Author: mario

Changed to event mpm

Posted on by mario

I made some testing on my dev machine and liked event mpm. So I installed it here. I noticed that  the event mpm closes the connections faster than worker mpm. Some download tests sadisfied me. Less memory usage and faster serving :-) For now I keeped the settings from worker mpm. I’ll look for tweaking in the next days.

Different to the docs event mpm works fine with SSL.

sudo apt-get install apache2-mpm-event libapache2-mod-fcgid

Also the serving PHP over fcgid is nice.  The implementation of PHP over fcgid in the older post.

reddot rql finishtranslation

Posted on by mario

Howto get a page released from translation editor

Function finishtranslation(pageguid,availableLangVariantId)
 dim xmlString
 dim resXML
 xmlString = "" _
 & "<IODATA loginguid=""" & Session("LoginGuid") & """ sessionkey=""" & Session("SessionKey") & """>" & Vbcrlf _
 & "<WORKFLOW>" & Vbcrlf _
 & "<PAGES action=""finishtranslation"" sourcelanguageid="""& Session("LanguageVariantId") & """ targetlanguageid=""" & availableLangVariantId & """>" & Vbcrlf _
 & "<PAGE guid=""" & pageguid & """/>" & Vbcrlf _
 & "</PAGES>" & Vbcrlf _
 & "</WORKFLOW>" & Vbcrlf _
 & "</IODATA>" & Vbcrlf
 
 If show_debug = true then
 Response.write("<div style=""margin-left:20px; border:1px solid green;""")
 xmlString = replace(xmlString,"<","&lt;")
 xmlString = replace(xmlString,">","&gt;")
 Response.write("[" & xmlString & "]")
 response.write("</div>")
 End If
 
 resXML = objIO.ServerExecuteXml(XMLString, sError)


 If sError <> "" Then
     Response.Write "<span style='color:red'>" & sError & "</span><br />"
 End If

End Function
Lorem

Install Tweetdeck on Ubuntu 10.04 64 bit

Posted on by mario

The worse thing about this is that there is only a 32 bit version of adobe air which is needed to run tweetdeck.

sudo apt-get install lib32asound2 lib32gcc1 lib32ncurses5 lib32stdc++6 lib32z1 libc6 libc6-i386 lib32nss-mdns
wget http://frozenfox.freehostia.com/cappy/getlibs-all.deb
sudo dpkg -i getlibs-all.deb
sudo getlibs -l libnss3.so.1d libnssutil3.so.1d libsmime3.so.1d libssl3.so.1d libnspr4.so.0d libplc4.so.0d \
libplds4.so.0d libgnome-keyring.so libgnome-keyring.so.0 libgnome-keyring.so.0.1.1
sudo ldconfig

Download the AdobeAIRInstaller.bin from http://get.adobe.com/de/air/otherversions/

chmod +x ~/Desktop/AdobeAIRInstaller.bin
sudo ~/Desktop/AdobeAIRInstaller.bin

Keept the /opt folder

goto http://www.tweetdeck.com/desktop/

reddot rql release page

Posted on by mario
Set objIO = Server.CreateObject("RDCMSASP.RdPageData")
objIO.XmlServerClassName = "RDCMSServer.XmlServer"
Function release_page(thispageGuid)
 dim xmlString 
 dim resXML
 xmlString = "" _
 & "<IODATA loginguid=""" & Session("LoginGuid") & """ sessionkey=""" & Session("SessionKey") & """>" & Vbcrlf _
 & "  <PAGE action=""save"" actionflag=""4096"" guid=""" & thispageGuid & """ globalrelease=""0"" languagevariantid=""" & Session("LanguageVariantId") & """/>" & VbCrLf _
 & "</IODATA>" & Vbcrlf
 resXML = objIO.ServerExecuteXml(XMLString, sError)
 If sError <> "" Then
     Response.Write "<span style='color:red'>" & sError & "</span><br />"
 End If
End Function

Die schwierige Arbeit in einer IT-Hotline…

Posted on by mario

Anfrage von Anwenderin:

Wenn ich ein Film auf meine Diskette speichern möchte, kommt die Meldung, dass auf der Diskette nicht genügend Speicherplatz vorhanden ist.

Dann versuche ich mit -speichern Verknüpfung und dann ist Platz genug und Film ist auf der Diskette.

Problem ist aber, wenn ich diesen Film auf der Diskette auf einem anderen PC anschauen möchte.

Da kommt die Meldung: -nicht gefunden. Aber auf meinem PC funktioniert es. Was kann es sein?

Antwort IT-Hotline:

Sehr geehrte Anwenderin,

in Ihre Handtasche passt Ihr Pelzmantel einfach nicht rein. Ein Zettel mit Vermerk, dass Ihr Pelzmantel im Schrank hängt, passt in Ihre Handtasche rein. Also solange Sie diesen Zettel daheim lesen, finden Sie Ihren Pelzmantel im Schrank.

Schwieriger wird es, wenn Sie Ihre Freundin besuchen und dort Ihren Zettel lesen und erfahren, dass Ihr Pelzmantel im Schrank hängt. In dem Schrank von Ihrer Freundin können Sie suchen, so lange Sie wollen, Ihren Pelzmantel finden Sie dort bestimmt nicht…

Noch eine Hilfe:

Handtasche = Diskette
Pelzmantel = Film
Zettel = Verknüpfung
Schrank = PC
Motten im Schrank = PC Virus
Nachbar im Schrank = Hacker

…alles klar?!

SSH Tunnel Bypassing Transparent proxy using apache

Posted on by mario

A feature of the apache webserver is that it allows to to create a SSH connection through a transparent proxy / firewall. This is a stealth technic so no one will see it even in a large company network. Only IPoAC is able to interference this.

If you have internet access to port 80 (http) or 443 (https) you can establish a SSH connection to one of that ports. Proxys want the users to surf the web. most of the proxyes will only let their users through the paths they know safe (or whatever filtering their administrators may have set). In the best scenario, the proxy will not allow one particular HTTP method called CONNECT. This method is the one used for SSL / TLS protocol. It establishes a tunneled connection between the client and a remote server, through the proxy server. Since it is used by SSL / TLS, some proxys will let the CONNECT method free to certain sites, and most probably only on port 443.

Apache plus mod_proxy module will let us set up an HTTP server listening on port 80, and at the very same time an HTTP proxy. The proxying part is done by mod_proxy. This module turns Apache into a fully functional HTTP forward-proxy and reverse-proxy. the exciting feature of mod_proxy is its ability to handle the CONNECT method. It will even handle it if the transparent proxy, at the boundaries of our enterprise network, does not allow the CONNECT method. This, because we will talk GET and POST with Apache, the CONNECT thing happens inside Apache, and outside of the control of the enterprise proxy. The end result: we can use the CONNECT method.

Client side

  • SSH Client
  • Proxyclient

server side

  • apache webserver 2.x

This is an example virtual host configuration which I used for testing this implementation.

<VirtualHost *:80>
ServerName proxy.mydomain.com
ProxyRequests On
AllowCONNECT 22

<Proxy *>
Order deny,allow
Deny from all
</Proxy>

<ProxyMatch (host1|host2)\.mydomain\.com>
Order deny,allow
Deny from all
#Now we allow only our IP to access. Note that this IP must be the  public IP address of the enterprise proxy:
Allow from 222.22.22.100
</ProxyMatch>

# This directive enables DNS lookups so that host names can be logged. The  value Double refers to doing double reverse DNS lookup.
#That is, after a  reverse lookup is performed, a forward lookup is then performed on that  result. At least one of the IP addresses in the forward lookup must  match the original address. It is paranoid but is a good security  measure

HostnameLookups Double

ErrorLog /var/log/apache2/proxy.error.log
CustomLog /var/log/apache2/proxy.access.log common
</VirtualHost>

And now, the final step: configure our browser to use 127.0.0.1 on port 8080 as proxy. Finally we can login to our SSH server and try pointing our browser to any website we know blocked by the enterprise transparent proxy!

I know I left the part setting up apache and proxy, but this isn’t a tutorial for noobs ;-)

This is the BEST part of using Apache. You can set it up as normal web server, serving some webpage. This way whoever point to mydomain.com will see a normal and harmless website, and won’t be able to distiguish it from a non-proxying server.

Author Archive

Archives by Month: