This article is a work in progress

deb package for the Linux WMI client (wmic) for Ubuntu 10.10 can be downloaded here.

We use this utility together with collectd, it’s Exec plug-in and rrdgraph.

For example with this script we read the Transactions performance counter for MS SQL Server:

#!/bin/bash
INTERVAL="${COLLECTD_INTERVAL:-60}"

while sleep "$INTERVAL"
do
        TRANSPS=$((wmic -U user%password //server "SELECT TransactionsPersec FROM Win32_PerfRawData_MSSQLSERVER_SQLServerDatabases WHERE Name='_Total'" | grep "_Total" | awk -F "|" '{ print $2; }') 2>/dev/null);
        if [ $? -ne 0 ]
        then
              TRANSPS="U"
        fi
        echo "PUTVAL sqlserver/exec-mssql-wmi/operations interval=$INTERVAL N:$TRANSPS"
done

Note what the rrd file name (in this case operations) should start from the defined word in types.db

This article is a work in progress

Both modems should be set to Bridged Mode

Packages involved: pppd, shorewall, iproute2

/etc/ppp/peers/cat, configuration file for CAT Telecom provider:

noipdefault
#defaultroute
#replacedefaultroute
#usepeerdns
hide-password
debug
noauth
persist
maxfail 0
lcp-echo-interval 30
lcp-echo-failure 5
mtu 1492
plugin rp-pppoe.so eth0
rp_pppoe_service 'cat'
user "lettersandnumbers@hinet.p"
linkname cat
unit 0

/etc/ppp/peers/tot, configuration file for TOT provider:

noipdefault
#defaultroute
#replacedefaultroute
#usepeerdns
hide-password
debug
noauth
persist
maxfail 0
lcp-echo-interval 30
lcp-echo-failure 5
mtu 1492
plugin rp-pppoe.so eth1
rp_pppoe_service 'tot'
user "phoneno@totgoldbiz"
linkname tot
unit 1

I will explain the options.

#defaultroute
#replacedefaultroute
#usepeerdns

These we comment out, we will control default routes in the /etc/ppp/ip-up.local and /etc/ppp/ip-down.local scripts; we are not going to use DNS servers offered by the provider and will use fixed DNS (like Google DNS) instead.

persist
maxfail 0
lcp-echo-interval 30
lcp-echo-failure 5

Persist sets pppd to keep the connection; maxfail 0 prevents pppd from giving up after 5 unsuccessful connections; we are sending line control protocol “pings” every 30 seconds and going to disconnect and try to connect back again if 5 of these “pings” are lost in a row.

unit 0
linkname cat

unit is a very important option to nail the number (ppp0, ppp1 etc.) of the connection. If this option is not specified, the connections will be numbered in the order they are established and the interface number would change all the time.  linkname defines the name of .pid created in /var/run, I check for the existence of these files from PHP script to report in the web interface if the provider connection is on or off.

/etc/network/interfaces (fragment)

auto cat
iface cat inet ppp
pre-up /sbin/ifconfig eth0 up # line maintained by pppoeconf
provider cat

auto tot
iface cat inet ppp
pre-up /sbin/ifconfig eth1 up # line maintained by pppoeconf
provider tot

/etc/iproute2/rt_tables

#
# reserved values
#
255     local
254     main
253     default
0       unspec
#
# local
#
100     ppp0
200     ppp1

/etc/ppp/ip-up.local

#!/bin/bash
if [[ "$PPP_IFACE" == "ppp0" ]] ; then
        METRIC=1
else
        METRIC=2
fi

ip route add default dev $PPP_IFACE table $PPP_IFACE
ip route add default dev $PPP_IFACE metric $METRIC
ip rule add from $PPP_LOCAL lookup $PPP_IFACE
shorewall refresh
/usr/sbin/ddclient -syslog -file /etc/ddclient-$PPP_IFACE.conf

pppd does not have option to specify interface metric. There is a proposed patch for it, but it is not in the mainline yet. That’s why we move routing setup to this file. First line adds a default route to the routing table named ppp0 or ppp1. Third line adds a rule: if the source address of a packet is a local address of ppp interface, route it through this specific table (ppp0 or ppp1).

I am not sure if refreshing shorewall config is really needed, but won’t do any harm. ddclient updates DynDNS records using two different config files for two interfaces.

/etc/ppp/ip-down.local

#!/bin/sh
ip route del default table $PPP_IFACE
ip route del default dev $PPP_IFACE
ip rule del lookup $PPP_IFACE
shorewall refresh

/etc/shorewall/interfaces (fragment)

net     ppp0            detect          tcpflags,routefilter,nosmurfs,mss=1452
net     ppp1            detect          tcpflags,routefilter,nosmurfs,mss=1452

Important to clamp MSS to 1452 bytes here

“ip route show” output when both connections are on:

default dev ppp0  scope link  metric 1
default dev ppp1  scope link  metric 2

Primary interface ppp0, with lowest metric is used first. If it will go down, the second default route will be used automatically.

To be continued – from failover to load-balancing…

It was amazing to see Keehin Electrical Shop in Phuket still using Windows 3.11 for Workgroups with Paradox database for stock and sales… I wonder if they run it in a virtual machine though. Last time I worked with Paradox was in 1995!

Happens when this file:

%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

has wrong permissions or hidden/system file attribute. Remove this file as an Administrator.

If you are getting the message “Windows Validation was interrupted” while trying to activate your Windows 7 installation via Internet Explorer, check the permissions on the file

%SystemRoot%\System32\Wat\WatAdminSvc.exe

On some hacked installations there is a permissions setting to deny execute rights for Everyone, set it back to Allow.

The proper permissions for this file:
Allow – TrustedInstaller – Full control
Allow – Administrators – Read & execute
Allow – SYSTEM – Read & execute
Allow – Users – Read & execute

Looking for schematics for APC BE500R-AS, Chassis 640-0690B-Z…

This 25-baht RTC battery with a slight bulge on the top prevented the motherboard from booting. The previous technician suggested replacing the motherboard…

This battery from APC BR1500I UPS burst open, oozing a small amount of electrolyte liquid. Happens often here, most likely because of overheating. The battery is 3 years old.

Sometimes it is not possible to click on the “Public Network” open the network profile screen, then the easiest geek way to fix it is to remove a registry key:

HKLM\System\CurrentControlSet\Control\Network\NetworkLocationWizard\
Delete the key: HideWizard

Afterwards you need to disable and then re-enable the problematic network adapter.

The customer was issued the following hardware for the TOT Fiber optic 10Mbps home package:

Fiber: single fiber, dual wavelength with an SC connector.

Optical Network Unit (ONU): Mitsubishi AS-1000GN2-1GC.

Router: Welltech Computer WG-332S (not even listed on Welltech website). I think I never saw the router without any authentication before! It is a VoIP router with two FXS ports, also one LAN port is labelled (by TOT) as IPTV.

We took the Welltech router out and set up a PPPoE connection from Ubuntu Linux server through Mitsubishi modem.

It seems what Windows Recovery malware instead of deleting All Users Start Menu shortcuts moves them to a temporary folder: %UserProfile%\AppData\Local\Temp\smtmp\<some number>\ and they are easily recoverable from there.