SuperFlo's weblog

I had troubles with daemons reloading while using bind-chroot+rsyslog+logrotate so I decided to update the post and paste my actual conf which doesn’t use them. Instead, you’ll find a sample named (bind-chroot) configuration to separate daemon messages from users queries. Everything has been tested with CentOS 6.{0..2} but it should works with any flavor of Unix-like systems. Note that with CentOS 6 bind chrooting is done by mount points, see mount | fgrep named while named is started ; you must not symlink configurations files and you should edit files directly under /etc. Though, you should not put your configuration directly in /etc/named.conf but include your own files under /etc/named/ using the include directive as shown bellow.

• /etc/named.conf: Remove the logging{} block and include your own file

[...]
include "/etc/named/named.conf.local";

• /etc/named/named.conf.local:

[...]
logging {

        channel log_dns {
                file "/var/log/dns.log" versions 3 size 10m;
                print-category yes;
                print-severity yes;
                print-time yes;
        };

        channel log_queries {
                file "/var/log/dns_queries.log" versions 3 size 20m;
                print-category yes;
                print-severity yes;
                print-time yes;
        };

        category default {log_dns;};
        category queries {log_queries;};
        category lame-servers { null;};

};

Log files are physically placed under /var/named/chroot/var/log/ so a lazy admin would want to symlink them in /var/log/:

ln -sf /var/named/chroot/var/log/dns.log /var/log/dns.log
ln -sf /var/named/chroot/var/log/dns_queries.log /var/log/dns_queries.log

As you should guess, one can find a direct link to video (mp4 files stored at Akamai) directly in Facebook video page source code.
Unfortunatly, it’s encoded in a way that prevent copying and pasting the URL directly in your browser. Here’s a stupid sed one-liner to decode the URL and download (wget) the video.

• Open a video page in facebook ;
• Read the source code and search for either, highqual_src, lowqual_src or video_src ;
• Input the newly found URL in the following one-liner:

wget $(echo "<encoded_mp4_url>" | sed -e 'sx\\\u00253Ax:xg;sx\\\u00252Fx/xg;sx\\\u00253Fx?xg;sx\\\u00253Dx=xg;sx\\\u002526x\&xg')

Orange sadly limits inbound connexion to it’s MX to 1 connexion per IP, which is a total pain in the ass when you try to deliver newsletter, or manage a MTA.

Here is a sample log from their MX: Jul 4 10:42:42 smtp.example.com postfix/smtp[32347]: 0123456789: host smtp-in.orange.fr[193.252.22.65] refused to talk to me: 421 mwinf5c34 ME Trop de connexions, veuillez verifier votre configuration. Too many connections, slow down. OFR004_104 [104]

However, since they won’t change anything, we have to take mesures, here’s what you can do if you run postfix: you have to set a per-destination concurrency limit.

• /etc/postfix/main.cf

Identify or configure the transport_maps file:

transport_maps = hash:/etc/postfix/transport

• /etc/postfix/transport

Now, overrides the default transport for Orange (and all of it’s related domains) in the transport maps file

orange.fr     orange:
wanadoo.fr    orange:

Then, use postmap /etc/postfix/transport to generate transport.db

• /etc/postfix/master.cf

You have to configure the new transport “orange” not to fork (maxproc=1) with this line in master.cf:

# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
orange    unix  -       -       n       -       1       smtp

You can now reload postfix and use ps(1) to verify that there only is one “orange” process at a time while delivering emails to Orange users:

postfix  32618 32471  0 17:07 ?        00:00:00 smtp -t unix -u
postfix  32619 32471  0 17:07 ?        00:00:00 smtp -t unix -u
[...]
postfix  32672 32471  0 17:15 ?        00:00:00 smtp -l -n orange -t unix -u

[1] Source: http://www.dj-j.net/waka/Linux:Administration_Postfix