这两天刚搞到一台米国的VPS，相当便宜，配置、速度也还不错。周末忙活了两天配了一下VPN，这里做一下笔记：

1. Apache优化

ubuntu下有个apache2-mpm-perfork包，能很显著地降低apache内存占用。装完之后apache的从200M掉到100M！很好很强大！

2. OpenVPN证书生成

这个要在本机做！生成的CA.crt是public key,ca.key是private key，这两个用于生成server和client的证书。因此ca.key一定不要传到server上去，否则别人就能拿来自己生成证书了。

3. 服务器内核配置

服务器端要做nat的话需要内核的tun和iptables_nat module，我的vps是联系管理员给加的，因为自己改不了内核配置。

4. OpenVPN服务器端配置

做NAT需要添加两条：
这个将使客户端将VPN配置成默认网络连接

push "redirect-gateway def1"

这个将设置客户端的DNS服务器（防止DNS劫持）

push "dhcp-option DNS x.x.x.x"

这里DNS可以用OpenDNS的server

5. 用iptables中转来自client的包

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j SNAT --to-source x.x.x.x

–to-source配置成服务器公网IP。OpenVPN的howto里面的这一条目在我的VPS上不适用。

6. Windows客户端权限问题

windows的GUI客户端需要管理员权限运行。在vista/win7等开启了UAC时，要将gui程序兼容性改为winxp,并默认管理员运行。

7. 客户端route/iptables

按上面配置客户端将会使用VPN做默认连接。可以使用chnroutes来配置国内IP不走VPN.

客户端配置仍然不太满意。正在考虑Firefox的autoproxy插件，再利用什么软件中转到VPN去，然后其余连接用普通的。这样可以大大减少VPN流量并提高访问速度。刚在google code中搜了下openvpn，似乎有相关的项目。firefox那边插件选择连接的可能性不大，理论上。
客户端都配好了再更新。

—PS—
今天本来想跟美女炫耀一下，结果说错话了，适得其反。郁闷。

Some buttons in Eclipse 3.5 under Ubuntu 9.10 won’t work but short cut key works. It’s because SWT eclipse uses have some problem with the underlying GTK.

Also this will be fixed in eclipse 3.5.2, the is a work around for those older 3.5 releases. Write a simple shell script to start eclipse:

#!/bin/sh
export GDK_NATIVE_WINDOWS=1
~/bin/eclipse

Replace "~/bin/eclipse" with your eclipse path.

网站前一阵因为没备案被关停了，这在俺的历史上也是头一遭。虽说平均ip/d几近与0，但俺追求accessability的决心还是很坚定的，被关停对俺来说是奇耻大辱啊。当然，这里俺也不敢评论是非了，就当黄连、榴莲之类的自己吞了好了。

是在大概两周之前提交了备案，昨天刚刚通过了，然后今天就马上整理好东西重新开通了。看看荒芜的blog，倒也有些惭愧。年前在玩python，后来因为unicode的问题放弃了。年后搞到xbox之后就不务正业啦，下班之后的时间几乎全耗在上面了。再之后一些残念，一一作古。现在游戏玩腻了，也许该重新整整网站了。重新开张，重新写东西，算作第一步吧！

放个鞭炮吧，噼啪噼啪，噼啪噼啪…

Until now, Akismet has blocked 846 spam comments for me. And until now, I have got only 12 normal comments from human being visitors!

My website gets a high pagerank. It was 4 about 2 months ago. But now drop back to 3. I don’t know but maybe they choose to spam on sites with high pagerank. Thanks for Akismet, there were only about 2 or 3 spam comments wasn’t blocked. So the spam links never get a link to promot there page rank.

I installed a wordpress plugin which is written by a friend: Denis. It returns the related posts by tags.

I want to put it in sidebar. So I added a widget function for this plugin. Also the content filters were commented out so that it won’t borther to filter my post contents everytime since I don’t want to display them in post or feeds.

Although it works fine for me now, there are still some things to be improved:

1. If the number of related posts does not reach to display limit, it should have option to fill with random or most commented posts.
2. The title section really need to be moved out from the main code generate function.
3. Take count of category. The posts in the same category are related.
4. Denis submitted v0.6 to SVN trunk! I wander how he released v0.7 via SVN…

I will send Denis my patch tomorrow. Hopefully he will merge it into next release, and, fix the functions I wanted here.