Monthly Archives: June 2013

This article describes how to setup a basic firewall configuration on your linux box with iptables.

Check your current setup with:

Reset the default firewall rules:

Setup the most basic firewall with the script below. This script only allows ssh connections (which are being logged in /var/log/syslog); adjust the script to allow communications through other ports.

Both the OUTPUT and INPUT chain have a default log rule at the end of the chain.

Saving your iptables configuration (answer Yes to both questions):

Start the persistency service:

Changes to your configuration can be stored by using the command

Or reload the current configuration:

More detailed information can be found here.


Add a google font to your font repository

Add google fonts to your system; simple and fast

  1. Goto
  2. Search your font
  3. Select “Add to collection”
  4. Select “Download” (button with the arrow picture)
  5. Select Download as zipfile
  6. Unpack zip and copy TTF files to your $HOME/.fonts directory
  7. Fonts are ready for use (after restart of application)

The Gimp: create 3d shape

Create a shape with a 3d effect; simple and fast with The Gimp

  1. Create a new image
  2. Create a new layer
  3. Select an area on the layer
  4. Fill the area with a color (optional)
  5. Select menu “Filters”; select “Light and Shadow”; select “Drop shadow”
  6. Choose your X and Y offset for the shadow
  7. Select allow resizing
  8. Select OK

The Gimp: create 3D Text

Create a 3d text; simple and fast with The Gimp

  1. Create a new image
  2. Add some text
  3. Duplicate the text layer
  4. Select menu “Filters”; select “Blur”; select “Motion Blur”
  5. Enable blur type “Zoom”
  6. Set X and Y properties
  7. De-select “Blur outward”
  8. Set length to about 15
  9. Select “Ok”

Configure Apache

Perform a clean Apache install:

After that copy original configuration files:

To prevent users from getting a directory listing add the next line to the bottom of your apache2.conf:
Options -Indexes

A fresh apache install has the following modules installed

As you can see the rewrite module is missing from this list. You can simple active this module by executing:

a2enmod rewrite




Add SSL to localhost on apache / linux

Generate a Certificate Signing Request

1. Generate the keys for the Certificate Signing Request (CSR)

2. Create the insecure key.

3. Create the CSR.

Fill in the appropriate information.

4. Create the self-signed certificate

This creates server.crt

5. Install the self-signed certificate

Now you can configure apache with the ability to use public-key cryptography to use the certificate and key files.

Configure Apache to use SSL on local host

6. Enable ssl

7. Edit your default-ssl site (make backup copy)



8. Enable the default-ssl site.

8. Restart the server.

Navigate to https://localhost and examine your certificate details


chmod to the max

Short and simple chmod reference. Use numbers to set file permissions.

400 read by owner
040 read by group
004 read by anybody (other)
200 write by owner
020 write by group
002 write by anybody
100 execute by owner
010 execute by group
001 execute by anybody

Make file readable for owner:
readable (4) owner = 400 => chmod 400 fname

Make file readable and writeable for owner:
readable + writeable (4 + 2) owner = 600 -> chmod 600 fname

Make file readable and writeable for group:
readable + writeable (4 + 2) owner = 60 -> chmod 60 fname

Make file readable and writeable for anybody:
readable + writeable (4 + 2) owner = 6 -> chmod 6 fname


# Set file permission to-rwxr-xr-x
# Read Owner 400
# Read Group 40
# Read Other 4
# Write Owner 200
# Write Group 100
# Write Other 010
# Exec  other 001

# Total = 400+040+004+200+100+010+001 = 755

# Read and write by everyone (444 + 222):

# Change all directories to rwx by everyone:

# Change all files to rw by everyone:



Setup proxy on Ubuntu

proxyFor local website development it is usefull to add your domain-name to your local hosts file.

When doing this you have to be sure that this name does not get resolved by the default gateway. Execute the following steps to be able to navigate to test.yourdomain.tld in your browser:

1. Edit your /etc/hosts  file and add a line:

2. Start the gnome dconf-editor  tool and navigate to “System -> Proxy”. Add the domain test.yourdomain.tld to the list of ignore-hosts.

3. Logoff and logon again for this settings to take effect.

Check that your settings are updated with the following command in a terminal:

The domain should show up at the no_proxy= entry.

If everything is ok you can navigate in your browser to test.yourdomain.tld.


Create SVN repository on Synology

Howto install SVN on your Synology:

Telnet to your NAS
Repositories has to be owned by svnowner; be sure to execute creation of the repository as svnowner (or chown afterwards):

On the synolyg your harddisk is mounten at /volume1; create a directory “svn” here:

Now create your SVN repository with the svnadmin command (on the synology the svn command is not on the path but can be found at /opt/bin):

If you want to delete a repository you can do this with regular unix commands; there is no “internal” SVN registration.

Now you have to setup the access to this new repository. Change directory to your new repository conf folder:
cd /volume1/svn/test/conf

The svnadmin command has stored some default files here; passwd and svnserve.conf. First edit the passwd file to add your users for this repository. Below the [users] text add your users.

Now edit the svnserve.conf in the same folder. Disable anonymous access to your repository by adding: anon-access = none

To use the password file for authentication of your users you have to uncomment the password-db = passwd line.

That’s all you have to do on your synology. SVN is setup (see link) and the repository is created with appropriate user access..

Now go to your client machine and checkout the new repository:

Check the status of your local repository copy:

Add a file to your repository

And commit the file to the repository