在Debian Linux下编译第一个objc程序

八月 12th, 2010 Posted in 开发
No Comments

 

首先,我们要安装相应的程序:

apt-get install gcc gobjc gcc g++ gnustep libgnustep-gui-dev

然后编写一个hello.m文件:

连hello.m都是抄来的,哈哈,程序如下:

#import <Foundation/Foundation.h>

@interface HelloWorld : NSObject

- (void) hello;

@end

@implementation HelloWorld

- (void) hello {

NSLog(@”hello world!”);

}

@end

int main(void) {

HelloWorld *hw = [[HelloWorld alloc] init];

[hw hello];

[hw release];

}

然后就是编译了:

编译成.o文件:

gcc -fconstant-string-class=NSConstantString -I /usr/include/GNUstep/ -c hello.m

链接:

gcc hello.o -o hello -lgnustep-base

一些方便的设置:

在bashrc中添加一条:

alias objcc=’gcc -fconstant-string-class=NSConstantString -I /usr/include/GNUstep/ -lgnustep-base’

以上命令就简化啦:

objcc –o hello hello.m

运行:

$ ./hello

2010-08-12 01:03:23.930 hello[1642] hello world!

Read More

virtualbox port forwarding

七月 31st, 2010 Posted in 软件使用
No Comments

copied from the manual….

As the virtual machine is connected to a private network internal to VirtualBox and invisible to the host, network services on the guest are not accessible to the host machine or to other computers on the same network. However, like a physical router, VirtualBox can make selected services available to the world outside the guest through port forwarding. This means that VirtualBox listens to certain ports on the host and resends all packets which arrive there to the guest, on the same or a different port.

To an application on the host or other physical (or virtual) machines on the network, it looks as though the service being proxied is actually running on the host. This also means that you cannot run the same service on the same ports on the host. However, you still gain the advantages of running the service in a virtual machine — for example, services on the host machine or on other virtual machines cannot be compromised or crashed by a vulnerability or a bug in the service, and the service can run in a different operating system than the host system.

You can set up a guest service which you wish to proxy using the command line tool VBoxManage; for details, please refer to the section called “VBoxManage modifyvm”.

You will need to know which ports on the guest the service uses and to decide which ports to use on the host (often but not always you will want to use the same ports on the guest and on the host). You can use any ports on the host which are not already in use by a service. For example, to set up incoming NAT connections to an ssh server in the guest, use the following command:

VBoxManage modifyvm "VM name" --natpf1 "guestssh,tcp,,2222,,22"

With the above example, all TCP traffic arriving on port 2222 on any host interface will be forwarded to port 22 in the guest. The protocol name tcp is a mandatory attribute defining which protocol should be used for forwarding (udp could also be used). The name guestssh is purely descriptive and will be auto-generated if omitted. The number after --natpf denotes the network card, like in other parts of VBoxManage.

To remove this forwarding rule again, use the following command:

VBoxManage modifyvm "VM name" --natpf1 delete "guestssh"

If for some reason the guest uses a static assigned IP address not leased from the built-in DHCP server, it is required to specify the guest IP when registering the forwarding rule:

VBoxManage modifyvm "VM name" --natpf1 "guestssh,tcp,,2222,10.0.2.19,22"

This example is identical to the previous one, except that the NAT engine is being told that the guest can be found at the 10.0.2.19 address.

To forward all incoming traffic from a specific host interface to the guest, specify the IP of that host interface like this:

VBoxManage modifyvm "VM name" --natpf1 "guestssh,tcp,127.0.0.1,2222,,22"

This forwards all TCP traffic arriving on the localhost interface (127.0.0.1) via port 2222 to port 22 in the guest.

It is not possible to configure incoming NAT connections while the VM is running. However, you can change the settings for a VM which is currently saved (or powered off at a snapshot).

Read More

debian linux 配置ipsec l2tp PSK

五月 9th, 2010 Posted in linux
No Comments

PSK=windows中说的预共享密钥

折腾了一天多,总结一下。一个字:日!

pptp的配置比较简单,三两个就折腾出来了。l2tp配置文章较少,大都说得很轻松的样子。实际上如果环境顺利,也不需要折腾这么久,只是。。。。。

先说下总结出来的步骤:(实验环境debian 192.168.163.133  xp 192.168.1.200 都在vm里)

编辑 /etc/sysctl.conf 启用 ipv4 forward.  
sysctl –p 应用

安装组件
apt-get install pptpd l2tpd openswan ipsec-tools

修改 /etc/ipsec.secrets,设置PSK。
192.168.163.133  %any: PSK “12345678″

修改 ipsec.conf

Copy /etc/ipsec.d/examples/l2tp-psk.conf 的两个conn段配置

修改:

gateway
….
rightprotoport=17/%any

修改/etc/xl2tp/xl2tp.conf

[global]
port = 1701
[lns default]
ip range = 192.168.254.20-192.168.254.255
local ip = 192.168.254.2
require chap = yes
refuse pap = yes
require authentication = yes
name = pandora
pppoptfile = /etc/ppp/options.l2tpd.lns
flow bit = yes

创建 /etc/ppp/options.l2tpd.lns

ms-dns 8.8.8.8
ms-dns 208.67.222.222

重启服务。以上实际上就是顺利情况下要做的事情了。

但我折腾了一天多!因为….

rightprotoport=17/%any这一句,默认是rightprotoport=17/0

此时会出错,啥也连不上,改成%any,折腾了好久想到要改这里,改成%any,还是不行,改成17/1701,好,终于行了。

换到正式环境,还是不行。最终tcpdump发现,写成17/1701,则只有公网IP才能连上服务器!

准确的说,也不是公网IP,而是服务器的包要发回到源IP的1701端口,发得通才能连上。所以实验环境的两相同子网虚拟机可连。

正式环境里用公网IP不用家里路由器拨号可连。但在内网就不可连。所以写成17/1701是太不好用了。但写成%any或0都不可以。

实验环境的debian和正式环境的ubuntu都验证了这一现象。

改了配置查了错误数据,是这样的提示:

control_finish: Peer requested tunnel 56 twice, ignoring second one.

搜一下这个错误,网上有很多难兄难弟,但基本都没个结论。比如这位仁兄:http://bbs.chinaunix.net/viewthread.php?action=printable&tid=1422551

为什么?不得不怀疑是BUG!apt-get remove  openswan。下载最终版编译安装。17/%any好了。也就是说:

debian和unbuntu的openswan 2.6.23+dfsg-1 有严重bug, rightprotoport=17/0和rightprotoport=17/%any不能用!

 绝大多数时间就耗在斗争这个问题了。而且换成最新版的openswan 2.6.25之后,rightprotoport=17/0还是不能工作!只是17/%any可以了。

中间还出现过别的问题 ,在配置 /etc/ppp/options.l2tpd.lns 时,win7突然连不上服务器了,XP可以。怎么配来配去甚至配回去都不行。无耐重启WIN7,还是不行。再重启了服务,终于行了。看来这个鬼服务一点鲁棒性也没有。

不过,即使是最终配到现在,也还是有一个问题没有解决。那就是,同一个内网里,只有一个设备可以连接。WIN7上去了,XP就上不去了,反之同样。还好我的目的是给手机用,此问题暂时忽略。不过还是很不爽,这意味着在公司,我不能把这个设置告诉别人了,因为大家在同一内网,别人一连L2tp,我就连不了了。只能让别人连pptp。如果有哪位知晓,请回复告之。

todo:view this.

Read More

用vs2010自带工具制作文件证书

五月 8th, 2010 Posted in 开发
No Comments

以便给自己的程序签名,呵呵。

当然,这样签 发的程序在别人那是不被信任的。除非把自己的根证书给别人安装。

用命令行,使用如下命令:

makecert  -pe -ss swigger -n “CN=swigger.net” -sv swigger_root.pvk -r swigger_root.cer

这里会弹出框要求密码,输入密码 root_pwd 或其它密码。共输入3次,前两次设置,后一次验证。

makecert -is swigger -n “CN=swigger file sign” -$ commercial -ic swigger_root.cer -sv fs.pvk fs.cer

这里继续弹出要密码,设置为 pwd2 或其它密码。共输入三次,两次设置,一次确认。还会弹出第四次要密码,要输入上一步设置的密码 root_pwd (或其它值)。

cert2spc fs.cer fs.spc

以下两条命令的pwd2是第二步设置的密码,如果不是pwd2,要换成其它值。

pvk2pfx -pvk fs.pvk -pi pwd2 -spc fs.spc -pfx fs.pfx -f

signtool sign /t http://timestamp.verisign.com/scripts/timstamp.dll  /v  /f fs.pfx /p pwd2  filename.exe

签名完成后,把swigger_root.cer安装到受信用的根证书,就显示文件正常签名了。

Read More

中国大陆所有IPV4列表

五月 7th, 2010 Posted in 日经
2 Comments »

见: http://ipwhois.cnnic.cn/ipstats/detail.php?obj=ipv4&country=CN

这个很重要,先记下。稍候出一份整理好的。

update: http://code.google.com/p/chnroutes/   不用自己操刀了,哈哈。

Read More

移动XP不欢迎的驱动

四月 25th, 2010 Posted in 软件使用
2 Comments »

1. iastor.sys  。这是某些机器上的SATA驱动,没它不行,但这个驱动存在一个BUG,如果没有合适的硬件,加载它就可能会导致系统蓝屏。因此把它集成到WINXP的安装盘,安装系统时,在另一种硬件下,集成的安装盘就不能用了,会蓝屏死机。解决办法:修改iastor.sys,把引发蓝屏的那一条释放内存语句跳过。可能会造成一点点内存泄漏,但这无所谓了。

2. intelppm。intel CPU的驱动。换到amd下时,它会引发蓝屏。解决办法:sc config intelppm start= demand 。 设为手动启动。

此外,遇到一个问题,系统设置的分辨率太高,启动的显示器提示分辩率太高,看不到任何东西。这样也无法修改分辨率。。。解决办法:启动到PE,挂接注册表。删除相关的硬件配置:
\SYSTEM\ControlSet001\Control\Video
\SYSTEM\ControlSet001\Hardware Profiles\000?\System\CurrentControlSet\Control\VIDEO

Read More

为android 生成 native 程序

四月 11th, 2010 Posted in 开发
2 Comments »

 

为android生成原生应用程序,不难啊。
初始条件:安装android的ndk,比如目前最新的 android-ndk-r3。(2010-03版)
我的目录结构:
~/android-ndk-r3
~/android-ndk-r3/temp  这个是当前工作目录。

Step1: 写两个文件:
hello.c:

#include <stdio.h>

int main()
{
    printf("hello, world\n");
    return 0;
}

start.c

#include <stdlib.h>
extern int main(int argc, char **argv);

void _start(int argc, char **argv)
{
    exit (main (argc, argv));
}

Step2: compile

../build/prebuilt/linux-x86/arm-eabi-4.2.1/bin/arm-eabi-gcc \
-I ../build/platforms/android-3/arch-arm/usr/include/  -c hello.c
../build/prebuilt/linux-x86/arm-eabi-4.2.1/bin/arm-eabi-gcc \
-I ../build/platforms/android-3/arch-arm/usr/include/  -c start.c

Step3: link

../build/prebuilt/linux-x86/arm-eabi-4.2.1/bin/arm-eabi-ld --entry=_start \
--dynamic-linker /system/bin/linker -nostdlib     -rpath /system/lib  \
-L ../build/platforms/android-3/arch-arm/usr/lib/  \
-rpath ../build/platforms/android-3/arch-arm/usr/lib/    \
-lc -o hello hello.o start.o

Step4: execute:

adb push hello /data/hello
adb shell
cd /data
chmod 755 ./hello
./hello
hello, world

值得注意的一点是,在/sdcard目录下,程序运行不起来。我一开始还以为是没编好呢。后来扔到/data目录下,才成功跑起来。

Read More

添加了ssl证书,已经支持https

四月 4th, 2010 Posted in 日经
No Comments

去startssl 申请了一个证书。这个地方注册时一定要注意填真实信息,第一次填的有些是假的,结果要人工审核,一审核就挂了,后来换真实的一注册,就不用人工审,通过了。看来它里面有一些自动判定,对值得怀疑的要人工审核。

通过后验证email,验证网站,然后在控制面板的第二个tab就可以生成证书文件ssl.crt了。

打开hm里的cpannel里的SSL管理器,

把privatekey上传(其实我不知道这个要不要上传)

把ssl.crt上传,另外还要把startssl的根证书也一起上传(hm把这个叫做CA bundler)。

然后发ticket叫HM安装,装完就好了。

一开始我没有上传根据书,hostmonster的客服就让我上传CA bundler,我也不知道这个是啥,只是分析猜测是根证书,所以就上传了,结果是猜对了。

HM的客服安装完后,https就可以用了。呵呵,不过目前还不知道要拿来干嘛,纯粹研究一下。

Read More

卡住在 “setup is starting windows” 时的问题

三月 29th, 2010 Posted in boot
No Comments

用2003的setupldr.bin加载ram盘做XP的一些启动时发现,老是卡死在

“setup is starting windows” 这里,永远也不会恢复。

N天都无果,今天无意中发现,原来是必须是用windows 2003 sp1的setupldr.bin才行。sp2的就不行。

ramdisk.sy_ 倒是好像可以随意。

so, you must use win2k3sp1 ‘s sutupldr.bin to avoid hangs on “setup is starting windows”.

Read More

调试XP/2k3的安装过程

三月 28th, 2010 Posted in 开发
No Comments

 在安装的源盘根目录提供一个winnt.sif,写上:

[SetupData]
OsLoadOptions = “/noguiboot /fastdetect /debug /debugport=com1 /baudrate=115200 /break”

即可。

不过XP的setupldr.bin不支持这个,要win2k3的才行。(推荐sp1。sp2加载ramdisk有卡住bug)

Read More
Older Entries