MacBook10,1 ubench

Model Name: MacBook
Model Identifier: MacBook10,1
Processor Name: Intel Core i7
Processor Speed: 1.4 GHz
Number of Processors: 1
Total Number of Cores: 2
L2 Cache (per Core): 256 KB
L3 Cache: 4 MB
Memory: 16 GB
Boot ROM Version: MB101.0161.B00
SMC Version (system): 2.42f10

Unix Benchmark Utility v.0.3
Copyright (C) July, 1999 PhysTech, Inc.
Author: Sergei Viznyuk
http://www.phystech.com/download/ubench.html
Darwin 17.6.0 Darwin Kernel Version 17.6.0: Tue May 8 15:22:16 PDT 2018; root:xnu-4570.61.1~1/RELEASE_X86_64 x86_64
Ubench CPU: 1282985
Ubench MEM: 648806
——————–
Ubench AVG: 965895

Advertisements

#intel-core-m-processor-speed, #macbook, #ubench

FreeBSD driver for USB Ethernet adapter

# uname -sr
FreeBSD 11.1-STABLE

# usbconfig
ugen6.2:  <Realtek USB 101001000 LAN> at usbus6, cfg=1 md=HOST spd=HIGH (480Mbps) pwr=ON (200mA)

# usbconfig dump_device_desc
...
ugen6.2:  <Realtek USB 101001000 LAN> at usbus6, cfg=1 md=HOST spd=HIGH (480Mbps) pwr=ON (200mA)

  bLength = 0x0012
  bDescriptorType = 0x0001
  bcdUSB = 0x0210
  bDeviceClass = 0x0000  <Probed by interface class>
  bDeviceSubClass = 0x0000
  bDeviceProtocol = 0x0000
  bMaxPacketSize0 = 0x0040
  idVendor = 0x0bda
  idProduct = 0x8153
  bcdDevice = 0x3000
  iManufacturer = 0x0001  <Realtek>
  iProduct = 0x0002  <USB 10/100/1000 LAN>
  iSerialNumber = 0x0006 <000001>
  bNumConfigurations = 0x0002
...

# kldload if_cdce

# ifconfig ue0
ue0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
...

#freebsd, #if_cdce

使用 dnsmasq 和 dnscrypt 构建一个干净的域名服务器

unbound+dnsmasq+dnscrypt

  • unbound:由于 dnsmasq 的性能可能较为低下,因此增加 unbound 作为缓存。
  • dnsmasq:通过规则将 gfwlist 内的域名的解析转发给 dnscrypt 来处理。
  • dnscrypt:穿越防火墙向 dnscrypt resolver 请求域名解析。

本文实验所使用的软件和版本

  • FreeBSD 11.1-RELEASE-p4
  • ezjail-3.4.2
  • dnscrypt-proxy-1.9.5_3
  • dnsmasq-2.78,1
  • unbound-1.6.8
  • bind-tools-9.11.2P1


使用了 ezjail 来管理 jails,dnscrypt(IP: 192.168.0.3)、dnsmasq(IP: 192.168.0.4)、unbound(IP: 192.168.0.5) 分别安装于独立的 jail 中。
bind-tools 提供了一组 DNS 工具,比如 nslookup、dig 等可用于测试。

dnscrypt 的安装与配置

pkg install dnscrypt-proxy
sysrc dnscrypt_proxy_enable=”YES”
sysrc dnscrypt_proxy_resolver=”ipredator”
service dnscrypt-proxy start

更多的 dnscrypt resolvers 可以从 /usr/local/share/dnscrypt-proxy/dnscrypt-resolvers.csv 里找到。

dnsmasq 的安装与配置

pkg install dnsmasq
sysrc dnsmasq_enable=”YES”
service dnsmasq start

修改 /usr/local/etc/dnsmasq.conf 确保其包含了下面的配置:

conf-dir=/usr/local/etc/dnsmasq.d/,*.conf

使用 gfwlist2dnsmasq.awk 定时更新 /usr/local/etc/dnsmasq.d/gfwlist.conf。在 /etc/crontab 里添加:

30      2       *       *       *       root    /usr/local/bin/gfwlist2dnsmasq.sh -h 192.168.0.3 -p 53 -S -u /usr/local/etc/user_rule.txt > /dev/null 2>&1

unbound 的安装与配置

pkg install unbound
sysrc unbound_enable=”YES”
service unbound start

/usr/local/etc/unbound/unbound.conf 内相应的位置添加如下配置:

	access-control: 0.0.0.0/0 allow
forward-zone:
	name: .
	forward-addr: 192.168.0.4

修改后的配置文件的差异如下:

root@unbound:~ # diff -ruN /usr/local/etc/unbound/unbound.conf.sample /usr/local/etc/unbound/unbound.conf
--- /usr/local/etc/unbound/unbound.conf.sample  2018-01-20 01:09:20.000000000 +0000
+++ /usr/local/etc/unbound/unbound.conf 2018-02-10 03:09:24.140462000 +0000
@@ -231,6 +231,7 @@
        # access-control: ::0/0 refuse
        # access-control: ::1 allow
        # access-control: ::ffff:127.0.0.1 allow
+       access-control: 0.0.0.0/0 allow
 
        # tag access-control with list of tags (in "" with spaces between)
        # Clients using this access control element use localzones that
@@ -807,6 +808,9 @@
 # forward-zone:
 #      name: "example.org"
 #      forward-host: fwd.example.com
+forward-zone:
+       name: .
+       forward-addr: 192.168.0.4
 
 # Views
 # Create named views. Name must be unique. Map views to requests using

pf 的配置

转发到外部 IP 地址端口 53 的请求到 unbound 的 jail,示例配置:

rdr pass on $ext_if proto tcp from any to $ext_ip port 53 -> 192.168.0.5
rdr pass on $ext_if proto udp from any to $ext_ip port 53 -> 192.168.0.5

测试

dig +short @192.168.0.5 www.google.com
216.58.207.196

参考

#dnscrypt, #dnsmasq, #ezjail, #freebsd, #gfwlist2dnsmasq-awk, #pf, #unbound

How to disable xconsole

uname -sr
FreeBSD 12.0-CURRENT

pkg info -E xdm
xdm-1.1.11_8

sudo diff -ruN /usr/local/etc/X11/xdm/xdm-config.sample /usr/local/etc/X11/xdm/xdm-config
--- /usr/local/etc/X11/xdm/xdm-config.sample 2018-02-08 11:44:17.578118000 +0800
+++ /usr/local/etc/X11/xdm/xdm-config 2018-02-08 17:15:01.893621000 +0800
@@ -22,9 +22,9 @@
DisplayManager*reset: /usr/local/etc/X11/xdm/Xreset
DisplayManager*authComplain: true
! The following three resources set up display :0 as the console.
-DisplayManager._0.setup: /usr/local/etc/X11/xdm/Xsetup_0
-DisplayManager._0.startup: /usr/local/etc/X11/xdm/GiveConsole
-DisplayManager._0.reset: /usr/local/etc/X11/xdm/TakeConsole
+#DisplayManager._0.setup: /usr/local/etc/X11/xdm/Xsetup_0
+#DisplayManager._0.startup: /usr/local/etc/X11/xdm/GiveConsole
+#DisplayManager._0.reset: /usr/local/etc/X11/xdm/TakeConsole
DisplayManager.*.authName: MIT-MAGIC-COOKIE-1
DisplayManager*loginmoveInterval: 10
! SECURITY: do not listen for XDMCP or Chooser requests

#freebsd, #xdm

DELL Inspiron 1420 ubench

CPU: Intel® Core(TM)2 Duo CPU T5250 @ 1.50GHz (1496.29-MHz K8-class CPU)
Memory: 4096 MB

Unix Benchmark Utility v.0.3
Copyright © July, 1999 PhysTech, Inc
Author: Sergei Viznyuk
http://www.phystech.com/download/ubench.html
FreeBSD 11.1-RELEASE-p1 FreeBSD 11.1-RELEASE-p1 #0: Wed Aug 9 11:55:48 UTC 2017
root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64
Ubench CPU: 173693
Ubench MEM: 185418
——————–
Ubench AVG: 179555

#ubench

Dream

I believe that every dream has its own nightmare, just like sun creates its own shadow.

And I believe that the biggest your dream is and hide your hope, the more severely you may fall.

It’s good to have a dream, but in order to pursue this dream to achieve what we deserve, we will hurt and be hurt, damage and be damaged.

At last, the dreamer would ask himself, that if he is willing to take this chance, that if he is willing to make this sacrifice?

So, the most important thing is not to have a dream, but to have the guts to face the nightmare, that is created by the dream.

He who fights with monsters might take care of lest he thereby become a monster.

And, when you gaze long into an abyss, the abyss also gaze into you.

Until then, do you still have the guts to gaze back into it, or even jump get through, jump into it?

Finding foreign keys that are missing indexes

https://www.postgresql.org/message-id/BLU115-W30DAE79E6FD8AB13D1E970A6E90%40phx.gbl

#PostgreSQL