and get web pages.

I must be missing something stupid. Here’s the iptables -nvL output:

sudo iptables -nvL

Chain INPUT (policy ACCEPT 6226 packets, 31M bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DROP       all  --  *      *       XX.XX.XX.XX         0.0.0.0/0
85222 7764K fail2ban-xmlrpc  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80
85222 7764K fail2ban-HTTP  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80
85222 7764K fail2ban-HTTP  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80
 137K   16M fail2ban-BadBots  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 80,443
   82  7136 fail2ban-sasl  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 25,465,587,143,220,993,110,995
   82  7136 fail2ban-postfix  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 25,465,587
 137K   16M fail2ban-apache-overflows  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 80,443
 137K   16M fail2ban-apache-noscript  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 80,443
16620 1181K fail2ban-ssh-ddos  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 22
16621 1181K fail2ban-ssh  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 22
    0     0 DROP       all  --  *      *       XX.XX.XX.XX         0.0.0.0/0

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 6649 packets, 5149K bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain fail2ban-BadBots (1 references)
 pkts bytes target     prot opt in     out     source               destination
 137K   16M RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain fail2ban-HTTP (2 references)
 pkts bytes target     prot opt in     out     source               destination
 170K   16M RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain fail2ban-apache-noscript (1 references)
 pkts bytes target     prot opt in     out     source               destination
 137K   16M RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain fail2ban-apache-overflows (1 references)
 pkts bytes target     prot opt in     out     source               destination
 137K   16M RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain fail2ban-postfix (1 references)
 pkts bytes target     prot opt in     out     source               destination
   82  7136 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain fail2ban-sasl (1 references)
 pkts bytes target     prot opt in     out     source               destination
   82  7136 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain fail2ban-ssh (1 references)
 pkts bytes target     prot opt in     out     source               destination
16621 1181K RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain fail2ban-ssh-ddos (1 references)
 pkts bytes target     prot opt in     out     source               destination
16620 1181K RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain fail2ban-xmlrpc (1 references)
 pkts bytes target     prot opt in     out     source               destination

and here’s the iptables -S output:

sudo iptables -S

-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N fail2ban-BadBots
-N fail2ban-HTTP
-N fail2ban-apache-noscript
-N fail2ban-apache-overflows
-N fail2ban-postfix
-N fail2ban-sasl
-N fail2ban-ssh
-N fail2ban-ssh-ddos
-N fail2ban-xmlrpc
-A INPUT -s XX.XX.XX.XX/32 -j DROP
-A INPUT -p tcp -m tcp --dport 80 -j fail2ban-xmlrpc
-A INPUT -p tcp -m tcp --dport 80 -j fail2ban-HTTP
-A INPUT -p tcp -m tcp --dport 80 -j fail2ban-HTTP
-A INPUT -p tcp -m multiport --dports 80,443 -j fail2ban-BadBots
-A INPUT -p tcp -m multiport --dports 25,465,587,143,220,993,110,995 -j fail2ban-sasl
-A INPUT -p tcp -m multiport --dports 25,465,587 -j fail2ban-postfix
-A INPUT -p tcp -m multiport --dports 80,443 -j fail2ban-apache-overflows
-A INPUT -p tcp -m multiport --dports 80,443 -j fail2ban-apache-noscript
-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh-ddos
-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh
-A INPUT -s XX.XX.XX.XX/32 -j DROP
-A fail2ban-BadBots -j RETURN
-A fail2ban-HTTP -j RETURN
-A fail2ban-HTTP -j RETURN
-A fail2ban-apache-noscript -j RETURN
-A fail2ban-apache-overflows -j RETURN
-A fail2ban-postfix -j RETURN
-A fail2ban-sasl -j RETURN
-A fail2ban-ssh -j RETURN
-A fail2ban-ssh-ddos -j RETURN
-A fail2ban-xmlrpc -j RETURN

magento2 – Cannot insert widgets in CMS page or static block, somebody knowing what could be wrong?

using Magento version 2.3.5-p1.
Have the follwing problem and do not know why this is not working anymore.
Editing a block, disable editor and clicking on “insert widget” I get a “404 page not found screen.
On the log I got a debug.log containing the following:

(2020-07-02 21:48:14) main.DEBUG: URI ‘/admin/cms/page/edit/page_id/6/key/9cda62bd1db41b6a327d51c1b2b9abb85a93b75f938498bdf2b8b897c40b9247/widget_target_id/cms_page_form_content/mode/new?isAjax=true” cannot be accessed with POST method (MagentoCmsControllerAdminhtmlPageEdit) () ()
(2020-07-02 21:48:14) main.DEBUG: Request validation failed for action “MagentoCmsControllerAdminhtmlPageEditInterceptor” {“exception”:”(object) (MagentoFrameworkAppRequestInvalidRequestException(code: 0): Invalid request received at D:WebMagentoAktuellvendormagentoframeworkAppRequestHttpMethodValidator.php:69)”} ()

Any idea what could cause this error?

Because of this, I cannot insert a widget.

Please help
Best regards,
Jürgen

8 – How to programmatically print a webform block with caching enabled?

When displaying a Webform inside a normal block (using admin/structure/block) Drupal manage to correctly cache the page, the HTTP header displays X-Drupal-Dynamic-Cache: HIT.

However we need to display this webform inside a paragraph so we tried the following :

  • use twig_tweak module and {{ drupal_block('webform_...') }}
  • programmatically put the block in a template preprocess like this :
$my_form = DrupalwebformEntityWebform::load('contact_new');
$output = Drupal::entityManager()
          ->getViewBuilder('webform')
          ->view($my_form);
$variables('contact_form') = $output;

Both solutions seem to make the page uncacheable: X-Drupal-Dynamic-Cache: UNCACHEABLE.

What would be the correct way to put a block in a paragraph while make the page cacheable ?
How to mimic the standard block system to display a in our template ?

bip 34 – Can miner send garbled block height?

If you look at the changes made to the bitcoin reference implementation with the implementation of BIP 43 (see this commit), you will see that a check has been added to the function ‘AcceptBlock’. With this change, the function is now validating the height against the value taken from the coinbase script of the incoming block.

CScript expect = CScript() << nHeight;
if (!std::equal(expect.begin(), expect.end(),vtx(0).vin(0).scriptSig.begin()))
            return DoS(100, error("AcceptBlock() : block height mismatch in coinbase"));

So a block that contains a wrong block height in the coinbase transaction would actually be rejected by the other nodes in the bitcoin network (in the current version of the source code, this check is now in ContextualCheckBlock in validation.cpp). The value of the height to which the coinbase script entry is compared is taken to be the height of the current last block plus one, so it is calculated.

Thus the answers to your questions are:

1) no, the block height that a node actually uses is determined based on the current last block

2) yes, see the check in ContextualCheckBlock

3) probably yes, but then the DoS protection mechanism in the network would kick in and ban the respective node – and apart from that, the mining power that the miner has invested into the block with the incorrect height would be lost

consensus – Why was BIP34 (Block v2, Height in Coinbase) not implemented via the coinbase tx’s locktime or nSequence?

At some point in 2011/12 miners started using custom mining algorithms ignoring the best practise to mine to a different new public key (hash) for each subsequent block. This lead to a lack of uniqueness of the coinbase transaction id and destroyed some bitcoins forever.

So it became mandatory with BIP34/v2 blocks to put the height of a block in a special encoded format into the coinbase transaction’s input “script”.

But why not use existing datastructures like the coinbase transaction’s very own locktime field?

c# – Transform Block with parallelism and bounded capacity postponing message behavior

When a TransformBlock has a MaxDegreeOfParallelism > 1 and BoundedCapacity that isn’t unbounded, why does it postpone receiving further messages while there is one long running task despite there being capacity in the input queue?

Take the following console application. It creates a TransformBlock with a MaxDegreeOfParallelism = 5 and BoundedCapacity = 5 then feeds it 100 messages. When the block processes message x == 50, it delays that task for 10 seconds.

TransformBlock<int, string> DoSomething = new TransformBlock<int, string>(async (x) => {
    if (x == 50)
    {
        Console.WriteLine("x == 50 reached, delaying for 10 seconds.");
        await Task.Delay(10000);
    }
    Console.WriteLine($"processed message {x}");
    return x.ToString();
}, new ExecutionDataflowBlockOptions { BoundedCapacity = 5, MaxDegreeOfParallelism = 5 });

DoSomething.LinkTo(DataflowBlock.NullTarget<string>()); // ensure we empty the transform block

for (int i = 0; i < 100; i++)
{
    Stopwatch blockedTime = Stopwatch.StartNew();
    await DoSomething.SendAsync(i).ConfigureAwait(false);
    blockedTime.Stop();
    Console.WriteLine($"Submitted {i}tBlocked for {blockedTime.ElapsedMilliseconds}ms.");
}

DoSomething.Complete();
await DoSomething.Completion;
Console.WriteLine("Completed.");
Console.ReadKey();

The results show that messages 50-54 were all received by the block. Messages 51-54 completed, then the console window displays no output for 10 seconds before it displays that message 50 completed and message 55 was able to be received by the block.

...
Submitted 50    Blocked for 0ms.
Submitted 51    Blocked for 0ms.
processed message 51
Submitted 52    Blocked for 0ms.
x == 50 reached, delaying for 10 seconds.
processed message 52
processed message 53
Submitted 53    Blocked for 0ms.
Submitted 54    Blocked for 0ms.
processed message 54 // when run, 10 seconds pause happens after displaying this line
processed message 50 
processed message 55
Submitted 55    Blocked for 9998ms.
...

Why does the Transform Block not continue to fill the block up to the Bounded Capacity of 5, and use the other 4 degrees of parallelism to continue processing messages?

An ActionBlock does not display these symptoms and continues processing messages on other available parallel lines.

An unbounded capacity TransformBlock also does not display these symptoms.

blockchain – how to find the block height from merkle root?

I have the merkle root, using this value, how to get the block hash or its height?
There is this merkle root available in getblock RPC output:

./bitcoin-cli getblock 0320d6c1bd3c4cd2a08d6f76acb50b06a3ed766b058d247fbda3147aecfef388
{
“tx”: [
“bccf4c873984245694f64263a3392c4d67c6a6f60efe4ed53aa4965f6d8b7dc0”
],
“hash”: “0320d6c1bd3c4cd2a08d6f76acb50b06a3ed766b058d247fbda3147aecfef388”,
“confirmations”: 2,
“size”: 180,
“height”: 102,
“version”: 536870912,
“versionHex”: “20000000”,
“merkleroot”: “bccf4c873984245694f64263a3392c4d67c6a6f60efe4ed53aa4965f6d8b7dc0”,
“num_tx”: 1,
“time”: 1593523883,
“mediantime”: 1593467398,
“nonce”: 1,
“bits”: “207fffff”,
“difficulty”: 4.656542373906925e-10,
“chainwork”: “00000000000000000000000000000000000000000000000000000000000000ce”,
“previousblockhash”: “1664a604a6c8e603e311c6759f7693343ad77896c53de1bcef37de04dbcbbbc5”,
“nextblockhash”: “1924c8db1b986f398a12d5481fcc293913a2dab2ee7fbcb0e131d7941e5201c2”
}

using different transaction hashes, I got the merkle root value, now I need to know which block has this merkle root as in getblock.

web application – WAF Block issues

We have a web app hosted in AWS. I want users to only reach specific URIs not but not the home page of the app. For instance, if the app is reachable at https://mypublicapp.com, I only want the users to access https://mypublicapp.com/submit/d131dd02c5e6eec4/. The “d131dd02c5e6eec4” example hash value is different for different resources. When I take a look at how the app works using the DEV tools of the browser, the “Requested URL” is https://mypublicapp.com/submit**?key=**d131dd02c5e6eec4/ so the hash is sent as a query string in the headers under the value “key”. At this point I could simply use the AWS waf to inspect the request header and reject everything that has no key as a query string. But the problem is that the web app, which I do not have control over, also does a request to the “/”, so If I restrict the home page, I also restrict the access to the submit resource mentioned above.
Any ideas on how to do the home block without blocking the resource?

Appreciate. Farid

merkleblock – How Does the SPV merkle path form of multiple transactions in Merkle block looks like?

While I’m studying about the Bitcoin, I’ve wondered how many merkle paths should be contained in merkle block.

From the point of view of Merkle path, it is generated as the form of containing hashes of counterpart stepping up from bottom to top.

For example, if I have 4 transactions(let me use tx1, tx2, tx3, and tx4) in a block, then the hashes of them(h1, h2, h3, and h4) will be located at the bottom as the leaves. The parents of them will be (h12 and h34), after all, the merkle roots will be (h1234). So, if a SPV node want to verify that the tx2 is in the block, the full node can offer h1, h34 as a merkle path (as well as block header), so that they can prove as the step of hashing will lead them to the merkle roots which is contained in block header.

However, If I requests to verify multiple transactions in a block (e.g. using Bloom filter), then what would be contained into the merkle block (which contains merkle path and block header)?

Does they have ultiple merkle paths for each transactions which are interested in, so that the transactions can be verified respectively? or adapted merkle path to be included which encompass all transactions related? (e.g. if we want to verify tx1, tx3 then generating h2, h3; though this exmample seems not to be guaranteed to show the order of transactions)