ip_conntrack table full

Since I had some spare time, I checked the Mora dormitory network again, and I’ve found this:
tracked IP connections - daily graph

Some remarks:

  • There is one or more infected machines on the network: see the high amount of SYN_SENT connections. I suppose it was a single machine being turned off between 23:00 and 7:30.
  • Another suspicious thing: the high amount of TIME_WAIT connections. The timeout is 120 secs, that is the average 714 means almost 6 connections are closed each second. Given that it is now summer and only a few machines are in the dormitory, this is an obvious irregularity (nice expression 😉
  • The number of ESTABLISHED connections is also high.


My conclusions: there is an infected machine, and there is a large amount of file sharing there. You don’t have to be Sherlock Holmes to find it out in a dormitory. I also think some applications just drop the connection, since the number of the ESTABLISHED entries does not correspond to the active connections shown for example by iptraf. Grrr…

So I decreased the timeout for SYN_SENT (from 120s to 60s), TIME_WAIT (also 120s to 60s) and ESTABLISHED (from 432000s/5days to 43200/12hrs).

By the way, I already have found ideas, how to tweak the router settings such that the network won’t be flooded (up to unsuability):

By the way, perhaps I should test Zabbix to replace Munin. There are debian packages of it. Althouh only the MySQL backend, and not the PostgreSQL. Why??? That was one (the) blocker for me to try Cacti, but fortunately Zabbix can use PostgreSQL as well.

DRM is bad

My opinion is that DRM is bad. Very bad. Some more stuff is here: http://defectivebydesign.org/ and here: http://www.eff.org/corrupt/.
defecitve by design

I cannot understand this world. By trying to enforce our will, and seeking for our good, the world is converging to a local optimum, as it happens often with greedy algorithms. DRM means extra cost and effor to the content provider, to the manufacturer and mostly to the end user. And what is the profit? The entertainment industry will earn more. But this means only transferring the money from people (ca. 5 billion) to a small minority (1 million?). And what are we paying for??? Yes, it’s an effort to create a content. But what is the difference if I look at it once, or if I make a copy for myself, look at it again, or I share it with friends, and week look at it together. The effort needed to create the content is always the same.

My favourite example is from the bible, just think about it:
Then he took the seven loaves and the fish, and when he had given thanks, he broke them and gave them to the disciples, and they in turn to the people. They all ate and were satisfied. Afterward the disciples picked up seven basketfuls of broken pieces that were left over.
Matthew 15:36-37

gnome screenshot hack

I used to have a lot of screenshots. During the time I had several applications to create them. Recently the gnome screenshot panel applet is my favourite since it is simple and reasonably fast. However I was missing a feature: I wanted to add descriptions to my screenshots. So I hacked around a little bit.

In the original version you can only specify the filename:

In the hacked version you can specify a description which is saved as a “tEXt/Description” field into the .png file:

Speeding up dpkg

I always had problems with the speed and memory consumption of dpkg. When I’m doing apt-get upgrade, my laptop becomes unusable for several minutes. And I do it every day, since I’m using debian testing. I made a little research, and found out that a huge part of the time is spent in the parsedb function with parsing the text files containing package information. That’s when you see "(Reading database ..."

Therefore I decided to replace the textfile backend with sqlite3. The first step is almost finished: the package information has been imported into an sqlite database. I just wrote a 100 line C++ prog, and it works.

The preliminary results are self explanatory:

Using dpkg as it is now (file backend, 17782 packages):

hikaru:/home/robi/prog/dpkg/trunk/utils# time dpkg -l "gnome-terminal"

[...]
ii gnome-terminal 2.14.2-1 The GNOME 2 terminal emulator application
[...]
real 0m6.817s
user 0m1.360s
sys 0m0.092s

Using an sql query with sqlite (same database, 17782 packages):

hikaru:/home/robi/prog/dpkg/trunk/utils# time echo "SELECT * FROM packages WHERE Package='gnome-terminal';" | sqlite3 available.db
gnome-terminal|optional|gnome|404|Guilherme de S. Pastore |i386||2.14.2-1|b18bd66347ef25707e7b92957142de0b
[...]
real 0m0.851s
user 0m0.004s
sys 0m0.004s

The next step is to fix some bugs (eg. having ‘ in the descriptions is a problem at the moment), and then replace the code in parsedb. But first I have to get some sleep.

In a perfect world people’s illness is not a business

Grrr again… I hate pharmaceutical industry and I hate biotech companies. It’s not about healing, it’s not about making people’s life better. It’s all about money. Damm damm diridamm… Read this: Drugs firm blocks cheap blindness cure. Medical research should only be perfomed by non-profit organizations, and the knowledge must be shared. Otherwise we are facing a really sad future.

Evolution addressbooks organized

I had at least 5 evolution folders in my old home dirs and backups. This means 5+ addressbooks and 4-5 mail spools. Since I could not find out any better ways, I’ve just moved the .evolution (and even one evolution) folders to a temporary folder, and started to delete unnecessary files and empty dirs. Then I’ve created several empty addressbooks in evolution and just copied the addressbook.db and addressbook.db.summary files into the appropriate dirs. It worked. Now I can move the address cards between them. Well, that will be still some work…

To be continued with mail folders.

Drupal up and running

I have installed drupal as a new engine for my homepage. There are still some issues to configure, but I have not much time at the moment.