Archive for category Uncategorized

Pidgin with Video on Windows

I’ve been helping out Maiku (who’s the Google summer of code student who was tasked with getting voice/video working in Pidgin) to get pidgin-vv working on Windows. We’ve done lots of playing around for the last wee while, but we’ve finally managed to get it working on Windows. Just so you all believe me, here’s a teaser screencast video of me giving Maiku a call.

Cool huh! So far only XMPP (and Skype, kinda) are working but Maiku is hard at work to get all the other protocols working too. Yay! 🙂


Groups in the Facebook plugin

For those people who upgraded to v1.60 of the pidgin-facebookchat plugin, you’ll probably notice that the Facebook groups have made their way into your Pidgin buddylist.

Oddly enough, this has spawned a looong thread of people who aren’t so happy with the new change. I thought it would be best to blog about why and what happened to get us to this stage and what we’re doing about it.

What happened is that we got reports of a major crash appearing whenever 32-bit (and Windows) users opened a conversation window or received a chat from someone. This was because our kludgy way of dealing with a limitation of timestamps from json-glib ended up overflowing. At the same time, we had been sitting on fixes for profile pictures/buddy icons, as well as status messages needing a new way to update.

The other issue was that I’ve been looking after my unwell fiancée all week, after several doctors trips, after-hours doctors trips and even a visit to the swine flu processing centre in Christchurch. So when I started getting email notifications of bug reports about the crashes, it was the final straw for me, and I hastily pushed out a new version…. completely forgetting that we had the new group/friend list’s code in there.

That said, we hadn’t had much feedback about the new groups stuff until now so we weren’t to know that everyone would hate it as much as they do.

So where to from here? Well, we want to come up with a solution that leaves everyone happy, while still allowing for using the new groups/friends list code. My idea is to have a toggle for the setting. Casey Ho, the other developer, says that I’m not allowed to offer that solution to people, as we’ll end up with an unstable situation. Instead, he’s adding support for hiding/showing different groups as well as the online/offline per-group setting that Facebook has. This should end up with the same result, just a different way of getting there.

So blame lies with me, I’m afraid, for all the groups mess. My apologies, but rest assured, we are working on ways to ‘fix the problem’ for you all 🙂

(Also, if you feel like making a donation to help pay for my fiancée’s medication so that we don’t have to keep going back to the doctors so that messes like this don’t happen in the future, I’m always grateful)

No Comments

SSH Security with Fail2Ban on Gentoo

I accidentally looked at my syslog messages on my home (Gentoo) Linux server and found that there were thousands of SSH connection attempts from all over the world: people trying to brute-force my root password. The worst bit was that it was filling up my logs and causing lots of things to die when the computer ran out of disk-space. It needed a bit of playing around to get this to stop, but in case you run across the same situation, I’ve documented what I did:

  • Make sure you have the tcpd USE-flag on net-misc/openssh. If you don’t, the easiest way to add it is with the command echo "net-misc/openssh tcpd" >> /etc/portage/package.use
  • Emerge fail2ban
  • If you’re using syslog-ng, you need to configure it to log sshd logs to a different place (reduces load on the server) by adding the following lines to /etc/syslog-ng/syslog-ng.conf
    filter f_sshd {match('^sshd\[[0-9]+\]:'); };
    destination sshd { file("/var/log/sshd.log"); };
    log { source(src); filter(f_sshd); destination(sshd); flags(final); }
  • Enable the ssh-tcpwrapper setting in /etc/fail2ban/jail.conf, checking that the logpath is pointing to your log file. It should end up looking something like

    enabled = true
    filter = sshd
    action = hostsdeny
    logpath = /var/log/sshd.log
  • Set up the hosts allow/deny files (if you don’t have them) by pumping out the following commands to bash

    touch /etc/hosts.allow
    touch /etc/hosts.deny
    chmod 644 /etc/hosts.allow
    chmod 644 /etc/hosts.deny
  • Reload syslog-ng /etc/init.d/syslog-ng reload, restart openssh /etc/init.d/sshd restart, and start fail2ban /etc/init.d/fail2ban start && rc-update add fail2ban default

That should do it. I also recommend disabling the root account and disabling password authentication in your /etc/ssh/sshd_config file.


New Blog

So hi everyone.  I’ve always had a few ideas that I’ve wanted to tell the world about and have started up this blog.

In case you didn’t already know, I’m Eion, also known online as BigBrownChunx.  For my day-job, I work on popular NZ websites such as MyJobSpace (, DineOut ( and Vorb (  But by-night, I work on the Facebook plugin for Pidgin and the Skype plugin for Pidgin as well as helping out my fiancé on her gardening website at

Anyway, I hope to be like every other whimsical blog-poster out there and post two or three times a week.  Here’s hoping I can keep it up 🙂

No Comments