Voodoo Business

At first, i checked the MD5 of the DVD which was as follows
b894f1e8ebf3065a488b6c01a742cf4e = debian-9.0.0-amd64-DVD-1.iso

The lowdown: Bottom line before you waste your time, the trick is disabling secure boot in the bios, if that does not work, read the article, it is faster if you see my trial and error than doing it yourself.

Following that, i DD the DVD onto a flash stick, Trying to install with network mirror, during the “Select and install software” stage, i get the following error on a beautiful red screen

Installation step failed
An installation step failed. You can try to run the failing item again from the menu, or skip it and choose something else. The failing step is: Select and install software

And a continue button that takes me to the list of steps/stages

In any case, the next time, i tried without a network mirror, and that stage completed successfully, but what do you know, a new error popped up, this time concerning the inability to install grub on the partition.

trying the above with a USB DVD gave the same exact errors, and thinking it might be a USB issue, i installed an internal SATA hard drive, but still same error.

So the only way to continue at this stage (Where both grub and LILO would not install is to continue without installing a boot loader.

So, considering the circumstance, i had 2 options, fix it manually, or try to figure the problem out, figuring out the problem would seem wiser, since We don’t want to have this problem every time we come across an installation scenario

Note: Disabling hardware turned out to be irrelevant, its all about the secure boot.
So i entered into UEFI (Delete at post), and disabled everything that may be causing the problem, for example, i disabled the azilla audio, I disabled the USB 3 Controller (Asmedia), and so forth, then i noticed that there is a secure boot option that had 2 options within, the first would be Windows and the other would be non windows.

So i switched that to non-windows (Even though the windows option worked fine on Jessie, and then went back to the USB flash stick, booted the system.

So this time, the installer is telling me that (SCREENSHOT)

So the answer to whether or not i should force the UEFI installer or not was YES, force it

As for whether or not to use a network mirror, for the sake of this article, i decided to experiment with installing with network mirror yet, then if that does not work, run the installer without a network mirror, the reason is that the secure boot option, if it were to fix anything, is most likely going to fix the failing to write boot manager, so to have this complete, we will need to start with the one more likely to fail

So running the installer with network mirror came back with the same error as anticipated, So i ran the installer again, but with no network mirror, and now the error is “Unable to install GRUB in dummy, executing “grub-install dummy failed”

So, now that all those options have failed, I am up for one last thing to try, I will boot from a linux stick, then issue the following command

wipefs -a /dev/sda

Now let us try again !

Now, a new error, the installer claims that a 40GB SSD is too small to be partitioned (Maybe because 64GB of ram will make a swap file larger than the disk) , so i rebooted again to the debian USB stick, but this time, to delete any existing partitions on the disk (Even though wipefs should have handled that)

So, because parted was not available, i used fdisk, followed by “o” followed by create a new partition on the whole disk

Next step, i took the 40GB SSD, reduced the ram on an HP 8300 USFF PC to 4GB, installed the disk and installed debian stretch (Using network mirror !), all went perfectly, now we would like to examine if it would boot the other computer, it did not,

Solution:
so i installed the OS on a very old core2 duo laptop, then it worked on the asusp9x79 after i enabled legacy mode rather than UEFI in the bios, I also made sure the boot disk was on the first sata port (SDA), and thats that.

I anticipate that this problem will also apply if you try to upgrade Jessie to Stretch, so BEFORE YOU UPGRADE, switch that UEFI secure boot option to non windows (Or disabled) depending on your motherboard.

I upgrading my I7 930 to an I7 980 worth it ?

The answer is YES, the I7 980 at the time of writing cost me $135 used on ebay.

there are 2 extra cores in the CPU, so it is like having an extra dual core computer to share the RAM and any other resources, even without wasting more electrical power.

It is also the newer Gulftown architecture (32nm Lithography), compared to the older Bloomfield (45nm Lithography)

So how much computing power did i gain for this database server

i7 930: 3GHz * 8 = 24 total at turbo speed
i7 980: 3.6GHz * 12 = 43.2 total at turbo speed

That is 180% of the original
almost double the computing power for 100 dollars !

To make this more interesting, many are reporting the with the new bios update, the GA-X58A-UD3R will allow for 48GB of ram, not 24, I will be trying that soon.

Let me start with the warning, DO NOT FLASH THE ORIGINAL TPLINK FIRMWARE BACK BEFORE FINDING OUT IF YOU NEED TO STRIP THE FIRST NUMBER OF BYTES OUT, YOU WILL BRICK YOUR ROUTER, IF YOU SEE

Failed to erase block

IF YOU DO, YOU NEED TO MAKE SURE YOU GET IT right after that, or you will start to get.

segmentation fault

on every and any command you run, at this stage, when you see this error after the failed to erase block error, your router is bricked, reboot it and it will not boot back up. if this happens, you might (depending on the model you have) have to connect your router to a com port and debrick it.

Now that you know, let’s see how to deal with this

If your firmware download file name has the word boot in it’s file name, you will need to strip out the first 0x20200 bytes (131584 bytes), if you fail to do this, meaning you fail to either identify if you need to do this, or fail to trim them, you will brick your router in the next step, to make matters both, TP-LINK is no longer including the word boot in firmwares with boot.

so to trim

dd if=orig.bin of=tplink.bin skip=257 bs=512

this command means read the file into another, skipping the first 257×512 = 131584 bytes (Which is the number you find above)

Now, you can flash it with the following command

mtd -r write /tmp/tplink.bin firmware

And if it says all is ok, you can now reboot your router into the new firmware

 

 

Converting DVD files to MP4

Video files on a DVD are usually in the video_ts directory and have the extension VOB.

On Windows, the easiest way to do this is by copying the files in the video directory on the DVD to a folder in your hard drive, then running the commands below, then deleting the source VOB files,

NOTE to ignore: surely, you can do it by adding absolute paths, but that would force me to explain much more here. with find the directory and copy the path then append it here then copy the names and append them to the path and all that good stuff, so why not just make it simple with copy then delete the source.

Assuming you have ffmpeg installed and in your path, you would execute the command like so, concatenating all the video files in the DVD

cd c:\directory_where_you_put_the_vob_files
ffmpeg -i "concat:VTS_01_1.VOB|VTS_01_2.VOB|VTS_01_3.VOB|VTS_01_4.VOB|VTS_01_5.VOB" outfile.mp4

Another note to ignore, On a linux box (The above works on both linux and windows), you can concatinate the VOB files then pipe them into ffmpeg like so

cat VTS_01_1.VOB VTS_01_2.VOB VTS_01_3.VOB VTS_01_4.VOB VTS_01_5.VOB | ffmpeg -i - outfile.mp4

So, Microsoft decided to change things a bit on how this can be done. To make a long story short, this is no longer inside “Advanced options” But rather in a different link names “Restart Options” on that same page

So open your settings app, then visit Updates and security, then windows update, then restart options (And active hours if needed)

Now, You can move your update hours to your weekend if that need to be the time for restarts

This problem is one i face often, because of how older versions functioned, the answers online no longer apply, online, you will find that

ntfsfix /dev/sdc2

should do the trick, in reality, it will not as you will see the following error

Mounting volume... OK
Processing of $MFT and $MFTMirr completed successfully.
Checking the alternate boot sector... OK
NTFS volume version is 3.1.
NTFS partition /dev/sdc1 was processed successfully.

The solution in reality is asking ntfs-3g’s mount to remove the hiberfile

WHAT YOU NEED – YOU WILL LOSE THE HIBERFILE

mount -t ntfs-3g -o remove_hiberfile /dev/sdc2 /hds/intelssd

Without the remove_hiberfile instruction, you will probably get an error message such as

Windows is hibernated, refused to mount.
Failed to mount '/dev/sdc2': Operation not permitted
The NTFS partition is in an unsafe state. Please resume and shutdown
Windows fully (no hibernation or fast restarting), or mount the volume
read-only with the 'ro' mount option.

Where you can actually mount it as read only if you do not want to write to it with the line

 mount -o ro /dev/sdc1 /hds/intelssd

apt-get install ufw

ufw allow ssh

but what do you know, i got an error

ERROR: initcaps
[Errno 2] modprobe: ERROR: could not insert 'ip6_tables': Unknown symbol in module, or unknown parameter (see dmesg)
ip6tables v1.4.21: can't initialize ip6tables table `filter': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.

Well, that was not so nice, so i went into the file /etc/default/ufw and disabled IPv6, and now it works

So, before we enable it, i enabled SSH access otherwise i will be locked out

ufw allow ssh

now, enable it with

ufw enable

Now, enabled a few more ports for website or SIP for example

I have a website under development, so i will want to open port 80 and 443 for my ip only ! I would like to delete those rules as my IP changes

ufw allow from 213.139.53.70
# and When my ip changes
ufw status numbered
ufw delete 4

Then add the new IP like in the first line

This tutorial is relatively old, it was done for a friend, native SIP support on android phones has been removed by google, SIP VOIP applications such as ZOIPER, GSWave, ACR, groundwire (And it’s cousin “softphone by Acrobits”), A key for battery life with those apps seems to be push notifications support (You need to allow it)

Basically I need to give a friend of mine who is traveling a VOIP account of a special kind, So to make his experience as simple as possible, I took screenshots of the setup process, but generalized them enough for anyone who wants to setup a SIP account on zoiper.

Step1 : Install zoiper from the google play store, here is a link Install Zoiper , any other SIP CLIENT will do, but this one is the one i made the instructions for.

For iPhone, a nice SIP client seems to be SessionTalk which supports (Push notifications), this is important for your phone’s battery, otherwise it will drain in no time flat!

HINT: From here on, Just look at the pictures, no need to read all this text unless you need to know more things

Step 2: Open zoiper, then go to the config panel, then to accounts.

Step 3: Click the “add account” to add an account to zoiper

Step 4: When asked if you already have a VOIP account, Answer with YES

Step 5: When asked if you want to configure manually, or select a provider, You would want to go with the manual configuration.

Step 6: Now you need to set the account type, zoiper supports both SIP (Session Initiation protocol) which is more or less both a good standard and the defector standard in VOIP, this is the one we want, the other is called IAX (Inter Asterisk Exchange) which is specific to Asterisk, an open source VOIP system

Step 7: Now, we need to give zoiper some settings to know where and how to connect, This data was given to you by your provider,

Account name: Any name you want, for example, the name of the provider, or how you use this account, you can call it my NY number, or TheTech, or any other name you want to use to identify this account

Host: The address of the server, this can be something like voip.example.com or example.com, any internet address whether FQDN or IP address should do.

Username: Self explanatory really
Password: Also self explanatory

In a previous post, i posted how you can put varnish on a virtual machine to cache content for your web server, But there was one small thing that we did not deal with, The IP address in the logs and that the website can see is simply that of the varnish server, not the visitor’s IP, and if you write PHP like me, I use the IP in everything, from securing logins to limiting page views to limiting comments. So, here is how we can work around this problem

First, the mission is as follows, Varnish needs to append something in the request header, that apache needs to consider the Visitor’s IP

To make apache do that, there is already a module (mod-remoteip) to do this

1- Tool to check the IP of the visitor

Create a PHP script to find out if what we are doing actually worked.

<?php
print "Your IP is: {$_SERVER['REMOTE_ADDR']} <br />\n\n";
$headers = apache_request_headers();
foreach($headers as $xheader => $xvalue)
{
print "$xheader : $xvalue <br />\n"; }
?>

and upload it to the website, when accessing this from the internet, you should see the IP as the IP of the varnish server, not your IP (Like it should)

1- Playing with cpanel

First, we must download mod_remoteip from the cpanel website (See here)

Once downloaded, we will upload it to the cpanel server at

/var/cpanel/easy/apache/custom_opt_mods/

Once done, we will now extract it as we would extract any tar.gz file

cd /var/cpanel/easy/apache/custom_opt_mods

tar -C /var/cpanel/easy/apache/custom_opt_mods -xvf custom_opt_mod-remoteip.tgz

Now, this mod should appear in easy apache when rebuilding apache, so go ahead, visit

Home »Software »EasyApache 3

and on the Exhaustive Options List you should be able to see mod_remoteip, be sure to check it.

Now, before coming to configure it, We need to inform Varnish to send us those headers. So add this at the very beginning of the Varnish sub vcl_recv section

NOTE: It seems that for the latest varnish (VCL 4), you no longer need this, if you add this, you will get the header as ( X-Forwarded-For : xxx.105.60.194, xxx.105.60.194) meaning the same IP twice

if (req.restarts == 0) {
  if (req.http.X-Forwarded-For) {
    set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip;
  } else {
    set req.http.X-Forwarded-For = client.ip;
  }
}

Now, we need to tell apache, what the extra header’s name is (X-Forwarded-For) and what servers this header should be honored for (the varnish server IPs, currently displaying in the script we wrote right after Your IP is:) So start by editing

/usr/local/apache/conf/includes/pre_virtualhost_global.conf

And add this, the IP here is the varnish server IP

<IfModule mod_remoteip.c>
   RemoteIPHeader X-Forwarded-For
   RemoteIPInternalProxy xxx.172.13.208
</IfModule>

Or, Probably the more suitable

/usr/local/apache/conf/includes/pre_virtualhost_global.conf

And add this, the IP here is the varnish server IP

<IfModule mod_remoteip.c>
   RemoteIPHeader X-Forwarded-For
   RemoteIPTrustedProxy xxx.172.13.0/24
   RemoteIPTrustedProxy xxx.172.14.0/24
   RemoteIPTrustedProxy xxx.172.19.0/24
</IfModule>

Now, visit Home >> Restart Services on your cpanel server, and restart apache

There you have it, refresh that PHP script, and your IP address should appear.

Now, the apache logs will still log the Varnish server IP, to fix that, you need to modify the log section in your apache config, changing %h with %a, like so

#LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%a %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined

Every once in a while (often), something happens and the “Restore session” option in firefox disappears (right now it is june 2016), usually this happens after a crash where i try to re open firefox early or when computer hangs then i do something stupid, if you just opened firefox, keep it open, then go to C:\Users\techg\AppData\Roaming\Mozilla\Firefox\Profiles\8xve5flx.default (Or whatever your profile folder is named), and WITH YOUR FIREFOX STILL OPEN, copy the file sessionstore.js (back it up), Now close firefox, your original might have reset to a small file size as soon as you close firefox, Now, the tabs are all stored in sessionstore.js.bak (or whatever you called the copy), so delete the one you have, and copy this file back in it’s place.

With that done, it is editing time

The bad copy starts like this

{"version":["sessionrestore",1],"windows":[{"tabs":[{"entries":[{"url":"about:home","title":"Mozilla Firefox Start Page","charset":"","ID":716087720,"docshellID":11510,"docIdentifier":13,"persist":true}],"lastAccessed":1465298115431,"hidden":false,"attributes":{},"userContextId":0,"index":1,"image":"chrome://branding/content/icon32.png"}],

delete some text (“version”:[“sessionrestore”,1],) to make it look like this

{"windows":[{"tabs":[{"entries":[{"url":"about:home","title":"Mozilla Firefox Start Page","charset":"","ID":716087720,"docshellID":11510,"docIdentifier":13,"persist":true}],"lastAccessed":1465298115431,"hidden":false,"attributes":{},"userContextId":0,"index":1,"image":"chrome://branding/content/icon32.png"}],

Now, open your firefox browser, and you should see the restore button come back up.