red hat

Port forwarding with Linux

Dave Farquhar General , ,

It’s Tuesday. I can’t wait for the weekend. Hey, at least this week we get a little break on Wednesday, at least in the States.
I posted some mail last night. Among those was a request that I reveal some of my Linux server-at-home secrets. I think I’ve sufficiently covered the creation of mail and Web servers, but I’ll go back and look some other time, when my brain’s less fried. I spent the day trying to make bootable Linux CDs. I’m thankful for CD-RWs, because I would have toasted about 10 CD-Rs in that process. I’ve found a Web site at work that talks all about it; I’ll refrain from calling it great until I figure out whether all of its steps actually work. I have made one successful bootable CD using the process, but it wouldn’t do everything I wanted. When I subbed in my own kernel that could do everything I wanted and left things like amateur radio support behind (just what I always wanted… a HAM-enabled Linux boot CD. Be still, my heart!) I got various different error messages. So not only am I wrong, I’m inconsistently wrong.

Anyway, let’s talk about firewalling. I don’t write firewalling scripts by hand; I let an expert do it. Then I go in and make slight modifications. My favorite method by far is to use PMFirewall, which asks you a bunch of nice questions and then writes a script. At present it only works with 2.2-based distros (a version for 2.4 is in alpha). If you want to do some forwarding, all you have to do is edit rc.firewall and add a couple of lines (this example assumes you’re running a Web server on 172.16.0.10, port 80):


echo "1" > /proc/sys/net/ipv4/ip_forward #enable IP forwarding
/usr/sbin/ipmasqadm portfw -a -P tcp -L $IPADDR 80 -R 172.16.0.10 80 #forward Web services to port 80 on 172.16.0.10

If you’re also running IMAP services on the same box, you can theoretically open it up with this line (I haven’t tried anything like this yet):


/usr/sbin/ipmasqadm portfw -a -P tcp -L $IPADDR 143 -R 172.16.0.10 143 #forward IMAP to port 143 on 172.16.0.10

Forwarding with Freesco is supposed to be easy but I’ve never actually done it yet. I’ll have to play around with it, on someone else’s cable or DSL connection of course (we wouldn’t want to keep anyone from reading these pages, after all). I believe Freesco is still 2.0-based, and firewalling and forwarding has changed with each major kernel revision since 2.0. It may have changed some before that too, for all I know, but back in those days I was fighting Slackware on 486s and deciding I hated Linux. It wasn’t until 1997 when a coworker gave me a copy of Red Hat 5.2 that I changed my mind and realized I didn’t hate Linux, I hated Slackware.

E-scape from the Hotel California…

Dave Farquhar General , , , ,

Escaping Microsoft’s Hotel California. For lack of any other available alternative, I started using Outlook Express for mail about 18 months ago. It’s a decent mail client, does most of what I want–I don’t want much–and doesn’t do too terribly many things I don’t want it to. But it’s Microsoft. It runs on Windows. Its file formats are proprietary. It forces me to read my mail with the same workstation all the time. Migration makes me leave the mail behind. Most of it I want to leave behind, but do I want to sort it? NO! OK then. What to do?
Make an IMAP-enabled mail server out of a deprecated old PC and move all that mail over to it, that’s what. I tried to do this with TurboLinux but none of my mail clients wanted to talk to it. Since all of the books I have talk about Red Hat, I went with it, and it worked.

Here’s what I did. Install basic Red Hat. Include sendmail, procmail, fetchmail, imap. I pulled out all the XFree86 stuff. GUIs are for workstations. Command lines are for servers (and for workstations where you expect to get any work done quickly). Actually, I also pulled out just about everything else it would allow. A secure installation is a minimalist installation. After installation, edit /etc/inetd.conf. Uncomment imap line, save and exit. (I like pico, but you can do it with vi if that’s all you’ve got–find the line, delete the comment character, then save by hitting ZZ.) Bounce inetd with /etc/rc.d/rc3.d/inet stop ; /etc/rc.d/rc3.d/inet start. Create a user account with adduser [name] ; passwd [password].

Connect to your new IMAP server. For now, just use your ISP’s existing mail server for outgoing mail; use your IMAP server for incoming. Your username and password are the name/password you just created. After a brief delay, you should see your empty inbox, and you can start dragging stuff to it.

It went great for me. I created a new IMAP folder, opened one of OE’s folders, dragged all the contents over to the IMAP folder, and bingo! They moved. Read status and date were preserved too. (I’ve seen IMAP servers that wouldn’t do that.) I switched to another PC that had OE loaded and connected to my new mail server via IMAP and read some messages. Fantabulous.

Theoretically, I can go to my DSL router and forward port 143 to my mail server and read my mail from the outside.

Now, if you want to actually use your mail server to send mail, that gets trickier–you’ve gotta configure sendmail for that. The out-of-box setup is too secure to just use. Open /etc/mail/access and add your LAN to it, like so:

172.16.5 RELAY

Of greater interest is the fetchmail/procmail combo. You can use fetchmail to automatically go grab mail from the 47 mail accounts you have, then use procmail to sort it and filter out some spam.

To configure fetchmail, create the file /root/.fetchmailrc and chmod it to 0600. Here’s a very basic configuration:

#.fetchmailrc
poll mailserver.myisp.com
with protocol pop3
username myname password mypassword is my_name_on_my_linux_box

And finally, what’s the point of running your own mail server if you don’t spam filter it? There are lots of ways to go about it. I’m experimenting with this method. It uses procmail, which is called by sendmail, which is called by fetchmail. See how all this works?

If you want to get really smooth, you can even block mail before you download it with a program called Mailfilter. You probably don’t want to get as fancy with Mailfilter as people do with procmail, but you can use Mailfilter to search for certain key words or phrases like (checking my spam folder) viagra, mortgage, “fire your boss,” “lose weight” and delete them before you waste time and bandwidth downloading them. I’ve read estimates that spam traffic costs ISPs an average of $3 per month per user. Mailfilter won’t save your ISP very much, since the mail’s already been routed through its network and is just on its very last leg of the trip, but it’ll save them a little, and it’ll save you some bandwidth and time, so it’s probably worth it.

So if you’re looking to leave Outlook and/or Outlook Express all behind, or at least give yourself the option to use a different client, here’s the way out. It’s not too terribly difficult. And you gain an awful lot in the process: mail in a standardized, open format; redundancy; ease and versatility of backup (just schedule a cron job that tars it up and does stuff with it); the ability to very, very quickly search all of your mail with the Unix grep command (just log in, type grep -r [search string] * | more, and find what you’re looking for instantly) and far, far better mail filtering options.

And it’s infinitely cheaper (and more secure) than Exchange.

I’m back.

Dave Farquhar General , , , , , , ,

Very interesting. Just as everyone’s proclaiming Linux dead, Red Hat goes and turns a profit for the first time. Yes, there are too many Linux companies. Yes, there’ll be consolidation. No, I’m not convinced that selling it at retail is necessarily the best way to proliferate the system.
I also find it humorous that people like ZDNet’s David Coursey can struggle all weekend setting up a Windows server, yet state that Linux is no threat to Microsoft, even as a server. The implication is that Linux is too difficult. Give me a weekend–actually, more like 5 minutes, if you’ll spot me TurboLinux and a 50X CD-ROM drive–and I can have DNS going on Linux, easy. Give me a day, and I can have a lovely mail server going too. (I intended to do that just this past weekend, actually, but I couldn’t come up with a working ISA SCSI controller to pair up with my army of SCSI CD-ROMs to make it happen.)

Needless to say, this past week I lost most of what little respect I had for Coursey. VMWare runs Windows under Linux better than VirtualPC runs Windows on the Mac, and Coursey’s obviously never heard of it (see that second link).

Don’t get me wrong, Linux setups drive me up the wall sometimes. But I’ve had instances where Windows flat out wouldn’t install on perfectly good hardware, for no good reason, too. And since Linux servers are unencumbered by a GUI, multimedia, Pinball, Internet Exploiter, and other desktop stupidity that has no business on servers, they’re a whole lot easier to troubleshoot. You’ve got a kernel, a daemon or two, and a plaintext configuration file. That’s not much to break. Actually it’s good engineering–a machine should have no unnecessary parts.

So long, Cal Ripken. Cal Ripken announced he’s hanging it up yesterday morning. I had the pleasure of seeing Ripken play shortstop a couple of times in the early 1990s when the Orioles were in Kansas City. Today, in this era of A-Rod and Nomar and Jeter, Ripken’s offensive stats don’t seem so hot. But in the 1980s (and before), if your shortstop could hit .270 and steal the occasional base, you counted yourself very, very lucky. In those days, Ripken not only hit .270, he was consistently one of the best defensive shortstops in the American League. He was never as flashy as Ozzie Smith, but how many shortstops ever fielded .996? You’re happy to get that kind of a fielding percentage out of your first baseman, and first base is the easiest position to play. Not only that, Ripken was also good for 20-25 homers and 80+ RBIs. These days that doesn’t sound too impressive either, but remember that Ripken played the bulk of his career in an era when people rarely hit 40 homers–someone who could pop 30 was considered a real power threat.

And besides all that, Ripken played 2,632 consecutive games, shattering Lou Gehrig’s record of 2,130. Ripken played the majority of those games at shortstop (he also played some third base at the beginning and at the end). Gehrig played his games at first base and in left field, both much less demanding positions. And while Gehrig played every inning of every game just once, Ripken did it four times, in consecutive years (1983-1986).

Ripken’s really slowed down the past three years, but he did end his streak on his own terms before being cut down by injuries his final three seasons. He’s nowhere near the player he used to be. Then again, at the end of his career, Ernie Banks couldn’t hit or field, and he was playing first base. Ripken refuses to move from third to a less demanding position–partly out of pride, but partly because he’s still capable of playing third.

And we can’t forget his loyalty. Ripken’s played his entire career, from 1981 up until now, with Baltimore. You don’t see that much anymore.

01/18/2001

Dave Farquhar General , , , , , ,

A red-hatted worm. Wow. You sure don’t hear about this often.  There’s a worm that exploits a weakness in Red Hat Linux 6.2 and 7.0. Coined the Ramen worm, it defaces Web pages with a tribute to Ramen noodles. This is the first of these that I’ve heard of, and I’ll say it’s an example of why multiple distributions are a good thing. Other distributions aren’t vulnerable to this, so the spread slows. Hardening Red Hat against this isn’t hard–head to securityfocus.com, which anyone who administers Linux boxes for a living needs to be reading anyway. Exploits and fixes are generally documented and fixed long before anything can take advantage of them.

The number of the day is… 114. That’s my IQ, at least according to the 10-minute test I took yesterday in between phone calls while two of my coworkers were arguing about the validity of IQ tests. I popped up, announced my score, fueled the debate and then left. I was feeling vindictive I guess.

Generally, as I understand it, 100 is average. If you’re in the 130s, you’re gifted. I’ve been around some 170s and I keep up with them with no problems. I knew a 190 once. She gave me some problems, partly because I couldn’t understand her when she started spouting off in Latin. Solo hablo ingles y un poco espanol–un muy poco espanol. And I think another part of the problem was I found her boring, too refined.

What’d my coworkers have to say about my score? One of them used me to dismiss all validity of IQ tests–no way that guy’s a 114! His problem-solving ability is too good, and that memory, and and and… Well, slightly above-average people generally don’t write their first book and publish it before their 25th birthday. The coworker arguing in favor of IQ tests blamed my score on environment and poor preparation. I admit, my preparation was awful–I took it on spur of the moment, didn’t check any answers, took a 20-minute test in 10, took a couple of phone calls while I was doing it… So I was hardly scientific.

But what do we mean when we call someone “smart,” anyway?

Good memory? My dad sure had a great memory. I have a pretty good one too. I can probably tell you the starting lineup of every Kansas City Royals team from 1980 to last season. (I’ll spare you). And obscure computer information… don’t get me started. But nobody has a memory as good as a computer. Some would say the only thing dumber than a computer is a toaster, but I wonder, because my toaster sure works a whole lot better than my computer does most of the time.

Intelligence? Intelligence is the ability to reason and analyze. Some people do this really well. Others don’t. Most people who’ve watched me work say I have good troubleshooting and analysis skills, though I often score poorly on tests that measure that. Yet when I took the ACT, I did everything wrong. I went out with my girlfriend the night before. I stayed up late. I decided to come home and study afterward. Then I went in and scored a 30 or 31 on my first try. For those unfamiliar with the ACT, a score of 30 gives you an automatic scholarship from the state of Missouri at any state university. I think 36 is the highest possible score. A score of 26 gets you automatic admission at most state universities. As I recall, I scored in the 98th percentile in social studies, 99th in English, low 80-something in math and high 80-something in science. (Just call me Mr. Humanities.)

Common sense? I guess this is ability to deal with the real world. I’ve run into people who are seriously deficient here. That girl I knew with a 190… She had virtually none. She was always finding herself in situations she couldn’t think her way out of. Some people call this “street smart,” and I think that’s a good description of it. Common sense isn’t as common as it should be.

Wisdom? I think wisdom’s the most important of the bunch. It’s the ability to use what you’ve got. I scored very poorly on one proficiency test that measured my ability to analyze. My biggest beef was that it was heavily slanted towards the mathematically minded, and I don’t have that inclination–my math numbers were what dragged down my ACT score the most–and the last time I had to juggle numbers a lot was in 1994. One time when someone used that score against me, I retorted, “Yeah, so I don’t have as much as some of those guys. At least I know how to use what little I’ve got, and they certainly don’t!” Is it possible that my intelligence and common sense are only slightly above average, and that I use memory and wisdom to compensate? Maybe.

I know someone who doesn’t think she’s smart. And maybe she lacks in one of those areas. I don’t know. What I do know is she knows how to get things done. And I’ve never felt any need to talk down to her. When we’ve talked, I’ve always had the sense she’s understood what I’m talking about–and we’ve talked some pretty heavy subjects at times. Remember my line of work.

When I think smart, I think of those guys I know who had 170-plus IQs and pontificated a lot. She doesn’t do that. But when I think dumb, she doesn’t come to mind either. My former neighbor who believed every conspiracy theory out there and who believed The X-Files is a documentary does. He also tended to overuse profanity and thought very highly of his own intelligence.

I think it was a Supreme Court justice who once said he couldn’t define the word obscene, but he knew it when he saw it. I think the same goes for intelligence. It’s hard to define and even harder to measure, but we know it when we see it.

12/28/2000

Dave Farquhar General , , , ,

Mailbag: (I apologize for the error yesterday!)

VCache; Hacking setup

Sales of Optimizing Windows are surging. It’s been in the 3,000 range lately in sales rank at Amazon, which is much higher than it’s been in many months. The insane $7.50 asking price probably has something to do with it. Across the Big Pond, Amazon UK is sold out and has the book on order. Thanks to all who have ordered copies.

Linux experiments. I loaded up Mandrake 7.2 on my dual Celeron box yesterday. I’d forgotten how nice Linux can be compared to Windows: Here I was, recompiling a kernel, with a full KDE desktop running, and the system was using all of my 320 MB of RAM and not touching the swap space. That’s efficiency. I had a process monitor running, and no matter what I was doing, Linux was using just under 320 MB of RAM for something or another, adjusting its usage on the fly as my demands changed.

So, why was I recompiling a kernel? I wanted an all-Reiser setup, no ext2, for speed purposes, and Mandrake can’t do that out of the box. So I was compiling a kernel to include static ReiserFS support. Then I formatted a Reiser partition and copied the entire setup over to that new partition. But first I had to have a kernel that could speak Reiser from the get-go, which Mandrake’s provided kernel does not. Also, Mandrake’s kernel is Pentium-optimized, and I wanted i686 optimization since this is a Celeron system.

The process for getting an all-Reiser Mandrake setup isn’t too terribly hairy; I’ll probably do a writeup soon. I found some instructions for doing it with Red Hat 6.2, but they were either inaccurate or Mandrake changed some stuff. I was able to figure it out pretty easily, but then again, I was writing a book about Linux until recently so my opinion of the difficulty level probably doesn’t count. Copying 1.1 gigs of data over from the original ext2 filesystem over to the new Reiser filesystem takes a good bit of time though, especially if they reside on the same drive.

It’s pretty impressive how far Linux has come over the course of the past year. Mandrake 7 was good enough that I thought I might be able to get by without Windows. With Mandrake 7.2 I certainly could get by without it, except now I’m making my money off Windows so I won’t. But I could give my mom a Mandrake 7.2 box and she’d be happier with it than she is with the Mac she has at work. It would be far more stable, far faster, less expensive, and it can do everything she does with her Mac (read e-mail, browse the Web, and run WordPerfect). And its hardware use is certainly more prudent than Windows’ is. My dual Celeron-366 is a pretty good W2K box, but running Linux, especially with a custom kernel tuned to my hardware, it’s a really nice workstation. And it was cheap!

Christianity revisited. Hopefully yesterday’s post wasn’t universally read as criticism of Roman Catholicism as a whole. Many Lutherans are every bit as obsessed with traditionalism, hence my “Wait, therefore, for 15th-century Germans to come to you,” statement that I know will offend a number of people. (It’s good for them.)

There are dying churches in every denomination, sadly. And vibrant churches in all of them as well. Hopefully those who survive will be able to carry the torch when they need to.

Aimee Mann rarities. I have information from a reliable source that Aimee Mann’s first recording, Bark Along With the Young Snakes, released in 1982, is still available from the publisher, for $15, shipping included. You can contact him at eazyasabc@nospam.aka.com. (Remove the “nospam” from the address when e-mailing him.)

You bet I’ve already ordered my copy, though more for historical interest than anything else. She’s a much better songwriter at age 40 than she was at 22, but there’s a certain novelty to hearing her sing punk rock.

Sorry about yesterday’s mail. The file is nowhere to be found on this server. I’ll have to let Di know; hopefully it still exists somewhere on her computer.

Mailbag: (I apologize for the error yesterday!)

VCache; Hacking setup

12/10/2000

Dave Farquhar General , , , , ,

Linux for the rest of us. I find the bloatware in current Linux distributions somewhat annoying. It’s nice to have tons and tons of free software right off the bat, but how much of that software is actually useful to the majority of people? Windows users complain about lack of software for Linux, to which Linux zealots usually retort “I have 9 gigs worth of software installed on my PC and didn’t have to pay a dime for any of it, and it’s all legal!”

It’s not really the quantity of software that Windows users are complaining about; it’s type and quality. Give a Windows user a fast and stable Web browser, an instant messaging client, a mail client/PIM, a fully-featured graphical newsreader, a word processor and a spreadsheet that can cleanly handle Word and Excel files, and a fully functional personal finance program, and that’s all they need to be happy. Most of that exists for Linux, or is in development. Fine. Linux is neck-and-neck with the Mac in the race to be #2 on the desktop. Fine.

To anyone who’s read Optimizing Windows, my biggest gripe with Linux ought to be obvious. I spent a good deal of time editing Windows INF files by hand trying to figure out how to get Windows 95 to install in 17 megabytes’ worth of disk space. I presented this, that, and another tweak to minimize Windows’ RAM and CPU usage so that it could be tolerable on a low-end Pentium or 486. Linux fans rightly point to Linux’s modest requirements. They’re very proud of those 2-meg 386SXs running Linux 1.0. But they’re in an arms race to see who can create the GUI with the most eye candy (and highest CPU/memory requirements). Wanna bring a former 550-MHz powerhouse to its knees? Run the Enlightenment window manager on it.

That’s easy enough to fix. Just install IceWM and make it your default window manager, then your 120 MHz Pentium feels OK again. But what of the minimum disk space requirements? Most current distros are difficult to install in less than 500 megs. That sounds awfully Microsoftian to me. True, you can rip a lot of it out, which you can’t always do with MS. But do you know what you can safely get rid of?

That’s what makes the likes of VectorLinux and Peanut Linux attractive. I’ve got a stack of 170-meg drives. I’ve got a 1-gig drive sitting in my 486 because I couldn’t make Red Hat 6.2 small enough to fit on one of the small drives. Five hundred megs for something whose primary job is to route packets is ridiculous. Vector or Peanut will fit. These won’t take forever to download either, because Vector’s less than 70 megs and Peanut’s about 60. I know a company that thinks that’s a reasonable size for a Web browser.

I’m pretty sure I’ll be experimenting with these distros sooner rather than later. I’d love to liberate that gig drive, for instance.

US vs. UK English. I’m trying to write my new Shopper UK article in UK English because I feel bad about the number of edits my UK editors are having to make. Here’s what I can tell, so far, about the differences:

Extra letters. color=colour, favorite=favourite, program=programme, ton=tonne

Sparing use of the last letter of the alphabet. optimize=optimise

Pluralization, er, pluralisation: In US English, a group of people is refered to in the singular, unless that group is in disagreement. In explaining how old software can be better than new software, I drew a musical analogy: Just like Joy Division is better than ‘N Sync, old DOS games are better and certainly more original than many of the newer Windows games. That’s proper US English. Proper British English, from what I can tell, is “Just like Joy Division are better…” In the States, saying that implies that the members are in disagreement as to whether they’re better than ‘N Sync (the three surviving members would not disagree about that; they’d utter a number of profanities and then say, “Of course we were better than ‘N Sync!”).

But I can’t, and won’t try to, mimic the sentence structure of a British writer. I can’t pinpoint the differences, but when I read something written in English, I can almost always tell when the writer is from the British Isles. (Other English-speaking countries like South Africa, Australia, and New Zealand, throw me–but I haven’t read much stuff from there. Canadian writers sound like U.S. writers but you’ll find hints of cultural differences.) You can’t escape what you are, and if I try to sound like anything but a Missourian, it’ll come across as insincere and fake. We definitely don’t want that.

Windows keyboard tricks

Dave Farquhar Windows , , , ,

Those promised keyboard tricks. To get a Windows key, download the Kernel Toys. The keyboard applet, which works under 95 and 98, allows you to remap the caps lock, control, or alt keys to a Windows key. You can also remap the caps lock key to control or alt if you want. 

To assign My Computer to a hotkey, create a new shortcut with the following command line:
explorer.exe /n,/e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}

Next, click on the shortcut key and hit a key (I suggest “m” or “c”) and that’ll give you instant two-pane access to My Computer any time you hit ctrl-alt and that key.

If you want single-pane access (I don’t think it’s as useful, but hey), use this command line instead:
explorer.exe /n,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}

I finally fixed my firewall. I souped up the firewall a while back, then it never worked again. (I guess that’s the ultimate in security, eh? No one can hack in if you’re offline.) I forgot which ethernet card was outgoing and which was pointing inward, to my LAN. Finally, I tried stopping and restarting PMFirewall, which printed my network configuration. When both NICs were assigned to the address 192.168.0.1, I knew I was in trouble. With that tip-off, fixing it took just a matter of minutes.

Speaking of Linux, a speed tip. If you’re running Red Hat Linux as a NAT/IP masquerade gateway to share an Internet connection, do yourself a favor and install the BIND and caching-nameserver RPMs, then set your first DNS entry on your other PCs to your gateway’s IP address. This will make your proxy server look up DNS addresses for you and store them, reducing network traffic slightly but noticeably. The overhead is minimal; I’ve got Steve DeLassus running IP masquerade and caching nameserver on a 486SX/20 and it’s more than up to the task. For a small home network, a 386SX/16 has enough horsepower as long as it meets your distribution’s minimum memory requirements. I’d be more comfortable with a 50 MHz or faster 486 for a small office, but that’s as much due to expected age and reliability as it is to CPU requirements.

If you’re running a close derivative of Red Hat (Mandrake is certainly close enough, and I believe even Caldera and TurboLinux are as well), go ahead and download Red Hat’s caching nameserver RPM. It’s just a couple of short text files, but it’s easier to download and install an RPM than it is to key them in.

Mac mice, PC data recovery

Dave Farquhar General , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

A two-button Mac mouse!? Frank McPherson asked what I would think of the multibutton/scroll wheel support in Mac OS X. Third-party multibutton mice have been supported via extensions for several years, but not officially from Ye Olde Apple. So what do I think? About stinkin’ time!

I use 3-button mice on my Windows boxes. The middle button double-clicks. Cuts down on clicks. I like it. On Unix, where the middle button brings up menus, I’d prefer a fourth button for double-clicking. Scroll wheels I don’t care about. The page up/down keys have performed that function just fine for 20 years. But some people like them; no harm done.

Data recovery. One of my users had a disk yesterday that wouldn’t read. Scandisk wouldn’t fix it. Norton Utilities 2000 wouldn’t fix it. I called in Norton Utilities 8. Its disktool.exe includes an option to revive a disk, essentially by doing a low-level format in place (presumably it reads the data, formats the cylinder, then writes the data back). That did the trick wonderfully. Run Disktool, then run NDD, then copy the contents to a fresh disk immediately.

So, if you ever run across an old DOS version of the Norton Utilities (version 7 or 8 certainly; earlier versions may be useful too), keep them! It’s something you’ll maybe need once a year. But when you need them, you need them badly. (Or someone you support does, since those in the know never rely on floppies for long-term data storage.) Recent versions of Norton Utilities for Win32 don’t include all of the old command-line utilities.

Hey, who was the genius who decided it was a good idea to cut, copy and paste files from the desktop? One of the nicest people in the world slipped up today copying a file. She hit cut instead of copy, then when she went to paste the file to the destination, she got an error message. Bye-bye file. Cut/copy-paste works fine for small files, but this was a 30-meg PowerPoint presentation. My colleague who supports her department couldn’t get the file back. I ride in on my white horse, Norton Utilities 4.0 for Windows in hand, and run Unerase off the CD. I get the file back, or so it appears. The undeleted copy won’t open. On a hunch, I hit paste. Another copy comes up. PowerPoint chokes on it too.

I tried everything. I ran PC Magazine’s Unfrag on it, which sometimes fixes problematic Office documents. No dice. I downloaded a PowerPoint recovery program. The document crashed the program. Thanks guys. Robyn never did you any harm. Now she’s out a presentation. Not that Microsoft cares, seeing as they already have the money.

I walked away wondering what would have happened if Amiga had won…

And there’s more to life than computers. There’s songwriting. After services tonight, the music director, John Scheusner, walks up and points at me. “Don’t go anywhere.” His girlfriend, Jennifer, in earshot, asks what we’re plotting. “I’m gonna play Dave the song that he wrote. You’re more than welcome to join us.”

Actually, it’s the song John and I wrote. I wrote some lyrics. John rearranged them a little (the way I wrote it, the song was too fast–imagine that, something too fast from someone used to writing punk rock) and wrote music.

I wrote the song hearing it sung like The Cars, (along the lines of “Magic,” if you’re familiar with their work) but what John wrote and played sounded more like Joe Jackson. Jazzy. I thought it was great. Jennfier thought it was really great.

Then John tells me they’re playing it Sunday. They’re what!? That will be WEIRD. And after the service will be weird too, seeing as everybody knows me and nobody’s ever seen me take a lick of interest in worship music before.

I like it now, but the lyrics are nothing special, so I don’t know if I’ll like it in six months. We’ll see. Some people will think it’s the greatest thing there ever was, just because two people they know wrote it. Others will call it a crappy worship song, but hopefully they’ll give us a little credit: At least we’re producing our own crappy worship songs instead of playing someone else’s.

Then John turns to me on the way out. “Hey, you’re a writer. How do we go about copyrighting this thing?” Besides writing “Copyright 2000 by John Scheusner and Dave Farquhar” on every copy, there’s this.  That’s what the Web is for, friends.

~~~~~~~~~~

Note: I post this letter without comment, since it’s a response to a letter I wrote. My stuff is in italics. I’m not sure I totally agree with all of it, but it certainly made me think a lot and I can’t fault the logic.

From: John Klos
Subject: Re: Your letter on Jerry Pournelle’s site

Hello, Dave,

I found both your writeup and this letter interesting. Especially interesting is both your reaction and Jerry’s reaction to my initial letter, which had little to do with my server.To restate my feelings, I was disturbed about Jerry’s column because it sounded so damned unscientific, and I felt that he had a responsibility to do better.
His conclusion sounded like something a salesperson would say, and in fact did sound like things I have heard from salespeople and self-promoted, wannabe geeks. I’ve heard all sorts of tales from people like this, such as the fact that computers get slower with age because the ram wears out…

Mentioning my Amiga was simply meant to point out that not only was I talking about something that bothered me, but I am running systems that “conventional wisdom” would say are underpowered. However, based upon what both you and Jerry have replied, I suppose I should’ve explained more about my Amiga.

I have about 50 users on erika (named after a dear friend). At any one moment, there are anywhere from half a dozen to a dozen people logged on. Now, I don’t claim to know what a Microsoft Terminal Server is, nor what it does, but it sounds something like an ’80s way of Microsoft subverting telnet.

My users actually telnet (technically, they all use ssh; telnet is off), they actually do tons of work is a shell, actually use pine for email and links (a lynx successor) for browsing. I have a number of developers who do most of their development work in any of a number of languages on erika (Perl, C, C++, PHP, Python, even Fortran!).

Most of my users can be separated into two groups: geeks and novices. Novices usually want simple email or want to host their domain with a minimum of fuss; most of them actually welcome the simplicity, speed, and consistency of pine as compared to slow and buggy webmail. Who has used webmail and never typed a long letter only to have an error destroy the entire thing?

The geeks are why sixgirls.org got started. We all
had a need for a place
to call home, as we all have experienced the nomadic life of being a geek
on the Internet with no server of our own. We drifted from ISP to ISP
looking for a place where our Unix was nice, where our sysadmins listened,
and where corporate interests weren’t going to yank stuff out from underneath us at any moment. Over the years, many ISPs have stopped
offering shell access and generally have gotten too big for the comfort of
geeks.

If Jerry were replying to this now, I could see him saying that shells are
old school and that erika is perhaps not much more than a home for  orphans and die-hard Unix fans. I used to think so, too, but the more novice users I add, the more convinced I am that people who have had no shell experience at all prefer the ease, speed, and consistency of the shell
over a web browser type interface. They’re amazed at the speed. They’re
surprised over the ability to instantly interact with others using talk and ytalk.

The point is that this is neither a stopgap nor a dead end; this IS the
future. I read your message to Jerry and it got me thinking a lot. An awful
lot. First on the wisdom of using something other than what Intel calls a server, then on the wisdom of using something other than a Wintel box as a server. I probably wouldn’t shout it from the mountaintops if I were doing it, but I’ve done it myself. As an Amiga veteran (I once published an article in Amazing Computing), I smiled when I saw what you were doing with your A4000. And some people no doubt are very interested in that. I wrote some about that on my Weblogs site (address below if you’re interested).

I am a Unix Systems Administrator, and I’ve set up lots of servers. I made
my decision to run everything on my Amiga based upon several
criteria:
One, x86 hardware is low quality. I stress test all of the servers I
build, and most x86 hardware is flawed in one way or another. Even if
those flaws are so insignificant that they never affect the running of a
server, I cannot help but wonder why my stress testing code will run just
fine on one computer for months and will run fine on another computer for
a week, but then dump a core or stop with an error. But this is quite
commonplace with x86 hardware.

For example, my girlfriend’s IBM brand FreeBSD computer can run the stress testing software indefinitely while she is running the GIMP, Netscape, and all sorts of other things. This is one of the few PCs that never has any problems with this stress testing software. But most of the other servers I set up, from PIIIs, dual processor PIIIs and dual Celerons, to Cyrix 6×86 and MII, end up having a problem with my software after anywhere from a few days to a few weeks. But they all have remarkable uptimes, and none crash for any reason other than human error (like kicking the cord).

However, my Amigas and my PowerMacs can run this software indefinitely.

So although I work with x86 extensively, it’s not my ideal choice. So what
else is there? There’s SPARC, MIPS, m68k, PowerPC, Alpha, StrongARM… pleanty of choices.

I have a few PowerMacs and a dual processor Amiga (68060 and 200 mhz PPC 604e); however, NetBSD for PowerMacs is not yet as mature as I need it to be. For one, there is no port of MIT pthreads, which is required for MySQL. Several of my users depend on MySQL, so until that is fixed, I can’t consider using my PowerMac. Also, because of the need to boot using Open Firmware, I cannot set up my PowerMac to boot unattended. Since my machine is colocated, I would have to be able to run down to the colocation facility if anything ever happened to it. That’s
fine if I’m in the city, but what happens when I’m travelling in Europe?

SPARC is nice, but expensive. If I could afford a nice UltraSPARC, I
would. However, this porject started as a way to have a home for
geeks; coming up with a minimum of $3000 for something I didn’t even plan to charge for wasn’t an option.

Alpha seems too much like PC hardware, but I’d certainly be willing to
give it a try should send me an old Alpha box.

With MIPS, again, the issue is price. I’ve always respected the quality of
SGI hardware, so I’d definitely set one up if one were donated.

StrongARM is decent. I even researched this a bit; I can get an ATX
motherboard from the UK with a 233 mhz StrongARM for about 310 quid. Not too bad.

But short of all of that, I had a nice Amiga 4000 with a 66 mhz 68060, 64
bit ram, and wide ultra SCSI on board. Now what impresses me about this
hardware is that I’ve run it constantly. When I went to New Orleans last
year during the summer, I left it in the apartment, running, while the
temperatures were up around 100 degrees. When I came back, it was
fine. Not a complaint.

That’s the way it’s always been with all of my Amigas. I plug them in,
they run; when I’m done, I turn off the monitor. So when I was considering
what computer to use as a server when I’d be paying for a burstable 10
Mbps colocation, I wanted something that would be stable and consistent.

 Hence Amiga.

One of my users, after reading your letter (and, I guess, Jerry’s),
thought that I should mention the load average of the server; I assume
this is because of the indirectly stated assumption that a 66 mhz 68060 is
just squeaking by. To clarify that, a 66 mhz 68060 is faster per mhz than
any Pentium by a measurable margin when using either optimised code (such as a distributed.net client) or straight compiled code (such as LAME). We get about 25,000 hits a day, for a total of about 200 megs a day, which accounts for one e

ighth of one percent of the CPU time. We run as a Stratum 2 time server for several hundred computers, we run POP and IMAP services, sendmail, and we’re the primary nameserver for perhaps a hundred machines. With a distributed.net client running, our load average hovers arount 1.18, which means that without the dnet client, we’d be idle most of the time.

If that weren’t good enough, NetBSD 1.5 (we’re running 1.4.2) has a much
improved virtual memory system (UVM), improvements and speedups in the TCP stack (and complete IPv6 support), scheduler enhancements, good softdep support in the filesystem (as if two 10k rpm 18 gig IBM wide ultra drives aren’t fast enough), and more.

In other words, things are only going to get better.

The other question you raise (sort of) is why Linux gets so much more
attention than the BSD flavors. I’m still trying to figure that one
out. Part of it is probably due to the existance of Red Hat and
Caldera and others. FreeBSD gets some promotion from Walnut
Creek/BSDi, but one only has to look at the success of Slackware to
see how that compares.

It’s all hype; people love buzz words, and so a cycle begins: people talk
about Linux, companies spring up to provide Linux stuff, and people hear
more and talk more about Linux.

It’s not a bad thing; anything that moves the mainstream away from
Microsoft is good. However, the current trend in Linux is not good. Red
Hat (the company), arguably the biggest force in popularising Linux in the
US, is becoming less and less like Linux and more and more like a software company. They’re releasing unstable release after unstable release with no apologies. Something I said a little while ago, and someone has been using as his quote in his email:
In the Linux world, all of the major distributions have become
companies. How much revenue would Red Hat generate if their product was flawless? How much support would they sell?

I summarise this by saying that it is no longer in their best interest to
have the best product. It appears to be sufficient to have a working
product they can use to “ride the wave” of popularity of Linux.

I used Linux for a long time, but ultimately I was always frustrated with
the (sometimes significant) differences between the distributions, and
sometimes the differences between versions of the same distribution. Why
was it that an Amiga running AmigaDOS was more consistent with Apache and Samba docs than any particular Linux? Where was Linux sticking all of
these config files, and why wasn’t there documentation saying where the
stuff was and why?

When I first started using BSD, I fell in love with its consistency, its
no bull attitude towards ports and packa
ges, and its professional and
clean feel. Needless to say, I don’t do much linux anymore.

It may well be due to the people involved. Linus Torvalds is a
likeable guy, a smart guy, easily identifiable by a largely computer
illiterate press as an anti-Gates. And he looks the part. Bob Young is
loud and flambouyant. Caldera’s the company that sued Microsoft and probably would have won if it hadn’t settled out of court. Richard
Stallman torques a lot of people off, but he’s very good at getting
himself heard, and the GPL seems designed at least in part to attract
attention. The BSD license is more free than the GPL, but while
freedom is one of Stallman’s goals, clearly getting attention for his
movement is another, and in that regard Stallman succeeds much more than the BSD camp. The BSD license may be too free for its own good.

Yes, there aren’t many “figureheads” for BSD; most of the ones I know of
don’t complain about Linux, whereas Linux people often do complain about the BSD folks (the major complaint being the license).

I know Jerry pays more attention to Linux than the BSDs partly because Linux has a bigger audience, but he certainly knows more about Linux than about any other Unix. Very soon after he launched his website, a couple of Linux gurus (most notably Moshe Bar, himself now a Byte columnist) started corresponding with him regularly, and they’ve made Linux a reasonably comfortable place for him, answering his questions and getting him up and going.

So then it should be their responsibility, as Linux advocates, to give
Jerry a slightly more complete story, in my opinion.

As for the rest of the press, most of them pay attention to Linux only because of the aforementioned talking heads. I have a degree in journalism from supposedly the best journalism school in the free world, which gives me some insight into how the press works (or doesn’t, as is usually the case). There are computer journalists who get it, but a g

ood deal of them are writing about computers for no reason in particular, and their previous job and their next job are likely to be writing about something else. In journalism, if three sources corroborate something, you can treat it as fact. Microsoft-sympathetic sources are rampant, wherever you are. The journalist probably has a Mac sympathy since there’s a decent chance that’s what he uses. If he uses a Windows PC, he may or may not realize it. He’s probably heard of Unix, but his chances of having three local Unix-sympathetic sources to use consistently are fairly slim. His chances of having three Unix-sympathetic sources who agree enough for him to treat what they say as fact (especially if one of his Microsofties contradicts it) are probably even more slim.

Which furthers my previous point: Jerry’s Linux friends should be more
complete in their advocacy.

Media often seems to desire to cater to the lowest common denominator, but it is refreshing to see what happens when it doesn’t; I can’t stand US
news on TV, but I’ll willingly watch BBC news, and will often learn more
about US news than if I had watched a US news program.

But I think that part of the problem, which is compounded by the above, is
that there are too many journaists that are writing about computers,
rather than computer people writing about computers.

After all, which is more presumptuous: a journaist who thinks that he/she
can enter the technical world of computing and write authoritatively about
it, or a computer person who attempts to be a part time journalist? I’d
prefer the latter, even if it doesn’t include all of the accoutrements
that come from the writings of a real journalist.

And looking at the movement as a whole, keep in mind that journalists look for stories. Let’s face it: A college student from Finland writing an operating system and giving it away and millions of people thinking it’s better than Windows is a big story. And let’s face it, RMS running
around looking like John the Baptist extolling the virtues of something called Free Software is another really good story, though he’d get a lot more press if he’d talk more candidly about the rest of his life, since that might be the hook that gets the story. Can’t you see this one now?

Yes. Both of those stories would seem much more interesting than, “It’s
been over three years and counting since a remote hole was found in
OpenBSD”, because it’s not sensationalistic, nor is it interesting, nor
can someone explain how you might end up running OpenBSD on your
appliances (well, you might, but the fact that it’s secure means that it’d
be as boring as telling you why your bathtub hasn’t collapsed yet).

Richard Stallman used to keep a bed in his office at the MIT Artificial Intelligence Lab.

He slept there. He used the shower down the hall. He didn’t have a home outside the office. It would have distracted him from his cause: Giving away software.

Stallman founded the Free Software movement in 1983. Regarded by many as the prophet of his movement (and looking the part, thanks to his long, unkempt hair and beard), Stallman is both one of its most highly regarded programmers and perhaps its most outspoken activist, speaking at various functions around the world.

Linux was newsworthy, thanks to the people behind it, way back in 1993 when hardly anyone was using it. Back then, they were the story. Now, they can still be the story, depending on the writer’s approach.

If there are similar stories in the BSD camp, I’m not aware of them. (I can tell you the philosophical differences between OpenBSD,  NetBSD and FreeBSD and I know a little about the BSD directory structure, but that’s where my knowledge runs up against its limits. I’d say I’m more familiar with BSD than the average computer user but that’s not saying much.) But I can tell you my editor would have absolutely eaten this up. After he or she confirmed it wasn’t fiction.

The history is a little dry; the only “juicy” part is where Berkeley had
to deal with a lawsuit from AT&T (or Bell Labs; I’m not doing my research
here) before they could make their source free.

Nowadays, people are interested because a major layer of Mac OS X is BSD, and is taken from the FreeBSD and NetBSD source trees. Therefore, millions of people who otherwise know nothing about BSD or its history will end up running it when Mac OS X Final comes out in January; lots of people already are running Mac OS X Beta, but chances are good that the people who bought the Beta know about the fact that it’s running on BSD.

And it’s certainly arguable that BSD is much more powerful and robust than Windows 2000. So there’s a story for you. Does that answer any of your question?

Yes; I hope I’ve clarified my issues, too.

Neat site! I’ll have to keep up on it.

Thanks,
John Klos

Publishing again, and Unix holy wars

Dave Farquhar General , , , , , ,

I sent off an article to the UK Computer Shopper yesterday. I have no idea yet which issue it will be published in. Optimizing Windows seems to have a better following in the UK than here in the States; this series of articles will probably tilt the balance even more in that favor.
It will be interesting to see if they let my U.S. English stand, or if they translate it into British English. I listen to enough British and Irish music that my language is definitely colored by it, but I suspect I still sound pretty American. In college I tried to sound very British in my writing; I’ve since retreated back to Missouri because it feels more honest to write that way.
Dave’s still fighting his war. I talked with our Unix guru at work yesterday. He runs Linux and NetBSD at home almost exclusively, so he definitely has his finger on the pulse of the movement. I told him the story, then I quoted another friend, who’s fond of saying that Linux zealots are like Amiga zealots without the class, then exclaimed, “This software isn’t free! They may not charge any money for it, but they demand your soul!” And I’m not about to let software become my god. Charlie laughed, then he got real serious.
Those aren’t the old-timers in the movement, he pointed out. I’m pretty sure he’s right about that–Linus Torvalds talks candidly about how his family all runs Windows. Then he said Amiga was a much greater commitment than Linux is. Back in the Amiga’s glory day, it was an expensive computer. The easy decision was to go to Best Bait-n-Switch and buy a Packard Bell 386sx like everyone else did and pay $900 less for it. There wasn’t as much software available, and generally you paid full retail for it at out-of-the-way shops. The Amiga was expensive and not ubiquitous. You had to make a commitment to it, and you had to think long and hard about it before you did it.
Linux hardware, however, is dirt cheap. Sometimes it’s free. Businesses are glad to give their low-end Pentiums away, and Linux runs great on them. Linux is free. You download it off the ‘Net and burn your own CD. And much of the intellectual commitment that used to be there isn’t either, now that Mandrake and other distros install more easily than Windows does. And there’s more than enough useful software out there that installs easily, so you don’t even have to break out the C compiler anymore. On my first date with Linux back in 1996, there wasn’t any software in Slackware 3.0 that was useful to me except the C compiler. In those days, if you used Linux, chances are you wrote at least some of your own software. Two years later, when Charlie gave me a Red Hat 5.2 CD, there was more useful software on it than I knew what to do with. Today, most of the major distributions now have to come on multiple CDs because of the amounts of software they come with. It doesn’t matter anymore what you want to do with your computer, in many cases it’s all there for you, with little work on your part.
Charlie didn’t use the phrase “spoiled brat,” but he certainly implied it. When you had to make little or no commitment to your platform of choice, it’s hard to respect anyone else’s commitment to theirs.
Al Hawkins’ responses from yesterday (messages 27 and 29) echo some of that sentiment.
I’m not saying that’s the story behind every Linux activist. That’s certainly not the story with Moshe Bar or Brian Bilbrey. Nor is it the case with Charlie, and Charlie pushes very hard for Linux and the BSDs everywhere he goes. But that explains the tone of some of the zealotry I see online.

ÃŽLost_autobr=1

Killing a process in Unix

Dave Farquhar Linux , ,

My Linux gateway likes to fall off the Internet occasionally. I think it’s Southwestern Bell’s fault, because it always seems to happen right after it tries to renew its DHCP lease. Rebooting fixes the problem, but I wanted a cleaner way.
Here it is. Do a tail /var/log/messages to get the PID for pumpd. [Or, better, use the command pidof [program name] –DF, 5/25/02] Do a kill -9 [PID] to eliminate the problem process. (This process tends to keep the network from restarting.) Then, do a /etc/rc.d/rc3.d/S10network restart to stop and restart the network. [Better: use /etc/init.d/network restart, which is runlevel independent and works on more than just Red Hat-derived distros. –DF, 5/25/02] Try pinging out just to make sure the Internet’s working again, and bingo. Back in business.

I don’t know that this is the best or most elegant way of doing it, but it works and it’s much faster than waiting for that old 486 clunker to do a warm boot.