How to connect to the internet using Celcom Broadband Modem

Luckily, I got my hand on my friend's Celcom Broadband USB HSDPA Modem. The model is E220. Fortunately on Mandriva, you don't need to type a command. It's all in the comfort of GUI.

below is the step-by-step process:

1. Open MCC (Mandriva Control Center) and then select Network & Internet (left frame) and then open Setup a new network interface.


2. Select GPRS/Edge/3G and click Next button.

3. The device should be shown and selected here. If not, you have to check whether Linux detected it using lsusb command. In many cases, this shouldn't be a problem for Linux detecting a USB device. Then click the Next button.

4. It will ask you for PIN number. One problem here. You have to enable PIN Protection for your card by going into MS Windows and use the software provided by TM to enable the PIN Protection. It is disabled by default. If it is disabled, you will get error after this even the PIN number is correct. After enable the PIN Protection, you can boot back into Linux and enter the PIN number as in the pic below. Then click Next.

5. This dialog opens and you can just click Next.


6. Select the option as below and then click Next.


7. For dialog as below, just leave all fields blank. Click Next.


8. Finish. A window will appear telling you that the settings has been configured successfully. Click Finish button to close it.

9. You can see the /var/log/messages on what's been going on and important info like IP address, APN, netmask, gateway and handshakes during the connection process.

Example log:
Dec 21 23:50:42 localhost ifup-ppp: pppd started for ppp0 on /dev/ttyUSB0 at 115200
Dec 21 23:50:42 localhost pppd[2605]: pppd 2.4.4 started by root, uid 0
Dec 21 23:50:49 localhost pppd[2605]: Serial connection established.
Dec 21 23:50:49 localhost pppd[2605]: Using interface ppp0
Dec 21 23:50:49 localhost pppd[2605]: Connect: ppp0 <--> /dev/ttyUSB0
Dec 21 23:50:53 localhost pppd[2605]: Could not determine remote IP address: defaulting to 10.64.64.64
Dec 21 23:50:53 localhost pppd[2605]: local IP address 10.58.182.246
Dec 21 23:50:53 localhost pppd[2605]: remote IP address 10.64.64.64
Dec 21 23:50:53 localhost pppd[2605]: primary DNS address 202. 188.0.133
Dec 21 23:50:53 localhost pppd[2605]: secondary DNS address 202.188.1.5

That's all there is to it. Good luck guys!

Queuegraph - a RRDtool frontend for Postfix queue-statistics

queuegraph is a very simple mail statistics RRDtool frontend for Postfix that produces daily, weekly, monthly and yearly graphs of Postfix's active, deferred, incoming and bounce queues.The postfix's queue is usually in /var/spool/postfix. queuegraph is created by Ralf Hildebrandt and based on mailgraph by David Schweikert. Below is the dirs in my system:

# ls /var/spool/postfix/
active/ corrupt/ deferred/ etc/ flush/ incoming/ maildrop/ postgrey/ public/ tmp/ var/
bounce/ defer/ dev/ extern/ hold/ lib64/ pid/ private/ saved/ trace/
#

In connection with qshape it can be used to find out if your server is having performance issues:

• a large deferred queue indicates delivery problems
• a large active queue points to slow destinations (e.g. a content_filter)

You can download queuegraph here.

Before you download it, pls check the requirements:

• rrdtools (Mandriva users: urpmi rrdtool)
  
• librrds-perl (Mandriva users: urpmi perl-rrdtool)

After finish downloading it, extract it: tar xzvf queuegraph.tar.gz
List down the extracted files: ls -l (see below)

# ls
queuegraph.cgi* queuegraph-rrd.sh* README
#

Create a cronjob that runs queuegraph-rrd.sh every minute -- this populates the *.rrd database:

* * * * * /usr/local/bin/queuegraph-rrd.sh

Note: On Mandriva, i created a dir under /etc named cron.minutes and copied file queuegraph-rrd.sh into it: cp queuegraph-rrd.sh /etc/cron/minutes

And then I edited crontab by adding this line:
* * * * * root nice -19 run-parts --report /etc/cron.minutes

Then I copied queuegraph.cgi into the cgi-bin directory of my webserver: cp queuegraph.cgi /var/www/cgi-bin/ or where your webserver's cgi directory is (consult your distro manual.) Then chmoded it to 755 so that my webserver can run it: chmod 755 queuegraph.cgi

To see the statistics created by queuegraph, point your web browser to http://yourwebseraddress/cgi-bin/queuegraph.cgi

This is the graph for my postfix queue (without the Month and Year graph):


That's all there is to it.

sdparm: a utility for SCSI device

You may have heard of hdparm - a utility for getting info and changing certain parameters for IDE-type hard disk. It can't be used for SCSI hard disk though. So is there any similar utility for scsi hard disk? Yes there's one utility called with almost the same name: sdparm.

You may think that it has the same or at least similar to hdparm. No it is not. Well let's see what we can do with it below.

How to install it?
Ubuntu/Debian: apt-get install sdparm
Mandriva: urpmi sdparm
Redhat: yum install sdparm

A few examples:
list common mode parameters of a disk
sdparm /dev/sda

Sample output:
/dev/sda: COMPAQ BF03697B5A HPB2
Read write error recovery mode page:
AWRE 1 [cha: y, def: 1, sav: 1]
ARRE 1 [cha: y, def: 1, sav: 1]
PER 1 [cha: y, def: 1, sav: 1]
Caching (SBC) mode page:
WCE 0 [cha: y, def: 1, sav: 0]
RCD 0 [cha: y, def: 0, sav: 0]
Control mode page:
SWP 0 [cha: y, def: 0, sav: 0]
Informational exceptions control mode page:
EWASC 1 [cha: y, def: 1, sav: 1]
DEXCPT 0 [cha: y, def: 0, sav: 0]
MRIE 4 [cha: y, def: 4, sav: 4]


To list the designators within the device identification VPD page of a disk
sdparm --inquiry /dev/sda

Sample output:
/dev/sda: COMPAQ BF03697B5A HPB2
Device identification VPD page:
Addressed logical unit:
id_type: EUI-64 based, code_set: Binary
[0x0010b9fd080c1129]
id_type: T10 vendor identification, code_set: ASCII
vendor id: COMPAQ
vendor specific: E20C9MKK


To see all parameters for the caching mode page
sdparm --page=ca /dev/sdc

Sample output:
/dev/sda: COMPAQ BF03697B5A HPB2
Caching (SBC) mode page:
IC 0 [cha: y, def: 0, sav: 0]
ABPF 0 [cha: n, def: 0, sav: 0]
CAP 0 [cha: n, def: 0, sav: 0]
DISC 0 [cha: n, def: 0, sav: 0]
SIZE 0 [cha: y, def: 0, sav: 0]
WCE 0 [cha: y, def: 1, sav: 0]
MF 0 [cha: y, def: 0, sav: 0]
RCD 0 [cha: y, def: 0, sav: 0]
DRRP 0 [cha: y, def: 0, sav: 0]
WRP 0 [cha: y, def: 0, sav: 0]
DPTL 512 [cha: y, def:512, sav:512]
MIPF 256 [cha: y, def:256, sav:256]
MAPF 512 [cha: y, def:512, sav:512]
MAPFC 512 [cha: y, def:512, sav:512]
FSW 0 [cha: n, def: 0, sav: 0]
LBCSS 0 [cha: y, def: 0, sav: 0]
DRA 1 [cha: y, def: 1, sav: 1]
NV_DIS 0 [cha: n, def: 0, sav: 0]
NCS 226 [cha: y, def:226, sav:226]
CSS 0 [cha: y, def: 0, sav: 0]

To set the "Writeback Cache Enable" bit in the current values page
# sdparm --set=WCE /dev/sda

Sample output:
/dev/sda: COMPAQ BF03697B5A HPB2

References:
Cyberciti.biz
sdparm manpage

NAT and ip forwarding

NAT (be it SNAT or DNAT) relies on ip forwarding. You enable it, they are effective. I forgot to think about it last time ( I think 3 months ago) I setup Linux as a router. This is because server distros, enable it by default. Some distros however do not and most of them distros targeted for desktop/home users (pls check all popular distros to confirm). To enable it, you have to run this 2 commands:

sysctl -w net.ipv4.ip_forward=1
sysctl -p /etc/sysctl.conf

Of course you have to root to run those.

The first command is to write 1 in /proc/sys/net/ipv4/ip_forward. It is equivalent to this command:

echo 1 > /proc/net/ipv4/ip_forward

The second command is to apply all changes in file /etc/sysctl.conf.

Whatever you set in sysctl.conf will be applied every system restart. So that's important if you want to enable it permanently as in the case of a router. First command doesn't do that. You have to edit sysctl.conf to make it permanent because it will be read every system restart. Edit the file with your favorite text editor (i personally use joe) and make sure it contains this line:

net.ipv4.ip_forward = 1

This is just a quick solution for this topic. It doesn't cover everything you should know about sysctl.conf and ip forwarding. You can just google to find more info about them.

FOSS.my 2008

What is FOSS.my?

(excerpt from the website)
FOSS.my 2008 is Malaysia’s premier Free and Open Source Software (FOSS) event. Whilst this is our first go at it, we aim for this to be an annual event bringing together professionals and enthusiasts from Malaysia, Singapore, Asia and the rest of the world for a two day grassroots driven FOSS conference.

FOSS.my is different from other events in that we focus only on FOSS and that this conference is purely non-commercial. There will be no marketing/sales talks by vendors (we are very strict on this!) so all that is presented is FOSS goodness! Instead, vendors will be encouraged to speak on the FOSS technical aspects of their projects/tools. This approach works better as it benefits all through knowledge sharing within the community.

When?
It will be held on 8 and 9 Nov 2008

Where? ( Map )
APIIT TPM Campus
Lot 6, Technology Park Malaysia (TPM)
Bukit Jalil, 57000 Kuala Lumpur
Malaysia.

What are the agenda?
Go here: http://foss.my/schedule/ for more info.

What should I do?
Register here: http://foss.my/register/

Mandriva Linux 2009 released

Mandriva has released its latest desktop edition which comes in 4 edition: One, Free, PowerPack and Mandriva Flash.

Mandriva One comes in CD and suitable for those who want to start using Mandriva Linux in no time. You can boot in to live CD and start working. It has the option to install to hard disk. This edition comes with proprietary softwares.

Mandriva Free is the free edition. It doesn't contain proprietary softwares. You can add those later though if you add the relevant repositories.

Mandriva Powerpack is a commercial pack containing proprietary packages such as flash plugin, nvidia, nvidia, ati, mp3 codec etc.

Mandriva Flash is a USB disk version of Mandriva. It now uses 8GB USB drive instead of 4GB in previous version. You have to order it from Mandriva Store.

More info on this release

I have been using Mandriva Linux for almost 7 years now and in my opinion it is one of the best distributions out there.

compiz-fusion: Cylinder anyone?

If you enable 3D desktop effects in your desktop, we can change the shape of the desktop when we 'spin' it to cylinder.
The steps are as follows:

1. Run ccsm - Compiz Config Settings Manager. In Mandriva, it's under Tools menu or you can type ccsm in terminal. Afterthat, click on Cube Reflection and Deformation.


2. Go to Deformation tab and click on Deformation menu to and choose Cylinder.


3. Test it by pressing Ctrl+Alt and press left button of your mouse and move your mouse to spin your desktop.

Here some screenshots of my desktop on Mandriva Cooker.

It takes two to tango

Yeah.. You may well confused with the title of this post. What the hell it has to do with Linux? Yeah. You got it wrong. Make people confuse is one of the tactic to make readers read your blog. Am i right? Well it doesn't matter.

Last week, I setup 2nd router for my office to make traffic smoother. We experienced slow internet connection lately and no wonder since we have 500 clients accessing the only one router to go to the internet. So after thinking a plan on how to solve it, I came out with a soultion to buy a new and powerful router. 3 days later, I was thinking it was a good idea to split the traffic since we have 2 internet connections. So I setup a second router and split up client connections to the two router evenly. After 2 days, I can say it is successfully make our internet experience a pleasure.

In the new router I installed squid 3.0, BIND and dansguardian. All on Mandriva Spring 2008. So every client connected to one of the router has been setup with gateway and dns point to the router.

So If your office internet connection is becoming slower and slower and you have 2 internet connections, you may to think to split up for smooth traffic to the internet and make your users happy.

cheers!

Iptables: DNAT

DNAT stands for Destination NAT. It is a type of NAT. The other one is SNAT which stands for Source NAT. What's the difference I hear you ask. Good question! :) DNAT changes destination of relevant packets. SNAT changes the source of relevant packets. Last week, my boss asked me to open an internal system in order to be accessed publicly.

Let's say my internal system server's IP is 192.168.2.123 and the system is a web-based system (port 80). It is behind a firewall which has a public IP say 111.222.333.444. To access the internal system from internet, the firewall IP should be used as a gateway to reach the internal system server.

Internet ----> Firewall ----> Internal system

I want to make any packets destined to port 3256 on firewall should be NAT'ed to internal system server on port 80. So the DNAT in firewall is:

iptables -t nat -I PREROUTING -s ! 192.168.2.0/24 -p tcp --dport 3256 -j DNAT --to 192.168.2.123:80

There you go. All packets destined to firewall on port 3256 will be redirected to internal system server on port 80. There are other ways to achieve this using other tools like xinetd but I leave that one for exercise for readers. :)

Linux : Before Munich, it was Extremadura

I remembered 3 years ago I read a Linux magazine about Munich. The government were going to convert all Windows PCs to Linux. Then I just came across an old news about how one of the poorest region in Spain migrated their all pcs using by civil servants duirng a weekend.

We changed the desktop systems from Windows to Linux during the weekend, when the civil servants came back next Monday morning they found Linux running on their desktop machines.

The public government of the Spanish region of Extremadura has now a long tradition of promoting and using free software. Extremadura is a region located in the South-West of Spain, in the center of a triangle formed by the cities of Madrid, Seville and Lisbon.

More from the news:

Another essential component of the network are the end user terminals. These were made from PCs running a localized version of Linux called Linex (compound word from LINux and EXtremadura) which they tailored to their specific needs and changing the name of the programs to more accessible ones to the people in Extremadura. For example, the Gimp image processing program was renamed to Zurbar�n, a famous Spanish painter. Besides building one of the best known Linux distributions, Linex, they have achieved the amazing goal of having one PC for every two students in their schools. Yes, you read it correctly, one PC per two students.

In total they now have some 80000 desktop PCs running Linux. Of them, 66000 are in schools and education centers and the rest, 14000, are in other public administration buildings. Although not 100% of all Extremadura's public administration departments have been switched to Linux desktops, this numbers certainly indicate that they are in the right path to reaching this goal.

Hmm. I think this proves that Linux can be used in government sector without problem. Certain issues need to be addressed first especially pertaining to proprietary softwares used. This issue mostly can be solved. The expert of migration will take of it. :)

Do you have any story about Linux in government at your place? Do write in.

More related news:
Munich goes Open Source
Full steam ahead for Linux in Munich
Debian wins Munich Linux deal

Firefox download fiesta : Awesome record indeed!

Firefox download day was on June 17, 2008 (US timezone). The original target was 5 million downloads in 24 hours. Not only they reached the target but exceeding it by 3 millions. The best record ever for firefox downloads in a single day. The people of Guiness World Record has yet to validate the record. Please check back here again after a few days.

Rank	Country	Pledges
1	United States	3,915,375
2	Germany	1,068,315
3	Japan	714,845
4	United Kingdom	488,031
5	Iran	480,550
6	Spain	440,801
7	France	436,447
8	Lithuania	370,750
9	Canada	365,852
10	Italy	364,634

Although the time to set the record has over, you are encouraged to download firefox 3 because it has over 15,000 improvements over previous versions. See release notes for more details.

(Excerpt from Mozilla page)

What’s New in Firefox 3:

The Web is all about innovation, and Firefox 3 sets the pace with dozens of new features to deliver a faster, more secure and customizable Web browsing experience for all.

User Experience. The enhancements to Firefox 3 provide the best possible browsing experience on the Web. The new Firefox 3 smart location bar, affectionately known as the “Awesome Bar,” learns as people use it, adapting to user preferences and offering better fitting matches over time. The Firefox 3 Library archives browsing history, bookmarks, and tags, where they can be easily searched and organized. One-click bookmarking and tagging make it easy to remember, search and organize Web sites. The new full-page zoom displays any part of a Web page, up close and readable, in seconds.

Performance. Firefox 3 is built on top of the powerful new Gecko 1.9 platform, resulting in a safer, easier to use and more personal product. Firefox 3 now uses less memory while it’s running, and its redesigned page rendering and layout engine means users see Web pages two to three times faster than Firefox 2.

Security. Firefox 3 raises the bar for security. The new malware and phishing protection helps protect from viruses, worms, trojans and spyware to keep people safe on the Web. Firefox 3’s one-click site ID information allows users to verify that a site is what it claims to be. Mozilla’s open source process leverages the experience of thousands of security experts around the globe.

Customization. Everyone uses the Web differently, and Firefox 3 lets users customize their browser with more than 5,000 add-ons. Firefox Add-ons allow users to manage tasks like participating in online auctions, uploading digital photos, seeing the weather forecasts, and listening to music, all from the convenience of the browser. The new Add-ons Manager helps users to find and install add-ons directly from the browser.

For more information about Mozilla Firefox 3 and how it delivers an easier, faster, and safer online experience, visit http://www.mozilla.com/firefox/features.

Mozilla Firefox 3 is available now for Windows, Linux, and Mac OS X operating systems as a free download from http://www.getfirefox.com.

Other related stuffs

See youtube video what people said about Mozilla Firefox
Mozilla Digital Memory Bank
Press coverage on standblog

openSUSE and iMac G3

If you have an iMac G3 and want to install Linux (instead of throwing it out of your window and kills 2 people :P), you may want to try openSUSE. From my experience, openSuse is the best distro for it. What about other distro? Well, i've tried Ubuntu. It is not suitable for this type of iMac. YDL? The installation went smoothly but i had to tweak the X before it worked. One caveat though. If your iMac doesn't have DVD drive, you have to install via internet. First you have to download the install iso and burn it to CD. Boot from the CD and there's menu for you to choose. Choose installation and update. For more info on this, click here.

You will be asked for repository IP address. You can put name address instead of IP. Then, you will asked for directory for packages. Enter the directory. You can find them here. Please choose a repository near you.

Any question regarding installation, just ask here. Maybe I can help. :)

upgrading zlib

I have to upgrade my zlib to version 1.2.3 to upgrade clamav 0.93. If you have recent version (after July 18,2005), you might have it installed already. For older distros, upgrade is a must to avoid security vulnerabilities in 1.2.1 and 1.2.2. You can download the source code here : http://www.zlib.net/zlib-1.2.3.tar.gz

Install from source.
1. unpack the source : tar xzvf zlib-1.2.3.tar.gz
2. change to source dir: cd zlib-1.2.3
3. configure it: ./configure --shared --prefix=/usr
4. 'make' it: make
5. install it: make install (this will install the library in dir /usr)

Extra check:
1. Go to /usr/lib and check whether symbolic links are ok :
[root@proxy lib]# ls -l libz*
lrwxrwxrwx 1 root root 13 May 16 06:29 libz.so -> libz.so.1.2.3*
lrwxrwxrwx 1 root root 13 May 16 06:29 libz.so.1 -> libz.so.1.2.3*
-rwxr-xr-x 1 root root 82305 May 16 06:29 libz.so.1.2.3*

If old libraries are still lying around or libz.so and libz.so.1 point to old library e.g libz.so -> libz.so.1.2.1, delete them.

That's all there is to it.

Reference:
zlib home

Installing CentOS 5.1

Hi all,

I am installing CentOS 5.1 to a machine at my friend's office. I had to download 7 ISOs beforehand but it needs only 5 CDs for complete installation (depending on what packages I want to install). I might have downloaded the DVD iso but since I don't have DVD-RW drive, I chose to download the CD ISOs.

The machine is HP Proliant 350 G5 with Intel Xeon processor and it is a 64-bit machine (as all modern Xeon processors are). The machine has been installed Fedora Core 5 before and it had many problems as FC5 is designed for desktop and not server. This should be expected. The machine will be used for database, dhcp and DNS server.

Compiz-Fusion on Mandriva Spring 2008

Upgrading Mandriva 2008 to Mandriva 2008.1 aka Mandriva Spring

Screenshot of KDE 4 on Mandriva Spring 2008

Here are the steps to upgrade mandriva 2008 to 2008.1 via online repos.

1) Back up the current urpmi.cfg
2) Change the repos mentioned in urpmi.cfg from 2008.0 to 2008.1
3) Run urpmi.update -a to verify repos
4) urpmi --auto-update -v

If there are problems with dependencies, remove the old versions (notably KDE4 as in my experience, yours maybe with different packages). Then in some cases you have to run this command:

5) urpmi --auto-select

Relax and sit back while watching the packages being upgraded. For my system, almost 1600 packages upgraded. Lastly, you will be instructed to reboot the system because of kernel and dbus upgrade. So far the new system is running smoothly without problem.

reference: Mandriva Forum

My history of commands

Based on kagesenshi's post titled Me! Me!, I also want to know what commands were used by me regularly. So:

[zamri@localhost ~]$ history | awk '{a[$2]++ } END{for(i in a){print a[i] " " i}}'|sort -rn|head
126 ssh
100 ls
97 smbclient
86 cd
76 su
58 wine
48 ping
35 joe
32 exit
17 ps

There you go. The ouput isn't surprising. I did lots of ssh to my servers and wine (ahaaa!! surprise!), I played windows games a lot for the last 4 months. Now I stop playing 'em completely. It is boring when you always win. :P

clamav 0.93 released

I just feel like it was yesterday I upgraded my clamav to 0.92.1. Now it is version 0.93. I gotta upgrade it ASAP. Thanks to the spirit of OSS. The excitement will never end. :)

Changes since 0.92.1:

  * libclamav:
   - New logic in scan limits: provides much more efficient protection against
     DoS attacks but also results in different command line and config options
     to clamscan and clamd (see below)
   - New/improved modules: unzip, SIS, cabinet, CHM, SZDD, text normalisator,
     entity converter
   - Improved filetype detection; filetype definitions can be remotely updated
   - Support for .cld containers (which replace .inc directories)
   - Improved pattern matcher and signature formats
   - More efficient scanning of HTML files
   - Many other improvements

 * clamd:
   - NEW CONFIG FILE OPTIONS: MaxScanSize, MaxFileSize, MaxRecursion, MaxFiles
   - ** THE FOLLOWING OPTIONS ARE NO LONGER SUPPORTED **: MailMaxRecursion,
     ArchiveMaxFileSize, ArchiveMaxRecursion, ArchiveMaxFiles,
     ArchiveMaxCompressionRatio, ArchiveBlockMax

 * clamscan:
   - NEW CMDLINE OPTIONS: --max-filesize, --max-scansize
   - REMOVED OPTIONS: --block-max, --max-space, --max-ratio

 * freshclam:
   - NEW CONFIG OPTION CompressLocalDatabase
   - NEW CMDLINE SWITCH --no-warnings
   - main.inc and daily.inc directories are no longer used by ClamAV; please
     remove them manually from your database directory

Please note the new config file options.

Well... happy upgrading!. :)

Yakuake - An easy access console

Yakuake (Yet Another Kuake KDE terminal emulator) is a KDE console application that I use the most for months now. Before, I used to use konsole but after installing yakuake, I rarely use konsole anymore. The most important feature is the quick easy access to it by pressing a key. The key is configurable. I can't remember what is the default key for it but I choose F8 because the default is used by another application.

Installing yakuake
Debian - use synaptic or aptitude or apt-get install yakuake
Mandriva - use graphical rpmdrake or urpmi yakuake
other distros - please consult your distro documentation.

I have read a Linux mag (don't know which) that it is favorite among KDE developers and will be replacing konsole. I don't know whether this is true. Anyone can confirm this?

References:
Yakuake home page (new update)
Yakuake - An easy access konsole for KDE
More info : http://www.kde-apps.org/content/show.php?content=29153

dbmail 2.2.10 released

I have just upgraded my dbmail to 2.2.10. There are bugs fixed. So upgrade is highly recommended.

Changes since 2.2.9:

- - PostgreSQL 8.3 compatibility (# 676).
- - Duplicate key errors and other insertion problems ( #685, #686).

Download:
http://www.dbmail.org/download/2.2/dbmail-2.2.10.tar.gz

Debian etch backport:
deb http://debian.nfgd.net/debian stable main

Full changelog:
http://git.dbmail.eu/?p=paul/dbmail;a=shortlog;h=v2.2.10

Refer my previous post on how to upgrade dbmail (without database schema change).

Transparent proxy with squid 2.6

I have upgraded my squid from 2.5 STABLE13 to 2.6 STABLE18. Transparent proxy is setup differently in this version. You need this directives in squid.conf (usually in /etc or /usr/local/etc or /usr/local/squid/etc, check with your distro).

acl our_networks src 192.168.2.0/24 127.0.0.1
http_access allow our_networks
http_port 192.168.2.1:3128 transparent
always_direct allow all

where 192.168.2.1 is your proxy server IP address.


If you have flushed your iptables, create new rule:

iptables -t nat -A PREROUTING -i  eth0 -p tcp –dport  80 -j REDIRECT –to-port 3128

where 3128 is the port where squid is running.

References:
http://www.deckle.co.za/squid-users-guide/Transparent_Caching/Proxy

Squid - File size limit exceeded

Yesterday (15th Feb 2008) my squid died unexpectedly. I tried to restart it several times but to no avail. So I tried to see what went wrong by debugging and ran it in foreground. So,

squid -NCd3

N = put it in foreground
C = don't catch fatal signals
d = set debug level (3 is the level)

It threw a bunch of messages with the last line was File size limit exceeded. Just like this but I got no core dumped!. With no clue how to solve it, I recompiled squid (2.6-stable17) with extra parameters (with-max-fd=8192 and --with-large-files):

./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --enable-icmp --enable-kill-parent-hack --enable-ssl --enable-linux-netfilter --enable-large-cache-files --enable-follow-x-forwarded-for --with-large-files

It solved it. Shane reported here that this happens when file store.log is bigger that 2 GB. Disabling the use of store.log (or other relevant files for that matter) will get rid of this problem.

dbmail 2.2.9 released

From dbmail mailing-list (Feb, 9 2008):

Hi all,

I'm pleased to announce the availability of DBMail version 2.2.9, the latest in the stable/production series.

THis is a bugfix maintenance release.

Bugs fixed since 2.2.8:

DBMail - 2.2.9
==============
- 0000668: [Command-Line programs (dbmail-users, dbmail-util)]
dbmail-export segmentation fault and mbox compatibility (paul)
- 0000663: [Authentication layer] Authldap module reloads when it try to recconect
- 0000662: [Authentication layer] Ability to bypass authentication on Active Directory
- 0000660: [IMAP daemon] imapd provides better inetd compatability (paul)

Changelog:

http://git.dbmail.eu/?p=paul/dbmail;a=shortlog;h=v2.2.9

Download:

http://www.dbmail.org/download/2.2/dbmail-2.2.9.tar.gz


kind regards,
Paul Stevens paul at nfg.nl

What is dbmail?
Read here

up-imapproxy-1.2.6 released

From imapproxy-info mailing list:

Hi,

I'm pleased to announce that up-imapproxy-1.2.6 has been released and is
available for download from http://www.imapproxy.org.

Updates since 1.2.5 include:

* General daemon enhancement (closing extra file descriptors at startup,
pidfile support)

* OpenSSL is now threadsafe.

* ipv6 support added.

* In general, this code should be in sync with the debian distribution now.

Many thanks to José Luis Tallón, Jan Grant, Matt Selsky and Antonio Querubin
for their contributions to this release.  As always, thanks to Ray Link for
hosting the imapproxy.org site. If I had to pay for hosting, there probably
wouldn't be an imapproxy.org site.

Please send any bug reports, requests, questions, comments, praise, hate,
etc to this mailing list.

Thanks,

Dave

More info: imapproxy

KDE 4.0 released (at last!)

The much-awaited KDE 4.0 has been released on Friday 11 Jan 2007.

From the announcement page:

The KDE Community is thrilled to announce the immediate availability of KDE 4.0. This significant release marks both the end of the long and intensive development cycle leading up to KDE 4.0 and the beginning of the KDE 4 era.

The KDE 4 Libraries have seen major improvements in almost all areas. The Phonon multimedia framework provides platform independent multimedia support to all KDE applications, the Solid hardware integration framework makes interacting with (removable) devices easier and provides tools for better power management.

The KDE 4 Desktop has gained some major new capabilities. The Plasma desktop shell offers a new desktop interface, including panel, menu and widgets on the desktop as well as a dashboard function. KWin, the KDE Window manager, now supports advanced graphical effects to ease interaction with your windows.

Lots of KDE Applications have seen improvements as well. Visual updates through vector-based artwork, changes in the underlying libraries, user interface enhancements, new features, even new applications -- you name it, KDE 4.0 has it. Okular, the new document viewer and Dolphin, the new file manager are only two applications that leverage KDE 4.0's new technologies.

To install KDE 4.0, the experimental branch must be enabled. Add the following to /etc/apt/sources.list, then update APT.

deb http://ftp.debian.org/debian/ experimental main non-free contrib

deb-src http://ftp.debian.org/debian/ experimental main non-free contrib

APT will not install packages from experimental unless specifically requested. To install a package from experimental, run the command:

aptitude -t experimental install kdebase kdebase-workspace


or

apt-get -t experimental install kdebase kdebase-workspace


Those are the basic packages. For other packages, please look here.

Have fun!

Testing compiz-fusion on debian

My system:
debian lenny

Installation:
apt-get install compiz-fusion-kde
apt-get install compiz-fusion-gnome

Optional packages:
apt-get install compiz-fusion-plugins-unsupported
apt-get install compiz-fusion-plugins-extra
apt-get install compiz-fusion-icon

Above commands install kde and gnome-specific compiz-fusion backends and all other packages will be automatically installed depending on dependencies. To start compiz-fusion for KDE, go to System -> Compiz Fusion Icon.

Repo:
Put this in /etc/apt/sources.list
deb http://download.tuxfamily.org/shames/debian-etch/desktopfx/stable/ ./

Some screenshots:

Upgrading gcc to upgrade clamav to 0.92

I have problem upgrading my clamav 0.91.2 to 0.92 due to bug in gcc 4.0.1 on my Mandriva 2006. So I upgraded my gcc to 4.1.2. I chose to compile from source. It is advisable to refer to successful builds pertaining to the version of gcc to get a clue whether it will successfully build on your target system. I didn't choose later version because I couldn't find any successful build for my system. So I played safe. :P

Download: GNU gcc 4.1.2 (China Mirror)

You have to download at least gcc-core-4.1.2.tar.bz2 and gcc-4.1.2.tar.bz2. I also downloaded gcc-g++-4.1.2.tar.bz2, and gcc-objc-4.1.2.tar.bz2. I didn't download the others because I didn't need them. You may want to download them depends on your requirement.

Untar the tarballs
tar xjvf gcc-core-4.1.2.tar.bz2
tar xjvf gcc-4.1.2.tar.bz2
tar xjvf gcc-g++-4.1.2.tar.bz2
tar xjvf gcc-objc-4.1.2.tar.bz2

The above commands will untar the tarballs into a dir that is gcc-4.1.2. Then, as usual, run ./configure, make and make install. Before you run ./configure, please run ./configure --help to view what parameters needed. Some of the options are autodetected and included by configure itself (ie c/c++ libraries,headers ,etc).

configure
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var

then you can run make and make install to install it to your system. clamav 0.92 will be successfully compiled with this version of gcc.

UPDATE: Reported that gcc < 4.0 can compile clamav 0.92 successfully. So you don't need to upgrade if you use that version of gcc. Also reported that using the 'buggy' gcc, one can use -O0 as optimization flag to avoid the bug.

upgrading clamav from source
Please read my article here. The steps are still the same.

Good luck!