Author Archives: Vyacheslav

Reason for messages “HTB: quantum of class 10001 is big. Consider r2q change”

Once on the access server, Ubuntu Server 16.04 and Accel-ppp noticed the following messages in the /var/log/kern.log file:

kernel: [365970.550498] HTB: quantum of class 10001 is big. Consider r2q change.
kernel: [365970.550547] HTB: quantum of class 10A49 is big. Consider r2q change.
kernel: [365979.545580] HTB: quantum of class 10001 is big. Consider r2q change.
kernel: [365979.545621] HTB: quantum of class 10BD6 is big. Consider r2q change.
kernel: [365995.601973] HTB: quantum of class 10001 is big. Consider r2q change.
kernel: [365995.602031] HTB: quantum of class 11705 is big. Consider r2q change.

First I tried to track which interfaces are being raised at this moment:

tail -f /var/log/kern.log | grep "quantum of class 10001 is big"
tail -f /var/log/accel-ppp/accel-ppp.log | grep "create interface"

Continue reading “Reason for messages “HTB: quantum of class 10001 is big. Consider r2q change””

Why Contact Form 7 does not work on iOS

Recently, on the WordPress site, I noticed the problem of sending messages via Contact Form 7 from devices with the iOS operating system.
If you used Google reCAPTCHA, when you clicked on the Send button, the page was updated for a very long time and reCAPTCHA reported a wait error, if you disable reCAPTCHA, then the message was sent after 1-2 minutes.

As it turned out, iOS somehow started blocking AJAX, which was used by default when updating the page.

So to solve the problem, I opened the configuration file wp-config.php and just before the line:

define('WP_DEBUG', false);

Added a line:

define ('WPCF7_LOAD_JS', false);

This line prohibits Contact Form 7 from using Javascript.
If you specify this variable at the end of the file, it will not work.

After this, the messages on iOS started to go immediately.

How to disconnect SSH user

Let’s say that several users are connected through SSH.

First look at the list of online users:

w

Suppose the following information is displayed (where test is the user’s login):

USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
test     tty1                      11:20    1:07   0.03s  0.03s -bash
test     pts/0    192.168.1.5      11:21   13.00s  0.02s  0.02s -bash
test     pts/1    192.168.1.3      11:21    0.00s  0.02s  0.00s w

tty1 – it is a client logged in locally, that is, it is located near the computer.
pts/1 – judging for example on IP and WHAT, let’s assume that it’s us, accordingly pts/0 is the client of which we want to disconnect.

See the list of processes and their PID:

ps faux |grep sshd

At me it was displayed:

root       946  0.0  0.5  65508  5368 ?        Ss   12:00   0:00 /usr/sbin/sshd -D
root      1147  0.0  0.6  92828  6920 ?        Ss   12:01   0:00  \_ sshd: test [priv]
test      1178  0.0  0.3  92828  3384 ?        S    12:01   0:00  |   \_ sshd: test@pts/0
root      1192  0.0  0.6  92828  6592 ?        Ss   12:02   0:00  \_ sshd: test [priv]
test      1223  0.0  0.3  92828  3532 ?        S    12:02   0:00      \_ sshd: test@pts/1
test      1248  0.0  0.0  15468   956 pts/1    S+   12:25   0:00              \_ grep --color=auto sshd

We find test@pts/0 and accordingly 1178 is the required PID.

We terminate the process by specifying its ID, after which the user will immediately disconnect:

sudo kill -9 1178

See also my articles:
Configuring SSH session timeout
Installing and Configuring SSH

The script for adding IP addresses from a file to ipset

It took one day to write a script to add to ipset all the IP for which the session was started on the access server, Abills billing was used, so I decided to take IP addresses from the MySQL billing table.

The first step is to create a test ipset:

ipset create test iphash

Continue reading “The script for adding IP addresses from a file to ipset”

The solution to the error “Another app is currently holding the xtables lock”

Recently noticed on one server with the billing system ABillS, that when the script /etc/ppp/ip-up is executed in bulk, an error occurs:

Another app is currently holding the xtables lock. Perhaps you want to use the -w option?

Having looked at the script code, I found that there are two rules among the iptables rules that can slow down the work, namely, the search for ipoe interfaces by two commands:

IPTABLES="/sbin/iptables"
EXIST=`${IPTABLES} -t nat -L PREROUTING -v | grep "${IFNAME} ";  ${IPTABLES} -L -v | grep DROP | grep "${IFNAME} "`

To raise 3000 sessions, it took more than 30 minutes and some rules could not be added at all or deleted by the script.
By default, if the -L option is used, iptables resolves the IP addresses and tries to display DNS names instead of them, which takes a long time, and so that this does not happen, you need to add the -n option, and just in case I added the -w 20 switch, which will cause the new rules to be postponed until 20 seconds if iptables is already busy executing another command:

IPTABLES="/sbin/iptables"
IPTABLES_WAIT="-w 20"
EXIST=`${IPTABLES} $IPTABLES_WAIT -t nat -n -L PREROUTING -v | grep "${IFNAME} ";  ${IPTABLES} $IPTABLES_WAIT -n -L -v | grep DROP | grep "${IFNAME} "`

After that, the script with iptables rules began to work out instantly.
Since the old rules are not all fulfilled, I checked this by counting some by the team:

iptables -n -L -t nat -v | grep DNAT | wc -l

And I checked with the number of sessions, the rules were obviously smaller, so I had to clear all rules and restart the session so that the /etc/ppp/ip-up script worked correctly, this time at 3000 sessions it did its job in less than a minute.
Note that in the / etc / ppp / scripts, it’s better not to use iptables rules.

How I closed the account in Polish Pecao Bank

Once a friend from Ukraine asked me to help her with the closing of the account in the Polish bank Pecao.
She was not going to go to Poland and therefore could not visit the bank, so I started correspondence with employees by email, which was specified in the contract, and also is on the official website.

In the first message, I asked how you can close the bank account and the employee replied that you need to visit the bank for this, but you can also write a written request and send it along with the bank card by the postal service to the bank branch where the account was opened.

Continue reading “How I closed the account in Polish Pecao Bank”

The problem with pink video distortion in Adobe Premiere

Once I made a project in Adobe Premiere and I had to pull out the video card, after I pulled it out, I started using the integrated Intel HD Graphics 630 and I had a problem with the image. The video became distorted, most often with pink and green stripes.

Continue reading “The problem with pink video distortion in Adobe Premiere”