Hazard's stuff

The Cyprus Environment Video

— Posted by hazard @ 2007-01-28 12:10
Cyprus Press and Information Office has a released a 10-minute video about Cyprus environment, which Brian from www.cypenv.org was kind enough to rip and post on its video section.

New Cyprus Online Road Tax Payment System

— Posted by hazard @ 2007-01-28 04:07
Cyprus government has updated their facility for online road tax payment. Now, instead of the road tax disc being sent by post, you have to print it yourself. This approach has both cons and pros to the old way of online payment, where the disc was sent by post.

Pros:
  • Don't have to wait for the road disc to arrive by post.
  • You will get your disc even if your postal address in Road Department's system is wrong.

Cons:
  • Less secure. The only way for an official to authenticate the disc is to read the bar-code on the disc. And for 100% authenticity, you have to login to the central database.
  • Not everyone has printers, and the webpage does not warn that you need to have one until you have paid. The system let's you save the image as a PNG file, which means various software will print it in various size. A PDF would have been a much wiser choice.

My opinion is that the old way was better. Waiting for a few days for the road tax disc to arrive was not a problem for me. Now I have the hassle to go to work and print it from there, and potentially suspicious policemen.
If you want to get an idea how it looks like, here is a blurred up version:

Cooking again

— Posted by hazard @ 2007-01-26 14:34
I started cooking again...



A Simple Solution to fight SPAM

— Posted by hazard @ 2007-01-21 09:45
According to the following article, amount of SPAM has almost doubled during past year. Most of SPAM is sent from PCs infected by trojans.

Actually it is relatively easy for an Internet Service Provider to prevent this type of SPAM from being sent from its customers. Over here in PrimeTel (Cyprus ISP) we do not allow home users to connect to third-party Internet SMTP servers by default, and developed an add-on to our mailserver so that any IP address which has sent more than threshold amount of emails during past hour will be blocked automatically.

If mail server vendors/developers will start including this feature in standard configurations, the problem will be gone.


VirtualBox networking and parprouted

— Posted by hazard @ 2007-01-20 19:14
VirtualBox is a nice, free and semi-open source virtual machine, allowing you to run WinXP on Linux pretty much the same way as with VMWare.

The only documented methods to do networking from VM are NAT and Host-based bridge using Linux layer-2 bridging (brctl). NAT was no good for me as I need incoming connections to work. Layer-2 bridge is no good if you don't have multiple-MAC capable networking card (e.g. wireless connection), or if you want to filter IP packets coming out from the VM on the host using iptables AND without allocation of additional subnet.

I had the latter case - I have a /29 on my Internet connection with six usable IPs, and splitting into two /30 subnets would mean that I would end up with only two usable IPs. Surely enough, parprouted comes to rescue. :) Below are the steps to set it up.

    Get tunctl utility - comes together with UML utilities. In my case I just downloaded one of the binary RPMs on the net and copied tunctl to /usr/local/sbin.
  • Download and install parprouted.
  • Add the following to your /etc/rc.d/rc.local as follows:
    /usr/local/sbin/tunctl -t tap0
    /sbin/ip link set tap0 up
    /sbin/ip addr add 172.16.16.16/32 dev tap0
    /usr/local/sbin/parprouted eth0 tap0
    
  • Make sure IP forwarding is enabled on the host (/etc/sysctl.conf in Fedora).
  • Restart your PC (or execute commands manually).
  • Go to VM settings in VirtualBox, in "Networking" select Host-based. In the device name field, enter "tap0".
  • Configure your WinXP (or whatever OS you run in the VM) to use one of the IP addresses from the subnet assigned to your eth0 interface.
  • That's it - test your connectivity. Make sure that iptables configuration on your host is not filtering out packets sent from the VM.


WISP-Dist 1.3.1p35 declared stable

— Posted by hazard @ 2007-01-14 11:44
WISP-Dist 1.3.1p35, which has been beta since 2005, has been declared stable. Of course it is quite outdated right now as it doesn't have reliable Atheros support, I wish I had time to update it. :-(

parprouted 0.64

— Posted by hazard @ 2007-01-14 11:39
I made a new release of parprouted, which fixes a bug where it sent ARP requests for incomplete records. Thanks to Ben Pfountz for the patch.

OpenVZ hints

— Posted by hazard @ 2007-01-14 05:29
Here are a few useful hints I learned while I was setting up VPS for hazardous-area.org:

  • Default mysql+apache installation WON'T fit into 128 Mb of memory on OpenVZ VPS, and you'll get memory allocation errors. The core of the issue is that OpenVZ apparently takes into account all memory allocated by processes, even if it hasn't been used. To overcome the problem you need to minimize allocated memory use:
    • Use minimal mysqld config (copy my-small.cnf from /usr/share/doc/mysql-server*).
    • Add "skip-innodb" to my.cnf - it will reduce MySQL server memory footprint by about 100 MB.
    • Use lighttpd instead of Apache.
  • openvzmon is a nifty tool which gives more realistic report on CPU and memory usage by your OpenVZ VPS.
  • Also you can get useful stats from /proc/user_beancounters.


New hosting

— Posted by hazard @ 2007-01-14 05:27
I have decided to move hosting of hazardous-area.org to a VPS in USA. Before it was on my personal PC situated in my apartment, and was turned off every night. :)

installing Fedora Core 6 Linux on HP DX7300

— Posted by hazard @ 2007-01-05 23:35
If you try to install FC6 on HP DX7300 workstation, kernel will hang during boot. After some fiddling I figured out that you need to pass the following command line in the boot prompt to resolve the problem: "linux pci=nommconf".