type Archives - Page 2 of 8 - ☩ Walking in Light with Christ - Faith, Computing, Diary ☩ Walking in Light with Christ

Posts Tagged ‘type’

Skype remove word completion / Howto Disable spellcheck autocorrect on Mac OS X, Android Phones Tablets and IPhone iOS

Tuesday, March 14th, 2017

How-to-disable-auto-correct-on-MacOS-X-android-and-iphone

I've recently upgraded my wife's Mac Book Air Mac OS X release from Mountain Lion to latest available OS X release Yosemite and after upgrade the old version of Skype used for about 3 years without any problems (except camera issues due to mac OS X bug the old post is here) stopped working (did crashed) on Skype launch so I took few minutes to upgrade Skype as well from Skype.com Skype for Mac official download page after the quick and unproblematic Skype re-install, Skype client was back to normal with a shiny new outlook and on a first glimpse all worked like a charm but …

On the next day when I took use of temporary the upgraded Mac Book Air with the fresh new OS X Yosemite and Skype's latest app to to do a quick login with my Skype credentials noticed a very annoying autocorrect (auto spelling) Skype behavior on any new input text message.

I have to admit the idea of autocorrect feature on a system wide scale is great however quick keyboard typers like me who are used to type more than a letter per second use to type so quickly that occasinally you do errors which you're quick to fix but anyhow errors are automatically corrected in a way that you have to retype the whole word quite often which makes your typing a hellish experience. Then the same auto-correct feature becomes a terrible experience and on any device I notice this behavior I tend to remove it immediately.

I remember the same dictionary auto-spell check / corect behavior was present on my Android run ZTE blade 3 mobile after first Mobile boot and also present on my current iPhone 5 iOS and thus the first thing I did once I start using it is to remove autocorrect (auto spelling) feature and relax the irritation of it.

Just in case if you need to disable Spellcheck auto-correct on Android Phone or Tablet do it from

Settings -> Language & input

android-phone-tablet-disable-autocorrect-spell-check

If you happen to be using also IPhone 5 as me or Iphone 6 / 7 to disable AutoCorrect feature on SMSes / Skype / Viber and other applications do it from Phone's:

Settings -> General

disable_Turn_off_AutoCorrect_in_IPhone_iOS

Shortly I've noticed that the auto-correct feature does not only mess up your typing in Skype but also in Mail and TweetDeck and generally any open application where you can type on Yosemite.

I've took the time to investigate quickly what was causing the new feature that bugged me so much online and came to this nice little article How to turnoff autocorrect on Mac OS X 10.11 El Captain

As the article revealed to Turn off the autocorrect Mac OS X feature you I have to go:

Finder -> System Preferences

Click on Keyboard -> Text
and turn Autocorrect off by unchecking Correct spelling automatically

By doing this autocorrect spelling is disabled for all applications, however for some people it might be handy to leave the correct feature for Mail app or Microsoft Office (Microsoft Word / Excel) etc. and only turn off (disable) the autorrect feature per application side.

You can do this in the separate Applications (of choise where you need auto spelling) from Edit Menu under Spelling and Grammer and enable / disable ‘Check Spelling While Typing’

Tadam Enjoy ! 🙂

Tags: application, Click, disable auto complete android OS phone, disable auto complete macos, disable autocorrect macosx, disable check spell iphone, disable check spelling on Mac OSX, disable ios autocorrect, disable iphone autocorrect, experience, feature, first glimpse, need, old version, remove auto completion android tablet, Skype, type, use
Posted in Curious Facts, Everyday Life, Mac OS X, System Administration, Various | No Comments »

Drawing GANTT Charts and Project Management on Linux, (Microsoft Project substitute for Unix)

Tuesday, October 12th, 2010

I'm studying Project Management, right now. In that spirit of thoughts I and a couple of other guys are building a Project Plan.
As it Project Plan it's necessary to put a GANTT Chart in it to show visually the project timeline (the phases), the duration and the inter-relation between the different tasks which leads the project to an actual completion.

After a bit of thorough research online on available software to deal with project management and particularly, ones that are capable to build a GANTT charts on Linux / BSD.

I've come with the following list of software capable to be a substitute for the Microsoft Project software.
Redmine GANTT Chart

GANTT chart Redmine

1. Gantt Project
GANTTProject Chart

2. Gnome Planner
Planner GANTT Gnome Chart Planner GANTT Chone Chart

3. Task Juggler Project Manager with GANTT Capability for (KDE)
Task Juggler

4. JxProject – This software is not free, though it can be considered almost free
Take a look also at:
5. Trac , though it doesn't really support GANTT charts it's a lovely software to be used for PM.
Trac Project Management

Another option you have is to try out:
6. PHProjekt

Update 20.09.2016 – PHPProject Old download link is no longer active

It is this link http://www.phprojekt.com/, but the page doesn’t seem to be active any more. I thought you might want to update.

If you are looking for an alternative please check out http://wiht.link/PHProjekt-PM, it may make a suitable replacement.

Kind Regards,
Tom Wilcox

That piece of softwre really looks promising, especially if we consider that it's web based and how much essential is today to have an anline tools for doing the ordinary desktop jobs.

You can even check an online demo of the PHPProjekt software here

If you're a type of KDE user you definitely has to try out Kplato

As I've tested the software the software is easy to be used, however it still is missing some essential parts that Microsoft Project includes so it's not 100% substitute.
Also it's not able to open Microsoft Project (MPP) files, neither able to save the charts in the .mpp format.

Moving ahead I've came across DotProject DotProject Gantt Chart
DottProject Gantt Chart

I haven't took the time to test it myself but however, as I go through the software website the project looked quite good.
Lastly you can take a look at: 7. PStricks as a mean of project management, however I think it doesn't support GANTT chart building.
>

Tags: anline, available software, BSD, building, capability, Chart, check, completion, demo, Desktop, doesn, Drawing GANTT Charts and Project Management on Linux, duration, GANTT, gantt chart, gantt charts, Gnome, jobs, Juggler, Linux, linux microsoft, look, Microsoft, Microsoft Project, microsoft project software, mpp, mpp format, online, option, page doesn, PHProjekt, piece, project, project management, project mpp, Project Plan, project timeline, software, software website, Spirit, substitute, support, time, trac, type, unix
Posted in Business Management, Curious Facts, Everyday Life, Linux | 1 Comment »

Thursday, July 14th, 2016

If you're using Mozilla Firefox browser to browse the Web with Traffic Tunneling via SSH Tunnel to your own Linux server like I do in order to prevent yourself traffic to be sniffed from your Work corporate computer (as most of the corporations such as IBM / Hewlett Packard / Concentrix etc. are forcing all employee PC traffic to be to be transported via default set Windows Corporate Proxy active for all browsers.

Then you will certainly also want to prevent the DNS requests to be not logged somewhere in your Corporate IT department thus the question arises:

How to force DNS requests to be made through the Proxy server (SSH host)?

Nomatter where you're using Firefox browser with advanced proxying plugin such as FoxyProxy FF add-on or the default Proxy FF features the DNS lookups might end up in Corporate set DNS servers often forced for the computer / notebook and impossible to be changed to a custom ones as many of the Corporation internal Sharepoints and domains are only visible from their internal networks.

Thanksfully in newer versions there is an easy way to do it directly from Visual menus via:

Tools -> Options -> Advanced -> Network -> Settings

You will get a screen like below:

firefox-use-proxy-remote-dns-howto-screenshot

Just tick the Remote DNS and that will force Firefox to query remote Proxy server proxy DNS

If you happen to be running older Firefox which doesn't have the Remote DNS tick you can also try to set the setting manually:

In firefox type this in your address bar:

about:config
Click I'll be careful I promise.
In the filter textbox, type: proxy
Find the preference name called *network.proxy.socks_remote_dns*. Double click it to set it to true.

network-proxy-socks-remote_dns-firefox-screenshot

Enjoy ! 🙂

Tags: Corporation, DNS, How to, Linux, mozilla firefox, running, setting, tick, type, Windows Corporate Proxy
Posted in Curious Facts, Everyday Life, Firefox, Various, Windows | No Comments »

How to show country flag, web browser type and Operating System in WordPress Comments

Wednesday, February 15th, 2012

!!! IMPORTANT UPDATE COMMENT INFO DETECTOR IS NO LONGER SUPPORTED (IS OBSOLETE) AND THE COUNTRY FLAGS AND OPERATING SYSTEM WILL BE NOT SHOWING INSTEAD,

!!!! TO MAKE THE COUNTRY FLAGS AND OS WP FUNCTIONALITY WORK AGAIN YOU WILL NEED TO INSTALL WP-USERAGENT !!!

I've come across a nice WordPress plugin that displays country flag, operating system and web browser used in each of posted comments blog comments.
Its really nice plugin, since it adds some transperancy and colorfulness to each of blog comments 😉
here is a screenshot of my blog with Comments Info Detector "in action":

Comments Info Detector as of time of writting is at stable ver 1.0.5.
The plugin installation and configuration is very easy as with most other WP plugins. To install the plugin;

1. Download and unzip Comments Info Detector

linux:/var/www/blog:# cd wp-content/plugins linux:/var/www/blog/wp-content/plugins:# wget http://downloads.wordpress.org/plugin/comment-info-detector.zip ... linux:/var/www/blog/wp-content/plugins:# unzip comment-info-detector.zip ...

Just for the sake of preservation of history, I've made a mirror of comments-info-detector 1.0.5 wp plugin for download here
2. Activate Comment-Info-Detector

To enable the plugin Navigate to;
Plugins -> Inactive -> Comment Info Detector (Activate)

After having enabled the plugin as a last 3rd step it has to be configured.

3. Configure comment-info-detector wp plugin

By default the plugin is disabled. To change it to enabled (configure it) by navigating to:

Settings -> Comments Info Detector

Next a a page will appear with variout fields and web forms, where stuff can be changed. Here almost all of it should be left as it is the only change should be in the drop down menus near the end of the page:

Display Country Flags Automatically (Change No to Yes) Display Web Browsers and OS Automatically (Change No to Yes

After the two menus are set to "Yes" and pressing on Save Changes the plugin is enabled it will immediately start showing information inside each comment the GeoIP country location flag of the person who commented as well as OS type and Web Browser 🙂

Tags: action, Auto, blog, Browsers, change, Comment, Comments, configured, country flag, country location, Detector, Display, downloads, Draft, drop, drop down menus, flag web, How to, Inactive, information, installation, Linux, location, mirror, operating system, os type, page, person, plugin, plugin installation, quot, sake, Save Changes, screenshot, show, Stable, time, transperancy, type, unzip, web browser type, web browsers, web forms, wget, Wordpress, Wordpress Comments, writting, www, zip linux
Posted in Web and CMS, Wordpress | 1 Comment »

Tip: Quick Note taking on GNU / Linux and FreeBSD from terminal or console

Tuesday, May 8th, 2012

I believe, the quickest way to take notes on Linux and BSD and later view the notes is to use the command line.
A very easy simple way to keep record of various short notes is just to use a simple text editor like (vim) and store each note in a separate file in lets say ~/notes/ directory.
Actually, I'm using this way to take notes and store sensitive info for various important information I need for further reference, since 5 years or so..
Opening a new text editor for each note and then doing cd ~/notes/; ls |grep -i 'string' is a bit time consuming.
Fortunately there is a quick two shell functions hack that shortens time for note taking. The following two bash functions has to be added in ~/.bashrc:

n() { vim ~/notes/"$*".txt } nls() { ls -c ~/notes/ | grep "$1" }

Copy / Paste this two functions in the beginning or the end of ~/.bashrc in order to use them.

Also if ~/notes directory is not existing, yet create it:

hipo@noah:~$ mkdir notes

To make the two new input functions active across opened bash shells on console or terminal either re-login or reread the .bashrc by "sourcing it", e.g.

hipo@noah:~$ source ~/.bashrc

Afterwards, note taking becomes a piece of cake to store a new note with login credentials (user/password) for a new registration to a random named website, type something like:

hipo@noah:~$ n my_website_name-user-pass

This will open for editting ~/.notes/my_website_name-user-pass.txt, type the new desired note content and do save and exit from vim (press esc and type :x!.

Then to get a quick list of all previously stored notes use:

hipo@noah:~$ nls website my_website_name-user-pass.txt

If you already have a directory containing subdirectories with various taken notes (like me), you will need to use an improved version nls written by Jason Ryan, the nls improved is like this:

nls () { tree -CR --noreport ~/notes | awk '{ if ((NR >) gsub(/.txt/,"")); if (NF==1) print $1; else if (NF==2) print $2; else if (NF==3) printf " %s\n", $3}'; }

This two functions, were not my creation but was suggested in Linux Magazine issue 135 article entitled Command-line task managers and note-taking tools written by Dmitri Popov.

Hope this two functions, will be helpful to console geeks out there.

Tags: Auto, BSD, cake, consuming, copy paste, cr, Draft, file, freebsd, gnu linux, hack, hipo, important information, info, information, input functions, jason ryan, Linux, login, login credentials, mkdir, need, nls, noah, opening, password, piece, piece of cake, sensitive info, Shell, shell functions, shells, something, store, subdirectories, terminal, text, time, time consuming, Tip Quick Note, txtIf, type, use, vim, websitemy
Posted in Curious Facts, Linux, System Administration, vim editor | 2 Comments »

How to mount NFS network filesystem to remote server via /etc/fstab on Linux

Friday, January 29th, 2016

mount-nfs-in-linux-via--etc-fstab-howto-mount-remote-partitions-from-application-server-to-storage-server
If you have a server topology part of a project where 3 (A, B, C) servers need to be used to deliver a service (one with application server such as Jboss / Tomcat / Apache, second just as a Storage Server holding a dozens of LVM-ed SSD hard drives and an Oracle database backend to provide data about the project) and you need to access server A (application server) to server B (the Storage "monster") one common solution is to use NFS (Network FileSystem) Mount.
NFS mount is considered already a bit of obsoleted technology as it is generally considered unsecre, however if SSHFS mount is not required due to initial design decision or because both servers A and B are staying in a serious firewalled (DMZ) dedicated networ then NTS should be a good choice.
Of course to use NFS mount should always be a carefully selected Environment Architect decision so remote NFS mount, imply that both servers are connected via a high-speed gigabyte network, e.g. network performance is calculated to be enough for application A <-> to network storage B two sides communication not to cause delays for systems end Users.

To test whether the NFS server B mount is possible on the application server A, type something like:

mount -t nfs -o soft,timeo=900,retrans=3,vers=3, proto=tcp remotenfsserver-host:/home/nfs-mount-data /mnt/nfs-mount-point

If the mount is fine to make the mount permanent on application server host A (in case of server reboot), add to /etc/fstab end of file, following:

1.2.3.4:/application/local-application-dir-to-mount /application/remote-application-dir-to-mount nfs rw,bg,nolock,vers=3,tcp,timeo=600,rsize=32768,wsize=32768,hard,intr 1 2

If the NTFS server has a hostname you can also type hostname instead of above example sample IP 1.2.3.4, this is however not recommended as this might cause in case of DNS or Domain problems.
If you want to mount with hostname (in case if storage server IP is being commonly changed due to auto-selection from a DHCP server):

server-hostA:/application/local-application-dir-to-mount /application/remote-application-dir-to-mount nfs rw,bg,nolock,vers=3,tcp,timeo=600,rsize=32768,wsize=32768,hard,intr 1 2

In above example you need to have the /application/local-application-dir-to-mount (dir where remote NFS folder will be mounted on server A) as well as the /application/remote-application-dir-to-mount
Also on server Storage B server, you have to have running NFS server with firewall accessibility from server A working.

The timeou=600 (is defined in) order to make the timeout for remote NFS accessibility 1 hour in order to escape mount failures if there is some minutes network failure between server A and server B, the rsize and wsize
should be fine tuned according to the files that are being red from remote NFS server and the network speed between the two in the example are due to environment architecture (e.g. to reflect the type of files that are being transferred by the 2)
and the remote NFS server running version and the Linux kernel versions, these settings are for Linux kernel branch 2.6.18.x which as of time of writting this article is obsolete, so if you want to use the settings check for your kernel version and
NTFS and google and experiment.

Anyways, if you're not sure about wsize and and rise, its perfectly safe to omit these 2 values if you're not familiar to it.

To finally check the NFS mount is fine, grep it:

# mount|grep -i nfs
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
server-hostA:/application/remote-application-dir-to-mount on /application/remote-application-dir-to-mount type nfs (rw,bg,nolock,nfsvers=3,tcp,timeo=600,rsize=32768,wsize=32768,hard,intr,addr=1.2.3.4)

That's all enjoy 🙂

Tags: application, case, due, example, filesystem, fine, hostname, How to, kernel version, NFS, remote server, tcp, type
Posted in Curious Facts, Linux, Networking, Remote System Administration, System Administration, Various, Web and CMS | No Comments »

Windows add / delete services command sc.exe create/delete – Create or Delete services

Thursday, April 9th, 2015

sc-exe-command-line-program-to-create-delete--service-start-stop-service-on-ms-windows
If you end up in situation where you need to delete or create services from current existing ones with a batch script because it is existing on multiple servers and you want to automate / deploy it via batch (.bat) script you will have to use sc.exe tool – Service Controller Command Tool

SC.EXE command is standard windows console tool to create and delete services. If you want to create a new service, you can use the "create" parameter.

1. Deleting Service with Windows Service Controller Tool

Deleting service is very easy to do you just have to know the service you like to remove not to be listed or Automatically start

sc delete SERVICE_NAME_TO_BE_REMOVED

Below is a real time example on how to remove Apache webserver configured to auto-start

sc.exe delete ApacheService

[SC] DeleteService SUCCESS

2. Create / Add service to existing to auto start on Windows

Before running sc.exe create command with arguments for service you will need to know following info:

What will be the Service Name: A single word to name the new service.
Full Binary Path: The path name where the executable program for new service is currently located.
Dispaly Name for service: A short name for the new service.

C:\Windows>sc.exe create ApacheService
binPath= "C:\local\apache\bin\httpd.exe -k runservice"
DisplayName= "Apache Server"

[SC] CreateService SUCCESS

Once service is added to be showing in services.msc GUI you can start the newly added Apache service with:

C:\Windows>sc.exe start ApacheService

SERVICE_NAME: ApacheService
TYPE : 10 WIN32_OWN_PROCESS
STATE : 2 START_PENDING
(NOT_STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x2
WAIT_HINT : 0x7530
PID : 2552
FLAGS :

To stop the ApacheService or any other service:

C:\Windows>sc.exe stop ApacheService

SERVICE_NAME: ApacheService
TYPE : 10 WIN32_OWN_PROCESS
STATE : 3 STOP_PENDING
(NOT_STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x4
WAIT_HINT : 0x7530

To get the status of a running service lets say the recently ran ApacheService:

C:\Windows>sc.exe query ApacheService

SERVICE_NAME: ApacheService
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

As you see from above output the STATE of service is RUNNING. If Apache Webserver was not running you will get an error like:

[SC] EnumQueryServicesStatus:OpenService FAILED 1060:
The specified service does not exist as an installed service.

Enjoy sc-ing 🙂

Tags: CHECKPOINT, Delete, exe, Full Binary Path, running, script, Service Name, state, type, use
Posted in Various, Web and CMS, Windows | No Comments »

How to work around STARTTLS Qmail Thunderbird / Outlook mail sending (error) issues

Wednesday, October 26th, 2011

work-around-starttls-qmail-thunderbird-outlook-mail-sending-error-message

After configuring a new Qmail+POP3+IMAP with vpopmail install based on Thibs QmailRocks I faced some issues with configuring mail accounts in Mozilla Thunderbird. The problem is also present in Microsoft Outlook Express as some colleagues working on Windows reported they can't configure there email accounts in Outlook either.

The issue was like this, the mail server is running fine, and I can send without issues directly from the server shell with mail command, however in Thunderbird I could only fetch the messages via POP3 or IMAP, whever I give a try to send one I got the error:

Sending of Message Failed The message could not be sent using SMTP server for an unknown reason. Please verify that SMTP server settings are correct and try again, or contact your network administrator

Here is a screenshot preseting the issue, taken from my Thunderbird:

Message sending Qmail STARTTLS failed unknown reason

The reason for this error is an automatic setting that is being configured in Thunderbird in New Account Creation time:
Thunderbird queries the mail server and asks for the type of encryptions available for both POP3 and SMTP MX primary host.
Seeing that it supports STARTTLS data transfer encryption mail protocol for both POP3 / IMAP, Thunderbirds auto configuration does place STARTTLS to be used with SMTP and POP3

The incorrect setting which is being automatically filled in can be checked in following these Thunderbird menus:

Edit -> Account Settings -> Outgoing Server (SMTP)

If the configured mail account MX server is let's say mail.exampledomain.com one needs to Edit the settings for this SMTP auto configured domains and he will see some example settings like the one shown in the below screenshot:

SMTP Server Outgoing Server incorrect settings STARTTLS reason / problem

You can see from above's screenshot that the auto configured Connection Security setting is improperly set to: STARTTLS. Usually STARTTLS should be working on SMTP port 25, however it seems the problem consists in the fact that the MAIL FROM and RCPT TO is sent in incorrec time (ain't sure if its before or after the encryption).

Therefore the consequence of this failure to use STARTTLS being detected as the correct encryption type for SMTP lead that the new configured mail server clients were unable tot properly connect and send emails via the SMTP listening server on port 25.

I give a try and changing the Connection Security:STARTTLS to Connection SecuritySSL/TLS immediately resolved the SMTP sending issues. Therefore as I found out the SMTP server is working just fine configured to use my QMAIL on port 465 with Connection Security: SSL/TLS and hence to work around the SMTP sending issues, decided to completely disable the STARTTLS encryption to be reported as a supported encryption by qmail-smtpd

On Thibs QmailRocks and some other Qmail installstions based more or less on qmail.jms1.net service damemontools scripts, this can be done by simply changing a line:

DENY_TLS=0

DENY_TLS=1

The qmail start up scripts which these change has to be done if one has configured a mail server based on QmailRocks Thibs updated tutorial are:

1. /service/qmail-smtpd
2. /service/qmail-smtpdssl
A quick way to do the DENY_TLS=0 to DENY_TLS=1 changes via sed is like this:

qmail# sed -e 's#DENY_TLS=0#DENY_TLS=1#g' /service/qmail-smtpd/run >> /tmp/qmail-smtpd-run;qmail# sed -e 's#DENY_TLS=0#DENY_TLS=1#g' /service/qmail-smtpdssl/run >> /tmp/qmail-smtpdssl-run;qmail# mv /tmp/qmail-smtpd-run /service/qmail-smtpd/run qmail# mv /tmp/qmail-smtpdssl-run /service/qmail-smtpdssl/run

After the correct modifications, of course as usual a qmail restart is required, e.g.:

qmail# qmailctl restart ...

Making this changes, irradicated the sending issues. It's best practice that the account which had issues with sending before is deleted and recreated from scratch.
Hope this helps somebody out there who encounters the same issue. Cheers 😉

Tags: account creation, account settings, administratorHere, anunknown, auto configuration, com, configure, configured, connection security, creation time, email accounts, encryption, Express, host, How to, inco, issue, mail account, mail accounts, mail command, mail protocol, mail server, Microsoft, microsoft outlook express, Mozilla, mozilla thunderbird, mx server, network administrator, Outgoing, outgoing server, outlook, outlook mail, place, pop, Qmail, QmailRocks, reason, screenshot, Sending, server settings, server smtp, Shell, smtp, smtp port 25, starttls, thunderbirds, time, TLS, tmp, type, working
Posted in FreeBSD, Linux, Qmail, System Administration, Various, Web and CMS | 5 Comments »

How to install VirtualBox Virtual Machine to run Windows XP on Ubuntu Linux (11.10)

Tuesday, January 17th, 2012

My beloved sister was complaining games were failing to properly be played with wine emulator , therefore I decided to be kind and help her by installing a Windows XP to run inside a Virtual Machine.My previous install experiments with running MS Windows XP on Linux was on Debian using QEMU virtualmachine emulator.
However as Qemu is a bit less interactive and slower virtualmachine for running Windows (though I prefer it for being completely free software), this time I decided to install the Windows OS with Virtualbox.

My hope was using VirtualBox would be a way easier but I was wrong… I've faced few troubles and I thought many people who initially try to install Virtualbox VM to run Windows on Ubuntu and other Debian based Linux distros will probably experience the same problems as mine, so here is how this article was born.

Here is what I did to have a VirtualBox OS emulator to run Windows XP SP2 on Ubuntu 11.10 Linux

1. Install Virtualbox required packages with apt

root@ubuntu:~# apt-get install virtualbox virtualbox-dkms virtualbox-guest-dkms root@ubuntu:~# apt-get install virtualbox-ose-dkms virtualbox-guest-utils virtualbox-guest-x11 ...

If you prefer more GUI or lazy to type commands, the Software Package Manager can also be used to straight install the same packages.
virtualbox-dkms virtualbox-guest-dkms packages are the two which are absolutely necessery in order to enable VirtualBox to support installing Microsoft Windows XP. DKMS modules are also necessery to be able to emulate some other proprietary (non-free) operating systems.
The DKMS packages provide a source for building Vbox guest (OS) additional kernel modules. They also require the kernel source to be install otherwise they fail to compile.

Failing to build the DKMS modules will give you error every time you try to create new VirtualMachine container for installing a fresh Windows XP.
The error happens if the two packages do not properly build the vboxdrv extra Vbox kernel module while the Windows XP installer is loaded from a CD or ISO. The error to pop up is:

Kernel driver not installed (rc=-1908)

The VirtualBox Linux kernel driver (vboxdrv) is either not loaded or there is a permission problem with /dev/vboxdrv. Please reinstall the kernel module by executing

To fix the error:

2. Install latest Kernel source that corresponds to your current kernel version

root@ubuntu:~# apt-get install linux-headers-`uname -r` ...

Next its necessery to rebuild the DKMS modules using dpkg-reconfigure:

3. Rebuild VirtualBox DKMS deb packages

root@ubuntu:~# dpkg-reconfigure virtualbox-dkms ... root@ubuntu:~# dpkg-reconfigure virtualbox-guest-dkms ... root@ubuntu:~# dpkg-reconfigure virtualbox-ose-dkms ...

Hopefully the copilation of vboxdrv kernel module should complete succesfully.
To test if all is fine just load the module:

4. Load vboxdrv virtualbox kernel module

root@ubuntu:~# modprobe vboxdrv root@ubuntu:~#

If you get some error during loading, this means vboxdrv failed to properly compile, try read thoroughfully what the error is and fix it) ;).

As a next step the vboxdrv has to be set to load on every system boot.

5. Set vboxdrv to load on every Ubuntu boot

root@ubuntu:~# echo 'vboxdrv' >> /etc/modules

I am not sure if this step is required, it could be /etc/init.d/virtualbox init script automatically loads the module, anyways putting it to load on boot would do no harm, so better do it.

That's all now, you can launch VirtualBox and use the New button to initiate a new Virtual Machine, I will skip explaining how to do the configurations for a Windows XP as most of the configurations offered by default would simply work without any tampering.

After booting the Windows XP installer I simply followed the usual steps to install Windows and all went smoothly.
Below you see a screenshot showing the installed Windows XP Virtualbox saved VM session. The screenshot letters are in Bulgarian as my sisters default lanaguage for Ubuntu is bulgarian 😉

I hope this article helps someone out there. Please drop me a comment if you experience any troubles with it. Cya 🙂

Tags: Auto, beloved sister, DKMS, Draft, Failing, free operating systems, guest os, How to, init, init script, Install, ISO, kernel modules, kernel source, Linux, loading, Microsoft, microsoft windows, ms windows, necessery, Permission, qemu, root, screenshot, Set, software, software package, system boot, time, type, Ubuntu, uname, vbox, Virtual, virtual machine, VirtualBox, virtualmachine, vm, Windows, windows os, windows xp, windows xp sp2, wine, x11
Posted in Linux, Linux and FreeBSD Desktop, Linux Audio & Video | 1 Comment »

Resolving “nf_conntrack: table full, dropping packet.” flood message in dmesg Linux kernel log

Wednesday, March 28th, 2012

nf_conntrack_table_full_dropping_packet
On many busy servers, you might encounter in /var/log/syslog or dmesg kernel log messages like

nf_conntrack: table full, dropping packet

to appear repeatingly:

[1737157.057528] nf_conntrack: table full, dropping packet. [1737157.160357] nf_conntrack: table full, dropping packet. [1737157.260534] nf_conntrack: table full, dropping packet. [1737157.361837] nf_conntrack: table full, dropping packet. [1737157.462305] nf_conntrack: table full, dropping packet. [1737157.564270] nf_conntrack: table full, dropping packet. [1737157.666836] nf_conntrack: table full, dropping packet. [1737157.767348] nf_conntrack: table full, dropping packet. [1737157.868338] nf_conntrack: table full, dropping packet. [1737157.969828] nf_conntrack: table full, dropping packet. [1737157.969928] nf_conntrack: table full, dropping packet [1737157.989828] nf_conntrack: table full, dropping packet [1737162.214084] __ratelimit: 83 callbacks suppressed

There are two type of servers, I've encountered this message on:

1. Xen OpenVZ / VPS (Virtual Private Servers)
2. ISPs – Internet Providers with heavy traffic NAT network routers

I. What is the meaning of nf_conntrack: table full dropping packet error message

In short, this message is received because the nf_conntrack kernel maximum number assigned value gets reached.
The common reason for that is a heavy traffic passing by the server or very often a DoS or DDoS (Distributed Denial of Service) attack. Sometimes encountering the err is a result of a bad server planning (incorrect data about expected traffic load by a company/companeis) or simply a sys admin error…

– Checking the current maximum nf_conntrack value assigned on host:

linux:~# cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max 65536

– Alternative way to check the current kernel values for nf_conntrack is through:

linux:~# /sbin/sysctl -a|grep -i nf_conntrack_max error: permission denied on key 'net.ipv4.route.flush' net.netfilter.nf_conntrack_max = 65536 error: permission denied on key 'net.ipv6.route.flush' net.nf_conntrack_max = 65536

– Check the current sysctl nf_conntrack active connections

To check present connection tracking opened on a system:

linux:~# /sbin/sysctl net.netfilter.nf_conntrack_count net.netfilter.nf_conntrack_count = 12742

The shown connections are assigned dynamicly on each new succesful TCP / IP NAT-ted connection. Btw, on a systems that work normally without the dmesg log being flooded with the message, the output of lsmod is:

linux:~# /sbin/lsmod | egrep 'ip_tables|conntrack' ip_tables 9899 1 iptable_filter x_tables 14175 1 ip_tables

On servers which are encountering nf_conntrack: table full, dropping packet error, you can see, when issuing lsmod, extra modules related to nf_conntrack are shown as loaded:

linux:~# /sbin/lsmod | egrep 'ip_tables|conntrack' nf_conntrack_ipv4 10346 3 iptable_nat,nf_nat nf_conntrack 60975 4 ipt_MASQUERADE,iptable_nat,nf_nat,nf_conntrack_ipv4 nf_defrag_ipv4 1073 1 nf_conntrack_ipv4 ip_tables 9899 2 iptable_nat,iptable_filter x_tables 14175 3 ipt_MASQUERADE,iptable_nat,ip_tables

II. Remove completely nf_conntrack support if it is not really necessery

It is a good practice to limit or try to omit completely use of any iptables NAT rules to prevent yourself from ending with flooding your kernel log with the messages and respectively stop your system from dropping connections.

Another option is to completely remove any modules related to nf_conntrack, iptables_nat and nf_nat.
To remove nf_conntrack support from the Linux kernel, if for instance the system is not used for Network Address Translation use:

/sbin/rmmod iptable_nat /sbin/rmmod ipt_MASQUERADE /sbin/rmmod rmmod nf_nat /sbin/rmmod rmmod nf_conntrack_ipv4 /sbin/rmmod nf_conntrack /sbin/rmmod nf_defrag_ipv4

Once the modules are removed, be sure to not use iptables -t nat .. rules. Even attempt to list, if there are any NAT related rules with iptables -t nat -L -n will force the kernel to load the nf_conntrack modules again.

Btw nf_conntrack: table full, dropping packet. message is observable across all GNU / Linux distributions, so this is not some kind of local distribution bug or Linux kernel (distro) customization.

III. Fixing the nf_conntrack … dropping packets error

– One temporary, fix if you need to keep your iptables NAT rules is:

linux:~# sysctl -w net.netfilter.nf_conntrack_max=131072

I say temporary, because raising the nf_conntrack_max doesn't guarantee, things will get smoothly from now on.
However on many not so heavily traffic loaded servers just raising the net.netfilter.nf_conntrack_max=131072 to a high enough value will be enough to resolve the hassle.

– Increasing the size of nf_conntrack hash-table

The Hash table hashsize value, which stores lists of conntrack-entries should be increased propertionally, whenever net.netfilter.nf_conntrack_max is raised.

linux:~# echo 32768 > /sys/module/nf_conntrack/parameters/hashsize
The rule to calculate the right value to set is:
hashsize = nf_conntrack_max / 4

– To permanently store the made changes ;a) put into /etc/sysctl.conf:

linux:~# echo 'net.netfilter.nf_conntrack_count = 131072' >> /etc/sysctl.conf linux:~# /sbin/sysct -p

b) put in /etc/rc.local (before the exit 0 line):

echo 32768 > /sys/module/nf_conntrack/parameters/hashsize

Note: Be careful with this variable, according to my experience raising it to too high value (especially on XEN patched kernels) could freeze the system.
Also raising the value to a too high number can freeze a regular Linux server running on old hardware.

– For the diagnosis of nf_conntrack stuff there is ;

/proc/sys/net/netfilter kernel memory stored directory. There you can find some values dynamically stored which gives info concerning nf_conntrack operations in "real time":

linux:~# cd /proc/sys/net/netfilter linux:/proc/sys/net/netfilter# ls -al nf_log/ total 0 dr-xr-xr-x 0 root root 0 Mar 23 23:02 ./ dr-xr-xr-x 0 root root 0 Mar 23 23:02 ../ -rw-r--r-- 1 root root 0 Mar 23 23:02 0 -rw-r--r-- 1 root root 0 Mar 23 23:02 1 -rw-r--r-- 1 root root 0 Mar 23 23:02 10 -rw-r--r-- 1 root root 0 Mar 23 23:02 11 -rw-r--r-- 1 root root 0 Mar 23 23:02 12 -rw-r--r-- 1 root root 0 Mar 23 23:02 2 -rw-r--r-- 1 root root 0 Mar 23 23:02 3 -rw-r--r-- 1 root root 0 Mar 23 23:02 4 -rw-r--r-- 1 root root 0 Mar 23 23:02 5 -rw-r--r-- 1 root root 0 Mar 23 23:02 6 -rw-r--r-- 1 root root 0 Mar 23 23:02 7 -rw-r--r-- 1 root root 0 Mar 23 23:02 8 -rw-r--r-- 1 root root 0 Mar 23 23:02 9

IV. Decreasing other nf_conntrack NAT time-out values to prevent server against DoS attacks

Generally, the default value for nf_conntrack_* time-outs are (unnecessery) large.
Therefore, for large flows of traffic even if you increase nf_conntrack_max, still shorty you can get a nf_conntrack overflow table resulting in dropping server connections. To make this not happen, check and decrease the other nf_conntrack timeout connection tracking values:

linux:~# sysctl -a | grep conntrack | grep timeout net.netfilter.nf_conntrack_generic_timeout = 600 net.netfilter.nf_conntrack_tcp_timeout_syn_sent = 120 net.netfilter.nf_conntrack_tcp_timeout_syn_recv = 60 net.netfilter.nf_conntrack_tcp_timeout_established = 432000 net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 120 net.netfilter.nf_conntrack_tcp_timeout_close_wait = 60 net.netfilter.nf_conntrack_tcp_timeout_last_ack = 30 net.netfilter.nf_conntrack_tcp_timeout_time_wait = 120 net.netfilter.nf_conntrack_tcp_timeout_close = 10 net.netfilter.nf_conntrack_tcp_timeout_max_retrans = 300 net.netfilter.nf_conntrack_tcp_timeout_unacknowledged = 300 net.netfilter.nf_conntrack_udp_timeout = 30 net.netfilter.nf_conntrack_udp_timeout_stream = 180 net.netfilter.nf_conntrack_icmp_timeout = 30 net.netfilter.nf_conntrack_events_retry_timeout = 15 net.ipv4.netfilter.ip_conntrack_generic_timeout = 600 net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_sent = 120 net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_sent2 = 120 net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_recv = 60 net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 432000 net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait = 120 net.ipv4.netfilter.ip_conntrack_tcp_timeout_close_wait = 60 net.ipv4.netfilter.ip_conntrack_tcp_timeout_last_ack = 30 net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait = 120 net.ipv4.netfilter.ip_conntrack_tcp_timeout_close = 10 net.ipv4.netfilter.ip_conntrack_tcp_timeout_max_retrans = 300 net.ipv4.netfilter.ip_conntrack_udp_timeout = 30 net.ipv4.netfilter.ip_conntrack_udp_timeout_stream = 180 net.ipv4.netfilter.ip_conntrack_icmp_timeout = 30

All the timeouts are in seconds. net.netfilter.nf_conntrack_generic_timeout as you see is quite high – 600 secs = (10 minutes).
This kind of value means any NAT-ted connection not responding can stay hanging for 10 minutes!

The value net.netfilter.nf_conntrack_tcp_timeout_established = 432000 is quite high too (5 days!)
If this values, are not lowered the server will be an easy target for anyone who would like to flood it with excessive connections, once this happens the server will quick reach even the raised up value for net.nf_conntrack_max and the initial connection dropping will re-occur again …

With all said, to prevent the server from malicious users, situated behind the NAT plaguing you with Denial of Service attacks:

Lower net.ipv4.netfilter.ip_conntrack_generic_timeout to 60 – 120 seconds and net.ipv4.netfilter.ip_conntrack_tcp_timeout_established to stmh. like 54000

linux:~# sysctl -w net.ipv4.netfilter.ip_conntrack_generic_timeout = 120 linux:~# sysctl -w net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 54000

This timeout should work fine on the router without creating interruptions for regular NAT users. After changing the values and monitoring for at least few days make the changes permanent by adding them to /etc/sysctl.conf

linux:~# echo 'net.ipv4.netfilter.ip_conntrack_generic_timeout = 120' >> /etc/sysctl.conf linux:~# echo 'net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 54000' >> /etc/sysctl.conf

Tags: Auto, callbacks, connection, conntrack, count, DDoS, denial of service, denial of service attack, dmesg, Draft, error message, flood, heavy traffic, host, host linux, instance, internet providers, ipt, ipv, ipv4, ISPs, kernel, Linux, linux cd, linux kernel, log, log messages, Mar, maximum number, message, nat network, nbsp, necessery, network routers, option, packet, quot, ratelimit, Resolving, root, root root, sbin, servers, support, syslog, TABLE, time, traffic load, Translation, type, value, var, virtual private servers, wait, work, xen
Posted in Computer Security, Linux, Networking, System Administration, Virtual Machines | 10 Comments »

☩ Walking in Light with Christ – Faith, Computing, Diary

Posts Tagged ‘type’

Skype remove word completion / Howto Disable spellcheck autocorrect on Mac OS X, Android Phones Tablets and IPhone iOS

Windows add / delete services command sc.exe create/delete – Create or Delete services

Daily Bible quote

GET ARTICLE UPDATES

Useful blog? Help it:

Links to Other Places

Recent Posts

Ads

Categories

About Myself

Recent Comments

Top Post Views

blogtopsites