For those that do not know what SOPA is, know that its a very draconian act that gives too much power against websites into the wrong hands. Google for more information and google information about NDAA too Obama has just signed into law.

Note that the wiki link below is meant for new players, developers, etc. trying to understand the game and how it works. Please explore it for more information. Also note that the game is currently an alpha build with no set timeline on completion or whats all to be included in the game. When it is released, there will be a better introduction.

This game relies heavily on the database. From there you can control most things which allows you to create your own world. As such, in a lot of the wiki articles, there will be tables explaining the database schema. You can use SQLiteStudio to edit the database which is an opensource portable database editor. http://sqlitestudio.one.pl

If you would like to contribute, then donations are always welcomed www.blissend.com/donate or you can help me add content to the game. For now, the only content I need is items (weapons/armor/clothing/misc.), races, appearance descriptors, and help mapping the world. Please check the wiki link below before you try adding anything into the database and check back regularly for updates. Failure to do so may result in submitted content not being used.

Wiki: http://www.blissend.com/files/boowiki.html (FYI, this is downloadable)
Alpha Build: http://www.blissend.com/files/boo.zip (~9MB)
Database Editor: http://sqlitestudio.one.pl

Alpha Screenshot...

Features...

• DHCP through dnsmasq

• QoS for each ISP

• Load Balancing

• Failover Detection

• One config file

There are instructions (.doc file) included on how to install/setup everything. Download dWAN Server (.zip ~56KB)

This plugin was originally made by Rickard Andersson for PunBB back in the day but I have adapted and expanded upon it with the help of FluxBB devs.

The purpose of this plugin is to generate static markup based on a template for those posts you deem as news (creates news.html). This can be used for example to display the home page of your site.

NOTE: Not really a mod, more like a plugin since its drag/drop install (readme.txt inside).

Options...

• Fetch news from forum
  The forum you want to grab posts from. Simply hovering the mouse over the forum link should display the forum ID (e.g. http://fluxbb.org/forums/viewforum.php?id=1). By default it goes for forum 1.

• Optional: Max Post Length (new)
  This will crop the post to what you define as the character limit. It won't cut the base forum tags and if it opens one up it'll try to close the tag. Also it'll display a read more link to the rest of the post.

• Number of posts for latest
  The maximum number of posts to grab for the news.html it generates. So if you set 5, it'll grab the 5 latest topic post from the forum ID chosen.

• Using news template
  The template used for the generated news.html file and archives. TIP: You can edit news.tpl and save it as about.tpl and using this as the news template will generate an about.html instead.

• Saving latest news to
  Where to save the generated news.html file. The directory should be writable and if not it should let you know.

• Optional: Topic ID (new)
  If you only want to generate the news for one in particular then you can specify its topic ID (again you can discover this by looking at the link to the topic). The number of posts option above must be set to 1 for this.
  

• Generate news and/or archive? (new)
  You have a choice to generate only news or archives or both. One must be selected.

• Using archive index template
  The template used to generate the links to all the archives.
  

• Saving archive to
  The directory to save all the archives (2010-09.html, 2010-08.html, etc.). This directory should be writable.
  

• Optional: Earliest year & month, Optional: Latest year & month (new)
  For large boards it can take a long time to generate the archives and run into problems with script execution time limit. To get around this you can manually do the archives in small batches or perhaps you only want a small portion to be archived in the first place

Download newsgenerator_v1.1.3.zip
Mirror newsgenerator_v1.1.3.zip

For those who don't know, stopforumspam.com is shared on http://dnsbl.tornevall.org/ according to their API usage page. This allows you to do searches without an API key. Note that you can find more DNSBL lists over at http://www.dnsbl.info/dnsbl-list.php

Now, if it finds the user's IP registering in any list it'll deny registration. While it'll prevent the same IP from being checked again within the hour, please be careful though. Each list likely has a limit on the number of IP lookups you can do per day or month hence the global limit option provided.

EDIT: My original simplistic version is available here thanks to trichome for saving what I lost! For more advanced options check the download links below.

Download spamipcheck.zip
Mirror spamipcheck.zip

Options Screenshot...

I made this out of frustration that image captcha's, question & answer forms, etc. never seeming to stop enough of those spam accounts from being created. This caused me to have to manually approve each account until I discovered a PHP checkdnsrr function that can be used to check against DNS Black Lists online. To my surprise, in my testing most of those spam accounts were indeed listed in one list or another. So the creation of this modification began.

The first release is shown in my projects page and will soon be ported to other web services if not already (i.e. ip.boards, wordpress, etc.).

ohi bliss i found this place. so this is where you've been all this time.

Yup 8) I always have this site for goofing around. Also since I just released my own mod to fight spam (yesterday in fact) I will stop this requirement stated in this thread since there is no need of it w00t!

UPDATE: I think I found an efficient way to deal with the forum spam registrations and will be experimenting with it here. For now I've enabled signing up again.

First, here are the changes I make to /etc/ssh/sshd_config

1. Find...
   

   #Port 22
   #Protocol 2,1

   Uncomment both and change the port and protocol to something like...
   

   Port 1090
   Protocol 2

   Removing ",1" sets it so that you are using the more up to date secure protocol.

2. Find...
   

   #PermitRootLogin yes

   Change to...
   

   PermitRootLogin no

   This will disable root logins. Be sure to create another user account that you can "su - root" to login into root

3. Find...
   

   #PasswordAuthentication yes
   #PermitEmptyPasswords no

   Uncomment both lines. These do exactly what the variable name says.

4. Find...
   

   #UseDNS no

   Change to...
   

   UseDNS no

   This will stop the sshd from doing a DNS lookup which can be responsible for slow remote logins. Disabling this also allows the below script to function better.

Once you are certain you have the port open and another user account to log in with and gain root access, then finally restart the service to finalize the change.

service sshd restart

Now one last thing you can do is to add a script that only allows logins from select IP addresses. Simply source it in .bashrc for the linux user account.

File blalert.sh

#!/bin/bash
#**************************************************************************
# Name: Bash Login Alert
#**************************************************************************
# Copyright 2010, 2011 blissend
# 
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
# 
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
# 
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
#**************************************************************************
# @author: blissend <blissend@gmail.com>
# @purpose: This script alerts by email of anyone logging in that doesn't 
#     match allowed IP addresses
#**************************************************************************

# Enter in all the IP addresses allowed to login vi ssh
ALLOWED_HOSTS="10.2.0.111 10.2.0.225"
# Enter in the email address to email alerts to
EMAIL=your@domain.com
# 0 means just disconnect invalid user
# 1 means just email about unauthorized login
# 2 means email about unauthorized login and disconnect them
ACTION=1

#######################################
# END OF USER CONFIGURABLE SECTION
#######################################
INVALID=1
IP=`who -m | cut -d '(' -f2 | cut -d ')' -f1`
for a in $ALLOWED_HOSTS; do
    if [ "$a" == "$IP" ]; then
        INVALID=0
    fi
done
if [ $INVALID -eq 1 ]; then
    if [ $ACTION -eq 1 ]; then
        echo -e 'ALERT - Shell Access ('`hostname`') on:' `date` `who` | mail -s "Alert: Shell Access from ${IP}" $EMAIL
    elif [ $ACTION -eq 0 ]; then
        logout
    else
        echo -e 'ALERT - Shell Access ('`hostname`') on:' `date` `who` | mail -s "Alert: Shell Access from ${IP}" $EMAIL
        logout
    fi
fi

You can use the above or use /etc/hosts.deny and /etc/hosts.allow to control who is allowed access or not.

Let 's have a funeral for those 3D movies and games, because they can make them all they want, i won't see a single one of them, shutterglasses create headache and for people with epilepsy wouldn't even recommend that.

And oh hi thar Bliss

I'll be wearing this black shirt for the funeral...

Source: http://www.threadless.com/product/2386/ … =slashfilm

If they could only do it without the glasses it would help but then there's still the problem when they force it on movies and don't do a good job at it (so even without the glasses it still sucks). It's like Hollywood found a new drug and they can't stop.

Expensive? They have similar pricing on softlayer except their cloud layer service offers more cheaper solutions but with lower hardware specs. For example...

Softlayer Dedicated Server

• Dual Core

• 2 GB RAM

• $159

Softlayer Cloudlayer Server

• Dual Core

• 2 GB RAM

• $159

Also in related news about cloud services. It seems some big names are doing it as well like NASA, Intel, AMD. Check it out http://www.informationweek.com/news/smb … ction=News

Awhile ago, at work I had to setup specialized routing to remote servers from our local server. This, at the time, was my first attempt to do something slightly advanced in iptables and it took about a month to figure out (which felt like an eternity). We even had an expert onsite helping me but apparently how to do this eluded him until I figured it out. I guess not everyone knows how to use iptables.

Our network setup is like this...
Internet <-> Linux Router <-> Local Network <-> Local Server

A cheap home wireless router has the ability to do this easily via port redirection. We had a server acting as a Linux router but with no GUI so it had to be done in iptables. This is how I figured it out and how to do it...

iptables -t nat -A PREROUTING -i $EXT_IFACE1 -p tcp -d 33.33.33.33 -s 69.69.69.69 --dport 1415 -j DNAT --to-destination 10.2.0.222
iptables -t nat -A POSTROUTING -o $EXT_IFACE1 -p tcp -s 10.2.0.222 --dport 1415 -j SNAT --to-source 33.33.33.33

That will effectively redirect traffic to an internal networked machine. However, in our case this wasn't enough because our internal machine has no internet access. The work around is to make the router your gateway by manipulating both source and destination because both can see the router. To do this, two more rules have to be applied which a cheap wireless router can not do...

iptables -t nat -A PREROUTING -i $EXT_IFACE1 -p tcp -d 33.33.33.33 -s 69.69.69.69 --dport 1415 -j DNAT --to-destination 10.2.0.222
iptables -t nat -A POSTROUTING -o $INT_IFACE1 -p tcp -s 69.69.69.69 --dport 1415 -j SNAT --to-source 10.2.0.1
iptables -t nat -A PREROUTING -i $INT_IFACE1 -p tcp -d 10.2.0.1 -s 10.2.0.222 --dport 1415 -j DNAT --to-destination 69.69.69.69
iptables -t nat -A POSTROUTING -o $EXT_IFACE1 -p tcp -s 10.2.0.222 --dport 1415 -j SNAT --to-source 33.33.33.33

• Example IP addresses only...

• Remote Server = 69.69.69.69

• Our External IP = 33.33.33.33

• Linux Router = 10.2.0.1

• Local Server = 10.2.0.222

In the example above, on the first rule, we're trying to detect if anything is coming in from that remote server IP and on that port. If so, we change its destination from the external IP to a local server IP on our network.

The next challenge I had to change the incoming source IP to be the Linux router's IP. So now we have all incoming traffic from a specific IP on a specific port being manipulated so its source/destination IP have been changed. Example...

Packet A - destination 33.33.33.33 port 1415 source 69.69.69.69
Packet A (manipulated) - destination 10.2.0.222 port 1415 source 10.2.0.1

To complete a roundtrip we simply detect if any outgoing traffic is coming from a specific local IP and port and manipulate its source/destination IP back to what it should be. Example...

Packet B - destination 10.2.0.1 port 1415 source 10.2.0.222
Packet B (manipulated) - destination 69.69.69.69 port 1415 source 33.33.33.33

It's simple now that I look at it and easy too understand how to change a few numbers around to do what's needed like doing port redirection (the simplier version above).

There is a tool called GDB (GNU Project Debugger, type man gdb for more info) that can help you identify the last problematic plugin/library/etc. before the crash. Valve has the option available as -debug but I'm not familiar with how effective it is versus this method. I assume you are logged into the correct user before doing this (SSH into it with Putty or something).

1. Make sure the LD_LIBRARY_PATH is set. If not you can probably type something like this...
   

   export LD_LIBRARY_PATH=".:bin:$LD_LIBRARY_PATH"

2. Run the gdb command...
   

   gdb srcds_linux

3. Type run in the gdb and feed it the arguments to run srcds_linux...
   

   run -console -game tf +ip XXX.XXX.XXX.XXX -port 27015 +maxplayers 32 +exec server.cfg -tickrate 66 +map cp_dustbowl

Now play the game like normal but keep watching that session you have opened at the same time. If it crashes, you can bet that something more useful will be shown there than the log files elsewhere.

If you don't want to use GDB yet then you can check the log files in ~/srcds_l/orangebox/tf/logs and ~/srcds_l/orangebox/tf/addons/sourcemod/logs and look for the times relevant to crash. For example browse to the sourcemod logs and type...

grep "07/11/2010 - 17:5" *.log

This will find all log lines on that date and in the past 10 minutes of hour 17:50-17:59.

This is just the air theme using the older fluxbb mercury color scheme instead. I like the air theme but wanted something darker.

To install simply extract into your forums style folder. Easy 8)

You may or may not know that you can use Linux as a router to balance traffic between two or more internet providers. The more official explanation on how is located at http://lartc.org/lartc.html#LARTC.RPDB.MULTIPLE-LINKS. Using this you create a table for each ISP and define its routing. From there you define how to balance traffic across those tables or in other words, define which ISP you'll be using.

In our case we manipulated the balance of traffic so that everything goes across one table (or one ISP) except traffic going to a specific IP which will then go across a different table (different ISP). This effectively makes certain sites have priority to go across a faster internet line so that people at work get faster access to the sites they need.

We can manually add/remove/change IP addresses on the fly to dictate which ISP we want it to use. The problem is that the routing becomes cached so if you do not clear that cache, then adding a new IP address will not change which ISP it'll use. Here is a tip on how to identify and solve this problem...

[root@natny ~]# ip route show cache 123.123.123.123
123.123.123.123 from 10.2.0.135 via 88.88.88.88 dev eth2  src 10.2.0.1
    cache <src-direct>  mtu 1500 advmss 1460 hoplimit 64 iif eth0
123.123.123.123 from 10.2.0.3 via 88.88.88.88 dev eth2 src 10.2.0.1
    cache <src-direct>  mtu 1500 advmss 1460 hoplimit 64 iif eth0
[root@natny ~]# ip route flush cache
[root@natny ~]# ip rule add to 123.123.123.123 table T1

In the above example if you manually use ip rule add before flushing cache then it won't go across T1 which is eth1 (one ISP) because cache says T2 which is eth2 (another ISP) is where that IP will go for those two users using the network.

Another concern of mine was knowing if this setup was actively working. How can one tell? Well one way is to ssh into a remote server you specified to a table (or ISP).

aww_man@pileofdirt ~
$ ssh randomserver
[aww_man@randomserver ~]$ who
aww_man pts/0        2010-07-06 11:19 (88.88.88.88)
[aww_man@randomserver ~]$

In the above example, the IP shown in the curly brackets is the IP you want to check for to see if you're going across the right ISP. Another way to test is to use something like whatismyip.org and make its IP go across a certain table. Then when you visit the site it should report your external IP of the right ISP.

You can also monitor if the line is actively being used. Linux has a few tools installed by default like tcpdump but I like using another one you have to download separately called bwm-ng (http://www.gropp.org/?id=projects&sub=bwm-ng). I like this one because of its simple output shown in the example below.

We also have speed limits put in place and this example above helps determining if those limits are working. A very nice script that can implement the limits is found at http://lartc.org/wondershaper/. This is great for asynchronous lines because if you max out your upload speed you will effectively cripple the download speed and thus everyone else who is sharing that line. So we use this to place a cap on these lines.

Using the wondershaper script you can also tell if speed limits are working by typing something like "tc -s qdisc ls dev eth2" or using the script itself by typing "./wondershaper_modified.htb status" and the script even has a stop function "./wondershaper_modified stop"

My next issue was finding out where this bandwidth is going. I needed to know at times if there is someone hogging the internet line and what they were doing with it. I also needed to know if certain sites should have higher or lower priority. So to find this info out you can just simply use a tool called ntop (http://www.ntop.org).

After installing it, you can start it by typing something like "ntop -w 3000 -i eth0" where eth0 is our local network. Afterwards open your browser to its internal IP (i.e. http://10.2.0.1:3000). Then click IP navigation -> Traffic Direction -> Local to Remote and you'll find who's hogging bandwidth and what they're doing online. Or click IP Navigation -> Summary -> Internet Domain and you can sort these by traffic sent/received to determine if anything needs higher priority on the wondershaper script or lower priority like youtube.com. Press "ctrl + c to stop ntop as you won't want it running all day if only doing quick checks.

So there you have it. Many tips but no idea how to really set this all up However as I said I'll explain how to set it up more in the next post or maybe split that up into parts.