| 7 |
x build small systool script 'apt-get_remote.pl' which do a cronly 'apt-get --dry-run upgrade' and send output via mail |
x build small systool script 'apt-get_remote.pl' which do a cronly 'apt-get --dry-run upgrade' and send output via mail |
| 8 |
o review 'apt-get_remote.pl' |
o review 'apt-get_remote.pl' |
| 9 |
o what's about parsing some response for comand like installing some marked packages |
o what's about parsing some response for comand like installing some marked packages |
|
FreeBSD(stable): |
|
|
o read more about BSD package systems (pkg, cvsup) |
|
|
x for simple package installation/de-installation use pkg |
|
|
x install downloaded package: |
|
|
:# pkg_add {package}-{version}.tgz |
|
|
x install package via remote server(only if package is available as *latest*): |
|
|
pkg_add -r {package}.tgz |
|
|
x using cvsup |
|
|
x read http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvsup.html |
|
|
x newbies could use cvsupit: |
|
|
:# pkg_add -r cvsupit.tgz |
|
|
- cvsupit will proberly ask you for the default values it |
|
|
place at /etc/cvsupfile, which is used by cvsup |
|
|
- after that it will start cvsup to update your system |
|
|
x if /etc/cvsupfile already exists and you know what you do, |
|
|
this command will update your system (maybe run it via cron...): |
|
|
:# /usr/local/bin/cvsup -g -L 2 /etc/cvsupfile |
|
|
where '-g' tells cvsup not to use a GUI, '-L 2' sets default output level to 2 |
|
|
x for available cvs tags, look at http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvs-tags.html |
|
|
o whats about daemon start-stop scripts (like at linux: /etc/init.d/) ? |
|
|
x some daemons (only installed ports?) start-stop-scripts are placed at '/usr/local/etc/rc.d/' |
|
|
o how at '/etc/rc.conf' toogled start-up scripts can be run manually(e.g. /etc/rc.firewall)? |
|
|
x configure and compile custom kernel: |
|
|
x read http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-building.html |
|
|
x create custom kernel conf-file |
|
|
- cd usr/src/sys/i386/conf/ |
|
|
- copy default kenrnel GENERIC to eg MYKERNEL |
|
|
- edit/modify MYKERNEL |
|
|
x configure sources(really?) |
|
|
- run /usr/sbin/config MYKERNEL |
|
|
x build kernel |
|
|
- cd ../../MYKERNEL |
|
|
- make depend |
|
|
- make |
|
|
- make install |
|
|
x use packet fiters (firewall): |
|
|
x read http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls.html |
|
|
x some options at the kernel have to be enabled: |
|
|
- options IPFIREWALL |
|
|
Compiles into the kernel the code for packet filtering. |
|
|
- options IPFIREWALL_VERBOSE |
|
|
Enables code to allow logging of packets through syslogd. |
|
|
Without this option, even if you specify that packets should be logged in the filter rules, |
|
|
nothing will happen. |
|
|
- options IPFIREWALL_VERBOSE_LIMIT=10 |
|
|
Limits the number of packets logged through syslogd on a per entry basis. |
|
|
You may wish to use this option in hostile environments in which you want to log firewall activity, |
|
|
but do not want to be open to a denial of service attack via syslog flooding. |
|
|
When a chain entry reaches the packet limit specified, logging is turned off for that particular entry. |
|
|
To resume logging, you will need to reset the associated counter using the ipfw(8) utility: |
|
|
:# ipfw zero 4500 |
|
|
Where 4500 is the chain entry you wish to continue logging. |
|
|
- options IPFIREWALL_DEFAULT_TO_ACCEPT |
|
|
This changes the default rule action from ``deny'' to ``allow''. |
|
|
This avoids the possibility of locking yourself out if you happen to boot a kernel with IPFIREWALL support but have not configured your firewall yet. |
|
|
It is also very useful if you often use ipfw(8) as a filter for specific problems as they arise. |
|
|
Use with care though, as this opens up the firewall and changes the way it works. |
|
|
x firewall is enabled at /etc/rc.conf (or /etc/rc.conf.local) |
|
|
firewall_enabled = "YES" |
|
|
firewall_type = "{firewall_type}" |
|
|
x where {firewall_type} is either a case at /etc/rc.firewall (/etc/rc.firewall6 for ipv6) |
|
|
or some custom file to read rules from. |
|
|
x Use firewall_type = "OPEN" for default policy 'OPEN' (allow all) |
|
|
|
|
|
|
|
|
- Linux & Wireless Lan: |
|
|
x install modules: |
|
|
x prims2 chipset based: |
|
|
- if debian kernel-image is used |
|
|
:#apt-get install linux-wlan-ng-modules-{your_arch} |
|
|
- if not, cd to some temp dir and |
|
|
:#apt-get source linux-wlan-ng or wget sources manually if other dist is used |
|
|
:#cd linux-wlan-ng-{version} |
|
|
:#./Configure |
|
|
:#make all install |
|
|
x configure at debian: |
|
|
x add SSID to dev at /etc/wlan/wlan.conf e.g.: |
|
|
SSID_wlan0="WGATEWAY" |
|
|
ENABLE_wlan0=y |
|
|
x create and edit cutom config related to SSID |
|
|
:#cp /etc/wlan/wlancfg-DEFAULT /etc/wlan/wlancfg-WGATEWAY |
|
|
:#nano /etc/wlan/wlancfg-WGATEWAY |
|
|
x notes!: |
|
|
- prism2-based USB devices mostly needs hardware reset to get changes work! |
|
|
this is caused of the firmware and could only be solved by a firmware-upgrade |
|
|
of the vendor responsible for these devices. |
|
|
o get WEP really work at heterogen enviroments(eg. between Win and Linux) |
|
|
o WEP is unsecure! (see http://wepcrack.sourceforge.net/) |
|
|
o use IPSEC |
|
|
o or some other ideas? |
|
| 10 |
|
|
|
- Linux & Bluetooth |
|
|
|
|
|
With some tweaking bluetooth works as expected. |
|
|
You will need the above mentioned patch patch-2.4.20-mh6 to have full functionality with 2.4.20. Then add |
|
|
|
|
|
deb http://bluez.sourceforge.net/download/debian/woody/ ./ |
|
|
deb-src http://bluez.sourceforge.net/download/debian/woody/ ./ |
|
|
|
|
|
to your /etc/apt/sources.list for woody and install at least the packages "bluez-bluefw" |
|
|
for loading the firmware into the usb bluetooth device. You will need "bluez-utils" for hci and rfcomm communications. |
|
|
You need to add this line |
|
|
|
|
|
bluefw 0x0003 0x044e 0x3001 0x0000 0x0000 0x00 0x00 0x00 0x00 0x00 0x00 0x00000000 |
|
|
|
|
|
to your /etc/hotplug/usb/bluefw.usermap to let the bluefw automatically load the appropriate firmware |
|
|
into your dongle once it shows up. |
|
|
|
|
|
I am using bluetooth with a Siemens S55, but e.g. Nokia 6310i goeas the same way. |
|
|
For an initial pairing you will need a pin in /etc/bluetooth/pin which at least needs to have 5 digits which is documented near nowhere. |
|
|
Once you do the pairing (Entered pin on the X requester popping up and on the cellphone) you can set your phone to not "Ask on connection". |
|
|
Afterwards i put the rfcomm config into the /etc/bluetooth/rfcomm.conf |
|
|
|
|
|
rfcomm0 { |
|
|
device 00:02:EE:B8:50:C5; |
|
|
channel 1; |
|
|
comment "S55 Dialup connection"; |
|
|
} |
|
|
|
|
|
rfcomm1 { |
|
|
device 00:02:EE:B8:50:C5; |
|
|
channel 9; |
|
|
comment "S55 OBEX"; |
|
|
} |
|
|
|
|
|
For dialing out via ppp you now can use /dev/rfcomm0 which should lead to your phone asking you to accept the connection. |
|
|
For debugging you can use these commands: |
|
|
|
|
|
:~$ sudo hcitool scan |
|
|
Scanning ... |
|
|
00:02:EE:B8:50:C5 6310i.rfc822 |
|
|
:~$ sudo hcitool info 00:02:EE:B8:50:C5 |
|
|
Requesting information ... |
|
|
BD Address: 00:02:EE:B8:50:C5 |
|
|
Device Name: 6310i.rfc822 |
|
|
LMP Version: 1.1 (0x1) LMP Subversion: 0x22c |
|
|
Manufacturer: Nokia Mobile Phones (1) |
|
|
Features: 0xbf 0x28 0x21 0x00 |
|
|
<3-slot packets> <5-slot packets> <encryption> <slot offset> |
|
|
<timing accuracy> <role switch> <sniff mode> <SCO link> |
|
|
<HV3 packets> <CVSD> |
|
|
:~$ sudo sdptool browse |
|
|
Inquiring ... |
|
|
Browsing 00:02:EE:B8:50:C5 ... |
|
|
Service Name: Fax |
|
|
Service RecHandle: 0x10000 |
|
|
Service Class ID List: |
|
|
"Fax" (0x1111) |
|
|
"Generic Telephony" (0x1204) |
|
|
Protocol Descriptor List: |
|
|
"L2CAP" (0x0100) |
|
|
"RFCOMM" (0x0003) |
|
|
Channel: 2 |
|
|
Language Base Attr List: |
|
|
code_ISO639: 0x656e |
|
|
encoding: 0x6a |
|
|
base_offset: 0x100 |
|
|
Profile Descriptor List: |
|
|
"Fax" (0x1111) |
|
|
Version: 0x0100 |
|
|
|
|
|
Service Name: OBEX Object Push |
|
|
Service RecHandle: 0x10001 |
|
|
Service Class ID List: |
|
|
"OBEX Object Push" (0x1105) |
|
|
Protocol Descriptor List: |
|
|
"L2CAP" (0x0100) |
|
|
"RFCOMM" (0x0003) |
|
|
Channel: 9 |
|
|
"OBEX" (0x0008) |
|
|
Language Base Attr List: |
|
|
code_ISO639: 0x656e |
|
|
encoding: 0x6a |
|
|
base_offset: 0x100 |
|
|
Profile Descriptor List: |
|
|
"OBEX Object Push" (0x1105) |
|
|
Version: 0x0100 |
|
|
|
|
|
Service Name: Audio Gateway |
|
|
Service RecHandle: 0x10002 |
|
|
Service Class ID List: |
|
|
"Headset Audio Gateway" (0x1112) |
|
|
"Generic Audio" (0x1203) |
|
|
Protocol Descriptor List: |
|
|
"L2CAP" (0x0100) |
|
|
"RFCOMM" (0x0003) |
|
|
Channel: 12 |
|
|
Language Base Attr List: |
|
|
code_ISO639: 0x656e |
|
|
encoding: 0x6a |
|
|
base_offset: 0x100 |
|
|
Profile Descriptor List: |
|
|
"Headset" (0x1108) |
|
|
Version: 0x0100 |
|
|
|
|
|
Service Name: COM 1 |
|
|
Service RecHandle: 0x10003 |
|
|
Service Class ID List: |
|
|
"Serial Port" (0x1101) |
|
|
Protocol Descriptor List: |
|
|
"L2CAP" (0x0100) |
|
|
"RFCOMM" (0x0003) |
|
|
Channel: 3 |
|
|
Language Base Attr List: |
|
|
code_ISO639: 0x656e |
|
|
encoding: 0x6a |
|
|
base_offset: 0x100 |
|
|
|
|
|
Service Name: Voice Gateway |
|
|
Service RecHandle: 0x10004 |
|
|
Service Class ID List: |
|
|
"" (0x111f) |
|
|
"Generic Audio" (0x1203) |
|
|
Protocol Descriptor List: |
|
|
"L2CAP" (0x0100) |
|
|
"RFCOMM" (0x0003) |
|
|
Channel: 13 |
|
|
Language Base Attr List: |
|
|
code_ISO639: 0x656e |
|
|
encoding: 0x6a |
|
|
base_offset: 0x100 |
|
|
Profile Descriptor List: |
|
|
"" (0x111e) |
|
|
Version: 0x0100 |
|
|
|
|
|
Service Name: Dial-up networking |
|
|
Service RecHandle: 0x10009 |
|
|
Service Class ID List: |
|
|
"Dialup Networking" (0x1103) |
|
|
"Generic Networking" (0x1201) |
|
|
Protocol Descriptor List: |
|
|
"L2CAP" (0x0100) |
|
|
"RFCOMM" (0x0003) |
|
|
Channel: 1 |
|
|
Language Base Attr List: |
|
|
code_ISO639: 0x656e |
|
|
encoding: 0x6a |
|
|
base_offset: 0x100 |
|
|
Profile Descriptor List: |
|
|
"Dialup Networking" (0x1103) |
|
|
Version: 0x0100 |
|
|
|
|
|
- Hardware Notes: |
|
|
x Broadcom 2033 chipset (tested with an ALLNET 7031 Class1 USB Adapter) |
|
|
- Make sure you have bluefw and hotplug installed, then everything works fine right out of the box. |
|
|
x on debian using default or for newer packages above sources: |
|
|
:#apt-get install bluez-bluefw |
|
|
- DO NOT enable the bluetooth.o module to avoid it being loaded by hotplug!! |
|
|
x this can be done by adding 'bluetooth' to '/etc/hotplug/blacklist' |
|
|
|
|
|
The Bluetooth device in this laptop is a USB Bluetooth device. |
|
|
By default, Linux provides two different device drivers for USB Bluetooth devices: bluetooth.o and hci_usb.o. |
|
|
The hci_usb.o is the correct driver for this device. Both drivers are loaded when the Bluetooth button is pushed |
|
|
but unfortunately bluetooth.o obtains the device first, not allowing hci_usb.o to use the device. |
|
|
In order for the Bluetooth device to be function, the bluetooth.o driver must not load. |
|
|
One way to stop the bluetooth.o driver from loading is to remove the driver from the system. This is accomplished by doing: |
|
|
|
|
|
:#rm /lib/modules/2.4.18-14/kernel/drivers/usb/bluetooth.o |
|
|
:#depmod -a |
|
|
|
|
|
Now, if inserting th usb device only the hci_usb.o should be loaded. |
|
|
|
|
|
- ACPI |
|
|
x get suspend work |
|
|
- compile kernel with 'Software Suspend Support' |
|
|
- some interesting post: |
|
|
from http://lists.debian.org/debian-laptop/2002/debian-laptop-200208/msg00349.html |
|
|
#------- begin post ----------------------- |
|
|
From: "Bem Ajani Jones-Bey" <ajani@OCF.Berkeley.EDU> |
|
|
> On Fri, Aug 23, 2002 at 01:14:06PM +0200, Erich Schubert wrote: |
|
|
> > Well, S1 is sleep mode, so your BIOS claims to not support sleep mode! |
|
|
> > Try getting a bios update, that might help. |
|
|
> > S5 is poweroff... S3 or S4 are suspend levels i think... one might be |
|
|
> > power-off, maybe that was S3... |
|
|
S4 is suspend-to-disk, S3 is suspend-to-RAM. |
|
|
> So, last I checked, Linux ACPI didn't support suspend to memory or |
|
|
> suspend to disk; the software suspend patch is the only way to get an |
|
|
> ACPI laptop to do anything resembling sleeping. I was also under the |
|
|
> impression that this wasn't going to work for awhile; at least until |
|
|
> 2.6. I admit I haven't looked at ACPI in a couple months, but last time |
|
|
> I looked, they were projecting that suspend./sleep wouldn't happen any |
|
|
> time soon. |
|
|
Last I checked, ACPI does suspend to memory or disk, using swsusp. It's |
|
|
even all integrated into the 2.5 kernels (though the CONFIG_SWSUSP option is |
|
|
buried in the kernel hacking section rather than ACPI). If you don't want to |
|
|
run an experimental kernel, then you can patch 2.4.x from the acpi.sf.net site. |
|
|
#-------- end post ------------------------------- |
|
|
|
|
|
|
|
|
- Backup: |
|
|
x bacula (http://www.bacula.org) |
|
|
Bacula is a set of computer programs that permit you (or the system administrator) to manage backup, |
|
|
recovery, and verification of computer data across a network of computers of different kinds. |
|
|
In technical terms, it is a network client/server based backup program. |
|
|
Bacula is relatively easy to use and efficient, while offering many advanced storage management features |
|
|
that make it easy to find and recover lost or damaged files. |
|
|
Bacula source code has been released under the GPL version 2 license. |
|
|
x created debian package, cause we can't found any other |
|
|
x wrote some notes about how to build an debian binary package |
|
|
http://www.netfrag.org/~jonen/computing/docs/build_bacula_deb.html |
|
|
o create 'postinst' and 'prerm' scripts for saving configs on update, etc. |
|
|
x tested network backup with Director, Storage Daemon and File Daemon(Client) |
|
|
at different hosts, works great! |
|
|
x tested backup to FileStorage, instead of using tapes drives |
|
|
(if someone would like to sponsor some tape drive, you're more than welcome!) |
|
|
notes: |
|
|
x remember to use different 'LabelFormat' filename at each pool ! |
|
|
x use compression at 'FileSet' definition, where GZIP is equal to GZIP6, means compression-level 6 (1-9) |
|
|
example: |
|
|
# ====== snip FileSet ============ |
|
|
FileSet { |
|
|
Name = "Full Set" |
|
|
Include = signature=MD5 compression=GZIP { |
|
|
/home |
|
|
} |
|
|
Exclude = { *.o } |
|
|
} |
|
|
# ====== snip FileSet ============ |
|
|
|
|
| 11 |
|
|
| 12 |
- QoS (Quality of Services) |
- QoS (Quality of Services) |
| 13 |
o check it out ! |
o check it out ! |
| 110 |
o a mozilla button for creating new newsgroups |
o a mozilla button for creating new newsgroups |
| 111 |
|
|
| 112 |
|
|
| 113 |
|
|
| 114 |
|
|
| 115 |
future: |
future: |
| 116 |
o build 'black box' to trace for 'spys' at a isdn/internet connection ;) |
o build 'black box' to trace for 'spys' at a isdn/internet connection ;) |
| 117 |
|
|
Parent Directory
| 
Revision Log
| 
Patch
