MacBook10,1 ubench

Model Name: MacBook
Model Identifier: MacBook10,1
Processor Name: Intel Core i7
Processor Speed: 1.4 GHz
Number of Processors: 1
Total Number of Cores: 2
L2 Cache (per Core): 256 KB
L3 Cache: 4 MB
Memory: 16 GB
Boot ROM Version: MB101.0161.B00
SMC Version (system): 2.42f10

Unix Benchmark Utility v.0.3
Copyright (C) July, 1999 PhysTech, Inc.
Author: Sergei Viznyuk
Darwin 17.6.0 Darwin Kernel Version 17.6.0: Tue May 8 15:22:16 PDT 2018; root:xnu-4570.61.1~1/RELEASE_X86_64 x86_64
Ubench CPU: 1282985
Ubench MEM: 648806
Ubench AVG: 965895

#intel-core-m-processor-speed, #macbook, #ubench

FreeBSD driver for USB Ethernet adapter

# uname -sr

# usbconfig
ugen6.2:  <Realtek USB 101001000 LAN> at usbus6, cfg=1 md=HOST spd=HIGH (480Mbps) pwr=ON (200mA)

# usbconfig dump_device_desc
ugen6.2:  <Realtek USB 101001000 LAN> at usbus6, cfg=1 md=HOST spd=HIGH (480Mbps) pwr=ON (200mA)

  bLength = 0x0012
  bDescriptorType = 0x0001
  bcdUSB = 0x0210
  bDeviceClass = 0x0000  <Probed by interface class>
  bDeviceSubClass = 0x0000
  bDeviceProtocol = 0x0000
  bMaxPacketSize0 = 0x0040
  idVendor = 0x0bda
  idProduct = 0x8153
  bcdDevice = 0x3000
  iManufacturer = 0x0001  <Realtek>
  iProduct = 0x0002  <USB 10/100/1000 LAN>
  iSerialNumber = 0x0006 <000001>
  bNumConfigurations = 0x0002

# kldload if_cdce

# ifconfig ue0
ue0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500

#freebsd, #if_cdce

使用 dnsmasq 和 dnscrypt 构建一个干净的域名服务器


  • unbound:由于 dnsmasq 的性能可能较为低下,因此增加 unbound 作为缓存。
  • dnsmasq:通过规则将 gfwlist 内的域名的解析转发给 dnscrypt 来处理。
  • dnscrypt:穿越防火墙向 dnscrypt resolver 请求域名解析。


  • FreeBSD 11.1-RELEASE-p4
  • ezjail-3.4.2
  • dnscrypt-proxy-1.9.5_3
  • dnsmasq-2.78,1
  • unbound-1.6.8
  • bind-tools-9.11.2P1

使用了 ezjail 来管理 jails,dnscrypt(IP:、dnsmasq(IP:、unbound(IP: 分别安装于独立的 jail 中。
bind-tools 提供了一组 DNS 工具,比如 nslookup、dig 等可用于测试。

dnscrypt 的安装与配置

pkg install dnscrypt-proxy
sysrc dnscrypt_proxy_enable=”YES”
sysrc dnscrypt_proxy_resolver=”ipredator”
service dnscrypt-proxy start

更多的 dnscrypt resolvers 可以从 /usr/local/share/dnscrypt-proxy/dnscrypt-resolvers.csv 里找到。

dnsmasq 的安装与配置

pkg install dnsmasq
sysrc dnsmasq_enable=”YES”
service dnsmasq start

修改 /usr/local/etc/dnsmasq.conf 确保其包含了下面的配置:


使用 gfwlist2dnsmasq.awk 定时更新 /usr/local/etc/dnsmasq.d/gfwlist.conf。在 /etc/crontab 里添加:

30      2       *       *       *       root    /usr/local/bin/ -h -p 53 -S -u /usr/local/etc/user_rule.txt > /dev/null 2>&1

unbound 的安装与配置

pkg install unbound
sysrc unbound_enable=”YES”
service unbound start

/usr/local/etc/unbound/unbound.conf 内相应的位置添加如下配置:

	access-control: allow
	name: .


root@unbound:~ # diff -ruN /usr/local/etc/unbound/unbound.conf.sample /usr/local/etc/unbound/unbound.conf
--- /usr/local/etc/unbound/unbound.conf.sample  2018-01-20 01:09:20.000000000 +0000
+++ /usr/local/etc/unbound/unbound.conf 2018-02-10 03:09:24.140462000 +0000
@@ -231,6 +231,7 @@
        # access-control: ::0/0 refuse
        # access-control: ::1 allow
        # access-control: ::ffff: allow
+       access-control: allow
        # tag access-control with list of tags (in "" with spaces between)
        # Clients using this access control element use localzones that
@@ -807,6 +808,9 @@
 # forward-zone:
 #      name: ""
 #      forward-host:
+       name: .
+       forward-addr:
 # Views
 # Create named views. Name must be unique. Map views to requests using

pf 的配置

转发到外部 IP 地址端口 53 的请求到 unbound 的 jail,示例配置:

rdr pass on $ext_if proto tcp from any to $ext_ip port 53 ->
rdr pass on $ext_if proto udp from any to $ext_ip port 53 ->


dig +short @


#dnscrypt, #dnsmasq, #ezjail, #freebsd, #gfwlist2dnsmasq-awk, #pf, #unbound

How to disable xconsole

uname -sr

pkg info -E xdm

sudo diff -ruN /usr/local/etc/X11/xdm/xdm-config.sample /usr/local/etc/X11/xdm/xdm-config
--- /usr/local/etc/X11/xdm/xdm-config.sample 2018-02-08 11:44:17.578118000 +0800
+++ /usr/local/etc/X11/xdm/xdm-config 2018-02-08 17:15:01.893621000 +0800
@@ -22,9 +22,9 @@
DisplayManager*reset: /usr/local/etc/X11/xdm/Xreset
DisplayManager*authComplain: true
! The following three resources set up display :0 as the console.
-DisplayManager._0.setup: /usr/local/etc/X11/xdm/Xsetup_0
-DisplayManager._0.startup: /usr/local/etc/X11/xdm/GiveConsole
-DisplayManager._0.reset: /usr/local/etc/X11/xdm/TakeConsole
+#DisplayManager._0.setup: /usr/local/etc/X11/xdm/Xsetup_0
+#DisplayManager._0.startup: /usr/local/etc/X11/xdm/GiveConsole
+#DisplayManager._0.reset: /usr/local/etc/X11/xdm/TakeConsole
DisplayManager.*.authName: MIT-MAGIC-COOKIE-1
DisplayManager*loginmoveInterval: 10
! SECURITY: do not listen for XDMCP or Chooser requests

#freebsd, #xdm

DELL Inspiron 1420 ubench

CPU: Intel® Core(TM)2 Duo CPU T5250 @ 1.50GHz (1496.29-MHz K8-class CPU)
Memory: 4096 MB

Unix Benchmark Utility v.0.3
Copyright © July, 1999 PhysTech, Inc
Author: Sergei Viznyuk
FreeBSD 11.1-RELEASE-p1 FreeBSD 11.1-RELEASE-p1 #0: Wed Aug 9 11:55:48 UTC 2017 amd64
Ubench CPU: 173693
Ubench MEM: 185418
Ubench AVG: 179555



I believe that every dream has its own nightmare, just like sun creates its own shadow.

And I believe that the biggest your dream is and hide your hope, the more severely you may fall.

It’s good to have a dream, but in order to pursue this dream to achieve what we deserve, we will hurt and be hurt, damage and be damaged.

At last, the dreamer would ask himself, that if he is willing to take this chance, that if he is willing to make this sacrifice?

So, the most important thing is not to have a dream, but to have the guts to face the nightmare, that is created by the dream.

He who fights with monsters might take care of lest he thereby become a monster.

And, when you gaze long into an abyss, the abyss also gaze into you.

Until then, do you still have the guts to gaze back into it, or even jump get through, jump into it?

Finding foreign keys that are missing indexes


在 bananian 上安装配置 Tor

本文假设已经在 Banana Pi R1 上安装了 bananian version: 16.04 (released 2016-04-23) 并运行了监听于 的 Socks5 代理服务器,且其内网 IP 地址为。


apt install tor
apt install tor-geoipdb


在文件 /etc/tor/torrc 添加如下内容:

ExcludeNodes {cn},{hk},{mo},{kp},{ir},{sy},{pk},{cu},{vn}
StrictNodes 1




在浏览器等上设置使用 SOCKS v5 代理服务器,主机为,端口为 9050。

#banana-pi-r1, #bananian, #bpi-r1, #debian, #jessie, #socks5, #tor

在 Banana Pi R2 上安装 Ubuntu 并设置 NAT、DNS 缓存服务器和 DHCP 服务器



解压缩 zip 文件


dd 到 SD 卡

下面的命令是在 macOS 上的示例,其它操作系统请自行修改。

列出磁盘以便找到 SD 卡对应的设备路径

diskutil list

unmount disk

注意替换下面的 diskN。

diskutil unmountDisk diskN

注意替换下面的 diskN,且 of 参数不要写错,否则 of 参数所指磁盘数据会丢失。

sudo dd if=2017-09-04-ubuntu-16.04-mate-desktop-bpi-r2-sd-emmc-v1.2.0.img of=/dev/diskN bs=1m conv=sync


将 SD 卡插入 Banana Pi R2,按住电源按钮几秒钟,直到电源插孔旁边的三个指示灯中间那个红灯长时间亮起。

电源按钮按下时,标有 R、G、B 的三个指示灯会长时间亮起;按下约8秒,标有 B 的指示灯熄灭,电源插孔旁的蓝色和绿色指示灯依次闪烁一下后,紧挨的红色指示灯长时间亮起,此时保持电源按钮按下约1秒后,接在 HDMI 接口的显示屏上会有内容显示,此时可以松开电源按钮。

操作系统默认用户名/密码为 pi/bananapi 和 root/bananapi。


添加文件 /etc/network/interfaces.d/eth0,内容为:

auto eth0
iface eth0 inet static

执行下面的命令使得上述对网络接口 eth0 的配置生效:

service networking restart

允许 IPv4 转发

添加文件 /etc/sysctl.d/60-ipv4-forward.conf,内容为:


并执行下面的命令使得 IPv4 转发生效:

service procps start

(或者每次开机后都执行命令 echo 1 > /proc/sys/net/ipv4/ip_forward。)

配置 iptables

iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
iptables -A FORWARD -i eth1 -o eth0 -m state –state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT

注意这些 iptables 的设置在操作系统重启后并不会保持。可以使用 iptables-save、iptables-restore 和 iptables-persistent 来转存、恢复和持久化 iptables 规则。

安装 iptables-persistent

apt install iptables-persistent netfilter-persistent

安装结束后会询问是否保存 iptables 规则,选择保存就可以了。它将规则保存于目录 /etc/iptables/。
在修改了 iptables 规则后,需要重新保存,可使用命令:

service netfilter-persistent save

安装和配置 DNS 缓存服务器和 DHCP 服务器

安装 dnsmasq

apt install dnsmasq

添加文件 /etc/dnsmasq.d/dhcp.conf,内容为:


使用如下命令重启 dnsmasq 使得 dhcp-range 配置生效:

service dnsmasq restart

#banana-pi-r2, #bpi-r2, #dhcp, #dnsmasq, #iptables, #iptables-persistent, #linux, #nat, #netfilter-persistent


Incorrect key file for table ‘/var/db/mysql_tmpdir/#sql3cce_1_3.MYI’; try to repair it

MySQL 报这样的错误有可能是因为 max_heap_table_size 或 tmp_table_size 设置得太小了。