No sound when plugging in headphones

Notebook model: Terra Mobile 1773P
OS: Ubuntu 12.04, 64bit
Loaded modules: snd_hda_codec_realtek, snd_hda_intel

Sound works fine while listening via notebook speakers.
But when plugging in headphones, there is no sound at all.

Checking alsamixer (in command line) shows that “Headphone” cannot be chosen, and “Speaker” is muted. When turning up “Speaker” volume, there is sound on the headphones…

Permanent solution:
Edit /usr/share/pulseaudio/alsa-mixer/paths/analog-output-headphones.conf :

[Element Speaker]
switch = mute
volume = merge

Intel ( 4965 ) WLAN & Linux

WLAN disconnects. Every now and then.
Sometimes every hour, sometimes every 5 minutes.

Log:
Microcode SW error detected. Restarting 0x82000000.
Firmware version: 228.61.2.24


I had the problem with Ubuntu 9.10 (Karmic Koala)
and with Ubuntu 10.10 (Maverick Meerkat), too.
Maybe there’s a problem with the driver and the hardware encryption of the chipset?

And because I never want to search for this again, here’s what did it for me:

Create /etc/modprobe.d/iwlagn.conf with this content:
options iwlagn swcrypto=1

Reboot -> no more problems : )

Found at: Ubuntu Forum Community

DNS-Server bei FRITZ!Box umstellen

Getestet mit FRITZ!Box Fon WLAN 7170 & Firmware-Version 29.04.70
 
Wenn man etwas sucht, findet man schon einige Anleitungen, daher hier nur die Kurzfassung..
 
Telnet-Server auf der FRITZ!Box aktivieren (via Telefon):
#96*7* -> telnetd an
 
Via telnet konnektieren und mit dem Kennwort der Weboberfläche einloggen.
In der Konsole in das Verzeichnis /var/flash/ wechseln und mit nvi die Datei ar7.cfg bearbeiten.
Hier gibt es (bei meiner Box vier) Einträge für overwrite_dns.
Diese entsprechend anpassen (z.B. für OpenDNS):
  overwrite_dns1 = 208.67.220.220;
  overwrite_dns2 = 208.67.222.222;

 
Speichern, beenden und anschliessend die Box mit reboot neustarten.
 
Aus Sicherheitsgründen Telnet-Server auf der Box wieder deaktivieren:
#96*8* -> telnetd aus
 
Ob das ganze geklappt hat, sieht man bei OpenDNS z.B. beim Aufruf der Startseite.
Hier sollte jetzt ein Hinweis “You’re using OpenDNS!” angezeigt werden.
 
PS: Basics über den Texteditor vim (oder dessen Ableger) sollten vorhanden sein.

MySQL Replication Failed

I wanted to replicate a MySQL-Database using the integrated Master -> Slave mechanism.

Master-System:   openSUSE 10.2, MySQL 5.0.26
The Slave-Setup: openSUSE 11.1, MySQL 5.0.67

This is quite easy to setup usually. This time, I almost had a nervous breakdown.
On the slave side the replication just didn’t start. The logfile showed these errors:

090421 20:49:28 [ERROR] Slave: Error 'Duplicate entry '790233' for key 1' on query.
...
090421 20:49:28 [ERROR] Error running query, slave SQL thread aborted. Fix the problem, and restart the slave SQL thread with "SLAVE START". We stopped at log 'mysql-bin.000008' position 30408893


As checking the database and making sure that there were no “duplicate entries”,
did not bring up any results, I found something curious (after hours and hours).

On the Master-System:

mysql> SHOW MASTER STATUS;
+- - - - - - - - + - - - - - + - - - - - - - + - - - - - - - - -+
| File           | Position  | Binlog_Do_DB  | Binlog_Ignore_DB |
+- - - - - - - - + - - - - - + - - - - - - - + - - - - - - - - -+
| mysql-bin.0001 |    10034  | mydb,mydb     |                  |
+- - - - - - - - + - - - - - + - - - - - - - + - - - - - - - - -+

Why is the database listed two times? In the configuration it’s only used one time:
 
binlog-do-db = mydb

 
After spending some time on google, I found the reason:
http://bugs.mysql.com/bug.php?id=20748
It’s a bug : / MySQL (in that version) is reading the configuration file twice.
 
If installing a newer version is not possible, you can use this workaround:
Start MySQL with the option --defaults-file=/etc/my.cnf
This advices MySQL to ONLY use this config file.

Prevent SSH Brute Force attacks

When checking logfiles, I often can see brute force attacks – especially against the ssh daemon.
Of course, best way would be to block all ssh traffic except from your office/home ip.
If this is not possible for various reasons, you can make life a little harder for “intruders” using iptables.
 
Aim:
If there are more than three connection attemps within 120 seconds,
all traffic from potential attacker to ssh port (tcp, 22) shall be blocked temporarily.
 

#!/bin/bash
#
IPTABLES=`which iptables`
#
### if more than three new connections in 120 sec -> log
$IPTABLES -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW -m recent \
--rcheck --seconds 120 --hitcount 3 --rttl --name SSH -j LOG --log-level 7 \
--log-prefix "Possible SSH breakin attemp: "
#
### if more than three new connections in 120 sec -> drop requests
$IPTABLES -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW -m recent \
--update --seconds 120 --hitcount 3 --rttl --name SSH -j DROP
#
### remember new, established connections
$IPTABLES -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW -m recent \
--set --name SSH -j ACCEPT
#
### generally allow ssh connections
$IPTABLES -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT
#
# ---
# -I INPUT .. -> iptables chain
# -i eth0 ... -> interface to apply rule to
# -p tcp .... -> use tcp port
# --dport ... -> destination port 22 (SSH)
# -m recent . -> matching state
# --state ... -> can be NEW, ESTABLISHED, RELATED or INVALID
# -rcheck ... -> will check if the source address of the packet is currently in the list
# ---

 
 
If it works, you should see entries like this in your firewall log
(i.e. in /var/log/firewall [ openSuSE ]):
 

Feb 28 15:14:20 cypher kernel: Possible SSH breakin attemp: IN=eth0 OUT= MAC=00:0c:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx SRC=123.xxx.xxx.xxx DST=223.xxx.xxx.xxx LEN=60 TOS=0x00 PREC=0x00 TTL=59 ID=52858 DF PROTO=TCP SPT=38220 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0

exim graphs

Because I did not found a tool to create graphs (the way I want it)
from exim logs, I wrote a little bash script that suits my needs.
 
Example graph:
 
mailfilter graph
 
Download: exim_rrd-0.9.5.1 (updated 2009-03-07 [bugfix])
 
I’m not a programmer, so the script can be improved – no question : )
If you have any hints, please tell me.
 
 
Usage: run as cronjob, i.e.
# mail statistic
*/5 * * * * /usr/local/bin/exim_rrd > /dev/null 2> /dev/null

 
 
dependencies:
rrdtool [ http://oss.oetiker.ch/rrdtool/ ] ^ thanks to Tobias Oetiker
(e)grep
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
tested with:
rrdtool 1.2.23, rrdtool 1.2.27
openSUSE 10.3 (i586), exim 4.69 main log
openSUSE 11.0 (i586), exim 4.69 main log

More OpenSource virtualization

Wow!
I just found Proxmox Virtual Environment (v1.1) which is kind of combination between VMware and OpenVZ.
There is the possibility to run Virtual “chrooted” Appliances and “real” Virtual Machines.
That means, you have your Linux boxes (OpenVZ style) and Windows machines (KVM virtualization).
-> (Almost) NO overhead, when running linux clients (because of chrooted environment)
-> Possibility to run Windows machines, etc., too

Features:
– Out-of-the-box installation (insert CD, [Enter], [Enter], ready)
– Web based management
Cluster functionality
– Live migration
– Install clients from ISO files (full virtualization)
– Run (OpenVZ) templates (container virtualization)
– Backup / Restore (via LVM snapshots)
– Testing Proxmox VE in VMware
– ….

I think it’s worth to have a look at …

Note: 64bit CPU required; for full (KVM) virtualization, you need Intel VT / AMD-V support.

Online Whiteboard

Nice!
At ScRiBLink you’ll find a free, powerful whiteboard where you and your colleagues can work on your ideas together.
No registration is required : )
 
Additional features like
– picture upload
– chat
– math functions
– multiple users
– ….
give you a good base to start sharing concepts online, etc..
 
Note: Maybe it’s not working behind corporate firewalls because it uses additional tcp ports.
 
 
Online Whiteboard
 
If you know about alternatives, please comment.