Here’s the sample lines for connection limiting, where br0 is the internal LAN:

# only allow 25 connections per host total, only 5
# of which can be above port 1024

/usr/sbin/iptables -I FORWARD -i br0 -p tcp –syn –dport 1: -m connlimit –connlimit-above 25 -j REJECT
/usr/sbin/iptables -I FORWARD -i br0 -p tcp –syn –dport 1024: -m connlimit –connlimit-above 5 -j REJECT
/usr/sbin/iptables -I FORWARD -i br0 -p udp –dport 1: -m connlimit –connlimit-above 25 -j REJECT
/usr/sbin/iptables -I FORWARD -i br0 -p udp –dport 1024: -m connlimit –connlimit-above 5 -j REJECT

OR

/usr/sbin/iptables -A FORWARD -s 192.168.1.2 -p tcp -m connlimit –connlimit-above 10 -j DROP

Read the rest of this entry »

Listing of Digital Channels in Australia can be found here.

bash-3.1$ tzap -c /etc/channels.conf -r “ABC2″
using ‘/dev/dvb/adapter0/frontend0′ and ‘/dev/dvb/adapter0/demux0′
reading channels from file ‘/etc/channels.conf’
tuning to 226500000 Hz
video pid 0×0905, audio pid 0×0906
status 00 | signal 00ff | snr 8000 | ber 00003fff | unc 00000000 |
status 1f | signal 002c | snr ffff | ber 00000000 | unc 00000000 | FE_HAS_LOCK
status 1f | signal 002c | snr ffff | ber 00000000 | unc 00000000 | FE_HAS_LOCK
status 1f | signal 002c | snr ffff | ber 00000000 | unc 00000000 | FE_HAS_LOCK
status 1f | signal 002c | snr ffff | ber 00000000 | unc 00000000 | FE_HAS_LOCK

bash-3.1$ cat /dev/dvb/adapter0/dvr0 > /videos/sunday-07-04-29.ts

Read the rest of this entry »

Introduction

Installing a TV tuner in Linux is quite simple. All you really need to do is activate the correct kernel parameters and emerge some software and it should “just work”.

Read the rest of this entry »

VMware Server is a free virtualization product for Windows and Linux servers with enterprise-class support and VirtualCenter management. VMware Server is a robust yet easy to use server virtualization product and is based on proven virtualization technology, which has been used by thousands of customers for many years.
First you need to download vmware server 2.0.x from vmware website and get the vmware server installation key.

Read the rest of this entry »

Setting it all up

Assuming that you have your TV card drivers installed, you can start off with:

sudo apt-get install dvb-utils vlc

That installs VLC and the DVB programs needed to scan for your channels.

Now, find the digital transmitter nearest to you by visiting DigitalUK. Enter in your postcode, and the result you get back will tell you which transmitter you’re feeding off of. If you’re not in the UK, I’m not sure how you can find your closest one–Google is your friend.

You can see a list of the UK transmitters by doing:

ls /usr/share/doc/dvb-utils/examples/scan/dvb-t/ | grep uk-

Now find the filename that matches your transmitter, and substitute uk-CrystalPalace for it.

scan /usr/share/doc/dvb-utils/examples/scan/dvb-t/uk-CrystalPalace -o zap | tee ~/channels.conf

The above command will scan for channels that your TV card can pick-up, and store the configuration in a file. This file VLC then uses to tune in.

Now open up VLC. File > Quick Open File. Browse to channels.conf and open. Live TV should now start playing. To see a list of channels to switch between, go to View > Playlist.

VLC Player

To speed things up when wanting to launch the TV each time, you can create a launcher. I’ll create it on the Desktop for examples sake. Right click, and select Create Launcher. Give it a name, like TV, and in the Command text box, enter vlc /path/to/channels.conf. Hit ok, and you’re done. Now double click on the launcher and VLC will launch, and you’ll have the TV back on.

via Watching Freeview (DVB-T) TV with VLC Player on Ubuntu – david winter.

/dev/blog » Using udevadm to gather information about specific device.

Usually, udevadm requires the sysfs device path of the device in question. But you can also ask udevadm which device path belongs to a certain device node. This gets really helpful if you combine these two queries.

Example: You want to get a list of attributes for a specific device. You do not know the complete device path; all you know is the device node /dev/sdb:

A nice document describing how to use this information to write udev rules can be found on http://www.reactivated.net/writing_udev_rules.html.

Upgrading Iptables to 1.4 on Debian Etch

Simon | January 28, 2009

I required the module connlimit to limit the number of connections on one of our Debian firewall boxes. After a while of try and error i found out that the iptables version shipped with debian 1.3.6 doesn’t support the new module format used in 2.6.23+ kernels. So i looked for a backported version of iptables which i did not find So i thought i would try and install iptables from source. First download the latest iptables version from Netfilter.

Unpack the tarball

tar -xjvf iptables-1.4.2.tar.bz2

Change directory

cd iptables-1.4.2

configure iptables

./configure –prefix=/usr libdir=/lib bindir=/sbin mandir=/usr/share/man

if you just use ./configure then everything will be installed to /usr/local

make and install iptables

make prefix=/usr libdir=/lib bindir=/sbin mandir=/usr/share/man install

I don’t know why but a few binaries landed in /usr/sbin instead of /sbin so i copied them to the desired location

After that you can check your new iptables version

iptables -v

The only problem i encountered is apps which need iptables as dependency beacuse aptitude will try and install the old version of iptables again as a dependency. Either you install those apps from source as well. Or you can install two versions of iptables one under /usr/local and one under /sbin which can be confusing.

via Gentoo Blog » iptables.

Seagate FreeAgent drives have an annoying tendency to spin themselves down under linux, causing linux to give up on the drive and disconnect the device. The sdparm utility can resolve this.

Read the rest of this entry »

• ngrep -d any port 25

  Monitor all activity crossing source or destination port 25 (SMTP).

• ngrep -d any 'error' port syslog

  Monitor any network-based syslog traffic for the occurrence of the word “error”. ngrep knows how to convert service port names (on UNIX, located in “/etc/services”) to port numbers.

• ngrep -wi -d any 'user|pass' port 21

  Monitor any traffic crossing source or destination port 21 (FTP), looking case-insensitively for the words “user” or “pass”, matched as word-expressions (the match term(s) must have non-alphanumeric, delimiting characters surrounding them).

via ngrep – network grep.

Some useful settings and tweaks for dnsmasq:
Disable NetBIOS over TCP/IP:
Since DNSMasq acting as a local DNS server suitably takes care of host name resolution, disabling NetBT on appropriately configured Microsoft DHCP clients, such as Windows 2000 and XP, can be accomplished with the following:

dhcp-option=43,01:04:00:00:00:0

Set the domain for dnsmasq. this is optional, but if it is set, it does the following things.
1) Allows DHCP hosts to have fully qualified domain names, as long as the domain part matches this setting. It also means that if a DHCP client already has a specific domain name specified,eg member of AD, they will NOT connect properly to the system. I hash out this option.
2) Sets the “domain” DHCP option thereby potentially setting the domain of all systems configured by DHCP.
3) Provides the domain part for “#expand-hosts”.

# domain=your.domain