Using curl to talk to iTunes

=====Using curl to talk to iTunes=====

To talk to iTunes from curl, spoof the user agent to pretend to be iTunes and set your store front to one of the legal values. Here, I set the store by passing it as a header field using curl's -H switch.


curl -s -A "iTunes/9.0.2 (Macintosh; U; PPC Mac OS X 10.2" -H "X-Apple-Store-Front: 143441-1,5" 'http://ax.itunes.apple.com/WebObjects/MZStore.woa/wa/viewTopLegacy?id=25204&popId=30&genreId=36' > itunes_app_Topcharts_paidapps


Get HK stock quote from curl

Reference for neat way to download stock data from HK Yahoo.

[[http://www.gummy-stuff.org/Yahoo-data.htm]]

http://finance.yahoo.com/d/quotes.csv?s= a BUNCH of STOCK SYMBOLS separated by "+" &f=a bunch of special tags

The following is an example to get 1398.hk

s=Symbol
n=Name
d1=Last Trade Date
l1=Last Trade(Price Only)
r=P/E Ratio
e=Earnings/Share
c=Change & Percent Change


#!/bin/bash

#Get the stock price and information from yahoo.
curl -s 'http://hk.finance.yahoo.com/d/quotes.csv?s=1398.hk&f=snd1l1cer'



Install OpenWRT Kamikaze 8.09.1 on Linksys WRT54GS

=======Install Kamikaze 8.09.1======

=====Flash via http=====

http://downloads.openwrt.org/kamikaze/8.09.1/brcm-2.4/openwrt-wrt54g-squashfs.bin

=====Setting Password=====

====With Telnet====

Connect to the router at it's default address (usually 192.168.1.1) and issue the


passwd


command. After setting the password, any attempt to telnet in will result in a ?Login failed? message. You will need to use ssh from then on to connect using a console.

=====Setup hostname=====

vi /etc/config/system

option hostname Openwrt
to
option hostname linksysr2



=====Setup Wan IP=====


vi /etc/config/network



       config interface       wan
       option ifname    "eth0.1"
       option proto     static
       option ipaddr    192.168.1.17
       option netmask   255.255.255.0
       option gateway   192.168.1.21
       option dns       192.168.1.5


=====Change DHCP range=====

vi /etc/config/dhcp
config dhcp lan
        option interface        lan
        option start    100
        #Change from 150 to 10
        #option limit    150
        #to
        option limit    10
        option leasetime        12h
        option force    1


=====Reserve IP=====

vi /etc/config/dhcp
# Add to bottom
config host
        option name     afungs-iPhone
        option mac      00:23:DF:6F:AB:3D
        option ip       192.168.8.2


=====Setup Wifi=====

Wireless specific (Layers 1 and 2) configuration is in /etc/config/wireless. Layer 3 (Network) is done in /etc/config/network


vi /etc/config/wireless



#wpa encryption

config wifi-device  wl0
         option type     broadcom
         option channel  5

         #0 Enable wifi. 1 disalbe wifi
         option disabled 0

config wifi-iface
         option device   wl0
         option network  lan
         option mode     ap
         option ssid     openwrt
         option encryption psk
         #0 broadcasts the ssid; 1 disables broadcasting of the ssid
         option hidden   1
         option key      xxxxxxxx


=====Mac filtering=====

vi /etc/init.d/wlmacfilter



#!/bin/sh /etc/rc.common
# The macfilter 2 means that the filter works in "Allow" mode.
# Other options are: 0 - disabled, or 1 - Deny.
#
# The maclist is a list of mac addresses to allow/deny, quoted,
# with spaces #  separating multiple entries
# eg  "00:0D:0B:B5:2A:BF 00:0D:0C:A2:2A:BA"
START=47
MACLIST="00:0D:0B:B5:2A:BF 00:0D:0C:A2:2A:BA"

start() {
         wlc ifname wl0 maclist "$MACLIST"
         wlc ifname wl0 macfilter 2
}
stop() {
         wlc ifname wl0 maclist none
         wlc ifname wl0 macfilter 0
}

#Finally, enable the script to run at boot time:

chmod 755 /etc/init.d/wlmacfilter

#This add alias to /etc/rc.d/
/etc/init.d/wlmacfilter enable



=====Firewall=====

The openWRT default setting is:
  *Drop all packets that state is INVALID
  *Accept all packets that state is RELATED or ESTABLISHED
  *Drop incoming packets from wan
  *Accept all incoming packets from lan(br-lan)
  *Accept all outgoing packets
  *Drop forwarding packets from lan(br-lan) to wan

To add custom rules:


vi /etc/config/firewall
#Comment
#config forwarding
#       option src      lan
#       option dest     wan
#       option mtu_fix  1



vi /etc/firewall.user
iptables -A input_rule -s 192.168.1.x -p tcp --dport 22 -j ACCEPT


=====Time Zone=====

uci set system.@system[0].zonename="Asia/Hong Kong"
uci set system.@system[0].timezone="HKT-8"
uci commit system
timezone=$(uci get system.@system[0].timezone); [ -z "$timezone" ] && timezone=UTC; echo "$timezone" > /tmp/TZ


Reference http://luci.freifunk-halle.net/UserDocs/TimeZones

=====NTP Client=====

opkg install ntpclient
#Change the default NTP server using UCI. By default there are four NTP servers configured. To change the first NTP server run the following UCI command:
uci set ntpclient.@ntpserver[0].hostname=stdtime.gov.hk

#Save the changes with:
uci commit ntpclient

#Restart the network to update the time
/etc/init.d/network restart


=====OpenVPN=====
opkg install openssl-utils

=====Additional packages=====

opkg update


#openvpn
opkg install openvpn
#tcpdump
wget
http://downloads.openwrt.org/kamikaze/8.09.1/brcm-2.4/packages/libpcap_0.9.8-1_mipsel.ipk
opkg install libpcap_0.9.8-1_mipsel.ipk
wget
http://downloads.openwrt.org/kamikaze/8.09.1/brcm-2.4/packages/tcpdump_3.9.8-1.1_mipsel.ipk
opkg install tcpdump_3.9.8-1.1_mipsel.ipk

#iptables-save and iptables-restore
wget
http://downloads.openwrt.org/kamikaze/8.09.1/brcm-2.4/packages/iptables-utils_1.3.8-4.1_mipsel.ipk
opkg install iptables-utils_1.3.8-4.1_mipsel.ipk


Triple boot Linux, Mac OSX and Windows XO on three harddrive

3 harddisk in my machine as follow:

1. 320GB (sda, fedora 11)
2. 80GB (sdb, Mac OSX Leopard)
3. 160GB (sdc, Windows)


#vi /boot/grub/menu.lst

title Windows XP
rootnoverify (hd2,0)
savedefault
makeactive
map (hd0) (hd2)
map (hd2) (hd0)
chainloader +1

title Mac OS X (Leopard)
root (hd1,0)
makeactive
chainloader +1


Convert a mac address format

=====Convert a mac address format=====

File - maclist

000X0X0XXX0X 192.168.1.5 Computer A

000XXX0XXX0X 192.168.1.6 Computer B


for n in 10 8 6 4 2 ; do sed -i "s/.\{$n\}/&:/" maclist ; done


00:0X:0X:0X:XX:0X 192.168.1.5 Computer A

00:0X:XX:0X:XX:0X 192.168.1.6 Computer B

Mount a remote windows partition under Linux

#Use the mount command to mount windows network share on Linux 

$mount -t cifs //win-share-hostname/share /mnt/win -o username=user

or

$mount -t cifs //win-share-hostname/share /mnt/win -o username="hostname\user" 

#Use the mount command to mount windows network share on windows domain

$mount -t cifs //win-share-hostname/share /mnt/win -o username=user,password=passwd,domain=xxx

Perform automated installations of Linux by using kickstart

======Create a kickstart configuration file======
  * [[automatic_fedora_8_installation_with_kickstart#Pre-installation|Pre-installation]]
  *[[automatic_fedora_8_installation_with_kickstart#Edit Kisckstart Configuration File|Edit Kisckstart Configuration File]]
  *[[automatic_fedora_8_installation_with_kickstart#Edit isolinux.cfg|Edit isolinux.cfg]]
  *[[ntop#Make iso image|Make iso image]]
  

=====Pre-installation=====

yum install system-config-kickstart


=====Edit Kisckstart Configuration File=====
You can use /root/anaconda-ks.cfg as a ks.cfg template.


cp /root/anaconda-ks.cfg anaconda-ks.cfg.bak


You can use system-config-kickstart to edit
./system-config-kickstart
Save as ks.cfg file

After you run system-config-kickstart, edit ks.cfg

vi ks.cfg


**P.S. Comment cdrom becasue fedora 8 has a bug and it fails if you didn't.**

add
--hostname temp to the end of network line.


The following is a ks.cfg

#platform=x86, AMD64, or Intel EM64T
# Network information
network  --bootproto=static --device=eth0 --gateway=192.168.10.1 --ip=192.168.10.10 --nameserver=192.168.10.5 --netmask=255.255.255.0 --onboot=on --hostname temp
network  --bootproto=static --device=eth1 --gateway=192.168.11.1 --ip=192.168.11.11 --nameserver=192.168.11.5 --netmask=255.255.255.0 --onboot=on --hostname temp
# Root password
rootpw --iscrypted $1$umTRFqI1$EvmUSHR5AS47/qDcTSY/A0
# System authorization information
auth  --useshadow  --enablemd5
# Use graphical install
graphical
# Firewall configuration
firewall --enabled --http --ssh --port=5901:tcp
firstboot --disable
# System keyboard
keyboard us
# System language
lang en_US
# SELinux configuration
selinux --disabled
# Install OS instead of upgrade
install
# Use CDROM installation media
# cdrom
# System timezone
timezone  Asia/Hong_Kong
# X Window System configuration information
xconfig  --defaultdesktop=GNOME --depth=8 --resolution=800x600
# System bootloader configuration
bootloader --append="rhgb quiet" --location=mbr --driveorder=sda
# Partition clearing information
clearpart --linux
# Disk partitioning information
part /boot --fstype ext3 --size=200 --ondisk=sda
part pv.2 --size=0 --grow --ondisk=sda
volgroup VolGroup00 --pesize=32768 pv.2
logvol swap --fstype swap --name=LogVol01 --vgname=VolGroup00 --size=1000 --grow --maxsize=1984
logvol / --fstype ext3 --name=LogVol00 --vgname=VolGroup00 --size=1024 --grow

%packages
@admin-tools
@editors
@system-tools
@gnome-software-development
@fonts
@text-internet
@x-software-development
@gnome-desktop
@core
@base
@base-x
@web-server
@smb-server
@development-libs
@legacy-fonts
@development-tools
@graphical-internet
wireshark-gnome
lynx
mesa-libGLU-devel
gnome-netstatus
pax
urw-fonts
ghostscript-fonts
imake
-elinks
-bittorrent
-slrn
-mutt
-tomboy
-gnome-themes
-gnome-power-manager
-gnome-backgrounds
-compiz-gnome
-gnome-bluetooth
-gnome-audio
-gnome-phone-manager
-bluez-gnome
-bug-buddy
-gnome-screensaver
-gnome-media
-gcalctool
-wireless-tools
-evolution
-transmission
-pidgin
-evolution-help
-evolution-webcal
-ekiga

%end


=====Edit isolinux.cfg=====
We have to add ks=cdrom to the install boot prompt, find the file: /isolinux/isolinux.cfg,
open it and locate the line “append initrd=initrd.img“, add “ks=cdrom“, to make it like this:
append initrd=initrd.img ks=cdrom

=====Make iso image=====

Copy ks.cfg to the root of the CD. Then you can make iso

//NOTE: Make sure you have the file .disinfo and .treeinfo in /tmp/fedora. If it’s missing, the ISO will fail with a very non-intuitive error that: “The Fedora CD was not found in any of your CDROM drives. Please insert the Fedora CD and press OK to retry.” This file is apparently critical to how anaconda reads the file, but it’s not trapping that error in a useful way. Oh well. Just copy it from the original disc and put it in your build root, and all will be well.//


cd /tmp/fedora/
mkisofs -o /tmp/fedora.iso -b isolinux/isolinux.bin -c isolinux/boot.cat \
-no-emul-boot -boot-load-size 4 -boot-info-table -J -R -V "Alife Custom Fedora 8" .


======KickStart Installation Method======
=====Boot from CD-Rom=====

linux ks=cdrom:/ks.cfg


You must have a kickstart file at root of the CD.

=====Boot from http=====

linux ks=http://192.168.1.20/ks.cfg


Install ubuntu 9.04 on Asus eeepc 901

======Ubuntu netbook remix 9.04======
=====Install on netbook suing UNR=====
   - Download the desired .img file
   - Open a terminal and insert your flash media
   - Look at the output of dmesg | tail -20 to determine the device node assigned to your flash media (ignore the device number; e.g. /dev/sdb, not sdb1)
   - Run sudo umount /dev/device/node
   - Run sudo dd if=/path/to/downloaded.img of=/dev/device/node bs=1M
   - Remove your flash media when the command completes (you may need to wait a few extra seconds for it to finish).
   - Bootup netbook
   - Press F2 to go to bios and set using usb to as a first boot device
   - Normal install

=====Partition for install======
Partition
/ SSD 4G
/home SSD 16G

=====Post Installation=====
   - Update Kernel only (Orginal kernel has a problem on wifi)

====Fine tune====

===Fine tune SSD using different I/O scheduler====

An I/O scheduler decides which applications get to write to the disk. Because SSDs are so different than a spinning hard drive, not all I/O schedulers work well with SSDs.

The default I/O scheduler in Linux is cfq, completely fair queuing. cfq is works well on hard disks, but I’ve found it to cause problems on my Eee PC’s SSD. While writing a large file to disk, any other application which tries to write hang until the other write finishes.

The I/O scheduler can be changed on a per-drive basis without rebooting. Run this command to get the current scheduler for a disk and the alternative options:


cat /sys/block/sda/queue/scheduler

You’ll probably have four options, the one in brackets is currently being used by the disk specified in the previous command:

noop anticipatory deadline [cfq]


Two of these are better suited to SSD drives: noop and deadline. Using one of these in the same situation, the application will still hang but only for a few seconds instead of until the disk is free again. Not great, but much better than cfq.

  
   sudo vi /etc/rc.local

   for dev in sda sdb
   do
    echo deadline > "/sys/block/$dev/queue/scheduler"
    echo 1 > "/sys/block/$dev/queue/iosched/fifo_batch"
   done
  

Or


sudo vi /boot/grub/menu.lst
# kopt=root=UUID=6722605f-677c-4d22-b9ea-e1fb0c7470ee ro
to
# kopt=root=UUID=6722605f-677c-4d22-b9ea-e1fb0c7470ee ro elevator=deadline

sudo update-grub


====Fine tune SSD by using ramdisk====

Using a ramdisk instead of the SSD to store temporary files will speed things up, but will cost you a few megabytes of RAM.

Open your fstab file:

sudo vi /etc/fstab


Add this line to fstab to mount /tmp (temporary files) as tmpfs (temporary file system):


tmpfs    /tmp       tmpfs    noatime 0    0
tmpfs    /var/tmp   tmpfs    noatime    0    0


====Fine tune firefox====

Firefox puts its cache in your home partition. By moving this cache in RAM you can speed up Firefox and reduce disk writes. Complete the previous tweak to mount /tmp in RAM, and you can put the cache there as well.

Open about:config in Firefox. Right click in an open area and create a new string value called browser.cache.disk.parent_directory. Set the value to /tmp.

====Install eee-control====

reference: http://greg.geekmind.org/eee-control

   - sudo dpkg -i eee-control_0.9.3_all-jaunty.deb

====Install Skype====

   - Install qt4
   - sudo dkpg -i skype-debian_2.0.0.72-1.i386.deb


ntop 3.3.9 on Fedora 9

=====Pre-installation=====
yum install cairo-devel libxml2-devel pango-devel pango libpng-devel freetype freetype-devel libart_lgpl-deve libpcap-devel

=====Install RRDtool=====
cd /usr/local/src/
wget http://oss.oetiker.ch/rrdtool/pub/rrdtool-1.3.5.tar.gz
cd /usr/local/src/rrdtool-1.3.5
./configure
make
make install
cd ..
ln -s rrdtool rrdtool-1.3.5


=====Verifty installation=====
cd /usr/local/rrdtool/share/rrdtool/examples/
cp stripes.png /var/www/html/
http://ip_address/stripes.png

=====Install Ntop=====
cd /usr/local/src/
tar -zxvf ntop-3.3.9.tar.gz
cd ntop-3.3.9
./autogen.sh --prefix=/usr/local/ntop-3.3.9
make
make install
useradd -M -s /sbin/nologin -r ntop
chown -R ntop.ntop /usr/local/ntop-3.3.9/share/ntop
cd /usr/local/
ln -s ntop-3.3.9 ntop

=====Set Admin Password=====
ntop -A

=====Start Ntop by command=====
/usr/local/ntop/bin/ntop -d -L -u ntop -P /usr/local/ntop-3.3.9/var/ntop --skip-version-check --use-syslog=daemon

http://server-ip:3000/

=====Start Ntop by ntop.conf=====
mkdir -p /usr/share/ntop
cp /usr/local/src/ntop-3.3.9/packages/debian.official/protocol.list /usr/share/ntop/
cp /usr/local/src/ntop-3.3.9/packages/RedHat/ntop.conf.sample /etc/ntop.conf

vi /etc/ntop.conf
--domain mydomain.com
--db-file-path /usr/local/ntop/var/ntop
--interface eth0,eth1,ppp0
-p /usr/share/ntop/protocol.list
-w server-ip:30000 -W 0

/usr/local/ntop/bin/ntop @/etc/ntop.conf

http://server-ip:3000/

=====Configure Round-Robin Database on web interface=====
http://server-ip:3000/ -> Plugins -> Round-Robin Database -> Configure

Change RRD Files Path to

Normal RRDs: /usr/local/ntop/var/ntop/rrd

Dynamic/Volatile RRDs: /usr/local/ntop/var/ntop/rrd

Select **private** to File/Directory Permissions

chown ntop:ntop /usr/local/ntop/var/ntop/rrd

Dell OpenManage Server Administrator on CentOS 5.2

=====Pre-Installation=====
mkdir -p /usr/local/omsa_5.5

=====Install OMSA packages=====
vi /etc/redhat-release
#change
CentOS release 5.2 (Final)
to
CentOS release 5.2 (Tikanga)

=====Install OMSA packages=====
cd /usr/local/omsa_5.5
cp /usr/local/src/OM_5.5.0_ManNode_A00.tar.gz .
tar zxvf OM_5.5.0_ManNode_A00.tar.gz

cd /usr/local/omsa_5.5/linux/RPMS/supportRPMS
rpm -Uvh compat-libstdc++-33-3.2.3-47.3.i386.rpm

cd /usr/local/omsa_5.5
./setup.sh

Select "6" to install ALL

=====Startup OMSA=====
sh /usr/local/omsa_5.5/linux/supportscripts/srvadmin-services.sh start

https://ip_address:1311

Dell OpenManage Server Administrator on Fedora 8

=====Pre-Installation=====
mkdir -p /usr/local/omsa_5.5

=====Install OMSA packages=====
cd /usr/local/omsa_5.5
cp /usr/local/src/OM_5.5.0_ManNode_A00.tar.gz .
tar zxvf OM_5.5.0_ManNode_A00.tar.gz
cd /usr/local/omsa_5.5/linux/custom/RHEL5/srvadmin-base

rpm -Uvh srvadmin-omilcore-5.5.0-364.i386.rpm
rpm -Uvh srvadmin-syscheck-5.5.0-364.i386.rpm
rpm -Uvh srvadmin-deng-5.5.0-364.i386.rpm
rpm -Uvh srvadmin-omauth-5.5.0-364.rhel5.i386.rpm
rpm -Uvh ../../../RPMS/supportRPMS/compat-libstdc++-33-3.2.3-47.3.i386.rpm
rpm -Uvh srvadmin-omacore-5.5.0-364.i386.rpm
rpm -Uvh srvadmin-jre-5.5.0-364.i386.rpm
rpm -Uvh srvadmin-ipmi-5.5.0-364.rhel5.i386.rpm
rpm -Uvh srvadmin-hapi-5.5.0-364.i386.rpm
rpm -Uvh srvadmin-isvc-5.5.0-364.i386.rpm
rpm -Uvh srvadmin-cm-5.5.0-364.i386.rpm
rpm -Uvh ../add-webserver/srvadmin-iws-5.5.0-364.i386.rpm
rpm -Uvh srvadmin-omhip-5.5.0-364.i386.rpm
rpm -Uvh ../add-storageservices/srvadmin-storage-5.5.0-364.i386.rpm

=====Startup OMSA=====
sh /usr/local/omsa_5.5/linux/supportscripts/srvadmin-services.sh start

https://ip_address:1311

=====Install RAC support on OMSA interface=====
cd /usr/local/omsa_5.5/linux/custom/RHEL5/add-RAC5
rpm -Uvh srvadmin-rac*

tar over ssh

You can use tar over ssh

tar zcvf - /tmp | ssh user@ip_address "cat /backup/tmp.tar.gz"

Or

tar zcvf - /tmp | ssh user@hostname "cat /backup/tmp.tar.gz"

You can also tar and untar to remote host with specific dir.

tar -zcf - /tmp | ssh user@ip_address tar -C /path/to/remote/dir -zxf -

vlan - tagged and untagged

Summary for setup 3Com baseline 2948SFP Plus switch

If a port is in a single VLAN it can be untagged but if the port needs to be a member of multiple VLANs it must be tagged.

The IEEE 802.1Q standard defines how VLANs operate within an open packet-switched network. An 802.1Q compliant packet carries additional information that allows a switch to determine to which VLAN the port belongs. If a frame is carrying the additional data, it is known as tagged.

To carry multiple VLANs across a single physical (backbone) link, each packet must be tagged with a VLAN identifier so that the switches can identify which packets belong in which VLANs. Routers interconnect VLANs, so they must also understand 802.1Q tagging, so that they do not become bottlenecks for inter-VLAN traffic.

.htaccess - Manager can view this page from anywhere, everyone else must be from intranet

AuthUserFile /home/www/htpasswd

AuthName "Intranet"
AuthType Basic
Satisfy Any #Default is Satisfy ALL

order deny,allow
deny from all
allow from 192.168.1.
allow from 192.168.2.
require user manager


Reference link
http://home.golden.net/htaccess.html
http://www.sfu.ca/cas/htaccess.html
http://webmaster.iu.edu/security_info/index.shtml

IPSEC VPN - Tunnel Mode by using AH and ESP

Note from wikipedia:
Authentication Header (AH)

AH is a member of the IPsec protocol suite. AH is intended to guarantee connectionless integrity and data origin authentication of IP packets.

Encapsulating Security Payload (ESP)

ESP is a member of the IPsec protocol suite. It is the portion of IPsec that provides origin authenticity, integrity, and confidentiality protection of packets. ESP also supports encryption-only and authentication-only configurations, but using encryption without authentication is strongly discouraged because it is insecure.

#Fire
echo "1" > /proc/sys/net/ipv4/ip_forward

vi 10-0-1-104.conf

#Configuration file on Fire
flush;
spdflush;

#SAD
add 10.0.1.103 10.0.1.104 ah 0x200 -m tunnel
-A hmac-sha1 0xe983bd728c2e7ecd4369d2050db804bc2f36aee7;

add 10.0.1.104 10.0.1.103 ah 0x300 -m tunnel
-A hmac-sha1 0xdd2f63da632c7ddcc5a6c29a6ca9739e8d4d9e77;

add 10.0.1.103 10.0.1.104 esp 0x201 -m tunnel
-E 3des-cbc 0x3fdad5392f9ead005660b36b5358de87552f7d0c5f2dd996;

add 10.0.1.104 10.0.1.103 esp 0x301 -m tunnel
-E 3des-cbc 0x5362f516f083ebf9326ad103d7e0d573a4d3d9e25a31f65d;

#SPD
spdadd 172.16.14.0/24 192.168.82.0/24 any -P out ipsec
esp/tunnel/10.0.1.104-10.0.1.103/require;
ah/tunnel/10.0.1.104-10.0.1.103/require;

spdadd 192.168.82.0/24 172.16.14.0/24 any -P in ipsec
esp/tunnel/10.0.1.103-10.0.1.104/require;
ah/tunnel/10.0.1.103-10.0.1.104/require;


#Rage
echo "1" > /proc/sys/net/ipv4/ip_forward

flush;
spdflush;
#SAD
add 10.0.1.103 10.0.1.104 ah 0x200 -m tunnel
-A hmac-sha1 0xe983bd728c2e7ecd4369d2050db804bc2f36aee7;

add 10.0.1.104 10.0.1.103 ah 0x300 -m tunnel
-A hmac-sha1 0xdd2f63da632c7ddcc5a6c29a6ca9739e8d4d9e77;

add 10.0.1.103 10.0.1.104 esp 0x201 -m tunnel
-E 3des-cbc 0x3fdad5392f9ead005660b36b5358de87552f7d0c5f2dd996;

add 10.0.1.104 10.0.1.103 esp 0x301 -m tunnel
-E 3des-cbc 0x5362f516f083ebf9326ad103d7e0d573a4d3d9e25a31f65d;

#SPD
spdadd 172.16.14.0/24 192.168.82.0/24 any -P in ipsec
esp/tunnel/10.0.1.104-10.0.1.103/require;
ah/tunnel/10.0.1.104-10.0.1.103/require;

spdadd 192.168.82.0/24 172.16.14.0/24 any -P out ipsec
esp/tunnel/10.0.1.103-10.0.1.104/require;
ah/tunnel/10.0.1.103-10.0.1.104/require;

Update the Time on Windows XP

Windows Server 2003 and Windows XP now use NTP instead of SNTP. The command that now does everything regarding WTS is: w32tm

The following command configure using stdtime.gov.hk as an external time server.
w32tm /config /manualpeerlist:stdtime.gov.hk,0x1 /syncfromflags:MANUAL /update

Now we need to restart w32time services.
net stop w32time
net start w32time

Sync local computer with time server.
w32tm /resync /rediscover

Disable IPv6 on CentOS 5.2 and Fedora 9

vi /etc/sysconfig/network

set "NETWORKING_IPV6" to "no"

vi /etc/modprobe.conf

Add

alias ipv6 off
alias net-pf-10 off

Run chkconfig to disable the IPv6 firewall
chkconfig --level 345 ip6tables off

Reboot the system