esa socis update Android: Switching screens by dragging over the touch screen

hi all my dear reader,

after spending 10 days (you know are many!) to study the code
and fix some small issues on upgrading libraries
math in apache

we are ready to make the first changes to the code!

Luc I have already called to order were wondering where all the features promised and I can not disappoint him

Today I dedicate myself to integrate after two days of hard work the animations on the homepage

we can choose the different main features not simply as a list but as slide through the main menu of android with a lot of animations!

end of the day my dear readers will insert the guide on how I did it and to howto  implement OnTouchListener




accepted as asa socis Student!

hi all,

this blog take a new direction with esa socis opportunity to bring my code to community with orekit team


what is esa socis :


ESA Summer of Code in Space 2012 (SOCIS 2012) is a program run by the European Space Agency. It aims at offering student developers stipends to write code for various space-related open source software projects. Through SOCIS, accepted student applicants are paired with a mentor or mentors from the participating projects, thus gaining exposure to real-world software development scenarios. In turn, the participating projects are able to more easily identify and bring in new developers.



my mission is to realize the new android program to show the nice feature inside orekit lib


what  i have to do:

improve graphical interface and give to the program all the nice feature inside orekit like

toi propagate two orbits at thé same time and identify the close approaches between the objects

propose different propagators to the user including numerical propagation with customizable force models. Yet another possibility would be to add 3d attitude vizualization with some simplified synthetic representation for vectors, planes, angles between vectors, angles between planes, trihedra, unit sphere around spacecraft



i’d like to thank all the orekit team and esa socis team for support and Luc Maisonobe  for all!


I will keep track of everything on this blog so stay tuned!

2010 in review

The stats helper monkeys at mulled over how this blog did in 2010, and here’s a high level summary of its overall blog health:

Healthy blog!

The Blog-Health-o-Meter™ reads Fresher than ever.

Crunchy numbers

Featured image

A helper monkey made this abstract painting, inspired by your stats.

The average container ship can carry about 4,500 containers. This blog was viewed about 15,000 times in 2010. If each view were a shipping container, your blog would have filled about 3 fully loaded ships.

In 2010, there were 28 new posts, growing the total archive of this blog to 277 posts.

The busiest day of the year was January 29th with 118 views. The most popular post that day was setup openvpn in one second debian/ubuntu.

Where did they come from?

The top referring sites in 2010 were,,,, and

Some visitors came searching, mostly for qtemu image anlegen, virtualbox debian squeeze, exim ssl 465, svn lighttpd, and apt-build.

Attractions in 2010

These are the posts and pages that got the most views in 2010.


setup openvpn in one second debian/ubuntu January 2010
1 comment


migrate user from old server to new server for debian ubuntu or linux generally January 2010
1 comment


install virtualbox debian squeeze January 2010
1 comment


install a transparent proxy with squid & debian January 2010
1 comment


using ssl with exim4 on debian July 2009
2 comments and 1 Like on,

zeroshell one of the best firewall i ever know

Zeroshell is a Linux distribution for servers and embedded devices aimed at providing the main network services a LAN requires. It is available in the form of Live CD or Compact Flash image and you can configure and administer it using your web browser. The main features of this Linux distribution for Network Appliances are listed below:

Load Balancing and Failover of multiple Internet connections;
UMTS/HSDPA connections by using 3G modems;
RADIUS server for providing secure authentication and automatic management of the encryption keys to the Wireless 802.11b, 802.11g and 802.11a networks supporting the 802.1x protocol in the EAP-TLS, EAP-TTLS and PEAP form or the less secure authentication of the client MAC Address; WPA with TKIP and WPA2 with CCMP (802.11i complaint) are supported too; the RADIUS server may also, depending on the username, group or MAC Address of the supplicant, allow the access on a preset 802.1Q VLAN;
Captive Portal to support the web login on wireless and wired networks. Zeroshell acts as gateway for the networks on which the Captive Portal is active and on which the IP addresses (usually belonging to private subnets) are dynamically assigned by the DHCP. A client that accesses this private network must authenticate itself through a web browser using Kerberos 5 username and password before the Zeroshell’s firewall allows it to access the public LAN. The Captive Portal gateways are often used to provide authenticated Internet access in the HotSpots in alternative to the 802.1X authentication protocol too complicated to configure for the users. Zeroshell implements the functionality of Captive Portal in native way, without using other specific software as NoCat or Chillispot;
QoS (Quality of Service) management and traffic shaping to control traffic over a congested network. You will be able to guarantee the minimum bandwidth, limit the max bandwidth and assign a priority to a traffic class (useful in latency-sensitive network applications like VoIP). The previous tuning can be applied on Ethernet Interfaces, VPNs, bridges and VPN bondings. It is possible to classify the traffic by using the Layer 7 filters that allow the Deep Packet Inspection (DPI) which can be useful to shape VoIP and P2P applications;
HTTP Proxy server which is able to block the web pages containing virus. This feature is implemented using the ClamAV antivirus and HAVP proxy server. The proxy server works in transparent proxy mode, in which, you don’t need to configure the web browsers of the users to use it, but the http requests will be automatically redirected to the proxy;
Wireless Access Point mode with Multiple SSID and VLAN support by using WiFi network cards based on the Atheros chipsets. In other words, a Zeroshell box with one of such WiFi cards could become a IEEE 802.11a/b/g Access Point providing reliable authentication and dynamic keys exchange by 802.1X and WPA protocols. Of course, the authentication takes place using EAP-TLS and PEAP over the integrated RADIUS server;
Host-to-lan VPN with L2TP/IPsec in which L2TP (Layer 2 Tunneling Protocol) authenticated with Kerberos v5 username and password is encapsulated within IPsec authenticated with IKE that uses X.509 certificates;
Lan-to-lan VPN with encapsulation of Ethernet datagrams in SSL/TLS tunnel, with support for 802.1Q VLAN and configurable in bonding for load balancing (band increase) or fault tolerance (reliability increase);
Router with static and dynamic routes (RIPv2 with MD5 or plain text authentication and Split Horizon and Poisoned Reverse algorithms);
802.1d bridge with Spanning Tree protocol to avoid loops even in the presence of redundant paths;
802.1Q Virtual LAN (tagged VLAN);
Firewall Packet Filter and Stateful Packet Inspection (SPI) with filters applicable in both routing and bridging on all type of interfaces including VPN and VLAN;
It is possible to reject or shape P2P File Sharing traffic by using IPP2P iptables module in the Firewall and QoS Classifier;
NAT to use private class LAN addresses hidden on the WAN with public addresses;
TCP/UDP port forwarding (PAT) to create Virtual Servers. This means that real server cluster will be seen with only one IP address (the IP of the virtual server) and each request will be distributed with Round Robin algorithm to the real servers;
Multizone DNS server with automatic management of the Reverse Resolution;
Multi subnet DHCP server with the possibility to fix IP depending on client’s MAC address;
PPPoE client for connection to the WAN via ADSL, DSL and cable lines (requires a suitable MODEM);
Dynamic DNS client used to easily reach the host on WAN even when the IP is dynamic;
NTP (Network Time Protocol) client and server for keeping host clocks synchronized;
Syslog server for receiving and cataloging the system logs produced by the remote hosts including Unix systems, routers, switches, WI-FI access points, network printers and others compatible with the syslog protocol;
Kerberos 5 authentication using an integrated KDC and cross-authentication between realms;
LDAP, NIS and RADIUS authorization;
X509 certification authority for issuing and managing electronic certificates;
Unix and Windows Active Directory interoperability using LDAP and Kerberos 5 cross realm authentication.
The following features will be available in the near future and included in the release 1.0.0:

Arpwatch monitor for monitoring ARP events on the LAN such as duplication of IP addresses, flip-flops and other faults;
Host-to-lan VPN with PPTP protocol (Point to Point Tunneling Protocol), MPPE (Microsoft Point to Point Encryption) and GRE tunneling;
The following features will be available in the next releases newer than 1.0.0:

IMAP v4 server to manage the mailboxes with the authentication provided by the integrated Kerberos 5 server;
SMTP server to receive, send and route mails depending on SMTP routing map stored on the integrated LDAP server. The incoming and outcoming mails are spam and virus checked by the antispam and antivirus filters auto updated from Internet. Moreover, the supported dynamic DNS client, that automatically updates DNS MX record, makes possible to have a mail server for a domain also if the WAN IP address is not statically assigned.
Smart Card authentication using PKINIT protocol that combines Kerberos 5 credentials and X.509 certificates. Unfortunately, unlike the other features, it is not possible to support Smartcard authentication in short time because MIT Kerberos v5 does not implement PKINIT protocol yet.
Zeroshell is a Live CD distribution, meaning that it is not necessary to install it on the hard disk since it can operate directly from the CDROM on which it is distributed. Obviously, the database, containing all the data and settings, can be stored on ATA, SATA, SCSI and USB disks. Any security Bug Fixes can be downloaded from the automatic update system via Internet and installed in the database. These patches will be automatically removed from the database by subsequent releases of the Zeroshell Live CD already containing the updates.

It is also available a 512MB Compact Flash image useful if you have to boot your box from this device instead from CDROM for example in the embedded devices for network appliances. The Compact Flash image has 400MB available to store the configuration and data.

The name Zeroshell underlines the fact that although it is a Linux system (traditionally administrable from a shell), all the administration operations can be carried out via Web interface: indeed, after having assigned an IP address via a VGA or serial terminal, simply connect to the assigned address by means of a browser to configure everything. Zeroshell was successfully tested to work with Firefox 1.0.6+, Internet Explorer 6+, Netscape 7.2+ e Mozilla 1.7.3+.

Building Zeroshell

Zeroshell is not based on an already existing distribution as for example Knoppix is based on Debian. The author has compiled the whole software of which the distribution is composed starting from the source code in the tar.gz or tar.bz2 packets. The compiler gcc and the glibcs of the GNU have been compiled too and have had the so-called phase of bootstrap in which they have recompiled themselves more times. This has been necessary to optimize the compiler and to eliminate every dependence from the glibcs of the system from which the first compilation took place. Some of the initialization scripts, as well as the guidelines followed by the author are those of Linux From Scratch. For a list of the used software look here.

you can take it from

googlcl command line google from shell

GoogleCL brings Google services to the command line.

We currently support the following Google services:
$ google blogger post –title “foo” “command line posting”
$ google calendar add “Lunch with Jim at noon tomorrow”
$ google contacts list name,email > contacts.csv
$ google docs edit –title “Shopping list”
$ google picasa create –title “Cat Photos” ~/photos/cats/*.jpg
$ google youtube post –category Education killer_robots.avi

read more on project page:

Install debian server in a linux chroot environment

Running Linux system inside a chroot environment allows a system admin to decrease an impact on a production server when the server gets compromised. Change root will change root directory to all current running processes and its children to a chroot jail. Testing of various package installations and server configuration in a chrooted environment can be another handy way how to utilize a chroot jail.
This tutorial will provide a reader with step by step guide on how to install Debian with ssh daemon inside chroot environment using debootstrap.
1. Install chroot environment

In the first step we will create a directory in which new chroot environment will reside. For convenience during the installation we also declare temporary bash shell variable CHROOT to hold a path to chroot environment.
# mkdir -p /mnt/chroot/squeeze
# CHROOT=/mnt/chroot/squeeze
When new chroot directory is ready we will use debootstrap to install new Debian system within chroot environment. Change the architecture and debian version according to your needs. The installation may take some time as debootstrap will use your specified mirror to download and install core packages. Choose the closest mirror as it will rapidly reduce the installation time.
# debootstrap –arch i386 squeeze \
At the end of the installation you should seed output similar to the one below:
I: Configuring debian-archive-keyring…
I: Configuring apt…
I: Configuring libept0…
I: Configuring apt-utils…
I: Configuring aptitude…
I: Configuring tasksel-data…
I: Configuring tasksel…
I: Base system installed successfully.
Connect your host proc system with chroot environment by mounting within chroot directory. This allows chroot access a hardware of your host system.
# mount -t proc proc $CHROOT/proc
# mount -t devpts devpts $CHROOT/dev/pts
2. Configuration

Now, we are ready to login into chroot and do some basic configuration. To not let aour selfs confuse with host and chroot environment we first change a root’s PS1 variable to change a shell prompt to “CHROOT-squeeze:~#” . This step is optional but recommended: First login to chroot:
# chroot $CHROOT /bin/bash –login
execute a following command to permanently change root’s shell prompt and exit:
CHROOT-squeeze:~# echo ‘PS1=”CHROOT-squeeze:\w# “‘ >> ~/.bashrc
CHROOT-squeeze:~# exit
Next time you enter chroot environment you will have a new shell prompt:
# chroot $CHROOT /bin/bash –login
From this point on all commands which should be executes within chroot environment will have a prefix:
Next we will install and reconfigure locales.
CHROOT-squeeze:~# apt-get install locales
Now reconfigure your locales. For example if you are form Australia you add – en_AU ISO-8859-1 – en_AU.UTF-8 UTF-8 and choose : en_AU
# dpkg-reconfigure locales
3. Install chroot ssh daemon

Now we are ready to install any service within chroot environment. Let’s start with ssh as this will allow us to login to chroot using ssh connection from LAN or WAN.:
NOTE: installation of vim is optional
CHROOT-squeeze:~# apt-get install vim ssh
Configure chrooted ssh service to listen on different port than 22 as it is most likely already occupied by your host system.
3.1. Configure ssh

Edit a sshd_config file:
CHROOT-squeeze:~# vi /etc/ssh/sshd_config
and change line Port 22 to:
Port 2222
Restart a chroot sshd:
CHROOT-squeeze:~# /etc/init.d/ssh restart
Change a password for a chrooted root user:
CHROOT-squeeze:~# passwd
4. Login remotely to chroot

If all went well we now should be able to login to new chroot environment using ssh:
ssh root@localhost -p 2222
5. Fine tune chroot

chroot ssh daemon will not start automatically when you turn on your host operation system. Therefore, create a simple shell script to do that task:
/etc/init.d/chroot-squeeze :

CHROOT=/mnt/chroot/squeeze # change
mount -t devpts devpts $CHROOT/dev/pts
mount -t proc proc $CHROOT/proc
chroot $CHROOT /etc/init.d/ssh start
and as a last step make a simbolic link to /etc/rc2.d/:
# ln -s /etc/init.d/chroot-squeeze /etc/rc2.d/S98chroot-squeeze
Now you should have a fully functional chroot environment. Feel free to explore and install additional services.

take from here

Postfix Monitoring With Mailgraph And pflogsumm On Debian Lenny

This article describes how you can monitor your Postfix mailserver with the tools Mailgraph and pflogsumm. Mailgraph creates daily, weekly, monthly, and yearly graphs of sent, received, bounced, and rejected emails and also of spam and viruses, if SpamAssassin and ClamAV are integrated into Postfix (e.g. using amavisd-new). These graphs can be accessed with a browser, whereas pflogsumm (“Postfix Log Entry Summarizer”) can be used to send reports of Postfix activity per email.

In the following I will describe how to install and configure Mailgraph and pflogsumm on Debian Lenny.

I do not issue any guarantee that this will work for you!

1 Preliminary Note
In this tutorial my Linux system has the IP address and hosts the web site with the document root /var/www/ and a cgi-bin directory of /var/www/, and I will send the pflogsumm reports to the email address

read more