Because OpenVZ based VPS’ share a common kernel, some of the more advanced features of iptables such as connection state tracking etc aren’t available. This breaks many of the common firewall packages/scripts included in most distros such as shorewall and ufw that rely on such stuff to work.

The following is a basic init script to set up a simple iptables firewall, originally from here, with some modifications. By default all outgoing traffic is permitted, incoming responses are permitted on ports >1024 and connection requests are permitted for SSH, POP3(s), IMAP(s), SMTP(s) and HTTP(s). It’s a basic Red Hat style init script so you can sling it in /etc/init.d on Debian/Ubuntu.

Download: fw.txt

I use Vim on a daily basis but there are still occasions when I can’t quite remember the command I need. Laurent Grégoire has produced an excellent Vim Quick reference card available in a variety of languages and formats including PDF and HTML. It is released under the GNU GPL.

Recently I’ve been having a few problems with the web hosting provider I use used to use for this site and others. After a couple of years of solid service the last couple of months have proved to be anything but reliable. Performance was never anything to write home about but lately has become unacceptably poor. Couple that with intermittent down time over the last few weeks and the fact they managed to lose the contents of my home directory at the back end of last week and it was time to find a better solution!

After an unhelpful exchange with their support team it became apparent they couldn’t restore any of the lost content and had no backup procedure in place, luckily I have copies of anything that’s important. They seemed to have little interest in helping me and continued to reply with a generic message blaming a hardware fault, requesting that I re upload my files and offering a month’s free hosting for the inconvenience. Instead I chose to look elsewhere.

I’ve been toying with the idea of using a VPS for some time now and this offered the perfect excuse to move. After a little searching I settled on a solution with 256MB ram and the possibility of an easy upgrade in the future. A couple of days of setting-up/tweaking to get everything running nicely and here we are, andatche.com is back up at a new home! I’ve still got a few things to fine tune before I’ll be completely happy with everything but so far all is well.

I have to spend a fair bit of time at work hacking away on Solaris boxes and have really started to miss some of the extra features of many GNU tools I really took for granted. One that really bugs me is the lack of in-place editing in Solaris sed (-i using GNU sed). Perl to the rescuse!
perl -pi -e 's/foo/bar/g' /path/to/file
The above is pretty functionally equivalent to sed -i. A quick alias in .bashrc:
alias sed-i='perl -pi -e'
and everything in life is well again.

The nw8xx webcam driver I mentioned here that had not been developed since 2004 has had new files comitted to CVS. The updates include a new Makefile & patches to allow the module to be built against newer 2.6 kernels. For instructions on how to get the driver please see the original post.

I’ve recently discovered an excellent text-mode media player for Linux and other UNIX like OSes. The C* Music Player (cmus) uses curses for it’s user interface and is operated in a similar way to the Vi text editor using commands.

It is light on recourses and intuitive to use. It can play FLAC, Ogg/Vorbis, MP3, WAV and many others. I’d recommend checking it out.

Using MidpSSH I have managed to get SSH access to my boxen from my phone (a Samsung D600) with publickey authentication. MidpSSH will run on tons of mobile devices that support Java with MIDP version 1.0 and 2.0. If you need SSH access while out and about, I’d recommend giving it a go.

I’ve been learning Python recently, an open source dynamic object-orientated programming language, and stumbled upon Dive Into Python, a great book that is published freely under the GNU Free Documentation License. The book is available in a number of formats including pdf. If you already have some object-orientated programming experience and want to learn Python I’d recommend giving it a read.

My PGP public key is available here. It is also listed on subkeys.pgp.net. Please use it to verify PGP signed messages from me, and to encrypt messages you wish to send to me. I welcome encrypted email.

The Divio nw8xx series chips are used in a number of old Logitec webcams, among others. I was given an old Logitec and got it working using this driver. This driver provides video4linux (v4l) support for nw8xx based webcams. Although it isn’t currently frequently maintained, it works quite well. Image quality is not excellent but is adequate. The webcam displayed on this site is currently using these drivers.

You will need a copy of the kernel source for your current kernel to build the driver. To use the driver, get a copy of the latest version from anonymous CVS:
# cvs -d:pserver:anonymous@nw802.cvs.sourceforge.net:/cvsroot/nw802 login
# cvs -z3 -d:pserver:anonymous@nw802.cvs.sourceforge.net:/cvsroot/nw802 co -P nw802-2.4
When prompted for a password, just press enter. Next compile the driver:
# cd nw802-2.4
The following two commands are only needed if using a 2.6 kernel
# cp Makefile.26 Makefile
# patch -p0 < patch-2.6
# make clean
# make
Load the kernel modules:
# insmod usbvideo.ko
# insmod nw8xx.ko
Plug in the camera and check dmesg output to make sure it registers the device properly and you’re good to go!