Notes: January 2005 Archives

I wrote 77 online dictionary plugin for IE and Firefox
Install page
Dictionary database from pyDict

Virtual Tunnel(VTun) is similar to Softether,
even more powerful for Linux or FreeBSD.
To build VTun, needs following rpms
liblzo1
liblzo1-devel
bison or byacc (byacc build failed in my case, so I install bison rpm)
Working example:
Server config /usr/local/etc/vtund.conf

default {
  type tun;
  proto udp;
  compress lzo:1;
  keepalive yes;
}

s2 {
  passwd abcd;
  up {
   ifconfig "%% 10.10.0.1 pointopoint 10.10.0.2";
   route "add -net 10.10.1.0 netmask 255.255.255.0 gw 10.10.0.2";
   program /sbin/arp "-sD 10.10.0.2 eth0 pub";
  };
}

Client config /usr/local/etc/vtund.conf

default {
  type tun;
  proto udp;
  compress lzo:1;
  keepalive yes;
}

s2 {
  passwd abcd;
  up {
   ifconfig "%% 10.10.0.2 pointopoint 10.10.0.1";
   route "add -net 10.10.0.0 netmask 255.255.255.0 gw 10.10.0.1";
  };
}

Before run vtund, both client and server needs to load tun module (modprobe tun), then
Server run vtund -s
Client run vtund s2 140.117.53.147
(140.117.53.147 is server IP)

Result:
Server
tun0 Link encap:Point-to-Point Protocol
   inet addr:10.10.0.1 P-t-P:10.10.0.2 Mask:255.255.255.255
   UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
   RX packets:15 errors:0 dropped:0 overruns:0 frame:0
   TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
   collisions:0 txqueuelen:10
   RX bytes:1260 (1.2 Kb) TX bytes:672 (672.0 b)

Client
tun0 Link encap:Point-to-Point Protocol
   inet addr:10.10.0.2 P-t-P:10.10.0.1 Mask:255.255.255.255
   UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
   RX packets:8 errors:0 dropped:0 overruns:0 frame:0
   TX packets:15 errors:0 dropped:0 overruns:0 carrier:0
   collisions:0 txqueuelen:10
   RX bytes:672 (672.0 b) TX bytes:1260 (1.2 Kb)

ref. Softether

Linux console shows something like "x.x.x.x sent an invalid ICMP type 11, code 0 error to a broadcast ..."
What's the problem?
Let's see kernel source net/ipv4/icmp.c

if (!sysctl_icmp_ignore_bogus_error_responses)
{
 if (inet_addr_type(iph->daddr) == RTN_BROADCAST)
 {
  if (net_ratelimit())
  printk(KERN_WARNING "%u.%u.%u.%u sent an invalid ICMP type %u, code %u error to a broadcast: %u.%u.%u.%u on %s\n
  NIPQUAD(skb->nh.iph->saddr),
  icmph->type, icmph->code,
  NIPQUAD(iph->daddr),
  skb->dev->name);
  goto out;
 }
}

It is because recieve ICMP bogus response,
to ignore this, add net.ipv4.icmp_ignore_bogus_error_responses=1 to /etc/sysctl.conf

ProxyPass allows remote servers to be mapped into the space of the local server

You have to enable mod_proxy during buid apache
e.g.
./configure --prefix=/usr/local/apache --sysconfdir=/usr/local/apache/conf \
--enable-module=so --enable-module=rewrite --enable-module=proxy

Example:
a FreeBSD server, WAN IP 140.117.53.147, LAN IP 192.168.0.1, with Apache 1.3.33
a Windows IIS server, LAN IP 192.168.0.6, Gateway 192.168.0.1

Example Settings 1: (all can connect iis.pank.org)

<VirtualHost 140.117.53.147>
  ServerName iis.pank.org
  ProxyPass / http://192.168.0.6/
</VirtualHost>

Example Settings 2: (restrict from, only 140.117.0.0/16 can connect)

<VirtualHost 140.117.53.147>
  ServerName iis.pank.org
   <Directory proxy:*>
   Order deny,allow
   Deny from all
   Allow from 140.117.0.0/16
  </Directory>
  ProxyPass / http://192.168.0.6/
</VirtualHost>

note: Setting ProxyRequests to off does not disable use of the ProxyPass directive.
ref.
Apache module mod_proxy
R-Proxy

bash trick: build-in method

A="abcd0123456789"
if [ "${A/1234/}" != "$A" ] ; then
  echo yes
fi

grep method

A="abcd0123456789"
if echo $A | grep -q 1234 ; then
  echo yes
fi

After I test, 1st method is 40 times faster then grep method

Ctrl + / Ctrl - or CTRL-Mouse wheel to zoom in / zoom out page
Press / to search
Ctrl-T to open new tab
Ctrl + Mouse Click to open URL in new tab
Ctrl-[1-9] to switch tab (Alt-[1-9] under X Window)
Type about:config in location bar for tweaking

My Firefox Extensions
All-in-One Gestures (Linux and Windows)
Auto Copy (Windows)
Context Search (Linux and Windows)
DragToTab (Linux and Windows)
Flash Got (Windows)
ieview (Windows)
Minimize to Tray (Windows)
Paste and Go (Windows)

ref. http://hemiolapei.free.fr/divers/mozilla.html

view statements could relpy different result depend on client origin
Example: private view and public view
query from public network ref. file db.test
query from private network ref. file db.test.private

view "public" {
    match-clients { !192.168.0.0/16; any; };
    recursion no;
    zone "." {
        type hint;
        file "named.root";
    };
    zone "test.com" {
        type master;
        file "db.qmio";
    };
};

view "private" {
    match-clients { 192.168.0.0/16; };
    zone "." {
        type hint;
        file "named.root";
    };
    zone "test.com" {
        type master;
        file "db.test.private";
    };
};

Note: to use view statements, all zones must be in views

舊版 Postfix-SMTP-AUTH-TLS-Howto
更新一些檔案, 步驟大至相同