Software

Change the time & date log format For Squid.

From: 1295723692.628 24 192.168.200.6 TCP_MISS/200 3505 GET https://web.archive.org/web/20130823023017/http://i3.ytimg.com/vi/ru8ddkzOFUI/default.jpg - DIRECT/74.125.79.101 image/jpeg

To: 22/Jan/2011:20:48:17 +0100.079 40 192.168.200.6 TCP_MISS/304 353 GET https://web.archive.org/web/20110124082452/http://s.ytimg.com/yt/cssbin/www-embed-vfl0GVaH1.css - DIRECT/74.125.79.101 -

In the Squid config comment all “logformat” lines, and add:

logformat squid %tl.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt

FYI; Default is:

I tend to restart OpenVPN a lot due to config changes. As a result, this brings quite some issues to MRTG (or more precisely, SNMP), due to the fact tun devices change of ID.

A while back, I found a quick fix for this; rename the interface targets from their respective ID to their name:

Target[eth0]: 2:public@localhost

becomes

Target[eth0]: #eth0:public@localhost

#
# Eth0 stats
#
Options[eth0]: growright, nobanner, pngdate, nopercent, noinfo
Target[eth0]: #eth0:public@localhost:
SetEnv[eth0]: MRTG_INT_DESCR="eth0"
MaxBytes[eth0]: 1250000
Title[eth0]: Traffic Analysis for deng
PageTop[eth0]: <H1>Traffic Analysis for deng (eth0)</H1>
#
# Eth1 stats
#
Options[eth1]: growright, nobanner, pngdate, nopercent, noinfo
Target[eth1]: #eth1:public@localhost:
SetEnv[eth1]: MRTG_INT_DESCR="eth1"
MaxBytes[eth1]: 1250000
Title[eth1]: Traffic Analysis for deng
PageTop[eth1]: <H1>Traffic Analysis for deng (eth1)</H1>
#
# tun0 stats
#
Options[tun0]: growright, nobanner, pngdate, nopercent, noinfo
Target[tun0]: #tun0:public@localhost:
SetEnv[tun0]: MRTG_INT_DESCR="tun0"
MaxBytes[tun0]: 1250000
Title[tun0]: Traffic Analysis for deng
PageTop[tun0]: <H1>Traffic Analysis for deng (tun0)</H1>

As you noticed… Or perhaps didn’t notice, I’ve started using a new, simplistic theme a couple of days ago.

Kinda thought it might be too simplistic (I’ve hidden the sidebar, there’s no search or archive, etc), but I started to, you know, get attached to it.

So it’s here to stay, for a year or something. I guess.

I’ve also noticed that the long load times on my blog were WP_Buzz’s fault. Nice plugin, but 15 to 45 seconds of load time per uncached page wasn’t really worth it. Hope it can be fixed.

I noticed my “Offline Address Book” was no longer automatically updating.

Running “get-offlineaddressbook |fl” in the EMS showed it last updated somewhere 16th November 2010.

Trying to manually update it through EMC (“Organizational Configuration > Mailbox > Offline Address Book > right click Default Offline Address Book > click update”) it gave me this error:

 --------------------------------------------------------
 Microsoft Exchange Error
 --------------------------------------------------------
 Action 'Update' could not be performed on object 'Default Offline Address Book'.
 Default Offline Address Book
 Failed
 Error:
 Failed to generate the content of the offline address book
 '\Default Offline Address Book'.
 Two possible reasons for the failure are that the System Attendant Service is not running or
 you do not have permission to perform this operation. Error message :
 'Error 0x6d9 (There are no more endpoints available from the endpoint mapper) from RpcEpResolveBinding'.
 Error 0x6d9 (There are no more endpoints available from the endpoint mapper) from RpcEpResolveBinding
 --------------------------------------------------------
 OK
 --------------------------------------------------------
 --------------------------------------------------------
 Microsoft Exchange Error
 --------------------------------------------------------
 Action 'Update' could not be performed on object
 'Default Offline Address Book'.
 Default Offline Address BookFailedError:Failed to generate the content of the
 offline address book '\Default Offline Address Book'. Two possible reasons for
 the failure are that the System Attendant Service is not running or you do not
 have permission to perform this operation. Error message :
 'Error 0x6d9 (There are no more endpoints available from the endpoint mapper) from RpcEpResolveBinding'.
 Error 0x6d9 (There are no more endpoints available from the endpoint mapper) from RpcEpResolveBinding
 --------------------------------------------------------
 OK
 --------------------------------------------------------

I googled for quite a while trying to find a fix, but nothing useful could be found.

Right, playing around with my blog again. Wasn’t really that happy anymore with my nginx rproxy caching. Especially that for some reason, lately, every (php) request got at least one hit to the backend Apache server, while it used to cache the generated html for 30 mins.

And well, performance just wasn’t good enough. So I said bye to one.rootspirit.com, and hi to vm1.rootspirit.com a couple of days ago. Vm1 is no longer the nginx proxy, but is hosting my whole blog now. No more Apache for me.

I giggled. And then cried a little bit.

vm3:/# iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination 85.12.6.173:8180
WARNING: Could not open 'kernel/net/netfilter/x_tables.ko': No such file or directory
FATAL: Could not open 'kernel/net/ipv4/netfilter/ip_tables.ko': No such file or directory
iptables v1.4.2: can't initialize iptables table `filter': iptables who? (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

Solution:

vm3:/# depmod
vm3:/# iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination 85.12.6.173:8180

All ok :)

javax.servlet.ServletException
org.apache.catalina.security.SecurityUtil.execute
(SecurityUtil.java:294)

Solution:

Create 20servlets.policy:

nano -w /etc/tomcat5.5/policy.d/20servlets.policy

And add:

grant codeBase "file:${catalina.base}/webapps/-" {
permission java.security.AllPermission;
};

And restart Tomcat

/etc/init.d/tomcat5.5 restart

$ ssh vm3.rootspirit.com -l root
root@vm3.rootspirit.com's password:
PTY allocation request failed on channel 0
stdin: is not a tty

mkdir /tmp/disk
mount /path/to/disk.img /tmp/disk
chroot /tmp/disk /bin/bash

nano -w /etc/fstab

none            /dev/pts      devpts    defaults        0   0

apt-get install udev

exit
umount /tmp/disk
xm create /path/to/xen/vm.cfg

I had to start a new Xen domU this afternoon,

xm create vm#.domain

But this resulted in following error:

Error: Device 5632 (vbd) could not be connected. Failed to find an unused loop device

Solution:

Create /etc/modprobe.d/local-loop.conf with this content:

options loop max_loop=64

Turn off all DomUs, yes, bummer. You’ll need to reload the loop module which won’t work if Xen is still using them. xm list should only display Domain-0.