Catalin(ux) M. BOIE homepage

Welcome to Catalin(ux) M. BOIE's page!
Here you can find some work of mine on Linux kernel & other stuff.

E-mail: catab # embedromix dot ro
Phone: +40-745-048374

My Fedora repository: rpm -Uhv http://kernel.embedromix.ro/dinorepo-0.0.12-1.noarch.rpm
My Oracle/RedHat/CentOS repository: rpm -Uhv http://kernel.embedromix.ro/dinorepo-el-0.0.13-1.noarch.rpm
Supported architectures: x86_64, i386, armv7hl, aarch64.

For commercial support and customizations, contact us at: Embedromix

[Home] [Networking] [Crypto] [Linux kernel patches] [Userspace] [Docs] [CV/Resume] [Links]

Name	Description	Links
Presentations	Presentations made by me	present.html
IFB	A mini howto on how to shape on incoming packets and distribute packets on multiple interfaces, sharing bandwidth.	ifb.html
RAID mini HOWTO	A mini howto describing linear, 0, 1, 5 and 6, using mdadm.	RAID.html
git mini HOWTO	A mini howto describing how to use git.	git.html
LVM mini HOWTO	A mini howto describing how to use LVM.	LVM.html
IPv6 mini howtos	Some mini howtos to easy IPv6 implementation.	ipv6.html
Random stuff	Some usefull one-liners.	random.html

Random stuff

Limit number of connections per second for ssh to maximum of 4 in 60 seconds:

iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 4 -j DROP

Typing Unicode characters: CTRL+SHIFT+u, then the numeric code.

Making an SELinux domain permissive: /usr/sbin/semanage permissive -a httpd_t

Disabling HPA at boot (BIG WARNING: YOU CAN LOOSE DATA!): libata.ignore_hpa=1

Disabling HPA per disk (BIG WARNING: YOU CAN LOOSE DATA!): hdparm -N p<number_of_sectors> /dev/sd?

SELinux on low memory: /etc/selinux/semanage.conf: bzip-blocksize=4 and bzip-small=true

PostgreSQL: Find unused indexes: SELECT schemaname, relname, indexrelname, idx_scan, idx_tup_read, idx_tup_fetch FROM pg_stat_user_indexes;

PostgreSQL: Show activity: SELECT * FROM pg_stat_activity WHERE current_query != '<IDLE>';

Convert to ext4: tune2fs -O extents,uninit_bg,dir_index /dev/sdaaaa

Screencast: ffmpeg -f x11grab -g 250 -s 1024x768 -r 25 -y -sameq -i :0.0+0,0 x.avi.

Screencast (mkv): ffmpeg -f x11grab -g 250 -s 1024x768 -r 30 -y -sameq -i :0.0+0,0 -vcodec libx264 -vpre lossless_ultrafast -threads 0 x.mkv.

Keyboard fast rate: xset r rate 150 40

Dinamically grow a disk online under KVM/libvirt:
Find devices: virsh domblklist NAME_OF_THE_MACHINE
Resize: virsh blockresize NAME_OF_THE_MACHINE vda 12G
'vda' may need to be replaced with something else.
The size must be the final size! Do not shrink!

Reduce the memory usage of rsyslogd: $ActionQueueMaxFileSize 10000

Mozilla Firefox optimizations:
Environment variables:
export MOZ_ACCELERATED=1
export MOZ_WEBRENDER=1

about:config:

gfx.canvas.azure.accelerated -> true
gfx.webrender.all -> true
gfx.xrender.enabled -> true
layers.acceleration.force-enabled -> true
gfx.canvas.azure.backends = cairo
gfx.content.azure.backends = cairo
webgl.msaa-force -> true

Go to "about:support" to check status.

Video acceleration (RPMFusion must be present):
dnf install libva libva-intel-hybrid-driver libva-intel-driver libva-utils mesa-vdpau-drivers vdpauinfo libva-vdpau-driver libvdpau-va-gl mesa-dri-drivers
Optional: dnf install intel-media-driver
Optional module parameters (i915): enable_guc=-1 enable_fbc=1
Optional kernel parameters: pcie_aspm=force
va-info

Modern bridge and vlans (Neconf 2.2 presentation):

ip link del cata-br-1 2>/dev/null
ip link add cata-br-1 type bridge vlan_filtering 1
bridge vlan del vid 1 dev cata-br-1 self
ip li set dev cata-br-1 up

ip link del cata-gre-1 2>/dev/null
ip link add cata-gre-1 type gretap remote x.y.z.t
ip link set dev cata-gre-1 up
ip link set cata-gre-1 master cata-br-1
ip link set dev cata-gre-1 type bridge_slave vlan_tunnel on
bridge vlan add vid 10 dev cata-gre-1
bridge vlan add dev cata-gre-1 vid 10 tunnel_info id 10

ip link del vx10 2>/dev/null
ip link add dev vx10 type vxlan external local 192.168.79.241 dstport 4789
ip link set vx10 up
ip link set vx10 master cata-br-1
ip link set dev vx10 type bridge_slave vlan_tunnel on
bridge vlan add dev vx10 vid 10
bridge vlan add dev vx10 vid 10 tunnel_info id 10

ip link del va 2>/dev/null
ip link add va type veth peer vb
ip link set va up
ip link set vb up
ip link set vb master cata-br-1
bridge vlan add dev vb vid 10 pvid untagged

for dev in cata-gre-1 vx10 vb; do
        echo "===================== ${dev} ========="
        bridge fdb add 00:00:00:00:00:00 dev ${dev} vni 10 \
                dst x.y.z.t self permanent

        bridge vlan show dev ${dev}

        bridge vlan tunnelshow dev ${dev}
echo "====================="
done

ip ad ad 3.3.3.1/24 dev va