Posts for the month of March 2004

Circuit City Manufacturer Rebate Escalation Line

1-800-241-1343 or ccrebatehelp@…

"We apologize if you are having trouble with your manufacturer rebates, and we are here to help you. Monday-Friday 10:00am-6:30pm EST

Please have your Circuit City sales receipt or manufacturer's rebate form available when you call us so that we can solve your problem as quickly as possible."

Makefile notes

Checking tabs:
cat -v -t -e makefile

Macro substitution:
SRCS = defs.c redraw.c calc.c
ls ${SRCS:.c=.o}
result: calc.o defs.o redraw.o
Second string can be nothing too to truncate

Suffix Rule: default begavior for a suffix:
.SUFFIXES : .o .c .s

.c.o :
$(CC) $(CFLAGS) -c $<
.s.o :
$(AS) $(ASFLAGS) -o $@ $<

$< is what triggered (only valid in suffixes)

Forcing rebuilds:
all :
make enter testex "CFLAGS=${CFLAGS}" "FRC=${FRC}"

enter : ${FRC}

testex : ${FRC}

[nothing here]

Then normal "make all" does normal. "make all FRC=force_rebuild" will do all

Debugging make files:
Try "make -d"

Misc notes:
A line starting with a hyphen ignores errors resulting from execution of that command

$? = List of prereqs that have changed
$@ = Name of current target, except for libraries, which it is the lib name
$$@ = Name of current target if used AFER colon in dependency lines
$< = Name of current prereq only in suffix rules.
$* = The name (no suffix) of the current prereq that is newer. Only for suffixes.
$% = The name of the corresponding .o file when the current target is a library
Macro Mods: (not all makes support)
D = directory of any internal mac, ex: ${@D}
F = File portion of any internal except $?

Special Tagets:
.DEFAULT : Executed if make cannot find any descriptions or suffix rules to build.
.IGNORE : Ignore error codes, same as -i option.
.PRECIOUS : Files for this target are NOT removed if make is aborted.
.SILENT : Execute commands but do not echo, same as -s option.
.SUFFIXES : See above. 

Don't Plug a 10/100 Switch Into Your Phone!

Bad things happen.

I have a patch panel for structured wiring in my house. Took me a ½ hour to figure out why all my phones were dead - I had plugged the hub into the phone system! Oopsie!

Mom's Apple Pie Recipe

Mmm Mmm Good…

2 lb Cortlands
¾ cup sugar
¼ cup flour
1 tsp. cinnamon
dash nutmeg
2 tbsp butter/marg
lemon juice
Pillsbury 9" Pie Crust

Peel/Cut Apples. Generous amount of lemon juice after first and every few - coating to prevent oxidation.

Mix with sugar, flour, nutmeg, cinn. in bowl.

Pour into crust

Dot with butter (~pat each quarter and center)

Put on top crust, seal well, vent w/ knife

40 minutes at 450F (preheated) - Golden Brown, slight bubbling from vents

Wayne's Windows Administrator Support

Many (stupid) mail servers are now assuming all cable modem users are SPAMmers, so more and more are refusing to accept my mail. Here's a script that I run to regenerate QMail's 'smtproutes' whenever I need to add new ISPs… Start:


open OUTFILE, ">smtproutes";

$s = "\n"; # Replace with your ISP's outbound server

foreach (<DATA>) {
next if /^\w*$/;
next if /#/;
print OUTFILE "$_$s.$_$s";

#CS is old compuserv, now AOL

Mozilla Must-Haves

Traceroute Sites

Using bBlog on your own server.

The installation program asks for your MySQL database name and password. I couldn't get the to work by myself, because I run my own so no admin just handed me the info. If you're in the same boat, here's all you need to do:

/usr/local/mysql/bin/mysql -p

Enter password: mypassword

mysql> CREATE database blog;
    -> ON blog.*
    -> TO blog@localhost
    -> IDENTIFIED BY 'myblogpassword';

Obviously, change the stuff in bold. Then in bBlog's setup use the user and database name of 'blog' with the password set above.

How to delete a file already in use by Windows

***** PROBLEM *****

How to delete a file already in use by Windows?

~~~~~ SOLUTION ~~~~~

1. Create the file:


2. Add the following 2 lines:


You will need the DOS short name, not the Windows' long name.

3. Save > Restart Windows

The file will be deleted when you restart.

All the GNU utils you can shake a CLI at for Windows

Has Mozilla stopped downloading?

Erase compreg.dat from Mozilla directory. It'll get rebuilt automagically.

ipchains to iptables quickie

(This is an old email I found I had written for some of my friends. No support provided, sorry.)

Here's my mini write-up for people to lazy too read the HOWTOs. ;)
See also:

The attached file goes in your startup stuff.
In-line comments for ya to understand this stuff, I hope... bold stuff isn't in the real file. If you have any Q's lemme know. LEARN BY DOING. ;)
<lotsa snips in here>
Do a "iptables --help" to see the quick commands of P, F, N, I, A, X, and D...
                # Set policies
                ./iptables -P INPUT ACCEPTI allow anything not specifically blocked thru the firewall... oh well.
                ./iptables -P FORWARD ACCEPTJeff claims to block everything he doesn't accept, and then accepts
                ./iptables -P OUTPUT ACCEPT1024 and above.... 6 of one, 1/2 dozen the other ;)
                # User defined tables
                # Shared by INPUT and FORWARD
                  ./iptables -N Protect"N" means new chain creation. But in case we run this multiple times....
                  ./iptables -F Protect"F" flushes the chain if it already existed
                # Now set up the INPUT chain  There are three default chains - INPUT, FORWARD, OUTPUT.
*** UNLIKE 2.2/IPCHAINS the INPUT and OUTPUT chains are only if the packet is destined for the firewall. FORWARD means the packet is gonna be FORWARDed (duh). ***
                  ./iptables -A INPUT -j Protect                         # Spoofs, etcEverything coming IN goes thru Protect
                  ./iptables -A INPUT -p tcp --dport 20:21 -j In_FTP     # FTP inTCP w/ destination ports 20-21 go thru In_FTP
                  ./iptables -A INPUT -p tcp -j In_Mail                  # Mail in (port can be 25 or 110)ANY TCP packet goes to In_Mail
                  ./iptables -A INPUT -p udp --dport 123 -j In_TimeSrv   # Time ServersUDP with port 123 destination goes
                  ./iptables -A INPUT -j In_New     # Any new extIF connections not specified above are blocked (telnet, ssh, etc)All check
                # The FORWARD chain
                  ./iptables -A FORWARD -j Protect                       # Spoofs, etcEverything FORWARDED goes thru Protect also
(this is why Protect is separate from others)
                # The Protect chains
                  ./iptables -A Protect -j Protect_HackersAll go here...
                  ./iptables -A Protect -i $extIF -p udp --sport 53 -j Protect_DNSuUDP source port 53 coming IN ppp+ (any ppp)
Bill would put eth2 or whatever cable modem set to

*** UNLIKE 2.2/ipchains *** -i means INPUT interface NOT 'INTERFACE'. -o means OUTPUT interface now. -i can only match INPUT and FORWARD chains, -o can only match in OUTPUT chains...
                  ./iptables -A Protect -p icmp -j Protect_ICMPICMP packets go to Protect_ICMP
These next ones get complicated. "-d" is DESTINATION IP. "-m limit" limits the number of matches of a rule. Check the HOWTO for more info. That stops it to one log entry per second. The "--log-prefix" is required for fireparse 2.0. The "Hackers" part tells me what chain matched, and the ":1" says what rule number matched. **NOTE** that you need TWO rules to LOG and then do something!!! (I am not happy with that) Oh yeah the a= part is for fireparse too... tells what its action was.
                  ./iptables -A Protect_Hackers -d -m limit --limit 1/s -j LOG --log-prefix "fp=Hackers:1 a=DROP "
                  ./iptables -A Protect_Hackers -d -j DROPDROP the packet (vs. ACCEPT, REJECT, LOG, RETURN)
[RETURN = Fall off the end of the chain. New to 2.4/IPTables. YAY!!!]
                  ./iptables -A Protect_Hackers -s -j DROP-s is source IP
This next line is just a little combo adding the input interface
                  ./iptables -A Protect_Spoofs -s -i $extIF -m limit --limit 1/s -j LOG --log-prefix "fp=Spoofs:3 a=DROP "
                  ./iptables -A Protect_Spoofs -s -i $extIF -j DROP
NOTE this next line! The new system combines NAT and packet filtering - by time the filter sees the packet, it HAS ALREADY BEEN MASQ'D BACK - meaning the destination can EASILY be the internal address of your other machines!!!
                  # Destination of 192.168.x.x is NOT a spoof because packet filter sees MASQ answers coming back with that!
Just showing that you can do subnetting on the matches (some above too):
                  ./iptables -A Protect_DNSu -s -j ACCEPT
This line logs that DNS came thru that didn't come from my "normal" DNS sources. Note there is no related action, so it falls off the end of the chain and back to where it started (in the INPUT or FORWARD chain)
                  ./iptables -A Protect_DNSu -m limit --limit 1/s -j LOG --log-prefix "fp=DNS:1 a=ACCEPT "
Just like TCP/UDP have ports, ICMP has types.... numeric or words:
                  ./iptables -A Protect_ICMP -p icmp --icmp-type 5 -i $extIF -m limit --limit 1/s -j LOG --log-prefix "fp=ICMP:1 a=DROP "
                  ./iptables -A Protect_ICMP -p icmp --icmp-type 5 -i $extIF -j DROP
                  ./iptables -A Protect_ICMP -p icmp --icmp-type echo-request -m limit --limit 2/s -j ACCEPT # Stop ping floods
                  ./iptables -A Protect_ICMP -p icmp --icmp-type echo-request -m limit --limit 1/s -j LOG --log-prefix "fp=ICMP:2 a=DROP "
                  ./iptables -A Protect_ICMP -p icmp --icmp-type echo-request -j DROP
These are for future use (I may open FTP some day)... states can be NEW, INVALID, RELATED, CONNECTED. This stops any NEW or bad connections (note I don't waste processor time checking the protocol or port since that was already done to get here!!!) Note that FTPs from my internal network will be let thru:
                  ./iptables -A In_FTP -i $extIF -m state --state NEW,INVALID -m limit --limit 1/s -j LOG --log-prefix "fp=In_FTP:1 a=DROP "
                  ./iptables -A In_FTP -i $extIF -m state --state NEW,INVALID -j DROP
Some day I may do POP3 (port 110) so I have my 'mail' rule handle 25 and 110:
                  ./iptables -A In_Mail -p tcp --dport 25 -i $extIF -j ACCEPT
                  ./iptables -A In_Mail -p tcp --dport 110 -i $extIF -m limit --limit 1/s -j LOG --log-prefix "fp=In_Mail:1 a=DROP "
                  ./iptables -A In_Mail -p tcp --dport 110 -i $extIF -j DROP
This stops any NEW connections from ppp+ to ports 0 to 1023 (the classical Unix "reserved" ports) - combo of state, limit, LOG:
                  ./iptables -A In_New -i $extIF -p tcp --dport 0:1023 -m state --state NEW,INVALID -m limit --limit 1/s -j LOG --log-prefix "fp=In_New:1 a=DROP "
                  ./iptables -A In_New -i $extIF -p tcp --dport 0:1023 -m state --state NEW,INVALID -j DROP

Now comes Part II - NAT:
                # Just masq everything outbound
IPTables is extensible. One extension is NAT - "-t nat" says to load the NAT table. It must be FIRST on the line. For NAT, there are a few internal chains, the most important being PREROUTING and POSTROUTING (entering and leaving the machine). MASQUERADE means SNAT - Source Network Address Translation - what we want to do to hide a network behind a single IP for outbound data. Note the use of "-o" vs. the "-i" above. iptables actually has primitive load balancing for both SNAT and DNAT...
                ./iptables -t nat -A POSTROUTING -o $extIF -j MASQUERADE
                # Set some hooks for the port forwarding scripts
                ./iptables -t nat -N PortFW
Seems odd, but I made a chain called PortFW. That way my firewall setup scripts can just wipe it without worrying about other things that may be in the PREROUTING chain.
                ./iptables -t nat -A PREROUTING -i $extIF -j PortFW
The "PortFW" chain is "DNAT" - Destination NAT - we hide from the internet the DESTINATION of the packet. AKA "Port Forwarding" in its simplest form. Again, this also allows load balancing if we wanted to run web server clusters. I will give you those other scripts some other time.
                echo 1 > /proc/sys/net/ipv4/ip_forwardTurns on the kernel packet forwarding
                echo "."
        # Make sure we get called to stop later
        touch /var/lock/subsys/packetfilterThe shutdown script ("/etc/rc.d/rc" sees this file and tells us to "stop")

Unix commands you shouldn't do at 3 AM....

…well, ever.

rm -rf .*

rpm -qa | xargs rpm --erase

I've done them both and felt the pain. I did the first on a 2TB machine. In 1996, when 2TB was a lot more impressive.

Right click hanging horribly?

Other symptoms included moving any file to the trash, even with 'delete' button and no context menu used.

Re-enable PGPsdkService

This took me about 6 months to track down!!!

Ghost and error 19922 SOLVED

The Symantec 'knowledge base' has this this useless link.

The 'solution' is "Symantec is investigating this problem to determine a resolution. This document will be updated when new information or a solution is available." - They have said this since at least version 6 - search their site and see at least 4 different Ghost versions saying that they are looking into it!

My situation, and fix, hope it works for you… NAV Pro 2K4 had crashed a few days before (it only happened that once) and I never shut off my desktop. Well, what was happening was the dump file was spanning at the 2GB mark. NAV has hooks in the OS that do RPC calls when the file is closed, telling NAV to scan it. Since NAV wasn't running, the RPC call was timing out. By time the RPC call failed, the Ghost client had given up the ghost (ha!) failing with error 19922.

A simple reboot fixed it, but it still took me about 3 hours of being very worried to fix, because I had made a major change to my network since the last backup…

Strange Compression Comparisons

Well, if you're desparate to do bzip2 under windows, or pretty much any other cool GNU thing (find, grep, less, wget, etc) you can download them at

C:\Documents and Settings\me>bzip2 —version bzip2, a block-sorting file compressor. Version 1.0.1, 23-June-2000.

  • adm
    Aaron D. Marasco wrote:
    > OK, a quick test. I just got a PowerPoint presentation. I am not going to mess with dictionary sizes or anything, leaving those default.
    > PPT: 1,440,768 bytes (Original file)
    > ZIP: 1,311,093 (Dunno what did it, I received it this way)
    > RAR: 1,303,276 (RAR 3.20 beta 4, which does the 'new' RAR compression, default setting)
    > RAR: 1,303,241 (Same version, told it MAX compress "m5" command line)
    > ACE: 1,305,286 (2.0 compression, normal)
    > ACE: 1,309,770 (1.0 compression, normal)
    > ACE: 1,305,274 (2.0 compression, max)
    > GZ: 1,311,109 (Created by WinACE 2.5 max compression)
    > LZH: 1,440,901 (Created by WinACE 2.5 max compression) (-- this is BIGGER. This surprises me and tells me that PPT may already be compressed?
    > .TAR.GZ: 1,311,614 (Created by WinACE 2.5 max compression)
    > CAB: 1,304,092 (Created by WinACE 2.5 max compression)
    > ZIP: 1,310,299 (Created by WinACE 2.5 max compression)
    > JAR: 1,310,299 (Created by WinACE 2.5 max compression -- I think .JAR are just renamed .ZIP anyway)
    > BZ2: 1,337,976 (bzip2 Version 1.0.2 - I couldn't see a command line to change compression)
    > GZ: 1,310,209 (gzip -9 gzip 1.3 [1999-12-21]) (-- I've never seen GZIP be smaller than BZ2?!?!?
    > And now sorted:
    > [root@neuvreidaghey shared]# sort -t' ' +1 tempo
    > RAR: 1,303,241 (Same version, told it MAX compress "m5" command line)
    > RAR: 1,303,276 (RAR 3.20 beta 4, which does the 'new' RAR compression, default setting)
    > CAB: 1,304,092 (Created by WinACE 2.5 max compression)
    > ACE: 1,305,274 (2.0 compression, max)
    > ACE: 1,305,286 (2.0 compression, normal)
    > ACE: 1,309,770 (1.0 compression, normal)
    > GZ: 1,310,209 (gzip -9 gzip 1.3 [1999-12-21]) (-- I've never seen GZIP be smaller than BZ2?!?!?
    > ZIP: 1,310,299 (Created by WinACE 2.5 max compression)
    > JAR: 1,310,299 (Created by WinACE 2.5 max compression -- I think .JAR are just renamed .ZIP anyway)
    > ZIP: 1,311,093 (Dunno what did it, I received it this way)
    > GZ: 1,311,109 (Created by WinACE 2.5 max compression)
    > .TAR.GZ: 1,311,614 (Created by WinACE 2.5 max compression)
    > BZ2: 1,337,976 (bzip2 Version 1.0.2 - I couldn't see a command line to change compression)
    > PPT: 1,440,768 bytes (Original file)
    > LZH: 1,440,901 (Created by WinACE 2.5 max compression) (-- this is BIGGER. This surprises me and tells me that PPT may already be compressed?

I think these are slightly skewed, but RAR just edged out ACE. Again, I think this is a recompression on compressed data. I would doubt that MS-CAB would normally beat ACE. This is not a directory of plaintext. You can even see that ACE can make GZip compat archives, but it was slightly larger than GZip itself. And ACE also made a smaller ZIP file than what I assume was WinZip.

And since I already bought WinACE, it's good enough.

CD-Rs bake in the sun!

OK, I had a silver CD-R (Imation 80min if you care) with MP3s. I left it in the car too much in the sun (now I flip the jewel cases over). One edge of it turned a nice golden color like the older CD-Rs are.

It had 5 CDs on it.

I have randomly sampled the files in my audio player, and they all sound fine and are as happy as can be.

Checked the SFVs of 4 of the 5.

Even though my sampling sounded fine, EVERY SINGLE FILE had a CRC failure.


Keep yer CD-Rs in the shade!!!