ethtool -K eno1 gso off gro off tso off
To check the state
ethtool –k eno1 | grep tcp
Category: Uncategorized
DVD VOB files to MP4 with FFMPEG
Let us start by analyzing our input files and what we expect to find
- A video stream, the obvious
- Audio streams for different languages
- Audio streams that should play together
- dvd_subtitle
dvd_subtitle
Let us start with the subtitles, the encoder/decoder for dvd_subtitle stream is either dvdsub or dvbsub.
According to documentation, This codec decodes the bitmap subtitles used in DVDs; the same subtitles can also be found in VobSub file pairs and in some Matroska files.
Metroska uses VobSub, vobsub is basically the same as the stream in DVD but in a file with the extension “*.sub”.
So, I have a stream with “dvd_subtitle” on stream 0:3, to extract, I will probably use a command such as
Extracting the subtitle files
ffmpeg -i input.VOB -c copy -map 0:3 subtitles.sub
Now, at this stage, if you want to convert them to srt for example (Or a text base subtitle system), you will need to use a tool that has OCR !! Such a tool is VobSub2SRT =>
Another method after extracting is using an online service such as this one (https://subtitletools.com/convert-to-srt-online) to turn subtitles into SRT
Find in files and replace in files in Linux
If you are looking for functionality similar to notepad++ functionality of replacing a string in all the files in a certain folder, Look no more, in linux this is a simple command
Assuming you are on the command line and the directory containing the files is the active one (cd)
the following line will replace foo with bar in all files on the current root directory but not in subdirectories
sed -i -- 's/foo/bar/g' *
If you want it to go recursively into sub directories, you can combine the above with the find command
find . -type f -exec sed -i 's/foo/bar/g' {} +
if you want sed to backup the files before it does the replace, use the following command, you can replace the .bak with anything you like
sed -i.bak -- 's/foo/bar/g' *
SD cards trim command
Many modern SD cards support the trim command () in Linux, the problem is that not many SD card readers (Mostly USB) do
So running () on a mounted card will usually return an error such as
fstrim -v /hds/usb
fstrim: /hds/usb: the discard operation is not supported
The command “lsblk –discard /dev/sdf” should tell you whether your SD card/adapter combination support trim right now, so the failure of the fstrim command above can be predicted in advance with this command
Now, assuming your SD card is not mounted, and you need to format it, Will formatting restore the speed ? unfortunately not, to restore the speed, before formatting your SD card, you might want to run the blkdiscard function, mind you, this command will delete all your data !
blkdiscard -f /dev/sdf
but even that might not work
blkdiscard: Operation forced, data will be lost!
blkdiscard: /dev/sdf: BLKDISCARD ioctl failed: Operation not supported
Adding an internal network to KVM
A private network connects select virtual machines to other virtual machines on the same host, and to the host itself, I usually use it to use samba shares between all virtual machines without giving those virtual machines access to the internet.
To do this, you will need to add a vridge to the host computer without an actual network interface that the bridge connects to, you can also add DHCP if you don’t care to hard code the IP addresses, the virtual machine can then use this interface to talk to other virtual machines or the host itself, A virtual machine can have both this network interface and another that does have access to the internet if you so chose
Continue reading “Adding an internal network to KVM”Quest for the best sunblock
Before diving in the list, I must mention that as an Amazon Associate I earn from qualifying purchases.
Coppertone, water proof, SPF50 HERE
Free SSL certificates with Let’s encrypt, step by step
Let’s encrypt is a Certificate Authority (CA) run by Internet Security Research Group (ISRG), and is sponsored by some of the biggest name in the web industry
You are probably here to create a certificate, not get a history lesson ! so Let me cut the chase, for those who want to know more, there is always wikipedia (Let’s encrypt on Wikipedia)
So let’s encrypt provides certificates for domain names, including wildcard certificates (Which I will get to by the end of this article), What we are going through here is the manual process, which serves to give you a taste of how things work, in practice, you are encouraged to use on of the automated methods for multiple reasons, one compelling such reason is that Let’s encrypt issues certificates valid for three months only ! You don’t want to have to cater to your certificate every three months do you ?
To simplify things, I will create a step by step video to demonstrate the creation process ! and post it here, but for now, I will simply take you through the steps, in this tutorial, all you need is SSH access to any server including one you have at home ! or even maybe a virtual machine running Linux inside your windows computer, anything goes, once you have a certificate, you can move it to your production server, this allows me to keep this as general as possible, and this is done using the –manual option, So without further ado, let me get to it
1- login to a linux server and install certbot, the tool that allows you to get certificates from let’s encrypt, On the official website, they promote the use of SNAP, here, I will skip snap and use Debian’s repository ! simpler and there is no need to get into snap
apt install certbot
Now that you have certbot, let us create a certificate for the domain example.com (replace it with your own)
certbot certonly --manual --preferred-challenges http
The –preferred-challenges directive allows you to specify what challenge (http or dns) you would like to perform, the manual plugin is basically the same as webroot plugin but not automated, which is a hassle to keep up to date as this form of issuance needs to be renewed manually every 3 months, (You can take extra steps to automate this) which i will describe later on another post to keep things tidy
Now, as soon as you enter the above, you will enter an interactive dialogue with the following steps
Note: If you want to create a wildcard certificate for your domain name, let’s encrypt allows the use of the * wildcard, but only supports DNS challenge, so the command must reflect that, So when asked for a domain, simply enter *.example.com (or -d ‘*.example.com’), should work normally
As soon as you are in, you will be asked 1- An email for notifications 2- Do you agree to the terms of service ? 3- Would you like to subscribe to the newsletter ? 4- enter your domain names (you should enter both example.com and www.example.com separated by either a comma or a space) 5- Create a file containing just this data: Pg1xJ.........-88 And make it available on your web server at this URL: http://example.com/.well-known/acme-challenge/Pg1...........xuu_0 6- Now you need to create the 2 challenge files, one for exmaple.com and the other for WWW.example.com Create a file containing just this data: Ud4m81x..............zupbWEz-88 And make it available on your web server at this URL: http://www.example.com/.well-known/acme-challenge/Ud4........550 (This must be set up in addition to the previous challenges; do not remove, replace, or undo the previous challenge tasks yet.) -------------------------- IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/example.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/example.com/privkey.pem Your certificate will expire on 2023-03-11. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To non-interactively renew *all* of your certificates, run "certbot renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le
At this stage, there are things you should remain aware of
1- DO NOT RENAME OR MOVE THE CERTIFICATES, they need to be in place for renewal if you decide to not automate and check on your certificates every 3 months.
2- Copy (Don’t move) them to the ssl directory, and add them to your config files, the only files you will need to include in your nginx or apache2 config are as follows
For apache 2, you need to use the following 2 lines, modify the path to the files to wherever you have placed them
SSLCertificateFile /etc/apache2/ssl/example.com/fullchain.pem
SSLCertificateKeyFile /etc/apache2/ssl/example.com/privkey.key
And for nginx
ssl_certificate /etc/nginx/ssl/allspots.com/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/allspots.com/privkey.pem;
So, restart apache or nginx, and you should be able to see the certificate in action, so this is the simplest way to use let’s encrypt, in my next post, I will
Now, after 3 months, the simplest way to renew the certificate is to issue the command
certbot certonly --force-renew -d example.com www.example.com
Mounting unclean NTFS windows drive in Linux
Whenever i get the following message
mount /dev/sdd1 /hds/sgt2tb The disk contains an unclean file system (0, 0). Metadata kept in Windows cache, refused to mount. Falling back to read-only mount because the NTFS partition is in an unsafe state. Please resume and shutdown Windows fully (no hibernation or fast restarting.) Could not mount read-write, trying read-only
The command
ntfsfix /dev/sdd1
resolves the issue, and produces the following message
Mounting volume... The disk contains an unclean file system (0, 0). Metadata kept in Windows cache, refused to mount. FAILED Attempting to correct errors... Processing $MFT and $MFTMirr... Reading $MFT... OK Reading $MFTMirr... OK Comparing $MFTMirr to $MFT... OK Processing of $MFT and $MFTMirr completed successfully. Setting required flags on partition... OK Going to empty the journal ($LogFile)... OK Checking the alternate boot sector... OK NTFS volume version is 3.1. NTFS partition /dev/sdd1 was processed successfully
The same mount command you see here will now work flawlessly
mount /dev/sdd1 /hds/sgt2tb
I am still unsure what process from the mentioned above is responsible, as this oftentimes pops up on drives that were never system drives, so there is no hibernation file problem
Mounting a remote Linux file system as a Windows drive
You can do this in many ways, the most popular of which is SAMBA, but this is not the software we are using, here we are using SSHFS
The software this post is about is SSHFS, if you are reading this, you probably know what SSH is (Secure shell), and FS stands for File System
Ironically, you will only need to have SFTP and not SSH with shell access, so here is the first surprise, Now, to continue with this tutorial, you might want to visit the page I have posted here to create that user and give him/her access to the directory to be mounted, don’t worry, there is a link back here at the bottom of that page !
So, now that you have created that user account on the remote system, let’s get down to business
You will need 2 peices of software, or 3 if you would like to use private/public key authentication
For the following software, look on their websites for the latest installers for your version of Windows (Usually you are looking for the msi of the 64bit version of windows)
1- WinFsp, short for Windows File System Proxy, What this basically does is enabled the developer of SSHFS-Win to make it look like a windows drive, not some separate SFTP application where you have to move the files manually, when you present it as a drive, you can modify files directly on it, which is the main advantage, and it will do the work in the background, it is a driver that presents itself on/to windows as a disk, while cheating the disk contents from another application, the github page for it is at https://github.com/winfsp/winfsp, or to save you time, Just go directly to the download page here https://github.com/winfsp/winfsp/releases/tag/v1.11 , When presented with optional components, if you are not a developer, you will only ever need the Core package, which is the installer’s default
Once WinFsp is installed, we are done with the part that allows us to display file systems that are not really filesystems, the next step is to have something feed that with data from an actual filesystem somewhere else ! via SFTP, and that software would be
2- SSHFS-Win, which is the system that sits in the middle, between the SFTP server, and WinFsp which is an illusion of a hard drive on your windows machine ! it’s home on github is at https://github.com/winfsp/sshfs-win, To get the latest from this one, go here https://github.com/winfsp/sshfs-win/releases and look for the one that says latest (Not pre-release), download and install it
There is no software to install on the remote side, as most Linux systems already have the functionality ! and you have already setup a user in the previous post that I pointed you to a minute ago, So let us mount !
Now, you can (But don’t do it just yet) open file explorer in Windows, right click “This PC”, and click on Map Network Drive, A dialogue appears, enter your connection string, which should be something like
\\sshfs\username@serverhostname\
You should then be prompted with a password dialogue box, you enter the SFTP password, and you should now be all set, but why are we not doing this right now ? we are not doing this because when you create files in that drive, they will remotely have rwx permissions for owner, and no permissions for group or others, wo work around this, you need to pass the following arguments to the mount
webdev@10.10.20.41:/ create_file_umask=0000,create_dir_umask=0000,umask=0000,idmap=user,StrictHostKeyChecking=no
which is only available via command line and does not survive reboots, a better alternative is to use sshfs-win-manager, which seamlessly mounts those remote file systems using SFTP , the long and short of it is that it just works
Another program that has a different set of permission issues (I can write files, but can’t write to them again even though i own the files on the remote system and the permissions should allow) is SiriKali (https://github.com/mhogomchungu/sirikali), you should be able to find the line to download for your platform here (https://mhogomchungu.github.io/sirikali/)
SiriKali also allows you to use other types of authentication which are beyond the scope of this post
So in SiriKali, you need to fill the above information, luckily that information is loaded by default.
Remember to select the checkboxes you need,
Types of documents in software development and who writes them and for who
Every company has it’s own procedures, and sometimes it’s own standard for the following documents, but this is the most common, the order is loosely relevant to prerequisites and chronological order
I have put them down in a table to simplify
In this document, a client refers to a party that receives the code, (any of the steakholders), Implementation lead and developer refer to the programmers, system analyst refers to a system analyst.
| Doc Abbrv. | Document description | Who writes it | Who is it written for |
| SOW | Statement of work | Project management, Chief Information Officer, third-party contractor, So from the developers perspective, any client such as the above | Implementation Lead |
| MRD | Marketing requirements document | Marketing department | All steakholders including Implementation lead |
| URD URS | The user requirements document User requirements specification This document is basically the client outlining the features the developers are to implement | Project management with help from system analysts (Clients) | Implementation lead and any relevant stakeholders |
| SRS | A software requirements specification sheet A description of a software system to be developed, laying out functional and non-functional requirements- or features This document bridges the gap between user/client and developer Also serves as an agreement | Business Analyst, System Analyst, and developers | |
| TRD | Technical requirements document Written by the developers based on the requirement documents submitted by the client, this is an extensive document that connects functionality, features, and purpose together, creating this document is a very lengthy process and it requires “Technical writing skills” as it is meant to convey the whole system to non technical steakholders. | ||
| FSD | Functional specification document | ||
| FRD | Functional Requirements Document | ||
| PRD | Product requirements document. This document communicates the capabilities the product will need. | ||
| SRD | Software Requirements Document written statement of what the software will do or should do. | ||
| FRS | Far more detailed than an SRS | Implementation lead or System Analyst. | |
| Product Roadmap | Timetable | ||
| Product backlog | It is the prioritized list of task-level details needed to execute the strategic plan outlined in the product roadmap. | ||
| Sprint Backlog | Drawn from the product backlog, this is the list of cross-functional team plans to work on in the next sprint. | ||
| SD | Software documentation A user’s manual (Not for the developers) | ||