Posts Tagged ‘say’

« Older Entries

How to do a port redirect to localhost service with socat or ncat commands to open temporary access to service not seen on the network

Friday, February 23rd, 2024

socat-simple-redirect-tcp-port-on-linux-bsd-logo

You know sometimes it is necessery to easily and temporary redirect network TCP ports to be able to be accessible from Internal DMZ-ed Network via some Local Network IP connection or if the computer system is Internet based and has an external "'real" Internet Class A / B address to be reachable directly from the internet via lets say a modern Internet browser such as Mozilla Firefox / Google Chrome Browser etc.

Such things are easy to be done with iptables if you need to do the IP redirect permanent with Firewall rule changes on Linux router with iptables.
One way to create a TCP port redirect using firewall would include few iptable rules  like for example:

1. Redirect port traffic from external TCP port source to internal one

# iptables -t nat -I PREROUTING -p tcp –dport 10000 -j REDIRECT –to-ports 80
# iptables -t nat -I OUTPUT -p tcp -o lo –dport 10000 -j REDIRECT –to-ports 80
# iptables -t nat -A OUTPUT -o lo -d 127.0.0.1 -p tcp –dport 80 -j DNAT  –to-destination 192.168.0.50:10000
# iptables -t nat -I OUTPUT –source 0/0 –destination 0/0 -p tcp –dport 80 -j REDIRECT –to-ports 10000


Then you will have 192.168.00.50:10000 listener (assuming that the IP is already configured on some of the host network interface, plugged in to the network).

 But as messing up with the firewall is not the best thing to do especially, if you need to just temporary redirect external listener port to a service configured on the server to only run on TCP port on loopback address 127.0.0.1, you can do it instead with another script or command for simplicy.

One simple way to do a port redirect on the fly on GNU / Linux or FreeBSD / OpenBSD is with socat command.

Lets say you have a running statistics of a web server Apache / Nginx / Haproxy frontend / backend statistics or whatever kind of web TCP service on port 80 on your server and this interface is on purpose configured to be reachable only on localhost interface port 80, so you can either access it by creating an ssh tunnel towards the service on 127.0.0.1 or by accessing it by redirecting the traffic towards another external TCP port, lets say 10000.

Here is how you can achieve

2. Redirect Local network accessible IP on all configured Server network interfaces port 10000 to 127.0.0.1 TCP 80 with socat

# socat tcp-l:10000,fork,reuseaddr tcp:127.0.0.1:80

If you need to access later the redirected port in a Browser, pick up the machine first configured IP and open it in a browser (assuming there is no firewall filter prohibiting access to redirected port).

root@pcfreak:~# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 109.104.212.130  netmask 255.255.255.0  broadcast 109.104.212.255
        ether 91:f8:51:03:75:e5  txqueuelen 1000  (Ethernet)
        RX packets 652945510  bytes 598369753019 (557.2 GiB)
        RX errors 0  dropped 10541  overruns 0  frame 0
        TX packets 619726615  bytes 630209829226 (586.9 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Then in a browser open http://102.104.212.130 or https://102.104.212.130 (depending on if remote service has SSL encryption enabled or not) and you're done, the configured listener Server service should pop-up on the screen.

3. Redirect IP Traffic from External IP to Localhost loopback interface with netcat ( ncat ) swiss army knife hackers and sysadmins tool

If you need to redirect lets say TCP / IP port 8000 to Port a server local binded service on TCP 80 with ncat, instead of socat (if lets say socat is not pre-installed on the machine), you can do it by simply running those two commands:

[root@server ~]# mkfifo svr1_to_svr2
[root@server ~]# ncat -vk -l 8000 < svr1_to_svr2 | ncat 127.0.0.1 80 > svr1_to_svr2
Ncat: Version 7.92 ( https://nmap.org/ncat )
Ncat: Listening on 0.0.0.0:10000
Ncat: Connection from 10.10.258.39.
Ncat: Connection from 10.10.258.39:51813.
Ncat: Connection from 10.10.258.39.
Ncat: Connection from 10.10.258.39:23179.
 

I you don't care to log what is going on the background of connection and you simply want to background the process with a one liner command you can achive that with:


[root@server /tmp]# cd tmp; mkfifo svr1_to_svr2; (ncat -vk -l 8000 < svr1_to_svr2 | ncat 127.0.0.1 80 > svr1_to_svr2 &)
 

Then you can open the Internal Machine Port 80 TCP service on 8000 in a browser as usual.

For those who want a bit of more sophisticated proxy like script I would suggest you take a look at using netcat and a few lines of shell script loop, that can simulate a raw and very primitive proxy with netcat this is exampled in my previous article Create simple proxy server with netcat ( nc ) based utility.

Hope this article is helpful to anyone, there is plenty of other ways to do a port redirect with lets say perl, python and perhaps other micro tools. If you know of one liners or small scripts, that do it please share in comments, so we can learn from each other ! 

Enjoy ! 🙂
 

Tags: , , , , , , , , , , , , ,
Posted in Educational, Linux, Linux and FreeBSD Desktop, Networking | No Comments »

Christ is Risen ! Truly He is Risen ! The origin of the tradition Paschal Greeting and Coloring of Eggs on Easter Holidays in the Church

Wednesday, April 27th, 2022

 

Christ-is-Risen-Truly-he-is-risen-and-the-christian-origin-of-red-eggs-worldwide-Christ-triumphant-icon

Christ is Risen ! Truly He is Risen !

Христос воскресе ! Воистину воскресе ! (Khristos voskrese! Voistinu voskrese!) – Church Slavonic Paschal Greeting

Χριστὸς ἀνέστη!  Ἀληθῶς ἀνέστη ! (Khristós anésti! – Alithós anésti!) – Greek Paschal Greeting

Christus Resurrexit ! Resurrexit Vere ! – Latin Paschal Greeting

The Easter Eggs are so famous today for the kids worldwide, even though the world does not put much accent on the feast of Pascha (Easter). All kind of colored eggs are to be find in stores, many christian countries both Western and Eastern all throughout the world have the tradition of coloring eggs for Easter. 
The tradition is also the same here in Orthodox Bulgaria, as we have the tradition to boil and color eggs in various colors. 
Usually the first egg is colored in Dark Red and once sanctified in the Church is put on the iconostasis (the prayer corner in the house) in front of Christ, Virgin Mary and saints icons and kept their until next year.

Miraculously this Egg usually does not start decaying or smelling as an ordinary egg will do if left out of the fridge for a month or so. This first egg in dedication and memory of Christ's resurrection is kept on the iconostasis until the next year's Pascha and then buried somewhere in a green clean place for sanctification of the land.

This is a good and well followed tradition for those strict about religion, but even those who did not strictly follow Christianity or orthodoxy do color eggs for the fun of kids and as an expression for joy of the Paschal feast. Both grown and kids then try out their forces whose egg is more powerful by knocking each other's eggs to test whose egg shell is more solid and can stand up the break. The egg that is "victorious" once people test their power that is stronger and withstand the "egg fight" is kept for another egg duel with another person.

According to old superstitious belief if you win over in an eggs fight this is interpteted as you will have a good health and well being for the upcoming period till next year's Pascha.
 

How and from wherein this Boiled Eggs coloring originated ?


The short answer is it is connected to one of Church's traditions about the poor apostle Equal Saint Mary ( Maria ) Magdalene, who have given as a gift to Roman emperor Tiberius an Egg with the All Famous Greeting dialog in the Orthodox Churches among people with person A saying:   Christ is Risen ! person B responding: Truly he is Risen! (Христос Воскресе Войстину Воскресе !)

From the time of the many appearances of the Savior Christ in flesh after his Glorious Resurrection described by the Holy Evangelists in the Gospels and the fervent sermon of St. Mary Magdalene (one of the of the so called Myrrh- Bearing Woman who were the first who have visited the tomb where Dead body of Christ was led and become witnesses of  the Resurrection). The surviving Bible's New Testament 4 Gospel books do not provide further details about the activities of St. Mary Magdalene and her life. The Church mouth-by -mouth tradition of her later life in several local Christian churches differ slightlyhowever everywhere they essentially report on the zealous co-apostolic activity of St. Mary Magdalene. And the differences between these traditions depend on which of the evangelical women these churches understand by the name of St. Mary Magdalene.

Some Western Christian churches, as well as the Church Fathers and learned theologians, unite in one or two personalities three evangelical women: the sinner who repented in the house of Simon the Pharisee, shed tears at the Savior Christ's feet, wiped them with her hair. and she anointed them with precious ointment, and Mary of Bithynia, sister of Lazarus of Bythynia ( resurrected in the fourth day after death by Chrsit and commemorated one day before Palm Sunday )' and Mary Magdalene, who was delivered from the Savior Christ by seven demons. But the Orthodox Church now, as before, recognizes those mentioned in the Gospels with different signs, three persons as different separate ones, and does not want to base historical information on arbitrary, plausible interpretations. Therefore, the tradition of the Orthodox Church states that after the Gospel appearances of the Risen Christ before His Ascension and after, St. Mary Magdalene resided with the Blessed Virgin and the Apostles and was an active helper of the first successes of spreading the Christian faith first in Jerusalem. But full of zeal, fervent faith, and zealous love for God's gospel, she then preached in other lands, proclaiming everywhere the heavenly grace, joy, and salvation of all who believed in the Savior of the world, the Risen Christ.

Saint-Mary-Magdalene-gifting-red-egg-to-emperor-Tiberius-Orthodox-icon-one-of-Myrrh-Bearing-Woman

While visiting Italy to preach, St. Mary Magdalene found an opportunity to appear before the then-reigning Emperor Tiberius I, and presented him, according to generally accepted Eastern custom, with an egg painted red and greated him with "Christ is risen!"

The modesty of the gift of Mary Magdalene did not surprise the emperor, because he knew the ancient custom of the East, also among the Jews, going for the first time to superiors, or on solemn occasions to acquaintances or patrons, to offer a gift of honor, with some known or special, symbolic meaning. Examples of this can be found in Jewish Old Testament history, as are the gifts presented by the rich Wise men (magis – today their relics are kept for veneration in Cathedral of Cologne Germany) to the born Jesus Christ in Bethlehem of Judea. Even the poor in such cases offered as a gift various fruits from their locality or eggs from birds. Thus, partly following this ancient custom and with the red color of the egg laid and with the hitherto unheard words "Christ is risen!" to arouse the curiosity of the suspicious Emperor Tiberius. The holy co-apostle Mary Magdalene, by explaining the significance of this gift, began her fervent sermon on the Resurrection truth and the teachings of the Savior Christ for salvation. With great inspiration and conviction she told the emperor about the life, miracles, crucifixion and resurrection of Jesus Christ according to his own prophecy. She gave a direct, simple-minded account of the extremely unjust, biased judgment of Jesus Christ by the embittered members of the Jerusalem Sanhedrin. governor of Judea Pilate of Pontus, in condemning Jesus Christ to crucifixion. She explained how all this incurred the wrath of the Roman emperor then and how Tiberius handed them over to a court in which Pilate was deprived of power and exiled to Gaul, in the city of Vienna, where, according to legend, tormented by remorse and despair, he killed himself. According to another legend, Pilate repented, turned to Christ in prayer, as a sign of which his head was accepted by an angel after being cut off.

According to Church tradition, the sisters of Lazarus Martha and Mary went to Italy with St. Mary Magdalene; and Pilate, learning of this and fearing the denunciation of his unlawful actions by the Christians, himself sent a message to the Emperor Tiberius about Jesus Christ, in which he testified to the virtuous life of Christ, the healing of all diseases and infirmities from Him, even for the resurrection of the dead and for His other great miracles. Pilate asserted that in examining the accusations of the Jews, he found no fault in Jesus Christ; he made great efforts to deliver Him from the hands of the troubled Jews, but failed to deliver Him and betrayed Jesus to their will because of the cries of the people and the rebellious accusation of the Jews against Pilate himself …

 

... as a witness, overwhelmed with fear, he told the emperor about everything that had happened to Jesus Christ, who became an object of faith as God …

After such testimonies from the Roman governor of Judea and the worshipers of the Savior Christ, Emperor Tiberius, according to legend, himself believed in the Savior Christ, proposed to include Jesus Christ in the image of the Roman gods, and even when the Roman Senate rejected this proposal, Tiberius by royal decree threatened to punish anyone who dared to grieve believers in Jesus Christ.

In this way, with the zealous, fearless sermon on the Savior Christ, St. Mary Magdalene, along with other devout Christians, persuaded the pagan governor of Judea to testify in writing about the universal event of Christ's Resurrection before the pagan world and persuaded the then Roman emperor of the Savior Christ, thus facilitating the spread of Christianity.

Anastasis-Hristos-Voskrese-beautiful-orthodox-Mosaic
Anastasis (Resurrection) Church Fresco


And the Christians of that time, learning about the significance and strength of the impression caused by the offering of a red egg by Mary Magdalene to Emperor Tiberius with the words: "Christ is risen!" then began to imitate her in this and as a remembrance of Christ's Resurrection they began to give each other red eggs and say: "Christ is risen! … He is risen indeed! …"

Thus, this custom gradually spread everywhere and became universal for Christians around the world. In it, the egg serves as a symbol of Christ's resurrection and the resurrection of the dead, and of our expected new-birth for eternal bliss in the future life, the pledge for which is Christ's Resurrection.

Just as a bird is born from an egg and begins to live an independent life after its release from the shell, and the vast circle of life is revealed to it, so we, at the second coming of Christ to earth , rejected from ourselves together with the earthly body all that is mortal on earth.

By the power of Christ's Resurrection we will be resurrected and resurrected to another, higher, eternal, immortal life.

And the red color of the Easter egg reminds us that the redemption of mankind and our future new life have been acquired through the shedding of the cross on the pure blood of the Savior Christ.

Thus, the red egg serves to remind us of one of the most important dogmas of the Divine revealed Christian faith.

 

After the crucifixion of Jesus by the Jews in terrible miracles took place in nature, many dead righteous people rose, with His resurrection on the third day.Pilate, as a witness overwhelmed with great fear, informed the Caesar of all things that had happened to Jesus Christ.

In Eastern Orthodox Tradition Christ is Risen ! Truly he is Risen Greeting is used to joyfully great each other all around the Orthodox countries in the first 3 days of easter, and can be used instead of normal Hello greeting ! for the upcoming week The Holy Easter Weak which is a week of great joy and even by a hello greating in the Church could be used for 40 days as a normal greeting.

It is worthy to close this article with the praisal words, read on the first day of Pascha  authored by one of the most important Church fathers and
compiler of most served Liturgy service throughout the yearly service calendar:

"Christ is risen, and you are overthrown!
Christ is risen, and the demons are fallen!
Christ is risen, and the angels rejoice!
Christ is risen, and life reigns!
Christ is risen, and not one dead remains in a tomb!
For Christ, being raised from the dead, has become the first-fruits of them that have slept."

Saint John Chrysostom

Tags: , , , , , , , , , , , , , , , , ,
Posted in Christianity, Educational, Various | No Comments »

Short SSL generate new and self-signed certificates PEM, view and convert to and from PKCS12 to java key store cookbook commands cheat sheet

Tuesday, January 12th, 2021

OpenSSL-logo

Below is a short compilation of common used openssl commands (a kind of cookbook) helpful for sysadmins who has to commonly deal with OpenSSL certificates.

Lets say you have to generate new certificate / key and a PEM files, prepare self-signed certificates, show CSR / PEM or KEY ssl file contents, get information about certificate such as expiry date a type of encryption algorithm or sign certificate with self-signed authority convert PEM to PKCS12, convert from PKCS12 file format to .PEM, convert java X509 to java key store SSL encryptionor convert java key store format certificate to PKCS12, then below will be of use to you.

1. Generate Private RSA Key with 2048 bits

# openssl genrsa -out $ (hostname -f) .key 2048

2. Create CSR file

# openssl req -new -key $ (hostname -f) .key -out $ (hostname -f) .csr

3. Create a Self Certified Certificate:

# openssl x509 -req -days 30 -in $ (hostname -f) .csr -signkey $ (hostname -f) .key -out $ (hostname -f) .crt
Enter password:

# openssl rsa -in key.pem -out newkey.pem


4. Show CSR file content

# openssl req -in newcsr.csr -noout -text


5. Get Certificate version / serial number / signature algorithm / RSA key lenght / modulus / exponent etc.

# openssl x509 -in newcert.pem -noout -text


6. Server certificate as CA self signeded

# openssl ca -in newcert.csr -notext -out newcert.pem


7. Generate a certificate signing request based on an existing certificate

# openssl x509 -x509toreq -in certificate.crt -out CSR.csr -signkey privateKey.key


8. Convert .pem / .key / .crt file format to pkcs12 format
 

# openssl pkcs12 -export -in newcert.pem -inkey newkey.key -certfile ca.crt -out newcert.p12


9. Convert pkcs12 pfx to common .pem

# openssl pkcs12 -in mycert.pfx -out mycert.pem


10. The Formats available

# openssl x509 -inform the -in certificate.cer -out certificate.crt


11. Convert a pkcs # 7 certificate into PEM format

# openssl pkcs7 -in cert.p7c -inform DER -outform PEM -out certificate.p7b
# openssl pkcs7 -print_certs -in certificate.p7b -out certificate.pem


12. Convert X509 to java keystore file

# java -cp not-yet-commons-ssl-0.3.11.jar org.apache.commons.ssl.KeyStoreBuilder pass_for_new_keystore key.key certificate.crt

13. Convert java keystore file to pkcs12

# keytool -importkeystore -srckeystore keystore.jks -destkeystore intermediate.p12 -deststoretype PKCS12

Tags: , , , , , , , , ,
Posted in System Administration, Web and CMS | No Comments »

SEO: Best day and time to write new articles and tweet to get more blog reads – Social Network Timing

Tuesday, June 17th, 2014

what-is-best-time-to-write-articles-to-increase-your-blog-traffic

I'm trying to regularly blog – as this gives me a roadmap what I'm into and how I spent my time. When have free time,  I blog almost daily except on weekends (as in weekends I'm trying to stay away from computers). So if you want to attract more readers to your blog the interesting question arises
 

What time is best to hit publish on your posts?

writing-in-the-mogning-on-the-internet-timing-morning-is-best-for-your-posts
Now there are different angles from where you can extract conclusions on best timing to blog post.One major thing to consider always when posting is that highest percentage of users read blogs in the morning with their morning coffee. Here are some more facts on when web content is more red:

  • 70% of users say they read blogs in the morning
  • More men read blogs at night than woman
  • Mondays are the highest traffic days for avarage blogs
  • 11 a.m. is normally the highest traffic hour for blogs
  • Usually most comments are put on Saturdays
  • Blogs with more than one post a day has higher chance of inbound links and usually get more unique visitors

As my blog is more technical oriented most of my visitors are men and therefore posting my blogs at night doesn't interfere much with my readers.
However, I've noticed that for me personally posting in time interval from 13:00 to 17:00 influence positively the amount of unique visitors the blog gets.

According to research done by Social Fresh – Thursday is the best day to publish an article if you want to get more Social SharesBest-Day-to-Blog-to-get-more-shares-in-social-networks

As a rule of thumb Thursday wins 10% more shares than all other days. In fact, 31% of the top 100 social share days in 2011 fell on Thursday.
My logical explanation on this phenomenon is that people tend to be more and more bored from their work and try to entertain more and more as the week progresses.

To get more attention on what I'm writting I use a bit of social networking but I prefer using only a micro blogging social networking.  I use Twitter to share what I'm into. When I write a new article on my blog I tweet its title with a link to my article, because this drives people attention to what I have to say.

In overall I am skeptical about social siting like Facebook and MySpace because it has negative impact on how people use their time and especially negative on youngsters Other reason why I don't like Friends Networks is because sharing what you have to say on sites like FB, Google+ or "The Russian Facebook" –  Vkontekte VK.com are not respecting privacy of your data.

 

You write free fresh content for their website for free and you get nothing!

 

Moreover by daily posting latest buzz you read / watched on Facebook etc. or simply saying what's happening with you, where you're situated now etc., you slowly get addicted to posting – yes for good or bad people tend to be maniacal).

By placing all of your pesronal or impersonal stuff online, you're making these sites better index their sites into Google / Yahoo / Yandex search engines and therefore making them profitable and high ranked websites on the internet and giving out your personal time for Facebook profit? + you loose control over your data (your data is not physically on your side but situated on some remote server, somewhere on the internet).
 

Best avarage time to post on Tweet Facebook, Google+ and Linkedin

best-time-and-day-to-write-new-articles-schedule-content-at-the-right-time-on-social-media-to-get-high-trafficrank

So What is Best Day timing to Post, Pin or Tweet?

Below is an infographic I fond on this blog (visual data is originalcompiled by SurePayRoll) and showing visualized results from some extensive research on the topic.

best-time-to-post-and-tweet-blog-articles-social-media-infographic


Here is most important facts this infographic reveals:


The avarage best time to post tweet and pin your new articles is about 15:00 h
 

  • Best timing to post on Twitter is on Mondays to Thursdays from 13:00 to 15:00 h
  • Best timing to post on facebook is between 13:00 and 16:00 h
  • For Linkedin it is best to place your publish between Tuesdays to Thursdays


Peak times on Facebook, Twitter and Linkedin

  • Peak times for use of Facebook is on Wednesdays about 15:00 h
  • Peak times for use of Twitter is from Monday to Thursdays from 9:00  to 15:00 h
  • Linkedin Peak time is from 17:00 to 18:00 h
  • Including images to your articles increases traffic, tweets with images increase visits, favorites and leads


Worst time (when users will probably not view your content) on FB, Twitter and Linkedin

  • Weekends before 08:00  and after 20:00 h
  • Everyday after 20:00 and Fridays after 15:00 noon
  • Mondays and Fridays from 22:00 to 06:00 morning

Facts about Google+
 

  • Google+ is the fastest growing demographic social network for people aged 45 to 54
  • Best time to share your posts on Google+ is from 09:00 to 10:00 in the morning
  • Including images to your articles increases traffic, tweets with images increase visits, favorites and leads
     

Images generate more traffic and engagement

  • Including images to your articles increases traffic, tweets with images increase visits, favorites and leads


I'm aware as every research above info on best time to tweet and post is just a generalization and according to field of information posted suggested time could be different from optiomal time for individual writer, however as a general direction, info is very useful and it gives you some idea.
Twitter engagement for brands is 17% higher on weekends according to Dan Zarrella’s research. Tweets posted on Friday, Saturday and Sunday had higher CTR (Click Through Rate) than those posted in the rest of the week.

tweet-on-the-weekends-is-better-for-high-click-through-rate

Other best day to tweet other than weekends is mid-week time Wednesday.
Whether your site or blog is using retweet to generate more traffic to website best time to retweet is said to be around 5 pm. CTR is higher

Tags: , , , , , , , , , , , , , , , , ,
Posted in Curious Facts, Everyday Life, SEO, Various, Web and CMS | No Comments »

Fix FTP active connection issues “Cannot create a data connection: No route to host” on ProFTPD Linux dedicated server

Tuesday, October 1st, 2019

proftpd-linux-logo

Earlier I've blogged about an encounter problem that prevented Active mode FTP connections on CentOS
As I'm working for a client building a brand new dedicated server purchased from Contabo Dedi Host provider on a freshly installed Debian 10 GNU / Linux, I've had to configure a new FTP server, since some time I prefer to use Proftpd instead of VSFTPD because in my opinion it is more lightweight and hence better choice for a small UNIX server setups. During this once again I've encounted the same ACTIVE FTP not working from FTP server to FTP client host machine. But before shortly explaining, the fix I find worthy to explain briefly what is ACTIVE / PASSIVE FTP connection.

 

1. What is ACTIVE / PASSIVE FTP connection?
 

Whether in active mode, the client specifies which client-side port the data channel has been opened and the server starts the connection. Or in other words the default FTP client communication for historical reasons is in ACTIVE MODE. E.g.
Client once connected to Server tells the server to open extra port or ports locally via which the overall FTP data transfer will be occuring. In the early days of networking when FTP protocol was developed security was not of such a big concern and usually Networks did not have firewalls at all and the FTP DATA transfer host machine was running just a single FTP-server and nothing more in this, early days when FTP was not even used over the Internet and FTP DATA transfers happened on local networks, this was not a problem at all.

In passive mode, the server decides which server-side port the client should connect to. Then the client starts the connection to the specified port.

But with the ever increasing complexity of Internet / Networks and the ever tightening firewalls due to viruses and worms that are trying to own and exploit networks creating unnecessery bulk loads this has changed …

active-passive-ftp-explained-diagram
 

2. Installing and configure ProFTPD server Public ServerName

I've installed the server with the common cmd:

 

apt –yes install proftpd

 

And the only configuration changed in default configuration file /etc/proftpd/proftpd.conf  was
ServerName          "Debian"

I do this in new FTP setups for the logical reason to prevent the multiple FTP Vulnerability Scan script kiddie Crawlers to know the exact OS version of the server, so this was changed to:

 

ServerName "MyServerHostname"

 

Though this is the bad security through obscurity practice doing so is a good practice.
 

3. Create iptable firewall rules to allow ACTIVE FTP mode


But anyways, next step was to configure the firewall to be allowed to communicate on TCP PORT 21 and 20 to incoming source ports range 1024:65535 (to enable ACTIVE FTP) on firewal level with iptables on INPUT and OUTPUT chain rules, like this:

 

iptables -A INPUT -p tcp –sport 1024:65535 -d 0/0 –dport 21 -m state –state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp -s 0/0 –sport 1024:65535 -d 0/0 –dport 20 -m state –state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -s 0/0 –sport 21 -d 0/0 –dport 1024:65535 -m state –state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -s 0/0 –sport 20 -d 0/0 –dport 1024:65535 -m state –state ESTABLISHED,RELATED -j ACCEPT


Talking about Active and Passive FTP connections perhaps for novice Linux users it might be worthy to say few words on Active and Passive FTP connections

Once firewall has enabled FTP Active / Passive connections is on and FTP server is listening, to test all is properly configured check iptable rules and FTP listener:
 

/sbin/iptables -L INPUT |grep ftp
ACCEPT     tcp  —  anywhere             anywhere             tcp spts:1024:65535 dpt:ftp state NEW,ESTABLISHED
ACCEPT     tcp  —  anywhere             anywhere             tcp spts:1024:65535 dpt:ftp-data state NEW,ESTABLISHED
ACCEPT     tcp  —  anywhere             anywhere             tcp dpt:ftp
ACCEPT     tcp  —  anywhere             anywhere             tcp dpt:ftp-data

netstat -l | grep "ftp"
tcp6       0      0 [::]:ftp                [::]:*                  LISTEN    

 

4. Loading nf_nat_ftp module and net.netfilter.nf_conntrack_helper (for backward compitability)


Next step of course was to add the necessery modules nf_nat_ftp nf_conntrack_sane that makes FTP to properly forward ports with respective Firewall states on any of above source ports which are usually allowed by firewalls, note that the range of ports given 1024:65535 might be too much liberal for paranoid sysadmins and in many cases if ports are not filtered, if you are a security freak you can use some smaller range such as 60000-65535.

 

Here is time to say for sysadmins who haven't recently had a task to configure a new (unecrypted) File Transfer Server as today Secure FTP is almost alltime used for file transfers for the sake of security might be puzzled to find out the old Linux kernel ip_conntrack_ftp which was the standard module used to make FTP Active connections work is substituted nowadays with  nf_nat_ftp and nf_conntrack_sane.

To make the 2 modules permanently loaded on next boot on Debian Linux they have to be added to /etc/modules

Here is how sample /etc/modules that loads the modules on next system boot looks like

cat /etc/modules
# /etc/modules: kernel modules to load at boot time.
#
# This file contains the names of kernel modules that should be loaded
# at boot time, one per line. Lines beginning with "#" are ignored.
softdog
nf_nat_ftp
nf_conntrack_sane


Next to say is that in newer Linux kernels 3.x / 4.x / 5.x the nf_nat_ftp and nf_conntrack-sane behaviour changed so  simply loading the modules would not work and if you do the stupidity to test it with some FTP client (I used gFTP / ncftp from my Linux desktop ) you are about to get FTP No route to host errors like:

 

Cannot create a data connection: No route to host

 

cannot-create-a-data-connection-no-route-to-host-linux-error-howto-fix


Sometimes, instead of No route to host error the error FTP client might return is:

 

227 entering passive mode FTP connect connection timed out error


To make the nf_nat_ftp module on newer Linux kernels hence you have to enable backwards compatibility Kernel variable

 

 

/proc/sys/net/netfilter/nf_conntrack_helper

 

echo 1 > /proc/sys/net/netfilter/nf_conntrack_helper

 

To make it permanent if you have enabled /etc/rc.local legacy one single file boot place as I do on servers – for how to enable rc.local on newer Linuxes check here

or alternatively add it to load via sysctl

sysctl -w net.netfilter.nf_conntrack_helper=1

And to make change permanent (e.g. be loaded on next boot)

echo 'net.netfilter.nf_conntrack_helper=1' >> /etc/sysctl.conf

 

5. Enable PassivePorts in ProFTPD or PassivePortRange in PureFTPD


Last but not least open /etc/proftpd/proftpd.conf find PassivePorts config value (commented by default) and besides it add the following line:

 

PassivePorts 60000 65534

 

Just for information if instead of ProFTPd you experience the error on PureFTPD the configuration value to set in /etc/pure-ftpd.conf is:
 

PassivePortRange 30000 35000


That's all folks, give the ncftp / lftp / filezilla or whatever FTP client you prefer and test it the FTP client should be able to talk as expected to remote server in ACTIVE FTP mode (and the auto passive mode) will be not triggered anymore, nor you will get a strange errors and failure to connect in FTP clients as gftp.

Cheers 🙂

Tags: , , , , , , , , , , , , , , , , , , , , ,
Posted in Linux, System Administration | No Comments »

Gnome Appearance modify command in Linux / How to change theme using command line in GNOME

Friday, October 13th, 2017

gnome-apperance-theme-modify-commands-in-linux-how-to-change-theme-using-commands-gnome-desktop-environment

 

1. Gnome Appearance modify command  in Linux instead – Intro

It is always handy to do stuff in console and as a GNU / Linux long time GNOME user I found it interesting to share here some nice tips on how Theme could be changed using command line.

Why would you ever want to change themes through console / Terminal? Well lets say you have to administrate remotely a bunch of GNU / Linux Desktop machines and you have to change themes simultaneously on a multiple hosts, changing theme using the command line then comes really handy.

Besides that in GNOME 3.X.X branch with Unity (yackes) if you have chosen to use GNOME (Flashback /Fallback) or Mate you might find it difficult to change some specifics of the default theme, that is especially true for GNOME (flashback) Fallback like me.

If you heard GNOME Flashback but you never used i and wonder what it is I think it is worthy to say few words about it:

GNOME Flashback is a session for GNOME 3 which was initially called "GNOME Fallback", and shipped as a stand-alone session in Debian and Ubuntu. It provides a similar user experience to the GNOME 2.x series sessions. The differences to the MATE project is that GNOME Flashback uses GTK+ 3 and tries to follow the current GNOME development by integrating recent changes of the GNOME libraries. The development currently lags behind a little but a lot of progress has been made in bug fixing lately. So in short GNOME Fallback is for anyone who wants to stick to GNOME 2.X interface but doesn't want to stick to Mate and wants still to use some more graphical goodies that comes with GNOME 3.

In MATE nowadays there is possibility to relatively Easy add / change appearance and add new themes, there is also the graphical tool called Appearance accessible via mate-control-center command or menus. Using Appearance you can modify themes and Window Decorations, however there is much more that can be done or tuned missing in the MATE GUI using a couple of GNOME desktop environment native commands.

 

2. List All Installed GNOME themes on Debian / Ubuntu Linux

 

 

$ ls -1 /usr/share/themes/|sed -e 's#/##g'
Adwaita
Adwaita-dark
Albatross
Arc
Arc-Dark
Arc-Darker
Blackbird
BlackMATE
Bluebird
BlueMenta
Blue-Submarine
Breeze
Breeze-Dark
Clearlooks
Clearlooks-Phenix
ClearlooksRe
ContrastHighInverse
Crux
Default
Dopple
Dopple-Left
DustBlue
Emacs
eOS
Flat-Plat
Flat-Plat-compact
Flat-Plat-dark
Flat-Plat-dark-compact
Flat-Plat-light
Flat-Plat-light-compact
GreenLaguna
Green-Submarine
Greybird
Greybird-accessibility
Greybird-bright
Greybird-compact
HighContrast
Industrial
Kiwi
Menta
Mist
MurrinaAquaIsh
MurrinaAzul
MurrinaBlau
MurrinaBleu
MurrinaBlu
MurrinaBlue
MurrinaCandido
MurrinaCandy
MurrinaCappuccino
MurrinaChrome
MurrinaCream
MurrinaCrystal
MurrinaCrystalCurve
MurrinaCrystalHuman
MurrinaCrystalLine
MurrinaDark
MurrinaEalm
MurrinaElement
MurrinaFancyCandy
MurrinaGilouche
MurrinaLoveGray
MurrinaNeoGraphite
MurrinaVerdeOlivo
Murrine-Gray
Murrine-Light
MurrineRounded
MurrineRoundedIcon
MurrineRoundedLessFramed
MurrineRoundedLessFramedIcon
Murrine-Sky
NOX
Orangine
Raleigh
Redmond
shearwater
Shiny
Spidey
Spidey-Left
Splint
Splint-Left
ThinIce
TraditionalGreen
TraditionalOk
WinMe

 


The All system installed theme location directory /usr/share/themes for RPM Linux-es Fedoras / CentOS etc. are identication

 

 

3. Change GTK Theme


Below commands are for GNOME 3 based desktop environments this includes also any other GNOME based Graphical Environments or components of GNOME 3 such as (Ubuntu Unity, GNOME 3 Shell/Classic, Cinnamon), and even the old GNOME 2 desktop.

In GNOME 2 it was possible to set various variables directly from gconf-editor including GTK Themes but in GNOME 3 somehow this is no more … so to do we need to use some cryptic commands or use gnome-tweak-tool or MyUnity (Ubuntu Linux users with Unity) but configuration that can be made with them is unfortunately partial so in any case knowing below commands is a necessity to be able to tune up nicely your Linux Gnome Desktop.

And yes it is crazy why on Earth gnome developers scaped out the configuration from gconf-editor and left us with this user unfriendly method. Could it be that someone (Like the big corporations) has the interest to ruin Free Software?? What do you think…
 

Unity, GNOME 3 Shell/Classic, Cinnamon

In Unity GNOME 3 Shell / Classic and Cinnamon (the default Debian graphical env).

Before we start I recommend you check out what is the current installed and enabled theme, you might want decide to keep it after checking the number of themes available. To check your current installed GNOME theme run:

 

gsettings get org.gnome.desktop.interface gtk-theme
'Adwaita'


You see I have 'Adwaita' theme as a default.
Next lets change the gnome GTK theme interface.
 

gsettings set org.gnome.desktop.interface gtk-theme "Menta"

 


MATE (In Linux Mate the current fork of GNOME 2 for hardcore GNOME 2 users)

 

mateconftool-2 –type=string –set /desktop/mate/interface/gtk_theme "Menta"

 


GNOME 2 (In native GNOME 2 if you still own some old machines with old Debian / Ubuntu / Fedoras etc.

 

 

gconftool-2 –type=string –set /desktop/gnome/interface/gtk_theme "Menta"

 


4. Change WINDOW THEME (Metacity)
 

Unity, GNOME 3 Classic (Metacity), GNOME 3 Shell (Metacity > Mutter)

 

gsettings set org.gnome.desktop.wm.preferences theme "Menta"


Cinnamon (Metacity -> Muffin)

 

gconftool –type=string –set /desktop/cinnamon/windows/theme "Menta"

 

Note: Cinnamon must be restarted for the change to take effect.


GNOME 2 (In Gnome 2 with Metacity)

 

gconftool-2 –type=string –set /apps/metacity/general/theme "Menta"

 


MATE (Metacity)

 

mateconftool-2 –type=string –set /apps/marco/general/theme "Menta"

 


Change SHELL THEME (In Gnome Shell and Cinnamon)


GNOME Shell (user-theme extension must be enabled)
 

gsettings set org.gnome.shell.extensions.user-theme name "Menta"


Cinnamon

 

gsettings set org.cinnamon.theme name "Menta"

 


5. Change GTK COLOR SCHEME

Unity, GNOME 3 Shell/Classic, Cinnamon (Change GNOME3 Color scheme)

 

 

gsettings set org.gnome.desktop.interface gtk-color-scheme "bg_color:#e9efe9;fg_color:#444444;base_color:#ffffff;text_color:#333333;selected_bg_color:#6666cc;selected_fg_color:#eeeeee;tooltip_bg_color:#222222;tooltip_fg_color:#dfcfcf;link_color:#cc0099;"

Reset color (if you don't like it):

gsettings set org.gnome.desktop.interface gtk-color-scheme ""

 

MATE (Mate set color scheme)

 

 

mateconftool-2 –type=string –set /desktop/mate/interface/gtk_color_scheme "bg_color:#e9efe9;fg_color:#444444;base_color:#ffffff;text_color:#333333;selected_bg_color:#6666cc;selected_fg_color:#eeeeee;tooltip_bg_color:#222222;tooltip_fg_color:#dfcfcf;link_color:#cc0099;"

 

 

Reset color :

 

mateconftool-2 –type=string –set /desktop/mate/interface/gtk_color_scheme ""

 


6. GNOME 2 (Again for the old GNome 2 machines to change the GTK Color scheme)

 

gconftool-2 –type=string –set /desktop/gnome/interface/gtk_color_scheme "bg_color:#e9efe9;fg_color:#444444;base_color:#ffffff;text_color:#333333;selected_bg_color:#6666cc;selected_fg_color:#eeeeee;tooltip_bg_color:#222222;tooltip_fg_color:#dfcfcf;link_color:#cc0099;"

 

Reset color:
 

 

gconftool-2 –type=string –set /desktop/gnome/interface/gtk_color_scheme ""

 


What about colors, well the #444444 and #22222 and #eeeeee, #333333 seen as color codes in above examples can easily decrypted if you don't know them using a tiny tool called gcolor2
The tool is installable on most Linux distributions with a simple apt-get install gcolor2 or yum install gcolor the tool is convenient and a must have for anyone using Linux for basic design or graphic operations with some program as GIMP / Krita / Inkscape / Vectr / Karbon etc.

All gcolor2 does is to make easy for you to get HTML color codes and convert existing ones into colors for you, here is shot:

gcolor2-show-html-color-codes-linux

gcolor2-show-html-color-codes-linux2

http://www.fandigital.com/2012/06/change-theme-command-line-gnome.html

https://ubuntuforums.org/showthread.php?t=1778355

While talking about setting color another interesting Graphical tool related to article, that gives you abilities to change colors in GNOME is gnome-color-choose, the tool is really awesome and allows you to do many of the color tunings shown in above examples

# apt-get install –yes gnome-color-chooser

And finally for the gnome theme hungry people, here is a great bonus. If you need a ton of shiny new themes as possibility to set up on your GNOME download and install The Ultimate Edition Themes deb (Debian / Ubuntu Mint) etc. collection (mirrored):

Debian and other deb based distro users can easily download and install with:
 

linux:~# dpkg -i ultimate-edition-themes-.0.0.7_all.deb

 


Other Linux users such as Fedora ones and Slackware users (if anyone on Slack uses Gnome since KDE is default by default there), use alien tool to install it or directly open the file with Midnight Commander (mc) and copy the files to the /usr/share/themes dir.

 

This article is possible thanks to Change Theme Using Command Line in GNOME (Linux) command line examples are taken from there.

Tags: , , , , , , , , , ,
Posted in Educational, Linux, Linux and FreeBSD Desktop | No Comments »

Beatuiful Coptic Orthodox Church hymns – Coptic Orthodox Church one of the most ancient Christian Churches

Tuesday, November 27th, 2012

Coptic Hymn – Hos Erouf

A curious custom of the Coptic Church is the liturgy that prays and sings it in Coptic, the original language of ancient Egypt. The Church keeps alive the language of the pharaohs, which was written in hieroglyphics, hieratic and demotic and now a modified version of the Greek alphabet, Egyptian written in Greek and demotic (the Copt) was gradually being forgotten, lost ground to the Arabic and thus became incomprehensible. However, the Coptic Church preserved the ancient Egyptian language by tradition thanks to its rites. The video shows images and also religious Copts of pharaonic Egypt, the Copts are the descendants of the ancient Egyptians who have become Christians

O lord Jesus help me.coptic hymn – An coptic hymn in arabic language (not coptic) with english subtitle

Coptic orthodox St Mary Hymn

One can see the Roman Catholic influence on some of the shown icons. The music however is simply terrific!
The Coptic Christian spirituality can be felt. It is well known fact from egypt a lot of monks has spread Chrisian faith in Western Europe.

Je Nai Nan Lord have mercy, coptic orthodox hymns جي ناي نان, ارحمنا

Oh poor Christians of our age we are. We have no love we have nothing.

Coptic Orthodox Hymn: The Virgin M.A.R.Y العدرا م ر ي م (English Subtitles)

"O Sing Unto Him…" Coptic Orthodox Hymn

Blessed is He (Evlogimenos Palm Sunday Festal Hymn English) – Orthodox Hymn (Coptic Rite)

I live in the Netherlands, here people are slowly forgetting their faith who made them what they're now. The state of Christian Church is so weak. We have no prayer power. We walk sick, we don't live like brothers, Oh Lord help us and re-unite your sheeps and put us back in your farm. Lord Have Mercy, Lord Have Mercy, Lord Have Mercy

Coptic Orthodox Hymn: Aripsalin – آربصالين O sing unto Him who was crucified, buried and resurrected, who trampled and abolished death, praise Him and exalt Him above all. Take off the old man, and put on the new and superior one, come closer to greatness of mercy, praise Him and exalt Him above all. + All you Christian people, the priests and the deacons, glorify the Lord for He is worthy, praise Him and exalt Him above all. + Come to us O three children, whom Christ our God has lifted, and from the Devil has delivered, praise Him and exalt Him above all. For the sake of your God the Messiah, the Giver of all good things, come unto us O Hananiah, praise Him and exalt Him above all. O Azariah the zealot, morning and noon and the evening, glorify the power of the Trinity, praise Him and exalt Him above all. + Behold Emmanuel [our Lord], is now in our midst O Mishael, proclaim with the voice of joy, praise Him and exalt Him above all. + Gather now and persevere, and proclaim with the priests, bless the Lord all His works, praise Him and exalt Him above all. The heavens declare the glory, of God until this day, O you angels whom He has made, praise Him and exalt Him above all. Now all you powers of the Lord, bless His honored name, O sun and moon and all the stars, praise Him and exalt Him above all. + And also you rain and dew, sing praises unto our Savior, for He is the God of our fathers, praise Him and exalt Him above all. + Glorify the Lord O clouds and winds, together with the souls and the spirits, O you cold and fire and heat, praise Him and exalt Him above all. You also nights and days, light and darkness and lightning, glorify the Lover of Mankind, praise Him and exalt Him above all. You trees and all that springs on the earth, and all that moves in the sea, mountains and the forests, praise Him and exalt Him above all. + Praise without ceasing, the Lord the King of the kings, O you rivers and seas, praise Him and exalt Him above all. + And we also seeing them, let us say with all these things, bless the Lord all you birds, praise Him and exalt Him above all. O snow and ice, cattle and wild beasts, bless the Lord of lords, praise Him and exalt Him above all. Bless the Lord as befits Him, and not like the heretics, all you sons of men, praise Him and exalt Him above all. + O Israel offer before Him, honor and glory in a joyful voice, all you priests of Emmanuel, praise Him and exalt Him above all. + You servants of the true God, the souls of the righteous, and the humble and the charitable, praise Him and exalt Him above all. God my God is the One, who saved you from danger, O Sedrach Misach and Abednago, praise Him and exalt Him above all. Hurry with great haste, O you righteous of the Lord, and all the creatures He has made, praise Him and exalt Him above all. + Coolness and repose without ceasing, grant unto all of us, that we may joyfully proclaim, praise Him and exalt Him above all. + And also Your poor servant Sarkis, make him without condemnation, that he may join all those and say, praise Him and exalt Him above all.

Tags: , , , , , , , , , , , , ,
Posted in Christianity | No Comments »

Richard stallman (father of free software) interview – Stallman: Google+ and Facebook mistreat their users

Thursday, July 12th, 2012

father-and-Founder-of-Free-Software-Foundation

The father of free software, mr. Richard Stallman is notorious for his critical mind and software freedom activism quite well.

While checking some of his speaches and interviews, I came across another interesting, one here RMS critices and exposes the bad and evilness of fb and Google+.

Interview with Richard Stallman – Stallman: Facebook and Google+ Mistreat Their Users

 

People unaware of computer networks, programming, Unix and the deep computing so to say definitely didn't understand the profoundness of upcoming problems of so called "social networks". The Facebook and Google+ Mistreat Their Users video is also to be found in youtube under name Richard Stallman: Facebook IS Mass Surveillance .

Its a pity Stallman is mostly popular only among specific users like me which are already 'dubbed' into free software and have a belief that computer software should be free. Hopefully as time passes more and more people will be awakened to listen to his speeches and realize the severeness of problems, we face nowdays by simply accepting almost anything new without much privacy concerns …
If you're a free software enthusiast like me, please take the time to share the video and whistle-blow about the problem to as many non-tech pc users as possible 🙂

Tags: , , , , , , , , , , ,
Posted in Curious Facts, Everyday Life, News | No Comments »

Заповеди Блаженства (на Церковнослаянском языке, На Български and in English)

Tuesday, November 10th, 2015

Заповеди Блаженства (ТК Союз)

 

На церковнославянском языке по Мф 5, 3-11 

  1. Блажени нищии духом, яко тех есть Царствие Небесное
  2. Блажени плачущии, яко тии утешатся
  3. Блажени кротцыи, яко тии наследят землю
  4. Блажени алчущии и жаждущии правды, яко тии насытятся
  5. Блажени милостивии, яко тии помиловани будут
  6. Блажени чистии сердцем, яко тии Бога узрят
  7. Блажени миротворцы, яко тии сынове Божии нарекутся
  8. Блажени изгнани правды ради, яко тех есть Царствие Небесное
  9. Блажени есте, егда поносят вам, и ижденут, и рекут всяк зол глагол на вы лжуще, Мене ради: Радуйтеся и веселитеся, яко мзда ваша многа на небесех: тако бо изгнаша пророки, иже (беша) прежде вас.

Евангелски блаженства (Български)

  1. Блажени бедните духом, защото тяхно е Царството небесно.
  2. Блажени плачещите, защото те ще се утешат.
  3. Блажени кротките, защото те ще наследят земята.
  4. Блажени гладните и жадните за правда, защото те ще се наситят.
  5. Блажени милостивите, защото те ще бъдет помилвани.
  6. Блажени чистите по сърце, защото те ще видят Бога.
  7. Блажени миротворците, защото те ще се нарекат синове Божии.
  8. Блажени изгонените заради правда, защото тяхно е Царството небесно.
  9. Блажени сте вие, когато ви похулят и изгонят, и кажат против вас лъжовно каква и да е лоша дума заради Мене. Радвайте се и веселете се, защото голяма е наградата ви на небесата.

— Библията, Евангелие от Матей 5 глава 3-12 стих

The Beautitudes – The Sermon on the Mount (English)

Blessed are the poor in spirit: for theirs is the kingdom of Heaven. (5:3)

Blessed are those who mourn: for they will be comforted. (5:4)

Blessed are the meek: for they will inherit the earth. (5:5)

Blessed are those who hunger and thirst for righteousness: for they will be filled. (5:6)

Blessed are the merciful: for they will be shown mercy. (5:7)

Blessed are the pure in heart: for they will see God. (5:8)

Blessed are the peacemakers: for they will be called children of God. (5:9)

Blessed are those who are persecuted for righteousness sake: for theirs is the kingdom of heaven. (5:10)

In verses 5:11-12, the eight Beatitudes are followed by what is often viewed as a commentary—a further clarification of the eighth one with specific application being made to the disciples. Instead of using the third-person plural "they", Jesus changes to second-person "you":[1]

Blessed are you when people insult you, persecute you and falsely say all kinds of evil against you because of me. Rejoice and be glad, because great is your reward in heaven, for in the same way they persecuted the prophets who were before you.

Tags: , , , , , , , , ,
Posted in Christianity, Various | No Comments »

A meaningless life – And Ulcer one Heavy Cross I have to wear

Sunday, September 30th, 2007

Suffering from Ulcer gives you so much pain and discomfort and makes you so irritated and nervous. That often you think what the crack, why I ever live. I don't want this suffering anymore but want peace and confort, but I have to bear the heavy cross as the Lord Jesus Christ suffered even worser for our salvation.

Suffering from Deodenum Ulcer is one of the things I don't wish you to suffer from. I've been struggling with this diasease already for years and at certain times when you get worsened you get totally out of your mind!
You can do a lot of things and say a lot of things which eitherwise wouldn't because of this terrible Ulcer diasese but I pray the Lord to forgive me for I have hurted many people because of the sickness. People who suffer from Ulcers are more easy to irritating. Sometimes I wonder why I have to suffer with this Ulcer, after all I'm striving for the good and believe in Jesus Christ who healed ALL kind of diaseses
I know i've done a lot of sins and break up God's commandment and I deserve to suffer but still its hard to accept..

 Oh God have mercy
END—–

Tags: , , , , , , , , , , , , ,
Posted in Everyday Life | No Comments »

« Older Entries