Posts tagged: linux

Cheap, portable Linux laptop – Acer C720 Chromebook

By , 2018-09-03 15:08

Note: this post is more intended for personal reference; as such the quality of writing is not up to my standard, but I’ve decided to publish it as-is anyway since I don’t have time to review and figure it could be useful to someone.

I was looking for a good portable Linux laptop to that I could carry around without being too worried about battery life or the device getting scratched up in my bag. I tried a few different devices, including the HP Folio 13, ThinkPad X131e, GPD Pocket, Dell Latitude E7240. Finally I settled on the Acer C720 Chromebook. The main points in favour of this device are, for me:

  • Compact, thin and light (11.6″)
  • Relatively low cost (4GB RAM model can be had for under $150 CAD)
  • Proper modern low-voltage Intel Core processor (Celeron 2957U – Haswell) and not an Atom core or high-end i7
  • Dual-band Wi-Fi and Bluetooth

and the main downsides:

  • Basic TN LCD panel
  • 16GB storage
  • Runs Chrome OS
  • Chrome OS keyboard layout

The good news is the downsides are fairly easily remedied.

TN LCD Panel

The Acer C720 uses a standard 11.6″ LED backlit eDP panel. I was able to find an IPS panel to replace it on laptopscreen.com (model N116BCA-EA1). The panel replacement is fairly straightforward; care needs to be taken not to break the LCD bezel or any of the clips.

16GB SSD

The SSD on the C720 is a standard M.2 2242 SATA SSD. The M.2 slot is easily accessible after removing the Chromebook’s bottom cover.

Runs Chrome OS

The Chrome OS/Linux dual-boot process is done by using the chrx script (https://github.com/reynhout/chrx). Remember to remove the write-protect screw while the bottom cover is off.

Chrome OS keyboard layout

This was arguably the hardest part. I chose to run Xubuntu, so the steps I went through apply to that environment. Chrx by default provides good defaults, mapping the back, forward, refresh, brightness and volume keys. The big issue for me was the placement of the power button (above the backspace key)

  1. Prevent systemd-logind from handling the power button
    edit /etc/systemd/logind.conf and add the following line:
    HandlePowerKey=ignore
  2. Prevent xfce power manager from handling the power button
    xfconf-query -c xfce4-power-manager -p /xfce4-power-manager/logind-handle-power-key -s true
  3. Allow xfce power manager to handle lid switch
    xfconf-query -c xfce4-power-manager -p /xfce4-power-manager/logind-handle-lid-switch -s false
  4. Remap power key to Delete
    xmodmap -e “keycode 124 = Delete”
    To find the keycode, stop lightdm, startx to start a basic X session, then use xev to get the keycode for the power key.

 

Other tweaks

Consistent custom wallpaper/background for boot splash, login, and lock screen

  • gnome-screensaver uses the Gnome DE’s wallaper setting. Configure this via CLI:
    gsettings set org.gnome.desktop.background picture-uri file:///usr/local/share/wallpaper/animevillage.jpg
  • lightdm-gtk-greeter can be configured using GUI tool lightdm-gtk-greeter-settings or by editing /etc/lightdm/lightdm-gtk-greeter.conf
  • plymouth/boot splash:
    • go to /usr/share/plymouth/themes and create a copy of the xubuntu-logo directory. I called mine xubuntu-logo-mod
      sudo cp -R xubuntu-logo xubuntu-logo-mod
    • within the new xubuntu-logo-mod directory, rename and edit config files accordingly
      325 cd xubuntu-logo-mod/
      326 ls
      327 sudo mv xubuntu-logo.plymouth xubuntu-logo-mod.plymouth
      328 sudo mv xubuntu-logo.script xubuntu-logo-mod.script
      329 sudo nano xubuntu-logo-mod.script
    • replace wallpaper.png in xubuntu-logo-mod directory with desired image. I used ImageMagick’s convert tool to convert my jpg format image to png.
    • add new theme we have created as an “alternative” with higher priority
      • Find out priority and config for current theme
        sudo update-alternatives –query default.plymouth
        Name: default.plymouth
        Link: /usr/share/plymouth/themes/default.plymouth
        Status: auto
        Best: /usr/share/plymouth/themes/xubuntu-logo-mod/xubuntu-logo-mod.plymouth
        Value: /usr/share/plymouth/themes/xubuntu-logo-mod/xubuntu-logo-mod.plymouth

        Alternative: /usr/share/plymouth/themes/xubuntu-logo-mod/xubuntu-logo-mod.plymouth
        Priority: 200

        Alternative: /usr/share/plymouth/themes/xubuntu-logo/xubuntu-logo.plymouth
        Priority: 150

      • Create new alternative with higher priority
        sudo update-alternatives –install /usr/share/plymouth/themes/default.plymouth default.plymouth /usr/share/plymouth/themes/xubuntu-logo-mod/xubuntu-logo-mod.plymouth 200

 

 

 

How to get postfix to deliver root’s mail locally when using a smarthost

By , 2015-12-09 10:40

When setting up Postfix on Ubuntu/Debian as “Internet Site with smarthost” to use an external smtp relay, automatic e-mails intended for “root” (such as cron job error reports) get sent out to the smarthost with a To: address of [email protected] This can cause a problem as the smarthost doesn’t know where to deliver these messages to, since myhost.mydomain.com has no MX record.

The fix for this is (go figure) in the Postfix README:

Delivering some but not all accounts locally

A drawback of sending mail as “[email protected]” (instead of “[email protected]”) is that mail for “root” and other system accounts is also sent to the central mailhost. In order to deliver such accounts locally, you can set up virtual aliases as follows:

1 /etc/postfix/main.cf:
2     virtual_alias_maps = hash:/etc/postfix/virtual
3 
4 /etc/postfix/virtual:
5     root     [email protected]
6     . . .

Translation:

Execute the command “postmap /etc/postfix/virtual” after editing the file.

Oddly, just adding the line

root: [email protected]

to /etc/aliases doesn’t work. You really need to do the steps outlined in the manual.

Atheros AR5005/5212, WPA encryption

By , 2012-11-07 22:08

I have a few old reliable AR5005G (5212, PCI 168c:0013) cards, both MiniPCI and Cardbus from the heyday of Wireless-G back in the early ’00s. Back then, Atheros 500x series cards were THE cards to have if you wanted to have some fun with aircrack, or if you just wanted your WiFi to actually WORK, especially under Linux. The madwifi (aka ath_pci) drivers were probably the most stable wireless drivers at the time. Even on Windows, you could use 3rd party drivers to put the cards in monitor mode and capture packets.

Times have changed and madwifi has been superseded by ath5k (and indirectly ath9k).

For some reason I decided to install Ubuntu 12.04 on an old Fujitsu Lifebook (Pentium III 600MHz, upgraded 512MB RAM, ATI Mobility Radeon M4) without built-in wireless, using a Netgear WPN511 Cardbus adapter. I expected everything to work as it did in the old days, but for some reason the WiFi wouldn’t stay connected.

It seems the hardware encryption capabilites on the card don’t quite support WPA2/CCMP-AES, even though the ath5k driver says it does. So the solution is to disable hardware encryption support:

echo "options ath5k nohwcrypt=1" | sudo tee /etc/modprobe.d/ath5k.conf

Then reboot, or reload the ath5k module (modprobe -rv ath5k, modprobe -v ath5k).

Now I can enjoy my surprisingly not-extremely-slow 10-year old laptop wirelessly.

Source: http://ubuntuforums.org/showthread.php?p=12086356#post12086356

http://madwifi-project.org/

Useful apt commands

By , 2012-10-29 14:46

apt-cache search [searchterm]

search local apt-cache for a package  containing [searchterm]

apt-file list [packagename]

lists all files associated with [packagename], even if the package is not installed

apt-file search [/path/to/file]

search for the package that “owns” [/path/to/file]

apt-cache madison [packagename]

displays all available versions of [packagename]

apt-get install [packagename]=[version]

force apt to install a specific version of a package

Farewell, Desktop Metaphor

By , 2012-03-04 16:20

We’re living the end of an era. I’m sad to say that as tech journalists have been proclaiming for a little while now, it seems “the desktop is dead” or at least on its last legs. (I would have liked to provide some data to support that but unfortunately big G has killed off their search timeline feature as of a few months ago.)

The original Macintosh Desktop

Now, when I say desktop, I don’t mean the desktop PC. I mean the traditional personal computer desktop metaphor introduced on the original Macintosh in 1984 (- yes, I know Xerox was first). Since then, most personal computers have used some variation of a desktop as their primary UI. Windows, icons, folders, documents, trash/recycle bins have become familiar and nearly universal. The desktop metaphor also includes some important elements that were not really part of a traditional physical desktop, such as menu, status and task bars.

Why do I concur that the desktop is dying? Well, there are a few reasons.

Mobile device sales

Smartphones and tablet sales surpassed PC sales this past year. In Q4 of 2011, vendors shipped just over 100 million smartphones, while PC sales were numbered at 92.1 million. It’s not a huge relative difference, but the trend shows no sign of stopping for now since many consumers are still using feature phones but already own a PC. Tablets are also poised to take a bite out of PC sales, especially with ever-faster processors and slimmer packages. New releases of tablet OS in 2011 should also contribute, with Apple iOS 5 no longer requiring activation using iTunes on a traditional PC and Android 4 (“Ice Cream Sandwich”) replacing the rather underwhelming Android 3 “Honeycomb”.

Web apps

Web Apps running in Firefox

There’s no denying that the Web has come a long way from its beginnings on Tim Berners-Lee‘s NeXT cube at CERN. Web sites have evolved from being essentially online news or encyclopedia articles to being hubs for dynamic multimedia content and information sharing. Take a look at your taskbar/dock/other app switcher (if you’re viewing this from a desktop!). There’s a very good chance a Web browser is running. Even if there isn’t one running, chances are you have already used the Web more than once today. More and more of our daily computing activities are performed using a Web-based tool. Sharing. Word processing. Blogging. Watching videos. Listening to music. Instant messaging. Photo editing. E-mail. CLI shell access. Hell, why not any GTK application. True, there are some things that can only be done using a desktop application. Like OS virtualization. Oh, wait – never mind.  There are probably quite a few computer users who never open a desktop app at all. Even as a network admin, most of my work is done using Web-based administration tools.

Single-purpose, full-screen apps

The new Metro UI in Windows 8

With the new breed of smartphones and tablets that started with the iPhone, single-purpose, full-screen apps have become mainstream. Game consoles and PCs had full-screen apps before, but now, more than ever, “there’s an app for that”. With limited screen real estate, these apps are supposed to be fast, intuitive and immersive. Desktop PCs have hopped on the bandwagon too. During the netbook era, “mainstream” Linux distro Ubuntu launchedUbuntu Netbook Remix“, a special version of their OS optimized for small (typically 1024×640) netbook screens featuring large buttons, automatically maximized apps and minimal user distractions. Ubuntu’s new interface, Unity, is based on UNR. Following the immense popularity of their iOS mobile devices, and the successful launch of the iPad, Apple released Mac OS X Lion with support for full-screen apps and many other features and UI elements pulled from iOS. Over in Redmond, Microsoft is bringing their “Metro” interface from Windows Phone 7 and XBOX 360 to the Windows desktop.

The future

It could be argued that some of these new interfaces are an evolution of the desktop metaphor. I would agree, however, the traditional desktop seems to have its days numbered. The future seems to be a future of full-screen apps, custom web/HTML-driven interfaces and maybe widgets. Windows 8 still has what they call a traditional desktop, however the Start button has been unceremoniously killed off. The next version of Apple’s OS is not Mac OS X Mountain Lion, but simply OS X Mountain Lion, a clear sign that the Macintosh and its once-revolutionary desktop is now a part of the past.

For my part, I feel saddened and almost homeless with the prospect that my beloved desktop belongs to the confines of history. True, I could just continue using Gnome 2, or Mac OS X 10.6, or Windows 7, but that means missing out on the latest and greatest. I don’t like where this is going. Change is not always good. I must be getting old.

On a more optimistic note, I know that there are teams of brilliant designers, engineers and programmers also living through this change. And I know I’m not the only person to feel less than satisfied with current desktop environments. Nothing to do but wait to see what the future brings! (Or become a programming pro and write a new Linux DE from scratch/help out with MATE or Cinnamon.)

How to remove restrictions/password from a PDF

By , 2011-12-24 19:04

Adobe Acrobat PDF documents have a nice feature which allows content authors to restrict certain features or “encrypt” the document using a password. These can all be easily bypassed using the open-source Ghostscript:

gs -q -dNOPAUSE -dBATCH -sDEVICE=pdfwrite -sOutputFile=unencrypted.pdf -c .setpdfwrite -f encrypted.pdf

Source : http://www.cyberciti.biz/faq/removing-password-from-pdf-on-linux/

Why I use Debian and Ubuntu (Apt)

By , 2011-12-21 10:35

OK, rant time.

Way back in the day (I mean 2001 or so), I used to use rpm-based distros. Red Hat, Mandriva – or rather Mandrake- and they worked fine. As long as you didn’t have to install any packages. To be fair, this was in the early days of package managers and the like, and I was a novice Linux user at the time. Mandrake had put in a good effort with urpmi, but I still had to visit sites like http://rpm.pbone.net/ and http://rpmfind.net/ very often to find this or that package.

Then, in 2004/2005, I discovered Ubuntu. (The OS, not the philosophy. Ha ha.) It was a world of difference. Need a program? apt-get install program would automagically fetch and install it for you. Don’t know the name of the package, or exactly what you’re looking for? apt-cache search can help. If that package you want installed has dependencies, and those have dependencies? No problem, everything gets pulled in and the proposed changes are listed for you. The other advantage was that seemingly any program I could possibly want was available in a Debian/Ubuntu repo.

Fast forward to today. I’ve pretty much been using Debian based distros since then, although I have tried Arch and Slax, and possibly many others that I can’t remember right now. All my servers run either Debian or Ubuntu Server, and my Linux PCs are Ubuntu or Arch. Package management has become so easy that I rarely ever have to worry about it, unless I’m trying to make some major changes outside of repo packages.

Recently, however, I’ve started using some RPM distros again, to see how things have been on that side of the fence. It’s been mostly CentOS and a few CentOS/PBX distros (Elastix, Trixbox, pbxinaflash…). I have to say though, I can’t believe the state of the package management system. CentOS has got yum, which seems to be good in principle, but somehow I’ve seen it massively fail in ways that Apt never has for me. The first issue is not really to do with the package manager, but more the repositories.

For example, we had a service on a server at work that absolutely required “Arial”. In Ubuntu or Debian, all you have to do is enable the non-free repo, or an Arch, use one of the excellent AUR frontends such as yaourt. Then install msttcorefonts (Debian) or ttf-ms-fonts (Arch). The package manager will fetch the MS fonts package and its dependency, cabextract. It then downloads each of the fonts’ self-extracting EXEs from sourceforge, cabextracts them, then installs them to the appropriate fonts directory. Now, on the CentOS 5 server, no such luck.

$ yum install msttcorefonts
Loaded plugins: downloadonly, fastestmirror
Loading mirror speeds from cached hostfile
 * base: centos.mirror.nexicom.net
 * extras: centos.mirror.nexicom.net
 * updates: centos.mirror.nexicom.net
Excluding Packages from CentOS-5 - Addons
Finished
Excluding Packages from CentOS-5 - Base
Finished
Excluding Packages from CentOS-5 - Extras
Finished
Excluding Packages from CentOS-5 - Updates
Finished
Setting up Install Process
No package msttcorefonts available.
Nothing to do
$

Awesome. Time to break out the manual package manager, AKA Google. Which brings me to the corefonts sourceforge project homepage, fortunately with clear instructions on how to install on an rpm-based system.

  1. Make sure you have the following rpm-packages installed from from your favourite distribution. Any version should do.
    • rpm-build
    • wget
    • A package that provides the ttmkfdir utility. For example
      • For Fedora Core and Red Hat Enterprise Linux 4, ttmkfdir
      • For old redhat releases, XFree86-font-utils
      • For mandrake-8.2, freetype-tools
  2. Install the cabextract utility. For users of Fedora Core it is available from extras. Others may want to compile it themselves from source, or download the source rpm from fedora extras and rebuild.
  3. Download the latest msttcorefonts spec file from here
  4. If you haven’t done so already, set up an rpm build environment in your home directory. You can to this by adding the line %_topdir %(echo $HOME)/rpmbuild to your $HOME/.rpmmacros and create the directories $HOME/rpmbuild/BUILD and $HOME/rpmbuild/RPMS/noarch
  5. Build the binary rpm with this command:
    $ rpmbuild -bb msttcorefonts-2.0-1.spec

    This will download the fonts from a Sourcforge mirror (about 8 megs) and repackage them so that they can be easily installed.

  6. Install the newly built rpm using the following command (you will need to be root):
    # rpm -ivh $HOME/rpmbuild/RPMS/noarch/msttcorefonts-2.0-1.noarch.rpm

Sounds like fun. Let’s try and see if we’re lucky.

yum install wget rpm-build cabextract

Cool! rpm-build was installed! but wait, how about wget and cabextract? It didn’t mention those!

wget is probably installed, but let’s try anyway:

$ wget
wget: missing URL
Usage: wget [OPTION]... [URL]...

Try `wget --help' for more options.

OK, how about cabextract?

$ cabextract
sh: cabextract: command not found

Well then, that’s wonderful. Thanks for mentioning that you didn’t install cabextract, yum.

Fortunately the good people at corefonts provided a link to the download for cabextract, and fortunately, my server is i386 (I know it doesn’t seem like it from the screenshot), so I can use the pre-built RPM. (For those who need it, the x86_64 package) Now to the final step.

$ wget -O - http://corefonts.sourceforge.net/msttcorefonts-2.0-1.spec | rpm -bb msttcorefonts-2.0-1.spec
Executing(%prep): /bin/sh -e /var/tmp/rpm-tmp.77304
+ umask 022+ cd /usr/src/redhat/BUILD

[… a hundred or so lines…]

Wrote: /usr/src/redhat/RPMS/noarch/msttcorefonts-2.0-1.noarch.rpm
Executing(%clean): /bin/sh -e /var/tmp/rpm-tmp.22861
+ umask 022
+ cd /usr/src/redhat/BUILD
+ '[' /var/tmp/msttcorefonts-root '!=' / ']'
+ rm -rf /var/tmp/msttcorefonts-root
+ exit 0

Phew, that’s a lot of output. Well exit 0, that’s good. Aaand “Wrote: /usr/src/redhat/RPMS/noarch/msttcorefonts-2.0-1.noarch.rpm”. cool!

And finally:

$ rpm -ivh /usr/src/redhat/RPMS/noarch/msttcorefonts-2.0-1.noarch.rpm
Preparing...                ########################################### [100%]
   1:msttcorefonts          ########################################### [100%]
$

(Another thing that bugs me – no success message! After all that, not even a Yay! Package installed!? I’m disappointed, rpm.)

For illustrative purposes, Debian:

# apt-get install msttcorefonts
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following extra packages will be installed:
  cabextract ttf-liberation ttf-mscorefonts-installer
The following NEW packages will be installed:
  cabextract msttcorefonts ttf-liberation ttf-mscorefonts-installer
0 upgraded, 4 newly installed, 0 to remove and 4 not upgraded.
Need to get 1103kB of archives.
After this operation, 2109kB of additional disk space will be used.
Do you want to continue [Y/n]? Y

[…]

All fonts downloaded and installed.
Updating fontconfig cache for /usr/share/fonts/truetype/msttcorefonts
Setting up msttcorefonts (2.7) ...
Setting up ttf-liberation (1.04.93-1) ...
Updating fontconfig cache for /usr/share/fonts/truetype/ttf-liberation

Wasn’t that easier? Also, a nice plain English message saying what was done: “All fonts downloaded and installed.” Take notes, rpm.

For completeness’ sake, Arch:

$ yaourt -S ttf-ms-fonts

==> Downloading ttf-ms-fonts PKGBUILD from AUR...
x PKGBUILD
x ttf-ms-fonts.install
x LICENSE

[…]

==> ttf-ms-fonts dependencies:
 - fontconfig (already installed)
 - xorg-fonts-encodings (already installed)
 - xorg-font-utils (already installed)
 - cabextract (package found)

[…]

Targets (1): ttf-ms-fonts-2.0-8

Total Download Size:    0.00 MB
Total Installed Size:   5.49 MB

Proceed with installation? [Y/n]
(1/1) checking package integrity                                         [########################################] 100%
(1/1) checking for file conflicts                                        [########################################] 100%
(1/1) installing ttf-ms-fonts                                            [########################################] 100%
Updating font cache... done.
$

A bit more user interaction, but that’s the point of Arch.

So, to summarize:

Arch/Debian package management > rpm package management (CentOS).

And that’s the end of my rant for today.

Quick and dirty bash script to apt-get update all OpenVZ containers

By , 2011-11-30 22:29

It’s a bit of a pain having to run upgrades on all servers. I could of course, set up unattended upgrades, but I always liked initiating the upgrade process myself. So I wrote a little bash script that will initiate apt-get update and apt-get upgrade on all running OpenVZ containers.

Note that this only works for Debian-based distros. So Debian, *buntu, Linux Mint and the like.

It’s very rough, no error-handling or safeguards, so use at your own risk. Works for me, but YMMV.

#!/bin/bash
#Delete temp file
rm /tmp/tmp-script.sh
#Get running VZ
CTIDS=$(vzlist | awk '{print $1}' | sed -e '/CTID/d' -e ':a;N;$!ba;s/\n/ /g' )
# Echo list of running IDs
echo "$CTIDS"
CTIDarray=($CTIDS)
for x in ${CTIDarray[@]}
do
    echo "#/bin/bash" > /tmp/tmp-script.sh
    chmod +x /tmp/tmp-script.sh
    echo vzctl exec $x "apt-get update &&;  apt-get -y upgrade" >> /tmp/tmp-script.sh
    screen -d -m /tmp/tmp-script.sh
done
#Delete temp file
rm /tmp/tmp-script.sh
#Show running screens
screen -x

First, we rm the /tmp/tmp-script.sh. Starting off with very bad form, I know, feeling lazy right now. Then I use awk and sed to get the IDs of running containers from the output of the vzlist command, and place them on a single line, separated by spaces. Those IDs are than put in an array, so that the update command can be called using a for loop.

For some reason, I couldn’t get screen to launch the

vzctl exec $x "apt-get update &&  apt-get -y upgrade"

command directly, hence the hideous use of a temp file. If anyone can fix/improve this, I would be glad to hear from you!

Quick bash script to restore all OpenVZ dumps

By , 2011-10-05 22:57

This script will read the container ID from the file name, and use it to restore the tgz dump to the same ID on the new OpenVZ/Proxmox server.

Note that this only works if the default name for the vzdumps is kept, and it only works for the next 89 years, because I’m lazy.

Thanks to
http://www.cyberciti.biz/faq/bash-loop-over-file/ and http://bashcurescancer.com/10-steps-to-beautiful-shell-scripts.html

#!/bin/bash
VZDUMPS=/path/to/backups/*.tgz
for f in $VZDUMPS
 
do
        f2=${f#*openvz-}
        VEID=${f2%-20*}
        echo "Restoring $f to $VEID"
        vzrestore $f $VEID
done

Redirecting a port to another host on same LAN using iptables

By , 2010-11-27 22:53

I have a strange situation where I want to redirect a specific port on one host to another host. That is, traffic to 192.168.1.100:8080 => 192.168.1.101:8080.

Found the answer on LQ forums.

iptables -A PREROUTING -t nat -p tcp -d 192.168.1.100 --dport 8080 -j DNAT --to-destination 192.168.1.101
iptables -A POSTROUTING -t nat -p tcp -d 192.168.1.101 --dport 8080 -j SNAT --to-source 192.168.1.100

Don’t ask me why this works. It just does. Well, the first line makes sense, but I have no idea what the second is doing.

After looking at the rule in Webmin, I think I figured it out.

  1. When a packet arrives at this computer, if protocol is TCP and destination is 192.168.1.100/32 (local IP) and destination port is 8080 then Destination NAT (change destination IP) to 192.168.1.101
  2. When a packet leaves this computer, if protocol is TCP and destination is 192.168.1.101/32 and destination port is 8080 (as would be the case for any packet modified by the above rule), then Source NAT (change source IP) to 192.168.1.100. (This ensures that the remote host .101 returns any packets via this computer, .100, rather than simply attempting to send them to the original requesting host.)

Update: This even works on an OpenVZ container! Just need to enable iptables nat in the vz config on the hardware node (VM host) [source].

nano /etc/vz/vz.conf

Then do Control W and SEARCH for IPTABLES

Comment out (by adding a # symbol to the line ) the current IPTABLES= line

and then copy/paste and add this line directly underneath the line you just commented out.

IPTABLES="ipt_REJECT ipt_recent ipt_owner ipt_REDIRECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp"

It is important to make sure this is all in 1 line and that it does not wrap.

Now Control-S and save – overwriting the current file.

Finally do an /etc/init.d/vz restart
to restart openVZ.

Custom theme by me. Based on Panorama by Themocracy