Tag Archives: patch

XtreemFS server on MacOSX

Some time ago I tried to get the XtreemFS server to work on MacOSX (Lion).

I had to patch it a bit to make it compile and run. So here's the patch if you want to give it a try:

[download id="33"]

I wanted to use it to have a synchroneous replicated filesystem over a WAN but in the end I gave up this idea and switched to unison.

Btw. I also tried to get gluster fs to work on MacOSX lion and partially succeeded. You can see my changes on github

Better FIX for Inspiron N7110 touchpad

Seth Forshee created a kernel patch and now the ALPS touchapd on this laptop and probably others is recognized as a touchpad instead of falling back to a psmouse.

So now you can use the Touchpad tab in the "Mouse and touchpad settings" (gnome) to control the "click to tap", scrolling and other features and you don't have to use the patched syndaemon from my previous post.

To install this fix on ubuntu just download this deb package, install and reboot. ( tested on Ubuntu 11.10 x86_64 ).

If you want to know all the details go through the comments on this bug report #545307

Google +1 button position

I'm using the Google+1 button plugin for wordpress to add a Google+1 button on my blog.

The plugin is great but it registers a filter to add this button and there are other plugins installed that also register their own filters on the body. What I would like is to have google+1 , facebook like and the official tweet button all on one line.

This would be easy if I would not have the contextual related posts plugin that puts the links to the posts right between the google+1 button and the facebook like botton.

Most plugins that add something to a post or page have a way of adding it manually, through a template keyword but this is not useful as I don't want to remember to add all the buttons at the end of each post.

The next solution would be to use the function that outputs the button code in the template. But this needed a small modification to the google+1 plugin.

Here's the patched version of the google+1 plugin version 1.0.4
[download id="28"]
And here's the unified diff file in case you want to apply it over your plugin and to see what really changed:
[download id="29"]

Now you can just use this code inside the posts loop ( after or before the the_content ):

  1.  

This was a quick change to get this done. A better solution would be to modify the plugin to allow you to set the filter order ( priority ) so you can control the position from wordpress admin like you can do it in the wp facebook like and wp tweet button plugin.

Oh and don't forget to +1 , like and/or tweet this post 🙂

Antinat outgoing ip same as incoming

Problem

The previous post shows you how you can configure the outgoing ip in antinat but if you have multiple ips and you want to use all of them and you want to be able to control which one to be used for certain things that patch doesn't do enough for you.

Solution

Antinat should bind the ougoing connection on the same ip on which it receives the connection from the client.

So if you want to use a different ip just set your configure your socks settings in the browser or proxifier to the ip you want antinat to use.

And here's the patch to let you do that ...

[download id="24"]

This patch is incompatible with the one on the previous post, you can either have that one or  this one so make sure you apply it on the original antinat source.

Questions or suggestions are welcome as always ...

http://www.google.com/url?sa=t&source=web&ct=res&cd=1&ved=0CAgQFjAA&url=http%3A%2F%2Fantinat.sourceforge.net%2F&ei=WoKjS9DcKczFsgaGwJjMCA&usg=AFQjCNEOlqPAc6T7bkDx0VQpJc2kIBBYHA&sig2=Mdve5s6Ylxdz72SqWJdYfA

Antinat outgoing ip

This post is the first in a series of posts about antinat. The posts will provide solutions for some "problems' with antinat. So here goes the first one ....

Problem

Antinat creates outgoing connection from the primary ip defined on the machine where it's running. There's a config option to make antinat listen on a specific ip but no config option to make it use a specific ip for outgoing connections.

Solution

The attached patch will make antinat use the same ip that it's listening on for outgoing connections. You specify the listening ip with the "interface" config option and now that ip will also be used for outgoing connections.

[download id="23"]

I assume you already know how to patch ... if not ... just ask in the comments or hire me to patch it for you 🙂

Qmail per domain concurrency

Problem

In my last post about qmail I said that once you solve the big concurrency problem you'll end up with another problem because your mail server would create too many outgoing connections to some domains and you risk having your ips banned by those servers.

Solution

The solution is to have a way of limiting the maximum concurrency rate by domains. To do that you'll need the   qmail channels patch or write your own patch like I did ( mostly because I was unaware of the existence of the qmail channels patch )

The home page of the qmail channels patch will explain how to setup and configure qmail to limit the concurrency by a domain or group of domains.

What I like about this patch is that it allows you to set a concurrency limit for a group of domains like set 100 for all yahoo.com, yahoo.co.uk, yahoo.ca, etc .

What I don't like is that it doesn't seem to be able to set a default concurrency level for any domain. If I'm wrong please correct me, but if I'm right then this seems like a major problem for an email server that sends to a large number of addresses distributed over a large number of domains because you would have to configure concurrency limits for a lot of domains.

The ideal solution would allow you to specify a default per domain concurrency and this would apply to any domain that doesn't have a specific concurrency. For example most email servers would be ok with 5 concurrency connections from the same ip but no way for AOL (unless you're white listed and maybe not even then ) .

Another feature I would like is to be able to specify concurrency by domain's MX records or ips/group of ips assigned to the MX servers instead of the actual domain. This would ease the configuration for ISPs that host a lot of domains like rr or yahoo.

Virtualmin custom dynip

Virtualmin has this nice feature where you can enable dynamic host and virtualhost updates so when your ip changes virtualmin updates the ips in the virtualhosts definitions. Without this feature your sites would not work anymore if your ip changes and you would have to update the ips manually.

The problem with this feature is that it only supports the DynDNS service and not everyone is using this service to update their host when their ip changes.

I'm using my own dynamic dns service and the good news is that this service is using the same protocol as DynDNS so virtualmin needs little change in order to support it.

All I had to do was add a way of specifying the hostname and port of the dynip update server.

Here's the patch for virtualmin ( tested with 3.75 and 3.76 ) :

[download id="22"]

Faster wordpress page admin

In a recent post about wordpress I explained how you can create a lot of pages really fast.  If that went well and you inserted a few thousand pages in your wordpress blog  the page admin became useless. Displaying the list of pages would take 3 minutes for 7000 pages on my test server.

It seems this is not a new problem and there is a bug created in 2007 about it. Although it seems like there was a patch to fix this, the problem still exists in the 2.8.4 version.

Why is this so slow ?

Short story: because wordpress is trying to display and sort pages hierarchically .

At first I thought the problem was caused by the sql queries that fetched all the pages ( even though it doesn't display all of them on a page ) but that was not the case.

After profiling the code with xdebug and Kcachegrind I found there were a few parts of the code that were taking the longest time to complete.

The main problem is that wordpress is trying to find the children for all the pages in an inefficient way. There is this function get_page_children in wp-includes/post.php  which was taking about 2 thirds of the total time to complete ( ~ 2 minutes on my example  ).

The Solution

I rewrote that function to make it a lot more efficient. In my case it reduced the time from 2 minute to 1-2 seconds but on other page hierarchy it might take more, the worst case being when every page is the parent of another page.  The diff is here : [download id="15"]

The second problem is that wordpress updates the page cache every time you list pages. This was taking almost 1 minute to complete. I'm not sure if it's the right thing to just remove that call to update_page_cache in wp-includes/post.php get_pages , but doing that made the page admin load in about 15 seconds.

Now this might still be annoying but it's way better then 3 minutes. Hopefully at least the new get_page_children function will b included in the next wordpress release... maybe you can help promote this ticket by giving it a positive vote although I'm not sure if those votes actually have any influence.

Qmail Big concurrency

Wanna send messages faster with your qmail server? Everyone will tell you to increase the remote concurrency. Till you find out that it can only go as high as 255. If you want more then that you have to apply the big concurrency patch

The Problem

Applying the patch and setting concurrency ( conf-spawn ) bigger then 509 will break the compilation. I was hoping to get at least 1000 on that new quad core 🙁

Why 509? It seems the number depends on the maximum size of the FD_SET array used for "monitoring" ( using select ) the file descriptors ( connection sockets or opened files ) . This limit is set in FD_SETSIZE constant to 1024. In case you're wondering ... the formula that gets you from 1024 to 509 is (FD_SETSIZE-5)/2 ( from chkspawn.c )

Trying to define FD_SETSIZE to a higher value in conf-cc like this -DFD_SETSIZE=4096 doesn't work because FD_SETSIZE is redefined in sys/select.h like this

  1. #define FD_SETSIZE __FD_SETSIZE

__FD_SETSIZE is defined somewhere in /usr/include/bits/types.h ( actually typesizes.h ) to 1024. Defining -D__FD_SETSIZE doesn't work either...I even tried both and still no luck.

The Solution

After hours of digging through mail archives and sites I found this mailing list post that really helped:
Re: fd_setsize

If you just want to get it working just download my patch [download id="14"] , apply it ( after you apply the big concurrency patch ) , set conf-spawn to something big ( but less then 65000 ) and then you should be able to compile qmail.

If you want to know how it's done, read bellow...

It seems like the solution is to include bits/types.h, undefine __FD_SETSIZE and then define it to a higher value. The author of that post says that this is not a good idea (from the portability point of view, but I don't care about that ) since programs should never directly include bits/types.h ( true ) but the alternative is to modify that system file, again not a good idea since it will be overwritten by a possible update.

My first idea was to just use that code from the mailing list post into the select.h2 , since this is the file used to generate select.h and select.h is included in spawn.c and ckhspawn.c but this didn't work because spawn.c was including "select.h" after "sys/types.h" so even if select.h would define __FD_SETSIZE it would be useless since FD_SETSIZE ( this is the one that really matters ) would have been already defined in sys/types.h .

The solution I found at the time was to just move "select.h" at the top of the file and remove "sys/types.h" since it was already included from select.h but now I realized I could have just as well undefined and defined FD_SETSIZE too inside select.h

And that's the story about how I got to run 1000 concurrent connection in qmail.

The real problem

Now that we can have so much concurrency we hit another wall. Qmail, as most other MTAs, doesn't have any way of controlling the remote concurrency per destination domain.

At 1000 simultaneous connections it's very likely that it would create a few tens or hundreds of connections simultaneously to the same domain.

When this happens that domain will just ban your ip.  So how do we fix this one?

PS: I have an answer but I want to see what you have for a solution 🙂 so hit the comments...

Qmail TLS + SMTP Plugins on FreeBSD

Problem

One of the worst problems in qmail is that it accepts messages for non existent users and then sends back a bounce to the sender. This is the perfect setup to be exploited by a spammer. I'm using the qmail-tls port configured with vpopmail on FreeBSD.

Solution

There might be some patches that make qmail use the vpopmail command line tools directly to check if a user exists before accepting messages but I either didn't find them or thought that using the SMTP Plugins patch is more elegant and gives me more flexibility (It might be slower but this was not a high traffic server so I didn't care).

The SMTP plugins patch adds hooks at all STMP stages and the plugins can use those hooks to accept or reject a message based on the data in the smtp statements sent by the sender.
I used the Qmail-SPP - Vpopmail check user Script written by Werner Maier.

The only problem was that I had to patch the source code for qmail-tls with the qmail-spp patch and there were quite a few rejects because of the other patches applied by freebsd ports system.
I managed to adapt the code to make this patch work and here is how I did it...

First I built the original freebsd port:

  1.  

This will also install the files and then after we apply the spp plugin we just copy the modified file ( qmail-smtpd )
Next step if to download the qmail-spp plugin into /usr/ports/mail/qmail-tls/work and apply it.

  1.  

This will give you some rejects but don't worry because you'll fix them with my next patch : [download id="10"]

  1.  

At this point qmail-smtpd should have smtp plugins working and we can set up the vpopmail user verifier script.

  1.  

Now edit vpopmail_check_recipient.sh and make sure the correct paths to vpopmail directory ( /home/vpopmail on freebsd ) are set in the script.

To test it, connect to smtp and try to send a message to an nonexistent account, you should see a reject message instead of the usual "ok".