2009年10月30日 星期五

network access control

Network Access Control

FreeNAC
netpass
PacketFence
HUPnet
NetReg
RINGS

VPN - by IPSEC

Build an IPSEC VPN without Losing Your Mind show a sample to build VPN by IPSEC.

A tutorial is shown in Openswan's wiki

btw, OpenSwan is a fork of FreeS/WAN which is no longer in active development.

2009年10月23日 星期五

Ext2 disk driver on Windows

Ext2Fsd Project
Tools and utilities for Windows

AMF - Action Message Format

More and more web pages embedded flash to do complicated task.
e.g. the hottest facebook farm game.

I just wonder how messages are exchanged in HTTP protocol level.
After track down the traffics, there is a lot of AMF payload in HTTP body.
I would like to do something to remove weed/pest automatically.
And it is necessary to understand the AMF first.

Action Message Format in Wikipedia

AMF - Gnash Project Wiki show information and library for this.

OSFlash - Open Source Flash also shows the information/code for this.

Google App Engine -- PyAMF - AMF for Python

amfast - Flash remoting framework for Python - it is easy to use its AMF Encoder/Decoder.
The same author also have a few document on this topic.

logical volume, snapshot and db backup

Recently, I get the chance to review the usage of the snapshot of a file-system.

In Linux, only logical volume supports this feature. Btrfs is also documented to support this feature.
In AIX, JFS supports snapshot. (But there is no document mention this in Linux's implementation)
In Solaris, ZFS directly support this. (ZFS provide logical volume management, raid management etc). UFS also supports this.

Logical Volume Snapshots - shows information on this topic.

So, is it possible use the snapshot feature to back up a database ?
Yes, it is possible in limited condition.

Here is the reference
PostgreSQL 8.3.8 Documentation Chapter 24. Backup and Restore 24.2. File System Level Backup - list the pros and cons of this.

MySQL Volume Snapshot for Backup also shows the similar information on this topic.

In short, if you want to use this feature, all files must be in the same filesystem/logical volume.
And this may take a long time to complete the job.

google map

google map for local search - interesting.
It create a really large map.


Google Geo Developers Blog - list many use cases.

[採訪]Google地圖新增5大縣市大眾交通工具路線規劃 - Mobile01 討論群組

geocode service on the Internet

Geocoding & Reverse Geocoding Links - list useful links for this


Yahoo! Maps Web Services - Geocoding API - the limit is 5000 per day per ip.

FAQ - Google Map API - the limit is 15000 per day per ip.

Geocoding Addresses with PHP/MySQL - gives code to run geocoding in batch mode and through Google HTTP Geocoding Service.

Geocoder | Android Developers - list java class that support geocoding in Android.

Android Developers Blog - something about Android.

login a server without password in ssh environment

memo down interesting thing here. More Linux Remote Networking Tips and Tricks (part 2)

Here is the assumption:
SERVER - where the sshd is running
CLIENT - where the ssh is running


1. configure SERVER's sshd to accept encryption keys login, not only password logins.

in SERVER's /etc/ssh/sshd_config, enable following config line

RSAAuthentication yes
PubkeyAuthentication yes

then , ask sshd to read the config file again by sending SIGHUP to the running sshd

2. create encryption keys in CLIENT's.

# cd ~/.ssh
# ssh-keygen -t rsa -f user_SERVER
ssh-keygen -t rsa -f root_ora1
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in user_SERVER.
Your public key has been saved in user_SERVER.pub.
The key fingerprint is:
ea:3b:de:02:b6:38:d6:c5:9e:1a:68:fa:e7:64:50:35 user@CLIENT

3. install the public key to SERVER
# cd ~/.ssh
# ssh-copy-id -i user_SERVER user@SERVER
0
user@SERVER's password:
Now try logging into the machine, with "ssh 'user@SERVER'", and check in:

.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.


4. create alias to save the typing.

# alias 2SERVER='ssh -i ~/.ssh/user_SERVER user@SERVER'

And you can run 2SERVER to login SERVER as user now.