phpns and silentium uploader - two great scripts that go great together
Friday 24 October 2008 9:09pm by: rac	permalink | 2 comments Computers
Wow, it's been a long time since posted anything here. Sorry 'bout that for anyone who might still be paying attention.... Anyway, I've been playing with some new web scripts for some site design I'm working on. I came across phpns a while back, and it's been used effectively on one of the sites I designed. However, it's missing one feature that would make it so much more useful for me: an upload facility. I started hunting around for a decent, simple file upload script that could be incorporated into phpns, and found Silentium Uploader from HyperSilence.net. After spending a couple of hours playing with it, I now have hacked Silentium into phpns. Like peanut butter and chocolate...they go great together! The download is available here: http://www.noidea.us/download.php?f=phpns-upload-patch.zip. I've also submitted it to the phpns developers if they want to incorporate it into their next version (if there is one...)

Linux traffic shaping in Fedora Core 4
Friday 24 August 2007 7:46pm by: rac	permalink | 0 comments Computers
Before I switched to the new mail server, I was running CBQ.init to do some limiting of outbound SMTP traffic. You see, I run a mailing list that has multiple large attachments that are resent to 50+ subscribers, and trying to send that out effectively kills my DSL line. When I set up the new server, I set up CBQ.init 0.7.3 using the same configuration as on the old (Fedora Core 1) machine. Today, I found out that my limiting was not working...seems that there is an error in the CBQ.init script that prevented it from running correctly. The error manifests as follows: [root@server rc.d]# ./cbq.init compile find: warning: you have specified the -maxdepth option after a non-option argument (, but options are not positional (-maxdepth affects tests specified before it as well as those specified after it). Please specify options before other arguments. find: warning: you have specified the -maxdepth option after a non-option argument (, but options are not positional (-maxdepth affects tests specified before it as well as those specified after it). Please specify options before other arguments. The error is actually a mistake in the find command syntax of two lines in the script. Here is the corrected script (those are line numbers in front). 577 ### Get a list of configured classes 578 CLASSLIST=`find $1 -maxdepth 1 \( -type f -or -type l\ ) -name 'cbq-*' \ 579 -not -name '*~' -printf "%f\n"| sort` 580 [ -z "$CLASSLIST" ] && 581 cbq_failure "no configuration files found in $1!" 582 583 ### Gather all DEVICE fields from $1/cbq-* 584 DEVFIELDS=`find $1 -maxdepth 1 \( -type f -or -type l \) -name 'cbq-*' \ 585 -not -name '*~'| xargs sed -n 's/#.*//; 586 s/[[:space:]]//g; /^DEVICE=[^,]*,[^,]*(,[^,]*)?/ \ 587 { s/.*=//; p; }'| sort -u` The change is the location of the -maxdepth 1 argument: it must be immediately after the last path in the statement, and before any other options. The original looked like this: ### Get a list of configured classes CLASSLIST=`find $1 \( -type f -or -type l \) -name 'cbq-*' \ -not -name '*~' -maxdepth 1 -printf "%f\n"| sort` [ -z "$CLASSLIST" ] && cbq_failure "no configuration files found in $1!" ### Gather all DEVICE fields from $1/cbq-* DEVFIELDS=`find $1 ( -type f -or -type l ) -name 'cbq-*' \ -not -name '*~' -maxdepth 1| xargs sed -n 's/#.*//; \ s/[[:space:]]//g; /^DEVICE=[^,]*,[^,]*\(,[^,]*\)\?/ \ { s/.*=//; p; }'| sort -u` After making this change, the script works as expected! I'm posting this on the off-chance that someone else might be having the same issue I did, and this will help them, too. Oh, and if anyone is interested, here is my script to limit SMTP outbound traffic on my 3Mbit/768Kbit DSL line. It's called cbq-0256.SMTP-out: DEVICE=eth1,3Mbit,384Kbit RATE=256Kbit WEIGHT=25Kbit RULE=,:25 Good luck!

Abandoned? No, just ignored....
Wednesday 22 August 2007 0:19am by: rac	permalink | 0 comments Site Info, General News, Computers
Anyone who has looked here in the last few months (OK, last 8 months...) would think I've abandoned the place. Not quite true...noidea.us is still my primary email domain, and I've thought about a lot of things I'd write about, if the time presented itself. Well, the time still hasn't made itself available (funny,the way that works), but I figured I should at least note that I'm still alive, still working, still researching malware, and learning how to be a dad. I guess running blogs on three different sites can be a bit...well...absurd? On the plus side, I have managed to finally upgrade my mail server....it's a major hardware shift from a PII-400 to a Sempron 2800+, and 384MB to 1GB of RAM. I can now run all those wonderful spam filters that I just didn't have the resources to handle before. It also went from Fedora Core 1 to Fedora Core 4. The old server was actually just a test box I was using to play with Postfix, Amavisd-new and Dovecot; it got pressed into live service after resetting all the hardware after hurricane Rita a couple of years ago when the Shuttle SV-24 died (of a notorious blown caps issue). I was unable to keep much of the filtering running because of the RAM requirements, and thus was making do with only Postfix's RBL checks and Policyd greylisting service. Now it's all running, and I'm much happier with the systems.... Final note, I'm now also an admin/developer for PluggedOut Blog, the blog script that runs this site. If you're looking for an easily customizable, flexible, feature-rich blog script in PHP, check it out!

Who is really responsible?
Monday 22 January 2007 9:49pm by: admin	permalink | 0 comments Rants, Computers
Last week, a Houston family filed a lawsuit against the MySpace social networking website. According to this article from The Register: "Myspace didn't act quickly enough to protect users who are minors from adult predators. The plaintiffs say their daughters were solicited and abused by adults using the site." [rant mode on] At what point did parents stop being responsible for the care of their children, and children stop being responsible for their own actions? When did MySpace (or Facebook, or Yahoo, or any other website) take over that role in the raising of a child? I've talked with parents, and I'm going to be one in a few months. Parents must take an active role in their child's development, including monitoring what they do on the computer, or who their friends are. This includes knowing the parents of their friends and how those parents raise their own children. [rant mode off] In the Houston case, I seem to recall that the mother had blocked internet access on their home computer, or they didn't have a computer. So, the daughter used her cell phone's browser to go to MySpace, or a computer at a friend's house. This goes back to being involved, both with the child and the parents of the child's friends. MySpace cannot be responsible because someone using their free, unmonitored service lied about their age or lured an irresponsible teenager into a compromised situation. Consider MySpace and the other sites as "common carriers": just like the phone company is not responsible for someone using the telephone to plan a robbery, or Cingular would not responsible for someone using a cell phone to trigger a bomb, MySpace and other social networking sites cannot be victimized by someone who is willing to lie to get somewhere. If MySpace implements the new rules they are discussing, it's simply going to generate hundreds of additional profiles; more people who will lie that they are either over age or under age to meet the people they are targeting. Short of turning into a pay service, and alienating their current major userbase (most of whom probably don't have credit cards or paypal accounts), I don't see any changes that will substantially alter the current situation. I really hope that the courts decide to throw out this case, with prejudice, and make those filing the lawsuit pay their own legal fees. Along with a stern lecture about parenting. Maybe that will make people think twice in this "I don't like you I'm going to sue" society.

lessons in system configuration
Wednesday 17 January 2007 11:51pm by: admin	permalink | 0 comments Computers, Rants, Site Info
I'm sure this will be an ongoing topic...I'm working on a new mailserver to replace a box that is excruciatingly underpowered. Even though it's only running about a dozen users, it's a Pentium II/400 maxing out 256MB of physical RAM and swapping over 60MB regularly. This wasn't a real problem until I decided to upgrade my spam filtering backend (amavisd-new, SpamAssassin/ClamAV and Maia Mailguard,with a dose of policyd greylisting daemon). The system restarted everything fine, but then came to a screeching halt as amavisd completely swamped the RAM in the system and everything slowed to a crawl. Unfortunately, the RAM in the system is maxed out and I can't add any more. Well, a couple of weeks ago I ordered a new system to replace this venerable dinosaur. The new box is a BioStar IDEQ N1, Sempron64 2800+, 1GB of PC3200 (400MHz) RAM. I'm recycling a spare 20GB drive, and loading with Fedora Core 4 (I don't like 5 or 6...the MySQL 5 installed breaks some of the web apps that I use). Now, on to the lesson of the day: I started setting up the box last week with custom-compiled versions of Postfix, Dovecot IMAP server and several other packages. Now I'm starting to configure things to closely match the existing mail server, including Samba. This makes some administrative tasks a bit easier, like updating some web pages (this basically only hosts SquirrelMail and PostfixAdmin). There's not much web service to do, but Samba makes it easier to move logfiles to the Windows box and copy new files over without having to run FTP or wget all the time. The problems started after I copied the smb.conf file (Samba config) from the existing server to the new box. I tweaked it, fixed some server-specific settings, and set it off. First, it wouldn't even see itself as an SMB server. found and fixed that. Then, it appeared to be fighting with my WINS server (another Linux box) to be the master browser. Fixed that setting too. Finally was able to resolve itself by name and local IP. Now to get it to see the rest of the network (and the rest of the network to see it, as well). OK...started through the diagnostics document from Samba. Step 1...good. Step 2...good. Step 3...er...step 3....errors. Troubleshooting was going nowhere. 45 minutes later, had a thought...firewall? Iptables was running, since this box faces both the internet and my local lan on different NICs. turned off iptables and gee...it works! Start tweaking around with firewall rules. Seems the syntax has changed slightly between the Fedora Core 1 and Fedora Core 4 versions, so the rules from the old box don't quite work on the new one. Found the system-config-firewall-tui utility, and set up custom rules for the right ports, and restarted both iptables then samba. Gee wiz, it works now! I can see it from the other computers, and it finds the rest of the network too! Well, that was a good waste of several hours that I'll never get back. I guess the next step is to set up Postfix, policyd, amavisd and the new MailZu web interface for amavis. Oh, and pray that Dovecot 1.0 final will make it out in the next two weeks before I'm ready to bring the new monster live....