Configure iptables for PPTPD on CentOS 6

Rules in bold are essential. #!/bin/bash # Set defaults. Be careful with -F and -X they will reset your iptable rules. # iptables -F # iptables -X iptables -A OUTPUT -j ACCEPT iptables -A FORWARD -j ACCEPT iptables -A INPUT -j DROP iptables -A INPUT -i lo -j ACCEPT # Accept established sessions iptables -A INPUT -m state –state RELATED,ESTABLISHED -j ACCEPT # Allow Pings. # iptables -A INPUT -p icmp -j ACCEPT # Allow SSH # iptables -A INPUT -p tcp –dport 22 -j ACCEPT # Allow PPTP Control connection iptables -A INPUT -p tcp –dport 1723 -j ACCEPT # Allow GRE iptables -A INPUT -p gre -j ACCEPT # NAT for PPTP clients connectivity iptables -t nat -A POSTROUTING -j SNAT Read More

SSH tunnelling – TCP port forward from local dev to public facing ssh server

A little bg story: I’m writing a rails app, which is hosted inside the corporate network, and no incoming traffic is permitted. I need to expose the internal port 3000 to the public. Short answer: SSH forwarding. [crayon-5ceb46f920aa4160357622/] For some reason, the forwarding only works when I set both the local and remote port as 3000. There is one more thing you need to do to enable this. SSH doesn’t by default allow remote hosts to forwarded ports. To enable this open /etc/ssh/sshd_config and add the following line somewhere in that config file. [crayon-5ceb46f920aad916181947/] Make sure you add it only once! [crayon-5ceb46f920ab1781217456/] And restart Read More

Enable apt-X on OSX Yosomite for bluetooth headphones

So I noticed that my Sony MDR-1RBT is not working on aptX codec, did some searches and here are the steps to get aptX codec capability. 1. Download the io tool: https://developer.apple.com/downloads/index.action?name=bluetooth%20explorer 2. Bluetooth Explorer -> Tool -> Audio Options: Force use of aptX 3. Reconnect your bluetooth headphone To enable aptX on the headphone, press volume + and power for two seconds when powering on. The blue indicator will blink 3 times when on aptX mode. Read More

EMACS快速入门

简介 emacs 是Unix上的编辑器佼佼者,在命令列上打个”emacs”就好了,一上来只是提示, 你要先开个新档并且给档名才会到这个档的编辑缓冲区(buffer)。另外如果不想用 window模式,例如有时网络很慢,或者没有X的显示允许权,可以用emacs -nw启动 terminal模式。 其实在X下他也有选单(menu)可以用,不需要背命令,背那些热键(Hotkey),虽然我 有一些朋友就这样用,不过我还是要说这样无法发挥他应有的功能。由于来往两个 模式太麻烦,所以我们有热键这个东西,在文字输入模式下,按个热键就可以完成 Read More

网页提示“证书错误:导航已阻止”,无法跳转解决办法。

在访问公司内网的时候,出现如图所示的提示,显示“证书错误:导航已阻止”,点击“继续浏览此网站”后没反应,无法跳转。 经研究发现,是微软在其一个补丁当中对证书的密钥长度做了限制,长度小于128bit(位)的密钥将被阻止而无法继续运行。当然,这是对用户安全的考虑。但是对于完全信任的密钥长度小于128bit的证书,我们还是需要用的。这里,微软也给出了解决办法。 微软补丁名称:KB2661254 参考页面:http://support.microsoft.com/kb/2661254 解决办法: Read More

iPhone5/iPad Mini完美越狱工具下载及越狱步骤

iPhone 5/iPad Mini完美越狱工具终于于北京时间2月5日凌晨1点左右正式放出了!短短几分钟官网下载链接就被点爆无法下载,请点击文章微博的镜像地址下载越狱工具! 基本需求: 5 分钟的时间。 搭载 iOS 6.0 或 6.1 的苹果设备和数据线。 配备 USB 接口的 Windows / Mac OS X / Linux 计算机。 注意事项: 备份您的 iOS 设备,确保不会丢失数据。 取消您的设备密码,这可能会导致问题。 耐心等待,不要开启 iTunes 或 Xcode。 如果出现卡死情况,直接重启程序 / 设备。 其他建议: 抢先下载最新固件,以便恢复 / 升级设备。 注意备份 Read More