April 25, 2008
{FUNNY}5月1日起民航经济舱旅客随身限带一件物品
本报北京4月24日电(记者周伟)为保障航空运输安全和顺利地进行,民用航空局今天表示,从5月1日起,在国内航班上严格执行旅客随身携带物品件数的规定,持头等舱客票的旅客,每人可随身携带两件物品;持公务舱或经济舱客票的旅客,每人只能随身携带1件物品。每件物品的体积均不得超过20×40×55厘米,上述两项总重量均不得超过5公斤。超过规定件数、重量或体积的限制,要按规定作为托运行李托运。
民航有关部门提醒旅客,乘坐飞机时提前做好托运行李的准备工作,以免延误行程。
April 17, 2008
Over 40 days off
Started from yesterday, I get my vacation for over 40 days. Jumping into the lab.
If I work harder, hopefuly I am gonna pass. someone told me it wouldnt be good if i leave, but i said if you can't really live without me, i will leave no more.
work hours: 12+
mental: tired
physical: tired
gain: frame-relay traffic shapping, isis route leaking between level-1 & level-2, pppoe dialing, dhcp, mp-ebgp, mp-ibgp, ebgp, etc.
cost: 50+
April 15, 2008
CPU0: Running in modulated clock mode
Message from syslogd@file-server at Tue Apr 15 07:53:59 2008 ...
file-server kernel: CPU0: Running in modulated clock mode
Message from syslogd@file-server at Tue Apr 15 07:54:04 2008 ...
file-server kernel: CPU0: Temperature above threshold
Message from syslogd@file-server at Tue Apr 15 07:54:04 2008 ...
file-server kernel: CPU0: Running in modulated clock mode
Message from syslogd@file-server at Tue Apr 15 07:54:09 2008 ...
file-server kernel: CPU0: Temperature above threshold
Message from syslogd@file-server at Tue Apr 15 07:54:09 2008 ...
file-server kernel: CPU0: Running in modulated clock mode
到了公司發現某台服務器不斷彈出以上消息伴隨著XShell的擾人的錯誤指示音使我好不心煩意亂,確認該機器散熱良好,溫度在可接受範圍之內.修改了/etc/syslog.conf把 *emerg一行注釋,再service syslog restart.終止了這個消息的傳遞.
April 13, 2008
SHANDI kernel re-built
I have re-built my SHANDI's kernel. for now, it's 26MB in size. could be much more smaller I think. I am gonna do that later this month.
April 12, 2008
About Cats
它约有26斤重,它爱吃冰淇淋、小饼干、蛋糕,他的名字叫Orazi ,哦对了,它是男性。
主人Laura Santarelli目前不知道Orazi 是否属于健康,只知道它特别爱吃,这些照片是他们生活在意大利Eupilio 时拍的。不过,它还不是最胖的猫,记录记载的世界上最胖的猫生活在美国Minnesota 洲,有30斤重爱吃薯片,他的名字不叫加菲。
# 不知道煎蛋滴童鞋们家里是否有能打败Orazi 的肥猫,不过很可惜吉尼斯世界记录现在以及不再收录肥猫了,他的头衔永远留给了加菲(玩笑话)。因为在2004年的时候,英国有个男人为了打破记录,在家里圈养肥猫,喂猫吃各种高热量食物,还不让它们运动,强迫它们增肥相当的不人道。
April 4, 2008
微软将于6月30日停止销售Windows XP
三月三日,eWEEK从Microsoft得到确认,根据计划,微软将在六月三十日关闭Windows XP的产品线,停止向零售商和直接OEM销售Windows XP Professonal和Windows XP HOME。这则来自微软Redmond管理层的消息终止了关于如果用户对Vista嗤之以鼻,微软将延长对该操作系统的寿命,同时,OEM厂商对较低配置的台式机和笔记本电脑是否能运行Vista也有轻微的争吵。
2a9b037d
April 2, 2008
A List
TCP/IP路由技术(第1卷)第二版(中文版)
TCP/IP路由技术(第2卷)中文版
CCIE 实验指南(第1卷)中文版
Cisco安全PIX防火墙
Cisco现场手册:Catalyst交换机配置
Cisco OSPF 命令与配置手册
Cisco BGP-4命令与配置手册
BGP设计与实现
IP 服务质量
IP组播网络设计开发(第1卷)
MPLS和VPN体系结构
MPLS和VPN体系结构(第2卷)(中文版)
MPLS和VPN体系结构(CCIP版)(人邮社)
高级MPLS设计与实施
MPLS网络设计权威指南
基于MPLS的流量工程
IS-IS网络设计解决方案
网络安全原理与实践
Cisco IOS精髓
Cisco访问表配置指南
IP路由协议疑难解析
思科网络术语和缩略语词典
端到端QOS网络设计
部署VoIP解决方案
CCIE Security实验指南
CCIE实验指南(第2卷)
第二层VPN体系结构
VPN故障诊断与排除
CISCO网络增强型IP服务
远程接入网络疑难解析
域间组播解决方案
Cisco现场手册:路由器配置
ipsecvpn设计
园区网中的服务质量
CISCOIPV6网络实现技术
March 31, 2008
Installing OpenVPN on a FreeBSD box
Date: 11:04 AM 3/26/2008
Ver: $1.0
Author: Li Feng Shen
Copyrights (c) 2008 All Rights Reserved.
/*
Use on your own risks
*/
1) # cd /usr/ports/security/openvpn
# make install clean
### ------------------------------------------------------------------------
### The OpenVPN FreeBSD port, since v2.0.1, uses rcNG to start OpenVPN.
### Edit /etc/rc.conf to start OpenVPN automatically at system startup.
### See /usr/local/etc/rc.d/openvpn for details.
### ------------------------------------------------------------------------
### To get OpenVPN 1.X to talk with the new 2.0 version, you may need to
### edit the 1.X configuration file by adding these lines:
### tun-mtu 1500
### tun-mtu-extra 32
### mssfix 1450
### key-method 2 <- this key-method line only for TLS setups
### - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
### WARNING: THE DEFAULT PORT HAS CHANGED AND IS NOW 1194!
### OpenVPN 1.6 and older used 5000 rather than 1194 as their default
### port, so add the proper port options to your configuration file!
### - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
### For further compatibility, see
### ------------------------------------------------------------------------
### If you want to donate to OpenVPN:
### ------------------------------------------------------------------------
2) # mkdir /usr/local/etc/openvpn
# cp /usr/local/share/doc/openvpn/sample-config-files/server.conf /usr/local/etc/openvpn/openvpn.conf
# echo openvpn_enable=\"YES\" >> /etc/rc.conf
3) # cd /usr/local/share/doc/openvpn/easy-rsa
# vi vars
export KEY_COUNTRY=CN
export KEY_PROVINCE=GD
export KEY_CITY=Guangzhou
export KEY_ORG="SHAREUNION"
export KEY_EMAIL="hughr_going@hotmail.com"
# cd /usr/ports/shells/bash
# make install clean
# rehash
# bash
# source ./vars
# ./clean-all
# ./build-ca
# ./build-dh
# cp keys/ca.* /usr/local/etc/openvpn
# cp keys/dh1024.pem /usr/local/etc/openvpn
# vi /usr/local/etc/openvpn/openvpn.conf
modify
ca ca.crt
cert ca.crt
key ca.key
# /usr/local/etc/rc.d/openvpn start
# sockstat -4l
4) # cd /usr/local/share/openvpn/easy-rsa
# ./build-key office
# tar zcvf office.tar.gz ./keys/office*
# tar zcvf ca.tar.gz keys/ca*
download the office.tar.gz & ca.tar.gz to the local file system of you windows client.
5) # config your kernel with ipfirewall support
options IPFIREWALL
options IPDIVERT
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPFIREWALL_VERBOSE
# config the following rules:
00100 allow ip from any to 0.0.4.170:0.0.4.170
00200 divert 8668 ip from any to any via bge0
6) download openvpn-gui for windows & install it.
create C:\Program Files\OpenVPN\config
extract all office.tar.gz & ca.tar.gz into C:\Program Files\OpenVPN\config
create a SHAREUNION.ovpn file
insert the following content into the file:
client
dev tun
proto udp
remote $IP_ADDRESS 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert office.crt
key office.key
comp-lzo
verb 3
7) right click on the shareunion.ovpn and select "start vpn on this config file" to test if the configuration file is ok.
8) done.
Updating Your FreeBSD Box with PF enabled in the kernel
Date: 2:30 PM 3/26/2008
Ver: $1.0
Author: Li Feng Shen
Copyrights (c) 2008 All Rights Reserved.
/*
Use on your own risks
*/
1)
# pkg_add -r cvsup-without-gui
# cp /usr/share/examples/cvsup/standard-supfile /root
# vi /root/standard-supfile
*default host=cvsup.cn.FreeBSD.org
*default release=cvs tag=RELENG_7_0
# cvsup -g -L 2 stand-supfile
# cd /usr/src
# make buildworld
# cd /usr/src/sys/i386/conf
# modify you kernel config file add:
device pf
device pflog
device pfsync
to the end
# cd /usr/src && make buildworld
# make buildkernel KERNCONF=MYKERN && make installkernel KERNCONF=MYKERN
# sync && sync && sync && sync && shutdown -r now
# cd /usr/src
# mergemaster -i
# make installworld
# sync && sync && shutdown -r now
2)
Done
March 28, 2008
Basic IOS Based DHCP Configuration Commands
/*
by: Li Feng Shen
date: 10:04 2008-3-28
*/
Router(config)# ip dhcp excluded-address 10.1.1.1 10.1.1.19
Router(config)# ip dhcp pool Marketing_Subnet
Router(dhcp-config)# network 10.1.1.0 /24
Router(dhcp-config)# domain-name hughr.org
Router(dhcp-config)# dns-server 10.1.1.10 10.1.1.11
Router(dhcp-config)# default-router 10.1.1.2
Router(dhcp-config)# import all //optional
Router(config)# ip dhcp database tftp://10.1.1.50/dhcp-bindings.txt write-delay 180
Router# show ip dhcp binding
Router#
With ip helper-address x.x.x.x command, UDP ports are opened:
37 - TIME
49 - TACACS
53 - DNS
67 - DHCP-SERVER
68 - DHCP CLIENT
69 - TFTP
137 - NETBIOS NAME SERVICE
138 - NETBIOS DATAGRAM SERVICE
To custimize, you can go global config mode & type the following command:
Router(config)# no ip forward-protocol udp 37
Router(config)# no ip forward-protocol udp 137
