Squid + HAVP + HTML 5 Video tag
Ok, so Fire Fox 3.5 came out yesterday and it now fully supports embedded video objects via the HTML 5 video tag.
Excitedly, I went to test the functionality of this new feature. However, when testing again this URL: http://www.mozilla.com/en-US/firefox/video/ I found that the browser began to load the video but it appeared to just hang. Now, I am using this browser on a network that sends all http traffic through a proxy server which runs Squid, HAVP and SquidGuard.
After further investigation I determined that there was a default setting in the HAVP configuration file (/usr/local/etc/havp/havp.config) that was causing this issue.
Look for this section in the config file:
# Allowing Range is a security risk, because partial
# HTTP requests may not be properly scanned.
#
# Whitelisted sites are allowed to use Range in any case.
#
# Default:
# RANGE false
Change RANGE to:
RANGE true
Remember to restart your HAVP processes.
Now, the browser will be able to play videos since it needs to request files via ranges.
Let me know if this helped you out.
Fedora 10 Cheat Sheet
I wanted to just drop a quick link to a nifty Fedora 10 Cheat Sheet that I found.
http://digitizor.wordpress.com/2009/01/22/fedora-10-reference-cheatsheet/
Enjoy…
Installer Service is not Accessible
I have run into a strange condition on some Windows XP boxes before(imagine that). When I try to install or uninstall anything (including windows updates), I get this error message:
The Windows Installer Service could not be accessed.
This can occur if you are running Windows in safe
mode, or if the Windows Installer is not correctly
installed. Contact your support personnel for assistance.
I don’t have a clue what is causing the Windows Installer Service to not be accessible any longer. However, I have found that the fix is quite easy.
Essentially, you need to be logged in with Administrative privileges and run these two commands from the command line:
msiexec.exe /unregister
msiexec.exe /regserver
This link is the official MS KB article I found this in:
Blocking Flash Ads…
I like to use older and slower hardware to browse the web, etc. These machines have no problems doing this job normally, so theres no reason to replace them and add them to landfills. Just install your Linux distro of choice on them and you are ready to surf (virus free, I might add).
However, there is one thing I have found to consistently detract from my browsing experience on such machines: Flash Ads
These awful and useless pieces of marketing usually waste a huge amount of processing power on nothing. Often I will see them playing animations and things while they burn through almost 90% of CPU power. It’s sad even to imagine how much electricy they waste in causing the processor to run at such a high load. Yikes, just imagine that number multiplied by all the people in the world browsing to sites that use Flash Ads.
Well, if you’re like me and you think enough is enough. Here is how you can block them on your browser.
You must be using Firefox. (If you are not already using Firefox, you should start using it immediatly. Firefox is one of the most secure browsers.)
Install the extension: Ad Block Plus
Once it is installed, you need to add a filter for Flash. Click on Tools -> Add-ons -> Extensions -> Preferences -> Add Filter -> *.swf -> OK
This will block ALL flash content. Obviosly, you can fine tune this to only block certain really annoying sites, etc.
Turn on line numbering in VIM.
Here’s a quick tip for how to turn on line numbering in VIM.
To turn it on:
set number
-or-
set nu
To turn it off:
set nonumber
Remember, you can always add this to your ~/.vimrc for this setting to always be on by default when ever you open VIM.
Received fax report for Hylafax using GAWK.
I like using the open source fax server software Hylafax for deploying fax services to a network.
One of the great things about using Hylafax for fax services, is the great flexibility you get. Lately, one of my users requested that I create a report that could be automatically sent to her group daily. This report was to show all faxes that were sent to their inbound fax number during the previous day. In particular they wanted to be able to look for any faxes that someone had tried to send to them that failed for some reason.
I decied to use GAWK in order to parse the transfer log and create the resulting report. Then, I wrapped this gawk script in a little bash script to add a little functionality. Finally, this bash script was added to cron.daily, so as to produce the report and email it on a daily basis.
Simply change YOURFAXNUMBERHERE to be what receiving fax number you want to report on. Finally you’ll want to pipe the output to mail if you want it to get emailed automatically. I’m sure there are numerous better ways to make the format better, etc. However, this is my quick script and it works perfectly for my needs. Let me know if you find it useful.
#!/bin/bash
#####################################
# faxrecreport.sh
#
# Written by: Jason Fenner
#
# V 1.0
#
# 01/21/2009
#
# This report will print out all
# recv’d faxes for a certain inbound
# fax number that was received
# in the last 24 hour period.
#
####################################
DATEPERIOD=`date –date=yesterday +%D`
FAXNUMBER=”YOURFAXNUMBERHERE”
echo “Fax Receive Report”
echo
echo “——————”
echo “Fax Number: $FAXNUMBER”
echo “24 Hour Period for: $DATEPERIOD”
echo “——————”
echo
echo
awk -F’\t’ ‘BEGIN{ “date –date=yesterday +%D ” | \
getline dateVal; printf(”%15s%30s%15s%7s %8s%50s %12s\n”,”Date”,”Name”,”CallerID”,”Pages”,”Duration”,”Error”,”Ref”); \
for (x=1; x<=140; ++x) {printf( “%s” , “-” ) } \
print “” }
($2 ~ /RECV/ && $16 ~ /YOURFAXNUMBERHERE/ && $1 ~ dateVal) \
{gsub(/\”/,”"); if ($14 == “”) $14 = “None”; \
if ($15 == “”) $15 = “Not Received”; \
printf(”%15s%30s%15s%7s %8s%50s %12s\n”, $1,$9,$15,$11,$13,$14,$3)
}
END{ for (x=1; x<=140; ++x) {printf( “%s” , “-” ) } \
print “” }’ /var/spool/hylafax/etc/xferfaxlog
Creating VSS snapshots on Windows 2003 Server.
At work, I recently was chosen to be the administrator for a new SAN system that we are purchasing. I intend to do a full article at some point about this product once it is installed. For now, I will just tell you that it runs on CentOS and is called FalconStor. Anyhow, while I was in initial technical training on this system we began a discussion about how to correctly backup windows systems, especially servers. The major issue with backing up MS OSes is how to acquiesce all applications running on the system. What I mean by this, is making the system right all data that is in flight to the disk and freezing it.
Microsoft has created an interesting mechanism to make this task more managable. It is called Volume Shadow Service. I suggest reading theese two documents first to get an introduction to what the service is and how it works:
Essentially, when you create a a snapshot using VSS the following highly summarized steps occur:
- VSS sends a signal to all apps that have been registered as Writers. Writers are applications that are writing data to disk in such a way that there might be in flight data. Each of these writers have a different method of acquiescing it’s data. For instance, the file system will flush all of it’s buffers to disk. Another example of a writer is MS SQL server.
- Each writer will signal back to the VSS manager once it’s data is in a acquiesced state.
- Once all writers have checked in, a Copy on Write snapshot is created. This snapshot is essentially a frozen image of the data. This COW snapshot is only updated with differential data.
- The VSS manager will wait until it knows that the COW snapshot has successfully been created.
- Finally, the VSS manager will notify all writers that they can now un-acquiesce their data. Essentially, this will thaw out the data and let whatever was being buffered, be written to disk.
- All operations have now been completed and a COW based snapshot now exists.
All applications written for the Microsoft platform are supposed to utilize the VSS sub-system for acquiesceing it’s data. Therefore, the only way to acquiese data on a MS OS is to use VSS. The reader of this article who has been paying attention will notice something at this time in relation to Microsoft backup software. Many software companies that sell backup tools for the Microsoft platform also sell little applications called ‘Agents’. Such as ‘Agent for Open Files’. It should now be clear that the only way that these applications could be working, is by creating a VSS snapshot and then backing up from that. Therefore, it would appear that you really don’t need these agents. One could simply write some scripts that would be lauched using the pre and post script starters of your backup software that could handle this task. The scripts would simply create the snapshots when needed and delete then when the backup is done.
How would one access the the snapshot though? How do you actually get at that volume? The VSS snapshot is not normally exposed as a drive. However, you can install the tool vshadow.exe from the VSS SDK pack. More information about this SDK can be found here. This tool will allow you to create snapshots and manage them in a variety of ways. One of the more useful functions of this tool, is that it will allow you to expose a VSS snapshot as either a drive letter or a mount point. This is excellent for scripting, because now you can create a persistent VSS snapshot and mount it as a drive and copy things off of it…like perhaps a backup.
Lets do a few examples of this process. Before you can try this out, you must install the VSS SDK as discussed above.
Now run:
vshadow.exe -p c:
This will create a persistent VSS snapshot of the C drive. There are two types of VSS snapshots: 1) Persistent 2) Temporary. The default type of snapshot to be created is temporary. Windows XP is only capable of making temporary snapshots. This means that an application can request that a snapshot be created. Once it is created, the VSS system will notify the application of the Global Root ID of the snapshot volume. The application will then access that volume and process it however it wanted to. Once the application is done processing the data, it will then notify the VSS system it is done. The VSS system will then stop holding open the snapshot and it will be destroyed. In Windows 2003 the concept of a persistent snapshot was introduced. This is where a snapshot can be requested and it will remain in existence, even when there is no application still attached to it. We want a persistant snapshot, so we provide the -p argument.
You will now see some output that looks similar to this:
VSHADOW.EXE 2.2 - Volume Shadow Copy sample client
Copyright (C) 2005 Microsoft Corporation. All rights reserved.
(Option: Persistent shadow copy)
(Option: Create shadow copy set)
- Setting the VSS context to: 0×00000009
(Gathering writer metadata…)
(Waiting for the asynchronous operation to finish…)
Initialize writer metadata …
Discover directly excluded components …
- Excluding writer ‘MSDEWriter’ since it has no selected components for restore.
Discover components that reside outside the shadow set …
Discover all excluded components …
Discover excluded writers …
Discover explicitly included components …
Verifying explicitly specified writers/components …
Select explicitly included components …
* Writer ‘System Writer’:
- Add component \System Files
* Writer ‘Event Log Writer’:
- Add component \Event Logs
* Writer ‘Registry Writer’:
- Add component \Registry
* Writer ‘COM+ REGDB Writer’:
- Add component \COM+ REGDB
* Writer ‘WMI Writer’:
- Add component \WMI
Creating shadow set {97147285-295c-4112-ac7b-365a667c62e8} …
- Adding volume \\?\Volume{4910a320-7ecf-11db-8356-806e6f6e6963}\ [C:\] to the s
hadow set…
Preparing for backup …
(Waiting for the asynchronous operation to finish…)
(Waiting for the asynchronous operation to finish…)
Creating the shadow (DoSnapshotSet) …
(Waiting for the asynchronous operation to finish…)
(Waiting for the asynchronous operation to finish…)
Shadow copy set succesfully created.
List of created shadow copies:
Querying all shadow copies with the SnapshotSetID {97147285-295c-4112-ac7b-365a6
67c62e8} …
* SNAPSHOT ID = {647617de-d55b-45c5-a087-74f0143cbffa} …
- Shadow copy Set: {97147285-295c-4112-ac7b-365a667c62e8}
- Original count of shadow copies = 1
- Original Volume name: \\?\Volume{4910a320-7ecf-11db-8356-806e6f6e6963}\ [C:
\]
- Creation Time: 1/14/2009 1:52:16 PM
- Shadow copy device name: \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy5
- Originating machine: mymachine.mydomain.com
- Service machine: mymachine.mydomain.com
- Not Exposed
- Provider id: {b5946137-7b9f-4925-af80-51abd60b20d5}
- Attributes: No_Auto_Release Persistent Differential
- Mark all writers as succesfully backed up…
Completing the backup (BackupComplete) …
(Waiting for the asynchronous operation to finish…)
(Waiting for the asynchronous operation to finish…)
Snapshot creation done.
The important line to pay attention her is the one called SNAPSHOT ID. This is the ID number of the snapshot that was just created. You will need this to expose this volume as a drive letter or a mount point.
You can verify that that the snapshot has been created by running this command:
vshadow.exe -q
At this point you are ready to expose the snapshot as either a drive letter or a mount point.
vshadow.exe -el={18b93c57-ca61-467d-abc4-d4fa19559ded},m:\mypoint
This will expose the snapshot with the ID string that is in the braces on the mount point of M:\mypoint. This command can also be used to just mount it on a drive letter that is currently not in use. To do this, just put the drive letter of choice and colon as the second argument:
vshadow.exe -el={18b93c57-ca61-467d-abc4-d4fa19559ded},X:
Next, you might wonder how you can un-expose a snapshot volume from a drive letter or mount point. I have not been able to find a way to do this, while keeping the snapshot in tact. The only way that I have found to do this is to delete the snapshot itself. If you can figure out a way to keep the snapshot while un-exposing it, please post the solution as a comment to this article.
This command will delete that snapshot volume and remove the drive letter or mount point:
vshadow.exe -ds={18b93c57-ca61-467d-abc4-d4fa19559ded}
That should be enough information to get you started with VSS snapshots. This information should help the skilled SysAdmin take better control of backing up the Windows Server 2003 servers that he is tasked to work with. There are many other features of VSS that seem like they would be interesting to explore, such as transportable snapshots, etc. I hope to look more into it in the future.
Vote on the Fedora 11 release name!
I want to encourage all Fedora contributors to cast your vote for the Fedora 11 release name.
Join me in making your mark on the name of Fedora 11.
Here is a table with the name candidates and a brief definition of each:
| Blarney | Same logic as “Orcher” (Orcher is a castle) but a cooler name and infinitely more themeable. |
| Brasília | Brasilia and Cambridge are counted among the greatest and most respectable University in their countries. |
| Claypool | Actors in Bill and Ted’s Bogus Journey (Ed Cambridge, Les Claypool). |
| Duchess | Is a theatre in London’s West End. |
| Euryalus | Is the name of a British Royal Navy ship that (to add a bit more historical interest) served as flagship to admirals that served under Horatio Nelson at major actions. (Admiral Cuthbert Collingwood, who fought alongside Nelson at Trafalgar, transferred his flag from the Royal Sovereign to the Euryalus briefly after the Royal Sovereign was taken under tow and Admiral Sir Thomas Graves, who fought alongside Nelson at the Battle of Copenhagen, used the Cambridge as his flaghip during the Spanish armament). |
| Indomitable | Like Cambridge, Indomitable was the name of a warship of the royal navy. I think it best describe the unstoppable spirit of Fedora (and linux in general). |
| Leonidas | Was a ship in the Union navy. |
| Zampone | Type of sausage. |
Cast your vote by going to this URL:
https://admin.fedoraproject.org/voting/about/relnamef11
The complete listing of names can be found here:
https://fedoraproject.org/wiki/Name_suggestions_for_Fedora_11
Voting ends and will be tallied at: 23:59:59 January 9, 2009 UTC.
Random Password Generator
In my line of work, I often need to generate random passwords for new accounts. I always find it kind of annoying to have to think these things up. Every now and then I even need to created many at once.
Here is a quick way to generate as many random passwords as you want just using BASH:
for ((i=0; i<10; i=i+1)); do head -c 8 /dev/urandom | uuencode -m - | head -n 2 | tail -n 1 | sed s/\=//; done
Simply adjust the ‘i’ variable in the for loop to change how many passwords you want. The ‘-c’ on the first head statment can be changed to adjust the size of each password that is created. The real nice thing about this little snipet, is that it outputs to stdout…this makes it a cinch to send to output on to something else.
For an added twist, you can use this line to have the generated passwords contain more punctuation marks:
for ((i=0; i<10; i=i+1)); do head -c 8 /dev/urandom | uuencode - | head -n 2 | tail -n 1 | sed s/\`// | sed s/\(//; done
With this one, make sure you filter out any special characters that aren’t allowed in your new passwords.
Enjoy.
Do neat tricks with WMI from the DOS prompt.
In my System Administrator role, I am always looking for ways to make my job easier. Often I can make my job easier by finding ways to be more efficient. One of the the best ways to become more efficient is by writting scripts to automate tasks for you….scripts can be like little robots that do work for you. However, sometimes the task you are trying to do doesn’t need a whole script because it’s something small. This is where WMI can be really helpful.
We all know that Windows is very high maintenance. Many tasks related to servicing users’s workstations often requires making a remote desktop connection or physically walking over to their desk. However, much of this tedious work can be conducted right from your workstation more efficiently by using WMI.
Most articles on the internet discussing WMI that I’ve seen are talking about utilizing WMI via VB script. I’ve found that usually, I do not need a whole script…rather I just need to remotely launch an application or view all installed updates, etc. Quick actions like those can be done without writting any scripts even by using WMIC. WMIC is that WMI console for the DOS prompt.
Here is a good article that demonstrates some basic uses and should get you on a good start using WMI in daily tasks:
http://blogs.technet.com/askperf/archive/2008/04/18/wmic-leveraging-the-power-of-wmi.aspx
