2010年12月21日 星期二

do, did as assistant-verb

do/did can use as assistant-verb to emphasize what you are saying (sentence meaning)

4.used when no other auxiliary verb is present, to emphasize what you are saying (句中無其他助動詞時,用以加強語氣)
■He does look tired. 他的確顯得很疲倦。
■She did at least write to say thank you. 她至少還寫了信道謝。
■Do shut up! 把嘴給我閉上! British English

2010年12月8日 星期三

Windows Update

Windows Update

We need to update windows XP to SP2, then upgrade to sp3

http link to download the service patch
http://www.microsoft.com/downloads/details.aspx?FamilyID=049c9dbe-3b8e-4f30-8245-9e368d3cdb5a&displaylang=zh-tw

Windows on-line update site
http://www.update.microsoft.com/

2010年12月6日 星期一

HDMI, DVI experience

I had ever setup a blu-ray DVD player (PHILIPS BDP5100). I used the ViewSonic VA2431wm as the output terminal. But the ViewSonic VA2431wm only carried with the D-SUB and DVI input connector. And the PHILIPS blu-ray DVD player was carried with HDMI connector in the video/audio output. So I bought a HDMI to DVI video line (3 metres) to make the two devices interoperability.

One major point needed to notice was that I must setup the video setting of PHILIPS BDP5100 to "1080p" since it's default setting was "Auto". Because the ViewSonic VA2431wm terminal was capable to the 1080p full HD standard. So originally I think it should okay to connect ViewSonic terminal with PHILIPS player combination. But actually the result was failed to make them to operate properly. The reason was that PHILIPS will automatically set the video setting with 1080p/24Hz. And this setting will not be accepted by the ViewSonic terminal. So I must manually to configure the video setting of PHILIPS player to the "1080p". And I must also off/on the ViewSonic terminal while I was starting the PHILIPS player. And then I can see the clear video in the ViewSonic terminal.

I also test with IBT-1283PVR with the above scenario. The IBT-1283PVR will select the 1080p/60Hz as the output screen settings. So I am thinking that ViewSonic only support 1080p/60Hz, it should not support 1080p/24Hz since the above philips case.

2010年12月2日 星期四

細胞小組 -- 「共同的目標,同樣的愛心,相同的情感,和一致的想法」(腓立比書2章2節)

link from http://www.truelightgc.org/cellgroup.html

細胞小組 -- 「共同的目標,同樣的愛心,相同的情感,和一致的想法」(腓立比書2章2節)

走在人生的旅途上,能有一群相知相惜、互相支持的朋友,是最幸福的事!
行在邁向夢想的道路上,能有一群彼此激勵、分享資源的夥伴,是成就大事的祕訣!
歡迎你的參加,與充滿熱情的好友一起分享生命,共同攜手轉化世界!


細胞小組聚會進行的5 W :
Welcome - 破冰遊戲或分享

Witness - 見證上主這一週的恩典與作為

Worship - 透過詩歌敬拜上帝,歡迎聖靈

Word - 領受、分享聖經的話語

Work - 透過禱告與服事成為耶穌在世上的手跟腳

2010年12月1日 星期三

Linux Commands - patch, diff

>> produce the patch file
# diff -uN file.c file.c.new > file.c.patch

>> patch the file to the original file
# patch -p0 file.c < file.c.patch

2010年11月22日 星期一

ipconfig - windows dos network tool

Show the current ip settings in details
C:\ipconfig/all

We can release the ip settings by the following command
C:\ipconfig/release

refresh the ip setting (request the DHCP settings)
C:\ipconfig/renew

2010年11月11日 星期四

2010年11月9日 星期二

Internet Explorer features

Internet Explorer version 8 advanced features
My favorite link - ctrl+shift+I
The digest (RSS) - ctrl+shift+J
History Record - ctrl+shift+H

2010年11月7日 星期日

數位相機選購原則

1. 鏡頭(德國的比較好?)光學的人性化
2. 角度人性化(人眼40度), 不用到60度
3. 操作的穩定性(防手震)

2010年11月3日 星期三

被動式

link from
http://blog.sina.com.tw/missrich/article.php?pbgid=11992&entryid=7862

【英語教室】17. 被動式
在【英語教學】第一單元即談到英文最基本的概念:一個完整的句子,必有一個主詞 (Subject),一個動詞 (Verb),如:

1) I am a student.
2) Mary has a cat.

這類的句型,稱為主動式(Active Voice)。然而,在做動作的主詞不重要、受詞較重要的情況下,我們可用受詞當主詞,稱為被動式(Passive Voice),如:我的車子被偷了 My car was stolen. 誰偷了車,不確定,但車子被偷是確定且重要的。被動式句型:

主詞 + be 動詞 + 過去分詞(p.p) (+by 受詞,因做動作的人不重要,可省略)




其中,原意中必須要有受詞,才能有被動式的形式,因此上面的例句 1) I am a student. 並無受詞,所以無法產生被動式,而 2) Mary has a cat. 主詞為 Mary,受詞為 cat,便可改成被動式 A cat is had by Mary.

被動式裡,受詞為原句型中做動作的主詞,如:

主動式:I have a cat. <--- 主詞為 I, 受詞為 cat
被動式:A cat is had by me. <--- 主詞變成 cat,受詞為原先的 I

在被動式的句型中,Be 動詞隨著時態而變化,這也是最讓人搞不懂的一環,但閱讀下例即可得知很明確的說明。

現在式:He eats an apple. ---> An apple is eaten by him.
過去式:He ate an apple. ---> An apple was eaten by him.
未來式:He will eat an apple. ---> An apple will be eaten by him.
現在進行式:He is eating an apple. ---> An apple is being eaten by him.
過去進行式:He was eating an apple. ---> An apple was being eaten by him.
現在完成式:He has eaten an apple. ---> An apple has been eaten by him.

現在,來做練習吧!

【練習一】Please transform the sentences into Passive Voice.
1. I sold the car last week.
2. My sister sent a gift to me last month.
3. Cathy wrote five novels.
4. I love my cat.
5. Peggy has received my letter.
6. I will finish the project by tomorrow.
7. He was taking a shower when I called him.
8. She has to call her mother tonight.


【練習二】Corrections
1. This picture was took by Lucy.
2. Were the music enjoyed by the audience?
3. These dishes washed by his son.
4. When will the announcement publish?
5. Has Narnia seen by you?


【解答一】
1. The car was sold by me last week.
2. A gift was sent to me by my sister last month.
3. Five novels were written by Cathy.
4. My cat is loved by me.
5. My letter has been received by Peggy.
6. The project will be finished by me by tomorrow.
7. A shower was being taken by him when he was called by me.
8. Her mother has to be called by her tonight.


【解答二】
1. took --> taken
2. Were --> Was
3. washed --> were washed
4. publish --> be published
5. Has Narnia seen --> Has Narnia been seen

英文時態-簡單式、進行式、完成式、完成進行式,各分現在式、過去式、未來式

Originally from
http://tw.myblog.yahoo.com/s9114077/article?mid=173&next=158&l=f&fid=21
http://rayting.pixnet.net/blog/post/16610631

英文時態-簡單式、進行式、完成式、完成進行式,各分現在式、過去式、未來式
.分類:語言-英文2008/01/24 18:40
.【辨別名詞子句、形容詞子句、副詞子句】

1.名詞子句:句中有know、say、ask、tell、that(子句)、what(子句)
名詞子句:主要子句「不」完整,所以另外連結子句說明清楚。
ex:I'm thinking about what I should do. 我在想我該做什麼。
ex:Now I want to know what I should do. 現在我想知道我能做什麼。
2.形容詞子句:whose、when、where、why、for which。(利用代名詞連結句子,並說明原因。)

形容詞子句:主要子句完整,另外連結子句形容主要子句。
3.副詞子句:表時間(before),原因(because),地點(where),目的(in order),方式(as),條件(unless),結果(so that),比較(more than)。
ex:Then I will go out in order that I don't disturb you. 那麼我將出去為了不打擾你。



一、簡單式:(一)現在簡單式,(二)過去簡單式,(三)未來簡單式
二、進行式:(一)現在進行式,(二)過去進行式,(三)未來進行式
三、完成式:(一)現在完成式,(二)過去完成式,(三)未來完成式
四、完成進行式:(一)現在完成進行式,(二)過去完成進行式,(三)未來完成進行式
【一、簡單式】
  (一)簡單現在式:表示現在發生的動作(狀態)。(現在分詞)

ex:There is an apple on the table. 桌子上有一個蘋果。(表現在發生的動作/狀態/想法/情感/能力/特徵)

ex:Summer follows spring. 春去夏來。(表真理或客觀事實)

ex:The boy often reads books after school. 這個男孩經常在放學放讀書。(表經常性動作,常與頻率副詞連用)

*頻率副詞:every day, often, always, usually, sometimes

  (二)簡單過去式:表示過去發生的動作(狀態)。(過去分詞)

ex:I ate an apple just now. 我剛吃過一個蘋果。

ex:I ate an apple yesterday morning. 我昨天早上吃了個蘋果。
  (三)簡單未來式:表示未來發生的動作(狀態)。(shall/will/be goint to+原形動詞)

ex:I will eat an apple. 我將要吃一個蘋果。

ex:I will go to school as soon as I finish eating. 我一吃完飯就去上學。(由when, before, as soon as等連結的時間子句和由if等引導的子句中)

【二、進行式】
  (一)現在進行式:表示正在進行的動作(狀態)。(am/are/is+ V-ing)

ex:I am eating an apple. 我正在吃一個蘋果。
  (二)過去進行式:表示過去某一時刻正在進行的動作(狀態)。(was/were+ V-ing)

ex:I was eating an apple when Mary came in. 瑪麗進來時我正在吃蘋果。
*吃蘋果是瑪麗(過去式)進來時正進行的動作。
  (三)未來進行式:表示未來某一時刻正在進行的動作(狀態)。(shall/will+be+ V-ing)

ex:I will be eating the second apple at 1:55 this afternoon. 今天下午1:55的時候我將正在吃第二個蘋果。

【三、完成式】
see-saw-seen;go-went-gone;teach-taught-taught;write-wrote-written;keep-kept-kept;work-worked-worked;finish-finished-finished;hear-heard-heard;study-studyied-studied;take-took-token

  (一)現在完成式:表示到現在為止已完成的動作(狀態)。(have/has+過去分詞)

ex:I have eaten an apple. 我已經吃了一個蘋果。
ex:He has been here for three days. 他到這裡三天了。
  (二)過去完成式:表示過去某一時刻前已完成的動作(狀態)。(had+過去分詞)

ex:I had eaten an apple when I went out to play. 出去玩之前我已經吃了蘋果。
  (三)未來完成式:表示未來某一時刻前已完成的動作(狀態)。(shall/will+have+過去分詞)

ex:By 2 o'clock this afternoon, I will have eaten two apples. 今天下午兩點之前,我將吃完兩個蘋果。
ex:I shall have watched the movie twice if I go to the cinema again. 如果我再去一次電影院,我就看本片兩次了。

【四、完成進行式】
  (一)現在完成進行式:表示從過去持續到現在仍在繼續的動作(狀態)。(have/has+been+現在分詞)

ex:I have been waiting for another apple for about 2 hours. 我已經等著吃另一個蘋果有兩個小時了。
  (二)過去完成進行式:表示從過去持續到這一刻的過去仍在繼續的動作(狀態)。(had+been+現在分詞)

ex:She had been crying for one hour before her mother came. 她媽媽回來以前她已經哭了一個小時。
  (三)未來完成進行式:表示從過去持續到未來仍在繼續的動作(狀態)。(shall/will+have+been+現在分詞)

ex:I will have been waiting for 3 hours when the train finally arrives. 火車到來時我將已經等候三個小時了。

2010年10月26日 星期二

Linux Commands - iproute2

Use ip command to set the ip address

show the ip address eth0
# ip addr | grep eth0
2: eth0: mtu 1500 qdisc pfifo_fast qlen 100
0
inet 20.20.20.1/24 brd 20.20.20.255 scope global eth0
inet 10.0.0.1/24 brd 10.0.0.255 scope global eth0:0

reset the ip-address
# ip addr flush dev eth0

show the ip address eth0
# ip addr | grep eth0
2: eth0: mtu 1500 qdisc pfifo_fast qlen 100
0

set the ip-address eth0
# ip addr add 10.0.0.1/24 brd + dev eth0

show the ip address eth0
# ip addr | grep eth0
2: eth0: mtu 1500 qdisc pfifo_fast qlen 100
0
inet 10.0.0.1/24 brd 10.0.0.255 scope global eth0

Linux timestamp

Show/Translate Unix like timestam/human-readable-characters
http://www.epochconverter.com/

2010年10月10日 星期日

packet genrator program

List all the packet genrator program can running on the Windows XP.
* netool31 (japanese)
* Npg1.3.0
* engage packet builder (recommented)
http://www.engagesecurity.com/products/engagepacketbuilder/

* ColaSoft packet builder
http://www.colasoft.com/packet_builder/

Source Insight experience

If some data/function was not referenced in the viewing pages, we can press the following button to reload the whole project.
Project -> Synchronize Files -> Force all files to be re-parsed -> OK
Then the symbol table of whole project will be reload to reflect the accurate situations.


If we want to change the font size of viewing screen, we can select Options --> Document Options --> Screen Fonts. And there we can change the font size to favorite one.

2010年9月27日 星期一

Microsoft Project Tips

* Setting the project starting data to make the whole page into the printed page

2010年9月22日 星期三

Linux Command - wget,curl

some tools can communicate(get/post) with the web server (and others) without needing of user interaction

wget
can simulate the get/post client actions
>> wget example
# wget -v --proxy=on --passive-ftp -nd http://www.buildroot.org/downloads/$BUILDROOT_NAME.tar.bz2

>> guessing the cookie (userid=??) assigned by the web server
curl -sb userid=123456789 http://192.168.0.1/login.jsp | grep

2010年9月20日 星期一

IGMP protocol

>> Sending IGMP joint group packet
>> We can use the following socket and format
ret = setsockopt( socket, IPPROTO_IP, IP_ADD_MEMBERSHIP,
(char *)&ssdpMcastAddr, sizeof (struct ip_mreq) );

2010年9月14日 星期二

上帝在阿根廷大復興中的信息與呼召

上帝在阿根廷大復興中的信息與呼召
(摘自「火從天降-阿根廷大復興」)

http://www.hopelamb.net/genesis/fire.html


以下的補述資料係取自一九五一年神在貝爾市所賜下的信息。全篇按主題重新組
合過,此文是譯自西班牙文:注意它未按神所賜原始的次序排列。

--------------------------------------------------------------------------------

對「破碎自己」的呼召

你求我將你破碎;我來成全你,你卻逃避我。你不是想要破碎嗎?好好考慮。
我要你擁有一顆謙卑悔改的心,好讓我塑造。
你若謙卑必被升高,你若自高必降為卑。
你若謙卑我必提昇你。帶著全然單純和謙卑的本性,我將在你身上作工,謙卑吧!
沒有順服,你就不能得著;日日謙卑、時時謙卑!
不要驚訝,當你全然謙卑時,我必使你從彼處升高。
--------------------------------------------------------------------------------

對潔淨的呼召

我的顯現全然純淨。你要聖潔,因為我是聖潔的。好好預備你自己。
你是我手中的器皿;但是我的器皿不得污穢。攤開你的雙手,它們必須是潔淨的。
不只是你的雙手要潔淨,你的心靈也當潔淨。要使你的雙手和心靈都得潔淨。
我能毫無困難的取得你的心,同時潔淨它。但是你若不將它完全交出,我如何潔
淨它?
你不能同時把你的心交在我雙手中,卻又自己保留著。
我在你的裏面鑒察你的心。不可把聖潔擱於罪惡上;必須先除去罪惡。
不可存有自我;必須除去自我。從你的心中除去自我。
當然會受傷!魚兒上勾容易,但是拉出勾兒時會受傷。
你若不學我的樣式,拿什麼去教導別人?你若不經過火的焚燒,又如何傳講我的
火?在我手中有火;我必焚燒所有。
我看到在你心中的一切。你知我看到了什麼?須予燒毀的邪惡森林。你若交給
我,我就能燒毀它。
誠然在我的國度中不得有屬於你自己的任何邪惡事情。若有,我必使其盡淨。如
此我才能設立我的國度,並住在其中。
我要用手帶著煉淨的火擺在你的靈魂中。你的心和你的人必須焚燒。你若交給
我,我必焚燒。所有的污點都除去。我見到你心中許多你自己未曾覺察的可憎之
事;我看得一清二楚。
所有的這一切我必銷毀;你的肉體對此雖感痛苦,但你的靈魂必有喜樂,讓我在
你心中作工。
不要離開我。我必讓你知道你的時辰何時來到,因此你不要再逃迫我。
你的心正受火焚嗎?我當焚毀大片樹林,大樹幹深植你心,焚燒時你必受傷。但
是不要害怕;讓我把它們除去,我會溫柔地治癒傷口。
你若沒有一顆清潔的心,沒有一顆謙卑的心,我就不會祝福你。
你若以自我為中心,或是自傲過人;那就和我要從你面前剪除的偶像無異。
所有你看起來超乎尋常的事情全都是我的計劃;直到全部實現時你必明瞭。
你們就好像一大堆種子,有壞的,也有許多殘缺的,我必將你們揚於空中;只有
那些能結果子的才是我願留下的。你們是種子,我必將你們置於篩子中。
讓我進入你的心,我能改變你。
你知道我嗎?你瞭解我是誰嗎?我是你的天父─祂能改變生命,祂能使黑變白。
願意成為聖潔或者不願意?按我所願去行。
--------------------------------------------------------------------------------

對成為門徒的呼召

在你的生命中誰居首位?你為我擺上多少時間?或只是為了你自己?你只願擺
上一半?斷然不可!全部擺上,否則不必。
你或許不願意也不甘心為我捨棄這一切。
但你要知道;世界的一切都要過去,只有我是永恆約。為了我,不要害怕你將離
開父母或其他你所愛的人。
你們中間有多少人肯為淪喪的靈魂加入「拯救他們生命」的行列?多少人已準備
好要跟隨我?
我所呼召的並不全然會被選上,你們當祈求被選上才是。
你認為一切都很安妥是不?當然你並非全然安穩。你目前所處的尊貴地位、住在
舒適的處所,這些全是耶穌以重價將你贖回而有的。祂比世上所有的財富還要寶
貝。
你會發亮,我要精煉你。有爭戰在你我之問;我必化解爭戰。我的應許是信實的;
我絕不會讓它們落空。
算算看我曾有幾次未實現我的應許?我必信守我的應許。
我在人身上所動的工,你們無法瞭解,也無法推理。
為何你懷疑說我未與你同在?每當你需要的時刻,我豈不正在引領你的生命?我
是你的上帝,這世上將來也絕不會有任何人像我一樣。我必保守你,我必護庇你;
我必與你同活。答應我,我將進入你的內心。
要忍耐!學習等候我。守候、堅信你必得著。不要沮喪,也不要問何時。將它交
在我的手中,只要等候我。
為什麼麼你相信自己的意念?要信賴我。
向我求信心,信必得著。我必賞賜給你。
相信我!我是賜你豐盛生命的神。
相信我!最重要的是相信我的話語。
--------------------------------------------------------------------------------

對光明、生命和愛心的呼召

我必賜你生命。不再貧乏或軟弱,而是像我一樣的生命。
聖靈的活水從我流向你,並流遍全世界。
神豈是虛謊的嗎?我是信賓的……你呢?
你只不過是幻影。若我除去我的光,你就不見了。我是光明的神。
你能測度我對你的愛嗎?它是那麼的長、闊、高、深,像你距我一樣地那麼深、
那麼遠。
我曾以永恒的愛愛你。因我的慈愛,我饒恕你的偏邪。
愛要真愛。我不願得到你虛偽的愛。我願你全心真實地愛我。
你若愛我;就按我所吩咐的去行。
你把我賜你的愛心失落何處?為何你們不彼此相愛?你曾否學我的樣式?你不
該效法別人,只要效法我。用我賜給你們的愛彼此相愛。若連周圍愛你的人你都
不愛,又如何愛那些恨你的?
不要停上愛你的仇敵和你的鄰舍。許多人正因疾病、煩惱受苦,為罪悲傷。為他
們呼求!為他們代禱!
別人現在能從你身上見到我嗎?他們能察覺我的慈愛和良善?你曾領受我的
愛,把我的愛施予他們?
--------------------------------------------------------------------------------

對順服的呼求

你不能照你的方式來就我,你要先定意在我的手中。
我需要你準備好,並照我所願的去行,而不是照你的意思。
你要忠實地去完成我所吩咐你行的一切。不要跑在我的前面去作我未曾命定的。
不要怕做錯,害怕必從你心中出去。你若不照我所告訴你的去行,雖然表面上會
像我,但其實並不是。
我無法在你身上作工,因為你不持續按著我所吩咐的去行,趕快先完成它吧!
你向我祈求的不夠。你應按我的旨意而活。
不要留地步給魔鬼。把你的肉體帶到我的面前,按我手所指引你的去行。
你願完成我的旨意嗎?你願做一切合乎我旨意的事嗎?你願按我所吩咐的去行
嗎?
我看見許多人答應我,要全心全意按我的旨意行。但是我在他們中間發現許多人
是不甘心樂意的、說謊的、害怕的,同時只愛他們自己的。
不要放蕩你的生命。快遵行一些取悅我的事,奉獻你自己,按我的旨意行。行在
我的道中,不要偏離。因為你如果偏離,你必要付出很大的代價才得轉回。
從約拿的生活中學習。沉默不是真理;但是也不要把珍珠丟在豬的面前。
--------------------------------------------------------------------------------

對禱告的呼求

你在尋找什麼?你在追求什麼?先求上帝!你所追尋的都在我雙手中。你心中應
火熱常向我祈求。日夜向我呼求。不要忽咯向我呼求。我是你的天父。不要虛耗
光陰;來尋求我的面。不要怕單獨來見我,因你將單獨得到我所賞賜的。
恒切向我禱告。不論你在何處,不論你正在執行什麼工作,都要禱告。繼續挖掘,
因為你在參與之後,必會得到寶藏。
不要停止禱告。你不必全時問跪著作習慣性的禱告,而是要用心靈和誠實禱告。
孩子,我在那裏?難道我只在你跪下的地方嗎?你豈不知甚至你休息時我也在你
身邊嗎?
我盼望每時每刻與你同在,不時地照顧你,兔得你離開我片刻。不論你在何處,
要恆切禱告。你若不禱告怎能期盼像我?
靈性不要打盹,否則我必從你身邊越過,你必不得見我。
我的大能夠你用的,但是你饑渴時卻不喝我賜你的活水;你反而喝我未賜給你的。
不要認為我未向你顯現大能,也未答允你的祈求,就是忘了你。不要認為沒立刻
得到我的應允就是將你撇棄一旁。所有你誠實的禱告已領你到我面前。向我呼
求!縱然你所見的並不可能橫在你的面前。
你若不經歷痛苦、爭戰、哭泣、勞頓筋骨,加上守望‧‧‧,又怎能感謝我所賜
給你的?
萬事正在互相效力。用耐心及不變的謙卑恒切追尋我。
--------------------------------------------------------------------------------

對受苦的呼求

誠然你必受苦。然而你願選擇那一項?受苦後讓我住在你心中,或不受苦作一個
在我面前的一般人?人在我面前算什麼?只是可憎之物。
不要以為你奔走的路都是沒有刺的薔薇;前面充滿了刺。
受試驗的時候,定睛向我;同我面對擺在你面前的諸般景況。
你必要受風寒、飢餓、迫害,甚至死亡的苦。尋求避難所,我必不使你被仇敵的
頭所勝。把你自己交在我的手中。你必不至滅亡。公義之子必在你面前得榮光。

--------------------------------------------------------------------------------

對誠實的呼求

不要讓你自己被你的心所蒙蔽。我察看它時,發現其中充滿了邪惡,千萬不要相
信它所告知你的。只要向我仰望。不要容你自己被你心中所形成的虛假意念所蒙
蔽。不可相信它;免得被欺哄。不要信賴它,因為它背叛你。
我勝了那位把混亂擺在你心中的魔鬼。
在我跟前,沒有隱藏的事;我就是尋求你心意的神;我知道你需要何事。

--------------------------------------------------------------------------------

對勝利的呼求

看哪!掌管天地間的惡魔已被我掛起。
當以我父的國度為中心。若你的私慾未完成,那不是我的過錯。我甚至把我的國
度都給了你。
我必賜你我所應允你的;但是不要認為你輕易的就可得著。一個人僅經歷聖靈的
浸禮是不夠的;我還有更多要給你。對你所不知道的事要保持緘默。
沒有我你毫無價值,讓我住在你心中。沒有我,你一文不值;只是塵土。
若是你不願去我要你去的地方,而反去你自己想去的地方,我必不引導你。
我必把你找在我的避難所,縱然怒海阻止你來就我。
要保守你自己,不可粗心大意。免得你的疏忽使你行走了冤枉路,失去我所賜你
的一切。你是受祝福的;不要輕看你所受的祝福。
只要仰望我,不要看你周遭的暴風雨。因為如果你看一眼,暴風雨將立刻籠罩你。
注意你們當在靈裏合一。你們當在靈裏以愛心相繫,把所有的攻擊交在我手上,不要論斷任何人。他們會對我說褻瀆的話,不要挺身對抗他們。注意,你們不要
對我所按立的抱怨。
你們能瞭解我在你們中間和在我所揀選的中間作的工嗎?若能,解釋看看,但不
要嘗試,因為那是徒然的。沒有人能瞭解我聖工的開始,除非我啟示給他。
不要懼怕你所聽到的那些與我工作持相反意見的議論。人的意念無法瞭解我的聖
工;他們太渺小了。
若是你不明白我的聖工,你會停止禱告尋求我的面嗎?若是到目前為此,你未得
到勝利,你會因此而放棄我嗎?在你我中間若有爭戰,我必化解。你只要憑信心
來到我現在的地方。
咆哮的獅子在地面走來走去,咒咀必臨到他和他的嘍囉。你怕他們嗎?不要害
怕。我要你知道,他們在自己的房舍中居住;不要和這些地方有任何牽連。
你在邪惡的世界中,但你是屬於我所居住的天國中的一份子。
不要到不該去的地方,不要接觸邪惡的事情。
不要容自己被惡魔試探。牠使你愚昧,我卻賜你生命。

--------------------------------------------------------------------------------

對阿根廷的呼求

噢!阿根廷哪!你正在拒絕我的愛!你為何如此高傲?因為你富足?是誰賞賜
你這些財富?靜下來想一想。我仍未取走我對你的愛,但是你若堅持拒絕我的
愛,你必不得見我的榮光。
你的心被虛榮所捆綁。你貪慕虛榮。但你從未思考我的愛。你表面愛我,但是你
卻未發現你內心的空乏。
注意!想想看!在你的道上停下來!噢!很快地,你必顫抖;你的內心必震驚。
你若持續如此行,咒咀必臨到你;當然我的怒氣也必臨到你。
你的審判像怒海狂奔。為何你為自己辯護?你以為你所擁有的均是屬於你自己
的?你所站立之處是我的,包括其中和其上的一切都屬於我。
噢!噢!不要拒絕我。為何你徒然地吹噓自己?你什麼都沒有。你是空乏、盲目、
貧窮、可憐的。
但是如果你帶著真正的謙卑懇求,我必使你升高。你若在我面前謙卑,你必得著
生命。
注意我現在向你說的:我不在虛榮的廟宇中居住;也不在你雙手所造的雕像中。
悲哀的是你信靠那虛謊的偶像,殊不知他只會帶你到悲慘和可憐的境界。
你以為你是至高無上的;虛榮滿了你的面。
看哪!你是僕人。你若順服地把自己交在我的手中,成全我的旨意,我必傾福於
你,我必與你同住。
我賜你充滿能力的活水,你若拒絕,咒咀必臨到你。
你表面美足,但是內心污穢。唉!沉淪的人哪,不是被水淹沒,而是被罪惡淹沒。
謙卑吧!我必饒恕你。你若不謙卑,仍自高自大,你必不得憐憫而死。
你不認識我的愛。若是過去你曾認識,又怎會為自己的景況而悲哀?我正在等待你,但是時間會悄悄溜走;不要時候到了,你卻仍未向我悔改。
你知道否了萬物的結局是你將見到真正的我。你目前尚不認識我,那就好好等
候,與我同行一段時日,到時你可說,「我認識你!」我必賜給你生命,如此會
使你周圍的人驚訝!永遠不要在我面前誇口。
全國將要聽到、看到,同時駭異她在我面前的罪惡景況。若是如仍自高向大,我
就離開她。
從南到北,從西到東都必聽見我的聲音。聖靈的活水將經你流向全世界,如此可
使他們回到我的腳前,他們必悔改。
罪惡之成﹝布市﹞必顫抖。我必落到卡哥和其他各省。他們正活在人的意思中,
沒按我的旨意活。
伊娃帕容當顫抖。連同一切她的主要官員和助手都當擅抖。他們當知誰是上帝。
他們當大大的驚駭,咒咀必臨到他們。
伊娃帕容將看見我顯現時的雷霆臨到她的身心。當他們看見我,看見真正的我
時,她和她的忠實群黨當大大地顫抖。
在阿根廷的南方還有許多百姓不知道我子耶穌的名。他們活在充滿罪惡的生命
中,那是我無法忍受的。
你們中間當站立在這世界的統治者和高位的人面前。但是在我跟前,他們是卑微
可恥的。
大運動場當成為我的禮拜堂,他們當在那裏得見我的榮光。千千萬萬的人都必得
救。
你們仇敵的戲院和其他地方必成為荒場,因為我必落到這個國家。不僅是這塊土
地。還有我所指引你的每個國家、每個城市。廣闊之地必被坐滿,好讓百姓能聽
見我的話語並悔改。
許多人必向我改變。但是他們若拒絕我,不更祈、不向我悔改,必支到大毀滅。
世界滿了污穢;最嚴重的是驕傲、虛謊、不順服、高傲的意念和反叛。成千上萬
的人躺在罪惡的墳墓中。黑夜即將臨到你,同時將伸展它黑色的斗蓬。
尋見這個命令:「除去驕傲。」白晝即將來臨,我必傾出我的怒氣,咒咀必臨到
那不在我面前謙卑的。

--------------------------------------------------------------------------------

對世界的呼喚

噢!邪惡的世界!現在你們當在我手中顫抖。我必以火銷熔你。你若不悔改,在
我看來是極可憎的。世界正在呻吟;世界卸將爆炸,世界當毀去。
噢!你當毫無憐憫的消失,你若不把握我所賜的最後機會。噢!世上的人哪!你
當預備。
我即將來臨,不再延遲。你當完成我所吩咐你的,你當儆醒守候我的來臨。世界
即將在很短的時刻逝去。

--------------------------------------------------------------------------------

對你的呼喚

你認為阿根廷的景況如何?你希望她的未來如何?你想為她作什麼?她的景況
沒打動你的心嗎?看她現在活在罪中的景況!許多人尚且不知道他們所作的;你
打算為她作什麼?來吧!讓我們橫越她的道,傳講我所賜給你的。
你把我給你的愛失落於何處?你對鄰居的愛何在?阿根廷的百姓也是你的鄰居。
你用我賜給你的愛心為眾靈魂做了些什麼?他們正在滅亡。你想為他們作些什
麼?許多靈魂滅亡……這些可憐等待的靈魂。看看他們……為他們悲傷,你願不
願拯救他們?不要再硬心了。

http://www.hopelamb.net/genesis/fire.html

弟兄姊妹們,你相信我們也能經歷這樣的神蹟嗎?

威爾斯復興運動之後,醉酒案驟降了33%,當時的法官也無案可審了。原本講粗言穢語的礦工,信主後就不說粗言了

弟兄姊妹們,你相信我們也能經歷這樣的神蹟嗎?神的兒女必須積極追求神的榮耀!

1. 過去有任何未向神承認的罪,應當立刻承認,要除去隱藏的罪
2. 時常順服聖靈
3. “公開”承認耶穌基督為救主

更多內容:
http://bibletimes.netfirms.com/cgi-bin/topic.cgi?forum=5&topic=657

精選歌歌

【你是為了接受主愛被揀選的人】 @ 都市標竿教會~社青天地 :: Xuite日誌
【你是為了接受主愛被揀選的人】 @ 都市標竿教會~社青天地 :: Xuite日誌

天韻 - 真光
http://www.ysong.org/html/2/11/39/480.html

Web security detection tools

nmap is aviable in both Linux and Windows version.

scan a specified range of target
# nmap -p1-100 host-IP-address
[omit]
Not shown: 97 closed ports
PORT STATE SERVICE
21/tcp open ftp
25/tcp open smtp
80/tcp open http

2010年9月13日 星期一

Linux Service - setup nessus

1. download the nessus rpm. My host was FC8, so I download the Fedora Core 6 package: Nessus-4.2.2-fc6.i386.rpm.
# rpm -ivh Nessus-4.2.2-fc6.i386.rpm

2. After extract the files from tar ball, then create a nessus root user.
# /opt/nessus/sbin/nessus-adduser

3. Register on the nessus web site, and nessus will send a registration feedback mail in clude the serial code. Include the following messages
>>>
+ Linux and Solaris Users :
To activate your account, simply execute the following command :
# /opt/nessus/bin/nessus-fetch --register WEBEVAL-E607-9C72-E426-8695-5424
>>>

So I simplify run the directed command
# /opt/nessus/bin/nessus-fetch --register WEBEVAL-E607-9C72-E426-8695-5424

4. Start the nessus daemon
# /opt/nessus/sbin/nessus-service -D
Copyright 2004-2010, Tenable Network Security, Inc. 25
nessusd (Nessus) 4.2.2 for Linux
(C) 1998 - 2008 Tenable Network Security, Inc.
Processing the Nessus plugins...
[##################################################]
All plugins loaded

5. Use browser to connect to the nessus host, like following link. My nessus host was located in the private network.
https://172.25.104.16:8834/ ==> Note, here is "https" service

6. Construct a nessus "Policy" to define the testing behavior

7. Construct a nessus "Scan" to utilize the pre-setting Policy


nessusd will play the role of scan server. And we can use any browser to connect the nessusd resident server. And then control nessusd (set policy/issue scan/view report...). Another way we can use nessus as a client daemon to control nessusd.


check feed types
# cat /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
PLUGIN_SET = "201009122334";
PLUGIN_FEED = "HomeFeed (Non-commercial use only)";

update the most recent plugins
# /opt/nessus/sbin/nessus-update-plugins

check what the feed type you are current usage
# /opt/nessus/bin/nessus-fetch --check

we can check the plugin load/unload messages through the following files. (We must enable the feature by click the Edit Policy->General->Scan->Log Scan Details to Server option)
# ls -la /opt/nessus/var/nessus/logs/nessusd.messages

messages was something like this >>
[Tue Sep 14 12:04:12 2010][7322.3407] user xxx : launching torture_cgi_inject_html.nasl against 192.168.0.1 [4979]
[Tue Sep 14 12:04:12 2010][7322.3407] torture_cgi_header_injection.nasl (process 4978) finished its job in 0.018 seconds
[Tue Sep 14 12:04:12 2010][7322.3407] user xxx : launching torture_cgi_redirection.nasl against 192.168.0.1 [4980]
[Tue Sep 14 12:04:12 2010][7322.3407] torture_cgi_inject_html.nasl (process 4979) finished its job in 0.018 seconds

2010年9月6日 星期一

The configuration/compilation steps of ushare/libupnp/libdlna

*** ffmpeg-0.4.9-0.9.20070109.rf.src.rpm extract/configuration/compilation steps

// In order that we can compile the libdlna-0.2.3, we must install the ffmpeg v0.5 (we use the ffmpeg-0.4.9-0.9.20070109.rf.src.rpm package)
// we use the special version/tag of ffmpeg to finish the libdlna copilation cause of libdlna will find the special include path (/include/ffmpeg). Since version 5.1 of ffmpeg, ffmpeg restructured the build path structure. And this will direct libdlna unable to successfully configure/compile.

# rpm2cpio ./ffmpeg-0.4.9-0.9.20070109.rf.src.rpm | cpio -ivd
# cd ffmpeg-20070109
# ./configure --prefix=/home/username/usr/ --enable-memalign-hack --enable-shared

or (20101125)
# ./configure --prefix="/usr/local" --enable-shared --disable-static --disable-debug --disable-ffserver --enable-ffmpeg --disable-ffplay --enable-memalign-hack --enable-postproc --enable-version3 --enable-zlib --disable-stripping --enable-small --enable-ipv6 --enable-gpl --disable-encoders --disable-decoders --disable-muxers --disable-demuxers --disable-parsers --disable-bsfs --disable-protocols --disable-indevs --disable-outdevs --enable-decoder=aac --enable-decoder=ac3 --enable-decoder=atrac3 --enable-decoder=mp3 --enable-decoder=jpegls --enable-decoder=mjpeg --enable-decoder=mjpegb --enable-decoder=gif --enable-decoder=png --enable-decoder=h264 --enable-decoder=mpeg1video --enable-decoder=mpeg2video --enable-decoder=mpeg4 --enable-decoder=mpeg4aac --enable-decoder=mpegvideo --enable-decoder=pcm_s16be --enable-decoder=pcm_s16le --enable-decoder=pcm_u16be --enable-decoder=pcm_u16le --enable-decoder=wmav1 --enable-decoder=wmav2 --enable-decoder=zlib --enable-demuxer=aac --enable-demuxer=ac3 --enable-demuxer=dts --enable-demuxer=ffm --enable-demuxer=mp3 --enable-demuxer=image2 --enable-demuxer=mpegps --enable-demuxer=mpegts --enable-demuxer=mpegvideo --enable-demuxer=mjpeg --enable-demuxer=rtsp --enable-demuxer=sdp --enable-demuxer=v4l2 --enable-demuxer=wav --enable-parser=ac3 --enable-parser=h264 --enable-parser=mjpeg --enable-parser=mpegaudio --enable-parser=mpegvideo --enable-parser=mpeg4video --enable-protocol=file
# make
# make install

ffmpeg-0.6.1
# ./configure --prefix=/home/username/usr/ --enable-memalign-hack --enable-shared --enable-debug=3
# make
# make install


*** libdlna-0.2.3 configuration/compilation steps

>> Because of the ffmpeg dependency libraries is not located in the standard system path, so we must specify the library path in the shell
# export LDFLAGS="-L $HOME/usr/lib"

libdlna-0.2.3
# ./configure --prefix=/home/userName/usr/ --with-ffmpeg-dir=/home/username/usr/ --enable-debug
or
# ./configure --prefix=/home/username/usr --enable-shared --enable-static --enable-debug --disable-strip --disable-optimize

libdlna-0.3.0
# ./configure --prefix=/home/username/usr --enable-debug
or
# ./configure --prefix=/home/username/usr --enable-shared --enable-static --enable-debug --disable-strip --disable-optimize --disable-sqlite

Because we don't install the emacs tools etags/ctags in the compiling server, so we just comment out the execution of TAGS.tags which will run the etags/ctags program.
# vi src/Makefile
#all: depend $(BUILD_RULES) TAGS tags
all: depend $(BUILD_RULES)



*** libupnp-1.6.6 configuration/compilation steps

# ./configure --prefix=/home/userName/usr/ --exec-prefix=/home/userName/usr/ --enable-debug
# make
# make install

*** ushare-1.1a configuration/compilation steps

>> Because of ushare use "pkg-config" to do the version dependency checking, so we must specify the pkg-config path to find the packages config files (*.pc)
# export PKG_CONFIG_PATH=/home/userName/usr/lib/pkgconfig/

>> Because the libdlna run time will need to load dynamic libraries of ffmpeg libraries, so we must specify the LD_LIBRARY path to achieve the library path searching
# export LD_LIBRARY_PATH=/home/userName/usr/lib

>> Finally we can list all the related environment variables simply by execute "printenv" command
$ printenv | grep "FLAG"; printenv | grep "PATH"
LDFLAGS=-L /home/userName/usr/lib
CFLAGS=-I /home/userName/usr/include
LD_LIBRARY_PATH=/home/userName/usr/lib
PATH=[omit]
PKG_CONFIG_PATH=/home/userName/usr/lib/pkgconfig/

ushare 1.1a
# ./configure --prefix=/home/userName/usr --with-libupnp-dir=/home/userName/usr --with-libdlna-dir=/home/userName/usr --enable-debug --enable-dlna

ushare 1.2 (download from hg repository 20101026)
# ./configure --prefix=/home/username/usr --with-libdlna-dir=/home/vincentlin/usr/lib --enable-debug

>> Edit the config.mak, add the following setting, include VERSION definition and include path of config.h for the src/presentation.c compilation usage. Of cause other .c files will also need these gcc options. This is possible a uShare bug (I am not sure :D ). FIXME, maybe it should have a standard config or solution.


modify config.mak file as following
OPTFLAGS=[original settings] -DVERSION="\"1.1a\"" -I../
[The second time I encountered the same problem but I still got mistake. :( Must remember next time! )

# make
# make install

tftp usage

Linux Command (busybox)
# tftp -g -r filename 192.168.100.2

Examples from the internet:
Usage: tftp [OPTION]... HOST [PORT]

Transfers a file from/to a tftp server using "octet" mode.

Options:
-l FILE Local FILE.
-r FILE Remote FILE.
-g Get file.
-p Put file.


>> download a file from the tftp server
# tftp -g -r filename.txt 20.20.20.1

>> upload a file to the tftp server
# tftp -p -r filename 1.2.3.4
NOTE: don't add the path prefix on the filename, as
# tftp -p -r ./path/to/filename 1.2.3.4 ==> This case will due to TFTP access violation error

Windows embedded with tftp client
upload file
C:\>tftp -i 192.168.100.2 PUT UploadFile
download file
C:\>tftp -i 192.168.100.2 GET DownloadFile

We can also use Tftpd program, it also has the tftp client

tftp server (shareware)
TFTPD32
http://www.jounin.net/tftpd32.html

2010年8月30日 星期一

Setup DLNA/UPnP media server/control-point

DMS opensource
>> ushare
>> mediatomb
We need to install extra 2 libraries
libjs
id3lib

because I install from RPM, so I download the following 2 rpm files
* id3lib-3.8.3-7.fc8.rf.i386.rpm
* js-1.60-4.fc8.i386.rpm
and the main mediatomb rpm
* mediatomb-0.9.1-1.fc7.i386.rpm
to install the UPnP AV media server

Be sure to disable the firewall rule blocking to allow the intial connections from DMP

>> How to run mediatomb
# mediatomb -i 172.25.104.201 -a /root/share


DMP opensource
>> GeexBox
config tutorial
http://forums.techarena.in/guides-tutorials/1131062.htm


UPnP need the auto IP configurations, we can use avahi-autoipd to reach it
# avahi-autoipd -D eth1


DLNA cetificated devices include 3 main category
* Home Network Device (HND)
- Digital Media Server (DMS)
most popular usage or appliance that will implement
- Digital Media Player (DMP)

- Digital Media Render (DMR)


- Digital Media Controller (DMC)

- Digital Media Printer (DMPr)


* Mobile Handheld Device (MHD)


* Home Infrastructure Device (HID)

2010年8月26日 星期四

* telephone exchange
* telephone switch
Both telephone exchange or telephone switch are a system of electronic components that connects telephone calls. This process was manually before, nowadays it is an automatically process.

* Inside Plant
Telecomunication equipments that located in the telecompany building, such as DSLAM. In CATV, possible called CMTS.

* Outside Plant
Telecomunication equipments that located between main distribution frame (MDF) and User End instrument (or called Customer Premises Equipment).

Circuit switch versus Packet switch mechanism

Circuit switching
* Middle routers must presetup the link to transmit the data between two different DTEs
* Circuit-switched networks require dedicated point-to-point connections during calls.
* Data will arrive with constant bandwidth and at constant delay.
* example include Public Switch Telephone Network (PSTN)


Packet switching
* No need to presetup the link to transmit the data between two different DTEs. Data will go ahead from the source DTE to the destination DTE by using the store-and-forward mechanism in all the middle routers
* Pakcet-switched networks don't require dedicated point-to-point connections during calls.
* No predetermined path
* Data will not guarantee with constant bandwidth and constant delay. The communication may suffer from variable bit rate and delay, due to varying traffic load and packet queue lengths
* Include connection-oriented (known as virtual-circuit, described as stateful.) and connectionless (described as stateless)
* examples include TCP, X.25, Frame Relay, GPRS
* Virtual circuit switching technologies include ATM (use VCI/VPI in the cell header), MPLS

2010年8月25日 星期三

PPP protocol related

PPP (Point to Point Protocol)
* Can use to establish a direct connection between two network nodes
* This is a method for encapsulating multible protocol datagrams.

* It can provide connection authentication, transmission encryption privacy, and compression.
* A data link layer protocol

Q. How to setup a PPP connection?
- First of all, the Link Control Protocol (LCP) must be used to establish communications over a PPP link. Each link end sends LCP packets to configure, and test the data link connection. Subsequently, when the link is established, the peer may be verified by authentication.
- Once the link has been made, a Network Control Protocol (NCP) is used to establish and configure one or more network layer protocols that will be used for the link. Then datagrams from those network-layer protocols can then be sent over the link connection. The link will continue until closed.


* It is designed to supersede the Serial Line Internet Protocol (SLIP) and telephone company mandated standards (such as Link Access Protocol, Balanced (LAPB) in the X.25 protocol suite).
* It is designed to be conformable with other network layer protocols, including Internet Protocol (IP), Novell's Internetwork Packet Exchange (IPX), NBF and AppleTalk.

Q. Why does the EtherType contain PPP, 0x880B? Is PPP possible over Ethernet individually?

A Typical PPPoE Session flow



PPPoE packet format













PPPoE (Point to Point Protocol over Ethernet)
action flow as following steps
1. PPPoE client and PPPoE server interact with a series of packets include PADI/PADO/PADR/PADS. While the PPPoE client receive the PADS packet. PPPoE client will get the PPP session ID.
2. By using the received session ID. PPPoE client can start the PPP negotiation with the PPPoE server
3. After finished the ppp negotiation steps (about 20 ~ 30 packets). We get a ppp session.
4. Now we can process the application onto the ppp session.
5. While we finished the application executions. We can tear down the ppp session by sending PPP session-terminate request.



* Refer the following link
http://fengnet.com/book/VPNs%20Illustrated%20Tunnels%20%20VPNsand%20IPsec/ch04lev1sec3.html
* It is mainly used by telephone companies. Client side user can "dial" to the server side router and gather a group of address for the following usage.
* The PPPoE has two distinct stages:
- PPPoE Discovery stage
a. Find the destination MAC address
b. Find the available session ID for the further usage
- PPP session stage

* EtherType define the PPPoE include the following value:
0x8863 PPPoE, PPP Over Ethernet (Discovery Stage).
0x8864 PPPoE, PPP Over Ethernet (PPP Session Stage).

Test items

Functional testing
Unit test, Module test
Conformance, sometimes we call "Interoperability"

Large volume testing
Capacity test, estimate the maximum volume of the DUT
Stress test, place the DUT in the high-pressure environment for a long period
Stability, place the DUT in the continuous great change environment

L2TPv3 experience

* A kind of Layer2 VPN that can carry multiprotocol on the ip-based backbone.
Multiprotocol include packet-switched traffic, such as frame relay, ATM and Ethernet, and time-division multiplexed traffic, such as voice and leased line.





MPLS tutorial

* MPLS can leverage the infrastructure of ATM network
* Use label substitution technology to route the packet from source to the destination
* The signaling method of ATM is complex. The MPLS method simplify the signaling method of ATM to IP-based request/response control protocol. Include
- UDP-Hello/UDP-Hello
- TCP-open/Initialization(s)
- Label request/Label mapping

different VPN skills

Layer2 VPN, include
IETF Martini draft
Circuit Cross Connect
Layer 2 Tunneling Protocol Version 2 (L2TPv2)
Layer 2 Tunneling Protocol Version 3 (L2TPv3)



Layer3 VPN
IPSec
L2TP
L2F (provided by Cisco?)
PPTP

2010年8月24日 星期二

DTE vs DCE











(Refer from the http://www.infocellar.com/cable-dsl/dte-vs-dce.htm)

Actually, DTE and DCE are different for the pin definitions of the connecting-interface. For the case of Ethernet scenario. In the DTE, port 1,2 are transmitted port, port 3,6 are received port. In the DCE, port 1,2 are received port, port 3,6 are transmitted port.
Cardinal Rule

DTE-DCE or DCE-DTE connections use Standard Ethernet Cable (straight-thru)
DTE-DTE or DCE-DCE connections use crossover Ethernet Cable (send/receive "cross over")
DCE/DTE refer to interfaces - not the actual device. A device can have both DCE and DTE ports. However, in general:

PC LAN cards (NIC - Network Interface Card) are DTE
Hub LAN ports are DCE
Hub Uplink Ports are DTE - it is a shared port with the last LAN port, but has the pinouts crossed
Cable Modem LAN port is DCE
Router LAN ports are DCE
Home Router WAN Ethernet ports are DTE

Almost all the WAN ports of CPE (Customer-premises equipment) device are DTE. All the LAN port of CPE devices are DCE.

曾興才牧師 - 20100808 - 我們渴望更多

曾興才牧師 - 20100808 - 我們渴望更多

兩個神學生的故事
21天佈道會,216個人決志,9000多人參加,我們要進入神蹟奇事的季節,信心的強心針

1. 福音仍然是神的大能
要救一切相信祂的人,只有耶穌基督能拯救罪人,有赦罪的權柄,耶穌說,你的罪得赦免了
保羅說,我若不傳福音,我就有禍了

2. 今天耶穌仍然醫治病人
耶穌願意大麻瘋的人
耶穌愛你,21天醫治佈道會,做美好的見證
繼續為病人火力禱告吧

3. 神仍然垂聽,應允我們的禱告
每一天下午3:30~6:30琴與爐的禱告
6:30~7:30 劉師母的禱告

同心合一的禱告是大有能力的(二人以上)
在公司和同事為公司禱告,在家裡為孩子、婚姻禱告

4. 神仍然使用你來行神蹟奇事
你我就是行神蹟的器皿
我實實在在的告訴你,我所做的,信我的人也要做,並且要做比我更大的事,因為我往父哪裡去,因為聖靈降臨在我們身上

聖靈是沒有限量的,充滿彼得,約翰,耶穌的聖靈一樣充滿在我們身上

2010年8月19日 星期四

資訊產業代工模式 - Some abbreviation of computing industrial

OEM - Original Equipment Manufacturing, current this model is less popular

ODM - Original Design Manufacturing, this model is work popolary, especially for the vendors in Taiwan

EMS - Electronics Manufacturing Service, Large scale information manufacturing, it was popoular and important in the recent decades.

CMMS - JDVM, Component Module Move Service - Join DeVelopment Manufacture. This is proposed by the Foxconn Technologies.

CMMS - JDSM, Component Module Move Service - Join DeSign Manufacture. This is proposed by the Foxconn Technologies.

什麼是電子專業代工(electronic manufacturing service, EMS或contract electronic manufacturing, CEM)

2010年報導 - 目前全球EMS產業營收第一名為鴻海(Foxconn), 第二名則為偉創力(Flextronics), 參考下列報導資訊

精實新聞 2010-07-28 15:45:32 記者 郭妍希 報導
科技市調機構iSuppli 27日發表研究報告指出,拜大客戶蘋果(Apple Inc.)營運快速成長之賜,2011年電子製造服務(EMS)大廠富士康(Foxconn Technology Group)營收佔整體EMS產業的比重料將超過50%,高於2009年的44.2%。

根據iSuppli調查,2010年第1季鴻海(2317)營收年增54.1%(季減19.7%)至171.47億美元,居全球EMS業者之冠,遠高於第2名偉創力(Flextronics International Ltd.)的59.4億美元。此外,鴻海Q1營收年增率也遠優於前10大EMS廠商的營收平均年增率27.5%。


Information from http://www.emsnow.com/spps/sitepage.cfm?catid=84
EMS ranking 2007
1. Foxconn
2. Flextronics
3. Jabil
4. Sanmina-SCI
5. Celestica

ODM ranking 2007
1. Quanta
2. Asustek
3. Compal
4. Wistron
5. TPV

2010年8月18日 星期三

股票投資

EPS(每股盈餘)=盈餘/流通在外股數
 EPS為公司獲利能力的最後結果。每股盈餘高代表著公司每單位資本額的獲利能力高,這表示公司具有某種較佳的能力──產品行銷、技術能力、管理能力等等,使得公司可以用較少的資源創造出較高的獲利。

EPS 選股網站
http://fund.bot.com.tw/z/zk/zk0/zkmain_2_3.djhtm

2010年8月15日 星期日

仲琦獲Comcast數據機大單,今年EPS逾2元

精實新聞 2010-06-11 19:51:45 記者 陳祈儒 報導
仲琦(2419)董事長鄭炎為在11日法人說明會上表示,新竹研發製造部門接獲美國最大有線電視業者Comcast的四合一數據機約40萬台的訂單,整合了eMTA、Modem、Router與Wireless功能,客戶希望在今年10月份之前交貨完畢,預計可以挹注今年營收約10億元。

由於仲琦的台北SI系統部門今年業績可達16億元,新竹部門上半年就有21億元的業績,再加上該部門新單激勵營收倍增的效應,新竹部門全年業績應有42億元,因此法人也估計,今年仲琦全年營收達58~60億元,全年EPS至少2元起跳,每股獲利呈現倍增。

鄭炎為表示,仲琦大陸的Cable產線僅4條產線,在台商近期的調薪效益下,並不想增加更多的生產線與員工,以目前的訂單量其實來應要8條才夠,若再加上歐美等地市場的新接訂單,評估更要有11條產線才夠,因此目前公司已透過外包方式生產。他說,今年DOCSIS 3.0已逐漸替換成DOCSIS 2.0產品,而2011年也將全部進入3.0的換機潮。

鄭炎為指出,Comcast今年給仲琦訂單算是新產品設計,不是單純的單功能數據機,而是有整合可以傳遞數據資料的Router與無線(wireless)功能。Comcast的新品訂單今年先由仲琦來交貨,該客戶並預計明(2011)年將會有另外的200萬台訂單,明年的供應商當然不僅僅是仲琦,還有其他非仲琦的同業供應鏈來分享訂單。

仲琦累計前1~5月營收為21.16億元。法人預估,仲琦6月營收可望持續衝高,新竹廠6月份約5億元、台北廠6月份為1.4億元,因此整體仲琦營收6月份可望突破6億元、創下單月歷史新高。

由於仲琦在韓國、日本、北美與歐洲有DOCSIS 3.0的換機潮帶動,而且中國「三網合一」確定由廣電總局主導IPTV頻道,且讓中國當地的有線電視業者投入寬頻服務、語音服務等,讓中國市場在Cable 2.0需求會被激發上來,加上仲琦的SI系統部門接單穩定,較去年成長10%以上,因此法人也預估,仲琦今年整體營收將挑戰58~60億元,較去年成長逾55~58%,每股稅後盈餘將突破2元,較去年的1.08元成長一倍。

ISP deployment scenarios








Comparison of different internet access equipments in the different network system
Server-side-router (BRAS) - IP network, packet switched network - Cable modem termination system (CMTS)(head end) - Cable network (coaxial cable/RF, TDM, circuit switched network, Last Mile) - Cablem Modem (CPE) - SOHO Router

Server-side-router (BRAS) - IP network, packet switched network - IP DSLAM (head end, act like a network switch, Layer2 Equipment) - DSL network (Twisted Pair, circuit switched network, PPPoEoA or PPPoA protocol, Last Mile) - xDSL Modem (CPE) - IP network SOHO Router

目前全球四大數據機供應商為摩托羅拉(Motorola)、思科(Cisco)、Arris、Thomson等,分別有鴻海集團的國碁、華碩集團的亞旭等EMS廠商作代工。而凱碩與仲琦(2419)則以ODM代工為主。


DSLAM - Digital Subscriber Line Access Multiplixer

BRAS - Broadband Remote Access Server
A broadband remote access server (BRAS, B-RAS or BBRAS) routes traffic to and from the digital subscriber line access multiplexers (DSLAM) on an Internet service provider's (ISP) network.
Traditionally the BRAS will receive ATM cells/packets from ATM-DSLAM and then extract IP packets to the IP-network. In the decades, the ATM-DSLAM was changed to IP-DSLAM in a growing trend. So the BRAS will receive IP packets from IP-DSLAM nowadays. The result is from IP-DSLAM, it's a pure IP network anymore.
In the BRAS, ISP can do the policy management (Firewall), quality of service (QoS), AAA (accounting, authentication, authorization).

2010年8月10日 星期二

Telnet 輸入中文的好幫手 PieTTY

在一些BBS (如台大PP)或是其他telnet需要輸入中文時,putty都會出現亂碼,這時就要利用PieTTY這支精巧又好用的程式啦!


PieTTY 的特色

PieTTY 0.3 系列是修改自 PuTTY 0.57/0.58 的版本,以穩定與修正為主。 主要的特色有: screenshot

* 簡單易用的界面(中英文合一)。 主要的功能都可從選單存取
* 完全相容於傳統 PuTTY,之前的設定全部可直接使用
* 更強的連線整合管理(session management), 自動儲存設定
* 高度可自訂化(customizable)的視窗顯示效果
* 完整而方便切換的多國語言支援
* 半透明顯示(多種顯示引擎以配合各種硬體配備與視窗立體陰影,配合無框顯示模式效果奇佳 (0.3.27)
* 支援 ssh:// 式的呼叫,可整合系統設定為 ssh:// 與 telnet:// 處理程式(0.3.27)
* href screenshot對於各種網址 URL 可直接點選開啟,還有各種可選用的視覺效果
* 支援拖曳檔案 (Drag-n-drop) 即可 SCP 上傳

對於非英語系字元, PieTTY 特別加強的部份有:

* 可使用英文等其它字型,而且不用設定字元集(CHARSET) (傳統 PuTTY 則一定要設定正確才行)
* 在非 UTF8 模式下 PieTTY 的游標也能正確顯示 (傳統 PuTTY 會破壞游標上的多位元字元組如Big5中文)
* 重繪螢幕完全不閃動 (PuTTY 在非 UTF8 會閃)

對台灣 Big5 及 BBS 環境有更多的加強功能:

* 內建 Big5-2003 + 中國海字集、 相容Unicode補完計畫2.40版字碼表,免裝 Unicode 補完即可正常剪貼或輸入日文等(0.3.27) screenshot
* 內建簡單的漢字(簡繁)轉換,方便閱讀(0.3.27)
* 支援一字雙色的ANSI碼 (台灣 BBS 特有文化)
* 複製文字時可自動將屬性顏色以 ANSI 碼或 IRC 形式加入(0.3.27), BBS 與 IRC 互貼彩色不是夢!

2010年7月26日 星期一

Mobile Device, XDSL, Cable Equipment acronyms

MID不是一台電腦的廠牌或型號,它算是一種通稱,MID是「Mobile Internet Device」的縮寫,也就是行動上網裝置,意思就是讓大家拿在手上、到處走來走去、上網用的。 雖然是個小電腦,不過他的運算能力可不輸一般電腦,一般影片、3D動畫甚至是畫面稍複雜一點點的遊戲,都可以在MID上玩得不亦樂乎。

Integrated Access Device - IAD, may access to ADSL, Cable modem...
IAD is a customer premises device that provides access to wide area networks and the Internet.

IP DSLAM
A Digital Subscriber Line Access Multiplexer (DSLAM, often pronounced dee-slam)
連接多個DSL,位置是在頭端的地方



DOCSIS
Data Over Cable Service Interface Specification (DOCSIS) (often pronounced /ˈdɒksɪs/) is an international telecommunications standard that permits the addition of high-speed data transfer to an existing Cable TV (CATV) system.



MSO
A multiple system operator or multi system operator (MSO) is an operator of multiple cable television systems. A cable system in the United States, by Federal Communications Commission (FCC) definition, is a facility serving a single community or a distinct governmental entity, each with its own franchise agreement with the cable company. Though in the strictest sense any cable company that serves multiple communities is thus an MSO
MSO 是Cable system 經營者的通稱...

EMTA
embedded multimedia terminal adapter (E-MTA)

HFC
Hybrid Fiber Coaxial

2010年7月23日 星期五

The guidelines of interview

interview之前
1. 為他人設想
儘可能在interview之前將準備好的相關文件資料,事先給主官看過,盡量是紙本,不要只是E-Mail而已

2. 化被動為主動
事先詢問對方人事、用人單位是否有應徵職務的相關資料訊息,事先準備好企劃書將可能的問題與建議,包括過去有的經歷力與表現,準備在企劃書或投影片當中,可以在interview當天從容回答,化被動為主動。

interview的過程
1. 將事先準備好的投影片在interview的當天給主考官看過,因為面試時,會議室一般都沒有電腦,所以最好是自備NoteBook,然後利用投影片講解或是回答主考官的問題,當然最好先把所有主考官會問的問題先準備好成為題庫,然後放到投影片當中。

2. 準備空白紙和筆把主考官的問題與講解詳細記錄下來,特別需要記錄的部分尤其是目前應徵公司要發展開發的產品或是功能,要去思考如果自己將來要join到這家公司,可以如何發揮過去自己的專長,來幫助應徵公司目前遇到的困難,如果還有第二次interview的機會(和更上層的主管),則可以就上次所了解公司所遇到的困難,提供一份企畫書(proposal),一方面表達自己的主動積極意願,二來可以更確切了解日後如果有機會合作,會是如何進行。

2010年7月19日 星期一

How to get to 天籟會館 from 國道三號

走國道三號
下"基金交流道" (里程數0), 往萬里金山方向
台二線 (基金一路, 基金二路, 基金三路)
萬里隧道 (經過野柳)
台電展示館 (基金公路 (北部濱海公路))
金山鄉市區 (進中山路會到金包里街, 要走外環道比較快)
左轉陽金公路 (台2甲)
天籟會館



1.

朝西南,往北興路一段前進

往前 46 公尺
總共 46 公尺
顯示: 僅限文字 | 地圖 | 街景服務

2.

在第一個路口向右轉入北興路二段
大約 2 分鐘

往前 700 公尺
總共 750 公尺
顯示: 僅限文字 | 地圖 | 街景服務

3.

微靠右行後,繼續在北興路二段上前進
大約 1 分鐘

往前 200 公尺
總共 1.0 公里
顯示: 僅限文字 | 地圖 | 街景服務

4.

在第一個路口向右轉入竹林大橋/123縣道
繼續沿著123縣道前進
大約 2 分鐘

往前 1.1 公里
總共 2.1 公里
顯示: 僅限文字 | 地圖 | 街景服務

5.

於第一個路口轉左,走富林路二段/123縣道
大約 4 分鐘

往前 1.6 公里
總共 3.6 公里
顯示: 僅限文字 | 地圖 | 街景服務

6.

在富林路二段/120縣道處微靠左行
大約 1 分鐘

往前 750 公尺
總共 4.3 公里
顯示: 僅限文字 | 地圖 | 街景服務

7.

上匝道後走國道3號
大約 1 小時 19 分鐘

往前 89.9 公里
總共 94.2 公里
顯示: 僅限文字 | 地圖 | 街景服務

8.

在基金交流道出口下交流道,朝萬里/基隆前進
大約 1 分鐘

往前 600 公尺
總共 94.9 公里
顯示: 僅限文字 | 地圖 | 街景服務

9.

在基金一路/台2線口向左急轉
繼續沿著台 2線前進
大約 8 分鐘

往前 3.0 公里
總共 97.8 公里
顯示: 僅限文字 | 地圖 | 街景服務

10.

在北部濱海公路/台2線處微靠右走
繼續沿著台2線前進
大約 22 分鐘

往前 13.2 公里
總共 111 公里
顯示: 僅限文字 | 地圖 | 街景服務

11.

於陽金公路/台2甲線口向左轉
大約 11 分鐘

往前 5.6 公里
總共 117 公里
顯示: 僅限文字 | 地圖 | 街景服務

12.

於北 27鄉道口向左轉
大約 2 分鐘

往前 700 公尺
總共 117 公里
顯示: 僅限文字 | 地圖 | 街景服務

13.

於山城路/北27鄉道口向右轉

往前 160 公尺
總共 117 公里
顯示: 僅限文字 | 地圖 | 街景服務

14.

向左轉後,繼續走山城路/北27鄉道

往前 270 公尺
總共 118 公里
顯示: 僅限文字 | 地圖 | 街景服務

15.

於第二個路口轉左,走山城路

往前 100 公尺
總共 118 公里
顯示: 僅限文字 | 地圖 | 街景服務

16.

第二個路口轉左
大約 1 分鐘

往前 170 公尺
總共 118 公里

2010年7月11日 星期日

劉彤牧師 - 2010.02.28 - 經歷神偉大奇妙的作為

劉彤牧師 - 2010.02.28 - 經歷神偉大奇妙的作為

詩篇
126:1 當耶和華將那些被擄的帶回錫安的時候,我們好像做夢的人。
126:2 我們滿口喜笑、滿舌歡呼的時候,外邦中就有人說:耶和華為他們行了大事!
126:3 耶和華果然為我們行了大事,我們就歡喜。
126:4 耶和華啊,求你使我們被擄的人歸回,好像南地的河水復流。
126:5 流淚撒種的,必歡呼收割!
126:6 那帶種流淚出去的,必要歡歡樂樂地帶禾捆回來!

在16個國家殖了78間分堂

多哥的新堂教會, How to 持續的經歷神奇妙的作為?
1. 必須持續流淚灑種
那流淚灑種的,必要歡呼收割,擺上事工服事,擺上禱告,禁食禱告有功效,擺上金錢奉獻,憑信心擺上,我們要在期待神工作的地方,灑種是需要信心的,當灑種出去的時候,是沒有看見結果的,憑著對神應許的信心

2. 我們要渴望更多
當我們只有享受一點點的時候,我們常常停止不向前,我們沒有持續為神下一波的豐盛,其實神還有下一波的工作/祝福,Don't be only one little here, one little there.

被擄歸回整體上有三次,整體性有不同的領袖有三次帶領以色列人歸回,我們要持續灑種,神在我們的身上的工作是又廣又深,他的心向神是敞開的,要向神大大的張口,我們的心不願停留在這,我們渴望更多,我們渴望主作復興,奇妙可畏的事

3. 我們要繼續灑種
我們要繼續禱告 ~ How True..
我們要繼續禱告,讓神的能力繼續彰顯,我們有許許多多的人被魔鬼攻擊,求神來做恢復的工作,將魔鬼奪去的搶奪回來,站勝巨人的恩膏要降臨在我們當中,大衛戰勝歌利亞,神說不要害怕,那戰勝巨人的恩膏已經賞賜在我們中間,經濟,人際關係,身體疾病都要戰勝,在屬靈的事上要經經計較

以賽亞書
49:24 勇士搶去的豈能奪回?該擄掠的豈能解救嗎?
49:25 但耶和華如此說:就是勇士所擄掠的,也可以奪回;強暴人所搶的,也可以解救。與你相爭的,我必與他相爭;我要拯救你的兒女。

神必親自為我們作戰,奉主的名戰勝我們生命中一切的巨人

4. 我們必須繼續做工
不要因為仇敵的攻擊,而停止服事,禱告,事工
人生像戰場,神向我們的心意沒有改變,不要隨便離開你的崗位,不要離開神所託付的
You win something, you lose something

尼西米修築城牆時,提醒他們一邊做工,一邊禱告

What is our next step in church? Continually pray......
當神為我們關了一扇門時,事實上祂已經位我們預備了另外一扇更敞開的門了

劉彤牧師 - 2010. 07.04 - 你的命定能改變世界

生命河靈糧堂劉彤牧師 - 2010. 07.04 - 你的命定能改變世界

1. 你的命定能改變世界 (Your designated can change the world), 站在神要你站在的位子上
2. 命定不等於命運
3. 回頭多看看你的教練, 教練指引得勝的道路(得勝的策略)
常常看看教練,常常求問神
a. 環境永遠是神的推手
如果不是如此,我們就無法去發掘生命的潛能,永遠活在安逸的環境當中,如果如此,我們就不會渴慕神
b. 存著順服的心來接受神的帶領
存心順服來跟從神,不要落入苦澀和埋怨當中,否則眼睛就會看不見,心就無法感受到
c. 勇敢的進入敞開的門
大風要吹來,不是opposition,是oppoturnity,不是逆風,是機會的風

從九月之後的連續18個月開始(從特會之後90天),機會的風要開始吹起,你將會看見屬天的機會擺在你的面前,You will see the defined opportunity,你要領受,憑信心領受

你向神做大夢,神就做大事,你向神做小夢,神就做小事,你向神不做夢,就Nothing Happen,你要向上帝有偉大的期待,你要相信機會的門會為你打開,你要去留意,當機會的門擺在你面前的時候,抓住機會,勇敢向前,神要在你一生的當中帶來意想不到的突破,甚至你今天坐在這裡你都沒有想到,我們可以改變周圍的人群,每當神把機會擺在我們的面前,這是我們的命定來改變其他人的生命,我們也可以站在服侍者的角色上,當環境興起時,正是神要工作

2010年7月7日 星期三

Course Learning List

* 財經
資產負債表
股東權益變動表
損益表
現金流量表
證卷/基金課程

2010年7月5日 星期一

Linux Command - watch

Periodically run a command

# each 1 second run the program
while [ 1 ]; do echo "top"; /usr/local/bin/program; sleep 1; done

# each 100 microsecond run the program
while [ 1 ]; do echo "top"; /usr/local/bin/program; usleep 100; done

watch -d -n 1 'program1;program2'

2010年6月10日 星期四

Clound Computing - Hadoop

Hadoop - http://hadoop.apache.org/

Unified Modeling Language (UML)

The de factor standard of Software Enginering - Unified Modeling Language (UML)

http://www.sparxsystems.com.au/resources/uml2_tutorial/



http://www.cnblogs.com/oomusou/archive/2007/02/20/652899.html

(原 創) association,aggregation,composition有什麼差別? (OO) (UML) (C/C++)

class之間有三種關係,inheritance,implementation和association。inheritance和 implementation在C++、C#、Java都有直接支援,所以不難懂,但association,aggregation和 composition在語言並沒有知接支援,到底三者有什麼差別呢?

首先看association,下圖是個典型的 assoication class diagram。



association的表示法是實線加上箭 頭,有兩個重點,navigability和multiplicity,navigability就是箭頭指的方向,指別的class的,表示負責維護 association關係,在此class中有data member存著被指class的reference(pointer),multiplicity則是上面的數字,離自己class比較遠的,表示對方 class和自己class之間的關係,如上圖,1個School可以有多個Student,而1個Student只能有一個School,而一個 Student可以選1到6個Course,1個Course可被1到多個Student選。

association常見的問題是,到底 箭頭該怎麼指才對?一般來說,若是一對多的關係,是由一指向多,因為通堂一個class會有個array或vector儲存多個物件,但這並非絕對,只能 說通常如此,如上圖的Student對Course是一對多,且Course對Student也是一對多,但他選擇了由Course負責 association關係,所以完全看設計需要,實務上,建議如UML for Java Programmer中文版p.3-15那樣,加上stereotype,詳細的敘述是屬於哪一種association,將來我會再專文介紹。

若 以C++表示,association的程式碼如下
1class A {
2 private:
3 B* itsB;
4}
;

再 來看aggregation

aggregation的表示法由空diamond和箭頭 表示(選的這張圖是比較舊的UML格式,所以沒有箭頭),空diamond表示whole,箭頭表示part。若以英文表示,就是has a的關係,上圖是典型一對多的表示法。

若以C++表示,aggregation的程式碼如下
1class Node {
2 private:
3 vector<Node*> itsNodes;
4}
;

最 後是composition,表示法與aggregation的差異在於變成實diamond,其他完全一樣,跟aggregation在意義的差異在於 composition強調『同生共死』,當System物件死亡時,Component物件也要跟著死亡,但aggregation是『生死有命』,當 System物件死亡時,Component物件並不特別去處理。

若以C++表示,composition的程式碼如下
1class Car {
2 public:
3 virtual ~Car() {delete itsCarb;}
4 private:
5 Carburetor* itsCarb
6}
;

由 以上程式可知,composition須由destructor去處理,而aggregation則不必。

在C#、Java這類有 garbage collection的語言,composition幾乎不會用到,但在C++,只要用到pointer,就得自己去delete,所以在 composition對於C++就很重要。


UML keywords
alt ==> if else
opt ==> switch case
loop ==> for/while loop

2010年6月6日 星期日

Linux Service - Firewall, NAT - iptables

Enable the FTP Passive mode to login ftp server which installed iptables firewall rules

[root@localhost net]# /sbin/modprobe nf_conntrack_ftp
[root@localhost net]# /sbin/modprobe nf_nat_ftp

[root@localhost net]# /sbin/lsmod | grep ftp
nf_nat_ftp 6721 0
nf_conntrack_ftp 10725 1 nf_nat_ftp
nf_nat 18393 3 nf_nat_ftp,ipt_MASQUERADE,iptable_nat
nf_conntrack 50453 7 nf_nat_ftp,nf_conntrack_ftp,xt_state,ipt_MASQUERADE,iptable_nat,nf_nat,nf_conntrack_ipv4


# cat /etc/sysconfig/iptables
*nat
:PREROUTING ACCEPT [2071492:180971620]
:POSTROUTING ACCEPT [2118:149186]
:OUTPUT ACCEPT [1956:140466]
-A POSTROUTING -s 172.16.0.0/255.255.0.0 -o eth8 -j MASQUERADE
-A POSTROUTING -s 17.17.0.0/255.255.0.0 -o eth8 -j MASQUERADE
COMMIT

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 8080 -j ACCEPT
-A RH-Firewall-1-INPUT -m multiport -p tcp --destination-ports 111,635,52845 -j ACCEPT
-A RH-Firewall-1-INPUT -m multiport -p udp --destination-ports 111,635,52845 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -m tcp -p tcp --sport 20 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW,ESTABLISHED -m tcp -p tcp --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -m tcp -p tcp --sport 1024: --dport 1024: -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 904 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
#-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT



# /sbin/iptables -L -v -n
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
1936 141K RH-Firewall-1-INPUT all -- * * 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 1473 packets, 143K bytes)
pkts bytes target prot opt in out source destination

Chain RH-Firewall-1-INPUT (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 255
0 0 ACCEPT esp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT ah -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT udp -- * * 0.0.0.0/0 224.0.0.251 udp dpt:5353
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:631
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:631
12 830 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 111,635,52845
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 111,635,52845
1328 98880 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED tcp spt:20 ==> The rule seems not the root rule of the FTP passive mode problem
4 206 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW,ESTABLISHED tcp dpt:21
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED tcp spts:1024:65535 dpts:1024:65535 ==> The rule seems not the root rule of the FTP passive mode problem
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:904
592 40943 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

The difference between FTP active and passive mode

Active FTP vs. Passive FTP, a Definitive Explanation

http://slacksite.com/other/ftp.html

Contents:

* Introduction
* The Basics
* Active FTP
* Active FTP Example
* Passive FTP
* Passive FTP Example
* Other Notes
* Summary
* References
* Appendix 1: Configuration of Common FTP Servers


Introduction

One of the most commonly seen questions when dealing with firewalls and other Internet connectivity issues is the difference between active and passive FTP and how best to support either or both of them. Hopefully the following text will help to clear up some of the confusion over how to support FTP in a firewalled environment.

This may not be the definitive explanation, as the title claims, however, I've heard enough good feedback and seen this document linked in enough places to know that quite a few people have found it to be useful. I am always looking for ways to improve things though, and if you find something that is not quite clear or needs more explanation, please let me know! Recent additions to this document include the examples of both active and passive command line FTP sessions. These session examples should help make things a bit clearer. They also provide a nice picture into what goes on behind the scenes during an FTP session. Now, on to the information...

The Basics

FTP is a TCP based service exclusively. There is no UDP component to FTP. FTP is an unusual service in that it utilizes two ports, a 'data' port and a 'command' port (also known as the control port). Traditionally these are port 21 for the command port and port 20 for the data port. The confusion begins however, when we find that depending on the mode, the data port is not always on port 20.

Active FTP

In active mode FTP the client connects from a random unprivileged port (N > 1023) to the FTP server's command port, port 21. Then, the client starts listening to port N+1 and sends the FTP command PORT N+1 to the FTP server. The server will then connect back to the client's specified data port from its local data port, which is port 20.

From the server-side firewall's standpoint, to support active mode FTP the following communication channels need to be opened:

* FTP server's port 21 from anywhere (Client initiates connection)
* FTP server's port 21 to ports > 1023 (Server responds to client's control port)
* FTP server's port 20 to ports > 1023 (Server initiates data connection to client's data port)
* FTP server's port 20 from ports > 1023 (Client sends ACKs to server's data port)

When drawn out, the connection appears as follows:
In step 1, the client's command port contacts the server's command port and sends the command PORT 1027. The server then sends an ACK back to the client's command port in step 2. In step 3 the server initiates a connection on its local data port to the data port the client specified earlier. Finally, the client sends an ACK back as shown in step 4.

The main problem with active mode FTP actually falls on the client side. The FTP client doesn't make the actual connection to the data port of the server--it simply tells the server what port it is listening on and the server connects back to the specified port on the client. From the client side firewall this appears to be an outside system initiating a connection to an internal client--something that is usually blocked.

Active FTP Example

Below is an actual example of an active FTP session. The only things that have been changed are the server names, IP addresses, and user names. In this example an FTP session is initiated from testbox1.slacksite.com (192.168.150.80), a linux box running the standard FTP command line client, to testbox2.slacksite.com (192.168.150.90), a linux box running ProFTPd 1.2.2RC2. The debugging (-d) flag is used with the FTP client to show what is going on behind the scenes. Everything in red is the debugging output which shows the actual FTP commands being sent to the server and the responses generated from those commands. Normal server output is shown in black, and user input is in bold.

There are a few interesting things to consider about this dialog. Notice that when the PORT command is issued, it specifies a port on the client (192.168.150.80) system, rather than the server. We will see the opposite behavior when we use passive FTP. While we are on the subject, a quick note about the format of the PORT command. As you can see in the example below it is formatted as a series of six numbers separated by commas. The first four octets are the IP address while the last two octets comprise the port that will be used for the data connection. To find the actual port multiply the fifth octet by 256 and then add the sixth octet to the total. Thus in the example below the port number is ( (14*256) + 178), or 3762. A quick check with netstat should confirm this information.

testbox1: {/home/p-t/slacker/public_html} % ftp -d testbox2
Connected to testbox2.slacksite.com.
220 testbox2.slacksite.com FTP server ready.
Name (testbox2:slacker): slacker
---> USER slacker
331 Password required for slacker.
Password: TmpPass
---> PASS XXXX
230 User slacker logged in.
---> SYST
215 UNIX Type: L8
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
ftp: setsockopt (ignored): Permission denied
---> PORT 192,168,150,80,14,178
200 PORT command successful.
---> LIST
150 Opening ASCII mode data connection for file list.
drwx------ 3 slacker users 104 Jul 27 01:45 public_html
226 Transfer complete.
ftp> quit
---> QUIT
221 Goodbye.


Passive FTP

In order to resolve the issue of the server initiating the connection to the client a different method for FTP connections was developed. This was known as passive mode, or PASV, after the command used by the client to tell the server it is in passive mode.

In passive mode FTP the client initiates both connections to the server, solving the problem of firewalls filtering the incoming data port connection to the client from the server. When opening an FTP connection, the client opens two random unprivileged ports locally (N > 1023 and N+1). The first port contacts the server on port 21, but instead of then issuing a PORT command and allowing the server to connect back to its data port, the client will issue the PASV command. The result of this is that the server then opens a random unprivileged port (P > 1023) and sends the PORT P command back to the client. The client then initiates the connection from port N+1 to port P on the server to transfer data.

From the server-side firewall's standpoint, to support passive mode FTP the following communication channels need to be opened:

* FTP server's port 21 from anywhere (Client initiates connection)
* FTP server's port 21 to ports > 1023 (Server responds to client's control port)
* FTP server's ports > 1023 from anywhere (Client initiates data connection to random port specified by server)
* FTP server's ports > 1023 to remote ports > 1023 (Server sends ACKs (and data) to client's data port)

When drawn, a passive mode FTP connection looks like this:
In step 1, the client contacts the server on the command port and issues the PASV command. The server then replies in step 2 with PORT 2024, telling the client which port it is listening to for the data connection. In step 3 the client then initiates the data connection from its data port to the specified server data port. Finally, the server sends back an ACK in step 4 to the client's data port.

While passive mode FTP solves many of the problems from the client side, it opens up a whole range of problems on the server side. The biggest issue is the need to allow any remote connection to high numbered ports on the server. Fortunately, many FTP daemons, including the popular WU-FTPD allow the administrator to specify a range of ports which the FTP server will use. See Appendix 1 for more information.

The second issue involves supporting and troubleshooting clients which do (or do not) support passive mode. As an example, the command line FTP utility provided with Solaris does not support passive mode, necessitating a third-party FTP client, such as ncftp.

With the massive popularity of the World Wide Web, many people prefer to use their web browser as an FTP client. Most browsers only support passive mode when accessing ftp:// URLs. This can either be good or bad depending on what the servers and firewalls are configured to support.

Passive FTP Example

Below is an actual example of a passive FTP session. The only things that have been changed are the server names, IP addresses, and user names. In this example an FTP session is initiated from testbox1.slacksite.com (192.168.150.80), a linux box running the standard FTP command line client, to testbox2.slacksite.com (192.168.150.90), a linux box running ProFTPd 1.2.2RC2. The debugging (-d) flag is used with the FTP client to show what is going on behind the scenes. Everything in red is the debugging output which shows the actual FTP commands being sent to the server and the responses generated from those commands. Normal server output is shown in black, and user input is in bold.

Notice the difference in the PORT command in this example as opposed to the active FTP example. Here, we see a port being opened on the server (192.168.150.90) system, rather than the client. See the discussion about the format of the PORT command above, in the Active FTP Example section.

testbox1: {/home/p-t/slacker/public_html} % ftp -d testbox2
Connected to testbox2.slacksite.com.
220 testbox2.slacksite.com FTP server ready.
Name (testbox2:slacker): slacker
---> USER slacker
331 Password required for slacker.
Password: TmpPass
---> PASS XXXX
230 User slacker logged in.
---> SYST
215 UNIX Type: L8
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> passive
Passive mode on.
ftp> ls
ftp: setsockopt (ignored): Permission denied
---> PASV
227 Entering Passive Mode (192,168,150,90,195,149).
---> LIST
150 Opening ASCII mode data connection for file list
drwx------ 3 slacker users 104 Jul 27 01:45 public_html
226 Transfer complete.
ftp> quit
---> QUIT
221 Goodbye.


Other Notes

A reader, Maarten Sjouw, pointed out that active FTP will not function when used in conjunction with a client-side NAT (Network Address Translation) device which is not smart enough to alter the IP address info in FTP packets.

Summary

The following chart should help admins remember how each FTP mode works:

Active FTP :
command : client >1023 -> server 21
data : client >1023 <- server 20

Passive FTP :
command : client >1023 -> server 21
data : client >1023 -> server >1023

A quick summary of the pros and cons of active vs. passive FTP is also in order:

Active FTP is beneficial to the FTP server admin, but detrimental to the client side admin. The FTP server attempts to make connections to random high ports on the client, which would almost certainly be blocked by a firewall on the client side. Passive FTP is beneficial to the client, but detrimental to the FTP server admin. The client will make both connections to the server, but one of them will be to a random high port, which would almost certainly be blocked by a firewall on the server side.

Luckily, there is somewhat of a compromise. Since admins running FTP servers will need to make their servers accessible to the greatest number of clients, they will almost certainly need to support passive FTP. The exposure of high level ports on the server can be minimized by specifying a limited port range for the FTP server to use. Thus, everything except for this range of ports can be firewalled on the server side. While this doesn't eliminate all risk to the server, it decreases it tremendously. See Appendix 1 for more information.

2010年5月26日 星期三

Linux Development - svn

Windows SVN software
TortoiseSVN
http://tortoisesvn.tigris.org/


svn command option -r can set the following values. I will diagnose these values when I am free.
-r [--revision] ARG : ARG (some commands also take ARG1:ARG2 range)
A revision argument can be one of:
NUMBER revision number
'{' DATE '}' revision at start of the date
'HEAD' latest in repository
'BASE' base rev of item's working copy
'COMMITTED' last commit at or before BASE
'PREV' revision just before COMMITTED

Q. HEAD, BASE, COMMITTED, PREV means what in svn?


Commit code to svn
# svn commit -m "message" commited-file

Update codes commited by other one
# svn update

Get the current working directory file status
# svn status

See the file difference
# svn log filename
# svn diff -r r669:676 filename

See the diff summary in a revision comparison
$ svn diff -r1302:1303 --summarize
M XXXX/abcd.h
M YYYY/zxcv.c


check out the specified revision from the svn source trunk
# svn co svn://ipaddress/pathTotheTrunk/trunk -r1232
# svn co svn://ipaddress/pathTotheTrunk/trunk@1232 PATH
PATH is the local-folder name which will store the check-out files

update the file to the latest version of the source trunk
# svn up -rHEAD path-to-the-source-file

update the file to the revision 1232 of the source trunk
# svn up -r1234 path-to-the-source-file


update the code in a specified date
# find . -name .svn -execdir svn update -r {2011-04-04} \;

import project to the svn repository, the below "myproject" is the imported folder
# svn import --no-ignore myproject svn://repository-address/path/to/newproject

After this command, all the files contained in the myproject will upload to the newproject folder of svn repository.
And we can use the following svn-address to check out this new project, like following command
# svn co svn://repository-address/path/to/newproject

we can use the option --no-ignore to avoid svn ignore the default ignored files (include .so ...)
Under version-controlled status
# svn st --no-ignore
# svn add --no-ignore local-folder
Import a directory of non-version-controlled
# svn import --no-ignore localFolder URL

Export the SVN repository files without the version-control tags (clean directory tree) to the local-folder
# svn export URL local-folder

change to the working directory
svn merge source-branch-URL -cSource-Revision
or
svn merge -r9189:HEAD source-branch-URL target-branch-WC


This will be useful when you create a branch for new feature implement,
and you want to reintegrate the implemented new feature back to trunk. The merging process will include 2 phases.


1st,
Keeping a Branch in Sync with trunk
$ pwd
.../your-branch
$ svn merge [--dry-run] ^/trunk
After Sync,
$ # build, test, verify, ...
$ svn commit -m "......"


second,
Reintegrating a Branch back to trunk
you need a clean working copy of the trunk first,
$ pwd
.../your-trunk
$ svn update # (make sure the working copy is up to date)
$ svn merge [--dry-run] --reintegrate ^/branches/your-branch
$ # build, test, verify, ...
$ svn commit -m "......"


How to use the TortoiseSVN to create the new branch or tag?
1. Use the "Log Message" to browase the specified source trunk
Note: remember to enable the "Show All" button in the most bottom screen.
2. type the search string in the "searching-field"
3. The "Log Message" will list all the comformed revision in the screen.
4. Click right button on the spevified revision. Select the "Create branch/tag from revision" from the pop-up menu. Then there will appear a sub window with title "COPY (Branch /Tag)". See the following figure for example.




















5. Select the right path in the "To URL" field. Note that svn-branch will under "branch" folder and svn-tag will under "release" folder.
6. Finally click "OK" will finish the processing.

Linux Command - alias

# alias ==> show all the alias settings
alias l.='ls -d .* --color=auto'
alias ll='ls -l --color=auto'
alias ls='ls --color=auto'
alias mv='mv -i'
alias rm='rm -i'
alias cp='cp -i'
alias vi='vim'
alias which='alias | /usr/bin/which --tty-only --read-alias --show-dot --show-tilde'

# unalias cp ==> release the "cp" alias setting

2010年5月24日 星期一

Linux Server - Delta UPS power manager software

Ever use the Delta UPS, the type is 水瓶座Plus系列

http://www.delta.com.tw/ch/product/ps/ups/index.asp

Download software
http://59.125.232.140/tc/index.aspx

電力管理大師2000 v3.01.26
The software package mainly contains 2 daemons, upsd and monitor

start upsd
# /usr/local/smart/upsd
or
# /usr/local/smart/upsd start

stop upsd
# /usr/local/smart/upsd stop

Another daemon "monitor" was a GUI X program that can configure/monitor the UPS status.

But it seems not stable in the Fedora/CentOS 64bits platform.

2010年5月18日 星期二

Linux Command - rpm

rpm download site
http://pkgs.org/search/?keyword=
http://rpm.pbone.net/

安裝
rpm -ivh MySQL-3.23.41-1.i386.rpm

升級
rpm -Uvh MySQL-3.23.41-1.i386.rpm

移除
rpm -e MySQL

rpm-qa //查詢所有安裝過的套件

rpm -qpl MySQL-3.23.41-1.i386.rpm //查某個RPM檔的內容

驗證
不小心誤刪檔案,對整個系統做確認動作,以了解哪些部分檔案遺失。
rpm -Va


查詢某一個檔案是屬於哪一個套件
#rpm -qf /usr/bin/ftp
查詢某一個rpm檔的相關資訊
#rpm –qpi MySQL-3.23.41-1.i386.rpm
查詢某一個rpm檔的內容
#rpm –qpl MySQL-3.23.41-1.i386.rpm
查詢系統已安裝的套件資訊
#rpm –qai
更新許多已安裝套件的新版本
#rpm –Fvh *.rpm

Setup a specified RPM file (remeber to use root privilege)
# rpm –Fvh XXX.rpm
# sudo rpm –Uvh python-lxml-2.2.3-1.1.el6.i686.rpm

>> Guides to list/extract the rpm files to the system specified directory
1.Use rpm2cpio or rpm -qpl to list files and full paths in the package:
$ rpm2cpio | cpio -t

2.To extract everything to the current directory:
$ rpm2cpio | cpio -ivd

2010年5月10日 星期一

Linux Command - unrar

How to use unrar

unrar command supports various options below are common options that you need to use everyday.
Task: To open rar (unpack) file in current directory type command:

$ unrar e file.rar

Please note that replace file.rar filename with your actual filename.
Task: List (l) file inside rar archive:

$ unrar l file.rar
Task: To extract (x) files with full path type command:

$ unrar x file.rar

(D) To test (t) integrity of archive, file type command:
$ unrar t file.rar

2010年4月11日 星期日

PPTP (VPN) connect using pptp client

While I first time try to use pptp client to build the VPN connection. There were various problems occuring in the setup procedures. The most one is that I am not clear understand there are many firewall/NAT routers that set up with pptp blocking rules (don't allow pptp traffics passing through), so we must use private NAT router to allow pptp connections passing through.

We can use Linux pptp client to build the pptp connection under linux system.
http://pptpclient.sourceforge.net/howto-fedora-core-6.phtml

Install PPTP and the pptpconfig GUI using the following commands:

Step1.
# rpm -Uvh http://pptpclient.sourceforge.net/yum/stable/fc6/pptp-release-current.noarch.rpm
# yum --enablerepo=pptp-stable install pptpconfig

Step2.
enter the server, domain, username and password into the Server tab.

Step3.
In my case, I don't need the following setting.
if your PPTP connection need encryption like MPPE, (your administrator says encryption is required), then on the Encryption tab, click on Require Microsoft Point-to-Point Encryption (MPPE).

Step4.
click on Add, and the tunnel will appear in the list.

Step5.
Click on the tunnel to select it, click on Start, and a window will appear with the tunnel connection log and status.

Step6.
if the connection succeeded, you can try the Ping test button. If the ping fails, you should try to find out why before proceeding. If the ping works, then the tunnel is active and you may now work on routing.

Step7.
In most case, the system will produce a new "ppp0" network interface. This is the point to point network interface that the local LAN traffic will communicate with remote pptp server.

We can add the routing entries like following example to specify dedicated routing domains via the ppp interface (If we clear know which destination routing domains)
# route add -net ${NET} dev ${IFACE}
e.g.
# route add -net 192.168.18.0/24 dev ppp0

or simply change the default route to the ppp0 ip address
# route del default
# route add default gw ${PPP0-IFACE-IP-Address}

我要我的孩子知道的20 件事

我要我的孩子知道的20 件事

1. 成功在於做,不在於得
成功就是將我所有的做最好的運用。成功是在於做,而不在於得;是在於嘗試,而不在於勝利。 / 戴韋恩(Wynn Davis)

2. 人生是艱苦的
人生是一連串的問題。我們要去埋怨?還是去解決這些問題? / 派史考特(M. Scott Peck)

3. 人生充滿樂趣
開懷大笑應該是人與生俱來最高層次的天賦本能。 / 克曾茲(Norman Cousins)

4. 我們依靠選擇而活
上帝並沒有問我們要不要來到人世間,我們只能接受而無從選擇。我們唯一可以做的選擇是:決定如何活著。 / 畢亨利 (Henry Ward Beecner)

5. 態度是一種選擇
人所有的一切都可以被奪走,除了一件東西,就是人在任何情況下,選擇自己的態度與道路的自由。 / 法蘭科爾 (Viktor Frankl)

6. 習慣是成功的關鍵
事實上,成功者與失敗者之間唯一的差別在於,他們擁有不一樣的習慣。 / 曼迪諾(Og Madino)

7. 感恩是一種最好的習慣
不要為你所沒有的抱怨 ……要珍惜你所擁有的。 / 朱德(H. Stanley Judd)

8. 把人生建立在尊敬的基礎上
「所以無論何事,你們願意人怎樣待你們,你們也要怎樣待人。」 / 馬太福音七章12 節

9. 誠實依然是最好的策略
「在國際外交事務、人際關係、勞工、商業、教育、家庭與控制犯罪上,誠實是最好的策略。因為,真理是唯一有效的東西,也是建立持久關係的唯一基礎。」 / 克拉克 (Ramsey Clark)

10. 和善的言語成就大事
「世界上沒有幾件事比積極的鼓勵更有力量,一個微笑、一句樂觀、充滿希望的話。當事情遇到困難時,說一句:『你能辦得到。』」 / 德伏斯 (Richard M. Devos)

11. 真正的動機發自內心
「不論你是誰、你年紀多大,如果你想要得到持久永恆的成功,那驅使你邁向目標的動機必須發自你的內心。」 / 梅爾 (Panl J. Meyer)

12. 目標是有底限的夢想
「有目標的人們成功是因為他們知道他們往那裡前進。」 / 奈丁格爾 (Earl Nightingale)

13. 辛勤工作無與倫比
「生命所提供的最好獎賞就是:有機會為值得做的事情辛勤工作。」 / 羅斯福(Theodore Roosevelt)

14. 有得必有失
「決定你要什麼,決定你願意用甚麼來與之交換,把你的前後次序搞清楚,就開始去工作。」 / 韓特(H. Lamar Hunt)

15. 成功者創造時間
「時間是生命,是不可重來、不可逆轉的。浪費時間就是浪費生命;掌握時間就是掌握生命,並充分地使用生命。」 / 蘭凱 (Alan Lakein)

16. 自尊是自己成就的
「自尊是在你內裡深處對自己價值的感受。」 / 魏特利(Denis Waitley)

17. 心靈成長也需要營養與運動
「身心靈和諧的運作,決定了我們整個人與我們的健康。」 / 桑若森博士 (Dr. Carl Thoresen)

18. 每一個人都有失敗經驗
「如果你願意接受失敗,並從其中有所學習;如果你願意相信失敗是一個化妝的祝福,並從中板回優勢,你就有擁有一個最有利的成功因素與潛能。」 / 舒格曼 (Joseph Sugarman)

19. 用心體會人生基本要素
「這是我的秘密,一個非常簡單的秘密,就是人只有用心眼去看才會看得正確,真正基本的東西是用肉眼看不見的。」小王子 (The Little Prince) / 聖艾克斯柏利 (Antoine de Saint-Exupery)

20. 最基本的原則是做一個好人
「盡你所能的做一切的善事,用你一切可能的方法行善。」 / 魏斯理(John Wesley

原著書名: 20 Things I Want My Kids To Know(我要我的孩子知道的20 件事)
中文譯名:黃金階梯 —人生最重要的二十件事
作者: Hal Urban
出版社:宇宙光

2010年3月23日 星期二

How to capture the packet outside the NAT Router

1. We can plug hub connected to the WAN port of NAT Router. And then use NB connected to the hub. Then we can capture packets onto the NB by using capture software (e.g. wireshark).

2. We can plug switch connected to the WAN port of NAT Router.The switch comes with a Port Mirror feature. So we can connect a PC to the mirror port to capture all the packets pass through the switch.

2010年3月4日 星期四

Drive Fitness Test

Disk check and fix tools

http://www.hgst.com/hdd/support/download.htm#DFT


How to create bootable DFT diskette using Linux
The Drive Fitness Test image file (dft-vxxximg.bin) includes a DOS-based Drive Fitness Test program. Running the Linux Disk Dump (dd) utility, creates an DOS-bootable diskette that contains the Drive Fitness Test Utility. A formatted 1.44 MB diskette is required to create the diskette. The Drive Fitness Test is provided for testing our disk drives. The test will not overwrite customer data.
Restrictions: The users guide contains detailed information on the current restrictions for the Drive Fitness Test. See the link at the bottom of this page.
To create a bootable DFT diskette under Linux:
Download the bootable version of DFT (dft-vxxximg.bin) into a known directory on your PC.
Insert a formatted 1.44 MB diskette into your disk drive.
Make sure that the floppy disk is unmounted.
Change directory to where you saved the DFT image.
Run the Disk Dump (dd) utility with the following parameters: dd if=dft-vxxximg.bin of=/dev/fd0 bs=8k Note: /dev/fd0 is the first diskette drive. Use /dev/fd1 if you would like to use the second diskette drive to create the DFT diskette.
The bootable DFT diskette will now be created, Note this could take a couple of minutes .
See the users guide for information on how to run the Drive Fitness Test. To use the Drive Fitness Test with our SCSI hard disk drives you must have the correct ASPI drivers installed. Please refer to the users guide for a list of supported controllers.
Drive Fitness Test Users Guide


Drive Fitness Test
Version 4.16
The Drive Fitness Test (DFT) quickly and reliably tests SCSI, IDE and SATA drives. The DFT analyze function performs read tests without overwriting customer data. (Note: other DFT restoration utilities may overwrite data.)
DownloadsTo run the DFT, you must download the appropriate creator or image and create a self-booting media.
You may create the media under Windows (using the Windows OS version) or Linux (using the binary image), but you must start your system with the DOS-bootable diskette to run DFT.
Drive Fitness Test User's Guide (426 K)Guide to using DFT
Diskette creator for Windows OS (2,130 K)Creates self-booting media to run DFT Read Me Having trouble creating the bootable diskette?
Binary diskette image for non-Windows OS (1,440 K)Creates self-booting media to run DFT Read Me
CD image (2,720 K)Creates bootable CD for Linux, Windows and other operating systems ( requires CD-RW drive and software).

DFT provides 3 media types to run on different platform (e.g. Windows, Linux, Dos...)
* Windows Application
* Bootable CD
* Bootable Disk

2010年3月3日 星期三

Verified Memory Usage

1. top
we can observe the memory usuage from the top 2 lines of mem/Swap usage
Mem: 3693568k total, 850148k used, 2843420k free, 145076k buffers
Swap: 8385920k total, 0k used, 8385920k free, 372780k cached

2. cat /proc/meminfo
# cat /proc/meminfo
MemTotal: 3693568 kB
MemFree: 2830268 kB

3. free
# free -m -t
total used free shared buffers cached
Mem: 7982 3576 4406 0 625 2677
-/+ buffers/cache: 272 7709
Swap: 10236 0 10236
Total: 18219 3576 14643