Postfix round-robin outgoing IP address the easy way

January 29th, 2016 by Russell No comments »

Needed to add a second IP to my single Postfix instance and have it round-robin which IP address it sends from. Not so much for load balancing (both addresses are on the same physical server after all), but to avoid getting blocked by ISP’s from the large amount of mail being sent from one of my servers.

Through some searching, trial, and error, found out that this is really easy to do with iptables SNAT rules:

-A POSTROUTING -o eth0 -p tcp -m state –state NEW -m tcp –dport 25 -m statistic –mode nth –every 2 –packet 1 -j SNAT –to-source 1.1.1.1
-A POSTROUTING -o eth0 -p tcp -m state –state NEW -m tcp –dport 25 -m statistic –mode nth –every 2 –packet 0 -j SNAT –to-source 1.1.1.2

What this tells it to do is for every packet with a destination of port 25, rewrite the source IP to be either 1.1.1.1 or 1.1.1.2, depending on which count you are at.

No Postfix configuration changes necessary at all!

Windows, PHP, and Image Magick “side-by-side configuration error”

September 18th, 2015 by Russell No comments »

What a pain!

In order to get past this error you have to install the Microsoft Visual C++ 2008 Redistributable Package x86. Even if you have a 64bit Windows install, Image Magick requires the 32bit package.

My awesome Steambox / Big Picture setup

August 1st, 2015 by Russell No comments »

This is to help document my Steambox / Steam Big Picture setup. I invested a lot of research and energy into getting this guy going 🙂

Main Hardware:
Intel Core i7-4770K
16GB RAM
GTX 960
Windows 7 x64

 
What I have going on:
TV is configured on HDMI 3 to receive input from my gaming PC as a third monitor. Gaming PC is in my office, TV is in my den. In order to “start gaming” you set the TV to HDMI 3, hit Back + A on the wireless Xbox controller to enable the third monitor, then hold down the Xbox middle button for 5 seconds to launch Steam. It’s now gaming time, all without touching the PC’s keyboard or mouse, or configuring anything manually!

Required additional hardware purchases (for me):

 
Required software:

  • Ice – Allows you to include Emulators and ROMs into your Steam Big Picture. Super helpful for one-click launching of ROMs. (http://scottrice.github.io/Ice/)
  • AutoHotKey – I created hotkey combos to do things such as expand and (un?)expand my desktop to my TV, enable the sound output to go over HDMI to the TV, etc. (http://www.autohotkey.com/)
  • JoyToKey – I mapped several key combos from my XBox controller to my keyboard. I then mapped those same keyboard keys to actions in AutoHotKey. The result? I can now press button combos on the controller and have it expand my desktop to my PC without me ever having to touch the keyboard! Cool stuff! (http://joytokey.net/en/)
  • EndPointController – This allows you to control your sound output via CLI. I use this in conjunction with JoyToKey and AutoHotKey to change my playback device in Windows to the HDMI device automatically. (https://github.com/DanStevens/AudioEndPointController)
  • NoMousy – This hides the mouse cursor via CLI. Very useful for keeping the mouse cursor out of the middle of the TV. http://forum.arcadecontrols.com/index.php?topic=143370.0

 
Software configuration:

  • Ice – Here is an example of how to configure the emulator launching for Wii: emulators.txt
  • AutoHotKey – Here are the hotkey configuration and batch files I am using for enabling / disabling my TV as a third monitor. I am also enabling/disabling the HDMI auto output as the default audio output, and hiding/unhiding the mouse cursor: GameOff.ahk GameOff.bat GameOn.ahk GameOn.bat
  • JoyToKey – Here’s the mapping I am using for Xbox controller-to-Keyboard mapping. AutoHotKey then picks up the keyboard keys and runs your scripts. I also included ExitCombination.cfg which allows you to press Back and Start at the same time on the Xbox Controller to exit out of Dolphin (the Wii emulator): JoyToKey.ini ExitCombination1.cfg
  • EndPointcontroller – No configuration for this one, the batch scripts that AutoHotKey executes uses it.
  • NoMousy – No configuration for this one either, the batch scripts that AutoHotKey executes uses it.

Upgrading Xtables problems

July 13th, 2015 by Russell No comments »

If you are receiving the error “compat_xtables.c:633: error: too few arguments to function ‘ipv6_find_hdr’” when attempting to reinstall Xtables, comment out “#define CONFIG_IP6_NF_IPTABLES_MODULE 1” in /usr/src/kernels/2.6.32-504*/include/linux/autoconf.h and retry your ./configure; make; make install

UAuto v1

September 4th, 2014 by Russell No comments »

After quite a bit of searching and trial and error, I was unhappy with the programs out there for automatically extracting rar files that are downloaded through utorrent, and/or sending emails when the downloads are complete. So, I made my own that can do both much more easily!

Please feel free to try UAuto out and let me know your thoughts. Be sure to edit the finished.bat, email_alert.bat, and email_alert_error.bat files and set the correct options for your system.

To configure this script to run in Utorrent when a download finishes, edit the “Run Program” preferences:

Capture


Download link below!
Download UAuto.rar

iptables + geoip blocking

March 31st, 2013 by Russell 2 comments »

How to setup iptables on CentOS 6 to easily ACCEPT/DENY based on source country:

yum install gcc gcc-c++ make automake unzip zip xz kernel-devel-`uname -r` iptables-devel perl-Text-CSV_XS

wget http://sourceforge.net/projects/xtables-addons/files/Xtables-addons/1.47/xtables-addons-1.47.1.tar.xz

tar xvf xtables*; cd xtables*; ./configure; make; make install

cd geoip/

./xt_geoip_dl

./xt_geoip_build GeoIPCountryWhois.csv

mkdir -p /usr/share/xt_geoip/

cp -r {BE,LE} /usr/share/xt_geoip/

Test it like this:
iptables -I INPUT -m geoip –src-cc CN -j DROP

Windows 2008 R2 service + Mezzmo

December 3rd, 2012 by Russell No comments »

Here’s how to get Mezzmo to work in Windows 2008 R2 under a normal user account (and not request admin permissions when starting/stopping a service)

1) Get subinacl here: http://www.microsoft.com/en-us/download/details.aspx?id=23510
2) Run the following to grant your normal user account perms to start/stop/query the service: subinacl /service SERVICE_NAME /grant=COMPUTER_NAME\USERNAME=TOP
Ex: subinacl /service “\\MEDIA-SERVER\Mezzmo” /grant=\\MEDIA-SERVER\MEDIA=TOP

3) Extract patched Mezzmo files to install folder for Mezzmo (Ask Conceiva for the patched files)
4) Done!

WDTV + CIFS share on Window Server 2003

November 10th, 2012 by Russell No comments »

Had an issue where my wdtv wouldn’t see any network shares – didn’t even show any servers as available. Enabling the “Computer Browser” service on my media server corrected the problem 🙂

Postfix + Dovecot + Multiple IP addresses and SSL certificates

July 29th, 2012 by Russell 1 comment »

I recently had the privilege of needing to setup a completely new domain on a Postfix+Dovecot mail server, along with its own IP and custom SSL certificates depending on which IP you connected to.

Here’s how to do it for Dovecot + Postfix:

Dovecot (2.0+):
* Replace 1.1.1.1 and 2.2.2.2 with your two separate IP addresses on the same server
* Note that dovecot still requires a master ssl_cert and ssl_key, so don’t remove these.

/etc/dovecot/conf.d/10-ssl.conf:

local 1.1.1.1 {
ssl_cert = Postfix:
* Remove smtpd_tls_key_file and smtpd_tls_cert_file from main.cf
* Add separate master instances for each IP in master.cf like so:

1.1.1.1:smtp inet n – n – – smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_key_file=/etc/postfix/domain1.key -o smtpd_tls_cert_file=/etc/postfix/domain1.crt
1.1.1.1:submission inet n – n – – smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_key_file=/etc/postfix/domain1.key -o smtpd_tls_cert_file=/etc/postfix/domain1.crt
2.2.2.2:smtp inet n – n – – smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_key_file=/etc/postfix/domain2.key -o smtpd_tls_cert_file=/etc/postfix/domain2.crt
2.2.2.2:submission inet n – n – – smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_key_file=/etc/postfix/domain2.key -o smtpd_tls_cert_file=/etc/postfix/domain2.crt

You can also add different SMTP banner greetings in postfix depending on which IP gets connected to. Just add -o myhostname=mail.server.com on the end of each above line.

Outgoing Mail
If you want to also have mail that is sent from your new domain to leave the mail server utilizing the new IP, you need to utilize Postfix’s “sender_dependent_default_transport_maps” feature. One way of doing this is:

* Add to the top of your main.cf:
new_domain unix – – n – – smtp -o smtp_helo_name=mail.newdomain.com -o smtp_bind_address=your.new.ip.address

* Add to the bottom of master.cf:
sender_dependent_default_transport_maps = hash:/etc/postfix/dependent

* Create a new file named “dependent” in /etc/postfix and inside of it add:
@newdomain.com new_domain

* Then hash it with postmap and reload Postfix.

WDTV and CIFS Share issues

June 23rd, 2012 by Russell No comments »

Couldn’t get the WDTV to login to my Windows 7 file share; kept complaining about not being able to access it. Finally resolved it by changing the following parameters in the registry to tell Windows to utilize enough memory to be a fileserver:

Set the following registry key to ’1′:
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\LargeSystemCache

and set the following registry key to ’3′:
HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters\Size