Skip to main content

Posts

Showing posts from April, 2008

TNEF Conversion

Have you ever gotten a winmail.dat file in Entourage or Mail.app or even Thunderbird not to mention any other mail client? So you are wondering how do I open winmail.dat on an Apple OS X machine well here it is. Not that I get them often, but .... On the odd occasion i will get an email that is sent to me that has a winmail.dat attachment. This is a mail from Microsoft Outlook. Although there are ways of disabling the option to send TNEF (Transport Neutral Encapsulation Format) files. its generally easier to just convert the file yourself and leave the sender out of it. There are a few ways of dealing with these pesky files. 1. you can download and use TNEF Enough. 2. you can use my script although there is more work involved its probably a little easier once setup. (OSX Tiger Needed) The Requirements. 1. OSX Tiger or above with Apple Developer Tools Installed. 2. Automator 3. Darwin Ports installed 4. Install TNEF 5. Download my winmail script. The How To: 1. Installing XCode Tools. I

How to enable SSH login access to a Cisco 800 Series

How to enable SSH login access to a Cisco 800 Series So you want to be able to secure your router so that it is necessary to ssh into it rater than just telnet in. If this is being used as an ADSL or DSL router like in the article “ Setting up a Cisco 800 series for ADSL ” NOTE: This should work with any Cisco 800 Series router including the Cisco 801 Cisco 827 Cisco 837 Cisco 877 and Cisco 877W routers provided the Cisco IOS on the router supports ssh Firstly is ssh enabled? router#sh ip ssh SSH Disabled - version 2.0 %Please create RSA keys to enable SSH. Authentication timeout: 60 secs; Authentication retries: 5 In this case its not, if you got a error saying that sh ip ssh is not recognized then you would know that ssh is not supported or possibly that the command is different for your platform. How to enable SSH on a Cisco 800 series router# config term router(config)#crypto key generate rsa usage-keys label router-key The name for the keys will be: router-key Choose the size of

NFS Drive Shares and FreeBSD Ports

One of the things I love about FreeBSD is the ports directory. The ability to install and upgrade any port simply by going to /usr/ports/porttype/portname i.e. /usr/ports/www/apache13 then all you have to do is type in make and make install or in many cases make install clean and you are on your way. The system connects to various mirror sites and downloads the entire source needed to install the port. Of course it can become a little painful if you are trying to install 3 identical ports on 3 different servers or trying to upgrade a port that is on 5 or 6 or more servers. I don’t mind running the portupgrade pkg-name command 5 or 6 times, but the problem is the server downloads the source package 5 or 6 times depending on how many servers that port needs to be installed or upgraded on. So how to save time and bandwidth for port upgrades? Well that’s simple, but as always you have to take in to account some possible security issues. The way we have used here is to use NFS, which by no

Squid Proxy Status Codes

The TCP_code = requests on the proxy HTTP port (3128 by default) The UDP_code = requests on the proxy ICP port (3130 by default) If ICP Logging was disabled in the config file with the the log_icp_quaries directive, then surprise surprise ICP will not be logged. The following result codes are from Squid version 2+ TCP_HIT A valid copy of the requested object was in the cache. TCP_MISS The requested object was not in the cache. TCP_REFRESH_HIT The requested object was cached but STALE. The IMS query for the object resulted in "304 not modified". TCP_REF_FAIL_HIT The requested object was cached but STALE. The IMS query failed and the stale object was delivered. TCP_REFRESH_MISS The requested object was cached but STALE. The IMS query returned the new content. TCP_CLIENT_REFRESH_MISS The client issued a "no-cache" pragma, or some analogous cache control command along with the request. Thus, the cache has to refetch the object. TCP_IMS_HIT The client issued an IMS reque

Apache Status Codes

Often when debugging a problem or looking through your logs you will see the apache status codes For Example xxx.xxx.xxx.xxx - - [28/Jul/2006:13:49:28 +0200] "GET /news.php HTTP/1.1" 200 807 "http://www.joe-ma.co.za/news.php" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a1) Gecko/20060703 FreeBSD/amd64 Minefield/3.0a1" Successful Client Requests 200 OK 201 Created 202 Accepted 203 Non-Authorative Information 204 No Content 205 Reset Content 206 Partial Content Client Request Redirected 300 Multiple Choices 301 Moved Permanently 302 Moved Temporarily 303 See Other 304 Not Modified 305 Use Proxy Client Request Errors 400 Bad Request 401 Authorization Required 402 Payment Required (not used yet) 403 Forbidden 404 Not Found 405 Method Not Allowed 406 Not Acceptable (encoding) 407 Proxy Authentication Required 408 Request Timed Out 409 Conflicting Request 410 Gone 411 Content Length Required 412 Precondition Failed 413 Request Entity Too Long 414 Request URI

How to Jail ftp users via ProFTPd

Installing and configuring ProFTPD Installing and configuring ProFTPD so that a web user can login and be jailed to their home directory is very simple Firstly install proftpd via your FreeBSD Ports Directory Once installed copy the proftpd.conf sample file to proftpd.conf Edit the file and uncomment #DefaultRoot ~ as per below # To cause every FTP user to be "jailed" (chrooted) into their home # directory, uncomment this line. DefaultRoot ~ Then edit the proftpd startup script in /usr/local/etc/rc.d/ And change proftpd_enable=$ to proftpd_enable=$ edit your /etc/rc.conf file and add proftpd_enable="YES" Then start proftpd via the startup script You should now be able to login as a user you created and you should only see your directory you should not be able to go back from /home/myuser to /home for instance This is great for keeping clients in their vhost directory so that the can not traverse other directories.

Setting up Apple OS X 10.4 Server Software Update Service

A suggestions the first time you start it up make sure that the updates are not mirrored or enabled. In the Apple Server Admin tool select Software Update the select Settings you will see a general tab make sure that Automatically mirror updates from Apple and Automatically enable updates are not selected click save and then start the service. Once the service has started and everything seems fine and you have no errors in the software update log file select the updates tab and select the updates that you need or want to enable If you want to enable all of them that’s fin but only do a few at a time like 15 to 20 unless you have ample bandwidth available. As the server will go and download all the updates that are selected at the last glance I had that was about 4 GB Once you have setup and configured your Apple OS X Tiger server for Software Updates you can check out the below information If you have Apple Remote Desktop you can send a Unix command to change the software update URL. S

Apple OS X 10.4 Server Monitor "waiting for response"

So you have reinstalled or installed Apple OS X 10.4 server. And you have noticed that no matter what you do you can’t get the Apple OS X Server to talk to your Server Monitor application all that you see is “Waiting for response” where you should be seeing other info like the Drives Temperatures Fan Speeds etc. I have only noticed this on a 10.4 Server where I installed the Server in Target Disk Mode using Firewire. The Xserve is a G5 dual with no graphics card (also called a headless server) The server was installed via a G4 Powerbook. Anyway When the system installs it seems to check the hardware now because you have mounted the OS X Server Hard drive onto your other Mac (non Xserve) my guess is that it does not / can not probe the correct hardware, and since the Apple Powerbook is not a G5 Xserve it can not configure the hardware monitor properly. Anyway to get around this, first make sure that you are in fact connected to the IP address of the Apple Xserve and you don’t have and u

Active on mouse over Terminal.app Mac OS X

This is something that I find pretty handy: I am often ssh'd inter different servers or connected to routers, I usually have 4 Terminal windows open. One of the big things is that by default they are not active / selected just by having my mouse over a specific window and you have to actually click on the Terminal window that you are actually using at that point in time. So if you are dragging and dropping text between 2 Terminal windows you have to copy from source window then select destination window then paste. Or you can enable the mouse over active stuff. You can do this by opening a terminal window and typing defaults write com.apple.Terminal FocusFollowsMouse -string YES to enable or defaults write com.apple.Terminal FocusFollowsMouse -string NO to disable This Hint could possibly be used for other applications too but I am not 100% sure about that. In theory you could do the same with multiple Safari windows if you don't use tabbed browsing or if you wanted it for so