Convert online audio to mp3 and use Windows movie maker to import .mpg movie

1. download home by Kit Chan

• use realplayer to play online audio song home by Kit Chan at with recording function on

http://www.singsingapore.org.sg/songs-lyric.asp?sid=14

• use freeware rm to mp3 converter at http://www.rm-mp3.org/ to convert rm to mp3. (then you can use CDBurnerXP to burn mp3 files as audio CD)

     2. download 建国大业片尾曲 - 红

• http://www.tudou.com/programs/view/zNK2Lns7WhM/ download as flv format (can be played by VLC)
• use itudou to convert to avi format
• use freeware http://www.free-audio-editor.com/otherfreeproducts/free-video-to-audio-converter.htm to convert to mp3

=============
Use Windows movie maker to import .mpg movie (took by Sony digital camera) and .mp3 background music

1. use any video converter (http://www.any-video-converter.com/products/for_video_free/)
to convert .mpg to .wmv  so  that you can import the full length of video into Windows movie maker

================
Burn .wav(generated by Windows movie maker) to standard VCD(mpeg-1 format)
1. use any video converter to convert .wav to .mpg1 format
2. use NTI Media Maker to burn to standard VCD (30 days full functional trial) or Nero burn room (15 days trail, full functional)

Note:

How to setup a tomcat server with JDK and DB2 runtime client

Jephe Wu - http://linuxtechres.blogspot.com


Objective: Preparing a Linux db2 client environment with JDK and Tomcat
Environment: CentOS 5.4, IBM DB2 V8.1 JDK 1.4.2 and Tomcat 4.1


Steps:

1. Preparing JDK environment:
cd /usr/local
./j2sdk-1.4.2xxx.bin
ln -sf j2sdk1.4.2xxx jdk

Put the following to /etc/profile.d/java.sh
export JAVA_HOME=/usr/local/jdk
export PATH=$PATH:$JAVA_HOME/bin
export CLASSPATH=$JAVA_HOME/lib

then run Chmod +x java.sh

2. Preparing Tomcat environment:

# cd /usr/local/
# tar xvpfz /usr/local/src/jakarta-tomcat-4.1.31.tar.gz
# ln –sf  jakarta-tomcat-4.1.31 tomcat

Add tomcat user and group
# groupadd tomcat
# useradd –g tomcat –c “Tomcat User” –d /usr/local/tomcat tomcat
# chown –R tomcat:tomcat Jakarta-tomcat-4.1.31
# chown tomcat:tomcat tomcat


Put the following to /usr/local/tomcat/.bash_profile and give it 755 permission

CATALINA_HOME=/usr/local/tomcat
LD_LIBRARY_PATH=/home/db2inst1/sqllib/lib
LIBPATH=/home/db2inst1/sqlib/lib
DB2INSTANCE=db2inst1
export CATALINA_HOME DB2INSTANCE  LD_LIBRARY_PATH LIBPATH

Modify catalina.sh, to add this:
JAVA_OPTS='-Xmx1024m -XX:+AggressiveHeap' at the top of the file

use cronolog to auto rotate log daily
[jephe@app tomcat]$ grep -A 3 -B 3 cronolog bin/catalina.sh
      -Dcatalina.base="$CATALINA_BASE" \
      -Dcatalina.home="$CATALINA_HOME" \
      -Djava.io.tmpdir="$CATALINA_TMPDIR" \
      org.apache.catalina.startup.Bootstrap "$@" start | /usr/local/sbin/cronolog "$CATALINA_BASE"/logs/%Y-%m-%d.catalina.out \
      >> /dev/null 2>&1 &

      if [ ! -z "$CATALINA_PID" ]; then
          echo $! > $CATALINA_PID
      fi
  fi
note: you  can vi bin/catalina.sh , then search for 'stop' string, before the following line , you can add above cronolog filter
elif [ "$1" = "stop" ] ; then

3. Preparing DB2 Client

download IBM DB2 runtime client from www.ibm.com, login as root to install runtime client software
# cd /root
# tar xvf FP8_M00099.tar
# cd rtcl
#./db2_install (db2setup needs GUI , so use db2_install instead), it will install all  rpms to /opt/IBM/ directory.

create instance (CLI)
# cd /opt/ibm/db2/V8.1/instance
# groupadd  db2grp1
# useradd –c ‘DB2 Instance User’ –g db2grp1 –m db2inst1
# ./db2icrt –s client db2inst1  (important, even installation of rtcl sometimes created /home/db2inst1/sqllibxx for you, rename that, run this command as root)

# su - db2inst1
# db2 catalog tcpip node db1 remote 10.0.3.2 server 50000
note: node name cannot use -, _ is allowed
# db2 catalog database DB1 [ as DB1ALIAS ] at node db1
# db2 list db directory
# db2 list node directory
# db2 connect to DB1ALIAS user jephe using password

# db2 uncatalog node db1
# db2 uncatalog db DB1

 Set environment for db2inst1 user
Append the following into /home/db2inst1/.bash_profile
. /home/db2inst1/sqllib/db2profile

note: testing db2 runtime client first before using tomcat application:

db2 connect to db1 user schemanmame

db2 list tables for all

if you encounter errors like SQL0805N package "NULLID.SQLxxxxxxxxx" was not found. 

try to run 'db2 ? SQL0805N' to follow the suggestion below to bind.

db2 bind @db2ubind.1st blocking all grant public 

4. Setup tomcat again after finishing db2 client setup
Copy connector over
# cd /opt/IBM/db2/V8.1/java
# cp –i  db2java.zip /usr/local/tomcat/common/lib/db2java.jar
note:  you have to copy db2java.zip from db2 runtime client to above tomcat folder which is from tomcat server itself

# chown tomcat:tomcat /usr/local/tomcat/common/lib/db2java.jar


5. Preparing Firewall

Allow port 8080, 8443 and 8009 in /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT –m state –state NEW –m tcp –p tcp –dport 8080 –j ACCEPT
-A RH-Firewall-1-INPUT –m state –state NEW –m tcp –p tcp –dport 8443 –j ACCEPT
-A RH-Firewall-1-INPUT –m state –state NEW –m tcp –p tcp –dport 8009–j ACCEPT

# service iptables restart


6. Make tomcat listening on port 80
This section is referred from http://www.klawitter.de/tomcat80.html (How to run Tomcat on Port 80)

There are a few ways to make tomcat to be listening on port 80, you can run tomcat as root which is not recommended, anther way is to remain tomcat to listen on port 8080, and use iptables to forward port 80 request to tomcat:

steps:

iptables -t nat -A PREROUTING -d your hostname -p tcp --dport 80 -j REDIRECT --to-ports 8080

iptables-save > /etc/sysconfig/iptables
chkconfig iptables on

Under some circumstances, the HttpConenctor class reports the original port back to the client. Further requests will continue with that port (which is not the desired effect and might even be blocked by your firewall).

Besides switching to a more contemporary Connector like CoyoteConenctor (recommended), you can circumvent that problem by adding a proxyPort to the HttpConnector declaration:

<Connector
  className="org.apache.catalina.connector.http.HttpConnector"
  port="8080"
  proxyPort="80"
>

7. FAQ
a. if testing db2 connection got error like 'SQL0805N Package dc2j.NULLID.SQLC2D01.4141414141350 not found.', you can solve it by binding:
login as db2inst1 on db2 client / tomcat server, run:

db2 connect to db1 user db2inst1 (must login as db2inst1, not user)

cd sqllib/bnd
db2 bind   @db2cli.lst 
db2 bind   @db2bind.lst (may not have this filename, then just ignore this line)

Common Linux tools usage

Jephe Wu - http://linuxtechres.blogspot.com/

• bash  - if

http://tldp.org/LDP/Bash-Beginners-Guide/html/sect_07_01.html

• vi

30G - go to 30th  line
30| - go to 30th column
change a file to remove the ending new line
vi file , :%s#$\n# #g

• sed (delete one line from the file itself)
  

for i in B*;do sed -i /A443/d $i;done 
JEPHE=A1234; for i in B*;do sed -i "/$JEPHE/d" $i;done

• Tar

Backup files and exclude a list of files from a file:
tar --exclude-from=/path/to/excludedfilelist -cvpzf  file.tar.gz *

note: inside excludedfilelist, give file or directory name line by line, don't put / for directories behind.

delete a file from a tar archive:
tar --delete --file=file.tar tobedeletedfile

transfer sparse file on the network:

tar cvzSpf - *|ssh jephe@remoteserver '(cd /path/to; tar xzSpf -)'

• rsync

use rsync to transfer specified files under some directories.
rsync -av -r  --include-from=include.txt  /cygdrive/e/ root@10.0.0.1:/data/backup/

$ cat include.txt
+ a
+ a/b/
+ b
+ b/c/
+ a/b/*.dat
+ b/c/*.exe
- *

/usr/bin/rsync --timeout=600 -v --progress --include=*.gpg --exclude=* -a -e ssh --delete /data/db 10.0.0.1:/data/db/ > /tmp/dbbackup

Note: refer to http://samba.anu.edu.au/ftp/rsync/rsync.html


transfer-root directory referes to the source directory on the source server.

Here are some examples of exclude/include matching:

o --exclude "*.o" would exclude all filenames matching *.o
o --exclude "/foo" would exclude a file called foo in the transfer-root directory
o --exclude "foo/" would exclude any directory called foo
o --exclude "/foo/*/bar" would exclude any file called bar two levels below a directory called foo in the transfer-root directory
o --exclude "/foo/**/bar" would exclude any file called bar two or more levels below a directory called foo in the transfer-root directory
o --include "*/" --include "*.c" --exclude "*" would include all directories and C source files
o --include "foo/" --include "foo/bar.c" --exclude "*" would include only foo/bar.c (the foo/ directory must be
explicitly included or it would be excluded by the "*")

o --exclude "*/foo/" would exclude any directory called foo which is one level below the transfer root directory
o --exclude "**/foo/" would exclude any directory called foo which is one or more levels below the transfer-root directory

•  curl & wget

download a iso file  -  curl -CO complete_download_url and wget -c complete_download_url
check web response header  - curl -I www.domain.com

• nc

nc -v -z -s 10.0.0.1 10.0.10.1 25
Connection to 10.0.10.1 25 port [tcp/smtp] succeeded!
for udp, use:
nc -vuz destination_ip_addr 53  (udp might always report it's successful when using -z option)

• socat  (linux or cygwin)

$ socat -d -d tcp4-listen:25,bind=192.168.100.20,fork,reuseaddr tcp4:smtp.gmail.com:25,bind=192.168.100.20 &

• awk

ls -l *.3.gz.gpg  | awk '{total += $5} END { print total}'
2298937968

db2 list application | awk '($3==495)'  => print the third column which equals 495

• netstat

netstat -tunelp  --list listening tcp and udp port numbers
netstat -natup

• ssh port forwarding 

Local port forwarding
$ ssh jephe@server1 -L 1234:10.0.0.1:22 [-g]  (-g means allows remote hosts to connect to local forwarded ports)
$ ssh jephe@localhost -p 1234

Remote port forwarding
$ ssh jephe@office_server -R 1234:10.0.0.2:22  (on office server, the user can connect to localhost at port 1234 to access the local ssh server at port 22)

or


$ ssh jephe@office_server -R 2222:server_on_internet:22 (when user ssh to port 2222 to office server, it actually goes to internet server ssh port)

If you want to anyone from your office network to access office server at port 2222 which will be forwarded to server_on_internet ssh server, uncomment GatewayPorts line as
GatewayPorts yes


or
$ ssh jephe@office_server -R 80:your_home_web_server:80 (your home web server is not necessarily same as your home ssh client pc, can be another server)


Reference: http://souptonuts.sourceforge.net/sshtips.htm

You can use Windows cygwin ssh server plus ssh remote port forwarding to achieve something. Assume you have lease line connected to remote office, you can only ssh into remote office, now you need to install Linux in one of machine, you can use this method to install from local office http server.

Use above local and remote port forwarding + cygwin + openssh + putty + proxytunnel at http://proxytunnel.sourceforge.net/ , you can do a lot of things you might think it's impossible before.

If your company only allows to use proxy to access Internet and you control one of ssh server on Internet, then you got the power to access office network from home.

• rpm

rpm -Uvh --root=/tmp/ --nodeps /mnt/iso/CentOS/glibc-2.5-34.x86_64.rpm 
or

1. Make a temporary directory to extract the rpm in and copy the rpm into the directory: 
   

   
    mkdir tempdir
    cp bash.rpm tempdir
    

   
   
2. Execute rpm2cpio in the temporary directory: 
   

   
    cd tempdir
    rpm2cpio bash.rpm | cpio -idmv
    

3. show architecture

 rpm -qf /bin/ls --qf '%{NAME}-%{VERSION}-%{RELEASE}.%{ARCH}\n'

• stty and setterm/xset

stty erase ^H  (ctrl V H at the same time) 

setterm -blank nn will tell the console driver to blank the screen after nn minutes of inactivity. (With nn = 0, screensaving is turned off. In some old kernels this first took effect after the next keyboard interrupt.)

The s option of xset(1) will set the X screensaving parameters: xset s off turns off the screensaver, xset s 10 blanks the screen after 10 minutes.

• ssh 

ssh user@host -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null

ssh-keygen -F 10.0.3.1  - find this host from .ssh/known_hosts file

ssh-keygen -R 10.0.3.1  - remove this host from .ssh/known_hosts file

$ sshfs jephe@server:/path/to /mnt/sshfs/ 

Working in a ssh shell that used forwarding:

Supported escape sequences:

~. – terminate connection
~B – send a BREAK to the remote system
~C – open a command line
~R – Request rekey (SSH protocol 2 only)
~^Z – suspend ssh
~# – list forwarded connections
~& – background ssh (when waiting for connections to terminate)
~? – this message
~~ – send the escape character by typing it twice
(Note that escapes are only recognized immediately after newline.)

~. and ~# are particularly useful.

• ftp (windows)

literal pasv (to change to passive mode under Windows ftp CLI) 

• sftp

$ sftp -b /tmp/1 -o port=2222 jephe@1.2.3.4

$ more 1
put /etc/hosts

$ more 1
rm hosts

• grep/cat

grep -v "^#" /etc/httpd/conf/httpd.conf | cat -s | less

• tcpdump 

  Collecting a TCP dump from the server using a command like the following:

  tcpdump -s0 -w /tmp/tcpdump.pcap -i any host <client ip> and port 80
  
  
  and generating traffic (HTTP or LDAP) to the server captures evidence of the server not responding to the TCP SYN packets.  The output file can be analyzed with a command like
  tcpdump -r /<path>/<to>/tcpdump.pcap

For monitoring openbsd firewall PF rules, you can use 'tcpdump -n -e -ttt -i pflog0' to see which pf rules is matching the traffic, pass or block. use 'pfctl -sr' to get output of in-memory rules, the first block or pass rule will be rule 0, followed by rule 1, rule 2 and so on.

• Tshark

     tshark -i eth0 -f 'host 10.0.2.1' -w /tmp/upstream.cap -S

• screen

 screen -S main (manually)

/home/jephe/.bash_profile contact 'screen -D -R main'. this way, if I login server, it will disconnect then reconnect my screen session 'main' automatically every time. So we keep one session only.

How to transfer Mysql database from one server to another

Objective: transfer mysql database A on servera to database B on serverb
Environment: Mysql server 5.X, CentOS 5


Steps:

On source mysql database server servera:

mysqldump databasea  -u usera -p --single-transaction | gzip > databasea.sql.gz
or
mysqldump databaseA tableA -u usera -p --single-transaction | gzip > tableA.sql.gz

on destination mysql database server serverb:
gunzip < servera.sql.gz | mysql -u userb -p databaseB

--------------
Another way to backup/transfer the whole database to another: (What is the equivalent of Oracle's EXP for export and IMP for import utility in MySQL? [ID 1023112.1])

mysqldump --opt -u root -p*** --all-databases | mysql -u root -p*** -h hostname

mysqldump --opt -u root -p*** --all-databases > backup.sql

How to identify cpus, cores and hyperthreading

http://kbase.redhat.com/faq/docs/DOC-7715


Rules:

• grep phy /proc/cpuinfo, how many different physical id will indicate how many physical cpu sockets.
• If the siblings and cpu cores values match, the processors do not support hyperthreading (or hyperthreading is turned off in the BIOS).
• It is worth noting that the presence of the "ht" flag in the cpuflags section of /proc/cpuinfo does not necessarily indicate that a system has hyperthreading capabilities

Install OSSEC for system integrity check on Linux and Windows

Jephe Wu - http://linuxtechres.blogspot.com


Objective: use ossec hids to monitor system file changes realtime
Environment: CentOS 5, RHEL 5, Windows 2003 server


Steps:

1. Download ossec from http://www.ossec.net/main/downloads/
2. Install it on centralized monitoring server first(choose 'server' when installing ossec), this server can be rsyslog and nagios server too.
3. Install ossec on Linux server as agent or Windows server
4. Some commonds for managing agent authentication, stop/start service and realtime monitoring

a. on ossec server, run '/var/ossec/bin/manage_agents' to manage/extract keys for agents
b. on ossec agent, run '/var/ossec/bin/manage_agents' to import key from the server
c. run '/var/ossec/bin/ossec-control stop' or '/var/ossec/bin/ossec-control start' to stop/start services

d. realtime syscheck monitoring: (only works with directories, not individual files, so you can monitor /etc or c:\program files directory, not /etc/file.txt)
check this page: http://www.ossec.net/main/manual/manual-syscheck/realtime-file-integrity-monitoring/
or
http://www.ossec.net/doc/manual/syscheck/index.html

The configuration is very simple. In the option where you specify what files or directories to monitor, you just need to add the realtime=”yes” attribute before check_all="yes".

e. configuration and log files are under /var/ossec/ and c:\program files\ossec


5. when you try to enable clients which are sitting on the different network, you need to enable udp 1514 port, because the netstat is showing the ossec-remoted is listening on udp 1514 port:



udp        0      0 0.0.0.0:1514                0.0.0.0:*                               14974/ossec-remoted

so , please enable firewall from agent to server at udp port 1514.



Notes:
a. When using with Nagios monitoring, the active-response feature on Linux might prevent Nagios from working properly as it will dynamically add ip blocking rules to iptables:
to disable active response,add this:

less than active-response greater then

less than disabled greater than yes less than /disabled greater than

less than active-response greater then
 

to /var/ossec/etc/ossec.conf  

b. http://www.ossec.net/main/manual/manual-installation 

c. OSSEC Wiki at http://www.ossec.net/wiki/OSSEC 

6. FAQ 

a. Why does ossec send me so many emails?

http://www.ossec.net/wiki/Know_How:Email_Alerts_below_7

b. You can configure strftime format in /var/ossec/etc/ossec.conf so that

ossec can monitor variable log file like this:

<localfile>

 <log_format>syslog</log_format>

 <location>/var/log/rsyslog/%Y/%m/%d/log1.log</location>

</localfile>

So after midnight, it will start to monitor new log file at the different path.