Category: Uncategorized

pptp + linux = much fun.

Actually it’s not that bad. Its just another of those things-that-work-stop-working-and-it-takes-ages-to-find-out-why-things.

For about four weeks I had a problem that LAN-Connections did not work after resuming from hibernation and I was unable to access my pptp-server in the office from home. On the linux side a got a timeout while waiting for LCP-Resonse (or something like that) and on the windows-side, the whole process stopped while validating my (long and thus quite secure despite the flaws in the pptp-protocol) password.

Who would have thought that those problems share one thing: The common cause ;-)

For accessing another server of a client behind a cisco-router, they provided me with the “CISCO VPN Dialer” which, when connected provides an option called “Stateful firewall (Always On)”. I confess. The “always on” suggest that this not-so-well working firewall (have I said that I hate desktop-firewalls, especially those by ZoneLabs which this VPN Dialer obviously uses) also is running when the applicatoin is not, but then again: Who could think, that something stays running even though there is not GUI indication (and no way to turn it off, besides re-dialing) whatsoever?

I found this out when I tried to ping my workstation form a Linux-Server within our network, which I tried after seeing that VMWare stopped working too (incredibly useful for making screenshots of strange OSes).

So my expirience with this cool CISCO VPN-Dialer is as follows:

  • Breaks well-working applications (VMWare)
  • Makes me unable to use my own network while connected (despite the checkbox telling me otherwise)
  • Breaks PPTP (and I already suspected Linux)
  • Is incompatible with the Hibernation Mode that comes with Win 2000 and later
  • Is an usability nightmare as it does not provide any visual feedback of being running despite the fact that an always running firewall and a VPN-Dialer do have nearly nothing in common.
  • Is an even worse usability nightmare as there is no way to turn that firewally thing off besides building up the VPN-Connection which has even less to do with a firewall than the tool alone.
  • Is insecure: Everyting besides the PPTP-Connection was well working when using WLAN to connect to the network – even the ping from the server to my machine.

    Great product indeed.

Gentoo on a xSeries 235 Server

Yesterday, one of the harddisks (or was it the SCSI-Controller – it does not matter…) of our very old, self-assembled developement/fileserver went down. As we had backupped the important data and I had a spare PC running Linux (the multimedia machine I wrote about here), getting a working environement was a matter of about two hours (one I used up trying to get the old server to boot again).

Anyway: We deceided that it was time to move away from self-assembled machines to something more professional (and hopefully more reliable), so we ordered a IBM (we really like those machines – great support, long warranty and rock-solid) xSeries 235 machine which arrived today.

I deceided to install Gentoo Linux on the machine as it will mostly be used as my developement server (and as a windows-fileserver for our data), so eventual downtimes do not really matter (but latest versions of the installed software are important) – a nice testbed for this distribution until I roll out production machines running Gentoo.

Besides the hardware-RAID5 the new server had built in, we plugged an old 120GB IDE drive to be used as storage area for not-so-important files (read: music, temporary files,…) – additionally it contained all the current developement work, so I had to copy it’s contents down to the new virtual RAID5 drive.

Installing was quite easy, but unfortunatly, the current gentoo-sources kernel (2.4.20 – heavily patched) does not support the DMA-Mode for IDE-Devices on the onboard chipset (ServerWorks something), so copying about 30 GB of data from the IDE drive to the RAID was not funny and neither was doing anything on the server when transfers to the IDE drive where running. It was slooow!

Installing a current 2.4.22 vanilla-sources kernel solved the DMA-Problem but raised another: The xSeries 235 uses a Broadcom bcm5700 Gigabit Ethernet chipset which is not supported under a vanilla kernel. Of course, I forgot to patch the driver in before I rebooted the newly created kernel which forced me to go down to the basement, compile the driver and go up here again to write this text.

Anyway: The server is now working like a charm. I really look forward to really use it and to take advantage of the greatly increased speed (PII 500 Mhz -> Xenon 2.6 Ghz and more than twice as much RAM than before)

Another Mail client

It’s just not over yet. As a fellow reader of my blog, you may have notticed that I am looking for the best email client (read there for my requirements). Becky! which I reviewed back in march really is great, but the threading function does not work very well and neither does GPG or PGP which I made a requirement in our company.

Since very long, I know of the program The Bat! which was no alternative so far, as it fulfilled all my requirements but being IMAP compliant (apart from that, it’s a really great program)…

Now they released a beta version of The Bat 2.0 which has full IMAP-Support. I am currently looking into that and I’m going to post a full review soon.

What I dislike about Java

I really tried to get into programming something in Java. Alone the psossibilities with JSP/Servelets seem very interesting compared to what you get when using PHP. Another thing would be the many excellent IDE’s (even free ones like Eclipse) out there that only support java (I know that PHP-Plugins for Eclipse exist, but they are not really usable – a thing I’ll write about in the future).

But I never really took off and until today I never really could describe what is holding me back.

Today I found this article which explains it by using examples to compare python to java. Although it’s about python (a language I don’t really like), most of the point in there apply to other scripting languages (PHP, Perl, Ruby,…) too.

Really good read and finally the explanation I was looking for.

Just another debian install

Today I was going to install Debian Linux on another of those IBM xSeries 345 servers.

I really like those products as they are quite powerful and use only two units in your rack anyway. And they are rack-mountable without screws which makes the whole process quite a pleasure.

The problem when installing those machines is that Debian 3.0 does not support the built in ServeRAID controller. There is an extended boot-floppy on http://people.debian.org/~blade/install/preload/, but unfortuantly, today people.debian.org is down.

My solution was to apt-get install kernel-headers-2.4.18-bf2.4 (on another debian machine), to download vanilla 2.4.18 kernel sources, to copy over /usr/src/kernel-headers-2.4.18-bf2.4/.config to the directory where I unpacked the vanilla sources, to make oldconfig, to make menuconfig, to select Support for IBM ServeRAID in the configuration tool and finally to make modules.

I then copied the compiled ips.o to a blank disk in a directory called /boot. I could later on use this disk in the debian installation process (booted from CDROM with bf42 on the bootprompt) when I can “Load essential modules from disk”.

I did the about same thing for the e1000 driver, the built in ethernet chipset requires:

  • Download it here and uncompress it.
  • Hack src/Makefile to use the kernel-sources above.
  • make
  • ignore the warning that a module not matching the current kernel will be built (because that’s what I want)
  • Copy e1000.o to the disk

    Now it installs flawlessly and I’m quite happy…

IBM Thinkpad T40

I got my hands on one of those new T40 model Thinkpads from IBM and I thought, I should post a little review here.

I was working on a T23 for a very long time, so I quite used to that machine. This review will focus on the changes between the models, but will provide a good overview for you users without knowledge of the T23.

Outside
The new Thinkpad comes with a new flatter but bigger TrackPoint which I don’t really like, but this may be a matter of getting used to (if not: IBM provides you with the old cap, but I’m really trying to use the new one as it is built from plastic which does not get so dirty during common usage). Additionally, the T40 has a standard TrackPad for those users that do not like the TrakPoint (I am definitely not one of them. Although nothing feels as good as a trackball, the trackpoint is a real cool thing and I was a bit disappointed to see IBM putting an additional trackpad there).

As usual, the keyboard is just great. This time, it’s even a bit better, but I am not sure whether this is just because it’s new or because IBM really changed something. What I really, really, really hate about the new keyboard are those Back- an Forward keys above the left- and right cursor keys. I used the empty space around “up” to orientate myself (down was where there was no free space around). So I am constantly hitting “up” when I meant “down” and – even worse: those senseless keys instead left or right. I really hope, I will get used to this or I will have to plug an external keyboard (programming is a quite cursor-intensive task).

The Volume- and the “Thinkpad” (now renamed to “Access IBM”)-Buttons got smaller and have more spacing between them, making it easyier to hit them in the dark.

The status LED’s went from above the keyboard to below the display and are much more visible now. Good thing. Additionally, the Scroll Lock indicator was removed. In Windows it does not make sense anyway (while a missing indicator may be very disturbing in Linux as Scroll Lock quite locks down the console if it’s on). They added another LED indicating that the Notebook is powered. Not so important.

When the display is closed, only three leds are visible: Battery, Sleep and Bluetooth (why bluetooth and not WLAN or both?).

The whole device got a little flatter than the previous model. Extremely flat would be a good term to describe the T40. This unfortunatly breaks compatibility with older UltraBay Extensions (Batteries and Drives) as the new one is slightly flatter.

The T40 is the first Thinkpad where the ThinkLight (a small white LED at the top of the display to enlighten the keyboard when working in dark places) is really useful. It got bright.

Where the connectors where on the back at my T23, they went to the side of the device at the T40 – just the paralell port and the AC plug are at the back (and the big extended battery providing the computer with enough power for about 5 to 6 hours). The COM-Port went away. I liked it for the developement of our barcode solution, but the scanner we uase has an USB cable and USB-to-serial adaptors do exist.

The PCMCIA slots went to the front – the audio plugs (now color-coded) to the back. I don’t really like this as I am plugging audio equipement much more often than PCMCIA cards).

Speaking of Audio: It’s really not that bad for a notebook, but not noticably better than in my T23.

Running the thing

When you turn it on, the first thing you notice is that it is calm. But the Thinkpads have a tendency to grew louder as you use them, so the T40 will probably go louder in a few months too…

The BIOS cannot be accessed directly any more. Instead something called “Predesktop Area” can be reached by pressing the “Access IBM” button during bootup sequence. The PA is something that can be controlled by the mouse and allows access to the recovery system, to the BIOS (a standard textmode one), to a partition imager (without suport for external storage) and quite extensive support material. The whole thing eats up quite a lot of harddrive space in a hidden partition (which I have not removed so far but I will not like the outcome as I certainly have read the Service Manual and all those scary error messages about an inaccessible service-partition. Maybe sometime later ;-)

The first thing I did was to reinstall a clean retail Windows XP Professional – I do not like all those customizations the vendors do to the OS these days. This went flawlessly besides the fact that the setup routine did not recognize most of the hardware: No Newtork, standard VGA, no Power Management, no nothing.

The IBM Support Area on their website provided me with all the drivers I needed (and only those I needed – not a lot of useless tools).

The bluetooth-support must be turned on by pressing Fn-F5 which is documented nowhere. It’s a (integrated) USB-Device, by the way: When turining on Bluetooth for the first time (after installing the driver, of course), Windows reports to have found a new USB device.

The bluetooth software is provided by WIDCOM (as nearly always) and comes in the really current version 1.3.something.

The driver for the trackpad is a really great piece of software as it allows quite a lot of tuining to your habits. I really like this scrolling-feature where a scrolling event in the windows the mouse cursor is currently over is triggered just by moving your finger around the right border of the pad. Nice.

The WLAN Support of the T40 is the first I came across that worked without any tweaking in more than one wireless network. Cool. Maybe the time is ready for endusers to use WLAN?

The expirience with the notebook is a very pleasing one: It’s fast, stable and looks great.

If you can spare the money (IBM notebooks certainly are more expensive than others but they work better and have three years of warranty), you should go and buy yourself a T40 – it’s a great piece of hardware.

iPod 1.3 for windows

Yesterday, Apple has released a windows installer for the 1.3 firmware. This really is no interesting news as there are so many ways for getting the 1.3 Mac-Firmware to a Windows iPod:

  • Using a Mac (requires double-reformating)
  • Using XPlay
  • Using PodTronics Updater

    And about this hassle with the not supported 2.0 firmware on old devices: I am quite sure that the new firmware can be installed on old iPods using the last two methods above. Unfortuantly, I don’t have the old iPod any more (my father is having much fun with it), so I cannot try this out [and you should not try it either – at least not try it and have the slightest idea I am going to be responsible for what you are doing – I may very well be mistaken]

by the way

i’ve fixed the search-engine and the comments feature yesterday. apt-get upgrade can be disasterous when you have manually installed perl-modules and perl is automatically updated vom 5.6.1 to 5.8.0. I had to comment the mod_perl-stuff from the httpd.conf just to get the server up again. And then in the rush for fixing everything else, I completly forgot to re-enable the mod_perl directives for this weblog. Sorry.