Tuesday, June 17, 2014

how to reassemble existing raid array with mdadm

# mdadm --assemble /dev/md5 /dev/sdc1 /dev/sde1

Thursday, June 12, 2014

using memcache for php session

สรุป พอคนเข้าเว็บเยอะ php บน debian หรือ ubuntu ไปเรียกใช้ "fuser" ในการจัดการไฟล์ session ที่หมดอายุ ซึ่งมีประสิทธิภาพต่ำมาก ต้องเปลี่ยนไปใช้ memcache แทน ฉะนั้น ปัญหาจึงหาย และ จำไว้เป็นบทเรียน

Thursday, June 5, 2014

a working iptables firewall rules


# eth0 is connected to the Internet
# eth3 is network B

# flush all chains
iptables -F
# flush all chaines in nat table
iptables --table nat -F

# default policies
iptables -P FORWARD DROP
iptables -P INPUT DROP

# allow unlimited traffic on loopback
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

# {{{ packet forwarding
# allow packet forwarding for the entire LAN
iptables -A FORWARD -i eth3 -o eth3 -j ACCEPT # network B

# masquerade
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE

# allow packet forwarding from internal network to the internet
# and allow packet forwarding from the internet to internal network
# if the packet is established or related from the internal network
iptables -A FORWARD -i eth3 -j ACCEPT # network B
iptables -A FORWARD -i eth0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
# }}} packet forwarding

# ssh
iptables -A INPUT -i eth0 -p tcp -s external_ip_0,external_ip_1 --dport 22 \

# mosh
iptables -A INPUT -i eth0 -p udp -s external_ip_0,external_ip_2 \
  --dport 60000:61000 -j ACCEPT
# }}}

# allow incoming packets from related or established existing trusted
# connections so that we can connect to the Internet from this gateway
iptables -A INPUT -i eth0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT

Wednesday, June 4, 2014

apt-offline how to

update and upgrade

apt-offline set apt-offline.sig
apt-offline get apt-offline.sig -d [directory] --threads 5

apt-offline install [directory]
apt-get upgrade

install package

apt-offline set debian-install.sig --install-packages mc hdparm
apt-offline get debian-install.sig -d [directory] --threads 5

apt-offline install [directory]
apt-get install mc hdparm


apt-key exportall | gpg --no-default-keyring --import --keyring /etc/apt/trusted.gpg



Tuesday, June 3, 2014

What are dvd1, dvd2, ... and update 1, update 2 in debian iso file list?

Sunday, May 25, 2014

how to configure wrt54grl with firmware dd-wrt to release more that 253 client ip addresses

hardware model: wrt54gl
firmware: dd-wrt v24-sp2 (10/10/09) mini

page:setup >
- dhcp server: disable
- Use DNSMasq for DHCP: enable
- Use DNSMasq for DNS: enable

page:services > services >
- DNSMasq: enable
- Local DNS: enable
- additional dnsmasq options, enter

verifification, page:administrations > commands >
- cat /tmp/dnsmasq.conf

should see:


how to recover broken/damaged/bricked wrt54gl router

If you accidentally damage your wrt54gl, for example, by directly upgrading stock router with Standard Generic instead of Mini Generic (and then follow by Standard Generic), you can recover your router as follow.
  1. Download stock firmware from linksys's website.
  2. Using tftp to flash the firmware.  Execute these commands in tftp:
    > binary  > rexmt 1  > timeout 60  > put dd-wrt.vXX_XXX.XXX
  3. Hard reset the router: Power on + push reset button for 30 seconds, Power off + still keep pushing the reset button for 30 seconds and Power on + still keep pushing the reset button for another 30 seconds.


Friday, May 23, 2014

fail to determine the codename of the release

alt + f2
mount /dev/sdc1 /cdrom
alt + f1

This is a bug.  Debian installer expects files under /cdrom/.

Saturday, April 5, 2014

how to convert mp4 into mp3 with ffmpeg

$ ffmpeg -i เพลง\ Cookie\ Run.mp4 -f mp3 -ab 192000 -vn cookierun.mp3