Boston Linux Meeting Reminder Tomorrow, May 19, 2010 Open Source and Astaro's business
When: May 19, 2010 7PM (6:30PM for QA) Topic: Open Source and Astaro's business Moderator: Jack Daniel Location: MIT Building E51, Room 335 Jack discusses the blending of Open Source, commercial, and custom software. Astaro has been successful in building Linux-based platforms along with custom commercial software to produce effective network security devices. http://www.astaro.com/ For further information and directions please consult the BLU Web site http://www.blu.org Please note that there is usually plenty of free parking in the E-51 parking lot at 2 Amherst St, or on Amherst St. After the meeting we will adjourn to the official after meeting meeting location at The Cambridge Brewery. Please note that the next BLU installfest is on Saturday, May 22. I'll send that notice out separately. http://www.blu.org/cgi-bin/calendar/2010-ifest37 -- Jerry Feldman g...@blu.org Boston Linux and Unix PGP key id: 537C5846 PGP Key fingerprint: 3D1B 8377 A3C0 A5F2 ECBB CA3B 4607 4319 537C 5846 signature.asc Description: OpenPGP digital signature ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: FLOSS-/hacker-friendly music-players?
Reviving undead threads of weeks and months past This is a response to a message that Jim accidentically sent privately to me--posted with his permission: Jim Sheldon jim.shel...@gmail.com writes: On Mar 16, 2010 8:45 PM, Joshua Judson Rosen roz...@geekspace.com wrote: Joshua Judson Rosen roz...@geekspace.com writes: I'm looking for a new music-player to replace... Oh--of course I forgot to include in the `candidates' list, below: * NanoNote http://sharism.cc/products/ben-nanonote/: Cheap, expressly hacker-friendly; microphone, but no other undesirables. The reason I bought that iPod was that, at the time, iPods were not yet particularly hostile to... Have you considered the Archos 5 series that runs android? http://www.archos.com/products/imt/archos_5it I think I actually saw one of those at Radio Shack but dismissed it-- perhaps prematurely. I had assumed that it was as locked-up as the other Android devices that I'd seen so far (so, it's been looking `open-source, just not for the consumer'). However...: Archos also provides a developer image based on OpenEmbedded/angstrom to play around with. *That* makes me perk up about it. Presumably there's a way to actually boot a third-party image on it, then. Do you know what the situation is with regard to, e.g.: drivers? I've just seen way too many `open', `Linux' devices that lock-up all sorts of functionality in obfuscated/binary-only kernel-modules, userspace apps, and/or interfaces..., so I'm wary. I see their page about it: http://www.archos.com/products/imt/archos_5it/dualoslinux.html Oh, here we go: http://www.openaos.org/ http://www.openaos.org/~kevin/archos_angstrom_docs/ It looks like they've at least got the wifi working. I wonder about the GPS and power-management, which have been a couple of the numerous sore points in Nokia's N-series devices. I also came across this promising-looking post on the openembedded-devel list, in my searches: http://www.mail-archive.com/openembedded-de...@lists.openembedded.org/msg03498.html Highlights: This is one of the few examples where a company is a better opensource citizen than the open source commuity around their devices. If only those openoas dudes weren't so hellbent on keeping their fixes to themselves and pushed them back to angstrom and OE :( Interesting. I also wonder what the deal is with the `watermarking' that's supposed to happen when the dev-image is loaded--is that something that precludes replacing the hard disk with another one, or with a solid-state drive? Thanks for letting me know about this--I'll have to look into it further. I don't suppose anyone here already *has* one of these things and could talk about their experiences with it...? :) Like, how does its GPS compare to the N810's? ;) -- Don't be afraid to ask (λf.((λx.xx) (λr.f(rr. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Firewall (iptables) rule to limit Apache connections
I'm running Apache on a RedHat ES 4 with a 2.6.9 kernel. Occasionally we'll get a bunch of web requests from a single source (example user agent of HTTrack or Opera or IE5 will all give a user the ability to make a huge number of web requests). This ties up our Apache server as all available workers are sending responses (and might be waiting on the client-side connection speed as well). Ties up as in DoS -- nobody else can get to the website. I'm wondering what iptables rule might be able to throttle / limit the number of connections to a particular IP based on the connection state. The Linux Home Networking website has a great article on IPTables http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch14_:_Linux_Firewalls_Using_iptables and points to using the syn flag and limit combo, but I don't think that is actually an answer to my problem e.g. iptables -A INPUT -p tcp --syn -m limit --limit 5/s -i eth0 -j ACCEPT I say I don't think that's an answer because I'm not trying to prevent syn floods, I'm just trying to limit resource utilization by a particularly hungry customer by serving the food at a measured (slow) pace if they eat too fast. There are some (bandwidth-related) Apache modules that seem to touch on this problem domain. For example mod_cband, mod_bw, mod_qos or limitipconn but only mod_cband appears to be applicable to my environment and reasonably maintained. I was more interested in an iptables rule that I could dynamically create (perhaps tying into portsentry) or else a squid solution because it would be more future proof as we plan to update the hosting environment shortly. What solution have you used? Thanks, Greg Rundlett ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: network monitoring of firewalled/NAT'd systems
Intellipool can run in distributed mode, where you have one monitoring server inside each firewall that reports back home to the mothership. http://www.intellipool.se/ Not *quite* what you asked for, but may serve. --DTVZ On Tue, May 18, 2010 at 5:48 PM, Michael ODonnell michael.odonn...@comcast.net wrote: I wrote: We want to monitor (from a central server at HQ) the health and performance status of multiple machines [mostly Windows -( ] at each of multiple customer sites despite them being NAT'd/firewalled. ...and then mentioned a bunch of features we're dreaming about. A more specific question: does anybody even know of a package that can do passive monitoring? IOW, in our scenario some sort of agent on each workstation would be responsible for initiating a connection to HQ and pushing its own monitoring data back to our central server since we'd not be able to initiate connections in the other direction as they'd be blocked at the customer's firewall. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: network monitoring of firewalled/NAT'd systems
On Tue, May 18, 2010 at 05:48:15PM -0400, Michael ODonnell wrote: I wrote: We want to monitor (from a central server at HQ) the health and performance status of multiple machines [mostly Windows -( ] at each of multiple customer sites despite them being NAT'd/firewalled. ...and then mentioned a bunch of features we're dreaming about. A more specific question: does anybody even know of a package that can do passive monitoring? Nagios can do this. We monitor a dozen or so remote sites at work where they are small networks NAT'ed behind a single IP. Nagios runs out of cron on the workstations/servers at those locations and reports back to our main Nagios server. -b -- half a man's life is devoted to what he calls improvements, yet the original had some quality which is lost in the process. e.b. white ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Shot in the dark: Anyone ever use CLAPACK routines?
As the subject line indicates - a total shot in the dark... Prototyping Platform: Ubuntu 10.04 x86-64 Libraries: BLAS from ATLAS, CLAPACK I'm trying to use some CLAPACK routines to perform matrix manipulation, in particular, the zgesvd routine to do a singular value decomposition (SVD). My code is working for a 2x2 matrix, but it does not work for a 9x9. I posted the code at the lapack-forum http://icl.cs.utk.edu/lapack-forum/viewtopic.php?f=2t=1839sid=a44c7f5bb3f4836d77568664db0e1c89 which works for a 2x2 and fails for a 9x9, with a Segmentation Fault. I'm suspicious that it is 99% operator (me) error. (Fair guess :-P ) In particular, I'm worried about stuff like declaring: doublecomplex A[m][m]; where doublecomplex is defined in f2c.h as struct{ double r; double i; } Is is better in general (more portable) to use something like doublecomplex A[m*m] instead? For those who may not know, CLAPACK is a C version of LAPACK, which was originally written in FORTRAN (gasp). It is the Linear Algebra library that both OSS and closed source use. I know that Numpy Scipy use LAPACK, as well as MATLAB. I'm using CLAPACK because it can be built entirely in C. (FORTRAN is not available on the 'final' platform) If anyone has a few spare moments, I'd appreciate a quick look and any helpful comments you may have. FWIW, I used valgrind and saw that even when I got the correct answer, there were tons of warnings and errors reported. (These errors were DEEP inside of the CLAPACK library.) Note: if anyone is adventurous enough to try this at home (or anywhere else) you will need to change the libs and includes to point to your blas and lapack libs. I built my BLAS using ATLAS with the nof77 option (C only!), and linked to CLAPACK (which I also built). Most folks would just install the libs from their repositories... -Bruce wikipedia has a nice writeup on the svd ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: network monitoring of firewalled/NAT'd systems
Michael ODonnell michael.odonn...@comcast.net writes: I wrote: We want to monitor (from a central server at HQ) the health and performance status of multiple machines [mostly Windows -( ] at each of multiple customer sites despite them being NAT'd/firewalled. ...and then mentioned a bunch of features we're dreaming about. A more specific question: does anybody even know of a package that can do passive monitoring? IOW, in our scenario some sort of agent on each workstation would be responsible for initiating a connection to HQ and pushing its own monitoring data back to our central server since we'd not be able to initiate connections in the other direction as they'd be blocked at the customer's firewall. Anything that uses SNMP traps? -- Don't be afraid to ask (λf.((λx.xx) (λr.f(rr. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/