Well try it out, Coffivity uses sounds recorded from a cafe. Im a skeptic but I found that it does create an ambient surrounding especially in the early mornings, no need for Coffee.
There are a couple of excellent articles on Firewall D and I’ll attribute them as follows. Remember to check out the comments sections where available since there are some insightful contributions:
Below are some of the neat things I gleaned from the above resources:
Firewalld is the default firewall on CentOS minimal install and its managed by the firewall-cmd administrative tool.
Firewalld daemon encapsulates groups of rules into what are termed as Zones. These rules dictate what traffic should be allowed depending on the level of “Trust” in the network your computer is connected to.
Zones are activated by adding Network Interfaces to them. The default zone after a CentOS mimimal install is the public zone. Here you’ll find a nice description of the different zones. Remember, check the zones that are active then add rules, e.g enabling ports, on them instead of blindly opening ports in all the zones.
To allow traffic between network interfaces remember to enable ip_forwading.
Interfaces will always revert to the default zone if they do not have an alternative zone defined within their configuration. On CentOS, these configurations are defined within the /etc/sysconfig/network-scripts directory with files of the format ifcfg-interface. To define a zone for the interface, open up the file associated with the interface you’d like to modify.
Incase you’d rather switch back to Ip-tables, follow the instructions here.
NOTE: Firewalld relies on NetworkManager. This means that if you plan to stop NetworkManager for any reason (for example when building a KVM host), you will have to stop Firewalld and use Iptables instead!
Masquerading: If your firewall is your network gateway and you don’t want everybody to know your internal addresses, you can set up two zones, one called internal, the other external, and configure masquerading on the external zone. This way, all packets will get your firewall ip address as source address.
Services: There are a few basic building blocks in the zones — services are the most important. Firewalld uses its own set of services that are configured using XML files in the directories /usr/lib/firewalld/services (for the system default services) and /etc/firewalld/services for services that you, the administrator, create. If the same service is found in both locations then the services defined in /etc/firewalld/services takes precedence.
The firewall-cmd command is one of many methods to configure firewalld. Alternatively, you can edit the zone configuration file directly. This doesn’t give you any feedback on wrong syntax, but it’s a clean and straightforward configuration file that is easy to modify and distribute across multiple servers.
I had Setup the pound gateway as per the steps here. The issue was that the gateway wasn’t starting. The following error was on the log:
Sep 7 15:09:49 localhost systemd: Starting Pound Reverse Proxy And Load-balancer... Sep 7 15:09:49 localhost pound: starting... Sep 7 15:09:50 localhost pound: get_host(192.168.56.101, res, 0) Sep 7 15:09:50 localhost pound: getaddrinfo OK Sep 7 15:09:50 localhost pound: ret OK Sep 7 15:09:50 localhost pound: done Sep 7 15:09:50 localhost pound: get_host(192.168.56.101, res, 0) Sep 7 15:09:50 localhost pound: getaddrinfo OK Sep 7 15:09:50 localhost pound: ret OK Sep 7 15:09:50 localhost pound: done Sep 7 15:09:50 localhost pound: get_host(192.168.56.102, res, 0) Sep 7 15:09:50 localhost pound: getaddrinfo OK Sep 7 15:09:50 localhost pound: ret OK Sep 7 15:09:50 localhost pound: done Sep 7 15:09:50 localhost pound: get_host(192.168.56.103, res, 0) Sep 7 15:09:50 localhost pound: getaddrinfo OK Sep 7 15:09:50 localhost pound: ret OK Sep 7 15:09:50 localhost pound: done Sep 7 15:09:50 localhost systemd: Failed to read PID from file /var/run/pound.pid: Invalid argument Sep 7 15:11:19 localhost systemd: pound.service operation timed out. Terminating. Sep 7 15:11:19 localhost systemd: Failed to start Pound Reverse Proxy And Load-balancer. Sep 7 15:11:19 localhost systemd: Unit pound.service entered failed state.
According to this mailing list, the solution is to edit the file pound.service shown below and remove the line with something like PID.
After editing, the file should have the following:
[root@localhost ~]# cat /usr/lib/systemd/system/pound.service [Unit] Description=Pound Reverse Proxy And Load-balancer After=syslog.target network.target [Service] Type=forking ExecStart=/usr/sbin/pound [Install] WantedBy=multi-user.target
Guest OS – CentOS 7
Configure Load Balancer
- Enable the EPEL repository.
- Install pound on the Load Balance Server. In my case this is on IP 192.168.56.101
[root@localhost ~]# yum install pound
- Configure pound
[root@localhost ~]# vim /etc/pound.cfg
NB:// Remember to add the http service to the firewall as detailed below. Otherwise this will happen.
- Add pound to chkconfig so it starts at bootup:
[root@localhost]# systemctl is-enabled pound disabled [root@localhost]# systemctl enable pound ln -s '/usr/lib/systemd/system/pound.service' '/etc/systemd/system/multi-user.target.wants/pound.service' [root@localhost]# systemctl is-enabled pound enabled
Configure Back End Servers
- Install apache and php
[root@localhost ~]# yum install --disablerepo="*" --enablerepo="LocalRepo" httpd [root@localhost ~]# yum install --disablerepo="*" --enablerepo="LocalRepo" php
- Edit apache config so webserver listens to traffic on static IP
[root@localhost ~]# vim /etc/httpd/conf/httpd.conf
- Create a sample web page on Backend server(s)
[root@localhost ~]# vim /var/www/html/index.html
- change ownership of the index.html file:
[root@localhost ~]# chown apache:apache /var/www/html/index.html
- Restart Apache
[root@localhost ~]# service httpd restart
- Repeat the above for Backend Server 2, remember to use a different IP in the http.conf file and “Server 2” in the index.html file.
- NOTE, incase you are using CentOS 7 minimum install, remember to stop firewalld.
Out of the box, enterprise Linux distributions such as CentOS or RHEL come with a powerful firewall built-in, and their default firewall rules are pretty restrictive. Thus if you install any custom services (e.g., web server, NFS, Samba), chances are their traffic will be blocked by the firewall rules. You need to open up necessary ports on the firewall to allow their traffic.
- Instead of stopping the firewall, you can add the following firewall rules and the reload the firewall :
[root@localhost jeremy]# firewall-cmd --get-active-zones public interfaces: enp0s3 enp0s8 [root@localhost jeremy]# firewall-cmd --permanent --zone=public --add-service=http success [root@localhost jeremy]# firewall-cmd --reload success
- Then start pound:
[root@localhost ~]# service pound restart
- Go to the Host OS browser and enter IP of the Load balancer server IP. You should see Server 1 and Server 2’s webpages being served.
I downloaded a playlist of 210 videos and needed to track the order of the videos as listed on the webpage. The webpage lists about 10 videos and you have to scroll down to view the rest.
According to this answer, Firefox has a builtin option. Simply load up the page on firefox and hit Shift + F2. This will bring up a Command Line Interface (CLI) at the bottom left hand side of the browser:
Firefox version used is Mozilla Firefox 40.0.3
Enter the command:
screenshot --fullpage <file_name>.png
Then hit enter and it will prompt you for the location to save the screenshot.
Hint as you type the commands hit Tab to Autocomplete:
I have a Guest OS on Virtual Box, running on Ubuntu based Host OS. I can ping and ssh into my CentOS 7 Guest OS from the host after using the Host Only Networking option on Virtual Box.
The problem came in when I tried reaching the Guest OS’s IP on the Host OS web browser. I’d get this error:
Telnet from the host to the Guest IP gave the following error:
- Check if port is Open and if firewall is running on Guest OS
- Tried to telnet port from Guest OS
- Tried to ping Guest IP from the Host IP and this was successful:
After some doodling, found this pointer.
Starting with CentOS and RHEL 7, firewall rule settings are managed by firewalld service daemon. A command-line client called firewall-cmd can talk to this deamon to update firewall rules permanently.
So after stopping firewalld, I was able to telnet to port 80 and also get a response on the web browser:
NB:// Another alternative to stopping the firewall, is open up the http service/port on the firewall. This can be achieved as explained here.
I was trying to download a playlist but was getting an error.
According to, this issue is normally caused when using version 2014.02.17 or older.
I was unable to upgrade using the option:
sudo youtube-dl -U
This option worked:
sudo pip install --upgrade youtube_dl
Information below, provided in the Ubuntu software Manager, was also helpful:
To install it right away for all UNIX users (Linux, OS X, etc.), type:
sudo curl https://yt-dl.org/downloads/2015.09.03/youtube-dl -o /usr/local/bin/youtube-dl sudo chmod a+rx /usr/local/bin/youtube-dl
If you do not have curl, you can alternatively use a recent wget:
sudo wget https://yt-dl.org/downloads/2015.09.03/youtube-dl -O /usr/local/bin/youtube-dl sudo chmod a+rx /usr/local/bin/youtube-dl
You can also use pip:
sudo pip install --upgrade youtube_dl
This command will update youtube-dl if you have already installed it. See the pypi page for more information.
You can use Homebrew if you have it:
brew install youtube-dl
To check the signature, type:
sudo wget https://yt-dl.org/downloads/2015.09.03/youtube-dl.sig -O youtube-dl.sig gpg --verify youtube-dl.sig /usr/local/bin/youtube-dl rm youtube-dl.sig
The following GPG keys will be used to sign the binaries and the git tags:
4096R/A4826A18 Philipp Hagemeister Key fingerprint = 7D33 D762 FD6C 3513 0481 347F DB4B 54CB A482 6A18 4096R/BCF05F6B Filippo Valsorda Key fingerprint = 428D F5D6 3EF0 7494 BB45 5AC0 EBF0 1804 BCF0 5F6B Older releases are also signed with one of: 1024D/FAFB085C Philipp Hagemeister Key fingerprint = 0600 E1DB 6FB5 3A5D 95D8 FC0D F5EA B582 FAFB 085C (until 2013-06-01)
Safaricom has finally officially opened up the M-Pesa API. It has been a long time coming and it’ll be interesting to see the innovations that are likely to spring up.
Here’s a summary of the what you can do:
- Automated Payment Receipt Processing: This is a Customer To Business feature/C2B where a payment transaction can be initiated by the customer or via the API. The customer simply opens up M-Pesa via the Sim ToolKit(STK) and proceeds to Lipa na M-PESA. Option 2 involves the customer receiving a USSD push asking them to authorize the transaction.
- One of the interesting new features is the ability of the Business to vet the payment and only accept if the transaction meets their criteria or business rules, such as, is the money being paid to the right account? and so on. This reduces the overhead of having to refund erroneously sent transactions.
- The Business entity will also receive confirmation that payment has been made/cancelled/failed and these can be forwarded in real time to a 3rd party.
- Automated Payment Disbursements: This is essentially a Business To Customer B2C feature that was previously tedious and involved creating a file that had to be in a specific format, then uploading it onto a website and then having another user authorize the payment among other teething complexities.
- What’s new is that, this has now been automated and such payments can now be pushed from the Business to the API (programmatically) and subsequently to the recipient.
- Automated Payments Reversal: Finally, as the name suggests, say you pay for something that’s been discontinued and yes ofcourse, you need your money back. The API provides an option for automating such reversals and this can be tailored to suit the business’ internal processes.
For more check out.
Interesting the study period covered school holidays and shows that phone data can be used to predict seasonal disease patterns and also understand how travel/movement facilitates the spread of disease.
If like me you’ve recently upgraded to Windows 10, you’ll notice that Microsoft have joined the long list of companies wanting to know whether you like chocolate chip cookies or cup cakes.
Paranoid? There are a couple of settings you can turn on and off. Warning though! MS wants most of these on for some obvious and others not so, reasons. To maintain the status quo, Cortana won’t work if and when you turn off some of the options in Start Menu –> Settings –> Privacy.
For more, check here.