How To: Configure Caching Nameserver (named)

Mission

To configure a caching nameserver on a local machine which will cascade to another previously configured and functional nameserver (may or may not be caching. It’ll generally be your ISP nameserver or the one provided by your organization).

Advantage

  • Reduces the delay in domain name resolution drastically as the requests for frequently accessed websites are served from cache.

Working

  • named gets a request for domain resolution.
  • It checks whether the request can be satisfied from cache. If the answer is in cache and not stale, the request is satisfied from cache itself saving a lot of time :)
  • If request can’t be satisfied from cache, named queries the first parent. If it replies with the answer, then named will cache the response and subsequent requests for the same domain name will be satisfied from the cache.
  • In case first parent fails to reply, named will query the second parent and so on.

(The working is my understanding of caching-nameserver using wireshark as traffic analysis tool and caching-nameserver may not behave exactly as explained above.)

How to install

named is by default on most of the systems by the package name ‘caching-nameserver‘. If its not present on your system, install using

[root@localhost ~]# yum install caching-nameserver [ENTER]
# If that doesn't work try this
[root@localhost ~]# yum install bind [ENTER]

How to configure

The main configuration file for named resides in /var/named/chroot/etc/named.caching-nameserver.conf which is also soft linked from /etc/named.caching-nameserver.conf . named configuration file supports C/C++ style comments.

For a caching nameserver which will cascade to another nameserver, there is nothing much to be configured. You need to configure “options” block. Below is a configuration file for a machine with IP address 172.17.8.64 cascading to two nameserver 192.168.36.204 and 192.168.36.210. The comments inline explain what each option does.

options {
  // Set the port to 53 which is standard port for DNS.
  // Add the IP address on which named will listen separated by semi-colons.
  // It'll be your own IP address.
  listen-on port 53 {127.0.0.1; 172.17.8.64;};
  // These are default. Leave them as it is.
  directory   "/var/named";
  dump-file   "/var/named/data/cache_dump.db";
  statistics-file "/var/named/data/named_stats.txt";
  memstatistics-file "/var/named/data/named_mem_stats.txt";
  // The machines which are allowed to query this nameserver.
  // Normally you'll allow only your machine. But you can allow other machines also.
  // The address should be separated by semi-colons. To allow a network 172.16.31.0/24,
  // the line would be
  // allow-query {localhost; 172.16.31.0/24; };
  // Don't forget the semi-colons.
  allow-query     { localhost; 172.17.8.64; };
  recursion yes;
  // The parent nameservers. List all the nameserver which you can query.
  forwarders { 192.168.36.204; 192.168.36.210; };
  forward first;
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
zone "." IN {
  type hint;
  file "named.ca";
};
include "/etc/named.rfc1912.zones";

Start caching-nameserver

Now start the caching-nameserver using the following command

[root@localhost ~]# server named start [ENTER]

OR

[root@localhost ~]# /etc/init.d/named start [ENTER]

To make named start every time your reboot your machine use following command

[root@localhost ~]# chkconfig named on [ENTER]

Using caching-nameserver

To use your caching-nameserver, open /etc/resolv.conf file and add the following line

nameserver 127.0.0.1

Comment all other lines in the file, so that finally the file looks like

; generated by /sbin/dhclient-script
#search wlan.iiit.ac.in
#nameserver 192.168.36.204
#nameserver 192.168.36.210
nameserver 127.0.0.1

Now your system will use your own nameserver (in caching mode) for resolving all domain names. To test if your nameserver use the following command

[root@localhost ~]# dig fedora.co.in [ENTER]

Now if you use that command for the second time, the resolution time will be around 2-3 milli seconds while first time it would be around 400-700 milli seconds.

Example

Below is two subsequent runs of dig for fedora.co.in . Notice the Query time.

[root@bordeaux SPECS]# dig fedora.co.in
; <<>> DiG 9.4.2rc1 <<>> fedora.co.in
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7839
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;fedora.co.in.                  IN      A
;; ANSWER SECTION:
fedora.co.in.           83629   IN      A       72.249.126.241
;; AUTHORITY SECTION:
fedora.co.in.           79709   IN      NS      ns.fedora.co.in.
;; ADDITIONAL SECTION:
ns.fedora.co.in.        79709   IN      A       72.249.126.241
;; Query time: 531 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Nov 19 18:04:47 2008
;; MSG SIZE  rcvd: 79
[root@bordeaux SPECS]# dig fedora.co.in
; <<>> DiG 9.4.2rc1 <<>> fedora.co.in
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64233
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;fedora.co.in.                  IN      A
;; ANSWER SECTION:
fedora.co.in.           83625   IN      A       72.249.126.241
;; AUTHORITY SECTION:
fedora.co.in.           79705   IN      NS      ns.fedora.co.in.
;; ADDITIONAL SECTION:
ns.fedora.co.in.        79705   IN      A       72.249.126.241
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Nov 19 18:04:51 2008
;; MSG SIZE  rcvd: 79
[root@bordeaux SPECS]#
 

Info: Spicebird 0.7 Pre with Awesome Features

Spicebird is

your one platform for many collaboration needs. It provides e-mail, calendaring and instant messaging with intuitive integration and unlimited extensibility.

Spicebird beta 0.7 pre release is out now and can be downloaded in 10 languages from the i10n nightly build archive. For the latest nightly build of English version, check this English nightly build archive.

Some of the new features in version 0.7 are

  • Google Applets in Home Tab
    • You can add Google applets in the Home tab. For example: On home tab, click Add Applet -> Google Applet. Add a url to Google applet (e.g. Google Map Search). And you’ll have a nice Google map on your home page :)
    • Or add date & time applet ( this url )
    • Or from the thousands of applets available from Google :)

Google Applets in Spicebird

  • Auto Update Feature
    • Spicebird now checks for updates automatically :)

Spicebird Auto Update

  • Its way faster than the previous version. Thats my personal opinion. I was using Spicebird beta 0.4 since more than 6 months.

Check the official release announcement for more details.

How to install Spicebird for test usage

Download

Get the latest version of Spicebird from nighty build archive.

Extract and Move

Extract the Spicebird archive file as

[root@localhost ~]# tar -xjf spicebird-beta-0.7pre.en-US.linux-i686.tar.bz2 [ENTER]

Move the extracted directory to /opt/

[root@localhost ~]# mv spicebird-beta /opt/ [ENTER]

Create shortcut on Panel

Right click on Gnome panel and click “Add to Panel

Add Spicebird to Panel

Click on “Custom Application Launcher”

Spicebird Custom Application Launcher

Fill in appropriate details as shown in the following image

Spicebird Create Application Launcher

Choose an icon for Spicebird by clicking the “No Icon” button on the top left corner.

Spicebird Launcher Icon

Click Ok. And you are done. Now click the new icon that has just appeared on the panel. Rest of the configuration like account creation and settings is exactly same as Thunderbird or Evolution or any other mail client.

Reference : Spicebird Official Website

 

Hack: A Fast Network Scanning Program

I was searching for a simple tool which can do a port scanning in a huge network quickly without making me wait for ages. I first thought of using nmap, but it was a bit too complex and it takes a lot of time to discover the machines even after optimizing the parameters. After searching a lot, I wrote to one of my seniors, Sandeep Kumar, asking the details of his program which maintains a list of active FTP servers in the network. He replied with a reference to his own findings about the network scanning tools. He is using an enhanced version of a program originally written by Troy Robinson. I tried the program out of curiosity and found out that its damn fast as compared to nmap (no literal comparison) :) The program can be downloaded from here.

How to use

Compile the program using gcc as

[root@localhost ~]# gcc NetworkScanner.c [ENTER]

Now create a file IPRange.txt containing the IP address ranges for your network. The contents of the file may be

172.16.*.* Meaning all the IP address with first two parts as 172.16 and rest of the address will be generated by permutations.

172.16.1-16.* Meaning the first two parts are fixed. Third part will vary from 1 to 16. And the fourth part will be permuted from 0 to 255.

So an IPRange.txt may look like

1
2
172.16.1-16.*
192.168.36.*

Now run the program as

[root@localhost ~]# ./a.out port_to_be_scanned Parallel_attempts IP_list_file output.txt [ENTER]

Parallel_attempts is the number of processes that’ll be forked for scanning the network port. It is safe to have its value as 255. A very high value may hog the network or may even slow down your machine. So an example run would be

[root@localhost ~]# ./a.out 21 255 IPRange.txt Output.txt [ENTER]

Benchmarks

I carried out a lot of test on my network using the following setup and parameters

Machine : AMD X2 5600+ (2.6GHz Dual Core), 4GB 800MHz DDR2 RAM, Gigabit Ethernet Card (on 100mbps network).

Port : 21 (FTP)

IPRange.txt : Total 16896 IP Addresses

1
2
3
4
5
Machines on wired (100mbps) network
172.16.1-48.* 
192.168.36.*
Machines on wireless (54mbps) network
172.17.0-16.*

Network Scanner Benchmarks

Parallel Attempts

Scanning Time (seconds)

Upload Bandwidth (kbps)

255 180 13
512 90 25
1024 47 55
2048 25 100
4096 14 205
6144 11 307
8192 9 374

The interval between two scans was almost 30-40 seconds. I think parallelism beyond 8192 will crash my machine, so I didn’t try. You can try it at your own risk :) I hope this program help you scan your network.

 

Humour: Ubuntu is Costlier than Microsoft Windows XP

Dell started selling their new Dell Inspiron Mini 9 series yesterday as informed by slashdot article. Lately I have been looking for a mobile solution which should be easy to carry and have enough computing power to meet my expectation. I liked the SSD concept replacing the mechanical hard disk. I just moved over to Dell website and tried configuring one for myself (go here to configure them yourself). I am an open source addict but I am not an Ubuntu fan but still going with ubuntu sounds better than going with M$ stuff. So, started configuring the Ubuntu machine and pushed everything (main memory, hard disk and other components) to maximum. A few minutes later I realized that the Ubuntu model’s price is more than the equivalent config with M$ Windows.

Below is a table comparing Windows XP and Ubuntu model of Dell Inspiron Mini 9 series. The differences are highlighted in red color.

Ubuntu 8.04
Microsoft Windows XP Home Premium
$494
$479
My Components
Obsidian Black
Obsidian Black
Mini OS powered by Ubuntu 8.04
Genuine Windows® XP Home Edition
1GB DDR2 at 533MHz
1GB DDR2 at 533MHz
16GB Solid State Drive
16GB Solid State Drive
Built-in Bluetooth 2.1 capability
Built-in Bluetooth 2.1 capability
Integrated 1.3M Pixel Webcam
Integrated 1.3M Pixel Webcam
My Service
1Yr Ltd Warranty and Mail-In Service
1Yr Ltd Warranty and Mail-In Service
Also Includes
Intel® Atom Processor® N270 (1.6GHz/533Mhz FSB/512K cache) Intel® Atom Processor® N270 (1.6GHz/533Mhz FSB/512K cache)
Glossy 8.9 inch LED display (1024X600)
Glossy 8.9 inch LED display (1024X600)
Intel Graphics Media Accelerator (GMA) 950
Intel Graphics Media Accelerator (GMA) 950
Wireless 802.11g Mini Card
Wireless 802.11g Mini Card
32WHr Battery (4 cell)
32WHr Battery (4 cell)
Base LCD Assembly
Base LCD Assembly
Base LCD Assembly in Black
Base LCD Assembly in Black
No Installation
No Installation
Adobe® Acrobat® Reader 8.1, English
McAfee SecurityCenter 30-day Trial
Microsoft Works 9 DOES NOT INCLUDE MS WORD
No ISP requested

According to the above table Ubuntu alone is costlier than Genuine Microsoft Windows XP Home Premium + Adobe Acrobat Reader 8.1 English + McAfee SecurityCenter 30-day Trial + Microsoft Works 9 (MS Word Excluded). I am not sure if Dell is trying to promote Microsoft by selling Windows XP model at a lower price or they are generating more revenues for Ubuntu by selling it at a higher price or they are just fooling the customers. Below are the picture proofs if Dell changes the prices.

Inspiron Ubuntu

Inspiron Windows

 

Info: Eclipse DemoCamps 2008 – Ganymede Edition Hyderabad

About the event from Eclipsepedia,

Eclipse is releasing version 3.4 (Ganymede) on 25th June 2008. To mark the occasion, the Eclipse foundation is organizing a series of Democamps around the world. The Hyderabad edition is organized by hyd-eclipse.org (a Hysea initiative). We will discuss the new features and projects in the Ganymede release, and also present a few case studies of some interesting usecases of Eclipse. The event will conclude with a networking of the Eclipse developers’ community in Hyderabad.

I happened to attend the camp with a lot of my friends. Organisers were overwhelmed by the turnout. More than 100 people (mostly from industry) attended the camp and the place was almost overcrowded. The idea was to educate the newbies about the new features in version 3.4 and showcase some demos for enterprise software development and also to bring the eclipse developers at a common platform.

The camp started with a session about the new features in Ganymede version. Kiran Kumar from Progress Software talked about the new features like improved regular expression support, changes in update manager, enhancements in PDE etc. Following this, Saurav from Pramati Technologies talked about the WTP new features in this version mainly with respect to JavaScript and other Java improvements. Finally Ravi Sankar from Progress Software concluded with Xpand demo.

All in all, it was a good event which provided a bit of exposure to the developments going on in and around Hyderabad. Thanks Hysea, Progress and Pramati for organizing the wonderful event 😀

 

Review: Spicebird – A Collaboration Platform

Well, I happened to attend this workshop on “How to build business around open source tools” organized by Twincling Society and IIIT Hyderabad. There I came to know about Spicebird. Spicebird is a single platform for many collaboration needs. It provides e-mail, calendaring and instant messaging with intuitive integration and unlimited extensibility. Spicebird is being developed by a Hyderabad based Indian start-up named Synovel (All four founders are alumni of IIIT Hyderabad). Below we look at some features that Spicebird provides.

1. Tabbed Interface

The tabbed interface for different utilities like mail, calendar, contacts, tasks etc. looks pretty clean. The interface is not at all cluttered in any way and navigation to different utilities is straight forward. You don’t have to brainstorm before getting something done.

2. Familiar Interface & Crisp Icon Set

Spicebird has an interface similar to loads of mozilla based application out there. The settings, preferences and the way things have been managed are familiar. So people who are switching from other open source email clients will not face any problems at all. Spicebird uses icons from Tango Project. The icons used are really good looking.

3. Nice Home Tab

The way Home tab has been organized is really appealing. You can add applets which includes rss feeds from you favourite blogs, mail folder views, calendar, upcoming events and Date & Time. Geeks love rss feeds. And what can be better than having it on your home tab all the time along with your mails. Event applet comes handy to remind you of the upcoming meetings and deadlines. And its on home tab all the time :) Date & Time is specially helpful when you collaborate with people in different timezones. So you can add their timezone on home tab and you know when is the right time to ping them.

Spicebird Home Tab

4. Email

Email experience is more or less like any other open source email client. But Spicebird provides some intitutive features like if it finds that the content of a mail is about a meeting, it’ll give an option for creating a calendar event for the same. This is a really good feature and this is just the begining. Spicebird is still beta.

SpiceBird Intutive Mail

5. Instant Messaging

This is a really cool feature from collaboration point of view and which makes Spicebird different from the masses. Spicebird is supporting IM via any jabber server. So if you are a startup, setup your own jabber server on Intranet and use it for collaboration. Mind blowing!! This also includes Gmail/GTalk. So you can just say bye bye to your messenger and start using it right away with GTalk. Plus this will import all your contacts to your local address book. Another real good feature which is not there in lot of other email clients.

SpiceBird Instant Message using Jabber, GTalk

6. Calendar & Task Management

Another good feature. Integrated calendar and task management. You can quickly add tasks and events. And you need not check your calendar for upcoming events, add upcoming event applet on home tab and you will have them all the time in front of your eyes :)

Spicebird Calendar and Task Manager

Conclusion

Whether you are a startup which is looking for tools to collaborate or a user who is excited about using open source tools, just go and download Spicebird from here and explore a new way of managing things at a single place :)

You can look at Spicebird Roadmap here and checkout the video demo of Spicebird here.

 

How To: Write Custom Redirector or Rewritor Plugin For Squid in Python

Mission

To write a custom Python program which can act as a plugin for Squid to redirect a given URL to another URL. This is useful when already existing redirector plugins for Squid doesn’t suit your needs or you want everything of your own.

Use Cases

  1. When you want to redirect URLs using a database like mysql or postgresql.
  2. When you want to redirect based on mappings stored in simple text files.
  3. When you want to build a redirector which can learn by itself using AI techniques 😛

How to proceed

From Squid FAQ,

The redirector program must read URLs (one per line) on standard input, and write rewritten URLs or blank lines on standard output. Note that the redirector program can not use buffered I/O. Squid writes additional information after the URL which a redirector can use to make a decision.

The format of the line read from the standard input by the program is as follows.

1
2
3
URL ip-address/fqdn ident method
# for example
http://saini.co.in 172.17.8.175/saini.co.in - GET -

The implementation sounds very simple and it is indeed very simple to implement. The only thing that should be taken care of is the unbuffered I/O. You should immediately flush the output to standard output once decision is taken.

For this howto, we assume we have a method called ‘modify_url()‘ which returns either a blank line or a modified URL to which the client should be redirected.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
#!/usr/bin/env python
 
import sys
def modify_url(line):
    list = line.split(' ')
    # first element of the list is the URL
    old_url = list[0]
    new_url = '\n'
    # take the decision and modify the url if needed
    # do remember that the new_url should contain a '\n' at the end.
    if old_url.endswith('.avi'):
        new_url = 'http://fedora.co.in/errors/accessDenied.html' + new_url
    return new_url
 
while True:
    # the format of the line read from stdin is
    # URL ip-address/fqdn ident method
    # for example
    # http://saini.co.in 172.17.8.175/saini.co.in - GET -
    line = sys.stdin.readline().strip()
    # new_url is a simple URL only
    # for example
    # http://fedora.co.in
    new_url = modify_url(line)
    sys.stdout.write(new_url)
    sys.stdout.flush()

Save the above file somewhere. We save this example file in /etc/squid/custom_redirect.py. Now, we have the function for redirecting clients. We need to configure squid to use custom_redirect.py . Below is the squid configuration for telling squid to use the above program as redirector.

1
2
3
4
5
6
# Add these lines to /etc/squid/squid.conf file.
# /usr/bin/python should be replaced by the path to python executable if you installed it somewhere else.
redirect_program /usr/bin/python /etc/squid/custom_redirect.py
# Number of instances of the above program that should run concurrently.
# 5 is good enough but you should go for 10 at least. Anything below 5 would not work properly.
redirect_children 5

Now, start/reload/restart squid. That’s all we need to write and use a custom redirector plugin for squid.

 

How To: Write Custom Basic Authentication Plugin for Squid in Python

Mission

To write a Python program which can be used to authenticate for Squid proxy server. This is useful when you don’t want to configure complex systems like LDAP, ntlm etc.

Use Cases

  1. When you want to authenticate clients using mysql database.
  2. When you want to authenticate clients using flat files or /etc/passwd file or some custom service on your network.

How to proceed

From auth_param section in squid.conf file:

Specify the command for the external authenticator. Such a program reads a line containing "username password" and replies "OK" or "ERR" in an endless loop. "ERR" responses may optionally be followed by a error description available as %m in the returned error page.

By default, the basic authentication scheme is not used unless a program is specified.

That clearly states that our python program should read a line from standard input (stdin) and write the appropriate response to the standard output (stdout). But there are some issues with I/O. The output should be unbuffered and should be flushed to standard output immediately after the response is known.

So, lets see a small program where we authenticate using a function ‘matchpassword()‘. This function returns True when username, password pair matches and returns False when they mismatch.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
#!/usr/bin/python
 
import sys
import socket
"""USAGE:The function returns True if the user and passwd match False otherwise"""
def matchpasswd(login,passwd):
    # Write your own function definition. 
    # Use mysql, files, /etc/passwd or some service or whatever you want
    pass
 
while True:
    # read a line from stdin
    line = sys.stdin.readline()
    # remove '\n' from line
    line = line.strip()
    # extract username and password from line
    username = line[:line.find(' ')]
    password = line[line.find(' ')+1:]
 
    if matchpasswd(username, password):
        sys.stdout.write('OK\n')
    else:
        sys.stdout.write('ERR\n')
    # Flush the output to stdout.
    sys.stdout.flush()

Save the above file somewhere. We save this example file in /etc/squid/custom_auth.py .Now, we have the function for authenticating clients. We need to configure squid to use custom_auth.py . Below is the squid configuration for telling squid to use the above program as basic authenticator.

1
2
3
4
5
6
7
8
9
10
11
# you need to specify /usr/bin/python if your file is not executable and needs an interpreter to be invoked.
# Replace /usr/bin/python with /usr/bin/php , if you write auth program in php.
auth_param basic program /usr/bin/python /etc/squid/custom_auth.py
# how many instances of the above program should run concurrently
auth_param basic children 5
# display some message to clients when they are asked for username, password
auth_param basic realm Please enter your proxy server username and password
# for how much time the authentication should be valid
auth_param basic credentialsttl 2 hours
# whether username, password should be case sensitive or not
auth_param basic casesensitive on

Now, to force clients to authenticate, configure the acls as follow. Below we assume, you want to force all clients on your lan to authenticate for using proxy server.

1
2
3
4
5
6
# acl to force proxy authentication
acl authenticated proxy_auth REQUIRED
# acl to define IPs from your lan
acl lan src 192.168.0.0/16
# acl to force clients on your lan to authenticate
http_access allow lan authenticated

Now, reload/restart squid. That’s all we need to write and use a custom authentication plugin for squid.

Limitation

Username can’t contain spaces. Otherwise program will not be able to parse/extract username, password from standard input.

 

How To: Install FFMPEG and FFMPEG-PHP

I was randomly browsing the internet and reading about making a website look better and I encountered ffmpeg-php. ffmpeg is a very powerful tool to record, convert and stream audio and video. Its a very rich tool almost supporting every format out there in the world. It can convert any format to any other format provided the codec. ffmpeg-php is an extension for PHP that provides a rich library to access info about audio and video files. The good thing about ffmpeg-php is that it can retrieve all info about any audio/video file subjected to the condition that the particular audio/video format is supported by your ffmpeg installation. So, now you have a clear idea that you can do wonders with audio/videos while showing them on your site :)

I tried some of the functionalities and they worked out of the box. Here’s is complete how to on installing ffmpeg and ffmpeg-php.

FFMPEG:

I tried installing ffmpeg from rpms provided by several Fedora repositories but after installation ffmpeg doesn’t seem to work. After several tries, I installed ffmpeg from source rpms and it worked. Below, I will describe how to install ffmpeg from source rpm.

Step 1:

Make sure that you have ‘rpmbuild’ installed by issuing

[root@bordeaux saini]# rpm -q rpmbuild [Enter]

command. If the above says that rpmbuild is not installed, then install it using yum as given below

[root@bordeaux saini]# yum install rpmbuild [Enter] (do as root)

Step 2:

Download the latest src rpm of ffmpeg from rpmfind.net. Issue the command given below

[root@bordeaux saini]# rpm -hiv ffmpeg-x.x.x.xx-xxx.src.rpm [Enter] (do as root)

Step 3:

Go to ‘/usr/src/redhat/SPECS/’ directory and issue the command given below

1
2
[root@bordeaux saini]# cd /usr/src/redhat/SPECS/ [Enter]
[root@bordeaux SPECS]# rpmbuild -ba ffmpeg.spec [Enter] (do as root)

If it gives an error like package ‘xyz’ is need by ffmpeg. Then install the package ‘xyz’ using yum as

[root@bordeaux SPECS]# yum install xyz [Enter] (do as root)

After installing the dependencies, issue the rpmbuild command ‘rpmbuild -ba ffmpeg.spec’. Now ffmpeg rpms will be build and they will be stored in ‘/usr/src/redhat/RPMS/i386/’.

Step 4:

Go the ‘/usr/src/redhat/RPMS/i386/’ (x86_64 instead of i386 if your OS is 64 bit). Install all the rpms that were built by rpmbuild.

[root@bordeaux saini]# rpm -hiv *.rpm [Enter] (do as root)

Thats it. ffmpeg is now successfully installed on your computer. Half the job is done. Now lets proceed with ffmpeg-php installation.

FFMPEG-PHP:

We will install ffmpeg-php from source bundle.

Step 1:

Make sure that ‘php-devel’ installed on your machine by issuing

[root@bordeaux saini]# rpm -q php-devel [Enter]

command. If the above command says the ‘php-devel’ is not installed, then install it using the following command.

[root@bordeaux saini]# yum install php-devel [Enter] (do as root)

Step 2:

Download the latest version of ffmpeg-php from here. Unpack the file you have downloaded.

1
2
[root@bordeaux saini]# bunzip2 -d ffmpeg-php-0.5.1.tbz2 [Enter]
[root@bordeaux saini]# tar -xvf ffmpeg-php-0.5.1.tar [Enter]

Step 3:

Issue the following command in sequence if everything goes fine.

1
2
3
4
5
[root@bordeaux saini]# cd ffmpeg-php-0.5.1 [Enter]
[root@bordeaux ffmpeg-php-0.5.1]# phpize [Enter]
[root@bordeaux ffmpeg-php-0.5.1]# ./configure [Enter]
[root@bordeaux ffmpeg-php-0.5.1]# make [Enter]
[root@bordeaux ffmpeg-php-0.5.1]# make install [Enter] (do as root)

Step 4:

Open ‘/etc/php.ini’ and add a line ‘extension=ffmpeg.so’ in the category ‘Dynamic Extensions’. For help see the image below.
FFMPEG PHP PHPini Module

Step 5:

Restart apache web server aka ‘httpd’ service by issuing the command.

[root@bordeaux saini]# service httpd restart [Enter] (do as root)

Step 6:

Write a test php file and test your ffmpeg-php installation.

phpinfo();

Save the above code in ‘info.php’ and save the file in ‘/var/www/html/’ and browse http://localhost/info.php . If you see something like this.
FFMPEG PHP Linux
Then the ffmpeg-php is successfully installed on your machine. Now you can jump into the world of video manipulation via your website.

 

How To: Configure VNC Server

Vncserver is just another application available in almost all the available Linux based distros. Configuring vncserver is very easy. But the default desktop view in vncviewer is gray scale desktop with very pathetic GUI. To view normal Gnome or KDE desktop in vncviewer, assigning a custom port for usage, user configuration and to adjust the resolution of the vncviewer window, some files need to be configured properly. Here are the required configuration in any version of Fedora/Fedora Core. But with minor modifications these can be applied to other distros like Ubuntu, SuSE, Gentoo etc.

Step 1: Installing Vncviewer, Vncserver

As root do this

[root@bordeaux saini]# yum install vnc [Enter]

Step 2: Configuring resolution, port & user

The default location of server configuration file for vncserver is ‘/etc/sysconfig/’. To configure the resolution, user and port open ‘/etc/sysconfig/vncservers’ in you favorite editor and add two lines per user configuration shown ..

VNCSERVERS=":"
VNCSERVERARGS[]="-geometry x x"

Example :

VNCSERVERS="3:saini"
VNCSERVERARGS[3]="-geometry 1000x700"

You can choose any display port, but it should not be in use by another X server. Window height and width can be anything (not in fraction of course). But keep in mind that the system on which you are going to view the desktop using vncviewer should have greater resolution than what you specify here, otherwise scrollbars will appear.

Step 3: Configuring Desktop Environment

The user specific configuration files of vncviewer resides in ‘.vnc’ directory in user’s home directory. (e.g. ‘/home/saini/.vnc/’). Open ‘.vnc/xstartup’ in your favorite editor and edit as below

  • For Gnome

The ‘xstartup’ file shout look like this

#!/bin/sh
 
# Uncomment the following two lines for normal desktop:
unset SESSION_MANAGER
exec /etc/X11/xinit/xinitrc
 
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
#xsetroot -solid grey
#vncconfig -iconic &
#xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
#twm &
startx &
  • For KDE

The ‘xstartup’ file should look like this

#!/bin/sh
 
# Uncomment the following two lines for normal desktop:
#unset SESSION_MANAGER
#exec /etc/X11/xinit/xinitrc
 
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
#xsetroot -solid grey
#vncconfig -iconic &
#xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
#twm &
startkde &

Step 4: Configuring password

For setting up vncviewer password for user ‘xyz’, login as user ‘xyz’ and issue ‘vncpasswd’ command on a terminal/konsole (or whatever). Enter password twice and you are done with password setting.

Step 5: Starting Vncserver

To start vncserver, login as root and issue ‘service vncserver start’ command. If service started successfully, you are ready to use vncviewer on a remote/local machine.

Step 6: Accessing through Vncviewer

  • From Linux based machines
[saini@bordeaux saini]# vncviewer IP_Address:displayPort [Enter] #(IP Address is for the machine where you set up vncserver)
  • From Windows

On windows there is a software called RealVnc. Install it and enter <IPAddress>:<displayPort> in the dialog box.
[I explained how to connect via windows because it may help someone get a bit of relief.]

Screenshots:

  • Vncviewer with Gnome as Desktop environment

VNC Server VNC Viewer Screenshot GNOME

  • Vncviewer with KDE as Desktop environment

VNC Server VNC Viewer Screenshot KDE

Vnc is nice tool if you want to avoid using windows. I use it all the time. While I am forced to work on windows system, I install vncviewer and use it in full screen mode 😛 It also helps when you want to run some gui based application and monitor is remotely. Because if you close vncviewer window and use vncviewer again, you will be given the desktop session where you left it (all windows open and applications running).