Peter's Blog

I think I have found out what was mysteriously caching pages while I was editing drupal entries which I blamed on site5. It appears that Microsoft ISA firewall is caching pages, even if your proxy settings are not set up to use it. It also appears that it does not cache very well, if you look at a page, go to edit it, then return to the page, ISA serves up the old version from the cache and you have to refresh the page to see any changes. It's cache settings have a crude option marked 'Cache dynamic content (objects with question marks in the URL)' but I have nice url's set up so that doesn't do me any good.

I have set it to 'frequently expire' cache entries.

Moral: use squid which does not appear to have the same problem.

I had Ubuntu Linux running on a server box, an old pentium 333MHz with a couple of hundred megs of memory, reserving my main desktop pc, 1.5G, 512M ram for windows. As the server was on all the time I got in the habit of banging shift and using that rather than booting the windows box.

Today I decided this was a waste of the faster pc so I installed Ubuntu on it, on a second hard disk (the old 40M disk I took out of my Sky Plus box). It goes much faster, Gnome is usable, I'm posting this through it (via Squid). I can reboot into windows whenever I want to fiddle with USB perihperals that don't have linux drivers (scanners etc).

Only problem is that it is quite noisy. Stalling the CPU fan with a finger makes it much quieter so I may spend £7 or so on a CPU fan that generates <20db.

I have been getting regular email to tell me:

 aclParseIpData: WARNING: Netmask masks away part of the specified IP in '192.168.0.200/24'

This seems to have been from the Squid proxy cache installation that I have on my Ubuntu box. I was trying to allow access to the squid proxy for ip addresses in the range 192.168.0.200 to 192.168.0.224 by setting the following in /etc/squid/squid.conf:

acl our_networks src 192.168.0.200/24
http_access allow our_networks

and indeed this was working but I keep getting this warning emailed to me every day.

On closer investigation it seems that the default netmask is 255.255.255.255 which masks out everything. Very safe but not much use. I have changed the entry in squid.conf to:

client_netmask 255.255.255.0

which should shut it up.

This is the ssh command line to connect to a squid proxy server via ssh:

ssh -L 3128:127.0.0.1:3128 user@remoteaddress

using cygwin open-ssh.

What is this doing? Well ssh starts running on the local pc and creates a socket on port 3128 (this is given by the first 3128 on the command line). Firefox is then configured to use localhost:3128 as the http proxy. ssh then takes connections to that port and forwards them to the ssh server running remotely. It will go through any firewalls in between provided that port 22 (the ssh port) is open. It encrypts whatever is going through it. The ssh server connects to port 3128 on the remote pc which is the squid server port. The squid server acts as a nice caching proxy server and fetches whatever web pages you are looking for.

This works with Ubuntu after installing the standard open-ssh package and the squid proxy.

It must work or you wouldn't be reading this.

Even more cool: using VNC over SSH. This allows gives you a remote desk top

• install tightvnc package on remote server
• on local pc run the command:

  ssh -L 5900:127.0.0.1:5901 user@remoteaddress
  

• on server, run the command

  vncserver :1
  

  The first time you do this you will be asked for the login password.
• On local pc, run a vnc viewer such as ultravnc. Connect to 127.0.0.1:0 and enter the password

This gives you remote access to the server desktop. Easy really and better, in my humble opinion, that using remote X, especially with a local PC running cygwin as X on that is a bit buggy.

Note: for me, vncserver :1 worked as X was already running on the box. The 5901 in the ssh command caters for display 1 being on a port number 1 higher than the default of 5900.

I feel the need for a status report on various stuff I've mentioned in this blog.

Palm Tungsten T2

I haven't used this so much recently, I only use it as a diary. This is partly because it is summer and I don't wear a coat with pockets to carry it around. It's too big for trouser pockets. I do my blogging with Python Desktop Server, I don't use DayNotez any more.

Dell Inspiron 500m

I love my notebook, I'm using it now, I'd say it was my primary PC. I sit on the sofa in front of the TV and go through RSS feeds. My main gripe with it is that sometimes when it comes out of hibernate it does not see the wireless network and I have to hibernate it and unhibernate it again to kick it into life. Oh, also the SVideo output is only black and white. The laptop is just nice, no noisy fans and it doesn't make my lap overheat. About 2 hours of battery life.

Desktop PC

Hasn't crashed recently but that may be because I don't use it very often. The only time I used it this week was as a print server. The drivers with the PC TV card might have fixed the PCI latency issues. There are a number of PCs at work, including the firewall PC, that use VIA chipsets and they randomly hang as well. I have no love for VIA.

Python Desktop Server

Use it most days. I use it at work for my engineering logs which are behind a firewall. I haven't got around to adding tools or anything, I mainly use it for RSS aggregation. Having the aggregation in the web browser makes it so convenient for following links: in firefox I middle-click and read in a new tab. As a blogging tool my main gripe is the lack of a preview facility: checking links and formatting before uploading. I have to set it to offline mode before I start composing.

Debian

My debian server is still whirring away (noisy fans this summer but it's in a room I don't go in much). It handles email and Python Desktop Server and is also useful as a squid proxy that I can access from work through an SSH tunnel. I can use this to check the work firewall, to make sure it is possible to get in through the firewall. I might change server to a desktop pc as the laptop is a bit slow (166MHz pentium). That would allow me to make it a headless X server.

Object Desktop

I got fed up with animated fish using my CPU time in DesktopX. I use windowsblinds on the laptop to make it a bit more interesting but I don't think it was worth buying.

Intellimail

Still using it at home but I am tempted to move to IMAP + thunderbird like I use at work. Awaiting a home server decision.

Thunderbird

It's ok if a bit utilitarian when compared to Intellimail. However it handles IMAP, if a little flakily (it sometimes displays Inbox(3) but doesn't show the new messages).

Firefox

Love it. I only use IE for broken websites.

ITunes

May register for it today. If I can buy just the tracks I want and blow them to an audio CD then I see no need to buy CD's that are 75% filler material.

Furl

I'm beginning to see Furl as a place to look for websites that other people find interesting. When I run out of RSS articles I now try, e.g. this.

Motorbike

Sold for the asking price to a dealer who was advertising for CBR600's.

Been looking at the ISA firewall/proxy thing at work and studying the logs. It's amazing what people get up to when they are supposed to be working. This has filled me with paranoia (not that I look at naked ladies while I am supposed to be working).

I installed squid on my server at home. I can connect to that through ssh. I don't know how fast it will be because of the uplink speed but it does means I can do banking and stuff from work.