Some time ago I tried to get the XtreemFS server to work on MacOSX (Lion).
I had to patch it a bit to make it compile and run. So here's the patch if you want to give it a try:
[download id="33"]
I wanted to use it to have a synchroneous replicated filesystem over a WAN but in the end I gave up this idea and switched to unison.
Btw. I also tried to get gluster fs to work on MacOSX lion and partially succeeded. You can see my changes on github
The previous post shows you how you can configure the outgoing ip in antinat but if you have multiple ips and you want to use all of them and you want to be able to control which one to be used for certain things that patch doesn't do enough for you.
Antinat should bind the ougoing connection on the same ip on which it receives the connection from the client.
So if you want to use a different ip just set your configure your socks settings in the browser or proxifier to the ip you want antinat to use.
And here's the patch to let you do that ...
This patch is incompatible with the one on the previous post, you can either have that one or this one so make sure you apply it on the original antinat source.
Questions or suggestions are welcome as always ...
This post is the first in a series of posts about antinat. The posts will provide solutions for some "problems' with antinat. So here goes the first one ....
Antinat creates outgoing connection from the primary ip defined on the machine where it's running. There's a config option to make antinat listen on a specific ip but no config option to make it use a specific ip for outgoing connections.
The attached patch will make antinat use the same ip that it's listening on for outgoing connections. You specify the listening ip with the "interface" config option and now that ip will also be used for outgoing connections.
I assume you already know how to patch ... if not ... just ask in the comments or hire me to patch it for you 🙂
In my last post about qmail I said that once you solve the big concurrency problem you'll end up with another problem because your mail server would create too many outgoing connections to some domains and you risk having your ips banned by those servers.
The solution is to have a way of limiting the maximum concurrency rate by domains. To do that you'll need the  qmail channels patch or write your own patch like I did ( mostly because I was unaware of the existence of the qmail channels patch )
The home page of the qmail channels patch will explain how to setup and configure qmail to limit the concurrency by a domain or group of domains.
What I like about this patch is that it allows you to set a concurrency limit for a group of domains like set 100 for all yahoo.com, yahoo.co.uk, yahoo.ca, etc .
What I don't like is that it doesn't seem to be able to set a default concurrency level for any domain. If I'm wrong please correct me, but if I'm right then this seems like a major problem for an email server that sends to a large number of addresses distributed over a large number of domains because you would have to configure concurrency limits for a lot of domains.
The ideal solution would allow you to specify a default per domain concurrency and this would apply to any domain that doesn't have a specific concurrency. For example most email servers would be ok with 5 concurrency connections from the same ip but no way for AOL (unless you're white listed and maybe not even then ) .
Another feature I would like is to be able to specify concurrency by domain's MX records or ips/group of ips assigned to the MX servers instead of the actual domain. This would ease the configuration for ISPs that host a lot of domains like rr or yahoo.
Virtualmin has this nice feature where you can enable dynamic host and virtualhost updates so when your ip changes virtualmin updates the ips in the virtualhosts definitions. Without this feature your sites would not work anymore if your ip changes and you would have to update the ips manually.
The problem with this feature is that it only supports the DynDNS service and not everyone is using this service to update their host when their ip changes.
I'm using my own dynamic dns service and the good news is that this service is using the same protocol as DynDNS so virtualmin needs little change in order to support it.
All I had to do was add a way of specifying the hostname and port of the dynip update server.
Here's the patch for virtualmin ( tested with 3.75 and 3.76 ) :
[download id="22"]
Q: Why would you want to run your own dynamic DNS service?
A: Because you have your own domains that you want to use as the parent domains for your hosts and you already have all required ingredients ( a linux server with a static ip that's always up and runs bind and apache with php )
Q: How do you run your own dynamic DNS service?
A: get DDNS Server, read the README file and set it up. The nice thing about this script is that it uses the same protocol as the popular DynDNS service so any dynamic ip update client like ddclient would work with this script. Of course the client would have to allow you to specify the hostname or ip and port of the dynamic dns server.
Oh and one more thing, if you're running bind you're probably running it in a chroot environment so you'll have to apply the following patch to DDNS Server ( current version 1.0.0 ) to make it work with the chrooted bind :
[download id="21"]
This patch adds a new configuration option named BIND_CHROOT ( in config.php ) that has to be set to the path of the chroot environment where bind runs. Eg. on centos 5.3 this is /var/named/run-root .
For any questions or suggestions hit the comments.
I have a Canon Pixma MP830 printer. This printer supports high resolution printing up to 9600x2400 dpi, but the gutenprint driver only supports 600x600 dpi.
So what do I do to make it print with higher resolution?
I wanted to use ddiwrapper, a system that would let you use the native win2k/winxp drivers from the manufacturer. Basically it uses wine to load those drivers feed the print job into the driver and feed the driver's output to the printer.
This is an incomplete solution. I managed to get as far as being able to install ddiwrapper and the driver. I didn't manage to actually print a test page. When trying to print the test page I don't get any errors, and the printing system reports printing has finished but nothing is actually printed.
I wrote this post in case there are others that might want to try this and maybe can find the final solution.
There were two problems with ddiwrapper:
The fixes to both problems are provided in the diff file bellow.
apply the diff file [download id="13"] , compile and install:
Insert the driver's cdrom that came with the printer, it shoud be automounted.
Copy drivers from the cdrom to a local folder ~/cdrv :
Delete the drivers for fax and scanner:
Move all drivers from ~/cdrv/Print to ~/cdrv :
Now install the driver:
Add the printer ( usb://dev/usblp0 should be replaced with whatever is the location of your printer) :
or you can use the Printing admin application from System->Administration->Printing and load the ppd file in ~/ddiwrapper/doc/ddiwrapper.ppd
Ubuntu 9.04 has apparmor installed, and there is a profile for cupsd. The ddiwrapper tries to access files that are not specified in this profile, but by looking at the error messages generated in the logs I managed to find all the files and add them to the profile. Here's a diff file with the changes I did : [download id="12"]
Apply the diff file to cups apparmor profile and restart apparmor:
The new printer should show up in the Printing admin and I thought IÂ should be able print a test page but it didn't work.
The README file for ddiwrapper mentions there is a way to "dry" test this by feeding the driver a ps file and verifying if the output is correct but there are no details about how to do that.
Now what ? Has anyone managed to make this work for Pixma MP830 ? Any idea about how to debug it ?
A few months ago I published a patch for webmin that would allow you to easily add a lot of ip addresses to an interface in webmin. At that time I mentioned that the patch could only be applied on webmin 1.410.
Now I needed this patch again but this time on webmin 1.480 so I adapted it to work with the new version.
For usage instructions please see the original post
You can download the new version here: [download id="11" format="1"]
This only works for interfaces activated at boot. The code could easily be copied to work with the other interfaces too but I didn't see a use for that.
After you add the ip addresses ( aliases ) you have to go to the list of interfaces, select the newly added interfaces and click the "Apply selected interfaces" button if you want the new aliases to be activated without having to reboot.
One of the worst problems in qmail is that it accepts messages for non existent users and then sends back a bounce to the sender. This is the perfect setup to be exploited by a spammer. I'm using the qmail-tls port configured with vpopmail on FreeBSD.
There might be some patches that make qmail use the vpopmail command line tools directly to check if a user exists before accepting messages but I either didn't find them or thought that using the SMTP Plugins patch is more elegant and gives me more flexibility (It might be slower but this was not a high traffic server so I didn't care).
The SMTP plugins patch adds hooks at all STMP stages and the plugins can use those hooks to accept or reject a message based on the data in the smtp statements sent by the sender.
I used the Qmail-SPP - Vpopmail check user Script written by Werner Maier.
The only problem was that I had to patch the source code for qmail-tls with the qmail-spp patch and there were quite a few rejects because of the other patches applied by freebsd ports system.
I managed to adapt the code to make this patch work and here is how I did it...
First I built the original freebsd port:
This will also install the files and then after we apply the spp plugin we just copy the modified file ( qmail-smtpd )
Next step if to download the qmail-spp plugin into /usr/ports/mail/qmail-tls/work and apply it.
This will give you some rejects but don't worry because you'll fix them with my next patch : [download id="10"]
At this point qmail-smtpd should have smtp plugins working and we can set up the vpopmail user verifier script.
Now edit vpopmail_check_recipient.sh and make sure the correct paths to vpopmail directory ( /home/vpopmail on freebsd ) are set in the script.
To test it, connect to smtp and try to send a message to an nonexistent account, you should see a reject message instead of the usual "ok".
You transfer files over scp or sftp to a server and there you have a script that processes the new files. you want the script to only start processing the files once they are completely transferred.
There's no way of knowing when the files have been fully transferred, both sftp and scp would create the files as soon as the transfer begins and will close then when it finishes. So between the time it creates them and until it closes them the files are incomplete.
There's an easy solution: upload a lock file before you start uploading the real files and remove the lock file after the upload is finished. Modify your processing program/script to look for a lock file and only start processing if the lock file does not exist. This is good if you can modify the upload and processing scripts/programs but that's not always the case.
The harder solution involves modification to openssh source code. I created a patch that modifies scp and the sftp server so that for every file received the server will actually put the contents in a temporary file and only move the file in the real destination when/if the upload is complete. The move operation ( rename ) is atomic only when moving the files in the same filesystem but that's not a big problem cause we can configure the tmp location to be on the same filesystem.
Both scp and sftp server were modified so you get similar functionality by using any of them.
This patch was tested with openssh 4.6.p1. It may work with newer versions but first you should try with the same version so download the source code for 4.6p1 and decompress it.
Download my patch: [download#7]
Apply the patch:
Then run configure with whatever parameters you want, make and install it.
By default scp and sftp-server will use /tmp as the temporary location where they save files till the upload is complete.
If /tmp is not on the same filesystem and the actual file destination then you have to specify a different temporary location in order to make this really atomic.
For sftp-server you can do it by adding another parameter to the Subsystem line in sshd_config
It normally looks like this (on gentoo x86_64) :
Subsystem sftp /usr/lib64/misc/sftp-server
or ( on ubuntu 9.04 )
Subsystem sftp /usr/lib/openssh/sftp-server
You have to add " -t /new/tmp/location " to that line ( without the quotes )
/new/tmp/location should be on the same filesystem as the real destination.
For example if you have /home mounted on a separate partition and you upload in /home/user you should create a temporary folder in /home and set that as the folder to be used by sftp-server.
And the configuration line should be something like :
Subsystem sftp /usr/lib/openssh/sftp-server -t /home/tmp
Scp also needs special configuration if you want to set a different temporary location but in this case we could not just pass a special parameter to it because the scp client would not allow that so I had to make a wrapper for the scp program on the server.
The wrapper would just pass the custom temporary location in a environment variable then call the actual ( patched ) scp program.
I had scp in /usr/bin/scp so I moved that in /usr/bin/scp.bin
and I created a script named /usr/bin/scp with the following content:
all that's left to do is:
That's it! Now you have atomic uploads for scp and sftp.