snmpd[5082]: Connection from UDP:

Several connections every minute gets out /var/logs/messages file grow very very fast with nothing important rather that monitoring host is connecting to the machine to gather its data.

echo OPTIONS=\”-LS 5 d -Lf /dev/null -p /var/run/snmpd.pid -a\” >>/etc/snmp/snmpd.options && service snmpd restart

fixes it.

Anyways, its been long time since I’ve seen THAT skill.

Some news channels I’ve seen promote nothing but their political agenda, still branding it as “news”.

So, whats really a news nowadays? Something somebody did that made you angry and you can fire back starting off political debate? Or something different? Like something that we should all listen and learn for common good, not let our civilization fall into ruins.

I think real “news” pay vey important role in social connected society. Even “little” reported bad can spark a revolution. A revolution can die, if not supported and reported as “news”.

Rachel you not only touch important topics, but make them exciting for others, probably because it obviously truly excites you But you can pass it on. Stories we could never hear anywhere – like last super secret CIA operation to protect loose nukes. Nobody knows whats really going on out there, but you deliver fact and only fact applying your take as a logic explanation. Instead of mean propaganda pushed by others as “news channels”.

I learn a lot, I watch everyday (thanks for excellent podcast). For my 14 hour day of work I cannot grab a live broadcast, but unlike some other of my favorite shows, yours I have always ready on my cell to watch before I fall asleep. Pleasure…

$this_week_fr  = mktime(0, 0, 0, date('n'), date('j'),   date('Y')) - ((date('N')-1)*3600*24);
$last_week_fr  = mktime(0, 0, 0, date('n'), date('j')-6, date('Y')) - (date('N')*3600*24);
$last_week_to  = mktime(24,0, 0, date('n'), date('j'),   date('Y')) - (date('N')*3600*24)-86400;
$this_month_fr = mktime(0, 0, 0, date('n'),   1, date('Y'));
$last_month_fr = mktime(0, 0, 0, date('n')-1, 1, date('Y'));
$last_month_to = mktime(0, 0, 0, date('n'),   0, date('Y'));

I’ve seen many posts on the internet people sharing their experience of getting of the hook of AT&T. I think Apple with their great product which definitely iPhone is, is hurting a lot lately because AT&T predatory plans. Its the same reason people move away from iPhone like mine. Not iPhone itself, but because AT&T charges and plan restrictions OS X may loose its dominant position on mobile market.

I like Nexus S, but theres few little things here and there that bug me. I hope Samsung can look at few of them and fix in next release as I notice Im not the only one complaining.

Location on power button

If you take in consideration that most quick operation you perform on your phone would be with your thumb while holding the handset on the palm of your hand, the button should be located lower (close to middle) so thumb actually can reach it in this position.

Buttons / screen sensitivity

Specially annoying in full screen video player mode. The screen will react/turn off on any accidental touch. I think there should be a delay added to power button and home, menu buttons while in player mode to make sure user really wanted to use them at that moment. Same goes to accidental touch screen triggers. I dont recall iPhone would ever react to “non human” touch, like clothing, USB cable etc. Nexus S does.

Software for front camera support

Shame on Skype for not supporting it yet on Android. Come on.

Launcher bugs

Gets stocked sometimes on main screen, does not react to swipes to left right. Same happens to my friend, so must be system issue. Did not experience this with Froyo before.

Wifi

Definitely gone worst comparing to G2. Checked too with WiFi Analyser – shows right there. Theres many posts about low power chip already on the internet. Samsung – “Who does that shit man?” as Mike Tayson would say.

That’s what comes to my head right now. Other than that its a good phone, with good OS. There’s functionality you dont get iPhone and AT&T or would otherwise be charged – like create WiFi hot spot, so Im not switching back.

Few days ago Nexus S came up with Android 2.3 Gingerbread and I started googling for OS update for my G2. Gingerbread brings lots of cool features I already got used to with my iPhone – like simple copy & paste for example. So I want my Gingerbread update.

As ex iPhone user Im used to consider an update the minute it comes up. Actually everybody who uses hacked iPhones, consider waiting a bit until jailbreak comes up for latest OS

Well turns out Im not the only one googling for Gingerbread. It looks like getting OS updates with Android isn’t as smooth ride as it is with an iPhone. Im a coder so I understand hardware compatibility issues, ble ble ble. Fuck that man! Dont give me that bullshit. Dudes, you want to create a platform that supposed to beat iPhones OSX ass, keep up with the reality! Do you expect people to wait for handset manufacturer to approve and mod each new OS version, then go through the same with the carrier. Who are you kidding? That will take months if ever happens. Bottom line is that if you have an Android device you are stuck with what you have now. I get chicken skin when I read Android forums and people saying “well, a month wait is not that much…”. WTF! Its faster to return old phone and get a new one!

They should really coordinate new OS releases with yes/no answer on each device that runs Android on day one. Will be updated or no, and if yes, here’s the link. How do you expect to compete with OSX? The way it is right now its ridiculous. Fuck waiting, Im already considering changing the phone to Nexus S. Bye bye HTC. You will give me a Xmas present by handing an OS update a month after its release day. Too late, tooooo fucking late.

I dont take any bull crap about hardware compatibility and OS mods. It should be coordinated process. On release day I expect to have an SMS on my cell with link to system update, or “sorry, will not happen – buy new phone”, thats bottom line. Cannot deliver? – dont use fucking Google logo on handsets that you sell!

• wget http://poptop.sourceforge.net/yum/stable/rhel5/i386/pptpd-1.3.4-2.rhel5.i386.rpm
• rpm -ivh pptpd-1.3.4-2.rhel5.i386.rpm
• nano /etc/pptpd.conf

Go to the end of the file where you can see examples of localip and remoteip. Below them add your own values for localip and remoteip.

localip 10.0.1.201
remoteip 10.0.1.10-100

In the above, 10.0.0.201 will be used for the ppp interface and 10.0.0.10 – 10.0.0.100 will be assigned to the clients.

• nano /etc/ppp/options.pptpd

ms-dns 208.67.222.222

Thats all you need to change in the options.pptpd file. Next you will need to edit the file /etc/ppp/chap-secrets to add usernames and passwords for your clients. You need to enter the usernames and passwords in the following format.

# Secrets for authentication using CHAP
# client server secret IP addresses
username pptpd password *

IP Forwarding and Firewall Rules

Now we need to enable IP forwarding. So open the file /etc/sysctl.conf and set ‘net.ipv4.ip_forward’ to .

net.ipv4.ip_forward = 1

To make the changes to sysctl.conf take effect, use the following command.

sysctl -p

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A INPUT -i eth0 -p tcp –dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT

service pptpd start

Everything went through well, except it did not recognize properly neither wired network card and wireless interface. I did some quick research and everything seems to point to different network driver that CentOS comes with that you need to disable:

blacklist r8169 in your /etc/modprobe.d/blacklist file.

but then most sites point to install r8101, which did not help in my case. So I checked whats on board with lspci, and turns our I have different network chip: AR8132

In that case you need to download atl1e driver from: http://elrepo.org/linux/elrepo/el5/i386/RPMS/

during install mine popup conflict with module-init-tools. No worries, all you need to do is to download additional file from the same repo module-init-tools-3.3-0.pre3.1.60.el5.elrepo.i386.rpm and install them both together:

rpm -Uvh kmod-atl1e-1.0.1.9-2.el5.elrepo.i686.rpm module-init-tools-3.3-0.pre3.1.60.el5.elrepo.i386.rpm

after reboot the eth0 is up! Now time to connect wireless, which seems to be recognized but does not want to join my protected wireless network and bring up screen resolution to something more than 800×600. I’ll post updates once I get this going.

RewriteCond %{REQUEST_FILENAME} !-s

How do you do it with lighttpd? Seems that the guys did not wanted to have a take on it for some performance reasons, but its also a condition rule that many PHP framework cannot live without.

Yes you can redirect everything to PHP and then handle it there, but then essentially you everything needs to be handle by PHP – even static files and headers and and and and becomes a headache.

So my findings at this point to achieve the rewrite all but not if file exists goal is something like this:

url.rewrite-if-not-file = (
    ".*?\?(.*)" => "index.php?$1",
    "(.*)" 	=> "index.php"
)
server.error-handler-404 = "index.php"

So Im aware of -if-not-file, but that seems to work only like kinda detector for file extension, does not really check if the file exists in file system. I found also that mod for mod_rewrite.c, re-compiled my lighttpd with it, but did not seem to make any difference than regular url.rewrite-if-not-file. Maybe its an old patch for previous version oflighttpd? I use latest one 1.4.28.

Finally with my code above you get all requests passed to php except files that exists in filesystem. Request for a file will be handled by 404 handler and gets to PHP as well eventually. Not super pretty – but seems to work

In the meantime I tried to handle the situation and installed mod_evasive with APF firewall to put DROP rules for incoming IPs. Anyways it seemed not to make much difference in my case, so I ended up crawling site into static html and putting it on CDN for now.

I went through some different setups with Apache, pointing back and forth DNS from CDN to my box, but even on new Xeon 3GHz it was not enough to deal with the situation. I got CPU under control, but there were too many apache instances running making all other vhosts dead.

Hmm, I have to move all those vhosts to new box, so maybe its a good time to look into other web servers than apache? I run lighttpd on other boxes I manage and never had any problems, so I ended up migrating WordPress blogs to lighttpd. Still I have many other vhosts that simply cannot be migrated easy now because of .htaccess usage.

So can I run lighttpd and apache on the same box and both on port 80? Yes, I can. I setup apache to listen on some specific IP addresses and lighttpd on other ones.

Apache: Listen 184.154.89.117:80

Lighttpd: server.bind = “184.154.89.118″