Month: June 2021

How to simulate package installation on Linux (How to create and install a dummy package)

Sometimes, when installing packages from source code, you may encounter the problem that the required dependency is missing from the system. Usually you need to solve this problem by installing the necessary dependencies from the standard repository, or by compiling them from source.

Sometimes the required package is present, but its version is not suitable, a similar example and solution is described in the article “How to install a package for which there is no dependency of the required version”.

But I ran into a situation where the required dependency is:

a) does not exist at all (the package was removed from the package repository)

b) functionality has been moved to another package that can be installed

Take a look at the following message:

Reading state information... Done
You might want to run 'apt --fix-broken install' to correct these.
The following packages have unmet dependencies:
 detectiteasy : Depends: qt5-default but it is not installable
E: Unmet dependencies. Try 'apt --fix-broken install' with no packages (or specify a solution).

The program installed from source requires the qt5-default package. This package contains one single configuration file. The package itself was removed as unnecessary or due to the fact that its functionality was transferred to the qtchooser package that I installed. That is, from a practical point of view, the dependency is not needed, but I cannot update the system, because, as the package manager thinks, the dependencies are broken.

The way out of this situation is to install a dummy package.

How to create and install a dummy package on Linux (Debian, Linux Mint, Kali Linux, Ubuntu)

There is a Debian package called equivs that can create fake packages. Install it by running

sudo apt install -y equivs

Due to unresolved dependencies, I was unable to install the equivs package on the problematic OS – I used another computer to help.

After installation, you create a “control” template file using the following command:

equivs-control FILE_NAME

For example:

equivs-control qt5-default

Alternative package name can be used like postfix-custom for postfix or something else.

Let's open the generated file for editing:

gedit qt5-default

An example of the content in my case:

### Commented entries have reasonable defaults.
### Uncomment to edit them.
# Source: <source package name; defaults to package name>
Section: misc
Priority: optional
# Homepage: <enter URL here; no default>
Standards-Version: 3.9.2

Package: <package name; defaults to equivs-dummy>
# Version: <enter version here; defaults to 1.0>
# Maintainer: Your Name <yourname@example.com>
# Pre-Depends: <comma-separated list of packages>
# Depends: <comma-separated list of packages>
# Recommends: <comma-separated list of packages>
# Suggests: <comma-separated list of packages>
# Provides: <comma-separated list of packages>
# Replaces: <comma-separated list of packages>
# Architecture: all
# Multi-Arch: <one of: foreign|same|allowed>
# Copyright: <copyright file; defaults to GPL2>
# Changelog: <changelog file; defaults to a generic changelog>
# Readme: <README.Debian file; defaults to a generic one>
# Extra-Files: <comma-separated list of additional files for the doc directory>
# Links: <pair of space-separated paths; First is path symlink points at, second is filename of link>
# Files: <pair of space-separated paths; First is file to include, second is destination>
#  <more pairs, if there's more than one file to include. Notice the starting space>
Description: <short description; defaults to some wise words> 
 long description and info
 .
 second paragraph

The lines with comments indicate which defaults will be applied when creating the package – you can delete these lines or uncomment and specify your own value.

Also in the line “Package” enter the name of the package, I got it like this:

Section: misc
Priority: optional
Standards-Version: 5.15.2+dfsg-7
Version: 5.15.2
Package: qt5-default

The “Provides” line indicates that my package provides the capabilities offered by another package that one is trying to spoof.

Finally, after generating the template control file, use the equivs-build command to create a fake package like

equivs-build /PATH/TO/GENERATED/CONTROL/FILE

In my case, this is:

equivs-build qt5-default

It will take a few seconds to build the package and then you can run

sudo dpkg -i PACKAGE_NAME*.deb

For example, in my case, after transferring the package to the problem system, the command is as follows:

sudo dpkg -i qt5-default_5.15.2_all.deb

After installing the package, the work of the package manager returned to normal – it is again possible to install and remove packages, update the system.

For advanced users, if your template control file has the “Requires” line, you can create metapackages to install a group of programs.

See also:

Configuring Squid Proxy with Multiple IP Addresses

Suppose the server has several IP addresses – on the same interface or on different ones – it doesn't matter.

Objective: make Squid use different external IP addresses depending on which port of the proxy server is being accessed.

So, as you can see, my test server has 5 IP addresses, 1 IPv4 address and 4 IPv6 addresses:

  • 185.117.153.79
  • 2a02:f680:1:1100::3d5f
  • 2a02:f680:1:1100::3d60
  • 2a02:f680:1:1100::3d61
  • 2a02:f680:1:1100::3d62

See also:

To solve this problem, the contents of the /etc/squid/squid.conf file are as follows:

# The proxy server will only use local utilities, so only access from localhost is allowed.
# If you want to connect to the proxy server from outside, then add the corresponding IPs to the allowed ones,
# or configure password authentication.
http_access allow localhost
http_access deny all

# To connect to the proxy server, ports 24000-24004 are selected, the following lines enable listening on these ports
# Please note that the proxy server does not listen to external IP addresses, in addition to the port, the IP address of localhost is specified
http_port 127.0.0.1:24000
http_port 127.0.0.1:24001
http_port 127.0.0.1:24002
http_port 127.0.0.1:24003
http_port 127.0.0.1:24004

# For each port, create an acl with the localport type
acl portA localport 24000
acl portB localport 24001
acl portC localport 24002
acl portD localport 24003
acl portE localport 24004

# Map ports and IP addresses
tcp_outgoing_address 2a02:f680:1:1100::3d5f portA
tcp_outgoing_address 2a02:f680:1:1100::3d60 portB
tcp_outgoing_address 2a02:f680:1:1100::3d61 portC
tcp_outgoing_address 2a02:f680:1:1100::3d62 portD
tcp_outgoing_address 185.117.153.79 portE

# We don't need a cache
cache deny all

When accessing the page https://w-e-b.site/ip/, the IP address of the client who made the request is shown. Let's check:

curl https://w-e-b.site/ip/

The result is:

2a02:f680:1:1100::3d61

Let's remember this.

Now let's request the specified page through the proxy server ports from 24000 to 24003:

curl --proxy localhost:24000 https://w-e-b.site/ip/
curl --proxy localhost:24001 https://w-e-b.site/ip/
curl --proxy localhost:24002 https://w-e-b.site/ip/
curl --proxy localhost:24003 https://w-e-b.site/ip/

As you can see, each time a different IPv6 address is displayed – in accordance with which one is bound to a specific port of the proxy server.

What IP address do you think the following command will print?

curl --proxy localhost:24004 https://w-e-b.site/ip/

Let me remind you that IPv4 185.117.153.79 is bound to port 24004. If your answer is “185.117.153.79”, then you are wrong.

Let's check:

curl --proxy localhost:24004 https://w-e-b.site/ip/

Outputted: 2a02:f680:1:1100::3d6 is the same default IPv6 address.

The reason is that, in fact, the binding does not occur to the IP address as such, but to the network interface on which this IP is configured. By the way, therefore, you can also bind by MAC address. At the same time, Squid works as follows: if there is a technical possibility (the local server and the remote host have IPv6 addresses), then IPv6 is used by default.

The site w-e-b.site has IPv4 and IPv6 addresses, Squid makes DNS lookups trying to get A and AAAA records, and if the remote host has an IPv6 address, then that one is used. To connect to IPv6, the server must also be using IPv6, so one of the available IPv6 is selected, not IPv4 which is actually bound to the port.

Would it be possible to use the IPv4 connection when binding the port to IPv4, even if IPv6 is available? Technically, there is no limit to this, but the authors of Squid did not make such an option. But there is also an option to use IPv4, though not so convenient.

Related: How to configure Squid to use IPv4

See also the Squid setup guide: How to create and configure a Squid proxy server

How to configure Squid to use IPv4

Because the IPv6 Internet is as fast or faster than the IPv4 Internet for most networks, Squid prefers to connect to websites over IPv6.

The “dns_v4_first on” option changes the order of preference so that Squid will first bind to dual-stack websites over IPv4. Squid will still do both IPv6 and IPv4 DNS queries before connecting.

A WARNING. This parameter limits the situations in which IPv6 connectivity is used (and tested). This hides network problems that would otherwise have been detected and warned about.

So, to switch to IPv4, add the following option to the config file:

dns_v4_first on

Now the request on port 24004 will print the IPv4 address:

curl --proxy localhost:24004 https://w-e-b.site/ip/

But the fact is that requests to ports 24000-24003 will also display IPv4 addresses, since the remote host uses both of them, and IPv4 is now selected by default.

That is, in essence, this option is a switch between IPv4 and IPv6. This is not very convenient and a little illogical. You need to remember this, because using different IP addresses on the same proxy server, you can get confused about which one is actually used.

Starting with version 5 of Squid, the dns_v4_first option will be removed. Instead of obeying the dns_v4_first setting, the IP family is now largely controlled by the DNS response time: if the AAAA DNS response comes first while Squid is waiting for IP addresses, then Squid will use the first received IPv6 addresses. For previously cached IP addresses, Squid tries IPv6 addresses first. To manage the family of IP addresses used by Squid, administrators must use firewalls, recursive DNS resolver configuration, and/or --disable-ipv6. When planning configuration changes, keep in mind that the upcoming improvements to Happy Eyeballs will facilitate faster TCP connections while reducing the impact of DNS resolution times.

The fifth version implements the “Happy Eyeballs” algorithm, which uses the received IP as soon as it is needed. Firewall rules that deny IPv6 TCP connections remain the preferred configuration method for “disconnecting” IPv6 connections, with a recursive DNS resolver configuration.

See also the Squid setup guide: How to create and configure a Squid proxy server

How Squid ACL works

Squid ACL Basics

Let's now dwell on how exactly ACLs work.

The Squid web proxy access control scheme consists of two different components:

  • ACL entries are directive strings that begin with the word “acl” and represent the types of tests that are performed on any request transaction.
  • Access list rules consist of an allow or deny action followed by a series of ACL entries and are used to specify which action or restriction should be applied to a given request. They are checked in order, and the list search stops as soon as one of the rules matches. If a rule has multiple ACL entries, it is implemented as a logical AND operation (all ACL entries of the rule must be met for the rule to be considered a match).

Acl syntax:

acl NAME TYPE DEFINITION1 DEFINITION2 DEFINITION3 ...

Examples:

acl localnet src 192.168.0.102
acl Safe_ports port 80
acl accesses_to_google dstdomain .google.com
acl accesses_to_search_engines dstdomain .yahoo.com .google.com .vivisimo.com
acl accesses_from_marketing_department src 10.52.0.0/16
acl need_to_authenticate proxy_auth

You can also use definition lists, which are stored in files on your hard drive. Let's say you have a list of search engine URLs that you want to allow:

cat /etc/squid/search-engines-urls.txt:
.google.com
.bing.com
.yandex.ru
.duckduckgo.com
.yahoo.com

Then the ACL for this file will look like this:

acl accessess_to_search_engines dstdomain "/etc/squid/search-engines-urls.txt"

The quotes are needed here to tell Squid to look for definitions in this file.

In addition to the already mentioned types src, port, dstdomain, proxy_auth, there are dozens of other types, for example:

  • localip
  • localport
  • proto
  • method
  • url_regex
  • arp
  • browser
  • http_status
  • req_header
  • rep_mime_type
  • time
  • referer_regex

For a complete list, see the squid documentation.

By themselves, acl elements do not change anything in the behavior of the proxy server, they are only lists for further use with Access List Rules. As the documentation quirky says, these tests themselves do nothing, for example, the word “Sunday” corresponds to the day of the week, but does not indicate what day of the week you are reading it.

Using ACL: http_access

If you only wrote down ACLs, then nothing is actually blocked – these are just definitions. ACLs can be used in various places in your squid.conf. The most useful function they can be paired with is the http_access instruction. It works in a similar way to how a firewall handles rules. For every request that Squid receives, it will look through all http_access statements in order until it finds a matching string. It then either accepts or rejects the request depending on your settings. The rest of the rules following the triggered one are ignored.

The general syntax for http_access is as follows:

http_access (allow|deny) acl1 acl2 acl3 ...

Examples:

http_access allow localnet
http_access allow localhost
http_access deny !Safe_ports
http_access deny all
http_access allow auth_users
http_access allow all

The next set will allow admin access (no matter what this ACL looks like; the src ACL probably points to the subnet on which the administrator workstations are located). For everyone else, it will deny access to porn urls. The third rule will allow everyone to access the websites at lunchtime (except for porn sites). And finally, in all other cases, there will be a ban on connecting to the Internet.

http_access allow accesses_from_admins
http_access deny accesses_to_porn_urls
http_access allow accesses_during_lunchtime
http_access deny all

That is, administrators have access to all sites (even porn) at any time, while other users have access to the network only during lunchtime.

Combining ACLs (AND/OR)

You often need to combine ACLs. Let's say you want to allow only back office access to google.com. To do this, you need to combine two ACLs using a logical AND. It would look like this:

http_access allow accesses_to_google.com accesses_from_back_office

If you want to use OR and say that either access from back office or access to google.com is allowed, the rule would look like this:

http_access allow accesses_to_google.com
http_access allow accesses_from_back_office

To summarize: for AND, you need to place conditions on one line. OR requires separate lines.

The following set of rules is wrong, it will never work:

acl ME src 10.0.0.1
acl YOU src 10.0.0.2
http_access allow ME YOU

To allow access through a proxy to IP addresses 10.0.0.1 and 10.0.0.2, the rule must be written as follows:

acl ME src 10.0.0.1
acl YOU src 10.0.0.2
http_access allow ME
http_access allow YOU

Other access list rules

Besides http_access, there are a couple of dozen other types, for example:

  • http_reply_access
  • icp_access
  • miss_access
  • cache
  • url_rewrite_access

Full list in the documentation: http://www.squid-cache.org/Doc/config/

Default http_access rule

If there are no lines with “http_access” in the entire configuration file, the request is rejected by default.

If none of the “http_access” lines match, the default is the opposite of the last line in the list. If the last line was deny, the default is allow. Conversely, if the last line is allow, deny will be applied by default. Tricky, right? For these reasons, it is recommended that you have a “deny all” entry at the end of your access lists to avoid possible confusion. That is, after all the rules, just add the line:

http_access deny all

So, back to our combination of rules “blocking sites + authorization on a proxy server”, why is the following set incorrect?

http_port 4080
via off

auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Squid Basic Authentication
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive on
auth_param basic realm Squid proxy for HackWare.ru
acl auth_users proxy_auth REQUIRED
http_access allow auth_users

acl bad_urls dstdomain "/etc/squid/blacklisted_sites.acl"
http_access deny bad_urls

The fact is that first the rule that requires authorization on the server is triggered, namely “http_access allow auth_users”. All subsequent http_access directives are simply skipped, so sites are not blocked.

http_access usage mistakes

Consider the following example:

http_port 4080
via off

# Site blocking here
acl bad_urls dstdomain "/etc/squid/blacklisted_sites.acl"
http_access deny bad_urls

auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Squid Basic Authentication
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive on
auth_param basic realm Squid proxy for HackWare.ru
acl auth_users proxy_auth REQUIRED
http_access allow auth_users

The site-blocking directive moved up is the first to fire. Moreover, this happens even before authorization on the proxy.

Another variant:

http_port 4080
via off

auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Squid Basic Authentication
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive on
auth_param basic realm Squid proxy for HackWare.ru
acl auth_users proxy_auth REQUIRED

acl bad_urls dstdomain "/etc/squid/blacklisted_sites.acl"

http_access allow auth_users !bad_urls

In this case, the rule is triggered if two conditions are met: authentication and the site is not included in the blocked list. An exclamation point means logical NOT. The last option is the best, it is logically more understandable and it performs any actions (blocking the site) only after the user has entered the proxy server login and password.

See also the Squid setup guide: How to create and configure a Squid proxy server

Error “Authentication helper program /usr/lib64/squid/basic_ncsa_auth: (2) No such file or directory” (SOLVED)

Squid is a popular web proxy server. It has rich functionality and, in addition to changing the IP address, it is often used as a caching proxy for websites, as a result of which the load on the web server is significantly reduced.

When used as a proxy server to change IP or bypass restrictions, system administrators usually configure authentication by login and password. For various types of authentication, so-called helper are used – these are auxiliary utilities responsible for one or another type of authentication. For details, see “Configuring a connection to the Squid proxy server by login and password”.

When configuring basic authentication, an error may occur:

Authentication helper program /usr/lib64/squid/basic_ncsa_auth: (2) No such file or directory

Service status on unsuccessful start due to this error:

Squid Web Proxy Server
     Loaded: loaded (/lib/systemd/system/squid.service; disabled; vendor preset: disabled)
     Active: failed (Result: exit-code) since Tue 2021-04-27 08:39:55 UTC; 2h 4min ago
       Docs: man:squid(8)
    Process: 1650317 ExecStartPre=/usr/sbin/squid --foreground -z (code=exited, status=1/FAILURE)
        CPU: 15ms

Apr 27 08:39:55 w-e-b squid[1650317]: 2021/04/27 08:39:55| ERROR: Authentication helper program /usr/lib64/squid/basic_ncsa_auth: (2) No such file or directory
Apr 27 08:39:55 w-e-b squid[1650317]: 2021/04/27 08:39:55| FATAL: Authentication helper program /usr/lib64/squid/basic_ncsa_auth: (2) No such file or directory
Apr 27 08:39:55 w-e-b squid[1650317]: FATAL: Authentication helper program /usr/lib64/squid/basic_ncsa_auth: (2) No such file or directory
Apr 27 08:39:55 w-e-b squid[1650317]: 2021/04/27 08:39:55| Squid Cache (Version 4.13): Terminated abnormally.
Apr 27 08:39:55 w-e-b squid[1650317]: CPU Usage: 0.015 seconds = 0.010 user + 0.005 sys
Apr 27 08:39:55 w-e-b squid[1650317]: Maximum Resident Size: 50560 KB
Apr 27 08:39:55 w-e-b squid[1650317]: Page faults with physical i/o: 42
Apr 27 08:39:55 w-e-b systemd[1]: squid.service: Control process exited, code=exited, status=1/FAILURE
Apr 27 08:39:55 w-e-b systemd[1]: squid.service: Failed with result 'exit-code'.
Apr 27 08:39:55 w-e-b systemd[1]: Failed to start Squid Web Proxy Server.

In this case, you need to check the path to the basic_ncsa_auth.

Instead of the path /usr/lib64/squid/basic_ncsa_auth you should use /usr/lib/squid/basic_ncsa_auth.

Error “Authentication helper program /usr/lib/squid/basic_ncsa_auth: (2) No such file or directory”

The error is similar to the previous one, but instead of the path /usr/lib/squid/basic_ncsa_auth try using /usr/lib64/squid/basic_ncsa_auth.

Please note that the path to the basic_ncsa_auth file may differ slightly on different Linux distributions:

  • /usr/lib64/squid/basic_ncsa_auth (Arch Linux, CentOS)
  • /usr/lib/squid/basic_ncsa_auth (Debian, Linux Mint, Ubuntu, Kali Linux)

On some systems the file is located in both directories (Arch Linux).

You can check where exactly the file is located on your system:

ls -l /usr/lib64/squid/basic_ncsa_auth
ls -l /usr/lib/squid/basic_ncsa_auth

See also the Squid setup guide: How to create and configure a Squid proxy server

How to install Squid proxy on Windows

Squid is a high performance caching proxy for web clients supporting FTP, gopher, ICAP, ICP, HTCP and HTTP data objects. Squid reduces network bandwidth, data transfer and improves response times by caching and reusing frequently requested web pages. Squid has extensive access control and is a great server accelerator. It runs on most of the available operating systems, including Windows, and is licensed under the GNU GPL.

Squid proxy official website: http://www.squid-cache.org

Squid can be compiled and run on Windows as a system service using the Cygwin emulation environment, or it can be compiled in Windows native mode using the MinGW + MSYS development environment. Windows NT 4 SP4 and later are supported.

Known Limitations

  • Squid features that don't work on Windows:
  • DISKD: still needs to be ported
  • Transparent proxy: missing non-commercial intercept driver for Windows
  • WCCP: These features have not been ported. Without transparent proxy support, this is not necessary.
  • SMP support: Windows equivalent of UDS sockets is not implemented
  • Certain sections of code can make blocking calls.
  • Some external helpers may not work.
  • The number of file descriptors is strictly limited to 2048 when building with MinGW.
  • Squid-3.x of all official releases has serious build problems.

Squid prebuilt binaries for Windows

This is the easiest way to get Squid on Windows: open source project https://github.com/diladele/squid-windows provides Windows MSI installer files for Squid Proxy Server. It makes it possible to install Squid in just a few clicks. The current build is based on the latest Squid 4.14 build for Cygwin under Windows 64 bit.

To download the installer, go to the website: https://squid.diladele.com/ and click the link “MSI installer for SQUID FOR WINDOWS”.

Run the downloaded file with a double click and follow the prompts of the installer.

Immediately after the installer completes, an icon will appear next to the clock to control the Squid service:

When you click on it, the following options will be available:

  • Open Squid Configuration
  • Open Squid Folder
  • Start Squid Service
  • Stop Squid Service
  • About
  • Exit

The path to the configuration file in Windows: C:\Squid\etc\squid\squid.conf. Keep this in mind, as all subsequent sections will show the setup using a Linux example.

For the changes made in the configuration file to take effect, you need to restart the Squid service, to do this, stop and start it again.

The Squid service will automatically start when the computer is turned on, and for the icon to appear in the tray for managing Squid, you need to run the file C:\Squid\bin\Diladele.Squid.Tray.exe.

In the config file you can see paths like this: “/cygdrive/d/squid/cache”. To understand them, see How to access disks in Cygwin. In this case /cygdrive/d/squid/cache is D:\squid\cache.

There will also be paths like this: /var/cache/squid – these are all directories inside the C:\Squid folder. That is, for example, /var/cache/squid is actually C:\Squid\var\cache\squid\.

To check if the Squid service is actually listening on a port to connect, you can do the following:

1. Press Win+x and select “Windows PowerShell (admin)” in the menu that opens.

2. Run the commands in sequence:

cmd
for /f "tokens=1,2,3,4,5*" %i in ('netstat -aon ^| findstr ":3128" ^| findstr /i listening') do echo %j %l & @tasklist | findstr %m

You will verify that Squid is indeed listening on port 3128.

Remember that if you are using a firewall, then you need to open the port that the proxy service is listening on, if you have not changed it, then by default it is 3128.

The following steps are shown using Linux as an example, since Squid is much more common on Linux, not Windows. However, you Windows users can use the following information to configure Squid on Windows. But you need to keep in mind the following nuances:

1. When the command to open a file is given, you must open your configuration file, the path to which is given just above.

2. When it is said that you need to restart the service and the command is given for this, you need to open the assistant in the tray and stop, and then start the service there.

If you are an advanced user, you can manage the service from the command line (open with administrator rights):

net stop squidsrv
net start squidsrv

See also: How to manage services on Windows

To control the autostart of a service, see the article “How to disable autostart of programs and services in Windows”.

3. Most likely (I did not check) you will not be able to configure authorization by login and password on the proxy server, since many (or all) helpers do not work in Windows.

4. In the configuration file, the paths to the files in Linux and Windows may be the same, since Cygwin emulates the Linux working environment, but double-check.

See also the Squid setup guide: How to create and configure a Squid proxy server

How to choose an apartment in Thailand to buy: condo up to 900 thousand baht (less than $29000)

In the first part “How to choose an apartment in Thailand to buy: the cheapest condos” we looked at condominiums costing from 600 to 700 thousand baht (approximately 24 thousand dollars).

In the same article, I mentioned that there will be a sequel. I was planning to do a review of apartments for sale in the range of 800,000 – 1,000,000 baht, but there are a lot of proposals in this range, so I split it in two. In this post, we will look at apartments between 800,000 and 900,000 baht.

Unlike the previous article, I will not mention apartments that do not belong to the foreign quota. Those for which the type of ownership is not specified will also not be mentioned.

If you are looking for an inexpensive studio in a condominium, then you should focus on the price of 900-950 thousand baht, since everything that is cheaper, or has a flaw, or is a bargain that quickly disappears from the market and needs to be watched.

Let me remind you that I am looking through the ads for the sale of apartments on this site: https://www.thailand-property.com/condos-for-sale/chonburi/pattaya?sort=min_price

Links to other sites with advertisements for the sale of apartments in Thailand can be found in the article “Where else to look for apartments for purchase and rent in Thailand”.

1.

https://www.thailand-property.com/condo-for-sale-in-south-pattaya-chonburi_6258244

Condo for sale in South Pattaya, Chonburi

Studio at Thepprasit Rd / South Pattaya (Ke-Ha Thepprasit). Size –32 Sq.m. 6th. floor.

Thai Name (FQ available).

Price: ฿ 850,000

In a Thai name, but a foreign quota is available (be sure to double-check!!!).

The room is not hooked, the location is not entirely clear – Thepprasit road is large and, in any case, not in a very convenient location.

There are many offers – we continue to search.

2.

https://www.thailand-property.com/condo-for-sale-in-baan-suan-lalana-jomtien-chonburi_5630188

Studio (44 sq.m.) @ Baan Suan Lalana (situated in Jomtien area). Listed for sale for Hot price - 875,000 THB. (discounted from an old price 1,100,000 THB). This shady side unit comes Fully furnished, equipped with Kitchen, Cooking hob, Microwave, Fridge, TV, Air-con, Washing machine, Internet, Cable TV, and registered in Foreigner name. This unit is situated on 1 floor and has nice Garden view.

Price: ฿ 875,000

Huge area – 44 square meters, apparently due to the huge balcony. The room looks moderately worn. It is necessary to carefully study the nuances associated with the first floor – thieves, insects, the noise of cars, onlookers looking in the windows and so on.

Location – Jomtien.

It is difficult to answer unequivocally – in general, there are big doubts about this room.

3.

https://www.thailand-property.com/1-bedroom-condo-for-sale-in-jomtien-beach-condominium-jomtien-chonburi_6358938

Foreign Ownership | Jomtien Beach Condo A3 | 1 Bedroom, 10th Floor- Studio | 30 sqm | City View |

The large complex Jomtien Beach Condo consists of 5 buildings, is within walking distance from the sea, night market, and public transport (tuk-tuks)

- The distance is 400m to the sea.

- It is a very popular complex; the proximity of the sea and infrastructure.

Near the complex:

  • Minimarkets
  • Cafes
  • Restaurants
  • Bars
  • Massage parlors
  • Souvenir shops

The complex has:

  • Large swimming pool
  • Gym
  • Laundry
  • Cafes
  • Russian restaurants

Price: ฿ 879,000

Photos from 2014, instinct tells that the room is in a terrible state.

4.

https://www.thailand-property.com/condo-for-sale-in-pattaya-chonburi_7017060

Condo features: Foreign ownership 28.39 SM studio condo with balcony, Small size gym, Swimming pool, 5 minutes walk to the beach, beach road and Taxi route, Situated in a quiet soi with limited number of condos Low number of condo units in the building , Newer building, Full view of the Pool, 24 hour security, Elevator, second floor, Cooler condo, no sun exposure, Communal washer, and water purification system, Parking, Furnished, In a very clean, and move in condition, fresh neutral color of paint (white) all over over the interior of the condo, Equipped with kitchenette with sink and area to prepare the food, lots of cabinets, with some dishes, good size shower room with hot water New bed and bedding (mattress, blanket , sheets, and pillows), New curtains with special anti sun fabric down on the back Included appliances and furniture: Updated and newly serviced CA, refrigerator, smart TV, microwave, Electric kettle, Electric hot water, Newly painted wardrobe, new bed, sofa with the opt ion of using it as bed, Table with two chairs, Big size foot rest, sliding screen door on the balcony sliding door.NOTE: Owner is keen to sell, all reasonable offers consideredBeach & amp; Mountain Condo 7Price for Sale: 890,000 Baht- Studio type- 1 bathroom- 2nd floor- Pool view- 28.39 Square meters- Foreign name- Fully furnished- Transfer fee 50/50

Price: ฿ 890,000

New building, but the size of the room is small 28.39 square meters with a balcony. Either the photos are unsuccessful, or the room is very small. In general, not hooked.

5.

https://www.thailand-property.com/condo-for-sale-in-new-nordic-atrium-condo-nong-prue-chonburi_6544997

Studio (25.8 sq.m.) @ New Nordic Atrium (situated in Pratumnak area). Listed for sale for price - 890,000 THB. This unit comes Fully furnished, equipped with Kitchen, Cooking hob, Microwave, Fridge, TV, Air-con, Internet, Cable TV, and registered in Foreigner name. This unit is situated on 7 floor and has nice Garden view, City view.

Price: 890,000

New condo, everything in the room looks new and shiny.

Location – on the way from South Pattaya to Jomtien.

Overall, I liked the room, I would buy it.

6.

https://www.thailand-property.com/condo-for-sale-in-thepthip-mansion-pratumnak-hill-chonburi_6544995

Studio (30 sq.m.) @ Thepthip Mansion (situated in Pratumnak area). Listed for sale for price - 890,000 THB. This unit comes Fully furnished, equipped with Kitchen, Cooking hob, Microwave, Fridge, TV, Air-con, Internet, Cable TV, and registered in Foreigner name. This unit is situated on 7 floor and has nice City view.

Price: ฿ 890,000

I liked the room itself. Not very convenient location – Jomtien, not near the sea. Nevertheless, as a result of all the rooms in this note, I would choose this one.

7.

https://www.thailand-property.com/condo-for-sale-in-view-talay-residence-1-jomtien-chonburi_6283599

View Talay 1 A condominium unit price under one million baht we have 2 units available for sale foreigner ownership 3rd floor 32 sq.meter 890,000 baht each unit same type and same decoration (all refurbish)

Property Ownership: Foreigner

Price: ฿ 890,000

Renovated room. The location is not very good. Not bad overall, but other good options can be found for the money.

8.

https://www.thailand-property.com/condo-for-sale-in-beach-7-condominium-pattaya-jomtien-chonburi_5062628

Great starter studio for living or rental investment

Situated only 300 meters from the beach on Soi 12, this Condominium is in a popular and convenient location with taxi service and plenty of shopping and restaurants within walking distance. The building is a brand new development offering excellent facilities including a swimming pool, gym, 24hr security and CCTV. This condo is a 28.39sqm studio and is located on the 2nd floor overlooking the pool. Stylish bathroom with shower and Thai style kitchen with table and chairs. It also includes a new bed and is newly painted. Clean and ready to move in. Just bring your suitcase.

Title deed is held in Foreign name with Tax / transfer fees paid by the buyer

Features:

  • Swimming Pool,
  • Security,
  • Air Conditioning,
  • CCTV,
  • Fitness,
  • Parking

Price: ฿ 890,000

Nice room.

Compared to the other rooms discussed above, which, although located in Jomtien, are located quite close to South Pattaya, this room is further from Pattaya, but by the sea!

I liked this apartment. Depending on what turns out to be stronger of the three feelings: the desire to be closer to the sea, the desire to be closer to central Pattaya, the desire to have a room with high-quality repairs and good furniture, this room may well become a candidate for purchase.

9.

https://www.thailand-property.com/condo-for-sale-in-jomtien-beach-condominium-jomtien-chonburi_1604591

Jomtien Beach Condominium is located on Jomtien 2nd Rd., Only 100 meters to the beach. It is a well-maintained condominium complex, offering facilities such as a swimming pool, parking area, and fitness center. This studio unit is situated on the 15th floor of building A2 with 30 square meters of living space, comes fully furnished with modern kitchen and living room. This unit is for rent and sale in Foreign name.

Price: ฿ 895,000

Nice room, 100 meters from the sea. But as far as the previous one from central Pattaya.

10.

https://www.thailand-property.com/condo-for-sale-in-pattaya-chonburi_7017038

ART ON THE HILL - 899,000 BAHT!

This beautiful studio for a quick sale.- foreign name- 8 floor, 23 sq.m.- transfer 50/50- sunset viewFew minutes to the beach.Facilities at Art on the Hill include elevator, parking, 24-hours security, cctv , swimming pool, gym, wi-fi. Common fee is ฿ 39 per sqm per month.Numerous shops are situated within reach: Food Mart Supermarket is 1.4 km away (approximately 4 minutes by car) Tops Daily - 1.7 km (5 minutes by car) The Plaza Chom Thian Shopping Mall - 1.9 km (6 minutes by car) Bali Hai Plaza - 1.9 km (17 minutes by car) Also a Family Mart convenience store, located just 2 minutes walk away, will satisfy residents's needs for everyday items shopping.Pattaya Memorial Hospital is the nearest hospital, which is located 3.8 km from the condominium. It will take about 14 minutes by car to go there.

Price: ฿ 899,000

A small room on the border of South Pattaya and Jomtien. A sofa on its side evokes a thought brings up the idea that the room is quite cramped. There is something wrong with the photographs – either photographs of two rooms are mixed, or it is one room in different years.

There is no place to put a full-fledged desk for the workplace.

Conclusion

Up to 900 thousand baht, and up to 1 million baht, it is impossible to find a good room near the city center. For this money, you can buy good rooms in Jomtien and worse rooms on Pratumnak Hill (the edge of southern Pattaya towards Jomtien).

How to wash your sneakers properly

Can my sneakers be machine washed?

About the fact that sneakers can be washed, I myself learned relatively recently. I like light-colored shoes or shoes with light-colored inserts, so they need to be looked after regularly.

I usually just wash my sneakers with a soapy sponge. But once communicating with a rather young acquaintance, I heard from her something about washing sneakers.

I asked:

- Can sneakers be washed in a washing machine?

She answered:

- Can… if mom doesn't see)))

In general, I washed my rather worn Zara trainers this way a couple of times and they looked good. But the third time after washing, holes appeared on them and the sneakers had to be thrown out.

That is, in principle, it is possible to wash sneakers, but, firstly, not everything, and, secondly, it must be done correctly.

Which sneakers can be washed in a washing machine

I got into a conversation about washing sneakers with a shoe saleswoman and she explained everything to me.

So, leather sneakers (like the one in the title photo above) cannot be washed. That is, you can wash them when you no longer feel sorry for them. In general, wash new leather sneakers the old fashioned way with a sponge and soap.

You can wash rag sneakers. An example of sneakers that can be washed in the photo below. After washing, they look like new:

How to properly wash sneakers in a washing machine

The most important thing is to choose the most gentle mode, namely:

  • minimum time
  • non-hot water
  • minimum spin speed or no spin at all

An example of my settings:

  • the program “Fast 30 minutes” is selected
  • I turned off the spin, so the washing time was reduced to 21 minutes
  • water temperature 20 ℃

Turning off the spin is a controversial decision, since the sneakers will have to be dried for at least a day and a lot of water will flow out of them. But I feel sorry for my sneakers, so I go to such inconvenience. Alternatively, you can choose to dry at 400 rpm.

Select the temperature in the range of 20-30 ℃. I don't have 30 ℃ in my washing machine settings, so I chose 20 ℃.

Insoles and so on usually do not need to be pulled out – in my opinion, in all modern sneakers they are simply glued.

I add one capsule of detergent.

As a result, the sneakers are clean and pleasantly scented.

The question of whether it is possible to wash sneakers along with clothes remains open))) But I would not recommend))

How to cook rice in a rice cooker

When we choose a side dish, we have a choice of pasta, potatoes, buckwheat, bread, fried vegetables, peas. In Asia, the most popular side dish is rice. Rice is prepared in every family, you can buy it in every grocery store, and it can be found on the menu of any restaurants with Asian cuisine.

Therefore, rice is cooked often and a lot. To simplify and automate this process, they came up with rice cookers. In English, they are called Rice Cooker or Automatic Jar Rice Cooker. There are more models of these rice cookers in Asian stores than we have a range of TVs. Every family has a rice cooker.

I have it too, so now I will teach you how to use it.

Why cook rice at home?

If you live in Thailand, you can buy rice at every step, including at 7-Eleven, where it will be reheated for free. Although everywhere ready-made rice is sold several times more expensive than its cost, it is still not such a big expense. It is worth cooking rice at home if you live with a family, or you do not want to eat frozen rice and generally cook at home.

Why do you need a rice cooker?

When the first wife told me:

- Let's go to the store to buy a rice cooker

I asked her:

- What for? You can cook in a saucepan.

She told me that she didn’t know how to cook rice in a saucepan…

By the way, I also do not know how to cook rice in a saucepan. Rice Cooker is really handy for cooking rice. The rice cooker has a warming mode and it can keep the rice warm all day without making it much worse.

How is a rice cooker different from a multicooker

There are many different programs in a multicooker. There you need to put the necessary ingredients, select a program, and it will perform all other actions with the correct timings by the device itself.

There are only two modes in the rice cooker:

  • cook rice
  • warm rice

Moreover, in the simplest models, even the time cannot be set.

In principle, other cereals can be cooked in a rice cooker. For example, I cook buckwheat in it (ratio: 1 part buckwheat, 2 parts water, cooking for 15-20 minutes). In fact, a rice cooker is such an electric saucepan, in which it is convenient to cook according to the principle of “bring to a boil and cook with a tightly closed lid”.

It is also convenient to keep food warm or warm up food.

Exactly how to make rice in a rice cooker

The rice cooker comes with measuring cups and a plastic spoon.

The inside is covered with a non-stick coating that can be scratched with an iron spoon, so always use a plastic or wooden spatula.

Rinse the rice before cooking. It is not necessary to rinse parboiled (converted) rice – it will not stick together in any case.

When laying the rice, try to distribute it evenly. Stir everything together and spread evenly before closing the lid to help the rice cook more evenly.

You can add salt before or after cooking.

The cooking time depends on the type of rice and its quantity. With a small amount of rice, cooking (Cook mode) takes about 15 minutes, then leave the rice for 10 minutes in the Warm mode.

Most simple rice cookers have only two modes:

  • Cook
  • Warm

The rice cooker shuts off automatically when the water evaporates and the temperature of the rice starts to rise.

What is the ratio of water to rice in a rice cooker?

The total ratio of water to rice in the rice cooker is 1:1. This means 1 glass of water for 1 glass of rice. This ratio is best for long grain white rice; it also seems to work well with other long grain white rice varieties such as basmati and jasmine.

The recommended ratio for brown rice is 2 1/4 cups of water to 1 cup of brown rice.

While almost all rice cookers come with measuring cups, some are labeled on the pan so you always know how much rice and water to add, no matter how many cups you use or what type of rice you are using. Keep in mind that the cups in the rice cooker are usually smaller than a standard measuring cup. They usually hold 3/4 cup, which doesn't matter when it comes to ratios, but this should be considered if you're making a recipe.

How to cook crumbly rice in a rice cooker?

The best way to cook crumbly rice in a rice cooker is to leave the cooked rice in a saucepan with the lid closed for 10 minutes after cooking. This extra time will allow rice to gently soak up excess water without overcooking. This will also allow the rice to cool slightly and harden slightly. After 10 minutes, use the supplied rice spatula to beat the rice. Since most rice cookers have a non-stick coating, it is recommended that you use a plastic rice paddle instead of any metal cookware that could scratch the bottom or sides.

Why is the rice sticky?

Cooked rice can feel sticky for several reasons: too much water may have been used and it may not have been rinsed before cooking.

It is important to rinse not parboiled rice before cooking to rinse off excess starch. Otherwise, the cooked starch will have a sticky consistency instead of crumbly, which is usually required. For best results, rinse the rice until the water runs clear. Some people like to do this right in the pot before cooking.

How to flavor rice before and after cooking?

In the recipe, the water can be replaced with the same amount of broth to add flavor to the rice. Herbs and spices can be added to the pot before cooking, as well as other flavors such as fried onions or garlic. Salt can be added before or after cooking. To avoid salting, it is better to salt it after cooking.

What else can you cook in a rice cooker?

Rice cookers can be used for all types of rice, including white, brown, long grain, short grain, jasmine, basmati and wild rice. They can also be used to cook various cereals, buckwheat, oatmeal. Just remember to adjust the water ratio accordingly, especially if your rice cooker doesn't have multiple programs. Rice cookers can also be used to prepare mixed meals by simply placing chopped vegetables or protein sources on top of the rice before cooking. Some rice cookers come with grates or baskets that allow you to steam.

How to find out when Linux was installed

This article will look at several ways to find out the date of installation of the Linux operating system. But let's start by thinking about what is considered the date of installation of the OS?

What is considered the date of installation of Linux

It would seem that the question and the answer to it are quite simple – the installation date is the day when the operating system files were copied from the installation disk or flash drive.

But if a major OS update was made, that is, a transition between major versions, can this be considered the date of installation of the current OS? This update can be done either by updating packages or using the installation media (for example, Tails is updated only this way).

If we take the age of the oldest file in the OS for the installation date, then you may encounter the following situation: the user's home folder, created and used much earlier with other (previous versions) of the OS, is mounted on the freshly installed system, - whether to consider the installation date according to the oldest part of the OS (home user folder) or by the date the files of the new OS were copied?

It can be assumed that the key element is the root file system and you need to look at the date of its creation. In general, usually many agree that it is the creation date of the root file system that should be considered the date of the OS installation, but the following situations are possible:

  • the file system was changed or converted after the OS was installed
  • the cloned file system may have been migrated to another disk

In general, there are nuances that you need to remember, but they do not apply to most users.

1. Date of creation of the file system

To find out the creation date of the file system, run the command:

tune2fs -l `df / | grep '/' | awk '{ print $1 }'` | grep 'Filesystem created:'

Output example:

Filesystem created:       Wed Aug  1 19:40:20 2018

That is, the operating system was installed on August 1, 2018.

Another command that will show the creation date of the file system in Linux:

dumpe2fs $(mount | grep 'on \/ ' | awk '{print $1}') | grep 'Filesystem created:'

It is also recommended to read the article “How to know when the ext4/ext3/ext2 filesystem was created and when it was last mounted”, in it you will learn how to find out how many times the file system was mounted, how much data was written to it , the date of the last entry and other interesting information.

2. Age of the oldest files in the OS

The most file system and distribution neutral solution is to use the oldest file found with the “ls -lact /etc” command, which checks the metadata of each file at the time of creation. This method is not affected by the touch command or files created by extracting archives (eg tar -p to preserve timestamps).

I think it is better to look at files rather than directories, since directories change their creation time metadata when their contents change (maybe someone can shed some light on why this is so?)

ls -lact --full-time /etc | tail

The results of this method are consistent with previous data – August 1, 2018.

If you only want to get the creation time of the oldest file in /etc:

ls -lact --full-time /etc | awk 'END {print $6,$7,$8}'
Loading...
X