Stivlo'st in Asia

Programming and Travel

Browsing Posts published in November, 2006

Apache 1.3.37 – PHP 5.2.0 – ModSSL 2.8.25

Tuesday, November 28, 2006 stefano No comments

Here is how I configured Apache with PHP and mod SSL. The new PHP 5.2 is just out and I need CURL that wasn’t previously included in my last build.

# cd mod_ssl-2.8.28-1.3.37
# ./configure --with-apache=../apache_1.3.37
# cd ../apache_1.3.37
# SSL_BASE=/usr ./configure --prefix=/usr/local --enable-module=so \
--enable-module=speling --enable-module=rewrite --enable-module=ssl
# make
# make install
# cd ../php-5.2.0

At this point I tried to apply a security patch that I wrote myself, but one hunk failed, so I changed the file manually and built an updated patchfile.

# diff -urNp php-5.2.0_orig php-5.2.0_obliquid > ob_patch.txt

And I try it on the original sources:

# patch -p1 > ../ob_patch.txt

This time it worked, of course. Time to call a pretty long configure line.

# ./configure --enable-memory-limit \
--disable-url-fopen-wrapper --with-gd --enable-dbase --enable-exif \
--enable-ftp --with-gettext --with-iconv --enable-mbstring \
--with-jpeg-dir=/usr/lib --with-zlib-dir=/usr/lib --with-kerberos \
--with-png-dir=/usr/lib --enable-gd-native-ttf --with-freetype-dir=/usr/lib \
--with-openssl --with-xml --with-dom --disable-cgi --with-mcrypt \
--with-xsl --enable-javascript --with-mcal --with-sablot-js --with-readline \
--with-imap --with-imap-ssl --with-mysql=/var/j_mysql/var/mysql \
--with-mysqli=/var/j_mysql/bin/mysql_config \
--with-config-file-path=/usr/local/conf/php-module \
--disable-cli --with-apxs=/usr/local/bin/apxs --with-sqllite \
--with-curl
# make
# make install

And also I compile separately the CLI version so I can have two different php.ini

# ./configure --enable-memory-limit \
--disable-url-fopen-wrapper --with-gd --enable-dbase --enable-exif \
--enable-ftp --with-gettext --with-iconv --enable-mbstring \
--with-jpeg-dir=/usr/lib --with-zlib-dir=/usr/lib --with-kerberos \
--with-png-dir=/usr/lib --enable-gd-native-ttf --with-freetype-dir=/usr/lib \
--with-openssl --with-xml --with-dom --disable-cgi --with-mcrypt \
--with-xsl --enable-javascript --with-mcal --with-sablot-js --with-readline \
--with-imap --with-imap-ssl --with-mysql=/var/j_mysql/var/mysql \
--with-mysqli=/var/j_mysql/bin/mysql_config \
--with-config-file-path=/usr/local/conf/php-cli \
--disable-cgi --with-sqllite --with-curl \
--enable-xslt --with-xslt-sablot
# make
# make install
Sysadm , ,
Read more

Learning basic Mandarin Chinese

Saturday, November 18, 2006 stefano No comments

I was thinking about learning some survival Mandarin before moving to China, so I looked for some online resources.

The first thing to get right are the tones, which I’m quite used to, since I am in Thailand since long time, even if the 4 Mandarin tones are different from the 5 tones of the Thai language.

It is useful to see the picture and the explanation of the tones, but to truly learn to recognize them it’s best to go through listening exercises.

And zapchinese offers free lessons to learn Chinese through phrases with audio.

Travel
Read more

Loi Krathong flying lanterns

Thursday, November 16, 2006 stefano 2 comments

Thai people like to send hundreds and hundreds of these flying lanterns to the sky for good luck.

DSCN3402

In the foreground there is a lantern just leaving and many far away in the background… In the picture is not the same.. you can see the far away flying lanterns much more and they seems like many stars in the sky.

DSCN3410

After watching others sending lanterns and traditional thai dance…

DSCN3419

… I decided to send my own.. and I bought 3 of them! This is the fuel… made with toilet paper, wax and some petrol smelling thing.

DSCN3442

Flame burning and inflating the lantern.

DSCN3446

Our lantern ready to go! Good Luck for all of us!

DSCN3450

Travel ,
Read more

Cheap accomodation in Hong Kong

Sunday, November 12, 2006 stefano 1 comment

I am looking for cheap accomodation in Hong Kong and i found these places:

http://www.joyguesthouse.hk/
165 hk$ for a single room (5 minutes walk from Sham Shui Po Station)
hostelsclub

http://www.twh.com2.hk
TWH – Tai Wan Hotel – ChungKing Mansion

So I looked what is ChungKing Mansion and I see it’s a huge condo that doesn’t look so nice, but it’s mythical. From Wikipedia “Now, after more than four decades of use, there are nearly 4,000 people living in the Mansions.” “Many filmmakers have focused on the unique identity of Chungking Mansions. Wong Kar-wai, a famous Hong Kong director, chose Chungking Mansions as the setting for two of his films, Chungking Express and Fallen Angels.

And from there I learnt about the now demolished Kowloon Walled city. “Square buildings folded up into one another as thousands of modifications were made, virtually none by architects or engineers, until hundreds of square metres were simply a kind of patchwork monolith. Labyrinthine corridors ran through the monolith, some of those being former streets (at the ground level, and often clogged up with trash), and some of those running through upper floors, practically between buildings.
More pictures about Walled City.

http://www.budgethostel.4t.com/
Hong Kong Budget Hostel

http://www.cosmicguesthouse.com
Cosmic guesthouse

http://www.sunkong.com.hk
Sunkong hostel

Vincent guesthouse

http://www.wangfathostel.com.hk/

http://www.dragoninnhk.com/

http://www.twizi.com/hongkonghostels.htm

http://www.hadla.gov.hk/index_en.htm

Travel
Read more

Open https port on RedHat Enterprise

Thursday, November 9, 2006 stefano No comments

iptables flags are something I always fail to memorize. Today I had to open https port on a RedHat Enterprise Linux server, here is how I did it:

# iptables -A RH-Firewall-1-INPUT -p tcp -m state –state NEW –dport https -j ACCEPT

# iptables –list –line-numbers


11 ACCEPT tcp — anywhere anywhere state NEW tcp dpt:ssh
12 REJECT all — anywhere anywhere reject-with icmp-host-prohibited
13 ACCEPT tcp — anywhere anywhere state NEW tcp dpt:https
oh well… there is the REJECT rule coming into play too early..

# iptables -D RH-Firewall-1-INPUT 13

removes our newly added rule from the input list (counting from 1). And now instead of -A (append) we insert the rule with -I (insert) specifying its position.

# iptables -I RH-Firewall-1-INPUT 12 -p tcp -m state –state NEW –dport https -j ACCEPT

# iptables –list –line-numbers


11 ACCEPT tcp — anywhere anywhere state NEW tcp dpt:ssh
12 ACCEPT tcp — anywhere anywhere state NEW tcp dpt:https
13 REJECT all — anywhere anywhere reject-with icmp-host-prohibited

This time looks good.. and in fact the connection to https from outside works..

Now I only need to save it.

# /etc/init.d/iptables save
Saving firewall rules to /etc/sysconfig/iptables: [ OK ]

Sysadm
Read more

Recent Posts

Tag Cloud

 

November 2006
M T W T F S S
« Oct   Dec »
 12345
6789101112
13141516171819
20212223242526
27282930  

Categories

Meta

Powered by WordPress Web Design by SRS Solutions © 2010 Stivlo'st in Asia Design by SRS Solutions