Archive for the ‘FreeBSD’ Category

free swedish number portability look up service

When Sweden implemented number portability for mobiles (MNP – Mobile Number Portability) and fixed lines there where some people who stated that this information should be published in DNS or a DNS like system so it would be cheap and available for everyone to use. Naturally the telcos wanted to do it the way they always did things. With a centralized fat solution.

So Sweden ended up with a Oracle based central database (CRDB) solution system implemented by Cap Gemini and Oracle. This system is now run by SNPAC AB (Owned by Swedens large telcos) who charges approx. 19200 Euros to connect and 14400 Euros per year. Which really is out of the reach for small scale actors on the market or hobbyists running an Asterisk pbx that would like to do choose the cheapest route to place a call.

The other day the Swedish PTS (The Swedish Post and Telecom Agency) launched a web page where you could check which operator was terminating which number. So i decided to go ahead and implement a DNS based look up method.

First a little rant about their service. Well it is nice that they offer different interfaces, today they support SOAP 1.1, SOAP 1.2, HTTP GET and HTTP POST. But why should the end user have to care about dividing the into NDC and SN?  (NDC – National Destination Code and SN – Subscriber Number) after all the PTS is authorative of the NDC’s so why couldn’t they split the number for us? And why not a whole MSISDN (Mobile Subscriber Integrated Services Digital Network Number) or why not a whole E.164 number? Or what about actually implementing a ENUM (E.164 NUmber Mapping) look up?

Ok enough rant. I had a couple of hours over so i sat down with a FreeBSD box and pwerdns and started to code. So now i (and the rest of the world) can do the following lookups with their favorite DNS tool:

% dig 733441006.tel.arnold.se TXT

% dig 6.0.0.1.4.4.3.3.7.0.6.4.tel.arnold.se TXT

The result is a string containing the name of the operator handling the number. (I have included a full output below) Not the best reply to do automatic call routing but good enough as a proof of concept implementation of bridging DNS and MNP database. Right now i’m implementing a ENUM type so you could automatically integrate this into your Asterisk PBX and choose the best outgoing line for your calls. Since operators often have “Call free within our network” deals this would be a great tool for low cost routing of your phone calls.

But before starting to implementing stuff using this a couple of notes:

  • This is an experiment.
  • I have not fully tuned caching and performance yet.
  • I currently only support the follwing NDC’s: 8, 31, 40, 70, 72, 73, 76 (Swedens 3 biggest cities and the GSM and 3G networks) More NDC’s will follow when i have found a machine readable list so i don’t have to type them all in…

So a couple questions to you reading this:

  • Would you like this as a permanent service?
  • Any other useful stuff you want to look up over DNS?
  • Which information would you like returned in the  ENUM? (I’m especially interested in the needs of non Asterisk users.)

Please give me some feedback below and i will try to take your ideas into consideration.

A full example of a search using dig:

% dig 733441006.tel.arnold.se. txt
; <<>> DiG 9.6.1-P2 <<>> 733441006.tel.arnold.se. txt

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57824

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:

;733441006.tel.arnold.se. IN TXT
;; ANSWER SECTION:

733441006.tel.arnold.se. 3600 IN TXT “Telenor Sverige AB”

;; Query time: 39 msec

;; SERVER: 213.136.34.15#53(213.136.34.15)

;; WHEN: Sat Aug 20 13:44:06 2011

;; MSG SIZE  rcvd: 72

 

How to run a bitcoin generator on FreeBSD

 

After all this bitcoin hype lately and the fact that most clients are made for Linux, no wonder that i have seen several requests on how to run a bitcoin generator under FreeBSD. I’m still not convinced that bitcoins are more than a pyramid scheme, but i decided to check things out and it actually nowdays is quite easy to get a miner running on FreeBSD.

Well get a basic bitcoin generator and wallet running is quite easy:

First upgrade ports (The bitcoind port was recently updated), and then install bitcoind.

# portsnap fetch update

# cd /usr/port/net-p2p/bitcoind

# make install

When the config screen you have a option to enable the GUI or not. Since the port only installs bitcion (The command with GUI) or bitcoind (The command without GUI) you will have to decide which is best for you. I clearly prefer the version without GUI so it can be started in /etc/rc.local and run in the background.

When the install is done you have a bitcoin miner and wallet to run. Play a bit with it, but don’t use it!

Why? Well CPU mining is so slow that it will take for ages to get a bitcoin payout. I’m talking about years!

So instead join a mining pool. A mining pool is a service where serveral miners join forces and split the rewards when they mine a block of coins. In this way you will receive a small portion of the payout in proportion to how much you have contributed towards the block. The downside is that bitcon or bitcoind does not support joining bitcoin pools. So lets install another (Actually more efficient) miner. The one i have experimented with is called minerd and unfortunatly there is no port for it.

So this is what you need to do to get it up and running:

Upgrade ports:

# portsnap fetch update

Install jwasm:

# cd /usr/ports/devel/jwasm

# make install

And curl:

# cd /usr/ports/ftp/curl

# make install

Now it is time to download, patch and install minerd:

% wget http://btcmine.com/media/miners/cpuminer-1.0.tar.gz

% tar xvf cpuminer-1.0.tar.gz

% cd cpuminer-1.0

Now some magic to get it running.:

Edit Makefile.in and find the follwing row:

DEFAULT_INCLUDES = -I.@am__isrc@

And change it to:

DEFAULT_INCLUDES = -I.@am__isrc@ -I/usr/local/include

A file missing on FreeBSD is byteswap.h, but since it is just some small static inline functions jsut download it into the current directory:

# wget http://www.arnold.se/byteswap.h

Now we are ready to run configure and compiling the source:

# setennv CFLAGS “-O3 -Wall -msse2”

# ./configure

# make

 

 

This should have gone ok with a couple of warnings. Now we can run the miner with the following command:

% ./minerd –algo 4way –threads 2 –url http://mining.bitcoin.cz:8332 –userpass USER.XXX:PASS

(This example is for running against the bitcoin.cz server at http://mining.bitcoin.cz/ and you will need to register before your work will count towards generating bitcoins.)

And please note the –algo switch, there is several sha256 implementations to choose inbetwen. Do a couple of runs and check wich one is fastest on your machine. Now give it some time and you can start seeing the bit-cents rolling on your mining pools statistics page.

Anything strange? Or any questions or feedback? Please drop a comment here and i’ll try to help you out.

 

oracle to buy sun microsystems

Today Oracle and sun announced that they will be buying Sun Microsystems. And this is big!

Imagine the biggest non opensource database company not only owning their biggest rival MySQL but also a lot of other key internet technologies such as: java, solaris,  netbeans, virtualbox  (virtilisation software) , openoffice (A microsoft office “clone”). Not to mention the great technologies SUN has turned out in the last years, amongst them ZFS. (A totally new way of implementing an in theory unlimited journaling filesystem with end to end check summing on all data, and for many considered the best thing since sliced bread.) But also their own CPU architecture the SPARC and will be producing their own hardware to run all this software on.

I still haven’t decided if i should be scared or happy for the effects this will have on a lot of open source software. Interesting times we are living in!

And i’m not the only one thinking that and it is worrying that Oracles website could not cope with the load, but SUN‘s could.

Content server request failed

Content server request failed

But sun's did handle the load.

But sun's did handle the load.

Some quotes from sun:

Press Release Quotes

“The acquisition of Sun transforms the IT industry, combining best-in-class enterprise software and mission-critical computing systems. Oracle will be the only company that can engineer an integrated system – applications to disk – where all the pieces fit and work together so customers do not have to do it themselves. Our customers benefit as their systems integration costs go down while system performance, reliability and security go up.”

Larry Ellison
CEO
Oracle

“Oracle and Sun have been industry pioneers and close partners for more than 20 years. This combination is a natural evolution of our relationship and will be an industry-defining event.”

Scott McNealy
Chairman of the Board of Directors, Chairman of Sun Federal, Inc.
Sun Microsystems

“This is a fantastic day for Sun’s customers, developers and partners across the globe, joining forces with the global leader in enterprise software to drive innovation and value across every aspect of the technology marketplace. From the Java platform touching nearly every business system on earth, powering billions of consumers on mobile handsets and consumer electronics, to the convergence of storage, networking and computing driven by the Solaris operating system and Sun’s SPARC and x64 systems. Together with Oracle, we’ll drive the innovation pipeline to create compelling value to our customer base and the marketplace.”

Jonathan Schwartz
CEO and President
Sun Microsystems

Even Swedish mainstream media have started to cover the story. For example Svenska Dagbladet and Dagens Nyheter .

the first security related bug in djbdns

As someone put it, hell froze over today.

Daniel Bernstein aka. djb for the first time have paid out the promised 1000$ for the first security related bug in djbdns.

Basically if you have a subdomain (a setup that is discouraged, but supported) in control by a third party that third party can poison your cache to send out wrong answers to dns queries. Details of the bug and how to exploit it can be found here.

But still the first alpha of djbdns was made public 10 years ago and this is the first security bug. (The current version of djbdns was released in February 2001) That is a really good security record, specially considering that a big company like Microsoft can’t even manage 10 months without new security bugs…

So there will be a new version released soon, and djb says there will be a new security guarantee.

Here is the original announcement from Bernstein:

Date: 4 Mar 2009 01:34:21 -0000
From: D. J. Bernstein
To: dns@list.cr.yp.to
Subject: djbdns<=1.05 lets AXFRed subdomains overwrite domains

If the administrator of example.com publishes the example.com DNS data through tinydns and axfrdns, and includes data for sub.example.com transferred from an untrusted third party, then that third party can control cache entries for example.com, not just sub.example.com. This is the result of a bug in djbdns pointed out by Matthew Dempsky. (In short, axfrdns compresses some outgoing DNS packets incorrectly.)

Even though this bug affects very few users, it is a violation of the expected security policy in a reasonable situation, so it is a security hole in djbdns. Third-party DNS service is discouraged in the djbdns documentation but is nevertheless supported. Dempsky is hereby awarded $1000.

The next release of djbdns will be backed by a new security guarantee. In the meantime, if any users are in the situation described above, those users are advised to apply Dempsky’s patch and requested to accept my apologies. The patch is also recommended for other users; it corrects the bug without any side effects. A copy of the patch appears below.

—D. J. Bernstein
Research Professor, Computer Science, University of Illinois at Chicago

— response.c.orig 2009-02-24 21:04:06.000000000 -0800
+++ response.c 2009-02-24 21:04:25.000000000 -0800
@@ -34,7 +34,7 @@
uint16_pack_big(buf,49152 + name_ptr[i]);
return response_addbytes(buf,2);
}
– if (dlen <= 128)
+ if ((dlen <= 128) && (response_len < 16384))
if (name_num < NAMES) {
byte_copy(name[name_num],dlen,d);
name_ptr[name_num] = response_len;

Invalid PHP_SELF Path when upgrading to Cacti 0.8.7b on FreeBSD

When upgrading cacti to the latest version i always get bitten by my browser displaying the error “Invalid PHP_SELF Path” . Recently it happened when upgrading to Cacti 0.8.7b, but it also happened to me when upgrading to cacti-0.8.6j and cacti-0.8.7a. So i thought i better write about it here so you all can find the patch.

The fix is quite simple:

In /usr/local/share/cacti/includes/global.php, comment out (by prepending it with //) line 113 that looks like this:

if (!((is_file($_SERVER["SCRIPT_FILENAME"])) && (substr_count($_SERVER["SCRIPT_FILENAME"], $_SERVER["PHP_SELF"])))) {

And just after that line add this one instead:

if (!((is_file($_SERVER["SCRIPT_FILENAME"])))) {

Thats all you need to do to get your cacti working again.

Debugging mysql on the wire

Earlier today i was struggling with a mysql replication that didn’t work and while banging my head at that problem i realized that maybe i would help to see what the master actually sends to the slave. Well i decided to redo my whole replication setup and see if that would help and it did.

But the idea of actually debugging what was sent on the wire still lurked around in my head so i decided to at least write some thing about it here. just in case someone else would like to do the same thing.

And it’s really easy to do. If you don’t have wireshark, install wireshark like this:

# cd /usr/ports/net/wireshark

# make install

So now when we have the tool here is how to use it for debugging mysql by listening to what actually get transmitted to the server:

# tshark -T text -V -f ‘dst port 3306’ | grep -i Statement: | cut -b25-

Now just lean back and watch the output looking like this:

select address from pools where citypool = ‘sth.globalns.openpeers.net’ \n
select address from pools where citypool = ‘sth.globalns.openpeers.net’\n
select address from pools where citypool = ‘lon.globalns.openpeers.net’ \n
select address from pools where citypool = ‘lon.globalns.openpeers.net’\n
select address from pools where citypool = ‘none.globalns.openpeers.net’ \n
select enabled from site where name = ‘www’ and site = ‘arnold’ and domain =’globalns.openpeers.net’ and enabled = 1\n
select pool from which where nexthop = ‘83.142.224.2’ and enabled = ‘1’\n

But hey! Whats this it looks like i’m sending identical mysql queries!

Thats right while writing this entry i noticed a flaw in my program! That was very easy to code in a better way. So writing this post  helped me to fix a flaw that i didn’t even no existed.

Btw. by using port replication in your switch you can divert all traffic for the sql server to another box analyzing the traffic. Save load on the client or server, or enables you  to debug a multi client setup.

how to speed up downloading ports

Well i guess you all sometime have noticed that the ports system isn’t so smart about which ftp server to start downloading distributions from. Quite often i have noticed that the multi megabyte file i’m downloading comes from japan. Not optimal at all…

Well today Wesley Shields pointed out  on freebsd-ports  that there is a solution to this problem. There is a port under ports-mgmt called fastest_sites that is neat to have. fastest_sites sorts the MASTER_SITE definitions depending on the round-trip time for the tcp-handshake. (ping isn’t really useful since it could be blocked out by firewall rules)

So lets go ahead and install this nice tool:

# cd /usr/ports/ports-mgmt/fastest_sites

# make install

Now you have installed the fastest_sites program, so run it to generate the sorted list of master sites:

# fastest_sites > /usr/local/etc/ports_sites.conf &

This step will take some time, there is a lot of sites to probe… While waiting add the following line to /etc/make.conf:

.include "/usr/local/etc/ports_sites.conf"

Done!

Now each time you install a port make will choose from the list sorted after temporal proximity instead of just guessing randomly.

Quite often this makes a great difference! Especially if you happen to be close to one of the listed master sites.

Naturally master sites come and go, but also the network load and topology might change so run fastest_ports now and then to keep your own database up to date.

The orginal site for this application can be found here at Jodan Sissel’s site semicomplete.

Supercomputer inflation

Today i read on slashdot and other places that Microsoft and Cray are releasing a $25000 HPC 2008 server ready “supercomputer”. Why someone would like to run windows on a supercomputer i can’t tell. But since Cray tends to do sexy machines i decided to look the CX1 up. Well maybe you could call it a little bit sexy, but when you look at the specification of that machine you realize that its not a supercomputer at all! It’s a 8 slot blade server with each board supporting dual Xeon processors. So the $25000 i would guess is for the system and one blade with one CPU…

Well some teenagers having a LAN party will bring together more CPU power than that nowdays…

Btw. i couldn’t buy one even if i wanted to. Their website didn’t allow me to configure a model since “This section of the Website is compatible with only Microsoft Internet Explorer 6.x and higher.”…

Some more articles about this “supercomputer:”

ZDNet

Windows server division

Howto run chrome on FreeBSD 7.0

So as i promised you in my last post (actually posted from chrome!) here is how i managed to get chrome running on FreeBSD. Actually this time around it was simple… The secret key lies in the new 1.1.4 version of wine released today.

Step by step follows…

First install wine 1.1.4:

% wget http://prdownloads.sourceforge.net/wine/wine-1.1.4.tar.bz2
% tar xfz http://prdownloads.sourceforge.net/wine/wine-1.1.4.tar.bz2
% cd wine-1.1.1

(I had some problems with wineinstall so i did a manual installation)

% ./configure
% gmake depend
% gmake
% gmake install

Now wine is updated, lets do the magic for wine.

(And remember to take a backup of .wine before trying this, or as i do below hide your .wine and install fresh in a new .wine)

% cd ~
% rm winetricks
% wget http://www.kegel.com/wine/winetricks
% mv .wine .wine.old
% sh winetricks msxml3 corefonts firefox flash winxp

So now you can let firefow install chrome for you, just go to chrome.google.com and install it directly from their webpage!

When done quit firefox and run chrome with this command:

wine ".wine/drive_c/windows/profiles/$USER/Local Settings/Application
      Data/Google/Chrome/Application/chrome.exe" --no-sandbox --new-http

Thats all to it now when the wine crew has fixed wine!

Total success in running Chrome on FreeBSD!

No i have secceded in runing chrome on FreeBSD 7.0-STABLE it’s not fast bot it works. I’m even writing this blog entry using chrome!

But i’m not pushing my luck so i will keep this entry short and write the howto in another entry using firefox…

The short story is use wine 1.1.4, but hang on i’ll give you a complete howto in my next entry.