Friday, 31 July 2009

Understand DHCP superscope

What is Superscope?

A superscope is a collection of individual scopes that can be
managed as a single administrative unit. That's what the book
says, so it must make sense, right? Well if that doesn't make
much sense to you, join the club. Let's see if we can shed some
light on what superscopes are and what they can be used for.

A superscope is actually a collection of individual scopes. When
you group different scopes together into a single superscope, you
can do the following:

Place DHCP clients from multiple network IDs on the same
physical segment
Allow remote DCHP clients from multiple network IDs to
obtain an address from a DHCP Server
Place multiple DHCP Servers on the same physical segment,
with each DCHP Server being responsible for a different
scope.


The superscope will allow the DHCP Server to answer requests from
DHCP clients from different network IDs. Now, you might ask,
can't you just create multiple scopes on a DHCP Server and then
everything will be cool? Let's see what happens.


Multiple Scopes on a Single DHCP Server

Imagine that you have configured a DHCP Server with two scopes
serving the entire address range for the following network IDs:

192.168.1.0/24
192.168.2.0/24

The DHCP Server has a single network interface, and its IP
address is 192.168.1.5. You want the DHCP Server to answer
requests from clients on its locally attached network
192.168.1.0/24, and from the remote network, 192.168.2.0/24. The
remote DHCPRequest messages are forwarded through BOOTP Relay.
What will happen when a request from a client on the
192.168.2.0/24 makes a request to this DHCP Server?

The request is forwarded through the BOOTP Relay to the DHCP
Server. The DHCP Server checks the giaddr field in the
DHCPRequest or Discover message to see what network ID the
request is coming from. The DHCP Server compares this information
with the network ID assigned to its local interface. If the
network ID in the request and the network ID of the DHCP Server's
interface is the same, the DHCP Server will check to see if it
has a scope that can service the request. If it does have a
scope, it continues the DHCP negotiation.

However, if the request from a network ID that is different from
that of the DHCP Server, the DHCP Server will see if it has a
superscope that includes an address pool that can service that
network ID. If it does not have such a superscope, then it will
send a NACK packet, and the DHCP client must start all over
again.

How about adding multiple IP addresses to the DHCP Server's
Interface? In this way, the DHCP Server would be able to compare
the source network ID with the addresses on its interface, and
see that the source was on the name network ID as the DHCP
Server. Now it wouldn't need to look for a superscope.

This will not work! It will not work because when you bind
multiple IP address to a single adapter on the DHCP Server, the
DHCP Server service will only use the primary IP address to make
its assessments. It will not use any of the secondary IP
addresses bound to the adapter.

A solution to this problem could be to include a second NIC on
the DHCP Server and assign it a primary address on the
192.168.2.0/24 network ID. However, using a superscope is a lot
easier and a lot cheaper than adding new hardware.


What About Multinets?

A multinet is a single physical network segment that supports
multiple network IDs. A Windows 2000 DHCP Server can be used to
support multinet configurations. When would you want to configure
a multinet? Perhaps when you've used up all the IP addresses in
the scope that you've already configured on the physical segment,
and you want to add more hosts to that segment. In this case, a
multinet is your solution.

A multinet presents the same problems, and the same solutions as
our example above. You can either add multiple network interface
cards to the DHCP Server or assign an IP address on each card
dedicated to the required network IDs, or you can create a
superscope.


Multiple DHCP Servers on a Single Physical Segment

Perhaps you considered the possibility of placing multiple DHCP
Servers on the same physical segment to solve the problem of
issuing IP address for multiple network IDs. Let's take a look at
what might happen here.

We have two DHCP Servers, DHCP-1 and DHCP-2. The DHCP Servers
contain scopes that include all addresses for the following
network IDs:

DHCP-1 192.168.1.0/24
DCHP-2
192.168.2.0/24

Now imagine that a DHCP client with IP address 192.168.1.10 needs
to renew its IP address. When the client sends out its
DHCPRequest message to renew its address, that request is
broadcast to the entire segment. Therefore, either DHCP Server
can receive the message. If DHCP-2 receives the message, it will
check the network ID on the request and compare that with the
network ID on its local interface and find that the source
network ID is different from its own network ID. Since these are
different, DHCP-2 will look for a member scope in a superscope
that can service this request. Since there is no superscope to
service the request, DCHP-2 will send a NACK to the client.

After receiving the NACK, the DHCP client then has to begin the
discovery process from the beginning and send out a DHCPDiscovery
packet. Let's say that DHCP-2 is the first to respond to the
DHCPDiscover packet, and assigns the clients the IP address of
192.168.2.15. Hey look at that! The client is now a located on a
different network ID. And what's really rich is that the whole
thing could start all over again, and the DHCP client could end
up on network ID 192.168.1.0/24 again.


The Solution

The solution is to configure superscopes on both DHCP Servers,
and then exclude all the addresses on one of the scopes. For
example:

DHCP-1
Superscope
192.168.1.1-192.168.1.254
192.168.2.1-192.168.2.254
Exclude:
192.168.2.1-192.168.2.254

DHCP-2
Superscope
192.168.1.1-192.168.1.254
192.168.2.1-192.168.2.254
Exclude:
192.168.1.1-192.168.1.254

With this configuration, what happens to the DHCP client that
tries to renew its IP address, 192.168.1.10?

If DHCP-2 receives the DHCPRequest message, rather than sending a
NACK, it will just ignore the message, because it does have a
scope for the client's network ID, but just doesn't have any
addresses available because they've all been excluded. The client
will try again, and perhaps again, and sooner or later will
contact DHCP-1 and renew its IP address. The key here is that
when you configure the scope for network ID 192.168.1.0/24 and
then exclude all the addresses in the scope and make it part of
the superscope, DHCP-2 will ignore requests from clients from
that network ID.


Conclusion

If you didn't know about the utility of superscopes, you do now.
You now know that putting multiple scopes on a single DHCP Server
and letting 'er rip won't do the job, and so you have to consider
the network IDs of the clients that need to access the DHCP
Server, and the IP addresses and network interfaces on the DHCP
Server.

Superscopes allow you to not add extra network interfaces to your
DHCP and still be able to service DHCP clients from multiple
network IDs. They also allow you to place multiple DHCP Servers
on a single physical segment and prevent clients from obtaining
IP addresses on a different network ID as well as reducing the
number of NACKS send by the DHCP Server. This will help reduce
the number of NACK entries in your Event Log as well.

Wednesday, 29 July 2009

english links

Describe graphs
http://adw.hct.ac.ae/site_ilc/sites_ielts/graphsite/index.htm

Friday, 24 July 2009

howto-remotely-disconnect-a-terminal-services-session

Authenticate to the server you wish to manage. You can
easily accomplish this by mapping a network drive to a share on the
target server. Start a command prompt and type

/qwinsta /server:yourservername/

where /yourservername/ is the name or IP address of the server you wish
to manage.

In my case I ran /qwinsta /server:10.0.0.2/

<http://thebackroomtech.files.wordpress.com/2008/04/qwinsta1.jpg>

You can see the Administrator account is logged into session 0 and the
admin account is logged into session 1. To disconnect the admin session
with ID=1 I'll run the following from a command prompt:

/rwinsta ID /server:yourservername/

where /ID/ is the process ID of the sesstion you wish to terminate, and
/yourservername/ is the name or IP address of the server you wish to manage.

In my case I ran /rwinsta 1 /server:10.0.0.2/

<http://thebackroomtech.files.wordpress.com/2008/04/rwinsta.jpg>

I again ran /qwinsta /server:10.0.0.2 /which verified session 1 had been
disconnected. I confirmed that I was once again able to login to
Terminal Services.

Howto: enable remote desktop on a windows xp machine – remotely

Howto: enable remote desktop on a windows xp machine – remotely

May 18, 2007 — Julie

I've been configuring my LAN for spiceworks
<http://thebackroomtech.wordpress.com/2007/05/18/spiceworks-a-free-it-management-system/>
this afternoon. The Windows XP firewall is enabled on most of our PCs,
and I didn't want to visit each station to configure it to allow
spiceworks to inventory the machine. I'm also not big into group policy
here at the office (what the saying about the cobbler's son's shoes?) so
I didn't want to make the setting change that way.

My first idea was to use remote desktop to access the computers from my
machine. That worked fine, since I have local administrator access on
each machine… but I'd have to interrupt each user's work, log them off,
make my firewall adjustments, then tell them it's okay to log on now…
assuming that I could even get into their machines remotely.

I needed a solution for users with remote desktop disabled. If your
remote user has administrator access to their machine, have them click
on Start – Run and type:

netsh firewall set service remoteadmin enable

netsh firewall set service remotedesktop enable

[note: remoteadmin = remote administration, while remotedesktop = remote
assistance /and/ remote desktop]

You can also enable remote desktop over the network via regedit if you
have administrator rights to the remote machine:

1. Run *Regedit*
2. Select *File* –> *Connect Network registry*
3. Enter the *name* of the remote computer and select *Check Name*
4. At the bottom of the registry tree you will see *2 Hives* appear
*Hkey_Local_Machine* and
*Hkey_Users* (under the remote computer's name)
5. Goto *hklm\system\currentcontrolset\control\terminal
server\FdenyTSConnections=1*
6. Change the *FdenyTSConnections* to *0*
7. Attempt to *Re-Login*

This worked okay, but I like to implement the most elegant solution
possible.

So I fired up the command line on my local machine, and used psexec
<http://www.microsoft.com/technet/sysinternals/utilities/psexec.mspx> to
configure the firewall service on the remote machine via netsh. The
users never even knew I was working on their computer, which is fine by me.

To enable remote access to a machine via the command line, type:

psexec \\remotecomputername netsh firewall set service remoteadmin enable

psexec \\remotecomputername netsh firewall set service remotedesktop enable

If you aren't familiar with the PStools
<http://www.microsoft.com/technet/sysinternals/FileAndDisk/PsTools.mspx>
suite of utilities, and you like administration from the command line,
you need to check out the Sysinternals web site
<http://www.microsoft.com/technet/sysinternals/default.mspx>. Too bad
they were acquired by Microsoft in 2006.

Tuesday, 14 July 2009

Unix-Koans

very interesting!!

http://www.catb.org/~esr/writings/unix-koans/

Compiling the Linux Kernel

SOURCE: http://www.techenclave.com/printthread.php?t=5099
---------------
Compiling the Linux Kernel [Version 2]

Reasons to recompile your Linux kernel
1.You’ve bought some new hardware and want support for it in Linux.
2.You want to access features of Linux that have been turned off.
3.Something is fishy in your operating system.
4.You want to show off to all your friends and brag about how you are a (false) Linux guru.
5.You have nothing better to do.
6.You really want to.

Compiling the Linux kernel isn’t all that difficult really, but it is admittedly time consuming.
I will divide this tutorial into three parts:
1. Pre-configuration
2. Configuration
3. Post-Configuration

I have used kernel version 2.6.12. This tutorial is specific to 2.6.12 though other kernels in 2.6.x are probably similar. Download the latest version of the Linux kernel from www.kernel.org

I have tried this on two Linux distros :
1. A 32 bit PCQ Linux 2004 (Fedora core based)
2. FC3 – 64 bit. Sadly I was unsuccessful here as I will later explain.

Target Audience:
I have also assumed that the computer in question is a (possibly) dual boot home PC. This document is not really suitable for advanced users. Laptop users should also avoid messing around with their kernel too much – previous versions (2.4.x) have been known to irreparably damage laptops when not configured properly.

The configuration process depends a lot on the hardware you are using.
My setup is:
AMD 64 3200+
512 MB DDR 400 RAM
Nvidia nforce3 150 based motherboard.
Onboard sound Realtek ALC 658 (which, unfortunately is not easily configured in Linux)
ATI Radeon 9600 pro.
Silicon Image 3512A (SATALink)


(Some of you may have seen my previous guide over here. This one, I hope, is more accurate and comprehensive.)

Pre-Configuration

1. Visit www.kernel.org and download the latest stable kernel (at the time of writing it was 2.6.12).
2. Copy the downloaded kernel to /home/USERNAME
3. Uncompress the kernel
4. bunzip2 linux-2.6.12.tar.bz2 if you have the bzipped format
5. gunzip linux-2.6.12.tar.gz if you have downloaded the gzipped format
6. tar –xvf linux-2.6.12.tar
7. Change to the linux directory: cd linux-2.6.12
8. Make mrproper to remove any old configuration files or object files.
i. make mrproper
9. If you want to use an older configuration file then copy it over to .config. If you want a reference configuration file then you can use the config file in the appropriate subdirectory of ~/linux-2.6.12/arch. Actually, if you do nothing, the reference config file is read from the appropriate arch directory.
10. Issue one of four commands
make oldconfig (asks you to add new options as yes/no/module –not recommended)
make menuconfig (uses a terminal not unlike your bios screen)
make xconfig (uses GUI)
make config (first edit .config then run this command – very advanced users only)
Personally I go with make menuconfig. It simple in its design and easy to understand considering that there are well over a thousand options distributed under various subheadings.
If you run a system with KDE running, use make xconfig (issue it from xterm or any other terminal emulator, not the console). It looks quite attractive.
You may run in to problems with this in some cases, try make gconfig for GNOME based GUIs.

Post Configuration
In interests of not scaring the hell out of you, I will tell you the post-configuration section first. Firstly, check the dependencies (whether you have all the tools you need). Information on that can be found in ./Documents/changes.txt file. If you have a distro running any 2.6.x kernel it should be fine.

1. After running one of the make *config methods and saving the .config file you have to make the kernel (actual compilation process).
2. The command is: make.
3. Beware - the above command can take a little while. On my computer it took 6 or 7 minutes (on the 64 bit distro) and 18 minutes on the 32 bit PCQ Linux (there is some sort of bug in that, INIT keeps on restarting itself). It may take longer on slower computers. Don’t worry if it throws up warning messages. These are to do with the Linux source code and there is nothing you can do about them (unless, say, you are a Linux kernel developer).
4. change to root: su
5. Copy the image to /boot directory: cp /home/USERNAME/linux-2.6.12/arch/i386/boot/bzImage /boot/vmlinuz-2.6.12
6. If you are compiling on some architecture other than i386 (e.g. x86_64), replace the i386 above with the appropriate architecture.
7. Install the modules by issuing the command: make modules_install .
8. Copy the system map to /boot directory by issuing the command: cp /home/USERNAME/linux-2.6.12/System.map /boot/System.map-2.6.12
(NOTE: needed only for 3rd party boot managers)
9. Change to the /boot/grub directory : cd /boot/grub
10. Edit grub.conf and include the following lines:
title KingKrool’s Linux kernel 2.6.12
root (hdx, y)
kernel /boot/vmlinuz-2.6.12 ro root=/dev/hdpn
The first line is the title to appear in the Grub screen.

The second line gives the drive on which grub is installed. x and y must be replaced with the appropriate values. Eg. For the second logical drive on the first physical drive x = 0, y = 1. This is not fixed though. The best way would be to boot into Linux (using the old kernel) and use the hardware browser (in System tools of RH /FC distros). Depending on your installation there will be two or three linux partitions. If there are three the smallest will be the boot partition, the largest partition is root and third is swap. If there are two then the larger one is boot+root and second is swap.
If the label given is /dev/hdb3 then x = 1, y = 2.

The third line gives the kernel location. If you have a dedicated boot partition then /boot is not necessary in the path, otherwise the full path is required (i.e. all paths are relative to /boot). In root=dev/hdpn p and n are from above.
If the drive was listed as /dev/hda8 then p = a n = 8 (copy as is).

The simplest way to configure the kernel is to copy the existing code for any Linux kernel and just make a few modifications to the kernel image path.

If you have compiled support for the filesystem of the root partition as a module then you will have to add the following line at the end (4th line)
initrd (/boot)/initrd-2.6.12.img
(/boot) is used only if boot and root partitions are the same.
The file intrd-2.6.12.img has to be made by issuing the command
/sbin/mkinitrd /boot/intird-2.6.12.img `kernel version` where `kernel version` is 2.6.12 to which you append the string (if any) entered in local version.
Even if you have not compiled the FS as a module, it is still recommended to create an initrd – it is needed on several distributions, and will be necessary in the future due to the deprecation of devfs in the kernel (just take my word for it).
Save the file and exit. Reboot your computer and you are ready to use the new kernel!

Remember to leave the old kernel entries intact, that way if you have problems, you can always go back to the old kernel.



CONFIGURATION
NOTES:
Kernel modules are small pieces of compiled code which can be inserted in the running kernel, rather than being permanently built into the kernel. You use the "modprobe" tool to add (and sometimes remove) them.

Only some options can be compiled as modules. In menuconfig, they are marked < >. Press M to compile as a module. In xconfig, click multiple times. A tick means compiled in, a dot means module.

The [….] (eg. [EXPERIMENTAL]) refers to the option name as seen in the .config file. It will be prefaced by CONFIG_ (eg. CONFIG_EXPERIMENTAL=y). Just a little bit of trivia.


Code Maturity Level Options
Prompt for development and/or incomplete code/drivers
[EXPERIMENTAL]
Purpose: You have the option of using experimental (alpha-test) drivers and obsolete drivers.
Suggestion – exclude. However, if you are sure of what you are doing you can include it. This is only for developers or people who have an excellent idea of their hardware configuration. NOTE: you might need to enable this for SATA as explained at the end of the configuration section.

Select only drivers expected to compile cleanly
[CLEAN_COMPILE]
Purpose: If the previous option was selected, then this one appears. Select this
option when you do not even want to see the option to configure known broken drivers.
Suggestion – this option should not even show up, as, in general, the previous option should not have been included.

General setup
Local version - append to kernel release
Purpose: Append an extra string to the end of your kernel version.
This will show up when you type uname.
Select this and type in a string (up to 64 characters)
Suggestion – If you want to customize your OS, including this will really earn you geek points with your techie friends.

Support for paging of anonymous memory
[SWAP]
Purpose: Allows the kernel to have more virtual memory than RAM using swap files or swap devices.
Suggestion – Definitely build this in. If you have loads of RAM you might avoid this, but it is in general a bad idea to try to exist without a swap file. Exclude it on embedded systems, or real time systems only.

System V IPC
[SYSVIPC]
Purpose: This is a feature from the Unix background that Linux has come from. Required for many programs.
Suggestion – build in. There are many common programs that require IPC (inter process communication) provided by this feature.

BSD Process Accounting
[BSD_PROCESS_ACCT]
Purpose: Allows user level programs to specify that process accounting information be stored.
Suggestion – build in.

BSD Process Accounting version 3 file format
[BSD_PROCESS_ACCT_V3]
Purpose: This one show up only if you included the previous option.
Suggestion – leave it out for now.

Sysctl support
[SYSCTL]
Purpose: Allows modification of certain kernel parameters on the fly.
Suggestion – build in. In case of rescue disks it can be left out.

Auditing support
[AUDIT]
Purpose: Required by various kernel subsystems such as SELinux.
Suggestion – build in. It probably won't hurt.

Enable system-call auditing support
[AUDITSYSCALL]
Purpose: Enable low-overhead system-call auditing infrastructure. (appears only if previous option was selected)
Suggestion – might as well build this one in too.

Kernel Userspace Events
[KOBJECT_UEVENT]
Purpose: enables the kernel userspace event layer.
Suggestion – build in.

Kernel .config support
[IKCONFIG]
Purpose: This option enables the complete Linux kernel ".config" file
contents to be saved in the kernel. This information can be extracted from the kernel image file with the script scripts/extract-ikconfig It can also be extracted from a running kernel by reading /proc/config.gz if enabled.
Suggestion – built in. Makes it easier to compile your kernel the next time as you can just load the previous .config and select the changes.

Enable access to .config through /proc/config.gz
[IKCONFIG_PROC]
Purpose: This option enables access to the kernel configuration file through
/proc/config.gz.
Suggestion – build in.
Configure standard kernel features (for small systems)
[EMBEDDED]
Purpose: This is for non standard kernels.
Suggestion – leave it out.

Loadable Module Support

Enable loadable module support
[MODULES]
Purpose: Allows you to build a modular kernel. If you don't want to use modular kernels exclude it. Generally it is a good idea to keep it as you can then build a smaller (and faster) kernel this way.
Suggestion – build in.

Module Unloading
[MODULE_UNLOAD]
Purpose: Enables module unloading facility. All modules may not be able to make use of this feature (though that will not cause any errors).
Suggestion – build in.

Source checksum for all modules
[MODULE_SRCVERSION_ALL]
Purpose: Used by module developers.
Suggestion – leave it out.

Automatic Kernel Module Loading
[KMOD]
Purpose: Allows certain parts of the kernel to automatically load kernel modules using modprobe. It’s probably a good idea to include this unless you are sure of what you are doing.
Suggestion – build in.

Processor type and features

Subarchitecture type – Select PC Compatible (unless you are running non x86 systems)

Processor Family – Your processor should be automatically detected, but do scroll down the list to make sure that it has been selected correctly. Previously AMD64 was detected as K7 rather than K8 (in 2.6.6). Make sure that you choose the correct case (you can safely choose a lower level but never select a configuration higher than your own). Failure to make a proper choice can lead at best to a loss of features and at worst a kernel that fails spectacularly.

Generic x86 support
[X86_GENERIC]
Purpose: Includes Optimizations for processors other than the one selected.
This is required only if you wish to distribute the kernel you have compiled to machines of another architecture.
Suggestion – exclude.

HPET timer support
[HPET_TIMER]
Purpose: Uses the new HPET timer for the kernel's internal timing rather than the venerable 8254 (Anyone who has done a microprocessor techniques course will tell you that the 8254 was made way back in the late 70s and is still in use). It is safe to include this feature as it is only enabled if the platform supports it.
Suggestion – build in.

Provide RTC interrupt
[HPET_EMULATE_RTC]
Purpose: Related to the previous option but there is no documentation on the feature.
Suggestion – leave it out, I guess. It appears to have to do with emulating the real time clock (provided by/using?) the HPET (I infer this from the name).

Symmetric multi-processing support
[SMP]
Purpose: This enables support for systems with more than one CPU (symmetric multiprocessor systems).
Suggestion – if you have more than one processor in your system include this.
This is required to use the hyper-threading feature on processors that support the feature.

Preemptible Kernel
[PREEMPT]
Purpose: Allows low priority processes to be preempted even while in kernel mode (For further explanation read up about the linux process management from a good book).
Suggestion – built in for desktop systems, RTS or embedded.

Preempt The Big Kernel Lock
[PREEMPT_BKL]
Purpose: This option reduces the latency of the kernel by making the
big kernel lock preemptible (what does that mean?). This arises from the previous option.
Suggestion – build in.

Local APIC support on uniprocessors
[X86_UP_APIC]
Purpose: Allows uniprocessors with a local APIC to use this APIC. It can be safely enabled with no slowdown even if it is not present (some of you may have seen an option in the bios dealing with this).
Suggestion – build in.

IO-APIC support
[X86_UP_IOAPIC]
Purpose: this option appears only if you have selected the last one.
Suggestion – Similar to the last option and can be built in. If you have an SMP, it is likely that you will require this.

Machine Check Exception
[X86_MCE]
Purpose: Returns errors to the kernel if the processor detects an error (overheating etc)
Suggestion – built in is a safe option for everyone except Pentium users. Some older Pentiums (Pentium 1s) have a design flaw and report false MCE events. So Pentium users should be cautious while enabling this option. 386s and 486s do not have this feature, so in such cases this option can be excluded (it is still safe to enable it though).

Check for non-fatal errors on AMD Athlon/Duron Intel Pentium 4
[X86_MCE_NONFATAL]
Purpose: Similar to above, but returns errors specific to these processors.
Suggestion – module.

Check for P4 thermal throttling interrupt
[X86_MCE_P4THERMAL]
Purpose: Prints a message whenever the P4 enters thermal throttling.
Suggestion – user's choice.

Toshiba Laptop Support
[TOSHIBA]
Purpose: Useful only on Toshiba Laptops having a Toshiba bios.
Suggestion – exclude unless your system satisfies the above criterion.

Dell Laptop Support
[I8K]
Purpose: Useful only on the Dell Inspiron 8000.
Suggestion – exclude unless your system satisfies the above criterion.

Enable X86 board specific fixups for reboot (X86_REBOOTFIXUPS)
Purpose: This enables chipset and/or board specific fixups to be done
in order to get reboot to work correctly.
Suggestion - Currently, the only fixup is for the Geode GX1/CS5530A/TROM2.1. Combination. Others should exclude.

/dev/cpu/microcode – IA32 CPU microcode support.
[MICROCODE]
Purpose: If you say Y here and also to "/dev file system support" in the
'File systems' section, you will be able to update the microcode on
Intel processors in the IA32 family, e.g. Pentium Pro, Pentium II,
Pentium III, Pentium 4, Xeon etc.
Suggestion – exclude. I have never heard of anyone ever using this.

/dev/cpu/*/msr – Model specific register support
[X86_MSR]
Purpose: Enables privileged processes access to MSRs.
Suggestion – module.

/dev/cpu/*/cpuid – CPU information support
[X86_CPUID]
Purpose: Access to the x86 CPUID instruction.
Suggestion – module.

High memory support
[NOHIGHMEM / HIGHMEM4G / HIGHMEM64G]
Suggestion – If you have not more than 1GB RAM then say “off”.
1- 4 GB then select 4GB
Up to 64 GB then select 64 GB. (Only on systems supporting PAE!)

Allocate 3rd level page tables from high memory.
[HIGHPTE]
Purpose: Setting this option will put user space page tables in high memory.
This avoids the waste of low memory space in systems having large amount of RAM.
Suggestion – build in. This option appears only if you have selected the previous option.

Math Emulation
[MATH_EMULATION]
Purpose: Emulates a math coprocessor on systems which do not have one.
Suggestion – exclude, unless you are running a 386 or 486SX without a coprocessor (unlikely).

MTRR support
[MTRR]
Purpose: Memory Type Range Registers may be used to control access to AGP and PCI buses. Improves performance of video cards.
Suggestion – build in.

Boot from EFI support
[EFI]
Purpose: This option has a meaning only on IA64 systems.
Suggestion – exclude.

Enable seccomp to safely compute untrusted bytecode
[SECCOMP]
Purpose: This kernel feature is useful for number crunching applications
that may need to compute untrusted bytecode during their
execution.
Suggestion – build in.

KingKrool 26 Jun 05 07:24 PM
Power Mangement Options

This section is highly system dependent. I would advise going through each option carefully. Many of the options are only for mobile systems or those running on mobile Pentium or Athlon processors.

Power Management support
[PM]
Purpose: Enables ACPI / APM
Suggestion – build in.

I won't describe the APM/ACPI options. If possible, use ACPI (some older systems will only support APM, others may not even support that). APM is deprecated.

CPU Frequency scaling
[CPU_FREQ]
Purpose: CPU Frequency scaling allows you to change the clock speed of
CPUs on the fly. Note that this driver doesn't automatically change the CPU
clock speed, you need to either enable a dynamic cpufreq governor
after boot, or use a userspace tool.

Enable CPUfreq debugging
[CPU_FREQ_DEBUG]
Suggestion – exclude

CPU frequency translation statistics
[CPU_FREQ_STAT]
Purpose: This driver exports CPU frequency statistics information through sysfs file system
Suggestion – exclude.

Default CPUFreq governor
This option sets which CPUFreq governor shall be loaded at
startup. If in doubt, select 'performance' ie. [CPU_FREQ_DEFAULT_GOV_PERFORMANCE].

Enable 'powersave' governor [CPU_FREQ_GOV_POWERSAVE],
'userspace' governor for userspace frequency scaling [CPU_FREQ_GOV_USERSPACE] and 'conservative' cpufreq governor [CPU_FREQ_GOV_CONSERVATIVE]. In case of desktop systems (excluding AMD systems), enable 'ondemand' cpufreq policy governor [CPU_FREQ_GOV_ONDEMAND] instead of 'conservative'.

CPUFreq processor drivers
Enable the appropriate driver (if any) for your system.

PCI Support
[PCI]
Purpose: Required if the system bus is PCI (as it is on almost all systems from P1 upwards).
Suggestion – build in.

PCI Access Mode – any [PCI_GOANY].

PCI Express support
[PCIEPORTBUS]
Purpose: This automatically enables PCI Express Port Bus support
Suggestion – if you have PCIE on your motherboard, build this in.

Message Signaled Interrupts (MSI and MSI-X)
[PCI_MSI]
Purpose: This allows device drivers to enable MSI (Message Signaled
Interrupts).
Suggestion – exclude for now, it is a new feature.

Legacy proc/pci interface
[PCI_LEGACY_PROC]
Purpose: Legacy support. Newer tools are now in use (ie lspci).
Suggestion – exclude.


PCI device name database
[PCI_NAMES]
Purpose: The kernel contains a database of all known PCI devices.
Disabling this feature replaces the device names by device IDs. It also reduces kernel image size by 80KB (though this memory can be freed at runtime).
Suggestion – build in. If you are creating a boot disk then it can be excluded.

PCI Debugging
[PCI_DEBUG]
Purpose: Produces PCI debug information and writes it to the system log.
Suggestion – exclude.

ISA Support
[ISA]
Purpose: Required only if you have ISA slots in your system.
Suggestion – Most modern systems do not have ISA slots (the Intel 875 may be an exception). It can, therefore, be excluded in such systems.
If your system does have ISA slots then include this as well as all subsequent options that appear on enabling it (except VESA Local Bus priming).

MCA Support
[MCA]
Purpose: Required on systems having Microchannel architecture.
Suggestion – This is supported only on a few systems from IBM. For most systems it should be excluded.

NatSemi SCx200 support
[SCx200]
Suggestion – Required only if you have the National Semiconductir
SCx200 processor. Exclude for most systems.

PCMCIA/ Cardbus Support
Purpose: This sub menu includes several options. It is necessary only on laptops.
Suggestion – exclude on desktop systems. On laptops it should be built in, giving access to several other options not described here.

Executable File Formats

Kernel Support for ELF binaries
Purpose: Required for using Binaries compiled in the ELF format. As the conversion to ELF was started in 1995, this option can be considered critical.
Suggestion – built in.

Kernel support for a.out and ECOFF binaries
Purpose: Required to run certain old binaries which were in the a.out format which is now dead (this has nothing to do with the fact that the default name of all files compiled by gcc is a.out, that was just a convention which is still followed). Needed only if you have really old binries lying around.
Suggestion – exclude. If absolutely necessary then include it as a module.

Kernel support for Miscellaneous binaries
Purpose: Plug wrapper-driven binary formats into the kernel.
Suggestion – built in.
Device Drivers
This is one of the weirdest parts of the configuration, and unfortunately, one which I can't help you with. There are hundreds if not thousands of options, all of them system dependent. I will give you a few tips though.

If you started your configuration using an existing reference .config (whether of the current running kernel or from /arch/... subdirectory) then you should have it a bit easier.

Include Parallel support (module) if you use the parallel port on your PC. Include PC-style hardware under this, but not Multi-IO cards.

Include PnP support – this is important.

Under block devices -
Normal floppy disk support – include
Parallel port IDE device support – exclude (unless you use an external CDROM / HDD connected to your parallel port.
Include Loopback device support (module)
RAM disk support – include
Leave the default values of RAM disk number and size.
Initial RAM disk (initrd) support – include.
Support for Large Block Devices – exclude (do you have a 2 TB disk?)
Packet writing on CD/DVD media – include (module)
ATA over Ethernet support – exclude (most of the time)

Use the CFQ I/O scheduler and exclude the others

ATA/ATAPI/MFM/RLL support – DEFINITELY include unless you have a pure SCSI system. Haven't heard of those for a long time.

Support for SATA [BLK_DEV_IDE_SATA] under Enhanced IDE/MFM/RLL disk/cdrom/tape/floppy support – exclude, as it is deprecated. Do not worry if you have SATA hard drives, there is another driver for them.

Include:
IDE/ATAPI CDROM support
IDE/ATAPI FLOPPY support
PCI IDE chipset support
generic/default IDE chipset support
Generic PCI bus-master DMA support
Use PCI DMA by default when available
AMD and nVidia IDE support (nForce users only)
Your SATA controller may be listed here, so include it as well.
For any chipset you don't have – exclude it.

Include SCSI device support. It IS required for USB storage. Also include legacy /proc/scsi/ support and SCSI disk support (for USB storage). Exclude everything else under SCSI and its submenus (except SATA support).

Multiple devices driver support - exclude. Few people use software raid or LVMs on desktops.
I2O support – exclude.

Do not disable networking, it is required even by some non-network programs.
Networking options – leave the defaults, but most people can get rid of Appletalk and IPX.
Choose the correct n/w card option - "Tulip" family network device support is used by NC100 based cards.

Do you have IR ports, Token Ring, Bluetooth, FDDI, 10Gbps networks? Use common sense and exclude everything in these sections.

Wireless LAN – include only on systems with a wireless card of some type. You will still need drivers.

WAN interfaces support – exclude. No one connects to a WAN using an interface card on a desktop. Very rare.

ISDN support – do you use ISDN? I don't, nor do I know anyone who does anymore.

Character devices -
do you need non standard serial support? – mostly no.
Intel/AMD/VIA HW Random Number Generator support – yes if you have an i8xx series chipset. Presumably it should work for i9xx series as well, but I can't be sure of that.
/dev/nvram support – include.
/dev/agpgart – build in (module).

Lookout for your chipset driver for AGP support in character devices and make sure to include it (all others can then be excluded). Specifically, there is support for i865 and nforce 1 and 2, SIS and VIA, apart from several others (If you have nforce3 you can try nforce2 driver).

If you have a Radeon then include its driver under Direct Rendering Manager of Character Devices.

Configure Graphics support carefully. It can cause problems otherwise.

Under sound, select ALSA, not OSS (which is deprecated).
In ALSA, under PCI devices, select your soundcard. There is support for quite a few soundcards – Aureal, Audigy, SBLive, AC97, Intel HD Audio and many others.

USB support should also be configured carefully. Most people now have USB 2.0, so it along with USB 1.1 should be selected. Include USB storage if you are likely to use a pen drive.

Remember this section is largely about common sense. If you don't have need for a particular feature, or do not have certain hardware, then in most cases it is safe to switch it off. This however, does not apply to the networking and SCSI. Be careful there.

File Systems
This is another large section, so I'll just mention whether you should include an option or not.

Second Extended fs support – build in for Redhat/Fedora etc distros.
EXT2 extended attributes – exclude.
EXT3 journalling file system support - build in for Redhat/Fedora etc distros.
EXT3 extended attributes – exclude.
(extended attributes must be included if you want to use SELinux or the like)
JBD debugging support – exclude.
Reiserfs support – include on SUSE, Mandrake and others.
JFS support – exclude.
XFS support – exclude.
Minix filesystem support – exclude.
ROM filesystem support – exclude.
(Some people might need these, but if you are such a person, you will know how to configure them)
Quota support – exclude. Only needed if you want to set limits on user disk usage. Again, an advanced option, not present on most home PCs or single user desktops.
Kernel automounter support – exclude.
Kernel automounter support v4 – exclude. Needed only on large networks.

CD/DVD ROM filesystems – use built in for all the options in the submenu.
DOS/FAT/NT Filesystems --->
MSDOS fs suport – exclude (usually, except in cases where linux is mounted from a DOS partition).
VFAT fs support – include.
NTFS support – build in.
NTFS debugging support – exclude.
NTFS write support – exclude. It doesn't do much.
(The above options should actually be included as modules, but I would recommend not doing so the first time. With experience you will learn which features should generally be compiled as modules and then these can be configured accordingly).

Pseudo Filesystems-->
/proc file system support – include.
/dev/pts extended attributes – exclude. Again, you will know if you need it.
Virtual memory file system support – include.
HugeTLB filesystem support – exclude. Not sure what this does.

Miscellaneous filesystems-->
All the options in the submenu can generally be excluded. They are not commonly used on Linux/Windows dual boot systems.

Network filesystems support-->
Again, all these options can usually be excluded. They are required only on networked computers. If you are on a networked system then your administrator should be able to tell you which filesystems are required. Accordingly support can be compiled in. Possibly you can include SMB file system support.

Partition types--> Only two options are to be included:
1. Advanced partition selection.
2. PC BIOS support.
If you use dynamic disks in Windows 2000 or later, then you should also include Windows Logical Disk Manager support.

Native Language Support--> exclude all except USA/Canada and NLS ISO 8859-1 + NLS ISO 8859-15. This is to do with codepages (non-english filenames, not contents).

Kernel Hacking
All the options in this menu are advanced features. It is best to exclude them from the kernel.

Security Options
Enable different Security models
Purpose: This allows you to use security models other than the default linux security model.
Suggestion – exclude. You may want to include this however if you are interested in using SELinux (security enhanced).
Enable access key retention support – exclude.

Cryptographic Options
It is safe to include all these options as modules. Don't build them in, otherwise your kernel size will increase dramatically. Compiling these options into the kernel is recommended only if you use them very frequently (e.g. All your documents are encrypted using one of these algorithms).
Even if you don't include them, third party tools can provide these services.

Library Routines
Both options can be included safely.

After you are finished save the file and proceed to the Post Configuration section given earlier.

The above configuration procedure was on the 32 bit system, when you try this on a 64 bit system, different options are available.

-The processor options are different.
-There are different ACPI options.
-CPU frequency scaling now has K8 PowerNow! (Cool n Quiet)
-Funnily enough, there is no option for initrd. Add it in manually to the .config file as:
CONFIG_BLK_DEV_INITRD=y
-File formats: there is no longer an a.out format in the 64 bit world. However, there is IA32 emulation, as well as IA32 a.out emulation.

Unfortunately, I was unable to get the kernel up and running on FC3 (64 bit). FC3 has some difficulties which I was unable to get around. For one, it is necessary to make an initrd (initial RAM disk). And there was no option in the kernel to enable it. Even after putting it in manually I was unable to boot up. Seems like some bug. If anyone has any success (on a 64 bit FC3) please do post here.
Funnily, I used the 64 bit kernel, with a 32 bit Distro (CentOS 3.6) and it booted up properly.

If you want to enable SATA then try this (it did not work on the 32 bit FC1, but did on the 64 bit kernel + CentOS combo – CentOS root was located on the SATA hdd):

In code maturity options, include “Prompt for development and/or incomplete code/drivers”, but exclude “Select only drivers expected to compile cleanly”. Then under ATA/ATAPI/MFM/RLL include support for your SATA chipset (if listed). Then go to SCSI, enable support for SCSI hard disks. Got to SCSI low level drivers, enable SATA hard disks and enable support for your SATA chipset/controller listed under that (sata_sil, sata_nv, etc.).

Well that's it! Enjoy!!!!

Monday, 13 July 2009

Ebooks sites

booktraining.net

Friday, 10 July 2009

msfweb on slackware 12.2

install metasploit packagge from slackbuild.org
install rubygem package
run the command "gem install rails"

Wednesday, 8 July 2009

Favorite slackware/linux links

http://wiki.linuxquestions.org/wiki/Slackware-FAQ
http://www.vcn.bc.ca/~dugan/setting-up-slackware.html
http://www.brunolinux.com/
http://humanreadable.nfshost.com/sdeg/index.htm
http://slackworld.berlios.de/links.html
http://www.linuxpackages.net/howto.php
http://www.basicconfig.com/
http://www.linuxhomenetworking.com/
http://www.bilbos-stekkie.com/slack_init/en/index.html
http://slackwiki.org
http://www.linuxconfig.org/
http://www.lugatgt.org/articles/

Tuesday, 7 July 2009

mouse wheel in slackware 12.2

As root edit /etc/X11/xorg.conf for slackware 12. The syntax of the file is the same for both.

Find the 'Core Pointer' section. In there you will have something like this:

Identifier "Mouse1"
Driver "mouse"
Option "Protocol" "IMPS/2"
Option "Device" "/dev/mouse"


Protocol and device might be different on yours if, for example, you have a USB mouse.

Add two lines here to make it look like this:

Identifier "Mouse1"
Driver "mouse"
Option "Protocol" "IMPS/2"
Option "Device" "/dev/mouse"
Option "Buttons" "5"
Option "ZAxisMapping" "4 5"


Restart the X server.

Enjoy abusing your wheel :)

Type vietnamese in slackware with scim & skim

install scim
install skim
connfig as instructed at
http://www.scim-im.org/wiki/documentation/installation_and_configuration/all/installation_from_the_source

install scim-unikey

restart computer.

Thursday, 2 July 2009

Failed to lock the file! VMWare virtual disk (vmdk)

just delete .lck folders

Wednesday, 1 July 2009

Intel wifi 5100 with Slackware 12.2

Just get the new kernel 2.6.30 and compile it. Now i can get injection working!!!