linux-opera

linux-opera is the linux version of opera web browser. Some might be curious about why I run linux-opera on FreeBSD. The answer is simple: the linux-opera supports flash, but the FreeBSD native opera doesn’t.

linux-opera does have a strange behaviour of my laptop, however.  When I use it in my office, it works fine; but at home, it fails to map the domain name to IP. That is, if types in IP, linux-opera works fine, but not the cases when types in domain name. It was very annoying, and none of the Google results help.

I accidentally discover that opera provide one command-line option: -debugdns

As the name suggest, it prints the debug messages about how it treats the DNS queries.
After some trials, I finally find out the cause of the problem. It was the incompatibility of gethostname() between linux emulator and FreeBSD.

In my office, the DHCP successfully set the /etc/resolv.conf to a valid name servers. The gethostname() used by linux-opera are not confused. However, at home, the DHCP direct my DNS queries to my gateway (my ADSL MODEM) by setting the name server to 10.1.1.1. The native gethostname() is able to get the right IP of hostnames, so other FreeBSD applications have no problem with it. But the gethostname() in linux-opera might not comprehend what 10.1.1.1 returns and resolve the given hostnames the wrong IPs. So the linux-opera at home does not work because the resolver of linux-emulator cannot resolve the domain properly.

Resolution:

Surprisingly simple. Edit the /compat/linux/etc/resolv.conf and add some lines such as:

nameserver valid DNS server IP1 nameserver valid DNS server IP2

MPD — as VPN client in FreeBSD

MPD is a netgraph based implementation of the multi-link PPP protocol for FreeBSD.  One of the main feature  of mpd is the capability to establish the VPN connection. After extensive testing, I found:

• Don’t use mpd4 yet, for it always enables  chap even you explictly disable it.
• Not many VPN server support the set link ident command.
• Check the route setting, it a is critical sucess factor.

My VPN environment

I use my laptop to connect the VPN in office at home or office. But the setting at home and at office is quite different. In office, I wish to set all the Internet traffic through VPN so I can use the Internet bandwidth of the university instead consume my own quota. The university blocks many websites but I want to access those websites at home, so the traffic to the university go through VPN, and the others go through default gateway.

The mpd.conf I am using:

vpn: new -i ng1 vpn vpn # set log +pptp +pptp2 +pptp3 +ccp2 +chat2 # disconnect the client after 8 hours set iface session 28800 # "username" here should match "username" in mpd.secret set bundle disable multilink set bundle authname "USER" # set this to your correct routing information set iface disable on-demand set iface up-script "IFACE_UP.sh" set iface down-script "IFACE_DOWN.sh" #set iface enable proxy-arp set iface idle 0 set iface enable tcpmssfix set bundle disable encryption set link no acfcomp protocomp set link max-redial -1 set link no pap chap set link accept chap set link accept chap-msv2 set link mtu 1500 set link keep-alive 30 300 # If remote machine is NT you need this.. set link yes no-orig-auth set ipcp no vjcomp set ipcp yes req-pri-dns req-sec-dns set ipcp ranges 0/0 0/0 # # The five lines below enable Microsoft Point-to-Point encryption # (MPPE) using the ng_mppc(8) netgraph node type. # set bundle enable compression set ccp yes mppc set ccp yes mpp-e40 set ccp yes mpp-e128 set bundle enable crypt-reqd set ccp yes mpp-stateless set ccp yes mpp-compress open

Change USER to your login name

The mpd.link is simple:

vpn: set link type pptp set pptp peer PPTP_HOST_IP set pptp enable originate outcall

PPTP_HOST_IP is the IP of VPN server

The mpd.secret:

USER PASSWORD

The IFACE_UP.sh (the script to preform when the netgraph interface (e.g. ng1) is up):

#!/bin/sh route=/sbin/route IFACE="$1" INET="$2" LOCAL_IP="$3" REMOTE_IP="$4" AUTHNAME="$5" PRI_DNS_SERVER_IP="$7" SEC_DNS_SERVER_IP="$9" $route add PPTP_HOST_IP $DEFAULT_GATEWAY if [ "${CURR_LOCATION}" = "OFFICE" ] then $route change default $REMOTE_IP elif [ "${CURR_LOCATION}" = "HOME" ] then $route add OFFICE_NET1 $REMOTE_IP -netmask 0xffffff00 $route add OFFICE_NET2 $REMOTE_IP -netmask 0xffffff00 $route add OFFICE_NET_EXCLUDE $DEFAULT_GATEWAY -netmask 0xffffff00 $route add OFFICE_HOST_EXCLUDE $DEFAULT_GATEWAY fi

• CURR_LOCATION: An environment varible to determine your location.
• DEFAULT_GATEWAY: An environment varible to hold the IP of default gateway .
• OFFICE_NET1. OFFICE_NET2: The office subnets you want to reach by VPN.
• OFFICE_NET_EXCLUSIVE. OFFICE_HOST_EXCLUSIVE: The office subnets/hosts that you don’t want to reach by VPN.

The IFACE_DOWN.sh (the script to preform when the netgraph interface (e.g. ng1) is down:

#!/bin/sh route=/sbin/route IFACE="$1" INET="$2" AUTHNAME="$3" #umount samba drive before disconnet from VPN SMB_DRIVE=`/sbin/mount | grep smbfs | awk '{print $3}'` if [ "$SMB_DRIVE" != "" ] then /sbin/umount $SMB_DRIVE fi $route delete PPTP_HOST_IP if [ "$CURR_LOCATION" = "OFFICE" ] then $route change default $DEFAULT_GATEWAY || $route add default $DEFAULT_GATEWAY elif [ "$CURR_LOCATION" = "HOME" ] then $route delete OFFICE_NET1 $route delete OFFICE_NET2 $route delete OFFICE_NET_EXCLUSIVE $route delete OFFICE_HOST_EXCLUSIVE fi

rsync

rsync is a smart program to copy files between different directories or machines. I used to use it on day-to-day basis. However, it didn’t not work as smart as it appear to be. I even considered writing a synchronising program on my own.

Nevertheless, a few days ago I re-read the manual and find something interesting:

• If synchronising with local directories, it will copy the whole files as needed.
• If synchronising with remote directories, it will use its increamental algorithm to do the job.

Summary: if sychronising with remote directories such as those on samba servers, it is better not to sync them as mounted directories. Instead, sync them as folders on the remote sites.

Here is the parameters I am using at the moment:

rsync -Crvzlui --stats --progress --delete

* There is one drawback, though. I have not figureed out how to set the automatic login, so I have to type password every time.

/etc/gdm/Xsession (Ubuntu)

My gnome-session stoped working after

1. /etc/profile was modified.
2. SCIM was uninstalled.
3. GCIN was installed.

Precisely, the /etc/gdm/Xseesion default failed. I have no idea which of these lead to that problem. The error message in .xsession-error was very simple:

/etc/gdm/Xsession: Beginning session setup… /etc/gdm/Xsession: Executing default failed, will try to run x-terminal-emulator

After some intensive tracing, the problem appeared to be resulted from the fail to execute the line

. $SESSIONFILE The solution? Change the first line, from

#!/bin/sh

to

#!/bin/bash

And that’s it.

Ubuntu

Ubuntu is a Linux distribution which targets on the ordinary enduser. Recently I installed it on my Lab desktop.  At the beginning, it looked really nice and the default setting was good enough for ordinary users. Several hours later, however, I found that I need to fine-tune and frustrated for the location of the configuration files and the options is different from FreeBSD. 

First of all, in FreeBSD, the system wide configuration files are usually located in following locations: /etc, /usr/local/etc and /usr/X11R6/etc.  The binary files of application can be found in /usr/local/bin, /usr/local/sbin. /usr/X11R6/bin and /usr/X11R6/sbin (I am talking about ports/packages). Ubuntu seems simpiler, just /etc and /usr/bin.

The really nasty things are incompatibity command-line options. An “incomprehensive” list of the difference command-line options between FreeBSD and Ubuntu does not is listed as follow:

	FreeBSD	Ubuntu
ls	-w Force raw printing of non-printable characters. Color support: -G	-w: set assumed screen width Color support: –color
rm	-I Request confirmation once if more than three files are being removed	no -I
rsync	-8, –8-bit-output leave high-bit chars unescaped in output	Don’t support -8

Of course there are more incompatible command options, but that’s the matter of “Don’t use, don’t bother.” 😛

Synergy

Synergy is good for the people with multiple computers and monitors, but just want  one mouse and keyboard to control all of them.

Normally the setting is very easy. However, the old version (1.1.x) cannot  understand the protocol of the newer version (1.3.x). Therefore, make sure the versions of client and server are identical.