WolfBoy’s blog

Dongletype: E172

The following file must be added to the Vyatta filesystem:

/opt/vyatta/share/ppp/network/vodafone:

TIMEOUT 3
ABORT "BUSY"
ABORT "NO CARRIER"
ABORT "VOICE"
ABORT "NO DIALTONE"
ABORT "NO DIAL TONE"
ABORT "NO ANSWER"
ABORT DELAYED
"" ATZ
OK 'ATQ0 V1 E1 S0=0 &C1 &D2'
OK 'AT+CGDCONT=1,"IP","office.vodafone.nl"'
OK ATDT*99***1#
CONNECT ""

When you add a ‘wirelessmodem’ in Vyatta (wlm0) the following file is created:

/etc/ppp/peers/wlm0:

ipparam "wlm0 "
usepeerdns
/dev/ttyUSB0
lcp-echo-failure 0
115200
debug
nodefaultroute
ipcp-max-failure 4
ipcp-accept-local
ipcp-accept-remote
noauth
crtscts
lock
persist
linkname wlm0
connect '/usr/sbin/chat -v -t6 -f /opt/vyatta/share/ppp/network/vodafone'

Vyatta config confirmed working to ‘up’ the UMTS link on boot:

interfaces {
    ethernet eth0 {
        address 192.168.56.4/24
        hw-id 00:0d:b9:1b:b9:68
    }
    ethernet eth1 {
        hw-id 00:0d:b9:1b:b9:69
    }
    ethernet eth2 {
        hw-id 00:0d:b9:1b:b9:6a
    }
    loopback lo {
    }
    wirelessmodem wlm0 {
        device ttyUSB0
        network vodafone
    }
}
service {
    dns {
        forwarding {
            listen-on eth0
            name-server 192.168.56.1
        }
    }
    nat {
        rule 10 {
            outbound-interface wlm0
            type masquerade
        }
    }
    ssh {
    }
}

I don’t know if a higher baudrate will help….I noticed download speeds up to 440 KBytes/s (~3.5Mbit) !

As you all should know by now, I do all my encoding using Linux. Sometimes I use mencoder, sometimes I use ffmpeg. Both programs are based on some of the same libraries….but sometime you get nicer results using a specific program for a specific task.

People often ask me: “how can I convert your files to my PSP?” I recommend you also use ffmpeg which available for Windows as well! ffmpeg however is a command line program so you must enter all sorts of ‘difficult’ parameters like:

C:\Program Files\WinFF>"C:\Program Files\WinFF\ffmpeg.exe" -i "H:\largedata\hauppauge\tour\2010 Paris-Nice - Prologue.mkv" -f dvd -target pal-dvd -aspect 16:9 -b 8000kb -mbd rd -trellis -mv0 -cmp 0 -subcmp 2 "C:\Documents and Settings\Danny\Mijn documenten\2010 Paris-Nice - Prologue.mpg"

I think this is nice because you can script it but for the average user this can be a pain. Using a GUI it becomes a lot simpler and WinFF is an easy GUI which includes ffmpeg as well!

So just download and install WinFF and this is the result:

WinFF in Dutch

English version

I finally got afacli working om my Debian lenny systems. This is how it was done

1. Download afa-apps-snmp.2807420-A04.tar.gz from the Dell pages
2. Download a rpm containing the old libstdc++-libc6.2-2.so.3 library file, search for it I used: compat-libstdc++-296-2.96-141.i386.rpm
3. Unpack all rpm’s like this: rpm2cpio rpm_file | cpio -idv
4. A file MAKEDEV.afa is unpacked, place this file in the /dev dir, run it and delete it. It makes the correct dev links
5. Place all files in the right dirs

To check if it works, start afacl and enter:

open afa0
container list
disk list
exit

Voila!

I always set the services called ‘Automatic Update’ to MANUAL because I want to be there (or connected remote) when an upgrade is installed. When I visited the ‘Update’ site via IE it reported an error about a service. Ok I thought….clearly the service must be running so I started the service but keeping the ‘Startup type’ at ‘Manual’.

Again the update site of Microsoft reported an error! It only would continue after I adjusted the service automatic ‘Startup type’ field to ‘Automatic’. Duh!

Not only can a web page (Microsoft Update) read the state of a service, running or not, it also can read the setting of the ‘Startup type’ field. Again it’s clear to me this browser has way to much rights to delve into the system. More rights than a normal user in fact

Keep it at another browser my friends!!

Every day I get this message from all my servers. I know snort is running as a packet sniffer on my servers, it’s how I keep an eye on things and try to learn how things went wrong if they go wrong.

How to prevent this?

My solution was to change the chkrootkit file in /etc/cron.daily like so:

$CHKROOTKIT $RUN_DAILY_OPTS
change to
$CHKROOTKIT $RUN_DAILY_OPTS | grep -v 'eth0: PACKET SNIFFER(/usr/sbin/snort

Using AVG 7.5 for a long time with great success I had to install AVG 8.5 after they decided April 30th was the final date for 7.5 updates. Fiddling around with my stable mail server isn’t the most fun work but finally I managed to find the inspiration to update AVG to 8.5. My amavisd-new setup works with AVG and CLAMAV.

After downloading and unpacking the tar gz from Grisoft I made a new directory in /local/usr named ‘opt’ and made a symlink to it named /opt. I did’t wanted the opt in my root partition….it was almost full

Installing with the defaults choosing ‘amavis’ for user and group for the daemon. After this, you must change the port in amavisd.conf because the new daemon listens to different port.

The AVG lines in amavisd.conf should read:

['AVG Anti-Virus',
\&ask_daemon, ["SCAN {}\n", '127.0.0.1:54322'],
qr/^200/, qr/^403/, qr/^403 .*?: ([^\r\n]+)/ ],


Have fun!

You know this annoying message? I sometimes see this when I connect to one of the servers I maintain via remote desktop. What is annoying about that?

For one…it requires you to type a message explaining why this happened. Duh! How do I know if I cannot examine the logs…..maybe the UPS service did not run or?

What is really annoying however is that it states: “the previous shutdown”. How hard could it be for Microsoft to actually state last known date and time of running? Now I have to search through thousands of lines of system log (reboot could happened a week ago!) to find the date/time of failure.

Missed opportunity Microsoft

Although my Linksys nss4000 is working very reliable it’s not fast by any standard. It has two gigabit ports but with nfs tweaked to the max I could not even saturate a 100mbit link
My box is fitted with 4 drives of 500GB which delivers about 1.36TB of super stable RAID5 storage. I never had any troubles with this box even with my own firmware hack

I use the Linksys NSS4000 for backup storage using the great program BackupPC which I highly recommend! 17 hosts are now backed up there ranging from workstations to office servers containing database backups and huge amounts of office data. My NAS is now for 26% full, so why buy a new one?

I get the impression that backups take a long time due to the slow behavior of the Linksys so I decided I’d buy the fastest available NAS (at reasonable price that is) and try to hack my way into this one. Well….hacking is not necessary, just install the SSH-as-root package from the Netgear website and you’re in! That is great news!!

Using apt you can install backuppc onto the Netgear:

apt-get update
apt-get install backuppc

only this fails because one process (chfn) seems to hang:

 3:58  |       \_ apt-get install backuppc
 2588 pts/0    S+     0:00  |           \_ /usr/bin/dpkg --status-fd 9 --configure perl perl-modules libperl5.8 libcompress-zlib-perl libarchive-zip-perl wwwc
 2594 pts/0    S+     0:00  |               \_ /usr/bin/perl -w /usr/share/debconf/frontend /var/lib/dpkg/info/backuppc.postinst configure
 2599 pts/0    S+     0:00  |                   \_ /bin/sh /var/lib/dpkg/info/backuppc.postinst configure
 2604 pts/0    S+     0:00  |                       \_ adduser
 2607 pts/0    S+     0:00  |                           \_ /usr/bin/chfn -f BackupPC backuppc
 2647 ?        Ss

To be continued….

Mijn Myth-setup bestaat uit een:

- master backend (tevens huiskamer frontend) met 2 tuners (1 PVR150 en 1 PVR250)
- slave backend (tevens slaapkamer frontend) met 1 tuner (PVR150)
- slave backend (tevens werkkamer frontend) met 1 tuner (PVR250)
- laptop frontend (staat naast mijn bed)

Alle backends en frontend zijn geïnstalleerd m.b.v. KnoppMyth R5F1 (Myth Library API version: 0.20.20060828-4, Source code version: 13420)

Er bestond bij mij behoefte op mijn Linux werkstations ook de frontend software te draaien maar ik zag op tegen het compileren van Myth met dezelfde versie als die op mijn systemen staat.

Workaround
Ik heb een workaround gevonden waardoor ik, door wat bestanden te kopiëren van mijn draaiende Myth systemen, snel mijn Linux werkstation als frontend kan gebruiken. Werkwijze:

1. Je hebt de volgende bestanden nodig:

cd /usr/lib
tar cfvz lib.tar.gz libmp3lame* libiec* libavc* librt* liblirc* libmp3lame*
scp lib.tar.gz user@workstation:~/.
cd /usr/share
tar cfvz myth.tar.gz myth
scp myth.tar.gz user@workstation:~/.
scp /usr/bin/mythfrontend user@workstation:~/.

2. De inhoud van lib.tar.gz zet je ergens neer en zorg dat /etc/ld.so.conf dit pad bevat. Ik heb ze in /home/danny/libmyth gezet zodat mijn /etc/ld.so.conf bevat:

include /etc/ld.so.conf.d/*.conf
/home/danny/libmyth

Voer nu ldconfig éénmaal uit
3. De inhoud van myth.tar.gz in /usr/share/mythtv
4. Probeer de frontend te starten door:

ldd ~/mythfrontend

te doen…..let op libraries die niet gevonden kunnen worden….
5. Het volgende pakket is nodig (apt-get): libqt3-mt-mysql

Succes!

In my search for a cheap but versatile NAS I found this bargain at the local Staples shop. The box said: 1TB*. I wondered how much effective storage this unit had. Did the 1TB* mean: 1TB in raid 0 and 500GB in raid 1 or was it in fact 1TB raid 1? The cardboard box did not provide enough information. Because my previous acquired products of Iomega proved to be very solid, I bought this one to give it a spin.

I like RAID 1 because I think it’s easier to recover when a drive or chipset fails. When a RAID 5 disk set is screwed….your data is scattered around 3 or more disks and very hard to reconstruct using another PC or OEM RAID hardware. Considering the low price of hard disks these days I think RAID 1 will be my favorite choice for the moment.

You cannot exchange hard drives on this unit which made me very nervous! What would happen if one of the drives would fail? I would have to send the unit for repair thus trusting several strangers with my – and my customers – data. This is a NO GO so I had to find out if I could recover from a huge problem myself. I broke the warranty by delving into the device….

more later…