squid3 no longer working after upgrade to jessie

on one of the servers i’ve just upgraded to jessie i got my squid3 bricked. i could see the process in ps, yet it did not listen on tcp/3128: restarting it did not give anything interesting in /var/log/squid3/cache.log: after a while of clueless googling i thought – maybe there’s some problem with communication over loopback. ... Read More

audit/access logs in samba

i’ve ‘convinced’ my samba running under debian wheezy/jessie to provide me access audit logs without being too verbose. here’s how.

upgrade from wordpress 4.1.x to 4.2.x broke my menu editor

i’ve done a routine upgrade of wordpress 4.1.x to 4.2 and later 4.2.1. all seemed fine until the day i wanted to manually adjust the menu structure using wp-admin > appearance > menus. each attempt of saving my menu resulted in it being wiped out completely

BLKDE3815TYKH0E headaches

we’re setting up a small computer that will act as vpn end-point. we decided to try something smaller this time – BLKDE3815TYKH0E. as it turned out it’s not as well polished as one would expect from intel. my colleagues had to pull out debian wheezy usb pend-rive with the installer to be able to finish ... Read More

sip-audio-session, new libxml2

i’m using nagios to wake me up. not every day – only when there’s some outage. i have pair of nagios servers – one in Sweden, one in Poland – they cross-check one another and – for the most critical problems – send sms and make a phone call. for sms’es i’m using budgetsms.net, for ... Read More

xwiki, html macro tag and unwanted javascript

xwiki – by default – allows contributors to embed arbitrary html, including javascript. it does not take much effort to include something like: then you just need to lure your victim into visiting given wiki page while being logged – you’ll get a http request containing that person’s cookie that can be re-used to impersonate ... Read More

bridge on vlans on active-backup bonding under debian

the idea: i’d like to run kvm/lxc on debian, have guests bridged to couple of vlans and handle the network failover on the host level. network failure should be detected using arp probes not just the link [ mii ] status. after few attempts i got it working in the test environment.

useful tools for [web] malware removal

http://sitecheck.sucuri.net/ for checking if a live website is referring to some malicious js / having unwanted iframes https://www.rfxn.com/projects/linux-malware-detect/ and http://www.clamav.net/index.html and http://www.eset.com/ for scanning files for unwanted conten from the command line:

debian on dell poweredge 13th gen – r630

i’ve received for testing a new dell r630. before buying few of those i wanted to make sure that debian wheezy has kernel including all the needed drivers. it seems that it has.

UNION instead of OR in MySQL

i have MySQL that is run on arrays of increasing size: i remembered that the query optimizer will not be able to use existing indices for lastModified columns but.. the query execution time was acceptable, so i did not bother. recently much more data was added and query above, repeated quite often, caused a lot ... Read More

fsck on truecrypt

it’s high time to move away from truecrypt [ which i’m doing by moving to luks and btrfs on the top of it for extra thrills ], but i still have bunch of places that were not moved to the alternative full disk encryption. what do do when after unclean shutdown this happens: ?

OVH, failover IPs, IPv6, VMs

at work we rent a dedicated server from OVH; except unexplained openvpn throttling all is working pretty well for the price we pay. besides primary IPv4 address OVH can provide few additional ‘failover’ IPv4 addresses and /64 IPv6 subnet. in our setup some of IPv4s and IPv6s are routed to a KVM VM. below – ... Read More

idrac7 + ipmitool stopped working with firmware 1.56.55

i use ipmitool to check health of the poweredge servers from nagios. in essence i execute: and alert if the exist code is non-zero, then i execute and again – i alert on non-zero exit code, i also grep the file in search of lines not containing ok/ns. this was working fine for DRAC 5 ... Read More

Samsung CLX-4195FW – displaying only samsung logo on the front screen

newly arrived Samsung CLX-4195FW greeted me with just blue samsung’s logo on the white background presented on the front LCD screen; at the same time printer correctly acquired IP via DHCP and i could access the management interface via the network. i’ve called Samsung 3x and luckily enough at the 3rd attempt i spoke with ... Read More

mac changing on DW1501 wifi card

in dell’s e6220 that i use for work travels i have dw1501 wifi card. in theory it’s possible to change card’s MAC address in the control panel > network and sharing center > change adapter settings > wireless network connection > properties configure > advanced > locally administered MAC address. problem is the values i’ve ... Read More